4 * POP3 service for the Citadel system
5 * Copyright (C) 1998-2001 by Art Cancro and others.
6 * This code is released under the terms of the GNU General Public License.
8 * Current status of standards conformance:
10 * -> All required POP3 commands described in RFC1939 are implemented.
11 * -> All optional POP3 commands described in RFC1939 are also implemented.
12 * -> The deprecated "LAST" command is included in this implementation, because
13 * there exist mail clients which insist on using it (such as Bynari
14 * TradeMail, and certain versions of Eudora).
15 * -> Capability detection via the method described in RFC2449 is implemented.
27 #include <sys/types.h>
29 #if TIME_WITH_SYS_TIME
30 # include <sys/time.h>
34 # include <sys/time.h>
44 #include <libcitadel.h>
47 #include "citserver.h"
55 #include "internet_addressing.h"
56 #include "serv_pop3.h"
61 #include "ctdl_module.h"
66 * This cleanup function blows away the temporary memory and files used by
69 void pop3_cleanup_function(void) {
71 /* Don't do this stuff if this is not a POP3 session! */
72 if (CC->h_command_function != pop3_command_loop) return;
74 CtdlLogPrintf(CTDL_DEBUG, "Performing POP3 cleanup hook\n");
75 if (POP3->msgs != NULL) free(POP3->msgs);
83 * Here's where our POP3 session begins its happy day.
85 void pop3_greeting(void) {
86 strcpy(CC->cs_clientname, "POP3 session");
88 CC->session_specific_data = malloc(sizeof(struct citpop3));
89 memset(POP3, 0, sizeof(struct citpop3));
91 cprintf("+OK Citadel POP3 server %s\r\n",
97 * POP3S is just like POP3, except it goes crypto right away.
99 void pop3s_greeting(void) {
100 CtdlModuleStartCryptoMsgs(NULL, NULL, NULL);
102 /* kill session if no crypto */
104 if (!CC->redirect_ssl) CC->kill_me = 1;
115 * Specify user name (implements POP3 "USER" command)
117 void pop3_user(char *argbuf) {
121 cprintf("-ERR You are already logged in.\r\n");
125 strcpy(username, argbuf);
128 /* CtdlLogPrintf(CTDL_DEBUG, "Trying <%s>\n", username); */
129 if (CtdlLoginExistingUser(NULL, username) == login_ok) {
130 cprintf("+OK Password required for %s\r\n", username);
133 cprintf("-ERR No such user.\r\n");
140 * Back end for pop3_grab_mailbox()
142 void pop3_add_message(long msgnum, void *userdata) {
146 if (POP3->num_msgs < 2) POP3->msgs = malloc(sizeof(struct pop3msg));
147 else POP3->msgs = realloc(POP3->msgs,
148 (POP3->num_msgs * sizeof(struct pop3msg)) ) ;
149 POP3->msgs[POP3->num_msgs-1].msgnum = msgnum;
150 POP3->msgs[POP3->num_msgs-1].deleted = 0;
152 /* We need to know the length of this message when it is printed in
153 * RFC822 format. Perhaps we have cached this length in the message's
154 * metadata record. If so, great; if not, measure it and then cache
157 GetMetaData(&smi, msgnum);
158 if (smi.meta_rfc822_length <= 0L) {
159 CC->redirect_buffer = malloc(SIZ);
160 CC->redirect_len = 0;
161 CC->redirect_alloc = SIZ;
162 CtdlOutputMsg(msgnum, MT_RFC822, HEADERS_ALL, 0, 1, NULL, 0);
163 smi.meta_rfc822_length = CC->redirect_len;
164 free(CC->redirect_buffer);
165 CC->redirect_buffer = NULL;
166 CC->redirect_len = 0;
167 CC->redirect_alloc = 0;
170 POP3->msgs[POP3->num_msgs-1].rfc822_length = smi.meta_rfc822_length;
176 * Open the inbox and read its contents.
177 * (This should be called only once, by pop3_pass(), and returns the number
178 * of messages in the inbox, or -1 for error)
180 int pop3_grab_mailbox(void) {
184 if (getroom(&CC->room, MAILROOM) != 0) return(-1);
186 /* Load up the messages */
187 CtdlForEachMessage(MSGS_ALL, 0L, NULL, NULL, NULL,
188 pop3_add_message, NULL);
190 /* Figure out which are old and which are new */
191 CtdlGetRelationship(&vbuf, &CC->user, &CC->room);
192 POP3->lastseen = (-1);
193 if (POP3->num_msgs) for (i=0; i<POP3->num_msgs; ++i) {
194 if (is_msg_in_sequence_set(vbuf.v_seen,
195 (POP3->msgs[POP3->num_msgs-1].msgnum) )) {
200 return(POP3->num_msgs);
203 void pop3_login(void)
207 msgs = pop3_grab_mailbox();
209 cprintf("+OK %s is logged in (%d messages)\r\n",
210 CC->user.fullname, msgs);
211 CtdlLogPrintf(CTDL_NOTICE, "POP3 authenticated %s\n", CC->user.fullname);
214 cprintf("-ERR Can't open your mailbox\r\n");
219 void pop3_apop(char *argbuf)
222 char userdigest[MD5_HEXSTRING_SIZE];
223 char realdigest[MD5_HEXSTRING_SIZE];
228 cprintf("-ERR You are already logged in; not in the AUTHORIZATION phase.\r\n");
232 if ((sptr = strchr(argbuf, ' ')) == NULL)
234 cprintf("-ERR Invalid APOP line.\r\n");
240 while ((*sptr) && isspace(*sptr))
243 strncpy(username, argbuf, sizeof(username)-1);
244 username[sizeof(username)-1] = '\0';
246 memset(userdigest, MD5_HEXSTRING_SIZE, 0);
247 strncpy(userdigest, sptr, MD5_HEXSTRING_SIZE-1);
249 if (CtdlLoginExistingUser(NULL, username) != login_ok)
251 cprintf("-ERR No such user.\r\n");
255 if (getuser(&CC->user, CC->curr_user))
257 cprintf("-ERR No such user.\r\n");
261 make_apop_string(CC->user.password, CC->cs_nonce, realdigest, sizeof realdigest);
262 if (!strncasecmp(realdigest, userdigest, MD5_HEXSTRING_SIZE-1))
269 cprintf("-ERR That is NOT the password.\r\n");
275 * Authorize with password (implements POP3 "PASS" command)
277 void pop3_pass(char *argbuf) {
280 strcpy(password, argbuf);
283 /* CtdlLogPrintf(CTDL_DEBUG, "Trying <%s>\n", password); */
284 if (CtdlTryPassword(password) == pass_ok) {
288 cprintf("-ERR That is NOT the password.\r\n");
295 * list available msgs
297 void pop3_list(char *argbuf) {
301 which_one = atoi(argbuf);
303 /* "list one" mode */
305 if (which_one > POP3->num_msgs) {
306 cprintf("-ERR no such message, only %d are here\r\n",
310 else if (POP3->msgs[which_one-1].deleted) {
311 cprintf("-ERR Sorry, you deleted that message.\r\n");
315 cprintf("+OK %d %ld\r\n",
317 (long)POP3->msgs[which_one-1].rfc822_length
323 /* "list all" (scan listing) mode */
325 cprintf("+OK Here's your mail:\r\n");
326 if (POP3->num_msgs > 0) for (i=0; i<POP3->num_msgs; ++i) {
327 if (! POP3->msgs[i].deleted) {
328 cprintf("%d %ld\r\n",
330 (long)POP3->msgs[i].rfc822_length);
339 * STAT (tally up the total message count and byte count) command
341 void pop3_stat(char *argbuf) {
343 size_t total_octets = 0;
346 if (POP3->num_msgs > 0) for (i=0; i<POP3->num_msgs; ++i) {
347 if (! POP3->msgs[i].deleted) {
349 total_octets += POP3->msgs[i].rfc822_length;
353 cprintf("+OK %d %ld\r\n", total_msgs, (long)total_octets);
359 * RETR command (fetch a message)
361 void pop3_retr(char *argbuf) {
368 which_one = atoi(argbuf);
369 if ( (which_one < 1) || (which_one > POP3->num_msgs) ) {
370 cprintf("-ERR No such message.\r\n");
374 if (POP3->msgs[which_one - 1].deleted) {
375 cprintf("-ERR Sorry, you deleted that message.\r\n");
379 cprintf("+OK Message %d:\r\n", which_one);
380 CC->redirect_buffer = malloc(SIZ);
381 CC->redirect_len = 0;
382 CC->redirect_alloc = SIZ;
383 CtdlOutputMsg(POP3->msgs[which_one - 1].msgnum,
384 MT_RFC822, HEADERS_ALL, 0, 1, NULL, 0);
385 msgtext = CC->redirect_buffer;
386 CC->redirect_buffer = NULL;
387 CC->redirect_len = 0;
388 CC->redirect_alloc = 0;
390 /* If we reach this point, the client is expecting data.
391 * Need to parse each line of the message here since someone may have sent
392 * a message containing a single dot on a line of its own. In that case we
393 * need to escape it in accordance with RFC821.
394 * We could do this with the tokenizer functions but num_tokens returns an
395 * int and the message may contain more lines than that, also copying each
396 * line would be slow.
401 chunk_to_send = nextline;
402 while (*nextline != '\n')
405 prev_char = *nextline;
407 if (!strcmp(chunk_to_send, ".\r\n")) {
408 client_write("..\r\n", 4);
411 client_write(chunk_to_send, (size_t)(nextline-chunk_to_send));
413 *nextline = prev_char;
420 * TOP command (dumb way of fetching a partial message or headers-only)
422 void pop3_top(char *argbuf) {
424 int lines_requested = 0;
425 int lines_dumped = 0;
432 sscanf(argbuf, "%d %d", &which_one, &lines_requested);
433 if ( (which_one < 1) || (which_one > POP3->num_msgs) ) {
434 cprintf("-ERR No such message.\r\n");
438 if (POP3->msgs[which_one - 1].deleted) {
439 cprintf("-ERR Sorry, you deleted that message.\r\n");
443 CC->redirect_buffer = malloc(SIZ);
444 CC->redirect_len = 0;
445 CC->redirect_alloc = SIZ;
446 CtdlOutputMsg(POP3->msgs[which_one - 1].msgnum,
447 MT_RFC822, HEADERS_ALL, 0, 1, NULL, 0);
448 msgtext = CC->redirect_buffer;
449 CC->redirect_buffer = NULL;
450 CC->redirect_len = 0;
451 CC->redirect_alloc = 0;
453 cprintf("+OK Message %d:\r\n", which_one);
457 while (ptr = memreadline(ptr, buf, (sizeof buf - 2)),
458 ( (*ptr != 0) && (done == 0))) {
461 if (lines_dumped >= lines_requested) {
465 if ((in_body == 0) || (done == 0)) {
466 client_write(buf, strlen(buf));
471 if ((buf[0]==13)||(buf[0]==10)) in_body = 1;
474 if (buf[strlen(buf)-1] != 10) cprintf("\n");
482 * DELE (delete message from mailbox)
484 void pop3_dele(char *argbuf) {
487 which_one = atoi(argbuf);
488 if ( (which_one < 1) || (which_one > POP3->num_msgs) ) {
489 cprintf("-ERR No such message.\r\n");
493 if (POP3->msgs[which_one - 1].deleted) {
494 cprintf("-ERR You already deleted that message.\r\n");
498 /* Flag the message as deleted. Will expunge during QUIT command. */
499 POP3->msgs[which_one - 1].deleted = 1;
500 cprintf("+OK Message %d deleted.\r\n",
505 /* Perform "UPDATE state" stuff
507 void pop3_update(void) {
511 long *deletemsgs = NULL;
512 int num_deletemsgs = 0;
514 /* Remove messages marked for deletion */
515 if (POP3->num_msgs > 0) {
516 deletemsgs = malloc(POP3->num_msgs * sizeof(long));
517 for (i=0; i<POP3->num_msgs; ++i) {
518 if (POP3->msgs[i].deleted) {
519 deletemsgs[num_deletemsgs++] = POP3->msgs[i].msgnum;
522 if (num_deletemsgs > 0) {
523 CtdlDeleteMessages(MAILROOM, deletemsgs, num_deletemsgs, "");
528 /* Set last read pointer */
529 if (POP3->num_msgs > 0) {
530 lgetuser(&CC->user, CC->curr_user);
532 CtdlGetRelationship(&vbuf, &CC->user, &CC->room);
533 snprintf(vbuf.v_seen, sizeof vbuf.v_seen, "*:%ld",
534 POP3->msgs[POP3->num_msgs-1].msgnum);
535 CtdlSetRelationship(&vbuf, &CC->user, &CC->room);
544 * RSET (reset, i.e. undelete any deleted messages) command
546 void pop3_rset(char *argbuf) {
549 if (POP3->num_msgs > 0) for (i=0; i<POP3->num_msgs; ++i) {
550 if (POP3->msgs[i].deleted) {
551 POP3->msgs[i].deleted = 0;
554 cprintf("+OK Reset completed.\r\n");
560 * LAST (Determine which message is the last unread message)
562 void pop3_last(char *argbuf) {
563 cprintf("+OK %d\r\n", POP3->lastseen + 1);
568 * CAPA is a command which tells the client which POP3 extensions
571 void pop3_capa(void) {
572 cprintf("+OK Capability list follows\r\n"
576 "IMPLEMENTATION %s\r\n"
586 * UIDL (Universal IDentifier Listing) is easy. Our 'unique' message
587 * identifiers are simply the Citadel message numbers in the database.
589 void pop3_uidl(char *argbuf) {
593 which_one = atoi(argbuf);
595 /* "list one" mode */
597 if (which_one > POP3->num_msgs) {
598 cprintf("-ERR no such message, only %d are here\r\n",
602 else if (POP3->msgs[which_one-1].deleted) {
603 cprintf("-ERR Sorry, you deleted that message.\r\n");
607 cprintf("+OK %d %ld\r\n",
609 POP3->msgs[which_one-1].msgnum
615 /* "list all" (scan listing) mode */
617 cprintf("+OK Here's your mail:\r\n");
618 if (POP3->num_msgs > 0) for (i=0; i<POP3->num_msgs; ++i) {
619 if (! POP3->msgs[i].deleted) {
620 cprintf("%d %ld\r\n",
622 POP3->msgs[i].msgnum);
631 * implements the STLS command (Citadel API version)
635 char ok_response[SIZ];
636 char nosup_response[SIZ];
637 char error_response[SIZ];
640 "+OK Begin TLS negotiation now\r\n");
641 sprintf(nosup_response,
642 "-ERR TLS not supported here\r\n");
643 sprintf(error_response,
644 "-ERR Internal error\r\n");
645 CtdlModuleStartCryptoMsgs(ok_response, nosup_response, error_response);
655 * Main command loop for POP3 sessions.
657 void pop3_command_loop(void) {
661 memset(cmdbuf, 0, sizeof cmdbuf); /* Clear it, just in case */
662 if (client_getln(cmdbuf, sizeof cmdbuf) < 1) {
663 CtdlLogPrintf(CTDL_ERR, "Client disconnected: ending session.\r\n");
667 if (!strncasecmp(cmdbuf, "PASS", 4)) {
668 CtdlLogPrintf(CTDL_INFO, "POP3: PASS...\r\n");
671 CtdlLogPrintf(CTDL_INFO, "POP3: %s\r\n", cmdbuf);
673 while (strlen(cmdbuf) < 5) strcat(cmdbuf, " ");
675 if (!strncasecmp(cmdbuf, "NOOP", 4)) {
676 cprintf("+OK No operation.\r\n");
679 else if (!strncasecmp(cmdbuf, "CAPA", 4)) {
683 else if (!strncasecmp(cmdbuf, "QUIT", 4)) {
684 cprintf("+OK Goodbye...\r\n");
690 else if (!strncasecmp(cmdbuf, "USER", 4)) {
691 pop3_user(&cmdbuf[5]);
694 else if (!strncasecmp(cmdbuf, "PASS", 4)) {
695 pop3_pass(&cmdbuf[5]);
698 else if (!strncasecmp(cmdbuf, "APOP", 4))
700 pop3_apop(&cmdbuf[5]);
704 else if (!strncasecmp(cmdbuf, "STLS", 4)) {
709 else if (!CC->logged_in) {
710 cprintf("-ERR Not logged in.\r\n");
713 else if (!strncasecmp(cmdbuf, "LIST", 4)) {
714 pop3_list(&cmdbuf[5]);
717 else if (!strncasecmp(cmdbuf, "STAT", 4)) {
718 pop3_stat(&cmdbuf[5]);
721 else if (!strncasecmp(cmdbuf, "RETR", 4)) {
722 pop3_retr(&cmdbuf[5]);
725 else if (!strncasecmp(cmdbuf, "DELE", 4)) {
726 pop3_dele(&cmdbuf[5]);
729 else if (!strncasecmp(cmdbuf, "RSET", 4)) {
730 pop3_rset(&cmdbuf[5]);
733 else if (!strncasecmp(cmdbuf, "UIDL", 4)) {
734 pop3_uidl(&cmdbuf[5]);
737 else if (!strncasecmp(cmdbuf, "TOP", 3)) {
738 pop3_top(&cmdbuf[4]);
741 else if (!strncasecmp(cmdbuf, "LAST", 4)) {
742 pop3_last(&cmdbuf[4]);
746 cprintf("-ERR I'm afraid I can't do that.\r\n");
751 const char *CitadelServicePop3="POP3";
752 const char *CitadelServicePop3S="POP3S";
755 CTDL_MODULE_INIT(pop3)
759 CtdlRegisterServiceHook(config.c_pop3_port,
766 CtdlRegisterServiceHook(config.c_pop3s_port,
771 CitadelServicePop3S);
773 CtdlRegisterSessionHook(pop3_cleanup_function, EVT_STOP);
776 /* return our Subversion id for the Log */
projects / citadel.git / blob