masqmail

annotate src/local.c @ 332:63efd381e27b

refactoring, partly also related to set_euidgid()
author markus schnalke <meillo@marmaro.de>
date Sat, 27 Aug 2011 16:21:17 +0200
parents fc1c6425c024
children 41958685480d
rev   line source
meillo@0 1 /* MasqMail
meillo@0 2 Copyright (C) 1999-2001 Oliver Kurth
meillo@224 3 Copyright (C) 2010 markus schnalke <meillo@marmaro.de>
meillo@0 4
meillo@0 5 This program is free software; you can redistribute it and/or modify
meillo@0 6 it under the terms of the GNU General Public License as published by
meillo@0 7 the Free Software Foundation; either version 2 of the License, or
meillo@0 8 (at your option) any later version.
meillo@0 9
meillo@0 10 This program is distributed in the hope that it will be useful,
meillo@0 11 but WITHOUT ANY WARRANTY; without even the implied warranty of
meillo@0 12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
meillo@0 13 GNU General Public License for more details.
meillo@0 14
meillo@0 15 You should have received a copy of the GNU General Public License
meillo@0 16 along with this program; if not, write to the Free Software
meillo@0 17 Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
meillo@0 18 */
meillo@0 19
meillo@15 20 #include <sys/wait.h>
meillo@169 21 #include <sys/stat.h>
meillo@15 22
meillo@0 23 #include "masqmail.h"
meillo@0 24 #include "peopen.h"
meillo@0 25
meillo@10 26 static void
meillo@10 27 message_stream(FILE * out, message * msg, GList * hdr_list, guint flags)
meillo@0 28 {
meillo@10 29 time_t now = time(NULL);
meillo@10 30 GList *node;
meillo@10 31
meillo@10 32 if (flags & MSGSTR_FROMLINE) {
meillo@10 33 fprintf(out, "From <%s@%s> %s", msg->return_path->local_part, msg->return_path->domain, ctime(&now));
meillo@10 34 }
meillo@10 35
meillo@10 36 foreach(hdr_list, node) {
meillo@10 37 header *hdr = (header *) (node->data);
meillo@10 38 fputs(hdr->header, out);
meillo@10 39 }
meillo@10 40 putc('\n', out);
meillo@10 41 foreach(msg->data_list, node) {
meillo@10 42 /* From hack: */
meillo@10 43 if (flags & MSGSTR_FROMHACK) {
meillo@10 44 if (strncmp(node->data, "From ", 5) == 0)
meillo@10 45 putc('>', out);
meillo@10 46 }
meillo@10 47 fputs(node->data, out);
meillo@10 48 }
meillo@10 49 putc('\n', out);
meillo@0 50 }
meillo@0 51
meillo@10 52 gboolean
meillo@10 53 append_file(message * msg, GList * hdr_list, gchar * user)
meillo@0 54 {
meillo@10 55 struct passwd *pw;
meillo@10 56 gboolean ok = FALSE;
meillo@332 57 uid_t saved_uid = geteuid();
meillo@332 58 gid_t saved_gid = getegid();
meillo@332 59 gboolean uid_ok = TRUE, gid_ok = TRUE;
meillo@332 60 gchar *filename;
meillo@332 61 FILE *out;
meillo@0 62
meillo@10 63 /* headers may be special for a local delivery */
meillo@332 64 if (!hdr_list)
meillo@10 65 hdr_list = msg->hdr_list;
meillo@0 66
meillo@332 67 if (!(pw = getpwnam(user))) {
meillo@10 68 logwrite(LOG_ALERT, "could not find password entry for user %s\n", user);
meillo@10 69 errno = ENOENT; /* getpwnam does not set errno correctly */
meillo@332 70 return FALSE;
meillo@0 71 }
meillo@0 72
meillo@332 73 if (!conf.run_as_user) {
meillo@332 74 uid_ok = (seteuid(0) == 0);
meillo@332 75 if (uid_ok) {
meillo@332 76 gid_ok = (setegid(conf.mail_gid) == 0);
meillo@332 77 uid_ok = (seteuid(pw->pw_uid) == 0);
meillo@332 78 }
meillo@332 79 if (!uid_ok || !gid_ok) {
meillo@332 80 logwrite(LOG_ALERT, "could not set uid or gid for local delivery, uid = %d: %s\n", pw->pw_uid, strerror(errno));
meillo@332 81 return FALSE;
meillo@332 82 }
meillo@332 83 }
meillo@332 84
meillo@332 85 DEBUG(5) debugf("running as euid %d, egid %d\n", geteuid(), getegid());
meillo@332 86
meillo@332 87 filename = g_strdup_printf("%s/%s", conf.mail_dir, user);
meillo@332 88 if (!(out = fopen(filename, "a"))) {
meillo@332 89 logwrite(LOG_ALERT, "could not open file %s: %s\n", filename, strerror(errno));
meillo@332 90 } else {
meillo@332 91 #ifdef USE_LIBLOCKFILE
meillo@332 92 gint err;
meillo@332 93 /* lock file using liblockfile */
meillo@332 94 err = maillock(user, 3);
meillo@332 95 if (err == 0) {
meillo@332 96 #else
meillo@332 97 /* lock file: */
meillo@332 98 struct flock lock;
meillo@332 99 lock.l_type = F_WRLCK;
meillo@332 100 lock.l_whence = SEEK_END;
meillo@332 101 lock.l_start = lock.l_len = 0;
meillo@332 102 if (fcntl(fileno(out), F_SETLK, &lock) != -1) {
meillo@332 103 #endif
meillo@332 104 fchmod(fileno(out), 0600);
meillo@332 105 message_stream(out, msg, hdr_list, MSGSTR_FROMLINE | MSGSTR_FROMHACK);
meillo@332 106 ok = TRUE;
meillo@332 107
meillo@332 108 /* close when still user */
meillo@332 109 fclose(out);
meillo@332 110 #ifdef USE_LIBLOCKFILE
meillo@332 111 mailunlock();
meillo@332 112 #endif
meillo@332 113 } else {
meillo@332 114 fclose(out);
meillo@332 115 #ifdef USE_LIBLOCKFILE
meillo@332 116 DEBUG(3) debugf("could not lock file %s: error %d\n", filename, err);
meillo@332 117 } /* XEmacs indenting convenience... */
meillo@332 118 #else
meillo@332 119 DEBUG(3) debugf("could not lock file %s: %s\n", filename, strerror(errno));
meillo@332 120 }
meillo@332 121 #endif
meillo@332 122 }
meillo@332 123 g_free(filename);
meillo@332 124
meillo@332 125 if (!conf.run_as_user) {
meillo@332 126 uid_ok = (seteuid(0) == 0);
meillo@332 127 if (uid_ok) {
meillo@332 128 gid_ok = (setegid(saved_gid) == 0);
meillo@332 129 uid_ok = (seteuid(saved_uid) == 0);
meillo@332 130 }
meillo@332 131 }
meillo@332 132
meillo@332 133 if (!uid_ok || !gid_ok) {
meillo@332 134 /* FIXME: if this fails we HAVE to exit, because we shall not run
meillo@332 135 with some users id. But we do not return, and so this message
meillo@332 136 will not be finished, so the user will get the message again
meillo@332 137 next time a delivery is attempted... */
meillo@332 138 logwrite(LOG_ALERT, "could not set back uid or gid after local delivery: %s\n", strerror(errno));
meillo@332 139 logwrite(LOG_ALERT, "uid=%d, gid=%d, euid=%d, egid=%d, want = %d, %d\n",
meillo@332 140 getuid(), getgid(), geteuid(), getegid(), saved_uid, saved_gid);
meillo@332 141 logwrite(LOG_ALERT, "In case of trouble, see local.c:append_file() for details.\n", strerror(errno));
meillo@332 142 exit(1);
meillo@332 143 }
meillo@10 144 return ok;
meillo@0 145 }
meillo@0 146
meillo@0 147 gboolean
meillo@10 148 pipe_out(message * msg, GList * hdr_list, address * rcpt, gchar * cmd, guint flags)
meillo@0 149 {
meillo@10 150 gchar *envp[40];
meillo@10 151 FILE *out;
meillo@10 152 uid_t saved_uid = geteuid();
meillo@10 153 gid_t saved_gid = getegid();
meillo@10 154 gboolean ok = FALSE;
meillo@10 155 gint i, n;
meillo@10 156 pid_t pid;
meillo@10 157 void (*old_signal) (int);
meillo@10 158 int status;
meillo@332 159 address *ancestor = addr_find_ancestor(rcpt);
meillo@0 160
meillo@10 161 /* set uid and gid to the mail ids */
meillo@10 162 if (!conf.run_as_user) {
meillo@10 163 set_euidgid(conf.mail_uid, conf.mail_gid, &saved_uid, &saved_gid);
meillo@10 164 }
meillo@0 165
meillo@10 166 /* set environment */
meillo@332 167 n = 0;
meillo@332 168 envp[n++] = g_strdup_printf("SENDER=%s@%s", msg->return_path->local_part, msg->return_path->domain);
meillo@332 169 envp[n++] = g_strdup_printf("SENDER_DOMAIN=%s", msg->return_path->domain);
meillo@332 170 envp[n++] = g_strdup_printf("SENDER_LOCAL=%s", msg->return_path->local_part);
meillo@332 171 envp[n++] = g_strdup_printf("RECEIVED_HOST=%s", msg->received_host ? msg->received_host : "");
meillo@0 172
meillo@332 173 envp[n++] = g_strdup_printf("RETURN_PATH=%s@%s", msg->return_path->local_part, msg->return_path->domain);
meillo@332 174 envp[n++] = g_strdup_printf("DOMAIN=%s", ancestor->domain);
meillo@0 175
meillo@332 176 envp[n++] = g_strdup_printf("LOCAL_PART=%s", ancestor->local_part);
meillo@332 177 envp[n++] = g_strdup_printf("USER=%s", ancestor->local_part);
meillo@332 178 envp[n++] = g_strdup_printf("LOGNAME=%s", ancestor->local_part);
meillo@0 179
meillo@332 180 envp[n++] = g_strdup_printf("MESSAGE_ID=%s", msg->uid);
meillo@332 181 envp[n++] = g_strdup_printf("QUALIFY_DOMAIN=%s", conf.host_name);
meillo@0 182
meillo@332 183 envp[n] = NULL;
meillo@0 184
meillo@10 185 old_signal = signal(SIGCHLD, SIG_DFL);
meillo@0 186
meillo@10 187 out = peidopen(cmd, "w", envp, &pid, conf.mail_uid, conf.mail_gid);
meillo@332 188 if (!out) {
meillo@332 189 logwrite(LOG_ALERT, "could not open pipe '%s': %s\n", cmd, strerror(errno));
meillo@332 190 } else {
meillo@10 191 message_stream(out, msg, hdr_list, flags);
meillo@0 192
meillo@10 193 fclose(out);
meillo@0 194
meillo@10 195 waitpid(pid, &status, 0);
meillo@0 196
meillo@10 197 if (WEXITSTATUS(status) != 0) {
meillo@10 198 int exstat = WEXITSTATUS(status);
meillo@10 199 logwrite(LOG_ALERT, "process returned %d (%s)\n", exstat, ext_strerror(1024 + exstat));
meillo@10 200 errno = 1024 + exstat;
meillo@10 201 } else if (WIFSIGNALED(status)) {
meillo@10 202 logwrite(LOG_ALERT, "process got signal %d\n", WTERMSIG(status));
meillo@10 203 } else
meillo@10 204 ok = TRUE;
meillo@0 205
meillo@332 206 }
meillo@0 207
meillo@10 208 signal(SIGCHLD, old_signal);
meillo@0 209
meillo@10 210 /* free environment */
meillo@10 211 for (i = 0; i < n; i++) {
meillo@10 212 g_free(envp[i]);
meillo@10 213 }
meillo@0 214
meillo@10 215 /* set uid and gid back */
meillo@10 216 if (!conf.run_as_user) {
meillo@10 217 set_euidgid(saved_uid, saved_gid, NULL, NULL);
meillo@10 218 }
meillo@0 219
meillo@10 220 return ok;
meillo@0 221 }