}
-if (!(sk = chain_from_pem_file(ocsp_stapling)))
+if (!(sk = chain_from_pem_file((const uschar *)ocsp_stapling)))
{
BIO_printf(arg, "error in cert setup\n");
return 0;
{
rc = gnutls_certificate_set_x509_key_file(x509_cred, CS certificate,
CS privatekey, GNUTLS_X509_FMT_PEM);
- if (rc < 0) gnutls_error("gnutls_certificate", rc);
+ if (rc < 0) gnutls_error(US"gnutls_certificate", rc);
}
/* Associate the parameters with the x509 credentials structure. */
/* Expect incoming */
if ( strncmp(CS outbuffer, "???", 3) == 0
- && (outbuffer[3] == ' ' || outbuffer[3] == '*')
+ && (outbuffer[3] == ' ' || outbuffer[3] == '*' || outbuffer[3] == '?')
)
{
unsigned char *lineptr;
unsigned exp_eof = outbuffer[3] == '*';
+ unsigned resp_optional = outbuffer[3] == '?';
printf("%s\n", outbuffer);
n = unescape_buf(outbuffer, n);
+nextinput:
if (*inptr == 0) /* Refill input buffer */
{
+ alarm(timeout);
if (srv->tls_active)
{
- #ifdef HAVE_OPENSSL
- rc = SSL_read (srv->ssl, inbuffer, bsiz - 1);
- #endif
- #ifdef HAVE_GNUTLS
+#ifdef HAVE_OPENSSL
+ int error;
+ rc = SSL_read(srv->ssl, inbuffer, bsiz - 1);
+ if (rc <= 0)
+ switch (error = SSL_get_error(srv->ssl, rc))
+ {
+ case SSL_ERROR_ZERO_RETURN:
+ break;
+ case SSL_ERROR_SYSCALL:
+ printf("%s\n", ERR_error_string(ERR_get_error(), NULL)); break;
+ rc = -1;
+ case SSL_ERROR_SSL:
+ printf("%s\n", ERR_error_string(ERR_get_error(), NULL)); break;
+ SSL_shutdown(srv->ssl);
+ SSL_free(srv->ssl);
+ srv->tls_active = FALSE;
+ goto nextinput;
+ default:
+ printf("SSL error code %d\n", error);
+ }
+
+#endif
+#ifdef HAVE_GNUTLS
rc = gnutls_record_recv(tls_session, CS inbuffer, bsiz - 1);
- #endif
+#endif
}
else
- {
- alarm(timeout);
rc = read(srv->sock, inbuffer, bsiz);
- alarm(0);
- }
+ alarm(0);
if (rc < 0)
{
printf("Expected EOF read\n");
continue;
}
+ else if (resp_optional)
+ continue; /* next scriptline */
else
{
printf("Unexpected EOF read\n");
if (*inptr == '\n') inptr++;
}
- printf("<<< %s\n", lineptr);
if (strncmp(CS lineptr, CS outbuffer + 4, n - 4) != 0)
- {
- printf("\n******** Input mismatch ********\n");
- exit(79);
- }
+ if (resp_optional)
+ {
+ inptr = lineptr; /* consume scriptline, not inputline */
+ continue;
+ }
+ else
+ {
+ printf("<<< %s\n", lineptr);
+ printf("\n******** Input mismatch ********\n");
+ exit(79);
+ }
+
+ /* input matched script */
+
+ if (resp_optional)
+ goto nextinput; /* consume inputline, not scriptline */
+
+ printf("<<< %s\n", lineptr);
#ifdef HAVE_TLS
if (srv->sent_starttls)
{
if (lineptr[0] == '2')
{
-int rc;
unsigned int verify;
printf("Attempting to start TLS\n");
else if (strncmp(CS outbuffer, "<<< ", 4) == 0)
{
FILE * new_f;
- if (!(new_f = fopen(outbuffer+4 , "r")))
+ if (!(new_f = fopen((const char *)outbuffer+4 , "r")))
{
printf("Unable to open '%s': %s", inptr, strerror(errno));
exit(74);
#ifdef HAVE_GNUTLS
if (certfile != NULL) printf("Certificate file = %s\n", certfile);
if (keyfile != NULL) printf("Key file = %s\n", keyfile);
-tls_init(certfile, keyfile);
+tls_init(US certfile, US keyfile);
tls_session = tls_session_init();
#ifdef HAVE_OCSP
if (ocsp_stapling)
printf("End of script\n");
shutdown(srv.sock, SHUT_WR);
-while (read(srv.sock, inbuffer, sizeof(inbuffer)) > 0) ;
+if (fcntl(srv.sock, F_SETFL, O_NONBLOCK) == 0)
+ while (read(srv.sock, inbuffer, sizeof(inbuffer)) > 0) ;
close(srv.sock);
exit(0);
git://git.exim.org / exim.git / blobdiff