masqmail

annotate src/online.c @ 331:e507c854a63e

Security fix! Correct handling of seteuid() return value See Debian bug #638002, reported by John Lightsey. When possible the (already available) set_euidgid() function is used. Additionally, it is unnecessary to change the identity when writing into an already open file descriptor. This should fix the problem.
author markus schnalke <meillo@marmaro.de>
date Sat, 27 Aug 2011 16:19:07 +0200
parents 1aa107c6b1e5
children 41958685480d
rev   line source
meillo@0 1 /* MasqMail
meillo@0 2 Copyright (C) 1999-2001 Oliver Kurth
meillo@279 3 Copyright (C) 2008, 2010 markus schnalke <meillo@marmaro.de>
meillo@0 4
meillo@0 5 This program is free software; you can redistribute it and/or modify
meillo@0 6 it under the terms of the GNU General Public License as published by
meillo@0 7 the Free Software Foundation; either version 2 of the License, or
meillo@0 8 (at your option) any later version.
meillo@0 9
meillo@0 10 This program is distributed in the hope that it will be useful,
meillo@0 11 but WITHOUT ANY WARRANTY; without even the implied warranty of
meillo@0 12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
meillo@0 13 GNU General Public License for more details.
meillo@0 14
meillo@0 15 You should have received a copy of the GNU General Public License
meillo@0 16 along with this program; if not, write to the Free Software
meillo@0 17 Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
meillo@0 18 */
meillo@0 19
meillo@0 20 #include <sys/wait.h>
meillo@15 21
meillo@0 22 #include "masqmail.h"
meillo@0 23 #include "peopen.h"
meillo@0 24
meillo@0 25
meillo@310 26 gchar*
meillo@310 27 online_query()
meillo@0 28 {
meillo@310 29 gchar* pipe = conf.online_query;
meillo@10 30 pid_t pid;
meillo@10 31 void (*old_signal) (int);
meillo@10 32 int status;
meillo@10 33 FILE *in;
meillo@10 34 gchar *name = NULL;
meillo@0 35
meillo@310 36 if (!conf.online_query) {
meillo@310 37 return NULL;
meillo@310 38 }
meillo@310 39 DEBUG(3) debugf("online query `%s'\n", pipe);
meillo@310 40
meillo@10 41 old_signal = signal(SIGCHLD, SIG_DFL);
meillo@0 42
meillo@10 43 in = peopen(pipe, "r", environ, &pid);
meillo@310 44 if (!in) {
meillo@33 45 logwrite(LOG_ALERT, "could not open pipe '%s': %s\n", pipe, strerror(errno));
meillo@33 46 signal(SIGCHLD, old_signal);
meillo@33 47 return NULL;
meillo@33 48 }
meillo@33 49
meillo@33 50 gchar output[256];
meillo@33 51 if (fgets(output, 255, in)) {
meillo@33 52 g_strchomp(g_strchug(output));
meillo@33 53 if (strlen(output) == 0) {
meillo@33 54 logwrite(LOG_ALERT, "only whitespace connection name\n");
meillo@33 55 name = NULL;
meillo@18 56 } else {
meillo@33 57 name = g_strdup(output);
meillo@10 58 }
meillo@33 59 } else {
meillo@33 60 logwrite(LOG_ALERT, "nothing read from pipe %s\n", pipe);
meillo@33 61 name = NULL;
meillo@33 62 }
meillo@33 63 fclose(in);
meillo@33 64 waitpid(pid, &status, 0);
meillo@262 65 if (WEXITSTATUS(status) != 0) {
meillo@33 66 g_free(name);
meillo@33 67 name = NULL;
meillo@33 68 }
meillo@0 69
meillo@10 70 signal(SIGCHLD, old_signal);
meillo@0 71
meillo@10 72 return name;
meillo@0 73 }