xref: /curl/docs/examples/smtp-tls.c (revision f540e43b) 
1 /***************************************************************************
2  *                                  _   _ ____  _
3  *  Project                     ___| | | |  _ \| |
4  *                             / __| | | | |_) | |
5  *                            | (__| |_| |  _ <| |___
6  *                             \___|\___/|_| \_\_____|
7  *
8  * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
9  *
10  * This software is licensed as described in the file COPYING, which
11  * you should have received as part of this distribution. The terms
12  * are also available at https://curl.se/docs/copyright.html.
13  *
14  * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15  * copies of the Software, and permit persons to whom the Software is
16  * furnished to do so, under the terms of the COPYING file.
17  *
18  * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19  * KIND, either express or implied.
20  *
21  * SPDX-License-Identifier: curl
22  *
23  ***************************************************************************/
24 
25 /* <DESC>
26  * Send SMTP email using implicit TLS
27  * </DESC>
28  */
29 
30 #include <stdio.h>
31 #include <string.h>
32 #include <curl/curl.h>
33 
34 /* This is a simple example showing how to send mail using libcurl's SMTP
35  * capabilities. It builds on the smtp-mail.c example to add authentication
36  * and, more importantly, transport security to protect the authentication
37  * details from being snooped.
38  *
39  * Note that this example requires libcurl 7.20.0 or above.
40  */
41 
42 #define FROM_MAIL     "<sender@example.com>"
43 #define TO_MAIL       "<recipient@example.com>"
44 #define CC_MAIL       "<info@example.com>"
45 
46 static const char *payload_text =
47   "Date: Mon, 29 Nov 2010 21:54:29 +1100\r\n"
48   "To: " TO_MAIL "\r\n"
49   "From: " FROM_MAIL "\r\n"
50   "Cc: " CC_MAIL "\r\n"
51   "Message-ID: <dcd7cb36-11db-487a-9f3a-e652a9458efd@"
52   "rfcpedant.example.org>\r\n"
53   "Subject: SMTP example message\r\n"
54   "\r\n" /* empty line to divide headers from body, see RFC 5322 */
55   "The body of the message starts here.\r\n"
56   "\r\n"
57   "It could be a lot of lines, could be MIME encoded, whatever.\r\n"
58   "Check RFC 5322.\r\n";
59 
60 struct upload_status {
61   size_t bytes_read;
62 };
63 
payload_source(char * ptr,size_t size,size_t nmemb,void * userp)64 static size_t payload_source(char *ptr, size_t size, size_t nmemb, void *userp)
65 {
66   struct upload_status *upload_ctx = (struct upload_status *)userp;
67   const char *data;
68   size_t room = size * nmemb;
69 
70   if((size == 0) || (nmemb == 0) || ((size*nmemb) < 1)) {
71     return 0;
72   }
73 
74   data = &payload_text[upload_ctx->bytes_read];
75 
76   if(data) {
77     size_t len = strlen(data);
78     if(room < len)
79       len = room;
80     memcpy(ptr, data, len);
81     upload_ctx->bytes_read += len;
82 
83     return len;
84   }
85 
86   return 0;
87 }
88 
main(void)89 int main(void)
90 {
91   CURL *curl;
92   CURLcode res = CURLE_OK;
93   struct curl_slist *recipients = NULL;
94   struct upload_status upload_ctx = { 0 };
95 
96   curl = curl_easy_init();
97   if(curl) {
98     /* Set username and password */
99     curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
100     curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
101 
102     /* This is the URL for your mailserver. Note the use of port 587 here,
103      * instead of the normal SMTP port (25). Port 587 is commonly used for
104      * secure mail submission (see RFC 4403), but you should use whatever
105      * matches your server configuration. */
106     curl_easy_setopt(curl, CURLOPT_URL, "smtp://mainserver.example.net:587");
107 
108     /* In this example, we start with a plain text connection, and upgrade to
109      * Transport Layer Security (TLS) using the STARTTLS command. Be careful
110      * of using CURLUSESSL_TRY here, because if TLS upgrade fails, the
111      * transfer continues anyway - see the security discussion in the libcurl
112      * tutorial for more details. */
113     curl_easy_setopt(curl, CURLOPT_USE_SSL, (long)CURLUSESSL_ALL);
114 
115     /* If your server does not have a valid certificate, then you can disable
116      * part of the Transport Layer Security protection by setting the
117      * CURLOPT_SSL_VERIFYPEER and CURLOPT_SSL_VERIFYHOST options to 0 (false).
118      *   curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
119      *   curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
120      * That is, in general, a bad idea. It is still better than sending your
121      * authentication details in plain text though.  Instead, you should get
122      * the issuer certificate (or the host certificate if the certificate is
123      * self-signed) and add it to the set of certificates that are known to
124      * libcurl using CURLOPT_CAINFO and/or CURLOPT_CAPATH. See docs/SSLCERTS
125      * for more information. */
126     curl_easy_setopt(curl, CURLOPT_CAINFO, "/path/to/certificate.pem");
127 
128     /* Note that this option is not strictly required, omitting it results in
129      * libcurl sending the MAIL FROM command with empty sender data. All
130      * autoresponses should have an empty reverse-path, and should be directed
131      * to the address in the reverse-path which triggered them. Otherwise,
132      * they could cause an endless loop. See RFC 5321 Section 4.5.5 for more
133      * details.
134      */
135     curl_easy_setopt(curl, CURLOPT_MAIL_FROM, FROM_MAIL);
136 
137     /* Add two recipients, in this particular case they correspond to the
138      * To: and Cc: addressees in the header, but they could be any kind of
139      * recipient. */
140     recipients = curl_slist_append(recipients, TO_MAIL);
141     recipients = curl_slist_append(recipients, CC_MAIL);
142     curl_easy_setopt(curl, CURLOPT_MAIL_RCPT, recipients);
143 
144     /* We are using a callback function to specify the payload (the headers and
145      * body of the message). You could just use the CURLOPT_READDATA option to
146      * specify a FILE pointer to read from. */
147     curl_easy_setopt(curl, CURLOPT_READFUNCTION, payload_source);
148     curl_easy_setopt(curl, CURLOPT_READDATA, &upload_ctx);
149     curl_easy_setopt(curl, CURLOPT_UPLOAD, 1L);
150 
151     /* Since the traffic is encrypted, it is useful to turn on debug
152      * information within libcurl to see what is happening during the
153      * transfer.
154      */
155     curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
156 
157     /* Send the message */
158     res = curl_easy_perform(curl);
159 
160     /* Check for errors */
161     if(res != CURLE_OK)
162       fprintf(stderr, "curl_easy_perform() failed: %s\n",
163               curl_easy_strerror(res));
164 
165     /* Free the list of recipients */
166     curl_slist_free_all(recipients);
167 
168     /* Always cleanup */
169     curl_easy_cleanup(curl);
170   }
171 
172   return (int)res;
173 }
174