Greetings, My question is regarding *modified* UW IMAP code, so I understand that it might be beyond the scope of this list. However, I did not come across any rules explicitly barring such queries, so here goes:
I'm working with Rich Graves' SRPM, which is here: <http://web.brandeis.edu/pub/Network/EmailArchitecture/imap-2002c1-1brandeis.src.rpm> Therein exist a number of straightforward patches, most of which I've left unchanged. I slightly modified the brandeis-cleartextok.patch, and that seems to be working just fine. Since I'm hardly proficient in C, I'm running into difficulty understanding the two following sections in brandeis-paths.patch. (the following modifies /src/imapd/imapd.c) + snprintf(tmp,6,getenv("REMOTE_UID")); + if (strlen(tmp) > 3) { + uid = atol(tmp); + i = ident_setuid_hack(uid); + switch (i) { + case 1: + syslog (LOG_INFO,"Bad ident (setuid failed) REMOTE_UID uid=%d + host=%.80s",uid,tcp_clienthost ()); + break; + default: + break; /* Fall through as root, requiring login */ + } + } Does the above just get the client's UID and then pass it as parameter to ident_setuid_hack()? The latter function, which is "patched into" /src/osdep/unix/env_unix.c, is: + +unsigned long ident_setuid_hack (long uid) +{ + long ret = 0; /* Return value */ + struct passwd *pw; + if ((uid < 500) || (uid > 65533)) { + syslog (LOG_INFO,"Bad ident (uid out of range) REMOTE_UID uid=%d + host=%.80s",uid,tcp_clienthost ()); + return 3; + } + pw = getpwuid (uid); + if (pw == NULL) { + syslog (LOG_INFO,"Bad ident (no such uid) REMOTE_UID uid=%d host=%.80s", + uid,tcp_clienthost ()); + return 2; + } + ret = (setgid (pw->pw_gid) || initgroups (pw->pw_name,pw->pw_gid) || + setuid (uid)); + return ret; +} + Here I understand the function checks to make sure the UID is between a certain range, confirms there isn't a null pw associated with it, and eventually gets to the section were ret is set. That's where I'm lost. What exactly is going on here? I suspect these two sections of code are responsible for changing the UID of the daemon so that it preauthenticates the user, but after building and installing this RPM on my server, the preauth does not work. Perhaps if I understood what's going on in ret, I could troubleshoot more effectively. Also, I'm aware of other preauth methods (i.e. via /etc/rimapd + ssh), but I'd like to get this implementation working instead. I decided to post to this list (before USENET) because my question is UW-specific, but let me know if I should take it elsewhere. Thanks, Sahil -- ------------------------------------------------------------------ For information about this mailing list, and its archives, see: http://www.washington.edu/imap/c-client-list.html ------------------------------------------------------------------