view src/group.c @ 500:614a3177b15c noffle tip

Add mail-from option. Some modern mail systems will try and ensure the sender email is a legitimate address. Which will fail if there isn't such an address.
author Jim Hague <jim.hague@acm.org>
date Wed, 14 Aug 2013 12:04:39 +0100
parents ff7a2dc6023e
children
line wrap: on
line source

/*
  group.c

  The group database resides in groupinfo.gdbm and stores all we know about
  the groups we know of. One database record is cached in the global struct
  grp. Group information is transfered between the grp and the database by
  loadGrp() and saveGrp(). This is done transparently. Access to the groups
  database is done by group name, by the functions defined in group.h.        

  $Id: group.c 466 2003-02-26 11:30:41Z bears $
*/

#if HAVE_CONFIG_H
#include <config.h>
#endif

#include <stdio.h>
#include <gdbm.h>
#include <errno.h>
#include <fcntl.h>
#include <sys/stat.h>
#include "configfile.h"
#include "wildmat.h"
#include "group.h"
#include "log.h"
#include "util.h"
#include "portable.h"

/* max length of a group name: */
#define MAX_GROUPNAME 78

/* currently only used within grp */
typedef struct
{
    int first;		/* number of first article within group */
    int last;		/* number of last article within group */
    int rmtNext;
    time_t created;
    time_t lastAccess;
} Entry;

struct
{
    Str name;		/* name of the group */
    Entry entry;	/* more information about this group */
    Str serv;		/* server the group resides on */
    Str dsc;		/* description of the group */
    char postAllow;	/* Posting status */
    time_t lastPost;	/* Time last article arrived */
    GDBM_FILE dbf;
} grp = { "(no grp)", { 0, 0, 0, 0, 0 }, "", "", ' ', (time_t) 0, NULL };

/*
  Note: postAllow and lastPost should really go in Entry. But
  changing Entry would make backwards group file format capability
  tricky, so they go where they are, and we test the length of the
  retrieved record to determine if they exist.

  Someday if we really change the record format this should be tidied up.
 */

static const char *
errMsg( void )
{
    if ( errno != 0 )
        return strerror( errno );
    return gdbm_strerror( gdbm_errno );
}

/*
  Some newsgroups names are reserved for server-specific or server
  pseudo groups. We don't want to fetch them. For example, INN
  keeps all its control messages in a 'control' hierarchy, and
  used the "to." hierarchy for dark and mysterious purposes I think
  are to do with newsfeeds. The recommended restrictions are documented
  in C.Lindsay, "News Article Format", <draft-ietf-usefor-article-08.txt>.

  Given that we shouldn't fetch them, it's also best if we don't allow them
  to be created locally, to avoid potential confusion with downstream
  readers/servers.

  That being said, the draft also specifies restrictions on the character
  set. Enforcing these generally would mean treating the name as
  UTF-8 and inspecting for forbidden character ranges. This is left as
  an exercise for the reader; for the meantime, Noffle will simply
  apply the few remaining naming restrictions.
*/
struct ForbiddenGroupName
{
    const char *pattern;
    Bool match;				/* TRUE if match means 'invalid group name' */
} forbiddenGroupNames[] =
{
#if 0
	/*
	  This is a tricky one. Single component newsgroups should be
	  restricted to a local server or a LAN, and the draft highlights
	  several single-component names which are typically pseudo-groups.
	  Previously we've forbidden single component groups, but this is
	  perhaps too harsh; you should be able to use Noffle to host them
	  and pass them around other Noffles on the same LAN. So change to
	  allowing single component names....
	*/
    { "*.*", FALSE },                   /* Single component */
#else
	/* .. but forbidding the ones flagged as pseudo-groups in the draft */
	{"control", TRUE },
	{"junk", TRUE },
	{"poster", TRUE },
#endif	
    { "control.*", TRUE },              /* control.* groups */
    { "to.*", TRUE },                   /* to.* groups */
    { "*.all", TRUE },                  /* 'all' as a component */
    { "*.all.*", TRUE },
    { "all.*", TRUE },
    { "*.ctl", TRUE },                  /* 'ctl' as a component */
    { "*.ctl.*", TRUE },
    { "ctl.*", TRUE },
    { "example.*", TRUE },              /* example.* groups */
    { "*,*", TRUE },                    /* newsgroups separator */
#if 0
	/* Not sure who decided this should be allowed, but leave it be. */
	{ "_*", TRUE },						/* reserved for future use, but accept nevertheless */
#endif	
    { "+*", TRUE },                     /* reserved */
    { "-*", TRUE }
};

Bool
Grp_open( void )
{
    Str name;
    int flags;

    ASSERT( grp.dbf == NULL );
    snprintf( name, MAXCHAR, "%s/data/groupinfo.gdbm", Cfg_spoolDir() );
    flags = GDBM_WRCREAT | GDBM_FAST;
    if ( ! ( grp.dbf = gdbm_open( name, 512, flags, 0644, Log_gdbm_fatal ) ) )
    {
        Log_err( "Error opening %s for r/w (%s)", errMsg() );
        return FALSE;
    }
    Log_dbg( LOG_DBG_NEWSBASE, "%s opened for r/w", name );
    return TRUE;
}

void
Grp_close( void )
{
    ASSERT( grp.dbf );
    Log_dbg( LOG_DBG_NEWSBASE, "Closing groupinfo" );
    gdbm_close( grp.dbf );
    grp.dbf = NULL;
    Utl_cpyStr( grp.name, "" );
}

/*
 * Load group info from gdbm-database into global struct grp
 *
 * Note use of memcpy when packing buffer; avoids pointer alignment
 * problems.
 */
static Bool
loadGrp( const char *name )
{
    const char *p;
    datum key, val;

    ASSERT( grp.dbf );
    if ( strcmp( grp.name, name ) == 0 )
         return TRUE;
    key.dptr = (void *)name;
    key.dsize = strlen( name ) + 1;
    val = gdbm_fetch( grp.dbf, key );
    if ( val.dptr == NULL )
        return FALSE;
    memcpy( &grp.entry, val.dptr, sizeof( grp.entry ) );
    p = val.dptr + sizeof( grp.entry );
    Utl_cpyStr( grp.serv, p );
    p += strlen( p ) + 1;
    Utl_cpyStr( grp.dsc, p );
    p += strlen( p) + 1;

    /*
     * Extension items. Initialise to default first.
     * We default to allowing posting, and the time
     * of the last post being a second before the last
     * access.
     */
    grp.postAllow = 'y';
    grp.lastPost = grp.entry.lastAccess - 1;
    
    if ( p - val.dptr < val.dsize )
    {
	grp.postAllow = p[ 0 ];
	p++;
	if ( p - val.dptr < val.dsize )
	    memcpy( &grp.lastPost, p, sizeof( grp.lastPost ) );
    }

    Utl_cpyStr( grp.name, name );
    free( val.dptr );
    return TRUE;
}

/*
 * Save group info from global struct grp into gdbm-database
 *
 * Note use of memcpy when packing buffer; avoids pointer alignment
 * problems.
 */
static void
saveGrp( void )
{
    size_t lenServ, lenDsc, bufLen;
    datum key, val;
    void *buf;
    char *p;

    ASSERT( grp.dbf );
    lenServ = strlen( grp.serv );
    lenDsc = strlen( grp.dsc );
    bufLen =
	sizeof( grp.entry ) + lenServ + lenDsc + 2
	+ sizeof( char ) + sizeof( time_t );
    buf = malloc( bufLen );
    memcpy( buf, &grp.entry, sizeof( grp.entry ) );
    p = (char *)buf + sizeof( grp.entry );
    strcpy( p, grp.serv );
    p += lenServ + 1;
    strcpy( p, grp.dsc );
    p += lenDsc + 1;
    p[ 0 ] = grp.postAllow;
    p++;
    memcpy( p, &grp.lastPost, sizeof( grp.lastPost ) );
    key.dptr = (void *)grp.name;
    key.dsize = strlen( grp.name ) + 1;
    val.dptr = buf;
    val.dsize = bufLen;
    if ( gdbm_store( grp.dbf, key, val, GDBM_REPLACE ) != 0 )
        Log_err( "Could not save group %s: %s", errMsg() );
    free( buf );
}

Bool
Grp_exists( const char *name )
{
    datum key;

    ASSERT( grp.dbf );
    key.dptr = (void*)name;
    key.dsize = strlen( name ) + 1;
    return gdbm_exists( grp.dbf, key );
}

Bool
Grp_local( const char *name )
{
    if ( ! loadGrp( name ) )
        return 0;
    return ( strcmp( grp.serv, GRP_LOCAL_SERVER_NAME ) == 0 );
}

void
Grp_create( const char *name )
{
    Utl_cpyStr( grp.name, name );
    Utl_cpyStr( grp.serv, "(unknown)" );
    grp.dsc[ 0 ] = '\0';
    grp.entry.first = 1;
    grp.entry.last = 0;
    grp.entry.rmtNext = GRP_RMT_NEXT_NOT_SUBSCRIBED;
    grp.entry.created = time( NULL );
    grp.entry.lastAccess = 0;
    grp.postAllow = 'y';
    saveGrp();
}

void
Grp_delete( const char *name )
{
    datum key;

    ASSERT( grp.dbf );
    key.dptr = (void*)name;
    key.dsize = strlen( name ) + 1;
    gdbm_delete( grp.dbf, key );
}

const char *
Grp_dsc( const char *name )
{
    if ( ! loadGrp( name ) )
        return NULL;
    return grp.dsc;
}

const char *
Grp_server( const char *name )
{
    static Str serv = "";

    if ( ! loadGrp( name ) )
        return "[unknown grp]";
    if ( Cfg_servListContains( grp.serv )
         || Grp_local( name ) )
        Utl_cpyStr( serv, grp.serv );
    else
        snprintf( serv, MAXCHAR, "[%s]", grp.serv );
    return serv;
}

int
Grp_first( const char *name )
{
    if ( ! loadGrp( name ) )
        return 0;
    return grp.entry.first;
}

int
Grp_last( const char *name )
{
    if ( ! loadGrp( name ) )
        return 0;
    return grp.entry.last;
}

int
Grp_lastAccess( const char *name )
{
    if ( ! loadGrp( name ) )
        return 0;
    return grp.entry.lastAccess;
}

int
Grp_rmtNext( const char *name )
{
    if ( ! loadGrp( name ) )
        return 0;
    return grp.entry.rmtNext;
}

time_t
Grp_created( const char *name )
{
    if ( ! loadGrp( name ) )
        return 0;
    return grp.entry.created;
}

char
Grp_postAllow( const char *name )
{
    if ( ! loadGrp( name ) )
        return 0;
    return grp.postAllow;
}


time_t
Grp_lastPostTime( const char *name )
{
    if ( ! loadGrp( name ) )
        return 0;
    return grp.lastPost;
}

/* Replace group's description (only if value != ""). */
void
Grp_setDsc( const char *name, const char *value )
{
    if ( loadGrp( name ) )
    {
        Utl_cpyStr( grp.dsc, value );
        saveGrp();
    }
}

void
Grp_setLocal( const char *name )
{
    Grp_setServ( name, GRP_LOCAL_SERVER_NAME );
}

void
Grp_setServ( const char *name, const char *value )
{
    if ( loadGrp( name ) )
    {
        Utl_cpyStr( grp.serv, value );
        saveGrp();
    }
}

void
Grp_setRmtNext( const char *name, int value )
{
    if ( loadGrp( name ) )
    {
        grp.entry.rmtNext = value;
        saveGrp();
    }
}

void
Grp_setLastAccess( const char *name )
{
    if ( loadGrp( name ) )
    {
        grp.entry.lastAccess = time( NULL );
        saveGrp();
    }
}

void
Grp_setPostAllow( const char *name, char postAllow )
{
    if ( loadGrp( name ) )
    {
        grp.postAllow = postAllow;
        saveGrp();
    }
}

void
Grp_setFirstLast( const char *name, int first, int last )
{
    if ( loadGrp( name ) )
    {
        grp.entry.first = first;
        grp.entry.last = last;
        saveGrp();
    }
}

void
Grp_setLastPostTime( const char *name )
{
    if ( loadGrp( name ) )
    {
        grp.lastPost = time( NULL );
        saveGrp();
    }
}

static datum cursor = { NULL, 0 };

Bool
Grp_firstGrp( const char **name )
{
    ASSERT( grp.dbf );
    if ( cursor.dptr != NULL )
    {
        free( cursor.dptr );
        cursor.dptr = NULL;
    }
    cursor = gdbm_firstkey( grp.dbf );
    *name = cursor.dptr;
    return ( cursor.dptr != NULL );
}

Bool
Grp_nextGrp( const char **name )
{
    void *oldDptr = cursor.dptr;

    ASSERT( grp.dbf );
    if ( cursor.dptr == NULL )
        return FALSE;
    cursor = gdbm_nextkey( grp.dbf, cursor );
    free( oldDptr );
    *name = cursor.dptr;
    return ( cursor.dptr != NULL );
}

/* Group names' sanity checks. Groups with forbidden names
   can't be safely deleted or created. */
Bool
Grp_isForbiddenName( const char *name)
{
    const char *illegalchars = "\t\n\v\r /:\\";
/*  "\t\n\v\r " whitespace
    "/:\\" directory prefix (Unix, MacOS, Freedos filesystems) */
    /* Find illegal characters. */
    if ( strpbrk( name, illegalchars ) )
        return TRUE;
    /* Find '.' dot directory prefix to prevent exploits. */
    if ( name[0] == '.')  /* prevent noffle -C ../fetchlist */
        return TRUE; /* group name invalid */
    return FALSE;
}

/*
   Forbidden or restricted group names or hierarchies. Please refer to
   draft-ietf-usefor-article-06, chapter 5.5.1. Groups with invalid
   names can't be created, but can still be deleted.
 */
Bool
Grp_isValidName( const char *name)
{
    size_t i;
    int len;

    /* Groups with lengthy names like
       alt.the.lame.troll.should.be.posting.again.in.just.a.few.more.weeks.from.what.he.said
       or
       microsoft.public.windows.inetexplorer.ie55.programming.components.codedownload
       are most likely bogus groups that have been mistakenly created.
    */
    len = strlen( name );
    if ( len > MAX_GROUPNAME || len < 1 )
        return FALSE;
    
    for ( i = 0;
          i < sizeof( forbiddenGroupNames ) /
              sizeof( struct ForbiddenGroupName );
          ++i )
    {
        /* Negate result of Wld_match to ensure it is 1 or 0. */
        if ( forbiddenGroupNames[i].match !=
             ( ! Wld_match( name, forbiddenGroupNames[i].pattern ) ) )
            return FALSE;
    }
    /* no match? then assume the group is valid. */
    return TRUE;
}