diff options
| author | leot <leot@pkgsrc.org> | 2020-08-29 13:43:54 +0000 |
|---|---|---|
| committer | leot <leot@pkgsrc.org> | 2020-08-29 13:43:54 +0000 |
| commit | eb2030a77365f9a808f208393e3658efa31a8da9 (patch) | |
| tree | 405e27796ce8e62368925ff53269443ec33f4f6b /mail | |
| parent | 4025e40be13057a4c4fc8ec0018082d5daae575a (diff) | |
| download | pkgsrc-eb2030a77365f9a808f208393e3658efa31a8da9.tar.gz | |
fdm: Add OAuth 2.0 support for IMAP
Patch shared upstream via:
<https://github.com/nicm/fdm/pull/84>
PKGREVISION++
Diffstat (limited to 'mail')
| -rw-r--r-- | mail/fdm/Makefile | 4 | ||||
| -rw-r--r-- | mail/fdm/distinfo | 10 | ||||
| -rw-r--r-- | mail/fdm/patches/patch-MANUAL | 27 | ||||
| -rw-r--r-- | mail/fdm/patches/patch-deliver-imap.c | 19 | ||||
| -rw-r--r-- | mail/fdm/patches/patch-deliver.h | 19 | ||||
| -rw-r--r-- | mail/fdm/patches/patch-fdm.conf.5 | 37 | ||||
| -rw-r--r-- | mail/fdm/patches/patch-fetch.h | 27 | ||||
| -rw-r--r-- | mail/fdm/patches/patch-imap-common.c | 74 | ||||
| -rw-r--r-- | mail/fdm/patches/patch-lex.c | 19 | ||||
| -rw-r--r-- | mail/fdm/patches/patch-parse.y | 78 |
10 files changed, 311 insertions, 3 deletions
diff --git a/mail/fdm/Makefile b/mail/fdm/Makefile index b819fc71150..fa2b7f40d0e 100644 --- a/mail/fdm/Makefile +++ b/mail/fdm/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.15 2020/01/18 21:49:49 jperkin Exp $ +# $NetBSD: Makefile,v 1.16 2020/08/29 13:43:54 leot Exp $ DISTNAME= fdm-2.0 -PKGREVISION= 3 +PKGREVISION= 4 CATEGORIES= mail MASTER_SITES= ${MASTER_SITE_GITHUB:=nicm/} diff --git a/mail/fdm/distinfo b/mail/fdm/distinfo index 6b9fa6bb67c..39d1a95517c 100644 --- a/mail/fdm/distinfo +++ b/mail/fdm/distinfo @@ -1,8 +1,16 @@ -$NetBSD: distinfo,v 1.13 2019/03/24 14:41:05 leot Exp $ +$NetBSD: distinfo,v 1.14 2020/08/29 13:43:54 leot Exp $ SHA1 (fdm-2.0.tar.gz) = 4da70cca5791457489d9e0a018706a6696609eab RMD160 (fdm-2.0.tar.gz) = b07dc4ee0b8de3362177d74bd935d1ae4dad961d SHA512 (fdm-2.0.tar.gz) = 9c321dfd200af7b7d396524a43a3ac4b569cddda0a2096122b935e9d7bdb8101f269341fae5bbd4ad8a2947312774da2d49e03eddc67c6ecbce4e1ff9488ebe2 Size (fdm-2.0.tar.gz) = 180662 bytes +SHA1 (patch-MANUAL) = e7cc443a970b350be9ced14f73bb873023ab91e3 SHA1 (patch-Makefile.am) = 2169ebc8e7c920cdf8492ee2039b410f5a6e358c +SHA1 (patch-deliver-imap.c) = 3be95a6ef4ba8946a72e8bb4c0c4c32384044e3f +SHA1 (patch-deliver.h) = 618d73f8fa2d69112ae85d858261d7f77a4e5c98 +SHA1 (patch-fdm.conf.5) = 4d43169edec6958ff591487be34f041054bfb476 +SHA1 (patch-fetch.h) = 225c3d83282057781cacd7ba84af1d16bd4b7616 +SHA1 (patch-imap-common.c) = e45a163e7ee4c8e386157babea8c43a7b26b77d1 +SHA1 (patch-lex.c) = 457abcef58add76cd4b76351a1961c45abc2f783 +SHA1 (patch-parse.y) = 56e27e155b6d99e3539d4dfe7f90d5c607fb4153 SHA1 (patch-shm-mmap.c) = 3cd0c54c982ddd4702ad921ebf5f1b890b503cd4 diff --git a/mail/fdm/patches/patch-MANUAL b/mail/fdm/patches/patch-MANUAL new file mode 100644 index 00000000000..832a930c514 --- /dev/null +++ b/mail/fdm/patches/patch-MANUAL @@ -0,0 +1,27 @@ +$NetBSD: patch-MANUAL,v 1.1 2020/08/29 13:43:54 leot Exp $ + +Add support for OAUTHBEARER (OAuth 2.0 bearer tokens, as documented by +RFC 7628) for IMAP. + +Patch shared upstream via: + + <https://github.com/nicm/fdm/pull/84> + +--- MANUAL.orig 2019-02-12 22:08:26.000000000 +0000 ++++ MANUAL +@@ -680,9 +680,12 @@ Examples of IMAP and IMAPS accounts incl + + By default, fdm prefers the CRAM-MD5 authentication method, since no passwords + are sent in the clear. If the server does not advertise CRAM-MD5 capability, +-the older LOGIN method is used. For IMAPS connections (which use SSL), the +-LOGIN method is just as secure. Either of these methods may be disabled with +-the 'no-cram-md5' and 'no-login' options. ++and 'oauthbearer' option is not passed the older LOGIN method is used. For ++IMAPS connections (which use SSL), the LOGIN method is just as secure. ++Either of these methods may be disabled with the 'no-cram-md5' and 'no-login' ++options. If the server advertises OAUTHBEARER capability, 'oauthbearer' ++option will use OAuth 2.0 bearer tokens - passed via 'pass' keyword - as ++authentication method. + + The 'starttls' keyword may be added to an IMAP account to attemp STARTTLS after + connection. diff --git a/mail/fdm/patches/patch-deliver-imap.c b/mail/fdm/patches/patch-deliver-imap.c new file mode 100644 index 00000000000..9c6658e0ba1 --- /dev/null +++ b/mail/fdm/patches/patch-deliver-imap.c @@ -0,0 +1,19 @@ +$NetBSD: patch-deliver-imap.c,v 1.1 2020/08/29 13:43:54 leot Exp $ + +Add support for OAUTHBEARER (OAuth 2.0 bearer tokens, as documented by +RFC 7628) for IMAP. + +Patch shared upstream via: + + <https://github.com/nicm/fdm/pull/84> + +--- deliver-imap.c.orig 2019-02-12 22:08:26.000000000 +0000 ++++ deliver-imap.c +@@ -197,6 +197,7 @@ deliver_imap_deliver(struct deliver_ctx + fdata.pass = data->pass; + fdata.nocrammd5 = data->nocrammd5; + fdata.nologin = data->nologin; ++ fdata.oauthbearer = data->oauthbearer; + memcpy(&fdata.server, &data->server, sizeof fdata.server); + fdata.io = io; + fdata.only = FETCH_ONLY_ALL; diff --git a/mail/fdm/patches/patch-deliver.h b/mail/fdm/patches/patch-deliver.h new file mode 100644 index 00000000000..8cdc1db8395 --- /dev/null +++ b/mail/fdm/patches/patch-deliver.h @@ -0,0 +1,19 @@ +$NetBSD: patch-deliver.h,v 1.1 2020/08/29 13:43:54 leot Exp $ + +Add support for OAUTHBEARER (OAuth 2.0 bearer tokens, as documented by +RFC 7628) for IMAP. + +Patch shared upstream via: + + <https://github.com/nicm/fdm/pull/84> + +--- deliver.h.orig 2019-02-12 22:08:26.000000000 +0000 ++++ deliver.h +@@ -82,6 +82,7 @@ struct deliver_imap_data { + struct server server; + int nocrammd5; + int nologin; ++ int oauthbearer; + int starttls; + + struct replstr folder; diff --git a/mail/fdm/patches/patch-fdm.conf.5 b/mail/fdm/patches/patch-fdm.conf.5 new file mode 100644 index 00000000000..b702577bce5 --- /dev/null +++ b/mail/fdm/patches/patch-fdm.conf.5 @@ -0,0 +1,37 @@ +$NetBSD: patch-fdm.conf.5,v 1.1 2020/08/29 13:43:54 leot Exp $ + +Add support for OAUTHBEARER (OAuth 2.0 bearer tokens, as documented by +RFC 7628) for IMAP. + +Patch shared upstream via: + + <https://github.com/nicm/fdm/pull/84> + +--- fdm.conf.5.orig 2019-02-12 22:08:26.000000000 +0000 ++++ fdm.conf.5 +@@ -473,6 +473,7 @@ not be read from + .Op Ic no-login + .Op Ic starttls + .Op Ic insecure ++.Op Ic oauthbearer + .Xc + .It Xo Ic imap Ic server Ar host + .Op Ic port Ar port +@@ -492,6 +493,7 @@ not be read from + .Op Ic no-cram-md5 + .Op Ic no-login + .Op Ic insecure ++.Op Ic oauthbearer + .Xc + These define an IMAP or IMAPS account. + The parameters are as for a POP3 or POP3S account, aside from the additional +@@ -530,6 +532,9 @@ after connection. + .Ic insecure + allows the use of insecure protocols, which currently includes SSLv2, SSLv3 + and TLS1.0. ++.Pp ++.Ic oauthbearer ++attempts to use OAuth 2.0 bearer token as authentication method. + .It Xo Ic imap Ic pipe Ar command + .Op Ar userpass + .Op Ar folders diff --git a/mail/fdm/patches/patch-fetch.h b/mail/fdm/patches/patch-fetch.h new file mode 100644 index 00000000000..07d09249c29 --- /dev/null +++ b/mail/fdm/patches/patch-fetch.h @@ -0,0 +1,27 @@ +$NetBSD: patch-fetch.h,v 1.1 2020/08/29 13:43:54 leot Exp $ + +Add support for OAUTHBEARER (OAuth 2.0 bearer tokens, as documented by +RFC 7628) for IMAP. + +Patch shared upstream via: + + <https://github.com/nicm/fdm/pull/84> + +--- fetch.h.orig 2019-02-12 22:08:26.000000000 +0000 ++++ fetch.h +@@ -204,6 +204,7 @@ struct fetch_imap_data { + int starttls; + int nocrammd5; + int nologin; ++ int oauthbearer; + + u_int folder; + struct strings *folders; +@@ -252,6 +253,7 @@ struct fetch_imap_mail { + #define IMAP_CAPA_STARTTLS 0x4 + #define IMAP_CAPA_NOSPACE 0x8 + #define IMAP_CAPA_GMEXT 0x10 ++#define IMAP_CAPA_AUTH_OAUTHBEARER 0x20 + + /* fetch-maildir.c */ + extern struct fetch fetch_maildir; diff --git a/mail/fdm/patches/patch-imap-common.c b/mail/fdm/patches/patch-imap-common.c new file mode 100644 index 00000000000..82609bcea00 --- /dev/null +++ b/mail/fdm/patches/patch-imap-common.c @@ -0,0 +1,74 @@ +$NetBSD: patch-imap-common.c,v 1.1 2020/08/29 13:43:54 leot Exp $ + +Add support for OAUTHBEARER (OAuth 2.0 bearer tokens, as documented by +RFC 7628) for IMAP. + +Patch shared upstream via: + + <https://github.com/nicm/fdm/pull/84> + +--- imap-common.c.orig 2019-02-12 22:08:26.000000000 +0000 ++++ imap-common.c +@@ -45,6 +45,7 @@ int imap_state_connect(struct account *, + int imap_state_capability1(struct account *, struct fetch_ctx *); + int imap_state_capability2(struct account *, struct fetch_ctx *); + int imap_state_starttls(struct account *, struct fetch_ctx *); ++int imap_state_oauthbearer_auth(struct account *, struct fetch_ctx *); + int imap_state_cram_md5_auth(struct account *, struct fetch_ctx *); + int imap_state_login(struct account *, struct fetch_ctx *); + int imap_state_user(struct account *, struct fetch_ctx *); +@@ -295,6 +296,12 @@ imap_pick_auth(struct account *a, struct + { + struct fetch_imap_data *data = a->data; + ++ /* Try OAUTHBEARER, if requested by user and if server supports it. */ ++ if (data->oauthbearer && (data->capa & IMAP_CAPA_AUTH_OAUTHBEARER)) { ++ fctx->state = imap_state_oauthbearer_auth; ++ return (FETCH_AGAIN); ++ } ++ + /* Try CRAM-MD5, if server supports it and user allows it. */ + if (!data->nocrammd5 && (data->capa & IMAP_CAPA_AUTH_CRAM_MD5)) { + if (imap_putln(a, +@@ -401,6 +408,9 @@ imap_state_capability1(struct account *a + if (strstr(line, "AUTH=CRAM-MD5") != NULL) + data->capa |= IMAP_CAPA_AUTH_CRAM_MD5; + ++ if (strstr(line, "AUTH=OAUTHBEARER") != NULL) ++ data->capa |= IMAP_CAPA_AUTH_OAUTHBEARER; ++ + /* Use XYZZY to detect Google brokenness. */ + if (strstr(line, "XYZZY") != NULL) + data->capa |= IMAP_CAPA_XYZZY; +@@ -470,6 +480,31 @@ imap_state_starttls(struct account *a, s + return (imap_pick_auth(a, fctx)); + } + ++/* OAUTHBEARER auth state. */ ++int ++imap_state_oauthbearer_auth(struct account *a, struct fetch_ctx *fctx) ++{ ++ struct fetch_imap_data *data = a->data; ++ char *src, *b64; ++ ++ xasprintf(&src, ++ "n,a=%s,\001host=%s\001port=%d\001auth=Bearer %s\001\001", ++ data->user, data->server.host, data->server.port, data->pass); ++ b64 = imap_base64_encode(src); ++ xfree(src); ++ ++ if (imap_putln(a, ++ "%u AUTHENTICATE OAUTHBEARER %s", ++data->tag, b64) != 0) { ++ xfree(b64); ++ return (FETCH_ERROR); ++ } ++ xfree(b64); ++ ++ fctx->state = imap_state_pass; ++ return (FETCH_BLOCK); ++} ++ ++ + /* CRAM-MD5 auth state. */ + int + imap_state_cram_md5_auth(struct account *a, struct fetch_ctx *fctx) diff --git a/mail/fdm/patches/patch-lex.c b/mail/fdm/patches/patch-lex.c new file mode 100644 index 00000000000..842bb2a324e --- /dev/null +++ b/mail/fdm/patches/patch-lex.c @@ -0,0 +1,19 @@ +$NetBSD: patch-lex.c,v 1.1 2020/08/29 13:43:54 leot Exp $ + +Add support for OAUTHBEARER (OAuth 2.0 bearer tokens, as documented by +RFC 7628) for IMAP. + +Patch shared upstream via: + + <https://github.com/nicm/fdm/pull/84> + +--- lex.c.orig 2019-02-12 22:08:26.000000000 +0000 ++++ lex.c +@@ -157,6 +157,7 @@ static const struct token tokens[] = { + { "no-verify", TOKNOVERIFY }, + { "none", TOKNONE }, + { "not", TOKNOT }, ++ { "oauthbearer", TOKOAUTHBEARER }, + { "old-only", TOKOLDONLY }, + { "or", TOKOR }, + { "parallel-accounts", TOKPARALLELACCOUNTS }, diff --git a/mail/fdm/patches/patch-parse.y b/mail/fdm/patches/patch-parse.y new file mode 100644 index 00000000000..83f2f9e8bf2 --- /dev/null +++ b/mail/fdm/patches/patch-parse.y @@ -0,0 +1,78 @@ +$NetBSD: patch-parse.y,v 1.1 2020/08/29 13:43:54 leot Exp $ + +Add support for OAUTHBEARER (OAuth 2.0 bearer tokens, as documented by +RFC 7628) for IMAP. + +Patch shared upstream via: + + <https://github.com/nicm/fdm/pull/84> + +--- parse.y.orig 2019-02-12 22:08:26.000000000 +0000 ++++ parse.y +@@ -206,6 +206,7 @@ yyerror(const char *fmt, ...) + %token TOKNOT + %token TOKNOUIDL + %token TOKNOVERIFY ++%token TOKOAUTHBEARER + %token TOKOLDONLY + %token TOKOR + %token TOKPARALLELACCOUNTS +@@ -307,7 +308,7 @@ yyerror(const char *fmt, ...) + %type <fetch> fetchtype + %type <flag> cont not disabled keep execpipe writeappend compress verify + %type <flag> apop poptype imaptype nntptype nocrammd5 nologin uidl starttls +-%type <flag> insecure ++%type <flag> insecure oauthbearer + %type <localgid> localgid + %type <locks> lock locklist + %type <number> size time numv retrc expire +@@ -1211,7 +1212,7 @@ actitem: execpipe strv + data->compress = $3; + } + | imaptype server userpassnetrc folder1 verify nocrammd5 nologin +- starttls insecure ++ starttls insecure oauthbearer + { + struct deliver_imap_data *data; + +@@ -1252,6 +1253,7 @@ actitem: execpipe strv + data->nologin = $7; + data->starttls = $8; + data->server.insecure = $9; ++ data->oauthbearer = $10; + } + | TOKSMTP server from to + { +@@ -2051,6 +2053,15 @@ insecure: TOKINSECURE + $$ = 0; + } + ++oauthbearer: TOKOAUTHBEARER ++ { ++ $$ = 1; ++ } ++ | /* empty */ ++ { ++ $$ = 0; ++ } ++ + verify: TOKNOVERIFY + { + $$ = 0; +@@ -2253,7 +2264,7 @@ fetchtype: poptype server userpassnetrc + data->only = $5.only; + } + | imaptype server userpassnetrc folderlist imaponly verify nocrammd5 +- nologin starttls insecure ++ nologin starttls insecure oauthbearer + { + struct fetch_imap_data *data; + +@@ -2293,6 +2304,7 @@ fetchtype: poptype server userpassnetrc + data->nologin = $8; + data->starttls = $9; + data->server.insecure = $10; ++ data->oauthbearer = $11; + } + | TOKIMAP TOKPIPE replstrv userpass folderlist imaponly + { |