[exim-cvs] Readonly-config: not supported by Solaris 10

Páxina inicial
Borrar esta mensaxe
Responder a esta mensaxe
Autor: Exim Git Commits Mailing List
Data:  
Para: exim-cvs
Asunto: [exim-cvs] Readonly-config: not supported by Solaris 10
Gitweb: https://git.exim.org/exim.git/commitdiff/a57492a480bce6d41dec5255d4a55550aa9d4f87
Commit:     a57492a480bce6d41dec5255d4a55550aa9d4f87
Parent:     0415468df326fefc339a936e47479ff0cf197092
Author:     Jeremy Harris <jgh146exb@???>
AuthorDate: Mon Jun 28 19:49:00 2021 +0100
Committer:  Jeremy Harris <jgh146exb@???>
CommitDate: Mon Jun 28 20:12:55 2021 +0100


    Readonly-config: not supported by Solaris 10


    Broken-by: 753739fdef
---
 doc/doc-txt/ChangeLog | 1 +
 src/OS/os.h-SunOS5    | 4 ++++
 src/src/store.c       | 9 ++++-----
 3 files changed, 9 insertions(+), 5 deletions(-)


diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 3311ae8..cc589c5 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -318,6 +318,7 @@ JH/55 TLS: as server, reject connections with ALPN indicating non-smtp use.

 JH/56 Make the majority of info read from config files readonly, for defence-in-
       depth against exploits.  Suggestion by Qualsy.
+      Not supported on Solaris 10.



Exim version 4.94
diff --git a/src/OS/os.h-SunOS5 b/src/OS/os.h-SunOS5
index f5bc316..1ceafa7 100644
--- a/src/OS/os.h-SunOS5
+++ b/src/OS/os.h-SunOS5
@@ -38,6 +38,10 @@ it seems. */
# define MISSING_UNSETENV_3
#endif

+#if _POSIX_C_SOURCE < 200809L
+# define MISSING_POSIX_MEMALIGN
+#endif
+

 /* SunOS5 doesn't accept getcwd(NULL, 0) to auto-allocate
 a buffer */
diff --git a/src/src/store.c b/src/src/store.c
index ad4da3c..e8819e3 100644
--- a/src/src/store.c
+++ b/src/src/store.c
@@ -255,14 +255,11 @@ log_write(0, LOG_MAIN|LOG_PANIC_DIE, "Taint mismatch, %s: %s %d\n",
 void
 store_writeprotect(int pool)
 {
+#if !defined(COMPILE_UTILITY) && !defined(MISSING_POSIX_MEMALIGN)
 for (storeblock * b = chainbase[pool]; b; b = b->next)
-  {
-#ifndef COMPILE_UTILITY
   if (mprotect(b, ALIGNED_SIZEOF_STOREBLOCK + b->length, PROT_READ) != 0)
-    DEBUG(D_any) debug_printf("config block mprotect: (%d) %s\n", errno, strerror(errno))
+    DEBUG(D_any) debug_printf("config block mprotect: (%d) %s\n", errno, strerror(errno));
 #endif
-    ;
-  }
 }


 /******************************************************************************/
@@ -346,12 +343,14 @@ if (size > yield_length[pool])
     if (++nblocks[pool] > maxblocks[pool])
       maxblocks[pool] = nblocks[pool];


+#ifndef MISSING_POSIX_MEMALIGN
     if (pool == POOL_CONFIG)
       {
       long pgsize = sysconf(_SC_PAGESIZE);
       posix_memalign((void **)&newblock, pgsize, (mlength + pgsize - 1) & ~(pgsize - 1));
       }
     else
+#endif
       newblock = internal_store_malloc(mlength, func, linenumber);
     newblock->next = NULL;
     newblock->length = length;