masqmail: src/permissions.c annotate

annotate src/permissions.c @ 222:8cddc65765bd

added support for STARTTLS wrappers added the route config option `instant_helo' which causes masqmail, as SMTP client, not to wait for the server's 220 greeting. Instead if says EHLO right at once. You'll need this for STARTTLS wrappers that usually eat the greeting line.

author	meillo@marmaro.de
date	Fri, 23 Jul 2010 10:57:53 +0200
parents	3cbcc46c7d49
children	996b53a50f55

rev	line source
0 08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	1 /* MasqMail
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	2 Copyright (C) 2000 Oliver Kurth
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	3
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	4 This program is free software; you can redistribute it and/or modify
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	5 it under the terms of the GNU General Public License as published by
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	6 the Free Software Foundation; either version 2 of the License, or
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	7 (at your option) any later version.
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	8
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	9 This program is distributed in the hope that it will be useful,
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	10 but WITHOUT ANY WARRANTY; without even the implied warranty of
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	12 GNU General Public License for more details.
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	13
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	14 You should have received a copy of the GNU General Public License
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	15 along with this program; if not, write to the Free Software
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	16 Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	17 */
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	18
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	19 #include <pwd.h>
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	20 #include <grp.h>
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	21
15 f671821d8222 code beautifying; 0 -> \0 if appropriate meillo@marmaro.de parents: 10 diff changeset	22 #include "masqmail.h"
f671821d8222 code beautifying; 0 -> \0 if appropriate meillo@marmaro.de parents: 10 diff changeset	23
0 08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	24 /* is there really no function in libc for this? */
10 26e34ae9a3e3 changed indention and line wrapping to a more consistent style meillo@marmaro.de parents: 0 diff changeset	25 gboolean
26e34ae9a3e3 changed indention and line wrapping to a more consistent style meillo@marmaro.de parents: 0 diff changeset	26 is_ingroup(uid_t uid, gid_t gid)
0 08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	27 {
10 26e34ae9a3e3 changed indention and line wrapping to a more consistent style meillo@marmaro.de parents: 0 diff changeset	28 struct group *grent = getgrgid(gid);
84 ffeff2c33799 is_ingroup(): check for the primary group of a user too meillo@marmaro.de parents: 15 diff changeset	29 struct passwd *pwent = getpwuid(uid);
ffeff2c33799 is_ingroup(): check for the primary group of a user too meillo@marmaro.de parents: 15 diff changeset	30 char *entry;
ffeff2c33799 is_ingroup(): check for the primary group of a user too meillo@marmaro.de parents: 15 diff changeset	31 int i = 0;
0 08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	32
84 ffeff2c33799 is_ingroup(): check for the primary group of a user too meillo@marmaro.de parents: 15 diff changeset	33 if (!grent) {
ffeff2c33799 is_ingroup(): check for the primary group of a user too meillo@marmaro.de parents: 15 diff changeset	34 return FALSE;
ffeff2c33799 is_ingroup(): check for the primary group of a user too meillo@marmaro.de parents: 15 diff changeset	35 }
ffeff2c33799 is_ingroup(): check for the primary group of a user too meillo@marmaro.de parents: 15 diff changeset	36 if (!pwent) {
ffeff2c33799 is_ingroup(): check for the primary group of a user too meillo@marmaro.de parents: 15 diff changeset	37 return FALSE;
ffeff2c33799 is_ingroup(): check for the primary group of a user too meillo@marmaro.de parents: 15 diff changeset	38 }
ffeff2c33799 is_ingroup(): check for the primary group of a user too meillo@marmaro.de parents: 15 diff changeset	39 /* check primary group */
ffeff2c33799 is_ingroup(): check for the primary group of a user too meillo@marmaro.de parents: 15 diff changeset	40 if (pwent->pw_gid == gid) {
ffeff2c33799 is_ingroup(): check for the primary group of a user too meillo@marmaro.de parents: 15 diff changeset	41 return TRUE;
ffeff2c33799 is_ingroup(): check for the primary group of a user too meillo@marmaro.de parents: 15 diff changeset	42 }
ffeff2c33799 is_ingroup(): check for the primary group of a user too meillo@marmaro.de parents: 15 diff changeset	43 /* check secondary groups */
ffeff2c33799 is_ingroup(): check for the primary group of a user too meillo@marmaro.de parents: 15 diff changeset	44 while ((entry = grent->gr_mem[i++])) {
ffeff2c33799 is_ingroup(): check for the primary group of a user too meillo@marmaro.de parents: 15 diff changeset	45 if (strcmp(pwent->pw_name, entry) == 0)
ffeff2c33799 is_ingroup(): check for the primary group of a user too meillo@marmaro.de parents: 15 diff changeset	46 return TRUE;
10 26e34ae9a3e3 changed indention and line wrapping to a more consistent style meillo@marmaro.de parents: 0 diff changeset	47 }
26e34ae9a3e3 changed indention and line wrapping to a more consistent style meillo@marmaro.de parents: 0 diff changeset	48 return FALSE;
0 08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	49 }
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	50
10 26e34ae9a3e3 changed indention and line wrapping to a more consistent style meillo@marmaro.de parents: 0 diff changeset	51 gboolean
26e34ae9a3e3 changed indention and line wrapping to a more consistent style meillo@marmaro.de parents: 0 diff changeset	52 is_privileged_user(uid_t uid)
0 08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	53 {
87 3cbcc46c7d49 added a comment on how to make group uucp trusted too meillo@marmaro.de parents: 84 diff changeset	54 /* uncomment these lines if you need the `uucp' group to be trusted too
3cbcc46c7d49 added a comment on how to make group uucp trusted too meillo@marmaro.de parents: 84 diff changeset	55 struct group* grent = getgrnam("uucp");
3cbcc46c7d49 added a comment on how to make group uucp trusted too meillo@marmaro.de parents: 84 diff changeset	56
3cbcc46c7d49 added a comment on how to make group uucp trusted too meillo@marmaro.de parents: 84 diff changeset	57 if (is_ingroup(uid, grent->gr_gid)) {
3cbcc46c7d49 added a comment on how to make group uucp trusted too meillo@marmaro.de parents: 84 diff changeset	58 return TRUE;
3cbcc46c7d49 added a comment on how to make group uucp trusted too meillo@marmaro.de parents: 84 diff changeset	59 }
3cbcc46c7d49 added a comment on how to make group uucp trusted too meillo@marmaro.de parents: 84 diff changeset	60 */
3cbcc46c7d49 added a comment on how to make group uucp trusted too meillo@marmaro.de parents: 84 diff changeset	61
10 26e34ae9a3e3 changed indention and line wrapping to a more consistent style meillo@marmaro.de parents: 0 diff changeset	62 return (uid == 0) \|\| (uid == conf.mail_uid) \|\| (is_ingroup(uid, conf.mail_gid));
0 08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	63 }
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	64
10 26e34ae9a3e3 changed indention and line wrapping to a more consistent style meillo@marmaro.de parents: 0 diff changeset	65 void
26e34ae9a3e3 changed indention and line wrapping to a more consistent style meillo@marmaro.de parents: 0 diff changeset	66 set_euidgid(gint uid, gint gid, uid_t * old_uid, gid_t * old_gid)
0 08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	67 {
10 26e34ae9a3e3 changed indention and line wrapping to a more consistent style meillo@marmaro.de parents: 0 diff changeset	68 if (old_uid)
26e34ae9a3e3 changed indention and line wrapping to a more consistent style meillo@marmaro.de parents: 0 diff changeset	69 *old_uid = geteuid();
26e34ae9a3e3 changed indention and line wrapping to a more consistent style meillo@marmaro.de parents: 0 diff changeset	70 if (old_gid)
26e34ae9a3e3 changed indention and line wrapping to a more consistent style meillo@marmaro.de parents: 0 diff changeset	71 *old_gid = getegid();
0 08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	72
10 26e34ae9a3e3 changed indention and line wrapping to a more consistent style meillo@marmaro.de parents: 0 diff changeset	73 seteuid(0);
26e34ae9a3e3 changed indention and line wrapping to a more consistent style meillo@marmaro.de parents: 0 diff changeset	74
26e34ae9a3e3 changed indention and line wrapping to a more consistent style meillo@marmaro.de parents: 0 diff changeset	75 if (setegid(gid) != 0) {
26e34ae9a3e3 changed indention and line wrapping to a more consistent style meillo@marmaro.de parents: 0 diff changeset	76 logwrite(LOG_ALERT, "could not change gid to %d: %s\n", gid, strerror(errno));
26e34ae9a3e3 changed indention and line wrapping to a more consistent style meillo@marmaro.de parents: 0 diff changeset	77 exit(EXIT_FAILURE);
26e34ae9a3e3 changed indention and line wrapping to a more consistent style meillo@marmaro.de parents: 0 diff changeset	78 }
26e34ae9a3e3 changed indention and line wrapping to a more consistent style meillo@marmaro.de parents: 0 diff changeset	79 if (seteuid(uid) != 0) {
26e34ae9a3e3 changed indention and line wrapping to a more consistent style meillo@marmaro.de parents: 0 diff changeset	80 logwrite(LOG_ALERT, "could not change uid to %d: %s\n", uid, strerror(errno));
26e34ae9a3e3 changed indention and line wrapping to a more consistent style meillo@marmaro.de parents: 0 diff changeset	81 exit(EXIT_FAILURE);
26e34ae9a3e3 changed indention and line wrapping to a more consistent style meillo@marmaro.de parents: 0 diff changeset	82 }
0 08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	83 }
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	84
10 26e34ae9a3e3 changed indention and line wrapping to a more consistent style meillo@marmaro.de parents: 0 diff changeset	85 void
26e34ae9a3e3 changed indention and line wrapping to a more consistent style meillo@marmaro.de parents: 0 diff changeset	86 set_identity(uid_t old_uid, gchar * task_name)
0 08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	87 {
10 26e34ae9a3e3 changed indention and line wrapping to a more consistent style meillo@marmaro.de parents: 0 diff changeset	88 if (!conf.run_as_user) {
26e34ae9a3e3 changed indention and line wrapping to a more consistent style meillo@marmaro.de parents: 0 diff changeset	89 if (!is_privileged_user(old_uid)) {
26e34ae9a3e3 changed indention and line wrapping to a more consistent style meillo@marmaro.de parents: 0 diff changeset	90 fprintf(stderr, "must be root, %s or in group %s for %s.\n", DEF_MAIL_USER, DEF_MAIL_GROUP, task_name);
26e34ae9a3e3 changed indention and line wrapping to a more consistent style meillo@marmaro.de parents: 0 diff changeset	91 exit(EXIT_FAILURE);
26e34ae9a3e3 changed indention and line wrapping to a more consistent style meillo@marmaro.de parents: 0 diff changeset	92 }
0 08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	93
10 26e34ae9a3e3 changed indention and line wrapping to a more consistent style meillo@marmaro.de parents: 0 diff changeset	94 set_euidgid(conf.mail_uid, conf.mail_gid, NULL, NULL);
26e34ae9a3e3 changed indention and line wrapping to a more consistent style meillo@marmaro.de parents: 0 diff changeset	95 }
0 08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	96 }

Mercurial > masqmail

annotate src/permissions.c @ 222:8cddc65765bd