static void ATTR_NORETURN checkpassword_lookup_child(struct auth_request *request, struct checkpassword_userdb_module *module, int fd_in, int fd_out) { const char *cmd, *const *args; if (dup2(fd_out, 3) < 0 || dup2(fd_in, 4) < 0) { auth_request_log_error(request, "userdb-checkpassword", "dup2() failed: %m"); } else { /* We want to retrieve user data and don't do authorization, so we need to signalize the checkpassword program that the password shall be ignored by setting AUTHORIZED. This needs a special checkpassword program which knows how to handle this. */ env_put("AUTHORIZED=1"); checkpassword_setup_env(request); cmd = checkpassword_get_cmd(request, module->checkpassword_path, module->checkpassword_reply_path); auth_request_log_debug(request, "userdb-checkpassword", "execute: %s", cmd); /* very simple argument splitting. */ args = t_strsplit(cmd, " "); execv_const(args[0], args); } exit(2); }
static void ATTR_NORETURN master_service_exec_config(struct master_service *service, const struct master_service_settings_input *input) { const char **conf_argv, *binary_path = service->argv[0]; const char *home = NULL, *user = NULL, *timestamp = NULL; unsigned int i, argv_max_count; (void)t_binary_abspath(&binary_path); if (!service->keep_environment && !input->preserve_environment) { if (input->preserve_home) home = getenv("HOME"); if (input->preserve_user) user = getenv("USER"); if ((service->flags & MASTER_SERVICE_FLAG_STANDALONE) != 0) timestamp = getenv("LOG_STDERR_TIMESTAMP"); master_service_env_clean(); if (home != NULL) env_put(t_strconcat("HOME=", home, NULL)); if (user != NULL) env_put(t_strconcat("USER="******"LOG_STDERR_TIMESTAMP=", timestamp, NULL)); } if (input->use_sysexits) env_put("USE_SYSEXITS=1"); /* @UNSAFE */ i = 0; argv_max_count = 11 + (service->argc + 1) + 1; conf_argv = t_new(const char *, argv_max_count); conf_argv[i++] = DOVECOT_CONFIG_BIN_PATH; if (input->service != NULL) { conf_argv[i++] = "-f"; conf_argv[i++] = t_strconcat("service=", input->service, NULL); } conf_argv[i++] = "-c"; conf_argv[i++] = service->config_path; if (input->module != NULL) { conf_argv[i++] = "-m"; conf_argv[i++] = input->module; if (service->want_ssl_settings) { conf_argv[i++] = "-m"; conf_argv[i++] = "ssl"; } } if (input->parse_full_config) conf_argv[i++] = "-p"; conf_argv[i++] = "-e"; conf_argv[i++] = binary_path; memcpy(conf_argv+i, service->argv + 1, (service->argc) * sizeof(conf_argv[0])); i += service->argc; i_assert(i < argv_max_count); execv_const(conf_argv[0], conf_argv); }