1 /* ========================================================================
2 * Copyright 2008-2010 Mark Crispin
3 * ========================================================================
7 * Program: UNIX environment routines
12 * Last Edited: 15 November 2010
14 * Previous versions of this file were
16 * Copyright 1988-2008 University of Washington
18 * Licensed under the Apache License, Version 2.0 (the "License");
19 * you may not use this file except in compliance with the License.
20 * You may obtain a copy of the License at
22 * http://www.apache.org/licenses/LICENSE-2.0
31 /* in case stat.h is ancient */
34 #define S_IRUSR S_IREAD
37 #define S_IWUSR S_IWRITE
40 #define S_IXUSR S_IEXEC
43 #define S_IRGRP (S_IREAD >> 3)
46 #define S_IWGRP (S_IWRITE >> 3)
49 #define S_IXGRP (S_IEXEC >> 3)
52 #define S_IROTH (S_IREAD >> 6)
55 #define S_IWOTH (S_IWRITE >> 6)
58 #define S_IXOTH (S_IEXEC >> 6)
61 /* c-client environment parameters */
63 static char *myUserName
= NIL
; /* user name */
64 static char *myHomeDir
= NIL
; /* home directory name */
65 static char *myServerName
= NIL
;/* server name */
66 static char *myLocalHost
= NIL
; /* local host name */
67 static char *myNewsrc
= NIL
; /* newsrc file name */
68 static char *mailsubdir
= NIL
; /* mailbox subdirectory name */
69 static char *sysInbox
= NIL
; /* system inbox name */
70 static char *newsActive
= NIL
; /* news active file */
71 static char *newsSpool
= NIL
; /* news spool */
72 static char *blackBoxDir
= NIL
; /* black box directory name */
73 /* black box default home directory */
74 static char *blackBoxDefaultHome
= NIL
;
75 static char *sslCApath
= NIL
; /* non-standard CA path */
76 static short anonymous
= NIL
; /* is anonymous */
77 static short blackBox
= NIL
; /* is a black box */
78 static short closedBox
= NIL
; /* is a closed box (uses chroot() jail) */
79 static long restrictBox
= NIL
; /* is a restricted box */
80 static short has_no_life
= NIL
; /* is a cretin with no life */
81 /* block environment init */
82 static short block_env_init
= NIL
;
83 static short hideDotFiles
= NIL
;/* hide files whose names start with . */
84 /* advertise filesystem root */
85 static short advertisetheworld
= NIL
;
86 /* only advertise own mailboxes and #shared */
87 static short limitedadvertise
= NIL
;
88 /* disable automatic shared namespaces */
89 static short noautomaticsharedns
= NIL
;
90 static short no822tztext
= NIL
; /* disable RFC [2]822 timezone text */
91 /* client principals include service name */
92 static short kerb_cp_svr_name
= NIL
;
93 static long locktimeout
= 5; /* default lock timeout in minutes */
94 /* default prototypes */
95 static MAILSTREAM
*createProto
= NIL
;
96 static MAILSTREAM
*appendProto
= NIL
;
97 /* default user flags */
98 static char *userFlags
[NUSERFLAGS
] = {NIL
};
99 static NAMESPACE
*nslist
[3]; /* namespace list */
100 static int logtry
= 3; /* number of server login tries */
101 /* block notification */
102 static blocknotify_t mailblocknotify
= mm_blocknotify
;
103 /* logout function */
104 static logouthook_t maillogouthook
= NIL
;
106 static void *maillogoutdata
= NIL
;
107 /* allow user config files */
108 static short allowuserconfig
= NIL
;
109 /* 1 = disable plaintext, 2 = if not SSL */
110 static long disablePlaintext
= NIL
;
111 static long list_max_level
= 20;/* maximum level of list recursion */
112 /* facility for syslog */
113 static int syslog_facility
= LOG_MAIL
;
115 /* Path of the privileged system lock program (mlock). Normally set by
119 static char *lockpgm
= LOCKPGM
;
121 /* Directory used for shared locks. MUST be the same for all users of the
122 * system, and MUST be protected 1777. /var/tmp may be preferable on some
126 static const char *tmpdir
= "/tmp";
128 /* Do not change shlock_mode. Doing so can cause mailbox corruption and
129 * denial of service. It also defeats the entire purpose of the shared
130 * lock mechanism. The right way to avoid shared locks is to set up a
131 * closed box (see the closedBox setting).
134 /* shared lock mode */
135 static const int shlock_mode
= S_IRUSR
|S_IWUSR
|S_IRGRP
|S_IWGRP
|S_IROTH
|S_IWOTH
;
138 /* It is STRONGLY recommended that you do not change dotlock_mode. Doing so
139 * can cause denial of service with old dot-lock files left lying around.
140 * However, since dot-locks are only used with traditional UNIX and MMDF
141 * formats which are not normally shared, it is much less harmful to tamper
142 * with this than with shlock_mode.
146 static long dotlock_mode
= S_IRUSR
|S_IWUSR
|S_IRGRP
|S_IWGRP
|S_IROTH
|S_IWOTH
;
148 /* File/directory access and protection policies */
150 /* Unlike shlock_mode, the ????_protection modes are intended to be fully
151 * customizable according to site policy. The values here are recommended
152 * settings, based upon the documented purposes of the namespaces.
155 /* user space - only owner can read/write */
156 static char *myMailboxDir
= NIL
;/* user space directory name */
157 /* default file protection */
158 static long mbx_protection
= S_IRUSR
|S_IWUSR
;
159 /* default directory protection */
160 static long dir_protection
= S_IRUSR
|S_IWUSR
|S_IXUSR
;
162 /* user space for user "anonymous" */
163 /* anonymous home directory */
164 static char *anonymousHome
= NIL
;
166 /* #ftp - everybody can read, only owner can write */
167 static char *ftpHome
= NIL
; /* ftp export home directory */
168 /* default ftp file protection */
169 static long ftp_protection
= S_IRUSR
|S_IWUSR
|S_IRGRP
|S_IROTH
;
170 static long ftp_dir_protection
=/* default ftp directory protection */
171 S_IRUSR
|S_IWUSR
|S_IXUSR
|S_IRGRP
|S_IXGRP
|S_IROTH
|S_IXOTH
;
173 /* #public - everybody can read/write */
174 static char *publicHome
= NIL
; /* public home directory */
175 static long public_protection
= /* default public file protection */
176 S_IRUSR
|S_IWUSR
|S_IRGRP
|S_IWGRP
|S_IROTH
|S_IWOTH
;
177 /* default public directory protection */
178 static long public_dir_protection
=
179 S_IRUSR
|S_IWUSR
|S_IXUSR
|S_IRGRP
|S_IWGRP
|S_IXGRP
|S_IROTH
|S_IWOTH
|S_IXOTH
;
181 /* #shared/ - owner and group members can read/write */
182 static char *sharedHome
= NIL
; /* shared home directory */
183 /* default shared file protection */
184 static long shared_protection
= S_IRUSR
|S_IWUSR
|S_IRGRP
|S_IWGRP
;
185 /* default shared directory protection */
186 static long shared_dir_protection
=
187 S_IRUSR
|S_IWUSR
|S_IXUSR
|S_IRGRP
|S_IWGRP
|S_IXGRP
;
189 /* OS bug workarounds - should be avoided at all cost */
192 /* Don't set fcntlhangbug unless you really have to, since it risks mailbox
193 * corruption. The flocksim.c mechanism is designed to detect NFS access
194 * and no-op in that cases only, so this flag should be unnecessary.
197 static short fcntlhangbug
= NIL
;/* flock() emulator using fcntl() is a no-op */
200 /* Don't set netfsstatbug unless you really have to, since it dramatically
201 * slows down traditional UNIX and MMDF mailbox performance.
204 static short netfsstatbug
= NIL
;/* compensate for broken stat() on network
205 * filesystems (AFS and old NFS)
209 /* Note: setting disableLockWarning means that you assert that the
210 * so-modified copy of this software will NEVER be used:
211 * 1) in conjunction with any software which expects .lock files
212 * 2) to access NFS-mounted files and directories
214 * Unless both of these conditions apply, then do not set this flag.
215 * Instead, read the FAQ (item 7.10) and either use 1777 protection
216 * on the mail spool, or install mlock.
218 * In addition, by setting this flag you also agree that you are fully
219 * legally and morally responsible when (not if) mail files are damaged
220 * as the result of your choice.
222 * The mlock tool exists for a reason. Use it.
224 /* disable warning if can't make .lock file */
225 static short disableLockWarning
= NIL
;
227 /* UNIX Namespaces */
229 /* personal mh namespace */
230 static NAMESPACE nsmhf
= {"#mh/",'/',NIL
,NIL
};
231 static NAMESPACE nsmh
= {"#mhinbox",NIL
,NIL
,&nsmhf
};
233 static NAMESPACE nshome
= {"",'/',NIL
,&nsmh
};
234 /* UNIX other user namespace */
235 static NAMESPACE nsunixother
= {"~",'/',NIL
,NIL
};
236 /* black box other user namespace */
237 static NAMESPACE nsblackother
= {"/",'/',NIL
,NIL
};
238 /* public (anonymous OK) namespace */
239 static NAMESPACE nspublic
= {"#public/",'/',NIL
,NIL
};
240 /* netnews namespace */
241 static NAMESPACE nsnews
= {"#news.",'.',NIL
,&nspublic
};
242 /* FTP export namespace */
243 static NAMESPACE nsftp
= {"#ftp/",'/',NIL
,&nsnews
};
244 /* shared (no anonymous) namespace */
245 static NAMESPACE nsshared
= {"#shared/",'/',NIL
,&nsftp
};
246 /* world namespace */
247 static NAMESPACE nsworld
= {"/",'/',NIL
,&nsshared
};
248 /* only shared and public namespaces */
249 static NAMESPACE nslimited
= {"#shared/",'/',NIL
,&nspublic
};
253 #include "write.c" /* include safe writing routines */
254 #include "crexcl.c" /* include exclusive create */
255 #include "pmatch.c" /* include wildcard pattern matcher */
257 /* Get all authenticators */
261 /* Environment manipulate parameters
262 * Accepts: function code
263 * function-dependent value
264 * Returns: function-dependent return value
267 void *env_parameters (long function
,void *value
)
270 switch ((int) function
) {
272 ret
= (void *) nslist
;
275 if (myUserName
) fs_give ((void **) &myUserName
);
276 myUserName
= cpystr ((char *) value
);
278 ret
= (void *) myUserName
;
281 if (myHomeDir
) fs_give ((void **) &myHomeDir
);
282 myHomeDir
= cpystr ((char *) value
);
284 ret
= (void *) myHomeDir
;
287 if (myLocalHost
) fs_give ((void **) &myLocalHost
);
288 myLocalHost
= cpystr ((char *) value
);
290 ret
= (void *) myLocalHost
;
293 if (myNewsrc
) fs_give ((void **) &myNewsrc
);
294 myNewsrc
= cpystr ((char *) value
);
296 ret
= (void *) myNewsrc
;
299 if (newsActive
) fs_give ((void **) &newsActive
);
300 newsActive
= cpystr ((char *) value
);
302 ret
= (void *) newsActive
;
305 if (newsSpool
) fs_give ((void **) &newsSpool
);
306 newsSpool
= cpystr ((char *) value
);
308 ret
= (void *) newsSpool
;
311 case SET_ANONYMOUSHOME
:
312 if (anonymousHome
) fs_give ((void **) &anonymousHome
);
313 anonymousHome
= cpystr ((char *) value
);
314 case GET_ANONYMOUSHOME
:
315 if (!anonymousHome
) anonymousHome
= cpystr (ANONYMOUSHOME
);
316 ret
= (void *) anonymousHome
;
319 if (ftpHome
) fs_give ((void **) &ftpHome
);
320 ftpHome
= cpystr ((char *) value
);
322 ret
= (void *) ftpHome
;
325 if (publicHome
) fs_give ((void **) &publicHome
);
326 publicHome
= cpystr ((char *) value
);
328 ret
= (void *) publicHome
;
331 if (sharedHome
) fs_give ((void **) &sharedHome
);
332 sharedHome
= cpystr ((char *) value
);
334 ret
= (void *) sharedHome
;
337 if (sysInbox
) fs_give ((void **) &sysInbox
);
338 sysInbox
= cpystr ((char *) value
);
340 ret
= (void *) sysInbox
;
342 case SET_SSLCAPATH
: /* this can be set null */
343 if (sslCApath
) fs_give ((void **) &sslCApath
);
344 sslCApath
= value
? cpystr ((char *) value
) : value
;
347 ret
= (void *) sslCApath
;
349 case SET_LISTMAXLEVEL
:
350 list_max_level
= (long) value
;
351 case GET_LISTMAXLEVEL
:
352 ret
= (void *) list_max_level
;
355 case SET_MBXPROTECTION
:
356 mbx_protection
= (long) value
;
357 case GET_MBXPROTECTION
:
358 ret
= (void *) mbx_protection
;
360 case SET_DIRPROTECTION
:
361 dir_protection
= (long) value
;
362 case GET_DIRPROTECTION
:
363 ret
= (void *) dir_protection
;
365 case SET_LOCKPROTECTION
:
366 dotlock_mode
= (long) value
;
367 case GET_LOCKPROTECTION
:
368 ret
= (void *) dotlock_mode
;
370 case SET_FTPPROTECTION
:
371 ftp_protection
= (long) value
;
372 case GET_FTPPROTECTION
:
373 ret
= (void *) ftp_protection
;
375 case SET_PUBLICPROTECTION
:
376 public_protection
= (long) value
;
377 case GET_PUBLICPROTECTION
:
378 ret
= (void *) public_protection
;
380 case SET_SHAREDPROTECTION
:
381 shared_protection
= (long) value
;
382 case GET_SHAREDPROTECTION
:
383 ret
= (void *) shared_protection
;
385 case SET_FTPDIRPROTECTION
:
386 ftp_dir_protection
= (long) value
;
387 case GET_FTPDIRPROTECTION
:
388 ret
= (void *) ftp_dir_protection
;
390 case SET_PUBLICDIRPROTECTION
:
391 public_dir_protection
= (long) value
;
392 case GET_PUBLICDIRPROTECTION
:
393 ret
= (void *) public_dir_protection
;
395 case SET_SHAREDDIRPROTECTION
:
396 shared_dir_protection
= (long) value
;
397 case GET_SHAREDDIRPROTECTION
:
398 ret
= (void *) shared_dir_protection
;
400 case SET_RESTRICTIONS
:
401 restrictBox
= (long) value
;
402 case GET_RESTRICTIONS
:
403 ret
= (void *) restrictBox
;
405 case SET_LOCKTIMEOUT
:
406 locktimeout
= (long) value
;
407 case GET_LOCKTIMEOUT
:
408 ret
= (void *) locktimeout
;
410 case SET_DISABLEFCNTLLOCK
:
411 fcntlhangbug
= value
? T
: NIL
;
412 case GET_DISABLEFCNTLLOCK
:
413 ret
= (void *) (fcntlhangbug
? VOIDT
: NIL
);
415 case SET_LOCKEACCESERROR
:
416 disableLockWarning
= value
? NIL
: T
;
417 case GET_LOCKEACCESERROR
:
418 ret
= (void *) (disableLockWarning
? NIL
: VOIDT
);
420 case SET_HIDEDOTFILES
:
421 hideDotFiles
= value
? T
: NIL
;
422 case GET_HIDEDOTFILES
:
423 ret
= (void *) (hideDotFiles
? VOIDT
: NIL
);
425 case SET_DISABLEPLAINTEXT
:
426 disablePlaintext
= (long) value
;
427 case GET_DISABLEPLAINTEXT
:
428 ret
= (void *) disablePlaintext
;
430 case SET_CHROOTSERVER
:
431 closedBox
= value
? T
: NIL
;
432 case GET_CHROOTSERVER
:
433 ret
= (void *) (closedBox
? VOIDT
: NIL
);
435 case SET_ADVERTISETHEWORLD
:
436 advertisetheworld
= value
? T
: NIL
;
437 case GET_ADVERTISETHEWORLD
:
438 ret
= (void *) (advertisetheworld
? VOIDT
: NIL
);
440 case SET_LIMITEDADVERTISE
:
441 limitedadvertise
= value
? T
: NIL
;
442 case GET_LIMITEDADVERTISE
:
443 ret
= (void *) (limitedadvertise
? VOIDT
: NIL
);
445 case SET_DISABLEAUTOSHAREDNS
:
446 noautomaticsharedns
= value
? T
: NIL
;
447 case GET_DISABLEAUTOSHAREDNS
:
448 ret
= (void *) (noautomaticsharedns
? VOIDT
: NIL
);
450 case SET_DISABLE822TZTEXT
:
451 no822tztext
= value
? T
: NIL
;
452 case GET_DISABLE822TZTEXT
:
453 ret
= (void *) (no822tztext
? VOIDT
: NIL
);
456 case SET_USERHASNOLIFE
:
457 has_no_life
= value
? T
: NIL
;
458 case GET_USERHASNOLIFE
:
459 ret
= (void *) (has_no_life
? VOIDT
: NIL
);
461 case SET_KERBEROS_CP_SVR_NAME
:
462 kerb_cp_svr_name
= value
? T
: NIL
;
463 case GET_KERBEROS_CP_SVR_NAME
:
464 ret
= (void *) (kerb_cp_svr_name
? VOIDT
: NIL
);
466 case SET_NETFSSTATBUG
:
467 netfsstatbug
= value
? T
: NIL
;
468 case GET_NETFSSTATBUG
:
469 ret
= (void *) (netfsstatbug
? VOIDT
: NIL
);
471 case SET_BLOCKENVINIT
:
472 block_env_init
= value
? T
: NIL
;
473 case GET_BLOCKENVINIT
:
474 ret
= (void *) (block_env_init
? VOIDT
: NIL
);
476 case SET_BLOCKNOTIFY
:
477 mailblocknotify
= (blocknotify_t
) value
;
478 case GET_BLOCKNOTIFY
:
479 ret
= (void *) mailblocknotify
;
482 maillogouthook
= (logouthook_t
) value
;
484 ret
= maillogouthook
;
487 maillogoutdata
= (void *) value
;
489 ret
= maillogoutdata
;
494 /* Write current time
495 * Accepts: destination string
496 * optional format of day-of-week prefix
497 * format of date and time
498 * flag whether to append symbolic timezone
501 static void do_date (char *date
,char *prefix
,char *fmt
,int suffix
)
503 time_t tn
= time (0);
504 struct tm
*t
= gmtime (&tn
);
505 int zone
= t
->tm_hour
* 60 + t
->tm_min
;
506 int julian
= t
->tm_yday
;
507 t
= localtime (&tn
); /* get local time now */
508 /* minus UTC minutes since midnight */
509 zone
= t
->tm_hour
* 60 + t
->tm_min
- zone
;
510 /* julian can be one of:
511 * 36x local time is December 31, UTC is January 1, offset -24 hours
512 * 1 local time is 1 day ahead of UTC, offset +24 hours
513 * 0 local time is same day as UTC, no offset
514 * -1 local time is 1 day behind UTC, offset -24 hours
515 * -36x local time is January 1, UTC is December 31, offset +24 hours
517 if (julian
= t
->tm_yday
-julian
)
518 zone
+= ((julian
< 0) == (abs (julian
) == 1)) ? -24*60 : 24*60;
519 if (prefix
) { /* want day of week? */
520 sprintf (date
,prefix
,days
[t
->tm_wday
]);
521 date
+= strlen (date
); /* make next sprintf append */
523 /* output the date */
524 sprintf (date
,fmt
,t
->tm_mday
,months
[t
->tm_mon
],t
->tm_year
+1900,
525 t
->tm_hour
,t
->tm_min
,t
->tm_sec
,zone
/60,abs (zone
) % 60);
526 /* append timezone suffix if desired */
527 if (suffix
) rfc822_timezone (date
,(void *) t
);
530 /* Write current time in RFC 822 format
531 * Accepts: destination string
534 void rfc822_date (char *date
)
536 do_date (date
,"%s, ","%d %s %d %02d:%02d:%02d %+03d%02d",
537 no822tztext
? NIL
: T
);
541 /* Write current time in fixed-width RFC 822 format
542 * Accepts: destination string
545 void rfc822_fixed_date (char *date
)
547 do_date (date
,NIL
,"%02d %s %4d %02d:%02d:%02d %+03d%02d",NIL
);
551 /* Write current time in internal format
552 * Accepts: destination string
555 void internal_date (char *date
)
557 do_date (date
,NIL
,"%02d-%s-%d %02d:%02d:%02d %+03d%02d",NIL
);
561 * Accepts: server name for syslog or NIL
562 * /etc/services service name or NIL
563 * alternate /etc/services service name or NIL
564 * clock interrupt handler
565 * kiss-of-death interrupt handler
566 * hangup interrupt handler
567 * termination interrupt handler
570 void server_init (char *server
,char *service
,char *sslservice
,
571 void *clkint
,void *kodint
,void *hupint
,void *trmint
,
574 int onceonly
= server
&& service
&& sslservice
;
575 if (onceonly
) { /* set server name in syslog */
577 openlog (myServerName
= cpystr (server
),LOG_PID
,syslog_facility
);
578 fclose (stderr
); /* possibly save a process ID */
579 dorc (NIL
,NIL
); /* do systemwide configuration */
580 switch (mask
= umask (022)){/* check old umask */
581 case 0: /* definitely unreasonable */
582 case 022: /* don't need to change it */
584 default: /* already was a reasonable value */
585 umask (mask
); /* so change it back */
588 arm_signal (SIGALRM
,clkint
); /* prepare for clock interrupt */
589 arm_signal (SIGUSR2
,kodint
); /* prepare for Kiss Of Death */
590 arm_signal (SIGHUP
,hupint
); /* prepare for hangup */
591 arm_signal (SIGPIPE
,hupint
); /* alternative hangup */
592 arm_signal (SIGTERM
,trmint
); /* prepare for termination */
594 if (staint
) arm_signal (SIGUSR1
,staint
);
595 if (onceonly
) { /* set up network and maybe SSL */
598 /* Use SSL if SSL service, or if server starts with "s" and not service */
599 if (((port
= tcp_serverport ()) >= 0)) {
600 if ((sv
= getservbyname (service
,"tcp")) && (port
== ntohs (sv
->s_port
)))
601 syslog (LOG_DEBUG
,"%s service init from %s",service
,tcp_clientaddr ());
602 else if ((sv
= getservbyname (sslservice
,"tcp")) &&
603 (port
== ntohs (sv
->s_port
))) {
604 syslog (LOG_DEBUG
,"%s SSL service init from %s",sslservice
,
606 ssl_server_init (server
);
608 else { /* not service or SSL service port */
609 syslog (LOG_DEBUG
,"port %ld service init from %s",port
,
611 if (*server
== 's') ssl_server_init (server
);
617 /* Wait for stdin input
618 * Accepts: timeout in seconds
619 * Returns: T if have input on stdin, else NIL
622 long server_input_wait (long seconds
)
632 tmo
.tv_sec
= seconds
; tmo
.tv_usec
= 0;
633 } while (((err
= select (1,&rfd
,0,&efd
,&tmo
)) < 0) && (errno
= EINTR
));
634 return err
? LONGT
: NIL
;
637 /* Return UNIX password entry for user name
638 * Accepts: user name string
639 * Returns: password entry
641 * Tries all-lowercase form of user name if given user name fails
644 static struct passwd
*pwuser (unsigned char *user
)
647 struct passwd
*pw
= getpwnam (user
);
648 if (!pw
) { /* failed, see if any uppercase characters */
649 for (s
= user
; *s
&& ((*s
< 'A') || (*s
> 'Z')); s
++);
650 if (*s
) { /* yes, try all lowercase form */
651 pw
= getpwnam (s
= lcase (cpystr (user
)));
652 fs_give ((void **) &s
);
659 /* Validate password for user name
660 * Accepts: user name string
664 * Returns: password entry if validated
666 * Tries password+1 if password fails and starts with space
669 static struct passwd
*valpwd (char *user
,char *pwd
,int argc
,char *argv
[])
673 struct passwd
*ret
= NIL
;
674 if (auth_md5
.server
) { /* using CRAM-MD5 authentication? */
675 if (s
= auth_md5_pwd (user
)) {
676 if (!strcmp (s
,pwd
) || ((*pwd
== ' ') && pwd
[1] && !strcmp (s
,pwd
+1)))
677 ret
= pwuser (user
); /* validated, get passwd entry for user */
678 memset (s
,0,strlen (s
)); /* erase sensitive information */
679 fs_give ((void **) &s
);
682 else if (pw
= pwuser (user
)) {/* can get user? */
683 s
= cpystr (pw
->pw_name
); /* copy returned name in case we need it */
684 if (*pwd
&& !(ret
= checkpw (pw
,pwd
,argc
,argv
)) &&
685 (*pwd
== ' ') && pwd
[1] && (ret
= pwuser (s
)))
686 ret
= checkpw (pw
,pwd
+1,argc
,argv
);
687 fs_give ((void **) &s
); /* don't need copy of name any more */
693 * Accepts: user name string
695 * authenticating user name string
698 * Returns: T if password validated, NIL otherwise
701 long server_login (char *user
,char *pwd
,char *authuser
,int argc
,char *argv
[])
703 struct passwd
*pw
= NIL
;
704 int level
= LOG_NOTICE
;
705 char *err
= "failed";
706 /* cretins still haven't given up */
707 if ((strlen (user
) >= NETMAXUSER
) ||
708 (authuser
&& (strlen (authuser
) >= NETMAXUSER
))) {
709 level
= LOG_ALERT
; /* escalate this alert */
710 err
= "SYSTEM BREAK-IN ATTEMPT";
711 logtry
= 0; /* render this session useless */
713 else if (logtry
-- <= 0) err
= "excessive login failures";
714 else if (disablePlaintext
) err
= "disabled";
715 else if (!(authuser
&& *authuser
)) pw
= valpwd (user
,pwd
,argc
,argv
);
716 else if (valpwd (authuser
,pwd
,argc
,argv
)) pw
= pwuser (user
);
717 if (pw
&& pw_login (pw
,authuser
,pw
->pw_name
,NIL
,argc
,argv
)) return T
;
718 syslog (level
|LOG_AUTH
,"Login %s user=%.64s auth=%.64s host=%.80s",err
,
719 user
,(authuser
&& *authuser
) ? authuser
: user
,tcp_clienthost ());
720 sleep (3); /* slow down possible cracker */
724 /* Authenticated server log in
725 * Accepts: user name string
726 * authenticating user name string
729 * Returns: T if password validated, NIL otherwise
732 long authserver_login (char *user
,char *authuser
,int argc
,char *argv
[])
734 return pw_login (pwuser (user
),authuser
,user
,NIL
,argc
,argv
);
738 /* Log in as anonymous daemon
739 * Accepts: argument count
741 * Returns: T if successful, NIL if error
744 long anonymous_login (int argc
,char *argv
[])
746 /* log in Mr. A. N. Onymous */
747 return pw_login (getpwnam (ANONYMOUSUSER
),NIL
,NIL
,
748 (char *) mail_parameters (NIL
,GET_ANONYMOUSHOME
,NIL
),
752 /* Finish log in and environment initialization
753 * Accepts: passwd struct for loginpw()
754 * optional authentication user name
755 * user name (NIL for anonymous)
756 * home directory (NIL to use directory from passwd struct)
759 * Returns: T if successful, NIL if error
762 long pw_login (struct passwd
*pw
,char *auser
,char *user
,char *home
,int argc
,
768 if (pw
&& pw
->pw_uid
) { /* must have passwd struct for non-UID 0 */
769 /* make safe copies of user and home */
770 if (user
) user
= cpystr (pw
->pw_name
);
771 home
= cpystr (home
? home
: pw
->pw_dir
);
772 /* authorization ID .NE. authentication ID? */
773 if (user
&& auser
&& *auser
&& compare_cstring (auser
,user
)) {
774 /* scan list of mail administrators */
775 if ((gr
= getgrnam (ADMINGROUP
)) && (t
= gr
->gr_mem
)) while (*t
&& !ret
)
776 if (!compare_cstring (auser
,*t
++))
777 ret
= pw_login (pw
,NIL
,user
,home
,argc
,argv
);
778 syslog (LOG_NOTICE
|LOG_AUTH
,"%s %.80s override of user=%.80s host=%.80s",
779 ret
? "Admin" : "Failed",auser
,user
,tcp_clienthost ());
781 else if (closedBox
) { /* paranoid site, lock out other directories */
782 if (chdir (home
) || chroot (home
))
783 syslog (LOG_NOTICE
|LOG_AUTH
,
784 "Login %s failed: unable to set chroot=%.80s host=%.80s",
785 pw
->pw_name
,home
,tcp_clienthost ());
786 else if (loginpw (pw
,argc
,argv
)) ret
= env_init (user
,NIL
);
787 else fatal ("Login failed after chroot");
790 else if (((pw
->pw_uid
== geteuid ()) || loginpw (pw
,argc
,argv
)) &&
791 (ret
= env_init (user
,home
))) chdir (myhomedir ());
792 fs_give ((void **) &home
); /* clean up */
793 if (user
) fs_give ((void **) &user
);
795 endpwent (); /* in case shadow passwords in pw data */
796 return ret
; /* return status */
799 /* Initialize environment
800 * Accepts: user name (NIL for anonymous)
801 * home directory name
805 long env_init (char *user
,char *home
)
807 extern MAILSTREAM CREATEPROTO
;
808 extern MAILSTREAM EMPTYPROTO
;
811 char tmp
[MAILTMPLEN
];
812 /* don't init if blocked */
813 if (block_env_init
) return LONGT
;
814 if (myUserName
) fatal ("env_init called twice!");
815 /* initially nothing in namespace list */
816 nslist
[0] = nslist
[1] = nslist
[2] = NIL
;
817 /* myUserName must be set before dorc() call */
818 myUserName
= cpystr (user
? user
: ANONYMOUSUSER
);
819 /* force default prototypes to be set */
820 if (!createProto
) createProto
= &CREATEPROTO
;
821 if (!appendProto
) appendProto
= &EMPTYPROTO
;
822 dorc (NIL
,NIL
); /* do systemwide configuration */
823 if (!home
) { /* closed box server */
824 /* standard user can only reference home */
825 if (user
) nslist
[0] = &nshome
;
826 else { /* anonymous user */
827 nslist
[0] = &nsblackother
; /* set root */
828 anonymous
= T
; /* flag as anonymous */
830 myHomeDir
= cpystr (""); /* home directory is root */
831 sysInbox
= cpystr ("INBOX");/* make system INBOX */
833 else { /* open or black box */
834 closedBox
= NIL
; /* definitely not a closed box */
835 if (user
) { /* remember user name and home directory */
836 if (blackBoxDir
) { /* build black box directory name */
837 sprintf (tmp
,"%s/%s",blackBoxDir
,myUserName
);
839 if (!((!stat (home
= tmp
,&sbuf
) && (sbuf
.st_mode
& S_IFDIR
)) ||
840 (blackBoxDefaultHome
&&
841 !stat (home
= blackBoxDefaultHome
,&sbuf
) &&
842 (sbuf
.st_mode
& S_IFDIR
)))) fatal ("no home");
843 sysInbox
= (char *) fs_get (strlen (home
) + 7);
844 /* set system INBOX */
845 sprintf (sysInbox
,"%s/INBOX",home
);
846 blackBox
= T
; /* mark that it's a black box */
847 /* mbox meaningless if black box */
848 mail_parameters (NIL
,DISABLE_DRIVER
,(void *) "mbox");
850 nslist
[0] = &nshome
; /* home namespace */
851 /* limited advertise namespaces */
852 if (limitedadvertise
) nslist
[2] = &nslimited
;
853 else if (blackBox
) { /* black box namespaces */
854 nslist
[1] = &nsblackother
;
855 nslist
[2] = &nsshared
;
857 else { /* open box namespaces */
858 nslist
[1] = &nsunixother
;
859 nslist
[2] = advertisetheworld
? &nsworld
: &nsshared
;
863 nslist
[2] = &nsftp
; /* anonymous user */
864 sprintf (tmp
,"%s/INBOX",
865 home
= (char *) mail_parameters (NIL
,GET_ANONYMOUSHOME
,NIL
));
866 sysInbox
= cpystr (tmp
); /* make system INBOX */
867 anonymous
= T
; /* flag as anonymous */
869 myHomeDir
= cpystr (home
); /* set home directory */
872 if (allowuserconfig
) { /* allow user config files */
873 dorc (strcat (strcpy (tmp
,myHomeDir
),"/.mminit"),T
);
874 dorc (strcat (strcpy (tmp
,myHomeDir
),"/.imaprc"),NIL
);
876 if (!closedBox
&& !noautomaticsharedns
) {
878 if (!ftpHome
&& (pw
= getpwnam ("ftp"))) ftpHome
= cpystr (pw
->pw_dir
);
879 /* #public namespace */
880 if (!publicHome
&& (pw
= getpwnam ("imappublic")))
881 publicHome
= cpystr (pw
->pw_dir
);
882 /* #shared namespace */
883 if (!anonymous
&& !sharedHome
&& (pw
= getpwnam ("imapshared")))
884 sharedHome
= cpystr (pw
->pw_dir
);
886 if (!myLocalHost
) mylocalhost ();
887 if (!myNewsrc
) myNewsrc
= cpystr(strcat (strcpy (tmp
,myHomeDir
),"/.newsrc"));
888 if (!newsActive
) newsActive
= cpystr (ACTIVEFILE
);
889 if (!newsSpool
) newsSpool
= cpystr (NEWSSPOOL
);
890 /* re-do open action to get flags */
891 (*createProto
->dtb
->open
) (NIL
);
892 endpwent (); /* close pw database */
896 /* Return my user name
897 * Accepts: pointer to optional flags
898 * Returns: my user name
901 char *myusername_full (unsigned long *flags
)
907 char *ret
= UNLOGGEDUSER
;
908 /* no user name yet and not root? */
909 if (!myUserName
&& (euid
= geteuid ())) {
910 /* yes, look up getlogin() user name or EUID */
911 if (((s
= (char *) getlogin ()) && *s
&& (strlen (s
) < NETMAXUSER
) &&
912 (pw
= getpwnam (s
)) && (pw
->pw_uid
== euid
)) ||
913 (pw
= getpwuid (euid
))) {
914 if (block_env_init
) { /* don't env_init if blocked */
915 if (flags
) *flags
= MU_LOGGEDIN
;
918 env_init (pw
->pw_name
,
919 ((s
= getenv ("HOME")) && *s
&& (strlen (s
) < NETMAXMBX
) &&
920 !stat (s
,&sbuf
) && ((sbuf
.st_mode
& S_IFMT
) == S_IFDIR
)) ?
923 else fatal ("Unable to look up user name");
925 if (myUserName
) { /* logged in? */
926 if (flags
) *flags
= anonymous
? MU_ANONYMOUS
: MU_LOGGEDIN
;
927 ret
= myUserName
; /* return user name */
929 else if (flags
) *flags
= MU_NOTLOGGEDIN
;
934 /* Return my local host name
935 * Returns: my local host name
941 char *s
,tmp
[MAILTMPLEN
];
942 tmp
[0] = tmp
[MAILTMPLEN
-1] = '\0';
943 if (!gethostname (tmp
,MAILTMPLEN
-1) && tmp
[0]) {
944 /* sanity check of name */
945 for (s
= tmp
; (*s
> 0x20) && (*s
< 0x7f); ++s
);
946 if (!*s
) myLocalHost
= tcp_canonical (tmp
);
949 return myLocalHost
? myLocalHost
: "unknown";
952 /* Return my home directory name
953 * Returns: my home directory name
958 if (!myHomeDir
) myusername ();/* initialize if first time */
959 return myHomeDir
? myHomeDir
: "";
963 /* Return my home mailbox name
964 * Returns: my home directory name
967 static char *mymailboxdir ()
969 char *home
= myhomedir ();
970 /* initialize if first time */
971 if (!myMailboxDir
&& myHomeDir
) {
973 char tmp
[MAILTMPLEN
];
974 sprintf (tmp
,"%s/%s",home
,mailsubdir
);
975 myMailboxDir
= cpystr (tmp
);/* use pre-defined subdirectory of home */
977 else myMailboxDir
= cpystr (home
);
979 return myMailboxDir
? myMailboxDir
: "";
983 /* Return system standard INBOX
984 * Accepts: buffer string
989 char tmp
[MAILTMPLEN
];
990 if (!sysInbox
) { /* initialize if first time */
991 sprintf (tmp
,"%s/%s",MAILSPOOL
,myusername ());
992 sysInbox
= cpystr (tmp
); /* system inbox is from mail spool */
997 /* Return mailbox directory name
998 * Accepts: destination buffer
1001 * Returns: file name or NIL if error
1004 char *mailboxdir (char *dst
,char *dir
,char *name
)
1006 char tmp
[MAILTMPLEN
];
1007 if (dir
|| name
) { /* if either argument provided */
1009 if (strlen (dir
) > NETMAXMBX
) return NIL
;
1010 strcpy (tmp
,dir
); /* write directory prefix */
1012 else tmp
[0] = '\0'; /* otherwise null string */
1014 if (strlen (name
) > NETMAXMBX
) return NIL
;
1015 strcat (tmp
,name
); /* write name in directory */
1017 /* validate name, return its name */
1018 if (!mailboxfile (dst
,tmp
)) return NIL
;
1020 /* no arguments, wants mailbox directory */
1021 else strcpy (dst
,mymailboxdir ());
1022 return dst
; /* return the name */
1025 /* Return mailbox file name
1026 * Accepts: destination buffer
1028 * Returns: file name or empty string for driver-selected INBOX or NIL if error
1031 char *mailboxfile (char *dst
,char *name
)
1035 if (!name
|| !*name
|| (*name
== '{') || (strlen (name
) > NETMAXMBX
) ||
1036 ((anonymous
|| blackBox
|| restrictBox
|| (*name
== '#')) &&
1037 (strstr (name
,"..") || strstr (name
,"//") || strstr (name
,"/~"))))
1038 dst
= NIL
; /* invalid name */
1039 else switch (*name
) { /* determine mailbox type based upon name */
1040 case '#': /* namespace name */
1041 /* #ftp/ namespace */
1042 if (((name
[1] == 'f') || (name
[1] == 'F')) &&
1043 ((name
[2] == 't') || (name
[2] == 'T')) &&
1044 ((name
[3] == 'p') || (name
[3] == 'P')) &&
1045 (name
[4] == '/') && ftpHome
) sprintf (dst
,"%s/%s",ftpHome
,name
+5);
1046 /* #public/ and #shared/ namespaces */
1047 else if ((((name
[1] == 'p') || (name
[1] == 'P')) &&
1048 ((name
[2] == 'u') || (name
[2] == 'U')) &&
1049 ((name
[3] == 'b') || (name
[3] == 'B')) &&
1050 ((name
[4] == 'l') || (name
[4] == 'L')) &&
1051 ((name
[5] == 'i') || (name
[5] == 'I')) &&
1052 ((name
[6] == 'c') || (name
[6] == 'C')) &&
1053 (name
[7] == '/') && (s
= publicHome
)) ||
1054 (!anonymous
&& ((name
[1] == 's') || (name
[1] == 'S')) &&
1055 ((name
[2] == 'h') || (name
[2] == 'H')) &&
1056 ((name
[3] == 'a') || (name
[3] == 'A')) &&
1057 ((name
[4] == 'r') || (name
[4] == 'R')) &&
1058 ((name
[5] == 'e') || (name
[5] == 'E')) &&
1059 ((name
[6] == 'd') || (name
[6] == 'D')) &&
1060 (name
[7] == '/') && (s
= sharedHome
)))
1061 sprintf (dst
,"%s/%s",s
,compare_cstring (name
+8,"INBOX") ?
1063 else dst
= NIL
; /* unknown namespace */
1066 case '/': /* root access */
1067 if (anonymous
) dst
= NIL
; /* anonymous forbidden to do this */
1068 else if (blackBox
) { /* other user access if blackbox */
1069 if (restrictBox
& RESTRICTOTHERUSER
) dst
= NIL
;
1070 /* see if other user INBOX */
1071 else if ((s
= strchr (name
+1,'/')) && !compare_cstring (s
+1,"INBOX")) {
1072 *s
= '\0'; /* temporarily tie off string */
1073 sprintf (dst
,"%s/%s/INBOX",blackBoxDir
,name
+1);
1074 *s
= '/'; /* in case caller cares */
1076 else sprintf (dst
,"%s/%s",blackBoxDir
,name
+1);
1079 size_t i
= strlen (mymailboxdir ());
1080 if ((restrictBox
& RESTRICTROOT
) && strcmp (name
,sysinbox ()) &&
1081 (!i
|| strncmp (name
,mymailboxdir (),i
) || (name
[i
] !='/')))
1082 dst
= NIL
; /* restricted and not sysinbox or home */
1083 else strcpy (dst
,name
); /* unrestricted, copy root name */
1086 case '~': /* other user access */
1087 /* bad syntax or anonymous can't win */
1088 if (!*++name
|| anonymous
) dst
= NIL
;
1089 /* ~/ equivalent to ordinary name */
1090 else if (*name
== '/') sprintf (dst
,"%s/%s",mymailboxdir (),name
+1);
1091 /* other user forbidden if closed/restricted */
1092 else if (closedBox
|| (restrictBox
& RESTRICTOTHERUSER
)) dst
= NIL
;
1093 else if (blackBox
) { /* black box form of other user */
1094 /* see if other user INBOX */
1095 if ((s
= strchr (name
,'/')) && compare_cstring (s
+1,"INBOX")) {
1096 *s
= '\0'; /* temporarily tie off string */
1097 sprintf (dst
,"%s/%s/INBOX",blackBoxDir
,name
);
1098 *s
= '/'; /* in case caller cares */
1100 else sprintf (dst
,"%s/%s",blackBoxDir
,name
);
1102 else { /* clear box other user */
1103 /* copy user name */
1104 for (s
= dst
; *name
&& (*name
!= '/'); *s
++ = *name
++);
1105 *s
++ = '\0'; /* tie off user name, look up in passwd file */
1106 if ((pw
= getpwnam (dst
)) && pw
->pw_dir
) {
1107 if (*name
) name
++; /* skip past the slash */
1108 /* canonicalize case of INBOX */
1109 if (!compare_cstring (name
,"INBOX")) name
= "INBOX";
1110 /* remove trailing / from directory */
1111 if ((s
= strrchr (pw
->pw_dir
,'/')) && !s
[1]) *s
= '\0';
1112 /* don't allow ~root/ if restricted root */
1113 if ((restrictBox
& RESTRICTROOT
) && !*pw
->pw_dir
) dst
= NIL
;
1114 /* build final name w/ subdir if needed */
1115 else if (mailsubdir
) sprintf (dst
,"%s/%s/%s",pw
->pw_dir
,mailsubdir
,name
);
1116 else sprintf (dst
,"%s/%s",pw
->pw_dir
,name
);
1118 else dst
= NIL
; /* no such user */
1122 case 'I': case 'i': /* possible INBOX */
1123 if (!compare_cstring (name
+1,"NBOX")) {
1124 /* if restricted, use INBOX in mailbox dir */
1125 if (anonymous
|| blackBox
|| closedBox
)
1126 sprintf (dst
,"%s/INBOX",mymailboxdir ());
1127 else *dst
= '\0'; /* otherwise driver selects the name */
1130 /* drop into to ordinary name case */
1131 default: /* ordinary name is easy */
1132 sprintf (dst
,"%s/%s",mymailboxdir (),name
);
1135 return dst
; /* return final name */
1138 /* Dot-lock file locker
1139 * Accepts: file name to lock
1140 * destination buffer for lock file name
1141 * open file description on file name to lock
1142 * Returns: T if success, NIL if failure
1145 long dotlock_lock (char *file
,DOTLOCK
*base
,int fd
)
1147 int i
= locktimeout
* 60;
1148 int j
,mask
,retry
,pi
[2],po
[2];
1149 char *s
,tmp
[MAILTMPLEN
];
1151 /* flush absurd file name */
1152 if (strlen (file
) > 512) return NIL
;
1153 /* build lock filename */
1154 sprintf (base
->lock
,"%s.lock",file
);
1155 /* assume no pipe */
1156 base
->pipei
= base
->pipeo
= -1;
1157 do { /* make sure not symlink */
1158 if (!(j
= chk_notsymlink (base
->lock
,&sb
))) return NIL
;
1159 /* time out if file older than 5 minutes */
1160 if ((j
> 0) && ((time (0)) >= (sb
.st_ctime
+ locktimeout
* 60))) i
= 0;
1161 /* try to create the lock */
1162 switch (retry
= crexcl (base
->lock
)) {
1163 case -1: /* OK to retry */
1164 if (!(i
%15)) { /* time to notify? */
1165 sprintf (tmp
,"Mailbox %.80s is locked, will override in %d seconds...",
1169 sleep (1); /* wait 1 second before next try */
1171 case NIL
: /* failure, can't retry */
1174 case T
: /* success, make sure others can break lock */
1175 chmod (base
->lock
,(int) dotlock_mode
);
1178 } while (i
--); /* until out of retries */
1179 if (retry
< 0) { /* still returning retry after locktimeout? */
1180 if (!(j
= chk_notsymlink (base
->lock
,&sb
))) return NIL
;
1181 if ((j
> 0) && ((time (0)) < (sb
.st_ctime
+ locktimeout
* 60))) {
1182 sprintf (tmp
,"Mailbox vulnerable - seizing %ld second old lock",
1183 (long) (time (0) - sb
.st_ctime
));
1186 mask
= umask (0); /* want our lock protection */
1187 unlink (base
->lock
); /* try to remove the old file */
1188 /* seize the lock */
1189 if ((i
= open (base
->lock
,O_WRONLY
|O_CREAT
,(int) dotlock_mode
)) >= 0) {
1190 close (i
); /* don't need descriptor any more */
1191 sprintf (tmp
,"Mailbox %.80s lock overridden",file
);
1193 chmod (base
->lock
,(int) dotlock_mode
);
1194 umask (mask
); /* restore old umask */
1197 umask (mask
); /* restore old umask */
1200 if (fd
>= 0) switch (errno
) {
1201 case EACCES
: /* protection failure? */
1202 MM_CRITICAL (NIL
); /* go critical */
1203 if (closedBox
|| !lockpgm
); /* can't do on closed box or disabled */
1204 else if ((*lockpgm
&& stat (lockpgm
,&sb
)) ||
1205 (!*lockpgm
&& stat (lockpgm
= LOCKPGM1
,&sb
) &&
1206 stat (lockpgm
= LOCKPGM2
,&sb
) && stat (lockpgm
= LOCKPGM3
,&sb
) &&
1207 stat (lockpgm
= LOCKPGM4
,&sb
)))
1208 lockpgm
= NIL
; /* disable if can't find lockpgm */
1209 else if (pipe (pi
) >= 0) { /* make command pipes */
1211 char *argv
[4],arg
[20];
1212 /* if input pipes usable create output pipes */
1213 if ((pi
[0] < FD_SETSIZE
) && (pi
[1] < FD_SETSIZE
) && (pipe (po
) >= 0)) {
1214 /* make sure output pipes are usable */
1215 if ((po
[0] >= FD_SETSIZE
) || (po
[1] >= FD_SETSIZE
));
1216 /* all is good, make inferior process */
1217 else if (!(j
= fork ())) {
1218 if (!fork ()) { /* make grandchild so it's inherited by init */
1219 /* prepare argument vector */
1220 sprintf (arg
,"%d",fd
);
1221 argv
[0] = lockpgm
; argv
[1] = arg
;
1222 argv
[2] = file
; argv
[3] = NIL
;
1223 /* set parent's I/O to my O/I */
1224 dup2 (pi
[1],1); dup2 (pi
[1],2); dup2 (po
[0],0);
1225 /* close all unnecessary descriptors */
1226 for (cf
= max (20,max (max (pi
[0],pi
[1]),max(po
[0],po
[1])));
1227 cf
>= 3; --cf
) if (cf
!= fd
) close (cf
);
1228 /* be our own process group */
1229 setpgrp (0,getpid ());
1231 _exit (execv (argv
[0],argv
));
1233 _exit (1); /* child is done */
1235 else if (j
> 0) { /* parent process */
1239 FD_SET (pi
[0],&rfd
);
1240 tmo
.tv_sec
= locktimeout
* 60;
1241 grim_pid_reap (j
,NIL
);/* reap child; grandchild now owned by init */
1242 /* read response from locking program */
1243 if (select (pi
[0]+1,&rfd
,0,0,&tmo
) &&
1244 (read (pi
[0],tmp
,1) == 1) && (tmp
[0] == '+')) {
1245 /* success, record pipes */
1246 base
->pipei
= pi
[0]; base
->pipeo
= po
[1];
1247 /* close child's side of the pipes */
1248 close (pi
[1]); close (po
[0]);
1249 MM_NOCRITICAL (NIL
);/* no longer critical */
1253 close (po
[0]); close (po
[1]);
1255 close (pi
[0]); close (pi
[1]);
1258 MM_NOCRITICAL (NIL
); /* no longer critical */
1259 /* find directory/file delimiter */
1260 if (s
= strrchr (base
->lock
,'/')) {
1261 *s
= '\0'; /* tie off at directory */
1262 sprintf(tmp
, /* generate default message */
1263 "Mailbox vulnerable - directory %.80s must have 1777 protection",
1265 /* definitely not 1777 if can't stat */
1266 mask
= stat (base
->lock
,&sb
) ? 0 : (sb
.st_mode
& 1777);
1267 *s
= '/'; /* restore lock name */
1268 if (mask
!= 1777) { /* default warning if not 1777 */
1269 if (!disableLockWarning
) MM_LOG (tmp
,WARN
);
1274 sprintf (tmp
,"Mailbox vulnerable - error creating %.80s: %s",
1275 base
->lock
,strerror (errno
));
1276 if (!disableLockWarning
) MM_LOG (tmp
,WARN
);
1279 base
->lock
[0] = '\0'; /* don't use lock files */
1283 /* Dot-lock file unlocker
1284 * Accepts: lock file name
1285 * Returns: T if success, NIL if failure
1288 long dotlock_unlock (DOTLOCK
*base
)
1291 if (base
&& base
->lock
[0]) {
1292 if (base
->pipei
>= 0) { /* if running through a pipe unlocker */
1293 ret
= (write (base
->pipeo
,"+",1) == 1);
1294 /* nuke the pipes */
1295 close (base
->pipei
); close (base
->pipeo
);
1297 else ret
= !unlink (base
->lock
);
1303 * Accepts: scratch buffer
1305 * type of locking operation (LOCK_SH or LOCK_EX)
1306 * pointer to return PID of locker
1307 * Returns: file descriptor of lock or negative if error
1310 int lockname (char *lock
,char *fname
,int op
,long *pid
)
1313 *pid
= 0; /* no locker PID */
1314 return stat (fname
,&sbuf
) ? -1 : lock_work (lock
,&sbuf
,op
,pid
);
1318 /* Lock file descriptor
1319 * Accepts: file descriptor
1320 * lock file name buffer
1321 * type of locking operation (LOCK_SH or LOCK_EX)
1322 * Returns: file descriptor of lock or negative if error
1325 int lockfd (int fd
,char *lock
,int op
)
1328 return fstat (fd
,&sbuf
) ? -1 : lock_work (lock
,&sbuf
,op
,NIL
);
1331 /* Lock file name worker
1332 * Accepts: lock file name
1333 * pointer to stat() buffer
1334 * type of locking operation (LOCK_SH or LOCK_EX)
1335 * pointer to return PID of locker
1336 * Returns: file descriptor of lock or negative if error
1339 int lock_work (char *lock
,void *sb
,int op
,long *pid
)
1341 struct stat lsb
,fsb
;
1342 struct stat
*sbuf
= (struct stat
*) sb
;
1343 char tmp
[MAILTMPLEN
];
1346 int mask
= umask (0);
1347 if (pid
) *pid
= 0; /* initialize return PID */
1348 /* make temporary lock file name */
1349 sprintf (lock
,"%s/.%lx.%lx",closedBox
? "" : tmpdir
,
1350 (unsigned long) sbuf
->st_dev
,(unsigned long) sbuf
->st_ino
);
1351 while (T
) { /* until get a good lock */
1352 do switch ((int) chk_notsymlink (lock
,&lsb
)) {
1353 case 1: /* exists just once */
1354 if (((fd
= open (lock
,O_RDWR
,shlock_mode
)) >= 0) ||
1355 (errno
!= ENOENT
) || (chk_notsymlink (lock
,&lsb
) >= 0)) break;
1356 case -1: /* name doesn't exist */
1357 fd
= open (lock
,O_RDWR
|O_CREAT
|O_EXCL
,shlock_mode
);
1359 default: /* multiple hard links */
1360 MM_LOG ("hard link to lock name",ERROR
);
1361 syslog (LOG_CRIT
,"SECURITY PROBLEM: hard link to lock name: %.80s",lock
);
1362 case 0: /* symlink (already did syslog) */
1363 umask (mask
); /* restore old mask */
1364 return -1; /* fail: no lock file */
1365 } while ((fd
< 0) && (errno
== EEXIST
));
1366 if (fd
< 0) { /* failed to get file descriptor */
1367 syslog (LOG_INFO
,"Mailbox lock file %s open failure: %s",lock
,
1369 if (!closedBox
) { /* more explicit snarl for bad configuration */
1370 if (stat (tmpdir
,&lsb
))
1371 syslog (LOG_CRIT
,"SYSTEM ERROR: no %s: %s",tmpdir
,strerror (errno
));
1372 else if ((lsb
.st_mode
& 01777) != 01777) {
1373 sprintf (tmp
,"Can't lock for write: %.80s must have 1777 protection",
1378 umask (mask
); /* restore old mask */
1379 return -1; /* fail: can't open lock file */
1382 /* non-blocking form */
1383 if (op
& LOCK_NB
) i
= flock (fd
,op
);
1384 else { /* blocking form */
1385 (*mailblocknotify
) (BLOCK_FILELOCK
,NIL
);
1387 (*mailblocknotify
) (BLOCK_NONE
,NIL
);
1389 if (i
) { /* failed, get other process' PID */
1390 if (pid
&& !fstat (fd
,&fsb
) && (i
= min (fsb
.st_size
,MAILTMPLEN
-1)) &&
1391 (read (fd
,tmp
,i
) == i
) && !(tmp
[i
] = 0) && ((i
= atol (tmp
)) > 0))
1393 close (fd
); /* failed, give up on lock */
1394 umask (mask
); /* restore old mask */
1395 return -1; /* fail: can't lock */
1397 /* make sure this lock is good for us */
1398 if (!lstat (lock
,&lsb
) && ((lsb
.st_mode
& S_IFMT
) != S_IFLNK
) &&
1399 !fstat (fd
,&fsb
) && (lsb
.st_dev
== fsb
.st_dev
) &&
1400 (lsb
.st_ino
== fsb
.st_ino
) && (fsb
.st_nlink
== 1)) break;
1401 close (fd
); /* lock not right, drop fd and try again */
1403 chmod (lock
,shlock_mode
); /* make sure mode OK (don't use fchmod()) */
1404 umask (mask
); /* restore old mask */
1405 return fd
; /* success */
1408 /* Check to make sure not a symlink
1409 * Accepts: file name
1411 * Returns: -1 if doesn't exist, NIL if symlink, else number of hard links
1414 long chk_notsymlink (char *name
,void *sb
)
1416 struct stat
*sbuf
= (struct stat
*) sb
;
1418 if (lstat (name
,sbuf
)) return -1;
1419 /* forbid symbolic link */
1420 if ((sbuf
->st_mode
& S_IFMT
) == S_IFLNK
) {
1421 MM_LOG ("symbolic link on lock name",ERROR
);
1422 syslog (LOG_CRIT
,"SECURITY PROBLEM: symbolic link on lock name: %.80s",
1426 return (long) sbuf
->st_nlink
; /* return number of hard links */
1430 /* Unlock file descriptor
1431 * Accepts: file descriptor
1432 * lock file name from lockfd()
1435 void unlockfd (int fd
,char *lock
)
1437 /* delete the file if no sharers */
1438 if (!flock (fd
,LOCK_EX
|LOCK_NB
)) unlink (lock
);
1439 flock (fd
,LOCK_UN
); /* unlock it */
1440 close (fd
); /* close it */
1443 /* Set proper file protection for mailbox
1444 * Accepts: mailbox name
1445 * actual file path name
1446 * Returns: T, always
1449 long set_mbx_protections (char *mailbox
,char *path
)
1452 int mode
= (int) mbx_protection
;
1453 if (*mailbox
== '#') { /* possible namespace? */
1454 if (((mailbox
[1] == 'f') || (mailbox
[1] == 'F')) &&
1455 ((mailbox
[2] == 't') || (mailbox
[2] == 'T')) &&
1456 ((mailbox
[3] == 'p') || (mailbox
[3] == 'P')) &&
1457 (mailbox
[4] == '/')) mode
= (int) ftp_protection
;
1458 else if (((mailbox
[1] == 'p') || (mailbox
[1] == 'P')) &&
1459 ((mailbox
[2] == 'u') || (mailbox
[2] == 'U')) &&
1460 ((mailbox
[3] == 'b') || (mailbox
[3] == 'B')) &&
1461 ((mailbox
[4] == 'l') || (mailbox
[4] == 'L')) &&
1462 ((mailbox
[5] == 'i') || (mailbox
[5] == 'I')) &&
1463 ((mailbox
[6] == 'c') || (mailbox
[6] == 'C')) &&
1464 (mailbox
[7] == '/')) mode
= (int) public_protection
;
1465 else if (((mailbox
[1] == 's') || (mailbox
[1] == 'S')) &&
1466 ((mailbox
[2] == 'h') || (mailbox
[2] == 'H')) &&
1467 ((mailbox
[3] == 'a') || (mailbox
[3] == 'A')) &&
1468 ((mailbox
[4] == 'r') || (mailbox
[4] == 'R')) &&
1469 ((mailbox
[5] == 'e') || (mailbox
[5] == 'E')) &&
1470 ((mailbox
[6] == 'd') || (mailbox
[6] == 'D')) &&
1471 (mailbox
[7] == '/')) mode
= (int) shared_protection
;
1473 /* if a directory */
1474 if (!stat (path
,&sbuf
) && ((sbuf
.st_mode
& S_IFMT
) == S_IFDIR
)) {
1475 /* set owner search if allow read or write */
1476 if (mode
& 0600) mode
|= 0100;
1477 if (mode
& 060) mode
|= 010;/* set group search if allow read or write */
1478 if (mode
& 06) mode
|= 01; /* set world search if allow read or write */
1479 /* preserve directory SGID bit */
1480 if (sbuf
.st_mode
& S_ISGID
) mode
|= S_ISGID
;
1482 chmod (path
,mode
); /* set the new protection, ignore failure */
1486 /* Get proper directory protection
1487 * Accepts: mailbox name
1488 * Returns: directory mode, always
1491 long get_dir_protection (char *mailbox
)
1493 if (*mailbox
== '#') { /* possible namespace? */
1494 if (((mailbox
[1] == 'f') || (mailbox
[1] == 'F')) &&
1495 ((mailbox
[2] == 't') || (mailbox
[2] == 'T')) &&
1496 ((mailbox
[3] == 'p') || (mailbox
[3] == 'P')) &&
1497 (mailbox
[4] == '/')) return ftp_dir_protection
;
1498 else if (((mailbox
[1] == 'p') || (mailbox
[1] == 'P')) &&
1499 ((mailbox
[2] == 'u') || (mailbox
[2] == 'U')) &&
1500 ((mailbox
[3] == 'b') || (mailbox
[3] == 'B')) &&
1501 ((mailbox
[4] == 'l') || (mailbox
[4] == 'L')) &&
1502 ((mailbox
[5] == 'i') || (mailbox
[5] == 'I')) &&
1503 ((mailbox
[6] == 'c') || (mailbox
[6] == 'C')) &&
1504 (mailbox
[7] == '/')) return public_dir_protection
;
1505 else if (((mailbox
[1] == 's') || (mailbox
[1] == 'S')) &&
1506 ((mailbox
[2] == 'h') || (mailbox
[2] == 'H')) &&
1507 ((mailbox
[3] == 'a') || (mailbox
[3] == 'A')) &&
1508 ((mailbox
[4] == 'r') || (mailbox
[4] == 'R')) &&
1509 ((mailbox
[5] == 'e') || (mailbox
[5] == 'E')) &&
1510 ((mailbox
[6] == 'd') || (mailbox
[6] == 'D')) &&
1511 (mailbox
[7] == '/')) return shared_dir_protection
;
1513 return dir_protection
;
1516 /* Determine default prototype stream to user
1517 * Accepts: type (NIL for create, T for append)
1518 * Returns: default prototype stream
1521 MAILSTREAM
*default_proto (long type
)
1523 myusername (); /* make sure initialized */
1524 /* return default driver's prototype */
1525 return type
? appendProto
: createProto
;
1529 /* Set up user flags for stream
1530 * Accepts: MAIL stream
1531 * Returns: MAIL stream with user flags set up
1534 MAILSTREAM
*user_flags (MAILSTREAM
*stream
)
1537 myusername (); /* make sure initialized */
1538 for (i
= 0; i
< NUSERFLAGS
&& userFlags
[i
]; ++i
)
1539 if (!stream
->user_flags
[i
]) stream
->user_flags
[i
] = cpystr (userFlags
[i
]);
1544 /* Return nth user flag
1545 * Accepts: user flag number
1549 char *default_user_flag (unsigned long i
)
1551 myusername (); /* make sure initialized */
1552 return userFlags
[i
];
1556 * Accepts: file name
1558 * Don't use this feature.
1561 void dorc (char *file
,long flag
)
1564 char *s
,*t
,*k
,*r
,tmp
[MAILTMPLEN
],tmpx
[MAILTMPLEN
];
1565 extern MAILSTREAM CREATEPROTO
;
1566 extern MAILSTREAM EMPTYPROTO
;
1569 if ((f
= fopen (file
? file
: SYSCONFIG
,"r")) &&
1570 (s
= fgets (tmp
,MAILTMPLEN
,f
)) && (t
= strchr (s
,'\n'))) do {
1571 *t
++ = '\0'; /* tie off line, find second space */
1572 if ((k
= strchr (s
,' ')) && (k
= strchr (++k
,' '))) {
1573 *k
++ = '\0'; /* tie off two words */
1574 if (!compare_cstring (s
,"set keywords") && !userFlags
[0]) {
1575 /* yes, get first keyword */
1576 k
= strtok_r (k
,", ",&r
);
1577 /* copy keyword list */
1578 for (i
= 0; k
&& i
< NUSERFLAGS
; ++i
) if (strlen (k
) <= MAXUSERFLAG
) {
1579 if (userFlags
[i
]) fs_give ((void **) &userFlags
[i
]);
1580 userFlags
[i
] = cpystr (k
);
1581 k
= strtok_r (NIL
,", ",&r
);
1583 if (flag
) break; /* found "set keywords" in .mminit */
1586 else if (!flag
) { /* none of these valid in .mminit */
1587 if (myUserName
) { /* only valid if logged in */
1588 if (!compare_cstring (s
,"set new-mailbox-format") ||
1589 !compare_cstring (s
,"set new-folder-format")) {
1590 if (!compare_cstring (k
,"same-as-inbox")) {
1591 if (d
= mail_valid (NIL
,"INBOX",NIL
)) {
1592 if (!compare_cstring (d
->name
,"mbox"))
1593 d
= (DRIVER
*) mail_parameters (NIL
,GET_DRIVER
,
1595 else if (!compare_cstring (d
->name
,"dummy")) d
= NIL
;
1597 createProto
= d
? ((*d
->open
) (NIL
)) : &CREATEPROTO
;
1599 else if (!compare_cstring (k
,"system-standard"))
1600 createProto
= &CREATEPROTO
;
1601 else { /* canonicalize mbox to unix */
1602 if (!compare_cstring (k
,"mbox")) k
= "unix";
1603 /* see if a driver name */
1604 if (d
= (DRIVER
*) mail_parameters (NIL
,GET_DRIVER
,(void *) k
))
1605 createProto
= (*d
->open
) (NIL
);
1607 sprintf (tmpx
,"Unknown new mailbox format in %s: %s",
1608 file
? file
: SYSCONFIG
,k
);
1613 if (!compare_cstring (s
,"set empty-mailbox-format") ||
1614 !compare_cstring (s
,"set empty-folder-format")) {
1615 if (!compare_cstring (k
,"invalid")) appendProto
= NIL
;
1616 else if (!compare_cstring (k
,"same-as-inbox"))
1617 appendProto
= ((d
= mail_valid (NIL
,"INBOX",NIL
)) &&
1618 compare_cstring (d
->name
,"dummy")) ?
1619 ((*d
->open
) (NIL
)) : &EMPTYPROTO
;
1620 else if (!compare_cstring (k
,"system-standard"))
1621 appendProto
= &EMPTYPROTO
;
1622 else { /* see if a driver name */
1623 for (d
= (DRIVER
*) mail_parameters (NIL
,GET_DRIVERS
,NIL
);
1624 d
&& compare_cstring (d
->name
,k
); d
= d
->next
);
1625 if (d
) appendProto
= (*d
->open
) (NIL
);
1627 sprintf (tmpx
,"Unknown empty mailbox format in %s: %s",
1628 file
? file
: SYSCONFIG
,k
);
1635 if (!compare_cstring (s
,"set local-host")) {
1636 fs_give ((void **) &myLocalHost
);
1637 myLocalHost
= cpystr (k
);
1639 else if (!compare_cstring (s
,"set news-active-file")) {
1640 fs_give ((void **) &newsActive
);
1641 newsActive
= cpystr (k
);
1643 else if (!compare_cstring (s
,"set news-spool-directory")) {
1644 fs_give ((void **) &newsSpool
);
1645 newsSpool
= cpystr (k
);
1647 else if (!compare_cstring (s
,"set mh-path"))
1648 mail_parameters (NIL
,SET_MHPATH
,(void *) k
);
1649 else if (!compare_cstring (s
,"set mh-allow-inbox"))
1650 mail_parameters (NIL
,SET_MHALLOWINBOX
,(void *) atol (k
));
1651 else if (!compare_cstring (s
,"set news-state-file")) {
1652 fs_give ((void **) &myNewsrc
);
1653 myNewsrc
= cpystr (k
);
1655 else if (!compare_cstring (s
,"set ftp-export-directory")) {
1656 fs_give ((void **) &ftpHome
);
1657 ftpHome
= cpystr (k
);
1659 else if (!compare_cstring (s
,"set public-home-directory")) {
1660 fs_give ((void **) &publicHome
);
1661 publicHome
= cpystr (k
);
1663 else if (!compare_cstring (s
,"set shared-home-directory")) {
1664 fs_give ((void **) &sharedHome
);
1665 sharedHome
= cpystr (k
);
1667 else if (!compare_cstring (s
,"set system-inbox")) {
1668 fs_give ((void **) &sysInbox
);
1669 sysInbox
= cpystr (k
);
1671 else if (!compare_cstring (s
,"set mail-subdirectory")) {
1672 fs_give ((void **) &mailsubdir
);
1673 mailsubdir
= cpystr (k
);
1675 else if (!compare_cstring (s
,"set from-widget"))
1676 mail_parameters (NIL
,SET_FROMWIDGET
,
1677 compare_cstring (k
,"header-only") ?
1680 else if (!compare_cstring (s
,"set rsh-command"))
1681 mail_parameters (NIL
,SET_RSHCOMMAND
,(void *) k
);
1682 else if (!compare_cstring (s
,"set rsh-path"))
1683 mail_parameters (NIL
,SET_RSHPATH
,(void *) k
);
1684 else if (!compare_cstring (s
,"set ssh-command"))
1685 mail_parameters (NIL
,SET_SSHCOMMAND
,(void *) k
);
1686 else if (!compare_cstring (s
,"set ssh-path"))
1687 mail_parameters (NIL
,SET_SSHPATH
,(void *) k
);
1688 else if (!compare_cstring (s
,"set tcp-open-timeout"))
1689 mail_parameters (NIL
,SET_OPENTIMEOUT
,(void *) atol (k
));
1690 else if (!compare_cstring (s
,"set tcp-read-timeout"))
1691 mail_parameters (NIL
,SET_READTIMEOUT
,(void *) atol (k
));
1692 else if (!compare_cstring (s
,"set tcp-write-timeout"))
1693 mail_parameters (NIL
,SET_WRITETIMEOUT
,(void *) atol (k
));
1694 else if (!compare_cstring (s
,"set rsh-timeout"))
1695 mail_parameters (NIL
,SET_RSHTIMEOUT
,(void *) atol (k
));
1696 else if (!compare_cstring (s
,"set ssh-timeout"))
1697 mail_parameters (NIL
,SET_SSHTIMEOUT
,(void *) atol (k
));
1698 else if (!compare_cstring (s
,"set maximum-login-trials"))
1699 mail_parameters (NIL
,SET_MAXLOGINTRIALS
,(void *) atol (k
));
1700 else if (!compare_cstring (s
,"set lookahead"))
1701 mail_parameters (NIL
,SET_LOOKAHEAD
,(void *) atol (k
));
1702 else if (!compare_cstring (s
,"set prefetch"))
1703 mail_parameters (NIL
,SET_PREFETCH
,(void *) atol (k
));
1704 else if (!compare_cstring (s
,"set close-on-error"))
1705 mail_parameters (NIL
,SET_CLOSEONERROR
,(void *) atol (k
));
1706 else if (!compare_cstring (s
,"set imap-port"))
1707 mail_parameters (NIL
,SET_IMAPPORT
,(void *) atol (k
));
1708 else if (!compare_cstring (s
,"set pop3-port"))
1709 mail_parameters (NIL
,SET_POP3PORT
,(void *) atol (k
));
1710 else if (!compare_cstring (s
,"set uid-lookahead"))
1711 mail_parameters (NIL
,SET_UIDLOOKAHEAD
,(void *) atol (k
));
1712 else if (!compare_cstring (s
,"set try-ssl-first"))
1713 mail_parameters (NIL
,SET_TRYSSLFIRST
,(void *) atol (k
));
1715 else if (!compare_cstring (s
,"set mailbox-protection"))
1716 mbx_protection
= atol (k
);
1717 else if (!compare_cstring (s
,"set directory-protection"))
1718 dir_protection
= atol (k
);
1719 else if (!compare_cstring (s
,"set lock-protection"))
1720 dotlock_mode
= atol (k
);
1721 else if (!compare_cstring (s
,"set ftp-protection"))
1722 ftp_protection
= atol (k
);
1723 else if (!compare_cstring (s
,"set public-protection"))
1724 public_protection
= atol (k
);
1725 else if (!compare_cstring (s
,"set shared-protection"))
1726 shared_protection
= atol (k
);
1727 else if (!compare_cstring (s
,"set ftp-directory-protection"))
1728 ftp_dir_protection
= atol (k
);
1729 else if (!compare_cstring (s
,"set public-directory-protection"))
1730 public_dir_protection
= atol (k
);
1731 else if (!compare_cstring (s
,"set shared-directory-protection"))
1732 shared_dir_protection
= atol (k
);
1733 else if (!compare_cstring (s
,"set dot-lock-file-timeout"))
1734 locktimeout
= atoi (k
);
1735 else if (!compare_cstring (s
,"set disable-fcntl-locking"))
1736 fcntlhangbug
= atoi (k
);
1737 else if (!compare_cstring (s
,"set disable-lock-warning"))
1738 disableLockWarning
= atoi (k
);
1739 else if (!compare_cstring (s
,"set disable-unix-UIDs-and-keywords"))
1740 has_no_life
= atoi (k
);
1741 else if (!compare_cstring (s
,"set hide-dot-files"))
1742 hideDotFiles
= atoi (k
);
1743 else if (!compare_cstring (s
,"set list-maximum-level"))
1744 list_max_level
= atol (k
);
1745 else if (!compare_cstring (s
,"set trust-dns"))
1746 mail_parameters (NIL
,SET_TRUSTDNS
,(void *) atol (k
));
1747 else if (!compare_cstring (s
,"set sasl-uses-ptr-name"))
1748 mail_parameters (NIL
,SET_SASLUSESPTRNAME
,(void *) atol (k
));
1749 else if (!compare_cstring (s
,"set network-filesystem-stat-bug"))
1750 netfsstatbug
= atoi (k
);
1751 else if (!compare_cstring (s
,"set nntp-range"))
1752 mail_parameters (NIL
,SET_NNTPRANGE
,(void *) atol (k
));
1754 else if (!file
) { /* only allowed in system init */
1755 if (!compare_cstring (s
,"set black-box-directory") &&
1756 !blackBoxDir
) blackBoxDir
= cpystr (k
);
1757 else if (!compare_cstring(s
,"set black-box-default-home-directory")&&
1758 blackBoxDir
&& !blackBoxDefaultHome
)
1759 blackBoxDefaultHome
= cpystr (k
);
1760 else if (!compare_cstring (s
,"set anonymous-home-directory") &&
1761 !anonymousHome
) anonymousHome
= cpystr (k
);
1762 /* It's tempting to allow setting the CA path
1763 * in a user init. However, that opens up a
1764 * vector of attack big enough to drive a
1765 * truck through... Resist the temptation.
1767 else if (!compare_cstring (s
,"set CA-certificate-path"))
1768 sslCApath
= cpystr (k
);
1769 else if (!compare_cstring (s
,"set disable-plaintext"))
1770 disablePlaintext
= atoi (k
);
1771 else if (!compare_cstring (s
,"set allowed-login-attempts"))
1773 else if (!compare_cstring (s
,"set chroot-server"))
1774 closedBox
= atoi (k
);
1775 else if (!compare_cstring (s
,"set restrict-mailbox-access"))
1776 for (k
= strtok_r (k
,", ",&r
); k
; k
= strtok_r (NIL
,", ",&r
)) {
1777 if (!compare_cstring (k
,"root")) restrictBox
|= RESTRICTROOT
;
1778 else if (!compare_cstring (k
,"otherusers"))
1779 restrictBox
|= RESTRICTOTHERUSER
;
1780 else if (!compare_cstring (k
,"all")) restrictBox
= -1;
1782 else if (!compare_cstring (s
,"set advertise-the-world"))
1783 advertisetheworld
= atoi (k
);
1784 else if (!compare_cstring (s
,"set limited-advertise"))
1785 limitedadvertise
= atoi (k
);
1786 else if (!compare_cstring
1787 (s
,"set disable-automatic-shared-namespaces"))
1788 noautomaticsharedns
= atoi (k
);
1789 else if (!compare_cstring (s
,"set allow-user-config"))
1790 allowuserconfig
= atoi (k
);
1791 else if (!compare_cstring (s
,"set allow-reverse-dns"))
1792 mail_parameters (NIL
,SET_ALLOWREVERSEDNS
,(void *) atol (k
));
1793 else if (!compare_cstring (s
,"set k5-cp-uses-service-name"))
1794 kerb_cp_svr_name
= atoi (k
);
1795 /* must appear in file after any
1796 * "set disable-plaintext" command! */
1797 else if (!compare_cstring (s
,"set plaintext-allowed-clients")) {
1798 for (k
= strtok_r (k
,", ",&r
); k
&& !tcp_isclienthost (k
);
1799 k
= strtok_r (NIL
,", ",&r
));
1800 if (k
) disablePlaintext
= 0;
1805 } while ((s
= fgets (tmp
,MAILTMPLEN
,f
)) && (t
= strchr (s
,'\n')));
1806 if (f
) fclose (f
); /* flush the file */
1809 /* INBOX create function for tmail/dmail use only
1810 * Accepts: mail stream
1811 * path name buffer, preloaded with driver-dependent path
1812 * Returns: T on success, NIL on failure
1814 * This routine is evil and a truly incredible kludge. It is private for
1815 * tmail/dmail and is not supported for any other application.
1818 long path_create (MAILSTREAM
*stream
,char *path
)
1821 short rsave
= restrictBox
;
1822 restrictBox
= NIL
; /* can't restrict */
1823 if (blackBox
) { /* if black box */
1824 /* toss out driver dependent names */
1825 sprintf (path
,"%s/INBOX",mymailboxdir ());
1826 blackBox
= NIL
; /* well that's evil - evil is going on */
1827 ret
= mail_create (stream
,path
);
1828 blackBox
= T
; /* restore the box */
1830 /* easy thing otherwise */
1831 else ret
= mail_create (stream
,path
);
1832 restrictBox
= rsave
; /* restore restrictions */
1836 /* Default block notify routine
1837 * Accepts: reason for calling
1842 void *mm_blocknotify (int reason
,void *data
)
1846 case BLOCK_SENSITIVE
: /* entering sensitive code */
1847 ret
= (void *) (unsigned long) alarm (0);
1849 case BLOCK_NONSENSITIVE
: /* exiting sensitive code */
1850 if ((unsigned long) data
) alarm ((unsigned long) data
);
1852 default: /* ignore all other reasons */