1 # Copyright (C) 2021 all contributors <meta@public-inbox.org>
2 # License: AGPL-3.0+ <https://www.gnu.org/licenses/agpl-3.0.txt>
4 # common reader code for IMAP and NNTP (and maybe JMAP)
5 package PublicInbox::NetReader;
8 use parent qw(Exporter);
10 # TODO: trim this down, this is huge
11 our @EXPORT = qw(uri_new uri_scheme uri_section
15 # avoid exposing deprecated "snews" to users.
16 my %SCHEME_MAP = ('snews' => 'nntps');
20 my $scheme = $uri->scheme;
21 $SCHEME_MAP{$scheme} // $scheme;
24 # returns the git config section name, e.g [imap "imaps://user@example.com"]
25 # without the mailbox, so we can share connections between different inboxes
28 uri_scheme($uri) . '://' . $uri->authority;
31 sub auth_anon_cb { '' }; # for Mail::IMAPClient::Authcallback
33 sub mic_for { # mic = Mail::IMAPClient
34 my ($self, $url, $mic_args) = @_;
35 require PublicInbox::URIimap;
36 my $uri = PublicInbox::URIimap->new($url);
37 require PublicInbox::GitCredential;
40 protocol => $uri->scheme,
42 username => $uri->user,
43 password => $uri->password,
44 }, 'PublicInbox::GitCredential';
45 my $common = $mic_args->{uri_section($uri)} // {};
46 # IMAPClient and Net::Netrc both mishandles `0', so we pass `127.0.0.1'
47 my $host = $cred->{host};
48 $host = '127.0.0.1' if $host eq '0';
52 Ssl => $uri->scheme eq 'imaps',
53 Keepalive => 1, # SO_KEEPALIVE
54 %$common, # may set Starttls, Compress, Debug ....
56 require PublicInbox::IMAPClient;
57 my $mic = PublicInbox::IMAPClient->new(%$mic_arg) or
58 die "E: <$url> new: $@\n";
60 # default to using STARTTLS if it's available, but allow
61 # it to be disabled since I usually connect to localhost
62 if (!$mic_arg->{Ssl} && !defined($mic_arg->{Starttls}) &&
63 $mic->has_capability('STARTTLS') &&
64 $mic->can('starttls')) {
65 $mic->starttls or die "E: <$url> STARTTLS: $@\n";
68 # do we even need credentials?
69 if (!defined($cred->{username}) &&
70 $mic->has_capability('AUTH=ANONYMOUS')) {
74 $cred->check_netrc unless defined $cred->{password};
75 $cred->fill; # may prompt user here
76 $mic->User($mic_arg->{User} = $cred->{username});
77 $mic->Password($mic_arg->{Password} = $cred->{password});
78 } else { # AUTH=ANONYMOUS
79 $mic->Authmechanism($mic_arg->{Authmechanism} = 'ANONYMOUS');
80 $mic->Authcallback($mic_arg->{Authcallback} = \&auth_anon_cb);
82 if ($mic->login && $mic->IsAuthenticated) {
83 # success! keep IMAPClient->new arg in case we get disconnected
84 $self->{mic_arg}->{uri_section($uri)} = $mic_arg;
86 warn "E: <$url> LOGIN: $@\n";
89 $cred->run($mic ? 'approve' : 'reject') if $cred;
97 # URI::snews exists, URI::nntps does not, so use URI::snews
98 $url =~ s!\Anntps://!snews://!i;
102 # Net::NNTP doesn't support CAPABILITIES, yet
103 sub try_starttls ($) {
105 return if $host =~ /\.onion\z/s;
106 return if $host =~ /\A127\.[0-9]+\.[0-9]+\.[0-9]+\z/s;
107 return if $host eq '::1';
112 my ($nn_arg, $nntp_opt, $url) = @_;
113 my $nn = Net::NNTP->new(%$nn_arg) or die "E: <$url> new: $!\n";
115 # default to using STARTTLS if it's available, but allow
116 # it to be disabled for localhost/VPN users
117 if (!$nn_arg->{SSL} && $nn->can('starttls')) {
118 if (!defined($nntp_opt->{starttls}) &&
119 try_starttls($nn_arg->{Host})) {
120 # soft fail by default
121 $nn->starttls or warn <<"";
122 W: <$url> STARTTLS tried and failed (not requested)
124 } elsif ($nntp_opt->{starttls}) {
125 # hard fail if explicitly configured
126 $nn->starttls or die <<"";
127 E: <$url> STARTTLS requested and failed
130 } elsif ($nntp_opt->{starttls}) {
131 $nn->can('starttls') or
132 die "E: <$url> Net::NNTP too old for STARTTLS\n";
133 $nn->starttls or die <<"";
134 E: <$url> STARTTLS requested and failed
140 sub nn_for ($$$) { # nn = Net::NNTP
141 my ($self, $url, $nn_args) = @_;
142 my $uri = uri_new($url);
143 my $sec = uri_section($uri);
144 my $nntp_opt = $self->{nntp_opt}->{$sec} //= {};
145 my $host = $uri->host;
146 # Net::NNTP and Net::Netrc both mishandle `0', so we pass `127.0.0.1'
147 $host = '127.0.0.1' if $host eq '0';
150 if (defined(my $ui = $uri->userinfo)) {
151 require PublicInbox::GitCredential;
154 protocol => uri_scheme($uri),
156 }, 'PublicInbox::GitCredential';
157 ($u, $p) = split(/:/, $ui, 2);
158 ($cred->{username}, $cred->{password}) = ($u, $p);
159 $cred->check_netrc unless defined $p;
161 my $common = $nn_args->{$sec} // {};
165 SSL => $uri->secure, # snews == nntps
166 %$common, # may Debug ....
168 my $nn = nn_new($nn_arg, $nntp_opt, $url);
171 $cred->fill; # may prompt user here
172 if ($nn->authinfo($u, $p)) {
173 push @{$nntp_opt->{-postconn}}, [ 'authinfo', $u, $p ];
175 warn "E: <$url> AUTHINFO $u XXXX failed\n";
180 if ($nntp_opt->{compress}) {
181 # https://rt.cpan.org/Ticket/Display.html?id=129967
182 if ($nn->can('compress')) {
184 push @{$nntp_opt->{-postconn}}, [ 'compress' ];
186 warn "W: <$url> COMPRESS failed\n";
189 delete $nntp_opt->{compress};
191 W: <$url> COMPRESS not supported by Net::NNTP
192 W: see https://rt.cpan.org/Ticket/Display.html?id=129967 for updates
197 $self->{nn_arg}->{$sec} = $nn_arg;
198 $cred->run($nn ? 'approve' : 'reject') if $cred;
204 require PublicInbox::URIimap;
205 my $uri = PublicInbox::URIimap->new($url);
206 $uri ? $uri->canonical->as_string : undef;
209 my %IS_NNTP = (news => 1, snews => 1, nntp => 1);
212 my $uri = uri_new($url);
213 return unless $uri && $IS_NNTP{$uri->scheme} && $uri->group;
214 $url = $uri->canonical->as_string;
215 # nntps is IANA registered, snews is deprecated
216 $url =~ s!\Asnews://!nntps://!;