[dovecot-cvs] dovecot/src/master auth-process.c,1.16,1.17 common.h,1.5,1.6 imap-process.c,1.13,1.14 login-process.c,1.18,1.19

cras at procontrol.fi cras at procontrol.fi
Tue Dec 17 05:00:46 EET 2002 

Update of /home/cvs/dovecot/src/master
In directory danu:/tmp/cvs-serv28872/master

Modified Files:
	auth-process.c common.h imap-process.c login-process.c 
Log Message:
Clear separation of virtual and system usernames. passwd-file didn't work
before if the user didn't exist in system. Prefixed also all setuid/etc.
restriction environments with RESTRICT_.



Index: auth-process.c
===================================================================
RCS file: /home/cvs/dovecot/src/master/auth-process.c,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -d -r1.16 -r1.17
--- auth-process.c	6 Dec 2002 01:09:23 -0000	1.16
+++ auth-process.c	17 Dec 2002 03:00:44 -0000	1.17
@@ -78,7 +78,8 @@
 
 	/* auth process isn't trusted, validate all data to make sure
 	   it's not trying to exploit us */
-	if (!VALIDATE_STR(reply->user) || !VALIDATE_STR(reply->mail) ||
+	if (!VALIDATE_STR(reply->system_user) ||
+	    !VALIDATE_STR(reply->virtual_user) || !VALIDATE_STR(reply->mail) ||
 	    !VALIDATE_STR(reply->home)) {
 		i_error("auth: Received corrupted data");
 		auth_process_destroy(process);

Index: common.h
===================================================================
RCS file: /home/cvs/dovecot/src/master/common.h,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -d -r1.5 -r1.6
--- common.h	17 Nov 2002 09:42:08 -0000	1.5
+++ common.h	17 Dec 2002 03:00:44 -0000	1.6
@@ -33,7 +33,9 @@
 
 void clean_child_process(void);
 
-MasterReplyResult create_imap_process(int socket, IPADDR *ip, const char *user,
+MasterReplyResult create_imap_process(int socket, IPADDR *ip,
+				      const char *system_user,
+				      const char *virtual_user,
 				      uid_t uid, gid_t gid, const char *home,
 				      int chroot, const char *env[]);
 void imap_process_destroyed(pid_t pid);

Index: imap-process.c
===================================================================
RCS file: /home/cvs/dovecot/src/master/imap-process.c,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -d -r1.13 -r1.14
--- imap-process.c	16 Dec 2002 14:51:03 -0000	1.13
+++ imap-process.c	17 Dec 2002 03:00:44 -0000	1.14
@@ -101,7 +101,9 @@
 	return str->str;
 }
 
-MasterReplyResult create_imap_process(int socket, IPADDR *ip, const char *user,
+MasterReplyResult create_imap_process(int socket, IPADDR *ip,
+				      const char *system_user,
+				      const char *virtual_user,
 				      uid_t uid, gid_t gid, const char *home,
 				      int chroot, const char *env[])
 {
@@ -165,10 +167,12 @@
 	if (!found_mail && set_default_mail_env != NULL) {
 		const char *mail;
 
-		mail = expand_mail_env(set_default_mail_env, user, home);
+		mail = expand_mail_env(set_default_mail_env,
+				       virtual_user, home);
 		env_put(t_strconcat("MAIL=", mail, NULL));
 	}
 
+	env_put(t_strconcat("USER=", virtual_user, NULL));
 	env_put(t_strconcat("HOME=", home, NULL));
 	env_put(t_strconcat("MAIL_CACHE_FIELDS=", set_mail_cache_fields, NULL));
 	env_put(t_strconcat("MAIL_NEVER_CACHE_FIELDS=",
@@ -197,13 +201,13 @@
 		env_put("MBOX_READ_DOTLOCK=1");
 
 	if (set_verbose_proctitle && net_ip2host(ip, host) == 0) {
-		i_snprintf(title, sizeof(title), "[%s %s]", user, host);
+		i_snprintf(title, sizeof(title), "[%s %s]", virtual_user, host);
 		argv[2] = title;
 	}
 
 	/* setup access environment - needs to be done after
 	   clean_child_process() since it clears environment */
-	restrict_access_set_env(user, uid, gid, chroot ? home : NULL);
+	restrict_access_set_env(system_user, uid, gid, chroot ? home : NULL);
 
 	restrict_process_size(set_imap_process_size);
 

Index: login-process.c
===================================================================
RCS file: /home/cvs/dovecot/src/master/login-process.c,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -d -r1.18 -r1.19
--- login-process.c	6 Dec 2002 01:09:23 -0000	1.18
+++ login-process.c	17 Dec 2002 03:00:44 -0000	1.19
@@ -70,7 +70,8 @@
 	else {
 		reply.result = create_imap_process(request->fd,
 						   &request->ip,
-						   cookie_reply->user,
+						   cookie_reply->system_user,
+						   cookie_reply->virtual_user,
 						   cookie_reply->uid,
 						   cookie_reply->gid,
 						   cookie_reply->home,

More information about the dovecot-cvs mailing list