static void main_init(void) { struct master_service_connection conn; if (IS_STANDALONE()) { memset(&conn, 0, sizeof(conn)); (void)client_create(STDIN_FILENO, STDOUT_FILENO, &conn); } dns_client_socket_path = t_abspath(DNS_CLIENT_SOCKET_PATH); }
int main(int argc, char *argv[]) { const struct setting_parser_info *set_roots[] = { &lda_setting_parser_info, &lmtp_setting_parser_info, NULL }; enum master_service_flags service_flags = 0; enum mail_storage_service_flags storage_service_flags = MAIL_STORAGE_SERVICE_FLAG_DISALLOW_ROOT | MAIL_STORAGE_SERVICE_FLAG_USERDB_LOOKUP | MAIL_STORAGE_SERVICE_FLAG_TEMP_PRIV_DROP | MAIL_STORAGE_SERVICE_FLAG_NO_LOG_INIT | MAIL_STORAGE_SERVICE_FLAG_NO_IDLE_TIMEOUT; int c; if (IS_STANDALONE()) { service_flags |= MASTER_SERVICE_FLAG_STANDALONE | MASTER_SERVICE_FLAG_STD_CLIENT; } else { service_flags |= MASTER_SERVICE_FLAG_KEEP_CONFIG_OPEN; } master_service = master_service_init("lmtp", service_flags, &argc, &argv, "D"); while ((c = master_getopt(master_service)) > 0) { switch (c) { case 'D': storage_service_flags |= MAIL_STORAGE_SERVICE_FLAG_ENABLE_CORE_DUMPS; break; default: return FATAL_DEFAULT; } } if (t_get_current_dir(&base_dir) < 0) i_fatal("getcwd() failed: %m"); drop_privileges(); master_service_init_log(master_service, t_strdup_printf("lmtp(%s): ", my_pid)); storage_service = mail_storage_service_init(master_service, set_roots, storage_service_flags); restrict_access_allow_coredumps(TRUE); main_init(); master_service_init_finish(master_service); master_service_run(master_service, client_connected); main_deinit(); mail_storage_service_deinit(&storage_service); master_service_deinit(&master_service); return 0; }
static void main_stdio_run(const char *access_user, const char *const *access_applications) { bool debug; debug = getenv("DEBUG"); access_user = access_user != NULL ? access_user : getenv("USER"); if (access_user == NULL && IS_STANDALONE()) access_user = getlogin(); if (access_user == NULL) i_fatal("USER environment missing"); (void)client_create_standalone(access_user, access_applications, STDIN_FILENO, STDOUT_FILENO, debug); }
static void client_add_input(struct client *client, const buffer_t *buf) { struct ostream *output; if (buf != NULL && buf->used > 0) { if (!i_stream_add_data(client->input, buf->data, buf->used)) i_panic("Couldn't add client input to stream"); } output = client->output; o_stream_ref(output); o_stream_cork(output); if (!IS_STANDALONE()) client_send_line(client, "+OK Logged in."); (void)client_handle_input(client); o_stream_uncork(output); o_stream_unref(&output); }
static int client_create_from_input(const struct mail_storage_service_input *input, int fd_in, int fd_out, const buffer_t *input_buf, const char **error_r) { const char *lookup_error_str = "-ERR [SYS/TEMP] "MAIL_ERRSTR_CRITICAL_MSG"\r\n"; struct mail_storage_service_user *user; struct mail_user *mail_user; struct client *client; const struct pop3_settings *set; const char *error; if (mail_storage_service_lookup_next(storage_service, input, &user, &mail_user, error_r) <= 0) { if (write(fd_out, lookup_error_str, strlen(lookup_error_str)) < 0) { /* ignored */ } return -1; } restrict_access_allow_coredumps(TRUE); set = mail_storage_service_user_get_set(user)[1]; if (set->verbose_proctitle) verbose_proctitle = TRUE; if (client_create(fd_in, fd_out, input->session_id, mail_user, user, set, &client) < 0) return 0; if (!IS_STANDALONE()) client_send_line(client, "+OK Logged in."); if (client_init_mailbox(client, &error) == 0) client_add_input(client, input_buf); else { i_error("%s", error); client_destroy(client, error); } return 0; }
int main(int argc, char *argv[]) { static const struct setting_parser_info *set_roots[] = { &pop3_setting_parser_info, NULL }; struct master_login_settings login_set; enum master_service_flags service_flags = 0; enum mail_storage_service_flags storage_service_flags = 0; const char *username = NULL; int c; memset(&login_set, 0, sizeof(login_set)); login_set.postlogin_timeout_secs = MASTER_POSTLOGIN_TIMEOUT_DEFAULT; if (IS_STANDALONE() && getuid() == 0 && net_getpeername(1, NULL, NULL) == 0) { printf("-ERR [SYS/PERM] pop3 binary must not be started from " "inetd, use pop3-login instead.\n"); return 1; } if (IS_STANDALONE()) { service_flags |= MASTER_SERVICE_FLAG_STANDALONE | MASTER_SERVICE_FLAG_STD_CLIENT; } else { service_flags |= MASTER_SERVICE_FLAG_KEEP_CONFIG_OPEN; storage_service_flags |= MAIL_STORAGE_SERVICE_FLAG_DISALLOW_ROOT; } master_service = master_service_init("pop3", service_flags, &argc, &argv, "t:u:"); while ((c = master_getopt(master_service)) > 0) { switch (c) { case 't': if (str_to_uint(optarg, &login_set.postlogin_timeout_secs) < 0 || login_set.postlogin_timeout_secs == 0) i_fatal("Invalid -t parameter: %s", optarg); break; case 'u': storage_service_flags |= MAIL_STORAGE_SERVICE_FLAG_USERDB_LOOKUP; username = optarg; break; default: return FATAL_DEFAULT; } } login_set.auth_socket_path = t_abspath("auth-master"); if (argv[optind] != NULL) login_set.postlogin_socket_path = t_abspath(argv[optind]); login_set.callback = login_client_connected; login_set.failure_callback = login_client_failed; master_service_init_finish(master_service); master_service_set_die_callback(master_service, pop3_die); storage_service = mail_storage_service_init(master_service, set_roots, storage_service_flags); /* fake that we're running, so we know if client was destroyed while handling its initial input */ io_loop_set_running(current_ioloop); if (IS_STANDALONE()) { T_BEGIN { main_stdio_run(username); } T_END; } else {
int verify_user(struct passwd *pw, char *prompt) { int counter = def_passwd_tries + 1; int success = AUTH_FAILURE; int flags, status, standalone, rval; char *p; sudo_auth *auth; sigaction_t sa, osa; /* Enable suspend during password entry. */ sigemptyset(&sa.sa_mask); sa.sa_flags = SA_RESTART; sa.sa_handler = SIG_DFL; (void) sigaction(SIGTSTP, &sa, &osa); /* Make sure we have at least one auth method. */ if (auth_switch[0].name == NULL) { audit_failure(NewArgv, "no authentication methods"); log_error(0, _("There are no authentication methods compiled into sudo! " "If you want to turn off authentication, use the " "--disable-authentication configure option.")); return -1; } /* Make sure we haven't mixed standalone and shared auth methods. */ standalone = IS_STANDALONE(&auth_switch[0]); if (standalone && auth_switch[1].name != NULL) { audit_failure(NewArgv, "invalid authentication methods"); log_error(0, _("Invalid authentication methods compiled into sudo! " "You may mix standalone and non-standalone authentication.")); return -1; } /* Set FLAG_ONEANDONLY if there is only one auth method. */ if (auth_switch[1].name == NULL) SET(auth_switch[0].flags, FLAG_ONEANDONLY); /* Initialize auth methods and unconfigure the method if necessary. */ for (auth = auth_switch; auth->name; auth++) { if (auth->init && !IS_DISABLED(auth)) { if (NEEDS_USER(auth)) set_perms(PERM_USER); status = (auth->init)(pw, &prompt, auth); if (status == AUTH_FAILURE) SET(auth->flags, FLAG_DISABLED); else if (status == AUTH_FATAL) { /* XXX log */ audit_failure(NewArgv, "authentication failure"); return -1; /* assume error msg already printed */ } if (NEEDS_USER(auth)) restore_perms(); } } while (--counter) { /* Do any per-method setup and unconfigure the method if needed */ for (auth = auth_switch; auth->name; auth++) { if (auth->setup && !IS_DISABLED(auth)) { if (NEEDS_USER(auth)) set_perms(PERM_USER); status = (auth->setup)(pw, &prompt, auth); if (status == AUTH_FAILURE) SET(auth->flags, FLAG_DISABLED); else if (status == AUTH_FATAL) {/* XXX log */ audit_failure(NewArgv, "authentication failure"); return -1; /* assume error msg already printed */ } if (NEEDS_USER(auth)) restore_perms(); } } /* Get the password unless the auth function will do it for us */ if (standalone) { p = prompt; } else { p = auth_getpass(prompt, def_passwd_timeout * 60, SUDO_CONV_PROMPT_ECHO_OFF); if (p == NULL) break; } /* Call authentication functions. */ for (auth = auth_switch; auth->name; auth++) { if (IS_DISABLED(auth)) continue; if (NEEDS_USER(auth)) set_perms(PERM_USER); success = auth->status = (auth->verify)(pw, p, auth); if (NEEDS_USER(auth)) restore_perms(); if (auth->status != AUTH_FAILURE) goto cleanup; } if (!standalone) zero_bytes(p, strlen(p)); pass_warn(); } cleanup: /* Call cleanup routines. */ for (auth = auth_switch; auth->name; auth++) { if (auth->cleanup && !IS_DISABLED(auth)) { if (NEEDS_USER(auth)) set_perms(PERM_USER); status = (auth->cleanup)(pw, auth); if (status == AUTH_FATAL) { /* XXX log */ audit_failure(NewArgv, "authentication failure"); return -1; /* assume error msg already printed */ } if (NEEDS_USER(auth)) restore_perms(); } } switch (success) { case AUTH_SUCCESS: (void) sigaction(SIGTSTP, &osa, NULL); rval = TRUE; break; case AUTH_INTR: case AUTH_FAILURE: if (counter != def_passwd_tries) { if (def_mail_badpass || def_mail_always) flags = 0; else flags = NO_MAIL; log_error(flags, ngettext("%d incorrect password attempt", "%d incorrect password attempts", def_passwd_tries - counter), def_passwd_tries - counter); } audit_failure(NewArgv, "authentication failure"); rval = FALSE; break; case AUTH_FATAL: default: audit_failure(NewArgv, "authentication failure"); rval = -1; break; } return rval; }
int main(int argc, char *argv[]) { static const struct setting_parser_info *set_roots[] = { &imap_urlauth_worker_setting_parser_info, NULL }; enum master_service_flags service_flags = 0; enum mail_storage_service_flags storage_service_flags = MAIL_STORAGE_SERVICE_FLAG_USERDB_LOOKUP | MAIL_STORAGE_SERVICE_FLAG_NO_LOG_INIT; ARRAY_TYPE (const_string) access_apps; const char *access_user = NULL; int c; if (IS_STANDALONE()) { service_flags |= MASTER_SERVICE_FLAG_STANDALONE | MASTER_SERVICE_FLAG_STD_CLIENT; } else { service_flags |= MASTER_SERVICE_FLAG_KEEP_CONFIG_OPEN; storage_service_flags |= MAIL_STORAGE_SERVICE_FLAG_DISALLOW_ROOT; } master_service = master_service_init("imap-urlauth-worker", service_flags, &argc, &argv, "a:"); t_array_init(&access_apps, 4); while ((c = master_getopt(master_service)) > 0) { switch (c) { case 'a': { const char *app = t_strdup(optarg); array_append(&access_apps, &app, 1); break; } default: return FATAL_DEFAULT; } } if ( optind < argc ) { access_user = argv[optind++]; } if (optind != argc) { i_fatal_status(EX_USAGE, "Unknown argument: %s", argv[optind]); } master_service_init_log(master_service, t_strdup_printf("imap-urlauth[%s]: ", my_pid)); master_service_init_finish(master_service); master_service_set_die_callback(master_service, imap_urlauth_worker_die); random_init(); storage_service = mail_storage_service_init(master_service, set_roots, storage_service_flags); /* fake that we're running, so we know if client was destroyed while handling its initial input */ io_loop_set_running(current_ioloop); if (IS_STANDALONE()) { T_BEGIN { if (array_count(&access_apps) > 0) { (void)array_append_space(&access_apps); main_stdio_run(access_user, array_idx(&access_apps,0)); } else { main_stdio_run(access_user, NULL); } } T_END; } else {
int main(int argc, char *argv[]) { static const struct setting_parser_info *set_roots[] = { &imap_setting_parser_info, NULL }; struct master_login_settings login_set; enum master_service_flags service_flags = 0; enum mail_storage_service_flags storage_service_flags = 0; const char *username = NULL; int c; memset(&login_set, 0, sizeof(login_set)); login_set.postlogin_timeout_secs = MASTER_POSTLOGIN_TIMEOUT_DEFAULT; login_set.request_auth_token = TRUE; if (IS_STANDALONE() && getuid() == 0 && net_getpeername(1, NULL, NULL) == 0) { printf("* BAD [ALERT] imap binary must not be started from " "inetd, use imap-login instead.\n"); return 1; } if (IS_STANDALONE()) { service_flags |= MASTER_SERVICE_FLAG_STANDALONE | MASTER_SERVICE_FLAG_STD_CLIENT; } else { service_flags |= MASTER_SERVICE_FLAG_KEEP_CONFIG_OPEN; storage_service_flags |= MAIL_STORAGE_SERVICE_FLAG_DISALLOW_ROOT; } master_service = master_service_init("imap", service_flags, &argc, &argv, "t:u:"); while ((c = master_getopt(master_service)) > 0) { switch (c) { case 't': if (str_to_uint(optarg, &login_set.postlogin_timeout_secs) < 0 || login_set.postlogin_timeout_secs == 0) i_fatal("Invalid -t parameter: %s", optarg); break; case 'u': storage_service_flags |= MAIL_STORAGE_SERVICE_FLAG_USERDB_LOOKUP; username = optarg; break; default: return FATAL_DEFAULT; } } master_service_set_die_callback(master_service, imap_die); /* plugins may want to add commands, so this needs to be called early */ commands_init(); imap_fetch_handlers_init(); random_init(); storage_service = mail_storage_service_init(master_service, set_roots, storage_service_flags); master_service_init_finish(master_service); /* fake that we're running, so we know if client was destroyed while handling its initial input */ io_loop_set_running(current_ioloop); if (IS_STANDALONE()) { T_BEGIN { main_stdio_run(username); } T_END; } else T_BEGIN {