[exim.git] / src / src / lookups / lf_check_file.c

/* $Cambridge: exim/src/src/lookups/lf_check_file.c,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */

/*************************************************
*     Exim - an Internet mail transport agent    *
*************************************************/

/* Copyright (c) University of Cambridge 1995 - 2007 */
/* See the file NOTICE for conditions of use and distribution. */


#include "../exim.h"
#include "lf_functions.h"


/*************************************************
*         Check a file's credentials             *
*************************************************/

/* fstat can normally be expected to work on an open file, but there are some
NFS states where it may not.

Arguments:
  fd         an open file descriptor or -1
  filename   a file name if fd is -1
  s_type     type of file (S_IFREG or S_IFDIR)
  modemask   a mask specifying mode bits that must *not* be set
  owners     NULL or a list of of allowable uids, count in the first item
  owngroups  NULL or a list of allowable gids, count in the first item
  type       name of lookup type for putting in error message
  errmsg     where to put an error message

Returns:     -1 stat() or fstat() failed
              0 OK
             +1 something didn't match

Side effect: sets errno to ERRNO_BADUGID, ERRNO_NOTREGULAR or ERRNO_BADMODE for
             bad uid/gid, not a regular file, or bad mode; otherwise leaves it
             to what fstat set it to.
*/

int
lf_check_file(int fd, uschar *filename, int s_type, int modemask, uid_t *owners,
  gid_t *owngroups, char *type, uschar **errmsg)
{
int i;
struct stat statbuf;

if ((fd >= 0 && fstat(fd, &statbuf) != 0) ||
    (fd  < 0 && Ustat(filename, &statbuf) != 0))
  {
  int save_errno = errno;
  *errmsg = string_sprintf("%s: stat failed", filename);
  errno = save_errno;
  return -1;
  }

if ((statbuf.st_mode & S_IFMT) != s_type)
  {
  if (s_type == S_IFREG)
    {
    *errmsg = string_sprintf("%s is not a regular file (%s lookup)",
      filename, type);
    errno = ERRNO_NOTREGULAR;
    }
  else
    {
    *errmsg = string_sprintf("%s is not a directory (%s lookup)",
      filename, type);
    errno = ERRNO_NOTDIRECTORY;
    }
  return +1;
  }

if ((statbuf.st_mode & modemask) != 0)
  {
  *errmsg = string_sprintf("%s (%s lookup): file mode %.4o should not contain "
    "%.4o", filename, type,  statbuf.st_mode & 07777,
    statbuf.st_mode & modemask);
  errno = ERRNO_BADMODE;
  return +1;
  }

if (owners != NULL)
  {
  BOOL uid_ok = FALSE;
  for (i = 1; i <= (int)owners[0]; i++)
    if (owners[i] == statbuf.st_uid) { uid_ok = TRUE; break; }
  if (!uid_ok)
    {
    *errmsg = string_sprintf("%s (%s lookup): file has wrong owner", filename,
      type);
    errno = ERRNO_BADUGID;
    return +1;
    }
  }

if (owngroups != NULL)
  {
  BOOL gid_ok = FALSE;
  for (i = 1; i <= (int)owngroups[0]; i++)
    if (owngroups[i] == statbuf.st_gid) { gid_ok = TRUE; break; }
  if (!gid_ok)
    {
    *errmsg = string_sprintf("%s (%s lookup): file has wrong group", filename,
      type);
    errno = ERRNO_BADUGID;
    return +1;
    }
  }

return 0;
}

/* End of lf_check_file.c */
Commit	Line	Data
184e8823	1	/* $Cambridge: exim/src/src/lookups/lf_check_file.c,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */
0756eb3c PH	2
	3	/*************************************************
	4	* Exim - an Internet mail transport agent *
	5	*************************************************/
	6
184e8823	7	/* Copyright (c) University of Cambridge 1995 - 2007 */
0756eb3c PH	8	/* See the file NOTICE for conditions of use and distribution. */
	9
	10
	11	#include "../exim.h"
	12	#include "lf_functions.h"
	13
	14
	15
	16	/*************************************************
	17	* Check a file's credentials *
	18	*************************************************/
	19
	20	/* fstat can normally be expected to work on an open file, but there are some
	21	NFS states where it may not.
	22
	23	Arguments:
	24	fd an open file descriptor or -1
	25	filename a file name if fd is -1
	26	s_type type of file (S_IFREG or S_IFDIR)
	27	modemask a mask specifying mode bits that must not be set
	28	owners NULL or a list of of allowable uids, count in the first item
	29	owngroups NULL or a list of allowable gids, count in the first item
	30	type name of lookup type for putting in error message
	31	errmsg where to put an error message
	32
	33	Returns: -1 stat() or fstat() failed
	34	0 OK
	35	+1 something didn't match
	36
	37	Side effect: sets errno to ERRNO_BADUGID, ERRNO_NOTREGULAR or ERRNO_BADMODE for
	38	bad uid/gid, not a regular file, or bad mode; otherwise leaves it
	39	to what fstat set it to.
	40	*/
	41
	42	int
	43	lf_check_file(int fd, uschar filename, int s_type, int modemask, uid_t owners,
	44	gid_t owngroups, char type, uschar **errmsg)
	45	{
	46	int i;
	47	struct stat statbuf;
	48
	49	if ((fd >= 0 && fstat(fd, &statbuf) != 0) \|\|
	50	(fd < 0 && Ustat(filename, &statbuf) != 0))
	51	{
	52	int save_errno = errno;
	53	*errmsg = string_sprintf("%s: stat failed", filename);
	54	errno = save_errno;
	55	return -1;
	56	}
	57
	58	if ((statbuf.st_mode & S_IFMT) != s_type)
	59	{
	60	if (s_type == S_IFREG)
	61	{
	62	*errmsg = string_sprintf("%s is not a regular file (%s lookup)",
	63	filename, type);
	64	errno = ERRNO_NOTREGULAR;
	65	}
	66	else
	67	{
	68	*errmsg = string_sprintf("%s is not a directory (%s lookup)",
	69	filename, type);
	70	errno = ERRNO_NOTDIRECTORY;
	71	}
72	return +1;
73	}
74
75	if ((statbuf.st_mode & modemask) != 0)
76	{
77	*errmsg = string_sprintf("%s (%s lookup): file mode %.4o should not contain "
78	"%.4o", filename, type, statbuf.st_mode & 07777,
79	statbuf.st_mode & modemask);
80	errno = ERRNO_BADMODE;
81	return +1;
82	}
83
84	if (owners != NULL)
85	{
86	BOOL uid_ok = FALSE;
87	for (i = 1; i <= (int)owners[0]; i++)
88	if (owners[i] == statbuf.st_uid) { uid_ok = TRUE; break; }
89	if (!uid_ok)
90	{
91	*errmsg = string_sprintf("%s (%s lookup): file has wrong owner", filename,
92	type);
93	errno = ERRNO_BADUGID;
94	return +1;
95	}
96	}
97
98	if (owngroups != NULL)
99	{
100	BOOL gid_ok = FALSE;
101	for (i = 1; i <= (int)owngroups[0]; i++)
102	if (owngroups[i] == statbuf.st_gid) { gid_ok = TRUE; break; }
103	if (!gid_ok)
104	{
105	*errmsg = string_sprintf("%s (%s lookup): file has wrong group", filename,
106	type);
107	errno = ERRNO_BADUGID;
108	return +1;
109	}
110	}
111
112	return 0;
113	}
114
115	/* End of lf_check_file.c */