-/* $Cambridge: exim/src/src/child.c,v 1.3 2005/01/04 10:00:42 ph10 Exp $ */
-
/*************************************************
* Exim - an Internet mail transport agent *
*************************************************/
-/* Copyright (c) University of Cambridge 1995 - 2005 */
+/* Copyright (c) University of Cambridge 1995 - 2015 */
/* See the file NOTICE for conditions of use and distribution. */
static void (*oldsignal)(int);
+#if defined(SUPPORT_TLS) && defined(EXPERIMENTAL_REQUIRETLS)
+static uschar tls_requiretls_copy = 0;
+#endif
+
/*************************************************
* Ensure an fd has a given value *
force_fd(int oldfd, int newfd)
{
if (oldfd == newfd) return;
-close(newfd);
-dup2(oldfd, newfd);
-close(oldfd);
+(void)close(newfd);
+(void)dup2(oldfd, newfd);
+(void)close(oldfd);
}
-
+#ifndef STAND_ALONE
/*************************************************
* Build argv list and optionally re-exec Exim *
*************************************************/
{
int first_special = -1;
int n = 0;
-int extra = (pcount != NULL)? *pcount : 0;
-uschar **argv =
- store_get((extra + acount + MAX_CLMACROS + 16) * sizeof(char *));
+int extra = pcount ? *pcount : 0;
+uschar **argv;
+
+#if defined(SUPPORT_TLS) && defined(EXPERIMENTAL_REQUIRETLS)
+if (tls_requiretls) extra++;
+#endif
+
+argv = store_get((extra + acount + MAX_CLMACROS + 18) * sizeof(char *));
/* In all case, the list starts out with the path, any macros, and a changed
config file. */
memcpy(argv + n, clmacros, clmacro_count * sizeof(uschar *));
n += clmacro_count;
}
-if (config_changed)
+if (f.config_changed)
{
argv[n++] = US"-C";
argv[n++] = config_main_filename;
if (debug_selector != 0)
argv[n++] = string_sprintf("-d=0x%x", debug_selector);
}
- if (dont_deliver) argv[n++] = US"-N";
- if (queue_smtp) argv[n++] = US"-odqs";
- if (synchronous_delivery) argv[n++] = US"-odi";
+ if (f.dont_deliver) argv[n++] = US"-N";
+ if (f.queue_smtp) argv[n++] = US"-odqs";
+ if (f.synchronous_delivery) argv[n++] = US"-odi";
if (connection_max_messages >= 0)
argv[n++] = string_sprintf("-oB%d", connection_max_messages);
+ if (*queue_name)
+ {
+ argv[n++] = US"-MCG";
+ argv[n++] = queue_name;
+ }
}
+#if defined(SUPPORT_TLS) && defined(EXPERIMENTAL_REQUIRETLS)
+if (tls_requiretls_copy & REQUIRETLS_MSG)
+ argv[n++] = US"-MS";
+#endif
+
/* Now add in any others that are in the call. Remember which they were,
for more helpful diagnosis on failure. */
failure. We know that there will always be at least one extra option in the
call when exec() is done here, so it can be used to add to the panic data. */
-DEBUG(D_exec) debug_print_argv(argv);
+DEBUG(D_exec) debug_print_argv(CUSS argv);
exim_nullstd(); /* Make sure std{in,out,err} exist */
execv(CS argv[0], (char *const *)argv);
the pid of the new process, or -1 if things go wrong. If debug_fd is
non-negative, it is passed as stderr.
+This interface is now a just wrapper for the more complicated function
+child_open_exim2(), which has additional arguments. The wrapper must continue
+to exist, even if all calls from within Exim are changed, because it is
+documented for use from local_scan().
+
Argument: fdptr pointer to int for the stdin fd
Returns: pid of the created process or -1 if anything has gone wrong
*/
pid_t
child_open_exim(int *fdptr)
{
+return child_open_exim2(fdptr, US"<>", bounce_sender_authentication);
+}
+
+
+/* This is a more complicated function for creating a child Exim process, with
+more arguments.
+
+Arguments:
+ fdptr pointer to int for the stdin fd
+ sender for a sender address (data for -f)
+ sender_authentication authenticated sender address or NULL
+
+Returns: pid of the created process or -1 if anything has gone wrong
+*/
+
+pid_t
+child_open_exim2(int *fdptr, uschar *sender, uschar *sender_authentication)
+{
int pfd[2];
int save_errno;
pid_t pid;
/* Child process: make the reading end of the pipe into the standard input and
close the writing end. If debugging, pass debug_fd as stderr. Then re-exec
-Exim. Failure is signalled with EX_EXECFAILED, but this shouldn't occur! */
+Exim with appropriate options. In the test harness, use -odi unless queue_only
+is set, so that the bounce is fully delivered before returning. Failure is
+signalled with EX_EXECFAILED (specified by CEE_EXEC_EXIT), but this shouldn't
+occur. */
if (pid == 0)
{
+#if defined(SUPPORT_TLS) && defined(EXPERIMENTAL_REQUIRETLS)
+ tls_requiretls_copy = tls_requiretls;
+#endif
force_fd(pfd[pipe_read], 0);
- close(pfd[pipe_write]);
+ (void)close(pfd[pipe_write]);
if (debug_fd > 0) force_fd(debug_fd, 2);
- if (bounce_sender_authentication != NULL)
- child_exec_exim(CEE_EXEC_EXIT, FALSE, NULL, FALSE, 8,
- US"-t", US"-oem", US"-oi", US"-f", US"<>", US"-oMas",
- bounce_sender_authentication, message_id_option);
- else
- child_exec_exim(CEE_EXEC_EXIT, FALSE, NULL, FALSE, 6,
- US"-t", US"-oem", US"-oi", US"-f", US"<>", message_id_option);
- /* Control does not return here. */
+ if (f.running_in_test_harness && !queue_only)
+ {
+ if (sender_authentication != NULL)
+ child_exec_exim(CEE_EXEC_EXIT, FALSE, NULL, FALSE, 9,
+ US "-odi", US"-t", US"-oem", US"-oi", US"-f", sender, US"-oMas",
+ sender_authentication, message_id_option);
+ else
+ child_exec_exim(CEE_EXEC_EXIT, FALSE, NULL, FALSE, 7,
+ US "-odi", US"-t", US"-oem", US"-oi", US"-f", sender,
+ message_id_option);
+ /* Control does not return here. */
+ }
+ else /* Not test harness */
+ {
+ if (sender_authentication != NULL)
+ child_exec_exim(CEE_EXEC_EXIT, FALSE, NULL, FALSE, 8,
+ US"-t", US"-oem", US"-oi", US"-f", sender, US"-oMas",
+ sender_authentication, message_id_option);
+ else
+ child_exec_exim(CEE_EXEC_EXIT, FALSE, NULL, FALSE, 6,
+ US"-t", US"-oem", US"-oi", US"-f", sender, message_id_option);
+ /* Control does not return here. */
+ }
}
/* Parent process. Save fork() errno and close the reading end of the stdin
pipe. */
save_errno = errno;
-close(pfd[pipe_read]);
+(void)close(pfd[pipe_read]);
/* Fork succeeded */
/* Fork failed */
-close(pfd[pipe_write]);
+(void)close(pfd[pipe_write]);
errno = save_errno;
return (pid_t)(-1);
}
-
+#endif /* STAND_ALONE */
process is placed
wd if not NULL, a path to be handed to chdir() in the new process
make_leader if TRUE, make the new process a process group leader
-
+
Returns: the pid of the created process or -1 if anything has gone wrong
*/
pid_t
-child_open_uid(uschar **argv, uschar **envp, int newumask, uid_t *newuid,
- gid_t *newgid, int *infdptr, int *outfdptr, uschar *wd, BOOL make_leader)
+child_open_uid(const uschar **argv, const uschar **envp, int newumask,
+ uid_t *newuid, gid_t *newgid, int *infdptr, int *outfdptr, uschar *wd,
+ BOOL make_leader)
{
int save_errno;
int inpfd[2], outpfd[2];
if (pipe(inpfd) != 0) return (pid_t)(-1);
if (pipe(outpfd) != 0)
{
- close(inpfd[pipe_read]);
- close(inpfd[pipe_write]);
+ (void)close(inpfd[pipe_read]);
+ (void)close(inpfd[pipe_write]);
return (pid_t)(-1);
}
oldsignal = signal(SIGCHLD, SIG_DFL);
pid = fork();
-/* The child process becomes a process group leader if requested, and then
-organizes the pipes. Any unexpected failure is signalled with EX_EXECFAILED;
-these are all "should never occur" failures, except perhaps for exec failing
-because the command doesn't exist. */
+/* Handle the child process. First, set the required environment. We must do
+this before messing with the pipes, in order to be able to write debugging
+output when things go wrong. */
if (pid == 0)
{
- if (make_leader && setpgid(0,0) < 0) goto CHILD_FAILED;
+ signal(SIGUSR1, SIG_IGN);
+ signal(SIGPIPE, SIG_DFL);
- close(inpfd[pipe_write]);
- force_fd(inpfd[pipe_read], 0);
+ if (newgid != NULL && setgid(*newgid) < 0)
+ {
+ DEBUG(D_any) debug_printf("failed to set gid=%ld in subprocess: %s\n",
+ (long int)(*newgid), strerror(errno));
+ goto CHILD_FAILED;
+ }
- close(outpfd[pipe_read]);
- force_fd(outpfd[pipe_write], 1);
+ if (newuid != NULL && setuid(*newuid) < 0)
+ {
+ DEBUG(D_any) debug_printf("failed to set uid=%ld in subprocess: %s\n",
+ (long int)(*newuid), strerror(errno));
+ goto CHILD_FAILED;
+ }
- close(2);
- dup2(1, 2);
+ (void)umask(newumask);
- /* Set the required environment. */
+ if (wd != NULL && Uchdir(wd) < 0)
+ {
+ DEBUG(D_any) debug_printf("failed to chdir to %s: %s\n", wd,
+ strerror(errno));
+ goto CHILD_FAILED;
+ }
- signal(SIGUSR1, SIG_IGN);
- if (newgid != NULL && setgid(*newgid) < 0) goto CHILD_FAILED;
- if (newuid != NULL && setuid(*newuid) < 0) goto CHILD_FAILED;
- (void)umask(newumask);
+ /* Becomes a process group leader if requested, and then organize the pipes.
+ Any unexpected failure is signalled with EX_EXECFAILED; these are all "should
+ never occur" failures, except for exec failing because the command doesn't
+ exist. */
- /* Set the working directory if required */
+ if (make_leader && setpgid(0,0) < 0)
+ {
+ DEBUG(D_any) debug_printf("failed to set group leader in subprocess: %s\n",
+ strerror(errno));
+ goto CHILD_FAILED;
+ }
- if (wd != NULL && Uchdir(wd) < 0) goto CHILD_FAILED;
+ (void)close(inpfd[pipe_write]);
+ force_fd(inpfd[pipe_read], 0);
+
+ (void)close(outpfd[pipe_read]);
+ force_fd(outpfd[pipe_write], 1);
+
+ (void)close(2);
+ (void)dup2(1, 2);
/* Now do the exec */
if (envp == NULL) execv(CS argv[0], (char *const *)argv);
- else execve(CS argv[0], (char *const *)argv, (char *const *)envp);
+ else execve(CS argv[0], (char *const *)argv, (char *const *)envp);
/* Failed to execv. Signal this failure using EX_EXECFAILED. We are
losing the actual errno we got back, because there is no way to return
- this. */
+ this information. */
CHILD_FAILED:
_exit(EX_EXECFAILED); /* Note: must be _exit(), NOT exit() */
stdin pipe, and the writing end of the stdout pipe. */
save_errno = errno;
-close(inpfd[pipe_read]);
-close(outpfd[pipe_write]);
+(void)close(inpfd[pipe_read]);
+(void)close(outpfd[pipe_write]);
/* Fork succeeded; return the input/output pipes and the pid */
/* Fork failed; reset fork errno before returning */
-close(inpfd[pipe_write]);
-close(outpfd[pipe_read]);
+(void)close(inpfd[pipe_write]);
+(void)close(outpfd[pipe_read]);
errno = save_errno;
return (pid_t)(-1);
}
child_open(uschar **argv, uschar **envp, int newumask, int *infdptr,
int *outfdptr, BOOL make_leader)
{
-return child_open_uid(argv, envp, newumask, NULL, NULL, infdptr, outfdptr,
- NULL, make_leader);
+return child_open_uid(CUSS argv, CUSS envp, newumask, NULL, NULL,
+ infdptr, outfdptr, NULL, make_leader);
}
if (timeout > 0)
{
sigalrm_seen = FALSE;
- alarm(timeout);
+ ALARM(timeout);
}
for(;;)
if (rc == pid)
{
int lowbyte = status & 255;
- if (lowbyte == 0) yield = (status >> 8) & 255;
- else yield = -lowbyte;
+ yield = lowbyte == 0 ? (status >> 8) & 255 : -lowbyte;
break;
}
if (rc < 0)
{
- yield = (errno == EINTR && sigalrm_seen)? -256 : -257;
+ /* This "shouldn't happen" test does happen on MacOS: for some reason
+ I do not understand we seems to get an alarm signal despite not having
+ an active alarm set. There seems to be only one, so just go round again. */
+
+ if (errno == EINTR && sigalrm_seen && timeout <= 0) continue;
+
+ yield = (errno == EINTR && sigalrm_seen) ? -256 : -257;
break;
}
}
-if (timeout > 0) alarm(0);
+if (timeout > 0) ALARM_CLR(0);
signal(SIGCHLD, oldsignal); /* restore */
return yield;