diff options
48 files changed, 370 insertions, 98 deletions
diff --git a/contrib/sendmail/RELEASE_NOTES b/contrib/sendmail/RELEASE_NOTES index cf6855a..3282fde 100644 --- a/contrib/sendmail/RELEASE_NOTES +++ b/contrib/sendmail/RELEASE_NOTES @@ -1,11 +1,45 @@ SENDMAIL RELEASE NOTES - $Id: RELEASE_NOTES,v 8.1336 2002/06/03 13:21:25 ca Exp $ + $Id: RELEASE_NOTES,v 8.1340.2.9 2002/06/25 22:53:32 ca Exp $ This listing shows the version of the sendmail binary, the version of the sendmail configuration files, the date of release, and a summary of the changes in that release. +8.12.5/8.12.5 2002/06/25 + SECURITY: The DNS map can cause a buffer overflow if the user + specifies a dns map using TXT records in the configuration + file and a rogue DNS server is queried. None of the + sendmail supplied configuration files use this option hence + they are not vulnerable. Problem noted independently by + Joost Pol of PINE Internet and Anton Rang of Sun Microsystems. + Unprintable characters in responses from DNS servers for the DNS + map type are changed to 'X' to avoid potential problems + with rogue DNS servers. + Require a suboption when setting the Milter option. Problem noted + by Bryan Costales. + Do not silently overwrite command line settings for + DirectSubmissionModifiers. Problem noted by Bryan + Costales. + Prevent a segmentation fault when clearing the event list by + turning off alarms before checking if event list is + empty. Problem noted by Allan E Johannesen of Worcester + Polytechnic Institute. + Close a potential race condition in transitioning a memory buffered + file onto disk. From Janani Devarajan of Sun Microsystems. + Portability: + Include paths.h on Linux systems running glibc 2.0 or later + to get the definition for _PATH_SENDMAIL, used by + rmail and vacation. Problem noted by Kevin + A. McGrail of Peregrine Hardware. + NOTE: Linux appears to have broken flock() again. Unless + the bug is fixed before sendmail 8.13 is shipped, + 8.13 will change the default locking method to + fcntl() for Linux kernel 2.4 and later. You may + want to do this in 8.12 by compiling with + -DHASFLOCK=0. Be sure to update other sendmail + related programs to match locking techniques. + 8.12.4/8.12.4 2002/06/03 SECURITY: Inherent limitations in the UNIX file locking model can leave systems open to a local denial of service diff --git a/contrib/sendmail/cf/README b/contrib/sendmail/cf/README index 3c7b7d5..952a16c 100644 --- a/contrib/sendmail/cf/README +++ b/contrib/sendmail/cf/README @@ -1213,7 +1213,7 @@ dnsbl Turns on rejection of hosts found in an DNS based rejection A second argument can be used to change the default error message. Without that second argument, the error message will be - Mail from IP-ADDRESS refused by blackhole site SERVER + Rejected: IP-ADDRESS listed at SERVER where IP-ADDRESS and SERVER are replaced by the appropriate information. By default, temporary lookup failures are ignored. This behavior can be changed by specifying a @@ -2430,7 +2430,7 @@ subscribed. Contact MAPS to subscribe (http://mail-abuse.org/). You can specify an alternative RBL server to check by specifying an argument to the FEATURE. The default error message is - Mail from IP-ADDRESS refused by blackhole site SERVER + Rejected: IP-ADDRESS listed at SERVER where IP-ADDRESS and SERVER are replaced by the appropriate information. A second argument can be used to specify a different @@ -4311,4 +4311,4 @@ M4 DIVERSIONS 8 DNS based blacklists 9 special local rulesets (1 and 2) -$Revision: 8.622 $, Last updated $Date: 2002/06/03 13:15:16 $ +$Revision: 8.623 $, Last updated $Date: 2002/06/07 14:14:14 $ diff --git a/contrib/sendmail/cf/cf/submit.cf b/contrib/sendmail/cf/cf/submit.cf index fe90962..0613bc1 100644 --- a/contrib/sendmail/cf/cf/submit.cf +++ b/contrib/sendmail/cf/cf/submit.cf @@ -1,5 +1,5 @@ # -# Copyright (c) 1998-2001 Sendmail, Inc. and its suppliers. +# Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. # All rights reserved. # Copyright (c) 1983, 1995 Eric P. Allman. All rights reserved. # Copyright (c) 1988, 1993 @@ -24,7 +24,7 @@ ###################################################################### ###################################################################### -##### $Id: cfhead.m4,v 8.107 2001/07/22 03:25:37 ca Exp $ ##### +##### $Id: cfhead.m4,v 8.108 2002/06/13 18:53:24 ca Exp $ ##### ##### $Id: cf.m4,v 8.32 1999/02/07 07:26:14 gshapiro Exp $ ##### ##### $Id: submit.mc,v 8.6 2002/03/26 03:30:58 ca Exp $ ##### ##### $Id: msp.m4,v 1.32 2002/03/26 22:02:03 ca Exp $ ##### @@ -32,7 +32,7 @@ ##### $Id: no_default_msa.m4,v 8.2 2001/02/14 05:03:22 gshapiro Exp $ ##### -##### $Id: proto.m4,v 8.646 2002/05/19 21:22:40 gshapiro Exp $ ##### +##### $Id: proto.m4,v 8.649 2002/06/13 18:53:24 ca Exp $ ##### # level 10 config file format V10/Berkeley @@ -110,7 +110,7 @@ D{MTAHost}[localhost] # Configuration version number -DZ8.12.4/Submit +DZ8.12.5/Submit ############### @@ -338,7 +338,7 @@ O TimeZoneSpec= #O DelayLA=0 # maximum number of children we allow at one time -#O MaxDaemonChildren=12 +#O MaxDaemonChildren=0 # maximum number of new connections per second #O ConnectionRateThrottle=0 @@ -479,7 +479,6 @@ O PidFile=/var/spool/clientmqueue/sm-client.pid #O InputMailFilters - # CA directory #O CACERTPath # CA file diff --git a/contrib/sendmail/cf/m4/cfhead.m4 b/contrib/sendmail/cf/m4/cfhead.m4 index 708a095..f956365 100644 --- a/contrib/sendmail/cf/m4/cfhead.m4 +++ b/contrib/sendmail/cf/m4/cfhead.m4 @@ -1,5 +1,5 @@ # -# Copyright (c) 1998-2001 Sendmail, Inc. and its suppliers. +# Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. # All rights reserved. # Copyright (c) 1983, 1995 Eric P. Allman. All rights reserved. # Copyright (c) 1988, 1993 @@ -119,8 +119,10 @@ define(`_CPO_',`') define(`CLIENT_OPTIONS', `define(`_CPO_', defn(`_CPO_') O ClientPortOptions=`$1')') define(`_MAIL_FILTERS_', `') +define(`_MAIL_FILTERS_DEF', `') define(`MAIL_FILTER', `define(`_MAIL_FILTERS_', defn(`_MAIL_FILTERS_') -X`'$1`, '`$2')') +X`'$1`, '`$2') +define(`_MAIL_FILTERS_DEF', defn(`_MAIL_FILTERS_DEF')`X')') define(`INPUT_MAIL_FILTER', `MAIL_FILTER(`$1', `$2') ifelse(defn(`confINPUT_MAIL_FILTERS')X, `X', `define(`confINPUT_MAIL_FILTERS', $1)', @@ -301,4 +303,4 @@ define(`confMILTER_MACROS_ENVRCPT', ``{rcpt_mailer}, {rcpt_host}, {rcpt_addr}'') divert(0)dnl -VERSIONID(`$Id: cfhead.m4,v 8.107 2001/07/22 03:25:37 ca Exp $') +VERSIONID(`$Id: cfhead.m4,v 8.108 2002/06/13 18:53:24 ca Exp $') diff --git a/contrib/sendmail/cf/m4/proto.m4 b/contrib/sendmail/cf/m4/proto.m4 index ab8b457..d601b67 100644 --- a/contrib/sendmail/cf/m4/proto.m4 +++ b/contrib/sendmail/cf/m4/proto.m4 @@ -13,7 +13,7 @@ divert(-1) # divert(0) -VERSIONID(`$Id: proto.m4,v 8.646 2002/05/19 21:22:40 gshapiro Exp $') +VERSIONID(`$Id: proto.m4,v 8.649 2002/06/13 18:53:24 ca Exp $') # level CF_LEVEL config file format V`'CF_LEVEL/ifdef(`VENDOR_NAME', `VENDOR_NAME', `Berkeley') @@ -479,7 +479,7 @@ _OPTION(RefuseLA, `confREFUSE_LA', `12') _OPTION(DelayLA, `confDELAY_LA', `0') # maximum number of children we allow at one time -_OPTION(MaxDaemonChildren, `confMAX_DAEMON_CHILDREN', `12') +_OPTION(MaxDaemonChildren, `confMAX_DAEMON_CHILDREN', `0') # maximum number of new connections per second _OPTION(ConnectionRateThrottle, `confCONNECTION_RATE_THROTTLE', `0') @@ -621,7 +621,7 @@ _OPTION(TLSSrvOptions, `confTLS_SRV_OPTIONS', `') # Input mail filters _OPTION(InputMailFilters, `confINPUT_MAIL_FILTERS', `') -ifdef(`confINPUT_MAIL_FILTERS', `dnl +ifelse(len(X`'_MAIL_FILTERS_DEF), `1', `dnl', `dnl # Milter options _OPTION(Milter.LogLevel, `confMILTER_LOG_LEVEL', `') _OPTION(Milter.macros.connect, `confMILTER_MACROS_CONNECT', `') diff --git a/contrib/sendmail/cf/m4/version.m4 b/contrib/sendmail/cf/m4/version.m4 index 9902120..72d8c22 100644 --- a/contrib/sendmail/cf/m4/version.m4 +++ b/contrib/sendmail/cf/m4/version.m4 @@ -11,8 +11,8 @@ divert(-1) # the sendmail distribution. # # -VERSIONID(`$Id: version.m4,v 8.92 2002/05/31 18:53:59 ca Exp $') +VERSIONID(`$Id: version.m4,v 8.92.2.2 2002/06/25 22:51:52 ca Exp $') # divert(0) # Configuration version number -DZ8.12.4`'ifdef(`confCF_VERSION', `/confCF_VERSION') +DZ8.12.5`'ifdef(`confCF_VERSION', `/confCF_VERSION') diff --git a/contrib/sendmail/cf/sendmail.schema b/contrib/sendmail/cf/sendmail.schema index bab47e8..ebe4c96 100644 --- a/contrib/sendmail/cf/sendmail.schema +++ b/contrib/sendmail/cf/sendmail.schema @@ -1,16 +1,17 @@ -# Copyright (c) 2000-2001 Sendmail, Inc. and its suppliers. +# Copyright (c) 2000-2002 Sendmail, Inc. and its suppliers. # All rights reserved. # # By using this file, you agree to the terms and conditions set # forth in the LICENSE file which can be found at the top level of # the sendmail distribution. # -# $Id: sendmail.schema,v 8.14 2001/08/31 17:18:18 gshapiro Exp $ +# $Id: sendmail.schema,v 8.19 2002/06/04 17:31:43 gshapiro Exp $ # Note that this schema is experimental at this point as it has had little # public review. Therefore, it may change in future versions. Feedback # via sendmail@sendmail.org is encouraged. + # OID arcs for Sendmail # enterprise: 1.3.6.1.4.1 # sendmail: enterprise.6152 @@ -87,6 +88,7 @@ attributetype ( 1.3.6.1.4.1.6152.10.3.1.16 EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) + #objectClass sendmailMTAMap # requires # objectClass, @@ -143,6 +145,7 @@ attributetype ( 1.3.6.1.4.1.6152.10.3.1.20 EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + #objectClass sendmailMTAAlias # requires # objectClass, @@ -198,6 +201,7 @@ attributetype ( 1.3.6.1.4.1.6152.10.3.1.23 EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + #objectClass sendmailMTAClass # requires # objectClass, diff --git a/contrib/sendmail/doc/op/op.me b/contrib/sendmail/doc/op/op.me index 8d14002..6780db5 100644 --- a/contrib/sendmail/doc/op/op.me +++ b/contrib/sendmail/doc/op/op.me @@ -9,7 +9,7 @@ .\" the sendmail distribution. .\" .\" -.\" $Id: op.me,v 8.607 2002/05/22 19:58:33 gshapiro Exp $ +.\" $Id: op.me,v 8.609.2.2 2002/06/25 20:30:35 ca Exp $ .\" .\" eqn op.me | pic | troff -me .\" @@ -88,7 +88,7 @@ Sendmail, Inc. .de Ve Version \\$2 .. -.Ve $Revision: 8.607 $ +.Ve $Revision: 8.609.2.2 $ .rm Ve .sp For Sendmail Version 8.12 @@ -753,6 +753,12 @@ Notice: do not use the same key for .i sendmail invocations with different queue directories or different queue group declarations. +Access to shared memory is not controlled by locks, +i.e., there is a race condition when data in the shared memory is updated. +However, since operation of +.i sendmail +does not rely on the data in the shared memory, this does not negatively +influence the behavior. .sh 3 "/var/spool/clientmqueue" .pp The directory @@ -1274,6 +1280,13 @@ the flag .b \-bP can be used to print the number of entries in the queue(s), provided a process updates the data. +However, as explained earlier, the output might be slightly wrong, +since access to the shared memory is not locked. +For example, +``unknown number of entries'' +might be shown. +The internal counters are updated after each queue run +to the correct value again. .sh 3 "Forcing the queue" .pp .i Sendmail @@ -2769,6 +2782,34 @@ is still accepted. Notice that the MSP submits mail to the MTA via SMTP, and hence mail will be queued in the client queue in such a case. Therefore it is necessary to run the client mail queue periodically. +.sh 2 "Resource Limits" +.pp +.i Sendmail +has several parameters to control resource usage. +Besides those mentionted in the previous section, there are at least +.b MaxDaemonChildren , +.b ConnectionRateThrottle , +.b MaxQueueChildren , +and +.b MaxRunnersPerQueue . +The latter two limit the number of +.i sendmail +processes that operate on the queue. +These are discussed in the section +``Queue Group Declaration''. +The former two can be used to limit the number of incoming connections. +Their appropriate values depend on the host operating system and +the hardware, e.g., amount of memory. +In many situations it might be useful to set limits to prevent +to have too many +.i sendmail +processes, however, these limits can be abused to mount a +denial of service attack. +For example, if +.b MaxDaemonChildren=10 +then an attacker needs to open only 10 SMTP sessions to the server, +leave them idle for most of the time, +and no more connections will be accepted. .sh 2 "Delivery Mode" .pp There are a number of delivery modes that @@ -6557,6 +6598,7 @@ If not set, is either "CC f" if the option .b \-G is used or "c u" otherwise. +Note that only the the "CC", "c", "f", and "u" flags are checked. .ip DontBlameSendmail=\fIoption,option,...\fP [no short name] In order to avoid possible cracking attempts @@ -7050,6 +7092,7 @@ The characters ``@,;:\e()[]'' are always added to this list. .ip NiceQueueRun [no short name] The priority of queue runners (nice(3)). +This value must be greater or equal zero. .ip NoRecipientAction [no short name] The action to take when you receive a message that has no valid @@ -8674,6 +8717,7 @@ Fields are: Flags for this queue group. .ip Nice The nice(2) increment for the queue group. +This value must be greater or equal zero. .ip Interval The time between two queue runs. .ip Path @@ -10627,7 +10671,7 @@ replace it with a blank sheet for double-sided output. .\".sz 10 .\"Eric Allman .\".sp -.\"Version $Revision: 8.607 $ +.\"Version $Revision: 8.609.2.2 $ .\".ce 0 .bp 3 .ce diff --git a/contrib/sendmail/editmap/Makefile.m4 b/contrib/sendmail/editmap/Makefile.m4 index 906e198..566b6e2 100644 --- a/contrib/sendmail/editmap/Makefile.m4 +++ b/contrib/sendmail/editmap/Makefile.m4 @@ -1,3 +1,4 @@ +dnl $Id: Makefile.m4,v 1.4.6.1 2002/06/21 21:58:27 ca Exp $ include(confBUILDTOOLSDIR`/M4/switch.m4') define(`confREQUIRE_LIBSM', `true') diff --git a/contrib/sendmail/include/libmilter/mfapi.h b/contrib/sendmail/include/libmilter/mfapi.h index 9cf07c7..c36a38c 100644 --- a/contrib/sendmail/include/libmilter/mfapi.h +++ b/contrib/sendmail/include/libmilter/mfapi.h @@ -7,7 +7,7 @@ * the sendmail distribution. * * - * $Id: mfapi.h,v 8.42 2002/04/30 23:52:23 msk Exp $ + * $Id: mfapi.h,v 8.44 2002/06/04 05:06:40 gshapiro Exp $ */ /* diff --git a/contrib/sendmail/include/sm/conf.h b/contrib/sendmail/include/sm/conf.h index 12688ea..83950bc 100644 --- a/contrib/sendmail/include/sm/conf.h +++ b/contrib/sendmail/include/sm/conf.h @@ -10,7 +10,7 @@ * the sendmail distribution. * * - * $Id: conf.h,v 1.88 2002/05/01 16:09:41 gshapiro Exp $ + * $Id: conf.h,v 1.90.2.2 2002/06/21 22:31:35 gshapiro Exp $ */ /* @@ -1358,6 +1358,9 @@ extern void *malloc(); # ifndef TZ_TYPE # define TZ_TYPE TZ_NONE /* no standard for Linux */ # endif /* ! TZ_TYPE */ +# if (__GLIBC__ >= 2) +# include <paths.h> +# endif /* (__GLIBC__ >= 2) */ # ifndef _PATH_SENDMAILPID # define _PATH_SENDMAILPID "/var/run/sendmail.pid" # endif /* ! _PATH_SENDMAILPID */ diff --git a/contrib/sendmail/libmilter/Makefile.m4 b/contrib/sendmail/libmilter/Makefile.m4 index ea1124d..d824298 100644 --- a/contrib/sendmail/libmilter/Makefile.m4 +++ b/contrib/sendmail/libmilter/Makefile.m4 @@ -1,3 +1,4 @@ +dnl $Id: Makefile.m4,v 8.30.2.1 2002/06/21 21:58:28 ca Exp $ include(confBUILDTOOLSDIR`/M4/switch.m4') dnl only required for compilation of EXTRAS diff --git a/contrib/sendmail/libmilter/docs/smfi_getsymval.html b/contrib/sendmail/libmilter/docs/smfi_getsymval.html index d8a3304..8cbde7d 100644 --- a/contrib/sendmail/libmilter/docs/smfi_getsymval.html +++ b/contrib/sendmail/libmilter/docs/smfi_getsymval.html @@ -37,7 +37,11 @@ Get the value of a sendmail macro. <td>The opaque context structure. </td></tr> <tr valign="top"><td>symname</td> - <td>The name of a sendmail macro, optinally enclosed in braces ("{" and "}"). <a href="#notes">See below</a> for default macros. + <td>The name of a sendmail macro. + Single letter macros can optionally be enclosed in braces ("{" and "}"), + longer macro names must be enclosed in braces, just as in a + <tt>sendmail.cf</tt> file. + <a href="#notes">See below</a> for default macros. </td></tr> </table> </td></tr> @@ -82,7 +86,7 @@ sendmail distribution. <hr size="1"> <font size="-1"> -Copyright (c) 2000 Sendmail, Inc. and its suppliers. +Copyright (c) 2000, 2002 Sendmail, Inc. and its suppliers. All rights reserved. <br> By using this file, you agree to the terms and conditions set diff --git a/contrib/sendmail/libmilter/main.c b/contrib/sendmail/libmilter/main.c index 92690cd..6fc3f95 100644 --- a/contrib/sendmail/libmilter/main.c +++ b/contrib/sendmail/libmilter/main.c @@ -9,7 +9,7 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Id: main.c,v 8.63 2002/04/30 23:52:24 msk Exp $") +SM_RCSID("@(#)$Id: main.c,v 8.64 2002/06/04 02:32:32 geir Exp $") #define _DEFINE 1 #include "libmilter.h" diff --git a/contrib/sendmail/libsm/Makefile.m4 b/contrib/sendmail/libsm/Makefile.m4 index 957eb09..563cf10 100644 --- a/contrib/sendmail/libsm/Makefile.m4 +++ b/contrib/sendmail/libsm/Makefile.m4 @@ -1,3 +1,4 @@ +dnl $Id: Makefile.m4,v 1.64.2.1 2002/06/21 21:58:29 ca Exp $ define(`confREQUIRE_LIBUNIX') include(confBUILDTOOLSDIR`/M4/switch.m4') diff --git a/contrib/sendmail/libsm/clock.c b/contrib/sendmail/libsm/clock.c index ada9689..fb7e911 100644 --- a/contrib/sendmail/libsm/clock.c +++ b/contrib/sendmail/libsm/clock.c @@ -12,7 +12,7 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Id: clock.c,v 1.35 2002/03/22 18:34:38 gshapiro Exp $") +SM_RCSID("@(#)$Id: clock.c,v 1.35.2.1 2002/06/20 05:14:45 gshapiro Exp $") #include <unistd.h> #include <time.h> #include <errno.h> @@ -257,9 +257,6 @@ sm_clear_events() #endif /* SM_CONF_SETITIMER */ int wasblocked; - if (SmEventQueue == NULL) - return; - /* nothing will be left in event queue, no need for an alarm */ #if SM_CONF_SETITIMER clr.it_interval.tv_sec = 0; @@ -270,6 +267,10 @@ sm_clear_events() #else /* SM_CONF_SETITIMER */ (void) alarm(0); #endif /* SM_CONF_SETITIMER */ + + if (SmEventQueue == NULL) + return; + wasblocked = sm_blocksignal(SIGALRM); /* find the end of the EventQueue */ diff --git a/contrib/sendmail/libsmdb/Makefile.m4 b/contrib/sendmail/libsmdb/Makefile.m4 index 90cecfe..23f39d0 100644 --- a/contrib/sendmail/libsmdb/Makefile.m4 +++ b/contrib/sendmail/libsmdb/Makefile.m4 @@ -1,3 +1,4 @@ +dnl $Id: Makefile.m4,v 8.13.4.1 2002/06/21 21:58:33 ca Exp $ include(confBUILDTOOLSDIR`/M4/switch.m4') define(`confREQUIRE_LIBSM', `true') diff --git a/contrib/sendmail/libsmutil/Makefile.m4 b/contrib/sendmail/libsmutil/Makefile.m4 index 5348e33..36c5d7a 100644 --- a/contrib/sendmail/libsmutil/Makefile.m4 +++ b/contrib/sendmail/libsmutil/Makefile.m4 @@ -1,3 +1,4 @@ +dnl $Id: Makefile.m4,v 8.16.4.1 2002/06/21 21:58:35 ca Exp $ include(confBUILDTOOLSDIR`/M4/switch.m4') define(`confREQUIRE_LIBSM', `true') diff --git a/contrib/sendmail/mail.local/Makefile.m4 b/contrib/sendmail/mail.local/Makefile.m4 index fa30055..63c14e0 100644 --- a/contrib/sendmail/mail.local/Makefile.m4 +++ b/contrib/sendmail/mail.local/Makefile.m4 @@ -1,3 +1,4 @@ +dnl $Id: Makefile.m4,v 8.49.2.1 2002/06/21 21:58:36 ca Exp $ include(confBUILDTOOLSDIR`/M4/switch.m4') define(`confREQUIRE_LIBSM', `true') diff --git a/contrib/sendmail/mailstats/Makefile.m4 b/contrib/sendmail/mailstats/Makefile.m4 index 02dc956..e981401 100644 --- a/contrib/sendmail/mailstats/Makefile.m4 +++ b/contrib/sendmail/mailstats/Makefile.m4 @@ -1,3 +1,4 @@ +dnl $Id: Makefile.m4,v 8.34.4.1 2002/06/21 21:58:37 ca Exp $ include(confBUILDTOOLSDIR`/M4/switch.m4') define(`confREQUIRE_LIBSM', `true') diff --git a/contrib/sendmail/makemap/Makefile.m4 b/contrib/sendmail/makemap/Makefile.m4 index 171a548..2396311 100644 --- a/contrib/sendmail/makemap/Makefile.m4 +++ b/contrib/sendmail/makemap/Makefile.m4 @@ -1,3 +1,4 @@ +dnl $Id: Makefile.m4,v 8.42.4.1 2002/06/21 21:58:38 ca Exp $ include(confBUILDTOOLSDIR`/M4/switch.m4') define(`confREQUIRE_LIBSM', `true') diff --git a/contrib/sendmail/praliases/Makefile.m4 b/contrib/sendmail/praliases/Makefile.m4 index 20509a6..248fccd 100644 --- a/contrib/sendmail/praliases/Makefile.m4 +++ b/contrib/sendmail/praliases/Makefile.m4 @@ -1,3 +1,4 @@ +dnl $Id: Makefile.m4,v 8.34.4.1 2002/06/21 21:58:39 ca Exp $ include(confBUILDTOOLSDIR`/M4/switch.m4') define(`confREQUIRE_LIBSM', `true') diff --git a/contrib/sendmail/rmail/Makefile.m4 b/contrib/sendmail/rmail/Makefile.m4 index c78b6ca..6b2a049 100644 --- a/contrib/sendmail/rmail/Makefile.m4 +++ b/contrib/sendmail/rmail/Makefile.m4 @@ -1,3 +1,4 @@ +dnl $Id: Makefile.m4,v 8.42.4.1 2002/06/21 21:58:46 ca Exp $ include(confBUILDTOOLSDIR`/M4/switch.m4') define(`confREQUIRE_LIBSM', `true') diff --git a/contrib/sendmail/smrsh/Makefile.m4 b/contrib/sendmail/smrsh/Makefile.m4 index cdc094d..f090250 100644 --- a/contrib/sendmail/smrsh/Makefile.m4 +++ b/contrib/sendmail/smrsh/Makefile.m4 @@ -1,3 +1,4 @@ +dnl $Id: Makefile.m4,v 8.34.2.1 2002/06/21 21:58:48 ca Exp $ include(confBUILDTOOLSDIR`/M4/switch.m4') define(`confREQUIRE_LIBSM', `true') diff --git a/contrib/sendmail/src/Makefile.m4 b/contrib/sendmail/src/Makefile.m4 index bb5dc1a..615ac59 100644 --- a/contrib/sendmail/src/Makefile.m4 +++ b/contrib/sendmail/src/Makefile.m4 @@ -1,3 +1,4 @@ +dnl $Id: Makefile.m4,v 8.91.2.1 2002/06/21 21:58:47 ca Exp $ include(confBUILDTOOLSDIR`/M4/switch.m4') define(`confREQUIRE_LIBSM', `true') diff --git a/contrib/sendmail/src/README b/contrib/sendmail/src/README index d24e47b..b8c31ec 100644 --- a/contrib/sendmail/src/README +++ b/contrib/sendmail/src/README @@ -9,7 +9,7 @@ # the sendmail distribution. # # -# $Id: README,v 8.355 2002/05/22 19:46:26 gshapiro Exp $ +# $Id: README,v 8.355.2.3 2002/06/21 22:44:56 gshapiro Exp $ # This directory contains the source files for sendmail(TM). @@ -1266,9 +1266,15 @@ HP-UX 8.00 README file for the future... Linux - Something broke between versions 0.99.13 and 0.99.14 of Linux: - the flock() system call gives errors. If you are running .14, - you must not use flock. You can do this with -DHASFLOCK=0. + Something broke between versions 0.99.13 and 0.99.14 of Linux: the + flock() system call gives errors. If you are running .14, you must + not use flock. You can do this with -DHASFLOCK=0. We have also + been getting complaints since version 2.4.X was released. Unless + the bug is fixed before sendmail 8.13 is shipped, 8.13 will change + the default locking method to fcntl() for Linux kernel version 2.4 + and later. Be sure to update other sendmail related programs to + match locking techniques (some examples, besides makemap and + mail.local, include procmail, mailx, mutt, elm, etc). Around the inclusion of bind-4.9.3 & Linux libc-4.6.20, the initialization of the _res structure changed. If /etc/hosts.conf @@ -1515,6 +1521,28 @@ Darwin/Mac OS X (10.X.X) b. Set / to group unwritable (as superuser): chmod g-w / +Darwin/Mac OS X (10.1.5) + Apple's upgrade to sendmail 8.12 is incorrectly configured. You + will need to manually fix it up by doing the following: + + 1. chown smmsp:smmsp /var/spool/clientmqueue + 2. chmod 2770 /var/spool/clientmqueue + 3. chgrp smmsp /usr/sbin/sendmail + 4. chmod g+s /usr/sbin/sendmail + + From Daniel J. Luke <dluke@geeklair.net>: + + It appears that setting the sendmail.cf property in + /locations/sendmail in NetInfo on Mac OS X 10.1.5 with sendmail + 8.12.4 causes 'bad things' to happen. + + Specifically sendmail instances that should be getting their config + from /etc/mail/submit.cf don't (so mail/mutt/perl scripts which + open pipes to sendmail stop working as sendmail tries to write to + /var/spool/mqueue and cannot as sendmail is no longer suid root). + + Removing the entry from NetInfo fixes this problem. + GNU getopt I'm told that GNU getopt has a problem in that it gets confused by the double call. Use the version in conf.c instead. @@ -1740,4 +1768,4 @@ util.c Some general purpose routines used by sendmail. version.c The version number and information about this version of sendmail. -(Version $Revision: 8.355 $, last update $Date: 2002/05/22 19:46:26 $ ) +(Version $Revision: 8.355.2.3 $, last update $Date: 2002/06/21 22:44:56 $ ) diff --git a/contrib/sendmail/src/aliases b/contrib/sendmail/src/aliases index 73899d4..2d06ae3 100644 --- a/contrib/sendmail/src/aliases +++ b/contrib/sendmail/src/aliases @@ -1,5 +1,5 @@ # -# $Id: aliases,v 8.4 2001/12/30 04:46:23 gshapiro Exp $ +# $Id: aliases,v 8.5 2002/06/05 22:54:26 gshapiro Exp $ # @(#)aliases 8.2 (Berkeley) 3/5/94 # # Aliases in this file will NOT be expanded in the header from @@ -35,7 +35,6 @@ ingres: root nobody: root system: root toor: root -uucp: root # Well-known aliases manager: root diff --git a/contrib/sendmail/src/bf.c b/contrib/sendmail/src/bf.c index eb41798..f678308 100644 --- a/contrib/sendmail/src/bf.c +++ b/contrib/sendmail/src/bf.c @@ -18,7 +18,7 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Id: bf.c,v 8.54 2002/04/20 18:03:42 gshapiro Exp $") +SM_RCSID("@(#)$Id: bf.c,v 8.54.2.2 2002/06/21 19:58:40 gshapiro Exp $") #include <sys/types.h> #include <sys/stat.h> @@ -681,6 +681,7 @@ sm_bfcommit(fp) /* Do we need to open a file? */ if (!bfp->bf_ondisk) { + int save_errno; MODE_T omask; struct stat st; @@ -700,14 +701,16 @@ sm_bfcommit(fp) /* Clear umask as bf_filemode are the true perms */ omask = umask(0); - retval = OPEN(bfp->bf_filename, O_RDWR | O_CREAT | O_TRUNC, + retval = OPEN(bfp->bf_filename, O_RDWR | O_CREAT | O_EXCL, bfp->bf_filemode, bfp->bf_flags); + save_errno = errno; (void) umask(omask); /* Couldn't create file: failure */ if (retval < 0) { /* errno is set implicitly by open() */ + errno = save_errno; return -1; } diff --git a/contrib/sendmail/src/conf.c b/contrib/sendmail/src/conf.c index 4a0a25d..59e485b 100644 --- a/contrib/sendmail/src/conf.c +++ b/contrib/sendmail/src/conf.c @@ -13,7 +13,7 @@ #include <sendmail.h> -SM_RCSID("@(#)$Id: conf.c,v 8.969 2002/05/24 23:48:55 gshapiro Exp $") +SM_RCSID("@(#)$Id: conf.c,v 8.972 2002/06/18 16:11:44 ca Exp $") #include <sendmail/pathnames.h> @@ -2338,7 +2338,7 @@ typedef unsigned int *pt_entry_t; */ # ifdef SPT_ALIGN_SIZE -# define SPT_ALIGN(x, align) ((((x) + SPT_ALIGN_SIZE) >> (align)) << (align)) +# define SPT_ALIGN(x, align) (((((x) + SPT_ALIGN_SIZE) >> (align)) << (align)) - 1) # else /* SPT_ALIGN_SIZE */ # define SPT_ALIGN(x, align) (x) # endif /* SPT_ALIGN_SIZE */ diff --git a/contrib/sendmail/src/conf.h b/contrib/sendmail/src/conf.h index 89bdd7e..22d7737 100644 --- a/contrib/sendmail/src/conf.h +++ b/contrib/sendmail/src/conf.h @@ -10,7 +10,7 @@ * the sendmail distribution. * * - * $Id: conf.h,v 8.562 2002/05/22 19:46:26 gshapiro Exp $ + * $Id: conf.h,v 8.563 2002/06/04 02:13:50 geir Exp $ */ /* diff --git a/contrib/sendmail/src/daemon.c b/contrib/sendmail/src/daemon.c index 0b2cd94..28e96ff 100644 --- a/contrib/sendmail/src/daemon.c +++ b/contrib/sendmail/src/daemon.c @@ -13,7 +13,7 @@ #include <sendmail.h> -SM_RCSID("@(#)$Id: daemon.c,v 8.612 2002/05/02 19:40:52 ca Exp $") +SM_RCSID("@(#)$Id: daemon.c,v 8.613 2002/06/05 21:26:35 gshapiro Exp $") #if defined(SOCK_STREAM) || defined(__GNU_LIBRARY__) # define USE_SOCK_STREAM 1 @@ -1710,6 +1710,58 @@ setsockaddroptions(p, d) #define DEF_LISTENQUEUE 10 +struct dflags +{ + char *d_name; + int d_flag; +}; + +static struct dflags DaemonFlags[] = +{ + { "AUTHREQ", D_AUTHREQ }, + { "BINDIF", D_BINDIF }, + { "CANONREQ", D_CANONREQ }, + { "IFNHELO", D_IFNHELO }, + { "FQMAIL", D_FQMAIL }, + { "FQRCPT", D_FQRCPT }, +#if _FFR_SMTP_SSL + { "SMTPS", D_SMTPS }, +#endif /* _FFR_SMTP_SSL */ + { "UNQUALOK", D_UNQUALOK }, + { "NOAUTH", D_NOAUTH }, + { "NOCANON", D_NOCANON }, + { "NOETRN", D_NOETRN }, + { "NOTLS", D_NOTLS }, + { "ETRNONLY", D_ETRNONLY }, + { "OPTIONAL", D_OPTIONAL }, + { "DISABLE", D_DISABLE }, + { "ISSET", D_ISSET }, + { NULL, 0 } +}; + +static void +printdaemonflags(d) + DAEMON_T *d; +{ + register struct dflags *df; + bool first = true; + + for (df = DaemonFlags; df->d_name != NULL; df++) + { + if (!bitnset(df->d_flag, d->d_flags)) + continue; + if (first) + (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, "<%s", + df->d_name); + else + (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, ",%s", + df->d_name); + first = false; + } + if (!first) + (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, ">"); +} + bool setdaemonoptions(p) register char *p; @@ -1741,10 +1793,7 @@ setdaemonoptions(p) if (tTd(37, 1)) { sm_dprintf("Daemon %s flags: ", Daemons[NDaemons].d_name); - if (bitnset(D_ETRNONLY, Daemons[NDaemons].d_flags)) - sm_dprintf("ETRNONLY "); - if (bitnset(D_NOETRN, Daemons[NDaemons].d_flags)) - sm_dprintf("NOETRN "); + printdaemonflags(&Daemons[NDaemons]); sm_dprintf("\n"); } ++NDaemons; diff --git a/contrib/sendmail/src/deliver.c b/contrib/sendmail/src/deliver.c index 2b1fc4c..e70e1da 100644 --- a/contrib/sendmail/src/deliver.c +++ b/contrib/sendmail/src/deliver.c @@ -14,7 +14,7 @@ #include <sendmail.h> #include <sys/time.h> -SM_RCSID("@(#)$Id: deliver.c,v 8.939 2002/05/25 00:46:00 gshapiro Exp $") +SM_RCSID("@(#)$Id: deliver.c,v 8.940 2002/06/06 00:03:16 gshapiro Exp $") #if HASSETUSERCONTEXT # include <login_cap.h> @@ -3282,7 +3282,7 @@ do_transfer: if (i != EX_OK) { markfailure(e, to, mci, i, false); - giveresponse(i, to->q_status, m, mci, + giveresponse(i, to->q_status, m, mci, ctladdr, xstart, e, to); if (i == EX_TEMPFAIL) to->q_state = QS_RETRY; diff --git a/contrib/sendmail/src/main.c b/contrib/sendmail/src/main.c index 78c1862..22a1aac 100644 --- a/contrib/sendmail/src/main.c +++ b/contrib/sendmail/src/main.c @@ -25,7 +25,7 @@ SM_UNUSED(static char copyright[]) = The Regents of the University of California. All rights reserved.\n"; #endif /* ! lint */ -SM_RCSID("@(#)$Id: main.c,v 8.882 2002/05/10 16:20:55 ca Exp $") +SM_RCSID("@(#)$Id: main.c,v 8.887 2002/06/17 22:25:52 gshapiro Exp $") #if NETINET || NETINET6 @@ -1064,6 +1064,11 @@ main(argc, argv, envp) default: i = Errors; QueueIntvl = convtime(optarg, 'm'); + if (QueueIntvl < 0) + { + usrerr("Invalid -q value"); + ExitStat = EX_USAGE; + } /* check for bad conversion */ if (i < Errors) @@ -1188,14 +1193,19 @@ main(argc, argv, envp) if (bitset(SUBMIT_MTA, SubmitMode)) { - macdefine(&BlankEnvelope.e_macro, A_PERM, - macid("{daemon_flags}"), "CC f"); + /* If set daemon_flags on command line, don't reset it */ + if (macvalue(macid("{daemon_flags}"), &BlankEnvelope) == NULL) + macdefine(&BlankEnvelope.e_macro, A_PERM, + macid("{daemon_flags}"), "CC f"); } else if (OpMode == MD_DELIVER || OpMode == MD_SMTP) { SubmitMode = SUBMIT_MSA; - macdefine(&BlankEnvelope.e_macro, A_PERM, - macid("{daemon_flags}"), "c u"); + + /* If set daemon_flags on command line, don't reset it */ + if (macvalue(macid("{daemon_flags}"), &BlankEnvelope) == NULL) + macdefine(&BlankEnvelope.e_macro, A_PERM, + macid("{daemon_flags}"), "c u"); } /* @@ -2243,7 +2253,7 @@ main(argc, argv, envp) ** during startup. */ - if (OpMode == MD_DAEMON || QueueIntvl != 0) + if (OpMode == MD_DAEMON || QueueIntvl > 0) { char dtype[200]; @@ -2283,7 +2293,7 @@ main(argc, argv, envp) (void) sm_strlcat(dtype, "+SMTP", sizeof dtype); DaemonPid = CurrentPid; } - if (QueueIntvl != 0) + if (QueueIntvl > 0) { (void) sm_strlcat2(dtype, queuepersistent @@ -2314,7 +2324,7 @@ main(argc, argv, envp) (void) sm_releasesignal(SIGHUP); (void) sm_signal(SIGTERM, sigterm); - if (QueueIntvl != 0) + if (QueueIntvl > 0) { (void) runqueue(true, false, queuepersistent, true); diff --git a/contrib/sendmail/src/map.c b/contrib/sendmail/src/map.c index d8570d3..f0301eb 100644 --- a/contrib/sendmail/src/map.c +++ b/contrib/sendmail/src/map.c @@ -13,7 +13,7 @@ #include <sendmail.h> -SM_RCSID("@(#)$Id: map.c,v 8.645 2002/05/24 21:07:36 gshapiro Exp $") +SM_RCSID("@(#)$Id: map.c,v 8.645.2.1 2002/06/21 20:25:23 ca Exp $") #if LDAPMAP # include <sm/ldap.h> @@ -1234,6 +1234,7 @@ dns_map_lookup(map, name, av, statp) # endif /* NETINET6 */ } + (void) strreplnonprt(value, 'X'); if (map_p->dns_m_type != rr->rr_type) { if (tTd(38, 40)) diff --git a/contrib/sendmail/src/milter.c b/contrib/sendmail/src/milter.c index f52a725..2e45e50 100644 --- a/contrib/sendmail/src/milter.c +++ b/contrib/sendmail/src/milter.c @@ -10,7 +10,7 @@ #include <sendmail.h> -SM_RCSID("@(#)$Id: milter.c,v 8.196 2002/04/14 03:55:07 gshapiro Exp $") +SM_RCSID("@(#)$Id: milter.c,v 8.197 2002/06/12 22:33:48 gshapiro Exp $") #if MILTER # include <libmilter/mfapi.h> @@ -1401,6 +1401,12 @@ milter_set_option(name, val, sticky) if (tTd(37, 2) || tTd(64, 5)) sm_dprintf("milter_set_option(%s = %s)", name, val); + if (name == NULL) + { + syserr("milter_set_option: invalid Milter option, must specify suboption"); + return; + } + for (mo = MilterOptTab; mo->mo_name != NULL; mo++) { if (sm_strcasecmp(mo->mo_name, name) == 0) diff --git a/contrib/sendmail/src/parseaddr.c b/contrib/sendmail/src/parseaddr.c index aa0e31d..0c9d49e 100644 --- a/contrib/sendmail/src/parseaddr.c +++ b/contrib/sendmail/src/parseaddr.c @@ -13,7 +13,7 @@ #include <sendmail.h> -SM_RCSID("@(#)$Id: parseaddr.c,v 8.359 2002/03/29 16:20:47 ca Exp $") +SM_RCSID("@(#)$Id: parseaddr.c,v 8.359.2.1 2002/06/19 18:24:26 gshapiro Exp $") static void allocaddr __P((ADDRESS *, int, char *, ENVELOPE *)); static int callsubr __P((char**, int, ENVELOPE *)); @@ -1124,7 +1124,7 @@ rewrite(pvp, ruleset, reclevel, e, maxatom) ap = macvalue(rp[1], e); mlp->match_first = avp; if (tTd(21, 2)) - sm_dprintf("rewrite: LHS $&%s => \"%s\"\n", + sm_dprintf("rewrite: LHS $&{%s} => \"%s\"\n", macname(rp[1]), ap == NULL ? "(NULL)" : ap); @@ -1309,7 +1309,7 @@ rewrite(pvp, ruleset, reclevel, e, maxatom) } else { - /* $&x replacement */ + /* $&{x} replacement */ char *mval = macvalue(rp[1], e); char **xpvp; int trsize = 0; @@ -1318,7 +1318,7 @@ rewrite(pvp, ruleset, reclevel, e, maxatom) char pvpbuf[PSBUFSIZE]; if (tTd(21, 2)) - sm_dprintf("rewrite: RHS $&%s => \"%s\"\n", + sm_dprintf("rewrite: RHS $&{%s} => \"%s\"\n", macname(rp[1]), mval == NULL ? "(NULL)" : mval); if (mval == NULL || *mval == '\0') diff --git a/contrib/sendmail/src/queue.c b/contrib/sendmail/src/queue.c index 5920b1e..98096c7c 100644 --- a/contrib/sendmail/src/queue.c +++ b/contrib/sendmail/src/queue.c @@ -13,7 +13,7 @@ #include <sendmail.h> -SM_RCSID("@(#)$Id: queue.c,v 8.862 2002/05/09 23:51:53 ca Exp $") +SM_RCSID("@(#)$Id: queue.c,v 8.863.2.2 2002/06/25 21:34:31 gshapiro Exp $") #include <dirent.h> @@ -280,7 +280,7 @@ hash_q(p, h) ** I data file's inode number ** K time of last delivery attempt ** L Solaris Content-Length: header (obsolete) -** M message (obsolete) +** M message ** N number of delivery attempts ** P message priority ** q quarantine reason (_FFR_QUARANTINE) @@ -4203,7 +4203,7 @@ readqf(e, openonly) orcpt = sm_rpool_strdup_x(e->e_rpool, &bp[1]); break; - case 'r': /* original recipient */ + case 'r': /* final recipient */ frcpt = sm_rpool_strdup_x(e->e_rpool, &bp[1]); break; diff --git a/contrib/sendmail/src/readcf.c b/contrib/sendmail/src/readcf.c index c4d0637..31810a2 100644 --- a/contrib/sendmail/src/readcf.c +++ b/contrib/sendmail/src/readcf.c @@ -13,7 +13,7 @@ #include <sendmail.h> -SM_RCSID("@(#)$Id: readcf.c,v 8.606 2002/05/09 21:09:01 ca Exp $") +SM_RCSID("@(#)$Id: readcf.c,v 8.607 2002/06/14 16:57:32 ca Exp $") #if NETINET || NETINET6 # include <arpa/inet.h> @@ -2949,14 +2949,13 @@ setoption(opt, val, safe, sticky, e) #if _FFR_SELECT_SHM case O_SHMKEYFILE: /* shared memory key file */ # if SM_CONF_SHM - CANONIFY(val); - ShmKeyFile = newstr(val); + SET_STRING_EXP(ShmKeyFile); # else /* SM_CONF_SHM */ (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, "Warning: Option: %s requires shared memory support (-DSM_CONF_SHM)\n", OPTNAME); -# endif /* SM_CONF_SHM */ break; +# endif /* SM_CONF_SHM */ #endif /* _FFR_SELECT_SHM */ #if _FFR_MAX_FORWARD_ENTRIES diff --git a/contrib/sendmail/src/sasl.c b/contrib/sendmail/src/sasl.c index beeece2..f6aa5de 100644 --- a/contrib/sendmail/src/sasl.c +++ b/contrib/sendmail/src/sasl.c @@ -9,7 +9,7 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Id: sasl.c,v 8.18 2002/05/25 00:26:42 gshapiro Exp $") +SM_RCSID("@(#)$Id: sasl.c,v 8.19 2002/06/12 15:06:12 ca Exp $") #if SASL # include <stdlib.h> @@ -262,10 +262,10 @@ iptostring(addr, addrlen, out, outlen) errno = EINVAL; return false; } - if (inet_ntop(AF_INET, &(addr->sin.sin_addr), - hbuf, sizeof hbuf) == NULL) + if (sm_strlcpy(hbuf, inet_ntoa(addr->sin.sin_addr), sizeof(hbuf)) + >= sizeof(hbuf)) { - errno = EINVAL; + errno = ENOMEM; return false; } sm_snprintf(pbuf, sizeof pbuf, "%d", ntohs(addr->sin.sin_port)); diff --git a/contrib/sendmail/src/sendmail.h b/contrib/sendmail/src/sendmail.h index 2284bd6..544e54e 100644 --- a/contrib/sendmail/src/sendmail.h +++ b/contrib/sendmail/src/sendmail.h @@ -48,7 +48,7 @@ #ifdef _DEFINE # ifndef lint -SM_UNUSED(static char SmailId[]) = "@(#)$Id: sendmail.h,v 8.918 2002/05/23 20:01:56 gshapiro Exp $"; +SM_UNUSED(static char SmailId[]) = "@(#)$Id: sendmail.h,v 8.919.2.1 2002/06/21 20:25:22 ca Exp $"; # endif /* ! lint */ #endif /* _DEFINE */ @@ -2500,6 +2500,7 @@ extern pid_t sm_wait __P((int *)); extern bool split_by_recipient __P((ENVELOPE *e)); extern void stop_sendmail __P((void)); extern char *str2prt __P((char *)); +extern bool strreplnonprt __P((char *, int)); extern bool strcontainedin __P((bool, char *, char *)); extern int switch_map_find __P((char *, char *[], short [])); extern bool transienterror __P((int)); diff --git a/contrib/sendmail/src/sfsasl.c b/contrib/sendmail/src/sfsasl.c index cad58d2..53d7276 100644 --- a/contrib/sendmail/src/sfsasl.c +++ b/contrib/sendmail/src/sfsasl.c @@ -9,7 +9,7 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Id: sfsasl.c,v 8.90 2002/05/09 20:44:11 ca Exp $") +SM_RCSID("@(#)$Id: sfsasl.c,v 8.91 2002/06/07 00:06:27 geir Exp $") #include <stdlib.h> #include <sendmail.h> #include <errno.h> @@ -151,7 +151,7 @@ sasl_close(fp) /* how to deallocate a buffer allocated by SASL */ extern void sm_sasl_free __P((void *)); -# define SASL_DEALLOC(b) sm_sasl_free(b) +# define SASL_DEALLOC(b) sm_sasl_free(b) /* ** SASL_READ -- read encrypted information and decrypt it for the caller diff --git a/contrib/sendmail/src/sm_resolve.c b/contrib/sendmail/src/sm_resolve.c index e3eb77f..a6f5862 100644 --- a/contrib/sendmail/src/sm_resolve.c +++ b/contrib/sendmail/src/sm_resolve.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000-2001 Sendmail, Inc. and its suppliers. + * Copyright (c) 2000-2002 Sendmail, Inc. and its suppliers. * All rights reserved. * * By using this file, you agree to the terms and conditions set @@ -46,7 +46,7 @@ # if NAMED_BIND # include "sm_resolve.h" -SM_RCSID("$Id: sm_resolve.c,v 8.24 2001/09/11 04:05:16 gshapiro Exp $") +SM_RCSID("$Id: sm_resolve.c,v 8.24.4.6 2002/06/25 04:22:41 ca Exp $") static struct stot { @@ -180,8 +180,8 @@ parse_dns_reply(data, len) p = data; /* doesn't work on Crays? */ - memcpy(&r->dns_r_h, p, sizeof(HEADER)); - p += sizeof(HEADER); + memcpy(&r->dns_r_h, p, sizeof(r->dns_r_h)); + p += sizeof(r->dns_r_h); status = dn_expand(data, data + len, p, host, sizeof host); if (status < 0) { @@ -200,7 +200,7 @@ parse_dns_reply(data, len) rr = &r->dns_r_head; while (p < data + len) { - int type, class, ttl, size; + int type, class, ttl, size, txtlen; status = dn_expand(data, data + len, p, host, sizeof host); if (status < 0) @@ -213,7 +213,21 @@ parse_dns_reply(data, len) GETSHORT(class, p); GETLONG(ttl, p); GETSHORT(size, p); - *rr = (RESOURCE_RECORD_T *) xalloc(sizeof(RESOURCE_RECORD_T)); + if (p + size > data + len) + { + /* + ** announced size of data exceeds length of + ** data paket: someone is cheating. + */ + + if (LogLevel > 5) + sm_syslog(LOG_WARNING, NOQID, + "ERROR: DNS RDLENGTH=%d > data len=%d", + size, len - (p - data)); + dns_free_data(r); + return NULL; + } + *rr = (RESOURCE_RECORD_T *) xalloc(sizeof(**rr)); if (*rr == NULL) { dns_free_data(r); @@ -260,7 +274,7 @@ parse_dns_reply(data, len) } l = strlen(host) + 1; (*rr)->rr_u.rr_mx = (MX_RECORD_T *) - xalloc(sizeof(MX_RECORD_T) + l); + xalloc(sizeof(*((*rr)->rr_u.rr_mx)) + l); if ((*rr)->rr_u.rr_mx == NULL) { dns_free_data(r); @@ -281,7 +295,7 @@ parse_dns_reply(data, len) } l = strlen(host) + 1; (*rr)->rr_u.rr_srv = (SRV_RECORDT_T*) - xalloc(sizeof(SRV_RECORDT_T) + l); + xalloc(sizeof(*((*rr)->rr_u.rr_srv)) + l); if ((*rr)->rr_u.rr_srv == NULL) { dns_free_data(r); @@ -295,14 +309,35 @@ parse_dns_reply(data, len) break; case T_TXT: - (*rr)->rr_u.rr_txt = (char *) xalloc(size + 1); + + /* + ** The TXT record contains the length as + ** leading byte, hence the value is restricted + ** to 255, which is less than the maximum value + ** of RDLENGTH (size). Nevertheless, txtlen + ** must be less than size because the latter + ** specifies the length of the entire TXT + ** record. + */ + + txtlen = *p; + if (txtlen >= size) + { + if (LogLevel > 5) + sm_syslog(LOG_WARNING, NOQID, + "ERROR: DNS TXT record size=%d <= text len=%d", + size, txtlen); + dns_free_data(r); + return NULL; + } + (*rr)->rr_u.rr_txt = (char *) xalloc(txtlen + 1); if ((*rr)->rr_u.rr_txt == NULL) { dns_free_data(r); return NULL; } - (void) strncpy((*rr)->rr_u.rr_txt, (char*) p + 1, *p); - (*rr)->rr_u.rr_txt[*p] = 0; + (void) sm_strlcpy((*rr)->rr_u.rr_txt, (char*) p + 1, + txtlen + 1); break; default: @@ -313,6 +348,7 @@ parse_dns_reply(data, len) return NULL; } (void) memcpy((*rr)->rr_u.rr_data, p, size); + break; } p += size; rr = &(*rr)->rr_next; diff --git a/contrib/sendmail/src/srvrsmtp.c b/contrib/sendmail/src/srvrsmtp.c index bbcd31f..dd14ffa 100644 --- a/contrib/sendmail/src/srvrsmtp.c +++ b/contrib/sendmail/src/srvrsmtp.c @@ -16,7 +16,7 @@ # include <libmilter/mfdef.h> #endif /* MILTER */ -SM_RCSID("@(#)$Id: srvrsmtp.c,v 8.827 2002/05/28 14:29:57 ca Exp $") +SM_RCSID("@(#)$Id: srvrsmtp.c,v 8.829 2002/06/17 21:54:57 gshapiro Exp $") #if SASL || STARTTLS # include <sys/time.h> @@ -1896,7 +1896,8 @@ smtp(nullserver, d_flags, e) message("250-AUTH %s", mechlist); #endif /* SASL */ #if STARTTLS - if (tls_ok_srv && bitset(SRV_OFFER_TLS, features)) + if (tls_ok_srv && + bitset(SRV_OFFER_TLS, features)) message("250-STARTTLS"); #endif /* STARTTLS */ if (DeliverByMin > 0) diff --git a/contrib/sendmail/src/util.c b/contrib/sendmail/src/util.c index 4974541..52b37ec 100644 --- a/contrib/sendmail/src/util.c +++ b/contrib/sendmail/src/util.c @@ -13,7 +13,7 @@ #include <sendmail.h> -SM_RCSID("@(#)$Id: util.c,v 8.363 2002/05/24 20:44:05 gshapiro Exp $") +SM_RCSID("@(#)$Id: util.c,v 8.363.2.1 2002/06/21 20:25:25 ca Exp $") #include <sysexits.h> #include <sm/xtrap.h> @@ -2239,6 +2239,40 @@ denlstring(s, strict, logattacks) return bp; } + +/* +** STRREPLNONPRT -- replace "unprintable" characters in a string with subst +** +** Parameters: +** s -- string to manipulate (in place) +** subst -- character to use as replacement +** +** Returns: +** true iff string did not contain "unprintable" characters +*/ + +bool +strreplnonprt(s, c) + char *s; + int c; +{ + bool ok; + + ok = true; + if (s == NULL) + return ok; + while (*s != '\0') + { + if (!(isascii(*s) && isprint(*s))) + { + *s = c; + ok = false; + } + ++s; + } + return ok; +} + /* ** STR2PRT -- convert "unprintable" characters in a string to \oct ** diff --git a/contrib/sendmail/src/version.c b/contrib/sendmail/src/version.c index 3e86eb0..3600b84 100644 --- a/contrib/sendmail/src/version.c +++ b/contrib/sendmail/src/version.c @@ -13,6 +13,6 @@ #include <sm/gen.h> -SM_RCSID("@(#)$Id: version.c,v 8.102 2002/05/31 18:53:59 ca Exp $") +SM_RCSID("@(#)$Id: version.c,v 8.104.2.2 2002/06/25 22:51:53 ca Exp $") -char Version[] = "8.12.4"; +char Version[] = "8.12.5"; diff --git a/contrib/sendmail/test/Makefile.m4 b/contrib/sendmail/test/Makefile.m4 index 14868a9..579eb4e 100644 --- a/contrib/sendmail/test/Makefile.m4 +++ b/contrib/sendmail/test/Makefile.m4 @@ -1,3 +1,4 @@ +dnl $Id: Makefile.m4,v 1.3.2.1 2002/06/21 21:58:49 ca Exp $ include(confBUILDTOOLSDIR`/M4/switch.m4') bldPRODUCT_START(`executable', `test') diff --git a/contrib/sendmail/vacation/Makefile.m4 b/contrib/sendmail/vacation/Makefile.m4 index 6de9d4e..0cd5236 100644 --- a/contrib/sendmail/vacation/Makefile.m4 +++ b/contrib/sendmail/vacation/Makefile.m4 @@ -1,3 +1,4 @@ +dnl $Id: Makefile.m4,v 8.24.4.1 2002/06/21 21:58:50 ca Exp $ include(confBUILDTOOLSDIR`/M4/switch.m4') define(`confREQUIRE_LIBSM', `true') diff --git a/contrib/sendmail/vacation/vacation.1 b/contrib/sendmail/vacation/vacation.1 index 299df64..055fb7a 100644 --- a/contrib/sendmail/vacation/vacation.1 +++ b/contrib/sendmail/vacation/vacation.1 @@ -9,9 +9,9 @@ .\" the sendmail distribution. .\" .\" -.\" $Id: vacation.1,v 8.29 2002/03/23 19:17:36 gshapiro Exp $ +.\" $Id: vacation.1,v 8.29.2.1 2002/06/21 21:28:06 ca Exp $ .\" -.TH VACATION 1 "$Date: 2002/03/23 19:17:36 $" +.TH VACATION 1 "$Date: 2002/06/21 21:28:06 $" .SH NAME vacation \- E-mail auto-responder @@ -79,7 +79,7 @@ This option defaults to the standard sendmail configuration file, located at /etc/mail/sendmail.cf on most systems. .TP .B \-d -Send error/debug messages to stdout instead of syslog. +Send error/debug messages to stderr instead of syslog. Otherwise, fatal errors, such as calling .B vacation with incorrect arguments, or with non-existent |