imapext-2007: src/osdep/unix/env

imapext-2007

annotate src/osdep/unix/env_unix.c @ 4:d741b3ecc917

imapext-2007f

author	HIROSE Yuuji <yuuji@gentei.org>
date	Thu, 30 Oct 2014 00:03:05 +0900
parents	2366b362676d
children

rev	line source
yuuji@0	1 /* ========================================================================
yuuji@0	2 * Copyright 1988-2008 University of Washington
yuuji@0	3 *
yuuji@0	4 * Licensed under the Apache License, Version 2.0 (the "License");
yuuji@0	5 * you may not use this file except in compliance with the License.
yuuji@0	6 * You may obtain a copy of the License at
yuuji@0	7 *
yuuji@0	8 * http://www.apache.org/licenses/LICENSE-2.0
yuuji@0	9 *
yuuji@0	10 *
yuuji@0	11 * ========================================================================
yuuji@0	12 */
yuuji@0	13
yuuji@0	14 /*
yuuji@0	15 * Program: UNIX environment routines
yuuji@0	16 *
yuuji@0	17 * Author: Mark Crispin
yuuji@0	18 * UW Technology
yuuji@0	19 * University of Washington
yuuji@0	20 * Seattle, WA 98195
yuuji@0	21 * Internet: MRC@Washington.EDU
yuuji@0	22 *
yuuji@0	23 * Date: 1 August 1988
yuuji@3	24 * Last Edited: 23 February 2009
yuuji@0	25 */
yuuji@0	26
yuuji@0	27 #include <grp.h>
yuuji@0	28 #include <signal.h>
yuuji@0	29 #include <sys/wait.h>
yuuji@0	30
yuuji@0	31
yuuji@0	32 /* in case stat.h is ancient */
yuuji@0	33
yuuji@0	34 #ifndef S_IRUSR
yuuji@0	35 #define S_IRUSR S_IREAD
yuuji@0	36 #endif
yuuji@0	37 #ifndef S_IWUSR
yuuji@0	38 #define S_IWUSR S_IWRITE
yuuji@0	39 #endif
yuuji@0	40 #ifndef S_IXUSR
yuuji@0	41 #define S_IXUSR S_IEXEC
yuuji@0	42 #endif
yuuji@0	43 #ifndef S_IRGRP
yuuji@0	44 #define S_IRGRP (S_IREAD >> 3)
yuuji@0	45 #endif
yuuji@0	46 #ifndef S_IWGRP
yuuji@0	47 #define S_IWGRP (S_IWRITE >> 3)
yuuji@0	48 #endif
yuuji@0	49 #ifndef S_IXGRP
yuuji@0	50 #define S_IXGRP (S_IEXEC >> 3)
yuuji@0	51 #endif
yuuji@0	52 #ifndef S_IROTH
yuuji@0	53 #define S_IROTH (S_IREAD >> 6)
yuuji@0	54 #endif
yuuji@0	55 #ifndef S_IWOTH
yuuji@0	56 #define S_IWOTH (S_IWRITE >> 6)
yuuji@0	57 #endif
yuuji@0	58 #ifndef S_IXOTH
yuuji@0	59 #define S_IXOTH (S_IEXEC >> 6)
yuuji@0	60 #endif
yuuji@0	61
yuuji@0	62 /* c-client environment parameters */
yuuji@0	63
yuuji@0	64 static char myUserName = NIL; / user name */
yuuji@0	65 static char myHomeDir = NIL; / home directory name */
yuuji@0	66 static char myServerName = NIL;/ server name */
yuuji@0	67 static char myLocalHost = NIL; / local host name */
yuuji@0	68 static char myNewsrc = NIL; / newsrc file name */
yuuji@0	69 static char mailsubdir = NIL; / mailbox subdirectory name */
yuuji@0	70 static char sysInbox = NIL; / system inbox name */
yuuji@0	71 static char newsActive = NIL; / news active file */
yuuji@0	72 static char newsSpool = NIL; / news spool */
yuuji@0	73 static char blackBoxDir = NIL; / black box directory name */
yuuji@0	74 /* black box default home directory */
yuuji@0	75 static char *blackBoxDefaultHome = NIL;
yuuji@0	76 static char sslCApath = NIL; / non-standard CA path */
yuuji@0	77 static short anonymous = NIL; /* is anonymous */
yuuji@0	78 static short blackBox = NIL; /* is a black box */
yuuji@0	79 static short closedBox = NIL; /* is a closed box (uses chroot() jail) */
yuuji@0	80 static short restrictBox = NIL; /* is a restricted box */
yuuji@0	81 static short has_no_life = NIL; /* is a cretin with no life */
yuuji@0	82 /* block environment init */
yuuji@0	83 static short block_env_init = NIL;
yuuji@0	84 static short hideDotFiles = NIL;/* hide files whose names start with . */
yuuji@0	85 /* advertise filesystem root */
yuuji@0	86 static short advertisetheworld = NIL;
yuuji@0	87 /* only advertise own mailboxes and #shared */
yuuji@0	88 static short limitedadvertise = NIL;
yuuji@0	89 /* disable automatic shared namespaces */
yuuji@0	90 static short noautomaticsharedns = NIL;
yuuji@0	91 static short no822tztext = NIL; /* disable RFC [2]822 timezone text */
yuuji@0	92 /* client principals include service name */
yuuji@0	93 static short kerb_cp_svr_name = NIL;
yuuji@0	94 static long locktimeout = 5; /* default lock timeout in minutes */
yuuji@0	95 /* default prototypes */
yuuji@0	96 static MAILSTREAM *createProto = NIL;
yuuji@0	97 static MAILSTREAM *appendProto = NIL;
yuuji@0	98 /* default user flags */
yuuji@0	99 static char *userFlags[NUSERFLAGS] = {NIL};
yuuji@0	100 static NAMESPACE nslist[3]; / namespace list */
yuuji@0	101 static int logtry = 3; /* number of server login tries */
yuuji@0	102 /* block notification */
yuuji@0	103 static blocknotify_t mailblocknotify = mm_blocknotify;
yuuji@0	104 /* logout function */
yuuji@0	105 static logouthook_t maillogouthook = NIL;
yuuji@0	106 /* logout data */
yuuji@0	107 static void *maillogoutdata = NIL;
yuuji@0	108 /* allow user config files */
yuuji@0	109 static short allowuserconfig = NIL;
yuuji@0	110 /* 1 = disable plaintext, 2 = if not SSL */
yuuji@0	111 static long disablePlaintext = NIL;
yuuji@0	112 static long list_max_level = 20;/* maximum level of list recursion */
yuuji@0	113 /* facility for syslog */
yuuji@0	114 static int syslog_facility = LOG_MAIL;
yuuji@0	115
yuuji@0	116 /* Path of the privileged system lock program (mlock). Normally set by
yuuji@0	117 * logic test.
yuuji@0	118 */
yuuji@0	119
yuuji@0	120 static char *lockpgm = LOCKPGM;
yuuji@0	121
yuuji@0	122 /* Directory used for shared locks. MUST be the same for all users of the
yuuji@0	123 * system, and MUST be protected 1777. /var/tmp may be preferable on some
yuuji@0	124 * systems.
yuuji@0	125 */
yuuji@0	126
yuuji@0	127 static const char *tmpdir = "/tmp";
yuuji@0	128
yuuji@0	129 /* Do not change shlock_mode. Doing so can cause mailbox corruption and
yuuji@0	130 * denial of service. It also defeats the entire purpose of the shared
yuuji@0	131 * lock mechanism. The right way to avoid shared locks is to set up a
yuuji@0	132 * closed box (see the closedBox setting).
yuuji@0	133 */
yuuji@0	134
yuuji@0	135 /* shared lock mode */
yuuji@0	136 static const int shlock_mode = S_IRUSR\|S_IWUSR\|S_IRGRP\|S_IWGRP\|S_IROTH\|S_IWOTH;
yuuji@0	137
yuuji@0	138
yuuji@0	139 /* It is STRONGLY recommended that you do not change dotlock_mode. Doing so
yuuji@0	140 * can cause denial of service with old dot-lock files left lying around.
yuuji@0	141 * However, since dot-locks are only used with traditional UNIX and MMDF
yuuji@0	142 * formats which are not normally shared, it is much less harmful to tamper
yuuji@0	143 * with this than with shlock_mode.
yuuji@0	144 */
yuuji@0	145
yuuji@0	146 /* dot-lock mode */
yuuji@0	147 static long dotlock_mode = S_IRUSR\|S_IWUSR\|S_IRGRP\|S_IWGRP\|S_IROTH\|S_IWOTH;
yuuji@0	148
yuuji@0	149 /* File/directory access and protection policies */
yuuji@0	150
yuuji@0	151 /* Unlike shlock_mode, the ????_protection modes are intended to be fully
yuuji@0	152 * customizable according to site policy. The values here are recommended
yuuji@0	153 * settings, based upon the documented purposes of the namespaces.
yuuji@0	154 */
yuuji@0	155
yuuji@0	156 /* user space - only owner can read/write */
yuuji@0	157 static char myMailboxDir = NIL;/ user space directory name */
yuuji@0	158 /* default file protection */
yuuji@0	159 static long mbx_protection = S_IRUSR\|S_IWUSR;
yuuji@0	160 /* default directory protection */
yuuji@0	161 static long dir_protection = S_IRUSR\|S_IWUSR\|S_IXUSR;
yuuji@0	162
yuuji@0	163 /* user space for user "anonymous" */
yuuji@0	164 /* anonymous home directory */
yuuji@0	165 static char *anonymousHome = NIL;
yuuji@0	166
yuuji@0	167 /* #ftp - everybody can read, only owner can write */
yuuji@0	168 static char ftpHome = NIL; / ftp export home directory */
yuuji@0	169 /* default ftp file protection */
yuuji@0	170 static long ftp_protection = S_IRUSR\|S_IWUSR\|S_IRGRP\|S_IROTH;
yuuji@0	171 static long ftp_dir_protection =/* default ftp directory protection */
yuuji@0	172 S_IRUSR\|S_IWUSR\|S_IXUSR\|S_IRGRP\|S_IXGRP\|S_IROTH\|S_IXOTH;
yuuji@0	173
yuuji@0	174 /* #public - everybody can read/write */
yuuji@0	175 static char publicHome = NIL; / public home directory */
yuuji@0	176 static long public_protection = /* default public file protection */
yuuji@0	177 S_IRUSR\|S_IWUSR\|S_IRGRP\|S_IWGRP\|S_IROTH\|S_IWOTH;
yuuji@0	178 /* default public directory protection */
yuuji@0	179 static long public_dir_protection =
yuuji@0	180 S_IRUSR\|S_IWUSR\|S_IXUSR\|S_IRGRP\|S_IWGRP\|S_IXGRP\|S_IROTH\|S_IWOTH\|S_IXOTH;
yuuji@0	181
yuuji@0	182 /* #shared/ - owner and group members can read/write */
yuuji@0	183 static char sharedHome = NIL; / shared home directory */
yuuji@0	184 /* default shared file protection */
yuuji@0	185 static long shared_protection = S_IRUSR\|S_IWUSR\|S_IRGRP\|S_IWGRP;
yuuji@0	186 /* default shared directory protection */
yuuji@0	187 static long shared_dir_protection =
yuuji@0	188 S_IRUSR\|S_IWUSR\|S_IXUSR\|S_IRGRP\|S_IWGRP\|S_IXGRP;
yuuji@0	189
yuuji@0	190 /* OS bug workarounds - should be avoided at all cost */
yuuji@0	191
yuuji@0	192
yuuji@0	193 /* Don't set fcntlhangbug unless you really have to, since it risks mailbox
yuuji@0	194 * corruption. The flocksim.c mechanism is designed to detect NFS access
yuuji@0	195 * and no-op in that cases only, so this flag should be unnecessary.
yuuji@0	196 */
yuuji@0	197
yuuji@0	198 static short fcntlhangbug = NIL;/* flock() emulator using fcntl() is a no-op */
yuuji@0	199
yuuji@0	200
yuuji@0	201 /* Don't set netfsstatbug unless you really have to, since it dramatically
yuuji@0	202 * slows down traditional UNIX and MMDF mailbox performance.
yuuji@0	203 */
yuuji@0	204
yuuji@0	205 static short netfsstatbug = NIL;/* compensate for broken stat() on network
yuuji@0	206 * filesystems (AFS and old NFS)
yuuji@0	207 */
yuuji@0	208
yuuji@0	209
yuuji@0	210 /* Note: setting disableLockWarning means that you assert that the
yuuji@0	211 * so-modified copy of this software will NEVER be used:
yuuji@0	212 * 1) in conjunction with any software which expects .lock files
yuuji@0	213 * 2) to access NFS-mounted files and directories
yuuji@0	214 *
yuuji@0	215 * Unless both of these conditions apply, then do not set this flag.
yuuji@0	216 * Instead, read the FAQ (item 7.10) and either use 1777 protection
yuuji@0	217 * on the mail spool, or install mlock.
yuuji@0	218 *
yuuji@0	219 * In addition, by setting this flag you also agree that you are fully
yuuji@0	220 * legally and morally responsible when (not if) mail files are damaged
yuuji@0	221 * as the result of your choice.
yuuji@0	222 *
yuuji@0	223 * The mlock tool exists for a reason. Use it.
yuuji@0	224 */
yuuji@0	225 /* disable warning if can't make .lock file */
yuuji@0	226 static short disableLockWarning = NIL;
yuuji@0	227
yuuji@0	228 /* UNIX Namespaces */
yuuji@0	229
yuuji@0	230 /* personal mh namespace */
yuuji@0	231 static NAMESPACE nsmhf = {"#mh/",'/',NIL,NIL};
yuuji@0	232 static NAMESPACE nsmh = {"#mhinbox",NIL,NIL,&nsmhf};
yuuji@0	233 /* home namespace */
yuuji@0	234 static NAMESPACE nshome = {"",'/',NIL,&nsmh};
yuuji@0	235 /* UNIX other user namespace */
yuuji@0	236 static NAMESPACE nsunixother = {"~",'/',NIL,NIL};
yuuji@0	237 /* black box other user namespace */
yuuji@0	238 static NAMESPACE nsblackother = {"/",'/',NIL,NIL};
yuuji@0	239 /* public (anonymous OK) namespace */
yuuji@0	240 static NAMESPACE nspublic = {"#public/",'/',NIL,NIL};
yuuji@0	241 /* netnews namespace */
yuuji@0	242 static NAMESPACE nsnews = {"#news.",'.',NIL,&nspublic};
yuuji@0	243 /* FTP export namespace */
yuuji@0	244 static NAMESPACE nsftp = {"#ftp/",'/',NIL,&nsnews};
yuuji@0	245 /* shared (no anonymous) namespace */
yuuji@0	246 static NAMESPACE nsshared = {"#shared/",'/',NIL,&nsftp};
yuuji@0	247 /* world namespace */
yuuji@0	248 static NAMESPACE nsworld = {"/",'/',NIL,&nsshared};
yuuji@0	249 /* only shared and public namespaces */
yuuji@0	250 static NAMESPACE nslimited = {"#shared/",'/',NIL,&nspublic};
yuuji@0	251
yuuji@0	252
yuuji@0	253
yuuji@0	254 #include "write.c" /* include safe writing routines */
yuuji@0	255 #include "crexcl.c" /* include exclusive create */
yuuji@0	256 #include "pmatch.c" /* include wildcard pattern matcher */
yuuji@0	257
yuuji@0	258 /* Get all authenticators */
yuuji@0	259
yuuji@0	260 #include "auths.c"
yuuji@0	261
yuuji@0	262 /* Environment manipulate parameters
yuuji@0	263 * Accepts: function code
yuuji@0	264 * function-dependent value
yuuji@0	265 * Returns: function-dependent return value
yuuji@0	266 */
yuuji@0	267
yuuji@0	268 void env_parameters (long function,void value)
yuuji@0	269 {
yuuji@0	270 void *ret = NIL;
yuuji@0	271 switch ((int) function) {
yuuji@0	272 case GET_NAMESPACE:
yuuji@0	273 ret = (void *) nslist;
yuuji@0	274 break;
yuuji@0	275 case SET_USERNAME:
yuuji@0	276 if (myUserName) fs_give ((void **) &myUserName);
yuuji@0	277 myUserName = cpystr ((char *) value);
yuuji@0	278 case GET_USERNAME:
yuuji@0	279 ret = (void *) myUserName;
yuuji@0	280 break;
yuuji@0	281 case SET_HOMEDIR:
yuuji@0	282 if (myHomeDir) fs_give ((void **) &myHomeDir);
yuuji@0	283 myHomeDir = cpystr ((char *) value);
yuuji@0	284 case GET_HOMEDIR:
yuuji@0	285 ret = (void *) myHomeDir;
yuuji@0	286 break;
yuuji@0	287 case SET_LOCALHOST:
yuuji@0	288 if (myLocalHost) fs_give ((void **) &myLocalHost);
yuuji@0	289 myLocalHost = cpystr ((char *) value);
yuuji@0	290 case GET_LOCALHOST:
yuuji@0	291 ret = (void *) myLocalHost;
yuuji@0	292 break;
yuuji@0	293 case SET_NEWSRC:
yuuji@0	294 if (myNewsrc) fs_give ((void **) &myNewsrc);
yuuji@0	295 myNewsrc = cpystr ((char *) value);
yuuji@0	296 case GET_NEWSRC:
yuuji@0	297 ret = (void *) myNewsrc;
yuuji@0	298 break;
yuuji@0	299 case SET_NEWSACTIVE:
yuuji@0	300 if (newsActive) fs_give ((void **) &newsActive);
yuuji@0	301 newsActive = cpystr ((char *) value);
yuuji@0	302 case GET_NEWSACTIVE:
yuuji@0	303 ret = (void *) newsActive;
yuuji@0	304 break;
yuuji@0	305 case SET_NEWSSPOOL:
yuuji@0	306 if (newsSpool) fs_give ((void **) &newsSpool);
yuuji@0	307 newsSpool = cpystr ((char *) value);
yuuji@0	308 case GET_NEWSSPOOL:
yuuji@0	309 ret = (void *) newsSpool;
yuuji@0	310 break;
yuuji@0	311
yuuji@0	312 case SET_ANONYMOUSHOME:
yuuji@0	313 if (anonymousHome) fs_give ((void **) &anonymousHome);
yuuji@0	314 anonymousHome = cpystr ((char *) value);
yuuji@0	315 case GET_ANONYMOUSHOME:
yuuji@0	316 if (!anonymousHome) anonymousHome = cpystr (ANONYMOUSHOME);
yuuji@0	317 ret = (void *) anonymousHome;
yuuji@0	318 break;
yuuji@0	319 case SET_FTPHOME:
yuuji@0	320 if (ftpHome) fs_give ((void **) &ftpHome);
yuuji@0	321 ftpHome = cpystr ((char *) value);
yuuji@0	322 case GET_FTPHOME:
yuuji@0	323 ret = (void *) ftpHome;
yuuji@0	324 break;
yuuji@0	325 case SET_PUBLICHOME:
yuuji@0	326 if (publicHome) fs_give ((void **) &publicHome);
yuuji@0	327 publicHome = cpystr ((char *) value);
yuuji@0	328 case GET_PUBLICHOME:
yuuji@0	329 ret = (void *) publicHome;
yuuji@0	330 break;
yuuji@0	331 case SET_SHAREDHOME:
yuuji@0	332 if (sharedHome) fs_give ((void **) &sharedHome);
yuuji@0	333 sharedHome = cpystr ((char *) value);
yuuji@0	334 case GET_SHAREDHOME:
yuuji@0	335 ret = (void *) sharedHome;
yuuji@0	336 break;
yuuji@0	337 case SET_SYSINBOX:
yuuji@0	338 if (sysInbox) fs_give ((void **) &sysInbox);
yuuji@0	339 sysInbox = cpystr ((char *) value);
yuuji@0	340 case GET_SYSINBOX:
yuuji@0	341 ret = (void *) sysInbox;
yuuji@0	342 break;
yuuji@0	343 case SET_SSLCAPATH: /* this can be set null */
yuuji@0	344 if (sslCApath) fs_give ((void **) &sslCApath);
yuuji@0	345 sslCApath = value ? cpystr ((char *) value) : value;
yuuji@0	346 break;
yuuji@0	347 case GET_SSLCAPATH:
yuuji@0	348 ret = (void *) sslCApath;
yuuji@0	349 break;
yuuji@0	350 case SET_LISTMAXLEVEL:
yuuji@0	351 list_max_level = (long) value;
yuuji@0	352 case GET_LISTMAXLEVEL:
yuuji@0	353 ret = (void *) list_max_level;
yuuji@0	354 break;
yuuji@0	355
yuuji@0	356 case SET_MBXPROTECTION:
yuuji@0	357 mbx_protection = (long) value;
yuuji@0	358 case GET_MBXPROTECTION:
yuuji@0	359 ret = (void *) mbx_protection;
yuuji@0	360 break;
yuuji@0	361 case SET_DIRPROTECTION:
yuuji@0	362 dir_protection = (long) value;
yuuji@0	363 case GET_DIRPROTECTION:
yuuji@0	364 ret = (void *) dir_protection;
yuuji@0	365 break;
yuuji@0	366 case SET_LOCKPROTECTION:
yuuji@0	367 dotlock_mode = (long) value;
yuuji@0	368 case GET_LOCKPROTECTION:
yuuji@0	369 ret = (void *) dotlock_mode;
yuuji@0	370 break;
yuuji@0	371 case SET_FTPPROTECTION:
yuuji@0	372 ftp_protection = (long) value;
yuuji@0	373 case GET_FTPPROTECTION:
yuuji@0	374 ret = (void *) ftp_protection;
yuuji@0	375 break;
yuuji@0	376 case SET_PUBLICPROTECTION:
yuuji@0	377 public_protection = (long) value;
yuuji@0	378 case GET_PUBLICPROTECTION:
yuuji@0	379 ret = (void *) public_protection;
yuuji@0	380 break;
yuuji@0	381 case SET_SHAREDPROTECTION:
yuuji@0	382 shared_protection = (long) value;
yuuji@0	383 case GET_SHAREDPROTECTION:
yuuji@0	384 ret = (void *) shared_protection;
yuuji@0	385 break;
yuuji@0	386 case SET_FTPDIRPROTECTION:
yuuji@0	387 ftp_dir_protection = (long) value;
yuuji@0	388 case GET_FTPDIRPROTECTION:
yuuji@0	389 ret = (void *) ftp_dir_protection;
yuuji@0	390 break;
yuuji@0	391 case SET_PUBLICDIRPROTECTION:
yuuji@0	392 public_dir_protection = (long) value;
yuuji@0	393 case GET_PUBLICDIRPROTECTION:
yuuji@0	394 ret = (void *) public_dir_protection;
yuuji@0	395 break;
yuuji@0	396 case SET_SHAREDDIRPROTECTION:
yuuji@0	397 shared_dir_protection = (long) value;
yuuji@0	398 case GET_SHAREDDIRPROTECTION:
yuuji@0	399 ret = (void *) shared_dir_protection;
yuuji@0	400 break;
yuuji@0	401
yuuji@0	402 case SET_LOCKTIMEOUT:
yuuji@0	403 locktimeout = (long) value;
yuuji@0	404 case GET_LOCKTIMEOUT:
yuuji@0	405 ret = (void *) locktimeout;
yuuji@0	406 break;
yuuji@0	407 case SET_DISABLEFCNTLLOCK:
yuuji@0	408 fcntlhangbug = value ? T : NIL;
yuuji@0	409 case GET_DISABLEFCNTLLOCK:
yuuji@0	410 ret = (void *) (fcntlhangbug ? VOIDT : NIL);
yuuji@0	411 break;
yuuji@0	412 case SET_LOCKEACCESERROR:
yuuji@0	413 disableLockWarning = value ? NIL : T;
yuuji@0	414 case GET_LOCKEACCESERROR:
yuuji@0	415 ret = (void *) (disableLockWarning ? NIL : VOIDT);
yuuji@0	416 break;
yuuji@0	417 case SET_HIDEDOTFILES:
yuuji@0	418 hideDotFiles = value ? T : NIL;
yuuji@0	419 case GET_HIDEDOTFILES:
yuuji@0	420 ret = (void *) (hideDotFiles ? VOIDT : NIL);
yuuji@0	421 break;
yuuji@0	422 case SET_DISABLEPLAINTEXT:
yuuji@0	423 disablePlaintext = (long) value;
yuuji@0	424 case GET_DISABLEPLAINTEXT:
yuuji@4	425 #ifdef RESTRICT_POP
yuuji@4	426 if (getenv("INTRANET") == NIL) disablePlaintext = 1;
yuuji@4	427 else disablePlaintext = NIL;
yuuji@4	428 #endif
yuuji@0	429 ret = (void *) disablePlaintext;
yuuji@0	430 break;
yuuji@0	431 case SET_CHROOTSERVER:
yuuji@0	432 closedBox = value ? T : NIL;
yuuji@0	433 case GET_CHROOTSERVER:
yuuji@0	434 ret = (void *) (closedBox ? VOIDT : NIL);
yuuji@0	435 break;
yuuji@0	436 case SET_ADVERTISETHEWORLD:
yuuji@0	437 advertisetheworld = value ? T : NIL;
yuuji@0	438 case GET_ADVERTISETHEWORLD:
yuuji@0	439 ret = (void *) (advertisetheworld ? VOIDT : NIL);
yuuji@0	440 break;
yuuji@0	441 case SET_LIMITEDADVERTISE:
yuuji@0	442 limitedadvertise = value ? T : NIL;
yuuji@0	443 case GET_LIMITEDADVERTISE:
yuuji@0	444 ret = (void *) (limitedadvertise ? VOIDT : NIL);
yuuji@0	445 break;
yuuji@0	446 case SET_DISABLEAUTOSHAREDNS:
yuuji@0	447 noautomaticsharedns = value ? T : NIL;
yuuji@0	448 case GET_DISABLEAUTOSHAREDNS:
yuuji@0	449 ret = (void *) (noautomaticsharedns ? VOIDT : NIL);
yuuji@0	450 break;
yuuji@0	451 case SET_DISABLE822TZTEXT:
yuuji@0	452 no822tztext = value ? T : NIL;
yuuji@0	453 case GET_DISABLE822TZTEXT:
yuuji@0	454 ret = (void *) (no822tztext ? VOIDT : NIL);
yuuji@0	455 break;
yuuji@0	456
yuuji@0	457 case SET_USERHASNOLIFE:
yuuji@0	458 has_no_life = value ? T : NIL;
yuuji@0	459 case GET_USERHASNOLIFE:
yuuji@0	460 ret = (void *) (has_no_life ? VOIDT : NIL);
yuuji@0	461 break;
yuuji@0	462 case SET_KERBEROS_CP_SVR_NAME:
yuuji@0	463 kerb_cp_svr_name = value ? T : NIL;
yuuji@0	464 case GET_KERBEROS_CP_SVR_NAME:
yuuji@0	465 ret = (void *) (kerb_cp_svr_name ? VOIDT : NIL);
yuuji@0	466 break;
yuuji@0	467 case SET_NETFSSTATBUG:
yuuji@0	468 netfsstatbug = value ? T : NIL;
yuuji@0	469 case GET_NETFSSTATBUG:
yuuji@0	470 ret = (void *) (netfsstatbug ? VOIDT : NIL);
yuuji@0	471 break;
yuuji@0	472 case SET_BLOCKENVINIT:
yuuji@0	473 block_env_init = value ? T : NIL;
yuuji@0	474 case GET_BLOCKENVINIT:
yuuji@0	475 ret = (void *) (block_env_init ? VOIDT : NIL);
yuuji@0	476 break;
yuuji@0	477 case SET_BLOCKNOTIFY:
yuuji@0	478 mailblocknotify = (blocknotify_t) value;
yuuji@0	479 case GET_BLOCKNOTIFY:
yuuji@0	480 ret = (void *) mailblocknotify;
yuuji@0	481 break;
yuuji@0	482 case SET_LOGOUTHOOK:
yuuji@0	483 maillogouthook = (logouthook_t) value;
yuuji@0	484 case GET_LOGOUTHOOK:
yuuji@0	485 ret = maillogouthook;
yuuji@0	486 break;
yuuji@0	487 case SET_LOGOUTDATA:
yuuji@0	488 maillogoutdata = (void *) value;
yuuji@0	489 case GET_LOGOUTDATA:
yuuji@0	490 ret = maillogoutdata;
yuuji@0	491 }
yuuji@0	492 return ret;
yuuji@0	493 }
yuuji@0	494
yuuji@0	495 /* Write current time
yuuji@0	496 * Accepts: destination string
yuuji@0	497 * optional format of day-of-week prefix
yuuji@0	498 * format of date and time
yuuji@0	499 * flag whether to append symbolic timezone
yuuji@0	500 */
yuuji@0	501
yuuji@0	502 static void do_date (char date,char prefix,char *fmt,int suffix)
yuuji@0	503 {
yuuji@0	504 time_t tn = time (0);
yuuji@0	505 struct tm *t = gmtime (&tn);
yuuji@0	506 int zone = t->tm_hour * 60 + t->tm_min;
yuuji@0	507 int julian = t->tm_yday;
yuuji@0	508 t = localtime (&tn); /* get local time now */
yuuji@0	509 /* minus UTC minutes since midnight */
yuuji@0	510 zone = t->tm_hour * 60 + t->tm_min - zone;
yuuji@0	511 /* julian can be one of:
yuuji@0	512 * 36x local time is December 31, UTC is January 1, offset -24 hours
yuuji@0	513 * 1 local time is 1 day ahead of UTC, offset +24 hours
yuuji@0	514 * 0 local time is same day as UTC, no offset
yuuji@0	515 * -1 local time is 1 day behind UTC, offset -24 hours
yuuji@0	516 * -36x local time is January 1, UTC is December 31, offset +24 hours
yuuji@0	517 */
yuuji@0	518 if (julian = t->tm_yday -julian)
yuuji@0	519 zone += ((julian < 0) == (abs (julian) == 1)) ? -2460 : 2460;
yuuji@0	520 if (prefix) { /* want day of week? */
yuuji@0	521 sprintf (date,prefix,days[t->tm_wday]);
yuuji@0	522 date += strlen (date); /* make next sprintf append */
yuuji@0	523 }
yuuji@0	524 /* output the date */
yuuji@0	525 sprintf (date,fmt,t->tm_mday,months[t->tm_mon],t->tm_year+1900,
yuuji@0	526 t->tm_hour,t->tm_min,t->tm_sec,zone/60,abs (zone) % 60);
yuuji@0	527 /* append timezone suffix if desired */
yuuji@0	528 if (suffix) rfc822_timezone (date,(void *) t);
yuuji@0	529 }
yuuji@0	530
yuuji@0	531 /* Write current time in RFC 822 format
yuuji@0	532 * Accepts: destination string
yuuji@0	533 */
yuuji@0	534
yuuji@0	535 void rfc822_date (char *date)
yuuji@0	536 {
yuuji@0	537 do_date (date,"%s, ","%d %s %d %02d:%02d:%02d %+03d%02d",
yuuji@0	538 no822tztext ? NIL : T);
yuuji@0	539 }
yuuji@0	540
yuuji@0	541
yuuji@0	542 /* Write current time in fixed-width RFC 822 format
yuuji@0	543 * Accepts: destination string
yuuji@0	544 */
yuuji@0	545
yuuji@0	546 void rfc822_fixed_date (char *date)
yuuji@0	547 {
yuuji@0	548 do_date (date,NIL,"%02d %s %4d %02d:%02d:%02d %+03d%02d",NIL);
yuuji@0	549 }
yuuji@0	550
yuuji@0	551
yuuji@0	552 /* Write current time in internal format
yuuji@0	553 * Accepts: destination string
yuuji@0	554 */
yuuji@0	555
yuuji@0	556 void internal_date (char *date)
yuuji@0	557 {
yuuji@0	558 do_date (date,NIL,"%02d-%s-%d %02d:%02d:%02d %+03d%02d",NIL);
yuuji@0	559 }
yuuji@0	560
yuuji@0	561 /* Initialize server
yuuji@0	562 * Accepts: server name for syslog or NIL
yuuji@0	563 * /etc/services service name or NIL
yuuji@0	564 * alternate /etc/services service name or NIL
yuuji@0	565 * clock interrupt handler
yuuji@0	566 * kiss-of-death interrupt handler
yuuji@0	567 * hangup interrupt handler
yuuji@0	568 * termination interrupt handler
yuuji@0	569 */
yuuji@0	570
yuuji@0	571 void server_init (char server,char service,char *sslservice,
yuuji@0	572 void clkint,void kodint,void hupint,void trmint,
yuuji@0	573 void *staint)
yuuji@0	574 {
yuuji@0	575 int onceonly = server && service && sslservice;
yuuji@0	576 if (onceonly) { /* set server name in syslog */
yuuji@0	577 int mask;
yuuji@0	578 openlog (myServerName = cpystr (server),LOG_PID,syslog_facility);
yuuji@0	579 fclose (stderr); /* possibly save a process ID */
yuuji@0	580 dorc (NIL,NIL); /* do systemwide configuration */
yuuji@0	581 switch (mask = umask (022)){/* check old umask */
yuuji@0	582 case 0: /* definitely unreasonable */
yuuji@0	583 case 022: /* don't need to change it */
yuuji@0	584 break;
yuuji@0	585 default: /* already was a reasonable value */
yuuji@0	586 umask (mask); /* so change it back */
yuuji@0	587 }
yuuji@0	588 }
yuuji@0	589 arm_signal (SIGALRM,clkint); /* prepare for clock interrupt */
yuuji@0	590 arm_signal (SIGUSR2,kodint); /* prepare for Kiss Of Death */
yuuji@0	591 arm_signal (SIGHUP,hupint); /* prepare for hangup */
yuuji@0	592 arm_signal (SIGPIPE,hupint); /* alternative hangup */
yuuji@0	593 arm_signal (SIGTERM,trmint); /* prepare for termination */
yuuji@0	594 /* status dump */
yuuji@0	595 if (staint) arm_signal (SIGUSR1,staint);
yuuji@0	596 if (onceonly) { /* set up network and maybe SSL */
yuuji@0	597 long port;
yuuji@0	598 struct servent *sv;
yuuji@0	599 /* Use SSL if SSL service, or if server starts with "s" and not service */
yuuji@0	600 if (((port = tcp_serverport ()) >= 0)) {
yuuji@0	601 if ((sv = getservbyname (service,"tcp")) && (port == ntohs (sv->s_port)))
yuuji@0	602 syslog (LOG_DEBUG,"%s service init from %s",service,tcp_clientaddr ());
yuuji@0	603 else if ((sv = getservbyname (sslservice,"tcp")) &&
yuuji@0	604 (port == ntohs (sv->s_port))) {
yuuji@0	605 syslog (LOG_DEBUG,"%s SSL service init from %s",sslservice,
yuuji@0	606 tcp_clientaddr ());
yuuji@0	607 ssl_server_init (server);
yuuji@0	608 }
yuuji@0	609 else { /* not service or SSL service port */
yuuji@0	610 syslog (LOG_DEBUG,"port %ld service init from %s",port,
yuuji@0	611 tcp_clientaddr ());
yuuji@0	612 if (*server == 's') ssl_server_init (server);
yuuji@0	613 }
yuuji@0	614 }
yuuji@0	615 }
yuuji@0	616 }
yuuji@0	617
yuuji@0	618 /* Wait for stdin input
yuuji@0	619 * Accepts: timeout in seconds
yuuji@0	620 * Returns: T if have input on stdin, else NIL
yuuji@0	621 */
yuuji@0	622
yuuji@0	623 long server_input_wait (long seconds)
yuuji@0	624 {
yuuji@0	625 fd_set rfd,efd;
yuuji@0	626 struct timeval tmo;
yuuji@0	627 FD_ZERO (&rfd);
yuuji@0	628 FD_ZERO (&efd);
yuuji@0	629 FD_SET (0,&rfd);
yuuji@0	630 FD_SET (0,&efd);
yuuji@0	631 tmo.tv_sec = seconds; tmo.tv_usec = 0;
yuuji@0	632 return select (1,&rfd,0,&efd,&tmo) ? LONGT : NIL;
yuuji@0	633 }
yuuji@0	634
yuuji@0	635 /* Return UNIX password entry for user name
yuuji@0	636 * Accepts: user name string
yuuji@0	637 * Returns: password entry
yuuji@0	638 *
yuuji@0	639 * Tries all-lowercase form of user name if given user name fails
yuuji@0	640 */
yuuji@0	641
yuuji@0	642 static struct passwd pwuser (unsigned char user)
yuuji@0	643 {
yuuji@0	644 unsigned char *s;
yuuji@0	645 struct passwd *pw = getpwnam (user);
yuuji@0	646 if (!pw) { /* failed, see if any uppercase characters */
yuuji@0	647 for (s = user; s && ((s < 'A') \|\| (*s > 'Z')); s++);
yuuji@0	648 if (s) { / yes, try all lowercase form */
yuuji@0	649 pw = getpwnam (s = lcase (cpystr (user)));
yuuji@0	650 fs_give ((void **) &s);
yuuji@0	651 }
yuuji@0	652 }
yuuji@0	653 return pw;
yuuji@0	654 }
yuuji@0	655
yuuji@0	656
yuuji@0	657 /* Validate password for user name
yuuji@0	658 * Accepts: user name string
yuuji@0	659 * password string
yuuji@0	660 * argument count
yuuji@0	661 * argument vector
yuuji@0	662 * Returns: password entry if validated
yuuji@0	663 *
yuuji@0	664 * Tries password+1 if password fails and starts with space
yuuji@0	665 */
yuuji@0	666
yuuji@0	667 static struct passwd valpwd (char user,char pwd,int argc,char argv[])
yuuji@0	668 {
yuuji@0	669 char *s;
yuuji@0	670 struct passwd *pw;
yuuji@0	671 struct passwd *ret = NIL;
yuuji@4	672 #ifndef QMAIL /* imapext md5 checker run previously. no need to do here */
yuuji@0	673 if (auth_md5.server) { /* using CRAM-MD5 authentication? */
yuuji@0	674 if (s = auth_md5_pwd (user)) {
yuuji@0	675 if (!strcmp (s,pwd) \|\| ((*pwd == ' ') && pwd[1] && !strcmp (s,pwd+1)))
yuuji@0	676 ret = pwuser (user); /* validated, get passwd entry for user */
yuuji@0	677 memset (s,0,strlen (s)); /* erase sensitive information */
yuuji@0	678 fs_give ((void **) &s);
yuuji@0	679 }
yuuji@0	680 }
yuuji@4	681 else
yuuji@4	682 #endif
yuuji@4	683 if (pw = pwuser (user)) {/* can get user? */
yuuji@0	684 s = cpystr (pw->pw_name); /* copy returned name in case we need it */
yuuji@0	685 if (*pwd && !(ret = checkpw (pw,pwd,argc,argv)) &&
yuuji@0	686 (*pwd == ' ') && pwd[1] && (ret = pwuser (s)))
yuuji@0	687 ret = checkpw (pw,pwd+1,argc,argv);
yuuji@0	688 fs_give ((void *) &s); / don't need copy of name any more */
yuuji@0	689 }
yuuji@0	690 return ret;
yuuji@0	691 }
yuuji@0	692
yuuji@0	693 /* Server log in
yuuji@0	694 * Accepts: user name string
yuuji@0	695 * password string
yuuji@0	696 * authenticating user name string
yuuji@0	697 * argument count
yuuji@0	698 * argument vector
yuuji@0	699 * Returns: T if password validated, NIL otherwise
yuuji@0	700 */
yuuji@0	701
yuuji@0	702 long server_login (char user,char pwd,char authuser,int argc,char argv[])
yuuji@0	703 {
yuuji@0	704 struct passwd *pw = NIL;
yuuji@0	705 int level = LOG_NOTICE;
yuuji@0	706 char *err = "failed";
yuuji@4	707 #ifdef QMAIL
yuuji@4	708 char usr[MAILTMPLEN], *apoppswd;
yuuji@4	709 strncpy(usr, user, MAILTMPLEN-1);
yuuji@4	710 #endif
yuuji@0	711 /* cretins still haven't given up */
yuuji@0	712 if ((strlen (user) >= NETMAXUSER) \|\|
yuuji@0	713 (authuser && (strlen (authuser) >= NETMAXUSER))) {
yuuji@0	714 level = LOG_ALERT; /* escalate this alert */
yuuji@0	715 err = "SYSTEM BREAK-IN ATTEMPT";
yuuji@0	716 logtry = 0; /* render this session useless */
yuuji@0	717 }
yuuji@0	718 else if (logtry-- <= 0) err = "excessive login failures";
yuuji@0	719 else if (disablePlaintext) err = "disabled";
yuuji@4	720 #ifdef QMAIL
yuuji@4	721 else if ((logtry > 0) &&
yuuji@4	722 (apoppswd = auth_md5_pwd(usr))
yuuji@4	723 && !strcmp(apoppswd, pwd)
yuuji@4	724 && (pw = getpwnam(usr))) {
yuuji@4	725 memset(apoppswd, 0, strlen(apoppswd));
yuuji@4	726 fs_give((void**) &apoppswd);
yuuji@4	727 return pw_login(pw, usr, pw->pw_name, pw->pw_dir, argc, argv);
yuuji@4	728 }
yuuji@4	729 #endif
yuuji@0	730 else if (!(authuser && *authuser)) pw = valpwd (user,pwd,argc,argv);
yuuji@0	731 else if (valpwd (authuser,pwd,argc,argv)) pw = pwuser (user);
yuuji@0	732 if (pw && pw_login (pw,authuser,pw->pw_name,NIL,argc,argv)) return T;
yuuji@0	733 syslog (level\|LOG_AUTH,"Login %s user=%.64s auth=%.64s host=%.80s",err,
yuuji@0	734 user,(authuser && *authuser) ? authuser : user,tcp_clienthost ());
yuuji@0	735 sleep (3); /* slow down possible cracker */
yuuji@0	736 return NIL;
yuuji@0	737 }
yuuji@0	738
yuuji@0	739 /* Authenticated server log in
yuuji@0	740 * Accepts: user name string
yuuji@0	741 * authenticating user name string
yuuji@0	742 * argument count
yuuji@0	743 * argument vector
yuuji@0	744 * Returns: T if password validated, NIL otherwise
yuuji@0	745 */
yuuji@0	746
yuuji@0	747 long authserver_login (char user,char authuser,int argc,char *argv[])
yuuji@0	748 {
yuuji@0	749 return pw_login (pwuser (user),authuser,user,NIL,argc,argv);
yuuji@0	750 }
yuuji@0	751
yuuji@4	752 void permitsmtp() /* to update tcp permission */
yuuji@4	753 {
yuuji@4	754 #ifdef POPBEFORESMTP
yuuji@4	755 #include <sys/types.h>
yuuji@4	756 #include <sys/wait.h>
yuuji@4	757 #ifndef POP3RECORDER
yuuji@4	758 # define POP3RECORDER "/usr/local/etc/pop3-record"
yuuji@4	759 #endif
yuuji@4	760 int child;
yuuji@4	761 int wstat;
yuuji@4	762 char *permsmtp = POP3RECORDER;
yuuji@4	763
yuuji@4	764 switch(child = fork())
yuuji@4	765 {
yuuji@4	766 case -1:
yuuji@4	767 syslog (LOG_INFO,"Cannot exec %s", permsmtp);
yuuji@4	768 _exit(111);
yuuji@4	769 break;
yuuji@4	770 case 0:
yuuji@4	771 execl(permsmtp, permsmtp, 0);
yuuji@4	772 syslog (LOG_INFO,"Cannot exec %s", permsmtp);
yuuji@4	773 _exit(111); break;
yuuji@4	774 }
yuuji@4	775 waitpid(child, &wstat, 0);
yuuji@4	776 #endif
yuuji@4	777 }
yuuji@4	778
yuuji@4	779
yuuji@0	780
yuuji@0	781 /* Log in as anonymous daemon
yuuji@0	782 * Accepts: argument count
yuuji@0	783 * argument vector
yuuji@0	784 * Returns: T if successful, NIL if error
yuuji@0	785 */
yuuji@0	786
yuuji@0	787 long anonymous_login (int argc,char *argv[])
yuuji@0	788 {
yuuji@0	789 /* log in Mr. A. N. Onymous */
yuuji@0	790 return pw_login (getpwnam (ANONYMOUSUSER),NIL,NIL,
yuuji@0	791 (char *) mail_parameters (NIL,GET_ANONYMOUSHOME,NIL),
yuuji@0	792 argc,argv);
yuuji@0	793 }
yuuji@0	794
yuuji@0	795 /* Finish log in and environment initialization
yuuji@0	796 * Accepts: passwd struct for loginpw()
yuuji@0	797 * optional authentication user name
yuuji@0	798 * user name (NIL for anonymous)
yuuji@0	799 * home directory (NIL to use directory from passwd struct)
yuuji@0	800 * argument count
yuuji@0	801 * argument vector
yuuji@0	802 * Returns: T if successful, NIL if error
yuuji@0	803 */
yuuji@0	804
yuuji@0	805 long pw_login (struct passwd pw,char auser,char user,char home,int argc,
yuuji@0	806 char *argv[])
yuuji@0	807 {
yuuji@0	808 struct group *gr;
yuuji@0	809 char **t;
yuuji@0	810 long ret = NIL;
yuuji@0	811 if (pw && pw->pw_uid) { /* must have passwd struct for non-UID 0 */
yuuji@0	812 /* make safe copies of user and home */
yuuji@0	813 if (user) user = cpystr (pw->pw_name);
yuuji@0	814 home = cpystr (home ? home : pw->pw_dir);
yuuji@0	815 /* authorization ID .NE. authentication ID? */
yuuji@0	816 if (user && auser && *auser && compare_cstring (auser,user)) {
yuuji@0	817 /* scan list of mail administrators */
yuuji@0	818 if ((gr = getgrnam (ADMINGROUP)) && (t = gr->gr_mem)) while (*t && !ret)
yuuji@0	819 if (!compare_cstring (auser,*t++))
yuuji@0	820 ret = pw_login (pw,NIL,user,home,argc,argv);
yuuji@0	821 syslog (LOG_NOTICE\|LOG_AUTH,"%s %.80s override of user=%.80s host=%.80s",
yuuji@0	822 ret ? "Admin" : "Failed",auser,user,tcp_clienthost ());
yuuji@0	823 }
yuuji@0	824 else if (closedBox) { /* paranoid site, lock out other directories */
yuuji@0	825 if (chdir (home) \|\| chroot (home))
yuuji@0	826 syslog (LOG_NOTICE\|LOG_AUTH,
yuuji@0	827 "Login %s failed: unable to set chroot=%.80s host=%.80s",
yuuji@0	828 pw->pw_name,home,tcp_clienthost ());
yuuji@0	829 else if (loginpw (pw,argc,argv)) ret = env_init (user,NIL);
yuuji@0	830 else fatal ("Login failed after chroot");
yuuji@0	831 }
yuuji@0	832 /* normal login */
yuuji@4	833 #ifdef QMAIL
yuuji@4	834 else if (((pw->pw_uid == geteuid ()) \|\| (permitsmtp(), loginpw (pw,argc,argv
yuuji@4	835 ))) &&
yuuji@4	836 (ret = env_init (user,home))) chdir (myhomedir ());
yuuji@4	837 #else
yuuji@0	838 else if (((pw->pw_uid == geteuid ()) \|\| loginpw (pw,argc,argv)) &&
yuuji@4	839 (ret = env_init (user,home))) chdir (myhomedir ());
yuuji@4	840 #endif
yuuji@0	841 fs_give ((void *) &home); / clean up */
yuuji@0	842 if (user) fs_give ((void **) &user);
yuuji@0	843 }
yuuji@0	844 endpwent (); /* in case shadow passwords in pw data */
yuuji@0	845 return ret; /* return status */
yuuji@0	846 }
yuuji@0	847
yuuji@0	848 /* Initialize environment
yuuji@0	849 * Accepts: user name (NIL for anonymous)
yuuji@0	850 * home directory name
yuuji@0	851 * Returns: T, always
yuuji@0	852 */
yuuji@0	853
yuuji@0	854 long env_init (char user,char home)
yuuji@0	855 {
yuuji@0	856 extern MAILSTREAM CREATEPROTO;
yuuji@0	857 extern MAILSTREAM EMPTYPROTO;
yuuji@0	858 struct passwd *pw;
yuuji@0	859 struct stat sbuf;
yuuji@0	860 char tmp[MAILTMPLEN];
yuuji@0	861 /* don't init if blocked */
yuuji@0	862 if (block_env_init) return LONGT;
yuuji@0	863 if (myUserName) fatal ("env_init called twice!");
yuuji@0	864 /* initially nothing in namespace list */
yuuji@0	865 nslist[0] = nslist[1] = nslist[2] = NIL;
yuuji@0	866 /* myUserName must be set before dorc() call */
yuuji@0	867 myUserName = cpystr (user ? user : ANONYMOUSUSER);
yuuji@0	868 /* force default prototypes to be set */
yuuji@0	869 if (!createProto) createProto = &CREATEPROTO;
yuuji@0	870 if (!appendProto) appendProto = &EMPTYPROTO;
yuuji@0	871 dorc (NIL,NIL); /* do systemwide configuration */
yuuji@0	872 if (!home) { /* closed box server */
yuuji@0	873 /* standard user can only reference home */
yuuji@0	874 if (user) nslist[0] = &nshome;
yuuji@0	875 else { /* anonymous user */
yuuji@0	876 nslist[0] = &nsblackother; /* set root */
yuuji@0	877 anonymous = T; /* flag as anonymous */
yuuji@0	878 }
yuuji@0	879 myHomeDir = cpystr (""); /* home directory is root */
yuuji@0	880 sysInbox = cpystr ("INBOX");/* make system INBOX */
yuuji@0	881 }
yuuji@0	882 else { /* open or black box */
yuuji@0	883 closedBox = NIL; /* definitely not a closed box */
yuuji@0	884 if (user) { /* remember user name and home directory */
yuuji@0	885 if (blackBoxDir) { /* build black box directory name */
yuuji@0	886 sprintf (tmp,"%s/%s",blackBoxDir,myUserName);
yuuji@0	887 /* must exist */
yuuji@0	888 if (!((!stat (home = tmp,&sbuf) && (sbuf.st_mode & S_IFDIR)) \|\|
yuuji@0	889 (blackBoxDefaultHome &&
yuuji@0	890 !stat (home = blackBoxDefaultHome,&sbuf) &&
yuuji@0	891 (sbuf.st_mode & S_IFDIR)))) fatal ("no home");
yuuji@0	892 sysInbox = (char *) fs_get (strlen (home) + 7);
yuuji@0	893 /* set system INBOX */
yuuji@0	894 sprintf (sysInbox,"%s/INBOX",home);
yuuji@0	895 blackBox = T; /* mark that it's a black box */
yuuji@0	896 /* mbox meaningless if black box */
yuuji@0	897 mail_parameters (NIL,DISABLE_DRIVER,(void *) "mbox");
yuuji@0	898 }
yuuji@0	899 nslist[0] = &nshome; /* home namespace */
yuuji@0	900 /* limited advertise namespaces */
yuuji@0	901 if (limitedadvertise) nslist[2] = &nslimited;
yuuji@0	902 else if (blackBox) { /* black box namespaces */
yuuji@0	903 nslist[1] = &nsblackother;
yuuji@0	904 nslist[2] = &nsshared;
yuuji@0	905 }
yuuji@0	906 else { /* open box namespaces */
yuuji@0	907 nslist[1] = &nsunixother;
yuuji@0	908 nslist[2] = advertisetheworld ? &nsworld : &nsshared;
yuuji@0	909 }
yuuji@0	910 }
yuuji@0	911 else {
yuuji@0	912 nslist[2] = &nsftp; /* anonymous user */
yuuji@0	913 sprintf (tmp,"%s/INBOX",
yuuji@0	914 home = (char *) mail_parameters (NIL,GET_ANONYMOUSHOME,NIL));
yuuji@0	915 sysInbox = cpystr (tmp); /* make system INBOX */
yuuji@0	916 anonymous = T; /* flag as anonymous */
yuuji@0	917 }
yuuji@0	918 myHomeDir = cpystr (home); /* set home directory */
yuuji@0	919 }
yuuji@0	920
yuuji@0	921 if (allowuserconfig) { /* allow user config files */
yuuji@0	922 dorc (strcat (strcpy (tmp,myHomeDir),"/.mminit"),T);
yuuji@0	923 dorc (strcat (strcpy (tmp,myHomeDir),"/.imaprc"),NIL);
yuuji@0	924 }
yuuji@0	925 if (!closedBox && !noautomaticsharedns) {
yuuji@0	926 /* #ftp namespace */
yuuji@0	927 if (!ftpHome && (pw = getpwnam ("ftp"))) ftpHome = cpystr (pw->pw_dir);
yuuji@0	928 /* #public namespace */
yuuji@0	929 if (!publicHome && (pw = getpwnam ("imappublic")))
yuuji@0	930 publicHome = cpystr (pw->pw_dir);
yuuji@0	931 /* #shared namespace */
yuuji@0	932 if (!anonymous && !sharedHome && (pw = getpwnam ("imapshared")))
yuuji@0	933 sharedHome = cpystr (pw->pw_dir);
yuuji@0	934 }
yuuji@0	935 if (!myLocalHost) mylocalhost ();
yuuji@0	936 if (!myNewsrc) myNewsrc = cpystr(strcat (strcpy (tmp,myHomeDir),"/.newsrc"));
yuuji@0	937 if (!newsActive) newsActive = cpystr (ACTIVEFILE);
yuuji@0	938 if (!newsSpool) newsSpool = cpystr (NEWSSPOOL);
yuuji@0	939 /* re-do open action to get flags */
yuuji@0	940 (*createProto->dtb->open) (NIL);
yuuji@0	941 endpwent (); /* close pw database */
yuuji@0	942 return T;
yuuji@0	943 }
yuuji@0	944
yuuji@0	945 /* Return my user name
yuuji@0	946 * Accepts: pointer to optional flags
yuuji@0	947 * Returns: my user name
yuuji@0	948 */
yuuji@0	949
yuuji@0	950 char myusername_full (unsigned long flags)
yuuji@0	951 {
yuuji@0	952 struct passwd *pw;
yuuji@0	953 struct stat sbuf;
yuuji@0	954 char *s;
yuuji@0	955 unsigned long euid;
yuuji@0	956 char *ret = UNLOGGEDUSER;
yuuji@0	957 /* no user name yet and not root? */
yuuji@0	958 if (!myUserName && (euid = geteuid ())) {
yuuji@0	959 /* yes, look up getlogin() user name or EUID */
yuuji@0	960 if (((s = (char ) getlogin ()) && s && (strlen (s) < NETMAXUSER) &&
yuuji@0	961 (pw = getpwnam (s)) && (pw->pw_uid == euid)) \|\|
yuuji@0	962 (pw = getpwuid (euid))) {
yuuji@0	963 if (block_env_init) { /* don't env_init if blocked */
yuuji@0	964 if (flags) *flags = MU_LOGGEDIN;
yuuji@0	965 return pw->pw_name;
yuuji@0	966 }
yuuji@0	967 env_init (pw->pw_name,
yuuji@0	968 ((s = getenv ("HOME")) && *s && (strlen (s) < NETMAXMBX) &&
yuuji@0	969 !stat (s,&sbuf) && ((sbuf.st_mode & S_IFMT) == S_IFDIR)) ?
yuuji@0	970 s : pw->pw_dir);
yuuji@0	971 }
yuuji@0	972 else fatal ("Unable to look up user name");
yuuji@0	973 }
yuuji@0	974 if (myUserName) { /* logged in? */
yuuji@0	975 if (flags) *flags = anonymous ? MU_ANONYMOUS : MU_LOGGEDIN;
yuuji@0	976 ret = myUserName; /* return user name */
yuuji@0	977 }
yuuji@0	978 else if (flags) *flags = MU_NOTLOGGEDIN;
yuuji@0	979 return ret;
yuuji@0	980 }
yuuji@0	981
yuuji@0	982
yuuji@0	983 /* Return my local host name
yuuji@0	984 * Returns: my local host name
yuuji@0	985 */
yuuji@0	986
yuuji@0	987 char *mylocalhost ()
yuuji@0	988 {
yuuji@0	989 if (!myLocalHost) {
yuuji@0	990 char *s,tmp[MAILTMPLEN];
yuuji@0	991 char *t = "unknown";
yuuji@0	992 tmp[0] = tmp[MAILTMPLEN-1] = '\0';
yuuji@0	993 if (!gethostname (tmp,MAILTMPLEN-1) && tmp[0]) {
yuuji@0	994 /* sanity check of name */
yuuji@0	995 for (s = tmp; (s > 0x20) && (s < 0x7f); ++s);
yuuji@0	996 if (!*s) t = tcp_canonical (tmp);
yuuji@0	997 }
yuuji@0	998 myLocalHost = cpystr (t);
yuuji@0	999 }
yuuji@0	1000 return myLocalHost;
yuuji@0	1001 }
yuuji@0	1002
yuuji@0	1003 /* Return my home directory name
yuuji@0	1004 * Returns: my home directory name
yuuji@0	1005 */
yuuji@0	1006
yuuji@0	1007 char *myhomedir ()
yuuji@0	1008 {
yuuji@0	1009 if (!myHomeDir) myusername ();/* initialize if first time */
yuuji@0	1010 return myHomeDir ? myHomeDir : "";
yuuji@0	1011 }
yuuji@0	1012
yuuji@0	1013
yuuji@0	1014 /* Return my home mailbox name
yuuji@0	1015 * Returns: my home directory name
yuuji@0	1016 */
yuuji@0	1017
yuuji@0	1018 static char *mymailboxdir ()
yuuji@0	1019 {
yuuji@0	1020 char *home = myhomedir ();
yuuji@0	1021 /* initialize if first time */
yuuji@0	1022 if (!myMailboxDir && myHomeDir) {
yuuji@0	1023 if (mailsubdir) {
yuuji@0	1024 char tmp[MAILTMPLEN];
yuuji@0	1025 sprintf (tmp,"%s/%s",home,mailsubdir);
yuuji@0	1026 myMailboxDir = cpystr (tmp);/* use pre-defined subdirectory of home */
yuuji@0	1027 }
yuuji@0	1028 else myMailboxDir = cpystr (home);
yuuji@0	1029 }
yuuji@0	1030 return myMailboxDir ? myMailboxDir : "";
yuuji@0	1031 }
yuuji@0	1032
yuuji@0	1033
yuuji@0	1034 /* Return system standard INBOX
yuuji@0	1035 * Accepts: buffer string
yuuji@0	1036 */
yuuji@0	1037
yuuji@0	1038 char *sysinbox ()
yuuji@0	1039 {
yuuji@0	1040 char tmp[MAILTMPLEN];
yuuji@0	1041 if (!sysInbox) { /* initialize if first time */
yuuji@0	1042 sprintf (tmp,"%s/%s",MAILSPOOL,myusername ());
yuuji@0	1043 sysInbox = cpystr (tmp); /* system inbox is from mail spool */
yuuji@0	1044 }
yuuji@0	1045 return sysInbox;
yuuji@0	1046 }
yuuji@0	1047
yuuji@0	1048 /* Return mailbox directory name
yuuji@0	1049 * Accepts: destination buffer
yuuji@0	1050 * directory prefix
yuuji@0	1051 * name in directory
yuuji@0	1052 * Returns: file name or NIL if error
yuuji@0	1053 */
yuuji@0	1054
yuuji@0	1055 char mailboxdir (char dst,char dir,char name)
yuuji@0	1056 {
yuuji@0	1057 char tmp[MAILTMPLEN];
yuuji@0	1058 if (dir \|\| name) { /* if either argument provided */
yuuji@0	1059 if (dir) {
yuuji@0	1060 if (strlen (dir) > NETMAXMBX) return NIL;
yuuji@0	1061 strcpy (tmp,dir); /* write directory prefix */
yuuji@0	1062 }
yuuji@0	1063 else tmp[0] = '\0'; /* otherwise null string */
yuuji@0	1064 if (name) {
yuuji@0	1065 if (strlen (name) > NETMAXMBX) return NIL;
yuuji@0	1066 strcat (tmp,name); /* write name in directory */
yuuji@0	1067 }
yuuji@0	1068 /* validate name, return its name */
yuuji@0	1069 if (!mailboxfile (dst,tmp)) return NIL;
yuuji@0	1070 }
yuuji@0	1071 /* no arguments, wants mailbox directory */
yuuji@0	1072 else strcpy (dst,mymailboxdir ());
yuuji@0	1073 return dst; /* return the name */
yuuji@0	1074 }
yuuji@0	1075
yuuji@0	1076 /* Return mailbox file name
yuuji@0	1077 * Accepts: destination buffer
yuuji@0	1078 * mailbox name
yuuji@0	1079 * Returns: file name or empty string for driver-selected INBOX or NIL if error
yuuji@0	1080 */
yuuji@0	1081
yuuji@0	1082 char mailboxfile (char dst,char *name)
yuuji@0	1083 {
yuuji@0	1084 struct passwd *pw;
yuuji@0	1085 char *s;
yuuji@0	1086 if (!name \|\| !name \|\| (name == '{') \|\| (strlen (name) > NETMAXMBX) \|\|
yuuji@0	1087 ((anonymous \|\| blackBox \|\| restrictBox \|\| (*name == '#')) &&
yuuji@0	1088 (strstr (name,"..") \|\| strstr (name,"//") \|\| strstr (name,"/~"))))
yuuji@0	1089 dst = NIL; /* invalid name */
yuuji@0	1090 else switch (name) { / determine mailbox type based upon name */
yuuji@0	1091 case '#': /* namespace name */
yuuji@0	1092 /* #ftp/ namespace */
yuuji@0	1093 if (((name[1] == 'f') \|\| (name[1] == 'F')) &&
yuuji@0	1094 ((name[2] == 't') \|\| (name[2] == 'T')) &&
yuuji@0	1095 ((name[3] == 'p') \|\| (name[3] == 'P')) &&
yuuji@0	1096 (name[4] == '/') && ftpHome) sprintf (dst,"%s/%s",ftpHome,name+5);
yuuji@0	1097 /* #public/ and #shared/ namespaces */
yuuji@0	1098 else if ((((name[1] == 'p') \|\| (name[1] == 'P')) &&
yuuji@0	1099 ((name[2] == 'u') \|\| (name[2] == 'U')) &&
yuuji@0	1100 ((name[3] == 'b') \|\| (name[3] == 'B')) &&
yuuji@0	1101 ((name[4] == 'l') \|\| (name[4] == 'L')) &&
yuuji@0	1102 ((name[5] == 'i') \|\| (name[5] == 'I')) &&
yuuji@0	1103 ((name[6] == 'c') \|\| (name[6] == 'C')) &&
yuuji@0	1104 (name[7] == '/') && (s = publicHome)) \|\|
yuuji@0	1105 (!anonymous && ((name[1] == 's') \|\| (name[1] == 'S')) &&
yuuji@0	1106 ((name[2] == 'h') \|\| (name[2] == 'H')) &&
yuuji@0	1107 ((name[3] == 'a') \|\| (name[3] == 'A')) &&
yuuji@0	1108 ((name[4] == 'r') \|\| (name[4] == 'R')) &&
yuuji@0	1109 ((name[5] == 'e') \|\| (name[5] == 'E')) &&
yuuji@0	1110 ((name[6] == 'd') \|\| (name[6] == 'D')) &&
yuuji@0	1111 (name[7] == '/') && (s = sharedHome)))
yuuji@0	1112 sprintf (dst,"%s/%s",s,compare_cstring (name+8,"INBOX") ?
yuuji@0	1113 name+8 : "INBOX");
yuuji@0	1114 else dst = NIL; /* unknown namespace */
yuuji@0	1115 break;
yuuji@0	1116
yuuji@0	1117 case '/': /* root access */
yuuji@0	1118 if (anonymous) dst = NIL; /* anonymous forbidden to do this */
yuuji@0	1119 else if (blackBox) { /* other user access if blackbox */
yuuji@0	1120 if (restrictBox & RESTRICTOTHERUSER) dst = NIL;
yuuji@0	1121 /* see if other user INBOX */
yuuji@0	1122 else if ((s = strchr (name+1,'/')) && !compare_cstring (s+1,"INBOX")) {
yuuji@0	1123 s = '\0'; / temporarily tie off string */
yuuji@0	1124 sprintf (dst,"%s/%s/INBOX",blackBoxDir,name+1);
yuuji@0	1125 s = '/'; / in case caller cares */
yuuji@0	1126 }
yuuji@0	1127 else sprintf (dst,"%s/%s",blackBoxDir,name+1);
yuuji@0	1128 }
yuuji@0	1129 else if ((restrictBox & RESTRICTROOT) && strcmp (name,sysinbox ()))
yuuji@0	1130 dst = NIL; /* restricted and not access to sysinbox */
yuuji@0	1131 else strcpy (dst,name); /* unrestricted, copy root name */
yuuji@0	1132 break;
yuuji@0	1133 case '~': /* other user access */
yuuji@0	1134 /* bad syntax or anonymous can't win */
yuuji@0	1135 if (!*++name \|\| anonymous) dst = NIL;
yuuji@0	1136 /* ~/ equivalent to ordinary name */
yuuji@0	1137 else if (*name == '/') sprintf (dst,"%s/%s",mymailboxdir (),name+1);
yuuji@0	1138 /* other user forbidden if closed/restricted */
yuuji@0	1139 else if (closedBox \|\| (restrictBox & RESTRICTOTHERUSER)) dst = NIL;
yuuji@0	1140 else if (blackBox) { /* black box form of other user */
yuuji@0	1141 /* see if other user INBOX */
yuuji@0	1142 if ((s = strchr (name,'/')) && compare_cstring (s+1,"INBOX")) {
yuuji@0	1143 s = '\0'; / temporarily tie off string */
yuuji@0	1144 sprintf (dst,"%s/%s/INBOX",blackBoxDir,name);
yuuji@0	1145 s = '/'; / in case caller cares */
yuuji@0	1146 }
yuuji@0	1147 else sprintf (dst,"%s/%s",blackBoxDir,name);
yuuji@0	1148 }
yuuji@0	1149 else { /* clear box other user */
yuuji@0	1150 /* copy user name */
yuuji@0	1151 for (s = dst; name && (name != '/'); s++ = name++);
yuuji@0	1152 s++ = '\0'; / tie off user name, look up in passwd file */
yuuji@0	1153 if ((pw = getpwnam (dst)) && pw->pw_dir) {
yuuji@0	1154 if (name) name++; / skip past the slash */
yuuji@0	1155 /* canonicalize case of INBOX */
yuuji@0	1156 if (!compare_cstring (name,"INBOX")) name = "INBOX";
yuuji@0	1157 /* remove trailing / from directory */
yuuji@0	1158 if ((s = strrchr (pw->pw_dir,'/')) && !s[1]) *s = '\0';
yuuji@0	1159 /* don't allow ~root/ if restricted root */
yuuji@0	1160 if ((restrictBox & RESTRICTROOT) && !*pw->pw_dir) dst = NIL;
yuuji@0	1161 /* build final name w/ subdir if needed */
yuuji@0	1162 else if (mailsubdir) sprintf (dst,"%s/%s/%s",pw->pw_dir,mailsubdir,name);
yuuji@0	1163 else sprintf (dst,"%s/%s",pw->pw_dir,name);
yuuji@0	1164 }
yuuji@0	1165 else dst = NIL; /* no such user */
yuuji@0	1166 }
yuuji@0	1167 break;
yuuji@0	1168
yuuji@0	1169 case 'I': case 'i': /* possible INBOX */
yuuji@0	1170 if (!compare_cstring (name+1,"NBOX")) {
yuuji@0	1171 /* if restricted, use INBOX in mailbox dir */
yuuji@0	1172 if (anonymous \|\| blackBox \|\| closedBox)
yuuji@0	1173 sprintf (dst,"%s/INBOX",mymailboxdir ());
yuuji@0	1174 else dst = '\0'; / otherwise driver selects the name */
yuuji@0	1175 break;
yuuji@0	1176 }
yuuji@0	1177 /* drop into to ordinary name case */
yuuji@0	1178 default: /* ordinary name is easy */
yuuji@0	1179 sprintf (dst,"%s/%s",mymailboxdir (),name);
yuuji@0	1180 break;
yuuji@0	1181 }
yuuji@0	1182 return dst; /* return final name */
yuuji@0	1183 }
yuuji@0	1184
yuuji@0	1185 /* Dot-lock file locker
yuuji@0	1186 * Accepts: file name to lock
yuuji@0	1187 * destination buffer for lock file name
yuuji@0	1188 * open file description on file name to lock
yuuji@0	1189 * Returns: T if success, NIL if failure
yuuji@0	1190 */
yuuji@0	1191
yuuji@0	1192 long dotlock_lock (char file,DOTLOCK base,int fd)
yuuji@0	1193 {
yuuji@0	1194 int i = locktimeout * 60;
yuuji@0	1195 int j,mask,retry,pi[2],po[2];
yuuji@0	1196 char *s,tmp[MAILTMPLEN];
yuuji@0	1197 struct stat sb;
yuuji@0	1198 /* flush absurd file name */
yuuji@0	1199 if (strlen (file) > 512) return NIL;
yuuji@0	1200 /* build lock filename */
yuuji@0	1201 sprintf (base->lock,"%s.lock",file);
yuuji@0	1202 /* assume no pipe */
yuuji@0	1203 base->pipei = base->pipeo = -1;
yuuji@0	1204 do { /* make sure not symlink */
yuuji@0	1205 if (!(j = chk_notsymlink (base->lock,&sb))) return NIL;
yuuji@0	1206 /* time out if file older than 5 minutes */
yuuji@0	1207 if ((j > 0) && ((time (0)) >= (sb.st_ctime + locktimeout * 60))) i = 0;
yuuji@0	1208 /* try to create the lock */
yuuji@0	1209 switch (retry = crexcl (base->lock)) {
yuuji@0	1210 case -1: /* OK to retry */
yuuji@0	1211 if (!(i%15)) { /* time to notify? */
yuuji@0	1212 sprintf (tmp,"Mailbox %.80s is locked, will override in %d seconds...",
yuuji@0	1213 file,i);
yuuji@0	1214 MM_LOG (tmp,WARN);
yuuji@0	1215 }
yuuji@0	1216 sleep (1); /* wait 1 second before next try */
yuuji@0	1217 break;
yuuji@0	1218 case NIL: /* failure, can't retry */
yuuji@0	1219 i = 0;
yuuji@0	1220 break;
yuuji@0	1221 case T: /* success, make sure others can break lock */
yuuji@0	1222 chmod (base->lock,(int) dotlock_mode);
yuuji@0	1223 return LONGT;
yuuji@0	1224 }
yuuji@0	1225 } while (i--); /* until out of retries */
yuuji@0	1226 if (retry < 0) { /* still returning retry after locktimeout? */
yuuji@0	1227 if (!(j = chk_notsymlink (base->lock,&sb))) return NIL;
yuuji@0	1228 if ((j > 0) && ((time (0)) < (sb.st_ctime + locktimeout * 60))) {
yuuji@0	1229 sprintf (tmp,"Mailbox vulnerable - seizing %ld second old lock",
yuuji@0	1230 (long) (time (0) - sb.st_ctime));
yuuji@0	1231 MM_LOG (tmp,WARN);
yuuji@0	1232 }
yuuji@0	1233 mask = umask (0); /* want our lock protection */
yuuji@0	1234 unlink (base->lock); /* try to remove the old file */
yuuji@0	1235 /* seize the lock */
yuuji@0	1236 if ((i = open (base->lock,O_WRONLY\|O_CREAT,(int) dotlock_mode)) >= 0) {
yuuji@0	1237 close (i); /* don't need descriptor any more */
yuuji@0	1238 sprintf (tmp,"Mailbox %.80s lock overridden",file);
yuuji@0	1239 MM_LOG (tmp,NIL);
yuuji@0	1240 chmod (base->lock,(int) dotlock_mode);
yuuji@0	1241 umask (mask); /* restore old umask */
yuuji@0	1242 return LONGT;
yuuji@0	1243 }
yuuji@0	1244 umask (mask); /* restore old umask */
yuuji@0	1245 }
yuuji@0	1246
yuuji@0	1247 if (fd >= 0) switch (errno) {
yuuji@0	1248 case EACCES: /* protection failure? */
yuuji@0	1249 MM_CRITICAL (NIL); /* go critical */
yuuji@0	1250 if (closedBox \|\| !lockpgm); /* can't do on closed box or disabled */
yuuji@0	1251 else if ((*lockpgm && stat (lockpgm,&sb)) \|\|
yuuji@0	1252 (!*lockpgm && stat (lockpgm = LOCKPGM1,&sb) &&
yuuji@0	1253 stat (lockpgm = LOCKPGM2,&sb) && stat (lockpgm = LOCKPGM3,&sb)))
yuuji@0	1254 lockpgm = NIL; /* disable if can't find lockpgm */
yuuji@0	1255 else if (pipe (pi) >= 0) { /* make command pipes */
yuuji@0	1256 long cf;
yuuji@0	1257 char *argv[4],arg[20];
yuuji@0	1258 /* if input pipes usable create output pipes */
yuuji@0	1259 if ((pi[0] < FD_SETSIZE) && (pi[1] < FD_SETSIZE) && (pipe (po) >= 0)) {
yuuji@0	1260 /* make sure output pipes are usable */
yuuji@0	1261 if ((po[0] >= FD_SETSIZE) \|\| (po[1] >= FD_SETSIZE));
yuuji@0	1262 /* all is good, make inferior process */
yuuji@0	1263 else if (!(j = fork ())) {
yuuji@0	1264 if (!fork ()) { /* make grandchild so it's inherited by init */
yuuji@0	1265 /* prepare argument vector */
yuuji@0	1266 sprintf (arg,"%d",fd);
yuuji@0	1267 argv[0] = lockpgm; argv[1] = arg;
yuuji@0	1268 argv[2] = file; argv[3] = NIL;
yuuji@0	1269 /* set parent's I/O to my O/I */
yuuji@0	1270 dup2 (pi[1],1); dup2 (pi[1],2); dup2 (po[0],0);
yuuji@0	1271 /* close all unnecessary descriptors */
yuuji@0	1272 for (cf = max (20,max (max (pi[0],pi[1]),max(po[0],po[1])));
yuuji@0	1273 cf >= 3; --cf) if (cf != fd) close (cf);
yuuji@0	1274 /* be our own process group */
yuuji@0	1275 setpgrp (0,getpid ());
yuuji@0	1276 /* now run it */
yuuji@0	1277 _exit (execv (argv[0],argv));
yuuji@0	1278 }
yuuji@0	1279 _exit (1); /* child is done */
yuuji@0	1280 }
yuuji@0	1281 else if (j > 0) { /* parent process */
yuuji@0	1282 fd_set rfd;
yuuji@0	1283 struct timeval tmo;
yuuji@0	1284 FD_ZERO (&rfd);
yuuji@0	1285 FD_SET (pi[0],&rfd);
yuuji@0	1286 tmo.tv_sec = locktimeout * 60;
yuuji@0	1287 grim_pid_reap (j,NIL);/* reap child; grandchild now owned by init */
yuuji@0	1288 /* read response from locking program */
yuuji@0	1289 if (select (pi[0]+1,&rfd,0,0,&tmo) &&
yuuji@0	1290 (read (pi[0],tmp,1) == 1) && (tmp[0] == '+')) {
yuuji@0	1291 /* success, record pipes */
yuuji@0	1292 base->pipei = pi[0]; base->pipeo = po[1];
yuuji@0	1293 /* close child's side of the pipes */
yuuji@0	1294 close (pi[1]); close (po[0]);
yuuji@0	1295 MM_NOCRITICAL (NIL);/* no longer critical */
yuuji@0	1296 return LONGT;
yuuji@0	1297 }
yuuji@0	1298 }
yuuji@0	1299 close (po[0]); close (po[1]);
yuuji@0	1300 }
yuuji@0	1301 close (pi[0]); close (pi[1]);
yuuji@0	1302 }
yuuji@0	1303
yuuji@0	1304 MM_NOCRITICAL (NIL); /* no longer critical */
yuuji@0	1305 /* find directory/file delimiter */
yuuji@0	1306 if (s = strrchr (base->lock,'/')) {
yuuji@0	1307 s = '\0'; / tie off at directory */
yuuji@0	1308 sprintf(tmp, /* generate default message */
yuuji@0	1309 "Mailbox vulnerable - directory %.80s must have 1777 protection",
yuuji@0	1310 base->lock);
yuuji@0	1311 /* definitely not 1777 if can't stat */
yuuji@0	1312 mask = stat (base->lock,&sb) ? 0 : (sb.st_mode & 1777);
yuuji@0	1313 s = '/'; / restore lock name */
yuuji@0	1314 if (mask != 1777) { /* default warning if not 1777 */
yuuji@0	1315 if (!disableLockWarning) MM_LOG (tmp,WARN);
yuuji@0	1316 break;
yuuji@0	1317 }
yuuji@0	1318 }
yuuji@0	1319 default:
yuuji@0	1320 sprintf (tmp,"Mailbox vulnerable - error creating %.80s: %s",
yuuji@0	1321 base->lock,strerror (errno));
yuuji@0	1322 if (!disableLockWarning) MM_LOG (tmp,WARN);
yuuji@0	1323 break;
yuuji@0	1324 }
yuuji@0	1325 base->lock[0] = '\0'; /* don't use lock files */
yuuji@0	1326 return NIL;
yuuji@0	1327 }
yuuji@0	1328
yuuji@0	1329 /* Dot-lock file unlocker
yuuji@0	1330 * Accepts: lock file name
yuuji@0	1331 * Returns: T if success, NIL if failure
yuuji@0	1332 */
yuuji@0	1333
yuuji@0	1334 long dotlock_unlock (DOTLOCK *base)
yuuji@0	1335 {
yuuji@0	1336 long ret = LONGT;
yuuji@0	1337 if (base && base->lock[0]) {
yuuji@0	1338 if (base->pipei >= 0) { /* if running through a pipe unlocker */
yuuji@0	1339 ret = (write (base->pipeo,"+",1) == 1);
yuuji@0	1340 /* nuke the pipes */
yuuji@0	1341 close (base->pipei); close (base->pipeo);
yuuji@0	1342 }
yuuji@0	1343 else ret = !unlink (base->lock);
yuuji@0	1344 }
yuuji@0	1345 return ret;
yuuji@0	1346 }
yuuji@0	1347
yuuji@0	1348 /* Lock file name
yuuji@0	1349 * Accepts: scratch buffer
yuuji@0	1350 * file name
yuuji@0	1351 * type of locking operation (LOCK_SH or LOCK_EX)
yuuji@0	1352 * pointer to return PID of locker
yuuji@0	1353 * Returns: file descriptor of lock or negative if error
yuuji@0	1354 */
yuuji@0	1355
yuuji@0	1356 int lockname (char lock,char fname,int op,long *pid)
yuuji@0	1357 {
yuuji@0	1358 struct stat sbuf;
yuuji@0	1359 pid = 0; / no locker PID */
yuuji@0	1360 return stat (fname,&sbuf) ? -1 : lock_work (lock,&sbuf,op,pid);
yuuji@0	1361 }
yuuji@0	1362
yuuji@0	1363
yuuji@0	1364 /* Lock file descriptor
yuuji@0	1365 * Accepts: file descriptor
yuuji@0	1366 * lock file name buffer
yuuji@0	1367 * type of locking operation (LOCK_SH or LOCK_EX)
yuuji@0	1368 * Returns: file descriptor of lock or negative if error
yuuji@0	1369 */
yuuji@0	1370
yuuji@0	1371 int lockfd (int fd,char *lock,int op)
yuuji@0	1372 {
yuuji@0	1373 struct stat sbuf;
yuuji@0	1374 return fstat (fd,&sbuf) ? -1 : lock_work (lock,&sbuf,op,NIL);
yuuji@0	1375 }
yuuji@0	1376
yuuji@0	1377 /* Lock file name worker
yuuji@0	1378 * Accepts: lock file name
yuuji@0	1379 * pointer to stat() buffer
yuuji@0	1380 * type of locking operation (LOCK_SH or LOCK_EX)
yuuji@0	1381 * pointer to return PID of locker
yuuji@0	1382 * Returns: file descriptor of lock or negative if error
yuuji@0	1383 */
yuuji@0	1384
yuuji@0	1385 int lock_work (char lock,void sb,int op,long *pid)
yuuji@0	1386 {
yuuji@0	1387 struct stat lsb,fsb;
yuuji@0	1388 struct stat sbuf = (struct stat ) sb;
yuuji@0	1389 char tmp[MAILTMPLEN];
yuuji@0	1390 long i;
yuuji@0	1391 int fd;
yuuji@0	1392 int mask = umask (0);
yuuji@0	1393 if (pid) pid = 0; / initialize return PID */
yuuji@0	1394 /* make temporary lock file name */
yuuji@0	1395 sprintf (lock,"%s/.%lx.%lx",closedBox ? "" : tmpdir,
yuuji@0	1396 (unsigned long) sbuf->st_dev,(unsigned long) sbuf->st_ino);
yuuji@0	1397 while (T) { /* until get a good lock */
yuuji@0	1398 do switch ((int) chk_notsymlink (lock,&lsb)) {
yuuji@0	1399 case 1: /* exists just once */
yuuji@0	1400 if (((fd = open (lock,O_RDWR,shlock_mode)) >= 0) \|\|
yuuji@0	1401 (errno != ENOENT) \|\| (chk_notsymlink (lock,&lsb) >= 0)) break;
yuuji@0	1402 case -1: /* name doesn't exist */
yuuji@0	1403 fd = open (lock,O_RDWR\|O_CREAT\|O_EXCL,shlock_mode);
yuuji@0	1404 break;
yuuji@0	1405 default: /* multiple hard links */
yuuji@0	1406 MM_LOG ("hard link to lock name",ERROR);
yuuji@0	1407 syslog (LOG_CRIT,"SECURITY PROBLEM: hard link to lock name: %.80s",lock);
yuuji@0	1408 case 0: /* symlink (already did syslog) */
yuuji@0	1409 umask (mask); /* restore old mask */
yuuji@0	1410 return -1; /* fail: no lock file */
yuuji@0	1411 } while ((fd < 0) && (errno == EEXIST));
yuuji@0	1412 if (fd < 0) { /* failed to get file descriptor */
yuuji@0	1413 syslog (LOG_INFO,"Mailbox lock file %s open failure: %s",lock,
yuuji@0	1414 strerror (errno));
yuuji@0	1415 if (!closedBox) { /* more explicit snarl for bad configuration */
yuuji@0	1416 if (stat (tmpdir,&lsb))
yuuji@0	1417 syslog (LOG_CRIT,"SYSTEM ERROR: no %s: %s",tmpdir,strerror (errno));
yuuji@0	1418 else if ((lsb.st_mode & 01777) != 01777) {
yuuji@0	1419 sprintf (tmp,"Can't lock for write: %.80s must have 1777 protection",
yuuji@0	1420 tmpdir);
yuuji@0	1421 MM_LOG (tmp,WARN);
yuuji@0	1422 }
yuuji@0	1423 }
yuuji@0	1424 umask (mask); /* restore old mask */
yuuji@0	1425 return -1; /* fail: can't open lock file */
yuuji@0	1426 }
yuuji@0	1427
yuuji@0	1428 /* non-blocking form */
yuuji@0	1429 if (op & LOCK_NB) i = flock (fd,op);
yuuji@0	1430 else { /* blocking form */
yuuji@0	1431 (*mailblocknotify) (BLOCK_FILELOCK,NIL);
yuuji@0	1432 i = flock (fd,op);
yuuji@0	1433 (*mailblocknotify) (BLOCK_NONE,NIL);
yuuji@0	1434 }
yuuji@0	1435 if (i) { /* failed, get other process' PID */
yuuji@0	1436 if (pid && !fstat (fd,&fsb) && (i = min (fsb.st_size,MAILTMPLEN-1)) &&
yuuji@0	1437 (read (fd,tmp,i) == i) && !(tmp[i] = 0) && ((i = atol (tmp)) > 0))
yuuji@0	1438 *pid = i;
yuuji@0	1439 close (fd); /* failed, give up on lock */
yuuji@0	1440 umask (mask); /* restore old mask */
yuuji@0	1441 return -1; /* fail: can't lock */
yuuji@0	1442 }
yuuji@0	1443 /* make sure this lock is good for us */
yuuji@0	1444 if (!lstat (lock,&lsb) && ((lsb.st_mode & S_IFMT) != S_IFLNK) &&
yuuji@0	1445 !fstat (fd,&fsb) && (lsb.st_dev == fsb.st_dev) &&
yuuji@0	1446 (lsb.st_ino == fsb.st_ino) && (fsb.st_nlink == 1)) break;
yuuji@0	1447 close (fd); /* lock not right, drop fd and try again */
yuuji@0	1448 }
yuuji@0	1449 chmod (lock,shlock_mode); /* make sure mode OK (don't use fchmod()) */
yuuji@0	1450 umask (mask); /* restore old mask */
yuuji@0	1451 return fd; /* success */
yuuji@0	1452 }
yuuji@0	1453
yuuji@0	1454 /* Check to make sure not a symlink
yuuji@0	1455 * Accepts: file name
yuuji@0	1456 * stat buffer
yuuji@0	1457 * Returns: -1 if doesn't exist, NIL if symlink, else number of hard links
yuuji@0	1458 */
yuuji@0	1459
yuuji@0	1460 long chk_notsymlink (char name,void sb)
yuuji@0	1461 {
yuuji@0	1462 struct stat sbuf = (struct stat ) sb;
yuuji@0	1463 /* name exists? */
yuuji@0	1464 if (lstat (name,sbuf)) return -1;
yuuji@0	1465 /* forbid symbolic link */
yuuji@0	1466 if ((sbuf->st_mode & S_IFMT) == S_IFLNK) {
yuuji@0	1467 MM_LOG ("symbolic link on lock name",ERROR);
yuuji@0	1468 syslog (LOG_CRIT,"SECURITY PROBLEM: symbolic link on lock name: %.80s",
yuuji@0	1469 name);
yuuji@0	1470 return NIL;
yuuji@0	1471 }
yuuji@0	1472 return (long) sbuf->st_nlink; /* return number of hard links */
yuuji@0	1473 }
yuuji@0	1474
yuuji@0	1475
yuuji@0	1476 /* Unlock file descriptor
yuuji@0	1477 * Accepts: file descriptor
yuuji@0	1478 * lock file name from lockfd()
yuuji@0	1479 */
yuuji@0	1480
yuuji@0	1481 void unlockfd (int fd,char *lock)
yuuji@0	1482 {
yuuji@0	1483 /* delete the file if no sharers */
yuuji@0	1484 if (!flock (fd,LOCK_EX\|LOCK_NB)) unlink (lock);
yuuji@0	1485 flock (fd,LOCK_UN); /* unlock it */
yuuji@0	1486 close (fd); /* close it */
yuuji@0	1487 }
yuuji@0	1488
yuuji@0	1489 /* Set proper file protection for mailbox
yuuji@0	1490 * Accepts: mailbox name
yuuji@0	1491 * actual file path name
yuuji@0	1492 * Returns: T, always
yuuji@0	1493 */
yuuji@0	1494
yuuji@0	1495 long set_mbx_protections (char mailbox,char path)
yuuji@0	1496 {
yuuji@0	1497 struct stat sbuf;
yuuji@0	1498 int mode = (int) mbx_protection;
yuuji@0	1499 if (mailbox == '#') { / possible namespace? */
yuuji@0	1500 if (((mailbox[1] == 'f') \|\| (mailbox[1] == 'F')) &&
yuuji@0	1501 ((mailbox[2] == 't') \|\| (mailbox[2] == 'T')) &&
yuuji@0	1502 ((mailbox[3] == 'p') \|\| (mailbox[3] == 'P')) &&
yuuji@0	1503 (mailbox[4] == '/')) mode = (int) ftp_protection;
yuuji@0	1504 else if (((mailbox[1] == 'p') \|\| (mailbox[1] == 'P')) &&
yuuji@0	1505 ((mailbox[2] == 'u') \|\| (mailbox[2] == 'U')) &&
yuuji@0	1506 ((mailbox[3] == 'b') \|\| (mailbox[3] == 'B')) &&
yuuji@0	1507 ((mailbox[4] == 'l') \|\| (mailbox[4] == 'L')) &&
yuuji@0	1508 ((mailbox[5] == 'i') \|\| (mailbox[5] == 'I')) &&
yuuji@0	1509 ((mailbox[6] == 'c') \|\| (mailbox[6] == 'C')) &&
yuuji@0	1510 (mailbox[7] == '/')) mode = (int) public_protection;
yuuji@0	1511 else if (((mailbox[1] == 's') \|\| (mailbox[1] == 'S')) &&
yuuji@0	1512 ((mailbox[2] == 'h') \|\| (mailbox[2] == 'H')) &&
yuuji@0	1513 ((mailbox[3] == 'a') \|\| (mailbox[3] == 'A')) &&
yuuji@0	1514 ((mailbox[4] == 'r') \|\| (mailbox[4] == 'R')) &&
yuuji@0	1515 ((mailbox[5] == 'e') \|\| (mailbox[5] == 'E')) &&
yuuji@0	1516 ((mailbox[6] == 'd') \|\| (mailbox[6] == 'D')) &&
yuuji@0	1517 (mailbox[7] == '/')) mode = (int) shared_protection;
yuuji@0	1518 }
yuuji@0	1519 /* if a directory */
yuuji@0	1520 if (!stat (path,&sbuf) && ((sbuf.st_mode & S_IFMT) == S_IFDIR)) {
yuuji@0	1521 /* set owner search if allow read or write */
yuuji@0	1522 if (mode & 0600) mode \|= 0100;
yuuji@0	1523 if (mode & 060) mode \|= 010;/* set group search if allow read or write */
yuuji@0	1524 if (mode & 06) mode \|= 01; /* set world search if allow read or write */
yuuji@0	1525 /* preserve directory SGID bit */
yuuji@0	1526 if (sbuf.st_mode & S_ISGID) mode \|= S_ISGID;
yuuji@0	1527 }
yuuji@0	1528 chmod (path,mode); /* set the new protection, ignore failure */
yuuji@0	1529 return LONGT;
yuuji@0	1530 }
yuuji@0	1531
yuuji@0	1532 /* Get proper directory protection
yuuji@0	1533 * Accepts: mailbox name
yuuji@0	1534 * Returns: directory mode, always
yuuji@0	1535 */
yuuji@0	1536
yuuji@0	1537 long get_dir_protection (char *mailbox)
yuuji@0	1538 {
yuuji@0	1539 if (mailbox == '#') { / possible namespace? */
yuuji@0	1540 if (((mailbox[1] == 'f') \|\| (mailbox[1] == 'F')) &&
yuuji@0	1541 ((mailbox[2] == 't') \|\| (mailbox[2] == 'T')) &&
yuuji@0	1542 ((mailbox[3] == 'p') \|\| (mailbox[3] == 'P')) &&
yuuji@0	1543 (mailbox[4] == '/')) return ftp_dir_protection;
yuuji@0	1544 else if (((mailbox[1] == 'p') \|\| (mailbox[1] == 'P')) &&
yuuji@0	1545 ((mailbox[2] == 'u') \|\| (mailbox[2] == 'U')) &&
yuuji@0	1546 ((mailbox[3] == 'b') \|\| (mailbox[3] == 'B')) &&
yuuji@0	1547 ((mailbox[4] == 'l') \|\| (mailbox[4] == 'L')) &&
yuuji@0	1548 ((mailbox[5] == 'i') \|\| (mailbox[5] == 'I')) &&
yuuji@0	1549 ((mailbox[6] == 'c') \|\| (mailbox[6] == 'C')) &&
yuuji@0	1550 (mailbox[7] == '/')) return public_dir_protection;
yuuji@0	1551 else if (((mailbox[1] == 's') \|\| (mailbox[1] == 'S')) &&
yuuji@0	1552 ((mailbox[2] == 'h') \|\| (mailbox[2] == 'H')) &&
yuuji@0	1553 ((mailbox[3] == 'a') \|\| (mailbox[3] == 'A')) &&
yuuji@0	1554 ((mailbox[4] == 'r') \|\| (mailbox[4] == 'R')) &&
yuuji@0	1555 ((mailbox[5] == 'e') \|\| (mailbox[5] == 'E')) &&
yuuji@0	1556 ((mailbox[6] == 'd') \|\| (mailbox[6] == 'D')) &&
yuuji@0	1557 (mailbox[7] == '/')) return shared_dir_protection;
yuuji@0	1558 }
yuuji@0	1559 return dir_protection;
yuuji@0	1560 }
yuuji@0	1561
yuuji@0	1562 /* Determine default prototype stream to user
yuuji@0	1563 * Accepts: type (NIL for create, T for append)
yuuji@0	1564 * Returns: default prototype stream
yuuji@0	1565 */
yuuji@0	1566
yuuji@0	1567 MAILSTREAM *default_proto (long type)
yuuji@0	1568 {
yuuji@0	1569 myusername (); /* make sure initialized */
yuuji@0	1570 /* return default driver's prototype */
yuuji@0	1571 return type ? appendProto : createProto;
yuuji@0	1572 }
yuuji@0	1573
yuuji@0	1574
yuuji@0	1575 /* Set up user flags for stream
yuuji@0	1576 * Accepts: MAIL stream
yuuji@0	1577 * Returns: MAIL stream with user flags set up
yuuji@0	1578 */
yuuji@0	1579
yuuji@0	1580 MAILSTREAM user_flags (MAILSTREAM stream)
yuuji@0	1581 {
yuuji@0	1582 int i;
yuuji@0	1583 myusername (); /* make sure initialized */
yuuji@0	1584 for (i = 0; i < NUSERFLAGS && userFlags[i]; ++i)
yuuji@0	1585 if (!stream->user_flags[i]) stream->user_flags[i] = cpystr (userFlags[i]);
yuuji@0	1586 return stream;
yuuji@0	1587 }
yuuji@0	1588
yuuji@0	1589
yuuji@0	1590 /* Return nth user flag
yuuji@0	1591 * Accepts: user flag number
yuuji@0	1592 * Returns: flag
yuuji@0	1593 */
yuuji@0	1594
yuuji@0	1595 char *default_user_flag (unsigned long i)
yuuji@0	1596 {
yuuji@0	1597 myusername (); /* make sure initialized */
yuuji@0	1598 return userFlags[i];
yuuji@0	1599 }
yuuji@0	1600
yuuji@0	1601 /* Process rc file
yuuji@0	1602 * Accepts: file name
yuuji@0	1603 * .mminit flag
yuuji@0	1604 * Don't use this feature.
yuuji@0	1605 */
yuuji@0	1606
yuuji@0	1607 void dorc (char *file,long flag)
yuuji@0	1608 {
yuuji@0	1609 int i;
yuuji@0	1610 char s,t,k,r,tmp[MAILTMPLEN],tmpx[MAILTMPLEN];
yuuji@0	1611 extern MAILSTREAM CREATEPROTO;
yuuji@0	1612 extern MAILSTREAM EMPTYPROTO;
yuuji@0	1613 DRIVER *d;
yuuji@0	1614 FILE *f;
yuuji@0	1615 if ((f = fopen (file ? file : SYSCONFIG,"r")) &&
yuuji@0	1616 (s = fgets (tmp,MAILTMPLEN,f)) && (t = strchr (s,'\n'))) do {
yuuji@0	1617 t++ = '\0'; / tie off line, find second space */
yuuji@0	1618 if ((k = strchr (s,' ')) && (k = strchr (++k,' '))) {
yuuji@0	1619 k++ = '\0'; / tie off two words */
yuuji@0	1620 if (!compare_cstring (s,"set keywords") && !userFlags[0]) {
yuuji@0	1621 /* yes, get first keyword */
yuuji@0	1622 k = strtok_r (k,", ",&r);
yuuji@0	1623 /* copy keyword list */
yuuji@0	1624 for (i = 0; k && i < NUSERFLAGS; ++i) if (strlen (k) <= MAXUSERFLAG) {
yuuji@0	1625 if (userFlags[i]) fs_give ((void **) &userFlags[i]);
yuuji@0	1626 userFlags[i] = cpystr (k);
yuuji@0	1627 k = strtok_r (NIL,", ",&r);
yuuji@0	1628 }
yuuji@0	1629 if (flag) break; /* found "set keywords" in .mminit */
yuuji@0	1630 }
yuuji@0	1631
yuuji@0	1632 else if (!flag) { /* none of these valid in .mminit */
yuuji@0	1633 if (myUserName) { /* only valid if logged in */
yuuji@0	1634 if (!compare_cstring (s,"set new-mailbox-format") \|\|
yuuji@0	1635 !compare_cstring (s,"set new-folder-format")) {
yuuji@0	1636 if (!compare_cstring (k,"same-as-inbox")) {
yuuji@0	1637 if (d = mail_valid (NIL,"INBOX",NIL)) {
yuuji@0	1638 if (!compare_cstring (d->name,"mbox"))
yuuji@0	1639 d = (DRIVER *) mail_parameters (NIL,GET_DRIVER,
yuuji@0	1640 (void *) "unix");
yuuji@0	1641 else if (!compare_cstring (d->name,"dummy")) d = NIL;
yuuji@0	1642 }
yuuji@0	1643 createProto = d ? ((*d->open) (NIL)) : &CREATEPROTO;
yuuji@0	1644 }
yuuji@0	1645 else if (!compare_cstring (k,"system-standard"))
yuuji@0	1646 createProto = &CREATEPROTO;
yuuji@0	1647 else { /* canonicalize mbox to unix */
yuuji@0	1648 if (!compare_cstring (k,"mbox")) k = "unix";
yuuji@0	1649 /* see if a driver name */
yuuji@0	1650 if (d = (DRIVER ) mail_parameters (NIL,GET_DRIVER,(void ) k))
yuuji@0	1651 createProto = (*d->open) (NIL);
yuuji@0	1652 else { /* duh... */
yuuji@0	1653 sprintf (tmpx,"Unknown new mailbox format in %s: %s",
yuuji@0	1654 file ? file : SYSCONFIG,k);
yuuji@0	1655 MM_LOG (tmpx,WARN);
yuuji@0	1656 }
yuuji@0	1657 }
yuuji@0	1658 }
yuuji@0	1659 if (!compare_cstring (s,"set empty-mailbox-format") \|\|
yuuji@0	1660 !compare_cstring (s,"set empty-folder-format")) {
yuuji@0	1661 if (!compare_cstring (k,"invalid")) appendProto = NIL;
yuuji@0	1662 else if (!compare_cstring (k,"same-as-inbox"))
yuuji@0	1663 appendProto = ((d = mail_valid (NIL,"INBOX",NIL)) &&
yuuji@0	1664 compare_cstring (d->name,"dummy")) ?
yuuji@0	1665 ((*d->open) (NIL)) : &EMPTYPROTO;
yuuji@0	1666 else if (!compare_cstring (k,"system-standard"))
yuuji@0	1667 appendProto = &EMPTYPROTO;
yuuji@0	1668 else { /* see if a driver name */
yuuji@0	1669 for (d = (DRIVER *) mail_parameters (NIL,GET_DRIVERS,NIL);
yuuji@0	1670 d && compare_cstring (d->name,k); d = d->next);
yuuji@0	1671 if (d) appendProto = (*d->open) (NIL);
yuuji@0	1672 else { /* duh... */
yuuji@0	1673 sprintf (tmpx,"Unknown empty mailbox format in %s: %s",
yuuji@0	1674 file ? file : SYSCONFIG,k);
yuuji@0	1675 MM_LOG (tmpx,WARN);
yuuji@0	1676 }
yuuji@0	1677 }
yuuji@0	1678 }
yuuji@0	1679 }
yuuji@0	1680
yuuji@0	1681 if (!compare_cstring (s,"set local-host")) {
yuuji@0	1682 fs_give ((void **) &myLocalHost);
yuuji@0	1683 myLocalHost = cpystr (k);
yuuji@0	1684 }
yuuji@0	1685 else if (!compare_cstring (s,"set news-active-file")) {
yuuji@0	1686 fs_give ((void **) &newsActive);
yuuji@0	1687 newsActive = cpystr (k);
yuuji@0	1688 }
yuuji@0	1689 else if (!compare_cstring (s,"set news-spool-directory")) {
yuuji@0	1690 fs_give ((void **) &newsSpool);
yuuji@0	1691 newsSpool = cpystr (k);
yuuji@0	1692 }
yuuji@0	1693 else if (!compare_cstring (s,"set mh-path"))
yuuji@0	1694 mail_parameters (NIL,SET_MHPATH,(void *) k);
yuuji@0	1695 else if (!compare_cstring (s,"set mh-allow-inbox"))
yuuji@0	1696 mail_parameters (NIL,SET_MHALLOWINBOX,(void *) atol (k));
yuuji@0	1697 else if (!compare_cstring (s,"set news-state-file")) {
yuuji@0	1698 fs_give ((void **) &myNewsrc);
yuuji@0	1699 myNewsrc = cpystr (k);
yuuji@0	1700 }
yuuji@0	1701 else if (!compare_cstring (s,"set ftp-export-directory")) {
yuuji@0	1702 fs_give ((void **) &ftpHome);
yuuji@0	1703 ftpHome = cpystr (k);
yuuji@0	1704 }
yuuji@0	1705 else if (!compare_cstring (s,"set public-home-directory")) {
yuuji@0	1706 fs_give ((void **) &publicHome);
yuuji@0	1707 publicHome = cpystr (k);
yuuji@0	1708 }
yuuji@0	1709 else if (!compare_cstring (s,"set shared-home-directory")) {
yuuji@0	1710 fs_give ((void **) &sharedHome);
yuuji@0	1711 sharedHome = cpystr (k);
yuuji@0	1712 }
yuuji@0	1713 else if (!compare_cstring (s,"set system-inbox")) {
yuuji@0	1714 fs_give ((void **) &sysInbox);
yuuji@0	1715 sysInbox = cpystr (k);
yuuji@0	1716 }
yuuji@0	1717 else if (!compare_cstring (s,"set mail-subdirectory")) {
yuuji@0	1718 fs_give ((void **) &mailsubdir);
yuuji@0	1719 mailsubdir = cpystr (k);
yuuji@0	1720 }
yuuji@0	1721 else if (!compare_cstring (s,"set from-widget"))
yuuji@0	1722 mail_parameters (NIL,SET_FROMWIDGET,
yuuji@0	1723 compare_cstring (k,"header-only") ?
yuuji@0	1724 VOIDT : NIL);
yuuji@0	1725
yuuji@0	1726 else if (!compare_cstring (s,"set rsh-command"))
yuuji@0	1727 mail_parameters (NIL,SET_RSHCOMMAND,(void *) k);
yuuji@0	1728 else if (!compare_cstring (s,"set rsh-path"))
yuuji@0	1729 mail_parameters (NIL,SET_RSHPATH,(void *) k);
yuuji@0	1730 else if (!compare_cstring (s,"set ssh-command"))
yuuji@0	1731 mail_parameters (NIL,SET_SSHCOMMAND,(void *) k);
yuuji@0	1732 else if (!compare_cstring (s,"set ssh-path"))
yuuji@0	1733 mail_parameters (NIL,SET_SSHPATH,(void *) k);
yuuji@0	1734 else if (!compare_cstring (s,"set tcp-open-timeout"))
yuuji@0	1735 mail_parameters (NIL,SET_OPENTIMEOUT,(void *) atol (k));
yuuji@0	1736 else if (!compare_cstring (s,"set tcp-read-timeout"))
yuuji@0	1737 mail_parameters (NIL,SET_READTIMEOUT,(void *) atol (k));
yuuji@0	1738 else if (!compare_cstring (s,"set tcp-write-timeout"))
yuuji@0	1739 mail_parameters (NIL,SET_WRITETIMEOUT,(void *) atol (k));
yuuji@0	1740 else if (!compare_cstring (s,"set rsh-timeout"))
yuuji@0	1741 mail_parameters (NIL,SET_RSHTIMEOUT,(void *) atol (k));
yuuji@0	1742 else if (!compare_cstring (s,"set ssh-timeout"))
yuuji@0	1743 mail_parameters (NIL,SET_SSHTIMEOUT,(void *) atol (k));
yuuji@0	1744 else if (!compare_cstring (s,"set maximum-login-trials"))
yuuji@0	1745 mail_parameters (NIL,SET_MAXLOGINTRIALS,(void *) atol (k));
yuuji@0	1746 else if (!compare_cstring (s,"set lookahead"))
yuuji@0	1747 mail_parameters (NIL,SET_LOOKAHEAD,(void *) atol (k));
yuuji@0	1748 else if (!compare_cstring (s,"set prefetch"))
yuuji@0	1749 mail_parameters (NIL,SET_PREFETCH,(void *) atol (k));
yuuji@0	1750 else if (!compare_cstring (s,"set close-on-error"))
yuuji@0	1751 mail_parameters (NIL,SET_CLOSEONERROR,(void *) atol (k));
yuuji@0	1752 else if (!compare_cstring (s,"set imap-port"))
yuuji@0	1753 mail_parameters (NIL,SET_IMAPPORT,(void *) atol (k));
yuuji@0	1754 else if (!compare_cstring (s,"set pop3-port"))
yuuji@0	1755 mail_parameters (NIL,SET_POP3PORT,(void *) atol (k));
yuuji@0	1756 else if (!compare_cstring (s,"set uid-lookahead"))
yuuji@0	1757 mail_parameters (NIL,SET_UIDLOOKAHEAD,(void *) atol (k));
yuuji@0	1758 else if (!compare_cstring (s,"set try-ssl-first"))
yuuji@0	1759 mail_parameters (NIL,SET_TRYSSLFIRST,(void *) atol (k));
yuuji@0	1760
yuuji@0	1761 else if (!compare_cstring (s,"set mailbox-protection"))
yuuji@0	1762 mbx_protection = atol (k);
yuuji@0	1763 else if (!compare_cstring (s,"set directory-protection"))
yuuji@0	1764 dir_protection = atol (k);
yuuji@0	1765 else if (!compare_cstring (s,"set lock-protection"))
yuuji@0	1766 dotlock_mode = atol (k);
yuuji@0	1767 else if (!compare_cstring (s,"set ftp-protection"))
yuuji@0	1768 ftp_protection = atol (k);
yuuji@0	1769 else if (!compare_cstring (s,"set public-protection"))
yuuji@0	1770 public_protection = atol (k);
yuuji@0	1771 else if (!compare_cstring (s,"set shared-protection"))
yuuji@0	1772 shared_protection = atol (k);
yuuji@0	1773 else if (!compare_cstring (s,"set ftp-directory-protection"))
yuuji@0	1774 ftp_dir_protection = atol (k);
yuuji@0	1775 else if (!compare_cstring (s,"set public-directory-protection"))
yuuji@0	1776 public_dir_protection = atol (k);
yuuji@0	1777 else if (!compare_cstring (s,"set shared-directory-protection"))
yuuji@0	1778 shared_dir_protection = atol (k);
yuuji@0	1779 else if (!compare_cstring (s,"set dot-lock-file-timeout"))
yuuji@0	1780 locktimeout = atoi (k);
yuuji@0	1781 else if (!compare_cstring (s,"set disable-fcntl-locking"))
yuuji@0	1782 fcntlhangbug = atoi (k);
yuuji@0	1783 else if (!compare_cstring (s,"set disable-lock-warning"))
yuuji@0	1784 disableLockWarning = atoi (k);
yuuji@0	1785 else if (!compare_cstring (s,"set disable-unix-UIDs-and-keywords"))
yuuji@0	1786 has_no_life = atoi (k);
yuuji@0	1787 else if (!compare_cstring (s,"set hide-dot-files"))
yuuji@0	1788 hideDotFiles = atoi (k);
yuuji@0	1789 else if (!compare_cstring (s,"set list-maximum-level"))
yuuji@0	1790 list_max_level = atol (k);
yuuji@0	1791 else if (!compare_cstring (s,"set trust-dns"))
yuuji@0	1792 mail_parameters (NIL,SET_TRUSTDNS,(void *) atol (k));
yuuji@0	1793 else if (!compare_cstring (s,"set sasl-uses-ptr-name"))
yuuji@0	1794 mail_parameters (NIL,SET_SASLUSESPTRNAME,(void *) atol (k));
yuuji@0	1795 else if (!compare_cstring (s,"set network-filesystem-stat-bug"))
yuuji@0	1796 netfsstatbug = atoi (k);
yuuji@0	1797 else if (!compare_cstring (s,"set nntp-range"))
yuuji@0	1798 mail_parameters (NIL,SET_NNTPRANGE,(void *) atol (k));
yuuji@0	1799
yuuji@0	1800 else if (!file) { /* only allowed in system init */
yuuji@0	1801 if (!compare_cstring (s,"set black-box-directory") &&
yuuji@0	1802 !blackBoxDir) blackBoxDir = cpystr (k);
yuuji@0	1803 else if (!compare_cstring(s,"set black-box-default-home-directory")&&
yuuji@0	1804 blackBoxDir && !blackBoxDefaultHome)
yuuji@0	1805 blackBoxDefaultHome = cpystr (k);
yuuji@0	1806 else if (!compare_cstring (s,"set anonymous-home-directory") &&
yuuji@0	1807 !anonymousHome) anonymousHome = cpystr (k);
yuuji@0	1808 /* It's tempting to allow setting the CA path
yuuji@0	1809 * in a user init. However, that opens up a
yuuji@0	1810 * vector of attack big enough to drive a
yuuji@0	1811 * truck through... Resist the temptation.
yuuji@0	1812 */
yuuji@0	1813 else if (!compare_cstring (s,"set CA-certificate-path"))
yuuji@0	1814 sslCApath = cpystr (k);
yuuji@0	1815 else if (!compare_cstring (s,"set disable-plaintext"))
yuuji@0	1816 disablePlaintext = atoi (k);
yuuji@0	1817 else if (!compare_cstring (s,"set allowed-login-attempts"))
yuuji@0	1818 logtry = atoi (k);
yuuji@0	1819 else if (!compare_cstring (s,"set chroot-server"))
yuuji@0	1820 closedBox = atoi (k);
yuuji@0	1821 else if (!compare_cstring (s,"set restrict-mailbox-access"))
yuuji@0	1822 for (k = strtok_r (k,", ",&r); k; k = strtok_r (NIL,", ",&r)) {
yuuji@0	1823 if (!compare_cstring (k,"root")) restrictBox \|= RESTRICTROOT;
yuuji@0	1824 else if (!compare_cstring (k,"otherusers"))
yuuji@0	1825 restrictBox \|= RESTRICTOTHERUSER;
yuuji@0	1826 else if (!compare_cstring (k,"all")) restrictBox = -1;
yuuji@0	1827 }
yuuji@0	1828 else if (!compare_cstring (s,"set advertise-the-world"))
yuuji@0	1829 advertisetheworld = atoi (k);
yuuji@0	1830 else if (!compare_cstring (s,"set limited-advertise"))
yuuji@0	1831 limitedadvertise = atoi (k);
yuuji@0	1832 else if (!compare_cstring
yuuji@0	1833 (s,"set disable-automatic-shared-namespaces"))
yuuji@0	1834 noautomaticsharedns = atoi (k);
yuuji@0	1835 else if (!compare_cstring (s,"set allow-user-config"))
yuuji@0	1836 allowuserconfig = atoi (k);
yuuji@0	1837 else if (!compare_cstring (s,"set allow-reverse-dns"))
yuuji@0	1838 mail_parameters (NIL,SET_ALLOWREVERSEDNS,(void *) atol (k));
yuuji@0	1839 else if (!compare_cstring (s,"set k5-cp-uses-service-name"))
yuuji@0	1840 kerb_cp_svr_name = atoi (k);
yuuji@0	1841 /* must appear in file after any
yuuji@0	1842 * "set disable-plaintext" command! */
yuuji@0	1843 else if (!compare_cstring (s,"set plaintext-allowed-clients")) {
yuuji@0	1844 for (k = strtok_r (k,", ",&r); k && !tcp_isclienthost (k);
yuuji@0	1845 k = strtok_r (NIL,", ",&r));
yuuji@0	1846 if (k) disablePlaintext = 0;
yuuji@0	1847 }
yuuji@0	1848 }
yuuji@0	1849 }
yuuji@0	1850 }
yuuji@0	1851 } while ((s = fgets (tmp,MAILTMPLEN,f)) && (t = strchr (s,'\n')));
yuuji@0	1852 if (f) fclose (f); /* flush the file */
yuuji@0	1853 }
yuuji@0	1854
yuuji@0	1855 /* INBOX create function for tmail/dmail use only
yuuji@0	1856 * Accepts: mail stream
yuuji@0	1857 * path name buffer, preloaded with driver-dependent path
yuuji@0	1858 * Returns: T on success, NIL on failure
yuuji@0	1859 *
yuuji@0	1860 * This routine is evil and a truly incredible kludge. It is private for
yuuji@0	1861 * tmail/dmail and is not supported for any other application.
yuuji@0	1862 */
yuuji@0	1863
yuuji@0	1864 long path_create (MAILSTREAM stream,char path)
yuuji@0	1865 {
yuuji@0	1866 long ret;
yuuji@0	1867 short rsave = restrictBox;
yuuji@0	1868 restrictBox = NIL; /* can't restrict */
yuuji@0	1869 if (blackBox) { /* if black box */
yuuji@0	1870 /* toss out driver dependent names */
yuuji@3	1871 sprintf (path,"%s/INBOX",mymailboxdir ());
yuuji@0	1872 blackBox = NIL; /* well that's evil - evil is going on */
yuuji@0	1873 ret = mail_create (stream,path);
yuuji@0	1874 blackBox = T; /* restore the box */
yuuji@0	1875 }
yuuji@0	1876 /* easy thing otherwise */
yuuji@0	1877 else ret = mail_create (stream,path);
yuuji@0	1878 restrictBox = rsave; /* restore restrictions */
yuuji@0	1879 return ret;
yuuji@0	1880 }
yuuji@0	1881
yuuji@0	1882 /* Default block notify routine
yuuji@0	1883 * Accepts: reason for calling
yuuji@0	1884 * data
yuuji@0	1885 * Returns: data
yuuji@0	1886 */
yuuji@0	1887
yuuji@0	1888 void mm_blocknotify (int reason,void data)
yuuji@0	1889 {
yuuji@0	1890 void *ret = data;
yuuji@0	1891 switch (reason) {
yuuji@0	1892 case BLOCK_SENSITIVE: /* entering sensitive code */
yuuji@0	1893 ret = (void *) (unsigned long) alarm (0);
yuuji@0	1894 break;
yuuji@0	1895 case BLOCK_NONSENSITIVE: /* exiting sensitive code */
yuuji@0	1896 if ((unsigned long) data) alarm ((unsigned long) data);
yuuji@0	1897 break;
yuuji@0	1898 default: /* ignore all other reasons */
yuuji@0	1899 break;
yuuji@0	1900 }
yuuji@0	1901 return ret;
yuuji@0	1902 }