Commit Graph

77 Commits

Author SHA1 Message Date
Oswald Buddenhagen
6a874b5877 error-check more openssl function calls 2019-09-10 13:26:42 +02:00
Oswald Buddenhagen
5f908b7672 attempt to improve ssl error handling (again)
the error queue may contain multiple errors, so make sure to drain it
completely. also, don't try to fall back to errno in case of
SSL_ERROR_SSL.
2019-09-10 13:26:42 +02:00
Oswald Buddenhagen
91abf2b830 modernize ssl context init
with openssl 1.1+, use TLS_client_method() instead of the deprecated
SSLv23_client_method().
2019-09-10 13:26:42 +02:00
Oswald Buddenhagen
f63e4338e8 fix leak of openssl X509 objects
SSL_get_peer_certificate() increments the refcount of the object.
2019-09-10 13:26:42 +02:00
Caspar Schutijser
7607e53d56 Do not crash when using Tunnel in an IPv6-enabled build
socket_connected() is also called on the tunnel pipe.

amends 3ceb55310.
2019-08-19 13:23:03 +02:00
Oswald Buddenhagen
17babc1695 use SNI when connecting with SSL
based on patch by Vincent Bernat <vincent@bernat.ch>.
2018-09-08 18:37:15 +02:00
Klemens Nanni
8a40554f07 User functions provided by recent LibreSSL versions
At least on OpenBSD, this enables new APIs out of the box provided by
LibreSSL 2.7.1 and higher.

From Jeremie Courreges-Anglas <jca@openbsd.org>.
2018-07-01 12:44:19 +02:00
Oswald Buddenhagen
3a2e6b3793 prune SSL 2 support
OpenSSL actually did that a while ago already, so this was dead code.
2017-10-01 10:42:00 +02:00
Oswald Buddenhagen
1b354fa61a Merge branch '1.2'
Conflicts:
	Makefile.am
	configure.ac
	debian/.gitignore
2017-10-01 10:38:43 +02:00
Oswald Buddenhagen
33ee4a4ffe fixes for -Wimplicit-fallthrough 2017-10-01 10:04:31 +02:00
Oswald Buddenhagen
118fdc4f18 Merge branch '1.2'
Conflicts:
	configure.ac
	src/mbsync.1
2017-08-05 21:20:48 +02:00
Oswald Buddenhagen
ada0ae4b8e fix spurious decompression errors
while that's just bad api, inflate() can return Z_BUF_ERROR during
normal operation.

contrary to the zpipe example and what the documentation implies,
deflate() actually isn't that braindead. add respective comments.

REFMAIL: CALA3aExMjtRL0tAmgUANpDTnn-_HJ0sYkOEXWzoO6DVaiNFUHQ@mail.gmail.com
2017-07-30 18:47:30 +02:00
Oswald Buddenhagen
366ed7d762 improve zlib error reporting
zlib is not exactly thorough about always populating z_stream->msg, so
fall back to the error code if necessary.
2017-07-30 13:47:51 +02:00
Patrick Steinhardt
56515abe94 socket: use next addrinfo if opening socket fails
The `socket_connect_one` function previously did an `exit(1)` when
encountering any errors with opening the socket. This would break
connecting to a host where multiple possible addrinfos are returned,
where the leading addrinfos are in fact impossible to connect to. E.g.
with a kernel configured without support for IPv6, the `getaddrinfo`
call may still return a hint containing an IPv6 address alongside
another hint with an IPv4 address. Creating the socket with the IPv6
address, which will cause an error, lead us to exiting early without
even trying remaining hints.

While one can argue that the user should have compiled without HAVE_IPV6
or used an appropriate DNS configuration, we can do better by simply
skipping over the current addrinfo causing an error. To do so, we split
out a new function `socket_connect_next`, which selects the next
available address info and subsequently calls `socket_connect_one`
again. When no hints remain, `sock_connect_one` will error out at that
point.
2017-06-22 09:23:56 +02:00
Oswald Buddenhagen
b2f6ef391b Merge branch 'isync_1_2_branch' 2016-11-05 13:16:32 +01:00
Oswald Buddenhagen
41308e4814 fix build with openssl 1.1
they finally made their structs opaque, and provided proper getters.
2016-07-24 11:58:57 +02:00
Oswald Buddenhagen
719d4a2437 prune obsolete #include
hmac.h was needed only for the cram-md5 implementation.
2016-07-24 11:58:09 +02:00
Oswald Buddenhagen
2648ef578f fix server certificate validation error reporting
use the right function to decode the error code.

found by Andrés Ramírez <sunshavi@fastmail.fm>.
2016-05-21 13:09:56 +02:00
Oswald Buddenhagen
89dc7592ee don't crash when dns lookup fails (ipv6 path)
we call socket_connect_bail() when getaddrinfo() failed, so it must deal
with no addrinfo being there yet.
2015-09-27 12:13:34 +02:00
Oswald Buddenhagen
9a0403f446 de-duplicate cleanup of name-related data in error paths
"name" being both the ipv6 dns info and our own socket label.

sort-of amends 9d22641b.
2015-09-12 11:13:59 +02:00
Anton Khirnov
167964933f add support for sending a TLS client certificate 2015-08-09 09:44:55 +02:00
Oswald Buddenhagen
9d22641b62 make server connection a cancellable operation
this entails splitting drv->open_store() into alloc_store() and
connect_store().
2015-05-24 14:51:31 +02:00
Oswald Buddenhagen
bcd43e2c66 Merge branch 'isync_1_2_branch'
Conflicts:
	configure.ac
	src/drv_imap.c
2015-05-09 19:31:55 +02:00
Oswald Buddenhagen
02af3f4c73 ensure direct exit after calling back
any structures may be invalid after callback invocation.

this has the side effect that the socket write callback now returns
void, like all other callbacks do.
2015-05-09 19:18:40 +02:00
Oswald Buddenhagen
6c08f568d0 fix socket_write() recursion
the synchronous writing to the socket would have typically invoked the
write callback, which would flush further commands, thus recursing.

we take the easy way out and make it fully asynchronous, i.e., no data
is sent before (re-)entering the event loop.

this also has the effect that socket_write() cannot fail any more, and
any errors will be reported asynchronously. this is consistent with
socket_read(), and produces cleaner code.

this introduces a marginal performance regression: the maildir driver is
synchronous, so all messages (which fit into memory) will be read before
any data is sent. this is not considered relevant.
2015-05-09 19:17:41 +02:00
Oswald Buddenhagen
1eb88d4fea add socket timeout handling 2015-04-26 20:58:22 +02:00
Oswald Buddenhagen
a8b26dc4ac soft-limit peak memory usage
propagating many messages from a fast store (typically maildir or a
local IMAP server) to a slow asynchronous store could cause gigabytes of
data being buffered. avoid this by throttling fetches if the target
context reports memory usage above a configurable limit.

REFMAIL: 9737edb14457c71af4ed156c1be0ae59@mpcjanssen.nl
2015-02-15 18:13:05 +01:00
Oswald Buddenhagen
d4392c9220 handle clean SSL connection shutdowns
some servers actually bother to close down the SSL connection before
closing the socket.

this fixes the spurious "unhandled SSL error 6" messages.

REFMAIL: 20150120114805.GA17586@leeloo.kyriasis.com
2015-02-15 12:19:47 +01:00
Oswald Buddenhagen
9e15ab4a5a refactor socket EOF handling
handling EOF already at the socket level isn't a very good idea - it
breaks the abstraction, and makes implementing sane semantics hard.
2015-02-15 12:15:46 +01:00
Oswald Buddenhagen
13c742529c fix crash on shutdown of compressed connection
the callback may destroy the socket, so it is very unwise to use it for
buffering the return value. use a temporary instead.
2015-02-15 11:49:58 +01:00
Oswald Buddenhagen
c9b8cefc29 handle clean shutdown of zlib stream
the server can actually close the zlib stream before closing the socket,
so we need to accept it.

we don't do anything beyond that - the actual EOF will be signaled by
the socket, and if the server (erroneously) sends more data, zlib will
tell us about it.

REFMAIL: 1423048708-975-1-git-send-email-alex.bennee@linaro.org
2015-02-15 11:49:58 +01:00
Oswald Buddenhagen
ef70bd4a40 don't try to flush if there is nothing to flush
zlib reports Z_BUF_ERROR when a flush is attempted without any activity
since the previous flush (if any). while this is harmless as such,
discerning the condition from genuine errors would be much harder than
avoiding the pointless flush in the first place.

REFMAIL: eb5681612f17be777bc8d138d31dd6d6@mpcjanssen.nl
2015-02-15 11:49:58 +01:00
Oswald Buddenhagen
6c959c3ee4 fix handling of unsolicited BYE responses
they can come in at any time, after which we must expect the connection
to be closed (and not complain about it).
2015-01-11 15:05:29 +01:00
Oswald Buddenhagen
139b90be29 added support for IMAP DEFLATE
initial patch by Jesse Weaver <pianohacker@gmail.com>, but mostly
rewritten by me.
2015-01-11 15:05:28 +01:00
Oswald Buddenhagen
f0b80e7d35 make socket writing buffered
the primary objective is reducing the number of small SSL packets (which
are always padded), but fewer syscalls in the non-SSL case should be
good as well.
2015-01-11 15:05:28 +01:00
Oswald Buddenhagen
efb23ab96a vectorize socket_write()
the objective is making the buffer code aware of the total size of a
write in advance. this commit doesn't take advantage of that yet.
2015-01-11 15:05:28 +01:00
Oswald Buddenhagen
a4e2f1a60d use null timer instead of faking a socket notification 2015-01-11 15:05:28 +01:00
Oswald Buddenhagen
1fd66195d8 change socket notifier design
instead of keeping the structures in an opaque array (which was a shadow
of the struct pollfd array if poll() was supported), make them directly
addressable.

this has the advantage that notifier-altering operations (mostly
en-/disabling) don't need to look up the structure by file handle each
time.
on the downside, data locality in the main loop is worse.
neither of these have any real effect on performance.

note that the structures are not allocated separately, but embedded into
the the parent structure (like sockets already were).
2015-01-11 15:05:28 +01:00
Oswald Buddenhagen
f68e021b90 factor out socket_open_internal() 2015-01-11 15:05:28 +01:00
Oswald Buddenhagen
b730f66f7d Merge branch 'isync_1_1_branch' into HEAD
Conflicts:
	src/socket.c
2015-01-11 14:32:15 +01:00
Oswald Buddenhagen
6f7d416bb8 fix acceptance of trusted SSL certs
we should make no assumptions about the layout of OpenSSL's certificate
store, in particular when they are wrong. so copy the interesting part
instead of "deep-linking" into it.

this code is uglier than it should be, but OpenSSL's extensive use of
macros to manage data types would force us to include the ssl headers
into our headers otherwise, which would be even uglier.

REFMAIL: <545442CC.9020400@nodivisions.com>
2014-11-08 14:00:28 +01:00
Oswald Buddenhagen
7ee0483436 nuke home-grown CRAM-MD5 support
it was obsoleted by SASL support.
i deem the additional dependency acceptable when one wants the feature.
2014-10-20 10:10:55 +02:00
Oswald Buddenhagen
aba3524d9b make it possible to disable usage of system cert store 2014-10-18 16:18:48 +02:00
Oswald Buddenhagen
7822bd8a91 require Host if SSL is used despite Tunnel 2014-10-18 16:18:48 +02:00
Oswald Buddenhagen
7ce57b9c00 make SSL certificate verification less arcane
instead of using a callback which messes with the certificate chain
verification, simply let OpenSSL ignore errors during that phase and
check the result only afterwards.
2014-10-18 16:18:48 +02:00
Oswald Buddenhagen
2745813367 re-design SSL/TLS configuration
the combinations of the various options made quite a mess. additionally,
'RequireSSL no' is inherently insecure - "use SSL if available" is plain
stupid.

the old options are still accepted, but will elicit a warning.
2014-10-18 16:18:48 +02:00
Oswald Buddenhagen
aa4f7a7d00 move use_imaps out of server_conf_t
it doesn't belong there - it's a property of imap_server_conf_t.
the port setup is now done while reading the config.

this makes socket.[hc] imap-agnostic.
2014-10-18 16:15:02 +02:00
Oswald Buddenhagen
12be7dd1f3 remove pointless use of AI_V4MAPPED flag
this flag is ineffective if ai_family is not explicitly AF_INET6.
on top of that, attempting to use it breaks on FreeBSD.
2014-02-02 12:24:34 +01:00
Oswald Buddenhagen
03b3b566f1 reshuffle sources a bit
split header and move some code to more logical places.
2013-12-08 23:19:12 +01:00
Oswald Buddenhagen
27fa63a577 move verbose socket logging out of socket driver
the way it's used, it's more of a high-level function.
2013-12-08 23:14:34 +01:00