diff options
author | peter <peter@FreeBSD.org> | 1997-01-27 07:37:00 +0000 |
---|---|---|
committer | peter <peter@FreeBSD.org> | 1997-01-27 07:37:00 +0000 |
commit | 3efbf7c64e59a4a6bfd252adb275ea2e3898a230 (patch) | |
tree | d5538aee1713db9e2847875d5dd06e54bbd2bb22 /usr.sbin/sendmail | |
parent | 442be6986b1b00d2b54b829891641b2fd9541741 (diff) | |
parent | 134f8fd9fc36c24fc03822a8eb5c47c0f825117a (diff) | |
download | FreeBSD-src-3efbf7c64e59a4a6bfd252adb275ea2e3898a230.zip FreeBSD-src-3efbf7c64e59a4a6bfd252adb275ea2e3898a230.tar.gz |
This commit was generated by cvs2svn to compensate for changes in r22028,
which included commits to RCS files with non-trunk default branches.
Diffstat (limited to 'usr.sbin/sendmail')
-rw-r--r-- | usr.sbin/sendmail/RELEASE_NOTES | 148 | ||||
-rw-r--r-- | usr.sbin/sendmail/cf/README | 26 | ||||
-rw-r--r-- | usr.sbin/sendmail/cf/m4/cfhead.m4 | 19 | ||||
-rw-r--r-- | usr.sbin/sendmail/cf/m4/proto.m4 | 43 | ||||
-rw-r--r-- | usr.sbin/sendmail/cf/m4/version.m4 | 4 | ||||
-rw-r--r-- | usr.sbin/sendmail/cf/ostype/powerux.m4 | 46 | ||||
-rw-r--r-- | usr.sbin/sendmail/cf/ostype/sinix.m4 | 45 | ||||
-rw-r--r-- | usr.sbin/sendmail/doc/op/op.me | 31 | ||||
-rw-r--r-- | usr.sbin/sendmail/src/READ_ME | 29 | ||||
-rw-r--r-- | usr.sbin/sendmail/src/alias.c | 25 | ||||
-rw-r--r-- | usr.sbin/sendmail/src/clock.c | 10 | ||||
-rw-r--r-- | usr.sbin/sendmail/src/envelope.c | 16 | ||||
-rw-r--r-- | usr.sbin/sendmail/src/map.c | 5 | ||||
-rw-r--r-- | usr.sbin/sendmail/src/queue.c | 42 | ||||
-rw-r--r-- | usr.sbin/sendmail/src/version.c | 4 |
15 files changed, 399 insertions, 94 deletions
diff --git a/usr.sbin/sendmail/RELEASE_NOTES b/usr.sbin/sendmail/RELEASE_NOTES index 621cbcc..a935a73 100644 --- a/usr.sbin/sendmail/RELEASE_NOTES +++ b/usr.sbin/sendmail/RELEASE_NOTES @@ -1,11 +1,157 @@ SENDMAIL RELEASE NOTES - @(#)RELEASE_NOTES 8.8.4.4 (Berkeley) 12/2/96 + @(#)RELEASE_NOTES 8.8.5.3 (Berkeley) 1/21/97 This listing shows the version of the sendmail binary, the version of the sendmail configuration files, the date of release, and a summary of the changes in that release. +8.8.5/8.8.5 97/01/21 + SECURITY: Clear out group list during startup. Without this, sendmail + will continue to run with the group permissions of the caller, + even if RunAsUser is specified. + SECURITY: Make purgestat (-bH) be root-only. This is not in response + to any known attack, but it's best to be conservative. + Suggested by Peter Wemm of DIALix. + SECURITY: Fix buffer overrun problem in MIME code that has possible + security implications. Patch from Alex Garthwaite of the + University of Pennsylvania. + Use of a -f flag with a phrase attached (e.g., "-f 'Full Name <addr>'") + would truncate the address after "Full". Although the -f + syntax is incorrect (since it is in the envelope, it + shouldn't have comments and full names), the failure mode + was unnecessarily awful. + Fix a possible null pointer dereference when converting 8-bit data + to a 7-bit format. Problem noted by Jim Hutchins of + Sandia National Labs and David James of British Telecom. + Clear out stale state that affected F=9 on SMTP mailers in queue + runs. Although this really shouldn't be used (F=9 is for + final delivery only, and using it on an SMTP mailer makes + it possible for a message to be converted from 8->7->8->7 + bits several times), it shouldn't have failed with a syserr. + Problem noted by Eric Hagberg of Morgan Stanley. + _Really_ fix the multiple :maildrop code in the user database + module. Patch from Roy Mongiovi of Georgia Tech. + Let F lines in the configuration file actually read root-only + files if the configuration file is safe. Based on a + patch from Keith Reynolds of SCO. + ETRN followed by QUIT would hold the connection open until the queue + run completed. Problem noted by Truck Lewis of TDK + Semiconductor Corp. + It turns out that despite the documentation, the TCP wrappers library + does _not_ log rejected connections. Do the logging ourselves. + Problem noted by Fletcher Mattox of the University of Texas + at Austin. + If sendmail finds a qf file in its queue directory that is an unknown + version (e.g., when backing out to an old version), the + error is reported on every queue run. Change it to only + give the error once (and rename the qf => Qf). Patch from + William A. Gianopoulos of Raytheon Company. + Start a new session when doing background delivery; currently it + ignored signals but didn't start a new signal, that caused + some problems if a background process tried to send mail + under certain circumstances. Problem noted by Eric Hagberg + of Morgan Stanley; fix from Kari Hurtta. + Simplify test for skipping a queue run to just check if the current + load average is >= the queueing load average. Previously + the check factored in some other parameters that caused it + to essentially never skip the queue run. Patch from Bryan + Costales. + If the SMTP server is running in "nullserver" mode (that is, it is + rejecting all commands), start sleeping after MAXBADCOMMAND + (25) commands; this helps prevent a bad guy from putting + you into a tight loop as a denial-of-service attack. Based + on an e-mail conversation with Brad Knowles of AOL. + Slow down when too many "light weight" commands have been issued; + this helps prevent a class of denial-of-service attacks. + The current values and defaults are: + MAXNOOPCOMMANDS 20 NOOP, VERB, ONEX, XUSR + MAXHELOCOMMANDS 3 HELO, EHLO + MAXVRFYCOMMANDS 6 VRFY, EXPN + MAXETRNCOMMANDS 8 ETRN + These will probably be configurable in a future release. + On systems that have uid_t typedefed to be an unsigned short, programs + that had the F=S flag and no U= equate would be invoked with + the real uid set to 65535 rather than being left unchanged. + In some cases, NOTIFY=NEVER was not being honored. Problem noted + by Steve Hubert of the University of Washington, Seattle. + Mail that was Quoted-Printable encoded and had a soft line break on + the last line (i.e., an incomplete continuation) had the last + line dropped. Since this appears to be illegal it isn't + clear what to do with it, but flushing the last line seems + to be a better "fail soft" approach. Based on a patch from + Eric Hagberg. + If AllowBogusHELO and PrivacyOptions=needmailhelo are both set, a + bogus HELO command still causes the "Polite people say HELO + first" error message. Problem pointed out by Chris Thomas + of UCLA; patch from John Beck of SunSoft. + Handle "sendmail -bp -qSfoobar" properly if restrictqrun is set + in PrivacyFlags. The -q shouldn't turn this command off. + Problem noted by Murray Kucherawy of Pacific Bell Internet; + based on a patch from Gregory Neil Shapiro of WPI. + Don't consider SMTP reply codes 452 or 552 (exceeded storage allocation) + in a DATA transaction to be sticky; these can occur because + a message is too large, and smaller messages should still go + through. Problem noted by Matt Dillon of Best Internet + Communications. + In some cases bounces were saved in /var/tmp/dead.letter even if they + had been successfully delivered to the envelope sender. + Problem noted Eric Hagberg of Morgan Stanley; solution from + Gregory Neil Shapiro of WPI. + Give better diagnostics on long alias lines. Based on code contributed + by Patrick Gosling of the University of Cambridge. + Increase the number of virtual interfaces that will be probed for + alternate names. Problem noted by Gregory Neil Shapiro of + WPI. + PORTABILITY: + UXP/DS V20L10 for Fujitsu DS/90: Makefile patches from + Toshiaki Nomura of Fujitsu Limited. + SunOS with LDAP support: compile problems with struct timeval. + Patch from Nick Cuccia of TCSI Corporation. + SCO: from Keith Reynolds of SCO. + Solaris: kstat load average computation wasn't being used. + Fixes from Michael Ju. Tokarev of Telecom Service, JSC + (Moscow). + OpenBSD: from Jason Downs of teeny.org. + Altos System V: from Tim Rice. + Solaris 2.5: from Alan Perry of SunSoft. + Solaris 2.6: from John Beck of SunSoft. + Harris Nighthawk PowerUX (mh6000 box): from Bob Miorelli + of Pratt & Whitney <miorelli@pweh.com>. + CONFIG: It seems that I hadn't gotten the Received: line syntax + _just_right_ yet. Tweak it again. I'll omit the names + of the "contributors" (quantity two) in this one case. + As of now, NO MORE DISCUSSION about the syntax of the + Received: line. + CONFIG: Although FEATURE(nullclient) uses EXPOSED_USER (class $=E), + it never inserts that class into the output file. Fix it + so it will honor EXPOSED_USER but will _not_ include root + automatically in this class. Problem noted by Ronan KERYELL + of Centre de Recherche en Informatique de l'École Nationale + Supérieure des Mines de Paris (CRI-ENSMP). + CONFIG: Clean up handling of "local:" syntax in relay specifications + such as LUSER_RELAY. This change permits the following + syntaxes: ``local:'' will send to the same user on the + local machine (e.g., in a mailertable entry for "host", + ``local:'' will cause an address addressed to user@host to + go to user on the local machone). ``local:user'' will send + to the named user on the local machine. ``local:user@host'' + is equivalent to ``local:user'' (the host is ignored). In + all cases, the original user@host is passed in $@ (i.e., the + detail information). Inspired by a report from Michael Fuhr + of Dimensional Communications, L.L.C. + CONFIG: Strip quotes from the first word of an "error:" host + indication. This lets you set (for example) the LUSER_RELAY + to be ``error:\"5.1.1\" Your Message Here''. Note the use + of the \" so that the resulting string is properly quoted. + Problem noted by Gregory Neil Shapiro of WPI. + OP.ME: documentation was inconsistent about whether sendmail did a + NOOP or a RSET to probe the connection (it does a RSET). + Inconsistency noted by Deeran Peethamparam. + OP.ME: insert additional blank pages so it will print properly on + a duplex printer. From Matthew Black of Cal State University, + Long Beach. + 8.8.4/8.8.4 96/12/02 SECURITY: under some circumstances, an attacker could get additional permissions by hard linking to files that were group diff --git a/usr.sbin/sendmail/cf/README b/usr.sbin/sendmail/cf/README index d71ffd2..6ea2998 100644 --- a/usr.sbin/sendmail/cf/README +++ b/usr.sbin/sendmail/cf/README @@ -4,7 +4,7 @@ Eric Allman <eric@CS.Berkeley.EDU> - @(#)README 8.108 (Berkeley) 11/16/96 + @(#)README 8.111 (Berkeley) 1/16/97 This document describes the sendmail configuration files being used @@ -31,8 +31,10 @@ This package requires a post-V7 version of m4; if you are running the 4.2bsd, SysV.2, or 7th Edition version, I suggest finding a friend with a newer version. You can m4-expand on their system, then run locally. SunOS's /usr/5bin/m4 or BSD-Net/2's m4 both work. GNU m4 version 1.1 -also works. Unfortunately, I'm told that the M4 on BSDI 1.0 doesn't -work -- you'll have to use a Net/2 or GNU version. +or later also works. Unfortunately, I'm told that the M4 on BSDI 1.0 +doesn't work -- you'll have to use a Net/2 or GNU version. GNU m4 is +available from ftp://prep.ai.mit.edu/pub/gnu/m4-1.4.tar.gz (check for +the latest version). IF YOU DON'T HAVE A BERKELEY MAKE, don't despair! Just run "m4 ../m4/cf.m4 foo.mc > foo.cf" -- that should be all you need. @@ -305,9 +307,13 @@ POP_MAILER_ARGS [pop $u] The arguments passed to the POP mailer. PROCMAIL_MAILER_PATH [/usr/local/bin/procmail] The path to the procmail program. This is also used by FEATURE(local_procmail). PROCMAIL_MAILER_FLAGS [Shu] Flags added to Procmail mailer. Flags - ``DFMmn'' are always set. + ``DFMmn'' are always set. This is NOT used by + FEATURE(local_procmail); tweak LOCAL_MAILER_FLAGS + instead. PROCMAIL_MAILER_ARGS [procmail -m $h $f $u] The arguments passed to - the Procmail mailer. + the Procmail mailer. This is NOT used by + FEATURE(local_procmail); tweak LOCAL_MAILER_ARGS + instead. PROCMAIL_MAILER_MAX [undefined] If set, the maximum size message that will be accepted by the procmail mailer. MAIL11_MAILER_PATH [/usr/etc/mail11] The path to the mail11 mailer. @@ -694,7 +700,10 @@ local_procmail Use procmail as the local mailer. This mailer can normally the +indicator is just tossed, but by default it is passed as the -a argument to procmail. The argument to this feature is the pathname of procmail, - which defaults to PROCMAIL_MAILER_PATH. + which defaults to PROCMAIL_MAILER_PATH. Note that this + does NOT use PROCMAIL_MAILER_FLAGS or PROCMAIL_MAILER_ARGS + for the local mailer; tweak LOCAL_MAILER_FLAGS and + LOCAL_MAILER_ARGS instead. bestmx_is_local Accept mail as though locally addressed for any host that lists us as the best possible MX record. This generates @@ -1426,7 +1435,10 @@ confCF_VERSION $Z macro If defined, this is appended to the confFROM_HEADER From: [$?x$x <$g>$|$g$.] The format of an internally generated From: address. confRECEIVED_HEADER Received: - [.$?_($?s$|from $.$_) $.by $j ($v/$Z)$?r with $r$. id $i$?u for $u$.; $b] + [$?sfrom $s .$?_($?s$|from $.$_) + $.by $j ($v/$Z)$?r with $r$. id $i$?u + for $u$.; + $b] The format of the Received: header in messages passed through this host. It is unwise to try to change this. diff --git a/usr.sbin/sendmail/cf/m4/cfhead.m4 b/usr.sbin/sendmail/cf/m4/cfhead.m4 index 91d4b9a..6bef4c6 100644 --- a/usr.sbin/sendmail/cf/m4/cfhead.m4 +++ b/usr.sbin/sendmail/cf/m4/cfhead.m4 @@ -106,18 +106,18 @@ define(`SITE', `ifelse(CONCAT($'2`, $3), SU, CONCAT(C, $3, $'1`))') sinclude(_CF_DIR_`'siteconfig/$1.m4)') define(`EXPOSED_USER', `PUSHDIVERT(5)CE$1 -POPDIVERT`'dnl') +POPDIVERT`'dnl`'') define(`LOCAL_USER', `PUSHDIVERT(5)CL$1 -POPDIVERT`'dnl') +POPDIVERT`'dnl`'') define(`MASQUERADE_AS', `define(`MASQUERADE_NAME', $1)') define(`MASQUERADE_DOMAIN', `PUSHDIVERT(5)CM$1 -POPDIVERT`'dnl') +POPDIVERT`'dnl`'') define(`MASQUERADE_DOMAIN_FILE', `PUSHDIVERT(5)FM$1 -POPDIVERT`'dnl') +POPDIVERT`'dnl`'') define(`GENERICS_DOMAIN', `PUSHDIVERT(5)CG$1 -POPDIVERT`'dnl') +POPDIVERT`'dnl`'') define(`GENERICS_DOMAIN_FILE', `PUSHDIVERT(5)FG$1 -POPDIVERT`'dnl') +POPDIVERT`'dnl`'') define(`_OPTINS', `ifdef(`$1', `$2$1$3')') m4wrap(`include(_CF_DIR_`m4/proto.m4')') @@ -129,8 +129,9 @@ define(`confFROM_LINE', `From $g $d') define(`confOPERATORS', `.:%@!^/[]+') define(`confSMTP_LOGIN_MSG', `$j Sendmail $v/$Z; $b') define(`confRECEIVED_HEADER', `$?sfrom $s $.$?_($?s$|from $.$_) - $.by $j ($v/$Z)$?r with $r$. - id $i$?u for $u$.; $b') + $.by $j ($v/$Z)$?r with $r$. id $i$?u + for $u; $|; + $.$b') define(`confSEVEN_BIT_INPUT', `False') define(`confEIGHT_BIT_HANDLING', `pass8') define(`confALIAS_WAIT', `10') @@ -156,4 +157,4 @@ define(`confMIME_FORMAT_ERRORS', `True') define(`confFORWARD_PATH', `$z/.forward.$w:$z/.forward') divert(0)dnl -VERSIONID(`@(#)cfhead.m4 8.7 (Berkeley) 11/20/96') +VERSIONID(`@(#)cfhead.m4 8.9 (Berkeley) 1/18/97') diff --git a/usr.sbin/sendmail/cf/m4/proto.m4 b/usr.sbin/sendmail/cf/m4/proto.m4 index 676aa35..fc09fe0 100644 --- a/usr.sbin/sendmail/cf/m4/proto.m4 +++ b/usr.sbin/sendmail/cf/m4/proto.m4 @@ -34,7 +34,7 @@ divert(-1) # divert(0) -VERSIONID(`@(#)proto.m4 8.136 (Berkeley) 11/24/96') +VERSIONID(`@(#)proto.m4 8.139 (Berkeley) 12/31/96') MAILER(local)dnl @@ -171,17 +171,18 @@ DR`'ifdef(`LOCAL_RELAY', LOCAL_RELAY) # who gets all local email traffic ($R has precedence for unqualified names) DH`'ifdef(`MAIL_HUB', MAIL_HUB) -# class L: names that should be delivered locally, even if we have a relay +# dequoting map +Kdequote dequote + +divert(0)dnl # end of nullclient diversion # class E: names that should be exposed as from this host, even if we masquerade +ifdef(`_NULL_CLIENT_ONLY_', `#', +`# class L: names that should be delivered locally, even if we have a relay # class M: domains that should be converted to $M #CL root -CE root +')CE root undivert(5)dnl -# dequoting map -Kdequote dequote - -divert(0)dnl # end of nullclient diversion # who I masquerade as (null for no masquerading) (see also $=M) DM`'ifdef(`MASQUERADE_NAME', MASQUERADE_NAME) @@ -685,7 +686,7 @@ define(`X', ifdef(`VIRTUSER_TABLE', `', `#'))dnl X`'R$+ < @ $=w . > $: < $(virtuser $1 @ $2 $@ $1 $: @ $) > $1 < @ $2 . > X`'R< @ > $+ < @ $+ . > $: < $(virtuser @ $2 $@ $1 $: @ $) > $1 < @ $2 . > X`'R< @ > $+ $: $1 -X`'R< error : $- $+ > $* $#error $@ $1 $: $2 +X`'R< error : $- $+ > $* $#error $@ $( dequote $1 $) $: $2 X`'R< $+ > $+ < @ $+ > $: $>97 $1 undefine(`X')dnl @@ -798,6 +799,8 @@ R< > $+ + $* $#_LOCAL_ $@ $2 $: $1 R< > $+ $: < $H > $1 try hub R< > $+ $: < $R > $1 try relay R< > $+ $@ $1 nope, give up +R< local : $* > $* $: $>95 < local : $1 > $2 no host extension +R< error : $* > $* $: $>95 < error : $1 > $2 no host extension R< $- : $+ > $+ $: $>95 < $1 : $2 > $3 < @ $2 > R< $+ > $+ $@ $>95 < $1 > $2 < @ $1 > @@ -821,15 +824,33 @@ undefine(`X')dnl S95 R< > $* $@ $1 strip off null relay -R< error : $- $+ > $* $#error $@ $1 $: $2 special case errors -R< local : > $* < @ $* > $#local $@ $1@$2 $: $1 no host: use old user -R< local : $+ > $* <@ $* . > $* $#local $@ $2@$3 $: $1 special case local +R< error : $- $+ > $* $#error $@ $( dequote $1 $) $: $2 +R< local : $* > $* $>CanonLocal < $1 > $2 R< $- : $+ @ $+ > $*<$*>$* $# $1 $@ $3 $: $2<@$3> use literal user R< $- : $+ > $* $# $1 $@ $2 $: $3 try qualified mailer R< $=w > $* $@ $2 delete local host R< $+ > $* $#_RELAY_ $@ $1 $: $2 use unqualified mailer ################################################################### +### Ruleset CanonLocal -- canonify local: syntax ### +################################################################### + +SCanonLocal +# strip trailing dot from any host name that may appear +R< $* > $* < @ $* . > $: < $1 > $2 < @ $3 > + +# handle local: syntax -- use old user, either with or without host +R< > $* < @ $* > $* $#local $@ $1@$2 $: $1 +R< > $+ $#local $@ $1 $: $1 + +# handle local:user@host syntax -- ignore host part +R< $+ @ $+ > $* $: < $1 > $3 + +# handle local:user syntax +R< $+ > $* <@ $* > $* $#local $@ $2@$3 $: $1 +R< $+ > $* $#local $@ $2 $: $1 + +################################################################### ### Ruleset 93 -- convert header names to masqueraded form ### ################################################################### diff --git a/usr.sbin/sendmail/cf/m4/version.m4 b/usr.sbin/sendmail/cf/m4/version.m4 index b3ee9a7..1837c22 100644 --- a/usr.sbin/sendmail/cf/m4/version.m4 +++ b/usr.sbin/sendmail/cf/m4/version.m4 @@ -32,8 +32,8 @@ divert(-1) # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -VERSIONID(`@(#)version.m4 8.8.4.2 (Berkeley) 11/26/96') +VERSIONID(`@(#)version.m4 8.8.5.3 (Berkeley) 1/21/97') # divert(0) # Configuration version number -DZ8.8.4`'ifdef(`confCF_VERSION', `/confCF_VERSION') +DZ8.8.5`'ifdef(`confCF_VERSION', `/confCF_VERSION') diff --git a/usr.sbin/sendmail/cf/ostype/powerux.m4 b/usr.sbin/sendmail/cf/ostype/powerux.m4 new file mode 100644 index 0000000..d0fd3dc --- /dev/null +++ b/usr.sbin/sendmail/cf/ostype/powerux.m4 @@ -0,0 +1,46 @@ +divert(-1) +# +# Copyright (c) 1983 Eric P. Allman +# Copyright (c) 1988, 1993 +# The Regents of the University of California. All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# 3. All advertising materials mentioning features or use of this software +# must display the following acknowledgement: +# This product includes software developed by the University of +# California, Berkeley and its contributors. +# 4. Neither the name of the University nor the names of its contributors +# may be used to endorse or promote products derived from this software +# without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. +# + +divert(0) +VERSIONID(`@(#)powerux.m4 8.1 (Berkeley) 1/16/97') + +define(`ALIAS_FILE', /etc/mail/aliases)dnl +ifdef(`HELP_FILE',,`define(`HELP_FILE', /etc/mail/sendmail.hf)')dnl +ifdef(`STATUS_FILE',,`define(`STATUS_FILE', /etc/mail/sendmail.st)')dnl +define(`LOCAL_MAILER_PATH', `/usr/bin/rmail')dnl +define(`LOCAL_MAILER_FLAGS', `mn9')dnl +define(`LOCAL_MAILER_ARGS', `rmail $u')dnl +define(`LOCAL_SHELL_FLAGS', `ehuP')dnl +define(`UUCP_MAILER_ARGS', `uux - -r -a$g -gmedium $h!rmail ($u)')dnl diff --git a/usr.sbin/sendmail/cf/ostype/sinix.m4 b/usr.sbin/sendmail/cf/ostype/sinix.m4 new file mode 100644 index 0000000..7b50e9e --- /dev/null +++ b/usr.sbin/sendmail/cf/ostype/sinix.m4 @@ -0,0 +1,45 @@ +divert(-1) +# +# Copyright (c) 1996 Eric P. Allman +# Copyright (c) 1988, 1993 +# The Regents of the University of California. All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# 3. All advertising materials mentioning features or use of this software +# must display the following acknowledgement: +# This product includes software developed by the University of +# California, Berkeley and its contributors. +# 4. Neither the name of the University nor the names of its contributors +# may be used to endorse or promote products derived from this software +# without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. +# + +divert(0) +VERSIONID(`@(#)sinix.m4 8.1 (Berkeley) 12/14/96') +define(`QUEUE_DIR', /usr/ucblib/mqueue)dnl +define(`ALIAS_FILE', /usr/ucblib/aliases)dnl +ifdef(`HELP_FILE',,`define(`HELP_FILE', /usr/ucblib/sendmail.hf)')dnl +ifdef(`STATUS_FILE',,`define(`STATUS_FILE', /usr/ucblib/sendmail.st)')dnl +define(`LOCAL_MAILER_PATH', `/usr/ucblib/mail.local')dnl +define(`LOCAL_MAILER_FLAGS', `rmn9')dnl +define(`LOCAL_SHELL_FLAGS', `ehuP')dnl +define(`UUCP_MAILER_ARGS', `uux - -r -a$g -gmedium $h!rmail ($u)')dnl diff --git a/usr.sbin/sendmail/doc/op/op.me b/usr.sbin/sendmail/doc/op/op.me index 4237497..88b69ea 100644 --- a/usr.sbin/sendmail/doc/op/op.me +++ b/usr.sbin/sendmail/doc/op/op.me @@ -30,7 +30,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" @(#)op.me 8.100 (Berkeley) 12/1/96 +.\" @(#)op.me 8.103 (Berkeley) 12/13/96 .\" .\" eqn op.me | pic | troff -me .eh 'SMM:08-%''Sendmail Installation and Operation Guide' @@ -65,10 +65,9 @@ .sp .r Eric Allman -InReference, Inc. eric@Sendmail.ORG .sp -Version 8.100 +Version 8.103 .sp For Sendmail Version 8.8 .)l @@ -161,6 +160,12 @@ Several major changes were introduced in version 8.7. You should not attempt to use this document for prior versions of .i sendmail . +.bp +.rs +.sp |4i +.ce 2 +This page intentionally left blank; +replace it with a blank sheet for double-sided output. .bp 7 .sh 1 "BASIC INSTALLATION" .pp @@ -2476,7 +2481,7 @@ When trying to open a connection the cache is first searched. If an open connection is found, it is probed to see if it is still active by sending a -.sm NOOP +.sm RSET command. It is not an error if this fails; instead, the connection is closed and reopened. @@ -8134,6 +8139,15 @@ Temporary versions of the qf files, used during queue file rebuild. .ip /var/spool/mqueue/xf* A transcript of the current session. +.if e \ +\{\ +. bp +. rs +. sp |4i +. ce 2 +This page intentionally left blank; +replace it with a blank sheet for double-sided output. +.\} .\".ro .\".ls 1 .\".tp @@ -8148,16 +8162,9 @@ A transcript of the current session. .\".sp .\".sz 10 .\"Eric Allman -.\"InReference, Inc. .\".sp -.\"Version 8.100 +.\"Version 8.103 .\".ce 0 -.bp 2 -.rs -.sp |4i -.ce 2 -This page intentionally left blank; -replace it with a blank sheet for double-sided output. .bp 3 .ce .sz 12 diff --git a/usr.sbin/sendmail/src/READ_ME b/usr.sbin/sendmail/src/READ_ME index 72e9a18..88fa68a 100644 --- a/usr.sbin/sendmail/src/READ_ME +++ b/usr.sbin/sendmail/src/READ_ME @@ -30,7 +30,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# @(#)READ_ME 8.132 (Berkeley) 12/1/96 +# @(#)READ_ME 8.135 (Berkeley) 1/21/97 # This directory contains the source files for sendmail. @@ -529,9 +529,7 @@ HES_GETMAILHOST Define this to 1 if you are using Hesiod with the XDEBUG Do additional internal checking. These don't cost too much; you might as well leave this on. TCPWRAPPERS Turns on support for the TCP wrappers library (-lwrap). - This library is available on ftp.win.tue.nl in /pub/security; - grab tcp_wrappers_<VER>.tar.gz (where <VER> is the highest - numbered version). + See below for further information. SECUREWARE Enable calls to the SecureWare luid enabling/changing routines. SecureWare is a C2 security package added to several UNIX's (notably ConvexOS) to get a C2 Secure system. This @@ -787,6 +785,12 @@ Solaris 2.4 (SunOS 5.4) >> >> here, path 2 would be the first used. +Solaris 2.6 (SunOS 5.6) + If you built sendmail 8.8.1 through 8.8.4 inclusive on a Solaris 2.5 + system, that binary will not run on Solaris 2.6, due to problems with + incompatible snprintf(3s) calls. This problem is fixed in sendmail + 8.8.5. + Ultrix By default, the IDENT protocol is turned off on Ultrix. If you are running Ultrix 4.4 or later, or if you have included patch @@ -803,7 +807,7 @@ Solaris 2.5.1 (SunOS 5.5.1) /usr/include/resolv.h:208: warning: `__P' redefined cdefs.h:58: warning: this is the location of the previous definition - If you are running with this patch, create a file in the + If you are running with this patch, create a resolv.h file in the obj.SunOS.5.5.1.* directory that reads: #undef __P @@ -1289,14 +1293,19 @@ LDAP send them along. TCP Wrappers - If you are using -DTCPWRAPPERS to get TCP Wrappers support, you will - also need to install libwrap.a (you can get it from ftp.win.tue.nl) - and modify the Makefile to include -lwrap in the LIBS line. + If you are using -DTCPWRAPPERS to get TCP Wrappers support you will + also need to install libwrap.a and modify the Makefile to include + -lwrap in the LIBS line (make sure that INCDIRS and LIBDIRS point + to where the tcpd.h and libwrap.a can be found). + + TCP Wrappers is available on ftp.win.tue.nl in /pub/security; + grab tcp_wrappers_<VER>.tar.gz (where <VER> is the highest + numbered version). If you have alternate MX sites for your site, be sure that all of your MX sites reject the same set of hosts. If not, a bad guy whom you reject will connect to your site, fail, and move on to the next - MX site, which will accept the mail for your and forward it on to you. + MX site, which will accept the mail for you and forward it on to you. +--------------+ @@ -1398,4 +1407,4 @@ version.c The version number and information about this Eric Allman -(Version 8.132, last update 12/1/96 09:34:37) +(Version 8.135, last update 1/21/97 07:47:02) diff --git a/usr.sbin/sendmail/src/alias.c b/usr.sbin/sendmail/src/alias.c index 95de1ee..b09a85d 100644 --- a/usr.sbin/sendmail/src/alias.c +++ b/usr.sbin/sendmail/src/alias.c @@ -35,7 +35,7 @@ # include "sendmail.h" #ifndef lint -static char sccsid[] = "@(#)alias.c 8.66 (Berkeley) 9/20/96"; +static char sccsid[] = "@(#)alias.c 8.67 (Berkeley) 1/18/97"; #endif /* not lint */ @@ -601,11 +601,24 @@ readaliases(map, af, announcestats, logstats) while (fgets(line, sizeof (line), af) != NULL) { int lhssize, rhssize; + int c; LineNumber++; p = strchr(line, '\n'); if (p != NULL) *p = '\0'; + else if (!feof(af)) + { + syserr("554 alias line too long"); + + /* flush to end of line */ + while ((c = getc(af)) != EOF && c != '\n') + continue; + + /* skip any continuation lines */ + skipping = TRUE; + continue; + } switch (line[0]) { case '#': @@ -655,7 +668,6 @@ readaliases(map, af, announcestats, logstats) rhs = p; for (;;) { - register char c; register char *nlp; nlp = &p[strlen(p)]; @@ -698,12 +710,19 @@ readaliases(map, af, announcestats, logstats) LineNumber++; /* check for line overflow */ - if (strchr(p, '\n') == NULL) + if (strchr(p, '\n') == NULL && !feof(af)) { usrerr("554 alias too long"); + while ((c = fgetc(af)) != EOF && c != '\n') + continue; + skipping = TRUE; break; } } + + if (skipping) + continue; + if (!bitnset(M_ALIASABLE, al.q_mailer->m_flags)) { syserr("554 %s... cannot alias non-local names", diff --git a/usr.sbin/sendmail/src/clock.c b/usr.sbin/sendmail/src/clock.c index 281ee60..5639f44 100644 --- a/usr.sbin/sendmail/src/clock.c +++ b/usr.sbin/sendmail/src/clock.c @@ -33,7 +33,7 @@ */ #ifndef lint -static char sccsid[] = "@(#)clock.c 8.16 (Berkeley) 11/27/96"; +static char sccsid[] = "@(#)clock.c 8.18 (Berkeley) 12/31/96"; #endif /* not lint */ # include "sendmail.h" @@ -60,7 +60,7 @@ static char sccsid[] = "@(#)clock.c 8.16 (Berkeley) 11/27/96"; ** none. */ -static void tick __P((int)); +static SIGFUNC_DECL tick __P((int)); EVENT * setevent(intvl, func, arg) @@ -161,7 +161,7 @@ clrevent(ev) ** calls the next function in EventQueue. */ -static void +static SIGFUNC_DECL tick(arg) int arg; { @@ -169,9 +169,6 @@ tick(arg) register EVENT *ev; int mypid = getpid(); int olderrno = errno; -#ifdef SIG_UNBLOCK - sigset_t ss; -#endif (void) setsignal(SIGALRM, SIG_IGN); (void) alarm(0); @@ -224,6 +221,7 @@ tick(arg) if (EventQueue != NULL) (void) alarm((unsigned) (EventQueue->ev_time - now)); errno = olderrno; + return SIGFUNC_RETURN; } /* ** SLEEP -- a version of sleep that works with this stuff diff --git a/usr.sbin/sendmail/src/envelope.c b/usr.sbin/sendmail/src/envelope.c index 6781522..c5e98f7e 100644 --- a/usr.sbin/sendmail/src/envelope.c +++ b/usr.sbin/sendmail/src/envelope.c @@ -33,7 +33,7 @@ */ #ifndef lint -static char sccsid[] = "@(#)envelope.c 8.99 (Berkeley) 12/1/96"; +static char sccsid[] = "@(#)envelope.c 8.101 (Berkeley) 12/16/96"; #endif /* not lint */ #include "sendmail.h" @@ -275,11 +275,14 @@ dropenvelope(e, fulldrop) if (bitset(EF_FATALERRS, e->e_flags) && !failure_return) { - failure_return = TRUE; for (q = e->e_sendqueue; q != NULL; q = q->q_next) { - if (!bitset(QDONTSEND, q->q_flags)) + if (!bitset(QDONTSEND, q->q_flags) && + bitset(QPINGONFAILURE, q->q_flags)) + { + failure_return = TRUE; q->q_flags |= QBADADDR; + } } } @@ -640,6 +643,8 @@ closexscript(e) ** e -- the envelope in which we would like the sender set. ** delimptr -- if non-NULL, set to the location of the ** trailing delimiter. +** delimchar -- the character that will delimit the sender +** address. ** internal -- set if this address is coming from an internal ** source such as an owner alias. ** @@ -651,16 +656,16 @@ closexscript(e) */ void -setsender(from, e, delimptr, internal) +setsender(from, e, delimptr, delimchar, internal) char *from; register ENVELOPE *e; char **delimptr; + int delimchar; bool internal; { register char **pvp; char *realname = NULL; register struct passwd *pw; - char delimchar; char *bp; char buf[MAXNAME + 2]; char pvpbuf[PSBUFSIZE]; @@ -683,7 +688,6 @@ setsender(from, e, delimptr, internal) if (ConfigLevel < 2) SuprErrs = TRUE; - delimchar = internal ? '\0' : ' '; e->e_from.q_flags = QBADADDR; if (from == NULL || parseaddr(from, &e->e_from, RF_COPYALL|RF_SENDERADDR, diff --git a/usr.sbin/sendmail/src/map.c b/usr.sbin/sendmail/src/map.c index 1b0f086..3d40d62 100644 --- a/usr.sbin/sendmail/src/map.c +++ b/usr.sbin/sendmail/src/map.c @@ -33,7 +33,7 @@ */ #ifndef lint -static char sccsid[] = "@(#)map.c 8.146 (Berkeley) 11/24/96"; +static char sccsid[] = "@(#)map.c 8.147 (Berkeley) 1/17/97"; #endif /* not lint */ #include "sendmail.h" @@ -1610,7 +1610,8 @@ nis_getcanonname(name, hbsize, statp) #ifdef NISPLUS -#undef NIS /* symbol conflict in nis.h */ +#undef NIS /* symbol conflict in nis.h */ +#undef T_UNSPEC /* symbol conflict in nis.h -> ... -> sys/tiuser.h */ #include <rpcsvc/nis.h> #include <rpcsvc/nislib.h> diff --git a/usr.sbin/sendmail/src/queue.c b/usr.sbin/sendmail/src/queue.c index 5d00b9f..2afa73d 100644 --- a/usr.sbin/sendmail/src/queue.c +++ b/usr.sbin/sendmail/src/queue.c @@ -36,9 +36,9 @@ #ifndef lint #if QUEUE -static char sccsid[] = "@(#)queue.c 8.145 (Berkeley) 12/2/96 (with queueing)"; +static char sccsid[] = "@(#)queue.c 8.153 (Berkeley) 1/14/97 (with queueing)"; #else -static char sccsid[] = "@(#)queue.c 8.145 (Berkeley) 12/2/96 (without queueing)"; +static char sccsid[] = "@(#)queue.c 8.153 (Berkeley) 1/14/97 (without queueing)"; #endif #endif /* not lint */ @@ -68,10 +68,6 @@ WORK *WorkQ; /* queue of things to be done */ #define QF_VERSION 2 /* version number of this queue format */ -#if !defined(NGROUPS_MAX) && defined(NGROUPS) -# define NGROUPS_MAX NGROUPS /* POSIX naming convention */ -#endif - extern int orderq __P((bool)); /* ** QUEUEUP -- queue a message up for future transmission. @@ -553,6 +549,7 @@ runqueue(forkflag, verbose) extern ENVELOPE BlankEnvelope; extern void clrdaemon __P((void)); extern void runqueueevent __P((bool)); + extern void drop_privileges __P((void)); /* ** If no work will ever be selected, don't even bother reading @@ -561,7 +558,7 @@ runqueue(forkflag, verbose) CurrentLA = getla(); /* get load average */ - if (shouldqueue(0L, curtime())) + if (CurrentLA >= QueueLA) { char *msg = "Skipping queue run -- load average too high"; @@ -583,9 +580,9 @@ runqueue(forkflag, verbose) if (forkflag) { pid_t pid; - extern void intsig(); + extern SIGFUNC_DECL intsig __P((int)); #ifdef SIGCHLD - extern void reapchild(); + extern SIGFUNC_DECL reapchild __P((int)); blocksignal(SIGCHLD); (void) setsignal(SIGCHLD, reapchild); @@ -633,7 +630,6 @@ runqueue(forkflag, verbose) (void) setsignal(SIGCHLD, SIG_DFL); #endif /* SIGCHLD */ (void) setsignal(SIGHUP, intsig); - Verbose = FALSE; } setproctitle("running queue: %s", QueueDir); @@ -657,12 +653,7 @@ runqueue(forkflag, verbose) /* drop privileges */ if (geteuid() == (uid_t) 0) - { - if (RunAsGid != (gid_t) 0) - (void) setgid(RunAsGid); - if (RunAsUid != (uid_t) 0) - (void) setuid(RunAsUid); - } + drop_privileges(); /* ** Create ourselves an envelope @@ -672,6 +663,10 @@ runqueue(forkflag, verbose) e = newenvelope(&QueueEnvelope, CurEnv); e->e_flags = BlankEnvelope.e_flags; + /* make sure we have disconnected from parent */ + if (forkflag) + disconnect(1, e); + /* ** Make sure the alias database is open. */ @@ -1569,12 +1564,13 @@ readqf(e) { case 'V': /* queue file version number */ qfver = atoi(&bp[1]); - if (qfver > QF_VERSION) - { - syserr("Version number in qf (%d) greater than max (%d)", - qfver, QF_VERSION); - } - break; + if (qfver <= QF_VERSION) + break; + syserr("Version number in qf (%d) greater than max (%d)", + qfver, QF_VERSION); + fclose(qfp); + loseqfile(e, "unsupported qf file version"); + return FALSE; case 'C': /* specify controlling user */ ctladdr = setctluser(&bp[1], qfver); @@ -1645,7 +1641,7 @@ readqf(e) break; case 'S': /* sender */ - setsender(newstr(&bp[1]), e, NULL, TRUE); + setsender(newstr(&bp[1]), e, NULL, '\0', TRUE); break; case 'B': /* body type */ diff --git a/usr.sbin/sendmail/src/version.c b/usr.sbin/sendmail/src/version.c index 617e11a..a6b4f16 100644 --- a/usr.sbin/sendmail/src/version.c +++ b/usr.sbin/sendmail/src/version.c @@ -33,7 +33,7 @@ */ #ifndef lint -static char sccsid[] = "@(#)version.c 8.8.4.4 (Berkeley) 12/2/96"; +static char sccsid[] = "@(#)version.c 8.8.5.3 (Berkeley) 1/21/97"; #endif /* not lint */ -char Version[] = "8.8.4"; +char Version[] = "8.8.5"; |