Provided by: cyrus-dev-2.4_2.4.17+caldav~beta9-3_amd64 bug


       imclient - (library) authenticating callback interface to IMAP/IMSP servers


       #include <cyrus/imclient.h>

       int imclient_connect(struct imclient **imclient, const char *host, const char *port);

       void imclient_close (struct imclient *imclient);
       void imclient_setflags(struct imclient *imclient, intflags);
       void imclient_clearflags (struct imclient *imclient, intflags);
       char* imclient_servername (struct imclient *imclient);
       void imclient_addcallback (struct imclient * imclient ,...);
       void imclient_send (struct imclient *imclient, void (*finishproc)(), void *finishrock,
       const char *fmt, ...);
       void imclient_getselectinfo (struct imclient *imclient, int *fd, int * wanttowrite);
       void imclient_processoneevent (struct imclient *imclient);
       int imclient_authenticate (struct imclient *imclient, struct sasl_client **availmech,
       const char *service, const char *user, int protallowed);
       int imclient_havetls ();
       int imclient_starttls (struct imclient *imclient, char *cert_file, char *key_file, char
       *CAfile, char *CApath);


       The imclient library functions are distributed with Cyrus IMAP and IMSP.  These functions
       are used for building IMAP/IMSP client software. These functions handle Kerberos
       authentication and can set callbacks based on the keyword in untagged replies or based on
       the command tag at the end of command replies.

       Users must link with the -lcyrus switch, and must supply a function called fatal to be
       called in case of any error within libcyrus.a.

       All of the imclient functions begin with the prefix imclient and takes  an  argument of
       type struct imclient * as the first argument which is  initialized by imclient_connect and
       freed by imclient_close.

       See below for a description of each function.

            Connects the client server to the host. If successful, it returns 0 and sets the
            imclient argument to a pointer to an imclient struct. The imclient struct represents
            the current connection,  flags, and  callbacks. On failure, the current errno is
            returned if a system call failed,  -1 is returned if the host name was not found, and
            -2 is returned if the service name was not found.

            Closes and frees the imclient connection.

            Sets the flags specified by the flags argument on the imclient connection. Currently
            the only  flag allowed is IMCLIENT_CONN_NONSYNCLITERAL (this flag indicates that the
            server supports non-synchronizing literals described by the LITERAL+ extension).

            Clears the flags specified by the flags argument on the imclient connection.

            Returns a  char * pointer to the name of the server connected to by imclient.

            Adds an untagged data callback to the imclient connection. The function
            imclient_addcallback takes callbacks of the type imclient_proc_t which is defined to
               typedef void imclient_proc_t (struct imclient *imclient, void *rock, struct
               imclient_reply *reply);
            and struct imclient_reply * is defined to be:
               struct imclient_reply {
                        char *keyword;
                        long msgno;
                        char *text;

            After the first argument imclient, there can be zero or more instances of the set of
            keyword, flags, proc, and rock, each adding or changing a single callback.  Each
            instance  adds or changes the callback for keyword.  The argument, flags, specifies
            information about the parsing of the untagged data.  proc and rock specify the
            callback function and rock to invoke when the untagged data is received.  proc may be
            a null pointer, in which case no function is invoked.  The callback function may not
            call the functions imclient_close(), imclient_send(), imclient_eof(),
            imclient_processoneevent(), or imclient_authenticate() on the connection. The
            callback function may over write  the text of untagged data.

            Sends a new command to the imclient connection.  finishproc and finnishrock are the
            function and rock called when the  command completes.  functionproc may be a null
            pointer, in which case no callback is made. The call back function may not call the
            functions imclient_close(), imclient_send(), imclient_eof(),
            imclient_processoneevent(), or imclient_authenticate() on the connection.  The
            argument, fmt , is a print like specification of the command. It must not include the
            tag as the tag is automatically added by imclient_send().  The defined %-sequences
               %% for %
               %a for an IMAP atom
               %s for an astring (which will be quoted or literalized as needed)
               %d for a decimal
               %u for an unsigned  decimal
               %v for #astring (argument is a null-terminated array of char * which are written
               as space separated astrings)

            Gets the information for calling select(2).  fd is filled in with the file descriptor
            to select(2) for read.  wanttowrite is filled in with a nonzero value if select
            should be used for write as well.

            Processes one input or output event on the imclient connection.

            Authenticates the imclient connection using one of the mechanisms in availmech.  The
            argument, user, if not NULL, specifies the user to authenticate as. If the user is
            NULL, the current user is used.  The argument protallowed is a bitmask of permissible
            protection mechanisms.
            On success, 0 is returned.  On failure (i.e., "BAD" keyboard, or no authentication
            mechanisms worked), 1 is returned. On extreme failure (premature "OK"), 2 is

            Returns a Boolean indicating whether the imclient library was compiled with TLS (SSL)
            support.  If so, imclient_starttls() may be used to secure the IMAP connection.

            Issues a STARTTLS command on an existing IMAP connection and negotiates the secure
            link.  The cert_file and key_file arguments specify the client certificate and secret
            key to use to authenticate ourselves to the server.  If client authentication is not
            needed, set both of these arguments to NULL.

            The CAfile and CApath arguments specify a file or directory, respectively, of CA
            certificates for validating server certificates.  (See
            SSL_CTX_load_verify_locations(3) for details.)  If both of these are NULL, the client
            will be unable to validate the server's certificate, in which case the connection may
            succeed but a warning will be printed to stdout.


       The following code is a possible skeletion of imclient that relies on Kerberos to do
       authentication.  This code preforms an IMAP CAPABILITY request and prints out the result.

       struct sasl_client;
       #include <cyrus/xmalloc.h> /* example uses xstrdup */
       #include <cyrus/sasl.h>
       #include <cyrus/imclient.h>
       #include <stdio.h>

       extern struct sasl_client krb_sasl_client;

       struct sasl_client *login_sasl_client[] = {
       struct imclient *imclient;
       char server[] = "" ;
       char port[] = "imap";

       void fatal(char* message, int rc) {
           fprintf(stderr, "fatal error: %s\n", message);

       static void callback_capability(struct imclient *imclient,
                           void *rock,
                           struct imclient_reply *reply) {
           if (reply->text != NULL) {
            *((char**)rock) = xstrdup( reply->text );

       static void end_command (struct imclient *connection, void*
                      rock,  struct imclient_reply *inmsg) {

       main() {
           char* capability_string;
           int nc;

           if (imclient_connect(&imclient, server, port)) {
                 "error: Couldn't connect to %s %s\n",
                 server, port);

           if (imclient_authenticate(imclient, login_sasl_client, "imap"
                            /* service */,
                            NULL /* user */, SASL_PROT_ANY)) {

           imclient_addcallback(imclient, "CAPABILITY",

           nc = 1;

           imclient_send(imclient, end_command,
                   (void*) &nc, "CAPABILITY");

           while(nc > 0) {

           if (strstr("LITERAL+", capability_string)) {
            imclient_setflags(imclient, IMCLIENT_CONN_NONSYNCLITERAL);

           imclient_send(imclient, NULL, NULL, "LOGOUT");

           printf("capability text is: %s\n", capability_string);



       No known bugs.


       cyradm, imapd, imspd, RFC2033 (IMAP LITERAL+ extension), RFC2060 (IMAP4rev1
       specification), and select(2)


       IMAP, ACAP, IMSP, Kerberos, Authentication