webcit-ng/server/messages.c

   1 // Message base functions
   2 //
   3 // Copyright (c) 1996-2022 by the citadel.org team
   4 //
   5 // This program is open source software.  Use, duplication, or
   6 // disclosure are subject to the GNU General Public License v3.
   7
   8 #include "webcit.h"
   9
  10
  11 // Given an encoded UID, translate that to an unencoded Citadel EUID and
  12 // then search for it in the current room.  Return a message number or -1
  13 // if not found.
  14 long locate_message_by_uid(struct ctdlsession *c, char *uid) {
  15         char buf[1024];
  16
  17         ctdl_printf(c, "EUID %s", uid);
  18         ctdl_readline(c, buf, sizeof buf);
  19         if (buf[0] == '2') {
  20                 return (atol(&buf[4]));
  21
  22         }
  23
  24         // Ugly hack to handle Mozilla Thunderbird, try stripping ".ics" if present
  25         if (!strcasecmp(&uid[strlen(uid) - 4], ".ics")) {
  26                 safestrncpy(buf, uid, sizeof buf);
  27                 buf[strlen(buf) - 4] = 0;
  28                 ctdl_printf(c, "EUID %s", buf);
  29                 ctdl_readline(c, buf, sizeof buf);
  30                 if (buf[0] == '2') {
  31                         return (atol(&buf[4]));
  32
  33                 }
  34         }
  35
  36         return (-1);
  37 }
  38
  39
  40 // DAV delete an object in a room.
  41 void dav_delete_message(struct http_transaction *h, struct ctdlsession *c, long msgnum) {
  42         ctdl_delete_msgs(c, &msgnum, 1);
  43         do_204(h);
  44 }
  45
  46
  47 // DAV move or copy an object in a room.
  48 void dav_move_or_copy_message(struct http_transaction *h, struct ctdlsession *c, long msgnum, int move_or_copy) {
  49         char target_room[ROOMNAMELEN];
  50         char buf[1024];
  51
  52         // HTTP "Destination" header will tell us the target collection
  53         char *target_collection = header_val(h, "Destination");
  54         syslog(LOG_DEBUG, "dest coll: \"%s\"", target_collection);
  55
  56         // Translate the target WebDAV Collection name to a Citadel Room name.
  57         // Note that some clients will supply a fully-qualified URL such as "http://example.com/ctdl/r/roomname/999"
  58         // so we're just going to search for "/ctdl/r/" and work from there.
  59         char *ctdlr = strstr(target_collection, "/ctdl/r/");
  60         if (ctdlr == NULL) {
  61                 do_412(h);              // badly formed target collection; fail out.
  62                 return;
  63         }
  64         safestrncpy(target_room, ctdlr+8, sizeof target_room);
  65         char *slash = strchr(target_room, '/');
  66         if (slash) {
  67                 *slash = 0;             // lop off the "filename" we don't need it
  68         }
  69         unescape_input(target_room);
  70         syslog(LOG_DEBUG, "dest room: \"%s\"", target_room);
  71
  72         // Perform the move or copy operation
  73         ctdl_printf(c, "MOVE %ld|%s|%d", msgnum, target_room, move_or_copy);    // Citadel Server: 0=move, 1=copy
  74         ctdl_readline(c, buf, sizeof buf);
  75         if (buf[0] == '2') {
  76                 do_204(h);              // succeed (no content)
  77                 return;
  78         }
  79         do_412(h);                      // fail (precondition failed)
  80 }
  81
  82
  83 // GET method directly on a message in a room
  84 void dav_get_message(struct http_transaction *h, struct ctdlsession *c, long msgnum) {
  85         char buf[1024];
  86         int in_body = 0;
  87         int encoding = 0;
  88         StrBuf *Body = NULL;
  89
  90         ctdl_printf(c, "MSG2 %ld", msgnum);
  91         ctdl_readline(c, buf, sizeof buf);
  92         if (buf[0] != '1') {
  93                 do_404(h);
  94                 return;
  95         }
  96
  97         char *etag = malloc(20);
  98         if (etag != NULL) {
  99                 sprintf(etag, "%ld", msgnum);
 100                 add_response_header(h, strdup("ETag"), etag);   // http_transaction now owns this memory
 101         }
 102
 103         while (ctdl_readline(c, buf, sizeof buf), strcmp(buf, "000")) {
 104                 if (IsEmptyStr(buf) && (in_body == 0)) {
 105                         in_body = 1;
 106                         Body = NewStrBuf();
 107                 }
 108                 else if (in_body == 0) {
 109                         char *k = buf;
 110                         char *v = strchr(buf, ':');
 111                         if (v) {
 112                                 *v = 0;
 113                                 ++v;
 114                                 string_trim(v);                         // we now have a key (k) and a value (v)
 115                                 if ((!strcasecmp(k, "content-type"))    // fields which can be passed from RFC822 to HTTP as-is
 116                                     || (!strcasecmp(k, "date"))
 117                                 ) {
 118                                         add_response_header(h, strdup(k), strdup(v));
 119                                 }
 120                                 else if (!strcasecmp(k, "content-transfer-encoding")) {
 121                                         if (!strcasecmp(v, "base64")) {
 122                                                 encoding = 'b';
 123                                         }
 124                                         else if (!strcasecmp(v, "quoted-printable")) {
 125                                                 encoding = 'q';
 126                                         }
 127                                 }
 128                         }
 129                 }
 130                 else if ((in_body == 1) && (Body != NULL)) {
 131                         StrBufAppendPrintf(Body, "%s\n", buf);
 132                 }
 133         }
 134
 135         h->response_code = 200;
 136         h->response_string = strdup("OK");
 137
 138         if (Body != NULL) {
 139                 if (encoding == 'q') {
 140                         h->response_body = malloc(StrLength(Body));
 141                         if (h->response_body != NULL) {
 142                                 h->response_body_length =
 143                                     CtdlDecodeQuotedPrintable(h->response_body, (char *) ChrPtr(Body), StrLength(Body));
 144                         }
 145                         FreeStrBuf(&Body);
 146                 }
 147                 else if (encoding == 'b') {
 148                         h->response_body = malloc(StrLength(Body));
 149                         if (h->response_body != NULL) {
 150                                 h->response_body_length = CtdlDecodeBase64(h->response_body, ChrPtr(Body), StrLength(Body));
 151                         }
 152                         FreeStrBuf(&Body);
 153                 }
 154                 else {
 155                         h->response_body_length = StrLength(Body);
 156                         h->response_body = SmashStrBuf(&Body);
 157                 }
 158         }
 159 }
 160
 161
 162 // PUT a message into a room
 163 void dav_put_message(struct http_transaction *h, struct ctdlsession *c, char *euid, long old_msgnum) {
 164         char buf[1024];
 165         char *content_type = NULL;
 166         int n;
 167         long new_msgnum;
 168         char new_euid[1024];
 169         char response_string[1024];
 170         char mime_boundary[80];
 171
 172         if ((h->request_body == NULL) || (h->request_body_length < 1)) {
 173                 do_404(h);                              // Refuse to post a null message
 174                 return;
 175         }
 176
 177         // Extract metadata from the URL
 178         char *wefw = get_url_param(h, "wefw");          // References:
 179         if (!wefw) wefw = "";
 180         char *subj = get_url_param(h, "subj");          // Subject:
 181         if (!subj) subj = "";
 182         char *mailto = get_url_param(h, "mailto");      // To:
 183         if (!mailto) mailto = "";
 184         char *mailcc = get_url_param(h, "mailcc");      // Cc:
 185         if (!mailcc) mailcc = "";
 186         char *mailbcc = get_url_param(h, "mailbcc");    // Bcc:
 187         if (!mailbcc) mailbcc = "";
 188
 189         // Mode 4 will give us metadata back after upload
 190         ctdl_printf(c, "ENT0 1|%s||4|%s||1|%s|%s|||%s|", mailto, subj, mailcc, mailbcc, wefw);
 191         ctdl_readline(c, buf, sizeof buf);
 192         if (buf[0] != '8') {
 193                 h->response_code = 502;
 194                 h->response_string = strdup("bad gateway");
 195                 add_response_header(h, strdup("Content-type"), strdup("text/plain"));
 196                 h->response_body = strdup(buf);
 197                 h->response_body_length = strlen(h->response_body);
 198                 return;
 199         }
 200
 201         // Remember, ctdl_printf() appends \n on its own, so when adding a CRLF newline, only use \r
 202         // Or for a blank line, use ctdl_write() with \r\n
 203
 204         // If there are attachments, open up a multipart/mixed MIME container.
 205         char *att = get_url_param(h, "att");
 206         if (att) {
 207                 snprintf(mime_boundary, sizeof(mime_boundary), "citadel-multipart-%x-%x", (unsigned int)time(NULL), rand());
 208                 ctdl_printf(c, "MIME-Version: 1.0\r");
 209                 ctdl_printf(c, "Content-Type: multipart/mixed; boundary=\"%s\"\r", mime_boundary);
 210                 ctdl_write(c, HKEY("\r\n"));
 211                 ctdl_printf(c, "--%s\r", mime_boundary);        // start of message body
 212         }
 213
 214         // This section
 215         content_type = header_val(h, "Content-type");
 216         ctdl_printf(c, "Content-type: %s\r", (content_type ? content_type : "application/octet-stream"));
 217         ctdl_write(c, HKEY("\r\n"));
 218         ctdl_write(c, h->request_body, h->request_body_length);
 219         if (h->request_body[h->request_body_length] != '\n') {
 220                 ctdl_write(c, HKEY("\r\n"));
 221         }
 222
 223         // If there are attachments, add them now.
 224         if (att) {
 225                 int i;
 226                 char attid[10];
 227                 struct uploaded_file one_att;
 228                 int num_attachments = num_tokens(att, ',');
 229
 230                 for (i=0; i<num_attachments; ++i) {
 231                         extract_token(attid, att, i, ',', sizeof(attid));
 232                         one_att = pop_upload(attid);
 233
 234                         // After calling pop_upload(), the attachment is no longer in the global list.
 235                         // The file descriptor has zero links, so when we close it, the filesystem will remove it from disk.
 236
 237                         syslog(LOG_DEBUG, "💥 attachment: %s , len=%ld", one_att.filename, one_att.length);
 238                         ctdl_printf(c, "--%s--\r", mime_boundary);
 239                         ctdl_printf(c, "Content-Type: %s; name=\"%s\"\r", one_att.content_type, one_att.filename);
 240                         ctdl_printf(c, "Content-Disposition: attachment; filename=\"%s\"\r", one_att.filename);
 241                         ctdl_printf(c, "Content-Transfer-Encoding: base64\r");
 242                         ctdl_write(c, HKEY("\r\n"));
 243
 244                         char *raw_att = malloc(one_att.length);
 245                         if (raw_att) {
 246                                 rewind(one_att.fp);
 247                                 if (fread(raw_att, one_att.length, 1, one_att.fp) != 1) {
 248                                         syslog(LOG_ERR, "messages: %m");
 249                                 }
 250
 251                                 // now encode it
 252                                 char *encoded_att = malloc((one_att.length * 150) / 100);
 253                                 if (encoded_att) {
 254                                         size_t encoded_length = CtdlEncodeBase64(encoded_att, raw_att, one_att.length, BASE64_YES_LINEBREAKS);
 255                                         ctdl_write(c, encoded_att, encoded_length);
 256                                         syslog(LOG_DEBUG, "Encoded attachment: len=%ld", encoded_length);
 257                                         free(encoded_att);
 258                                 }
 259                                 free(raw_att);
 260                         }
 261
 262                         fclose(one_att.fp);
 263                 }
 264
 265                 // Close the multipart/mixed MIME container.
 266                 ctdl_printf(c, "--%s--\r", mime_boundary);
 267         }
 268
 269         // Done writing to the Citadel Server.
 270         ctdl_printf(c, "000");
 271
 272         // Now handle the response from the Citadel Server.
 273         n = 0;
 274         new_msgnum = 0;
 275         strcpy(new_euid, "");
 276         strcpy(response_string, "");
 277
 278         while (ctdl_readline(c, buf, sizeof buf), strcmp(buf, "000"))
 279                 switch (n++) {
 280                 case 0:
 281                         new_msgnum = atol(buf);
 282                         break;
 283                 case 1:
 284                         safestrncpy(response_string, buf, sizeof response_string);
 285                         syslog(LOG_DEBUG, "new_msgnum=%ld (%s)\n", new_msgnum, buf);
 286                         break;
 287                 case 2:
 288                         safestrncpy(new_euid, buf, sizeof new_euid);
 289                         break;
 290                 default:
 291                         break;
 292                 }
 293
 294         // Tell the client what happened.
 295
 296         // Citadel failed in some way?
 297         char *new_location = malloc(1024);
 298         if ((new_msgnum < 0L) || (new_location == NULL)) {
 299                 h->response_code = 502;
 300                 h->response_string = strdup("bad gateway");
 301                 add_response_header(h, strdup("Content-type"), strdup("text/plain"));
 302                 h->response_body = strdup(response_string);
 303                 h->response_body_length = strlen(h->response_body);
 304                 return;
 305         }
 306
 307         char *etag = malloc(20);
 308         if (etag != NULL) {
 309                 sprintf(etag, "%ld", new_msgnum);
 310                 add_response_header(h, strdup("ETag"), etag);   // http_transaction now owns this memory
 311         }
 312
 313         char esc_room[1024];
 314         char esc_euid[1024];
 315         urlesc(esc_room, sizeof esc_room, c->room);
 316         urlesc(esc_euid, sizeof esc_euid, new_euid);
 317         snprintf(new_location, 1024, "/ctdl/r/%s/%s", esc_room, esc_euid);
 318         add_response_header(h, strdup("Location"), new_location);       // http_transaction now owns this memory
 319
 320         if (old_msgnum <= 0) {
 321                 h->response_code = 201; // We created this item for the first time.
 322                 h->response_string = strdup("created");
 323         }
 324         else {
 325                 h->response_code = 204; // We modified an existing item.
 326                 h->response_string = strdup("no content");
 327
 328                 // The item we replaced has probably already been deleted by
 329                 // the Citadel server, but we'll do this anyway, just in case.
 330                 ctdl_delete_msgs(c, &old_msgnum, 1);
 331         }
 332
 333 }
 334
 335
 336 // Download a single component of a MIME-encoded message
 337 void download_mime_component(struct http_transaction *h, struct ctdlsession *c, long msgnum, char *partnum) {
 338         char buf[1024];
 339         char content_type[1024];
 340
 341         ctdl_printf(c, "DLAT %ld|%s", msgnum, partnum);
 342         ctdl_readline(c, buf, sizeof buf);
 343         if (buf[0] != '6') {
 344                 do_404(h);      // too bad, so sad, go away
 345         }
 346         // Server response is going to be: 6XX length|-1|filename|content-type|charset
 347         h->response_body_length = extract_int(&buf[4], 0);
 348         extract_token(content_type, buf, 3, '|', sizeof content_type);
 349
 350         h->response_body = malloc(h->response_body_length + 1);
 351         int bytes = 0;
 352         int thisblock;
 353         do {
 354                 thisblock = read(c->sock, &h->response_body[bytes], (h->response_body_length - bytes));
 355                 bytes += thisblock;
 356                 syslog(LOG_DEBUG, "Bytes read: %d of %d", (int) bytes, (int) h->response_body_length);
 357         } while ((bytes < h->response_body_length) && (thisblock >= 0));
 358         h->response_body[h->response_body_length] = 0;  // null terminate it just for good measure
 359         syslog(LOG_DEBUG, "content type: %s", content_type);
 360
 361         add_response_header(h, strdup("Content-type"), strdup(content_type));
 362         h->response_code = 200;
 363         h->response_string = strdup("OK");
 364 }