xref: /third_party/curl/docs/examples/smtp-tls.c (revision 13498266) 
1/***************************************************************************
2 *                                  _   _ ____  _
3 *  Project                     ___| | | |  _ \| |
4 *                             / __| | | | |_) | |
5 *                            | (__| |_| |  _ <| |___
6 *                             \___|\___/|_| \_\_____|
7 *
8 * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
9 *
10 * This software is licensed as described in the file COPYING, which
11 * you should have received as part of this distribution. The terms
12 * are also available at https://curl.se/docs/copyright.html.
13 *
14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15 * copies of the Software, and permit persons to whom the Software is
16 * furnished to do so, under the terms of the COPYING file.
17 *
18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19 * KIND, either express or implied.
20 *
21 * SPDX-License-Identifier: curl
22 *
23 ***************************************************************************/
24
25/* <DESC>
26 * Send SMTP email using implicit TLS
27 * </DESC>
28 */
29
30#include <stdio.h>
31#include <string.h>
32#include <curl/curl.h>
33
34/* This is a simple example showing how to send mail using libcurl's SMTP
35 * capabilities. It builds on the smtp-mail.c example to add authentication
36 * and, more importantly, transport security to protect the authentication
37 * details from being snooped.
38 *
39 * Note that this example requires libcurl 7.20.0 or above.
40 */
41
42#define FROM_MAIL     "<sender@example.com>"
43#define TO_MAIL       "<recipient@example.com>"
44#define CC_MAIL       "<info@example.com>"
45
46static const char *payload_text =
47  "Date: Mon, 29 Nov 2010 21:54:29 +1100\r\n"
48  "To: " TO_MAIL "\r\n"
49  "From: " FROM_MAIL "\r\n"
50  "Cc: " CC_MAIL "\r\n"
51  "Message-ID: <dcd7cb36-11db-487a-9f3a-e652a9458efd@"
52  "rfcpedant.example.org>\r\n"
53  "Subject: SMTP example message\r\n"
54  "\r\n" /* empty line to divide headers from body, see RFC 5322 */
55  "The body of the message starts here.\r\n"
56  "\r\n"
57  "It could be a lot of lines, could be MIME encoded, whatever.\r\n"
58  "Check RFC 5322.\r\n";
59
60struct upload_status {
61  size_t bytes_read;
62};
63
64static size_t payload_source(char *ptr, size_t size, size_t nmemb, void *userp)
65{
66  struct upload_status *upload_ctx = (struct upload_status *)userp;
67  const char *data;
68  size_t room = size * nmemb;
69
70  if((size == 0) || (nmemb == 0) || ((size*nmemb) < 1)) {
71    return 0;
72  }
73
74  data = &payload_text[upload_ctx->bytes_read];
75
76  if(data) {
77    size_t len = strlen(data);
78    if(room < len)
79      len = room;
80    memcpy(ptr, data, len);
81    upload_ctx->bytes_read += len;
82
83    return len;
84  }
85
86  return 0;
87}
88
89int main(void)
90{
91  CURL *curl;
92  CURLcode res = CURLE_OK;
93  struct curl_slist *recipients = NULL;
94  struct upload_status upload_ctx = { 0 };
95
96  curl = curl_easy_init();
97  if(curl) {
98    /* Set username and password */
99    curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
100    curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
101
102    /* This is the URL for your mailserver. Note the use of port 587 here,
103     * instead of the normal SMTP port (25). Port 587 is commonly used for
104     * secure mail submission (see RFC 4403), but you should use whatever
105     * matches your server configuration. */
106    curl_easy_setopt(curl, CURLOPT_URL, "smtp://mainserver.example.net:587");
107
108    /* In this example, we will start with a plain text connection, and upgrade
109     * to Transport Layer Security (TLS) using the STARTTLS command. Be careful
110     * of using CURLUSESSL_TRY here, because if TLS upgrade fails, the transfer
111     * will continue anyway - see the security discussion in the libcurl
112     * tutorial for more details. */
113    curl_easy_setopt(curl, CURLOPT_USE_SSL, (long)CURLUSESSL_ALL);
114
115    /* If your server does not have a valid certificate, then you can disable
116     * part of the Transport Layer Security protection by setting the
117     * CURLOPT_SSL_VERIFYPEER and CURLOPT_SSL_VERIFYHOST options to 0 (false).
118     *   curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
119     *   curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
120     * That is, in general, a bad idea. It is still better than sending your
121     * authentication details in plain text though.  Instead, you should get
122     * the issuer certificate (or the host certificate if the certificate is
123     * self-signed) and add it to the set of certificates that are known to
124     * libcurl using CURLOPT_CAINFO and/or CURLOPT_CAPATH. See docs/SSLCERTS
125     * for more information. */
126    curl_easy_setopt(curl, CURLOPT_CAINFO, "/path/to/certificate.pem");
127
128    /* Note that this option is not strictly required, omitting it will result
129     * in libcurl sending the MAIL FROM command with empty sender data. All
130     * autoresponses should have an empty reverse-path, and should be directed
131     * to the address in the reverse-path which triggered them. Otherwise,
132     * they could cause an endless loop. See RFC 5321 Section 4.5.5 for more
133     * details.
134     */
135    curl_easy_setopt(curl, CURLOPT_MAIL_FROM, FROM_MAIL);
136
137    /* Add two recipients, in this particular case they correspond to the
138     * To: and Cc: addressees in the header, but they could be any kind of
139     * recipient. */
140    recipients = curl_slist_append(recipients, TO_MAIL);
141    recipients = curl_slist_append(recipients, CC_MAIL);
142    curl_easy_setopt(curl, CURLOPT_MAIL_RCPT, recipients);
143
144    /* We are using a callback function to specify the payload (the headers and
145     * body of the message). You could just use the CURLOPT_READDATA option to
146     * specify a FILE pointer to read from. */
147    curl_easy_setopt(curl, CURLOPT_READFUNCTION, payload_source);
148    curl_easy_setopt(curl, CURLOPT_READDATA, &upload_ctx);
149    curl_easy_setopt(curl, CURLOPT_UPLOAD, 1L);
150
151    /* Since the traffic will be encrypted, it is useful to turn on debug
152     * information within libcurl to see what is happening during the
153     * transfer.
154     */
155    curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
156
157    /* Send the message */
158    res = curl_easy_perform(curl);
159
160    /* Check for errors */
161    if(res != CURLE_OK)
162      fprintf(stderr, "curl_easy_perform() failed: %s\n",
163              curl_easy_strerror(res));
164
165    /* Free the list of recipients */
166    curl_slist_free_all(recipients);
167
168    /* Always cleanup */
169    curl_easy_cleanup(curl);
170  }
171
172  return (int)res;
173}
174