commit.c/GPG signature verification: Also look at the first GPG status line
[git/gitweb.git] / imap-send.c
blobd9bcfb44dc334d86363fd60b576fcc2e2121f971
1 /*
2 * git-imap-send - drops patches into an imap Drafts folder
3 * derived from isync/mbsync - mailbox synchronizer
5 * Copyright (C) 2000-2002 Michael R. Elkins <me@mutt.org>
6 * Copyright (C) 2002-2004 Oswald Buddenhagen <ossi@users.sf.net>
7 * Copyright (C) 2004 Theodore Y. Ts'o <tytso@mit.edu>
8 * Copyright (C) 2006 Mike McCormack
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
25 #include "cache.h"
26 #include "exec_cmd.h"
27 #include "run-command.h"
28 #include "prompt.h"
29 #ifdef NO_OPENSSL
30 typedef void *SSL;
31 #else
32 #include <openssl/evp.h>
33 #include <openssl/hmac.h>
34 #include <openssl/x509v3.h>
35 #endif
37 static const char imap_send_usage[] = "git imap-send < <mbox>";
39 #undef DRV_OK
40 #define DRV_OK 0
41 #define DRV_MSG_BAD -1
42 #define DRV_BOX_BAD -2
43 #define DRV_STORE_BAD -3
45 static int Verbose, Quiet;
47 __attribute__((format (printf, 1, 2)))
48 static void imap_info(const char *, ...);
49 __attribute__((format (printf, 1, 2)))
50 static void imap_warn(const char *, ...);
52 static char *next_arg(char **);
54 __attribute__((format (printf, 3, 4)))
55 static int nfsnprintf(char *buf, int blen, const char *fmt, ...);
57 static int nfvasprintf(char **strp, const char *fmt, va_list ap)
59 int len;
60 char tmp[8192];
62 len = vsnprintf(tmp, sizeof(tmp), fmt, ap);
63 if (len < 0)
64 die("Fatal: Out of memory");
65 if (len >= sizeof(tmp))
66 die("imap command overflow!");
67 *strp = xmemdupz(tmp, len);
68 return len;
71 struct imap_server_conf {
72 char *name;
73 char *tunnel;
74 char *host;
75 int port;
76 char *user;
77 char *pass;
78 int use_ssl;
79 int ssl_verify;
80 int use_html;
81 char *auth_method;
84 static struct imap_server_conf server = {
85 NULL, /* name */
86 NULL, /* tunnel */
87 NULL, /* host */
88 0, /* port */
89 NULL, /* user */
90 NULL, /* pass */
91 0, /* use_ssl */
92 1, /* ssl_verify */
93 0, /* use_html */
94 NULL, /* auth_method */
97 struct imap_socket {
98 int fd[2];
99 SSL *ssl;
102 struct imap_buffer {
103 struct imap_socket sock;
104 int bytes;
105 int offset;
106 char buf[1024];
109 struct imap_cmd;
111 struct imap {
112 int uidnext; /* from SELECT responses */
113 unsigned caps, rcaps; /* CAPABILITY results */
114 /* command queue */
115 int nexttag, num_in_progress, literal_pending;
116 struct imap_cmd *in_progress, **in_progress_append;
117 struct imap_buffer buf; /* this is BIG, so put it last */
120 struct imap_store {
121 /* currently open mailbox */
122 const char *name; /* foreign! maybe preset? */
123 int uidvalidity;
124 struct imap *imap;
125 const char *prefix;
128 struct imap_cmd_cb {
129 int (*cont)(struct imap_store *ctx, struct imap_cmd *cmd, const char *prompt);
130 void (*done)(struct imap_store *ctx, struct imap_cmd *cmd, int response);
131 void *ctx;
132 char *data;
133 int dlen;
134 int uid;
135 unsigned create:1, trycreate:1;
138 struct imap_cmd {
139 struct imap_cmd *next;
140 struct imap_cmd_cb cb;
141 char *cmd;
142 int tag;
145 #define CAP(cap) (imap->caps & (1 << (cap)))
147 enum CAPABILITY {
148 NOLOGIN = 0,
149 UIDPLUS,
150 LITERALPLUS,
151 NAMESPACE,
152 STARTTLS,
153 AUTH_CRAM_MD5
156 static const char *cap_list[] = {
157 "LOGINDISABLED",
158 "UIDPLUS",
159 "LITERAL+",
160 "NAMESPACE",
161 "STARTTLS",
162 "AUTH=CRAM-MD5",
165 #define RESP_OK 0
166 #define RESP_NO 1
167 #define RESP_BAD 2
169 static int get_cmd_result(struct imap_store *ctx, struct imap_cmd *tcmd);
172 #ifndef NO_OPENSSL
173 static void ssl_socket_perror(const char *func)
175 fprintf(stderr, "%s: %s\n", func, ERR_error_string(ERR_get_error(), NULL));
177 #endif
179 static void socket_perror(const char *func, struct imap_socket *sock, int ret)
181 #ifndef NO_OPENSSL
182 if (sock->ssl) {
183 int sslerr = SSL_get_error(sock->ssl, ret);
184 switch (sslerr) {
185 case SSL_ERROR_NONE:
186 break;
187 case SSL_ERROR_SYSCALL:
188 perror("SSL_connect");
189 break;
190 default:
191 ssl_socket_perror("SSL_connect");
192 break;
194 } else
195 #endif
197 if (ret < 0)
198 perror(func);
199 else
200 fprintf(stderr, "%s: unexpected EOF\n", func);
204 #ifdef NO_OPENSSL
205 static int ssl_socket_connect(struct imap_socket *sock, int use_tls_only, int verify)
207 fprintf(stderr, "SSL requested but SSL support not compiled in\n");
208 return -1;
211 #else
213 static int host_matches(const char *host, const char *pattern)
215 if (pattern[0] == '*' && pattern[1] == '.') {
216 pattern += 2;
217 if (!(host = strchr(host, '.')))
218 return 0;
219 host++;
222 return *host && *pattern && !strcasecmp(host, pattern);
225 static int verify_hostname(X509 *cert, const char *hostname)
227 int len;
228 X509_NAME *subj;
229 char cname[1000];
230 int i, found;
231 STACK_OF(GENERAL_NAME) *subj_alt_names;
233 /* try the DNS subjectAltNames */
234 found = 0;
235 if ((subj_alt_names = X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL))) {
236 int num_subj_alt_names = sk_GENERAL_NAME_num(subj_alt_names);
237 for (i = 0; !found && i < num_subj_alt_names; i++) {
238 GENERAL_NAME *subj_alt_name = sk_GENERAL_NAME_value(subj_alt_names, i);
239 if (subj_alt_name->type == GEN_DNS &&
240 strlen((const char *)subj_alt_name->d.ia5->data) == (size_t)subj_alt_name->d.ia5->length &&
241 host_matches(hostname, (const char *)(subj_alt_name->d.ia5->data)))
242 found = 1;
244 sk_GENERAL_NAME_pop_free(subj_alt_names, GENERAL_NAME_free);
246 if (found)
247 return 0;
249 /* try the common name */
250 if (!(subj = X509_get_subject_name(cert)))
251 return error("cannot get certificate subject");
252 if ((len = X509_NAME_get_text_by_NID(subj, NID_commonName, cname, sizeof(cname))) < 0)
253 return error("cannot get certificate common name");
254 if (strlen(cname) == (size_t)len && host_matches(hostname, cname))
255 return 0;
256 return error("certificate owner '%s' does not match hostname '%s'",
257 cname, hostname);
260 static int ssl_socket_connect(struct imap_socket *sock, int use_tls_only, int verify)
262 #if (OPENSSL_VERSION_NUMBER >= 0x10000000L)
263 const SSL_METHOD *meth;
264 #else
265 SSL_METHOD *meth;
266 #endif
267 SSL_CTX *ctx;
268 int ret;
269 X509 *cert;
271 SSL_library_init();
272 SSL_load_error_strings();
274 if (use_tls_only)
275 meth = TLSv1_method();
276 else
277 meth = SSLv23_method();
279 if (!meth) {
280 ssl_socket_perror("SSLv23_method");
281 return -1;
284 ctx = SSL_CTX_new(meth);
286 if (verify)
287 SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL);
289 if (!SSL_CTX_set_default_verify_paths(ctx)) {
290 ssl_socket_perror("SSL_CTX_set_default_verify_paths");
291 return -1;
293 sock->ssl = SSL_new(ctx);
294 if (!sock->ssl) {
295 ssl_socket_perror("SSL_new");
296 return -1;
298 if (!SSL_set_rfd(sock->ssl, sock->fd[0])) {
299 ssl_socket_perror("SSL_set_rfd");
300 return -1;
302 if (!SSL_set_wfd(sock->ssl, sock->fd[1])) {
303 ssl_socket_perror("SSL_set_wfd");
304 return -1;
307 #ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
309 * SNI (RFC4366)
310 * OpenSSL does not document this function, but the implementation
311 * returns 1 on success, 0 on failure after calling SSLerr().
313 ret = SSL_set_tlsext_host_name(sock->ssl, server.host);
314 if (ret != 1)
315 warning("SSL_set_tlsext_host_name(%s) failed.", server.host);
316 #endif
318 ret = SSL_connect(sock->ssl);
319 if (ret <= 0) {
320 socket_perror("SSL_connect", sock, ret);
321 return -1;
324 if (verify) {
325 /* make sure the hostname matches that of the certificate */
326 cert = SSL_get_peer_certificate(sock->ssl);
327 if (!cert)
328 return error("unable to get peer certificate.");
329 if (verify_hostname(cert, server.host) < 0)
330 return -1;
333 return 0;
335 #endif
337 static int socket_read(struct imap_socket *sock, char *buf, int len)
339 ssize_t n;
340 #ifndef NO_OPENSSL
341 if (sock->ssl)
342 n = SSL_read(sock->ssl, buf, len);
343 else
344 #endif
345 n = xread(sock->fd[0], buf, len);
346 if (n <= 0) {
347 socket_perror("read", sock, n);
348 close(sock->fd[0]);
349 close(sock->fd[1]);
350 sock->fd[0] = sock->fd[1] = -1;
352 return n;
355 static int socket_write(struct imap_socket *sock, const char *buf, int len)
357 int n;
358 #ifndef NO_OPENSSL
359 if (sock->ssl)
360 n = SSL_write(sock->ssl, buf, len);
361 else
362 #endif
363 n = write_in_full(sock->fd[1], buf, len);
364 if (n != len) {
365 socket_perror("write", sock, n);
366 close(sock->fd[0]);
367 close(sock->fd[1]);
368 sock->fd[0] = sock->fd[1] = -1;
370 return n;
373 static void socket_shutdown(struct imap_socket *sock)
375 #ifndef NO_OPENSSL
376 if (sock->ssl) {
377 SSL_shutdown(sock->ssl);
378 SSL_free(sock->ssl);
380 #endif
381 close(sock->fd[0]);
382 close(sock->fd[1]);
385 /* simple line buffering */
386 static int buffer_gets(struct imap_buffer *b, char **s)
388 int n;
389 int start = b->offset;
391 *s = b->buf + start;
393 for (;;) {
394 /* make sure we have enough data to read the \r\n sequence */
395 if (b->offset + 1 >= b->bytes) {
396 if (start) {
397 /* shift down used bytes */
398 *s = b->buf;
400 assert(start <= b->bytes);
401 n = b->bytes - start;
403 if (n)
404 memmove(b->buf, b->buf + start, n);
405 b->offset -= start;
406 b->bytes = n;
407 start = 0;
410 n = socket_read(&b->sock, b->buf + b->bytes,
411 sizeof(b->buf) - b->bytes);
413 if (n <= 0)
414 return -1;
416 b->bytes += n;
419 if (b->buf[b->offset] == '\r') {
420 assert(b->offset + 1 < b->bytes);
421 if (b->buf[b->offset + 1] == '\n') {
422 b->buf[b->offset] = 0; /* terminate the string */
423 b->offset += 2; /* next line */
424 if (Verbose)
425 puts(*s);
426 return 0;
430 b->offset++;
432 /* not reached */
435 static void imap_info(const char *msg, ...)
437 va_list va;
439 if (!Quiet) {
440 va_start(va, msg);
441 vprintf(msg, va);
442 va_end(va);
443 fflush(stdout);
447 static void imap_warn(const char *msg, ...)
449 va_list va;
451 if (Quiet < 2) {
452 va_start(va, msg);
453 vfprintf(stderr, msg, va);
454 va_end(va);
458 static char *next_arg(char **s)
460 char *ret;
462 if (!s || !*s)
463 return NULL;
464 while (isspace((unsigned char) **s))
465 (*s)++;
466 if (!**s) {
467 *s = NULL;
468 return NULL;
470 if (**s == '"') {
471 ++*s;
472 ret = *s;
473 *s = strchr(*s, '"');
474 } else {
475 ret = *s;
476 while (**s && !isspace((unsigned char) **s))
477 (*s)++;
479 if (*s) {
480 if (**s)
481 *(*s)++ = 0;
482 if (!**s)
483 *s = NULL;
485 return ret;
488 static int nfsnprintf(char *buf, int blen, const char *fmt, ...)
490 int ret;
491 va_list va;
493 va_start(va, fmt);
494 if (blen <= 0 || (unsigned)(ret = vsnprintf(buf, blen, fmt, va)) >= (unsigned)blen)
495 die("Fatal: buffer too small. Please report a bug.");
496 va_end(va);
497 return ret;
500 static struct imap_cmd *v_issue_imap_cmd(struct imap_store *ctx,
501 struct imap_cmd_cb *cb,
502 const char *fmt, va_list ap)
504 struct imap *imap = ctx->imap;
505 struct imap_cmd *cmd;
506 int n, bufl;
507 char buf[1024];
509 cmd = xmalloc(sizeof(struct imap_cmd));
510 nfvasprintf(&cmd->cmd, fmt, ap);
511 cmd->tag = ++imap->nexttag;
513 if (cb)
514 cmd->cb = *cb;
515 else
516 memset(&cmd->cb, 0, sizeof(cmd->cb));
518 while (imap->literal_pending)
519 get_cmd_result(ctx, NULL);
521 if (!cmd->cb.data)
522 bufl = nfsnprintf(buf, sizeof(buf), "%d %s\r\n", cmd->tag, cmd->cmd);
523 else
524 bufl = nfsnprintf(buf, sizeof(buf), "%d %s{%d%s}\r\n",
525 cmd->tag, cmd->cmd, cmd->cb.dlen,
526 CAP(LITERALPLUS) ? "+" : "");
528 if (Verbose) {
529 if (imap->num_in_progress)
530 printf("(%d in progress) ", imap->num_in_progress);
531 if (memcmp(cmd->cmd, "LOGIN", 5))
532 printf(">>> %s", buf);
533 else
534 printf(">>> %d LOGIN <user> <pass>\n", cmd->tag);
536 if (socket_write(&imap->buf.sock, buf, bufl) != bufl) {
537 free(cmd->cmd);
538 free(cmd);
539 if (cb)
540 free(cb->data);
541 return NULL;
543 if (cmd->cb.data) {
544 if (CAP(LITERALPLUS)) {
545 n = socket_write(&imap->buf.sock, cmd->cb.data, cmd->cb.dlen);
546 free(cmd->cb.data);
547 if (n != cmd->cb.dlen ||
548 socket_write(&imap->buf.sock, "\r\n", 2) != 2) {
549 free(cmd->cmd);
550 free(cmd);
551 return NULL;
553 cmd->cb.data = NULL;
554 } else
555 imap->literal_pending = 1;
556 } else if (cmd->cb.cont)
557 imap->literal_pending = 1;
558 cmd->next = NULL;
559 *imap->in_progress_append = cmd;
560 imap->in_progress_append = &cmd->next;
561 imap->num_in_progress++;
562 return cmd;
565 __attribute__((format (printf, 3, 4)))
566 static struct imap_cmd *issue_imap_cmd(struct imap_store *ctx,
567 struct imap_cmd_cb *cb,
568 const char *fmt, ...)
570 struct imap_cmd *ret;
571 va_list ap;
573 va_start(ap, fmt);
574 ret = v_issue_imap_cmd(ctx, cb, fmt, ap);
575 va_end(ap);
576 return ret;
579 __attribute__((format (printf, 3, 4)))
580 static int imap_exec(struct imap_store *ctx, struct imap_cmd_cb *cb,
581 const char *fmt, ...)
583 va_list ap;
584 struct imap_cmd *cmdp;
586 va_start(ap, fmt);
587 cmdp = v_issue_imap_cmd(ctx, cb, fmt, ap);
588 va_end(ap);
589 if (!cmdp)
590 return RESP_BAD;
592 return get_cmd_result(ctx, cmdp);
595 __attribute__((format (printf, 3, 4)))
596 static int imap_exec_m(struct imap_store *ctx, struct imap_cmd_cb *cb,
597 const char *fmt, ...)
599 va_list ap;
600 struct imap_cmd *cmdp;
602 va_start(ap, fmt);
603 cmdp = v_issue_imap_cmd(ctx, cb, fmt, ap);
604 va_end(ap);
605 if (!cmdp)
606 return DRV_STORE_BAD;
608 switch (get_cmd_result(ctx, cmdp)) {
609 case RESP_BAD: return DRV_STORE_BAD;
610 case RESP_NO: return DRV_MSG_BAD;
611 default: return DRV_OK;
615 static int skip_imap_list_l(char **sp, int level)
617 char *s = *sp;
619 for (;;) {
620 while (isspace((unsigned char)*s))
621 s++;
622 if (level && *s == ')') {
623 s++;
624 break;
626 if (*s == '(') {
627 /* sublist */
628 s++;
629 if (skip_imap_list_l(&s, level + 1))
630 goto bail;
631 } else if (*s == '"') {
632 /* quoted string */
633 s++;
634 for (; *s != '"'; s++)
635 if (!*s)
636 goto bail;
637 s++;
638 } else {
639 /* atom */
640 for (; *s && !isspace((unsigned char)*s); s++)
641 if (level && *s == ')')
642 break;
645 if (!level)
646 break;
647 if (!*s)
648 goto bail;
650 *sp = s;
651 return 0;
653 bail:
654 return -1;
657 static void skip_list(char **sp)
659 skip_imap_list_l(sp, 0);
662 static void parse_capability(struct imap *imap, char *cmd)
664 char *arg;
665 unsigned i;
667 imap->caps = 0x80000000;
668 while ((arg = next_arg(&cmd)))
669 for (i = 0; i < ARRAY_SIZE(cap_list); i++)
670 if (!strcmp(cap_list[i], arg))
671 imap->caps |= 1 << i;
672 imap->rcaps = imap->caps;
675 static int parse_response_code(struct imap_store *ctx, struct imap_cmd_cb *cb,
676 char *s)
678 struct imap *imap = ctx->imap;
679 char *arg, *p;
681 if (*s != '[')
682 return RESP_OK; /* no response code */
683 s++;
684 if (!(p = strchr(s, ']'))) {
685 fprintf(stderr, "IMAP error: malformed response code\n");
686 return RESP_BAD;
688 *p++ = 0;
689 arg = next_arg(&s);
690 if (!strcmp("UIDVALIDITY", arg)) {
691 if (!(arg = next_arg(&s)) || !(ctx->uidvalidity = atoi(arg))) {
692 fprintf(stderr, "IMAP error: malformed UIDVALIDITY status\n");
693 return RESP_BAD;
695 } else if (!strcmp("UIDNEXT", arg)) {
696 if (!(arg = next_arg(&s)) || !(imap->uidnext = atoi(arg))) {
697 fprintf(stderr, "IMAP error: malformed NEXTUID status\n");
698 return RESP_BAD;
700 } else if (!strcmp("CAPABILITY", arg)) {
701 parse_capability(imap, s);
702 } else if (!strcmp("ALERT", arg)) {
703 /* RFC2060 says that these messages MUST be displayed
704 * to the user
706 for (; isspace((unsigned char)*p); p++);
707 fprintf(stderr, "*** IMAP ALERT *** %s\n", p);
708 } else if (cb && cb->ctx && !strcmp("APPENDUID", arg)) {
709 if (!(arg = next_arg(&s)) || !(ctx->uidvalidity = atoi(arg)) ||
710 !(arg = next_arg(&s)) || !(*(int *)cb->ctx = atoi(arg))) {
711 fprintf(stderr, "IMAP error: malformed APPENDUID status\n");
712 return RESP_BAD;
715 return RESP_OK;
718 static int get_cmd_result(struct imap_store *ctx, struct imap_cmd *tcmd)
720 struct imap *imap = ctx->imap;
721 struct imap_cmd *cmdp, **pcmdp, *ncmdp;
722 char *cmd, *arg, *arg1, *p;
723 int n, resp, resp2, tag;
725 for (;;) {
726 if (buffer_gets(&imap->buf, &cmd))
727 return RESP_BAD;
729 arg = next_arg(&cmd);
730 if (*arg == '*') {
731 arg = next_arg(&cmd);
732 if (!arg) {
733 fprintf(stderr, "IMAP error: unable to parse untagged response\n");
734 return RESP_BAD;
737 if (!strcmp("NAMESPACE", arg)) {
738 /* rfc2342 NAMESPACE response. */
739 skip_list(&cmd); /* Personal mailboxes */
740 skip_list(&cmd); /* Others' mailboxes */
741 skip_list(&cmd); /* Shared mailboxes */
742 } else if (!strcmp("OK", arg) || !strcmp("BAD", arg) ||
743 !strcmp("NO", arg) || !strcmp("BYE", arg)) {
744 if ((resp = parse_response_code(ctx, NULL, cmd)) != RESP_OK)
745 return resp;
746 } else if (!strcmp("CAPABILITY", arg)) {
747 parse_capability(imap, cmd);
748 } else if ((arg1 = next_arg(&cmd))) {
749 ; /*
750 * Unhandled response-data with at least two words.
751 * Ignore it.
753 * NEEDSWORK: Previously this case handled '<num> EXISTS'
754 * and '<num> RECENT' but as a probably-unintended side
755 * effect it ignores other unrecognized two-word
756 * responses. imap-send doesn't ever try to read
757 * messages or mailboxes these days, so consider
758 * eliminating this case.
760 } else {
761 fprintf(stderr, "IMAP error: unable to parse untagged response\n");
762 return RESP_BAD;
764 } else if (!imap->in_progress) {
765 fprintf(stderr, "IMAP error: unexpected reply: %s %s\n", arg, cmd ? cmd : "");
766 return RESP_BAD;
767 } else if (*arg == '+') {
768 /* This can happen only with the last command underway, as
769 it enforces a round-trip. */
770 cmdp = (struct imap_cmd *)((char *)imap->in_progress_append -
771 offsetof(struct imap_cmd, next));
772 if (cmdp->cb.data) {
773 n = socket_write(&imap->buf.sock, cmdp->cb.data, cmdp->cb.dlen);
774 free(cmdp->cb.data);
775 cmdp->cb.data = NULL;
776 if (n != (int)cmdp->cb.dlen)
777 return RESP_BAD;
778 } else if (cmdp->cb.cont) {
779 if (cmdp->cb.cont(ctx, cmdp, cmd))
780 return RESP_BAD;
781 } else {
782 fprintf(stderr, "IMAP error: unexpected command continuation request\n");
783 return RESP_BAD;
785 if (socket_write(&imap->buf.sock, "\r\n", 2) != 2)
786 return RESP_BAD;
787 if (!cmdp->cb.cont)
788 imap->literal_pending = 0;
789 if (!tcmd)
790 return DRV_OK;
791 } else {
792 tag = atoi(arg);
793 for (pcmdp = &imap->in_progress; (cmdp = *pcmdp); pcmdp = &cmdp->next)
794 if (cmdp->tag == tag)
795 goto gottag;
796 fprintf(stderr, "IMAP error: unexpected tag %s\n", arg);
797 return RESP_BAD;
798 gottag:
799 if (!(*pcmdp = cmdp->next))
800 imap->in_progress_append = pcmdp;
801 imap->num_in_progress--;
802 if (cmdp->cb.cont || cmdp->cb.data)
803 imap->literal_pending = 0;
804 arg = next_arg(&cmd);
805 if (!strcmp("OK", arg))
806 resp = DRV_OK;
807 else {
808 if (!strcmp("NO", arg)) {
809 if (cmdp->cb.create && cmd && (cmdp->cb.trycreate || !memcmp(cmd, "[TRYCREATE]", 11))) { /* SELECT, APPEND or UID COPY */
810 p = strchr(cmdp->cmd, '"');
811 if (!issue_imap_cmd(ctx, NULL, "CREATE \"%.*s\"", (int)(strchr(p + 1, '"') - p + 1), p)) {
812 resp = RESP_BAD;
813 goto normal;
815 /* not waiting here violates the spec, but a server that does not
816 grok this nonetheless violates it too. */
817 cmdp->cb.create = 0;
818 if (!(ncmdp = issue_imap_cmd(ctx, &cmdp->cb, "%s", cmdp->cmd))) {
819 resp = RESP_BAD;
820 goto normal;
822 free(cmdp->cmd);
823 free(cmdp);
824 if (!tcmd)
825 return 0; /* ignored */
826 if (cmdp == tcmd)
827 tcmd = ncmdp;
828 continue;
830 resp = RESP_NO;
831 } else /*if (!strcmp("BAD", arg))*/
832 resp = RESP_BAD;
833 fprintf(stderr, "IMAP command '%s' returned response (%s) - %s\n",
834 memcmp(cmdp->cmd, "LOGIN", 5) ?
835 cmdp->cmd : "LOGIN <user> <pass>",
836 arg, cmd ? cmd : "");
838 if ((resp2 = parse_response_code(ctx, &cmdp->cb, cmd)) > resp)
839 resp = resp2;
840 normal:
841 if (cmdp->cb.done)
842 cmdp->cb.done(ctx, cmdp, resp);
843 free(cmdp->cb.data);
844 free(cmdp->cmd);
845 free(cmdp);
846 if (!tcmd || tcmd == cmdp)
847 return resp;
850 /* not reached */
853 static void imap_close_server(struct imap_store *ictx)
855 struct imap *imap = ictx->imap;
857 if (imap->buf.sock.fd[0] != -1) {
858 imap_exec(ictx, NULL, "LOGOUT");
859 socket_shutdown(&imap->buf.sock);
861 free(imap);
864 static void imap_close_store(struct imap_store *ctx)
866 imap_close_server(ctx);
867 free(ctx);
870 #ifndef NO_OPENSSL
873 * hexchar() and cram() functions are based on the code from the isync
874 * project (http://isync.sf.net/).
876 static char hexchar(unsigned int b)
878 return b < 10 ? '0' + b : 'a' + (b - 10);
881 #define ENCODED_SIZE(n) (4*((n+2)/3))
882 static char *cram(const char *challenge_64, const char *user, const char *pass)
884 int i, resp_len, encoded_len, decoded_len;
885 HMAC_CTX hmac;
886 unsigned char hash[16];
887 char hex[33];
888 char *response, *response_64, *challenge;
891 * length of challenge_64 (i.e. base-64 encoded string) is a good
892 * enough upper bound for challenge (decoded result).
894 encoded_len = strlen(challenge_64);
895 challenge = xmalloc(encoded_len);
896 decoded_len = EVP_DecodeBlock((unsigned char *)challenge,
897 (unsigned char *)challenge_64, encoded_len);
898 if (decoded_len < 0)
899 die("invalid challenge %s", challenge_64);
900 HMAC_Init(&hmac, (unsigned char *)pass, strlen(pass), EVP_md5());
901 HMAC_Update(&hmac, (unsigned char *)challenge, decoded_len);
902 HMAC_Final(&hmac, hash, NULL);
903 HMAC_CTX_cleanup(&hmac);
905 hex[32] = 0;
906 for (i = 0; i < 16; i++) {
907 hex[2 * i] = hexchar((hash[i] >> 4) & 0xf);
908 hex[2 * i + 1] = hexchar(hash[i] & 0xf);
911 /* response: "<user> <digest in hex>" */
912 resp_len = strlen(user) + 1 + strlen(hex) + 1;
913 response = xmalloc(resp_len);
914 sprintf(response, "%s %s", user, hex);
916 response_64 = xmalloc(ENCODED_SIZE(resp_len) + 1);
917 encoded_len = EVP_EncodeBlock((unsigned char *)response_64,
918 (unsigned char *)response, resp_len);
919 if (encoded_len < 0)
920 die("EVP_EncodeBlock error");
921 response_64[encoded_len] = '\0';
922 return (char *)response_64;
925 #else
927 static char *cram(const char *challenge_64, const char *user, const char *pass)
929 die("If you want to use CRAM-MD5 authenticate method, "
930 "you have to build git-imap-send with OpenSSL library.");
933 #endif
935 static int auth_cram_md5(struct imap_store *ctx, struct imap_cmd *cmd, const char *prompt)
937 int ret;
938 char *response;
940 response = cram(prompt, server.user, server.pass);
942 ret = socket_write(&ctx->imap->buf.sock, response, strlen(response));
943 if (ret != strlen(response))
944 return error("IMAP error: sending response failed");
946 free(response);
948 return 0;
951 static struct imap_store *imap_open_store(struct imap_server_conf *srvc)
953 struct imap_store *ctx;
954 struct imap *imap;
955 char *arg, *rsp;
956 int s = -1, preauth;
958 ctx = xcalloc(sizeof(*ctx), 1);
960 ctx->imap = imap = xcalloc(sizeof(*imap), 1);
961 imap->buf.sock.fd[0] = imap->buf.sock.fd[1] = -1;
962 imap->in_progress_append = &imap->in_progress;
964 /* open connection to IMAP server */
966 if (srvc->tunnel) {
967 const char *argv[] = { srvc->tunnel, NULL };
968 struct child_process tunnel = {NULL};
970 imap_info("Starting tunnel '%s'... ", srvc->tunnel);
972 tunnel.argv = argv;
973 tunnel.use_shell = 1;
974 tunnel.in = -1;
975 tunnel.out = -1;
976 if (start_command(&tunnel))
977 die("cannot start proxy %s", argv[0]);
979 imap->buf.sock.fd[0] = tunnel.out;
980 imap->buf.sock.fd[1] = tunnel.in;
982 imap_info("ok\n");
983 } else {
984 #ifndef NO_IPV6
985 struct addrinfo hints, *ai0, *ai;
986 int gai;
987 char portstr[6];
989 snprintf(portstr, sizeof(portstr), "%d", srvc->port);
991 memset(&hints, 0, sizeof(hints));
992 hints.ai_socktype = SOCK_STREAM;
993 hints.ai_protocol = IPPROTO_TCP;
995 imap_info("Resolving %s... ", srvc->host);
996 gai = getaddrinfo(srvc->host, portstr, &hints, &ai);
997 if (gai) {
998 fprintf(stderr, "getaddrinfo: %s\n", gai_strerror(gai));
999 goto bail;
1001 imap_info("ok\n");
1003 for (ai0 = ai; ai; ai = ai->ai_next) {
1004 char addr[NI_MAXHOST];
1006 s = socket(ai->ai_family, ai->ai_socktype,
1007 ai->ai_protocol);
1008 if (s < 0)
1009 continue;
1011 getnameinfo(ai->ai_addr, ai->ai_addrlen, addr,
1012 sizeof(addr), NULL, 0, NI_NUMERICHOST);
1013 imap_info("Connecting to [%s]:%s... ", addr, portstr);
1015 if (connect(s, ai->ai_addr, ai->ai_addrlen) < 0) {
1016 close(s);
1017 s = -1;
1018 perror("connect");
1019 continue;
1022 break;
1024 freeaddrinfo(ai0);
1025 #else /* NO_IPV6 */
1026 struct hostent *he;
1027 struct sockaddr_in addr;
1029 memset(&addr, 0, sizeof(addr));
1030 addr.sin_port = htons(srvc->port);
1031 addr.sin_family = AF_INET;
1033 imap_info("Resolving %s... ", srvc->host);
1034 he = gethostbyname(srvc->host);
1035 if (!he) {
1036 perror("gethostbyname");
1037 goto bail;
1039 imap_info("ok\n");
1041 addr.sin_addr.s_addr = *((int *) he->h_addr_list[0]);
1043 s = socket(PF_INET, SOCK_STREAM, 0);
1045 imap_info("Connecting to %s:%hu... ", inet_ntoa(addr.sin_addr), ntohs(addr.sin_port));
1046 if (connect(s, (struct sockaddr *)&addr, sizeof(addr))) {
1047 close(s);
1048 s = -1;
1049 perror("connect");
1051 #endif
1052 if (s < 0) {
1053 fputs("Error: unable to connect to server.\n", stderr);
1054 goto bail;
1057 imap->buf.sock.fd[0] = s;
1058 imap->buf.sock.fd[1] = dup(s);
1060 if (srvc->use_ssl &&
1061 ssl_socket_connect(&imap->buf.sock, 0, srvc->ssl_verify)) {
1062 close(s);
1063 goto bail;
1065 imap_info("ok\n");
1068 /* read the greeting string */
1069 if (buffer_gets(&imap->buf, &rsp)) {
1070 fprintf(stderr, "IMAP error: no greeting response\n");
1071 goto bail;
1073 arg = next_arg(&rsp);
1074 if (!arg || *arg != '*' || (arg = next_arg(&rsp)) == NULL) {
1075 fprintf(stderr, "IMAP error: invalid greeting response\n");
1076 goto bail;
1078 preauth = 0;
1079 if (!strcmp("PREAUTH", arg))
1080 preauth = 1;
1081 else if (strcmp("OK", arg) != 0) {
1082 fprintf(stderr, "IMAP error: unknown greeting response\n");
1083 goto bail;
1085 parse_response_code(ctx, NULL, rsp);
1086 if (!imap->caps && imap_exec(ctx, NULL, "CAPABILITY") != RESP_OK)
1087 goto bail;
1089 if (!preauth) {
1090 #ifndef NO_OPENSSL
1091 if (!srvc->use_ssl && CAP(STARTTLS)) {
1092 if (imap_exec(ctx, NULL, "STARTTLS") != RESP_OK)
1093 goto bail;
1094 if (ssl_socket_connect(&imap->buf.sock, 1,
1095 srvc->ssl_verify))
1096 goto bail;
1097 /* capabilities may have changed, so get the new capabilities */
1098 if (imap_exec(ctx, NULL, "CAPABILITY") != RESP_OK)
1099 goto bail;
1101 #endif
1102 imap_info("Logging in...\n");
1103 if (!srvc->user) {
1104 fprintf(stderr, "Skipping server %s, no user\n", srvc->host);
1105 goto bail;
1107 if (!srvc->pass) {
1108 struct strbuf prompt = STRBUF_INIT;
1109 strbuf_addf(&prompt, "Password (%s@%s): ", srvc->user, srvc->host);
1110 arg = git_getpass(prompt.buf);
1111 strbuf_release(&prompt);
1112 if (!*arg) {
1113 fprintf(stderr, "Skipping account %s@%s, no password\n", srvc->user, srvc->host);
1114 goto bail;
1117 * getpass() returns a pointer to a static buffer. make a copy
1118 * for long term storage.
1120 srvc->pass = xstrdup(arg);
1122 if (CAP(NOLOGIN)) {
1123 fprintf(stderr, "Skipping account %s@%s, server forbids LOGIN\n", srvc->user, srvc->host);
1124 goto bail;
1127 if (srvc->auth_method) {
1128 struct imap_cmd_cb cb;
1130 if (!strcmp(srvc->auth_method, "CRAM-MD5")) {
1131 if (!CAP(AUTH_CRAM_MD5)) {
1132 fprintf(stderr, "You specified"
1133 "CRAM-MD5 as authentication method, "
1134 "but %s doesn't support it.\n", srvc->host);
1135 goto bail;
1137 /* CRAM-MD5 */
1139 memset(&cb, 0, sizeof(cb));
1140 cb.cont = auth_cram_md5;
1141 if (imap_exec(ctx, &cb, "AUTHENTICATE CRAM-MD5") != RESP_OK) {
1142 fprintf(stderr, "IMAP error: AUTHENTICATE CRAM-MD5 failed\n");
1143 goto bail;
1145 } else {
1146 fprintf(stderr, "Unknown authentication method:%s\n", srvc->host);
1147 goto bail;
1149 } else {
1150 if (!imap->buf.sock.ssl)
1151 imap_warn("*** IMAP Warning *** Password is being "
1152 "sent in the clear\n");
1153 if (imap_exec(ctx, NULL, "LOGIN \"%s\" \"%s\"", srvc->user, srvc->pass) != RESP_OK) {
1154 fprintf(stderr, "IMAP error: LOGIN failed\n");
1155 goto bail;
1158 } /* !preauth */
1160 ctx->prefix = "";
1161 return ctx;
1163 bail:
1164 imap_close_store(ctx);
1165 return NULL;
1169 * Insert CR characters as necessary in *msg to ensure that every LF
1170 * character in *msg is preceded by a CR.
1172 static void lf_to_crlf(struct strbuf *msg)
1174 char *new;
1175 size_t i, j;
1176 char lastc;
1178 /* First pass: tally, in j, the size of the new string: */
1179 for (i = j = 0, lastc = '\0'; i < msg->len; i++) {
1180 if (msg->buf[i] == '\n' && lastc != '\r')
1181 j++; /* a CR will need to be added here */
1182 lastc = msg->buf[i];
1183 j++;
1186 new = xmalloc(j + 1);
1189 * Second pass: write the new string. Note that this loop is
1190 * otherwise identical to the first pass.
1192 for (i = j = 0, lastc = '\0'; i < msg->len; i++) {
1193 if (msg->buf[i] == '\n' && lastc != '\r')
1194 new[j++] = '\r';
1195 lastc = new[j++] = msg->buf[i];
1197 strbuf_attach(msg, new, j, j + 1);
1201 * Store msg to IMAP. Also detach and free the data from msg->data,
1202 * leaving msg->data empty.
1204 static int imap_store_msg(struct imap_store *ctx, struct strbuf *msg)
1206 struct imap *imap = ctx->imap;
1207 struct imap_cmd_cb cb;
1208 const char *prefix, *box;
1209 int ret;
1211 lf_to_crlf(msg);
1212 memset(&cb, 0, sizeof(cb));
1214 cb.dlen = msg->len;
1215 cb.data = strbuf_detach(msg, NULL);
1217 box = ctx->name;
1218 prefix = !strcmp(box, "INBOX") ? "" : ctx->prefix;
1219 cb.create = 0;
1220 ret = imap_exec_m(ctx, &cb, "APPEND \"%s%s\" ", prefix, box);
1221 imap->caps = imap->rcaps;
1222 if (ret != DRV_OK)
1223 return ret;
1225 return DRV_OK;
1228 static void wrap_in_html(struct strbuf *msg)
1230 struct strbuf buf = STRBUF_INIT;
1231 static char *content_type = "Content-Type: text/html;\n";
1232 static char *pre_open = "<pre>\n";
1233 static char *pre_close = "</pre>\n";
1234 const char *body = strstr(msg->buf, "\n\n");
1236 if (!body)
1237 return; /* Headers but no body; no wrapping needed */
1239 body += 2;
1241 strbuf_add(&buf, msg->buf, body - msg->buf - 1);
1242 strbuf_addstr(&buf, content_type);
1243 strbuf_addch(&buf, '\n');
1244 strbuf_addstr(&buf, pre_open);
1245 strbuf_addstr_xml_quoted(&buf, body);
1246 strbuf_addstr(&buf, pre_close);
1248 strbuf_release(msg);
1249 *msg = buf;
1252 #define CHUNKSIZE 0x1000
1254 static int read_message(FILE *f, struct strbuf *all_msgs)
1256 do {
1257 if (strbuf_fread(all_msgs, CHUNKSIZE, f) <= 0)
1258 break;
1259 } while (!feof(f));
1261 return ferror(f) ? -1 : 0;
1264 static int count_messages(struct strbuf *all_msgs)
1266 int count = 0;
1267 char *p = all_msgs->buf;
1269 while (1) {
1270 if (!prefixcmp(p, "From ")) {
1271 p = strstr(p+5, "\nFrom: ");
1272 if (!p) break;
1273 p = strstr(p+7, "\nDate: ");
1274 if (!p) break;
1275 p = strstr(p+7, "\nSubject: ");
1276 if (!p) break;
1277 p += 10;
1278 count++;
1280 p = strstr(p+5, "\nFrom ");
1281 if (!p)
1282 break;
1283 p++;
1285 return count;
1289 * Copy the next message from all_msgs, starting at offset *ofs, to
1290 * msg. Update *ofs to the start of the following message. Return
1291 * true iff a message was successfully copied.
1293 static int split_msg(struct strbuf *all_msgs, struct strbuf *msg, int *ofs)
1295 char *p, *data;
1296 size_t len;
1298 if (*ofs >= all_msgs->len)
1299 return 0;
1301 data = &all_msgs->buf[*ofs];
1302 len = all_msgs->len - *ofs;
1304 if (len < 5 || prefixcmp(data, "From "))
1305 return 0;
1307 p = strchr(data, '\n');
1308 if (p) {
1309 p++;
1310 len -= p - data;
1311 *ofs += p - data;
1312 data = p;
1315 p = strstr(data, "\nFrom ");
1316 if (p)
1317 len = &p[1] - data;
1319 strbuf_add(msg, data, len);
1320 *ofs += len;
1321 return 1;
1324 static char *imap_folder;
1326 static int git_imap_config(const char *key, const char *val, void *cb)
1328 char imap_key[] = "imap.";
1330 if (strncmp(key, imap_key, sizeof imap_key - 1))
1331 return 0;
1333 key += sizeof imap_key - 1;
1335 /* check booleans first, and barf on others */
1336 if (!strcmp("sslverify", key))
1337 server.ssl_verify = git_config_bool(key, val);
1338 else if (!strcmp("preformattedhtml", key))
1339 server.use_html = git_config_bool(key, val);
1340 else if (!val)
1341 return config_error_nonbool(key);
1343 if (!strcmp("folder", key)) {
1344 imap_folder = xstrdup(val);
1345 } else if (!strcmp("host", key)) {
1346 if (!prefixcmp(val, "imap:"))
1347 val += 5;
1348 else if (!prefixcmp(val, "imaps:")) {
1349 val += 6;
1350 server.use_ssl = 1;
1352 if (!prefixcmp(val, "//"))
1353 val += 2;
1354 server.host = xstrdup(val);
1355 } else if (!strcmp("user", key))
1356 server.user = xstrdup(val);
1357 else if (!strcmp("pass", key))
1358 server.pass = xstrdup(val);
1359 else if (!strcmp("port", key))
1360 server.port = git_config_int(key, val);
1361 else if (!strcmp("tunnel", key))
1362 server.tunnel = xstrdup(val);
1363 else if (!strcmp("authmethod", key))
1364 server.auth_method = xstrdup(val);
1366 return 0;
1369 int main(int argc, char **argv)
1371 struct strbuf all_msgs = STRBUF_INIT;
1372 struct strbuf msg = STRBUF_INIT;
1373 struct imap_store *ctx = NULL;
1374 int ofs = 0;
1375 int r;
1376 int total, n = 0;
1377 int nongit_ok;
1379 git_extract_argv0_path(argv[0]);
1381 git_setup_gettext();
1383 if (argc != 1)
1384 usage(imap_send_usage);
1386 setup_git_directory_gently(&nongit_ok);
1387 git_config(git_imap_config, NULL);
1389 if (!server.port)
1390 server.port = server.use_ssl ? 993 : 143;
1392 if (!imap_folder) {
1393 fprintf(stderr, "no imap store specified\n");
1394 return 1;
1396 if (!server.host) {
1397 if (!server.tunnel) {
1398 fprintf(stderr, "no imap host specified\n");
1399 return 1;
1401 server.host = "tunnel";
1404 /* read the messages */
1405 if (read_message(stdin, &all_msgs)) {
1406 fprintf(stderr, "error reading input\n");
1407 return 1;
1410 if (all_msgs.len == 0) {
1411 fprintf(stderr, "nothing to send\n");
1412 return 1;
1415 total = count_messages(&all_msgs);
1416 if (!total) {
1417 fprintf(stderr, "no messages to send\n");
1418 return 1;
1421 /* write it to the imap server */
1422 ctx = imap_open_store(&server);
1423 if (!ctx) {
1424 fprintf(stderr, "failed to open store\n");
1425 return 1;
1428 fprintf(stderr, "sending %d message%s\n", total, (total != 1) ? "s" : "");
1429 ctx->name = imap_folder;
1430 while (1) {
1431 unsigned percent = n * 100 / total;
1433 fprintf(stderr, "%4u%% (%d/%d) done\r", percent, n, total);
1434 if (!split_msg(&all_msgs, &msg, &ofs))
1435 break;
1436 if (server.use_html)
1437 wrap_in_html(&msg);
1438 r = imap_store_msg(ctx, &msg);
1439 if (r != DRV_OK)
1440 break;
1441 n++;
1443 fprintf(stderr, "\n");
1445 imap_close_store(ctx);
1447 return 0;