aboutsummaryrefslogtreecommitdiffstats
path: root/socket.c
Commit message (Collapse)AuthorAgeFilesLines
* socket.c: add reference to README.SSL in error messageMatthias Andree2020-03-301-1/+2
| | | | | | | and fix a typo in README.SSL. The reference will be printed if there is no trust anchor. Fixes #4 (Gitlab issue).
* Fix garbage at end of plugin string with %h and/or %pMatthias Andree2020-03-291-2/+3
| | | | | | | | | | | Commit 418cda65 from merge request !5 fixed an input buffer overrun but at the same time caused the terminating NUL byte in the output buffer to be written too late, 2 bytes per placeholder. Fix the size calculation for correctness, and use the output index and not the output length to terminate the output string. Fixes #16, reported by Stefan Thurner. [All references for Gitlab.]
* Rename s -> vecsiz (vector size) to hint to its purposeMatthias Andree2020-03-291-4/+4
|
* socket.c: Make SockKeepalive static, and readability variable renames.Matthias Andree2019-09-271-9/+9
|
* Align with legacy_6x.Matthias Andree2019-08-251-4/+10
| | | | | | * Normalize include order. * Backport missed bug fixes. * Remove dead code.
* fetchmail no longer reports System error during SSL_connect(): Success.Matthias Andree2019-08-051-3/+6
| | | | Fixes Debian Bug#928916, reported by Paul Kimoto.
* Bump copyrights, and bump version to beta6.Matthias Andree2019-08-051-1/+4
|
* FreeBSD cleanups to header shuffling.Matthias Andree2019-08-051-4/+1
|
* Replace most strncpy() by strlcpy() calls.Matthias Andree2019-05-121-1/+1
|
* Enable OpenSSL >= 1.0.2 native name verification.Matthias Andree2019-01-271-0/+22
|
* Make compatible with a pure OpenSSL 1.1.0 API, ...Matthias Andree2018-06-061-1/+8
| | | | | ...when deprecated functions are disabled, for instance, through -DOPENSSL_API_COMPAT=0x10100000L.
* Add a FIXME comment.Matthias Andree2017-08-111-0/+2
|
* Do not overrun plugin string when copying it.Alexander Bluhm2017-08-101-1/+1
| | | | | | | | parse_plugin() expands the % in plugin string to plugin_copy. It checks that is does not write behind the end of the destination memory, but the source length was not checked. This resulted in reading from a possibly invalid memory location which may cause a segmentation fault. Add a check for the string length of the source.
* Cast argument to quiet -Wformat warning in C89 mode.Matthias Andree2017-04-231-1/+1
|
* Reformat.Matthias Andree2017-02-111-2/+2
|
* TLS: set hostname for SNI.Matthias Andree2017-02-111-0/+14
|
* Initial TLSv1.3 support code.Matthias Andree2017-02-111-1/+27
|
* Fixup protocol version handling in OpenSSL 1.0.X.Matthias Andree2016-12-121-0/+4
|
* Support for Debian/Ubuntu mutilated SSLv3 support.Matthias Andree2016-12-121-0/+4
| | | | | | | | | | Ubuntu 16.04 LTS, in a misguided attempt to avoid SSLv3 without breaking the API, does not declare SSLv3 unsupported through the headers, so applications can only detect this situation at run-time. The symptom is that SSL_CTX_new errors out with SSL_R_NULL_SSL_METHOD_PASSED on the error stack, issue an additional note telling the user to select a newer version.
* OpenSSL 1.1.0 API support.Matthias Andree2016-12-121-4/+76
| | | | | | | This avoids functions marked deprecated in OpenSSL 1.1.0. At the same time, warn about unsupported use of LibreSSL, and treat LibreSSL the same as OpenSSL 1.0.X WRT protocol version logic.
* Refactor OpenSSL protocol version selection logic.Matthias Andree2016-12-121-44/+54
|
* Bump OpenSSL requirement to v1.0.2.Matthias Andree2016-12-111-2/+2
|
* Really try to continue if OpenSSL lib newer than headers used at compile-time.Matthias Andree2016-04-241-1/+0
|
* Enable TLS 1.1/1.2 options on LibreSSL.Matthias Andree2016-04-241-2/+2
| | | | LibreSSL does not provide a TLS_MAX_VERSION, so do not refer to it.
* Avoid another C99-style comment.Matthias Andree2016-01-301-3/+2
|
* Avoid C99-style comment.Matthias Andree2016-01-301-2/+1
|
* Add OpenSSL version sanity checking.Matthias Andree2016-01-301-1/+24
|
* Support ssl3+ tls1.1, tls1.2 in --sslproto. Report TLS1.1/1.2 if unsupported ↵Matthias Andree2015-04-111-2/+19
| | | | | | by OpenSSL. Uses TLS_MAX_VERSION checks against TLS1_1_VERSION or TLS1_2_VERSION.
* Fix typo regarding SSL_OP_NO_SSLv3, and carry over one basic block from ↵Matthias Andree2015-04-111-2/+7
| | | | master branch.
* Detect/report server hang-up in SSL_connect().Matthias Andree2015-04-081-1/+12
| | | | | | This condition does not leave traces in the SSL error queue, and must be checked explicitly. Result from debugging Jerry Seibert's issue with outlook.com/pop3.live.com.
* TLS overhaul, bumping version to 6.4Matthias Andree2015-01-261-11/+17
| | | | | | | | | | | | | | | Removes SSLv2, enables TLSv1.1 and v1.2 more easily, permits SSLv3 (only if specified) and newer TLSv1.1+ for STLS/STARTTLS. Only negotiates TLSv1 and newer by default, SSLv3 must now be specified explicitly, as a consequence of the POODLE attack. This is meant to be a minimally upgraded version, and cannot be usefully done as a 6.3.X release. It is strongly recommended that users review their configuration - especially --sslproto - per instructions in the NEWS file and manual page. It has changed semantics and in many cases --sslproto auto or perhaps --sslproto tls1.2+ should be used now.
* Also report SSL/TLS protocol version in verbose mode.Matthias Andree2015-01-161-2/+6
|
* Report SSL/TLS cipher, in verbose mode.Matthias Andree2015-01-161-0/+14
| | | | (socket.c cherry-pick from master)
* Also recognize OPENSSL_NO_SSLx.Matthias Andree2015-01-161-2/+2
| | | | | These are the macros OpenSSL defines when configured with no-ssl2 or no-ssl3, the actual macro names are OPENSSL_NO_SSL2 and OPENSSL_NO_SSL3.
* Permit build on SSLv3-disabled OpenSSL,Matthias Andree2015-01-161-1/+6
| | | | | | | providing that these also omit the declaration of SSLv3_client_method(). Related to Debian Bug#775255. Version report lists -SSLv3 on +SSL builds that omit SSLv3_client_method(). Version report lists -SSLv2 on +SSL builds that omit SSLv2_client_method().
* Minor bug fixes for socket.cJohn Beck2013-02-181-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | While running a static code analysis tool (Parfait) on fetchmail, it found some bugs: Error: Memory leak (CWE 401) Memory leak of pointer 'plugin_copy' allocated with malloc((plugin_copy_len + 1)) at line 137 of components/fetchmail/fetchmail-6.3.22/socket.c in function 'parse_plugin'. 'plugin_copy' allocated at line 107 with malloc((plugin_copy_len + 1)). plugin_copy leaks when plugin_copy_offset >= plugin_copy_len at line 114. Error: Null pointer dereference (CWE 476) Read from null pointer 'argvec' at line 189 of components/fetchmail/fetchmail-6.3.22/socket.c in function 'handle_plugin'. Function 'parse_plugin' may return constant 'NULL' at line 137, called at line 188. Null pointer introduced at line 137 in function 'parse_plugin'. at line 190 of components/fetchmail/fetchmail-6.3.22/socket.c in function 'handle_plugin'. Function 'parse_plugin' may return constant 'NULL' at line 137, called at line 188. Null pointer introduced at line 137 in function 'parse_plugin'. (I realize these are on 6.3.22; I checked and verified that this portion of the code is the same in 6.3.24.) The attached patch fixes each of these. (Note by Matthias Andree: The NULL pointer dereference fix does not require error reporting, because parse_plugin() will already have reported the out-of-memory error that causes the NULL to be returned.)
* Improve X.509 certificate validation reporting.Matthias Andree2013-02-061-13/+42
| | | | | | | | | * Improved reporting when SSL/TLS X.509 certificate validation has failed, working around a not-so-recent swapping of two OpenSSL error codes, and a practical impossibility to distinguish broken certification chains from missing trust anchors (root certificates). * OpenSSL decoded errors are now reported through report(), rather than dumped to stderr, so that they should show up in logfiles and/or syslog.
* Plug a memory leak in OpenSSL's certificate verification callback.Matthias Andree2012-12-131-1/+1
| | | | | | | | | | | This would affect fetchmail configurations running with SSL in daemon mode more than one-shot runs. Reported by Erik Thiele, and pinned by Dominik, Debian Bug #688015. This bug was introduced into fetchmail 6.2.9 (committed 2005-10-29) when support for subjectAltName was added through a patch by Roland Stigge, submitted as Debian Bug#201113.
* Clear SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS without SSL_CTX_clear_options()Earl Chew2012-09-031-3/+4
| | | | | | | | | | | | A patch to clear SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS was added recently: http://gitorious.org/fetchmail/fetchmail/commit/48809c5b9f6c9081f4031fa938dd63b060c18a4b?format=patch Older implementations of OpenSSL do not support SSL_CTX_clear_options(). This patch reworks the previous change to avoid the use of SL_CTX_clear_options() and instead clears the corresponding bit in SSL_OP_ALL before calling SSL_CTX_set_options().
* Fix CVE-2011-3389 by clearing SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS...Matthias Andree2012-05-031-0/+6
| | | | | | | ...from SSL options, unless FETCHMAIL_DISABLE_CBC_IV_COUNTERMEASURE is a non-empty environment variable. Suggested by Apple.
* Fix build on SSLv2-disabled OpenSSL setupsMatthias Andree2011-10-261-0/+5
| | | | | | | | On systems where SSLv2_client_method isn't defined in OpenSSL (such as newer Debian, and Ubuntu starting with 11.10 oneiric ocelot), don't reference it (to fix the build) and print a run-time error that the OS does not support SSLv2. Fixes Debian Bug #622054, but note that that bug report has a more thorough patch that does away with SSLv2 altogether.
* Print Server certificate: banner on stdout rather than stderr.Matthias Andree2011-08-301-1/+1
| | | | Reported by Henry Jensen, fixes Debian Bug #639807.
* Revert SO_???TIMEO-based STARTTLS timeout handling.Matthias Andree2011-05-261-28/+1
| | | | | | | | | This reverts commits 47c05b10018f5ec7493e4bd9f521aaa18d96f1e2 and 72ce8bce8dd655b6aefa33d0a74e883dad5202b5, the code isn't portable, for instance, Solaris does not support SO_RCVTIMEO/SO_SNDTIMEO. These socket-level options are known, but Solaris returns EAFNOSUPPORT. Reported by Jonathan Buschmann.
* Fix error string.Matthias Andree2011-05-231-1/+1
|
* Fix socket timeout handling.Matthias Andree2011-05-221-1/+2
| | | | Fixes STARTTLS hangs reported by Thomas Jarosch.
* Reindent.Matthias Andree2011-05-221-9/+9
|
* Reinstate SSLv2 support on legacy_63 branch.Matthias Andree2011-05-171-3/+5
| | | | | Revert "Remove support for SSLv2 (fixes Debian Bug #622054)." This reverts commit c22a3afca46c83ee6d53a6ee58deb122f309c460.
* Drop broken test code.Matthias Andree2011-05-171-18/+0
|
* SockOpen(): set SO_KEEPALIVE.Matthias Andree2011-05-131-0/+9
|
* Add a SockTimeout(int socket, int seconds) function.Matthias Andree2011-04-291-0/+25
| | | | Uses setsockopt(..., SOL_SOCKET, SO_{SND|RCV}TIMEO, ...).