X-Git-Url: https://diplodocus.org/git/nmh/blobdiff_plain/dad91212b8df0f772eda9037ed86cbd137cf1a7d..c3238c0e:/sbr/oauth.c?ds=sidebyside

diff --git a/sbr/oauth.c b/sbr/oauth.c
index f195e6fe..741cacb0 100755
--- a/sbr/oauth.c
+++ b/sbr/oauth.c
@@ -1,4 +1,5 @@
-/*
+/* oauth.c -- OAuth 2.0 implementation for XOAUTH2 in SMTP and POP3.
+ *
  * This code is Copyright (c) 2014, by the authors of nmh.  See the
  * COPYRIGHT file in the root directory of the nmh distribution for
  * complete copyright information.
@@ -142,7 +143,7 @@ mh_oauth_do_xoauth(const char *user, const char *svc, unsigned char **oauth_res,
 
     if (log != NULL) mh_oauth_log_to(stderr, ctx);
 
-    fn = getcpy(mh_oauth_cred_fn(svc));
+    fn = mh_xstrdup(mh_oauth_cred_fn(svc));
     fp = lkfopendata(fn, "r+", &failed_to_lock);
     if (fp == NULL) {
         if (errno == ENOENT) {
@@ -166,7 +167,7 @@ mh_oauth_do_xoauth(const char *user, const char *svc, unsigned char **oauth_res,
             if (mh_oauth_get_err_code(ctx) == MH_OAUTH_BAD_GRANT) {
                 adios(NULL, "credentials rejected -- run mhlogin -saslmech xoauth2 -authservice %s", svc);
             }
-            advise(NULL, "error refreshing OAuth2 token");
+            inform("error refreshing OAuth2 token");
             adios(NULL, mh_oauth_get_err_string(ctx));
         }
 
@@ -182,7 +183,7 @@ mh_oauth_do_xoauth(const char *user, const char *svc, unsigned char **oauth_res,
     free(fn);
 
     /* XXX writeBase64raw modifies the source buffer!  make a copy */
-    client_res = getcpy(mh_oauth_sasl_client_response(oauth_res_len, user,
+    client_res = mh_xstrdup(mh_oauth_sasl_client_response(oauth_res_len, user,
                                                       cred));
     mh_oauth_cred_free(cred);
     mh_oauth_free(ctx);
@@ -196,7 +197,7 @@ static boolean
 is_json(const char *content_type)
 {
     return content_type != NULL
-        && strncasecmp(content_type, JSON_TYPE, sizeof JSON_TYPE - 1) == 0;
+        && strncasecmp(content_type, JSON_TYPE, LEN(JSON_TYPE)) == 0;
 }
 
 static void
@@ -366,7 +367,7 @@ mh_oauth_get_err_string(mh_oauth_ctx *ctx)
         base = "unknown error";
     }
     if (ctx->err_details == NULL) {
-        return ctx->err_formatted = getcpy(base);
+        return ctx->err_formatted = mh_xstrdup(base);
     }
 
     ctx->err_formatted = concat(base, ": ", ctx->err_details, NULL);
@@ -628,17 +629,17 @@ load_creds(struct user_creds **result, FILE *fp, mh_oauth_ctx *ctx)
         case FLDPLUS: {
             char **save, *expire;
             time_t *expires_at = NULL;
-            if (strncmp(name, "access-", 7) == 0) {
+            if (has_prefix(name, "access-")) {
                 const char *user = name + 7;
                 mh_oauth_cred *creds = find_or_alloc_user_creds(user_creds,
                                                                 user);
                 save = &creds->access_token;
-            } else if (strncmp(name, "refresh-", 8) == 0) {
+            } else if (has_prefix(name, "refresh-")) {
                 const char *user = name + 8;
                 mh_oauth_cred *creds = find_or_alloc_user_creds(user_creds,
                                                                 user);
                 save = &creds->refresh_token;
-            } else if (strncmp(name, "expire-", 7) == 0) {
+            } else if (has_prefix(name, "expire-")) {
                 const char *user = name + 7;
                 mh_oauth_cred *creds = find_or_alloc_user_creds(user_creds,
                                                                 user);
@@ -840,7 +841,10 @@ make_query_url(char *s, size_t size, CURL *curl, const char *base_url, ...)
         len = 0;
         prefix = "";
     } else {
-        len = sprintf(s, "%s", base_url);
+        len = strlen(base_url);
+        if (len > size - 1) /* Less one for NUL. */
+            return FALSE;
+        strcpy(s, base_url);
         prefix = "?";
     }
 
@@ -874,7 +878,7 @@ make_query_url(char *s, size_t size, CURL *curl, const char *base_url, ...)
 }
 
 static int
-debug_callback(const CURL *handle, curl_infotype type, const char *data,
+debug_callback(CURL *handle, curl_infotype type, char *data,
                size_t size, void *userptr)
 {
     FILE *fp = userptr;
@@ -894,7 +898,7 @@ debug_callback(const CURL *handle, curl_infotype type, const char *data,
     }
     fwrite(data, 1, size, fp);
     if (data[size - 1] != '\n') {
-        fputs("\n", fp);
+        putc('\n', fp);
     }
     fflush(fp);
     return 0;
@@ -946,7 +950,7 @@ post(struct curl_ctx *ctx, const char *url, const char *req_body)
     curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_callback);
     curl_easy_setopt(curl, CURLOPT_WRITEDATA, ctx);
 
-    if (strncmp(url, "http://127.0.0.1:", 17) == 0) {
+    if (has_prefix(url, "http://127.0.0.1:")) {
         /* Hack:  on Cygwin, curl doesn't fail to connect with ECONNREFUSED.
            Instead, it waits to timeout.  So set a really short timeout, but
            just on localhost (for convenience of the user, and the test