Patch #32: Re-arrange the execution logic to drop privileges in prope…

…r order. Patch from GalaxyMaster.
trusteddomainproject · Nov 17, 2014 · db8d4f4 · db8d4f4
1 parent 2523416
commit db8d4f4
Showing 1 changed file with 153 additions and 140 deletions.
diff --git a/opendkim/opendkim.c b/opendkim/opendkim.c
@@ -16151,6 +16151,8 @@ main(int argc, char **argv)
 		else
 			gid = gr->gr_gid;
 
+		(void) endpwent();
+
 #ifdef _FFR_REPUTATION
 		/* chown things that need chowning */
 		if (curconf->conf_rep != NULL)
@@ -16207,56 +16209,6 @@ main(int argc, char **argv)
 		}
 	}
 
-	/* now enact the user change */
-	if (become != NULL)
-	{
-		/* make all the process changes */
-		if (getuid() != pw->pw_uid)
-		{
-			if (initgroups(pw->pw_name, gid) != 0)
-			{
-				if (curconf->conf_dolog)
-				{
-					syslog(LOG_ERR, "initgroups(): %s",
-					       strerror(errno));
-				}
-
-				fprintf(stderr, "%s: initgroups(): %s\n",
-				        progname, strerror(errno));
-
-				return EX_NOPERM;
-			}
-			else if (setgid(gid) != 0)
-			{
-				if (curconf->conf_dolog)
-				{
-					syslog(LOG_ERR, "setgid(): %s",
-					       strerror(errno));
-				}
-
-				fprintf(stderr, "%s: setgid(): %s\n", progname,
-				        strerror(errno));
-
-				return EX_NOPERM;
-			}
-			else if (setuid(pw->pw_uid) != 0)
-			{
-				if (curconf->conf_dolog)
-				{
-					syslog(LOG_ERR, "setuid(): %s",
-					       strerror(errno));
-				}
-
-				fprintf(stderr, "%s: setuid(): %s\n", progname,
-				        strerror(errno));
-
-				return EX_NOPERM;
-			}
-		}
-
-		(void) endpwent();
-	}
-
 	if (curconf->conf_enablecores)
 	{
 		_Bool enabled = FALSE;
@@ -16295,14 +16247,6 @@ main(int argc, char **argv)
 
 	die = FALSE;
 
-	/* initialize DKIM library */
-	if (!dkimf_config_setlib(curconf, &p))
-	{
-		fprintf(stderr, "%s: can't configure DKIM library: %s\n",
-		        progname, p);
-		return EX_SOFTWARE;
-	}
-
 	if (autorestart)
 	{
 		_Bool quitloop = FALSE;
@@ -16386,6 +16330,36 @@ main(int argc, char **argv)
 			}
 		}
 
+		/* now enact the user change */
+		if (become != NULL)
+		{
+			/* make all the process changes */
+			if (getuid() != pw->pw_uid)
+			{
+				if (initgroups(pw->pw_name, gid) != 0)
+				{
+					if (curconf->conf_dolog)
+						syslog(LOG_ERR, "initgroups(): %s", strerror(errno));
+					fprintf(stderr, "%s: initgroups(): %s", progname, strerror(errno));
+					return EX_NOPERM;
+				}
+				else if (setgid(gid) != 0)
+				{
+					if (curconf->conf_dolog)
+						syslog(LOG_ERR, "setgid(): %s", strerror(errno));
+					fprintf(stderr, "%s: setgid(): %s", progname, strerror(errno));
+					return EX_NOPERM;
+				}
+				else if (setuid(pw->pw_uid) != 0)
+				{
+					if (curconf->conf_dolog)
+						syslog(LOG_ERR, "setuid(): %s", strerror(errno));
+					fprintf(stderr, "%s: setuid(): %s", progname, strerror(errno));
+					return EX_NOPERM;
+				}
+			}
+		}
+
 		if (maxrestartrate_n > 0)
 			dkimf_restart_check(maxrestartrate_n, 0);
 
@@ -16534,6 +16508,127 @@ main(int argc, char **argv)
 		}
 	}
 
+	if (!autorestart && dofork)
+	{
+		pid_t pid;
+
+		pid = fork();
+		switch (pid)
+		{
+		  case -1:
+			if (curconf->conf_dolog)
+			{
+				int saveerrno;
+
+				saveerrno = errno;
+
+				syslog(LOG_ERR, "fork(): %s", strerror(errno));
+
+				errno = saveerrno;
+			}
+
+			fprintf(stderr, "%s: fork(): %s\n", progname,
+			        strerror(errno));
+
+			dkimf_zapkey(curconf);
+
+			return EX_OSERR;
+
+		  case 0:
+			dkimf_stdio();
+			break;
+
+		  default:
+			dkimf_zapkey(curconf);
+			return EX_OK;
+		}
+	}
+
+	/* write out the pid */
+	if (!autorestart && pidfile != NULL)
+	{
+		f = fopen(pidfile, "w");
+		if (f != NULL)
+		{
+			fprintf(f, "%ld\n", (long) getpid());
+			(void) fclose(f);
+		}
+		else
+		{
+			if (curconf->conf_dolog)
+			{
+				syslog(LOG_ERR, "can't write pid to %s: %s",
+				       pidfile, strerror(errno));
+			}
+		}
+	}
+
+	/*
+	**  Block SIGUSR1 for use of our reload thread, and SIGHUP, SIGINT
+	**  and SIGTERM for use of libmilter's signal handling thread.
+	*/
+
+	sigemptyset(&sigset);
+	sigaddset(&sigset, SIGUSR1);
+	sigaddset(&sigset, SIGHUP);
+	sigaddset(&sigset, SIGTERM);
+	sigaddset(&sigset, SIGINT);
+	status = pthread_sigmask(SIG_BLOCK, &sigset, NULL);
+	if (status != 0)
+	{
+		if (curconf->conf_dolog)
+		{
+			syslog(LOG_ERR, "pthread_sigprocmask(): %s",
+			       strerror(status));
+		}
+
+		fprintf(stderr, "%s: pthread_sigprocmask(): %s\n", progname,
+		        strerror(status));
+
+		dkimf_zapkey(curconf);
+
+		return EX_OSERR;
+	}
+
+	/* now enact the user change */
+	if (!autorestart && become != NULL)
+	{
+		/* make all the process changes */
+		if (getuid() != pw->pw_uid)
+		{
+			if (initgroups(pw->pw_name, gid) != 0)
+			{
+				if (curconf->conf_dolog)
+					syslog(LOG_ERR, "initgroups(): %s", strerror(errno));
+				fprintf(stderr, "%s: initgroups(): %s", progname, strerror(errno));
+				return EX_NOPERM;
+			}
+			else if (setgid(gid) != 0)
+			{
+				if (curconf->conf_dolog)
+					syslog(LOG_ERR, "setgid(): %s", strerror(errno));
+				fprintf(stderr, "%s: setgid(): %s", progname, strerror(errno));
+				return EX_NOPERM;
+			}
+			else if (setuid(pw->pw_uid) != 0)
+			{
+				if (curconf->conf_dolog)
+					syslog(LOG_ERR, "setuid(): %s", strerror(errno));
+				fprintf(stderr, "%s: setuid(): %s", progname, strerror(errno));
+				return EX_NOPERM;
+			}
+		}
+	}
+
+	/* initialize DKIM library */
+	if (!dkimf_config_setlib(curconf, &p))
+	{
+		if (curconf->conf_dolog)
+			syslog(LOG_ERR, "can't configure DKIM library: %s", p);
+			fprintf(stderr, "%s: can't configure DKIM library: %s", progname, p);
+		return EX_SOFTWARE;
+	}
+
 	if (filemask != -1)
 		(void) umask((mode_t) filemask);
 
@@ -16624,88 +16719,6 @@ main(int argc, char **argv)
 #endif /* HAVE_SMFI_OPENSOCKET */
 	}
 
-	if (!autorestart && dofork)
-	{
-		pid_t pid;
-
-		pid = fork();
-		switch (pid)
-		{
-		  case -1:
-			if (curconf->conf_dolog)
-			{
-				int saveerrno;
-
-				saveerrno = errno;
-
-				syslog(LOG_ERR, "fork(): %s", strerror(errno));
-
-				errno = saveerrno;
-			}
-
-			fprintf(stderr, "%s: fork(): %s\n", progname,
-			        strerror(errno));
-
-			dkimf_zapkey(curconf);
-
-			return EX_OSERR;
-
-		  case 0:
-			dkimf_stdio();
-			break;
-
-		  default:
-			dkimf_zapkey(curconf);
-			return EX_OK;
-		}
-	}
-
-	/* write out the pid */
-	if (!autorestart && pidfile != NULL)
-	{
-		f = fopen(pidfile, "w");
-		if (f != NULL)
-		{
-			fprintf(f, "%ld\n", (long) getpid());
-			(void) fclose(f);
-		}
-		else
-		{
-			if (curconf->conf_dolog)
-			{
-				syslog(LOG_ERR, "can't write pid to %s: %s",
-				       pidfile, strerror(errno));
-			}
-		}
-	}
-
-	/*
-	**  Block SIGUSR1 for use of our reload thread, and SIGHUP, SIGINT
-	**  and SIGTERM for use of libmilter's signal handling thread.
-	*/
-
-	sigemptyset(&sigset);
-	sigaddset(&sigset, SIGUSR1);
-	sigaddset(&sigset, SIGHUP);
-	sigaddset(&sigset, SIGTERM);
-	sigaddset(&sigset, SIGINT);
-	status = pthread_sigmask(SIG_BLOCK, &sigset, NULL);
-	if (status != 0)
-	{
-		if (curconf->conf_dolog)
-		{
-			syslog(LOG_ERR, "pthread_sigprocmask(): %s",
-			       strerror(status));
-		}
-
-		fprintf(stderr, "%s: pthread_sigprocmask(): %s\n", progname,
-		        strerror(status));
-
-		dkimf_zapkey(curconf);
-
-		return EX_OSERR;
-	}
-
 	/* initialize libcrypto mutexes */
 	if (!curconf->conf_disablecryptoinit)
 	{