4 * This module handles self-service subscription/unsubscription to mail lists.
6 * Copyright (C) 2002-2005 by Art Cancro and others.
7 * This code is released under the terms of the GNU General Public License.
20 #include <sys/types.h>
22 #if TIME_WITH_SYS_TIME
23 # include <sys/time.h>
27 # include <sys/time.h>
38 #include "sysdep_decls.h"
39 #include "citserver.h"
42 #include "serv_extensions.h"
49 #include "internet_addressing.h"
50 #include "serv_network.h"
51 #include "clientsocket.h"
60 * Generate a randomizationalisticized token to use for authentication of
61 * a subscribe or unsubscribe request.
63 void listsub_generate_token(char *buf) {
67 /* Theo, please sit down and shut up. This key doesn't have to be
68 * tinfoil-hat secure, it just needs to be reasonably unguessable
71 sprintf(sourcebuf, "%lx",
72 (long) (++seq + getpid() + time(NULL))
75 /* Convert it to base64 so it looks cool */
76 CtdlEncodeBase64(buf, sourcebuf, strlen(sourcebuf));
81 * Enter a subscription request
83 void do_subscribe(char *room, char *email, char *subtype, char *webpage) {
84 struct ctdlroom qrbuf;
88 char confirmation_request[2048];
90 char urlroom[ROOMNAMELEN];
95 if (getroom(&qrbuf, room) != 0) {
96 cprintf("%d There is no list called '%s'\n", ERROR + ROOM_NOT_FOUND, room);
100 if ((qrbuf.QRflags2 & QR2_SELFLIST) == 0) {
102 "does not accept subscribe/unsubscribe requests.\n",
103 ERROR + HIGHER_ACCESS_REQUIRED, qrbuf.QRname);
107 listsub_generate_token(token);
109 assoc_file_name(filename, sizeof filename, &qrbuf, ctdl_netcfg_dir);
112 * Make sure the requested address isn't already subscribed
114 begin_critical_section(S_NETCONFIGS);
115 ncfp = fopen(filename, "r");
117 while (fgets(buf, sizeof buf, ncfp) != NULL) {
118 buf[strlen(buf)-1] = 0;
119 extract_token(scancmd, buf, 0, '|', sizeof scancmd);
120 extract_token(scanemail, buf, 1, '|', sizeof scanemail);
121 if ((!strcasecmp(scancmd, "listrecp"))
122 || (!strcasecmp(scancmd, "digestrecp"))) {
123 if (!strcasecmp(scanemail, email)) {
130 end_critical_section(S_NETCONFIGS);
132 if (found_sub != 0) {
133 cprintf("%d '%s' is already subscribed to '%s'.\n",
134 ERROR + ALREADY_EXISTS,
135 email, qrbuf.QRname);
140 * Now add it to the file
142 begin_critical_section(S_NETCONFIGS);
143 ncfp = fopen(filename, "a");
145 fprintf(ncfp, "subpending|%s|%s|%s|%ld|%s\n",
154 end_critical_section(S_NETCONFIGS);
156 /* Generate and send the confirmation request */
158 urlesc(urlroom, qrbuf.QRname);
160 snprintf(confirmation_request, sizeof confirmation_request,
162 "MIME-Version: 1.0\n"
163 "Content-Type: multipart/alternative; boundary=\"__ctdlmultipart__\"\n"
165 "This is a multipart message in MIME format.\n"
167 "--__ctdlmultipart__\n"
168 "Content-type: text/plain\n"
170 "Someone (probably you) has submitted a request to subscribe\n"
171 "<%s> to the '%s' mailing list.\n"
173 "Please go here to confirm this request:\n"
174 " %s?room=%s&token=%s&cmd=confirm \n"
176 "If this request has been submitted in error and you do not\n"
177 "wish to receive the '%s' mailing list, simply do nothing,\n"
178 "and you will not receive any further mailings.\n"
180 "--__ctdlmultipart__\n"
181 "Content-type: text/html\n"
184 "Someone (probably you) has submitted a request to subscribe\n"
185 "<%s> to the <B>%s</B> mailing list.<BR><BR>\n"
186 "Please click here to confirm this request:<BR>\n"
187 "<A HREF=\"%s?room=%s&token=%s&cmd=confirm\">"
188 "%s?room=%s&token=%s&cmd=confirm</A><BR><BR>\n"
189 "If this request has been submitted in error and you do not\n"
190 "wish to receive the '%s' mailing list, simply do nothing,\n"
191 "and you will not receive any further mailings.\n"
194 "--__ctdlmultipart__--\n",
197 webpage, urlroom, token,
201 webpage, urlroom, token,
202 webpage, urlroom, token,
206 quickie_message( /* This delivers the message */
211 confirmation_request,
213 "Please confirm your list subscription"
216 cprintf("%d Subscription entered; confirmation request sent\n", CIT_OK);
221 * Enter an unsubscription request
223 void do_unsubscribe(char *room, char *email, char *webpage) {
224 struct ctdlroom qrbuf;
229 char confirmation_request[2048];
230 char urlroom[ROOMNAMELEN];
235 if (getroom(&qrbuf, room) != 0) {
236 cprintf("%d There is no list called '%s'\n",
237 ERROR + ROOM_NOT_FOUND, room);
241 if ((qrbuf.QRflags2 & QR2_SELFLIST) == 0) {
243 "does not accept subscribe/unsubscribe requests.\n",
244 ERROR + HIGHER_ACCESS_REQUIRED, qrbuf.QRname);
248 listsub_generate_token(token);
250 assoc_file_name(filename, sizeof filename, &qrbuf, ctdl_netcfg_dir);
253 * Make sure there's actually a subscription there to remove
255 begin_critical_section(S_NETCONFIGS);
256 ncfp = fopen(filename, "r");
258 while (fgets(buf, sizeof buf, ncfp) != NULL) {
259 buf[strlen(buf)-1] = 0;
260 extract_token(scancmd, buf, 0, '|', sizeof scancmd);
261 extract_token(scanemail, buf, 1, '|', sizeof scanemail);
262 if ((!strcasecmp(scancmd, "listrecp"))
263 || (!strcasecmp(scancmd, "digestrecp"))) {
264 if (!strcasecmp(scanemail, email)) {
271 end_critical_section(S_NETCONFIGS);
273 if (found_sub == 0) {
274 cprintf("%d '%s' is not subscribed to '%s'.\n",
275 ERROR + NO_SUCH_USER,
276 email, qrbuf.QRname);
281 * Ok, now enter the unsubscribe-pending entry.
283 begin_critical_section(S_NETCONFIGS);
284 ncfp = fopen(filename, "a");
286 fprintf(ncfp, "unsubpending|%s|%s|%ld|%s\n",
294 end_critical_section(S_NETCONFIGS);
296 /* Generate and send the confirmation request */
298 urlesc(urlroom, qrbuf.QRname);
300 snprintf(confirmation_request, sizeof confirmation_request,
302 "MIME-Version: 1.0\n"
303 "Content-Type: multipart/alternative; boundary=\"__ctdlmultipart__\"\n"
305 "This is a multipart message in MIME format.\n"
307 "--__ctdlmultipart__\n"
308 "Content-type: text/plain\n"
310 "Someone (probably you) has submitted a request to unsubscribe\n"
311 "<%s> from the '%s' mailing list.\n"
313 "Please go here to confirm this request:\n"
314 " %s?room=%s&token=%s&cmd=confirm \n"
316 "If this request has been submitted in error and you do not\n"
317 "wish to unsubscribe from the '%s' mailing list, simply do nothing,\n"
318 "and the request will not be processed.\n"
320 "--__ctdlmultipart__\n"
321 "Content-type: text/html\n"
324 "Someone (probably you) has submitted a request to unsubscribe\n"
325 "<%s> from the <B>%s</B> mailing list.<BR><BR>\n"
326 "Please click here to confirm this request:<BR>\n"
327 "<A HREF=\"%s?room=%s&token=%s&cmd=confirm\">"
328 "%s?room=%s&token=%s&cmd=confirm</A><BR><BR>\n"
329 "If this request has been submitted in error and you do not\n"
330 "wish to unsubscribe from the '%s' mailing list, simply do nothing,\n"
331 "and the request will not be processed.\n"
334 "--__ctdlmultipart__--\n",
337 webpage, urlroom, token,
341 webpage, urlroom, token,
342 webpage, urlroom, token,
346 quickie_message( /* This delivers the message */
351 confirmation_request,
353 "Please confirm your unsubscribe request"
356 cprintf("%d Unubscription noted; confirmation request sent\n", CIT_OK);
361 * Confirm a subscribe/unsubscribe request.
363 void do_confirm(char *room, char *token) {
364 struct ctdlroom qrbuf;
367 char line_token[256];
375 char address_to_unsubscribe[256];
378 char *holdbuf = NULL;
382 strcpy(address_to_unsubscribe, "");
384 if (getroom(&qrbuf, room) != 0) {
385 cprintf("%d There is no list called '%s'\n",
386 ERROR + ROOM_NOT_FOUND, room);
390 if ((qrbuf.QRflags2 & QR2_SELFLIST) == 0) {
392 "does not accept subscribe/unsubscribe requests.\n",
393 ERROR + HIGHER_ACCESS_REQUIRED, qrbuf.QRname);
398 * Now start scanning this room's netconfig file for the
401 assoc_file_name(filename, sizeof filename, &qrbuf, ctdl_netcfg_dir);
402 begin_critical_section(S_NETCONFIGS);
403 ncfp = fopen(filename, "r+");
405 while (line_offset = ftell(ncfp),
406 (fgets(buf, sizeof buf, ncfp) != NULL) ) {
407 buf[strlen(buf)-1] = 0;
408 line_length = strlen(buf);
409 extract_token(cmd, buf, 0, '|', sizeof cmd);
410 if (!strcasecmp(cmd, "subpending")) {
411 extract_token(email, buf, 1, '|', sizeof email);
412 extract_token(subtype, buf, 2, '|', sizeof subtype);
413 extract_token(line_token, buf, 3, '|', sizeof line_token);
414 if (!strcasecmp(token, line_token)) {
415 if (!strcasecmp(subtype, "digest")) {
416 safestrncpy(buf, "digestrecp|", sizeof buf);
419 safestrncpy(buf, "listrecp|", sizeof buf);
423 /* SLEAZY HACK: pad the line out so
424 * it's the same length as the line
427 while (strlen(buf) < line_length) {
430 fseek(ncfp, line_offset, SEEK_SET);
431 fprintf(ncfp, "%s\n", buf);
435 if (!strcasecmp(cmd, "unsubpending")) {
436 extract_token(line_token, buf, 2, '|', sizeof line_token);
437 if (!strcasecmp(token, line_token)) {
438 extract_token(address_to_unsubscribe, buf, 1, '|',
439 sizeof address_to_unsubscribe);
445 end_critical_section(S_NETCONFIGS);
448 * If "address_to_unsubscribe" contains something, then we have to
449 * make another pass at the file, stripping out lines referring to
452 if (strlen(address_to_unsubscribe) > 0) {
453 holdbuf = malloc(SIZ);
454 begin_critical_section(S_NETCONFIGS);
455 ncfp = fopen(filename, "r+");
457 while (line_offset = ftell(ncfp),
458 (fgets(buf, sizeof buf, ncfp) != NULL) ) {
459 buf[strlen(buf)-1]=0;
460 extract_token(scancmd, buf, 0, '|', sizeof scancmd);
461 extract_token(scanemail, buf, 1, '|', sizeof scanemail);
462 if ( (!strcasecmp(scancmd, "listrecp"))
463 && (!strcasecmp(scanemail,
464 address_to_unsubscribe)) ) {
467 else if ( (!strcasecmp(scancmd, "digestrecp"))
468 && (!strcasecmp(scanemail,
469 address_to_unsubscribe)) ) {
472 else if ( (!strcasecmp(scancmd, "subpending"))
473 && (!strcasecmp(scanemail,
474 address_to_unsubscribe)) ) {
477 else if ( (!strcasecmp(scancmd, "unsubpending"))
478 && (!strcasecmp(scanemail,
479 address_to_unsubscribe)) ) {
482 else { /* Not relevant, so *keep* it! */
483 linelen = strlen(buf);
484 holdbuf = realloc(holdbuf,
485 (buflen + linelen + 2) );
486 strcpy(&holdbuf[buflen], buf);
488 strcpy(&holdbuf[buflen], "\n");
494 ncfp = fopen(filename, "w");
496 fwrite(holdbuf, buflen+1, 1, ncfp);
499 end_critical_section(S_NETCONFIGS);
504 * Did we do anything useful today?
507 cprintf("%d %d operation(s) confirmed.\n", CIT_OK, success);
508 lprintf(CTDL_NOTICE, "Mailing list: %s %ssubscribed to %s with token %s\n", email, (strlen(address_to_unsubscribe) > 0) ? "un" : "", room, token);
511 cprintf("%d Invalid token.\n", ERROR + ILLEGAL_VALUE);
519 * process subscribe/unsubscribe requests and confirmations
521 void cmd_subs(char *cmdbuf) {
524 char room[ROOMNAMELEN];
530 extract_token(opr, cmdbuf, 0, '|', sizeof opr);
531 if (!strcasecmp(opr, "subscribe")) {
532 extract_token(subtype, cmdbuf, 3, '|', sizeof subtype);
533 if ( (strcasecmp(subtype, "list"))
534 && (strcasecmp(subtype, "digest")) ) {
535 cprintf("%d Invalid subscription type '%s'\n",
536 ERROR + ILLEGAL_VALUE, subtype);
539 extract_token(room, cmdbuf, 1, '|', sizeof room);
540 extract_token(email, cmdbuf, 2, '|', sizeof email);
541 extract_token(webpage, cmdbuf, 4, '|', sizeof webpage);
542 do_subscribe(room, email, subtype, webpage);
545 else if (!strcasecmp(opr, "unsubscribe")) {
546 extract_token(room, cmdbuf, 1, '|', sizeof room);
547 extract_token(email, cmdbuf, 2, '|', sizeof email);
548 extract_token(webpage, cmdbuf, 3, '|', sizeof webpage);
549 do_unsubscribe(room, email, webpage);
551 else if (!strcasecmp(opr, "confirm")) {
552 extract_token(room, cmdbuf, 1, '|', sizeof room);
553 extract_token(token, cmdbuf, 2, '|', sizeof token);
554 do_confirm(room, token);
557 cprintf("%d Invalid command\n", ERROR + ILLEGAL_VALUE);
565 char *serv_listsub_init(void)
567 CtdlRegisterProtoHook(cmd_subs, "SUBS", "List subscribe/unsubscribe");
569 /* return our Subversion id for the Log */