-/* $Cambridge: exim/src/src/child.c,v 1.2 2004/10/15 13:21:21 ph10 Exp $ */
-
/*************************************************
* Exim - an Internet mail transport agent *
*************************************************/
-/* Copyright (c) University of Cambridge 1995 - 2004 */
+/* Copyright (c) University of Cambridge 1995 - 2015 */
/* See the file NOTICE for conditions of use and distribution. */
force_fd(int oldfd, int newfd)
{
if (oldfd == newfd) return;
-close(newfd);
-dup2(oldfd, newfd);
-close(oldfd);
+(void)close(newfd);
+(void)dup2(oldfd, newfd);
+(void)close(oldfd);
}
-
+#ifndef STAND_ALONE
/*************************************************
* Build argv list and optionally re-exec Exim *
*************************************************/
{
int first_special = -1;
int n = 0;
-int extra = (pcount != NULL)? *pcount : 0;
-uschar **argv =
- store_get((extra + acount + MAX_CLMACROS + 16) * sizeof(char *));
+int extra = pcount ? *pcount : 0;
+uschar **argv;
+
+argv = store_get((extra + acount + MAX_CLMACROS + 18) * sizeof(char *), FALSE);
/* In all case, the list starts out with the path, any macros, and a changed
config file. */
memcpy(argv + n, clmacros, clmacro_count * sizeof(uschar *));
n += clmacro_count;
}
-if (config_changed)
+if (f.config_changed)
{
argv[n++] = US"-C";
argv[n++] = config_main_filename;
if (debug_selector != 0)
argv[n++] = string_sprintf("-d=0x%x", debug_selector);
}
- if (dont_deliver) argv[n++] = US"-N";
- if (queue_smtp) argv[n++] = US"-odqs";
- if (synchronous_delivery) argv[n++] = US"-odi";
+ if (f.dont_deliver) argv[n++] = US"-N";
+ if (f.queue_smtp) argv[n++] = US"-odqs";
+ if (f.synchronous_delivery) argv[n++] = US"-odi";
if (connection_max_messages >= 0)
argv[n++] = string_sprintf("-oB%d", connection_max_messages);
+ if (*queue_name)
+ {
+ argv[n++] = US"-MCG";
+ argv[n++] = queue_name;
+ }
}
/* Now add in any others that are in the call. Remember which they were,
failure. We know that there will always be at least one extra option in the
call when exec() is done here, so it can be used to add to the panic data. */
-DEBUG(D_exec) debug_print_argv(argv);
+DEBUG(D_exec) debug_print_argv(CUSS argv);
exim_nullstd(); /* Make sure std{in,out,err} exist */
execv(CS argv[0], (char *const *)argv);
the pid of the new process, or -1 if things go wrong. If debug_fd is
non-negative, it is passed as stderr.
+This interface is now a just wrapper for the more complicated function
+child_open_exim2(), which has additional arguments. The wrapper must continue
+to exist, even if all calls from within Exim are changed, because it is
+documented for use from local_scan().
+
Argument: fdptr pointer to int for the stdin fd
Returns: pid of the created process or -1 if anything has gone wrong
*/
pid_t
child_open_exim(int *fdptr)
{
+return child_open_exim2(fdptr, US"<>", bounce_sender_authentication);
+}
+
+
+/* This is a more complicated function for creating a child Exim process, with
+more arguments.
+
+Arguments:
+ fdptr pointer to int for the stdin fd
+ sender for a sender address (data for -f)
+ sender_authentication authenticated sender address or NULL
+
+Returns: pid of the created process or -1 if anything has gone wrong
+*/
+
+pid_t
+child_open_exim2(int *fdptr, uschar *sender, uschar *sender_authentication)
+{
int pfd[2];
int save_errno;
pid_t pid;
/* Child process: make the reading end of the pipe into the standard input and
close the writing end. If debugging, pass debug_fd as stderr. Then re-exec
-Exim. Failure is signalled with EX_EXECFAILED, but this shouldn't occur! */
+Exim with appropriate options. In the test harness, use -odi unless queue_only
+is set, so that the bounce is fully delivered before returning. Failure is
+signalled with EX_EXECFAILED (specified by CEE_EXEC_EXIT), but this shouldn't
+occur. */
if (pid == 0)
{
force_fd(pfd[pipe_read], 0);
- close(pfd[pipe_write]);
+ (void)close(pfd[pipe_write]);
if (debug_fd > 0) force_fd(debug_fd, 2);
- if (bounce_sender_authentication != NULL)
- child_exec_exim(CEE_EXEC_EXIT, FALSE, NULL, FALSE, 8,
- US"-t", US"-oem", US"-oi", US"-f", US"<>", US"-oMas",
- bounce_sender_authentication, message_id_option);
- else
- child_exec_exim(CEE_EXEC_EXIT, FALSE, NULL, FALSE, 6,
- US"-t", US"-oem", US"-oi", US"-f", US"<>", message_id_option);
- /* Control does not return here. */
+ if (f.running_in_test_harness && !queue_only)
+ {
+ if (sender_authentication != NULL)
+ child_exec_exim(CEE_EXEC_EXIT, FALSE, NULL, FALSE, 9,
+ US "-odi", US"-t", US"-oem", US"-oi", US"-f", sender, US"-oMas",
+ sender_authentication, message_id_option);
+ else
+ child_exec_exim(CEE_EXEC_EXIT, FALSE, NULL, FALSE, 7,
+ US "-odi", US"-t", US"-oem", US"-oi", US"-f", sender,
+ message_id_option);
+ /* Control does not return here. */
+ }
+ else /* Not test harness */
+ {
+ if (sender_authentication != NULL)
+ child_exec_exim(CEE_EXEC_EXIT, FALSE, NULL, FALSE, 8,
+ US"-t", US"-oem", US"-oi", US"-f", sender, US"-oMas",
+ sender_authentication, message_id_option);
+ else
+ child_exec_exim(CEE_EXEC_EXIT, FALSE, NULL, FALSE, 6,
+ US"-t", US"-oem", US"-oi", US"-f", sender, message_id_option);
+ /* Control does not return here. */
+ }
}
/* Parent process. Save fork() errno and close the reading end of the stdin
pipe. */
save_errno = errno;
-close(pfd[pipe_read]);
+(void)close(pfd[pipe_read]);
/* Fork succeeded */
/* Fork failed */
-close(pfd[pipe_write]);
+(void)close(pfd[pipe_write]);
errno = save_errno;
return (pid_t)(-1);
}
-
+#endif /* STAND_ALONE */
process is placed
wd if not NULL, a path to be handed to chdir() in the new process
make_leader if TRUE, make the new process a process group leader
-
+
Returns: the pid of the created process or -1 if anything has gone wrong
*/
pid_t
-child_open_uid(uschar **argv, uschar **envp, int newumask, uid_t *newuid,
- gid_t *newgid, int *infdptr, int *outfdptr, uschar *wd, BOOL make_leader)
+child_open_uid(const uschar **argv, const uschar **envp, int newumask,
+ uid_t *newuid, gid_t *newgid, int *infdptr, int *outfdptr, uschar *wd,
+ BOOL make_leader)
{
int save_errno;
int inpfd[2], outpfd[2];
if (pipe(inpfd) != 0) return (pid_t)(-1);
if (pipe(outpfd) != 0)
{
- close(inpfd[pipe_read]);
- close(inpfd[pipe_write]);
+ (void)close(inpfd[pipe_read]);
+ (void)close(inpfd[pipe_write]);
return (pid_t)(-1);
}
oldsignal = signal(SIGCHLD, SIG_DFL);
pid = fork();
-/* The child process becomes a process group leader if requested, and then
-organizes the pipes. Any unexpected failure is signalled with EX_EXECFAILED;
-these are all "should never occur" failures, except perhaps for exec failing
-because the command doesn't exist. */
+/* Handle the child process. First, set the required environment. We must do
+this before messing with the pipes, in order to be able to write debugging
+output when things go wrong. */
if (pid == 0)
{
- if (make_leader && setpgid(0,0) < 0) goto CHILD_FAILED;
+ signal(SIGUSR1, SIG_IGN);
+ signal(SIGPIPE, SIG_DFL);
- close(inpfd[pipe_write]);
- force_fd(inpfd[pipe_read], 0);
+ if (newgid != NULL && setgid(*newgid) < 0)
+ {
+ DEBUG(D_any) debug_printf("failed to set gid=%ld in subprocess: %s\n",
+ (long int)(*newgid), strerror(errno));
+ goto CHILD_FAILED;
+ }
- close(outpfd[pipe_read]);
- force_fd(outpfd[pipe_write], 1);
+ if (newuid != NULL && setuid(*newuid) < 0)
+ {
+ DEBUG(D_any) debug_printf("failed to set uid=%ld in subprocess: %s\n",
+ (long int)(*newuid), strerror(errno));
+ goto CHILD_FAILED;
+ }
+
+ (void)umask(newumask);
- close(2);
- dup2(1, 2);
+ if (wd != NULL && Uchdir(wd) < 0)
+ {
+ DEBUG(D_any) debug_printf("failed to chdir to %s: %s\n", wd,
+ strerror(errno));
+ goto CHILD_FAILED;
+ }
- /* Set the required environment. */
+ /* Becomes a process group leader if requested, and then organize the pipes.
+ Any unexpected failure is signalled with EX_EXECFAILED; these are all "should
+ never occur" failures, except for exec failing because the command doesn't
+ exist. */
- signal(SIGUSR1, SIG_IGN);
- if (newgid != NULL && setgid(*newgid) < 0) goto CHILD_FAILED;
- if (newuid != NULL && setuid(*newuid) < 0) goto CHILD_FAILED;
- (void)umask(newumask);
+ if (make_leader && setpgid(0,0) < 0)
+ {
+ DEBUG(D_any) debug_printf("failed to set group leader in subprocess: %s\n",
+ strerror(errno));
+ goto CHILD_FAILED;
+ }
- /* Set the working directory if required */
+ (void)close(inpfd[pipe_write]);
+ force_fd(inpfd[pipe_read], 0);
+
+ (void)close(outpfd[pipe_read]);
+ force_fd(outpfd[pipe_write], 1);
- if (wd != NULL && Uchdir(wd) < 0) goto CHILD_FAILED;
+ (void)close(2);
+ (void)dup2(1, 2);
/* Now do the exec */
if (envp == NULL) execv(CS argv[0], (char *const *)argv);
- else execve(CS argv[0], (char *const *)argv, (char *const *)envp);
+ else execve(CS argv[0], (char *const *)argv, (char *const *)envp);
/* Failed to execv. Signal this failure using EX_EXECFAILED. We are
losing the actual errno we got back, because there is no way to return
- this. */
+ this information. */
CHILD_FAILED:
_exit(EX_EXECFAILED); /* Note: must be _exit(), NOT exit() */
stdin pipe, and the writing end of the stdout pipe. */
save_errno = errno;
-close(inpfd[pipe_read]);
-close(outpfd[pipe_write]);
+(void)close(inpfd[pipe_read]);
+(void)close(outpfd[pipe_write]);
/* Fork succeeded; return the input/output pipes and the pid */
/* Fork failed; reset fork errno before returning */
-close(inpfd[pipe_write]);
-close(outpfd[pipe_read]);
+(void)close(inpfd[pipe_write]);
+(void)close(outpfd[pipe_read]);
errno = save_errno;
return (pid_t)(-1);
}
child_open(uschar **argv, uschar **envp, int newumask, int *infdptr,
int *outfdptr, BOOL make_leader)
{
-return child_open_uid(argv, envp, newumask, NULL, NULL, infdptr, outfdptr,
- NULL, make_leader);
+return child_open_uid(CUSS argv, CUSS envp, newumask, NULL, NULL,
+ infdptr, outfdptr, NULL, make_leader);
}
if (timeout > 0)
{
sigalrm_seen = FALSE;
- alarm(timeout);
+ ALARM(timeout);
}
for(;;)
if (rc == pid)
{
int lowbyte = status & 255;
- if (lowbyte == 0) yield = (status >> 8) & 255;
- else yield = -lowbyte;
+ yield = lowbyte == 0 ? (status >> 8) & 255 : -lowbyte;
break;
}
if (rc < 0)
{
- yield = (errno == EINTR && sigalrm_seen)? -256 : -257;
+ /* This "shouldn't happen" test does happen on MacOS: for some reason
+ I do not understand we seems to get an alarm signal despite not having
+ an active alarm set. There seems to be only one, so just go round again. */
+
+ if (errno == EINTR && sigalrm_seen && timeout <= 0) continue;
+
+ yield = (errno == EINTR && sigalrm_seen) ? -256 : -257;
break;
}
}
-if (timeout > 0) alarm(0);
+if (timeout > 0) ALARM_CLR(0);
signal(SIGCHLD, oldsignal); /* restore */
return yield;