#include "config.h"
#include <stdio.h>
#include <string.h>
+#include <strings.h>
#include <ctype.h>
#if defined(STDC_HEADERS)
#include <stdlib.h>
return(PS_SUCCESS);
}
-static int imap_response(int sock, char *argbuf)
+static int imap_response(int sock, char *argbuf, struct RecvSplit *rs)
/* parse command response */
{
char buf[MSGBUFSIZE+1];
int ok;
char *cp;
- if ((ok = gen_recv(sock, buf, sizeof(buf))))
+ if (rs)
+ ok = gen_recv_split(sock, buf, sizeof(buf), rs);
+ else
+ ok = gen_recv(sock, buf, sizeof(buf));
+ if (ok != PS_SUCCESS)
return(ok);
/* all tokens in responses are caseblind */
{
int ok;
- while ((ok = imap_response(sock, argbuf)) == PS_UNTAGGED)
+ while ((ok = imap_response(sock, argbuf, NULL)) == PS_UNTAGGED)
; /* wait for the tagged response */
return(ok);
}
static int do_imap_ntlm(int sock, struct query *ctl)
{
- tSmbNtlmAuthRequest request;
- tSmbNtlmAuthChallenge challenge;
- tSmbNtlmAuthResponse response;
-
- char msgbuf[2048];
- int result,len;
+ int result;
gen_send(sock, "AUTHENTICATE NTLM");
- if ((result = gen_recv(sock, msgbuf, sizeof msgbuf)))
+ if ((result = ntlm_helper(sock, ctl, "IMAP")))
return result;
-
- if (msgbuf[0] != '+')
- return PS_AUTHFAIL;
-
- buildSmbNtlmAuthRequest(&request,ctl->remotename,NULL);
-
- if (outlevel >= O_DEBUG)
- dumpSmbNtlmAuthRequest(stdout, &request);
-
- memset(msgbuf,0,sizeof msgbuf);
- to64frombits (msgbuf, &request, SmbLength(&request));
-
- if (outlevel >= O_MONITOR)
- report(stdout, "IMAP> %s\n", msgbuf);
-
- strcat(msgbuf,"\r\n");
- SockWrite (sock, msgbuf, strlen (msgbuf));
-
- if ((gen_recv(sock, msgbuf, sizeof msgbuf)))
- return result;
-
- len = from64tobits (&challenge, msgbuf, sizeof(challenge));
-
- if (outlevel >= O_DEBUG)
- dumpSmbNtlmAuthChallenge(stdout, &challenge);
-
- buildSmbNtlmAuthResponse(&challenge, &response,ctl->remotename,ctl->password);
-
- if (outlevel >= O_DEBUG)
- dumpSmbNtlmAuthResponse(stdout, &response);
-
- memset(msgbuf,0,sizeof msgbuf);
- to64frombits (msgbuf, &response, SmbLength(&response));
-
- if (outlevel >= O_MONITOR)
- report(stdout, "IMAP> %s\n", msgbuf);
-
- strcat(msgbuf,"\r\n");
- SockWrite (sock, msgbuf, strlen (msgbuf));
-
+
result = imap_ok (sock, NULL);
if (result == PS_SUCCESS)
return PS_SUCCESS;
result[j] = '\0';
}
-static void capa_probe(int sock, struct query *ctl)
+static int capa_probe(int sock, struct query *ctl)
/* set capability variables from a CAPA probe */
{
int ok;
if (outlevel >= O_DEBUG)
report(stdout, GT_("Protocol identified as IMAP2 or IMAP2BIS\n"));
}
+ else
+ return ok;
/*
* Handle idling. We depend on coming through here on startup
}
peek_capable = (imap_version >= IMAP4);
+
+ return PS_SUCCESS;
}
-static int do_authcert (int sock, char *command, const char *name)
+static int do_authcert (int sock, const char *command, const char *name)
/* do authentication "external" (authentication provided by client cert) */
{
char buf[256];
/* apply for connection authorization */
{
int ok = 0;
-#ifdef SSL_ENABLE
- int got_tls = 0;
-#endif
(void)greeting;
/*
else
expunge_period = 1;
- capa_probe(sock, ctl);
+ if ((ok = capa_probe(sock, ctl)))
+ return ok;
/*
* If either (a) we saw a PREAUTH token in the greeting, or
if (ctl->sslcommonname)
commonname = ctl->sslcommonname;
- if (strstr(capabilities, "STARTTLS"))
+ if (strstr(capabilities, "STARTTLS")
+ || must_tls(ctl)) /* if TLS is mandatory, ignore capabilities */
{
/* Use "tls1" rather than ctl->sslproto because tls1 is the only
* protocol that will work with STARTTLS. Don't need to worry
* whether TLS is mandatory or opportunistic unless SSLOpen() fails
* (see below). */
if (gen_transact(sock, "STARTTLS") == PS_SUCCESS
- && SSLOpen(sock, ctl->sslcert, ctl->sslkey, "tls1", ctl->sslcertck,
- ctl->sslcertpath, ctl->sslfingerprint, commonname,
- ctl->server.pollname, &ctl->remotename) != -1)
+ && (set_timeout(mytimeout), SSLOpen(sock, ctl->sslcert, ctl->sslkey, "tls1", ctl->sslcertck,
+ ctl->sslcertfile, ctl->sslcertpath, ctl->sslfingerprint, commonname,
+ ctl->server.pollname, &ctl->remotename)) != -1)
{
/*
* RFC 2595 says this:
* Now that we're confident in our TLS connection we can
* guarantee a secure capability re-probe.
*/
- got_tls = 1;
- capa_probe(sock, ctl);
+ if ((ok = capa_probe(sock, ctl)))
+ return ok;
if (outlevel >= O_VERBOSE)
{
report(stdout, GT_("%s: upgrade to TLS succeeded.\n"), commonname);
}
- }
- }
-
- if (!got_tls) {
- if (must_tls(ctl)) {
+ } else if (must_tls(ctl)) {
/* Config required TLS but we couldn't guarantee it, so we must
* stop. */
+ set_timeout(0);
report(stderr, GT_("%s: upgrade to TLS failed.\n"), commonname);
return PS_SOCKET;
} else {
+ set_timeout(0);
if (outlevel >= O_VERBOSE) {
report(stdout, GT_("%s: opportunistic upgrade to TLS failed, trying to continue\n"), commonname);
}
}
#ifdef GSSAPI
- if ((ctl->server.authenticate == A_ANY
+ if (((ctl->server.authenticate == A_ANY && check_gss_creds("imap", ctl->server.truename) == PS_SUCCESS)
|| ctl->server.authenticate == A_GSSAPI)
&& strstr(capabilities, "AUTH=GSSAPI"))
{
if ((ok = do_gssauth(sock, "AUTHENTICATE", "imap",
ctl->server.truename, ctl->remotename)))
{
- /* SASL cancellation of authentication */
- gen_send(sock, "*");
if (ctl->server.authenticate != A_ANY)
return ok;
} else {
{
if ((ok = do_cram_md5 (sock, "AUTHENTICATE", ctl, NULL)))
{
- /* SASL cancellation of authentication */
- gen_send(sock, "*");
if(ctl->server.authenticate != A_ANY)
return ok;
}
&& strstr (capabilities, "AUTH=NTLM")) {
if ((ok = do_imap_ntlm(sock, ctl)))
{
- /* SASL cancellation of authentication */
- gen_send(sock, "*");
if(ctl->server.authenticate != A_ANY)
return ok;
}
free(remotename);
if (ok)
{
- /* SASL cancellation of authentication */
- gen_send(sock, "*");
if(ctl->server.authenticate != A_ANY)
return ok;
}
return(ok);
}
-/* maximum number of numbers we can process in "SEARCH" response */
-# define IMAP_SEARCH_MAX 1000
-
static int imap_search(int sock, struct query *ctl, int count)
/* search for unseen messages */
{
- int ok, first, last;
+ int ok;
char buf[MSGBUFSIZE+1], *cp;
/* Don't count deleted messages. Enabled only for IMAP4 servers or
flag skipdeleted = (imap_version >= IMAP4) && ctl->keep;
const char *undeleted;
- /* Skip range search if there are less than or equal to
- * IMAP_SEARCH_MAX mails. */
- flag skiprangesearch = (count <= IMAP_SEARCH_MAX);
+ /* structure to keep the end portion of the incomplete response */
+ struct RecvSplit rs;
/* startcount is higher than count so that if there are no
* unseen messages, imap_getsizes() will not need to do
* anything! */
startcount = count + 1;
- for (first = 1, last = IMAP_SEARCH_MAX; first <= count; first += IMAP_SEARCH_MAX, last += IMAP_SEARCH_MAX)
+ for (;;)
{
- if (last > count)
- last = count;
-
-restartsearch:
undeleted = (skipdeleted ? " UNDELETED" : "");
- if (skiprangesearch)
- gen_send(sock, "SEARCH UNSEEN%s", undeleted);
- else if (last == first)
- gen_send(sock, "SEARCH %d UNSEEN%s", last, undeleted);
- else
- gen_send(sock, "SEARCH %d:%d UNSEEN%s", first, last, undeleted);
- while ((ok = imap_response(sock, buf)) == PS_UNTAGGED)
+ gen_send(sock, "SEARCH UNSEEN%s", undeleted);
+ gen_recv_split_init("* SEARCH", &rs);
+ while ((ok = imap_response(sock, buf, &rs)) == PS_UNTAGGED)
{
if ((cp = strstr(buf, "* SEARCH")))
{
}
}
}
- /* if there is a protocol error on the first loop, try a
- * different search command */
- if (ok == PS_ERROR && first == 1)
+ if (ok != PS_ERROR) /* success or non-protocol error */
+ return(ok);
+
+ /* there is a protocol error. try a different search command. */
+ if (skipdeleted)
{
- if (skipdeleted)
- {
- /* retry with "SEARCH 1:1000 UNSEEN" */
- skipdeleted = FALSE;
- goto restartsearch;
- }
- if (!skiprangesearch)
- {
- /* retry with "SEARCH UNSEEN" */
- skiprangesearch = TRUE;
- goto restartsearch;
- }
- /* try with "FETCH 1:n FLAGS" */
- goto fetchflags;
+ /* retry with "SEARCH UNSEEN" */
+ skipdeleted = FALSE;
+ continue;
}
- if (ok != PS_SUCCESS)
- return(ok);
- /* loop back only when searching in range */
- if (skiprangesearch)
- break;
+ /* try with "FETCH 1:n FLAGS" */
+ break;
}
- return(PS_SUCCESS);
-fetchflags:
if (count == 1)
gen_send(sock, "FETCH %d FLAGS", count);
else
gen_send(sock, "FETCH %d:%d FLAGS", 1, count);
- while ((ok = imap_response(sock, buf)) == PS_UNTAGGED)
+ while ((ok = imap_response(sock, buf, NULL)) == PS_UNTAGGED)
{
unsigned int num;
+ int consumed;
/* expected response format:
* IMAP< * 1 FETCH (FLAGS (\Seen))
* IMAP< * 5 FETCH (UID 10 FLAGS (\Recent))
*/
if (unseen < count
- && sscanf(buf, "* %u FETCH ", &num) == 1
+ && sscanf(buf, "* %u %n", &num, &consumed) == 1
+ && 0 == strncasecmp(buf+consumed, "FETCH", 5)
+ && isspace((unsigned char)buf[consumed+5])
&& num >= 1 && num <= (unsigned)count
&& strstr(buf, "FLAGS ")
&& !strstr(buf, "\\SEEN")
gen_send(sock, "FETCH %d:%d RFC822.SIZE", first, last);
else /* no unseen messages! */
return(PS_SUCCESS);
- while ((ok = imap_response(sock, buf)) == PS_UNTAGGED)
+ while ((ok = imap_response(sock, buf, NULL)) == PS_UNTAGGED)
{
unsigned int size;
int num;
+ int consumed;
+ char *ptr;
- if (sscanf(buf, "* %d FETCH (RFC822.SIZE %u)", &num, &size) == 2
- /* some servers (like mail.internode.on.net bld-mail04) return UID information here
- *
+ /* expected response formats:
* IMAP> A0005 FETCH 1 RFC822.SIZE
+ * IMAP< * 1 FETCH (RFC822.SIZE 1187)
* IMAP< * 1 FETCH (UID 16 RFC822.SIZE 1447)
- * IMAP< A0005 OK FETCH completed
- *
*/
- || sscanf(buf, "* %d FETCH (UID %*s RFC822.SIZE %u)", &num, &size) == 2)
+ if (sscanf(buf, "* %d %n", &num, &consumed) == 1
+ && 0 == strncasecmp(buf + consumed, "FETCH", 5)
+ && isspace((unsigned char)buf[consumed + 5])
+ && (ptr = strstr(buf, "RFC822.SIZE "))
+ && sscanf(ptr, "RFC822.SIZE %u", &size) == 1)
{
if (num >= first && num <= last)
sizes[num - first] = size;
return(seen);
}
+#if 0
static char *skip_token(char *ptr)
{
while(isspace((unsigned char)*ptr)) ptr++;
while(isspace((unsigned char)*ptr)) ptr++;
return(ptr);
}
+#endif
static int imap_fetch_headers(int sock, struct query *ctl,int number,int *lenp)
/* request headers of nth message */
{
char buf [MSGBUFSIZE+1];
int num;
+ int ok;
+ char *ptr;
(void)ctl;
/* expunges change the fetch numbers */
gen_send(sock, "FETCH %d RFC822.HEADER", number);
/* looking for FETCH response */
- for (;;)
+ if ((ok = imap_response(sock, buf, NULL)) == PS_UNTAGGED)
{
- int ok;
- char *ptr;
-
- if ((ok = gen_recv(sock, buf, sizeof(buf))))
- return(ok);
- ptr = skip_token(buf); /* either "* " or "AXXXX " */
- if (sscanf(ptr, "%d FETCH (RFC822.HEADER {%d}", &num, lenp) == 2
- /* some servers (like mail.internode.on.net bld-mail04) return UID information here
- *
+ int consumed;
+ /* expected response formats:
* IMAP> A0006 FETCH 1 RFC822.HEADER
+ * IMAP< * 1 FETCH (RFC822.HEADER {1360}
* IMAP< * 1 FETCH (UID 16 RFC822.HEADER {1360}
- * ...
- * IMAP< )
- * IMAP< A0006 OK FETCH completed
- *
+ * IMAP< * 1 FETCH (UID 16 RFC822.SIZE 4029 RFC822.HEADER {1360}
*/
- || sscanf(ptr, "%d FETCH (UID %*s RFC822.HEADER {%d}", &num, lenp) == 2)
- break;
- /* try to recover from chronically fucked-up M$ Exchange servers */
- else if (!strncmp(ptr, "NO", 2))
+ if (sscanf(buf, "* %d %n", &num, &consumed) == 1
+ && 0 == strncasecmp(buf + consumed, "FETCH", 5)
+ && isspace((unsigned char)buf[5+consumed])
+ && num == number
+ && (ptr = strstr(buf, "RFC822.HEADER"))
+ && sscanf(ptr, "RFC822.HEADER {%d}%n", lenp, &consumed) == 1
+ && ptr[consumed-1] == '}')
{
- /* wait for a tagged response */
- if (strstr (buf, "* NO"))
- imap_ok (sock, 0);
- return(PS_TRANSIENT);
+ return(PS_SUCCESS);
}
- else if (!strncmp(ptr, "BAD", 3))
+
+ /* wait for a tagged response */
+ imap_ok (sock, 0);
+
+ /* try to recover for some responses */
+ if (!strncmp(buf, "* NO", 4) ||
+ !strncmp(buf, "* BAD", 5) ||
+ strstr(buf, "FETCH ()"))
{
- /* wait for a tagged response */
- if (strstr (buf, "* BAD"))
- imap_ok (sock, 0);
- return(PS_TRANSIENT);
+ return(PS_TRANSIENT);
}
- }
- if (num != number)
+ /* a response which does not match any of the above */
+ if (outlevel > O_SILENT)
+ report(stderr, GT_("Incorrect FETCH response: %s.\n"), buf);
return(PS_ERROR);
- else
- return(PS_SUCCESS);
+ }
+ else if (ok == PS_SUCCESS)
+ {
+ /* an unexpected tagged response */
+ if (outlevel > O_SILENT)
+ report(stderr, GT_("Incorrect FETCH response: %s.\n"), buf);
+ return(PS_TRANSIENT);
+ }
+ return(ok);
}
static int imap_fetch_body(int sock, struct query *ctl, int number, int *lenp)
return PS_SUCCESS;
}
+ /* Understand the empty string. Seen on Yahoo. */
+ /* XXX FIXME: we should be able to handle strings here. */
+ if (strstr(buf+10, "\"\")")) {
+ *lenp = 0;
+ return PS_SUCCESS;
+ }
+
/*
* Try to extract a length from the FETCH response. RFC2060 requires
* it to be present, but at least one IMAP server (Novell GroupWise)
/* set delete flag for given message */
{
int ok;
+ /* Select which flags to set on message deletion: */
+ const char delflags_seen[] = "\\Seen \\Deleted";
+ static const char *delflags;
+ /* Which environment variable to look for: */
+
+ /* DEFAULT since many fetchmail versions <= 6.3.X */
+ delflags = delflags_seen;
(void)ctl;
/* expunges change the fetch numbers */
* Use SILENT if possible as a minor throughput optimization.
* Note: this has been dropped from IMAP4rev1.
*
- * We set Seen because there are some IMAP servers (notably HP
- * OpenMail) that do message-receipt DSNs, but only when the seen
- * bit is set. This is the appropriate time -- we get here right
+ * We set \Seen because there are some IMAP servers (notably HP
+ * OpenMail and MS Exchange) do message-receipt DSNs,
+ * but only when the seen bit gets set.
+ * This is the appropriate time -- we get here right
* after the local SMTP response that says delivery was
* successful.
*/
if ((ok = gen_transact(sock,
imap_version == IMAP4
- ? "STORE %d +FLAGS.SILENT (\\Seen \\Deleted)"
- : "STORE %d +FLAGS (\\Seen \\Deleted)",
- number)))
+ ? "STORE %d +FLAGS.SILENT (%s)"
+ : "STORE %d +FLAGS (%s)",
+ number, delflags)))
return(ok);
else
deletions++;