diff options
author | Todd C. Miller <millert@cvs.openbsd.org> | 2003-03-03 17:31:22 +0000 |
---|---|---|
committer | Todd C. Miller <millert@cvs.openbsd.org> | 2003-03-03 17:31:22 +0000 |
commit | dc9271ef25cd6e99b906bf6dd0fe8c409f1d00a1 (patch) | |
tree | 55ceab9d585a4a3a926b75bcdbd5e2d91f4516ad | |
parent | 1c14bbece4acb7de845ae05d715c064642e58509 (diff) |
Update to Sendmail 8.12.8; fixes a buffer overflow in the envelope
comments processing which may allow an attacker to gain root privileges.
30 files changed, 405 insertions, 229 deletions
diff --git a/gnu/usr.sbin/sendmail/RELEASE_NOTES b/gnu/usr.sbin/sendmail/RELEASE_NOTES index f648286c2bc..5010b02f024 100644 --- a/gnu/usr.sbin/sendmail/RELEASE_NOTES +++ b/gnu/usr.sbin/sendmail/RELEASE_NOTES @@ -1,11 +1,31 @@ SENDMAIL RELEASE NOTES - $Sendmail: RELEASE_NOTES,v 8.1340.2.100 2002/12/28 19:47:00 ca Exp $ + $Sendmail: RELEASE_NOTES,v 8.1340.2.113 2003/02/11 19:17:41 gshapiro Exp $ This listing shows the version of the sendmail binary, the version of the sendmail configuration files, the date of release, and a summary of the changes in that release. +8.12.8/8.12.8 2003/02/11 + SECURITY: Fix a remote buffer overflow in header parsing by + dropping sender and recipient header comments if the + comments are too long. Problem noted by Mark Dowd + of ISS X-Force. + Fix a potential non-exploitable buffer overflow in parsing the + .cf queue settings and potential buffer underflow in + parsing ident responses. Problem noted by Yichen Xie of + Stanford University Compilation Group. + Fix ETRN #queuegroup command: actually start a queue run for + the selected queue group. Problem noted by Jos Vos. + If MaxMimeHeaderLength is set and a malformed MIME header is fixed, + log the fixup as "Fixed MIME header" instead of "Truncated + MIME header". Problem noted by Ian J Hart. + CONFIG: Fix regression bug in proto.m4 that caused a bogus + error message: "FEATURE() should be before MAILER()". + MAIL.LOCAL: Be more explicit in some error cases, i.e., whether + a mailbox has more than one link or whether it is not + a regular file. Patch from John Beck of Sun Microsystems. + 8.12.7/8.12.7 2002/12/29 Properly clean up macros to avoid persistence of session data across various connections. This could cause session @@ -60,7 +80,7 @@ summary of the changes in that release. If -f "" is specified, set the sender address to "<>". Problem noted by Matthias Andree. Fix formatting problem of footnotes for plain text output on some - versions of tmac. Patch from Per Hedeland of Ericsson. + versions of tmac. Patch from Per Hedeland. Portability: Berkeley DB 4.1 support (requires at least 4.1.25). Some getopt(3) implementations in GNU/Linux are broken diff --git a/gnu/usr.sbin/sendmail/cf/README b/gnu/usr.sbin/sendmail/cf/README index 384539bf027..f2ef6cfc964 100644 --- a/gnu/usr.sbin/sendmail/cf/README +++ b/gnu/usr.sbin/sendmail/cf/README @@ -630,8 +630,8 @@ procmail An interface to procmail (does not come with sendmail). ! -oi -f $1 person@other.host This would arrange for (anything)@host.com to be sent - to person@other.host. Within the procmail script, $1 is - the name of the sender and $2 is the name of the recipient. + to person@other.host. In a procmail script, $1 is the + name of the sender and $2 is the name of the recipient. If you use this with FEATURE(`local_procmail'), the FEATURE should be listed first. @@ -1256,7 +1256,13 @@ dnsbl Turns on rejection of hosts found in an DNS based rejection define(`DNSBL_MAP', `dns -R A') before the first use of this feature. Alternatively you - can use enhdnsbl instead (see below). + can use enhdnsbl instead (see below). Moreover, this + statement can be used to reduce the number of DNS retries, + e.g., + + define(`DNSBL_MAP', `dns -R A -r2') + + See below (EDNSBL_TO) for an explanation. NOTE: The default DNS blacklist, blackholes.mail-abuse.org, is a service offered by the Mail Abuse Prevention System @@ -1285,7 +1291,13 @@ enhdnsbl Enhanced version of dnsbl (see above). Further arguments has been compiled with the flag DNSMAP (see sendmail/README). Set the EDNSBL_TO mc option to change the DNS retry count - from the default value of 5. + from the default value of 5, this can be very useful when + a DNS server is not responding, which in turn may cause + clients to time out (an entry stating + + did not issue MAIL/EXPN/VRFY/ETRN + + will be logged). lookupdotdomain Look up also .domain in the access map. This allows to match only subdomains. It does not work well with @@ -2975,7 +2987,10 @@ by the ruleset authinfo or by the option DefaultAuthInfo. The authinfo ruleset looks up {server_name} using the tag AuthInfo: in the access map. If no entry is found, {server_addr} is looked up in the same way and finally just the tag AuthInfo: to provide -default values. +default values. Note: searches for domain parts or IP nets are +only performed if the access map is used; if the authinfo feature +is used then only up to three lookups are performed (two exact +matches, one default). Notice: the default configuration file causes the option DefaultAuthInfo to fail since the ruleset authinfo is in the .cf file. If you really @@ -2997,9 +3012,9 @@ Valid values for the tag are: Example entries are: AuthInfo:other.dom "U:user" "I:user" "P:secret" "R:other.dom" "M:DIGEST-MD5" -AuthInfo:more.dom "U:user" "P=c2VjcmV0" +AuthInfo:host.more.dom "U:user" "P=c2VjcmV0" -User or authentication id must exist as well as the password. All +User id or authentication id must exist as well as the password. All other entries have default values. If one of user or authentication id is missing, the existing value is used for the missing item. If "R:" is not specified, realm defaults to $j. The list of mechanisms @@ -4360,4 +4375,4 @@ M4 DIVERSIONS 8 DNS based blacklists 9 special local rulesets (1 and 2) -$Revision: 1.16 $, Last updated $Date: 2003/01/01 19:59:19 $ +$Revision: 1.17 $, Last updated $Date: 2003/03/03 17:31:20 $ diff --git a/gnu/usr.sbin/sendmail/cf/m4/proto.m4 b/gnu/usr.sbin/sendmail/cf/m4/proto.m4 index 9ce4228853b..807852f6007 100644 --- a/gnu/usr.sbin/sendmail/cf/m4/proto.m4 +++ b/gnu/usr.sbin/sendmail/cf/m4/proto.m4 @@ -13,7 +13,7 @@ divert(-1) # divert(0) -VERSIONID(`$Sendmail: proto.m4,v 8.649.2.13 2002/12/04 00:12:18 ca Exp $') +VERSIONID(`$Sendmail: proto.m4,v 8.649.2.14 2002/12/30 15:46:02 ca Exp $') # level CF_LEVEL config file format V`'CF_LEVEL/ifdef(`VENDOR_NAME', `VENDOR_NAME', `Berkeley') diff --git a/gnu/usr.sbin/sendmail/cf/m4/version.m4 b/gnu/usr.sbin/sendmail/cf/m4/version.m4 index 151be608f71..b2e7a043613 100644 --- a/gnu/usr.sbin/sendmail/cf/m4/version.m4 +++ b/gnu/usr.sbin/sendmail/cf/m4/version.m4 @@ -1,6 +1,6 @@ divert(-1) # -# Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. +# Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. # All rights reserved. # Copyright (c) 1983 Eric P. Allman. All rights reserved. # Copyright (c) 1988, 1993 @@ -11,8 +11,8 @@ divert(-1) # the sendmail distribution. # # -VERSIONID(`$Sendmail: version.m4,v 8.92.2.11 2002/12/28 19:45:55 ca Exp $') +VERSIONID(`$Sendmail: version.m4,v 8.92.2.14 2003/01/15 17:55:43 ca Exp $') # divert(0) # Configuration version number -DZ8.12.7`'ifdef(`confCF_VERSION', `/confCF_VERSION') +DZ8.12.8`'ifdef(`confCF_VERSION', `/confCF_VERSION') diff --git a/gnu/usr.sbin/sendmail/doc/op/op.me b/gnu/usr.sbin/sendmail/doc/op/op.me index 188f4f3162a..44a5f590f82 100644 --- a/gnu/usr.sbin/sendmail/doc/op/op.me +++ b/gnu/usr.sbin/sendmail/doc/op/op.me @@ -1,4 +1,4 @@ -.\" Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. +.\" Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. .\" All rights reserved. .\" Copyright (c) 1983, 1995 Eric P. Allman. All rights reserved. .\" Copyright (c) 1983, 1993 @@ -9,7 +9,7 @@ .\" the sendmail distribution. .\" .\" -.\" $Sendmail: op.me,v 8.609.2.17 2002/12/18 22:50:15 ca Exp $ +.\" $Sendmail: op.me,v 8.609.2.20 2003/01/15 19:17:16 ca Exp $ .\" .\" eqn op.me | pic | troff -me .\" @@ -90,7 +90,7 @@ Sendmail, Inc. .de Ve Version \\$2 .. -.Ve $Revision: 1.16 $ +.Ve $Revision: 1.17 $ .rm Ve .sp For Sendmail Version 8.12 @@ -6819,6 +6819,10 @@ Note that the last mode, .q e , is for Berknet error processing and should not be used in normal circumstances. +Note, too, that mode +.q q , +only applies to errors recognized before sendmail forks for +background delivery. .ip FallbackMXhost=\fIfallbackhost\fP [V] If specified, the @@ -6880,9 +6884,6 @@ If no file name is specified, "helpfile" is used. [c] If an outgoing mailer is marked as being expensive, don't connect immediately. -This requires that queueing be compiled in, -since it will depend on a queue run process to -actually send the mail. .ip HostsFile=\fIpath\fP [no short name] The path to the hosts database, @@ -10754,7 +10755,7 @@ replace it with a blank sheet for double-sided output. .\".sz 10 .\"Eric Allman .\".sp -.\"Version $Revision: 1.16 $ +.\"Version $Revision: 1.17 $ .\".ce 0 .bp 3 .ce diff --git a/gnu/usr.sbin/sendmail/libmilter/comm.c b/gnu/usr.sbin/sendmail/libmilter/comm.c index d73541e91ec..be3d76e18f1 100644 --- a/gnu/usr.sbin/sendmail/libmilter/comm.c +++ b/gnu/usr.sbin/sendmail/libmilter/comm.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1999-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * * By using this file, you agree to the terms and conditions set @@ -9,16 +9,11 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Sendmail: comm.c,v 8.54.2.4 2002/12/03 17:32:45 ca Exp $") +SM_RCSID("@(#)$Sendmail: comm.c,v 8.54.2.6 2003/01/03 22:14:40 ca Exp $") #include "libmilter.h" #include <sm/errstring.h> -#define FD_Z FD_ZERO(&readset); \ - FD_SET((unsigned int) sd, &readset); \ - FD_ZERO(&excset); \ - FD_SET((unsigned int) sd, &excset) - /* ** MI_RD_CMD -- read a command ** @@ -46,7 +41,7 @@ mi_rd_cmd(sd, timeout, cmd, rlen, name) ssize_t len; mi_int32 expl; ssize_t i; - fd_set readset, excset; + FD_RD_VAR(rds, excs); int ret; int save_errno; char *buf; @@ -58,8 +53,8 @@ mi_rd_cmd(sd, timeout, cmd, rlen, name) i = 0; for (;;) { - FD_Z; - ret = select(sd + 1, &readset, NULL, &excset, timeout); + FD_RD_INIT(sd, rds, excs); + ret = FD_RD_READY(sd, rds, excs, timeout); if (ret == 0) break; else if (ret < 0) @@ -68,7 +63,7 @@ mi_rd_cmd(sd, timeout, cmd, rlen, name) continue; break; } - if (FD_ISSET(sd, &excset)) + if (FD_IS_RD_EXC(sd, rds, excs)) { *cmd = SMFIC_SELECT; return NULL; @@ -131,8 +126,8 @@ mi_rd_cmd(sd, timeout, cmd, rlen, name) i = 0; for (;;) { - FD_Z; - ret = select(sd + 1, &readset, NULL, &excset, timeout); + FD_RD_INIT(sd, rds, excs); + ret = FD_RD_READY(sd, rds, excs, timeout); if (ret == 0) break; else if (ret < 0) @@ -141,7 +136,7 @@ mi_rd_cmd(sd, timeout, cmd, rlen, name) continue; break; } - if (FD_ISSET(sd, &excset)) + if (FD_IS_RD_EXC(sd, rds, excs)) { *cmd = SMFIC_SELECT; free(buf); @@ -223,9 +218,8 @@ mi_rd_cmd(sd, timeout, cmd, rlen, name) #define MI_WR(data) \ while (sl > 0) \ { \ - FD_ZERO(&wrtset); \ - FD_SET((unsigned int) sd, &wrtset); \ - ret = select(sd + 1, NULL, &wrtset, NULL, timeout); \ + FD_WR_INIT(sd, wrs); \ + ret = FD_WR_READY(sd, wrs, timeout); \ if (ret == 0) \ return MI_FAILURE; \ if (ret < 0) \ @@ -259,7 +253,7 @@ mi_wr_cmd(sd, timeout, cmd, buf, len) ssize_t l; mi_int32 nl; int ret; - fd_set wrtset; + FD_WR_VAR(wrs); char data[MILTER_LEN_BYTES + 1]; if (len > MILTER_CHUNK_SIZE) diff --git a/gnu/usr.sbin/sendmail/libmilter/docs/smfi_setreply.html b/gnu/usr.sbin/sendmail/libmilter/docs/smfi_setreply.html index 29cbbf8dff3..73852f21c4d 100644 --- a/gnu/usr.sbin/sendmail/libmilter/docs/smfi_setreply.html +++ b/gnu/usr.sbin/sendmail/libmilter/docs/smfi_setreply.html @@ -23,7 +23,8 @@ Set the default SMTP error reply code. <table border="1" cellspacing=1 cellpadding=4> <tr align="left" valign=top> <th width="80">Called When</th> -<td>smfi_setreply may be called from any of the xxfi_ callbacks.</td> +<td>smfi_setreply may be called from any of the xxfi_ callbacks +other than xxfi_connect.</td> </tr> <tr align="left" valign=top> <th width="80">Effects</th> diff --git a/gnu/usr.sbin/sendmail/libmilter/handler.c b/gnu/usr.sbin/sendmail/libmilter/handler.c index edb666603d4..7592781b02e 100644 --- a/gnu/usr.sbin/sendmail/libmilter/handler.c +++ b/gnu/usr.sbin/sendmail/libmilter/handler.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1999-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * * By using this file, you agree to the terms and conditions set @@ -9,7 +9,7 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Sendmail: handler.c,v 8.30.2.2 2002/12/18 23:15:35 ca Exp $") +SM_RCSID("@(#)$Sendmail: handler.c,v 8.30.2.4 2003/01/23 22:28:36 ca Exp $") #include "libmilter.h" diff --git a/gnu/usr.sbin/sendmail/libmilter/libmilter.h b/gnu/usr.sbin/sendmail/libmilter/libmilter.h index 4696d0e56e1..b6eccad6264 100644 --- a/gnu/usr.sbin/sendmail/libmilter/libmilter.h +++ b/gnu/usr.sbin/sendmail/libmilter/libmilter.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1999-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * * By using this file, you agree to the terms and conditions set @@ -19,7 +19,7 @@ #ifdef _DEFINE # define EXTERN # define INIT(x) = x -SM_IDSTR(MilterlId, "@(#)$Sendmail: libmilter.h,v 8.33.2.7 2002/12/18 23:15:35 ca Exp $") +SM_IDSTR(MilterlId, "@(#)$Sendmail: libmilter.h,v 8.33.2.9 2003/01/03 22:14:40 ca Exp $") #else /* _DEFINE */ # define EXTERN extern # define INIT(x) @@ -49,6 +49,72 @@ typedef pthread_mutex_t smutex_t; # define smutex_unlock(mp) (pthread_mutex_unlock(mp) == 0) # define smutex_trylock(mp) (pthread_mutex_trylock(mp) == 0) +#if _FFR_USE_POLL + +# include <poll.h> +# define MI_POLLSELECT "poll" + +# define MI_POLL_RD_FLAGS (POLLIN | POLLPRI) +# define MI_POLL_WR_FLAGS (POLLOUT) +# define MI_MS(timeout) (((timeout)->tv_sec * 1000) + (timeout)->tv_usec) + +# define FD_RD_VAR(rds, excs) struct pollfd rds +# define FD_WR_VAR(wrs) struct pollfd wrs + +# define FD_RD_INIT(sd, rds, excs) \ + (rds).fd = (sd); \ + (rds).events = MI_POLL_RD_FLAGS; \ + (rds).revents = 0 + +# define FD_WR_INIT(sd, wrs) \ + (wrs).fd = (sd); \ + (wrs).events = MI_POLL_WR_FLAGS; \ + (wrs).revents = 0 + +# define FD_IS_RD_EXC(sd, rds, excs) \ + (((rds).revents & (POLLERR | POLLHUP | POLLNVAL)) != 0) + +# define FD_IS_WR_RDY(sd, wrs) \ + (((wrs).revents & MI_POLL_WR_FLAGS) != 0) + +# define FD_IS_RD_RDY(sd, rds, excs) \ + (((rds).revents & MI_POLL_RD_FLAGS) != 0) + +# define FD_WR_READY(sd, excs, timeout) \ + poll(&(wrs), 1, MI_MS(timeout)) + +# define FD_RD_READY(sd, rds, excs, timeout) \ + poll(&(rds), 1, MI_MS(timeout)) + +#else /* _FFR_USE_POLL */ + +# include <sm/fdset.h> +# define MI_POLLSELECT "select" + +# define FD_RD_VAR(rds, excs) fd_set rds, excs +# define FD_WR_VAR(wrs) fd_set wrs + +# define FD_RD_INIT(sd, rds, excs) \ + FD_ZERO(&(rds)); \ + FD_SET((unsigned int) (sd), &(rds)); \ + FD_ZERO(&(excs)); \ + FD_SET((unsigned int) (sd), &(excs)) + +# define FD_WR_INIT(sd, wrs) \ + FD_ZERO(&(wrs)); \ + FD_SET((unsigned int) (sd), &(wrs)); \ + +# define FD_IS_RD_EXC(sd, rds, excs) FD_ISSET(sd, &(excs)) +# define FD_IS_WR_RDY(sd, wrs) FD_ISSET((sd), &(wrs)) +# define FD_IS_RD_RDY(sd, rds, excs) FD_ISSET((sd), &(rds)) + +# define FD_WR_READY(sd, wrs, timeout) \ + select((sd) + 1, NULL, &(wrs), NULL, (timeout)) +# define FD_RD_READY(sd, rds, excs, timeout) \ + select((sd) + 1, &(rds), NULL, &(excs), (timeout)) + +#endif /* _FFR_USE_POLL */ + #include <sys/time.h> /* version info */ diff --git a/gnu/usr.sbin/sendmail/libmilter/listener.c b/gnu/usr.sbin/sendmail/libmilter/listener.c index 587148593e9..472e01718ad 100644 --- a/gnu/usr.sbin/sendmail/libmilter/listener.c +++ b/gnu/usr.sbin/sendmail/libmilter/listener.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1999-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * * By using this file, you agree to the terms and conditions set @@ -9,7 +9,7 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Sendmail: listener.c,v 8.85.2.7 2002/12/10 04:02:25 ca Exp $") +SM_RCSID("@(#)$Sendmail: listener.c,v 8.85.2.9 2003/01/03 22:14:40 ca Exp $") /* ** listener.c -- threaded network listener @@ -17,7 +17,6 @@ SM_RCSID("@(#)$Sendmail: listener.c,v 8.85.2.7 2002/12/10 04:02:25 ca Exp $") #include "libmilter.h" #include <sm/errstring.h> -#include <sm/fdset.h> # if NETINET || NETINET6 @@ -74,6 +73,7 @@ mi_opensocket(conn, backlog, dbg, smfi) (void) smutex_unlock(&L_Mutex); return MI_FAILURE; } +#if !_FFR_USE_POLL if (!SM_FD_OK_SELECT(listenfd)) { smi_log(SMI_LOG_ERR, "%s: fd %d is larger than FD_SETSIZE %d", @@ -81,6 +81,7 @@ mi_opensocket(conn, backlog, dbg, smfi) (void) smutex_unlock(&L_Mutex); return MI_FAILURE; } +#endif /* !_FFR_USE_POLL */ return MI_SUCCESS; } @@ -669,7 +670,7 @@ mi_listener(conn, dbg, smfi, timeout, backlog) _SOCK_ADDR cliaddr; SOCKADDR_LEN_T clilen; SMFICTX_PTR ctx; - fd_set readset, excset; + FD_RD_VAR(rds, excs); struct timeval chktime; if (mi_opensocket(conn, backlog, dbg, smfi) == MI_FAILURE) @@ -687,13 +688,10 @@ mi_listener(conn, dbg, smfi, timeout, backlog) } /* select on interface ports */ - FD_ZERO(&readset); - FD_ZERO(&excset); - FD_SET((unsigned int) listenfd, &readset); - FD_SET((unsigned int) listenfd, &excset); + FD_RD_INIT(listenfd, rds, excs); chktime.tv_sec = MI_CHK_TIME; chktime.tv_usec = 0; - r = select(listenfd + 1, &readset, NULL, &excset, &chktime); + r = FD_RD_READY(listenfd, rds, excs, &chktime); if (r == 0) /* timeout */ { (void) smutex_unlock(&L_Mutex); @@ -718,14 +716,14 @@ mi_listener(conn, dbg, smfi, timeout, backlog) } continue; } - if (!FD_ISSET(listenfd, &readset)) + if (!FD_IS_RD_RDY(listenfd, rds, excs)) { /* some error: just stop for now... */ ret = MI_FAILURE; (void) smutex_unlock(&L_Mutex); smi_log(SMI_LOG_ERR, - "%s: select() returned exception for socket, abort", - smfi->xxfi_name); + "%s: %s() returned exception for socket, abort", + smfi->xxfi_name, MI_POLLSELECT); break; } scnt = 0; /* reset error counter for select() */ @@ -754,6 +752,7 @@ mi_listener(conn, dbg, smfi, timeout, backlog) save_errno = EINVAL; } +#if !_FFR_USE_POLL /* check if acceptable for select() */ if (ValidSocket(connfd) && !SM_FD_OK_SELECT(connfd)) { @@ -761,6 +760,7 @@ mi_listener(conn, dbg, smfi, timeout, backlog) connfd = INVALID_SOCKET; save_errno = ERANGE; } +#endif /* !_FFR_USE_POLL */ if (!ValidSocket(connfd)) { diff --git a/gnu/usr.sbin/sendmail/libmilter/main.c b/gnu/usr.sbin/sendmail/libmilter/main.c index 3b2d7285c1c..08930ef888a 100644 --- a/gnu/usr.sbin/sendmail/libmilter/main.c +++ b/gnu/usr.sbin/sendmail/libmilter/main.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1999-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * * By using this file, you agree to the terms and conditions set @@ -9,7 +9,7 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Sendmail: main.c,v 8.64.2.8 2002/12/18 23:13:45 ca Exp $") +SM_RCSID("@(#)$Sendmail: main.c,v 8.64.2.10 2003/01/23 22:34:24 ca Exp $") #define _DEFINE 1 #include "libmilter.h" diff --git a/gnu/usr.sbin/sendmail/libsm/stdio.c b/gnu/usr.sbin/sendmail/libsm/stdio.c index a4ed839b283..c81440ba801 100644 --- a/gnu/usr.sbin/sendmail/libsm/stdio.c +++ b/gnu/usr.sbin/sendmail/libsm/stdio.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 2000-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1990, 1993 * The Regents of the University of California. All rights reserved. @@ -13,7 +13,7 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Sendmail: stdio.c,v 1.56.2.3 2002/10/22 23:07:19 ca Exp $") +SM_RCSID("@(#)$Sendmail: stdio.c,v 1.56.2.10 2003/01/10 23:07:17 ca Exp $") #include <unistd.h> #include <errno.h> #include <fcntl.h> diff --git a/gnu/usr.sbin/sendmail/libsmdb/smdb2.c b/gnu/usr.sbin/sendmail/libsmdb/smdb2.c index 23a897caff5..34e9a748aa7 100644 --- a/gnu/usr.sbin/sendmail/libsmdb/smdb2.c +++ b/gnu/usr.sbin/sendmail/libsmdb/smdb2.c @@ -1,5 +1,5 @@ /* -** Copyright (c) 1999-2002 Sendmail, Inc. and its suppliers. +** Copyright (c) 1999-2003 Sendmail, Inc. and its suppliers. ** All rights reserved. ** ** By using this file, you agree to the terms and conditions set @@ -8,7 +8,7 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Sendmail: smdb2.c,v 8.72.2.4 2002/12/03 17:01:15 ca Exp $") +SM_RCSID("@(#)$Sendmail: smdb2.c,v 8.72.2.6 2003/01/23 22:21:39 ca Exp $") #include <fcntl.h> #include <stdlib.h> diff --git a/gnu/usr.sbin/sendmail/mail.local/mail.local.c b/gnu/usr.sbin/sendmail/mail.local/mail.local.c index 0a9c4cf2c3b..fec1199b7e5 100644 --- a/gnu/usr.sbin/sendmail/mail.local/mail.local.c +++ b/gnu/usr.sbin/sendmail/mail.local/mail.local.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1990, 1993, 1994 * The Regents of the University of California. All rights reserved. @@ -18,7 +18,7 @@ SM_IDSTR(copyright, Copyright (c) 1990, 1993, 1994\n\ The Regents of the University of California. All rights reserved.\n") -SM_IDSTR(id, "@(#)$Sendmail: mail.local.c,v 8.239.2.2 2002/09/24 02:09:09 ca Exp $") +SM_IDSTR(id, "@(#)$Sendmail: mail.local.c,v 8.239.2.4 2003/01/15 19:17:15 ca Exp $") #include <stdlib.h> #include <sm/errstring.h> @@ -1038,7 +1038,12 @@ tryagain: mbfd = -1; } } - else if (sb.st_nlink != 1 || !S_ISREG(sb.st_mode)) + else if (sb.st_nlink != 1) + { + mailerr("550 5.2.0", "%s: too many links", path); + goto err0; + } + else if (!S_ISREG(sb.st_mode)) { mailerr("550 5.2.0", "%s: irregular file", path); goto err0; diff --git a/gnu/usr.sbin/sendmail/sendmail/README b/gnu/usr.sbin/sendmail/sendmail/README index 2031eff03b8..bd12890b8d3 100644 --- a/gnu/usr.sbin/sendmail/sendmail/README +++ b/gnu/usr.sbin/sendmail/sendmail/README @@ -1,4 +1,4 @@ -# Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. +# Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. # All rights reserved. # Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. # Copyright (c) 1988 @@ -9,7 +9,7 @@ # the sendmail distribution. # # -# $Sendmail: README,v 8.355.2.11 2002/12/18 17:15:46 ca Exp $ +# $Sendmail: README,v 8.355.2.13 2003/01/15 19:17:15 ca Exp $ # This directory contains the source files for sendmail(TM). @@ -291,7 +291,8 @@ SM_CONF_GETOPT Define this as 0 if you need a reimplementation of getopt(3). On some systems, getopt does very odd things if called to scan the arguments twice. This flag will ask sendmail to compile in a local version of getopt that works - properly. + properly. You may also need this if you build with + another library that introduces a non-standard getopt(3). NEEDSTRTOL Define this if your standard C library does not define strtol(3). This will compile in a local version. NEEDFSYNC Define this if your standard C library does not define @@ -1793,4 +1794,4 @@ util.c Some general purpose routines used by sendmail. version.c The version number and information about this version of sendmail. -(Version $Revision: 1.15 $, last update $Date: 2003/01/01 19:59:22 $ ) +(Version $Revision: 1.16 $, last update $Date: 2003/03/03 17:31:21 $ ) diff --git a/gnu/usr.sbin/sendmail/sendmail/TUNING b/gnu/usr.sbin/sendmail/sendmail/TUNING index 3cc009ec903..10ec8d2cc0b 100644 --- a/gnu/usr.sbin/sendmail/sendmail/TUNING +++ b/gnu/usr.sbin/sendmail/sendmail/TUNING @@ -1,11 +1,11 @@ -# Copyright (c) 2001-2002 Sendmail, Inc. and its suppliers. +# Copyright (c) 2001-2003 Sendmail, Inc. and its suppliers. # All rights reserved. # # By using this file, you agree to the terms and conditions set # forth in the LICENSE file which can be found at the top level of # the sendmail distribution. # -# $Sendmail: TUNING,v 1.18 2002/03/03 03:38:21 ca Exp $ +# $Sendmail: TUNING,v 1.18.4.1 2003/02/07 18:19:51 ca Exp $ # ******************************************** @@ -159,7 +159,6 @@ QUEUE_GROUP(`one', `P=/var/spool/mqueue/one, F=f, r=50, R=3')dnl QUEUE_GROUP(`two', `P=/var/spool/mqueue/two, F=f, r=30, R=4')dnl QUEUE_GROUP(`remote', `P=/var/spool/mqueue/remote, F=f, r=5, R=8, I=2m')dnl define(`ESMTP_MAILER_QGRP', `remote')dnl -define(`confSPLIT_ACROSS_QUEUEGROUPS', `True')dnl define(`confDELIVERY_MODE', `q')dnl define(`confMAX_QUEUE_CHILDREN', `50')dnl define(`confMIN_QUEUE_AGE', `27m')dnl diff --git a/gnu/usr.sbin/sendmail/sendmail/conf.c b/gnu/usr.sbin/sendmail/sendmail/conf.c index 3f82b955e48..cbd5c8e60c4 100644 --- a/gnu/usr.sbin/sendmail/sendmail/conf.c +++ b/gnu/usr.sbin/sendmail/sendmail/conf.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -13,7 +13,7 @@ #include <sendmail.h> -SM_RCSID("@(#)$Sendmail: conf.c,v 8.972.2.25 2002/12/12 21:19:29 ca Exp $") +SM_RCSID("@(#)$Sendmail: conf.c,v 8.972.2.27 2003/01/15 19:17:14 ca Exp $") #include <sendmail/pathnames.h> diff --git a/gnu/usr.sbin/sendmail/sendmail/daemon.c b/gnu/usr.sbin/sendmail/sendmail/daemon.c index 84262310520..7c958c5a6ae 100644 --- a/gnu/usr.sbin/sendmail/sendmail/daemon.c +++ b/gnu/usr.sbin/sendmail/sendmail/daemon.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -13,7 +13,7 @@ #include <sendmail.h> -SM_RCSID("@(#)$Sendmail: daemon.c,v 8.613.2.11 2002/12/05 16:13:52 ca Exp $") +SM_RCSID("@(#)$Sendmail: daemon.c,v 8.613.2.14 2003/02/11 17:17:22 ca Exp $") #if defined(SOCK_STREAM) || defined(__GNU_LIBRARY__) # define USE_SOCK_STREAM 1 @@ -3518,7 +3518,7 @@ getauthinfo(fd, may_be_forged) if (i < 0 || p == &ibuf[0]) goto noident; - if (*--p == '\n' && *--p == '\r') + if (p >= &ibuf[2] && *--p == '\n' && *--p == '\r') p--; *++p = '\0'; diff --git a/gnu/usr.sbin/sendmail/sendmail/deliver.c b/gnu/usr.sbin/sendmail/sendmail/deliver.c index 27c7c7ffb2f..58c2ed9c420 100644 --- a/gnu/usr.sbin/sendmail/sendmail/deliver.c +++ b/gnu/usr.sbin/sendmail/sendmail/deliver.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -14,7 +14,7 @@ #include <sendmail.h> #include <sys/time.h> -SM_RCSID("@(#)$Sendmail: deliver.c,v 8.940.2.10 2002/12/12 22:46:34 ca Exp $") +SM_RCSID("@(#)$Sendmail: deliver.c,v 8.940.2.15 2003/02/07 17:57:43 ca Exp $") #if HASSETUSERCONTEXT # include <login_cap.h> @@ -6124,8 +6124,8 @@ ssl_retry: if (LogLevel > 5) { sm_syslog(LOG_ERR, e->e_id, - "STARTTLS=client, error: connect failed=%d, SSL_error=%d, timedout=%d", - result, i, (int) timedout); + "STARTTLS=client, error: connect failed=%d, SSL_error=%d, timedout=%d, errno=%d", + result, i, (int) timedout, errno); if (LogLevel > 8) tlslogerr("client"); } diff --git a/gnu/usr.sbin/sendmail/sendmail/domain.c b/gnu/usr.sbin/sendmail/sendmail/domain.c index c604535de1d..8dfe8a2f1b6 100644 --- a/gnu/usr.sbin/sendmail/sendmail/domain.c +++ b/gnu/usr.sbin/sendmail/sendmail/domain.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1986, 1995-1997 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -14,9 +14,9 @@ #include <sendmail.h> #if NAMED_BIND -SM_RCSID("@(#)$Sendmail: domain.c,v 8.181.2.1 2002/06/27 16:55:04 ca Exp $ (with name server)") +SM_RCSID("@(#)$Sendmail: domain.c,v 8.181.2.6 2003/01/15 19:17:15 ca Exp $ (with name server)") #else /* NAMED_BIND */ -SM_RCSID("@(#)$Sendmail: domain.c,v 8.181.2.1 2002/06/27 16:55:04 ca Exp $ (without name server)") +SM_RCSID("@(#)$Sendmail: domain.c,v 8.181.2.6 2003/01/15 19:17:15 ca Exp $ (without name server)") #endif /* NAMED_BIND */ #if NAMED_BIND diff --git a/gnu/usr.sbin/sendmail/sendmail/headers.c b/gnu/usr.sbin/sendmail/sendmail/headers.c index 2c021ed696e..f70d80f9362 100644 --- a/gnu/usr.sbin/sendmail/sendmail/headers.c +++ b/gnu/usr.sbin/sendmail/sendmail/headers.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2001 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -13,9 +13,9 @@ #include <sendmail.h> -SM_RCSID("@(#)$Sendmail: headers.c,v 8.266.4.2 2002/09/23 23:42:02 ca Exp $") +SM_RCSID("@(#)$Sendmail: headers.c,v 8.266.4.4 2003/01/18 00:41:48 gshapiro Exp $") -static size_t fix_mime_header __P((char *)); +static size_t fix_mime_header __P((HDR *, ENVELOPE *)); static int priencode __P((char *)); static void put_vanilla_header __P((HDR *, char *, MCI *)); @@ -676,8 +676,8 @@ eatheader(e, full, log) if (buf[0] != '\0') { if (bitset(H_FROM, h->h_flags)) - expand(crackaddr(buf), buf, sizeof buf, - e); + expand(crackaddr(buf, e), + buf, sizeof buf, e); h->h_value = sm_rpool_strdup_x(e->e_rpool, buf); h->h_flags &= ~H_DEFAULT; } @@ -998,7 +998,11 @@ priencode(p) ** it and replaces it with "$g". The parse is totally ad hoc ** and isn't even guaranteed to leave something syntactically ** identical to what it started with. However, it does leave -** something semantically identical. +** something semantically identical if possible, else at least +** syntactically correct. +** +** For example, it changes "Real Name <real@example.com> (Comment)" +** to "Real Name <$g> (Comment)". ** ** This algorithm has been cleaned up to handle a wider range ** of cases -- notably quoted and backslash escaped strings. @@ -1007,6 +1011,7 @@ priencode(p) ** ** Parameters: ** addr -- the address to be cracked. +** e -- the current envelope. ** ** Returns: ** a pointer to the new version. @@ -1019,28 +1024,50 @@ priencode(p) ** be copied if it is to be reused. */ +#define SM_HAVE_ROOM ((bp < buflim) && (buflim <= bufend)) + +/* +** Append a character to bp if we have room. +** If not, punt and return $g. +*/ + +#define SM_APPEND_CHAR(c) \ + do \ + { \ + if (SM_HAVE_ROOM) \ + *bp++ = (c); \ + else \ + goto returng; \ + } while (0) + +#if MAXNAME < 10 +ERROR MAXNAME must be at least 10 +#endif /* MAXNAME < 10 */ + char * -crackaddr(addr) +crackaddr(addr, e) register char *addr; + ENVELOPE *e; { register char *p; register char c; - int cmtlev; - int realcmtlev; - int anglelev, realanglelev; - int copylev; - int bracklev; - bool qmode; - bool realqmode; - bool skipping; - bool putgmac = false; - bool quoteit = false; - bool gotangle = false; - bool gotcolon = false; + int cmtlev; /* comment level in input string */ + int realcmtlev; /* comment level in output string */ + int anglelev; /* angle level in input string */ + int copylev; /* 0 == in address, >0 copying */ + int bracklev; /* bracket level for IPv6 addr check */ + bool addangle; /* put closing angle in output */ + bool qmode; /* quoting in original string? */ + bool realqmode; /* quoting in output string? */ + bool putgmac = false; /* already wrote $g */ + bool quoteit = false; /* need to quote next character */ + bool gotangle = false; /* found first '<' */ + bool gotcolon = false; /* found a ':' */ register char *bp; char *buflim; char *bufhead; char *addrhead; + char *bufend; static char buf[MAXNAME + 1]; if (tTd(33, 1)) @@ -1055,25 +1082,22 @@ crackaddr(addr) ** adjusted later if we find them. */ + buflim = bufend = &buf[sizeof(buf) - 1]; bp = bufhead = buf; - buflim = &buf[sizeof buf - 7]; p = addrhead = addr; - copylev = anglelev = realanglelev = cmtlev = realcmtlev = 0; + copylev = anglelev = cmtlev = realcmtlev = 0; bracklev = 0; - qmode = realqmode = false; + qmode = realqmode = addangle = false; while ((c = *p++) != '\0') { /* - ** If the buffer is overful, go into a special "skipping" - ** mode that tries to keep legal syntax but doesn't actually - ** output things. + ** Try to keep legal syntax using spare buffer space + ** (maintained by buflim). */ - skipping = bp >= buflim; - - if (copylev > 0 && !skipping) - *bp++ = c; + if (copylev > 0) + SM_APPEND_CHAR(c); /* check for backslash escapes */ if (c == '\\') @@ -1088,8 +1112,8 @@ crackaddr(addr) p--; goto putg; } - if (copylev > 0 && !skipping) - *bp++ = c; + if (copylev > 0) + SM_APPEND_CHAR(c); goto putg; } @@ -1097,8 +1121,14 @@ crackaddr(addr) if (c == '"' && cmtlev <= 0) { qmode = !qmode; - if (copylev > 0 && !skipping) + if (copylev > 0 && SM_HAVE_ROOM) + { + if (realqmode) + buflim--; + else + buflim++; realqmode = !realqmode; + } continue; } if (qmode) @@ -1110,15 +1140,15 @@ crackaddr(addr) cmtlev++; /* allow space for closing paren */ - if (!skipping) + if (SM_HAVE_ROOM) { buflim--; realcmtlev++; if (copylev++ <= 0) { if (bp != bufhead) - *bp++ = ' '; - *bp++ = c; + SM_APPEND_CHAR(' '); + SM_APPEND_CHAR(c); } } } @@ -1128,7 +1158,7 @@ crackaddr(addr) { cmtlev--; copylev--; - if (!skipping) + if (SM_HAVE_ROOM) { realcmtlev--; buflim++; @@ -1139,7 +1169,7 @@ crackaddr(addr) else if (c == ')') { /* syntax error: unmatched ) */ - if (copylev > 0 && !skipping) + if (copylev > 0 && SM_HAVE_ROOM) bp--; } @@ -1157,7 +1187,7 @@ crackaddr(addr) /* ** Check for DECnet phase IV ``::'' (host::user) - ** or ** DECnet phase V ``:.'' syntaxes. The latter + ** or DECnet phase V ``:.'' syntaxes. The latter ** covers ``user@DEC:.tay.myhost'' and ** ``DEC:.tay.myhost::user'' syntaxes (bletch). */ @@ -1166,10 +1196,10 @@ crackaddr(addr) { if (cmtlev <= 0 && !qmode) quoteit = true; - if (copylev > 0 && !skipping) + if (copylev > 0) { - *bp++ = c; - *bp++ = *p; + SM_APPEND_CHAR(c); + SM_APPEND_CHAR(*p); } p++; goto putg; @@ -1180,41 +1210,43 @@ crackaddr(addr) bp = bufhead; if (quoteit) { - *bp++ = '"'; + SM_APPEND_CHAR('"'); /* back up over the ':' and any spaces */ --p; - while (isascii(*--p) && isspace(*p)) + while (p > addr && + isascii(*--p) && isspace(*p)) continue; p++; } for (q = addrhead; q < p; ) { c = *q++; - if (bp < buflim) + if (quoteit && c == '"') { - if (quoteit && c == '"') - *bp++ = '\\'; - *bp++ = c; + SM_APPEND_CHAR('\\'); + SM_APPEND_CHAR(c); } + else + SM_APPEND_CHAR(c); } if (quoteit) { if (bp == &bufhead[1]) bp--; else - *bp++ = '"'; + SM_APPEND_CHAR('"'); while ((c = *p++) != ':') - { - if (bp < buflim) - *bp++ = c; - } - *bp++ = c; + SM_APPEND_CHAR(c); + SM_APPEND_CHAR(c); } /* any trailing white space is part of group: */ - while (isascii(*p) && isspace(*p) && bp < buflim) - *bp++ = *p++; + while (isascii(*p) && isspace(*p)) + { + SM_APPEND_CHAR(*p); + p++; + } copylev = 0; putgmac = quoteit = false; bufhead = bp; @@ -1223,10 +1255,7 @@ crackaddr(addr) } if (c == ';' && copylev <= 0 && !ColonOkInAddr) - { - if (bp < buflim) - *bp++ = c; - } + SM_APPEND_CHAR(c); /* check for characters that may have to be quoted */ if (strchr(MustQuoteChars, c) != NULL) @@ -1254,42 +1283,45 @@ crackaddr(addr) /* oops -- have to change our mind */ anglelev = 1; - if (!skipping) - realanglelev = 1; + if (SM_HAVE_ROOM) + { + if (!addangle) + buflim--; + addangle = true; + } bp = bufhead; if (quoteit) { - *bp++ = '"'; + SM_APPEND_CHAR('"'); /* back up over the '<' and any spaces */ --p; - while (isascii(*--p) && isspace(*p)) + while (p > addr && + isascii(*--p) && isspace(*p)) continue; p++; } for (q = addrhead; q < p; ) { c = *q++; - if (bp < buflim) + if (quoteit && c == '"') { - if (quoteit && c == '"') - *bp++ = '\\'; - *bp++ = c; + SM_APPEND_CHAR('\\'); + SM_APPEND_CHAR(c); } + else + SM_APPEND_CHAR(c); } if (quoteit) { if (bp == &buf[1]) bp--; else - *bp++ = '"'; + SM_APPEND_CHAR('"'); while ((c = *p++) != '<') - { - if (bp < buflim) - *bp++ = c; - } - *bp++ = c; + SM_APPEND_CHAR(c); + SM_APPEND_CHAR(c); } copylev = 0; putgmac = quoteit = false; @@ -1301,13 +1333,14 @@ crackaddr(addr) if (anglelev > 0) { anglelev--; - if (!skipping) + if (SM_HAVE_ROOM) { - realanglelev--; - buflim++; + if (addangle) + buflim++; + addangle = false; } } - else if (!skipping) + else if (SM_HAVE_ROOM) { /* syntax error: unmatched > */ if (copylev > 0) @@ -1316,7 +1349,7 @@ crackaddr(addr) continue; } if (copylev++ <= 0) - *bp++ = c; + SM_APPEND_CHAR(c); continue; } @@ -1324,30 +1357,42 @@ crackaddr(addr) putg: if (copylev <= 0 && !putgmac) { - if (bp > bufhead && bp[-1] == ')') - *bp++ = ' '; - *bp++ = MACROEXPAND; - *bp++ = 'g'; + if (bp > buf && bp[-1] == ')') + SM_APPEND_CHAR(' '); + SM_APPEND_CHAR(MACROEXPAND); + SM_APPEND_CHAR('g'); putgmac = true; } } /* repair any syntactic damage */ - if (realqmode) + if (realqmode && bp < bufend) *bp++ = '"'; - while (realcmtlev-- > 0) + while (realcmtlev-- > 0 && bp < bufend) *bp++ = ')'; - while (realanglelev-- > 0) + if (addangle && bp < bufend) *bp++ = '>'; - *bp++ = '\0'; - + *bp = '\0'; + if (bp < bufend) + goto success; + + returng: + /* String too long, punt */ + buf[0] = '<'; + buf[1] = MACROEXPAND; + buf[2]= 'g'; + buf[3] = '>'; + buf[4]= '\0'; + sm_syslog(LOG_ALERT, e->e_id, + "Dropped invalid comments from header address"); + + success: if (tTd(33, 1)) { sm_dprintf("crackaddr=>`"); xputs(buf); sm_dprintf("'\n"); } - return buf; } /* @@ -1412,7 +1457,7 @@ putheader(mci, hdr, e, flags) { size_t len; - len = fix_mime_header(h->h_value); + len = fix_mime_header(h, e); if (len > 0) { sm_syslog(LOG_ALERT, e->e_id, @@ -1455,13 +1500,28 @@ putheader(mci, hdr, e, flags) if (shorten_rfc822_string(h->h_value, MaxMimeHeaderLength)) { - sm_syslog(LOG_ALERT, e->e_id, - "Truncated long MIME %s header (length = %ld) (possible attack)", - h->h_field, (unsigned long) len); - if (tTd(34, 11)) - sm_dprintf(" truncated long MIME %s header (length = %ld) (possible attack)\n", - h->h_field, - (unsigned long) len); + if (len < MaxMimeHeaderLength) + { + /* we only rebalanced a bogus header */ + sm_syslog(LOG_ALERT, e->e_id, + "Fixed MIME %s header (possible attack)", + h->h_field); + if (tTd(34, 11)) + sm_dprintf(" fixed MIME %s header (possible attack)\n", + h->h_field); + } + else + { + /* we actually shortened header */ + sm_syslog(LOG_ALERT, e->e_id, + "Truncated long MIME %s header (length = %ld) (possible attack)", + h->h_field, + (unsigned long) len); + if (tTd(34, 11)) + sm_dprintf(" truncated long MIME %s header (length = %ld) (possible attack)\n", + h->h_field, + (unsigned long) len); + } } } @@ -1856,7 +1916,8 @@ copyheader(header, rpool) ** to MaxMimeFieldLength. ** ** Parameters: -** string -- the full header +** h -- the header to truncate/rebalance +** e -- the current envelope ** ** Returns: ** length of last offending field, 0 if all ok. @@ -1866,15 +1927,16 @@ copyheader(header, rpool) */ static size_t -fix_mime_header(string) - char *string; +fix_mime_header(h, e) + HDR *h; + ENVELOPE *e; { - char *begin = string; + char *begin = h->h_value; char *end; size_t len = 0; size_t retlen = 0; - if (string == NULL || *string == '\0') + if (begin == NULL || *begin == '\0') return 0; /* Split on each ';' */ @@ -1889,7 +1951,23 @@ fix_mime_header(string) /* Shorten individual parameter */ if (shorten_rfc822_string(begin, MaxMimeFieldLength)) - retlen = len; + { + if (len < MaxMimeFieldLength) + { + /* we only rebalanced a bogus field */ + sm_syslog(LOG_ALERT, e->e_id, + "Fixed MIME %s header field (possible attack)", + h->h_field); + if (tTd(34, 11)) + sm_dprintf(" fixed MIME %s header field (possible attack)\n", + h->h_field); + } + else + { + /* we actually shortened the header */ + retlen = len; + } + } /* Collapse the possibly shortened string with rest */ bp = begin + strlen(begin); diff --git a/gnu/usr.sbin/sendmail/sendmail/main.c b/gnu/usr.sbin/sendmail/sendmail/main.c index a6c69cbe167..67d8c647573 100644 --- a/gnu/usr.sbin/sendmail/sendmail/main.c +++ b/gnu/usr.sbin/sendmail/sendmail/main.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -25,7 +25,7 @@ SM_UNUSED(static char copyright[]) = The Regents of the University of California. All rights reserved.\n"; #endif /* ! lint */ -SM_RCSID("@(#)$Sendmail: main.c,v 8.887.2.12 2002/12/05 17:38:44 ca Exp $") +SM_RCSID("@(#)$Sendmail: main.c,v 8.887.2.20 2003/02/07 17:57:44 ca Exp $") #if NETINET || NETINET6 @@ -77,7 +77,7 @@ static SIGFUNC_DECL sigusr1 __P((int)); ** UCB/Mammoth Project (10/89 - 7/95). ** InReference, Inc. (8/95 - 1/97). ** Sendmail, Inc. (1/98 - present). -** The support of the my employers is gratefully acknowledged. +** The support of my employers is gratefully acknowledged. ** Few of them (Britton-Lee in particular) have had ** anything to gain from my involvement in this project. ** @@ -4241,7 +4241,7 @@ testmodeline(line, e) "Usage: /parse address\n"); return; } - q = crackaddr(p); + q = crackaddr(p, e); (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, "Cracked address = "); xputs(q); diff --git a/gnu/usr.sbin/sendmail/sendmail/mci.c b/gnu/usr.sbin/sendmail/sendmail/mci.c index 028825fc1d5..399fb0c1cfa 100644 --- a/gnu/usr.sbin/sendmail/sendmail/mci.c +++ b/gnu/usr.sbin/sendmail/sendmail/mci.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1995-1997 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -13,7 +13,7 @@ #include <sendmail.h> -SM_RCSID("@(#)$Sendmail: mci.c,v 8.205.2.2 2002/11/26 19:15:19 gshapiro Exp $") +SM_RCSID("@(#)$Sendmail: mci.c,v 8.205.2.3 2003/01/07 03:56:19 ca Exp $") #if NETINET || NETINET6 # include <arpa/inet.h> @@ -1244,10 +1244,8 @@ mci_print_persistent(pathname, hostname) locked ? '*' : ' ', hostname, pintvl(curtime() - mcib.mci_lastuse, true)); if (mcib.mci_rstatus != NULL) - { (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, "%.*s\n", width, mcib.mci_rstatus); - } else if (mcib.mci_exitstat == EX_TEMPFAIL && mcib.mci_errno != 0) (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, "Deferred: %.*s\n", width - 10, diff --git a/gnu/usr.sbin/sendmail/sendmail/milter.c b/gnu/usr.sbin/sendmail/sendmail/milter.c index 2138cb4a7ec..1faf3360cb4 100644 --- a/gnu/usr.sbin/sendmail/sendmail/milter.c +++ b/gnu/usr.sbin/sendmail/sendmail/milter.c @@ -10,7 +10,7 @@ #include <sendmail.h> -SM_RCSID("@(#)$Sendmail: milter.c,v 8.197.2.5 2002/11/11 23:22:28 ca Exp $") +SM_RCSID("@(#)$Sendmail: milter.c,v 8.197.2.6 2002/12/30 05:54:00 ca Exp $") #if MILTER # include <libmilter/mfapi.h> diff --git a/gnu/usr.sbin/sendmail/sendmail/parseaddr.c b/gnu/usr.sbin/sendmail/sendmail/parseaddr.c index c04666c95aa..08eade8ea0b 100644 --- a/gnu/usr.sbin/sendmail/sendmail/parseaddr.c +++ b/gnu/usr.sbin/sendmail/sendmail/parseaddr.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -13,7 +13,7 @@ #include <sendmail.h> -SM_RCSID("@(#)$Sendmail: parseaddr.c,v 8.359.2.3 2002/09/26 23:03:39 gshapiro Exp $") +SM_RCSID("@(#)$Sendmail: parseaddr.c,v 8.359.2.4 2003/01/18 00:41:48 gshapiro Exp $") static void allocaddr __P((ADDRESS *, int, char *, ENVELOPE *)); static int callsubr __P((char**, int, ENVELOPE *)); @@ -2509,7 +2509,7 @@ remotename(name, m, flags, pstat, e) if (bitset(RF_CANONICAL, flags) || bitnset(M_NOCOMMENT, m->m_flags)) fancy = "\201g"; else - fancy = crackaddr(name); + fancy = crackaddr(name, e); /* ** Turn the name into canonical form. diff --git a/gnu/usr.sbin/sendmail/sendmail/queue.c b/gnu/usr.sbin/sendmail/sendmail/queue.c index d5631473363..8fb32ec7c93 100644 --- a/gnu/usr.sbin/sendmail/sendmail/queue.c +++ b/gnu/usr.sbin/sendmail/sendmail/queue.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -13,14 +13,10 @@ #include <sendmail.h> -SM_RCSID("@(#)$Sendmail: queue.c,v 8.863.2.22 2002/12/19 18:00:39 ca Exp $") +SM_RCSID("@(#)$Sendmail: queue.c,v 8.863.2.28 2003/02/11 17:17:22 ca Exp $") #include <dirent.h> -#if SM_CONF_SHM -# include <sm/shm.h> -#endif /* SM_CONF_SHM */ - # define RELEASE_QUEUE (void) 0 # define ST_INODE(st) (st).st_ino @@ -77,7 +73,7 @@ static int NumWorkGroups; /* number of work groups */ ** Notice: DoQueueRun is modified in a signal handler! */ -static bool volatile DoQueueRun; /* non-interrupt time queue run needed */ +static bool volatile DoQueueRun; /* non-interrupt time queue run needed */ /* ** Work group definition structure. @@ -1691,7 +1687,7 @@ runner_work(e, sequenceno, didfork, skip, njobs) w->w_name + 2); (void) dowork(w->w_qgrp, w->w_qdir, w->w_name + 2, - ForkQueueRuns , false, e); + ForkQueueRuns, false, e); errno = 0; } sm_free(w->w_name); /* XXX */ @@ -3446,7 +3442,6 @@ dowork(qgrp, qdir, id, forkflag, requeueflag, e) ** handler for child process. */ - /* Reset global flags */ RestartRequest = NULL; RestartWorkGroup = false; @@ -3633,7 +3628,6 @@ doworklist(el, forkflag, requeueflag) ** handler for child process. */ - /* Reset global flags */ RestartRequest = NULL; RestartWorkGroup = false; @@ -6722,10 +6716,12 @@ setup_queues(owner) hashval = 0; errno = 0; len = sm_strlcpy(basedir, QueueDir, sizeof basedir); - if (len >= sizeof basedir) + + /* Provide space for trailing '/' */ + if (len >= sizeof basedir - 1) { syserr("QueueDirectory: path too long: %d, max %d", - len, (int) sizeof basedir); + len, (int) sizeof basedir - 1); ExitStat = EX_CONFIG; return; } diff --git a/gnu/usr.sbin/sendmail/sendmail/sendmail.h b/gnu/usr.sbin/sendmail/sendmail/sendmail.h index 2b15237dae0..2fdf879f67d 100644 --- a/gnu/usr.sbin/sendmail/sendmail/sendmail.h +++ b/gnu/usr.sbin/sendmail/sendmail/sendmail.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -48,7 +48,7 @@ #ifdef _DEFINE # ifndef lint -SM_UNUSED(static char SmailId[]) = "@(#)$Sendmail: sendmail.h,v 8.919.2.15 2002/12/12 22:46:35 ca Exp $"; +SM_UNUSED(static char SmailId[]) = "@(#)$Sendmail: sendmail.h,v 8.919.2.16 2003/01/18 00:41:50 gshapiro Exp $"; # endif /* ! lint */ #endif /* _DEFINE */ @@ -325,7 +325,7 @@ extern ADDRESS NullAddress; /* a null (template) address [main.c] */ /* functions */ extern void cataddr __P((char **, char **, char *, int, int)); -extern char *crackaddr __P((char *)); +extern char *crackaddr __P((char *, ENVELOPE *)); extern bool emptyaddr __P((ADDRESS *)); extern ADDRESS *getctladdr __P((ADDRESS *)); extern int include __P((char *, bool, ADDRESS *, ADDRESS **, int, ENVELOPE *)); diff --git a/gnu/usr.sbin/sendmail/sendmail/srvrsmtp.c b/gnu/usr.sbin/sendmail/sendmail/srvrsmtp.c index 51ba5a562d9..7bbb1eb887e 100644 --- a/gnu/usr.sbin/sendmail/sendmail/srvrsmtp.c +++ b/gnu/usr.sbin/sendmail/sendmail/srvrsmtp.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -16,7 +16,7 @@ # include <libmilter/mfdef.h> #endif /* MILTER */ -SM_RCSID("@(#)$Sendmail: srvrsmtp.c,v 8.829.2.17 2002/12/09 16:46:18 ca Exp $") +SM_RCSID("@(#)$Sendmail: srvrsmtp.c,v 8.829.2.21 2003/01/15 19:17:14 ca Exp $") #if SASL || STARTTLS # include <sys/time.h> @@ -1635,8 +1635,8 @@ smtp(nullserver, d_flags, e) if (LogLevel > 5) { sm_syslog(LOG_WARNING, NOQID, - "STARTTLS=server, error: accept failed=%d, SSL_error=%d, timedout=%d", - r, i, (int) timedout); + "STARTTLS=server, error: accept failed=%d, SSL_error=%d, timedout=%d, errno=%d", + r, i, (int) timedout, errno); if (LogLevel > 8) tlslogerr("server"); } @@ -2717,17 +2717,22 @@ tlsfail: id = p; if (*id == '#') { - int wgrp; + int i, qgrp; id++; - wgrp = name2qid(id); - if (!ISVALIDQGRP(wgrp)) + qgrp = name2qid(id); + if (!ISVALIDQGRP(qgrp)) { usrerr("459 4.5.4 Queue %s unknown", id); break; } - ok = run_work_group(wgrp, RWG_FORK|RWG_RUNALL); + for (i = 0; i < NumQueue && Queue[i] != NULL; + i++) + Queue[i]->qg_nextrun = (time_t) -1; + Queue[qgrp]->qg_nextrun = 0; + ok = run_work_group(Queue[qgrp]->qg_wgrp, + RWG_FORK|RWG_FORCE); if (ok && Errors == 0) message("250 2.0.0 Queuing for queue group %s started", id); break; diff --git a/gnu/usr.sbin/sendmail/sendmail/tls.c b/gnu/usr.sbin/sendmail/sendmail/tls.c index 244c99d155a..d2143916096 100644 --- a/gnu/usr.sbin/sendmail/sendmail/tls.c +++ b/gnu/usr.sbin/sendmail/sendmail/tls.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 2000-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * * By using this file, you agree to the terms and conditions set @@ -10,7 +10,7 @@ #include <sendmail.h> -SM_RCSID("@(#)$Sendmail: tls.c,v 8.79.4.1 2002/09/03 17:31:45 gshapiro Exp $") +SM_RCSID("@(#)$Sendmail: tls.c,v 8.79.4.2 2003/01/23 23:16:24 ca Exp $") #if STARTTLS # include <openssl/err.h> @@ -19,9 +19,6 @@ SM_RCSID("@(#)$Sendmail: tls.c,v 8.79.4.1 2002/09/03 17:31:45 gshapiro Exp $") # ifndef HASURANDOMDEV # include <openssl/rand.h> # endif /* ! HASURANDOMDEV */ -# if SM_CONF_SHM -# include <sm/shm.h> -# endif /* SM_CONF_SHM */ # if !TLS_NO_RSA static RSA *rsa_tmp = NULL; /* temporary RSA key */ static RSA *tmp_rsa_key __P((SSL *, int, int)); diff --git a/gnu/usr.sbin/sendmail/sendmail/version.c b/gnu/usr.sbin/sendmail/sendmail/version.c index 63b0174c581..c3705e3ff12 100644 --- a/gnu/usr.sbin/sendmail/sendmail/version.c +++ b/gnu/usr.sbin/sendmail/sendmail/version.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1983 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -13,6 +13,6 @@ #include <sm/gen.h> -SM_RCSID("@(#)$Sendmail: version.c,v 8.104.2.11 2002/12/28 19:45:53 ca Exp $") +SM_RCSID("@(#)$Sendmail: version.c,v 8.104.2.14 2003/01/15 17:55:43 ca Exp $") -char Version[] = "8.12.7"; +char Version[] = "8.12.8"; |