]> git.ipfire.org Git - thirdparty/git.git/blame_incremental - imap-send.c
projects / thirdparty / git.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
The sixth batch
[thirdparty/git.git] / imap-send.c
... / ...
CommitLineData
1/*
2 * git-imap-send - drops patches into an imap Drafts folder
3 * derived from isync/mbsync - mailbox synchronizer
4 *
5 * Copyright (C) 2000-2002 Michael R. Elkins <me@mutt.org>
6 * Copyright (C) 2002-2004 Oswald Buddenhagen <ossi@users.sf.net>
7 * Copyright (C) 2004 Theodore Y. Ts'o <tytso@mit.edu>
8 * Copyright (C) 2006 Mike McCormack
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
19 *
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, see <https://www.gnu.org/licenses/>.
22 */
23
24#define USE_THE_REPOSITORY_VARIABLE
25#define DISABLE_SIGN_COMPARE_WARNINGS
26
27#include "git-compat-util.h"
28#include "advice.h"
29#include "config.h"
30#include "credential.h"
31#include "gettext.h"
32#include "run-command.h"
33#include "parse-options.h"
34#include "setup.h"
35#include "strbuf.h"
36#ifdef USE_CURL_FOR_IMAP_SEND
37#include "http.h"
38#endif
39
40#if defined(USE_CURL_FOR_IMAP_SEND)
41/* Always default to curl if it's available. */
42#define USE_CURL_DEFAULT 1
43#else
44/* We don't have curl, so continue to use the historical implementation */
45#define USE_CURL_DEFAULT 0
46#endif
47
48static int verbosity;
49static int list_folders;
50static int use_curl = USE_CURL_DEFAULT;
51static char *opt_folder;
52
53static char const * const imap_send_usage[] = {
54 N_("git imap-send [-v] [-q] [--[no-]curl] [(--folder|-f) <folder>] < <mbox>"),
55 "git imap-send --list",
56 NULL
57};
58
59static struct option imap_send_options[] = {
60 OPT__VERBOSITY(&verbosity),
61 OPT_BOOL(0, "curl", &use_curl, "use libcurl to communicate with the IMAP server"),
62 OPT_STRING('f', "folder", &opt_folder, "folder", "specify the IMAP folder"),
63 OPT_BOOL(0, "list", &list_folders, "list all folders on the IMAP server"),
64 OPT_END()
65};
66
67#undef DRV_OK
68#define DRV_OK 0
69#define DRV_MSG_BAD -1
70#define DRV_BOX_BAD -2
71#define DRV_STORE_BAD -3
72
73__attribute__((format (printf, 1, 2)))
74static void imap_info(const char *, ...);
75__attribute__((format (printf, 1, 2)))
76static void imap_warn(const char *, ...);
77
78static char *next_arg(char **);
79
80struct imap_server_conf {
81 char *tunnel;
82 char *host;
83 int port;
84 char *folder;
85 char *user;
86 char *pass;
87 int use_ssl;
88 int ssl_verify;
89 int use_html;
90 char *auth_method;
91};
92
93struct imap_socket {
94 int fd[2];
95#if defined(NO_OPENSSL) && !defined(HAVE_OPENSSL_CSPRNG)
96 void *ssl;
97#else
98 SSL *ssl;
99#endif
100};
101
102struct imap_buffer {
103 struct imap_socket sock;
104 int bytes;
105 int offset;
106 char buf[1024];
107};
108
109struct imap_cmd;
110
111struct imap {
112 int uidnext; /* from SELECT responses */
113 unsigned caps, rcaps; /* CAPABILITY results */
114 /* command queue */
115 int nexttag, num_in_progress, literal_pending;
116 struct imap_cmd *in_progress, **in_progress_append;
117 struct imap_buffer buf; /* this is BIG, so put it last */
118};
119
120struct imap_store {
121 const struct imap_server_conf *cfg;
122 /* currently open mailbox */
123 const char *name; /* foreign! maybe preset? */
124 int uidvalidity;
125 struct imap *imap;
126 const char *prefix;
127};
128
129struct imap_cmd_cb {
130 int (*cont)(struct imap_store *ctx, const char *prompt);
131 void *ctx;
132 char *data;
133 int dlen;
134};
135
136struct imap_cmd {
137 struct imap_cmd *next;
138 struct imap_cmd_cb cb;
139 char *cmd;
140 int tag;
141};
142
143#define CAP(cap) (imap->caps & (1 << (cap)))
144
145enum CAPABILITY {
146 NOLOGIN = 0,
147 UIDPLUS,
148 LITERALPLUS,
149 NAMESPACE,
150 STARTTLS,
151 AUTH_PLAIN,
152 AUTH_CRAM_MD5,
153 AUTH_OAUTHBEARER,
154 AUTH_XOAUTH2,
155};
156
157static const char *cap_list[] = {
158 "LOGINDISABLED",
159 "UIDPLUS",
160 "LITERAL+",
161 "NAMESPACE",
162 "STARTTLS",
163 "AUTH=PLAIN",
164 "AUTH=CRAM-MD5",
165 "AUTH=OAUTHBEARER",
166 "AUTH=XOAUTH2",
167};
168
169#define RESP_OK 0
170#define RESP_NO 1
171#define RESP_BAD 2
172
173static int get_cmd_result(struct imap_store *ctx, struct imap_cmd *tcmd);
174
175
176#ifndef NO_OPENSSL
177static void ssl_socket_perror(const char *func)
178{
179 fprintf(stderr, "%s: %s\n", func, ERR_error_string(ERR_get_error(), NULL));
180}
181#endif
182
183static void socket_perror(const char *func, struct imap_socket *sock, int ret)
184{
185#ifndef NO_OPENSSL
186 if (sock->ssl) {
187 int sslerr = SSL_get_error(sock->ssl, ret);
188 switch (sslerr) {
189 case SSL_ERROR_NONE:
190 break;
191 case SSL_ERROR_SYSCALL:
192 perror("SSL_connect");
193 break;
194 default:
195 ssl_socket_perror("SSL_connect");
196 break;
197 }
198 } else
199#endif
200 {
201 if (ret < 0)
202 perror(func);
203 else
204 fprintf(stderr, "%s: unexpected EOF\n", func);
205 }
206 /* mark as used to appease -Wunused-parameter with NO_OPENSSL */
207 (void)sock;
208}
209
210#ifdef NO_OPENSSL
211static int ssl_socket_connect(struct imap_socket *sock UNUSED,
212 const struct imap_server_conf *cfg UNUSED,
213 int use_tls_only UNUSED)
214{
215 fprintf(stderr, "SSL requested, but SSL support is not compiled in\n");
216 return -1;
217}
218
219#else
220
221static int host_matches(const char *host, const char *pattern)
222{
223 if (pattern[0] == '*' && pattern[1] == '.') {
224 pattern += 2;
225 if (!(host = strchr(host, '.')))
226 return 0;
227 host++;
228 }
229
230 return *host && *pattern && !strcasecmp(host, pattern);
231}
232
233static int verify_hostname(X509 *cert, const char *hostname)
234{
235 int len;
236 X509_NAME *subj;
237 char cname[1000];
238 int i, found;
239 STACK_OF(GENERAL_NAME) *subj_alt_names;
240
241 /* try the DNS subjectAltNames */
242 found = 0;
243 if ((subj_alt_names = X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL))) {
244 int num_subj_alt_names = sk_GENERAL_NAME_num(subj_alt_names);
245 for (i = 0; !found && i < num_subj_alt_names; i++) {
246 GENERAL_NAME *subj_alt_name = sk_GENERAL_NAME_value(subj_alt_names, i);
247 if (subj_alt_name->type == GEN_DNS &&
248 strlen((const char *)subj_alt_name->d.ia5->data) == (size_t)subj_alt_name->d.ia5->length &&
249 host_matches(hostname, (const char *)(subj_alt_name->d.ia5->data)))
250 found = 1;
251 }
252 sk_GENERAL_NAME_pop_free(subj_alt_names, GENERAL_NAME_free);
253 }
254 if (found)
255 return 0;
256
257 /* try the common name */
258 if (!(subj = X509_get_subject_name(cert)))
259 return error("cannot get certificate subject");
260 if ((len = X509_NAME_get_text_by_NID(subj, NID_commonName, cname, sizeof(cname))) < 0)
261 return error("cannot get certificate common name");
262 if (strlen(cname) == (size_t)len && host_matches(hostname, cname))
263 return 0;
264 return error("certificate owner '%s' does not match hostname '%s'",
265 cname, hostname);
266}
267
268static int ssl_socket_connect(struct imap_socket *sock,
269 const struct imap_server_conf *cfg,
270 int use_tls_only)
271{
272#if (OPENSSL_VERSION_NUMBER >= 0x10000000L)
273 const SSL_METHOD *meth;
274#else
275 SSL_METHOD *meth;
276#endif
277 SSL_CTX *ctx;
278 int ret;
279 X509 *cert;
280
281 SSL_library_init();
282 SSL_load_error_strings();
283
284 meth = SSLv23_method();
285 if (!meth) {
286 ssl_socket_perror("SSLv23_method");
287 return -1;
288 }
289
290 ctx = SSL_CTX_new(meth);
291 if (!ctx) {
292 ssl_socket_perror("SSL_CTX_new");
293 return -1;
294 }
295
296 if (use_tls_only)
297 SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
298
299 if (cfg->ssl_verify)
300 SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL);
301
302 if (!SSL_CTX_set_default_verify_paths(ctx)) {
303 ssl_socket_perror("SSL_CTX_set_default_verify_paths");
304 return -1;
305 }
306 sock->ssl = SSL_new(ctx);
307 if (!sock->ssl) {
308 ssl_socket_perror("SSL_new");
309 return -1;
310 }
311 if (!SSL_set_rfd(sock->ssl, sock->fd[0])) {
312 ssl_socket_perror("SSL_set_rfd");
313 return -1;
314 }
315 if (!SSL_set_wfd(sock->ssl, sock->fd[1])) {
316 ssl_socket_perror("SSL_set_wfd");
317 return -1;
318 }
319
320#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
321 /*
322 * SNI (RFC4366)
323 * OpenSSL does not document this function, but the implementation
324 * returns 1 on success, 0 on failure after calling SSLerr().
325 */
326 ret = SSL_set_tlsext_host_name(sock->ssl, cfg->host);
327 if (ret != 1)
328 warning("SSL_set_tlsext_host_name(%s) failed.", cfg->host);
329#endif
330
331 ret = SSL_connect(sock->ssl);
332 if (ret <= 0) {
333 socket_perror("SSL_connect", sock, ret);
334 return -1;
335 }
336
337 if (cfg->ssl_verify) {
338 /* make sure the hostname matches that of the certificate */
339 cert = SSL_get_peer_certificate(sock->ssl);
340 if (!cert)
341 return error("unable to get peer certificate.");
342 if (SSL_get_verify_result(sock->ssl) != X509_V_OK)
343 return error("unable to verify peer certificate");
344 if (verify_hostname(cert, cfg->host) < 0)
345 return -1;
346 }
347
348 return 0;
349}
350#endif
351
352static int socket_read(struct imap_socket *sock, char *buf, int len)
353{
354 ssize_t n;
355#ifndef NO_OPENSSL
356 if (sock->ssl)
357 n = SSL_read(sock->ssl, buf, len);
358 else
359#endif
360 n = xread(sock->fd[0], buf, len);
361 if (n <= 0) {
362 socket_perror("read", sock, n);
363 close(sock->fd[0]);
364 close(sock->fd[1]);
365 sock->fd[0] = sock->fd[1] = -1;
366 }
367 return n;
368}
369
370static int socket_write(struct imap_socket *sock, const char *buf, int len)
371{
372 int n;
373#ifndef NO_OPENSSL
374 if (sock->ssl)
375 n = SSL_write(sock->ssl, buf, len);
376 else
377#endif
378 n = write_in_full(sock->fd[1], buf, len);
379 if (n != len) {
380 socket_perror("write", sock, n);
381 close(sock->fd[0]);
382 close(sock->fd[1]);
383 sock->fd[0] = sock->fd[1] = -1;
384 }
385 return n;
386}
387
388static void socket_shutdown(struct imap_socket *sock)
389{
390#ifndef NO_OPENSSL
391 if (sock->ssl) {
392 SSL_shutdown(sock->ssl);
393 SSL_free(sock->ssl);
394 }
395#endif
396 close(sock->fd[0]);
397 close(sock->fd[1]);
398}
399
400/* simple line buffering */
401static int buffer_gets(struct imap_buffer *b, char **s)
402{
403 int n;
404 int start = b->offset;
405
406 *s = b->buf + start;
407
408 for (;;) {
409 /* make sure we have enough data to read the \r\n sequence */
410 if (b->offset + 1 >= b->bytes) {
411 if (start) {
412 /* shift down used bytes */
413 *s = b->buf;
414
415 assert(start <= b->bytes);
416 n = b->bytes - start;
417
418 if (n)
419 memmove(b->buf, b->buf + start, n);
420 b->offset -= start;
421 b->bytes = n;
422 start = 0;
423 }
424
425 n = socket_read(&b->sock, b->buf + b->bytes,
426 sizeof(b->buf) - b->bytes);
427
428 if (n <= 0)
429 return -1;
430
431 b->bytes += n;
432 }
433
434 if (b->buf[b->offset] == '\r') {
435 assert(b->offset + 1 < b->bytes);
436 if (b->buf[b->offset + 1] == '\n') {
437 b->buf[b->offset] = 0; /* terminate the string */
438 b->offset += 2; /* next line */
439 if ((0 < verbosity) || (list_folders && strstr(*s, "* LIST")))
440 puts(*s);
441 return 0;
442 }
443 }
444
445 b->offset++;
446 }
447 /* not reached */
448}
449
450__attribute__((format (printf, 1, 2)))
451static void imap_info(const char *msg, ...)
452{
453 va_list va;
454
455 if (0 <= verbosity) {
456 va_start(va, msg);
457 vprintf(msg, va);
458 va_end(va);
459 fflush(stdout);
460 }
461}
462
463__attribute__((format (printf, 1, 2)))
464static void imap_warn(const char *msg, ...)
465{
466 va_list va;
467
468 if (-2 < verbosity) {
469 va_start(va, msg);
470 vfprintf(stderr, msg, va);
471 va_end(va);
472 }
473}
474
475static char *next_arg(char **s)
476{
477 char *ret;
478
479 if (!s || !*s)
480 return NULL;
481 while (isspace((unsigned char) **s))
482 (*s)++;
483 if (!**s) {
484 *s = NULL;
485 return NULL;
486 }
487 if (**s == '"') {
488 ++*s;
489 ret = *s;
490 *s = strchr(*s, '"');
491 } else {
492 ret = *s;
493 while (**s && !isspace((unsigned char) **s))
494 (*s)++;
495 }
496 if (*s) {
497 if (**s)
498 *(*s)++ = 0;
499 if (!**s)
500 *s = NULL;
501 }
502 return ret;
503}
504
505static struct imap_cmd *issue_imap_cmd(struct imap_store *ctx,
506 struct imap_cmd_cb *cb,
507 const char *fmt, va_list ap)
508{
509 struct imap *imap = ctx->imap;
510 struct imap_cmd *cmd;
511 int n;
512 struct strbuf buf = STRBUF_INIT;
513
514 cmd = xmalloc(sizeof(struct imap_cmd));
515 cmd->cmd = xstrvfmt(fmt, ap);
516 cmd->tag = ++imap->nexttag;
517
518 if (cb)
519 cmd->cb = *cb;
520 else
521 memset(&cmd->cb, 0, sizeof(cmd->cb));
522
523 while (imap->literal_pending)
524 get_cmd_result(ctx, NULL);
525
526 if (!cmd->cb.data)
527 strbuf_addf(&buf, "%d %s\r\n", cmd->tag, cmd->cmd);
528 else
529 strbuf_addf(&buf, "%d %s{%d%s}\r\n", cmd->tag, cmd->cmd,
530 cmd->cb.dlen, CAP(LITERALPLUS) ? "+" : "");
531 if (buf.len > INT_MAX)
532 die("imap command overflow!");
533
534 if (0 < verbosity) {
535 if (imap->num_in_progress)
536 printf("(%d in progress) ", imap->num_in_progress);
537 if (!starts_with(cmd->cmd, "LOGIN"))
538 printf(">>> %s", buf.buf);
539 else
540 printf(">>> %d LOGIN <user> <pass>\n", cmd->tag);
541 }
542 if (socket_write(&imap->buf.sock, buf.buf, buf.len) != buf.len) {
543 free(cmd->cmd);
544 free(cmd);
545 if (cb)
546 free(cb->data);
547 strbuf_release(&buf);
548 return NULL;
549 }
550 strbuf_release(&buf);
551 if (cmd->cb.data) {
552 if (CAP(LITERALPLUS)) {
553 n = socket_write(&imap->buf.sock, cmd->cb.data, cmd->cb.dlen);
554 free(cmd->cb.data);
555 if (n != cmd->cb.dlen ||
556 socket_write(&imap->buf.sock, "\r\n", 2) != 2) {
557 free(cmd->cmd);
558 free(cmd);
559 return NULL;
560 }
561 cmd->cb.data = NULL;
562 } else
563 imap->literal_pending = 1;
564 } else if (cmd->cb.cont)
565 imap->literal_pending = 1;
566 cmd->next = NULL;
567 *imap->in_progress_append = cmd;
568 imap->in_progress_append = &cmd->next;
569 imap->num_in_progress++;
570 return cmd;
571}
572
573__attribute__((format (printf, 3, 4)))
574static int imap_exec(struct imap_store *ctx, struct imap_cmd_cb *cb,
575 const char *fmt, ...)
576{
577 va_list ap;
578 struct imap_cmd *cmdp;
579
580 va_start(ap, fmt);
581 cmdp = issue_imap_cmd(ctx, cb, fmt, ap);
582 va_end(ap);
583 if (!cmdp)
584 return RESP_BAD;
585
586 return get_cmd_result(ctx, cmdp);
587}
588
589__attribute__((format (printf, 3, 4)))
590static int imap_exec_m(struct imap_store *ctx, struct imap_cmd_cb *cb,
591 const char *fmt, ...)
592{
593 va_list ap;
594 struct imap_cmd *cmdp;
595
596 va_start(ap, fmt);
597 cmdp = issue_imap_cmd(ctx, cb, fmt, ap);
598 va_end(ap);
599 if (!cmdp)
600 return DRV_STORE_BAD;
601
602 switch (get_cmd_result(ctx, cmdp)) {
603 case RESP_BAD: return DRV_STORE_BAD;
604 case RESP_NO: return DRV_MSG_BAD;
605 default: return DRV_OK;
606 }
607}
608
609static int skip_imap_list_l(char **sp, int level)
610{
611 char *s = *sp;
612
613 for (;;) {
614 while (isspace((unsigned char)*s))
615 s++;
616 if (level && *s == ')') {
617 s++;
618 break;
619 }
620 if (*s == '(') {
621 /* sublist */
622 s++;
623 if (skip_imap_list_l(&s, level + 1))
624 goto bail;
625 } else if (*s == '"') {
626 /* quoted string */
627 s++;
628 for (; *s != '"'; s++)
629 if (!*s)
630 goto bail;
631 s++;
632 } else {
633 /* atom */
634 for (; *s && !isspace((unsigned char)*s); s++)
635 if (level && *s == ')')
636 break;
637 }
638
639 if (!level)
640 break;
641 if (!*s)
642 goto bail;
643 }
644 *sp = s;
645 return 0;
646
647bail:
648 return -1;
649}
650
651static void skip_list(char **sp)
652{
653 skip_imap_list_l(sp, 0);
654}
655
656static void parse_capability(struct imap *imap, char *cmd)
657{
658 char *arg;
659 unsigned i;
660
661 imap->caps = 0x80000000;
662 while ((arg = next_arg(&cmd)))
663 for (i = 0; i < ARRAY_SIZE(cap_list); i++)
664 if (!strcmp(cap_list[i], arg))
665 imap->caps |= 1 << i;
666 imap->rcaps = imap->caps;
667}
668
669static int parse_response_code(struct imap_store *ctx, struct imap_cmd_cb *cb,
670 char *s)
671{
672 struct imap *imap = ctx->imap;
673 char *arg, *p;
674
675 if (!s || *s != '[')
676 return RESP_OK; /* no response code */
677 s++;
678 if (!(p = strchr(s, ']'))) {
679 fprintf(stderr, "IMAP error: malformed response code\n");
680 return RESP_BAD;
681 }
682 *p++ = 0;
683 arg = next_arg(&s);
684 if (!arg) {
685 fprintf(stderr, "IMAP error: empty response code\n");
686 return RESP_BAD;
687 }
688 if (!strcmp("UIDVALIDITY", arg)) {
689 if (!(arg = next_arg(&s)) || strtol_i(arg, 10, &ctx->uidvalidity) || !ctx->uidvalidity) {
690 fprintf(stderr, "IMAP error: malformed UIDVALIDITY status\n");
691 return RESP_BAD;
692 }
693 } else if (!strcmp("UIDNEXT", arg)) {
694 if (!(arg = next_arg(&s)) || strtol_i(arg, 10, &imap->uidnext) || !imap->uidnext) {
695 fprintf(stderr, "IMAP error: malformed NEXTUID status\n");
696 return RESP_BAD;
697 }
698 } else if (!strcmp("CAPABILITY", arg)) {
699 parse_capability(imap, s);
700 } else if (!strcmp("ALERT", arg)) {
701 /* RFC2060 says that these messages MUST be displayed
702 * to the user
703 */
704 for (; isspace((unsigned char)*p); p++);
705 fprintf(stderr, "*** IMAP ALERT *** %s\n", p);
706 } else if (cb && cb->ctx && !strcmp("APPENDUID", arg)) {
707 if (!(arg = next_arg(&s)) || strtol_i(arg, 10, &ctx->uidvalidity) || !ctx->uidvalidity ||
708 !(arg = next_arg(&s)) || strtol_i(arg, 10, (int *)cb->ctx) || !cb->ctx) {
709 fprintf(stderr, "IMAP error: malformed APPENDUID status\n");
710 return RESP_BAD;
711 }
712 }
713 return RESP_OK;
714}
715
716static int get_cmd_result(struct imap_store *ctx, struct imap_cmd *tcmd)
717{
718 struct imap *imap = ctx->imap;
719 struct imap_cmd *cmdp, **pcmdp;
720 char *cmd;
721 const char *arg, *arg1;
722 int n, resp, resp2, tag;
723
724 for (;;) {
725 if (buffer_gets(&imap->buf, &cmd))
726 return RESP_BAD;
727
728 arg = next_arg(&cmd);
729 if (!arg) {
730 fprintf(stderr, "IMAP error: empty response\n");
731 return RESP_BAD;
732 }
733 if (*arg == '*') {
734 arg = next_arg(&cmd);
735 if (!arg) {
736 fprintf(stderr, "IMAP error: unable to parse untagged response\n");
737 return RESP_BAD;
738 }
739
740 if (!strcmp("NAMESPACE", arg)) {
741 /* rfc2342 NAMESPACE response. */
742 skip_list(&cmd); /* Personal mailboxes */
743 skip_list(&cmd); /* Others' mailboxes */
744 skip_list(&cmd); /* Shared mailboxes */
745 } else if (!strcmp("OK", arg) || !strcmp("BAD", arg) ||
746 !strcmp("NO", arg) || !strcmp("BYE", arg)) {
747 if ((resp = parse_response_code(ctx, NULL, cmd)) != RESP_OK)
748 return resp;
749 } else if (!strcmp("CAPABILITY", arg)) {
750 parse_capability(imap, cmd);
751 } else if ((arg1 = next_arg(&cmd))) {
752 ; /*
753 * Unhandled response-data with at least two words.
754 * Ignore it.
755 *
756 * NEEDSWORK: Previously this case handled '<num> EXISTS'
757 * and '<num> RECENT' but as a probably-unintended side
758 * effect it ignores other unrecognized two-word
759 * responses. imap-send doesn't ever try to read
760 * messages or mailboxes these days, so consider
761 * eliminating this case.
762 */
763 } else {
764 fprintf(stderr, "IMAP error: unable to parse untagged response\n");
765 return RESP_BAD;
766 }
767 } else if (!imap->in_progress) {
768 fprintf(stderr, "IMAP error: unexpected reply: %s %s\n", arg, cmd ? cmd : "");
769 return RESP_BAD;
770 } else if (*arg == '+') {
771 /* This can happen only with the last command underway, as
772 it enforces a round-trip. */
773 cmdp = (struct imap_cmd *)((char *)imap->in_progress_append -
774 offsetof(struct imap_cmd, next));
775 if (cmdp->cb.data) {
776 n = socket_write(&imap->buf.sock, cmdp->cb.data, cmdp->cb.dlen);
777 FREE_AND_NULL(cmdp->cb.data);
778 if (n != (int)cmdp->cb.dlen)
779 return RESP_BAD;
780 } else if (cmdp->cb.cont) {
781 if (cmdp->cb.cont(ctx, cmd))
782 return RESP_BAD;
783 } else {
784 fprintf(stderr, "IMAP error: unexpected command continuation request\n");
785 return RESP_BAD;
786 }
787 if (socket_write(&imap->buf.sock, "\r\n", 2) != 2)
788 return RESP_BAD;
789 if (!cmdp->cb.cont)
790 imap->literal_pending = 0;
791 if (!tcmd)
792 return DRV_OK;
793 } else {
794 if (strtol_i(arg, 10, &tag)) {
795 fprintf(stderr, "IMAP error: malformed tag %s\n", arg);
796 return RESP_BAD;
797 }
798 for (pcmdp = &imap->in_progress; (cmdp = *pcmdp); pcmdp = &cmdp->next)
799 if (cmdp->tag == tag)
800 goto gottag;
801 fprintf(stderr, "IMAP error: unexpected tag %s\n", arg);
802 return RESP_BAD;
803 gottag:
804 if (!(*pcmdp = cmdp->next))
805 imap->in_progress_append = pcmdp;
806 imap->num_in_progress--;
807 if (cmdp->cb.cont || cmdp->cb.data)
808 imap->literal_pending = 0;
809 arg = next_arg(&cmd);
810 if (!arg)
811 arg = "";
812 if (!strcmp("OK", arg))
813 resp = DRV_OK;
814 else {
815 if (!strcmp("NO", arg))
816 resp = RESP_NO;
817 else /*if (!strcmp("BAD", arg))*/
818 resp = RESP_BAD;
819 fprintf(stderr, "IMAP command '%s' returned response (%s) - %s\n",
820 !starts_with(cmdp->cmd, "LOGIN") ?
821 cmdp->cmd : "LOGIN <user> <pass>",
822 arg, cmd ? cmd : "");
823 }
824 if ((resp2 = parse_response_code(ctx, &cmdp->cb, cmd)) > resp)
825 resp = resp2;
826 free(cmdp->cb.data);
827 free(cmdp->cmd);
828 free(cmdp);
829 if (!tcmd || tcmd == cmdp)
830 return resp;
831 }
832 }
833 /* not reached */
834}
835
836static void imap_close_server(struct imap_store *ictx)
837{
838 struct imap *imap = ictx->imap;
839
840 if (imap->buf.sock.fd[0] != -1) {
841 imap_exec(ictx, NULL, "LOGOUT");
842 socket_shutdown(&imap->buf.sock);
843 }
844 free(imap);
845}
846
847static void imap_close_store(struct imap_store *ctx)
848{
849 imap_close_server(ctx);
850 free(ctx);
851}
852
853#ifndef NO_OPENSSL
854
855/*
856 * hexchar() and cram() functions are based on the code from the isync
857 * project (https://isync.sourceforge.io/).
858 */
859static char hexchar(unsigned int b)
860{
861 return b < 10 ? '0' + b : 'a' + (b - 10);
862}
863
864#define ENCODED_SIZE(n) (4 * DIV_ROUND_UP((n), 3))
865static char *plain_base64(const char *user, const char *pass)
866{
867 struct strbuf raw = STRBUF_INIT;
868 int b64_len;
869 char *b64;
870
871 /*
872 * Compose the PLAIN string
873 *
874 * The username and password are combined to one string and base64 encoded.
875 * "\0user\0pass"
876 *
877 * The method has been described in RFC4616.
878 *
879 * https://datatracker.ietf.org/doc/html/rfc4616
880 */
881 strbuf_addch(&raw, '\0');
882 strbuf_addstr(&raw, user);
883 strbuf_addch(&raw, '\0');
884 strbuf_addstr(&raw, pass);
885
886 b64 = xmallocz(ENCODED_SIZE(raw.len));
887 b64_len = EVP_EncodeBlock((unsigned char *)b64, (unsigned char *)raw.buf, raw.len);
888 strbuf_release(&raw);
889
890 if (b64_len < 0) {
891 free(b64);
892 return NULL;
893 }
894 return b64;
895}
896
897static char *cram(const char *challenge_64, const char *user, const char *pass)
898{
899 int i, resp_len, encoded_len, decoded_len;
900 unsigned char hash[16];
901 char hex[33];
902 char *response, *response_64, *challenge;
903
904 /*
905 * length of challenge_64 (i.e. base-64 encoded string) is a good
906 * enough upper bound for challenge (decoded result).
907 */
908 encoded_len = strlen(challenge_64);
909 challenge = xmalloc(encoded_len);
910 decoded_len = EVP_DecodeBlock((unsigned char *)challenge,
911 (unsigned char *)challenge_64, encoded_len);
912 if (decoded_len < 0)
913 die("invalid challenge %s", challenge_64);
914 if (!HMAC(EVP_md5(), pass, strlen(pass), (unsigned char *)challenge, decoded_len, hash, NULL))
915 die("HMAC error");
916
917 hex[32] = 0;
918 for (i = 0; i < 16; i++) {
919 hex[2 * i] = hexchar((hash[i] >> 4) & 0xf);
920 hex[2 * i + 1] = hexchar(hash[i] & 0xf);
921 }
922
923 /* response: "<user> <digest in hex>" */
924 response = xstrfmt("%s %s", user, hex);
925 resp_len = strlen(response);
926
927 response_64 = xmallocz(ENCODED_SIZE(resp_len));
928 encoded_len = EVP_EncodeBlock((unsigned char *)response_64,
929 (unsigned char *)response, resp_len);
930 if (encoded_len < 0)
931 die("EVP_EncodeBlock error");
932 return (char *)response_64;
933}
934
935static char *oauthbearer_base64(const char *user, const char *access_token)
936{
937 int b64_len;
938 char *raw, *b64;
939
940 /*
941 * Compose the OAUTHBEARER string
942 *
943 * "n,a=" {User} ",^Ahost=" {Host} "^Aport=" {Port} "^Aauth=Bearer " {Access Token} "^A^A
944 *
945 * The first part `n,a=" {User} ",` is the gs2 header described in RFC5801.
946 * * gs2-cb-flag `n` -> client does not support CB
947 * * gs2-authzid `a=" {User} "`
948 *
949 * The second part are key value pairs containing host, port and auth as
950 * described in RFC7628.
951 *
952 * https://datatracker.ietf.org/doc/html/rfc5801
953 * https://datatracker.ietf.org/doc/html/rfc7628
954 */
955 raw = xstrfmt("n,a=%s,\001auth=Bearer %s\001\001", user, access_token);
956
957 /* Base64 encode */
958 b64 = xmallocz(ENCODED_SIZE(strlen(raw)));
959 b64_len = EVP_EncodeBlock((unsigned char *)b64, (unsigned char *)raw, strlen(raw));
960 free(raw);
961
962 if (b64_len < 0) {
963 free(b64);
964 return NULL;
965 }
966 return b64;
967}
968
969static char *xoauth2_base64(const char *user, const char *access_token)
970{
971 int b64_len;
972 char *raw, *b64;
973
974 /*
975 * Compose the XOAUTH2 string
976 * "user=" {User} "^Aauth=Bearer " {Access Token} "^A^A"
977 * https://developers.google.com/workspace/gmail/imap/xoauth2-protocol#initial_client_response
978 */
979 raw = xstrfmt("user=%s\001auth=Bearer %s\001\001", user, access_token);
980
981 /* Base64 encode */
982 b64 = xmallocz(ENCODED_SIZE(strlen(raw)));
983 b64_len = EVP_EncodeBlock((unsigned char *)b64, (unsigned char *)raw, strlen(raw));
984 free(raw);
985
986 if (b64_len < 0) {
987 free(b64);
988 return NULL;
989 }
990 return b64;
991}
992
993static int auth_plain(struct imap_store *ctx, const char *prompt UNUSED)
994{
995 int ret;
996 char *b64;
997
998 b64 = plain_base64(ctx->cfg->user, ctx->cfg->pass);
999 if (!b64)
1000 return error("PLAIN: base64 encoding failed");
1001
1002 /* Send the base64-encoded response */
1003 ret = socket_write(&ctx->imap->buf.sock, b64, strlen(b64));
1004 if (ret != (int)strlen(b64)) {
1005 free(b64);
1006 return error("IMAP error: sending PLAIN response failed");
1007 }
1008
1009 free(b64);
1010 return 0;
1011}
1012
1013static int auth_cram_md5(struct imap_store *ctx, const char *prompt)
1014{
1015 int ret;
1016 char *response;
1017
1018 response = cram(prompt, ctx->cfg->user, ctx->cfg->pass);
1019
1020 ret = socket_write(&ctx->imap->buf.sock, response, strlen(response));
1021 if (ret != strlen(response)) {
1022 free(response);
1023 return error("IMAP error: sending CRAM-MD5 response failed");
1024 }
1025
1026 free(response);
1027
1028 return 0;
1029}
1030
1031static int auth_oauthbearer(struct imap_store *ctx, const char *prompt UNUSED)
1032{
1033 int ret;
1034 char *b64;
1035
1036 b64 = oauthbearer_base64(ctx->cfg->user, ctx->cfg->pass);
1037 if (!b64)
1038 return error("OAUTHBEARER: base64 encoding failed");
1039
1040 /* Send the base64-encoded response */
1041 ret = socket_write(&ctx->imap->buf.sock, b64, strlen(b64));
1042 if (ret != (int)strlen(b64)) {
1043 free(b64);
1044 return error("IMAP error: sending OAUTHBEARER response failed");
1045 }
1046
1047 free(b64);
1048 return 0;
1049}
1050
1051static int auth_xoauth2(struct imap_store *ctx, const char *prompt UNUSED)
1052{
1053 int ret;
1054 char *b64;
1055
1056 b64 = xoauth2_base64(ctx->cfg->user, ctx->cfg->pass);
1057 if (!b64)
1058 return error("XOAUTH2: base64 encoding failed");
1059
1060 /* Send the base64-encoded response */
1061 ret = socket_write(&ctx->imap->buf.sock, b64, strlen(b64));
1062 if (ret != (int)strlen(b64)) {
1063 free(b64);
1064 return error("IMAP error: sending XOAUTH2 response failed");
1065 }
1066
1067 free(b64);
1068 return 0;
1069}
1070
1071#else
1072
1073#define auth_plain NULL
1074#define auth_cram_md5 NULL
1075#define auth_oauthbearer NULL
1076#define auth_xoauth2 NULL
1077
1078#endif
1079
1080static void server_fill_credential(struct imap_server_conf *srvc, struct credential *cred)
1081{
1082 if (srvc->user && srvc->pass)
1083 return;
1084
1085 cred->protocol = xstrdup(srvc->use_ssl ? "imaps" : "imap");
1086 cred->host = xstrfmt("%s:%d", srvc->host, srvc->port);
1087
1088 cred->username = xstrdup_or_null(srvc->user);
1089 cred->password = xstrdup_or_null(srvc->pass);
1090
1091 credential_fill(the_repository, cred, 1);
1092
1093 if (!srvc->user)
1094 srvc->user = xstrdup(cred->username);
1095 if (!srvc->pass)
1096 srvc->pass = xstrdup(cred->password);
1097}
1098
1099static int try_auth_method(struct imap_server_conf *srvc,
1100 struct imap_store *ctx,
1101 struct imap *imap,
1102 const char *auth_method,
1103 enum CAPABILITY cap,
1104 int (*fn)(struct imap_store *, const char *))
1105{
1106 struct imap_cmd_cb cb = {0};
1107
1108 if (!CAP(cap)) {
1109 fprintf(stderr, "You specified "
1110 "%s as authentication method, "
1111 "but %s doesn't support it.\n",
1112 auth_method, srvc->host);
1113 return -1;
1114 }
1115 cb.cont = fn;
1116
1117 if (NOT_CONSTANT(!cb.cont)) {
1118 fprintf(stderr, "If you want to use %s authentication mechanism, "
1119 "you have to build git-imap-send with OpenSSL library.",
1120 auth_method);
1121 return -1;
1122 }
1123 if (imap_exec(ctx, &cb, "AUTHENTICATE %s", auth_method) != RESP_OK) {
1124 fprintf(stderr, "IMAP error: AUTHENTICATE %s failed\n",
1125 auth_method);
1126 return -1;
1127 }
1128 return 0;
1129}
1130
1131static struct imap_store *imap_open_store(struct imap_server_conf *srvc, const char *folder)
1132{
1133 struct credential cred = CREDENTIAL_INIT;
1134 struct imap_store *ctx;
1135 struct imap *imap;
1136 char *arg, *rsp;
1137 int s = -1, preauth;
1138
1139 CALLOC_ARRAY(ctx, 1);
1140
1141 ctx->cfg = srvc;
1142 ctx->imap = CALLOC_ARRAY(imap, 1);
1143 imap->buf.sock.fd[0] = imap->buf.sock.fd[1] = -1;
1144 imap->in_progress_append = &imap->in_progress;
1145
1146 /* open connection to IMAP server */
1147
1148 if (srvc->tunnel) {
1149 struct child_process tunnel = CHILD_PROCESS_INIT;
1150
1151 imap_info("Starting tunnel '%s'... ", srvc->tunnel);
1152
1153 strvec_push(&tunnel.args, srvc->tunnel);
1154 tunnel.use_shell = 1;
1155 tunnel.in = -1;
1156 tunnel.out = -1;
1157 if (start_command(&tunnel))
1158 die("cannot start proxy %s", srvc->tunnel);
1159
1160 imap->buf.sock.fd[0] = tunnel.out;
1161 imap->buf.sock.fd[1] = tunnel.in;
1162
1163 imap_info("OK\n");
1164 } else {
1165#ifndef NO_IPV6
1166 struct addrinfo hints, *ai0, *ai;
1167 int gai;
1168 char portstr[6];
1169
1170 xsnprintf(portstr, sizeof(portstr), "%d", srvc->port);
1171
1172 memset(&hints, 0, sizeof(hints));
1173 hints.ai_socktype = SOCK_STREAM;
1174 hints.ai_protocol = IPPROTO_TCP;
1175
1176 imap_info("Resolving %s... ", srvc->host);
1177 gai = getaddrinfo(srvc->host, portstr, &hints, &ai);
1178 if (gai) {
1179 fprintf(stderr, "getaddrinfo: %s\n", gai_strerror(gai));
1180 goto bail;
1181 }
1182 imap_info("OK\n");
1183
1184 for (ai0 = ai; ai; ai = ai->ai_next) {
1185 char addr[NI_MAXHOST];
1186
1187 s = socket(ai->ai_family, ai->ai_socktype,
1188 ai->ai_protocol);
1189 if (s < 0)
1190 continue;
1191
1192 getnameinfo(ai->ai_addr, ai->ai_addrlen, addr,
1193 sizeof(addr), NULL, 0, NI_NUMERICHOST);
1194 imap_info("Connecting to [%s]:%s... ", addr, portstr);
1195
1196 if (connect(s, ai->ai_addr, ai->ai_addrlen) < 0) {
1197 close(s);
1198 s = -1;
1199 perror("connect");
1200 continue;
1201 }
1202
1203 break;
1204 }
1205 freeaddrinfo(ai0);
1206#else /* NO_IPV6 */
1207 struct hostent *he;
1208 struct sockaddr_in addr;
1209
1210 memset(&addr, 0, sizeof(addr));
1211 addr.sin_port = htons(srvc->port);
1212 addr.sin_family = AF_INET;
1213
1214 imap_info("Resolving %s... ", srvc->host);
1215 he = gethostbyname(srvc->host);
1216 if (!he) {
1217 perror("gethostbyname");
1218 goto bail;
1219 }
1220 imap_info("OK\n");
1221
1222 addr.sin_addr.s_addr = *((int *) he->h_addr_list[0]);
1223
1224 s = socket(PF_INET, SOCK_STREAM, 0);
1225
1226 imap_info("Connecting to %s:%hu... ", inet_ntoa(addr.sin_addr), ntohs(addr.sin_port));
1227 if (connect(s, (struct sockaddr *)&addr, sizeof(addr))) {
1228 close(s);
1229 s = -1;
1230 perror("connect");
1231 }
1232#endif
1233 if (s < 0) {
1234 fputs("error: unable to connect to server\n", stderr);
1235 goto bail;
1236 }
1237
1238 imap->buf.sock.fd[0] = s;
1239 imap->buf.sock.fd[1] = dup(s);
1240
1241 if (srvc->use_ssl &&
1242 ssl_socket_connect(&imap->buf.sock, srvc, 0)) {
1243 close(s);
1244 goto bail;
1245 }
1246 imap_info("OK\n");
1247 }
1248
1249 /* read the greeting string */
1250 if (buffer_gets(&imap->buf, &rsp)) {
1251 fprintf(stderr, "IMAP error: no greeting response\n");
1252 goto bail;
1253 }
1254 arg = next_arg(&rsp);
1255 if (!arg || *arg != '*' || (arg = next_arg(&rsp)) == NULL) {
1256 fprintf(stderr, "IMAP error: invalid greeting response\n");
1257 goto bail;
1258 }
1259 preauth = 0;
1260 if (!strcmp("PREAUTH", arg))
1261 preauth = 1;
1262 else if (strcmp("OK", arg) != 0) {
1263 fprintf(stderr, "IMAP error: unknown greeting response\n");
1264 goto bail;
1265 }
1266 parse_response_code(ctx, NULL, rsp);
1267 if (!imap->caps && imap_exec(ctx, NULL, "CAPABILITY") != RESP_OK)
1268 goto bail;
1269
1270 if (!preauth) {
1271#ifndef NO_OPENSSL
1272 if (!srvc->use_ssl && CAP(STARTTLS)) {
1273 if (imap_exec(ctx, NULL, "STARTTLS") != RESP_OK)
1274 goto bail;
1275 if (ssl_socket_connect(&imap->buf.sock, srvc, 1))
1276 goto bail;
1277 /* capabilities may have changed, so get the new capabilities */
1278 if (imap_exec(ctx, NULL, "CAPABILITY") != RESP_OK)
1279 goto bail;
1280 }
1281#endif
1282 imap_info("Logging in...\n");
1283 server_fill_credential(srvc, &cred);
1284
1285 if (srvc->auth_method) {
1286 if (!strcmp(srvc->auth_method, "PLAIN")) {
1287 if (try_auth_method(srvc, ctx, imap, "PLAIN", AUTH_PLAIN, auth_plain))
1288 goto bail;
1289 } else if (!strcmp(srvc->auth_method, "CRAM-MD5")) {
1290 if (try_auth_method(srvc, ctx, imap, "CRAM-MD5", AUTH_CRAM_MD5, auth_cram_md5))
1291 goto bail;
1292 } else if (!strcmp(srvc->auth_method, "OAUTHBEARER")) {
1293 if (try_auth_method(srvc, ctx, imap, "OAUTHBEARER", AUTH_OAUTHBEARER, auth_oauthbearer))
1294 goto bail;
1295 } else if (!strcmp(srvc->auth_method, "XOAUTH2")) {
1296 if (try_auth_method(srvc, ctx, imap, "XOAUTH2", AUTH_XOAUTH2, auth_xoauth2))
1297 goto bail;
1298 } else {
1299 fprintf(stderr, "unknown authentication mechanism: %s\n", srvc->auth_method);
1300 goto bail;
1301 }
1302 } else {
1303 if (CAP(NOLOGIN)) {
1304 fprintf(stderr, "skipping account %s@%s, server forbids LOGIN\n",
1305 srvc->user, srvc->host);
1306 goto bail;
1307 }
1308 if (!imap->buf.sock.ssl)
1309 imap_warn("*** IMAP Warning *** Password is being "
1310 "sent in the clear\n");
1311 if (imap_exec(ctx, NULL, "LOGIN \"%s\" \"%s\"", srvc->user, srvc->pass) != RESP_OK) {
1312 fprintf(stderr, "IMAP error: LOGIN failed\n");
1313 goto bail;
1314 }
1315 }
1316 } /* !preauth */
1317
1318 if (cred.username)
1319 credential_approve(the_repository, &cred);
1320 credential_clear(&cred);
1321
1322 /* check the target mailbox exists */
1323 ctx->name = folder;
1324 switch (imap_exec(ctx, NULL, "EXAMINE \"%s\"", ctx->name)) {
1325 case RESP_OK:
1326 /* ok */
1327 break;
1328 case RESP_BAD:
1329 fprintf(stderr, "IMAP error: could not check mailbox\n");
1330 goto out;
1331 case RESP_NO:
1332 if (imap_exec(ctx, NULL, "CREATE \"%s\"", ctx->name) == RESP_OK) {
1333 imap_info("Created missing mailbox\n");
1334 } else {
1335 fprintf(stderr, "IMAP error: could not create missing mailbox\n");
1336 goto out;
1337 }
1338 break;
1339 }
1340
1341 ctx->prefix = "";
1342 return ctx;
1343
1344bail:
1345 if (cred.username)
1346 credential_reject(the_repository, &cred);
1347 credential_clear(&cred);
1348
1349 out:
1350 imap_close_store(ctx);
1351 return NULL;
1352}
1353
1354/*
1355 * Insert CR characters as necessary in *msg to ensure that every LF
1356 * character in *msg is preceded by a CR.
1357 */
1358static void lf_to_crlf(struct strbuf *msg)
1359{
1360 char *new_msg;
1361 size_t i, j;
1362 char lastc;
1363
1364 /* First pass: tally, in j, the size of the new_msg string: */
1365 for (i = j = 0, lastc = '\0'; i < msg->len; i++) {
1366 if (msg->buf[i] == '\n' && lastc != '\r')
1367 j++; /* a CR will need to be added here */
1368 lastc = msg->buf[i];
1369 j++;
1370 }
1371
1372 new_msg = xmallocz(j);
1373
1374 /*
1375 * Second pass: write the new_msg string. Note that this loop is
1376 * otherwise identical to the first pass.
1377 */
1378 for (i = j = 0, lastc = '\0'; i < msg->len; i++) {
1379 if (msg->buf[i] == '\n' && lastc != '\r')
1380 new_msg[j++] = '\r';
1381 lastc = new_msg[j++] = msg->buf[i];
1382 }
1383 strbuf_attach(msg, new_msg, j, j + 1);
1384}
1385
1386/*
1387 * Store msg to IMAP. Also detach and free the data from msg->data,
1388 * leaving msg->data empty.
1389 */
1390static int imap_store_msg(struct imap_store *ctx, struct strbuf *msg)
1391{
1392 struct imap *imap = ctx->imap;
1393 struct imap_cmd_cb cb;
1394 const char *prefix, *box;
1395 int ret;
1396
1397 lf_to_crlf(msg);
1398 memset(&cb, 0, sizeof(cb));
1399
1400 cb.dlen = msg->len;
1401 cb.data = strbuf_detach(msg, NULL);
1402
1403 box = ctx->name;
1404 prefix = !strcmp(box, "INBOX") ? "" : ctx->prefix;
1405 ret = imap_exec_m(ctx, &cb, "APPEND \"%s%s\" ", prefix, box);
1406 imap->caps = imap->rcaps;
1407 if (ret != DRV_OK)
1408 return ret;
1409
1410 return DRV_OK;
1411}
1412
1413static void wrap_in_html(struct strbuf *msg)
1414{
1415 struct strbuf buf = STRBUF_INIT;
1416 static const char *content_type = "Content-Type: text/html;\n";
1417 static const char *pre_open = "<pre>\n";
1418 static const char *pre_close = "</pre>\n";
1419 const char *body = strstr(msg->buf, "\n\n");
1420
1421 if (!body)
1422 return; /* Headers but no body; no wrapping needed */
1423
1424 body += 2;
1425
1426 strbuf_add(&buf, msg->buf, body - msg->buf - 1);
1427 strbuf_addstr(&buf, content_type);
1428 strbuf_addch(&buf, '\n');
1429 strbuf_addstr(&buf, pre_open);
1430 strbuf_addstr_xml_quoted(&buf, body);
1431 strbuf_addstr(&buf, pre_close);
1432
1433 strbuf_release(msg);
1434 *msg = buf;
1435}
1436
1437static int count_messages(struct strbuf *all_msgs)
1438{
1439 int count = 0;
1440 char *p = all_msgs->buf;
1441
1442 while (1) {
1443 if (starts_with(p, "From ")) {
1444 p = strstr(p+5, "\nFrom: ");
1445 if (!p) break;
1446 p = strstr(p+7, "\nDate: ");
1447 if (!p) break;
1448 p = strstr(p+7, "\nSubject: ");
1449 if (!p) break;
1450 p += 10;
1451 count++;
1452 }
1453 p = strstr(p+5, "\nFrom ");
1454 if (!p)
1455 break;
1456 p++;
1457 }
1458 return count;
1459}
1460
1461/*
1462 * Copy the next message from all_msgs, starting at offset *ofs, to
1463 * msg. Update *ofs to the start of the following message. Return
1464 * true iff a message was successfully copied.
1465 */
1466static int split_msg(struct strbuf *all_msgs, struct strbuf *msg, int *ofs)
1467{
1468 char *p, *data;
1469 size_t len;
1470
1471 if (*ofs >= all_msgs->len)
1472 return 0;
1473
1474 data = &all_msgs->buf[*ofs];
1475 len = all_msgs->len - *ofs;
1476
1477 if (len < 5 || !starts_with(data, "From "))
1478 return 0;
1479
1480 p = strchr(data, '\n');
1481 if (p) {
1482 p++;
1483 len -= p - data;
1484 *ofs += p - data;
1485 data = p;
1486 }
1487
1488 p = strstr(data, "\nFrom ");
1489 if (p)
1490 len = &p[1] - data;
1491
1492 strbuf_add(msg, data, len);
1493 *ofs += len;
1494 return 1;
1495}
1496
1497static int git_imap_config(const char *var, const char *val,
1498 const struct config_context *ctx, void *cb)
1499{
1500 struct imap_server_conf *cfg = cb;
1501
1502 if (!strcmp("imap.sslverify", var)) {
1503 cfg->ssl_verify = git_config_bool(var, val);
1504 } else if (!strcmp("imap.preformattedhtml", var)) {
1505 cfg->use_html = git_config_bool(var, val);
1506 } else if (!strcmp("imap.folder", var)) {
1507 FREE_AND_NULL(cfg->folder);
1508 return git_config_string(&cfg->folder, var, val);
1509 } else if (!strcmp("imap.user", var)) {
1510 FREE_AND_NULL(cfg->user);
1511 return git_config_string(&cfg->user, var, val);
1512 } else if (!strcmp("imap.pass", var)) {
1513 FREE_AND_NULL(cfg->pass);
1514 return git_config_string(&cfg->pass, var, val);
1515 } else if (!strcmp("imap.tunnel", var)) {
1516 FREE_AND_NULL(cfg->tunnel);
1517 return git_config_string(&cfg->tunnel, var, val);
1518 } else if (!strcmp("imap.authmethod", var)) {
1519 FREE_AND_NULL(cfg->auth_method);
1520 return git_config_string(&cfg->auth_method, var, val);
1521 } else if (!strcmp("imap.port", var)) {
1522 cfg->port = git_config_int(var, val, ctx->kvi);
1523 } else if (!strcmp("imap.host", var)) {
1524 if (!val) {
1525 return config_error_nonbool(var);
1526 } else {
1527 if (starts_with(val, "imap:"))
1528 val += 5;
1529 else if (starts_with(val, "imaps:")) {
1530 val += 6;
1531 cfg->use_ssl = 1;
1532 }
1533 if (starts_with(val, "//"))
1534 val += 2;
1535 cfg->host = xstrdup(val);
1536 }
1537 } else {
1538 return git_default_config(var, val, ctx, cb);
1539 }
1540
1541 return 0;
1542}
1543
1544static int append_msgs_to_imap(struct imap_server_conf *server,
1545 struct strbuf* all_msgs, int total)
1546{
1547 struct strbuf msg = STRBUF_INIT;
1548 struct imap_store *ctx = NULL;
1549 int ofs = 0;
1550 int r;
1551 int n = 0;
1552
1553 ctx = imap_open_store(server, server->folder);
1554 if (!ctx) {
1555 fprintf(stderr, "failed to open store\n");
1556 return 1;
1557 }
1558 ctx->name = server->folder;
1559
1560 fprintf(stderr, "Sending %d message%s to %s folder...\n",
1561 total, (total != 1) ? "s" : "", server->folder);
1562 while (1) {
1563 unsigned percent = n * 100 / total;
1564
1565 fprintf(stderr, "%4u%% (%d/%d) done\r", percent, n, total);
1566
1567 if (!split_msg(all_msgs, &msg, &ofs))
1568 break;
1569 if (server->use_html)
1570 wrap_in_html(&msg);
1571 r = imap_store_msg(ctx, &msg);
1572 if (r != DRV_OK)
1573 break;
1574 n++;
1575 }
1576 fprintf(stderr, "\n");
1577
1578 imap_close_store(ctx);
1579
1580 return 0;
1581}
1582
1583static int list_imap_folders(struct imap_server_conf *server)
1584{
1585 struct imap_store *ctx = imap_open_store(server, "INBOX");
1586 if (!ctx) {
1587 fprintf(stderr, "failed to connect to IMAP server\n");
1588 return 1;
1589 }
1590
1591 fprintf(stderr, "Fetching the list of available folders...\n");
1592 /* Issue the LIST command and print the results */
1593 if (imap_exec(ctx, NULL, "LIST \"\" \"*\"") != RESP_OK) {
1594 fprintf(stderr, "failed to list folders\n");
1595 imap_close_store(ctx);
1596 return 1;
1597 }
1598
1599 imap_close_store(ctx);
1600 return 0;
1601}
1602
1603#ifdef USE_CURL_FOR_IMAP_SEND
1604static CURL *setup_curl(struct imap_server_conf *srvc, struct credential *cred)
1605{
1606 CURL *curl;
1607 struct strbuf path = STRBUF_INIT;
1608 char *uri_encoded_folder;
1609
1610 if (curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK)
1611 die("curl_global_init failed");
1612
1613 curl = curl_easy_init();
1614
1615 if (!curl)
1616 die("curl_easy_init failed");
1617
1618 server_fill_credential(srvc, cred);
1619 curl_easy_setopt(curl, CURLOPT_USERNAME, srvc->user);
1620
1621 /*
1622 * Use CURLOPT_PASSWORD irrespective of whether there is
1623 * an auth method specified or not, unless it's OAuth2.0,
1624 * where we use CURLOPT_XOAUTH2_BEARER.
1625 */
1626 if (!srvc->auth_method ||
1627 (strcmp(srvc->auth_method, "XOAUTH2") &&
1628 strcmp(srvc->auth_method, "OAUTHBEARER")))
1629 curl_easy_setopt(curl, CURLOPT_PASSWORD, srvc->pass);
1630
1631 strbuf_addstr(&path, srvc->use_ssl ? "imaps://" : "imap://");
1632 strbuf_addstr(&path, srvc->host);
1633 if (!path.len || path.buf[path.len - 1] != '/')
1634 strbuf_addch(&path, '/');
1635
1636 if (!list_folders) {
1637 uri_encoded_folder = curl_easy_escape(curl, srvc->folder, 0);
1638 if (!uri_encoded_folder)
1639 die("failed to encode server folder");
1640 strbuf_addstr(&path, uri_encoded_folder);
1641 curl_free(uri_encoded_folder);
1642 }
1643
1644 curl_easy_setopt(curl, CURLOPT_URL, path.buf);
1645 strbuf_release(&path);
1646 curl_easy_setopt(curl, CURLOPT_PORT, (long)srvc->port);
1647
1648 if (srvc->auth_method) {
1649 if (!strcmp(srvc->auth_method, "XOAUTH2") ||
1650 !strcmp(srvc->auth_method, "OAUTHBEARER")) {
1651
1652 /*
1653 * While CURLOPT_XOAUTH2_BEARER looks as if it only supports XOAUTH2,
1654 * upon debugging, it has been found that it is capable of detecting
1655 * the best option out of OAUTHBEARER and XOAUTH2.
1656 */
1657 curl_easy_setopt(curl, CURLOPT_XOAUTH2_BEARER, srvc->pass);
1658 } else {
1659 struct strbuf auth = STRBUF_INIT;
1660 strbuf_addstr(&auth, "AUTH=");
1661 strbuf_addstr(&auth, srvc->auth_method);
1662 curl_easy_setopt(curl, CURLOPT_LOGIN_OPTIONS, auth.buf);
1663 strbuf_release(&auth);
1664 }
1665 }
1666
1667 if (!srvc->use_ssl)
1668 curl_easy_setopt(curl, CURLOPT_USE_SSL, (long)CURLUSESSL_TRY);
1669
1670 curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, (long)srvc->ssl_verify);
1671 curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, (long)srvc->ssl_verify);
1672
1673 if (0 < verbosity || getenv("GIT_CURL_VERBOSE"))
1674 http_trace_curl_no_data();
1675 setup_curl_trace(curl);
1676
1677 return curl;
1678}
1679
1680static int curl_append_msgs_to_imap(struct imap_server_conf *server,
1681 struct strbuf* all_msgs, int total)
1682{
1683 int ofs = 0;
1684 int n = 0;
1685 struct buffer msgbuf = { STRBUF_INIT, 0 };
1686 CURL *curl;
1687 CURLcode res = CURLE_OK;
1688 struct credential cred = CREDENTIAL_INIT;
1689
1690 curl = setup_curl(server, &cred);
1691
1692 curl_easy_setopt(curl, CURLOPT_READFUNCTION, fread_buffer);
1693 curl_easy_setopt(curl, CURLOPT_UPLOAD, 1L);
1694
1695 curl_easy_setopt(curl, CURLOPT_READDATA, &msgbuf);
1696
1697 fprintf(stderr, "Sending %d message%s to %s folder...\n",
1698 total, (total != 1) ? "s" : "", server->folder);
1699 while (1) {
1700 unsigned percent = n * 100 / total;
1701 int prev_len;
1702
1703 fprintf(stderr, "%4u%% (%d/%d) done\r", percent, n, total);
1704
1705 prev_len = msgbuf.buf.len;
1706 if (!split_msg(all_msgs, &msgbuf.buf, &ofs))
1707 break;
1708 if (server->use_html)
1709 wrap_in_html(&msgbuf.buf);
1710 lf_to_crlf(&msgbuf.buf);
1711
1712 curl_easy_setopt(curl, CURLOPT_INFILESIZE_LARGE,
1713 (curl_off_t)(msgbuf.buf.len-prev_len));
1714
1715 res = curl_easy_perform(curl);
1716
1717 if(res != CURLE_OK) {
1718 fprintf(stderr, "curl_easy_perform() failed: %s\n",
1719 curl_easy_strerror(res));
1720 break;
1721 }
1722
1723 n++;
1724 }
1725 fprintf(stderr, "\n");
1726
1727 curl_easy_cleanup(curl);
1728 curl_global_cleanup();
1729
1730 if (cred.username) {
1731 if (res == CURLE_OK)
1732 credential_approve(the_repository, &cred);
1733 else if (res == CURLE_LOGIN_DENIED)
1734 credential_reject(the_repository, &cred);
1735 }
1736
1737 credential_clear(&cred);
1738
1739 return res != CURLE_OK;
1740}
1741
1742static int curl_list_imap_folders(struct imap_server_conf *server)
1743{
1744 CURL *curl;
1745 CURLcode res = CURLE_OK;
1746 struct credential cred = CREDENTIAL_INIT;
1747
1748 fprintf(stderr, "Fetching the list of available folders...\n");
1749 curl = setup_curl(server, &cred);
1750 res = curl_easy_perform(curl);
1751
1752 curl_easy_cleanup(curl);
1753 curl_global_cleanup();
1754
1755 if (cred.username) {
1756 if (res == CURLE_OK)
1757 credential_approve(the_repository, &cred);
1758 else if (res == CURLE_LOGIN_DENIED)
1759 credential_reject(the_repository, &cred);
1760 }
1761
1762 credential_clear(&cred);
1763
1764 return res != CURLE_OK;
1765}
1766#endif
1767
1768int cmd_main(int argc, const char **argv)
1769{
1770 struct imap_server_conf server = {
1771 .ssl_verify = 1,
1772 };
1773 struct strbuf all_msgs = STRBUF_INIT;
1774 int total;
1775 int nongit_ok;
1776 int ret;
1777
1778 setup_git_directory_gently(&nongit_ok);
1779 git_config(git_imap_config, &server);
1780
1781 argc = parse_options(argc, (const char **)argv, "", imap_send_options, imap_send_usage, 0);
1782
1783 if (opt_folder) {
1784 free(server.folder);
1785 server.folder = xstrdup(opt_folder);
1786 }
1787
1788 if (argc)
1789 usage_with_options(imap_send_usage, imap_send_options);
1790
1791#ifndef USE_CURL_FOR_IMAP_SEND
1792 if (use_curl) {
1793 warning("--curl not supported in this build");
1794 use_curl = 0;
1795 }
1796#elif defined(NO_OPENSSL)
1797 if (!use_curl) {
1798 warning("--no-curl not supported in this build");
1799 use_curl = 1;
1800 }
1801#endif
1802
1803 if (!server.port)
1804 server.port = server.use_ssl ? 993 : 143;
1805
1806 if (!server.host) {
1807 if (!server.tunnel) {
1808 error(_("no IMAP host specified"));
1809 advise(_("set the IMAP host with 'git config imap.host <host>'.\n"
1810 "(e.g., 'git config imap.host imaps://imap.example.com')"));
1811 ret = 1;
1812 goto out;
1813 }
1814 server.host = xstrdup("tunnel");
1815 }
1816
1817 if (list_folders) {
1818 if (server.tunnel)
1819 ret = list_imap_folders(&server);
1820#ifdef USE_CURL_FOR_IMAP_SEND
1821 else if (use_curl)
1822 ret = curl_list_imap_folders(&server);
1823#endif
1824 else
1825 ret = list_imap_folders(&server);
1826 goto out;
1827 }
1828
1829 if (!server.folder) {
1830 error(_("no IMAP folder specified"));
1831 advise(_("set the target folder with 'git config imap.folder <folder>'.\n"
1832 "(e.g., 'git config imap.folder Drafts')"));
1833 ret = 1;
1834 goto out;
1835 }
1836
1837 /* read the messages */
1838 if (strbuf_read(&all_msgs, 0, 0) < 0) {
1839 error_errno(_("could not read from stdin"));
1840 ret = 1;
1841 goto out;
1842 }
1843
1844 if (all_msgs.len == 0) {
1845 fprintf(stderr, "nothing to send\n");
1846 ret = 1;
1847 goto out;
1848 }
1849
1850 total = count_messages(&all_msgs);
1851 if (!total) {
1852 fprintf(stderr, "no messages found to send\n");
1853 ret = 1;
1854 goto out;
1855 }
1856
1857 /* write it to the imap server */
1858
1859 if (server.tunnel)
1860 ret = append_msgs_to_imap(&server, &all_msgs, total);
1861#ifdef USE_CURL_FOR_IMAP_SEND
1862 else if (use_curl)
1863 ret = curl_append_msgs_to_imap(&server, &all_msgs, total);
1864#endif
1865 else
1866 ret = append_msgs_to_imap(&server, &all_msgs, total);
1867
1868out:
1869 free(server.tunnel);
1870 free(server.host);
1871 free(server.folder);
1872 free(server.user);
1873 free(server.pass);
1874 free(server.auth_method);
1875 strbuf_release(&all_msgs);
1876 return ret;
1877}
Unnamed repository; edit this file 'description' to name the repository.