1 /* movemail foo bar -- move file foo to file bar,
2 locking file foo the way /bin/mail respects.
3 Copyright (C) 1986, 1992, 1993, 1994, 1996 Free Software Foundation, Inc.
5 This file is part of GNU Emacs.
7 GNU Emacs is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2, or (at your option)
12 GNU Emacs is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with GNU Emacs; see the file COPYING. If not, write to
19 the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
20 Boston, MA 02111-1307, USA. */
22 /* Important notice: defining MAIL_USE_FLOCK or MAIL_USE_LOCKF *will
23 cause loss of mail* if you do it on a system that does not normally
24 use flock as its way of interlocking access to inbox files. The
25 setting of MAIL_USE_FLOCK and MAIL_USE_LOCKF *must agree* with the
26 system's own conventions. It is not a choice that is up to you.
28 So, if your system uses lock files rather than flock, then the only way
29 you can get proper operation is to enable movemail to write lockfiles there.
30 This means you must either give that directory access modes
31 that permit everyone to write lockfiles in it, or you must make movemail
32 a setuid or setgid program. */
35 * Modified January, 1986 by Michael R. Gretzinger (Project Athena)
37 * Added POP (Post Office Protocol) service. When compiled -DMAIL_USE_POP
38 * movemail will accept input filename arguments of the form
39 * "po:username". This will cause movemail to open a connection to
40 * a pop server running on $MAILHOST (environment variable). Movemail
41 * must be setuid to root in order to work with POP.
43 * New module: popmail.c
45 * main - added code within #ifdef MAIL_USE_POP; added setuid (getuid ())
47 * New routines in movemail.c:
48 * get_errmsg - return pointer to system error message
50 * Modified August, 1993 by Jonathan Kamens (OpenVision Technologies)
52 * Move all of the POP code into a separate file, "pop.c".
53 * Use strerror instead of get_errmsg.
57 #define NO_SHORTNAMES /* Tell config not to load remap.h */
58 #include <../src/config.h>
59 #include <sys/types.h>
64 #include <../src/syswait.h>
74 #define DIRECTORY_SEP '/'
76 #ifndef IS_DIRECTORY_SEP
77 #define IS_DIRECTORY_SEP(_c_) ((_c_) == DIRECTORY_SEP)
84 #define sys_wait(var) (*(var) = 0)
85 /* Unfortunately, Samba doesn't seem to properly lock Unix files even
86 though the locking call succeeds (and indeed blocks local access from
87 other NT programs). If you have direct file access using an NFS
88 client or something other than Samba, the locking call might work
89 properly - make sure it does before you enable this! */
90 #define DISABLE_DIRECT_ACCESS
91 #endif /* WINDOWSNT */
108 #if defined (XENIX) || defined (WINDOWSNT)
109 #include <sys/locking.h>
112 #ifdef MAIL_USE_LOCKF
113 #define MAIL_USE_SYSTEM_LOCK
116 #ifdef MAIL_USE_FLOCK
117 #define MAIL_USE_SYSTEM_LOCK
121 extern int lk_open (), lk_close ();
124 /* Cancel substitutions made by config.h for Emacs. */
137 void pfatal_with_name ();
138 void pfatal_and_delete ();
144 int mbx_delimit_begin ();
145 int mbx_delimit_end ();
147 /* Nonzero means this is name of a lock file to delete on fatal error. */
148 char *delete_lockname
;
155 char *inname
, *outname
;
160 #ifndef MAIL_USE_SYSTEM_LOCK
167 #endif /* not MAIL_USE_SYSTEM_LOCK */
173 fprintf (stderr
, "Usage: movemail inbox destfile [POP-password]\n");
185 fatal ("Destination file name is empty", 0);
187 /* Check access to output file. */
188 if (access (outname
, F_OK
) == 0 && access (outname
, W_OK
) != 0)
189 pfatal_with_name (outname
);
191 /* Also check that outname's directory is writable to the real uid. */
193 char *buf
= (char *) xmalloc (strlen (outname
) + 1);
195 strcpy (buf
, outname
);
196 p
= buf
+ strlen (buf
);
197 while (p
> buf
&& !IS_DIRECTORY_SEP (p
[-1]))
201 if (access (buf
, W_OK
) != 0)
202 pfatal_with_name (buf
);
207 if (!strncmp (inname
, "po:", 3))
211 status
= popmail (inname
+ 3, outname
, argc
> 3 ? argv
[3] : NULL
);
216 #endif /* MAIL_USE_POP */
218 #ifndef DISABLE_DIRECT_ACCESS
220 /* Check access to input file. */
221 if (access (inname
, R_OK
| W_OK
) != 0)
222 pfatal_with_name (inname
);
224 #ifndef MAIL_USE_MMDF
225 #ifndef MAIL_USE_SYSTEM_LOCK
226 /* Use a lock file named after our first argument with .lock appended:
227 If it exists, the mail file is locked. */
228 /* Note: this locking mechanism is *required* by the mailer
229 (on systems which use it) to prevent loss of mail.
231 On systems that use a lock file, extracting the mail without locking
232 WILL occasionally cause loss of mail due to timing errors!
234 So, if creation of the lock file fails
235 due to access permission on the mail spool directory,
236 you simply MUST change the permission
237 and/or make movemail a setgid program
238 so it can create lock files properly.
240 You might also wish to verify that your system is one
241 which uses lock files for this purpose. Some systems use other methods.
243 If your system uses the `flock' system call for mail locking,
244 define MAIL_USE_SYSTEM_LOCK in config.h or the s-*.h file
245 and recompile movemail. If the s- file for your system
246 should define MAIL_USE_SYSTEM_LOCK but does not, send a bug report
247 to bug-gnu-emacs@prep.ai.mit.edu so we can fix it. */
249 lockname
= concat (inname
, ".lock", "");
250 tempname
= (char *) xmalloc (strlen (inname
) + strlen ("EXXXXXX") + 1);
251 strcpy (tempname
, inname
);
252 p
= tempname
+ strlen (tempname
);
253 while (p
!= tempname
&& !IS_DIRECTORY_SEP (p
[-1]))
256 strcpy (p
, "EXXXXXX");
262 /* Create the lock file, but not under the lock file name. */
263 /* Give up if cannot do that. */
264 desc
= open (tempname
, O_WRONLY
| O_CREAT
| O_EXCL
, 0666);
267 char *message
= (char *) xmalloc (strlen (tempname
) + 50);
268 sprintf (message
, "%s--see source file lib-src/movemail.c",
270 pfatal_with_name (message
);
274 tem
= link (tempname
, lockname
);
280 /* If lock file is five minutes old, unlock it.
281 Five minutes should be good enough to cope with crashes
282 and wedgitude, and long enough to avoid being fooled
283 by time differences between machines. */
284 if (stat (lockname
, &st
) >= 0)
287 if (st
.st_ctime
< now
- 300)
292 delete_lockname
= lockname
;
293 #endif /* not MAIL_USE_SYSTEM_LOCK */
294 #endif /* not MAIL_USE_MMDF */
303 #ifndef MAIL_USE_MMDF
304 #ifdef MAIL_USE_SYSTEM_LOCK
305 indesc
= open (inname
, O_RDWR
);
306 #else /* if not MAIL_USE_SYSTEM_LOCK */
307 indesc
= open (inname
, O_RDONLY
);
308 #endif /* not MAIL_USE_SYSTEM_LOCK */
309 #else /* MAIL_USE_MMDF */
310 indesc
= lk_open (inname
, O_RDONLY
, 0, 0, 10);
311 #endif /* MAIL_USE_MMDF */
314 pfatal_with_name (inname
);
316 #if defined (BSD_SYSTEM) || defined (XENIX)
317 /* In case movemail is setuid to root, make sure the user can
318 read the output file. */
319 /* This is desirable for all systems
320 but I don't want to assume all have the umask system call */
321 umask (umask (0) & 0333);
322 #endif /* BSD_SYSTEM || XENIX */
323 outdesc
= open (outname
, O_WRONLY
| O_CREAT
| O_EXCL
, 0666);
325 pfatal_with_name (outname
);
327 /* This label exists so we can retry locking
328 after a delay, if it got EAGAIN or EBUSY. */
331 /* Try to lock it. */
332 #ifdef MAIL_USE_SYSTEM_LOCK
333 #ifdef MAIL_USE_LOCKF
334 status
= lockf (indesc
, F_LOCK
, 0);
335 #else /* not MAIL_USE_LOCKF */
337 status
= locking (indesc
, LK_RLCK
, 0L);
340 status
= locking (indesc
, LK_RLCK
, -1L);
342 status
= flock (indesc
, LOCK_EX
);
345 #endif /* not MAIL_USE_LOCKF */
346 #endif /* MAIL_USE_SYSTEM_LOCK */
348 /* If it fails, retry up to 5 times
349 for certain failure codes. */
352 if (++lockcount
<= 5)
370 pfatal_with_name (inname
);
378 nread
= read (indesc
, buf
, sizeof buf
);
379 if (nread
!= write (outdesc
, buf
, nread
))
381 int saved_errno
= errno
;
384 pfatal_with_name (outname
);
386 if (nread
< sizeof buf
)
392 if (fsync (outdesc
) < 0)
393 pfatal_and_delete (outname
);
396 /* Check to make sure no errors before we zap the inbox. */
397 if (close (outdesc
) != 0)
398 pfatal_and_delete (outname
);
400 #ifdef MAIL_USE_SYSTEM_LOCK
401 #if defined (STRIDE) || defined (XENIX) || defined (WINDOWSNT)
402 /* Stride, xenix have file locking, but no ftruncate. This mess will do. */
403 close (open (inname
, O_CREAT
| O_TRUNC
| O_RDWR
, 0666));
405 ftruncate (indesc
, 0L);
406 #endif /* STRIDE or XENIX */
407 #endif /* MAIL_USE_SYSTEM_LOCK */
410 lk_close (indesc
, 0, 0, 0);
415 #ifndef MAIL_USE_SYSTEM_LOCK
416 /* Delete the input file; if we can't, at least get rid of its
418 #ifdef MAIL_UNLINK_SPOOL
419 /* This is generally bad to do, because it destroys the permissions
420 that were set on the file. Better to just empty the file. */
421 if (unlink (inname
) < 0 && errno
!= ENOENT
)
422 #endif /* MAIL_UNLINK_SPOOL */
423 creat (inname
, 0600);
424 #endif /* not MAIL_USE_SYSTEM_LOCK */
430 if (!WIFEXITED (status
))
432 else if (WRETCODE (status
) != 0)
433 exit (WRETCODE (status
));
435 #if !defined (MAIL_USE_MMDF) && !defined (MAIL_USE_SYSTEM_LOCK)
437 #endif /* not MAIL_USE_MMDF and not MAIL_USE_SYSTEM_LOCK */
439 #endif /* ! DISABLE_DIRECT_ACCESS */
444 /* Print error message and exit. */
451 unlink (delete_lockname
);
456 /* Print error message. `s1' is printf control string, `s2' is arg for it. */
462 fprintf (stderr
, "movemail: ");
463 fprintf (stderr
, s1
, s2
, s3
);
464 fprintf (stderr
, "\n");
468 pfatal_with_name (name
)
471 char *s
= concat ("", strerror (errno
), " for %s");
476 pfatal_and_delete (name
)
479 char *s
= concat ("", strerror (errno
), " for %s");
484 /* Return a newly-allocated string whose contents concatenate those of s1, s2, s3. */
490 int len1
= strlen (s1
), len2
= strlen (s2
), len3
= strlen (s3
);
491 char *result
= (char *) xmalloc (len1
+ len2
+ len3
+ 1);
494 strcpy (result
+ len1
, s2
);
495 strcpy (result
+ len1
+ len2
, s3
);
496 *(result
+ len1
+ len2
+ len3
) = 0;
501 /* Like malloc but get fatal error if memory is exhausted. */
507 long *result
= (long *) malloc (size
);
509 fatal ("virtual memory exhausted", 0);
513 /* This is the guts of the interface to the Post Office Protocol. */
518 #include <sys/socket.h>
519 #include <netinet/in.h>
530 /* Cancel substitutions made by config.h for Emacs. */
544 char ibuffer
[BUFSIZ
];
545 char obuffer
[BUFSIZ
];
548 popmail (user
, outfile
, password
)
560 extern char *strerror ();
562 server
= pop_open (0, user
, password
, POP_NO_GETPASS
);
569 if (pop_stat (server
, &nmsgs
, &nbytes
))
581 mbfi
= open (outfile
, O_WRONLY
| O_CREAT
| O_EXCL
, 0666);
585 error ("Error in open: %s, %s", strerror (errno
), outfile
);
588 fchown (mbfi
, getuid (), -1);
590 if ((mbf
= fdopen (mbfi
, "wb")) == NULL
)
593 error ("Error in fdopen: %s", strerror (errno
));
599 for (i
= 1; i
<= nmsgs
; i
++)
601 mbx_delimit_begin (mbf
);
602 if (pop_retr (server
, i
, mbx_write
, mbf
) != OK
)
608 mbx_delimit_end (mbf
);
612 error ("Error in fflush: %s", strerror (errno
));
619 /* On AFS, a call to write only modifies the file in the local
620 * workstation's AFS cache. The changes are not written to the server
621 * until a call to fsync or close is made. Users with AFS home
622 * directories have lost mail when over quota because these checks were
623 * not made in previous versions of movemail. */
626 if (fsync (mbfi
) < 0)
628 error ("Error in fsync: %s", strerror (errno
));
633 if (close (mbfi
) == -1)
635 error ("Error in close: %s", strerror (errno
));
639 for (i
= 1; i
<= nmsgs
; i
++)
641 if (pop_delete (server
, i
))
649 if (pop_quit (server
))
658 pop_retr (server
, msgno
, action
, arg
)
662 extern char *strerror ();
666 if (pop_retrieve_first (server
, msgno
, &line
))
668 strncpy (Errmsg
, pop_error
, sizeof (Errmsg
));
669 Errmsg
[sizeof (Errmsg
)-1] = '\0';
673 while (! (ret
= pop_retrieve_next (server
, &line
)))
678 if ((*action
)(line
, arg
) != OK
)
680 strcpy (Errmsg
, strerror (errno
));
688 strncpy (Errmsg
, pop_error
, sizeof (Errmsg
));
689 Errmsg
[sizeof (Errmsg
)-1] = '\0';
696 /* Do this as a macro instead of using strcmp to save on execution time. */
697 #define IS_FROM_LINE(a) ((a[0] == 'F') \
704 mbx_write (line
, mbf
)
708 if (IS_FROM_LINE (line
))
710 if (fputc ('>', mbf
) == EOF
)
713 if (fputs (line
, mbf
) == EOF
)
715 if (fputc (0x0a, mbf
) == EOF
)
721 mbx_delimit_begin (mbf
)
724 if (fputs ("\f\n0, unseen,,\n", mbf
) == EOF
)
729 mbx_delimit_end (mbf
)
732 if (putc ('\037', mbf
) == EOF
)
737 #endif /* MAIL_USE_POP */
739 #ifndef HAVE_STRERROR
744 extern char *sys_errlist
[];
747 if (errnum
>= 0 && errnum
< sys_nerr
)
748 return sys_errlist
[errnum
];
749 return (char *) "Unknown error";
752 #endif /* ! HAVE_STRERROR */