2 * This program is free software; you can redistribute it and/or modify
3 * it under the terms of the GNU General Public License as published by
4 * the Free Software Foundation; either version 2 of the License, or (at
5 * your option) any later version.
7 * This program is distributed in the hope that it will be useful, but
8 * WITHOUT ANY WARRANTY; without even the implied warranty of
9 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
10 * General Public License for more details.
12 * You should have received a copy of the GNU General Public License
13 * along with this program; if not, write to the Free Software
14 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
18 * Copyright © 2007 Pierre Habouzit
22 #include <sys/epoll.h>
23 #include <sys/socket.h>
25 # include <linux/poll.h>
27 # define EPOLLRDHUP POLLRDHUP
34 #include "mutt_ssl.li"
36 DO_ARRAY_TYPE(job_t, job);
38 static int epollfd = -1;
39 static job_array jobs;
40 static pthread_mutex_t mx;
41 static pthread_t el_thread;
43 static int el_job_setemode(job_t *w, el_mode emode)
45 static int const evtmode_to_epoll[] = {
46 [EL_NEW] = EPOLLRDHUP,
47 [EL_READING] = EPOLLIN,
48 [EL_WRITING] = EPOLLOUT,
49 [EL_RDWR] = EPOLLIN | EPOLLOUT,
50 [EL_IDLE] = EPOLLRDHUP,
53 assert (w->mode == emode || emode == EL_WRITING || emode == EL_READING);
55 if (emode != w->emode) {
56 struct epoll_event event = {
58 .events = evtmode_to_epoll[emode],
60 int action = w->emode == EL_NEW ? EPOLL_CTL_ADD : EPOLL_CTL_MOD;
61 if (epoll_ctl(epollfd, action, w->fd, &event) < 0) {
62 return el_job_release(w, true);
69 int el_job_setmode(job_t *w, el_mode mode)
71 if (w->mode == w->emode) {
73 return el_job_setemode(w, mode);
80 void job_wipe(job_t *w)
83 gnutls_certificate_free_credentials(w->xcred);
85 gnutls_deinit(w->session);
88 static void job_arrau_dtor(job_t **j)
91 IGNORE(el_job_release(*j, EL_KILLED));
94 DO_ARRAY_FUNCS(job_t, job, job_arrau_dtor);
96 static void job_array_remove(job_array *arr, job_t *j)
98 for (int i = 0; i < arr->len; i++) {
99 if (arr->arr[i] == j) {
100 job_array_take(arr, i);
106 job_t *el_job_start(const machine_t *m, void *cfg)
108 job_t *w = job_new();
110 job_array_append(&jobs, w);
111 return m->setup(w, cfg) < 0 ? NULL : w;
114 int el_job_release(job_t *w, el_status reason)
116 w->state = EL_LLP_FINI;
117 if (w->m && w->m->finalize) {
118 w->m->finalize(w, reason);
122 gnutls_bye(w->session, GNUTLS_SHUT_RDWR);
125 job_array_remove(&jobs, w);
130 static int el_job_tlsing(job_t *w, int starttls)
132 int err = gnutls_handshake(w->session);
133 if (err < 0 && !gnutls_error_is_fatal(err)) {
134 int wr = gnutls_record_get_direction(w->session);
135 return el_job_setemode(w, wr ? EL_WRITING : EL_READING);
138 return el_job_release(w, EL_RDHUP);
141 if (!tls_check_certificate (conn))
145 /* set Security Strength Factor (SSF) for SASL */
146 /* NB: gnutls_cipher_get_key_size() returns key length in bytes */
147 w->ssf = gnutls_cipher_get_key_size(gnutls_cipher_get(w->session)) * 8;
148 w->state = EL_LLP_READY;
150 return el_job_setemode(w, w->mode);
151 return w->m->on_event(w, EL_EVT_RUNNING);
154 static int el_job_starttlsing(job_t *w)
156 return el_job_tlsing(w, true);
159 static int el_job_connecting_ssl(job_t *w)
161 return el_job_tlsing(w, false);
164 static int el_job_connecting(job_t *w)
167 socklen_t len = sizeof(err);
169 if (getsockopt(w->fd, SOL_SOCKET, SO_ERROR, (void *)&err, &len) || err)
170 return el_job_release(w, EL_ERROR);
173 w->llp = &el_job_connecting_ssl;
176 w->state = EL_LLP_READY;
177 return w->m->on_event(w, EL_EVT_RUNNING);
180 static int tls_negotiate(job_t *w)
182 static int protocol_priority[] = { GNUTLS_TLS1, GNUTLS_SSL3, 0 };
184 if (gnutls_certificate_allocate_credentials(&w->xcred) < 0)
187 /* ignore errors, maybe file doesn't exist yet */
188 gnutls_certificate_set_x509_trust_file(w->xcred, mod_ssl.cert_file,
189 GNUTLS_X509_FMT_PEM);
191 if (mod_ssl.ca_certificates_file) {
192 gnutls_certificate_set_x509_trust_file(w->xcred,
193 mod_ssl.ca_certificates_file, GNUTLS_X509_FMT_PEM);
195 gnutls_init(&w->session, GNUTLS_CLIENT);
198 gnutls_transport_set_ptr(w->session, (gnutls_transport_ptr)(intptr_t)w->fd);
200 /* disable TLS/SSL protocols as needed */
201 if (!mod_ssl.use_sslv3) {
202 protocol_priority[1] = 0;
205 /* We use default priorities (see gnutls documentation),
206 except for protocol version */
207 gnutls_set_default_priority(w->session);
208 gnutls_protocol_set_priority(w->session, protocol_priority);
209 gnutls_credentials_set(w->session, GNUTLS_CRD_CERTIFICATE, w->xcred);
213 int el_job_connect(job_t *w, struct sockaddr *addr, socklen_t len,
214 int type, int proto, int ssl)
216 int res, sock = socket(addr->sa_family, type, proto);
221 res = fcntl(sock, F_GETFL);
224 if (fcntl(sock, F_SETFL, res | O_NONBLOCK) < 0)
226 if (connect(sock, addr, len) < 0)
230 if (ssl && tls_negotiate(w) < 0)
233 w->llp = &el_job_connecting;
234 return el_job_setmode(w, EL_WRITING);
238 return el_job_release(w, EL_ERROR);
241 int el_job_starttls(job_t *w)
243 if (tls_negotiate(w) < 0)
244 return el_job_release(w, EL_RDHUP);
245 w->state = EL_LLP_INIT;
246 w->llp = &el_job_starttlsing;
250 ssize_t el_job_read(job_t *w, buffer_t *buf)
254 buffer_ensure(buf, BUFSIZ);
257 nr = gnutls_record_recv(w->session, buf->data + buf->len, BUFSIZ);
258 if (nr < 0 && !gnutls_error_is_fatal(nr)) {
259 int wr = gnutls_record_get_direction(w->session);
260 return el_job_setemode(w, wr ? EL_WRITING : EL_READING);
262 EL_JOB_CHECK(el_job_setemode(w, w->mode));
264 nr = read(w->fd, buf->data + buf->len, BUFSIZ);
265 if (nr < 0 && (errno == EINTR || errno == EAGAIN))
269 return el_job_release(w, EL_RDHUP);
270 buffer_extend(buf, nr);
274 ssize_t el_job_write(job_t *w, buffer_t *buf)
282 nr = gnutls_record_send(w->session, buf->data, buf->len);
283 if (nr < 0 && !gnutls_error_is_fatal(nr)) {
284 int wr = gnutls_record_get_direction(w->session);
285 return el_job_setemode(w, wr ? EL_WRITING : EL_READING);
287 EL_JOB_CHECK(el_job_setemode(w, w->mode));
289 nr = write(w->fd, buf->data, buf->len);
290 if (nr < 0 && (errno == EINTR || errno == EAGAIN))
294 return el_job_release(w, EL_RDHUP);
295 buffer_splice(buf, 0, nr, NULL, 0);
301 pthread_mutex_lock(&mx);
306 pthread_mutex_unlock(&mx);
309 int el_dispatch(int timeout)
311 struct epoll_event events[FD_SETSIZE];
312 int count = epoll_wait(epollfd, events, countof(events), timeout);
315 if (errno == EAGAIN || errno == EINTR)
317 mutt_error("epoll_wait");
318 mutt_exit(EXIT_FAILURE);
322 while (--count >= 0) {
323 job_t *w = events[count].data.ptr;
324 int event = events[count].events;
327 gettimeofday(&w->mru, NULL);
334 if (event & EPOLLRDHUP) {
335 IGNORE(el_job_release(w, EL_RDHUP));
336 } else if (w->mode != w->emode) {
337 IGNORE(w->m->on_event(w, EL_EVT_INOUT ^ w->emode));
341 if (event & EPOLLOUT)
343 IGNORE(w->m->on_event(w, evt));
348 IGNORE(el_job_release(w, EL_ERROR));
357 static void *el_loop(void *data)
359 time_t sec = time(NULL);
365 pthread_testcancel();
367 gettimeofday(&now, NULL);
368 if (sec >= now.tv_sec)
374 for (int i = jobs.len - 1; i >= 0; --i) {
375 job_t *w = jobs.arr[i];
376 if (timercmp(&now, &w->mru, >)) {
377 IGNORE(w->m->on_event(w, EL_EVT_WAKEUP));
384 void el_initialize(void)
386 pthread_mutexattr_t attr;
388 pthread_mutexattr_init(&attr);
389 pthread_mutexattr_settype(&attr, PTHREAD_MUTEX_RECURSIVE_NP);
390 pthread_mutex_init(&mx, &attr);
391 pthread_mutexattr_destroy(&attr);
393 gnutls_global_init();
394 epollfd = epoll_create(1024);
396 mutt_error("epoll_create");
397 mutt_exit(EXIT_FAILURE);
399 job_array_init(&jobs);
400 pthread_create(&el_thread, NULL, &el_loop, NULL);
403 void el_shutdown(void)
405 pthread_cancel(el_thread);
406 pthread_join(el_thread, NULL);
407 job_array_wipe(&jobs);
409 gnutls_global_deinit();
410 pthread_mutex_destroy(&mx);