From 2a157de52c48eeb47f26443c07ed77273f35729d Mon Sep 17 00:00:00 2001 From: gilles Date: Thu, 15 Jan 2015 09:05:37 +0000 Subject: [PATCH] when enqueueing offline mails from within the daemon session, we should not rely on getlogin() otherwise mail will end up enqueued as coming from user who started smtpd. bug spotted by deraadt@, diff ok todd@ --- usr.sbin/smtpd/enqueue.c | 26 +++++++++++++++++++------- usr.sbin/smtpd/smtpd.c | 3 ++- 2 files changed, 21 insertions(+), 8 deletions(-) diff --git a/usr.sbin/smtpd/enqueue.c b/usr.sbin/smtpd/enqueue.c index 8ebec7a5681..b828b9bb44c 100644 --- a/usr.sbin/smtpd/enqueue.c +++ b/usr.sbin/smtpd/enqueue.c @@ -1,4 +1,4 @@ -/* $OpenBSD: enqueue.c,v 1.88 2014/11/12 10:28:07 gilles Exp $ */ +/* $OpenBSD: enqueue.c,v 1.89 2015/01/15 09:05:37 gilles Exp $ */ /* * Copyright (c) 2005 Henning Brauer @@ -176,6 +176,7 @@ enqueue(int argc, char *argv[]) int inheaders = 0; int save_argc; char **save_argv; + int no_getlogin = 0; memset(&msg, 0, sizeof(msg)); time(×tamp); @@ -184,7 +185,7 @@ enqueue(int argc, char *argv[]) save_argv = argv; while ((ch = getopt(argc, argv, - "A:B:b:E::e:F:f:iJ::L:mN:o:p:qR:tvV:x")) != -1) { + "A:B:b:E::e:F:f:iJ::L:mN:o:p:qRS:tvV:x")) != -1) { switch (ch) { case 'f': fake_from = optarg; @@ -198,6 +199,9 @@ enqueue(int argc, char *argv[]) case 'R': msg.dsn_ret = optarg; break; + case 'S': + no_getlogin = 1; + break; case 't': tflag = 1; break; @@ -233,11 +237,19 @@ enqueue(int argc, char *argv[]) if (getmailname(host, sizeof(host)) == -1) err(EX_NOHOST, "getmailname"); - if ((user = getlogin()) != NULL && *user != '\0') - pw = getpwnam(user); - else if ((pw = getpwuid(getuid())) == NULL) - user = "anonymous"; - user = xstrdup(pw ? pw->pw_name : user, "enqueue"); + if (no_getlogin) { + if ((pw = getpwuid(getuid())) == NULL) + user = "anonymous"; + if (pw != NULL) + user = xstrdup(pw->pw_name, "enqueue"); + } + else { + if ((user = getlogin()) != NULL && *user != '\0') + pw = getpwnam(user); + else if ((pw = getpwuid(getuid())) == NULL) + user = "anonymous"; + user = xstrdup(pw ? pw->pw_name : user, "enqueue"); + } build_from(fake_from, pw); diff --git a/usr.sbin/smtpd/smtpd.c b/usr.sbin/smtpd/smtpd.c index 5b118d32c46..9ba5fdfa0a3 100644 --- a/usr.sbin/smtpd/smtpd.c +++ b/usr.sbin/smtpd/smtpd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: smtpd.c,v 1.235 2014/08/25 07:50:26 doug Exp $ */ +/* $OpenBSD: smtpd.c,v 1.236 2015/01/15 09:05:37 gilles Exp $ */ /* * Copyright (c) 2008 Gilles Chehade @@ -1116,6 +1116,7 @@ offline_enqueue(char *name) p[len - 1] = '\0'; addargs(&args, "%s", "sendmail"); + addargs(&args, "%s", "-S"); while ((tmp = strsep(&p, "|")) != NULL) addargs(&args, "%s", tmp); -- 2.20.1