GCC Code Coverage Report
Directory: ./ Exec Total Coverage
File: libexec/comsat/comsat.c Lines: 0 154 0.0 %
Date: 2017-11-13 Branches: 0 86 0.0 %

Line Branch Exec Source
1
/*	$OpenBSD: comsat.c,v 1.48 2017/04/03 17:23:39 tedu Exp $	*/
2
3
/*
4
 * Copyright (c) 1980, 1993
5
 *	The Regents of the University of California.  All rights reserved.
6
 *
7
 * Redistribution and use in source and binary forms, with or without
8
 * modification, are permitted provided that the following conditions
9
 * are met:
10
 * 1. Redistributions of source code must retain the above copyright
11
 *    notice, this list of conditions and the following disclaimer.
12
 * 2. Redistributions in binary form must reproduce the above copyright
13
 *    notice, this list of conditions and the following disclaimer in the
14
 *    documentation and/or other materials provided with the distribution.
15
 * 3. Neither the name of the University nor the names of its contributors
16
 *    may be used to endorse or promote products derived from this software
17
 *    without specific prior written permission.
18
 *
19
 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
20
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
23
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29
 * SUCH DAMAGE.
30
 */
31
32
#include <sys/limits.h>
33
#include <sys/socket.h>
34
#include <sys/stat.h>
35
#include <sys/wait.h>
36
37
#include <netinet/in.h>
38
39
#include <ctype.h>
40
#include <errno.h>
41
#include <fcntl.h>
42
#include <netdb.h>
43
#include <limits.h>
44
#include <paths.h>
45
#include <pwd.h>
46
#include <signal.h>
47
#include <stdio.h>
48
#include <stdlib.h>
49
#include <string.h>
50
#include <syslog.h>
51
#include <termios.h>
52
#include <unistd.h>
53
#include <utmp.h>
54
#include <vis.h>
55
#include <err.h>
56
57
int	debug = 0;
58
#define	dsyslog	if (debug) syslog
59
60
#define MAXIDLE	120
61
62
char	hostname[HOST_NAME_MAX+1];
63
struct	utmp *utmp = NULL;
64
time_t	lastmsgtime;
65
int	nutmp, uf;
66
67
void jkfprintf(FILE *, char[], off_t);
68
void mailfor(char *);
69
void notify(struct utmp *, off_t);
70
void readutmp(int);
71
void doreadutmp(void);
72
void reapchildren(int);
73
74
volatile sig_atomic_t wantreadutmp;
75
76
int
77
main(int argc, char *argv[])
78
{
79
	struct sockaddr_storage from;
80
	struct sigaction sa;
81
	ssize_t cc;
82
	socklen_t fromlen;
83
	char msgbuf[100];
84
	sigset_t sigset;
85
86
	/* verify proper invocation */
87
	fromlen = sizeof(from);
88
	if (getsockname(0, (struct sockaddr *)&from, &fromlen) == -1) {
89
		(void)fprintf(stderr,
90
		    "comsat: getsockname: %s.\n", strerror(errno));
91
		exit(1);
92
	}
93
94
	if (pledge("stdio rpath wpath proc tty flock cpath", NULL) == -1)
95
		err(1, "pledge");
96
97
	openlog("comsat", LOG_PID, LOG_DAEMON);
98
	if (chdir(_PATH_MAILDIR)) {
99
		syslog(LOG_ERR, "chdir: %s: %m", _PATH_MAILDIR);
100
		(void) recv(0, msgbuf, sizeof(msgbuf) - 1, 0);
101
		exit(1);
102
	}
103
	if ((uf = open(_PATH_UTMP, O_RDONLY)) == -1) {
104
		syslog(LOG_ERR, "open: %s: %m", _PATH_UTMP);
105
		(void) recv(0, msgbuf, sizeof(msgbuf) - 1, 0);
106
		exit(1);
107
	}
108
	(void)time(&lastmsgtime);
109
	(void)gethostname(hostname, sizeof(hostname));
110
	doreadutmp();
111
112
	(void)signal(SIGTTOU, SIG_IGN);
113
114
	bzero(&sa, sizeof sa);
115
	sigemptyset(&sa.sa_mask);
116
	sa.sa_handler = readutmp;
117
	sa.sa_flags = 0;			/* no SA_RESTART */
118
	(void)sigaction(SIGALRM, &sa, NULL);
119
120
	sa.sa_handler = reapchildren;
121
	sa.sa_flags = SA_RESTART;
122
	(void)sigaction(SIGCHLD, &sa, NULL);
123
124
	for (;;) {
125
		if (wantreadutmp) {
126
			wantreadutmp = 0;
127
			doreadutmp();
128
		}
129
130
		cc = recv(0, msgbuf, sizeof(msgbuf) - 1, 0);
131
		if (cc <= 0) {
132
			if (errno != EINTR)
133
				sleep(1);
134
			continue;
135
		}
136
		if (!nutmp)		/* no one has logged in yet */
137
			continue;
138
		sigemptyset(&sigset);
139
		sigaddset(&sigset, SIGALRM);
140
		sigprocmask(SIG_SETMASK, &sigset, NULL);
141
		msgbuf[cc] = '\0';
142
		(void)time(&lastmsgtime);
143
		mailfor(msgbuf);
144
		sigemptyset(&sigset);
145
		sigprocmask(SIG_SETMASK, &sigset, NULL);
146
	}
147
}
148
149
/* ARGSUSED */
150
void
151
reapchildren(int signo)
152
{
153
	int save_errno = errno;
154
155
	while (wait3(NULL, WNOHANG, NULL) > 0)
156
		;
157
	errno = save_errno;
158
}
159
160
/* ARGSUSED */
161
void
162
readutmp(int signo)
163
{
164
	wantreadutmp = 1;
165
}
166
167
void
168
doreadutmp(void)
169
{
170
	static u_int utmpsize;		/* last malloced size for utmp */
171
	static time_t utmpmtime;	/* last modification time for utmp */
172
	struct stat statbf;
173
	int n;
174
175
	if (time(NULL) - lastmsgtime >= MAXIDLE)
176
		exit(0);
177
	(void)fstat(uf, &statbf);
178
	if (statbf.st_mtime > utmpmtime) {
179
		utmpmtime = statbf.st_mtime;
180
		/* avoid int overflow */
181
		if (statbf.st_size > INT_MAX - 10 * sizeof(struct utmp)) {
182
			syslog(LOG_ALERT, "utmp file excessively large");
183
			exit(1);
184
		}
185
		if (statbf.st_size > utmpsize) {
186
			u_int nutmpsize = statbf.st_size + 10 *
187
			    sizeof(struct utmp);
188
			struct utmp *u;
189
190
			if ((u = recallocarray(utmp, utmpsize,
191
			    nutmpsize, 1)) == NULL) {
192
				free(utmp);
193
				syslog(LOG_ERR, "%s", strerror(errno));
194
				exit(1);
195
			}
196
			utmp = u;
197
			utmpsize = nutmpsize;
198
		}
199
		n = pread(uf, utmp, statbf.st_size, 0);
200
		if (n == -1)
201
			n = 0;
202
		nutmp = n / sizeof(struct utmp);
203
		dsyslog(LOG_DEBUG, "read %d utmp entries", nutmp);
204
	}
205
	(void)alarm(15);
206
}
207
208
void
209
mailfor(char *name)
210
{
211
	struct utmp *utp = &utmp[nutmp];
212
	char utname[UT_NAMESIZE+1];
213
	const char *errstr;
214
	char *cp;
215
	off_t offset;
216
217
	dsyslog(LOG_DEBUG, "mail for '%s'", name);
218
	if (!(cp = strchr(name, '@')))
219
		return;
220
	*cp++ = '\0';
221
	cp[strcspn(cp, " \t\n")] = '\0';
222
	offset = strtonum(cp, 0, LLONG_MAX, &errstr);
223
	if (errstr) {
224
		syslog(LOG_ERR, "'%s' is %s", cp + 1, errstr);
225
		return;
226
	}
227
	while (--utp >= utmp) {
228
		memcpy(utname, utp->ut_name, UT_NAMESIZE);
229
		utname[UT_NAMESIZE] = '\0';
230
		dsyslog(LOG_DEBUG, "check %s against %s", name, utname);
231
		if (!strncmp(utname, name, UT_NAMESIZE))
232
			notify(utp, offset);
233
	}
234
}
235
236
static char *cr;
237
238
void
239
notify(struct utmp *utp, off_t offset)
240
{
241
	int fd;
242
	FILE *tp;
243
	struct stat stb;
244
	struct termios ttybuf;
245
	char tty[PATH_MAX], name[UT_NAMESIZE + 1];
246
247
	(void)snprintf(tty, sizeof(tty), "%s%.*s",
248
	    _PATH_DEV, (int)sizeof(utp->ut_line), utp->ut_line);
249
	if (strchr(tty + sizeof(_PATH_DEV) - 1, '/')) {
250
		/* A slash is an attempt to break security... */
251
		syslog(LOG_AUTH | LOG_NOTICE, "'/' in \"%s\"", tty);
252
		return;
253
	}
254
	if (stat(tty, &stb) || !(stb.st_mode & S_IEXEC)) {
255
		dsyslog(LOG_DEBUG, "%.*s: wrong mode on %s",
256
		    (int)sizeof(utp->ut_name), utp->ut_name, tty);
257
		return;
258
	}
259
	dsyslog(LOG_DEBUG, "notify %.*s on %s", (int)sizeof(utp->ut_name),
260
	    utp->ut_name, tty);
261
	if (fork())
262
		return;
263
	(void)signal(SIGALRM, SIG_DFL);
264
	(void)alarm(30);
265
	fd = open(tty, O_WRONLY);
266
	if (fd == -1 || (tp = fdopen(fd, "w")) == NULL) {
267
		dsyslog(LOG_ERR, "%s: %s", tty, strerror(errno));
268
		_exit(1);
269
	}
270
	(void)tcgetattr(fileno(tp), &ttybuf);
271
	cr = (ttybuf.c_oflag & ONLCR) && (ttybuf.c_oflag & OPOST) ?
272
	    "\n" : "\n\r";
273
	memcpy(name, utp->ut_name, UT_NAMESIZE);
274
	name[UT_NAMESIZE] = '\0';
275
	(void)fprintf(tp, "%s\007New mail for %s@%.*s\007 has arrived:%s----%s",
276
	    cr, name, (int)sizeof(hostname), hostname, cr, cr);
277
	jkfprintf(tp, name, offset);
278
	(void)fclose(tp);
279
	_exit(0);
280
}
281
282
void
283
jkfprintf(FILE *tp, char name[], off_t offset)
284
{
285
	char *cp, ch;
286
	char visout[5], *s2;
287
	FILE *fi;
288
	int linecnt, charcnt, inheader;
289
	char line[BUFSIZ];
290
291
	if ((fi = fopen(name, "r")) == NULL)
292
		return;
293
294
	(void)fseeko(fi, offset, SEEK_SET);
295
	/*
296
	 * Print the first 7 lines or 560 characters of the new mail
297
	 * (whichever comes first).  Skip header crap other than
298
	 * From, Subject, To, and Date.
299
	 */
300
	linecnt = 7;
301
	charcnt = 560;
302
	inheader = 1;
303
	while (fgets(line, sizeof(line), fi) != NULL) {
304
		if (inheader) {
305
			if (line[0] == '\n') {
306
				inheader = 0;
307
				continue;
308
			}
309
			if (line[0] == ' ' || line[0] == '\t' ||
310
			    (strncmp(line, "From:", 5) &&
311
			    strncmp(line, "Subject:", 8)))
312
				continue;
313
		}
314
		if (linecnt <= 0 || charcnt <= 0) {
315
			(void)fprintf(tp, "...more...%s", cr);
316
			(void)fclose(fi);
317
			return;
318
		}
319
		/* strip weird stuff so can't trojan horse stupid terminals */
320
		for (cp = line; (ch = *cp) && ch != '\n'; ++cp, --charcnt) {
321
			ch = toascii(ch);
322
			vis(visout, ch, VIS_SAFE|VIS_NOSLASH, cp[1]);
323
			for (s2 = visout; *s2; s2++)
324
				(void)fputc(*s2, tp);
325
		}
326
		(void)fputs(cr, tp);
327
		--linecnt;
328
	}
329
	(void)fprintf(tp, "----%s\n", cr);
330
	(void)fclose(fi);
331
}