Minor robustness fixes for debugging.

[exim.git] / src / src / exim.c

diff --git a/src/src/exim.c b/src/src/exim.c
index 67fbc5cf7a9a558ae3b9d422eb71fdf2f9d05f69..c368e590695f312a369d4b6ebcf14fbeab17d683 100644 (file)
--- a/src/src/exim.c
+++ b/src/src/exim.c
@@ -570,17 +570,20 @@ if (euid == root_uid || euid != uid || egid != gid || igflag)
 
 DEBUG(D_uid)
   {
-  int group_count;
+  int group_count, save_errno;
   gid_t group_list[NGROUPS_MAX];
   debug_printf("changed uid/gid: %s\n  uid=%ld gid=%ld pid=%ld\n", msg,
     (long int)geteuid(), (long int)getegid(), (long int)getpid());
   group_count = getgroups(NGROUPS_MAX, group_list);
+  save_errno = errno;
   debug_printf("  auxiliary group list:");
   if (group_count > 0)
     {
     int i;
     for (i = 0; i < group_count; i++) debug_printf(" %d", (int)group_list[i]);
     }
+  else if (group_count < 0)
+    debug_printf(" <error: %s>", strerror(save_errno));
   else debug_printf(" <none>");
   debug_printf("\n");
   }
@@ -931,8 +934,13 @@ DEBUG(D_any) do {
              "                       Runtime: %s\n",
           PCRE_MAJOR, PCRE_MINOR,
           /* PRE_PRERELEASE is either defined and empty or a string.
-           * This should work: */
+           * unless its an ancient version of PCRE in which case it
+           * is not defined */
+#ifdef PCRE_PRERELEASE
           PCRE_PRERELEASE "",
+#else
+          "",
+#endif
           pcre_version());
 
   init_lookup_list();
@@ -942,6 +950,17 @@ DEBUG(D_any) do {
       lookup_list[i]->version_report(f);
     }
 
+#ifdef WHITELIST_D_MACROS
+  fprintf(f, "WHITELIST_D_MACROS: \"%s\"\n", WHITELIST_D_MACROS);
+#else
+  fprintf(f, "WHITELIST_D_MACROS unset\n");
+#endif
+#ifdef TRUSTED_CONFIG_LIST
+  fprintf(f, "TRUSTED_CONFIG_LIST: \"%s\"\n", TRUSTED_CONFIG_LIST);
+#else
+  fprintf(f, "TRUSTED_CONFIG_LIST unset\n");
+#endif
+
 } while (0);
 }
 
@@ -1265,7 +1284,7 @@ for (m = macros; m != NULL; m = m->next)
     return FALSE;
     }
   }
-debug_printf("macros_trusted overriden to true by whitelisting\n");
+DEBUG(D_any) debug_printf("macros_trusted overriden to true by whitelisting\n");
 return TRUE;
 #endif
 }
@@ -3265,6 +3284,11 @@ till after reading the config, which might specify the exim gid. Therefore,
 save the group list here first. */
 
 group_count = getgroups(NGROUPS_MAX, group_list);
+if (group_count < 0)
+  {
+  fprintf(stderr, "exim: getgroups() failed: %s\n", strerror(errno));
+  exit(EXIT_FAILURE);
+  }
 
 /* There is a fundamental difference in some BSD systems in the matter of
 groups. FreeBSD and BSDI are known to be different; NetBSD and OpenBSD are
@@ -3327,9 +3351,13 @@ if ((                                            /* EITHER */
   and should be used for any logging information because attempts to write
   to the log will usually fail. To arrange this, we unset really_exim. However,
   if no stderr is available there is no point - we might as well have a go
-  at the log (if it fails, syslog will be written). */
+  at the log (if it fails, syslog will be written).
+
+  Note that if the invoker is Exim, the logs remain available. Messing with
+  this causes unlogged successful deliveries.  */
 
-  if (log_stderr != NULL) really_exim = FALSE;
+  if ((log_stderr != NULL) && (real_uid != exim_uid))
+    really_exim = FALSE;
   }
 
 /* Privilege is to be retained for the moment. It may be dropped later,
@@ -3885,14 +3913,14 @@ else
   no need to complain then. */
   if (rv == -1)
     {
-    if (!unprivileged)
+    if (!(unprivileged || removed_privilege))
       {
       fprintf(stderr,
           "exim: changing group failed: %s\n", strerror(errno));
       exit(EXIT_FAILURE);
       }
     else
-      debug_printf("changing group to %ld failed: %s\n",
+      DEBUG(D_any) debug_printf("changing group to %ld failed: %s\n",
           (long int)exim_gid, strerror(errno));
     }
   }