}
+static void
+mail_storage_service_update_chroot(struct mail_storage_service_user *user,
+ struct mail_storage_service_privileges *priv)
+{
+ bool temp_priv_drop =
+ (user->flags & MAIL_STORAGE_SERVICE_FLAG_TEMP_PRIV_DROP) != 0;
+ /* we can't chroot if we want to switch between users. there's
+ not much point either (from security point of view). but if we're
+ already chrooted, we'll just have to continue and hope that the
+ current chroot is the same as the wanted chroot */
+ bool use_chroot = !temp_priv_drop ||
+ restrict_access_get_current_chroot() != NULL;
+
+ size_t len = strlen(priv->chroot);
+ if (len > 2 && strcmp(priv->chroot + len - 2, "/.") == 0 &&
+ strncmp(priv->home, priv->chroot, len - 2) == 0) {
+ /* mail_chroot = /chroot/. means that the home dir already
+ contains the chroot dir. remove it from home. */
+ if (use_chroot) {
+ priv->home += len - 2;
+ if (*priv->home == '\0')
+ priv->home = "/";
+ priv->chroot = t_strndup(priv->chroot, len - 2);
+
+ set_keyval(user, "mail_home", priv->home);
+ set_keyval(user, "mail_chroot", priv->chroot);
+ }
+ } else if (len > 0 && !use_chroot) {
+ /* we're not going to chroot. fix home directory so we can
+ access it. */
+ if (*priv->home == '\0' || strcmp(priv->home, "/") == 0)
+ priv->home = priv->chroot;
+ else
+ priv->home = t_strconcat(priv->chroot, priv->home, NULL);
+ priv->chroot = "";
+ set_keyval(user, "mail_home", priv->home);
+ }
+}
+
static int
mail_storage_service_lookup_real(struct mail_storage_service_ctx *ctx,
const struct mail_storage_service_input *input,
{
struct mail_storage_service_privileges priv;
const char *error;
- size_t len;
bool allow_root =
(user->flags & MAIL_STORAGE_SERVICE_FLAG_ALLOW_ROOT) != 0;
bool temp_priv_drop =
(user->flags & MAIL_STORAGE_SERVICE_FLAG_TEMP_PRIV_DROP) != 0;
- bool use_chroot;
*mail_user_r = NULL;
return -2;
}
- /* we can't chroot if we want to switch between users. there's
- not much point either (from security point of view). but if we're
- already chrooted, we'll just have to continue and hope that the
- current chroot is the same as the wanted chroot */
- use_chroot = !temp_priv_drop ||
- restrict_access_get_current_chroot() != NULL;
-
- len = strlen(priv.chroot);
- if (len > 2 && strcmp(priv.chroot + len - 2, "/.") == 0 &&
- strncmp(priv.home, priv.chroot, len - 2) == 0) {
- /* mail_chroot = /chroot/. means that the home dir already
- contains the chroot dir. remove it from home. */
- if (use_chroot) {
- priv.home += len - 2;
- if (*priv.home == '\0')
- priv.home = "/";
- priv.chroot = t_strndup(priv.chroot, len - 2);
-
- set_keyval(user, "mail_home", priv.home);
- set_keyval(user, "mail_chroot", priv.chroot);
- }
- } else if (len > 0 && !use_chroot) {
- /* we're not going to chroot. fix home directory so we can
- access it. */
- if (*priv.home == '\0' || strcmp(priv.home, "/") == 0)
- priv.home = priv.chroot;
- else
- priv.home = t_strconcat(priv.chroot, priv.home, NULL);
- priv.chroot = "";
- set_keyval(user, "mail_home", priv.home);
- }
-
+ mail_storage_service_update_chroot(user, &priv);
mail_storage_service_init_log(ctx, user);
/* create ioloop context regardless of logging. it's also used by
projects / thirdparty / dovecot / core.git / commitdiff
