when enqueueing offline mails from within the daemon session, we should not

rely on getlogin() otherwise mail will end up enqueued as coming from user
who started smtpd.

bug spotted by deraadt@, diff ok todd@

diff --git a/usr.sbin/smtpd/enqueue.c b/usr.sbin/smtpd/enqueue.c
index 8ebec7a..b828b9b 100644 (file)
--- a/usr.sbin/smtpd/enqueue.c
+++ b/usr.sbin/smtpd/enqueue.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: enqueue.c,v 1.88 2014/11/12 10:28:07 gilles Exp $     */
+/*     $OpenBSD: enqueue.c,v 1.89 2015/01/15 09:05:37 gilles Exp $     */
 
 /*
  * Copyright (c) 2005 Henning Brauer <henning@bulabula.org>
@@ -176,6 +176,7 @@ enqueue(int argc, char *argv[])
        int                      inheaders = 0;
        int                      save_argc;
        char                    **save_argv;
+       int                      no_getlogin = 0;
 
        memset(&msg, 0, sizeof(msg));
        time(&timestamp);
@@ -184,7 +185,7 @@ enqueue(int argc, char *argv[])
        save_argv = argv;
 
        while ((ch = getopt(argc, argv,
-           "A:B:b:E::e:F:f:iJ::L:mN:o:p:qR:tvV:x")) != -1) {
+           "A:B:b:E::e:F:f:iJ::L:mN:o:p:qRS:tvV:x")) != -1) {
                switch (ch) {
                case 'f':
                        fake_from = optarg;
@@ -198,6 +199,9 @@ enqueue(int argc, char *argv[])
                case 'R':
                        msg.dsn_ret = optarg;
                        break;
+               case 'S':
+                       no_getlogin = 1;
+                       break;
                case 't':
                        tflag = 1;
                        break;
@@ -233,11 +237,19 @@ enqueue(int argc, char *argv[])
 
        if (getmailname(host, sizeof(host)) == -1)
                err(EX_NOHOST, "getmailname");
-       if ((user = getlogin()) != NULL && *user != '\0')
-               pw = getpwnam(user);
-       else if ((pw = getpwuid(getuid())) == NULL)
-               user = "anonymous";
-       user = xstrdup(pw ? pw->pw_name : user, "enqueue");
+       if (no_getlogin) {
+               if ((pw = getpwuid(getuid())) == NULL)
+                       user = "anonymous";
+               if (pw != NULL)
+                       user = xstrdup(pw->pw_name, "enqueue");
+       }
+       else {
+               if ((user = getlogin()) != NULL && *user != '\0')
+                       pw = getpwnam(user);
+               else if ((pw = getpwuid(getuid())) == NULL)
+                       user = "anonymous";
+               user = xstrdup(pw ? pw->pw_name : user, "enqueue");
+       }
 
        build_from(fake_from, pw);
 

diff --git a/usr.sbin/smtpd/smtpd.c b/usr.sbin/smtpd/smtpd.c
index 5b118d3..9ba5fdf 100644 (file)
--- a/usr.sbin/smtpd/smtpd.c
+++ b/usr.sbin/smtpd/smtpd.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: smtpd.c,v 1.235 2014/08/25 07:50:26 doug Exp $        */
+/*     $OpenBSD: smtpd.c,v 1.236 2015/01/15 09:05:37 gilles Exp $      */
 
 /*
  * Copyright (c) 2008 Gilles Chehade <gilles@poolp.org>
@@ -1116,6 +1116,7 @@ offline_enqueue(char *name)
                p[len - 1] = '\0';
 
                addargs(&args, "%s", "sendmail");
+               addargs(&args, "%s", "-S");
 
                while ((tmp = strsep(&p, "|")) != NULL)
                        addargs(&args, "%s", tmp);