From 5dc43717a3cf7349094cb552c81e86bc205f9b30 Mon Sep 17 00:00:00 2001 From: John Jetmore Date: Sat, 12 Jun 2010 15:21:25 +0000 Subject: Add tcp_wrappers_daemon_name (closes: bug #278) (I honestly have no memory of writing this patch...) --- doc/doc-docbook/spec.xfpt | 13 +++++++++---- doc/doc-txt/ChangeLog | 6 +++++- doc/doc-txt/NewStuff | 9 ++++++++- doc/doc-txt/OptionLists.txt | 4 +++- src/src/EDITME | 9 ++++++++- src/src/buildconfig.c | 5 +++-- src/src/config.h.defaults | 3 ++- src/src/globals.c | 5 ++++- src/src/globals.h | 5 ++++- src/src/readconf.c | 5 ++++- src/src/smtp_in.c | 12 ++++++++++-- 11 files changed, 60 insertions(+), 16 deletions(-) diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 7d2ae02d2..14c1bf8d8 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -1,4 +1,4 @@ -. $Cambridge: exim/doc/doc-docbook/spec.xfpt,v 1.86 2010/06/09 01:30:16 pdp Exp $ +. $Cambridge: exim/doc/doc-docbook/spec.xfpt,v 1.87 2010/06/12 15:21:25 jetmore Exp $ . . ///////////////////////////////////////////////////////////////////////////// . This is the primary source of the Exim Manual. It is an xfpt document that is @@ -1896,6 +1896,8 @@ given in chapter &<>&. .section "Use of tcpwrappers" "SECID27" .cindex "tcpwrappers, building Exim to support" .cindex "USE_TCP_WRAPPERS" +.cindex "TCP_WRAPPERS_DAEMON_NAME" +.cindex "tcp_wrappers_daemon_name" Exim can be linked with the &'tcpwrappers'& library in order to check incoming SMTP calls using the &'tcpwrappers'& control files. This may be a convenient alternative to Exim's own checking facilities for installations that are @@ -1910,14 +1912,17 @@ USE_TCP_WRAPPERS=yes CFLAGS=-O -I/usr/local/include EXTRALIBS_EXIM=-L/usr/local/lib -lwrap .endd -in &_Local/Makefile_&. The name to use in the &'tcpwrappers'& control files is -&"exim"&. For example, the line +in &_Local/Makefile_&. The daemon name to use in the &'tcpwrappers'& control +files is &"exim"&. For example, the line .code exim : LOCAL 192.168.1. .friendly.domain.example .endd in your &_/etc/hosts.allow_& file allows connections from the local host, from the subnet 192.168.1.0/24, and from all hosts in &'friendly.domain.example'&. -All other connections are denied. Consult the &'tcpwrappers'& documentation for +All other connections are denied. The daemon name used by &'tcpwrappers'& +can be changed at build time by setting TCP_WRAPPERS_DAEMON_NAME in +in &_Local/Makefile_&, or by setting tcp_wrappers_daemon_name in the +configure file. Consult the &'tcpwrappers'& documentation for further details. diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index f486e025b..b0e013c46 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -1,4 +1,4 @@ -$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.631 2010/06/09 01:30:16 pdp Exp $ +$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.632 2010/06/12 15:21:25 jetmore Exp $ Change log file for Exim from version 4.21 ------------------------------------------- @@ -50,6 +50,10 @@ PP/16 Add bool_lax{} expansion operator and use that for combining multiple condition rules, instead of bool{}. Make both bool{} and bool_lax{} ignore trailing whitespace. +JJ/02 prevent non-panic DKIM error from being sent to paniclog + +JJ/03 added tcp_wrappers_daemon_name to allow host entries other than + "exim" to be used Exim version 4.72 ----------------- diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff index 91c9b5f71..dbf7e8600 100644 --- a/doc/doc-txt/NewStuff +++ b/doc/doc-txt/NewStuff @@ -1,4 +1,4 @@ -$Cambridge: exim/doc/doc-txt/NewStuff,v 1.174 2010/06/07 08:23:20 pdp Exp $ +$Cambridge: exim/doc/doc-txt/NewStuff,v 1.175 2010/06/12 15:21:25 jetmore Exp $ New Features in Exim -------------------- @@ -83,6 +83,13 @@ Version 4.73 9. Routers now support multiple "condition" tests, +10. There is now a runtime configuration option "tcp_wrappers_daemon_name". + Setting this allows an admin to define which entry in the tcpwrappers + config file will be used to control access to the daemon. This option + is only available when Exim is built with USE_TCP_WRAPPERS. The + default value is set at build time using the TCP_WRAPPERS_DAEMON_NAME + build option. + Version 4.72 ------------ diff --git a/doc/doc-txt/OptionLists.txt b/doc/doc-txt/OptionLists.txt index 89d86063e..00bafe9c5 100644 --- a/doc/doc-txt/OptionLists.txt +++ b/doc/doc-txt/OptionLists.txt @@ -1,4 +1,4 @@ -$Cambridge: exim/doc/doc-txt/OptionLists.txt,v 1.37 2010/06/06 02:08:50 pdp Exp $ +$Cambridge: exim/doc/doc-txt/OptionLists.txt,v 1.38 2010/06/12 15:21:25 jetmore Exp $ LISTS OF EXIM OPTIONS --------------------- @@ -529,6 +529,7 @@ system_filter_reply_transport string unset main system_filter_user string unset main 4.00 replacing message_filter tcp_nodelay boolean true main 4.23 true smtp 4.23 +tcp_wrappers_daemon_name string* ++ main 4.73 temp_errors string list + pipe 1.95 text string* unset autoreply timeout time 5m lmtp 3.20 @@ -909,6 +910,7 @@ SUPPORT_TRANSLATE_IP_ADDRESS optional* support for address translation SYSLOG_LOG_PID optional add pid to syslog lines SYSLOG_LONG_LINES optional do not split long syslog lines SYSTEM_ALIASES_FILE optional defaults to /etc/aliases +TCP_WRAPPERS_DAEMON_NAME system* daemon name used by tcpwrappers libraru TIMEZONE_DEFAULT optional default for timezone option TLS_INCLUDE optional path to include files for TLS TLS_LIBS optional additional libraries for TLS diff --git a/src/src/EDITME b/src/src/EDITME index 7f7f6b3a4..050d9ad10 100644 --- a/src/src/EDITME +++ b/src/src/EDITME @@ -1,4 +1,4 @@ -# $Cambridge: exim/src/src/EDITME,v 1.26 2010/06/06 02:46:13 pdp Exp $ +# $Cambridge: exim/src/src/EDITME,v 1.27 2010/06/12 15:21:25 jetmore Exp $ ################################################## # The Exim mail transport agent # @@ -847,6 +847,13 @@ ZCAT_COMMAND=/usr/bin/zcat # # but of course there may need to be other things in CFLAGS and EXTRALIBS_EXIM # as well. +# +# To use a name other than exim in the tcpwrappers config file, +# e.g. if you're running multiple daemons with different access lists, +# or multiple MTAs with the same access list, define +# TCP_WRAPPERS_DAEMON_NAME accordingly +# +# TCP_WRAPPERS_DAEMON_NAME="exim" #------------------------------------------------------------------------------ diff --git a/src/src/buildconfig.c b/src/src/buildconfig.c index 780800c58..38ed0311f 100644 --- a/src/src/buildconfig.c +++ b/src/src/buildconfig.c @@ -1,4 +1,4 @@ -/* $Cambridge: exim/src/src/buildconfig.c,v 1.19 2010/06/07 18:25:57 pdp Exp $ */ +/* $Cambridge: exim/src/src/buildconfig.c,v 1.20 2010/06/12 15:21:26 jetmore Exp $ */ /************************************************* * Exim - an Internet mail transport agent * @@ -807,9 +807,10 @@ while (fgets(buffer, sizeof(buffer), base) != NULL) fprintf(new, "\"%s\"\n", value); } - /* Timezone values and HEADERS_CHARSET get quoted */ + /* Timezone values HEADERS_CHARSET, and TCP_WRAPPERS_DAEMON_NAME get quoted */ else if (strcmp(name, "TIMEZONE_DEFAULT") == 0|| + strcmp(name, "TCP_WRAPPERS_DAEMON_NAME") == 0|| strcmp(name, "HEADERS_CHARSET") == 0) fprintf(new, "\"%s\"\n", value); diff --git a/src/src/config.h.defaults b/src/src/config.h.defaults index e114c6bc0..c6895b621 100644 --- a/src/src/config.h.defaults +++ b/src/src/config.h.defaults @@ -1,4 +1,4 @@ -/* $Cambridge: exim/src/src/config.h.defaults,v 1.19 2010/06/05 11:13:29 pdp Exp $ */ +/* $Cambridge: exim/src/src/config.h.defaults,v 1.20 2010/06/12 15:21:26 jetmore Exp $ */ /************************************************* * Exim - an Internet mail transport agent * @@ -128,6 +128,7 @@ it's a default value. */ #define SYSLOG_LOG_PID #define SYSLOG_LONG_LINES +#define TCP_WRAPPERS_DAEMON_NAME "exim" #define TIMEZONE_DEFAULT #define TMPDIR diff --git a/src/src/globals.c b/src/src/globals.c index b4e24485c..645cdb130 100644 --- a/src/src/globals.c +++ b/src/src/globals.c @@ -1,4 +1,4 @@ -/* $Cambridge: exim/src/src/globals.c,v 1.87 2010/06/05 09:10:10 pdp Exp $ */ +/* $Cambridge: exim/src/src/globals.c,v 1.88 2010/06/12 15:21:26 jetmore Exp $ */ /************************************************* * Exim - an Internet mail transport agent * @@ -1193,6 +1193,9 @@ BOOL system_filter_uid_set = FALSE; BOOL system_filtering = FALSE; BOOL tcp_nodelay = TRUE; +#ifdef USE_TCP_WRAPPERS +uschar *tcp_wrappers_daemon_name = US TCP_WRAPPERS_DAEMON_NAME; +#endif int test_harness_load_avg = 0; int thismessage_size_limit = 0; int timeout_frozen_after = 0; diff --git a/src/src/globals.h b/src/src/globals.h index e3991dcbd..b036def7c 100644 --- a/src/src/globals.h +++ b/src/src/globals.h @@ -1,4 +1,4 @@ -/* $Cambridge: exim/src/src/globals.h,v 1.68 2010/06/05 09:10:10 pdp Exp $ */ +/* $Cambridge: exim/src/src/globals.h,v 1.69 2010/06/12 15:21:26 jetmore Exp $ */ /************************************************* * Exim - an Internet mail transport agent * @@ -758,6 +758,9 @@ extern BOOL system_filter_uid_set; /* TRUE if uid set */ extern BOOL system_filtering; /* TRUE when running system filter */ extern BOOL tcp_nodelay; /* Controls TCP_NODELAY on daemon */ +#ifdef USE_TCP_WRAPPERS +extern uschar *tcp_wrappers_daemon_name; /* tcpwrappers daemon lookup name */ +#endif extern int test_harness_load_avg; /* For use when testing */ extern int thismessage_size_limit; /* Limit for this message */ extern int timeout_frozen_after; /* Max time to keep frozen messages */ diff --git a/src/src/readconf.c b/src/src/readconf.c index 6b11621e0..33f10690b 100644 --- a/src/src/readconf.c +++ b/src/src/readconf.c @@ -1,4 +1,4 @@ -/* $Cambridge: exim/src/src/readconf.c,v 1.43 2010/06/07 08:23:20 pdp Exp $ */ +/* $Cambridge: exim/src/src/readconf.c,v 1.44 2010/06/12 15:21:26 jetmore Exp $ */ /************************************************* * Exim - an Internet mail transport agent * @@ -399,6 +399,9 @@ static optionlist optionlist_config[] = { { "system_filter_reply_transport",opt_stringptr,&system_filter_reply_transport }, { "system_filter_user", opt_uid, &system_filter_uid }, { "tcp_nodelay", opt_bool, &tcp_nodelay }, +#ifdef USE_TCP_WRAPPERS + { "tcp_wrappers_daemon_name", opt_stringptr, &tcp_wrappers_daemon_name }, +#endif { "timeout_frozen_after", opt_time, &timeout_frozen_after }, { "timezone", opt_stringptr, &timezone_string }, #ifdef SUPPORT_TLS diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c index 8edfe8104..9d10961c5 100644 --- a/src/src/smtp_in.c +++ b/src/src/smtp_in.c @@ -1,4 +1,4 @@ -/* $Cambridge: exim/src/src/smtp_in.c,v 1.66 2009/11/16 19:50:37 nm4 Exp $ */ +/* $Cambridge: exim/src/src/smtp_in.c,v 1.67 2010/06/12 15:21:26 jetmore Exp $ */ /************************************************* * Exim - an Internet mail transport agent * @@ -31,6 +31,7 @@ including that header, and restore its value afterwards. */ int allow_severity = LOG_INFO; int deny_severity = LOG_NOTICE; +uschar *tcp_wrappers_name; #endif @@ -1692,7 +1693,14 @@ if (!sender_host_unknown) #ifdef USE_TCP_WRAPPERS errno = 0; - if (!hosts_ctl("exim", + tcp_wrappers_name = expand_string(tcp_wrappers_daemon_name); + if (tcp_wrappers_name == NULL) + { + log_write(0, LOG_MAIN|LOG_PANIC_DIE, "Expansion of \"%s\" " + "(tcp_wrappers_name) failed: %s", string_printing(tcp_wrappers_name), + expand_string_message); + } + if (!hosts_ctl(tcp_wrappers_name, (sender_host_name == NULL)? STRING_UNKNOWN : CS sender_host_name, (sender_host_address == NULL)? STRING_UNKNOWN : CS sender_host_address, (sender_ident == NULL)? STRING_UNKNOWN : CS sender_ident)) -- cgit v1.2.3