1/*
2 * git-imap-send - drops patches into an imap Drafts folder
3 * derived from isync/mbsync - mailbox synchronizer
4 *
5 * Copyright (C) 2000-2002 Michael R. Elkins <me@mutt.org>
6 * Copyright (C) 2002-2004 Oswald Buddenhagen <ossi@users.sf.net>
7 * Copyright (C) 2004 Theodore Y. Ts'o <tytso@mit.edu>
8 * Copyright (C) 2006 Mike McCormack
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
19 *
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23 */
24
25#include "cache.h"
26#include "exec_cmd.h"
27#include "run-command.h"
28#include "prompt.h"
29#ifdef NO_OPENSSL
30typedef void *SSL;
31#endif
32
33static const char imap_send_usage[] = "git imap-send < <mbox>";
34
35#undef DRV_OK
36#define DRV_OK 0
37#define DRV_MSG_BAD -1
38#define DRV_BOX_BAD -2
39#define DRV_STORE_BAD -3
40
41static int Verbose, Quiet;
42
43__attribute__((format (printf, 1, 2)))
44static void imap_info(const char *, ...);
45__attribute__((format (printf, 1, 2)))
46static void imap_warn(const char *, ...);
47
48static char *next_arg(char **);
49
50__attribute__((format (printf, 3, 4)))
51static int nfsnprintf(char *buf, int blen, const char *fmt, ...);
52
53static int nfvasprintf(char **strp, const char *fmt, va_list ap)
54{
55 int len;
56 char tmp[8192];
57
58 len = vsnprintf(tmp, sizeof(tmp), fmt, ap);
59 if (len < 0)
60 die("Fatal: Out of memory");
61 if (len >= sizeof(tmp))
62 die("imap command overflow!");
63 *strp = xmemdupz(tmp, len);
64 return len;
65}
66
67struct imap_server_conf {
68 char *name;
69 char *tunnel;
70 char *host;
71 int port;
72 char *user;
73 char *pass;
74 int use_ssl;
75 int ssl_verify;
76 int use_html;
77 char *auth_method;
78};
79
80static struct imap_server_conf server = {
81 NULL, /* name */
82 NULL, /* tunnel */
83 NULL, /* host */
84 0, /* port */
85 NULL, /* user */
86 NULL, /* pass */
87 0, /* use_ssl */
88 1, /* ssl_verify */
89 0, /* use_html */
90 NULL, /* auth_method */
91};
92
93struct imap_socket {
94 int fd[2];
95 SSL *ssl;
96};
97
98struct imap_buffer {
99 struct imap_socket sock;
100 int bytes;
101 int offset;
102 char buf[1024];
103};
104
105struct imap_cmd;
106
107struct imap {
108 int uidnext; /* from SELECT responses */
109 unsigned caps, rcaps; /* CAPABILITY results */
110 /* command queue */
111 int nexttag, num_in_progress, literal_pending;
112 struct imap_cmd *in_progress, **in_progress_append;
113 struct imap_buffer buf; /* this is BIG, so put it last */
114};
115
116struct imap_store {
117 /* currently open mailbox */
118 const char *name; /* foreign! maybe preset? */
119 int uidvalidity;
120 struct imap *imap;
121 const char *prefix;
122};
123
124struct imap_cmd_cb {
125 int (*cont)(struct imap_store *ctx, struct imap_cmd *cmd, const char *prompt);
126 void (*done)(struct imap_store *ctx, struct imap_cmd *cmd, int response);
127 void *ctx;
128 char *data;
129 int dlen;
130 int uid;
131 unsigned create:1, trycreate:1;
132};
133
134struct imap_cmd {
135 struct imap_cmd *next;
136 struct imap_cmd_cb cb;
137 char *cmd;
138 int tag;
139};
140
141#define CAP(cap) (imap->caps & (1 << (cap)))
142
143enum CAPABILITY {
144 NOLOGIN = 0,
145 UIDPLUS,
146 LITERALPLUS,
147 NAMESPACE,
148 STARTTLS,
149 AUTH_CRAM_MD5
150};
151
152static const char *cap_list[] = {
153 "LOGINDISABLED",
154 "UIDPLUS",
155 "LITERAL+",
156 "NAMESPACE",
157 "STARTTLS",
158 "AUTH=CRAM-MD5",
159};
160
161#define RESP_OK 0
162#define RESP_NO 1
163#define RESP_BAD 2
164
165static int get_cmd_result(struct imap_store *ctx, struct imap_cmd *tcmd);
166
167
168#ifndef NO_OPENSSL
169static void ssl_socket_perror(const char *func)
170{
171 fprintf(stderr, "%s: %s\n", func, ERR_error_string(ERR_get_error(), NULL));
172}
173#endif
174
175static void socket_perror(const char *func, struct imap_socket *sock, int ret)
176{
177#ifndef NO_OPENSSL
178 if (sock->ssl) {
179 int sslerr = SSL_get_error(sock->ssl, ret);
180 switch (sslerr) {
181 case SSL_ERROR_NONE:
182 break;
183 case SSL_ERROR_SYSCALL:
184 perror("SSL_connect");
185 break;
186 default:
187 ssl_socket_perror("SSL_connect");
188 break;
189 }
190 } else
191#endif
192 {
193 if (ret < 0)
194 perror(func);
195 else
196 fprintf(stderr, "%s: unexpected EOF\n", func);
197 }
198}
199
200#ifdef NO_OPENSSL
201static int ssl_socket_connect(struct imap_socket *sock, int use_tls_only, int verify)
202{
203 fprintf(stderr, "SSL requested but SSL support not compiled in\n");
204 return -1;
205}
206
207#else
208
209static int host_matches(const char *host, const char *pattern)
210{
211 if (pattern[0] == '*' && pattern[1] == '.') {
212 pattern += 2;
213 if (!(host = strchr(host, '.')))
214 return 0;
215 host++;
216 }
217
218 return *host && *pattern && !strcasecmp(host, pattern);
219}
220
221static int verify_hostname(X509 *cert, const char *hostname)
222{
223 int len;
224 X509_NAME *subj;
225 char cname[1000];
226 int i, found;
227 STACK_OF(GENERAL_NAME) *subj_alt_names;
228
229 /* try the DNS subjectAltNames */
230 found = 0;
231 if ((subj_alt_names = X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL))) {
232 int num_subj_alt_names = sk_GENERAL_NAME_num(subj_alt_names);
233 for (i = 0; !found && i < num_subj_alt_names; i++) {
234 GENERAL_NAME *subj_alt_name = sk_GENERAL_NAME_value(subj_alt_names, i);
235 if (subj_alt_name->type == GEN_DNS &&
236 strlen((const char *)subj_alt_name->d.ia5->data) == (size_t)subj_alt_name->d.ia5->length &&
237 host_matches(hostname, (const char *)(subj_alt_name->d.ia5->data)))
238 found = 1;
239 }
240 sk_GENERAL_NAME_pop_free(subj_alt_names, GENERAL_NAME_free);
241 }
242 if (found)
243 return 0;
244
245 /* try the common name */
246 if (!(subj = X509_get_subject_name(cert)))
247 return error("cannot get certificate subject");
248 if ((len = X509_NAME_get_text_by_NID(subj, NID_commonName, cname, sizeof(cname))) < 0)
249 return error("cannot get certificate common name");
250 if (strlen(cname) == (size_t)len && host_matches(hostname, cname))
251 return 0;
252 return error("certificate owner '%s' does not match hostname '%s'",
253 cname, hostname);
254}
255
256static int ssl_socket_connect(struct imap_socket *sock, int use_tls_only, int verify)
257{
258#if (OPENSSL_VERSION_NUMBER >= 0x10000000L)
259 const SSL_METHOD *meth;
260#else
261 SSL_METHOD *meth;
262#endif
263 SSL_CTX *ctx;
264 int ret;
265 X509 *cert;
266
267 SSL_library_init();
268 SSL_load_error_strings();
269
270 if (use_tls_only)
271 meth = TLSv1_method();
272 else
273 meth = SSLv23_method();
274
275 if (!meth) {
276 ssl_socket_perror("SSLv23_method");
277 return -1;
278 }
279
280 ctx = SSL_CTX_new(meth);
281
282 if (verify)
283 SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL);
284
285 if (!SSL_CTX_set_default_verify_paths(ctx)) {
286 ssl_socket_perror("SSL_CTX_set_default_verify_paths");
287 return -1;
288 }
289 sock->ssl = SSL_new(ctx);
290 if (!sock->ssl) {
291 ssl_socket_perror("SSL_new");
292 return -1;
293 }
294 if (!SSL_set_rfd(sock->ssl, sock->fd[0])) {
295 ssl_socket_perror("SSL_set_rfd");
296 return -1;
297 }
298 if (!SSL_set_wfd(sock->ssl, sock->fd[1])) {
299 ssl_socket_perror("SSL_set_wfd");
300 return -1;
301 }
302
303#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
304 /*
305 * SNI (RFC4366)
306 * OpenSSL does not document this function, but the implementation
307 * returns 1 on success, 0 on failure after calling SSLerr().
308 */
309 ret = SSL_set_tlsext_host_name(sock->ssl, server.host);
310 if (ret != 1)
311 warning("SSL_set_tlsext_host_name(%s) failed.", server.host);
312#endif
313
314 ret = SSL_connect(sock->ssl);
315 if (ret <= 0) {
316 socket_perror("SSL_connect", sock, ret);
317 return -1;
318 }
319
320 if (verify) {
321 /* make sure the hostname matches that of the certificate */
322 cert = SSL_get_peer_certificate(sock->ssl);
323 if (!cert)
324 return error("unable to get peer certificate.");
325 if (verify_hostname(cert, server.host) < 0)
326 return -1;
327 }
328
329 return 0;
330}
331#endif
332
333static int socket_read(struct imap_socket *sock, char *buf, int len)
334{
335 ssize_t n;
336#ifndef NO_OPENSSL
337 if (sock->ssl)
338 n = SSL_read(sock->ssl, buf, len);
339 else
340#endif
341 n = xread(sock->fd[0], buf, len);
342 if (n <= 0) {
343 socket_perror("read", sock, n);
344 close(sock->fd[0]);
345 close(sock->fd[1]);
346 sock->fd[0] = sock->fd[1] = -1;
347 }
348 return n;
349}
350
351static int socket_write(struct imap_socket *sock, const char *buf, int len)
352{
353 int n;
354#ifndef NO_OPENSSL
355 if (sock->ssl)
356 n = SSL_write(sock->ssl, buf, len);
357 else
358#endif
359 n = write_in_full(sock->fd[1], buf, len);
360 if (n != len) {
361 socket_perror("write", sock, n);
362 close(sock->fd[0]);
363 close(sock->fd[1]);
364 sock->fd[0] = sock->fd[1] = -1;
365 }
366 return n;
367}
368
369static void socket_shutdown(struct imap_socket *sock)
370{
371#ifndef NO_OPENSSL
372 if (sock->ssl) {
373 SSL_shutdown(sock->ssl);
374 SSL_free(sock->ssl);
375 }
376#endif
377 close(sock->fd[0]);
378 close(sock->fd[1]);
379}
380
381/* simple line buffering */
382static int buffer_gets(struct imap_buffer *b, char **s)
383{
384 int n;
385 int start = b->offset;
386
387 *s = b->buf + start;
388
389 for (;;) {
390 /* make sure we have enough data to read the \r\n sequence */
391 if (b->offset + 1 >= b->bytes) {
392 if (start) {
393 /* shift down used bytes */
394 *s = b->buf;
395
396 assert(start <= b->bytes);
397 n = b->bytes - start;
398
399 if (n)
400 memmove(b->buf, b->buf + start, n);
401 b->offset -= start;
402 b->bytes = n;
403 start = 0;
404 }
405
406 n = socket_read(&b->sock, b->buf + b->bytes,
407 sizeof(b->buf) - b->bytes);
408
409 if (n <= 0)
410 return -1;
411
412 b->bytes += n;
413 }
414
415 if (b->buf[b->offset] == '\r') {
416 assert(b->offset + 1 < b->bytes);
417 if (b->buf[b->offset + 1] == '\n') {
418 b->buf[b->offset] = 0; /* terminate the string */
419 b->offset += 2; /* next line */
420 if (Verbose)
421 puts(*s);
422 return 0;
423 }
424 }
425
426 b->offset++;
427 }
428 /* not reached */
429}
430
431static void imap_info(const char *msg, ...)
432{
433 va_list va;
434
435 if (!Quiet) {
436 va_start(va, msg);
437 vprintf(msg, va);
438 va_end(va);
439 fflush(stdout);
440 }
441}
442
443static void imap_warn(const char *msg, ...)
444{
445 va_list va;
446
447 if (Quiet < 2) {
448 va_start(va, msg);
449 vfprintf(stderr, msg, va);
450 va_end(va);
451 }
452}
453
454static char *next_arg(char **s)
455{
456 char *ret;
457
458 if (!s || !*s)
459 return NULL;
460 while (isspace((unsigned char) **s))
461 (*s)++;
462 if (!**s) {
463 *s = NULL;
464 return NULL;
465 }
466 if (**s == '"') {
467 ++*s;
468 ret = *s;
469 *s = strchr(*s, '"');
470 } else {
471 ret = *s;
472 while (**s && !isspace((unsigned char) **s))
473 (*s)++;
474 }
475 if (*s) {
476 if (**s)
477 *(*s)++ = 0;
478 if (!**s)
479 *s = NULL;
480 }
481 return ret;
482}
483
484static int nfsnprintf(char *buf, int blen, const char *fmt, ...)
485{
486 int ret;
487 va_list va;
488
489 va_start(va, fmt);
490 if (blen <= 0 || (unsigned)(ret = vsnprintf(buf, blen, fmt, va)) >= (unsigned)blen)
491 die("Fatal: buffer too small. Please report a bug.");
492 va_end(va);
493 return ret;
494}
495
496static struct imap_cmd *v_issue_imap_cmd(struct imap_store *ctx,
497 struct imap_cmd_cb *cb,
498 const char *fmt, va_list ap)
499{
500 struct imap *imap = ctx->imap;
501 struct imap_cmd *cmd;
502 int n, bufl;
503 char buf[1024];
504
505 cmd = xmalloc(sizeof(struct imap_cmd));
506 nfvasprintf(&cmd->cmd, fmt, ap);
507 cmd->tag = ++imap->nexttag;
508
509 if (cb)
510 cmd->cb = *cb;
511 else
512 memset(&cmd->cb, 0, sizeof(cmd->cb));
513
514 while (imap->literal_pending)
515 get_cmd_result(ctx, NULL);
516
517 if (!cmd->cb.data)
518 bufl = nfsnprintf(buf, sizeof(buf), "%d %s\r\n", cmd->tag, cmd->cmd);
519 else
520 bufl = nfsnprintf(buf, sizeof(buf), "%d %s{%d%s}\r\n",
521 cmd->tag, cmd->cmd, cmd->cb.dlen,
522 CAP(LITERALPLUS) ? "+" : "");
523
524 if (Verbose) {
525 if (imap->num_in_progress)
526 printf("(%d in progress) ", imap->num_in_progress);
527 if (memcmp(cmd->cmd, "LOGIN", 5))
528 printf(">>> %s", buf);
529 else
530 printf(">>> %d LOGIN <user> <pass>\n", cmd->tag);
531 }
532 if (socket_write(&imap->buf.sock, buf, bufl) != bufl) {
533 free(cmd->cmd);
534 free(cmd);
535 if (cb)
536 free(cb->data);
537 return NULL;
538 }
539 if (cmd->cb.data) {
540 if (CAP(LITERALPLUS)) {
541 n = socket_write(&imap->buf.sock, cmd->cb.data, cmd->cb.dlen);
542 free(cmd->cb.data);
543 if (n != cmd->cb.dlen ||
544 socket_write(&imap->buf.sock, "\r\n", 2) != 2) {
545 free(cmd->cmd);
546 free(cmd);
547 return NULL;
548 }
549 cmd->cb.data = NULL;
550 } else
551 imap->literal_pending = 1;
552 } else if (cmd->cb.cont)
553 imap->literal_pending = 1;
554 cmd->next = NULL;
555 *imap->in_progress_append = cmd;
556 imap->in_progress_append = &cmd->next;
557 imap->num_in_progress++;
558 return cmd;
559}
560
561__attribute__((format (printf, 3, 4)))
562static struct imap_cmd *issue_imap_cmd(struct imap_store *ctx,
563 struct imap_cmd_cb *cb,
564 const char *fmt, ...)
565{
566 struct imap_cmd *ret;
567 va_list ap;
568
569 va_start(ap, fmt);
570 ret = v_issue_imap_cmd(ctx, cb, fmt, ap);
571 va_end(ap);
572 return ret;
573}
574
575__attribute__((format (printf, 3, 4)))
576static int imap_exec(struct imap_store *ctx, struct imap_cmd_cb *cb,
577 const char *fmt, ...)
578{
579 va_list ap;
580 struct imap_cmd *cmdp;
581
582 va_start(ap, fmt);
583 cmdp = v_issue_imap_cmd(ctx, cb, fmt, ap);
584 va_end(ap);
585 if (!cmdp)
586 return RESP_BAD;
587
588 return get_cmd_result(ctx, cmdp);
589}
590
591__attribute__((format (printf, 3, 4)))
592static int imap_exec_m(struct imap_store *ctx, struct imap_cmd_cb *cb,
593 const char *fmt, ...)
594{
595 va_list ap;
596 struct imap_cmd *cmdp;
597
598 va_start(ap, fmt);
599 cmdp = v_issue_imap_cmd(ctx, cb, fmt, ap);
600 va_end(ap);
601 if (!cmdp)
602 return DRV_STORE_BAD;
603
604 switch (get_cmd_result(ctx, cmdp)) {
605 case RESP_BAD: return DRV_STORE_BAD;
606 case RESP_NO: return DRV_MSG_BAD;
607 default: return DRV_OK;
608 }
609}
610
611static int skip_imap_list_l(char **sp, int level)
612{
613 char *s = *sp;
614
615 for (;;) {
616 while (isspace((unsigned char)*s))
617 s++;
618 if (level && *s == ')') {
619 s++;
620 break;
621 }
622 if (*s == '(') {
623 /* sublist */
624 s++;
625 if (skip_imap_list_l(&s, level + 1))
626 goto bail;
627 } else if (*s == '"') {
628 /* quoted string */
629 s++;
630 for (; *s != '"'; s++)
631 if (!*s)
632 goto bail;
633 s++;
634 } else {
635 /* atom */
636 for (; *s && !isspace((unsigned char)*s); s++)
637 if (level && *s == ')')
638 break;
639 }
640
641 if (!level)
642 break;
643 if (!*s)
644 goto bail;
645 }
646 *sp = s;
647 return 0;
648
649bail:
650 return -1;
651}
652
653static void skip_list(char **sp)
654{
655 skip_imap_list_l(sp, 0);
656}
657
658static void parse_capability(struct imap *imap, char *cmd)
659{
660 char *arg;
661 unsigned i;
662
663 imap->caps = 0x80000000;
664 while ((arg = next_arg(&cmd)))
665 for (i = 0; i < ARRAY_SIZE(cap_list); i++)
666 if (!strcmp(cap_list[i], arg))
667 imap->caps |= 1 << i;
668 imap->rcaps = imap->caps;
669}
670
671static int parse_response_code(struct imap_store *ctx, struct imap_cmd_cb *cb,
672 char *s)
673{
674 struct imap *imap = ctx->imap;
675 char *arg, *p;
676
677 if (*s != '[')
678 return RESP_OK; /* no response code */
679 s++;
680 if (!(p = strchr(s, ']'))) {
681 fprintf(stderr, "IMAP error: malformed response code\n");
682 return RESP_BAD;
683 }
684 *p++ = 0;
685 arg = next_arg(&s);
686 if (!strcmp("UIDVALIDITY", arg)) {
687 if (!(arg = next_arg(&s)) || !(ctx->uidvalidity = atoi(arg))) {
688 fprintf(stderr, "IMAP error: malformed UIDVALIDITY status\n");
689 return RESP_BAD;
690 }
691 } else if (!strcmp("UIDNEXT", arg)) {
692 if (!(arg = next_arg(&s)) || !(imap->uidnext = atoi(arg))) {
693 fprintf(stderr, "IMAP error: malformed NEXTUID status\n");
694 return RESP_BAD;
695 }
696 } else if (!strcmp("CAPABILITY", arg)) {
697 parse_capability(imap, s);
698 } else if (!strcmp("ALERT", arg)) {
699 /* RFC2060 says that these messages MUST be displayed
700 * to the user
701 */
702 for (; isspace((unsigned char)*p); p++);
703 fprintf(stderr, "*** IMAP ALERT *** %s\n", p);
704 } else if (cb && cb->ctx && !strcmp("APPENDUID", arg)) {
705 if (!(arg = next_arg(&s)) || !(ctx->uidvalidity = atoi(arg)) ||
706 !(arg = next_arg(&s)) || !(*(int *)cb->ctx = atoi(arg))) {
707 fprintf(stderr, "IMAP error: malformed APPENDUID status\n");
708 return RESP_BAD;
709 }
710 }
711 return RESP_OK;
712}
713
714static int get_cmd_result(struct imap_store *ctx, struct imap_cmd *tcmd)
715{
716 struct imap *imap = ctx->imap;
717 struct imap_cmd *cmdp, **pcmdp, *ncmdp;
718 char *cmd, *arg, *arg1, *p;
719 int n, resp, resp2, tag;
720
721 for (;;) {
722 if (buffer_gets(&imap->buf, &cmd))
723 return RESP_BAD;
724
725 arg = next_arg(&cmd);
726 if (*arg == '*') {
727 arg = next_arg(&cmd);
728 if (!arg) {
729 fprintf(stderr, "IMAP error: unable to parse untagged response\n");
730 return RESP_BAD;
731 }
732
733 if (!strcmp("NAMESPACE", arg)) {
734 /* rfc2342 NAMESPACE response. */
735 skip_list(&cmd); /* Personal mailboxes */
736 skip_list(&cmd); /* Others' mailboxes */
737 skip_list(&cmd); /* Shared mailboxes */
738 } else if (!strcmp("OK", arg) || !strcmp("BAD", arg) ||
739 !strcmp("NO", arg) || !strcmp("BYE", arg)) {
740 if ((resp = parse_response_code(ctx, NULL, cmd)) != RESP_OK)
741 return resp;
742 } else if (!strcmp("CAPABILITY", arg)) {
743 parse_capability(imap, cmd);
744 } else if ((arg1 = next_arg(&cmd))) {
745 ; /*
746 * Unhandled response-data with at least two words.
747 * Ignore it.
748 *
749 * NEEDSWORK: Previously this case handled '<num> EXISTS'
750 * and '<num> RECENT' but as a probably-unintended side
751 * effect it ignores other unrecognized two-word
752 * responses. imap-send doesn't ever try to read
753 * messages or mailboxes these days, so consider
754 * eliminating this case.
755 */
756 } else {
757 fprintf(stderr, "IMAP error: unable to parse untagged response\n");
758 return RESP_BAD;
759 }
760 } else if (!imap->in_progress) {
761 fprintf(stderr, "IMAP error: unexpected reply: %s %s\n", arg, cmd ? cmd : "");
762 return RESP_BAD;
763 } else if (*arg == '+') {
764 /* This can happen only with the last command underway, as
765 it enforces a round-trip. */
766 cmdp = (struct imap_cmd *)((char *)imap->in_progress_append -
767 offsetof(struct imap_cmd, next));
768 if (cmdp->cb.data) {
769 n = socket_write(&imap->buf.sock, cmdp->cb.data, cmdp->cb.dlen);
770 free(cmdp->cb.data);
771 cmdp->cb.data = NULL;
772 if (n != (int)cmdp->cb.dlen)
773 return RESP_BAD;
774 } else if (cmdp->cb.cont) {
775 if (cmdp->cb.cont(ctx, cmdp, cmd))
776 return RESP_BAD;
777 } else {
778 fprintf(stderr, "IMAP error: unexpected command continuation request\n");
779 return RESP_BAD;
780 }
781 if (socket_write(&imap->buf.sock, "\r\n", 2) != 2)
782 return RESP_BAD;
783 if (!cmdp->cb.cont)
784 imap->literal_pending = 0;
785 if (!tcmd)
786 return DRV_OK;
787 } else {
788 tag = atoi(arg);
789 for (pcmdp = &imap->in_progress; (cmdp = *pcmdp); pcmdp = &cmdp->next)
790 if (cmdp->tag == tag)
791 goto gottag;
792 fprintf(stderr, "IMAP error: unexpected tag %s\n", arg);
793 return RESP_BAD;
794 gottag:
795 if (!(*pcmdp = cmdp->next))
796 imap->in_progress_append = pcmdp;
797 imap->num_in_progress--;
798 if (cmdp->cb.cont || cmdp->cb.data)
799 imap->literal_pending = 0;
800 arg = next_arg(&cmd);
801 if (!strcmp("OK", arg))
802 resp = DRV_OK;
803 else {
804 if (!strcmp("NO", arg)) {
805 if (cmdp->cb.create && cmd && (cmdp->cb.trycreate || !memcmp(cmd, "[TRYCREATE]", 11))) { /* SELECT, APPEND or UID COPY */
806 p = strchr(cmdp->cmd, '"');
807 if (!issue_imap_cmd(ctx, NULL, "CREATE \"%.*s\"", (int)(strchr(p + 1, '"') - p + 1), p)) {
808 resp = RESP_BAD;
809 goto normal;
810 }
811 /* not waiting here violates the spec, but a server that does not
812 grok this nonetheless violates it too. */
813 cmdp->cb.create = 0;
814 if (!(ncmdp = issue_imap_cmd(ctx, &cmdp->cb, "%s", cmdp->cmd))) {
815 resp = RESP_BAD;
816 goto normal;
817 }
818 free(cmdp->cmd);
819 free(cmdp);
820 if (!tcmd)
821 return 0; /* ignored */
822 if (cmdp == tcmd)
823 tcmd = ncmdp;
824 continue;
825 }
826 resp = RESP_NO;
827 } else /*if (!strcmp("BAD", arg))*/
828 resp = RESP_BAD;
829 fprintf(stderr, "IMAP command '%s' returned response (%s) - %s\n",
830 memcmp(cmdp->cmd, "LOGIN", 5) ?
831 cmdp->cmd : "LOGIN <user> <pass>",
832 arg, cmd ? cmd : "");
833 }
834 if ((resp2 = parse_response_code(ctx, &cmdp->cb, cmd)) > resp)
835 resp = resp2;
836 normal:
837 if (cmdp->cb.done)
838 cmdp->cb.done(ctx, cmdp, resp);
839 free(cmdp->cb.data);
840 free(cmdp->cmd);
841 free(cmdp);
842 if (!tcmd || tcmd == cmdp)
843 return resp;
844 }
845 }
846 /* not reached */
847}
848
849static void imap_close_server(struct imap_store *ictx)
850{
851 struct imap *imap = ictx->imap;
852
853 if (imap->buf.sock.fd[0] != -1) {
854 imap_exec(ictx, NULL, "LOGOUT");
855 socket_shutdown(&imap->buf.sock);
856 }
857 free(imap);
858}
859
860static void imap_close_store(struct imap_store *ctx)
861{
862 imap_close_server(ctx);
863 free(ctx);
864}
865
866#ifndef NO_OPENSSL
867
868/*
869 * hexchar() and cram() functions are based on the code from the isync
870 * project (http://isync.sf.net/).
871 */
872static char hexchar(unsigned int b)
873{
874 return b < 10 ? '0' + b : 'a' + (b - 10);
875}
876
877#define ENCODED_SIZE(n) (4*((n+2)/3))
878static char *cram(const char *challenge_64, const char *user, const char *pass)
879{
880 int i, resp_len, encoded_len, decoded_len;
881 HMAC_CTX hmac;
882 unsigned char hash[16];
883 char hex[33];
884 char *response, *response_64, *challenge;
885
886 /*
887 * length of challenge_64 (i.e. base-64 encoded string) is a good
888 * enough upper bound for challenge (decoded result).
889 */
890 encoded_len = strlen(challenge_64);
891 challenge = xmalloc(encoded_len);
892 decoded_len = EVP_DecodeBlock((unsigned char *)challenge,
893 (unsigned char *)challenge_64, encoded_len);
894 if (decoded_len < 0)
895 die("invalid challenge %s", challenge_64);
896 HMAC_Init(&hmac, (unsigned char *)pass, strlen(pass), EVP_md5());
897 HMAC_Update(&hmac, (unsigned char *)challenge, decoded_len);
898 HMAC_Final(&hmac, hash, NULL);
899 HMAC_CTX_cleanup(&hmac);
900
901 hex[32] = 0;
902 for (i = 0; i < 16; i++) {
903 hex[2 * i] = hexchar((hash[i] >> 4) & 0xf);
904 hex[2 * i + 1] = hexchar(hash[i] & 0xf);
905 }
906
907 /* response: "<user> <digest in hex>" */
908 resp_len = strlen(user) + 1 + strlen(hex) + 1;
909 response = xmalloc(resp_len);
910 sprintf(response, "%s %s", user, hex);
911
912 response_64 = xmalloc(ENCODED_SIZE(resp_len) + 1);
913 encoded_len = EVP_EncodeBlock((unsigned char *)response_64,
914 (unsigned char *)response, resp_len);
915 if (encoded_len < 0)
916 die("EVP_EncodeBlock error");
917 response_64[encoded_len] = '\0';
918 return (char *)response_64;
919}
920
921#else
922
923static char *cram(const char *challenge_64, const char *user, const char *pass)
924{
925 die("If you want to use CRAM-MD5 authenticate method, "
926 "you have to build git-imap-send with OpenSSL library.");
927}
928
929#endif
930
931static int auth_cram_md5(struct imap_store *ctx, struct imap_cmd *cmd, const char *prompt)
932{
933 int ret;
934 char *response;
935
936 response = cram(prompt, server.user, server.pass);
937
938 ret = socket_write(&ctx->imap->buf.sock, response, strlen(response));
939 if (ret != strlen(response))
940 return error("IMAP error: sending response failed");
941
942 free(response);
943
944 return 0;
945}
946
947static struct imap_store *imap_open_store(struct imap_server_conf *srvc)
948{
949 struct imap_store *ctx;
950 struct imap *imap;
951 char *arg, *rsp;
952 int s = -1, preauth;
953
954 ctx = xcalloc(sizeof(*ctx), 1);
955
956 ctx->imap = imap = xcalloc(sizeof(*imap), 1);
957 imap->buf.sock.fd[0] = imap->buf.sock.fd[1] = -1;
958 imap->in_progress_append = &imap->in_progress;
959
960 /* open connection to IMAP server */
961
962 if (srvc->tunnel) {
963 const char *argv[] = { srvc->tunnel, NULL };
964 struct child_process tunnel = {NULL};
965
966 imap_info("Starting tunnel '%s'... ", srvc->tunnel);
967
968 tunnel.argv = argv;
969 tunnel.use_shell = 1;
970 tunnel.in = -1;
971 tunnel.out = -1;
972 if (start_command(&tunnel))
973 die("cannot start proxy %s", argv[0]);
974
975 imap->buf.sock.fd[0] = tunnel.out;
976 imap->buf.sock.fd[1] = tunnel.in;
977
978 imap_info("ok\n");
979 } else {
980#ifndef NO_IPV6
981 struct addrinfo hints, *ai0, *ai;
982 int gai;
983 char portstr[6];
984
985 snprintf(portstr, sizeof(portstr), "%d", srvc->port);
986
987 memset(&hints, 0, sizeof(hints));
988 hints.ai_socktype = SOCK_STREAM;
989 hints.ai_protocol = IPPROTO_TCP;
990
991 imap_info("Resolving %s... ", srvc->host);
992 gai = getaddrinfo(srvc->host, portstr, &hints, &ai);
993 if (gai) {
994 fprintf(stderr, "getaddrinfo: %s\n", gai_strerror(gai));
995 goto bail;
996 }
997 imap_info("ok\n");
998
999 for (ai0 = ai; ai; ai = ai->ai_next) {
1000 char addr[NI_MAXHOST];
1001
1002 s = socket(ai->ai_family, ai->ai_socktype,
1003 ai->ai_protocol);
1004 if (s < 0)
1005 continue;
1006
1007 getnameinfo(ai->ai_addr, ai->ai_addrlen, addr,
1008 sizeof(addr), NULL, 0, NI_NUMERICHOST);
1009 imap_info("Connecting to [%s]:%s... ", addr, portstr);
1010
1011 if (connect(s, ai->ai_addr, ai->ai_addrlen) < 0) {
1012 close(s);
1013 s = -1;
1014 perror("connect");
1015 continue;
1016 }
1017
1018 break;
1019 }
1020 freeaddrinfo(ai0);
1021#else /* NO_IPV6 */
1022 struct hostent *he;
1023 struct sockaddr_in addr;
1024
1025 memset(&addr, 0, sizeof(addr));
1026 addr.sin_port = htons(srvc->port);
1027 addr.sin_family = AF_INET;
1028
1029 imap_info("Resolving %s... ", srvc->host);
1030 he = gethostbyname(srvc->host);
1031 if (!he) {
1032 perror("gethostbyname");
1033 goto bail;
1034 }
1035 imap_info("ok\n");
1036
1037 addr.sin_addr.s_addr = *((int *) he->h_addr_list[0]);
1038
1039 s = socket(PF_INET, SOCK_STREAM, 0);
1040
1041 imap_info("Connecting to %s:%hu... ", inet_ntoa(addr.sin_addr), ntohs(addr.sin_port));
1042 if (connect(s, (struct sockaddr *)&addr, sizeof(addr))) {
1043 close(s);
1044 s = -1;
1045 perror("connect");
1046 }
1047#endif
1048 if (s < 0) {
1049 fputs("Error: unable to connect to server.\n", stderr);
1050 goto bail;
1051 }
1052
1053 imap->buf.sock.fd[0] = s;
1054 imap->buf.sock.fd[1] = dup(s);
1055
1056 if (srvc->use_ssl &&
1057 ssl_socket_connect(&imap->buf.sock, 0, srvc->ssl_verify)) {
1058 close(s);
1059 goto bail;
1060 }
1061 imap_info("ok\n");
1062 }
1063
1064 /* read the greeting string */
1065 if (buffer_gets(&imap->buf, &rsp)) {
1066 fprintf(stderr, "IMAP error: no greeting response\n");
1067 goto bail;
1068 }
1069 arg = next_arg(&rsp);
1070 if (!arg || *arg != '*' || (arg = next_arg(&rsp)) == NULL) {
1071 fprintf(stderr, "IMAP error: invalid greeting response\n");
1072 goto bail;
1073 }
1074 preauth = 0;
1075 if (!strcmp("PREAUTH", arg))
1076 preauth = 1;
1077 else if (strcmp("OK", arg) != 0) {
1078 fprintf(stderr, "IMAP error: unknown greeting response\n");
1079 goto bail;
1080 }
1081 parse_response_code(ctx, NULL, rsp);
1082 if (!imap->caps && imap_exec(ctx, NULL, "CAPABILITY") != RESP_OK)
1083 goto bail;
1084
1085 if (!preauth) {
1086#ifndef NO_OPENSSL
1087 if (!srvc->use_ssl && CAP(STARTTLS)) {
1088 if (imap_exec(ctx, NULL, "STARTTLS") != RESP_OK)
1089 goto bail;
1090 if (ssl_socket_connect(&imap->buf.sock, 1,
1091 srvc->ssl_verify))
1092 goto bail;
1093 /* capabilities may have changed, so get the new capabilities */
1094 if (imap_exec(ctx, NULL, "CAPABILITY") != RESP_OK)
1095 goto bail;
1096 }
1097#endif
1098 imap_info("Logging in...\n");
1099 if (!srvc->user) {
1100 fprintf(stderr, "Skipping server %s, no user\n", srvc->host);
1101 goto bail;
1102 }
1103 if (!srvc->pass) {
1104 struct strbuf prompt = STRBUF_INIT;
1105 strbuf_addf(&prompt, "Password (%s@%s): ", srvc->user, srvc->host);
1106 arg = git_getpass(prompt.buf);
1107 strbuf_release(&prompt);
1108 if (!*arg) {
1109 fprintf(stderr, "Skipping account %s@%s, no password\n", srvc->user, srvc->host);
1110 goto bail;
1111 }
1112 /*
1113 * getpass() returns a pointer to a static buffer. make a copy
1114 * for long term storage.
1115 */
1116 srvc->pass = xstrdup(arg);
1117 }
1118 if (CAP(NOLOGIN)) {
1119 fprintf(stderr, "Skipping account %s@%s, server forbids LOGIN\n", srvc->user, srvc->host);
1120 goto bail;
1121 }
1122
1123 if (srvc->auth_method) {
1124 struct imap_cmd_cb cb;
1125
1126 if (!strcmp(srvc->auth_method, "CRAM-MD5")) {
1127 if (!CAP(AUTH_CRAM_MD5)) {
1128 fprintf(stderr, "You specified"
1129 "CRAM-MD5 as authentication method, "
1130 "but %s doesn't support it.\n", srvc->host);
1131 goto bail;
1132 }
1133 /* CRAM-MD5 */
1134
1135 memset(&cb, 0, sizeof(cb));
1136 cb.cont = auth_cram_md5;
1137 if (imap_exec(ctx, &cb, "AUTHENTICATE CRAM-MD5") != RESP_OK) {
1138 fprintf(stderr, "IMAP error: AUTHENTICATE CRAM-MD5 failed\n");
1139 goto bail;
1140 }
1141 } else {
1142 fprintf(stderr, "Unknown authentication method:%s\n", srvc->host);
1143 goto bail;
1144 }
1145 } else {
1146 if (!imap->buf.sock.ssl)
1147 imap_warn("*** IMAP Warning *** Password is being "
1148 "sent in the clear\n");
1149 if (imap_exec(ctx, NULL, "LOGIN \"%s\" \"%s\"", srvc->user, srvc->pass) != RESP_OK) {
1150 fprintf(stderr, "IMAP error: LOGIN failed\n");
1151 goto bail;
1152 }
1153 }
1154 } /* !preauth */
1155
1156 ctx->prefix = "";
1157 return ctx;
1158
1159bail:
1160 imap_close_store(ctx);
1161 return NULL;
1162}
1163
1164/*
1165 * Insert CR characters as necessary in *msg to ensure that every LF
1166 * character in *msg is preceded by a CR.
1167 */
1168static void lf_to_crlf(struct strbuf *msg)
1169{
1170 char *new;
1171 size_t i, j;
1172 char lastc;
1173
1174 /* First pass: tally, in j, the size of the new string: */
1175 for (i = j = 0, lastc = '\0'; i < msg->len; i++) {
1176 if (msg->buf[i] == '\n' && lastc != '\r')
1177 j++; /* a CR will need to be added here */
1178 lastc = msg->buf[i];
1179 j++;
1180 }
1181
1182 new = xmalloc(j + 1);
1183
1184 /*
1185 * Second pass: write the new string. Note that this loop is
1186 * otherwise identical to the first pass.
1187 */
1188 for (i = j = 0, lastc = '\0'; i < msg->len; i++) {
1189 if (msg->buf[i] == '\n' && lastc != '\r')
1190 new[j++] = '\r';
1191 lastc = new[j++] = msg->buf[i];
1192 }
1193 strbuf_attach(msg, new, j, j + 1);
1194}
1195
1196/*
1197 * Store msg to IMAP. Also detach and free the data from msg->data,
1198 * leaving msg->data empty.
1199 */
1200static int imap_store_msg(struct imap_store *ctx, struct strbuf *msg)
1201{
1202 struct imap *imap = ctx->imap;
1203 struct imap_cmd_cb cb;
1204 const char *prefix, *box;
1205 int ret;
1206
1207 lf_to_crlf(msg);
1208 memset(&cb, 0, sizeof(cb));
1209
1210 cb.dlen = msg->len;
1211 cb.data = strbuf_detach(msg, NULL);
1212
1213 box = ctx->name;
1214 prefix = !strcmp(box, "INBOX") ? "" : ctx->prefix;
1215 cb.create = 0;
1216 ret = imap_exec_m(ctx, &cb, "APPEND \"%s%s\" ", prefix, box);
1217 imap->caps = imap->rcaps;
1218 if (ret != DRV_OK)
1219 return ret;
1220
1221 return DRV_OK;
1222}
1223
1224static void wrap_in_html(struct strbuf *msg)
1225{
1226 struct strbuf buf = STRBUF_INIT;
1227 static char *content_type = "Content-Type: text/html;\n";
1228 static char *pre_open = "<pre>\n";
1229 static char *pre_close = "</pre>\n";
1230 const char *body = strstr(msg->buf, "\n\n");
1231
1232 if (!body)
1233 return; /* Headers but no body; no wrapping needed */
1234
1235 body += 2;
1236
1237 strbuf_add(&buf, msg->buf, body - msg->buf - 1);
1238 strbuf_addstr(&buf, content_type);
1239 strbuf_addch(&buf, '\n');
1240 strbuf_addstr(&buf, pre_open);
1241 strbuf_addstr_xml_quoted(&buf, body);
1242 strbuf_addstr(&buf, pre_close);
1243
1244 strbuf_release(msg);
1245 *msg = buf;
1246}
1247
1248#define CHUNKSIZE 0x1000
1249
1250static int read_message(FILE *f, struct strbuf *all_msgs)
1251{
1252 do {
1253 if (strbuf_fread(all_msgs, CHUNKSIZE, f) <= 0)
1254 break;
1255 } while (!feof(f));
1256
1257 return ferror(f) ? -1 : 0;
1258}
1259
1260static int count_messages(struct strbuf *all_msgs)
1261{
1262 int count = 0;
1263 char *p = all_msgs->buf;
1264
1265 while (1) {
1266 if (!prefixcmp(p, "From ")) {
1267 p = strstr(p+5, "\nFrom: ");
1268 if (!p) break;
1269 p = strstr(p+7, "\nDate: ");
1270 if (!p) break;
1271 p = strstr(p+7, "\nSubject: ");
1272 if (!p) break;
1273 p += 10;
1274 count++;
1275 }
1276 p = strstr(p+5, "\nFrom ");
1277 if (!p)
1278 break;
1279 p++;
1280 }
1281 return count;
1282}
1283
1284/*
1285 * Copy the next message from all_msgs, starting at offset *ofs, to
1286 * msg. Update *ofs to the start of the following message. Return
1287 * true iff a message was successfully copied.
1288 */
1289static int split_msg(struct strbuf *all_msgs, struct strbuf *msg, int *ofs)
1290{
1291 char *p, *data;
1292 size_t len;
1293
1294 if (*ofs >= all_msgs->len)
1295 return 0;
1296
1297 data = &all_msgs->buf[*ofs];
1298 len = all_msgs->len - *ofs;
1299
1300 if (len < 5 || prefixcmp(data, "From "))
1301 return 0;
1302
1303 p = strchr(data, '\n');
1304 if (p) {
1305 p++;
1306 len -= p - data;
1307 *ofs += p - data;
1308 data = p;
1309 }
1310
1311 p = strstr(data, "\nFrom ");
1312 if (p)
1313 len = &p[1] - data;
1314
1315 strbuf_add(msg, data, len);
1316 *ofs += len;
1317 return 1;
1318}
1319
1320static char *imap_folder;
1321
1322static int git_imap_config(const char *key, const char *val, void *cb)
1323{
1324 char imap_key[] = "imap.";
1325
1326 if (strncmp(key, imap_key, sizeof imap_key - 1))
1327 return 0;
1328
1329 key += sizeof imap_key - 1;
1330
1331 /* check booleans first, and barf on others */
1332 if (!strcmp("sslverify", key))
1333 server.ssl_verify = git_config_bool(key, val);
1334 else if (!strcmp("preformattedhtml", key))
1335 server.use_html = git_config_bool(key, val);
1336 else if (!val)
1337 return config_error_nonbool(key);
1338
1339 if (!strcmp("folder", key)) {
1340 imap_folder = xstrdup(val);
1341 } else if (!strcmp("host", key)) {
1342 if (!prefixcmp(val, "imap:"))
1343 val += 5;
1344 else if (!prefixcmp(val, "imaps:")) {
1345 val += 6;
1346 server.use_ssl = 1;
1347 }
1348 if (!prefixcmp(val, "//"))
1349 val += 2;
1350 server.host = xstrdup(val);
1351 } else if (!strcmp("user", key))
1352 server.user = xstrdup(val);
1353 else if (!strcmp("pass", key))
1354 server.pass = xstrdup(val);
1355 else if (!strcmp("port", key))
1356 server.port = git_config_int(key, val);
1357 else if (!strcmp("tunnel", key))
1358 server.tunnel = xstrdup(val);
1359 else if (!strcmp("authmethod", key))
1360 server.auth_method = xstrdup(val);
1361
1362 return 0;
1363}
1364
1365int main(int argc, char **argv)
1366{
1367 struct strbuf all_msgs = STRBUF_INIT;
1368 struct strbuf msg = STRBUF_INIT;
1369 struct imap_store *ctx = NULL;
1370 int ofs = 0;
1371 int r;
1372 int total, n = 0;
1373 int nongit_ok;
1374
1375 git_extract_argv0_path(argv[0]);
1376
1377 git_setup_gettext();
1378
1379 if (argc != 1)
1380 usage(imap_send_usage);
1381
1382 setup_git_directory_gently(&nongit_ok);
1383 git_config(git_imap_config, NULL);
1384
1385 if (!server.port)
1386 server.port = server.use_ssl ? 993 : 143;
1387
1388 if (!imap_folder) {
1389 fprintf(stderr, "no imap store specified\n");
1390 return 1;
1391 }
1392 if (!server.host) {
1393 if (!server.tunnel) {
1394 fprintf(stderr, "no imap host specified\n");
1395 return 1;
1396 }
1397 server.host = "tunnel";
1398 }
1399
1400 /* read the messages */
1401 if (read_message(stdin, &all_msgs)) {
1402 fprintf(stderr, "error reading input\n");
1403 return 1;
1404 }
1405
1406 if (all_msgs.len == 0) {
1407 fprintf(stderr, "nothing to send\n");
1408 return 1;
1409 }
1410
1411 total = count_messages(&all_msgs);
1412 if (!total) {
1413 fprintf(stderr, "no messages to send\n");
1414 return 1;
1415 }
1416
1417 /* write it to the imap server */
1418 ctx = imap_open_store(&server);
1419 if (!ctx) {
1420 fprintf(stderr, "failed to open store\n");
1421 return 1;
1422 }
1423
1424 fprintf(stderr, "sending %d message%s\n", total, (total != 1) ? "s" : "");
1425 ctx->name = imap_folder;
1426 while (1) {
1427 unsigned percent = n * 100 / total;
1428
1429 fprintf(stderr, "%4u%% (%d/%d) done\r", percent, n, total);
1430 if (!split_msg(&all_msgs, &msg, &ofs))
1431 break;
1432 if (server.use_html)
1433 wrap_in_html(&msg);
1434 r = imap_store_msg(ctx, &msg);
1435 if (r != DRV_OK)
1436 break;
1437 n++;
1438 }
1439 fprintf(stderr, "\n");
1440
1441 imap_close_store(ctx);
1442
1443 return 0;
1444}