#include "exim.h"
-#ifdef __GLIBC__
+#if defined(__GLIBC__) && !defined(__UCLIBC__)
# include <gnu/libc-version.h>
#endif
fprintf(f, "Compiler: <unknown>\n");
#endif
-#ifdef __GLIBC__
+#if defined(__GLIBC__) && !defined(__UCLIBC__)
fprintf(f, "Library version: Glibc: Compile: %d.%d\n",
__GLIBC__, __GLIBC_MINOR__);
if (__GLIBC_PREREQ(2, 1))
/* Set up $sending_ip_address and $sending_port, unless proxied */
- if (!continue_proxy)
+ if (!continue_proxy_cipher)
if (getsockname(fileno(stdin), (struct sockaddr *)(&interface_sock),
&size) == 0)
sending_ip_address = host_ntoa(-1, &interface_sock, NULL,
#ifdef SUPPORT_TLS
/* -MCt: similar to -MCT below but the connection is still open
via a proxy proces which handles the TLS context and coding.
- Require two arguments for the proxied local address and port. */
+ Require three arguments for the proxied local address and port,
+ and the TLS cipher. */
- case 't': continue_proxy = TRUE;
- if (++i < argc) sending_ip_address = argv[i];
+ case 't': if (++i < argc) sending_ip_address = argv[i];
else badarg = TRUE;
if (++i < argc) sending_port = (int)(Uatol(argv[i]));
else badarg = TRUE;
+ if (++i < argc) continue_proxy_cipher = argv[i];
+ else badarg = TRUE;
/*FALLTHROUGH*/
/* -MCT: set the tls_offered flag; this is useful only when it
readconf_main(checking || list_options);
+if (builtin_macros_create_trigger) DEBUG(D_any)
+ debug_printf("Builtin macros created (expensive) due to config line '%.*s'\n",
+ Ustrlen(builtin_macros_create_trigger)-1, builtin_macros_create_trigger);
+
/* Now in directory "/" */
if (cleanup_environment() == FALSE)
else
{
int i, j;
- for (i = 0; i < group_count; i++)
- {
- if (group_list[i] == exim_gid) admin_user = TRUE;
- else if (admin_groups != NULL)
- {
- for (j = 1; j <= (int)(admin_groups[0]); j++)
+ for (i = 0; i < group_count && !admin_user; i++)
+ if (group_list[i] == exim_gid)
+ admin_user = TRUE;
+ else if (admin_groups)
+ for (j = 1; j <= (int)admin_groups[0] && !admin_user; j++)
if (admin_groups[j] == group_list[i])
- { admin_user = TRUE; break; }
- }
- if (admin_user) break;
- }
+ admin_user = TRUE;
}
/* Another group of privileged users are the trusted users. These are root,
{
int i, j;
- if (trusted_users != NULL)
- {
- for (i = 1; i <= (int)(trusted_users[0]); i++)
+ if (trusted_users)
+ for (i = 1; i <= (int)trusted_users[0] && !trusted_caller; i++)
if (trusted_users[i] == real_uid)
- { trusted_caller = TRUE; break; }
- }
+ trusted_caller = TRUE;
- if (!trusted_caller && trusted_groups != NULL)
- {
- for (i = 1; i <= (int)(trusted_groups[0]); i++)
- {
+ if (trusted_groups)
+ for (i = 1; i <= (int)trusted_groups[0] && !trusted_caller; i++)
if (trusted_groups[i] == real_gid)
trusted_caller = TRUE;
- else for (j = 0; j < group_count; j++)
- {
+ else for (j = 0; j < group_count && !trusted_caller; j++)
if (trusted_groups[i] == group_list[j])
- { trusted_caller = TRUE; break; }
- }
- if (trusted_caller) break;
- }
- }
+ trusted_caller = TRUE;
}
+/* At this point, we know if the user is privileged and some command-line
+options become possibly imperssible, depending upon the configuration file. */
+
+if (checking && commandline_checks_require_admin && !admin_user) {
+ fprintf(stderr, "exim: those command-line flags are set to require admin\n");
+ exit(EXIT_FAILURE);
+}
+
/* Handle the decoding of logging options. */
decode_bits(log_selector, log_selector_size, log_notall,
(msg_action_arg < 0 || /* and */
msg_action != MSG_DELIVER) && /* not delivering and */
(!checking || !address_test_mode) /* not address checking */
- )
- ))
- {
+ ) ) )
exim_setugid(exim_uid, exim_gid, TRUE, US"privilege not needed");
- }
/* When we are retaining a privileged uid, we still change to the exim gid. */
there's no security risk. For me, it's { exim -bV } on a just-built binary,
no need to complain then. */
if (rv == -1)
- {
if (!(unprivileged || removed_privilege))
{
fprintf(stderr,
else
DEBUG(D_any) debug_printf("changing group to %ld failed: %s\n",
(long int)exim_gid, strerror(errno));
- }
}
/* Handle a request to scan a file for malware */
else
{
thismessage_size_limit = expand_string_integer(message_size_limit, TRUE);
- if (expand_string_message != NULL)
- {
+ if (expand_string_message)
if (thismessage_size_limit == -1)
log_write(0, LOG_MAIN|LOG_PANIC_DIE, "failed to expand "
"message_size_limit: %s", expand_string_message);
else
log_write(0, LOG_MAIN|LOG_PANIC_DIE, "invalid value for "
"message_size_limit: %s", expand_string_message);
- }
}
/* Loop for several messages when reading SMTP input. If we fork any child
more = receive_msg(extract_recipients);
if (message_id[0] == 0)
{
+ cancel_cutthrough_connection(TRUE, US"receive dropped");
if (more) goto moreloop;
smtp_log_no_mail(); /* Log no mail if configured */
exim_exit(EXIT_FAILURE);
}
else
{
+ cancel_cutthrough_connection(TRUE, US"message setup dropped");
smtp_log_no_mail(); /* Log no mail if configured */
exim_exit((rc == 0)? EXIT_SUCCESS : EXIT_FAILURE);
}
not if queue_only is set (case 0). Case 1 doesn't happen here (too many
connections). */
- if (local_queue_only) switch(queue_only_reason)
+ if (local_queue_only)
{
- case 2:
- log_write(L_delay_delivery,
- LOG_MAIN, "no immediate delivery: more than %d messages "
- "received in one connection", smtp_accept_queue_per_connection);
- break;
+ cancel_cutthrough_connection(TRUE, US"no delivery; queueing");
+ switch(queue_only_reason)
+ {
+ case 2:
+ log_write(L_delay_delivery,
+ LOG_MAIN, "no immediate delivery: more than %d messages "
+ "received in one connection", smtp_accept_queue_per_connection);
+ break;
- case 3:
- log_write(L_delay_delivery,
- LOG_MAIN, "no immediate delivery: load average %.2f",
- (double)load_average/1000.0);
- break;
+ case 3:
+ log_write(L_delay_delivery,
+ LOG_MAIN, "no immediate delivery: load average %.2f",
+ (double)load_average/1000.0);
+ break;
+ }
}
+ else if (queue_only_policy || deliver_freeze)
+ cancel_cutthrough_connection(TRUE, US"no delivery; queueing");
+
/* Else do the delivery unless the ACL or local_scan() called for queue only
or froze the message. Always deliver in a separate process. A fork failure is
not a disaster, as the delivery will eventually happen on a subsequent queue
thereby defer the delivery if it tries to use (for example) a cached ldap
connection that the parent has called unbind on. */
- else if (!queue_only_policy && !deliver_freeze)
+ else
{
pid_t pid;
search_tidyup();
if (geteuid() != root_uid && !deliver_drop_privilege && !unprivileged)
{
- (void)child_exec_exim(CEE_EXEC_EXIT, FALSE, NULL, FALSE,
- 2, US"-Mc", message_id);
+ delivery_re_exec(CEE_EXEC_EXIT);
/* Control does not return here. */
}
if (pid < 0)
{
+ cancel_cutthrough_connection(TRUE, US"delivery fork failed");
log_write(0, LOG_MAIN|LOG_PANIC, "failed to fork automatic delivery "
"process: %s", strerror(errno));
}
+ else
+ {
+ release_cutthrough_connection(US"msg passed for delivery");
- /* In the parent, wait if synchronous delivery is required. This will
- always be the case in MUA wrapper mode. */
+ /* In the parent, wait if synchronous delivery is required. This will
+ always be the case in MUA wrapper mode. */
- else if (synchronous_delivery)
- {
- int status;
- while (wait(&status) != pid);
- if ((status & 0x00ff) != 0)
- log_write(0, LOG_MAIN|LOG_PANIC,
- "process %d crashed with signal %d while delivering %s",
- (int)pid, status & 0x00ff, message_id);
- if (mua_wrapper && (status & 0xffff) != 0) exim_exit(EXIT_FAILURE);
+ if (synchronous_delivery)
+ {
+ int status;
+ while (wait(&status) != pid);
+ if ((status & 0x00ff) != 0)
+ log_write(0, LOG_MAIN|LOG_PANIC,
+ "process %d crashed with signal %d while delivering %s",
+ (int)pid, status & 0x00ff, message_id);
+ if (mua_wrapper && (status & 0xffff) != 0) exim_exit(EXIT_FAILURE);
+ }
}
}