a936a19faf533148b0ec6d849e55271fc7b346db
[claws.git] / src / common / smtp.c
1 /*
2  * Sylpheed -- a GTK+ based, lightweight, and fast e-mail client
3  * Copyright (C) 1999-2004 Hiroyuki Yamamoto
4  *
5  * This program is free software; you can redistribute it and/or modify
6  * it under the terms of the GNU General Public License as published by
7  * the Free Software Foundation; either version 2 of the License, or
8  * (at your option) any later version.
9  *
10  * This program is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
13  * GNU General Public License for more details.
14  *
15  * You should have received a copy of the GNU General Public License
16  * along with this program; if not, write to the Free Software
17  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18  */
19
20 #ifdef HAVE_CONFIG_H
21 #  include "config.h"
22 #endif
23
24 #include <glib.h>
25 #ifdef ENABLE_NLS
26 #include <glib/gi18n.h>
27 #else
28 #define _(a) (a)
29 #define N_(a) (a)
30 #endif
31 #include <stdio.h>
32 #include <string.h>
33
34 #include "smtp.h"
35 #include "md5.h"
36 #include "base64.h"
37 #include "utils.h"
38 #include "log.h"
39
40 static void smtp_session_destroy(Session *session);
41
42 static gint smtp_auth(SMTPSession *session);
43 static gint smtp_starttls(SMTPSession *session);
44 static gint smtp_auth_cram_md5(SMTPSession *session);
45 static gint smtp_auth_login(SMTPSession *session);
46 static gint smtp_auth_plain(SMTPSession *session);
47
48 static gint smtp_ehlo(SMTPSession *session);
49 static gint smtp_ehlo_recv(SMTPSession *session, const gchar *msg);
50
51 static gint smtp_helo(SMTPSession *session);
52 static gint smtp_rcpt(SMTPSession *session);
53 static gint smtp_data(SMTPSession *session);
54 static gint smtp_send_data(SMTPSession *session);
55 static gint smtp_make_ready(SMTPSession *session);
56 static gint smtp_eom(SMTPSession *session);
57
58 static gint smtp_session_recv_msg(Session *session, const gchar *msg);
59 static gint smtp_session_send_data_finished(Session *session, guint len);
60
61
62 Session *smtp_session_new(void)
63 {
64         SMTPSession *session;
65
66         session = g_new0(SMTPSession, 1);
67
68         session_init(SESSION(session));
69
70         SESSION(session)->type             = SESSION_SMTP;
71
72         SESSION(session)->recv_msg         = smtp_session_recv_msg;
73
74         SESSION(session)->recv_data_finished = NULL;
75         SESSION(session)->send_data_finished = smtp_session_send_data_finished;
76
77         SESSION(session)->destroy          = smtp_session_destroy;
78
79         session->state                     = SMTP_READY;
80
81 #if USE_OPENSSL
82         session->tls_init_done             = FALSE;
83 #endif
84
85         session->hostname                  = NULL;
86         session->user                      = NULL;
87         session->pass                      = NULL;
88
89         session->from                      = NULL;
90         session->to_list                   = NULL;
91         session->cur_to                    = NULL;
92
93         session->send_data                 = NULL;
94         session->send_data_len             = 0;
95
96         session->max_message_size          = -1;
97
98         session->avail_auth_type           = 0;
99         session->forced_auth_type          = 0;
100         session->auth_type                 = 0;
101         session->esmtp_flags               = 0;
102
103         session->error_val                 = SM_OK;
104         session->error_msg                 = NULL;
105
106         return SESSION(session);
107 }
108
109 static void smtp_session_destroy(Session *session)
110 {
111         SMTPSession *smtp_session = SMTP_SESSION(session);
112
113         g_free(smtp_session->hostname);
114         g_free(smtp_session->user);
115         g_free(smtp_session->pass);
116         g_free(smtp_session->from);
117
118         g_free(smtp_session->send_data);
119
120         g_free(smtp_session->error_msg);
121 }
122
123 gint smtp_from(SMTPSession *session)
124 {
125         gchar buf[MSGBUFSIZE];
126         gchar *mail_size = NULL;
127
128         g_return_val_if_fail(session->from != NULL, SM_ERROR);
129
130         session->state = SMTP_FROM;
131         
132         if (session->is_esmtp && (session->esmtp_flags & ESMTP_SIZE)!=0)
133                 mail_size = g_strdup_printf(" SIZE=%d", session->send_data_len);
134         else
135                 mail_size = g_strdup("");
136                 
137
138         if (strchr(session->from, '<'))
139                 g_snprintf(buf, sizeof(buf), "MAIL FROM:%s%s", session->from,
140                            mail_size);
141         else
142                 g_snprintf(buf, sizeof(buf), "MAIL FROM:<%s>%s", session->from,
143                            mail_size);
144
145         g_free(mail_size);
146
147         session_send_msg(SESSION(session), SESSION_MSG_NORMAL, buf);
148         log_print("%sSMTP> %s\n", (session->is_esmtp?"E":""), buf);
149
150         return SM_OK;
151 }
152
153 static gint smtp_auth(SMTPSession *session)
154 {
155
156         g_return_val_if_fail(session->user != NULL, SM_ERROR);
157
158         session->state = SMTP_AUTH;
159
160         if (session->forced_auth_type == SMTPAUTH_CRAM_MD5 ||
161             (session->forced_auth_type == 0 &&
162              (session->avail_auth_type & SMTPAUTH_CRAM_MD5) != 0))
163                 smtp_auth_cram_md5(session);
164         else if (session->forced_auth_type == SMTPAUTH_LOGIN ||
165                  (session->forced_auth_type == 0 &&
166                   (session->avail_auth_type & SMTPAUTH_LOGIN) != 0))
167                 smtp_auth_login(session);
168         else if (session->forced_auth_type == SMTPAUTH_PLAIN ||
169                  (session->forced_auth_type == 0 &&
170                   (session->avail_auth_type & SMTPAUTH_PLAIN) != 0))
171                 smtp_auth_plain(session);
172         else {
173                 log_warning(_("SMTP AUTH not available\n"));
174                 return SM_AUTHFAIL;
175         }
176
177         return SM_OK;
178 }
179
180 static gint smtp_auth_recv(SMTPSession *session, const gchar *msg)
181 {
182         gchar buf[MSGBUFSIZE];
183
184         switch (session->auth_type) {
185         case SMTPAUTH_LOGIN:
186                 session->state = SMTP_AUTH_LOGIN_USER;
187
188                 if (!strncmp(msg, "334 ", 4)) {
189                         base64_encode(buf, session->user, strlen(session->user));
190
191                         session_send_msg(SESSION(session), SESSION_MSG_NORMAL,
192                                          buf);
193                         log_print("ESMTP> [USERID]\n");
194                 } else {
195                         /* Server rejects AUTH */
196                         session_send_msg(SESSION(session), SESSION_MSG_NORMAL,
197                                          "*");
198                         log_print("ESMTP> *\n");
199                 }
200                 break;
201         case SMTPAUTH_CRAM_MD5:
202                 session->state = SMTP_AUTH_CRAM_MD5;
203
204                 if (!strncmp(msg, "334 ", 4)) {
205                         gchar *response;
206                         gchar *response64;
207                         gchar *challenge;
208                         gint challengelen;
209                         guchar hexdigest[33];
210
211                         challenge = g_malloc(strlen(msg + 4) + 1);
212                         challengelen = base64_decode(challenge, msg + 4, -1);
213                         challenge[challengelen] = '\0';
214                         log_print("ESMTP< [Decoded: %s]\n", challenge);
215
216                         g_snprintf(buf, sizeof(buf), "%s", session->pass);
217                         md5_hex_hmac(hexdigest, challenge, challengelen,
218                                      buf, strlen(session->pass));
219                         g_free(challenge);
220
221                         response = g_strdup_printf
222                                 ("%s %s", session->user, hexdigest);
223                         log_print("ESMTP> [Encoded: %s]\n", response);
224
225                         response64 = g_malloc((strlen(response) + 3) * 2 + 1);
226                         base64_encode(response64, response, strlen(response));
227                         g_free(response);
228
229                         session_send_msg(SESSION(session), SESSION_MSG_NORMAL,
230                                          response64);
231                         log_print("ESMTP> %s\n", response64);
232                         g_free(response64);
233                 } else {
234                         /* Server rejects AUTH */
235                         session_send_msg(SESSION(session), SESSION_MSG_NORMAL,
236                                          "*");
237                         log_print("ESMTP> *\n");
238                 }
239                 break;
240         case SMTPAUTH_DIGEST_MD5:
241         default:
242                 /* stop smtp_auth when no correct authtype */
243                 session_send_msg(SESSION(session), SESSION_MSG_NORMAL, "*");
244                 log_print("ESMTP> *\n");
245                 break;
246         }
247
248         return SM_OK;
249 }
250
251 static gint smtp_auth_login_user_recv(SMTPSession *session, const gchar *msg)
252 {
253         gchar buf[MSGBUFSIZE];
254
255         session->state = SMTP_AUTH_LOGIN_PASS;
256
257         if (!strncmp(msg, "334 ", 4))
258                 base64_encode(buf, session->pass, strlen(session->pass));
259         else
260                 /* Server rejects AUTH */
261                 g_snprintf(buf, sizeof(buf), "*");
262
263         session_send_msg(SESSION(session), SESSION_MSG_NORMAL, buf);
264         log_print("ESMTP> [PASSWORD]\n");
265
266         return SM_OK;
267 }
268
269 static gint smtp_ehlo(SMTPSession *session)
270 {
271         gchar buf[MSGBUFSIZE];
272
273         session->state = SMTP_EHLO;
274
275         session->avail_auth_type = 0;
276
277         g_snprintf(buf, sizeof(buf), "EHLO %s",
278                    session->hostname ? session->hostname : get_domain_name());
279         session_send_msg(SESSION(session), SESSION_MSG_NORMAL, buf);
280         log_print("ESMTP> %s\n", buf);
281
282         return SM_OK;
283 }
284
285 static gint smtp_ehlo_recv(SMTPSession *session, const gchar *msg)
286 {
287         if (strncmp(msg, "250", 3) == 0) {
288                 const gchar *p = msg;
289                 p += 3;
290                 if (*p == '-' || *p == ' ') p++;
291                 if (g_ascii_strncasecmp(p, "AUTH", 4) == 0) {
292                         p += 5;
293                         if (strcasestr(p, "PLAIN"))
294                                 session->avail_auth_type |= SMTPAUTH_PLAIN;
295                         if (strcasestr(p, "LOGIN"))
296                                 session->avail_auth_type |= SMTPAUTH_LOGIN;
297                         if (strcasestr(p, "CRAM-MD5"))
298                                 session->avail_auth_type |= SMTPAUTH_CRAM_MD5;
299                         if (strcasestr(p, "DIGEST-MD5"))
300                                 session->avail_auth_type |= SMTPAUTH_DIGEST_MD5;
301                 }
302                 if (g_ascii_strncasecmp(p, "SIZE", 4) == 0) {
303                         p += 5;
304                         session->max_message_size = atoi(p);
305                         session->esmtp_flags |= ESMTP_SIZE;
306                 }
307                 if (g_ascii_strncasecmp(p, "STARTTLS", 8) == 0) {
308                         p += 9;
309                         session->avail_auth_type |= SMTPAUTH_TLS_AVAILABLE;
310                 }
311                 return SM_OK;
312         } else if ((msg[0] == '1' || msg[0] == '2' || msg[0] == '3') &&
313             (msg[3] == ' ' || msg[3] == '\0'))
314                 return SM_OK;
315         else if (msg[0] == '5' && msg[1] == '0' &&
316                  (msg[2] == '4' || msg[2] == '3' || msg[2] == '1'))
317                 return SM_ERROR;
318
319         return SM_ERROR;
320 }
321
322 static gint smtp_starttls(SMTPSession *session)
323 {
324         session->state = SMTP_STARTTLS;
325
326         session_send_msg(SESSION(session), SESSION_MSG_NORMAL, "STARTTLS");
327         log_print("ESMTP> STARTTLS\n");
328
329         return SM_OK;
330 }
331
332 static gint smtp_auth_cram_md5(SMTPSession *session)
333 {
334         session->state = SMTP_AUTH;
335         session->auth_type = SMTPAUTH_CRAM_MD5;
336
337         session_send_msg(SESSION(session), SESSION_MSG_NORMAL, "AUTH CRAM-MD5");
338         log_print("ESMTP> AUTH CRAM-MD5\n");
339
340         return SM_OK;
341 }
342
343 static gint smtp_auth_plain(SMTPSession *session)
344 {
345         gchar buf[MSGBUFSIZE];
346
347         /* 
348          * +1      +1      +1
349          * \0<user>\0<pass>\0 
350          */
351         int b64len = (1 + strlen(session->user) + 1 + strlen(session->pass) + 1);
352         gchar *b64buf = g_malloc(b64len);
353
354         /* use the char *ptr to walk the base64 string with embedded \0 */
355         char  *a = b64buf;
356         int  b64cnt = 0;
357
358         session->state = SMTP_AUTH_PLAIN;
359         session->auth_type = SMTPAUTH_PLAIN;
360
361         memset(buf, 0, sizeof buf);
362
363         /*
364          * have to construct the string bit by bit. sprintf can't do it in one.
365          * first field is null, so string is \0<user>\0<password>
366          */
367         *a = 0;
368         a++;
369
370         g_snprintf (a, b64len - 1, "%s", session->user);
371
372         b64cnt = strlen(session->user)+1;
373         a += b64cnt;
374
375         g_snprintf (a, b64len - b64cnt - 1, "%s", session->pass);
376         b64cnt += strlen(session->pass) + 1;    
377
378         /*
379          * reuse the char *ptr to offset into the textbuf to meld
380          * the plaintext ESMTP message and the base64 string value
381          */
382         strcpy(buf, "AUTH PLAIN ");
383         a = buf + strlen(buf);
384         base64_encode(a, b64buf, b64cnt);
385
386         session_send_msg(SESSION(session), SESSION_MSG_NORMAL, buf);
387
388         log_print("ESMTP> [AUTH PLAIN]\n");
389
390         g_free(b64buf);
391
392         return SM_OK;
393 }
394
395 static gint smtp_auth_login(SMTPSession *session)
396 {
397         session->state = SMTP_AUTH;
398         session->auth_type = SMTPAUTH_LOGIN;
399
400         session_send_msg(SESSION(session), SESSION_MSG_NORMAL, "AUTH LOGIN");
401         log_print("ESMTP> AUTH LOGIN\n");
402
403         return SM_OK;
404 }
405
406 static gint smtp_helo(SMTPSession *session)
407 {
408         gchar buf[MSGBUFSIZE];
409
410         session->state = SMTP_HELO;
411
412         g_snprintf(buf, sizeof(buf), "HELO %s",
413                    session->hostname ? session->hostname : get_domain_name());
414         session_send_msg(SESSION(session), SESSION_MSG_NORMAL, buf);
415         log_print("SMTP> %s\n", buf);
416
417         return SM_OK;
418 }
419
420 static gint smtp_rcpt(SMTPSession *session)
421 {
422         gchar buf[MSGBUFSIZE];
423         gchar *to;
424
425         g_return_val_if_fail(session->cur_to != NULL, SM_ERROR);
426
427         session->state = SMTP_RCPT;
428
429         to = (gchar *)session->cur_to->data;
430
431         if (strchr(to, '<'))
432                 g_snprintf(buf, sizeof(buf), "RCPT TO:%s", to);
433         else
434                 g_snprintf(buf, sizeof(buf), "RCPT TO:<%s>", to);
435         session_send_msg(SESSION(session), SESSION_MSG_NORMAL, buf);
436         log_print("SMTP> %s\n", buf);
437
438         session->cur_to = session->cur_to->next;
439
440         return SM_OK;
441 }
442
443 static gint smtp_data(SMTPSession *session)
444 {
445         session->state = SMTP_DATA;
446
447         session_send_msg(SESSION(session), SESSION_MSG_NORMAL, "DATA");
448         log_print("SMTP> DATA\n");
449
450         return SM_OK;
451 }
452
453 static gint smtp_send_data(SMTPSession *session)
454 {
455         session->state = SMTP_SEND_DATA;
456
457         session_send_data(SESSION(session), session->send_data,
458                           session->send_data_len);
459
460         return SM_OK;
461 }
462
463 #if 0
464 static gint smtp_rset(SMTPSession *session)
465 {
466         session->state = SMTP_RSET;
467
468         session_send_msg(SESSION(session), SESSION_MSG_NORMAL, "RSET");
469         log_print("SMTP> RSET\n");
470
471         return SM_OK;
472 }
473 #endif
474
475 static gint smtp_make_ready(SMTPSession *session)
476 {
477         session->state = SMTP_MAIL_SENT_OK;
478
479         return SM_OK;
480 }
481
482 gint smtp_quit(SMTPSession *session)
483 {
484         session->state = SMTP_QUIT;
485
486         session_send_msg(SESSION(session), SESSION_MSG_NORMAL, "QUIT");
487         log_print("SMTP> QUIT\n");
488
489         return SM_OK;
490 }
491
492 static gint smtp_eom(SMTPSession *session)
493 {
494         session->state = SMTP_EOM;
495
496         session_send_msg(SESSION(session), SESSION_MSG_NORMAL, ".");
497         log_print("SMTP> . (EOM)\n");
498
499         return SM_OK;
500 }
501
502 static gint smtp_session_recv_msg(Session *session, const gchar *msg)
503 {
504         SMTPSession *smtp_session = SMTP_SESSION(session);
505         gboolean cont = FALSE;
506
507         if (strlen(msg) < 4) {
508                 log_warning(_("bad SMTP response\n"));
509                 return -1;
510         }
511
512         switch (smtp_session->state) {
513         case SMTP_EHLO:
514         case SMTP_STARTTLS:
515         case SMTP_AUTH:
516         case SMTP_AUTH_PLAIN:
517         case SMTP_AUTH_LOGIN_USER:
518         case SMTP_AUTH_LOGIN_PASS:
519         case SMTP_AUTH_CRAM_MD5:
520                 log_print("ESMTP< %s\n", msg);
521                 break;
522         default:
523                 log_print("SMTP< %s\n", msg);
524                 break;
525         }
526
527         if (msg[0] == '5' && msg[1] == '0' &&
528             (msg[2] == '4' || msg[2] == '3' || msg[2] == '1')) {
529                 log_warning(_("error occurred on SMTP session\n"));
530                 smtp_session->state = SMTP_ERROR;
531                 smtp_session->error_val = SM_ERROR;
532                 g_free(smtp_session->error_msg);
533                 smtp_session->error_msg = g_strdup(msg);
534                 return -1;
535         }
536
537         if (!strncmp(msg, "535", 3)) {
538                 log_warning(_("error occurred on authentication\n"));
539                 smtp_session->state = SMTP_ERROR;
540                 smtp_session->error_val = SM_AUTHFAIL;
541                 g_free(smtp_session->error_msg);
542                 smtp_session->error_msg = g_strdup(msg);
543                 return -1;
544         }
545
546         if (msg[0] != '1' && msg[0] != '2' && msg[0] != '3') {
547                 log_warning(_("error occurred on SMTP session\n"));
548                 smtp_session->state = SMTP_ERROR;
549                 smtp_session->error_val = SM_ERROR;
550                 g_free(smtp_session->error_msg);
551                 smtp_session->error_msg = g_strdup(msg);
552                 return -1;
553         }
554
555         if (msg[3] == '-')
556                 cont = TRUE;
557         else if (msg[3] != ' ' && msg[3] != '\0') {
558                 log_warning(_("bad SMTP response\n"));
559                 smtp_session->state = SMTP_ERROR;
560                 smtp_session->error_val = SM_UNRECOVERABLE;
561                 return -1;
562         }
563
564         /* ignore all multiline responses except for EHLO */
565         if (cont && smtp_session->state != SMTP_EHLO)
566                 return session_recv_msg(session);
567
568         switch (smtp_session->state) {
569         case SMTP_READY:
570                 if (strstr(msg, "ESMTP"))
571                         smtp_session->is_esmtp = TRUE;
572         case SMTP_CONNECTED:
573 #if USE_OPENSSL
574                 if (smtp_session->user || session->ssl_type != SSL_NONE ||
575                     smtp_session->is_esmtp)
576 #else
577                 if (smtp_session->user || smtp_session->is_esmtp)
578 #endif
579                         smtp_ehlo(smtp_session);
580                 else
581                         smtp_helo(smtp_session);
582                 break;
583         case SMTP_HELO:
584                 smtp_from(smtp_session);
585                 break;
586         case SMTP_EHLO:
587                 smtp_ehlo_recv(smtp_session, msg);
588                 if (cont == TRUE)
589                         break;
590                 if (smtp_session->max_message_size > 0
591                 && smtp_session->max_message_size < 
592                    smtp_session->send_data_len) {
593                         log_warning(_("Message is too big "
594                               "(Maximum size is %s)\n"),
595                               to_human_readable(
596                                (off_t)(smtp_session->max_message_size)));
597                         smtp_session->state = SMTP_ERROR;
598                         smtp_session->error_val = SM_ERROR;
599                         return -1;
600                 }
601 #if USE_OPENSSL
602                 if (session->ssl_type == SSL_STARTTLS &&
603                     smtp_session->tls_init_done == FALSE) {
604                         smtp_starttls(smtp_session);
605                         break;
606                 }
607 #endif
608                 if (smtp_session->user) {
609                         if (smtp_auth(smtp_session) != SM_OK) {
610 #if USE_OPENSSL
611                                 if (session->ssl_type == SSL_NONE
612                                 &&  smtp_session->tls_init_done == FALSE
613                                 &&  (smtp_session->avail_auth_type & SMTPAUTH_TLS_AVAILABLE))
614                                         smtp_starttls(smtp_session);
615                                 else
616 #endif
617                                         smtp_from(smtp_session);
618                         }
619                 } else
620                         smtp_from(smtp_session);
621                 break;
622         case SMTP_STARTTLS:
623 #if USE_OPENSSL
624                 if (session_start_tls(session) < 0) {
625                         log_warning(_("can't start TLS session\n"));
626                         smtp_session->state = SMTP_ERROR;
627                         smtp_session->error_val = SM_ERROR;
628                         return -1;
629                 }
630                 smtp_session->tls_init_done = TRUE;
631                 smtp_ehlo(smtp_session);
632 #endif
633                 break;
634         case SMTP_AUTH:
635                 smtp_auth_recv(smtp_session, msg);
636                 break;
637         case SMTP_AUTH_LOGIN_USER:
638                 smtp_auth_login_user_recv(smtp_session, msg);
639                 break;
640         case SMTP_AUTH_PLAIN:
641         case SMTP_AUTH_LOGIN_PASS:
642         case SMTP_AUTH_CRAM_MD5:
643                 smtp_from(smtp_session);
644                 break;
645         case SMTP_FROM:
646                 if (smtp_session->cur_to)
647                         smtp_rcpt(smtp_session);
648                 break;
649         case SMTP_RCPT:
650                 if (smtp_session->cur_to)
651                         smtp_rcpt(smtp_session);
652                 else
653                         smtp_data(smtp_session);
654                 break;
655         case SMTP_DATA:
656                 smtp_send_data(smtp_session);
657                 break;
658         case SMTP_EOM:
659                 smtp_make_ready(smtp_session);
660                 break;
661         case SMTP_QUIT:
662                 session_disconnect(session);
663                 break;
664         case SMTP_ERROR:
665         default:
666                 log_warning(_("error occurred on SMTP session\n"));
667                 smtp_session->error_val = SM_ERROR;
668                 return -1;
669         }
670
671         if (cont)
672                 return session_recv_msg(session);
673
674         return 0;
675 }
676
677 static gint smtp_session_send_data_finished(Session *session, guint len)
678 {
679         smtp_eom(SMTP_SESSION(session));
680         return 0;
681 }