diff options
author | Stef Walter <stef@memberwebs.com> | 2005-05-28 19:42:59 +0000 |
---|---|---|
committer | Stef Walter <stef@memberwebs.com> | 2005-05-28 19:42:59 +0000 |
commit | 8a09d9575e3fdb1c9df38047cbc20534bf1be63d (patch) | |
tree | c4af66b91d7c3af7c0c97ab3123609ea79afebaa | |
parent | 1bc164f033cd467853f80e9a08137a67631e63c0 (diff) |
Drop privileges after binding to port. Allows listening on ports < 1024
-rw-r--r-- | ChangeLog | 3 | ||||
-rw-r--r-- | common/smtppass.c | 36 | ||||
-rw-r--r-- | configure.in | 4 |
3 files changed, 20 insertions, 23 deletions
@@ -1,5 +1,8 @@ 1.5 - Handle condition of server refusing data transfers more gracefully. + - Less chatty when setting timeouts fail + - Drop privileges after binding to port. Allows listening on ports < 1024 + - Ported to Solaris 1.4.1 [2005-04-15] - Fixed bug (introduced in 1.4) when Header was not present. diff --git a/common/smtppass.c b/common/smtppass.c index 3ce2230..8a09cc8 100644 --- a/common/smtppass.c +++ b/common/smtppass.c @@ -275,6 +275,21 @@ int sp_run(const char* configfile, const char* pidfile, int dbg_level) sp_messagex(NULL, LOG_DEBUG, "starting up (%s)...", VERSION); + /* Create the socket */ + sock = socket(SANY_TYPE(g_state.listenaddr), SOCK_STREAM, 0); + if(sock < 0) + err(1, "couldn't open socket"); + + fcntl(sock, F_SETFD, fcntl(sock, F_GETFD, 0) | FD_CLOEXEC); + setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void *)&true, sizeof(true)); + + /* Unlink the socket file if it exists */ + if(SANY_TYPE(g_state.listenaddr) == AF_UNIX) + unlink(g_state.listenname); + + if(bind(sock, &SANY_ADDR(g_state.listenaddr), SANY_LEN(g_state.listenaddr)) != 0) + err(1, "couldn't bind to address: %s", g_state.listenname); + /* Drop privileges before daemonizing */ drop_privileges(); @@ -295,27 +310,6 @@ int sp_run(const char* configfile, const char* pidfile, int dbg_level) openlog(g_state.name, 0, LOG_MAIL); } - /* Create the socket */ - sock = socket(SANY_TYPE(g_state.listenaddr), SOCK_STREAM, 0); - if(sock < 0) - { - sp_message(NULL, LOG_CRIT, "couldn't open socket"); - exit(1); - } - - fcntl(sock, F_SETFD, fcntl(sock, F_GETFD, 0) | FD_CLOEXEC); - setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void *)&true, sizeof(true)); - - /* Unlink the socket file if it exists */ - if(SANY_TYPE(g_state.listenaddr) == AF_UNIX) - unlink(g_state.listenname); - - if(bind(sock, &SANY_ADDR(g_state.listenaddr), SANY_LEN(g_state.listenaddr)) != 0) - { - sp_message(NULL, LOG_CRIT, "couldn't bind to address: %s", g_state.listenname); - exit(1); - } - /* Let 5 connections queue up */ if(listen(sock, 5) != 0) { diff --git a/configure.in b/configure.in index c589626..5d8611b 100644 --- a/configure.in +++ b/configure.in @@ -36,8 +36,8 @@ dnl Nate Nielsen <nielsen@memberwebs.com> dnl dnl Process this file with autoconf to produce a configure script. -AC_INIT(clamsmtp, 1.4.1.91, nielsen@memberwebs.com) -AM_INIT_AUTOMAKE(clamsmtp, 1.4.1.91) +AC_INIT(clamsmtp, 1.4.1.92, nielsen@memberwebs.com) +AM_INIT_AUTOMAKE(clamsmtp, 1.4.1.92) LDFLAGS="$LDFLAGS -L/usr/local/lib" CFLAGS="$CFLAGS -I/usr/local/include" |