tcpwrap: Remove tcpwrap support

diff --git a/.gitignore b/.gitignore
index 331354aec8a6868fd65488a041cd3069ed03670f..6d14ec68fe699d67e0ae8954d4341ae758adf1f7 100644 (file)
--- a/.gitignore
+++ b/.gitignore
@@ -159,7 +159,6 @@ src/util/maildirlock
 src/util/rawlog
 src/util/script
 src/util/script-login
-src/util/tcpwrap
 src/plugins/fts/xml2text
 src/plugins/quota/rquota_xdr.c
 src/plugins/quota/rquota.h

diff --git a/configure.ac b/configure.ac
index f537b695d085d643e1916b855343e54cd238ce18..afe4790d75d6f0a51af728a2ec85b844abe575b7 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -184,11 +184,6 @@ AS_HELP_STRING([--with-libcap], [Build with libcap support (Dropping capabilitie
   TEST_WITH(libcap, $withval),
   want_libcap=auto)
 
-AC_ARG_WITH(libwrap,
-AS_HELP_STRING([--with-libwrap], [Build with libwrap, ie. TCP-wrappers]),
-  TEST_WITH(libwrap, $withval),
-  want_libwrap=no)
-
 AC_ARG_WITH(ssl,
 AS_HELP_STRING([--with-ssl=gnutls|openssl], [Build with GNUTLS or OpenSSL (default)]),
        if test x$withval = xno; then

diff --git a/m4/libwrap.m4 b/m4/libwrap.m4
deleted file mode 100644 (file)
index 895c067..0000000
--- a/m4/libwrap.m4
+++ /dev/null
@@ -1,38 +0,0 @@
-AC_DEFUN([DOVECOT_LIBWRAP], [
-  have_libwrap=no
-  if test $want_libwrap != no; then
-    AC_CHECK_HEADER(tcpd.h, [
-      old_LIBS=$LIBS
-  
-      AC_CACHE_CHECK([whether we have libwrap],i_cv_have_libwrap,[
-        AC_TRY_COMPILE([
-          #include <tcpd.h>
-          int allow_severity = 0;
-          int deny_severity = 0;
-        ], [
-          request_init((void *)0);
-        ], [
-          i_cv_have_libwrap=yes
-        ], [
-          i_cv_have_libwrap=no
-        ])
-      ])
-      if test $i_cv_have_libwrap = yes; then
-        AC_DEFINE(HAVE_LIBWRAP,, [Define if you have libwrap])
-        LIBWRAP_LIBS=-lwrap
-        AC_SUBST(LIBWRAP_LIBS)
-        have_libwrap=yes
-      else
-        if test "$want_libwrap" = "yes"; then
-          AC_ERROR([Can't build with libwrap support: libwrap not found])
-        fi
-      fi
-      LIBS=$old_LIBS
-    ], [
-      if test "$want_libwrap" = "yes"; then
-        AC_ERROR([Can't build with libwrap support: tcpd.h not found])
-      fi
-    ])
-  fi
-  AM_CONDITIONAL(TCPWRAPPERS, test "$have_libwrap" = "yes")
-])

diff --git a/src/util/Makefile.am b/src/util/Makefile.am
index 2c7621d891aca8f452c73b727593db7f2a06dd92..126029aaae5fd06a4d87f666f9679080688a820e 100644 (file)
--- a/src/util/Makefile.am
+++ b/src/util/Makefile.am
@@ -4,7 +4,6 @@ pkglibexec_PROGRAMS = \
        rawlog \
        script \
        script-login \
-       $(TCPWRAP_BIN) \
        gdbhelper \
        maildirlock
 
@@ -57,17 +56,6 @@ script_SOURCES = \
        script.c \
        health-check-settings.c
 
-if TCPWRAPPERS
-TCPWRAP_BIN = tcpwrap
-tcpwrap_LDADD = $(LIBDOVECOT) $(LIBWRAP_LIBS) \
-       $(BINARY_LDFLAGS)
-
-tcpwrap_DEPENDENCIES = $(LIBDOVECOT_DEPS)
-tcpwrap_SOURCES = \
-       tcpwrap.c \
-       tcpwrap-settings.c
-endif
-
 gdbhelper_LDADD = $(LIBDOVECOT) \
        $(BINARY_LDFLAGS)
 

diff --git a/src/util/tcpwrap-settings.c b/src/util/tcpwrap-settings.c
deleted file mode 100644 (file)
index ec7ceaf..0000000
--- a/src/util/tcpwrap-settings.c
+++ /dev/null
@@ -1,35 +0,0 @@
-/* Copyright (c) 2010-2018 Dovecot authors, see the included COPYING file */
-
-#include "lib.h"
-#include "buffer.h"
-#include "settings-parser.h"
-#include "service-settings.h"
-
-#include <stddef.h>
-
-#ifdef HAVE_LIBWRAP
-struct service_settings tcpwrap_service_settings = {
-       .name = "tcpwrap",
-       .protocol = "",
-       .type = "",
-       .executable = "tcpwrap",
-       .user = "$default_internal_user",
-       .group = "",
-       .privileged_group = "",
-       .extra_groups = "",
-       .chroot = "",
-
-       .drop_priv_before_exec = FALSE,
-
-       .process_min_avail = 0,
-       .process_limit = 0,
-       .client_limit = 1,
-       .service_count = 0,
-       .idle_kill = 0,
-       .vsz_limit = UOFF_T_MAX,
-
-       .unix_listeners = ARRAY_INIT,
-       .fifo_listeners = ARRAY_INIT,
-       .inet_listeners = ARRAY_INIT
-};
-#endif

diff --git a/src/util/tcpwrap.c b/src/util/tcpwrap.c
deleted file mode 100644 (file)
index 0d492bb..0000000
--- a/src/util/tcpwrap.c
+++ /dev/null
@@ -1,131 +0,0 @@
-/* Copyright (c) 2010-2018 Dovecot authors, see the included COPYING file */
-
-#include "lib.h"
-#include "ioloop.h"
-#include "fdpass.h"
-#include "write-full.h"
-#include "restrict-access.h"
-#include "master-service.h"
-
-#include <unistd.h>
-#include <syslog.h>
-#include <tcpd.h>
-
-struct tcpwrap_client {
-       int fd;
-       struct io *io;
-       struct timeout *to;
-};
-
-#define INPUT_TIMEOUT_MSECS (1000*10)
-
-/* for tcpwrap library */
-int allow_severity = LOG_INFO;
-int deny_severity = LOG_WARNING;
-
-static struct tcpwrap_client *tcpwrap_client = NULL;
-
-static void tcpwrap_client_destroy(struct tcpwrap_client **client);
-
-static void tcpwrap_client_handle(struct tcpwrap_client *client, int check_fd,
-                                 const char *daemon_name)
-{
-       struct request_info request;
-
-       request_init(&request, RQ_DAEMON, daemon_name,
-                    RQ_FILE, check_fd, 0);
-       fromhost(&request);
-
-       if (!hosts_access(&request))
-               (void)write_full(client->fd, "0\n", 2);
-       else
-               (void)write_full(client->fd, "1\n", 2);
-       lib_exit(0);
-}
-
-static void tcpwrap_client_input(struct tcpwrap_client *client)
-{
-       unsigned char buf[1024];
-       ssize_t ret;
-       int check_fd = -1;
-
-       ret = fd_read(client->fd, buf, sizeof(buf), &check_fd);
-       if (ret <= 0) {
-               i_error("fd_read() failed: %m");
-       } else if (ret > 1 && (size_t)ret < sizeof(buf) && buf[ret-1] == '\n') {
-               tcpwrap_client_handle(client, check_fd, t_strndup(buf, ret-1));
-       } else {
-               i_error("Invalid input from client");
-       }
-
-       i_close_fd(&check_fd);
-       tcpwrap_client_destroy(&client);
-}
-
-static void tcpwrap_client_timeout(struct tcpwrap_client *client)
-{
-       tcpwrap_client_destroy(&client);
-}
-
-static struct tcpwrap_client *tcpwrap_client_create(int fd)
-{
-       struct tcpwrap_client *client;
-
-       client = i_new(struct tcpwrap_client, 1);
-       client->fd = fd;
-       client->io = io_add(fd, IO_READ, tcpwrap_client_input, client);
-       client->to = timeout_add(INPUT_TIMEOUT_MSECS, tcpwrap_client_timeout,
-                                client);
-       return client;
-}
-
-static void tcpwrap_client_destroy(struct tcpwrap_client **_client)
-{
-       struct tcpwrap_client *client = *_client;
-
-       *_client = NULL;
-
-       timeout_remove(&client->to);
-       io_remove(&client->io);
-       if (close(client->fd) < 0)
-               i_error("close() failed: %m");
-       i_free(client);
-
-       tcpwrap_client = NULL;
-       master_service_client_connection_destroyed(master_service);
-}
-
-static void client_connected(struct master_service_connection *conn)
-{
-       if (tcpwrap_client != NULL) {
-               i_error("tcpwrap must be configured with client_limit=1");
-               return;
-       }
-
-       master_service_client_connection_accept(conn);
-       tcpwrap_client = tcpwrap_client_create(conn->fd);
-}
-
-int main(int argc, char *argv[])
-{
-       const enum master_service_flags service_flags =
-               MASTER_SERVICE_FLAG_DONT_SEND_STATS;
-
-       master_service = master_service_init("tcpwrap", service_flags,
-                                            &argc, &argv, "");
-       if (master_getopt(master_service) > 0)
-               return FATAL_DEFAULT;
-
-       master_service_init_log(master_service);
-       restrict_access_by_env(RESTRICT_ACCESS_FLAG_ALLOW_ROOT, NULL);
-       restrict_access_allow_coredumps(TRUE);
-
-       master_service_init_finish(master_service);
-
-       master_service_run(master_service, client_connected);
-       if (tcpwrap_client != NULL)
-               tcpwrap_client_destroy(&tcpwrap_client);
-
-       master_service_deinit(&master_service);
-        return 0;
-}