(void) close(fds[1]);
if ( (dup2(fds[0],0) == -1) || (dup2(fds[0],1) == -1) ) {
report(stderr, GT_("dup2 failed\n"));
- exit(1);
+ _exit(EXIT_FAILURE);
}
/* fds[0] is now connected to 0 and 1; close it */
(void) close(fds[0]);
argvec = parse_plugin(plugin,host,service);
execvp(*argvec, argvec);
report(stderr, GT_("execvp(%s) failed\n"), *argvec);
- exit(0);
+ _exit(EXIT_FAILURE);
break;
default: /* parent */
/* NOP */
return fds[1];
}
+/** Set socket to SO_KEEPALIVE. \return 0 for success. */
+int SockKeepalive(int sock) {
+ int keepalive = 1;
+ return setsockopt(sock, SOL_SOCKET, SO_KEEPALIVE, &keepalive, sizeof keepalive);
+}
+
int UnixOpen(const char *path)
{
int sock = -1;
return -1;
}
- /* Socket opened saved. Usefull if connect timeout
- * because it can be closed.
- */
- mailserver_socket_temp = sock;
-
- if (connect(sock, (struct sockaddr *) &ad, sizeof(ad)) < 0)
+ /* Socket opened saved. Useful if connect timeout
+ * because it can be closed.
+ */
+ mailserver_socket_temp = sock;
+
+ if (connect(sock, (struct sockaddr *) &ad, sizeof(ad)) < 0)
{
int olderr = errno;
fm_close(sock); /* don't use SockClose, no traffic yet */
errno = olderr;
sock = -1;
}
-
- /* No connect timeout, then no need to set mailserver_socket_temp */
- mailserver_socket_temp = -1;
+
+ /* No connect timeout, then no need to set mailserver_socket_temp */
+ mailserver_socket_temp = -1;
return sock;
}
continue;
}
+ SockTimeout(i, mytimeout);
+ SockKeepalive(i);
+
/* Save socket descriptor.
* Used to close the socket after connect timeout. */
mailserver_socket_temp = i;
return i;
}
-
int SockPrintf(int sock, const char* format, ...)
{
va_list ap;
/* OK... SSL_peek works a little different from MSG_PEEK
Problem is that SSL_peek can return 0 if there
is no data currently available. If, on the other
- hand, we loose the socket, we also get a zero, but
+ hand, we lose the socket, we also get a zero, but
the SSL_read then SEGFAULTS! To deal with this,
we'll check the error code any time we get a return
of zero from SSL_peek. If we have an error, we bail.
/* Make sure a connection referring to an older context is not left */
_ssl_context[sock] = NULL;
if(myproto) {
- if(!strcasecmp("ssl2",myproto)) {
- _ctx[sock] = SSL_CTX_new(SSLv2_client_method());
- } else if(!strcasecmp("ssl3",myproto)) {
+ if(!strcasecmp("ssl3",myproto)) {
_ctx[sock] = SSL_CTX_new(SSLv3_client_method());
} else if(!strcasecmp("tls1",myproto)) {
_ctx[sock] = SSL_CTX_new(TLSv1_client_method());
} else if (!strcasecmp("ssl23",myproto)) {
myproto = NULL;
} else {
- fprintf(stderr,GT_("Invalid SSL protocol '%s' specified, using default (SSLv23).\n"), myproto);
+ fprintf(stderr,GT_("Invalid SSL protocol '%s' specified, using default (SSL23).\n"), myproto);
myproto = NULL;
}
}
return(-1);
}
- SSL_CTX_set_options(_ctx[sock], SSL_OP_ALL);
+ SSL_CTX_set_options(_ctx[sock], SSL_OP_ALL | SSL_OP_NO_SSLv2);
if (certck) {
SSL_CTX_set_verify(_ctx[sock], SSL_VERIFY_PEER, SSL_ck_verify_callback);
return count;
}
#endif /* __CYGWIN__ */
-
-#ifdef MAIN
-/*
- * Use the chargen service to test input buffering directly.
- * You may have to uncomment the `chargen' service description in your
- * inetd.conf (and then SIGHUP inetd) for this to work. */
-main()
-{
- int sock = SockOpen("localhost", "chargen", NULL);
- char buf[80];
-
- while (SockRead(sock, buf, sizeof(buf)-1))
- SockWrite(1, buf, strlen(buf));
- SockClose(sock);
-}
-#endif /* MAIN */
-
-/* socket.c ends here */