X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/ed7f7860402395aedcb9e9c0cbade291c675a12f..e2f5dc151e2e79058e93924e6d35510557f0535d:/src/src/exim.c

diff --git a/src/src/exim.c b/src/src/exim.c
index 7d1c3b6a6..0d8f24492 100644
--- a/src/src/exim.c
+++ b/src/src/exim.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/exim.c,v 1.67 2010/06/06 00:27:52 pdp Exp $ */
+/* $Cambridge: exim/src/src/exim.c,v 1.71 2010/06/07 00:12:42 pdp Exp $ */
 
 /*************************************************
 *     Exim - an Internet mail transport agent    *
@@ -685,8 +685,8 @@ else
 *          Show supported features               *
 *************************************************/
 
-/* This function is called for -bV and for -d to output the optional features
-of the current Exim binary.
+/* This function is called for -bV/--version and for -d to output the optional
+features of the current Exim binary.
 
 Arguments:  a FILE for printing
 Returns:    nothing
@@ -905,7 +905,7 @@ if (fixed_never_users[0] > 0)
   fprintf(f, "%d\n", (unsigned int)fixed_never_users[i]);
   }
 
-fprintf(f, "Size of off_t: %d\n", sizeof(off_t));
+fprintf(f, "Size of off_t: " SIZE_T_FMT "\n", sizeof(off_t));
 
 /* This runtime check is to help diagnose library linkage mismatches which
 result in segfaults and the like; as such, it's left until the end,
@@ -1234,6 +1234,12 @@ This is a feature to make the lives of binary distributors easier. */
 #ifdef EXIM_USERNAME
 if (route_finduser(US EXIM_USERNAME, &pw, &exim_uid))
   {
+  if (exim_uid == 0)
+    {
+    fprintf(stderr, "exim: refusing to run with uid 0 for \"%s\"\n",
+      EXIM_USERNAME);
+    exit(EXIT_FAILURE);
+    }
   exim_gid = pw->pw_gid;
   }
 else
@@ -1489,16 +1495,6 @@ running in an unprivileged state. */
 
 unprivileged = (real_uid != root_uid && original_euid != root_uid);
 
-/* If the first argument is --help, set usage_wanted and pretend there
-are no arguments. This will cause a brief message to be given.   We do
-the message generation downstream so we can pick up how we were invoked */
-
-if (argc > 1 && Ustrcmp(argv[1], "--help") == 0)
-  {
-  argc = 1;
-  usage_wanted = TRUE;
-  }
-
 /* Scan the program's arguments. Some can be dealt with right away; others are
 simply recorded for checking and handling afterwards. Do a high-level switch
 on the second character (the one after '-'), to save some effort. */
@@ -1563,6 +1559,21 @@ for (i = 1; i < argc; i++)
     argrest++;
     }
 
+  /* deal with --option_aliases */
+  else if (switchchar == '-')
+    {
+    if (Ustrcmp(argrest, "help") == 0)
+      {
+      usage_wanted = TRUE;
+      break;
+      }
+    else if (Ustrcmp(argrest, "version") == 0)
+      {
+      switchchar = 'b';
+      argrest = US"V";
+      }
+    }
+
   /* High-level switch on active initial letter */
 
   switch(switchchar)
@@ -1837,6 +1848,7 @@ for (i = 1; i < argc; i++)
 
       config_main_filelist = argrest;
       config_changed = TRUE;
+      trusted_config = FALSE;
       }
     break;
 
@@ -3035,7 +3047,7 @@ values (such as the path name). If running in the test harness, pretend that
 configuration file changes and macro definitions haven't happened. */
 
 if ((                                            /* EITHER */
-    (config_changed || macros != NULL) &&        /* Config changed, and */
+    (!trusted_config || macros != NULL) &&       /* Config changed, and */
     real_uid != root_uid &&                      /* Not root, and */
     #ifndef ALT_CONFIG_ROOT_ONLY                 /* (when not locked out) */
     real_uid != exim_uid &&                      /* Not exim, and */
@@ -3254,7 +3266,7 @@ If ALT_CONFIG_ROOT_ONLY is defined, we don't know whether we were called by the
 built-in exim user or one defined in the configuration. In either event,
 re-enable log processing, assuming the sysadmin knows what they are doing. */
 
-if (removed_privilege && (config_changed || macros != NULL) &&
+if (removed_privilege && (!trusted_config || macros != NULL) &&
     real_uid == exim_uid)
   {
   #ifdef ALT_CONFIG_ROOT_ONLY
@@ -3266,7 +3278,7 @@ if (removed_privilege && (config_changed || macros != NULL) &&
   else
     log_write(0, LOG_MAIN|LOG_PANIC,
       "exim user (uid=%d) is defined only at runtime; privilege lost for %s",
-      (int)exim_uid, config_changed? "-C" : "-D");
+      (int)exim_uid, trusted_config? "-D" : "-C");
   #endif
   }
 
@@ -3612,6 +3624,7 @@ else setgid(exim_gid);
 /* Handle a request to scan a file for malware */
 if (malware_test_file)
   {
+#ifdef WITH_CONTENT_SCAN
   int result;
   set_process_info("scanning file for malware");
   result = malware_in_file(malware_test_file);
@@ -3629,6 +3642,9 @@ if (malware_test_file)
     printf("Malware found: %s\n", malware_name);
   else
     printf("Malware scan detected malware of unknown name.\n");
+#else
+  printf("Malware scanning not enabled at compile time.\n");
+#endif
   exit(EXIT_FAILURE);
   }