src/common/smtp.c

   1 /*
   2  * Sylpheed -- a GTK+ based, lightweight, and fast e-mail client
   3  * Copyright (C) 1999-2004 Hiroyuki Yamamoto
   4  *
   5  * This program is free software; you can redistribute it and/or modify
   6  * it under the terms of the GNU General Public License as published by
   7  * the Free Software Foundation; either version 2 of the License, or
   8  * (at your option) any later version.
   9  *
  10  * This program is distributed in the hope that it will be useful,
  11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  13  * GNU General Public License for more details.
  14  *
  15  * You should have received a copy of the GNU General Public License
  16  * along with this program; if not, write to the Free Software
  17  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
  18  */
  19
  20 #ifdef HAVE_CONFIG_H
  21 #  include "config.h"
  22 #endif
  23
  24 #include <glib.h>
  25 #include <glib/gi18n.h>
  26 #include <stdio.h>
  27 #include <string.h>
  28
  29 #include "smtp.h"
  30 #include "md5.h"
  31 #include "base64.h"
  32 #include "utils.h"
  33 #include "log.h"
  34
  35 static void smtp_session_destroy(Session *session);
  36
  37 static gint smtp_from(SMTPSession *session);
  38
  39 static gint smtp_auth(SMTPSession *session);
  40 static gint smtp_starttls(SMTPSession *session);
  41 static gint smtp_auth_cram_md5(SMTPSession *session);
  42 static gint smtp_auth_login(SMTPSession *session);
  43 static gint smtp_auth_plain(SMTPSession *session);
  44
  45 static gint smtp_ehlo(SMTPSession *session);
  46 static gint smtp_ehlo_recv(SMTPSession *session, const gchar *msg);
  47
  48 static gint smtp_helo(SMTPSession *session);
  49 static gint smtp_rcpt(SMTPSession *session);
  50 static gint smtp_data(SMTPSession *session);
  51 static gint smtp_send_data(SMTPSession *session);
  52 /* static gint smtp_rset(SMTPSession *session); */
  53 static gint smtp_quit(SMTPSession *session);
  54 static gint smtp_eom(SMTPSession *session);
  55
  56 static gint smtp_session_recv_msg(Session *session, const gchar *msg);
  57 static gint smtp_session_send_data_finished(Session *session, guint len);
  58
  59
  60 Session *smtp_session_new(void)
  61 {
  62         SMTPSession *session;
  63
  64         session = g_new0(SMTPSession, 1);
  65
  66         session_init(SESSION(session));
  67
  68         SESSION(session)->type             = SESSION_SMTP;
  69
  70         SESSION(session)->recv_msg         = smtp_session_recv_msg;
  71
  72         SESSION(session)->recv_data_finished = NULL;
  73         SESSION(session)->send_data_finished = smtp_session_send_data_finished;
  74
  75         SESSION(session)->destroy          = smtp_session_destroy;
  76
  77         session->state                     = SMTP_READY;
  78
  79 #if USE_OPENSSL
  80         session->tls_init_done             = FALSE;
  81 #endif
  82
  83         session->hostname                  = NULL;
  84         session->user                      = NULL;
  85         session->pass                      = NULL;
  86
  87         session->from                      = NULL;
  88         session->to_list                   = NULL;
  89         session->cur_to                    = NULL;
  90
  91         session->send_data                 = NULL;
  92         session->send_data_len             = 0;
  93
  94         session->max_message_size          = -1;
  95
  96         session->avail_auth_type           = 0;
  97         session->forced_auth_type          = 0;
  98         session->auth_type                 = 0;
  99
 100         session->error_val                 = SM_OK;
 101         session->error_msg                 = NULL;
 102
 103         return SESSION(session);
 104 }
 105
 106 static void smtp_session_destroy(Session *session)
 107 {
 108         SMTPSession *smtp_session = SMTP_SESSION(session);
 109
 110         g_free(smtp_session->hostname);
 111         g_free(smtp_session->user);
 112         g_free(smtp_session->pass);
 113         g_free(smtp_session->from);
 114
 115         g_free(smtp_session->send_data);
 116
 117         g_free(smtp_session->error_msg);
 118 }
 119
 120 static gint smtp_from(SMTPSession *session)
 121 {
 122         gchar buf[MSGBUFSIZE];
 123         gchar *mail_size = NULL;
 124
 125         g_return_val_if_fail(session->from != NULL, SM_ERROR);
 126
 127         session->state = SMTP_FROM;
 128
 129         if (session->is_esmtp)
 130                 mail_size = g_strdup_printf(" SIZE=%d", session->send_data_len);
 131         else
 132                 mail_size = g_strdup("");
 133
 134
 135         if (strchr(session->from, '<'))
 136                 g_snprintf(buf, sizeof(buf), "MAIL FROM:%s%s", session->from,
 137                            mail_size);
 138         else
 139                 g_snprintf(buf, sizeof(buf), "MAIL FROM:<%s>%s", session->from,
 140                            mail_size);
 141
 142         g_free(mail_size);
 143
 144         session_send_msg(SESSION(session), SESSION_MSG_NORMAL, buf);
 145         log_print("%sSMTP> %s\n", (session->is_esmtp?"E":""), buf);
 146
 147         return SM_OK;
 148 }
 149
 150 static gint smtp_auth(SMTPSession *session)
 151 {
 152
 153         g_return_val_if_fail(session->user != NULL, SM_ERROR);
 154
 155         session->state = SMTP_AUTH;
 156
 157         if (session->forced_auth_type == SMTPAUTH_CRAM_MD5 ||
 158             (session->forced_auth_type == 0 &&
 159              (session->avail_auth_type & SMTPAUTH_CRAM_MD5) != 0))
 160                 smtp_auth_cram_md5(session);
 161         else if (session->forced_auth_type == SMTPAUTH_LOGIN ||
 162                  (session->forced_auth_type == 0 &&
 163                   (session->avail_auth_type & SMTPAUTH_LOGIN) != 0))
 164                 smtp_auth_login(session);
 165         else if (session->forced_auth_type == SMTPAUTH_PLAIN ||
 166                  (session->forced_auth_type == 0 &&
 167                   (session->avail_auth_type & SMTPAUTH_PLAIN) != 0))
 168                 smtp_auth_plain(session);
 169         else {
 170                 log_warning(_("SMTP AUTH not available\n"));
 171                 return SM_AUTHFAIL;
 172         }
 173
 174         return SM_OK;
 175 }
 176
 177 static gint smtp_auth_recv(SMTPSession *session, const gchar *msg)
 178 {
 179         gchar buf[MSGBUFSIZE];
 180
 181         switch (session->auth_type) {
 182         case SMTPAUTH_LOGIN:
 183                 session->state = SMTP_AUTH_LOGIN_USER;
 184
 185                 if (!strncmp(msg, "334 ", 4)) {
 186                         base64_encode(buf, session->user, strlen(session->user));
 187
 188                         session_send_msg(SESSION(session), SESSION_MSG_NORMAL,
 189                                          buf);
 190                         log_print("ESMTP> [USERID]\n");
 191                 } else {
 192                         /* Server rejects AUTH */
 193                         session_send_msg(SESSION(session), SESSION_MSG_NORMAL,
 194                                          "*");
 195                         log_print("ESMTP> *\n");
 196                 }
 197                 break;
 198         case SMTPAUTH_CRAM_MD5:
 199                 session->state = SMTP_AUTH_CRAM_MD5;
 200
 201                 if (!strncmp(msg, "334 ", 4)) {
 202                         gchar *response;
 203                         gchar *response64;
 204                         gchar *challenge;
 205                         gint challengelen;
 206                         guchar hexdigest[33];
 207
 208                         challenge = g_malloc(strlen(msg + 4) + 1);
 209                         challengelen = base64_decode(challenge, msg + 4, -1);
 210                         challenge[challengelen] = '\0';
 211                         log_print("ESMTP< [Decoded: %s]\n", challenge);
 212
 213                         g_snprintf(buf, sizeof(buf), "%s", session->pass);
 214                         md5_hex_hmac(hexdigest, challenge, challengelen,
 215                                      buf, strlen(session->pass));
 216                         g_free(challenge);
 217
 218                         response = g_strdup_printf
 219                                 ("%s %s", session->user, hexdigest);
 220                         log_print("ESMTP> [Encoded: %s]\n", response);
 221
 222                         response64 = g_malloc((strlen(response) + 3) * 2 + 1);
 223                         base64_encode(response64, response, strlen(response));
 224                         g_free(response);
 225
 226                         session_send_msg(SESSION(session), SESSION_MSG_NORMAL,
 227                                          response64);
 228                         log_print("ESMTP> %s\n", response64);
 229                         g_free(response64);
 230                 } else {
 231                         /* Server rejects AUTH */
 232                         session_send_msg(SESSION(session), SESSION_MSG_NORMAL,
 233                                          "*");
 234                         log_print("ESMTP> *\n");
 235                 }
 236                 break;
 237         case SMTPAUTH_DIGEST_MD5:
 238         default:
 239                 /* stop smtp_auth when no correct authtype */
 240                 session_send_msg(SESSION(session), SESSION_MSG_NORMAL, "*");
 241                 log_print("ESMTP> *\n");
 242                 break;
 243         }
 244
 245         return SM_OK;
 246 }
 247
 248 static gint smtp_auth_login_user_recv(SMTPSession *session, const gchar *msg)
 249 {
 250         gchar buf[MSGBUFSIZE];
 251
 252         session->state = SMTP_AUTH_LOGIN_PASS;
 253
 254         if (!strncmp(msg, "334 ", 4))
 255                 base64_encode(buf, session->pass, strlen(session->pass));
 256         else
 257                 /* Server rejects AUTH */
 258                 g_snprintf(buf, sizeof(buf), "*");
 259
 260         session_send_msg(SESSION(session), SESSION_MSG_NORMAL, buf);
 261         log_print("ESMTP> [PASSWORD]\n");
 262
 263         return SM_OK;
 264 }
 265
 266 static gint smtp_ehlo(SMTPSession *session)
 267 {
 268         gchar buf[MSGBUFSIZE];
 269
 270         session->state = SMTP_EHLO;
 271
 272         session->avail_auth_type = 0;
 273
 274         g_snprintf(buf, sizeof(buf), "EHLO %s",
 275                    session->hostname ? session->hostname : get_domain_name());
 276         session_send_msg(SESSION(session), SESSION_MSG_NORMAL, buf);
 277         log_print("ESMTP> %s\n", buf);
 278
 279         return SM_OK;
 280 }
 281
 282 static gint smtp_ehlo_recv(SMTPSession *session, const gchar *msg)
 283 {
 284         if (strncmp(msg, "250", 3) == 0) {
 285                 const gchar *p = msg;
 286                 p += 3;
 287                 if (*p == '-' || *p == ' ') p++;
 288                 if (g_ascii_strncasecmp(p, "AUTH", 4) == 0) {
 289                         p += 5;
 290                         if (strcasestr(p, "PLAIN"))
 291                                 session->avail_auth_type |= SMTPAUTH_PLAIN;
 292                         if (strcasestr(p, "LOGIN"))
 293                                 session->avail_auth_type |= SMTPAUTH_LOGIN;
 294                         if (strcasestr(p, "CRAM-MD5"))
 295                                 session->avail_auth_type |= SMTPAUTH_CRAM_MD5;
 296                         if (strcasestr(p, "DIGEST-MD5"))
 297                                 session->avail_auth_type |= SMTPAUTH_DIGEST_MD5;
 298                 }
 299                 if (g_ascii_strncasecmp(p, "SIZE", 4) == 0) {
 300                         p += 5;
 301                         session->max_message_size = atoi(p);
 302                 }
 303                 return SM_OK;
 304         } else if ((msg[0] == '1' || msg[0] == '2' || msg[0] == '3') &&
 305             (msg[3] == ' ' || msg[3] == '\0'))
 306                 return SM_OK;
 307         else if (msg[0] == '5' && msg[1] == '0' &&
 308                  (msg[2] == '4' || msg[2] == '3' || msg[2] == '1'))
 309                 return SM_ERROR;
 310
 311         return SM_ERROR;
 312 }
 313
 314 static gint smtp_starttls(SMTPSession *session)
 315 {
 316         session->state = SMTP_STARTTLS;
 317
 318         session_send_msg(SESSION(session), SESSION_MSG_NORMAL, "STARTTLS");
 319         log_print("ESMTP> STARTTLS\n");
 320
 321         return SM_OK;
 322 }
 323
 324 static gint smtp_auth_cram_md5(SMTPSession *session)
 325 {
 326         session->state = SMTP_AUTH;
 327         session->auth_type = SMTPAUTH_CRAM_MD5;
 328
 329         session_send_msg(SESSION(session), SESSION_MSG_NORMAL, "AUTH CRAM-MD5");
 330         log_print("ESMTP> AUTH CRAM-MD5\n");
 331
 332         return SM_OK;
 333 }
 334
 335 static gint smtp_auth_plain(SMTPSession *session)
 336 {
 337         gchar buf[MSGBUFSIZE];
 338
 339         /*
 340          * +1      +1      +1
 341          * \0<user>\0<pass>\0
 342          */
 343         int b64len = (1 + strlen(session->user) + 1 + strlen(session->pass) + 1);
 344         gchar *b64buf = g_malloc(b64len);
 345
 346         /* use the char *ptr to walk the base64 string with embedded \0 */
 347         char  *a = b64buf;
 348         int  b64cnt = 0;
 349
 350         session->state = SMTP_AUTH_PLAIN;
 351         session->auth_type = SMTPAUTH_PLAIN;
 352
 353         memset(buf, 0, sizeof buf);
 354
 355         /*
 356          * have to construct the string bit by bit. sprintf can't do it in one.
 357          * first field is null, so string is \0<user>\0<password>
 358          */
 359         *a = 0;
 360         a++;
 361
 362         g_snprintf (a, b64len - 1, "%s", session->user);
 363
 364         b64cnt = strlen(session->user)+1;
 365         a += b64cnt;
 366
 367         g_snprintf (a, b64len - b64cnt - 1, "%s", session->pass);
 368         b64cnt += strlen(session->pass) + 1;
 369
 370         /*
 371          * reuse the char *ptr to offset into the textbuf to meld
 372          * the plaintext ESMTP message and the base64 string value
 373          */
 374         strcpy(buf, "AUTH PLAIN ");
 375         a = buf + strlen(buf);
 376         base64_encode(a, b64buf, b64cnt);
 377
 378         session_send_msg(SESSION(session), SESSION_MSG_NORMAL, buf);
 379
 380         log_print("ESMTP> [AUTH PLAIN]\n");
 381
 382         g_free(b64buf);
 383
 384         return SM_OK;
 385 }
 386
 387 static gint smtp_auth_login(SMTPSession *session)
 388 {
 389         session->state = SMTP_AUTH;
 390         session->auth_type = SMTPAUTH_LOGIN;
 391
 392         session_send_msg(SESSION(session), SESSION_MSG_NORMAL, "AUTH LOGIN");
 393         log_print("ESMTP> AUTH LOGIN\n");
 394
 395         return SM_OK;
 396 }
 397
 398 static gint smtp_helo(SMTPSession *session)
 399 {
 400         gchar buf[MSGBUFSIZE];
 401
 402         session->state = SMTP_HELO;
 403
 404         g_snprintf(buf, sizeof(buf), "HELO %s",
 405                    session->hostname ? session->hostname : get_domain_name());
 406         session_send_msg(SESSION(session), SESSION_MSG_NORMAL, buf);
 407         log_print("SMTP> %s\n", buf);
 408
 409         return SM_OK;
 410 }
 411
 412 static gint smtp_rcpt(SMTPSession *session)
 413 {
 414         gchar buf[MSGBUFSIZE];
 415         gchar *to;
 416
 417         g_return_val_if_fail(session->cur_to != NULL, SM_ERROR);
 418
 419         session->state = SMTP_RCPT;
 420
 421         to = (gchar *)session->cur_to->data;
 422
 423         if (strchr(to, '<'))
 424                 g_snprintf(buf, sizeof(buf), "RCPT TO:%s", to);
 425         else
 426                 g_snprintf(buf, sizeof(buf), "RCPT TO:<%s>", to);
 427         session_send_msg(SESSION(session), SESSION_MSG_NORMAL, buf);
 428         log_print("SMTP> %s\n", buf);
 429
 430         session->cur_to = session->cur_to->next;
 431
 432         return SM_OK;
 433 }
 434
 435 static gint smtp_data(SMTPSession *session)
 436 {
 437         session->state = SMTP_DATA;
 438
 439         session_send_msg(SESSION(session), SESSION_MSG_NORMAL, "DATA");
 440         log_print("SMTP> DATA\n");
 441
 442         return SM_OK;
 443 }
 444
 445 static gint smtp_send_data(SMTPSession *session)
 446 {
 447         session->state = SMTP_SEND_DATA;
 448
 449         session_send_data(SESSION(session), session->send_data,
 450                           session->send_data_len);
 451
 452         return SM_OK;
 453 }
 454
 455 #if 0
 456 static gint smtp_rset(SMTPSession *session)
 457 {
 458         session->state = SMTP_RSET;
 459
 460         session_send_msg(SESSION(session), SESSION_MSG_NORMAL, "RSET");
 461         log_print("SMTP> RSET\n");
 462
 463         return SM_OK;
 464 }
 465 #endif
 466
 467 static gint smtp_quit(SMTPSession *session)
 468 {
 469         session->state = SMTP_QUIT;
 470
 471         session_send_msg(SESSION(session), SESSION_MSG_NORMAL, "QUIT");
 472         log_print("SMTP> QUIT\n");
 473
 474         return SM_OK;
 475 }
 476
 477 static gint smtp_eom(SMTPSession *session)
 478 {
 479         session->state = SMTP_EOM;
 480
 481         session_send_msg(SESSION(session), SESSION_MSG_NORMAL, ".");
 482         log_print("SMTP> . (EOM)\n");
 483
 484         return SM_OK;
 485 }
 486
 487 static gint smtp_session_recv_msg(Session *session, const gchar *msg)
 488 {
 489         SMTPSession *smtp_session = SMTP_SESSION(session);
 490         gboolean cont = FALSE;
 491
 492         if (strlen(msg) < 4) {
 493                 log_warning(_("bad SMTP response\n"));
 494                 return -1;
 495         }
 496
 497         switch (smtp_session->state) {
 498         case SMTP_EHLO:
 499         case SMTP_STARTTLS:
 500         case SMTP_AUTH:
 501         case SMTP_AUTH_PLAIN:
 502         case SMTP_AUTH_LOGIN_USER:
 503         case SMTP_AUTH_LOGIN_PASS:
 504         case SMTP_AUTH_CRAM_MD5:
 505                 log_print("ESMTP< %s\n", msg);
 506                 break;
 507         default:
 508                 log_print("SMTP< %s\n", msg);
 509                 break;
 510         }
 511
 512         if (msg[0] == '5' && msg[1] == '0' &&
 513             (msg[2] == '4' || msg[2] == '3' || msg[2] == '1')) {
 514                 log_warning(_("error occurred on SMTP session\n"));
 515                 smtp_session->state = SMTP_ERROR;
 516                 smtp_session->error_val = SM_ERROR;
 517                 g_free(smtp_session->error_msg);
 518                 smtp_session->error_msg = g_strdup(msg);
 519                 return -1;
 520         }
 521
 522         if (!strncmp(msg, "535", 3)) {
 523                 log_warning(_("error occurred on authentication\n"));
 524                 smtp_session->state = SMTP_ERROR;
 525                 smtp_session->error_val = SM_AUTHFAIL;
 526                 g_free(smtp_session->error_msg);
 527                 smtp_session->error_msg = g_strdup(msg);
 528                 return -1;
 529         }
 530
 531         if (msg[0] != '1' && msg[0] != '2' && msg[0] != '3') {
 532                 log_warning(_("error occurred on SMTP session\n"));
 533                 smtp_session->state = SMTP_ERROR;
 534                 smtp_session->error_val = SM_ERROR;
 535                 g_free(smtp_session->error_msg);
 536                 smtp_session->error_msg = g_strdup(msg);
 537                 return -1;
 538         }
 539
 540         if (msg[3] == '-')
 541                 cont = TRUE;
 542         else if (msg[3] != ' ' && msg[3] != '\0') {
 543                 log_warning(_("bad SMTP response\n"));
 544                 smtp_session->state = SMTP_ERROR;
 545                 smtp_session->error_val = SM_UNRECOVERABLE;
 546                 return -1;
 547         }
 548
 549         /* ignore all multiline responses except for EHLO */
 550         if (cont && smtp_session->state != SMTP_EHLO)
 551                 return session_recv_msg(session);
 552
 553         switch (smtp_session->state) {
 554         case SMTP_READY:
 555                 if (strstr(msg, "ESMTP"))
 556                         smtp_session->is_esmtp = TRUE;
 557         case SMTP_CONNECTED:
 558 #if USE_OPENSSL
 559                 if (smtp_session->user || session->ssl_type != SSL_NONE ||
 560                     smtp_session->is_esmtp)
 561 #else
 562                 if (smtp_session->user || smtp_session->is_esmtp)
 563 #endif
 564                         smtp_ehlo(smtp_session);
 565                 else
 566                         smtp_helo(smtp_session);
 567                 break;
 568         case SMTP_HELO:
 569                 smtp_from(smtp_session);
 570                 break;
 571         case SMTP_EHLO:
 572                 smtp_ehlo_recv(smtp_session, msg);
 573                 if (cont == TRUE)
 574                         break;
 575                 if (smtp_session->max_message_size > 0
 576                 && smtp_session->max_message_size <
 577                    smtp_session->send_data_len) {
 578                         log_warning(_("Message is too big "
 579                               "(Maximum size is %s)\n"),
 580                               to_human_readable(
 581                                (off_t)(smtp_session->max_message_size)));
 582                         smtp_session->state = SMTP_ERROR;
 583                         smtp_session->error_val = SM_ERROR;
 584                         return -1;
 585                 }
 586 #if USE_OPENSSL
 587                 if (session->ssl_type == SSL_STARTTLS &&
 588                     smtp_session->tls_init_done == FALSE) {
 589                         smtp_starttls(smtp_session);
 590                         break;
 591                 }
 592 #endif
 593                 if (smtp_session->user) {
 594                         if (smtp_auth(smtp_session) != SM_OK)
 595                                 smtp_from(smtp_session);
 596                 } else
 597                         smtp_from(smtp_session);
 598                 break;
 599         case SMTP_STARTTLS:
 600 #if USE_OPENSSL
 601                 if (session_start_tls(session) < 0) {
 602                         log_warning(_("can't start TLS session\n"));
 603                         smtp_session->state = SMTP_ERROR;
 604                         smtp_session->error_val = SM_ERROR;
 605                         return -1;
 606                 }
 607                 smtp_session->tls_init_done = TRUE;
 608                 smtp_ehlo(smtp_session);
 609 #endif
 610                 break;
 611         case SMTP_AUTH:
 612                 smtp_auth_recv(smtp_session, msg);
 613                 break;
 614         case SMTP_AUTH_LOGIN_USER:
 615                 smtp_auth_login_user_recv(smtp_session, msg);
 616                 break;
 617         case SMTP_AUTH_PLAIN:
 618         case SMTP_AUTH_LOGIN_PASS:
 619         case SMTP_AUTH_CRAM_MD5:
 620                 smtp_from(smtp_session);
 621                 break;
 622         case SMTP_FROM:
 623                 if (smtp_session->cur_to)
 624                         smtp_rcpt(smtp_session);
 625                 break;
 626         case SMTP_RCPT:
 627                 if (smtp_session->cur_to)
 628                         smtp_rcpt(smtp_session);
 629                 else
 630                         smtp_data(smtp_session);
 631                 break;
 632         case SMTP_DATA:
 633                 smtp_send_data(smtp_session);
 634                 break;
 635         case SMTP_EOM:
 636                 smtp_quit(smtp_session);
 637                 break;
 638         case SMTP_QUIT:
 639                 session_disconnect(session);
 640                 break;
 641         case SMTP_ERROR:
 642         default:
 643                 log_warning(_("error occurred on SMTP session\n"));
 644                 smtp_session->error_val = SM_ERROR;
 645                 return -1;
 646         }
 647
 648         if (cont)
 649                 return session_recv_msg(session);
 650
 651         return 0;
 652 }
 653
 654 static gint smtp_session_send_data_finished(Session *session, guint len)
 655 {
 656         smtp_eom(SMTP_SESSION(session));
 657         return 0;
 658 }