From 289b381b31415647269c7520d881017e2dcb27f1 Mon Sep 17 00:00:00 2001 From: gshapiro Date: Tue, 21 Aug 2001 01:31:44 +0000 Subject: Import sendmail 8.11.6 --- contrib/sendmail/RELEASE_NOTES | 17 ++++++++++++++++- contrib/sendmail/cf/README | 6 +++--- contrib/sendmail/cf/m4/version.m4 | 4 ++-- contrib/sendmail/doc/op/op.me | 8 ++++---- contrib/sendmail/src/README | 5 +++-- contrib/sendmail/src/clock.c | 4 +++- contrib/sendmail/src/err.c | 25 +++++++++++++++++++++---- contrib/sendmail/src/map.c | 5 +++-- contrib/sendmail/src/milter.c | 16 ++++++++++------ contrib/sendmail/src/parseaddr.c | 5 +---- contrib/sendmail/src/readcf.c | 7 ++++++- contrib/sendmail/src/sendmail.h | 4 +++- contrib/sendmail/src/trace.c | 20 ++++++++++++++++---- contrib/sendmail/src/version.c | 4 ++-- 14 files changed, 93 insertions(+), 37 deletions(-) (limited to 'contrib') diff --git a/contrib/sendmail/RELEASE_NOTES b/contrib/sendmail/RELEASE_NOTES index 83e5df6..ad6aecf 100644 --- a/contrib/sendmail/RELEASE_NOTES +++ b/contrib/sendmail/RELEASE_NOTES @@ -1,11 +1,26 @@ SENDMAIL RELEASE NOTES - $Id: RELEASE_NOTES,v 8.561.2.5.2.254 2001/07/31 22:42:46 gshapiro Exp $ + $Id: RELEASE_NOTES,v 8.561.2.5.2.261 2001/08/20 14:45:32 gshapiro Exp $ This listing shows the version of the sendmail binary, the version of the sendmail configuration files, the date of release, and a summary of the changes in that release. +8.11.6/8.11.6 2001/08/20 + SECURITY: Fix a possible memory access violation when specifying + out-of-bounds debug parameters. Problem detected by + Cade Cairns of SecurityFocus. + Avoid leaking recipient information in unrelated DSNs. This could + happen if a connection is aborted, several mails had been + scheduled for delivery via that connection, and the timeout + is reached such that several DSNs are sent next. Problem + noted by Dileepan Moorkanat of Hewlett-Packard. + Fix a possible segmentation violation when specifying too many + wildcard operators in a rule. Problem detected by + Werner Wiethege. + Avoid a segmentation fault on non-matching Hesiod lookups. Problem + noted by Russell McOrmond of flora.ca + 8.11.5/8.11.5 2001/07/31 Fix a possible race condition when sending a HUP signal to restart the daemon. This could terminate the current process without diff --git a/contrib/sendmail/cf/README b/contrib/sendmail/cf/README index d50bfd4..820c609 100644 --- a/contrib/sendmail/cf/README +++ b/contrib/sendmail/cf/README @@ -433,7 +433,7 @@ DECNET_RELAY The host that will accept DECNET-addressed email. FAX_RELAY The host that will accept mail to the .FAX pseudo-domain. The "fax" mailer overrides this value. LOCAL_RELAY The site that will handle unqualified names -- that - is, names with out an @domain extension. + is, names without an @domain extension. Normally MAIL_HUB is preferred for this function. LOCAL_RELAY is mostly useful in conjunction with FEATURE(stickyhost) -- see the discussion of @@ -2148,7 +2148,7 @@ If a certain level of encryption is required, then it might also be possible that this level is provided by the security layer from a SASL algorithm, e.g., DIGEST-MD5. -Example: e-mail send to secure.example.com should only use an encrypted +Example: e-mail sent to secure.example.com should only use an encrypted connection. e-mail received from hosts within the laptop.example.com domain should only be accepted if they have been authenticated. TLS_Srv:secure.example.com ENCR:112 @@ -3313,4 +3313,4 @@ M4 DIVERSIONS 8 DNS based blacklists 9 special local rulesets (1 and 2) -$Revision: 8.383.2.1.2.47 $, Last updated $Date: 2001/07/13 22:31:49 $ +$Revision: 8.383.2.1.2.49 $, Last updated $Date: 2001/08/14 15:25:36 $ diff --git a/contrib/sendmail/cf/m4/version.m4 b/contrib/sendmail/cf/m4/version.m4 index e04d15e..adc2c2c 100644 --- a/contrib/sendmail/cf/m4/version.m4 +++ b/contrib/sendmail/cf/m4/version.m4 @@ -11,8 +11,8 @@ divert(-1) # the sendmail distribution. # # -VERSIONID(`$Id: version.m4,v 8.39.4.33 2001/07/31 22:34:17 gshapiro Exp $') +VERSIONID(`$Id: version.m4,v 8.39.4.35 2001/08/20 14:45:34 gshapiro Exp $') # divert(0) # Configuration version number -DZ8.11.5`'ifdef(`confCF_VERSION', `/confCF_VERSION') +DZ8.11.6`'ifdef(`confCF_VERSION', `/confCF_VERSION') diff --git a/contrib/sendmail/doc/op/op.me b/contrib/sendmail/doc/op/op.me index 0c0edeb..802e3b7 100644 --- a/contrib/sendmail/doc/op/op.me +++ b/contrib/sendmail/doc/op/op.me @@ -9,7 +9,7 @@ .\" the sendmail distribution. .\" .\" -.\" $Id: op.me,v 8.317.4.70 2001/07/24 04:08:25 ca Exp $ +.\" $Id: op.me,v 8.317.4.71 2001/08/14 15:26:00 ca Exp $ .\" .\" eqn op.me | pic | troff -me .\" @@ -87,7 +87,7 @@ eric@Sendmail.COM .de Ve Version \\$2 .. -.Ve $Revision: 8.317.4.70 $ +.Ve $Revision: 8.317.4.71 $ .rm Ve .sp For Sendmail Version 8.11 @@ -6441,7 +6441,7 @@ only root and the owner of the queue directory can run the queue. Authentication Warnings add warnings about various conditions that may indicate attempts to spoof the mail system, -such as using an non-standard queue directory. +such as using a non-standard queue directory. .ip ProcessTitlePrefix=\fIstring\fP [no short name] Prefix the process title shown on 'ps' listings with @@ -9475,7 +9475,7 @@ replace it with a blank sheet for double-sided output. .\".sz 10 .\"Eric Allman .\".sp -.\"Version $Revision: 8.317.4.70 $ +.\"Version $Revision: 8.317.4.71 $ .\".ce 0 .bp 3 .ce diff --git a/contrib/sendmail/src/README b/contrib/sendmail/src/README index 3b9f0f9..fd8d5ee 100644 --- a/contrib/sendmail/src/README +++ b/contrib/sendmail/src/README @@ -9,7 +9,7 @@ # the sendmail distribution. # # -# $Id: README,v 8.263.2.1.2.37 2001/06/03 03:41:12 ca Exp $ +# $Id: README,v 8.263.2.1.2.38 2001/08/15 22:07:11 gshapiro Exp $ # This directory contains the source files for sendmail(TM). @@ -114,6 +114,7 @@ HESIOD Support for Hesiod (from the DEC/Athena distribution). You must already have Hesiod support on your system for this to work. You may be able to get this to work with the MIT/Athena version of Hesiod, but that's likely to be a lot of work. + BIND 8.X also includes Hesiod support. LDAPMAP Lightweight Directory Access Protocol support. You will have to install the UMich or OpenLDAP (http://www.openldap.org/) ldap and lber libraries to use @@ -1729,4 +1730,4 @@ util.c Some general purpose routines used by sendmail. version.c The version number and information about this version of sendmail. -(Version $Revision: 8.263.2.1.2.37 $, last update $Date: 2001/06/03 03:41:12 $ ) +(Version $Revision: 8.263.2.1.2.38 $, last update $Date: 2001/08/15 22:07:11 $ ) diff --git a/contrib/sendmail/src/clock.c b/contrib/sendmail/src/clock.c index 1a36478..0e3ec94 100644 --- a/contrib/sendmail/src/clock.c +++ b/contrib/sendmail/src/clock.c @@ -12,7 +12,7 @@ */ #ifndef lint -static char id[] = "@(#)$Id: clock.c,v 8.52.18.17 2001/07/31 23:04:59 ca Exp $"; +static char id[] = "@(#)$Id: clock.c,v 8.52.18.18 2001/08/14 16:07:04 ca Exp $"; #endif /* ! lint */ #include @@ -426,6 +426,8 @@ pend_signal(sig) abort(); /* NOTREACHED */ + /* shut up stupid compiler warning on HP-UX 11 */ + sigbit = 0; break; } diff --git a/contrib/sendmail/src/err.c b/contrib/sendmail/src/err.c index 3f85c60..d259db2 100644 --- a/contrib/sendmail/src/err.c +++ b/contrib/sendmail/src/err.c @@ -12,7 +12,7 @@ */ #ifndef lint -static char id[] = "@(#)$Id: err.c,v 8.120.4.3 2001/05/30 00:22:26 gshapiro Exp $"; +static char id[] = "@(#)$Id: err.c,v 8.120.4.5 2001/08/17 22:09:40 ca Exp $"; #endif /* ! lint */ #include @@ -776,10 +776,27 @@ fmtmsg(eb, to, num, enhsc, eno, fmt, ap) spaceleft -= l; } - /* output the "to" person */ + /* + ** output the "to" address only if it is defined and one of the + ** following codes is used: + ** 050 internal notices, e.g., alias expansion + ** 250 Ok + ** 252 Cannot VRFY user, but will accept message and attempt delivery + ** 450 Requested mail action not taken: mailbox unavailable + ** 550 Requested action not taken: mailbox unavailable + ** 553 Requested action not taken: mailbox name not allowed + ** + ** Notice: this still isn't "the right thing", this code shouldn't + ** (indirectly) depend on CurEnv->e_to. + */ + if (to != NULL && to[0] != '\0' && - strncmp(num, "551", 3) != 0 && - strncmp(num, "251", 3) != 0) + (strncmp(num, "050", 3) == 0 || + strncmp(num, "250", 3) == 0 || + strncmp(num, "252", 3) == 0 || + strncmp(num, "450", 3) == 0 || + strncmp(num, "550", 3) == 0 || + strncmp(num, "553", 3) == 0)) { (void) snprintf(eb, spaceleft, "%s... ", shortenstring(to, MAXSHORTSTR)); diff --git a/contrib/sendmail/src/map.c b/contrib/sendmail/src/map.c index 04b040f..78f8a02 100644 --- a/contrib/sendmail/src/map.c +++ b/contrib/sendmail/src/map.c @@ -12,7 +12,7 @@ */ #ifndef lint -static char id[] = "@(#)$Id: map.c,v 8.414.4.54 2001/06/01 08:23:24 gshapiro Exp $"; +static char id[] = "@(#)$Id: map.c,v 8.414.4.55 2001/08/15 22:08:58 gshapiro Exp $"; #endif /* ! lint */ #include @@ -5359,7 +5359,8 @@ hes_map_lookup(map, name, av, statp) *statp = EX_UNAVAILABLE; break; } - hesiod_free_list(HesiodContext, hp); + if (hp != NULL) + hesiod_free_list(HesiodContext, hp); return NULL; } # else /* HESIOD_INIT */ diff --git a/contrib/sendmail/src/milter.c b/contrib/sendmail/src/milter.c index 5d5d260..9782004 100644 --- a/contrib/sendmail/src/milter.c +++ b/contrib/sendmail/src/milter.c @@ -9,7 +9,7 @@ */ #ifndef lint -static char id[] = "@(#)$Id: milter.c,v 8.50.4.51 2001/07/20 00:53:01 gshapiro Exp $"; +static char id[] = "@(#)$Id: milter.c,v 8.50.4.53 2001/08/15 02:01:03 ca Exp $"; #endif /* ! lint */ #if _FFR_MILTER @@ -1100,7 +1100,7 @@ milter_setup(line) m->mf_name = newstr(line); m->mf_state = SMFS_READY; m->mf_sock = -1; - m->mf_timeout[SMFTO_CONNECT] = (time_t) 0; + m->mf_timeout[SMFTO_CONNECT] = (time_t) 0; m->mf_timeout[SMFTO_WRITE] = (time_t) 10; m->mf_timeout[SMFTO_READ] = (time_t) 10; m->mf_timeout[SMFTO_EOM] = (time_t) 300; @@ -1132,10 +1132,6 @@ milter_setup(line) /* install the field into the filter struct */ switch (fcode) { - case 'C': - m->mf_timeout[SMFTO_CONNECT] = convtime(p, 's'); - break; - case 'S': /* socket */ if (p == NULL) m->mf_conn = NULL; @@ -1281,6 +1277,14 @@ milter_parse_timeouts(spec, m) /* install the field into the filter struct */ switch (fcode) { + case 'C': + m->mf_timeout[SMFTO_CONNECT] = convtime(p, 's'); + if (tTd(64, 5)) + printf("X%s: %c=%ld\n", + m->mf_name, fcode, + (u_long) m->mf_timeout[SMFTO_CONNECT]); + break; + case 'S': m->mf_timeout[SMFTO_WRITE] = convtime(p, 's'); if (tTd(64, 5)) diff --git a/contrib/sendmail/src/parseaddr.c b/contrib/sendmail/src/parseaddr.c index adbb8b1..9b51c73 100644 --- a/contrib/sendmail/src/parseaddr.c +++ b/contrib/sendmail/src/parseaddr.c @@ -12,7 +12,7 @@ */ #ifndef lint -static char id[] = "@(#)$Id: parseaddr.c,v 8.234.4.12 2001/05/03 17:24:11 gshapiro Exp $"; +static char id[] = "@(#)$Id: parseaddr.c,v 8.234.4.13 2001/08/14 23:08:13 ca Exp $"; #endif /* ! lint */ #include @@ -767,9 +767,6 @@ struct match char **match_pattern; /* pointer to pattern */ }; -#define MAXMATCH 9 /* max params per rewrite */ - - int rewrite(pvp, ruleset, reclevel, e) char **pvp; diff --git a/contrib/sendmail/src/readcf.c b/contrib/sendmail/src/readcf.c index cb1923b..73acff5 100644 --- a/contrib/sendmail/src/readcf.c +++ b/contrib/sendmail/src/readcf.c @@ -12,7 +12,7 @@ */ #ifndef lint -static char id[] = "@(#)$Id: readcf.c,v 8.382.4.42 2001/07/31 22:30:24 gshapiro Exp $"; +static char id[] = "@(#)$Id: readcf.c,v 8.382.4.43 2001/08/14 23:08:13 ca Exp $"; #endif /* ! lint */ #include @@ -267,6 +267,11 @@ readcf(cfname, safe, e) syserr("R line: null LHS"); rwp->r_lhs = null_list; } + if (nfuzzy > MAXMATCH) + { + syserr("R line: too many wildcards"); + rwp->r_lhs = null_list; + } /* expand and save the RHS */ while (*++p == '\t') diff --git a/contrib/sendmail/src/sendmail.h b/contrib/sendmail/src/sendmail.h index 1ead2de..611116c 100644 --- a/contrib/sendmail/src/sendmail.h +++ b/contrib/sendmail/src/sendmail.h @@ -20,7 +20,7 @@ #ifdef _DEFINE # define EXTERN # ifndef lint -static char SmailId[] = "@(#)$Id: sendmail.h,v 8.517.4.69 2001/07/20 18:46:01 gshapiro Exp $"; +static char SmailId[] = "@(#)$Id: sendmail.h,v 8.517.4.70 2001/08/14 23:08:12 ca Exp $"; # endif /* ! lint */ #else /* _DEFINE */ # define EXTERN extern @@ -765,6 +765,8 @@ struct rewrite /* to make the code clearer */ #define MATCHZERO CANONHOST +#define MAXMATCH 9 /* max params per rewrite */ + /* external <==> internal mapping table */ struct metamac { diff --git a/contrib/sendmail/src/trace.c b/contrib/sendmail/src/trace.c index 6f08dea..735ef83 100644 --- a/contrib/sendmail/src/trace.c +++ b/contrib/sendmail/src/trace.c @@ -12,7 +12,7 @@ */ #ifndef lint -static char id[] = "@(#)$Id: trace.c,v 8.20.22.2 2000/09/17 17:04:27 gshapiro Exp $"; +static char id[] = "@(#)$Id: trace.c,v 8.20.22.4 2001/08/15 13:05:43 ca Exp $"; #endif /* ! lint */ #include @@ -63,7 +63,7 @@ void tTflag(s) register char *s; { - int first, last; + unsigned int first, last; register unsigned int i; if (*s == '\0') @@ -73,16 +73,28 @@ tTflag(s) { /* find first flag to set */ i = 0; - while (isascii(*s) && isdigit(*s)) + while (isascii(*s) && isdigit(*s) && i < tTsize) i = i * 10 + (*s++ - '0'); + + /* + ** skip over rest of a too large number + ** Maybe we should complain if out-of-bounds values are used. + */ + + while (isascii(*s) && isdigit(*s) && i >= tTsize) + s++; first = i; /* find last flag to set */ if (*s == '-') { i = 0; - while (isascii(*++s) && isdigit(*s)) + while (isascii(*++s) && isdigit(*s) && i < tTsize) i = i * 10 + (*s - '0'); + + /* skip over rest of a too large number */ + while (isascii(*s) && isdigit(*s) && i >= tTsize) + s++; } last = i; diff --git a/contrib/sendmail/src/version.c b/contrib/sendmail/src/version.c index ac05788..ce675c7 100644 --- a/contrib/sendmail/src/version.c +++ b/contrib/sendmail/src/version.c @@ -12,7 +12,7 @@ */ #ifndef lint -static char id[] = "@(#)$Id: version.c,v 8.43.4.37 2001/07/31 22:34:20 gshapiro Exp $"; +static char id[] = "@(#)$Id: version.c,v 8.43.4.39 2001/08/20 14:45:34 gshapiro Exp $"; #endif /* ! lint */ -char Version[] = "8.11.5"; +char Version[] = "8.11.6"; -- cgit v1.1