X-Git-Url: http://git.madism.org/?a=blobdiff_plain;f=main-postlicyd.c;h=6e48f58b25adf8918f6d213fededf7f65742c4ba;hb=75e665838fab6bd7f579d8f2802b60435af1c783;hp=4cf059b327dcbcc8bff638675b9564a40bae9446;hpb=4c619131857a40cf59a472fc55257bae4ded12d7;p=apps%2Fpfixtools.git

diff --git a/main-postlicyd.c b/main-postlicyd.c
index 4cf059b..6e48f58 100644
--- a/main-postlicyd.c
+++ b/main-postlicyd.c
@@ -41,6 +41,9 @@
 #include "tokens.h"
 
 #define DAEMON_NAME             "postlicyd"
+#define DEFAULT_PORT            10000
+#define RUNAS_USER              "nobody"
+#define RUNAS_GROUP             "nogroup"
 
 enum smtp_state {
     SMTP_UNKNOWN,
@@ -67,7 +70,7 @@ typedef struct query_t {
     const char *recipient_count;
     const char *client_address;
     const char *client_name;
-    const char *rclient_name;
+    const char *reverse_client_name;
     const char *instance;
 
     /* postfix 2.2+ */
@@ -96,8 +99,8 @@ static int postfix_parsejob(query_t *query, char *p)
         }                                                                    \
     } while (0)
 
-    p_clear(&query, 1);
-    while (p[0] != '\r' || p[1] != '\n') {
+    p_clear(query, 1);
+    while (*p != '\n') {
         char *k, *v;
         int klen, vlen, vtk;
 
@@ -110,10 +113,10 @@ static int postfix_parsejob(query_t *query, char *p)
 
         while (isblank(*p))
             p++;
-        p = strstr(v = p, "\r\n");
-        PARSE_CHECK(p, "could not find final \\r\\n in line");
+        p = strchr(v = p, '\n');
+        PARSE_CHECK(p, "could not find final \\n in line");
         for (vlen = p - v; vlen && isblank(v[vlen]); vlen--);
-        p += 2; /* skip \r\n */
+        p += 1; /* skip \n */
 
         vtk = tokenize(v, vlen);
         switch (tokenize(k, klen)) {
@@ -125,7 +128,7 @@ static int postfix_parsejob(query_t *query, char *p)
             CASE(RECIPIENT_COUNT,     recipient_count);
             CASE(CLIENT_ADDRESS,      client_address);
             CASE(CLIENT_NAME,         client_name);
-            CASE(RCLIENT_NAME,        rclient_name);
+            CASE(REVERSE_CLIENT_NAME, reverse_client_name);
             CASE(INSTANCE,            instance);
             CASE(SASL_METHOD,         sasl_method);
             CASE(SASL_USERNAME,       sasl_username);
@@ -186,6 +189,7 @@ static void *policy_run(int fd, void *data)
 
     buffer_init(&buf);
     for (;;) {
+        ssize_t search_offs = MAX(0, buf.len - 1);
         int nb = buffer_read(&buf, fd, -1);
         const char *eoq;
         query_t q;
@@ -202,15 +206,15 @@ static void *policy_run(int fd, void *data)
             break;
         }
 
-        eoq = strstr(buf.data + MAX(0, buf.len - 3), "\r\n\r\n");
+        eoq = strstr(buf.data + search_offs, "\n\n");
         if (!eoq)
             continue;
 
         if (postfix_parsejob(&q, buf.data) < 0)
             break;
 
-        buffer_consume(&buf, eoq + strlen("\r\n\r\n") - buf.data);
-        if (xwrite(fd, "DUNNO\r\n", strlen("DUNNO\r\n"))) {
+        buffer_consume(&buf, eoq + strlen("\n\n") - buf.data);
+        if (xwrite(fd, "DUNNO\n\n", strlen("DUNNO\n\n"))) {
             UNIXERR("write");
             break;
         }
@@ -225,10 +229,16 @@ static void *policy_run(int fd, void *data)
 
 static int main_initialize(void)
 {
+    struct sigaction sa;
+
     openlog("postlicyd", LOG_PID, LOG_MAIL);
     signal(SIGPIPE, SIG_IGN);
-    signal(SIGINT,  &common_sighandler);
+    sigaction(SIGINT, NULL, &sa);
+    sa.sa_handler = &common_sighandler;
+    sa.sa_flags  &= ~SA_RESTART;
+    sigaction(SIGINT, &sa, NULL);
     signal(SIGTERM, &common_sighandler);
+    signal(SIGHUP,  &common_sighandler);
     signal(SIGSEGV, &common_sighandler);
     syslog(LOG_INFO, "Starting...");
     return 0;
@@ -247,7 +257,9 @@ void usage(void)
     fputs("usage: "DAEMON_NAME" [options] config\n"
           "\n"
           "Options:\n"
+          "    -l <port>    port to listen to\n"
           "    -p <pidfile> file to write our pid to\n"
+          "    -f           stay in foreground\n"
          , stderr);
 }
 
@@ -255,14 +267,26 @@ void usage(void)
 
 int main(int argc, char *argv[])
 {
+    struct sockaddr_in addr = {
+        .sin_family = AF_INET,
+        .sin_addr   = { htonl(INADDR_LOOPBACK) },
+    };
     const char *pidfile = NULL;
+    bool daemonize = true;
+    int port = DEFAULT_PORT;
     int sock = -1;
 
-    for (int c = 0; (c = getopt(argc, argv, "h" "p:")) >= 0; ) {
+    for (int c = 0; (c = getopt(argc, argv, "hf" "l:p:")) >= 0; ) {
         switch (c) {
           case 'p':
             pidfile = optarg;
             break;
+          case 'l':
+            port = atoi(optarg);
+            break;
+          case 'f':
+            daemonize = false;
+            break;
           default:
             usage();
             return EXIT_FAILURE;
@@ -279,13 +303,23 @@ int main(int argc, char *argv[])
         return EXIT_FAILURE;
     }
 
-    if (daemon_detach() < 0) {
+    if (drop_privileges(RUNAS_USER, RUNAS_GROUP) < 0) {
+        syslog(LOG_CRIT, "unable to drop privileges");
+        return EXIT_FAILURE;
+    }
+
+    if (daemonize && daemon_detach() < 0) {
         syslog(LOG_CRIT, "unable to fork");
         return EXIT_FAILURE;
     }
 
     pidfile_refresh();
 
+    addr.sin_port = htons(port);
+    sock = tcp_listen((struct sockaddr *)&addr, sizeof(addr));
+    if (sock < 0)
+        return EXIT_FAILURE;
+
     while (!sigint) {
         int fd = accept(sock, NULL, 0);
         if (fd < 0) {