-/* $Id$
+/*
+ * $Id$
*
* POP3 server for the Citadel/UX system
* Copyright (C) 1998-2000 by Art Cancro and others.
* method of authentication which would require some major changes to the
* Citadel server core.
*
+ * This is no longer true- APOP is implemented.
+ *
* -> The deprecated "LAST" command is included in this implementation, because
* there exist mail clients which insist on using it (such as Bynari
* TradeMail, and certain versions of Eudora).
#include <pwd.h>
#include <errno.h>
#include <sys/types.h>
-#include <sys/time.h>
+
+#if TIME_WITH_SYS_TIME
+# include <sys/time.h>
+# include <time.h>
+#else
+# if HAVE_SYS_TIME_H
+# include <sys/time.h>
+# else
+# include <time.h>
+# endif
+#endif
+
#include <sys/wait.h>
#include <string.h>
#include <limits.h>
+#include <ctype.h>
#include "citadel.h"
#include "server.h"
-#include <time.h>
#include "sysdep_decls.h"
#include "citserver.h"
#include "support.h"
#include "tools.h"
#include "internet_addressing.h"
#include "serv_pop3.h"
-
+#include "md5.h"
long SYM_POP3;
* Here's where our POP3 session begins its happy day.
*/
void pop3_greeting(void) {
-
strcpy(CC->cs_clientname, "POP3 session");
CC->internal_pgm = 1;
CtdlAllocUserData(SYM_POP3, sizeof(struct citpop3));
POP3->msgs = NULL;
POP3->num_msgs = 0;
- cprintf("+OK Welcome to the Citadel/UX POP3 server at %s\r\n",
- config.c_fqdn);
+ cprintf("+OK Citadel/UX POP3 server %s\r\n",
+ CC->cs_nonce, config.c_fqdn);
}
* Specify user name (implements POP3 "USER" command)
*/
void pop3_user(char *argbuf) {
- char username[256];
+ char username[SIZ];
if (CC->logged_in) {
cprintf("-ERR You are already logged in.\r\n");
/*
* Back end for pop3_grab_mailbox()
*/
-void pop3_add_message(long msgnum) {
+void pop3_add_message(long msgnum, void *userdata) {
FILE *fp;
lprintf(9, "in pop3_add_message()\n");
if (getroom(&CC->quickroom, MAILROOM) != 0) return(-1);
/* Load up the messages */
- CtdlForEachMessage(MSGS_ALL, 0L, NULL, NULL, pop3_add_message);
+ CtdlForEachMessage(MSGS_ALL, 0L, (-63), NULL, NULL,
+ pop3_add_message, NULL);
/* Figure out which are old and which are new */
CtdlGetRelationship(&vbuf, &CC->usersupp, &CC->quickroom);
POP3->lastseen = (-1);
if (POP3->num_msgs) for (i=0; i<POP3->num_msgs; ++i) {
- if ((POP3->msgs[POP3->num_msgs-1].msgnum) <= vbuf.v_lastseen) {
+ if (is_msg_in_mset(vbuf.v_seen,
+ (POP3->msgs[POP3->num_msgs-1].msgnum) )) {
POP3->lastseen = i;
}
}
return(POP3->num_msgs);
}
+void pop3_login(void)
+{
+ int msgs;
+
+ msgs = pop3_grab_mailbox();
+ if (msgs >= 0) {
+ cprintf("+OK %s is logged in (%d messages)\r\n",
+ CC->usersupp.fullname, msgs);
+ lprintf(9, "POP3 password login successful\n");
+ }
+ else {
+ cprintf("-ERR Can't open your mailbox\r\n");
+ }
+
+}
+
+void pop3_apop(char *argbuf)
+{
+ char username[SIZ];
+ char userdigest[MD5_HEXSTRING_SIZE];
+ char realdigest[MD5_HEXSTRING_SIZE];
+ char *sptr;
+
+ if (CC->logged_in)
+ {
+ cprintf("-ERR You are already logged in; not in the AUTHORIZATION phase.\r\n");
+ return;
+ }
+
+ if ((sptr = strchr(argbuf, ' ')) == NULL)
+ {
+ cprintf("-ERR Invalid APOP line.\r\n");
+ return;
+ }
+
+ *sptr++ = '\0';
+
+ while ((*sptr) && isspace(*sptr))
+ sptr++;
+
+ strncpy(username, argbuf, sizeof(username)-1);
+ username[sizeof(username)-1] = '\0';
+
+ memset(userdigest, MD5_HEXSTRING_SIZE, 0);
+ strncpy(userdigest, sptr, MD5_HEXSTRING_SIZE-1);
+
+ if (CtdlLoginExistingUser(username) != login_ok)
+ {
+ cprintf("-ERR No such user.\r\n");
+ return;
+ }
+
+ if (getuser(&CC->usersupp, CC->curr_user))
+ {
+ cprintf("-ERR No such user.\r\n");
+ return;
+ }
+
+ make_apop_string(CC->usersupp.password, CC->cs_nonce, realdigest);
+ if (!strncasecmp(realdigest, userdigest, MD5_HEXSTRING_SIZE-1))
+ {
+ do_login();
+ pop3_login();
+ }
+ else
+ {
+ cprintf("-ERR That is NOT the password.\r\n");
+ }
+}
+
+
/*
* Authorize with password (implements POP3 "PASS" command)
*/
void pop3_pass(char *argbuf) {
- char password[256];
- int msgs;
+ char password[SIZ];
strcpy(password, argbuf);
striplt(password);
lprintf(9, "Trying <%s>\n", password);
if (CtdlTryPassword(password) == pass_ok) {
- msgs = pop3_grab_mailbox();
- if (msgs >= 0) {
- cprintf("+OK %s is logged in (%d messages)\r\n",
- CC->usersupp.fullname, msgs);
- lprintf(9, "POP3 password login successful\n");
- }
- else {
- cprintf("-ERR Can't open your mailbox\r\n");
- }
+ pop3_login();
}
else {
- cprintf("-ERR That is NOT the password! Go away!\r\n");
+ cprintf("-ERR That is NOT the password.\r\n");
}
}
return;
}
else {
- cprintf("+OK %d %d\n",
+ cprintf("+OK %d %d\r\n",
which_one,
POP3->msgs[which_one-1].rfc822_length
);
}
}
- cprintf("+OK %d %d\n", total_msgs, total_octets);
+ cprintf("+OK %d %d\r\n", total_msgs, total_octets);
}
return;
}
- cprintf("+OK Whoop, there it is:\r\n");
+ cprintf("+OK Message %d:\r\n", which_one);
bytes_remaining = POP3->msgs[which_one -1].rfc822_length;
rewind(POP3->msgs[which_one - 1].temp);
while (bytes_remaining-- > 0) {
return;
}
- cprintf("+OK Whoop, there it is:\r\n");
+ cprintf("+OK Message %d:\r\n", which_one);
rewind(POP3->msgs[which_one - 1].temp);
while (ptr = fgets(buf, sizeof buf, POP3->msgs[which_one - 1].temp),
( (ptr!=NULL) && (done == 0))) {
/* Flag the message as deleted. Will expunge during QUIT command. */
POP3->msgs[which_one - 1].deleted = 1;
- cprintf("+OK Message %d disappears in a cloud of orange smoke.\r\n",
+ cprintf("+OK Message %d deleted.\r\n",
which_one);
}
if (POP3->num_msgs > 0) for (i=0; i<POP3->num_msgs; ++i) {
if (POP3->msgs[i].deleted) {
CtdlDeleteMessages(MAILROOM,
- POP3->msgs[i].msgnum, NULL);
+ POP3->msgs[i].msgnum, "");
}
}
lgetuser(&CC->usersupp, CC->curr_user);
CtdlGetRelationship(&vbuf, &CC->usersupp, &CC->quickroom);
- vbuf.v_lastseen = POP3->msgs[POP3->num_msgs-1].msgnum;
+ sprintf(vbuf.v_seen, "*:%ld",
+ POP3->msgs[POP3->num_msgs-1].msgnum);
CtdlSetRelationship(&vbuf, &CC->usersupp, &CC->quickroom);
lputuser(&CC->usersupp);
POP3->msgs[i].deleted = 0;
}
}
- cprintf("+OK all that has come to pass, has now gone away.\r\n");
+ cprintf("+OK Reset completed.\r\n");
}
return;
}
else {
- cprintf("+OK %d %ld\n",
+ cprintf("+OK %d %ld\r\n",
which_one,
POP3->msgs[which_one-1].msgnum
);
* Main command loop for POP3 sessions.
*/
void pop3_command_loop(void) {
- char cmdbuf[256];
+ char cmdbuf[SIZ];
time(&CC->lastcmd);
memset(cmdbuf, 0, sizeof cmdbuf); /* Clear it, just in case */
while (strlen(cmdbuf) < 5) strcat(cmdbuf, " ");
if (!strncasecmp(cmdbuf, "NOOP", 4)) {
- cprintf("+OK This command successfully did nothing.\r\n");
+ cprintf("+OK No operation.\r\n");
}
else if (!strncasecmp(cmdbuf, "QUIT", 4)) {
pop3_pass(&cmdbuf[5]);
}
+ else if (!strncasecmp(cmdbuf, "APOP", 4))
+ {
+ pop3_apop(&cmdbuf[5]);
+ }
+
else if (!CC->logged_in) {
cprintf("-ERR Not logged in.\r\n");
}
}
else {
- cprintf("500 I'm afraid I can't do that, Dave.\r\n");
+ cprintf("-ERR I'm afraid I can't do that.\r\n");
}
}
char *Dynamic_Module_Init(void)
{
SYM_POP3 = CtdlGetDynamicSymbol();
- CtdlRegisterServiceHook(POP3_PORT,
+ CtdlRegisterServiceHook(config.c_pop3_port,
+ NULL,
pop3_greeting,
pop3_command_loop);
CtdlRegisterSessionHook(pop3_cleanup_function, EVT_STOP);