git: 9front

ref: c2da23ec701ca7537f572313ffdc8e39b72a7115
dir: /sys/src/cmd/upas/send/local.c/

View raw version
#include "common.h"
#include "send.h"

static String*
mboxpath(char *path, char *user, String *to)
{
	char buf[Pathlen];

	mboxpathbuf(buf, sizeof buf, user, path);
	return s_append(to, buf);
}

static void
mboxfile(dest *dp, String *user, String *path, char *file)
{
	char *cp;

	mboxpath(s_to_c(user), s_to_c(dp->addr), path);
	cp = strrchr(s_to_c(path), '/');
	if(cp)
		path->ptr = cp+1;
	else
		path->ptr = path->base;
	s_append(path, file);
}

/*
 * BOTCH, BOTCH
 * the problem is that we don't want to say a user exists
 * just because the user has a mail box directory.  that
 * precludes using mode bits to disable mailboxes.
 *
 * botch #1: we pretend like we know that there must be a
 * corresponding file or directory /mail/box/$user[/folder]/mbox
 * this is wrong, but we get away with this for local mail boxes.
 *
 * botch #2: since the file server and not the auth server owns
 * groups, it's not possible to get groups right.  this means that
 * a mailbox that only allows members of a group to post but
 * not read wouldn't work.
 */
static uint accesstx[] = {
[OREAD]	1<<2,
[OWRITE]	1<<1,
[ORDWR]	3<<1,
[OEXEC]	1<<0
};

static int
accessmbox(char *f, int m)
{
	int r, n;
	Dir *d;

	d = dirstat(f);
	if(d == nil)
		return -1;
	n = 0;
	if(m < nelem(accesstx))
		n = accesstx[m];
	if(d->mode & DMDIR)
		n |= OEXEC;
	r = (d->mode & n<<0) == n<<0;
//	if(r == 0 && inlist(mygids(), d->gid) == 0)
//		r = (d->mode & n<<3) == n<<3;
	if(r == 0 && strcmp(getlog(), d->uid) == 0)
		r = (d->mode & n<<6) == n<<6;
	r--;
	free(d);
	return r;
}

/*
 *  Check forwarding requests
 */
extern dest*
expand_local(dest *dp)
{
	Biobuf *fp;
	String *file, *line, *s;
	dest *rv;
	int forwardok;
	char *user;

	/* short circuit obvious security problems */
	if(strstr(s_to_c(dp->addr), "/../")){
		dp->status = d_unknown;
		return 0;
	}

	/* isolate user's name if part of a path */
	user = strrchr(s_to_c(dp->addr), '!');
	if(user)
		user++;
	else
		user = s_to_c(dp->addr);

	/* if no replacement string, plug in user's name */
	if(dp->repl1 == 0){
		dp->repl1 = s_new();
		mboxpath("mbox", user, dp->repl1);
	}

	s = unescapespecial(s_clone(dp->repl1));

	/*
	 *  if this is the descendant of a `forward' file, don't
	 *  look for a forward.
	 */
	forwardok = 1;
	for(rv = dp->parent; rv; rv = rv->parent)
		if(rv->status == d_cat){
			forwardok = 0;
			break;
		}
	file = s_new();
	if(forwardok){
		/*
		 *  look for `forward' file for forwarding address(es)
		 */
		mboxfile(dp, s, file, "forward");
		fp = sysopen(s_to_c(file), "r", 0);
		if (fp != 0) {
			line = s_new();
			for(;;){
				if(s_read_line(fp, line) == nil)
					break;
				if(*(line->ptr - 1) != '\n')
					break;
				if(*(line->ptr - 2) == '\\')
					*(line->ptr-2) = ' ';
				*(line->ptr-1) = ' ';
			}
			sysclose(fp);
			if(debug)
				fprint(2, "forward = %s\n", s_to_c(line));
			rv = s_to_dest(s_restart(line), dp);
			s_free(line);
			if(rv){
				s_free(file);
				s_free(s);
				return rv;
			}
		}
	}

	/*
	 *  look for a 'pipe' file.  This won't work if there are
	 *  special characters in the account name since the file
	 *  name passes through a shell.  tdb.
	 */
	mboxfile(dp, dp->repl1, s_reset(file), "pipeto");
	if(access(s_to_c(file), AEXEC) == 0){
		if(debug)
			fprint(2, "found a pipeto file\n");
		dp->status = d_pipeto;
		line = s_new();
		s_append(line, "upasname='");
		s_append(line, user);
		s_append(line, "' ");
		s_append(line, s_to_c(file));
		s_append(line, " ");
		s_append(line, s_to_c(dp->addr));
		s_append(line, " ");
		s_append(line, s_to_c(dp->repl1));
		s_free(dp->repl1);
		dp->repl1 = line;
		s_free(file);
		s_free(s);
		return dp;
	}

	/*
	 *  see if the mailbox directory exists
	 */
	mboxfile(dp, s, s_reset(file), "mbox");
	if(accessmbox(s_to_c(file), OWRITE) != -1)
		dp->status = d_cat;
	else
		dp->status = d_unknown;
	s_free(file);
	s_free(s);
	return 0;
}