Not to use mailbox_create_defaut.
Showing
3 changed files
with
37 additions
and
32 deletions
| ... | @@ -148,13 +148,14 @@ pop3d_apopuser (const char *user) | ... | @@ -148,13 +148,14 @@ pop3d_apopuser (const char *user) |
| 148 | int | 148 | int |
| 149 | pop3d_apop (const char *arg) | 149 | pop3d_apop (const char *arg) |
| 150 | { | 150 | { |
| 151 | char *tmp, *user_digest, *password; | 151 | char *tmp, *user_digest, *user, *password; |
| 152 | struct passwd *pw; | 152 | struct passwd *pw; |
| 153 | char buf[POP_MAXCMDLEN]; | 153 | char buf[POP_MAXCMDLEN]; |
| 154 | struct md5_ctx md5context; | 154 | struct md5_ctx md5context; |
| 155 | unsigned char md5digest[16]; | 155 | unsigned char md5digest[16]; |
| 156 | int status; | 156 | int status; |
| 157 | int lockit = 1; | 157 | int lockit = 1; |
| 158 | char *mailbox_name = NULL; | ||
| 158 | 159 | ||
| 159 | if (state != AUTHORIZATION) | 160 | if (state != AUTHORIZATION) |
| 160 | return ERR_WRONG_STATE; | 161 | return ERR_WRONG_STATE; |
| ... | @@ -162,20 +163,18 @@ pop3d_apop (const char *arg) | ... | @@ -162,20 +163,18 @@ pop3d_apop (const char *arg) |
| 162 | if (strlen (arg) == 0) | 163 | if (strlen (arg) == 0) |
| 163 | return ERR_BAD_ARGS; | 164 | return ERR_BAD_ARGS; |
| 164 | 165 | ||
| 165 | username = pop3d_cmd (arg); | 166 | user = pop3d_cmd (arg); |
| 166 | if (strlen (username) > (POP_MAXCMDLEN - APOP_DIGEST)) | 167 | if (strlen (user) > (POP_MAXCMDLEN - APOP_DIGEST)) |
| 167 | { | 168 | { |
| 168 | free (username); | 169 | free (user); |
| 169 | username = NULL; | ||
| 170 | return ERR_BAD_ARGS; | 170 | return ERR_BAD_ARGS; |
| 171 | } | 171 | } |
| 172 | user_digest = pop3d_args (arg); | 172 | user_digest = pop3d_args (arg); |
| 173 | 173 | ||
| 174 | password = pop3d_apopuser (username); | 174 | password = pop3d_apopuser (user); |
| 175 | if (password == NULL) | 175 | if (password == NULL) |
| 176 | { | 176 | { |
| 177 | free (username); | 177 | free (user); |
| 178 | username = NULL; | ||
| 179 | free (user_digest); | 178 | free (user_digest); |
| 180 | return ERR_BAD_LOGIN; | 179 | return ERR_BAD_LOGIN; |
| 181 | } | 180 | } |
| ... | @@ -197,30 +196,26 @@ pop3d_apop (const char *arg) | ... | @@ -197,30 +196,26 @@ pop3d_apop (const char *arg) |
| 197 | 196 | ||
| 198 | if (strcmp (user_digest, buf)) | 197 | if (strcmp (user_digest, buf)) |
| 199 | { | 198 | { |
| 200 | free (username); | 199 | free (user); |
| 201 | username = NULL; | ||
| 202 | free (user_digest); | 200 | free (user_digest); |
| 203 | return ERR_BAD_LOGIN; | 201 | return ERR_BAD_LOGIN; |
| 204 | } | 202 | } |
| 205 | 203 | ||
| 206 | free (user_digest); | 204 | free (user_digest); |
| 207 | pw = getpwnam (username); | 205 | pw = getpwnam (user); |
| 206 | free (user); | ||
| 208 | if (pw == NULL) | 207 | if (pw == NULL) |
| 209 | { | 208 | return ERR_BAD_LOGIN; |
| 210 | free (username); | ||
| 211 | username = NULL; | ||
| 212 | return ERR_BAD_LOGIN; | ||
| 213 | } | ||
| 214 | 209 | ||
| 215 | /* Reset the uid. */ | 210 | /* Reset the uid. */ |
| 216 | if (setuid (pw->pw_uid) == -1) | 211 | if (setuid (pw->pw_uid) == -1) |
| 217 | { | 212 | return ERR_BAD_LOGIN; |
| 218 | free (username); | 213 | |
| 219 | username = NULL; | 214 | mailbox_name = calloc (strlen (_PATH_MAILDIR) + 1 |
| 220 | return ERR_BAD_LOGIN; | 215 | + strlen (pw->pw_name) + 1, 1); |
| 221 | } | 216 | sprintf (mailbox_name, "%s/%s", _PATH_MAILDIR, pw->pw_name); |
| 222 | 217 | ||
| 223 | if ((status = mailbox_create_default (&mbox, username)) != 0 | 218 | if ((status = mailbox_create (&mbox, mailbox_name)) != 0 |
| 224 | || (status = mailbox_open (mbox, MU_STREAM_RDWR)) != 0) | 219 | || (status = mailbox_open (mbox, MU_STREAM_RDWR)) != 0) |
| 225 | { | 220 | { |
| 226 | mailbox_destroy (&mbox); | 221 | mailbox_destroy (&mbox); |
| ... | @@ -230,33 +225,33 @@ pop3d_apop (const char *arg) | ... | @@ -230,33 +225,33 @@ pop3d_apop (const char *arg) |
| 230 | if (mailbox_create (&mbox, "/dev/null") != 0 | 225 | if (mailbox_create (&mbox, "/dev/null") != 0 |
| 231 | || mailbox_open (mbox, MU_STREAM_READ) != 0) | 226 | || mailbox_open (mbox, MU_STREAM_READ) != 0) |
| 232 | { | 227 | { |
| 233 | free (username); | 228 | free (mailbox_name); |
| 234 | username = NULL; | ||
| 235 | state = AUTHORIZATION; | 229 | state = AUTHORIZATION; |
| 236 | return ERR_UNKNOWN; | 230 | return ERR_UNKNOWN; |
| 237 | } | 231 | } |
| 238 | } | 232 | } |
| 239 | else | 233 | else |
| 240 | { | 234 | { |
| 241 | free (username); | 235 | free (mailbox_name); |
| 242 | username = NULL; | ||
| 243 | state = AUTHORIZATION; | 236 | state = AUTHORIZATION; |
| 244 | return ERR_MBOX_LOCK; | 237 | return ERR_MBOX_LOCK; |
| 245 | } | 238 | } |
| 246 | lockit = 0; /* Do not attempt to lock /dev/null ! */ | 239 | lockit = 0; /* Do not attempt to lock /dev/null ! */ |
| 247 | } | 240 | } |
| 241 | free (mailbox_name); | ||
| 248 | 242 | ||
| 249 | if (lockit && pop3d_lock()) | 243 | if (lockit && pop3d_lock()) |
| 250 | { | 244 | { |
| 251 | mailbox_close(mbox); | 245 | mailbox_close(mbox); |
| 252 | mailbox_destroy(&mbox); | 246 | mailbox_destroy(&mbox); |
| 253 | state = AUTHORIZATION; | 247 | state = AUTHORIZATION; |
| 254 | free (username); | ||
| 255 | username = NULL; | ||
| 256 | return ERR_MBOX_LOCK; | 248 | return ERR_MBOX_LOCK; |
| 257 | } | 249 | } |
| 258 | 250 | ||
| 259 | state = TRANSACTION; | 251 | state = TRANSACTION; |
| 252 | username = strdup (pw->pw_name); | ||
| 253 | if (username == NULL) | ||
| 254 | pop3d_abquit (ERR_NO_MEM); | ||
| 260 | fprintf (ofile, "+OK opened mailbox for %s\r\n", username); | 255 | fprintf (ofile, "+OK opened mailbox for %s\r\n", username); |
| 261 | /* mailbox name */ | 256 | /* mailbox name */ |
| 262 | { | 257 | { | ... | ... |
| ... | @@ -114,8 +114,10 @@ | ... | @@ -114,8 +114,10 @@ |
| 114 | /* The path to the mail spool files */ | 114 | /* The path to the mail spool files */ |
| 115 | #ifdef HAVE_PATHS_H | 115 | #ifdef HAVE_PATHS_H |
| 116 | #include <paths.h> | 116 | #include <paths.h> |
| 117 | #else | 117 | #endif |
| 118 | #define _PATH_MAILDIR "/usr/spool/mail" | 118 | |
| 119 | #ifndef _PATH_MAILDIR | ||
| 120 | # define _PATH_MAILDIR "/usr/spool/mail" | ||
| 119 | #endif | 121 | #endif |
| 120 | 122 | ||
| 121 | #ifdef HAVE_SECURITY_PAM_APPL_H | 123 | #ifdef HAVE_SECURITY_PAM_APPL_H | ... | ... |
| ... | @@ -83,6 +83,7 @@ pop3d_user (const char *arg) | ... | @@ -83,6 +83,7 @@ pop3d_user (const char *arg) |
| 83 | struct passwd *pw; | 83 | struct passwd *pw; |
| 84 | int status; | 84 | int status; |
| 85 | int lockit = 1; | 85 | int lockit = 1; |
| 86 | char *mailbox_name; | ||
| 86 | 87 | ||
| 87 | if (state != AUTHORIZATION) | 88 | if (state != AUTHORIZATION) |
| 88 | return ERR_WRONG_STATE; | 89 | return ERR_WRONG_STATE; |
| ... | @@ -179,7 +180,11 @@ pop3d_user (const char *arg) | ... | @@ -179,7 +180,11 @@ pop3d_user (const char *arg) |
| 179 | if (pw != NULL && pw->pw_uid > 1) | 180 | if (pw != NULL && pw->pw_uid > 1) |
| 180 | setuid (pw->pw_uid); | 181 | setuid (pw->pw_uid); |
| 181 | 182 | ||
| 182 | if ((status = mailbox_create_default (&mbox, arg)) != 0 | 183 | mailbox_name = calloc (strlen (_PATH_MAILDIR) + 1 |
| 184 | + strlen (pw->pw_name) + 1, 1); | ||
| 185 | sprintf (mailbox_name, "%s/%s", _PATH_MAILDIR, pw->pw_name); | ||
| 186 | |||
| 187 | if ((status = mailbox_create (&mbox, mailbox_name)) != 0 | ||
| 183 | || (status = mailbox_open (mbox, MU_STREAM_RDWR)) != 0) | 188 | || (status = mailbox_open (mbox, MU_STREAM_RDWR)) != 0) |
| 184 | { | 189 | { |
| 185 | mailbox_destroy (&mbox); | 190 | mailbox_destroy (&mbox); |
| ... | @@ -190,16 +195,19 @@ pop3d_user (const char *arg) | ... | @@ -190,16 +195,19 @@ pop3d_user (const char *arg) |
| 190 | || mailbox_open (mbox, MU_STREAM_READ) != 0) | 195 | || mailbox_open (mbox, MU_STREAM_READ) != 0) |
| 191 | { | 196 | { |
| 192 | state = AUTHORIZATION; | 197 | state = AUTHORIZATION; |
| 198 | free (mailbox_name); | ||
| 193 | return ERR_UNKNOWN; | 199 | return ERR_UNKNOWN; |
| 194 | } | 200 | } |
| 195 | } | 201 | } |
| 196 | else | 202 | else |
| 197 | { | 203 | { |
| 198 | state = AUTHORIZATION; | 204 | state = AUTHORIZATION; |
| 205 | free (mailbox_name); | ||
| 199 | return ERR_MBOX_LOCK; | 206 | return ERR_MBOX_LOCK; |
| 200 | } | 207 | } |
| 201 | lockit = 0; /* Do not attempt to lock /dev/null ! */ | 208 | lockit = 0; /* Do not attempt to lock /dev/null ! */ |
| 202 | } | 209 | } |
| 210 | free (mailbox_name); | ||
| 203 | 211 | ||
| 204 | if (lockit && pop3d_lock()) | 212 | if (lockit && pop3d_lock()) |
| 205 | { | 213 | { |
| ... | @@ -209,7 +217,7 @@ pop3d_user (const char *arg) | ... | @@ -209,7 +217,7 @@ pop3d_user (const char *arg) |
| 209 | return ERR_MBOX_LOCK; | 217 | return ERR_MBOX_LOCK; |
| 210 | } | 218 | } |
| 211 | 219 | ||
| 212 | username = strdup (arg); | 220 | username = strdup (pw->pw_name); |
| 213 | if (username == NULL) | 221 | if (username == NULL) |
| 214 | pop3d_abquit (ERR_NO_MEM); | 222 | pop3d_abquit (ERR_NO_MEM); |
| 215 | state = TRANSACTION; | 223 | state = TRANSACTION; | ... | ... |
-
Please register or sign in to post a comment