#undef FIONBIO
#endif
+#if defined(OPENSSL_SYS_BEOS_R5)
+#include <fcntl.h>
+#endif
+
#undef PROG
#define PROG s_client_main
extern int verify_depth;
extern int verify_error;
+extern int verify_return_error;
#ifdef FIONBIO
static int c_nbio=0;
BIO_printf(bio_c_out, "Received PSK identity hint '%s'\n", hint);
/* lookup PSK identity and PSK key based on the given identity hint here */
- ret = snprintf(identity, max_identity_len, psk_identity);
+ ret = BIO_snprintf(identity, max_identity_len, psk_identity);
if (ret < 0 || (unsigned int)ret > max_identity_len)
goto out_err;
if (c_debug)
BIO_printf(bio_err," -starttls prot - use the STARTTLS command before starting TLS\n");
BIO_printf(bio_err," for those protocols that support it, where\n");
BIO_printf(bio_err," 'prot' defines which one to assume. Currently,\n");
- BIO_printf(bio_err," only \"smtp\" and \"pop3\" are supported.\n");
+ BIO_printf(bio_err," only \"smtp\", \"pop3\", \"imap\", and \"ftp\" are supported.\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n");
#endif
}
#endif
+enum
+{
+ PROTO_OFF = 0,
+ PROTO_SMTP,
+ PROTO_POP3,
+ PROTO_IMAP,
+ PROTO_FTP
+};
+
int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
int off=0;
- SSL *con=NULL,*con2=NULL;
+ SSL *con=NULL;
X509_STORE *store = NULL;
int s,k,width,state=0;
char *cbuf=NULL,*sbuf=NULL,*mbuf=NULL;
int write_tty,read_tty,write_ssl,read_ssl,tty_on,ssl_pending;
SSL_CTX *ctx=NULL;
int ret=1,in_init=1,i,nbio_test=0;
- int starttls_proto = 0;
+ int starttls_proto = PROTO_OFF;
int prexit = 0, vflags = 0;
const SSL_METHOD *meth=NULL;
int socket_type=SOCK_STREAM;
BIO *sbio;
char *inrand=NULL;
+ int mbuf_len=0;
#ifndef OPENSSL_NO_ENGINE
char *engine_id=NULL;
ENGINE *e=NULL;
#endif
-#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE)
+#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5)
struct timeval tv;
+#if defined(OPENSSL_SYS_BEOS_R5)
+ int stdin_set = 0;
+#endif
#endif
#ifndef OPENSSL_NO_TLSEXT
vflags |= X509_V_FLAG_CRL_CHECK;
else if (strcmp(*argv,"-crl_check_all") == 0)
vflags |= X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL;
+ else if (strcmp(*argv,"-verify_return_error") == 0)
+ verify_return_error = 1;
else if (strcmp(*argv,"-prexit") == 0)
prexit=1;
else if (strcmp(*argv,"-crlf") == 0)
if (--argc < 1) goto bad;
++argv;
if (strcmp(*argv,"smtp") == 0)
- starttls_proto = 1;
+ starttls_proto = PROTO_SMTP;
else if (strcmp(*argv,"pop3") == 0)
- starttls_proto = 2;
+ starttls_proto = PROTO_POP3;
+ else if (strcmp(*argv,"imap") == 0)
+ starttls_proto = PROTO_IMAP;
+ else if (strcmp(*argv,"ftp") == 0)
+ starttls_proto = PROTO_FTP;
else
goto bad;
}
{
con->debug=1;
BIO_set_callback(sbio,bio_dump_callback);
- BIO_set_callback_arg(sbio,bio_c_out);
+ BIO_set_callback_arg(sbio,(char *)bio_c_out);
}
if (c_msg)
{
sbuf_off=0;
/* This is an ugly hack that does a lot of assumptions */
- if (starttls_proto == 1)
+ /* We do have to handle multi-line responses which may come
+ in a single packet or not. We therefore have to use
+ BIO_gets() which does need a buffering BIO. So during
+ the initial chitchat we do push a buffering BIO into the
+ chain that is removed again later on to not disturb the
+ rest of the s_client operation. */
+ if (starttls_proto == PROTO_SMTP)
{
- BIO_read(sbio,mbuf,BUFSIZZ);
+ int foundit=0;
+ BIO *fbio = BIO_new(BIO_f_buffer());
+ BIO_push(fbio, sbio);
+ /* wait for multi-line response to end from SMTP */
+ do
+ {
+ mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ);
+ }
+ while (mbuf_len>3 && mbuf[3]=='-');
+ /* STARTTLS command requires EHLO... */
+ BIO_printf(fbio,"EHLO openssl.client.net\r\n");
+ BIO_flush(fbio);
+ /* wait for multi-line response to end EHLO SMTP response */
+ do
+ {
+ mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ);
+ if (strstr(mbuf,"STARTTLS"))
+ foundit=1;
+ }
+ while (mbuf_len>3 && mbuf[3]=='-');
+ BIO_flush(fbio);
+ BIO_pop(fbio);
+ BIO_free(fbio);
+ if (!foundit)
+ BIO_printf(bio_err,
+ "didn't found starttls in server response,"
+ " try anyway...\n");
BIO_printf(sbio,"STARTTLS\r\n");
BIO_read(sbio,sbuf,BUFSIZZ);
}
- if (starttls_proto == 2)
+ else if (starttls_proto == PROTO_POP3)
{
BIO_read(sbio,mbuf,BUFSIZZ);
BIO_printf(sbio,"STLS\r\n");
BIO_read(sbio,sbuf,BUFSIZZ);
}
+ else if (starttls_proto == PROTO_IMAP)
+ {
+ int foundit=0;
+ BIO *fbio = BIO_new(BIO_f_buffer());
+ BIO_push(fbio, sbio);
+ BIO_gets(fbio,mbuf,BUFSIZZ);
+ /* STARTTLS command requires CAPABILITY... */
+ BIO_printf(fbio,". CAPABILITY\r\n");
+ BIO_flush(fbio);
+ /* wait for multi-line CAPABILITY response */
+ do
+ {
+ mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ);
+ if (strstr(mbuf,"STARTTLS"))
+ foundit=1;
+ }
+ while (mbuf_len>3 && mbuf[0]!='.');
+ BIO_flush(fbio);
+ BIO_pop(fbio);
+ BIO_free(fbio);
+ if (!foundit)
+ BIO_printf(bio_err,
+ "didn't found STARTTLS in server response,"
+ " try anyway...\n");
+ BIO_printf(sbio,". STARTTLS\r\n");
+ BIO_read(sbio,sbuf,BUFSIZZ);
+ }
+ else if (starttls_proto == PROTO_FTP)
+ {
+ BIO *fbio = BIO_new(BIO_f_buffer());
+ BIO_push(fbio, sbio);
+ /* wait for multi-line response to end from FTP */
+ do
+ {
+ mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ);
+ }
+ while (mbuf_len>3 && mbuf[3]=='-');
+ BIO_flush(fbio);
+ BIO_pop(fbio);
+ BIO_free(fbio);
+ BIO_printf(sbio,"AUTH TLS\r\n");
+ BIO_read(sbio,sbuf,BUFSIZZ);
+ }
for (;;)
{
{
in_init=0;
#ifndef OPENSSL_NO_TLSEXT
- if (servername != NULL && !SSL_session_reused(con))
- {
- BIO_printf(bio_c_out,"Server did %sacknowledge servername extension.\n",tlsextcbp.ack?"":"not ");
- }
+ if (servername != NULL && !SSL_session_reused(con))
+ {
+ BIO_printf(bio_c_out,"Server did %sacknowledge servername extension.\n",tlsextcbp.ack?"":"not ");
+ }
#endif
print_stuff(bio_c_out,con,full_log);
if (full_log > 0) full_log--;
{
BIO_printf(bio_err,"%s",mbuf);
/* We don't need to know any more */
- starttls_proto = 0;
+ starttls_proto = PROTO_OFF;
}
if (reconnect)
if (!ssl_pending)
{
-#if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE)
+#if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE) && !defined (OPENSSL_SYS_BEOS_R5)
if (tty_on)
{
- if (read_tty) FD_SET(fileno(stdin),&readfds);
- if (write_tty) FD_SET(fileno(stdout),&writefds);
+ if (read_tty) openssl_fdset(fileno(stdin),&readfds);
+ if (write_tty) openssl_fdset(fileno(stdout),&writefds);
}
if (read_ssl)
- FD_SET(SSL_get_fd(con),&readfds);
+ openssl_fdset(SSL_get_fd(con),&readfds);
if (write_ssl)
- FD_SET(SSL_get_fd(con),&writefds);
+ openssl_fdset(SSL_get_fd(con),&writefds);
#else
if(!tty_on || !write_tty) {
if (read_ssl)
- FD_SET(SSL_get_fd(con),&readfds);
+ openssl_fdset(SSL_get_fd(con),&readfds);
if (write_ssl)
- FD_SET(SSL_get_fd(con),&writefds);
+ openssl_fdset(SSL_get_fd(con),&writefds);
}
#endif
/* printf("mode tty(%d %d%d) ssl(%d%d)\n",
} else i=select(width,(void *)&readfds,(void *)&writefds,
NULL,NULL);
}
+#elif defined(OPENSSL_SYS_BEOS_R5)
+ /* Under BeOS-R5 the situation is similar to DOS */
+ i=0;
+ stdin_set = 0;
+ (void)fcntl(fileno(stdin), F_SETFL, O_NONBLOCK);
+ if(!write_tty) {
+ if(read_tty) {
+ tv.tv_sec = 1;
+ tv.tv_usec = 0;
+ i=select(width,(void *)&readfds,(void *)&writefds,
+ NULL,&tv);
+ if (read(fileno(stdin), sbuf, 0) >= 0)
+ stdin_set = 1;
+ if (!i && (stdin_set != 1 || !read_tty))
+ continue;
+ } else i=select(width,(void *)&readfds,(void *)&writefds,
+ NULL,NULL);
+ }
+ (void)fcntl(fileno(stdin), F_SETFL, 0);
#else
i=select(width,(void *)&readfds,(void *)&writefds,
NULL,NULL);
goto shut;
}
}
-#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE)
- /* Assume Windows/DOS can always write */
+#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5)
+ /* Assume Windows/DOS/BeOS can always write */
else if (!ssl_pending && write_tty)
#else
else if (!ssl_pending && FD_ISSET(fileno(stdout),&writefds))
#endif
#elif defined (OPENSSL_SYS_NETWARE)
else if (_kbhit())
+#elif defined(OPENSSL_SYS_BEOS_R5)
+ else if (stdin_set)
#else
else if (FD_ISSET(fileno(stdin),&readfds))
#endif
}
}
shut:
+ if (in_init)
+ print_stuff(bio_c_out,con,full_log);
SSL_shutdown(con);
SHUTDOWN(SSL_get_fd(con));
ret=0;
end:
- if(prexit) print_stuff(bio_c_out,con,1);
- if (con != NULL) SSL_free(con);
- if (con2 != NULL) SSL_free(con2);
+ if (con != NULL)
+ {
+ if (prexit != 0)
+ print_stuff(bio_c_out,con,1);
+ SSL_free(con);
+ }
if (ctx != NULL) SSL_CTX_free(ctx);
if (cert)
X509_free(cert);