X-Git-Url: https://vcs.fsf.org/?p=exim.git;a=blobdiff_plain;f=src%2Fsrc%2Fchild.c;h=e67f76666c61226318f422ab70e71c9e633fe2e1;hp=cf426e465001b75b803978b3d19c165fb35938a0;hb=5977a0b30ed5509ec131bbc2e7d2a3f44e3a692e;hpb=b668c215565aa08fe21c3d637c9868b1b8a649ce diff --git a/src/src/child.c b/src/src/child.c index cf426e465..e67f76666 100644 --- a/src/src/child.c +++ b/src/src/child.c @@ -1,10 +1,10 @@ -/* $Cambridge: exim/src/src/child.c,v 1.2 2004/10/15 13:21:21 ph10 Exp $ */ +/* $Cambridge: exim/src/src/child.c,v 1.9 2006/02/14 10:26:27 ph10 Exp $ */ /************************************************* * Exim - an Internet mail transport agent * *************************************************/ -/* Copyright (c) University of Cambridge 1995 - 2004 */ +/* Copyright (c) University of Cambridge 1995 - 2006 */ /* See the file NOTICE for conditions of use and distribution. */ @@ -32,13 +32,13 @@ static void force_fd(int oldfd, int newfd) { if (oldfd == newfd) return; -close(newfd); -dup2(oldfd, newfd); -close(oldfd); +(void)close(newfd); +(void)dup2(oldfd, newfd); +(void)close(oldfd); } - +#ifndef STAND_ALONE /************************************************* * Build argv list and optionally re-exec Exim * *************************************************/ @@ -174,6 +174,11 @@ the new process, and returns that to the caller via fdptr. The function returns the pid of the new process, or -1 if things go wrong. If debug_fd is non-negative, it is passed as stderr. +This interface is now a just wrapper for the more complicated function +child_open_exim2(), which has additional arguments. The wrapper must continue +to exist, even if all calls from within Exim are changed, because it is +documented for use from local_scan(). + Argument: fdptr pointer to int for the stdin fd Returns: pid of the created process or -1 if anything has gone wrong */ @@ -181,6 +186,24 @@ Returns: pid of the created process or -1 if anything has gone wrong pid_t child_open_exim(int *fdptr) { +return child_open_exim2(fdptr, US"<>", bounce_sender_authentication); +} + + +/* This is a more complicated function for creating a child Exim process, with +more arguments. + +Arguments: + fdptr pointer to int for the stdin fd + sender for a sender address (data for -f) + sender_authentication authenticated sender address or NULL + +Returns: pid of the created process or -1 if anything has gone wrong +*/ + +pid_t +child_open_exim2(int *fdptr, uschar *sender, uschar *sender_authentication) +{ int pfd[2]; int save_errno; pid_t pid; @@ -201,15 +224,15 @@ Exim. Failure is signalled with EX_EXECFAILED, but this shouldn't occur! */ if (pid == 0) { force_fd(pfd[pipe_read], 0); - close(pfd[pipe_write]); + (void)close(pfd[pipe_write]); if (debug_fd > 0) force_fd(debug_fd, 2); - if (bounce_sender_authentication != NULL) + if (sender_authentication != NULL) child_exec_exim(CEE_EXEC_EXIT, FALSE, NULL, FALSE, 8, - US"-t", US"-oem", US"-oi", US"-f", US"<>", US"-oMas", - bounce_sender_authentication, message_id_option); + US"-t", US"-oem", US"-oi", US"-f", sender, US"-oMas", + sender_authentication, message_id_option); else child_exec_exim(CEE_EXEC_EXIT, FALSE, NULL, FALSE, 6, - US"-t", US"-oem", US"-oi", US"-f", US"<>", message_id_option); + US"-t", US"-oem", US"-oi", US"-f", sender, message_id_option); /* Control does not return here. */ } @@ -217,7 +240,7 @@ if (pid == 0) pipe. */ save_errno = errno; -close(pfd[pipe_read]); +(void)close(pfd[pipe_read]); /* Fork succeeded */ @@ -229,11 +252,11 @@ if (pid > 0) /* Fork failed */ -close(pfd[pipe_write]); +(void)close(pfd[pipe_write]); errno = save_errno; return (pid_t)(-1); } - +#endif @@ -263,7 +286,7 @@ Arguments: process is placed wd if not NULL, a path to be handed to chdir() in the new process make_leader if TRUE, make the new process a process group leader - + Returns: the pid of the created process or -1 if anything has gone wrong */ @@ -280,8 +303,8 @@ pid_t pid; if (pipe(inpfd) != 0) return (pid_t)(-1); if (pipe(outpfd) != 0) { - close(inpfd[pipe_read]); - close(inpfd[pipe_write]); + (void)close(inpfd[pipe_read]); + (void)close(inpfd[pipe_write]); return (pid_t)(-1); } @@ -292,34 +315,57 @@ otherwise. Save the old state for resetting on the wait. */ oldsignal = signal(SIGCHLD, SIG_DFL); pid = fork(); -/* The child process becomes a process group leader if requested, and then -organizes the pipes. Any unexpected failure is signalled with EX_EXECFAILED; -these are all "should never occur" failures, except perhaps for exec failing -because the command doesn't exist. */ +/* Handle the child process. First, set the required environment. We must do +this before messing with the pipes, in order to be able to write debugging +output when things go wrong. */ if (pid == 0) { - if (make_leader && setpgid(0,0) < 0) goto CHILD_FAILED; + signal(SIGUSR1, SIG_IGN); - close(inpfd[pipe_write]); - force_fd(inpfd[pipe_read], 0); + if (newgid != NULL && setgid(*newgid) < 0) + { + DEBUG(D_any) debug_printf("failed to set gid=%ld in subprocess: %s\n", + (long int)(*newgid), strerror(errno)); + goto CHILD_FAILED; + } - close(outpfd[pipe_read]); - force_fd(outpfd[pipe_write], 1); + if (newuid != NULL && setuid(*newuid) < 0) + { + DEBUG(D_any) debug_printf("failed to set uid=%ld in subprocess: %s\n", + (long int)(*newuid), strerror(errno)); + goto CHILD_FAILED; + } + + (void)umask(newumask); + + if (wd != NULL && Uchdir(wd) < 0) + { + DEBUG(D_any) debug_printf("failed to chdir to %s: %s\n", wd, + strerror(errno)); + goto CHILD_FAILED; + } - close(2); - dup2(1, 2); + /* Becomes a process group leader if requested, and then organize the pipes. + Any unexpected failure is signalled with EX_EXECFAILED; these are all "should + never occur" failures, except for exec failing because the command doesn't + exist. */ - /* Set the required environment. */ + if (make_leader && setpgid(0,0) < 0) + { + DEBUG(D_any) debug_printf("failed to set group leader in subprocess: %s\n", + strerror(errno)); + goto CHILD_FAILED; + } - signal(SIGUSR1, SIG_IGN); - if (newgid != NULL && setgid(*newgid) < 0) goto CHILD_FAILED; - if (newuid != NULL && setuid(*newuid) < 0) goto CHILD_FAILED; - (void)umask(newumask); + (void)close(inpfd[pipe_write]); + force_fd(inpfd[pipe_read], 0); - /* Set the working directory if required */ + (void)close(outpfd[pipe_read]); + force_fd(outpfd[pipe_write], 1); - if (wd != NULL && Uchdir(wd) < 0) goto CHILD_FAILED; + (void)close(2); + (void)dup2(1, 2); /* Now do the exec */ @@ -328,7 +374,7 @@ if (pid == 0) /* Failed to execv. Signal this failure using EX_EXECFAILED. We are losing the actual errno we got back, because there is no way to return - this. */ + this information. */ CHILD_FAILED: _exit(EX_EXECFAILED); /* Note: must be _exit(), NOT exit() */ @@ -338,8 +384,8 @@ if (pid == 0) stdin pipe, and the writing end of the stdout pipe. */ save_errno = errno; -close(inpfd[pipe_read]); -close(outpfd[pipe_write]); +(void)close(inpfd[pipe_read]); +(void)close(outpfd[pipe_write]); /* Fork succeeded; return the input/output pipes and the pid */ @@ -352,8 +398,8 @@ if (pid > 0) /* Fork failed; reset fork errno before returning */ -close(inpfd[pipe_write]); -close(outpfd[pipe_read]); +(void)close(inpfd[pipe_write]); +(void)close(outpfd[pipe_read]); errno = save_errno; return (pid_t)(-1); }