summaryrefslogtreecommitdiff
path: root/src/common.c
Commit message (Collapse)AuthorAgeFilesLines
* The start of a setuptools conversion. All the Makefile.in and autoconfBarry Warsaw2007-07-131-306/+0
| | | | artifacts are removed, as is the C files which we will no longer need.
* Update copyright years.bwarsaw2007-01-191-1/+1
|
* Port cleaning changes forward from 2.1-maint branch.bwarsaw2005-12-301-39/+41
|
* Correct error message when callers group ID - getgid() - is not registeredmsapiro2005-11-031-5/+10
|
* FSF office has moved. chdcking in for MAIN branch.tkikuchi2005-08-271-1/+1
|
* fatal(): Change the signature of vsnprintf() in the case of using thebwarsaw2002-09-051-1/+1
| | | | GNU version.
* Patch set for SF bug #596565. Use symbolic user/group names insteadbwarsaw2002-08-231-149/+174
| | | | | | | | | | | | | | | of numeric ids. Initial idea and patch by Todd Vierling, fleshed out by Barry. Specific changes here: check_caller(): The second argument now is a const char* instead of a GID_T, since it takes a group name not an id. Also, significantly rewrote the error messages that get logged when a group mismatch (or other error) occurs. Hopefully now when errors do occur, they'll be much easier to understand because they'll actually give the suggested configure options to fix the problem.
* Update copyright years.bwarsaw2002-03-161-1/+1
|
* In the definition of LOG_IDENT and SCRIPTDIR, don't try to glue stringtwouters2001-05-291-1/+1
| | | | | | | | literals together with ##. That's not what ## is for; ## is to glue together stringified versions of tokens. The fact that it worked was a bug in GCC. Thanx to Jeff Dairiki for reminding me to take care of this. This fixes SF bug #227694.
* Noam Zeilberger correctly notices that the prototype for vsnprintf()bwarsaw2000-11-091-1/+1
| | | | is incorrect. This closes SF bug #121185
* A couple of notes for laterbwarsaw2000-09-291-0/+8
|
* run_script(): Generalize the filtering out of environment variables.bwarsaw2000-09-271-6/+27
| | | | | | We now discard $PYTHONHOME and $PATH as well as the previously discarded $PYTHONPATH (which we later hand craft). Just a bit of extra paranoia.
* fatal(): Close SF bug #110401 and potential local security hole bybwarsaw2000-08-021-2/+2
| | | | | | formatting user supplied input. Also added newlines to both stderr and syslog output for more consistent formatting. Reported by Stan Bubrouski.
* fatal(): When not running as a CGI (e.g. when running at the mailbwarsaw2000-05-221-0/+5
| | | | | | wrapper), simply print the log_entry information to stderr. Most MTAs will include this in their bounce message, which will be helpful for debugging.
* Update the copyright lines to include the years 1999 & 2000.bwarsaw2000-03-211-1/+1
|
* check_caller(): Get the gid_t type from configure. Also use %ld tobwarsaw1999-12-121-4/+4
| | | | print the gid values.
* Invoke Python with -S option, which avoids the "import site". Thisbwarsaw1999-10-291-10/+13
| | | | | speeds up invocation of the executable considerably by eliminating tons of stats and other computation.
* fatal() no longer has "const char*" as third arg prototype. Didn'tbwarsaw1999-07-121-1/+7
| | | | | | | work well with our own vsnprintf(). When the system doesn't have vsnprintf() -- as determined by autoconf -- provide a definition for the one our own vsnprintf.c
* fatal(): Use vsnprintf() to avoid potential buffer overflowbwarsaw1999-07-021-2/+4
| | | | vulnerability (PR#72)
* Stole GNU sh-utils-1.16 configure.in code to check for syslog()hmeland1999-05-231-0/+2
| | | | | | | | outside of the default libs. Ran autoconf (from autoconf-2.13) to update configure. src/common.[ch] now has #ifdefs around syslog-using code -- thus, Mailman will compile, but _without any syslog calls_ if configure couldn't find syslog().
* run_script(): When filtering out PYTHONPATH from environment, wrongbwarsaw1999-04-091-1/+1
| | | | | indices were used. Found by Alexander (Leo) Bergolth <leo@strike.wu-wien.ac.at>
* fatal(): now takes a new second argument which is the integer code tobwarsaw1999-02-271-9/+10
| | | | | | | | | | use in the exit() call. Useful for debugging. check_caller(): Use GID_MISMATCH as fatal exit code. run_script(): If setregid() returns !0, use SETREGID_FAILURE as fatal exit code. Also, it is always an error for execve() to return. Return EXECVE_FAILURE from this function.
* Hi, everybody :-)hmeland1999-02-251-3/+0
| | | | | | | The extern declaration of logident belongs in common.h, not common.c. [ Besides, I needed a pretty safe thing to patch for testing that I can actually do CVS checkins properly. Hopefully this turns out right... ]
* (logident): extern needed to reference this global from one of thebwarsaw1999-02-251-0/+3
| | | | wrappers
* check_caller(): Call getgid() once and cache its value.bwarsaw1999-02-191-2/+15
| | | | | | | | | | | run_script(): Use setregid() copy the effective gid into the real gid. This works around a problem on some Linux versions where the effective gid was not being inherited across popen() calls. Should not affect other systems. Note: this is wrapped in a HAVE_SETREGID determined by configure. If the same affected machines don't have this call (unlikely?) then they can still be broken.
* Somewhat kludgy changes to make debugging mismatching CGI gid's easierbwarsaw1999-01-071-0/+27
| | | | | | | | | | | | | | | | | | | | to figure out. common.c now sports a global variable running_as_cgi which, when true causes fatal() to output some mildly more helpful HTML in addition to the syslog entry. Since this usually only occurs when the site admin is installing Mailman, this helpful HTML should give a better clue as to what's going wrong, rather than an unhelpful Web server message and syslog entry alone. Naturally, main() in cgi-wrapper.c sets running_as_cgi to 1; it is initialized to 0 so as to not upset mail-wrapper.c. Finally, because I think this is a kludge, I've wrapped this all in an #ifdef HELPFUL, and set Makefile.in to turn this on by default. My thought is that for some future version, if the site admin specifies --with-cgi-gid to configure, that proves they're somewhat clueful, and we'd default the HELPFUL macro to "off".
* Minor formatting changesbwarsaw1998-08-051-2/+2
|
* Minor formatting changesbwarsaw1998-08-051-4/+2
|
* prefixdir isn't used anywherebwarsaw1998-07-211-1/+0
|
* Put only $prefix on PYTHONPATH, not $prefix/Mailman. This means thatbwarsaw1998-06-191-1/+1
| | | | only the package path will be used from now on.
* strerror(): Wrap in standard autoconf generated HAVE_STRERROR ifdefs.bwarsaw1998-06-051-25/+23
| | | | Slight reformatting. Moved to top of file.
* I added a strerror() function to common.h, wrapped in an #ifdef forviega1998-06-041-0/+25
| | | | | | | | NEED_STRERROR. I looked at configure.in, I think I could add the right stuff. However, I'd need to download autoconf and read the docs to generate the configure script, so I think I'll just leave this one to Barry for the time being, if he doesn't mind :)
* check_caller(): Removed test for UID. We now only check for GIDbwarsaw1998-06-011-8/+1
| | | | matches. Fix the prototype, remove macros from C files.
* I changed the "wrong UID/GID" error messages that go to syslog to makeviega1998-05-311-5/+7
| | | | | | them more explicit. Both myself and my test user got confused the first time, and tried to reconfigure with the GID it was already configured with.
* Several important changes.bwarsaw1998-05-261-0/+171
1. For mail-wrapper.c and cgi-wrapper.c, most common routines have been moved to common.c. While there were some differences in the way these two wrappers worked (most notably in the error handling and reporting when UID's and GID's didn't match), they were easily merged. Fatal errors now always syslog and exit(1). 2. The exec*() call for running the new process has been changed and made consistent. For improved security, the absolute path to the Python interpreter (as discovered by configure) is compiled into these programs, and the environment variable PYTHONPATH is set to include only the absolute path the the installed Mailman package ($prefix/Mailman). Scripts are invoked by exec'ing the Python interpreter with the first argument being the absolute path to the script to run, along with any additional arguments on argc/argv. See the function run_script() in common.c for details. 3. alias-wrapper.c has not yet been fully merged. I gathered from Ken that it doesn't work completely well anyway. 4. check_caller() in common.c still checks the gid, but as we discussed before, this may be redundant. I wanted one check-in with a history of this feature first though. 5. Added an Emacs turd at the end of all files so that the C code will be edited using Python's standard C style. Reformatted existing code. 6. Removed pseudo-log history from comments at top of files.
generated by cgit v1.2.3-70-g09d2 (git 2.51.2) at 2025-11-09 07:20:04 +0000