[exim-cvs] Testsuite: check the TRUSTED_CONFIG_LIST content

Top Page
Delete this message
Reply to this message
Author: Exim Git Commits Mailing List
Date:  
To: exim-cvs
Subject: [exim-cvs] Testsuite: check the TRUSTED_CONFIG_LIST content
Gitweb: http://git.exim.org/exim.git/commitdiff/32ca7e2d3443b12a06aa0ae6bd21bfa8c27d031a
Commit:     32ca7e2d3443b12a06aa0ae6bd21bfa8c27d031a
Parent:     26ab1da32241a0be1cf08ce866b00429fc35d06d
Author:     Heiko Schlittermann (HS12) <hs@???>
AuthorDate: Mon Apr 6 23:29:33 2015 +0200
Committer:  Heiko Schlittermann (HS12) <hs@???>
CommitDate: Sat Apr 25 21:01:52 2015 +0200


    Testsuite: check the TRUSTED_CONFIG_LIST content


    The testsuite relies on trusted configs. Exim needs to be compiled with
    the TRUSTED_CONFIG_LIST option. The file mentioned in the
    TRUSTED_CONFIG_LIST needs to meet several conditions.
---
 test/runtest |   31 ++++++++++++++++++++++++++++++-
 1 files changed, 30 insertions(+), 1 deletions(-)


diff --git a/test/runtest b/test/runtest
index 0a2ede9..4247f8c 100755
--- a/test/runtest
+++ b/test/runtest
@@ -2405,12 +2405,13 @@ symlink("$parm_cwd/confs/0000", "$parm_cwd/test-config")

 print("Probing with config file: $parm_cwd/test-config\n");
 open(EXIMINFO, "$parm_exim -d -C $parm_cwd/test-config -DDIR=$parm_cwd " .
-               "-bP exim_user exim_group|") ||
+               "-bP exim_user exim_group 2>&1|") ||
   die "** Cannot run $parm_exim: $!\n";
 while(<EXIMINFO>)
   {
   $parm_eximuser = $1 if /^exim_user = (.*)$/;
   $parm_eximgroup = $1 if /^exim_group = (.*)$/;
+  $parm_trusted_config_list = $1 if /^TRUSTED_CONFIG_LIST:.*?"(.*?)"$/;
   }
 close(EXIMINFO);


@@ -2433,6 +2434,34 @@ if (defined $parm_eximgroup)
     else { $parm_exim_gid = getgrnam($parm_eximgroup); }
   }


+# check the permissions on the TRUSTED_CONFIG_LIST
+if (defined $parm_trusted_config_list)
+  {
+  die "TRUSTED_CONFIG_LIST: $parm_trusted_config_list: $!\n"
+    if not -f $parm_trusted_config_list;
+
+  die "TRUSTED_CONFIG_LIST $parm_trusted_config_list must not be world writable!\n"
+    if 02 & (stat _)[2];
+
+  die sprintf "TRUSTED_CONFIG_LIST: $parm_trusted_config_list %d is group writable, but not owned by group '%s' or '%s'.\n",
+  (stat _)[1],
+    scalar(getgrgid 0), scalar(getgrgid $>)
+    if (020 & (stat _)[2]) and not ((stat _)[5] == $> or (stat _)[5] == 0);
+
+  die sprintf "TRUSTED_CONFIG_LIST: $parm_trusted_config_list is not owned by user '%s' or '%s'.\n",
+  scalar(getpwuid 0), scalar(getpwuid $>)
+     if (not (-o _ or (stat _)[4] == 0));
+
+  open(TCL, $parm_trusted_config_list) or die "Can't open $parm_trusted_config_list: $!\n";
+  my $test_config = getcwd() . '/test-config';
+  die "Can't find '$test_config' in TRUSTED_CONFIG_LIST $parm_trusted_config_list."
+  if not grep { /^$test_config$/ } <TCL>;
+  }
+else
+  {
+  die "Unable to check the TRUSTED_CONFIG_LIST, seems to be empty?\n";
+  }
+
 open(EXIMINFO, "$parm_exim -bV -C $parm_cwd/test-config -DDIR=$parm_cwd |") ||
   die "** Cannot run $parm_exim: $!\n";