HCoop / bpt / emacs.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
movemail: treat EACCES etc. failures as permanent
[bpt/emacs.git] / lib-src / movemail.c
CommitLineData
237e0016
RS		 1/* movemail foo bar -- move file foo to file bar,
2 locking file foo the way /bin/mail respects.
95df8112 3
acaf905b 4Copyright (C) 1986, 1992-1994, 1996, 1999, 2001-2012
95df8112 5 Free Software Foundation, Inc.
237e0016
RS		 6
7This file is part of GNU Emacs.
8
294981c7 9GNU Emacs is free software: you can redistribute it and/or modify
93320c23 10it under the terms of the GNU General Public License as published by
294981c7
GM		 11the Free Software Foundation, either version 3 of the License, or
12(at your option) any later version.
93320c23 13
237e0016 14GNU Emacs is distributed in the hope that it will be useful,
93320c23
JA		 15but WITHOUT ANY WARRANTY; without even the implied warranty of
16MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17GNU General Public License for more details.
237e0016 18
93320c23 19You should have received a copy of the GNU General Public License
294981c7
GM		 20along with GNU Emacs. If not, see <http://www.gnu.org/licenses/>. */
21
237e0016 22
63cf923d
RS		 23/* Important notice: defining MAIL_USE_FLOCK or MAIL_USE_LOCKF *will
24 cause loss of mail* if you do it on a system that does not normally
0aa8781f 25 use flock/lockf as its way of interlocking access to inbox files. The
63cf923d
RS		 26 setting of MAIL_USE_FLOCK and MAIL_USE_LOCKF *must agree* with the
27 system's own conventions. It is not a choice that is up to you.
08d0752f
RS		 28
29 So, if your system uses lock files rather than flock, then the only way
30 you can get proper operation is to enable movemail to write lockfiles there.
31 This means you must either give that directory access modes
32 that permit everyone to write lockfiles in it, or you must make movemail
33 a setuid or setgid program. */
34
237e0016
RS		 35/*
36 * Modified January, 1986 by Michael R. Gretzinger (Project Athena)
37 *
88c40feb 38 * Added POP (Post Office Protocol) service. When compiled -DMAIL_USE_POP
237e0016
RS		 39 * movemail will accept input filename arguments of the form
40 * "po:username". This will cause movemail to open a connection to
41 * a pop server running on $MAILHOST (environment variable). Movemail
42 * must be setuid to root in order to work with POP.
177c0ea7 43 *
237e0016
RS		 44 * New module: popmail.c
45 * Modified routines:
cfa191ff 46 * main - added code within #ifdef MAIL_USE_POP; added setuid (getuid ())
177c0ea7 47 * after POP code.
237e0016
RS		 48 * New routines in movemail.c:
49 * get_errmsg - return pointer to system error message
50 *
2e82e3c3
RS		 51 * Modified August, 1993 by Jonathan Kamens (OpenVision Technologies)
52 *
53 * Move all of the POP code into a separate file, "pop.c".
54 * Use strerror instead of get_errmsg.
55 *
237e0016
RS		 56 */
57
752fb472 58#include <config.h>
237e0016
RS		 59#include <sys/types.h>
60#include <sys/stat.h>
61#include <sys/file.h>
e2f9d9af 62#include <stdio.h>
237e0016 63#include <errno.h>
bd41a17d 64#include <time.h>
cc3b64e8 65
fea4325c 66#include <getopt.h>
f72adc12 67#include <unistd.h>
cc3b64e8 68#include <fcntl.h>
1725ae55 69#include <string.h>
f72adc12 70#include "syswait.h"
2e82e3c3
RS		 71#ifdef MAIL_USE_POP
72#include "pop.h"
73#endif
237e0016 74
91cf09ac
RS		 75#ifdef MSDOS
76#undef access
77#endif /* MSDOS */
78
7f75d5c6 79#ifdef WINDOWSNT
677a7bcf 80#include "ntlib.h"
7f75d5c6
RS		 81#undef access
82#undef unlink
83#define fork() 0
4822b2e5 84#define wait(var) (*(var) = 0)
7f75d5c6
RS		 85/* Unfortunately, Samba doesn't seem to properly lock Unix files even
86 though the locking call succeeds (and indeed blocks local access from
87 other NT programs). If you have direct file access using an NFS
88 client or something other than Samba, the locking call might work
677a7bcf
RS		 89 properly - make sure it does before you enable this!
90
91 [18-Feb-97 andrewi] I now believe my comment above to be incorrect,
92 since it was based on a misunderstanding of how locking calls are
93 implemented and used on Unix. */
94//#define DISABLE_DIRECT_ACCESS
95
677a7bcf 96#include <fcntl.h>
7f75d5c6
RS		 97#endif /* WINDOWSNT */
98
76ed5e01 99#ifdef WINDOWSNT
237e0016
RS		 100#include <sys/locking.h>
101#endif
102
0aa8781f
GM		 103/* If your system uses the `flock' or `lockf' system call for mail locking,
104 define MAIL_USE_SYSTEM_LOCK. If your system type should always define
105 MAIL_USE_LOCKF or MAIL_USE_FLOCK but configure does not do this,
106 please make a bug report. */
107
63cf923d
RS		 108#ifdef MAIL_USE_LOCKF
109#define MAIL_USE_SYSTEM_LOCK
110#endif
111
112#ifdef MAIL_USE_FLOCK
113#define MAIL_USE_SYSTEM_LOCK
114#endif
115
4293ba7f
RS		 116#ifdef MAIL_USE_MMDF
117extern int lk_open (), lk_close ();
118#endif
119
a4deff3c 120#if !defined (MAIL_USE_SYSTEM_LOCK) && !defined (MAIL_USE_MMDF) && \
dd843b6a
DL		 121 (defined (HAVE_LIBMAIL) || defined (HAVE_LIBLOCKFILE)) && \
122 defined (HAVE_MAILLOCK_H)
a4deff3c
RS		 123#include <maillock.h>
124/* We can't use maillock unless we know what directory system mail
125 files appear in. */
126#ifdef MAILDIR
127#define MAIL_USE_MAILLOCK
5a9c1e26 128static char *mail_spool_name (char *);
a4deff3c
RS		 129#endif
130#endif
131
845ca893 132static _Noreturn void fatal (const char *s1, const char *s2, const char *s3);
988e88ab 133static void error (const char *s1, const char *s2, const char *s3);
845ca893
PE		 134static _Noreturn void pfatal_with_name (char *name);
135static _Noreturn void pfatal_and_delete (char *name);
e2ad23ef 136#ifdef MAIL_USE_POP
1725ae55
AS		 137static int popmail (char *mailbox, char *outfile, int preserve, char *password, int reverse_order);
138static int pop_retr (popserver server, int msgno, FILE *arg);
139static int mbx_write (char *line, int len, FILE *mbf);
140static int mbx_delimit_begin (FILE *mbf);
141static int mbx_delimit_end (FILE *mbf);
e2ad23ef 142#endif
237e0016 143
debd9b27 144#if (defined MAIL_USE_MAILLOCK \
c214e35e
PE		 145 || (!defined DISABLE_DIRECT_ACCESS && !defined MAIL_USE_MMDF \
146 && !defined MAIL_USE_SYSTEM_LOCK))
147/* Like malloc but get fatal error if memory is exhausted. */
148
149static void *
150xmalloc (size_t size)
151{
152 void *result = malloc (size);
153 if (!result)
154 fatal ("virtual memory exhausted", 0, 0);
155 return result;
156}
157#endif
158
237e0016 159/* Nonzero means this is name of a lock file to delete on fatal error. */
b23b5a5b 160static char *delete_lockname;
237e0016 161
e2f9d9af 162int
873fbd0b 163main (int argc, char **argv)
237e0016
RS		 164{
165 char *inname, *outname;
166 int indesc, outdesc;
728a982d 167 ssize_t nread;
27d41fb4 168 int wait_status;
fea4325c 169 int c, preserve_mail = 0;
237e0016 170
63cf923d 171#ifndef MAIL_USE_SYSTEM_LOCK
237e0016 172 struct stat st;
237e0016 173 int tem;
529a133c 174 char *lockname;
906ad89d 175 char *tempname;
c214e35e 176 size_t inname_len, inname_dirlen;
237e0016 177 int desc;
63cf923d 178#endif /* not MAIL_USE_SYSTEM_LOCK */
237e0016 179
a4deff3c
RS		 180#ifdef MAIL_USE_MAILLOCK
181 char *spool_name;
182#endif
183
a2997b0f
KH		 184#ifdef MAIL_USE_POP
185 int pop_reverse_order = 0;
186# define ARGSTR "pr"
187#else /* ! MAIL_USE_POP */
188# define ARGSTR "p"
189#endif /* MAIL_USE_POP */
190
5e617bc2
JB		 191 uid_t real_gid = getgid ();
192 uid_t priv_gid = getegid ();
51a91f9d 193
9112a2a9
AI		 194#ifdef WINDOWSNT
195 /* Ensure all file i/o is in binary mode. */
196 _fmode = _O_BINARY;
197#endif
198
237e0016
RS		 199 delete_lockname = 0;
200
a2997b0f 201 while ((c = getopt (argc, argv, ARGSTR)) != EOF)
e2f9d9af 202 {
fea4325c 203 switch (c) {
a2997b0f
KH		 204#ifdef MAIL_USE_POP
205 case 'r':
206 pop_reverse_order = 1;
207 break;
208#endif
fea4325c
RS		 209 case 'p':
210 preserve_mail++;
211 break;
212 default:
65396510 213 exit (EXIT_FAILURE);
fea4325c
RS		 214 }
215 }
216
217 if (
218#ifdef MAIL_USE_POP
219 (argc - optind < 2) || (argc - optind > 3)
220#else
221 (argc - optind != 2)
222#endif
223 )
224 {
fea4325c 225#ifdef MAIL_USE_POP
f213f2c0 226 fprintf (stderr, "Usage: movemail [-p] [-r] inbox destfile%s\n",
bb5618fe 227 " [POP-password]");
fea4325c 228#else
bb5618fe 229 fprintf (stderr, "Usage: movemail [-p] inbox destfile%s\n", "");
fea4325c 230#endif
65396510 231 exit (EXIT_FAILURE);
e2f9d9af 232 }
237e0016 233
fea4325c
RS		 234 inname = argv[optind];
235 outname = argv[optind+1];
237e0016 236
4293ba7f
RS		 237#ifdef MAIL_USE_MMDF
238 mmdf_init (argv[0]);
239#endif
240
af7bd34e 241 if (*outname == 0)
a9eedf40 242 fatal ("Destination file name is empty", 0, 0);
af7bd34e 243
237e0016 244#ifdef MAIL_USE_POP
12a0565a 245 if (!strncmp (inname, "po:", 3))
237e0016 246 {
b3112191 247 int status;
237e0016 248
fea4325c 249 status = popmail (inname + 3, outname, preserve_mail,
a2997b0f
KH		 250 (argc - optind == 3) ? argv[optind+2] : NULL,
251 pop_reverse_order);
237e0016
RS		 252 exit (status);
253 }
254
51a91f9d
CY		 255 if (setuid (getuid ()) < 0)
256 fatal ("Failed to drop privileges", 0, 0);
257
237e0016
RS		 258#endif /* MAIL_USE_POP */
259
7f75d5c6 260#ifndef DISABLE_DIRECT_ACCESS
4293ba7f 261#ifndef MAIL_USE_MMDF
63cf923d 262#ifndef MAIL_USE_SYSTEM_LOCK
a4deff3c
RS		 263#ifdef MAIL_USE_MAILLOCK
264 spool_name = mail_spool_name (inname);
5a9c1e26
PE		 265 if (spool_name)
266 {
267#ifdef lint
268 lockname = 0;
269#endif
270 }
271 else
a4deff3c 272#endif
237e0016 273 {
a4deff3c
RS		 274 /* Use a lock file named after our first argument with .lock appended:
275 If it exists, the mail file is locked. */
276 /* Note: this locking mechanism is *required* by the mailer
277 (on systems which use it) to prevent loss of mail.
278
279 On systems that use a lock file, extracting the mail without locking
280 WILL occasionally cause loss of mail due to timing errors!
281
7eaa9e44
GM		 282 So, if creation of the lock file fails due to access
283 permission on the mail spool directory, you simply MUST
284 change the permission and/or make movemail a setgid program
a4deff3c
RS		 285 so it can create lock files properly.
286
7eaa9e44 287 You might also wish to verify that your system is one which
0aa8781f 288 uses lock files for this purpose. Some systems use other methods. */
a4deff3c 289
c214e35e
PE		 290 inname_len = strlen (inname);
291 lockname = xmalloc (inname_len + sizeof ".lock");
292 strcpy (lockname, inname);
293 strcpy (lockname + inname_len, ".lock");
294 for (inname_dirlen = inname_len;
529a133c
PE		 295 inname_dirlen && !IS_DIRECTORY_SEP (inname[inname_dirlen - 1]);
296 inname_dirlen--)
297 continue;
e99a530f 298 tempname = xmalloc (inname_dirlen + sizeof "EXXXXXX");
237e0016 299
a4deff3c 300 while (1)
237e0016 301 {
a4deff3c
RS		 302 /* Create the lock file, but not under the lock file name. */
303 /* Give up if cannot do that. */
529a133c
PE		 304
305 memcpy (tempname, inname, inname_dirlen);
306 strcpy (tempname + inname_dirlen, "EXXXXXX");
307#ifdef HAVE_MKSTEMP
308 desc = mkstemp (tempname);
309#else
310 mktemp (tempname);
311 if (!*tempname)
312 desc = -1;
313 else
314 {
315 unlink (tempname);
316 desc = open (tempname, O_WRONLY | O_CREAT | O_EXCL, 0600);
317 }
318#endif
a4deff3c
RS		 319 if (desc < 0)
320 {
529a133c 321 int mkstemp_errno = errno;
644a0faa
PE		 322 error ("error while creating what would become the lock file",
323 0, 0);
529a133c 324 errno = mkstemp_errno;
644a0faa 325 pfatal_with_name (tempname);
a4deff3c
RS		 326 }
327 close (desc);
328
329 tem = link (tempname, lockname);
097e9c90 330
e6bac876
PE		 331 if (tem < 0 && errno != EEXIST)
332 pfatal_with_name (lockname);
097e9c90 333
a4deff3c
RS		 334 unlink (tempname);
335 if (tem >= 0)
336 break;
337 sleep (1);
338
339 /* If lock file is five minutes old, unlock it.
340 Five minutes should be good enough to cope with crashes
341 and wedgitude, and long enough to avoid being fooled
342 by time differences between machines. */
343 if (stat (lockname, &st) >= 0)
344 {
5a9c1e26 345 time_t now = time (0);
a4deff3c
RS		 346 if (st.st_ctime < now - 300)
347 unlink (lockname);
348 }
237e0016 349 }
237e0016 350
a4deff3c
RS		 351 delete_lockname = lockname;
352 }
63cf923d
RS		 353#endif /* not MAIL_USE_SYSTEM_LOCK */
354#endif /* not MAIL_USE_MMDF */
237e0016 355
8ca83cfd
RS		 356 if (fork () == 0)
357 {
25025815 358 int lockcount = 0;
a4deff3c
RS		 359 int status = 0;
360#if defined (MAIL_USE_MAILLOCK) && defined (HAVE_TOUCHLOCK)
5a9c1e26
PE		 361 time_t touched_lock;
362# ifdef lint
363 touched_lock = 0;
364# endif
a4deff3c 365#endif
25025815 366
fbf4af3a 367 if (setuid (getuid ()) < 0 || setregid (-1, real_gid) < 0)
51a91f9d 368 fatal ("Failed to drop privileges", 0, 0);
8ca83cfd 369
63cf923d
RS		 370#ifndef MAIL_USE_MMDF
371#ifdef MAIL_USE_SYSTEM_LOCK
8ca83cfd 372 indesc = open (inname, O_RDWR);
63cf923d 373#else /* if not MAIL_USE_SYSTEM_LOCK */
8ca83cfd 374 indesc = open (inname, O_RDONLY);
63cf923d 375#endif /* not MAIL_USE_SYSTEM_LOCK */
8ca83cfd
RS		 376#else /* MAIL_USE_MMDF */
377 indesc = lk_open (inname, O_RDONLY, 0, 0, 10);
4293ba7f
RS		 378#endif /* MAIL_USE_MMDF */
379
8ca83cfd
RS		 380 if (indesc < 0)
381 pfatal_with_name (inname);
237e0016 382
76ed5e01 383#ifdef BSD_SYSTEM
8ca83cfd
RS		 384 /* In case movemail is setuid to root, make sure the user can
385 read the output file. */
386 /* This is desirable for all systems
387 but I don't want to assume all have the umask system call */
388 umask (umask (0) & 0333);
76ed5e01 389#endif /* BSD_SYSTEM */
8ca83cfd
RS		 390 outdesc = open (outname, O_WRONLY | O_CREAT | O_EXCL, 0666);
391 if (outdesc < 0)
392 pfatal_with_name (outname);
25025815 393
fbf4af3a 394 if (setregid (-1, priv_gid) < 0)
51a91f9d
CY		 395 fatal ("Failed to regain privileges", 0, 0);
396
25025815
RS		 397 /* This label exists so we can retry locking
398 after a delay, if it got EAGAIN or EBUSY. */
399 retry_lock:
400
401 /* Try to lock it. */
a4deff3c
RS		 402#ifdef MAIL_USE_MAILLOCK
403 if (spool_name)
404 {
405 /* The "0 - " is to make it a negative number if maillock returns
406 non-zero. */
407 status = 0 - maillock (spool_name, 1);
408#ifdef HAVE_TOUCHLOCK
409 touched_lock = time (0);
410#endif
411 lockcount = 5;
412 }
413 else
414#endif /* MAIL_USE_MAILLOCK */
415 {
63cf923d
RS		 416#ifdef MAIL_USE_SYSTEM_LOCK
417#ifdef MAIL_USE_LOCKF
a4deff3c 418 status = lockf (indesc, F_LOCK, 0);
63cf923d 419#else /* not MAIL_USE_LOCKF */
7f75d5c6 420#ifdef WINDOWSNT
a4deff3c 421 status = locking (indesc, LK_RLCK, -1L);
237e0016 422#else
a4deff3c 423 status = flock (indesc, LOCK_EX);
237e0016 424#endif
63cf923d
RS		 425#endif /* not MAIL_USE_LOCKF */
426#endif /* MAIL_USE_SYSTEM_LOCK */
a4deff3c 427 }
237e0016 428
25025815
RS		 429 /* If it fails, retry up to 5 times
430 for certain failure codes. */
431 if (status < 0)
432 {
433 if (++lockcount <= 5)
434 {
435#ifdef EAGAIN
436 if (errno == EAGAIN)
437 {
438 sleep (1);
439 goto retry_lock;
440 }
441#endif
442#ifdef EBUSY
443 if (errno == EBUSY)
444 {
445 sleep (1);
446 goto retry_lock;
447 }
448#endif
449 }
450
451 pfatal_with_name (inname);
452 }
177c0ea7 453
08564963 454 {
8ca83cfd
RS		 455 char buf[1024];
456
457 while (1)
08564963 458 {
8ca83cfd 459 nread = read (indesc, buf, sizeof buf);
5e5b35c7
RS		 460 if (nread < 0)
461 pfatal_with_name (inname);
8ca83cfd
RS		 462 if (nread != write (outdesc, buf, nread))
463 {
464 int saved_errno = errno;
465 unlink (outname);
466 errno = saved_errno;
467 pfatal_with_name (outname);
468 }
469 if (nread < sizeof buf)
470 break;
a4deff3c
RS		 471#if defined (MAIL_USE_MAILLOCK) && defined (HAVE_TOUCHLOCK)
472 if (spool_name)
473 {
5a9c1e26 474 time_t now = time (0);
a4deff3c
RS		 475 if (now - touched_lock > 60)
476 {
477 touchlock ();
478 touched_lock = now;
479 }
480 }
481#endif /* MAIL_USE_MAILLOCK */
08564963 482 }
08564963 483 }
237e0016 484
e397a017 485#ifdef BSD_SYSTEM
8ca83cfd
RS		 486 if (fsync (outdesc) < 0)
487 pfatal_and_delete (outname);
237e0016
RS		 488#endif
489
51a91f9d 490 /* Prevent symlink attacks truncating other users' mailboxes */
fbf4af3a 491 if (setregid (-1, real_gid) < 0)
51a91f9d
CY		 492 fatal ("Failed to drop privileges", 0, 0);
493
8ca83cfd
RS		 494 /* Check to make sure no errors before we zap the inbox. */
495 if (close (outdesc) != 0)
496 pfatal_and_delete (outname);
237e0016 497
63cf923d 498#ifdef MAIL_USE_SYSTEM_LOCK
fea4325c
RS		 499 if (! preserve_mail)
500 {
9055082e
PE		 501 if (ftruncate (indesc, 0L) != 0)
502 pfatal_with_name (inname);
b1cb2966 503 }
63cf923d 504#endif /* MAIL_USE_SYSTEM_LOCK */
4293ba7f
RS		 505
506#ifdef MAIL_USE_MMDF
8ca83cfd 507 lk_close (indesc, 0, 0, 0);
4293ba7f 508#else
8ca83cfd 509 close (indesc);
4293ba7f 510#endif
237e0016 511
63cf923d 512#ifndef MAIL_USE_SYSTEM_LOCK
fea4325c
RS		 513 if (! preserve_mail)
514 {
515 /* Delete the input file; if we can't, at least get rid of its
516 contents. */
e97dd183 517#ifdef MAIL_UNLINK_SPOOL
fea4325c
RS		 518 /* This is generally bad to do, because it destroys the permissions
519 that were set on the file. Better to just empty the file. */
520 if (unlink (inname) < 0 && errno != ENOENT)
e97dd183 521#endif /* MAIL_UNLINK_SPOOL */
fea4325c
RS		 522 creat (inname, 0600);
523 }
63cf923d 524#endif /* not MAIL_USE_SYSTEM_LOCK */
8ca83cfd 525
51a91f9d 526 /* End of mailbox truncation */
fbf4af3a 527 if (setregid (-1, priv_gid) < 0)
51a91f9d
CY		 528 fatal ("Failed to regain privileges", 0, 0);
529
a4deff3c
RS		 530#ifdef MAIL_USE_MAILLOCK
531 /* This has to occur in the child, i.e., in the process that
532 acquired the lock! */
533 if (spool_name)
534 mailunlock ();
535#endif
65396510 536 exit (EXIT_SUCCESS);
8ca83cfd
RS		 537 }
538
27d41fb4
PE		 539 wait (&wait_status);
540 if (!WIFEXITED (wait_status))
65396510 541 exit (EXIT_FAILURE);
13294f95
PE		 542 else if (WEXITSTATUS (wait_status) != 0)
543 exit (WEXITSTATUS (wait_status));
8ca83cfd 544
63cf923d 545#if !defined (MAIL_USE_MMDF) && !defined (MAIL_USE_SYSTEM_LOCK)
a4deff3c
RS		 546#ifdef MAIL_USE_MAILLOCK
547 if (! spool_name)
548#endif /* MAIL_USE_MAILLOCK */
549 unlink (lockname);
63cf923d 550#endif /* not MAIL_USE_MMDF and not MAIL_USE_SYSTEM_LOCK */
7f75d5c6
RS		 551
552#endif /* ! DISABLE_DIRECT_ACCESS */
553
65396510 554 return EXIT_SUCCESS;
237e0016 555}
a4deff3c
RS		 556
557#ifdef MAIL_USE_MAILLOCK
558/* This function uses stat to confirm that the mail directory is
559 identical to the directory of the input file, rather than just
560 string-comparing the two paths, because one or both of them might
561 be symbolic links pointing to some other directory. */
562static char *
728a982d 563mail_spool_name (char *inname)
a4deff3c
RS		 564{
565 struct stat stat1, stat2;
566 char *indir, *fname;
567 int status;
568
8966b757 569 if (! (fname = strrchr (inname, '/')))
a4deff3c
RS		 570 return NULL;
571
572 fname++;
573
574 if (stat (MAILDIR, &stat1) < 0)
575 return NULL;
576
e99a530f
PE		 577 indir = xmalloc (fname - inname + 1);
578 memcpy (indir, inname, fname - inname);
a4deff3c
RS		 579 indir[fname-inname] = '\0';
580
581
582 status = stat (indir, &stat2);
583
584 free (indir);
585
586 if (status < 0)
587 return NULL;
588
c4009c1f
RS		 589 if (stat1.st_dev == stat2.st_dev
590 && stat1.st_ino == stat2.st_ino)
a4deff3c
RS		 591 return fname;
592
593 return NULL;
594}
595#endif /* MAIL_USE_MAILLOCK */
237e0016
RS		 596\f
597/* Print error message and exit. */
598
1725ae55 599static void
988e88ab 600fatal (const char *s1, const char *s2, const char *s3)
237e0016
RS		 601{
602 if (delete_lockname)
603 unlink (delete_lockname);
a9eedf40 604 error (s1, s2, s3);
65396510 605 exit (EXIT_FAILURE);
237e0016
RS		 606}
607
cc3b64e8
DL		 608/* Print error message. `s1' is printf control string, `s2' and `s3'
609 are args for it or null. */
237e0016 610
1725ae55 611static void
988e88ab 612error (const char *s1, const char *s2, const char *s3)
237e0016 613{
e2f9d9af 614 fprintf (stderr, "movemail: ");
cc3b64e8
DL		 615 if (s3)
616 fprintf (stderr, s1, s2, s3);
617 else if (s2)
618 fprintf (stderr, s1, s2);
619 else
3b3807f8 620 fprintf (stderr, "%s", s1);
e2f9d9af 621 fprintf (stderr, "\n");
237e0016
RS		 622}
623
1725ae55 624static void
873fbd0b 625pfatal_with_name (char *name)
237e0016 626{
a9eedf40 627 fatal ("%s for %s", strerror (errno), name);
237e0016
RS		 628}
629
1725ae55 630static void
873fbd0b 631pfatal_and_delete (char *name)
cfa191ff 632{
a9eedf40 633 char *s = strerror (errno);
cfa191ff 634 unlink (name);
a9eedf40 635 fatal ("%s for %s", s, name);
cfa191ff 636}
237e0016
RS		 637\f
638/* This is the guts of the interface to the Post Office Protocol. */
639
640#ifdef MAIL_USE_POP
641
7f75d5c6 642#ifndef WINDOWSNT
237e0016
RS		 643#include <sys/socket.h>
644#include <netinet/in.h>
645#include <netdb.h>
7f75d5c6
RS		 646#else
647#undef _WINSOCKAPI_
648#include <winsock.h>
649#endif
cecf0f21 650#include <pwd.h>
d228a23c 651#include <string.h>
237e0016 652
237e0016
RS		 653#define NOTOK (-1)
654#define OK 0
237e0016 655
b23b5a5b 656static char Errmsg[200]; /* POP errors, at least, can exceed
752fb472 657 the original length of 80. */
237e0016 658
476b2799 659/*
4d90eee4 660 * The full valid syntax for a POP mailbox specification for movemail
476b2799
GM		 661 * is "po:username:hostname". The ":hostname" is optional; if it is
662 * omitted, the MAILHOST environment variable will be consulted. Note
663 * that by the time popmail() is called the "po:" has been stripped
664 * off of the front of the mailbox name.
665 *
666 * If the mailbox is in the form "po:username:hostname", then it is
667 * modified by this function -- the second colon is replaced by a
668 * null.
65396510
TTN		 669 *
670 * Return a value suitable for passing to `exit'.
476b2799
GM		 671 */
672
1725ae55 673static int
873fbd0b 674popmail (char *mailbox, char *outfile, int preserve, char *password, int reverse_order)
237e0016 675{
b1ce62a8 676 int nmsgs, nbytes;
b1ce62a8
RS		 677 register int i;
678 int mbfi;
679 FILE *mbf;
873fbd0b 680 char *getenv (const char *);
b32701a7 681 popserver server;
a2997b0f 682 int start, end, increment;
476b2799
GM		 683 char *user, *hostname;
684
685 user = mailbox;
8966b757 686 if ((hostname = strchr (mailbox, ':')))
476b2799 687 *hostname++ = '\0';
237e0016 688
476b2799 689 server = pop_open (hostname, user, password, POP_NO_GETPASS);
2e82e3c3 690 if (! server)
b1ce62a8 691 {
cc3b64e8 692 error ("Error connecting to POP server: %s", pop_error, 0);
65396510 693 return EXIT_FAILURE;
237e0016
RS		 694 }
695
2e82e3c3 696 if (pop_stat (server, &nmsgs, &nbytes))
b1ce62a8 697 {
cc3b64e8 698 error ("Error getting message count from POP server: %s", pop_error, 0);
65396510 699 return EXIT_FAILURE;
237e0016
RS		 700 }
701
b1ce62a8
RS		 702 if (!nmsgs)
703 {
2e82e3c3 704 pop_close (server);
65396510 705 return EXIT_SUCCESS;
b1ce62a8
RS		 706 }
707
708 mbfi = open (outfile, O_WRONLY | O_CREAT | O_EXCL, 0666);
709 if (mbfi < 0)
710 {
2e82e3c3
RS		 711 pop_close (server);
712 error ("Error in open: %s, %s", strerror (errno), outfile);
65396510 713 return EXIT_FAILURE;
b1ce62a8 714 }
f0939c31
PE		 715
716 if (fchown (mbfi, getuid (), -1) != 0)
717 {
718 int fchown_errno = errno;
719 struct stat st;
720 if (fstat (mbfi, &st) != 0 || st.st_uid != getuid ())
721 {
722 pop_close (server);
723 error ("Error in fchown: %s, %s", strerror (fchown_errno), outfile);
724 return EXIT_FAILURE;
725 }
726 }
b1ce62a8 727
7f75d5c6 728 if ((mbf = fdopen (mbfi, "wb")) == NULL)
b1ce62a8 729 {
2e82e3c3 730 pop_close (server);
cc3b64e8 731 error ("Error in fdopen: %s", strerror (errno), 0);
2e82e3c3
RS		 732 close (mbfi);
733 unlink (outfile);
65396510 734 return EXIT_FAILURE;
b1ce62a8
RS		 735 }
736
a2997b0f
KH		 737 if (reverse_order)
738 {
739 start = nmsgs;
740 end = 1;
741 increment = -1;
742 }
743 else
744 {
745 start = 1;
746 end = nmsgs;
747 increment = 1;
748 }
749
750 for (i = start; i * increment <= end * increment; i += increment)
b1ce62a8
RS		 751 {
752 mbx_delimit_begin (mbf);
ff804ff5 753 if (pop_retr (server, i, mbf) != OK)
b1ce62a8 754 {
17a60964 755 error ("%s", Errmsg, 0);
b1ce62a8 756 close (mbfi);
65396510 757 return EXIT_FAILURE;
237e0016 758 }
b1ce62a8
RS		 759 mbx_delimit_end (mbf);
760 fflush (mbf);
2e82e3c3
RS		 761 if (ferror (mbf))
762 {
cc3b64e8 763 error ("Error in fflush: %s", strerror (errno), 0);
2e82e3c3
RS		 764 pop_close (server);
765 close (mbfi);
65396510 766 return EXIT_FAILURE;
2e82e3c3 767 }
237e0016
RS		 768 }
769
2e82e3c3
RS		 770 /* On AFS, a call to write only modifies the file in the local
771 * workstation's AFS cache. The changes are not written to the server
772 * until a call to fsync or close is made. Users with AFS home
773 * directories have lost mail when over quota because these checks were
774 * not made in previous versions of movemail. */
775
e397a017 776#ifdef BSD_SYSTEM
cfa191ff
RS		 777 if (fsync (mbfi) < 0)
778 {
08fa58c9 779 error ("Error in fsync: %s", strerror (errno), 0);
65396510 780 return EXIT_FAILURE;
cfa191ff 781 }
340ff9de 782#endif
cfa191ff
RS		 783
784 if (close (mbfi) == -1)
785 {
cc3b64e8 786 error ("Error in close: %s", strerror (errno), 0);
65396510 787 return EXIT_FAILURE;
cfa191ff
RS		 788 }
789
fea4325c
RS		 790 if (! preserve)
791 for (i = 1; i <= nmsgs; i++)
792 {
793 if (pop_delete (server, i))
794 {
cc3b64e8 795 error ("Error from POP server: %s", pop_error, 0);
fea4325c 796 pop_close (server);
65396510 797 return EXIT_FAILURE;
fea4325c
RS		 798 }
799 }
237e0016 800
2e82e3c3 801 if (pop_quit (server))
b1ce62a8 802 {
cc3b64e8 803 error ("Error from POP server: %s", pop_error, 0);
65396510 804 return EXIT_FAILURE;
237e0016 805 }
177c0ea7 806
65396510 807 return EXIT_SUCCESS;
237e0016
RS		 808}
809
1725ae55 810static int
873fbd0b 811pop_retr (popserver server, int msgno, FILE *arg)
237e0016 812{
2e82e3c3
RS		 813 char *line;
814 int ret;
237e0016 815
2e82e3c3 816 if (pop_retrieve_first (server, msgno, &line))
b1ce62a8 817 {
e99a530f 818 snprintf (Errmsg, sizeof Errmsg, "Error from POP server: %s", pop_error);
2e82e3c3 819 return (NOTOK);
237e0016
RS		 820 }
821
d89d0243 822 while ((ret = pop_retrieve_next (server, &line)) >= 0)
b1ce62a8 823 {
2e82e3c3
RS		 824 if (! line)
825 break;
826
d89d0243 827 if (mbx_write (line, ret, arg) != OK)
b1ce62a8 828 {
2e82e3c3
RS		 829 strcpy (Errmsg, strerror (errno));
830 pop_close (server);
831 return (NOTOK);
237e0016
RS		 832 }
833 }
237e0016 834
2e82e3c3 835 if (ret)
b1ce62a8 836 {
e99a530f 837 snprintf (Errmsg, sizeof Errmsg, "Error from POP server: %s", pop_error);
2e82e3c3 838 return (NOTOK);
237e0016
RS		 839 }
840
2e82e3c3 841 return (OK);
237e0016
RS		 842}
843
1725ae55 844static int
873fbd0b 845mbx_write (char *line, int len, FILE *mbf)
237e0016 846{
d04f5031 847#ifdef MOVEMAIL_QUOTE_POP_FROM_LINES
5ecec6a7
PE		 848 /* Do this as a macro instead of using strcmp to save on execution time. */
849 # define IS_FROM_LINE(a) ((a[0] == 'F') \
850 && (a[1] == 'r') \
851 && (a[2] == 'o') \
852 && (a[3] == 'm') \
853 && (a[4] == ' '))
2e82e3c3
RS		 854 if (IS_FROM_LINE (line))
855 {
856 if (fputc ('>', mbf) == EOF)
857 return (NOTOK);
858 }
d04f5031
PE		 859#endif
860 if (line[0] == '\037')
861 {
862 if (fputs ("^_", mbf) == EOF)
863 return (NOTOK);
864 line++;
865 len--;
866 }
177c0ea7 867 if (fwrite (line, 1, len, mbf) != len)
2e82e3c3
RS		 868 return (NOTOK);
869 if (fputc (0x0a, mbf) == EOF)
870 return (NOTOK);
871 return (OK);
237e0016
RS		 872}
873
1725ae55 874static int
873fbd0b 875mbx_delimit_begin (FILE *mbf)
237e0016 876{
d228a23c
GM		 877 time_t now;
878 struct tm *ltime;
879 char fromline[40] = "From movemail ";
880
881 now = time (NULL);
882 ltime = localtime (&now);
883
884 strcat (fromline, asctime (ltime));
885
886 if (fputs (fromline, mbf) == EOF)
2e82e3c3
RS		 887 return (NOTOK);
888 return (OK);
237e0016
RS		 889}
890
1725ae55 891static int
873fbd0b 892mbx_delimit_end (FILE *mbf)
237e0016 893{
3f32be22 894 if (putc ('\n', mbf) == EOF)
2e82e3c3
RS		 895 return (NOTOK);
896 return (OK);
237e0016
RS		 897}
898
899#endif /* MAIL_USE_POP */
Unnamed repository; edit this file 'description' to name the repository.