src/qmail-remote/tls.c


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75

/* ISC license. */

#include <unistd.h>
#include <limits.h>

#include <skalibs/types.h>
#include <skalibs/env.h>
#include <skalibs/cspawn.h>
#include <skalibs/djbunix.h>
#include <skalibs/exec.h>

#include <s6-networking/config.h>
#include <smtpd-starttls-proxy/config.h>

#include "qmailr.h"
#include "qmail-remote.h"

void run_tls (int fdr, char const *fmtip, unsigned int timeoutconnect, unsigned int timeoutremote, qmailr_tls const *qtls, size_t helopos, size_t const *eaddrpos, unsigned int n, char const *storage)
{
  int fdw = dup(fdr) ;
  unsigned int m = 0 ;
  char fmtr[UINT_FMT] ;
  char fmtw[UINT_FMT] ;
  char fmtt[UINT_FMT] ;
  char fmtk[UINT_FMT] ;
  char const *argv[20 + n] ;

  if (fdw == -1) qmailr_tempusys("duplicate file descriptor") ;
  if (!env_mexec("TLS_UID", 0) || !env_mexec("TLS_GID", 0)
   || !env_mexec(qtls->flagtadir ? "CADIR" : "CAFILE", storage + qtls->tapos)) dienomem() ;
  if (qtls->flagclientcert)
  {
    if (!env_mexec("CERTFILE", storage + qtls->certpos)
     || !env_mexec("KEYFILE", storage + qtls->keypos)) dienomem() ;
  }

  {
    int devnull = open_readb("/dev/null") ;
    if (devnull >= 0)
    {
      if (devnull < 3) qmailr_temp("weird fd configuration") ;
      fd_move(2, devnull) ;
    }
  }

  fmtr[uint_fmt(fmtr, (unsigned int)fdr)] = 0 ;
  fmtw[uint_fmt(fmtw, (unsigned int)fdw)] = 0 ;
  fmtt[uint_fmt(fmtt, timeoutremote)] = 0 ;
  fmtk[uint_fmt(fmtk, timeoutconnect > UINT_MAX/1000 ? UINT_MAX : timeoutconnect * 1000)] = 0 ;

  argv[m++] = S6_NETWORKING_EXTBINPREFIX "s6-tlsc" ;
  argv[m++] = "-Sjzv0" ;
  argv[m++] = "-K" ;
  argv[m++] = fmtk ;
  argv[m++] = "-6" ;
  argv[m++] = fmtr ;
  argv[m++] = "-7" ;
  argv[m++] = fmtw ;
  argv[m++] = "--" ;

  argv[m++] = SMTPD_STARTTLS_PROXY_LIBEXECPREFIX "qmail-remote-io" ;
  argv[m++] = "-t" ;
  argv[m++] = fmtt ;
  argv[m++] = "-6" ;
  argv[m++] = fmtr ;
  argv[m++] = "-7" ;
  argv[m++] = fmtw ;
  argv[m++] = "--" ;
  argv[m++] = fmtip ;
  argv[m++] = storage + helopos ;
  for (unsigned int i = 0 ; i < n ; i++) argv[m++] = storage + eaddrpos[i] ;
  argv[m++] = 0 ;
  mexec(argv) ;
  qmailr_tempusys("exec ", argv[0]) ;
}