sendmail: make -f optional, document its default value

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
author: Denys Vlasenko <vda.linux@googlemail.com> 2014-02-05 15:01:39 +0100
committer: Denys Vlasenko <vda.linux@googlemail.com> 2014-02-05 15:01:39 +0100
commit: 07f417b6ab92e0429f302ff6783bb9681b60120e (patch)
tree: 4d1faf78aad2c22abf6fb536f44bd24b808f6865 /mailutils/sendmail.c
parent: e4785ca653d0e219926692c229673b2c1b8d6ac4 (diff)
download: busybox-w32-07f417b6ab92e0429f302ff6783bb9681b60120e.tar.gz
busybox-w32-07f417b6ab92e0429f302ff6783bb9681b60120e.tar.bz2
busybox-w32-07f417b6ab92e0429f302ff6783bb9681b60120e.zip
1 files changed, 56 insertions, 11 deletions
diff --git a/mailutils/sendmail.c b/mailutils/sendmail.c
index b5aa1d17b..824109d99 100644
--- a/mailutils/sendmail.c
+++ b/mailutils/sendmail.c
@@ -15,7 +15,8 @@
 //usage:       "Read email from stdin and send it\n"
 //usage:     "\nStandard options:"
 //usage:     "\n        -t              Read additional recipients from message body"
-//usage:     "\n        -f SENDER       Sender (required)"
+//usage:     "\n        -f SENDER       For use in MAIL FROM:<sender>. Can be empty string"
+//usage:     "\n                        Default: -auUSER, or username of current UID"
 //usage:     "\n        -o OPTIONS      Various options. -oi implied, others are ignored"
 //usage:     "\n        -i              -oi synonym. implied and ignored"
 //usage:     "\n"
@@ -40,6 +41,52 @@
 //usage:     "\nUse makemime to create emails with attachments"
 //usage:        )
+/* Currently we don't sanitize or escape user-supplied SENDER and RECIPIENT_EMAILs.
+ * We may need to do so. For one, '.' in usernames seems to require escaping!
+ *
+ * From http://cr.yp.to/smtp/address.html:
+ *
+ * SMTP offers three ways to encode a character inside an address:
+ *
+ * "safe": the character, if it is not <>()[].,;:@, backslash,
+ *  double-quote, space, or an ASCII control character;
+ * "quoted": the character, if it is not \012, \015, backslash,
+ *   or double-quote; or
+ * "slashed": backslash followed by the character.
+ *
+ * An encoded box part is either (1) a sequence of one or more slashed
+ * or safe characters or (2) a double quote, a sequence of zero or more
+ * slashed or quoted characters, and a double quote. It represents
+ * the concatenation of the characters encoded inside it.
+ *
+ * For example, the encoded box parts
+ *      angels
+ *      \a\n\g\e\l\s
+ *      "\a\n\g\e\l\s"
+ *      "angels"
+ *      "ang\els"
+ * all represent the 6-byte string "angels", and the encoded box parts
+ *      a\,comma
+ *      \a\,\c\o\m\m\a
+ *      "a,comma"
+ * all represent the 7-byte string "a,comma".
+ *
+ * An encoded address contains
+ *      the byte <;
+ *      optionally, a route followed by a colon;
+ *      an encoded box part, the byte @, and a domain; and
+ *      the byte >.
+ *
+ * It represents an Internet mail address, given by concatenating
+ * the string represented by the encoded box part, the byte @,
+ * and the domain. For example, the encoded addresses
+ *     <God@heaven.af.mil>
+ *     <\God@heaven.af.mil>
+ *     <"God"@heaven.af.mil>
+ *     <@gateway.af.mil,@uucp.local:"\G\o\d"@heaven.af.mil>
+ * all represent the Internet mail address "God@heaven.af.mil".
+ */
 #include "libbb.h"
 #include "mail.h"
@@ -163,7 +210,7 @@ int sendmail_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
 int sendmail_main(int argc UNUSED_PARAM, char **argv)
 {
        char *opt_connect = opt_connect;
-        char *opt_from;
+        char *opt_from = NULL;
        char *s;
        llist_t *list = NULL;
        char *host = sane_address(safe_gethostname());
@@ -199,8 +246,8 @@ int sendmail_main(int argc UNUSED_PARAM, char **argv)
        G.fp0 = xfdopen_for_read(3);
        // parse options
-        // -v is a counter, -f is required. -H and -S are mutually exclusive, -a is a list
+        // -v is a counter, -H and -S are mutually exclusive, -a is a list
-        opt_complementary = "vv:f:w+:H--S:S--H:a::";
+        opt_complementary = "vv:w+:H--S:S--H:a::";
        // N.B. since -H and -S are mutually exclusive they do not interfere in opt_connect
        // -a is for ssmtp (http://downloads.openwrt.org/people/nico/man/man8/ssmtp.8.html) compatibility,
        // it is still under development.
@@ -304,13 +351,11 @@ int sendmail_main(int argc UNUSED_PARAM, char **argv)
        //      Since reading from console may defeat usability, the solution is either to read from a predefined
        //      file descriptor (e.g. 4), or again from a secured file.
-        // got no sender address? -> use system username as a resort
+        // got no sender address? use auth name, then UID username as a last resort
-        // N.B. we marked -f as required option!
+        if (!opt_from) {
-        //if (!G.user) {
+                opt_from = G.user ? G.user : xuid2uname(getuid());
-        //      // N.B. IMHO getenv("USER") can be way easily spoofed!
+        }
-        //      G.user = xuid2uname(getuid());
-        //      opt_from = xasprintf("%s@%s", G.user, domain);
-        //}
        smtp_checkp("MAIL FROM:<%s>", opt_from, 250);
        // process message
author	Denys Vlasenko <vda.linux@googlemail.com>	2014-02-05 15:01:39 +0100
committer	Denys Vlasenko <vda.linux@googlemail.com>	2014-02-05 15:01:39 +0100
commit	07f417b6ab92e0429f302ff6783bb9681b60120e (patch)
tree	4d1faf78aad2c22abf6fb536f44bd24b808f6865 /mailutils/sendmail.c
parent	e4785ca653d0e219926692c229673b2c1b8d6ac4 (diff)
download	busybox-w32-07f417b6ab92e0429f302ff6783bb9681b60120e.tar.gz busybox-w32-07f417b6ab92e0429f302ff6783bb9681b60120e.tar.bz2 busybox-w32-07f417b6ab92e0429f302ff6783bb9681b60120e.zip

diff --git a/mailutils/sendmail.c b/mailutils/sendmail.c index b5aa1d17b..824109d99 100644 --- a/mailutils/sendmail.c +++ b/mailutils/sendmail.c
@@ -15,7 +15,8 @@
15	//usage: "Read email from stdin and send it\n"	15	//usage: "Read email from stdin and send it\n"
16	//usage: "\nStandard options:"	16	//usage: "\nStandard options:"
17	//usage: "\n -t Read additional recipients from message body"	17	//usage: "\n -t Read additional recipients from message body"
18	//usage: "\n -f SENDER Sender (required)"	18	//usage: "\n -f SENDER For use in MAIL FROM:<sender>. Can be empty string"
		19	//usage: "\n Default: -auUSER, or username of current UID"
19	//usage: "\n -o OPTIONS Various options. -oi implied, others are ignored"	20	//usage: "\n -o OPTIONS Various options. -oi implied, others are ignored"
20	//usage: "\n -i -oi synonym. implied and ignored"	21	//usage: "\n -i -oi synonym. implied and ignored"
21	//usage: "\n"	22	//usage: "\n"
@@ -40,6 +41,52 @@
40	//usage: "\nUse makemime to create emails with attachments"	41	//usage: "\nUse makemime to create emails with attachments"
41	//usage: )	42	//usage: )
42		43
		44	/* Currently we don't sanitize or escape user-supplied SENDER and RECIPIENT_EMAILs.
		45	* We may need to do so. For one, '.' in usernames seems to require escaping!
		46	*
		47	* From http://cr.yp.to/smtp/address.html:
		48	*
		49	* SMTP offers three ways to encode a character inside an address:
		50	*
		51	* "safe": the character, if it is not <>()[].,;:@, backslash,
		52	* double-quote, space, or an ASCII control character;
		53	* "quoted": the character, if it is not \012, \015, backslash,
		54	* or double-quote; or
		55	* "slashed": backslash followed by the character.
		56	*
		57	* An encoded box part is either (1) a sequence of one or more slashed
		58	* or safe characters or (2) a double quote, a sequence of zero or more
		59	* slashed or quoted characters, and a double quote. It represents
		60	* the concatenation of the characters encoded inside it.
		61	*
		62	* For example, the encoded box parts
		63	* angels
		64	* \a\n\g\e\l\s
		65	* "\a\n\g\e\l\s"
		66	* "angels"
		67	* "ang\els"
		68	* all represent the 6-byte string "angels", and the encoded box parts
		69	* a\,comma
		70	* \a\,\c\o\m\m\a
		71	* "a,comma"
		72	* all represent the 7-byte string "a,comma".
		73	*
		74	* An encoded address contains
		75	* the byte <;
		76	* optionally, a route followed by a colon;
		77	* an encoded box part, the byte @, and a domain; and
		78	* the byte >.
		79	*
		80	* It represents an Internet mail address, given by concatenating
		81	* the string represented by the encoded box part, the byte @,
		82	* and the domain. For example, the encoded addresses
		83	* <God@heaven.af.mil>
		84	* <\God@heaven.af.mil>
		85	* <"God"@heaven.af.mil>
		86	* <@gateway.af.mil,@uucp.local:"\G\o\d"@heaven.af.mil>
		87	* all represent the Internet mail address "God@heaven.af.mil".
		88	*/
		89
43	#include "libbb.h"	90	#include "libbb.h"
44	#include "mail.h"	91	#include "mail.h"
45		92
@@ -163,7 +210,7 @@ int sendmail_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
163	int sendmail_main(int argc UNUSED_PARAM, char **argv)	210	int sendmail_main(int argc UNUSED_PARAM, char **argv)
164	{	211	{
165	char *opt_connect = opt_connect;	212	char *opt_connect = opt_connect;
166	char *opt_from;	213	char *opt_from = NULL;
167	char *s;	214	char *s;
168	llist_t *list = NULL;	215	llist_t *list = NULL;
169	char *host = sane_address(safe_gethostname());	216	char *host = sane_address(safe_gethostname());
@@ -199,8 +246,8 @@ int sendmail_main(int argc UNUSED_PARAM, char **argv)
199	G.fp0 = xfdopen_for_read(3);	246	G.fp0 = xfdopen_for_read(3);
200		247
201	// parse options	248	// parse options
202	// -v is a counter, -f is required. -H and -S are mutually exclusive, -a is a list	249	// -v is a counter, -H and -S are mutually exclusive, -a is a list
203	opt_complementary = "vv:f:w+:H--S:S--H:a::";	250	opt_complementary = "vv:w+:H--S:S--H:a::";
204	// N.B. since -H and -S are mutually exclusive they do not interfere in opt_connect	251	// N.B. since -H and -S are mutually exclusive they do not interfere in opt_connect
205	// -a is for ssmtp (http://downloads.openwrt.org/people/nico/man/man8/ssmtp.8.html) compatibility,	252	// -a is for ssmtp (http://downloads.openwrt.org/people/nico/man/man8/ssmtp.8.html) compatibility,
206	// it is still under development.	253	// it is still under development.
@@ -304,13 +351,11 @@ int sendmail_main(int argc UNUSED_PARAM, char **argv)
304	// Since reading from console may defeat usability, the solution is either to read from a predefined	351	// Since reading from console may defeat usability, the solution is either to read from a predefined
305	// file descriptor (e.g. 4), or again from a secured file.	352	// file descriptor (e.g. 4), or again from a secured file.
306		353
307	// got no sender address? -> use system username as a resort	354	// got no sender address? use auth name, then UID username as a last resort
308	// N.B. we marked -f as required option!	355	if (!opt_from) {
309	//if (!G.user) {	356	opt_from = G.user ? G.user : xuid2uname(getuid());
310	// // N.B. IMHO getenv("USER") can be way easily spoofed!	357	}
311	// G.user = xuid2uname(getuid());	358
312	// opt_from = xasprintf("%s@%s", G.user, domain);
313	//}
314	smtp_checkp("MAIL FROM:<%s>", opt_from, 250);	359	smtp_checkp("MAIL FROM:<%s>", opt_from, 250);
315		360
316	// process message	361	// process message