diff options
-rw-r--r-- | src/src/functions.h | 2 | ||||
-rw-r--r-- | src/src/receive.c | 10 | ||||
-rw-r--r-- | src/src/tlscert-gnu.c | 24 | ||||
-rw-r--r-- | src/src/tlscert-openssl.c | 17 |
4 files changed, 24 insertions, 29 deletions
diff --git a/src/src/functions.h b/src/src/functions.h index b9af77dde..c71bcb6a7 100644 --- a/src/src/functions.h +++ b/src/src/functions.h @@ -59,7 +59,7 @@ extern void tls_free_cert(void **); extern int tls_getc(unsigned); extern uschar *tls_getbuf(unsigned *); extern void tls_get_cache(void); -extern int tls_import_cert(const uschar *, void **); +extern BOOL tls_import_cert(const uschar *, void **); extern int tls_read(void *, uschar *, size_t); extern int tls_server_start(const uschar *, uschar **); extern BOOL tls_smtp_buffered(void); diff --git a/src/src/receive.c b/src/src/receive.c index 6b5a28d31..ada3ca519 100644 --- a/src/src/receive.c +++ b/src/src/receive.c @@ -3837,7 +3837,6 @@ else string_from_gstring(g), istemp, string_printing(errmsg)); if (smtp_input) - { if (!smtp_batched_input) { smtp_respond(smtp_code, 3, TRUE, errmsg); @@ -3848,7 +3847,6 @@ else else moan_smtp_batch(NULL, "%s %s", smtp_code, errmsg); /* Does not return */ - } else { fseek(spool_data_file, (long int)SPOOL_DATA_START_OFFSET, SEEK_SET); @@ -4026,18 +4024,14 @@ if (proxy_session && LOGGING(proxy)) if (chunking_state > CHUNKING_OFFERED) g = string_catn(g, US" K", 2); -sprintf(CS big_buffer, "%d", msg_size); -g = string_append(g, 2, US" S=", big_buffer); +g = string_fmt_append(g, " S=%d", msg_size); /* log 8BITMIME mode announced in MAIL_FROM 0 ... no BODY= used 7 ... 7BIT 8 ... 8BITMIME */ if (LOGGING(8bitmime)) - { - sprintf(CS big_buffer, "%d", body_8bitmime); - g = string_append(g, 2, US" M8S=", big_buffer); - } + g = string_fmt_append(g, " M8S=%d", body_8bitmime); #ifndef DISABLE_DKIM if (LOGGING(dkim) && dkim_verify_overall) diff --git a/src/src/tlscert-gnu.c b/src/src/tlscert-gnu.c index f4d53601f..a09fda0b9 100644 --- a/src/src/tlscert-gnu.c +++ b/src/src/tlscert-gnu.c @@ -20,7 +20,10 @@ tls.c when USE_GNUTLS has been set. /***************************************************** * Export/import a certificate, binary/printable -*****************************************************/ +****************************************************** +Return: boolean success +*/ + BOOL tls_export_cert(uschar * buf, size_t buflen, void * cert) { @@ -34,7 +37,7 @@ if ((fail = gnutls_x509_crt_export((gnutls_x509_crt_t)cert, { log_write(0, LOG_MAIN, "TLS error in certificate export: %s", gnutls_strerror(fail)); - return 0; + return FALSE; } if ((cp = string_printing(buf)) != buf) { @@ -46,13 +49,14 @@ store_reset(reset_point); return !fail; } -int +/* On error, NULL out the destination */ +BOOL tls_import_cert(const uschar * buf, void ** cert) { rmark reset_point = store_mark(); gnutls_datum_t datum; gnutls_x509_crt_t crt = *(gnutls_x509_crt_t *)cert; -int fail = 0; +int rc; if (crt) gnutls_x509_crt_deinit(crt); @@ -63,17 +67,15 @@ gnutls_x509_crt_init(&crt); datum.data = string_unprinting(US buf); datum.size = Ustrlen(datum.data); -if ((fail = gnutls_x509_crt_import(crt, &datum, GNUTLS_X509_FMT_PEM))) +if ((rc = gnutls_x509_crt_import(crt, &datum, GNUTLS_X509_FMT_PEM))) { log_write(0, LOG_MAIN, "TLS error in certificate import: %s", - gnutls_strerror(fail)); - fail = 1; + gnutls_strerror(rc)); + crt = NULL; } -else - *cert = (void *)crt; - +*cert = (void *)crt; store_reset(reset_point); -return fail; +return rc != 0; } void diff --git a/src/src/tlscert-openssl.c b/src/src/tlscert-openssl.c index 845c3014f..403dc4236 100644 --- a/src/src/tlscert-openssl.c +++ b/src/src/tlscert-openssl.c @@ -33,7 +33,9 @@ library. It is #included into the tls.c file when that library is used. /***************************************************** * Export/import a certificate, binary/printable -*****************************************************/ +****************************************************** +Return booolean success +*/ BOOL tls_export_cert(uschar * buf, size_t buflen, void * cert) { @@ -62,29 +64,26 @@ BIO_free(bp); return !fail; } -int +/* On error, NULL out the destination */ +BOOL tls_import_cert(const uschar * buf, void ** cert) { rmark reset_point = store_mark(); const uschar * cp = string_unprinting(US buf); BIO * bp; X509 * x = *(X509 **)cert; -int fail = 0; if (x) X509_free(x); bp = BIO_new_mem_buf(US cp, -1); if (!(x = PEM_read_bio_X509(bp, NULL, 0, NULL))) - { log_write(0, LOG_MAIN, "TLS error in certificate import: %s", ERR_error_string(ERR_get_error(), NULL)); - fail = 1; - } -else - *cert = (void *)x; + +*cert = (void *)x; BIO_free(bp); store_reset(reset_point); -return fail; +return !!x; } void |