diff options
author | Todd C. Miller <millert@cvs.openbsd.org> | 2003-09-17 17:31:42 +0000 |
---|---|---|
committer | Todd C. Miller <millert@cvs.openbsd.org> | 2003-09-17 17:31:42 +0000 |
commit | e883408a0913641ec2d452de3978a47db5f4c85e (patch) | |
tree | 32d45bdda26765a93ea86ef564a3ec12a3fa0416 | |
parent | dcd8a09464d293189795148dba784b422795dd9f (diff) |
Update to sendmail-8.12.10. This includes a fix for a buffer overflow
in address parsing. That fix (but not all of sendmail-8.12.10) has
been applied to OpenBSD 3.4 and the 3.2 and 3.2 -stable branches.
67 files changed, 1206 insertions, 435 deletions
diff --git a/gnu/usr.sbin/sendmail/LICENSE b/gnu/usr.sbin/sendmail/LICENSE index 5418ce41d88..156a403dafd 100644 --- a/gnu/usr.sbin/sendmail/LICENSE +++ b/gnu/usr.sbin/sendmail/LICENSE @@ -2,7 +2,7 @@ The following license terms and conditions apply, unless a different license is obtained from Sendmail, Inc., 6425 Christie Ave, Fourth Floor, -Emeryville, CA 94608, or by electronic mail at license@sendmail.com. +Emeryville, CA 94608, USA, or by electronic mail at license@sendmail.com. License Terms: @@ -33,7 +33,7 @@ each of the following conditions is met: forth as paragraph 6 below, in the documentation and/or other materials provided with the distribution. For the purposes of binary distribution the "Copyright Notice" refers to the following language: - "Copyright (c) 1998-2002 Sendmail, Inc. All rights reserved." + "Copyright (c) 1998-2003 Sendmail, Inc. All rights reserved." 4. Neither the name of Sendmail, Inc. nor the University of California nor the names of their contributors may be used to endorse or promote @@ -76,4 +76,4 @@ each of the following conditions is met: (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. -$Revision: 1.6 $, Last updated $Date: 2002/06/03 17:25:45 $ +$Revision: 1.7 $, Last updated $Date: 2003/09/17 17:31:38 $ diff --git a/gnu/usr.sbin/sendmail/RELEASE_NOTES b/gnu/usr.sbin/sendmail/RELEASE_NOTES index f6d0fbbd71b..8dca46e9a49 100644 --- a/gnu/usr.sbin/sendmail/RELEASE_NOTES +++ b/gnu/usr.sbin/sendmail/RELEASE_NOTES @@ -1,16 +1,83 @@ SENDMAIL RELEASE NOTES - $Sendmail: RELEASE_NOTES,v 8.1340.2.132 2003/03/29 14:02:26 ca Exp $ + $Sendmail: RELEASE_NOTES,v 8.1340.2.165 2003/09/16 20:50:42 ca Exp $ This listing shows the version of the sendmail binary, the version of the sendmail configuration files, the date of release, and a summary of the changes in that release. +8.12.10/8.12.10 2003/09/24 + SECURITY: Fix a buffer overflow in address parsing. Problem + detected by Michal Zalewski, patch from Todd C. Miller + of Courtesan Consulting. + Fix a potential buffer overflow in ruleset parsing. This problem + is not exploitable in the default sendmail configuration; + only if non-standard rulesets recipient (2), final (4), or + mailer-specific envelope recipients rulesets are used then + a problem may occur. Problem noted by Timo Sirainen. + Accept 0 (and 0/0) as valid input for set MaxMimeHeaderLength. + Problem noted by Thomas Schulz. + Add several checks to avoid (theoretical) buffer over/underflows. + Properly count message size when performing 7->8 or 8->7 bit MIME + conversions. Problem noted by Werner Wiethege. + Properly compute message priority based on size of entire message, + not just header. Problem noted by Axel Holscher. + Reset SevenBitInput to its configured value between SMTP + transactions for broken clients which do not properly + announce 8 bit data. Problem noted by Stefan Roehrich. + Set {addr_type} during queue runs when processing recipients. + Based on patch from Arne Jansen. + Better error handling in case of (very unlikely) queue-id conflicts. + Perform better error recovery for address parsing, e.g., when + encountering a comment that is too long. Problem noted by + Tanel Kokk, Union Bank of Estonia. + Add ':' to the allowed character list for bogus HELO/EHLO + checking. It is used for IPv6 domain literals. Patch from + Iwaizako Takahiro of FreeBit Co., Ltd. + Reset SASL connection context after a failed authentication attempt. + Based on patch from Rob Siemborski of CMU. + Check Berkeley DB compile time version against run time version + to make sure they match. + Do not attempt AAAA (IPv6) DNS lookups if IPv6 is not enabled + in the kernel. + When a milter adds recipients and one of them causes an error, + do not ignore the other recipients. Problem noted by + Bart Duchesne. + CONFIG: Use specified SMTP error code in mailertable entries which + lack a DSN, i.e., "error:### Text". Problem noted by + Craig Hunt. + CONFIG: Call Local_trust_auth with the correct argument. Patch + from Jerome Borsboom. + CONTRIB: Better handling of temporary filenames for doublebounce.pl + and expn.pl to avoid file overwrites, etc. Patches from + Richard A. Nelson of Debian and Paul Szabo. + MAIL.LOCAL: Fix obscure race condition that could lead to an + improper mailbox truncation if close() fails after the + mailbox is fsync()'ed and a new message is delivered + after the close() and before the truncate(). + MAIL.LOCAL: If mail delivery fails, do not leave behind a + stale lockfile (which is ignored after the lock timeout). + Patch from Oleg Bulyzhin of Cronyx Plus LLC. + Portability: + Port for AIX 5.2. Thanks to Steve Hubert of University + of Washington for providing access to a computer + with AIX 5.2. + setreuid(2) works on OpenBSD 3.3. Patch from + Todd C. Miller of Courtesan Consulting. + Allow for custom definition of SMRSH_CMDDIR and SMRSH_PATH + on all operating systems. Patch from Robert Harker + of Harker Systems. + Use strerror(3) on Linux. If this causes a problem on + your Linux distribution, compile with + -DHASSTRERROR=0 and tell sendmail.org about it. + Added Files: + devtools/OS/AIX.5.2 + 8.12.9/8.12.9 2003/03/29 SECURITY: Fix a buffer overflow in address parsing due to a char to int conversion problem which is potentially remotely exploitable. Problem found by Michal Zalewski. - Note: an MTA that is not patched might be vulnerable to + Note: an MTA that is not patched might be vulnerable to data that it receives from untrusted sources, which includes DNS. To provide partial protection to internal, unpatched sendmail MTAs, @@ -31,7 +98,7 @@ summary of the changes in that release. College London. Properly initialize data structure for dns maps to avoid various errors, e.g., looping processes. Problem noted by - Maurice Makaay. + Maurice Makaay of InterNLnet B.V. CONFIG: Prevent multiple application of rule to add smart host. Patch from Andrzej Filip. CONFIG: Fix queue group declaration in MAILER(`usenet'). @@ -1457,6 +1524,67 @@ summary of the changes in that release. cf/cf/generic-solaris2.cf => cf/cf/generic-solaris.cf cf/ostype/aux.m4 => cf/ostype/a-ux.m4 +8.11.7/8.11.7 2003/03/29 + SECURITY: Fix a remote buffer overflow in header parsing by + dropping sender and recipient header comments if the + comments are too long. Problem noted by Mark Dowd + of ISS X-Force. + SECURITY: Fix a buffer overflow in address parsing due to + a char to int conversion problem which is potentially + remotely exploitable. Problem found by Michal Zalewski. + Note: an MTA that is not patched might be vulnerable to + data that it receives from untrusted sources, which + includes DNS. + To provide partial protection to internal, unpatched sendmail MTAs, + 8.11.7 changes by default (char)0xff to (char)0x7f in + headers etc. To turn off this conversion compile with + -DALLOW_255 or use the command line option -d82.101. + To provide partial protection for internal, unpatched MTAs that may be + performing 7->8 or 8->7 bit MIME conversions, the default + for MaxMimeHeaderLength has been changed to 2048/1024. + Note: this does have a performance impact, and it only + protects against frontal attacks from the outside. + To disable the checks and return to pre-8.11.7 defaults, + set MaxMimeHeaderLength to 0/0. + Properly clean up macros to avoid persistence of session data + across various connections. This could cause session + oriented restrictions, e.g., STARTTLS requirements, + to erroneously allow a connection. Problem noted + by Tim Maletic of Priority Health. + Ignore comments in NIS host records when trying to find the + canonical name for a host. + Fix a memory leak when closing Hesiod maps. + Set ${msg_size} macro when reading a message from the command line + or the queue. + Prevent a segmentation fault when clearing the event list by + turning off alarms before checking if event list is + empty. Problem noted by Allan E Johannesen of Worcester + Polytechnic Institute. + Fix a potential core dump problem if the environment variable + NAME is set. Problem noted by Beth A. Chaney of + Purdue University. + Prevent a race condition on child cleanup for delivery to files. + Problem noted by Fletcher Mattox of the University of + Texas. + CONFIG: Do not bounce mail if FEATURE(`ldap_routing')'s bounce + parameter is set and the LDAP lookup returns a temporary + error. + CONFIG: Fix a syntax error in the try_tls ruleset if + FEATURE(`access_db') is not enabled. + LIBSMDB: Fix a lock race condition that affects makemap, praliases, + and vacation. + LIBSMDB: Avoid a file creation race condition for Berkeley DB 1.X + and NDBM on systems with the O_EXLOCK open(2) flag. + MAKEMAP: Avoid going beyond the end of an input line if it does + not contain a value for a key. Based on patch from + Mark Bixby from Hewlett-Packard. + MAIL.LOCAL: Fix a truncation race condition if the close() on + the mailbox fails. Problem noted by Tomoko Fukuzawa of + Sun Microsystems. + SMRSH: SECURITY: Only allow regular files or symbolic links to be + used for a command. Problem noted by David Endler of + iDEFENSE, Inc. + 8.11.6/8.11.6 2001/08/20 SECURITY: Fix a possible memory access violation when specifying out-of-bounds debug parameters. Problem detected by @@ -2686,10 +2814,9 @@ summary of the changes in that release. Log the DSN code for each recipient if one is available as a new equate (dsn=). Macro expand PostmasterCopy and DoubleBounceAddress options. - New "ph" map for performing ph queries in rulesets. More - information is available at - http://www-dev.cso.uiuc.edu/sendmail/. Contributed by Mark - Roth of the University of Illinois at Urbana-Champaign. + New "ph" map for performing ph queries in rulesets, see + sendmail/README for details. Contributed by Mark Roth + of the University of Illinois at Urbana-Champaign. Detect temporary lookup failures in the host map if looking up a bracketed IP address. Problem noted by Kari Hurtta of the Finnish Meteorological Institute. diff --git a/gnu/usr.sbin/sendmail/cf/README b/gnu/usr.sbin/sendmail/cf/README index 938a64fa288..6d212e9f0cb 100644 --- a/gnu/usr.sbin/sendmail/cf/README +++ b/gnu/usr.sbin/sendmail/cf/README @@ -2765,15 +2765,14 @@ ${server_addr} the address of the server of the current outgoing SMTP Relaying -------- - SMTP STARTTLS can allow relaying for remote SMTP clients which have -successfully authenticated themselves. This is done in the ruleset -RelayAuth. If the verification of the cert failed (${verify} != OK), -relaying is subject to the usual rules. Otherwise the DN of the issuer is -looked up in the access map using the tag CERTISSUER. If the resulting -value is RELAY, relaying is allowed. If it is SUBJECT, the DN of the cert -subject is looked up next in the access map using the tag CERTSUBJECT. If -the value is RELAY, relaying is allowed. +successfully authenticated themselves. If the verification of the cert +failed (${verify} != OK), relaying is subject to the usual rules. +Otherwise the DN of the issuer is looked up in the access map using the +tag CERTISSUER. If the resulting value is RELAY, relaying is allowed. +If it is SUBJECT, the DN of the cert subject is looked up next in the +access map using the tag CERTSUBJECT. If the value is RELAY, relaying +is allowed. ${cert_issuer} and ${cert_subject} can be optionally modified by regular expressions defined in the m4 variables _CERT_REGEX_ISSUER_ and @@ -3245,7 +3244,9 @@ and on relay.machine use the mailertable: The [square brackets] turn off MX records for this host only. If you didn't do this, the mailertable would use the MX record -again, which would give you an MX loop. +again, which would give you an MX loop. Note that the use of +wildcard MX records is almost always a bad idea. Please avoid +using them if possible. +--------------------------------+ @@ -4374,4 +4375,4 @@ M4 DIVERSIONS 8 DNS based blacklists 9 special local rulesets (1 and 2) -$Revision: 1.18 $, Last updated $Date: 2003/03/29 19:43:59 $ +$Revision: 1.19 $, Last updated $Date: 2003/09/17 17:31:39 $ diff --git a/gnu/usr.sbin/sendmail/cf/cf/submit.mc b/gnu/usr.sbin/sendmail/cf/cf/submit.mc index c9b8fee7b1e..375480c3028 100644 --- a/gnu/usr.sbin/sendmail/cf/cf/submit.mc +++ b/gnu/usr.sbin/sendmail/cf/cf/submit.mc @@ -1,6 +1,6 @@ divert(-1) # -# Copyright (c) 2001, 2002 Sendmail, Inc. and its suppliers. +# Copyright (c) 2001-2003 Sendmail, Inc. and its suppliers. # All rights reserved. # # By using this file, you agree to the terms and conditions set @@ -15,7 +15,7 @@ divert(-1) # divert(0)dnl -VERSIONID(`$Sendmail: submit.mc,v 8.6.2.4 2002/12/29 03:54:34 ca Exp $') +VERSIONID(`$Sendmail: submit.mc,v 8.6.2.7 2003/09/10 22:11:56 ca Exp $') define(`confCF_VERSION', `Submit')dnl define(`__OSTYPE__',`')dnl dirty hack to keep proto.m4 from complaining define(`_USE_DECNET_SYNTAX_', `1')dnl support DECnet diff --git a/gnu/usr.sbin/sendmail/cf/m4/cfhead.m4 b/gnu/usr.sbin/sendmail/cf/m4/cfhead.m4 index f5f72863aba..3fe593b6ec5 100644 --- a/gnu/usr.sbin/sendmail/cf/m4/cfhead.m4 +++ b/gnu/usr.sbin/sendmail/cf/m4/cfhead.m4 @@ -1,5 +1,5 @@ # -# Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. +# Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. # All rights reserved. # Copyright (c) 1983, 1995 Eric P. Allman. All rights reserved. # Copyright (c) 1988, 1993 @@ -305,4 +305,4 @@ define(`confMILTER_MACROS_ENVRCPT', ``{rcpt_mailer}, {rcpt_host}, {rcpt_addr}'') divert(0)dnl -VERSIONID(`$Sendmail: cfhead.m4,v 8.108.2.2 2003/03/11 21:24:20 ca Exp $') +VERSIONID(`$Sendmail: cfhead.m4,v 8.108.2.3 2003/04/03 17:51:51 ca Exp $') diff --git a/gnu/usr.sbin/sendmail/cf/m4/proto.m4 b/gnu/usr.sbin/sendmail/cf/m4/proto.m4 index 53b7a67d031..cc6426811d1 100644 --- a/gnu/usr.sbin/sendmail/cf/m4/proto.m4 +++ b/gnu/usr.sbin/sendmail/cf/m4/proto.m4 @@ -1,6 +1,6 @@ divert(-1) # -# Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. +# Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. # All rights reserved. # Copyright (c) 1983, 1995 Eric P. Allman. All rights reserved. # Copyright (c) 1988, 1993 @@ -13,7 +13,7 @@ divert(-1) # divert(0) -VERSIONID(`$Sendmail: proto.m4,v 8.649.2.17 2003/03/28 17:20:53 ca Exp $') +VERSIONID(`$Sendmail: proto.m4,v 8.649.2.24 2003/08/04 21:14:26 ca Exp $') # level CF_LEVEL config file format V`'CF_LEVEL/ifdef(`VENDOR_NAME', `VENDOR_NAME', `Berkeley') @@ -1283,6 +1283,7 @@ R< $* > $* $@ $2 no mailertable match', dnl input: in general: <[mailer:]host> lp<@domain>rest dnl <> address -> address dnl <error:d.s.n:text> -> error +dnl <error:keyword:text> -> error dnl <error:text> -> error dnl <mailer:user@host> lp<@domain>rest -> mailer host user dnl <mailer:host> address -> mailer host address @@ -1293,7 +1294,8 @@ dnl <host> address -> relay host address SMailerToTriple=95 R< > $* $@ $1 strip off null relay R< error : $-.$-.$- : $+ > $* $#error $@ $1.$2.$3 $: $4 -R< error : $- $+ > $* $#error $@ $(dequote $1 $) $: $2 +R< error : $- : $+ > $* $#error $@ $(dequote $1 $) $: $2 +R< error : $+ > $* $#error $: $1 R< local : $* > $* $>CanonLocal < $1 > $2 dnl it is $~[ instead of $- to avoid matches on IPv6 addresses R< $~[ : $+ @ $+ > $*<$*>$* $# $1 $@ $3 $: $2<@$3> use literal user @@ -1909,8 +1911,10 @@ R<@> < $* @ $+ . $+ > $: < $1 @ $2 . $3 > dnl prepend daemon_flags R<@> $* $: $&{daemon_flags} $| <@> $1 dnl workspace: ${daemon_flags} $| <@> <address> +dnl 'r'equire qual.rcpt: ok +R$* r $* $| <@> < $+ @ $+ > $: < $3 @ $4 > dnl do not allow these at all or only from local systems? -R$* r $* $| <@> < $* @ $* > $: < ? $&{client_name} > < $3 @ $4 > +R$* r $* $| <@> < $* > $: < ? $&{client_name} > < $3 > R<?> < $* > $: <$1> R<? $=w> < $* > $: <$1> R<? $+> <$+> $#error $@ 5.5.4 $: "553 Fully qualified domain name required" @@ -2195,22 +2199,24 @@ R$* <@ $+ . > $1 <@ $2 > R$* <@ $* > $@ $1 <@ $2 > R$+ $@ $1 <@ $j > -SDelay_TLS_Client +SDelay_TLS_Clt # authenticated? dnl code repeated here from Basic_check_mail dnl only called from check_rcpt in delay mode if checkrcpt returns $# R$* $: $1 $| $>"tls_client" $&{verify} $| MAIL R$* $| $#$+ $#$2 dnl return result from checkrcpt +R$* $| $* $# $1 R$* $# $1 -SDelay_TLS_Client2 +SDelay_TLS_Clt2 # authenticated? dnl code repeated here from Basic_check_mail dnl only called from check_rcpt in delay mode if stopping due to Friend/Hater R$* $: $1 $| $>"tls_client" $&{verify} $| MAIL R$* $| $#$+ $#$2 dnl return result from friend/hater check +R$* $| $* $@ $1 R$* $@ $1 # call all necessary rulesets @@ -2225,7 +2231,7 @@ dnl on error (or discard) stop now R$+ $| $#error $* $#error $2 R$+ $| $#discard $* $#discard $2 dnl otherwise call tls_client; see above -R$+ $| $#$* $@ $>"Delay_TLS_Client" $2 +R$+ $| $#$* $@ $>"Delay_TLS_Clt" $2 R$+ $| $* $: <?> $>FullAddr $>CanonAddr $1 ifdef(`_SPAM_FH_', `dnl lookup user@ and user@address @@ -2247,13 +2253,13 @@ ifdef(`_SPAM_FRIEND_', ifdef(`_SPAM_HATER_', `errprint(`*** ERROR: define either Hater or Friend -- not both. ')', `dnl') -R<FRIEND> $+ $@ $>"Delay_TLS_Client2" SPAMFRIEND +R<FRIEND> $+ $@ $>"Delay_TLS_Clt2" SPAMFRIEND R<$*> $+ $: $2', `dnl') ifdef(`_SPAM_HATER_', `# is the recipient no spam hater? R<HATER> $+ $: $1 spam hater: continue checks -R<$*> $+ $@ $>"Delay_TLS_Client2" NOSPAMHATER everyone else: stop +R<$*> $+ $@ $>"Delay_TLS_Clt2" NOSPAMHATER everyone else: stop dnl',`dnl') dnl run further checks: check_mail dnl should we "clean up" $&f? @@ -2467,7 +2473,7 @@ dnl seems to be useful... R$* $| $&{auth_authen} $@ identical R$* $| <$&{auth_authen}> $@ identical dnl call user supplied code -R$* $| $* $: $1 $| $>"Local_trust_auth" $1 +R$* $| $* $: $1 $| $>"Local_trust_auth" $2 R$* $| $#$* $#$2 dnl default: error R$* $#error $@ 5.7.1 $: "550 " $&{auth_authen} " not allowed to act as " $&{auth_author} diff --git a/gnu/usr.sbin/sendmail/cf/m4/version.m4 b/gnu/usr.sbin/sendmail/cf/m4/version.m4 index 5d638186ec2..d5fa52ff023 100644 --- a/gnu/usr.sbin/sendmail/cf/m4/version.m4 +++ b/gnu/usr.sbin/sendmail/cf/m4/version.m4 @@ -11,8 +11,8 @@ divert(-1) # the sendmail distribution. # # -VERSIONID(`$Sendmail: version.m4,v 8.92.2.15 2003/03/19 21:19:52 ca Exp $') +VERSIONID(`$Sendmail: version.m4,v 8.92.2.22 2003/09/16 20:02:05 ca Exp $') # divert(0) # Configuration version number -DZ8.12.9`'ifdef(`confCF_VERSION', `/confCF_VERSION') +DZ8.12.10`'ifdef(`confCF_VERSION', `/confCF_VERSION') diff --git a/gnu/usr.sbin/sendmail/contrib/domainmap.m4 b/gnu/usr.sbin/sendmail/contrib/domainmap.m4 index 31d284ce73c..6d56e8406e3 100644 --- a/gnu/usr.sbin/sendmail/contrib/domainmap.m4 +++ b/gnu/usr.sbin/sendmail/contrib/domainmap.m4 @@ -46,7 +46,7 @@ divert(-1)changequote(<<, >>)<< in the sendmail source tree. For more information, please see the following URL: - http://www-wsg.cso.uiuc.edu/sendmail/patches/domainmap.html + http://www-dev.cites.uiuc.edu/sendmail/domainmap/ Feedback is welcome. @@ -58,7 +58,7 @@ divert(-1)changequote(<<, >>)<< ifdef(`_DOMAIN_MAP_',`',`dnl LOCAL_RULE_0 # do mapping for domains where applicable -R$* $=O $* <@ $={MappedDomain} .> $@ $>97 $1 $2 $3 Strip extraneous routing +R$* $=O $* <@ $={MappedDomain} .> $@ $>Recurse $1 $2 $3 Strip extraneous routing R$+ <@ $={MappedDomain} .> $>DomainMapLookup $1 <@ $2 .> domain mapping LOCAL_RULESETS @@ -69,22 +69,37 @@ LOCAL_RULESETS SDomainMapLookup R $=L <@ $=w .> $@ $1 <@ $2 .> weed out local users, in case # Cw contains a mapped domain -R $+ <@ $+ .> $1 <@ $2 > strip trailing dot -R $+ <@ $+ . $+ > $1 <@ $(dequote $2 "_" $3 $) > +R $+ <@ $+> $: $1 <@ $2 > <$&{addr_type}> check if sender +R $+ <@ $+> <e s> $#smtp $@ $2 $: $1 @ $2 do not process sender +ifdef(`DOMAINMAP_NO_REGEX',`dnl +R $+ <@ $+> <$*> $: $1 <@ $2> <$2> find domain +R $+ <$+> <$+ . $+> $1 <$2> < $(dequote $3 "_" $4 $) > # change "." to "_" -R $+ <@ $+ > $: $1 <@ $(dequote "domain_" $2 $) > +R $+ <$+> <$+ .> $: $1 <$2> < $(dequote "domain_" $3 $) > # prepend "domain_" -R $+ + $+ <@ $*> $1 <@ $3 > <+> $2 handle user+list syntax -R $+ <@ $* > $* $( $2 $1 $: <ERROR> $) $3 +dnl',`dnl +R $+ <@ $+> <$*> $: $1 <@ $2> <$2 :NOTDONE:> find domain +R $+ <$+> <$+ . :NOTDONE:> $1 <$2> < $(domainmap_regex $3 $: $3 $) > +# change "." and "-" to "_" +R $+ <$+> <$+> $: $1 <$2> < $(dequote "domain_" $3 $) > +# prepend "domain_" +dnl') +R $+ <$+> <$+> $: $1 <$2> <$3> $1 find user name +R $+ <$+> <$+> $+ + $* $: $1 <$2> <$3> $4 handle user+detail syntax +R $+ <$+> <$+> $+ $: $1 <$2> $( $3 $4 $: <ERROR> $) # do actual domain map lookup -R <ERROR> $* $#error $@ 5.1.1 $: "550 email address lookup in domain map failed" -R $* <TEMP> $* $#error $@ 4.3.0 $: "450 domain map temporarily unavailable" -R $+ @ $+ <+> $+ $1 + $3 @ $2 reset original user+list -R $+ <+> $* $1 paranoid check - remove <+> -R $+ @ $+ . $1 @ $2 strip trailing dot -R $+ @ $+ $@ $>97 $1 @ $2 recanonify -define(`_DOMAIN_MAP_',`1')') +R $+ <$+> <ERROR> $#error $@ 5.1.1 $: "550 email address lookup in domain map failed" +R $+ <@ $+> $* <TEMP> $* $#dsmtp $@ localhost $: $1 @ $2 +# queue it up for later delivery +R $+ + $* <$+> $+ @ $+ $: $1 + $2 <$3> $4 + $2 @ $5 +# reset original user+detail +R $+ <$+> $+ $@ $>Recurse $3 recanonify + +ifdef(`DOMAINMAP_NO_REGEX',`',`dnl +LOCAL_CONFIG +K domainmap_regex regex -a.:NOTDONE: -s1,2 -d_ (.*)[-\.]([^-\.]*)$ +')define(`_DOMAIN_MAP_',`1')') LOCAL_CONFIG C{MappedDomain} _ARG_ -K `domain_'translit(_ARG_, `.', `_') _ARG2_ -T<TEMP> +K `domain_'translit(_ARG_, `.-', `__') _ARG2_ -T<TEMP> diff --git a/gnu/usr.sbin/sendmail/contrib/doublebounce.pl b/gnu/usr.sbin/sendmail/contrib/doublebounce.pl index 12601d33479..dc26ab84f1a 100644 --- a/gnu/usr.sbin/sendmail/contrib/doublebounce.pl +++ b/gnu/usr.sbin/sendmail/contrib/doublebounce.pl @@ -36,7 +36,7 @@ use Socket; use Getopt::Std; -use POSIX; +use File::Temp; use Sys::Syslog qw(:DEFAULT setlogsock); use strict; use vars qw( $opt_d $tmpfile); @@ -125,7 +125,7 @@ sub main { # The bounced e-mail may be large, so we'd better not try to buffer # it in memory, get a temporary file. - $tmpfile = POSIX::tmpnam(); + $tmpfile = tmpnam(); if (!open(MSG, ">$tmpfile")) { syslog('err', "Unable to open temporary file $tmpfile"); diff --git a/gnu/usr.sbin/sendmail/contrib/expn.pl b/gnu/usr.sbin/sendmail/contrib/expn.pl index d67fb0f4e1d..85de08a7f41 100644 --- a/gnu/usr.sbin/sendmail/contrib/expn.pl +++ b/gnu/usr.sbin/sendmail/contrib/expn.pl @@ -8,6 +8,7 @@ use 5.001; use IO::Socket; +use Fcntl; # system requirements: # must have 'nslookup' and 'hostname' programs. @@ -999,7 +1000,7 @@ sub mxlookup } $0 = "$av0 - nslookup of $server"; - open(T,">/tmp/expn$$") || die "open > /tmp/expn$$: $!\n"; + sysopen(T,"/tmp/expn$$",O_RDWR|O_CREAT|O_EXCL,0600) || die "open > /tmp/expn$$: $!\n"; print T "set querytype=MX\n"; print T "$server\n"; close(T); diff --git a/gnu/usr.sbin/sendmail/doc/op/op.me b/gnu/usr.sbin/sendmail/doc/op/op.me index 3176073ecc4..83f01456e52 100644 --- a/gnu/usr.sbin/sendmail/doc/op/op.me +++ b/gnu/usr.sbin/sendmail/doc/op/op.me @@ -9,7 +9,7 @@ .\" the sendmail distribution. .\" .\" -.\" $Sendmail: op.me,v 8.609.2.23 2003/03/28 05:51:16 ca Exp $ +.\" $Sendmail: op.me,v 8.609.2.26 2003/07/28 21:54:53 ca Exp $ .\" .\" eqn op.me | pic | troff -me .\" @@ -90,7 +90,7 @@ Sendmail, Inc. .de Ve Version \\$2 .. -.Ve $Revision: 1.19 $ +.Ve $Revision: 1.20 $ .rm Ve .sp For Sendmail Version 8.12 @@ -4307,8 +4307,11 @@ is ignored (even if the ruleset does not return a ``useful'' result). .pp The .i queuegroup -ruleset is used to map an address to a queue group name. -It should return +ruleset is used to map a recipient address to a queue group name. +The input for the ruleset is a recipient address as specified by the +.sm "SMTP RCPT" +command. +The ruleset should return .b $# followed by the name of a queue group. If the return value starts with anything else it is silently ignored. @@ -8270,7 +8273,7 @@ Contributed and supported by Mark Roth, roth@uiuc.edu. For more information, consult the web site -.q http://www-dev.cso.uiuc.edu/sendmail/ . +.q http://www-dev.cites.uiuc.edu/sendmail/ . .ip nsd nsd map for IRIX 6.5 and later. Contributed and supported by Bob Mende of SGI, @@ -9154,7 +9157,7 @@ Then create a config file that uses this. For example, using the V8 M4 configuration, include the following line in your .mc file: .(b -define(\`confUSERDB_SPEC\', /etc/mail/userdb.db) +define(\`confUSERDB_SPEC\', /etc/mail/userdb) .)b .sh 1 "OTHER CONFIGURATION" .pp @@ -10764,7 +10767,7 @@ replace it with a blank sheet for double-sided output. .\".sz 10 .\"Eric Allman .\".sp -.\"Version $Revision: 1.19 $ +.\"Version $Revision: 1.20 $ .\".ce 0 .bp 3 .ce diff --git a/gnu/usr.sbin/sendmail/include/sm/conf.h b/gnu/usr.sbin/sendmail/include/sm/conf.h index ab574702384..a2f790a324f 100644 --- a/gnu/usr.sbin/sendmail/include/sm/conf.h +++ b/gnu/usr.sbin/sendmail/include/sm/conf.h @@ -10,7 +10,7 @@ * the sendmail distribution. * * - * $Sendmail: conf.h,v 1.90.2.14 2003/03/06 18:38:06 ca Exp $ + * $Sendmail: conf.h,v 1.90.2.18 2003/08/20 22:27:44 ca Exp $ */ /* @@ -102,7 +102,9 @@ # endif /* ! HASGETUSERSHELL */ # ifdef HPUX10 # define _PATH_SENDMAIL "/usr/sbin/sendmail" -# define SMRSH_CMDDIR "/var/adm/sm.bin" +# ifndef SMRSH_CMDDIR +# define SMRSH_CMDDIR "/var/adm/sm.bin" +# endif /* ! SMRSH_CMDDIR */ # endif /* HPUX10 */ # ifdef HPUX11 # define HASSETREUID 1 /* setreuid(2) works on HP-UX 11.x */ @@ -110,7 +112,9 @@ # ifndef BROKEN_RES_SEARCH # define BROKEN_RES_SEARCH 1 /* res_search(unknown) returns h_errno=0 */ # endif /* ! BROKEN_RES_SEARCH */ -# define SMRSH_CMDDIR "/var/adm/sm.bin" +# ifndef SMRSH_CMDDIR +# define SMRSH_CMDDIR "/var/adm/sm.bin" +# endif /* ! SMRSH_CMDDIR */ # define _PATH_SENDMAIL "/usr/sbin/sendmail" # else /* HPUX11 */ # ifndef NOT_SENDMAIL @@ -157,6 +161,9 @@ extern void hard_syslog(); # ifdef _AIX5 # define _AIX4 40300 +# if _AIX5 >= 50200 +# define HASUNSETENV 1 /* has unsetenv(3) call */ +# endif /* _AIX5 >= 50200 */ # endif /* _AIX5 */ /* @@ -422,7 +429,9 @@ typedef int pid_t; # if SOLARIS >= 20800 || (SOLARIS < 10000 && SOLARIS >= 208) # undef _PATH_SENDMAILPID /* tmpfs /var/run added in 2.8 */ # define _PATH_SENDMAILPID "/var/run/sendmail.pid" -# define SMRSH_CMDDIR "/var/adm/sm.bin" +# ifndef SMRSH_CMDDIR +# define SMRSH_CMDDIR "/var/adm/sm.bin" +# endif /* ! SMRSH_CMDDIR */ # define SL_FUDGE 34 /* fudge offset for SyslogPrefixLen */ # endif /* SOLARIS >= 20800 || (SOLARIS < 10000 && SOLARIS >= 208) */ # if SOLARIS >= 20900 || (SOLARIS < 10000 && SOLARIS >= 209) @@ -907,8 +916,12 @@ extern unsigned int sleepX __P((unsigned int seconds)); # define HASSETUSERCONTEXT 1 /* BSDI-style login classes */ # endif /* __FreeBSD_version >= 222000 */ # if __FreeBSD_version >= 330000 /* 3.3.0-release and later */ -# define SMRSH_CMDDIR "/usr/libexec/sm.bin" -# define SMRSH_PATH "/bin:/usr/bin" +# ifndef SMRSH_CMDDIR +# define SMRSH_CMDDIR "/usr/libexec/sm.bin" +# endif /* ! SMRSH_CMDDIR */ +# ifndef SMRSH_PATH +# define SMRSH_PATH "/bin:/usr/bin" +# endif /* ! SMRSH_PATH */ # endif /* __FreeBSD_version >= 330000 */ # define USESYSCTL 1 /* use sysctl(3) for getting ncpus */ # include <sys/sysctl.h> @@ -924,7 +937,7 @@ extern unsigned int sleepX __P((unsigned int seconds)); # define HASSETLOGIN 1 /* has setlogin(2) */ # if OpenBSD < 200305 # define HASSETREUID 0 /* setreuid(2) broken in OpenBSD < 3.3 */ -# endif +# endif /* OpenBSD < 200305 */ # define HASSETEGID 1 /* use setegid(2) to set saved gid */ # define HASURANDOMDEV 1 /* has /dev/urandom(4) */ # if OpenBSD >= 200006 @@ -1362,6 +1375,11 @@ extern void *malloc(); # define HASURANDOMDEV 1 /* 2.0 (at least) has linux/drivers/char/random.c */ # endif /* ! HASURANDOMDEV */ # endif /* (LINUX_VERSION_CODE >= KERNEL_VERSION(2,0,0)) */ +# if defined(__GLIBC__) && defined(__GLIBC_MINOR__) +# ifndef HASSTRERROR +# define HASSTRERROR 1 /* has strerror(3) */ +# endif /* HASSTRERROR */ +# endif /* defined(__GLIBC__) && defined(__GLIBC_MINOR__) */ # ifndef TZ_TYPE # define TZ_TYPE TZ_NONE /* no standard for Linux */ # endif /* ! TZ_TYPE */ @@ -1387,7 +1405,6 @@ extern void *malloc(); ** in 2.1 and later, but the APIs appear before the functions. */ # if defined(__GLIBC__) && defined(__GLIBC_MINOR__) -# define HASSTRERROR 1 /* has strerror(3) */ # define GLIBC_VERSION ((__GLIBC__ << 8) + __GLIBC_MINOR__) # if (GLIBC_VERSION >= 0x201) # undef IPPROTO_ICMPV6 /* linux #defines, glibc enums */ @@ -2549,7 +2566,7 @@ typedef struct msgb mblk_t; # endif /* ! EX_CONFIG */ /* pseudo-codes */ -# define EX_QUIT 22 /* drop out of server immediately */ +# define EX_QUIT 22 /* drop out of server immediately */ # define EX_RESTART 23 /* restart sendmail daemon */ # define EX_SHUTDOWN 24 /* shutdown sendmail daemon */ diff --git a/gnu/usr.sbin/sendmail/include/sm/errstring.h b/gnu/usr.sbin/sendmail/include/sm/errstring.h index 2dde92ec987..826557bf065 100644 --- a/gnu/usr.sbin/sendmail/include/sm/errstring.h +++ b/gnu/usr.sbin/sendmail/include/sm/errstring.h @@ -1,13 +1,12 @@ /* - * Copyright (c) 1998-2001 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2001, 2003 Sendmail, Inc. and its suppliers. * All rights reserved. * * By using this file, you agree to the terms and conditions set * forth in the LICENSE file which can be found at the top level of * the sendmail distribution. * - * - * $Sendmail: errstring.h,v 1.4 2001/06/07 20:04:53 ca Exp $ + * $Sendmail: errstring.h,v 1.4.4.3 2003/06/24 17:16:10 ca Exp $ */ /* @@ -46,6 +45,7 @@ extern int errno; #define E_SMDBBASE (E_PSEUDOBASE + 40) /* base for libsmdb errors */ #define E_LDAPBASE (E_PSEUDOBASE + 70) /* base for LDAP errors */ + /* libsmdb */ #define SMDBE_OK 0 #define SMDBE_MALLOC (E_SMDBBASE + 1) @@ -71,9 +71,9 @@ extern int errno; #define SMDBE_NOT_A_VALID_CURSOR (E_SMDBBASE + 21) #define SMDBE_LAST_ENTRY (E_SMDBBASE + 22) #define SMDBE_OLD_VERSION (E_SMDBBASE + 23) +#define SMDBE_VERSION_MISMATCH (E_SMDBBASE + 24) + +extern const char *sm_errstring __P((int _errno)); -extern const char * -sm_errstring __P(( - int _errno)); #endif /* SM_ERRSTRING_H */ diff --git a/gnu/usr.sbin/sendmail/include/sm/io.h b/gnu/usr.sbin/sendmail/include/sm/io.h index 6c67b4fb276..14ba5bbedae 100644 --- a/gnu/usr.sbin/sendmail/include/sm/io.h +++ b/gnu/usr.sbin/sendmail/include/sm/io.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 2000-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1990 * The Regents of the University of California. All rights reserved. @@ -11,7 +11,7 @@ * forth in the LICENSE file which can be found at the top level of * the sendmail distribution. * - * $Sendmail: io.h,v 1.23 2002/02/23 19:32:17 gshapiro Exp $ + * $Sendmail: io.h,v 1.23.2.2 2003/09/05 20:35:28 ca Exp $ */ /*- @@ -33,6 +33,17 @@ #define SM_IO_APPENDRW 5 /* read-write from eof */ #define SM_IO_RDWRTR 6 /* read-write with truncation indicated */ +# define SM_IO_BINARY 0x0 /* binary mode: not used in Unix */ +#define SM_IS_BINARY(mode) ((mode) & SM_IO_BINARY != 0) +#define SM_IO_MODE(mode) ((mode) & 0x0f) + +#define SM_IO_RDWR_B (SM_IO_RDWR|SM_IO_BINARY) +#define SM_IO_RDONLY_B (SM_IO_RDONLY|SM_IO_BINARY) +#define SM_IO_WRONLY_B (SM_IO_WRONLY|SM_IO_BINARY) +#define SM_IO_APPEND_B (SM_IO_APPEND|SM_IO_BINARY) +#define SM_IO_APPENDRW_B (SM_IO_APPENDRW|SM_IO_BINARY) +#define SM_IO_RDWRTR_B (SM_IO_RDWRTR|SM_IO_BINARY) + /* for sm_io_fseek, et al api's (exposed) */ #define SM_IO_SEEK_SET 0 #define SM_IO_SEEK_CUR 1 diff --git a/gnu/usr.sbin/sendmail/include/sm/os/sm_os_aix.h b/gnu/usr.sbin/sendmail/include/sm/os/sm_os_aix.h index 00cfa9034d1..201ee455591 100644 --- a/gnu/usr.sbin/sendmail/include/sm/os/sm_os_aix.h +++ b/gnu/usr.sbin/sendmail/include/sm/os/sm_os_aix.h @@ -1,12 +1,12 @@ /* - * Copyright (c) 2000-2001 Sendmail, Inc. and its suppliers. + * Copyright (c) 2000-2001, 2003 Sendmail, Inc. and its suppliers. * All rights reserved. * * By using this file, you agree to the terms and conditions set * forth in the LICENSE file which can be found at the top level of * the sendmail distribution. * - * $Sendmail: sm_os_aix.h,v 1.9 2001/10/09 23:12:13 ca Exp $ + * $Sendmail: sm_os_aix.h,v 1.9.2.1 2003/04/28 23:11:07 ca Exp $ */ /* @@ -33,3 +33,7 @@ # endif /* SM_CONF_SYSLOG */ # endif /* ! _AIX4 */ #endif /* _AIX3 */ + +#if _AIX5 >= 50200 +# define SM_CONF_LONGLONG 1 +#endif /* _AIX5 >= 50200 */ diff --git a/gnu/usr.sbin/sendmail/include/sm/shm.h b/gnu/usr.sbin/sendmail/include/sm/shm.h index 7fdbbaf0e8b..766e200023d 100644 --- a/gnu/usr.sbin/sendmail/include/sm/shm.h +++ b/gnu/usr.sbin/sendmail/include/sm/shm.h @@ -1,12 +1,12 @@ /* - * Copyright (c) 2000-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 2000-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * * By using this file, you agree to the terms and conditions set * forth in the LICENSE file which can be found at the top level of * the sendmail distribution. * - * $Sendmail: shm.h,v 1.8 2002/04/10 23:11:35 ca Exp $ + * $Sendmail: shm.h,v 1.8.2.2 2003/05/17 18:34:16 ca Exp $ */ #ifndef SM_SHM_H @@ -29,6 +29,7 @@ extern void *sm_shmstart __P((key_t, int , int , int *, bool)); extern int sm_shmstop __P((void *, int, bool)); + /* for those braindead systems... (e.g., SunOS 4) */ # ifndef SHM_R # define SHM_R 0400 diff --git a/gnu/usr.sbin/sendmail/libmilter/README b/gnu/usr.sbin/sendmail/libmilter/README index 6b971890094..d41b46367cb 100644 --- a/gnu/usr.sbin/sendmail/libmilter/README +++ b/gnu/usr.sbin/sendmail/libmilter/README @@ -427,6 +427,7 @@ main(argc, argv) int argc; char *argv[]; { + bool setconn = false; int c; const char *args = "p:"; @@ -443,10 +444,16 @@ main(argc, argv) exit(EX_USAGE); } (void) smfi_setconn(optarg); + setconn = true; break; } } + if (!setconn) + { + fprintf(stderr, "%s: Missing required -p argument\n", argv[0]); + exit(EX_USAGE); + } if (smfi_register(smfilter) == MI_FAILURE) { fprintf(stderr, "smfi_register failed\n"); @@ -457,4 +464,4 @@ main(argc, argv) /* eof */ -$Revision: 1.10 $, Last updated $Date: 2003/01/01 19:59:21 $ +$Revision: 1.11 $, Last updated $Date: 2003/09/17 17:31:39 $ diff --git a/gnu/usr.sbin/sendmail/libmilter/docs/sample.html b/gnu/usr.sbin/sendmail/libmilter/docs/sample.html index 7f669b793de..2cc1948dd38 100644 --- a/gnu/usr.sbin/sendmail/libmilter/docs/sample.html +++ b/gnu/usr.sbin/sendmail/libmilter/docs/sample.html @@ -379,7 +379,7 @@ usage(prog) char *prog; { fprintf(stderr, - "Usage: %s [-p socket-addr] [-t timeout] [-r reject-addr] [-a add-addr]\n", + "Usage: %s -p socket-addr [-t timeout] [-r reject-addr] [-a add-addr]\n", prog); } @@ -388,6 +388,7 @@ main(argc, argv) int argc; char **argv; { + bool setconn = FALSE; int c; const char *args = "p:t:r:a:h"; extern char *optarg; @@ -421,6 +422,7 @@ main(argc, argv) unlink(optarg + 5); else if (strncasecmp(optarg, "local:", 6) == 0) unlink(optarg + 6); + setconn = TRUE; break; case 't': @@ -467,6 +469,12 @@ main(argc, argv) exit(EX_USAGE); } } + if (!setconn) + { + fprintf(stderr, "%s: Missing required -p argument\n", argv[0]); + usage(argv[0]); + exit(EX_USAGE); + } if (<a href="smfi_register.html">smfi_register</a>(smfilter) == MI_FAILURE) { fprintf(stderr, "smfi_register failed\n"); diff --git a/gnu/usr.sbin/sendmail/libmilter/docs/smfi_chgheader.html b/gnu/usr.sbin/sendmail/libmilter/docs/smfi_chgheader.html index fc7ba97bd42..53ad73ce3cd 100644 --- a/gnu/usr.sbin/sendmail/libmilter/docs/smfi_chgheader.html +++ b/gnu/usr.sbin/sendmail/libmilter/docs/smfi_chgheader.html @@ -97,7 +97,7 @@ Otherwise, it returns MI_SUCCESS. ... - ret = smfi_chgheader(ctx, "Content-Type", + ret = smfi_chgheader(ctx, "Content-Type", 1, "multipart/mixed;\n\tboundary=\"foobar\""); </pre> </td> diff --git a/gnu/usr.sbin/sendmail/libmilter/docs/smfi_register.html b/gnu/usr.sbin/sendmail/libmilter/docs/smfi_register.html index 2e9ee3dbc95..0aac254a6b4 100644 --- a/gnu/usr.sbin/sendmail/libmilter/docs/smfi_register.html +++ b/gnu/usr.sbin/sendmail/libmilter/docs/smfi_register.html @@ -9,7 +9,7 @@ <pre> #include <libmilter/mfapi.h> int smfi_register( - smfiDesc_str descr + smfiDesc descr ); </pre> Register a set of filter callbacks. @@ -25,7 +25,7 @@ Register a set of filter callbacks. <tr align="left" valign=top> <th width="80">Effects</th> <td>smfi_register creates a filter using the information given in the -smfiDesc_str argument. Multiple calls to smfi_register within a +smfiDesc argument. Multiple calls to smfi_register within a single process are not allowed.</td> </tr> </table> @@ -36,7 +36,7 @@ single process are not allowed.</td> <tr bgcolor="#dddddd"><th>Argument</th><th>Description</th></tr> <tr valign="top"><td>descr</td> <td> -A filter descriptor of type smfiDesc_str describing the filter's +A filter descriptor of type smfiDesc describing the filter's functions. The structure has the following members: <pre> struct smfiDesc diff --git a/gnu/usr.sbin/sendmail/libmilter/docs/smfi_setconn.html b/gnu/usr.sbin/sendmail/libmilter/docs/smfi_setconn.html index b0aed7c2a68..0f810b4b338 100644 --- a/gnu/usr.sbin/sendmail/libmilter/docs/smfi_setconn.html +++ b/gnu/usr.sbin/sendmail/libmilter/docs/smfi_setconn.html @@ -67,8 +67,10 @@ due to a lack of memory. 0660 (read/write permission for the socket's owner and group) which is useful if the sendmail RunAsUser option is used. The permissions for a unix/local domain socket are determined as - usual by <code>umask</code>, which should be set to 007 or 077 - before calling <code>smfi_setconn()</code>. + usual by <code>umask</code>, which should be set to 007 or 077. + Note some operating systems (e.g, Solaris) don't use the + permissions of the socket. On those systems, place the socket in a + protected directory. </ul> </td> </tr> diff --git a/gnu/usr.sbin/sendmail/libmilter/docs/smfi_setreply.html b/gnu/usr.sbin/sendmail/libmilter/docs/smfi_setreply.html index 87a47d7ad7a..646a8f14c60 100644 --- a/gnu/usr.sbin/sendmail/libmilter/docs/smfi_setreply.html +++ b/gnu/usr.sbin/sendmail/libmilter/docs/smfi_setreply.html @@ -15,7 +15,7 @@ int smfi_setreply( char *message ); </pre> -Set the default SMTP error reply code. +Set the default SMTP error reply code. Only 4XX and 5XX replies are accepted. </td></tr> <!----------- Description ----------> @@ -42,10 +42,13 @@ this filter.</td> <td>Opaque context structure. </td></tr> <tr valign="top"><td>rcode</td> - <td>The three-digit (RFC 821) SMTP reply code, as a null-terminated string. rcode cannot be NULL, and must be a valid reply code. - </td></tr> + <td>The three-digit (RFC 821/2821) SMTP reply code, as a + null-terminated string. rcode cannot be NULL, and must be a valid + 4XX or 5XX reply code. + </td></tr> <tr valign="top"><td>xcode</td> - <td>The extended (RFC 2034) reply code. If xcode is NULL, no extended code is used. Otherwise, xcode must conform to RFC 2034. + <td>The extended (RFC 1893/2034) reply code. If xcode is NULL, no + extended code is used. Otherwise, xcode must conform to RFC 1893/2034. </td></tr> <tr valign="top"><td>message</td> <td>The text part of the SMTP reply. If message is NULL, an empty message is used. @@ -73,8 +76,11 @@ Otherwise, it return MI_SUCCESS. <ul> <li>Values passed to smfi_setreply are not checked for standards compliance. <li>For details about reply codes and their meanings, please see RFC's -<a href="http://www.rfc-editor.org/rfc/rfc821.txt">821</a> -and <a href="http://www.rfc-editor.org/rfc/rfc2034.txt">2034</a>. +<a href="http://www.rfc-editor.org/rfc/rfc821.txt">821</a>/ +<a href="http://www.rfc-editor.org/rfc/rfc2821.txt">2821</a> +and +<a href="http://www.rfc-editor.org/rfc/rfc1893.txt">1893</a>/ +<a href="http://www.rfc-editor.org/rfc/rfc2034.txt">2034</a>. <li>If the reply code (rcode) given is a '4XX' code but SMFI_REJECT is used for the message, the custom reply is not used. <li>Similarly, if the reply code (rcode) given is a '5XX' code but diff --git a/gnu/usr.sbin/sendmail/libmilter/engine.c b/gnu/usr.sbin/sendmail/libmilter/engine.c index 1076205c327..dd1888908f6 100644 --- a/gnu/usr.sbin/sendmail/libmilter/engine.c +++ b/gnu/usr.sbin/sendmail/libmilter/engine.c @@ -9,7 +9,7 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Sendmail: engine.c,v 8.109.2.4 2002/12/03 17:27:32 ca Exp $") +SM_RCSID("@(#)$Sendmail: engine.c,v 8.109.2.5 2003/08/04 18:14:33 ca Exp $") #include "libmilter.h" @@ -605,7 +605,7 @@ st_connectinfo(g) /* Move past trailing \0 in host string */ i++; family = s[i++]; - memset(&sockaddr, '\0', sizeof sockaddr); + (void) memset(&sockaddr, '\0', sizeof sockaddr); if (family != SMFIA_UNKNOWN) { (void) memcpy((void *) &port, (void *) (s + i), @@ -869,6 +869,7 @@ st_macros(g) ** noreply */ +/* ARGSUSED */ static int st_quit(g) genarg *g; diff --git a/gnu/usr.sbin/sendmail/libmilter/libmilter.h b/gnu/usr.sbin/sendmail/libmilter/libmilter.h index b6eccad6264..36a539bef99 100644 --- a/gnu/usr.sbin/sendmail/libmilter/libmilter.h +++ b/gnu/usr.sbin/sendmail/libmilter/libmilter.h @@ -19,7 +19,7 @@ #ifdef _DEFINE # define EXTERN # define INIT(x) = x -SM_IDSTR(MilterlId, "@(#)$Sendmail: libmilter.h,v 8.33.2.9 2003/01/03 22:14:40 ca Exp $") +SM_IDSTR(MilterlId, "@(#)$Sendmail: libmilter.h,v 8.33.2.12 2003/09/08 21:39:55 yuri Exp $") #else /* _DEFINE */ # define EXTERN extern # define INIT(x) @@ -151,7 +151,7 @@ typedef pthread_mutex_t smutex_t; /* hack */ #define smi_log syslog -#define sm_dprintf printf +#define sm_dprintf (void) printf #define milter_ret int #define SMI_LOG_ERR LOG_ERR #define SMI_LOG_FATAL LOG_ERR diff --git a/gnu/usr.sbin/sendmail/libmilter/listener.c b/gnu/usr.sbin/sendmail/libmilter/listener.c index 472e01718ad..10e99dfc9b9 100644 --- a/gnu/usr.sbin/sendmail/libmilter/listener.c +++ b/gnu/usr.sbin/sendmail/libmilter/listener.c @@ -9,7 +9,7 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Sendmail: listener.c,v 8.85.2.9 2003/01/03 22:14:40 ca Exp $") +SM_RCSID("@(#)$Sendmail: listener.c,v 8.85.2.12 2003/08/04 18:47:29 ca Exp $") /* ** listener.c -- threaded network listener @@ -382,18 +382,18 @@ mi_milteropen(conn, backlog, name) { # if NETINET case AF_INET: - memmove(&addr.sin.sin_addr, - hp->h_addr, - INADDRSZ); + (void) memmove(&addr.sin.sin_addr, + hp->h_addr, + INADDRSZ); addr.sin.sin_port = port; break; # endif /* NETINET */ # if NETINET6 case AF_INET6: - memmove(&addr.sin6.sin6_addr, - hp->h_addr, - IN6ADDRSZ); + (void) memmove(&addr.sin6.sin6_addr, + hp->h_addr, + IN6ADDRSZ); addr.sin6.sin6_port = port; break; # endif /* NETINET6 */ @@ -659,7 +659,7 @@ mi_listener(conn, dbg, smfi, timeout, backlog) { socket_t connfd = INVALID_SOCKET; int sockopt = 1; - int r; + int r, mistop; int ret = MI_SUCCESS; int mcnt = 0; /* error count for malloc() failures */ int tcnt = 0; /* error count for thread_create() failures */ @@ -678,11 +678,15 @@ mi_listener(conn, dbg, smfi, timeout, backlog) clilen = L_socksize; (void) smutex_unlock(&L_Mutex); - while (mi_stop() == MILTER_CONT) + while ((mistop = mi_stop()) == MILTER_CONT) { (void) smutex_lock(&L_Mutex); if (!ValidSocket(listenfd)) { + ret = MI_FAILURE; + smi_log(SMI_LOG_ERR, + "%s: listenfd=%d corrupted, terminating, errno=%d", + smfi->xxfi_name, listenfd, errno); (void) smutex_unlock(&L_Mutex); break; } @@ -728,7 +732,7 @@ mi_listener(conn, dbg, smfi, timeout, backlog) } scnt = 0; /* reset error counter for select() */ - memset(&cliaddr, '\0', sizeof cliaddr); + (void) memset(&cliaddr, '\0', sizeof cliaddr); connfd = accept(listenfd, (struct sockaddr *) &cliaddr, &clilen); save_errno = errno; @@ -804,7 +808,7 @@ mi_listener(conn, dbg, smfi, timeout, backlog) continue; } mcnt = 0; /* reset error counter for malloc() */ - memset(ctx, '\0', sizeof *ctx); + (void) memset(ctx, '\0', sizeof *ctx); ctx->ctx_sd = connfd; ctx->ctx_dbg = dbg; ctx->ctx_timeout = timeout; @@ -854,7 +858,12 @@ mi_listener(conn, dbg, smfi, timeout, backlog) if (ret != MI_SUCCESS) mi_stop_milters(MILTER_ABRT); else + { + if (mistop != MILTER_CONT) + smi_log(SMI_LOG_INFO, "%s: mi_stop=%d", + smfi->xxfi_name, mistop); mi_closener(); + } (void) smutex_destroy(&L_Mutex); return ret; } diff --git a/gnu/usr.sbin/sendmail/libmilter/signal.c b/gnu/usr.sbin/sendmail/libmilter/signal.c index a319cdf3a81..8b9578b5c42 100644 --- a/gnu/usr.sbin/sendmail/libmilter/signal.c +++ b/gnu/usr.sbin/sendmail/libmilter/signal.c @@ -9,7 +9,7 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Sendmail: signal.c,v 8.37.2.2 2002/10/23 16:52:00 ca Exp $") +SM_RCSID("@(#)$Sendmail: signal.c,v 8.37.2.3 2003/08/04 18:14:33 ca Exp $") #include "libmilter.h" @@ -90,15 +90,15 @@ mi_signal_thread(name) int sig, errs; sigset_t set; - sigemptyset(&set); - sigaddset(&set, SIGHUP); - sigaddset(&set, SIGTERM); + (void) sigemptyset(&set); + (void) sigaddset(&set, SIGHUP); + (void) sigaddset(&set, SIGTERM); /* Handle Ctrl-C gracefully for debugging */ - sigaddset(&set, SIGINT); + (void) sigaddset(&set, SIGINT); errs = 0; - while (true) + for (;;) { sig = 0; #if defined(SOLARIS) || defined(__svr5__) @@ -138,6 +138,7 @@ mi_signal_thread(name) break; } } + /* NOTREACHED */ } /* ** MI_SPAWN_SIGNAL_THREAD -- spawn thread to handle signals @@ -158,10 +159,10 @@ mi_spawn_signal_thread(name) sigset_t set; /* Mask HUP and KILL signals */ - sigemptyset(&set); - sigaddset(&set, SIGHUP); - sigaddset(&set, SIGTERM); - sigaddset(&set, SIGINT); + (void) sigemptyset(&set); + (void) sigaddset(&set, SIGHUP); + (void) sigaddset(&set, SIGTERM); + (void) sigaddset(&set, SIGINT); if (pthread_sigmask(SIG_BLOCK, &set, NULL) != 0) { diff --git a/gnu/usr.sbin/sendmail/libsm/clock.c b/gnu/usr.sbin/sendmail/libsm/clock.c index 4bfd22f176f..ca5031b19a2 100644 --- a/gnu/usr.sbin/sendmail/libsm/clock.c +++ b/gnu/usr.sbin/sendmail/libsm/clock.c @@ -12,7 +12,7 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Sendmail: clock.c,v 1.35.2.3 2003/03/03 19:57:40 ca Exp $") +SM_RCSID("@(#)$Sendmail: clock.c,v 1.35.2.10 2003/06/26 16:36:49 ca Exp $") #include <unistd.h> #include <time.h> #include <errno.h> @@ -24,13 +24,17 @@ SM_RCSID("@(#)$Sendmail: clock.c,v 1.35.2.3 2003/03/03 19:57:40 ca Exp $") #include <sm/bitops.h> #include <sm/clock.h> #include "local.h" +#if _FFR_SLEEP_USE_SELECT > 0 +# include <sys/types.h> +#endif /* _FFR_SLEEP_USE_SELECT > 0 */ +#if defined(_FFR_MAX_SLEEP_TIME) && _FFR_MAX_SLEEP_TIME > 2 +# include <syslog.h> +#endif /* defined(_FFR_MAX_SLEEP_TIME) && _FFR_MAX_SLEEP_TIME > 2 */ #ifndef sigmask # define sigmask(s) (1 << ((s) - 1)) #endif /* ! sigmask */ -static void sm_endsleep __P((void)); - /* ** SM_SETEVENTM -- set an event to happen at a specific time in milliseconds. @@ -136,6 +140,8 @@ sm_sigsafe_seteventm(intvl, func, arg) */ LEAVE_CRITICAL(); + if (wasblocked == 0) + (void) sm_releasesignal(SIGALRM); return NULL; } else @@ -490,7 +496,10 @@ sm_tick(sig) */ +# if !HAVE_NANOSLEEP +static void sm_endsleep __P((void)); static bool volatile SmSleepDone; +# endif /* !HAVE_NANOSLEEP */ #ifndef SLEEP_T # define SLEEP_T unsigned int @@ -500,20 +509,118 @@ SLEEP_T sleep(intvl) unsigned int intvl; { +#if HAVE_NANOSLEEP + struct timespec rqtp; + + if (intvl == 0) + return (SLEEP_T) 0; + rqtp.tv_sec = intvl; + rqtp.tv_nsec = 0; + nanosleep(&rqtp, NULL); + return (SLEEP_T) 0; +#else /* HAVE_NANOSLEEP */ int was_held; + SM_EVENT *ev; +#if _FFR_SLEEP_USE_SELECT > 0 + int r; +#endif /* _FFR_SLEEP_USE_SELECT > 0 */ +#if SM_CONF_SETITIMER + struct timeval now, begin, diff; +# if _FFR_SLEEP_USE_SELECT > 0 + struct timeval sm_io_to, slpv; +# endif /* _FFR_SLEEP_USE_SELECT > 0 */ +#else /* SM_CONF_SETITIMER */ + time_t begin, now; +#endif /* SM_CONF_SETITIMER */ if (intvl == 0) return (SLEEP_T) 0; +#if defined(_FFR_MAX_SLEEP_TIME) && _FFR_MAX_SLEEP_TIME > 2 + if (intvl > _FFR_MAX_SLEEP_TIME) + { + syslog(LOG_ERR, "sleep: interval=%u exceeds max value %d", + intvl, _FFR_MAX_SLEEP_TIME); +# if 0 + SM_ASSERT(intvl < (unsigned int) INT_MAX); +# endif /* 0 */ + intvl = _FFR_MAX_SLEEP_TIME; + } +#endif /* defined(_FFR_MAX_SLEEP_TIME) && _FFR_MAX_SLEEP_TIME > 2 */ SmSleepDone = false; - (void) sm_setevent((time_t) intvl, sm_endsleep, 0); + +#if SM_CONF_SETITIMER +# if _FFR_SLEEP_USE_SELECT > 0 + slpv.tv_sec = intvl; + slpv.tv_usec = 0; +# endif /* _FFR_SLEEP_USE_SELECT > 0 */ + (void) gettimeofday(&now, NULL); + begin = now; +#else /* SM_CONF_SETITIMER */ + now = begin = time(NULL); +#endif /* SM_CONF_SETITIMER */ + + ev = sm_setevent((time_t) intvl, sm_endsleep, 0); + if (ev == NULL) + { + /* COMPLAIN */ +#if 0 + syslog(LOG_ERR, "sleep: sm_setevent(%u) failed", intvl); +#endif /* 0 */ + SmSleepDone = true; + } was_held = sm_releasesignal(SIGALRM); + while (!SmSleepDone) + { +#if SM_CONF_SETITIMER + (void) gettimeofday(&now, NULL); + timersub(&now, &begin, &diff); + if (diff.tv_sec < 0 || + (diff.tv_sec == 0 && diff.tv_usec == 0)) + break; +# if _FFR_SLEEP_USE_SELECT > 0 + timersub(&slpv, &diff, &sm_io_to); +# endif /* _FFR_SLEEP_USE_SELECT > 0 */ +#else /* SM_CONF_SETITIMER */ + now = time(NULL); + + /* + ** Check whether time expired before signal is released. + ** Due to the granularity of time() add 1 to be on the + ** safe side. + */ + + if (!(begin + (time_t) intvl + 1 > now)) + break; +# if _FFR_SLEEP_USE_SELECT > 0 + sm_io_to.tv_sec = intvl - (now - begin); + if (sm_io_to.tv_sec <= 0) + sm_io_to.tv_sec = 1; + sm_io_to.utv_sec = 0; +# endif /* _FFR_SLEEP_USE_SELECT > 0 */ +#endif /* SM_CONF_SETITIMER */ +#if _FFR_SLEEP_USE_SELECT > 0 + if (intvl <= _FFR_SLEEP_USE_SELECT) + { + r = select(0, NULL, NULL, NULL, &sm_io_to); + if (r == 0) + break; + } + else +#endif /* _FFR_SLEEP_USE_SELECT > 0 */ (void) pause(); + } + + /* if out of the loop without the event being triggered remove it */ + if (!SmSleepDone) + sm_clrevent(ev); if (was_held > 0) (void) sm_blocksignal(SIGALRM); return (SLEEP_T) 0; +#endif /* HAVE_NANOSLEEP */ } +#if !HAVE_NANOSLEEP static void sm_endsleep() { @@ -525,4 +632,5 @@ sm_endsleep() SmSleepDone = true; } +#endif /* !HAVE_NANOSLEEP */ diff --git a/gnu/usr.sbin/sendmail/libsm/errstring.c b/gnu/usr.sbin/sendmail/libsm/errstring.c index 484614fad25..f9e1bb5cbf9 100644 --- a/gnu/usr.sbin/sendmail/libsm/errstring.c +++ b/gnu/usr.sbin/sendmail/libsm/errstring.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2001 Sendmail, Inc. and its suppliers. + * Copyright (c) 2001, 2003 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -11,7 +11,7 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Sendmail: errstring.c,v 1.12 2001/10/03 16:09:32 ca Exp $") +SM_RCSID("@(#)$Sendmail: errstring.c,v 1.12.2.4 2003/06/24 17:16:09 ca Exp $") #include <errno.h> #include <stdio.h> /* sys_errlist, on some platforms */ @@ -42,6 +42,8 @@ SM_RCSID("@(#)$Sendmail: errstring.c,v 1.12 2001/10/03 16:09:32 ca Exp $") ** ** Returns: ** A string description of errnum. +** +** Note: this may point to a local (static) buffer. */ const char * @@ -50,6 +52,7 @@ sm_errstring(errnum) { char *ret; + switch (errnum) { case EPERM: @@ -183,6 +186,9 @@ sm_errstring(errnum) case SMDBE_OLD_VERSION: return "Berkeley DB file is an old version, recreate it"; + + case SMDBE_VERSION_MISMATCH: + return "Berkeley DB version mismatch between include file and library"; } /* diff --git a/gnu/usr.sbin/sendmail/libsm/flags.c b/gnu/usr.sbin/sendmail/libsm/flags.c index 7cacf95e823..bbd548b7c7b 100644 --- a/gnu/usr.sbin/sendmail/libsm/flags.c +++ b/gnu/usr.sbin/sendmail/libsm/flags.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000-2001 Sendmail, Inc. and its suppliers. + * Copyright (c) 2000-2001, 2003 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1990, 1993 * The Regents of the University of California. All rights reserved. @@ -13,7 +13,7 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Sendmail: flags.c,v 1.20 2001/09/11 04:04:48 gshapiro Exp $") +SM_RCSID("@(#)$Sendmail: flags.c,v 1.20.2.1 2003/09/03 18:51:56 ca Exp $") #include <sys/types.h> #include <sys/file.h> #include <errno.h> @@ -35,7 +35,7 @@ sm_flags(flags) { register int ret; - switch(flags) + switch(SM_IO_MODE(flags)) { case SM_IO_RDONLY: /* open for reading */ ret = SMRD; @@ -57,5 +57,7 @@ sm_flags(flags) ret = 0; break; } + if (SM_IS_BINARY(flags)) + ret |= SM_IO_BINARY; return ret; } diff --git a/gnu/usr.sbin/sendmail/libsm/ldap.c b/gnu/usr.sbin/sendmail/libsm/ldap.c index 68cbe7ff0c1..da75b3d2581 100644 --- a/gnu/usr.sbin/sendmail/libsm/ldap.c +++ b/gnu/usr.sbin/sendmail/libsm/ldap.c @@ -8,7 +8,7 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Sendmail: ldap.c,v 1.44.2.2 2002/08/09 22:23:12 gshapiro Exp $") +SM_RCSID("@(#)$Sendmail: ldap.c,v 1.44.2.3 2003/07/07 20:16:16 gshapiro Exp $") #if LDAPMAP # include <sys/types.h> @@ -582,7 +582,7 @@ sm_ldap_results(lmap, msgid, flags, delim, rpool, result, save_errno += E_LDAPBASE; SM_LDAP_ERROR_CLEANUP(); errno = save_errno; - return EX_OSERR; + return EX_TEMPFAIL; } rl = sm_ldap_add_recurse(&recurse, dn, diff --git a/gnu/usr.sbin/sendmail/libsm/shm.c b/gnu/usr.sbin/sendmail/libsm/shm.c index f19fa9a8cf0..8c5bbde4e50 100644 --- a/gnu/usr.sbin/sendmail/libsm/shm.c +++ b/gnu/usr.sbin/sendmail/libsm/shm.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000-2001 Sendmail, Inc. and its suppliers. + * Copyright (c) 2000-2001, 2003 Sendmail, Inc. and its suppliers. * All rights reserved. * * By using this file, you agree to the terms and conditions set @@ -8,7 +8,7 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Sendmail: shm.c,v 1.10 2001/12/14 00:22:58 ca Exp $") +SM_RCSID("@(#)$Sendmail: shm.c,v 1.10.2.6 2003/06/13 21:17:48 ca Exp $") #if SM_CONF_SHM # include <stdlib.h> @@ -16,6 +16,7 @@ SM_RCSID("@(#)$Sendmail: shm.c,v 1.10 2001/12/14 00:22:58 ca Exp $") # include <errno.h> # include <sm/shm.h> + /* ** SM_SHMSTART -- initialize shared memory segment. ** @@ -69,6 +70,7 @@ sm_shmstart(key, size, shmflg, shmid, owner) return (void *) 0; } + /* ** SM_SHMSTOP -- stop using shared memory segment. ** @@ -85,6 +87,7 @@ sm_shmstart(key, size, shmflg, shmid, owner) ** detaches (and maybe removes) shared memory segment. */ + int sm_shmstop(shm, shmid, owner) void *shm; @@ -99,4 +102,6 @@ sm_shmstop(shm, shmid, owner) return r; return 0; } + + #endif /* SM_CONF_SHM */ diff --git a/gnu/usr.sbin/sendmail/libsm/smstdio.c b/gnu/usr.sbin/sendmail/libsm/smstdio.c index 28817a8bdc0..15da189fe6e 100644 --- a/gnu/usr.sbin/sendmail/libsm/smstdio.c +++ b/gnu/usr.sbin/sendmail/libsm/smstdio.c @@ -8,7 +8,7 @@ */ #include <sm/gen.h> -SM_IDSTR(id, "@(#)$Sendmail: smstdio.c,v 1.32 2002/02/23 20:18:36 gshapiro Exp $") +SM_IDSTR(id, "@(#)$Sendmail: smstdio.c,v 1.32.2.2 2003/09/05 20:35:28 ca Exp $") #include <unistd.h> #include <stdio.h> #include <fcntl.h> @@ -68,6 +68,23 @@ sm_stdioopen(fp, info, flags, rpool) case SM_IO_APPENDRW: stdiomode = "a+"; break; +#if SM_IO_BINARY != 0 + case SM_IO_RDONLY_B: + stdiomode = "rb"; + break; + case SM_IO_WRONLY_B: + stdiomode = "wb"; + break; + case SM_IO_APPEND_B: + stdiomode = "ab"; + break; + case SM_IO_APPENDRW_B: + stdiomode = "a+b"; + break; + case SM_IO_RDWR_B: + stdiomode = "r+b"; + break; +#endif /* SM_IO_BINARY != 0 */ case SM_IO_RDWR: default: stdiomode = "r+"; diff --git a/gnu/usr.sbin/sendmail/libsm/stdio.c b/gnu/usr.sbin/sendmail/libsm/stdio.c index c81440ba801..8a9cf6641d2 100644 --- a/gnu/usr.sbin/sendmail/libsm/stdio.c +++ b/gnu/usr.sbin/sendmail/libsm/stdio.c @@ -13,7 +13,7 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Sendmail: stdio.c,v 1.56.2.10 2003/01/10 23:07:17 ca Exp $") +SM_RCSID("@(#)$Sendmail: stdio.c,v 1.56.2.13 2003/09/04 01:18:08 ca Exp $") #include <unistd.h> #include <errno.h> #include <fcntl.h> @@ -63,7 +63,7 @@ sm_stdopen(fp, info, flags, rpool) char *path = (char *) info; int oflags; - switch (flags) + switch (SM_IO_MODE(flags)) { case SM_IO_RDWR: oflags = O_RDWR; @@ -87,6 +87,10 @@ sm_stdopen(fp, info, flags, rpool) errno = EINVAL; return -1; } +#ifdef O_BINARY + if (SM_IS_BINARY(flags)) + oflags |= O_BINARY; +#endif /* O_BINARY */ fp->f_file = open(path, oflags, S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH); if (fp->f_file < 0) @@ -221,7 +225,7 @@ sm_stdsetmode(fp, mode) { int flags = 0; - switch (*mode) + switch (SM_IO_MODE(*mode)) { case SM_IO_RDWR: flags |= SMRW; @@ -402,7 +406,7 @@ sm_stdfdopen(fp, info, flags, rpool) { int oflags, tmp, fdflags, fd = *((int *) info); - switch (flags) + switch (SM_IO_MODE(flags)) { case SM_IO_RDWR: oflags = O_RDWR | O_CREAT; @@ -423,6 +427,10 @@ sm_stdfdopen(fp, info, flags, rpool) errno = EINVAL; return -1; } +#ifdef O_BINARY + if (SM_IS_BINARY(flags)) + oflags |= O_BINARY; +#endif /* O_BINARY */ /* Make sure the mode the user wants is a subset of the actual mode. */ if ((fdflags = fcntl(fd, F_GETFL, 0)) < 0) diff --git a/gnu/usr.sbin/sendmail/libsm/vasprintf.c b/gnu/usr.sbin/sendmail/libsm/vasprintf.c index 8120375cf84..f8e22b76ace 100644 --- a/gnu/usr.sbin/sendmail/libsm/vasprintf.c +++ b/gnu/usr.sbin/sendmail/libsm/vasprintf.c @@ -24,7 +24,7 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Sendmail: vasprintf.c,v 1.26 2001/09/11 04:04:49 gshapiro Exp $") +SM_RCSID("@(#)$Sendmail: vasprintf.c,v 1.26.2.1 2003/06/03 02:14:09 ca Exp $") #include <stdlib.h> #include <errno.h> #include <sm/io.h> diff --git a/gnu/usr.sbin/sendmail/libsmdb/smdb2.c b/gnu/usr.sbin/sendmail/libsmdb/smdb2.c index 34e9a748aa7..d7bba2e9668 100644 --- a/gnu/usr.sbin/sendmail/libsmdb/smdb2.c +++ b/gnu/usr.sbin/sendmail/libsmdb/smdb2.c @@ -8,7 +8,7 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Sendmail: smdb2.c,v 8.72.2.6 2003/01/23 22:21:39 ca Exp $") +SM_RCSID("@(#)$Sendmail: smdb2.c,v 8.72.2.7 2003/06/24 17:16:10 ca Exp $") #include <fcntl.h> #include <stdlib.h> @@ -578,6 +578,7 @@ smdb_db_open(database, db_name, mode, mode_mask, sff, type, user_info, db_params int db_flags; int lock_fd; int db_fd; + int major_v, minor_v, patch_v; SMDB_DATABASE *smdb_db; SMDB_DB2_DATABASE *db2; DB *db; @@ -585,6 +586,10 @@ smdb_db_open(database, db_name, mode, mode_mask, sff, type, user_info, db_params struct stat stat_info; char db_file_name[MAXPATHLEN]; + (void) db_version(&major_v, &minor_v, &patch_v); + if (major_v != DB_VERSION_MAJOR || minor_v != DB_VERSION_MINOR) + return SMDBE_VERSION_MISMATCH; + *database = NULL; result = smdb_add_extension(db_file_name, sizeof db_file_name, diff --git a/gnu/usr.sbin/sendmail/mail.local/mail.local.c b/gnu/usr.sbin/sendmail/mail.local/mail.local.c index fadf0067284..1d116cbf3f0 100644 --- a/gnu/usr.sbin/sendmail/mail.local/mail.local.c +++ b/gnu/usr.sbin/sendmail/mail.local/mail.local.c @@ -18,7 +18,7 @@ SM_IDSTR(copyright, Copyright (c) 1990, 1993, 1994\n\ The Regents of the University of California. All rights reserved.\n") -SM_IDSTR(id, "@(#)$Sendmail: mail.local.c,v 8.239.2.5 2003/03/15 23:43:20 gshapiro Exp $") +SM_IDSTR(id, "@(#)$Sendmail: mail.local.c,v 8.239.2.11 2003/09/01 01:49:46 gshapiro Exp $") #include <stdlib.h> #include <sm/errstring.h> @@ -28,6 +28,7 @@ SM_IDSTR(id, "@(#)$Sendmail: mail.local.c,v 8.239.2.5 2003/03/15 23:43:20 gshapi # ifdef EX_OK # undef EX_OK /* unistd.h may have another use for this */ # endif /* EX_OK */ +# define LOCKFILE_PMODE 0 #include <sm/mbdb.h> #include <sm/sysexits.h> @@ -63,10 +64,6 @@ SM_IDSTR(id, "@(#)$Sendmail: mail.local.c,v 8.239.2.5 2003/03/15 23:43:20 gshapi #include <sendmail/pathnames.h> -/* additional mode for open() */ -# define EXTRA_MODE 0 - - #ifndef LOCKTO_RM # define LOCKTO_RM 300 /* timeout for stale lockfile removal */ #endif /* ! LOCKTO_RM */ @@ -854,7 +851,7 @@ deliver(fd, name) int exitval; char *p; char *errcode; - off_t curoff; + off_t curoff, cursize; #ifdef CONTENTLENGTH off_t headerbytes; int readamount; @@ -997,7 +994,7 @@ tryagain: mode |= S_IRGRP|S_IWGRP; #endif /* MAILGID */ - mbfd = open(path, O_APPEND|O_CREAT|O_EXCL|O_WRONLY|EXTRA_MODE, + mbfd = open(path, O_APPEND|O_CREAT|O_EXCL|O_WRONLY, mode); save_errno = errno; @@ -1067,7 +1064,7 @@ tryagain: #ifdef DEBUG fprintf(stderr, "new euid = %d\n", (int) geteuid()); #endif /* DEBUG */ - mbfd = open(path, O_APPEND|O_WRONLY|EXTRA_MODE, 0); + mbfd = open(path, O_APPEND|O_WRONLY, 0); if (mbfd < 0) { mailerr("450 4.2.0", "%s: %s", path, sm_errstring(errno)); @@ -1203,7 +1200,6 @@ tryagain: { mailerr("450 4.2.0", "%s: %s", path, sm_errstring(errno)); err3: - (void) setreuid(0, 0); #ifdef DEBUG fprintf(stderr, "reset euid = %d\n", (int) geteuid()); #endif /* DEBUG */ @@ -1211,10 +1207,26 @@ err3: (void) ftruncate(mbfd, curoff); err1: if (mbfd >= 0) (void) close(mbfd); -err0: unlockmbox(); +err0: (void) setreuid(0, 0); + unlockmbox(); return; } + /* + ** Save the current size so if the close() fails below + ** we can make sure no other process has changed the mailbox + ** between the failed close and the re-open()/re-lock(). + ** If something else has changed the size, we shouldn't + ** try to truncate it as we may do more harm then good + ** (e.g., truncate a later message delivery). + */ + + if (fstat(mbfd, &sb) < 0) + cursize = 0; + else + cursize = sb.st_size; + + /* Close and check -- NFS doesn't write until the close. */ if (close(mbfd)) { @@ -1224,9 +1236,12 @@ err0: unlockmbox(); errcode = "552 5.2.2"; #endif /* EDQUOT */ mailerr(errcode, "%s: %s", path, sm_errstring(errno)); - mbfd = open(path, O_WRONLY|EXTRA_MODE, 0); - if (mbfd < 0 - || fstat(mbfd, &sb) < 0 || + mbfd = open(path, O_WRONLY, 0); + if (mbfd < 0 || + cursize == 0 + || flock(mbfd, LOCK_EX) < 0 || + fstat(mbfd, &sb) < 0 || + sb.st_size != cursize || sb.st_nlink != 1 || !S_ISREG(sb.st_mode) || sb.st_dev != fsb.st_dev || @@ -1344,7 +1359,7 @@ lockmbox(path) errno = 0; return EX_TEMPFAIL; } - fd = open(LockName, O_WRONLY|O_EXCL|O_CREAT, 0); + fd = open(LockName, O_WRONLY|O_EXCL|O_CREAT, LOCKFILE_PMODE); if (fd >= 0) { /* defeat lock checking programs which test pid */ diff --git a/gnu/usr.sbin/sendmail/sendmail/README b/gnu/usr.sbin/sendmail/sendmail/README index 558f947c7cc..671da1bd1ad 100644 --- a/gnu/usr.sbin/sendmail/sendmail/README +++ b/gnu/usr.sbin/sendmail/sendmail/README @@ -9,7 +9,7 @@ # the sendmail distribution. # # -# $Sendmail: README,v 8.355.2.14 2003/03/27 21:39:29 ca Exp $ +# $Sendmail: README,v 8.355.2.15 2003/06/02 01:43:04 ca Exp $ # This directory contains the source files for sendmail(TM). @@ -125,7 +125,7 @@ MAP_REGEX Regular Expression support. You will need to use an the Free Software Foundation. DNSMAP DNS map support. Requires NAMED_BIND. PH_MAP PH map support. You will need the libphclient library from - the nph package (http://www-dev.cso.uiuc.edu/ph/nph/). + the nph package (http://www-dev.cites.uiuc.edu/ph/nph/). MAP_NSD nsd map support (IRIX 6.5 and later). >>> NOTE WELL for NEWDB support: If you want to get ndbm support, for @@ -1640,7 +1640,7 @@ OpenSSL PH PH support is provided by Mark Roth <roth@uiuc.edu>. The map is - described at http://www-dev.cso.uiuc.edu/sendmail/ . + described at http://www-dev.cites.uiuc.edu/sendmail/ . NOTE: The "spacedname" pseudo-field which was used by earlier versions of the PH map code is no longer supported! See the URL @@ -1797,4 +1797,4 @@ util.c Some general purpose routines used by sendmail. version.c The version number and information about this version of sendmail. -(Version $Revision: 1.17 $, last update $Date: 2003/03/29 19:44:00 $ ) +(Version $Revision: 1.18 $, last update $Date: 2003/09/17 17:31:40 $ ) diff --git a/gnu/usr.sbin/sendmail/sendmail/TRACEFLAGS b/gnu/usr.sbin/sendmail/sendmail/TRACEFLAGS index 3f9626bf2b9..64055196845 100644 --- a/gnu/usr.sbin/sendmail/sendmail/TRACEFLAGS +++ b/gnu/usr.sbin/sendmail/sendmail/TRACEFLAGS @@ -1,4 +1,4 @@ -# $Sendmail: TRACEFLAGS,v 8.37.2.3 2002/09/12 02:57:36 gshapiro Exp $ +# $Sendmail: TRACEFLAGS,v 8.37.2.4 2003/06/13 21:59:45 lijian Exp $ 0, 4 main.c main canonical name, UUCP node name, a.k.a.s 0, 15 main.c main print configuration 0, 44 util.c printav print address of each string diff --git a/gnu/usr.sbin/sendmail/sendmail/alias.c b/gnu/usr.sbin/sendmail/sendmail/alias.c index 972ed120f14..25d7a0631d6 100644 --- a/gnu/usr.sbin/sendmail/sendmail/alias.c +++ b/gnu/usr.sbin/sendmail/sendmail/alias.c @@ -13,7 +13,7 @@ #include <sendmail.h> -SM_RCSID("@(#)$Sendmail: alias.c,v 8.214 2002/05/24 20:50:16 gshapiro Exp $") +SM_RCSID("@(#)$Sendmail: alias.c,v 8.214.2.1 2003/07/28 17:47:55 ca Exp $") #define SEPARATOR ':' # define ALIAS_SPEC_SEPARATORS " ,/:" @@ -94,7 +94,7 @@ alias(a, sendq, aliaslevel, e) if (aliaslookup(obuf, &status, a->q_host) != NULL) { if (LogLevel > 8) - syslog(LOG_WARNING, + sm_syslog(LOG_WARNING, e->e_id, "possible spam from <> to list: %s, redirected to %s\n", a->q_user, obuf); a->q_user = sm_rpool_strdup_x(e->e_rpool, obuf); diff --git a/gnu/usr.sbin/sendmail/sendmail/bf.c b/gnu/usr.sbin/sendmail/sendmail/bf.c index 11d39523fde..4c0afce139c 100644 --- a/gnu/usr.sbin/sendmail/sendmail/bf.c +++ b/gnu/usr.sbin/sendmail/sendmail/bf.c @@ -18,7 +18,7 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Sendmail: bf.c,v 8.54.2.2 2002/06/21 19:58:40 gshapiro Exp $") +SM_RCSID("@(#)$Sendmail: bf.c,v 8.54.2.3 2003/09/03 19:58:26 ca Exp $") #include <sys/types.h> #include <sys/stat.h> @@ -542,7 +542,7 @@ sm_bfwrite(fp, buf, nbytes) /* Clear umask as bf_filemode are the true perms */ omask = umask(0); retval = OPEN(bfp->bf_filename, - O_RDWR | O_CREAT | O_TRUNC, + O_RDWR | O_CREAT | O_TRUNC | QF_O_EXTRA, bfp->bf_filemode, bfp->bf_flags); (void) umask(omask); diff --git a/gnu/usr.sbin/sendmail/sendmail/collect.c b/gnu/usr.sbin/sendmail/sendmail/collect.c index cdc6f9a3c51..4e54b63bcdf 100644 --- a/gnu/usr.sbin/sendmail/sendmail/collect.c +++ b/gnu/usr.sbin/sendmail/sendmail/collect.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -13,7 +13,7 @@ #include <sendmail.h> -SM_RCSID("@(#)$Sendmail: collect.c,v 8.242.2.4 2003/03/28 17:34:39 ca Exp $") +SM_RCSID("@(#)$Sendmail: collect.c,v 8.242.2.8 2003/07/08 01:16:35 ca Exp $") static void collecttimeout __P((time_t)); static void dferror __P((SM_FILE_T *volatile, char *, ENVELOPE *)); @@ -217,7 +217,7 @@ collect_dfopen(e) syserr("@Cannot create %s", dfname); e->e_flags |= EF_NO_BODY_RETN; flush_errors(true); - finis(true, true, ExitStat); + finis(false, true, ExitStat); /* NOTREACHED */ } dfd = sm_io_getinfo(df, SM_IO_WHAT_FD, NULL); @@ -247,6 +247,7 @@ collect_dfopen(e) ** end of message. ** hdrp -- the location to stash the header. ** e -- the current envelope. +** rsetsize -- reset e_msgsize? ** ** Returns: ** none. @@ -281,11 +282,12 @@ static SM_EVENT *volatile CollectTimeout = NULL; #define MS_DISCARD 3 /* discarding rest of message */ void -collect(fp, smtpmode, hdrp, e) +collect(fp, smtpmode, hdrp, e, rsetsize) SM_FILE_T *fp; bool smtpmode; HDR **hdrp; register ENVELOPE *e; + bool rsetsize; { register SM_FILE_T *volatile df; volatile bool ignrdot; @@ -366,7 +368,8 @@ collect(fp, smtpmode, hdrp, e) CollectTimeout = sm_setevent(dbto, collecttimeout, dbto); } - e->e_msgsize = 0; + if (rsetsize) + e->e_msgsize = 0; for (;;) { if (tTd(30, 35)) @@ -883,7 +886,22 @@ readerr: /* collect statistics */ if (OpMode != MD_VERIFY) + { + /* + ** Recalculate e_msgpriority, it is done at in eatheader() + ** which is called (in 8.12) after the header is collected, + ** hence e_msgsize is (most likely) incorrect. + */ + + e->e_msgpriority = e->e_msgsize + - e->e_class * WkClassFact + + e->e_nrcpts * WkRecipFact; + if (tTd(90, 1)) + sm_syslog(LOG_INFO, e->e_id, + "collect: at end: msgsize=%ld, msgpriority=%ld", + e->e_msgsize, e->e_msgpriority); markstats(e, (ADDRESS *) NULL, STATS_NORMAL); + } } static void @@ -1019,6 +1037,7 @@ dferror(df, msg, e) ** ** Parameters: ** fm -- the from line. +** e -- envelope ** ** Returns: ** none. diff --git a/gnu/usr.sbin/sendmail/sendmail/conf.c b/gnu/usr.sbin/sendmail/sendmail/conf.c index 10a2da575bb..d222058dc81 100644 --- a/gnu/usr.sbin/sendmail/sendmail/conf.c +++ b/gnu/usr.sbin/sendmail/sendmail/conf.c @@ -13,9 +13,12 @@ #include <sendmail.h> -SM_RCSID("@(#)$Sendmail: conf.c,v 8.972.2.35 2003/03/28 05:46:09 ca Exp $") +SM_RCSID("@(#)$Sendmail: conf.c,v 8.972.2.50 2003/09/03 21:37:03 ca Exp $") #include <sendmail/pathnames.h> +#if NEWDB +# include "sm/bdb.h" +#endif /* NEWDB */ # include <sys/ioctl.h> # include <sys/param.h> @@ -465,6 +468,19 @@ setupmaps() register STAB *s; #if NEWDB +# if DB_VERSION_MAJOR > 1 + int major_v, minor_v, patch_v; + + (void) db_version(&major_v, &minor_v, &patch_v); + if (major_v != DB_VERSION_MAJOR || minor_v != DB_VERSION_MINOR) + { + errno = 0; + syserr("Berkeley DB version mismatch: compiled against %d.%d.%d, run-time linked against %d.%d.%d", + DB_VERSION_MAJOR, DB_VERSION_MINOR, DB_VERSION_PATCH, + major_v, minor_v, patch_v); + } +# endif /* DB_VERSION_MAJOR > 1 */ + MAPDEF("hash", ".db", MCF_ALIASOK|MCF_REBUILDABLE, map_parseargs, hash_map_open, db_map_close, db_map_lookup, db_map_store); @@ -2227,7 +2243,7 @@ refuseconnections(name, e, d, active) sm_setproctitle(true, e, R_MSG_LA, name, CurrentLA); if (LogLevel > 8) sm_syslog(LOG_NOTICE, NOQID, R_MSG_LA, name, CurrentLA); -#if _FFR_REJECT_LOG +# if _FFR_REJECT_LOG now = curtime(); if (firstrejtime[d] == 0) { @@ -2240,13 +2256,13 @@ refuseconnections(name, e, d, active) pintvl(now - firstrejtime[d], true)); nextlogtime[d] = now + RejectLogInterval; } -#endif /* _FFR_REJECT_LOG */ +# endif /* _FFR_REJECT_LOG */ return true; } -#if _FFR_REJECT_LOG +# if _FFR_REJECT_LOG else firstrejtime[d] = 0; -#endif /* _FFR_REJECT_LOG */ +# endif /* _FFR_REJECT_LOG */ if (DelayLA > 0 && CurrentLA >= DelayLA) { @@ -2428,12 +2444,12 @@ initsetproctitle(argc, argv, envp) */ align = -1; -#if _FFR_SPT_ALIGN -# ifdef SPT_ALIGN_SIZE +# if _FFR_SPT_ALIGN +# ifdef SPT_ALIGN_SIZE for (i = SPT_ALIGN_SIZE; i > 0; i >>= 1) align++; -# endif /* SPT_ALIGN_SIZE */ -#endif /* _FFR_SPT_ALIGN */ +# endif /* SPT_ALIGN_SIZE */ +# endif /* _FFR_SPT_ALIGN */ for (i = 0; i < argc; i++) { @@ -2818,25 +2834,6 @@ uname(name) return 0; } -# if 0 - /* - ** Popen is known to have security holes. - */ - - /* try uuname -l to return local name */ - if ((file = popen("uuname -l", "r")) != NULL) - { - (void) sm_io_fgets(file, SM_TIME_DEFAULT, name, - NODE_LENGTH + 1); - (void) pclose(file); - n = strchr(name, '\n'); - if (n != NULL) - *n = '\0'; - if (name->nodename[0] != '\0') - return 0; - } -# endif /* 0 */ - return -1; } #endif /* !HASUNAME */ @@ -4735,7 +4732,7 @@ load_if_names() # ifndef __hpux lifc.lifc_family = AF_UNSPEC; lifc.lifc_flags = 0; -# endif /* __hpux */ +# endif /* ! __hpux */ if (ioctl(s, SIOCGLIFCONF, (char *)&lifc) < 0) { if (tTd(0, 4)) @@ -5680,6 +5677,9 @@ char *OsCompileOptions[] = #if ADDRCONFIG_IS_BROKEN "ADDRCONFIG_IS_BROKEN", #endif /* ADDRCONFIG_IS_BROKEN */ +#if ALLOW_255 + "ALLOW_255", +#endif /* ALLOW_255 */ #ifdef AUTO_NETINFO_HOSTS "AUTO_NETINFO_HOSTS", #endif /* AUTO_NETINFO_HOSTS */ @@ -5931,6 +5931,10 @@ char *FFRCompileOptions[] = /* Stricter checks about queue directory permissions. */ "_FFR_CHK_QUEUE", #endif /* _FFR_CHK_QUEUE */ +#if _FFR_CLIENT_SIZE + /* Don't try to send mail if its size exceeds SIZE= of server. */ + "_FFR_CLIENT_SIZE", +#endif /* _FFR_CLIENT_SIZE */ #if _FFR_CONTROL_MSTAT /* Extended daemon status. */ "_FFR_CONTROL_MSTAT", @@ -5991,6 +5995,10 @@ char *FFRCompileOptions[] = "_FFR_DROP_TRUSTUSER_WARNING", #endif /* _FFR_DROP_TRUSTUSER_WARNING */ +#if _FFR_EXTRA_MAP_CHECK + /* perform extra checks on $( $) in R lines */ + "_FFR_EXTRA_MAP_CHECK", +#endif /* _FFR_EXTRA_MAP_CHECK */ #if _FFR_FIX_DASHT /* ** If using -t, force not sending to argv recipients, even @@ -6028,6 +6036,10 @@ char *FFRCompileOptions[] = /* Use nsswitch on HP-UX */ "_FFR_HPUX_NSSWITCH", #endif /* _FFR_HPUX_NSSWITCH */ +#if _FFR_IGNORE_BOGUS_ADDR + /* Ignore addresses for which prescan() failed */ + "_FFR_IGNORE_BOGUS_ADDR", +#endif /* _FFR_IGNORE_BOGUS_ADDR */ #if _FFR_IGNORE_EXT_ON_HELO /* Ignore extensions offered in response to HELO */ "_FFR_IGNORE_EXT_ON_HELO", @@ -6051,12 +6063,16 @@ char *FFRCompileOptions[] = /* Randall S. Winchester of the University of Maryland */ "_FFR_MAX_FORWARD_ENTRIES", #endif /* _FFR_MAX_FORWARD_ENTRIES */ +#if _FFR_MAX_SLEEP_TIME + /* Limit sleep(2) time in libsm/clock.c */ + "_FFR_MAX_SLEEP_TIME", +#endif /* _FFR_MAX_SLEEP_TIME */ #if MILTER # if _FFR_MILTER_421 /* If a filter returns 421, close the SMTP connection */ "_FFR_MILTER_421", # endif /* _FFR_MILTER_421 */ -# if _FFR_MILTER_PERDAEMON +# if _FFR_MILTER_PERDAEMON /* Per DaemonPortOptions InputMailFilter lists */ "_FFR_MILTER_PERDAEMON", # endif /* _FFR_MILTER_PERDAEMON */ @@ -6146,6 +6162,10 @@ char *FFRCompileOptions[] = /* Donated code (unused). */ "_FFR_SHM_STATUS", #endif /* _FFR_SHM_STATUS */ +#if _FFR_SLEEP_USE_SELECT + /* Use select(2) in libsm/clock.c to emulate sleep(2) */ + "_FFR_SLEEP_USE_SELECT ", +#endif /* _FFR_SLEEP_USE_SELECT */ #if _FFR_SMFI_OPENSOCKET /* libmilter: smfi_opensocket() to force the socket open early */ "_FFR_SMFI_OPENSOCKET", diff --git a/gnu/usr.sbin/sendmail/sendmail/control.c b/gnu/usr.sbin/sendmail/sendmail/control.c index a8e55006626..640c03b2e27 100644 --- a/gnu/usr.sbin/sendmail/sendmail/control.c +++ b/gnu/usr.sbin/sendmail/sendmail/control.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * * By using this file, you agree to the terms and conditions set @@ -10,7 +10,7 @@ #include <sendmail.h> -SM_RCSID("@(#)$Sendmail: control.c,v 8.118.4.3 2002/11/14 00:15:56 ca Exp $") +SM_RCSID("@(#)$Sendmail: control.c,v 8.118.4.8 2003/06/24 17:45:27 ca Exp $") #include <sm/fdset.h> diff --git a/gnu/usr.sbin/sendmail/sendmail/daemon.c b/gnu/usr.sbin/sendmail/sendmail/daemon.c index 7c958c5a6ae..f5d18757176 100644 --- a/gnu/usr.sbin/sendmail/sendmail/daemon.c +++ b/gnu/usr.sbin/sendmail/sendmail/daemon.c @@ -13,7 +13,7 @@ #include <sendmail.h> -SM_RCSID("@(#)$Sendmail: daemon.c,v 8.613.2.14 2003/02/11 17:17:22 ca Exp $") +SM_RCSID("@(#)$Sendmail: daemon.c,v 8.613.2.17 2003/07/30 20:17:04 ca Exp $") #if defined(SOCK_STREAM) || defined(__GNU_LIBRARY__) # define USE_SOCK_STREAM 1 @@ -235,13 +235,7 @@ getrequests(e) /* see if we are rejecting connections */ (void) sm_blocksignal(SIGALRM); - - if (ShutdownRequest != NULL) - shutdown_daemon(); - else if (RestartRequest != NULL) - restart_daemon(); - else if (RestartWorkGroup) - restart_marked_work_groups(); + CHECK_RESTART; for (idx = 0; idx < NDaemons; idx++) { @@ -283,13 +277,7 @@ getrequests(e) } /* May have been sleeping above, check again */ - if (ShutdownRequest != NULL) - shutdown_daemon(); - else if (RestartRequest != NULL) - restart_daemon(); - else if (RestartWorkGroup) - restart_marked_work_groups(); - + CHECK_RESTART; getrequests_checkdiskspace(e); #if XDEBUG @@ -335,15 +323,8 @@ getrequests(e) fd_set readfds; struct timeval timeout; - if (ShutdownRequest != NULL) - shutdown_daemon(); - else if (RestartRequest != NULL) - restart_daemon(); - else if (RestartWorkGroup) - restart_marked_work_groups(); - + CHECK_RESTART; FD_ZERO(&readfds); - for (idx = 0; idx < NDaemons; idx++) { /* wait for a connection */ @@ -380,13 +361,7 @@ getrequests(e) NULL, NULL, &timeout); /* Did someone signal while waiting? */ - if (ShutdownRequest != NULL) - shutdown_daemon(); - else if (RestartRequest != NULL) - restart_daemon(); - else if (RestartWorkGroup) - restart_marked_work_groups(); - + CHECK_RESTART; curdaemon = -1; @@ -3363,7 +3338,9 @@ getauthinfo(fd, may_be_forged) /* try to match the reverse against the forward lookup */ hp = sm_gethostbyname(RealHostName, family); if (hp == NULL) + { *may_be_forged = true; + } else { for (ha = hp->h_addr_list; *ha != NULL; ha++) diff --git a/gnu/usr.sbin/sendmail/sendmail/deliver.c b/gnu/usr.sbin/sendmail/sendmail/deliver.c index da6de346699..503d3757499 100644 --- a/gnu/usr.sbin/sendmail/sendmail/deliver.c +++ b/gnu/usr.sbin/sendmail/sendmail/deliver.c @@ -14,7 +14,7 @@ #include <sendmail.h> #include <sys/time.h> -SM_RCSID("@(#)$Sendmail: deliver.c,v 8.940.2.18 2003/03/28 17:34:39 ca Exp $") +SM_RCSID("@(#)$Sendmail: deliver.c,v 8.940.2.19 2003/09/03 19:58:26 ca Exp $") #if HASSETUSERCONTEXT # include <login_cap.h> @@ -4476,7 +4476,7 @@ putbody(mci, e, separator) char *df = queuename(e, DATAFL_LETTER); e->e_dfp = sm_io_open(SmFtStdio, SM_TIME_DEFAULT, df, - SM_IO_RDONLY, NULL); + SM_IO_RDONLY_B, NULL); if (e->e_dfp == NULL) { char *msg = "!putbody: Cannot open %s for %s from %s"; @@ -5207,7 +5207,7 @@ mailfile(filename, mailer, ctladdr, sfflags, e) char *df = queuename(e, DATAFL_LETTER); e->e_dfp = sm_io_open(SmFtStdio, SM_TIME_DEFAULT, df, - SM_IO_RDONLY, NULL); + SM_IO_RDONLY_B, NULL); if (e->e_dfp == NULL) { syserr("mailfile: Cannot open %s for %s from %s", diff --git a/gnu/usr.sbin/sendmail/sendmail/domain.c b/gnu/usr.sbin/sendmail/sendmail/domain.c index 8dfe8a2f1b6..cdda422ea83 100644 --- a/gnu/usr.sbin/sendmail/sendmail/domain.c +++ b/gnu/usr.sbin/sendmail/sendmail/domain.c @@ -14,9 +14,9 @@ #include <sendmail.h> #if NAMED_BIND -SM_RCSID("@(#)$Sendmail: domain.c,v 8.181.2.6 2003/01/15 19:17:15 ca Exp $ (with name server)") +SM_RCSID("@(#)$Sendmail: domain.c,v 8.181.2.9 2003/08/11 23:23:40 gshapiro Exp $ (with name server)") #else /* NAMED_BIND */ -SM_RCSID("@(#)$Sendmail: domain.c,v 8.181.2.6 2003/01/15 19:17:15 ca Exp $ (without name server)") +SM_RCSID("@(#)$Sendmail: domain.c,v 8.181.2.9 2003/08/11 23:23:40 gshapiro Exp $ (without name server)") #endif /* NAMED_BIND */ #if NAMED_BIND @@ -233,6 +233,8 @@ getmxrr(host, mxhosts, mxprefs, droplocalhost, rcode, tryfallback, pttl) if (tTd(8, 2)) sm_dprintf("getmxrr(%s, droplocalhost=%d)\n", host, droplocalhost); + if (*host == '\0') + return 0; if ((fallbackMX != NULL && droplocalhost && wordinclass(fallbackMX, 'w')) || !tryfallback) @@ -778,12 +780,6 @@ bestmx_map_lookup(map, name, av, statp) ** false -- otherwise. */ -# if NETINET6 -# define SM_T_INITIAL T_AAAA -# else /* NETINET6 */ -# define SM_T_INITIAL T_A -# endif /* NETINET6 */ - bool dns_getcanonname(host, hbsize, trymx, statp, pttl) char *host; @@ -807,6 +803,7 @@ dns_getcanonname(host, hbsize, trymx, statp, pttl) bool amatch; bool gotmx = false; int qtype; + int initial; int loopcnt; char *xp; char nbuf[SM_MAX(MAXPACKET, MAXDNAME*2+2)]; @@ -898,11 +895,16 @@ cnameloop: */ mxmatch = NULL; - qtype = SM_T_INITIAL; + initial = T_A; +# if NETINET6 + if (InetMode == AF_INET6) + initial = T_AAAA; +# endif /* NETINET6 */ + qtype = initial; for (dp = searchlist; *dp != NULL; ) { - if (qtype == SM_T_INITIAL) + if (qtype == initial) gotmx = false; if (tTd(8, 5)) sm_dprintf("dns_getcanonname: trying %s.%s (%s)\n", @@ -984,7 +986,7 @@ nexttype: /* definite no -- try the next domain */ dp++; - qtype = SM_T_INITIAL; + qtype = initial; continue; } else if (tTd(8, 7)) @@ -1069,13 +1071,7 @@ nexttype: # if NETINET6 case T_AAAA: - /* Flag that a good match was found */ - amatch = true; - - /* continue in case a CNAME also exists */ - continue; # endif /* NETINET6 */ - case T_A: /* Flag that a good match was found */ amatch = true; @@ -1161,7 +1157,7 @@ nexttype: qtype = T_MX; else { - qtype = SM_T_INITIAL; + qtype = initial; dp++; } } diff --git a/gnu/usr.sbin/sendmail/sendmail/headers.c b/gnu/usr.sbin/sendmail/sendmail/headers.c index 2b3203ed0c4..d2110d30ab7 100644 --- a/gnu/usr.sbin/sendmail/sendmail/headers.c +++ b/gnu/usr.sbin/sendmail/sendmail/headers.c @@ -13,7 +13,7 @@ #include <sendmail.h> -SM_RCSID("@(#)$Sendmail: headers.c,v 8.266.4.5 2003/03/12 22:42:52 gshapiro Exp $") +SM_RCSID("@(#)$Sendmail: headers.c,v 8.266.4.7 2003/09/03 21:32:20 ca Exp $") static size_t fix_mime_header __P((HDR *, ENVELOPE *)); static int priencode __P((char *)); @@ -140,7 +140,10 @@ chompheader(line, pflag, hdrp, e) mid = (unsigned char) macid(p); if (bitset(0200, mid)) + { p += strlen(macname(mid)) + 2; + SM_ASSERT(p <= q); + } else p++; @@ -315,6 +318,7 @@ hse: qval[l++] = '"'; /* - 3 to avoid problems with " at the end */ + /* should be sizeof(qval), not MAXNAME */ for (k = 0; fvalue[k] != '\0' && l < MAXNAME - 3; k++) { switch (fvalue[k]) @@ -1175,7 +1179,7 @@ crackaddr(addr, e) else if (c == ')') { /* syntax error: unmatched ) */ - if (copylev > 0 && SM_HAVE_ROOM) + if (copylev > 0 && SM_HAVE_ROOM && bp > bufhead) bp--; } @@ -1349,7 +1353,7 @@ crackaddr(addr, e) else if (SM_HAVE_ROOM) { /* syntax error: unmatched > */ - if (copylev > 0) + if (copylev > 0 && bp > bufhead) bp--; quoteit = true; continue; @@ -1693,6 +1697,12 @@ put_vanilla_header(h, v, mci) int l; l = nlp - v; + + /* + ** XXX This is broken for SPACELEFT()==0 + ** However, SPACELEFT() is always > 0 unless MAXLINE==1. + */ + if (SPACELEFT(obuf, obp) - 1 < (size_t) l) l = SPACELEFT(obuf, obp) - 1; @@ -1703,6 +1713,8 @@ put_vanilla_header(h, v, mci) if (*v != ' ' && *v != '\t') *obp++ = ' '; } + + /* XXX This is broken for SPACELEFT()==0 */ (void) sm_snprintf(obp, SPACELEFT(obuf, obp), "%.*s", (int) (SPACELEFT(obuf, obp) - 1), v); putxline(obuf, strlen(obuf), mci, putflags); @@ -1737,6 +1749,7 @@ commaize(h, p, oldstyle, mci, e) int omax; bool firstone = true; int putflags = PXLF_HEADER; + char **res; char obuf[MAXLINE + 3]; /* @@ -1753,6 +1766,8 @@ commaize(h, p, oldstyle, mci, e) obp = obuf; (void) sm_snprintf(obp, SPACELEFT(obuf, obp), "%.200s: ", h->h_field); + + /* opos = strlen(obp); */ opos = strlen(h->h_field) + 2; if (opos > 202) opos = 202; @@ -1785,14 +1800,23 @@ commaize(h, p, oldstyle, mci, e) while ((isascii(*p) && isspace(*p)) || *p == ',') p++; name = p; + res = NULL; for (;;) { auto char *oldp; char pvpbuf[PSBUFSIZE]; - (void) prescan(p, oldstyle ? ' ' : ',', pvpbuf, - sizeof pvpbuf, &oldp, NULL); + res = prescan(p, oldstyle ? ' ' : ',', pvpbuf, + sizeof pvpbuf, &oldp, NULL); p = oldp; +#if _FFR_IGNORE_BOGUS_ADDR + /* ignore addresses that can't be parsed */ + if (res == NULL) + { + name = p; + continue; + } +#endif /* _FFR_IGNORE_BOGUS_ADDR */ /* look to see if we have an at sign */ while (*p != '\0' && isascii(*p) && isspace(*p)) @@ -1815,6 +1839,15 @@ commaize(h, p, oldstyle, mci, e) p--; if (++p == name) continue; + + /* + ** if prescan() failed go a bit backwards; this is a hack, + ** there should be some better error recovery. + */ + + if (res == NULL && p > name && + !((isascii(*p) && isspace(*p)) || *p == ',' || *p == '\0')) + --p; savechar = *p; *p = '\0'; @@ -1858,7 +1891,7 @@ commaize(h, p, oldstyle, mci, e) (void) sm_strlcpy(obp, ",\n", SPACELEFT(obuf, obp)); putxline(obuf, strlen(obuf), mci, putflags); obp = obuf; - (void) sm_strlcpy(obp, " ", sizeof obp); + (void) sm_strlcpy(obp, " ", sizeof obuf); opos = strlen(obp); obp += opos; opos += strlen(name); @@ -1874,7 +1907,10 @@ commaize(h, p, oldstyle, mci, e) firstone = false; *p = savechar; } - *obp = '\0'; + if (obp < &obuf[sizeof obuf]) + *obp = '\0'; + else + obuf[sizeof obuf - 1] = '\0'; putxline(obuf, strlen(obuf), mci, putflags); } /* @@ -1946,6 +1982,7 @@ fix_mime_header(h, e) return 0; /* Split on each ';' */ + /* find_character() never returns NULL */ while ((end = find_character(begin, ';')) != NULL) { char save = *end; diff --git a/gnu/usr.sbin/sendmail/sendmail/main.c b/gnu/usr.sbin/sendmail/sendmail/main.c index 1e5831a8693..fd02287a2d1 100644 --- a/gnu/usr.sbin/sendmail/sendmail/main.c +++ b/gnu/usr.sbin/sendmail/sendmail/main.c @@ -25,7 +25,7 @@ SM_UNUSED(static char copyright[]) = The Regents of the University of California. All rights reserved.\n"; #endif /* ! lint */ -SM_RCSID("@(#)$Sendmail: main.c,v 8.887.2.22 2003/03/06 18:38:08 ca Exp $") +SM_RCSID("@(#)$Sendmail: main.c,v 8.887.2.27 2003/08/04 17:23:37 ca Exp $") #if NETINET || NETINET6 @@ -940,16 +940,18 @@ main(argc, argv, envp) *p++ = '\0'; if (*p != '\0') { - ep = sm_malloc_x(strlen(p) + 1); - cleanstrcpy(ep, p, MAXNAME); + i = strlen(p) + 1; + ep = sm_malloc_x(i); + cleanstrcpy(ep, p, i); macdefine(&BlankEnvelope.e_macro, A_HEAP, 's', ep); } } if (*optarg != '\0') { - ep = sm_malloc_x(strlen(optarg) + 1); - cleanstrcpy(ep, optarg, MAXNAME); + i = strlen(optarg) + 1; + ep = sm_malloc_x(i); + cleanstrcpy(ep, optarg, i); macdefine(&BlankEnvelope.e_macro, A_HEAP, 'r', ep); } @@ -2368,13 +2370,7 @@ main(argc, argv, envp) pid_t ret; int group; - if (ShutdownRequest != NULL) - shutdown_daemon(); - else if (RestartRequest != NULL) - restart_daemon(); - else if (RestartWorkGroup) - restart_marked_work_groups(); - + CHECK_RESTART; while ((ret = sm_wait(&status)) <= 0) continue; @@ -2392,8 +2388,9 @@ main(argc, argv, envp) "persistent queue runner=%d core dumped, signal=%d", group, WTERMSIG(status)); - /* don't restart this one */ - mark_work_group_restart(group, -1); + /* don't restart this */ + mark_work_group_restart( + group, -1); continue; } @@ -2414,7 +2411,8 @@ main(argc, argv, envp) sm_syslog(LOG_DEBUG, NOQID, "persistent queue runner=%d, exited", group); - mark_work_group_restart(group, -1); + mark_work_group_restart(group, + -1); } } finis(true, true, ExitStat); @@ -2443,13 +2441,7 @@ main(argc, argv, envp) for (;;) { (void) pause(); - if (ShutdownRequest != NULL) - shutdown_daemon(); - else if (RestartRequest != NULL) - restart_daemon(); - else if (RestartWorkGroup) - restart_marked_work_groups(); - + CHECK_RESTART; if (doqueuerun()) (void) runqueue(true, false, false, false); @@ -2643,7 +2635,7 @@ main(argc, argv, envp) /* collect body for UUCP return */ if (OpMode != MD_VERIFY) - collect(InChannel, false, NULL, &MainEnvelope); + collect(InChannel, false, NULL, &MainEnvelope, true); finis(true, true, EX_USAGE); /* NOTREACHED */ } @@ -2703,7 +2695,7 @@ main(argc, argv, envp) MainEnvelope.e_flags &= ~EF_FATALERRS; Errors = 0; buffer_errors(); - collect(InChannel, false, NULL, &MainEnvelope); + collect(InChannel, false, NULL, &MainEnvelope, true); /* header checks failed */ if (Errors > 0) diff --git a/gnu/usr.sbin/sendmail/sendmail/map.c b/gnu/usr.sbin/sendmail/sendmail/map.c index 09fad2ee9a2..9f23572c72b 100644 --- a/gnu/usr.sbin/sendmail/sendmail/map.c +++ b/gnu/usr.sbin/sendmail/sendmail/map.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1992, 1995-1997 Eric P. Allman. All rights reserved. * Copyright (c) 1992, 1993 @@ -13,7 +13,7 @@ #include <sendmail.h> -SM_RCSID("@(#)$Sendmail: map.c,v 8.645.2.7 2002/12/03 17:01:15 ca Exp $") +SM_RCSID("@(#)$Sendmail: map.c,v 8.645.2.10 2003/07/24 18:24:17 ca Exp $") #if LDAPMAP # include <sm/ldap.h> @@ -383,7 +383,7 @@ map_rewrite(map, s, slen, av) if (c != '%') { pushc: - if (--len <= 0) + if (len-- <= 1) break; *bp++ = c; continue; @@ -394,8 +394,9 @@ map_rewrite(map, s, slen, av) goto pushc; if (!(isascii(c) && isdigit(c))) { + if (len-- <= 1) + break; *bp++ = '%'; - --len; goto pushc; } for (avp = av; --c >= '0' && *avp != NULL; avp++) @@ -1173,8 +1174,7 @@ dns_map_lookup(map, name, av, statp) if (r == NULL) { result = NULL; - if (errno == ETIMEDOUT || h_errno == TRY_AGAIN || - errno == ECONNREFUSED) + if (h_errno == TRY_AGAIN || transienterror(errno)) *statp = EX_TEMPFAIL; else *statp = EX_NOTFOUND; @@ -6944,6 +6944,10 @@ regex_map_init(map, ap) map->map_mflags |= MF_MATCHONLY; break; + case 'q': + map->map_mflags |= MF_KEEPQUOTES; + break; + case 'S': map->map_spacesub = *++p; break; diff --git a/gnu/usr.sbin/sendmail/sendmail/mci.c b/gnu/usr.sbin/sendmail/sendmail/mci.c index 399fb0c1cfa..0451625aa82 100644 --- a/gnu/usr.sbin/sendmail/sendmail/mci.c +++ b/gnu/usr.sbin/sendmail/sendmail/mci.c @@ -13,7 +13,7 @@ #include <sendmail.h> -SM_RCSID("@(#)$Sendmail: mci.c,v 8.205.2.3 2003/01/07 03:56:19 ca Exp $") +SM_RCSID("@(#)$Sendmail: mci.c,v 8.205.2.4 2003/03/31 17:35:27 ca Exp $") #if NETINET || NETINET6 # include <arpa/inet.h> @@ -548,11 +548,21 @@ mci_dump(mci, logit) } (void) sm_snprintf(p, SPACELEFT(buf, p), "flags=%lx", mci->mci_flags); p += strlen(p); + + /* + ** The following check is just for paranoia. It protects the + ** assignment in the if() clause. If there's not some minimum + ** amount of space we can stop right now. The check will not + ** trigger as long as sizeof(buf)=4000. + */ + + if (p >= buf + sizeof(buf) - 4) + goto printit; if (mci->mci_flags != 0) { struct mcifbits *f; - *p++ = '<'; + *p++ = '<'; /* protected above */ for (f = MciFlags; f->mcif_bit != 0; f++) { if (!bitset(f->mcif_bit, mci->mci_flags)) @@ -1152,7 +1162,7 @@ mci_traverse_persistent(action, pathname) if (hostptr != host) *(hostptr++) = '.'; start = end; - while (*(start - 1) != '/') + while (start > pathname && *(start - 1) != '/') start--; if (*end == '.') @@ -1162,7 +1172,7 @@ mci_traverse_persistent(action, pathname) *(hostptr++) = *scan; end = start - 2; - } while (*end == '.'); + } while (end > pathname && *end == '.'); *hostptr = '\0'; @@ -1352,7 +1362,7 @@ mci_purge_persistent(pathname, hostname) /* ** MCI_GENERATE_PERSISTENT_PATH -- generate path from hostname ** -** Given `host', convert from a.b.c to $QueueDir/.hoststat/c./b./a, +** Given `host', convert from a.b.c to $HostStatDir/c./b./a, ** putting the result into `path'. if `createflag' is set, intervening ** directories will be created as needed. ** diff --git a/gnu/usr.sbin/sendmail/sendmail/milter.c b/gnu/usr.sbin/sendmail/sendmail/milter.c index 53c57e526a0..69661c4a621 100644 --- a/gnu/usr.sbin/sendmail/sendmail/milter.c +++ b/gnu/usr.sbin/sendmail/sendmail/milter.c @@ -10,7 +10,7 @@ #include <sendmail.h> -SM_RCSID("@(#)$Sendmail: milter.c,v 8.197.2.7 2003/03/22 18:54:25 ca Exp $") +SM_RCSID("@(#)$Sendmail: milter.c,v 8.197.2.9 2003/09/07 00:18:29 ca Exp $") #if MILTER # include <libmilter/mfapi.h> @@ -1569,7 +1569,7 @@ milter_reopen_df(e) /* open writable */ if ((e->e_dfp = sm_io_open(SmFtStdio, SM_TIME_DEFAULT, dfname, - SM_IO_RDWR, NULL)) == NULL) + SM_IO_RDWR_B, NULL)) == NULL) { MILTER_DF_ERROR("milter_reopen_df: sm_io_open %s: %s"); return -1; @@ -1626,7 +1626,7 @@ milter_reset_df(e) return -1; } else if ((e->e_dfp = sm_io_open(SmFtStdio, SM_TIME_DEFAULT, dfname, - SM_IO_RDONLY, NULL)) == NULL) + SM_IO_RDONLY_B, NULL)) == NULL) { MILTER_DF_ERROR("milter_reset_df: error reopening %s: %s"); return -1; @@ -2807,6 +2807,8 @@ milter_addrcpt(response, rlen, e) ssize_t rlen; ENVELOPE *e; { + int olderrors; + if (tTd(64, 10)) sm_dprintf("milter_addrcpt: "); @@ -2831,7 +2833,9 @@ milter_addrcpt(response, rlen, e) sm_dprintf("%s\n", response); if (MilterLogLevel > 8) sm_syslog(LOG_INFO, e->e_id, "Milter add: rcpt: %s", response); - (void) sendtolist(response, NULLADDR, &e->e_sendqueue, 0, e); + olderrors = Errors; + (void) sendtolist(response, NULLADDR, &e->e_sendqueue, 0, e); + Errors = olderrors; return; } /* diff --git a/gnu/usr.sbin/sendmail/sendmail/mime.c b/gnu/usr.sbin/sendmail/sendmail/mime.c index 68e325c799e..4db1f6f4e70 100644 --- a/gnu/usr.sbin/sendmail/sendmail/mime.c +++ b/gnu/usr.sbin/sendmail/sendmail/mime.c @@ -14,7 +14,7 @@ #include <sendmail.h> #include <string.h> -SM_RCSID("@(#)$Sendmail: mime.c,v 8.130 2002/05/21 03:39:34 ca Exp $") +SM_RCSID("@(#)$Sendmail: mime.c,v 8.130.2.1 2003/04/15 01:05:59 ca Exp $") /* ** MIME support. @@ -317,7 +317,7 @@ mime8to7(mci, header, e, boundaries, flags) putline(buf, mci); if (tTd(43, 35)) sm_dprintf(" ...%s\n", buf); - collect(e->e_dfp, false, &hdr, e); + collect(e->e_dfp, false, &hdr, e, false); if (tTd(43, 101)) putline("+++after collect", mci); putheader(mci, hdr, e, flags); @@ -371,7 +371,7 @@ mime8to7(mci, header, e, boundaries, flags) putline("", mci); mci->mci_flags |= MCIF_INMIME; - collect(e->e_dfp, false, &hdr, e); + collect(e->e_dfp, false, &hdr, e, false); if (tTd(43, 101)) putline("+++after collect", mci); putheader(mci, hdr, e, flags); diff --git a/gnu/usr.sbin/sendmail/sendmail/parseaddr.c b/gnu/usr.sbin/sendmail/sendmail/parseaddr.c index e2496ca2598..1b02274c022 100644 --- a/gnu/usr.sbin/sendmail/sendmail/parseaddr.c +++ b/gnu/usr.sbin/sendmail/sendmail/parseaddr.c @@ -13,7 +13,7 @@ #include <sendmail.h> -SM_RCSID("@(#)$Sendmail: parseaddr.c,v 8.359.2.6 2003/03/27 02:39:53 ca Exp $") +SM_RCSID("@(#)$Sendmail: parseaddr.c,v 8.359.2.9 2003/09/16 18:07:50 ca Exp $") static void allocaddr __P((ADDRESS *, int, char *, ENVELOPE *)); static int callsubr __P((char**, int, ENVELOPE *)); @@ -885,9 +885,12 @@ prescan(addr, delim, pvpbuf, pvpbsize, delimptr, toktab) } } while (c != '\0' && (c != delim || anglecnt > 0)); *avp = NULL; - p--; if (delimptr != NULL) + { + if (p > addr) + p--; *delimptr = p; + } if (tTd(22, 12)) { sm_dprintf("prescan==>"); @@ -970,6 +973,11 @@ rewrite(pvp, ruleset, reclevel, e, maxatom) char buf[MAXLINE]; char name[6]; + /* + ** mlp will not exceed mlist[] because readcf enforces + ** the upper limit of entries when reading rulesets. + */ + if (ruleset < 0 || ruleset >= MAXRWSETS) { syserr("554 5.3.5 rewrite: illegal ruleset number %d", ruleset); @@ -1004,6 +1012,8 @@ rewrite(pvp, ruleset, reclevel, e, maxatom) } if (pvp == NULL) return EX_USAGE; + if (maxatom <= 0) + return EX_USAGE; /* ** Run through the list of rewrite rules, applying @@ -1291,16 +1301,7 @@ rewrite(pvp, ruleset, reclevel, e, maxatom) while (pp <= m->match_last) { if (avp >= &npvp[maxatom]) - { - syserr("554 5.3.0 rewrite: expansion too long"); - if (LogLevel > 9) - sm_syslog(LOG_ERR, - e->e_id, - "rewrite: expansion too long, ruleset=%s, ruleno=%d", - rulename, - ruleno); - return EX_DATAERR; - } + goto toolong; *avp++ = *pp++; } } @@ -1407,7 +1408,7 @@ rewrite(pvp, ruleset, reclevel, e, maxatom) char **default_rvp; char cbuf[MAXNAME + 1]; char *pvpb1[MAXATOM + 1]; - char *argvect[10]; + char *argvect[MAX_MAP_ARGS]; char pvpbuf[PSBUFSIZE]; char *nullpvp[1]; @@ -1431,13 +1432,19 @@ rewrite(pvp, ruleset, reclevel, e, maxatom) { endtoken = LOOKUPEND; mapname = *++rvp; + if (mapname == NULL) + syserr("554 5.3.0 rewrite: missing mapname"); } map = stab(mapname, ST_MAP, ST_FIND); if (map == NULL) - syserr("554 5.3.0 rewrite: map %s not found", mapname); + syserr("554 5.3.0 rewrite: map %s not found", + mapname); /* extract the match part */ key_rvp = ++rvp; + if (key_rvp == NULL) + syserr("554 5.3.0 rewrite: missing key for map %s", + mapname); default_rvp = NULL; arg_rvp = argvect; xpvp = NULL; @@ -1446,7 +1453,8 @@ rewrite(pvp, ruleset, reclevel, e, maxatom) { int nodetype = **rvp & 0377; - if (nodetype != CANONHOST && nodetype != CANONUSER) + if (nodetype != CANONHOST && + nodetype != CANONUSER) { rvp++; continue; @@ -1459,7 +1467,9 @@ rewrite(pvp, ruleset, reclevel, e, maxatom) cataddr(xpvp, NULL, replac, &pvpbuf[sizeof pvpbuf] - replac, '\0'); - *++arg_rvp = replac; + if (arg_rvp < + &argvect[MAX_MAP_ARGS - 1]) + *++arg_rvp = replac; replac += strlen(replac) + 1; xpvp = NULL; } @@ -1481,9 +1491,13 @@ rewrite(pvp, ruleset, reclevel, e, maxatom) cataddr(xpvp, NULL, replac, &pvpbuf[sizeof pvpbuf] - replac, '\0'); - *++arg_rvp = replac; + if (arg_rvp < &argvect[MAX_MAP_ARGS - 1]) + *++arg_rvp = replac; } - *++arg_rvp = NULL; + if (arg_rvp >= &argvect[MAX_MAP_ARGS - 1]) + argvect[MAX_MAP_ARGS - 1] = NULL; + else + *++arg_rvp = NULL; /* save the remainder of the input string */ trsize = (int) (avp - rvp + 1) * sizeof *rvp; @@ -1672,7 +1686,7 @@ callsubr(pvp, reclevel, e) /* ** Now we need to call the ruleset specified for - ** the subroutine. we can do this inplace since + ** the subroutine. We can do this in place since ** we call the "last" subroutine first. */ @@ -1870,6 +1884,7 @@ buildaddr(tv, a, flags, e) register ENVELOPE *e; { bool tempfail = false; + int maxatom; struct mailer **mp; register struct mailer *m; register char *p; @@ -1884,6 +1899,7 @@ buildaddr(tv, a, flags, e) printav(tv); } + maxatom = MAXATOM; if (a == NULL) a = (ADDRESS *) sm_rpool_malloc_x(e->e_rpool, sizeof *a); memset((char *) a, '\0', sizeof *a); @@ -1923,14 +1939,22 @@ badaddr: return a; } mname = *++tv; + --maxatom; /* extract host and user portions */ if (*++tv != NULL && (**tv & 0377) == CANONHOST) + { hostp = ++tv; + --maxatom; + } else hostp = NULL; + --maxatom; while (*tv != NULL && (**tv & 0377) != CANONUSER) + { tv++; + --maxatom; + } if (*tv == NULL) { syserr("554 5.3.5 buildaddr: no user"); @@ -1941,6 +1965,7 @@ badaddr: else if (hostp != NULL) cataddr(hostp, tv - 1, hbuf, sizeof hbuf, '\0'); cataddr(++tv, NULL, ubuf, sizeof ubuf, ' '); + --maxatom; /* save away the host name */ if (sm_strcasecmp(mname, "error") == 0) @@ -2045,6 +2070,7 @@ badaddr: { p++; tv++; + --maxatom; a->q_flags |= QNOTREMOTE; } @@ -2075,11 +2101,11 @@ badaddr: !bitset(RF_SENDERADDR|RF_HEADERADDR, flags)) { /* sender addresses done later */ - (void) REWRITE(tv, 2, e); + (void) rewrite(tv, 2, 0, e, maxatom); if (m->m_re_rwset > 0) - (void) REWRITE(tv, m->m_re_rwset, e); + (void) rewrite(tv, m->m_re_rwset, 0, e, maxatom); } - (void) REWRITE(tv, 4, e); + (void) rewrite(tv, 4, 0, e, maxatom); /* save the result for the command line/RCPT argument */ cataddr(tv, NULL, ubuf, sizeof ubuf, '\0'); @@ -2165,7 +2191,7 @@ cataddr(pvp, evp, buf, sz, spacesub) break; } #if _FFR_CATCH_LONG_STRINGS - /* Don't silently truncate long strings */ + /* Don't silently truncate long strings; broken for evp != NULL */ if (*pvp != NULL) syserr("cataddr: string too long"); #endif /* _FFR_CATCH_LONG_STRINGS */ @@ -2458,8 +2484,7 @@ emptyaddr(a) ** ** Parameters: ** name -- the name to translate. -** m -- the mailer that we want to do rewriting relative -** to. +** m -- the mailer that we want to do rewriting relative to. ** flags -- fine tune operations. ** pstat -- pointer to status word. ** e -- the current envelope. @@ -2654,7 +2679,6 @@ maplocaluser(a, sendq, aliaslevel, e) { register char **pvp; register ADDRESS *SM_NONVOLATILE a1 = NULL; - auto char *delimptr; char pvpbuf[PSBUFSIZE]; if (tTd(29, 1)) @@ -2662,7 +2686,7 @@ maplocaluser(a, sendq, aliaslevel, e) sm_dprintf("maplocaluser: "); printaddr(a, false); } - pvp = prescan(a->q_user, '\0', pvpbuf, sizeof pvpbuf, &delimptr, NULL); + pvp = prescan(a->q_user, '\0', pvpbuf, sizeof pvpbuf, NULL, NULL); if (pvp == NULL) { if (tTd(29, 9)) @@ -3108,6 +3132,7 @@ rscheck(rwset, p1, p2, e, flags, logl, host, logid) ** e -- the current envelope. ** pvp -- pointer to token vector. ** pvpbuf -- buffer space. +** size -- size of buffer space. ** ** Returns: ** EX_UNAVAILABLE -- ruleset doesn't exist. @@ -3175,7 +3200,7 @@ rscap(rwset, p1, p2, e, pvp, pvpbuf, size) QuickAbort = false; *pvp = prescan(buf, '\0', pvpbuf, size, NULL, NULL); if (*pvp != NULL) - rstat = REWRITE(*pvp, rsno, e); + rstat = rewrite(*pvp, rsno, 0, e, size); else { if (tTd(48, 2)) diff --git a/gnu/usr.sbin/sendmail/sendmail/queue.c b/gnu/usr.sbin/sendmail/sendmail/queue.c index cc67fa39c33..dcf72c4bd91 100644 --- a/gnu/usr.sbin/sendmail/sendmail/queue.c +++ b/gnu/usr.sbin/sendmail/sendmail/queue.c @@ -13,20 +13,23 @@ #include <sendmail.h> -SM_RCSID("@(#)$Sendmail: queue.c,v 8.863.2.30 2003/03/20 00:20:16 ca Exp $") +SM_RCSID("@(#)$Sendmail: queue.c,v 8.863.2.61 2003/09/03 19:58:26 ca Exp $") #include <dirent.h> # define RELEASE_QUEUE (void) 0 # define ST_INODE(st) (st).st_ino +# define sm_file_exists(errno) ((errno) == EEXIST) + +# define TF_OPEN_FLAGS (O_CREAT|O_WRONLY|O_EXCL) /* ** Historical notes: -** QF_VERSION == 4 was sendmail 8.10/8.11 without _FFR_QUEUEDELAY -** QF_VERSION == 5 was sendmail 8.10/8.11 with _FFR_QUEUEDELAY -** QF_VERSION == 6 is sendmail 8.12 without _FFR_QUEUEDELAY -** QF_VERSION == 7 is sendmail 8.12 with _FFR_QUEUEDELAY +** QF_VERSION == 4 was sendmail 8.10/8.11 without _FFR_QUEUEDELAY +** QF_VERSION == 5 was sendmail 8.10/8.11 with _FFR_QUEUEDELAY +** QF_VERSION == 6 is sendmail 8.12 without _FFR_QUEUEDELAY +** QF_VERSION == 7 is sendmail 8.12 with _FFR_QUEUEDELAY */ #if _FFR_QUEUEDELAY @@ -67,6 +70,21 @@ typedef struct work WORK; static WORK *WorkQ; /* queue of things to be done */ static int NumWorkGroups; /* number of work groups */ +static time_t Current_LA_time = 0; + +/* Get new load average every 30 seconds. */ +#define GET_NEW_LA_TIME 30 + +#define SM_GET_LA(now) \ + do \ + { \ + now = curtime(); \ + if (Current_LA_time < now - GET_NEW_LA_TIME) \ + { \ + sm_getla(); \ + Current_LA_time = now; \ + } \ + } while (0) /* ** DoQueueRun indicates that a queue run is needed. @@ -343,14 +361,36 @@ queueup(e, announce, msync) newid = (e->e_id == NULL) || !bitset(EF_INQUEUE, e->e_flags); (void) sm_strlcpy(tf, queuename(e, NEWQFL_LETTER), sizeof tf); tfp = e->e_lockfp; - if (tfp == NULL) - newid = false; + if (tfp == NULL && newid) + { + /* + ** open qf file directly: this will give an error if the file + ** already exists and hence prevent problems if a queue-id + ** is reused (e.g., because the clock is set back). + */ + + (void) sm_strlcpy(tf, queuename(e, ANYQFL_LETTER), sizeof tf); + tfd = open(tf, TF_OPEN_FLAGS, FileMode); + if (tfd < 0 || + !lockfile(tfd, tf, NULL, LOCK_EX|LOCK_NB) || + (tfp = sm_io_open(SmFtStdiofd, SM_TIME_DEFAULT, + (void *) &tfd, SM_IO_WRONLY_B, + NULL)) == NULL) + { + int save_errno = errno; + + printopenfds(true); + errno = save_errno; + syserr("!queueup: cannot create queue file %s, euid=%d", + tf, (int) geteuid()); + /* NOTREACHED */ + } + e->e_lockfp = tfp; + } /* if newid, write the queue file directly (instead of temp file) */ if (!newid) { - const int flags = O_CREAT|O_WRONLY|O_EXCL; - /* get a locked tf file */ for (i = 0; i < 128; i++) { @@ -360,7 +400,7 @@ queueup(e, announce, msync) if (bitset(S_IWGRP, QueueFileMode)) oldumask = umask(002); - tfd = open(tf, flags, QueueFileMode); + tfd = open(tf, TF_OPEN_FLAGS, QueueFileMode); if (bitset(S_IWGRP, QueueFileMode)) (void) umask(oldumask); @@ -399,7 +439,7 @@ queueup(e, announce, msync) (void) sleep(i % 32); } if (tfd < 0 || (tfp = sm_io_open(SmFtStdiofd, SM_TIME_DEFAULT, - (void *) &tfd, SM_IO_WRONLY, + (void *) &tfd, SM_IO_WRONLY_B, NULL)) == NULL) { int save_errno = errno; @@ -485,11 +525,12 @@ queueup(e, announce, msync) if (bitset(S_IWGRP, QueueFileMode)) oldumask = umask(002); - dfd = open(df, O_WRONLY|O_CREAT|O_TRUNC, QueueFileMode); + dfd = open(df, O_WRONLY|O_CREAT|O_TRUNC|QF_O_EXTRA, + QueueFileMode); if (bitset(S_IWGRP, QueueFileMode)) (void) umask(oldumask); if (dfd < 0 || (dfp = sm_io_open(SmFtStdiofd, SM_TIME_DEFAULT, - (void *) &dfd, SM_IO_WRONLY, + (void *) &dfd, SM_IO_WRONLY_B, NULL)) == NULL) syserr("!queueup: cannot create data temp file %s, uid=%d", df, (int) geteuid()); @@ -1552,9 +1593,6 @@ runqueue(forkflag, verbose, persistent, runall) ** runs things in the mail queue. */ -/* Get new load average every 30 seconds. */ -#define GET_NEW_LA_TIME 30 - static void runner_work(e, sequenceno, didfork, skip, njobs) register ENVELOPE *e; @@ -1565,9 +1603,9 @@ runner_work(e, sequenceno, didfork, skip, njobs) { int n; WORK *w; - time_t current_la_time, now; + time_t now; - current_la_time = curtime(); + SM_GET_LA(now); /* ** Here we temporarily block the second calling of the handlers. @@ -1623,13 +1661,8 @@ runner_work(e, sequenceno, didfork, skip, njobs) ** Get new load average every GET_NEW_LA_TIME seconds. */ - now = curtime(); - if (current_la_time < now - GET_NEW_LA_TIME) - { - sm_getla(); - current_la_time = now; - } - if (shouldqueue(WkRecipFact, current_la_time)) + SM_GET_LA(now); + if (shouldqueue(WkRecipFact, Current_LA_time)) { char *msg = "Aborting queue run: load average too high"; @@ -1743,7 +1776,7 @@ run_work_group(wgrp, flags) int njobs, qdir; int sequenceno = 1; int qgrp, endgrp, h, i; - time_t current_la_time, now; + time_t now; bool full, more; SM_RPOOL_T *rpool; extern void rmexpstab __P((void)); @@ -1758,11 +1791,10 @@ run_work_group(wgrp, flags) ** the queue. */ - sm_getla(); /* get load average */ - current_la_time = curtime(); + SM_GET_LA(now); if (!bitset(RWG_PERSISTENT, flags) && - shouldqueue(WkRecipFact, current_la_time)) + shouldqueue(WkRecipFact, Current_LA_time)) { char *msg = "Skipping queue run -- load average too high"; @@ -2035,7 +2067,7 @@ run_work_group(wgrp, flags) if (pid < 0) { syserr("run_work_group: cannot fork"); - return 0; + return false; } else if (pid > 0) { @@ -2216,12 +2248,8 @@ run_work_group(wgrp, flags) ** CurrentLA caused all entries in a queue to be ignored. */ - now = curtime(); - if (njobs == 0 && current_la_time < now - GET_NEW_LA_TIME) - { - sm_getla(); - current_la_time = now; - } + if (njobs == 0) + SM_GET_LA(now); rpool = sm_rpool_new_x(NULL); e = newenvelope(&QueueEnvelope, CurEnv, rpool); e->e_flags = BlankEnvelope.e_flags; @@ -2545,7 +2573,7 @@ gatherq(qgrp, qdir, doall, full, more) } /* open control file */ - cf = sm_io_open(SmFtStdio, SM_TIME_DEFAULT, qf, SM_IO_RDONLY, + cf = sm_io_open(SmFtStdio, SM_TIME_DEFAULT, qf, SM_IO_RDONLY_B, NULL); if (cf == NULL && OpMode != MD_PRINT) { @@ -2686,6 +2714,8 @@ gatherq(qgrp, qdir, doall, full, more) p = strchr(&lbuf[1], ':'); if (p == NULL) p = &lbuf[1]; + else + ++p; /* skip over ':' */ } else p = &lbuf[1]; @@ -3792,7 +3822,7 @@ readqf(e, openonly) */ (void) sm_strlcpy(qf, queuename(e, ANYQFL_LETTER), sizeof qf); - qfp = sm_io_open(SmFtStdio, SM_TIME_DEFAULT, qf, SM_IO_RDWR, NULL); + qfp = sm_io_open(SmFtStdio, SM_TIME_DEFAULT, qf, SM_IO_RDWR_B, NULL); if (qfp == NULL) { int save_errno = errno; @@ -3824,6 +3854,8 @@ readqf(e, openonly) return false; } + RELEASE_QUEUE; + /* ** Prevent locking race condition. ** @@ -3850,7 +3882,6 @@ readqf(e, openonly) sm_dprintf("readqf(%s): [f]stat failure (%s)\n", qf, sm_errstring(errno)); (void) sm_io_close(qfp, SM_TIME_DEFAULT); - RELEASE_QUEUE; return false; } @@ -3873,7 +3904,6 @@ readqf(e, openonly) if (LogLevel > 19) sm_syslog(LOG_DEBUG, e->e_id, "changed"); (void) sm_io_close(qfp, SM_TIME_DEFAULT); - RELEASE_QUEUE; return false; } @@ -3939,7 +3969,6 @@ readqf(e, openonly) if (!openonly) loseqfile(e, "bogus file uid/gid in mqueue"); (void) sm_io_close(qfp, SM_TIME_DEFAULT); - RELEASE_QUEUE; return false; } @@ -3952,7 +3981,6 @@ readqf(e, openonly) (void) xunlink(queuename(e, ANYQFL_LETTER)); } (void) sm_io_close(qfp, SM_TIME_DEFAULT); - RELEASE_QUEUE; return false; } @@ -3964,7 +3992,6 @@ readqf(e, openonly) */ (void) sm_io_close(qfp, SM_TIME_DEFAULT); - RELEASE_QUEUE; return false; } @@ -4154,10 +4181,10 @@ readqf(e, openonly) /* ** count size before chompheader() destroys the line. ** this isn't accurate due to macro expansion, but - ** better than before. "+3" to skip H?? at least. + ** better than before. "-3" to skip H?? at least. */ - hdrsize += strlen(bp + 3); + hdrsize += strlen(bp) - 3; (void) chompheader(&bp[1], CHHDR_QUEUE, NULL, e); break; @@ -4199,7 +4226,6 @@ readqf(e, openonly) howlong); e->e_id = NULL; unlockqueue(e); - RELEASE_QUEUE; return false; } macdefine(&e->e_macro, A_TEMP, @@ -4274,8 +4300,13 @@ readqf(e, openonly) } else qflags |= QPRIMARY; - q = parseaddr(++p, NULLADDR, RF_COPYALL, '\0', NULL, e, - true); + macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), + "e r"); + if (*p != '\0') + q = parseaddr(++p, NULLADDR, RF_COPYALL, '\0', + NULL, e, true); + else + q = NULL; if (q != NULL) { /* make sure we keep the current qgrp */ @@ -4291,6 +4322,8 @@ readqf(e, openonly) } frcpt = NULL; orcpt = NULL; + macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), + NULL); break; case 'S': /* sender */ @@ -4372,7 +4405,6 @@ readqf(e, openonly) { errno = 0; e->e_flags |= EF_CLRQUEUE|EF_FATALERRS|EF_RESPONSE; - RELEASE_QUEUE; return true; } @@ -4381,7 +4413,6 @@ readqf(e, openonly) { syserr("readqf: %s: incomplete queue file read", qf); (void) sm_io_close(qfp, SM_TIME_DEFAULT); - RELEASE_QUEUE; return false; } @@ -4401,7 +4432,7 @@ readqf(e, openonly) */ p = queuename(e, DATAFL_LETTER); - e->e_dfp = sm_io_open(SmFtStdio, SM_TIME_DEFAULT, p, SM_IO_RDONLY, + e->e_dfp = sm_io_open(SmFtStdio, SM_TIME_DEFAULT, p, SM_IO_RDONLY_B, NULL); if (e->e_dfp == NULL) { @@ -4423,7 +4454,6 @@ readqf(e, openonly) } } - RELEASE_QUEUE; return true; fail: @@ -4441,7 +4471,6 @@ readqf(e, openonly) e->e_lockfp = NULL; e->e_flags |= EF_INQUEUE; loseqfile(e, err); - RELEASE_QUEUE; return false; } /* @@ -4740,7 +4769,7 @@ print_single_queue(qgrp, qdir) (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, "%13s", w->w_name + 2); (void) sm_strlcpyn(qf, sizeof qf, 3, qd, "/", w->w_name); - f = sm_io_open(SmFtStdio, SM_TIME_DEFAULT, qf, SM_IO_RDONLY, + f = sm_io_open(SmFtStdio, SM_TIME_DEFAULT, qf, SM_IO_RDONLY_B, NULL); if (f == NULL) { @@ -6591,7 +6620,7 @@ init_shm(qn, owner, hash) Pshm = sm_shmstart(ShmKey, shms, SHM_R|SHM_W, &ShmId, owner); save_errno = errno; - if (Pshm != NULL || save_errno != EEXIST) + if (Pshm != NULL || !sm_file_exists(save_errno)) break; if (++count >= 3) { @@ -6681,6 +6710,7 @@ init_shm(qn, owner, hash) } #endif /* SM_CONF_SHM */ + /* ** SETUP_QUEUES -- setup all queue groups ** @@ -8250,7 +8280,7 @@ quarantine_queue_item(qgrp, qdir, e, reason) } tempqfp = sm_io_open(SmFtStdiofd, SM_TIME_DEFAULT, (void *) &fd, - SM_IO_WRONLY, NULL); + SM_IO_WRONLY_B, NULL); if (tempqfp == NULL) { (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, diff --git a/gnu/usr.sbin/sendmail/sendmail/readcf.c b/gnu/usr.sbin/sendmail/sendmail/readcf.c index d8e8a6c7671..bbb2a0c7b57 100644 --- a/gnu/usr.sbin/sendmail/sendmail/readcf.c +++ b/gnu/usr.sbin/sendmail/sendmail/readcf.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -13,7 +13,7 @@ #include <sendmail.h> -SM_RCSID("@(#)$Sendmail: readcf.c,v 8.607.2.8 2003/03/12 22:42:52 gshapiro Exp $") +SM_RCSID("@(#)$Sendmail: readcf.c,v 8.607.2.11 2003/04/03 23:04:06 ca Exp $") #if NETINET || NETINET6 # include <arpa/inet.h> @@ -291,11 +291,19 @@ readcf(cfname, safe, e) if (rwp->r_rhs != NULL) { register char **ap; + int args, endtoken; +#if _FFR_EXTRA_MAP_CHECK + int nexttoken; +#endif /* _FFR_EXTRA_MAP_CHECK */ + bool inmap; rwp->r_rhs = copyplist(rwp->r_rhs, true, NULL); /* check no out-of-bounds replacements */ nfuzzy += '0'; + inmap = false; + args = 0; + endtoken = 0; for (ap = rwp->r_rhs; *ap != NULL; ap++) { char *botch; @@ -331,6 +339,65 @@ readcf(cfname, safe, e) botch = "$~"; break; + case CANONHOST: + if (!inmap) + break; + if (++args >= MAX_MAP_ARGS) + syserr("too many arguments for map lookup"); + break; + + case HOSTBEGIN: + endtoken = HOSTEND; + /* FALLTHROUGH */ + case LOOKUPBEGIN: + /* see above... */ + if ((**ap & 0377) == LOOKUPBEGIN) + endtoken = LOOKUPEND; + if (inmap) + syserr("cannot nest map lookups"); + inmap = true; + args = 0; +#if _FFR_EXTRA_MAP_CHECK + if (*(ap + 1) == NULL) + { + syserr("syntax error in map lookup"); + break; + } + nexttoken = **(ap + 1) & 0377; + if (nexttoken == CANONHOST || + nexttoken == CANONUSER || + nexttoken == endtoken) + { + syserr("missing map name for lookup"); + break; + } + if (*(ap + 2) == NULL) + { + syserr("syntax error in map lookup"); + break; + } + if ((**ap & 0377) == HOSTBEGIN) + break; + nexttoken = **(ap + 2) & 0377; + if (nexttoken == CANONHOST || + nexttoken == CANONUSER || + nexttoken == endtoken) + { + syserr("missing key name for lookup"); + break; + } +#endif /* _FFR_EXTRA_MAP_CHECK */ + break; + + case HOSTEND: + case LOOKUPEND: + if ((**ap & 0377) != endtoken) + break; + inmap = false; + endtoken = 0; + break; + + #if 0 /* ** This doesn't work yet as there are maps defined *after* the cf @@ -365,6 +432,8 @@ readcf(cfname, safe, e) syserr("Inappropriate use of %s on RHS", botch); } + if (inmap) + syserr("missing map closing token"); } else { @@ -863,6 +932,7 @@ fileclass(class, filename, fmt, ismap, safe, optional) *p++ = '\0'; cl = p; +#if LDAPMAP if (strcmp(cl, "LDAP") == 0) { int n; @@ -902,6 +972,7 @@ fileclass(class, filename, fmt, ismap, safe, optional) spec = buf; } else +#endif /* LDAPMAP */ { if ((spec = strchr(cl, ':')) == NULL) { @@ -2552,7 +2623,7 @@ setoption(opt, val, safe, sticky, e) break; p = newstr(ep); if (!safe) - cleanstrcpy(p, p, MAXNAME); + cleanstrcpy(p, p, strlen(p) + 1); macdefine(&CurEnv->e_macro, A_TEMP, mid, p); break; @@ -3276,13 +3347,13 @@ setoption(opt, val, safe, sticky, e) else MaxMimeFieldLength = MaxMimeHeaderLength / 2; - if (MaxMimeHeaderLength < 0) + if (MaxMimeHeaderLength <= 0) MaxMimeHeaderLength = 0; else if (MaxMimeHeaderLength < 128) (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, "Warning: MaxMimeHeaderLength: header length limit set lower than 128\n"); - if (MaxMimeFieldLength < 0) + if (MaxMimeFieldLength <= 0) MaxMimeFieldLength = 0; else if (MaxMimeFieldLength < 40) (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, diff --git a/gnu/usr.sbin/sendmail/sendmail/recipient.c b/gnu/usr.sbin/sendmail/sendmail/recipient.c index 3432cc599a0..e33965278ca 100644 --- a/gnu/usr.sbin/sendmail/sendmail/recipient.c +++ b/gnu/usr.sbin/sendmail/sendmail/recipient.c @@ -13,7 +13,7 @@ #include <sendmail.h> -SM_RCSID("@(#)$Sendmail: recipient.c,v 8.330.2.1 2002/08/27 20:21:02 gshapiro Exp $") +SM_RCSID("@(#)$Sendmail: recipient.c,v 8.330.2.2 2003/09/16 19:56:25 ca Exp $") static void includetimeout __P((void)); static ADDRESS *self_reference __P((ADDRESS *)); @@ -169,6 +169,7 @@ sendtolist(list, ctladdr, sendq, aliaslevel, e) SM_NONVOLATILE char delimiter; /* the address delimiter */ SM_NONVOLATILE int naddrs; SM_NONVOLATILE int i; + char *endp; char *oldto = e->e_to; char *SM_NONVOLATILE bufp; char buf[MAXNAME + 1]; @@ -206,6 +207,7 @@ sendtolist(list, ctladdr, sendq, aliaslevel, e) } else bufp = sm_malloc_x(i); + endp = bufp + i; SM_TRY { @@ -217,12 +219,16 @@ sendtolist(list, ctladdr, sendq, aliaslevel, e) auto char *delimptr; register ADDRESS *a; + SM_ASSERT(p < endp); + /* parse the address */ while ((isascii(*p) && isspace(*p)) || *p == ',') p++; + SM_ASSERT(p < endp); a = parseaddr(p, NULLADDR, RF_COPYALL, delimiter, &delimptr, e, true); p = delimptr; + SM_ASSERT(p < endp); if (a == NULL) continue; a->q_next = al; diff --git a/gnu/usr.sbin/sendmail/sendmail/sendmail.8 b/gnu/usr.sbin/sendmail/sendmail/sendmail.8 index d4f00c9755f..118b75a7f18 100644 --- a/gnu/usr.sbin/sendmail/sendmail/sendmail.8 +++ b/gnu/usr.sbin/sendmail/sendmail/sendmail.8 @@ -9,9 +9,9 @@ .\" the sendmail distribution. .\" .\" -.\" $Sendmail: sendmail.8,v 8.51 2002/05/24 15:42:13 ca Exp $ +.\" $Sendmail: sendmail.8,v 8.51.2.1 2003/05/20 16:38:15 gshapiro Exp $ .\" -.Dd May 24, 2002 +.Dd May 20, 2003 .Dt SENDMAIL 8 .Os .Sh NAME @@ -265,7 +265,7 @@ Process jobs in queue group called .Ar name only. .It Xo Fl q Ns Op Ar \&! Ns -.Cm I Ar substr +.Cm I Ns Ar substr .Xc Limit processed jobs to those containing .Ar substr @@ -273,7 +273,7 @@ as a substring of the queue ID or not when .Em !\& is specified. .It Xo Fl q Ns Op Ar \&! Ns -.Cm R Ar substr +.Cm R Ns Ar substr .Xc Limit processed jobs to those containing .Ar substr @@ -281,7 +281,7 @@ as a substring of one of the recipients or not when .Em !\& is specified. .It Xo Fl q Ns Op Ar \&! Ns -.Cm S Ar substr +.Cm S Ns Ar substr .Xc Limit processed jobs to those containing .Ar substr diff --git a/gnu/usr.sbin/sendmail/sendmail/sendmail.h b/gnu/usr.sbin/sendmail/sendmail/sendmail.h index e4a627fdf9f..0aefba208af 100644 --- a/gnu/usr.sbin/sendmail/sendmail/sendmail.h +++ b/gnu/usr.sbin/sendmail/sendmail/sendmail.h @@ -48,7 +48,7 @@ #ifdef _DEFINE # ifndef lint -SM_UNUSED(static char SmailId[]) = "@(#)$Sendmail: sendmail.h,v 8.919.2.17 2003/03/12 22:42:52 gshapiro Exp $"; +SM_UNUSED(static char SmailId[]) = "@(#)$Sendmail: sendmail.h,v 8.919.2.28 2003/09/03 19:58:27 ca Exp $"; # endif /* ! lint */ #endif /* _DEFINE */ @@ -186,6 +186,10 @@ SM_UNUSED(static char SmailId[]) = "@(#)$Sendmail: sendmail.h,v 8.919.2.17 2003/ #endif /* ! INADDR_NONE */ +/* (f)open() modes for queue files */ +# define QF_O_EXTRA 0 + + /* ** An 'argument class' describes the storage allocation status ** of an object pointed to by an argument to a function. @@ -1052,6 +1056,7 @@ struct rewrite #define MATCHZERO CANONHOST #define MAXMATCH 9 /* max params per rewrite */ +#define MAX_MAP_ARGS 10 /* max arguments for map */ /* external <==> internal mapping table */ struct metamac @@ -1696,7 +1701,7 @@ EXTERN int MilterLogLevel; # if _FFR_MILTER_PERDAEMON /* functions */ -extern void setup_daemon_milters __P(()); +extern void setup_daemon_milters __P((void)); # endif /* _FFR_MILTER_PERDAEMON */ #endif /* MILTER */ @@ -1962,7 +1967,7 @@ extern void quarantine_queue __P((char *, int)); extern char *queuename __P((ENVELOPE *, int)); extern void queueup __P((ENVELOPE *, bool, bool)); extern bool runqueue __P((bool, bool, bool, bool)); -extern int run_work_group __P((int, int)); +extern bool run_work_group __P((int, int)); extern void set_def_queueval __P((QUEUEGRP *, bool)); extern void setup_queues __P((bool)); extern bool setnewqueue __P((ENVELOPE *)); @@ -2119,6 +2124,19 @@ extern unsigned char tTdvect[100]; /* trace vector */ var = _newval; \ } while (0) +#define _CHECK_RESTART \ + do \ + { \ + if (ShutdownRequest != NULL) \ + shutdown_daemon(); \ + else if (RestartRequest != NULL) \ + restart_daemon(); \ + else if (RestartWorkGroup) \ + restart_marked_work_groups(); \ + } while (0) + +# define CHECK_RESTART _CHECK_RESTART + /* ** Global variables. */ @@ -2423,7 +2441,7 @@ extern void cleanstrcpy __P((char *, char *, int)); extern void cleanup_shm __P((bool)); #endif /* SM_CONF_SHM */ extern void clrdaemon __P((void)); -extern void collect __P((SM_FILE_T *, bool, HDR **, ENVELOPE *)); +extern void collect __P((SM_FILE_T *, bool, HDR **, ENVELOPE *, bool)); extern time_t convtime __P((char *, int)); extern char **copyplist __P((char **, bool, SM_RPOOL_T *)); extern void copy_class __P((int, int)); @@ -2502,7 +2520,7 @@ extern SIGFUNC_DECL reapchild __P((int)); extern int releasesignal __P((int)); extern void resetlimits __P((void)); extern void restart_daemon __P((void)); -extern void restart_marked_work_groups __P(()); +extern void restart_marked_work_groups __P((void)); extern bool rfc822_string __P((char *)); extern bool savemail __P((ENVELOPE *, bool)); extern void seed_random __P((void)); diff --git a/gnu/usr.sbin/sendmail/sendmail/sfsasl.c b/gnu/usr.sbin/sendmail/sendmail/sfsasl.c index 976031816d7..52c4be7a238 100644 --- a/gnu/usr.sbin/sendmail/sendmail/sfsasl.c +++ b/gnu/usr.sbin/sendmail/sendmail/sfsasl.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1999-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * * By using this file, you agree to the terms and conditions set @@ -9,7 +9,7 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Sendmail: sfsasl.c,v 8.91.2.2 2002/09/12 21:07:50 ca Exp $") +SM_RCSID("@(#)$Sendmail: sfsasl.c,v 8.91.2.5 2003/08/08 17:30:11 ca Exp $") #include <stdlib.h> #include <sendmail.h> #include <errno.h> @@ -101,6 +101,11 @@ sasl_open(fp, info, flags, rpool) struct sasl_info *si = (struct sasl_info *) info; so = (struct sasl_obj *) sm_malloc(sizeof(struct sasl_obj)); + if (so == NULL) + { + errno = ENOMEM; + return -1; + } so->fp = si->fp; so->conn = si->conn; @@ -139,6 +144,8 @@ sasl_close(fp) struct sasl_obj *so; so = (struct sasl_obj *) fp->f_cookie; + if (so == NULL) + return 0; if (so->fp != NULL) { sm_io_close(so->fp, SM_TIME_DEFAULT); @@ -192,6 +199,9 @@ sasl_read(fp, buf, size) ** data since it might be larger than the allowed size. ** Therefore we use a static pointer and return portions of it ** if necessary. + ** XXX Note: This function is not thread-safe nor can it be used + ** on more than one file. A correct implementation would store + ** this data in fp->f_cookie. */ # if SASL >= 20000 @@ -286,6 +296,8 @@ sasl_write(fp, buf, size) /* XXX result == 0? */ ret = sm_io_write(so->fp, SM_TIME_DEFAULT, &outbuf[total], outlen); + if (ret <= 0) + return ret; outlen -= ret; total += ret; } @@ -447,6 +459,11 @@ tls_open(fp, info, flags, rpool) struct tls_info *ti = (struct tls_info *) info; so = (struct tls_obj *) sm_malloc(sizeof(struct tls_obj)); + if (so == NULL) + { + errno = ENOMEM; + return -1; + } so->fp = ti->fp; so->con = ti->con; @@ -483,6 +500,8 @@ tls_close(fp) struct tls_obj *so; so = (struct tls_obj *) fp->f_cookie; + if (so == NULL) + return 0; if (so->fp != NULL) { sm_io_close(so->fp, SM_TIME_DEFAULT); @@ -582,7 +601,12 @@ tls_read(fp, buf, size) save_errno = (errno == 0) ? EIO : errno; again = MAX_TLS_IOS; - if (LogLevel > 7) + if (LogLevel > 9) + sm_syslog(LOG_WARNING, NOQID, + "STARTTLS: read error=%s (%d), errno=%d, get_error=%s", + err, r, errno, + ERR_error_string(ERR_get_error(), NULL)); + else if (LogLevel > 7) sm_syslog(LOG_WARNING, NOQID, "STARTTLS: read error=%s (%d)", err, r); errno = save_errno; @@ -674,7 +698,12 @@ tls_write(fp, buf, size) save_errno = (errno == 0) ? EIO : errno; again = MAX_TLS_IOS; - if (LogLevel > 7) + if (LogLevel > 9) + sm_syslog(LOG_WARNING, NOQID, + "STARTTLS: write error=%s (%d), errno=%d, get_error=%s", + err, r, errno, + ERR_error_string(ERR_get_error(), NULL)); + else if (LogLevel > 7) sm_syslog(LOG_WARNING, NOQID, "STARTTLS: write error=%s (%d)", err, r); errno = save_errno; @@ -689,7 +718,7 @@ tls_write(fp, buf, size) ** Parameters: ** fin -- data input source being replaced ** fout -- data output source being replaced -** conn -- the tls connection pointer +** con -- the tls connection pointer ** ** Returns: ** -1 on error diff --git a/gnu/usr.sbin/sendmail/sendmail/srvrsmtp.c b/gnu/usr.sbin/sendmail/sendmail/srvrsmtp.c index 73980617871..fce6030cdf2 100644 --- a/gnu/usr.sbin/sendmail/sendmail/srvrsmtp.c +++ b/gnu/usr.sbin/sendmail/sendmail/srvrsmtp.c @@ -16,7 +16,7 @@ # include <libmilter/mfdef.h> #endif /* MILTER */ -SM_RCSID("@(#)$Sendmail: srvrsmtp.c,v 8.829.2.22 2003/02/19 02:45:40 ca Exp $") +SM_RCSID("@(#)$Sendmail: srvrsmtp.c,v 8.829.2.31 2003/07/01 17:30:01 ca Exp $") #if SASL || STARTTLS # include <sys/time.h> @@ -67,6 +67,38 @@ static void printvrfyaddr __P((ADDRESS *, bool, bool)); static void rcpt_esmtp_args __P((ADDRESS *, char *, char *, ENVELOPE *)); static char *skipword __P((char *volatile, char *)); static void setup_smtpd_io __P((void)); + +#if SASL +# if SASL >= 20000 +static int reset_saslconn __P((sasl_conn_t **_conn, char *_hostname, + char *_remoteip, char *_localip, + char *_auth_id, sasl_ssf_t *_ext_ssf)); + +# define RESET_SASLCONN \ + result = reset_saslconn(&conn, hostname, remoteip, localip, auth_id, \ + &ext_ssf); \ + if (result != SASL_OK) \ + { \ + /* This is pretty fatal */ \ + goto doquit; \ + } + +# else /* SASL >= 20000 */ +static int reset_saslconn __P((sasl_conn_t **_conn, char *_hostname, + struct sockaddr_in *_saddr_r, + struct sockaddr_in *_saddr_l, + sasl_external_properties_t *_ext_ssf)); +# define RESET_SASLCONN \ + result = reset_saslconn(&conn, hostname, &saddr_r, &saddr_l, &ext_ssf); \ + if (result != SASL_OK) \ + { \ + /* This is pretty fatal */ \ + goto doquit; \ + } + +# endif /* SASL >= 20000 */ +#endif /* SASL */ + extern ENVELOPE BlankEnvelope; #define SKIP_SPACE(s) while (isascii(*s) && isspace(*s)) \ @@ -367,6 +399,7 @@ smtp(nullserver, d_flags, e) volatile unsigned int n_etrn = 0; /* count of ETRN */ volatile unsigned int n_noop = 0; /* count of NOOP/VERB/etc */ volatile unsigned int n_helo = 0; /* count of HELO/EHLO */ + volatile int save_sevenbitinput; bool ok; #if _FFR_BLOCK_PROXIES || _FFR_ADAPTIVE_EOL volatile bool first; @@ -398,10 +431,13 @@ smtp(nullserver, d_flags, e) char *auth_id; const char *out; sasl_ssf_t ext_ssf; + char localip[60], remoteip[60]; # else /* SASL >= 20000 */ char *out; const char *errstr; sasl_external_properties_t ext_ssf; + struct sockaddr_in saddr_l; + struct sockaddr_in saddr_r; # endif /* SASL >= 20000 */ sasl_security_properties_t ssp; sasl_ssf_t *ssf; @@ -431,6 +467,7 @@ smtp(nullserver, d_flags, e) #endif /* PIPELINING */ volatile time_t log_delay = (time_t) 0; + save_sevenbitinput = SevenBitInput; smtp.sm_nrcpts = 0; #if MILTER smtp.sm_milterize = (nullserver == NULL); @@ -568,7 +605,6 @@ smtp(nullserver, d_flags, e) SOCKADDR_LEN_T addrsize; SOCKADDR saddr_l; SOCKADDR saddr_r; - char localip[60], remoteip[60]; addrsize = sizeof(saddr_r); if (getpeername(sm_io_getinfo(InChannel, SM_IO_WHAT_FD, @@ -607,8 +643,6 @@ smtp(nullserver, d_flags, e) if (in != NULL && strcmp(in, "inet") == 0) { SOCKADDR_LEN_T addrsize; - struct sockaddr_in saddr_l; - struct sockaddr_in saddr_r; addrsize = sizeof(struct sockaddr_in); if (getpeername(sm_io_getinfo(InChannel, SM_IO_WHAT_FD, @@ -678,6 +712,9 @@ smtp(nullserver, d_flags, e) } #endif /* SASL */ +#if STARTTLS +#endif /* STARTTLS */ + #if MILTER if (smtp.sm_milterize) { @@ -766,7 +803,10 @@ smtp(nullserver, d_flags, e) /* If this an smtps connection, start TLS now */ smtps = bitnset(D_SMTPS, d_flags); if (smtps) + { + Errors = 0; goto starttls; + } greeting: @@ -975,6 +1015,7 @@ smtp(nullserver, d_flags, e) { authenticating = SASL_NOT_AUTH; message("501 5.5.2 missing input"); + RESET_SASLCONN; continue; } # endif /* 0 */ @@ -984,6 +1025,7 @@ smtp(nullserver, d_flags, e) /* rfc 2254 4. */ message("501 5.0.0 AUTH aborted"); + RESET_SASLCONN; continue; } @@ -1006,6 +1048,7 @@ smtp(nullserver, d_flags, e) # if SASL >= 20000 sm_free(in); # endif /* SASL >= 20000 */ + RESET_SASLCONN; continue; } @@ -1160,6 +1203,7 @@ smtp(nullserver, d_flags, e) # else /* SASL >= 20000 */ errstr == NULL ? "" : errstr); # endif /* SASL >= 20000 */ + RESET_SASLCONN; authenticating = SASL_NOT_AUTH; } } @@ -1409,6 +1453,7 @@ smtp(nullserver, d_flags, e) # else /* SASL >= 20000 */ errstr); # endif /* SASL >= 20000 */ + RESET_SASLCONN; break; } auth_type = newstr(p); @@ -1436,6 +1481,7 @@ smtp(nullserver, d_flags, e) /* start over? */ authenticating = SASL_NOT_AUTH; + RESET_SASLCONN; } else { @@ -1505,6 +1551,8 @@ smtp(nullserver, d_flags, e) else if ((srv_ssl = SSL_new(srv_ctx)) == NULL) { message("454 4.3.3 TLS not available: error generating SSL handle"); + if (LogLevel > 8) + tlslogerr("server"); # if _FFR_SMTP_SSL goto tls_done; # else /* _FFR_SMTP_SSL */ @@ -1816,7 +1864,7 @@ tlsfail: ok = AllowBogusHELO; break; } - if (strchr("[].-_#", *q) == NULL) + if (strchr("[].-_#:", *q) == NULL) break; } @@ -2124,6 +2172,9 @@ tlsfail: RealUserName); } + /* reset to default value */ + SevenBitInput = save_sevenbitinput; + /* now parse ESMTP arguments */ e->e_msgsize = 0; addr = p; @@ -3003,7 +3054,7 @@ smtp_data(smtp, e) e->e_flags |= EF_NL_NOT_EOL; #endif /* _FFR_ADAPTIVE_EOL */ - collect(InChannel, true, NULL, e); + collect(InChannel, true, NULL, e, true); /* redefine message size */ (void) sm_snprintf(buf, sizeof buf, "%ld", e->e_msgsize); @@ -3962,7 +4013,7 @@ saslmechs(conn, mechlist) # if SASL >= 20000 result = sasl_listmech(conn, NULL, "", " ", "", (const char **) mechlist, - (unsigned int *)&len, (unsigned int *)&num); + (unsigned int *)&len, &num); # else /* SASL >= 20000 */ result = sasl_listmech(conn, "user", /* XXX */ "", " ", "", mechlist, @@ -4314,3 +4365,84 @@ help(topic, e) (void) sm_io_close(hf, SM_TIME_DEFAULT); } + +#if SASL +/* +** RESET_SASLCONN -- reset SASL connection data +** +** Parameters: +** conn -- SASL connection context +** hostname -- host name +** various connection data +** +** Returns: +** SASL result +*/ + +static int +reset_saslconn(sasl_conn_t ** conn, char *hostname, +# if SASL >= 20000 + char *remoteip, char *localip, + char *auth_id, sasl_ssf_t * ext_ssf) +# else /* SASL >= 20000 */ + struct sockaddr_in * saddr_r, struct sockaddr_in * saddr_l, + sasl_external_properties_t * ext_ssf) +# endif /* SASL >= 20000 */ +{ + int result; + + sasl_dispose(conn); +# if SASL >= 20000 + result = sasl_server_new("smtp", hostname, NULL, NULL, NULL, + NULL, 0, conn); +# elif SASL > 10505 + /* use empty realm: only works in SASL > 1.5.5 */ + result = sasl_server_new("smtp", hostname, "", NULL, 0, conn); +# else /* SASL >= 20000 */ + /* use no realm -> realm is set to hostname by SASL lib */ + result = sasl_server_new("smtp", hostname, NULL, NULL, 0, + conn); +# endif /* SASL >= 20000 */ + if (result != SASL_OK) + return result; + +# if SASL >= 20000 +# if NETINET || NETINET6 + if (remoteip != NULL) + result = sasl_setprop(*conn, SASL_IPREMOTEPORT, remoteip); + if (result != SASL_OK) + return result; + + if (localip != NULL) + result = sasl_setprop(*conn, SASL_IPLOCALPORT, localip); + if (result != SASL_OK) + return result; +# endif /* NETINET || NETINET6 */ + + result = sasl_setprop(*conn, SASL_SSF_EXTERNAL, ext_ssf); + if (result != SASL_OK) + return result; + + result = sasl_setprop(*conn, SASL_AUTH_EXTERNAL, auth_id); + if (result != SASL_OK) + return result; +# else /* SASL >= 20000 */ +# if NETINET + if (saddr_r != NULL) + result = sasl_setprop(*conn, SASL_IP_REMOTE, saddr_r); + if (result != SASL_OK) + return result; + + if (saddr_l != NULL) + result = sasl_setprop(*conn, SASL_IP_LOCAL, saddr_l); + if (result != SASL_OK) + return result; +# endif /* NETINET */ + + result = sasl_setprop(*conn, SASL_SSF_EXTERNAL, ext_ssf); + if (result != SASL_OK) + return result; +# endif /* SASL >= 20000 */ + return SASL_OK; +} +#endif /* SASL */ diff --git a/gnu/usr.sbin/sendmail/sendmail/stab.c b/gnu/usr.sbin/sendmail/sendmail/stab.c index 753d34f179c..24f1ec97fc8 100644 --- a/gnu/usr.sbin/sendmail/sendmail/stab.c +++ b/gnu/usr.sbin/sendmail/sendmail/stab.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2001 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2001, 2003 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -13,7 +13,7 @@ #include <sendmail.h> -SM_RCSID("@(#)$Sendmail: stab.c,v 8.86 2001/12/29 04:27:56 ca Exp $") +SM_RCSID("@(#)$Sendmail: stab.c,v 8.86.4.1 2003/03/31 17:44:24 ca Exp $") /* ** STAB -- manage the symbol table @@ -279,7 +279,7 @@ queueup_macros(class, qfp, e) if (s->s_symtype == ST_CLASS && bitnset(bitidx(class), s->s_class) && - (m = macid(s->s_name)) != '\0' && + (m = macid(s->s_name)) != 0 && (p = macvalue(m, e)) != NULL) { (void) sm_io_fprintf(qfp, SM_TIME_DEFAULT, diff --git a/gnu/usr.sbin/sendmail/sendmail/udb.c b/gnu/usr.sbin/sendmail/sendmail/udb.c index 3a491cf8da0..9951de76c80 100644 --- a/gnu/usr.sbin/sendmail/sendmail/udb.c +++ b/gnu/usr.sbin/sendmail/sendmail/udb.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2001 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -14,9 +14,9 @@ #include <sendmail.h> #if USERDB -SM_RCSID("@(#)$Sendmail: udb.c,v 8.153.4.4 2002/12/03 17:57:41 gshapiro Exp $ (with USERDB)") +SM_RCSID("@(#)$Sendmail: udb.c,v 8.153.4.5 2003/04/03 16:31:00 ca Exp $ (with USERDB)") #else /* USERDB */ -SM_RCSID("@(#)$Sendmail: udb.c,v 8.153.4.4 2002/12/03 17:57:41 gshapiro Exp $ (without USERDB)") +SM_RCSID("@(#)$Sendmail: udb.c,v 8.153.4.5 2003/04/03 16:31:00 ca Exp $ (without USERDB)") #endif /* USERDB */ #if USERDB @@ -176,7 +176,7 @@ udbexpand(a, sendq, aliaslevel, e) keylen = sm_strlcpyn(keybuf, sizeof keybuf, 2, user, ":maildrop"); /* if name is too long, assume it won't match */ - if (keylen > sizeof keybuf) + if (keylen >= sizeof keybuf) return EX_OK; /* build actual database key */ diff --git a/gnu/usr.sbin/sendmail/sendmail/usersmtp.c b/gnu/usr.sbin/sendmail/sendmail/usersmtp.c index 0da2e29e3a0..f0754d11a49 100644 --- a/gnu/usr.sbin/sendmail/sendmail/usersmtp.c +++ b/gnu/usr.sbin/sendmail/sendmail/usersmtp.c @@ -13,7 +13,7 @@ #include <sendmail.h> -SM_RCSID("@(#)$Sendmail: usersmtp.c,v 8.437.2.9 2003/03/15 23:57:52 gshapiro Exp $") +SM_RCSID("@(#)$Sendmail: usersmtp.c,v 8.437.2.10 2003/05/05 23:51:47 ca Exp $") #include <sysexits.h> @@ -1088,7 +1088,7 @@ getsecret(conn, context, id, psecret) len + 1); if (*psecret == NULL) return SASL_FAIL; - (void) sm_strlcpy((*psecret)->data, authpass, len + 1); + (void) sm_strlcpy((char *) (*psecret)->data, authpass, len + 1); (*psecret)->len = (unsigned long) len; return SASL_OK; } diff --git a/gnu/usr.sbin/sendmail/sendmail/util.c b/gnu/usr.sbin/sendmail/sendmail/util.c index 5f1eea8434e..e008f08adb5 100644 --- a/gnu/usr.sbin/sendmail/sendmail/util.c +++ b/gnu/usr.sbin/sendmail/sendmail/util.c @@ -13,7 +13,7 @@ #include <sendmail.h> -SM_RCSID("@(#)$Sendmail: util.c,v 8.363.2.5 2002/12/12 22:50:41 ca Exp $") +SM_RCSID("@(#)$Sendmail: util.c,v 8.363.2.7 2003/06/02 03:25:39 gshapiro Exp $") #include <sysexits.h> #include <sm/xtrap.h> @@ -390,7 +390,7 @@ truncate_at_delim(str, len, delim) *p = '\0'; if (p - str + 4 < len) { - *p++ = ':'; + *p++ = (char) delim; *p = '\0'; (void) sm_strlcat(str, "...", len); return; @@ -2414,7 +2414,7 @@ str2prt(s) ** false -- otherwise */ -int +bool path_is_dir(pathname, createflag) char *pathname; bool createflag; diff --git a/gnu/usr.sbin/sendmail/sendmail/version.c b/gnu/usr.sbin/sendmail/sendmail/version.c index 0158287138f..c0c5725c2ca 100644 --- a/gnu/usr.sbin/sendmail/sendmail/version.c +++ b/gnu/usr.sbin/sendmail/sendmail/version.c @@ -13,6 +13,6 @@ #include <sm/gen.h> -SM_RCSID("@(#)$Sendmail: version.c,v 8.104.2.15 2003/03/19 21:19:53 ca Exp $") +SM_RCSID("@(#)$Sendmail: version.c,v 8.104.2.22 2003/09/16 20:02:04 ca Exp $") -char Version[] = "8.12.9"; +char Version[] = "8.12.10"; diff --git a/gnu/usr.sbin/sendmail/smrsh/README b/gnu/usr.sbin/sendmail/smrsh/README index 687360aad38..ffcc502584d 100644 --- a/gnu/usr.sbin/sendmail/smrsh/README +++ b/gnu/usr.sbin/sendmail/smrsh/README @@ -44,7 +44,17 @@ With gcc, the GNU C compiler, use the -static option. or host.domain% sh Build LDOPTS=-static - +The following C defines can be set defined to change the search path and +the bin directory used by smrsh. + +-DSMRSH_PATH=\"path\" \"/bin:/usr/bin:/usr/ucb\" The default search + path. +-DSMRSH_CMDDIR=\"dir\" \"/usr/adm/sm.bin\" The default smrsh + program directory + +These can be added to the devtools/Site/site.config.m4 file using the +global M4 macro confENVDEF or the smrsh specific M4 macro +conf_smrsh_ENVDEF. As root, install smrsh in /usr/libexec. Using the Build script: @@ -153,4 +163,4 @@ a typical system follows: host.domain# /usr/sbin/sendmail -bd -q30m -$Revision: 1.4 $, Last updated $Date: 2001/09/11 19:02:50 $ +$Revision: 1.5 $, Last updated $Date: 2003/09/17 17:31:41 $ diff --git a/gnu/usr.sbin/sendmail/smrsh/smrsh.8 b/gnu/usr.sbin/sendmail/smrsh/smrsh.8 index 66692452316..03a0c861eaf 100644 --- a/gnu/usr.sbin/sendmail/smrsh/smrsh.8 +++ b/gnu/usr.sbin/sendmail/smrsh/smrsh.8 @@ -9,9 +9,9 @@ .\" the sendmail distribution. .\" .\" -.\" $Sendmail: smrsh.8,v 8.15 2001/01/24 00:40:47 gshapiro Exp $ +.\" $Sendmail: smrsh.8,v 8.16.2.1 2003/07/08 01:33:03 gshapiro Exp $ .\" -.Dd April 25, 2002 +.Dd July 8, 2003 .Dt SMRSH 8 .Os .Sh NAME @@ -78,7 +78,7 @@ and .Dq && to enable commands like: .Bd -literal -compact -offset "XXXX" -.Qq "|exec /usr/local/bin/procmail -f- /etc/procmailrcs/user || exit 75" +.Qq "|exec /usr/local/bin/filter || exit 75" .Ed .Pp Initial pathnames on programs are stripped, @@ -93,9 +93,8 @@ all actually forward to .Pp System administrators should be conservative about populating the sm.bin directory. -Reasonable additions are -.Xr vacation 1 , -.Xr procmail , +For example, a reasonable additions is +.Xr vacation 1 and the like. No matter how brow-beaten you may be, never include any shell or shell-like program @@ -109,6 +108,12 @@ in the sm.bin directory (using the .Dq #! syntax); it simply disallows execution of arbitrary programs. +Also, including mail filtering programs such as +.Xr procmail +is a very bad idea. +.Xr procmail +allows users to run arbitrary programs in their +.Xr procmailrc . .Sh FILES .Bl -tag -width "/usr/libexec/sm.bin" -compact .It Pa /usr/libexec/sm.bin |