summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTheo de Raadt <deraadt@cvs.openbsd.org>2004-02-26 08:18:57 +0000
committerTheo de Raadt <deraadt@cvs.openbsd.org>2004-02-26 08:18:57 +0000
commit7f28246c4f0d3653895dab150883eae74ff5b4b5 (patch)
tree5215693d78f2192a0f2afe13a78ed51a16ebbf6a
parent3e2f267d7a634f03b8f16b9601f1d3042f227545 (diff)
paranoia; beck ok
-rw-r--r--libexec/spamd-setup/spamd-setup.c13
-rw-r--r--libexec/spamd/grey.c29
-rw-r--r--libexec/spamd/grey.h4
-rw-r--r--libexec/spamd/sdl.c3
-rw-r--r--libexec/spamd/sdl.h22
-rw-r--r--libexec/spamd/spamd.c17
-rw-r--r--libexec/spamlogd/spamlogd.c9
-rw-r--r--usr.sbin/spamdb/spamdb.c11
8 files changed, 73 insertions, 35 deletions
diff --git a/libexec/spamd-setup/spamd-setup.c b/libexec/spamd-setup/spamd-setup.c
index 924f869625e..3ead7eb5523 100644
--- a/libexec/spamd-setup/spamd-setup.c
+++ b/libexec/spamd-setup/spamd-setup.c
@@ -1,4 +1,5 @@
-/* $OpenBSD: spamd-setup.c,v 1.16 2004/01/21 08:07:41 deraadt Exp $ */
+/* $OpenBSD: spamd-setup.c,v 1.17 2004/02/26 08:18:56 deraadt Exp $ */
+
/*
* Copyright (c) 2003 Bob Beck. All rights reserved.
*
@@ -265,6 +266,8 @@ open_child(char *file, char **argv)
return(-1);
switch (pid = fork()) {
case -1:
+ close(pdes[0]);
+ close(pdes[1]);
return(-1);
case 0:
/* child */
@@ -276,6 +279,7 @@ open_child(char *file, char **argv)
execvp(file, argv);
_exit(1);
}
+
/* parent */
close(pdes[1]);
return(pdes[0]);
@@ -641,6 +645,8 @@ configure_pf(struct cidr **blacklists)
return(-1);
switch (pid = fork()) {
case -1:
+ close(pdes[0]);
+ close(pdes[1]);
return(-1);
case 0:
/* child */
@@ -652,11 +658,14 @@ configure_pf(struct cidr **blacklists)
execvp(PATH_PFCTL, argv);
_exit(1);
}
+
/* parent */
close(pdes[0]);
pf = fdopen(pdes[1], "w");
- if (pf == NULL)
+ if (pf == NULL) {
+ close(pdes[1]);
return(-1);
+ }
}
while (*blacklists != NULL) {
struct cidr *b = *blacklists;
diff --git a/libexec/spamd/grey.c b/libexec/spamd/grey.c
index 3313b6b181c..03f65b8df02 100644
--- a/libexec/spamd/grey.c
+++ b/libexec/spamd/grey.c
@@ -1,3 +1,5 @@
+/* $OpenBSD: grey.c,v 1.3 2004/02/26 08:18:56 deraadt Exp $ */
+
/*
* Copyright (c) 2004 Bob Beck. All rights reserved.
*
@@ -80,11 +82,14 @@ address_valid_v6(const char *a)
return (1);
}
+static char *pargv[11]= {
+ "pfctl", "-p", "/dev/pf", "-q", "-t",
+ "spamd-white", "-T", "replace", "-f" "-", NULL
+};
+
int
configure_pf(char **addrs, int count)
{
- static char *argv[11]= {"pfctl", "-p", "/dev/pf", "-q", "-t",
- "spamd-white", "-T", "replace", "-f" "-", NULL};
FILE *pf = NULL;
int i, pdes[2];
pid_t pid;
@@ -96,7 +101,7 @@ configure_pf(char **addrs, int count)
return(-1);
if (asprintf(&fdpath, "/dev/fd/%d", pfdev) == -1)
return(-1);
- argv[2] = fdpath;
+ pargv[2] = fdpath;
if (pipe(pdes) != 0) {
syslog_r(LOG_INFO, &sdata, "pipe failed (%m)");
free(fdpath);
@@ -106,6 +111,8 @@ configure_pf(char **addrs, int count)
case -1:
syslog_r(LOG_INFO, &sdata, "fork failed (%m)");
free(fdpath);
+ close(pdes[0]);
+ close(pdes[1]);
return(-1);
case 0:
/* child */
@@ -114,7 +121,7 @@ configure_pf(char **addrs, int count)
dup2(pdes[0], STDIN_FILENO);
close(pdes[0]);
}
- execvp(PATH_PFCTL, argv);
+ execvp(PATH_PFCTL, pargv);
syslog_r(LOG_ERR, &sdata, "can't exec %s:%m", PATH_PFCTL);
_exit(1);
}
@@ -127,7 +134,7 @@ configure_pf(char **addrs, int count)
syslog_r(LOG_INFO, &sdata, "fdopen failed (%m)");
return(-1);
}
- for (i = 0; i < count; i++)
+ for (i = 0; i < count; i++)
if (addrs[i] != NULL) {
fprintf(pf, "%s/32\n", addrs[i]);
free(addrs[i]);
@@ -249,10 +256,12 @@ greyscan(char *dbname)
configure_pf(whitelist, whitecount);
db->sync(db, 0);
db->close(db);
+ db = NULL;
return(0);
bad:
db->sync(db, 0);
db->close(db);
+ db = NULL;
return(-1);
}
@@ -261,9 +270,11 @@ greyupdate(char *dbname, char *ip, char *from, char *to)
{
char *key = NULL;
struct gdata gd;
- time_t now = time(NULL);
+ time_t now;
int r;
+ now = time(NULL);
+
/* open with lock, find record, update, close, unlock */
memset(&btreeinfo, 0, sizeof(btreeinfo));
db = dbopen(dbname, O_EXLOCK|O_RDWR, 0600, DB_BTREE, &btreeinfo);
@@ -321,12 +332,14 @@ greyupdate(char *dbname, char *ip, char *from, char *to)
if (debug)
fprintf(stderr, "updated %s\n", key);
}
- db->close(db);
free(key);
+ db->close(db);
+ db = NULL;
return(0);
bad:
free(key);
db->close(db);
+ db = NULL;
return(-1);
}
@@ -349,7 +362,7 @@ greyreader(void)
if (strlen(buf) < 4)
continue;
- switch(state) {
+ switch (state) {
case 0:
if (strncmp(buf, "IP:", 3) != 0)
break;
diff --git a/libexec/spamd/grey.h b/libexec/spamd/grey.h
index 1384f906050..19d2440fe31 100644
--- a/libexec/spamd/grey.h
+++ b/libexec/spamd/grey.h
@@ -1,4 +1,8 @@
+/* $OpenBSD: grey.h,v 1.2 2004/02/26 08:18:56 deraadt Exp $ */
+/*
+ * Where is your damn copyright?
+ */
#define MAX_MAIL 1024 /* how big an email address will we consider */
#define PASSTIME (60 * 30) /* pass after first retry seen after 30 mins */
#define GREYEXP (60 * 60 * 4) /* remove grey entries after 4 hours */
diff --git a/libexec/spamd/sdl.c b/libexec/spamd/sdl.c
index c5b90b0e826..16cf8f6a3f7 100644
--- a/libexec/spamd/sdl.c
+++ b/libexec/spamd/sdl.c
@@ -1,4 +1,5 @@
-/* $OpenBSD: sdl.c,v 1.11 2004/02/26 07:28:55 beck Exp $ */
+/* $OpenBSD: sdl.c,v 1.12 2004/02/26 08:18:56 deraadt Exp $ */
+
/*
* Copyright (c) 2003 Bob Beck. All rights reserved.
*
diff --git a/libexec/spamd/sdl.h b/libexec/spamd/sdl.h
index 795f1cc6795..f54b1d00d25 100644
--- a/libexec/spamd/sdl.h
+++ b/libexec/spamd/sdl.h
@@ -1,4 +1,5 @@
-/* $OpenBSD: sdl.h,v 1.1 2003/03/02 19:22:00 beck Exp $ */
+/* $OpenBSD: sdl.h,v 1.2 2004/02/26 08:18:56 deraadt Exp $ */
+
/*
* Copyright (c) 2003 Bob Beck, Kjell Wooding. All rights reserved.
*
@@ -30,11 +31,10 @@
#include <sys/socket.h>
#include <netinet/ip_ipsp.h>
-/* structs */
-
-struct sdlist { /* spamd source list */
- char *tag; /* sdlist source name */
- char *string; /* Format (451) string with no smtp code or \r\n */
+/* spamd source list */
+struct sdlist {
+ char *tag; /* sdlist source name */
+ char *string; /* Format (451) string with no smtp code or \r\n */
struct sdentry *addrs;
size_t naddrs;
};
@@ -55,17 +55,15 @@ struct sdaddr {
#define addr32 _sda.addr32
};
-struct sdentry { /* spamd netblock (black) list */
+/* spamd netblock (black) list */
+struct sdentry {
struct sdaddr sda;
struct sdaddr sdm;
};
-/* prototypes */
-
extern int sdl_add(char *, char *, char **, int);
-extern struct sdlist **
-sdl_lookup(struct sdlist *head, int af, void * src);
-
+extern struct sdlist **sdl_lookup(struct sdlist *head,
+ int af, void * src);
#endif /* _SDL_H_ */
diff --git a/libexec/spamd/spamd.c b/libexec/spamd/spamd.c
index b2cb5a93ca1..2ece4fef9e0 100644
--- a/libexec/spamd/spamd.c
+++ b/libexec/spamd/spamd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: spamd.c,v 1.53 2004/02/26 07:28:55 beck Exp $ */
+/* $OpenBSD: spamd.c,v 1.54 2004/02/26 08:18:56 deraadt Exp $ */
/*
* Copyright (c) 2002 Theo de Raadt. All rights reserved.
@@ -413,7 +413,8 @@ append_error_string(struct con *cp, size_t off, char *fmt, int af, void *ia)
}
char *
-loglists(struct con *cp) {
+loglists(struct con *cp)
+{
static char matchlists[80];
struct sdlist **matches;
int s = sizeof(matchlists) - 4;
@@ -475,8 +476,10 @@ build_reply(struct con *cp)
}
bad:
/* Out of memory, or no match. give generic reply */
- if (cp->obuf != NULL && cp->obufalloc)
+ if (cp->obuf != NULL && cp->obufalloc) {
free(cp->obuf);
+ cp->obuf = NULL;
+ }
if (cp->blacklists != NULL)
asprintf(&cp->obuf,
"%s-Sorry %s\n"
@@ -687,10 +690,10 @@ nextstate(struct con *cp)
cp->blacklists ? "BLACK" : "GREY",
cp->addr, cp->mail,
cp->rcpt);
- if(debug)
- fprintf(stderr, "(%s) %s: %s -> %s\n",
- cp->blacklists ? "BLACK" : "GREY",
- cp->addr, cp->mail, cp->rcpt);
+ if (debug)
+ fprintf(stderr, "(%s) %s: %s -> %s\n",
+ cp->blacklists ? "BLACK" : "GREY",
+ cp->addr, cp->mail, cp->rcpt);
if (greylist && cp->blacklists == NULL) {
/* send this info to the greylister */
fprintf(grey, "IP:%s\nFR:%s\nTO:%s\n",
diff --git a/libexec/spamlogd/spamlogd.c b/libexec/spamlogd/spamlogd.c
index 23e6057e7b7..f93ed313d9e 100644
--- a/libexec/spamlogd/spamlogd.c
+++ b/libexec/spamlogd/spamlogd.c
@@ -1,3 +1,5 @@
+/* $OpenBSD: spamlogd.c,v 1.2 2004/02/26 08:18:56 deraadt Exp $ */
+
/*
* Copyright (c) 2004 Bob Beck. All rights reserved.
*
@@ -133,10 +135,12 @@ dbupdate(char *dbname, char *ip)
}
db->sync(db, 0);
db->close(db);
+ db = NULL;
return (0);
bad:
db->sync(db, 0);
db->close(db);
+ db = NULL;
return(-1);
}
@@ -144,7 +148,7 @@ static int
usage(void)
{
fprintf(stderr, "usage: spamlogd [-i netif]\n");
- exit(-1);
+ exit(1);
}
char *targv[19] = {
@@ -165,6 +169,8 @@ main(int argc, char **argv)
while ((ch = getopt(argc, argv, "i:")) != -1) {
switch (ch) {
case 'i':
+ if (targv[17]) /* may only set once */
+ usage();
targv[15] = "and";
targv[16] = "on";
targv[17] = optarg;
@@ -197,6 +203,7 @@ main(int argc, char **argv)
}
/* parent */
+ close(p[1]);
f = fdopen(p[0], "r");
if (f == NULL)
err(1, "fdopen");
diff --git a/usr.sbin/spamdb/spamdb.c b/usr.sbin/spamdb/spamdb.c
index 930b131f06a..d0cae7913a9 100644
--- a/usr.sbin/spamdb/spamdb.c
+++ b/usr.sbin/spamdb/spamdb.c
@@ -1,3 +1,5 @@
+/* $OpenBSD: spamdb.c,v 1.2 2004/02/26 08:18:56 deraadt Exp $ */
+
/*
* Copyright (c) 2004 Bob Beck. All rights reserved.
*
@@ -146,15 +148,15 @@ dbupdate(char *dbname, char *ip, int add)
}
db->sync(db, 0);
db->close(db);
+ db = NULL;
return (0);
bad:
db->sync(db, 0);
db->close(db);
+ db = NULL;
return(-1);
}
-
-
int
dblist(char *dbname)
{
@@ -207,21 +209,22 @@ dblist(char *dbname)
}
db->sync(db, 0);
db->close(db);
+ db = NULL;
return(0);
bad:
db->sync(db, 0);
db->close(db);
+ db = NULL;
errx(1, "incorrect db format entry");
/* NOTREACHED */
return(-1);
}
-
static int
usage(void)
{
fprintf(stderr, "usage: spamdb [-a ip] [-d ip]\n");
- exit(-1);
+ exit(1);
}
int