Mercurial > masqmail
annotate src/permissions.c @ 246:4cff8638dd9b
SMTP client: tries EHLO now always first
Changed the behavior of the SMTP client. Now always an EHLO greeting
is sent, no matter what kind of greeting text the server had sent. If
the EHLO failed, an HELO greeting is tried as fall back. This is the
behavior RFC 2821 requires (section 3.2).
This change will fix setups that were not possible to sent to a
server because that requires AUTH but hadn't said ``ESMTP'' in its
greeting message.
See also: Debian bug #349211
Thanks to Steffen (inne)
| author | markus schnalke <meillo@marmaro.de> |
|---|---|
| date | Thu, 28 Oct 2010 16:40:02 -0300 |
| parents | 996b53a50f55 |
| children | fc1c6425c024 |
| rev | line source |
|---|---|
| 0 | 1 /* MasqMail |
| 2 Copyright (C) 2000 Oliver Kurth | |
| 224 | 3 Copyright (C) 2010 markus schnalke <meillo@marmaro.de> |
| 0 | 4 |
| 5 This program is free software; you can redistribute it and/or modify | |
| 6 it under the terms of the GNU General Public License as published by | |
| 7 the Free Software Foundation; either version 2 of the License, or | |
| 8 (at your option) any later version. | |
| 9 | |
| 10 This program is distributed in the hope that it will be useful, | |
| 11 but WITHOUT ANY WARRANTY; without even the implied warranty of | |
| 12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
| 13 GNU General Public License for more details. | |
| 14 | |
| 15 You should have received a copy of the GNU General Public License | |
| 16 along with this program; if not, write to the Free Software | |
| 17 Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. | |
| 18 */ | |
| 19 | |
| 20 #include <pwd.h> | |
| 21 #include <grp.h> | |
| 22 | |
| 15 | 23 #include "masqmail.h" |
| 24 | |
| 0 | 25 /* is there really no function in libc for this? */ |
|
10
26e34ae9a3e3
changed indention and line wrapping to a more consistent style
meillo@marmaro.de
parents:
0
diff
changeset
|
26 gboolean |
|
26e34ae9a3e3
changed indention and line wrapping to a more consistent style
meillo@marmaro.de
parents:
0
diff
changeset
|
27 is_ingroup(uid_t uid, gid_t gid) |
| 0 | 28 { |
|
10
26e34ae9a3e3
changed indention and line wrapping to a more consistent style
meillo@marmaro.de
parents:
0
diff
changeset
|
29 struct group *grent = getgrgid(gid); |
|
84
ffeff2c33799
is_ingroup(): check for the primary group of a user too
meillo@marmaro.de
parents:
15
diff
changeset
|
30 struct passwd *pwent = getpwuid(uid); |
|
ffeff2c33799
is_ingroup(): check for the primary group of a user too
meillo@marmaro.de
parents:
15
diff
changeset
|
31 char *entry; |
|
ffeff2c33799
is_ingroup(): check for the primary group of a user too
meillo@marmaro.de
parents:
15
diff
changeset
|
32 int i = 0; |
| 0 | 33 |
|
84
ffeff2c33799
is_ingroup(): check for the primary group of a user too
meillo@marmaro.de
parents:
15
diff
changeset
|
34 if (!grent) { |
|
ffeff2c33799
is_ingroup(): check for the primary group of a user too
meillo@marmaro.de
parents:
15
diff
changeset
|
35 return FALSE; |
|
ffeff2c33799
is_ingroup(): check for the primary group of a user too
meillo@marmaro.de
parents:
15
diff
changeset
|
36 } |
|
ffeff2c33799
is_ingroup(): check for the primary group of a user too
meillo@marmaro.de
parents:
15
diff
changeset
|
37 if (!pwent) { |
|
ffeff2c33799
is_ingroup(): check for the primary group of a user too
meillo@marmaro.de
parents:
15
diff
changeset
|
38 return FALSE; |
|
ffeff2c33799
is_ingroup(): check for the primary group of a user too
meillo@marmaro.de
parents:
15
diff
changeset
|
39 } |
|
ffeff2c33799
is_ingroup(): check for the primary group of a user too
meillo@marmaro.de
parents:
15
diff
changeset
|
40 /* check primary group */ |
|
ffeff2c33799
is_ingroup(): check for the primary group of a user too
meillo@marmaro.de
parents:
15
diff
changeset
|
41 if (pwent->pw_gid == gid) { |
|
ffeff2c33799
is_ingroup(): check for the primary group of a user too
meillo@marmaro.de
parents:
15
diff
changeset
|
42 return TRUE; |
|
ffeff2c33799
is_ingroup(): check for the primary group of a user too
meillo@marmaro.de
parents:
15
diff
changeset
|
43 } |
|
ffeff2c33799
is_ingroup(): check for the primary group of a user too
meillo@marmaro.de
parents:
15
diff
changeset
|
44 /* check secondary groups */ |
|
ffeff2c33799
is_ingroup(): check for the primary group of a user too
meillo@marmaro.de
parents:
15
diff
changeset
|
45 while ((entry = grent->gr_mem[i++])) { |
|
ffeff2c33799
is_ingroup(): check for the primary group of a user too
meillo@marmaro.de
parents:
15
diff
changeset
|
46 if (strcmp(pwent->pw_name, entry) == 0) |
|
ffeff2c33799
is_ingroup(): check for the primary group of a user too
meillo@marmaro.de
parents:
15
diff
changeset
|
47 return TRUE; |
|
10
26e34ae9a3e3
changed indention and line wrapping to a more consistent style
meillo@marmaro.de
parents:
0
diff
changeset
|
48 } |
|
26e34ae9a3e3
changed indention and line wrapping to a more consistent style
meillo@marmaro.de
parents:
0
diff
changeset
|
49 return FALSE; |
| 0 | 50 } |
| 51 | |
|
10
26e34ae9a3e3
changed indention and line wrapping to a more consistent style
meillo@marmaro.de
parents:
0
diff
changeset
|
52 gboolean |
|
26e34ae9a3e3
changed indention and line wrapping to a more consistent style
meillo@marmaro.de
parents:
0
diff
changeset
|
53 is_privileged_user(uid_t uid) |
| 0 | 54 { |
|
87
3cbcc46c7d49
added a comment on how to make group uucp trusted too
meillo@marmaro.de
parents:
84
diff
changeset
|
55 /* uncomment these lines if you need the `uucp' group to be trusted too |
|
3cbcc46c7d49
added a comment on how to make group uucp trusted too
meillo@marmaro.de
parents:
84
diff
changeset
|
56 struct group* grent = getgrnam("uucp"); |
|
3cbcc46c7d49
added a comment on how to make group uucp trusted too
meillo@marmaro.de
parents:
84
diff
changeset
|
57 |
|
3cbcc46c7d49
added a comment on how to make group uucp trusted too
meillo@marmaro.de
parents:
84
diff
changeset
|
58 if (is_ingroup(uid, grent->gr_gid)) { |
|
3cbcc46c7d49
added a comment on how to make group uucp trusted too
meillo@marmaro.de
parents:
84
diff
changeset
|
59 return TRUE; |
|
3cbcc46c7d49
added a comment on how to make group uucp trusted too
meillo@marmaro.de
parents:
84
diff
changeset
|
60 } |
|
3cbcc46c7d49
added a comment on how to make group uucp trusted too
meillo@marmaro.de
parents:
84
diff
changeset
|
61 */ |
|
3cbcc46c7d49
added a comment on how to make group uucp trusted too
meillo@marmaro.de
parents:
84
diff
changeset
|
62 |
|
10
26e34ae9a3e3
changed indention and line wrapping to a more consistent style
meillo@marmaro.de
parents:
0
diff
changeset
|
63 return (uid == 0) || (uid == conf.mail_uid) || (is_ingroup(uid, conf.mail_gid)); |
| 0 | 64 } |
| 65 | |
|
10
26e34ae9a3e3
changed indention and line wrapping to a more consistent style
meillo@marmaro.de
parents:
0
diff
changeset
|
66 void |
|
26e34ae9a3e3
changed indention and line wrapping to a more consistent style
meillo@marmaro.de
parents:
0
diff
changeset
|
67 set_euidgid(gint uid, gint gid, uid_t * old_uid, gid_t * old_gid) |
| 0 | 68 { |
|
10
26e34ae9a3e3
changed indention and line wrapping to a more consistent style
meillo@marmaro.de
parents:
0
diff
changeset
|
69 if (old_uid) |
|
26e34ae9a3e3
changed indention and line wrapping to a more consistent style
meillo@marmaro.de
parents:
0
diff
changeset
|
70 *old_uid = geteuid(); |
|
26e34ae9a3e3
changed indention and line wrapping to a more consistent style
meillo@marmaro.de
parents:
0
diff
changeset
|
71 if (old_gid) |
|
26e34ae9a3e3
changed indention and line wrapping to a more consistent style
meillo@marmaro.de
parents:
0
diff
changeset
|
72 *old_gid = getegid(); |
| 0 | 73 |
|
10
26e34ae9a3e3
changed indention and line wrapping to a more consistent style
meillo@marmaro.de
parents:
0
diff
changeset
|
74 seteuid(0); |
|
26e34ae9a3e3
changed indention and line wrapping to a more consistent style
meillo@marmaro.de
parents:
0
diff
changeset
|
75 |
|
26e34ae9a3e3
changed indention and line wrapping to a more consistent style
meillo@marmaro.de
parents:
0
diff
changeset
|
76 if (setegid(gid) != 0) { |
|
26e34ae9a3e3
changed indention and line wrapping to a more consistent style
meillo@marmaro.de
parents:
0
diff
changeset
|
77 logwrite(LOG_ALERT, "could not change gid to %d: %s\n", gid, strerror(errno)); |
|
26e34ae9a3e3
changed indention and line wrapping to a more consistent style
meillo@marmaro.de
parents:
0
diff
changeset
|
78 exit(EXIT_FAILURE); |
|
26e34ae9a3e3
changed indention and line wrapping to a more consistent style
meillo@marmaro.de
parents:
0
diff
changeset
|
79 } |
|
26e34ae9a3e3
changed indention and line wrapping to a more consistent style
meillo@marmaro.de
parents:
0
diff
changeset
|
80 if (seteuid(uid) != 0) { |
|
26e34ae9a3e3
changed indention and line wrapping to a more consistent style
meillo@marmaro.de
parents:
0
diff
changeset
|
81 logwrite(LOG_ALERT, "could not change uid to %d: %s\n", uid, strerror(errno)); |
|
26e34ae9a3e3
changed indention and line wrapping to a more consistent style
meillo@marmaro.de
parents:
0
diff
changeset
|
82 exit(EXIT_FAILURE); |
|
26e34ae9a3e3
changed indention and line wrapping to a more consistent style
meillo@marmaro.de
parents:
0
diff
changeset
|
83 } |
| 0 | 84 } |
| 85 | |
|
10
26e34ae9a3e3
changed indention and line wrapping to a more consistent style
meillo@marmaro.de
parents:
0
diff
changeset
|
86 void |
|
26e34ae9a3e3
changed indention and line wrapping to a more consistent style
meillo@marmaro.de
parents:
0
diff
changeset
|
87 set_identity(uid_t old_uid, gchar * task_name) |
| 0 | 88 { |
|
10
26e34ae9a3e3
changed indention and line wrapping to a more consistent style
meillo@marmaro.de
parents:
0
diff
changeset
|
89 if (!conf.run_as_user) { |
|
26e34ae9a3e3
changed indention and line wrapping to a more consistent style
meillo@marmaro.de
parents:
0
diff
changeset
|
90 if (!is_privileged_user(old_uid)) { |
|
26e34ae9a3e3
changed indention and line wrapping to a more consistent style
meillo@marmaro.de
parents:
0
diff
changeset
|
91 fprintf(stderr, "must be root, %s or in group %s for %s.\n", DEF_MAIL_USER, DEF_MAIL_GROUP, task_name); |
|
26e34ae9a3e3
changed indention and line wrapping to a more consistent style
meillo@marmaro.de
parents:
0
diff
changeset
|
92 exit(EXIT_FAILURE); |
|
26e34ae9a3e3
changed indention and line wrapping to a more consistent style
meillo@marmaro.de
parents:
0
diff
changeset
|
93 } |
| 0 | 94 |
|
10
26e34ae9a3e3
changed indention and line wrapping to a more consistent style
meillo@marmaro.de
parents:
0
diff
changeset
|
95 set_euidgid(conf.mail_uid, conf.mail_gid, NULL, NULL); |
|
26e34ae9a3e3
changed indention and line wrapping to a more consistent style
meillo@marmaro.de
parents:
0
diff
changeset
|
96 } |
| 0 | 97 } |