diff options
Diffstat (limited to 'lib')
-rw-r--r-- | lib/Makefile.am | 17 | ||||
-rw-r--r-- | lib/config.c | 115 | ||||
-rw-r--r-- | lib/intprops.h | 79 | ||||
-rw-r--r-- | lib/libpies.h | 45 | ||||
-rw-r--r-- | lib/nls.c | 11 | ||||
-rw-r--r-- | lib/parsetime.c | 6 | ||||
-rw-r--r-- | lib/proctitle.c | 10 | ||||
-rw-r--r-- | lib/userprivs.c | 291 |
8 files changed, 40 insertions, 534 deletions
diff --git a/lib/Makefile.am b/lib/Makefile.am index f83e7e3..a3ffed2 100644 --- a/lib/Makefile.am +++ b/lib/Makefile.am @@ -1,31 +1,30 @@ -# This file is part of Mailfromd. +# This file is part of Pies. # Copyright (C) 2005, 2006, 2007, 2008 Sergey Poznyakoff # -# This program is free software; you can redistribute it and/or modify +# Pies is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 3, or (at your option) # any later version. # -# This program is distributed in the hope that it will be useful, +# Pies is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License -# along with this program. If not, see <http://www.gnu.org/licenses/>. +# along with Pies. If not, see <http://www.gnu.org/licenses/>. */ -noinst_LIBRARIES=libmf.a +noinst_LIBRARIES=libpies.a noinst_HEADERS = libpies.h -libmf_a_SOURCES=\ - config.c\ +libpies_a_SOURCES=\ nls.c\ parsetime.c\ proctitle.c\ - userprivs.c + strtotok.c -libmf_a_LIBADD=$(LIBOBJS) +libpies_a_LIBADD=$(LIBOBJS) INCLUDES = -I$(top_srcdir)/gnu -I../gnu diff --git a/lib/config.c b/lib/config.c deleted file mode 100644 index 8fcb926..0000000 --- a/lib/config.c +++ /dev/null @@ -1,115 +0,0 @@ -/* This file is part of Pies. - Copyright (C) 2007, 2008, 2009 Sergey Poznyakoff - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3, or (at your option) - any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. */ - -#ifdef HAVE_CONFIG_H -# include <config.h> -#endif - -#include <libpies.h> - - -char ** -config_array_to_argv (mu_config_value_t *val, mu_debug_t debug) -{ - int i, j; - int argc; - char **argv; - - argc = val->v.arg.c; - argv = xcalloc (argc + 1, sizeof (argv[0])); - for (i = j = 0; i < argc; i++) - { - if (mu_cfg_assert_value_type (&val->v.arg.v[i], MU_CFG_STRING, - debug) == 0) - argv[j++] = xstrdup (val->v.arg.v[i].v.string); - } - argv[j] = NULL; - return argv; -} - -char * -config_array_to_string (mu_config_value_t *val, mu_debug_t debug) -{ - size_t len = 0; - int i; - char *str, *p; - - for (i = 0; i < val->v.arg.c; i++) - { - if (mu_cfg_assert_value_type (&val->v.arg.v[i], MU_CFG_STRING, debug)) - return NULL; - len += strlen (val->v.arg.v[i].v.string) + 1; - } - - str = xmalloc (len); - p = str; - for (i = 0; i < val->v.arg.c; i++) - { - size_t n = strlen (val->v.arg.v[i].v.string); - memcpy (p, val->v.arg.v[i].v.string, n); - p += n; - *p++ = ' '; - } - str[len-1] = 0; - return str; -} - - -int -config_cb_timeout (struct timeval *pt, mu_debug_t debug, - mu_config_value_t *val) -{ - int rc; - const char *endp; - time_t t; - const char *str; - char *alloc_str = NULL; - - switch (val->type) - { - case MU_CFG_STRING: - str = val->v.string; - break; - - case MU_CFG_ARRAY: - str = alloc_str = config_array_to_string (val, debug); - if (!str) - return 1; - break; - - case MU_CFG_LIST: - mu_cfg_format_error (debug, MU_DEBUG_ERROR, - _("unexpected list")); - return 1; - } - - rc = parse_time_interval (str, &t, &endp); - if (rc) - mu_cfg_format_error (debug, MU_DEBUG_ERROR, - _("unrecognized time format (near `%s')"), - endp); - else - { - pt->tv_usec = 0; - pt->tv_sec = t; - } - free (alloc_str); - return 0; -} - - - - diff --git a/lib/intprops.h b/lib/intprops.h deleted file mode 100644 index 7db55e9..0000000 --- a/lib/intprops.h +++ /dev/null @@ -1,79 +0,0 @@ -/* intprops.h -- properties of integer types - - Copyright (C) 2001, 2002, 2003, 2004, 2005, - 2007 Free Software Foundation, Inc. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3, or (at your option) - any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software Foundation, - Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ - -/* Written by Paul Eggert. */ - -#include <limits.h> - -/* The extra casts in the following macros work around compiler bugs, - e.g., in Cray C 5.0.3.0. */ - -/* True if the arithmetic type T is an integer type. bool counts as - an integer. */ -#define TYPE_IS_INTEGER(t) ((t) 1.5 == 1) - -/* True if negative values of the signed integer type T use two's - complement, ones' complement, or signed magnitude representation, - respectively. Much GNU code assumes two's complement, but some - people like to be portable to all possible C hosts. */ -#define TYPE_TWOS_COMPLEMENT(t) ((t) ~ (t) 0 == (t) -1) -#define TYPE_ONES_COMPLEMENT(t) ((t) ~ (t) 0 == 0) -#define TYPE_SIGNED_MAGNITUDE(t) ((t) ~ (t) 0 < (t) -1) - -/* True if the arithmetic type T is signed. */ -#define TYPE_SIGNED(t) (! ((t) 0 < (t) -1)) - -/* The maximum and minimum values for the integer type T. These - macros have undefined behavior if T is signed and has padding bits. - If this is a problem for you, please let us know how to fix it for - your host. */ -#define TYPE_MINIMUM(t) \ - ((t) (! TYPE_SIGNED (t) \ - ? (t) 0 \ - : TYPE_SIGNED_MAGNITUDE (t) \ - ? ~ (t) 0 \ - : ~ (t) 0 << (sizeof (t) * CHAR_BIT - 1))) -#define TYPE_MAXIMUM(t) \ - ((t) (! TYPE_SIGNED (t) \ - ? (t) -1 \ - : ~ (~ (t) 0 << (sizeof (t) * CHAR_BIT - 1)))) - -/* Return zero if T can be determined to be an unsigned type. - Otherwise, return 1. - When compiling with GCC, INT_STRLEN_BOUND uses this macro to obtain a - tighter bound. Otherwise, it overestimates the true bound by one byte - when applied to unsigned types of size 2, 4, 16, ... bytes. - The symbol signed_type_or_expr__ is private to this header file. */ -#if __GNUC__ >= 2 -# define signed_type_or_expr__(t) TYPE_SIGNED (__typeof__ (t)) -#else -# define signed_type_or_expr__(t) 1 -#endif - -/* Bound on length of the string representing an integer type or expression T. - Subtract 1 for the sign bit if T is signed; log10 (2.0) < 146/485; - add 1 for integer division truncation; add 1 more for a minus sign - if needed. */ -#define INT_STRLEN_BOUND(t) \ - ((sizeof (t) * CHAR_BIT - signed_type_or_expr__ (t)) * 146 / 485 \ - + signed_type_or_expr__ (t) + 1) - -/* Bound on buffer size needed to represent an integer type or expression T, - including the terminating null. */ -#define INT_BUFSIZE_BOUND(t) (INT_STRLEN_BOUND (t) + 1) diff --git a/lib/libpies.h b/lib/libpies.h index 4733c63..7822595 100644 --- a/lib/libpies.h +++ b/lib/libpies.h @@ -1,24 +1,22 @@ /* This file is part of Pies. Copyright (C) 2009 Sergey Poznyakoff - This program is free software; you can redistribute it and/or modify + Pies is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3, or (at your option) any later version. - This program is distributed in the hope that it will be useful, + Pies is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. */ + along with Pies. If not, see <http://www.gnu.org/licenses/>. */ #include <unistd.h> #include <stdlib.h> #include <gettext.h> -#include <mailutils/types.h> -#include <mailutils/cfg.h> #define _(String) gettext(String) @@ -41,30 +39,25 @@ void *xcalloc (size_t count, size_t size); char *xstrdup (const char *str); -struct mf_privs -{ - char *user; - int allgroups; - mu_list_t groups; -}; - -int switch_to_privs (uid_t uid, gid_t gid, mu_list_t retain_groups); -int get_user_groups (mu_list_t *pgrouplist, const char *user); - -void mf_priv_setup (struct mf_privs *); -void mf_epriv_setup (struct mf_privs *); - - -char **config_array_to_argv (mu_config_value_t *val, mu_debug_t debug); -char *config_array_to_string (mu_config_value_t *val, mu_debug_t debug); - -int config_cb_timeout (struct timeval *pt, mu_debug_t debug, - mu_config_value_t *val); - - void mf_proctitle_init (int argc, char *argv[], char *env[]); void mf_proctitle_format (const char *fmt, ...); size_t longtostr (long i, char *buf, size_t size); size_t ulongtostr (unsigned long i, char *buf, size_t size); + + +struct tokendef +{ + char *name; + int tok; +}; + +int strtotok_len (struct tokendef *tab, const char *str, size_t len, + int *pres); +int strtotok_len_ci (struct tokendef *tab, const char *str, size_t len, + int *pres); +int strtotok (struct tokendef *tab, const char *str, int *pres); +int strtotok_ci (struct tokendef *tab, const char *str, int *pres); +int toktostr (struct tokendef *tab, int tok, const char **pres); + @@ -1,18 +1,18 @@ -/* This file is part of Mailfromd. - Copyright (C) 2007, 2008 Sergey Poznyakoff +/* This file is part of Pies. + Copyright (C) 2009 Sergey Poznyakoff - This program is free software; you can redistribute it and/or modify + Pies is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3, or (at your option) any later version. - This program is distributed in the hope that it will be useful, + Pies is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. */ + along with Pies. If not, see <http://www.gnu.org/licenses/>. */ #ifdef HAVE_CONFIG_H # include <config.h> @@ -25,7 +25,6 @@ void mf_init_nls () { #ifdef ENABLE_NLS - mu_init_nls (); setlocale (LC_ALL, ""); bindtextdomain (PACKAGE, LOCALEDIR); bindtextdomain ("mailfromd", LOCALEDIR); diff --git a/lib/parsetime.c b/lib/parsetime.c index 99d8079..6b74501 100644 --- a/lib/parsetime.c +++ b/lib/parsetime.c @@ -1,18 +1,18 @@ /* This file is part of Pies. Copyright (C) 2007, 2008, 2009 Sergey Poznyakoff - This program is free software; you can redistribute it and/or modify + Pies is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3, or (at your option) any later version. - This program is distributed in the hope that it will be useful, + Pies is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. */ + along with Pies. If not, see <http://www.gnu.org/licenses/>. */ #ifdef HAVE_CONFIG_H # include <config.h> diff --git a/lib/proctitle.c b/lib/proctitle.c index f9ff967..430811c 100644 --- a/lib/proctitle.c +++ b/lib/proctitle.c @@ -1,18 +1,18 @@ -/* This file is part of Mailfromd. - Copyright (C) 2007, 2008 Sergey Poznyakoff +/* This file is part of Pies. + Copyright (C) 2007, 2008, 2009 Sergey Poznyakoff - This program is free software; you can redistribute it and/or modify + Pies is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3, or (at your option) any later version. - This program is distributed in the hope that it will be useful, + Pies is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. */ + along with Pies. If not, see <http://www.gnu.org/licenses/>. */ #ifdef HAVE_CONFIG_H # include <config.h> diff --git a/lib/userprivs.c b/lib/userprivs.c deleted file mode 100644 index 8d13c38..0000000 --- a/lib/userprivs.c +++ /dev/null @@ -1,291 +0,0 @@ -/* This file is part of Mailfromd. - Copyright (C) 2007, 2008 Sergey Poznyakoff - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3, or (at your option) - any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. */ - -#ifdef HAVE_CONFIG_H -# include <config.h> -#endif -#include <stdlib.h> -#include <string.h> -#include <pwd.h> -#include <grp.h> -#include <unistd.h> -#include <mailutils/assoc.h> -#include <mailutils/errno.h> -#include <mailutils/error.h> -#include <mailutils/errno.h> -#include <mailutils/nls.h> -#include <mailutils/list.h> -#include <mailutils/iterator.h> -/* FIXME: */ -#include <sysexits.h> -#include "libpies.h" - -int -get_user_groups (mu_list_t *pgrouplist, const char *user) -{ - int rc; - struct group *gr; - mu_list_t list; - - if (!*pgrouplist) - { - rc = mu_list_create (pgrouplist); - if (rc) - { - mu_error (_("%s: cannot create list: %s"), - "get_user_groups", mu_strerror (rc)); - return rc; - } - } - list = *pgrouplist; - setgrent (); - for (rc = 0; rc == 0 && (gr = getgrent ());) - { - char **p; - for (p = gr->gr_mem; *p; p++) - if (strcmp (*p, user) == 0) - { - /* FIXME: Avoid duplicating gids */ - rc = mu_list_append (list, (void *) gr->gr_gid); - if (rc) - mu_error (_("%s: cannot append to list: %s"), - "get_user_groups", mu_strerror (rc)); - break; - } - } - endgrent (); - return rc; -} - -/* Switch to the given UID/GID */ -int -switch_to_privs (uid_t uid, gid_t gid, mu_list_t retain_groups) -{ - int rc = 0; - gid_t *emptygidset; - size_t size = 1, j = 1; - mu_iterator_t itr; - - if (uid == 0) - { - mu_error (_("Refusing to run as root")); - return 1; - } - - /* Create a list of supplementary groups */ - mu_list_count (retain_groups, &size); - size++; - emptygidset = xmalloc (size * sizeof emptygidset[0]); - emptygidset[0] = gid ? gid : getegid (); - - if (mu_list_get_iterator (retain_groups, &itr) == 0) - { - for (mu_iterator_first (itr); - !mu_iterator_is_done (itr); mu_iterator_next (itr)) - mu_iterator_current (itr, (void **) (emptygidset + j++)); - mu_iterator_destroy (&itr); - } - - /* Reset group permissions */ - if (geteuid () == 0 && setgroups (j, emptygidset)) - { - mu_error (_("setgroups(1, %lu) failed: %s"), - (unsigned long) emptygidset[0], mu_strerror (errno)); - rc = 1; - } - free (emptygidset); - - /* Switch to the user's gid. On some OSes the effective gid must - be reset first */ - -#if defined(HAVE_SETEGID) - if ((rc = setegid (gid)) < 0) - mu_error (_("setegid(%lu) failed: %s"), - (unsigned long) gid, mu_strerror (errno)); -#elif defined(HAVE_SETREGID) - if ((rc = setregid (gid, gid)) < 0) - mu_error (_("setregid(%lu,%lu) failed: %s"), - (unsigned long) gid, (unsigned long) gid, mu_strerror (errno)); -#elif defined(HAVE_SETRESGID) - if ((rc = setresgid (gid, gid, gid)) < 0) - mu_error (_("setresgid(%lu,%lu,%lu) failed: %s"), - (unsigned long) gid, - (unsigned long) gid, (unsigned long) gid, mu_strerror (errno)); -#endif - - if (rc == 0 && gid != 0) - { - if ((rc = setgid (gid)) < 0 && getegid () != gid) - mu_error (_("setgid(%lu) failed: %s"), - (unsigned long) gid, mu_strerror (errno)); - if (rc == 0 && getegid () != gid) - { - mu_error (_("Cannot set effective gid to %lu"), - (unsigned long) gid); - rc = 1; - } - } - - /* Now reset uid */ - if (rc == 0 && uid != 0) - { - uid_t euid; - - if (setuid (uid) - || geteuid () != uid - || (getuid () != uid && (geteuid () == 0 || getuid () == 0))) - { - -#if defined(HAVE_SETREUID) - if (geteuid () != uid) - { - if (setreuid (uid, -1) < 0) - { - mu_error (_("setreuid(%lu,-1) failed: %s"), - (unsigned long) uid, mu_strerror (errno)); - rc = 1; - } - if (setuid (uid) < 0) - { - mu_error (_("second setuid(%lu) failed: %s"), - (unsigned long) uid, mu_strerror (errno)); - rc = 1; - } - } - else -#endif - { - mu_error (_("setuid(%lu) failed: %s"), - (unsigned long) uid, mu_strerror (errno)); - rc = 1; - } - } - - euid = geteuid (); - if (uid != 0 && setuid (0) == 0) - { - mu_error (_("seteuid(0) succeeded when it should not")); - rc = 1; - } - else if (uid != euid && setuid (euid) == 0) - { - mu_error (_("Cannot drop non-root setuid privileges")); - rc = 1; - } - - } - - return rc; -} - - -static int -translate_item (void *item, void *data) -{ - mu_list_t dst = data; - struct group *group = getgrnam (item); - if (!group) - { - mu_error (_("Unknown group: %s"), (char *) item); - return 1; - } - return mu_list_append (dst, (void *) group->gr_gid); -} - -static int -grouplist_translate (mu_list_t * pdst, mu_list_t src) -{ - mu_list_t dst; - int rc; - - if (!src) - return 0; - rc = mu_list_create (&dst); - if (rc) - { - mu_error (_("%s: cannot create list: %s"), - "grouplist_translate", mu_strerror (rc)); - return rc; - } - *pdst = dst; - return mu_list_do (src, translate_item, dst); -} - -void -mf_priv_setup (struct mf_privs *privs) -{ - struct passwd *pw; - mu_list_t grp = NULL; - - if (!privs || !privs->user) - return; - - pw = getpwnam (privs->user); - if (!pw) - { - mu_error (_("No such user: %s"), privs->user); - exit (EX_CONFIG); - } - - grouplist_translate (&grp, privs->groups); - if (privs->allgroups && get_user_groups (&grp, privs->user)) - exit (EX_CONFIG); - if (switch_to_privs (pw->pw_uid, pw->pw_gid, grp)) - exit (EX_SOFTWARE); - mu_list_destroy (&grp); -} - - -void -mf_epriv_setup (struct mf_privs *privs) -{ - uid_t uid; - gid_t gid; - - if (privs) - { - struct passwd *pw; - if (!privs->user) - return; - - pw = getpwnam (privs->user); - if (!pw) - { - mu_error (_("No such user: %s"), privs->user); - exit (EX_CONFIG); - } - uid = pw->pw_uid; - gid = pw->pw_gid; - } - else - { - uid = 0; - gid = 0; - } - - if (setegid (gid)) - { - mu_error (_("Cannot switch to EGID %lu: %s"), - (unsigned long) gid, mu_strerror (errno)); - exit (EX_USAGE); - } - if (seteuid (uid)) - { - mu_error (_("Cannot switch to EUID %lu: %s"), - (unsigned long) uid, mu_strerror (errno)); - exit (EX_USAGE); - } -} |