Re: Hi, bug report/feature request

Thu, 04 Oct 2007 10:54:43 -0700 

On 4-Oct-07, at 1:00 PM, Chris Lewis wrote:


Chris Lewis wrote:


Any idea why I'd be getting these:
_convert_to_ssl failed (Could not create SSL socket: Socket operation on non-socket at ./plugins/tls line 158 
[At end of _convert_to_ssl(), I'm logging $@ if it's non-null]
I've confirmed, this is only happening in qpsmtpd-async. It works fine in forkservers. 

Hey Matt! ;-)


Yeah, plugins/tls wasn't written for -async... Try this patch:

Index: plugins/tls
===================================================================
--- plugins/tls (revision 805)
+++ plugins/tls (working copy)
@@ -150,7 +150,7 @@
     return DECLINED unless $local_port == 465; # SMTPS

     unless ( _convert_to_ssl($self) ) {
-       return (DENY_DISCONNECT, "Cannot establish SSL session");
+        return (DENY_DISCONNECT, "Cannot establish SSL session");
     }
     $self->log(LOGWARN, "Connected via SMTPS");
     return DECLINED;
@@ -159,6 +159,10 @@
sub _convert_to_ssl {
     my ($self) = @_;
+    if ($self->qp->isa('Qpsmtpd::PollServer')) {
+        return _convert_to_ssl_async($self);
+    }
+
     eval {
         my $tlssocket = IO::Socket::SSL->new_from_fd(
             fileno(STDIN), '+>',
@@ -178,13 +182,44 @@
         $self->connection->notes('tls_enabled', 1);
     };
     if ($@) {
-       return 0;
+        return 0;
     }
     else {
-       return 1;
+        return 1;
     }
}
+sub _convert_to_ssl_async {
+    my ($self) = @_;
+
+    eval {
+        my $tlssocket = IO::Socket::SSL->new_from_fd(
+            fileno($self->qp->sock), '+>',
+            SSL_use_cert => 1,
+            SSL_cert_file => $self->tls_cert,
+            SSL_key_file => $self->tls_key,
+            SSL_ca_file => $self->tls_ca,
+            SSL_cipher_list => $self->tls_ciphers,
+            SSL_server => 1,
+            SSL_reuse_ctx => $self->ssl_context,
+        ) or die "Could not create SSL socket: $!";
+
+        # Clone connection object (without data received from client)
+        $self->qp->connection($self->connection->clone());
+        $self->qp->reset_transaction;
+ $self->qp->{sock} = $self->connection->notes('tls_socket', $tlssocket); 
+        $self->qp->{fd} = fileno($tlssocket);
+        $self->qp->watch_read();
+        $self->connection->notes('tls_enabled', 1);
+    };
+    if ($@) {
+        return 0;
+    }
+    else {
+        return 1;
+    }
+}
+
sub can_do_tls {
     my ($self) = @_;
     $self->tls_cert && -r $self->tls_cert;



______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email ______________________________________________________________________

Reply via email to