diff options
Diffstat (limited to 'mail')
-rw-r--r-- | mail/sendmail/Makefile | 17 | ||||
-rw-r--r-- | mail/sendmail/files/patch-Makefile.m4 | 11 | ||||
-rw-r--r-- | mail/sendmail/files/patch-blacklist.c | 60 | ||||
-rw-r--r-- | mail/sendmail/files/patch-blacklist_client.h | 60 | ||||
-rw-r--r-- | mail/sendmail/files/patch-daemon.c | 10 | ||||
-rw-r--r-- | mail/sendmail/files/patch-main.c | 26 | ||||
-rw-r--r-- | mail/sendmail/files/patch-readcf.c | 26 | ||||
-rw-r--r-- | mail/sendmail/files/patch-sendmail.8 | 14 | ||||
-rw-r--r-- | mail/sendmail/files/patch-sendmail.h | 30 | ||||
-rw-r--r-- | mail/sendmail/files/patch-srvrsmtp.c | 37 | ||||
-rw-r--r-- | mail/sendmail/files/patch-usersmtp.c | 17 | ||||
-rw-r--r-- | mail/sendmail/files/site.config.m4.smtputf8 | 4 | ||||
-rw-r--r-- | mail/sendmail/files/smtputf8.patch (renamed from mail/sendmail/files/extrapatch-smtputf8) | 0 |
13 files changed, 224 insertions, 88 deletions
diff --git a/mail/sendmail/Makefile b/mail/sendmail/Makefile index a019090b4e8f..5dc65c9c5a0e 100644 --- a/mail/sendmail/Makefile +++ b/mail/sendmail/Makefile @@ -2,7 +2,7 @@ PORTNAME= sendmail PORTVERSION= 8.15.2 -PORTREVISION= 4 +PORTREVISION= 5 CATEGORIES= mail ipv6 MASTER_SITES= ftp://ftp.sendmail.org/pub/sendmail/ PKGNAMESUFFIX?= ${TLS_SUFFIX}${SASL_SUFFIX}${LDAP_SUFFIX}${BDB_SUFFIX}${PKGNAMESUFFIX2} @@ -48,8 +48,9 @@ MILTER_SOVER?= 6 OPTIONS_DEFINE?= SHMEM SEM LA NIS IPV6 TLS SASL SASLAUTHD LDAP BDB \ GDBM SOCKETMAP CYRUSLOOKUP BLACKLISTD SMTPUTF8 \ PICKY_HELO_CHECK MILTER DOCS -OPTIONS_DEFAULT?= SHMEM SEM LA NIS TLS SASL SASLAUTHD BDB1 SMTPUTF8 \ - PICKY_HELO_CHECK MILTER +OPTIONS_DEFAULT?= SHMEM SEM LA NIS TLS SASL SASLAUTHD BDB1 \ + BLACKLISTD SMTPUTF8 PICKY_HELO_CHECK MILTER +OPTIONS_EXCLUDE_FreeBSD_10= BLACKLISTD NO_OPTIONS_SORT=yes SHMEM_DESC= System V shared memory support LA_DESC= load averages support @@ -100,14 +101,13 @@ IGNORE= option CYRUSLOOKUP requires option SOCKETMAP EXTRA_PATCHES+= ${FILESDIR}/cyruslookup.patch .endif .endif +.if ${PORT_OPTIONS:MSMTPUTF8} +EXTRA_PATCHES+= ${FILESDIR}/smtputf8.patch +.endif .if ${PORT_OPTIONS:MTLS} TLS_SUFFIX?= +tls CONFLICTS+= sendmail-ldap-8.* sendmail-sasl2-8.* .endif -.if ${PORT_OPTIONS:MSMTPUTF8} -EXTRA_PATCHES+= ${FILESDIR}/extrapatch-smtputf8 -SITE+= ${FILESDIR}/site.config.m4.smtputf8 -.endif MAKE_PKGNAMES= for i in "" +tls; do \ for j in "" +sasl2; do \ @@ -134,6 +134,9 @@ SITE+= ${FILESDIR}/site.config.m4.ldap .if ${PORT_OPTIONS:MBLACKLISTD} SITE+= ${FILESDIR}/site.config.m4.blacklistd .endif +.if ${PORT_OPTIONS:MSMTPUTF8} +SITE+= ${FILESDIR}/site.config.m4.smtputf8 +.endif .if ${PORT_OPTIONS:MMILTER} SITE+= ${FILESDIR}/site.config.m4.milter .endif diff --git a/mail/sendmail/files/patch-Makefile.m4 b/mail/sendmail/files/patch-Makefile.m4 index 5d77c403581b..a7c131221be2 100644 --- a/mail/sendmail/files/patch-Makefile.m4 +++ b/mail/sendmail/files/patch-Makefile.m4 @@ -1,6 +1,13 @@ ---- sendmail/Makefile.m4.orig 2014-11-11 15:49:49 UTC +--- sendmail/Makefile.m4.orig 2015-06-19 12:59:29 UTC +++ sendmail/Makefile.m4 -@@ -13,8 +13,7 @@ bldPUSH_SMLIB(`smutil') +@@ -7,14 +7,14 @@ bldPRODUCT_START(`executable', `sendmail + define(`bldBIN_TYPE', `G') + define(`bldINSTALL_DIR', `') + define(`bldSOURCES', `main.c alias.c arpadate.c bf.c collect.c conf.c control.c convtime.c daemon.c deliver.c domain.c envelope.c err.c headers.c macro.c map.c mci.c milter.c mime.c parseaddr.c queue.c ratectrl.c readcf.c recipient.c sasl.c savemail.c sfsasl.c shmticklib.c sm_resolve.c srvrsmtp.c stab.c stats.c sysexits.c timers.c tls.c trace.c udb.c usersmtp.c util.c version.c ') ++APPENDDEF(`bldSOURCES',`blacklist.c ') + PREPENDDEF(`confENVDEF', `confMAPDEF') + bldPUSH_SMLIB(`sm') + bldPUSH_SMLIB(`smutil') dnl hack: /etc/mail is not defined as "location of .cf" in the build system diff --git a/mail/sendmail/files/patch-blacklist.c b/mail/sendmail/files/patch-blacklist.c new file mode 100644 index 000000000000..59782a08473e --- /dev/null +++ b/mail/sendmail/files/patch-blacklist.c @@ -0,0 +1,60 @@ +--- sendmail/blacklist.c.orig 2018-01-02 20:16:44 UTC ++++ sendmail/blacklist.c +@@ -0,0 +1,57 @@ ++/*- ++ * Copyright (c) 2016 The FreeBSD Foundation ++ * All rights reserved. ++ * ++ * This software was developed by Kurt Lidl under sponsorship from the ++ * FreeBSD Foundation. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in the ++ * documentation and/or other materials provided with the distribution. ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND ++ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ++ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE ++ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL ++ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS ++ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT ++ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY ++ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF ++ * SUCH DAMAGE. */ ++ ++/* $FreeBSD$ */ ++ ++#ifdef USE_BLACKLIST ++#include <sm/gen.h> ++#include <sendmail.h> /* for EXTERN UseBlacklist */ ++ ++#include <blacklist.h> ++#include "blacklist_client.h" ++ ++static struct blacklist *blstate; ++ ++void ++blacklist_init(void) ++{ ++ ++ if (UseBlacklist) ++ blstate = blacklist_open(); ++} ++ ++void ++blacklist_notify(int action, int fd, const char *msg) ++{ ++ ++ if (blstate == NULL) ++ return; ++ (void)blacklist_r(blstate, action, fd, msg); ++} ++ ++#endif /* USE_BLACKLIST */ diff --git a/mail/sendmail/files/patch-blacklist_client.h b/mail/sendmail/files/patch-blacklist_client.h new file mode 100644 index 000000000000..6f8c130045c3 --- /dev/null +++ b/mail/sendmail/files/patch-blacklist_client.h @@ -0,0 +1,60 @@ +--- sendmail/blacklist_client.h.orig 2018-01-02 20:16:44 UTC ++++ sendmail/blacklist_client.h +@@ -0,0 +1,57 @@ ++/*- ++ * Copyright (c) 2016 The FreeBSD Foundation ++ * All rights reserved. ++ * ++ * This software was developed by Kurt Lidl under sponsorship from the ++ * FreeBSD Foundation. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in the ++ * documentation and/or other materials provided with the distribution. ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND ++ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ++ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE ++ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL ++ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS ++ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT ++ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY ++ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF ++ * SUCH DAMAGE. */ ++ ++/* $FreeBSD$ */ ++ ++#ifndef BLACKLIST_CLIENT_H ++#define BLACKLIST_CLIENT_H ++ ++#ifndef BLACKLIST_API_ENUM ++enum { ++ BLACKLIST_AUTH_OK = 0, ++ BLACKLIST_AUTH_FAIL, ++ BLACKLIST_ABUSIVE_BEHAVIOR, ++ BLACKLIST_BAD_USER ++}; ++#endif ++ ++#ifdef USE_BLACKLIST ++void blacklist_init(void); ++void blacklist_notify(int, int, const char *); ++ ++#define BLACKLIST_INIT() blacklist_init() ++#define BLACKLIST_NOTIFY(x, y, msg) blacklist_notify(x, y, msg) ++ ++#else ++ ++#define BLACKLIST_INIT() ++#define BLACKLIST_NOTIFY(x, y, msg) ++ ++#endif ++ ++#endif /* BLACKLIST_CLIENT_H */ diff --git a/mail/sendmail/files/patch-daemon.c b/mail/sendmail/files/patch-daemon.c index 9189bf8a2a89..a0a223365692 100644 --- a/mail/sendmail/files/patch-daemon.c +++ b/mail/sendmail/files/patch-daemon.c @@ -1,12 +1,10 @@ ---- sendmail/daemon.c.orig 2016-06-12 18:25:14.196269000 -0400 -+++ sendmail/daemon.c 2016-06-12 18:31:47.159880000 -0400 -@@ -754,6 +754,10 @@ +--- sendmail/daemon.c.orig 2015-02-28 00:50:03 UTC ++++ sendmail/daemon.c +@@ -754,6 +754,8 @@ getrequests(e) anynet_ntoa(&RealHostAddr)); } -+#ifdef USE_BLACKLIST -+ blacklist_init(); -+#endif ++ BLACKLIST_INIT(); + if (pipefd[0] != -1) { diff --git a/mail/sendmail/files/patch-main.c b/mail/sendmail/files/patch-main.c deleted file mode 100644 index 47e637162bde..000000000000 --- a/mail/sendmail/files/patch-main.c +++ /dev/null @@ -1,26 +0,0 @@ ---- sendmail/main.c.orig 2016-06-12 18:24:56.170900000 -0400 -+++ sendmail/main.c 2016-06-12 18:30:07.426701000 -0400 -@@ -4642,3 +4642,23 @@ - sm_etype_printf, - "quick abort %0", - }; -+ -+#ifdef USE_BLACKLIST -+static struct blacklist *blstate; -+ -+void -+blacklist_init(void) -+{ -+ blstate = blacklist_open(); -+} -+ -+void -+blacklist_notify(int a, int fd, char *msg) -+{ -+ if (blstate == NULL) -+ blacklist_init(); -+ if (blstate == NULL) -+ return; -+ (void)blacklist_r(blstate, a, fd, msg); -+} -+#endif diff --git a/mail/sendmail/files/patch-readcf.c b/mail/sendmail/files/patch-readcf.c new file mode 100644 index 000000000000..a6aad5c00495 --- /dev/null +++ b/mail/sendmail/files/patch-readcf.c @@ -0,0 +1,26 @@ +--- sendmail/readcf.c.orig 2015-06-17 16:51:58 UTC ++++ sendmail/readcf.c +@@ -2910,6 +2910,10 @@ static struct optioninfo + #endif + #define O_USECOMPRESSEDIPV6ADDRESSES 0xec + { "UseCompressedIPv6Addresses", O_USECOMPRESSEDIPV6ADDRESSES, OI_NONE }, ++#if USE_BLACKLIST ++# define O_BLACKLIST 0xf2 ++ { "UseBlacklist", O_BLACKLIST, OI_NONE }, ++#endif + + { NULL, '\0', OI_NONE } + }; +@@ -4540,6 +4544,12 @@ setoption(opt, val, safe, sticky, e) + UseCompressedIPv6Addresses = atobool(val); + break; + ++#if USE_BLACKLIST ++ case O_BLACKLIST: ++ UseBlacklist = atobool(val); ++ break; ++#endif ++ + default: + if (tTd(37, 1)) + { diff --git a/mail/sendmail/files/patch-sendmail.8 b/mail/sendmail/files/patch-sendmail.8 new file mode 100644 index 000000000000..447c4dd7cdb5 --- /dev/null +++ b/mail/sendmail/files/patch-sendmail.8 @@ -0,0 +1,14 @@ +--- sendmail/sendmail.8.orig 2014-06-13 14:57:59 UTC ++++ sendmail/sendmail.8 +@@ -537,6 +537,11 @@ for this amount of time, + failed messages will be returned to the sender. + The default is five days. + .TP ++UseBlacklist ++If set, send authentication failure and success notifications to the ++.BR blacklistd (8) ++daemon. ++.TP + .RI UserDatabaseSpec= userdatabase + If set, a user database is consulted to get forwarding information. + You can consider this an adjunct to the aliasing mechanism, diff --git a/mail/sendmail/files/patch-sendmail.h b/mail/sendmail/files/patch-sendmail.h index 4969fd6c03bc..17e55f10fcf3 100644 --- a/mail/sendmail/files/patch-sendmail.h +++ b/mail/sendmail/files/patch-sendmail.h @@ -1,16 +1,24 @@ ---- sendmail/sendmail.h.orig 2016-06-12 18:23:05.239106000 -0400 -+++ sendmail/sendmail.h 2016-06-12 18:42:38.972341000 -0400 -@@ -2647,6 +2647,13 @@ - extern char *milter_unknown __P((char *, ENVELOPE *, char *)); - #endif /* MILTER */ +--- sendmail/sendmail.h.orig 2015-06-19 12:59:29 UTC ++++ sendmail/sendmail.h +@@ -57,6 +57,10 @@ SM_UNUSED(static char SmailId[]) = "@(#) + #endif /* _DEFINE */ + #include "bf.h" +#if USE_BLACKLIST -+/* blacklistd functions */ -+void blacklist_init(void); -+void blacklist_notify(int, int, char *); +#include <blacklist.h> +#endif ++#include "blacklist_client.h" + #include "timers.h" + #include <sm/exc.h> + #include <sm/heap.h> +@@ -2544,6 +2548,10 @@ EXTERN int ConnectionRateWindowSize; + EXTERN bool SSLEngineInitialized; + #endif /* STARTTLS && USE_OPENSSL_ENGINE */ + ++#if USE_BLACKLIST ++EXTERN bool UseBlacklist; ++#endif + - extern char *addquotes __P((char *, SM_RPOOL_T *)); - extern char *arpadate __P((char *)); - extern bool atobool __P((char *)); + /* + ** Declarations of useful functions + */ diff --git a/mail/sendmail/files/patch-srvrsmtp.c b/mail/sendmail/files/patch-srvrsmtp.c index 89dcdbd56d14..93308578ed07 100644 --- a/mail/sendmail/files/patch-srvrsmtp.c +++ b/mail/sendmail/files/patch-srvrsmtp.c @@ -1,44 +1,33 @@ ---- sendmail/srvrsmtp.c.orig 2015-03-18 07:47:12.000000000 -0400 -+++ sendmail/srvrsmtp.c 2016-06-12 18:36:01.372172000 -0400 -@@ -832,6 +832,9 @@ - int n_badrcpts_adj; - #endif /* _FFR_BADRCPT_SHUTDOWN */ - -+#ifdef USE_BLACKLIST -+ int fd; -+#endif - SevenBitInput_Saved = SevenBitInput; - smtp.sm_nrcpts = 0; - #if MILTER -@@ -1328,6 +1331,9 @@ +--- sendmail/srvrsmtp.c.orig 2015-03-18 11:47:12 UTC ++++ sendmail/srvrsmtp.c +@@ -1328,6 +1328,7 @@ smtp(nullserver, d_flags, e) (int) tp.tv_sec + (tp.tv_usec >= 500000 ? 1 : 0) ); -+#ifdef USE_BLACKLIST -+ blacklist_notify(1, fd, "pre-greeting traffic"); -+#endif ++ BLACKLIST_NOTIFY(BLACKLIST_AUTH_FAIL, fd, "pre-greeting traffic"); } } } -@@ -1723,6 +1729,10 @@ +@@ -1721,8 +1722,11 @@ smtp(nullserver, d_flags, e) + } + else { ++ int fd; /* not SASL_OK or SASL_CONT */ message("535 5.7.0 authentication failed"); -+#ifdef USE_BLACKLIST + fd = sm_io_getinfo(InChannel, SM_IO_WHAT_FD, NULL); -+ blacklist_notify(1, fd, "AUTH FAIL"); -+#endif ++ BLACKLIST_NOTIFY(BLACKLIST_AUTH_FAIL, fd, "AUTH FAIL"); if (LogLevel > 9) sm_syslog(LOG_WARNING, e->e_id, "AUTH failure (%s): %s (%d) %s, relay=%.100s", -@@ -3524,6 +3534,10 @@ +@@ -3523,7 +3527,10 @@ doquit: + #if MAXBADCOMMANDS > 0 if (++n_badcmds > MAXBADCOMMANDS) { ++ int fd; stopattack: -+#ifdef USE_BLACKLIST + fd = sm_io_getinfo(InChannel, SM_IO_WHAT_FD, NULL); -+ blacklist_notify(1, fd, "too many bad commands"); -+#endif ++ BLACKLIST_NOTIFY(BLACKLIST_ABUSIVE_BEHAVIOR, fd, "too many bad commands"); message("421 4.7.0 %s Too many bad commands; closing connection", MyHostName); diff --git a/mail/sendmail/files/patch-usersmtp.c b/mail/sendmail/files/patch-usersmtp.c index 6223915df489..a50a11f3787e 100644 --- a/mail/sendmail/files/patch-usersmtp.c +++ b/mail/sendmail/files/patch-usersmtp.c @@ -1,26 +1,23 @@ ---- sendmail/usersmtp.c.orig 2014-12-05 10:42:28.000000000 -0500 -+++ sendmail/usersmtp.c 2016-06-12 18:35:25.940865000 -0400 -@@ -1825,6 +1825,10 @@ +--- sendmail/usersmtp.c.orig 2014-12-05 15:42:28 UTC ++++ sendmail/usersmtp.c +@@ -1825,6 +1825,9 @@ attemptauth(m, mci, e, sai) if (saslresult != SASL_OK && saslresult != SASL_CONTINUE) { -+#ifdef USE_BLACKLIST + int fd = sm_io_getinfo(mci->mci_in, SM_IO_WHAT_FD, NULL); -+ blacklist_notify(1, fd, "AUTH FAIL"); -+#endif ++ BLACKLIST_NOTIFY(BLACKLIST_AUTH_FAIL, fd, "AUTH FAIL"); ++ if (tTd(95, 5)) sm_dprintf("AUTH FAIL=%s (%d)\n", sasl_errstring(saslresult, NULL, NULL), -@@ -1970,9 +1974,13 @@ +@@ -1970,9 +1973,11 @@ smtpauth(m, mci, e) do { result = attemptauth(m, mci, e, &(mci->mci_sai)); - if (result == EX_OK) + if (result == EX_OK) { -+#ifdef USE_BLACKLIST + int fd = sm_io_getinfo(mci->mci_in, SM_IO_WHAT_FD, NULL); -+ blacklist_notify(0, fd, "AUTH OK"); -+#endif ++ BLACKLIST_NOTIFY(BLACKLIST_AUTH_OK, fd, "AUTH OK"); mci->mci_sasl_auth = true; - else if (result == EX_TEMPFAIL || result == EX_NOPERM) + } else if (result == EX_TEMPFAIL || result == EX_NOPERM) diff --git a/mail/sendmail/files/site.config.m4.smtputf8 b/mail/sendmail/files/site.config.m4.smtputf8 index af7f2fc80d5c..0668f6dfb941 100644 --- a/mail/sendmail/files/site.config.m4.smtputf8 +++ b/mail/sendmail/files/site.config.m4.smtputf8 @@ -1,2 +1,2 @@ -APPENDDEF(`confLIBS', ` -L/usr/lib/x86_64-linux-gnu -licui18n -licuuc -licudata') -define(`conf_sendmail_ENVDEF', `-D_FFR_EAI') +APPENDDEF(`confLIBS', `-licui18n -licuuc -licudata') +APPENDDEF(`conf_sendmail_ENVDEF', `-D_FFR_EAI') diff --git a/mail/sendmail/files/extrapatch-smtputf8 b/mail/sendmail/files/smtputf8.patch index ff107c3e2c43..ff107c3e2c43 100644 --- a/mail/sendmail/files/extrapatch-smtputf8 +++ b/mail/sendmail/files/smtputf8.patch |