X-Git-Url: https://diplodocus.org/git/nmh/blobdiff_plain/2d5d9e243c91784909b11948894e3ba0989107c0..e6c91771:/sbr/oauth.c?ds=sidebyside diff --git a/sbr/oauth.c b/sbr/oauth.c index 22e69874..76ff8794 100755 --- a/sbr/oauth.c +++ b/sbr/oauth.c @@ -1,4 +1,5 @@ -/* +/* oauth.c -- OAuth 2.0 implementation for XOAUTH2 in SMTP and POP3. + * * This code is Copyright (c) 2014, by the authors of nmh. See the * COPYRIGHT file in the root directory of the nmh distribution for * complete copyright information. @@ -23,6 +24,7 @@ #include #include +#include "lock_file.h" #define JSON_TYPE "application/json" @@ -142,7 +144,7 @@ mh_oauth_do_xoauth(const char *user, const char *svc, unsigned char **oauth_res, if (log != NULL) mh_oauth_log_to(stderr, ctx); - fn = getcpy(mh_oauth_cred_fn(svc)); + fn = mh_xstrdup(mh_oauth_cred_fn(svc)); fp = lkfopendata(fn, "r+", &failed_to_lock); if (fp == NULL) { if (errno == ENOENT) { @@ -166,7 +168,7 @@ mh_oauth_do_xoauth(const char *user, const char *svc, unsigned char **oauth_res, if (mh_oauth_get_err_code(ctx) == MH_OAUTH_BAD_GRANT) { adios(NULL, "credentials rejected -- run mhlogin -saslmech xoauth2 -authservice %s", svc); } - advise(NULL, "error refreshing OAuth2 token"); + inform("error refreshing OAuth2 token"); adios(NULL, mh_oauth_get_err_string(ctx)); } @@ -182,7 +184,7 @@ mh_oauth_do_xoauth(const char *user, const char *svc, unsigned char **oauth_res, free(fn); /* XXX writeBase64raw modifies the source buffer! make a copy */ - client_res = getcpy(mh_oauth_sasl_client_response(oauth_res_len, user, + client_res = mh_xstrdup(mh_oauth_sasl_client_response(oauth_res_len, user, cred)); mh_oauth_cred_free(cred); mh_oauth_free(ctx); @@ -196,7 +198,7 @@ static boolean is_json(const char *content_type) { return content_type != NULL - && strncasecmp(content_type, JSON_TYPE, sizeof JSON_TYPE - 1) == 0; + && strncasecmp(content_type, JSON_TYPE, LEN(JSON_TYPE)) == 0; } static void @@ -239,17 +241,10 @@ set_err_http(mh_oauth_ctx *ctx, const struct curl_ctx *curl_ctx) } static char * -make_user_agent() +make_user_agent(void) { const char *curl = curl_version_info(CURLVERSION_NOW)->version; - char *s = mh_xmalloc(strlen(user_agent) - + 1 - + sizeof "libcurl" - + 1 - + strlen(curl) - + 1); - sprintf(s, "%s libcurl/%s", user_agent, curl); - return s; + return concat(user_agent, " libcurl/", curl, NULL); } boolean @@ -330,7 +325,6 @@ mh_oauth_get_err_code(const mh_oauth_ctx *ctx) const char * mh_oauth_get_err_string(mh_oauth_ctx *ctx) { - char *result; const char *base; free(ctx->err_formatted); @@ -374,12 +368,11 @@ mh_oauth_get_err_string(mh_oauth_ctx *ctx) base = "unknown error"; } if (ctx->err_details == NULL) { - return ctx->err_formatted = getcpy(base); + return ctx->err_formatted = mh_xstrdup(base); } - /* length of the two strings plus ": " and '\0' */ - result = mh_xmalloc(strlen(base) + strlen(ctx->err_details) + 3); - sprintf(result, "%s: %s", base, ctx->err_details); - return ctx->err_formatted = result; + + ctx->err_formatted = concat(base, ": ", ctx->err_details, NULL); + return ctx->err_formatted; } const char * @@ -637,17 +630,17 @@ load_creds(struct user_creds **result, FILE *fp, mh_oauth_ctx *ctx) case FLDPLUS: { char **save, *expire; time_t *expires_at = NULL; - if (strncmp(name, "access-", 7) == 0) { + if (has_prefix(name, "access-")) { const char *user = name + 7; mh_oauth_cred *creds = find_or_alloc_user_creds(user_creds, user); save = &creds->access_token; - } else if (strncmp(name, "refresh-", 8) == 0) { + } else if (has_prefix(name, "refresh-")) { const char *user = name + 8; mh_oauth_cred *creds = find_or_alloc_user_creds(user_creds, user); save = &creds->refresh_token; - } else if (strncmp(name, "expire-", 7) == 0) { + } else if (has_prefix(name, "expire-")) { const char *user = name + 7; mh_oauth_cred *creds = find_or_alloc_user_creds(user_creds, user); @@ -817,17 +810,13 @@ const char * mh_oauth_sasl_client_response(size_t *res_len, const char *user, const mh_oauth_cred *cred) { - size_t len = sizeof "user=" - 1 - + strlen(user) - + sizeof "\1auth=Bearer " - 1 - + strlen(cred->access_token) - + sizeof "\1\1" - 1; - free(cred->ctx->sasl_client_res); - cred->ctx->sasl_client_res = mh_xmalloc(len + 1); - *res_len = len; - sprintf(cred->ctx->sasl_client_res, "user=%s\1auth=Bearer %s\1\1", - user, cred->access_token); - return cred->ctx->sasl_client_res; + char **p; + + p = &cred->ctx->sasl_client_res; + free(*p); + *p = concat("user=", user, "\1auth=Bearer ", cred->access_token, "\1\1", NULL); + *res_len = strlen(*p); + return *p; } /******************************************************************************* @@ -853,7 +842,10 @@ make_query_url(char *s, size_t size, CURL *curl, const char *base_url, ...) len = 0; prefix = ""; } else { - len = sprintf(s, "%s", base_url); + len = strlen(base_url); + if (len > size - 1) /* Less one for NUL. */ + return FALSE; + strcpy(s, base_url); prefix = "?"; } @@ -887,7 +879,7 @@ make_query_url(char *s, size_t size, CURL *curl, const char *base_url, ...) } static int -debug_callback(const CURL *handle, curl_infotype type, const char *data, +debug_callback(CURL *handle, curl_infotype type, char *data, size_t size, void *userptr) { FILE *fp = userptr; @@ -907,7 +899,7 @@ debug_callback(const CURL *handle, curl_infotype type, const char *data, } fwrite(data, 1, size, fp); if (data[size - 1] != '\n') { - fputs("\n", fp); + putc('\n', fp); } fflush(fp); return 0; @@ -959,7 +951,7 @@ post(struct curl_ctx *ctx, const char *url, const char *req_body) curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_callback); curl_easy_setopt(curl, CURLOPT_WRITEDATA, ctx); - if (strncmp(url, "http://127.0.0.1:", 17) == 0) { + if (has_prefix(url, "http://127.0.0.1:")) { /* Hack: on Cygwin, curl doesn't fail to connect with ECONNREFUSED. Instead, it waits to timeout. So set a really short timeout, but just on localhost (for convenience of the user, and the test