diff options
Diffstat (limited to 'libs/libcurl/src/imap.c')
| -rw-r--r-- | libs/libcurl/src/imap.c | 1232 |
1 files changed, 439 insertions, 793 deletions
diff --git a/libs/libcurl/src/imap.c b/libs/libcurl/src/imap.c index 9a845102ad..1b52f73a41 100644 --- a/libs/libcurl/src/imap.c +++ b/libs/libcurl/src/imap.c @@ -5,11 +5,11 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms - * are also available at http://curl.haxx.se/docs/copyright.html. + * are also available at https://curl.haxx.se/docs/copyright.html. * * You may opt to use, copy, modify, merge, publish, distribute and/or sell * copies of the Software, and permit persons to whom the Software is @@ -24,9 +24,11 @@ * RFC3501 IMAPv4 protocol * RFC4422 Simple Authentication and Security Layer (SASL) * RFC4616 PLAIN authentication + * RFC4752 The Kerberos V5 ("GSSAPI") SASL Mechanism * RFC4959 IMAP Extension for SASL Initial Client Response * RFC5092 IMAP URL Scheme * RFC6749 OAuth 2.0 Authorization Framework + * Draft LOGIN SASL Mechanism <draft-murchison-sasl-login-00.txt> * ***************************************************************************/ @@ -59,7 +61,6 @@ #include <curl/curl.h> #include "urldata.h" #include "sendf.h" -#include "if2ip.h" #include "hostip.h" #include "progress.h" #include "transfer.h" @@ -67,24 +68,22 @@ #include "http.h" /* for HTTP proxy tunnel stuff */ #include "socks.h" #include "imap.h" - +#include "mime.h" #include "strtoofft.h" -#include "strequal.h" -#include "sslgen.h" +#include "strcase.h" +#include "vtls/vtls.h" #include "connect.h" #include "strerror.h" #include "select.h" #include "multiif.h" #include "url.h" -#include "rawstr.h" +#include "strcase.h" #include "curl_sasl.h" #include "warnless.h" -#define _MPRINTF_REPLACE /* use our functions only */ -#include <curl/mprintf.h> - +/* The last 3 #include files should be in this order */ +#include "curl_printf.h" #include "curl_memory.h" -/* The last #include file should be: */ #include "memdebug.h" /* Local API functions */ @@ -99,11 +98,17 @@ static int imap_getsock(struct connectdata *conn, curl_socket_t *socks, int numsocks); static CURLcode imap_doing(struct connectdata *conn, bool *dophase_done); static CURLcode imap_setup_connection(struct connectdata *conn); -static char *imap_atom(const char *str); +static char *imap_atom(const char *str, bool escape_only); static CURLcode imap_sendf(struct connectdata *conn, const char *fmt, ...); static CURLcode imap_parse_url_options(struct connectdata *conn); static CURLcode imap_parse_url_path(struct connectdata *conn); static CURLcode imap_parse_custom_request(struct connectdata *conn); +static CURLcode imap_perform_authenticate(struct connectdata *conn, + const char *mech, + const char *initresp); +static CURLcode imap_continue_authenticate(struct connectdata *conn, + const char *resp); +static void imap_get_message(char *buffer, char **outptr); /* * IMAP protocol handler. @@ -124,10 +129,11 @@ const struct Curl_handler Curl_handler_imap = { ZERO_NULL, /* perform_getsock */ imap_disconnect, /* disconnect */ ZERO_NULL, /* readwrite */ + ZERO_NULL, /* connection_check */ PORT_IMAP, /* defport */ CURLPROTO_IMAP, /* protocol */ - PROTOPT_CLOSEACTION | PROTOPT_NEEDSPWD - | PROTOPT_NOURLQUERY /* flags */ + PROTOPT_CLOSEACTION| /* flags */ + PROTOPT_URLOPTIONS }; #ifdef USE_SSL @@ -150,69 +156,37 @@ const struct Curl_handler Curl_handler_imaps = { ZERO_NULL, /* perform_getsock */ imap_disconnect, /* disconnect */ ZERO_NULL, /* readwrite */ + ZERO_NULL, /* connection_check */ PORT_IMAPS, /* defport */ - CURLPROTO_IMAP | CURLPROTO_IMAPS, /* protocol */ - PROTOPT_CLOSEACTION | PROTOPT_SSL | PROTOPT_NEEDSPWD - | PROTOPT_NOURLQUERY /* flags */ + CURLPROTO_IMAPS, /* protocol */ + PROTOPT_CLOSEACTION | PROTOPT_SSL /* flags */ }; #endif -#ifndef CURL_DISABLE_HTTP -/* - * HTTP-proxyed IMAP protocol handler. - */ - -static const struct Curl_handler Curl_handler_imap_proxy = { - "IMAP", /* scheme */ - Curl_http_setup_conn, /* setup_connection */ - Curl_http, /* do_it */ - Curl_http_done, /* done */ - ZERO_NULL, /* do_more */ - ZERO_NULL, /* connect_it */ - ZERO_NULL, /* connecting */ - ZERO_NULL, /* doing */ - ZERO_NULL, /* proto_getsock */ - ZERO_NULL, /* doing_getsock */ - ZERO_NULL, /* domore_getsock */ - ZERO_NULL, /* perform_getsock */ - ZERO_NULL, /* disconnect */ - ZERO_NULL, /* readwrite */ - PORT_IMAP, /* defport */ - CURLPROTO_HTTP, /* protocol */ - PROTOPT_NONE /* flags */ +#define IMAP_RESP_OK 1 +#define IMAP_RESP_NOT_OK 2 +#define IMAP_RESP_PREAUTH 3 + +/* SASL parameters for the imap protocol */ +static const struct SASLproto saslimap = { + "imap", /* The service name */ + '+', /* Code received when continuation is expected */ + IMAP_RESP_OK, /* Code to receive upon authentication success */ + 0, /* Maximum initial response length (no max) */ + imap_perform_authenticate, /* Send authentication command */ + imap_continue_authenticate, /* Send authentication continuation */ + imap_get_message /* Get SASL response message */ }; -#ifdef USE_SSL -/* - * HTTP-proxyed IMAPS protocol handler. - */ - -static const struct Curl_handler Curl_handler_imaps_proxy = { - "IMAPS", /* scheme */ - Curl_http_setup_conn, /* setup_connection */ - Curl_http, /* do_it */ - Curl_http_done, /* done */ - ZERO_NULL, /* do_more */ - ZERO_NULL, /* connect_it */ - ZERO_NULL, /* connecting */ - ZERO_NULL, /* doing */ - ZERO_NULL, /* proto_getsock */ - ZERO_NULL, /* doing_getsock */ - ZERO_NULL, /* domore_getsock */ - ZERO_NULL, /* perform_getsock */ - ZERO_NULL, /* disconnect */ - ZERO_NULL, /* readwrite */ - PORT_IMAPS, /* defport */ - CURLPROTO_HTTP, /* protocol */ - PROTOPT_NONE /* flags */ -}; -#endif -#endif #ifdef USE_SSL static void imap_to_imaps(struct connectdata *conn) { + /* Change the connection handler */ conn->handler = &Curl_handler_imaps; + + /* Set the connection's upgraded to TLS flag */ + conn->tls_upgraded = TRUE; } #else #define imap_to_imaps(x) Curl_nop_stmt @@ -252,8 +226,8 @@ static bool imap_matchresp(const char *line, size_t len, const char *cmd) /* Does the command name match and is it followed by a space character or at the end of line? */ - if(line + cmd_len <= end && Curl_raw_nequal(line, cmd, cmd_len) && - (line[cmd_len] == ' ' || line + cmd_len == end)) + if(line + cmd_len <= end && strncasecompare(line, cmd, cmd_len) && + (line[cmd_len] == ' ' || line + cmd_len + 2 == end)) return TRUE; return FALSE; @@ -280,15 +254,11 @@ static bool imap_endofresp(struct connectdata *conn, char *line, size_t len, len -= id_len + 1; if(len >= 2 && !memcmp(line, "OK", 2)) - *resp = 'O'; - else if(len >= 2 && !memcmp(line, "NO", 2)) - *resp = 'N'; - else if(len >= 3 && !memcmp(line, "BAD", 3)) - *resp = 'B'; - else { - failf(conn->data, "Bad tagged response"); - *resp = -1; - } + *resp = IMAP_RESP_OK; + else if(len >= 7 && !memcmp(line, "PREAUTH", 7)) + *resp = IMAP_RESP_PREAUTH; + else + *resp = IMAP_RESP_NOT_OK; return TRUE; } @@ -305,15 +275,15 @@ static bool imap_endofresp(struct connectdata *conn, char *line, size_t len, case IMAP_LIST: if((!imap->custom && !imap_matchresp(line, len, "LIST")) || (imap->custom && !imap_matchresp(line, len, imap->custom) && - (strcmp(imap->custom, "STORE") || + (!strcasecompare(imap->custom, "STORE") || !imap_matchresp(line, len, "FETCH")) && - strcmp(imap->custom, "SELECT") && - strcmp(imap->custom, "EXAMINE") && - strcmp(imap->custom, "SEARCH") && - strcmp(imap->custom, "EXPUNGE") && - strcmp(imap->custom, "LSUB") && - strcmp(imap->custom, "UID") && - strcmp(imap->custom, "NOOP"))) + !strcasecompare(imap->custom, "SELECT") && + !strcasecompare(imap->custom, "EXAMINE") && + !strcasecompare(imap->custom, "SEARCH") && + !strcasecompare(imap->custom, "EXPUNGE") && + !strcasecompare(imap->custom, "LSUB") && + !strcasecompare(imap->custom, "UID") && + !strcasecompare(imap->custom, "NOOP"))) return FALSE; break; @@ -327,6 +297,11 @@ static bool imap_endofresp(struct connectdata *conn, char *line, size_t len, return FALSE; break; + case IMAP_SEARCH: + if(!imap_matchresp(line, len, "SEARCH")) + return FALSE; + break; + /* Ignore other untagged responses */ default: return FALSE; @@ -340,20 +315,11 @@ static bool imap_endofresp(struct connectdata *conn, char *line, size_t len, a space and optionally some text as per RFC-3501 for the AUTHENTICATE and APPEND commands and as outlined in Section 4. Examples of RFC-4959 but some e-mail servers ignore this and only send a single + instead. */ - if((len == 3 && !memcmp("+", line, 1)) || - (len >= 2 && !memcmp("+ ", line, 2))) { + if(imap && !imap->custom && ((len == 3 && !memcmp("+", line, 1)) || + (len >= 2 && !memcmp("+ ", line, 2)))) { switch(imapc->state) { /* States which are interested in continuation responses */ - case IMAP_AUTHENTICATE_PLAIN: - case IMAP_AUTHENTICATE_LOGIN: - case IMAP_AUTHENTICATE_LOGIN_PASSWD: - case IMAP_AUTHENTICATE_CRAMMD5: - case IMAP_AUTHENTICATE_DIGESTMD5: - case IMAP_AUTHENTICATE_DIGESTMD5_RESP: - case IMAP_AUTHENTICATE_NTLM: - case IMAP_AUTHENTICATE_NTLM_TYPE2MSG: - case IMAP_AUTHENTICATE_XOAUTH2: - case IMAP_AUTHENTICATE_FINAL: + case IMAP_AUTHENTICATE: case IMAP_APPEND: *resp = '+'; break; @@ -372,6 +338,35 @@ static bool imap_endofresp(struct connectdata *conn, char *line, size_t len, /*********************************************************************** * + * imap_get_message() + * + * Gets the authentication message from the response buffer. + */ +static void imap_get_message(char *buffer, char **outptr) +{ + size_t len = 0; + char *message = NULL; + + /* Find the start of the message */ + for(message = buffer + 2; *message == ' ' || *message == '\t'; message++) + ; + + /* Find the end of the message */ + for(len = strlen(message); len--;) + if(message[len] != '\r' && message[len] != '\n' && message[len] != ' ' && + message[len] != '\t') + break; + + /* Terminate the message */ + if(++len) { + message[len] = '\0'; + } + + *outptr = message; +} + +/*********************************************************************** + * * state() * * This is the ONLY way to change IMAP state! @@ -387,16 +382,7 @@ static void state(struct connectdata *conn, imapstate newstate) "CAPABILITY", "STARTTLS", "UPGRADETLS", - "AUTHENTICATE_PLAIN", - "AUTHENTICATE_LOGIN", - "AUTHENTICATE_LOGIN_PASSWD", - "AUTHENTICATE_CRAMMD5", - "AUTHENTICATE_DIGESTMD5", - "AUTHENTICATE_DIGESTMD5_RESP", - "AUTHENTICATE_NTLM", - "AUTHENTICATE_NTLM_TYPE2MSG", - "AUTHENTICATE_XOAUTH2", - "AUTHENTICATE_FINAL", + "AUTHENTICATE", "LOGIN", "LIST", "SELECT", @@ -404,6 +390,7 @@ static void state(struct connectdata *conn, imapstate newstate) "FETCH_FINAL", "APPEND", "APPEND_FINAL", + "SEARCH", "LOGOUT", /* LAST */ }; @@ -428,9 +415,9 @@ static CURLcode imap_perform_capability(struct connectdata *conn) CURLcode result = CURLE_OK; struct imap_conn *imapc = &conn->proto.imapc; - imapc->authmechs = 0; /* No known authentication mechanisms yet */ - imapc->authused = 0; /* Clear the authentication mechanism used */ - imapc->tls_supported = FALSE; /* Clear the TLS capability */ + imapc->sasl.authmechs = SASL_AUTH_NONE; /* No known auth. mechanisms yet */ + imapc->sasl.authused = SASL_AUTH_NONE; /* Clear the auth. mechanism used */ + imapc->tls_supported = FALSE; /* Clear the TLS capability */ /* Send the CAPABILITY command */ result = imap_sendf(conn, "CAPABILITY"); @@ -508,15 +495,15 @@ static CURLcode imap_perform_login(struct connectdata *conn) } /* Make sure the username and password are in the correct atom format */ - user = imap_atom(conn->user); - passwd = imap_atom(conn->passwd); + user = imap_atom(conn->user, false); + passwd = imap_atom(conn->passwd, false); /* Send the LOGIN command */ result = imap_sendf(conn, "LOGIN %s %s", user ? user : "", passwd ? passwd : ""); - Curl_safefree(user); - Curl_safefree(passwd); + free(user); + free(passwd); if(!result) state(conn, IMAP_LOGIN); @@ -528,118 +515,70 @@ static CURLcode imap_perform_login(struct connectdata *conn) * * imap_perform_authenticate() * - * Sends an AUTHENTICATE command allowing the client to login with the - * appropriate SASL authentication mechanism. + * Sends an AUTHENTICATE command allowing the client to login with the given + * SASL authentication mechanism. + */ +static CURLcode imap_perform_authenticate(struct connectdata *conn, + const char *mech, + const char *initresp) +{ + CURLcode result = CURLE_OK; + + if(initresp) { + /* Send the AUTHENTICATE command with the initial response */ + result = imap_sendf(conn, "AUTHENTICATE %s %s", mech, initresp); + } + else { + /* Send the AUTHENTICATE command */ + result = imap_sendf(conn, "AUTHENTICATE %s", mech); + } + + return result; +} + +/*********************************************************************** + * + * imap_continue_authenticate() * - * Additionally, the function will perform fallback to the LOGIN command - * should a common mechanism not be available between the client and server. + * Sends SASL continuation data or cancellation. */ -static CURLcode imap_perform_authenticate(struct connectdata *conn) +static CURLcode imap_continue_authenticate(struct connectdata *conn, + const char *resp) +{ + struct imap_conn *imapc = &conn->proto.imapc; + + return Curl_pp_sendf(&imapc->pp, "%s", resp); +} + +/*********************************************************************** + * + * imap_perform_authentication() + * + * Initiates the authentication sequence, with the appropriate SASL + * authentication mechanism, falling back to clear text should a common + * mechanism not be available between the client and server. + */ +static CURLcode imap_perform_authentication(struct connectdata *conn) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; struct imap_conn *imapc = &conn->proto.imapc; - const char *mech = NULL; - char *initresp = NULL; - size_t len = 0; - imapstate state1 = IMAP_STOP; - imapstate state2 = IMAP_STOP; + saslprogress progress; - /* Check we have a username and password to authenticate with and end the - connect phase if we don't */ - if(!conn->bits.user_passwd) { + /* Check if already authenticated OR if there is enough data to authenticate + with and end the connect phase if we don't */ + if(imapc->preauth || + !Curl_sasl_can_authenticate(&imapc->sasl, conn)) { state(conn, IMAP_STOP); - return result; } - /* Calculate the supported authentication mechanism by decreasing order of - security */ -#ifndef CURL_DISABLE_CRYPTO_AUTH - if((imapc->authmechs & SASL_MECH_DIGEST_MD5) && - (imapc->prefmech & SASL_MECH_DIGEST_MD5)) { - mech = SASL_MECH_STRING_DIGEST_MD5; - state1 = IMAP_AUTHENTICATE_DIGESTMD5; - imapc->authused = SASL_MECH_DIGEST_MD5; - } - else if((imapc->authmechs & SASL_MECH_CRAM_MD5) && - (imapc->prefmech & SASL_MECH_CRAM_MD5)) { - mech = SASL_MECH_STRING_CRAM_MD5; - state1 = IMAP_AUTHENTICATE_CRAMMD5; - imapc->authused = SASL_MECH_CRAM_MD5; - } - else -#endif -#ifdef USE_NTLM - if((imapc->authmechs & SASL_MECH_NTLM) && - (imapc->prefmech & SASL_MECH_NTLM)) { - mech = SASL_MECH_STRING_NTLM; - state1 = IMAP_AUTHENTICATE_NTLM; - state2 = IMAP_AUTHENTICATE_NTLM_TYPE2MSG; - imapc->authused = SASL_MECH_NTLM; - - if(imapc->ir_supported || data->set.sasl_ir) - result = Curl_sasl_create_ntlm_type1_message(conn->user, conn->passwd, - &conn->ntlm, - &initresp, &len); - } - else -#endif - if(((imapc->authmechs & SASL_MECH_XOAUTH2) && - (imapc->prefmech & SASL_MECH_XOAUTH2) && - (imapc->prefmech != SASL_AUTH_ANY)) || conn->xoauth2_bearer) { - mech = SASL_MECH_STRING_XOAUTH2; - state1 = IMAP_AUTHENTICATE_XOAUTH2; - state2 = IMAP_AUTHENTICATE_FINAL; - imapc->authused = SASL_MECH_XOAUTH2; - - if(imapc->ir_supported || data->set.sasl_ir) - result = Curl_sasl_create_xoauth2_message(conn->data, conn->user, - conn->xoauth2_bearer, - &initresp, &len); - } - else if((imapc->authmechs & SASL_MECH_LOGIN) && - (imapc->prefmech & SASL_MECH_LOGIN)) { - mech = SASL_MECH_STRING_LOGIN; - state1 = IMAP_AUTHENTICATE_LOGIN; - state2 = IMAP_AUTHENTICATE_LOGIN_PASSWD; - imapc->authused = SASL_MECH_LOGIN; - - if(imapc->ir_supported || data->set.sasl_ir) - result = Curl_sasl_create_login_message(conn->data, conn->user, - &initresp, &len); - } - else if((imapc->authmechs & SASL_MECH_PLAIN) && - (imapc->prefmech & SASL_MECH_PLAIN)) { - mech = SASL_MECH_STRING_PLAIN; - state1 = IMAP_AUTHENTICATE_PLAIN; - state2 = IMAP_AUTHENTICATE_FINAL; - imapc->authused = SASL_MECH_PLAIN; - - if(imapc->ir_supported || data->set.sasl_ir) - result = Curl_sasl_create_plain_message(conn->data, conn->user, - conn->passwd, &initresp, &len); - } + /* Calculate the SASL login details */ + result = Curl_sasl_start(&imapc->sasl, conn, imapc->ir_supported, &progress); if(!result) { - if(mech) { - /* Perform SASL based authentication */ - if(initresp) { - result = imap_sendf(conn, "AUTHENTICATE %s %s", mech, initresp); - - if(!result) - state(conn, state2); - } - else { - result = imap_sendf(conn, "AUTHENTICATE %s", mech); - - if(!result) - state(conn, state1); - } - - Curl_safefree(initresp); - } - else if(!imapc->login_disabled) + if(progress == SASL_INPROGRESS) + state(conn, IMAP_AUTHENTICATE); + else if(!imapc->login_disabled && (imapc->preftype & IMAP_TYPE_CLEARTEXT)) /* Perform clear text authentication */ result = imap_perform_login(conn); else { @@ -661,7 +600,7 @@ static CURLcode imap_perform_authenticate(struct connectdata *conn) static CURLcode imap_perform_list(struct connectdata *conn) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct IMAP *imap = data->req.protop; char *mailbox; @@ -670,15 +609,15 @@ static CURLcode imap_perform_list(struct connectdata *conn) result = imap_sendf(conn, "%s%s", imap->custom, imap->custom_params ? imap->custom_params : ""); else { - /* Make sure the mailbox is in the correct atom format */ - mailbox = imap_atom(imap->mailbox ? imap->mailbox : ""); + /* Make sure the mailbox is in the correct atom format if necessary */ + mailbox = imap->mailbox ? imap_atom(imap->mailbox, true) : strdup(""); if(!mailbox) return CURLE_OUT_OF_MEMORY; /* Send the LIST command */ result = imap_sendf(conn, "LIST \"%s\" *", mailbox); - Curl_safefree(mailbox); + free(mailbox); } if(!result) @@ -696,7 +635,7 @@ static CURLcode imap_perform_list(struct connectdata *conn) static CURLcode imap_perform_select(struct connectdata *conn) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct IMAP *imap = data->req.protop; struct imap_conn *imapc = &conn->proto.imapc; char *mailbox; @@ -712,14 +651,14 @@ static CURLcode imap_perform_select(struct connectdata *conn) } /* Make sure the mailbox is in the correct atom format */ - mailbox = imap_atom(imap->mailbox); + mailbox = imap_atom(imap->mailbox, false); if(!mailbox) return CURLE_OUT_OF_MEMORY; /* Send the SELECT command */ result = imap_sendf(conn, "SELECT %s", mailbox); - Curl_safefree(mailbox); + free(mailbox); if(!result) state(conn, IMAP_SELECT); @@ -745,9 +684,15 @@ static CURLcode imap_perform_fetch(struct connectdata *conn) } /* Send the FETCH command */ - result = imap_sendf(conn, "FETCH %s BODY[%s]", - imap->uid, - imap->section ? imap->section : ""); + if(imap->partial) + result = imap_sendf(conn, "FETCH %s BODY[%s]<%s>", + imap->uid, + imap->section ? imap->section : "", + imap->partial); + else + result = imap_sendf(conn, "FETCH %s BODY[%s]", + imap->uid, + imap->section ? imap->section : ""); if(!result) state(conn, IMAP_FETCH); @@ -764,31 +709,61 @@ static CURLcode imap_perform_fetch(struct connectdata *conn) static CURLcode imap_perform_append(struct connectdata *conn) { CURLcode result = CURLE_OK; - struct IMAP *imap = conn->data->req.protop; + struct Curl_easy *data = conn->data; + struct IMAP *imap = data->req.protop; char *mailbox; /* Check we have a mailbox */ if(!imap->mailbox) { - failf(conn->data, "Cannot APPEND without a mailbox."); + failf(data, "Cannot APPEND without a mailbox."); return CURLE_URL_MALFORMAT; } + /* Prepare the mime data if some. */ + if(data->set.mimepost.kind != MIMEKIND_NONE) { + /* Use the whole structure as data. */ + data->set.mimepost.flags &= ~MIME_BODY_ONLY; + + /* Add external headers and mime version. */ + curl_mime_headers(&data->set.mimepost, data->set.headers, 0); + result = Curl_mime_prepare_headers(&data->set.mimepost, NULL, + NULL, MIMESTRATEGY_MAIL); + + if(!result) + if(!Curl_checkheaders(conn, "Mime-Version")) + result = Curl_mime_add_header(&data->set.mimepost.curlheaders, + "Mime-Version: 1.0"); + + /* Make sure we will read the entire mime structure. */ + if(!result) + result = Curl_mime_rewind(&data->set.mimepost); + + if(result) + return result; + + data->state.infilesize = Curl_mime_size(&data->set.mimepost); + + /* Read from mime structure. */ + data->state.fread_func = (curl_read_callback) Curl_mime_read; + data->state.in = (void *) &data->set.mimepost; + } + /* Check we know the size of the upload */ - if(conn->data->set.infilesize < 0) { - failf(conn->data, "Cannot APPEND with unknown input file size\n"); + if(data->state.infilesize < 0) { + failf(data, "Cannot APPEND with unknown input file size\n"); return CURLE_UPLOAD_FAILED; } /* Make sure the mailbox is in the correct atom format */ - mailbox = imap_atom(imap->mailbox); + mailbox = imap_atom(imap->mailbox, false); if(!mailbox) return CURLE_OUT_OF_MEMORY; /* Send the APPEND command */ - result = imap_sendf(conn, "APPEND %s (\\Seen) {%" FORMAT_OFF_T "}", - mailbox, conn->data->set.infilesize); + result = imap_sendf(conn, "APPEND %s (\\Seen) {%" CURL_FORMAT_CURL_OFF_T "}", + mailbox, data->state.infilesize); - Curl_safefree(mailbox); + free(mailbox); if(!result) state(conn, IMAP_APPEND); @@ -798,6 +773,32 @@ static CURLcode imap_perform_append(struct connectdata *conn) /*********************************************************************** * + * imap_perform_search() + * + * Sends a SEARCH command. + */ +static CURLcode imap_perform_search(struct connectdata *conn) +{ + CURLcode result = CURLE_OK; + struct IMAP *imap = conn->data->req.protop; + + /* Check we have a query string */ + if(!imap->query) { + failf(conn->data, "Cannot SEARCH without a query string."); + return CURLE_URL_MALFORMAT; + } + + /* Send the SEARCH command */ + result = imap_sendf(conn, "SEARCH %s", imap->query); + + if(!result) + state(conn, IMAP_SEARCH); + + return result; +} + +/*********************************************************************** + * * imap_perform_logout() * * Performs the logout action prior to sclose() being called. @@ -820,19 +821,21 @@ static CURLcode imap_state_servergreet_resp(struct connectdata *conn, int imapcode, imapstate instate) { - CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; - + struct Curl_easy *data = conn->data; (void)instate; /* no use for this yet */ - if(imapcode != 'O') { + if(imapcode == IMAP_RESP_PREAUTH) { + /* PREAUTH */ + struct imap_conn *imapc = &conn->proto.imapc; + imapc->preauth = TRUE; + infof(data, "PREAUTH connection, already authenticated!\n"); + } + else if(imapcode != IMAP_RESP_OK) { failf(data, "Got unexpected imap-server response"); - result = CURLE_FTP_WEIRD_SERVER_REPLY; /* TODO: fix this code */ + return CURLE_WEIRD_SERVER_REPLY; } - else - result = imap_perform_capability(conn); - return result; + return imap_perform_capability(conn); } /* For CAPABILITY responses */ @@ -841,7 +844,7 @@ static CURLcode imap_state_capability_resp(struct connectdata *conn, imapstate instate) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct imap_conn *imapc = &conn->proto.imapc; const char *line = data->state.buffer; size_t wordlen; @@ -884,32 +887,22 @@ static CURLcode imap_state_capability_resp(struct connectdata *conn, /* Do we have a SASL based authentication mechanism? */ else if(wordlen > 5 && !memcmp(line, "AUTH=", 5)) { + size_t llen; + unsigned int mechbit; + line += 5; wordlen -= 5; /* Test the word for a matching authentication mechanism */ - if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_LOGIN)) - imapc->authmechs |= SASL_MECH_LOGIN; - else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_PLAIN)) - imapc->authmechs |= SASL_MECH_PLAIN; - else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_CRAM_MD5)) - imapc->authmechs |= SASL_MECH_CRAM_MD5; - else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_DIGEST_MD5)) - imapc->authmechs |= SASL_MECH_DIGEST_MD5; - else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_GSSAPI)) - imapc->authmechs |= SASL_MECH_GSSAPI; - else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_EXTERNAL)) - imapc->authmechs |= SASL_MECH_EXTERNAL; - else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_NTLM)) - imapc->authmechs |= SASL_MECH_NTLM; - else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_XOAUTH2)) - imapc->authmechs |= SASL_MECH_XOAUTH2; + mechbit = Curl_sasl_decode_mech(line, wordlen, &llen); + if(mechbit && llen == wordlen) + imapc->sasl.authmechs |= mechbit; } line += wordlen; } } - else if(imapcode == 'O') { + else if(imapcode == IMAP_RESP_OK) { if(data->set.use_ssl && !conn->ssl[FIRSTSOCKET].use) { /* We don't have a SSL/TLS connection yet, but SSL is requested */ if(imapc->tls_supported) @@ -917,17 +910,17 @@ static CURLcode imap_state_capability_resp(struct connectdata *conn, result = imap_perform_starttls(conn); else if(data->set.use_ssl == CURLUSESSL_TRY) /* Fallback and carry on with authentication */ - result = imap_perform_authenticate(conn); + result = imap_perform_authentication(conn); else { failf(data, "STARTTLS not supported."); result = CURLE_USE_SSL_FAILED; } } else - result = imap_perform_authenticate(conn); + result = imap_perform_authentication(conn); } else - result = imap_perform_login(conn); + result = imap_perform_authentication(conn); return result; } @@ -938,17 +931,17 @@ static CURLcode imap_state_starttls_resp(struct connectdata *conn, imapstate instate) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; (void)instate; /* no use for this yet */ - if(imapcode != 'O') { + if(imapcode != IMAP_RESP_OK) { if(data->set.use_ssl != CURLUSESSL_TRY) { - failf(data, "STARTTLS denied. %c", imapcode); + failf(data, "STARTTLS denied"); result = CURLE_USE_SSL_FAILED; } else - result = imap_perform_authenticate(conn); + result = imap_perform_authentication(conn); } else result = imap_perform_upgrade_tls(conn); @@ -956,374 +949,36 @@ static CURLcode imap_state_starttls_resp(struct connectdata *conn, return result; } -/* For AUTHENTICATE PLAIN (without initial response) responses */ -static CURLcode imap_state_auth_plain_resp(struct connectdata *conn, - int imapcode, - imapstate instate) -{ - CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; - size_t len = 0; - char *plainauth = NULL; - - (void)instate; /* no use for this yet */ - - if(imapcode != '+') { - failf(data, "Access denied. %c", imapcode); - result = CURLE_LOGIN_DENIED; - } - else { - /* Create the authorisation message */ - result = Curl_sasl_create_plain_message(data, conn->user, conn->passwd, - &plainauth, &len); - - /* Send the message */ - if(!result) { - if(plainauth) { - result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", plainauth); - - if(!result) - state(conn, IMAP_AUTHENTICATE_FINAL); - } - - Curl_safefree(plainauth); - } - } - - return result; -} - -/* For AUTHENTICATE LOGIN (without initial response) responses */ -static CURLcode imap_state_auth_login_resp(struct connectdata *conn, - int imapcode, - imapstate instate) -{ - CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; - size_t len = 0; - char *authuser = NULL; - - (void)instate; /* no use for this yet */ - - if(imapcode != '+') { - failf(data, "Access denied: %d", imapcode); - result = CURLE_LOGIN_DENIED; - } - else { - /* Create the user message */ - result = Curl_sasl_create_login_message(data, conn->user, - &authuser, &len); - - /* Send the user */ - if(!result) { - if(authuser) { - result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", authuser); - - if(!result) - state(conn, IMAP_AUTHENTICATE_LOGIN_PASSWD); - } - - Curl_safefree(authuser); - } - } - - return result; -} - -/* For AUTHENTICATE LOGIN user entry responses */ -static CURLcode imap_state_auth_login_password_resp(struct connectdata *conn, - int imapcode, - imapstate instate) -{ - CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; - size_t len = 0; - char *authpasswd = NULL; - - (void)instate; /* no use for this yet */ - - if(imapcode != '+') { - failf(data, "Access denied: %d", imapcode); - result = CURLE_LOGIN_DENIED; - } - else { - /* Create the password message */ - result = Curl_sasl_create_login_message(data, conn->passwd, - &authpasswd, &len); - - /* Send the password */ - if(!result) { - if(authpasswd) { - result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", authpasswd); - - if(!result) - state(conn, IMAP_AUTHENTICATE_FINAL); - } - - Curl_safefree(authpasswd); - } - } - - return result; -} - -#ifndef CURL_DISABLE_CRYPTO_AUTH -/* For AUTHENTICATE CRAM-MD5 responses */ -static CURLcode imap_state_auth_cram_resp(struct connectdata *conn, - int imapcode, - imapstate instate) -{ - CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; - char *chlg64 = data->state.buffer; - size_t len = 0; - char *rplyb64 = NULL; - - (void)instate; /* no use for this yet */ - - if(imapcode != '+') { - failf(data, "Access denied: %d", imapcode); - return CURLE_LOGIN_DENIED; - } - - /* Get the challenge */ - for(chlg64 += 2; *chlg64 == ' ' || *chlg64 == '\t'; chlg64++) - ; - - /* Terminate the challenge */ - if(*chlg64 != '=') { - for(len = strlen(chlg64); len--;) - if(chlg64[len] != '\r' && chlg64[len] != '\n' && chlg64[len] != ' ' && - chlg64[len] != '\t') - break; - - if(++len) { - chlg64[len] = '\0'; - } - } - - /* Create the response message */ - result = Curl_sasl_create_cram_md5_message(data, chlg64, conn->user, - conn->passwd, &rplyb64, &len); - - /* Send the response */ - if(!result) { - if(rplyb64) { - result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", rplyb64); - - if(!result) - state(conn, IMAP_AUTHENTICATE_FINAL); - } - - Curl_safefree(rplyb64); - } - - return result; -} - -/* For AUTHENTICATE DIGEST-MD5 challenge responses */ -static CURLcode imap_state_auth_digest_resp(struct connectdata *conn, - int imapcode, - imapstate instate) -{ - CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; - char *chlg64 = data->state.buffer; - size_t len = 0; - char *rplyb64 = NULL; - - (void)instate; /* no use for this yet */ - - if(imapcode != '+') { - failf(data, "Access denied: %d", imapcode); - return CURLE_LOGIN_DENIED; - } - - /* Get the challenge */ - for(chlg64 += 2; *chlg64 == ' ' || *chlg64 == '\t'; chlg64++) - ; - - /* Create the response message */ - result = Curl_sasl_create_digest_md5_message(data, chlg64, conn->user, - conn->passwd, "imap", - &rplyb64, &len); - - /* Send the response */ - if(!result) { - if(rplyb64) { - result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", rplyb64); - - if(!result) - state(conn, IMAP_AUTHENTICATE_DIGESTMD5_RESP); - } - - Curl_safefree(rplyb64); - } - - return result; -} - -/* For AUTHENTICATE DIGEST-MD5 challenge-response responses */ -static CURLcode imap_state_auth_digest_resp_resp(struct connectdata *conn, - int imapcode, - imapstate instate) -{ - CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; - - (void)instate; /* no use for this yet */ - - if(imapcode != '+') { - failf(data, "Authentication failed: %d", imapcode); - result = CURLE_LOGIN_DENIED; - } - else { - /* Send an empty response */ - result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", ""); - - if(!result) - state(conn, IMAP_AUTHENTICATE_FINAL); - } - - return result; -} -#endif - -#ifdef USE_NTLM -/* For AUTHENTICATE NTLM (without initial response) responses */ -static CURLcode imap_state_auth_ntlm_resp(struct connectdata *conn, - int imapcode, - imapstate instate) -{ - CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; - size_t len = 0; - char *type1msg = NULL; - - (void)instate; /* no use for this yet */ - - if(imapcode != '+') { - failf(data, "Access denied: %d", imapcode); - result = CURLE_LOGIN_DENIED; - } - else { - /* Create the type-1 message */ - result = Curl_sasl_create_ntlm_type1_message(conn->user, conn->passwd, - &conn->ntlm, - &type1msg, &len); - - /* Send the message */ - if(!result) { - if(type1msg) { - result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", type1msg); - - if(!result) - state(conn, IMAP_AUTHENTICATE_NTLM_TYPE2MSG); - } - - Curl_safefree(type1msg); - } - } - - return result; -} - -/* For NTLM type-2 responses (sent in reponse to our type-1 message) */ -static CURLcode imap_state_auth_ntlm_type2msg_resp(struct connectdata *conn, - int imapcode, - imapstate instate) -{ - CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; - size_t len = 0; - char *type3msg = NULL; - - (void)instate; /* no use for this yet */ - - if(imapcode != '+') { - failf(data, "Access denied: %d", imapcode); - result = CURLE_LOGIN_DENIED; - } - else { - /* Create the type-3 message */ - result = Curl_sasl_create_ntlm_type3_message(data, - data->state.buffer + 2, - conn->user, conn->passwd, - &conn->ntlm, - &type3msg, &len); - - /* Send the message */ - if(!result) { - if(type3msg) { - result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", type3msg); - - if(!result) - state(conn, IMAP_AUTHENTICATE_FINAL); - } - - Curl_safefree(type3msg); - } - } - - return result; -} -#endif - -/* For AUTH XOAUTH2 (without initial response) responses */ -static CURLcode imap_state_auth_xoauth2_resp(struct connectdata *conn, - int imapcode, - imapstate instate) +/* For SASL authentication responses */ +static CURLcode imap_state_auth_resp(struct connectdata *conn, + int imapcode, + imapstate instate) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; - size_t len = 0; - char *xoauth = NULL; + struct Curl_easy *data = conn->data; + struct imap_conn *imapc = &conn->proto.imapc; + saslprogress progress; (void)instate; /* no use for this yet */ - if(imapcode != '+') { - failf(data, "Access denied: %d", imapcode); - result = CURLE_LOGIN_DENIED; - } - else { - /* Create the authorisation message */ - result = Curl_sasl_create_xoauth2_message(conn->data, conn->user, - conn->xoauth2_bearer, - &xoauth, &len); - - /* Send the message */ - if(!result) { - if(xoauth) { - result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", xoauth); - - if(!result) - state(conn, IMAP_AUTHENTICATE_FINAL); + result = Curl_sasl_continue(&imapc->sasl, conn, imapcode, &progress); + if(!result) + switch(progress) { + case SASL_DONE: + state(conn, IMAP_STOP); /* Authenticated */ + break; + case SASL_IDLE: /* No mechanism left after cancellation */ + if((!imapc->login_disabled) && (imapc->preftype & IMAP_TYPE_CLEARTEXT)) + /* Perform clear text authentication */ + result = imap_perform_login(conn); + else { + failf(data, "Authentication cancelled"); + result = CURLE_LOGIN_DENIED; } - - Curl_safefree(xoauth); + break; + default: + break; } - } - - return result; -} - -/* For final responses to the AUTHENTICATE sequence */ -static CURLcode imap_state_auth_final_resp(struct connectdata *conn, - int imapcode, - imapstate instate) -{ - CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; - - (void)instate; /* no use for this yet */ - - if(imapcode != 'O') { - failf(data, "Authentication failed: %d", imapcode); - result = CURLE_LOGIN_DENIED; - } - else - /* End of connect phase */ - state(conn, IMAP_STOP); return result; } @@ -1334,11 +989,11 @@ static CURLcode imap_state_login_resp(struct connectdata *conn, imapstate instate) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; (void)instate; /* no use for this yet */ - if(imapcode != 'O') { + if(imapcode != IMAP_RESP_OK) { failf(data, "Access denied. %c", imapcode); result = CURLE_LOGIN_DENIED; } @@ -1349,9 +1004,10 @@ static CURLcode imap_state_login_resp(struct connectdata *conn, return result; } -/* For LIST responses */ -static CURLcode imap_state_list_resp(struct connectdata *conn, int imapcode, - imapstate instate) +/* For LIST and SEARCH responses */ +static CURLcode imap_state_listsearch_resp(struct connectdata *conn, + int imapcode, + imapstate instate) { CURLcode result = CURLE_OK; char *line = conn->data->state.buffer; @@ -1365,7 +1021,7 @@ static CURLcode imap_state_list_resp(struct connectdata *conn, int imapcode, result = Curl_client_write(conn, CLIENTWRITE_BODY, line, len + 1); line[len] = '\0'; } - else if(imapcode != 'O') + else if(imapcode != IMAP_RESP_OK) result = CURLE_QUOTE_ERROR; /* TODO: Fix error code */ else /* End of DO phase */ @@ -1379,7 +1035,7 @@ static CURLcode imap_state_select_resp(struct connectdata *conn, int imapcode, imapstate instate) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct IMAP *imap = conn->data->req.protop; struct imap_conn *imapc = &conn->proto.imapc; const char *line = data->state.buffer; @@ -1394,10 +1050,10 @@ static CURLcode imap_state_select_resp(struct connectdata *conn, int imapcode, imapc->mailbox_uidvalidity = strdup(tmp); } } - else if(imapcode == 'O') { + else if(imapcode == IMAP_RESP_OK) { /* Check if the UIDVALIDITY has been specified and matches */ if(imap->uidvalidity && imapc->mailbox_uidvalidity && - strcmp(imap->uidvalidity, imapc->mailbox_uidvalidity)) { + !strcasecompare(imap->uidvalidity, imapc->mailbox_uidvalidity)) { failf(conn->data, "Mailbox UIDVALIDITY has changed"); result = CURLE_REMOTE_FILE_NOT_FOUND; } @@ -1407,6 +1063,8 @@ static CURLcode imap_state_select_resp(struct connectdata *conn, int imapcode, if(imap->custom) result = imap_perform_list(conn); + else if(imap->query) + result = imap_perform_search(conn); else result = imap_perform_fetch(conn); } @@ -1424,17 +1082,17 @@ static CURLcode imap_state_fetch_resp(struct connectdata *conn, int imapcode, imapstate instate) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct imap_conn *imapc = &conn->proto.imapc; struct pingpong *pp = &imapc->pp; const char *ptr = data->state.buffer; bool parsed = FALSE; - curl_off_t size; + curl_off_t size = 0; (void)instate; /* no use for this yet */ if(imapcode != '*') { - Curl_pgrsSetDownloadSize(data, 0); + Curl_pgrsSetDownloadSize(data, -1); state(conn, IMAP_STOP); return CURLE_REMOTE_FILE_NOT_FOUND; /* TODO: Fix error code */ } @@ -1446,14 +1104,16 @@ static CURLcode imap_state_fetch_resp(struct connectdata *conn, int imapcode, if(*ptr == '{') { char *endptr; - size = curlx_strtoofft(ptr + 1, &endptr, 10); - if(endptr - ptr > 1 && endptr[0] == '}' && - endptr[1] == '\r' && endptr[2] == '\0') - parsed = TRUE; + if(!curlx_strtoofft(ptr + 1, &endptr, 10, &size)) { + if(endptr - ptr > 1 && endptr[0] == '}' && + endptr[1] == '\r' && endptr[2] == '\0') + parsed = TRUE; + } } if(parsed) { - infof(data, "Found %" FORMAT_OFF_TU " bytes to download\n", size); + infof(data, "Found %" CURL_FORMAT_CURL_OFF_TU " bytes to download\n", + size); Curl_pgrsSetDownloadSize(data, size); if(pp->cache) { @@ -1466,13 +1126,19 @@ static CURLcode imap_state_fetch_resp(struct connectdata *conn, int imapcode, /* The conversion from curl_off_t to size_t is always fine here */ chunk = (size_t)size; + if(!chunk) { + /* no size, we're done with the data */ + state(conn, IMAP_STOP); + return CURLE_OK; + } result = Curl_client_write(conn, CLIENTWRITE_BODY, pp->cache, chunk); if(result) return result; data->req.bytecount += chunk; - infof(data, "Written %" FORMAT_OFF_TU " bytes, %" FORMAT_OFF_TU + infof(data, "Written %" CURL_FORMAT_CURL_OFF_TU + " bytes, %" CURL_FORMAT_CURL_OFF_TU " bytes are left for transfer\n", (curl_off_t)chunk, size - chunk); @@ -1503,7 +1169,7 @@ static CURLcode imap_state_fetch_resp(struct connectdata *conn, int imapcode, else { /* We don't know how to parse this line */ failf(pp->conn->data, "Failed to parse FETCH response."); - result = CURLE_FTP_WEIRD_SERVER_REPLY; /* TODO: fix this code */ + result = CURLE_WEIRD_SERVER_REPLY; } /* End of DO phase */ @@ -1521,8 +1187,8 @@ static CURLcode imap_state_fetch_final_resp(struct connectdata *conn, (void)instate; /* No use for this yet */ - if(imapcode != 'O') - result = CURLE_FTP_WEIRD_SERVER_REPLY; /* TODO: Fix error code */ + if(imapcode != IMAP_RESP_OK) + result = CURLE_WEIRD_SERVER_REPLY; else /* End of DONE phase */ state(conn, IMAP_STOP); @@ -1535,7 +1201,7 @@ static CURLcode imap_state_append_resp(struct connectdata *conn, int imapcode, imapstate instate) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; (void)instate; /* No use for this yet */ @@ -1544,7 +1210,7 @@ static CURLcode imap_state_append_resp(struct connectdata *conn, int imapcode, } else { /* Set the progress upload size */ - Curl_pgrsSetUploadSize(data, data->set.infilesize); + Curl_pgrsSetUploadSize(data, data->state.infilesize); /* IMAP upload */ Curl_setup_transfer(conn, -1, -1, FALSE, NULL, FIRSTSOCKET, NULL); @@ -1565,7 +1231,7 @@ static CURLcode imap_state_append_final_resp(struct connectdata *conn, (void)instate; /* No use for this yet */ - if(imapcode != 'O') + if(imapcode != IMAP_RESP_OK) result = CURLE_UPLOAD_FAILED; else /* End of DONE phase */ @@ -1599,7 +1265,7 @@ static CURLcode imap_statemach_act(struct connectdata *conn) /* Was there an error parsing the response line? */ if(imapcode == -1) - return CURLE_FTP_WEIRD_SERVER_REPLY; + return CURLE_WEIRD_SERVER_REPLY; if(!imapcode) break; @@ -1618,50 +1284,8 @@ static CURLcode imap_statemach_act(struct connectdata *conn) result = imap_state_starttls_resp(conn, imapcode, imapc->state); break; - case IMAP_AUTHENTICATE_PLAIN: - result = imap_state_auth_plain_resp(conn, imapcode, imapc->state); - break; - - case IMAP_AUTHENTICATE_LOGIN: - result = imap_state_auth_login_resp(conn, imapcode, imapc->state); - break; - - case IMAP_AUTHENTICATE_LOGIN_PASSWD: - result = imap_state_auth_login_password_resp(conn, imapcode, - imapc->state); - break; - -#ifndef CURL_DISABLE_CRYPTO_AUTH - case IMAP_AUTHENTICATE_CRAMMD5: - result = imap_state_auth_cram_resp(conn, imapcode, imapc->state); - break; - - case IMAP_AUTHENTICATE_DIGESTMD5: - result = imap_state_auth_digest_resp(conn, imapcode, imapc->state); - break; - - case IMAP_AUTHENTICATE_DIGESTMD5_RESP: - result = imap_state_auth_digest_resp_resp(conn, imapcode, imapc->state); - break; -#endif - -#ifdef USE_NTLM - case IMAP_AUTHENTICATE_NTLM: - result = imap_state_auth_ntlm_resp(conn, imapcode, imapc->state); - break; - - case IMAP_AUTHENTICATE_NTLM_TYPE2MSG: - result = imap_state_auth_ntlm_type2msg_resp(conn, imapcode, - imapc->state); - break; -#endif - - case IMAP_AUTHENTICATE_XOAUTH2: - result = imap_state_auth_xoauth2_resp(conn, imapcode, imapc->state); - break; - - case IMAP_AUTHENTICATE_FINAL: - result = imap_state_auth_final_resp(conn, imapcode, imapc->state); + case IMAP_AUTHENTICATE: + result = imap_state_auth_resp(conn, imapcode, imapc->state); break; case IMAP_LOGIN: @@ -1669,7 +1293,7 @@ static CURLcode imap_statemach_act(struct connectdata *conn) break; case IMAP_LIST: - result = imap_state_list_resp(conn, imapcode, imapc->state); + result = imap_state_listsearch_resp(conn, imapcode, imapc->state); break; case IMAP_SELECT: @@ -1692,6 +1316,10 @@ static CURLcode imap_statemach_act(struct connectdata *conn) result = imap_state_append_final_resp(conn, imapcode, imapc->state); break; + case IMAP_SEARCH: + result = imap_state_listsearch_resp(conn, imapcode, imapc->state); + break; + case IMAP_LOGOUT: /* fallthrough, just stop! */ default: @@ -1733,12 +1361,12 @@ static CURLcode imap_block_statemach(struct connectdata *conn) return result; } -/* Allocate and initialize the struct IMAP for the current SessionHandle if +/* Allocate and initialize the struct IMAP for the current Curl_easy if required */ static CURLcode imap_init(struct connectdata *conn) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct IMAP *imap; imap = data->req.protop = calloc(sizeof(struct IMAP), 1); @@ -1774,7 +1402,7 @@ static CURLcode imap_connect(struct connectdata *conn, bool *done) *done = FALSE; /* default to not done yet */ /* We always support persistent connections in IMAP */ - conn->bits.close = FALSE; + connkeep(conn, "IMAP default"); /* Set the default response time-out */ pp->response_time = RESP_TIMEOUT; @@ -1782,8 +1410,9 @@ static CURLcode imap_connect(struct connectdata *conn, bool *done) pp->endofresp = imap_endofresp; pp->conn = conn; - /* Set the default preferred authentication mechanism */ - imapc->prefmech = SASL_AUTH_ANY; + /* Set the default preferred authentication type and mechanism */ + imapc->preftype = IMAP_TYPE_ANY; + Curl_sasl_init(&imapc->sasl, &saslimap); /* Initialise the pingpong layer */ Curl_pp_init(pp); @@ -1817,26 +1446,23 @@ static CURLcode imap_done(struct connectdata *conn, CURLcode status, bool premature) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct IMAP *imap = data->req.protop; (void)premature; if(!imap) - /* When the easy handle is removed from the multi interface while libcurl - is still trying to resolve the host name, the IMAP struct is not yet - initialized. However, the removal action calls Curl_done() which in - turn calls this function, so we simply return success. */ return CURLE_OK; if(status) { - conn->bits.close = TRUE; /* marked for closure */ + connclose(conn, "IMAP done with bad status"); /* marked for closure */ result = status; /* use the already set error code */ } else if(!data->set.connect_only && !imap->custom && - (imap->uid || data->set.upload)) { + (imap->uid || data->set.upload || + data->set.mimepost.kind != MIMEKIND_NONE)) { /* Handle responses after FETCH or APPEND transfer has finished */ - if(!data->set.upload) + if(!data->set.upload && data->set.mimepost.kind == MIMEKIND_NONE) state(conn, IMAP_FETCH_FINAL); else { /* End the APPEND command first by sending an empty line */ @@ -1849,8 +1475,7 @@ static CURLcode imap_done(struct connectdata *conn, CURLcode status, TODO: when the multi interface is used, this _really_ should be using the imap_multi_statemach function but we have no general support for - non-blocking DONE operations, not in the multi state machine and with - Curl_done() invokes on several places in the code! + non-blocking DONE operations! */ if(!result) result = imap_block_statemach(conn); @@ -1861,6 +1486,8 @@ static CURLcode imap_done(struct connectdata *conn, CURLcode status, Curl_safefree(imap->uidvalidity); Curl_safefree(imap->uid); Curl_safefree(imap->section); + Curl_safefree(imap->partial); + Curl_safefree(imap->query); Curl_safefree(imap->custom); Curl_safefree(imap->custom_params); @@ -1882,7 +1509,7 @@ static CURLcode imap_perform(struct connectdata *conn, bool *connected, { /* This is IMAP and no proxy */ CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct IMAP *imap = data->req.protop; struct imap_conn *imapc = &conn->proto.imapc; bool selected = FALSE; @@ -1899,13 +1526,13 @@ static CURLcode imap_perform(struct connectdata *conn, bool *connected, /* Determine if the requested mailbox (with the same UIDVALIDITY if set) has already been selected on this connection */ if(imap->mailbox && imapc->mailbox && - !strcmp(imap->mailbox, imapc->mailbox) && + strcasecompare(imap->mailbox, imapc->mailbox) && (!imap->uidvalidity || !imapc->mailbox_uidvalidity || - !strcmp(imap->uidvalidity, imapc->mailbox_uidvalidity))) + strcasecompare(imap->uidvalidity, imapc->mailbox_uidvalidity))) selected = TRUE; /* Start the first command in the DO phase */ - if(conn->data->set.upload) + if(conn->data->set.upload || data->set.mimepost.kind != MIMEKIND_NONE) /* APPEND can be executed directly */ result = imap_perform_append(conn); else if(imap->custom && (selected || !imap->mailbox)) @@ -1914,7 +1541,11 @@ static CURLcode imap_perform(struct connectdata *conn, bool *connected, else if(!imap->custom && selected && imap->uid) /* FETCH from the same mailbox */ result = imap_perform_fetch(conn); - else if(imap->mailbox && !selected && (imap->custom || imap->uid)) + else if(!imap->custom && selected && imap->query) + /* SEARCH the current mailbox */ + result = imap_perform_search(conn); + else if(imap->mailbox && !selected && + (imap->custom || imap->uid || imap->query)) /* SELECT the mailbox */ result = imap_perform_select(conn); else @@ -1982,7 +1613,7 @@ static CURLcode imap_disconnect(struct connectdata *conn, bool dead_connection) /* The IMAP session may or may not have been allocated/setup at this point! */ - if(!dead_connection && imapc->pp.conn) + if(!dead_connection && imapc->pp.conn && imapc->pp.conn->bits.protoconnstart) if(!imap_perform_logout(conn)) (void)imap_block_statemach(conn); /* ignore errors on LOGOUT */ @@ -1990,7 +1621,7 @@ static CURLcode imap_disconnect(struct connectdata *conn, bool dead_connection) Curl_pp_disconnect(&imapc->pp); /* Cleanup the SASL module */ - Curl_sasl_cleanup(conn, imapc->authused); + Curl_sasl_cleanup(conn, imapc->sasl.authused); /* Cleanup our connection based variables */ Curl_safefree(imapc->mailbox); @@ -2043,7 +1674,7 @@ static CURLcode imap_regular_transfer(struct connectdata *conn, { CURLcode result = CURLE_OK; bool connected = FALSE; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; /* Make sure size is unknown at this point */ data->req.size = -1; @@ -2051,8 +1682,8 @@ static CURLcode imap_regular_transfer(struct connectdata *conn, /* Set the progress data */ Curl_pgrsSetUploadCounter(data, 0); Curl_pgrsSetDownloadCounter(data, 0); - Curl_pgrsSetUploadSize(data, 0); - Curl_pgrsSetDownloadSize(data, 0); + Curl_pgrsSetUploadSize(data, -1); + Curl_pgrsSetDownloadSize(data, -1); /* Carry out the perform */ result = imap_perform(conn, &connected, dophase_done); @@ -2066,36 +1697,15 @@ static CURLcode imap_regular_transfer(struct connectdata *conn, static CURLcode imap_setup_connection(struct connectdata *conn) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; /* Initialise the IMAP layer */ CURLcode result = imap_init(conn); if(result) return result; - if(conn->bits.httpproxy && !data->set.tunnel_thru_httpproxy) { - /* Unless we have asked to tunnel IMAP operations through the proxy, we - switch and use HTTP operations only */ -#ifndef CURL_DISABLE_HTTP - if(conn->handler == &Curl_handler_imap) - conn->handler = &Curl_handler_imap_proxy; - else { -#ifdef USE_SSL - conn->handler = &Curl_handler_imaps_proxy; -#else - failf(data, "IMAPS not supported!"); - return CURLE_UNSUPPORTED_PROTOCOL; -#endif - } - - /* set it up as an HTTP connection instead */ - return conn->handler->setup_connection(conn); -#else - failf(data, "IMAP over http proxy requires HTTP support built-in!"); - return CURLE_UNSUPPORTED_PROTOCOL; -#endif - } - + /* Clear the TLS upgraded flag */ + conn->tls_upgraded = FALSE; data->state.path++; /* don't include the initial slash */ return CURLE_OK; @@ -2105,7 +1715,7 @@ static CURLcode imap_setup_connection(struct connectdata *conn) * * imap_sendf() * - * Sends the formated string as an IMAP command to the server. + * Sends the formatted string as an IMAP command to the server. * * Designed to never block. */ @@ -2135,7 +1745,7 @@ static CURLcode imap_sendf(struct connectdata *conn, const char *fmt, ...) result = Curl_pp_vsendf(&imapc->pp, taggedfmt, ap); va_end(ap); - Curl_safefree(taggedfmt); + free(taggedfmt); return result; } @@ -2150,38 +1760,49 @@ static CURLcode imap_sendf(struct connectdata *conn, const char *fmt, ...) * The returned string needs to be freed. * */ -static char *imap_atom(const char *str) +static char *imap_atom(const char *str, bool escape_only) { + /* !checksrc! disable PARENBRACE 1 */ + const char atom_specials[] = "(){ %*]"; const char *p1; char *p2; size_t backsp_count = 0; size_t quote_count = 0; - bool space_exists = FALSE; + bool others_exists = FALSE; size_t newlen = 0; char *newstr = NULL; if(!str) return NULL; - /* Count any unescapped characters */ + /* Look for "atom-specials", counting the backslash and quote characters as + these will need escapping */ p1 = str; while(*p1) { if(*p1 == '\\') backsp_count++; else if(*p1 == '"') quote_count++; - else if(*p1 == ' ') - space_exists = TRUE; + else if(!escape_only) { + const char *p3 = atom_specials; + + while(*p3 && !others_exists) { + if(*p1 == *p3) + others_exists = TRUE; + + p3++; + } + } p1++; } - /* Does the input contain any unescapped characters? */ - if(!backsp_count && !quote_count && !space_exists) + /* Does the input contain any "atom-special" characters? */ + if(!backsp_count && !quote_count && !others_exists) return strdup(str); /* Calculate the new string length */ - newlen = strlen(str) + backsp_count + quote_count + (space_exists ? 2 : 0); + newlen = strlen(str) + backsp_count + quote_count + (escape_only ? 0 : 2); /* Allocate the new string */ newstr = (char *) malloc((newlen + 1) * sizeof(char)); @@ -2190,7 +1811,7 @@ static char *imap_atom(const char *str) /* Surround the string in quotes if necessary */ p2 = newstr; - if(space_exists) { + if(!escape_only) { newstr[0] = '"'; newstr[newlen - 1] = '"'; p2++; @@ -2264,39 +1885,42 @@ static CURLcode imap_parse_url_options(struct connectdata *conn) { CURLcode result = CURLE_OK; struct imap_conn *imapc = &conn->proto.imapc; - const char *options = conn->options; - const char *ptr = options; + const char *ptr = conn->options; - if(options) { + imapc->sasl.resetprefs = TRUE; + + while(!result && ptr && *ptr) { const char *key = ptr; + const char *value; while(*ptr && *ptr != '=') ptr++; - if(strnequal(key, "AUTH", 4)) { - const char *value = ptr + 1; - - if(strequal(value, "*")) - imapc->prefmech = SASL_AUTH_ANY; - else if(strequal(value, SASL_MECH_STRING_LOGIN)) - imapc->prefmech = SASL_MECH_LOGIN; - else if(strequal(value, SASL_MECH_STRING_PLAIN)) - imapc->prefmech = SASL_MECH_PLAIN; - else if(strequal(value, SASL_MECH_STRING_CRAM_MD5)) - imapc->prefmech = SASL_MECH_CRAM_MD5; - else if(strequal(value, SASL_MECH_STRING_DIGEST_MD5)) - imapc->prefmech = SASL_MECH_DIGEST_MD5; - else if(strequal(value, SASL_MECH_STRING_GSSAPI)) - imapc->prefmech = SASL_MECH_GSSAPI; - else if(strequal(value, SASL_MECH_STRING_NTLM)) - imapc->prefmech = SASL_MECH_NTLM; - else if(strequal(value, SASL_MECH_STRING_XOAUTH2)) - imapc->prefmech = SASL_MECH_XOAUTH2; - else - imapc->prefmech = SASL_AUTH_NONE; - } + value = ptr + 1; + + while(*ptr && *ptr != ';') + ptr++; + + if(strncasecompare(key, "AUTH=", 5)) + result = Curl_sasl_parse_url_auth_option(&imapc->sasl, + value, ptr - value); else result = CURLE_URL_MALFORMAT; + + if(*ptr == ';') + ptr++; + } + + switch(imapc->sasl.prefmech) { + case SASL_AUTH_NONE: + imapc->preftype = IMAP_TYPE_NONE; + break; + case SASL_AUTH_DEFAULT: + imapc->preftype = IMAP_TYPE_ANY; + break; + default: + imapc->preftype = IMAP_TYPE_SASL; + break; } return result; @@ -2313,7 +1937,7 @@ static CURLcode imap_parse_url_path(struct connectdata *conn) { /* The imap struct is already initialised in imap_connect() */ CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct IMAP *imap = data->req.protop; const char *begin = data->state.path; const char *ptr = begin; @@ -2363,46 +1987,68 @@ static CURLcode imap_parse_url_path(struct connectdata *conn) /* Decode the value parameter */ result = Curl_urldecode(data, begin, ptr - begin, &value, &valuelen, TRUE); if(result) { - Curl_safefree(name); + free(name); return result; } DEBUGF(infof(conn->data, "IMAP URL parameter '%s' = '%s'\n", name, value)); - /* Process the known hierarchical parameters (UIDVALIDITY, UID and SECTION) - stripping of the trailing slash character if it is present. + /* Process the known hierarchical parameters (UIDVALIDITY, UID, SECTION and + PARTIAL) stripping of the trailing slash character if it is present. Note: Unknown parameters trigger a URL_MALFORMAT error. */ - if(Curl_raw_equal(name, "UIDVALIDITY") && !imap->uidvalidity) { + if(strcasecompare(name, "UIDVALIDITY") && !imap->uidvalidity) { if(valuelen > 0 && value[valuelen - 1] == '/') value[valuelen - 1] = '\0'; imap->uidvalidity = value; value = NULL; } - else if(Curl_raw_equal(name, "UID") && !imap->uid) { + else if(strcasecompare(name, "UID") && !imap->uid) { if(valuelen > 0 && value[valuelen - 1] == '/') value[valuelen - 1] = '\0'; imap->uid = value; value = NULL; } - else if(Curl_raw_equal(name, "SECTION") && !imap->section) { + else if(strcasecompare(name, "SECTION") && !imap->section) { if(valuelen > 0 && value[valuelen - 1] == '/') value[valuelen - 1] = '\0'; imap->section = value; value = NULL; } + else if(strcasecompare(name, "PARTIAL") && !imap->partial) { + if(valuelen > 0 && value[valuelen - 1] == '/') + value[valuelen - 1] = '\0'; + + imap->partial = value; + value = NULL; + } else { - Curl_safefree(name); - Curl_safefree(value); + free(name); + free(value); return CURLE_URL_MALFORMAT; } - Curl_safefree(name); - Curl_safefree(value); + free(name); + free(value); + } + + /* Does the URL contain a query parameter? Only valid when we have a mailbox + and no UID as per RFC-5092 */ + if(imap->mailbox && !imap->uid && *ptr == '?') { + /* Find the length of the query parameter */ + begin = ++ptr; + while(imap_is_bchar(*ptr)) + ptr++; + + /* Decode the query parameter */ + result = Curl_urldecode(data, begin, ptr - begin, &imap->query, NULL, + TRUE); + if(result) + return result; } /* Any extra stuff at the end of the URL is an error */ @@ -2421,7 +2067,7 @@ static CURLcode imap_parse_url_path(struct connectdata *conn) static CURLcode imap_parse_custom_request(struct connectdata *conn) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct IMAP *imap = data->req.protop; const char *custom = data->set.str[STRING_CUSTOMREQUEST]; |