changeset 22:fc5e6970a0d5 default tip

Add support for specifying an authorization identity on the command line
author Guido Berhoerster <guido+sievemgr@berhoerster.name>
date Wed, 17 Feb 2021 07:50:55 +0100
parents ad5f548e3b10
children
files cmd/sievemgr/activate.go cmd/sievemgr/checkspace.go cmd/sievemgr/common.go cmd/sievemgr/delete.go cmd/sievemgr/doc.go cmd/sievemgr/docstr.go cmd/sievemgr/edit.go cmd/sievemgr/get.go cmd/sievemgr/info.go cmd/sievemgr/list.go cmd/sievemgr/main.go cmd/sievemgr/put.go cmd/sievemgr/rename.go
diffstat 13 files changed, 41 insertions(+), 25 deletions(-) [+]
line wrap: on
line diff
--- a/cmd/sievemgr/activate.go	Wed Feb 03 13:49:51 2021 +0100
+++ b/cmd/sievemgr/activate.go	Wed Feb 17 07:50:55 2021 +0100
@@ -23,7 +23,9 @@
 
 func init() {
 	cmdActivate.Flag.StringVar(&acctName, "a", "", "Select the account")
+	cmdActivate.Flag.StringVar(&authzID, "A", "", "Specify the authorization identity")
 	cmdDeactivate.Flag.StringVar(&acctName, "a", "", "Select the account")
+	cmdDeactivate.Flag.StringVar(&authzID, "A", "", "Specify the authorization identity")
 }
 
 var cmdActivate = &command{
--- a/cmd/sievemgr/checkspace.go	Wed Feb 03 13:49:51 2021 +0100
+++ b/cmd/sievemgr/checkspace.go	Wed Feb 17 07:50:55 2021 +0100
@@ -30,6 +30,7 @@
 
 func init() {
 	cmdCheckSpace.Flag.StringVar(&acctName, "a", "", "Select the account")
+	cmdCheckSpace.Flag.StringVar(&authzID, "A", "", "Specify the authorization identity")
 }
 
 var cmdCheckSpace = &command{
--- a/cmd/sievemgr/common.go	Wed Feb 03 13:49:51 2021 +0100
+++ b/cmd/sievemgr/common.go	Wed Feb 17 07:50:55 2021 +0100
@@ -129,7 +129,7 @@
 		}
 	}
 
-	auth := managesieve.PlainAuth("", acct.User, acct.Password, acct.Host)
+	auth := managesieve.PlainAuth(authzID, acct.User, acct.Password, acct.Host)
 	if err := c.Authenticate(auth); err != nil {
 		return nil, fmt.Errorf("failed to authenticate user %s: %s",
 			acct.User, err)
--- a/cmd/sievemgr/delete.go	Wed Feb 03 13:49:51 2021 +0100
+++ b/cmd/sievemgr/delete.go	Wed Feb 17 07:50:55 2021 +0100
@@ -23,6 +23,7 @@
 
 func init() {
 	cmdDelete.Flag.StringVar(&acctName, "a", "", "Select the account")
+	cmdDelete.Flag.StringVar(&authzID, "A", "", "Specify the authorization identity")
 }
 
 var cmdDelete = &command{
--- a/cmd/sievemgr/doc.go	Wed Feb 03 13:49:51 2021 +0100
+++ b/cmd/sievemgr/doc.go	Wed Feb 17 07:50:55 2021 +0100
@@ -3,17 +3,17 @@
 
 Usage:
 
-	sievemgr [-f config] info [-a account]
-	sievemgr [-f config] list [-a account]
-	sievemgr [-f config] get [-a account] script
-	sievemgr [-f config] put [-a account] script [file]
-	sievemgr [-f config] activate [-a account] script
-	sievemgr [-f config] deactivate [-a account]
-	sievemgr [-f config] delete [-a account] script
-	sievemgr [-f config] check [-a account] [file]
-	sievemgr [-f config] checkspace [-a account] script [file]
-	sievemgr [-f config] rename [-a account] old new
-	sievemgr [-f config] edit [-a account] script
+	sievemgr [-f config] info [-A authzid] [-a account]
+	sievemgr [-f config] list [-A authzid] [-a account]
+	sievemgr [-f config] get [-A authzid] [-a account] script
+	sievemgr [-f config] put [-A authzid] [-a account] script [file]
+	sievemgr [-f config] activate [-A authzid] [-a account] script
+	sievemgr [-f config] deactivate [-A authzid] [-a account]
+	sievemgr [-f config] delete [-A authzid] [-a account] script
+	sievemgr [-f config] check [-A authzid] [-a account] [file]
+	sievemgr [-f config] checkspace [-A authzid] [-a account] script [file]
+	sievemgr [-f config] rename [-A authzid] [-a account] old new
+	sievemgr [-f config] edit [-A authzid] [-a account] script
 	sievemgr [-f config] man
 
 Description:
@@ -109,60 +109,64 @@
 
 Common Options:
 
+	-A authzid
+		Specify the authorization identity to assume if permitted by
+		the given account credentials.
+
 	-a account
 		Select account from the configuration file.
 
 Subcommands:
 
-	sievemgr [-f config] info [-a account]
+	sievemgr [-f config] info [-A authzid] [-a account]
 
 Displays information about the ManageSieve server. This includes conformance to
 RFC 5804, support for TLS connections, supported extensions, available SASL
 authentication mechanisms, and supported notification methods.
 
-	sievemgr [-f config] list [-a account]
+	sievemgr [-f config] list [-A authzid] [-a account]
 
 Lists all scripts on the server and indicate which of the is the currently
 active script.
 
-	sievemgr [-f config] get [-a account] script
+	sievemgr [-f config] get [-A authzid] [-a account] script
 
 Fetch the contents of script from the server.
 
-	sievemgr [-f config] put [-a account] script [file]
+	sievemgr [-f config] put [-A authzid] [-a account] script [file]
 
 Submit file under the name script to the server.  If file is not specified,
 read the script from standard input.  The server will reject a script if it is
 invalid or a storage quota is exceeded.
 
-	sievemgr [-f config] activate [-a account] script
+	sievemgr [-f config] activate [-A authzid] [-a account] script
 
 Set script as the active script on the server.
 
-	sievemgr [-f config] deactivate [-a account]
+	sievemgr [-f config] deactivate [-A authzid] [-a account]
 
 Deactivate the currently active script on the server.
 
-	sievemgr [-f config] delete [-a account] script
+	sievemgr [-f config] delete [-A authzid] [-a account] script
 
 Delete script from the server.
 
-	sievemgr [-f config] check [-a account] [file]
+	sievemgr [-f config] check [-A authzid] [-a account] [file]
 
 Check if file is a valid sieve script.  If file is not specified, read the
 script from standard input.
 
-	sievemgr [-f config] checkspace [-a account] script [file]
+	sievemgr [-f config] checkspace [-A authzid] [-a account] script [file]
 
 Check if the script in file can be stored on the server without exceeding the
 storage quota.  If script already exists the server will take overwriting it
 into account.  If file is not specified, read the script from standard input.
 
-	sievemgr [-f config] rename [-a account] old new
+	sievemgr [-f config] rename [-A authzid] [-a account] old new
 
 Rename the script old to new.
 
-	sievemgr [-f config] edit [-a account] script
+	sievemgr [-f config] edit [-A authzid] [-a account] script
 
 Retrieve a copy of script and start the editor referred to in the $EDITOR
 environment variable.  If the local copy has not been modified or the editor
--- a/cmd/sievemgr/docstr.go	Wed Feb 03 13:49:51 2021 +0100
+++ b/cmd/sievemgr/docstr.go	Wed Feb 17 07:50:55 2021 +0100
@@ -2,4 +2,4 @@
 
 package main
 
-const docText = "The sievemgr command is a ManageSieve client.\n\nUsage:\n\n    sievemgr [-f config] info [-a account]\n    sievemgr [-f config] list [-a account]\n    sievemgr [-f config] get [-a account] script\n    sievemgr [-f config] put [-a account] script [file]\n    sievemgr [-f config] activate [-a account] script\n    sievemgr [-f config] deactivate [-a account]\n    sievemgr [-f config] delete [-a account] script\n    sievemgr [-f config] check [-a account] [file]\n    sievemgr [-f config] checkspace [-a account] script [file]\n    sievemgr [-f config] rename [-a account] old new\n    sievemgr [-f config] edit [-a account] script\n    sievemgr [-f config] man\n    sievemgr [-f config] version\n\nDescription:\n\nsievemgr is a client for managing Sieve scripts on remote servers via the\nManageSieve Protocol (RFC 5804). Given valid credentials, sievemgr can be\ninvoked non-interactively in order to retrieve a list of all script scripts,\nretrieve the scripts themselves, publish scripts on a server, or delete them.\nFurthermore, it can be used to change the active script and to display\ninformation about the server.\n\nThe ManageSieve server may either be referred to by a domain name or by its IP\naddress or hostname and optionally the port. If only a domain name was\nspecified a DNS service lookup is performed in order to determine the hostname\nand port of the ManageSieve server. In case no service record exists or no\nport was specified sievemgr will fall back to port 4190.\n\nsievemgr only supports authentication using the SASL PLAIN mechanism and\nrequires support for TLS-encrypted connections via the STARTTLS command when\nconnecting to a server other than localhost.\n\nConfiguration File:\n\nIf a configuration file is not explicitly specified using the -f option\nsievemgr will open the default configuration file in a platform-dependent\nlocation:\n\n    * on Unix either $XDG_CONFIG_HOME/sievemegr/sievemgr.conf if\n      XDG_CONFIG_HOME is set or $HOME/.config/sievemegr/sievemgr.conf\n    * on Darwin $HOME/Library/Application Support/sievemegr/sievemgr.conf\n    * on Windows %APPDATA%\\sievemgr\\sievemgr.conf\n\nThe owner of the file must match the effective user and the permissions of the\nfile must be set to disallow access by group or others.\n\nTokens in the configuration file are seperated by spaces, tabs, and newlines\nand there are three types of tokens: identifiers, strings, and numbers.\nIdentifiers consist of the letters a-z and A-Z, numbers of 0-9. Strings are\nenclosed in double quotes, literal double quotes can be escaped with a\nbackslash and a literal backslash is escaped with another backslash.\n\nThe following tokens are recognized:\n\n    account \"name\"\n    \tDefine an account which is referred to by name. The account\n    \tdefinition ends when another account token is encountered or at\n    \tthe end of the file.\n\n    default\n    \tSet this as the default account.\n\n    host \"name\"\n    \tSpecify the host- or domainname of the ManageSieve server.\n\n    port number\n    \tSpecifiy the port number of the ManageSieve server.  If left\n    \tout and the host token refers to a domainname, sievmgr will\n    \tquery DNS for a SRV record for a ManageSieve service associated\n    \twith the domain and fall back to port 4190.\n\n    user \"name\"\n    \tSet the username of the account.\n\n    pass \"password\"\n    \tSet the password of the account.\n\n    insecure\n    \tOptionally specify that verification of the certificate\n    \tpresented by the server when making a TLS connection should be\n    \tskipped.  This renders the connection insecure and should only\n    \tbe used for testing purposes.\n\nGlobal Options:\n\n    -f config\n    \tSet the name of the configuration file to config.\n\nCommon Options:\n\n    -a account\n    \tSelect account from the configuration file.\n\nSubcommands:\n\n    sievemgr [-f config] info [-a account]\n\nDisplays information about the ManageSieve server. This includes conformance\nto RFC 5804, support for TLS connections, supported extensions, available SASL\nauthentication mechanisms, and supported notification methods.\n\n    sievemgr [-f config] list [-a account]\n\nLists all scripts on the server and indicate which of the is the currently\nactive script.\n\n    sievemgr [-f config] get [-a account] script\n\nFetch the contents of script from the server.\n\n    sievemgr [-f config] put [-a account] script [file]\n\nSubmit file under the name script to the server. If file is not specified,\nread the script from standard input. The server will reject a script if it is\ninvalid or a storage quota is exceeded.\n\n    sievemgr [-f config] activate [-a account] script\n\nSet script as the active script on the server.\n\n    sievemgr [-f config] deactivate [-a account]\n\nDeactivate the currently active script on the server.\n\n    sievemgr [-f config] delete [-a account] script\n\nDelete script from the server.\n\n    sievemgr [-f config] check [-a account] [file]\n\nCheck if file is a valid sieve script. If file is not specified, read the\nscript from standard input.\n\n    sievemgr [-f config] checkspace [-a account] script [file]\n\nCheck if the script in file can be stored on the server without exceeding the\nstorage quota. If script already exists the server will take overwriting it\ninto account. If file is not specified, read the script from standard input.\n\n    sievemgr [-f config] rename [-a account] old new\n\nRename the script old to new.\n\n    sievemgr [-f config] edit [-a account] script\n\nRetrieve a copy of script and start the editor referred to in the $EDITOR\nenvironment variable. If the local copy has not been modified or the editor\nexits with a non-zero exit status the local copy of script will not be\nsubmitted to the server. In case of errors the local copy of the script will\nbe preserved.\n\n    sievemgr [-f config] man\n\nDisplay the user manual.\n\n    sievemgr [-f config] version\n\nShow version information and exit.\n"
\ No newline at end of file
+const docText = "The sievemgr command is a ManageSieve client.\n\nUsage:\n\n    sievemgr [-f config] info [-A authzid] [-a account]\n    sievemgr [-f config] list [-A authzid] [-a account]\n    sievemgr [-f config] get [-A authzid] [-a account] script\n    sievemgr [-f config] put [-A authzid] [-a account] script [file]\n    sievemgr [-f config] activate [-A authzid] [-a account] script\n    sievemgr [-f config] deactivate [-A authzid] [-a account]\n    sievemgr [-f config] delete [-A authzid] [-a account] script\n    sievemgr [-f config] check [-A authzid] [-a account] [file]\n    sievemgr [-f config] checkspace [-A authzid] [-a account] script [file]\n    sievemgr [-f config] rename [-A authzid] [-a account] old new\n    sievemgr [-f config] edit [-A authzid] [-a account] script\n    sievemgr [-f config] man\n\nDescription:\n\nsievemgr is a client for managing Sieve scripts on remote servers via the\nManageSieve Protocol (RFC 5804). Given valid credentials, sievemgr can be\ninvoked non-interactively in order to retrieve a list of all script scripts,\nretrieve the scripts themselves, publish scripts on a server, or delete them.\nFurthermore, it can be used to change the active script and to display\ninformation about the server.\n\nThe ManageSieve server may either be referred to by a domain name or by its IP\naddress or hostname and optionally the port. If only a domain name was\nspecified a DNS service lookup is performed in order to determine the hostname\nand port of the ManageSieve server. In case no service record exists or no\nport was specified sievemgr will fall back to port 4190.\n\nsievemgr only supports authentication using the SASL PLAIN mechanism and\nrequires support for TLS-encrypted connections via the STARTTLS command when\nconnecting to a server other than localhost.\n\nConfiguration File:\n\nIf a configuration file is not explicitly specified using the -f option\nsievemgr will open the default configuration file in a platform-dependent\nlocation:\n\n    * on Unix either $XDG_CONFIG_HOME/sievemegr/sievemgr.conf if\n      XDG_CONFIG_HOME is set or $HOME/.config/sievemegr/sievemgr.conf\n    * on Darwin $HOME/Library/Application Support/sievemegr/sievemgr.conf\n    * on Windows %APPDATA%\\sievemgr\\sievemgr.conf\n\nThe owner of the file must match the effective user and the permissions of the\nfile must be set to disallow access by group or others.\n\nTokens in the configuration file are seperated by spaces, tabs, and newlines\nand there are three types of tokens: identifiers, strings, and numbers.\nIdentifiers consist of the letters a-z and A-Z, numbers of 0-9. Strings are\nenclosed in double quotes, literal double quotes can be escaped with a\nbackslash and a literal backslash is escaped with another backslash.\n\nThe following tokens are recognized:\n\n    account \"name\"\n    \tDefine an account which is referred to by name. The account\n    \tdefinition ends when another account token is encountered or at\n    \tthe end of the file.\n\n    default\n    \tSet this as the default account.\n\n    host \"name\"\n    \tSpecify the host- or domainname of the ManageSieve server.\n\n    port number\n    \tSpecifiy the port number of the ManageSieve server.  If left\n    \tout and the host token refers to a domainname, sievmgr will\n    \tquery DNS for a SRV record for a ManageSieve service associated\n    \twith the domain and fall back to port 4190.\n\n    user \"name\"\n    \tSet the username of the account.\n\n    pass \"password\"\n    \tSet the password of the account.\n\n    insecure\n    \tOptionally specify that verification of the certificate\n    \tpresented by the server when making a TLS connection should be\n    \tskipped.  This renders the connection insecure and should only\n    \tbe used for testing purposes.\n\nAn example configuration with two accounts is provided below:\n\n    account \"work\" host \"mail.example.com\" port 2000 user \"foo\"\n    account \"private\" default host \"example.net\" user \"baz\" pass \"qux\"\n\nThe first account must be explicitly referred to by its name \"work\". sievemgr\nwill directly connect to the host \"mail.example.com\" using the non-standard\nport 2000 since both host and port are given. The user will be prompted for\nthe account password before authentication is performed with the username\n\"foo\".\n\nThe second account is the default account, host and port name of the server\nwill be determined by looking up the corresponding SRV record associated with\nthe domain \"example.net\". Authentication will be performed non-interactively\nwith the username \"baz\" and password \"qux\".\n\nGlobal Options:\n\n    -f config\n    \tSet the name of the configuration file to config.\n\nCommon Options:\n\n    -A authzid\n    \tSpecify the authorization identity to assume if permitted by\n    \tthe given account credentials.\n\n    -a account\n    \tSelect account from the configuration file.\n\nSubcommands:\n\n    sievemgr [-f config] info [-A authzid] [-a account]\n\nDisplays information about the ManageSieve server. This includes conformance\nto RFC 5804, support for TLS connections, supported extensions, available SASL\nauthentication mechanisms, and supported notification methods.\n\n    sievemgr [-f config] list [-A authzid] [-a account]\n\nLists all scripts on the server and indicate which of the is the currently\nactive script.\n\n    sievemgr [-f config] get [-A authzid] [-a account] script\n\nFetch the contents of script from the server.\n\n    sievemgr [-f config] put [-A authzid] [-a account] script [file]\n\nSubmit file under the name script to the server. If file is not specified,\nread the script from standard input. The server will reject a script if it is\ninvalid or a storage quota is exceeded.\n\n    sievemgr [-f config] activate [-A authzid] [-a account] script\n\nSet script as the active script on the server.\n\n    sievemgr [-f config] deactivate [-A authzid] [-a account]\n\nDeactivate the currently active script on the server.\n\n    sievemgr [-f config] delete [-A authzid] [-a account] script\n\nDelete script from the server.\n\n    sievemgr [-f config] check [-A authzid] [-a account] [file]\n\nCheck if file is a valid sieve script. If file is not specified, read the\nscript from standard input.\n\n    sievemgr [-f config] checkspace [-A authzid] [-a account] script [file]\n\nCheck if the script in file can be stored on the server without exceeding the\nstorage quota. If script already exists the server will take overwriting it\ninto account. If file is not specified, read the script from standard input.\n\n    sievemgr [-f config] rename [-A authzid] [-a account] old new\n\nRename the script old to new.\n\n    sievemgr [-f config] edit [-A authzid] [-a account] script\n\nRetrieve a copy of script and start the editor referred to in the $EDITOR\nenvironment variable. If the local copy has not been modified or the editor\nexits with a non-zero exit status the local copy of script will not be\nsubmitted to the server. In case of errors the local copy of the script will\nbe preserved.\n\n    sievemgr [-f config] man\n\nDisplay the user manual.\n"
\ No newline at end of file
--- a/cmd/sievemgr/edit.go	Wed Feb 03 13:49:51 2021 +0100
+++ b/cmd/sievemgr/edit.go	Wed Feb 17 07:50:55 2021 +0100
@@ -38,6 +38,7 @@
 
 func init() {
 	cmdEdit.Flag.StringVar(&acctName, "a", "", "Select the account")
+	cmdEdit.Flag.StringVar(&authzID, "A", "", "Specify the authorization identity")
 }
 
 var cmdEdit = &command{
--- a/cmd/sievemgr/get.go	Wed Feb 03 13:49:51 2021 +0100
+++ b/cmd/sievemgr/get.go	Wed Feb 17 07:50:55 2021 +0100
@@ -27,6 +27,7 @@
 
 func init() {
 	cmdGet.Flag.StringVar(&acctName, "a", "", "Select the account")
+	cmdGet.Flag.StringVar(&authzID, "A", "", "Specify the authorization identity")
 }
 
 var cmdGet = &command{
--- a/cmd/sievemgr/info.go	Wed Feb 03 13:49:51 2021 +0100
+++ b/cmd/sievemgr/info.go	Wed Feb 17 07:50:55 2021 +0100
@@ -31,6 +31,7 @@
 
 func init() {
 	cmdInfo.Flag.StringVar(&acctName, "a", "", "Select the account")
+	cmdInfo.Flag.StringVar(&authzID, "A", "", "Specify the authorization identity")
 }
 
 var cmdInfo = &command{
@@ -77,7 +78,7 @@
 	}
 	saslMechs := c.SASLMechanisms()
 
-	auth := managesieve.PlainAuth("", acct.User, acct.Password, acct.Host)
+	auth := managesieve.PlainAuth(authzID, acct.User, acct.Password, acct.Host)
 	if err := c.Authenticate(auth); err != nil {
 		return fmt.Errorf("failed to authenticate user %s: %s",
 			acct.User, err)
--- a/cmd/sievemgr/list.go	Wed Feb 03 13:49:51 2021 +0100
+++ b/cmd/sievemgr/list.go	Wed Feb 17 07:50:55 2021 +0100
@@ -27,6 +27,7 @@
 
 func init() {
 	cmdList.Flag.StringVar(&acctName, "a", "", "Select the account")
+	cmdList.Flag.StringVar(&authzID, "A", "", "Specify the authorization identity")
 }
 
 var cmdList = &command{
--- a/cmd/sievemgr/main.go	Wed Feb 03 13:49:51 2021 +0100
+++ b/cmd/sievemgr/main.go	Wed Feb 17 07:50:55 2021 +0100
@@ -48,6 +48,7 @@
 var (
 	confFilename   string
 	acctName       string
+	authzID        string
 )
 
 var conf config.Configuration
--- a/cmd/sievemgr/put.go	Wed Feb 03 13:49:51 2021 +0100
+++ b/cmd/sievemgr/put.go	Wed Feb 17 07:50:55 2021 +0100
@@ -31,7 +31,9 @@
 
 func init() {
 	cmdPut.Flag.StringVar(&acctName, "a", "", "Select the account")
+	cmdPut.Flag.StringVar(&authzID, "A", "", "Specify the authorization identity")
 	cmdCheck.Flag.StringVar(&acctName, "a", "", "Select the account")
+	cmdCheck.Flag.StringVar(&authzID, "A", "", "Specify the authorization identity")
 }
 
 var cmdPut = &command{
--- a/cmd/sievemgr/rename.go	Wed Feb 03 13:49:51 2021 +0100
+++ b/cmd/sievemgr/rename.go	Wed Feb 17 07:50:55 2021 +0100
@@ -23,6 +23,7 @@
 
 func init() {
 	cmdRename.Flag.StringVar(&acctName, "a", "", "Select the account")
+	cmdRename.Flag.StringVar(&authzID, "A", "", "Specify the authorization identity")
 }
 
 var cmdRename = &command{