git://git.exim.org / exim.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Call notquite ACL for synprot-error limit. Bug 3092
[exim.git] / src / src / tls-gnu.c
diff --git a/src/src/tls-gnu.c b/src/src/tls-gnu.c
index 7963e2c97bb5664824c990bd5e1ce3df1508dba3..7c6296786e3e7d14ee54cc0c48ab8fc43a0cc5bb 100644 (file)
--- a/src/src/tls-gnu.c
+++ b/src/src/tls-gnu.c
@@ -550,6 +550,12 @@ record_io_error(exim_gnutls_state_st *state, int rc, uschar *when, uschar *text)
 const uschar * msg;
 uschar * errstr;
 
+if (rc == GNUTLS_E_INVALID_SESSION && errno == 0)
+  {
+  DEBUG(D_tls) debug_printf("- INVALID_SESSION with zero errno\n");
+  return;
+  }
+
 msg = rc == GNUTLS_E_FATAL_ALERT_RECEIVED
   ? string_sprintf("A TLS fatal alert has been received: %s",
       US gnutls_alert_get_name(gnutls_alert_get(state->session)))
@@ -4305,6 +4311,79 @@ return NULL;
 }
 
 
+/* For ATRN provider: transfer the tls_in context to tls_out */
+
+void
+tls_state_in_to_out(int newfd, const uschar * ipaddr, int port)
+{
+exim_gnutls_state_st * state;
+host_item * h;
+int old_pool = store_pool;
+
+store_pool = POOL_PERM;
+state = store_get(sizeof(exim_gnutls_state_st), GET_UNTAINTED);
+h = store_get(sizeof(host_item), GET_UNTAINTED);
+
+memset(h, 0, sizeof(host_item));
+h->name = h->address = string_copy(ipaddr);
+h->port = port;
+
+*state = state_server;
+
+state->fd_in = newfd;
+state->fd_out = newfd;
+state->tlsp = &tls_out;
+state->host = h;
+
+tls_out = tls_in;
+tls_out.active.sock = newfd;
+tls_out.active.tls_ctx = state;
+
+memset(&tls_in, 0, sizeof(tls_in));
+
+gnutls_transport_set_ptr2(state->session,
+    (gnutls_transport_ptr_t)(long) newfd,
+    (gnutls_transport_ptr_t)(long) newfd);
+store_pool = old_pool;
+}
+
+
+
+/* For ATRN customer: transfer the tls_out context to tls_in */
+
+void
+tls_state_out_to_in(int newfd, const uschar * ipaddr, int port)
+{
+host_item * h;
+int old_pool = store_pool;
+
+store_pool = POOL_PERM;
+h = store_get(sizeof(host_item), GET_UNTAINTED);
+store_pool = old_pool;
+memset(h, 0, sizeof(host_item));
+h->name = h->address = string_copy(ipaddr);
+h->port = port;
+
+state_server = *(exim_gnutls_state_st *)tls_out.active.tls_ctx;
+state_server.fd_in = newfd;
+state_server.fd_out = newfd;
+state_server.tlsp = &tls_in;
+state_server.host = h;
+state_server.xfer_buffer = store_malloc(ssl_xfer_buffer_size);
+
+tls_in = tls_out;
+tls_in.on_connect = FALSE;
+tls_in.active.sock = newfd;
+tls_in.active.tls_ctx = &state_server;
+
+memset(&tls_out, 0, sizeof(tls_out));
+
+gnutls_transport_set_ptr2(state_server.session,
+    (gnutls_transport_ptr_t)(long) newfd,
+    (gnutls_transport_ptr_t)(long) newfd);
+}
+
+
 
 
 /*************************************************
Master Exim source repository