platform/external/busybox.git - Unnamed repository; edit this file 'description' to name the repository.

1 /* vi: set sw=4 ts=4: */
2 /*
3  * bare bones sendmail
4  *
5  * Copyright (C) 2008 by Vladimir Dronnikov <dronnikov@gmail.com>
6  *
7  * Licensed under GPLv2, see file LICENSE in this source tree.
8  */
9
10 //kbuild:lib-$(CONFIG_SENDMAIL) += sendmail.o mail.o
11
12 //usage:#define sendmail_trivial_usage
13 //usage:       "[OPTIONS] [RECIPIENT_EMAIL]..."
14 //usage:#define sendmail_full_usage "\n\n"
15 //usage:       "Read email from stdin and send it\n"
16 //usage:     "\nStandard options:"
17 //usage:     "\n	-t		Read additional recipients from message body"
18 //usage:     "\n	-f SENDER	Sender (required)"
19 //usage:     "\n	-o OPTIONS	Various options. -oi implied, others are ignored"
20 //usage:     "\n	-i		-oi synonym. implied and ignored"
21 //usage:     "\n"
22 //usage:     "\nBusybox specific options:"
23 //usage:     "\n	-v		Verbose"
24 //usage:     "\n	-w SECS		Network timeout"
25 //usage:     "\n	-H 'PROG ARGS'	Run connection helper"
26 //usage:     "\n			Examples:"
27 //usage:     "\n			-H 'exec openssl s_client -quiet -tls1 -starttls smtp"
28 //usage:     "\n				-connect smtp.gmail.com:25' <email.txt"
29 //usage:     "\n				[4<username_and_passwd.txt | -auUSER -apPASS]"
30 //usage:     "\n			-H 'exec openssl s_client -quiet -tls1"
31 //usage:     "\n				-connect smtp.gmail.com:465' <email.txt"
32 //usage:     "\n				[4<username_and_passwd.txt | -auUSER -apPASS]"
33 //usage:     "\n	-S HOST[:PORT]	Server"
34 //usage:     "\n	-auUSER		Username for AUTH LOGIN"
35 //usage:     "\n	-apPASS 	Password for AUTH LOGIN"
36 ////usage:     "\n	-amMETHOD	Authentication method. Ignored. LOGIN is implied"
37 //usage:     "\n"
38 //usage:     "\nOther options are silently ignored; -oi -t is implied"
39 //usage:	IF_MAKEMIME(
40 //usage:     "\nUse makemime to create emails with attachments"
41 //usage:	)
42
43 #include "libbb.h"
44 #include "mail.h"
45
46 // limit maximum allowed number of headers to prevent overflows.
47 // set to 0 to not limit
48 #define MAX_HEADERS 256
49
50 static void send_r_n(const char *s)
51 {
52 	if (verbose)
53 		bb_error_msg("send:'%s'", s);
54 	printf("%s\r\n", s);
55 }
56
57 static int smtp_checkp(const char *fmt, const char *param, int code)
58 {
59 	char *answer;
60 	char *msg = send_mail_command(fmt, param);
61 	// read stdin
62 	// if the string has a form NNN- -- read next string. E.g. EHLO response
63 	// parse first bytes to a number
64 	// if code = -1 then just return this number
65 	// if code != -1 then checks whether the number equals the code
66 	// if not equal -> die saying msg
67 	while ((answer = xmalloc_fgetline(stdin)) != NULL) {
68 		if (verbose)
69 			bb_error_msg("recv:'%.*s'", (int)(strchrnul(answer, '\r') - answer), answer);
70 		if (strlen(answer) <= 3 || '-' != answer[3])
71 			break;
72 		free(answer);
73 	}
74 	if (answer) {
75 		int n = atoi(answer);
76 		if (timeout)
77 			alarm(0);
78 		free(answer);
79 		if (-1 == code || n == code) {
80 			free(msg);
81 			return n;
82 		}
83 	}
84 	bb_error_msg_and_die("%s failed", msg);
85 }
86
87 static int smtp_check(const char *fmt, int code)
88 {
89 	return smtp_checkp(fmt, NULL, code);
90 }
91
92 // strip argument of bad chars
93 static char *sane_address(char *str)
94 {
95 	char *s;
96
97 	trim(str);
98 	s = str;
99 	while (*s) {
100 		if (!isalnum(*s) && !strchr("_-.@", *s)) {
101 			bb_error_msg("bad address '%s'", str);
102 			/* returning "": */
103 			str[0] = '\0';
104 			return str;
105 		}
106 		s++;
107 	}
108 	return str;
109 }
110
111 // check for an address inside angle brackets, if not found fall back to normal
112 static char *angle_address(char *str)
113 {
114 	char *s, *e;
115
116 	trim(str);
117 	e = last_char_is(str, '>');
118 	if (e) {
119 		s = strrchr(str, '<');
120 		if (s) {
121 			*e = '\0';
122 			str = s + 1;
123 		}
124 	}
125 	return sane_address(str);
126 }
127
128 static void rcptto(const char *s)
129 {
130 	if (!*s)
131 		return;
132 	// N.B. we don't die if recipient is rejected, for the other recipients may be accepted
133 	if (250 != smtp_checkp("RCPT TO:<%s>", s, -1))
134 		bb_error_msg("Bad recipient: <%s>", s);
135 }
136
137 // send to a list of comma separated addresses
138 static void rcptto_list(const char *list)
139 {
140 	char *str = xstrdup(list);
141 	char *s = str;
142 	char prev = 0;
143 	int in_quote = 0;
144
145 	while (*s) {
146 		char ch = *s++;
147
148 		if (ch == '"' && prev != '\\') {
149 			in_quote = !in_quote;
150 		} else if (!in_quote && ch == ',') {
151 			s[-1] = '\0';
152 			rcptto(angle_address(str));
153 			str = s;
154 		}
155 		prev = ch;
156 	}
157 	if (prev != ',')
158 		rcptto(angle_address(str));
159 	free(str);
160 }
161
162 int sendmail_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
163 int sendmail_main(int argc UNUSED_PARAM, char **argv)
164 {
165 	char *opt_connect = opt_connect;
166 	char *opt_from;
167 	char *s;
168 	llist_t *list = NULL;
169 	char *host = sane_address(safe_gethostname());
170 	unsigned nheaders = 0;
171 	int code;
172 	enum {
173 		HDR_OTHER = 0,
174 		HDR_TOCC,
175 		HDR_BCC,
176 	} last_hdr = 0;
177 	int check_hdr;
178 	int has_to = 0;
179
180 	enum {
181 	//--- standard options
182 		OPT_t = 1 << 0,         // read message for recipients, append them to those on cmdline
183 		OPT_f = 1 << 1,         // sender address
184 		OPT_o = 1 << 2,         // various options. -oi IMPLIED! others are IGNORED!
185 		OPT_i = 1 << 3,         // IMPLIED!
186 	//--- BB specific options
187 		OPT_w = 1 << 4,         // network timeout
188 		OPT_H = 1 << 5,         // use external connection helper
189 		OPT_S = 1 << 6,         // specify connection string
190 		OPT_a = 1 << 7,         // authentication tokens
191 		OPT_v = 1 << 8,         // verbosity
192 	};
193
194 	// init global variables
195 	INIT_G();
196
197 	// save initial stdin since body is piped!
198 	xdup2(STDIN_FILENO, 3);
199 	G.fp0 = xfdopen_for_read(3);
200
201 	// parse options
202 	// -v is a counter, -f is required. -H and -S are mutually exclusive, -a is a list
203 	opt_complementary = "vv:f:w+:H--S:S--H:a::";
204 	// N.B. since -H and -S are mutually exclusive they do not interfere in opt_connect
205 	// -a is for ssmtp (http://downloads.openwrt.org/people/nico/man/man8/ssmtp.8.html) compatibility,
206 	// it is still under development.
207 	opts = getopt32(argv, "tf:o:iw:H:S:a::v", &opt_from, NULL,
208 			&timeout, &opt_connect, &opt_connect, &list, &verbose);
209 	//argc -= optind;
210 	argv += optind;
211
212 	// process -a[upm]<token> options
213 	if ((opts & OPT_a) && !list)
214 		bb_show_usage();
215 	while (list) {
216 		char *a = (char *) llist_pop(&list);
217 		if ('u' == a[0])
218 			G.user = xstrdup(a+1);
219 		if ('p' == a[0])
220 			G.pass = xstrdup(a+1);
221 		// N.B. we support only AUTH LOGIN so far
222 		//if ('m' == a[0])
223 		//	G.method = xstrdup(a+1);
224 	}
225 	// N.B. list == NULL here
226 	//bb_info_msg("OPT[%x] AU[%s], AP[%s], AM[%s], ARGV[%s]", opts, au, ap, am, *argv);
227
228 	// connect to server
229
230 	// connection helper ordered? ->
231 	if (opts & OPT_H) {
232 		const char *args[] = { "sh", "-c", opt_connect, NULL };
233 		// plug it in
234 		launch_helper(args);
235 		// Now:
236 		// our stdout will go to helper's stdin,
237 		// helper's stdout will be available on our stdin.
238
239 		// Wait for initial server message.
240 		// If helper (such as openssl) invokes STARTTLS, the initial 220
241 		// is swallowed by helper (and not repeated after TLS is initiated).
242 		// We will send NOOP cmd to server and check the response.
243 		// We should get 220+250 on plain connection, 250 on STARTTLSed session.
244 		//
245 		// The problem here is some servers delay initial 220 message,
246 		// and consider client to be a spammer if it starts sending cmds
247 		// before 220 reached it. The code below is unsafe in this regard:
248 		// in non-STARTTLSed case, we potentially send NOOP before 220
249 		// is sent by server.
250 		// Ideas? (--delay SECS opt? --assume-starttls-helper opt?)
251 		code = smtp_check("NOOP", -1);
252 		if (code == 220)
253 			// we got 220 - this is not STARTTLSed connection,
254 			// eat 250 response to our NOOP
255 			smtp_check(NULL, 250);
256 		else
257 		if (code != 250)
258 			bb_error_msg_and_die("SMTP init failed");
259 	} else {
260 		// vanilla connection
261 		int fd;
262 		// host[:port] not explicitly specified? -> use $SMTPHOST
263 		// no $SMTPHOST? -> use localhost
264 		if (!(opts & OPT_S)) {
265 			opt_connect = getenv("SMTPHOST");
266 			if (!opt_connect)
267 				opt_connect = (char *)"127.0.0.1";
268 		}
269 		// do connect
270 		fd = create_and_connect_stream_or_die(opt_connect, 25);
271 		// and make ourselves a simple IO filter
272 		xmove_fd(fd, STDIN_FILENO);
273 		xdup2(STDIN_FILENO, STDOUT_FILENO);
274
275 		// Wait for initial server 220 message
276 		smtp_check(NULL, 220);
277 	}
278
279 	// we should start with modern EHLO
280 	if (250 != smtp_checkp("EHLO %s", host, -1))
281 		smtp_checkp("HELO %s", host, 250);
282 	free(host);
283
284 	// perform authentication
285 	if (opts & OPT_a) {
286 		smtp_check("AUTH LOGIN", 334);
287 		// we must read credentials unless they are given via -a[up] options
288 		if (!G.user || !G.pass)
289 			get_cred_or_die(4);
290 		encode_base64(NULL, G.user, NULL);
291 		smtp_check("", 334);
292 		encode_base64(NULL, G.pass, NULL);
293 		smtp_check("", 235);
294 	}
295
296 	// set sender
297 	// N.B. we have here a very loosely defined algorythm
298 	// since sendmail historically offers no means to specify secrets on cmdline.
299 	// 1) server can require no authentication ->
300 	//	we must just provide a (possibly fake) reply address.
301 	// 2) server can require AUTH ->
302 	//	we must provide valid username and password along with a (possibly fake) reply address.
303 	//	For the sake of security username and password are to be read either from console or from a secured file.
304 	//	Since reading from console may defeat usability, the solution is either to read from a predefined
305 	//	file descriptor (e.g. 4), or again from a secured file.
306
307 	// got no sender address? -> use system username as a resort
308 	// N.B. we marked -f as required option!
309 	//if (!G.user) {
310 	//	// N.B. IMHO getenv("USER") can be way easily spoofed!
311 	//	G.user = xuid2uname(getuid());
312 	//	opt_from = xasprintf("%s@%s", G.user, domain);
313 	//}
314 	smtp_checkp("MAIL FROM:<%s>", opt_from, 250);
315
316 	// process message
317
318 	// read recipients from message and add them to those given on cmdline.
319 	// this means we scan stdin for To:, Cc:, Bcc: lines until an empty line
320 	// and then use the rest of stdin as message body
321 	code = 0; // set "analyze headers" mode
322 	while ((s = xmalloc_fgetline(G.fp0)) != NULL) {
323  dump:
324 		// put message lines doubling leading dots
325 		if (code) {
326 			// escape leading dots
327 			// N.B. this feature is implied even if no -i (-oi) switch given
328 			// N.B. we need to escape the leading dot regardless of
329 			// whether it is single or not character on the line
330 			if ('.' == s[0] /*&& '\0' == s[1] */)
331 				printf(".");
332 			// dump read line
333 			send_r_n(s);
334 			free(s);
335 			continue;
336 		}
337
338 		// analyze headers
339 		// To: or Cc: headers add recipients
340 		check_hdr = (0 == strncasecmp("To:", s, 3));
341 		has_to |= check_hdr;
342 		if (opts & OPT_t) {
343 			if (check_hdr || 0 == strncasecmp("Bcc:" + 1, s, 3)) {
344 				rcptto_list(s+3);
345 				last_hdr = HDR_TOCC;
346 				goto addheader;
347 			}
348 			// Bcc: header adds blind copy (hidden) recipient
349 			if (0 == strncasecmp("Bcc:", s, 4)) {
350 				rcptto_list(s+4);
351 				free(s);
352 				last_hdr = HDR_BCC;
353 				continue; // N.B. Bcc: vanishes from headers!
354 			}
355 		}
356 		check_hdr = (list && isspace(s[0]));
357 		if (strchr(s, ':') || check_hdr) {
358 			// other headers go verbatim
359 			// N.B. RFC2822 2.2.3 "Long Header Fields" allows for headers to occupy several lines.
360 			// Continuation is denoted by prefixing additional lines with whitespace(s).
361 			// Thanks (stefan.seyfried at googlemail.com) for pointing this out.
362 			if (check_hdr && last_hdr != HDR_OTHER) {
363 				rcptto_list(s+1);
364 				if (last_hdr == HDR_BCC)
365 					continue;
366 					// N.B. Bcc: vanishes from headers!
367 			} else {
368 				last_hdr = HDR_OTHER;
369 			}
370  addheader:
371 			// N.B. we allow MAX_HEADERS generic headers at most to prevent attacks
372 			if (MAX_HEADERS && ++nheaders >= MAX_HEADERS)
373 				goto bail;
374 			llist_add_to_end(&list, s);
375 		} else {
376 			// a line without ":" (an empty line too, by definition) doesn't look like a valid header
377 			// so stop "analyze headers" mode
378  reenter:
379 			// put recipients specified on cmdline
380 			check_hdr = 1;
381 			while (*argv) {
382 				char *t = sane_address(*argv);
383 				rcptto(t);
384 				//if (MAX_HEADERS && ++nheaders >= MAX_HEADERS)
385 				//	goto bail;
386 				if (!has_to) {
387 					const char *hdr;
388
389 					if (check_hdr && argv[1])
390 						hdr = "To: %s,";
391 					else if (check_hdr)
392 						hdr = "To: %s";
393 					else if (argv[1])
394 						hdr = "To: %s," + 3;
395 					else
396 						hdr = "To: %s" + 3;
397 					llist_add_to_end(&list,
398 							xasprintf(hdr, t));
399 					check_hdr = 0;
400 				}
401 				argv++;
402 			}
403 			// enter "put message" mode
404 			// N.B. DATA fails iff no recipients were accepted (or even provided)
405 			// in this case just bail out gracefully
406 			if (354 != smtp_check("DATA", -1))
407 				goto bail;
408 			// dump the headers
409 			while (list) {
410 				send_r_n((char *) llist_pop(&list));
411 			}
412 			// stop analyzing headers
413 			code++;
414 			// N.B. !s means: we read nothing, and nothing to be read in the future.
415 			// just dump empty line and break the loop
416 			if (!s) {
417 				send_r_n("");
418 				break;
419 			}
420 			// go dump message body
421 			// N.B. "s" already contains the first non-header line, so pretend we read it from input
422 			goto dump;
423 		}
424 	}
425 	// odd case: we didn't stop "analyze headers" mode -> message body is empty. Reenter the loop
426 	// N.B. after reenter code will be > 0
427 	if (!code)
428 		goto reenter;
429
430 	// finalize the message
431 	smtp_check(".", 250);
432  bail:
433 	// ... and say goodbye
434 	smtp_check("QUIT", 221);
435 	// cleanup
436 	if (ENABLE_FEATURE_CLEAN_UP)
437 		fclose(G.fp0);
438
439 	return EXIT_SUCCESS;
440 }
441
1	/* vi: set sw=4 ts=4: */
2	/*
3	* bare bones sendmail
4	*
5	* Copyright (C) 2008 by Vladimir Dronnikov <dronnikov@gmail.com>
6	*
7	* Licensed under GPLv2, see file LICENSE in this source tree.
8	*/
9
10	//kbuild:lib-$(CONFIG_SENDMAIL) += sendmail.o mail.o
11
12	//usage:#define sendmail_trivial_usage
13	//usage: "[OPTIONS] [RECIPIENT_EMAIL]..."
14	//usage:#define sendmail_full_usage "\n\n"
15	//usage: "Read email from stdin and send it\n"
16	//usage: "\nStandard options:"
17	//usage: "\n -t Read additional recipients from message body"
18	//usage: "\n -f SENDER Sender (required)"
19	//usage: "\n -o OPTIONS Various options. -oi implied, others are ignored"
20	//usage: "\n -i -oi synonym. implied and ignored"
21	//usage: "\n"
22	//usage: "\nBusybox specific options:"
23	//usage: "\n -v Verbose"
24	//usage: "\n -w SECS Network timeout"
25	//usage: "\n -H 'PROG ARGS' Run connection helper"
26	//usage: "\n Examples:"
27	//usage: "\n -H 'exec openssl s_client -quiet -tls1 -starttls smtp"
28	//usage: "\n -connect smtp.gmail.com:25' <email.txt"
29	//usage: "\n [4<username_and_passwd.txt \| -auUSER -apPASS]"
30	//usage: "\n -H 'exec openssl s_client -quiet -tls1"
31	//usage: "\n -connect smtp.gmail.com:465' <email.txt"
32	//usage: "\n [4<username_and_passwd.txt \| -auUSER -apPASS]"
33	//usage: "\n -S HOST[:PORT] Server"
34	//usage: "\n -auUSER Username for AUTH LOGIN"
35	//usage: "\n -apPASS Password for AUTH LOGIN"
36	////usage: "\n -amMETHOD Authentication method. Ignored. LOGIN is implied"
37	//usage: "\n"
38	//usage: "\nOther options are silently ignored; -oi -t is implied"
39	//usage: IF_MAKEMIME(
40	//usage: "\nUse makemime to create emails with attachments"
41	//usage: )
42
43	#include "libbb.h"
44	#include "mail.h"
45
46	// limit maximum allowed number of headers to prevent overflows.
47	// set to 0 to not limit
48	#define MAX_HEADERS 256
49
50	static void send_r_n(const char *s)
51	{
52	if (verbose)
53	bb_error_msg("send:'%s'", s);
54	printf("%s\r\n", s);
55	}
56
57	static int smtp_checkp(const char fmt, const char param, int code)
58	{
59	char *answer;
60	char *msg = send_mail_command(fmt, param);
61	// read stdin
62	// if the string has a form NNN- -- read next string. E.g. EHLO response
63	// parse first bytes to a number
64	// if code = -1 then just return this number
65	// if code != -1 then checks whether the number equals the code
66	// if not equal -> die saying msg
67	while ((answer = xmalloc_fgetline(stdin)) != NULL) {
68	if (verbose)
69	bb_error_msg("recv:'%.*s'", (int)(strchrnul(answer, '\r') - answer), answer);
70	if (strlen(answer) <= 3 \|\| '-' != answer[3])
71	break;
72	free(answer);
73	}
74	if (answer) {
75	int n = atoi(answer);
76	if (timeout)
77	alarm(0);
78	free(answer);
79	if (-1 == code \|\| n == code) {
80	free(msg);
81	return n;
82	}
83	}
84	bb_error_msg_and_die("%s failed", msg);
85	}
86
87	static int smtp_check(const char *fmt, int code)
88	{
89	return smtp_checkp(fmt, NULL, code);
90	}
91
92	// strip argument of bad chars
93	static char sane_address(char str)
94	{
95	char *s;
96
97	trim(str);
98	s = str;
99	while (*s) {
100	if (!isalnum(s) && !strchr("_-.@", s)) {
101	bb_error_msg("bad address '%s'", str);
102	/* returning "": */
103	str[0] = '\0';
104	return str;
105	}
106	s++;
107	}
108	return str;
109	}
110
111	// check for an address inside angle brackets, if not found fall back to normal
112	static char angle_address(char str)
113	{
114	char s, e;
115
116	trim(str);
117	e = last_char_is(str, '>');
118	if (e) {
119	s = strrchr(str, '<');
120	if (s) {
121	*e = '\0';
122	str = s + 1;
123	}
124	}
125	return sane_address(str);
126	}
127
128	static void rcptto(const char *s)
129	{
130	if (!*s)
131	return;
132	// N.B. we don't die if recipient is rejected, for the other recipients may be accepted
133	if (250 != smtp_checkp("RCPT TO:<%s>", s, -1))
134	bb_error_msg("Bad recipient: <%s>", s);
135	}
136
137	// send to a list of comma separated addresses
138	static void rcptto_list(const char *list)
139	{
140	char *str = xstrdup(list);
141	char *s = str;
142	char prev = 0;
143	int in_quote = 0;
144
145	while (*s) {
146	char ch = *s++;
147
148	if (ch == '"' && prev != '\\') {
149	in_quote = !in_quote;
150	} else if (!in_quote && ch == ',') {
151	s[-1] = '\0';
152	rcptto(angle_address(str));
153	str = s;
154	}
155	prev = ch;
156	}
157	if (prev != ',')
158	rcptto(angle_address(str));
159	free(str);
160	}
161
162	int sendmail_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
163	int sendmail_main(int argc UNUSED_PARAM, char **argv)
164	{
165	char *opt_connect = opt_connect;
166	char *opt_from;
167	char *s;
168	llist_t *list = NULL;
169	char *host = sane_address(safe_gethostname());
170	unsigned nheaders = 0;
171	int code;
172	enum {
173	HDR_OTHER = 0,
174	HDR_TOCC,
175	HDR_BCC,
176	} last_hdr = 0;
177	int check_hdr;
178	int has_to = 0;
179
180	enum {
181	//--- standard options
182	OPT_t = 1 << 0, // read message for recipients, append them to those on cmdline
183	OPT_f = 1 << 1, // sender address
184	OPT_o = 1 << 2, // various options. -oi IMPLIED! others are IGNORED!
185	OPT_i = 1 << 3, // IMPLIED!
186	//--- BB specific options
187	OPT_w = 1 << 4, // network timeout
188	OPT_H = 1 << 5, // use external connection helper
189	OPT_S = 1 << 6, // specify connection string
190	OPT_a = 1 << 7, // authentication tokens
191	OPT_v = 1 << 8, // verbosity
192	};
193
194	// init global variables
195	INIT_G();
196
197	// save initial stdin since body is piped!
198	xdup2(STDIN_FILENO, 3);
199	G.fp0 = xfdopen_for_read(3);
200
201	// parse options
202	// -v is a counter, -f is required. -H and -S are mutually exclusive, -a is a list
203	opt_complementary = "vv:f:w+:H--S:S--H:a::";
204	// N.B. since -H and -S are mutually exclusive they do not interfere in opt_connect
205	// -a is for ssmtp (http://downloads.openwrt.org/people/nico/man/man8/ssmtp.8.html) compatibility,
206	// it is still under development.
207	opts = getopt32(argv, "tf:o:iw:H:S:a::v", &opt_from, NULL,
208	&timeout, &opt_connect, &opt_connect, &list, &verbose);
209	//argc -= optind;
210	argv += optind;
211
212	// process -a[upm]<token> options
213	if ((opts & OPT_a) && !list)
214	bb_show_usage();
215	while (list) {
216	char a = (char ) llist_pop(&list);
217	if ('u' == a[0])
218	G.user = xstrdup(a+1);
219	if ('p' == a[0])
220	G.pass = xstrdup(a+1);
221	// N.B. we support only AUTH LOGIN so far
222	//if ('m' == a[0])
223	// G.method = xstrdup(a+1);
224	}
225	// N.B. list == NULL here
226	//bb_info_msg("OPT[%x] AU[%s], AP[%s], AM[%s], ARGV[%s]", opts, au, ap, am, *argv);
227
228	// connect to server
229
230	// connection helper ordered? ->
231	if (opts & OPT_H) {
232	const char *args[] = { "sh", "-c", opt_connect, NULL };
233	// plug it in
234	launch_helper(args);
235	// Now:
236	// our stdout will go to helper's stdin,
237	// helper's stdout will be available on our stdin.
238
239	// Wait for initial server message.
240	// If helper (such as openssl) invokes STARTTLS, the initial 220
241	// is swallowed by helper (and not repeated after TLS is initiated).
242	// We will send NOOP cmd to server and check the response.
243	// We should get 220+250 on plain connection, 250 on STARTTLSed session.
244	//
245	// The problem here is some servers delay initial 220 message,
246	// and consider client to be a spammer if it starts sending cmds
247	// before 220 reached it. The code below is unsafe in this regard:
248	// in non-STARTTLSed case, we potentially send NOOP before 220
249	// is sent by server.
250	// Ideas? (--delay SECS opt? --assume-starttls-helper opt?)
251	code = smtp_check("NOOP", -1);
252	if (code == 220)
253	// we got 220 - this is not STARTTLSed connection,
254	// eat 250 response to our NOOP
255	smtp_check(NULL, 250);
256	else
257	if (code != 250)
258	bb_error_msg_and_die("SMTP init failed");
259	} else {
260	// vanilla connection
261	int fd;
262	// host[:port] not explicitly specified? -> use $SMTPHOST
263	// no $SMTPHOST? -> use localhost
264	if (!(opts & OPT_S)) {
265	opt_connect = getenv("SMTPHOST");
266	if (!opt_connect)
267	opt_connect = (char *)"127.0.0.1";
268	}
269	// do connect
270	fd = create_and_connect_stream_or_die(opt_connect, 25);
271	// and make ourselves a simple IO filter
272	xmove_fd(fd, STDIN_FILENO);
273	xdup2(STDIN_FILENO, STDOUT_FILENO);
274
275	// Wait for initial server 220 message
276	smtp_check(NULL, 220);
277	}
278
279	// we should start with modern EHLO
280	if (250 != smtp_checkp("EHLO %s", host, -1))
281	smtp_checkp("HELO %s", host, 250);
282	free(host);
283
284	// perform authentication
285	if (opts & OPT_a) {
286	smtp_check("AUTH LOGIN", 334);
287	// we must read credentials unless they are given via -a[up] options
288	if (!G.user \|\| !G.pass)
289	get_cred_or_die(4);
290	encode_base64(NULL, G.user, NULL);
291	smtp_check("", 334);
292	encode_base64(NULL, G.pass, NULL);
293	smtp_check("", 235);
294	}
295
296	// set sender
297	// N.B. we have here a very loosely defined algorythm
298	// since sendmail historically offers no means to specify secrets on cmdline.
299	// 1) server can require no authentication ->
300	// we must just provide a (possibly fake) reply address.
301	// 2) server can require AUTH ->
302	// we must provide valid username and password along with a (possibly fake) reply address.
303	// For the sake of security username and password are to be read either from console or from a secured file.
304	// Since reading from console may defeat usability, the solution is either to read from a predefined
305	// file descriptor (e.g. 4), or again from a secured file.
306
307	// got no sender address? -> use system username as a resort
308	// N.B. we marked -f as required option!
309	//if (!G.user) {
310	// // N.B. IMHO getenv("USER") can be way easily spoofed!
311	// G.user = xuid2uname(getuid());
312	// opt_from = xasprintf("%s@%s", G.user, domain);
313	//}
314	smtp_checkp("MAIL FROM:<%s>", opt_from, 250);
315
316	// process message
317
318	// read recipients from message and add them to those given on cmdline.
319	// this means we scan stdin for To:, Cc:, Bcc: lines until an empty line
320	// and then use the rest of stdin as message body
321	code = 0; // set "analyze headers" mode
322	while ((s = xmalloc_fgetline(G.fp0)) != NULL) {
323	dump:
324	// put message lines doubling leading dots
325	if (code) {
326	// escape leading dots
327	// N.B. this feature is implied even if no -i (-oi) switch given
328	// N.B. we need to escape the leading dot regardless of
329	// whether it is single or not character on the line
330	if ('.' == s[0] /&& '\0' == s[1] /)
331	printf(".");
332	// dump read line
333	send_r_n(s);
334	free(s);
335	continue;
336	}
337
338	// analyze headers
339	// To: or Cc: headers add recipients
340	check_hdr = (0 == strncasecmp("To:", s, 3));
341	has_to \|= check_hdr;
342	if (opts & OPT_t) {
343	if (check_hdr \|\| 0 == strncasecmp("Bcc:" + 1, s, 3)) {
344	rcptto_list(s+3);
345	last_hdr = HDR_TOCC;
346	goto addheader;
347	}
348	// Bcc: header adds blind copy (hidden) recipient
349	if (0 == strncasecmp("Bcc:", s, 4)) {
350	rcptto_list(s+4);
351	free(s);
352	last_hdr = HDR_BCC;
353	continue; // N.B. Bcc: vanishes from headers!
354	}
355	}
356	check_hdr = (list && isspace(s[0]));
357	if (strchr(s, ':') \|\| check_hdr) {
358	// other headers go verbatim
359	// N.B. RFC2822 2.2.3 "Long Header Fields" allows for headers to occupy several lines.
360	// Continuation is denoted by prefixing additional lines with whitespace(s).
361	// Thanks (stefan.seyfried at googlemail.com) for pointing this out.
362	if (check_hdr && last_hdr != HDR_OTHER) {
363	rcptto_list(s+1);
364	if (last_hdr == HDR_BCC)
365	continue;
366	// N.B. Bcc: vanishes from headers!
367	} else {
368	last_hdr = HDR_OTHER;
369	}
370	addheader:
371	// N.B. we allow MAX_HEADERS generic headers at most to prevent attacks
372	if (MAX_HEADERS && ++nheaders >= MAX_HEADERS)
373	goto bail;
374	llist_add_to_end(&list, s);
375	} else {
376	// a line without ":" (an empty line too, by definition) doesn't look like a valid header
377	// so stop "analyze headers" mode
378	reenter:
379	// put recipients specified on cmdline
380	check_hdr = 1;
381	while (*argv) {
382	char t = sane_address(argv);
383	rcptto(t);
384	//if (MAX_HEADERS && ++nheaders >= MAX_HEADERS)
385	// goto bail;
386	if (!has_to) {
387	const char *hdr;
388
389	if (check_hdr && argv[1])
390	hdr = "To: %s,";
391	else if (check_hdr)
392	hdr = "To: %s";
393	else if (argv[1])
394	hdr = "To: %s," + 3;
395	else
396	hdr = "To: %s" + 3;
397	llist_add_to_end(&list,
398	xasprintf(hdr, t));
399	check_hdr = 0;
400	}
401	argv++;
402	}
403	// enter "put message" mode
404	// N.B. DATA fails iff no recipients were accepted (or even provided)
405	// in this case just bail out gracefully
406	if (354 != smtp_check("DATA", -1))
407	goto bail;
408	// dump the headers
409	while (list) {
410	send_r_n((char *) llist_pop(&list));
411	}
412	// stop analyzing headers
413	code++;
414	// N.B. !s means: we read nothing, and nothing to be read in the future.
415	// just dump empty line and break the loop
416	if (!s) {
417	send_r_n("");
418	break;
419	}
420	// go dump message body
421	// N.B. "s" already contains the first non-header line, so pretend we read it from input
422	goto dump;
423	}
424	}
425	// odd case: we didn't stop "analyze headers" mode -> message body is empty. Reenter the loop
426	// N.B. after reenter code will be > 0
427	if (!code)
428	goto reenter;
429
430	// finalize the message
431	smtp_check(".", 250);
432	bail:
433	// ... and say goodbye
434	smtp_check("QUIT", 221);
435	// cleanup
436	if (ENABLE_FEATURE_CLEAN_UP)
437	fclose(G.fp0);
438
439	return EXIT_SUCCESS;
440	}
441