Dr. Stephen Henson wrote:
> On Wed, Feb 21, 2007, Lutz Jaenicke wrote:
>
>
>> Goetz Babin-Ebell wrote:
>>
>>> Lutz Jaenicke wrote:
>>>
>>>> Goetz Babin-Ebell wrote:
>>>>
>>> [...]
>>>
>>>>> * in SMTP doing a STARTTLS without previous EHLO
>>>>> will return a
>>>>> 503 STARTTLS command used when not advertised
>>>>> * in IMAP doing a STARTLS requires a
>>>>> . CAPABILITY
>>>>> first.
>>>>>
>>>>> In both cases the server response should be parsed for
>>>>> the string "STARTTLS"...
>>>>>
>>>>>
>>>> This statement is technically correct. As the s_client tool is however
>>>> intended for testing purposes only (you remember that a capital
>>>> "R" at the beginning of the line will start a renegotiation instead
>>>> of being transferred to the server :-) adding the EHLO and .CAPABILITY
>>>> should be sufficient and the more complex parsing of the response
>>>> might be omitted...
>>>>
>>> Do you want something like the attached patch ?
>>> (untested, I'm off to bed...)
>>>
>>>
>> Yes, something like this. I have applied your patch to 0.9.8 and -dev... and
>> was just going to write "thank you" when I discovered that it does not work.
>> As I just noted BIO_read() does not work "line by line" but on the message
>> coming in. This message is the complete multi-line response and it has
>> to be parsed in a different way as attached as a crude hack.
>>
>> No: BIO_gets() does not work on here (not supported on "connect BIO".
>>
>>
>
> Note that adding a buffering BIO to the chain is a simple way to fix this.
>
Yes. I get your point :-)
Best regards,
Lutz
Index: apps/s_client.c
===================================================================
RCS file: /e/openssl/cvs/openssl/apps/s_client.c,v
retrieving revision 1.76.2.7
diff -u -r1.76.2.7 s_client.c
--- apps/s_client.c 21 Feb 2007 18:20:33 -0000 1.76.2.7
+++ apps/s_client.c 21 Feb 2007 19:55:21 -0000
@@ -736,22 +736,28 @@
if (starttls_proto == PROTO_SMTP)
{
int foundit=0;
+ BIO *fbio = BIO_new(BIO_f_buffer());
+ BIO_push(fbio, sbio);
/* wait for multi-line response to end from SMTP */
do
{
- mbuf_len = BIO_read(sbio,mbuf,BUFSIZZ);
+ mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ);
}
while (mbuf_len>3 && mbuf[3]=='-');
/* STARTTLS command requires EHLO... */
- BIO_printf(sbio,"EHLO openssl.client.net\r\n");
+ BIO_printf(fbio,"EHLO openssl.client.net\r\n");
+ BIO_flush(fbio);
/* wait for multi-line response to end EHLO SMTP response */
do
{
- mbuf_len = BIO_read(sbio,mbuf,BUFSIZZ);
+ mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ);
if (strstr(mbuf,"STARTTLS"))
foundit=1;
}
while (mbuf_len>3 && mbuf[3]=='-');
+ BIO_flush(fbio);
+ BIO_pop(fbio);
+ BIO_free(fbio);
if (!foundit)
BIO_printf(bio_err,
"didn't found starttls in server response,"
