citadel/serv_listsub.c

   1 /*
   2  * $Id$
   3  *
   4  * This module handles self-service subscription/unsubscription to mail lists.
   5  *
   6  * Copyright (C) 2002 by Art Cancro and others.
   7  * This code is released under the terms of the GNU General Public License.
   8  *
   9  */
  10
  11 #include "sysdep.h"
  12 #include <stdlib.h>
  13 #include <unistd.h>
  14 #include <stdio.h>
  15 #include <fcntl.h>
  16 #include <ctype.h>
  17 #include <signal.h>
  18 #include <pwd.h>
  19 #include <errno.h>
  20 #include <sys/types.h>
  21 #include <dirent.h>
  22 #if TIME_WITH_SYS_TIME
  23 # include <sys/time.h>
  24 # include <time.h>
  25 #else
  26 # if HAVE_SYS_TIME_H
  27 #  include <sys/time.h>
  28 # else
  29 #  include <time.h>
  30 # endif
  31 #endif
  32
  33 #include <sys/wait.h>
  34 #include <string.h>
  35 #include <limits.h>
  36 #include "citadel.h"
  37 #include "server.h"
  38 #include "sysdep_decls.h"
  39 #include "citserver.h"
  40 #include "support.h"
  41 #include "config.h"
  42 #include "dynloader.h"
  43 #include "room_ops.h"
  44 #include "user_ops.h"
  45 #include "policy.h"
  46 #include "database.h"
  47 #include "msgbase.h"
  48 #include "tools.h"
  49 #include "internet_addressing.h"
  50 #include "serv_network.h"
  51 #include "clientsocket.h"
  52 #include "file_ops.h"
  53
  54 #ifndef HAVE_SNPRINTF
  55 #include "snprintf.h"
  56 #endif
  57
  58
  59 /*
  60  * Generate a randomizationalisticized token to use for authentication of
  61  * a subscribe or unsubscribe request.
  62  */
  63 void listsub_generate_token(char *buf) {
  64         char sourcebuf[SIZ];
  65         static int seq = 0;
  66
  67         /* Theo, please sit down and shut up.  This key doesn't have to be
  68          * tinfoil-hat secure, it just needs to be reasonably unguessable
  69          * and unique.
  70          */
  71         sprintf(sourcebuf, "%d%d%ld",
  72                 ++seq,
  73                 getpid(),
  74                 time(NULL)
  75         );
  76
  77         /* Convert it to base64 so it looks cool */
  78         encode_base64(buf, sourcebuf);
  79 }
  80
  81
  82 /*
  83  * Enter a subscription request
  84  */
  85 void do_subscribe(char *room, char *email, char *subtype, char *webpage) {
  86         struct quickroom qrbuf;
  87         FILE *ncfp;
  88         char filename[SIZ];
  89         char token[SIZ];
  90         char confirmation_request[SIZ];
  91
  92         if (getroom(&qrbuf, room) != 0) {
  93                 cprintf("%d There is no list called '%s'\n", ERROR, room);
  94                 return;
  95         }
  96
  97         if ((qrbuf.QRflags2 & QR2_SELFLIST) == 0) {
  98                 cprintf("%d '%s' "
  99                         "does not accept subscribe/unsubscribe requests.\n",
 100                         ERROR+HIGHER_ACCESS_REQUIRED, qrbuf.QRname);
 101                 return;
 102         }
 103
 104         listsub_generate_token(token);
 105
 106         begin_critical_section(S_NETCONFIGS);
 107         assoc_file_name(filename, sizeof filename, &qrbuf, "netconfigs");
 108         ncfp = fopen(filename, "a");
 109         if (ncfp != NULL) {
 110                 fprintf(ncfp, "subpending|%s|%s|%s|%ld|%s\n",
 111                         email,
 112                         subtype,
 113                         token,
 114                         time(NULL),
 115                         webpage
 116                 );
 117                 fclose(ncfp);
 118         }
 119         end_critical_section(S_NETCONFIGS);
 120
 121         /* Generate and send the confirmation request */
 122
 123         snprintf(confirmation_request, sizeof confirmation_request,
 124                 "Someone (probably you) has submitted a request to subscribe\n"
 125                 "<%s> to the '%s' mailing list.\n\n"
 126                 "In order to confirm this subscription request, please\n"
 127                 "point your web browser at the following location:\n\n"
 128                 "http://%s?room=%s&token=%s\n\n"
 129                 "If this request has been submitted in error and you do not\n"
 130                 "wish to receive the '%s' mailing list, simply do nothing,\n"
 131                 "and you will not receive any further mailings.\n",
 132
 133                 email, qrbuf.QRname, webpage, qrbuf.QRname, token, qrbuf.QRname
 134         );
 135
 136         quickie_message(
 137                 "Citadel",
 138                 email,
 139                 qrbuf.QRname,
 140                 confirmation_request
 141         );
 142
 143         cprintf("%d Subscription entered; confirmation request sent\n", CIT_OK);
 144
 145 }
 146
 147
 148 /*
 149  * Confirm a subscribe/unsubscribe request.
 150  */
 151 void do_confirm(char *room, char *token) {
 152         struct quickroom qrbuf;
 153         FILE *ncfp;
 154         char filename[SIZ];
 155         char line_token[SIZ];
 156         long line_offset;
 157         int line_length;
 158         char buf[SIZ];
 159         char cmd[SIZ];
 160         char email[SIZ];
 161         char subtype[SIZ];
 162         int success = 0;
 163
 164         if (getroom(&qrbuf, room) != 0) {
 165                 cprintf("%d There is no list called '%s'\n", ERROR, room);
 166                 return;
 167         }
 168
 169         if ((qrbuf.QRflags2 & QR2_SELFLIST) == 0) {
 170                 cprintf("%d '%s' "
 171                         "does not accept subscribe/unsubscribe requests.\n",
 172                         ERROR+HIGHER_ACCESS_REQUIRED, qrbuf.QRname);
 173                 return;
 174         }
 175
 176         begin_critical_section(S_NETCONFIGS);
 177         assoc_file_name(filename, sizeof filename, &qrbuf, "netconfigs");
 178         ncfp = fopen(filename, "r+");
 179         if (ncfp != NULL) {
 180                 while (line_offset = ftell(ncfp),
 181                       (fgets(buf, sizeof buf, ncfp) != NULL) ) {
 182                         buf[strlen(buf)-1] = 0;
 183                         line_length = strlen(buf);
 184                         extract(cmd, buf, 0);
 185                         if (!strcasecmp(cmd, "subpending")) {
 186                                 extract(email, buf, 1);
 187                                 extract(subtype, buf, 2);
 188                                 extract(line_token, buf, 3);
 189                                 if (!strcasecmp(token, line_token)) {
 190                                         if (!strcasecmp(subtype, "digest")) {
 191                                                 strcpy(buf, "digestrecp|");
 192                                         }
 193                                         else {
 194                                                 strcpy(buf, "listrecp|");
 195                                         }
 196                                         strcat(buf, email);
 197                                         strcat(buf, "|");
 198                                         /* SLEAZY HACK: pad the line out so
 199                                          * it's the same length as the line
 200                                          * we're replacing.
 201                                          */
 202                                         while (strlen(buf) < line_length) {
 203                                                 strcat(buf, " ");
 204                                         }
 205                                         fseek(ncfp, line_offset, SEEK_SET);
 206                                         fprintf(ncfp, "%s\n", buf);
 207                                         ++success;
 208                                 }
 209                         }
 210                 }
 211                 fclose(ncfp);
 212         }
 213         end_critical_section(S_NETCONFIGS);
 214
 215         if (success) {
 216                 cprintf("%d %d operation(s) confirmed.\n", CIT_OK, success);
 217         }
 218         else {
 219                 cprintf("%d Invalid token.\n", ERROR);
 220         }
 221
 222 }
 223
 224
 225
 226 /*
 227  * process subscribe/unsubscribe requests and confirmations
 228  */
 229 void cmd_subs(char *cmdbuf) {
 230
 231         char opr[SIZ];
 232         char room[SIZ];
 233         char email[SIZ];
 234         char subtype[SIZ];
 235         char token[SIZ];
 236         char webpage[SIZ];
 237
 238         extract(opr, cmdbuf, 0);
 239         if (!strcasecmp(opr, "subscribe")) {
 240                 extract(subtype, cmdbuf, 3);
 241                 if ( (strcasecmp(subtype, "list"))
 242                    && (strcasecmp(subtype, "digest")) ) {
 243                         cprintf("%d Invalid subscription type.\n", ERROR);
 244                 }
 245                 else {
 246                         extract(room, cmdbuf, 1);
 247                         extract(email, cmdbuf, 2);
 248                         extract(webpage, cmdbuf, 4);
 249                         do_subscribe(room, email, subtype, webpage);
 250                 }
 251         }
 252         else if (!strcasecmp(opr, "unsubscribe")) {
 253                 cprintf("%d not yet implemented\n", ERROR);
 254         }
 255         else if (!strcasecmp(opr, "confirm")) {
 256                 extract(room, cmdbuf, 1);
 257                 extract(token, cmdbuf, 2);
 258                 do_confirm(room, token);
 259         }
 260         else {
 261                 cprintf("%d Invalid command\n", ERROR);
 262         }
 263 }
 264
 265
 266 /*
 267  * Module entry point
 268  */
 269 char *Dynamic_Module_Init(void)
 270 {
 271         CtdlRegisterProtoHook(cmd_subs, "SUBS", "List subscribe/unsubscribe");
 272         return "$Id$";
 273 }