-/* $Cambridge: exim/src/src/buildconfig.c,v 1.9 2005/06/17 13:52:15 ph10 Exp $ */
-
/*************************************************
* Exim - an Internet mail transport agent *
*************************************************/
-/* Copyright (c) University of Cambridge 1995 - 2005 */
+/* Copyright (c) University of Cambridge 1995 - 2012 */
/* See the file NOTICE for conditions of use and distribution. */
#include <grp.h>
typedef struct {
- char *name;
+ const char *name;
int *flag;
} have_item;
typedef struct {
- char *name;
+ const char *name;
char *data;
} save_item;
-static char *db_opts[] = { "", "USE_DB", "USE_GDBM", "USE_TDB" };
+static const char *db_opts[] = { "", "USE_DB", "USE_GDBM", "USE_TDB" };
static int have_ipv6 = 0;
static int have_iconv = 0;
{
off_t test_off_t = 0;
time_t test_time_t = 0;
+#if ! (__STDC_VERSION__ >= 199901L)
+size_t test_size_t = 0;
+ssize_t test_ssize_t = 0;
+unsigned long test_ulong_t = 0L;
+#endif
+long test_long_t = 0;
FILE *base;
FILE *new;
int last_initial = 'A';
This assumption is known to be OK for the common operating systems. */
fprintf(new, "#ifndef OFF_T_FMT\n");
-if (sizeof(test_off_t) > 4)
+if (sizeof(test_off_t) > sizeof(test_long_t))
{
fprintf(new, "#define OFF_T_FMT \"%%lld\"\n");
fprintf(new, "#define LONGLONG_T long long int\n");
off_t. */
fprintf(new, "#ifndef TIME_T_FMT\n");
-if (sizeof(test_time_t) > 4)
+if (sizeof(test_time_t) > sizeof(test_long_t))
{
fprintf(new, "#define TIME_T_FMT \"%%lld\"\n");
fprintf(new, "#undef LONGLONG_T\n");
}
fprintf(new, "#endif\n\n");
+/* And for sizeof() results, size_t, which should with C99 be just %zu, deal
+with C99 not being ubiquitous yet. Unfortunately. Assume ssize_t is same
+size as size_t on C99; if someone comes up with a version where it's not, fix
+it then. */
+
+#if __STDC_VERSION__ >= 199901L
+fprintf(new, "#define SIZE_T_FMT \"%%zu\"\n");
+fprintf(new, "#define SSIZE_T_FMT \"%%zd\"\n");
+#else
+if (sizeof(test_size_t) > sizeof (test_ulong_t))
+ fprintf(new, "#define SIZE_T_FMT \"%%llu\"\n");
+else
+ fprintf(new, "#define SIZE_T_FMT \"%%lu\"\n");
+if (sizeof(test_ssize_t) > sizeof(test_long_t))
+ fprintf(new, "#define SSIZE_T_FMT \"%%lld\"\n");
+else
+ fprintf(new, "#define SSIZE_T_FMT \"%%ld\"\n");
+#endif
+
/* Now search the makefile for certain settings */
base = fopen("Makefile", "rb");
if (base == NULL)
{
printf("*** Buildconfig: failed to open Makefile\n");
- fclose(new);
+ (void)fclose(new);
exit(1);
}
if (errno_quota[0] != 0)
fprintf(new, "\n#define ERRNO_QUOTA %s\n", errno_quota);
-if (strcmp(cc, "gcc") == 0 && strstr(ostype, "IRIX") != NULL)
+if (strcmp(cc, "gcc") == 0 &&
+ (strstr(ostype, "IRIX") != NULL || strstr(ostype, "AIX") != NULL))
{
fprintf(new, "\n/* This switch includes the code to fix the inet_ntoa() */");
- fprintf(new, "\n/* bug when using gcc on an IRIX system. */");
+ fprintf(new, "\n/* bug when using gcc on an IRIX or AIX system. */");
fprintf(new, "\n#define USE_INET_NTOA_FIX");
}
fprintf(new, "\n");
-fclose(base);
+(void)fclose(base);
/* Now handle the macros listed in the defaults */
if (base == NULL)
{
printf("*** Buildconfig: failed to open ../src/config.h.defaults\n");
- fclose(new);
+ (void)fclose(new);
exit(1);
}
while (*p == ' ' || *p == '\t') p++;
+ if (strncmp(p, "#ifdef ", 7) == 0
+ || strncmp(p, "#ifndef ", 8) == 0
+ || strncmp(p, "#if ", 4) == 0
+ || strncmp(p, "#endif", 6) == 0
+ )
+ {
+ fputs(buffer, new);
+ continue;
+ }
+
if (strncmp(p, "#define ", 8) != 0) continue;
p += 8;
uid_t uid = 0;
gid_t gid = 0;
int gid_set = 0;
+ int uid_not_set = 0;
char *username = NULL;
char *groupname = NULL;
char *s;
while (isspace(*user)) user++;
username = user;
gid_set = 1;
+ uid_not_set = 1;
}
else
return 1;
}
+ /* security sanity checks
+ if ref: is being used, we can never be sure, but we can take reasonable
+ steps to filter out the most obvious ones. */
+
+ if ((!uid_not_set && uid == 0) ||
+ ((username != NULL) && (
+ (strcmp(username, "root") == 0) ||
+ (strcmp(username, "toor") == 0) )))
+ {
+ printf("\n*** Exim's internal user must not be root.\n\n");
+ return 1;
+ }
+
/* Output user and group names or uid/gid. When names are set, uid/gid
are set to zero but will be replaced at runtime. */
int isgroup = name[10] == 'G';
uid_t uid = 0;
gid_t gid = 0;
- char *s;
- char *username = NULL;
- char *user = getenv(name);
+ const char *s;
+ const char *username = NULL;
+ const char *user = getenv(name);
if (user == NULL) user = "";
while (isspace((unsigned char)(*user))) user++;
while (isspace(*user)) user++;
username = user;
}
-
- else if (isgroup)
+else if (isgroup)
{
struct group *gr = getgrnam(user);
if (gr == NULL)
{
char *wcs = getenv("WITH_CONTENT_SCAN");
char *wod = getenv("WITH_OLD_DEMIME");
- if (wcs != NULL || wod != NULL)
+ char *dcc = getenv("EXPERIMENTAL_DCC");
+ if (wcs != NULL || wod != NULL || dcc != NULL)
fprintf(new, "#define WITH_CONTENT_SCAN yes\n");
else fprintf(new, "/* WITH_CONTENT_SCAN not set */\n");
continue;
}
+ /* DISABLE_DKIM is special; must be forced if no SUPPORT_TLS */
+ if (strcmp(name, "DISABLE_DKIM") == 0)
+ {
+ char *d_dkim = getenv("DISABLE_DKIM");
+ char *tls = getenv("SUPPORT_TLS");
+
+ if (d_dkim)
+ fprintf(new, "#define DISABLE_DKIM yes\n");
+ else if (!tls)
+ fprintf(new, "#define DISABLE_DKIM yes /* forced by lack of TLS */\n");
+ else
+ fprintf(new, "/* DISABLE_DKIM not set */\n");
+ continue;
+ }
+
/* Otherwise, check whether a value exists in the environment. Remember if
it is an AUTH setting or SUPPORT_CRYPTEQ. */
fprintf(new, "\"%s\"\n", value);
}
- /* Timezone values and HEADERS_CHARSET get quoted */
+ /* Timezone values HEADERS_CHARSET, TCP_WRAPPERS_DAEMON_NAME and
+ WHITELIST_D_MACROS get quoted */
else if (strcmp(name, "TIMEZONE_DEFAULT") == 0||
- strcmp(name, "HEADERS_CHARSET") == 0)
+ strcmp(name, "TCP_WRAPPERS_DAEMON_NAME") == 0||
+ strcmp(name, "HEADERS_CHARSET") == 0||
+ strcmp(name, "WHITELIST_D_MACROS") == 0)
fprintf(new, "\"%s\"\n", value);
+ /* GnuTLS constants; first is for debugging, others are tuning */
+
+ /* less than 0 is not-active; 0-9 are normal, API suggests higher
+ taken without problems */
+ else if (strcmp(name, "EXIM_GNUTLS_LIBRARY_LOG_LEVEL") == 0)
+ {
+ long nv;
+ char *end;
+ nv = strtol(value, &end, 10);
+ if (end != value && *end == '\0' && nv >= -1 && nv <= 100)
+ {
+ fprintf(new, "%s\n", value);
+ }
+ else
+ {
+ printf("Value of %s should be -1..9\n", name);
+ return 1;
+ }
+ }
+
+ /* how many bits Exim, as a client, demands must be in D-H */
+ /* 1024 is a historical figure; some sites actually use lower, so we
+ permit the value to be lowered "dangerously" low, but not "insanely"
+ low. Though actually, 1024 is becoming "dangerous". */
+ else if ((strcmp(name, "EXIM_CLIENT_DH_MIN_MIN_BITS") == 0) ||
+ (strcmp(name, "EXIM_CLIENT_DH_DEFAULT_MIN_BITS") == 0) ||
+ (strcmp(name, "EXIM_SERVER_DH_BITS_PRE2_12") == 0))
+ {
+ long nv;
+ char *end;
+ nv = strtol(value, &end, 10);
+ if (end != value && *end == '\0' && nv >= 512 && nv < 500000)
+ {
+ fprintf(new, "%s\n", value);
+ }
+ else
+ {
+ printf("Unreasonable value (%s) of \"%s\".\n", value, name);
+ return 1;
+ }
+ }
+
/* For others, quote any paths and don't quote anything else */
else
}
}
-fclose(base);
+(void)fclose(base);
/* If any AUTH macros were defined, ensure that SUPPORT_CRYPTEQ is also
defined. */
/* End off */
fprintf(new, "\n/* End of config.h */\n");
-fclose(new);
+(void)fclose(new);
return 0;
}