[dovecot-cvs] dovecot/src/master ssl-init-gnutls.c,NONE,1.1 ssl-init-openssl.c,NONE,1.1 Makefile.am,1.3,1.4 ssl-init.c,1.1,1.2 ssl-init.h,1.1,1.2
cras at procontrol.fi
cras at procontrol.fi
Wed Nov 20 16:05:16 EET 2002
- Previous message: [dovecot-cvs] dovecot/src/login ssl-proxy-gnutls.c,NONE,1.1 ssl-proxy-openssl.c,NONE,1.1 Makefile.am,1.1.1.1,1.2 ssl-proxy.c,1.19,1.20
- Next message: [dovecot-cvs] dovecot configure.in,1.45,1.46 INSTALL,1.3,1.4
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Update of /home/cvs/dovecot/src/master
In directory danu:/tmp/cvs-serv18612/src/master
Modified Files:
Makefile.am ssl-init.c ssl-init.h
Added Files:
ssl-init-gnutls.c ssl-init-openssl.c
Log Message:
Support for OpenSSL.
--- NEW FILE: ssl-init-gnutls.c ---
/* Copyright (C) 2002 Timo Sirainen */
#include "common.h"
#include "write-full.h"
#include "ssl-init.h"
#ifdef HAVE_GNUTLS
#include <gnutls/gnutls.h>
static int prime_nums[] = { 768, 1024, 0 };
static void write_datum(int fd, const char *fname, gnutls_datum *dbits)
{
if (write_full(fd, &dbits->size, sizeof(dbits->size)) < 0)
i_fatal("write_full() failed for file %s: %m", fname);
if (write_full(fd, dbits->data, dbits->size) < 0)
i_fatal("write_full() failed for file %s: %m", fname);
}
static void generate_dh_parameters(int fd, const char *fname)
{
gnutls_datum dbits, prime, generator;
int ret, bits, i;
dbits.size = sizeof(bits);
dbits.data = (unsigned char *) &bits;
for (i = 0; prime_nums[i] != 0; i++) {
bits = prime_nums[i];
ret = gnutls_dh_params_generate(&prime, &generator, bits);
if (ret < 0) {
i_fatal("gnutls_dh_params_generate(%d) failed: %s",
bits, gnutls_strerror(ret));
}
write_datum(fd, fname, &dbits);
write_datum(fd, fname, &prime);
write_datum(fd, fname, &generator);
free(prime.data);
free(generator.data);
}
bits = 0;
write_datum(fd, fname, &dbits);
}
static void generate_rsa_parameters(int fd, const char *fname)
{
gnutls_datum m, e, d, p, q, u;
int ret;
ret = gnutls_rsa_params_generate(&m, &e, &d, &p, &q, &u, 512);
if (ret < 0) {
i_fatal("gnutls_rsa_params_generate() faile: %s",
strerror(ret));
}
write_datum(fd, fname, &m);
write_datum(fd, fname, &e);
write_datum(fd, fname, &d);
write_datum(fd, fname, &p);
write_datum(fd, fname, &q);
write_datum(fd, fname, &u);
}
void _ssl_generate_parameters(int fd, const char *fname)
{
int ret;
if ((ret = gnutls_global_init() < 0)) {
i_fatal("gnu_tls_global_init() failed: %s",
gnutls_strerror(ret));
}
generate_dh_parameters(fd, temp_fname);
generate_rsa_parameters(fd, temp_fname);
gnutls_global_deinit();
}
#endif
--- NEW FILE: ssl-init-openssl.c ---
/* Copyright (C) 2002 Timo Sirainen */
#include "common.h"
#include "ssl-init.h"
#ifdef HAVE_OPENSSL
void _ssl_generate_parameters(int fd, const char *fname)
{
}
#endif
Index: Makefile.am
===================================================================
RCS file: /home/cvs/dovecot/src/master/Makefile.am,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -d -r1.3 -r1.4
--- Makefile.am 17 Nov 2002 13:59:37 -0000 1.3
+++ Makefile.am 20 Nov 2002 14:05:14 -0000 1.4
@@ -16,7 +16,9 @@
login-process.c \
main.c \
settings.c \
- ssl-init.c
+ ssl-init.c \
+ ssl-init-gnutls.c \
+ ssl-init-openssl.c
noinst_HEADERS = \
auth-process.h \
Index: ssl-init.c
===================================================================
RCS file: /home/cvs/dovecot/src/master/ssl-init.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- ssl-init.c 17 Nov 2002 13:59:54 -0000 1.1
+++ ssl-init.c 20 Nov 2002 14:05:14 -0000 1.2
@@ -2,88 +2,22 @@
#include "common.h"
#include "ioloop.h"
-#include "write-full.h"
+#include "ssl-init.h"
#ifdef HAVE_SSL
#include <stdio.h>
-#include <stdlib.h>
#include <unistd.h>
#include <fcntl.h>
#include <sys/stat.h>
-#include <gnutls/gnutls.h>
-
-static int prime_nums[] = { 768, 1024, 0 };
static Timeout to;
static int generating;
-static void write_datum(int fd, const char *fname, gnutls_datum *dbits)
-{
- if (write_full(fd, &dbits->size, sizeof(dbits->size)) < 0)
- i_fatal("write_full() failed for file %s: %m", fname);
-
- if (write_full(fd, dbits->data, dbits->size) < 0)
- i_fatal("write_full() failed for file %s: %m", fname);
-}
-
-static void generate_dh_parameters(int fd, const char *fname)
-{
- gnutls_datum dbits, prime, generator;
- int ret, bits, i;
-
- dbits.size = sizeof(bits);
- dbits.data = (unsigned char *) &bits;
-
- for (i = 0; prime_nums[i] != 0; i++) {
- bits = prime_nums[i];
-
- ret = gnutls_dh_params_generate(&prime, &generator, bits);
- if (ret < 0) {
- i_fatal("gnutls_dh_params_generate(%d) failed: %s",
- bits, gnutls_strerror(ret));
- }
-
- write_datum(fd, fname, &dbits);
- write_datum(fd, fname, &prime);
- write_datum(fd, fname, &generator);
-
- free(prime.data);
- free(generator.data);
- }
-
- bits = 0;
- write_datum(fd, fname, &dbits);
-}
-
-static void generate_rsa_parameters(int fd, const char *fname)
-{
- gnutls_datum m, e, d, p, q, u;
- int ret;
-
- ret = gnutls_rsa_params_generate(&m, &e, &d, &p, &q, &u, 512);
- if (ret < 0) {
- i_fatal("gnutls_rsa_params_generate() faile: %s",
- strerror(ret));
- }
-
- write_datum(fd, fname, &m);
- write_datum(fd, fname, &e);
- write_datum(fd, fname, &d);
- write_datum(fd, fname, &p);
- write_datum(fd, fname, &q);
- write_datum(fd, fname, &u);
-}
-
static void generate_parameters_file(const char *fname)
{
const char *temp_fname;
- int fd, ret;
-
- if ((ret = gnutls_global_init() < 0)) {
- i_fatal("gnu_tls_global_init() failed: %s",
- gnutls_strerror(ret));
- }
+ int fd;
temp_fname = t_strconcat(fname, ".tmp", NULL);
(void)unlink(temp_fname);
@@ -94,16 +28,13 @@
temp_fname);
}
- generate_dh_parameters(fd, temp_fname);
- generate_rsa_parameters(fd, temp_fname);
+ _ssl_generate_parameters(fd, temp_fname);
if (close(fd) < 0)
i_fatal("close() failed for %s: %m", temp_fname);
if (rename(temp_fname, fname) < 0)
i_fatal("rename(%s, %s) failed: %m", temp_fname, fname);
-
- gnutls_global_deinit();
}
static void start_generate_process(void)
@@ -171,16 +102,8 @@
#else
-void ssl_parameter_process_destroyed(pid_t pid __attr_unused__)
-{
-}
-
-void ssl_init(void)
-{
-}
-
-void ssl_deinit(void)
-{
-}
+void ssl_parameter_process_destroyed(pid_t pid __attr_unused__) {}
+void ssl_init(void) {}
+void ssl_deinit(void) {}
#endif
Index: ssl-init.h
===================================================================
RCS file: /home/cvs/dovecot/src/master/ssl-init.h,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- ssl-init.h 17 Nov 2002 13:59:37 -0000 1.1
+++ ssl-init.h 20 Nov 2002 14:05:14 -0000 1.2
@@ -3,6 +3,8 @@
void ssl_parameter_process_destroyed(pid_t pid);
+void _ssl_generate_parameters(int fd, const char *fname);
+
void ssl_init(void);
void ssl_deinit(void);
- Previous message: [dovecot-cvs] dovecot/src/login ssl-proxy-gnutls.c,NONE,1.1 ssl-proxy-openssl.c,NONE,1.1 Makefile.am,1.1.1.1,1.2 ssl-proxy.c,1.19,1.20
- Next message: [dovecot-cvs] dovecot configure.in,1.45,1.46 INSTALL,1.3,1.4
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the dovecot-cvs
mailing list