Alex Kiernan's patch for a problem with libradius.

[exim.git] / src / src / exim.c

diff --git a/src/src/exim.c b/src/src/exim.c
index 44e0a9a14691b7766c04f0933ad4cf934703ea24..41016ad3e3b5c849681eb7e9b6e5e86b90d855d1 100644 (file)
--- a/src/src/exim.c
+++ b/src/src/exim.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/exim.c,v 1.35 2006/02/22 14:46:44 ph10 Exp $ */
+/* $Cambridge: exim/src/src/exim.c,v 1.39 2006/05/22 18:42:34 fanf2 Exp $ */
 
 /*************************************************
 *     Exim - an Internet mail transport agent    *
@@ -397,10 +397,9 @@ Returns:          the fopened FILE or NULL
 FILE *
 modefopen(uschar *filename, char *options, mode_t mode)
 {
-FILE *f;
-umask(0777);
-f = Ufopen(filename, options);
-umask(0);
+mode_t saved_umask = umask(0777);
+FILE *f = Ufopen(filename, options);
+(void)umask(saved_umask);
 if (f != NULL) (void)fchmod(fileno(f), mode);
 return f;
 }
@@ -875,8 +874,8 @@ fprintf(f, "Support for:");
 #if HAVE_IPV6
   fprintf(f, " IPv6");
 #endif
-#ifdef HAVE_LOGIN_CAP
-  fprintf(f, " use_classresources");
+#ifdef HAVE_SETCLASSRESOURCES
+  fprintf(f, " use_setclassresources");
 #endif
 #ifdef SUPPORT_PAM
   fprintf(f, " PAM");
@@ -1473,7 +1472,7 @@ message_id_external[0] = 'E';
 message_id = message_id_external + 1;
 message_id[0] = 0;
 
-/* Set the umask to zero so that any files that Exim creates using open() are
+/* Set the umask to zero so that any files Exim creates using open() are
 created with the modes that it specifies. NOTE: Files created with fopen() have
 a problem, which was not recognized till rather late (February 2006). With this
 umask, such files will be world writeable. (They are all content scanning files
@@ -1483,7 +1482,7 @@ however, because it will interact badly with the open() calls. Instead, there's
 now a function called modefopen() that fiddles with the umask while calling
 fopen(). */
 
-umask(0);
+(void)umask(0);
 
 /* Precompile the regular expression for matching a message id. Keep this in
 step with the code that generates ids in the accept.c module. We need to do
@@ -3598,7 +3597,9 @@ root privilege above as a result of -C, -D, -be, -bf or -bF, remove it now
 except when starting the daemon or doing some kind of delivery or address
 testing (-bt). These are the only cases when root need to be retained. We run
 as exim for -bv and -bh. However, if deliver_drop_privilege is set, root is
-retained only for starting the daemon. */
+retained only for starting the daemon. We always do the initgroups() in this
+situation (controlled by the TRUE below), in order to be as close as possible
+to the state Exim usually runs in. */
 
 if (!unprivileged &&                      /* originally had root AND */
     !removed_privilege &&                 /* still got root AND      */
@@ -3614,7 +3615,7 @@ if (!unprivileged &&                      /* originally had root AND */
         )
       ))
   {
-  exim_setugid(exim_uid, exim_gid, FALSE, US"privilege not needed");
+  exim_setugid(exim_uid, exim_gid, TRUE, US"privilege not needed");
   }
 
 /* When we are retaining a privileged uid, we still change to the exim gid. */
@@ -3726,11 +3727,13 @@ if (test_retry_arg >= 0)
       return EXIT_FAILURE;
       }
 
-    /* For the rcpt_4xx errors, a value of 255 means "any", and a code > 100 as
-    an error is for matching codes to the decade. Turn them into a real error
-    code, off the decade. */
+    /* For the {MAIL,RCPT,DATA}_4xx errors, a value of 255 means "any", and a
+    code > 100 as an error is for matching codes to the decade. Turn them into
+    a real error code, off the decade. */
 
-    if (basic_errno == ERRNO_RCPT4XX)
+    if (basic_errno == ERRNO_MAIL4XX ||
+        basic_errno == ERRNO_RCPT4XX ||
+        basic_errno == ERRNO_DATA4XX)
       {
       int code = (more_errno >> 8) & 255;
       if (code == 255)