*** make.44bsd.orig Thu May 30 09:37:44 1996 --- make.44bsd Fri Dec 6 11:05:40 1996 *************** *** 3,10 **** # Defines are described in the INSTALL document. ! PROG=popper popauth ! MAN8=popper.8 popauth.8 SRCS= pop_dele.c pop_dropcopy.c pop_get_command.c pop_get_subcommand.c \ pop_init.c pop_last.c pop_list.c pop_log.c pop_lower.c pop_msg.c \ pop_parse.c pop_pass.c pop_quit.c pop_rset.c pop_send.c pop_stat.c \ --- 3,12 ---- # Defines are described in the INSTALL document. ! SUBDIR=popauth ! ! PROG=popper ! MAN8=popper.8 SRCS= pop_dele.c pop_dropcopy.c pop_get_command.c pop_get_subcommand.c \ pop_init.c pop_last.c pop_list.c pop_log.c pop_lower.c pop_msg.c \ pop_parse.c pop_pass.c pop_quit.c pop_rset.c pop_send.c pop_stat.c \ *************** *** 12,32 **** xtnd_xlst.c pop_uidl.c pop_rpop.c pop_apop.c md5.c #SRCS+= flock.c mktemp.c ! BINDIR=/usr/local/libexec ! MANDIR=/usr/local/man/man #LDADD+= -lcrypt -lndbm ! CFLAGS+=-DHAVE_PARAM_H # if you want APOP support, uncomment the next line ! #CFLAGS+=-DAPOP=\"/etc/pop.auth\" -DPOPUID=\"pop\" # if you want RPOP support, uncomment the next line ! #CFLAGS+=-DRPOP # if you want to block POP access for anyone in /etc/ftpusers, uncomment ! #CFLAGS+=-DNONAUTHFILE=\"/etc/ftpusers\" .include - --- 14,41 ---- xtnd_xlst.c pop_uidl.c pop_rpop.c pop_apop.c md5.c #SRCS+= flock.c mktemp.c ! PREFIX?=/usr/local ! BINDIR=${PREFIX}/libexec ! MANDIR=${PREFIX}/man/man #LDADD+= -lcrypt -lndbm ! CFLAGS+=-DHAVE_PARAM_H -DSETPROCTITLE ! LDADD+=-lutil ! ! .if exists(/usr/lib/libskey.a) && exists(/usr/lib/libmd.a) ! DPADD+= ${LIBSKEY} ${LIBMD} ${LIBCRYPT} ! LDADD+= -lskey -lmd -lcrypt ! CFLAGS+= -DSKEY ! .endif # if you want APOP support, uncomment the next line ! CFLAGS+=-DAPOP=\"${PREFIX}/etc/popper/pop.auth\" -DPOPUID=\"pop\" # if you want RPOP support, uncomment the next line ! # CFLAGS+=-DRPOP # if you want to block POP access for anyone in /etc/ftpusers, uncomment ! CFLAGS+=-DNONAUTHFILE=\"/etc/ftpusers\" .include *** pop_dropcopy.c Sat Jun 8 14:44:01 1996 --- pop_dropcopy.c Sat Jun 8 14:50:46 1996 *************** *** 755,760 **** --- 755,761 ---- the SERVER maildrop */ FILE *tf; /* The temp file */ int tfn; + char template[POP_TMPSIZE]; /* Temp name holder */ char buffer[MAXLINELEN]; /* Read buffer */ long offset; /* Old/New boundary */ int nchar; /* Bytes written/read */ *************** *** 788,793 **** --- 789,805 ---- } #endif + /* First create a unique file. Would prefer mkstemp, but Ultrix...*/ + strcpy(template,POP_TMPDROP); + if (((tfn=mkstemp(template)) == -1) || + ((tf=fdopen(tfn, "w+")) == NULL)) { /* failure, bail out */ + pop_log(p,POP_PRIORITY, + "Unable to create temporary temporary maildrop '%s': %s",template, + (errno < sys_nerr) ? sys_errlist[errno] : "") ; + return pop_msg(p,POP_FAILURE, + "System error, can't create temporary file."); + } + /* Here we work to make sure the user doesn't cause us to remove or * write over existing files by limiting how much work we do while * running as root. *************** *** 801,806 **** --- 813,831 ---- pwp->pw_gid = mybuf.st_gid; # endif #endif + + /* Now give this file to the user */ + (void) chown(template, (UID_T)pwp->pw_uid, (GID_T)pwp->pw_gid); + /* (void) chmod(template,0600); umask now handles this */ + + /* Now link this file to the temporary maildrop. If this fails it + * is probably because the temporary maildrop already exists. If so, + * this is ok. We can just go on our way, because by the time we try + * to write into the file we will be running as the user. + */ + (void) link(template,p->temp_drop); + (void) fclose(tf); + (void) unlink(template); /* Now we run as the user. */ (void) setgid((GID_T)pwp->pw_gid); *** popauth.c Sun Jun 9 12:56:38 1996 --- popauth.c Sun Jun 9 13:00:51 1996 *************** *** 36,43 **** #include #endif ! #ifdef BSDI ! #define BSD44_DBM #endif #ifdef NEED_STRERROR --- 36,51 ---- #include #endif ! #ifdef HAVE_PARAM_H ! #include ! # if (defined(BSD) && (BSD >= 199103)) ! # define HAVE_UNISTD_H ! # define HAVE_VSPRINTF ! # define BIND43 ! # endif ! # if (defined(BSD) && (BSD >= 199306)) ! # define BSD44_DBM ! # endif #endif #ifdef NEED_STRERROR