1 |
#include <stdio.h> |
2 |
#include <unistd.h> |
3 |
#include <errno.h> |
4 |
#include <sys/types.h> |
5 |
#include <regex.h> |
6 |
#include <string.h> |
7 |
#include <stdlib.h> |
8 |
#include <limits.h> |
9 |
#include <sys/stat.h> |
10 |
#include <fcntl.h> |
11 |
#include <time.h> |
12 |
|
13 |
#include "config.h" |
14 |
#include "imapfilter.h" |
15 |
#include "data.h" |
16 |
|
17 |
|
18 |
extern char logfile[PATH_MAX]; |
19 |
extern unsigned int options; |
20 |
extern unsigned int flags; |
21 |
extern unsigned int interval; |
22 |
extern long timeout; |
23 |
extern char *home; |
24 |
|
25 |
#ifdef ENCRYPTED_PASSWORDS |
26 |
char *passphr; /* Master password to access the passwords |
27 |
file. */ |
28 |
#endif |
29 |
|
30 |
|
31 |
/* |
32 |
* Find the path to configuration file, open it and call parse_config(). |
33 |
*/ |
34 |
int read_config(char *cfg) |
35 |
{ |
36 |
int r; |
37 |
FILE *fd; |
38 |
char *c = NULL; |
39 |
|
40 |
if (!cfg) { |
41 |
cfg = c = (char *)xmalloc(PATH_MAX * sizeof(char)); |
42 |
snprintf(cfg, PATH_MAX, "%s/%s", home, ".imapfilterrc"); |
43 |
} |
44 |
#ifdef DEBUG |
45 |
printf("debug: configuration file: '%s'\n", cfg); |
46 |
#endif |
47 |
#ifdef CHECK_PERMISSIONS |
48 |
check_file_perms(cfg, S_IRUSR | S_IWUSR); |
49 |
#endif |
50 |
fd = fopen(cfg, "r"); |
51 |
|
52 |
if (!fd) |
53 |
fatal(ERROR_FILE_OPEN, "imapfilter: opening config file %s; %s\n", |
54 |
cfg, strerror(errno)); |
55 |
|
56 |
if (c) |
57 |
xfree(c); |
58 |
|
59 |
if ((r = parse_config(fd))) |
60 |
fatal(ERROR_CONFIG_PARSE, |
61 |
"imapfilter: parse error in config file at row %d\n", r); |
62 |
|
63 |
fclose(fd); |
64 |
|
65 |
#ifdef DEBUG |
66 |
printf("debug: options: %0#10x\n", options); |
67 |
#endif |
68 |
|
69 |
return 0; |
70 |
} |
71 |
|
72 |
|
73 |
/* |
74 |
* Parse configuration file. |
75 |
*/ |
76 |
int parse_config(FILE * fd) |
77 |
{ |
78 |
int i, r = 0; |
79 |
unsigned int row = 0; |
80 |
char line[LINE_MAX]; |
81 |
regex_t creg[13]; |
82 |
regmatch_t match[11]; |
83 |
const char *reg[13] = { |
84 |
"^([[:blank:]]*\n|#.*\n)$", |
85 |
|
86 |
"^[[:blank:]]*ACCOUNT[[:blank:]]+([[:alnum:]_-]+)[[:blank:]]+" |
87 |
"(([[:graph:]]+):([[:graph:]]*)|([[:graph:]]+))@([[:alnum:].-]+)" |
88 |
"(:[[:digit:]]+)?[[:blank:]]*([[:blank:]]SSL|[[:blank:]]SSL2|" |
89 |
"[[:blank:]]SSL3|[[:blank:]]TLS1)?[[:blank:]]*\n$", |
90 |
|
91 |
"^[[:blank:]]*FOLDER[[:blank:]]+([[:alnum:]_-]+)[[:blank:]]+" |
92 |
"([[:print:]]+)[[:blank:]]*\n$", |
93 |
|
94 |
"^[[:blank:]]*FILTER[[:blank:]]+([[:alnum:]_-]+)[[:blank:]]*" |
95 |
"([[:blank:]]OR|[[:blank:]]AND)?[[:blank:]]*\n$", |
96 |
|
97 |
"^[[:blank:]]*ACTION[[:blank:]]+(DELETE|" |
98 |
"COPY[[:blank:]]+(\"[[:print:]]*\"|[[:graph:]]+)|" |
99 |
"MOVE[[:blank:]]+(\"[[:print:]]*\"|[[:graph:]]+)|" |
100 |
"RCOPY[[:blank:]]+([[:alnum:]_-]+)[[:blank:]]+" |
101 |
"(\"[[:print:]]*\"|[[:graph:]]+)|" |
102 |
"RMOVE[[:blank:]]+([[:alnum:]_-]+)[[:blank:]]+" |
103 |
"(\"[[:print:]]*\"|[[:graph:]]+)|" |
104 |
"FLAG[[:blank:]]+(REPLACE|ADD|REMOVE)[[:blank:]]+" |
105 |
"([[:alpha:],]+)|" |
106 |
"LIST)[[:blank:]]*([[:graph:]]*)[[:blank:]]*\n$", |
107 |
|
108 |
"^[[:blank:]]*(MASK[[:blank:]])?[[:blank:]]*(OR[[:blank:]]|" |
109 |
"AND[[:blank:]])?[[:blank:]]*(NOT[[:blank:]])?[[:blank:]]*" |
110 |
"(ANSWERED|DELETED|DRAFT|FLAGGED|NEW|OLD|RECENT|SEEN|UNANSWERED|" |
111 |
"UNDELETED|UNDRAFT|UNFLAGGED|UNSEEN)[[:blank:]]*\n$", |
112 |
|
113 |
"^[[:blank:]]*(MASK[[:blank:]])?[[:blank:]]*(OR[[:blank:]]|" |
114 |
"AND[[:blank:]])?[[:blank:]]*(NOT[[:blank:]])?[[:blank:]]*" |
115 |
"(BCC|BODY|CC|FROM|SUBJECT|TEXT|TO)[[:blank:]]+(\"[[:print:]]*\"|" |
116 |
"[[:graph:]]+)[[:blank:]]*\n$", |
117 |
|
118 |
"^[[:blank:]]*(MASK[[:blank:]])?[[:blank:]]*(OR[[:blank:]]|" |
119 |
"AND[[:blank:]])?[[:blank:]]*(NOT[[:blank:]])?[[:blank:]]*" |
120 |
"(HEADER)[[:blank:]]+(\"[[:print:]]*\"|[[:graph:]]+)[[:blank:]]+" |
121 |
"(\"[[:print:]]*\"|[[:graph:]]+)[[:blank:]]*\n$", |
122 |
|
123 |
"^[[:blank:]]*(MASK[[:blank:]])?[[:blank:]]*(OR[[:blank:]]|" |
124 |
"AND[[:blank:]])?[[:blank:]]*(NOT[[:blank:]])?[[:blank:]]*" |
125 |
"(LARGER|SMALLER|OLDER|NEWER)[[:blank:]]+([[:digit:]]+)" |
126 |
"[[:blank:]]*\n$", |
127 |
|
128 |
"^[[:blank:]]*JOB[[:blank:]]+([[:alnum:],_-]+)[[:blank:]]+" |
129 |
"([[:alnum:],_-]+)[[:blank:]]*\n$", |
130 |
|
131 |
"^[[:blank:]]*(SET[[:blank:]])?[[:blank:]]*(LOGFILE)" |
132 |
"[[:blank:]]*=[[:blank:]]*([[:print:]]+)\n$", |
133 |
|
134 |
"^[[:blank:]]*(SET[[:blank:]])?[[:blank:]]*(EXPUNGE|HEADERS|NAMESPACE|" |
135 |
"SUBSCRIBE)[[:blank:]]*=[[:blank:]]*(YES|NO)[[:blank:]]*\n$", |
136 |
|
137 |
"^[[:blank:]]*(SET[[:blank:]])?[[:blank:]]*(DAEMON|TIMEOUT)" |
138 |
"[[:blank:]]*=[[:blank:]]*([[:digit:]]+)\n$" |
139 |
}; |
140 |
|
141 |
for (i = 0; i < 13; i++) |
142 |
regcomp(&creg[i], reg[i], REG_EXTENDED | REG_ICASE); |
143 |
|
144 |
while (fgets(line, LINE_MAX - 1, fd)) { |
145 |
row++; |
146 |
if (!regexec(&creg[0], line, 0, match, 0)) |
147 |
continue; |
148 |
else if (!regexec(&creg[1], line, 9, match, 0)) |
149 |
set_account(line, match); |
150 |
else if (!regexec(&creg[2], line, 3, match, 0)) |
151 |
r = set_mboxgrp(line, match); |
152 |
else if (!regexec(&creg[3], line, 3, match, 0)) |
153 |
r = set_filter(line, match); |
154 |
else if (!regexec(&creg[4], line, 11, match, 0)) |
155 |
r = set_action(line, match); |
156 |
else if (!regexec(&creg[5], line, 7, match, 0) || |
157 |
!regexec(&creg[6], line, 7, match, 0) || |
158 |
!regexec(&creg[7], line, 7, match, 0) || |
159 |
!regexec(&creg[8], line, 7, match, 0)) |
160 |
r = set_mask(line, match); |
161 |
else if (!regexec(&creg[9], line, 3, match, 0)) |
162 |
r = set_job(line, match); |
163 |
else if (!regexec(&creg[10], line, 4, match, 0) || |
164 |
!regexec(&creg[11], line, 4, match, 0) || |
165 |
!regexec(&creg[12], line, 4, match, 0)) |
166 |
set_options(line, match); |
167 |
else |
168 |
return row; |
169 |
|
170 |
if (r == ERROR_CONFIG_PARSE) |
171 |
return row; |
172 |
} |
173 |
|
174 |
for (i = 0; i < 13; i++) |
175 |
regfree(&creg[i]); |
176 |
|
177 |
destroy_data(); |
178 |
|
179 |
return 0; |
180 |
} |
181 |
|
182 |
|
183 |
/* |
184 |
* Set other options found in config file. |
185 |
*/ |
186 |
void set_options(char *line, regmatch_t * match) |
187 |
{ |
188 |
if (!strncasecmp(line + match[2].rm_so, "logfile", 7)) { |
189 |
if (!*logfile) |
190 |
strncat(logfile, line + match[3].rm_so, |
191 |
min((match[3].rm_eo - match[3].rm_so), PATH_MAX - 1)); |
192 |
} else if (!strncasecmp(line + match[2].rm_so, "expunge", 7)) { |
193 |
if (!strncasecmp(line + match[3].rm_so, "yes", 3)) |
194 |
options |= OPTION_EXPUNGE; |
195 |
else |
196 |
options &= ~(OPTION_EXPUNGE); |
197 |
} else if (!strncasecmp(line + match[2].rm_so, "header", 6)) { |
198 |
if (!strncasecmp(line + match[3].rm_so, "yes", 3)) |
199 |
options |= OPTION_HEADERS; |
200 |
else |
201 |
options &= ~(OPTION_HEADERS); |
202 |
} else if (!strncasecmp(line + match[2].rm_so, "namespace", 9)) { |
203 |
if (!strncasecmp(line + match[3].rm_so, "yes", 3)) |
204 |
options |= OPTION_NAMESPACE; |
205 |
else |
206 |
options &= ~(OPTION_NAMESPACE); |
207 |
} else if (!strncasecmp(line + match[2].rm_so, "subscribe", 9)) { |
208 |
if (!strncasecmp(line + match[2].rm_so, "yes", 3)) |
209 |
options |= OPTION_SUBSCRIBE; |
210 |
else |
211 |
options &= ~(OPTION_SUBSCRIBE); |
212 |
} else if (!strncasecmp(line + match[2].rm_so, "timeout", 7)) { |
213 |
errno = 0; |
214 |
timeout = strtol(line + match[3].rm_so, NULL, 10); |
215 |
if (errno) |
216 |
timeout = 0; |
217 |
} else if (!strncasecmp(line + match[2].rm_so, "daemon", 6) && |
218 |
!(options & OPTION_DAEMON_MODE)) { |
219 |
options |= OPTION_DAEMON_MODE; |
220 |
errno = 0; |
221 |
interval = strtoul(line + match[3].rm_so, NULL, 10); |
222 |
if (errno) |
223 |
interval = 0; |
224 |
} |
225 |
} |
226 |
|
227 |
|
228 |
#ifdef ENCRYPTED_PASSWORDS |
229 |
/* |
230 |
* Open password file and call parse_passwords(). |
231 |
*/ |
232 |
int read_passwords(void) |
233 |
{ |
234 |
FILE *fd; |
235 |
char pwfile[PATH_MAX]; |
236 |
|
237 |
if (!(flags & FLAG_BLANK_PASSWORD)) |
238 |
return ERROR_CONFIG_PARSE; |
239 |
|
240 |
passphr = (char *)smalloc(PASSPHRASE_LEN); |
241 |
*passphr = 0; |
242 |
|
243 |
snprintf(pwfile, PATH_MAX, "%s/%s", home, ".imapfilter/passwords"); |
244 |
#ifdef DEBUG |
245 |
printf("debug: passwords file: '%s'\n", pwfile); |
246 |
#endif |
247 |
|
248 |
if (!exists_file(pwfile)) |
249 |
return ERROR_FILE_OPEN; |
250 |
|
251 |
#ifdef CHECK_PERMISSIONS |
252 |
check_file_perms(pwfile, S_IRUSR | S_IWUSR); |
253 |
#endif |
254 |
|
255 |
fd = fopen(pwfile, "r"); |
256 |
|
257 |
if (!fd) |
258 |
fatal(ERROR_FILE_OPEN, "imapfilter: opening passwords file %s; %s\n", |
259 |
pwfile, strerror(errno)); |
260 |
|
261 |
parse_passwords(fd); |
262 |
|
263 |
fclose(fd); |
264 |
|
265 |
return 0; |
266 |
} |
267 |
|
268 |
|
269 |
/* |
270 |
* Parse unencrypted password file. |
271 |
*/ |
272 |
int parse_passwords(FILE * fd) |
273 |
{ |
274 |
int t = 3; |
275 |
char *pe = NULL; |
276 |
char user[USERNAME_LEN], serv[SERVER_LEN]; |
277 |
unsigned char *buf; |
278 |
char *c, *cp, *line; |
279 |
regex_t creg; |
280 |
regmatch_t match[4]; |
281 |
const char *reg = "([[:alnum:].-]+) ([[:graph:]]+) ([[:graph:]]+)"; |
282 |
int r; |
283 |
|
284 |
do { |
285 |
fseek(fd, 0L, SEEK_SET); |
286 |
printf("Enter master passphrase: "); |
287 |
get_password(passphr, PASSPHRASE_LEN); |
288 |
} while ((r = decrypt_passwords(&buf, fd)) && --t); |
289 |
|
290 |
if (!t) |
291 |
return ERROR_PASSPHRASE; |
292 |
|
293 |
c = cp = sstrdup(buf); |
294 |
|
295 |
regcomp(&creg, reg, REG_EXTENDED | REG_ICASE); |
296 |
|
297 |
while ((line = strsep(&c, "\n")) && |
298 |
!regexec(&creg, line, 4, match, 0)) { |
299 |
user[0] = serv[0] = 0; |
300 |
|
301 |
strncat(serv, line + match[1].rm_so, |
302 |
min(match[1].rm_eo - match[1].rm_so, SERVER_LEN - 1)); |
303 |
strncat(user, line + match[2].rm_so, |
304 |
min(match[2].rm_eo - match[2].rm_so, USERNAME_LEN - 1)); |
305 |
|
306 |
if ((pe = (char *)find_password(user, serv))) |
307 |
strncat(pe, line + match[3].rm_so, |
308 |
min(match[3].rm_eo - match[3].rm_so, PASSWORD_LEN - 1)); |
309 |
} |
310 |
|
311 |
regfree(&creg); |
312 |
sfree(cp); |
313 |
sfree(buf); |
314 |
|
315 |
return 0; |
316 |
} |
317 |
|
318 |
|
319 |
/* |
320 |
* Store encrypted passwords to file. |
321 |
*/ |
322 |
int store_passwords(account_t * accts[]) |
323 |
{ |
324 |
char pwfile[PATH_MAX]; |
325 |
FILE *fd; |
326 |
|
327 |
snprintf(pwfile, PATH_MAX, "%s/%s", home, ".imapfilter/passwords"); |
328 |
|
329 |
create_file(pwfile, S_IRUSR | S_IWUSR); |
330 |
|
331 |
fd = fopen(pwfile, "w"); |
332 |
|
333 |
if (!fd) |
334 |
fatal(ERROR_FILE_OPEN, "imapfilter: opening passwords file %s; %s\n", |
335 |
pwfile, strerror(errno)); |
336 |
|
337 |
encrypt_passwords(fd, accts); |
338 |
|
339 |
fclose(fd); |
340 |
|
341 |
return 0; |
342 |
} |
343 |
|
344 |
#endif |
345 |
|
346 |
|
347 |
/* |
348 |
* Create $HOME/.imapfilter directory. |
349 |
*/ |
350 |
int create_homedir(void) |
351 |
{ |
352 |
char *hdn = ".imapfilter"; |
353 |
|
354 |
if (home) |
355 |
if (chdir(home)) |
356 |
error("imapfilter: could not change directory; %s\n", |
357 |
strerror(errno)); |
358 |
|
359 |
if (!exists_dir(hdn)) |
360 |
if (mkdir(hdn, S_IRUSR | S_IWUSR | S_IXUSR)) |
361 |
error("imapfilter: could not create directory %s; %s\n", hdn, |
362 |
strerror(errno)); |
363 |
|
364 |
return 0; |
365 |
} |
366 |
|
367 |
|
368 |
/* |
369 |
* Check if a file exists. |
370 |
*/ |
371 |
int exists_file(char *fname) |
372 |
{ |
373 |
struct stat fs; |
374 |
|
375 |
if (access(fname, F_OK)) |
376 |
return 0; |
377 |
|
378 |
stat(fname, &fs); |
379 |
if (!S_ISREG(fs.st_mode)) { |
380 |
error("imapfilter: file %s not a regular file\n", fname); |
381 |
return ERROR_FILE_OPEN; |
382 |
} |
383 |
return 1; |
384 |
} |
385 |
|
386 |
|
387 |
/* |
388 |
* Check if a directory exists. |
389 |
*/ |
390 |
int exists_dir(char *dname) |
391 |
{ |
392 |
struct stat ds; |
393 |
|
394 |
if (access(dname, F_OK)) |
395 |
return 0; |
396 |
|
397 |
stat(dname, &ds); |
398 |
if (!S_ISDIR(ds.st_mode)) { |
399 |
error("imapfilter: file %s not a directory\n", dname); |
400 |
return ERROR_FILE_OPEN; |
401 |
} |
402 |
return 1; |
403 |
} |
404 |
|
405 |
|
406 |
/* |
407 |
* Create a file with the specified permissions. |
408 |
*/ |
409 |
int create_file(char *fname, mode_t mode) |
410 |
{ |
411 |
int fd = 0; |
412 |
|
413 |
if (!exists_file(fname)) { |
414 |
fd = open(fname, O_CREAT | O_WRONLY | O_TRUNC, mode); |
415 |
if (fd == -1) { |
416 |
error("imapfilter: could not create file %s; %s\n", fname, |
417 |
strerror(errno)); |
418 |
return ERROR_FILE_OPEN; |
419 |
} |
420 |
close(fd); |
421 |
} |
422 |
return 0; |
423 |
} |
424 |
|
425 |
|
426 |
#ifdef CHECK_PERMISSIONS |
427 |
/* |
428 |
* Check the permissions of a file. |
429 |
*/ |
430 |
int check_file_perms(char *fname, mode_t mode) |
431 |
{ |
432 |
struct stat fs; |
433 |
|
434 |
if (stat(fname, &fs)) { |
435 |
error("imapfilter: getting file %s status; %s\n", fname, |
436 |
strerror(errno)); |
437 |
return ERROR_TRIVIAL; |
438 |
} |
439 |
if (!S_ISREG(fs.st_mode)) { |
440 |
error("imapfilter: file %s not a regular file\n", fname); |
441 |
return ERROR_TRIVIAL; |
442 |
} |
443 |
if ((fs.st_mode & 00777) != mode) { |
444 |
error("imapfilter: warning: improper file %s permissions\n" |
445 |
"imapfilter: warning: file's mode should be %o not %o\n", |
446 |
fname, mode, fs.st_mode & 00777); |
447 |
return ERROR_TRIVIAL; |
448 |
} |
449 |
return 0; |
450 |
} |
451 |
|
452 |
|
453 |
/* |
454 |
* Check the permissions of a directory. |
455 |
*/ |
456 |
int check_dir_perms(char *dname, mode_t mode) |
457 |
{ |
458 |
struct stat ds; |
459 |
|
460 |
if (stat(dname, &ds)) { |
461 |
error("imapfilter: getting file %s status; %s\n", dname, |
462 |
strerror(errno)); |
463 |
return ERROR_TRIVIAL; |
464 |
} |
465 |
if (!S_ISDIR(ds.st_mode)) { |
466 |
error("imapfilter: file %s not a directory\n", dname); |
467 |
return ERROR_TRIVIAL; |
468 |
} |
469 |
if ((ds.st_mode & 00777) != mode) { |
470 |
error("imapfilter: warning: improper dir %s permissions\n" |
471 |
"imapfilter: warning: file's mode should be %o not %o\n", |
472 |
dname, mode, ds.st_mode & 00777); |
473 |
return ERROR_TRIVIAL; |
474 |
} |
475 |
return 0; |
476 |
} |
477 |
|
478 |
#endif |