1 /*************************************************
2 * Exim - an Internet mail transport agent *
3 *************************************************/
4
5 /* Copyright (c) Jeremy Harris 1995 - 2020 */
6 /* See the file NOTICE for conditions of use and distribution. */
7
8 /* This file provides an Exim authenticator driver for
9 a server to verify a client SSL certificate
10 */
11
12
13 #include "../exim.h"
14 #include "tls.h"
15
16 /* Options specific to the tls authentication mechanism. */
17
18 optionlist auth_tls_options[] = {
19 { "server_param", opt_stringptr,
20 OPT_OFF(auth_tls_options_block, server_param1) },
21 { "server_param1", opt_stringptr,
22 OPT_OFF(auth_tls_options_block, server_param1) },
23 { "server_param2", opt_stringptr,
24 OPT_OFF(auth_tls_options_block, server_param2) },
25 { "server_param3", opt_stringptr,
26 OPT_OFF(auth_tls_options_block, server_param3) },
27 };
28
29 /* Size of the options list. An extern variable has to be used so that its
30 address can appear in the tables drtables.c. */
31
32 int auth_tls_options_count = nelem(auth_tls_options);
33
34 /* Default private options block for the authentication method. */
35
36 auth_tls_options_block auth_tls_option_defaults = {
37 NULL, /* server_param1 */
38 NULL, /* server_param2 */
39 NULL, /* server_param3 */
40 };
41
42
43 #ifdef MACRO_PREDEF
44
45 /* Dummy values */
auth_tls_init(auth_instance * ablock)46 void auth_tls_init(auth_instance *ablock) {}
auth_tls_server(auth_instance * ablock,uschar * data)47 int auth_tls_server(auth_instance *ablock, uschar *data) {return 0;}
auth_tls_client(auth_instance * ablock,void * sx,int timeout,uschar * buffer,int buffsize)48 int auth_tls_client(auth_instance *ablock, void * sx,
49 int timeout, uschar *buffer, int buffsize) {return 0;}
50
51 #else /*!MACRO_PREDEF*/
52
53
54
55
56 /*************************************************
57 * Initialization entry point *
58 *************************************************/
59
60 /* Called for each instance, after its options have been read, to
61 enable consistency checks to be done, or anything else that needs
62 to be set up. */
63
64 void
auth_tls_init(auth_instance * ablock)65 auth_tls_init(auth_instance *ablock)
66 {
67 ablock->public_name = ablock->name; /* needed for core code */
68 }
69
70
71
72 /*************************************************
73 * Server entry point *
74 *************************************************/
75
76 /* For interface, see auths/README */
77
78 int
auth_tls_server(auth_instance * ablock,uschar * data)79 auth_tls_server(auth_instance *ablock, uschar *data)
80 {
81 auth_tls_options_block * ob = (auth_tls_options_block *)ablock->options_block;
82
83 if (ob->server_param1)
84 auth_vars[expand_nmax++] = expand_string(ob->server_param1);
85 if (ob->server_param2)
86 auth_vars[expand_nmax++] = expand_string(ob->server_param2);
87 if (ob->server_param3)
88 auth_vars[expand_nmax++] = expand_string(ob->server_param3);
89 return auth_check_serv_cond(ablock);
90 }
91
92
93 #endif /*!MACRO_PREDEF*/
94 /* End of tls.c */
95