1 /* $NetBSD: tlsproxy_state.c,v 1.2 2017/02/14 01:16:48 christos Exp $ */ 2 3 /*++ 4 /* NAME 5 /* tlsproxy_state 3 6 /* SUMMARY 7 /* Postfix SMTP server 8 /* SYNOPSIS 9 /* #include <tlsproxy.h> 10 /* 11 /* TLSP_STATE *tlsp_state_create(service, plaintext_stream) 12 /* const char *service; 13 /* VSTREAM *plaintext_stream; 14 /* 15 /* void tlsp_state_free(state) 16 /* TLSP_STATE *state; 17 /* DESCRIPTION 18 /* This module provides TLSP_STATE constructor and destructor 19 /* routines. 20 /* 21 /* tlsp_state_create() initializes session context. 22 /* 23 /* tlsp_state_free() destroys session context. 24 /* 25 /* Arguments: 26 /* .IP service 27 /* The service name for the TLS library. This argument is copied. 28 /* The destructor will automatically destroy the string. 29 /* .IP plaintext_stream 30 /* The VSTREAM between postscreen(8) and tlsproxy(8). 31 /* The destructor will automatically close the stream. 32 /* .PP 33 /* Other structure members are set by the application. The 34 /* text below describes how the TLSP_STATE destructor 35 /* disposes of them. 36 /* .IP plaintext_buf 37 /* NBBIO for plaintext I/O. 38 /* The destructor will automatically turn off read/write/timeout 39 /* events and destroy the NBBIO. 40 /* .IP ciphertext_fd 41 /* The file handle for the remote SMTP client socket. 42 /* The destructor will automatically turn off read/write events 43 /* and close the file handle. 44 /* .IP ciphertext_timer 45 /* The destructor will automatically turn off this time event. 46 /* .IP timeout 47 /* Time limit for plaintext and ciphertext I/O. 48 /* .IP remote_endpt 49 /* Printable remote endpoint name. 50 /* The destructor will automatically destroy the string. 51 /* .IP server_id 52 /* TLS session cache identifier. 53 /* The destructor will automatically destroy the string. 54 /* DIAGNOSTICS 55 /* All errors are fatal. 56 /* LICENSE 57 /* .ad 58 /* .fi 59 /* The Secure Mailer license must be distributed with this software. 60 /* AUTHOR(S) 61 /* Wietse Venema 62 /* IBM T.J. Watson Research 63 /* P.O. Box 704 64 /* Yorktown Heights, NY 10598, USA 65 /*--*/ 66 67 /* 68 * System library. 69 */ 70 #include <sys_defs.h> 71 72 /* 73 * Utility library. 74 */ 75 #include <msg.h> 76 #include <mymalloc.h> 77 #include <nbbio.h> 78 79 /* 80 * Master library. 81 */ 82 #include <mail_server.h> 83 84 /* 85 * TLS library. 86 */ 87 #ifdef USE_TLS 88 #define TLS_INTERNAL /* XXX */ 89 #include <tls.h> 90 91 /* 92 * Application-specific. 93 */ 94 #include <tlsproxy.h> 95 96 /* tlsp_state_create - create TLS proxy state object */ 97 98 TLSP_STATE *tlsp_state_create(const char *service, 99 VSTREAM *plaintext_stream) 100 { 101 TLSP_STATE *state = (TLSP_STATE *) mymalloc(sizeof(*state)); 102 103 state->flags = TLSP_FLAG_DO_HANDSHAKE; 104 state->service = mystrdup(service); 105 state->plaintext_stream = plaintext_stream; 106 state->plaintext_buf = 0; 107 state->ciphertext_fd = -1; 108 state->ciphertext_timer = 0; 109 state->timeout = -1; 110 state->remote_endpt = 0; 111 state->server_id = 0; 112 state->tls_context = 0; 113 114 return (state); 115 } 116 117 /* tlsp_state_free - destroy state objects, connection and events */ 118 119 void tlsp_state_free(TLSP_STATE *state) 120 { 121 myfree(state->service); 122 if (state->plaintext_buf) /* turns off plaintext events */ 123 nbbio_free(state->plaintext_buf); 124 event_server_disconnect(state->plaintext_stream); 125 if (state->ciphertext_fd >= 0) { 126 event_disable_readwrite(state->ciphertext_fd); 127 (void) close(state->ciphertext_fd); 128 } 129 if (state->ciphertext_timer) 130 event_cancel_timer(state->ciphertext_timer, (void *) state); 131 if (state->remote_endpt) { 132 msg_info("DISCONNECT %s", state->remote_endpt); 133 myfree(state->remote_endpt); 134 } 135 if (state->server_id) 136 myfree(state->server_id); 137 if (state->tls_context) 138 tls_free_context(state->tls_context); 139 myfree((void *) state); 140 } 141 142 #endif 143