1 // POP3 service for the Citadel system
3 // Copyright (c) 1998-2022 by the citadel.org team
5 // This program is open source software; you can redistribute it and/or modify
6 // it under the terms of the GNU General Public License version 3.
8 // This program is distributed in the hope that it will be useful,
9 // but WITHOUT ANY WARRANTY; without even the implied warranty of
10 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 // GNU General Public License for more details.
13 // Current status of standards conformance:
15 // -> All required POP3 commands described in RFC1939 are implemented.
16 // -> All optional POP3 commands described in RFC1939 are also implemented.
17 // -> The deprecated "LAST" command is included in this implementation, because
18 // there exist mail clients which insist on using it (such as Bynari
19 // TradeMail, and certain versions of Eudora).
20 // -> Capability detection via the method described in RFC2449 is implemented.
22 #include "../../sysdep.h"
30 #include <sys/types.h>
36 #include <libcitadel.h>
37 #include "../../citadel.h"
38 #include "../../server.h"
39 #include "../../citserver.h"
40 #include "../../support.h"
41 #include "../../config.h"
42 #include "../../user_ops.h"
43 #include "../../database.h"
44 #include "../../msgbase.h"
45 #include "../../internet_addressing.h"
46 #include "serv_pop3.h"
47 #include "../../ctdl_module.h"
50 // This cleanup function blows away the temporary memory and files used by
52 void pop3_cleanup_function(void) {
53 /* Don't do this stuff if this is not a POP3 session! */
54 if (CC->h_command_function != pop3_command_loop) return;
56 struct citpop3 *pop3 = ((struct citpop3 *)CC->session_specific_data);
57 syslog(LOG_DEBUG, "pop3: performing cleanup hook");
58 if (pop3->msgs != NULL) {
66 // Here's where our POP3 session begins its happy day.
67 void pop3_greeting(void) {
68 strcpy(CC->cs_clientname, "POP3 session");
70 CC->session_specific_data = malloc(sizeof(struct citpop3));
71 memset(POP3, 0, sizeof(struct citpop3));
73 cprintf("+OK Citadel POP3 server ready.\r\n");
77 // POP3S is just like POP3, except it goes crypto right away.
78 void pop3s_greeting(void) {
79 CtdlModuleStartCryptoMsgs(NULL, NULL, NULL);
81 /* kill session if no crypto */
83 if (!CC->redirect_ssl) CC->kill_me = KILLME_NO_CRYPTO;
85 CC->kill_me = KILLME_NO_CRYPTO;
92 // Specify user name (implements POP3 "USER" command)
93 void pop3_user(char *argbuf) {
97 cprintf("-ERR You are already logged in.\r\n");
101 strcpy(username, argbuf);
102 string_trim(username);
104 if (CtdlLoginExistingUser(username) == login_ok) {
105 cprintf("+OK Password required for %s\r\n", username);
108 cprintf("-ERR No such user.\r\n");
113 // Back end for pop3_grab_mailbox()
114 void pop3_add_message(long msgnum, void *userdata) {
118 if (POP3->num_msgs < 2) {
119 POP3->msgs = malloc(sizeof(struct pop3msg));
122 POP3->msgs = realloc(POP3->msgs, (POP3->num_msgs * sizeof(struct pop3msg)) ) ;
124 POP3->msgs[POP3->num_msgs-1].msgnum = msgnum;
125 POP3->msgs[POP3->num_msgs-1].deleted = 0;
127 // We need to know the length of this message when it is printed in
128 // RFC822 format. Perhaps we have cached this length in the message's
129 // metadata record. If so, great; if not, measure it and then cache
131 GetMetaData(&smi, msgnum);
132 if (smi.meta_rfc822_length <= 0L) {
133 CC->redirect_buffer = NewStrBufPlain(NULL, SIZ);
134 CtdlOutputMsg(msgnum, MT_RFC822, HEADERS_ALL, 0, 1, NULL, SUPPRESS_ENV_TO, NULL, NULL, NULL);
135 smi.meta_rfc822_length = StrLength(CC->redirect_buffer);
136 FreeStrBuf(&CC->redirect_buffer);
139 POP3->msgs[POP3->num_msgs-1].rfc822_length = smi.meta_rfc822_length;
143 // Open the inbox and read its contents.
144 // (This should be called only once, by pop3_pass(), and returns the number
145 // of messages in the inbox, or -1 for error)
146 int pop3_grab_mailbox(void) {
150 if (CtdlGetRoom(&CC->room, MAILROOM) != 0) return(-1);
152 /* Load up the messages */
153 CtdlForEachMessage(MSGS_ALL, 0L, NULL, NULL, NULL, pop3_add_message, NULL);
155 /* Figure out which are old and which are new */
156 CtdlGetRelationship(&vbuf, &CC->user, &CC->room);
157 POP3->lastseen = (-1);
158 if (POP3->num_msgs) for (i=0; i<POP3->num_msgs; ++i) {
159 if (is_msg_in_sequence_set(vbuf.v_seen, (POP3->msgs[POP3->num_msgs-1].msgnum) )) {
164 return(POP3->num_msgs);
168 void pop3_login(void) {
171 msgs = pop3_grab_mailbox();
173 cprintf("+OK %s is logged in (%d messages)\r\n",
174 CC->user.fullname, msgs);
175 syslog(LOG_DEBUG, "pop3: authenticated %s", CC->user.fullname);
178 cprintf("-ERR Can't open your mailbox\r\n");
184 // Authorize with password (implements POP3 "PASS" command)
185 void pop3_pass(char *argbuf) {
188 safestrncpy(password, argbuf, sizeof password);
189 string_trim(password);
191 if (CtdlTryPassword(password, strlen(password)) == pass_ok) {
195 cprintf("-ERR That is NOT the password.\r\n");
200 // list available msgs
201 void pop3_list(char *argbuf) {
205 which_one = atoi(argbuf);
209 if (which_one > POP3->num_msgs) {
210 cprintf("-ERR no such message, only %d are here\r\n", POP3->num_msgs);
213 else if (POP3->msgs[which_one-1].deleted) {
214 cprintf("-ERR Sorry, you deleted that message.\r\n");
218 cprintf("+OK %d %ld\r\n", which_one, (long)POP3->msgs[which_one-1].rfc822_length);
223 // "list all" (scan listing) mode
225 cprintf("+OK Here's your mail:\r\n");
226 if (POP3->num_msgs > 0) for (i=0; i<POP3->num_msgs; ++i) {
227 if (! POP3->msgs[i].deleted) {
228 cprintf("%d %ld\r\n", i+1, (long)POP3->msgs[i].rfc822_length);
236 // STAT (tally up the total message count and byte count) command
237 void pop3_stat(char *argbuf) {
239 size_t total_octets = 0;
242 if (POP3->num_msgs > 0) for (i=0; i<POP3->num_msgs; ++i) {
243 if (! POP3->msgs[i].deleted) {
245 total_octets += POP3->msgs[i].rfc822_length;
249 cprintf("+OK %d %ld\r\n", total_msgs, (long)total_octets);
253 // RETR command (fetch a message)
254 void pop3_retr(char *argbuf) {
257 which_one = atoi(argbuf);
258 if ( (which_one < 1) || (which_one > POP3->num_msgs) ) {
259 cprintf("-ERR No such message.\r\n");
263 if (POP3->msgs[which_one - 1].deleted) {
264 cprintf("-ERR Sorry, you deleted that message.\r\n");
268 cprintf("+OK Message %d:\r\n", which_one);
269 CtdlOutputMsg(POP3->msgs[which_one - 1].msgnum, MT_RFC822,
270 HEADERS_ALL, 0, 1, NULL,
271 (ESC_DOT|SUPPRESS_ENV_TO), NULL, NULL, NULL
277 // TOP command (dumb way of fetching a partial message or headers-only)
278 void pop3_top(char *argbuf) {
280 int lines_requested = 0;
281 int lines_dumped = 0;
288 sscanf(argbuf, "%d %d", &which_one, &lines_requested);
289 if ( (which_one < 1) || (which_one > POP3->num_msgs) ) {
290 cprintf("-ERR No such message.\r\n");
294 if (POP3->msgs[which_one - 1].deleted) {
295 cprintf("-ERR Sorry, you deleted that message.\r\n");
299 CC->redirect_buffer = NewStrBufPlain(NULL, SIZ);
301 CtdlOutputMsg(POP3->msgs[which_one - 1].msgnum,
308 msgtext = CC->redirect_buffer;
309 CC->redirect_buffer = NULL;
311 cprintf("+OK Message %d:\r\n", which_one);
313 ptr = ChrPtr(msgtext);
314 while (ptr = cmemreadline(ptr, buf, (sizeof buf - 2)),
315 ( (*ptr != 0) && (done == 0))) {
318 if (lines_dumped >= lines_requested) {
322 if ((in_body == 0) || (done == 0)) {
323 client_write(buf, strlen(buf));
328 if ((buf[0]==13)||(buf[0]==10)) in_body = 1;
331 if (buf[strlen(buf)-1] != 10) cprintf("\n");
332 FreeStrBuf(&msgtext);
338 // DELE (delete message from mailbox)
339 void pop3_dele(char *argbuf) {
342 which_one = atoi(argbuf);
343 if ( (which_one < 1) || (which_one > POP3->num_msgs) ) {
344 cprintf("-ERR No such message.\r\n");
348 if (POP3->msgs[which_one - 1].deleted) {
349 cprintf("-ERR You already deleted that message.\r\n");
353 // Flag the message as deleted. Will expunge during QUIT command.
354 POP3->msgs[which_one - 1].deleted = 1;
355 cprintf("+OK Message %d deleted.\r\n",
360 // Perform "UPDATE state" stuff
361 void pop3_update(void) {
365 long *deletemsgs = NULL;
366 int num_deletemsgs = 0;
368 // Remove messages marked for deletion
369 if (POP3->num_msgs > 0) {
370 deletemsgs = malloc(POP3->num_msgs * sizeof(long));
371 for (i=0; i<POP3->num_msgs; ++i) {
372 if (POP3->msgs[i].deleted) {
373 deletemsgs[num_deletemsgs++] = POP3->msgs[i].msgnum;
376 if (num_deletemsgs > 0) {
377 CtdlDeleteMessages(MAILROOM, deletemsgs, num_deletemsgs, "");
382 // Set last read pointer
383 if (POP3->num_msgs > 0) {
384 CtdlLockGetCurrentUser();
385 CtdlGetRelationship(&vbuf, &CC->user, &CC->room);
386 snprintf(vbuf.v_seen, sizeof vbuf.v_seen, "*:%ld", POP3->msgs[POP3->num_msgs-1].msgnum);
387 CtdlSetRelationship(&vbuf, &CC->user, &CC->room);
388 CtdlPutCurrentUserLock();
394 // RSET (reset, i.e. undelete any deleted messages) command
395 void pop3_rset(char *argbuf) {
398 if (POP3->num_msgs > 0) for (i=0; i<POP3->num_msgs; ++i) {
399 if (POP3->msgs[i].deleted) {
400 POP3->msgs[i].deleted = 0;
403 cprintf("+OK Reset completed.\r\n");
407 // LAST (Determine which message is the last unread message)
408 void pop3_last(char *argbuf) {
409 cprintf("+OK %d\r\n", POP3->lastseen + 1);
413 // CAPA is a command which tells the client which POP3 extensions are supported.
414 void pop3_capa(void) {
415 cprintf("+OK Capability list follows\r\n"
419 "IMPLEMENTATION %s\r\n"
427 // UIDL (Universal IDentifier Listing) is easy. Our 'unique' message
428 // identifiers are simply the Citadel message numbers in the database.
429 void pop3_uidl(char *argbuf) {
433 which_one = atoi(argbuf);
437 if (which_one > POP3->num_msgs) {
438 cprintf("-ERR no such message, only %d are here\r\n", POP3->num_msgs);
441 else if (POP3->msgs[which_one-1].deleted) {
442 cprintf("-ERR Sorry, you deleted that message.\r\n");
446 cprintf("+OK %d %ld\r\n", which_one, POP3->msgs[which_one-1].msgnum);
451 // "list all" (scan listing) mode
453 cprintf("+OK Here's your mail:\r\n");
454 if (POP3->num_msgs > 0) for (i=0; i<POP3->num_msgs; ++i) {
455 if (! POP3->msgs[i].deleted) {
456 cprintf("%d %ld\r\n", i+1, POP3->msgs[i].msgnum);
464 // implements the STLS command (Citadel API version)
465 void pop3_stls(void) {
466 char ok_response[SIZ];
467 char nosup_response[SIZ];
468 char error_response[SIZ];
470 sprintf(ok_response, "+OK Begin TLS negotiation now\r\n");
471 sprintf(nosup_response, "-ERR TLS not supported here\r\n");
472 sprintf(error_response, "-ERR Internal error\r\n");
473 CtdlModuleStartCryptoMsgs(ok_response, nosup_response, error_response);
477 // Main command loop for POP3 sessions.
478 void pop3_command_loop(void) {
482 memset(cmdbuf, 0, sizeof cmdbuf); // Clear it, just in case
483 if (client_getln(cmdbuf, sizeof cmdbuf) < 1) {
484 syslog(LOG_INFO, "pop3: client disconnected; ending session.");
485 CC->kill_me = KILLME_CLIENT_DISCONNECTED;
488 if (!strncasecmp(cmdbuf, "PASS", 4)) {
489 syslog(LOG_DEBUG, "pop3: PASS...");
492 syslog(LOG_DEBUG, "pop3: %s", cmdbuf);
494 while (strlen(cmdbuf) < 5) strcat(cmdbuf, " ");
496 if (!strncasecmp(cmdbuf, "NOOP", 4)) {
497 cprintf("+OK No operation.\r\n");
500 else if (!strncasecmp(cmdbuf, "CAPA", 4)) {
504 else if (!strncasecmp(cmdbuf, "QUIT", 4)) {
505 cprintf("+OK Goodbye...\r\n");
507 CC->kill_me = KILLME_CLIENT_LOGGED_OUT;
511 else if (!strncasecmp(cmdbuf, "USER", 4)) {
512 pop3_user(&cmdbuf[5]);
515 else if (!strncasecmp(cmdbuf, "PASS", 4)) {
516 pop3_pass(&cmdbuf[5]);
520 else if (!strncasecmp(cmdbuf, "STLS", 4)) {
525 else if (!CC->logged_in) {
526 cprintf("-ERR Not logged in.\r\n");
529 else if (CC->nologin) {
530 cprintf("-ERR System busy, try later.\r\n");
531 CC->kill_me = KILLME_NOLOGIN;
534 else if (!strncasecmp(cmdbuf, "LIST", 4)) {
535 pop3_list(&cmdbuf[5]);
538 else if (!strncasecmp(cmdbuf, "STAT", 4)) {
539 pop3_stat(&cmdbuf[5]);
542 else if (!strncasecmp(cmdbuf, "RETR", 4)) {
543 pop3_retr(&cmdbuf[5]);
546 else if (!strncasecmp(cmdbuf, "DELE", 4)) {
547 pop3_dele(&cmdbuf[5]);
550 else if (!strncasecmp(cmdbuf, "RSET", 4)) {
551 pop3_rset(&cmdbuf[5]);
554 else if (!strncasecmp(cmdbuf, "UIDL", 4)) {
555 pop3_uidl(&cmdbuf[5]);
558 else if (!strncasecmp(cmdbuf, "TOP", 3)) {
559 pop3_top(&cmdbuf[4]);
562 else if (!strncasecmp(cmdbuf, "LAST", 4)) {
563 pop3_last(&cmdbuf[4]);
567 cprintf("-ERR I'm afraid I can't do that.\r\n");
572 const char *CitadelServicePop3="POP3";
573 const char *CitadelServicePop3S="POP3S";
576 // Initialization function, called from modules_init.c
577 char *ctdl_module_init_pop3(void) {
579 CtdlRegisterServiceHook(CtdlGetConfigInt("c_pop3_port"),
586 CtdlRegisterServiceHook(CtdlGetConfigInt("c_pop3s_port"),
591 CitadelServicePop3S);
593 CtdlRegisterSessionHook(pop3_cleanup_function, EVT_STOP, PRIO_STOP + 30);
596 /* return our module name for the log */