Commit Graph

268 Commits

Author SHA1 Message Date
Jaroslav Suchanek
07cb422cbb Add support for specifying cipher string used for ssl connection
Some distributions (e.g. Fedora) added support for system wide crypto
policies. This is supported in most common crypto libraries including
OpenSSL. Applications can override this policy using their own cipher
string. This commit adds support for specifying the cipher string in
the mbsync configuration.

For example, to exclude Diffie-Hellman, the user can specify
  CipherString "DEFAULT:!DH"
in the IMAP Account's configuration.
2020-08-04 14:49:58 +02:00
Oswald Buddenhagen
e7bc402d09 rename socket_expect_read() => socket_expect_activity()
... to better reflect its (mostly new) function.
2020-08-04 14:49:58 +02:00
Oswald Buddenhagen
2f3cb5f481 fix signedness issues surrounding UIDs
amends bb632d1c.
2020-08-04 14:49:57 +02:00
Oswald Buddenhagen
27a1935361 fix strftime() format string warning properly
the workaround for -Wformat triggered -Wformat-nonliteral in turn.
so instead go back to using pragmas and add a proper gcc version check.

this also works with clang - mostly for qt-creator's code model, which
is clang-based.

amends/reverts 55e65147.
2020-08-04 14:49:57 +02:00
Oswald Buddenhagen
5fee222f84 Merge branch '1.3' 2020-08-04 14:49:27 +02:00
Oswald Buddenhagen
542e38dd49 fix re-using server connections for new stores
we failed to reset the box list pointer after freeing it, which would
lead to a crash.
we also failed to reset the listing status, which would lead to
malfunction if we hadn't already crashed.

this inlines imap_cleanup_store(), as there isn't much value in keeping
it. the message list is already freed when disowning the store anyway.
2020-08-04 14:42:42 +02:00
Oswald Buddenhagen
3651c30296 increase PassCmd output buffer even more
apparently, some XOAUTH2 tokens are at 2.4K already, so make it 8K to be
*really* safe for a while.

REFMAIL: <20200716000515.GA2111668@lysator.liu.se>
2020-08-04 14:33:00 +02:00
Oswald Buddenhagen
cab14608ca Merge branch '1.3' 2020-07-08 12:51:20 +02:00
Oswald Buddenhagen
04fc586e75 handle case-insensitivity of IMAP's INBOX
this is relevant only when listing an IMAP Store's contents, as that's
the only place where we aren't imposing the spelling ourselves.

we need to be careful not to treat our own canonical (prefix-stripped
and always slash-delimited) box names like that; codify that in
comments.

this reveals that commit 6f2160f1 may be deemed to have been incorrect -
the TODO item was ambiguous, and could quite possibly have meant this
fix. unsurprisingly, 380ccdd4 re-introduced it with more explicit
wording.
2020-07-08 11:14:02 +02:00
Oswald Buddenhagen
94022a6752 catch server's failure to FETCH *
the query is untypical enough to have caused problems with davmail (when
we still used *:*) and mailo.com (until it got fixed), so better check
that the result (not) returned by the server makes sense.
2020-07-08 11:14:02 +02:00
Oswald Buddenhagen
93fb3c29c6 fix UIDNEXT error message 2020-07-08 10:50:36 +02:00
Oswald Buddenhagen
e565d08246 don't try to propagate flags the target store does not support
$Forwarded is not standard, so it will most likely fail with mailboxes
that do not support keywords.

amends c4d7f018.
2020-01-08 18:22:48 +01:00
Oswald Buddenhagen
462fed556a Merge branch '1.3' 2019-10-03 20:17:54 +02:00
Dmitry Torokhov
bf14798700 Bump up PassCmd buffer size to 2KiB
While ordinary passwords are rarely longer than 80 bytes, XOAUTH2 tokens
easily exceed this limit. Let's bump it up to 2K to be really safe.
2019-07-19 12:58:04 +02:00
Oswald Buddenhagen
fbc432aace fix parsing of NIL hierarchy delimiters in IMAP LIST responses
a server which does not support hierarchical mailboxes (e.g., seznam.cz
as of oct 2018) can legitimately send NIL (rather than an empty string).
2019-05-28 17:27:09 +02:00
Oswald Buddenhagen
702b6ec4a1 fix spacing in "SASL mechanism(s) not available" error message
amends fdb03b91.
2019-03-10 11:30:05 +01:00
Klemens Nanni
d61f462039 Fix CopyArrivalDate on platforms without glibc
strptime(3)'s "%d" day of the month conversion specifier does not accept
leading blanks in case of single digit numbers.  "%e" does that.

While implementation details and differences between the two
day-of-month conversion specifiers vary, none of the major libcs
(incl. OpenBSD, FreeBSD, Illumos, musl) consume a leading blank for "%d"
except glibc, which consumes any number of spaces like in the "%e" case.

Using "%e" ensures that date strings like " 4-Mar-2018 16:49:25 -0500"
are successfully parsed by all major implementations in compliance to
X/Open Portability Guide Issue 4, Version 2 ("XPG4.2").  musl is now the
only one that still treats "%d" and "%e" without stripping any space.

Issue analysed and reported by Evan Silberman <evan@jklol.net> who found
mbsync 1.3.0 on OpenBSD 6.4 to fail with `CopyArrivalDate' set when
syncing mails with the above mentioned timestamp.

See https://marc.info/?l=openbsd-tech&m=155044284526535 for details.
2019-02-20 23:02:02 +01:00
Gergely Risko
a8f6eebdd9 Work around useless SASL warnings
Ater sasl_client_step() is called and the Cyrus SASL library forwards
it to the client plugin, if the result value is OK (authentication
succeeded), the clientout is filled out to be an empty string, even if
the client plugin wanted to return NULL.

To avoid that mbsync complains at this point, check the returned length
instead of the pointer.
2019-02-05 11:29:13 +01:00
Oswald Buddenhagen
95d18e2778 Merge branch '1.3' 2018-11-27 00:51:03 +01:00
Oswald Buddenhagen
acfa3a2bbc sort messages from UID FETCH request
turns out that some IMAP servers (e.g., poczta.o2.pl) do not return
messages in ascending UID order in response to a UID FETCH request,
which makes the driver violate the API contract.

counter this by sorting the messages. this also addresses the
long-standing (but hypothetical) issue that parallel UID FETCH requests
could be handled out-of-order and thus also lead to mixed up results.

based on patch by Marcin Niestroj <macius1990w@gmail.com>.
2018-11-24 14:36:31 +01:00
Oswald Buddenhagen
f7cec3064d bump IMAP command buffer size to 4KiB
while only 1KiB is required by the IMAP spec, AUTHENTICATE GSSAPI with
Kerberos requires about 1700 bytes.
accomodate that, plus some reserve.

fix suggested by Tollef Fog Heen <tfheen@err.no> via Debian BTS.
2018-09-09 13:43:53 +02:00
Oswald Buddenhagen
37feeddbfb Merge branch '1.3' 2018-07-01 13:26:10 +02:00
Oswald Buddenhagen
f698f16967 fix type of 'port' and check its range in config reader 2018-07-01 13:25:16 +02:00
Michael J Gruber
c4d7f0189c implement Forwarded flag
maildir supports a 'P' flag which denotes the fact that a message has
been 'passed' on (forwarded, bounced). notmuch syncs this to the
'passed' tag.

Per https://tools.ietf.org/html/rfc5788, IMAP has a user-defined flag
(keyword) '$Forwarded' that is supported by many servers and clients
these days. (Technically, one should check for '$Forwarded' in the
server response.)

Restructure mbsync's flag parser to accept keywords (flags starting with
'$') but still bail out on unknown system flags (flags starting with '\').
Support '$Forwarded' as a first keyword since it maps to maildir's 'P'
and needs to be sorted in between the system flags.

Signed-off-by: Michael J Gruber <github@grubix.eu>
2018-07-01 12:36:28 +02:00
Michael J Gruber
e71f0ccc2a mark MAILBOX_DRIVER_FLAG locations in code
Mailbox driver flags are defined in several places. It is essential that
they are kept in sync, so mark them with the same string for easy
grepping with an alerting boiler plate.

Signed-off-by: Michael J Gruber <github@grubix.eu>
2018-07-01 12:30:59 +02:00
Oswald Buddenhagen
f82c172d2b fix IMAP UID sequence also in imap_find_new_msgs()
use just * instead of the rather nonsensical *:* (which davmail happens
to actually barf at).

amends 72be55b0 (and 0a5a8479).
2018-07-01 11:05:21 +02:00
Oswald Buddenhagen
0a5a847932 fix IMAP UID sequence in UIDNEXT determination fallback
use just * instead of the rather nonsensical *:* (which davmail happens
to actually barf at).

amends 72be55b0.
2017-11-18 09:59:34 +01:00
Oswald Buddenhagen
53e8e79488 remove pointless conditional in assignment of ctx->delimiter
amends 72c2d695a.
2017-10-15 16:52:59 +02:00
Oswald Buddenhagen
3a2e6b3793 prune SSL 2 support
OpenSSL actually did that a while ago already, so this was dead code.
2017-10-01 10:42:00 +02:00
Oswald Buddenhagen
1b354fa61a Merge branch '1.2'
Conflicts:
	Makefile.am
	configure.ac
	debian/.gitignore
2017-10-01 10:38:43 +02:00
Alessandro Ghedini
a9feea71fe Fix spelling of error messages 2017-10-01 10:04:31 +02:00
Oswald Buddenhagen
47bdbb4aab enable TLS 1.1 and 1.2 by default
there is no reason not to, and debian even disabled 1.0 globally,
because it's (theoretically) too insecure in some contexts (BEAST
attack).

in the compat wrapper, the UseTLSv1 option has been re-interpreted as
v1.x, to avoid adding new options.
2017-08-19 13:15:19 +02:00
Oswald Buddenhagen
bb632d1cd0 make UIDs unsigned
complies with the IMAP spec, thus removing the (not really) arbitrary
limitation to INT_MAX for UIDs.
2017-04-22 11:26:12 +02:00
Oswald Buddenhagen
bd5fb6fff3 move away from magic UIDs in the sync state
the only legitimate "deviant" UID is zero, meaning "no message". this
can be futher qualified by additional flags in the sync record, rather
than using magic values for the UID. in fact, the zero UID (so far
meaning only "expunged") was already optionally qualifed with "expired".

as a side effect, driver->store_msg() now returns 0 instead of -2 for
unknown UIDs. this was a hack to avoid translating the value later
on, but it made the api horrible, and now it's superflous in the first
place.
2017-04-22 11:26:12 +02:00
Oswald Buddenhagen
4cc5ad5a1a introduce driver call debugging
do that by wrapping the actual stores into proxies.

the proxy driver's code is auto-generated from function templates, some
parameters, and the declarations of the driver functions themselves.
attempts to do it with CPP macros turned out to be a nightmare.
2017-04-22 11:26:11 +02:00
Oswald Buddenhagen
bbe4567bce let driver_t::openbox_box() return the UID validity
... and make 'uidvalidity' private to the drivers.
2017-04-02 17:12:50 +02:00
Oswald Buddenhagen
8d4918affd introduce get_uidnext() driver callback
... and make 'uidnext' private to the imap driver.
2017-04-02 17:12:50 +02:00
Oswald Buddenhagen
683e581340 let driver_t::find_new_msgs() return the list of messages
consistently with driver_t::load_box().
2017-04-02 17:12:50 +02:00
Oswald Buddenhagen
74e9368121 let driver_t::load_box() return the list of messages
... and make 'msgs', 'count', and 'recent' private to the drivers.
2017-04-02 17:12:50 +02:00
Oswald Buddenhagen
6e32b88f3d let driver_t::list_store() return the list of boxes
... and make 'boxes' and 'listed' private to the drivers.
2017-04-02 17:12:50 +02:00
Oswald Buddenhagen
8b7d3792e4 factor out transform_refcounted_msg_response()
the missing cross of transform_refcounted_box_response() and
transform_msg_response().
2017-04-02 17:12:50 +02:00
Oswald Buddenhagen
39247197f9 make struct imap_cmd_refcounted_state "abstract"
take the callback out of it, so it can be individualized.
so far, this only increases code size ...
2017-04-02 17:12:50 +02:00
Oswald Buddenhagen
c886f71054 make driver_t::prepare_load_box() return the final options
... and make 'opts' private to the drivers.
2017-04-02 17:12:50 +02:00
Oswald Buddenhagen
83ebe9022d introduce get_box_path() driver callback
... and make 'path' private to the maildir driver.
2017-04-02 17:12:50 +02:00
Oswald Buddenhagen
d624c9af5d make set_bad_callback() a proper driver_t entry
... and make the pointers private to the drivers.
2017-04-02 17:12:50 +02:00
Oswald Buddenhagen
f46cf8c887 provide a proper getter callback for driver capabilities
that way driver_t contains only callbacks.
2017-04-02 17:12:50 +02:00
Oswald Buddenhagen
d54809e268 prepend "get_" to getters in driver_t
this makes it callbacks consistently start with a verb.
2017-04-02 17:12:50 +02:00
Oswald Buddenhagen
72be55b0e3 add fallbacks for determining UIDNEXT
if the server sends no UIDNEXT, do an initial FETCH to query the UID of
the last message.

same if the server sends no APPENDUID.

this allows us to remove the arbitrary limitation of the UID range to
INT_MAX, at the cost of additional round-trips.
2017-04-02 17:12:50 +02:00
Oswald Buddenhagen
416ced25dd fix repeated listing of same Store with different flags
multiple Channels can call driver_t::list_store() with different LIST_*
flags. assuming the flags are actually taken into consideration, using a
single boolean 'listed' flag to track whether the Store still needs to
be listed obviously wouldn't cut it - if INBOX does not live right under
Path and the Channels used entirely disjoint Patterns (say, * and
INBOX*), the second Channel in a single run (probably a Group) would
fail to match anything.

to fix this, make store_t::listed more granular. this also requires
moving its handling back into the drivers (thus reverting c66afdc0),
because the actually performed queries and their possible implicit
results are driver-specific.

note that this slightly pessimizes some cases - e.g., an IMAP Store with
Path "" will now list the entire namespace even if there is only one
Channel with Pattern "INBOX*" (because a hypothetical Pattern "*" would
also include INBOX*, and the queries are kept disjoint to avoid the need
for de-duplication). this isn't expected to be a problem, as listing
mailboxes is generally cheap.
2017-04-02 17:12:50 +02:00
Oswald Buddenhagen
28d52b2b18 de-obfuscate cmd_sendable()
split the monster conditional and add comments.
2017-04-02 17:12:50 +02:00