]> git.ipfire.org Git - thirdparty/git.git/blob - imap-send.c
projects / thirdparty / git.git / blob
? search:


f5a656ac71dc2db06e087f4bfce486418724284e
[thirdparty/git.git] / imap-send.c
1 /*
2 * git-imap-send - drops patches into an imap Drafts folder
3 * derived from isync/mbsync - mailbox synchronizer
4 *
5 * Copyright (C) 2000-2002 Michael R. Elkins <me@mutt.org>
6 * Copyright (C) 2002-2004 Oswald Buddenhagen <ossi@users.sf.net>
7 * Copyright (C) 2004 Theodore Y. Ts'o <tytso@mit.edu>
8 * Copyright (C) 2006 Mike McCormack
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
19 *
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, see <https://www.gnu.org/licenses/>.
22 */
23
24 #define USE_THE_REPOSITORY_VARIABLE
25 #define DISABLE_SIGN_COMPARE_WARNINGS
26
27 #include "git-compat-util.h"
28 #include "advice.h"
29 #include "config.h"
30 #include "credential.h"
31 #include "gettext.h"
32 #include "run-command.h"
33 #include "parse-options.h"
34 #include "setup.h"
35 #include "strbuf.h"
36 #ifdef USE_CURL_FOR_IMAP_SEND
37 #include "http.h"
38 #endif
39
40 #if defined(USE_CURL_FOR_IMAP_SEND)
41 /* Always default to curl if it's available. */
42 #define USE_CURL_DEFAULT 1
43 #else
44 /* We don't have curl, so continue to use the historical implementation */
45 #define USE_CURL_DEFAULT 0
46 #endif
47
48 static int verbosity;
49 static int list_folders;
50 static int use_curl = USE_CURL_DEFAULT;
51 static char *opt_folder;
52
53 static char const * const imap_send_usage[] = {
54 N_("git imap-send [-v] [-q] [--[no-]curl] [(--folder|-f) <folder>] < <mbox>"),
55 "git imap-send --list",
56 NULL
57 };
58
59 static struct option imap_send_options[] = {
60 OPT__VERBOSITY(&verbosity),
61 OPT_BOOL(0, "curl", &use_curl, "use libcurl to communicate with the IMAP server"),
62 OPT_STRING('f', "folder", &opt_folder, "folder", "specify the IMAP folder"),
63 OPT_BOOL(0, "list", &list_folders, "list all folders on the IMAP server"),
64 OPT_END()
65 };
66
67 #undef DRV_OK
68 #define DRV_OK 0
69 #define DRV_MSG_BAD -1
70 #define DRV_BOX_BAD -2
71 #define DRV_STORE_BAD -3
72
73 __attribute__((format (printf, 1, 2)))
74 static void imap_info(const char *, ...);
75 __attribute__((format (printf, 1, 2)))
76 static void imap_warn(const char *, ...);
77
78 static char *next_arg(char **);
79
80 struct imap_server_conf {
81 char *tunnel;
82 char *host;
83 int port;
84 char *folder;
85 char *user;
86 char *pass;
87 int use_ssl;
88 int ssl_verify;
89 int use_html;
90 char *auth_method;
91 };
92
93 struct imap_socket {
94 int fd[2];
95 #if defined(NO_OPENSSL) && !defined(HAVE_OPENSSL_CSPRNG)
96 void *ssl;
97 #else
98 SSL *ssl;
99 #endif
100 };
101
102 struct imap_buffer {
103 struct imap_socket sock;
104 int bytes;
105 int offset;
106 char buf[1024];
107 };
108
109 struct imap_cmd;
110
111 struct imap {
112 int uidnext; /* from SELECT responses */
113 unsigned caps, rcaps; /* CAPABILITY results */
114 /* command queue */
115 int nexttag, num_in_progress, literal_pending;
116 struct imap_cmd *in_progress, **in_progress_append;
117 struct imap_buffer buf; /* this is BIG, so put it last */
118 };
119
120 struct imap_store {
121 const struct imap_server_conf *cfg;
122 /* currently open mailbox */
123 const char *name; /* foreign! maybe preset? */
124 int uidvalidity;
125 struct imap *imap;
126 const char *prefix;
127 };
128
129 struct imap_cmd_cb {
130 int (*cont)(struct imap_store *ctx, const char *prompt);
131 void *ctx;
132 char *data;
133 int dlen;
134 };
135
136 struct imap_cmd {
137 struct imap_cmd *next;
138 struct imap_cmd_cb cb;
139 char *cmd;
140 int tag;
141 };
142
143 #define CAP(cap) (imap->caps & (1 << (cap)))
144
145 enum CAPABILITY {
146 NOLOGIN = 0,
147 UIDPLUS,
148 LITERALPLUS,
149 NAMESPACE,
150 STARTTLS,
151 AUTH_PLAIN,
152 AUTH_CRAM_MD5,
153 AUTH_OAUTHBEARER,
154 AUTH_XOAUTH2,
155 };
156
157 static const char *cap_list[] = {
158 "LOGINDISABLED",
159 "UIDPLUS",
160 "LITERAL+",
161 "NAMESPACE",
162 "STARTTLS",
163 "AUTH=PLAIN",
164 "AUTH=CRAM-MD5",
165 "AUTH=OAUTHBEARER",
166 "AUTH=XOAUTH2",
167 };
168
169 #define RESP_OK 0
170 #define RESP_NO 1
171 #define RESP_BAD 2
172
173 static int get_cmd_result(struct imap_store *ctx, struct imap_cmd *tcmd);
174
175
176 #ifndef NO_OPENSSL
177 static void ssl_socket_perror(const char *func)
178 {
179 fprintf(stderr, "%s: %s\n", func, ERR_error_string(ERR_get_error(), NULL));
180 }
181 #endif
182
183 static void socket_perror(const char *func, struct imap_socket *sock, int ret)
184 {
185 #ifndef NO_OPENSSL
186 if (sock->ssl) {
187 int sslerr = SSL_get_error(sock->ssl, ret);
188 switch (sslerr) {
189 case SSL_ERROR_NONE:
190 break;
191 case SSL_ERROR_SYSCALL:
192 perror("SSL_connect");
193 break;
194 default:
195 ssl_socket_perror("SSL_connect");
196 break;
197 }
198 } else
199 #endif
200 {
201 if (ret < 0)
202 perror(func);
203 else
204 fprintf(stderr, "%s: unexpected EOF\n", func);
205 }
206 /* mark as used to appease -Wunused-parameter with NO_OPENSSL */
207 (void)sock;
208 }
209
210 #ifdef NO_OPENSSL
211 static int ssl_socket_connect(struct imap_socket *sock UNUSED,
212 const struct imap_server_conf *cfg UNUSED,
213 int use_tls_only UNUSED)
214 {
215 fprintf(stderr, "SSL requested, but SSL support is not compiled in\n");
216 return -1;
217 }
218
219 #else
220
221 static int host_matches(const char *host, const char *pattern)
222 {
223 if (pattern[0] == '*' && pattern[1] == '.') {
224 pattern += 2;
225 if (!(host = strchr(host, '.')))
226 return 0;
227 host++;
228 }
229
230 return *host && *pattern && !strcasecmp(host, pattern);
231 }
232
233 static int verify_hostname(X509 *cert, const char *hostname)
234 {
235 int len;
236 X509_NAME *subj;
237 char cname[1000];
238 int i, found;
239 STACK_OF(GENERAL_NAME) *subj_alt_names;
240
241 /* try the DNS subjectAltNames */
242 found = 0;
243 if ((subj_alt_names = X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL))) {
244 int num_subj_alt_names = sk_GENERAL_NAME_num(subj_alt_names);
245 for (i = 0; !found && i < num_subj_alt_names; i++) {
246 GENERAL_NAME *subj_alt_name = sk_GENERAL_NAME_value(subj_alt_names, i);
247 if (subj_alt_name->type == GEN_DNS &&
248 strlen((const char *)subj_alt_name->d.ia5->data) == (size_t)subj_alt_name->d.ia5->length &&
249 host_matches(hostname, (const char *)(subj_alt_name->d.ia5->data)))
250 found = 1;
251 }
252 sk_GENERAL_NAME_pop_free(subj_alt_names, GENERAL_NAME_free);
253 }
254 if (found)
255 return 0;
256
257 /* try the common name */
258 if (!(subj = X509_get_subject_name(cert)))
259 return error("cannot get certificate subject");
260 if ((len = X509_NAME_get_text_by_NID(subj, NID_commonName, cname, sizeof(cname))) < 0)
261 return error("cannot get certificate common name");
262 if (strlen(cname) == (size_t)len && host_matches(hostname, cname))
263 return 0;
264 return error("certificate owner '%s' does not match hostname '%s'",
265 cname, hostname);
266 }
267
268 static int ssl_socket_connect(struct imap_socket *sock,
269 const struct imap_server_conf *cfg,
270 int use_tls_only)
271 {
272 #if (OPENSSL_VERSION_NUMBER >= 0x10000000L)
273 const SSL_METHOD *meth;
274 #else
275 SSL_METHOD *meth;
276 #endif
277 SSL_CTX *ctx;
278 int ret;
279 X509 *cert;
280
281 SSL_library_init();
282 SSL_load_error_strings();
283
284 meth = SSLv23_method();
285 if (!meth) {
286 ssl_socket_perror("SSLv23_method");
287 return -1;
288 }
289
290 ctx = SSL_CTX_new(meth);
291 if (!ctx) {
292 ssl_socket_perror("SSL_CTX_new");
293 return -1;
294 }
295
296 if (use_tls_only)
297 SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
298
299 if (cfg->ssl_verify)
300 SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL);
301
302 if (!SSL_CTX_set_default_verify_paths(ctx)) {
303 ssl_socket_perror("SSL_CTX_set_default_verify_paths");
304 return -1;
305 }
306 sock->ssl = SSL_new(ctx);
307 if (!sock->ssl) {
308 ssl_socket_perror("SSL_new");
309 return -1;
310 }
311 if (!SSL_set_rfd(sock->ssl, sock->fd[0])) {
312 ssl_socket_perror("SSL_set_rfd");
313 return -1;
314 }
315 if (!SSL_set_wfd(sock->ssl, sock->fd[1])) {
316 ssl_socket_perror("SSL_set_wfd");
317 return -1;
318 }
319
320 #ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
321 /*
322 * SNI (RFC4366)
323 * OpenSSL does not document this function, but the implementation
324 * returns 1 on success, 0 on failure after calling SSLerr().
325 */
326 ret = SSL_set_tlsext_host_name(sock->ssl, cfg->host);
327 if (ret != 1)
328 warning("SSL_set_tlsext_host_name(%s) failed.", cfg->host);
329 #endif
330
331 ret = SSL_connect(sock->ssl);
332 if (ret <= 0) {
333 socket_perror("SSL_connect", sock, ret);
334 return -1;
335 }
336
337 if (cfg->ssl_verify) {
338 /* make sure the hostname matches that of the certificate */
339 cert = SSL_get_peer_certificate(sock->ssl);
340 if (!cert)
341 return error("unable to get peer certificate.");
342 if (SSL_get_verify_result(sock->ssl) != X509_V_OK)
343 return error("unable to verify peer certificate");
344 if (verify_hostname(cert, cfg->host) < 0)
345 return -1;
346 }
347
348 return 0;
349 }
350 #endif
351
352 static int socket_read(struct imap_socket *sock, char *buf, int len)
353 {
354 ssize_t n;
355 #ifndef NO_OPENSSL
356 if (sock->ssl)
357 n = SSL_read(sock->ssl, buf, len);
358 else
359 #endif
360 n = xread(sock->fd[0], buf, len);
361 if (n <= 0) {
362 socket_perror("read", sock, n);
363 close(sock->fd[0]);
364 close(sock->fd[1]);
365 sock->fd[0] = sock->fd[1] = -1;
366 }
367 return n;
368 }
369
370 static int socket_write(struct imap_socket *sock, const char *buf, int len)
371 {
372 int n;
373 #ifndef NO_OPENSSL
374 if (sock->ssl)
375 n = SSL_write(sock->ssl, buf, len);
376 else
377 #endif
378 n = write_in_full(sock->fd[1], buf, len);
379 if (n != len) {
380 socket_perror("write", sock, n);
381 close(sock->fd[0]);
382 close(sock->fd[1]);
383 sock->fd[0] = sock->fd[1] = -1;
384 }
385 return n;
386 }
387
388 static void socket_shutdown(struct imap_socket *sock)
389 {
390 #ifndef NO_OPENSSL
391 if (sock->ssl) {
392 SSL_shutdown(sock->ssl);
393 SSL_free(sock->ssl);
394 }
395 #endif
396 close(sock->fd[0]);
397 close(sock->fd[1]);
398 }
399
400 /* simple line buffering */
401 static int buffer_gets(struct imap_buffer *b, char **s)
402 {
403 int n;
404 int start = b->offset;
405
406 *s = b->buf + start;
407
408 for (;;) {
409 /* make sure we have enough data to read the \r\n sequence */
410 if (b->offset + 1 >= b->bytes) {
411 if (start) {
412 /* shift down used bytes */
413 *s = b->buf;
414
415 assert(start <= b->bytes);
416 n = b->bytes - start;
417
418 if (n)
419 memmove(b->buf, b->buf + start, n);
420 b->offset -= start;
421 b->bytes = n;
422 start = 0;
423 }
424
425 n = socket_read(&b->sock, b->buf + b->bytes,
426 sizeof(b->buf) - b->bytes);
427
428 if (n <= 0)
429 return -1;
430
431 b->bytes += n;
432 }
433
434 if (b->buf[b->offset] == '\r') {
435 assert(b->offset + 1 < b->bytes);
436 if (b->buf[b->offset + 1] == '\n') {
437 b->buf[b->offset] = 0; /* terminate the string */
438 b->offset += 2; /* next line */
439 if ((0 < verbosity) || (list_folders && strstr(*s, "* LIST")))
440 puts(*s);
441 return 0;
442 }
443 }
444
445 b->offset++;
446 }
447 /* not reached */
448 }
449
450 __attribute__((format (printf, 1, 2)))
451 static void imap_info(const char *msg, ...)
452 {
453 va_list va;
454
455 if (0 <= verbosity) {
456 va_start(va, msg);
457 vprintf(msg, va);
458 va_end(va);
459 fflush(stdout);
460 }
461 }
462
463 __attribute__((format (printf, 1, 2)))
464 static void imap_warn(const char *msg, ...)
465 {
466 va_list va;
467
468 if (-2 < verbosity) {
469 va_start(va, msg);
470 vfprintf(stderr, msg, va);
471 va_end(va);
472 }
473 }
474
475 static char *next_arg(char **s)
476 {
477 char *ret;
478
479 if (!s || !*s)
480 return NULL;
481 while (isspace((unsigned char) **s))
482 (*s)++;
483 if (!**s) {
484 *s = NULL;
485 return NULL;
486 }
487 if (**s == '"') {
488 ++*s;
489 ret = *s;
490 *s = strchr(*s, '"');
491 } else {
492 ret = *s;
493 while (**s && !isspace((unsigned char) **s))
494 (*s)++;
495 }
496 if (*s) {
497 if (**s)
498 *(*s)++ = 0;
499 if (!**s)
500 *s = NULL;
501 }
502 return ret;
503 }
504
505 static struct imap_cmd *issue_imap_cmd(struct imap_store *ctx,
506 struct imap_cmd_cb *cb,
507 const char *fmt, va_list ap)
508 {
509 struct imap *imap = ctx->imap;
510 struct imap_cmd *cmd;
511 int n;
512 struct strbuf buf = STRBUF_INIT;
513
514 cmd = xmalloc(sizeof(struct imap_cmd));
515 cmd->cmd = xstrvfmt(fmt, ap);
516 cmd->tag = ++imap->nexttag;
517
518 if (cb)
519 cmd->cb = *cb;
520 else
521 memset(&cmd->cb, 0, sizeof(cmd->cb));
522
523 while (imap->literal_pending)
524 get_cmd_result(ctx, NULL);
525
526 if (!cmd->cb.data)
527 strbuf_addf(&buf, "%d %s\r\n", cmd->tag, cmd->cmd);
528 else
529 strbuf_addf(&buf, "%d %s{%d%s}\r\n", cmd->tag, cmd->cmd,
530 cmd->cb.dlen, CAP(LITERALPLUS) ? "+" : "");
531 if (buf.len > INT_MAX)
532 die("imap command overflow!");
533
534 if (0 < verbosity) {
535 if (imap->num_in_progress)
536 printf("(%d in progress) ", imap->num_in_progress);
537 if (!starts_with(cmd->cmd, "LOGIN"))
538 printf(">>> %s", buf.buf);
539 else
540 printf(">>> %d LOGIN <user> <pass>\n", cmd->tag);
541 }
542 if (socket_write(&imap->buf.sock, buf.buf, buf.len) != buf.len) {
543 free(cmd->cmd);
544 free(cmd);
545 if (cb)
546 free(cb->data);
547 strbuf_release(&buf);
548 return NULL;
549 }
550 strbuf_release(&buf);
551 if (cmd->cb.data) {
552 if (CAP(LITERALPLUS)) {
553 n = socket_write(&imap->buf.sock, cmd->cb.data, cmd->cb.dlen);
554 free(cmd->cb.data);
555 if (n != cmd->cb.dlen ||
556 socket_write(&imap->buf.sock, "\r\n", 2) != 2) {
557 free(cmd->cmd);
558 free(cmd);
559 return NULL;
560 }
561 cmd->cb.data = NULL;
562 } else
563 imap->literal_pending = 1;
564 } else if (cmd->cb.cont)
565 imap->literal_pending = 1;
566 cmd->next = NULL;
567 *imap->in_progress_append = cmd;
568 imap->in_progress_append = &cmd->next;
569 imap->num_in_progress++;
570 return cmd;
571 }
572
573 __attribute__((format (printf, 3, 4)))
574 static int imap_exec(struct imap_store *ctx, struct imap_cmd_cb *cb,
575 const char *fmt, ...)
576 {
577 va_list ap;
578 struct imap_cmd *cmdp;
579
580 va_start(ap, fmt);
581 cmdp = issue_imap_cmd(ctx, cb, fmt, ap);
582 va_end(ap);
583 if (!cmdp)
584 return RESP_BAD;
585
586 return get_cmd_result(ctx, cmdp);
587 }
588
589 __attribute__((format (printf, 3, 4)))
590 static int imap_exec_m(struct imap_store *ctx, struct imap_cmd_cb *cb,
591 const char *fmt, ...)
592 {
593 va_list ap;
594 struct imap_cmd *cmdp;
595
596 va_start(ap, fmt);
597 cmdp = issue_imap_cmd(ctx, cb, fmt, ap);
598 va_end(ap);
599 if (!cmdp)
600 return DRV_STORE_BAD;
601
602 switch (get_cmd_result(ctx, cmdp)) {
603 case RESP_BAD: return DRV_STORE_BAD;
604 case RESP_NO: return DRV_MSG_BAD;
605 default: return DRV_OK;
606 }
607 }
608
609 static int skip_imap_list_l(char **sp, int level)
610 {
611 char *s = *sp;
612
613 for (;;) {
614 while (isspace((unsigned char)*s))
615 s++;
616 if (level && *s == ')') {
617 s++;
618 break;
619 }
620 if (*s == '(') {
621 /* sublist */
622 s++;
623 if (skip_imap_list_l(&s, level + 1))
624 goto bail;
625 } else if (*s == '"') {
626 /* quoted string */
627 s++;
628 for (; *s != '"'; s++)
629 if (!*s)
630 goto bail;
631 s++;
632 } else {
633 /* atom */
634 for (; *s && !isspace((unsigned char)*s); s++)
635 if (level && *s == ')')
636 break;
637 }
638
639 if (!level)
640 break;
641 if (!*s)
642 goto bail;
643 }
644 *sp = s;
645 return 0;
646
647 bail:
648 return -1;
649 }
650
651 static void skip_list(char **sp)
652 {
653 skip_imap_list_l(sp, 0);
654 }
655
656 static void parse_capability(struct imap *imap, char *cmd)
657 {
658 char *arg;
659 unsigned i;
660
661 imap->caps = 0x80000000;
662 while ((arg = next_arg(&cmd)))
663 for (i = 0; i < ARRAY_SIZE(cap_list); i++)
664 if (!strcmp(cap_list[i], arg))
665 imap->caps |= 1 << i;
666 imap->rcaps = imap->caps;
667 }
668
669 static int parse_response_code(struct imap_store *ctx, struct imap_cmd_cb *cb,
670 char *s)
671 {
672 struct imap *imap = ctx->imap;
673 char *arg, *p;
674
675 if (!s || *s != '[')
676 return RESP_OK; /* no response code */
677 s++;
678 if (!(p = strchr(s, ']'))) {
679 fprintf(stderr, "IMAP error: malformed response code\n");
680 return RESP_BAD;
681 }
682 *p++ = 0;
683 arg = next_arg(&s);
684 if (!arg) {
685 fprintf(stderr, "IMAP error: empty response code\n");
686 return RESP_BAD;
687 }
688 if (!strcmp("UIDVALIDITY", arg)) {
689 if (!(arg = next_arg(&s)) || strtol_i(arg, 10, &ctx->uidvalidity) || !ctx->uidvalidity) {
690 fprintf(stderr, "IMAP error: malformed UIDVALIDITY status\n");
691 return RESP_BAD;
692 }
693 } else if (!strcmp("UIDNEXT", arg)) {
694 if (!(arg = next_arg(&s)) || strtol_i(arg, 10, &imap->uidnext) || !imap->uidnext) {
695 fprintf(stderr, "IMAP error: malformed NEXTUID status\n");
696 return RESP_BAD;
697 }
698 } else if (!strcmp("CAPABILITY", arg)) {
699 parse_capability(imap, s);
700 } else if (!strcmp("ALERT", arg)) {
701 /* RFC2060 says that these messages MUST be displayed
702 * to the user
703 */
704 for (; isspace((unsigned char)*p); p++);
705 fprintf(stderr, "*** IMAP ALERT *** %s\n", p);
706 } else if (cb && cb->ctx && !strcmp("APPENDUID", arg)) {
707 if (!(arg = next_arg(&s)) || strtol_i(arg, 10, &ctx->uidvalidity) || !ctx->uidvalidity ||
708 !(arg = next_arg(&s)) || strtol_i(arg, 10, (int *)cb->ctx) || !cb->ctx) {
709 fprintf(stderr, "IMAP error: malformed APPENDUID status\n");
710 return RESP_BAD;
711 }
712 }
713 return RESP_OK;
714 }
715
716 static int get_cmd_result(struct imap_store *ctx, struct imap_cmd *tcmd)
717 {
718 struct imap *imap = ctx->imap;
719 struct imap_cmd *cmdp, **pcmdp;
720 char *cmd;
721 const char *arg, *arg1;
722 int n, resp, resp2, tag;
723
724 for (;;) {
725 if (buffer_gets(&imap->buf, &cmd))
726 return RESP_BAD;
727
728 arg = next_arg(&cmd);
729 if (!arg) {
730 fprintf(stderr, "IMAP error: empty response\n");
731 return RESP_BAD;
732 }
733 if (*arg == '*') {
734 arg = next_arg(&cmd);
735 if (!arg) {
736 fprintf(stderr, "IMAP error: unable to parse untagged response\n");
737 return RESP_BAD;
738 }
739
740 if (!strcmp("NAMESPACE", arg)) {
741 /* rfc2342 NAMESPACE response. */
742 skip_list(&cmd); /* Personal mailboxes */
743 skip_list(&cmd); /* Others' mailboxes */
744 skip_list(&cmd); /* Shared mailboxes */
745 } else if (!strcmp("OK", arg) || !strcmp("BAD", arg) ||
746 !strcmp("NO", arg) || !strcmp("BYE", arg)) {
747 if ((resp = parse_response_code(ctx, NULL, cmd)) != RESP_OK)
748 return resp;
749 } else if (!strcmp("CAPABILITY", arg)) {
750 parse_capability(imap, cmd);
751 } else if ((arg1 = next_arg(&cmd))) {
752 ; /*
753 * Unhandled response-data with at least two words.
754 * Ignore it.
755 *
756 * NEEDSWORK: Previously this case handled '<num> EXISTS'
757 * and '<num> RECENT' but as a probably-unintended side
758 * effect it ignores other unrecognized two-word
759 * responses. imap-send doesn't ever try to read
760 * messages or mailboxes these days, so consider
761 * eliminating this case.
762 */
763 } else {
764 fprintf(stderr, "IMAP error: unable to parse untagged response\n");
765 return RESP_BAD;
766 }
767 } else if (!imap->in_progress) {
768 fprintf(stderr, "IMAP error: unexpected reply: %s %s\n", arg, cmd ? cmd : "");
769 return RESP_BAD;
770 } else if (*arg == '+') {
771 /* This can happen only with the last command underway, as
772 it enforces a round-trip. */
773 cmdp = (struct imap_cmd *)((char *)imap->in_progress_append -
774 offsetof(struct imap_cmd, next));
775 if (cmdp->cb.data) {
776 n = socket_write(&imap->buf.sock, cmdp->cb.data, cmdp->cb.dlen);
777 FREE_AND_NULL(cmdp->cb.data);
778 if (n != (int)cmdp->cb.dlen)
779 return RESP_BAD;
780 } else if (cmdp->cb.cont) {
781 if (cmdp->cb.cont(ctx, cmd))
782 return RESP_BAD;
783 } else {
784 fprintf(stderr, "IMAP error: unexpected command continuation request\n");
785 return RESP_BAD;
786 }
787 if (socket_write(&imap->buf.sock, "\r\n", 2) != 2)
788 return RESP_BAD;
789 if (!cmdp->cb.cont)
790 imap->literal_pending = 0;
791 if (!tcmd)
792 return DRV_OK;
793 } else {
794 if (strtol_i(arg, 10, &tag)) {
795 fprintf(stderr, "IMAP error: malformed tag %s\n", arg);
796 return RESP_BAD;
797 }
798 for (pcmdp = &imap->in_progress; (cmdp = *pcmdp); pcmdp = &cmdp->next)
799 if (cmdp->tag == tag)
800 goto gottag;
801 fprintf(stderr, "IMAP error: unexpected tag %s\n", arg);
802 return RESP_BAD;
803 gottag:
804 if (!(*pcmdp = cmdp->next))
805 imap->in_progress_append = pcmdp;
806 imap->num_in_progress--;
807 if (cmdp->cb.cont || cmdp->cb.data)
808 imap->literal_pending = 0;
809 arg = next_arg(&cmd);
810 if (!arg)
811 arg = "";
812 if (!strcmp("OK", arg))
813 resp = DRV_OK;
814 else {
815 if (!strcmp("NO", arg))
816 resp = RESP_NO;
817 else /*if (!strcmp("BAD", arg))*/
818 resp = RESP_BAD;
819 fprintf(stderr, "IMAP command '%s' returned response (%s) - %s\n",
820 !starts_with(cmdp->cmd, "LOGIN") ?
821 cmdp->cmd : "LOGIN <user> <pass>",
822 arg, cmd ? cmd : "");
823 }
824 if ((resp2 = parse_response_code(ctx, &cmdp->cb, cmd)) > resp)
825 resp = resp2;
826 free(cmdp->cb.data);
827 free(cmdp->cmd);
828 free(cmdp);
829 if (!tcmd || tcmd == cmdp)
830 return resp;
831 }
832 }
833 /* not reached */
834 }
835
836 static void imap_close_server(struct imap_store *ictx)
837 {
838 struct imap *imap = ictx->imap;
839
840 if (imap->buf.sock.fd[0] != -1) {
841 imap_exec(ictx, NULL, "LOGOUT");
842 socket_shutdown(&imap->buf.sock);
843 }
844 free(imap);
845 }
846
847 static void imap_close_store(struct imap_store *ctx)
848 {
849 imap_close_server(ctx);
850 free(ctx);
851 }
852
853 #ifndef NO_OPENSSL
854
855 /*
856 * hexchar() and cram() functions are based on the code from the isync
857 * project (https://isync.sourceforge.io/).
858 */
859 static char hexchar(unsigned int b)
860 {
861 return b < 10 ? '0' + b : 'a' + (b - 10);
862 }
863
864 #define ENCODED_SIZE(n) (4 * DIV_ROUND_UP((n), 3))
865 static char *plain_base64(const char *user, const char *pass)
866 {
867 struct strbuf raw = STRBUF_INIT;
868 int b64_len;
869 char *b64;
870
871 /*
872 * Compose the PLAIN string
873 *
874 * The username and password are combined to one string and base64 encoded.
875 * "\0user\0pass"
876 *
877 * The method has been described in RFC4616.
878 *
879 * https://datatracker.ietf.org/doc/html/rfc4616
880 */
881 strbuf_addch(&raw, '\0');
882 strbuf_addstr(&raw, user);
883 strbuf_addch(&raw, '\0');
884 strbuf_addstr(&raw, pass);
885
886 b64 = xmallocz(ENCODED_SIZE(raw.len));
887 b64_len = EVP_EncodeBlock((unsigned char *)b64, (unsigned char *)raw.buf, raw.len);
888 strbuf_release(&raw);
889
890 if (b64_len < 0) {
891 free(b64);
892 return NULL;
893 }
894 return b64;
895 }
896
897 static char *cram(const char *challenge_64, const char *user, const char *pass)
898 {
899 int i, resp_len, encoded_len, decoded_len;
900 unsigned char hash[16];
901 char hex[33];
902 char *response, *response_64, *challenge;
903
904 /*
905 * length of challenge_64 (i.e. base-64 encoded string) is a good
906 * enough upper bound for challenge (decoded result).
907 */
908 encoded_len = strlen(challenge_64);
909 challenge = xmalloc(encoded_len);
910 decoded_len = EVP_DecodeBlock((unsigned char *)challenge,
911 (unsigned char *)challenge_64, encoded_len);
912 if (decoded_len < 0)
913 die("invalid challenge %s", challenge_64);
914 if (!HMAC(EVP_md5(), pass, strlen(pass), (unsigned char *)challenge, decoded_len, hash, NULL))
915 die("HMAC error");
916
917 hex[32] = 0;
918 for (i = 0; i < 16; i++) {
919 hex[2 * i] = hexchar((hash[i] >> 4) & 0xf);
920 hex[2 * i + 1] = hexchar(hash[i] & 0xf);
921 }
922
923 /* response: "<user> <digest in hex>" */
924 response = xstrfmt("%s %s", user, hex);
925 resp_len = strlen(response);
926
927 response_64 = xmallocz(ENCODED_SIZE(resp_len));
928 encoded_len = EVP_EncodeBlock((unsigned char *)response_64,
929 (unsigned char *)response, resp_len);
930 if (encoded_len < 0)
931 die("EVP_EncodeBlock error");
932 return (char *)response_64;
933 }
934
935 static char *oauthbearer_base64(const char *user, const char *access_token)
936 {
937 int b64_len;
938 char *raw, *b64;
939
940 /*
941 * Compose the OAUTHBEARER string
942 *
943 * "n,a=" {User} ",^Ahost=" {Host} "^Aport=" {Port} "^Aauth=Bearer " {Access Token} "^A^A
944 *
945 * The first part `n,a=" {User} ",` is the gs2 header described in RFC5801.
946 * * gs2-cb-flag `n` -> client does not support CB
947 * * gs2-authzid `a=" {User} "`
948 *
949 * The second part are key value pairs containing host, port and auth as
950 * described in RFC7628.
951 *
952 * https://datatracker.ietf.org/doc/html/rfc5801
953 * https://datatracker.ietf.org/doc/html/rfc7628
954 */
955 raw = xstrfmt("n,a=%s,\001auth=Bearer %s\001\001", user, access_token);
956
957 /* Base64 encode */
958 b64 = xmallocz(ENCODED_SIZE(strlen(raw)));
959 b64_len = EVP_EncodeBlock((unsigned char *)b64, (unsigned char *)raw, strlen(raw));
960 free(raw);
961
962 if (b64_len < 0) {
963 free(b64);
964 return NULL;
965 }
966 return b64;
967 }
968
969 static char *xoauth2_base64(const char *user, const char *access_token)
970 {
971 int b64_len;
972 char *raw, *b64;
973
974 /*
975 * Compose the XOAUTH2 string
976 * "user=" {User} "^Aauth=Bearer " {Access Token} "^A^A"
977 * https://developers.google.com/workspace/gmail/imap/xoauth2-protocol#initial_client_response
978 */
979 raw = xstrfmt("user=%s\001auth=Bearer %s\001\001", user, access_token);
980
981 /* Base64 encode */
982 b64 = xmallocz(ENCODED_SIZE(strlen(raw)));
983 b64_len = EVP_EncodeBlock((unsigned char *)b64, (unsigned char *)raw, strlen(raw));
984 free(raw);
985
986 if (b64_len < 0) {
987 free(b64);
988 return NULL;
989 }
990 return b64;
991 }
992
993 static int auth_plain(struct imap_store *ctx, const char *prompt UNUSED)
994 {
995 int ret;
996 char *b64;
997
998 b64 = plain_base64(ctx->cfg->user, ctx->cfg->pass);
999 if (!b64)
1000 return error("PLAIN: base64 encoding failed");
1001
1002 /* Send the base64-encoded response */
1003 ret = socket_write(&ctx->imap->buf.sock, b64, strlen(b64));
1004 if (ret != (int)strlen(b64)) {
1005 free(b64);
1006 return error("IMAP error: sending PLAIN response failed");
1007 }
1008
1009 free(b64);
1010 return 0;
1011 }
1012
1013 static int auth_cram_md5(struct imap_store *ctx, const char *prompt)
1014 {
1015 int ret;
1016 char *response;
1017
1018 response = cram(prompt, ctx->cfg->user, ctx->cfg->pass);
1019
1020 ret = socket_write(&ctx->imap->buf.sock, response, strlen(response));
1021 if (ret != strlen(response)) {
1022 free(response);
1023 return error("IMAP error: sending CRAM-MD5 response failed");
1024 }
1025
1026 free(response);
1027
1028 return 0;
1029 }
1030
1031 static int auth_oauthbearer(struct imap_store *ctx, const char *prompt UNUSED)
1032 {
1033 int ret;
1034 char *b64;
1035
1036 b64 = oauthbearer_base64(ctx->cfg->user, ctx->cfg->pass);
1037 if (!b64)
1038 return error("OAUTHBEARER: base64 encoding failed");
1039
1040 /* Send the base64-encoded response */
1041 ret = socket_write(&ctx->imap->buf.sock, b64, strlen(b64));
1042 if (ret != (int)strlen(b64)) {
1043 free(b64);
1044 return error("IMAP error: sending OAUTHBEARER response failed");
1045 }
1046
1047 free(b64);
1048 return 0;
1049 }
1050
1051 static int auth_xoauth2(struct imap_store *ctx, const char *prompt UNUSED)
1052 {
1053 int ret;
1054 char *b64;
1055
1056 b64 = xoauth2_base64(ctx->cfg->user, ctx->cfg->pass);
1057 if (!b64)
1058 return error("XOAUTH2: base64 encoding failed");
1059
1060 /* Send the base64-encoded response */
1061 ret = socket_write(&ctx->imap->buf.sock, b64, strlen(b64));
1062 if (ret != (int)strlen(b64)) {
1063 free(b64);
1064 return error("IMAP error: sending XOAUTH2 response failed");
1065 }
1066
1067 free(b64);
1068 return 0;
1069 }
1070
1071 #else
1072
1073 #define auth_plain NULL
1074 #define auth_cram_md5 NULL
1075 #define auth_oauthbearer NULL
1076 #define auth_xoauth2 NULL
1077
1078 #endif
1079
1080 static void server_fill_credential(struct imap_server_conf *srvc, struct credential *cred)
1081 {
1082 if (srvc->user && srvc->pass)
1083 return;
1084
1085 cred->protocol = xstrdup(srvc->use_ssl ? "imaps" : "imap");
1086 cred->host = xstrfmt("%s:%d", srvc->host, srvc->port);
1087
1088 cred->username = xstrdup_or_null(srvc->user);
1089 cred->password = xstrdup_or_null(srvc->pass);
1090
1091 credential_fill(the_repository, cred, 1);
1092
1093 if (!srvc->user)
1094 srvc->user = xstrdup(cred->username);
1095 if (!srvc->pass)
1096 srvc->pass = xstrdup(cred->password);
1097 }
1098
1099 static int try_auth_method(struct imap_server_conf *srvc,
1100 struct imap_store *ctx,
1101 struct imap *imap,
1102 const char *auth_method,
1103 enum CAPABILITY cap,
1104 int (*fn)(struct imap_store *, const char *))
1105 {
1106 struct imap_cmd_cb cb = {0};
1107
1108 if (!CAP(cap)) {
1109 fprintf(stderr, "You specified "
1110 "%s as authentication method, "
1111 "but %s doesn't support it.\n",
1112 auth_method, srvc->host);
1113 return -1;
1114 }
1115 cb.cont = fn;
1116
1117 if (NOT_CONSTANT(!cb.cont)) {
1118 fprintf(stderr, "If you want to use %s authentication mechanism, "
1119 "you have to build git-imap-send with OpenSSL library.",
1120 auth_method);
1121 return -1;
1122 }
1123 if (imap_exec(ctx, &cb, "AUTHENTICATE %s", auth_method) != RESP_OK) {
1124 fprintf(stderr, "IMAP error: AUTHENTICATE %s failed\n",
1125 auth_method);
1126 return -1;
1127 }
1128 return 0;
1129 }
1130
1131 static struct imap_store *imap_open_store(struct imap_server_conf *srvc, const char *folder)
1132 {
1133 struct credential cred = CREDENTIAL_INIT;
1134 struct imap_store *ctx;
1135 struct imap *imap;
1136 char *arg, *rsp;
1137 int s = -1, preauth;
1138
1139 CALLOC_ARRAY(ctx, 1);
1140
1141 ctx->cfg = srvc;
1142 ctx->imap = CALLOC_ARRAY(imap, 1);
1143 imap->buf.sock.fd[0] = imap->buf.sock.fd[1] = -1;
1144 imap->in_progress_append = &imap->in_progress;
1145
1146 /* open connection to IMAP server */
1147
1148 if (srvc->tunnel) {
1149 struct child_process tunnel = CHILD_PROCESS_INIT;
1150
1151 imap_info("Starting tunnel '%s'... ", srvc->tunnel);
1152
1153 strvec_push(&tunnel.args, srvc->tunnel);
1154 tunnel.use_shell = 1;
1155 tunnel.in = -1;
1156 tunnel.out = -1;
1157 if (start_command(&tunnel))
1158 die("cannot start proxy %s", srvc->tunnel);
1159
1160 imap->buf.sock.fd[0] = tunnel.out;
1161 imap->buf.sock.fd[1] = tunnel.in;
1162
1163 imap_info("OK\n");
1164 } else {
1165 #ifndef NO_IPV6
1166 struct addrinfo hints, *ai0, *ai;
1167 int gai;
1168 char portstr[6];
1169
1170 xsnprintf(portstr, sizeof(portstr), "%d", srvc->port);
1171
1172 memset(&hints, 0, sizeof(hints));
1173 hints.ai_socktype = SOCK_STREAM;
1174 hints.ai_protocol = IPPROTO_TCP;
1175
1176 imap_info("Resolving %s... ", srvc->host);
1177 gai = getaddrinfo(srvc->host, portstr, &hints, &ai);
1178 if (gai) {
1179 fprintf(stderr, "getaddrinfo: %s\n", gai_strerror(gai));
1180 goto bail;
1181 }
1182 imap_info("OK\n");
1183
1184 for (ai0 = ai; ai; ai = ai->ai_next) {
1185 char addr[NI_MAXHOST];
1186
1187 s = socket(ai->ai_family, ai->ai_socktype,
1188 ai->ai_protocol);
1189 if (s < 0)
1190 continue;
1191
1192 getnameinfo(ai->ai_addr, ai->ai_addrlen, addr,
1193 sizeof(addr), NULL, 0, NI_NUMERICHOST);
1194 imap_info("Connecting to [%s]:%s... ", addr, portstr);
1195
1196 if (connect(s, ai->ai_addr, ai->ai_addrlen) < 0) {
1197 close(s);
1198 s = -1;
1199 perror("connect");
1200 continue;
1201 }
1202
1203 break;
1204 }
1205 freeaddrinfo(ai0);
1206 #else /* NO_IPV6 */
1207 struct hostent *he;
1208 struct sockaddr_in addr;
1209
1210 memset(&addr, 0, sizeof(addr));
1211 addr.sin_port = htons(srvc->port);
1212 addr.sin_family = AF_INET;
1213
1214 imap_info("Resolving %s... ", srvc->host);
1215 he = gethostbyname(srvc->host);
1216 if (!he) {
1217 perror("gethostbyname");
1218 goto bail;
1219 }
1220 imap_info("OK\n");
1221
1222 addr.sin_addr.s_addr = *((int *) he->h_addr_list[0]);
1223
1224 s = socket(PF_INET, SOCK_STREAM, 0);
1225
1226 imap_info("Connecting to %s:%hu... ", inet_ntoa(addr.sin_addr), ntohs(addr.sin_port));
1227 if (connect(s, (struct sockaddr *)&addr, sizeof(addr))) {
1228 close(s);
1229 s = -1;
1230 perror("connect");
1231 }
1232 #endif
1233 if (s < 0) {
1234 fputs("error: unable to connect to server\n", stderr);
1235 goto bail;
1236 }
1237
1238 imap->buf.sock.fd[0] = s;
1239 imap->buf.sock.fd[1] = dup(s);
1240
1241 if (srvc->use_ssl &&
1242 ssl_socket_connect(&imap->buf.sock, srvc, 0)) {
1243 close(s);
1244 goto bail;
1245 }
1246 imap_info("OK\n");
1247 }
1248
1249 /* read the greeting string */
1250 if (buffer_gets(&imap->buf, &rsp)) {
1251 fprintf(stderr, "IMAP error: no greeting response\n");
1252 goto bail;
1253 }
1254 arg = next_arg(&rsp);
1255 if (!arg || *arg != '*' || (arg = next_arg(&rsp)) == NULL) {
1256 fprintf(stderr, "IMAP error: invalid greeting response\n");
1257 goto bail;
1258 }
1259 preauth = 0;
1260 if (!strcmp("PREAUTH", arg))
1261 preauth = 1;
1262 else if (strcmp("OK", arg) != 0) {
1263 fprintf(stderr, "IMAP error: unknown greeting response\n");
1264 goto bail;
1265 }
1266 parse_response_code(ctx, NULL, rsp);
1267 if (!imap->caps && imap_exec(ctx, NULL, "CAPABILITY") != RESP_OK)
1268 goto bail;
1269
1270 if (!preauth) {
1271 #ifndef NO_OPENSSL
1272 if (!srvc->use_ssl && CAP(STARTTLS)) {
1273 if (imap_exec(ctx, NULL, "STARTTLS") != RESP_OK)
1274 goto bail;
1275 if (ssl_socket_connect(&imap->buf.sock, srvc, 1))
1276 goto bail;
1277 /* capabilities may have changed, so get the new capabilities */
1278 if (imap_exec(ctx, NULL, "CAPABILITY") != RESP_OK)
1279 goto bail;
1280 }
1281 #endif
1282 imap_info("Logging in...\n");
1283 server_fill_credential(srvc, &cred);
1284
1285 if (srvc->auth_method) {
1286 if (!strcmp(srvc->auth_method, "PLAIN")) {
1287 if (try_auth_method(srvc, ctx, imap, "PLAIN", AUTH_PLAIN, auth_plain))
1288 goto bail;
1289 } else if (!strcmp(srvc->auth_method, "CRAM-MD5")) {
1290 if (try_auth_method(srvc, ctx, imap, "CRAM-MD5", AUTH_CRAM_MD5, auth_cram_md5))
1291 goto bail;
1292 } else if (!strcmp(srvc->auth_method, "OAUTHBEARER")) {
1293 if (try_auth_method(srvc, ctx, imap, "OAUTHBEARER", AUTH_OAUTHBEARER, auth_oauthbearer))
1294 goto bail;
1295 } else if (!strcmp(srvc->auth_method, "XOAUTH2")) {
1296 if (try_auth_method(srvc, ctx, imap, "XOAUTH2", AUTH_XOAUTH2, auth_xoauth2))
1297 goto bail;
1298 } else {
1299 fprintf(stderr, "unknown authentication mechanism: %s\n", srvc->auth_method);
1300 goto bail;
1301 }
1302 } else {
1303 if (CAP(NOLOGIN)) {
1304 fprintf(stderr, "skipping account %s@%s, server forbids LOGIN\n",
1305 srvc->user, srvc->host);
1306 goto bail;
1307 }
1308 if (!imap->buf.sock.ssl)
1309 imap_warn("*** IMAP Warning *** Password is being "
1310 "sent in the clear\n");
1311 if (imap_exec(ctx, NULL, "LOGIN \"%s\" \"%s\"", srvc->user, srvc->pass) != RESP_OK) {
1312 fprintf(stderr, "IMAP error: LOGIN failed\n");
1313 goto bail;
1314 }
1315 }
1316 } /* !preauth */
1317
1318 if (cred.username)
1319 credential_approve(the_repository, &cred);
1320 credential_clear(&cred);
1321
1322 /* check the target mailbox exists */
1323 ctx->name = folder;
1324 switch (imap_exec(ctx, NULL, "EXAMINE \"%s\"", ctx->name)) {
1325 case RESP_OK:
1326 /* ok */
1327 break;
1328 case RESP_BAD:
1329 fprintf(stderr, "IMAP error: could not check mailbox\n");
1330 goto out;
1331 case RESP_NO:
1332 if (imap_exec(ctx, NULL, "CREATE \"%s\"", ctx->name) == RESP_OK) {
1333 imap_info("Created missing mailbox\n");
1334 } else {
1335 fprintf(stderr, "IMAP error: could not create missing mailbox\n");
1336 goto out;
1337 }
1338 break;
1339 }
1340
1341 ctx->prefix = "";
1342 return ctx;
1343
1344 bail:
1345 if (cred.username)
1346 credential_reject(the_repository, &cred);
1347 credential_clear(&cred);
1348
1349 out:
1350 imap_close_store(ctx);
1351 return NULL;
1352 }
1353
1354 /*
1355 * Insert CR characters as necessary in *msg to ensure that every LF
1356 * character in *msg is preceded by a CR.
1357 */
1358 static void lf_to_crlf(struct strbuf *msg)
1359 {
1360 char *new_msg;
1361 size_t i, j;
1362 char lastc;
1363
1364 /* First pass: tally, in j, the size of the new_msg string: */
1365 for (i = j = 0, lastc = '\0'; i < msg->len; i++) {
1366 if (msg->buf[i] == '\n' && lastc != '\r')
1367 j++; /* a CR will need to be added here */
1368 lastc = msg->buf[i];
1369 j++;
1370 }
1371
1372 new_msg = xmallocz(j);
1373
1374 /*
1375 * Second pass: write the new_msg string. Note that this loop is
1376 * otherwise identical to the first pass.
1377 */
1378 for (i = j = 0, lastc = '\0'; i < msg->len; i++) {
1379 if (msg->buf[i] == '\n' && lastc != '\r')
1380 new_msg[j++] = '\r';
1381 lastc = new_msg[j++] = msg->buf[i];
1382 }
1383 strbuf_attach(msg, new_msg, j, j + 1);
1384 }
1385
1386 /*
1387 * Store msg to IMAP. Also detach and free the data from msg->data,
1388 * leaving msg->data empty.
1389 */
1390 static int imap_store_msg(struct imap_store *ctx, struct strbuf *msg)
1391 {
1392 struct imap *imap = ctx->imap;
1393 struct imap_cmd_cb cb;
1394 const char *prefix, *box;
1395 int ret;
1396
1397 lf_to_crlf(msg);
1398 memset(&cb, 0, sizeof(cb));
1399
1400 cb.dlen = msg->len;
1401 cb.data = strbuf_detach(msg, NULL);
1402
1403 box = ctx->name;
1404 prefix = !strcmp(box, "INBOX") ? "" : ctx->prefix;
1405 ret = imap_exec_m(ctx, &cb, "APPEND \"%s%s\" ", prefix, box);
1406 imap->caps = imap->rcaps;
1407 if (ret != DRV_OK)
1408 return ret;
1409
1410 return DRV_OK;
1411 }
1412
1413 static void wrap_in_html(struct strbuf *msg)
1414 {
1415 struct strbuf buf = STRBUF_INIT;
1416 static const char *content_type = "Content-Type: text/html;\n";
1417 static const char *pre_open = "<pre>\n";
1418 static const char *pre_close = "</pre>\n";
1419 const char *body = strstr(msg->buf, "\n\n");
1420
1421 if (!body)
1422 return; /* Headers but no body; no wrapping needed */
1423
1424 body += 2;
1425
1426 strbuf_add(&buf, msg->buf, body - msg->buf - 1);
1427 strbuf_addstr(&buf, content_type);
1428 strbuf_addch(&buf, '\n');
1429 strbuf_addstr(&buf, pre_open);
1430 strbuf_addstr_xml_quoted(&buf, body);
1431 strbuf_addstr(&buf, pre_close);
1432
1433 strbuf_release(msg);
1434 *msg = buf;
1435 }
1436
1437 static int count_messages(struct strbuf *all_msgs)
1438 {
1439 int count = 0;
1440 char *p = all_msgs->buf;
1441
1442 while (1) {
1443 if (starts_with(p, "From ")) {
1444 p = strstr(p+5, "\nFrom: ");
1445 if (!p) break;
1446 p = strstr(p+7, "\nDate: ");
1447 if (!p) break;
1448 p = strstr(p+7, "\nSubject: ");
1449 if (!p) break;
1450 p += 10;
1451 count++;
1452 }
1453 p = strstr(p+5, "\nFrom ");
1454 if (!p)
1455 break;
1456 p++;
1457 }
1458 return count;
1459 }
1460
1461 /*
1462 * Copy the next message from all_msgs, starting at offset *ofs, to
1463 * msg. Update *ofs to the start of the following message. Return
1464 * true iff a message was successfully copied.
1465 */
1466 static int split_msg(struct strbuf *all_msgs, struct strbuf *msg, int *ofs)
1467 {
1468 char *p, *data;
1469 size_t len;
1470
1471 if (*ofs >= all_msgs->len)
1472 return 0;
1473
1474 data = &all_msgs->buf[*ofs];
1475 len = all_msgs->len - *ofs;
1476
1477 if (len < 5 || !starts_with(data, "From "))
1478 return 0;
1479
1480 p = strchr(data, '\n');
1481 if (p) {
1482 p++;
1483 len -= p - data;
1484 *ofs += p - data;
1485 data = p;
1486 }
1487
1488 p = strstr(data, "\nFrom ");
1489 if (p)
1490 len = &p[1] - data;
1491
1492 strbuf_add(msg, data, len);
1493 *ofs += len;
1494 return 1;
1495 }
1496
1497 static int git_imap_config(const char *var, const char *val,
1498 const struct config_context *ctx, void *cb)
1499 {
1500 struct imap_server_conf *cfg = cb;
1501
1502 if (!strcmp("imap.sslverify", var)) {
1503 cfg->ssl_verify = git_config_bool(var, val);
1504 } else if (!strcmp("imap.preformattedhtml", var)) {
1505 cfg->use_html = git_config_bool(var, val);
1506 } else if (!strcmp("imap.folder", var)) {
1507 FREE_AND_NULL(cfg->folder);
1508 return git_config_string(&cfg->folder, var, val);
1509 } else if (!strcmp("imap.user", var)) {
1510 FREE_AND_NULL(cfg->user);
1511 return git_config_string(&cfg->user, var, val);
1512 } else if (!strcmp("imap.pass", var)) {
1513 FREE_AND_NULL(cfg->pass);
1514 return git_config_string(&cfg->pass, var, val);
1515 } else if (!strcmp("imap.tunnel", var)) {
1516 FREE_AND_NULL(cfg->tunnel);
1517 return git_config_string(&cfg->tunnel, var, val);
1518 } else if (!strcmp("imap.authmethod", var)) {
1519 FREE_AND_NULL(cfg->auth_method);
1520 return git_config_string(&cfg->auth_method, var, val);
1521 } else if (!strcmp("imap.port", var)) {
1522 cfg->port = git_config_int(var, val, ctx->kvi);
1523 } else if (!strcmp("imap.host", var)) {
1524 if (!val) {
1525 return config_error_nonbool(var);
1526 } else {
1527 if (starts_with(val, "imap:"))
1528 val += 5;
1529 else if (starts_with(val, "imaps:")) {
1530 val += 6;
1531 cfg->use_ssl = 1;
1532 }
1533 if (starts_with(val, "//"))
1534 val += 2;
1535 cfg->host = xstrdup(val);
1536 }
1537 } else {
1538 return git_default_config(var, val, ctx, cb);
1539 }
1540
1541 return 0;
1542 }
1543
1544 static int append_msgs_to_imap(struct imap_server_conf *server,
1545 struct strbuf* all_msgs, int total)
1546 {
1547 struct strbuf msg = STRBUF_INIT;
1548 struct imap_store *ctx = NULL;
1549 int ofs = 0;
1550 int r;
1551 int n = 0;
1552
1553 ctx = imap_open_store(server, server->folder);
1554 if (!ctx) {
1555 fprintf(stderr, "failed to open store\n");
1556 return 1;
1557 }
1558 ctx->name = server->folder;
1559
1560 fprintf(stderr, "Sending %d message%s to %s folder...\n",
1561 total, (total != 1) ? "s" : "", server->folder);
1562 while (1) {
1563 unsigned percent = n * 100 / total;
1564
1565 fprintf(stderr, "%4u%% (%d/%d) done\r", percent, n, total);
1566
1567 if (!split_msg(all_msgs, &msg, &ofs))
1568 break;
1569 if (server->use_html)
1570 wrap_in_html(&msg);
1571 r = imap_store_msg(ctx, &msg);
1572 if (r != DRV_OK)
1573 break;
1574 n++;
1575 }
1576 fprintf(stderr, "\n");
1577
1578 imap_close_store(ctx);
1579
1580 return 0;
1581 }
1582
1583 static int list_imap_folders(struct imap_server_conf *server)
1584 {
1585 struct imap_store *ctx = imap_open_store(server, "INBOX");
1586 if (!ctx) {
1587 fprintf(stderr, "failed to connect to IMAP server\n");
1588 return 1;
1589 }
1590
1591 fprintf(stderr, "Fetching the list of available folders...\n");
1592 /* Issue the LIST command and print the results */
1593 if (imap_exec(ctx, NULL, "LIST \"\" \"*\"") != RESP_OK) {
1594 fprintf(stderr, "failed to list folders\n");
1595 imap_close_store(ctx);
1596 return 1;
1597 }
1598
1599 imap_close_store(ctx);
1600 return 0;
1601 }
1602
1603 #ifdef USE_CURL_FOR_IMAP_SEND
1604 static CURL *setup_curl(struct imap_server_conf *srvc, struct credential *cred)
1605 {
1606 CURL *curl;
1607 struct strbuf path = STRBUF_INIT;
1608 char *uri_encoded_folder;
1609
1610 if (curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK)
1611 die("curl_global_init failed");
1612
1613 curl = curl_easy_init();
1614
1615 if (!curl)
1616 die("curl_easy_init failed");
1617
1618 server_fill_credential(srvc, cred);
1619 curl_easy_setopt(curl, CURLOPT_USERNAME, srvc->user);
1620
1621 /*
1622 * Use CURLOPT_PASSWORD irrespective of whether there is
1623 * an auth method specified or not, unless it's OAuth2.0,
1624 * where we use CURLOPT_XOAUTH2_BEARER.
1625 */
1626 if (!srvc->auth_method ||
1627 (strcmp(srvc->auth_method, "XOAUTH2") &&
1628 strcmp(srvc->auth_method, "OAUTHBEARER")))
1629 curl_easy_setopt(curl, CURLOPT_PASSWORD, srvc->pass);
1630
1631 strbuf_addstr(&path, srvc->use_ssl ? "imaps://" : "imap://");
1632 strbuf_addstr(&path, srvc->host);
1633 if (!path.len || path.buf[path.len - 1] != '/')
1634 strbuf_addch(&path, '/');
1635
1636 if (!list_folders) {
1637 uri_encoded_folder = curl_easy_escape(curl, srvc->folder, 0);
1638 if (!uri_encoded_folder)
1639 die("failed to encode server folder");
1640 strbuf_addstr(&path, uri_encoded_folder);
1641 curl_free(uri_encoded_folder);
1642 }
1643
1644 curl_easy_setopt(curl, CURLOPT_URL, path.buf);
1645 strbuf_release(&path);
1646 curl_easy_setopt(curl, CURLOPT_PORT, (long)srvc->port);
1647
1648 if (srvc->auth_method) {
1649 if (!strcmp(srvc->auth_method, "XOAUTH2") ||
1650 !strcmp(srvc->auth_method, "OAUTHBEARER")) {
1651
1652 /*
1653 * While CURLOPT_XOAUTH2_BEARER looks as if it only supports XOAUTH2,
1654 * upon debugging, it has been found that it is capable of detecting
1655 * the best option out of OAUTHBEARER and XOAUTH2.
1656 */
1657 curl_easy_setopt(curl, CURLOPT_XOAUTH2_BEARER, srvc->pass);
1658 } else {
1659 struct strbuf auth = STRBUF_INIT;
1660 strbuf_addstr(&auth, "AUTH=");
1661 strbuf_addstr(&auth, srvc->auth_method);
1662 curl_easy_setopt(curl, CURLOPT_LOGIN_OPTIONS, auth.buf);
1663 strbuf_release(&auth);
1664 }
1665 }
1666
1667 if (!srvc->use_ssl)
1668 curl_easy_setopt(curl, CURLOPT_USE_SSL, (long)CURLUSESSL_TRY);
1669
1670 curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, (long)srvc->ssl_verify);
1671 curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, (long)srvc->ssl_verify);
1672
1673 if (0 < verbosity || getenv("GIT_CURL_VERBOSE"))
1674 http_trace_curl_no_data();
1675 setup_curl_trace(curl);
1676
1677 return curl;
1678 }
1679
1680 static int curl_append_msgs_to_imap(struct imap_server_conf *server,
1681 struct strbuf* all_msgs, int total)
1682 {
1683 int ofs = 0;
1684 int n = 0;
1685 struct buffer msgbuf = { STRBUF_INIT, 0 };
1686 CURL *curl;
1687 CURLcode res = CURLE_OK;
1688 struct credential cred = CREDENTIAL_INIT;
1689
1690 curl = setup_curl(server, &cred);
1691
1692 curl_easy_setopt(curl, CURLOPT_READFUNCTION, fread_buffer);
1693 curl_easy_setopt(curl, CURLOPT_UPLOAD, 1L);
1694
1695 curl_easy_setopt(curl, CURLOPT_READDATA, &msgbuf);
1696
1697 fprintf(stderr, "Sending %d message%s to %s folder...\n",
1698 total, (total != 1) ? "s" : "", server->folder);
1699 while (1) {
1700 unsigned percent = n * 100 / total;
1701 int prev_len;
1702
1703 fprintf(stderr, "%4u%% (%d/%d) done\r", percent, n, total);
1704
1705 prev_len = msgbuf.buf.len;
1706 if (!split_msg(all_msgs, &msgbuf.buf, &ofs))
1707 break;
1708 if (server->use_html)
1709 wrap_in_html(&msgbuf.buf);
1710 lf_to_crlf(&msgbuf.buf);
1711
1712 curl_easy_setopt(curl, CURLOPT_INFILESIZE_LARGE,
1713 (curl_off_t)(msgbuf.buf.len-prev_len));
1714
1715 res = curl_easy_perform(curl);
1716
1717 if(res != CURLE_OK) {
1718 fprintf(stderr, "curl_easy_perform() failed: %s\n",
1719 curl_easy_strerror(res));
1720 break;
1721 }
1722
1723 n++;
1724 }
1725 fprintf(stderr, "\n");
1726
1727 curl_easy_cleanup(curl);
1728 curl_global_cleanup();
1729
1730 if (cred.username) {
1731 if (res == CURLE_OK)
1732 credential_approve(the_repository, &cred);
1733 else if (res == CURLE_LOGIN_DENIED)
1734 credential_reject(the_repository, &cred);
1735 }
1736
1737 credential_clear(&cred);
1738
1739 return res != CURLE_OK;
1740 }
1741
1742 static int curl_list_imap_folders(struct imap_server_conf *server)
1743 {
1744 CURL *curl;
1745 CURLcode res = CURLE_OK;
1746 struct credential cred = CREDENTIAL_INIT;
1747
1748 fprintf(stderr, "Fetching the list of available folders...\n");
1749 curl = setup_curl(server, &cred);
1750 res = curl_easy_perform(curl);
1751
1752 curl_easy_cleanup(curl);
1753 curl_global_cleanup();
1754
1755 if (cred.username) {
1756 if (res == CURLE_OK)
1757 credential_approve(the_repository, &cred);
1758 else if (res == CURLE_LOGIN_DENIED)
1759 credential_reject(the_repository, &cred);
1760 }
1761
1762 credential_clear(&cred);
1763
1764 return res != CURLE_OK;
1765 }
1766 #endif
1767
1768 int cmd_main(int argc, const char **argv)
1769 {
1770 struct imap_server_conf server = {
1771 .ssl_verify = 1,
1772 };
1773 struct strbuf all_msgs = STRBUF_INIT;
1774 int total;
1775 int nongit_ok;
1776 int ret;
1777
1778 setup_git_directory_gently(&nongit_ok);
1779 git_config(git_imap_config, &server);
1780
1781 argc = parse_options(argc, (const char **)argv, "", imap_send_options, imap_send_usage, 0);
1782
1783 if (opt_folder) {
1784 free(server.folder);
1785 server.folder = xstrdup(opt_folder);
1786 }
1787
1788 if (argc)
1789 usage_with_options(imap_send_usage, imap_send_options);
1790
1791 #ifndef USE_CURL_FOR_IMAP_SEND
1792 if (use_curl) {
1793 warning("--curl not supported in this build");
1794 use_curl = 0;
1795 }
1796 #elif defined(NO_OPENSSL)
1797 if (!use_curl) {
1798 warning("--no-curl not supported in this build");
1799 use_curl = 1;
1800 }
1801 #endif
1802
1803 if (!server.port)
1804 server.port = server.use_ssl ? 993 : 143;
1805
1806 if (!server.host) {
1807 if (!server.tunnel) {
1808 error(_("no IMAP host specified"));
1809 advise(_("set the IMAP host with 'git config imap.host <host>'.\n"
1810 "(e.g., 'git config imap.host imaps://imap.example.com')"));
1811 ret = 1;
1812 goto out;
1813 }
1814 server.host = xstrdup("tunnel");
1815 }
1816
1817 if (list_folders) {
1818 if (server.tunnel)
1819 ret = list_imap_folders(&server);
1820 #ifdef USE_CURL_FOR_IMAP_SEND
1821 else if (use_curl)
1822 ret = curl_list_imap_folders(&server);
1823 #endif
1824 else
1825 ret = list_imap_folders(&server);
1826 goto out;
1827 }
1828
1829 if (!server.folder) {
1830 error(_("no IMAP folder specified"));
1831 advise(_("set the target folder with 'git config imap.folder <folder>'.\n"
1832 "(e.g., 'git config imap.folder Drafts')"));
1833 ret = 1;
1834 goto out;
1835 }
1836
1837 /* read the messages */
1838 if (strbuf_read(&all_msgs, 0, 0) < 0) {
1839 error_errno(_("could not read from stdin"));
1840 ret = 1;
1841 goto out;
1842 }
1843
1844 if (all_msgs.len == 0) {
1845 fprintf(stderr, "nothing to send\n");
1846 ret = 1;
1847 goto out;
1848 }
1849
1850 total = count_messages(&all_msgs);
1851 if (!total) {
1852 fprintf(stderr, "no messages found to send\n");
1853 ret = 1;
1854 goto out;
1855 }
1856
1857 /* write it to the imap server */
1858
1859 if (server.tunnel)
1860 ret = append_msgs_to_imap(&server, &all_msgs, total);
1861 #ifdef USE_CURL_FOR_IMAP_SEND
1862 else if (use_curl)
1863 ret = curl_append_msgs_to_imap(&server, &all_msgs, total);
1864 #endif
1865 else
1866 ret = append_msgs_to_imap(&server, &all_msgs, total);
1867
1868 out:
1869 free(server.tunnel);
1870 free(server.host);
1871 free(server.folder);
1872 free(server.user);
1873 free(server.pass);
1874 free(server.auth_method);
1875 strbuf_release(&all_msgs);
1876 return ret;
1877 }
Unnamed repository; edit this file 'description' to name the repository.