t7406: submodule.<name>.update command must not be run from .gitmodules
[git] / imap-send.c
1 /*
2  * git-imap-send - drops patches into an imap Drafts folder
3  *                 derived from isync/mbsync - mailbox synchronizer
4  *
5  * Copyright (C) 2000-2002 Michael R. Elkins <me@mutt.org>
6  * Copyright (C) 2002-2004 Oswald Buddenhagen <ossi@users.sf.net>
7  * Copyright (C) 2004 Theodore Y. Ts'o <tytso@mit.edu>
8  * Copyright (C) 2006 Mike McCormack
9  *
10  *  This program is free software; you can redistribute it and/or modify
11  *  it under the terms of the GNU General Public License as published by
12  *  the Free Software Foundation; either version 2 of the License, or
13  *  (at your option) any later version.
14  *
15  *  This program is distributed in the hope that it will be useful,
16  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
17  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18  *  GNU General Public License for more details.
19  *
20  *  You should have received a copy of the GNU General Public License
21  *  along with this program; if not, write to the Free Software
22  *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
23  */
24
25 #include "cache.h"
26 #include "config.h"
27 #include "credential.h"
28 #include "exec_cmd.h"
29 #include "run-command.h"
30 #include "parse-options.h"
31 #ifdef NO_OPENSSL
32 typedef void *SSL;
33 #endif
34 #ifdef USE_CURL_FOR_IMAP_SEND
35 #include "http.h"
36 #endif
37
38 #if defined(USE_CURL_FOR_IMAP_SEND)
39 /* Always default to curl if it's available. */
40 #define USE_CURL_DEFAULT 1
41 #else
42 /* We don't have curl, so continue to use the historical implementation */
43 #define USE_CURL_DEFAULT 0
44 #endif
45
46 static int verbosity;
47 static int use_curl = USE_CURL_DEFAULT;
48
49 static const char * const imap_send_usage[] = { "git imap-send [-v] [-q] [--[no-]curl] < <mbox>", NULL };
50
51 static struct option imap_send_options[] = {
52         OPT__VERBOSITY(&verbosity),
53         OPT_BOOL(0, "curl", &use_curl, "use libcurl to communicate with the IMAP server"),
54         OPT_END()
55 };
56
57 #undef DRV_OK
58 #define DRV_OK          0
59 #define DRV_MSG_BAD     -1
60 #define DRV_BOX_BAD     -2
61 #define DRV_STORE_BAD   -3
62
63 __attribute__((format (printf, 1, 2)))
64 static void imap_info(const char *, ...);
65 __attribute__((format (printf, 1, 2)))
66 static void imap_warn(const char *, ...);
67
68 static char *next_arg(char **);
69
70 __attribute__((format (printf, 3, 4)))
71 static int nfsnprintf(char *buf, int blen, const char *fmt, ...);
72
73 static int nfvasprintf(char **strp, const char *fmt, va_list ap)
74 {
75         int len;
76         char tmp[8192];
77
78         len = vsnprintf(tmp, sizeof(tmp), fmt, ap);
79         if (len < 0)
80                 die("Fatal: Out of memory");
81         if (len >= sizeof(tmp))
82                 die("imap command overflow!");
83         *strp = xmemdupz(tmp, len);
84         return len;
85 }
86
87 struct imap_server_conf {
88         char *name;
89         char *tunnel;
90         char *host;
91         int port;
92         char *folder;
93         char *user;
94         char *pass;
95         int use_ssl;
96         int ssl_verify;
97         int use_html;
98         char *auth_method;
99 };
100
101 static struct imap_server_conf server = {
102         NULL,   /* name */
103         NULL,   /* tunnel */
104         NULL,   /* host */
105         0,      /* port */
106         NULL,   /* folder */
107         NULL,   /* user */
108         NULL,   /* pass */
109         0,      /* use_ssl */
110         1,      /* ssl_verify */
111         0,      /* use_html */
112         NULL,   /* auth_method */
113 };
114
115 struct imap_socket {
116         int fd[2];
117         SSL *ssl;
118 };
119
120 struct imap_buffer {
121         struct imap_socket sock;
122         int bytes;
123         int offset;
124         char buf[1024];
125 };
126
127 struct imap_cmd;
128
129 struct imap {
130         int uidnext; /* from SELECT responses */
131         unsigned caps, rcaps; /* CAPABILITY results */
132         /* command queue */
133         int nexttag, num_in_progress, literal_pending;
134         struct imap_cmd *in_progress, **in_progress_append;
135         struct imap_buffer buf; /* this is BIG, so put it last */
136 };
137
138 struct imap_store {
139         /* currently open mailbox */
140         const char *name; /* foreign! maybe preset? */
141         int uidvalidity;
142         struct imap *imap;
143         const char *prefix;
144 };
145
146 struct imap_cmd_cb {
147         int (*cont)(struct imap_store *ctx, struct imap_cmd *cmd, const char *prompt);
148         void (*done)(struct imap_store *ctx, struct imap_cmd *cmd, int response);
149         void *ctx;
150         char *data;
151         int dlen;
152         int uid;
153 };
154
155 struct imap_cmd {
156         struct imap_cmd *next;
157         struct imap_cmd_cb cb;
158         char *cmd;
159         int tag;
160 };
161
162 #define CAP(cap) (imap->caps & (1 << (cap)))
163
164 enum CAPABILITY {
165         NOLOGIN = 0,
166         UIDPLUS,
167         LITERALPLUS,
168         NAMESPACE,
169         STARTTLS,
170         AUTH_CRAM_MD5
171 };
172
173 static const char *cap_list[] = {
174         "LOGINDISABLED",
175         "UIDPLUS",
176         "LITERAL+",
177         "NAMESPACE",
178         "STARTTLS",
179         "AUTH=CRAM-MD5",
180 };
181
182 #define RESP_OK    0
183 #define RESP_NO    1
184 #define RESP_BAD   2
185
186 static int get_cmd_result(struct imap_store *ctx, struct imap_cmd *tcmd);
187
188
189 #ifndef NO_OPENSSL
190 static void ssl_socket_perror(const char *func)
191 {
192         fprintf(stderr, "%s: %s\n", func, ERR_error_string(ERR_get_error(), NULL));
193 }
194 #endif
195
196 static void socket_perror(const char *func, struct imap_socket *sock, int ret)
197 {
198 #ifndef NO_OPENSSL
199         if (sock->ssl) {
200                 int sslerr = SSL_get_error(sock->ssl, ret);
201                 switch (sslerr) {
202                 case SSL_ERROR_NONE:
203                         break;
204                 case SSL_ERROR_SYSCALL:
205                         perror("SSL_connect");
206                         break;
207                 default:
208                         ssl_socket_perror("SSL_connect");
209                         break;
210                 }
211         } else
212 #endif
213         {
214                 if (ret < 0)
215                         perror(func);
216                 else
217                         fprintf(stderr, "%s: unexpected EOF\n", func);
218         }
219 }
220
221 #ifdef NO_OPENSSL
222 static int ssl_socket_connect(struct imap_socket *sock, int use_tls_only, int verify)
223 {
224         fprintf(stderr, "SSL requested but SSL support not compiled in\n");
225         return -1;
226 }
227
228 #else
229
230 static int host_matches(const char *host, const char *pattern)
231 {
232         if (pattern[0] == '*' && pattern[1] == '.') {
233                 pattern += 2;
234                 if (!(host = strchr(host, '.')))
235                         return 0;
236                 host++;
237         }
238
239         return *host && *pattern && !strcasecmp(host, pattern);
240 }
241
242 static int verify_hostname(X509 *cert, const char *hostname)
243 {
244         int len;
245         X509_NAME *subj;
246         char cname[1000];
247         int i, found;
248         STACK_OF(GENERAL_NAME) *subj_alt_names;
249
250         /* try the DNS subjectAltNames */
251         found = 0;
252         if ((subj_alt_names = X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL))) {
253                 int num_subj_alt_names = sk_GENERAL_NAME_num(subj_alt_names);
254                 for (i = 0; !found && i < num_subj_alt_names; i++) {
255                         GENERAL_NAME *subj_alt_name = sk_GENERAL_NAME_value(subj_alt_names, i);
256                         if (subj_alt_name->type == GEN_DNS &&
257                             strlen((const char *)subj_alt_name->d.ia5->data) == (size_t)subj_alt_name->d.ia5->length &&
258                             host_matches(hostname, (const char *)(subj_alt_name->d.ia5->data)))
259                                 found = 1;
260                 }
261                 sk_GENERAL_NAME_pop_free(subj_alt_names, GENERAL_NAME_free);
262         }
263         if (found)
264                 return 0;
265
266         /* try the common name */
267         if (!(subj = X509_get_subject_name(cert)))
268                 return error("cannot get certificate subject");
269         if ((len = X509_NAME_get_text_by_NID(subj, NID_commonName, cname, sizeof(cname))) < 0)
270                 return error("cannot get certificate common name");
271         if (strlen(cname) == (size_t)len && host_matches(hostname, cname))
272                 return 0;
273         return error("certificate owner '%s' does not match hostname '%s'",
274                      cname, hostname);
275 }
276
277 static int ssl_socket_connect(struct imap_socket *sock, int use_tls_only, int verify)
278 {
279 #if (OPENSSL_VERSION_NUMBER >= 0x10000000L)
280         const SSL_METHOD *meth;
281 #else
282         SSL_METHOD *meth;
283 #endif
284         SSL_CTX *ctx;
285         int ret;
286         X509 *cert;
287
288         SSL_library_init();
289         SSL_load_error_strings();
290
291         meth = SSLv23_method();
292         if (!meth) {
293                 ssl_socket_perror("SSLv23_method");
294                 return -1;
295         }
296
297         ctx = SSL_CTX_new(meth);
298         if (!ctx) {
299                 ssl_socket_perror("SSL_CTX_new");
300                 return -1;
301         }
302
303         if (use_tls_only)
304                 SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
305
306         if (verify)
307                 SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL);
308
309         if (!SSL_CTX_set_default_verify_paths(ctx)) {
310                 ssl_socket_perror("SSL_CTX_set_default_verify_paths");
311                 return -1;
312         }
313         sock->ssl = SSL_new(ctx);
314         if (!sock->ssl) {
315                 ssl_socket_perror("SSL_new");
316                 return -1;
317         }
318         if (!SSL_set_rfd(sock->ssl, sock->fd[0])) {
319                 ssl_socket_perror("SSL_set_rfd");
320                 return -1;
321         }
322         if (!SSL_set_wfd(sock->ssl, sock->fd[1])) {
323                 ssl_socket_perror("SSL_set_wfd");
324                 return -1;
325         }
326
327 #ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
328         /*
329          * SNI (RFC4366)
330          * OpenSSL does not document this function, but the implementation
331          * returns 1 on success, 0 on failure after calling SSLerr().
332          */
333         ret = SSL_set_tlsext_host_name(sock->ssl, server.host);
334         if (ret != 1)
335                 warning("SSL_set_tlsext_host_name(%s) failed.", server.host);
336 #endif
337
338         ret = SSL_connect(sock->ssl);
339         if (ret <= 0) {
340                 socket_perror("SSL_connect", sock, ret);
341                 return -1;
342         }
343
344         if (verify) {
345                 /* make sure the hostname matches that of the certificate */
346                 cert = SSL_get_peer_certificate(sock->ssl);
347                 if (!cert)
348                         return error("unable to get peer certificate.");
349                 if (verify_hostname(cert, server.host) < 0)
350                         return -1;
351         }
352
353         return 0;
354 }
355 #endif
356
357 static int socket_read(struct imap_socket *sock, char *buf, int len)
358 {
359         ssize_t n;
360 #ifndef NO_OPENSSL
361         if (sock->ssl)
362                 n = SSL_read(sock->ssl, buf, len);
363         else
364 #endif
365                 n = xread(sock->fd[0], buf, len);
366         if (n <= 0) {
367                 socket_perror("read", sock, n);
368                 close(sock->fd[0]);
369                 close(sock->fd[1]);
370                 sock->fd[0] = sock->fd[1] = -1;
371         }
372         return n;
373 }
374
375 static int socket_write(struct imap_socket *sock, const char *buf, int len)
376 {
377         int n;
378 #ifndef NO_OPENSSL
379         if (sock->ssl)
380                 n = SSL_write(sock->ssl, buf, len);
381         else
382 #endif
383                 n = write_in_full(sock->fd[1], buf, len);
384         if (n != len) {
385                 socket_perror("write", sock, n);
386                 close(sock->fd[0]);
387                 close(sock->fd[1]);
388                 sock->fd[0] = sock->fd[1] = -1;
389         }
390         return n;
391 }
392
393 static void socket_shutdown(struct imap_socket *sock)
394 {
395 #ifndef NO_OPENSSL
396         if (sock->ssl) {
397                 SSL_shutdown(sock->ssl);
398                 SSL_free(sock->ssl);
399         }
400 #endif
401         close(sock->fd[0]);
402         close(sock->fd[1]);
403 }
404
405 /* simple line buffering */
406 static int buffer_gets(struct imap_buffer *b, char **s)
407 {
408         int n;
409         int start = b->offset;
410
411         *s = b->buf + start;
412
413         for (;;) {
414                 /* make sure we have enough data to read the \r\n sequence */
415                 if (b->offset + 1 >= b->bytes) {
416                         if (start) {
417                                 /* shift down used bytes */
418                                 *s = b->buf;
419
420                                 assert(start <= b->bytes);
421                                 n = b->bytes - start;
422
423                                 if (n)
424                                         memmove(b->buf, b->buf + start, n);
425                                 b->offset -= start;
426                                 b->bytes = n;
427                                 start = 0;
428                         }
429
430                         n = socket_read(&b->sock, b->buf + b->bytes,
431                                          sizeof(b->buf) - b->bytes);
432
433                         if (n <= 0)
434                                 return -1;
435
436                         b->bytes += n;
437                 }
438
439                 if (b->buf[b->offset] == '\r') {
440                         assert(b->offset + 1 < b->bytes);
441                         if (b->buf[b->offset + 1] == '\n') {
442                                 b->buf[b->offset] = 0;  /* terminate the string */
443                                 b->offset += 2; /* next line */
444                                 if (0 < verbosity)
445                                         puts(*s);
446                                 return 0;
447                         }
448                 }
449
450                 b->offset++;
451         }
452         /* not reached */
453 }
454
455 static void imap_info(const char *msg, ...)
456 {
457         va_list va;
458
459         if (0 <= verbosity) {
460                 va_start(va, msg);
461                 vprintf(msg, va);
462                 va_end(va);
463                 fflush(stdout);
464         }
465 }
466
467 static void imap_warn(const char *msg, ...)
468 {
469         va_list va;
470
471         if (-2 < verbosity) {
472                 va_start(va, msg);
473                 vfprintf(stderr, msg, va);
474                 va_end(va);
475         }
476 }
477
478 static char *next_arg(char **s)
479 {
480         char *ret;
481
482         if (!s || !*s)
483                 return NULL;
484         while (isspace((unsigned char) **s))
485                 (*s)++;
486         if (!**s) {
487                 *s = NULL;
488                 return NULL;
489         }
490         if (**s == '"') {
491                 ++*s;
492                 ret = *s;
493                 *s = strchr(*s, '"');
494         } else {
495                 ret = *s;
496                 while (**s && !isspace((unsigned char) **s))
497                         (*s)++;
498         }
499         if (*s) {
500                 if (**s)
501                         *(*s)++ = 0;
502                 if (!**s)
503                         *s = NULL;
504         }
505         return ret;
506 }
507
508 static int nfsnprintf(char *buf, int blen, const char *fmt, ...)
509 {
510         int ret;
511         va_list va;
512
513         va_start(va, fmt);
514         if (blen <= 0 || (unsigned)(ret = vsnprintf(buf, blen, fmt, va)) >= (unsigned)blen)
515                 die("BUG: buffer too small. Please report a bug.");
516         va_end(va);
517         return ret;
518 }
519
520 static struct imap_cmd *issue_imap_cmd(struct imap_store *ctx,
521                                        struct imap_cmd_cb *cb,
522                                        const char *fmt, va_list ap)
523 {
524         struct imap *imap = ctx->imap;
525         struct imap_cmd *cmd;
526         int n, bufl;
527         char buf[1024];
528
529         cmd = xmalloc(sizeof(struct imap_cmd));
530         nfvasprintf(&cmd->cmd, fmt, ap);
531         cmd->tag = ++imap->nexttag;
532
533         if (cb)
534                 cmd->cb = *cb;
535         else
536                 memset(&cmd->cb, 0, sizeof(cmd->cb));
537
538         while (imap->literal_pending)
539                 get_cmd_result(ctx, NULL);
540
541         if (!cmd->cb.data)
542                 bufl = nfsnprintf(buf, sizeof(buf), "%d %s\r\n", cmd->tag, cmd->cmd);
543         else
544                 bufl = nfsnprintf(buf, sizeof(buf), "%d %s{%d%s}\r\n",
545                                   cmd->tag, cmd->cmd, cmd->cb.dlen,
546                                   CAP(LITERALPLUS) ? "+" : "");
547
548         if (0 < verbosity) {
549                 if (imap->num_in_progress)
550                         printf("(%d in progress) ", imap->num_in_progress);
551                 if (!starts_with(cmd->cmd, "LOGIN"))
552                         printf(">>> %s", buf);
553                 else
554                         printf(">>> %d LOGIN <user> <pass>\n", cmd->tag);
555         }
556         if (socket_write(&imap->buf.sock, buf, bufl) != bufl) {
557                 free(cmd->cmd);
558                 free(cmd);
559                 if (cb)
560                         free(cb->data);
561                 return NULL;
562         }
563         if (cmd->cb.data) {
564                 if (CAP(LITERALPLUS)) {
565                         n = socket_write(&imap->buf.sock, cmd->cb.data, cmd->cb.dlen);
566                         free(cmd->cb.data);
567                         if (n != cmd->cb.dlen ||
568                             socket_write(&imap->buf.sock, "\r\n", 2) != 2) {
569                                 free(cmd->cmd);
570                                 free(cmd);
571                                 return NULL;
572                         }
573                         cmd->cb.data = NULL;
574                 } else
575                         imap->literal_pending = 1;
576         } else if (cmd->cb.cont)
577                 imap->literal_pending = 1;
578         cmd->next = NULL;
579         *imap->in_progress_append = cmd;
580         imap->in_progress_append = &cmd->next;
581         imap->num_in_progress++;
582         return cmd;
583 }
584
585 __attribute__((format (printf, 3, 4)))
586 static int imap_exec(struct imap_store *ctx, struct imap_cmd_cb *cb,
587                      const char *fmt, ...)
588 {
589         va_list ap;
590         struct imap_cmd *cmdp;
591
592         va_start(ap, fmt);
593         cmdp = issue_imap_cmd(ctx, cb, fmt, ap);
594         va_end(ap);
595         if (!cmdp)
596                 return RESP_BAD;
597
598         return get_cmd_result(ctx, cmdp);
599 }
600
601 __attribute__((format (printf, 3, 4)))
602 static int imap_exec_m(struct imap_store *ctx, struct imap_cmd_cb *cb,
603                        const char *fmt, ...)
604 {
605         va_list ap;
606         struct imap_cmd *cmdp;
607
608         va_start(ap, fmt);
609         cmdp = issue_imap_cmd(ctx, cb, fmt, ap);
610         va_end(ap);
611         if (!cmdp)
612                 return DRV_STORE_BAD;
613
614         switch (get_cmd_result(ctx, cmdp)) {
615         case RESP_BAD: return DRV_STORE_BAD;
616         case RESP_NO: return DRV_MSG_BAD;
617         default: return DRV_OK;
618         }
619 }
620
621 static int skip_imap_list_l(char **sp, int level)
622 {
623         char *s = *sp;
624
625         for (;;) {
626                 while (isspace((unsigned char)*s))
627                         s++;
628                 if (level && *s == ')') {
629                         s++;
630                         break;
631                 }
632                 if (*s == '(') {
633                         /* sublist */
634                         s++;
635                         if (skip_imap_list_l(&s, level + 1))
636                                 goto bail;
637                 } else if (*s == '"') {
638                         /* quoted string */
639                         s++;
640                         for (; *s != '"'; s++)
641                                 if (!*s)
642                                         goto bail;
643                         s++;
644                 } else {
645                         /* atom */
646                         for (; *s && !isspace((unsigned char)*s); s++)
647                                 if (level && *s == ')')
648                                         break;
649                 }
650
651                 if (!level)
652                         break;
653                 if (!*s)
654                         goto bail;
655         }
656         *sp = s;
657         return 0;
658
659 bail:
660         return -1;
661 }
662
663 static void skip_list(char **sp)
664 {
665         skip_imap_list_l(sp, 0);
666 }
667
668 static void parse_capability(struct imap *imap, char *cmd)
669 {
670         char *arg;
671         unsigned i;
672
673         imap->caps = 0x80000000;
674         while ((arg = next_arg(&cmd)))
675                 for (i = 0; i < ARRAY_SIZE(cap_list); i++)
676                         if (!strcmp(cap_list[i], arg))
677                                 imap->caps |= 1 << i;
678         imap->rcaps = imap->caps;
679 }
680
681 static int parse_response_code(struct imap_store *ctx, struct imap_cmd_cb *cb,
682                                char *s)
683 {
684         struct imap *imap = ctx->imap;
685         char *arg, *p;
686
687         if (*s != '[')
688                 return RESP_OK;         /* no response code */
689         s++;
690         if (!(p = strchr(s, ']'))) {
691                 fprintf(stderr, "IMAP error: malformed response code\n");
692                 return RESP_BAD;
693         }
694         *p++ = 0;
695         arg = next_arg(&s);
696         if (!strcmp("UIDVALIDITY", arg)) {
697                 if (!(arg = next_arg(&s)) || !(ctx->uidvalidity = atoi(arg))) {
698                         fprintf(stderr, "IMAP error: malformed UIDVALIDITY status\n");
699                         return RESP_BAD;
700                 }
701         } else if (!strcmp("UIDNEXT", arg)) {
702                 if (!(arg = next_arg(&s)) || !(imap->uidnext = atoi(arg))) {
703                         fprintf(stderr, "IMAP error: malformed NEXTUID status\n");
704                         return RESP_BAD;
705                 }
706         } else if (!strcmp("CAPABILITY", arg)) {
707                 parse_capability(imap, s);
708         } else if (!strcmp("ALERT", arg)) {
709                 /* RFC2060 says that these messages MUST be displayed
710                  * to the user
711                  */
712                 for (; isspace((unsigned char)*p); p++);
713                 fprintf(stderr, "*** IMAP ALERT *** %s\n", p);
714         } else if (cb && cb->ctx && !strcmp("APPENDUID", arg)) {
715                 if (!(arg = next_arg(&s)) || !(ctx->uidvalidity = atoi(arg)) ||
716                     !(arg = next_arg(&s)) || !(*(int *)cb->ctx = atoi(arg))) {
717                         fprintf(stderr, "IMAP error: malformed APPENDUID status\n");
718                         return RESP_BAD;
719                 }
720         }
721         return RESP_OK;
722 }
723
724 static int get_cmd_result(struct imap_store *ctx, struct imap_cmd *tcmd)
725 {
726         struct imap *imap = ctx->imap;
727         struct imap_cmd *cmdp, **pcmdp;
728         char *cmd, *arg, *arg1;
729         int n, resp, resp2, tag;
730
731         for (;;) {
732                 if (buffer_gets(&imap->buf, &cmd))
733                         return RESP_BAD;
734
735                 arg = next_arg(&cmd);
736                 if (*arg == '*') {
737                         arg = next_arg(&cmd);
738                         if (!arg) {
739                                 fprintf(stderr, "IMAP error: unable to parse untagged response\n");
740                                 return RESP_BAD;
741                         }
742
743                         if (!strcmp("NAMESPACE", arg)) {
744                                 /* rfc2342 NAMESPACE response. */
745                                 skip_list(&cmd); /* Personal mailboxes */
746                                 skip_list(&cmd); /* Others' mailboxes */
747                                 skip_list(&cmd); /* Shared mailboxes */
748                         } else if (!strcmp("OK", arg) || !strcmp("BAD", arg) ||
749                                    !strcmp("NO", arg) || !strcmp("BYE", arg)) {
750                                 if ((resp = parse_response_code(ctx, NULL, cmd)) != RESP_OK)
751                                         return resp;
752                         } else if (!strcmp("CAPABILITY", arg)) {
753                                 parse_capability(imap, cmd);
754                         } else if ((arg1 = next_arg(&cmd))) {
755                                 ; /*
756                                    * Unhandled response-data with at least two words.
757                                    * Ignore it.
758                                    *
759                                    * NEEDSWORK: Previously this case handled '<num> EXISTS'
760                                    * and '<num> RECENT' but as a probably-unintended side
761                                    * effect it ignores other unrecognized two-word
762                                    * responses.  imap-send doesn't ever try to read
763                                    * messages or mailboxes these days, so consider
764                                    * eliminating this case.
765                                    */
766                         } else {
767                                 fprintf(stderr, "IMAP error: unable to parse untagged response\n");
768                                 return RESP_BAD;
769                         }
770                 } else if (!imap->in_progress) {
771                         fprintf(stderr, "IMAP error: unexpected reply: %s %s\n", arg, cmd ? cmd : "");
772                         return RESP_BAD;
773                 } else if (*arg == '+') {
774                         /* This can happen only with the last command underway, as
775                            it enforces a round-trip. */
776                         cmdp = (struct imap_cmd *)((char *)imap->in_progress_append -
777                                offsetof(struct imap_cmd, next));
778                         if (cmdp->cb.data) {
779                                 n = socket_write(&imap->buf.sock, cmdp->cb.data, cmdp->cb.dlen);
780                                 FREE_AND_NULL(cmdp->cb.data);
781                                 if (n != (int)cmdp->cb.dlen)
782                                         return RESP_BAD;
783                         } else if (cmdp->cb.cont) {
784                                 if (cmdp->cb.cont(ctx, cmdp, cmd))
785                                         return RESP_BAD;
786                         } else {
787                                 fprintf(stderr, "IMAP error: unexpected command continuation request\n");
788                                 return RESP_BAD;
789                         }
790                         if (socket_write(&imap->buf.sock, "\r\n", 2) != 2)
791                                 return RESP_BAD;
792                         if (!cmdp->cb.cont)
793                                 imap->literal_pending = 0;
794                         if (!tcmd)
795                                 return DRV_OK;
796                 } else {
797                         tag = atoi(arg);
798                         for (pcmdp = &imap->in_progress; (cmdp = *pcmdp); pcmdp = &cmdp->next)
799                                 if (cmdp->tag == tag)
800                                         goto gottag;
801                         fprintf(stderr, "IMAP error: unexpected tag %s\n", arg);
802                         return RESP_BAD;
803                 gottag:
804                         if (!(*pcmdp = cmdp->next))
805                                 imap->in_progress_append = pcmdp;
806                         imap->num_in_progress--;
807                         if (cmdp->cb.cont || cmdp->cb.data)
808                                 imap->literal_pending = 0;
809                         arg = next_arg(&cmd);
810                         if (!strcmp("OK", arg))
811                                 resp = DRV_OK;
812                         else {
813                                 if (!strcmp("NO", arg))
814                                         resp = RESP_NO;
815                                 else /*if (!strcmp("BAD", arg))*/
816                                         resp = RESP_BAD;
817                                 fprintf(stderr, "IMAP command '%s' returned response (%s) - %s\n",
818                                         !starts_with(cmdp->cmd, "LOGIN") ?
819                                                         cmdp->cmd : "LOGIN <user> <pass>",
820                                                         arg, cmd ? cmd : "");
821                         }
822                         if ((resp2 = parse_response_code(ctx, &cmdp->cb, cmd)) > resp)
823                                 resp = resp2;
824                         if (cmdp->cb.done)
825                                 cmdp->cb.done(ctx, cmdp, resp);
826                         free(cmdp->cb.data);
827                         free(cmdp->cmd);
828                         free(cmdp);
829                         if (!tcmd || tcmd == cmdp)
830                                 return resp;
831                 }
832         }
833         /* not reached */
834 }
835
836 static void imap_close_server(struct imap_store *ictx)
837 {
838         struct imap *imap = ictx->imap;
839
840         if (imap->buf.sock.fd[0] != -1) {
841                 imap_exec(ictx, NULL, "LOGOUT");
842                 socket_shutdown(&imap->buf.sock);
843         }
844         free(imap);
845 }
846
847 static void imap_close_store(struct imap_store *ctx)
848 {
849         imap_close_server(ctx);
850         free(ctx);
851 }
852
853 #ifndef NO_OPENSSL
854
855 /*
856  * hexchar() and cram() functions are based on the code from the isync
857  * project (http://isync.sf.net/).
858  */
859 static char hexchar(unsigned int b)
860 {
861         return b < 10 ? '0' + b : 'a' + (b - 10);
862 }
863
864 #define ENCODED_SIZE(n) (4 * DIV_ROUND_UP((n), 3))
865 static char *cram(const char *challenge_64, const char *user, const char *pass)
866 {
867         int i, resp_len, encoded_len, decoded_len;
868         unsigned char hash[16];
869         char hex[33];
870         char *response, *response_64, *challenge;
871
872         /*
873          * length of challenge_64 (i.e. base-64 encoded string) is a good
874          * enough upper bound for challenge (decoded result).
875          */
876         encoded_len = strlen(challenge_64);
877         challenge = xmalloc(encoded_len);
878         decoded_len = EVP_DecodeBlock((unsigned char *)challenge,
879                                       (unsigned char *)challenge_64, encoded_len);
880         if (decoded_len < 0)
881                 die("invalid challenge %s", challenge_64);
882         if (!HMAC(EVP_md5(), pass, strlen(pass), (unsigned char *)challenge, decoded_len, hash, NULL))
883                 die("HMAC error");
884
885         hex[32] = 0;
886         for (i = 0; i < 16; i++) {
887                 hex[2 * i] = hexchar((hash[i] >> 4) & 0xf);
888                 hex[2 * i + 1] = hexchar(hash[i] & 0xf);
889         }
890
891         /* response: "<user> <digest in hex>" */
892         response = xstrfmt("%s %s", user, hex);
893         resp_len = strlen(response);
894
895         response_64 = xmallocz(ENCODED_SIZE(resp_len));
896         encoded_len = EVP_EncodeBlock((unsigned char *)response_64,
897                                       (unsigned char *)response, resp_len);
898         if (encoded_len < 0)
899                 die("EVP_EncodeBlock error");
900         return (char *)response_64;
901 }
902
903 #else
904
905 static char *cram(const char *challenge_64, const char *user, const char *pass)
906 {
907         die("If you want to use CRAM-MD5 authenticate method, "
908             "you have to build git-imap-send with OpenSSL library.");
909 }
910
911 #endif
912
913 static int auth_cram_md5(struct imap_store *ctx, struct imap_cmd *cmd, const char *prompt)
914 {
915         int ret;
916         char *response;
917
918         response = cram(prompt, server.user, server.pass);
919
920         ret = socket_write(&ctx->imap->buf.sock, response, strlen(response));
921         if (ret != strlen(response))
922                 return error("IMAP error: sending response failed");
923
924         free(response);
925
926         return 0;
927 }
928
929 static void server_fill_credential(struct imap_server_conf *srvc, struct credential *cred)
930 {
931         if (srvc->user && srvc->pass)
932                 return;
933
934         cred->protocol = xstrdup(srvc->use_ssl ? "imaps" : "imap");
935         cred->host = xstrdup(srvc->host);
936
937         cred->username = xstrdup_or_null(srvc->user);
938         cred->password = xstrdup_or_null(srvc->pass);
939
940         credential_fill(cred);
941
942         if (!srvc->user)
943                 srvc->user = xstrdup(cred->username);
944         if (!srvc->pass)
945                 srvc->pass = xstrdup(cred->password);
946 }
947
948 static struct imap_store *imap_open_store(struct imap_server_conf *srvc, char *folder)
949 {
950         struct credential cred = CREDENTIAL_INIT;
951         struct imap_store *ctx;
952         struct imap *imap;
953         char *arg, *rsp;
954         int s = -1, preauth;
955
956         ctx = xcalloc(1, sizeof(*ctx));
957
958         ctx->imap = imap = xcalloc(1, sizeof(*imap));
959         imap->buf.sock.fd[0] = imap->buf.sock.fd[1] = -1;
960         imap->in_progress_append = &imap->in_progress;
961
962         /* open connection to IMAP server */
963
964         if (srvc->tunnel) {
965                 struct child_process tunnel = CHILD_PROCESS_INIT;
966
967                 imap_info("Starting tunnel '%s'... ", srvc->tunnel);
968
969                 argv_array_push(&tunnel.args, srvc->tunnel);
970                 tunnel.use_shell = 1;
971                 tunnel.in = -1;
972                 tunnel.out = -1;
973                 if (start_command(&tunnel))
974                         die("cannot start proxy %s", srvc->tunnel);
975
976                 imap->buf.sock.fd[0] = tunnel.out;
977                 imap->buf.sock.fd[1] = tunnel.in;
978
979                 imap_info("ok\n");
980         } else {
981 #ifndef NO_IPV6
982                 struct addrinfo hints, *ai0, *ai;
983                 int gai;
984                 char portstr[6];
985
986                 xsnprintf(portstr, sizeof(portstr), "%d", srvc->port);
987
988                 memset(&hints, 0, sizeof(hints));
989                 hints.ai_socktype = SOCK_STREAM;
990                 hints.ai_protocol = IPPROTO_TCP;
991
992                 imap_info("Resolving %s... ", srvc->host);
993                 gai = getaddrinfo(srvc->host, portstr, &hints, &ai);
994                 if (gai) {
995                         fprintf(stderr, "getaddrinfo: %s\n", gai_strerror(gai));
996                         goto bail;
997                 }
998                 imap_info("ok\n");
999
1000                 for (ai0 = ai; ai; ai = ai->ai_next) {
1001                         char addr[NI_MAXHOST];
1002
1003                         s = socket(ai->ai_family, ai->ai_socktype,
1004                                    ai->ai_protocol);
1005                         if (s < 0)
1006                                 continue;
1007
1008                         getnameinfo(ai->ai_addr, ai->ai_addrlen, addr,
1009                                     sizeof(addr), NULL, 0, NI_NUMERICHOST);
1010                         imap_info("Connecting to [%s]:%s... ", addr, portstr);
1011
1012                         if (connect(s, ai->ai_addr, ai->ai_addrlen) < 0) {
1013                                 close(s);
1014                                 s = -1;
1015                                 perror("connect");
1016                                 continue;
1017                         }
1018
1019                         break;
1020                 }
1021                 freeaddrinfo(ai0);
1022 #else /* NO_IPV6 */
1023                 struct hostent *he;
1024                 struct sockaddr_in addr;
1025
1026                 memset(&addr, 0, sizeof(addr));
1027                 addr.sin_port = htons(srvc->port);
1028                 addr.sin_family = AF_INET;
1029
1030                 imap_info("Resolving %s... ", srvc->host);
1031                 he = gethostbyname(srvc->host);
1032                 if (!he) {
1033                         perror("gethostbyname");
1034                         goto bail;
1035                 }
1036                 imap_info("ok\n");
1037
1038                 addr.sin_addr.s_addr = *((int *) he->h_addr_list[0]);
1039
1040                 s = socket(PF_INET, SOCK_STREAM, 0);
1041
1042                 imap_info("Connecting to %s:%hu... ", inet_ntoa(addr.sin_addr), ntohs(addr.sin_port));
1043                 if (connect(s, (struct sockaddr *)&addr, sizeof(addr))) {
1044                         close(s);
1045                         s = -1;
1046                         perror("connect");
1047                 }
1048 #endif
1049                 if (s < 0) {
1050                         fputs("Error: unable to connect to server.\n", stderr);
1051                         goto bail;
1052                 }
1053
1054                 imap->buf.sock.fd[0] = s;
1055                 imap->buf.sock.fd[1] = dup(s);
1056
1057                 if (srvc->use_ssl &&
1058                     ssl_socket_connect(&imap->buf.sock, 0, srvc->ssl_verify)) {
1059                         close(s);
1060                         goto bail;
1061                 }
1062                 imap_info("ok\n");
1063         }
1064
1065         /* read the greeting string */
1066         if (buffer_gets(&imap->buf, &rsp)) {
1067                 fprintf(stderr, "IMAP error: no greeting response\n");
1068                 goto bail;
1069         }
1070         arg = next_arg(&rsp);
1071         if (!arg || *arg != '*' || (arg = next_arg(&rsp)) == NULL) {
1072                 fprintf(stderr, "IMAP error: invalid greeting response\n");
1073                 goto bail;
1074         }
1075         preauth = 0;
1076         if (!strcmp("PREAUTH", arg))
1077                 preauth = 1;
1078         else if (strcmp("OK", arg) != 0) {
1079                 fprintf(stderr, "IMAP error: unknown greeting response\n");
1080                 goto bail;
1081         }
1082         parse_response_code(ctx, NULL, rsp);
1083         if (!imap->caps && imap_exec(ctx, NULL, "CAPABILITY") != RESP_OK)
1084                 goto bail;
1085
1086         if (!preauth) {
1087 #ifndef NO_OPENSSL
1088                 if (!srvc->use_ssl && CAP(STARTTLS)) {
1089                         if (imap_exec(ctx, NULL, "STARTTLS") != RESP_OK)
1090                                 goto bail;
1091                         if (ssl_socket_connect(&imap->buf.sock, 1,
1092                                                srvc->ssl_verify))
1093                                 goto bail;
1094                         /* capabilities may have changed, so get the new capabilities */
1095                         if (imap_exec(ctx, NULL, "CAPABILITY") != RESP_OK)
1096                                 goto bail;
1097                 }
1098 #endif
1099                 imap_info("Logging in...\n");
1100                 server_fill_credential(srvc, &cred);
1101
1102                 if (srvc->auth_method) {
1103                         struct imap_cmd_cb cb;
1104
1105                         if (!strcmp(srvc->auth_method, "CRAM-MD5")) {
1106                                 if (!CAP(AUTH_CRAM_MD5)) {
1107                                         fprintf(stderr, "You specified"
1108                                                 "CRAM-MD5 as authentication method, "
1109                                                 "but %s doesn't support it.\n", srvc->host);
1110                                         goto bail;
1111                                 }
1112                                 /* CRAM-MD5 */
1113
1114                                 memset(&cb, 0, sizeof(cb));
1115                                 cb.cont = auth_cram_md5;
1116                                 if (imap_exec(ctx, &cb, "AUTHENTICATE CRAM-MD5") != RESP_OK) {
1117                                         fprintf(stderr, "IMAP error: AUTHENTICATE CRAM-MD5 failed\n");
1118                                         goto bail;
1119                                 }
1120                         } else {
1121                                 fprintf(stderr, "Unknown authentication method:%s\n", srvc->host);
1122                                 goto bail;
1123                         }
1124                 } else {
1125                         if (CAP(NOLOGIN)) {
1126                                 fprintf(stderr, "Skipping account %s@%s, server forbids LOGIN\n",
1127                                         srvc->user, srvc->host);
1128                                 goto bail;
1129                         }
1130                         if (!imap->buf.sock.ssl)
1131                                 imap_warn("*** IMAP Warning *** Password is being "
1132                                           "sent in the clear\n");
1133                         if (imap_exec(ctx, NULL, "LOGIN \"%s\" \"%s\"", srvc->user, srvc->pass) != RESP_OK) {
1134                                 fprintf(stderr, "IMAP error: LOGIN failed\n");
1135                                 goto bail;
1136                         }
1137                 }
1138         } /* !preauth */
1139
1140         if (cred.username)
1141                 credential_approve(&cred);
1142         credential_clear(&cred);
1143
1144         /* check the target mailbox exists */
1145         ctx->name = folder;
1146         switch (imap_exec(ctx, NULL, "EXAMINE \"%s\"", ctx->name)) {
1147         case RESP_OK:
1148                 /* ok */
1149                 break;
1150         case RESP_BAD:
1151                 fprintf(stderr, "IMAP error: could not check mailbox\n");
1152                 goto out;
1153         case RESP_NO:
1154                 if (imap_exec(ctx, NULL, "CREATE \"%s\"", ctx->name) == RESP_OK) {
1155                         imap_info("Created missing mailbox\n");
1156                 } else {
1157                         fprintf(stderr, "IMAP error: could not create missing mailbox\n");
1158                         goto out;
1159                 }
1160                 break;
1161         }
1162
1163         ctx->prefix = "";
1164         return ctx;
1165
1166 bail:
1167         if (cred.username)
1168                 credential_reject(&cred);
1169         credential_clear(&cred);
1170
1171  out:
1172         imap_close_store(ctx);
1173         return NULL;
1174 }
1175
1176 /*
1177  * Insert CR characters as necessary in *msg to ensure that every LF
1178  * character in *msg is preceded by a CR.
1179  */
1180 static void lf_to_crlf(struct strbuf *msg)
1181 {
1182         char *new;
1183         size_t i, j;
1184         char lastc;
1185
1186         /* First pass: tally, in j, the size of the new string: */
1187         for (i = j = 0, lastc = '\0'; i < msg->len; i++) {
1188                 if (msg->buf[i] == '\n' && lastc != '\r')
1189                         j++; /* a CR will need to be added here */
1190                 lastc = msg->buf[i];
1191                 j++;
1192         }
1193
1194         new = xmallocz(j);
1195
1196         /*
1197          * Second pass: write the new string.  Note that this loop is
1198          * otherwise identical to the first pass.
1199          */
1200         for (i = j = 0, lastc = '\0'; i < msg->len; i++) {
1201                 if (msg->buf[i] == '\n' && lastc != '\r')
1202                         new[j++] = '\r';
1203                 lastc = new[j++] = msg->buf[i];
1204         }
1205         strbuf_attach(msg, new, j, j + 1);
1206 }
1207
1208 /*
1209  * Store msg to IMAP.  Also detach and free the data from msg->data,
1210  * leaving msg->data empty.
1211  */
1212 static int imap_store_msg(struct imap_store *ctx, struct strbuf *msg)
1213 {
1214         struct imap *imap = ctx->imap;
1215         struct imap_cmd_cb cb;
1216         const char *prefix, *box;
1217         int ret;
1218
1219         lf_to_crlf(msg);
1220         memset(&cb, 0, sizeof(cb));
1221
1222         cb.dlen = msg->len;
1223         cb.data = strbuf_detach(msg, NULL);
1224
1225         box = ctx->name;
1226         prefix = !strcmp(box, "INBOX") ? "" : ctx->prefix;
1227         ret = imap_exec_m(ctx, &cb, "APPEND \"%s%s\" ", prefix, box);
1228         imap->caps = imap->rcaps;
1229         if (ret != DRV_OK)
1230                 return ret;
1231
1232         return DRV_OK;
1233 }
1234
1235 static void wrap_in_html(struct strbuf *msg)
1236 {
1237         struct strbuf buf = STRBUF_INIT;
1238         static char *content_type = "Content-Type: text/html;\n";
1239         static char *pre_open = "<pre>\n";
1240         static char *pre_close = "</pre>\n";
1241         const char *body = strstr(msg->buf, "\n\n");
1242
1243         if (!body)
1244                 return; /* Headers but no body; no wrapping needed */
1245
1246         body += 2;
1247
1248         strbuf_add(&buf, msg->buf, body - msg->buf - 1);
1249         strbuf_addstr(&buf, content_type);
1250         strbuf_addch(&buf, '\n');
1251         strbuf_addstr(&buf, pre_open);
1252         strbuf_addstr_xml_quoted(&buf, body);
1253         strbuf_addstr(&buf, pre_close);
1254
1255         strbuf_release(msg);
1256         *msg = buf;
1257 }
1258
1259 #define CHUNKSIZE 0x1000
1260
1261 static int read_message(FILE *f, struct strbuf *all_msgs)
1262 {
1263         do {
1264                 if (strbuf_fread(all_msgs, CHUNKSIZE, f) <= 0)
1265                         break;
1266         } while (!feof(f));
1267
1268         return ferror(f) ? -1 : 0;
1269 }
1270
1271 static int count_messages(struct strbuf *all_msgs)
1272 {
1273         int count = 0;
1274         char *p = all_msgs->buf;
1275
1276         while (1) {
1277                 if (starts_with(p, "From ")) {
1278                         p = strstr(p+5, "\nFrom: ");
1279                         if (!p) break;
1280                         p = strstr(p+7, "\nDate: ");
1281                         if (!p) break;
1282                         p = strstr(p+7, "\nSubject: ");
1283                         if (!p) break;
1284                         p += 10;
1285                         count++;
1286                 }
1287                 p = strstr(p+5, "\nFrom ");
1288                 if (!p)
1289                         break;
1290                 p++;
1291         }
1292         return count;
1293 }
1294
1295 /*
1296  * Copy the next message from all_msgs, starting at offset *ofs, to
1297  * msg.  Update *ofs to the start of the following message.  Return
1298  * true iff a message was successfully copied.
1299  */
1300 static int split_msg(struct strbuf *all_msgs, struct strbuf *msg, int *ofs)
1301 {
1302         char *p, *data;
1303         size_t len;
1304
1305         if (*ofs >= all_msgs->len)
1306                 return 0;
1307
1308         data = &all_msgs->buf[*ofs];
1309         len = all_msgs->len - *ofs;
1310
1311         if (len < 5 || !starts_with(data, "From "))
1312                 return 0;
1313
1314         p = strchr(data, '\n');
1315         if (p) {
1316                 p++;
1317                 len -= p - data;
1318                 *ofs += p - data;
1319                 data = p;
1320         }
1321
1322         p = strstr(data, "\nFrom ");
1323         if (p)
1324                 len = &p[1] - data;
1325
1326         strbuf_add(msg, data, len);
1327         *ofs += len;
1328         return 1;
1329 }
1330
1331 static void git_imap_config(void)
1332 {
1333         const char *val = NULL;
1334
1335         git_config_get_bool("imap.sslverify", &server.ssl_verify);
1336         git_config_get_bool("imap.preformattedhtml", &server.use_html);
1337         git_config_get_string("imap.folder", &server.folder);
1338
1339         if (!git_config_get_value("imap.host", &val)) {
1340                 if (!val) {
1341                         git_die_config("imap.host", "Missing value for 'imap.host'");
1342                 } else {
1343                         if (starts_with(val, "imap:"))
1344                                 val += 5;
1345                         else if (starts_with(val, "imaps:")) {
1346                                 val += 6;
1347                                 server.use_ssl = 1;
1348                         }
1349                         if (starts_with(val, "//"))
1350                                 val += 2;
1351                         server.host = xstrdup(val);
1352                 }
1353         }
1354
1355         git_config_get_string("imap.user", &server.user);
1356         git_config_get_string("imap.pass", &server.pass);
1357         git_config_get_int("imap.port", &server.port);
1358         git_config_get_string("imap.tunnel", &server.tunnel);
1359         git_config_get_string("imap.authmethod", &server.auth_method);
1360 }
1361
1362 static int append_msgs_to_imap(struct imap_server_conf *server,
1363                                struct strbuf* all_msgs, int total)
1364 {
1365         struct strbuf msg = STRBUF_INIT;
1366         struct imap_store *ctx = NULL;
1367         int ofs = 0;
1368         int r;
1369         int n = 0;
1370
1371         ctx = imap_open_store(server, server->folder);
1372         if (!ctx) {
1373                 fprintf(stderr, "failed to open store\n");
1374                 return 1;
1375         }
1376         ctx->name = server->folder;
1377
1378         fprintf(stderr, "sending %d message%s\n", total, (total != 1) ? "s" : "");
1379         while (1) {
1380                 unsigned percent = n * 100 / total;
1381
1382                 fprintf(stderr, "%4u%% (%d/%d) done\r", percent, n, total);
1383
1384                 if (!split_msg(all_msgs, &msg, &ofs))
1385                         break;
1386                 if (server->use_html)
1387                         wrap_in_html(&msg);
1388                 r = imap_store_msg(ctx, &msg);
1389                 if (r != DRV_OK)
1390                         break;
1391                 n++;
1392         }
1393         fprintf(stderr, "\n");
1394
1395         imap_close_store(ctx);
1396
1397         return 0;
1398 }
1399
1400 #ifdef USE_CURL_FOR_IMAP_SEND
1401 static CURL *setup_curl(struct imap_server_conf *srvc, struct credential *cred)
1402 {
1403         CURL *curl;
1404         struct strbuf path = STRBUF_INIT;
1405
1406         if (curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK)
1407                 die("curl_global_init failed");
1408
1409         curl = curl_easy_init();
1410
1411         if (!curl)
1412                 die("curl_easy_init failed");
1413
1414         server_fill_credential(&server, cred);
1415         curl_easy_setopt(curl, CURLOPT_USERNAME, server.user);
1416         curl_easy_setopt(curl, CURLOPT_PASSWORD, server.pass);
1417
1418         strbuf_addstr(&path, server.use_ssl ? "imaps://" : "imap://");
1419         strbuf_addstr(&path, server.host);
1420         if (!path.len || path.buf[path.len - 1] != '/')
1421                 strbuf_addch(&path, '/');
1422         strbuf_addstr(&path, server.folder);
1423
1424         curl_easy_setopt(curl, CURLOPT_URL, path.buf);
1425         strbuf_release(&path);
1426         curl_easy_setopt(curl, CURLOPT_PORT, server.port);
1427
1428         if (server.auth_method) {
1429 #if LIBCURL_VERSION_NUM < 0x072200
1430                 warning("No LOGIN_OPTIONS support in this cURL version");
1431 #else
1432                 struct strbuf auth = STRBUF_INIT;
1433                 strbuf_addstr(&auth, "AUTH=");
1434                 strbuf_addstr(&auth, server.auth_method);
1435                 curl_easy_setopt(curl, CURLOPT_LOGIN_OPTIONS, auth.buf);
1436                 strbuf_release(&auth);
1437 #endif
1438         }
1439
1440         if (!server.use_ssl)
1441                 curl_easy_setopt(curl, CURLOPT_USE_SSL, (long)CURLUSESSL_TRY);
1442
1443         curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, server.ssl_verify);
1444         curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, server.ssl_verify);
1445
1446         curl_easy_setopt(curl, CURLOPT_READFUNCTION, fread_buffer);
1447
1448         curl_easy_setopt(curl, CURLOPT_UPLOAD, 1L);
1449
1450         if (0 < verbosity || getenv("GIT_CURL_VERBOSE"))
1451                 curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
1452         setup_curl_trace(curl);
1453
1454         return curl;
1455 }
1456
1457 static int curl_append_msgs_to_imap(struct imap_server_conf *server,
1458                                     struct strbuf* all_msgs, int total) {
1459         int ofs = 0;
1460         int n = 0;
1461         struct buffer msgbuf = { STRBUF_INIT, 0 };
1462         CURL *curl;
1463         CURLcode res = CURLE_OK;
1464         struct credential cred = CREDENTIAL_INIT;
1465
1466         curl = setup_curl(server, &cred);
1467         curl_easy_setopt(curl, CURLOPT_READDATA, &msgbuf);
1468
1469         fprintf(stderr, "sending %d message%s\n", total, (total != 1) ? "s" : "");
1470         while (1) {
1471                 unsigned percent = n * 100 / total;
1472                 int prev_len;
1473
1474                 fprintf(stderr, "%4u%% (%d/%d) done\r", percent, n, total);
1475
1476                 prev_len = msgbuf.buf.len;
1477                 if (!split_msg(all_msgs, &msgbuf.buf, &ofs))
1478                         break;
1479                 if (server->use_html)
1480                         wrap_in_html(&msgbuf.buf);
1481                 lf_to_crlf(&msgbuf.buf);
1482
1483                 curl_easy_setopt(curl, CURLOPT_INFILESIZE_LARGE,
1484                                  (curl_off_t)(msgbuf.buf.len-prev_len));
1485
1486                 res = curl_easy_perform(curl);
1487
1488                 if(res != CURLE_OK) {
1489                         fprintf(stderr, "curl_easy_perform() failed: %s\n",
1490                                         curl_easy_strerror(res));
1491                         break;
1492                 }
1493
1494                 n++;
1495         }
1496         fprintf(stderr, "\n");
1497
1498         curl_easy_cleanup(curl);
1499         curl_global_cleanup();
1500
1501         if (cred.username) {
1502                 if (res == CURLE_OK)
1503                         credential_approve(&cred);
1504 #if LIBCURL_VERSION_NUM >= 0x070d01
1505                 else if (res == CURLE_LOGIN_DENIED)
1506 #else
1507                 else
1508 #endif
1509                         credential_reject(&cred);
1510         }
1511
1512         credential_clear(&cred);
1513
1514         return res != CURLE_OK;
1515 }
1516 #endif
1517
1518 int cmd_main(int argc, const char **argv)
1519 {
1520         struct strbuf all_msgs = STRBUF_INIT;
1521         int total;
1522         int nongit_ok;
1523
1524         setup_git_directory_gently(&nongit_ok);
1525         git_imap_config();
1526
1527         argc = parse_options(argc, (const char **)argv, "", imap_send_options, imap_send_usage, 0);
1528
1529         if (argc)
1530                 usage_with_options(imap_send_usage, imap_send_options);
1531
1532 #ifndef USE_CURL_FOR_IMAP_SEND
1533         if (use_curl) {
1534                 warning("--curl not supported in this build");
1535                 use_curl = 0;
1536         }
1537 #elif defined(NO_OPENSSL)
1538         if (!use_curl) {
1539                 warning("--no-curl not supported in this build");
1540                 use_curl = 1;
1541         }
1542 #endif
1543
1544         if (!server.port)
1545                 server.port = server.use_ssl ? 993 : 143;
1546
1547         if (!server.folder) {
1548                 fprintf(stderr, "no imap store specified\n");
1549                 return 1;
1550         }
1551         if (!server.host) {
1552                 if (!server.tunnel) {
1553                         fprintf(stderr, "no imap host specified\n");
1554                         return 1;
1555                 }
1556                 server.host = "tunnel";
1557         }
1558
1559         /* read the messages */
1560         if (read_message(stdin, &all_msgs)) {
1561                 fprintf(stderr, "error reading input\n");
1562                 return 1;
1563         }
1564
1565         if (all_msgs.len == 0) {
1566                 fprintf(stderr, "nothing to send\n");
1567                 return 1;
1568         }
1569
1570         total = count_messages(&all_msgs);
1571         if (!total) {
1572                 fprintf(stderr, "no messages to send\n");
1573                 return 1;
1574         }
1575
1576         /* write it to the imap server */
1577
1578         if (server.tunnel)
1579                 return append_msgs_to_imap(&server, &all_msgs, total);
1580
1581 #ifdef USE_CURL_FOR_IMAP_SEND
1582         if (use_curl)
1583                 return curl_append_msgs_to_imap(&server, &all_msgs, total);
1584 #endif
1585
1586         return append_msgs_to_imap(&server, &all_msgs, total);
1587 }