summaryrefslogtreecommitdiff
path: root/usr.sbin/sendmail/makemap/makemap.c
diff options
context:
space:
mode:
authorTodd C. Miller <millert@cvs.openbsd.org>1998-07-12 19:45:31 +0000
committerTodd C. Miller <millert@cvs.openbsd.org>1998-07-12 19:45:31 +0000
commit857bc3bf0927ceb9764dccd2b26e78a5c1ed9549 (patch)
tree998c29a21ce92fed5686978e921118afd4a0968c /usr.sbin/sendmail/makemap/makemap.c
parent2d68808cfff780677255e0f5b7ef0be71a0d9800 (diff)
something hosed the sendmail import; fix up by hand
Diffstat (limited to 'usr.sbin/sendmail/makemap/makemap.c')
-rw-r--r--usr.sbin/sendmail/makemap/makemap.c364
1 files changed, 286 insertions, 78 deletions
diff --git a/usr.sbin/sendmail/makemap/makemap.c b/usr.sbin/sendmail/makemap/makemap.c
index 3a04a0b6cd5..53b5865606a 100644
--- a/usr.sbin/sendmail/makemap/makemap.c
+++ b/usr.sbin/sendmail/makemap/makemap.c
@@ -1,39 +1,17 @@
/*
- * Copyright (c) 1992 Eric P. Allman.
+ * Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+ * Copyright (c) 1992 Eric P. Allman. All rights reserved.
* Copyright (c) 1992, 1993
* The Regents of the University of California. All rights reserved.
*
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
+ * By using this file, you agree to the terms and conditions set
+ * forth in the LICENSE file which can be found at the top level of
+ * the sendmail distribution.
*
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
*/
#ifndef lint
-static char sccsid[] = "@(#)makemap.c 8.38 (Berkeley) 9/23/97";
+static char sccsid[] = "@(#)makemap.c 8.62 (Berkeley) 6/24/98";
#endif /* not lint */
#include <sys/types.h>
@@ -42,13 +20,17 @@ static char sccsid[] = "@(#)makemap.c 8.38 (Berkeley) 9/23/97";
# include <sys/file.h>
#endif
#include "sendmail.h"
+#include "pathnames.h"
#ifdef NDBM
-#include <ndbm.h>
+# include <ndbm.h>
#endif
#ifdef NEWDB
-#include <db.h>
+# include <db.h>
+# ifndef DB_VERSION_MAJOR
+# define DB_VERSION_MAJOR 1
+# endif
#endif
enum type { T_DBM, T_BTREE, T_HASH, T_ERR, T_UNKNOWN };
@@ -76,23 +58,25 @@ uid_t RunAsGid;
char *RunAsUserName;
int Verbose = 2;
bool DontInitGroups = TRUE;
-bool UnsafeGroupWrites = FALSE;
+long DontBlameSendmail = DBS_SAFE;
u_char tTdvect[100];
+uid_t TrustedFileUid = 0;
#define BUFSIZE 1024
+int
main(argc, argv)
int argc;
char **argv;
{
char *progname;
+ char *cfile;
bool inclnull = FALSE;
bool notrunc = FALSE;
bool allowreplace = FALSE;
bool allowdups = FALSE;
bool verbose = FALSE;
bool foldcase = TRUE;
- bool ignoresafeties = FALSE;
int exitstat;
int opt;
char *typename;
@@ -105,6 +89,8 @@ main(argc, argv)
long dbcachesize = 1024 * 1024;
enum type type;
int fd;
+ int sff = SFF_ROOTOK|SFF_REGONLY;
+ struct passwd *pw;
union
{
#ifdef NDBM
@@ -117,22 +103,33 @@ main(argc, argv)
} dbp;
union dbent key, val;
#ifdef NEWDB
+# if DB_VERSION_MAJOR < 2
BTREEINFO bti;
HASHINFO hinfo;
+# else
+ DB_INFO dbinfo;
+# endif
#endif
char ibuf[BUFSIZE];
char fbuf[MAXNAME];
char dbuf[MAXNAME];
+#ifdef NDBM
char pbuf[MAXNAME];
+#endif
+#if _FFR_TRUSTED_FILE_OWNER
+ FILE *cfp;
+ char buf[MAXLINE];
+#endif
static char rnamebuf[MAXNAME]; /* holds RealUserName */
- struct passwd *pw;
- int sff = SFF_ROOTOK|SFF_REGONLY|SFF_NOLINK|SFF_NOWLINK;
- struct stat std, stp;
+ struct stat std;
+#ifdef NDBM
+ struct stat stp;
+#endif
extern char *optarg;
extern int optind;
- extern bool lockfile();
progname = argv[0];
+ cfile = _PATH_SENDMAILCF;
RunAsUid = RealUid = getuid();
RunAsGid = RealGid = getgid();
@@ -144,18 +141,22 @@ main(argc, argv)
sprintf(rnamebuf, "%s", pw->pw_name);
}
else
- sprintf(rnamebuf, "Unknown UID %d", RealUid);
+ sprintf(rnamebuf, "Unknown UID %d", (int) RealUid);
RunAsUserName = RealUserName = rnamebuf;
#if _FFR_NEW_MAKEMAP_FLAGS
-#define OPTIONS "Nc:dforsv"
+#define OPTIONS "C:Nc:dforsv"
#else
-#define OPTIONS "Ndforv"
+#define OPTIONS "C:Ndforsv"
#endif
- while ((opt = getopt(argc, argv, OPTIONS)) != -1)
+ while ((opt = getopt(argc, argv, OPTIONS)) != EOF)
{
switch (opt)
{
+ case 'C':
+ cfile = optarg;
+ break;
+
case 'N':
inclnull = TRUE;
break;
@@ -182,11 +183,9 @@ main(argc, argv)
allowreplace = TRUE;
break;
-#if _FFR_NEW_MAKEMAP_FLAGS
case 's':
- ignoresafeties = TRUE;
+ DontBlameSendmail |= DBS_MAPINUNSAFEDIRPATH|DBS_WRITEMAPTOHARDLINK|DBS_WRITEMAPTOSYMLINK|DBS_LINKEDMAPINWRITABLEDIR;
break;
-#endif
case 'v':
verbose = TRUE;
@@ -198,6 +197,13 @@ main(argc, argv)
}
}
+ if (!bitset(DBS_WRITEMAPTOSYMLINK, DontBlameSendmail))
+ sff |= SFF_NOSLINK;
+ if (!bitset(DBS_WRITEMAPTOHARDLINK, DontBlameSendmail))
+ sff |= SFF_NOHLINK;
+ if (!bitset(DBS_LINKEDMAPINWRITABLEDIR, DontBlameSendmail))
+ sff |= SFF_NOWLINK;
+
argc -= optind;
argv += optind;
if (argc != 2)
@@ -226,6 +232,65 @@ main(argc, argv)
type = T_UNKNOWN;
}
+#if _FFR_TRUSTED_FILE_OWNER
+ if ((cfp = fopen(cfile, "r")) == NULL)
+ {
+ fprintf(stderr, "mailstats: ");
+ perror(cfile);
+ exit(EX_NOINPUT);
+ }
+ while (fgets(buf, sizeof(buf), cfp) != NULL)
+ {
+ register char *b;
+
+ if ((b = strchr(buf, '\n')) != NULL)
+ *b = '\0';
+
+ b = buf;
+ switch (*b++)
+ {
+ case 'O': /* option */
+ if (strncasecmp(b, " TrustedFileOwner", 17) == 0 &&
+ !(isascii(b[17]) && isalnum(b[17])))
+ {
+ b = strchr(b, '=');
+ if (b == NULL)
+ continue;
+ while (isascii(*++b) && isspace(*b))
+ continue;
+ if (isascii(*b) && isdigit(*b))
+ TrustedFileUid = atoi(b);
+ else
+ {
+ register struct passwd *pw;
+
+ TrustedFileUid = 0;
+ pw = getpwnam(b);
+ if (pw == NULL)
+ fprintf(stderr,
+ "TrustedFileOwner: unknown user %s", b);
+ else
+ TrustedFileUid = pw->pw_uid;
+ }
+
+# ifdef UID_MAX
+ if (TrustedFileUid > UID_MAX)
+ {
+ syserr("TrustedFileOwner: uid value (%ld) > UID_MAX (%ld)",
+ TrustedFileUid, UID_MAX);
+ TrustedFileUid = 0;
+ }
+# endif
+ break;
+ }
+
+
+ default:
+ continue;
+ }
+ }
+ (void) fclose(cfp);
+#endif
switch (type)
{
case T_ERR:
@@ -234,7 +299,7 @@ main(argc, argv)
"Usage: %s [-N] [-c cachesize] [-d] [-f] [-o] [-r] [-s] [-v] type mapname\n",
progname);
#else
- fprintf(stderr, "Usage: %s [-N] [-d] [-f] [-o] [-r] [-v] type mapname\n", progname);
+ fprintf(stderr, "Usage: %s [-N] [-d] [-f] [-o] [-r] [-s] [-v] type mapname\n", progname);
#endif
exit(EX_USAGE);
@@ -256,21 +321,47 @@ main(argc, argv)
#ifdef NEWDB
case T_BTREE:
+# if DB_VERSION_MAJOR < 2
bzero(&bti, sizeof bti);
+# else
+ bzero(&dbinfo, sizeof dbinfo);
+# endif
if (allowdups)
+ {
+# if DB_VERSION_MAJOR < 2
bti.flags |= R_DUP;
+# else
+ dbinfo.flags |= DB_DUP;
+# endif
+ }
if (allowdups || allowreplace)
putflags = 0;
else
+ {
+# if DB_VERSION_MAJOR < 2
putflags = R_NOOVERWRITE;
+# else
+ putflags = DB_NOOVERWRITE;
+# endif
+ }
break;
case T_HASH:
+# if DB_VERSION_MAJOR < 2
bzero(&hinfo, sizeof hinfo);
+# else
+ bzero(&dbinfo, sizeof dbinfo);
+# endif
if (allowreplace)
putflags = 0;
else
+ {
+# if DB_VERSION_MAJOR < 2
putflags = R_NOOVERWRITE;
+# else
+ putflags = DB_NOOVERWRITE;
+# endif
+ }
break;
#endif
#ifdef NDBM
@@ -326,8 +417,7 @@ main(argc, argv)
exit(EX_USAGE);
}
strcpy(dbuf, mapname);
- if (!ignoresafeties &&
- (st = safefile(dbuf, RealUid, RealGid, RealUserName,
+ if ((st = safefile(dbuf, RealUid, RealGid, RealUserName,
sff, S_IWUSR, &std)) != 0)
{
fprintf(stderr,
@@ -347,7 +437,7 @@ main(argc, argv)
}
sprintf(dbuf, "%s.dir", mapname);
if ((st = safefile(dbuf, RealUid, RealGid, RealUserName,
- sff, S_IWUSR, &std)) != 0 && !ignoresafeties)
+ sff, S_IWUSR, &std)) != 0)
{
fprintf(stderr,
"%s: could not create: %s\n",
@@ -356,7 +446,7 @@ main(argc, argv)
}
sprintf(pbuf, "%s.pag", mapname);
if ((st = safefile(pbuf, RealUid, RealGid, RealUserName,
- sff, S_IWUSR, &stp)) != 0 && !ignoresafeties)
+ sff, S_IWUSR, &stp)) != 0)
{
fprintf(stderr,
"%s: could not create: %s\n",
@@ -384,10 +474,7 @@ main(argc, argv)
mode |= O_EXLOCK;
#else
/* pre-lock the database */
- if (ignoresafeties)
- fd = dfopen(dbuf, mode & ~O_TRUNC, 0644, sff);
- else
- fd = safeopen(dbuf, mode & ~O_TRUNC, 0644, sff);
+ fd = safeopen(dbuf, mode & ~O_TRUNC, 0644, sff);
if (fd < 0)
{
fprintf(stderr, "%s: cannot create type %s map %s\n",
@@ -408,9 +495,9 @@ main(argc, argv)
dbm_close(dbp.dbm);
exit(EX_CONFIG);
}
- if (!ignoresafeties && dbp.dbm != NULL &&
- (filechanged(dbuf, dbm_dirfno(dbp.dbm), &std, sff) ||
- filechanged(pbuf, dbm_pagfno(dbp.dbm), &stp, sff)))
+ if (dbp.dbm != NULL &&
+ (filechanged(dbuf, dbm_dirfno(dbp.dbm), &std) ||
+ filechanged(pbuf, dbm_pagfno(dbp.dbm), &stp)))
{
fprintf(stderr,
"dbm map %s: file changed after open\n",
@@ -418,56 +505,138 @@ main(argc, argv)
dbm_close(dbp.dbm);
exit(EX_CANTCREAT);
}
+ if (geteuid() == 0 && TrustedFileUid != 0)
+ {
+ if (fchown(dbm_dirfno(dbp.dbm), TrustedFileUid, -1) < 0 ||
+ fchown(dbm_pagfno(dbp.dbm), TrustedFileUid, -1) < 0)
+ {
+ fprintf(stderr,
+ "WARNING: ownership change on %s failed: %s",
+ mapname, errstring(errno));
+ }
+ }
+
break;
#endif
#ifdef NEWDB
case T_HASH:
/* tweak some parameters for performance */
+# if DB_VERSION_MAJOR < 2
hinfo.nelem = 4096;
hinfo.cachesize = dbcachesize;
+# else
+ dbinfo.h_nelem = 4096;
+ dbinfo.db_cachesize = dbcachesize;
+# endif
+# if DB_VERSION_MAJOR < 2
dbp.db = dbopen(mapname, mode, 0644, DB_HASH, &hinfo);
+# else
+ {
+ int flags = 0;
+
+ if (bitset(O_CREAT, mode))
+ flags |= DB_CREATE;
+ if (bitset(O_TRUNC, mode))
+ flags |= DB_TRUNCATE;
+
+ dbp.db = NULL;
+ errno = db_open(mapname, DB_HASH, flags, 0644,
+ NULL, &dbinfo, &dbp.db);
+ }
+# endif
if (dbp.db != NULL)
{
- if (!ignoresafeties &&
- filechanged(dbuf, dbp.db->fd(dbp.db), &std, sff))
+ int fd;
+
+# if DB_VERSION_MAJOR < 2
+ fd = dbp.db->fd(dbp.db);
+# else
+ fd = -1;
+ errno = dbp.db->fd(dbp.db, &fd);
+# endif
+ if (filechanged(dbuf, fd, &std))
{
fprintf(stderr,
"db map %s: file changed after open\n",
mapname);
+# if DB_VERSION_MAJOR < 2
dbp.db->close(dbp.db);
+# else
+ errno = dbp.db->close(dbp.db, 0);
+# endif
exit(EX_CANTCREAT);
}
-# if OLD_NEWDB
- (void) (*dbp.db->sync)(dbp.db);
-# else
(void) (*dbp.db->sync)(dbp.db, 0);
-# endif
+ if (geteuid() == 0 && TrustedFileUid != 0)
+ {
+ if (fchown(fd, TrustedFileUid, -1) < 0)
+ {
+ fprintf(stderr,
+ "WARNING: ownership change on %s failed: %s",
+ mapname, errstring(errno));
+ }
+ }
}
break;
case T_BTREE:
/* tweak some parameters for performance */
+# if DB_VERSION_MAJOR < 2
bti.cachesize = dbcachesize;
+# else
+ dbinfo.db_cachesize = dbcachesize;
+# endif
+# if DB_VERSION_MAJOR < 2
dbp.db = dbopen(mapname, mode, 0644, DB_BTREE, &bti);
+# else
+ {
+ int flags = 0;
+
+ if (bitset(O_CREAT, mode))
+ flags |= DB_CREATE;
+ if (bitset(O_TRUNC, mode))
+ flags |= DB_TRUNCATE;
+
+ dbp.db = NULL;
+ errno = db_open(mapname, DB_BTREE, flags, 0644,
+ NULL, &dbinfo, &dbp.db);
+ }
+# endif
if (dbp.db != NULL)
{
- if (!ignoresafeties &&
- filechanged(dbuf, dbp.db->fd(dbp.db), &std, sff))
+ int fd;
+
+# if DB_VERSION_MAJOR < 2
+ fd = dbp.db->fd(dbp.db);
+# else
+ fd = -1;
+ errno = dbp.db->fd(dbp.db, &fd);
+# endif
+ if (filechanged(dbuf, fd, &std))
{
fprintf(stderr,
"db map %s: file changed after open\n",
mapname);
+# if DB_VERSION_MAJOR < 2
dbp.db->close(dbp.db);
+# else
+ errno = dbp.db->close(dbp.db, 0);
+# endif
exit(EX_CANTCREAT);
}
-# if OLD_NEWDB
- (void) (*dbp.db->sync)(dbp.db);
-# else
(void) (*dbp.db->sync)(dbp.db, 0);
-# endif
+ if (geteuid() == 0 && TrustedFileUid != 0)
+ {
+ if (fchown(fd, TrustedFileUid, -1) < 0)
+ {
+ fprintf(stderr,
+ "WARNING: ownership change on %s failed: %s",
+ mapname, errstring(errno));
+ }
+ }
}
break;
#endif
@@ -506,23 +675,31 @@ main(argc, argv)
*p = '\0';
else if (!feof(stdin))
{
- fprintf(stderr, "%s: %s: line %d: line too long (%d bytes max)\n",
- progname, mapname, lineno, sizeof ibuf);
+ fprintf(stderr, "%s: %s: line %d: line too long (%ld bytes max)\n",
+ progname, mapname, lineno, (long) sizeof ibuf);
continue;
}
if (ibuf[0] == '\0' || ibuf[0] == '#')
continue;
- if (isspace(ibuf[0]))
+ if (isascii(ibuf[0]) && isspace(ibuf[0]))
{
fprintf(stderr, "%s: %s: line %d: syntax error (leading space)\n",
progname, mapname, lineno);
continue;
}
+#ifdef NEWDB
+ if (type == T_HASH || type == T_BTREE)
+ {
+ bzero(&key.db, sizeof key.db);
+ bzero(&val.db, sizeof val.db);
+ }
+#endif
+
key.xx.data = ibuf;
- for (p = ibuf; *p != '\0' && !isspace(*p); p++)
+ for (p = ibuf; *p != '\0' && !(isascii(*p) && isspace(*p)); p++)
{
- if (foldcase && isupper(*p))
+ if (foldcase && isascii(*p) && isupper(*p))
*p = tolower(*p);
}
key.xx.size = p - key.xx.data;
@@ -530,7 +707,7 @@ main(argc, argv)
key.xx.size++;
if (*p != '\0')
*p++ = '\0';
- while (isspace(*p))
+ while (isascii(*p) && isspace(*p))
p++;
if (*p == '\0')
{
@@ -563,9 +740,30 @@ main(argc, argv)
#ifdef NEWDB
case T_BTREE:
case T_HASH:
+# if DB_VERSION_MAJOR < 2
st = (*dbp.db->put)(dbp.db, &key.db, &val.db, putflags);
+# else
+ errno = (*dbp.db->put)(dbp.db, NULL, &key.db,
+ &val.db, putflags);
+ switch (errno)
+ {
+ case DB_KEYEXIST:
+ st = 1;
+ break;
+
+ case 0:
+ st = 0;
+ break;
+
+ default:
+ st = -1;
+ break;
+ }
+# endif
break;
#endif
+ default:
+ break;
}
if (st < 0)
@@ -598,7 +796,11 @@ main(argc, argv)
#ifdef NEWDB
case T_HASH:
case T_BTREE:
+# if DB_VERSION_MAJOR < 2
if ((*dbp.db->close)(dbp.db) < 0)
+# else
+ if ((errno = (*dbp.db->close)(dbp.db, 0)) != 0)
+# endif
{
fprintf(stderr, "%s: %s: error on close\n",
progname, mapname);
@@ -606,6 +808,8 @@ main(argc, argv)
exitstat = EX_IOERR;
}
#endif
+ default:
+ break;
}
#if !O_EXLOCK
@@ -680,7 +884,7 @@ lockfile(fd, filename, ext, type)
return FALSE;
}
-/*VARARGS2*/
+/*VARARGS1*/
void
#ifdef __STDC__
message(const char *msg, ...)
@@ -694,7 +898,9 @@ message(msg, va_alist)
VA_LOCAL_DECL
m = msg;
- if (isdigit(m[0]) && isdigit(m[1]) && isdigit(m[2]) && m[3] == ' ')
+ if (isascii(m[0]) && isdigit(m[0]) &&
+ isascii(m[1]) && isdigit(m[1]) &&
+ isascii(m[2]) && isdigit(m[2]) && m[3] == ' ')
m += 4;
VA_START(msg);
vfprintf(stderr, m, ap);
@@ -702,7 +908,7 @@ message(msg, va_alist)
fprintf(stderr, "\n");
}
-/*VARARGS2*/
+/*VARARGS1*/
void
#ifdef __STDC__
syserr(const char *msg, ...)
@@ -716,7 +922,9 @@ syserr(msg, va_alist)
VA_LOCAL_DECL
m = msg;
- if (isdigit(m[0]) && isdigit(m[1]) && isdigit(m[2]) && m[3] == ' ')
+ if (isascii(m[0]) && isdigit(m[0]) &&
+ isascii(m[1]) && isdigit(m[1]) &&
+ isascii(m[2]) && isdigit(m[2]) && m[3] == ' ')
m += 4;
VA_START(msg);
vfprintf(stderr, m, ap);
@@ -771,7 +979,7 @@ errstring(err)
#if HASSTRERROR
return strerror(err);
#else
- if (err < 0 || err > sys_nerr)
+ if (err < 0 || err >= sys_nerr)
{
sprintf(errstr, "Error %d", err);
return errstr;