Dr. Stephen Henson wrote: > On Wed, Feb 21, 2007, Lutz Jaenicke wrote: > > >> Goetz Babin-Ebell wrote: >> >>> Lutz Jaenicke wrote: >>> >>>> Goetz Babin-Ebell wrote: >>>> >>> [...] >>> >>>>> * in SMTP doing a STARTTLS without previous EHLO >>>>> will return a >>>>> 503 STARTTLS command used when not advertised >>>>> * in IMAP doing a STARTLS requires a >>>>> . CAPABILITY >>>>> first. >>>>> >>>>> In both cases the server response should be parsed for >>>>> the string "STARTTLS"... >>>>> >>>>> >>>> This statement is technically correct. As the s_client tool is however >>>> intended for testing purposes only (you remember that a capital >>>> "R" at the beginning of the line will start a renegotiation instead >>>> of being transferred to the server :-) adding the EHLO and .CAPABILITY >>>> should be sufficient and the more complex parsing of the response >>>> might be omitted... >>>> >>> Do you want something like the attached patch ? >>> (untested, I'm off to bed...) >>> >>> >> Yes, something like this. I have applied your patch to 0.9.8 and -dev... and >> was just going to write "thank you" when I discovered that it does not work. >> As I just noted BIO_read() does not work "line by line" but on the message >> coming in. This message is the complete multi-line response and it has >> to be parsed in a different way as attached as a crude hack. >> >> No: BIO_gets() does not work on here (not supported on "connect BIO". >> >> > > Note that adding a buffering BIO to the chain is a simple way to fix this. >
Yes. I get your point :-) Best regards, Lutz
Index: apps/s_client.c =================================================================== RCS file: /e/openssl/cvs/openssl/apps/s_client.c,v retrieving revision 1.76.2.7 diff -u -r1.76.2.7 s_client.c --- apps/s_client.c 21 Feb 2007 18:20:33 -0000 1.76.2.7 +++ apps/s_client.c 21 Feb 2007 19:55:21 -0000 @@ -736,22 +736,28 @@ if (starttls_proto == PROTO_SMTP) { int foundit=0; + BIO *fbio = BIO_new(BIO_f_buffer()); + BIO_push(fbio, sbio); /* wait for multi-line response to end from SMTP */ do { - mbuf_len = BIO_read(sbio,mbuf,BUFSIZZ); + mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ); } while (mbuf_len>3 && mbuf[3]=='-'); /* STARTTLS command requires EHLO... */ - BIO_printf(sbio,"EHLO openssl.client.net\r\n"); + BIO_printf(fbio,"EHLO openssl.client.net\r\n"); + BIO_flush(fbio); /* wait for multi-line response to end EHLO SMTP response */ do { - mbuf_len = BIO_read(sbio,mbuf,BUFSIZZ); + mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ); if (strstr(mbuf,"STARTTLS")) foundit=1; } while (mbuf_len>3 && mbuf[3]=='-'); + BIO_flush(fbio); + BIO_pop(fbio); + BIO_free(fbio); if (!foundit) BIO_printf(bio_err, "didn't found starttls in server response,"