HCoop / bpt / emacs.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
(DIRECTORY_SEP, IS_DIRECTORY_SEP): Definitions copied from lisp.h.
[bpt/emacs.git] / lib-src / movemail.c
1 /* movemail foo bar -- move file foo to file bar,
2 locking file foo the way /bin/mail respects.
3 Copyright (C) 1986, 1992, 1993, 1994, 1996 Free Software Foundation, Inc.
4
5 This file is part of GNU Emacs.
6
7 GNU Emacs is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2, or (at your option)
10 any later version.
11
12 GNU Emacs is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with GNU Emacs; see the file COPYING. If not, write to
19 the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
20 Boston, MA 02111-1307, USA. */
21
22 /* Important notice: defining MAIL_USE_FLOCK or MAIL_USE_LOCKF *will
23 cause loss of mail* if you do it on a system that does not normally
24 use flock as its way of interlocking access to inbox files. The
25 setting of MAIL_USE_FLOCK and MAIL_USE_LOCKF *must agree* with the
26 system's own conventions. It is not a choice that is up to you.
27
28 So, if your system uses lock files rather than flock, then the only way
29 you can get proper operation is to enable movemail to write lockfiles there.
30 This means you must either give that directory access modes
31 that permit everyone to write lockfiles in it, or you must make movemail
32 a setuid or setgid program. */
33
34 /*
35 * Modified January, 1986 by Michael R. Gretzinger (Project Athena)
36 *
37 * Added POP (Post Office Protocol) service. When compiled -DMAIL_USE_POP
38 * movemail will accept input filename arguments of the form
39 * "po:username". This will cause movemail to open a connection to
40 * a pop server running on $MAILHOST (environment variable). Movemail
41 * must be setuid to root in order to work with POP.
42 *
43 * New module: popmail.c
44 * Modified routines:
45 * main - added code within #ifdef MAIL_USE_POP; added setuid (getuid ())
46 * after POP code.
47 * New routines in movemail.c:
48 * get_errmsg - return pointer to system error message
49 *
50 * Modified August, 1993 by Jonathan Kamens (OpenVision Technologies)
51 *
52 * Move all of the POP code into a separate file, "pop.c".
53 * Use strerror instead of get_errmsg.
54 *
55 */
56
57 #define NO_SHORTNAMES /* Tell config not to load remap.h */
58 #include <../src/config.h>
59 #include <sys/types.h>
60 #include <sys/stat.h>
61 #include <sys/file.h>
62 #include <stdio.h>
63 #include <errno.h>
64 #include <../src/syswait.h>
65 #ifdef MAIL_USE_POP
66 #include "pop.h"
67 #endif
68
69 #ifdef MSDOS
70 #undef access
71 #endif /* MSDOS */
72
73 #ifndef DIRECTORY_SEP
74 #define DIRECTORY_SEP '/'
75 #endif
76 #ifndef IS_DIRECTORY_SEP
77 #define IS_DIRECTORY_SEP(_c_) ((_c_) == DIRECTORY_SEP)
78 #endif
79
80 #ifdef WINDOWSNT
81 #undef access
82 #undef unlink
83 #define fork() 0
84 #define sys_wait(var) (*(var) = 0)
85 /* Unfortunately, Samba doesn't seem to properly lock Unix files even
86 though the locking call succeeds (and indeed blocks local access from
87 other NT programs). If you have direct file access using an NFS
88 client or something other than Samba, the locking call might work
89 properly - make sure it does before you enable this! */
90 #define DISABLE_DIRECT_ACCESS
91 #endif /* WINDOWSNT */
92
93 #ifdef USG
94 #include <fcntl.h>
95 #include <unistd.h>
96 #ifndef F_OK
97 #define F_OK 0
98 #define X_OK 1
99 #define W_OK 2
100 #define R_OK 4
101 #endif
102 #endif /* USG */
103
104 #ifdef HAVE_UNISTD_H
105 #include <unistd.h>
106 #endif
107
108 #if defined (XENIX) || defined (WINDOWSNT)
109 #include <sys/locking.h>
110 #endif
111
112 #ifdef MAIL_USE_LOCKF
113 #define MAIL_USE_SYSTEM_LOCK
114 #endif
115
116 #ifdef MAIL_USE_FLOCK
117 #define MAIL_USE_SYSTEM_LOCK
118 #endif
119
120 #ifdef MAIL_USE_MMDF
121 extern int lk_open (), lk_close ();
122 #endif
123
124 /* Cancel substitutions made by config.h for Emacs. */
125 #undef open
126 #undef read
127 #undef write
128 #undef close
129
130 #ifndef errno
131 extern int errno;
132 #endif
133 char *strerror ();
134
135 void fatal ();
136 void error ();
137 void pfatal_with_name ();
138 void pfatal_and_delete ();
139 char *concat ();
140 long *xmalloc ();
141 int popmail ();
142 int pop_retr ();
143 int mbx_write ();
144 int mbx_delimit_begin ();
145 int mbx_delimit_end ();
146
147 /* Nonzero means this is name of a lock file to delete on fatal error. */
148 char *delete_lockname;
149
150 int
151 main (argc, argv)
152 int argc;
153 char **argv;
154 {
155 char *inname, *outname;
156 int indesc, outdesc;
157 int nread;
158 WAITTYPE status;
159
160 #ifndef MAIL_USE_SYSTEM_LOCK
161 struct stat st;
162 long now;
163 int tem;
164 char *lockname, *p;
165 char *tempname;
166 int desc;
167 #endif /* not MAIL_USE_SYSTEM_LOCK */
168
169 delete_lockname = 0;
170
171 if (argc < 3)
172 {
173 fprintf (stderr, "Usage: movemail inbox destfile [POP-password]\n");
174 exit(1);
175 }
176
177 inname = argv[1];
178 outname = argv[2];
179
180 #ifdef MAIL_USE_MMDF
181 mmdf_init (argv[0]);
182 #endif
183
184 if (*outname == 0)
185 fatal ("Destination file name is empty", 0);
186
187 /* Check access to output file. */
188 if (access (outname, F_OK) == 0 && access (outname, W_OK) != 0)
189 pfatal_with_name (outname);
190
191 /* Also check that outname's directory is writable to the real uid. */
192 {
193 char *buf = (char *) xmalloc (strlen (outname) + 1);
194 char *p;
195 strcpy (buf, outname);
196 p = buf + strlen (buf);
197 while (p > buf && !IS_DIRECTORY_SEP (p[-1]))
198 *--p = 0;
199 if (p == buf)
200 *p++ = '.';
201 if (access (buf, W_OK) != 0)
202 pfatal_with_name (buf);
203 free (buf);
204 }
205
206 #ifdef MAIL_USE_POP
207 if (!strncmp (inname, "po:", 3))
208 {
209 int status;
210
211 status = popmail (inname + 3, outname, argc > 3 ? argv[3] : NULL);
212 exit (status);
213 }
214
215 setuid (getuid ());
216 #endif /* MAIL_USE_POP */
217
218 #ifndef DISABLE_DIRECT_ACCESS
219
220 /* Check access to input file. */
221 if (access (inname, R_OK | W_OK) != 0)
222 pfatal_with_name (inname);
223
224 #ifndef MAIL_USE_MMDF
225 #ifndef MAIL_USE_SYSTEM_LOCK
226 /* Use a lock file named after our first argument with .lock appended:
227 If it exists, the mail file is locked. */
228 /* Note: this locking mechanism is *required* by the mailer
229 (on systems which use it) to prevent loss of mail.
230
231 On systems that use a lock file, extracting the mail without locking
232 WILL occasionally cause loss of mail due to timing errors!
233
234 So, if creation of the lock file fails
235 due to access permission on the mail spool directory,
236 you simply MUST change the permission
237 and/or make movemail a setgid program
238 so it can create lock files properly.
239
240 You might also wish to verify that your system is one
241 which uses lock files for this purpose. Some systems use other methods.
242
243 If your system uses the `flock' system call for mail locking,
244 define MAIL_USE_SYSTEM_LOCK in config.h or the s-*.h file
245 and recompile movemail. If the s- file for your system
246 should define MAIL_USE_SYSTEM_LOCK but does not, send a bug report
247 to bug-gnu-emacs@prep.ai.mit.edu so we can fix it. */
248
249 lockname = concat (inname, ".lock", "");
250 tempname = (char *) xmalloc (strlen (inname) + strlen ("EXXXXXX") + 1);
251 strcpy (tempname, inname);
252 p = tempname + strlen (tempname);
253 while (p != tempname && !IS_DIRECTORY_SEP (p[-1]))
254 p--;
255 *p = 0;
256 strcpy (p, "EXXXXXX");
257 mktemp (tempname);
258 unlink (tempname);
259
260 while (1)
261 {
262 /* Create the lock file, but not under the lock file name. */
263 /* Give up if cannot do that. */
264 desc = open (tempname, O_WRONLY | O_CREAT | O_EXCL, 0666);
265 if (desc < 0)
266 {
267 char *message = (char *) xmalloc (strlen (tempname) + 50);
268 sprintf (message, "%s--see source file lib-src/movemail.c",
269 tempname);
270 pfatal_with_name (message);
271 }
272 close (desc);
273
274 tem = link (tempname, lockname);
275 unlink (tempname);
276 if (tem >= 0)
277 break;
278 sleep (1);
279
280 /* If lock file is five minutes old, unlock it.
281 Five minutes should be good enough to cope with crashes
282 and wedgitude, and long enough to avoid being fooled
283 by time differences between machines. */
284 if (stat (lockname, &st) >= 0)
285 {
286 now = time (0);
287 if (st.st_ctime < now - 300)
288 unlink (lockname);
289 }
290 }
291
292 delete_lockname = lockname;
293 #endif /* not MAIL_USE_SYSTEM_LOCK */
294 #endif /* not MAIL_USE_MMDF */
295
296 if (fork () == 0)
297 {
298 setuid (getuid ());
299
300 #ifndef MAIL_USE_MMDF
301 #ifdef MAIL_USE_SYSTEM_LOCK
302 indesc = open (inname, O_RDWR);
303 #else /* if not MAIL_USE_SYSTEM_LOCK */
304 indesc = open (inname, O_RDONLY);
305 #endif /* not MAIL_USE_SYSTEM_LOCK */
306 #else /* MAIL_USE_MMDF */
307 indesc = lk_open (inname, O_RDONLY, 0, 0, 10);
308 #endif /* MAIL_USE_MMDF */
309
310 if (indesc < 0)
311 pfatal_with_name (inname);
312
313 #if defined (BSD) || defined (XENIX)
314 /* In case movemail is setuid to root, make sure the user can
315 read the output file. */
316 /* This is desirable for all systems
317 but I don't want to assume all have the umask system call */
318 umask (umask (0) & 0333);
319 #endif /* BSD or Xenix */
320 outdesc = open (outname, O_WRONLY | O_CREAT | O_EXCL, 0666);
321 if (outdesc < 0)
322 pfatal_with_name (outname);
323 #ifdef MAIL_USE_SYSTEM_LOCK
324 #ifdef MAIL_USE_LOCKF
325 if (lockf (indesc, F_LOCK, 0) < 0) pfatal_with_name (inname);
326 #else /* not MAIL_USE_LOCKF */
327 #ifdef XENIX
328 if (locking (indesc, LK_RLCK, 0L) < 0) pfatal_with_name (inname);
329 #else
330 #ifdef WINDOWSNT
331 if (locking (indesc, LK_RLCK, -1L) < 0) pfatal_with_name (inname);
332 #else
333 if (flock (indesc, LOCK_EX) < 0) pfatal_with_name (inname);
334 #endif
335 #endif
336 #endif /* not MAIL_USE_LOCKF */
337 #endif /* MAIL_USE_SYSTEM_LOCK */
338
339 {
340 char buf[1024];
341
342 while (1)
343 {
344 nread = read (indesc, buf, sizeof buf);
345 if (nread != write (outdesc, buf, nread))
346 {
347 int saved_errno = errno;
348 unlink (outname);
349 errno = saved_errno;
350 pfatal_with_name (outname);
351 }
352 if (nread < sizeof buf)
353 break;
354 }
355 }
356
357 #ifdef BSD
358 if (fsync (outdesc) < 0)
359 pfatal_and_delete (outname);
360 #endif
361
362 /* Check to make sure no errors before we zap the inbox. */
363 if (close (outdesc) != 0)
364 pfatal_and_delete (outname);
365
366 #ifdef MAIL_USE_SYSTEM_LOCK
367 #if defined (STRIDE) || defined (XENIX) || defined (WINDOWSNT)
368 /* Stride, xenix have file locking, but no ftruncate. This mess will do. */
369 close (open (inname, O_CREAT | O_TRUNC | O_RDWR, 0666));
370 #else
371 ftruncate (indesc, 0L);
372 #endif /* STRIDE or XENIX */
373 #endif /* MAIL_USE_SYSTEM_LOCK */
374
375 #ifdef MAIL_USE_MMDF
376 lk_close (indesc, 0, 0, 0);
377 #else
378 close (indesc);
379 #endif
380
381 #ifndef MAIL_USE_SYSTEM_LOCK
382 /* Delete the input file; if we can't, at least get rid of its
383 contents. */
384 #ifdef MAIL_UNLINK_SPOOL
385 /* This is generally bad to do, because it destroys the permissions
386 that were set on the file. Better to just empty the file. */
387 if (unlink (inname) < 0 && errno != ENOENT)
388 #endif /* MAIL_UNLINK_SPOOL */
389 creat (inname, 0600);
390 #endif /* not MAIL_USE_SYSTEM_LOCK */
391
392 exit (0);
393 }
394
395 wait (&status);
396 if (!WIFEXITED (status))
397 exit (1);
398 else if (WRETCODE (status) != 0)
399 exit (WRETCODE (status));
400
401 #if !defined (MAIL_USE_MMDF) && !defined (MAIL_USE_SYSTEM_LOCK)
402 unlink (lockname);
403 #endif /* not MAIL_USE_MMDF and not MAIL_USE_SYSTEM_LOCK */
404
405 #endif /* ! DISABLE_DIRECT_ACCESS */
406
407 return 0;
408 }
409 \f
410 /* Print error message and exit. */
411
412 void
413 fatal (s1, s2)
414 char *s1, *s2;
415 {
416 if (delete_lockname)
417 unlink (delete_lockname);
418 error (s1, s2);
419 exit (1);
420 }
421
422 /* Print error message. `s1' is printf control string, `s2' is arg for it. */
423
424 void
425 error (s1, s2, s3)
426 char *s1, *s2, *s3;
427 {
428 fprintf (stderr, "movemail: ");
429 fprintf (stderr, s1, s2, s3);
430 fprintf (stderr, "\n");
431 }
432
433 void
434 pfatal_with_name (name)
435 char *name;
436 {
437 char *s = concat ("", strerror (errno), " for %s");
438 fatal (s, name);
439 }
440
441 void
442 pfatal_and_delete (name)
443 char *name;
444 {
445 char *s = concat ("", strerror (errno), " for %s");
446 unlink (name);
447 fatal (s, name);
448 }
449
450 /* Return a newly-allocated string whose contents concatenate those of s1, s2, s3. */
451
452 char *
453 concat (s1, s2, s3)
454 char *s1, *s2, *s3;
455 {
456 int len1 = strlen (s1), len2 = strlen (s2), len3 = strlen (s3);
457 char *result = (char *) xmalloc (len1 + len2 + len3 + 1);
458
459 strcpy (result, s1);
460 strcpy (result + len1, s2);
461 strcpy (result + len1 + len2, s3);
462 *(result + len1 + len2 + len3) = 0;
463
464 return result;
465 }
466
467 /* Like malloc but get fatal error if memory is exhausted. */
468
469 long *
470 xmalloc (size)
471 unsigned size;
472 {
473 long *result = (long *) malloc (size);
474 if (!result)
475 fatal ("virtual memory exhausted", 0);
476 return result;
477 }
478 \f
479 /* This is the guts of the interface to the Post Office Protocol. */
480
481 #ifdef MAIL_USE_POP
482
483 #ifndef WINDOWSNT
484 #include <sys/socket.h>
485 #include <netinet/in.h>
486 #include <netdb.h>
487 #else
488 #undef _WINSOCKAPI_
489 #include <winsock.h>
490 #endif
491 #include <stdio.h>
492 #include <pwd.h>
493
494 #ifdef USG
495 #include <fcntl.h>
496 /* Cancel substitutions made by config.h for Emacs. */
497 #undef open
498 #undef read
499 #undef write
500 #undef close
501 #endif /* USG */
502
503 #define NOTOK (-1)
504 #define OK 0
505 #define DONE 1
506
507 char *progname;
508 FILE *sfi;
509 FILE *sfo;
510 char ibuffer[BUFSIZ];
511 char obuffer[BUFSIZ];
512 char Errmsg[80];
513
514 popmail (user, outfile, password)
515 char *user;
516 char *outfile;
517 char *password;
518 {
519 int nmsgs, nbytes;
520 register int i;
521 int mbfi;
522 FILE *mbf;
523 char *getenv ();
524 int mbx_write ();
525 popserver server;
526 extern char *strerror ();
527
528 server = pop_open (0, user, password, POP_NO_GETPASS);
529 if (! server)
530 {
531 error (pop_error);
532 return (1);
533 }
534
535 if (pop_stat (server, &nmsgs, &nbytes))
536 {
537 error (pop_error);
538 return (1);
539 }
540
541 if (!nmsgs)
542 {
543 pop_close (server);
544 return (0);
545 }
546
547 mbfi = open (outfile, O_WRONLY | O_CREAT | O_EXCL, 0666);
548 if (mbfi < 0)
549 {
550 pop_close (server);
551 error ("Error in open: %s, %s", strerror (errno), outfile);
552 return (1);
553 }
554 fchown (mbfi, getuid (), -1);
555
556 if ((mbf = fdopen (mbfi, "wb")) == NULL)
557 {
558 pop_close (server);
559 error ("Error in fdopen: %s", strerror (errno));
560 close (mbfi);
561 unlink (outfile);
562 return (1);
563 }
564
565 for (i = 1; i <= nmsgs; i++)
566 {
567 mbx_delimit_begin (mbf);
568 if (pop_retr (server, i, mbx_write, mbf) != OK)
569 {
570 error (Errmsg);
571 close (mbfi);
572 return (1);
573 }
574 mbx_delimit_end (mbf);
575 fflush (mbf);
576 if (ferror (mbf))
577 {
578 error ("Error in fflush: %s", strerror (errno));
579 pop_close (server);
580 close (mbfi);
581 return (1);
582 }
583 }
584
585 /* On AFS, a call to write only modifies the file in the local
586 * workstation's AFS cache. The changes are not written to the server
587 * until a call to fsync or close is made. Users with AFS home
588 * directories have lost mail when over quota because these checks were
589 * not made in previous versions of movemail. */
590
591 #ifdef BSD
592 if (fsync (mbfi) < 0)
593 {
594 error ("Error in fsync: %s", strerror (errno));
595 return (1);
596 }
597 #endif
598
599 if (close (mbfi) == -1)
600 {
601 error ("Error in close: %s", strerror (errno));
602 return (1);
603 }
604
605 for (i = 1; i <= nmsgs; i++)
606 {
607 if (pop_delete (server, i))
608 {
609 error (pop_error);
610 pop_close (server);
611 return (1);
612 }
613 }
614
615 if (pop_quit (server))
616 {
617 error (pop_error);
618 return (1);
619 }
620
621 return (0);
622 }
623
624 pop_retr (server, msgno, action, arg)
625 popserver server;
626 int (*action)();
627 {
628 extern char *strerror ();
629 char *line;
630 int ret;
631
632 if (pop_retrieve_first (server, msgno, &line))
633 {
634 strncpy (Errmsg, pop_error, sizeof (Errmsg));
635 Errmsg[sizeof (Errmsg)-1] = '\0';
636 return (NOTOK);
637 }
638
639 while (! (ret = pop_retrieve_next (server, &line)))
640 {
641 if (! line)
642 break;
643
644 if ((*action)(line, arg) != OK)
645 {
646 strcpy (Errmsg, strerror (errno));
647 pop_close (server);
648 return (NOTOK);
649 }
650 }
651
652 if (ret)
653 {
654 strncpy (Errmsg, pop_error, sizeof (Errmsg));
655 Errmsg[sizeof (Errmsg)-1] = '\0';
656 return (NOTOK);
657 }
658
659 return (OK);
660 }
661
662 /* Do this as a macro instead of using strcmp to save on execution time. */
663 #define IS_FROM_LINE(a) ((a[0] == 'F') \
664 && (a[1] == 'r') \
665 && (a[2] == 'o') \
666 && (a[3] == 'm') \
667 && (a[4] == ' '))
668
669 int
670 mbx_write (line, mbf)
671 char *line;
672 FILE *mbf;
673 {
674 if (IS_FROM_LINE (line))
675 {
676 if (fputc ('>', mbf) == EOF)
677 return (NOTOK);
678 }
679 if (fputs (line, mbf) == EOF)
680 return (NOTOK);
681 if (fputc (0x0a, mbf) == EOF)
682 return (NOTOK);
683 return (OK);
684 }
685
686 int
687 mbx_delimit_begin (mbf)
688 FILE *mbf;
689 {
690 if (fputs ("\f\n0, unseen,,\n", mbf) == EOF)
691 return (NOTOK);
692 return (OK);
693 }
694
695 mbx_delimit_end (mbf)
696 FILE *mbf;
697 {
698 if (putc ('\037', mbf) == EOF)
699 return (NOTOK);
700 return (OK);
701 }
702
703 #endif /* MAIL_USE_POP */
704 \f
705 #ifndef HAVE_STRERROR
706 char *
707 strerror (errnum)
708 int errnum;
709 {
710 extern char *sys_errlist[];
711 extern int sys_nerr;
712
713 if (errnum >= 0 && errnum < sys_nerr)
714 return sys_errlist[errnum];
715 return (char *) "Unknown error";
716 }
717
718 #endif /* ! HAVE_STRERROR */
Unnamed repository; edit this file 'description' to name the repository.