1 // Message base functions
3 // Copyright (c) 1996-2023 by the citadel.org team
5 // This program is open source software. Use, duplication, or disclosure is subject to the GNU General Public License v3.
10 // Given an encoded UID, translate that to an unencoded Citadel EUID and
11 // then search for it in the current room. Return a message number or -1
13 long locate_message_by_uid(struct ctdlsession *c, char *uid) {
16 ctdl_printf(c, "EUID %s", uid);
17 ctdl_readline(c, buf, sizeof buf);
19 return (atol(&buf[4]));
23 // Ugly hack to handle Mozilla Thunderbird, try stripping ".ics" if present
24 if (!strcasecmp(&uid[strlen(uid) - 4], ".ics")) {
25 safestrncpy(buf, uid, sizeof buf);
26 buf[strlen(buf) - 4] = 0;
27 ctdl_printf(c, "EUID %s", buf);
28 ctdl_readline(c, buf, sizeof buf);
30 return (atol(&buf[4]));
39 // DAV delete an object in a room.
40 void dav_delete_message(struct http_transaction *h, struct ctdlsession *c, long msgnum) {
41 ctdl_delete_msgs(c, &msgnum, 1);
46 // DAV move or copy an object in a room.
47 void dav_move_or_copy_message(struct http_transaction *h, struct ctdlsession *c, long msgnum, int move_or_copy) {
48 char target_room[ROOMNAMELEN];
51 // HTTP "Destination" header will tell us the target collection
52 char *target_collection = header_val(h, "Destination");
53 syslog(LOG_DEBUG, "dest coll: \"%s\"", target_collection);
55 // Translate the target WebDAV Collection name to a Citadel Room name.
56 // Note that some clients will supply a fully-qualified URL such as "http://example.com/ctdl/r/roomname/999"
57 // so we're just going to search for "/ctdl/r/" and work from there.
58 char *ctdlr = strstr(target_collection, "/ctdl/r/");
60 do_412(h); // badly formed target collection; fail out.
63 safestrncpy(target_room, ctdlr+8, sizeof target_room);
64 char *slash = strchr(target_room, '/');
66 *slash = 0; // lop off the "filename" we don't need it
68 unescape_input(target_room);
69 syslog(LOG_DEBUG, "dest room: \"%s\"", target_room);
71 // Perform the move or copy operation
72 ctdl_printf(c, "MOVE %ld|%s|%d", msgnum, target_room, move_or_copy); // Citadel Server: 0=move, 1=copy
73 ctdl_readline(c, buf, sizeof buf);
75 do_204(h); // succeed (no content)
78 do_412(h); // fail (precondition failed)
82 // GET method directly on a message in a room
83 void dav_get_message(struct http_transaction *h, struct ctdlsession *c, long msgnum) {
89 ctdl_printf(c, "MSG2 %ld", msgnum);
90 ctdl_readline(c, buf, sizeof buf);
96 char *etag = malloc(20);
98 sprintf(etag, "%ld", msgnum);
99 add_response_header(h, strdup("ETag"), etag); // http_transaction now owns this memory
102 while (ctdl_readline(c, buf, sizeof buf), strcmp(buf, "000")) {
103 if (IsEmptyStr(buf) && (in_body == 0)) {
107 else if (in_body == 0) {
109 char *v = strchr(buf, ':');
113 string_trim(v); // we now have a key (k) and a value (v)
114 if ((!strcasecmp(k, "content-type")) // fields which can be passed from RFC822 to HTTP as-is
115 || (!strcasecmp(k, "date"))
117 add_response_header(h, strdup(k), strdup(v));
119 else if (!strcasecmp(k, "content-transfer-encoding")) {
120 if (!strcasecmp(v, "base64")) {
123 else if (!strcasecmp(v, "quoted-printable")) {
129 else if ((in_body == 1) && (Body != NULL)) {
130 StrBufAppendPrintf(Body, "%s\n", buf);
134 h->response_code = 200;
135 h->response_string = strdup("OK");
138 if (encoding == 'q') {
139 h->response_body = malloc(StrLength(Body));
140 if (h->response_body != NULL) {
141 h->response_body_length =
142 CtdlDecodeQuotedPrintable(h->response_body, (char *) ChrPtr(Body), StrLength(Body));
146 else if (encoding == 'b') {
147 h->response_body = malloc(StrLength(Body));
148 if (h->response_body != NULL) {
149 h->response_body_length = CtdlDecodeBase64(h->response_body, ChrPtr(Body), StrLength(Body));
154 h->response_body_length = StrLength(Body);
155 h->response_body = SmashStrBuf(&Body);
161 // PUT a message into a room
162 void dav_put_message(struct http_transaction *h, struct ctdlsession *c, char *euid, long old_msgnum) {
164 char *content_type = NULL;
165 char *content_transfer_encoding = NULL;
169 char response_string[1024];
170 char mime_boundary[80];
172 if ((h->request_body == NULL) || (h->request_body_length < 1)) {
173 do_404(h); // Refuse to post a null message
177 // Extract metadata from the URL
178 char *wefw = get_url_param(h, "wefw"); // References:
179 if (!wefw) wefw = "";
180 char *subj = get_url_param(h, "subj"); // Subject:
181 if (!subj) subj = "";
182 char *mailto = get_url_param(h, "mailto"); // To:
183 if (!mailto) mailto = "";
184 char *mailcc = get_url_param(h, "mailcc"); // Cc:
185 if (!mailcc) mailcc = "";
186 char *mailbcc = get_url_param(h, "mailbcc"); // Bcc:
187 if (!mailbcc) mailbcc = "";
189 // Mode 4 will give us metadata back after upload
190 ctdl_printf(c, "ENT0 1|%s||4|%s||1|%s|%s|||%s|", mailto, subj, mailcc, mailbcc, wefw);
191 ctdl_readline(c, buf, sizeof buf);
193 h->response_code = 502;
194 h->response_string = strdup("bad gateway");
195 add_response_header(h, strdup("Content-type"), strdup("text/plain"));
196 h->response_body = strdup(buf);
197 h->response_body_length = strlen(h->response_body);
201 // Remember, ctdl_printf() appends \n on its own, so when adding a CRLF newline, only use \r
202 // Or for a blank line, use ctdl_write() with \r\n
204 // If there are attachments, open up a multipart/mixed MIME container.
205 char *att = get_url_param(h, "att");
207 snprintf(mime_boundary, sizeof(mime_boundary), "citadel-multipart-%x-%x", (unsigned int)time(NULL), rand());
208 ctdl_printf(c, "MIME-Version: 1.0\r");
209 ctdl_printf(c, "Content-Type: multipart/mixed; boundary=\"%s\"\r", mime_boundary);
210 ctdl_write(c, HKEY("\r\n"));
211 ctdl_printf(c, "--%s\r", mime_boundary); // start of message body
215 content_type = header_val(h, "Content-type");
216 content_transfer_encoding = header_val(h, "Content-transfer-encoding");
218 // If the content is already encoded, pass it along as-is
219 if (!IsEmptyStr(content_transfer_encoding)) {
220 ctdl_printf(c, "Content-type: %s\r", (content_type ? content_type : "application/octet-stream"));
221 ctdl_write(c, HKEY("\r\n"));
222 ctdl_write(c, h->request_body, h->request_body_length);
225 // But if it's raw, we ought to encode it so it's MIME-friendly.
227 ctdl_printf(c, "Content-type: %s\r", (content_type ? content_type : "application/octet-stream"));
228 ctdl_printf(c, "Content-transfer-encoding: quoted-printable\r");
229 ctdl_write(c, HKEY("\r\n"));
230 h->request_body[h->request_body_length] = 0; // make doubly sure it's null terminated.
232 // Adapted from https://www.w3.org/Tools/Mail-Transcode/mail-transcode.c
233 char *s = h->request_body;
237 for (n = 0; *s; s++) {
238 if (n >= 73 && *s != 10 && *s != 13) {
239 ctdl_write(c, HKEY("=\r\n"));
242 if (*s == 10 || *s == 13) {
246 else if (*s<32 || *s==61 || *s>126) {
247 strconv_len = sprintf(strconv, "=%02X", (unsigned char)*s);
248 ctdl_write(c, strconv, strconv_len);
251 else if (*s != 32 || (*(s+1) != 10 && *(s+1) != 13)) {
256 ctdl_write(c, "=20", 3);
262 if (h->request_body[h->request_body_length] != '\n') {
263 ctdl_write(c, HKEY("\r\n"));
266 // If there are attachments, add them now.
270 struct uploaded_file one_att;
271 int num_attachments = num_tokens(att, ',');
273 for (i=0; i<num_attachments; ++i) {
274 extract_token(attid, att, i, ',', sizeof(attid));
275 one_att = pop_upload(attid);
277 // After calling pop_upload(), the attachment is no longer in the global list.
278 // The file descriptor has zero links, so when we close it, the filesystem will remove it from disk.
279 ctdl_printf(c, "--%s\r", mime_boundary);
280 ctdl_printf(c, "Content-Type: %s; name=\"%s\"\r", one_att.content_type, one_att.filename);
281 ctdl_printf(c, "Content-Disposition: attachment; filename=\"%s\"\r", one_att.filename);
282 ctdl_printf(c, "Content-Transfer-Encoding: base64\r");
283 ctdl_write(c, HKEY("\r\n"));
285 char *raw_att = malloc(one_att.length);
288 if (fread(raw_att, one_att.length, 1, one_att.fp) != 1) {
289 syslog(LOG_ERR, "messages: %m");
293 char *encoded_att = malloc((one_att.length * 150) / 100);
295 size_t encoded_length = CtdlEncodeBase64(encoded_att, raw_att, one_att.length, BASE64_YES_LINEBREAKS);
296 ctdl_write(c, encoded_att, encoded_length);
297 syslog(LOG_DEBUG, "Encoded attachment: len=%ld", encoded_length);
306 // Close the multipart/mixed MIME container.
307 ctdl_printf(c, "--%s--\r", mime_boundary);
310 // Done writing to the Citadel Server.
311 ctdl_printf(c, "000");
313 // Now handle the response from the Citadel Server.
316 strcpy(new_euid, "");
317 strcpy(response_string, "");
319 while (ctdl_readline(c, buf, sizeof buf), strcmp(buf, "000"))
322 new_msgnum = atol(buf);
325 safestrncpy(response_string, buf, sizeof response_string);
326 syslog(LOG_DEBUG, "new_msgnum=%ld (%s)\n", new_msgnum, buf);
329 safestrncpy(new_euid, buf, sizeof new_euid);
335 // Tell the client what happened.
337 // Citadel failed in some way?
338 char *new_location = malloc(1024);
339 if ((new_msgnum < 0L) || (new_location == NULL)) {
340 h->response_code = 502;
341 h->response_string = strdup("bad gateway");
342 add_response_header(h, strdup("Content-type"), strdup("text/plain"));
343 h->response_body = strdup(response_string);
344 h->response_body_length = strlen(h->response_body);
348 char *etag = malloc(20);
350 sprintf(etag, "%ld", new_msgnum);
351 add_response_header(h, strdup("ETag"), etag); // http_transaction now owns this memory
356 urlesc(esc_room, sizeof esc_room, c->room);
357 urlesc(esc_euid, sizeof esc_euid, new_euid);
358 snprintf(new_location, 1024, "/ctdl/r/%s/%s", esc_room, esc_euid);
359 add_response_header(h, strdup("Location"), new_location); // http_transaction now owns this memory
361 if (old_msgnum <= 0) {
362 h->response_code = 201; // We created this item for the first time.
363 h->response_string = strdup("created");
366 h->response_code = 204; // We modified an existing item.
367 h->response_string = strdup("no content");
369 // The item we replaced has probably already been deleted by
370 // the Citadel server, but we'll do this anyway, just in case.
371 ctdl_delete_msgs(c, &old_msgnum, 1);
377 // Download a single component of a MIME-encoded message
378 void download_mime_component(struct http_transaction *h, struct ctdlsession *c, long msgnum, char *partnum) {
380 char content_type[1024];
382 ctdl_printf(c, "DLAT %ld|%s", msgnum, partnum);
383 ctdl_readline(c, buf, sizeof buf);
385 do_404(h); // too bad, so sad, go away
387 // Server response is going to be: 6XX length|-1|filename|content-type|charset
388 h->response_body_length = extract_int(&buf[4], 0);
389 extract_token(content_type, buf, 3, '|', sizeof content_type);
391 h->response_body = malloc(h->response_body_length + 1);
395 thisblock = read(c->sock, &h->response_body[bytes], (h->response_body_length - bytes));
397 syslog(LOG_DEBUG, "Bytes read: %d of %d", (int) bytes, (int) h->response_body_length);
398 } while ((bytes < h->response_body_length) && (thisblock >= 0));
399 h->response_body[h->response_body_length] = 0; // null terminate it just for good measure
400 syslog(LOG_DEBUG, "content type: %s", content_type);
402 add_response_header(h, strdup("Content-type"), strdup(content_type));
403 h->response_code = 200;
404 h->response_string = strdup("OK");