8 files changed, 40 insertions, 534 deletions
diff --git a/lib/Makefile.am b/lib/Makefile.am
index f83e7e3..a3ffed2 100644
--- a/lib/Makefile.am
+++ b/lib/Makefile.am
@@ -1,31 +1,30 @@
-# This file is part of Mailfromd.
+# This file is part of Pies.
 # Copyright (C) 2005, 2006, 2007, 2008 Sergey Poznyakoff
 #
-# This program is free software; you can redistribute it and/or modify
+# Pies is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation; either version 3, or (at your option)
 # any later version.
 #
-# This program is distributed in the hope that it will be useful,
+# Pies is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
-# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+# along with Pies.  If not, see <http://www.gnu.org/licenses/>. */
 
-noinst_LIBRARIES=libmf.a 
+noinst_LIBRARIES=libpies.a 
 
 noinst_HEADERS = libpies.h
 
-libmf_a_SOURCES=\
- config.c\
+libpies_a_SOURCES=\
  nls.c\
  parsetime.c\
  proctitle.c\
- userprivs.c
+ strtotok.c
 
-libmf_a_LIBADD=$(LIBOBJS)
+libpies_a_LIBADD=$(LIBOBJS)
 
 INCLUDES = -I$(top_srcdir)/gnu -I../gnu
 
diff --git a/lib/config.c b/lib/config.c
deleted file mode 100644
index 8fcb926..0000000
--- a/lib/config.c
+++ /dev/null
@@ -1,115 +0,0 @@
-/* This file is part of Pies.
-   Copyright (C) 2007, 2008, 2009 Sergey Poznyakoff
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; either version 3, or (at your option)
-   any later version.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program.  If not, see <http://www.gnu.org/licenses/>. */
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#include <libpies.h>
-
-
-char **
-config_array_to_argv (mu_config_value_t *val, mu_debug_t debug)
-{
-  int i, j;
-  int argc;
-  char **argv;
-  
-  argc = val->v.arg.c;
-  argv = xcalloc (argc + 1, sizeof (argv[0]));
-  for (i = j = 0; i < argc; i++)
-    {
-      if (mu_cfg_assert_value_type (&val->v.arg.v[i], MU_CFG_STRING,
-				    debug) == 0)
-	argv[j++] = xstrdup (val->v.arg.v[i].v.string);
-    }
-  argv[j] = NULL;
-  return argv;
-}
-
-char *
-config_array_to_string (mu_config_value_t *val, mu_debug_t debug)
-{
-  size_t len = 0;
-  int i;
-  char *str, *p;
-
-  for (i = 0; i < val->v.arg.c; i++)
-    {
-      if (mu_cfg_assert_value_type (&val->v.arg.v[i], MU_CFG_STRING, debug))
-	return NULL;
-      len += strlen (val->v.arg.v[i].v.string) + 1;
-    }
-
-  str = xmalloc (len);
-  p = str;
-  for (i = 0; i < val->v.arg.c; i++)
-    {
-      size_t n = strlen (val->v.arg.v[i].v.string);
-      memcpy (p, val->v.arg.v[i].v.string, n);
-      p += n;
-      *p++ = ' ';
-    }
-  str[len-1] = 0;
-  return str;
-}
-
-
-int
-config_cb_timeout (struct timeval *pt, mu_debug_t debug,
-		   mu_config_value_t *val)
-{
-  int rc;
-  const char *endp;
-  time_t t;
-  const char *str;
-  char *alloc_str = NULL;
-  
-  switch (val->type)
-    {
-    case MU_CFG_STRING:
-      str = val->v.string;
-      break;
-
-    case MU_CFG_ARRAY:
-      str = alloc_str = config_array_to_string (val, debug);
-      if (!str)
-	return 1;
-      break;
-
-    case MU_CFG_LIST:
-      mu_cfg_format_error (debug, MU_DEBUG_ERROR,
-			   _("unexpected list"));
-      return 1;
-    }      
-
-  rc = parse_time_interval (str, &t, &endp);
-  if (rc)
-    mu_cfg_format_error (debug, MU_DEBUG_ERROR,
-			 _("unrecognized time format (near `%s')"),
-			 endp);
-  else
-    {
-      pt->tv_usec = 0;
-      pt->tv_sec = t;
-    }
-  free (alloc_str);
-  return 0;
-}
-
-
-
-
diff --git a/lib/intprops.h b/lib/intprops.h
deleted file mode 100644
index 7db55e9..0000000
--- a/lib/intprops.h
+++ /dev/null
@@ -1,79 +0,0 @@
-/* intprops.h -- properties of integer types
-
-   Copyright (C) 2001, 2002, 2003, 2004, 2005, 
-   2007 Free Software Foundation, Inc.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; either version 3, or (at your option)
-   any later version.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; if not, write to the Free Software Foundation,
-   Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.  */
-
-/* Written by Paul Eggert.  */
-
-#include <limits.h>
-
-/* The extra casts in the following macros work around compiler bugs,
-   e.g., in Cray C 5.0.3.0.  */
-
-/* True if the arithmetic type T is an integer type.  bool counts as
-   an integer.  */
-#define TYPE_IS_INTEGER(t) ((t) 1.5 == 1)
-
-/* True if negative values of the signed integer type T use two's
-   complement, ones' complement, or signed magnitude representation,
-   respectively.  Much GNU code assumes two's complement, but some
-   people like to be portable to all possible C hosts.  */
-#define TYPE_TWOS_COMPLEMENT(t) ((t) ~ (t) 0 == (t) -1)
-#define TYPE_ONES_COMPLEMENT(t) ((t) ~ (t) 0 == 0)
-#define TYPE_SIGNED_MAGNITUDE(t) ((t) ~ (t) 0 < (t) -1)
-
-/* True if the arithmetic type T is signed.  */
-#define TYPE_SIGNED(t) (! ((t) 0 < (t) -1))
-
-/* The maximum and minimum values for the integer type T.  These
-   macros have undefined behavior if T is signed and has padding bits.
-   If this is a problem for you, please let us know how to fix it for
-   your host.  */
-#define TYPE_MINIMUM(t) \
-  ((t) (! TYPE_SIGNED (t) \
-	? (t) 0 \
-	: TYPE_SIGNED_MAGNITUDE (t) \
-	? ~ (t) 0 \
-	: ~ (t) 0 << (sizeof (t) * CHAR_BIT - 1)))
-#define TYPE_MAXIMUM(t) \
-  ((t) (! TYPE_SIGNED (t) \
-	? (t) -1 \
-	: ~ (~ (t) 0 << (sizeof (t) * CHAR_BIT - 1))))
-
-/* Return zero if T can be determined to be an unsigned type.
-   Otherwise, return 1.
-   When compiling with GCC, INT_STRLEN_BOUND uses this macro to obtain a
-   tighter bound.  Otherwise, it overestimates the true bound by one byte
-   when applied to unsigned types of size 2, 4, 16, ... bytes.
-   The symbol signed_type_or_expr__ is private to this header file.  */
-#if __GNUC__ >= 2
-# define signed_type_or_expr__(t) TYPE_SIGNED (__typeof__ (t))
-#else
-# define signed_type_or_expr__(t) 1
-#endif
-
-/* Bound on length of the string representing an integer type or expression T.
-   Subtract 1 for the sign bit if T is signed; log10 (2.0) < 146/485;
-   add 1 for integer division truncation; add 1 more for a minus sign
-   if needed.  */
-#define INT_STRLEN_BOUND(t) \
-  ((sizeof (t) * CHAR_BIT - signed_type_or_expr__ (t)) * 146 / 485 \
-   + signed_type_or_expr__ (t) + 1)
-
-/* Bound on buffer size needed to represent an integer type or expression T,
-   including the terminating null.  */
-#define INT_BUFSIZE_BOUND(t) (INT_STRLEN_BOUND (t) + 1)
diff --git a/lib/libpies.h b/lib/libpies.h
index 4733c63..7822595 100644
--- a/lib/libpies.h
+++ b/lib/libpies.h
@@ -1,24 +1,22 @@
 /* This file is part of Pies.
    Copyright (C) 2009 Sergey Poznyakoff
 
-   This program is free software; you can redistribute it and/or modify
+   Pies is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; either version 3, or (at your option)
    any later version.
 
-   This program is distributed in the hope that it will be useful,
+   Pies is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.
 
    You should have received a copy of the GNU General Public License
-   along with this program.  If not, see <http://www.gnu.org/licenses/>. */
+   along with Pies.  If not, see <http://www.gnu.org/licenses/>. */
 
 #include <unistd.h>
 #include <stdlib.h>
 #include <gettext.h>
-#include <mailutils/types.h>
-#include <mailutils/cfg.h>
 
 
 #define _(String) gettext(String)
@@ -41,30 +39,25 @@ void *xcalloc (size_t count, size_t size);
 char *xstrdup (const char *str);
 
 
-struct mf_privs
-{
-  char *user;
-  int allgroups;
-  mu_list_t groups;
-};
-
-int switch_to_privs (uid_t uid, gid_t gid, mu_list_t retain_groups);
-int get_user_groups (mu_list_t *pgrouplist, const char *user);
-
-void mf_priv_setup (struct mf_privs *);
-void mf_epriv_setup (struct mf_privs *);
-
-
-char **config_array_to_argv (mu_config_value_t *val, mu_debug_t debug);
-char *config_array_to_string (mu_config_value_t *val, mu_debug_t debug);
-
-int config_cb_timeout (struct timeval *pt, mu_debug_t debug,
-		       mu_config_value_t *val);
-
-
 void mf_proctitle_init (int argc, char *argv[], char *env[]);
 void mf_proctitle_format (const char *fmt, ...);
 
 
 size_t longtostr (long i, char *buf, size_t size);
 size_t ulongtostr (unsigned long i, char *buf, size_t size);
+
+
+struct tokendef
+{
+  char *name;
+  int tok;
+};
+
+int strtotok_len (struct tokendef *tab, const char *str, size_t len,
+		  int *pres);
+int strtotok_len_ci (struct tokendef *tab, const char *str, size_t len,
+		     int *pres);
+int strtotok (struct tokendef *tab, const char *str, int *pres);
+int strtotok_ci (struct tokendef *tab, const char *str, int *pres);
+int toktostr (struct tokendef *tab, int tok, const char **pres);
+
diff --git a/lib/nls.c b/lib/nls.c
index f2b067e..b42192f 100644
--- a/lib/nls.c
+++ b/lib/nls.c
@@ -1,18 +1,18 @@
-/* This file is part of Mailfromd.
-   Copyright (C) 2007, 2008 Sergey Poznyakoff
+/* This file is part of Pies.
+   Copyright (C) 2009 Sergey Poznyakoff
 
-   This program is free software; you can redistribute it and/or modify
+   Pies is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; either version 3, or (at your option)
    any later version.
 
-   This program is distributed in the hope that it will be useful,
+   Pies is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.
 
    You should have received a copy of the GNU General Public License
-   along with this program.  If not, see <http://www.gnu.org/licenses/>. */
+   along with Pies.  If not, see <http://www.gnu.org/licenses/>. */
 
 #ifdef HAVE_CONFIG_H
 # include <config.h>
@@ -25,7 +25,6 @@ void
 mf_init_nls ()
 {
 #ifdef ENABLE_NLS
-	mu_init_nls ();
 	setlocale (LC_ALL, "");
 	bindtextdomain (PACKAGE, LOCALEDIR);
 	bindtextdomain ("mailfromd", LOCALEDIR);
diff --git a/lib/parsetime.c b/lib/parsetime.c
index 99d8079..6b74501 100644
--- a/lib/parsetime.c
+++ b/lib/parsetime.c
@@ -1,18 +1,18 @@
 /* This file is part of Pies.
    Copyright (C) 2007, 2008, 2009 Sergey Poznyakoff
 
-   This program is free software; you can redistribute it and/or modify
+   Pies is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; either version 3, or (at your option)
    any later version.
 
-   This program is distributed in the hope that it will be useful,
+   Pies is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.
 
    You should have received a copy of the GNU General Public License
-   along with this program.  If not, see <http://www.gnu.org/licenses/>. */
+   along with Pies.  If not, see <http://www.gnu.org/licenses/>. */
 
 #ifdef HAVE_CONFIG_H
 # include <config.h>
diff --git a/lib/proctitle.c b/lib/proctitle.c
index f9ff967..430811c 100644
--- a/lib/proctitle.c
+++ b/lib/proctitle.c
@@ -1,18 +1,18 @@
-/* This file is part of Mailfromd.
-   Copyright (C) 2007, 2008 Sergey Poznyakoff
+/* This file is part of Pies.
+   Copyright (C) 2007, 2008, 2009 Sergey Poznyakoff
 
-   This program is free software; you can redistribute it and/or modify
+   Pies is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; either version 3, or (at your option)
    any later version.
 
-   This program is distributed in the hope that it will be useful,
+   Pies is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.
 
    You should have received a copy of the GNU General Public License
-   along with this program.  If not, see <http://www.gnu.org/licenses/>. */
+   along with Pies.  If not, see <http://www.gnu.org/licenses/>. */
 
 #ifdef HAVE_CONFIG_H
 # include <config.h>
diff --git a/lib/userprivs.c b/lib/userprivs.c
deleted file mode 100644
index 8d13c38..0000000
--- a/lib/userprivs.c
+++ /dev/null
@@ -1,291 +0,0 @@
-/* This file is part of Mailfromd.
-   Copyright (C) 2007, 2008 Sergey Poznyakoff
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; either version 3, or (at your option)
-   any later version.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program.  If not, see <http://www.gnu.org/licenses/>. */
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-#include <stdlib.h>
-#include <string.h>
-#include <pwd.h>
-#include <grp.h>
-#include <unistd.h>
-#include <mailutils/assoc.h>
-#include <mailutils/errno.h>
-#include <mailutils/error.h>
-#include <mailutils/errno.h>
-#include <mailutils/nls.h>
-#include <mailutils/list.h>
-#include <mailutils/iterator.h>
-/* FIXME: */
-#include <sysexits.h>
-#include "libpies.h"
-
-int
-get_user_groups (mu_list_t *pgrouplist, const char *user)
-{
-  int rc;
-  struct group *gr;
-  mu_list_t list;
-
-  if (!*pgrouplist)
-    {
-      rc = mu_list_create (pgrouplist);
-      if (rc)
-	{
-	  mu_error (_("%s: cannot create list: %s"),
-		    "get_user_groups", mu_strerror (rc));
-	  return rc;
-	}
-    }
-  list = *pgrouplist;
-  setgrent ();
-  for (rc = 0; rc == 0 && (gr = getgrent ());)
-    {
-      char **p;
-      for (p = gr->gr_mem; *p; p++)
-	if (strcmp (*p, user) == 0)
-	  {
-	    /* FIXME: Avoid duplicating gids */
-	    rc = mu_list_append (list, (void *) gr->gr_gid);
-	    if (rc)
-	      mu_error (_("%s: cannot append to list: %s"),
-			"get_user_groups", mu_strerror (rc));
-	    break;
-	  }
-    }
-  endgrent ();
-  return rc;
-}
-
-/* Switch to the given UID/GID */
-int
-switch_to_privs (uid_t uid, gid_t gid, mu_list_t retain_groups)
-{
-  int rc = 0;
-  gid_t *emptygidset;
-  size_t size = 1, j = 1;
-  mu_iterator_t itr;
-
-  if (uid == 0)
-    {
-      mu_error (_("Refusing to run as root"));
-      return 1;
-    }
-
-  /* Create a list of supplementary groups */
-  mu_list_count (retain_groups, &size);
-  size++;
-  emptygidset = xmalloc (size * sizeof emptygidset[0]);
-  emptygidset[0] = gid ? gid : getegid ();
-
-  if (mu_list_get_iterator (retain_groups, &itr) == 0)
-    {
-      for (mu_iterator_first (itr);
-	   !mu_iterator_is_done (itr); mu_iterator_next (itr))
-	mu_iterator_current (itr, (void **) (emptygidset + j++));
-      mu_iterator_destroy (&itr);
-    }
-
-  /* Reset group permissions */
-  if (geteuid () == 0 && setgroups (j, emptygidset))
-    {
-      mu_error (_("setgroups(1, %lu) failed: %s"),
-		(unsigned long) emptygidset[0], mu_strerror (errno));
-      rc = 1;
-    }
-  free (emptygidset);
-
-  /* Switch to the user's gid. On some OSes the effective gid must
-     be reset first */
-
-#if defined(HAVE_SETEGID)
-  if ((rc = setegid (gid)) < 0)
-    mu_error (_("setegid(%lu) failed: %s"),
-	      (unsigned long) gid, mu_strerror (errno));
-#elif defined(HAVE_SETREGID)
-  if ((rc = setregid (gid, gid)) < 0)
-    mu_error (_("setregid(%lu,%lu) failed: %s"),
-	      (unsigned long) gid, (unsigned long) gid, mu_strerror (errno));
-#elif defined(HAVE_SETRESGID)
-  if ((rc = setresgid (gid, gid, gid)) < 0)
-    mu_error (_("setresgid(%lu,%lu,%lu) failed: %s"),
-	      (unsigned long) gid,
-	      (unsigned long) gid, (unsigned long) gid, mu_strerror (errno));
-#endif
-
-  if (rc == 0 && gid != 0)
-    {
-      if ((rc = setgid (gid)) < 0 && getegid () != gid)
-	mu_error (_("setgid(%lu) failed: %s"),
-		  (unsigned long) gid, mu_strerror (errno));
-      if (rc == 0 && getegid () != gid)
-	{
-	  mu_error (_("Cannot set effective gid to %lu"),
-		    (unsigned long) gid);
-	  rc = 1;
-	}
-    }
-
-  /* Now reset uid */
-  if (rc == 0 && uid != 0)
-    {
-      uid_t euid;
-
-      if (setuid (uid)
-	  || geteuid () != uid
-	  || (getuid () != uid && (geteuid () == 0 || getuid () == 0)))
-	{
-
-#if defined(HAVE_SETREUID)
-	  if (geteuid () != uid)
-	    {
-	      if (setreuid (uid, -1) < 0)
-		{
-		  mu_error (_("setreuid(%lu,-1) failed: %s"),
-			    (unsigned long) uid, mu_strerror (errno));
-		  rc = 1;
-		}
-	      if (setuid (uid) < 0)
-		{
-		  mu_error (_("second setuid(%lu) failed: %s"),
-			    (unsigned long) uid, mu_strerror (errno));
-		  rc = 1;
-		}
-	    }
-	  else
-#endif
-	    {
-	      mu_error (_("setuid(%lu) failed: %s"),
-			(unsigned long) uid, mu_strerror (errno));
-	      rc = 1;
-	    }
-	}
-
-      euid = geteuid ();
-      if (uid != 0 && setuid (0) == 0)
-	{
-	  mu_error (_("seteuid(0) succeeded when it should not"));
-	  rc = 1;
-	}
-      else if (uid != euid && setuid (euid) == 0)
-	{
-	  mu_error (_("Cannot drop non-root setuid privileges"));
-	  rc = 1;
-	}
-
-    }
-
-  return rc;
-}
-
-
-static int
-translate_item (void *item, void *data)
-{
-  mu_list_t dst = data;
-  struct group *group = getgrnam (item);
-  if (!group)
-    {
-      mu_error (_("Unknown group: %s"), (char *) item);
-      return 1;
-    }
-  return mu_list_append (dst, (void *) group->gr_gid);
-}
-
-static int
-grouplist_translate (mu_list_t * pdst, mu_list_t src)
-{
-  mu_list_t dst;
-  int rc;
-
-  if (!src)
-    return 0;
-  rc = mu_list_create (&dst);
-  if (rc)
-    {
-      mu_error (_("%s: cannot create list: %s"),
-		"grouplist_translate", mu_strerror (rc));
-      return rc;
-    }
-  *pdst = dst;
-  return mu_list_do (src, translate_item, dst);
-}
-
-void
-mf_priv_setup (struct mf_privs *privs)
-{
-  struct passwd *pw;
-  mu_list_t grp = NULL;
-
-  if (!privs || !privs->user)
-    return;
-
-  pw = getpwnam (privs->user);
-  if (!pw)
-    {
-      mu_error (_("No such user: %s"), privs->user);
-      exit (EX_CONFIG);
-    }
-
-  grouplist_translate (&grp, privs->groups);
-  if (privs->allgroups && get_user_groups (&grp, privs->user))
-    exit (EX_CONFIG);
-  if (switch_to_privs (pw->pw_uid, pw->pw_gid, grp))
-    exit (EX_SOFTWARE);
-  mu_list_destroy (&grp);
-}
-
-
-void
-mf_epriv_setup (struct mf_privs *privs)
-{
-  uid_t uid;
-  gid_t gid;
-
-  if (privs)
-    {
-      struct passwd *pw;
-      if (!privs->user)
-	return;
-
-      pw = getpwnam (privs->user);
-      if (!pw)
-	{
-	  mu_error (_("No such user: %s"), privs->user);
-	  exit (EX_CONFIG);
-	}
-      uid = pw->pw_uid;
-      gid = pw->pw_gid;
-    }
-  else
-    {
-      uid = 0;
-      gid = 0;
-    }
-
-  if (setegid (gid))
-    {
-      mu_error (_("Cannot switch to EGID %lu: %s"),
-		(unsigned long) gid, mu_strerror (errno));
-      exit (EX_USAGE);
-    }
-  if (seteuid (uid))
-    {
-      mu_error (_("Cannot switch to EUID %lu: %s"),
-		(unsigned long) uid, mu_strerror (errno));
-      exit (EX_USAGE);
-    }
-}