#include <gtk/gtk.h>
#include <log.h>
#include "etpan-thread-manager.h"
+#include "etpan-ssl.h"
#include "utils.h"
#include "mainwindow.h"
#include "ssl.h"
static guint thread_manager_signal = 0;
static GIOChannel * io_channel = NULL;
-static void delete_imap(Folder *folder, mailimap *imap)
-{
- chashdatum key;
-
- key.data = &folder;
- key.len = sizeof(folder);
- chash_delete(session_hash, &key, NULL);
-
- key.data = &imap;
- key.len = sizeof(imap);
- chash_delete(courier_workaround_hash, &key, NULL);
- if (imap && imap->imap_stream) {
- /* we don't want libetpan to logout */
- mailstream_close(imap->imap_stream);
- imap->imap_stream = NULL;
- }
- debug_print("removing mailimap %p\n", imap);
- mailimap_free(imap);
-}
-
static gboolean thread_manager_event(GIOChannel * source,
GIOCondition condition,
gpointer data)
struct etpan_thread * thread;
chashdatum key;
chashdatum value;
-
+ int r;
+
key.data = &folder;
key.len = sizeof(folder);
-
- chash_get(imap_hash, &key, &value);
+
+ r = chash_get(imap_hash, &key, &value);
+ if (r < 0)
+ return NULL;
+
thread = value.data;
-
+
return thread;
}
op->finished = 1;
}
-static void threaded_run(Folder * folder, void * param, void * result,
- void (* func)(struct etpan_thread_op * ))
+/* Please do *not* blindly use imap pointers after this function returns,
+ * someone may have deleted it while this function was waiting for completion.
+ * Check return value to see if imap is still valid.
+ * Run get_imap(folder) again to get a fresh and valid pointer.
+ */
+static int threaded_run(Folder * folder, void * param, void * result,
+ void (* func)(struct etpan_thread_op * ))
{
struct etpan_thread_op * op;
struct etpan_thread * thread;
+ struct mailimap * imap = get_imap(folder);
imap_folder_ref(folder);
op = etpan_thread_op_new();
- op->imap = get_imap(folder);
+ op->imap = imap;
op->param = param;
op->result = result;
- op->cancellable = 0;
op->run = func;
op->callback = generic_cb;
op->callback_data = op;
- op->cleanup = NULL;
-
- op->finished = 0;
-
+
thread = get_thread(folder);
etpan_thread_op_schedule(thread, op);
while (!op->finished) {
gtk_main_iteration();
}
-
+
etpan_thread_op_free(op);
imap_folder_unref(folder);
+
+ if (imap != get_imap(folder)) {
+ g_warning("returning from operation on a stale imap %p", imap);
+ return 1;
+ }
+
+ return 0;
}
} \
}
+
+static void delete_imap_run(struct etpan_thread_op * op)
+{
+ mailimap * imap = op->imap;
+
+ /* we don't want libetpan to logout */
+ if (imap->imap_stream) {
+ mailstream_close(imap->imap_stream);
+ imap->imap_stream = NULL;
+ }
+
+ mailimap_free(imap);
+}
+
+static void threaded_delete_imap(Folder *folder, mailimap *imap)
+{
+ struct etpan_thread_op * op;
+
+ /* No need to wait for completion, threaded_run() won't work here. */
+ op = etpan_thread_op_new();
+ op->imap = imap;
+ op->run = delete_imap_run;
+ op->cleanup = etpan_thread_op_free;
+
+ etpan_thread_op_schedule(get_thread(folder), op);
+
+ debug_print("threaded delete imap posted\n");
+}
+
+static void delete_imap(Folder *folder, mailimap *imap)
+{
+ chashdatum key;
+
+ key.data = &folder;
+ key.len = sizeof(folder);
+ chash_delete(session_hash, &key, NULL);
+
+ if (!imap)
+ return;
+ key.data = &imap;
+ key.len = sizeof(imap);
+ chash_delete(courier_workaround_hash, &key, NULL);
+ /* We can't just free imap here as there may be ops on it pending
+ * in the thread. Posting freeing as an op will synchronize against
+ * existing jobs and as imap is already removed from session_hash
+ * we are sure no new ops can be posted. */
+ threaded_delete_imap(folder, imap);
+}
+
static void connect_run(struct etpan_thread_op * op)
{
int r;
value.data = imap;
value.len = 0;
chash_set(session_hash, &key, &value, NULL);
-
+
param.imap = imap;
param.server = server;
param.port = port;
-
+
refresh_resolvers();
threaded_run(folder, ¶m, &result, connect_run);
-
+
debug_print("connect ok %i with imap %p\n", result.error, imap);
-
- return result.error;
-}
-static int etpan_certificate_check(const unsigned char *certificate, int len, void *data)
-{
-#ifdef USE_GNUTLS
- struct connect_param *param = (struct connect_param *)data;
- gnutls_x509_crt_t cert = NULL;
- gnutls_datum_t tmp;
-
- if (certificate == NULL || len < 0) {
- g_warning("no cert presented.\n");
- return 0;
- }
-
- tmp.data = malloc(len);
- memcpy(tmp.data, certificate, len);
- tmp.size = len;
- gnutls_x509_crt_init(&cert);
- if (gnutls_x509_crt_import(cert, &tmp, GNUTLS_X509_FMT_DER) < 0) {
- free(tmp.data);
- g_warning("IMAP: can't get cert\n");
- return 0;
- } else if (ssl_certificate_check(cert, (guint)-1, (gchar *)param->server,
- (gushort)param->port) == TRUE) {
- free(tmp.data);
- gnutls_x509_crt_deinit(cert);
- return 0;
- } else {
- free(tmp.data);
- gnutls_x509_crt_deinit(cert);
- return -1;
- }
-#endif
- return 0;
+ return result.error;
}
-
-static void connect_ssl_context_cb(struct mailstream_ssl_context * ssl_context, void * data)
-{
#ifdef USE_GNUTLS
- PrefsAccount *account = (PrefsAccount *)data;
- const gchar *cert_path = NULL;
- const gchar *password = NULL;
- gnutls_x509_crt_t x509 = NULL;
- gnutls_x509_privkey_t pkey = NULL;
-
- if (account->in_ssl_client_cert_file && *account->in_ssl_client_cert_file)
- cert_path = account->in_ssl_client_cert_file;
- if (account->in_ssl_client_cert_pass && *account->in_ssl_client_cert_pass)
- password = account->in_ssl_client_cert_pass;
-
- if (mailstream_ssl_set_client_certificate_data(ssl_context, NULL, 0) < 0 ||
- mailstream_ssl_set_client_private_key_data(ssl_context, NULL, 0) < 0)
- debug_print("Impossible to set the client certificate.\n");
- x509 = ssl_certificate_get_x509_from_pem_file(cert_path);
- pkey = ssl_certificate_get_pkey_from_pem_file(cert_path);
- if (!(x509 && pkey)) {
- /* try pkcs12 format */
- ssl_certificate_get_x509_and_pkey_from_p12_file(cert_path, password, &x509, &pkey);
- }
- if (x509 && pkey) {
- unsigned char *x509_der = NULL, *pkey_der = NULL;
- size_t x509_len, pkey_len;
-
- x509_len = (size_t)gnutls_i2d_X509(x509, &x509_der);
- pkey_len = (size_t)gnutls_i2d_PrivateKey(pkey, &pkey_der);
- if (x509_len > 0 && pkey_len > 0) {
- if (mailstream_ssl_set_client_certificate_data(ssl_context, x509_der, x509_len) < 0 ||
- mailstream_ssl_set_client_private_key_data(ssl_context, pkey_der, pkey_len) < 0)
- log_error(LOG_PROTOCOL, _("Impossible to set the client certificate.\n"));
- g_free(x509_der);
- g_free(pkey_der);
- }
- gnutls_x509_crt_deinit(x509);
- gnutls_x509_privkey_deinit(pkey);
- }
-#endif
-}
-
static void connect_ssl_run(struct etpan_thread_op * op)
{
int r;
r = mailimap_ssl_connect_with_callback(param->imap,
param->server, param->port,
- connect_ssl_context_cb, param->account);
+ etpan_connect_ssl_context_cb, param->account);
result->error = r;
}
chashdatum key;
chashdatum value;
mailimap * imap, * oldimap;
- unsigned char *certificate = NULL;
- int cert_len;
-
+ gboolean accept_if_valid = FALSE;
+
oldimap = get_imap(folder);
imap = mailimap_new(0, NULL);
-
+
if (oldimap) {
debug_print("deleting old imap %p\n", oldimap);
delete_imap(folder, oldimap);
value.data = imap;
value.len = 0;
chash_set(session_hash, &key, &value, NULL);
-
+
param.imap = imap;
param.server = server;
param.port = port;
param.account = folder->account;
+ if (folder->account)
+ accept_if_valid = folder->account->ssl_certs_auto_accept;
+
refresh_resolvers();
- threaded_run(folder, ¶m, &result, connect_ssl_run);
+ if (threaded_run(folder, ¶m, &result, connect_ssl_run))
+ return MAILIMAP_ERROR_INVAL;
if ((result.error == MAILIMAP_NO_ERROR_AUTHENTICATED ||
result.error == MAILIMAP_NO_ERROR_NON_AUTHENTICATED) && !etpan_skip_ssl_cert_check) {
- cert_len = (int)mailstream_ssl_get_certificate(imap->imap_stream, &certificate);
- if (etpan_certificate_check(certificate, cert_len, ¶m) < 0)
- return -1;
- if (certificate)
- free(certificate);
+ if (etpan_certificate_check(imap->imap_stream, server, port,
+ accept_if_valid) != TRUE)
+ result.error = MAILIMAP_ERROR_SSL;
}
debug_print("connect %d with imap %p\n", result.error, imap);
-
+
return result.error;
}
-
+#endif
struct capa_param {
mailimap * imap;
};
}
-struct mailimap_capability_data * imap_threaded_capability(Folder *folder, int *ok)
+int imap_threaded_capability(Folder *folder, struct mailimap_capability_data ** caps)
{
struct capa_param param;
struct capa_result result;
debug_print("capa %d\n", result.error);
- if (ok)
- *ok = result.error;
+ if (result.error == MAILIMAP_NO_ERROR)
+ *caps = result.caps;
- return result.caps;
+ return result.error;
}
param.imap = imap;
- threaded_run(folder, ¶m, &result, disconnect_run);
-
- if (imap == get_imap(folder)) {
+ if (threaded_run(folder, ¶m, &result, disconnect_run)) {
+ debug_print("imap already deleted %p\n", imap);
+ } else {
debug_print("deleting old imap %p\n", imap);
delete_imap(folder, imap);
- } else {
- debug_print("imap already deleted %p\n", imap);
}
debug_print("disconnect ok\n");
old_debug = mailstream_debug;
mailstream_debug = 0;
#endif
- if (!strcmp(param->type, "LOGIN"))
+ if (!strcmp(param->type, "plaintext"))
r = mailimap_login(param->imap,
param->login, param->password);
else if (!strcmp(param->type, "GSSAPI"))
param->type, param->server, NULL, NULL,
param->login, param->login,
param->password, NULL);
- else
+ else if (!strcmp(param->type, "SCRAM-SHA-1"))
+ /* 7th argument has to be NULL here, to stop libetpan sending the
+ * a= attribute in its initial SCRAM-SHA-1 message to server. At least
+ * Dovecot 2.2 doesn't seem to like that, and will not authenticate
+ * succesfully. */
+ r = mailimap_authenticate(param->imap,
+ param->type, NULL, NULL, NULL,
+ NULL, param->login,
+ param->password, NULL);
+ else
r = mailimap_authenticate(param->imap,
param->type, NULL, NULL, NULL,
param->login, param->login,
debug_print("imap login - begin\n");
+ if (!folder)
+ return MAILIMAP_ERROR_INVAL;
+
param.imap = get_imap(folder);
param.login = login;
param.password = password;
imap = get_imap(folder);
param.imap = imap;
- threaded_run(folder, ¶m, &result, noop_run);
-
+ if (threaded_run(folder, ¶m, &result, noop_run))
+ return MAILIMAP_ERROR_INVAL;
+
if (result.error == 0 && imap && imap->imap_selection_info != NULL) {
* p_exists = imap->imap_selection_info->sel_exists;
* p_recent = imap->imap_selection_info->sel_recent;
return result.error;
}
-
+#ifdef USE_GNUTLS
struct starttls_result {
int error;
};
return;
}
- tls_low = mailstream_low_tls_open_with_callback(fd, connect_ssl_context_cb, param->account);
+ tls_low = mailstream_low_tls_open_with_callback(fd, etpan_connect_ssl_context_cb, param->account);
if (tls_low == NULL) {
debug_print("imap starttls run - can't tls_open\n");
result->error = MAILIMAP_ERROR_STREAM;
{
struct connect_param param;
struct starttls_result result;
- int cert_len;
- unsigned char *certificate = NULL;
-
+ gboolean accept_if_valid = FALSE;
+
debug_print("imap starttls - begin\n");
-
+
param.imap = get_imap(folder);
param.server = host;
param.port = port;
param.account = folder->account;
- threaded_run(folder, ¶m, &result, starttls_run);
-
+ if (folder->account)
+ accept_if_valid = folder->account->ssl_certs_auto_accept;
+
+ if (threaded_run(folder, ¶m, &result, starttls_run))
+ return MAILIMAP_ERROR_INVAL;
+
debug_print("imap starttls - end\n");
if (result.error == 0 && param.imap && !etpan_skip_ssl_cert_check) {
- cert_len = (int)mailstream_ssl_get_certificate(param.imap->imap_stream, &certificate);
- if (etpan_certificate_check(certificate, cert_len, ¶m) < 0)
- result.error = MAILIMAP_ERROR_STREAM;
- if (certificate)
- free(certificate);
+ if (etpan_certificate_check(param.imap->imap_stream, host, port,
+ accept_if_valid) != TRUE)
+ return MAILIMAP_ERROR_SSL;
}
return result.error;
}
-
-
+#endif
struct create_param {
mailimap * imap;
param.imap = imap;
param.mb = mb;
- threaded_run(folder, ¶m, &result, select_run);
-
+ if (threaded_run(folder, ¶m, &result, select_run))
+ return MAILIMAP_ERROR_INVAL;
+
if (result.error != MAILIMAP_NO_ERROR)
return result.error;
param.imap = imap;
param.mb = mb;
- threaded_run(folder, ¶m, &result, examine_run);
-
+ if (threaded_run(folder, ¶m, &result, examine_run))
+ return MAILIMAP_ERROR_INVAL;
+
if (result.error != MAILIMAP_NO_ERROR)
return result.error;
static struct mailimap_set *sc_mailimap_set_copy(struct mailimap_set *orig)
{
clist *list = orig ? orig->set_list : NULL;
- clist *newlist = clist_new();
+ clist *newlist;
clistiter *cur;
-
+
if (!orig)
return NULL;
- for (cur = clist_begin(list); cur; cur = clist_next(cur))
- clist_append(newlist,
+
+ newlist = clist_new();
+ if (!newlist)
+ return NULL;
+
+ for (cur = clist_begin(list); cur; cur = clist_next(cur)) {
+ if (clist_append(newlist,
sc_mailimap_set_item_copy(
- (struct mailimap_set_item *)clist_content(cur)));
+ (struct mailimap_set_item *)clist_content(cur))) != 0) {
+ clist_free(newlist);
+ return NULL;
+ }
+ }
return mailimap_set_new(newlist);
}
carray ** p_env_list)
{
clistiter * cur;
- carray * env_list;
- env_list = carray_new(16);
-
if (fetch_result) {
+ carray * env_list;
+ env_list = carray_new(16);
+
for(cur = clist_begin(fetch_result) ; cur != NULL ;
cur = clist_next(cur)) {
struct mailimap_msg_att * msg_att;
msg_att = clist_content(cur);
env_info = fetch_to_env_info(msg_att, &tags);
- if (!env_info)
+ if (!env_info
+ || carray_add(env_list, env_info, NULL) != 0
+ || carray_add(env_list, tags, NULL) != 0) {
+ carray_free(env_list);
return MAILIMAP_ERROR_MEMORY;
- carray_add(env_list, env_info, NULL);
- carray_add(env_list, tags, NULL);
+ }
}
* p_env_list = env_list;
} else {
};
hdrlist = clist_new();
+ if (!hdrlist)
+ return MAIL_ERROR_MEMORY;
i = 0;
while (headers[i] != NULL) {
header = strdup(headers[i]);
- if (header == NULL || clist_append(hdrlist, header) != 0)
+ if (header == NULL || clist_append(hdrlist, header) != 0) {
+ clist_free(hdrlist);
return MAIL_ERROR_MEMORY;
+ }
++i;
}
-
+
imap_hdrlist = mailimap_header_list_new(hdrlist);
section = mailimap_section_new_header_fields(imap_hdrlist);
fetch_att = mailimap_fetch_att_new_body_peek_section(section);
mailimap_fetch_type_new_fetch_att_list_add(fetch_type, fetch_att);
-
+
return MAIL_NO_ERROR;
}
param.imap = imap;
param.set = set;
- threaded_run(folder, ¶m, &result, fetch_env_run);
-
+ if (threaded_run(folder, ¶m, &result, fetch_env_run))
+ return MAILIMAP_ERROR_INVAL;
+
if (result.error != MAILIMAP_NO_ERROR) {
chashdatum key;
chashdatum value;
projects / claws.git / blobdiff