File mailman-wrapper.patch of Package mailman.15639

--- src/cgi-wrapper.c
+++ src/cgi-wrapper.c
@@ -33,7 +33,7 @@
 const char* logident = LOG_IDENT;
 char* script = SCRIPTNAME;
 const char* parentgroup = LEGAL_PARENT_GROUP;
-
+const char* gidfile = "/etc/mailman/mailman.cgi-gid";
 
 int
 main(int argc, char** argv, char** env)
@@ -42,7 +42,7 @@
         char* fake_argv[3];
 
         running_as_cgi = 1;
-        check_caller(logident, parentgroup);
+        check_caller(logident, gidfile);
 
         /* For these CGI programs, we can ignore argc and argv since they
          * don't contain anything useful.  `script' will always be the driver
--- src/common.c
+++ src/common.c
@@ -117,47 +117,27 @@
 /* Is the parent process allowed to call us?
  */
 void
-check_caller(const char* ident, const char* parentgroup)
+check_caller(const char* ident, const char* gidfile)
 {
-        GID_T mygid = getgid();
-        struct group *mygroup = getgrgid(mygid);
-        char* option;
-        char* server;
-        char* wrapper;
-
-        if (running_as_cgi) {
-                option = "--with-cgi-gid";
-                server = "web";
-                wrapper = "CGI";
-        }
-        else {
-                option = "--with-mail-gid";
-                server = "mail";
-                wrapper = "mail";
-        }
+       FILE *gidfile_h;
+       GID_T parentgid;
+       GID_T mygid = getgid();
+
+       if ((gidfile_h = fopen(gidfile, "r")) == NULL)
+               fatal(ident, GROUP_NAME_NOT_FOUND,
+                       "Cannot open wrapper configuration file: %s",
+                       strerror(errno));
+       if(!fscanf(gidfile_h, "%d", &parentgid))
+               fatal(ident, GROUP_NAME_NOT_FOUND,
+                       "Cannot read wrapper configuration file.");
+       fclose(gidfile_h);
+
+       if (parentgid != mygid) {
+               fatal(ident, GROUP_MISMATCH,
+                     "Failure to exec script. WANTED gid %ld, GOT gid %ld.",
+               parentgid, mygid);
+       }
 
-        if (!mygroup)
-                fatal(ident, GROUP_NAME_NOT_FOUND,
-                      "Failure to find group name for GID %d.  Mailman\n"
-                      "expected the %s wrapper to be executed as group\n"
-                      "\"%s\", but the system's %s server executed the\n"
-                      "wrapper as GID %d for which the name could not be\n"
-                      "found.  Try adding GID %d to your system as \"%s\",\n"
-                      "or tweak your %s server to run the wrapper as group\n"
-                      "\"%s\".",
-                      mygid, wrapper, parentgroup, server, mygid, mygid,
-                      parentgroup, server, parentgroup);
-
-        if (strcmp(parentgroup, mygroup->gr_name))
-                fatal(ident, GROUP_MISMATCH,
-                      "Group mismatch error.  Mailman expected the %s\n"
-                      "wrapper script to be executed as group \"%s\", but\n"
-                      "the system's %s server executed the %s script as\n"
-                      "group \"%s\".  Try tweaking the %s server to run the\n"
-                      "script as group \"%s\", or re-run configure, \n"
-                      "providing the command line option `%s=%s'.",
-                      wrapper, parentgroup, server, wrapper, mygroup->gr_name,
-                      server, parentgroup, option, mygroup->gr_name);
 }
 
 
--- src/mail-wrapper.c
+++ src/mail-wrapper.c
@@ -27,6 +27,7 @@
 
 const char* parentgroup = LEGAL_PARENT_GROUP;
 const char* logident = "Mailman mail-wrapper";
+const char* gidfile = "/etc/mailman/mailman.mail-gid";
 
 
 
@@ -74,7 +75,7 @@
                 fatal(logident, MAIL_ILLEGAL_COMMAND,
                       "Illegal command: %s", argv[1]);
 
-        check_caller(logident, parentgroup);
+        check_caller(logident, gidfile);
 
         /* If we got here, everything must be OK */
         status = run_script(argv[1], argc, argv, env);
openSUSE Build Service is sponsored by