* SUCH DAMAGE.
*/
+#include "dfcompat.h"
+
#include <sys/param.h>
+#include <sys/types.h>
#include <sys/queue.h>
#include <sys/stat.h>
-#include <sys/types.h>
+#include <sys/time.h>
#include <sys/wait.h>
#include <dirent.h>
#include "dma.h"
-
static void deliver(struct qitem *);
struct aliases aliases = LIST_HEAD_INITIALIZER(aliases);
struct strlist tmpfs = SLIST_HEAD_INITIALIZER(tmpfs);
-struct virtusers virtusers = LIST_HEAD_INITIALIZER(virtusers);
struct authusers authusers = LIST_HEAD_INITIALIZER(authusers);
-struct config *config;
-const char *username;
+char username[USERNAME_SIZE];
+uid_t useruid;
const char *logident_base;
+char errmsg[ERRMSG_SIZE];
static int daemonize = 1;
+struct config config = {
+ .smarthost = NULL,
+ .port = 25,
+ .aliases = "/etc/aliases",
+ .spooldir = "/var/spool/dma",
+ .authpath = NULL,
+ .certfile = NULL,
+ .features = 0,
+ .mailname = NULL,
+ .masquerade_host = NULL,
+ .masquerade_user = NULL,
+};
+
+
+static void
+sighup_handler(int signo)
+{
+ (void)signo; /* so that gcc doesn't complain */
+}
+
static char *
set_from(struct queue *queue, const char *osender)
{
- struct virtuser *v;
char *sender;
- if ((config->features & VIRTUAL) != 0) {
- SLIST_FOREACH(v, &virtusers, next) {
- if (strcmp(v->login, username) == 0) {
- sender = strdup(v->address);
- if (sender == NULL)
- return(NULL);
- goto out;
- }
- }
- }
-
if (osender) {
sender = strdup(osender);
if (sender == NULL)
return (NULL);
+ } else if (getenv("EMAIL") != NULL) {
+ sender = strdup(getenv("EMAIL"));
+ if (sender == NULL)
+ return (NULL);
} else {
- if (asprintf(&sender, "%s@%s", username, hostname()) <= 0)
+ const char *from_user = username;
+ const char *from_host = hostname();
+
+ if (config.masquerade_user)
+ from_user = config.masquerade_user;
+ if (config.masquerade_host)
+ from_host = config.masquerade_host;
+ if (asprintf(&sender, "%s@%s", from_user, from_host) <= 0)
return (NULL);
}
return (NULL);
}
-out:
queue->sender = sender;
return (sender);
}
static int
read_aliases(void)
{
- yyin = fopen(config->aliases, "r");
- if (yyin == NULL)
- return (0); /* not fatal */
+ yyin = fopen(config.aliases, "r");
+ if (yyin == NULL) {
+ /*
+ * Non-existing aliases file is not a fatal error
+ */
+ if (errno == ENOENT)
+ return (0);
+ /* Other problems are. */
+ return (-1);
+ }
if (yyparse())
return (-1); /* fatal error, probably malloc() */
fclose(yyin);
daemonize = 0;
bzero(&sa, sizeof(sa));
- sa.sa_flags = SA_NOCLDWAIT;
sa.sa_handler = SIG_IGN;
sigaction(SIGCHLD, &sa, NULL);
{
int error;
unsigned int backoff = MIN_RETRY;
- const char *errmsg = "unknown bounce reason";
struct timeval now;
struct stat st;
+ snprintf(errmsg, sizeof(errmsg), "unknown bounce reason");
+
retry:
syslog(LOG_INFO, "trying delivery");
if (it->remote)
- error = deliver_remote(it, &errmsg);
+ error = deliver_remote(it);
else
- error = deliver_local(it, &errmsg);
+ error = deliver_local(it);
switch (error) {
case 0:
exit(1);
}
if (gettimeofday(&now, NULL) == 0 &&
- (now.tv_sec - st.st_mtimespec.tv_sec > MAX_TIMEOUT)) {
- asprintf(__DECONST(void *, &errmsg),
+ (now.tv_sec - st.st_mtim.tv_sec > MAX_TIMEOUT)) {
+ snprintf(errmsg, sizeof(errmsg),
"Could not deliver for the last %d seconds. Giving up.",
MAX_TIMEOUT);
goto bounce;
}
- sleep(backoff);
- backoff *= 2;
- if (backoff > MAX_RETRY)
- backoff = MAX_RETRY;
+ if (sleep(backoff) == 0) {
+ /* pick the next backoff between [1.5, 2.5) times backoff */
+ backoff = backoff + backoff / 2 + random() % backoff;
+ if (backoff > MAX_RETRY)
+ backoff = MAX_RETRY;
+ }
goto retry;
case -1:
int
main(int argc, char **argv)
{
+ struct sigaction act;
char *sender = NULL;
struct queue queue;
int i, ch;
int nodot = 0, doqueue = 0, showq = 0, queue_only = 0;
int recp_from_header = 0;
+ set_username();
+
+ /*
+ * We never run as root. If called by root, drop permissions
+ * to the mail user.
+ */
+ if (geteuid() == 0 || getuid() == 0) {
+ struct passwd *pw;
+
+ pw = getpwnam(DMA_ROOT_USER);
+ if (pw == NULL)
+ err(1, "cannot drop root privileges");
+
+ if (setuid(pw->pw_uid) != 0)
+ err(1, "cannot drop root privileges");
+
+ if (geteuid() == 0 || getuid() == 0)
+ errx(1, "cannot drop root privileges");
+ }
+
atexit(deltmp);
+ init_random();
bzero(&queue, sizeof(queue));
LIST_INIT(&queue.queue);
if (logident_base == NULL)
logident_base = "dma";
setlogident(NULL);
- set_username();
- /* XXX fork root here */
-
- config = calloc(1, sizeof(*config));
- if (config == NULL)
- errlog(1, NULL);
-
- if (parse_conf(CONF_PATH) < 0) {
- free(config);
- errlog(1, "can not read config file");
- }
+ act.sa_handler = sighup_handler;
+ act.sa_flags = 0;
+ sigemptyset(&act.sa_mask);
+ if (sigaction(SIGHUP, &act, NULL) != 0)
+ syslog(LOG_WARNING, "can not set signal handler: %m");
- if (config->features & VIRTUAL)
- if (parse_virtuser(config->virtualpath) < 0)
- errlog(1, "can not read virtual user file `%s'",
- config->virtualpath);
+ parse_conf(CONF_PATH "/dma.conf");
- if (parse_authfile(config->authpath) < 0)
- errlog(1, "can not read SMTP authentication file");
+ if (config.authpath != NULL)
+ parse_authfile(config.authpath);
if (showq) {
if (load_queue(&queue) < 0)
}
if (read_aliases() != 0)
- errlog(1, "can not read aliases file `%s'", config->aliases);
+ errlog(1, "can not read aliases file `%s'", config.aliases);
if ((sender = set_from(&queue, sender)) == NULL)
errlog(1, NULL);
/* From here on the mail is safe. */
- if (config->features & DEFER || queue_only)
+ if (config.features & DEFER || queue_only)
return (0);
run_queue(&queue);