xref: /openbsd-src/libexec/comsat/comsat.c (revision db3296cf5c1dd9058ceecc3a29fe4aaa0bd26000) 
1 /*	$OpenBSD: comsat.c,v 1.28 2003/06/19 22:35:34 deraadt Exp $	*/
2 
3 /*
4  * Copyright (c) 1980, 1993
5  *	The Regents of the University of California.  All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  * 2. Redistributions in binary form must reproduce the above copyright
13  *    notice, this list of conditions and the following disclaimer in the
14  *    documentation and/or other materials provided with the distribution.
15  * 3. Neither the name of the University nor the names of its contributors
16  *    may be used to endorse or promote products derived from this software
17  *    without specific prior written permission.
18  *
19  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
20  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
23  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29  * SUCH DAMAGE.
30  */
31 
32 #ifndef lint
33 static char copyright[] =
34 "@(#) Copyright (c) 1980, 1993\n\
35 	The Regents of the University of California.  All rights reserved.\n";
36 #endif /* not lint */
37 
38 #ifndef lint
39 /*static char sccsid[] = "from: @(#)comsat.c	8.1 (Berkeley) 6/4/93";*/
40 static char rcsid[] = "$OpenBSD: comsat.c,v 1.28 2003/06/19 22:35:34 deraadt Exp $";
41 #endif /* not lint */
42 
43 #include <sys/limits.h>
44 #include <sys/param.h>
45 #include <sys/socket.h>
46 #include <sys/stat.h>
47 #include <sys/wait.h>
48 
49 #include <netinet/in.h>
50 
51 #include <ctype.h>
52 #include <errno.h>
53 #include <fcntl.h>
54 #include <netdb.h>
55 #include <paths.h>
56 #include <pwd.h>
57 #include <signal.h>
58 #include <stdio.h>
59 #include <stdlib.h>
60 #include <string.h>
61 #include <syslog.h>
62 #include <termios.h>
63 #include <unistd.h>
64 #include <utmp.h>
65 #include <vis.h>
66 
67 int	debug = 0;
68 #define	dsyslog	if (debug) syslog
69 
70 #define MAXIDLE	120
71 
72 char	hostname[MAXHOSTNAMELEN];
73 struct	utmp *utmp = NULL;
74 time_t	lastmsgtime;
75 int	nutmp, uf;
76 
77 void jkfprintf(FILE *, char[], off_t);
78 void mailfor(char *);
79 void notify(struct utmp *, off_t);
80 void readutmp(int);
81 void doreadutmp(void);
82 void reapchildren(int);
83 
84 volatile sig_atomic_t wantreadutmp;
85 
86 int
87 main(int argc, char *argv[])
88 {
89 	struct sockaddr_storage from;
90 	struct sigaction sa;
91 	int cc;
92 	socklen_t fromlen;
93 	char msgbuf[100];
94 	sigset_t sigset;
95 
96 	/* verify proper invocation */
97 	fromlen = sizeof(from);
98 	if (getsockname(0, (struct sockaddr *)&from, &fromlen) < 0) {
99 		(void)fprintf(stderr,
100 		    "comsat: getsockname: %s.\n", strerror(errno));
101 		exit(1);
102 	}
103 	openlog("comsat", LOG_PID, LOG_DAEMON);
104 	if (chdir(_PATH_MAILDIR)) {
105 		syslog(LOG_ERR, "chdir: %s: %m", _PATH_MAILDIR);
106 		(void) recv(0, msgbuf, sizeof(msgbuf) - 1, 0);
107 		exit(1);
108 	}
109 	if ((uf = open(_PATH_UTMP, O_RDONLY, 0)) < 0) {
110 		syslog(LOG_ERR, "open: %s: %m", _PATH_UTMP);
111 		(void) recv(0, msgbuf, sizeof(msgbuf) - 1, 0);
112 		exit(1);
113 	}
114 	(void)time(&lastmsgtime);
115 	(void)gethostname(hostname, sizeof(hostname));
116 	doreadutmp();
117 
118 	(void)signal(SIGTTOU, SIG_IGN);
119 
120 	bzero(&sa, sizeof sa);
121 	sigemptyset(&sa.sa_mask);
122 	sa.sa_handler = readutmp;
123 	sa.sa_flags = 0;			/* no SA_RESTART */
124 	(void)sigaction(SIGALRM, &sa, NULL);
125 
126 	sa.sa_handler = reapchildren;
127 	sa.sa_flags = SA_RESTART;
128 	(void)sigaction(SIGCHLD, &sa, NULL);
129 
130 	for (;;) {
131 		if (wantreadutmp) {
132 			doreadutmp();
133 			wantreadutmp = 0;
134 		}
135 
136 		cc = recv(0, msgbuf, sizeof(msgbuf) - 1, 0);
137 		if (cc <= 0) {
138 			if (errno != EINTR)
139 				sleep(1);
140 			continue;
141 		}
142 		if (!nutmp)		/* no one has logged in yet */
143 			continue;
144 		sigemptyset(&sigset);
145 		sigaddset(&sigset, SIGALRM);
146 		sigprocmask(SIG_SETMASK, &sigset, NULL);
147 		msgbuf[cc] = '\0';
148 		(void)time(&lastmsgtime);
149 		mailfor(msgbuf);
150 		sigemptyset(&sigset);
151 		sigprocmask(SIG_SETMASK, &sigset, NULL);
152 	}
153 }
154 
155 void
156 reapchildren(int signo)
157 {
158 	int save_errno = errno;
159 
160 	while (wait3(NULL, WNOHANG, NULL) > 0)
161 		;
162 	errno = save_errno;
163 }
164 
165 void
166 readutmp(int signo)
167 {
168 	wantreadutmp = 1;
169 }
170 
171 void
172 doreadutmp(void)
173 {
174 	static u_int utmpsize;		/* last malloced size for utmp */
175 	static u_int utmpmtime;		/* last modification time for utmp */
176 	struct stat statbf;
177 
178 	if (time(NULL) - lastmsgtime >= MAXIDLE)
179 		exit(0);
180 	(void)fstat(uf, &statbf);
181 	if (statbf.st_mtime > utmpmtime) {
182 		utmpmtime = statbf.st_mtime;
183 		/* avoid int overflow */
184 		if (statbf.st_size > INT_MAX - 10 * sizeof(struct utmp)) {
185 			syslog(LOG_ALERT, "utmp file excessively large");
186 			exit(1);
187 		}
188 		if (statbf.st_size > utmpsize) {
189 			utmpsize = statbf.st_size + 10 * sizeof(struct utmp);
190 			if ((utmp = realloc(utmp, utmpsize)) == NULL) {
191 				syslog(LOG_ERR, "%s", strerror(errno));
192 				exit(1);
193 			}
194 		}
195 		(void)lseek(uf, (off_t)0, SEEK_SET);
196 		nutmp = read(uf, utmp, (int)statbf.st_size)/sizeof(struct utmp);
197 	}
198 	(void)alarm((u_int)15);
199 }
200 
201 void
202 mailfor(char *name)
203 {
204 	struct utmp *utp = &utmp[nutmp];
205 	char utname[UT_NAMESIZE+1];
206 	char *cp;
207 	off_t offset;
208 
209 	if (!(cp = strchr(name, '@')))
210 		return;
211 	*cp = '\0';
212 	offset = atoi(cp + 1);
213 	while (--utp >= utmp) {
214 		memcpy(utname, utp->ut_name, UT_NAMESIZE);
215 		utname[sizeof(utname)-1] = '\0';
216 		if (!strncmp(utname, name, UT_NAMESIZE))
217 			notify(utp, offset);
218 	}
219 }
220 
221 static char *cr;
222 
223 void
224 notify(struct utmp *utp, off_t offset)
225 {
226 	FILE *tp;
227 	struct stat stb;
228 	struct termios ttybuf;
229 	char tty[MAXPATHLEN], name[UT_NAMESIZE + 1];
230 
231 	(void)snprintf(tty, sizeof(tty), "%s%.*s",
232 	    _PATH_DEV, (int)sizeof(utp->ut_line), utp->ut_line);
233 	if (strchr(tty + sizeof(_PATH_DEV) - 1, '/')) {
234 		/* A slash is an attempt to break security... */
235 		syslog(LOG_AUTH | LOG_NOTICE, "'/' in \"%s\"", tty);
236 		return;
237 	}
238 	if (stat(tty, &stb) || !(stb.st_mode & S_IEXEC)) {
239 		dsyslog(LOG_DEBUG, "%.*s: wrong mode on %s",
240 		    (int)sizeof(utp->ut_name), utp->ut_name, tty);
241 		return;
242 	}
243 	dsyslog(LOG_DEBUG, "notify %.*s on %s", (int)sizeof(utp->ut_name),
244 	    utp->ut_name, tty);
245 	if (fork())
246 		return;
247 	(void)signal(SIGALRM, SIG_DFL);
248 	(void)alarm((u_int)30);
249 	if ((tp = fopen(tty, "w")) == NULL) {
250 		dsyslog(LOG_ERR, "%s: %s", tty, strerror(errno));
251 		_exit(1);
252 	}
253 	(void)tcgetattr(fileno(tp), &ttybuf);
254 	cr = (ttybuf.c_oflag & ONLCR) && (ttybuf.c_oflag & OPOST) ?
255 	    "\n" : "\n\r";
256 	memcpy(name, utp->ut_name, UT_NAMESIZE);
257 	name[sizeof(name)-1] = '\0';
258 	(void)fprintf(tp, "%s\007New mail for %s@%.*s\007 has arrived:%s----%s",
259 	    cr, name, (int)sizeof(hostname), hostname, cr, cr);
260 	jkfprintf(tp, name, offset);
261 	(void)fclose(tp);
262 	_exit(0);
263 }
264 
265 void
266 jkfprintf(FILE *tp, char name[], off_t offset)
267 {
268 	char *cp, ch;
269 	char visout[5], *s2;
270 	FILE *fi;
271 	int linecnt, charcnt, inheader;
272 	struct passwd *p;
273 	char line[BUFSIZ];
274 
275 	/* Set effective uid to user in case mail drop is on nfs */
276 	if ((p = getpwnam(name)) != NULL) {
277 		(void) seteuid(p->pw_uid);
278 		(void) setuid(p->pw_uid);
279 	}
280 
281 	if ((fi = fopen(name, "r")) == NULL)
282 		return;
283 
284 	(void)fseeko(fi, offset, SEEK_SET);
285 	/*
286 	 * Print the first 7 lines or 560 characters of the new mail
287 	 * (whichever comes first).  Skip header crap other than
288 	 * From, Subject, To, and Date.
289 	 */
290 	linecnt = 7;
291 	charcnt = 560;
292 	inheader = 1;
293 	while (fgets(line, sizeof(line), fi) != NULL) {
294 		if (inheader) {
295 			if (line[0] == '\n') {
296 				inheader = 0;
297 				continue;
298 			}
299 			if (line[0] == ' ' || line[0] == '\t' ||
300 			    (strncmp(line, "From:", 5) &&
301 			    strncmp(line, "Subject:", 8)))
302 				continue;
303 		}
304 		if (linecnt <= 0 || charcnt <= 0) {
305 			(void)fprintf(tp, "...more...%s", cr);
306 			(void)fclose(fi);
307 			return;
308 		}
309 		/* strip weird stuff so can't trojan horse stupid terminals */
310 		for (cp = line; (ch = *cp) && ch != '\n'; ++cp, --charcnt) {
311 			ch = toascii(ch);
312 			vis(visout, ch, VIS_SAFE|VIS_NOSLASH, cp[1]);
313 			for (s2 = visout; *s2; s2++)
314 				(void)fputc(*s2, tp);
315 		}
316 		(void)fputs(cr, tp);
317 		--linecnt;
318 	}
319 	(void)fprintf(tp, "----%s\n", cr);
320 	(void)fclose(fi);
321 }
322