docs/diploma

view thesis/pieces/old/4-CodeAnalysis.tex @ 167:74151e26ba6a

this is the correct message for the last commit I really hate it when I check in too early or too much by accident! Maybe I should add a confirmation there to prevent me from doing stupid things. But now what I checked in with the last commit: - titlepage became the real titlepage, specifying all important info - cover became the real cover to be the very first page - the previous cover became pretitle, and moved between the other two - my confirmation that I wrote the thesis on my own moved to the appendix - the abstract and keywords moved to the back of the pretitle - the copyright information extended - the market share table is in a temporary state! (Needs verification!) - some cleanups Ten small commits instead of this huge one with an afterwards added message are what I intended ... now I am in a bad mood because of this mess :-(
author meillo@marmaro.de
date Fri, 19 Dec 2008 20:36:03 +0100
parents 3b5ba7331eb5
children
line source
1 \chapter{Code analysis}
4 \section{Architecture}
5 Like its anchestor \sendmail, \masqmail\ is a monolitic program. It consists of only one \emph{setuid root}\footnote{Runs as user root, no matter which user invoked it.}\index{setuid root} binary file, named \path{masqmail}. All functionality is included in it; of course some more comes from dynamic libraries linked.
9 \subsection{Structure}
10 The \masqmail\ executable can be called under various names for \name{sendmail-compatibility} reasons. This is commonly organized by creating symbolic links with with different names to the \masqmail\ executable. These are \path{/usr/lib/sendmail} and \path{/usr/sbin/sendmail} because many programs expect a \mta\ to be located there. Further more \sendmail\ provides shortcuts by calling it with a different name instead of supplying command line arguments. The best known of it is \path{mailq}, which is equivilent to calling the \MTA\ with the argument \verb+-bq+. \masqmail\ reacts to the names \path{mailq}, \path{smtpd}, \path{mailrm}, \path{runq}, \path{rmail}, and \path{in.smtpd}. The last four are an addition to \sendmail. Not implemented is the name \path{newaliases} because it is not relevant to \masqmail. To provide the command nonetheless, one may write a shell script located at \path{/usr/bin/newaliases}, that simply invokes \verb+masqmail -bi+.
12 %masqmail: mailq, mailrm, runq, rmail, smtpd/in.smtpd
13 %sendmail: hoststat, mailq, newaliases, purgestat, smtpd
15 \masqmail\ is written in the \NAME{C} programming language. The program, as of version 0.2.21, consists of 34 source code and eight header files, containing about 9,000 lines of code\footnote{Measured with \name{sloccount} by David A.\ Wheeler.}. Additionally, it includes a \name{base64} implementation (about 300 lines) and \name{md5} code (about 150 lines). For systems that do not provide \name{libident}, this library is distributed as well (circa 600 lines); an available shared library however has higher precedence in linking.
17 The only mandatory dependency is \name{glib}---a cross-platform software utility library, originated in the \NAME{GTK+} project. It provides safer replacements for many standard library functions. (The unsafe \verb+sprintf()+ is one example.) Also it offers handy data containers, easy-to-use implementations of data structures, and much more.
19 With \masqmail\ comes the small tool \path{mservdetect}; it helps setting up a configuration that uses the \name{mserver} system to detect the online state. Two other binaries get compiled for testing purposes: \path{readtest} and \path{smtpsend}. All three programms use \masqmail\ source code; they only add a file with a \verb+main()+ function each.
21 \masqmail\ does not provide an interface for modules with additional functionality. There exists no add-on or module system. But the code is separated by function to the various source files, and some functional parts can be included or excluded by defining symbols. This means adding some argument (like \verb+--enable-maildir+) to the \verb+configure+ call. Thus the concerning code gets not removed by the preprocessor.
26 \section{Code quality}
29 \section{Security}