- msg->cm_fields['U'] = rfc2047encode(subject, length);
- }
-
- }
- }
-
- if (supplied_euid != NULL) {
- msg->cm_fields['E'] = strdup(supplied_euid);
- }
-
- if ((references != NULL) && (!IsEmptyStr(references))) {
- if (msg->cm_fields['W'] != NULL)
- free(msg->cm_fields['W']);
- msg->cm_fields['W'] = strdup(references);
- }
-
- if (preformatted_text != NULL) {
- msg->cm_fields['M'] = preformatted_text;
- }
- else {
- msg->cm_fields['M'] = CtdlReadMessageBody(HKEY("000"), config.c_maxmsglen, NULL, 0, 0);
- }
-
- return(msg);
-}
-
-/*
- * Check to see whether we have permission to post a message in the current
- * room. Returns a *CITADEL ERROR CODE* and puts a message in errmsgbuf, or
- * returns 0 on success.
- */
-int CtdlDoIHavePermissionToPostInThisRoom(
- char *errmsgbuf,
- size_t n,
- const char* RemoteIdentifier,
- int PostPublic,
- int is_reply
- ) {
- int ra;
-
- if (!(CC->logged_in) &&
- (PostPublic == POST_LOGGED_IN)) {
- snprintf(errmsgbuf, n, "Not logged in.");
- return (ERROR + NOT_LOGGED_IN);
- }
- else if (PostPublic == CHECK_EXISTANCE) {
- return (0); // We're Evaling whether a recipient exists
- }
- else if (!(CC->logged_in)) {
-
- if ((CC->room.QRflags & QR_READONLY)) {
- snprintf(errmsgbuf, n, "Not logged in.");
- return (ERROR + NOT_LOGGED_IN);
- }
- if (CC->room.QRflags2 & QR2_MODERATED) {
- snprintf(errmsgbuf, n, "Not logged in Moderation feature not yet implemented!");
- return (ERROR + NOT_LOGGED_IN);
- }
- if ((PostPublic!=POST_LMTP) &&(CC->room.QRflags2 & QR2_SMTP_PUBLIC) == 0) {
-
- return CtdlNetconfigCheckRoomaccess(errmsgbuf, n, RemoteIdentifier);
- }
- return (0);
-
- }
-
- if ((CC->user.axlevel < AxProbU)
- && ((CC->room.QRflags & QR_MAILBOX) == 0)) {
- snprintf(errmsgbuf, n, "Need to be validated to enter (except in %s> to sysop)", MAILROOM);
- return (ERROR + HIGHER_ACCESS_REQUIRED);
- }
-
- CtdlRoomAccess(&CC->room, &CC->user, &ra, NULL);
-
- if (ra & UA_POSTALLOWED) {
- strcpy(errmsgbuf, "OK to post or reply here");
- return(0);
- }
-
- if ( (ra & UA_REPLYALLOWED) && (is_reply) ) {
- /*
- * To be thorough, we ought to check to see if the message they are
- * replying to is actually a valid one in this room, but unless this
- * actually becomes a problem we'll go with high performance instead.
- */
- strcpy(errmsgbuf, "OK to reply here");
- return(0);
- }
-
- if ( (ra & UA_REPLYALLOWED) && (!is_reply) ) {
- /* Clarify what happened with a better error message */
- snprintf(errmsgbuf, n, "You may only reply to existing messages here.");
- return (ERROR + HIGHER_ACCESS_REQUIRED);
- }
-
- snprintf(errmsgbuf, n, "Higher access is required to post in this room.");
- return (ERROR + HIGHER_ACCESS_REQUIRED);
-
-}
-
-
-/*
- * Check to see if the specified user has Internet mail permission
- * (returns nonzero if permission is granted)
- */
-int CtdlCheckInternetMailPermission(struct ctdluser *who) {
-
- /* Do not allow twits to send Internet mail */
- if (who->axlevel <= AxProbU) return(0);
-
- /* Globally enabled? */
- if (config.c_restrict == 0) return(1);
-
- /* User flagged ok? */
- if (who->flags & US_INTERNET) return(2);
-
- /* Admin level access? */
- if (who->axlevel >= AxAideU) return(3);
-
- /* No mail for you! */
- return(0);
-}
-
-
-/*
- * Validate recipients, count delivery types and errors, and handle aliasing
- * FIXME check for dupes!!!!!
- *
- * Returns 0 if all addresses are ok, ret->num_error = -1 if no addresses
- * were specified, or the number of addresses found invalid.
- *
- * Caller needs to free the result using free_recipients()
- */
-struct recptypes *validate_recipients(const char *supplied_recipients,
- const char *RemoteIdentifier,
- int Flags) {
- struct CitContext *CCC = CC;
- struct recptypes *ret;
- char *recipients = NULL;
- char *org_recp;
- char this_recp[256];
- char this_recp_cooked[256];
- char append[SIZ];
- long len;
- int num_recps = 0;
- int i, j;
- int mailtype;
- int invalid;
- struct ctdluser tempUS;
- struct ctdlroom tempQR;
- struct ctdlroom tempQR2;
- int err = 0;
- char errmsg[SIZ];
- int in_quotes = 0;
-
- /* Initialize */
- ret = (struct recptypes *) malloc(sizeof(struct recptypes));
- if (ret == NULL) return(NULL);
-
- /* Set all strings to null and numeric values to zero */
- memset(ret, 0, sizeof(struct recptypes));
-
- if (supplied_recipients == NULL) {
- recipients = strdup("");
- }
- else {
- recipients = strdup(supplied_recipients);
- }
-
- /* Allocate some memory. Yes, this allocates 500% more memory than we will
- * actually need, but it's healthier for the heap than doing lots of tiny
- * realloc() calls instead.
- */
- len = strlen(recipients) + 1024;
- ret->errormsg = malloc(len);
- ret->recp_local = malloc(len);
- ret->recp_internet = malloc(len);
- ret->recp_ignet = malloc(len);
- ret->recp_room = malloc(len);
- ret->display_recp = malloc(len);
- ret->recp_orgroom = malloc(len);
- org_recp = malloc(len);
-
- ret->errormsg[0] = 0;
- ret->recp_local[0] = 0;
- ret->recp_internet[0] = 0;
- ret->recp_ignet[0] = 0;
- ret->recp_room[0] = 0;
- ret->recp_orgroom[0] = 0;
- ret->display_recp[0] = 0;
-
- ret->recptypes_magic = RECPTYPES_MAGIC;
-
- /* Change all valid separator characters to commas */
- for (i=0; !IsEmptyStr(&recipients[i]); ++i) {
- if ((recipients[i] == ';') || (recipients[i] == '|')) {
- recipients[i] = ',';
- }
- }
-
- /* Now start extracting recipients... */
-
- while (!IsEmptyStr(recipients)) {
- for (i=0; i<=strlen(recipients); ++i) {
- if (recipients[i] == '\"') in_quotes = 1 - in_quotes;
- if ( ( (recipients[i] == ',') && (!in_quotes) ) || (recipients[i] == 0) ) {
- safestrncpy(this_recp, recipients, i+1);
- this_recp[i] = 0;
- if (recipients[i] == ',') {
- strcpy(recipients, &recipients[i+1]);
- }
- else {
- strcpy(recipients, "");
- }
- break;
- }
- }
-
- striplt(this_recp);
- if (IsEmptyStr(this_recp))
- break;
- MSG_syslog(LOG_DEBUG, "Evaluating recipient #%d: %s\n", num_recps, this_recp);
- ++num_recps;
-
- strcpy(org_recp, this_recp);
- alias(this_recp);
- alias(this_recp);
- mailtype = alias(this_recp);
-
- for (j = 0; !IsEmptyStr(&this_recp[j]); ++j) {
- if (this_recp[j]=='_') {
- this_recp_cooked[j] = ' ';
- }
- else {
- this_recp_cooked[j] = this_recp[j];
- }
- }
- this_recp_cooked[j] = '\0';
- invalid = 0;
- errmsg[0] = 0;
- switch(mailtype) {
- case MES_LOCAL:
- if (!strcasecmp(this_recp, "sysop")) {
- ++ret->num_room;
- strcpy(this_recp, config.c_aideroom);
- if (!IsEmptyStr(ret->recp_room)) {
- strcat(ret->recp_room, "|");
- }
- strcat(ret->recp_room, this_recp);
- }
- else if ( (!strncasecmp(this_recp, "room_", 5))
- && (!CtdlGetRoom(&tempQR, &this_recp_cooked[5])) ) {
-
- /* Save room so we can restore it later */
- tempQR2 = CCC->room;
- CCC->room = tempQR;
-
- /* Check permissions to send mail to this room */
- err = CtdlDoIHavePermissionToPostInThisRoom(
- errmsg,
- sizeof errmsg,
- RemoteIdentifier,
- Flags,
- 0 /* 0 = not a reply */
- );
- if (err)
- {
- ++ret->num_error;
- invalid = 1;
- }
- else {
- ++ret->num_room;
- if (!IsEmptyStr(ret->recp_room)) {
- strcat(ret->recp_room, "|");
- }
- strcat(ret->recp_room, &this_recp_cooked[5]);
-
- if (!IsEmptyStr(ret->recp_orgroom)) {
- strcat(ret->recp_orgroom, "|");
- }
- strcat(ret->recp_orgroom, org_recp);
-
- }
-
- /* Restore room in case something needs it */
- CCC->room = tempQR2;
-
- }
- else if (CtdlGetUser(&tempUS, this_recp) == 0) {
- ++ret->num_local;
- strcpy(this_recp, tempUS.fullname);
- if (!IsEmptyStr(ret->recp_local)) {
- strcat(ret->recp_local, "|");
- }
- strcat(ret->recp_local, this_recp);
- }
- else if (CtdlGetUser(&tempUS, this_recp_cooked) == 0) {
- ++ret->num_local;
- strcpy(this_recp, tempUS.fullname);
- if (!IsEmptyStr(ret->recp_local)) {
- strcat(ret->recp_local, "|");
- }
- strcat(ret->recp_local, this_recp);
- }
- else {
- ++ret->num_error;
- invalid = 1;
- }
- break;
- case MES_INTERNET:
- /* Yes, you're reading this correctly: if the target
- * domain points back to the local system or an attached
- * Citadel directory, the address is invalid. That's
- * because if the address were valid, we would have
- * already translated it to a local address by now.
- */
- if (IsDirectory(this_recp, 0)) {
- ++ret->num_error;
- invalid = 1;
- }
- else {
- ++ret->num_internet;
- if (!IsEmptyStr(ret->recp_internet)) {
- strcat(ret->recp_internet, "|");
- }
- strcat(ret->recp_internet, this_recp);
- }
- break;
- case MES_IGNET:
- ++ret->num_ignet;
- if (!IsEmptyStr(ret->recp_ignet)) {
- strcat(ret->recp_ignet, "|");
- }
- strcat(ret->recp_ignet, this_recp);
- break;
- case MES_ERROR:
- ++ret->num_error;
- invalid = 1;
- break;
- }
- if (invalid) {
- if (IsEmptyStr(errmsg)) {
- snprintf(append, sizeof append, "Invalid recipient: %s", this_recp);
- }
- else {
- snprintf(append, sizeof append, "%s", errmsg);
- }
- if ( (strlen(ret->errormsg) + strlen(append) + 3) < SIZ) {
- if (!IsEmptyStr(ret->errormsg)) {
- strcat(ret->errormsg, "; ");
- }
- strcat(ret->errormsg, append);
- }
- }
- else {
- if (IsEmptyStr(ret->display_recp)) {
- strcpy(append, this_recp);
- }
- else {
- snprintf(append, sizeof append, ", %s", this_recp);
- }
- if ( (strlen(ret->display_recp)+strlen(append)) < SIZ) {
- strcat(ret->display_recp, append);
- }
- }
- }
- free(org_recp);
-
- if ((ret->num_local + ret->num_internet + ret->num_ignet +
- ret->num_room + ret->num_error) == 0) {
- ret->num_error = (-1);
- strcpy(ret->errormsg, "No recipients specified.");
- }
-
- MSGM_syslog(LOG_DEBUG, "validate_recipients()\n");
- MSG_syslog(LOG_DEBUG, " local: %d <%s>\n", ret->num_local, ret->recp_local);
- MSG_syslog(LOG_DEBUG, " room: %d <%s>\n", ret->num_room, ret->recp_room);
- MSG_syslog(LOG_DEBUG, " inet: %d <%s>\n", ret->num_internet, ret->recp_internet);
- MSG_syslog(LOG_DEBUG, " ignet: %d <%s>\n", ret->num_ignet, ret->recp_ignet);
- MSG_syslog(LOG_DEBUG, " error: %d <%s>\n", ret->num_error, ret->errormsg);
-
- free(recipients);
- return(ret);
-}
-
-
-/*
- * Destructor for struct recptypes
- */
-void free_recipients(struct recptypes *valid) {
-
- if (valid == NULL) {
- return;
- }
-
- if (valid->recptypes_magic != RECPTYPES_MAGIC) {
- struct CitContext *CCC = CC;
- MSGM_syslog(LOG_EMERG, "Attempt to call free_recipients() on some other data type!\n");
- abort();
- }
-
- if (valid->errormsg != NULL) free(valid->errormsg);
- if (valid->recp_local != NULL) free(valid->recp_local);
- if (valid->recp_internet != NULL) free(valid->recp_internet);
- if (valid->recp_ignet != NULL) free(valid->recp_ignet);
- if (valid->recp_room != NULL) free(valid->recp_room);
- if (valid->recp_orgroom != NULL) free(valid->recp_orgroom);
- if (valid->display_recp != NULL) free(valid->display_recp);
- if (valid->bounce_to != NULL) free(valid->bounce_to);
- if (valid->envelope_from != NULL) free(valid->envelope_from);
- if (valid->sending_room != NULL) free(valid->sending_room);
- free(valid);
-}
-
-
-
-/*
- * message entry - mode 0 (normal)
- */
-void cmd_ent0(char *entargs)
-{
- struct CitContext *CCC = CC;
- int post = 0;
- char recp[SIZ];
- char cc[SIZ];
- char bcc[SIZ];
- char supplied_euid[128];
- int anon_flag = 0;
- int format_type = 0;
- char newusername[256];
- char newuseremail[256];
- struct CtdlMessage *msg;
- int anonymous = 0;
- char errmsg[SIZ];
- int err = 0;
- struct recptypes *valid = NULL;
- struct recptypes *valid_to = NULL;
- struct recptypes *valid_cc = NULL;
- struct recptypes *valid_bcc = NULL;
- char subject[SIZ];
- int subject_required = 0;
- int do_confirm = 0;
- long msgnum;
- int i, j;
- char buf[256];
- int newuseremail_ok = 0;
- char references[SIZ];
- char *ptr;
-
- unbuffer_output();
-
- post = extract_int(entargs, 0);
- extract_token(recp, entargs, 1, '|', sizeof recp);
- anon_flag = extract_int(entargs, 2);
- format_type = extract_int(entargs, 3);
- extract_token(subject, entargs, 4, '|', sizeof subject);
- extract_token(newusername, entargs, 5, '|', sizeof newusername);
- do_confirm = extract_int(entargs, 6);
- extract_token(cc, entargs, 7, '|', sizeof cc);
- extract_token(bcc, entargs, 8, '|', sizeof bcc);
- switch(CC->room.QRdefaultview) {
- case VIEW_NOTES:
- case VIEW_WIKI:
- extract_token(supplied_euid, entargs, 9, '|', sizeof supplied_euid);
- break;
- default:
- supplied_euid[0] = 0;
- break;
- }
- extract_token(newuseremail, entargs, 10, '|', sizeof newuseremail);
- extract_token(references, entargs, 11, '|', sizeof references);
- for (ptr=references; *ptr != 0; ++ptr) {
- if (*ptr == '!') *ptr = '|';
- }
-
- /* first check to make sure the request is valid. */
-
- err = CtdlDoIHavePermissionToPostInThisRoom(
- errmsg,
- sizeof errmsg,
- NULL,
- POST_LOGGED_IN,
- (!IsEmptyStr(references)) /* is this a reply? or a top-level post? */
- );
- if (err)
- {
- cprintf("%d %s\n", err, errmsg);
- return;
- }
-
- /* Check some other permission type things. */
-
- if (IsEmptyStr(newusername)) {
- strcpy(newusername, CCC->user.fullname);
- }
- if ( (CCC->user.axlevel < AxAideU)
- && (strcasecmp(newusername, CCC->user.fullname))
- && (strcasecmp(newusername, CCC->cs_inet_fn))
- ) {
- cprintf("%d You don't have permission to author messages as '%s'.\n",
- ERROR + HIGHER_ACCESS_REQUIRED,
- newusername
- );
- return;
- }
-
-
- if (IsEmptyStr(newuseremail)) {
- newuseremail_ok = 1;
- }
-
- if (!IsEmptyStr(newuseremail)) {
- if (!strcasecmp(newuseremail, CCC->cs_inet_email)) {
- newuseremail_ok = 1;
- }
- else if (!IsEmptyStr(CCC->cs_inet_other_emails)) {
- j = num_tokens(CCC->cs_inet_other_emails, '|');
- for (i=0; i<j; ++i) {
- extract_token(buf, CCC->cs_inet_other_emails, i, '|', sizeof buf);
- if (!strcasecmp(newuseremail, buf)) {
- newuseremail_ok = 1;
- }
- }
- }
- }
-
- if (!newuseremail_ok) {
- cprintf("%d You don't have permission to author messages as '%s'.\n",
- ERROR + HIGHER_ACCESS_REQUIRED,
- newuseremail
- );
- return;
- }
-
- CCC->cs_flags |= CS_POSTING;
-
- /* In mailbox rooms we have to behave a little differently --
- * make sure the user has specified at least one recipient. Then
- * validate the recipient(s). We do this for the Mail> room, as
- * well as any room which has the "Mailbox" view set - unless it
- * is the DRAFTS room which does not require recipients
- */
-
- if ( ( ( (CCC->room.QRflags & QR_MAILBOX) && (!strcasecmp(&CCC->room.QRname[11], MAILROOM)) )
- || ( (CCC->room.QRflags & QR_MAILBOX) && (CCC->curr_view == VIEW_MAILBOX) )
- ) && (strcasecmp(&CCC->room.QRname[11], USERDRAFTROOM)) !=0 ) {
- if (CCC->user.axlevel < AxProbU) {
- strcpy(recp, "sysop");
- strcpy(cc, "");
- strcpy(bcc, "");
- }
-
- valid_to = validate_recipients(recp, NULL, 0);
- if (valid_to->num_error > 0) {
- cprintf("%d %s\n", ERROR + NO_SUCH_USER, valid_to->errormsg);
- free_recipients(valid_to);
- return;
- }
-
- valid_cc = validate_recipients(cc, NULL, 0);
- if (valid_cc->num_error > 0) {
- cprintf("%d %s\n", ERROR + NO_SUCH_USER, valid_cc->errormsg);
- free_recipients(valid_to);
- free_recipients(valid_cc);
- return;
- }
-
- valid_bcc = validate_recipients(bcc, NULL, 0);
- if (valid_bcc->num_error > 0) {
- cprintf("%d %s\n", ERROR + NO_SUCH_USER, valid_bcc->errormsg);
- free_recipients(valid_to);
- free_recipients(valid_cc);
- free_recipients(valid_bcc);
- return;
- }
-
- /* Recipient required, but none were specified */
- if ( (valid_to->num_error < 0) && (valid_cc->num_error < 0) && (valid_bcc->num_error < 0) ) {
- free_recipients(valid_to);
- free_recipients(valid_cc);
- free_recipients(valid_bcc);
- cprintf("%d At least one recipient is required.\n", ERROR + NO_SUCH_USER);
- return;
- }
-
- if (valid_to->num_internet + valid_cc->num_internet + valid_bcc->num_internet > 0) {
- if (CtdlCheckInternetMailPermission(&CCC->user)==0) {
- cprintf("%d You do not have permission "
- "to send Internet mail.\n",
- ERROR + HIGHER_ACCESS_REQUIRED);
- free_recipients(valid_to);
- free_recipients(valid_cc);
- free_recipients(valid_bcc);
- return;
- }
- }
-
- if ( ( (valid_to->num_internet + valid_to->num_ignet + valid_cc->num_internet + valid_cc->num_ignet + valid_bcc->num_internet + valid_bcc->num_ignet) > 0)
- && (CCC->user.axlevel < AxNetU) ) {
- cprintf("%d Higher access required for network mail.\n",
- ERROR + HIGHER_ACCESS_REQUIRED);
- free_recipients(valid_to);
- free_recipients(valid_cc);
- free_recipients(valid_bcc);
- return;
- }
-
- if ((RESTRICT_INTERNET == 1)
- && (valid_to->num_internet + valid_cc->num_internet + valid_bcc->num_internet > 0)
- && ((CCC->user.flags & US_INTERNET) == 0)
- && (!CCC->internal_pgm)) {
- cprintf("%d You don't have access to Internet mail.\n",
- ERROR + HIGHER_ACCESS_REQUIRED);
- free_recipients(valid_to);
- free_recipients(valid_cc);
- free_recipients(valid_bcc);
- return;
- }
-
- }
-
- /* Is this a room which has anonymous-only or anonymous-option? */
- anonymous = MES_NORMAL;
- if (CCC->room.QRflags & QR_ANONONLY) {
- anonymous = MES_ANONONLY;
- }
- if (CCC->room.QRflags & QR_ANONOPT) {
- if (anon_flag == 1) { /* only if the user requested it */
- anonymous = MES_ANONOPT;
- }
- }
-
- if ((CCC->room.QRflags & QR_MAILBOX) == 0) {
- recp[0] = 0;
- }
-
- /* Recommend to the client that the use of a message subject is
- * strongly recommended in this room, if either the SUBJECTREQ flag
- * is set, or if there is one or more Internet email recipients.
- */
- if (CCC->room.QRflags2 & QR2_SUBJECTREQ) subject_required = 1;
- if ((valid_to) && (valid_to->num_internet > 0)) subject_required = 1;
- if ((valid_cc) && (valid_cc->num_internet > 0)) subject_required = 1;
- if ((valid_bcc) && (valid_bcc->num_internet > 0)) subject_required = 1;