API tools faq
paste
Guest User

Untitled

a guest
Mar 2nd, 2018
307
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 15.40 KB | None | 0 0
raw download clone embed print report
  1. /* vi: set sw=4 ts=4: */
  2. /*
  3. * bare bones sendmail
  4. *
  5. * Copyright (C) 2008 by Vladimir Dronnikov <dronnikov@gmail.com>
  6. *
  7. * Licensed under GPLv2, see file LICENSE in this source tree.
  8. */
  9. //config:config SENDMAIL
  10. //config: bool "sendmail (14 kb)"
  11. //config: default y
  12. //config: help
  13. //config: Barebones sendmail.
  14.  
  15. //applet:IF_SENDMAIL(APPLET(sendmail, BB_DIR_USR_SBIN, BB_SUID_DROP))
  16.  
  17. //kbuild:lib-$(CONFIG_SENDMAIL) += sendmail.o mail.o
  18.  
  19. //usage:#define sendmail_trivial_usage
  20. //usage: "[-tv] [-f SENDER] [-amLOGIN 4<user_pass.txt | -auUSER -apPASS]"
  21. //usage: "\n [-w SECS] [-H 'PROG ARGS' | -S HOST] [RECIPIENT_EMAIL]..."
  22. //usage:#define sendmail_full_usage "\n\n"
  23. //usage: "Read email from stdin and send it\n"
  24. //usage: "\nStandard options:"
  25. //usage: "\n -t Read additional recipients from message body"
  26. //usage: "\n -f SENDER For use in MAIL FROM:<sender>. Can be empty string"
  27. //usage: "\n Default: -auUSER, or username of current UID"
  28. //usage: "\n -o OPTIONS Various options. -oi implied, others are ignored"
  29. //usage: "\n -i -oi synonym, implied and ignored"
  30. //usage: "\n"
  31. //usage: "\nBusybox specific options:"
  32. //usage: "\n -v Verbose"
  33. //usage: "\n -w SECS Network timeout"
  34. //usage: "\n -H 'PROG ARGS' Run connection helper. Examples:"
  35. //usage: "\n openssl s_client -quiet -tls1 -starttls smtp -connect smtp.gmail.com:25"
  36. //usage: "\n openssl s_client -quiet -tls1 -connect smtp.gmail.com:465"
  37. //usage: "\n $SMTP_ANTISPAM_DELAY: seconds to wait after helper connect"
  38. //usage: "\n -S HOST[:PORT] Server (default $SMTPHOST or 127.0.0.1)"
  39. //usage: "\n -amLOGIN Log in using AUTH LOGIN (-amCRAM-MD5 not supported)"
  40. //usage: "\n -auUSER Username for AUTH"
  41. //usage: "\n -apPASS Password for AUTH"
  42. //usage: "\n"
  43. //usage: "\nIf no -a options are given, authentication is not done."
  44. //usage: "\nIf -amLOGIN is given but no -au/-ap, user/password is read from fd #4."
  45. //usage: "\nOther options are silently ignored; -oi is implied."
  46. //usage: IF_MAKEMIME(
  47. //usage: "\nUse makemime to create emails with attachments."
  48. //usage: )
  49.  
  50. /* Currently we don't sanitize or escape user-supplied SENDER and RECIPIENT_EMAILs.
  51. * We may need to do so. For one, '.' in usernames seems to require escaping!
  52. *
  53. * From http://cr.yp.to/smtp/address.html:
  54. *
  55. * SMTP offers three ways to encode a character inside an address:
  56. *
  57. * "safe": the character, if it is not <>()[].,;:@, backslash,
  58. * double-quote, space, or an ASCII control character;
  59. * "quoted": the character, if it is not \012, \015, backslash,
  60. * or double-quote; or
  61. * "slashed": backslash followed by the character.
  62. *
  63. * An encoded box part is either (1) a sequence of one or more slashed
  64. * or safe characters or (2) a double quote, a sequence of zero or more
  65. * slashed or quoted characters, and a double quote. It represents
  66. * the concatenation of the characters encoded inside it.
  67. *
  68. * For example, the encoded box parts
  69. * angels
  70. * \a\n\g\e\l\s
  71. * "\a\n\g\e\l\s"
  72. * "angels"
  73. * "ang\els"
  74. * all represent the 6-byte string "angels", and the encoded box parts
  75. * a\,comma
  76. * \a\,\c\o\m\m\a
  77. * "a,comma"
  78. * all represent the 7-byte string "a,comma".
  79. *
  80. * An encoded address contains
  81. * the byte <;
  82. * optionally, a route followed by a colon;
  83. * an encoded box part, the byte @, and a domain; and
  84. * the byte >.
  85. *
  86. * It represents an Internet mail address, given by concatenating
  87. * the string represented by the encoded box part, the byte @,
  88. * and the domain. For example, the encoded addresses
  89. * <God@heaven.af.mil>
  90. * <\God@heaven.af.mil>
  91. * <"God"@heaven.af.mil>
  92. * <@gateway.af.mil,@uucp.local:"\G\o\d"@heaven.af.mil>
  93. * all represent the Internet mail address "God@heaven.af.mil".
  94. */
  95.  
  96. #include "libbb.h"
  97. #include "mail.h"
  98.  
  99. // limit maximum allowed number of headers to prevent overflows.
  100. // set to 0 to not limit
  101. #define MAX_HEADERS 256
  102.  
  103. static void send_r_n(const char *s)
  104. {
  105. if (verbose)
  106. bb_error_msg("send:'%s'", s);
  107. printf("%s\r\n", s);
  108. }
  109.  
  110. static int smtp_checkp(const char *fmt, const char *param, int code)
  111. {
  112. char *answer;
  113. char *msg = send_mail_command(fmt, param);
  114. // read stdin
  115. // if the string has a form NNN- -- read next string. E.g. EHLO response
  116. // parse first bytes to a number
  117. // if code = -1 then just return this number
  118. // if code != -1 then checks whether the number equals the code
  119. // if not equal -> die saying msg
  120. while ((answer = xmalloc_fgetline(stdin)) != NULL) {
  121. if (verbose)
  122. bb_error_msg("recv:'%.*s'", (int)(strchrnul(answer, '\r') - answer), answer);
  123. if (strlen(answer) <= 3 || '-' != answer[3])
  124. break;
  125. free(answer);
  126. }
  127. if (answer) {
  128. int n = atoi(answer);
  129. if (timeout)
  130. alarm(0);
  131. free(answer);
  132. if (-1 == code || n == code) {
  133. free(msg);
  134. return n;
  135. }
  136. }
  137. bb_error_msg_and_die("%s failed", msg);
  138. }
  139.  
  140. static int smtp_check(const char *fmt, int code)
  141. {
  142. return smtp_checkp(fmt, NULL, code);
  143. }
  144.  
  145. // strip argument of bad chars
  146. static char *sane_address(char *str)
  147. {
  148. char *s;
  149.  
  150. trim(str);
  151. s = str;
  152. while (*s) {
  153. /* Standard allows these chars in username without quoting:
  154. * /!#$%&'*+-=?^_`{|}~
  155. * and allows dot (.) with some restrictions.
  156. * I chose to only allow a saner subset.
  157. * I propose to expand it only on user's request.
  158. */
  159. if (!isalnum(*s) && !strchr("=+_-.@", *s)) {
  160. bb_error_msg("bad address '%s'", str);
  161. /* returning "": */
  162. str[0] = '\0';
  163. return str;
  164. }
  165. s++;
  166. }
  167. return str;
  168. }
  169.  
  170. // check for an address inside angle brackets, if not found fall back to normal
  171. static char *angle_address(char *str)
  172. {
  173. char *s, *e;
  174.  
  175. e = trim(str);
  176. if (e != str && e[-1] == '>') {
  177. s = strrchr(str, '<');
  178. if (s) {
  179. *e = '\0';
  180. str = s + 1;
  181. }
  182. }
  183. return sane_address(str);
  184. }
  185.  
  186. static void rcptto(const char *s)
  187. {
  188. if (!*s)
  189. return;
  190. // N.B. we don't die if recipient is rejected, for the other recipients may be accepted
  191. if (250 != smtp_checkp("RCPT TO:<%s>", s, -1))
  192. bb_error_msg("Bad recipient: <%s>", s);
  193. }
  194.  
  195. // send to a list of comma separated addresses
  196. static void rcptto_list(const char *list)
  197. {
  198. char *free_me = xstrdup(list);
  199. char *str = free_me;
  200. char *s = free_me;
  201. char prev = 0;
  202. int in_quote = 0;
  203.  
  204. while (*s) {
  205. char ch = *s++;
  206.  
  207. if (ch == '"' && prev != '\\') {
  208. in_quote = !in_quote;
  209. } else if (!in_quote && ch == ',') {
  210. s[-1] = '\0';
  211. rcptto(angle_address(str));
  212. str = s;
  213. }
  214. prev = ch;
  215. }
  216. if (prev != ',')
  217. rcptto(angle_address(str));
  218. free(free_me);
  219. }
  220.  
  221. int sendmail_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
  222. int sendmail_main(int argc UNUSED_PARAM, char **argv)
  223. {
  224. char *opt_connect;
  225. char *opt_from = NULL;
  226. char *s;
  227. llist_t *list = NULL;
  228. char *host = sane_address(safe_gethostname());
  229. unsigned nheaders = 0;
  230. int code;
  231. enum {
  232. HDR_OTHER = 0,
  233. HDR_TOCC,
  234. HDR_BCC,
  235. } last_hdr = 0;
  236. int check_hdr;
  237. int has_to = 0;
  238.  
  239. enum {
  240. //--- standard options
  241. OPT_t = 1 << 0, // read message for recipients, append them to those on cmdline
  242. OPT_f = 1 << 1, // sender address
  243. OPT_o = 1 << 2, // various options. -oi IMPLIED! others are IGNORED!
  244. OPT_i = 1 << 3, // IMPLIED!
  245. //--- BB specific options
  246. OPT_w = 1 << 4, // network timeout
  247. OPT_H = 1 << 5, // use external connection helper
  248. OPT_S = 1 << 6, // specify connection string
  249. OPT_a = 1 << 7, // authentication tokens
  250. OPT_v = 1 << 8, // verbosity
  251. };
  252.  
  253. // init global variables
  254. INIT_G();
  255.  
  256. // default HOST[:PORT] is $SMTPHOST, or localhost
  257. opt_connect = getenv("SMTPHOST");
  258. if (!opt_connect)
  259. opt_connect = (char *)"127.0.0.1";
  260.  
  261. // save initial stdin since body is piped!
  262. xdup2(STDIN_FILENO, 3);
  263. G.fp0 = xfdopen_for_read(3);
  264.  
  265. // parse options
  266. // N.B. since -H and -S are mutually exclusive they do not interfere in opt_connect
  267. // -a is for ssmtp (http://downloads.openwrt.org/people/nico/man/man8/ssmtp.8.html) compatibility,
  268. // it is still under development.
  269. opts = getopt32(argv, "^"
  270. "tf:o:iw:+H:S:a:*:v"
  271. "\0"
  272. // -v is a counter, -H and -S are mutually exclusive, -a is a list
  273. "vv:H--S:S--H",
  274. &opt_from, NULL,
  275. &timeout, &opt_connect, &opt_connect, &list, &verbose
  276. );
  277. //argc -= optind;
  278. argv += optind;
  279.  
  280. // process -a[upm]<token> options
  281. if ((opts & OPT_a) && !list)
  282. bb_show_usage();
  283. while (list) {
  284. char *a = (char *) llist_pop(&list);
  285. if ('u' == a[0])
  286. G.user = xstrdup(a+1);
  287. if ('p' == a[0])
  288. G.pass = xstrdup(a+1);
  289. // N.B. we support only AUTH LOGIN so far
  290. //if ('m' == a[0])
  291. // G.method = xstrdup(a+1);
  292. }
  293. // N.B. list == NULL here
  294. //bb_error_msg("OPT[%x] AU[%s], AP[%s], AM[%s], ARGV[%s]", opts, au, ap, am, *argv);
  295.  
  296. // connect to server
  297.  
  298. // connection helper ordered? ->
  299. if (opts & OPT_H) {
  300. const char *delay;
  301. const char *args[] = { "sh", "-c", opt_connect, NULL };
  302. // plug it in
  303. launch_helper(args);
  304. // Now:
  305. // our stdout will go to helper's stdin,
  306. // helper's stdout will be available on our stdin.
  307.  
  308. // Wait for initial server message.
  309. // If helper (such as openssl) invokes STARTTLS, the initial 220
  310. // is swallowed by helper (and not repeated after TLS is initiated).
  311. // We will send NOOP cmd to server and check the response.
  312. // We should get 220+250 on plain connection, 250 on STARTTLSed session.
  313. //
  314. // The problem here is some servers delay initial 220 message,
  315. // and consider client to be a spammer if it starts sending cmds
  316. // before 220 reached it. The code below is unsafe in this regard:
  317. // in non-STARTTLSed case, we potentially send NOOP before 220
  318. // is sent by server.
  319. //
  320. // If $SMTP_ANTISPAM_DELAY is set, we pause before sending NOOP.
  321. //
  322. delay = getenv("SMTP_ANTISPAM_DELAY");
  323. if (delay)
  324. sleep(atoi(delay));
  325. code = smtp_check("NOOP", -1);
  326. if (code == 220)
  327. // we got 220 - this is not STARTTLSed connection,
  328. // eat 250 response to our NOOP
  329. smtp_check(NULL, 250);
  330. else
  331. if (code != 250)
  332. bb_error_msg_and_die("SMTP init failed");
  333. } else {
  334. // vanilla connection
  335. int fd;
  336. fd = create_and_connect_stream_or_die(opt_connect, 25);
  337. // and make ourselves a simple IO filter
  338. xmove_fd(fd, STDIN_FILENO);
  339. xdup2(STDIN_FILENO, STDOUT_FILENO);
  340.  
  341. // Wait for initial server 220 message
  342. smtp_check(NULL, 220);
  343. }
  344.  
  345. // we should start with modern EHLO
  346. if (250 != smtp_checkp("EHLO %s", host, -1))
  347. smtp_checkp("HELO %s", host, 250);
  348.  
  349. // perform authentication
  350. if (opts & OPT_a) {
  351. smtp_check("AUTH LOGIN", 334);
  352. // we must read credentials unless they are given via -a[up] options
  353. if (!G.user || !G.pass)
  354. get_cred_or_die(4);
  355. encode_base64(NULL, G.user, NULL);
  356. smtp_check("", 334);
  357. encode_base64(NULL, G.pass, NULL);
  358. smtp_check("", 235);
  359. }
  360.  
  361. // set sender
  362. // N.B. we have here a very loosely defined algorythm
  363. // since sendmail historically offers no means to specify secrets on cmdline.
  364. // 1) server can require no authentication ->
  365. // we must just provide a (possibly fake) reply address.
  366. // 2) server can require AUTH ->
  367. // we must provide valid username and password along with a (possibly fake) reply address.
  368. // For the sake of security username and password are to be read either from console or from a secured file.
  369. // Since reading from console may defeat usability, the solution is either to read from a predefined
  370. // file descriptor (e.g. 4), or again from a secured file.
  371.  
  372. // got no sender address? use auth name, then UID username as a last resort
  373. if (!opt_from) {
  374. opt_from = xasprintf("%s@%s",
  375. G.user ? G.user : xuid2uname(getuid()),
  376. xgethostbyname(host)->h_name);
  377. }
  378. free(host);
  379.  
  380. smtp_checkp("MAIL FROM:<%s>", opt_from, 250);
  381.  
  382. // process message
  383.  
  384. // read recipients from message and add them to those given on cmdline.
  385. // this means we scan stdin for To:, Cc:, Bcc: lines until an empty line
  386. // and then use the rest of stdin as message body
  387. code = 0; // set "analyze headers" mode
  388. while ((s = xmalloc_fgetline(G.fp0)) != NULL) {
  389. dump:
  390. // put message lines doubling leading dots
  391. if (code) {
  392. // escape leading dots
  393. // N.B. this feature is implied even if no -i (-oi) switch given
  394. // N.B. we need to escape the leading dot regardless of
  395. // whether it is single or not character on the line
  396. if ('.' == s[0] /*&& '\0' == s[1] */)
  397. bb_putchar('.');
  398. // dump read line
  399. send_r_n(s);
  400. free(s);
  401. continue;
  402. }
  403.  
  404. // analyze headers
  405. // To: or Cc: headers add recipients
  406. check_hdr = (0 == strncasecmp("To:", s, 3));
  407. has_to |= check_hdr;
  408. if (opts & OPT_t) {
  409. if (check_hdr || 0 == strncasecmp("Bcc:" + 1, s, 3)) {
  410. rcptto_list(s+3);
  411. last_hdr = HDR_TOCC;
  412. goto addheader;
  413. }
  414. // Bcc: header adds blind copy (hidden) recipient
  415. if (0 == strncasecmp("Bcc:", s, 4)) {
  416. rcptto_list(s+4);
  417. free(s);
  418. last_hdr = HDR_BCC;
  419. continue; // N.B. Bcc: vanishes from headers!
  420. }
  421. }
  422. check_hdr = (list && isspace(s[0]));
  423. if (strchr(s, ':') || check_hdr) {
  424. // other headers go verbatim
  425. // N.B. RFC2822 2.2.3 "Long Header Fields" allows for headers to occupy several lines.
  426. // Continuation is denoted by prefixing additional lines with whitespace(s).
  427. // Thanks (stefan.seyfried at googlemail.com) for pointing this out.
  428. if (check_hdr && last_hdr != HDR_OTHER) {
  429. rcptto_list(s+1);
  430. if (last_hdr == HDR_BCC)
  431. continue;
  432. // N.B. Bcc: vanishes from headers!
  433. } else {
  434. last_hdr = HDR_OTHER;
  435. }
  436. addheader:
  437. // N.B. we allow MAX_HEADERS generic headers at most to prevent attacks
  438. if (MAX_HEADERS && ++nheaders >= MAX_HEADERS)
  439. goto bail;
  440. llist_add_to_end(&list, s);
  441. } else {
  442. // a line without ":" (an empty line too, by definition) doesn't look like a valid header
  443. // so stop "analyze headers" mode
  444. reenter:
  445. // put recipients specified on cmdline
  446. check_hdr = 1;
  447. while (*argv) {
  448. char *t = sane_address(*argv);
  449. rcptto(t);
  450. //if (MAX_HEADERS && ++nheaders >= MAX_HEADERS)
  451. // goto bail;
  452. if (!has_to) {
  453. const char *hdr;
  454.  
  455. if (check_hdr && argv[1])
  456. hdr = "To: %s,";
  457. else if (check_hdr)
  458. hdr = "To: %s";
  459. else if (argv[1])
  460. hdr = "To: %s," + 3;
  461. else
  462. hdr = "To: %s" + 3;
  463. llist_add_to_end(&list,
  464. xasprintf(hdr, t));
  465. check_hdr = 0;
  466. }
  467. argv++;
  468. }
  469. // enter "put message" mode
  470. // N.B. DATA fails iff no recipients were accepted (or even provided)
  471. // in this case just bail out gracefully
  472. if (354 != smtp_check("DATA", -1))
  473. goto bail;
  474. // dump the headers
  475. while (list) {
  476. send_r_n((char *) llist_pop(&list));
  477. }
  478. // stop analyzing headers
  479. code++;
  480. // N.B. !s means: we read nothing, and nothing to be read in the future.
  481. // just dump empty line and break the loop
  482. if (!s) {
  483. send_r_n("");
  484. break;
  485. }
  486. // go dump message body
  487. // N.B. "s" already contains the first non-header line, so pretend we read it from input
  488. goto dump;
  489. }
  490. }
  491. // odd case: we didn't stop "analyze headers" mode -> message body is empty. Reenter the loop
  492. // N.B. after reenter code will be > 0
  493. if (!code)
  494. goto reenter;
  495.  
  496. // finalize the message
  497. smtp_check(".", 250);
  498. bail:
  499. // ... and say goodbye
  500. smtp_check("QUIT", 221);
  501. // cleanup
  502. if (ENABLE_FEATURE_CLEAN_UP)
  503. fclose(G.fp0);
  504.  
  505. return EXIT_SUCCESS;
  506. }
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!