commit-mailutils
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[SCM] GNU Mailutils branch, master, updated. release-2.2-396-g7b85649

From: Sergey Poznyakoff
Subject: [SCM] GNU Mailutils branch, master, updated. release-2.2-396-g7b85649
Date: Tue, 18 Oct 2011 11:56:51 +0000 
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU Mailutils".

http://git.savannah.gnu.org/cgit/mailutils.git/commit/?id=7b85649a0f12a73bd8468c322d39811797ba315a

The branch, master has been updated
       via  7b85649a0f12a73bd8468c322d39811797ba315a (commit)
      from  dfed0be6c0fb0541234422af700e955b77d09bd4 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 7b85649a0f12a73bd8468c322d39811797ba315a
Author: Sergey Poznyakoff <address@hidden>
Date:   Tue Oct 18 14:55:16 2011 +0300

    File safety checks: Implement "default" keyword

-----------------------------------------------------------------------

Summary of changes:
 libmu_cfg/tls.c |   65 ++++++++++++++++++++++++++++++++++++------------------
 maidag/maidag.c |   33 ++++++++++++---------------
 2 files changed, 58 insertions(+), 40 deletions(-)

diff --git a/libmu_cfg/tls.c b/libmu_cfg/tls.c
index d6f44fa..d2ecf00 100644
--- a/libmu_cfg/tls.c
+++ b/libmu_cfg/tls.c
@@ -24,21 +24,27 @@
 #include <mailutils/util.h>
 #include <mailutils/kwd.h>
 
+#define SSL_CERT_FILE_CHECKS  (MU_FILE_SAFETY_GROUP_WRITABLE |         \
+                              MU_FILE_SAFETY_GROUP_WRITABLE |          \
+                              MU_FILE_SAFETY_LINKED_WRDIR)
+
+#define SSL_KEY_FILE_CHECKS   MU_FILE_SAFETY_ALL
+
+#define SSL_CA_FILE_CHECKS    (MU_FILE_SAFETY_GROUP_WRITABLE |         \
+                              MU_FILE_SAFETY_GROUP_WRITABLE |          \
+                              MU_FILE_SAFETY_LINKED_WRDIR)
+
 static struct mu_tls_module_config tls_settings = {
     1,                   /* enabled by default */
 
     NULL,                /* Certificate file */
-    MU_FILE_SAFETY_GROUP_WRITABLE |
-     MU_FILE_SAFETY_GROUP_WRITABLE |
-     MU_FILE_SAFETY_LINKED_WRDIR,
+    SSL_CERT_FILE_CHECKS,
 
-    NULL,               /* Key file */ 
-    MU_FILE_SAFETY_ALL, /* Stringent safety checks for keys */
+    NULL,                /* Key file */ 
+    SSL_KEY_FILE_CHECKS, /* Stringent safety checks for keys */
 
-    NULL,               /* CA file */
-    MU_FILE_SAFETY_GROUP_WRITABLE |
-     MU_FILE_SAFETY_GROUP_WRITABLE |
-     MU_FILE_SAFETY_LINKED_WRDIR
+    NULL,                /* CA file */
+    SSL_CA_FILE_CHECKS
 };
 
 
@@ -49,12 +55,6 @@ cb2_safety_checks (const char *name, void *data)
   int val;
   int *res = data;
   
-  if (strcmp (name, "none") == 0)
-    {
-      *res = MU_FILE_SAFETY_NONE;
-      return 0;
-    }
-
   if (*name == '-')
     {
       negate = 1;
@@ -62,16 +62,37 @@ cb2_safety_checks (const char *name, void *data)
     }
   else if (*name == '+')
     name++;
-    
-  if (mu_file_safety_name_to_code (name, &val))
-    mu_error (_("unknown keyword: %s"), name);
-  else
+
+  if (strcmp (name, "none") == 0)
+    val = MU_FILE_SAFETY_NONE;
+  else if (strcmp (name, "all") == 0)
+    val = MU_FILE_SAFETY_ALL;
+  else if (strcmp (name, "default") == 0)
     {
-      if (negate)
-       *res &= ~val;
+      if (data == &tls_settings.ssl_key)
+       val = SSL_KEY_FILE_CHECKS;
+      else if (data == &tls_settings.ssl_cert)
+       val = SSL_CERT_FILE_CHECKS;
+      else if (data == &tls_settings.ssl_cafile)
+       val = SSL_CA_FILE_CHECKS;
       else
-       *res |= val;
+       {
+         mu_error (_("INTERNAL ERROR at %s:%d: unknown default value?"),
+                   __FILE__, __LINE__);
+         val = MU_FILE_SAFETY_ALL;
+       }
+    }
+  else if (mu_file_safety_name_to_code (name, &val))
+    {
+      mu_error (_("unknown keyword: %s"), name);
+      return 0;
     }
+
+  if (negate)
+    *res &= ~val;
+  else
+    *res |= val;
+  
   return 0;
 }
 
diff --git a/maidag/maidag.c b/maidag/maidag.c
index a9fe7ac..6c6af88 100644
--- a/maidag/maidag.c
+++ b/maidag/maidag.c
@@ -339,17 +339,6 @@ cb2_forward_file_checks (const char *name, void *data)
   int val;
   int negate = 0;
   
-  if (strcmp (name, "all") == 0)
-    {
-      forward_file_checks = FORWARD_FILE_PERM_CHECK;
-      return 0;
-    }
-  if (strcmp (name, "none") == 0)
-    {
-      forward_file_checks = 0;
-      return 0;
-    }
-  
   if (*name == '-')
     {
       negate = 1;
@@ -358,15 +347,23 @@ cb2_forward_file_checks (const char *name, void *data)
   else if (*name == '+')
     name++;
 
-  if (mu_file_safety_name_to_code (name, &val))
-    mu_error (_("unknown keyword: %s"), name);
-  else
+  if (strcmp (name, "none") == 0)
+    forward_file_checks = MU_FILE_SAFETY_NONE;
+  else if (strcmp (name, "all") == 0)
+    forward_file_checks = MU_FILE_SAFETY_ALL;
+  else if (strcmp (name, "default") == 0)
+    forward_file_checks = FORWARD_FILE_PERM_CHECK;
+  else if (mu_file_safety_name_to_code (name, &val))
     {
-      if (negate)
-       forward_file_checks &= ~val;
-      else
-       forward_file_checks |= val;
+      mu_error (_("unknown keyword: %s"), name);
+      return 0;
     }
+
+  if (negate)
+    forward_file_checks &= ~val;
+  else
+    forward_file_checks |= val;
+
   return 0;
 }
 


hooks/post-receive
-- 
GNU Mailutils
reply via email to
[Prev in Thread] Current Thread [Next in Thread]