4 * This module handles self-service subscription/unsubscription to mail lists.
6 * Copyright (C) 2002 by Art Cancro and others.
7 * This code is released under the terms of the GNU General Public License.
20 #include <sys/types.h>
22 #if TIME_WITH_SYS_TIME
23 # include <sys/time.h>
27 # include <sys/time.h>
38 #include "sysdep_decls.h"
39 #include "citserver.h"
42 #include "dynloader.h"
49 #include "internet_addressing.h"
50 #include "serv_network.h"
51 #include "clientsocket.h"
60 * Generate a randomizationalisticized token to use for authentication of
61 * a subscribe or unsubscribe request.
63 void listsub_generate_token(char *buf) {
67 /* Theo, please sit down and shut up. This key doesn't have to be
68 * tinfoil-hat secure, it just needs to be reasonably unguessable
71 sprintf(sourcebuf, "%lx",
72 (long) (++seq + getpid() + time(NULL))
75 /* Convert it to base64 so it looks cool */
76 encode_base64(buf, sourcebuf);
81 * Enter a subscription request
83 void do_subscribe(char *room, char *email, char *subtype, char *webpage) {
84 struct quickroom qrbuf;
88 char confirmation_request[SIZ];
95 if (getroom(&qrbuf, room) != 0) {
96 cprintf("%d There is no list called '%s'\n", ERROR, room);
100 if ((qrbuf.QRflags2 & QR2_SELFLIST) == 0) {
102 "does not accept subscribe/unsubscribe requests.\n",
103 ERROR+HIGHER_ACCESS_REQUIRED, qrbuf.QRname);
107 listsub_generate_token(token);
110 * Make sure the requested address isn't already subscribed
112 begin_critical_section(S_NETCONFIGS);
113 ncfp = fopen(filename, "r");
115 while (fgets(buf, sizeof buf, ncfp) != NULL) {
116 buf[strlen(buf)-1] = 0;
117 extract(scancmd, buf, 0);
118 extract(scanemail, buf, 1);
119 if ((!strcasecmp(scancmd, "listrecp"))
120 || (!strcasecmp(scancmd, "digestrecp"))) {
121 if (!strcasecmp(scanemail, email)) {
128 end_critical_section(S_NETCONFIGS);
130 if (found_sub != 0) {
131 cprintf("%d '%s' is already subscribed to '%s'.\n",
133 email, qrbuf.QRname);
138 * Now add it to the file
140 begin_critical_section(S_NETCONFIGS);
141 assoc_file_name(filename, sizeof filename, &qrbuf, "netconfigs");
142 ncfp = fopen(filename, "a");
144 fprintf(ncfp, "subpending|%s|%s|%s|%ld|%s\n",
153 end_critical_section(S_NETCONFIGS);
155 /* Generate and send the confirmation request */
157 urlesc(urlroom, qrbuf.QRname);
159 snprintf(confirmation_request, sizeof confirmation_request,
160 "Content-type: text/html\n\n"
162 "Someone (probably you) has submitted a request to subscribe\n"
163 "<%s> to the <B>%s</B> mailing list.<BR><BR>\n"
164 "<A HREF=\"http://%s?room=%s&token=%s&cmd=confirm\">"
165 "Please click here to confirm this request.</A><BR><BR>\n"
166 "If this request has been submitted in error and you do not\n"
167 "wish to receive the '%s' mailing list, simply do nothing,\n"
168 "and you will not receive any further mailings.\n"
171 email, qrbuf.QRname, webpage, urlroom, token, qrbuf.QRname
174 quickie_message( /* This delivers the message */
178 confirmation_request,
182 cprintf("%d Subscription entered; confirmation request sent\n", CIT_OK);
187 * Enter an unsubscription request
189 void do_unsubscribe(char *room, char *email, char *webpage) {
190 struct quickroom qrbuf;
195 char confirmation_request[SIZ];
201 if (getroom(&qrbuf, room) != 0) {
202 cprintf("%d There is no list called '%s'\n",
203 ERROR+ROOM_NOT_FOUND, room);
207 if ((qrbuf.QRflags2 & QR2_SELFLIST) == 0) {
209 "does not accept subscribe/unsubscribe requests.\n",
210 ERROR+HIGHER_ACCESS_REQUIRED, qrbuf.QRname);
214 listsub_generate_token(token);
216 assoc_file_name(filename, sizeof filename, &qrbuf, "netconfigs");
219 * Make sure there's actually a subscription there to remove
221 begin_critical_section(S_NETCONFIGS);
222 ncfp = fopen(filename, "r");
224 while (fgets(buf, sizeof buf, ncfp) != NULL) {
225 buf[strlen(buf)-1] = 0;
226 extract(scancmd, buf, 0);
227 extract(scanemail, buf, 1);
228 if ((!strcasecmp(scancmd, "listrecp"))
229 || (!strcasecmp(scancmd, "digestrecp"))) {
230 if (!strcasecmp(scanemail, email)) {
237 end_critical_section(S_NETCONFIGS);
239 if (found_sub == 0) {
240 cprintf("%d '%s' is not subscribed to '%s'.\n",
242 email, qrbuf.QRname);
247 * Ok, now enter the unsubscribe-pending entry.
249 begin_critical_section(S_NETCONFIGS);
250 ncfp = fopen(filename, "a");
252 fprintf(ncfp, "unsubpending|%s|%s|%ld|%s\n",
260 end_critical_section(S_NETCONFIGS);
262 /* Generate and send the confirmation request */
264 urlesc(urlroom, qrbuf.QRname);
266 snprintf(confirmation_request, sizeof confirmation_request,
267 "Content-type: text/html\n\n"
269 "Someone (probably you) has submitted a request "
271 "<%s> from the <B>%s</B> mailing list.<BR><BR>\n"
272 "<A HREF=\"http://%s?room=%s&token=%s&cmd=confirm\">"
273 "Please click here to confirm this request.</A><BR><BR>\n"
274 "If this request has been submitted in error and you do\n"
275 "<i>not</i> wish to unsubscribe from the "
276 "'%s' mailing list, simply do nothing,\n"
277 "and you will remain subscribed to the list.\n"
280 email, qrbuf.QRname, webpage, urlroom, token, qrbuf.QRname
283 quickie_message( /* This delivers the message */
287 confirmation_request,
291 cprintf("%d Unubscription noted; confirmation request sent\n", CIT_OK);
296 * Confirm a subscribe/unsubscribe request.
298 void do_confirm(char *room, char *token) {
299 struct quickroom qrbuf;
302 char line_token[SIZ];
311 if (getroom(&qrbuf, room) != 0) {
312 cprintf("%d There is no list called '%s'\n",
313 ERROR+ROOM_NOT_FOUND, room);
317 if ((qrbuf.QRflags2 & QR2_SELFLIST) == 0) {
319 "does not accept subscribe/unsubscribe requests.\n",
320 ERROR+HIGHER_ACCESS_REQUIRED, qrbuf.QRname);
324 begin_critical_section(S_NETCONFIGS);
325 assoc_file_name(filename, sizeof filename, &qrbuf, "netconfigs");
326 ncfp = fopen(filename, "r+");
328 while (line_offset = ftell(ncfp),
329 (fgets(buf, sizeof buf, ncfp) != NULL) ) {
330 buf[strlen(buf)-1] = 0;
331 line_length = strlen(buf);
332 extract(cmd, buf, 0);
333 if (!strcasecmp(cmd, "subpending")) {
334 extract(email, buf, 1);
335 extract(subtype, buf, 2);
336 extract(line_token, buf, 3);
337 if (!strcasecmp(token, line_token)) {
338 if (!strcasecmp(subtype, "digest")) {
339 strcpy(buf, "digestrecp|");
342 strcpy(buf, "listrecp|");
346 /* SLEAZY HACK: pad the line out so
347 * it's the same length as the line
350 while (strlen(buf) < line_length) {
353 fseek(ncfp, line_offset, SEEK_SET);
354 fprintf(ncfp, "%s\n", buf);
361 end_critical_section(S_NETCONFIGS);
364 cprintf("%d %d operation(s) confirmed.\n", CIT_OK, success);
367 cprintf("%d Invalid token.\n", ERROR);
375 * process subscribe/unsubscribe requests and confirmations
377 void cmd_subs(char *cmdbuf) {
386 extract(opr, cmdbuf, 0);
387 if (!strcasecmp(opr, "subscribe")) {
388 extract(subtype, cmdbuf, 3);
389 if ( (strcasecmp(subtype, "list"))
390 && (strcasecmp(subtype, "digest")) ) {
391 cprintf("%d Invalid subscription type.\n", ERROR);
394 extract(room, cmdbuf, 1);
395 extract(email, cmdbuf, 2);
396 extract(webpage, cmdbuf, 4);
397 do_subscribe(room, email, subtype, webpage);
400 else if (!strcasecmp(opr, "unsubscribe")) {
401 extract(room, cmdbuf, 1);
402 extract(email, cmdbuf, 2);
403 extract(webpage, cmdbuf, 4);
404 do_unsubscribe(room, email, webpage);
406 else if (!strcasecmp(opr, "confirm")) {
407 extract(room, cmdbuf, 1);
408 extract(token, cmdbuf, 2);
409 do_confirm(room, token);
412 cprintf("%d Invalid command\n", ERROR);
420 char *Dynamic_Module_Init(void)
422 CtdlRegisterProtoHook(cmd_subs, "SUBS", "List subscribe/unsubscribe");