From 1bcfcb6b044cfcc4382c610a2e0945a367c61b38 Mon Sep 17 00:00:00 2001 From: Manvendra Bhangui Date: Mon, 6 May 2024 10:18:43 +0530 Subject: [PATCH] indisrvr.c: added -l option for running under tcpserver --- indimail-x/crc.1 | 2 +- indimail-x/create_rpm | 32 ++++---- indimail-x/doc/ChangeLog | 3 + indimail-x/indisrvr.8 | 16 +++- indimail-x/indisrvr.c | 158 +++++++++++++++++++++++---------------- 5 files changed, 128 insertions(+), 83 deletions(-) diff --git a/indimail-x/crc.1 b/indimail-x/crc.1 index 89659977b..335f80ab3 100644 --- a/indimail-x/crc.1 +++ b/indimail-x/crc.1 @@ -11,7 +11,7 @@ crcdiff \- compare two crc lists and report the difference .PP \fBcrc\fR [-dv] [-i \fIinitial_crc\fR] file ... .PP -\fBcrcdiff\fR [-s] [-c critical_list] \fIcrclist\fR \fIcrclist\fR +\fBcrcdiff\fR [-s] [-c \fIcritical_list\fR] \fIcrclist\fR \fIcrclist\fR .SH DESCRIPTION For each file, \fBcrc\fR calculates and prints a 32-bit CRC in hexadecimal. diff --git a/indimail-x/create_rpm b/indimail-x/create_rpm index e2d63f280..cf2d3deb8 100755 --- a/indimail-x/create_rpm +++ b/indimail-x/create_rpm @@ -129,24 +129,26 @@ if [ -z "$release" ] ; then if [ " $dist" = " $idist" ] ; then iversion=$(rpm -qf /usr/bin/vuserinfo|cut -d- -f2) if [ "$iversion" = "$version" ] ; then - release=$(rpm -qf /usr/bin/vuserinfo | cut -d- -f3 | cut -d. -f2) - release=$(expr $release + 1) + t1=$(rpm -qf /usr/bin/vuserinfo | cut -d- -f3 | cut -d. -f1) + t2=$(rpm -qf /usr/bin/vuserinfo | cut -d- -f3 | cut -d. -f2) + t2=$(expr $t2 + 1) + release="$t1.$t2" else - release=1 + release=0.1 fi else - release=1 + release=0.1 fi else - release=1 + release=0.1 fi fi -echo -n "Build RPM for indimail-"$version"-1."$release" (Y/N) - " +echo -n "Build RPM for indimail-"$version"-"$release" (Y/N) - " read key if [ " $key" = " Y" -o " $key" = " y" ] ; then tmprel=`cat indimail-x/conf-release 2>/dev/null` - if [ ! " $tmprel" = " 1.$release" ] ; then - echo 1.$release > indimail-x/conf-release + if [ ! " $tmprel" = " $release" ] ; then + echo $release > indimail-x/conf-release cd indimail-x make indimail.spec cp indimail.spec /tmp @@ -168,10 +170,10 @@ if [ " $key" = " Y" -o " $key" = " y" ] ; then build_arch=`rpmbuild --showrc|grep "^build arch" | awk '{print $4}'` for i in indimail indimail-devel libindimail do - rpm --addsign $rpmbuild/RPMS/$build_arch/$i-"$version"-"1.$release".$dist.$build_arch.rpm + rpm --addsign $rpmbuild/RPMS/$build_arch/$i-"$version"-"$release".$dist.$build_arch.rpm done - rpm --addsign $rpmbuild/SRPMS/indimail-"$version"-"1.$release".$dist.src.rpm - echo -n "RPM lint for indimail-"$version"-1."$release" (Y/N) - " + rpm --addsign $rpmbuild/SRPMS/indimail-"$version"-"$release".$dist.src.rpm + echo -n "RPM lint for indimail-"$version"-"$release" (Y/N) - " read key if [ " $key" = " Y" -o " $key" = " y" ] ; then ( @@ -179,14 +181,14 @@ if [ " $key" = " Y" -o " $key" = " y" ] ; then do echo $i if [ -f $HOME/.config/$i.rpmlintrc ] ; then - rpmlint -r $HOME/.config/$i.rpmlintrc $rpmbuild/RPMS/$build_arch/$i-"$version"-"1.$release".$dist.$build_arch.rpm + rpmlint -r $HOME/.config/$i.rpmlintrc $rpmbuild/RPMS/$build_arch/$i-"$version"-"$release".$dist.$build_arch.rpm else - rpmlint $rpmbuild/RPMS/$build_arch/$i-"$version"-"1.$release".$dist.$build_arch.rpm + rpmlint $rpmbuild/RPMS/$build_arch/$i-"$version"-"$release".$dist.$build_arch.rpm fi echo ------------------------ done - echo indimail-"$version"-"1.$release".$dist.src.rpm - rpmlint $rpmbuild/SRPMS/indimail-"$version"-"1.$release".$dist.src.rpm + echo indimail-"$version"-"$release".$dist.src.rpm + rpmlint $rpmbuild/SRPMS/indimail-"$version"-"$release".$dist.src.rpm echo ------------------------ ) 2>&1 | less fi diff --git a/indimail-x/doc/ChangeLog b/indimail-x/doc/ChangeLog index 4961ba087..4a9f2372b 100644 --- a/indimail-x/doc/ChangeLog +++ b/indimail-x/doc/ChangeLog @@ -1,9 +1,12 @@ * XXX XXX XX XXXX XX:XX:XX +0000 @email@ @version@-@release@%{?dist} Release @version@-@release@ Start 02/05/2024 End XX/XX/XXXX +- 02/05/2024 1. crc.c: fixed bug with -d option 2. crc.c: fixed bug with printing group permissions 3. crcdiff.c: display L1, L2 changes 4. crcdiff.c: added -s, -c option +- 06/05/2024 +5. indisrvr.c: added -l option for running under tcpserver * Mon Jan 01 2024 09:24:41 +0000 Manvendra Bhangui 3.4.6-1.1%{?dist} Release 3.4.6-1.1 Start 09/09/2023 End 01/01/2024 diff --git a/indimail-x/indisrvr.8 b/indimail-x/indisrvr.8 index 34091ec0c..9971e7dc5 100644 --- a/indimail-x/indisrvr.8 +++ b/indimail-x/indisrvr.8 @@ -47,23 +47,34 @@ adminclient -h phoenix2 -p 4000 -u admin -P adminpass -c ''vadduser test@indi.c .TP \fB\-v\fR Sets verbose option. + +.TP +\fB\-l\fR +This options expects indisrvr to be run under tcpserver(1) or similar +server. + .TP \fB\-i\fR \fIIP_Address\fR The IP address on which indisrvr needs to bind. Useful if a host has -multiple IP addresses. +multiple IP addresses and you want to bind on just one interface. + .TP \fB\-p\fR \fIport\fR A TCP/IP port or service in /etc/services on which indisrvr needs to bind. + .TP \fB\-b\fR \fIbacklog\fR Max backlog to be maintained after which the client should get connection refused + .TP \fB\-d\fR \fIcertdir\fR certificate directory for RSA/DH parameter files + .TP \fB\-n\fR \fIcertfile\fR A PEM certificate causes indisrvr to negotiate TLS encryption with clients. + .TP -\fBc\fR \fIcafile\fR Specify \fIcafile\fR as the file containing CA certificates. Sometimes, @@ -72,15 +83,18 @@ by your issuing CA expires. Note that the file given with -c is passed to SSL_CTX_load_verify_locations and thus may contain several CA certificates, which will be used during SSL connection negotiation to close any gap in the certificate chain. + .TP -\fBr\fR \fIcrlfile\fR A list of Certificate Revocation Lists (CRLs). If present it should contain the CRLs of the CAs in \fIcafile\fR and client certs that will be checked for revocation. + .TP \fB\-t\fR \fItimeoutdata\fR Quit if read or write to/from commands or application exceeds \fItimeoutdata\fR seconds. + .TP \fB\-T\fR \fItimeoutconn\fR Timeout on TLS/SSL accept if attempt exceeds \fItimeoutconn\fR seconds. diff --git a/indimail-x/indisrvr.c b/indimail-x/indisrvr.c index 4aa253e84..5fb77c5cf 100644 --- a/indimail-x/indisrvr.c +++ b/indimail-x/indisrvr.c @@ -1,66 +1,12 @@ /* - * $Log: indisrvr.c,v $ - * Revision 1.17 2023-08-22 19:13:27+05:30 Cprogrammer - * use TLS_CIPHER_LIST for TLSv1.2 and below, TLS_CIPHER_SUITE for TLSv1.3 and above - * - * Revision 1.16 2023-03-20 10:06:02+05:30 Cprogrammer - * standardize getln handling - * - * Revision 1.15 2023-02-14 01:09:55+05:30 Cprogrammer - * free ctx if tls_session fails - * - * Revision 1.14 2023-01-22 10:35:30+05:30 Cprogrammer - * fixed incorrectly passed stralloc * instead of char * - * - * Revision 1.13 2023-01-21 13:29:53+05:30 Cprogrammer - * replaced SSL_shutdown, SSL_free iwth ssl_free - * - * Revision 1.12 2023-01-03 21:35:28+05:30 Cprogrammer - * replaced tls code with TLS library from libqmail - * added -T option to specify connection timeout - * added -r option to specify crl file - * added -d option to specify certificate dir - * - * Revision 1.11 2022-12-18 19:24:01+05:30 Cprogrammer - * log additional wait status - * - * Revision 1.10 2022-10-20 11:57:41+05:30 Cprogrammer - * converted function prototype to ansic - * - * Revision 1.9 2022-05-10 20:00:52+05:30 Cprogrammer - * use headers from include path - * - * Revision 1.8 2021-06-11 17:03:47+05:30 Cprogrammer - * replaced MakeArgs() with makeargs() from libqmail() - * - * Revision 1.7 2021-03-09 19:58:25+05:30 Cprogrammer - * use functions from tls.c - * - * Revision 1.6 2021-03-09 15:33:58+05:30 Cprogrammer - * renamed SSL_CIPHER to TLS_CIPHER_LIST - * - * Revision 1.5 2020-10-01 18:23:48+05:30 Cprogrammer - * fixed compiler warning - * - * Revision 1.4 2020-04-01 18:55:43+05:30 Cprogrammer - * moved authentication functions to libqmail - * - * Revision 1.3 2019-06-07 16:00:18+05:30 mbhangui - * use sgetopt library for getopt() - * - * Revision 1.2 2019-04-22 23:11:33+05:30 Cprogrammer - * replaced atoi() with scan_int() - * - * Revision 1.1 2019-04-18 08:23:42+05:30 Cprogrammer - * Initial revision - * + * $Id: indisrvr.c,v 1.18 2024-05-06 09:29:07+05:30 Cprogrammer Exp mbhangui $ */ #ifdef HAVE_CONFIG_H #include "config.h" #endif #ifndef lint -static char sccsid[] = "$Id: indisrvr.c,v 1.17 2023-08-22 19:13:27+05:30 Cprogrammer Exp mbhangui $"; +static char sccsid[] = "$Id: indisrvr.c,v 1.18 2024-05-06 09:29:07+05:30 Cprogrammer Exp mbhangui $"; #endif #ifdef CLUSTERED_SITE @@ -162,6 +108,7 @@ static int usessl = 0; unsigned long dtimeout = 300; unsigned long ctimeout = 60; static char *certfile, *cafile, *crlfile, *certdir; +static int use_tcpserver; #endif char tbuf[2048]; @@ -170,7 +117,7 @@ int main(int argc, char **argv) { int n, socket_desc, pid, backlog; - char *port, *ipaddr; + char *port, *ipaddr, *p1, *p2; struct sockaddr_in cliaddress; int addrlen, len, new; struct linger linger; @@ -209,6 +156,20 @@ main(int argc, char **argv) (void) signal(SIGHUP, SigHup); } #endif + if (use_tcpserver) { + if (!(port = env_get("TCPLOCALPORT"))) + port = "unknown"; + if (!(ipaddr = env_get("TCPLOCALIP"))) + ipaddr = "unknown"; + if (!(p1 = env_get("TCPREMOTEIP"))) + p1 = "unknown"; + if (!(p2 = env_get("TCPREMOTEPORT"))) + p2 = "unknown"; + filewrt(3, "%d: Connection from ip %s, port %s to ip %s, port %s\n", + getpid(), p1, p2, ipaddr, port); + n = call_prg(); + _exit(n); + } linger.l_onoff = 1; linger.l_linger = 1; if ((socket_desc = tcpbind(ipaddr, port, backlog)) == -1) { @@ -451,18 +412,17 @@ call_prg() (void) signal(SIGCHLD, SIG_DFL); if (!(Argv = makeargs(ptr))) { strerr_warn1("makeargs failed: ", &strerr_sys); - filewrt(3, "%d: makeargs failed: %s\n", getpid(), error_str(errno)); + filewrt(3, "%d: makeargs failed: %s\n", getppid(), error_str(errno)); return (-1); } if (checkPerm(username.s, adminCommands[i].name, Argv)) { strerr_warn6(username.s, ": ", adminCommands[i].name, " args [", ptr, "]: permission denied", 0); - filewrt(3, "%s: %s args [%s]: permission denied\n", username.s, adminCommands[i].name, ptr); + filewrt(3, "%d: %s: %s args [%s]: permission denied\n", getppid(), username.s, adminCommands[i].name, ptr); _exit(1); } - if (verbose) - filewrt(3, "%d: command %s args %s\n", getpid(), adminCommands[i].name, ptr); + filewrt(3, "%d: command %s args %s\n", getppid(), adminCommands[i].name, ptr); execv(adminCommands[i].name, Argv); - filewrt(3, "%d: %s args [%s]: %s\n", getpid(), adminCommands[i].name, ptr, error_str(errno)); + filewrt(3, "%d: %s args [%s]: %s\n", getppid(), adminCommands[i].name, ptr, error_str(errno)); _exit(1); default: break; @@ -572,7 +532,8 @@ Login_User(stralloc *username, stralloc *password) strerr_warn1("indisrvr: write stdout: ", &strerr_sys); return (1); } - filewrt(3, "%d: user %s logged in\n", getpid(), username->s); + if (verbose) + filewrt(3, "%d: user %s logged in\n", getpid(), username->s); return (0); } filewrt(3, "%d: user %s password incorrect\n", getpid(), username->s); @@ -593,11 +554,12 @@ get_options(int argc, char **argv, char **ipaddr, char **port, int *backlog) certdir = SYSCONFDIR"/certs"; #endif *ipaddr = *port = 0; + use_tcpserver = 0; *backlog = -1; #ifdef HAVE_SSL - while ((c = getopt(argc, argv, "vt:T:i:p:b:n:c:r:d:")) != opteof) + while ((c = getopt(argc, argv, "vt:T:i:p:b:n:c:r:d:l")) != opteof) #else - while ((c = getopt(argc, argv, "vt:T:i:p:b:")) != opteof) + while ((c = getopt(argc, argv, "vt:T:i:p:b:l")) != opteof) #endif { switch (c) @@ -635,6 +597,9 @@ get_options(int argc, char **argv, char **ipaddr, char **port, int *backlog) crlfile = optarg; break; #endif + case 'l': + use_tcpserver = 1; + break; default: #ifdef HAVE_SSL strerr_warn1("usage: indisrvr -i ipaddr -p port [-d certdir] -n certfile [-c cafile -r crlfile] -t timeoutdata -T timeoutconn -b backlog", 0); @@ -644,7 +609,7 @@ get_options(int argc, char **argv, char **ipaddr, char **port, int *backlog) break; } } - if (!*ipaddr || !*port || *backlog == -1) { + if (!use_tcpserver && (!*ipaddr || !*port || *backlog == -1)) { #ifdef HAVE_SSL strerr_warn1("usage: indisrvr -i ipaddr -p port [-d certdir] -n certfile [-c cafile -r crlfile] -t timeoutdata -T timeoutconn -b backlog", 0); #else @@ -716,3 +681,64 @@ main() return (1); } #endif + +/* + * $Log: indisrvr.c,v $ + * Revision 1.18 2024-05-06 09:29:07+05:30 Cprogrammer + * added option -l to run under tcpserver + * + * Revision 1.17 2023-08-22 19:13:27+05:30 Cprogrammer + * use TLS_CIPHER_LIST for TLSv1.2 and below, TLS_CIPHER_SUITE for TLSv1.3 and above + * + * Revision 1.16 2023-03-20 10:06:02+05:30 Cprogrammer + * standardize getln handling + * + * Revision 1.15 2023-02-14 01:09:55+05:30 Cprogrammer + * free ctx if tls_session fails + * + * Revision 1.14 2023-01-22 10:35:30+05:30 Cprogrammer + * fixed incorrectly passed stralloc * instead of char * + * + * Revision 1.13 2023-01-21 13:29:53+05:30 Cprogrammer + * replaced SSL_shutdown, SSL_free iwth ssl_free + * + * Revision 1.12 2023-01-03 21:35:28+05:30 Cprogrammer + * replaced tls code with TLS library from libqmail + * added -T option to specify connection timeout + * added -r option to specify crl file + * added -d option to specify certificate dir + * + * Revision 1.11 2022-12-18 19:24:01+05:30 Cprogrammer + * log additional wait status + * + * Revision 1.10 2022-10-20 11:57:41+05:30 Cprogrammer + * converted function prototype to ansic + * + * Revision 1.9 2022-05-10 20:00:52+05:30 Cprogrammer + * use headers from include path + * + * Revision 1.8 2021-06-11 17:03:47+05:30 Cprogrammer + * replaced MakeArgs() with makeargs() from libqmail() + * + * Revision 1.7 2021-03-09 19:58:25+05:30 Cprogrammer + * use functions from tls.c + * + * Revision 1.6 2021-03-09 15:33:58+05:30 Cprogrammer + * renamed SSL_CIPHER to TLS_CIPHER_LIST + * + * Revision 1.5 2020-10-01 18:23:48+05:30 Cprogrammer + * fixed compiler warning + * + * Revision 1.4 2020-04-01 18:55:43+05:30 Cprogrammer + * moved authentication functions to libqmail + * + * Revision 1.3 2019-06-07 16:00:18+05:30 mbhangui + * use sgetopt library for getopt() + * + * Revision 1.2 2019-04-22 23:11:33+05:30 Cprogrammer + * replaced atoi() with scan_int() + * + * Revision 1.1 2019-04-18 08:23:42+05:30 Cprogrammer + * Initial revision + * + */