You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
tdenetwork/ktalkd/mail.local/mail.local.c

987 lines
24 KiB

/*
*
SENDMAIL LICENSE
The following license terms and conditions apply, unless a different
license is obtained from Sendmail, Inc., 6425 Christie Ave, Fourth Floor,
Emeryville, CA 94608, or by electronic mail at license@sendmail.com.
License Terms:
Use, Modification and Redistribution (including distribution of any
modified or derived work) in source and binary forms is permitted only if
each of the following conditions is met:
1. Redistributions qualify as "freeware" or "Open Source Software" under
one of the following terms:
(a) Redistributions are made at no charge beyond the reasonable cost of
materials and delivery.
(b) Redistributions are accompanied by a copy of the Source Code or by an
irrevocable offer to provide a copy of the Source Code for up to three
years at the cost of materials and delivery. Such redistributions
must allow further use, modification, and redistribution of the Source
Code under substantially the same terms as this license. For the
purposes of redistribution "Source Code" means the complete compilable
and linkable source code of sendmail including all modifications.
2. Redistributions of source code must retain the copyright notices as they
appear in each source code file, these license terms, and the
disclaimer/limitation of liability set forth as paragraph 6 below.
3. Redistributions in binary form must reproduce the Copyright Notice,
these license terms, and the disclaimer/limitation of liability set
forth as paragraph 6 below, in the documentation and/or other materials
provided with the distribution. For the purposes of binary distribution
the "Copyright Notice" refers to the following language:
"Copyright (c) 1998-2002 Sendmail, Inc. All rights reserved."
4. Neither the name of Sendmail, Inc. nor the University of California nor
the names of their contributors may be used to endorse or promote
products derived from this software without specific prior written
permission. The name "sendmail" is a trademark of Sendmail, Inc.
5. All redistributions must comply with the conditions imposed by the
University of California on certain embedded code, whose copyright
notice and conditions for redistribution are as follows:
(a) Copyright (c) 1988, 1993 The Regents of the University of
California. All rights reserved.
(b) Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
(i) Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
(ii) Redistributions in binary form must reproduce the above
copyright notice, this list of conditions and the following
disclaimer in the documentation and/or other materials provided
with the distribution.
(iii) Neither the name of the University nor the names of its
contributors may be used to endorse or promote products derived
from this software without specific prior written permission.
6. Disclaimer/Limitation of Liability: THIS SOFTWARE IS PROVIDED BY
SENDMAIL, INC. AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED
WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN
NO EVENT SHALL SENDMAIL, INC., THE REGENTS OF THE UNIVERSITY OF
CALIFORNIA OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
*/
#if defined(LIBM_SCCS) && !defined(lint)
static char copyright[] =
"@(#) Copyright (c) 1990, 1993, 1994\n\
The Regents of the University of California. All rights reserved.\n";
#endif
/*
* This is not intended to compile on System V derived systems
* such as Solaris or HP-UX, since they use a totally different
* approach to mailboxes (essentially, they have a setgid program
* rather than setuid, and they rely on the ability to "give away"
* files to do their work). IT IS NOT A BUG that this doesn't
* compile on such architectures.
*/
#ifdef HAVE_CONFIG_H
#include <config.h> /* autoconf */
#endif
#include <sys/param.h>
#include <sys/socket.h>
#ifdef HAVE_SYS_STAT_H
#include <sys/stat.h>
#endif
#include <netinet/in.h>
#include <errno.h>
#include <fcntl.h>
#include <netdb.h>
#include <pwd.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <syslog.h>
#include <time.h>
#include <unistd.h>
#ifdef EX_OK
# undef EX_OK /* unistd.h may have another use for this */
#endif
#ifdef _UNIXWARE
#define EX_OK 0 /* successful termination */
#define EX__BASE 64 /* base value for error messages */
#define EX_USAGE 64 /* command line usage error */
#define EX_DATAERR 65 /* data format error */
#define EX_NOINPUT 66 /* cannot open input */
#define EX_NOUSER 67 /* addressee unknown */
#define EX_NOHOST 68 /* host name unknown */
#define EX_UNAVAILABLE 69 /* service unavailable */
#define EX_SOFTWARE 70 /* internal software error */
#define EX_OSERR 71 /* system error (e.g., can't fork) */
#define EX_OSFILE 72 /* critical OS file missing */
#define EX_CANTCREAT 73 /* can't create (user) output file */
#define EX_IOERR 74 /* input/output error */
#define EX_TEMPFAIL 75 /* temp failure; user is invited to retry */
#define EX_PROTOCOL 76 /* remote error in protocol */
#define EX_NOPERM 77 /* permission denied */
#define EX_CONFIG 78 /* configuration error */
#define EX__MAX 78 /* maximum listed value */
#else
#include <sysexits.h>
#endif
#include <ctype.h>
#if __STDC__
#include <stdarg.h>
#else
#include <varargs.h>
#endif
#ifdef HAVE_SYS_FILE_H
#include <sys/file.h>
#endif
#ifndef HAVE_VSNPRINTF
#include "../kotalkd/vsnprintf.c"
#endif
#if (defined(sun) && defined(__svr4__)) || defined(__SVR4) || defined(_UNIXWARE)
#define USE_LOCKF 1
#define USE_SETEUID 1
#define _PATH_MAILDIR "/var/mail"
#endif
#if defined(_SCO_DS)
#define USE_LOCKF 1
#endif
#if defined(_AIX)
#define USE_LOCKF 1
#define USE_VSYSLOG 0
#endif
#if defined(ultrix)
#define USE_VSYSLOG 0
#endif
#if defined(__osf__)
#define USE_VSYSLOG 0
#endif
#if defined(NeXT)
#include <libc.h>
#define _PATH_MAILDIR "/usr/spool/mail"
#define __dead /* empty */
#define S_IRUSR S_IREAD
#define S_IWUSR S_IWRITE
#endif
/*
* If you don't have flock, you could try using lockf instead.
*/
#if defined(USE_LOCKF) || !defined(HAVE_FLOCK)
#define flock(a, b) lockf(a, b, 0)
#undef LOCK_EX
#define LOCK_EX F_LOCK
#endif
#ifndef USE_VSYSLOG
#define USE_VSYSLOG 1
#endif
#ifdef BSD4_4
# include "pathnames.h"
# define USE_SETEUID
#endif
#ifndef __P
# ifdef __STDC__
# define __P(protos) protos
# else
# define __P(protos) ()
# define const
# endif
#endif
#ifndef __dead
# if defined(__GNUC__) && (__GNUC__ < 2 || __GNUC_MINOR__ < 5) && !defined(__STRICT_ANSI__)
# define __dead __volatile
# else
# define __dead
# endif
#endif
#ifndef _BSD_VA_LIST_
# define _BSD_VA_LIST_ va_list
#endif
#ifndef HAVE_STRERROR_PROTO
extern char *strerror __P((int));
#endif
#ifndef HAVE_FDOPEN_PROTO
extern FILE *fdopen __P((int, const char *));
#endif
/*
* If you don't have setreuid, and you have saved uids, and you have
* a seteuid() call that doesn't try to emulate using setuid(), then
* you can try defining USE_SETEUID.
*/
#ifdef USE_SETEUID
# define setreuid(r, e) seteuid(e)
#endif
#ifndef _PATH_LOCTMP
# define _PATH_LOCTMP "/tmp/local.XXXXXX"
#endif
#ifndef _PATH_MAILDIR
# define _PATH_MAILDIR "/var/spool/mail"
#endif
#ifndef S_ISREG
# define S_ISREG(mode) (((mode) & _S_IFMT) == S_IFREG)
#endif
#define KDEMAXPATHLEN 136
int eval = EX_OK; /* sysexits.h error value. */
void deliver __P((int, char *));
void e_to_sys __P((int));
__dead void err __P((const char *, ...));
void notifybiff __P((char *));
int store __P((char *));
void usage __P((void));
void vwarn __P((const char *, _BSD_VA_LIST_));
void warn __P((const char *, ...));
void lockmbox __P((char *));
void unlockmbox __P((void));
int
main(argc, argv)
int argc;
char *argv[];
{
struct passwd *pw;
int ch, fd;
uid_t uid;
char *from;
extern char *optarg;
extern int optind;
/* make sure we have some open file descriptors */
for (fd = 10; fd < 30; fd++)
(void) close(fd);
/* use a reasonable umask */
(void) umask(0077);
#ifdef LOG_MAIL
openlog("mail.local", 0, LOG_MAIL);
#else
openlog("mail.local", 0);
#endif
from = 0;
while ((ch = getopt(argc, argv, "df:r:")) != EOF)
switch(ch) {
case 'd': /* Backward compatible. */
break;
case 'f':
case 'r': /* Backward compatible. */
if (from != 0) {
warn("multiple -f options");
usage();
}
from = optarg;
break;
case '?':
default:
usage();
}
argc -= optind;
argv += optind;
if (!*argv)
usage();
/*
* If from not specified, use the name from getlogin() if the
* uid matches, otherwise, use the name from the password file
* corresponding to the uid.
*/
uid = getuid();
if (!from && (!(from = getlogin()) ||
!(pw = getpwnam(from)) || pw->pw_uid != uid))
from = (pw = getpwuid(uid)) ? pw->pw_name : "???";
/*
* There is no way to distinguish the error status of one delivery
* from the rest of the deliveries. So, if we failed hard on one
* or more deliveries, but had no failures on any of the others, we
* return a hard failure. If we failed temporarily on one or more
* deliveries, we return a temporary failure regardless of the other
* failures. This results in the delivery being reattempted later
* at the expense of repeated failures and multiple deliveries.
*/
for (fd = store(from); *argv; ++argv)
deliver(fd, *argv);
exit(eval);
}
int
store(from)
char *from;
{
FILE *fp = 0;
time_t tval;
int fd, eline;
char line[2048];
char tmpbuf[sizeof _PATH_LOCTMP + 1];
strcpy(tmpbuf, _PATH_LOCTMP);
if ((fd = mkstemp(tmpbuf)) == -1 || (fp = fdopen(fd, "w+")) == 0) {
e_to_sys(errno);
err("unable to open temporary file");
}
(void)unlink(tmpbuf);
(void)time(&tval);
(void)fprintf(fp, "From %s %s", from, ctime(&tval));
line[0] = '\0';
for (eline = 1; fgets(line, sizeof(line), stdin);) {
if (line[0] == '\n')
eline = 1;
else {
if (eline && line[0] == 'F' &&
!memcmp(line, "From ", 5))
(void)putc('>', fp);
eline = 0;
}
(void)fprintf(fp, "%s", line);
if (ferror(fp)) {
e_to_sys(errno);
err("temporary file write error");
}
}
/* If message not newline terminated, need an extra. */
if (!strchr(line, '\n'))
(void)putc('\n', fp);
/* Output a newline; note, empty messages are allowed. */
(void)putc('\n', fp);
if (fflush(fp) == EOF || ferror(fp)) {
e_to_sys(errno);
err("temporary file write error");
}
return (fd);
}
void
deliver(fd, name)
int fd;
char *name;
{
struct stat fsb, sb;
struct passwd *pw;
int mbfd, nr, nw, off;
char *p;
char biffmsg[100], buf[8*1024], path[KDEMAXPATHLEN];
off_t curoff;
/*
* Disallow delivery to unknown names -- special mailboxes can be
* handled in the sendmail aliases file.
*/
if (!(pw = getpwnam(name))) {
if (eval != EX_TEMPFAIL)
eval = EX_UNAVAILABLE;
warn("unknown name: %s", name);
return;
}
endpwent();
/*
* Keep name reasonably short to avoid buffer overruns.
* This isn't necessary on BSD because of the proper
* definition of snprintf(), but it can cause problems
* on other systems.
* Also, clear out any bogus characters.
*/
if (strlen(name) > 40)
name[40] = '\0';
for (p = name; *p != '\0'; p++)
{
if (!isascii(*p))
*p &= 0x7f;
else if (!isprint(*p))
*p = '.';
}
(void)snprintf(path, sizeof(path), "%s/%s", _PATH_MAILDIR, name);
/*
* If the mailbox is linked or a symlink, fail. There's an obvious
* race here, that the file was replaced with a symbolic link after
* the lstat returned, but before the open. We attempt to detect
* this by comparing the original stat information and information
* returned by an fstat of the file descriptor returned by the open.
*
* NB: this is a symptom of a larger problem, that the mail spooling
* directory is writeable by the wrong users. If that directory is
* writeable, system security is compromised for other reasons, and
* it cannot be fixed here.
*
* If we created the mailbox, set the owner/group. If that fails,
* just return. Another process may have already opened it, so we
* can't unlink it. Historically, binmail set the owner/group at
* each mail delivery. We no longer do this, assuming that if the
* ownership or permissions were changed there was a reason.
*
* XXX
* open(2) should support flock'ing the file.
*/
tryagain:
lockmbox(path);
if (lstat(path, &sb)) {
mbfd = open(path,
O_APPEND|O_CREAT|O_EXCL|O_WRONLY, S_IRUSR|S_IWUSR);
if (mbfd == -1) {
if (errno == EEXIST)
goto tryagain;
} else if (fchown(mbfd, pw->pw_uid, pw->pw_gid)) {
e_to_sys(errno);
warn("chown %u.%u: %s", pw->pw_uid, pw->pw_gid, name);
goto err1;
}
} else if (sb.st_nlink != 1 || !S_ISREG(sb.st_mode)) {
e_to_sys(errno);
warn("%s: irregular file", path);
goto err0;
} else if (sb.st_uid != pw->pw_uid) {
eval = EX_CANTCREAT;
warn("%s: wrong ownership (%d)", path, sb.st_uid);
goto err0;
} else {
mbfd = open(path, O_APPEND|O_WRONLY, 0);
if (mbfd != -1 &&
(fstat(mbfd, &fsb) || fsb.st_nlink != 1 ||
!S_ISREG(fsb.st_mode) || sb.st_dev != fsb.st_dev ||
sb.st_ino != fsb.st_ino || sb.st_uid != fsb.st_uid)) {
eval = EX_CANTCREAT;
warn("%s: file changed after open", path);
goto err1;
}
}
if (mbfd == -1) {
e_to_sys(errno);
warn("%s: %s", path, strerror(errno));
goto err0;
}
/* Wait until we can get a lock on the file. */
if (flock(mbfd, LOCK_EX)) {
e_to_sys(errno);
warn("%s: %s", path, strerror(errno));
goto err1;
}
/* Get the starting offset of the new message for biff. */
curoff = lseek(mbfd, (off_t)0, SEEK_END);
(void)snprintf(biffmsg, sizeof(biffmsg),
sizeof curoff > sizeof(long) ? "%s@%qd\n" : "%s@%ld\n",
name, curoff);
/* Copy the message into the file. */
if (lseek(fd, (off_t)0, SEEK_SET) == (off_t)-1) {
e_to_sys(errno);
warn("temporary file: %s", strerror(errno));
goto err1;
}
if (setreuid(0, pw->pw_uid) < 0) {
e_to_sys(errno);
warn("setreuid(0, %d): %s (r=%d, e=%d)",
pw->pw_uid, strerror(errno), getuid(), geteuid());
goto err1;
}
#ifdef DEBUG
printf("new euid = %d\n", geteuid());
#endif
while ((nr = read(fd, buf, sizeof(buf))) > 0)
for (off = 0; off < nr; off += nw)
if ((nw = write(mbfd, buf + off, nr - off)) < 0) {
e_to_sys(errno);
warn("%s: %s", path, strerror(errno));
goto err3;
}
if (nr < 0) {
e_to_sys(errno);
warn("temporary file: %s", strerror(errno));
goto err3;
}
/* Flush to disk, don't wait for update. */
if (fsync(mbfd)) {
e_to_sys(errno);
warn("%s: %s", path, strerror(errno));
err3:
if (setreuid(0, 0) < 0) {
e_to_sys(errno);
warn("setreuid(0, 0): %s", strerror(errno));
}
#ifdef DEBUG
printf("reset euid = %d\n", geteuid());
#endif
(void)ftruncate(mbfd, curoff);
err1: (void)close(mbfd);
err0: unlockmbox();
return;
}
/* Close and check -- NFS doesn't write until the close. */
if (close(mbfd)) {
e_to_sys(errno);
warn("%s: %s", path, strerror(errno));
unlockmbox();
return;
}
if (setreuid(0, 0) < 0) {
e_to_sys(errno);
warn("setreuid(0, 0): %s", strerror(errno));
}
#ifdef DEBUG
printf("reset euid = %d\n", geteuid());
#endif
unlockmbox();
notifybiff(biffmsg);
}
/*
* user.lock files are necessary for compatibility with other
* systems, e.g., when the mail spool file is NFS exported.
* Alas, mailbox locking is more than just a local matter.
* EPA 11/94.
*/
char lockname[KDEMAXPATHLEN];
int locked = 0;
void
lockmbox(path)
char *path;
{
int statfailed = 0;
if (locked)
return;
snprintf(lockname, sizeof(lockname), "%s.lock", path);
for (;; sleep(5)) {
int fd;
struct stat st;
time_t now;
fd = open(lockname, O_WRONLY|O_EXCL|O_CREAT, 0);
if (fd >= 0) {
locked = 1;
close(fd);
return;
}
if (stat(lockname, &st) < 0) {
if (statfailed++ > 5)
return;
continue;
}
statfailed = 0;
time(&now);
if (now < st.st_ctime + 300)
continue;
unlink(lockname);
}
}
void
unlockmbox()
{
if (!locked)
return;
unlink(lockname);
locked = 0;
}
void
notifybiff(msg)
char *msg;
{
static struct sockaddr_in addr;
static int f = -1;
struct hostent *hp;
struct servent *sp;
int len;
if (!addr.sin_family) {
/* Be silent if biff service not available. */
if (!(sp = getservbyname("biff", "udp")))
return;
if (!(hp = gethostbyname("localhost"))) {
warn("localhost: %s", strerror(errno));
return;
}
addr.sin_family = hp->h_addrtype;
memcpy(&addr.sin_addr, hp->h_addr, hp->h_length);
addr.sin_port = sp->s_port;
}
if (f < 0 && (f = socket(AF_INET, SOCK_DGRAM, 0)) == -1) {
warn("socket: %s", strerror(errno));
return;
}
len = strlen(msg) + 1;
if (sendto(f, msg, len, 0, (struct sockaddr *)&addr, sizeof(addr))
!= len)
warn("sendto biff: %s", strerror(errno));
}
void
usage()
{
eval = EX_USAGE;
err("usage: mail.local [-f from] user ...");
}
#if __STDC__
__dead void
err(const char *fmt, ...)
#else
__dead void
err(fmt, va_alist)
const char *fmt;
va_dcl
#endif
{
va_list ap;
#if __STDC__
va_start(ap, fmt);
#else
va_start(ap);
#endif
vwarn(fmt, ap);
va_end(ap);
exit(eval);
}
void
#if __STDC__
warn(const char *fmt, ...)
#else
warn(fmt, va_alist)
const char *fmt;
va_dcl
#endif
{
va_list ap;
#if __STDC__
va_start(ap, fmt);
#else
va_start(ap);
#endif
vwarn(fmt, ap);
va_end(ap);
}
void
vwarn(fmt, ap)
const char *fmt;
_BSD_VA_LIST_ ap;
{
/*
* Log the message to stderr.
*
* Don't use LOG_PERROR as an openlog() flag to do this,
* it's not portable enough.
*/
if (eval != EX_USAGE)
(void)fprintf(stderr, "mail.local: ");
(void)vfprintf(stderr, fmt, ap);
(void)fprintf(stderr, "\n");
#if USE_VSYSLOG
/* Log the message to syslog. */
vsyslog(LOG_ERR, fmt, ap);
#else
{
char fmtbuf[10240];
(void) vsprintf(fmtbuf, fmt, ap);
syslog(LOG_ERR, "%s", fmtbuf);
}
#endif
}
/*
* e_to_sys --
* Guess which errno's are temporary. Gag me.
*/
void
e_to_sys(num)
int num;
{
/* Temporary failures override hard errors. */
if (eval == EX_TEMPFAIL)
return;
switch(num) { /* Hopefully temporary errors. */
#ifdef EAGAIN
case EAGAIN: /* Resource temporarily unavailable */
#endif
#ifdef EDQUOT
case EDQUOT: /* Disc quota exceeded */
#endif
#ifdef EBUSY
case EBUSY: /* Device busy */
#endif
#ifdef EPROCLIM
case EPROCLIM: /* Too many processes */
#endif
#ifdef EUSERS
case EUSERS: /* Too many users */
#endif
#ifdef ECONNABORTED
case ECONNABORTED: /* Software caused connection abort */
#endif
#ifdef ECONNREFUSED
case ECONNREFUSED: /* Connection refused */
#endif
#ifdef ECONNRESET
case ECONNRESET: /* Connection reset by peer */
#endif
#ifdef EDEADLK
case EDEADLK: /* Resource deadlock avoided */
#endif
#ifdef EFBIG
case EFBIG: /* File too large */
#endif
#ifdef EHOSTDOWN
case EHOSTDOWN: /* Host is down */
#endif
#ifdef EHOSTUNREACH
case EHOSTUNREACH: /* No route to host */
#endif
#ifdef EMFILE
case EMFILE: /* Too many open files */
#endif
#ifdef ENETDOWN
case ENETDOWN: /* Network is down */
#endif
#ifdef ENETRESET
case ENETRESET: /* Network dropped connection on reset */
#endif
#ifdef ENETUNREACH
case ENETUNREACH: /* Network is unreachable */
#endif
#ifdef ENFILE
case ENFILE: /* Too many open files in system */
#endif
#ifdef ENOBUFS
case ENOBUFS: /* No buffer space available */
#endif
#ifdef ENOMEM
case ENOMEM: /* Cannot allocate memory */
#endif
#ifdef ENOSPC
case ENOSPC: /* No space left on device */
#endif
#ifdef EROFS
case EROFS: /* Read-only file system */
#endif
#ifdef ESTALE
case ESTALE: /* Stale NFS file handle */
#endif
#ifdef ETIMEDOUT
case ETIMEDOUT: /* Connection timed out */
#endif
#if defined(EWOULDBLOCK) && EWOULDBLOCK != EAGAIN && EWOULDBLOCK != EDEADLK
case EWOULDBLOCK: /* Operation would block. */
#endif
eval = EX_TEMPFAIL;
break;
default:
eval = EX_UNAVAILABLE;
break;
}
}
#ifndef HAVE_STRERROR
char *
strerror(eno)
int eno;
{
extern int sys_nerr;
extern char *sys_errlist[];
static char ebuf[60];
if (eno >= 0 && eno <= sys_nerr)
return sys_errlist[eno];
(void) sprintf(ebuf, "Error %d", eno);
return ebuf;
}
# endif
#if defined(ultrix) || defined(_UNIXWARE)
/*
* Copyright (c) 1987, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#if defined(LIBC_SCCS) && !defined(lint)
static char sccsid[] = "@(#)mktemp.c 8.1 (Berkeley) 6/4/93";
#endif /* LIBC_SCCS and not lint */
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <errno.h>
#include <stdio.h>
#include <ctype.h>
static int _gettemp();
mkstemp(path)
char *path;
{
int fd;
return (_gettemp(path, &fd) ? fd : -1);
}
/*
char *
mktemp(path)
char *path;
{
return(_gettemp(path, (int *)0) ? path : (char *)0);
}
*/
static
_gettemp(path, doopen)
char *path;
int *doopen;
{
extern int errno;
char *start, *trv;
struct stat sbuf;
u_int pid;
pid = getpid();
for (trv = path; *trv; ++trv); /* extra X's get set to 0's */
while (*--trv == 'X') {
*trv = (pid % 10) + '0';
pid /= 10;
}
/*
* check the target directory; if you have six X's and it
* doesn't exist this runs for a *very* long time.
*/
for (start = trv + 1;; --trv) {
if (trv <= path)
break;
if (*trv == '/') {
*trv = '\0';
if (stat(path, &sbuf))
return(0);
if (!S_ISDIR(sbuf.st_mode)) {
errno = ENOTDIR;
return(0);
}
*trv = '/';
break;
}
}
for (;;) {
if (doopen) {
if ((*doopen =
open(path, O_CREAT|O_EXCL|O_RDWR, 0600)) >= 0)
return(1);
if (errno != EEXIST)
return(0);
}
else if (stat(path, &sbuf))
return(errno == ENOENT ? 1 : 0);
/* tricky little algorithm for backward compatibility */
for (trv = start;;) {
if (!*trv)
return(0);
if (*trv == 'z')
*trv++ = 'a';
else {
if (isdigit(*trv))
*trv = 'a';
else
++*trv;
break;
}
}
}
/*NOTREACHED*/
}
#endif