summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--usr.sbin/sendmail/RELEASE_NOTES148
-rw-r--r--usr.sbin/sendmail/cf/README26
-rw-r--r--usr.sbin/sendmail/cf/cf/Makefile6
-rw-r--r--usr.sbin/sendmail/cf/cf/knecht.mc51
-rw-r--r--usr.sbin/sendmail/cf/m4/cfhead.m419
-rw-r--r--usr.sbin/sendmail/cf/m4/proto.m443
-rw-r--r--usr.sbin/sendmail/cf/m4/version.m44
-rw-r--r--usr.sbin/sendmail/cf/ostype/powerux.m446
-rw-r--r--usr.sbin/sendmail/cf/ostype/sinix.m445
-rw-r--r--usr.sbin/sendmail/doc/op/op.me31
-rw-r--r--usr.sbin/sendmail/src/READ_ME29
-rw-r--r--usr.sbin/sendmail/src/alias.c25
-rw-r--r--usr.sbin/sendmail/src/clock.c10
-rw-r--r--usr.sbin/sendmail/src/collect.c17
-rw-r--r--usr.sbin/sendmail/src/conf.c54
-rw-r--r--usr.sbin/sendmail/src/conf.h102
-rw-r--r--usr.sbin/sendmail/src/daemon.c9
-rw-r--r--usr.sbin/sendmail/src/deliver.c34
-rw-r--r--usr.sbin/sendmail/src/envelope.c16
-rw-r--r--usr.sbin/sendmail/src/headers.c8
-rw-r--r--usr.sbin/sendmail/src/main.c107
-rw-r--r--usr.sbin/sendmail/src/map.c5
-rw-r--r--usr.sbin/sendmail/src/mime.c42
-rw-r--r--usr.sbin/sendmail/src/queue.c42
-rw-r--r--usr.sbin/sendmail/src/readcf.c23
-rw-r--r--usr.sbin/sendmail/src/savemail.c7
-rw-r--r--usr.sbin/sendmail/src/sendmail.86
-rw-r--r--usr.sbin/sendmail/src/sendmail.h11
-rw-r--r--usr.sbin/sendmail/src/srvrsmtp.c112
-rw-r--r--usr.sbin/sendmail/src/udb.c6
-rw-r--r--usr.sbin/sendmail/src/usersmtp.c26
-rw-r--r--usr.sbin/sendmail/src/util.c8
-rw-r--r--usr.sbin/sendmail/src/version.c4
33 files changed, 857 insertions, 265 deletions
diff --git a/usr.sbin/sendmail/RELEASE_NOTES b/usr.sbin/sendmail/RELEASE_NOTES
index 621cbcc33266..a935a73f546b 100644
--- a/usr.sbin/sendmail/RELEASE_NOTES
+++ b/usr.sbin/sendmail/RELEASE_NOTES
@@ -1,11 +1,157 @@
SENDMAIL RELEASE NOTES
- @(#)RELEASE_NOTES 8.8.4.4 (Berkeley) 12/2/96
+ @(#)RELEASE_NOTES 8.8.5.3 (Berkeley) 1/21/97
This listing shows the version of the sendmail binary, the version
of the sendmail configuration files, the date of release, and a
summary of the changes in that release.
+8.8.5/8.8.5 97/01/21
+ SECURITY: Clear out group list during startup. Without this, sendmail
+ will continue to run with the group permissions of the caller,
+ even if RunAsUser is specified.
+ SECURITY: Make purgestat (-bH) be root-only. This is not in response
+ to any known attack, but it's best to be conservative.
+ Suggested by Peter Wemm of DIALix.
+ SECURITY: Fix buffer overrun problem in MIME code that has possible
+ security implications. Patch from Alex Garthwaite of the
+ University of Pennsylvania.
+ Use of a -f flag with a phrase attached (e.g., "-f 'Full Name <addr>'")
+ would truncate the address after "Full". Although the -f
+ syntax is incorrect (since it is in the envelope, it
+ shouldn't have comments and full names), the failure mode
+ was unnecessarily awful.
+ Fix a possible null pointer dereference when converting 8-bit data
+ to a 7-bit format. Problem noted by Jim Hutchins of
+ Sandia National Labs and David James of British Telecom.
+ Clear out stale state that affected F=9 on SMTP mailers in queue
+ runs. Although this really shouldn't be used (F=9 is for
+ final delivery only, and using it on an SMTP mailer makes
+ it possible for a message to be converted from 8->7->8->7
+ bits several times), it shouldn't have failed with a syserr.
+ Problem noted by Eric Hagberg of Morgan Stanley.
+ _Really_ fix the multiple :maildrop code in the user database
+ module. Patch from Roy Mongiovi of Georgia Tech.
+ Let F lines in the configuration file actually read root-only
+ files if the configuration file is safe. Based on a
+ patch from Keith Reynolds of SCO.
+ ETRN followed by QUIT would hold the connection open until the queue
+ run completed. Problem noted by Truck Lewis of TDK
+ Semiconductor Corp.
+ It turns out that despite the documentation, the TCP wrappers library
+ does _not_ log rejected connections. Do the logging ourselves.
+ Problem noted by Fletcher Mattox of the University of Texas
+ at Austin.
+ If sendmail finds a qf file in its queue directory that is an unknown
+ version (e.g., when backing out to an old version), the
+ error is reported on every queue run. Change it to only
+ give the error once (and rename the qf => Qf). Patch from
+ William A. Gianopoulos of Raytheon Company.
+ Start a new session when doing background delivery; currently it
+ ignored signals but didn't start a new signal, that caused
+ some problems if a background process tried to send mail
+ under certain circumstances. Problem noted by Eric Hagberg
+ of Morgan Stanley; fix from Kari Hurtta.
+ Simplify test for skipping a queue run to just check if the current
+ load average is >= the queueing load average. Previously
+ the check factored in some other parameters that caused it
+ to essentially never skip the queue run. Patch from Bryan
+ Costales.
+ If the SMTP server is running in "nullserver" mode (that is, it is
+ rejecting all commands), start sleeping after MAXBADCOMMAND
+ (25) commands; this helps prevent a bad guy from putting
+ you into a tight loop as a denial-of-service attack. Based
+ on an e-mail conversation with Brad Knowles of AOL.
+ Slow down when too many "light weight" commands have been issued;
+ this helps prevent a class of denial-of-service attacks.
+ The current values and defaults are:
+ MAXNOOPCOMMANDS 20 NOOP, VERB, ONEX, XUSR
+ MAXHELOCOMMANDS 3 HELO, EHLO
+ MAXVRFYCOMMANDS 6 VRFY, EXPN
+ MAXETRNCOMMANDS 8 ETRN
+ These will probably be configurable in a future release.
+ On systems that have uid_t typedefed to be an unsigned short, programs
+ that had the F=S flag and no U= equate would be invoked with
+ the real uid set to 65535 rather than being left unchanged.
+ In some cases, NOTIFY=NEVER was not being honored. Problem noted
+ by Steve Hubert of the University of Washington, Seattle.
+ Mail that was Quoted-Printable encoded and had a soft line break on
+ the last line (i.e., an incomplete continuation) had the last
+ line dropped. Since this appears to be illegal it isn't
+ clear what to do with it, but flushing the last line seems
+ to be a better "fail soft" approach. Based on a patch from
+ Eric Hagberg.
+ If AllowBogusHELO and PrivacyOptions=needmailhelo are both set, a
+ bogus HELO command still causes the "Polite people say HELO
+ first" error message. Problem pointed out by Chris Thomas
+ of UCLA; patch from John Beck of SunSoft.
+ Handle "sendmail -bp -qSfoobar" properly if restrictqrun is set
+ in PrivacyFlags. The -q shouldn't turn this command off.
+ Problem noted by Murray Kucherawy of Pacific Bell Internet;
+ based on a patch from Gregory Neil Shapiro of WPI.
+ Don't consider SMTP reply codes 452 or 552 (exceeded storage allocation)
+ in a DATA transaction to be sticky; these can occur because
+ a message is too large, and smaller messages should still go
+ through. Problem noted by Matt Dillon of Best Internet
+ Communications.
+ In some cases bounces were saved in /var/tmp/dead.letter even if they
+ had been successfully delivered to the envelope sender.
+ Problem noted Eric Hagberg of Morgan Stanley; solution from
+ Gregory Neil Shapiro of WPI.
+ Give better diagnostics on long alias lines. Based on code contributed
+ by Patrick Gosling of the University of Cambridge.
+ Increase the number of virtual interfaces that will be probed for
+ alternate names. Problem noted by Gregory Neil Shapiro of
+ WPI.
+ PORTABILITY:
+ UXP/DS V20L10 for Fujitsu DS/90: Makefile patches from
+ Toshiaki Nomura of Fujitsu Limited.
+ SunOS with LDAP support: compile problems with struct timeval.
+ Patch from Nick Cuccia of TCSI Corporation.
+ SCO: from Keith Reynolds of SCO.
+ Solaris: kstat load average computation wasn't being used.
+ Fixes from Michael Ju. Tokarev of Telecom Service, JSC
+ (Moscow).
+ OpenBSD: from Jason Downs of teeny.org.
+ Altos System V: from Tim Rice.
+ Solaris 2.5: from Alan Perry of SunSoft.
+ Solaris 2.6: from John Beck of SunSoft.
+ Harris Nighthawk PowerUX (mh6000 box): from Bob Miorelli
+ of Pratt & Whitney <miorelli@pweh.com>.
+ CONFIG: It seems that I hadn't gotten the Received: line syntax
+ _just_right_ yet. Tweak it again. I'll omit the names
+ of the "contributors" (quantity two) in this one case.
+ As of now, NO MORE DISCUSSION about the syntax of the
+ Received: line.
+ CONFIG: Although FEATURE(nullclient) uses EXPOSED_USER (class $=E),
+ it never inserts that class into the output file. Fix it
+ so it will honor EXPOSED_USER but will _not_ include root
+ automatically in this class. Problem noted by Ronan KERYELL
+ of Centre de Recherche en Informatique de l'École Nationale
+ Supérieure des Mines de Paris (CRI-ENSMP).
+ CONFIG: Clean up handling of "local:" syntax in relay specifications
+ such as LUSER_RELAY. This change permits the following
+ syntaxes: ``local:'' will send to the same user on the
+ local machine (e.g., in a mailertable entry for "host",
+ ``local:'' will cause an address addressed to user@host to
+ go to user on the local machone). ``local:user'' will send
+ to the named user on the local machine. ``local:user@host''
+ is equivalent to ``local:user'' (the host is ignored). In
+ all cases, the original user@host is passed in $@ (i.e., the
+ detail information). Inspired by a report from Michael Fuhr
+ of Dimensional Communications, L.L.C.
+ CONFIG: Strip quotes from the first word of an "error:" host
+ indication. This lets you set (for example) the LUSER_RELAY
+ to be ``error:\"5.1.1\" Your Message Here''. Note the use
+ of the \" so that the resulting string is properly quoted.
+ Problem noted by Gregory Neil Shapiro of WPI.
+ OP.ME: documentation was inconsistent about whether sendmail did a
+ NOOP or a RSET to probe the connection (it does a RSET).
+ Inconsistency noted by Deeran Peethamparam.
+ OP.ME: insert additional blank pages so it will print properly on
+ a duplex printer. From Matthew Black of Cal State University,
+ Long Beach.
+
8.8.4/8.8.4 96/12/02
SECURITY: under some circumstances, an attacker could get additional
permissions by hard linking to files that were group
diff --git a/usr.sbin/sendmail/cf/README b/usr.sbin/sendmail/cf/README
index d71ffd2a8a28..6ea2998f7f7c 100644
--- a/usr.sbin/sendmail/cf/README
+++ b/usr.sbin/sendmail/cf/README
@@ -4,7 +4,7 @@
Eric Allman <eric@CS.Berkeley.EDU>
- @(#)README 8.108 (Berkeley) 11/16/96
+ @(#)README 8.111 (Berkeley) 1/16/97
This document describes the sendmail configuration files being used
@@ -31,8 +31,10 @@ This package requires a post-V7 version of m4; if you are running the
4.2bsd, SysV.2, or 7th Edition version, I suggest finding a friend with
a newer version. You can m4-expand on their system, then run locally.
SunOS's /usr/5bin/m4 or BSD-Net/2's m4 both work. GNU m4 version 1.1
-also works. Unfortunately, I'm told that the M4 on BSDI 1.0 doesn't
-work -- you'll have to use a Net/2 or GNU version.
+or later also works. Unfortunately, I'm told that the M4 on BSDI 1.0
+doesn't work -- you'll have to use a Net/2 or GNU version. GNU m4 is
+available from ftp://prep.ai.mit.edu/pub/gnu/m4-1.4.tar.gz (check for
+the latest version).
IF YOU DON'T HAVE A BERKELEY MAKE, don't despair! Just run
"m4 ../m4/cf.m4 foo.mc > foo.cf" -- that should be all you need.
@@ -305,9 +307,13 @@ POP_MAILER_ARGS [pop $u] The arguments passed to the POP mailer.
PROCMAIL_MAILER_PATH [/usr/local/bin/procmail] The path to the procmail
program. This is also used by FEATURE(local_procmail).
PROCMAIL_MAILER_FLAGS [Shu] Flags added to Procmail mailer. Flags
- ``DFMmn'' are always set.
+ ``DFMmn'' are always set. This is NOT used by
+ FEATURE(local_procmail); tweak LOCAL_MAILER_FLAGS
+ instead.
PROCMAIL_MAILER_ARGS [procmail -m $h $f $u] The arguments passed to
- the Procmail mailer.
+ the Procmail mailer. This is NOT used by
+ FEATURE(local_procmail); tweak LOCAL_MAILER_ARGS
+ instead.
PROCMAIL_MAILER_MAX [undefined] If set, the maximum size message that
will be accepted by the procmail mailer.
MAIL11_MAILER_PATH [/usr/etc/mail11] The path to the mail11 mailer.
@@ -694,7 +700,10 @@ local_procmail Use procmail as the local mailer. This mailer can
normally the +indicator is just tossed, but by default
it is passed as the -a argument to procmail. The
argument to this feature is the pathname of procmail,
- which defaults to PROCMAIL_MAILER_PATH.
+ which defaults to PROCMAIL_MAILER_PATH. Note that this
+ does NOT use PROCMAIL_MAILER_FLAGS or PROCMAIL_MAILER_ARGS
+ for the local mailer; tweak LOCAL_MAILER_FLAGS and
+ LOCAL_MAILER_ARGS instead.
bestmx_is_local Accept mail as though locally addressed for any host that
lists us as the best possible MX record. This generates
@@ -1426,7 +1435,10 @@ confCF_VERSION $Z macro If defined, this is appended to the
confFROM_HEADER From: [$?x$x <$g>$|$g$.] The format of an
internally generated From: address.
confRECEIVED_HEADER Received:
- [.$?_($?s$|from $.$_) $.by $j ($v/$Z)$?r with $r$. id $i$?u for $u$.; $b]
+ [$?sfrom $s .$?_($?s$|from $.$_)
+ $.by $j ($v/$Z)$?r with $r$. id $i$?u
+ for $u$.;
+ $b]
The format of the Received: header
in messages passed through this host.
It is unwise to try to change this.
diff --git a/usr.sbin/sendmail/cf/cf/Makefile b/usr.sbin/sendmail/cf/cf/Makefile
index 33f594377a04..7450b2a70008 100644
--- a/usr.sbin/sendmail/cf/cf/Makefile
+++ b/usr.sbin/sendmail/cf/cf/Makefile
@@ -1,10 +1,10 @@
-# @(#)Makefile 8.17 (Berkeley) 9/12/95
+# @(#)Makefile 8.19 (Berkeley) 1/14/97
#
# This Makefile uses the new Berkeley "make" program. See Makefile.dist
# for a more vanilla version.
#
-# Configuration files are created using "m4 file.mc > file.cf";
+# Create configuration files using "m4 ../m4/cf.m4 file.mc > file.cf";
# this may be easier than tweaking the Makefile. You do need to
# have a fairly modern M4 available (GNU m4 works). On SunOS, use
# /usr/5bin/m4.
@@ -31,7 +31,7 @@ ALL= generic-bsd4.4.cf generic-hpux9.cf generic-hpux10.cf \
cs-sunos4.1.cf cs-ultrix4.cf \
s2k-osf1.cf s2k-ultrix4.cf \
chez.cs.cf huginn.cs.cf mail.cs.cf mail.eecs.cf mailspool.cs.cf \
- python.cs.cf ucbarpa.cf ucbvax.cf vangogh.cs.cf
+ python.cs.cf ucbarpa.cf ucbvax.cf vangogh.cs.cf knecht.cf
all: $(ALL)
diff --git a/usr.sbin/sendmail/cf/cf/knecht.mc b/usr.sbin/sendmail/cf/cf/knecht.mc
new file mode 100644
index 000000000000..f7d57e3a9f20
--- /dev/null
+++ b/usr.sbin/sendmail/cf/cf/knecht.mc
@@ -0,0 +1,51 @@
+divert(-1)
+#
+# Copyright (c) 1983 Eric P. Allman
+# Copyright (c) 1988, 1993
+# The Regents of the University of California. All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1. Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+# notice, this list of conditions and the following disclaimer in the
+# documentation and/or other materials provided with the distribution.
+# 3. All advertising materials mentioning features or use of this software
+# must display the following acknowledgement:
+# This product includes software developed by the University of
+# California, Berkeley and its contributors.
+# 4. Neither the name of the University nor the names of its contributors
+# may be used to endorse or promote products derived from this software
+# without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+# ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+# SUCH DAMAGE.
+#
+
+#
+# This is specific to Eric's home machine.
+#
+
+divert(0)dnl
+VERSIONID(`@(#)knecht.mc 8.4 (Berkeley) 11/24/96')
+OSTYPE(bsd4.4)dnl
+DOMAIN(generic)dnl
+define(`confDEF_USER_ID', `mailnull')dnl
+define(`confHOST_STATUS_DIRECTORY', `.hoststat')dnl
+define(`confTO_ICONNECT', `10s')dnl
+define(`confCOPY_ERRORS_TO', `Postmaster')dnl
+define(`confTO_QUEUEWARN', `8h')dnl
+FEATURE(virtusertable)dnl
+MAILER(local)dnl
+MAILER(smtp)dnl
diff --git a/usr.sbin/sendmail/cf/m4/cfhead.m4 b/usr.sbin/sendmail/cf/m4/cfhead.m4
index 91d4b9ad4561..6bef4c685a3a 100644
--- a/usr.sbin/sendmail/cf/m4/cfhead.m4
+++ b/usr.sbin/sendmail/cf/m4/cfhead.m4
@@ -106,18 +106,18 @@ define(`SITE', `ifelse(CONCAT($'2`, $3), SU,
CONCAT(C, $3, $'1`))')
sinclude(_CF_DIR_`'siteconfig/$1.m4)')
define(`EXPOSED_USER', `PUSHDIVERT(5)CE$1
-POPDIVERT`'dnl')
+POPDIVERT`'dnl`'')
define(`LOCAL_USER', `PUSHDIVERT(5)CL$1
-POPDIVERT`'dnl')
+POPDIVERT`'dnl`'')
define(`MASQUERADE_AS', `define(`MASQUERADE_NAME', $1)')
define(`MASQUERADE_DOMAIN', `PUSHDIVERT(5)CM$1
-POPDIVERT`'dnl')
+POPDIVERT`'dnl`'')
define(`MASQUERADE_DOMAIN_FILE', `PUSHDIVERT(5)FM$1
-POPDIVERT`'dnl')
+POPDIVERT`'dnl`'')
define(`GENERICS_DOMAIN', `PUSHDIVERT(5)CG$1
-POPDIVERT`'dnl')
+POPDIVERT`'dnl`'')
define(`GENERICS_DOMAIN_FILE', `PUSHDIVERT(5)FG$1
-POPDIVERT`'dnl')
+POPDIVERT`'dnl`'')
define(`_OPTINS', `ifdef(`$1', `$2$1$3')')
m4wrap(`include(_CF_DIR_`m4/proto.m4')')
@@ -129,8 +129,9 @@ define(`confFROM_LINE', `From $g $d')
define(`confOPERATORS', `.:%@!^/[]+')
define(`confSMTP_LOGIN_MSG', `$j Sendmail $v/$Z; $b')
define(`confRECEIVED_HEADER', `$?sfrom $s $.$?_($?s$|from $.$_)
- $.by $j ($v/$Z)$?r with $r$.
- id $i$?u for $u$.; $b')
+ $.by $j ($v/$Z)$?r with $r$. id $i$?u
+ for $u; $|;
+ $.$b')
define(`confSEVEN_BIT_INPUT', `False')
define(`confEIGHT_BIT_HANDLING', `pass8')
define(`confALIAS_WAIT', `10')
@@ -156,4 +157,4 @@ define(`confMIME_FORMAT_ERRORS', `True')
define(`confFORWARD_PATH', `$z/.forward.$w:$z/.forward')
divert(0)dnl
-VERSIONID(`@(#)cfhead.m4 8.7 (Berkeley) 11/20/96')
+VERSIONID(`@(#)cfhead.m4 8.9 (Berkeley) 1/18/97')
diff --git a/usr.sbin/sendmail/cf/m4/proto.m4 b/usr.sbin/sendmail/cf/m4/proto.m4
index 676aa35ca58b..fc09fe0246ac 100644
--- a/usr.sbin/sendmail/cf/m4/proto.m4
+++ b/usr.sbin/sendmail/cf/m4/proto.m4
@@ -34,7 +34,7 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)proto.m4 8.136 (Berkeley) 11/24/96')
+VERSIONID(`@(#)proto.m4 8.139 (Berkeley) 12/31/96')
MAILER(local)dnl
@@ -171,17 +171,18 @@ DR`'ifdef(`LOCAL_RELAY', LOCAL_RELAY)
# who gets all local email traffic ($R has precedence for unqualified names)
DH`'ifdef(`MAIL_HUB', MAIL_HUB)
-# class L: names that should be delivered locally, even if we have a relay
+# dequoting map
+Kdequote dequote
+
+divert(0)dnl # end of nullclient diversion
# class E: names that should be exposed as from this host, even if we masquerade
+ifdef(`_NULL_CLIENT_ONLY_', `#',
+`# class L: names that should be delivered locally, even if we have a relay
# class M: domains that should be converted to $M
#CL root
-CE root
+')CE root
undivert(5)dnl
-# dequoting map
-Kdequote dequote
-
-divert(0)dnl # end of nullclient diversion
# who I masquerade as (null for no masquerading) (see also $=M)
DM`'ifdef(`MASQUERADE_NAME', MASQUERADE_NAME)
@@ -685,7 +686,7 @@ define(`X', ifdef(`VIRTUSER_TABLE', `', `#'))dnl
X`'R$+ < @ $=w . > $: < $(virtuser $1 @ $2 $@ $1 $: @ $) > $1 < @ $2 . >
X`'R< @ > $+ < @ $+ . > $: < $(virtuser @ $2 $@ $1 $: @ $) > $1 < @ $2 . >
X`'R< @ > $+ $: $1
-X`'R< error : $- $+ > $* $#error $@ $1 $: $2
+X`'R< error : $- $+ > $* $#error $@ $( dequote $1 $) $: $2
X`'R< $+ > $+ < @ $+ > $: $>97 $1
undefine(`X')dnl
@@ -798,6 +799,8 @@ R< > $+ + $* $#_LOCAL_ $@ $2 $: $1
R< > $+ $: < $H > $1 try hub
R< > $+ $: < $R > $1 try relay
R< > $+ $@ $1 nope, give up
+R< local : $* > $* $: $>95 < local : $1 > $2 no host extension
+R< error : $* > $* $: $>95 < error : $1 > $2 no host extension
R< $- : $+ > $+ $: $>95 < $1 : $2 > $3 < @ $2 >
R< $+ > $+ $@ $>95 < $1 > $2 < @ $1 >
@@ -821,15 +824,33 @@ undefine(`X')dnl
S95
R< > $* $@ $1 strip off null relay
-R< error : $- $+ > $* $#error $@ $1 $: $2 special case errors
-R< local : > $* < @ $* > $#local $@ $1@$2 $: $1 no host: use old user
-R< local : $+ > $* <@ $* . > $* $#local $@ $2@$3 $: $1 special case local
+R< error : $- $+ > $* $#error $@ $( dequote $1 $) $: $2
+R< local : $* > $* $>CanonLocal < $1 > $2
R< $- : $+ @ $+ > $*<$*>$* $# $1 $@ $3 $: $2<@$3> use literal user
R< $- : $+ > $* $# $1 $@ $2 $: $3 try qualified mailer
R< $=w > $* $@ $2 delete local host
R< $+ > $* $#_RELAY_ $@ $1 $: $2 use unqualified mailer
###################################################################
+### Ruleset CanonLocal -- canonify local: syntax ###
+###################################################################
+
+SCanonLocal
+# strip trailing dot from any host name that may appear
+R< $* > $* < @ $* . > $: < $1 > $2 < @ $3 >
+
+# handle local: syntax -- use old user, either with or without host
+R< > $* < @ $* > $* $#local $@ $1@$2 $: $1
+R< > $+ $#local $@ $1 $: $1
+
+# handle local:user@host syntax -- ignore host part
+R< $+ @ $+ > $* $: < $1 > $3
+
+# handle local:user syntax
+R< $+ > $* <@ $* > $* $#local $@ $2@$3 $: $1
+R< $+ > $* $#local $@ $2 $: $1
+
+###################################################################
### Ruleset 93 -- convert header names to masqueraded form ###
###################################################################
diff --git a/usr.sbin/sendmail/cf/m4/version.m4 b/usr.sbin/sendmail/cf/m4/version.m4
index b3ee9a7bc6e4..1837c222c368 100644
--- a/usr.sbin/sendmail/cf/m4/version.m4
+++ b/usr.sbin/sendmail/cf/m4/version.m4
@@ -32,8 +32,8 @@ divert(-1)
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
#
-VERSIONID(`@(#)version.m4 8.8.4.2 (Berkeley) 11/26/96')
+VERSIONID(`@(#)version.m4 8.8.5.3 (Berkeley) 1/21/97')
#
divert(0)
# Configuration version number
-DZ8.8.4`'ifdef(`confCF_VERSION', `/confCF_VERSION')
+DZ8.8.5`'ifdef(`confCF_VERSION', `/confCF_VERSION')
diff --git a/usr.sbin/sendmail/cf/ostype/powerux.m4 b/usr.sbin/sendmail/cf/ostype/powerux.m4
new file mode 100644
index 000000000000..d0fd3dc28129
--- /dev/null
+++ b/usr.sbin/sendmail/cf/ostype/powerux.m4
@@ -0,0 +1,46 @@
+divert(-1)
+#
+# Copyright (c) 1983 Eric P. Allman
+# Copyright (c) 1988, 1993
+# The Regents of the University of California. All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1. Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+# notice, this list of conditions and the following disclaimer in the
+# documentation and/or other materials provided with the distribution.
+# 3. All advertising materials mentioning features or use of this software
+# must display the following acknowledgement:
+# This product includes software developed by the University of
+# California, Berkeley and its contributors.
+# 4. Neither the name of the University nor the names of its contributors
+# may be used to endorse or promote products derived from this software
+# without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+# ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+# SUCH DAMAGE.
+#
+
+divert(0)
+VERSIONID(`@(#)powerux.m4 8.1 (Berkeley) 1/16/97')
+
+define(`ALIAS_FILE', /etc/mail/aliases)dnl
+ifdef(`HELP_FILE',,`define(`HELP_FILE', /etc/mail/sendmail.hf)')dnl
+ifdef(`STATUS_FILE',,`define(`STATUS_FILE', /etc/mail/sendmail.st)')dnl
+define(`LOCAL_MAILER_PATH', `/usr/bin/rmail')dnl
+define(`LOCAL_MAILER_FLAGS', `mn9')dnl
+define(`LOCAL_MAILER_ARGS', `rmail $u')dnl
+define(`LOCAL_SHELL_FLAGS', `ehuP')dnl
+define(`UUCP_MAILER_ARGS', `uux - -r -a$g -gmedium $h!rmail ($u)')dnl
diff --git a/usr.sbin/sendmail/cf/ostype/sinix.m4 b/usr.sbin/sendmail/cf/ostype/sinix.m4
new file mode 100644
index 000000000000..7b50e9e2cc31
--- /dev/null
+++ b/usr.sbin/sendmail/cf/ostype/sinix.m4
@@ -0,0 +1,45 @@
+divert(-1)
+#
+# Copyright (c) 1996 Eric P. Allman
+# Copyright (c) 1988, 1993
+# The Regents of the University of California. All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1. Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+# notice, this list of conditions and the following disclaimer in the
+# documentation and/or other materials provided with the distribution.
+# 3. All advertising materials mentioning features or use of this software
+# must display the following acknowledgement:
+# This product includes software developed by the University of
+# California, Berkeley and its contributors.
+# 4. Neither the name of the University nor the names of its contributors
+# may be used to endorse or promote products derived from this software
+# without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+# ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+# SUCH DAMAGE.
+#
+
+divert(0)
+VERSIONID(`@(#)sinix.m4 8.1 (Berkeley) 12/14/96')
+define(`QUEUE_DIR', /usr/ucblib/mqueue)dnl
+define(`ALIAS_FILE', /usr/ucblib/aliases)dnl
+ifdef(`HELP_FILE',,`define(`HELP_FILE', /usr/ucblib/sendmail.hf)')dnl
+ifdef(`STATUS_FILE',,`define(`STATUS_FILE', /usr/ucblib/sendmail.st)')dnl
+define(`LOCAL_MAILER_PATH', `/usr/ucblib/mail.local')dnl
+define(`LOCAL_MAILER_FLAGS', `rmn9')dnl
+define(`LOCAL_SHELL_FLAGS', `ehuP')dnl
+define(`UUCP_MAILER_ARGS', `uux - -r -a$g -gmedium $h!rmail ($u)')dnl
diff --git a/usr.sbin/sendmail/doc/op/op.me b/usr.sbin/sendmail/doc/op/op.me
index 423749740873..88b69ea79fe3 100644
--- a/usr.sbin/sendmail/doc/op/op.me
+++ b/usr.sbin/sendmail/doc/op/op.me
@@ -30,7 +30,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.\" @(#)op.me 8.100 (Berkeley) 12/1/96
+.\" @(#)op.me 8.103 (Berkeley) 12/13/96
.\"
.\" eqn op.me | pic | troff -me
.eh 'SMM:08-%''Sendmail Installation and Operation Guide'
@@ -65,10 +65,9 @@
.sp
.r
Eric Allman
-InReference, Inc.
eric@Sendmail.ORG
.sp
-Version 8.100
+Version 8.103
.sp
For Sendmail Version 8.8
.)l
@@ -161,6 +160,12 @@ Several major changes were introduced in version 8.7.
You should not attempt to use this document
for prior versions of
.i sendmail .
+.bp
+.rs
+.sp |4i
+.ce 2
+This page intentionally left blank;
+replace it with a blank sheet for double-sided output.
.bp 7
.sh 1 "BASIC INSTALLATION"
.pp
@@ -2476,7 +2481,7 @@ When trying to open a connection
the cache is first searched.
If an open connection is found, it is probed to see if it is still active
by sending a
-.sm NOOP
+.sm RSET
command.
It is not an error if this fails;
instead, the connection is closed and reopened.
@@ -8134,6 +8139,15 @@ Temporary versions of the qf files,
used during queue file rebuild.
.ip /var/spool/mqueue/xf*
A transcript of the current session.
+.if e \
+\{\
+. bp
+. rs
+. sp |4i
+. ce 2
+This page intentionally left blank;
+replace it with a blank sheet for double-sided output.
+.\}
.\".ro
.\".ls 1
.\".tp
@@ -8148,16 +8162,9 @@ A transcript of the current session.
.\".sp
.\".sz 10
.\"Eric Allman
-.\"InReference, Inc.
.\".sp
-.\"Version 8.100
+.\"Version 8.103
.\".ce 0
-.bp 2
-.rs
-.sp |4i
-.ce 2
-This page intentionally left blank;
-replace it with a blank sheet for double-sided output.
.bp 3
.ce
.sz 12
diff --git a/usr.sbin/sendmail/src/READ_ME b/usr.sbin/sendmail/src/READ_ME
index 72e9a18c36d0..88fa68a33c76 100644
--- a/usr.sbin/sendmail/src/READ_ME
+++ b/usr.sbin/sendmail/src/READ_ME
@@ -30,7 +30,7 @@
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
#
-# @(#)READ_ME 8.132 (Berkeley) 12/1/96
+# @(#)READ_ME 8.135 (Berkeley) 1/21/97
#
This directory contains the source files for sendmail.
@@ -529,9 +529,7 @@ HES_GETMAILHOST Define this to 1 if you are using Hesiod with the
XDEBUG Do additional internal checking. These don't cost too
much; you might as well leave this on.
TCPWRAPPERS Turns on support for the TCP wrappers library (-lwrap).
- This library is available on ftp.win.tue.nl in /pub/security;
- grab tcp_wrappers_<VER>.tar.gz (where <VER> is the highest
- numbered version).
+ See below for further information.
SECUREWARE Enable calls to the SecureWare luid enabling/changing routines.
SecureWare is a C2 security package added to several UNIX's
(notably ConvexOS) to get a C2 Secure system. This
@@ -787,6 +785,12 @@ Solaris 2.4 (SunOS 5.4)
>>
>> here, path 2 would be the first used.
+Solaris 2.6 (SunOS 5.6)
+ If you built sendmail 8.8.1 through 8.8.4 inclusive on a Solaris 2.5
+ system, that binary will not run on Solaris 2.6, due to problems with
+ incompatible snprintf(3s) calls. This problem is fixed in sendmail
+ 8.8.5.
+
Ultrix
By default, the IDENT protocol is turned off on Ultrix. If you
are running Ultrix 4.4 or later, or if you have included patch
@@ -803,7 +807,7 @@ Solaris 2.5.1 (SunOS 5.5.1)
/usr/include/resolv.h:208: warning: `__P' redefined
cdefs.h:58: warning: this is the location of the previous definition
- If you are running with this patch, create a file in the
+ If you are running with this patch, create a resolv.h file in the
obj.SunOS.5.5.1.* directory that reads:
#undef __P
@@ -1289,14 +1293,19 @@ LDAP
send them along.
TCP Wrappers
- If you are using -DTCPWRAPPERS to get TCP Wrappers support, you will
- also need to install libwrap.a (you can get it from ftp.win.tue.nl)
- and modify the Makefile to include -lwrap in the LIBS line.
+ If you are using -DTCPWRAPPERS to get TCP Wrappers support you will
+ also need to install libwrap.a and modify the Makefile to include
+ -lwrap in the LIBS line (make sure that INCDIRS and LIBDIRS point
+ to where the tcpd.h and libwrap.a can be found).
+
+ TCP Wrappers is available on ftp.win.tue.nl in /pub/security;
+ grab tcp_wrappers_<VER>.tar.gz (where <VER> is the highest
+ numbered version).
If you have alternate MX sites for your site, be sure that all of
your MX sites reject the same set of hosts. If not, a bad guy whom
you reject will connect to your site, fail, and move on to the next
- MX site, which will accept the mail for your and forward it on to you.
+ MX site, which will accept the mail for you and forward it on to you.
+--------------+
@@ -1398,4 +1407,4 @@ version.c The version number and information about this
Eric Allman
-(Version 8.132, last update 12/1/96 09:34:37)
+(Version 8.135, last update 1/21/97 07:47:02)
diff --git a/usr.sbin/sendmail/src/alias.c b/usr.sbin/sendmail/src/alias.c
index 95de1ee8ff6f..b09a85db5dce 100644
--- a/usr.sbin/sendmail/src/alias.c
+++ b/usr.sbin/sendmail/src/alias.c
@@ -35,7 +35,7 @@
# include "sendmail.h"
#ifndef lint
-static char sccsid[] = "@(#)alias.c 8.66 (Berkeley) 9/20/96";
+static char sccsid[] = "@(#)alias.c 8.67 (Berkeley) 1/18/97";
#endif /* not lint */
@@ -601,11 +601,24 @@ readaliases(map, af, announcestats, logstats)
while (fgets(line, sizeof (line), af) != NULL)
{
int lhssize, rhssize;
+ int c;
LineNumber++;
p = strchr(line, '\n');
if (p != NULL)
*p = '\0';
+ else if (!feof(af))
+ {
+ syserr("554 alias line too long");
+
+ /* flush to end of line */
+ while ((c = getc(af)) != EOF && c != '\n')
+ continue;
+
+ /* skip any continuation lines */
+ skipping = TRUE;
+ continue;
+ }
switch (line[0])
{
case '#':
@@ -655,7 +668,6 @@ readaliases(map, af, announcestats, logstats)
rhs = p;
for (;;)
{
- register char c;
register char *nlp;
nlp = &p[strlen(p)];
@@ -698,12 +710,19 @@ readaliases(map, af, announcestats, logstats)
LineNumber++;
/* check for line overflow */
- if (strchr(p, '\n') == NULL)
+ if (strchr(p, '\n') == NULL && !feof(af))
{
usrerr("554 alias too long");
+ while ((c = fgetc(af)) != EOF && c != '\n')
+ continue;
+ skipping = TRUE;
break;
}
}
+
+ if (skipping)
+ continue;
+
if (!bitnset(M_ALIASABLE, al.q_mailer->m_flags))
{
syserr("554 %s... cannot alias non-local names",
diff --git a/usr.sbin/sendmail/src/clock.c b/usr.sbin/sendmail/src/clock.c
index 281ee606b924..5639f4405179 100644
--- a/usr.sbin/sendmail/src/clock.c
+++ b/usr.sbin/sendmail/src/clock.c
@@ -33,7 +33,7 @@
*/
#ifndef lint
-static char sccsid[] = "@(#)clock.c 8.16 (Berkeley) 11/27/96";
+static char sccsid[] = "@(#)clock.c 8.18 (Berkeley) 12/31/96";
#endif /* not lint */
# include "sendmail.h"
@@ -60,7 +60,7 @@ static char sccsid[] = "@(#)clock.c 8.16 (Berkeley) 11/27/96";
** none.
*/
-static void tick __P((int));
+static SIGFUNC_DECL tick __P((int));
EVENT *
setevent(intvl, func, arg)
@@ -161,7 +161,7 @@ clrevent(ev)
** calls the next function in EventQueue.
*/
-static void
+static SIGFUNC_DECL
tick(arg)
int arg;
{
@@ -169,9 +169,6 @@ tick(arg)
register EVENT *ev;
int mypid = getpid();
int olderrno = errno;
-#ifdef SIG_UNBLOCK
- sigset_t ss;
-#endif
(void) setsignal(SIGALRM, SIG_IGN);
(void) alarm(0);
@@ -224,6 +221,7 @@ tick(arg)
if (EventQueue != NULL)
(void) alarm((unsigned) (EventQueue->ev_time - now));
errno = olderrno;
+ return SIGFUNC_RETURN;
}
/*
** SLEEP -- a version of sleep that works with this stuff
diff --git a/usr.sbin/sendmail/src/collect.c b/usr.sbin/sendmail/src/collect.c
index c5e1cebcfbd6..660521cf8c71 100644
--- a/usr.sbin/sendmail/src/collect.c
+++ b/usr.sbin/sendmail/src/collect.c
@@ -33,7 +33,7 @@
*/
#ifndef lint
-static char sccsid[] = "@(#)collect.c 8.61 (Berkeley) 11/24/96";
+static char sccsid[] = "@(#)collect.c 8.62 (Berkeley) 12/11/96";
#endif /* not lint */
# include <errno.h>
@@ -501,6 +501,21 @@ readerr:
markstats(e, (ADDRESS *) NULL);
}
+#ifdef _FFR_DSN_RRT
+ /*
+ ** If we have a Return-Receipt-To:, turn it into a DSN.
+ */
+
+ if (RrtImpliesDsn && hvalue("return-receipt-to", e->e_header) != NULL)
+ {
+ ADDRESS *q;
+
+ for (q = e->e_sendqueue; q != NULL; q = q->q_next)
+ if (!bitset(QHASNOTIFY, q->q_flags))
+ q->q_flags |= QHASNOTIFY|QPINGONSUCCESS;
+ }
+#endif
+
/*
** Add an Apparently-To: line if we have no recipient lines.
*/
diff --git a/usr.sbin/sendmail/src/conf.c b/usr.sbin/sendmail/src/conf.c
index f4a22193c08d..e172a78c5cfa 100644
--- a/usr.sbin/sendmail/src/conf.c
+++ b/usr.sbin/sendmail/src/conf.c
@@ -33,7 +33,7 @@
*/
#ifndef lint
-static char sccsid[] = "@(#)conf.c 8.325 (Berkeley) 12/1/96";
+static char sccsid[] = "@(#)conf.c 8.333 (Berkeley) 1/21/97";
#endif /* not lint */
# include "sendmail.h"
@@ -127,14 +127,6 @@ struct hdrinfo HdrInfo[] =
/*
-** Location of system files/databases/etc.
-*/
-
-char *PidFile = _PATH_SENDMAILPID; /* stores daemon proc id */
-
-
-
-/*
** Privacy values
*/
@@ -230,6 +222,7 @@ setdefaults(e)
ServiceSwitchFile = "/etc/service.switch";
ServiceCacheMaxAge = (time_t) 10;
HostsFile = _PATH_HOSTS;
+ PidFile = newstr(_PATH_SENDMAILPID);
MustQuoteChars = "@,;:\\()[].'";
MciInfoTimeout = 30 MINUTES;
MaxRuleRecursion = MAXRULERECURSION;
@@ -1851,12 +1844,13 @@ int getla(void)
int
getla()
{
- kstat_ctl_t *kc;
- kstat_t *ksp;
+ static kstat_ctl_t *kc = NULL;
+ static kstat_t *ksp = NULL;
kstat_named_t *ksn;
int la;
- kc = kstat_open();
+ if (kc == NULL) /* if not initialized before */
+ kc = kstat_open();
if (kc == NULL)
{
if (tTd(3, 1))
@@ -1864,24 +1858,25 @@ getla()
errstring(errno));
return -1;
}
- ksp = kstat_lookup(kc, "unix", 0, "system_misc"); /* NULL on error */
+ if (ksp == NULL)
+ ksp = kstat_lookup(kc, "unix", 0, "system_misc");
if (ksp == NULL)
{
if (tTd(3, 1))
printf("getla: kstat_lookup(): %s\n",
- errstring(errno);
+ errstring(errno));
return -1;
}
if (kstat_read(kc, ksp, NULL) < 0)
{
if (tTd(3, 1))
printf("getla: kstat_read(): %s\n",
- errstring(errno);
+ errstring(errno));
return -1;
}
ksn = (kstat_named_t *) kstat_data_lookup(ksp, "avenrun_1min");
- la = (ksn->value.ul + FSCALE/2) >> FSHIFT;
- kstat_close(kc);
+ la = ((double)ksn->value.ul + FSCALE/2) / FSCALE;
+ /* kstat_close(kc); /o do not close for fast access */
return la;
}
@@ -2377,7 +2372,7 @@ setproctitle(fmt, va_alist)
** Picks up extant zombies.
*/
-void
+SIGFUNC_DECL
reapchild(sig)
int sig;
{
@@ -2419,6 +2414,7 @@ reapchild(sig)
(void) setsignal(SIGCHLD, reapchild);
# endif
errno = olderrno;
+ return SIGFUNC_RETURN;
}
/*
** PUTENV -- emulation of putenv() in terms of setenv()
@@ -2805,12 +2801,12 @@ getopt(nargc,nargv,ostr)
if(!*place) { /* update scanning pointer */
if (optind >= nargc || *(place = nargv[optind]) != '-' || !*++place) {
atend++;
- return(EOF);
+ return -1;
}
if (*place == '-') { /* found "--" */
++optind;
atend++;
- return(EOF);
+ return -1;
}
} /* option letter okay? */
if ((optopt = (int)*place++) == (int)':' || !(oli = strchr(ostr,optopt))) {
@@ -3692,6 +3688,7 @@ lockfile(fd, filename, ext, type)
# endif
syserr("cannot lockf(%s%s, fd=%d, type=%o, omode=%o, euid=%d)",
filename, ext, fd, type, omode, geteuid());
+ dumpfd(fd, TRUE, TRUE);
}
# else
if (ext == NULL)
@@ -3721,6 +3718,7 @@ lockfile(fd, filename, ext, type)
# endif
syserr("cannot flock(%s%s, fd=%d, type=%o, omode=%o, euid=%d)",
filename, ext, fd, type, omode, geteuid());
+ dumpfd(fd, TRUE, TRUE);
}
# endif
if (tTd(55, 60))
@@ -4011,8 +4009,10 @@ vendor_set_uid(uid)
#if TCPWRAPPERS
# include <tcpd.h>
+
+/* tcpwrappers does no logging, but you still have to declare these -- ugh */
int allow_severity = LOG_INFO;
-int deny_severity = LOG_WARNING;
+int deny_severity = LOG_NOTICE;
#endif
#if DAEMON
@@ -4027,7 +4027,14 @@ validate_connection(sap, hostname, e)
#if TCPWRAPPERS
if (!hosts_ctl("sendmail", hostname, anynet_ntoa(sap), STRING_UNKNOWN))
+ {
+# ifdef LOG
+ if (LogLevel >= 4)
+ syslog(LOG_NOTICE, "tcpwrappers (%s, %s) rejection",
+ hostname, anynet_ntoa(sap));
+# endif
return FALSE;
+ }
#endif
return TRUE;
}
@@ -4395,7 +4402,7 @@ load_if_names()
int s;
int i;
struct ifconf ifc;
- char interfacebuf[1024];
+ char interfacebuf[10240];
s = socket(AF_INET, SOCK_DGRAM, 0);
if (s == -1)
@@ -4766,6 +4773,9 @@ char *OsCompileOptions[] =
#if USE_SA_SIGACTION
"USE_SA_SIGACTION",
#endif
+#if USE_SIGLONGJMP
+ "USE_SIGLONGJMP",
+#endif
#if USESETEUID
"USESETEUID",
#endif
diff --git a/usr.sbin/sendmail/src/conf.h b/usr.sbin/sendmail/src/conf.h
index 39a92f50b384..595ed433e0a0 100644
--- a/usr.sbin/sendmail/src/conf.h
+++ b/usr.sbin/sendmail/src/conf.h
@@ -31,7 +31,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * @(#)conf.h 8.279 (Berkeley) 12/1/96
+ * @(#)conf.h 8.288 (Berkeley) 1/17/97
*/
/*
@@ -367,14 +367,12 @@ typedef int pid_t;
#if defined(sun) && !defined(BSD)
+# include <sys/time.h>
# define HASINITGROUPS 1 /* has initgroups(3) call */
# define HASUNAME 1 /* use System V uname(2) system call */
# define HASGETUSERSHELL 1 /* DOES have getusershell(3) call in libc */
# define HASFCHMOD 1 /* has fchmod(2) syscall */
# define IP_SRCROUTE 1 /* can check IP source routing */
-# ifndef LA_TYPE
-# define LA_TYPE LA_INT
-# endif
# ifdef SOLARIS_2_3
# define SOLARIS 20300 /* for back compat only -- use -DSOLARIS=20300 */
@@ -389,7 +387,6 @@ typedef int pid_t;
# ifndef __svr4__
# define __svr4__ /* use all System V Releae 4 defines below */
# endif
-# include <sys/time.h>
# define GIDSET_T gid_t
# define USE_SA_SIGACTION 1 /* use sa_sigaction field */
# ifndef _PATH_UNIX
@@ -409,16 +406,14 @@ typedef int pid_t;
# define USESETEUID 1 /* seteuid works as of 2.3 */
# endif
# if SOLARIS >= 20500 || (SOLARIS < 10000 && SOLARIS >= 205)
-# define HASSNPRINTF 1 /* has snprintf starting in 2.5 */
# define HASSETREUID 1 /* setreuid works as of 2.5 */
-# if SOLARIS == 20500 || SOLARIS == 205
-# define snprintf __snprintf /* but names it oddly in 2.5 */
-# define vsnprintf __vsnprintf
-# endif
# ifndef LA_TYPE
# define LA_TYPE LA_KSTAT /* use kstat(3k) -- may work in < 2.5 */
# endif
# endif
+# if SOLARIS >= 20600 || (SOLARIS < 10000 && SOLARIS >= 206)
+# define HASSNPRINTF 1 /* has snprintf starting in 2.6 */
+# endif
# ifndef HASGETUSERSHELL
# define HASGETUSERSHELL 0 /* getusershell(3) causes core dumps */
# endif
@@ -454,7 +449,12 @@ extern char *getenv();
# endif
# endif
-#endif
+
+# ifndef LA_TYPE
+# define LA_TYPE LA_INT
+# endif
+
+#endif /* sun && !BSD */
/*
** DG/UX
@@ -680,7 +680,7 @@ typedef int pid_t;
/*
-** FreeBSD / NetBSD (all architectures, all versions)
+** FreeBSD / NetBSD / OpenBSD (all architectures, all versions)
**
** 4.3BSD clone, closer to 4.4BSD for FreeBSD 1.x and NetBSD 0.9x
** 4.4BSD-Lite based for FreeBSD 2.x and NetBSD 1.x
@@ -688,7 +688,7 @@ typedef int pid_t;
** See also BSD defines.
*/
-#if defined(__FreeBSD__) || defined(__NetBSD__)
+#if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__)
# include <paths.h>
# define HASUNSETENV 1 /* has unsetenv(3) call */
# define HASSETSID 1 /* has the setsid(2) POSIX syscall */
@@ -723,6 +723,10 @@ typedef int pid_t;
# define SPT_PADCHAR '\0' /* pad process title with nulls */
# endif
# endif
+# if defined(__OpenBSD__)
+# undef SPT_TYPE
+# define SPT_TYPE SPT_BUILTIN /* setproctitle is in libc */
+# endif
#endif
@@ -832,6 +836,7 @@ extern int errno;
# define SYSTEM5 1 /* include all the System V defines */
# define HASGETUSERSHELL 0 /* does not have getusershell(3) call */
# define NOFTRUNCATE 0 /* has (simulated) ftruncate call */
+# define USE_SIGLONGJMP 1 /* sigsetjmp needed for signal handling */
# define MAXPATHLEN PATHSIZE
# define SFS_TYPE SFS_4ARGS /* use <sys/statfs.h> 4-arg impl */
# define SFS_BAVAIL f_bfree /* alternate field name */
@@ -904,6 +909,7 @@ extern int errno;
# define WAITUNION 1 /* use "union wait" as wait argument type */
# define NEEDFSYNC 1 /* no fsync(2) in system library */
# define NEEDSTRSTR 1 /* need emulation of the strstr(3) call */
+# define NOFTRUNCATE 1 /* do not have ftruncate(2) */
# define MAXPATHLEN PATH_MAX
# define LA_TYPE LA_SHORT
# define SFS_TYPE SFS_STATFS /* use <sys/statfs.h> statfs() impl */
@@ -917,6 +923,7 @@ extern int errno;
typedef unsigned short uid_t;
typedef unsigned short gid_t;
typedef short pid_t;
+typedef unsigned long mode_t;
/* some stuff that should have been in the include files */
# include <grp.h>
@@ -1015,7 +1022,9 @@ extern struct group *getgrnam();
extern int errno;
typedef int pid_t;
-#define SIGFUNC_DEFINED
+#define SIGFUNC_DEFINED
+#define SIGFUNC_RETURN (0)
+#define SIGFUNC_DECL int
typedef int (*sigfunc_t)();
extern char *getenv();
extern void *malloc();
@@ -1110,6 +1119,8 @@ extern void *malloc();
# define HASINITGROUPS 1 /* has initgroups(3) call */
# define HASSETVBUF 1 /* we have setvbuf(3) in libc */
# define SIGFUNC_DEFINED /* sigfunc_t already defined */
+# define SIGFUNC_RETURN (0) /* XXX this is a guess */
+# define SIGFUNC_DECL int /* XXX this is a guess */
# ifndef IDENTPROTO
# define IDENTPROTO 0 /* TCP/IP implementation is broken */
# endif
@@ -1284,6 +1295,9 @@ typedef int pid_t;
# define IDENTPROTO 0 /* TCP/IP implementation is broken */
# endif
# define RLIMIT_NEEDS_SYS_TIME_H 1
+# if defined(NGROUPS_MAX) && !NGROUPS_MAX
+# undef NGROUPS_MAX
+# endif
#endif
@@ -1494,6 +1508,8 @@ extern struct group *getgrent(), *getgrnam(), *getgrgid();
typedef int pid_t;
typedef int (*sigfunc_t)();
# define SIGFUNC_DEFINED
+# define SIGFUNC_RETURN (0)
+# define SIGFUNC_DECL int
# else
/* NEWS-OS 6.0.3 with /bin/cc */
@@ -1558,6 +1574,8 @@ typedef int (*sigfunc_t)();
typedef int pid_t;
typedef int (*sigfunc_t)();
# define SIGFUNC_DEFINED
+# define SIGFUNC_RETURN (0)
+# define SIGFUNC_DECL int
extern char *getenv();
extern int errno;
# define _PATH_VENDOR_CF "/usr/lib/sendmail.cf"
@@ -1662,6 +1680,28 @@ extern int errno;
#endif
+/*
+** Harris Nighthawk PowerUX (nh6000 box)
+**
+** Contributed by Bob Miorelli, Pratt & Whitney <miorelli@pweh.com>
+*/
+
+#ifdef _PowerUX
+# ifndef __svr4__
+# define __svr4__
+# endif
+# define _PATH_VENDOR_CF "/etc/mail/sendmail.cf"
+# ifndef _PATH_SENDMAILPID
+# define _PATH_SENDMAILPID "/etc/mail/sendmail.pid"
+# endif
+# define SYSLOG_BUFSIZE 1024
+# define HASSNPRINTF 1 /* has snprintf(3) and vsnprintf(3) */
+# define LA_TYPE LA_ZERO
+typedef struct msgb mblk_t;
+# undef offsetof /* avoid stddefs.h and sys/sysmacros.h conflict */
+#endif
+
+
/**********************************************************************
** End of Per-Operating System defines
**********************************************************************/
@@ -1720,10 +1760,7 @@ extern int errno;
# define SFS_TYPE SFS_STATVFS
# endif
-/* SVr4 uses different routines for setjmp/longjmp with signal support */
-# define jmp_buf sigjmp_buf
-# define setjmp(env) sigsetjmp(env, 1)
-# define longjmp(env, val) siglongjmp(env, val)
+# define USE_SIGLONGJMP 1 /* sigsetjmp needed for signal handling */
#endif
/* general System V defines */
@@ -1844,6 +1881,10 @@ extern int errno;
# define SECUREWARE 0 /* assume no SecureWare C2 auditing hooks */
#endif
+#ifndef USE_SIGLONGJMP
+# define USE_SIGLONGJMP 0 /* assume setjmp handles signals properly */
+#endif
+
/*
** If no type for argument two of getgroups call is defined, assume
** it's an integer -- unfortunately, there seem to be several choices
@@ -2070,6 +2111,12 @@ struct utsname
#ifndef SIGFUNC_DEFINED
typedef void (*sigfunc_t) __P((int));
#endif
+#ifndef SIGFUNC_RETURN
+# define SIGFUNC_RETURN
+#endif
+#ifndef SIGFUNC_DECL
+# define SIGFUNC_DECL void
+#endif
/* size of syslog buffer */
#ifndef SYSLOG_BUFSIZE
@@ -2116,3 +2163,22 @@ typedef void (*sigfunc_t) __P((int));
#ifndef SCANF
# define SCANF 1
#endif
+
+/*
+** SVr4 and similar systems use different routines for setjmp/longjmp
+** with signal support
+*/
+
+#if USE_SIGLONGJMP
+/* Silly SCO /usr/include/setjmp.h file has #define setjmp(env) setjmp(env) */
+# ifdef setjmp
+# undef setjmp
+# endif
+# define jmp_buf sigjmp_buf
+# define setjmp(env) sigsetjmp(env, 1)
+# define longjmp(env, val) siglongjmp(env, val)
+#endif
+
+#if !defined(NGROUPS_MAX) && defined(NGROUPS)
+# define NGROUPS_MAX NGROUPS /* POSIX naming convention */
+#endif
diff --git a/usr.sbin/sendmail/src/daemon.c b/usr.sbin/sendmail/src/daemon.c
index c8516fc48a48..bd8a9146de2e 100644
--- a/usr.sbin/sendmail/src/daemon.c
+++ b/usr.sbin/sendmail/src/daemon.c
@@ -37,9 +37,9 @@
#ifndef lint
#ifdef DAEMON
-static char sccsid[] = "@(#)daemon.c 8.156 (Berkeley) 12/1/96 (with daemon mode)";
+static char sccsid[] = "@(#)daemon.c 8.159 (Berkeley) 1/14/97 (with daemon mode)";
#else
-static char sccsid[] = "@(#)daemon.c 8.156 (Berkeley) 12/1/96 (without daemon mode)";
+static char sccsid[] = "@(#)daemon.c 8.159 (Berkeley) 1/14/97 (without daemon mode)";
#endif
#endif /* not lint */
@@ -165,7 +165,8 @@ getrequests(e)
(void) setsignal(SIGCHLD, reapchild);
/* write the pid to the log file for posterity */
- pidf = fopen(PidFile, "w");
+ pidf = safefopen(PidFile, O_WRONLY|O_CREAT|O_TRUNC, 0644,
+ SFF_NOSLINK|SFF_ROOTOK|SFF_REGONLY|SFF_CREAT);
if (pidf != NULL)
{
extern char *CommandLineArgs;
@@ -316,7 +317,7 @@ getrequests(e)
if (pid == 0)
{
char *p;
- extern void intsig();
+ extern SIGFUNC_DECL intsig __P((int));
FILE *inchannel, *outchannel;
bool nullconn;
diff --git a/usr.sbin/sendmail/src/deliver.c b/usr.sbin/sendmail/src/deliver.c
index 576c166785d1..97a1050552ac 100644
--- a/usr.sbin/sendmail/src/deliver.c
+++ b/usr.sbin/sendmail/src/deliver.c
@@ -33,7 +33,7 @@
*/
#ifndef lint
-static char sccsid[] = "@(#)deliver.c 8.260 (Berkeley) 12/1/96";
+static char sccsid[] = "@(#)deliver.c 8.266 (Berkeley) 1/17/97";
#endif /* not lint */
#include "sendmail.h"
@@ -314,7 +314,7 @@ sendall(e, mode)
ee->e_errorqueue = copyqueue(e->e_errorqueue);
ee->e_flags = e->e_flags & ~(EF_INQUEUE|EF_CLRQUEUE|EF_FATALERRS|EF_SENDRECEIPT|EF_RET_PARAM);
ee->e_flags |= EF_NORECEIPT;
- setsender(owner, ee, NULL, TRUE);
+ setsender(owner, ee, NULL, '\0', TRUE);
if (tTd(13, 5))
{
printf("sendall(split): QDONTSEND ");
@@ -401,7 +401,7 @@ sendall(e, mode)
if (owner != NULL)
{
- setsender(owner, e, NULL, TRUE);
+ setsender(owner, e, NULL, '\0', TRUE);
if (tTd(13, 5))
{
printf("sendall(owner): QDONTSEND ");
@@ -470,6 +470,13 @@ sendall(e, mode)
queueonly:
if (e->e_nrcpts > 0)
e->e_flags |= EF_INQUEUE;
+ dropenvelope(e, FALSE);
+ for (ee = splitenv; ee != NULL; ee = ee->e_sibling)
+ {
+ if (ee->e_nrcpts > 0)
+ ee->e_flags |= EF_INQUEUE;
+ dropenvelope(ee, FALSE);
+ }
return;
case SM_FORK:
@@ -547,7 +554,7 @@ sendall(e, mode)
exit(EX_OK);
/* be sure we are immune from the terminal */
- disconnect(1, e);
+ disconnect(2, e);
/* prevent parent from waiting if there was an error */
if (pid < 0)
@@ -788,10 +795,10 @@ dofork()
*/
#ifndef NO_UID
-# define NO_UID ((uid_t) -1)
+# define NO_UID -1
#endif
#ifndef NO_GID
-# define NO_GID ((gid_t) -1)
+# define NO_GID -1
#endif
int
@@ -1500,9 +1507,9 @@ tryhost:
{
int i;
int saveerrno;
- uid_t new_euid = NO_UID;
- uid_t new_ruid = NO_UID;
- gid_t new_gid = NO_GID;
+ int new_euid = NO_UID;
+ int new_ruid = NO_UID;
+ int new_gid = NO_GID;
struct stat stb;
extern int DtableSize;
@@ -1765,12 +1772,13 @@ tryhost:
}
#endif
+ /* clear out per-message flags from connection structure */
+ mci->mci_flags &= ~(MCIF_CVT7TO8|MCIF_CVT8TO7);
+
if (bitset(EF_HAS8BIT, e->e_flags) &&
!bitset(EF_DONT_MIME, e->e_flags) &&
bitnset(M_7BITS, m->m_flags))
mci->mci_flags |= MCIF_CVT8TO7;
- else
- mci->mci_flags &= ~MCIF_CVT8TO7;
#if MIME7TO8
if (bitnset(M_MAKE8BIT, m->m_flags) &&
@@ -2000,7 +2008,7 @@ tryhost:
e->e_statmsg = NULL;
/* reset the mci state for the next transaction */
- if (mci->mci_state == MCIS_ACTIVE)
+ if (mci != NULL && mci->mci_state == MCIS_ACTIVE)
mci->mci_state = MCIS_OPEN;
}
# endif
@@ -2014,7 +2022,7 @@ tryhost:
#if SMTP
/* now close the connection */
- if (clever && mci->mci_state != MCIS_CLOSED &&
+ if (clever && mci != NULL && mci->mci_state != MCIS_CLOSED &&
!bitset(MCIF_CACHED, mci->mci_flags))
smtpquit(m, mci, e);
#endif
diff --git a/usr.sbin/sendmail/src/envelope.c b/usr.sbin/sendmail/src/envelope.c
index 67815223cf06..c5e98f7e3f14 100644
--- a/usr.sbin/sendmail/src/envelope.c
+++ b/usr.sbin/sendmail/src/envelope.c
@@ -33,7 +33,7 @@
*/
#ifndef lint
-static char sccsid[] = "@(#)envelope.c 8.99 (Berkeley) 12/1/96";
+static char sccsid[] = "@(#)envelope.c 8.101 (Berkeley) 12/16/96";
#endif /* not lint */
#include "sendmail.h"
@@ -275,11 +275,14 @@ dropenvelope(e, fulldrop)
if (bitset(EF_FATALERRS, e->e_flags) && !failure_return)
{
- failure_return = TRUE;
for (q = e->e_sendqueue; q != NULL; q = q->q_next)
{
- if (!bitset(QDONTSEND, q->q_flags))
+ if (!bitset(QDONTSEND, q->q_flags) &&
+ bitset(QPINGONFAILURE, q->q_flags))
+ {
+ failure_return = TRUE;
q->q_flags |= QBADADDR;
+ }
}
}
@@ -640,6 +643,8 @@ closexscript(e)
** e -- the envelope in which we would like the sender set.
** delimptr -- if non-NULL, set to the location of the
** trailing delimiter.
+** delimchar -- the character that will delimit the sender
+** address.
** internal -- set if this address is coming from an internal
** source such as an owner alias.
**
@@ -651,16 +656,16 @@ closexscript(e)
*/
void
-setsender(from, e, delimptr, internal)
+setsender(from, e, delimptr, delimchar, internal)
char *from;
register ENVELOPE *e;
char **delimptr;
+ int delimchar;
bool internal;
{
register char **pvp;
char *realname = NULL;
register struct passwd *pw;
- char delimchar;
char *bp;
char buf[MAXNAME + 2];
char pvpbuf[PSBUFSIZE];
@@ -683,7 +688,6 @@ setsender(from, e, delimptr, internal)
if (ConfigLevel < 2)
SuprErrs = TRUE;
- delimchar = internal ? '\0' : ' ';
e->e_from.q_flags = QBADADDR;
if (from == NULL ||
parseaddr(from, &e->e_from, RF_COPYALL|RF_SENDERADDR,
diff --git a/usr.sbin/sendmail/src/headers.c b/usr.sbin/sendmail/src/headers.c
index ba1845df168e..d40d95f470a8 100644
--- a/usr.sbin/sendmail/src/headers.c
+++ b/usr.sbin/sendmail/src/headers.c
@@ -33,7 +33,7 @@
*/
#ifndef lint
-static char sccsid[] = "@(#)headers.c 8.101 (Berkeley) 11/23/96";
+static char sccsid[] = "@(#)headers.c 8.103 (Berkeley) 12/11/96";
#endif /* not lint */
# include <errno.h>
@@ -569,7 +569,7 @@ eatheader(e, full)
if (tTd(32, 2))
printf("eatheader: setsender(*%s == %s)\n",
hi->hi_field, p);
- setsender(p, e, NULL, TRUE);
+ setsender(p, e, NULL, '\0', TRUE);
}
}
@@ -1165,7 +1165,11 @@ putheader(mci, hdr, e)
/* suppress return receipts if requested */
if (bitset(H_RECEIPTTO, h->h_flags) &&
+#if _FFR_DSN_RRT
+ (RrtImpliesDsn || bitset(EF_NORECEIPT, e->e_flags)))
+#else
bitset(EF_NORECEIPT, e->e_flags))
+#endif
{
if (tTd(34, 11))
printf(" (skipped (receipt))\n");
diff --git a/usr.sbin/sendmail/src/main.c b/usr.sbin/sendmail/src/main.c
index fbd954a671d7..3c30fb3e6173 100644
--- a/usr.sbin/sendmail/src/main.c
+++ b/usr.sbin/sendmail/src/main.c
@@ -39,7 +39,7 @@ static char copyright[] =
#endif /* not lint */
#ifndef lint
-static char sccsid[] = "@(#)main.c 8.223 (Berkeley) 12/1/96";
+static char sccsid[] = "@(#)main.c 8.230 (Berkeley) 1/17/97";
#endif /* not lint */
#define _DEFINE
@@ -145,12 +145,12 @@ main(argc, argv, envp)
extern char *optarg;
extern char **environ;
extern time_t convtime();
- extern void intsig();
+ extern SIGFUNC_DECL intsig __P((int));
extern struct hostent *myhostname();
extern char *getauthinfo();
extern char *getcfname();
- extern void sigusr1();
- extern void sighup();
+ extern SIGFUNC_DECL sigusr1 __P((int));
+ extern SIGFUNC_DECL sighup __P((int));
extern void initmacros __P((ENVELOPE *));
extern void init_md __P((int, char **));
extern int getdtsize __P((void));
@@ -165,6 +165,7 @@ main(argc, argv, envp)
extern void printqueue __P((void));
extern void sendtoargv __P((char **, ENVELOPE *));
extern void resetlimits __P((void));
+ extern void drop_privileges __P((void));
/*
** Check to see if we reentered.
@@ -228,6 +229,9 @@ main(argc, argv, envp)
tTsetup(tTdvect, sizeof tTdvect, "0-99.1");
+ /* drop group id privileges (RunAsUser not yet set) */
+ drop_privileges();
+
/* Handle any non-getoptable constructions. */
obsolete(argv);
@@ -245,7 +249,7 @@ main(argc, argv, envp)
# define OPTIONS "B:b:C:cd:e:F:f:h:IiM:mN:nO:o:p:q:R:r:sTtUV:vX:"
#endif
opterr = 0;
- while ((j = getopt(argc, argv, OPTIONS)) != EOF)
+ while ((j = getopt(argc, argv, OPTIONS)) != -1)
{
switch (j)
{
@@ -511,7 +515,7 @@ main(argc, argv, envp)
OpMode = MD_PURGESTAT;
optind = 1;
- while ((j = getopt(argc, argv, OPTIONS)) != EOF)
+ while ((j = getopt(argc, argv, OPTIONS)) != -1)
{
switch (j)
{
@@ -806,10 +810,7 @@ main(argc, argv, envp)
if (OpMode != MD_DAEMON && OpMode != MD_FGDAEMON)
{
/* drop privileges -- daemon mode done after socket/bind */
- if (RunAsGid != 0)
- (void) setgid(RunAsGid);
- if (RunAsUid != 0)
- (void) setuid(RunAsUid);
+ drop_privileges();
}
/*
@@ -900,6 +901,20 @@ main(argc, argv, envp)
printf("Warning: HostStatusDirectory required for SingleThreadDelivery\n");
}
+ /* check for permissions */
+ if ((OpMode == MD_DAEMON || OpMode == MD_PURGESTAT) && RealUid != 0)
+ {
+#ifdef LOG
+ if (LogLevel > 1)
+ syslog(LOG_ALERT, "user %d attempted to %s",
+ RealUid,
+ OpMode == MD_DAEMON ? "run daemon"
+ : "purge host status");
+#endif
+ usrerr("Permission denied");
+ exit(EX_USAGE);
+ }
+
if (MeToo)
BlankEnvelope.e_flags |= EF_METOO;
@@ -916,17 +931,6 @@ main(argc, argv, envp)
/* fall through ... */
case MD_DAEMON:
- /* check for permissions */
- if (RealUid != 0)
- {
-#ifdef LOG
- if (LogLevel > 1)
- syslog(LOG_ALERT, "user %d attempted to run daemon",
- RealUid);
-#endif
- usrerr("Permission denied");
- exit(EX_USAGE);
- }
vendor_daemon_setup(CurEnv);
/* remove things that don't make sense in daemon mode */
@@ -948,6 +952,11 @@ main(argc, argv, envp)
Verbose = TRUE;
/* fall through... */
+ case MD_PRINT:
+ /* to handle sendmail -bp -qSfoobar properly */
+ queuemode = FALSE;
+ /* fall through... */
+
default:
/* arrange to exit cleanly on hangup signal */
if (setsignal(SIGHUP, SIG_IGN) == (sigfunc_t) SIG_DFL)
@@ -1214,7 +1223,7 @@ main(argc, argv, envp)
if (OpMode == MD_TEST)
{
char buf[MAXLINE];
- void intindebug();
+ SIGFUNC_DECL intindebug __P((int));
if (isatty(fileno(stdin)))
Verbose = TRUE;
@@ -1318,10 +1327,7 @@ main(argc, argv, envp)
nullserver = getrequests(CurEnv);
/* drop privileges */
- if (RunAsGid != 0)
- (void) setgid(RunAsGid);
- if (RunAsUid != 0)
- (void) setuid(RunAsUid);
+ drop_privileges();
/* at this point we are in a child: reset state */
(void) newenvelope(CurEnv, CurEnv);
@@ -1385,7 +1391,7 @@ main(argc, argv, envp)
if (warn_f_flag != '\0' && !wordinclass(RealUserName, 't'))
auth_warning(CurEnv, "%s set sender to %s using -%c",
RealUserName, from, warn_f_flag);
- setsender(from, CurEnv, NULL, FALSE);
+ setsender(from, CurEnv, NULL, '\0', FALSE);
if (macvalue('s', CurEnv) == NULL)
define('s', RealHostName, CurEnv);
@@ -1450,10 +1456,12 @@ main(argc, argv, envp)
}
-void
-intindebug()
+SIGFUNC_DECL
+intindebug(sig)
+ int sig;
{
longjmp(TopFrame, 1);
+ return SIGFUNC_RETURN;
}
@@ -1528,8 +1536,9 @@ finis()
** Unlocks the current job.
*/
-void
-intsig()
+SIGFUNC_DECL
+intsig(sig)
+ int sig;
{
#ifdef LOG
if (LogLevel > 79)
@@ -1944,15 +1953,18 @@ dumpstate(when)
}
-void
-sigusr1()
+SIGFUNC_DECL
+sigusr1(sig)
+ int sig;
{
dumpstate("user signal");
+ return SIGFUNC_RETURN;
}
-void
-sighup()
+SIGFUNC_DECL
+sighup(sig)
+ int sig;
{
if (SaveArgv[0][0] != '/')
{
@@ -1984,6 +1996,31 @@ sighup()
exit(EX_OSFILE);
}
/*
+** DROP_PRIVILEGES -- reduce privileges to those of the RunAsUser option
+**
+** Parameters:
+** none.
+**
+** Returns:
+** none.
+*/
+
+void
+drop_privileges()
+{
+#ifdef NGROUPS_MAX
+ /* reset group permissions; these can be set later */
+ GIDSET_T emptygidset[NGROUPS_MAX];
+
+ emptygidset[0] = RunAsGid == 0 ? getegid() : RunAsGid;
+ (void) setgroups(1, emptygidset);
+#endif
+ if (RunAsGid != 0)
+ (void) setgid(RunAsGid);
+ if (RunAsUid != 0)
+ (void) setuid(RunAsUid);
+}
+ /*
** TESTMODELINE -- process a test mode input line
**
** Parameters:
diff --git a/usr.sbin/sendmail/src/map.c b/usr.sbin/sendmail/src/map.c
index 1b0f08603dd1..3d40d62e511b 100644
--- a/usr.sbin/sendmail/src/map.c
+++ b/usr.sbin/sendmail/src/map.c
@@ -33,7 +33,7 @@
*/
#ifndef lint
-static char sccsid[] = "@(#)map.c 8.146 (Berkeley) 11/24/96";
+static char sccsid[] = "@(#)map.c 8.147 (Berkeley) 1/17/97";
#endif /* not lint */
#include "sendmail.h"
@@ -1610,7 +1610,8 @@ nis_getcanonname(name, hbsize, statp)
#ifdef NISPLUS
-#undef NIS /* symbol conflict in nis.h */
+#undef NIS /* symbol conflict in nis.h */
+#undef T_UNSPEC /* symbol conflict in nis.h -> ... -> sys/tiuser.h */
#include <rpcsvc/nis.h>
#include <rpcsvc/nislib.h>
diff --git a/usr.sbin/sendmail/src/mime.c b/usr.sbin/sendmail/src/mime.c
index bdb91a2642dc..999c5ab58976 100644
--- a/usr.sbin/sendmail/src/mime.c
+++ b/usr.sbin/sendmail/src/mime.c
@@ -36,7 +36,7 @@
# include <string.h>
#ifndef lint
-static char sccsid[] = "@(#)mime.c 8.51 (Berkeley) 11/24/96";
+static char sccsid[] = "@(#)mime.c 8.54 (Berkeley) 1/14/97";
#endif /* not lint */
/*
@@ -958,10 +958,8 @@ mime7to8(mci, header, e)
register char *p;
char *cte;
char **pvp;
- u_char *obp;
u_char *fbufp;
char buf[MAXLINE];
- u_char obuf[MAXLINE + 1];
u_char fbuf[MAXLINE + 1];
char pvpbuf[MAXLINE];
extern u_char MimeTokenTab[256];
@@ -1045,9 +1043,10 @@ mime7to8(mci, header, e)
c2 = CHAR64(c2);
*fbufp = (c1 << 2) | ((c2 & 0x30) >> 4);
- if (*fbufp++ == '\n' || fbuf >= &fbuf[MAXLINE])
+ if (*fbufp++ == '\n' || fbufp >= &fbuf[MAXLINE])
{
- if (*--fbufp != '\n' || *--fbufp != '\r')
+ if (*--fbufp != '\n' ||
+ (fbufp > fbuf && *--fbufp != '\r'))
fbufp++;
*fbufp = '\0';
putline((char *) fbuf, mci);
@@ -1057,9 +1056,10 @@ mime7to8(mci, header, e)
continue;
c3 = CHAR64(c3);
*fbufp = ((c2 & 0x0f) << 4) | ((c3 & 0x3c) >> 2);
- if (*fbufp++ == '\n' || fbuf >= &fbuf[MAXLINE])
+ if (*fbufp++ == '\n' || fbufp >= &fbuf[MAXLINE])
{
- if (*--fbufp != '\n' || *--fbufp != '\r')
+ if (*--fbufp != '\n' ||
+ (fbufp > fbuf && *--fbufp != '\r'))
fbufp++;
*fbufp = '\0';
putline((char *) fbuf, mci);
@@ -1069,36 +1069,38 @@ mime7to8(mci, header, e)
continue;
c4 = CHAR64(c4);
*fbufp = ((c3 & 0x03) << 6) | c4;
- if (*fbufp++ == '\n' || fbuf >= &fbuf[MAXLINE])
+ if (*fbufp++ == '\n' || fbufp >= &fbuf[MAXLINE])
{
- if (*--fbufp != '\n' || *--fbufp != '\r')
+ if (*--fbufp != '\n' ||
+ (fbufp > fbuf && *--fbufp != '\r'))
fbufp++;
*fbufp = '\0';
putline((char *) fbuf, mci);
fbufp = fbuf;
}
}
-
- /* force out partial last line */
- if (fbufp > fbuf)
- {
- *fbufp = '\0';
- putline((char *) fbuf, mci);
- }
}
else
{
/* quoted-printable */
- obp = obuf;
+ fbufp = fbuf;
while (fgets(buf, sizeof buf, e->e_dfp) != NULL)
{
- if (mime_fromqp((u_char *) buf, &obp, 0, &obuf[MAXLINE] - obp) == 0)
+ if (mime_fromqp((u_char *) buf, &fbufp, 0,
+ &fbuf[MAXLINE] - fbufp) == 0)
continue;
- putline((char *) obuf, mci);
- obp = obuf;
+ putline((char *) fbuf, mci);
+ fbufp = fbuf;
}
}
+
+ /* force out partial last line */
+ if (fbufp > fbuf)
+ {
+ *fbufp = '\0';
+ putline((char *) fbuf, mci);
+ }
if (tTd(43, 3))
printf("\t\t\tmime7to8 => %s to 8bit done\n", cte);
}
diff --git a/usr.sbin/sendmail/src/queue.c b/usr.sbin/sendmail/src/queue.c
index 5d00b9f73c26..2afa73dcf744 100644
--- a/usr.sbin/sendmail/src/queue.c
+++ b/usr.sbin/sendmail/src/queue.c
@@ -36,9 +36,9 @@
#ifndef lint
#if QUEUE
-static char sccsid[] = "@(#)queue.c 8.145 (Berkeley) 12/2/96 (with queueing)";
+static char sccsid[] = "@(#)queue.c 8.153 (Berkeley) 1/14/97 (with queueing)";
#else
-static char sccsid[] = "@(#)queue.c 8.145 (Berkeley) 12/2/96 (without queueing)";
+static char sccsid[] = "@(#)queue.c 8.153 (Berkeley) 1/14/97 (without queueing)";
#endif
#endif /* not lint */
@@ -68,10 +68,6 @@ WORK *WorkQ; /* queue of things to be done */
#define QF_VERSION 2 /* version number of this queue format */
-#if !defined(NGROUPS_MAX) && defined(NGROUPS)
-# define NGROUPS_MAX NGROUPS /* POSIX naming convention */
-#endif
-
extern int orderq __P((bool));
/*
** QUEUEUP -- queue a message up for future transmission.
@@ -553,6 +549,7 @@ runqueue(forkflag, verbose)
extern ENVELOPE BlankEnvelope;
extern void clrdaemon __P((void));
extern void runqueueevent __P((bool));
+ extern void drop_privileges __P((void));
/*
** If no work will ever be selected, don't even bother reading
@@ -561,7 +558,7 @@ runqueue(forkflag, verbose)
CurrentLA = getla(); /* get load average */
- if (shouldqueue(0L, curtime()))
+ if (CurrentLA >= QueueLA)
{
char *msg = "Skipping queue run -- load average too high";
@@ -583,9 +580,9 @@ runqueue(forkflag, verbose)
if (forkflag)
{
pid_t pid;
- extern void intsig();
+ extern SIGFUNC_DECL intsig __P((int));
#ifdef SIGCHLD
- extern void reapchild();
+ extern SIGFUNC_DECL reapchild __P((int));
blocksignal(SIGCHLD);
(void) setsignal(SIGCHLD, reapchild);
@@ -633,7 +630,6 @@ runqueue(forkflag, verbose)
(void) setsignal(SIGCHLD, SIG_DFL);
#endif /* SIGCHLD */
(void) setsignal(SIGHUP, intsig);
- Verbose = FALSE;
}
setproctitle("running queue: %s", QueueDir);
@@ -657,12 +653,7 @@ runqueue(forkflag, verbose)
/* drop privileges */
if (geteuid() == (uid_t) 0)
- {
- if (RunAsGid != (gid_t) 0)
- (void) setgid(RunAsGid);
- if (RunAsUid != (uid_t) 0)
- (void) setuid(RunAsUid);
- }
+ drop_privileges();
/*
** Create ourselves an envelope
@@ -672,6 +663,10 @@ runqueue(forkflag, verbose)
e = newenvelope(&QueueEnvelope, CurEnv);
e->e_flags = BlankEnvelope.e_flags;
+ /* make sure we have disconnected from parent */
+ if (forkflag)
+ disconnect(1, e);
+
/*
** Make sure the alias database is open.
*/
@@ -1569,12 +1564,13 @@ readqf(e)
{
case 'V': /* queue file version number */
qfver = atoi(&bp[1]);
- if (qfver > QF_VERSION)
- {
- syserr("Version number in qf (%d) greater than max (%d)",
- qfver, QF_VERSION);
- }
- break;
+ if (qfver <= QF_VERSION)
+ break;
+ syserr("Version number in qf (%d) greater than max (%d)",
+ qfver, QF_VERSION);
+ fclose(qfp);
+ loseqfile(e, "unsupported qf file version");
+ return FALSE;
case 'C': /* specify controlling user */
ctladdr = setctluser(&bp[1], qfver);
@@ -1645,7 +1641,7 @@ readqf(e)
break;
case 'S': /* sender */
- setsender(newstr(&bp[1]), e, NULL, TRUE);
+ setsender(newstr(&bp[1]), e, NULL, '\0', TRUE);
break;
case 'B': /* body type */
diff --git a/usr.sbin/sendmail/src/readcf.c b/usr.sbin/sendmail/src/readcf.c
index 58c4a3af21ae..ca0100f1c4ff 100644
--- a/usr.sbin/sendmail/src/readcf.c
+++ b/usr.sbin/sendmail/src/readcf.c
@@ -33,7 +33,7 @@
*/
#ifndef lint
-static char sccsid[] = "@(#)readcf.c 8.181 (Berkeley) 12/1/96";
+static char sccsid[] = "@(#)readcf.c 8.184 (Berkeley) 1/14/97";
#endif /* not lint */
# include "sendmail.h"
@@ -1482,6 +1482,14 @@ struct optioninfo
{ "SingleThreadDelivery", O_SINGTHREAD, FALSE },
#define O_RUNASUSER 0x9d
{ "RunAsUser", O_RUNASUSER, FALSE },
+#ifdef _FFR_DSN_RRT
+#define O_DSN_RRT 0x9e
+ { "RrtImpliesDsn", O_DSN_RRT, FALSE },
+#endif
+#ifdef _FFR_PIDFILE_OPT
+#define O_PIDFILE 0x9f
+ { "PidFile", O_PIDFILE, FALSE },
+#endif
{ NULL, '\0', FALSE }
};
@@ -2264,6 +2272,19 @@ setoption(opt, val, safe, sticky, e)
}
break;
+#ifdef _FFR_DSN_RRT
+ case O_DSN_RRT:
+ RrtImpliesDsn = atobool(p);
+ break;
+#endif
+
+#ifdef _FFR_PIDFILE_OPT
+ case O_PIDFILE:
+ free(PidFile);
+ PidFile = newstr(p);
+ break;
+#endif
+
default:
if (tTd(37, 1))
{
diff --git a/usr.sbin/sendmail/src/savemail.c b/usr.sbin/sendmail/src/savemail.c
index 4abad53a8364..0d949f8749eb 100644
--- a/usr.sbin/sendmail/src/savemail.c
+++ b/usr.sbin/sendmail/src/savemail.c
@@ -33,7 +33,7 @@
*/
#ifndef lint
-static char sccsid[] = "@(#)savemail.c 8.101 (Berkeley) 11/24/96";
+static char sccsid[] = "@(#)savemail.c 8.103 (Berkeley) 1/18/97";
#endif /* not lint */
# include "sendmail.h"
@@ -643,7 +643,7 @@ returntosender(msg, returnq, flags, e)
markstats(ee, NULLADDR);
/* actually deliver the error message */
- sendall(ee, SM_DEFAULT);
+ sendall(ee, SM_DELIVER);
/* restore state */
dropenvelope(ee, TRUE);
@@ -1388,7 +1388,8 @@ xuntextify(t)
** XTEXTOK -- check if a string is legal xtext
**
** Xtext is used in Delivery Status Notifications. The spec was
-** taken from draft-ietf-notary-mime-delivery-04.txt.
+** taken from RFC 1891, ``SMTP Service Extension for Delivery
+** Status Notifications''.
**
** Parameters:
** s -- the string to check.
diff --git a/usr.sbin/sendmail/src/sendmail.8 b/usr.sbin/sendmail/src/sendmail.8
index f7c87507a2de..81a4440f11aa 100644
--- a/usr.sbin/sendmail/src/sendmail.8
+++ b/usr.sbin/sendmail/src/sendmail.8
@@ -29,9 +29,9 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.\" @(#)sendmail.8 8.10 (Berkeley) 9/20/96
+.\" @(#)sendmail.8 8.11 (Berkeley) 1/16/97
.\"
-.Dd September 20, 1996
+.Dd January 16, 1997
.Dt SENDMAIL 8
.Os BSD 4
.Sh NAME
@@ -293,7 +293,7 @@ be set when called by a network delivery agent such as
.Nm rmail .
.It Fl V Ar envid
Set the original envelope id.
-This is propogated across SMTP to servers that support DSNs
+This is propagated across SMTP to servers that support DSNs
and is returned in DSN-compliant error messages.
.It Fl v
Go into verbose mode.
diff --git a/usr.sbin/sendmail/src/sendmail.h b/usr.sbin/sendmail/src/sendmail.h
index 6aba9aba6bbf..9c0e3e2b4ef6 100644
--- a/usr.sbin/sendmail/src/sendmail.h
+++ b/usr.sbin/sendmail/src/sendmail.h
@@ -31,7 +31,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * @(#)sendmail.h 8.216 (Berkeley) 12/1/96
+ * @(#)sendmail.h 8.219 (Berkeley) 1/14/97
*/
/*
@@ -41,7 +41,7 @@
# ifdef _DEFINE
# define EXTERN
# ifndef lint
-static char SmailSccsId[] = "@(#)sendmail.h 8.216 12/1/96";
+static char SmailSccsId[] = "@(#)sendmail.h 8.219 1/14/97";
# endif
# else /* _DEFINE */
# define EXTERN extern
@@ -1135,7 +1135,7 @@ EXTERN bool HasWildcardMX; /* don't use MX records when canonifying */
EXTERN char SpaceSub; /* substitution for <lwsp> */
EXTERN int PrivacyFlags; /* privacy flags */
EXTERN char *ConfFile; /* location of configuration file [conf.c] */
-extern char *PidFile; /* location of proc id file [conf.c] */
+EXTERN char *PidFile; /* location of proc id file [conf.c] */
extern ADDRESS NullAddress; /* a null (template) address [main.c] */
EXTERN long WkClassFact; /* multiplier for message class -> priority */
EXTERN long WkRecipFact; /* multiplier for # of recipients -> priority */
@@ -1165,6 +1165,9 @@ EXTERN bool AllowBogusHELO; /* allow syntax errors on HELO command */
EXTERN bool UserSubmission; /* initial (user) mail submission */
EXTERN uid_t RunAsUid; /* UID to become for bulk of run */
EXTERN gid_t RunAsGid; /* GID to become for bulk of run */
+#ifdef _FFR_DSN_RRT
+EXTERN bool RrtImpliesDsn; /* turn Return-Receipt-To: into DSN */
+#endif
EXTERN bool IgnoreHostStatus; /* ignore long term host status files */
EXTERN bool SingleThreadDelivery; /* single thread hosts on delivery */
EXTERN bool UnsafeGroupWrites; /* group-writable files are unsafe */
@@ -1291,7 +1294,7 @@ extern void makelower __P((char *));
extern void rebuildaliases __P((MAP *, bool));
extern void readaliases __P((MAP *, FILE *, bool, bool));
extern void finis __P(());
-extern void setsender __P((char *, ENVELOPE *, char **, bool));
+extern void setsender __P((char *, ENVELOPE *, char **, int, bool));
extern FILE *safefopen __P((char *, int, int, int));
extern void xputs __P((const char *));
extern void logsender __P((ENVELOPE *, char *));
diff --git a/usr.sbin/sendmail/src/srvrsmtp.c b/usr.sbin/sendmail/src/srvrsmtp.c
index 895cce5e3a92..83bd46389a92 100644
--- a/usr.sbin/sendmail/src/srvrsmtp.c
+++ b/usr.sbin/sendmail/src/srvrsmtp.c
@@ -36,9 +36,9 @@
#ifndef lint
#if SMTP
-static char sccsid[] = "@(#)srvrsmtp.c 8.131 (Berkeley) 12/1/96 (with SMTP)";
+static char sccsid[] = "@(#)srvrsmtp.c 8.136 (Berkeley) 1/17/97 (with SMTP)";
#else
-static char sccsid[] = "@(#)srvrsmtp.c 8.131 (Berkeley) 12/1/96 (without SMTP)";
+static char sccsid[] = "@(#)srvrsmtp.c 8.136 (Berkeley) 1/17/97 (without SMTP)";
#endif
#endif /* not lint */
@@ -121,7 +121,11 @@ char *CurSmtpClient; /* who's at the other end of channel */
static char *skipword();
-#define MAXBADCOMMANDS 25 /* maximum number of bad commands */
+#define MAXBADCOMMANDS 25 /* maximum number of bad commands */
+#define MAXNOOPCOMMANDS 20 /* max "noise" commands before slowdown */
+#define MAXHELOCOMMANDS 3 /* max HELO/EHLO commands before slowdown */
+#define MAXVRFYCOMMANDS 6 /* max VRFY/EXPN commands before slowdown */
+#define MAXETRNCOMMANDS 8 /* max ETRN commands before slowdown */
void
smtp(nullserver, e)
@@ -146,6 +150,8 @@ smtp(nullserver, e)
volatile int badcommands = 0; /* count of bad commands */
volatile int nverifies = 0; /* count of VRFY/EXPN commands */
volatile int n_etrn = 0; /* count of ETRN commands */
+ volatile int n_noop = 0; /* count of NOOP/VERB/ONEX etc cmds */
+ volatile int n_helo = 0; /* count of HELO/EHLO commands */
bool ok;
char inp[MAXLINE];
char cmdbuf[MAXLINE];
@@ -154,6 +160,7 @@ smtp(nullserver, e)
extern void settime __P((ENVELOPE *));
extern bool enoughdiskspace __P((long));
extern int runinchild __P((char *, ENVELOPE *));
+ extern void checksmtpattack __P((volatile int *, int, char *));
if (fileno(OutChannel) != fileno(stdout))
{
@@ -303,10 +310,23 @@ smtp(nullserver, e)
** to everything.
*/
- if (nullserver && c->cmdcode != CMDQUIT)
+ if (nullserver)
{
- message("550 Access denied");
- continue;
+ switch (c->cmdcode)
+ {
+ case CMDQUIT:
+ case CMDHELO:
+ case CMDEHLO:
+ case CMDNOOP:
+ /* process normally */
+ break;
+
+ default:
+ if (++badcommands > MAXBADCOMMANDS)
+ sleep(1);
+ message("550 Access denied");
+ continue;
+ }
}
/* non-null server */
@@ -325,6 +345,17 @@ smtp(nullserver, e)
SmtpPhase = "server HELO";
}
+ /* avoid denial-of-service */
+ checksmtpattack(&n_helo, MAXHELOCOMMANDS, "HELO/EHLO");
+
+ /* check for duplicate HELO/EHLO per RFC 1651 4.2 */
+ if (gothello)
+ {
+ message("503 %s Duplicate HELO/EHLO",
+ MyHostName);
+ break;
+ }
+
/* check for valid domain name (re 1123 5.2.5) */
if (*p == '\0' && !AllowBogusHELO)
{
@@ -355,20 +386,15 @@ smtp(nullserver, e)
if (!AllowBogusHELO)
message("501 Invalid domain name");
else
+ {
message("250 %s Invalid domain name, accepting anyway",
MyHostName);
+ gothello = TRUE;
+ }
break;
}
}
- /* check for duplicate HELO/EHLO per RFC 1651 4.2 */
- if (gothello)
- {
- message("503 %s Duplicate HELO/EHLO",
- MyHostName);
- break;
- }
-
sendinghost = newstr(p);
gothello = TRUE;
if (c->cmdcode != CMDEHLO)
@@ -484,7 +510,7 @@ smtp(nullserver, e)
/* must parse sender first */
delimptr = NULL;
- setsender(p, e, &delimptr, FALSE);
+ setsender(p, e, &delimptr, ' ', FALSE);
if (delimptr != NULL && *delimptr != '\0')
*delimptr++ = '\0';
@@ -775,18 +801,8 @@ smtp(nullserver, e)
case CMDVRFY: /* vrfy -- verify address */
case CMDEXPN: /* expn -- expand address */
- if (++nverifies >= MAXBADCOMMANDS)
- {
-#ifdef LOG
- if (nverifies == MAXBADCOMMANDS &&
- LogLevel > 5)
- {
- syslog(LOG_INFO, "%.100s: VRFY attack?",
- CurSmtpClient);
- }
-#endif
- sleep(1);
- }
+ checksmtpattack(&nverifies, MAXVRFYCOMMANDS,
+ c->cmdcode == CMDVRFY ? "VRFY" : "EXPN");
vrfy = c->cmdcode == CMDVRFY;
if (bitset(vrfy ? PRIV_NOVRFY : PRIV_NOEXPN,
PrivacyFlags))
@@ -867,8 +883,8 @@ smtp(nullserver, e)
}
/* crude way to avoid denial-of-service attacks */
- if (n_etrn++ >= 3)
- sleep(3);
+ checksmtpattack(&n_etrn, MAXETRNCOMMANDS, "ETRN");
+
id = p;
if (*id == '@')
id++;
@@ -892,6 +908,7 @@ smtp(nullserver, e)
break;
case CMDNOOP: /* noop -- do nothing */
+ checksmtpattack(&n_noop, MAXNOOPCOMMANDS, "NOOP");
message("250 OK");
break;
@@ -916,17 +933,20 @@ doquit:
message("502 Verbose unavailable");
break;
}
+ checksmtpattack(&n_noop, MAXNOOPCOMMANDS, "VERB");
Verbose = TRUE;
e->e_sendmode = SM_DELIVER;
message("250 Verbose mode");
break;
case CMDONEX: /* doing one transaction only */
+ checksmtpattack(&n_noop, MAXNOOPCOMMANDS, "ONEX");
OneXact = TRUE;
message("250 Only one transaction");
break;
case CMDXUSR: /* initial (user) submission */
+ checksmtpattack(&n_noop, MAXNOOPCOMMANDS, "XUSR");
UserSubmission = TRUE;
message("250 Initial submission");
break;
@@ -976,6 +996,40 @@ doquit:
}
}
/*
+** CHECKSMTPATTACK -- check for denial-of-service attack by repetition
+**
+** Parameters:
+** pcounter -- pointer to a counter for this command.
+** maxcount -- maximum value for this counter before we
+** slow down.
+** cname -- command name for logging.
+**
+** Returns:
+** none.
+**
+** Side Effects:
+** Slows down if we seem to be under attack.
+*/
+
+void
+checksmtpattack(pcounter, maxcount, cname)
+ volatile int *pcounter;
+ int maxcount;
+ char *cname;
+{
+ if (++(*pcounter) >= maxcount)
+ {
+#ifdef LOG
+ if (*pcounter == maxcount && LogLevel > 5)
+ {
+ syslog(LOG_INFO, "%.100s: %.40s attack?",
+ CurSmtpClient, cname);
+ }
+#endif
+ sleep(*pcounter / maxcount);
+ }
+}
+ /*
** SKIPWORD -- skip a fixed word.
**
** Parameters:
diff --git a/usr.sbin/sendmail/src/udb.c b/usr.sbin/sendmail/src/udb.c
index 8c34c23edae1..bb54ee8eb5a7 100644
--- a/usr.sbin/sendmail/src/udb.c
+++ b/usr.sbin/sendmail/src/udb.c
@@ -36,9 +36,9 @@
#ifndef lint
#if USERDB
-static char sccsid [] = "@(#)udb.c 8.46 (Berkeley) 12/1/96 (with USERDB)";
+static char sccsid [] = "@(#)udb.c 8.47 (Berkeley) 12/6/96 (with USERDB)";
#else
-static char sccsid [] = "@(#)udb.c 8.46 (Berkeley) 12/1/96 (without USERDB)";
+static char sccsid [] = "@(#)udb.c 8.47 (Berkeley) 12/6/96 (without USERDB)";
#endif
#endif
@@ -275,7 +275,7 @@ udbexpand(a, sendq, aliaslevel, e)
userleft--;
}
bcopy(info.data, p, info.size);
- user[info.size] = '\0';
+ p[info.size] = '\0';
userleft -= info.size;
/* get the next record */
diff --git a/usr.sbin/sendmail/src/usersmtp.c b/usr.sbin/sendmail/src/usersmtp.c
index 7bd976bd4fad..d98841a85387 100644
--- a/usr.sbin/sendmail/src/usersmtp.c
+++ b/usr.sbin/sendmail/src/usersmtp.c
@@ -36,9 +36,9 @@
#ifndef lint
#if SMTP
-static char sccsid[] = "@(#)usersmtp.c 8.79 (Berkeley) 12/1/96 (with SMTP)";
+static char sccsid[] = "@(#)usersmtp.c 8.80 (Berkeley) 1/18/97 (with SMTP)";
#else
-static char sccsid[] = "@(#)usersmtp.c 8.79 (Berkeley) 12/1/96 (without SMTP)";
+static char sccsid[] = "@(#)usersmtp.c 8.80 (Berkeley) 1/18/97 (without SMTP)";
#endif
#endif /* not lint */
@@ -493,6 +493,12 @@ smtpmailfrom(m, mci, e)
smtpquit(m, mci, e);
return EX_TEMPFAIL;
}
+ else if (r == 452 && bitset(MCIF_SIZE, mci->mci_flags) &&
+ e->e_msgsize > 0)
+ {
+ mci_setstat(mci, EX_NOTSTICKY, smtptodsn(r), SmtpReplyBuffer);
+ return EX_TEMPFAIL;
+ }
else if (REPLYTYPE(r) == 4)
{
mci_setstat(mci, EX_TEMPFAIL, smtptodsn(r), SmtpReplyBuffer);
@@ -684,6 +690,7 @@ smtpdata(m, mci, e)
register int r;
register EVENT *ev;
int rstat;
+ int xstat;
time_t timeout;
/*
@@ -790,17 +797,22 @@ smtpdata(m, mci, e)
return EX_TEMPFAIL;
}
mci->mci_state = MCIS_OPEN;
- if (REPLYTYPE(r) == 4)
+ xstat = EX_NOTSTICKY;
+ if (r == 452)
rstat = EX_TEMPFAIL;
+ else if (r == 552)
+ rstat = EX_UNAVAILABLE;
+ else if (REPLYTYPE(r) == 4)
+ rstat = xstat = EX_TEMPFAIL;
else if (REPLYCLASS(r) != 5)
- rstat = EX_PROTOCOL;
+ rstat = xstat = EX_PROTOCOL;
else if (REPLYTYPE(r) == 2)
- rstat = EX_OK;
+ rstat = xstat = EX_OK;
else if (REPLYTYPE(r) == 5)
- rstat = EX_UNAVAILABLE;
+ rstat = xstat = EX_UNAVAILABLE;
else
rstat = EX_PROTOCOL;
- mci_setstat(mci, rstat, smtptodsn(r), SmtpReplyBuffer);
+ mci_setstat(mci, xstat, smtptodsn(r), SmtpReplyBuffer);
if (e->e_statmsg != NULL)
free(e->e_statmsg);
e->e_statmsg = newstr(&SmtpReplyBuffer[4]);
diff --git a/usr.sbin/sendmail/src/util.c b/usr.sbin/sendmail/src/util.c
index eae587ba25e6..dbe76552394a 100644
--- a/usr.sbin/sendmail/src/util.c
+++ b/usr.sbin/sendmail/src/util.c
@@ -33,7 +33,7 @@
*/
#ifndef lint
-static char sccsid[] = "@(#)util.c 8.113 (Berkeley) 11/24/96";
+static char sccsid[] = "@(#)util.c 8.115 (Berkeley) 1/5/97";
#endif /* not lint */
# include "sendmail.h"
@@ -313,7 +313,7 @@ xputs(s)
{
if (bitset(0200, *s))
printf("{%s}", macname(*s++ & 0377));
- else
+ else if (*s != '\0')
printf("%c", *s++);
}
if (mp->metaname != '\0')
@@ -670,7 +670,9 @@ safefile(fn, uid, gid, uname, flags, mode, st)
return EPERM;
}
- if (uid == 0 && !bitset(SFF_ROOTOK, flags))
+ if (uid == 0 && bitset(SFF_OPENASROOT, flags))
+ ;
+ else if (uid == 0 && !bitset(SFF_ROOTOK, flags))
mode >>= 6;
else if (st->st_uid != uid)
{
diff --git a/usr.sbin/sendmail/src/version.c b/usr.sbin/sendmail/src/version.c
index 617e11afbfeb..a6b4f168ce1e 100644
--- a/usr.sbin/sendmail/src/version.c
+++ b/usr.sbin/sendmail/src/version.c
@@ -33,7 +33,7 @@
*/
#ifndef lint
-static char sccsid[] = "@(#)version.c 8.8.4.4 (Berkeley) 12/2/96";
+static char sccsid[] = "@(#)version.c 8.8.5.3 (Berkeley) 1/21/97";
#endif /* not lint */
-char Version[] = "8.8.4";
+char Version[] = "8.8.5";
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-31 23:34:20 +0000