1/***************************************************************************
2 *                                  _   _ ____  _
3 *  Project                     ___| | | |  _ \| |
4 *                             / __| | | | |_) | |
5 *                            | (__| |_| |  _ <| |___
6 *                             \___|\___/|_| \_\_____|
7 *
8 * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
9 *
10 * This software is licensed as described in the file COPYING, which
11 * you should have received as part of this distribution. The terms
12 * are also available at https://curl.haxx.se/docs/copyright.html.
13 *
14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15 * copies of the Software, and permit persons to whom the Software is
16 * furnished to do so, under the terms of the COPYING file.
17 *
18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19 * KIND, either express or implied.
20 *
21 ***************************************************************************/
22
23/* <DESC>
24 * IMAP example using TLS
25 * </DESC>
26 */
27
28#include <stdio.h>
29#include <curl/curl.h>
30
31/* This is a simple example showing how to fetch mail using libcurl's IMAP
32 * capabilities. It builds on the imap-fetch.c example adding transport
33 * security to protect the authentication details from being snooped.
34 *
35 * Note that this example requires libcurl 7.30.0 or above.
36 */
37
38int main(void)
39{
40  CURL *curl;
41  CURLcode res = CURLE_OK;
42
43  curl = curl_easy_init();
44  if(curl) {
45    /* Set username and password */
46    curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
47    curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
48
49    /* This will fetch message 1 from the user's inbox */
50    curl_easy_setopt(curl, CURLOPT_URL,
51                     "imap://imap.example.com/INBOX/;UID=1");
52
53    /* In this example, we'll start with a plain text connection, and upgrade
54     * to Transport Layer Security (TLS) using the STARTTLS command. Be careful
55     * of using CURLUSESSL_TRY here, because if TLS upgrade fails, the transfer
56     * will continue anyway - see the security discussion in the libcurl
57     * tutorial for more details. */
58    curl_easy_setopt(curl, CURLOPT_USE_SSL, (long)CURLUSESSL_ALL);
59
60    /* If your server doesn't have a valid certificate, then you can disable
61     * part of the Transport Layer Security protection by setting the
62     * CURLOPT_SSL_VERIFYPEER and CURLOPT_SSL_VERIFYHOST options to 0 (false).
63     *   curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
64     *   curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
65     *
66     * That is, in general, a bad idea. It is still better than sending your
67     * authentication details in plain text though.  Instead, you should get
68     * the issuer certificate (or the host certificate if the certificate is
69     * self-signed) and add it to the set of certificates that are known to
70     * libcurl using CURLOPT_CAINFO and/or CURLOPT_CAPATH. See docs/SSLCERTS
71     * for more information. */
72    curl_easy_setopt(curl, CURLOPT_CAINFO, "/path/to/certificate.pem");
73
74    /* Since the traffic will be encrypted, it is very useful to turn on debug
75     * information within libcurl to see what is happening during the
76     * transfer */
77    curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
78
79    /* Perform the fetch */
80    res = curl_easy_perform(curl);
81
82    /* Check for errors */
83    if(res != CURLE_OK)
84      fprintf(stderr, "curl_easy_perform() failed: %s\n",
85              curl_easy_strerror(res));
86
87    /* Always cleanup */
88    curl_easy_cleanup(curl);
89  }
90
91  return (int)res;
92}
93