diff options
Diffstat (limited to 'src/tls/tls_proxy_client_misc.c')
-rw-r--r-- | src/tls/tls_proxy_client_misc.c | 192 |
1 files changed, 192 insertions, 0 deletions
diff --git a/src/tls/tls_proxy_client_misc.c b/src/tls/tls_proxy_client_misc.c new file mode 100644 index 0000000..3bf7369 --- /dev/null +++ b/src/tls/tls_proxy_client_misc.c @@ -0,0 +1,192 @@ +/*++ +/* NAME +/* tls_proxy_client_misc 3 +/* SUMMARY +/* TLS_CLIENT_XXX structure support +/* SYNOPSIS +/* #include <tls_proxy.h> +/* +/* TLS_CLIENT_PARAMS *tls_proxy_client_param_from_config(params) +/* TLS_CLIENT_PARAMS *params; +/* +/* char *tls_proxy_client_param_to_string(buf, params) +/* VSTRING *buf; +/* TLS_CLIENT_PARAMS *params; +/* +/* char *tls_proxy_client_param_with_names_to_string(buf, params) +/* VSTRING *buf; +/* TLS_CLIENT_PARAMS *params; +/* +/* char *tls_proxy_client_init_to_string(buf, init_props) +/* VSTRING *buf; +/* TLS_CLIENT_INIT_PROPS *init_props; +/* DESCRIPTION +/* tls_proxy_client_param_from_config() initializes a TLS_CLIENT_PARAMS +/* structure from configuration parameters and returns its +/* argument. Strings are not copied. The result must therefore +/* not be passed to tls_proxy_client_param_free(). +/* +/* tls_proxy_client_param_to_string() produces a lookup key +/* that is unique for the TLS_CLIENT_PARAMS member values. +/* +/* tls_proxy_client_param_with_names_to_string() produces a +/* string with "name = value\n" for each TLS_CLIENT_PARAMS +/* member. This may be useful for reporting differences between +/* TLS_CLIENT_PARAMS instances. +/* +/* tls_proxy_client_init_to_string() produces a lookup key +/* that is unique for the properties received by +/* tls_proxy_client_init_scan(). +/* +/* tls_proxy_client_init_with_names_to_string() produces a +/* string with "name = value\n" for each TLS_CLIENT_INIT_PROPS +/* member. This may be useful for reporting differences between +/* TLS_CLIENT_INIT_PROPS instances. +/* LICENSE +/* .ad +/* .fi +/* The Secure Mailer license must be distributed with this software. +/* AUTHOR(S) +/* Wietse Venema +/* Google, Inc. +/* 111 8th Avenue +/* New York, NY 10011, USA +/*--*/ + +#ifdef USE_TLS + +/* System library. */ + +#include <sys_defs.h> + +/* Utility library */ + +#include <attr.h> +#include <msg.h> + +/* Global library. */ + +#include <mail_params.h> + +/* TLS library. */ + +#include <tls.h> +#include <tls_proxy.h> + +/* tls_proxy_client_param_from_config - initialize TLS_CLIENT_PARAMS from configuration */ + +TLS_CLIENT_PARAMS *tls_proxy_client_param_from_config(TLS_CLIENT_PARAMS *params) +{ + TLS_PROXY_PARAMS(params, + tls_cnf_file = var_tls_cnf_file, + tls_cnf_name = var_tls_cnf_name, + tls_high_clist = var_tls_high_clist, + tls_medium_clist = var_tls_medium_clist, + tls_low_clist = var_tls_low_clist, + tls_export_clist = var_tls_export_clist, + tls_null_clist = var_tls_null_clist, + tls_eecdh_auto = var_tls_eecdh_auto, + tls_eecdh_strong = var_tls_eecdh_strong, + tls_eecdh_ultra = var_tls_eecdh_ultra, + tls_bug_tweaks = var_tls_bug_tweaks, + tls_ssl_options = var_tls_ssl_options, + tls_dane_digests = var_tls_dane_digests, + tls_mgr_service = var_tls_mgr_service, + tls_tkt_cipher = var_tls_tkt_cipher, + tls_daemon_rand_bytes = var_tls_daemon_rand_bytes, + tls_append_def_CA = var_tls_append_def_CA, + tls_bc_pkey_fprint = var_tls_bc_pkey_fprint, + tls_preempt_clist = var_tls_preempt_clist, + tls_multi_wildcard = var_tls_multi_wildcard); + return (params); +} + +/* tls_proxy_client_param_to_string - serialize TLS_CLIENT_PARAMS to string */ + +char *tls_proxy_client_param_to_string(VSTRING *buf, TLS_CLIENT_PARAMS *params) +{ + vstring_sprintf(buf, "%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n" + "%s\n%s\n%d\n%d\n%d\n%d\n%d\n", + params->tls_high_clist, params->tls_medium_clist, + params->tls_low_clist, params->tls_export_clist, + params->tls_null_clist, params->tls_eecdh_auto, + params->tls_eecdh_strong, params->tls_eecdh_ultra, + params->tls_bug_tweaks, params->tls_ssl_options, + params->tls_dane_digests, params->tls_mgr_service, + params->tls_tkt_cipher, params->tls_daemon_rand_bytes, + params->tls_append_def_CA, params->tls_bc_pkey_fprint, + params->tls_preempt_clist, params->tls_multi_wildcard); + return (vstring_str(buf)); +} + +/* tls_proxy_client_param_with_names_to_string - serialize TLS_CLIENT_PARAMS to string */ + +char *tls_proxy_client_param_with_names_to_string(VSTRING *buf, TLS_CLIENT_PARAMS *params) +{ + vstring_sprintf(buf, "%s = %s\n%s = %s\n%s = %s\n%s = %s\n%s = %s\n" + "%s = %s\n%s = %s\n%s = %s\n%s = %s\n%s = %s\n%s = %s\n" + "%s = %s\n%s = %s\n%s = %d\n" + "%s = %d\n%s = %d\n%s = %d\n%s = %d\n", + VAR_TLS_HIGH_CLIST, params->tls_high_clist, + VAR_TLS_MEDIUM_CLIST, params->tls_medium_clist, + VAR_TLS_LOW_CLIST, params->tls_low_clist, + VAR_TLS_EXPORT_CLIST, params->tls_export_clist, + VAR_TLS_NULL_CLIST, params->tls_null_clist, + VAR_TLS_EECDH_AUTO, params->tls_eecdh_auto, + VAR_TLS_EECDH_STRONG, params->tls_eecdh_strong, + VAR_TLS_EECDH_ULTRA, params->tls_eecdh_ultra, + VAR_TLS_BUG_TWEAKS, params->tls_bug_tweaks, + VAR_TLS_SSL_OPTIONS, params->tls_ssl_options, + VAR_TLS_DANE_DIGESTS, params->tls_dane_digests, + VAR_TLS_MGR_SERVICE, params->tls_mgr_service, + VAR_TLS_TKT_CIPHER, params->tls_tkt_cipher, + VAR_TLS_DAEMON_RAND_BYTES, params->tls_daemon_rand_bytes, + VAR_TLS_APPEND_DEF_CA, params->tls_append_def_CA, + VAR_TLS_BC_PKEY_FPRINT, params->tls_bc_pkey_fprint, + VAR_TLS_PREEMPT_CLIST, params->tls_preempt_clist, + VAR_TLS_MULTI_WILDCARD, params->tls_multi_wildcard); + return (vstring_str(buf)); +} + +/* tls_proxy_client_init_to_string - serialize to string */ + +char *tls_proxy_client_init_to_string(VSTRING *buf, + TLS_CLIENT_INIT_PROPS *props) +{ + vstring_sprintf(buf, "%s\n%s\n%d\n%s\n%s\n%s\n%s\n%s\n%s\n" + "%s\n%s\n%s\n%s\n%s\n", props->log_param, + props->log_level, props->verifydepth, + props->cache_type, props->chain_files, + props->cert_file, props->key_file, + props->dcert_file, props->dkey_file, + props->eccert_file, props->eckey_file, + props->CAfile, props->CApath, props->mdalg); + return (vstring_str(buf)); +} + +/* tls_proxy_client_init_with_names_to_string - serialize to string */ + +char *tls_proxy_client_init_with_names_to_string(VSTRING *buf, + TLS_CLIENT_INIT_PROPS *props) +{ + vstring_sprintf(buf, "%s = %s\n%s = %s\n%s = %d\n%s = %s\n%s = %s\n" + "%s = %s\n%s = %s\n%s = %s\n%s = %s\n%s = %s\n" + "%s = %s\n%s = %s\n%s = %s\n%s = %s\n", + TLS_ATTR_LOG_PARAM, props->log_param, + TLS_ATTR_LOG_LEVEL, props->log_level, + TLS_ATTR_VERIFYDEPTH, props->verifydepth, + TLS_ATTR_CACHE_TYPE, props->cache_type, + TLS_ATTR_CHAIN_FILES, props->chain_files, + TLS_ATTR_CERT_FILE, props->cert_file, + TLS_ATTR_KEY_FILE, props->key_file, + TLS_ATTR_DCERT_FILE, props->dcert_file, + TLS_ATTR_DKEY_FILE, props->dkey_file, + TLS_ATTR_ECCERT_FILE, props->eccert_file, + TLS_ATTR_ECKEY_FILE, props->eckey_file, + TLS_ATTR_CAFILE, props->CAfile, + TLS_ATTR_CAPATH, props->CApath, + TLS_ATTR_MDALG, props->mdalg); + return (vstring_str(buf)); +} + +#endif |