int popmaildir_main(int argc UNUSED_PARAM, char **argv)
{
char *buf;
unsigned nmsg;
char *hostname;
pid_t pid;
const char *retr;
#if ENABLE_FEATURE_POPMAILDIR_DELIVERY
const char *delivery;
#endif
unsigned opt_nlines = 0;
enum {
OPT_b = 1 << 0, // -b binary mode. Ignored
OPT_d = 1 << 1, // -d,-dd,-ddd debug. Ignored
OPT_m = 1 << 2, // -m show ugsed memory. Ignored
OPT_V = 1 << 3, // -V version. Ignored
OPT_c = 1 << 4, // -c use tcpclient. Ignored
OPT_a = 1 << 5, // -a use APOP protocol
OPT_s = 1 << 6, // -s skip authorization
OPT_T = 1 << 7, // -T get messages with TOP instead with RETR
OPT_k = 1 << 8, // -k keep retrieved messages on the server
OPT_t = 1 << 9, // -t90 set timeout to 90 sec
OPT_R = 1 << 10, // -R20000 remove old messages on the server >= 20000 bytes (requires -k). Ignored
OPT_Z = 1 << 11, // -Z11-23 remove messages from 11 to 23 (dangerous). Ignored
OPT_L = 1 << 12, // -L50000 not retrieve new messages >= 50000 bytes. Ignored
OPT_H = 1 << 13, // -H30 type first 30 lines of a message; (-L12000 -H30). Ignored
OPT_M = 1 << 14, // -M\"program arg1 arg2 ...\"; deliver by program. Treated like -F
OPT_F = 1 << 15, // -F\"program arg1 arg2 ...\"; filter by program. Treated like -M
};
// init global variables
INIT_G();
// parse options
opt_complementary = "-1:dd:t+:R+:L+:H+";
opts = getopt32(argv,
"bdmVcasTkt:" "R:Z:L:H:" IF_FEATURE_POPMAILDIR_DELIVERY("M:F:"),
&timeout, NULL, NULL, NULL, &opt_nlines
IF_FEATURE_POPMAILDIR_DELIVERY(, &delivery, &delivery) // we treat -M and -F the same
);
//argc -= optind;
argv += optind;
// get auth info
if (!(opts & OPT_s))
get_cred_or_die(STDIN_FILENO);
// goto maildir
xchdir(*argv++);
// launch connect helper, if any
if (*argv)
launch_helper((const char **)argv);
// get server greeting
pop3_checkr(NULL, NULL, &buf);
// authenticate (if no -s given)
if (!(opts & OPT_s)) {
// server supports APOP and we want it?
if ('<' == buf[0] && (opts & OPT_a)) {
union { // save a bit of stack
md5_ctx_t ctx;
char hex[16 * 2 + 1];
} md5;
uint32_t res[16 / 4];
char *s = strchr(buf, '>');
if (s)
s[1] = '\0';
// get md5 sum of "<stamp>password" string
md5_begin(&md5.ctx);
md5_hash(&md5.ctx, buf, strlen(buf));
md5_hash(&md5.ctx, G.pass, strlen(G.pass));
md5_end(&md5.ctx, res);
*bin2hex(md5.hex, (char*)res, 16) = '\0';
// APOP
s = xasprintf("%s %s", G.user, md5.hex);
pop3_check("APOP %s", s);
free(s);
free(buf);
// server ignores APOP -> use simple text authentication
} else {
// USER
pop3_check("USER %s", G.user);
// PASS
pop3_check("PASS %s", G.pass);
}
}
// get mailbox statistics
pop3_checkr("STAT", NULL, &buf);
// prepare message filename suffix
hostname = safe_gethostname();
pid = getpid();
// get messages counter
// NOTE: we don't use xatou(buf) since buf is "nmsg nbytes"
// we only need nmsg and atoi is just exactly what we need
// if atoi fails to convert buf into number it returns 0
// in this case the following loop simply will not be executed
nmsg = atoi(buf);
free(buf);
// loop through messages
retr = (opts & OPT_T) ? xasprintf("TOP %%u %u", opt_nlines) : "RETR %u";
for (; nmsg; nmsg--) {
char *filename;
char *target;
char *answer;
FILE *fp;
#if ENABLE_FEATURE_POPMAILDIR_DELIVERY
int rc;
#endif
// generate unique filename
filename = xasprintf("tmp/%llu.%u.%s",
monotonic_us(), (unsigned)pid, hostname);
// retrieve message in ./tmp/ unless filter is specified
pop3_check(retr, (const char *)(ptrdiff_t)nmsg);
#if ENABLE_FEATURE_POPMAILDIR_DELIVERY
// delivery helper ordered? -> setup pipe
if (opts & (OPT_F|OPT_M)) {
// helper will have $FILENAME set to filename
xsetenv("FILENAME", filename);
fp = popen(delivery, "w");
unsetenv("FILENAME");
if (!fp) {
bb_perror_msg("delivery helper");
break;
}
} else
#endif
// create and open file filename
fp = xfopen_for_write(filename);
// copy stdin to fp (either filename or delivery helper)
while ((answer = xmalloc_fgets_str(stdin, "\r\n")) != NULL) {
char *s = answer;
if ('.' == answer[0]) {
if ('.' == answer[1])
s++;
else if ('\r' == answer[1] && '\n' == answer[2] && '\0' == answer[3])
break;
}
//*strchrnul(s, '\r') = '\n';
fputs(s, fp);
free(answer);
}
#if ENABLE_FEATURE_POPMAILDIR_DELIVERY
// analyse delivery status
if (opts & (OPT_F|OPT_M)) {
rc = pclose(fp);
if (99 == rc) // 99 means bail out
break;
// if (rc) // !0 means skip to the next message
goto skip;
// // 0 means continue
} else {
// close filename
fclose(fp);
}
#endif
// delete message from server
if (!(opts & OPT_k))
pop3_check("DELE %u", (const char*)(ptrdiff_t)nmsg);
// atomically move message to ./new/
target = xstrdup(filename);
strncpy(target, "new", 3);
// ... or just stop receiving on failure
if (rename_or_warn(filename, target))
break;
free(target);
#if ENABLE_FEATURE_POPMAILDIR_DELIVERY
skip:
#endif
free(filename);
}
// Bye
pop3_check("QUIT", NULL);
if (ENABLE_FEATURE_CLEAN_UP) {
free(G.user);
free(G.pass);
}
return EXIT_SUCCESS;
}
int sendmail_main(int argc UNUSED_PARAM, char **argv)
{
char *opt_connect = opt_connect;
char *opt_from = NULL;
char *s;
llist_t *list = NULL;
char *host = sane_address(safe_gethostname());
unsigned nheaders = 0;
int code;
enum {
HDR_OTHER = 0,
HDR_TOCC,
HDR_BCC,
} last_hdr = 0;
int check_hdr;
int has_to = 0;
enum {
//--- standard options
OPT_t = 1 << 0, // read message for recipients, append them to those on cmdline
OPT_f = 1 << 1, // sender address
OPT_o = 1 << 2, // various options. -oi IMPLIED! others are IGNORED!
OPT_i = 1 << 3, // IMPLIED!
//--- BB specific options
OPT_w = 1 << 4, // network timeout
OPT_H = 1 << 5, // use external connection helper
OPT_S = 1 << 6, // specify connection string
OPT_a = 1 << 7, // authentication tokens
OPT_v = 1 << 8, // verbosity
};
// init global variables
INIT_G();
// save initial stdin since body is piped!
xdup2(STDIN_FILENO, 3);
G.fp0 = xfdopen_for_read(3);
// parse options
// -v is a counter, -H and -S are mutually exclusive, -a is a list
opt_complementary = "vv:w+:H--S:S--H:a::";
// N.B. since -H and -S are mutually exclusive they do not interfere in opt_connect
// -a is for ssmtp (http://downloads.openwrt.org/people/nico/man/man8/ssmtp.8.html) compatibility,
// it is still under development.
opts = getopt32(argv, "tf:o:iw:H:S:a::v", &opt_from, NULL,
&timeout, &opt_connect, &opt_connect, &list, &verbose);
//argc -= optind;
argv += optind;
// process -a[upm]<token> options
if ((opts & OPT_a) && !list)
bb_show_usage();
while (list) {
char *a = (char *) llist_pop(&list);
if ('u' == a[0])
G.user = xstrdup(a+1);
if ('p' == a[0])
G.pass = xstrdup(a+1);
// N.B. we support only AUTH LOGIN so far
//if ('m' == a[0])
// G.method = xstrdup(a+1);
}
// N.B. list == NULL here
//bb_info_msg("OPT[%x] AU[%s], AP[%s], AM[%s], ARGV[%s]", opts, au, ap, am, *argv);
// connect to server
// connection helper ordered? ->
if (opts & OPT_H) {
const char *args[] = { "sh", "-c", opt_connect, NULL };
// plug it in
launch_helper(args);
// Now:
// our stdout will go to helper's stdin,
// helper's stdout will be available on our stdin.
// Wait for initial server message.
// If helper (such as openssl) invokes STARTTLS, the initial 220
// is swallowed by helper (and not repeated after TLS is initiated).
// We will send NOOP cmd to server and check the response.
// We should get 220+250 on plain connection, 250 on STARTTLSed session.
//
// The problem here is some servers delay initial 220 message,
// and consider client to be a spammer if it starts sending cmds
// before 220 reached it. The code below is unsafe in this regard:
// in non-STARTTLSed case, we potentially send NOOP before 220
// is sent by server.
// Ideas? (--delay SECS opt? --assume-starttls-helper opt?)
code = smtp_check("NOOP", -1);
if (code == 220)
// we got 220 - this is not STARTTLSed connection,
// eat 250 response to our NOOP
smtp_check(NULL, 250);
else
if (code != 250)
bb_error_msg_and_die("SMTP init failed");
} else {
// vanilla connection
int fd;
// host[:port] not explicitly specified? -> use $SMTPHOST
// no $SMTPHOST? -> use localhost
if (!(opts & OPT_S)) {
opt_connect = getenv("SMTPHOST");
if (!opt_connect)
opt_connect = (char *)"127.0.0.1";
}
// do connect
fd = create_and_connect_stream_or_die(opt_connect, 25);
// and make ourselves a simple IO filter
xmove_fd(fd, STDIN_FILENO);
xdup2(STDIN_FILENO, STDOUT_FILENO);
// Wait for initial server 220 message
smtp_check(NULL, 220);
}
// we should start with modern EHLO
if (250 != smtp_checkp("EHLO %s", host, -1))
smtp_checkp("HELO %s", host, 250);
// perform authentication
if (opts & OPT_a) {
smtp_check("AUTH LOGIN", 334);
// we must read credentials unless they are given via -a[up] options
if (!G.user || !G.pass)
get_cred_or_die(4);
encode_base64(NULL, G.user, NULL);
smtp_check("", 334);
encode_base64(NULL, G.pass, NULL);
smtp_check("", 235);
}
// set sender
// N.B. we have here a very loosely defined algorythm
// since sendmail historically offers no means to specify secrets on cmdline.
// 1) server can require no authentication ->
// we must just provide a (possibly fake) reply address.
// 2) server can require AUTH ->
// we must provide valid username and password along with a (possibly fake) reply address.
// For the sake of security username and password are to be read either from console or from a secured file.
// Since reading from console may defeat usability, the solution is either to read from a predefined
// file descriptor (e.g. 4), or again from a secured file.
// got no sender address? use auth name, then UID username as a last resort
if (!opt_from) {
opt_from = xasprintf("%s@%s",
G.user ? G.user : xuid2uname(getuid()),
xgethostbyname(host)->h_name);
}
free(host);
smtp_checkp("MAIL FROM:<%s>", opt_from, 250);
// process message
// read recipients from message and add them to those given on cmdline.
// this means we scan stdin for To:, Cc:, Bcc: lines until an empty line
// and then use the rest of stdin as message body
code = 0; // set "analyze headers" mode
while ((s = xmalloc_fgetline(G.fp0)) != NULL) {
dump:
// put message lines doubling leading dots
if (code) {
// escape leading dots
// N.B. this feature is implied even if no -i (-oi) switch given
// N.B. we need to escape the leading dot regardless of
// whether it is single or not character on the line
if ('.' == s[0] /*&& '\0' == s[1] */)
bb_putchar('.');
// dump read line
send_r_n(s);
free(s);
continue;
}
// analyze headers
// To: or Cc: headers add recipients
check_hdr = (0 == strncasecmp("To:", s, 3));
has_to |= check_hdr;
if (opts & OPT_t) {
if (check_hdr || 0 == strncasecmp("Bcc:" + 1, s, 3)) {
rcptto_list(s+3);
last_hdr = HDR_TOCC;
goto addheader;
}
// Bcc: header adds blind copy (hidden) recipient
if (0 == strncasecmp("Bcc:", s, 4)) {
rcptto_list(s+4);
free(s);
last_hdr = HDR_BCC;
continue; // N.B. Bcc: vanishes from headers!
}
}
check_hdr = (list && isspace(s[0]));
if (strchr(s, ':') || check_hdr) {
// other headers go verbatim
// N.B. RFC2822 2.2.3 "Long Header Fields" allows for headers to occupy several lines.
// Continuation is denoted by prefixing additional lines with whitespace(s).
// Thanks (stefan.seyfried at googlemail.com) for pointing this out.
if (check_hdr && last_hdr != HDR_OTHER) {
rcptto_list(s+1);
if (last_hdr == HDR_BCC)
continue;
// N.B. Bcc: vanishes from headers!
} else {
last_hdr = HDR_OTHER;
}
addheader:
// N.B. we allow MAX_HEADERS generic headers at most to prevent attacks
if (MAX_HEADERS && ++nheaders >= MAX_HEADERS)
goto bail;
llist_add_to_end(&list, s);
} else {
// a line without ":" (an empty line too, by definition) doesn't look like a valid header
// so stop "analyze headers" mode
reenter:
// put recipients specified on cmdline
check_hdr = 1;
while (*argv) {
char *t = sane_address(*argv);
rcptto(t);
//if (MAX_HEADERS && ++nheaders >= MAX_HEADERS)
// goto bail;
if (!has_to) {
const char *hdr;
if (check_hdr && argv[1])
hdr = "To: %s,";
else if (check_hdr)
hdr = "To: %s";
else if (argv[1])
hdr = "To: %s," + 3;
else
hdr = "To: %s" + 3;
llist_add_to_end(&list,
xasprintf(hdr, t));
check_hdr = 0;
}
argv++;
}
// enter "put message" mode
// N.B. DATA fails iff no recipients were accepted (or even provided)
// in this case just bail out gracefully
if (354 != smtp_check("DATA", -1))
goto bail;
// dump the headers
while (list) {
send_r_n((char *) llist_pop(&list));
}
// stop analyzing headers
code++;
// N.B. !s means: we read nothing, and nothing to be read in the future.
// just dump empty line and break the loop
if (!s) {
send_r_n("");
break;
}
// go dump message body
// N.B. "s" already contains the first non-header line, so pretend we read it from input
goto dump;
}
}
// odd case: we didn't stop "analyze headers" mode -> message body is empty. Reenter the loop
// N.B. after reenter code will be > 0
if (!code)
goto reenter;
// finalize the message
smtp_check(".", 250);
bail:
// ... and say goodbye
smtp_check("QUIT", 221);
// cleanup
if (ENABLE_FEATURE_CLEAN_UP)
fclose(G.fp0);
return EXIT_SUCCESS;
}
int sendmail_main(int argc UNUSED_PARAM, char **argv)
{
char *opt_connect = opt_connect;
char *opt_from;
char *s;
llist_t *list = NULL;
char *domain = sane_address(safe_getdomainname());
int code;
enum {
//--- standard options
OPT_t = 1 << 0, // read message for recipients, append them to those on cmdline
OPT_f = 1 << 1, // sender address
OPT_o = 1 << 2, // various options. -oi IMPLIED! others are IGNORED!
//--- BB specific options
OPT_w = 1 << 3, // network timeout
OPT_H = 1 << 4, // use external connection helper
OPT_S = 1 << 5, // specify connection string
OPT_a = 1 << 6, // authentication tokens
};
// init global variables
INIT_G();
// save initial stdin since body is piped!
xdup2(STDIN_FILENO, 3);
G.fp0 = fdopen(3, "r");
// parse options
// -f is required. -H and -S are mutually exclusive
opt_complementary = "f:w+:H--S:S--H:a::";
// N.B. since -H and -S are mutually exclusive they do not interfere in opt_connect
// -a is for ssmtp (http://downloads.openwrt.org/people/nico/man/man8/ssmtp.8.html) compatibility,
// it is still under development.
opts = getopt32(argv, "tf:o:w:H:S:a::", &opt_from, NULL, &timeout, &opt_connect, &opt_connect, &list);
//argc -= optind;
argv += optind;
// process -a[upm]<token> options
if ((opts & OPT_a) && !list)
bb_show_usage();
while (list) {
char *a = (char *) llist_pop(&list);
if ('u' == a[0])
G.user = xstrdup(a+1);
if ('p' == a[0])
G.pass = xstrdup(a+1);
// N.B. we support only AUTH LOGIN so far
//if ('m' == a[0])
// G.method = xstrdup(a+1);
}
// N.B. list == NULL here
//bb_info_msg("OPT[%x] AU[%s], AP[%s], AM[%s], ARGV[%s]", opts, au, ap, am, *argv);
// connect to server
// connection helper ordered? ->
if (opts & OPT_H) {
const char *args[] = { "sh", "-c", opt_connect, NULL };
// plug it in
launch_helper(args);
// vanilla connection
} else {
int fd;
// host[:port] not explicitly specified? -> use $SMTPHOST
// no $SMTPHOST ? -> use localhost
if (!(opts & OPT_S)) {
opt_connect = getenv("SMTPHOST");
if (!opt_connect)
opt_connect = (char *)"127.0.0.1";
}
// do connect
fd = create_and_connect_stream_or_die(opt_connect, 25);
// and make ourselves a simple IO filter
xmove_fd(fd, STDIN_FILENO);
xdup2(STDIN_FILENO, STDOUT_FILENO);
}
// N.B. from now we know nothing about network :)
// wait for initial server OK
// N.B. if we used openssl the initial 220 answer is already swallowed during openssl TLS init procedure
// so we need to kick the server to see whether we are ok
code = smtp_check("NOOP", -1);
// 220 on plain connection, 250 on openssl-helped TLS session
if (220 == code)
smtp_check(NULL, 250); // reread the code to stay in sync
else if (250 != code)
bb_error_msg_and_die("INIT failed");
// we should start with modern EHLO
if (250 != smtp_checkp("EHLO %s", domain, -1)) {
smtp_checkp("HELO %s", domain, 250);
}
if (ENABLE_FEATURE_CLEAN_UP)
free(domain);
// perform authentication
if (opts & OPT_a) {
smtp_check("AUTH LOGIN", 334);
// we must read credentials unless they are given via -a[up] options
if (!G.user || !G.pass)
get_cred_or_die(4);
encode_base64(NULL, G.user, NULL);
smtp_check("", 334);
encode_base64(NULL, G.pass, NULL);
smtp_check("", 235);
}
// set sender
// N.B. we have here a very loosely defined algotythm
// since sendmail historically offers no means to specify secrets on cmdline.
// 1) server can require no authentication ->
// we must just provide a (possibly fake) reply address.
// 2) server can require AUTH ->
// we must provide valid username and password along with a (possibly fake) reply address.
// For the sake of security username and password are to be read either from console or from a secured file.
// Since reading from console may defeat usability, the solution is either to read from a predefined
// file descriptor (e.g. 4), or again from a secured file.
// got no sender address? -> use system username as a resort
// N.B. we marked -f as required option!
//if (!G.user) {
// // N.B. IMHO getenv("USER") can be way easily spoofed!
// G.user = xuid2uname(getuid());
// opt_from = xasprintf("%s@%s", G.user, domain);
//}
//if (ENABLE_FEATURE_CLEAN_UP)
// free(domain);
smtp_checkp("MAIL FROM:<%s>", opt_from, 250);
// process message
// read recipients from message and add them to those given on cmdline.
// this means we scan stdin for To:, Cc:, Bcc: lines until an empty line
// and then use the rest of stdin as message body
code = 0; // set "analyze headers" mode
while ((s = xmalloc_fgetline(G.fp0)) != NULL) {
// put message lines doubling leading dots
if (code) {
// escape leading dots
// N.B. this feature is implied even if no -i (-oi) switch given
// N.B. we need to escape the leading dot regardless of
// whether it is single or not character on the line
if ('.' == s[0] /*&& '\0' == s[1] */)
printf(".");
// dump read line
printf("%s\r\n", s);
free(s);
continue;
}
// analyze headers
// To: or Cc: headers add recipients
if (0 == strncasecmp("To: ", s, 4) || 0 == strncasecmp("Bcc: " + 1, s, 4)) {
rcptto(sane_address(s+4));
// goto addh;
llist_add_to_end(&list, s);
// Bcc: header adds blind copy (hidden) recipient
} else if (0 == strncasecmp("Bcc: ", s, 5)) {
rcptto(sane_address(s+5));
free(s);
// N.B. Bcc: vanishes from headers!
// other headers go verbatim
} else if (s[0]) {
// addh:
llist_add_to_end(&list, s);
// the empty line stops analyzing headers
} else {
free(s);
// put recipients specified on cmdline
while (*argv) {
s = sane_address(*argv);
rcptto(s);
llist_add_to_end(&list, xasprintf("To: %s", s));
argv++;
}
// enter "put message" mode
smtp_check("DATA", 354);
// dump the headers
while (list) {
printf("%s\r\n", (char *) llist_pop(&list));
}
printf("%s\r\n" + 2); // quirk for format string to be reused
// stop analyzing headers
code++;
}
}
// finalize the message
smtp_check(".", 250);
// ... and say goodbye
smtp_check("QUIT", 221);
// cleanup
if (ENABLE_FEATURE_CLEAN_UP)
fclose(G.fp0);
return EXIT_SUCCESS;
}
