#include <gtk/gtk.h>
#include <log.h>
#include "etpan-thread-manager.h"
+#include "etpan-ssl.h"
#include "utils.h"
#include "mainwindow.h"
#include "ssl.h"
struct etpan_thread * thread;
chashdatum key;
chashdatum value;
-
+ int r;
+
key.data = &folder;
key.len = sizeof(folder);
-
- chash_get(imap_hash, &key, &value);
+
+ r = chash_get(imap_hash, &key, &value);
+ if (r < 0)
+ return NULL;
+
thread = value.data;
-
+
return thread;
}
value.data = imap;
value.len = 0;
chash_set(session_hash, &key, &value, NULL);
-
+
param.imap = imap;
param.server = server;
param.port = port;
-
+
refresh_resolvers();
threaded_run(folder, ¶m, &result, connect_run);
-
+
debug_print("connect ok %i with imap %p\n", result.error, imap);
-
- return result.error;
-}
-static int etpan_certificate_check(const unsigned char *certificate, int len, void *data)
-{
-#ifdef USE_GNUTLS
- struct connect_param *param = (struct connect_param *)data;
- gnutls_x509_crt cert = NULL;
- gnutls_datum tmp;
-
- if (certificate == NULL || len < 0) {
- g_warning("no cert presented.\n");
- return 0;
- }
-
- tmp.data = malloc(len);
- memcpy(tmp.data, certificate, len);
- tmp.size = len;
- gnutls_x509_crt_init(&cert);
- if (gnutls_x509_crt_import(cert, &tmp, GNUTLS_X509_FMT_DER) < 0) {
- g_warning("IMAP: can't get cert\n");
- return 0;
- } else if (ssl_certificate_check(cert, (guint)-1, (gchar *)param->server,
- (gushort)param->port) == TRUE) {
- gnutls_x509_crt_deinit(cert);
- return 0;
- } else {
- gnutls_x509_crt_deinit(cert);
- return -1;
- }
-#endif
- return 0;
+ return result.error;
}
-
-static void connect_ssl_context_cb(struct mailstream_ssl_context * ssl_context, void * data)
-{
#ifdef USE_GNUTLS
- PrefsAccount *account = (PrefsAccount *)data;
- const gchar *cert_path = NULL;
- const gchar *password = NULL;
- gnutls_x509_crt x509 = NULL;
- gnutls_x509_privkey pkey = NULL;
-
- if (account->in_ssl_client_cert_file && *account->in_ssl_client_cert_file)
- cert_path = account->in_ssl_client_cert_file;
- if (account->in_ssl_client_cert_pass && *account->in_ssl_client_cert_pass)
- password = account->in_ssl_client_cert_pass;
-
- if (mailstream_ssl_set_client_certificate_data(ssl_context, NULL, 0) < 0 ||
- mailstream_ssl_set_client_private_key_data(ssl_context, NULL, 0) < 0)
- debug_print("Impossible to set the client certificate.\n");
- x509 = ssl_certificate_get_x509_from_pem_file(cert_path);
- pkey = ssl_certificate_get_pkey_from_pem_file(cert_path);
- if (!(x509 && pkey)) {
- /* try pkcs12 format */
- ssl_certificate_get_x509_and_pkey_from_p12_file(cert_path, password, &x509, &pkey);
- }
- if (x509 && pkey) {
- unsigned char *x509_der = NULL, *pkey_der = NULL;
- size_t x509_len, pkey_len;
-
- x509_len = (size_t)gnutls_i2d_X509(x509, &x509_der);
- pkey_len = (size_t)gnutls_i2d_PrivateKey(pkey, &pkey_der);
- if (x509_len > 0 && pkey_len > 0) {
- if (mailstream_ssl_set_client_certificate_data(ssl_context, x509_der, x509_len) < 0 ||
- mailstream_ssl_set_client_private_key_data(ssl_context, pkey_der, pkey_len) < 0)
- log_error(LOG_PROTOCOL, _("Impossible to set the client certificate.\n"));
- g_free(x509_der);
- g_free(pkey_der);
- }
- gnutls_x509_crt_deinit(x509);
- gnutls_x509_privkey_deinit(pkey);
- }
-#endif
-}
-
static void connect_ssl_run(struct etpan_thread_op * op)
{
int r;
r = mailimap_ssl_connect_with_callback(param->imap,
param->server, param->port,
- connect_ssl_context_cb, param->account);
+ etpan_connect_ssl_context_cb, param->account);
result->error = r;
}
chashdatum key;
chashdatum value;
mailimap * imap, * oldimap;
- unsigned char *certificate = NULL;
- int cert_len;
-
+ gboolean accept_if_valid = FALSE;
+
oldimap = get_imap(folder);
imap = mailimap_new(0, NULL);
-
+
if (oldimap) {
debug_print("deleting old imap %p\n", oldimap);
delete_imap(folder, oldimap);
value.data = imap;
value.len = 0;
chash_set(session_hash, &key, &value, NULL);
-
+
param.imap = imap;
param.server = server;
param.port = port;
param.account = folder->account;
+ if (folder->account)
+ accept_if_valid = folder->account->ssl_certs_auto_accept;
+
refresh_resolvers();
threaded_run(folder, ¶m, &result, connect_ssl_run);
if ((result.error == MAILIMAP_NO_ERROR_AUTHENTICATED ||
result.error == MAILIMAP_NO_ERROR_NON_AUTHENTICATED) && !etpan_skip_ssl_cert_check) {
- cert_len = (int)mailstream_ssl_get_certificate(imap->imap_stream, &certificate);
- if (etpan_certificate_check(certificate, cert_len, ¶m) < 0)
- return -1;
- if (certificate)
- free(certificate);
+ if (etpan_certificate_check(imap->imap_stream, server, port,
+ accept_if_valid) != TRUE)
+ result.error = MAILIMAP_ERROR_SSL;
}
debug_print("connect %d with imap %p\n", result.error, imap);
-
+
return result.error;
}
-
+#endif
struct capa_param {
mailimap * imap;
};
}
-struct mailimap_capability_data * imap_threaded_capability(Folder *folder, int *ok)
+int imap_threaded_capability(Folder *folder, struct mailimap_capability_data ** caps)
{
struct capa_param param;
struct capa_result result;
debug_print("capa %d\n", result.error);
- if (ok)
- *ok = result.error;
+ if (result.error == MAILIMAP_NO_ERROR)
+ *caps = result.caps;
- return result.caps;
+ return result.error;
}
return result.error;
}
-
+#ifdef USE_GNUTLS
struct starttls_result {
int error;
};
return;
}
- tls_low = mailstream_low_tls_open_with_callback(fd, connect_ssl_context_cb, param->account);
+ tls_low = mailstream_low_tls_open_with_callback(fd, etpan_connect_ssl_context_cb, param->account);
if (tls_low == NULL) {
debug_print("imap starttls run - can't tls_open\n");
result->error = MAILIMAP_ERROR_STREAM;
{
struct connect_param param;
struct starttls_result result;
- int cert_len;
- unsigned char *certificate = NULL;
-
+ gboolean accept_if_valid = FALSE;
+
debug_print("imap starttls - begin\n");
-
+
param.imap = get_imap(folder);
param.server = host;
param.port = port;
param.account = folder->account;
+ if (folder->account)
+ accept_if_valid = folder->account->ssl_certs_auto_accept;
+
threaded_run(folder, ¶m, &result, starttls_run);
-
+
debug_print("imap starttls - end\n");
if (result.error == 0 && param.imap && !etpan_skip_ssl_cert_check) {
- cert_len = (int)mailstream_ssl_get_certificate(param.imap->imap_stream, &certificate);
- if (etpan_certificate_check(certificate, cert_len, ¶m) < 0)
- result.error = MAILIMAP_ERROR_STREAM;
- if (certificate)
- free(certificate);
+ if (etpan_certificate_check(param.imap->imap_stream, host, port,
+ accept_if_valid) != TRUE)
+ return MAILIMAP_ERROR_SSL;
}
return result.error;
}
-
-
+#endif
struct create_param {
mailimap * imap;
struct search_param {
mailimap * imap;
int type;
+ const char *charset;
struct mailimap_set * set;
IMAPSearchKey* key;
};
static struct mailimap_set *sc_mailimap_set_copy(struct mailimap_set *orig)
{
clist *list = orig ? orig->set_list : NULL;
- clist *newlist = clist_new();
+ clist *newlist;
clistiter *cur;
-
+
if (!orig)
return NULL;
- for (cur = clist_begin(list); cur; cur = clist_next(cur))
- clist_append(newlist,
+
+ newlist = clist_new();
+ if (!newlist)
+ return NULL;
+
+ for (cur = clist_begin(list); cur; cur = clist_next(cur)) {
+ if (clist_append(newlist,
sc_mailimap_set_item_copy(
- (struct mailimap_set_item *)clist_content(cur)));
+ (struct mailimap_set_item *)clist_content(cur))) != 0) {
+ clist_free(newlist);
+ return NULL;
+ }
+ }
return mailimap_set_new(newlist);
}
struct mailimap_search_key * uid_key = NULL;
struct mailimap_search_key * search_type_key = NULL;
clist * search_result;
-
+
param = op->param;
result = op->result;
} else {
mailstream_logger = imap_logger_uid;
- r = mailimap_uid_search(param->imap, NULL, key, &search_result);
+ r = mailimap_uid_search(param->imap, param->charset, key, &search_result);
mailstream_logger = imap_logger_cmd;
}
int imap_threaded_search(Folder * folder, int search_type, IMAPSearchKey* key,
- struct mailimap_set * set, clist ** search_result)
+ const char *charset, struct mailimap_set * set,
+ clist ** search_result)
{
struct search_param param;
struct search_result result;
imap = get_imap(folder);
param.imap = imap;
param.set = set;
+ param.charset = charset;
param.type = search_type;
param.key = key;
carray ** p_env_list)
{
clistiter * cur;
- carray * env_list;
- env_list = carray_new(16);
-
if (fetch_result) {
+ carray * env_list;
+ env_list = carray_new(16);
+
for(cur = clist_begin(fetch_result) ; cur != NULL ;
cur = clist_next(cur)) {
struct mailimap_msg_att * msg_att;
msg_att = clist_content(cur);
env_info = fetch_to_env_info(msg_att, &tags);
- if (!env_info)
+ if (!env_info
+ || carray_add(env_list, env_info, NULL) != 0
+ || carray_add(env_list, tags, NULL) != 0) {
+ carray_free(env_list);
return MAILIMAP_ERROR_MEMORY;
- carray_add(env_list, env_info, NULL);
- carray_add(env_list, tags, NULL);
+ }
}
* p_env_list = env_list;
} else {
};
hdrlist = clist_new();
+ if (!hdrlist)
+ return MAIL_ERROR_MEMORY;
i = 0;
while (headers[i] != NULL) {
header = strdup(headers[i]);
- if (header == NULL || clist_append(hdrlist, header) != 0)
+ if (header == NULL || clist_append(hdrlist, header) != 0) {
+ clist_free(hdrlist);
return MAIL_ERROR_MEMORY;
+ }
++i;
}
-
+
imap_hdrlist = mailimap_header_list_new(hdrlist);
section = mailimap_section_new_header_fields(imap_hdrlist);
fetch_att = mailimap_fetch_att_new_body_peek_section(section);
mailimap_fetch_type_new_fetch_att_list_add(fetch_type, fetch_att);
-
+
return MAIL_NO_ERROR;
}