summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--usr.sbin/sendmail/RELEASE_NOTES39
-rw-r--r--usr.sbin/sendmail/makemap/makemap.c8
-rw-r--r--usr.sbin/sendmail/src/READ_ME15
-rw-r--r--usr.sbin/sendmail/src/conf.c16
-rw-r--r--usr.sbin/sendmail/src/daemon.c33
-rw-r--r--usr.sbin/sendmail/src/deliver.c35
-rw-r--r--usr.sbin/sendmail/src/domain.c5
-rw-r--r--usr.sbin/sendmail/src/envelope.c4
-rw-r--r--usr.sbin/sendmail/src/main.c21
-rw-r--r--usr.sbin/sendmail/src/queue.c20
-rw-r--r--usr.sbin/sendmail/src/recipient.c4
-rw-r--r--usr.sbin/sendmail/src/sendmail.h6
-rw-r--r--usr.sbin/sendmail/src/util.c25
-rw-r--r--usr.sbin/sendmail/src/version.c4
14 files changed, 178 insertions, 57 deletions
diff --git a/usr.sbin/sendmail/RELEASE_NOTES b/usr.sbin/sendmail/RELEASE_NOTES
index 2dc5116..1205776 100644
--- a/usr.sbin/sendmail/RELEASE_NOTES
+++ b/usr.sbin/sendmail/RELEASE_NOTES
@@ -1,10 +1,45 @@
SENDMAIL RELEASE NOTES
- @(#)RELEASE_NOTES 8.6.10.2 (Berkeley) 2/10/95
+ @(#)RELEASE_NOTES 8.6.11.1 (Berkeley) 3/8/95
This listing shows the version of the sendmail binary, the version
of the sendmail configuration files, the date of release, and a
summary of the changes in that release.
+8.6.11/8.6.11 95/03/08
+ The ``possible attack'' message would be logged more often
+ than necessary if you are using Pine as a user agent.
+ The wrong host would be reported in the ``possible attack''
+ message when attempted from IDENT.
+ In some cases the syslog buffer could be overflowed when
+ reporting the ``possible attack'' message. This can
+ cause denial of service attacks. Truncate the message
+ to 80 characters to prevent this problem.
+ When reading the IDENT response a loop is needed around the
+ read from the network to ensure that you don't get
+ partial lines.
+ Password entries without any shell listed (that is, a null
+ shell) wouldn't match as "ok". Problem noted by
+ Rob McMahon.
+ When running BIND 4.9.x a problem could occur because the
+ _res.options field is initialized differently than it
+ was historically -- this requires that sendmail call
+ res_init before it tweaks any bits.
+ Fix an incompatibility in openxscript() between the file open mode
+ and the stdio mode passed to fdopen. This caused UnixWare
+ 2.0 to have conniptions. Fix from Martin Sohnius of
+ Novell Labs Europe.
+ Fix problem with static linking of local getopt routine when
+ using GNU's ld command. Fix from John Kennedy of
+ Cal State Chico.
+ It was possible to turn off privacy flags. Problem noted by
+ *Hobbit*.
+ Be more paranoid about writing files. Suggestions by *Hobbit*
+ and Liudvikas Bukys.
+ MAKEMAP: fixes for 64 bit machines (DEC Alphas in particular)
+ from Spider Boardman.
+ CONFIG: No changes (version number only, to keep it in sync
+ with the binaries).
+
8.6.10/8.6.10 95/02/10
SECURITY: Diagnose bogus values to some command line flags that
could allow trash to get into headers and qf files.
@@ -46,6 +81,8 @@ summary of the changes in that release.
some cases, buffers could get trashed by map lookups
causing it to do unexpected things. This also simplifies
some of the map code.
+ CONFIG: No changes (version number only, to keep it in sync
+ with the binaries).
8.6.9/8.6.9 94/04/19
Do all mail delivery completely disconnected from any terminal.
diff --git a/usr.sbin/sendmail/makemap/makemap.c b/usr.sbin/sendmail/makemap/makemap.c
index f2d4aea..a676cd7 100644
--- a/usr.sbin/sendmail/makemap/makemap.c
+++ b/usr.sbin/sendmail/makemap/makemap.c
@@ -33,7 +33,7 @@
*/
#ifndef lint
-static char sccsid[] = "@(#)makemap.c 8.6 (Berkeley) 11/22/93";
+static char sccsid[] = "@(#)makemap.c 8.6.1.1 (Berkeley) 3/6/95";
#endif /* not lint */
#include <stdio.h>
@@ -66,7 +66,7 @@ union dbent
struct
{
char *data;
- int size;
+ size_t size;
} xx;
};
@@ -226,10 +226,14 @@ main(argc, argv)
#ifdef NEWDB
case T_HASH:
dbp.db = dbopen(mapname, mode, 0644, DB_HASH, NULL);
+ if (dbp.db != NULL)
+ (void) (*dbp.db->sync)(dbp.db, 0);
break;
case T_BTREE:
dbp.db = dbopen(mapname, mode, 0644, DB_BTREE, NULL);
+ if (dbp.db != NULL)
+ (void) (*dbp.db->sync)(dbp.db, 0);
break;
#endif
diff --git a/usr.sbin/sendmail/src/READ_ME b/usr.sbin/sendmail/src/READ_ME
index cc0b419..ace0d3a 100644
--- a/usr.sbin/sendmail/src/READ_ME
+++ b/usr.sbin/sendmail/src/READ_ME
@@ -30,7 +30,7 @@
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
#
-# @(#)READ_ME 8.61 (Berkeley) 4/17/94
+# @(#)READ_ME 8.61.1.1 (Berkeley) 3/5/95
#
This directory contains the source files for sendmail.
@@ -666,6 +666,17 @@ Linux
the flock() system call gives errors. If you are running .14,
you must not use flock. You can do this with -DHASFLOCK=0.
+ Around the inclusion of bind-4.9.3 & linux libc-4.6.20, the
+ initialization of the _res structure changed. If /etc/hosts.conf
+ was configured as "hosts, bind" the resolver code could return
+ "Name server failure" errors. This is supposedly fixed in
+ later versions of libc (>= 4.6.29?), and later versions of
+ sendmail (> 8.6.10) try to work around the problem.
+
+ Some older versions (< 4.6.20?) of the libc/include files conflict
+ with sendmail's version of cdefs.h. Deleting sendmail's version
+ on those systems should be non-harmful, and new versions don't care.
+
AIX
This version of sendmail does not support MB, MG, and MR resource
records, which are supported by AIX sendmail.
@@ -869,4 +880,4 @@ version.c The version number and information about this
Eric Allman
-(Version 8.61, last update 4/17/94 07:05:32)
+(Version 8.61.1.1, last update 3/5/95 12:52:16)
diff --git a/usr.sbin/sendmail/src/conf.c b/usr.sbin/sendmail/src/conf.c
index 4ac109a..702203c 100644
--- a/usr.sbin/sendmail/src/conf.c
+++ b/usr.sbin/sendmail/src/conf.c
@@ -33,7 +33,7 @@
*/
#ifndef lint
-static char sccsid[] = "@(#)conf.c 8.89 (Berkeley) 4/18/94";
+static char sccsid[] = "@(#)conf.c 8.89.1.3 (Berkeley) 3/7/95";
#endif /* not lint */
# include "sendmail.h"
@@ -917,7 +917,7 @@ getla()
/* Non Apollo stuff removed by Don Lewis 11/15/93 */
#ifndef lint
-static char rcsid[] = "@(#)$Id: getloadavg.c,v 1.16 1991/06/21 12:51:15 paul Exp $";
+static char rcsid[] = "@(#)$Id: conf.c,v 1.1.1.1 1994/05/26 05:23:10 rgrimes Exp $";
#endif /* !lint */
#ifdef apollo
@@ -1402,8 +1402,8 @@ extern int optind, opterr;
int opterr = 1; /* if error message should be printed */
int optind = 1; /* index into parent argv vector */
#endif
-int optopt; /* character checked for validity */
-char *optarg; /* argument associated with option */
+int optopt = 0; /* character checked for validity */
+char *optarg = NULL; /* argument associated with option */
#define BADCH (int)'?'
#define EMSG ""
@@ -1543,6 +1543,9 @@ usershellok(shell)
register char *p;
extern char *getusershell();
+ if (shell == NULL || shell[0] == '\0')
+ return TRUE;
+
setusershell();
while ((p = getusershell()) != NULL)
if (strcmp(p, shell) == 0 || strcmp(p, WILDCARD_SHELL) == 0)
@@ -1553,6 +1556,9 @@ usershellok(shell)
register FILE *shellf;
char buf[MAXLINE];
+ if (shell == NULL || shell[0] == '\0')
+ return TRUE;
+
shellf = fopen(_PATH_SHELLS, "r");
if (shellf == NULL)
{
@@ -2191,6 +2197,8 @@ strtol(nptr, endptr, base)
#ifdef SOLARIS
+extern int h_errno;
+
struct hostent *
solaris_gethostbyname(name)
const char *name;
diff --git a/usr.sbin/sendmail/src/daemon.c b/usr.sbin/sendmail/src/daemon.c
index fe1070b..1b58da4 100644
--- a/usr.sbin/sendmail/src/daemon.c
+++ b/usr.sbin/sendmail/src/daemon.c
@@ -37,9 +37,9 @@
#ifndef lint
#ifdef DAEMON
-static char sccsid[] = "@(#)daemon.c 8.48.1.2 (Berkeley) 2/9/95 (with daemon mode)";
+static char sccsid[] = "@(#)daemon.c 8.48.1.4 (Berkeley) 2/28/95 (with daemon mode)";
#else
-static char sccsid[] = "@(#)daemon.c 8.48.1.2 (Berkeley) 2/9/95 (without daemon mode)";
+static char sccsid[] = "@(#)daemon.c 8.48.1.4 (Berkeley) 2/28/95 (without daemon mode)";
#endif
#endif /* not lint */
@@ -995,6 +995,8 @@ getauthinfo(fd)
int s;
int i;
EVENT *ev;
+ int nleft;
+ char ibuf[MAXNAME + 1];
#endif
static char hbuf[MAXNAME * 2 + 2];
extern char *hostnamebyanyaddr();
@@ -1030,7 +1032,7 @@ getauthinfo(fd)
}
/* create ident query */
- (void) sprintf(hbuf, "%d,%d\r\n",
+ (void) sprintf(ibuf, "%d,%d\r\n",
ntohs(RealHostAddr.sin.sin_port), ntohs(la.sin.sin_port));
/* create local address */
@@ -1068,27 +1070,34 @@ getauthinfo(fd)
}
if (tTd(9, 10))
- printf("getauthinfo: sent %s", hbuf);
+ printf("getauthinfo: sent %s", ibuf);
/* send query */
- if (write(s, hbuf, strlen(hbuf)) < 0)
+ if (write(s, ibuf, strlen(ibuf)) < 0)
goto closeident;
/* get result */
- i = read(s, hbuf, sizeof hbuf);
+ p = &ibuf[0];
+ nleft = sizeof(ibuf - 1);
+ while ((i = read(s, p, nleft)) > 0)
+ {
+ p += i;
+ nleft -= i;
+ }
(void) close(s);
clrevent(ev);
- if (i <= 0)
+ if (i < 0 || p == &ibuf[0])
goto noident;
- if (hbuf[--i] == '\n' && hbuf[--i] == '\r')
- i--;
- hbuf[++i] = '\0';
+
+ if (*--p == '\n' && *--p == '\r')
+ p--;
+ *++p = '\0';
if (tTd(9, 3))
- printf("getauthinfo: got %s\n", hbuf);
+ printf("getauthinfo: got %s\n", ibuf);
/* parse result */
- p = strchr(hbuf, ':');
+ p = strchr(ibuf, ':');
if (p == NULL)
{
/* malformed response */
diff --git a/usr.sbin/sendmail/src/deliver.c b/usr.sbin/sendmail/src/deliver.c
index 06dd9b2..89286ff 100644
--- a/usr.sbin/sendmail/src/deliver.c
+++ b/usr.sbin/sendmail/src/deliver.c
@@ -33,7 +33,7 @@
*/
#ifndef lint
-static char sccsid[] = "@(#)deliver.c 8.84.1.1 (Berkeley) 2/10/95";
+static char sccsid[] = "@(#)deliver.c 8.84.1.3 (Berkeley) 3/5/95";
#endif /* not lint */
#include "sendmail.h"
@@ -1181,6 +1181,12 @@ tryhost:
extern char **environ;
extern int DtableSize;
+ if (e->e_lockfp != NULL)
+ {
+ fclose(e->e_lockfp);
+ e->e_lockfp = NULL;
+ }
+
/* child -- set up input & exec mailer */
(void) setsignal(SIGINT, SIG_IGN);
(void) setsignal(SIGHUP, SIG_IGN);
@@ -2176,7 +2182,15 @@ mailfile(filename, ctladdr, e)
{
/* child -- actually write to file */
struct stat stb;
+ struct stat fsb;
MCI mcibuf;
+ int oflags = O_WRONLY|O_APPEND;
+
+ if (e->e_lockfp != NULL)
+ {
+ fclose(e->e_lockfp);
+ e->e_lockfp = NULL;
+ }
(void) setsignal(SIGINT, SIG_DFL);
(void) setsignal(SIGHUP, SIG_DFL);
@@ -2184,15 +2198,18 @@ mailfile(filename, ctladdr, e)
(void) umask(OldUmask);
if (stat(filename, &stb) < 0)
+ {
stb.st_mode = FileMode;
+ oflags |= O_CREAT|O_EXCL;
+ }
+ else if (bitset(0111, stb.st_mode))
+ exit(EX_CANTCREAT);
mode = stb.st_mode;
/* limit the errors to those actually caused in the child */
errno = 0;
ExitStat = EX_OK;
- if (bitset(0111, stb.st_mode))
- exit(EX_CANTCREAT);
if (ctladdr != NULL)
{
/* ignore setuid and setgid bits */
@@ -2232,12 +2249,22 @@ mailfile(filename, ctladdr, e)
}
FileName = filename;
LineNumber = 0;
- f = dfopen(filename, O_WRONLY|O_CREAT|O_APPEND, FileMode);
+ f = dfopen(filename, oflags, FileMode);
if (f == NULL)
{
message("554 cannot open: %s", errstring(errno));
exit(EX_CANTCREAT);
}
+ if (fstat(fileno(f), &fsb) < 0 ||
+ !bitset(O_CREAT, oflags) &&
+ (stb.st_nlink != fsb.st_nlink ||
+ stb.st_dev != fsb.st_dev ||
+ stb.st_ino != fsb.st_ino ||
+ stb.st_uid != fsb.st_uid))
+ {
+ message("554 cannot write: file changed after open");
+ exit(EX_CANTCREAT);
+ }
bzero(&mcibuf, sizeof mcibuf);
mcibuf.mci_mailer = FileMailer;
diff --git a/usr.sbin/sendmail/src/domain.c b/usr.sbin/sendmail/src/domain.c
index 48109fe..5e6b180 100644
--- a/usr.sbin/sendmail/src/domain.c
+++ b/usr.sbin/sendmail/src/domain.c
@@ -36,9 +36,9 @@
#ifndef lint
#if NAMED_BIND
-static char sccsid[] = "@(#)domain.c 8.19 (Berkeley) 3/11/94 (with name server)";
+static char sccsid[] = "@(#)domain.c 8.19.1.1 (Berkeley) 3/6/95 (with name server)";
#else
-static char sccsid[] = "@(#)domain.c 8.19 (Berkeley) 3/11/94 (without name server)";
+static char sccsid[] = "@(#)domain.c 8.19.1.1 (Berkeley) 3/6/95 (without name server)";
#endif
#endif /* not lint */
@@ -709,6 +709,7 @@ gethostalias(host)
fname = getenv("HOSTALIASES");
if (fname == NULL || (fp = fopen(fname, "r")) == NULL)
return NULL;
+ setbuf(fp, NULL);
while (fgets(buf, sizeof buf, fp) != NULL)
{
for (p = buf; p != '\0' && !(isascii(*p) && isspace(*p)); p++)
diff --git a/usr.sbin/sendmail/src/envelope.c b/usr.sbin/sendmail/src/envelope.c
index 3a2314c..e8bb1e4 100644
--- a/usr.sbin/sendmail/src/envelope.c
+++ b/usr.sbin/sendmail/src/envelope.c
@@ -33,7 +33,7 @@
*/
#ifndef lint
-static char sccsid[] = "@(#)envelope.c 8.34 (Berkeley) 4/14/94";
+static char sccsid[] = "@(#)envelope.c 8.34.1.1 (Berkeley) 2/28/95";
#endif /* not lint */
#include "sendmail.h"
@@ -489,7 +489,7 @@ openxscript(e)
if (fd < 0)
syserr("!Can't open /dev/null");
}
- e->e_xfp = fdopen(fd, "w");
+ e->e_xfp = fdopen(fd, "a");
if (e->e_xfp == NULL)
{
syserr("!Can't create transcript stream %s", p);
diff --git a/usr.sbin/sendmail/src/main.c b/usr.sbin/sendmail/src/main.c
index d7923ea..a0253a2 100644
--- a/usr.sbin/sendmail/src/main.c
+++ b/usr.sbin/sendmail/src/main.c
@@ -39,7 +39,7 @@ static char copyright[] =
#endif /* not lint */
#ifndef lint
-static char sccsid[] = "@(#)main.c 8.55.1.3 (Berkeley) 2/10/95";
+static char sccsid[] = "@(#)main.c 8.55.1.7 (Berkeley) 3/5/95";
#endif /* not lint */
#define _DEFINE
@@ -293,7 +293,7 @@ main(argc, argv, envp)
for (i = j = 0; j < MAXUSERENVIRON && (p = envp[i]) != NULL; i++)
{
- if (strncmp(p, "FS=", 3) == 0 || strncmp(p, "LD_", 3) == 0)
+ if (strncmp(p, "IFS=", 4) == 0 || strncmp(p, "LD_", 3) == 0)
continue;
UserEnviron[j++] = newstr(p);
}
@@ -324,7 +324,10 @@ main(argc, argv, envp)
#if NAMED_BIND
if (tTd(8, 8))
+ {
+ res_init();
_res.options |= RES_DEBUG;
+ }
#endif
errno = 0;
@@ -490,7 +493,7 @@ main(argc, argv, envp)
ExitStat = EX_USAGE;
break;
}
- from = newstr(denlstring(optarg));
+ from = newstr(denlstring(optarg, TRUE, TRUE));
if (strcmp(RealUserName, from) != 0)
warn_f_flag = j;
break;
@@ -571,6 +574,7 @@ main(argc, argv, envp)
break;
case 'X': /* traffic log file */
+ setgid(RealGid);
setuid(RealUid);
TrafficLogFile = fopen(optarg, "a");
if (TrafficLogFile == NULL)
@@ -654,6 +658,15 @@ main(argc, argv, envp)
}
/*
+ ** Initialize name server if it is going to be used.
+ */
+
+#if NAMED_BIND
+ if (!bitset(RES_INIT, _res.options))
+ res_init();
+#endif
+
+ /*
** Process authorization warnings from command line.
*/
@@ -730,7 +743,7 @@ main(argc, argv, envp)
/* full names can't have newlines */
if (FullName != NULL && strchr(FullName, '\n') != NULL)
- FullName = newstr(denlstring(FullName));
+ FullName = newstr(denlstring(FullName, TRUE, TRUE));
/* do heuristic mode adjustment */
if (Verbose)
diff --git a/usr.sbin/sendmail/src/queue.c b/usr.sbin/sendmail/src/queue.c
index 897396a..1dc56a6 100644
--- a/usr.sbin/sendmail/src/queue.c
+++ b/usr.sbin/sendmail/src/queue.c
@@ -36,9 +36,9 @@
#ifndef lint
#ifdef QUEUE
-static char sccsid[] = "@(#)queue.c 8.41.1.1 (Berkeley) 2/10/95 (with queueing)";
+static char sccsid[] = "@(#)queue.c 8.41.1.3 (Berkeley) 3/5/95 (with queueing)";
#else
-static char sccsid[] = "@(#)queue.c 8.41.1.1 (Berkeley) 2/10/95 (without queueing)";
+static char sccsid[] = "@(#)queue.c 8.41.1.3 (Berkeley) 3/5/95 (without queueing)";
#endif
#endif /* not lint */
@@ -210,7 +210,7 @@ queueup(e, queueall, announce)
/* message from envelope, if it exists */
if (e->e_message != NULL)
- fprintf(tfp, "M%s\n", denlstring(e->e_message));
+ fprintf(tfp, "M%s\n", denlstring(e->e_message, TRUE, FALSE));
/* send various flag bits through */
p = buf;
@@ -224,14 +224,14 @@ queueup(e, queueall, announce)
/* $r and $s and $_ macro values */
if ((p = macvalue('r', e)) != NULL)
- fprintf(tfp, "$r%s\n", denlstring(p));
+ fprintf(tfp, "$r%s\n", denlstring(p, TRUE, FALSE));
if ((p = macvalue('s', e)) != NULL)
- fprintf(tfp, "$s%s\n", denlstring(p));
+ fprintf(tfp, "$s%s\n", denlstring(p, TRUE, FALSE));
if ((p = macvalue('_', e)) != NULL)
- fprintf(tfp, "$_%s\n", denlstring(p));
+ fprintf(tfp, "$_%s\n", denlstring(p, TRUE, FALSE));
/* output name of sender */
- fprintf(tfp, "S%s\n", denlstring(e->e_from.q_paddr));
+ fprintf(tfp, "S%s\n", denlstring(e->e_from.q_paddr, TRUE, FALSE));
/* output list of error recipients */
printctladdr(NULL, NULL);
@@ -240,7 +240,7 @@ queueup(e, queueall, announce)
if (!bitset(QDONTSEND|QBADADDR, q->q_flags))
{
printctladdr(q, tfp);
- fprintf(tfp, "E%s\n", denlstring(q->q_paddr));
+ fprintf(tfp, "E%s\n", denlstring(q->q_paddr, TRUE, FALSE));
}
}
@@ -251,7 +251,7 @@ queueup(e, queueall, announce)
(queueall && !bitset(QDONTSEND|QBADADDR|QSENT, q->q_flags)))
{
printctladdr(q, tfp);
- fprintf(tfp, "R%s\n", denlstring(q->q_paddr));
+ fprintf(tfp, "R%s\n", denlstring(q->q_paddr, TRUE, FALSE));
if (announce)
{
e->e_to = q->q_paddr;
@@ -427,7 +427,7 @@ printctladdr(a, tfp)
else
uname = pw->pw_name;
- fprintf(tfp, "C%s:%s\n", uname, denlstring(a->q_paddr));
+ fprintf(tfp, "C%s:%s\n", uname, denlstring(a->q_paddr, TRUE, FALSE));
}
/*
diff --git a/usr.sbin/sendmail/src/recipient.c b/usr.sbin/sendmail/src/recipient.c
index 0820e60..a43cf5c 100644
--- a/usr.sbin/sendmail/src/recipient.c
+++ b/usr.sbin/sendmail/src/recipient.c
@@ -33,7 +33,7 @@
*/
#ifndef lint
-static char sccsid[] = "@(#)recipient.c 8.44.1.4 (Berkeley) 2/20/95";
+static char sccsid[] = "@(#)recipient.c 8.44.1.6 (Berkeley) 3/5/95";
#endif /* not lint */
# include "sendmail.h"
@@ -111,7 +111,7 @@ sendtolist(list, ctladdr, sendq, e)
bufp = buf;
else
bufp = xalloc(i);
- strcpy(bufp, denlstring(list));
+ strcpy(bufp, denlstring(list, FALSE, TRUE));
for (p = bufp; *p != '\0'; )
{
diff --git a/usr.sbin/sendmail/src/sendmail.h b/usr.sbin/sendmail/src/sendmail.h
index 0139f0e..4fc1ef7 100644
--- a/usr.sbin/sendmail/src/sendmail.h
+++ b/usr.sbin/sendmail/src/sendmail.h
@@ -31,7 +31,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * @(#)sendmail.h 8.43.1.1 (Berkeley) 2/10/95
+ * @(#)sendmail.h 8.43.1.3 (Berkeley) 3/5/95
*/
/*
@@ -41,7 +41,7 @@
# ifdef _DEFINE
# define EXTERN
# ifndef lint
-static char SmailSccsId[] = "@(#)sendmail.h 8.43.1.1 2/10/95";
+static char SmailSccsId[] = "@(#)sendmail.h 8.43.1.3 3/5/95";
# endif
# else /* _DEFINE */
# define EXTERN extern
@@ -956,7 +956,7 @@ extern sigfunc_t setsignal __P((int, sigfunc_t));
extern char *shortenstring __P((char *, int));
extern bool usershellok __P((char *));
extern void commaize __P((HDR *, char *, int, MCI *, ENVELOPE *));
-extern char *denlstring __P((char *));
+extern char *denlstring __P((char *, int, int));
/* ellipsis is a different case though */
#ifdef __STDC__
diff --git a/usr.sbin/sendmail/src/util.c b/usr.sbin/sendmail/src/util.c
index 0e68673..3f6e182 100644
--- a/usr.sbin/sendmail/src/util.c
+++ b/usr.sbin/sendmail/src/util.c
@@ -33,7 +33,7 @@
*/
#ifndef lint
-static char sccsid[] = "@(#)util.c 8.39.1.2 (Berkeley) 2/10/95";
+static char sccsid[] = "@(#)util.c 8.39.1.5 (Berkeley) 3/5/95";
#endif /* not lint */
# include "sendmail.h"
@@ -1485,7 +1485,7 @@ cleanstrcpy(t, f, l)
{
#ifdef LOG
/* check for newlines and log if necessary */
- (void) denlstring(f);
+ (void) denlstring(f, TRUE, TRUE);
#endif
l--;
@@ -1506,6 +1506,8 @@ cleanstrcpy(t, f, l)
**
** Parameters:
** s -- the input string
+** strict -- if set, don't permit continuation lines.
+** logattacks -- if set, log attempted attacks.
**
** Returns:
** A pointer to a version of the string with newlines
@@ -1513,15 +1515,21 @@ cleanstrcpy(t, f, l)
*/
char *
-denlstring(s)
+denlstring(s, strict, logattacks)
char *s;
+ int strict;
+ int logattacks;
{
register char *p;
int l;
static char *bp = NULL;
static int bl = 0;
- if (strchr(s, '\n') == NULL)
+ p = s;
+ while ((p = strchr(p, '\n')) != NULL)
+ if (strict || (*++p != ' ' && *p != '\t'))
+ break;
+ if (p == NULL)
return s;
l = strlen(s) + 1;
@@ -1538,9 +1546,12 @@ denlstring(s)
*p++ = ' ';
#ifdef LOG
- p = macvalue('_', CurEnv);
- syslog(LOG_ALERT, "POSSIBLE ATTACK from %s: newline in string \"%s\"",
- p == NULL ? "[UNKNOWN]" : p, bp);
+ if (logattacks)
+ {
+ syslog(LOG_NOTICE, "POSSIBLE ATTACK from %s: newline in string \"%s\"",
+ RealHostName == NULL ? "[UNKNOWN]" : RealHostName,
+ shortenstring(bp, 80));
+ }
#endif
return bp;
diff --git a/usr.sbin/sendmail/src/version.c b/usr.sbin/sendmail/src/version.c
index 25ed8c0..14ba246 100644
--- a/usr.sbin/sendmail/src/version.c
+++ b/usr.sbin/sendmail/src/version.c
@@ -33,7 +33,7 @@
*/
#ifndef lint
-static char sccsid[] = "@(#)version.c 8.6.10.1 (Berkeley) 2/7/95";
+static char sccsid[] = "@(#)version.c 8.6.11.1 (Berkeley) 2/28/95";
#endif /* not lint */
-char Version[] = "8.6.10";
+char Version[] = "8.6.11";
OpenPOWER on IntegriCloud