masqmail-0.2

annotate src/local.c @ 0:08114f7dcc23

find changesets by author, revision, files, or words in the commit message
this is masqmail-0.2.21 from oliver kurth
author meillo@marmaro.de
date Fri, 26 Sep 2008 17:05:23 +0200
parents
children 26e34ae9a3e3
rev   line source
meillo@0 1 /* MasqMail
meillo@0 2 Copyright (C) 1999-2001 Oliver Kurth
meillo@0 3
meillo@0 4 This program is free software; you can redistribute it and/or modify
meillo@0 5 it under the terms of the GNU General Public License as published by
meillo@0 6 the Free Software Foundation; either version 2 of the License, or
meillo@0 7 (at your option) any later version.
meillo@0 8
meillo@0 9 This program is distributed in the hope that it will be useful,
meillo@0 10 but WITHOUT ANY WARRANTY; without even the implied warranty of
meillo@0 11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
meillo@0 12 GNU General Public License for more details.
meillo@0 13
meillo@0 14 You should have received a copy of the GNU General Public License
meillo@0 15 along with this program; if not, write to the Free Software
meillo@0 16 Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
meillo@0 17 */
meillo@0 18
meillo@0 19 #include "masqmail.h"
meillo@0 20 #include "peopen.h"
meillo@0 21 #include <sys/wait.h>
meillo@0 22
meillo@0 23 static
meillo@0 24 void message_stream(FILE *out, message *msg, GList *hdr_list, guint flags)
meillo@0 25 {
meillo@0 26 time_t now = time(NULL);
meillo@0 27 GList *node;
meillo@0 28
meillo@0 29 if(flags & MSGSTR_FROMLINE){
meillo@0 30 fprintf(out, "From <%s@%s> %s", msg->return_path->local_part,
meillo@0 31 msg->return_path->domain, ctime(&now));
meillo@0 32 }
meillo@0 33
meillo@0 34 foreach(hdr_list, node){
meillo@0 35 header *hdr = (header *)(node->data);
meillo@0 36 fputs(hdr->header, out);
meillo@0 37 }
meillo@0 38 putc('\n', out);
meillo@0 39 foreach(msg->data_list, node){
meillo@0 40 /* From hack: */
meillo@0 41 if(flags & MSGSTR_FROMHACK){
meillo@0 42 if(strncmp(node->data, "From ", 5) == 0)
meillo@0 43 putc('>', out);
meillo@0 44 }
meillo@0 45 fputs(node->data, out);
meillo@0 46 }
meillo@0 47 putc('\n', out);
meillo@0 48 }
meillo@0 49
meillo@0 50 gboolean append_file(message *msg, GList *hdr_list, gchar *user)
meillo@0 51 {
meillo@0 52 struct passwd *pw;
meillo@0 53 gboolean ok = FALSE;
meillo@0 54
meillo@0 55 /* headers may be special for a local delivery */
meillo@0 56 if(hdr_list == NULL)
meillo@0 57 hdr_list = msg->hdr_list;
meillo@0 58
meillo@0 59 if((pw = getpwnam(user))){
meillo@0 60 uid_t saved_uid = geteuid();
meillo@0 61 gid_t saved_gid = getegid();
meillo@0 62 gboolean uid_ok = TRUE, gid_ok = TRUE;
meillo@0 63
meillo@0 64 if(!conf.run_as_user){
meillo@0 65 uid_ok = (seteuid(0) == 0);
meillo@0 66 if(uid_ok){
meillo@0 67 gid_ok = (setegid(conf.mail_gid) == 0);
meillo@0 68 uid_ok = (seteuid(pw->pw_uid) == 0);
meillo@0 69 }
meillo@0 70 }
meillo@0 71
meillo@0 72 DEBUG(5) debugf("running as euid %d\n", geteuid());
meillo@0 73 DEBUG(5) debugf("running as egid %d\n", getegid());
meillo@0 74
meillo@0 75 if(uid_ok && gid_ok){
meillo@0 76 gchar *filename;
meillo@0 77 FILE *out;
meillo@0 78
meillo@0 79 filename = g_strdup_printf("%s/%s", conf.mail_dir, user);
meillo@0 80 if((out = fopen(filename, "a"))){
meillo@0 81 #ifdef USE_LIBLOCKFILE
meillo@0 82 gint err;
meillo@0 83 /* lock file using liblockfile */
meillo@0 84 err = maillock(user,3);
meillo@0 85 if(err == 0){
meillo@0 86 #else
meillo@0 87 /* lock file: */
meillo@0 88 struct flock lock;
meillo@0 89 lock.l_type = F_WRLCK;
meillo@0 90 lock.l_whence = SEEK_END;
meillo@0 91 lock.l_start = lock.l_len = 0;
meillo@0 92 if(fcntl(fileno(out), F_SETLK, &lock) != -1){
meillo@0 93 #endif
meillo@0 94 fchmod(fileno(out), 0600);
meillo@0 95
meillo@0 96 message_stream(out, msg, hdr_list, MSGSTR_FROMLINE|MSGSTR_FROMHACK);
meillo@0 97
meillo@0 98 ok = TRUE;
meillo@0 99
meillo@0 100 /* close when still user */
meillo@0 101 fclose(out);
meillo@0 102 #ifdef USE_LIBLOCKFILE
meillo@0 103 mailunlock();
meillo@0 104 #endif
meillo@0 105 }else{
meillo@0 106 fclose(out);
meillo@0 107 #ifdef USE_LIBLOCKFILE
meillo@0 108 DEBUG(3) debugf("could not lock file %s: error %d\n",
meillo@0 109 filename, err);
meillo@0 110 } /* XEmacs indenting convenience... */
meillo@0 111 #else
meillo@0 112 DEBUG(3) debugf("could not lock file %s: %s\n",
meillo@0 113 filename, strerror(errno));
meillo@0 114 }
meillo@0 115 #endif
meillo@0 116 }else{
meillo@0 117 logwrite(LOG_ALERT, "could not open file %s: %s\n",
meillo@0 118 filename, strerror(errno));
meillo@0 119 }
meillo@0 120 g_free(filename);
meillo@0 121
meillo@0 122 if(!conf.run_as_user){
meillo@0 123 uid_ok = (seteuid(0) == 0);
meillo@0 124 if(uid_ok){
meillo@0 125 gid_ok = (setegid(saved_gid) == 0);
meillo@0 126 uid_ok = (seteuid(saved_uid) == 0);
meillo@0 127 }
meillo@0 128 }
meillo@0 129
meillo@0 130 if(!uid_ok || !gid_ok){
meillo@0 131 /* FIXME: if this fails we HAVE to exit, because we shall not run
meillo@0 132 with some users id. But we do not return, and so this message
meillo@0 133 will not be finished, so the user will get the message again
meillo@0 134 next time a delivery is attempted... */
meillo@0 135 logwrite(LOG_ALERT,
meillo@0 136 "could not set back uid or gid after local delivery: %s\n",
meillo@0 137 strerror(errno));
meillo@0 138 logwrite(LOG_ALERT,
meillo@0 139 "uid=%d, gid=%d, euid=%d, egid=%d, want = %d, %d\n",
meillo@0 140 getuid(), getgid(), geteuid(), getegid(), saved_uid, saved_gid);
meillo@0 141 exit(EXIT_FAILURE);
meillo@0 142 }
meillo@0 143 }else{
meillo@0 144 logwrite(LOG_ALERT,
meillo@0 145 "could not set uid or gid for local delivery, uid = %d: %s\n",
meillo@0 146 pw->pw_uid, strerror(errno));
meillo@0 147 }
meillo@0 148 }else{
meillo@0 149 logwrite(LOG_ALERT, "could not find password entry for user %s\n", user);
meillo@0 150 errno = ENOENT; /* getpwnam does not set errno correctly */
meillo@0 151 }
meillo@0 152
meillo@0 153 return ok;
meillo@0 154 }
meillo@0 155
meillo@0 156 #ifdef ENABLE_MAILDIR
meillo@0 157 gboolean maildir_out(message *msg, GList *hdr_list, gchar *user, guint flags)
meillo@0 158 {
meillo@0 159 struct passwd *pw;
meillo@0 160 gboolean ok = FALSE;
meillo@0 161
meillo@0 162 /* headers may be special for a local delivery */
meillo@0 163 if(hdr_list == NULL)
meillo@0 164 hdr_list = msg->hdr_list;
meillo@0 165
meillo@0 166 if((pw = getpwnam(user))){
meillo@0 167 uid_t saved_uid = geteuid();
meillo@0 168 gid_t saved_gid = getegid();
meillo@0 169 gboolean uid_ok = TRUE, gid_ok = TRUE;
meillo@0 170
meillo@0 171 if(!conf.run_as_user){
meillo@0 172 uid_ok = (seteuid(0) == 0);
meillo@0 173 if(uid_ok){
meillo@0 174 gid_ok = (setegid(conf.mail_gid) == 0);
meillo@0 175 uid_ok = (seteuid(pw->pw_uid) == 0);
meillo@0 176 }
meillo@0 177 }
meillo@0 178
meillo@0 179 DEBUG(5) debugf("running as euid %d\n", geteuid());
meillo@0 180 DEBUG(5) debugf("running as egid %d\n", getegid());
meillo@0 181
meillo@0 182 if(uid_ok && gid_ok){
meillo@0 183 char *path = g_strdup_printf("%s/Maildir", pw->pw_dir);
meillo@0 184 struct stat statbuf;
meillo@0 185 int ret;
meillo@0 186
meillo@0 187 DEBUG(5) debugf("path = %s\n", path);
meillo@0 188
meillo@0 189 ok = TRUE;
meillo@0 190 ret = stat(path, &statbuf);
meillo@0 191 if(ret != 0){
meillo@0 192 ok = FALSE;
meillo@0 193 if(errno == ENOENT){
meillo@0 194 logwrite(LOG_NOTICE, "directory %s does not exist, creating\n", path);
meillo@0 195 if(mkdir(path, 0700) == 0)
meillo@0 196 ok = TRUE;
meillo@0 197 }else
meillo@0 198 logwrite(LOG_ALERT, "stat of %s failed: %s\n", path, strerror(errno));
meillo@0 199 }
meillo@0 200 if(ok){
meillo@0 201 ok = FALSE;
meillo@0 202 ret = stat(path, &statbuf);
meillo@0 203 if(S_ISDIR(statbuf.st_mode)){
meillo@0 204 gchar *subdirs[] = {"tmp", "new", "cur"};
meillo@0 205 int i;
meillo@0 206 for(i = 0; i < 3; i++){
meillo@0 207 char *path1 = g_strdup_printf("%s/%s", path, subdirs[i]);
meillo@0 208 ret = stat(path1, &statbuf);
meillo@0 209 if(ret != 0){
meillo@0 210 if(errno == ENOENT){
meillo@0 211 logwrite(LOG_NOTICE, "directory %s does not exist, creating\n", path1);
meillo@0 212 if(mkdir(path1, 0700) != 0) break;
meillo@0 213 }
meillo@0 214 }
meillo@0 215 g_free(path1);
meillo@0 216 }
meillo@0 217 if(i == 3){
meillo@0 218 FILE *out;
meillo@0 219 mode_t saved_mode = umask(066);
meillo@0 220 /* the qmail style unique works only if delivering
meillo@0 221 with different process. We do not fork for each delivery,
meillo@0 222 so our uid is more unique. Hope it is compatible with all
meillo@0 223 MUAs.
meillo@0 224 */
meillo@0 225 gchar *filename = g_strdup_printf("%s/tmp/%s.%s", path, msg->uid, conf.host_name);
meillo@0 226
meillo@0 227 DEBUG(5) debugf("filename = %s\n", filename);
meillo@0 228
meillo@0 229 if((out = fopen(filename, "w"))){
meillo@0 230 gchar *newname =
meillo@0 231 g_strdup_printf("%s/new/%s.%s", path, msg->uid, conf.host_name);
meillo@0 232 message_stream(out, msg, hdr_list, flags);
meillo@0 233 ok = TRUE;
meillo@0 234 if(fflush(out) == EOF) ok = FALSE;
meillo@0 235 else if(fdatasync(fileno(out)) != 0){
meillo@0 236 if(errno != EINVAL) /* some fs do not support this..
meillo@0 237 I hope this also means that it is not necessary */
meillo@0 238 ok = FALSE;
meillo@0 239 }
meillo@0 240 fclose(out);
meillo@0 241 if(rename(filename, newname) != 0){
meillo@0 242 ok = FALSE;
meillo@0 243 logwrite(LOG_ALERT, "moving %s to %s failed: %s",
meillo@0 244 filename, newname, strerror(errno));
meillo@0 245 }
meillo@0 246 g_free(newname);
meillo@0 247 }
meillo@0 248 umask(saved_mode);
meillo@0 249 g_free(filename);
meillo@0 250 }
meillo@0 251 }else{
meillo@0 252 logwrite(LOG_ALERT, "%s is not a directory\n", path);
meillo@0 253 errno = ENOTDIR;
meillo@0 254 }
meillo@0 255 }
meillo@0 256 if(!conf.run_as_user){
meillo@0 257 uid_ok = (seteuid(0) == 0);
meillo@0 258 if(uid_ok){
meillo@0 259 gid_ok = (setegid(saved_gid) == 0);
meillo@0 260 uid_ok = (seteuid(saved_uid) == 0);
meillo@0 261 }
meillo@0 262 }
meillo@0 263 if(!uid_ok || !gid_ok){
meillo@0 264 /* FIXME: if this fails we HAVE to exit, because we shall not run
meillo@0 265 with some users id. But we do not return, and so this message
meillo@0 266 will not be finished, so the user will get the message again
meillo@0 267 next time a delivery is attempted... */
meillo@0 268 logwrite(LOG_ALERT,
meillo@0 269 "could not set back uid or gid after local delivery: %s\n",
meillo@0 270 strerror(errno));
meillo@0 271 exit(EXIT_FAILURE);
meillo@0 272 }
meillo@0 273 g_free(path);
meillo@0 274 }else{
meillo@0 275 logwrite(LOG_ALERT,
meillo@0 276 "could not set uid or gid for local delivery, uid = %d: %s\n",
meillo@0 277 pw->pw_uid, strerror(errno));
meillo@0 278 }
meillo@0 279 }else{
meillo@0 280 logwrite(LOG_ALERT, "could not find password entry for user %s\n", user);
meillo@0 281 errno = ENOENT; /* getpwnam does not set errno correctly */
meillo@0 282 }
meillo@0 283 return ok;
meillo@0 284 }
meillo@0 285 #endif
meillo@0 286
meillo@0 287 gboolean
meillo@0 288 pipe_out(message *msg, GList *hdr_list, address *rcpt, gchar *cmd, guint flags)
meillo@0 289 {
meillo@0 290 gchar *envp[40];
meillo@0 291 FILE *out;
meillo@0 292 uid_t saved_uid = geteuid();
meillo@0 293 gid_t saved_gid = getegid();
meillo@0 294 gboolean ok = FALSE;
meillo@0 295 gint i, n;
meillo@0 296 pid_t pid;
meillo@0 297 void (*old_signal)(int);
meillo@0 298 int status;
meillo@0 299
meillo@0 300 /* set uid and gid to the mail ids */
meillo@0 301 if(!conf.run_as_user){
meillo@0 302 set_euidgid(conf.mail_uid, conf.mail_gid, &saved_uid, &saved_gid);
meillo@0 303 }
meillo@0 304
meillo@0 305 /* set environment */
meillo@0 306 {
meillo@0 307 gint i = 0;
meillo@0 308 address *ancestor = addr_find_ancestor(rcpt);
meillo@0 309
meillo@0 310 envp[i++] = g_strdup_printf("SENDER=%s@%s", msg->return_path->local_part, msg->return_path->domain);
meillo@0 311 envp[i++] = g_strdup_printf("SENDER_DOMAIN=%s", msg->return_path->domain);
meillo@0 312 envp[i++] = g_strdup_printf("SENDER_LOCAL=%s", msg->return_path->local_part);
meillo@0 313 envp[i++] = g_strdup_printf("RECEIVED_HOST=%s", msg->received_host ? msg->received_host : "");
meillo@0 314
meillo@0 315 envp[i++] = g_strdup_printf("RETURN_PATH=%s@%s",
meillo@0 316 msg->return_path->local_part, msg->return_path->domain);
meillo@0 317 envp[i++] = g_strdup_printf("DOMAIN=%s", ancestor->domain);
meillo@0 318
meillo@0 319 envp[i++] = g_strdup_printf("LOCAL_PART=%s", ancestor->local_part);
meillo@0 320 envp[i++] = g_strdup_printf("USER=%s", ancestor->local_part);
meillo@0 321 envp[i++] = g_strdup_printf("LOGNAME=%s", ancestor->local_part);
meillo@0 322
meillo@0 323 envp[i++] = g_strdup_printf("MESSAGE_ID=%s", msg->uid);
meillo@0 324 envp[i++] = g_strdup_printf("QUALIFY_DOMAIN=%s", conf.host_name);
meillo@0 325
meillo@0 326 envp[i] = NULL;
meillo@0 327 n = i;
meillo@0 328 }
meillo@0 329
meillo@0 330 old_signal = signal(SIGCHLD, SIG_DFL);
meillo@0 331
meillo@0 332 out = peidopen(cmd, "w", envp, &pid, conf.mail_uid, conf.mail_gid);
meillo@0 333 if(out != NULL){
meillo@0 334 message_stream(out, msg, hdr_list, flags);
meillo@0 335
meillo@0 336 fclose(out);
meillo@0 337
meillo@0 338 waitpid(pid, &status, 0);
meillo@0 339
meillo@0 340 if(WEXITSTATUS(status) != 0){
meillo@0 341 int exstat = WEXITSTATUS(status);
meillo@0 342 logwrite(LOG_ALERT, "process returned %d (%s)\n", exstat, ext_strerror(1024 + exstat));
meillo@0 343 errno = 1024 + exstat;
meillo@0 344 }else if(WIFSIGNALED(status)){
meillo@0 345 logwrite(LOG_ALERT, "process got signal %d\n", WTERMSIG(status));
meillo@0 346 }else
meillo@0 347 ok = TRUE;
meillo@0 348
meillo@0 349 }else
meillo@0 350 logwrite(LOG_ALERT, "could not open pipe '%s': %s\n", cmd, strerror(errno));
meillo@0 351
meillo@0 352 signal(SIGCHLD, old_signal);
meillo@0 353
meillo@0 354 /* free environment */
meillo@0 355 for(i = 0; i < n; i++){
meillo@0 356 g_free(envp[i]);
meillo@0 357 }
meillo@0 358
meillo@0 359 /* set uid and gid back */
meillo@0 360 if(!conf.run_as_user){
meillo@0 361 set_euidgid(saved_uid, saved_gid, NULL, NULL);
meillo@0 362 }
meillo@0 363
meillo@0 364 return ok;
meillo@0 365 }
meillo@0 366