This commit was generated by cvs2svn to compensate for changes in r22028,

which included commits to RCS files with non-trunk default branches.

15 files changed, 399 insertions, 94 deletions

diff --git a/usr.sbin/sendmail/RELEASE_NOTES b/usr.sbin/sendmail/RELEASE_NOTES
index 621cbcc..a935a73 100644
--- a/usr.sbin/sendmail/RELEASE_NOTES
+++ b/usr.sbin/sendmail/RELEASE_NOTES
@@ -1,11 +1,157 @@
 			SENDMAIL RELEASE NOTES
-	     @(#)RELEASE_NOTES	8.8.4.4 (Berkeley) 12/2/96
+	     @(#)RELEASE_NOTES	8.8.5.3 (Berkeley) 1/21/97
 
 
 This listing shows the version of the sendmail binary, the version
 of the sendmail configuration files, the date of release, and a
 summary of the changes in that release.
 
+8.8.5/8.8.5	97/01/21
+	SECURITY: Clear out group list during startup.  Without this, sendmail
+		will continue to run with the group permissions of the caller,
+		even if RunAsUser is specified.
+	SECURITY: Make purgestat (-bH) be root-only.  This is not in response
+		to any known attack, but it's best to be conservative.
+		Suggested by Peter Wemm of DIALix.
+	SECURITY: Fix buffer overrun problem in MIME code that has possible
+		security implications.  Patch from Alex Garthwaite of the
+		University of Pennsylvania.
+	Use of a -f flag with a phrase attached (e.g., "-f 'Full Name <addr>'")
+		would truncate the address after "Full".  Although the -f
+		syntax is incorrect (since it is in the envelope, it
+		shouldn't have comments and full names), the failure mode
+		was unnecessarily awful.
+	Fix a possible null pointer dereference when converting 8-bit data
+		to a 7-bit format.  Problem noted by Jim Hutchins of
+		Sandia National Labs and David James of British Telecom.
+	Clear out stale state that affected F=9 on SMTP mailers in queue
+		runs.  Although this really shouldn't be used (F=9 is for
+		final delivery only, and using it on an SMTP mailer makes
+		it possible for a message to be converted from 8->7->8->7
+		bits several times), it shouldn't have failed with a syserr.
+		Problem noted by Eric Hagberg of Morgan Stanley.
+	_Really_ fix the multiple :maildrop code in the user database
+		module.  Patch from Roy Mongiovi of Georgia Tech.
+	Let F lines in the configuration file actually read root-only
+		files if the configuration file is safe.  Based on a
+		patch from Keith Reynolds of SCO.
+	ETRN followed by QUIT would hold the connection open until the queue
+		run completed.  Problem noted by Truck Lewis of TDK
+		Semiconductor Corp.
+	It turns out that despite the documentation, the TCP wrappers library
+		does _not_ log rejected connections.  Do the logging ourselves.
+		Problem noted by Fletcher Mattox of the University of Texas
+		at Austin.
+	If sendmail finds a qf file in its queue directory that is an unknown
+		version (e.g., when backing out to an old version), the
+		error is reported on every queue run.  Change it to only
+		give the error once (and rename the qf => Qf).  Patch from
+		William A. Gianopoulos of Raytheon Company.
+	Start a new session when doing background delivery; currently it
+		ignored signals but didn't start a new signal, that caused
+		some problems if a background process tried to send mail
+		under certain circumstances.  Problem noted by Eric Hagberg
+		of Morgan Stanley; fix from Kari Hurtta.
+	Simplify test for skipping a queue run to just check if the current
+		load average is >= the queueing load average.  Previously
+		the check factored in some other parameters that caused it
+		to essentially never skip the queue run.  Patch from Bryan
+		Costales.
+	If the SMTP server is running in "nullserver" mode (that is, it is
+		rejecting all commands), start sleeping after MAXBADCOMMAND
+		(25) commands; this helps prevent a bad guy from putting
+		you into a tight loop as a denial-of-service attack.  Based
+		on an e-mail conversation with Brad Knowles of AOL.
+	Slow down when too many "light weight" commands have been issued;
+		this helps prevent a class of denial-of-service attacks.
+		The current values and defaults are:
+		    MAXNOOPCOMMANDS	20	NOOP, VERB, ONEX, XUSR
+		    MAXHELOCOMMANDS	3	HELO, EHLO
+		    MAXVRFYCOMMANDS	6	VRFY, EXPN
+		    MAXETRNCOMMANDS	8	ETRN
+		These will probably be configurable in a future release.
+	On systems that have uid_t typedefed to be an unsigned short, programs
+		that had the F=S flag and no U= equate would be invoked with
+		the real uid set to 65535 rather than being left unchanged.
+	In some cases, NOTIFY=NEVER was not being honored.  Problem noted
+		by Steve Hubert of the University of Washington, Seattle.
+	Mail that was Quoted-Printable encoded and had a soft line break on
+		the last line (i.e., an incomplete continuation) had the last
+		line dropped.  Since this appears to be illegal it isn't
+		clear what to do with it, but flushing the last line seems
+		to be a better "fail soft" approach.  Based on a patch from
+		Eric Hagberg.
+	If AllowBogusHELO and PrivacyOptions=needmailhelo are both set, a
+		bogus HELO command still causes the "Polite people say HELO
+		first" error message.  Problem pointed out by Chris Thomas
+		of UCLA; patch from John Beck of SunSoft.
+	Handle "sendmail -bp -qSfoobar" properly if restrictqrun is set
+		 in PrivacyFlags.  The -q shouldn't turn this command off.
+		 Problem noted by Murray Kucherawy of Pacific Bell Internet;
+		 based on a patch from Gregory Neil Shapiro of WPI.
+	Don't consider SMTP reply codes 452 or 552 (exceeded storage allocation)
+		in a DATA transaction to be sticky; these can occur because
+		a message is too large, and smaller messages should still go
+		through.  Problem noted by Matt Dillon of Best Internet
+		Communications.
+	In some cases bounces were saved in /var/tmp/dead.letter even if they
+		had been successfully delivered to the envelope sender.
+		Problem noted Eric Hagberg of Morgan Stanley; solution from
+		Gregory Neil Shapiro of WPI.
+	Give better diagnostics on long alias lines.  Based on code contributed
+		by Patrick Gosling of the University of Cambridge.
+	Increase the number of virtual interfaces that will be probed for
+		alternate names.  Problem noted by Gregory Neil Shapiro of
+		WPI.
+	PORTABILITY:
+		UXP/DS V20L10 for Fujitsu DS/90: Makefile patches from
+			Toshiaki Nomura of Fujitsu Limited.
+		SunOS with LDAP support: compile problems with struct timeval.
+			Patch from Nick Cuccia of TCSI Corporation.
+		SCO: from Keith Reynolds of SCO.
+		Solaris: kstat load average computation wasn't being used.
+			Fixes from Michael Ju. Tokarev of Telecom Service, JSC
+			(Moscow).
+		OpenBSD: from Jason Downs of teeny.org.
+		Altos System V: from Tim Rice.
+		Solaris 2.5: from Alan Perry of SunSoft.
+		Solaris 2.6: from John Beck of SunSoft.
+		Harris Nighthawk PowerUX (mh6000 box): from Bob Miorelli
+			of Pratt & Whitney <miorelli@pweh.com>.
+	CONFIG: It seems that I hadn't gotten the Received: line syntax
+		_just_right_ yet.  Tweak it again.  I'll omit the names
+		of the "contributors" (quantity two) in this one case.
+		As of now, NO MORE DISCUSSION about the syntax of the
+		Received: line.
+	CONFIG: Although FEATURE(nullclient) uses EXPOSED_USER (class $=E),
+		it never inserts that class into the output file.  Fix it
+		so it will honor EXPOSED_USER but will _not_ include root
+		automatically in this class.  Problem noted by Ronan KERYELL
+		of Centre de Recherche en Informatique de l'École Nationale
+		Supérieure des Mines de Paris (CRI-ENSMP).
+	CONFIG: Clean up handling of "local:" syntax in relay specifications
+		such as LUSER_RELAY.  This change permits the following
+		syntaxes:  ``local:'' will send to the same user on the
+		local machine (e.g., in a mailertable entry for "host",
+		``local:'' will cause an address addressed to user@host to
+		go to user on the local machone).  ``local:user'' will send
+		to the named user on the local machine.  ``local:user@host''
+		is equivalent to ``local:user'' (the host is ignored).  In
+		all cases, the original user@host is passed in $@ (i.e., the
+		detail information).  Inspired by a report from Michael Fuhr
+		of Dimensional Communications, L.L.C.
+	CONFIG: Strip quotes from the first word of an "error:" host
+		indication.  This lets you set (for example) the LUSER_RELAY
+		to be ``error:\"5.1.1\" Your Message Here''.  Note the use
+		of the \" so that the resulting string is properly quoted.
+		Problem noted by Gregory Neil Shapiro of WPI.
+	OP.ME: documentation was inconsistent about whether sendmail did a
+		NOOP or a RSET to probe the connection (it does a RSET).
+		Inconsistency noted by Deeran Peethamparam.
+	OP.ME: insert additional blank pages so it will print properly on
+		a duplex printer.  From Matthew Black of Cal State University,
+		Long Beach.
+
 8.8.4/8.8.4	96/12/02
 	SECURITY: under some circumstances, an attacker could get additional
 		permissions by hard linking to files that were group
diff --git a/usr.sbin/sendmail/cf/README b/usr.sbin/sendmail/cf/README
index d71ffd2..6ea2998 100644
--- a/usr.sbin/sendmail/cf/README
+++ b/usr.sbin/sendmail/cf/README
@@ -4,7 +4,7 @@
 
 		Eric Allman <eric@CS.Berkeley.EDU>
 
-		@(#)README	8.108 (Berkeley) 11/16/96
+		@(#)README	8.111 (Berkeley) 1/16/97
 
 
 This document describes the sendmail configuration files being used
@@ -31,8 +31,10 @@ This package requires a post-V7 version of m4; if you are running the
 4.2bsd, SysV.2, or 7th Edition version, I suggest finding a friend with
 a newer version.  You can m4-expand on their system, then run locally.
 SunOS's /usr/5bin/m4 or BSD-Net/2's m4 both work.  GNU m4 version 1.1
-also works.  Unfortunately, I'm told that the M4 on BSDI 1.0 doesn't
-work -- you'll have to use a Net/2 or GNU version.
+or later also works.  Unfortunately, I'm told that the M4 on BSDI 1.0
+doesn't work -- you'll have to use a Net/2 or GNU version.  GNU m4 is
+available from ftp://prep.ai.mit.edu/pub/gnu/m4-1.4.tar.gz (check for
+the latest version).
 
 IF YOU DON'T HAVE A BERKELEY MAKE, don't despair!  Just run
 "m4 ../m4/cf.m4 foo.mc > foo.cf" -- that should be all you need.
@@ -305,9 +307,13 @@ POP_MAILER_ARGS		[pop $u] The arguments passed to the POP mailer.
 PROCMAIL_MAILER_PATH	[/usr/local/bin/procmail] The path to the procmail
 			program.  This is also used by FEATURE(local_procmail).
 PROCMAIL_MAILER_FLAGS	[Shu] Flags added to Procmail mailer.  Flags
-			``DFMmn'' are always set.
+			``DFMmn'' are always set.  This is NOT used by
+			FEATURE(local_procmail); tweak LOCAL_MAILER_FLAGS
+			instead.
 PROCMAIL_MAILER_ARGS	[procmail -m $h $f $u] The arguments passed to
-			the Procmail mailer.
+			the Procmail mailer.  This is NOT used by
+			FEATURE(local_procmail); tweak LOCAL_MAILER_ARGS
+			instead.
 PROCMAIL_MAILER_MAX	[undefined] If set, the maximum size message that
 			will be accepted by the procmail mailer.
 MAIL11_MAILER_PATH	[/usr/etc/mail11] The path to the mail11 mailer.
@@ -694,7 +700,10 @@ local_procmail	Use procmail as the local mailer.  This mailer can
 		normally the +indicator is just tossed, but by default
 		it is passed as the -a argument to procmail.  The
 		argument to this feature is the pathname of procmail,
-		which defaults to PROCMAIL_MAILER_PATH.
+		which defaults to PROCMAIL_MAILER_PATH.  Note that this
+		does NOT use PROCMAIL_MAILER_FLAGS or PROCMAIL_MAILER_ARGS
+		for the local mailer; tweak LOCAL_MAILER_FLAGS and
+		LOCAL_MAILER_ARGS instead.
 
 bestmx_is_local	Accept mail as though locally addressed for any host that
 		lists us as the best possible MX record.  This generates
@@ -1426,7 +1435,10 @@ confCF_VERSION		$Z macro	If defined, this is appended to the
 confFROM_HEADER		From:		[$?x$x <$g>$|$g$.] The format of an 
 					internally generated From: address.
 confRECEIVED_HEADER	Received:
-      [.$?_($?s$|from $.$_) $.by $j ($v/$Z)$?r with $r$. id $i$?u for $u$.; $b]
+		[$?sfrom $s .$?_($?s$|from $.$_)
+			$.by $j ($v/$Z)$?r with $r$. id $i$?u
+			for $u$.;
+			$b]
 					The format of the Received: header
 					in messages passed through this host.
 					It is unwise to try to change this.
diff --git a/usr.sbin/sendmail/cf/m4/cfhead.m4 b/usr.sbin/sendmail/cf/m4/cfhead.m4
index 91d4b9a..6bef4c6 100644
--- a/usr.sbin/sendmail/cf/m4/cfhead.m4
+++ b/usr.sbin/sendmail/cf/m4/cfhead.m4
@@ -106,18 +106,18 @@ define(`SITE', `ifelse(CONCAT($'2`, $3), SU,
 		CONCAT(C, $3, $'1`))')
 sinclude(_CF_DIR_`'siteconfig/$1.m4)')
 define(`EXPOSED_USER', `PUSHDIVERT(5)CE$1
-POPDIVERT`'dnl')
+POPDIVERT`'dnl`'')
 define(`LOCAL_USER', `PUSHDIVERT(5)CL$1
-POPDIVERT`'dnl')
+POPDIVERT`'dnl`'')
 define(`MASQUERADE_AS', `define(`MASQUERADE_NAME', $1)')
 define(`MASQUERADE_DOMAIN', `PUSHDIVERT(5)CM$1
-POPDIVERT`'dnl')
+POPDIVERT`'dnl`'')
 define(`MASQUERADE_DOMAIN_FILE', `PUSHDIVERT(5)FM$1
-POPDIVERT`'dnl')
+POPDIVERT`'dnl`'')
 define(`GENERICS_DOMAIN', `PUSHDIVERT(5)CG$1
-POPDIVERT`'dnl')
+POPDIVERT`'dnl`'')
 define(`GENERICS_DOMAIN_FILE', `PUSHDIVERT(5)FG$1
-POPDIVERT`'dnl')
+POPDIVERT`'dnl`'')
 define(`_OPTINS', `ifdef(`$1', `$2$1$3')')
 
 m4wrap(`include(_CF_DIR_`m4/proto.m4')')
@@ -129,8 +129,9 @@ define(`confFROM_LINE', `From $g  $d')
 define(`confOPERATORS', `.:%@!^/[]+')
 define(`confSMTP_LOGIN_MSG', `$j Sendmail $v/$Z; $b')
 define(`confRECEIVED_HEADER', `$?sfrom $s $.$?_($?s$|from $.$_)
-          $.by $j ($v/$Z)$?r with $r$.
-	  id $i$?u for $u$.; $b')
+	$.by $j ($v/$Z)$?r with $r$. id $i$?u
+	for $u; $|;
+	$.$b')
 define(`confSEVEN_BIT_INPUT', `False')
 define(`confEIGHT_BIT_HANDLING', `pass8')
 define(`confALIAS_WAIT', `10')
@@ -156,4 +157,4 @@ define(`confMIME_FORMAT_ERRORS', `True')
 define(`confFORWARD_PATH', `$z/.forward.$w:$z/.forward')
 
 divert(0)dnl
-VERSIONID(`@(#)cfhead.m4	8.7 (Berkeley) 11/20/96')
+VERSIONID(`@(#)cfhead.m4	8.9 (Berkeley) 1/18/97')
diff --git a/usr.sbin/sendmail/cf/m4/proto.m4 b/usr.sbin/sendmail/cf/m4/proto.m4
index 676aa35..fc09fe0 100644
--- a/usr.sbin/sendmail/cf/m4/proto.m4
+++ b/usr.sbin/sendmail/cf/m4/proto.m4
@@ -34,7 +34,7 @@ divert(-1)
 #
 divert(0)
 
-VERSIONID(`@(#)proto.m4	8.136 (Berkeley) 11/24/96')
+VERSIONID(`@(#)proto.m4	8.139 (Berkeley) 12/31/96')
 
 MAILER(local)dnl
 
@@ -171,17 +171,18 @@ DR`'ifdef(`LOCAL_RELAY', LOCAL_RELAY)
 # who gets all local email traffic ($R has precedence for unqualified names)
 DH`'ifdef(`MAIL_HUB', MAIL_HUB)
 
-# class L: names that should be delivered locally, even if we have a relay
+# dequoting map
+Kdequote dequote
+
+divert(0)dnl	# end of nullclient diversion
 # class E: names that should be exposed as from this host, even if we masquerade
+ifdef(`_NULL_CLIENT_ONLY_', `#',
+`# class L: names that should be delivered locally, even if we have a relay
 # class M: domains that should be converted to $M
 #CL root
-CE root
+')CE root
 undivert(5)dnl
 
-# dequoting map
-Kdequote dequote
-
-divert(0)dnl	# end of nullclient diversion
 # who I masquerade as (null for no masquerading) (see also $=M)
 DM`'ifdef(`MASQUERADE_NAME', MASQUERADE_NAME)
 
@@ -685,7 +686,7 @@ define(`X', ifdef(`VIRTUSER_TABLE', `', `#'))dnl
 X`'R$+ < @ $=w . > 	$: < $(virtuser $1 @ $2 $@ $1 $: @ $) > $1 < @ $2 . >
 X`'R< @ > $+ < @ $+ . >	$: < $(virtuser @ $2 $@ $1 $: @ $) > $1 < @ $2 . >
 X`'R< @ > $+		$: $1
-X`'R< error : $- $+ > $* 	$#error $@ $1 $: $2
+X`'R< error : $- $+ > $* 	$#error $@ $( dequote $1 $) $: $2
 X`'R< $+ > $+ < @ $+ >	$: $>97 $1
 undefine(`X')dnl
 
@@ -798,6 +799,8 @@ R< > $+ + $*		$#_LOCAL_ $@ $2 $: $1
 R< > $+			$: < $H > $1			try hub
 R< > $+			$: < $R > $1			try relay
 R< > $+			$@ $1				nope, give up
+R< local : $* > $*	$: $>95 < local : $1 > $2	no host extension
+R< error : $* > $*	$: $>95 < error : $1 > $2	no host extension
 R< $- : $+ > $+		$: $>95 < $1 : $2 > $3 < @ $2 >
 R< $+ > $+		$@ $>95 < $1 > $2 < @ $1 >
 
@@ -821,15 +824,33 @@ undefine(`X')dnl
 
 S95
 R< > $*				$@ $1			strip off null relay
-R< error : $- $+ > $*		$#error $@ $1 $: $2	special case errors
-R< local : > $* < @ $* >	$#local $@ $1@$2 $: $1	no host: use old user
-R< local : $+ > $* <@ $* . > $*	$#local $@ $2@$3 $: $1	special case local
+R< error : $- $+ > $*		$#error $@ $( dequote $1 $) $: $2
+R< local : $* > $*		$>CanonLocal < $1 > $2
 R< $- : $+ @ $+ > $*<$*>$*	$# $1 $@ $3 $: $2<@$3>	use literal user
 R< $- : $+ > $*			$# $1 $@ $2 $: $3	try qualified mailer
 R< $=w > $*			$@ $2			delete local host
 R< $+ > $*			$#_RELAY_ $@ $1 $: $2	use unqualified mailer
 
 ###################################################################
+###  Ruleset CanonLocal -- canonify local: syntax		###
+###################################################################
+
+SCanonLocal
+# strip trailing dot from any host name that may appear
+R< $* > $* < @ $* . >		$: < $1 > $2 < @ $3 >
+
+# handle local: syntax -- use old user, either with or without host
+R< > $* < @ $* > $*		$#local $@ $1@$2 $: $1
+R< > $+				$#local $@ $1    $: $1
+
+# handle local:user@host syntax -- ignore host part
+R< $+ @ $+ > $*			$: < $1 > $3
+
+# handle local:user syntax
+R< $+ > $* <@ $* > $*		$#local $@ $2@$3 $: $1
+R< $+ > $* 			$#local $@ $2    $: $1
+
+###################################################################
 ###  Ruleset 93 -- convert header names to masqueraded form	###
 ###################################################################
 
diff --git a/usr.sbin/sendmail/cf/m4/version.m4 b/usr.sbin/sendmail/cf/m4/version.m4
index b3ee9a7..1837c22 100644
--- a/usr.sbin/sendmail/cf/m4/version.m4
+++ b/usr.sbin/sendmail/cf/m4/version.m4
@@ -32,8 +32,8 @@ divert(-1)
 # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 # SUCH DAMAGE.
 #
-VERSIONID(`@(#)version.m4	8.8.4.2 (Berkeley) 11/26/96')
+VERSIONID(`@(#)version.m4	8.8.5.3 (Berkeley) 1/21/97')
 #
 divert(0)
 # Configuration version number
-DZ8.8.4`'ifdef(`confCF_VERSION', `/confCF_VERSION')
+DZ8.8.5`'ifdef(`confCF_VERSION', `/confCF_VERSION')
diff --git a/usr.sbin/sendmail/cf/ostype/powerux.m4 b/usr.sbin/sendmail/cf/ostype/powerux.m4
new file mode 100644
index 0000000..d0fd3dc
--- /dev/null
+++ b/usr.sbin/sendmail/cf/ostype/powerux.m4
@@ -0,0 +1,46 @@
+divert(-1)
+#
+# Copyright (c) 1983 Eric P. Allman
+# Copyright (c) 1988, 1993
+#	The Regents of the University of California.  All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in the
+#    documentation and/or other materials provided with the distribution.
+# 3. All advertising materials mentioning features or use of this software
+#    must display the following acknowledgement:
+#	This product includes software developed by the University of
+#	California, Berkeley and its contributors.
+# 4. Neither the name of the University nor the names of its contributors
+#    may be used to endorse or promote products derived from this software
+#    without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+# ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+# SUCH DAMAGE.
+#
+
+divert(0)
+VERSIONID(`@(#)powerux.m4	8.1 (Berkeley) 1/16/97')
+
+define(`ALIAS_FILE', /etc/mail/aliases)dnl
+ifdef(`HELP_FILE',,`define(`HELP_FILE', /etc/mail/sendmail.hf)')dnl
+ifdef(`STATUS_FILE',,`define(`STATUS_FILE', /etc/mail/sendmail.st)')dnl
+define(`LOCAL_MAILER_PATH', `/usr/bin/rmail')dnl
+define(`LOCAL_MAILER_FLAGS', `mn9')dnl
+define(`LOCAL_MAILER_ARGS', `rmail $u')dnl
+define(`LOCAL_SHELL_FLAGS', `ehuP')dnl
+define(`UUCP_MAILER_ARGS', `uux - -r -a$g -gmedium $h!rmail ($u)')dnl
diff --git a/usr.sbin/sendmail/cf/ostype/sinix.m4 b/usr.sbin/sendmail/cf/ostype/sinix.m4
new file mode 100644
index 0000000..7b50e9e
--- /dev/null
+++ b/usr.sbin/sendmail/cf/ostype/sinix.m4
@@ -0,0 +1,45 @@
+divert(-1)
+#
+# Copyright (c) 1996 Eric P. Allman
+# Copyright (c) 1988, 1993
+#	The Regents of the University of California.  All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in the
+#    documentation and/or other materials provided with the distribution.
+# 3. All advertising materials mentioning features or use of this software
+#    must display the following acknowledgement:
+#	This product includes software developed by the University of
+#	California, Berkeley and its contributors.
+# 4. Neither the name of the University nor the names of its contributors
+#    may be used to endorse or promote products derived from this software
+#    without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+# ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+# SUCH DAMAGE.
+#
+
+divert(0)
+VERSIONID(`@(#)sinix.m4	8.1 (Berkeley) 12/14/96')
+define(`QUEUE_DIR', /usr/ucblib/mqueue)dnl
+define(`ALIAS_FILE', /usr/ucblib/aliases)dnl
+ifdef(`HELP_FILE',,`define(`HELP_FILE', /usr/ucblib/sendmail.hf)')dnl
+ifdef(`STATUS_FILE',,`define(`STATUS_FILE', /usr/ucblib/sendmail.st)')dnl
+define(`LOCAL_MAILER_PATH', `/usr/ucblib/mail.local')dnl
+define(`LOCAL_MAILER_FLAGS', `rmn9')dnl
+define(`LOCAL_SHELL_FLAGS', `ehuP')dnl
+define(`UUCP_MAILER_ARGS', `uux - -r -a$g -gmedium $h!rmail ($u)')dnl
diff --git a/usr.sbin/sendmail/doc/op/op.me b/usr.sbin/sendmail/doc/op/op.me
index 4237497..88b69ea 100644
--- a/usr.sbin/sendmail/doc/op/op.me
+++ b/usr.sbin/sendmail/doc/op/op.me
@@ -30,7 +30,7 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.\"	@(#)op.me	8.100 (Berkeley) 12/1/96
+.\"	@(#)op.me	8.103 (Berkeley) 12/13/96
 .\"
 .\" eqn op.me | pic | troff -me
 .eh 'SMM:08-%''Sendmail Installation and Operation Guide'
@@ -65,10 +65,9 @@
 .sp
 .r
 Eric Allman
-InReference, Inc.
 eric@Sendmail.ORG
 .sp
-Version 8.100
+Version 8.103
 .sp
 For Sendmail Version 8.8
 .)l
@@ -161,6 +160,12 @@ Several major changes were introduced in version 8.7.
 You should not attempt to use this document
 for prior versions of
 .i sendmail .
+.bp
+.rs
+.sp |4i
+.ce 2
+This page intentionally left blank;
+replace it with a blank sheet for double-sided output.
 .bp 7
 .sh 1 "BASIC INSTALLATION"
 .pp
@@ -2476,7 +2481,7 @@ When trying to open a connection
 the cache is first searched.
 If an open connection is found, it is probed to see if it is still active
 by sending a
-.sm NOOP
+.sm RSET
 command.
 It is not an error if this fails;
 instead, the connection is closed and reopened.
@@ -8134,6 +8139,15 @@ Temporary versions of the qf files,
 used during queue file rebuild.
 .ip /var/spool/mqueue/xf*
 A transcript of the current session.
+.if e \
+\{\
+.	bp
+.	rs
+.	sp |4i
+.	ce 2
+This page intentionally left blank;
+replace it with a blank sheet for double-sided output.
+.\}
 .\".ro
 .\".ls 1
 .\".tp
@@ -8148,16 +8162,9 @@ A transcript of the current session.
 .\".sp
 .\".sz 10
 .\"Eric Allman
-.\"InReference, Inc.
 .\".sp
-.\"Version 8.100
+.\"Version 8.103
 .\".ce 0
-.bp 2
-.rs
-.sp |4i
-.ce 2
-This page intentionally left blank;
-replace it with a blank sheet for double-sided output.
 .bp 3
 .ce
 .sz 12
diff --git a/usr.sbin/sendmail/src/READ_ME b/usr.sbin/sendmail/src/READ_ME
index 72e9a18..88fa68a 100644
--- a/usr.sbin/sendmail/src/READ_ME
+++ b/usr.sbin/sendmail/src/READ_ME
@@ -30,7 +30,7 @@
 # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 # SUCH DAMAGE.
 #
-#	@(#)READ_ME	8.132 (Berkeley) 12/1/96
+#	@(#)READ_ME	8.135 (Berkeley) 1/21/97
 #
 
 This directory contains the source files for sendmail.
@@ -529,9 +529,7 @@ HES_GETMAILHOST	Define this to 1 if you are using Hesiod with the
 XDEBUG		Do additional internal checking.  These don't cost too
 		much; you might as well leave this on.
 TCPWRAPPERS	Turns on support for the TCP wrappers library (-lwrap).
-		This library is available on ftp.win.tue.nl in /pub/security;
-		grab tcp_wrappers_<VER>.tar.gz (where <VER> is the highest
-		numbered version).
+		See below for further information.
 SECUREWARE	Enable calls to the SecureWare luid enabling/changing routines.
 		SecureWare is a C2 security package added to several UNIX's
 		(notably ConvexOS) to get a C2 Secure system.  This
@@ -787,6 +785,12 @@ Solaris 2.4 (SunOS 5.4)
 	>>
 	>> here, path 2 would be the first used.
 
+Solaris 2.6 (SunOS 5.6)
+	If you built sendmail 8.8.1 through 8.8.4 inclusive on a Solaris 2.5
+	system, that binary will not run on Solaris 2.6, due to problems with
+	incompatible snprintf(3s) calls.  This problem is fixed in sendmail
+	8.8.5.
+
 Ultrix
 	By default, the IDENT protocol is turned off on Ultrix.  If you
 	are running Ultrix 4.4 or later, or if you have included patch
@@ -803,7 +807,7 @@ Solaris 2.5.1 (SunOS 5.5.1)
 	   /usr/include/resolv.h:208: warning: `__P' redefined
 	   cdefs.h:58: warning: this is the location of the previous definition
 
-	If you are running with this patch, create a file in the
+	If you are running with this patch, create a resolv.h file in the
 	obj.SunOS.5.5.1.* directory that reads:
 
 	   #undef __P
@@ -1289,14 +1293,19 @@ LDAP
 	    send them along.
 
 TCP Wrappers
-	If you are using -DTCPWRAPPERS to get TCP Wrappers support, you will
-	also need to install libwrap.a (you can get it from ftp.win.tue.nl)
-	and modify the Makefile to include -lwrap in the LIBS line.
+	If you are using -DTCPWRAPPERS to get TCP Wrappers support you will
+	also need to install libwrap.a and modify the Makefile to include
+	-lwrap in the LIBS line (make sure that INCDIRS and LIBDIRS point
+	to where the tcpd.h and libwrap.a can be found).
+
+	TCP Wrappers is available on ftp.win.tue.nl in /pub/security;
+	grab tcp_wrappers_<VER>.tar.gz (where <VER> is the highest
+	numbered version).
 
 	If you have alternate MX sites for your site, be sure that all of
 	your MX sites reject the same set of hosts.  If not, a bad guy whom
 	you reject will connect to your site, fail, and move on to the next
-	MX site, which will accept the mail for your and forward it on to you.
+	MX site, which will accept the mail for you and forward it on to you.
 
 
 +--------------+
@@ -1398,4 +1407,4 @@ version.c	The version number and information about this
 
 Eric Allman
 
-(Version 8.132, last update 12/1/96 09:34:37)
+(Version 8.135, last update 1/21/97 07:47:02)
diff --git a/usr.sbin/sendmail/src/alias.c b/usr.sbin/sendmail/src/alias.c
index 95de1ee..b09a85d 100644
--- a/usr.sbin/sendmail/src/alias.c
+++ b/usr.sbin/sendmail/src/alias.c
@@ -35,7 +35,7 @@
 # include "sendmail.h"
 
 #ifndef lint
-static char sccsid[] = "@(#)alias.c	8.66 (Berkeley) 9/20/96";
+static char sccsid[] = "@(#)alias.c	8.67 (Berkeley) 1/18/97";
 #endif /* not lint */
 
 
@@ -601,11 +601,24 @@ readaliases(map, af, announcestats, logstats)
 	while (fgets(line, sizeof (line), af) != NULL)
 	{
 		int lhssize, rhssize;
+		int c;
 
 		LineNumber++;
 		p = strchr(line, '\n');
 		if (p != NULL)
 			*p = '\0';
+		else if (!feof(af))
+		{
+			syserr("554 alias line too long");
+
+			/* flush to end of line */
+			while ((c = getc(af)) != EOF && c != '\n')
+				continue;
+
+			/* skip any continuation lines */
+			skipping = TRUE;
+			continue;
+		}
 		switch (line[0])
 		{
 		  case '#':
@@ -655,7 +668,6 @@ readaliases(map, af, announcestats, logstats)
 		rhs = p;
 		for (;;)
 		{
-			register char c;
 			register char *nlp;
 
 			nlp = &p[strlen(p)];
@@ -698,12 +710,19 @@ readaliases(map, af, announcestats, logstats)
 			LineNumber++;
 
 			/* check for line overflow */
-			if (strchr(p, '\n') == NULL)
+			if (strchr(p, '\n') == NULL && !feof(af))
 			{
 				usrerr("554 alias too long");
+				while ((c = fgetc(af)) != EOF && c != '\n')
+					continue;
+				skipping = TRUE;
 				break;
 			}
 		}
+
+		if (skipping)
+			continue;
+
 		if (!bitnset(M_ALIASABLE, al.q_mailer->m_flags))
 		{
 			syserr("554 %s... cannot alias non-local names",
diff --git a/usr.sbin/sendmail/src/clock.c b/usr.sbin/sendmail/src/clock.c
index 281ee60..5639f44 100644
--- a/usr.sbin/sendmail/src/clock.c
+++ b/usr.sbin/sendmail/src/clock.c
@@ -33,7 +33,7 @@
  */
 
 #ifndef lint
-static char sccsid[] = "@(#)clock.c	8.16 (Berkeley) 11/27/96";
+static char sccsid[] = "@(#)clock.c	8.18 (Berkeley) 12/31/96";
 #endif /* not lint */
 
 # include "sendmail.h"
@@ -60,7 +60,7 @@ static char sccsid[] = "@(#)clock.c	8.16 (Berkeley) 11/27/96";
 **		none.
 */
 
-static void tick __P((int));
+static SIGFUNC_DECL tick __P((int));
 
 EVENT *
 setevent(intvl, func, arg)
@@ -161,7 +161,7 @@ clrevent(ev)
 **		calls the next function in EventQueue.
 */
 
-static void
+static SIGFUNC_DECL
 tick(arg)
 	int arg;
 {
@@ -169,9 +169,6 @@ tick(arg)
 	register EVENT *ev;
 	int mypid = getpid();
 	int olderrno = errno;
-#ifdef SIG_UNBLOCK
-	sigset_t ss;
-#endif
 
 	(void) setsignal(SIGALRM, SIG_IGN);
 	(void) alarm(0);
@@ -224,6 +221,7 @@ tick(arg)
 	if (EventQueue != NULL)
 		(void) alarm((unsigned) (EventQueue->ev_time - now));
 	errno = olderrno;
+	return SIGFUNC_RETURN;
 }
 /*
 **  SLEEP -- a version of sleep that works with this stuff
diff --git a/usr.sbin/sendmail/src/envelope.c b/usr.sbin/sendmail/src/envelope.c
index 6781522..c5e98f7e 100644
--- a/usr.sbin/sendmail/src/envelope.c
+++ b/usr.sbin/sendmail/src/envelope.c
@@ -33,7 +33,7 @@
  */
 
 #ifndef lint
-static char sccsid[] = "@(#)envelope.c	8.99 (Berkeley) 12/1/96";
+static char sccsid[] = "@(#)envelope.c	8.101 (Berkeley) 12/16/96";
 #endif /* not lint */
 
 #include "sendmail.h"
@@ -275,11 +275,14 @@ dropenvelope(e, fulldrop)
 
 	if (bitset(EF_FATALERRS, e->e_flags) && !failure_return)
 	{
-		failure_return = TRUE;
 		for (q = e->e_sendqueue; q != NULL; q = q->q_next)
 		{
-			if (!bitset(QDONTSEND, q->q_flags))
+			if (!bitset(QDONTSEND, q->q_flags) &&
+			    bitset(QPINGONFAILURE, q->q_flags))
+			{
+				failure_return = TRUE;
 				q->q_flags |= QBADADDR;
+			}
 		}
 	}
 
@@ -640,6 +643,8 @@ closexscript(e)
 **		e -- the envelope in which we would like the sender set.
 **		delimptr -- if non-NULL, set to the location of the
 **			trailing delimiter.
+**		delimchar -- the character that will delimit the sender
+**			address.
 **		internal -- set if this address is coming from an internal
 **			source such as an owner alias.
 **
@@ -651,16 +656,16 @@ closexscript(e)
 */
 
 void
-setsender(from, e, delimptr, internal)
+setsender(from, e, delimptr, delimchar, internal)
 	char *from;
 	register ENVELOPE *e;
 	char **delimptr;
+	int delimchar;
 	bool internal;
 {
 	register char **pvp;
 	char *realname = NULL;
 	register struct passwd *pw;
-	char delimchar;
 	char *bp;
 	char buf[MAXNAME + 2];
 	char pvpbuf[PSBUFSIZE];
@@ -683,7 +688,6 @@ setsender(from, e, delimptr, internal)
 	if (ConfigLevel < 2)
 		SuprErrs = TRUE;
 
-	delimchar = internal ? '\0' : ' ';
 	e->e_from.q_flags = QBADADDR;
 	if (from == NULL ||
 	    parseaddr(from, &e->e_from, RF_COPYALL|RF_SENDERADDR,
diff --git a/usr.sbin/sendmail/src/map.c b/usr.sbin/sendmail/src/map.c
index 1b0f086..3d40d62 100644
--- a/usr.sbin/sendmail/src/map.c
+++ b/usr.sbin/sendmail/src/map.c
@@ -33,7 +33,7 @@
  */
 
 #ifndef lint
-static char sccsid[] = "@(#)map.c	8.146 (Berkeley) 11/24/96";
+static char sccsid[] = "@(#)map.c	8.147 (Berkeley) 1/17/97";
 #endif /* not lint */
 
 #include "sendmail.h"
@@ -1610,7 +1610,8 @@ nis_getcanonname(name, hbsize, statp)
 
 #ifdef NISPLUS
 
-#undef NIS /* symbol conflict in nis.h */
+#undef NIS		/* symbol conflict in nis.h */
+#undef T_UNSPEC		/* symbol conflict in nis.h -> ... -> sys/tiuser.h */
 #include <rpcsvc/nis.h>
 #include <rpcsvc/nislib.h>
 
diff --git a/usr.sbin/sendmail/src/queue.c b/usr.sbin/sendmail/src/queue.c
index 5d00b9f..2afa73d 100644
--- a/usr.sbin/sendmail/src/queue.c
+++ b/usr.sbin/sendmail/src/queue.c
@@ -36,9 +36,9 @@
 
 #ifndef lint
 #if QUEUE
-static char sccsid[] = "@(#)queue.c	8.145 (Berkeley) 12/2/96 (with queueing)";
+static char sccsid[] = "@(#)queue.c	8.153 (Berkeley) 1/14/97 (with queueing)";
 #else
-static char sccsid[] = "@(#)queue.c	8.145 (Berkeley) 12/2/96 (without queueing)";
+static char sccsid[] = "@(#)queue.c	8.153 (Berkeley) 1/14/97 (without queueing)";
 #endif
 #endif /* not lint */
 
@@ -68,10 +68,6 @@ WORK	*WorkQ;			/* queue of things to be done */
 
 #define QF_VERSION	2	/* version number of this queue format */
 
-#if !defined(NGROUPS_MAX) && defined(NGROUPS)
-# define NGROUPS_MAX	NGROUPS	/* POSIX naming convention */
-#endif
-
 extern int orderq __P((bool));
 /*
 **  QUEUEUP -- queue a message up for future transmission.
@@ -553,6 +549,7 @@ runqueue(forkflag, verbose)
 	extern ENVELOPE BlankEnvelope;
 	extern void clrdaemon __P((void));
 	extern void runqueueevent __P((bool));
+	extern void drop_privileges __P((void));
 
 	/*
 	**  If no work will ever be selected, don't even bother reading
@@ -561,7 +558,7 @@ runqueue(forkflag, verbose)
 
 	CurrentLA = getla();	/* get load average */
 
-	if (shouldqueue(0L, curtime()))
+	if (CurrentLA >= QueueLA)
 	{
 		char *msg = "Skipping queue run -- load average too high";
 
@@ -583,9 +580,9 @@ runqueue(forkflag, verbose)
 	if (forkflag)
 	{
 		pid_t pid;
-		extern void intsig();
+		extern SIGFUNC_DECL intsig __P((int));
 #ifdef SIGCHLD
-		extern void reapchild();
+		extern SIGFUNC_DECL reapchild __P((int));
 
 		blocksignal(SIGCHLD);
 		(void) setsignal(SIGCHLD, reapchild);
@@ -633,7 +630,6 @@ runqueue(forkflag, verbose)
 		(void) setsignal(SIGCHLD, SIG_DFL);
 #endif /* SIGCHLD */
 		(void) setsignal(SIGHUP, intsig);
-		Verbose = FALSE;
 	}
 
 	setproctitle("running queue: %s", QueueDir);
@@ -657,12 +653,7 @@ runqueue(forkflag, verbose)
 
 	/* drop privileges */
 	if (geteuid() == (uid_t) 0)
-	{
-		if (RunAsGid != (gid_t) 0)
-			(void) setgid(RunAsGid);
-		if (RunAsUid != (uid_t) 0)
-			(void) setuid(RunAsUid);
-	}
+		drop_privileges();
 
 	/*
 	**  Create ourselves an envelope
@@ -672,6 +663,10 @@ runqueue(forkflag, verbose)
 	e = newenvelope(&QueueEnvelope, CurEnv);
 	e->e_flags = BlankEnvelope.e_flags;
 
+	/* make sure we have disconnected from parent */
+	if (forkflag)
+		disconnect(1, e);
+
 	/*
 	**  Make sure the alias database is open.
 	*/
@@ -1569,12 +1564,13 @@ readqf(e)
 		{
 		  case 'V':		/* queue file version number */
 			qfver = atoi(&bp[1]);
-			if (qfver > QF_VERSION)
-			{
-				syserr("Version number in qf (%d) greater than max (%d)",
-					qfver, QF_VERSION);
-			}
-			break;
+			if (qfver <= QF_VERSION)
+				break;
+			syserr("Version number in qf (%d) greater than max (%d)",
+				qfver, QF_VERSION);
+			fclose(qfp);
+			loseqfile(e, "unsupported qf file version");
+			return FALSE;
 
 		  case 'C':		/* specify controlling user */
 			ctladdr = setctluser(&bp[1], qfver);
@@ -1645,7 +1641,7 @@ readqf(e)
 			break;
 
 		  case 'S':		/* sender */
-			setsender(newstr(&bp[1]), e, NULL, TRUE);
+			setsender(newstr(&bp[1]), e, NULL, '\0', TRUE);
 			break;
 
 		  case 'B':		/* body type */
diff --git a/usr.sbin/sendmail/src/version.c b/usr.sbin/sendmail/src/version.c
index 617e11a..a6b4f16 100644
--- a/usr.sbin/sendmail/src/version.c
+++ b/usr.sbin/sendmail/src/version.c
@@ -33,7 +33,7 @@
  */
 
 #ifndef lint
-static char sccsid[] = "@(#)version.c	8.8.4.4 (Berkeley) 12/2/96";
+static char sccsid[] = "@(#)version.c	8.8.5.3 (Berkeley) 1/21/97";
 #endif /* not lint */
 
-char	Version[] = "8.8.4";
+char	Version[] = "8.8.5";