/*
**  sendmail_wrapper.c - wrap sendmail to prevent newlines in command line
**                       and clean up the environment.
**
**  Authors:    Eric Halil, Danny Smith
**              AUSCERT
**              c/o Prentice Centre
**              The University of Queensland
**              Qld.  4072.
**              Australia
**              22-Feb-1995
**
**  Disclaimer:  The use of this program is at your own risk.  It is 
**               designed to combat a particular vulnerability, and may
**               not combat other vulnerabilities, either past or future.
**               The decision to use this program is yours, as are the
**               consequences of its use.
**
**               This program is designed to be an interim relief measure
**               until appropriate patches can be obtained from your vendor.
**
**  Installation instructions
**  =========================
**
**  1.  su to root.
**
**  2.  Determine the location of sendmail.  On SunOS and Ultrix
**      systems, it is located in the /usr/lib directory.  On BSDI
**      systems, it is located in the /usr/sbin directory.  For example
**      purposes only, /usr/lib will be used in the following instructions
**      steps.
**
**  3.  Copy the sendmail program to sendmail.real.  Change the permissions
**      on the copy of sendmail.
**
**              # cd /usr/lib
**              # cp sendmail sendmail.real
**              # chmod 0700 sendmail.real
**
**  4.  Determine the permissions, owner, and group of sendmail.  This
**      information will be used later.
**
**      For BSD users:
**              # ls -lg sendmail
**      For System V users:
**              # ls -l sendmail
**
**  5.  Edit this wrapper program and define REAL_SENDMAIL.  By default,
**      REAL_SENDMAIL is defined as "/usr/lib/sendmail.real".
**
**  6.  Compile this program in a directory other than /usr/lib.  For
**      example to use /tmp, first copy this file into /tmp.
**
**              # cd /tmp
**              # cc -O -o sendmail sendmail_wrapper.c
**
**  7.  Copy this new wrapper program into the directory containing sendmail.
**      Make sure this directory and its parent directories are protected so
**      only root is able to make changes to files in the directory.  This
**      will replace the existing sendmail.  The following steps should be
**      executed quickly.
**
**      Users will not be able to send e-mail during the time when the
**      wrapper is copied into place until the chmod command has been
**      executed.  Use the information from step #4 and set the permissions
**      owner, and group of the new sendmail.
**
**              # cp sendmail /usr/lib/sendmail
**              # cd /usr/lib
**              # chown root sendmail
**              # chmod 4511 sendmail
**
**  8.  Kill the running sendmail process and start the new sendmail.
**
**      For SunOS and Ultrix:
**              # kill -9 `head -1 /etc/sendmail.pid`
**              # /usr/lib/sendmail -bd -q1h
**
**      For BSDI:
**              # kill -9 `head -1 /var/run/sendmail.pid`
**              # /usr/sbin/sendmail -bd -q1h
**
**      For other systems, follow your vendors guidelines or use the
**      following command.  Kill the processes and start the new sendmail.
**              # ps -auxw | grep sendmail | grep -v grep
**              # kill -9 (process id numbers)
**              # ./sendmail -bd -q1h
**
**  9.  Test that mail still works.

** Version 1.1  22-Feb-1995.
*/

#include <stdio.h>

/*
**      REAL_SENDMAIL needs to be defined using the full pathname
**      of the real sendmail.  A few known locations have been defined.
*/

#ifdef sun
#define REAL_SENDMAIL   "/usr/lib/sendmail.real"
#endif

#ifdef ultrix
#define REAL_SENDMAIL   "/usr/lib/sendmail.real"
#endif

#if defined (__bsdi__) || defined(__386BSD__) || defined(__FreeBSD__) || defined(__NetBSD__)

#define REAL_SENDMAIL   "/usr/sbin/sendmail.real"
#endif

int main( argc, argv, envp)
int     argc;
char    *argv[];
char    *envp[];
{
    char        *cp;
    int         i;
    int         j;
    int         status;

/*
**  Ensure that there are no newlines in the arguments
*/
    for ( i = 1; i < argc; i++)
    {
        for ( cp = argv[ i]; *cp != '\0'; cp++)
        {
            if ( ( *cp == '\r') || ( *cp == '\n'))
            {
                *cp = ' ';
            }
        }
    }

/*
**  While we are at it, let's clean up the environment
**  Remove LD_*, IFS, and PATH enviroment variables before execing
*/
    i = 0;
    while( envp[ i] != NULL)
    {
        if ( strncmp( envp[ i], "LD_", 3) == 0)
        {
            j = i;
            while ( envp[ j] != NULL)
            {
                envp[ j] = envp[ j + 1];
                j++;
            }
            continue;
        }
        if ( strncmp( envp[ i], "IFS=", 4) == 0)
        {
            j = i;
            while ( envp[ j] != NULL)
            {
                envp[ j] = envp[ j + 1];
                j++;
            }
            continue;
        }
        if ( strncmp( envp[ i], "PATH=", 5) == 0)
        {
            j = i;
            while ( envp[ j] != NULL)
            {
                envp[ j] = envp[ j + 1];
                j++;
            }
            continue;
        }
/*
**  Now check for newlines in environment variables
*/
        for ( cp = envp[ i]; *cp != '\0'; cp++)
        {
            if ( ( *cp == '\r') || ( *cp == '\n'))
            {
                *cp = ' ';
            }
        }
/*
**  next environment variable
*/
        i++;
    }

/*
** exec the real sendmail now
*/
    status = execve( REAL_SENDMAIL, argv, envp);
    perror( "execve sendmail");
    return( status);
}