4 * POP3 service for the Citadel/UX system
5 * Copyright (C) 1998-2001 by Art Cancro and others.
6 * This code is released under the terms of the GNU General Public License.
8 * Current status of standards conformance:
10 * -> All required POP3 commands described in RFC1939 are implemented.
12 * -> All optional POP3 commands described in RFC1939 are also implemented.
14 * -> The deprecated "LAST" command is included in this implementation, because
15 * there exist mail clients which insist on using it (such as Bynari
16 * TradeMail, and certain versions of Eudora).
28 #include <sys/types.h>
30 #if TIME_WITH_SYS_TIME
31 # include <sys/time.h>
35 # include <sys/time.h>
47 #include "sysdep_decls.h"
48 #include "citserver.h"
51 #include "serv_extensions.h"
58 #include "internet_addressing.h"
59 #include "serv_pop3.h"
63 #include "serv_crypto.h"
69 * This cleanup function blows away the temporary memory and files used by
72 void pop3_cleanup_function(void) {
75 /* Don't do this stuff if this is not a POP3 session! */
76 if (CC->h_command_function != pop3_command_loop) return;
78 lprintf(CTDL_DEBUG, "Performing POP3 cleanup hook\n");
80 if (POP3->num_msgs > 0) for (i=0; i<POP3->num_msgs; ++i) {
81 if (POP3->msgs[i].temp != NULL) {
82 fclose(POP3->msgs[i].temp);
83 POP3->msgs[i].temp = NULL;
86 if (POP3->msgs != NULL) phree(POP3->msgs);
88 lprintf(CTDL_DEBUG, "Finished POP3 cleanup hook\n");
94 * Here's where our POP3 session begins its happy day.
96 void pop3_greeting(void) {
97 strcpy(CC->cs_clientname, "POP3 session");
99 CtdlAllocUserData(SYM_POP3, sizeof(struct citpop3));
103 cprintf("+OK Citadel/UX POP3 server %s\r\n",
109 * Specify user name (implements POP3 "USER" command)
111 void pop3_user(char *argbuf) {
115 cprintf("-ERR You are already logged in.\r\n");
119 strcpy(username, argbuf);
122 lprintf(CTDL_DEBUG, "Trying <%s>\n", username);
123 if (CtdlLoginExistingUser(username) == login_ok) {
124 cprintf("+OK Password required for %s\r\n", username);
127 cprintf("-ERR No such user.\r\n");
134 * Back end for pop3_grab_mailbox()
136 void pop3_add_message(long msgnum, void *userdata) {
138 lprintf(CTDL_DEBUG, "in pop3_add_message()\n");
141 if (POP3->num_msgs < 2) POP3->msgs = mallok(sizeof(struct pop3msg));
142 else POP3->msgs = reallok(POP3->msgs,
143 (POP3->num_msgs * sizeof(struct pop3msg)) ) ;
144 POP3->msgs[POP3->num_msgs-1].msgnum = msgnum;
145 POP3->msgs[POP3->num_msgs-1].deleted = 0;
147 POP3->msgs[POP3->num_msgs-1].temp = fp;
149 CtdlRedirectOutput(fp, -1);
150 CtdlOutputMsg(msgnum, MT_RFC822, HEADERS_ALL, 0, 1);
151 CtdlRedirectOutput(NULL, -1);
153 POP3->msgs[POP3->num_msgs-1].rfc822_length = ftell(fp);
159 * Open the inbox and read its contents.
160 * (This should be called only once, by pop3_pass(), and returns the number
161 * of messages in the inbox, or -1 for error)
163 int pop3_grab_mailbox(void) {
167 if (getroom(&CC->room, MAILROOM) != 0) return(-1);
169 /* Load up the messages */
170 CtdlForEachMessage(MSGS_ALL, 0L, NULL, NULL,
171 pop3_add_message, NULL);
173 /* Figure out which are old and which are new */
174 CtdlGetRelationship(&vbuf, &CC->user, &CC->room);
175 POP3->lastseen = (-1);
176 if (POP3->num_msgs) for (i=0; i<POP3->num_msgs; ++i) {
177 if (is_msg_in_mset(vbuf.v_seen,
178 (POP3->msgs[POP3->num_msgs-1].msgnum) )) {
183 return(POP3->num_msgs);
186 void pop3_login(void)
190 msgs = pop3_grab_mailbox();
192 cprintf("+OK %s is logged in (%d messages)\r\n",
193 CC->user.fullname, msgs);
194 lprintf(CTDL_NOTICE, "POP3 authenticated %s\n", CC->user.fullname);
197 cprintf("-ERR Can't open your mailbox\r\n");
202 void pop3_apop(char *argbuf)
205 char userdigest[MD5_HEXSTRING_SIZE];
206 char realdigest[MD5_HEXSTRING_SIZE];
211 cprintf("-ERR You are already logged in; not in the AUTHORIZATION phase.\r\n");
215 if ((sptr = strchr(argbuf, ' ')) == NULL)
217 cprintf("-ERR Invalid APOP line.\r\n");
223 while ((*sptr) && isspace(*sptr))
226 strncpy(username, argbuf, sizeof(username)-1);
227 username[sizeof(username)-1] = '\0';
229 memset(userdigest, MD5_HEXSTRING_SIZE, 0);
230 strncpy(userdigest, sptr, MD5_HEXSTRING_SIZE-1);
232 if (CtdlLoginExistingUser(username) != login_ok)
234 cprintf("-ERR No such user.\r\n");
238 if (getuser(&CC->user, CC->curr_user))
240 cprintf("-ERR No such user.\r\n");
244 make_apop_string(CC->user.password, CC->cs_nonce, realdigest, sizeof realdigest);
245 if (!strncasecmp(realdigest, userdigest, MD5_HEXSTRING_SIZE-1))
252 cprintf("-ERR That is NOT the password.\r\n");
258 * Authorize with password (implements POP3 "PASS" command)
260 void pop3_pass(char *argbuf) {
263 strcpy(password, argbuf);
266 lprintf(CTDL_DEBUG, "Trying <%s>\n", password);
267 if (CtdlTryPassword(password) == pass_ok) {
271 cprintf("-ERR That is NOT the password.\r\n");
278 * list available msgs
280 void pop3_list(char *argbuf) {
284 which_one = atoi(argbuf);
286 /* "list one" mode */
288 if (which_one > POP3->num_msgs) {
289 cprintf("-ERR no such message, only %d are here\r\n",
293 else if (POP3->msgs[which_one-1].deleted) {
294 cprintf("-ERR Sorry, you deleted that message.\r\n");
298 cprintf("+OK %d %ld\r\n",
300 (long)POP3->msgs[which_one-1].rfc822_length
306 /* "list all" (scan listing) mode */
308 cprintf("+OK Here's your mail:\r\n");
309 if (POP3->num_msgs > 0) for (i=0; i<POP3->num_msgs; ++i) {
310 if (! POP3->msgs[i].deleted) {
311 cprintf("%d %ld\r\n",
313 (long)POP3->msgs[i].rfc822_length);
322 * STAT (tally up the total message count and byte count) command
324 void pop3_stat(char *argbuf) {
326 size_t total_octets = 0;
329 if (POP3->num_msgs > 0) for (i=0; i<POP3->num_msgs; ++i) {
330 if (! POP3->msgs[i].deleted) {
332 total_octets += POP3->msgs[i].rfc822_length;
336 cprintf("+OK %d %ld\r\n", total_msgs, (long)total_octets);
342 * RETR command (fetch a message)
344 void pop3_retr(char *argbuf) {
347 size_t bytes_remaining;
349 which_one = atoi(argbuf);
350 if ( (which_one < 1) || (which_one > POP3->num_msgs) ) {
351 cprintf("-ERR No such message.\r\n");
355 if (POP3->msgs[which_one - 1].deleted) {
356 cprintf("-ERR Sorry, you deleted that message.\r\n");
360 cprintf("+OK Message %d:\r\n", which_one);
361 bytes_remaining = POP3->msgs[which_one -1].rfc822_length;
362 rewind(POP3->msgs[which_one - 1].temp);
363 while (bytes_remaining-- > 0) {
364 ch = getc(POP3->msgs[which_one - 1].temp);
368 lprintf(CTDL_WARNING, "Problem: message ends with 0x%2x, not 0x0a\n", ch);
375 * TOP command (dumb way of fetching a partial message or headers-only)
377 void pop3_top(char *argbuf) {
379 int lines_requested = 0;
380 int lines_dumped = 0;
386 sscanf(argbuf, "%d %d", &which_one, &lines_requested);
387 if ( (which_one < 1) || (which_one > POP3->num_msgs) ) {
388 cprintf("-ERR No such message.\r\n");
392 if (POP3->msgs[which_one - 1].deleted) {
393 cprintf("-ERR Sorry, you deleted that message.\r\n");
397 cprintf("+OK Message %d:\r\n", which_one);
398 rewind(POP3->msgs[which_one - 1].temp);
399 while (ptr = fgets(buf, sizeof buf, POP3->msgs[which_one - 1].temp),
400 ( (ptr!=NULL) && (done == 0))) {
402 if (lines_dumped >= lines_requested) done = 1;
403 if ((in_body == 0) || (done == 0))
404 client_write(buf, strlen(buf));
405 if (in_body) ++lines_dumped;
406 if ((buf[0]==13)||(buf[0]==10)) in_body = 1;
408 if (buf[strlen(buf)-1] != 10) cprintf("\n");
414 * DELE (delete message from mailbox)
416 void pop3_dele(char *argbuf) {
419 which_one = atoi(argbuf);
420 if ( (which_one < 1) || (which_one > POP3->num_msgs) ) {
421 cprintf("-ERR No such message.\r\n");
425 if (POP3->msgs[which_one - 1].deleted) {
426 cprintf("-ERR You already deleted that message.\r\n");
430 /* Flag the message as deleted. Will expunge during QUIT command. */
431 POP3->msgs[which_one - 1].deleted = 1;
432 cprintf("+OK Message %d deleted.\r\n",
437 /* Perform "UPDATE state" stuff
439 void pop3_update(void) {
443 /* Remove messages marked for deletion */
444 if (POP3->num_msgs > 0) for (i=0; i<POP3->num_msgs; ++i) {
445 if (POP3->msgs[i].deleted) {
446 CtdlDeleteMessages(MAILROOM,
447 POP3->msgs[i].msgnum, "");
451 /* Set last read pointer */
452 if (POP3->num_msgs > 0) {
453 lgetuser(&CC->user, CC->curr_user);
455 CtdlGetRelationship(&vbuf, &CC->user, &CC->room);
456 snprintf(vbuf.v_seen, sizeof vbuf.v_seen, "*:%ld",
457 POP3->msgs[POP3->num_msgs-1].msgnum);
458 CtdlSetRelationship(&vbuf, &CC->user, &CC->room);
467 * RSET (reset, i.e. undelete any deleted messages) command
469 void pop3_rset(char *argbuf) {
472 if (POP3->num_msgs > 0) for (i=0; i<POP3->num_msgs; ++i) {
473 if (POP3->msgs[i].deleted) {
474 POP3->msgs[i].deleted = 0;
477 cprintf("+OK Reset completed.\r\n");
483 * LAST (Determine which message is the last unread message)
485 void pop3_last(char *argbuf) {
486 cprintf("+OK %d\r\n", POP3->lastseen + 1);
492 * UIDL (Universal IDentifier Listing) is easy. Our 'unique' message
493 * identifiers are simply the Citadel message numbers in the database.
495 void pop3_uidl(char *argbuf) {
499 which_one = atoi(argbuf);
501 /* "list one" mode */
503 if (which_one > POP3->num_msgs) {
504 cprintf("-ERR no such message, only %d are here\r\n",
508 else if (POP3->msgs[which_one-1].deleted) {
509 cprintf("-ERR Sorry, you deleted that message.\r\n");
513 cprintf("+OK %d %ld\r\n",
515 POP3->msgs[which_one-1].msgnum
521 /* "list all" (scan listing) mode */
523 cprintf("+OK Here's your mail:\r\n");
524 if (POP3->num_msgs > 0) for (i=0; i<POP3->num_msgs; ++i) {
525 if (! POP3->msgs[i].deleted) {
526 cprintf("%d %ld\r\n",
528 POP3->msgs[i].msgnum);
537 * implements the STLS command (Citadel API version)
542 char ok_response[SIZ];
543 char nosup_response[SIZ];
544 char error_response[SIZ];
547 "+OK Begin TLS negotiation now\r\n");
548 sprintf(nosup_response,
549 "-ERR TLS not supported here\r\n");
550 sprintf(error_response,
551 "-ERR Internal error\r\n");
552 CtdlStartTLS(ok_response, nosup_response, error_response);
563 * Main command loop for POP3 sessions.
565 void pop3_command_loop(void) {
569 memset(cmdbuf, 0, sizeof cmdbuf); /* Clear it, just in case */
570 if (client_gets(cmdbuf) < 1) {
571 lprintf(CTDL_ERR, "POP3 socket is broken. Ending session.\r\n");
575 lprintf(CTDL_INFO, "POP3: %s\r\n", cmdbuf);
576 while (strlen(cmdbuf) < 5) strcat(cmdbuf, " ");
578 if (!strncasecmp(cmdbuf, "NOOP", 4)) {
579 cprintf("+OK No operation.\r\n");
582 else if (!strncasecmp(cmdbuf, "QUIT", 4)) {
583 cprintf("+OK Goodbye...\r\n");
589 else if (!strncasecmp(cmdbuf, "USER", 4)) {
590 pop3_user(&cmdbuf[5]);
593 else if (!strncasecmp(cmdbuf, "PASS", 4)) {
594 pop3_pass(&cmdbuf[5]);
597 else if (!strncasecmp(cmdbuf, "APOP", 4))
599 pop3_apop(&cmdbuf[5]);
603 else if (!strncasecmp(cmdbuf, "STLS", 4)) {
608 else if (!CC->logged_in) {
609 cprintf("-ERR Not logged in.\r\n");
612 else if (!strncasecmp(cmdbuf, "LIST", 4)) {
613 pop3_list(&cmdbuf[5]);
616 else if (!strncasecmp(cmdbuf, "STAT", 4)) {
617 pop3_stat(&cmdbuf[5]);
620 else if (!strncasecmp(cmdbuf, "RETR", 4)) {
621 pop3_retr(&cmdbuf[5]);
624 else if (!strncasecmp(cmdbuf, "DELE", 4)) {
625 pop3_dele(&cmdbuf[5]);
628 else if (!strncasecmp(cmdbuf, "RSET", 4)) {
629 pop3_rset(&cmdbuf[5]);
632 else if (!strncasecmp(cmdbuf, "UIDL", 4)) {
633 pop3_uidl(&cmdbuf[5]);
636 else if (!strncasecmp(cmdbuf, "TOP", 3)) {
637 pop3_top(&cmdbuf[4]);
640 else if (!strncasecmp(cmdbuf, "LAST", 4)) {
641 pop3_last(&cmdbuf[4]);
645 cprintf("-ERR I'm afraid I can't do that.\r\n");
652 char *serv_pop3_init(void)
654 CtdlRegisterServiceHook(config.c_pop3_port,
658 CtdlRegisterSessionHook(pop3_cleanup_function, EVT_STOP);