rev |
line source |
meillo@89
|
1 \chapter{Code analysis}
|
meillo@89
|
2
|
meillo@89
|
3
|
meillo@89
|
4 \section{Architecture}
|
meillo@89
|
5 Like its anchestor \sendmail, \masqmail\ is a monolitic program. It consists of only one \emph{setuid root}\footnote{Runs as user root, no matter which user invoked it.}\index{setuid root} binary file, named \path{masqmail}. All functionality is included in it; of course some more comes from dynamic libraries linked.
|
meillo@89
|
6
|
meillo@89
|
7
|
meillo@89
|
8
|
meillo@89
|
9 \subsection{Structure}
|
meillo@89
|
10 The \masqmail\ executable can be called under various names for \name{sendmail-compatibility} reasons. This is commonly organized by creating symbolic links with with different names to the \masqmail\ executable. These are \path{/usr/lib/sendmail} and \path{/usr/sbin/sendmail} because many programs expect a \mta\ to be located there. Further more \sendmail\ provides shortcuts by calling it with a different name instead of supplying command line arguments. The best known of it is \path{mailq}, which is equivilent to calling the \MTA\ with the argument \verb+-bq+. \masqmail\ reacts to the names \path{mailq}, \path{smtpd}, \path{mailrm}, \path{runq}, \path{rmail}, and \path{in.smtpd}. The last four are an addition to \sendmail. Not implemented is the name \path{newaliases} because it is not relevant to \masqmail. To provide the command nonetheless, one may write a shell script located at \path{/usr/bin/newaliases}, that simply invokes \verb+masqmail -bi+.
|
meillo@89
|
11
|
meillo@89
|
12 %masqmail: mailq, mailrm, runq, rmail, smtpd/in.smtpd
|
meillo@89
|
13 %sendmail: hoststat, mailq, newaliases, purgestat, smtpd
|
meillo@89
|
14
|
meillo@89
|
15 \masqmail\ is written in the \NAME{C} programming language. The program, as of version 0.2.21, consists of 34 source code and eight header files, containing about 9,000 lines of code\footnote{Measured with \name{sloccount} by David A.\ Wheeler.}. Additionally, it includes a \name{base64} implementation (about 300 lines) and \name{md5} code (about 150 lines). For systems that do not provide \name{libident}, this library is distributed as well (circa 600 lines); an available shared library however has higher precedence in linking.
|
meillo@89
|
16
|
meillo@89
|
17 The only mandatory dependency is \name{glib}---a cross-platform software utility library, originated in the \NAME{GTK+} project. It provides safer replacements for many standard library functions. (The unsafe \verb+sprintf()+ is one example.) Also it offers handy data containers, easy-to-use implementations of data structures, and much more.
|
meillo@89
|
18
|
meillo@89
|
19 With \masqmail\ comes the small tool \path{mservdetect}; it helps setting up a configuration that uses the \name{mserver} system to detect the online state. Two other binaries get compiled for testing purposes: \path{readtest} and \path{smtpsend}. All three programms use \masqmail\ source code; they only add a file with a \verb+main()+ function each.
|
meillo@89
|
20
|
meillo@89
|
21 \masqmail\ does not provide an interface for modules with additional functionality. There exists no add-on or module system. But the code is separated by function to the various source files, and some functional parts can be included or excluded by defining symbols. This means adding some argument (like \verb+--enable-maildir+) to the \verb+configure+ call. Thus the concerning code gets not removed by the preprocessor.
|
meillo@89
|
22
|
meillo@89
|
23
|
meillo@89
|
24
|
meillo@89
|
25
|
meillo@89
|
26 \section{Code quality}
|
meillo@89
|
27
|
meillo@89
|
28
|
meillo@89
|
29 \section{Security}
|