#include <stdio.h>
#include <sys/types.h>
#include <unistd.h>
#include <pwd.h>

#define MINUID 100
#define MAXUID 60000
#define MINGID 2000
#define MAXGID 40000

int main(int ac, char** av) {
    int i;
    struct passwd* pw;
    char** environ;
    char* empty;

    char* user;
    char* filter;

#define ARGMAX (1<<10)
    char* filterargs[ARGMAX+1];
    int facount;

    empty = 0;
    environ = &empty;

    if (ac-2 > ARGMAX) {
        fprintf(stderr,"too many args: %d\n", ac-2);
        return 1;
    }

    if (ac < 3) {
        fprintf(stderr,"usage: %s user prog args\n");
        return 2;
    }

    user = av[1];
    filter = av[2];
    for (i=2; i<ac; ++i) {
        filterargs[i-2] = av[i];
    }
    filterargs[ac-2] = 0;

    pw = getpwnam("Gsmtpprox");
    if (!pw) {
        fprintf(stderr,"failed to get pw entry for proxy user\n");
        return 3;
    }

    if (getuid() != pw->pw_uid) {
        fprintf(stderr,"called by the wrong user\n");
        return 4;
    }

    pw = getpwnam(user);
    if (!pw) {
        fprintf(stderr,"failed to get pw entry for user\n");
        return 5;
    }

    if (pw->pw_uid < MINUID) {
        fprintf(stderr,"minuid check failed\n");
        return 6;
    }
    if (pw->pw_uid > MAXUID) {
        fprintf(stderr,"maxuid check failed\n");
        return 7;
    }
    if (pw->pw_gid < MINGID) {
        fprintf(stderr,"mingid check failed\n");
        return 8;
    }
    if (pw->pw_gid > MAXGID) {
        fprintf(stderr,"maxgid check failed\n");
        return 9;
    }

    if (setegid(pw->pw_gid)) {
        perror("setegid failed");
        return 10;
    }
    if (setgid(pw->pw_gid)) {
        perror("setgid failed");
        return 11;
    }

    if (setreuid(pw->pw_uid, pw->pw_uid)) {
        perror("setreuid failed");
        return 12;
    }

    if (chdir(pw->pw_dir)) {
        perror("chdir failed");
        return 13;
    }

    execve(filter, filterargs, environ);
    perror("execve failed");
    return 14;
}