X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/c8f419afe4b673ce93b7db07eb3093d8a07afb5f..b10c87b38c2345d15d30da5c18c823355ac506a9:/src/src/exim.c diff --git a/src/src/exim.c b/src/src/exim.c index 8e700f711..1952d91a4 100644 --- a/src/src/exim.c +++ b/src/src/exim.c @@ -473,8 +473,6 @@ return f; } - - /************************************************* * Ensure stdin, stdout, and stderr exist * *************************************************/ @@ -687,6 +685,36 @@ vfprintf(stderr, fmt, ap); exit(EXIT_FAILURE); } +/* exim_chown_failure() called from exim_chown()/exim_fchown() on failure +of chown()/fchown(). See src/functions.h for more explanation */ +int +exim_chown_failure(int fd, const uschar *name, uid_t owner, gid_t group) +{ +int saved_errno = errno; /* from the preceeding chown call */ +#if 1 +log_write(0, LOG_MAIN|LOG_PANIC, + __FILE__ ":%d: chown(%s, %d:%d) failed (%s)." + " Please contact the authors and refer to https://bugs.exim.org/show_bug.cgi?id=2391", + __LINE__, name?name:US"", owner, group, strerror(errno)); +#else +/* I leave this here, commented, in case the "bug"(?) comes up again. + It is not an Exim bug, but we can provide a workaround. + See Bug 2391 + HS 2019-04-18 */ + +struct stat buf; + +if (0 == (fd < 0 ? stat(name, &buf) : fstat(fd, &buf))) +{ + if (buf.st_uid == owner && buf.st_gid == group) return 0; + log_write(0, LOG_MAIN|LOG_PANIC, "Wrong ownership on %s", name); +} +else log_write(0, LOG_MAIN|LOG_PANIC, "Stat failed on %s: %s", name, strerror(errno)); + +#endif +errno = saved_errno; +return -1; +} /************************************************* @@ -903,12 +931,12 @@ fprintf(fp, "Support for:"); #ifdef EXPERIMENTAL_DSN_INFO fprintf(fp, " Experimental_DSN_info"); #endif -#ifdef EXPERIMENTAL_REQUIRETLS - fprintf(fp, " Experimental_REQUIRETLS"); -#endif #ifdef EXPERIMENTAL_PIPE_CONNECT fprintf(fp, " Experimental_PIPE_CONNECT"); #endif +#ifdef EXPERIMENTAL_TLS_RESUME + fprintf(fp, " Experimental_TLS_resume"); +#endif fprintf(fp, "\n"); fprintf(fp, "Lookups (built-in):"); @@ -2710,16 +2738,6 @@ for (i = 1; i < argc; i++) break; } -#if defined(SUPPORT_TLS) && defined(EXPERIMENTAL_REQUIRETLS) - /* -MS set REQUIRETLS on (new) message */ - - else if (*argrest == 'S') - { - tls_requiretls |= REQUIRETLS_MSG; - break; - } -#endif - /* -M[x]: various operations on the following list of message ids: -M deliver the messages, ignoring next retry times and thawing -Mc deliver the messages, checking next retry times, no thawing @@ -4177,6 +4195,7 @@ if (!unprivileged && /* originally had root AND */ else { int rv; + DEBUG(D_any) debug_printf("dropping to exim gid; retaining priv uid\n"); rv = setgid(exim_gid); /* Impact of failure is that some stuff might end up with an incorrect group. We track this for failures from root, since any attempt to change privilege