diff options
author | Stef Walter <stef@memberwebs.com> | 2005-05-28 19:42:59 +0000 |
---|---|---|
committer | Stef Walter <stef@memberwebs.com> | 2005-05-28 19:42:59 +0000 |
commit | 8a09d9575e3fdb1c9df38047cbc20534bf1be63d (patch) | |
tree | c4af66b91d7c3af7c0c97ab3123609ea79afebaa /common | |
parent | 1bc164f033cd467853f80e9a08137a67631e63c0 (diff) |
Drop privileges after binding to port. Allows listening on ports < 1024
Diffstat (limited to 'common')
-rw-r--r-- | common/smtppass.c | 36 |
1 files changed, 15 insertions, 21 deletions
diff --git a/common/smtppass.c b/common/smtppass.c index 3ce2230..8a09cc8 100644 --- a/common/smtppass.c +++ b/common/smtppass.c @@ -275,6 +275,21 @@ int sp_run(const char* configfile, const char* pidfile, int dbg_level) sp_messagex(NULL, LOG_DEBUG, "starting up (%s)...", VERSION); + /* Create the socket */ + sock = socket(SANY_TYPE(g_state.listenaddr), SOCK_STREAM, 0); + if(sock < 0) + err(1, "couldn't open socket"); + + fcntl(sock, F_SETFD, fcntl(sock, F_GETFD, 0) | FD_CLOEXEC); + setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void *)&true, sizeof(true)); + + /* Unlink the socket file if it exists */ + if(SANY_TYPE(g_state.listenaddr) == AF_UNIX) + unlink(g_state.listenname); + + if(bind(sock, &SANY_ADDR(g_state.listenaddr), SANY_LEN(g_state.listenaddr)) != 0) + err(1, "couldn't bind to address: %s", g_state.listenname); + /* Drop privileges before daemonizing */ drop_privileges(); @@ -295,27 +310,6 @@ int sp_run(const char* configfile, const char* pidfile, int dbg_level) openlog(g_state.name, 0, LOG_MAIL); } - /* Create the socket */ - sock = socket(SANY_TYPE(g_state.listenaddr), SOCK_STREAM, 0); - if(sock < 0) - { - sp_message(NULL, LOG_CRIT, "couldn't open socket"); - exit(1); - } - - fcntl(sock, F_SETFD, fcntl(sock, F_GETFD, 0) | FD_CLOEXEC); - setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void *)&true, sizeof(true)); - - /* Unlink the socket file if it exists */ - if(SANY_TYPE(g_state.listenaddr) == AF_UNIX) - unlink(g_state.listenname); - - if(bind(sock, &SANY_ADDR(g_state.listenaddr), SANY_LEN(g_state.listenaddr)) != 0) - { - sp_message(NULL, LOG_CRIT, "couldn't bind to address: %s", g_state.listenname); - exit(1); - } - /* Let 5 connections queue up */ if(listen(sock, 5) != 0) { |