void
filter_api_no_chroot(void)
{
filter_api_init();
fi.rootpath = NULL;
}
void
filter_api_loop(void)
{
if (register_done)
errx(1, "filter_api_loop already called");
filter_api_init();
register_done = 1;
mproc_enable(&fi.p);
usleep(1000000);
if (fi.rootpath) {
if (chroot(fi.rootpath) == -1)
err(1, "chroot");
if (chdir("/") == -1)
err(1, "chdir");
}
if (setgroups(1, &fi.gid) ||
setresgid(fi.gid, fi.gid, fi.gid) ||
setresuid(fi.uid, fi.uid, fi.uid))
err(1, "cannot drop privileges");
if (event_dispatch() < 0)
errx(1, "event_dispatch");
}
void
filter_api_on_notify(void(*cb)(uint64_t, enum filter_status))
{
filter_api_init();
fi.cb.notify = cb;
}
void
filter_api_set_chroot(const char *rootpath)
{
filter_api_init();
fi.rootpath = rootpath;
}
void
filter_api_on_event(void(*cb)(uint64_t, enum filter_hook))
{
filter_api_init();
fi.hooks |= HOOK_DISCONNECT | HOOK_RESET | HOOK_COMMIT;
fi.cb.event = cb;
}
void
filter_api_on_eom(void(*cb)(uint64_t, uint64_t))
{
filter_api_init();
fi.hooks |= HOOK_EOM;
fi.cb.eom = cb;
}
void
filter_api_on_dataline(void(*cb)(uint64_t, const char *))
{
filter_api_init();
fi.hooks |= HOOK_DATALINE | HOOK_EOM;
fi.cb.dataline = cb;
}
void
filter_api_on_data(void(*cb)(uint64_t, uint64_t))
{
filter_api_init();
fi.hooks |= HOOK_DATA;
fi.cb.data = cb;
}
void
filter_api_on_rcpt(void(*cb)(uint64_t, uint64_t, struct mailaddr *))
{
filter_api_init();
fi.hooks |= HOOK_RCPT;
fi.cb.rcpt = cb;
}
void
filter_api_on_mail(void(*cb)(uint64_t, uint64_t, struct mailaddr *))
{
filter_api_init();
fi.hooks |= HOOK_MAIL;
fi.cb.mail = cb;
}
void
filter_api_on_connect(void(*cb)(uint64_t, uint64_t, struct filter_connect *))
{
filter_api_init();
fi.hooks |= HOOK_CONNECT;
fi.cb.connect = cb;
}
void
filter_api_on_rollback(void(*cb)(uint64_t))
{
filter_api_init();
fi.hooks |= HOOK_ROLLBACK;
fi.cb.rollback = cb;
}
void
filter_api_on_commit(void(*cb)(uint64_t))
{
filter_api_init();
fi.hooks |= HOOK_COMMIT;
fi.cb.commit = cb;
}
void
filter_api_on_disconnect(void(*cb)(uint64_t))
{
filter_api_init();
fi.hooks |= HOOK_DISCONNECT;
fi.cb.disconnect = cb;
}
void
filter_api_on_reset(void(*cb)(uint64_t))
{
filter_api_init();
fi.hooks |= HOOK_RESET;
fi.cb.reset = cb;
}
void
filter_api_on_helo(void(*cb)(uint64_t, uint64_t, const char *))
{
filter_api_init();
fi.hooks |= HOOK_HELO;
fi.cb.helo = cb;
}
void
filter_api_on_dataline(void(*cb)(uint64_t, const char *), int flags)
{
filter_api_init();
fi.hooks |= HOOK_DATALINE;
fi.flags |= flags & FILTER_ALTERDATA;
fi.cb.dataline = cb;
}
void
filter_api_setugid(uid_t uid, gid_t gid)
{
filter_api_init();
if (! uid)
errx(1, "filter_api_setugid: can't set uid=0");
if (! gid)
errx(1, "filter_api_setugid: can't set gid=0");
fi.uid = uid;
fi.gid = gid;
}
void
filter_api_setugid(uid_t uid, gid_t gid)
{
filter_api_init();
if (! uid) {
log_warn("warn: filter-api:%s can't set uid 0", filter_name);
fatalx("filter-api: exiting");
}
if (! gid) {
log_warn("warn: filter-api:%s can't set gid 0", filter_name);
fatalx("filter-api: exiting");
}
fi.uid = uid;
fi.gid = gid;
}
void
filter_api_loop(void)
{
if (register_done) {
log_warnx("warn: filter-api:%s filter_api_loop() already called", filter_name);
fatalx("filter-api: exiting");
}
filter_api_init();
register_done = 1;
mproc_enable(&fi.p);
if (fi.rootpath) {
if (chroot(fi.rootpath) == -1) {
log_warn("warn: filter-api:%s chroot", filter_name);
fatalx("filter-api: exiting");
}
if (chdir("/") == -1) {
log_warn("warn: filter-api:%s chdir", filter_name);
fatalx("filter-api: exiting");
}
}
if (setgroups(1, &fi.gid) ||
setresgid(fi.gid, fi.gid, fi.gid) ||
setresuid(fi.uid, fi.uid, fi.uid)) {
log_warn("warn: filter-api:%s cannot drop privileges", filter_name);
fatalx("filter-api: exiting");
}
if (event_dispatch() < 0) {
log_warn("warn: filter-api:%s event_dispatch", filter_name);
fatalx("filter-api: exiting");
}
}
