X-Git-Url: https://git.exim.org/users/heiko/exim.git/blobdiff_plain/2b4a568dfa3d79a9a968984cf5b23829c084a951..9ff403f8e6b47bf94896eea173780375f49689ff:/test/src/client.c

diff --git a/test/src/client.c b/test/src/client.c
index be6bffbac..4efe43fc3 100644
--- a/test/src/client.c
+++ b/test/src/client.c
@@ -60,24 +60,27 @@ static int sigalrm_seen = 0;
 latter needs a whole pile of tables. */
 
 #ifdef HAVE_OPENSSL
-#define HAVE_TLS
-#include <openssl/crypto.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-#include <openssl/ssl.h>
-#include <openssl/err.h>
-#include <openssl/rand.h>
-#include <openssl/ocsp.h>
+# define HAVE_TLS
+# include <openssl/crypto.h>
+# include <openssl/x509.h>
+# include <openssl/pem.h>
+# include <openssl/ssl.h>
+# include <openssl/err.h>
+# include <openssl/rand.h>
+# include <openssl/ocsp.h>
 #endif
 
 
 #ifdef HAVE_GNUTLS
-#define HAVE_TLS
-#include <gnutls/gnutls.h>
-#include <gnutls/x509.h>
-#include <gnutls/ocsp.h>
+# define HAVE_TLS
+# include <gnutls/gnutls.h>
+# include <gnutls/x509.h>
+# if GNUTLS_VERSION_NUMBER >= 0x030103
+#  define HAVE_OCSP
+#  include <gnutls/ocsp.h>
+# endif
 
-#define DH_BITS      768
+# define DH_BITS      768
 
 /* Local static variables for GNUTLS */
 
@@ -113,7 +116,7 @@ static const int mac_priority[16] = {
 static const int comp_priority[16] = { GNUTLS_COMP_NULL, 0 };
 static const int cert_type_priority[16] = { GNUTLS_CRT_X509, 0 };
 
-#endif
+#endif	/*HAVE_GNUTLS*/
 
 
 
@@ -323,7 +326,7 @@ gnutls_error(uschar *prefix, int err)
 fprintf(stderr, "GnuTLS connection error: %s:", prefix);
 if (err != 0) fprintf(stderr, " %s", gnutls_strerror(err));
 fprintf(stderr, "\n");
-exit(1);
+exit(98);
 }
 
 
@@ -356,7 +359,7 @@ fd = open("aux-fixed/gnutls-params", O_RDONLY, 0);
 if (fd < 0)
   {
   fprintf(stderr, "Failed to open spool/gnutls-params: %s\n", strerror(errno));
-  exit(1);
+  exit(97);
   }
 
 if (fstat(fd, &statbuf) < 0)
@@ -515,7 +518,7 @@ while (argc >= argi + 1 && argv[argi][0] == '-')
       strcmp(argv[argi], "--help") == 0 ||
       strcmp(argv[argi], "-h") == 0)
     {
-    printf(HELP_MESSAGE);
+    puts(HELP_MESSAGE);
     exit(0);
     }
   if (strcmp(argv[argi], "-tls-on-connect") == 0)
@@ -529,7 +532,7 @@ while (argc >= argi + 1 && argv[argi][0] == '-')
     if (argc < ++argi + 1)
       {
       fprintf(stderr, "Missing required certificate file for ocsp option\n");
-      exit(1);
+      exit(96);
       }
     ocsp_stapling = argv[argi++];
     }
@@ -542,18 +545,18 @@ while (argc >= argi + 1 && argv[argi][0] == '-')
       {
       fprintf(stderr, "Failed to parse seconds from option <%s>\n",
         argv[argi]);
-      exit(1);
+      exit(95);
       }
     if (tmplong > 10000L)
       {
-      fprintf(stderr, "Unreasonably long wait of %d seconds requested\n",
+      fprintf(stderr, "Unreasonably long wait of %ld seconds requested\n",
         tmplong);
-      exit(1);
+      exit(94);
       }
     if (tmplong < 0L)
       {
-      fprintf(stderr, "Timeout must not be negative (%d)\n", tmplong);
-      exit(1);
+      fprintf(stderr, "Timeout must not be negative (%ld)\n", tmplong);
+      exit(93);
       }
     timeout = (int) tmplong;
     argi++;
@@ -561,7 +564,7 @@ while (argc >= argi + 1 && argv[argi][0] == '-')
   else
     {
     fprintf(stderr, "Unrecognized option %s\n", argv[argi]);
-    exit(1);
+    exit(92);
     }
   }
 
@@ -570,7 +573,7 @@ while (argc >= argi + 1 && argv[argi][0] == '-')
 if (argc < argi+1)
   {
   fprintf(stderr, "No IP address given\n");
-  exit(1);
+  exit(91);
   }
 
 address = argv[argi++];
@@ -581,7 +584,7 @@ host_af = (strchr(address, ':') != NULL)? AF_INET6 : AF_INET;
 if (argc < argi+1)
   {
   fprintf(stderr, "No port number given\n");
-  exit(1);
+  exit(90);
   }
 
 port = atoi(argv[argi++]);
@@ -623,7 +626,7 @@ sock = socket(host_af, SOCK_STREAM, 0);
 if (sock < 0)
   {
   printf("socket creation failed: %s\n", strerror(errno));
-  exit(1);
+  exit(89);
   }
 
 /* Bind to a specific interface if requested. On an IPv6 system, this has
@@ -648,7 +651,7 @@ if (interface != NULL)
       if (inet_pton(AF_INET6, interface, &s_in6.sin6_addr) != 1)
         {
         printf("Unable to parse \"%s\"", interface);
-        exit(1);
+        exit(88);
         }
       }
     else
@@ -669,7 +672,7 @@ if (interface != NULL)
       {
       printf("Unable to bind outgoing SMTP call to %s: %s",
         interface, strerror(errno));
-      exit(1);
+      exit(87);
       }
     }
   }
@@ -685,7 +688,7 @@ if (host_af == AF_INET6)
   if (inet_pton(host_af, address, &s_in6.sin6_addr) != 1)
     {
     printf("Unable to parse \"%s\"", address);
-    exit(1);
+    exit(86);
     }
   }
 else
@@ -715,7 +718,7 @@ if (rc < 0)
   {
   close(sock);
   printf("failed: %s\n", strerror(save_errno));
-  exit(1);
+  exit(85);
   }
 
 printf("connected\n");
@@ -731,7 +734,7 @@ ctx = SSL_CTX_new(SSLv23_method());
 if (ctx == NULL)
   {
   printf ("SSL_CTX_new failed\n");
-  exit(1);
+  exit(84);
   }
 
 if (certfile != NULL)
@@ -739,7 +742,7 @@ if (certfile != NULL)
   if (!SSL_CTX_use_certificate_file(ctx, certfile, SSL_FILETYPE_PEM))
     {
     printf("SSL_CTX_use_certificate_file failed\n");
-    exit(1);
+    exit(83);
     }
   printf("Certificate file = %s\n", certfile);
   }
@@ -749,7 +752,7 @@ if (keyfile != NULL)
   if (!SSL_CTX_use_PrivateKey_file(ctx, keyfile, SSL_FILETYPE_PEM))
     {
     printf("SSL_CTX_use_PrivateKey_file failed\n");
-    exit(1);
+    exit(82);
     }
   printf("Key file = %s\n", keyfile);
   }
@@ -767,8 +770,10 @@ if (certfile != NULL) printf("Certificate file = %s\n", certfile);
 if (keyfile != NULL) printf("Key file = %s\n", keyfile);
 tls_init(certfile, keyfile);
 tls_session = tls_session_init();
+#ifdef HAVE_OCSP
 if (ocsp_stapling)
   gnutls_ocsp_status_request_enable_client(tls_session, NULL, 0, NULL);
+#endif
 gnutls_transport_set_ptr(tls_session, (gnutls_transport_ptr)sock);
 
 /* When the server asks for a certificate and the client does not have one,
@@ -803,7 +808,7 @@ if (tls_on_connect)
 
   if (!tls_active)
     printf("Failed to start TLS\n");
-  #ifdef HAVE_GNUTLS
+  #if defined(HAVE_GNUTLS) && defined(HAVE_OCSP)
   else if (  ocsp_stapling
 	  && gnutls_ocsp_status_request_is_checked(tls_session, 0) == 0)
     printf("Failed to verify certificate status\n");
@@ -847,13 +852,13 @@ while (fgets(outbuffer, sizeof(outbuffer), stdin) != NULL)
       if (rc < 0)
         {
         printf("Read error %s\n", strerror(errno));
-        exit(1)  ;
+        exit(81)  ;
         }
       else if (rc == 0)
         {
         printf("Unexpected EOF read\n");
         close(sock);
-        exit(1);
+        exit(80);
         }
       else
         {
@@ -874,7 +879,7 @@ while (fgets(outbuffer, sizeof(outbuffer), stdin) != NULL)
     if (strncmp(lineptr, outbuffer + 4, (int)strlen(outbuffer) - 4) != 0)
       {
       printf("\n******** Input mismatch ********\n");
-      exit(1);
+      exit(79);
       }
 
     #ifdef HAVE_TLS
@@ -917,6 +922,7 @@ int rc;
 	    printf("Bad certificate\n");
 	    fflush(stdout);
 	    }
+	  #ifdef HAVE_OCSP
 	  else if (gnutls_ocsp_status_request_is_checked(tls_session, 0) == 0)
 	    {
 	    printf("Failed to verify certificate status\n");
@@ -938,6 +944,7 @@ int rc;
 	      }
 	    fflush(stdout);
 	    }
+	  #endif
 	  }
 	#endif
         else
@@ -967,7 +974,7 @@ int rc;
       {
       printf("Unconsumed input: %s", inptr);
       printf("   About to send: %s\n", outbuffer);
-      exit(1);
+      exit(78);
       }
 
     #ifdef HAVE_TLS
@@ -980,7 +987,7 @@ int rc;
       if (!tls_active)
         {
         printf("STOPTLS read when TLS not active\n");
-        exit(1);
+        exit(77);
         }
       printf("Shutting down TLS encryption\n");
 
@@ -1048,7 +1055,7 @@ int rc;
         if (rc < 0)
           {
           printf("GnuTLS write error: %s\n", gnutls_strerror(rc));
-          exit(1);
+          exit(76);
           }
       #endif
       }
@@ -1061,7 +1068,7 @@ int rc;
     if (rc < 0)
       {
       printf("Write error: %s\n", strerror(errno));
-      exit(1);
+      exit(75);
       }
     }
   }