diff options
Diffstat (limited to 'contrib')
77 files changed, 2013 insertions, 937 deletions
diff --git a/contrib/sendmail/PGPKEYS b/contrib/sendmail/PGPKEYS index 45ca18caedd4..2b4041bd77d6 100644 --- a/contrib/sendmail/PGPKEYS +++ b/contrib/sendmail/PGPKEYS @@ -89,6 +89,83 @@ y+PVZ1MwnEXfTQReVSla0AAOIRirHEh4YnUVZzFSNEJqoDRZQwVd7Q== -----END PGP PUBLIC KEY BLOCK----- Type Bits KeyID Created Expires Algorithm Use +pub 1024 0xAF959625 2005-12-31 ---------- RSA Sign & Encrypt +f16 Fingerprint16 = E3 F4 97 BC 9F DF 3F 1D 9B 0D DF D5 77 9A C9 79 +uid Sendmail Signing Key/2006 <sendmail@Sendmail.ORG> + +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.1 (OpenBSD) + +mQCNA0O3FKgAAAEEALUfKjFiXc8T2XS4C8N/jJQkProkzyl7mdN0xVKqokMy9/rx +nbji5dG7WlxyJX3jI9eypZV/d5+KpXljvyC+cBIxhhmsEhVT6AsOkxlg/Y8Gmb5Q +bn2mAiyeaylvcFeHLjBA+CaMByDms97M6FbiSzdXx6JtLP1Tdx57s8ivlZYlAAUR +tDFTZW5kbWFpbCBTaWduaW5nIEtleS8yMDA2IDxzZW5kbWFpbEBTZW5kbWFpbC5P +Ukc+iQCVAwUQQ7cUqB57s8ivlZYlAQEn6gQApe1I5DhI/Y+fwI8hjx7Ydd8LQ553 +CoBYnvoqrxybSZtOc3D7LHoKIb01R2hx71O282soxjL6N9SGnGQMcVPINXAcJ0Z0 +mTCpUZc+QtItS44R3aqp27q0C8FTt885/pkKT0cQM/9EjWRv3kI+f39gl+MwcA3I +AV4NJmTpi6ASzmmJAJUDBRBDtxYm71iWZNQy4Z0BAbnQA/wIfK6PT+zTefydUovI +G3dDLGGxMowpdG5yQwPwkAEIPFlbLhYsk8E9t8sLsLI1briqKaqxZkHo9ggPNkZU +6Kojwrs7imUZj4AMVL7HDqOlb+jHeYsg3yq/KzKIy3i1fmyUYA/cddSJOp3a0zjy +IISZ9VPR6/KaOj8cLKTQqZG6tYkAlQMFEEO3FjvBnB0lEtNGHQEBJWgD/RkJuAVQ +LL0cEe/VBUi4CmW3iGF+mAokJZn750ibVQg25SjDUc0UScxyvSnl8ehu3fjWmsEu +ckHbzBWkMx/cnCb7xG5Ve1HGgzsBjFpvcQUM07y4JCFOfTOl3WiYP311EKBp2tnL +2i/kdD1IVITswAEQ7XId1NBIuf4P71v16rj/iQCVAwUQQ7cWRL3aj9Y/6n39AQGO +uAQApQ5v6HZkgFNKT+SaXJOsqtk+xQQd19QfQQ2U13uaJ0nQ0i4O11WUTM9qfdWF +utTlDTZKeEdz+Zb67KnuIi8PHyMpBPV1BGvWNqeiEN0Q5TmkxmaXBXTWtGeHoWw4 +Jxaic4LdunSNDIpE0A9zfeaj9YJGX87I3KMf1DQ3h+FCRRWJAJUDBRBDtxZZfEtn +baAOFWMBAVi/A/0bQQvU747R5bMC0vQLRMVOtq6rDwNPlXoFhzW26AU2Pb+mKCkU +ugVqjFaAWm2ILxKvkjgDyfw6b62IvEK4rHJbfwH/FeIfi6e0+ye+TpXcCzXkARTm +FHld0IERIXpaUA6XarNlWfiqaZN0YLpCQH0M29kTFvIfyoUHn9LgvBLe1YkAlQMF +EEO3Fl9vUpPYo5umVQEBVtwEAIaSvlhM+gIKnlxN/1hpcG9639bLlUTkAt2gtn2w +4hPDZxMpblkQhcn3JcO9GD0BHNrV5qYBn3bLFwTG2FIoaROS4XyH8GPbEBWGNg9d +IGm3kLdLTWsRVCtlkLKE74ipiiaN8JhPRGAtFUjcDVSSkGNzw2jBHP0hrQEKga9R +wElSiQCVAwUQQ7cWepwcveLjXFY1AQFA/AP7BRC5j+Hed/B/RjbsbX3mxk4DprEh +6IijxC/2XAZbk1e25GspBO9Pbqs/2GufGCFX60Jj1FQJ2+vq8vg7chNNZ5XNEJse +6GrQtUx2/mEKMtvWGbWGSn53ET+AzmLne/u+f3bIh1OtXXro7w8OUkK9J+ZdG/9V +J/a0nYTlPUw6o3KJAJUDBRBDtxaE1uCh/k++Kt0BAf14BAC4mGT1gE0aoW8rn7kk +XJ3an4hThBZVuR2GS+rvwioEsIk2xe4NEFwJPGKmKq+C4vb0OWSiRev5l1fPx13x +tWDGcm2k3SukDOHB0le6gS0RQx/WHCTe/lRKiQ3w/IuhLmrDfmoOOkDj6KVb5fA0 +x0Uvd4ycXUPSoJcBq7dwNg0f8YkAlQMFEEO3Foo4IttHzDdPLQEB6N0D/3LRqVT4 +Dhw6UmDIre9Tag8EmqTu3R8wFTmmEYDQ+7CxW+ZbJyYEDZp/WU/6xmOE2TSHaFPQ +lgFEAaN1Cp4N9IXAM2EqeNK3fJOAsv4F5NOXbVtGJhyqG4aDUBZPvr/p123cpiiH +2yVIvHDkaacX1Tq/kECpKLj4k5D+dQYrUVdCiQCVAwUQQ7cWl4lpYrhnjAoDAQG9 +pQQAg78+p2O+g7qPh1dAMcnQrI1eW3fTntWbadoKPXO5oFr/n+a74Go0D9+8J9Tt +iW3C11KR3w1q+af5wp+viJfe8YDEwvm5gcmoCxPnwOeSAzdquujnQZRE5lynr6r7 +QzJOFZv457qzndC2P5qSODCkmVC6uAsRxo4Xq/zflzRXmzCJAJUDBRBDtxaeIYPh +sTlvB4kBAcvhA/9LBX9mskFW9IpA3Y5slRV1G2GFv0DXV79295p8OCKlZhEfk1y+ +JyvT2hdnseD3Id2cyoMlEk57gJBuDrKdjeOLBMIJ2lOKGE6dLAsywSYkyFnngXu7 +6QvoTS0mE+ahJlT9VDz79Jl6W+118cIeYzzt1TP8c1WkWBCJJcvge390BYkAlQMF +EEO3FqXI1e0plfYXcQEB7W0D/AjxxjEMuS3UedxXI8VQzTB2o3c0o5DdlK2SXgHP +SFxr9feksucCanCoYfuTWgxm/Ioy7cxtVNZT1dAHfn2MSrGN+2Adoep8E/o6PyiD +t3pCzowtXFS1wjq1j/MX5SJoDrGl0VT1sQXsWh2uOFaeMfH1w9/r9Zkl1RYXYOEn +/jkmiQCVAwUQQ7cWunCgJE0e+ZJRAQGTqgQAtdhMXLTw+tBCshX/CdLhrD0byRN5 +omeib2QWmxdi7Djyz1wbDMBhnssM3SHUj/kRiorTnjv7qU8TS4z9r9zXw9U7XjCO +T/CRepb3siiHzMU4KI5bxdg0ZAsauCVDel5MItT7OlK2Fjv4vCYam/jHGYXe6AEY +dbARTWInDsFK7VCJAJUDBRBDtxgXwCnKQBb0zOkBAQHXA/47Mvt5oI8f2JbOMLkV +E14upGU+zXYeWH7j9L4AYRzjl/Lg7tT+LBTjh+HEdl2UIMdYASrC6WbKEbatb4dr +nu/pxd7/QaeSMV00P9j+Cfa3uIWn6HFUi+TH5fkLwERfkcLHKZ5SshZal9KTbjzv +uwZsArnsNN0A/d1gUqljdDI/K4kAlQMFEEO7cAXPHrUDIjJ6AQEBYWMEAIJ5g1oG +cL28orl4J7SxhOMyQODgaPRHusnWTBsa/ufUugVSR0g+3a2Pzyuq9xWqYStHf50N +hdFx45JtPmkAiWuiBsyycVbBq/ursCeL2SCQPBCcbIfB+4BUbWoU62QA0a+sY5bW +mitsU1FB2Mxd7QWqIBW4jqwB0nsAVxShRdWliJwEEAECAAYFAkO7mAoACgkQ+IYW +ZdmHE1gcHAQAkMZ2julBDdx5TeQ3rrFus44snaHiq5exlN1wIJrVIhJzmOcHq5i5 +ysfoKSha0cYf6F+6kTFxNL/Y9mneisg+rWfgRYmHDzNvXcuyAY/g6rwkRoyVN70q +XhWXdY6nA29E5VH52pKCdjQgpbdyO6JDglLzfq7jVljCuPq8+PXqN+OIRgQQEQIA +BgUCQ7uYzAAKCRDEsQeYhXlqI6AlAJ48z/+X/bUYIu1yekM+Wa3uN1SgSQCePzZl +iV3/rvMdwqhHZPfM00GQQxOIRgQQEQIABgUCQ7vkHwAKCRAJp6JK0eWCB903AJ9x +Jkm4hmDjMy8+ynBwFrnKzmGUgQCdGoOE+xbNHN2kArmTHDvzd80yQAeJAJUDBRJD +u9CCXx7Ib4gMnlUBAfFkA/wP/qNyveNU4ZyJt+Ft/1xIYV4Gk/FJ4MOfpRlDYaN7 +z2FXCjXtWeoxEJ8hqtWUMBuQHSm5T49Zv7Tb+6jtflscL3E/Kz3nIIr3Tzu1iNIM +m3dzI37Qdk/7tnP2fp1fO2VbrQC7CtQTYODko6vTUSLap4+NWbidGNQMSEXAFfBK +2okAlQMFEEO776zh1PwU5tB0cQEBZrEEAMjAS0ahmy5KzFgRMrrI3RkrcKwi+Hnj +Vuw6UowvW7tUhIkdFuXpd/a2YczU2Enivu7uSJgUD/2KzurD60ahJjSkC/l8xDNs +v5wvbB+nYCOVDEvL32tvGiyLyT72MpkwT3ECYXFdlwpk2P7bk87tA9isuue0Nqvr +TlO5vpTGYrPoiEYEEBECAAYFAkO9OlsACgkQorv7JAz5Vve2KACdGpTb2FWBtvXB +cyIoyLoYGLWwtSYAoLDtcY9f816jYC3awv42YCMLuKuE +=bh1L +-----END PGP PUBLIC KEY BLOCK----- + +Type Bits KeyID Created Expires Algorithm Use pub 1024 0x1EF99251 2004-12-30 ---------- RSA Sign & Encrypt f16 Fingerprint16 = 4B 38 0E 0B 41 E8 FC 79 E9 7E 82 9B 04 23 EC 8A uid Sendmail Signing Key/2005 <sendmail@Sendmail.ORG> @@ -1094,4 +1171,4 @@ SIXqPke2iCW6+zdG1T/gS5T9T9/Lf2c9FQf0FjURAi3ynDA2RBLA5FDsI8v3 =dbDm -----END PGP PUBLIC KEY BLOCK----- -$Revision: 8.21 $, Last updated $Date: 2005/01/07 04:39:10 $ +$Revision: 8.23 $, Last updated $Date: 2006/01/07 01:07:21 $ diff --git a/contrib/sendmail/README b/contrib/sendmail/README index c93c11f1f410..b0c25e5b74b3 100644 --- a/contrib/sendmail/README +++ b/contrib/sendmail/README @@ -3,17 +3,18 @@ This directory has the latest sendmail(TM) software from Sendmail, Inc. -Report any bugs to sendmail-bugs@sendmail.ORG +Report any bugs to sendmail-bugs-YYYY@support.sendmail.org +where YYYY is the current year, e.g., 2005. -There is a web site at http://WWW.Sendmail.ORG/ -- see that site for +There is a web site at http://www.sendmail.org/ -- see that site for the latest updates. +--------------+ | INTRODUCTION | +--------------+ -0. The vast majority of queries to <sendmail-questions@sendmail.org> - are answered in the README files noted below. +0. The vast majority of queries about sendmail are answered in the + README files noted below. 1. Read this README file, especially this introduction, and the DIRECTORY PERMISSIONS sections. @@ -463,4 +464,4 @@ sendmail Source for the sendmail program itself. test Some test scripts (currently only for compilation aids). vacation Source for the vacation program. NOT PART OF SENDMAIL! -$Revision: 8.91 $, Last updated $Date: 2002/11/09 23:33:07 $ +$Revision: 8.93 $, Last updated $Date: 2005/09/16 20:08:50 $ diff --git a/contrib/sendmail/RELEASE_NOTES b/contrib/sendmail/RELEASE_NOTES index 098013524c3e..b1bde919f12c 100644 --- a/contrib/sendmail/RELEASE_NOTES +++ b/contrib/sendmail/RELEASE_NOTES @@ -1,11 +1,120 @@ SENDMAIL RELEASE NOTES - $Id: RELEASE_NOTES,v 8.1730 2005/03/28 00:31:23 gshapiro Exp $ + $Id: RELEASE_NOTES,v 8.1765 2006/03/08 02:15:03 ca Exp $ This listing shows the version of the sendmail binary, the version of the sendmail configuration files, the date of release, and a summary of the changes in that release. +8.13.6/8.13.6 2006/03/22 + SECURITY: Replace unsafe use of setjmp(3)/longjmp(3) in the server + and client side of sendmail with timeouts in the libsm I/O + layer and fix problems in that code. Also fix handling of + a buffer in sm_syslog() which could have been used as an + attack vector to exploit the unsafe handling of + setjmp(3)/longjmp(3) in combination with signals. + Problem detected by Mark Dowd of ISS X-Force. + Handle theoretical integer overflows that could triggered if + the server accepted headers larger than the maximum + (signed) integer value. This is prevented in the default + configuration by restricting the size of a header, and on + most machines memory allocations would fail before reaching + those values. Problems found by Phil Brass of ISS. + If a server returns 421 for an RSET command when trying to start + another transaction in a session while sending mail, do + not trigger an internal consistency check. Problem found + by Allan E Johannesen of Worcester Polytechnic Institute. + If a server returns a 5xy error code (other than 501) in response + to a STARTTLS command despite the fact that it advertised + STARTTLS and that the code is not valid according to RFC + 2487 treat it nevertheless as a permanent failure instead + of a protocol error (which has been changed to a + temporary error in 8.13.5). Problem reported by Jeff + A. Earickson of Colby College. + Clear SMTP state after a HELO/EHLO command. Patch from John + Myers of Proofpoint. + Observe MinQueueAge option when gathering entries from the queue + for sorting etc instead of waiting until the entries are + processed. Patch from Brian Fundakowski Feldman. + Set up TLS session cache to properly handle clients that try to + resume a stored TLS session. + Properly count the number of (direct) child processes such that + a configured value (MaxDaemonChildren) is not exceeded. + Based on patch from Attila Bruncsak. + LIBMILTER: Remove superfluous backslash in macro definition + (libmilter.h). Based on patch from Mike Kupfer of + Sun Microsystems. + LIBMILTER: Don't try to set SO_REUSEADDR on UNIX domain sockets. + This generates an error message from libmilter on + Solaris, though other systems appear to just discard the + request silently. + LIBMILTER: Deal with sigwait(2) implementations that return + -1 and set errno instead of returning an error code + directly. Patch from Chris Adams of HiWAAY Informations + Services. + Portability: + Fix compilation checks for closefrom(3) and statvfs(2) + in NetBSD. Problem noted by S. Moonesamy, patch from + Andrew Brown. + +8.13.5/8.13.5 2005/09/16 + Store the filesystem identifier of the df/ subdirectory (if it + exists) in an internal structure instead of the base + directory. This structure is used decide whether there + is enough free disk space when selecting a queue, hence + without this change queue selection could fail if a df/ + subdirectory exists and is on a different filesystem + than the base directory. + Use the queue index of the df file (instead of the qf file) for + checking whether a link(2) operation can be used to split + an envelope across queue groups. Problem found by + Werner Wiethege. + If the list of items in the queue is larger than the maximum + number of items to process, sort the queue first and + then cut the list off instead of the other way around. + Patch from Matej Vela of Rudjer Boskovic Institute. + Fix helpfile to show full entry for ETRN. Problem noted by + Penelope Fudd, patch from Neil Rickert of Northern Illinois + University. + FallbackSmartHost should also be tried on temporary errors. + From John Beck of Sun Microsystems. + When a server responds with 421 to the STARTTLS command then treat + it as a temporary error, not as protocol error. Problem + noted by Andrey J. Melnikoff. + Properly define two functions in libsm as static because their + prototype used static too. Patch from Peter Klein. + Fix syntax errors in helpfile for MAIL and RCPT commands. + LIBMILTER: When smfi_replacebody() is called with bodylen equals + zero then do not silently ignore that call. Patch from + Gurusamy Sarathy of Active State. + LIBMILTER: Recognize "421" also in a multi-line reply to terminate + the SMTP session with that error. Fix from Brian Kantor. + Portability: New option HASSNPRINTF which can be set if the OS + has a properly working snprintf(3) to get rid + of the last two (safe) sprintf(3) calls in the + source code. + Add support for AIX 5.3. + Add support for SunOS 5.11 (aka Solaris 11). + Add support for Darwin 8.x. Patch from Lyndon Nerenberg. + OpenBSD 3.7 has removed support for NETISO. + CONFIG: Add OSTYPE(freebsd6) for FreeBSD 6.X. + Set DontBlameSendmail to AssumeSafeChown and + GroupWritableDirPathSafe for OSTYPE(darwin). + Patch from Lyndon Nerenberg. + Some features still used 4.7.1 as enhanced status code which + was supposed to be eliminated in 8.13.0 because some + broken systems misinterpret it as a permanent error. + Patch from Matej Vela of Rudjer Boskovic Institute. + Some default values in a generated cf file did not match + the defaults in the sendmail binary. Problem noted + by Mike Pechkin. + New Files: + cf/ostype/freebsd6.m4 + devtools/OS/AIX.5.3 + devtools/OS/Darwin.8.x + devtools/OS/SunOS.5.11 + include/sm/time.h + 8.13.4/8.13.4 2005/03/27 The bug fixes in 8.13.3 for connection handling uncovered a different error which could result in connections that diff --git a/contrib/sendmail/cf/README b/contrib/sendmail/cf/README index 646163b047d6..9d46e8fba674 100644 --- a/contrib/sendmail/cf/README +++ b/contrib/sendmail/cf/README @@ -77,7 +77,7 @@ Let's examine a typical .mc file: divert(-1) # - # Copyright (c) 1998-2004 Sendmail, Inc. and its suppliers. + # Copyright (c) 1998-2005 Sendmail, Inc. and its suppliers. # All rights reserved. # Copyright (c) 1983 Eric P. Allman. All rights reserved. # Copyright (c) 1988, 1993 @@ -492,11 +492,12 @@ QPAGE_MAILER_QGRP [undefined] The queue group for the qpage mailer. LOCAL_PROG_QGRP [undefined] The queue group for the prog mailer. Note: to tweak Name_MAILER_FLAGS use the macro MODIFY_MAILER_FLAGS: -MODIFY_MAILER_FLAGS(`Name', `change') where Name is the first part of -the macro Name_MAILER_FLAGS and change can be: flags that should -be used directly (thus overriding the default value), or if it -starts with `+' (`-') then those flags are added to (removed from) -the default value. Example: +MODIFY_MAILER_FLAGS(`Name', `change') where Name is the first part +of the macro Name_MAILER_FLAGS (note: that means Name is entirely in +upper case) and change can be: flags that should be used directly +(thus overriding the default value), or if it starts with `+' (`-') +then those flags are added to (removed from) the default value. +Example: MODIFY_MAILER_FLAGS(`LOCAL', `+e') @@ -958,7 +959,7 @@ generics_entire_domain virtusertable A domain-specific form of aliasing, allowing multiple virtual domains to be hosted on one machine. For example, - if the virtuser table contained: + if the virtuser table contains: info@foo.com foo-info info@bar.com bar-info @@ -1186,7 +1187,7 @@ accept_unqualified_senders Normally, MAIL FROM: commands in the SMTP session will be refused if the connection is a network connection and the sender address does not include a domain name. If your - setup sends local mail unqualified (i.e., MAIL FROM: <joe>), + setup sends local mail unqualified (i.e., MAIL FROM:<joe>), you will need to use this feature to accept unqualified sender addresses. Setting the DaemonPortOptions modifier 'u' overrides the default behavior, i.e., unqualified @@ -1872,7 +1873,8 @@ sections below). See the file cf/sendmail.schema for the actual LDAP schemas. Note that this schema (and therefore the lookups and examples below) is experimental at this point as it has had little public review. Therefore, it may change -in future versions. Feedback via sendmail@sendmail.org is encouraged. +in future versions. Feedback via sendmail-YYYY@support.sendmail.org is +encouraged (replace YYYY with the current year, e.g., 2005). ------- Aliases @@ -2336,7 +2338,7 @@ without any prior arrangement). Along the same lines, FEATURE(`relay_local_from') will allow relaying if the sender specifies a return path (i.e. -MAIL FROM: <user@domain>) domain which is a local domain. This is a +MAIL FROM:<user@domain>) domain which is a local domain. This is a dangerous feature as it will allow spammers to spam using your mail server by simply specifying a return address of user@your.domain.com. It should not be used unless absolutely necessary. @@ -2357,7 +2359,7 @@ allow relaying for roaming users. If source routing is used in the recipient address (e.g., -RCPT TO: <user%site.com@othersite.com>), sendmail will check +RCPT TO:<user%site.com@othersite.com>), sendmail will check user@site.com for relaying if othersite.com is an allowed relay host in either class {R}, class {m} if FEATURE(`relay_entire_domain') is used, or the access database if FEATURE(`access_db') is used. To prevent @@ -2522,15 +2524,30 @@ The value part of the map can contain: it but causing the default action. ### any text where ### is an RFC 821 compliant error code and "any text" is a message to return for the command. - The string should be quoted to avoid surprises, - e.g., sendmail may remove spaces otherwise. + The entire string should be quoted to avoid + surprises: + + "### any text" + + Otherwise sendmail formats the text as email + addresses, e.g., it may remove spaces. This type is deprecated, use one of the two ERROR: entries below instead. ERROR:### any text as above, but useful to mark error messages as such. + If quotes need to be used to avoid modifications + (see above), they should be placed like this: + + ERROR:"### any text" + ERROR:D.S.N:### any text where D.S.N is an RFC 1893 compliant error code - and the rest as above. + and the rest as above. If quotes need to be used + to avoid modifications, they should be placed + like this: + + ERROR:D.S.N:"### any text" + QUARANTINE:any text Quarantine the message using the given text as the quarantining reason. @@ -2796,9 +2813,9 @@ That may cause problems with simple header checks due to the tokenization. It might be simpler to use a regex map and apply it to $&{currHeader}. 2. There are no default rulesets coming with this distribution of -sendmail. You can either write your own or you can search the -WWW for examples, e.g., http://www.digitalanswers.org/check_local/ -3. When using a default ruleset for headers, the name of the header +sendmail. You can write your own, can search the WWW for examples, +or take a look at cf/cf/knecht.mc. +3. When using a default ruleset for headers, the name of the header currently being checked can be found in the $&{hdr_name} macro. After all of the headers are read, the check_eoh ruleset will be called for @@ -4011,12 +4028,17 @@ confDONT_INIT_GROUPS DontInitGroups [False] If set, the initgroups(3) will only have their primary (/etc/passwd) group permissions. confUNSAFE_GROUP_WRITES UnsafeGroupWrites - [False] If set, group-writable + [True] If set, group-writable :include: and .forward files are considered "unsafe", that is, programs and files cannot be directly referenced from such files. World-writable files are always considered unsafe. + Notice: this option is deprecated and + will be removed in future versions; + Set GroupWritableForwardFileSafe + and GroupWritableIncludeFileSafe in + DontBlameSendmail if required. confCONNECT_ONLY_TO ConnectOnlyTo [undefined] override connection address (for testing). confCONTROL_SOCKET_NAME ControlSocketName @@ -4183,7 +4205,7 @@ confNICE_QUEUE_RUN NiceQueueRun [undefined] If set, the priority of confDIRECT_SUBMISSION_MODIFIERS DirectSubmissionModifiers [undefined] Defines {daemon_flags} for direct submissions. -confUSE_MSP UseMSP [false] Use as mail submission +confUSE_MSP UseMSP [undefined] Use as mail submission program, see sendmail/SECURITY. confDELIVER_BY_MIN DeliverByMin [0] Minimum time for Deliver By SMTP Service Extension (RFC 2852). @@ -4583,4 +4605,4 @@ M4 DIVERSIONS 8 DNS based blacklists 9 special local rulesets (1 and 2) -$Revision: 8.694 $, Last updated $Date: 2005/03/23 21:41:09 $ +$Revision: 8.704 $, Last updated $Date: 2006/02/15 05:49:31 $ diff --git a/contrib/sendmail/cf/cf/Makefile b/contrib/sendmail/cf/cf/Makefile index eb4f56870773..2b0f4b307a32 100644 --- a/contrib/sendmail/cf/cf/Makefile +++ b/contrib/sendmail/cf/cf/Makefile @@ -1,7 +1,7 @@ # # Makefile for configuration files. # -# $Id: Makefile,v 8.59 2004/08/06 03:54:05 gshapiro Exp $ +# $Id: Makefile,v 8.60 2005/06/14 02:16:34 gshapiro Exp $ # # @@ -168,6 +168,7 @@ M4FILES=\ ${CFDIR}/ostype/dynix3.2.m4 \ ${CFDIR}/ostype/freebsd4.m4 \ ${CFDIR}/ostype/freebsd5.m4 \ + ${CFDIR}/ostype/freebsd6.m4 \ ${CFDIR}/ostype/gnu.m4 \ ${CFDIR}/ostype/hpux10.m4 \ ${CFDIR}/ostype/hpux11.m4 \ diff --git a/contrib/sendmail/cf/cf/knecht.mc b/contrib/sendmail/cf/cf/knecht.mc index 98dbef9eea54..597bc5e49617 100644 --- a/contrib/sendmail/cf/cf/knecht.mc +++ b/contrib/sendmail/cf/cf/knecht.mc @@ -1,6 +1,6 @@ divert(-1) # -# Copyright (c) 1998-2001 Sendmail, Inc. and its suppliers. +# Copyright (c) 1998-2001, 2004, 2005 Sendmail, Inc. and its suppliers. # All rights reserved. # Copyright (c) 1983 Eric P. Allman. All rights reserved. # Copyright (c) 1988, 1993 @@ -19,7 +19,7 @@ divert(-1) # divert(0) -VERSIONID(`$Id: knecht.mc,v 8.58 2004/01/28 00:54:41 eric Exp $') +VERSIONID(`$Id: knecht.mc,v 8.61 2005/10/06 05:56:03 ca Exp $') OSTYPE(bsd4.4) DOMAIN(generic) @@ -43,10 +43,11 @@ define(`confCLIENT_KEY', `CERT_DIR/MYkey.pem') define(`CYRUS_MAILER_PATH', `/usr/local/cyrus/bin/deliver') -FEATURE(access_db) -FEATURE(local_lmtp) -FEATURE(virtusertable) -FEATURE(mailertable) +FEATURE(`access_db') +FEATURE(`blacklist_recipients') +FEATURE(`local_lmtp') +FEATURE(`virtusertable') +FEATURE(`mailertable') FEATURE(`nocanonify', `canonify_hosts') CANONIFY_DOMAIN(`sendmail.org') @@ -67,9 +68,16 @@ QUEUE_GROUP(`mqueue', `P=/var/spool/mqueue, R=5, r=15, F=f') dnl # enable spam assassin INPUT_MAIL_FILTER(`spamassassin', `S=local:/var/run/spamass-milter.sock, F=, T=C:15m;S:4m;R:4m;E:10m') -MAILER(local) -MAILER(smtp) -MAILER(cyrus) +dnl # enable some DNSBLs +dnl FEATURE(`dnsbl', `dnsbl.sorbs.net', `"550 Mail from " $`'&{client_addr} " refused - see http://www.dnsbl.sorbs.net/"') +FEATURE(`dnsbl', `sbl-xbl.spamhaus.org', `"550 Mail from " $`'&{client_addr} " refused - see http://www.spamhaus.org/sbl/"') +FEATURE(`dnsbl', `list.dsbl.org', `"550 Mail from " $`'&{client_addr} " refused - see http://dsbl.org/"') +FEATURE(`dnsbl', `bl.spamcop.net', `"450 Mail from " $`'&{client_addr} " refused - see http://spamcop.net/bl.shtml"') + + +MAILER(`local') +MAILER(`smtp') +MAILER(`cyrus') LOCAL_RULE_0 Rcyrus.$+ + $+ < @ $=w . > $#cyrus $@ $2 $: $1 diff --git a/contrib/sendmail/cf/cf/submit.cf b/contrib/sendmail/cf/cf/submit.cf index ca292e56ead0..ca8d1fea63e5 100644 --- a/contrib/sendmail/cf/cf/submit.cf +++ b/contrib/sendmail/cf/cf/submit.cf @@ -16,8 +16,8 @@ ##### ##### SENDMAIL CONFIGURATION FILE ##### -##### built by ca@wiz.smi.sendmail.com on Sun Mar 27 16:38:48 PST 2005 -##### in /extra/home/ca/sm-8.13.4/OpenSource/sendmail-8.13.4/cf/cf +##### built by ca@wiz.smi.sendmail.com on Sun Mar 19 22:37:26 PST 2006 +##### in /extra/home/ca/sm-8.13.6/OpenSource/sendmail-8.13.6/cf/cf ##### using ../ as configuration include directory ##### ###################################################################### @@ -35,7 +35,7 @@ ##### $Id: no_default_msa.m4,v 8.2 2001/02/14 05:03:22 gshapiro Exp $ ##### -##### $Id: proto.m4,v 8.711 2004/08/04 21:29:55 ca Exp $ ##### +##### $Id: proto.m4,v 8.718 2005/08/24 18:07:23 ca Exp $ ##### # level 10 config file format V10/Berkeley @@ -114,7 +114,7 @@ D{MTAHost}[127.0.0.1] # Configuration version number -DZ8.13.4/Submit +DZ8.13.6/Submit ############### @@ -252,7 +252,7 @@ O PrivacyOptions=goaway,noetrn,restrictqrun #O MinQueueAge=30m # how many jobs can you process in the queue? -#O MaxQueueRunSize=10000 +#O MaxQueueRunSize=0 # perform initial split of envelope without checking MX records #O FastSplit=1 @@ -380,13 +380,13 @@ O TimeZoneSpec= #O HostsFile=/etc/hosts # dialup line delay on connection failure -#O DialDelay=10s +#O DialDelay=0s # action to take if there are no recipients in the message -#O NoRecipientAction=add-to-undisclosed +#O NoRecipientAction=none # chrooted environment for writing to files -#O SafeFileEnvironment=/arch +#O SafeFileEnvironment # are colons OK in addresses? #O ColonOkInAddr=True diff --git a/contrib/sendmail/cf/feature/dnsbl.m4 b/contrib/sendmail/cf/feature/dnsbl.m4 index c560586cf460..ea7e160a69c1 100644 --- a/contrib/sendmail/cf/feature/dnsbl.m4 +++ b/contrib/sendmail/cf/feature/dnsbl.m4 @@ -1,6 +1,6 @@ divert(-1) # -# Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. +# Copyright (c) 1998-2002, 2005 Sendmail, Inc. and its suppliers. # All rights reserved. # # By using this file, you agree to the terms and conditions set @@ -12,7 +12,7 @@ divert(-1) ifdef(`DNSBL_MAP', `', `define(`DNSBL_MAP', `dns -R A')') divert(0) ifdef(`_DNSBL_R_',`dnl',`dnl -VERSIONID(`$Id: dnsbl.m4,v 8.29 2002/08/09 21:02:08 ca Exp $') +VERSIONID(`$Id: dnsbl.m4,v 8.30 2005/07/25 20:56:53 ca Exp $') define(`_DNSBL_R_',`') LOCAL_CONFIG # map for DNS based blacklist lookups @@ -28,6 +28,6 @@ R$-.$-.$-.$- $: <?> $(dnsbl $4.$3.$2.$1._DNSBL_SRV_. $: OK $) R<?>OK $: OKSOFAR ifelse(len(X`'_ARG3_),`1', `R<?>$+<TMP> $: TMPOK', -`R<?>$+<TMP> $#error $@ 4.7.1 $: _DNSBL_MSG_TMP_') +`R<?>$+<TMP> $#error $@ 4.4.3 $: _DNSBL_MSG_TMP_') R<?>$+ $#error $@ 5.7.1 $: _DNSBL_MSG_ divert(-1) diff --git a/contrib/sendmail/cf/feature/enhdnsbl.m4 b/contrib/sendmail/cf/feature/enhdnsbl.m4 index c713153b637f..8addd2bbdc61 100644 --- a/contrib/sendmail/cf/feature/enhdnsbl.m4 +++ b/contrib/sendmail/cf/feature/enhdnsbl.m4 @@ -1,6 +1,6 @@ divert(-1) # -# Copyright (c) 2000-2002 Sendmail, Inc. and its suppliers. +# Copyright (c) 2000-2002, 2005 Sendmail, Inc. and its suppliers. # All rights reserved. # # By using this file, you agree to the terms and conditions set @@ -11,7 +11,7 @@ divert(-1) divert(0) ifdef(`_EDNSBL_R_',`dnl',`dnl -VERSIONID(`$Id: enhdnsbl.m4,v 1.9 2002/05/19 21:27:29 gshapiro Exp $') +VERSIONID(`$Id: enhdnsbl.m4,v 1.10 2005/07/25 20:56:53 ca Exp $') LOCAL_CONFIG define(`_EDNSBL_R_',`')dnl # map for enhanced DNS based blacklist lookups @@ -29,7 +29,7 @@ R$-.$-.$-.$- $: <?> $(ednsbl $4.$3.$2.$1._EDNSBL_SRV_. $: OK $) R<?>OK $: OKSOFAR ifelse(len(X`'_ARG3_),`1', `R<?>$+<TMP> $: TMPOK', -`R<?>$+<TMP> $#error $@ 4.7.1 $: _EDNSBL_MSG_TMP_') +`R<?>$+<TMP> $#error $@ 4.4.3 $: _EDNSBL_MSG_TMP_') R<?>_EDNSBL_MATCH_ $#error $@ 5.7.1 $: _EDNSBL_MSG_ ifelse(len(X`'_ARG5_),`1',`dnl', `R<?>_ARG5_ $#error $@ 5.7.1 $: _EDNSBL_MSG_') diff --git a/contrib/sendmail/cf/feature/mtamark.m4 b/contrib/sendmail/cf/feature/mtamark.m4 index ae5f07a24b5a..c306c44e3ed7 100644 --- a/contrib/sendmail/cf/feature/mtamark.m4 +++ b/contrib/sendmail/cf/feature/mtamark.m4 @@ -1,6 +1,6 @@ divert(-1) # -# Copyright (c) 2004 Sendmail, Inc. and its suppliers. +# Copyright (c) 2004, 2005 Sendmail, Inc. and its suppliers. # All rights reserved. # # By using this file, you agree to the terms and conditions set @@ -11,7 +11,7 @@ divert(-1) divert(0) ifdef(`_MTAMARK_R',`dnl',`dnl -VERSIONID(`$Id: mtamark.m4,v 1.1 2004/03/22 19:22:40 ca Exp $') +VERSIONID(`$Id: mtamark.m4,v 1.2 2005/07/25 20:56:53 ca Exp $') LOCAL_CONFIG define(`_MTAMARK_R',`')dnl # map for MTA mark @@ -29,5 +29,5 @@ R<?>1. $: OKSOFAR R<?>0. $#error $@ 5.7.1 $: _MTAMARK_MSG_ ifelse(len(X`'_ARG2_),`1', `R<?>$+<TMP> $: TMPOK', -`R<?>$+<TMP> $#error $@ 4.7.1 $: _MTAMARK_MSG_TMP_') +`R<?>$+<TMP> $#error $@ 4.4.3 $: _MTAMARK_MSG_TMP_') divert(-1) diff --git a/contrib/sendmail/cf/m4/proto.m4 b/contrib/sendmail/cf/m4/proto.m4 index ccad77cec55d..d3db1501335c 100644 --- a/contrib/sendmail/cf/m4/proto.m4 +++ b/contrib/sendmail/cf/m4/proto.m4 @@ -1,6 +1,6 @@ divert(-1) # -# Copyright (c) 1998-2004 Sendmail, Inc. and its suppliers. +# Copyright (c) 1998-2005 Sendmail, Inc. and its suppliers. # All rights reserved. # Copyright (c) 1983, 1995 Eric P. Allman. All rights reserved. # Copyright (c) 1988, 1993 @@ -13,7 +13,7 @@ divert(-1) # divert(0) -VERSIONID(`$Id: proto.m4,v 8.711 2004/08/04 21:29:55 ca Exp $') +VERSIONID(`$Id: proto.m4,v 8.718 2005/08/24 18:07:23 ca Exp $') # level CF_LEVEL config file format V`'CF_LEVEL/ifdef(`VENDOR_NAME', `VENDOR_NAME', `Berkeley') @@ -388,7 +388,7 @@ _OPTION(QueueSortOrder, `confQUEUE_SORT_ORDER', `priority') _OPTION(MinQueueAge, `confMIN_QUEUE_AGE', `30m') # how many jobs can you process in the queue? -_OPTION(MaxQueueRunSize, `confMAX_QUEUE_RUN_SIZE', `10000') +_OPTION(MaxQueueRunSize, `confMAX_QUEUE_RUN_SIZE', `0') # perform initial split of envelope without checking MX records _OPTION(FastSplit, `confFAST_SPLIT', `1') @@ -520,13 +520,13 @@ _OPTION(ServiceSwitchFile, `confSERVICE_SWITCH_FILE', `MAIL_SETTINGS_DIR`'servic _OPTION(HostsFile, `confHOSTS_FILE', `/etc/hosts') # dialup line delay on connection failure -_OPTION(DialDelay, `confDIAL_DELAY', `10s') +_OPTION(DialDelay, `confDIAL_DELAY', `0s') # action to take if there are no recipients in the message -_OPTION(NoRecipientAction, `confNO_RCPT_ACTION', `add-to-undisclosed') +_OPTION(NoRecipientAction, `confNO_RCPT_ACTION', `none') # chrooted environment for writing to files -_OPTION(SafeFileEnvironment, `confSAFE_FILE_ENV', `/arch') +_OPTION(SafeFileEnvironment, `confSAFE_FILE_ENV', `') # are colons OK in addresses? _OPTION(ColonOkInAddr, `confCOLON_OK_IN_ADDR', `True') @@ -2698,6 +2698,11 @@ RSOFTWARE $| <$-:$+> $* $#error $@ $2 $: $1 " TLS handshake failed." dnl no <reply:dns> i.e. not requirements in the access map dnl use default error RSOFTWARE $| $* $#error $@ ifdef(`TLS_PERM_ERR', `5.7.0', `4.7.0') $: "ifdef(`TLS_PERM_ERR', `503', `403') TLS handshake failed." +# deal with TLS protocol errors: abort +RPROTOCOL $| <$-:$+> $* $#error $@ $2 $: $1 " STARTTLS failed." +dnl no <reply:dns> i.e. not requirements in the access map +dnl use default error +RPROTOCOL $| $* $#error $@ ifdef(`TLS_PERM_ERR', `5.7.0', `4.7.0') $: "ifdef(`TLS_PERM_ERR', `503', `403') STARTTLS failed." R$* $| <$*> <VERIFY> $: <$2> <VERIFY> <> $1 dnl separate optional requirements R$* $| <$*> <VERIFY + $+> $: <$2> <VERIFY> <$3> $1 diff --git a/contrib/sendmail/cf/m4/version.m4 b/contrib/sendmail/cf/m4/version.m4 index 0abf7b510cc3..1ee7939205e5 100644 --- a/contrib/sendmail/cf/m4/version.m4 +++ b/contrib/sendmail/cf/m4/version.m4 @@ -1,6 +1,6 @@ divert(-1) # -# Copyright (c) 1998-2005 Sendmail, Inc. and its suppliers. +# Copyright (c) 1998-2006 Sendmail, Inc. and its suppliers. # All rights reserved. # Copyright (c) 1983 Eric P. Allman. All rights reserved. # Copyright (c) 1988, 1993 @@ -11,8 +11,8 @@ divert(-1) # the sendmail distribution. # # -VERSIONID(`$Id: version.m4,v 8.132 2005/03/25 18:44:45 ca Exp $') +VERSIONID(`$Id: version.m4,v 8.147 2006/03/08 19:21:23 ca Exp $') # divert(0) # Configuration version number -DZ8.13.4`'ifdef(`confCF_VERSION', `/confCF_VERSION') +DZ8.13.6`'ifdef(`confCF_VERSION', `/confCF_VERSION') diff --git a/contrib/sendmail/cf/ostype/darwin.m4 b/contrib/sendmail/cf/ostype/darwin.m4 index 09d58480a399..ee5abe703c69 100644 --- a/contrib/sendmail/cf/ostype/darwin.m4 +++ b/contrib/sendmail/cf/ostype/darwin.m4 @@ -10,9 +10,10 @@ divert(-1) # divert(0) -VERSIONID(`$Id: darwin.m4,v 8.3 2002/03/05 01:55:40 ca Exp $') +VERSIONID(`$Id: darwin.m4,v 8.4 2005/06/30 01:16:04 ca Exp $') ifdef(`STATUS_FILE',, `define(`STATUS_FILE', `/var/log/sendmail.st')')dnl dnl turn on S flag for local mailer MODIFY_MAILER_FLAGS(`LOCAL', `+S')dnl ifdef(`LOCAL_MAILER_PATH',, `define(`LOCAL_MAILER_PATH', /usr/libexec/mail.local)')dnl ifdef(`UUCP_MAILER_ARGS',, `define(`UUCP_MAILER_ARGS', `uux - -r -z -a$g $h!rmail ($u)')')dnl +define(`confDONT_BLAME_SENDMAIL', `AssumeSafeChown,GroupWritableDirPathSafe')dnl diff --git a/contrib/sendmail/cf/sendmail.schema b/contrib/sendmail/cf/sendmail.schema index a532f8b33f65..fd8c740f24ca 100644 --- a/contrib/sendmail/cf/sendmail.schema +++ b/contrib/sendmail/cf/sendmail.schema @@ -1,15 +1,16 @@ -# Copyright (c) 2000-2002 Sendmail, Inc. and its suppliers. +# Copyright (c) 2000-2002, 2005 Sendmail, Inc. and its suppliers. # All rights reserved. # # By using this file, you agree to the terms and conditions set # forth in the LICENSE file which can be found at the top level of # the sendmail distribution. # -# $Id: sendmail.schema,v 8.21 2002/11/20 23:13:50 gshapiro Exp $ +# $Id: sendmail.schema,v 8.22 2005/09/16 20:18:14 ca Exp $ # Note that this schema is experimental at this point as it has had little # public review. Therefore, it may change in future versions. Feedback -# via sendmail@sendmail.org is encouraged. +# via sendmail-YYYY@support.sendmail.org is encouraged (replace YYYY with +# the current year, e.g., 2005). # OID arcs for Sendmail # enterprise: 1.3.6.1.4.1 diff --git a/contrib/sendmail/contrib/dnsblaccess.m4 b/contrib/sendmail/contrib/dnsblaccess.m4 index c9a5f7e61ff3..e527e28c236d 100644 --- a/contrib/sendmail/contrib/dnsblaccess.m4 +++ b/contrib/sendmail/contrib/dnsblaccess.m4 @@ -1,6 +1,6 @@ divert(-1) # -# Copyright (c) 2001-2002 Sendmail, Inc. and its suppliers. +# Copyright (c) 2001-2002, 2005 Sendmail, Inc. and its suppliers. # All rights reserved. # # By using this file, you agree to the terms and conditions set @@ -59,7 +59,7 @@ dnl ## address returned does not begin 127, then the mail is dnl ## processed as if the HACK line were not present. divert(0) -VERSIONID(`$Id: dnsblaccess.m4,v 1.5 2002/05/19 21:30:06 gshapiro Exp $') +VERSIONID(`$Id: dnsblaccess.m4,v 1.6 2005/07/25 23:32:05 ca Exp $') ifdef(`_ACCESS_TABLE_', `dnl', `errprint(`*** ERROR: dnsblaccess requires FEATURE(`access_db') ')') @@ -85,7 +85,7 @@ R<?>$* $- .<>$* <$(access _EDNSBL_KEY_`:'$1$2 $@$3 $@`'_EDNSBL_SRV_ $: ? $)> $1 R<?>$* <>$* $:<$(access _EDNSBL_KEY_`:' $@$2 $@`'_EDNSBL_SRV_ $: ? $)> <>$2 ifelse(len(X`'_ARG3_),`1', `R<$*<TMPF>>$* $: TMPOK', -`R<$*<TMPF>>$* $#error $@ 4.7.1 $: _EDNSBL_MSG_TMP_') +`R<$*<TMPF>>$* $#error $@ 4.4.3 $: _EDNSBL_MSG_TMP_') R<$={Accept}>$* $: OKSOFAR R<ERROR:$-.$-.$-:$+> $* $#error $@ $1.$2.$3 $: $4 R<ERROR:$+> $* $#error $: $1 diff --git a/contrib/sendmail/doc/op/Makefile b/contrib/sendmail/doc/op/Makefile index ffa4e76d19d4..7d93e618fb0b 100644 --- a/contrib/sendmail/doc/op/Makefile +++ b/contrib/sendmail/doc/op/Makefile @@ -1,4 +1,4 @@ -# $Id: Makefile,v 8.15 2004/07/20 20:25:10 ca Exp $ +# $Id: Makefile,v 8.16 2006/01/05 22:03:31 ca Exp $ DIR= smm/08.sendmailop SRCS= op.me @@ -22,6 +22,7 @@ all: ${OBJS} op.ps: ${SRCS} rm -f $@ ${PIC} ${SRCS} | ${EQNPS} | ${ROFFPS} > $@ + test -s $@ || ${ROFFPS} -p -e ${SRCS} > $@ op.txt: ${SRCS} rm -f $@ diff --git a/contrib/sendmail/doc/op/op.me b/contrib/sendmail/doc/op/op.me index 72bec041ebf8..3f4f0a58cefb 100644 --- a/contrib/sendmail/doc/op/op.me +++ b/contrib/sendmail/doc/op/op.me @@ -9,7 +9,7 @@ .\" the sendmail distribution. .\" .\" -.\" $Id: op.me,v 8.704 2005/02/01 00:40:57 ca Exp $ +.\" $Id: op.me,v 8.708 2005/11/12 02:08:04 ca Exp $ .\" .\" eqn op.me | pic | troff -me .\" @@ -90,7 +90,7 @@ Sendmail, Inc. .de Ve Version \\$2 .. -.Ve $Revision: 8.704 $ +.Ve $Revision: 8.708 $ .rm Ve .sp For Sendmail Version 8.13 @@ -1475,6 +1475,18 @@ option, so that it may be shared between several invocations of .i sendmail . This allows mail to be queued immediately or skipped during a queue run if there has been a recent failure in connecting to a remote machine. +Note: information about a remote system is stored in a file +whose pathname consists of the components of the hostname in reverse order. +For example, the information for +.b host.example.com +is stored in +.b com./example./host . +For top-level domains like +.b com +this can create a large number of subdirectories +which on some filesystems can exhaust some limits. +Moreover, the performance of lookups in directory with thousands of entries +can be fairly slow depending on the filesystem implementation. .pp Additionally enabling .b SingleThreadDelivery @@ -7282,6 +7294,16 @@ will refuse connections when it has more than .i N children processing incoming mail or automatic queue runs. This does not limit the number of outgoing connections. +If the default +.b DeliveryMode +(background) is used, then +.i sendmail +may create an almost unlimited number of children +(depending on the number of transactions and the +relative execution times of mail receiption and mail delivery). +If the limit should be enforced, then a +.b DeliveryMode +other than background must be used. If not set, there is no limit to the number of children -- that is, the system load averaging controls this. .ip MaxHeadersLength=\fIN\fP @@ -9086,7 +9108,7 @@ For example, .)b is equivalent to .(b --H ldap://server.example.com:389/dc=example,dc=com +-H ldap://server.example.com:389 -b dc=example,dc=com .)b If the LDAP library supports it, the LDAP URI format however can also request LDAP over SSL by using @@ -9095,13 +9117,13 @@ instead of .b ldap:// . For example: .(b -O LDAPDefaultSpec=-H ldaps://ldap.example.com/dc=example,dc=com +O LDAPDefaultSpec=-H ldaps://ldap.example.com -b dc=example,dc=com .)b Similarly, if the LDAP library supports it, It can also be used to specify a UNIX domain socket using .b ldapi:// : .(b -O LDAPDefaultSpec=-H ldapi://socketfile/dc=example,dc=com +O LDAPDefaultSpec=-H ldapi://socketfile -b dc=example,dc=com .)b .ip "\-b\fIbase\fP" LDAP search base. @@ -11317,7 +11339,7 @@ replace it with a blank sheet for double-sided output. .\".sz 10 .\"Eric Allman .\".sp -.\"Version $Revision: 8.704 $ +.\"Version $Revision: 8.708 $ .\".ce 0 .bp 3 .ce diff --git a/contrib/sendmail/include/libmilter/mfdef.h b/contrib/sendmail/include/libmilter/mfdef.h index 3261d4bb2826..5b1ddff4e1c8 100644 --- a/contrib/sendmail/include/libmilter/mfdef.h +++ b/contrib/sendmail/include/libmilter/mfdef.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999-2004 Sendmail, Inc. and its suppliers. + * Copyright (c) 1999-2005 Sendmail, Inc. and its suppliers. * All rights reserved. * * By using this file, you agree to the terms and conditions set @@ -7,7 +7,7 @@ * the sendmail distribution. * * - * $Id: mfdef.h,v 8.21 2004/07/07 21:41:31 ca Exp $ + * $Id: mfdef.h,v 8.22 2005/08/05 21:49:04 ca Exp $ */ /* @@ -61,6 +61,7 @@ # define SMFIR_REPLBODY 'b' /* replace body (chunk) */ # define SMFIR_CONTINUE 'c' /* continue */ # define SMFIR_DISCARD 'd' /* discard */ +# define SMFIR_CONN_FAIL 'f' /* cause a connection failure */ # define SMFIR_CHGHEADER 'm' /* change header */ # define SMFIR_PROGRESS 'p' /* progress */ # define SMFIR_REJECT 'r' /* reject */ @@ -82,13 +83,17 @@ # if _FFR_MILTER_NOHDR_RESP # define SMFIP_NOHREPL 0x00000080L /* No reply for headers */ # endif /* _FFR_MILTER_NOHDR_RESP */ +# define SMFIP_NOUNKNOWN 0x00000100L /* MTA should not send unknown command */ +# define SMFIP_NODATA 0x00000200L /* MTA should not send DATA */ # define SMFI_V1_PROT 0x0000003FL /* The protocol of V1 filter */ # define SMFI_V2_PROT 0x0000007FL /* The protocol of V2 filter */ + +/* Note: the "current" version is now determined dynamically in milter.c */ # if _FFR_MILTER_NOHDR_RESP -# define SMFI_CURR_PROT 0x000000FFL /* The current version */ +# define SMFI_CURR_PROT 0x000000FFL # else /* _FFR_MILTER_NOHDR_RESP */ -# define SMFI_CURR_PROT SMFI_V2_PROT /* The current version */ +# define SMFI_CURR_PROT SMFI_V2_PROT # endif /* _FFR_MILTER_NOHDR_RESP */ #endif /* !_LIBMILTER_MFDEF_H */ diff --git a/contrib/sendmail/include/sm/conf.h b/contrib/sendmail/include/sm/conf.h index 087ccd12fee5..919ff0db8e3d 100644 --- a/contrib/sendmail/include/sm/conf.h +++ b/contrib/sendmail/include/sm/conf.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2005 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2006 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -10,7 +10,7 @@ * the sendmail distribution. * * - * $Id: conf.h,v 1.120 2005/03/22 22:07:53 ca Exp $ + * $Id: conf.h,v 1.128 2006/01/27 18:43:44 ca Exp $ */ /* @@ -406,6 +406,9 @@ typedef int pid_t; # if SOLARIS >= 20500 || (SOLARIS < 10000 && SOLARIS >= 205) # define HASSETREUID 1 /* setreuid works as of 2.5 */ # define HASSETREGID 1 /* use setregid(2) to set saved gid */ +# if SOLARIS >= 20600 || (SOLARIS < 10000 && SOLARIS >= 206) +# define HASSNPRINTF 1 /* has snprintf(3c) starting in 2.6 */ +# endif /* SOLARIS >= 20600 || (SOLARIS < 10000 && SOLARIS >= 206) */ # if SOLARIS < 207 || (SOLARIS > 10000 && SOLARIS < 20700) # ifndef LA_TYPE # define LA_TYPE LA_KSTAT /* use kstat(3k) -- may work in < 2.5 */ @@ -734,8 +737,8 @@ typedef int pid_t; # define HASFLOCK 1 /* has flock(2) */ # define HASUNAME 1 /* has uname(2) */ # define HASUNSETENV 1 /* has unsetenv(3) */ -# define HASSETSID 1 /* has POSIX setsid(2) call */ -# define HASINITGROUPS 1 /* has initgroups(3) */ +# define HASSETSID 1 /* has POSIX setsid(2) call */ +# define HASINITGROUPS 1 /* has initgroups(3) */ # define HASSETVBUF 1 /* has setvbuf (3) */ # define HASSETREUID 0 /* setreuid(2) unusable */ # define HASSETEUID 1 /* has seteuid(2) */ @@ -748,13 +751,22 @@ typedef int pid_t; # define HASWAITPID 1 /* has waitpid(2) */ # define HASGETDTABLESIZE 1 /* has getdtablesize(2) */ # define HAS_ST_GEN 1 /* has st_gen field in struct stat */ -# define HASURANDOMDEV 1 /* has urandom(4) */ +# define HASURANDOMDEV 1 /* has urandom(4) */ # define HASSTRERROR 1 /* has strerror(3) */ # define HASGETUSERSHELL 1 /* had getusershell(3) */ # define GIDSET_T gid_t /* getgroups(2) takes gid_t */ # define LA_TYPE LA_SUBR /* use getloadavg(3) */ # define SFS_TYPE SFS_MOUNT /* use <sys/mount.h> statfs() impl */ -# define SPT_TYPE SPT_PSSTRINGS /* use magic PS_STRINGS pointer for setproctitle */ +# if DARWIN >= 70000 +# define SOCKADDR_LEN_T socklen_t +# endif +# if DARWIN >= 80000 +# define SPT_TYPE SPT_REUSEARGV +# define SPT_PADCHAR '\0' +# define SOCKOPT_LEN_T socklen_t +# else +# define SPT_TYPE SPT_PSSTRINGS /* use magic PS_STRINGS pointer for setproctitle */ +# endif # define ERRLIST_PREDEFINED /* don't declare sys_errlist */ # define BSD4_4_SOCKADDR /* struct sockaddr has sa_len */ # define SAFENFSPATHCONF 0 /* unverified: pathconf(2) doesn't work on NFS */ @@ -773,7 +785,7 @@ extern unsigned int sleepX __P((unsigned int seconds)); ** See also BSD defines. */ -# if defined(BSD4_4) && !defined(__bsdi__) && !defined(__GNU__) +# if defined(BSD4_4) && !defined(__bsdi__) && !defined(__GNU__) && !defined(DARWIN) # include <paths.h> # define HASUNSETENV 1 /* has unsetenv(3) call */ # define USESETEUID 1 /* has usable seteuid(2) call */ @@ -791,7 +803,7 @@ extern unsigned int sleepX __P((unsigned int seconds)); # endif /* ! LA_TYPE */ # define SFS_TYPE SFS_MOUNT /* use <sys/mount.h> statfs() impl */ # define SPT_TYPE SPT_PSSTRINGS /* use PS_STRINGS pointer */ -# endif /* defined(BSD4_4) && !defined(__bsdi__) && !defined(__GNU__) */ +# endif /* defined(BSD4_4) && !defined(__bsdi__) && !defined(__GNU__) && !defined(DARWIN)*/ /* @@ -899,11 +911,14 @@ extern unsigned int sleepX __P((unsigned int seconds)); # define NETLINK 1 /* supports AF_LINK */ # define SAFENFSPATHCONF 1 /* pathconf(2) pessimizes on NFS filesystems */ # define GIDSET_T gid_t -# define QUAD_T unsigned long long +# define QUAD_T unsigned long long +# define HASSNPRINTF 1 /* has snprintf(3) (all versions?) */ # ifndef LA_TYPE # define LA_TYPE LA_SUBR # endif /* ! LA_TYPE */ -# if defined(__NetBSD__) && defined(__NetBSD_Version__) && __NetBSD_Version__ >= 200040000 +# if defined(__NetBSD__) && defined(__NetBSD_Version__) && \ + ((__NetBSD_Version__ >= 200040000 && __NetBSD_Version__ < 200090000) || \ + (__NetBSD_Version__ >= 299000900)) # undef SFS_TYPE # define SFS_TYPE SFS_STATVFS # else @@ -919,7 +934,9 @@ extern unsigned int sleepX __P((unsigned int seconds)); # if defined(__NetBSD__) && defined(__NetBSD_Version__) && __NetBSD_Version__ >= 104170000 # define HASSETUSERCONTEXT 1 /* BSDI-style login classes */ # endif -# if defined(__NetBSD__) && defined(__NetBSD_Version__) && __NetBSD_Version__ >= 200060000 +# if defined(__NetBSD__) && defined(__NetBSD_Version__) && \ + ((__NetBSD_Version__ >= 200060000 && __NetBSD_Version__ < 200090000) || \ + (__NetBSD_Version__ >= 299000900)) # define HASCLOSEFROM 1 /* closefrom(3) added in 2.0F */ # endif # if defined(__NetBSD__) @@ -994,6 +1011,9 @@ extern unsigned int sleepX __P((unsigned int seconds)); # if OpenBSD >= 200405 # define HASCLOSEFROM 1 /* closefrom(3) added in 3.5 */ # endif /* OpenBSD >= 200405 */ +# if OpenBSD >= 200505 +# undef NETISO /* iso.h removed in 3.7 */ +# endif /* OpenBSD >= 200505 */ # endif /* defined(__OpenBSD__) */ # endif /* defined(__DragonFly__) || defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__) */ diff --git a/contrib/sendmail/include/sm/ldap.h b/contrib/sendmail/include/sm/ldap.h index 8df8fe14b846..7db8355be8b7 100644 --- a/contrib/sendmail/include/sm/ldap.h +++ b/contrib/sendmail/include/sm/ldap.h @@ -1,12 +1,12 @@ /* - * Copyright (c) 2001-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 2001-2003, 2005 Sendmail, Inc. and its suppliers. * All rights reserved. * * By using this file, you agree to the terms and conditions set * forth in the LICENSE file which can be found at the top level of * the sendmail distribution. * - * $Id: ldap.h,v 1.27 2003/12/20 09:23:47 gshapiro Exp $ + * $Id: ldap.h,v 1.28 2005/06/23 23:11:21 ca Exp $ */ #ifndef SM_LDAP_H @@ -44,6 +44,7 @@ # define SM_LDAP_SINGLEMATCH 0x0001 # define SM_LDAP_MATCHONLY 0x0002 # define SM_LDAP_USE_ALLATTR 0x0004 +# define SM_LDAP_SINGLEDN 0x0008 struct sm_ldap_struct { diff --git a/contrib/sendmail/include/sm/time.h b/contrib/sendmail/include/sm/time.h new file mode 100644 index 000000000000..310847c6cb43 --- /dev/null +++ b/contrib/sendmail/include/sm/time.h @@ -0,0 +1,56 @@ +/* + * Copyright (c) 2005 Sendmail, Inc. and its suppliers. + * All rights reserved. + * + * By using this file, you agree to the terms and conditions set + * forth in the LICENSE file which can be found at the top level of + * the sendmail distribution. + * + * $Id: time.h,v 1.1 2005/06/14 23:07:19 ca Exp $ + */ + +#ifndef SM_TIME_H +# define SM_TIME_H 1 + +# include <sm/config.h> + +# include <sys/time.h> + +/* should be defined in sys/time.h */ +#ifndef timersub +# define timersub(tvp, uvp, vvp) \ + do \ + { \ + (vvp)->tv_sec = (tvp)->tv_sec - (uvp)->tv_sec; \ + (vvp)->tv_usec = (tvp)->tv_usec - (uvp)->tv_usec; \ + if ((vvp)->tv_usec < 0) \ + { \ + (vvp)->tv_sec--; \ + (vvp)->tv_usec += 1000000; \ + } \ + } while (0) +#endif /* !timersub */ + +#ifndef timeradd +# define timeradd(tvp, uvp, vvp) \ + do \ + { \ + (vvp)->tv_sec = (tvp)->tv_sec + (uvp)->tv_sec; \ + (vvp)->tv_usec = (tvp)->tv_usec + (uvp)->tv_usec; \ + if ((vvp)->tv_usec >= 1000000) \ + { \ + (vvp)->tv_sec++; \ + (vvp)->tv_usec -= 1000000; \ + } \ + } while (0) +#endif /* !timeradd */ + +#ifndef timercmp +# define timercmp(tvp, uvp, cmp) \ + (((tvp)->tv_sec == (uvp)->tv_sec) ? \ + ((tvp)->tv_usec cmp (uvp)->tv_usec) : \ + ((tvp)->tv_sec cmp (uvp)->tv_sec)) +#endif /* !timercmp */ + + +#endif /* ! SM_TIME_H */ diff --git a/contrib/sendmail/libmilter/README b/contrib/sendmail/libmilter/README index ec1f84b7eb04..1aadc4f4e2c9 100644 --- a/contrib/sendmail/libmilter/README +++ b/contrib/sendmail/libmilter/README @@ -12,6 +12,9 @@ issuing the './Build' command in SRCDIR/libmilter . Starting with 8.13 sendmail is compiled by default with support for the milter API. +Note: if you want to write a milter in Java, then see +http://sendmail-jilter.sourceforge.net/ + +----------------+ | SECURITY HINTS | +----------------+ @@ -466,4 +469,4 @@ main(argc, argv) /* eof */ -$Revision: 8.40 $, Last updated $Date: 2003/12/11 18:14:34 $ +$Revision: 8.41 $, Last updated $Date: 2005/04/27 22:47:42 $ diff --git a/contrib/sendmail/libmilter/docs/smfi_stop.html b/contrib/sendmail/libmilter/docs/smfi_stop.html index bf934231c99e..05e17be4e6ac 100644 --- a/contrib/sendmail/libmilter/docs/smfi_stop.html +++ b/contrib/sendmail/libmilter/docs/smfi_stop.html @@ -2,7 +2,7 @@ <head><title>smfi_stop</title></head> <body> <!-- -$Id: smfi_stop.html,v 1.2 2003/11/24 23:38:26 ca Exp $ +$Id: smfi_stop.html,v 1.3 2005/10/27 06:08:57 ca Exp $ --> <h1>smfi_stop</h1> @@ -13,8 +13,8 @@ $Id: smfi_stop.html,v 1.2 2003/11/24 23:38:26 ca Exp $ #include <libmilter/mfapi.h> int smfi_stop(void); </pre> -Start an orderly shutdown of the milter. No connections will be accepted -after this call. +Shutdown the milter. +No connections will be accepted after this call. </td></tr> <!----------- Description ----------> @@ -27,10 +27,11 @@ or any error-handling routines at any time.</td> </tr> <tr align="left" valign=top> <th width="80">Effects</th> -<td>The smfi_stop routine -causes each thread to finish its current connection, then exit. -When all threads have exited, the call -to <a href="smfi_main.html">smfi_main</a> returns to your calling program, +<td>The smfi_stop routine prevents that new connections +will be accepted, +however, it does not wait for existing connections (threads) to terminate. +It will cause +<a href="smfi_main.html">smfi_main</a> to return to the calling program, which may then exit or warm-restart. </td> </tr> @@ -63,7 +64,7 @@ which may then exit or warm-restart. <hr size="1"> <font size="-1"> -Copyright (c) 2003 Sendmail, Inc. and its suppliers. +Copyright (c) 2003, 2005 Sendmail, Inc. and its suppliers. All rights reserved. <br> By using this file, you agree to the terms and conditions set diff --git a/contrib/sendmail/libmilter/docs/xxfi_helo.html b/contrib/sendmail/libmilter/docs/xxfi_helo.html index dc7bbf33ca5f..e31585a4edc3 100644 --- a/contrib/sendmail/libmilter/docs/xxfi_helo.html +++ b/contrib/sendmail/libmilter/docs/xxfi_helo.html @@ -2,7 +2,7 @@ <head><title>xxfi_helo</title></head> <body> <!-- -$Id: xxfi_helo.html,v 1.8 2003/03/05 19:57:55 ca Exp $ +$Id: xxfi_helo.html,v 1.9 2005/08/30 23:41:45 ca Exp $ --> <h1>xxfi_helo</h1> @@ -24,8 +24,10 @@ Handle the HELO/EHLO command. <table border="1" cellspacing=1 cellpadding=4> <tr align="left" valign=top> <th width="80">Called When</th> <td>xxfi_helo is called whenever the client -sends a HELO/EHLO command. It may therefore be called between zero and -three times</td> +sends a HELO/EHLO command. +It may therefore be called several times or even not at all; +some restrictions can be imposed by the MTA configuration. +</td> </tr> <tr align="left" valign=top> <th>Default Behavior</th> @@ -52,7 +54,7 @@ three times</td> <hr size="1"> <font size="-1"> -Copyright (c) 2000, 2003 Sendmail, Inc. and its suppliers. +Copyright (c) 2000, 2003, 2005 Sendmail, Inc. and its suppliers. All rights reserved. <br> By using this file, you agree to the terms and conditions set diff --git a/contrib/sendmail/libmilter/libmilter.h b/contrib/sendmail/libmilter/libmilter.h index 65b0a47d9abe..9cebdc22942f 100644 --- a/contrib/sendmail/libmilter/libmilter.h +++ b/contrib/sendmail/libmilter/libmilter.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999-2003 Sendmail, Inc. and its suppliers. + * Copyright (c) 1999-2003, 2006 Sendmail, Inc. and its suppliers. * All rights reserved. * * By using this file, you agree to the terms and conditions set @@ -19,7 +19,7 @@ #ifdef _DEFINE # define EXTERN # define INIT(x) = x -SM_IDSTR(MilterlId, "@(#)$Id: libmilter.h,v 8.50 2003/12/11 18:14:34 ca Exp $") +SM_IDSTR(MilterlId, "@(#)$Id: libmilter.h,v 8.51 2006/01/04 02:24:37 ca Exp $") #else /* _DEFINE */ # define EXTERN extern # define INIT(x) @@ -102,7 +102,7 @@ typedef pthread_mutex_t smutex_t; # define FD_WR_INIT(sd, wrs) \ FD_ZERO(&(wrs)); \ - FD_SET((unsigned int) (sd), &(wrs)); \ + FD_SET((unsigned int) (sd), &(wrs)) # define FD_IS_RD_EXC(sd, rds, excs) FD_ISSET(sd, &(excs)) # define FD_IS_WR_RDY(sd, wrs) FD_ISSET((sd), &(wrs)) diff --git a/contrib/sendmail/libmilter/listener.c b/contrib/sendmail/libmilter/listener.c index adecc5a1134a..4429edfbfbda 100644 --- a/contrib/sendmail/libmilter/listener.c +++ b/contrib/sendmail/libmilter/listener.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999-2004 Sendmail, Inc. and its suppliers. + * Copyright (c) 1999-2006 Sendmail, Inc. and its suppliers. * All rights reserved. * * By using this file, you agree to the terms and conditions set @@ -9,7 +9,7 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Id: listener.c,v 8.111 2004/09/20 21:11:15 msk Exp $") +SM_RCSID("@(#)$Id: listener.c,v 8.115 2006/01/24 00:48:39 ca Exp $") /* ** listener.c -- threaded network listener @@ -458,11 +458,15 @@ mi_milteropen(conn, backlog, rmsocket, name) return INVALID_SOCKET; } - if (setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void *) &sockopt, + if ( +#if NETUNIX + addr.sa.sa_family != AF_UNIX && +#endif /* NETUNIX */ + setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void *) &sockopt, sizeof(sockopt)) == -1) { smi_log(SMI_LOG_ERR, - "%s: Unable to setsockopt: %s", name, + "%s: set reuseaddr failed (%s)", name, sm_errstring(errno)); (void) closesocket(sock); return INVALID_SOCKET; @@ -565,9 +569,6 @@ mi_thread_handle_wrapper(arg) /* ** MI_CLOSENER -- close listen socket ** -** NOTE: It is assumed that this function is called from a -** function that has a mutex lock (currently mi_stop_milters()). -** ** Parameters: ** none. ** @@ -872,7 +873,8 @@ mi_listener(conn, dbg, smfi, timeout, backlog) if (setsockopt(connfd, SOL_SOCKET, SO_KEEPALIVE, (void *) &sockopt, sizeof sockopt) < 0) { - smi_log(SMI_LOG_WARN, "%s: setsockopt() failed (%s)", + smi_log(SMI_LOG_WARN, + "%s: set keepalive failed (%s)", smfi->xxfi_name, sm_errstring(errno)); /* XXX: continue? */ } diff --git a/contrib/sendmail/libmilter/signal.c b/contrib/sendmail/libmilter/signal.c index d55ab57e9b56..ad684692ea63 100644 --- a/contrib/sendmail/libmilter/signal.c +++ b/contrib/sendmail/libmilter/signal.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999-2004 Sendmail, Inc. and its suppliers. + * Copyright (c) 1999-2004, 2006 Sendmail, Inc. and its suppliers. * All rights reserved. * * By using this file, you agree to the terms and conditions set @@ -9,7 +9,7 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Id: signal.c,v 8.42 2004/08/20 21:10:30 ca Exp $") +SM_RCSID("@(#)$Id: signal.c,v 8.44 2006/03/03 03:42:04 ca Exp $") #include "libmilter.h" @@ -90,7 +90,7 @@ static void * mi_signal_thread(name) void *name; { - int sig, errs; + int sig, errs, sigerr; sigset_t set; (void) sigemptyset(&set); @@ -103,19 +103,23 @@ mi_signal_thread(name) for (;;) { - sig = 0; + sigerr = sig = 0; #if defined(SOLARIS) || defined(__svr5__) if ((sig = sigwait(&set)) < 0) #else /* defined(SOLARIS) || defined(__svr5__) */ - if (sigwait(&set, &sig) != 0) + if ((sigerr = sigwait(&set, &sig)) != 0) #endif /* defined(SOLARIS) || defined(__svr5__) */ { + /* some OS return -1 and set errno: copy it */ + if (sigerr <= 0) + sigerr = errno; + /* this can happen on OSF/1 (at least) */ - if (errno == EINTR) + if (sigerr == EINTR) continue; smi_log(SMI_LOG_ERR, "%s: sigwait returned error: %d", - (char *)name, errno); + (char *)name, sigerr); if (++errs > MAX_FAILS_T) { mi_stop_milters(MILTER_ABRT); diff --git a/contrib/sendmail/libmilter/smfi.c b/contrib/sendmail/libmilter/smfi.c index d5f54c920639..63bf1743df95 100644 --- a/contrib/sendmail/libmilter/smfi.c +++ b/contrib/sendmail/libmilter/smfi.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999-2004 Sendmail, Inc. and its suppliers. + * Copyright (c) 1999-2005 Sendmail, Inc. and its suppliers. * All rights reserved. * * By using this file, you agree to the terms and conditions set @@ -9,7 +9,7 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Id: smfi.c,v 8.73 2004/09/20 21:26:57 ca Exp $") +SM_RCSID("@(#)$Id: smfi.c,v 8.74 2005/03/30 00:44:07 ca Exp $") #include <sm/varargs.h> #include "libmilter.h" @@ -242,7 +242,7 @@ smfi_replacebody(ctx, bodyp, bodylen) /* split body chunk if necessary */ off = 0; - while (bodylen > 0) + do { len = (bodylen >= MILTER_CHUNK_SIZE) ? MILTER_CHUNK_SIZE : bodylen; @@ -251,7 +251,7 @@ smfi_replacebody(ctx, bodyp, bodylen) return r; off += len; bodylen -= len; - } + } while (bodylen > 0); return MI_SUCCESS; } diff --git a/contrib/sendmail/libsm/Makefile.m4 b/contrib/sendmail/libsm/Makefile.m4 index a77afeae26af..1bd3cab01a01 100644 --- a/contrib/sendmail/libsm/Makefile.m4 +++ b/contrib/sendmail/libsm/Makefile.m4 @@ -1,11 +1,11 @@ -dnl $Id: Makefile.m4,v 1.68 2005/02/17 23:34:25 ca Exp $ +dnl $Id: Makefile.m4,v 1.70 2005/12/22 18:31:11 ca Exp $ define(`confREQUIRE_LIBUNIX') include(confBUILDTOOLSDIR`/M4/switch.m4') define(`confREQUIRE_LIBSM', `true') PREPENDDEF(`confENVDEF', `confMAPDEF') bldPRODUCT_START(`library', `libsm') -define(`bldSOURCES', ` assert.c debug.c errstring.c exc.c heap.c match.c rpool.c strdup.c strerror.c strl.c clrerr.c fclose.c feof.c ferror.c fflush.c fget.c fpos.c findfp.c flags.c fopen.c fprintf.c fpurge.c fput.c fread.c fscanf.c fseek.c fvwrite.c fwalk.c fwrite.c get.c makebuf.c put.c refill.c rewind.c setvbuf.c smstdio.c snprintf.c sscanf.c stdio.c strio.c ungetc.c vasprintf.c vfprintf.c vfscanf.c vprintf.c vsnprintf.c wbuf.c wsetup.c string.c stringf.c xtrap.c strto.c test.c path.c strcasecmp.c strrevcmp.c signal.c clock.c config.c shm.c sem.c mbdb.c strexit.c cf.c ldap.c niprop.c mpeix.c ') +define(`bldSOURCES', ` assert.c debug.c errstring.c exc.c heap.c match.c rpool.c strdup.c strerror.c strl.c clrerr.c fclose.c feof.c ferror.c fflush.c fget.c fpos.c findfp.c flags.c fopen.c fprintf.c fpurge.c fput.c fread.c fscanf.c fseek.c fvwrite.c fwalk.c fwrite.c get.c makebuf.c put.c refill.c rewind.c setvbuf.c smstdio.c snprintf.c sscanf.c stdio.c strio.c ungetc.c vasprintf.c vfprintf.c vfscanf.c vprintf.c vsnprintf.c wbuf.c wsetup.c string.c stringf.c xtrap.c strto.c test.c path.c strcasecmp.c strrevcmp.c signal.c clock.c config.c shm.c sem.c mbdb.c strexit.c cf.c ldap.c niprop.c mpeix.c memstat.c ') bldPRODUCT_END dnl msg.c dnl syslogio.c @@ -33,5 +33,6 @@ smtest(`t-cf') smtest(`b-strcmp') dnl SM_CONF_STRL cannot be turned off dnl smtest(`b-strl') +smtest(`t-memstat') bldFINISH diff --git a/contrib/sendmail/libsm/b-strcmp.c b/contrib/sendmail/libsm/b-strcmp.c index e6d0bb094288..c7dcb88b3a62 100644 --- a/contrib/sendmail/libsm/b-strcmp.c +++ b/contrib/sendmail/libsm/b-strcmp.c @@ -8,12 +8,12 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Id: b-strcmp.c,v 1.13 2004/08/03 20:07:59 ca Exp $") +SM_RCSID("@(#)$Id: b-strcmp.c,v 1.14 2005/06/14 23:07:20 ca Exp $") #include <stdio.h> #include <stdlib.h> #include <unistd.h> #include <sys/types.h> -#include <sys/time.h> +#include <sm/time.h> #include <sm/string.h> #define toseconds(x, y) (x.tv_sec - y.tv_sec) diff --git a/contrib/sendmail/libsm/b-strl.c b/contrib/sendmail/libsm/b-strl.c index a6961542201e..e0bc24e74380 100644 --- a/contrib/sendmail/libsm/b-strl.c +++ b/contrib/sendmail/libsm/b-strl.c @@ -19,12 +19,12 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Id: b-strl.c,v 1.24 2001/09/11 04:04:47 gshapiro Exp $") +SM_RCSID("@(#)$Id: b-strl.c,v 1.25 2005/06/14 23:07:20 ca Exp $") #include <stdio.h> #include <stdlib.h> #include <unistd.h> #include <sys/types.h> -#include <sys/time.h> +#include <sm/time.h> #include <sm/string.h> #define SRC_SIZE 512 diff --git a/contrib/sendmail/libsm/clock.c b/contrib/sendmail/libsm/clock.c index c09b2d188884..1bdb4fd01786 100644 --- a/contrib/sendmail/libsm/clock.c +++ b/contrib/sendmail/libsm/clock.c @@ -12,12 +12,12 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Id: clock.c,v 1.46 2004/08/03 19:57:22 ca Exp $") +SM_RCSID("@(#)$Id: clock.c,v 1.47 2005/06/14 23:07:20 ca Exp $") #include <unistd.h> #include <time.h> #include <errno.h> #if SM_CONF_SETITIMER -# include <sys/time.h> +# include <sm/time.h> #endif /* SM_CONF_SETITIMER */ #include <sm/heap.h> #include <sm/debug.h> diff --git a/contrib/sendmail/libsm/fclose.c b/contrib/sendmail/libsm/fclose.c index 1a469fbd4a95..82a7de4689e8 100644 --- a/contrib/sendmail/libsm/fclose.c +++ b/contrib/sendmail/libsm/fclose.c @@ -13,10 +13,10 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Id: fclose.c,v 1.43 2004/08/03 20:17:38 ca Exp $") +SM_RCSID("@(#)$Id: fclose.c,v 1.44 2005/06/14 23:07:20 ca Exp $") #include <errno.h> #include <stdlib.h> -#include <sys/time.h> +#include <sm/time.h> #include <setjmp.h> #include <sm/io.h> #include <sm/assert.h> diff --git a/contrib/sendmail/libsm/fflush.c b/contrib/sendmail/libsm/fflush.c index 83b318e25990..19159e290480 100644 --- a/contrib/sendmail/libsm/fflush.c +++ b/contrib/sendmail/libsm/fflush.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000-2001 Sendmail, Inc. and its suppliers. + * Copyright (c) 2000-2001, 2005, 2006 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1990, 1993 * The Regents of the University of California. All rights reserved. @@ -13,10 +13,10 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Id: fflush.c,v 1.43 2001/09/11 04:04:48 gshapiro Exp $") +SM_RCSID("@(#)$Id: fflush.c,v 1.45 2006/03/03 22:25:00 ca Exp $") #include <unistd.h> #include <errno.h> -#include <sys/time.h> +#include <sm/time.h> #include <signal.h> #include <fcntl.h> #include <string.h> @@ -145,6 +145,7 @@ sm_flush(fp, timeout) return SM_IO_EOF; } SM_IO_WR_TIMEOUT(fp, fd, *timeout); + t = 0; } } return 0; diff --git a/contrib/sendmail/libsm/fopen.c b/contrib/sendmail/libsm/fopen.c index 1737998a6c01..f15a15d75e9a 100644 --- a/contrib/sendmail/libsm/fopen.c +++ b/contrib/sendmail/libsm/fopen.c @@ -13,10 +13,10 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Id: fopen.c,v 1.61 2004/08/03 20:17:38 ca Exp $") +SM_RCSID("@(#)$Id: fopen.c,v 1.62 2005/06/14 23:07:20 ca Exp $") #include <errno.h> #include <setjmp.h> -#include <sys/time.h> +#include <sm/time.h> #include <sm/heap.h> #include <sm/signal.h> #include <sm/assert.h> diff --git a/contrib/sendmail/libsm/fpos.c b/contrib/sendmail/libsm/fpos.c index f75496ae5c91..4fe22bf3d032 100644 --- a/contrib/sendmail/libsm/fpos.c +++ b/contrib/sendmail/libsm/fpos.c @@ -13,10 +13,10 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Id: fpos.c,v 1.38 2004/08/03 20:17:38 ca Exp $") +SM_RCSID("@(#)$Id: fpos.c,v 1.39 2005/06/14 23:07:20 ca Exp $") #include <errno.h> #include <setjmp.h> -#include <sys/time.h> +#include <sm/time.h> #include <sm/heap.h> #include <sm/signal.h> #include <sm/clock.h> diff --git a/contrib/sendmail/libsm/fseek.c b/contrib/sendmail/libsm/fseek.c index e85d41ae9278..4b3fe10367cb 100644 --- a/contrib/sendmail/libsm/fseek.c +++ b/contrib/sendmail/libsm/fseek.c @@ -13,14 +13,14 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Id: fseek.c,v 1.46 2004/08/03 20:17:38 ca Exp $") +SM_RCSID("@(#)$Id: fseek.c,v 1.47 2005/06/14 23:07:20 ca Exp $") #include <sys/types.h> #include <sys/stat.h> #include <fcntl.h> #include <stdlib.h> #include <errno.h> #include <setjmp.h> -#include <sys/time.h> +#include <sm/time.h> #include <sm/signal.h> #include <sm/io.h> #include <sm/assert.h> diff --git a/contrib/sendmail/libsm/ldap.c b/contrib/sendmail/libsm/ldap.c index 3af7ffab01cd..76e91b33bf46 100644 --- a/contrib/sendmail/libsm/ldap.c +++ b/contrib/sendmail/libsm/ldap.c @@ -8,7 +8,7 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Id: ldap.c,v 1.62 2005/02/24 00:30:01 ca Exp $") +SM_RCSID("@(#)$Id: ldap.c,v 1.67 2005/12/14 00:08:03 ca Exp $") #if LDAPMAP # include <sys/types.h> @@ -47,6 +47,18 @@ static SM_LDAP_RECURSE_ENTRY *sm_ldap_add_recurse __P((SM_LDAP_RECURSE_LIST **, ** */ +#if _FFR_LDAP_VERSION +# if defined(LDAP_VERSION_MAX) && _FFR_LDAP_VERSION > LDAP_VERSION_MAX + ERROR FFR_LDAP_VERSION > _LDAP_VERSION_MAX +# endif /* defined(LDAP_VERSION_MAX) && _FFR_LDAP_VERSION > LDAP_VERSION_MAX */ +# if defined(LDAP_VERSION_MIN) && _FFR_LDAP_VERSION < LDAP_VERSION_MIN + ERROR FFR_LDAP_VERSION < _LDAP_VERSION_MIN +# endif /* defined(LDAP_VERSION_MIN) && _FFR_LDAP_VERSION < LDAP_VERSION_MIN */ +# define SM_LDAP_VERSION_DEFAULT _FFR_LDAP_VERSION +#else /* _FFR_LDAP_VERSION */ +# define SM_LDAP_VERSION_DEFAULT 0 +#endif /* _FFR_LDAP_VERSION */ + void sm_ldap_clear(lmap) SM_LDAP_STRUCT *lmap; @@ -57,7 +69,7 @@ sm_ldap_clear(lmap) lmap->ldap_host = NULL; lmap->ldap_port = LDAP_PORT; lmap->ldap_uri = NULL; - lmap->ldap_version = 0; + lmap->ldap_version = SM_LDAP_VERSION_DEFAULT; lmap->ldap_deref = LDAP_DEREF_NEVER; lmap->ldap_timelimit = LDAP_NO_LIMIT; lmap->ldap_sizelimit = LDAP_NO_LIMIT; @@ -615,6 +627,16 @@ sm_ldap_results(lmap, msgid, flags, delim, rpool, result, continue; } +#if _FFR_LDAP_SINGLEDN + if (bitset(SM_LDAP_SINGLEDN, flags) && *result != NULL) + { + /* only wanted one match */ + SM_LDAP_ERROR_CLEANUP(); + errno = ENOENT; + return EX_NOTFOUND; + } +#endif /* _FFR_LDAP_SINGLEDN */ + /* record completed DN's to prevent loops */ dn = ldap_get_dn(lmap->ldap_ld, entry); if (dn == NULL) diff --git a/contrib/sendmail/libsm/local.h b/contrib/sendmail/libsm/local.h index 6d64195d515e..7c7798eee662 100644 --- a/contrib/sendmail/libsm/local.h +++ b/contrib/sendmail/libsm/local.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000-2002, 2004 Sendmail, Inc. and its suppliers. + * Copyright (c) 2000-2002, 2004-2006 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1990, 1993 * The Regents of the University of California. All rights reserved. @@ -11,7 +11,7 @@ * forth in the LICENSE file which can be found at the top level of * the sendmail distribution. * - * $Id: local.h,v 1.53 2004/01/09 18:34:22 ca Exp $ + * $Id: local.h,v 1.57 2006/02/28 18:48:25 ca Exp $ */ /* @@ -19,7 +19,7 @@ ** in particular, macros and private variables. */ -#include <sys/time.h> +#include <sm/time.h> #if !SM_CONF_MEMCHR # include <memory.h> #endif /* !SM_CONF_MEMCHR */ @@ -75,42 +75,6 @@ int sm_syslogopen __P((SM_FILE_T *, const void *, int, const void *)); int sm_syslogsetinfo __P((SM_FILE_T *, int , void *)); int sm_sysloggetinfo __P((SM_FILE_T *, int , void *)); -/* should be defined in sys/time.h */ -#ifndef timersub -# define timersub(tvp, uvp, vvp) \ - do \ - { \ - (vvp)->tv_sec = (tvp)->tv_sec - (uvp)->tv_sec; \ - (vvp)->tv_usec = (tvp)->tv_usec - (uvp)->tv_usec; \ - if ((vvp)->tv_usec < 0) \ - { \ - (vvp)->tv_sec--; \ - (vvp)->tv_usec += 1000000; \ - } \ - } while (0) -#endif /* !timersub */ - -#ifndef timeradd -# define timeradd(tvp, uvp, vvp) \ - do \ - { \ - (vvp)->tv_sec = (tvp)->tv_sec + (uvp)->tv_sec; \ - (vvp)->tv_usec = (tvp)->tv_usec + (uvp)->tv_usec; \ - if ((vvp)->tv_usec >= 1000000) \ - { \ - (vvp)->tv_sec++; \ - (vvp)->tv_usec -= 1000000; \ - } \ - } while (0) -#endif /* !timeradd */ - -#ifndef timercmp -# define timercmp(tvp, uvp, cmp) \ - (((tvp)->tv_sec == (uvp)->tv_sec) ? \ - ((tvp)->tv_usec cmp (uvp)->tv_usec) : \ - ((tvp)->tv_sec cmp (uvp)->tv_sec)) -#endif /* !timercmp */ - extern bool Sm_IO_DidInit; /* Return true iff the given SM_FILE_T cannot be written now. */ @@ -192,7 +156,7 @@ extern const char SmFileMagic[]; else \ { \ (time)->tv_sec = (val) / 1000; \ - (time)->tv_usec = ((val) - ((time)->tv_sec * 1000)) * 10; \ + (time)->tv_usec = ((val) - ((time)->tv_sec * 1000)) * 1000; \ } \ if ((val) == SM_TIME_FOREVER) \ { \ @@ -276,7 +240,7 @@ extern const char SmFileMagic[]; else \ { \ sm_io_to.tv_sec = (to) / 1000; \ - sm_io_to.tv_usec = ((to) - (sm_io_to.tv_sec * 1000)) * 10; \ + sm_io_to.tv_usec = ((to) - (sm_io_to.tv_sec * 1000)) * 1000; \ } \ if (FD_SETSIZE > 0 && (fd) >= FD_SETSIZE) \ { \ @@ -289,8 +253,11 @@ extern const char SmFileMagic[]; FD_SET((fd), &sm_io_x_mask); \ if (gettimeofday(&sm_io_to_before, NULL) < 0) \ return SM_IO_EOF; \ - sm_io_to_sel = select((fd) + 1, NULL, &sm_io_to_mask, &sm_io_x_mask, \ - &sm_io_to); \ + do \ + { \ + sm_io_to_sel = select((fd) + 1, NULL, &sm_io_to_mask, \ + &sm_io_x_mask, &sm_io_to); \ + } while (sm_io_to_sel < 0 && errno == EINTR); \ if (sm_io_to_sel < 0) \ { \ /* something went wrong, errno set */ \ @@ -305,10 +272,9 @@ extern const char SmFileMagic[]; /* else loop again */ \ if (gettimeofday(&sm_io_to_after, NULL) < 0) \ return SM_IO_EOF; \ - timersub(&sm_io_to_before, &sm_io_to_after, &sm_io_to_diff); \ - timersub(&sm_io_to, &sm_io_to_diff, &sm_io_to); \ - (to) -= (sm_io_to.tv_sec * 1000); \ - (to) -= (sm_io_to.tv_usec / 10); \ + timersub(&sm_io_to_after, &sm_io_to_before, &sm_io_to_diff); \ + (to) -= (sm_io_to_diff.tv_sec * 1000); \ + (to) -= (sm_io_to_diff.tv_usec / 1000); \ if ((to) < 0) \ (to) = 0; \ } diff --git a/contrib/sendmail/libsm/memstat.c b/contrib/sendmail/libsm/memstat.c new file mode 100644 index 000000000000..6c2a4d17278a --- /dev/null +++ b/contrib/sendmail/libsm/memstat.c @@ -0,0 +1,333 @@ +/* + * Copyright (c) 2005 Sendmail, Inc. and its suppliers. + * All rights reserved. + * + * By using this file, you agree to the terms and conditions set + * forth in the LICENSE file which can be found at the top level of + * the sendmail distribution. + */ + +#include <sm/gen.h> +SM_RCSID("@(#)$Id: memstat.c,v 1.4 2005/12/10 00:38:48 ca Exp $") + +#include <errno.h> + +#if USESWAPCTL +#include <sys/stat.h> +#include <sys/swap.h> + +static long sc_page_size; + +/* +** SM_MEMSTAT_OPEN -- open memory statistics +** +** Parameters: +** none +** +** Results: +** errno as error code, 0: ok +*/ + +int +sm_memstat_open() +{ + sc_page_size = sysconf(_SC_PAGE_SIZE); + if (sc_page_size == -1) + return (errno != 0) ? errno : -1; + return 0; +} + +/* +** SM_MEMSTAT_CLOSE -- close memory statistics +** +** Parameters: +** none +** +** Results: +** errno as error code, 0: ok +*/ + +int +sm_memstat_close() +{ + return 0; +} + +/* +** SM_MEMSTAT_GET -- get memory statistics +** +** Parameters: +** resource -- resource to look up +** pvalue -- (pointer to) memory statistics value (output) +** +** Results: +** 0: success +** !=0: error +*/ + +int +sm_memstat_get(resource, pvalue) + char *resource; + long *pvalue; +{ + int r; + struct anoninfo ai; + + r = swapctl(SC_AINFO, &ai); + if (r == -1) + return (errno != 0) ? errno : -1; + r = ai.ani_max - ai.ani_resv; + r *= sc_page_size >> 10; + *pvalue = r; + return 0; +} + +#elif USEKSTAT + +#include <kstat.h> +#include <sys/sysinfo.h> + +static kstat_ctl_t *kc; +static kstat_t *kst; + +/* +** SM_MEMSTAT_OPEN -- open memory statistics +** +** Parameters: +** none +** +** Results: +** errno as error code, 0: ok +*/ + +int +sm_memstat_open() +{ + kstat_named_t *kn; + + kc = kstat_open(); + if (kc == NULL) + return (errno != 0) ? errno : -1; + kst = kstat_lookup(kc, "unix", 0, + (name != NULL) ? name : "system_pages"); + if (kst == 0) + return (errno != 0) ? errno : -2; + return 0; +} + +/* +** SM_MEMSTAT_CLOSE -- close memory statistics +** +** Parameters: +** none +** +** Results: +** errno as error code, 0: ok +*/ + +int +sm_memstat_close() +{ + int r; + + if (kc == NULL) + return 0; + r = kstat_close(kc); + if (r != 0) + return (errno != 0) ? errno : -1; + return 0; +} + +/* +** SM_MEMSTAT_GET -- get memory statistics +** +** Parameters: +** resource -- resource to look up +** pvalue -- (pointer to) memory statistics value (output) +** +** Results: +** 0: success +** !=0: error +*/ + +int +sm_memstat_get(resource, pvalue) + char *resource; + long *pvalue; +{ + int r; + kstat_named_t *kn; + + if (kc == NULL || kst == NULL) + return -1; + if (kstat_read(kc, kst, NULL) == -1) + return (errno != 0) ? errno : -2; + kn = kstat_data_lookup(kst, + (resource != NULL) ? resource: "freemem"); + if (kn == NULL) + return (errno != 0) ? errno : -3; + *pvalue = kn->value.ul; + return 0; +} + +#elif USEPROCMEMINFO + +/* +/proc/meminfo? + total: used: free: shared: buffers: cached: +Mem: 261468160 252149760 9318400 0 3854336 109813760 +Swap: 1052794880 62185472 990609408 +MemTotal: 255340 kB +MemFree: 9100 kB +MemShared: 0 kB +Buffers: 3764 kB +Cached: 107240 kB +Active: 104340 kB +Inact_dirty: 4220 kB +Inact_clean: 2444 kB +Inact_target: 4092 kB +HighTotal: 0 kB +HighFree: 0 kB +LowTotal: 255340 kB +LowFree: 9100 kB +SwapTotal: 1028120 kB +SwapFree: 967392 kB +*/ + +#include <stdio.h> +#include <string.h> +static FILE *fp; + +/* +** SM_MEMSTAT_OPEN -- open memory statistics +** +** Parameters: +** none +** +** Results: +** errno as error code, 0: ok +*/ + +int +sm_memstat_open() +{ + fp = fopen("/proc/meminfo", "r"); + return (fp != NULL) ? 0 : errno; +} + +/* +** SM_MEMSTAT_CLOSE -- close memory statistics +** +** Parameters: +** none +** +** Results: +** errno as error code, 0: ok +*/ + +int +sm_memstat_close() +{ + if (fp != NULL) + { + fclose(fp); + fp = NULL; + } + return 0; +} + +/* +** SM_MEMSTAT_GET -- get memory statistics +** +** Parameters: +** resource -- resource to look up +** pvalue -- (pointer to) memory statistics value (output) +** +** Results: +** 0: success +** !=0: error +*/ + +int +sm_memstat_get(resource, pvalue) + char *resource; + long *pvalue; +{ + int r; + size_t l; + char buf[80]; + + if (resource == NULL) + return EINVAL; + if (pvalue == NULL) + return EINVAL; + if (fp == NULL) + return -1; /* try to reopen? */ + rewind(fp); + l = strlen(resource); + while (fgets(buf, sizeof(buf), fp) != NULL) + { + if (strncmp(buf, resource, l) == 0 && buf[l] == ':') + { + r = sscanf(buf + l + 1, "%ld", pvalue); + return (r > 0) ? 0 : -1; + } + } + return 0; +} + +#else /* USEPROCMEMINFO */ + +/* +** SM_MEMSTAT_OPEN -- open memory statistics +** +** Parameters: +** none +** +** Results: +** errno as error code, 0: ok +*/ + +int +sm_memstat_open() +{ + return -1; +} + +/* +** SM_MEMSTAT_CLOSE -- close memory statistics +** +** Parameters: +** none +** +** Results: +** errno as error code, 0: ok +*/ + +int +sm_memstat_close() +{ + return 0; +} + +/* +** SM_MEMSTAT_GET -- get memory statistics +** +** Parameters: +** resource -- resource to look up +** pvalue -- (pointer to) memory statistics value (output) +** +** Results: +** 0: success +** !=0: error +*/ + +int +sm_memstat_get(resource, pvalue) + char *resource; + long *pvalue; +{ + return -1; +} + +#endif /* USEKSTAT */ diff --git a/contrib/sendmail/libsm/refill.c b/contrib/sendmail/libsm/refill.c index c3db17222957..eae6ab4a20be 100644 --- a/contrib/sendmail/libsm/refill.c +++ b/contrib/sendmail/libsm/refill.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000-2001 Sendmail, Inc. and its suppliers. + * Copyright (c) 2000-2001, 2005-2006 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1990, 1993 * The Regents of the University of California. All rights reserved. @@ -13,13 +13,13 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Id: refill.c,v 1.50 2002/09/09 21:50:10 gshapiro Exp $") +SM_RCSID("@(#)$Id: refill.c,v 1.53 2006/02/28 18:48:25 ca Exp $") #include <stdlib.h> #include <unistd.h> #include <errno.h> #include <setjmp.h> #include <signal.h> -#include <sys/time.h> +#include <sm/time.h> #include <fcntl.h> #include <string.h> #include <sm/io.h> @@ -76,8 +76,11 @@ static int sm_lflush __P((SM_FILE_T *, int *)); FD_SET((fd), &sm_io_x_mask); \ if (gettimeofday(&sm_io_to_before, NULL) < 0) \ return SM_IO_EOF; \ - (sel_ret) = select((fd) + 1, &sm_io_to_mask, NULL, \ - &sm_io_x_mask, (to)); \ + do \ + { \ + (sel_ret) = select((fd) + 1, &sm_io_to_mask, NULL, \ + &sm_io_x_mask, (to)); \ + } while ((sel_ret) < 0 && errno == EINTR); \ if ((sel_ret) < 0) \ { \ /* something went wrong, errno set */ \ @@ -94,7 +97,7 @@ static int sm_lflush __P((SM_FILE_T *, int *)); /* calulate wall-clock time used */ \ if (gettimeofday(&sm_io_to_after, NULL) < 0) \ return SM_IO_EOF; \ - timersub(&sm_io_to_before, &sm_io_to_after, &sm_io_to_diff); \ + timersub(&sm_io_to_after, &sm_io_to_before, &sm_io_to_diff); \ timersub((to), &sm_io_to_diff, (to)); \ } diff --git a/contrib/sendmail/libsm/sem.c b/contrib/sendmail/libsm/sem.c index a429cf4a2ed2..89394cbee4dd 100644 --- a/contrib/sendmail/libsm/sem.c +++ b/contrib/sendmail/libsm/sem.c @@ -8,13 +8,14 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Id: sem.c,v 1.12 2005/03/25 21:27:02 ca Exp $") +SM_RCSID("@(#)$Id: sem.c,v 1.13 2005/08/12 20:39:59 ca Exp $") #if SM_CONF_SEM # include <stdlib.h> # include <unistd.h> # include <sm/sem.h> # include <sm/heap.h> +# include <errno.h> /* ** SM_SEM_START -- initialize semaphores @@ -37,7 +38,7 @@ sm_sem_start(key, nsem, semflg, owner) int semflg; bool owner; { - int semid, i; + int semid, i, err; unsigned short *semvals; semvals = NULL; @@ -67,11 +68,12 @@ sm_sem_start(key, nsem, semflg, owner) return semid; error: + err = errno; if (semvals != NULL) sm_free(semvals); if (semid >= 0) sm_sem_stop(semid); - return -1; + return (err > 0) ? (0 - err) : -1; } /* diff --git a/contrib/sendmail/libsm/shm.c b/contrib/sendmail/libsm/shm.c index b68f7c689d5e..15c1119ec84d 100644 --- a/contrib/sendmail/libsm/shm.c +++ b/contrib/sendmail/libsm/shm.c @@ -8,12 +8,13 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Id: shm.c,v 1.18 2005/02/09 01:54:51 ca Exp $") +SM_RCSID("@(#)$Id: shm.c,v 1.19 2005/07/14 22:34:28 ca Exp $") #if SM_CONF_SHM # include <stdlib.h> # include <unistd.h> # include <errno.h> +# include <sm/string.h> # include <sm/shm.h> diff --git a/contrib/sendmail/libsm/signal.c b/contrib/sendmail/libsm/signal.c index 9061efc6a2ff..ce2e242fabf3 100644 --- a/contrib/sendmail/libsm/signal.c +++ b/contrib/sendmail/libsm/signal.c @@ -8,10 +8,10 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Id: signal.c,v 1.16 2001/09/11 04:04:49 gshapiro Exp $") +SM_RCSID("@(#)$Id: signal.c,v 1.17 2005/06/14 23:07:20 ca Exp $") #if SM_CONF_SETITIMER -# include <sys/time.h> +# include <sm/time.h> #endif /* SM_CONF_SETITIMER */ #include <errno.h> #include <stdlib.h> diff --git a/contrib/sendmail/libsm/stdio.c b/contrib/sendmail/libsm/stdio.c index 345a62c38b2e..5fe8f225ff01 100644 --- a/contrib/sendmail/libsm/stdio.c +++ b/contrib/sendmail/libsm/stdio.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000-2004 Sendmail, Inc. and its suppliers. + * Copyright (c) 2000-2005 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1990, 1993 * The Regents of the University of California. All rights reserved. @@ -13,13 +13,13 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Id: stdio.c,v 1.69 2004/08/03 20:46:34 ca Exp $") +SM_RCSID("@(#)$Id: stdio.c,v 1.71 2005/06/14 23:07:20 ca Exp $") #include <unistd.h> #include <errno.h> #include <fcntl.h> #include <string.h> /* FreeBSD: FD_ZERO needs <string.h> */ #include <sys/stat.h> -#include <sys/time.h> +#include <sm/time.h> #include <sm/heap.h> #include <sm/assert.h> #include <sm/varargs.h> @@ -221,7 +221,7 @@ sm_stdclose(fp) ** Failure: -1 and sets errno */ -int +static int sm_stdsetmode(fp, mode) SM_FILE_T *fp; const int *mode; diff --git a/contrib/sendmail/libsm/strio.c b/contrib/sendmail/libsm/strio.c index 9f1f4afd21d6..75f376419a65 100644 --- a/contrib/sendmail/libsm/strio.c +++ b/contrib/sendmail/libsm/strio.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000-2002, 2004 Sendmail, Inc. and its suppliers. + * Copyright (c) 2000-2002, 2004, 2005 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1990, 1993 * The Regents of the University of California. All rights reserved. @@ -13,7 +13,7 @@ */ #include <sm/gen.h> -SM_IDSTR(id, "@(#)$Id: strio.c,v 1.43 2004/08/03 20:48:30 ca Exp $") +SM_IDSTR(id, "@(#)$Id: strio.c,v 1.44 2005/06/09 21:40:19 ca Exp $") #include <stdlib.h> #include <unistd.h> #include <fcntl.h> @@ -359,7 +359,7 @@ sm_strsetmode(fp, mode) ** Failure: -1 and sets errno */ -int +static int sm_strgetmode(fp, mode) SM_FILE_T *fp; int *mode; diff --git a/contrib/sendmail/libsm/t-event.c b/contrib/sendmail/libsm/t-event.c index c6eb82e1e68a..1096b36a70ec 100644 --- a/contrib/sendmail/libsm/t-event.c +++ b/contrib/sendmail/libsm/t-event.c @@ -8,7 +8,7 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Id: t-event.c,v 1.12 2004/08/03 20:50:32 ca Exp $") +SM_RCSID("@(#)$Id: t-event.c,v 1.13 2005/06/14 23:07:20 ca Exp $") #include <stdio.h> @@ -16,7 +16,7 @@ SM_RCSID("@(#)$Id: t-event.c,v 1.12 2004/08/03 20:50:32 ca Exp $") #include <unistd.h> # include <sys/wait.h> #if SM_CONF_SETITIMER -# include <sys/time.h> +# include <sm/time.h> #endif /* SM_CONF_SETITIMER */ #include <sm/clock.h> diff --git a/contrib/sendmail/libsm/t-memstat.c b/contrib/sendmail/libsm/t-memstat.c new file mode 100644 index 000000000000..6ff766e2404d --- /dev/null +++ b/contrib/sendmail/libsm/t-memstat.c @@ -0,0 +1,91 @@ +/* + * Copyright (c) 2005 Sendmail, Inc. and its suppliers. + * All rights reserved. + * + * By using this file, you agree to the terms and conditions set + * forth in the LICENSE file which can be found at the top level of + * the sendmail distribution. + */ + +#include <sm/gen.h> +SM_IDSTR(id, "@(#)$Id: t-memstat.c,v 1.5 2005/12/22 19:05:42 ca Exp $") + +/* +** Simple test program for memstat +*/ + +#include <stdlib.h> +#include <unistd.h> +#include <stdio.h> +#include <strings.h> + +int +main(argc, argv) + int argc; + char **argv; +{ + int r, r2, i, l, slp, sz; + long v; + char *resource; + + l = 1; + sz = slp = 0; + resource = NULL; + while ((r = getopt(argc, argv, "l:m:r:s:")) != -1) + { + switch ((char) r) + { + case 'l': + l = strtol(optarg, NULL, 0); + break; + + case 'm': + sz = strtol(optarg, NULL, 0); + break; + + case 'r': + resource = strdup(optarg); + break; + + case 's': + slp = strtol(optarg, NULL, 0); + break; + + default: + break; + } + } + + r = sm_memstat_open(); + r2 = -1; + for (i = 0; i < l; i++) + { + char *mem; + + r2 = sm_memstat_get(resource, &v); + if (slp > 0 && i + 1 < l && 0 == r) + { + printf("open=%d, memstat=%d, %s=%ld\n", r, r2, + resource != NULL ? resource : "default-value", + v); + sleep(slp); + if (sz > 0) + { + /* + ** Just allocate some memory to test the + ** values that are returned. + ** Note: this is a memory leak, but that + ** doesn't matter here. + */ + + mem = malloc(sz); + if (NULL == mem) + printf("malloc(%d) failed\n", sz); + } + } + } + printf("open=%d, memstat=%d, %s=%ld\n", r, r2, + resource != NULL ? resource : "default-value", v); + r = sm_memstat_close(); + return r; +} diff --git a/contrib/sendmail/libsm/t-sem.c b/contrib/sendmail/libsm/t-sem.c index 3964327017e3..cba784a8c93c 100644 --- a/contrib/sendmail/libsm/t-sem.c +++ b/contrib/sendmail/libsm/t-sem.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000-2001 Sendmail, Inc. and its suppliers. + * Copyright (c) 2000-2001, 2005-2006 Sendmail, Inc. and its suppliers. * All rights reserved. * * By using this file, you agree to the terms and conditions set @@ -8,7 +8,7 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Id: t-sem.c,v 1.14 2005/03/25 21:27:41 ca Exp $") +SM_RCSID("@(#)$Id: t-sem.c,v 1.15 2006/03/13 20:40:43 msk Exp $") #include <stdio.h> @@ -307,7 +307,7 @@ main(argc, argv) pid_t pid; printf("This test takes about 8 seconds.\n"); - printf("If it takes longer than 30 second, please interrupt it\n"); + printf("If it takes longer than 30 seconds, please interrupt it\n"); printf("and compile again without semaphore support, i.e.,"); printf("-DSM_CONF_SEM=0\n"); if ((pid = fork()) < 0) diff --git a/contrib/sendmail/libsm/ungetc.c b/contrib/sendmail/libsm/ungetc.c index 289c7befee4f..2f90e149059b 100644 --- a/contrib/sendmail/libsm/ungetc.c +++ b/contrib/sendmail/libsm/ungetc.c @@ -13,12 +13,12 @@ */ #include <sm/gen.h> -SM_IDSTR(id, "@(#)$Id: ungetc.c,v 1.29 2004/08/03 20:54:49 ca Exp $") +SM_IDSTR(id, "@(#)$Id: ungetc.c,v 1.30 2005/06/14 23:07:20 ca Exp $") #include <stdlib.h> #include <string.h> #include <signal.h> -#include <sys/time.h> +#include <sm/time.h> #include <errno.h> #include <sm/io.h> #include <sm/heap.h> diff --git a/contrib/sendmail/libsm/vfprintf.c b/contrib/sendmail/libsm/vfprintf.c index e77c3358e391..c4ca9bb286a3 100644 --- a/contrib/sendmail/libsm/vfprintf.c +++ b/contrib/sendmail/libsm/vfprintf.c @@ -13,7 +13,7 @@ */ #include <sm/gen.h> -SM_IDSTR(id, "@(#)$Id: vfprintf.c,v 1.53 2004/08/03 20:54:49 ca Exp $") +SM_IDSTR(id, "@(#)$Id: vfprintf.c,v 1.54 2005/05/16 03:52:00 ca Exp $") /* ** Overall: @@ -535,9 +535,19 @@ reswitch: switch (ch) if (prec > 120) prec = 120; if (prec >= 0) +#if HASSNPRINTF + snprintf(out, sizeof(out), fmt, width, + prec, val); +#else /* HASSNPRINTF */ sprintf(out, fmt, width, prec, val); +#endif /* HASSNPRINTF */ else +#if HASSNPRINTF + snprintf(out, sizeof(out), fmt, width, + val); +#else /* HASSNPRINTF */ sprintf(out, fmt, width, val); +#endif /* HASSNPRINTF */ len = strlen(out); PRINT(out, len); FLUSH(); diff --git a/contrib/sendmail/libsm/vfscanf.c b/contrib/sendmail/libsm/vfscanf.c index d7f1a3d746c8..235ee4254623 100644 --- a/contrib/sendmail/libsm/vfscanf.c +++ b/contrib/sendmail/libsm/vfscanf.c @@ -13,13 +13,13 @@ */ #include <sm/gen.h> -SM_IDSTR(id, "@(#)$Id: vfscanf.c,v 1.52 2004/08/03 20:56:32 ca Exp $") +SM_IDSTR(id, "@(#)$Id: vfscanf.c,v 1.53 2005/06/14 23:07:20 ca Exp $") #include <ctype.h> #include <stdlib.h> #include <errno.h> #include <setjmp.h> -#include <sys/time.h> +#include <sm/time.h> #include <sm/varargs.h> #include <sm/config.h> #include <sm/io.h> diff --git a/contrib/sendmail/src/README b/contrib/sendmail/src/README index 0440657526eb..b3936135085e 100644 --- a/contrib/sendmail/src/README +++ b/contrib/sendmail/src/README @@ -9,7 +9,7 @@ # the sendmail distribution. # # -# $Id: README,v 8.386 2005/03/04 23:24:08 ca Exp $ +# $Id: README,v 8.388 2005/07/26 05:45:39 ca Exp $ # This directory contains the source files for sendmail(TM). @@ -502,6 +502,12 @@ NEEDINTERRNO Set this if <errno.h> does not declare errno, i.e., if an extern int errno; USE_TTYPATH Set this to 1 to enable ErrorMode=write. USESYSCTL Use sysctl(3) to determine the number of CPUs in a system. +HASSNPRINTF Set this to 1 if your OS has a working snprintf(3), i.e., + it properly obeys the size of the buffer and returns the + number of characters that would have been printed if the + size were unlimited. +LDAP_REFERRALS Set this if you want to use the -R flag (do not auto chase + referrals) for LDAP maps (requires -DLDAPMAP). +-----------------------+ @@ -1826,4 +1832,4 @@ util.c Some general purpose routines used by sendmail. version.c The version number and information about this version of sendmail. -(Version $Revision: 8.386 $, last update $Date: 2005/03/04 23:24:08 $ ) +(Version $Revision: 8.388 $, last update $Date: 2005/07/26 05:45:39 $ ) diff --git a/contrib/sendmail/src/TRACEFLAGS b/contrib/sendmail/src/TRACEFLAGS index 3e0a14c231d0..820cf208161d 100644 --- a/contrib/sendmail/src/TRACEFLAGS +++ b/contrib/sendmail/src/TRACEFLAGS @@ -1,4 +1,4 @@ -# $Id: TRACEFLAGS,v 8.43 2005/02/16 23:38:51 ca Exp $ +# $Id: TRACEFLAGS,v 8.44 2006/02/27 18:52:41 ca Exp $ 0, 4 main.c main canonical name, UUCP node name, a.k.a.s 0, 15 main.c main print configuration 0, 44 util.c printav print address of each string @@ -86,6 +86,8 @@ 73 queue.c shared memory updates 80 content length 81 sun remote mode +83 collect.c timeout +84 deliver.c timeout 91 mci.c syslogging of MCI cache information 93,>99 * Prevent daemon connection fork for profiling/debugging 94,>99 srvrsmtp.c cause commands to fail (for protocol testing) diff --git a/contrib/sendmail/src/collect.c b/contrib/sendmail/src/collect.c index 101bcd047c51..0bfe3f2d48a8 100644 --- a/contrib/sendmail/src/collect.c +++ b/contrib/sendmail/src/collect.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2004 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2006 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -13,9 +13,8 @@ #include <sendmail.h> -SM_RCSID("@(#)$Id: collect.c,v 8.261 2005/02/16 23:38:51 ca Exp $") +SM_RCSID("@(#)$Id: collect.c,v 8.272 2006/03/02 19:09:26 ca Exp $") -static void collecttimeout __P((int)); static void eatfrom __P((char *volatile, ENVELOPE *)); static void collect_doheader __P((ENVELOPE *)); static SM_FILE_T *collect_dfopen __P((ENVELOPE *)); @@ -263,10 +262,6 @@ collect_dfopen(e) ** If data file cannot be created, the process is terminated. */ -static jmp_buf CtxCollectTimeout; -static bool volatile CollectProgress; -static SM_EVENT *volatile CollectTimeout = NULL; - /* values for input state machine */ #define IS_NORM 0 /* middle of line */ #define IS_BOL 1 /* beginning of line */ @@ -288,27 +283,31 @@ collect(fp, smtpmode, hdrp, e, rsetsize) register ENVELOPE *e; bool rsetsize; { - register SM_FILE_T *volatile df; - volatile bool ignrdot; - volatile int dbto; - register char *volatile bp; - volatile int c; - volatile bool inputerr; + register SM_FILE_T *df; + bool ignrdot; + int dbto; + register char *bp; + int c; + bool inputerr; bool headeronly; - char *volatile buf; - volatile int buflen; - volatile int istate; - volatile int mstate; - volatile int hdrslen; - volatile int numhdrs; - volatile int afd; - unsigned char *volatile pbp; + char *buf; + int buflen; + int istate; + int mstate; + int hdrslen; + int numhdrs; + int afd; + unsigned char *pbp; unsigned char peekbuf[8]; char bufbuf[MAXLINE]; df = NULL; ignrdot = smtpmode ? false : IgnrDot; - dbto = smtpmode ? (int) TimeOuts.to_datablock : 0; + + /* timeout for I/O functions is in milliseconds */ + dbto = smtpmode ? ((int) TimeOuts.to_datablock * 1000) + : SM_TIME_FOREVER; + sm_io_setinfo(fp, SM_IO_WHAT_TIMEOUT, &dbto); c = SM_IO_EOF; inputerr = false; headeronly = hdrp != NULL; @@ -320,7 +319,6 @@ collect(fp, smtpmode, hdrp, e, rsetsize) pbp = peekbuf; istate = IS_BOL; mstate = SaveFrom ? MS_HEADER : MS_UFROM; - CollectProgress = false; /* ** Tell ARPANET to go ahead. @@ -329,6 +327,10 @@ collect(fp, smtpmode, hdrp, e, rsetsize) if (smtpmode) message("354 Enter mail, end with \".\" on a line by itself"); + /* simulate an I/O timeout when used as sink */ + if (tTd(83, 101)) + sleep(319); + if (tTd(30, 2)) sm_dprintf("collect\n"); @@ -341,32 +343,6 @@ collect(fp, smtpmode, hdrp, e, rsetsize) ** the larger picture (e.g., header versus body). */ - if (dbto != 0) - { - /* handle possible input timeout */ - if (setjmp(CtxCollectTimeout) != 0) - { - if (LogLevel > 2) - sm_syslog(LOG_NOTICE, e->e_id, - "timeout waiting for input from %s during message collect", - CURHOSTNAME); - errno = 0; - if (smtpmode) - { - /* - ** Override e_message in usrerr() as this - ** is the reason for failure that should - ** be logged for undelivered recipients. - */ - - e->e_message = NULL; - } - usrerr("451 4.4.1 timeout waiting for input during message collect"); - goto readerr; - } - CollectTimeout = sm_setevent(dbto, collecttimeout, dbto); - } - if (rsetsize) e->e_msgsize = 0; for (;;) @@ -390,9 +366,26 @@ collect(fp, smtpmode, hdrp, e, rsetsize) sm_io_clearerr(fp); continue; } + + /* timeout? */ + if (c == SM_IO_EOF && errno == EAGAIN + && smtpmode) + { + /* + ** Override e_message in + ** usrerr() as this is the + ** reason for failure that + ** should be logged for + ** undelivered recipients. + */ + + e->e_message = NULL; + errno = 0; + inputerr = true; + goto readabort; + } break; } - CollectProgress = true; if (TrafficLogFile != NULL && !headeronly) { if (istate == IS_BOL) @@ -446,7 +439,8 @@ collect(fp, smtpmode, hdrp, e, rsetsize) OpMode != MD_ARPAFTP)) { - SM_ASSERT(pbp < peekbuf + sizeof(peekbuf)); + SM_ASSERT(pbp < peekbuf + + sizeof(peekbuf)); *pbp++ = c; c = '.'; } @@ -458,7 +452,8 @@ collect(fp, smtpmode, hdrp, e, rsetsize) else { /* push back the ".\rx" */ - SM_ASSERT(pbp < peekbuf + sizeof(peekbuf)); + SM_ASSERT(pbp < peekbuf + + sizeof(peekbuf)); *pbp++ = c; if (OpMode != MD_SMTP && OpMode != MD_DAEMON && @@ -538,6 +533,18 @@ bufferchar: buflen *= 2; else buflen += MEMCHUNKSIZE; + if (buflen <= 0) + { + sm_syslog(LOG_NOTICE, e->e_id, + "header overflow from %s during message collect", + CURHOSTNAME); + errno = 0; + e->e_flags |= EF_CLRQUEUE; + e->e_status = "5.6.0"; + usrerrenh(e->e_status, + "552 Headers too large"); + goto discard; + } buf = xalloc(buflen); memmove(buf, obuf, bp - obuf); bp = &buf[bp - obuf]; @@ -581,6 +588,7 @@ bufferchar: usrerrenh(e->e_status, "552 Headers too large (%d max)", MaxHeadersLength); + discard: mstate = MS_DISCARD; } } @@ -620,6 +628,24 @@ nextstate: sm_io_clearerr(fp); errno = 0; c = sm_io_getc(fp, SM_TIME_DEFAULT); + + /* timeout? */ + if (c == SM_IO_EOF && errno == EAGAIN + && smtpmode) + { + /* + ** Override e_message in + ** usrerr() as this is the + ** reason for failure that + ** should be logged for + ** undelivered recipients. + */ + + e->e_message = NULL; + errno = 0; + inputerr = true; + goto readabort; + } } while (c == SM_IO_EOF && errno == EINTR); if (c != SM_IO_EOF) (void) sm_io_ungetc(fp, SM_TIME_DEFAULT, c); @@ -629,8 +655,12 @@ nextstate: continue; } - /* trim off trailing CRLF or NL */ SM_ASSERT(bp > buf); + + /* guaranteed by isheader(buf) */ + SM_ASSERT(*(bp - 1) != '\n' || bp > buf + 1); + + /* trim off trailing CRLF or NL */ if (*--bp != '\n' || *--bp != '\r') bp++; *bp = '\0'; @@ -696,10 +726,6 @@ readerr: inputerr = true; } - /* reset global timer */ - if (CollectTimeout != NULL) - sm_clrevent(CollectTimeout); - if (headeronly) return; @@ -786,6 +812,7 @@ readerr: } /* An EOF when running SMTP is an error */ + readabort: if (inputerr && (OpMode == MD_SMTP || OpMode == MD_DAEMON)) { char *host; @@ -808,13 +835,14 @@ readerr: problem, host, shortenstring(e->e_from.q_paddr, MAXSHORTSTR)); if (sm_io_eof(fp)) - usrerr("451 4.4.1 collect: %s on connection from %s, from=%s", + usrerr("421 4.4.1 collect: %s on connection from %s, from=%s", problem, host, shortenstring(e->e_from.q_paddr, MAXSHORTSTR)); else - syserr("451 4.4.1 collect: %s on connection from %s, from=%s", + syserr("421 4.4.1 collect: %s on connection from %s, from=%s", problem, host, shortenstring(e->e_from.q_paddr, MAXSHORTSTR)); + flush_errors(true); /* don't return an error indication */ e->e_to = NULL; @@ -907,39 +935,6 @@ readerr: } } -static void -collecttimeout(timeout) - int timeout; -{ - int save_errno = errno; - - /* - ** NOTE: THIS CAN BE CALLED FROM A SIGNAL HANDLER. DO NOT ADD - ** ANYTHING TO THIS ROUTINE UNLESS YOU KNOW WHAT YOU ARE - ** DOING. - */ - - if (CollectProgress) - { - /* reset the timeout */ - CollectTimeout = sm_sigsafe_setevent(timeout, collecttimeout, - timeout); - CollectProgress = false; - } - else - { - /* event is done */ - CollectTimeout = NULL; - } - - /* if no progress was made or problem resetting event, die now */ - if (CollectTimeout == NULL) - { - errno = ETIMEDOUT; - longjmp(CtxCollectTimeout, 1); - } - errno = save_errno; -} /* ** DFERROR -- signal error on writing the data file. ** diff --git a/contrib/sendmail/src/daemon.c b/contrib/sendmail/src/daemon.c index 69a5f61229be..9bbde3956bb7 100644 --- a/contrib/sendmail/src/daemon.c +++ b/contrib/sendmail/src/daemon.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2005 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2006 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -13,7 +13,7 @@ #include <sendmail.h> -SM_RCSID("@(#)$Id: daemon.c,v 8.658 2005/02/02 18:19:28 ca Exp $") +SM_RCSID("@(#)$Id: daemon.c,v 8.665 2006/03/02 19:12:00 ca Exp $") #if defined(SOCK_STREAM) || defined(__GNU_LIBRARY__) # define USE_SOCK_STREAM 1 @@ -34,7 +34,7 @@ SM_RCSID("@(#)$Id: daemon.c,v 8.658 2005/02/02 18:19:28 ca Exp $") # include <openssl/rand.h> #endif /* STARTTLS */ -#include <sys/time.h> +#include <sm/time.h> #if IP_SRCROUTE && NETINET # include <netinet/in_systm.h> @@ -90,9 +90,6 @@ typedef struct daemon DAEMON_T; #define SAFE_NOTSET (-1) /* SuperSafe (per daemon) option not set */ /* see also sendmail.h: SuperSafe values */ -#define DM_NOTSET (-1) /* DeliveryMode (per daemon) option not set */ -/* see also sendmail.h: values for e_sendmode -- send modes */ - static void connecttimeout __P((int)); static int opendaemonsocket __P((DAEMON_T *, bool)); static unsigned short setupdaemon __P((SOCKADDR *)); @@ -390,8 +387,8 @@ getrequests(e) #endif /* _FFR_QUEUE_RUN_PARANOIA */ } #if _FFR_QUEUE_RUN_PARANOIA - else if (QueueIntvl > 0 && - lastrun + QueueIntvl + 60 < now) + else if (CheckQueueRunners > 0 && QueueIntvl > 0 && + lastrun + QueueIntvl + CheckQueueRunners < now) { /* @@ -764,7 +761,6 @@ getrequests(e) set_delivery_mode( Daemons[curdaemon].d_dm, e); #endif /* _FFR_DM_PER_DAEMON */ - sm_setproctitle(true, e, "startup with %s", anynet_ntoa(&RealHostAddr)); @@ -1455,6 +1451,12 @@ setsockaddroptions(p, d) if (d->d_addr.sa.sa_family == AF_UNSPEC) d->d_addr.sa.sa_family = AF_INET; #endif /* NETINET */ +#if _FFR_SS_PER_DAEMON + d->d_supersafe = SAFE_NOTSET; +#endif /* _FFR_SS_PER_DAEMON */ +#if _FFR_DM_PER_DAEMON + d->d_dm = DM_NOTSET; +#endif /* _FFR_DM_PER_DAEMON */ while (p != NULL) { @@ -1476,12 +1478,6 @@ setsockaddroptions(p, d) continue; if (isascii(*f) && islower(*f)) *f = toupper(*f); -#if _FFR_SS_PER_DAEMON - d->d_supersafe = SAFE_NOTSET; -#endif /* _FFR_SS_PER_DAEMON */ -#if _FFR_DM_PER_DAEMON - d->d_dm = DM_NOTSET; -#endif /* _FFR_DM_PER_DAEMON */ switch (*f) { @@ -1496,7 +1492,7 @@ setsockaddroptions(p, d) case SM_QUEUE: case SM_DEFER: case SM_DELIVER: - case SM_FORK: + case SM_FORK: d->d_dm = *v; break; default: diff --git a/contrib/sendmail/src/deliver.c b/contrib/sendmail/src/deliver.c index a6b67c8acc18..045804779c0e 100644 --- a/contrib/sendmail/src/deliver.c +++ b/contrib/sendmail/src/deliver.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2005 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2006 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -12,9 +12,9 @@ */ #include <sendmail.h> -#include <sys/time.h> +#include <sm/time.h> -SM_RCSID("@(#)$Id: deliver.c,v 8.986 2005/03/05 02:28:50 ca Exp $") +SM_RCSID("@(#)$Id: deliver.c,v 8.1000 2006/03/02 01:37:39 ca Exp $") #if HASSETUSERCONTEXT # include <login_cap.h> @@ -1201,13 +1201,13 @@ should_try_fbsh(e, tried_fallbacksmarthost, hostbuf, hbsz, status) int status; { /* - ** If the host was not found and a FallbackSmartHost is defined - ** (and we have not yet tried it), then make one last try with - ** it as the host. + ** If the host was not found or a temporary failure occurred + ** and a FallbackSmartHost is defined (and we have not yet + ** tried it), then make one last try with it as the host. */ - if (status == EX_NOHOST && FallbackSmartHost != NULL && - !*tried_fallbacksmarthost) + if ((status == EX_NOHOST || status == EX_TEMPFAIL) && + FallbackSmartHost != NULL && !*tried_fallbacksmarthost) { *tried_fallbacksmarthost = true; expand(FallbackSmartHost, hostbuf, hbsz, e); @@ -2992,6 +2992,9 @@ reconnect: /* after switching to an encrypted connection */ case EX_SOFTWARE: s = "SOFTWARE"; break; + case EX_UNAVAILABLE: + s = "NONE"; + break; /* everything else is a failure */ default: @@ -3257,16 +3260,33 @@ do_transfer: } else if (!clever) { + bool ok; + /* ** Format and send message. */ - putfromline(mci, e); - (*e->e_puthdr)(mci, e->e_header, e, M87F_OUTER); - (*e->e_putbody)(mci, e, NULL); + rcode = EX_OK; + errno = 0; + ok = putfromline(mci, e); + if (ok) + ok = (*e->e_puthdr)(mci, e->e_header, e, M87F_OUTER); + if (ok) + ok = (*e->e_putbody)(mci, e, NULL); + + /* + ** Ignore an I/O error that was caused by EPIPE. + ** Some broken mailers don't read the entire body + ** but just exit() thus causing an I/O error. + */ + + if (!ok && (sm_io_error(mci->mci_out) && errno == EPIPE)) + ok = true; - /* get the exit status */ + /* (always) get the exit status */ rcode = endmailer(mci, e, pv); + if (!ok) + rcode = EX_TEMPFAIL; if (rcode == EX_TEMPFAIL && SmtpError[0] == '\0') { /* @@ -4430,13 +4450,13 @@ logdelivery(m, mci, dsn, status, ctladdr, xstart, e) ** e -- the envelope. ** ** Returns: -** none +** true iff line was written successfully ** ** Side Effects: ** outputs some text to fp. */ -void +bool putfromline(mci, e) register MCI *mci; ENVELOPE *e; @@ -4446,7 +4466,7 @@ putfromline(mci, e) char xbuf[MAXLINE]; if (bitnset(M_NHDR, mci->mci_mailer->m_flags)) - return; + return true; mci->mci_flags |= MCIF_INHEADER; @@ -4487,8 +4507,9 @@ putfromline(mci, e) } } expand(template, buf, sizeof buf, e); - putxline(buf, strlen(buf), mci, PXLF_HEADER); + return putxline(buf, strlen(buf), mci, PXLF_HEADER); } + /* ** PUTBODY -- put the body of a message. ** @@ -4499,24 +4520,26 @@ putfromline(mci, e) ** not be permitted in the resulting message. ** ** Returns: -** none. +** true iff message was written successfully ** ** Side Effects: ** The message is written onto fp. */ /* values for output state variable */ -#define OS_HEAD 0 /* at beginning of line */ -#define OS_CR 1 /* read a carriage return */ -#define OS_INLINE 2 /* putting rest of line */ +#define OSTATE_HEAD 0 /* at beginning of line */ +#define OSTATE_CR 1 /* read a carriage return */ +#define OSTATE_INLINE 2 /* putting rest of line */ -void +bool putbody(mci, e, separator) register MCI *mci; register ENVELOPE *e; char *separator; { bool dead = false; + bool ioerr = false; + int save_errno; char buf[MAXLINE]; #if MIME8TO7 char *boundaries[MAXMIMENESTING + 1]; @@ -4546,10 +4569,12 @@ putbody(mci, e, separator) { if (bitset(MCIF_INHEADER, mci->mci_flags)) { - putline("", mci); + if (!putline("", mci)) + goto writeerr; mci->mci_flags &= ~MCIF_INHEADER; } - putline("<<< No Message Collected >>>", mci); + if (!putline("<<< No Message Collected >>>", mci)) + goto writeerr; goto endofmessage; } @@ -4570,6 +4595,10 @@ putbody(mci, e, separator) /* paranoia: the data file should always be in a rewound state */ (void) bfrewind(e->e_dfp); + /* simulate an I/O timeout when used as source */ + if (tTd(84, 101)) + sleep(319); + #if MIME8TO7 if (bitset(MCIF_CVT8TO7, mci->mci_flags)) { @@ -4578,26 +4607,31 @@ putbody(mci, e, separator) */ /* make sure it looks like a MIME message */ - if (hvalue("MIME-Version", e->e_header) == NULL) - putline("MIME-Version: 1.0", mci); + if (hvalue("MIME-Version", e->e_header) == NULL && + !putline("MIME-Version: 1.0", mci)) + goto writeerr; if (hvalue("Content-Type", e->e_header) == NULL) { (void) sm_snprintf(buf, sizeof buf, "Content-Type: text/plain; charset=%s", defcharset(e)); - putline(buf, mci); + if (!putline(buf, mci)) + goto writeerr; } /* now do the hard work */ boundaries[0] = NULL; mci->mci_flags |= MCIF_INHEADER; - (void) mime8to7(mci, e->e_header, e, boundaries, M87F_OUTER); + if (mime8to7(mci, e->e_header, e, boundaries, M87F_OUTER) == + SM_IO_EOF) + goto writeerr; } # if MIME7TO8 else if (bitset(MCIF_CVT7TO8, mci->mci_flags)) { - (void) mime7to8(mci, e->e_header, e); + if (!mime7to8(mci, e->e_header, e)) + goto writeerr; } # endif /* MIME7TO8 */ else if (MaxMimeHeaderLength > 0 || MaxMimeFieldLength > 0) @@ -4619,8 +4653,9 @@ putbody(mci, e, separator) if (bitset(EF_DONT_MIME, e->e_flags)) SuprErrs = true; - (void) mime8to7(mci, e->e_header, e, boundaries, - M87F_OUTER|M87F_NO8TO7); + if (mime8to7(mci, e->e_header, e, boundaries, + M87F_OUTER|M87F_NO8TO7) == SM_IO_EOF) + goto writeerr; /* restore SuprErrs */ SuprErrs = oldsuprerrs; @@ -4640,7 +4675,8 @@ putbody(mci, e, separator) if (bitset(MCIF_INHEADER, mci->mci_flags)) { - putline("", mci); + if (!putline("", mci)) + goto writeerr; mci->mci_flags &= ~MCIF_INHEADER; } @@ -4651,7 +4687,7 @@ putbody(mci, e, separator) buflim = &buf[mci->mci_mailer->m_linelimit - 1]; /* copy temp file to output with mapping */ - ostate = OS_HEAD; + ostate = OSTATE_HEAD; bp = buf; pbp = peekbuf; while (!sm_io_error(mci->mci_out) && !dead) @@ -4665,7 +4701,7 @@ putbody(mci, e, separator) c &= 0x7f; switch (ostate) { - case OS_HEAD: + case OSTATE_HEAD: if (c == '\0' && bitnset(M_NONULLS, mci->mci_mailer->m_flags)) @@ -4731,11 +4767,6 @@ putbody(mci, e, separator) dead = true; continue; } - else - { - /* record progress for DATA timeout */ - DataProgress = true; - } pos++; } for (xp = buf; xp < bp; xp++) @@ -4748,11 +4779,6 @@ putbody(mci, e, separator) dead = true; break; } - else - { - /* record progress for DATA timeout */ - DataProgress = true; - } } if (dead) continue; @@ -4763,11 +4789,6 @@ putbody(mci, e, separator) mci->mci_mailer->m_eol) == SM_IO_EOF) break; - else - { - /* record progress for DATA timeout */ - DataProgress = true; - } pos = 0; } else @@ -4785,14 +4806,14 @@ putbody(mci, e, separator) /* determine next state */ if (c == '\n') - ostate = OS_HEAD; + ostate = OSTATE_HEAD; else if (c == '\r') - ostate = OS_CR; + ostate = OSTATE_CR; else - ostate = OS_INLINE; + ostate = OSTATE_INLINE; continue; - case OS_CR: + case OSTATE_CR: if (c == '\n') { /* got CRLF */ @@ -4801,11 +4822,6 @@ putbody(mci, e, separator) mci->mci_mailer->m_eol) == SM_IO_EOF) continue; - else - { - /* record progress for DATA timeout */ - DataProgress = true; - } if (TrafficLogFile != NULL) { @@ -4813,7 +4829,7 @@ putbody(mci, e, separator) SM_TIME_DEFAULT, mci->mci_mailer->m_eol); } - ostate = OS_HEAD; + ostate = OSTATE_HEAD; continue; } @@ -4821,13 +4837,13 @@ putbody(mci, e, separator) SM_ASSERT(pbp < peekbuf + sizeof(peekbuf)); *pbp++ = c; c = '\r'; - ostate = OS_INLINE; + ostate = OSTATE_INLINE; goto putch; - case OS_INLINE: + case OSTATE_INLINE: if (c == '\r') { - ostate = OS_CR; + ostate = OSTATE_CR; continue; } if (c == '\0' && @@ -4867,11 +4883,6 @@ putch: dead = true; continue; } - else - { - /* record progress for DATA timeout */ - DataProgress = true; - } pos++; continue; } @@ -4887,11 +4898,6 @@ putch: dead = true; continue; } - else - { - /* record progress for DATA timeout */ - DataProgress = true; - } if (TrafficLogFile != NULL) { @@ -4900,7 +4906,7 @@ putch: "!%s", mci->mci_mailer->m_eol); } - ostate = OS_HEAD; + ostate = OSTATE_HEAD; SM_ASSERT(pbp < peekbuf + sizeof(peekbuf)); *pbp++ = c; @@ -4917,13 +4923,8 @@ putch: mci->mci_mailer->m_eol) == SM_IO_EOF) continue; - else - { - /* record progress for DATA timeout */ - DataProgress = true; - } pos = 0; - ostate = OS_HEAD; + ostate = OSTATE_HEAD; } else { @@ -4939,13 +4940,8 @@ putch: dead = true; continue; } - else - { - /* record progress for DATA timeout */ - DataProgress = true; - } pos++; - ostate = OS_INLINE; + ostate = OSTATE_INLINE; } break; } @@ -4970,11 +4966,6 @@ putch: dead = true; break; } - else - { - /* record progress for DATA timeout */ - DataProgress = true; - } } pos += bp - buf; } @@ -4984,11 +4975,9 @@ putch: (void) sm_io_fputs(TrafficLogFile, SM_TIME_DEFAULT, mci->mci_mailer->m_eol); - (void) sm_io_fputs(mci->mci_out, SM_TIME_DEFAULT, - mci->mci_mailer->m_eol); - - /* record progress for DATA timeout */ - DataProgress = true; + if (sm_io_fputs(mci->mci_out, SM_TIME_DEFAULT, + mci->mci_mailer->m_eol) == SM_IO_EOF) + goto writeerr; } } @@ -4998,6 +4987,7 @@ putch: qid_printqueue(e->e_dfqgrp, e->e_dfqdir), DATAFL_LETTER, e->e_id); ExitStat = EX_IOERR; + ioerr = true; } endofmessage: @@ -5012,23 +5002,35 @@ endofmessage: ** offset to match. */ + save_errno = errno; if (e->e_dfp != NULL) (void) bfrewind(e->e_dfp); /* some mailers want extra blank line at end of message */ if (!dead && bitnset(M_BLANKEND, mci->mci_mailer->m_flags) && buf[0] != '\0' && buf[0] != '\n') - putline("", mci); + { + if (!putline("", mci)) + goto writeerr; + } - (void) sm_io_flush(mci->mci_out, SM_TIME_DEFAULT); - if (sm_io_error(mci->mci_out) && errno != EPIPE) + if (!dead && + (sm_io_flush(mci->mci_out, SM_TIME_DEFAULT) == SM_IO_EOF || + (sm_io_error(mci->mci_out) && errno != EPIPE))) { + save_errno = errno; syserr("putbody: write error"); ExitStat = EX_IOERR; + ioerr = true; } - errno = 0; + errno = save_errno; + return !dead && !ioerr; + + writeerr: + return false; } + /* ** MAILFILE -- Send a message to a file. ** @@ -5559,14 +5561,14 @@ mailfile(filename, mailer, ctladdr, sfflags, e) } #endif /* MIME7TO8 */ - putfromline(&mcibuf, e); - (*e->e_puthdr)(&mcibuf, e->e_header, e, M87F_OUTER); - (*e->e_putbody)(&mcibuf, e, NULL); - putline("\n", &mcibuf); - if (sm_io_flush(f, SM_TIME_DEFAULT) != 0 || + if (!putfromline(&mcibuf, e) || + !(*e->e_puthdr)(&mcibuf, e->e_header, e, M87F_OUTER) || + !(*e->e_putbody)(&mcibuf, e, NULL) || + !putline("\n", &mcibuf) || + (sm_io_flush(f, SM_TIME_DEFAULT) != 0 || (SuperSafe != SAFE_NO && fsync(sm_io_getinfo(f, SM_IO_WHAT_FD, NULL)) < 0) || - sm_io_error(f)) + sm_io_error(f))) { setstat(EX_IOERR); #if !NOFTRUNCATE @@ -6079,12 +6081,16 @@ starttls(m, mci, e) XS_STARTTLS); /* check return code from server */ - if (smtpresult == 454) + if (REPLYTYPE(smtpresult) == 4) return EX_TEMPFAIL; if (smtpresult == 501) return EX_USAGE; if (smtpresult == -1) return smtpresult; + + /* not an expected reply but we have to deal with it */ + if (REPLYTYPE(smtpresult) == 5) + return EX_UNAVAILABLE; if (smtpresult != 220) return EX_PROTOCOL; @@ -6128,86 +6134,23 @@ starttls(m, mci, e) ssl_retry: if ((result = SSL_connect(clt_ssl)) <= 0) { - int i; - bool timedout; - time_t left; - time_t now = curtime(); - struct timeval tv; + int i, ssl_err; - /* what to do in this case? */ - i = SSL_get_error(clt_ssl, result); + ssl_err = SSL_get_error(clt_ssl, result); + i = tls_retry(clt_ssl, rfd, wfd, tlsstart, + TimeOuts.to_starttls, ssl_err, "client"); + if (i > 0) + goto ssl_retry; - /* - ** For SSL_ERROR_WANT_{READ,WRITE}: - ** There is not a complete SSL record available yet - ** or there is only a partial SSL record removed from - ** the network (socket) buffer into the SSL buffer. - ** The SSL_connect will only succeed when a full - ** SSL record is available (assuming a "real" error - ** doesn't happen). To handle when a "real" error - ** does happen the select is set for exceptions too. - ** The connection may be re-negotiated during this time - ** so both read and write "want errors" need to be handled. - ** A select() exception loops back so that a proper SSL - ** error message can be gotten. - */ - - left = TimeOuts.to_starttls - (now - tlsstart); - timedout = left <= 0; - if (!timedout) - { - tv.tv_sec = left; - tv.tv_usec = 0; - } - - if (!timedout && FD_SETSIZE > 0 && - (rfd >= FD_SETSIZE || - (i == SSL_ERROR_WANT_WRITE && wfd >= FD_SETSIZE))) - { - if (LogLevel > 5) - { - sm_syslog(LOG_ERR, e->e_id, - "STARTTLS=client, error: fd %d/%d too large", - rfd, wfd); - if (LogLevel > 8) - tlslogerr("client"); - } - errno = EINVAL; - goto tlsfail; - } - if (!timedout && i == SSL_ERROR_WANT_READ) - { - fd_set ssl_maskr, ssl_maskx; - - FD_ZERO(&ssl_maskr); - FD_SET(rfd, &ssl_maskr); - FD_ZERO(&ssl_maskx); - FD_SET(rfd, &ssl_maskx); - if (select(rfd + 1, &ssl_maskr, NULL, &ssl_maskx, &tv) - > 0) - goto ssl_retry; - } - if (!timedout && i == SSL_ERROR_WANT_WRITE) - { - fd_set ssl_maskw, ssl_maskx; - - FD_ZERO(&ssl_maskw); - FD_SET(wfd, &ssl_maskw); - FD_ZERO(&ssl_maskx); - FD_SET(rfd, &ssl_maskx); - if (select(wfd + 1, NULL, &ssl_maskw, &ssl_maskx, &tv) - > 0) - goto ssl_retry; - } if (LogLevel > 5) { - sm_syslog(LOG_ERR, e->e_id, - "STARTTLS=client, error: connect failed=%d, SSL_error=%d, timedout=%d, errno=%d", - result, i, (int) timedout, errno); + sm_syslog(LOG_WARNING, NOQID, + "STARTTLS=client, error: connect failed=%d, SSL_error=%d, errno=%d, retry=%d", + result, ssl_err, errno, i); if (LogLevel > 8) tlslogerr("client"); } -tlsfail: + SSL_free(clt_ssl); clt_ssl = NULL; return EX_SOFTWARE; diff --git a/contrib/sendmail/src/envelope.c b/contrib/sendmail/src/envelope.c index af6370b44ce9..164ed6f91719 100644 --- a/contrib/sendmail/src/envelope.c +++ b/contrib/sendmail/src/envelope.c @@ -13,7 +13,7 @@ #include <sendmail.h> -SM_RCSID("@(#)$Id: envelope.c,v 8.294 2005/02/16 23:38:51 ca Exp $") +SM_RCSID("@(#)$Id: envelope.c,v 8.295 2005/06/15 20:32:18 ca Exp $") /* ** CLRSESSENVELOPE -- clear session oriented data in an envelope @@ -75,6 +75,10 @@ newenvelope(e, parent, rpool) register ENVELOPE *parent; SM_RPOOL_T *rpool; { +#if _FFR_DM_PER_DAEMON + int sendmode; +#endif /* _FFR_DM_PER_DAEMON */ + /* ** This code used to read: ** if (e == parent && e->e_parent != NULL) @@ -84,6 +88,13 @@ newenvelope(e, parent, rpool) ** This meant macvalue() could go into an infinite loop. */ +#if _FFR_DM_PER_DAEMON + if (parent != NULL) + sendmode = parent->e_sendmode; + else + sendmode = DM_NOTSET; +#endif /* _FFR_DM_PER_DAEMON */ + if (e == parent) parent = e->e_parent; clearenvelope(e, true, rpool); @@ -119,6 +130,10 @@ newenvelope(e, parent, rpool) e->e_putbody = putbody; if (CurEnv->e_xfp != NULL) (void) sm_io_flush(CurEnv->e_xfp, SM_TIME_DEFAULT); +#if _FFR_DM_PER_DAEMON + if (sendmode != DM_NOTSET) + e->e_sendmode = sendmode; +#endif /* _FFR_DM_PER_DAEMON */ return e; } diff --git a/contrib/sendmail/src/helpfile b/contrib/sendmail/src/helpfile index af8bd15b7500..5c502d36786f 100644 --- a/contrib/sendmail/src/helpfile +++ b/contrib/sendmail/src/helpfile @@ -1,6 +1,6 @@ #vers 2 cpyr -cpyr Copyright (c) 1998-2000, 2002, 2004 Sendmail, Inc. and its suppliers. +cpyr Copyright (c) 1998-2000, 2002, 2004, 2005 Sendmail, Inc. and its suppliers. cpyr All rights reserved. cpyr Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. cpyr Copyright (c) 1988, 1993 @@ -11,7 +11,7 @@ cpyr By using this file, you agree to the terms and conditions set cpyr forth in the LICENSE file which can be found at the top level of cpyr the sendmail distribution. cpyr -cpyr $$Id: helpfile,v 8.43 2004/10/29 18:05:39 ca Exp $$ +cpyr $$Id: helpfile,v 8.45 2005/09/13 00:05:23 ca Exp $$ cpyr smtp This is sendmail version $v smtp Topics: @@ -48,10 +48,10 @@ ehlo STARTTLS Secure SMTP [RFC2487] ehlo AUTH Authentication [RFC2554] ehlo ENHANCEDSTATUSCODES Enhanced status codes [RFC2034] ehlo DELIVERBY Deliver By [RFC2852] -mail MAIL FROM: <sender> [ <parameters> ] +mail MAIL From:<sender> [ <parameters> ] mail Specifies the sender. Parameters are ESMTP extensions. mail See "HELP DSN" for details. -rcpt RCPT TO: <recipient> [ <parameters> ] +rcpt RCPT To:<recipient> [ <parameters> ] rcpt Specifies the recipient. Can be used any number of times. rcpt Parameters are ESMTP extensions. See "HELP DSN" for details. data DATA @@ -91,7 +91,7 @@ saml implementation. turn TURN turn Reverses the direction of the connection. Not currently turn implemented. -etrn ETRN [ <hostname> | @<domain> | #<queuename> ] +etrn ETRN [ <hostname> | @<domain> | \#<queuename> ] etrn Run the queue for the specified <hostname>, or etrn all hosts within a given <domain>, or a specially-named etrn <queuename> (implementation-specific). diff --git a/contrib/sendmail/src/main.c b/contrib/sendmail/src/main.c index f274ad871d87..45ea1edb5602 100644 --- a/contrib/sendmail/src/main.c +++ b/contrib/sendmail/src/main.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2004 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2005 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -25,7 +25,7 @@ SM_UNUSED(static char copyright[]) = The Regents of the University of California. All rights reserved.\n"; #endif /* ! lint */ -SM_RCSID("@(#)$Id: main.c,v 8.939 2004/06/17 16:39:21 ca Exp $") +SM_RCSID("@(#)$Id: main.c,v 8.942 2005/12/26 04:39:13 ca Exp $") #if NETINET || NETINET6 @@ -649,7 +649,7 @@ main(argc, argv, envp) } /* prime the child environment */ - setuserenv("AGENT", "sendmail"); + sm_setuserenv("AGENT", "sendmail"); (void) sm_signal(SIGPIPE, SIG_IGN); OldUmask = umask(022); @@ -1318,9 +1318,9 @@ main(argc, argv, envp) if (TimeZoneSpec == NULL) unsetenv("TZ"); else if (TimeZoneSpec[0] != '\0') - setuserenv("TZ", TimeZoneSpec); + sm_setuserenv("TZ", TimeZoneSpec); else - setuserenv("TZ", NULL); + sm_setuserenv("TZ", NULL); tzset(); /* initialize mailbox database */ @@ -1462,6 +1462,16 @@ main(argc, argv, envp) "Warning: HostStatusDirectory required for SingleThreadDelivery\n"); } +#if _FFR_MEMSTAT + j = sm_memstat_open(); + if (j < 0 && (RefuseLowMem > 0 || QueueLowMem > 0) && LogLevel > 4) + { + sm_syslog(LOG_WARNING, NOQID, + "cannot get memory statistics, settings ignored, error=%d" + , j); + } +#endif /* _FFR_MEMSTAT */ + /* check for permissions */ if (RealUid != 0 && RealUid != TrustedUid) @@ -2949,6 +2959,9 @@ finis(drop, cleanup, exitstat) /* reset uid for process accounting */ endpwent(); sm_mbdb_terminate(); +#if _FFR_MEMSTAT + (void) sm_memstat_close(); +#endif /* _FFR_MEMSTAT */ (void) setuid(RealUid); #if SM_HEAP_CHECK /* dump the heap, if we are checking for memory leaks */ @@ -3439,21 +3452,21 @@ getextenv(envar) return NULL; } /* -** SETUSERENV -- set an environment in the propagated environment +** SM_SETUSERENV -- set an environment variable in the propagated environment ** ** Parameters: ** envar -- the name of the environment variable. ** value -- the value to which it should be set. If ** null, this is extracted from the incoming ** environment. If that is not set, the call -** to setuserenv is ignored. +** to sm_setuserenv is ignored. ** ** Returns: ** none. */ void -setuserenv(envar, value) +sm_setuserenv(envar, value) const char *envar; const char *value; { @@ -3488,7 +3501,7 @@ setuserenv(envar, value) /* make sure it is in our environment as well */ if (putenv(p) < 0) - syserr("setuserenv: putenv(%s) failed", p); + syserr("sm_setuserenv: putenv(%s) failed", p); } /* ** DUMPSTATE -- dump state diff --git a/contrib/sendmail/src/map.c b/contrib/sendmail/src/map.c index 056d76edcfc6..ee3fbb737019 100644 --- a/contrib/sendmail/src/map.c +++ b/contrib/sendmail/src/map.c @@ -13,7 +13,7 @@ #include <sendmail.h> -SM_RCSID("@(#)$Id: map.c,v 8.669 2005/02/09 01:46:35 ca Exp $") +SM_RCSID("@(#)$Id: map.c,v 8.671 2005/10/25 17:55:50 ca Exp $") #if LDAPMAP # include <sm/ldap.h> @@ -3493,7 +3493,7 @@ ldapmap_lookup(map, name, av, statp) char *result = NULL; SM_RPOOL_T *rpool; SM_LDAP_STRUCT *lmap = NULL; - char keybuf[MAXNAME + 1]; + char keybuf[MAXKEY]; if (tTd(38, 20)) sm_dprintf("ldapmap_lookup(%s, %s)\n", map->map_mname, name); @@ -3551,6 +3551,10 @@ ldapmap_lookup(map, name, av, statp) flags |= SM_LDAP_SINGLEMATCH; if (bitset(MF_MATCHONLY, map->map_mflags)) flags |= SM_LDAP_MATCHONLY; +# if _FFR_LDAP_SINGLEDN + if (bitset(MF_SINGLEDN, map->map_mflags)) + flags |= SM_LDAP_SINGLEDN; +# endif /* _FFR_LDAP_SINGLEDN */ /* Create an rpool for search related memory usage */ rpool = sm_rpool_new_x(NULL); @@ -3911,6 +3915,12 @@ ldapmap_parseargs(map, args) map->map_mflags |= MF_SINGLEMATCH; break; +# if _FFR_LDAP_SINGLEDN + case '2': + map->map_mflags |= MF_SINGLEDN; + break; +# endif /* _FFR_LDAP_SINGLEDN */ + /* args stolen from ldapsearch.c */ case 'R': /* don't auto chase referrals */ # ifdef LDAP_REFERRALS diff --git a/contrib/sendmail/src/milter.c b/contrib/sendmail/src/milter.c index 0fba8a194ec6..19fd59d54ef3 100644 --- a/contrib/sendmail/src/milter.c +++ b/contrib/sendmail/src/milter.c @@ -10,14 +10,14 @@ #include <sendmail.h> -SM_RCSID("@(#)$Id: milter.c,v 8.229 2005/03/02 02:32:34 ca Exp $") +SM_RCSID("@(#)$Id: milter.c,v 8.232 2005/08/05 21:49:04 ca Exp $") #if MILTER # include <libmilter/mfapi.h> # include <libmilter/mfdef.h> # include <errno.h> -# include <sys/time.h> +# include <sm/time.h> # include <sys/uio.h> # if NETINET || NETINET6 @@ -1962,11 +1962,20 @@ milter_send_command(m, command, data, sz, e, state) #if SMFI_VERSION > 2 case SMFIC_UNKNOWN: + skipflag = SMFIP_NOUNKNOWN; action = "unknown"; defresponse = "550 5.7.1 Command rejected"; break; #endif /* SMFI_VERSION > 2 */ +#if SMFI_VERSION > 3 + case SMFIC_DATA: + skipflag = SMFIP_NODATA; + action = "data"; + defresponse = "550 5.7.1 Command rejected"; + break; +#endif /* SMFI_VERSION > 3 */ + case SMFIC_BODYEOB: case SMFIC_OPTNEG: case SMFIC_MACRO: @@ -2184,8 +2193,9 @@ milter_negotiate(m, e) mi_int32 fvers; mi_int32 fflags; mi_int32 pflags; - char *response; + mi_int32 curr_prot; ssize_t rlen; + char *response; char data[MILTER_OPTLEN]; /* sanity check */ @@ -2201,7 +2211,18 @@ milter_negotiate(m, e) fvers = htonl(SMFI_VERSION); fflags = htonl(SMFI_CURR_ACTS); - pflags = htonl(SMFI_CURR_PROT); + curr_prot = SMFI_V2_PROT +#if _FFR_MILTER_NOHDR_RESP + | SMFIP_NOHREPL +#endif /* _FFR_MILTER_NOHDR_RESP */ +#if SMFI_VERSION >= 3 + | SMFIP_NOUNKNOWN +# if SMFI_VERSION >= 4 + | SMFIP_NODATA +# endif /* SMFI_VERSION >= 4 */ +#endif /* SMFI_VERSION >= 3 */ + ; + pflags = htonl(curr_prot); (void) memcpy(data, (char *) &fvers, MILTER_LEN_BYTES); (void) memcpy(data + MILTER_LEN_BYTES, (char *) &fflags, MILTER_LEN_BYTES); @@ -2310,21 +2331,26 @@ milter_negotiate(m, e) } /* check for protocol feature mismatch */ - if ((m->mf_pflags & SMFI_CURR_PROT) != m->mf_pflags) + if ((m->mf_pflags & curr_prot) != m->mf_pflags) { if (tTd(64, 5)) sm_dprintf("milter_negotiate(%s): protocol abilities 0x%x != MTA milter abilities 0x%lx\n", m->mf_name, m->mf_pflags, - (unsigned long) SMFI_CURR_PROT); + (unsigned long) curr_prot); if (MilterLogLevel > 0) sm_syslog(LOG_ERR, e->e_id, "Milter (%s): negotiate: protocol abilities 0x%x != MTA milter abilities 0x%lx", m->mf_name, m->mf_pflags, - (unsigned long) SMFI_CURR_PROT); + (unsigned long) curr_prot); milter_error(m, e); return -1; } + if (m->mf_fvers <= 2) + m->mf_pflags |= SMFIP_NOUNKNOWN; + if (m->mf_fvers <= 3) + m->mf_pflags |= SMFIP_NODATA; + if (tTd(64, 5)) sm_dprintf("milter_negotiate(%s): version %u, fflags 0x%x, pflags 0x%x\n", m->mf_name, m->mf_fvers, m->mf_fflags, m->mf_pflags); @@ -2689,10 +2715,10 @@ milter_addheader(response, rlen, e) ** Returns: ** none ** -** Notes: -** Unlike milter_addheader(), this does not attempt to determine -** if the header already exists in the envelope, even a -** deleted version. It just blindly inserts. +** Notes: +** Unlike milter_addheader(), this does not attempt to determine +** if the header already exists in the envelope, even a +** deleted version. It just blindly inserts. */ static void @@ -2752,7 +2778,7 @@ milter_insheader(response, rlen, e) sm_dprintf("Insert (%d) %s: %s\n", idx, response, val); if (MilterLogLevel > 8) sm_syslog(LOG_INFO, e->e_id, - "Milter insert (%d): header: %s: %s", + "Milter insert (%d): header: %s: %s", idx, field, val); insheader(idx, newstr(field), val, H_USER, e); } diff --git a/contrib/sendmail/src/mime.c b/contrib/sendmail/src/mime.c index fd3e65a444ae..541307dc1c77 100644 --- a/contrib/sendmail/src/mime.c +++ b/contrib/sendmail/src/mime.c @@ -14,7 +14,7 @@ #include <sendmail.h> #include <string.h> -SM_RCSID("@(#)$Id: mime.c,v 8.137 2004/09/02 21:37:26 ca Exp $") +SM_RCSID("@(#)$Id: mime.c,v 8.139 2006/03/01 18:07:45 ca Exp $") /* ** MIME support. @@ -86,6 +86,7 @@ static bool MapNLtoCRLF; ** MBT_FINAL -- the final boundary ** MBT_INTERMED -- an intermediate boundary ** MBT_NOTSEP -- an end of file +** SM_IO_EOF -- I/O error occurred */ struct args @@ -298,7 +299,8 @@ mime8to7(mci, header, e, boundaries, flags) mci->mci_flags |= MCIF_INMIME; /* skip the early "comment" prologue */ - putline("", mci); + if (!putline("", mci)) + goto writeerr; mci->mci_flags &= ~MCIF_INHEADER; bt = MBT_FINAL; while (sm_io_fgets(e->e_dfp, SM_TIME_DEFAULT, buf, sizeof buf) @@ -307,8 +309,9 @@ mime8to7(mci, header, e, boundaries, flags) bt = mimeboundary(buf, boundaries); if (bt != MBT_NOTSEP) break; - putxline(buf, strlen(buf), mci, - PXLF_MAPFROM|PXLF_STRIP8BIT); + if (!putxline(buf, strlen(buf), mci, + PXLF_MAPFROM|PXLF_STRIP8BIT)) + goto writeerr; if (tTd(43, 99)) sm_dprintf(" ...%s", buf); } @@ -319,19 +322,24 @@ mime8to7(mci, header, e, boundaries, flags) auto HDR *hdr = NULL; (void) sm_strlcpyn(buf, sizeof buf, 2, "--", bbuf); - putline(buf, mci); + if (!putline(buf, mci)) + goto writeerr; if (tTd(43, 35)) sm_dprintf(" ...%s\n", buf); collect(e->e_dfp, false, &hdr, e, false); if (tTd(43, 101)) putline("+++after collect", mci); - putheader(mci, hdr, e, flags); + if (!putheader(mci, hdr, e, flags)) + goto writeerr; if (tTd(43, 101)) putline("+++after putheader", mci); bt = mime8to7(mci, hdr, e, boundaries, flags); + if (bt == SM_IO_EOF) + goto writeerr; } (void) sm_strlcpyn(buf, sizeof buf, 3, "--", bbuf, "--"); - putline(buf, mci); + if (!putline(buf, mci)) + goto writeerr; if (tTd(43, 35)) sm_dprintf(" ...%s\n", buf); boundaries[i] = NULL; @@ -344,8 +352,9 @@ mime8to7(mci, header, e, boundaries, flags) bt = mimeboundary(buf, boundaries); if (bt != MBT_NOTSEP) break; - putxline(buf, strlen(buf), mci, - PXLF_MAPFROM|PXLF_STRIP8BIT); + if (!putxline(buf, strlen(buf), mci, + PXLF_MAPFROM|PXLF_STRIP8BIT)) + goto writeerr; if (tTd(43, 99)) sm_dprintf(" ...%s", buf); } @@ -373,18 +382,21 @@ mime8to7(mci, header, e, boundaries, flags) { auto HDR *hdr = NULL; - putline("", mci); + if (!putline("", mci)) + goto writeerr; mci->mci_flags |= MCIF_INMIME; collect(e->e_dfp, false, &hdr, e, false); if (tTd(43, 101)) putline("+++after collect", mci); - putheader(mci, hdr, e, flags); + if (!putheader(mci, hdr, e, flags)) + goto writeerr; if (tTd(43, 101)) putline("+++after putheader", mci); if (hvalue("MIME-Version", hdr) == NULL && - !bitset(M87F_NO8TO7, flags)) - putline("MIME-Version: 1.0", mci); + !bitset(M87F_NO8TO7, flags) && + !putline("MIME-Version: 1.0", mci)) + goto writeerr; bt = mime8to7(mci, hdr, e, boundaries, flags); mci->mci_flags &= ~MCIF_INMIME; return bt; @@ -480,11 +492,13 @@ mime8to7(mci, header, e, boundaries, flags) (void) sm_snprintf(buf, sizeof buf, "Content-Transfer-Encoding: %.200s", cte); - putline(buf, mci); + if (!putline(buf, mci)) + goto writeerr; if (tTd(43, 36)) sm_dprintf(" ...%s\n", buf); } - putline("", mci); + if (!putline("", mci)) + goto writeerr; mci->mci_flags &= ~MCIF_INHEADER; while (sm_io_fgets(e->e_dfp, SM_TIME_DEFAULT, buf, sizeof buf) != NULL) @@ -492,7 +506,8 @@ mime8to7(mci, header, e, boundaries, flags) bt = mimeboundary(buf, boundaries); if (bt != MBT_NOTSEP) break; - putline(buf, mci); + if (!putline(buf, mci)) + goto writeerr; } if (sm_io_eof(e->e_dfp)) bt = MBT_FINAL; @@ -505,12 +520,13 @@ mime8to7(mci, header, e, boundaries, flags) if (tTd(43, 36)) sm_dprintf(" ...Content-Transfer-Encoding: base64\n"); - putline("Content-Transfer-Encoding: base64", mci); + if (!putline("Content-Transfer-Encoding: base64", mci)) + goto writeerr; (void) sm_snprintf(buf, sizeof buf, "X-MIME-Autoconverted: from 8bit to base64 by %s id %s", MyHostName, e->e_id); - putline(buf, mci); - putline("", mci); + if (!putline(buf, mci) || !putline("", mci)) + goto writeerr; mci->mci_flags &= ~MCIF_INHEADER; while ((c1 = mime_getchar_crlf(e->e_dfp, boundaries, &bt)) != SM_IO_EOF) @@ -518,7 +534,8 @@ mime8to7(mci, header, e, boundaries, flags) if (linelen > 71) { *bp = '\0'; - putline(buf, mci); + if (!putline(buf, mci)) + goto writeerr; linelen = 0; bp = buf; } @@ -548,7 +565,8 @@ mime8to7(mci, header, e, boundaries, flags) *bp++ = Base64Code[c2 & 0x3f]; } *bp = '\0'; - putline(buf, mci); + if (!putline(buf, mci)) + goto writeerr; } else { @@ -571,12 +589,14 @@ mime8to7(mci, header, e, boundaries, flags) if (tTd(43, 36)) sm_dprintf(" ...Content-Transfer-Encoding: quoted-printable\n"); - putline("Content-Transfer-Encoding: quoted-printable", mci); + if (!putline("Content-Transfer-Encoding: quoted-printable", + mci)) + goto writeerr; (void) sm_snprintf(buf, sizeof buf, "X-MIME-Autoconverted: from 8bit to quoted-printable by %s id %s", MyHostName, e->e_id); - putline(buf, mci); - putline("", mci); + if (!putline(buf, mci) || !putline("", mci)) + goto writeerr; mci->mci_flags &= ~MCIF_INHEADER; fromstate = 0; c2 = '\n'; @@ -598,7 +618,8 @@ mime8to7(mci, header, e, boundaries, flags) *bp++ = Base16Code['.' & 0x0f]; } *bp = '\0'; - putline(buf, mci); + if (!putline(buf, mci)) + goto writeerr; linelen = fromstate = 0; bp = buf; c2 = c1; @@ -627,7 +648,8 @@ mime8to7(mci, header, e, boundaries, flags) c2 = '\n'; *bp++ = '='; *bp = '\0'; - putline(buf, mci); + if (!putline(buf, mci)) + goto writeerr; linelen = fromstate = 0; bp = buf; if (c2 == '.') @@ -665,13 +687,17 @@ mime8to7(mci, header, e, boundaries, flags) if (linelen > 0 || boundaries[0] != NULL) { *bp = '\0'; - putline(buf, mci); + if (!putline(buf, mci)) + goto writeerr; } } if (tTd(43, 3)) sm_dprintf("\t\t\tmime8to7=>%s (basic)\n", MimeBoundaryNames[bt]); return bt; + + writeerr: + return SM_IO_EOF; } /* ** MIME_GETCHAR -- get a character for MIME processing @@ -958,7 +984,7 @@ static int mime_fromqp __P((unsigned char *, unsigned char **, int)); ** e -- envelope. ** ** Returns: -** none. +** true iff body was written successfully */ static char index_64[128] = @@ -975,7 +1001,7 @@ static char index_64[128] = # define CHAR64(c) (((c) < 0 || (c) > 127) ? -1 : index_64[(c)]) -void +bool mime7to8(mci, header, e) register MCI *mci; HDR *header; @@ -1008,25 +1034,31 @@ mime7to8(mci, header, e) { (void) sm_snprintf(buf, sizeof buf, "Content-Transfer-Encoding: %s", p); - putline(buf, mci); + if (!putline(buf, mci)) + goto writeerr; } - putline("", mci); + if (!putline("", mci)) + goto writeerr; mci->mci_flags &= ~MCIF_INHEADER; while (sm_io_fgets(e->e_dfp, SM_TIME_DEFAULT, buf, sizeof buf) != NULL) - putline(buf, mci); - return; + { + if (!putline(buf, mci)) + goto writeerr; + } + return true; } cataddr(pvp, NULL, buf, sizeof buf, '\0'); cte = sm_rpool_strdup_x(e->e_rpool, buf); mci->mci_flags |= MCIF_INHEADER; - putline("Content-Transfer-Encoding: 8bit", mci); + if (!putline("Content-Transfer-Encoding: 8bit", mci)) + goto writeerr; (void) sm_snprintf(buf, sizeof buf, "X-MIME-Autoconverted: from %.200s to 8bit by %s id %s", cte, MyHostName, e->e_id); - putline(buf, mci); - putline("", mci); + if (!putline(buf, mci) || !putline("", mci)) + goto writeerr; mci->mci_flags &= ~MCIF_INHEADER; /* @@ -1090,7 +1122,8 @@ mime7to8(mci, header, e) if (*fbufp++ == '\n' || fbufp >= &fbuf[MAXLINE]) \ { \ CHK_EOL; \ - putxline((char *) fbuf, fbufp - fbuf, mci, pxflags); \ + if (!putxline((char *) fbuf, fbufp - fbuf, mci, pxflags)) \ + goto writeerr; \ pxflags &= ~PXLF_NOADDEOL; \ fbufp = fbuf; \ } \ @@ -1127,8 +1160,11 @@ again: continue; if (fbufp - fbuf > 0) - putxline((char *) fbuf, fbufp - fbuf - 1, mci, - pxflags); + { + if (!putxline((char *) fbuf, fbufp - fbuf - 1, + mci, pxflags)) + goto writeerr; + } fbufp = fbuf; if (off >= 0 && buf[off] != '\0') { @@ -1144,7 +1180,8 @@ again: if (fbufp > fbuf) { *fbufp = '\0'; - putxline((char *) fbuf, fbufp - fbuf, mci, pxflags); + if (!putxline((char *) fbuf, fbufp - fbuf, mci, pxflags)) + goto writeerr; } /* @@ -1154,10 +1191,15 @@ again: ** but so is auto-converting MIME in the first place. */ - putline("", mci); + if (!putline("", mci)) + goto writeerr; if (tTd(43, 3)) sm_dprintf("\t\t\tmime7to8 => %s to 8bit done\n", cte); + return true; + + writeerr: + return false; } /* ** The following is based on Borenstein's "codes.c" module, with simplifying diff --git a/contrib/sendmail/src/parseaddr.c b/contrib/sendmail/src/parseaddr.c index 4852ab5b35a7..ee4f61fe402d 100644 --- a/contrib/sendmail/src/parseaddr.c +++ b/contrib/sendmail/src/parseaddr.c @@ -13,7 +13,7 @@ #include <sendmail.h> -SM_RCSID("@(#)$Id: parseaddr.c,v 8.381 2005/02/04 22:01:45 ca Exp $") +SM_RCSID("@(#)$Id: parseaddr.c,v 8.383 2006/02/01 19:46:11 ca Exp $") static void allocaddr __P((ADDRESS *, int, char *, ENVELOPE *)); static int callsubr __P((char**, int, ENVELOPE *)); @@ -1337,7 +1337,7 @@ rewrite(pvp, ruleset, reclevel, e, maxatom) /* $&{x} replacement */ char *mval = macvalue(rp[1], e); char **xpvp; - int trsize = 0; + size_t trsize = 0; static size_t pvpb1_size = 0; static char **pvpb1 = NULL; char pvpbuf[PSBUFSIZE]; @@ -1352,7 +1352,7 @@ rewrite(pvp, ruleset, reclevel, e, maxatom) /* save the remainder of the input */ for (xpvp = pvp; *xpvp != NULL; xpvp++) trsize += sizeof *xpvp; - if ((size_t) trsize > pvpb1_size) + if (trsize > pvpb1_size) { if (pvpb1 != NULL) sm_free(pvpb1); @@ -1407,7 +1407,7 @@ rewrite(pvp, ruleset, reclevel, e, maxatom) { char **hbrvp; char **xpvp; - int trsize; + size_t trsize; char *replac; int endtoken; STAB *map; @@ -1415,7 +1415,7 @@ rewrite(pvp, ruleset, reclevel, e, maxatom) char **key_rvp; char **arg_rvp; char **default_rvp; - char cbuf[MAXNAME + 1]; + char cbuf[MAXKEY]; char *pvpb1[MAXATOM + 1]; char *argvect[MAX_MAP_ARGS]; char pvpbuf[PSBUFSIZE]; @@ -1509,7 +1509,7 @@ rewrite(pvp, ruleset, reclevel, e, maxatom) *++arg_rvp = NULL; /* save the remainder of the input string */ - trsize = (int) (avp - rvp + 1) * sizeof *rvp; + trsize = (avp - rvp + 1) * sizeof *rvp; memmove((char *) pvpb1, (char *) rvp, trsize); /* look it up */ @@ -2949,7 +2949,7 @@ rscheck(rwset, p1, p2, e, flags, logl, host, logid) char *logid; { char *volatile buf; - int bufsize; + size_t bufsize; int saveexitstat; int volatile rstat = EX_OK; char **pvp; @@ -3163,7 +3163,7 @@ rscap(rwset, p1, p2, e, pvp, pvpbuf, size) int size; { char *volatile buf; - int bufsize; + size_t bufsize; int volatile rstat = EX_OK; int rsno; bool saveQuickAbort = QuickAbort; diff --git a/contrib/sendmail/src/queue.c b/contrib/sendmail/src/queue.c index 972e240157a7..6cf7fc93cb6c 100644 --- a/contrib/sendmail/src/queue.c +++ b/contrib/sendmail/src/queue.c @@ -14,7 +14,7 @@ #include <sendmail.h> #include <sm/sem.h> -SM_RCSID("@(#)$Id: queue.c,v 8.944 2005/02/17 23:58:58 ca Exp $") +SM_RCSID("@(#)$Id: queue.c,v 8.951 2006/03/02 19:13:38 ca Exp $") #include <dirent.h> @@ -2853,7 +2853,8 @@ gatherq(qgrp, qdir, doall, full, more) if (cf != NULL) (void) sm_io_close(cf, SM_TIME_DEFAULT); - if ((!doall && shouldqueue(w->w_pri, w->w_ctime)) || + if ((!doall && (shouldqueue(w->w_pri, w->w_ctime) || + w->w_tooyoung)) || bitset(HAS_QUARANTINE, i) || bitset(NEED_QUARANTINE, i) || bitset(NEED_R|NEED_S, i)) @@ -2931,10 +2932,6 @@ sortq(max) if (WorkList == NULL || wc <= 0) return 0; - /* Check if the per queue group item limit will be exceeded */ - if (wc > max && max > 0) - wc = max; - /* ** The sort now takes place using all of the items in WorkList. ** The list gets trimmed to the most important items after the sort. @@ -3046,6 +3043,10 @@ sortq(max) } /* else don't sort at all */ + /* Check if the per queue group item limit will be exceeded */ + if (wc > max && max > 0) + wc = max; + /* ** Convert the work list into canonical form. ** Should be turning it into a list of envelopes here perhaps. @@ -3443,13 +3444,13 @@ init_shuffle_alphabet() return; /* fill the ShuffledAlphabet */ - for (i = 0; i < NCHAR; i++) + for (i = 0; i < NASCII; i++) ShuffledAlphabet[i] = i; /* mix it */ - for (i = 1; i < NCHAR; i++) + for (i = 1; i < NASCII; i++) { - register int j = get_random() % NCHAR; + register int j = get_random() % NASCII; register int tmp; tmp = ShuffledAlphabet[j]; @@ -3462,8 +3463,8 @@ init_shuffle_alphabet() ShuffledAlphabet[i] = ShuffledAlphabet[i + 'a' - 'A']; /* fill the upper part */ - for (i = 0; i < NCHAR; i++) - ShuffledAlphabet[i + NCHAR] = ShuffledAlphabet[i]; + for (i = 0; i < NASCII; i++) + ShuffledAlphabet[i + NASCII] = ShuffledAlphabet[i]; init = true; } @@ -6266,7 +6267,8 @@ multiqueue_cache(basedir, blen, qg, qn, phash) ** If the directory does not exist, -1 is returned. ** ** Parameters: -** path -- pathname of directory +** name -- name of directory (must be persistent!) +** path -- pathname of directory (name plus maybe "/df") ** add -- add to structure if not found. ** ** Returns: @@ -6277,14 +6279,15 @@ multiqueue_cache(basedir, blen, qg, qn, phash) ** FSF_NOT_FOUND: not in list */ -static short filesys_find __P((char *, bool)); +static short filesys_find __P((char *, char *, bool)); #define FSF_NOT_FOUND (-1) #define FSF_STAT_FAIL (-2) #define FSF_TOO_MANY (-3) static short -filesys_find(path, add) +filesys_find(name, path, add) + char *name; char *path; bool add; { @@ -6310,7 +6313,7 @@ filesys_find(path, add) return FSF_NOT_FOUND; ++NumFileSys; - FILE_SYS_NAME(i) = path; + FILE_SYS_NAME(i) = name; FILE_SYS_DEV(i) = st.st_dev; FILE_SYS_AVAIL(i) = 0; FILE_SYS_BLKSIZE(i) = 1024; /* avoid divide by zero */ @@ -6350,8 +6353,12 @@ filesys_setup(add) for (j = 0; j < Queue[i]->qg_numqueues; ++j) { QPATHS *qp = &Queue[i]->qg_qpaths[j]; + char qddf[MAXPATHLEN]; - fs = filesys_find(qp->qp_name, add); + (void) sm_strlcpyn(qddf, sizeof qddf, 2, qp->qp_name, + (bitset(QP_SUBDF, qp->qp_subdirs) + ? "/df" : "")); + fs = filesys_find(qp->qp_name, qddf, add); if (fs >= 0) qp->qp_fsysidx = fs; else @@ -6679,6 +6686,22 @@ write_key_file(keypath, key) } else { + if (geteuid() == 0 && RunAsUid != 0) + { +# if HASFCHOWN + int fd; + + fd = keyf->f_file; + if (fd >= 0 && fchown(fd, RunAsUid, -1) < 0) + { + int err = errno; + + sm_syslog(LOG_ALERT, NOQID, + "ownership change on %s to %d failed: %s", + keypath, RunAsUid, sm_errstring(err)); + } +# endif /* HASFCHOWN */ + } ok = sm_io_fprintf(keyf, SM_TIME_DEFAULT, "%ld\n", key) != SM_IO_EOF; ok = (sm_io_close(keyf, SM_TIME_DEFAULT) != SM_IO_EOF) && ok; @@ -6830,13 +6853,11 @@ init_shm(qn, owner, hash) #endif /* _FFR_SELECT_SHM */ if (owner && RunAsUid != 0) { - i = sm_shmsetowner(ShmId, RunAsUid, RunAsGid, - 0660); + i = sm_shmsetowner(ShmId, RunAsUid, RunAsGid, 0660); if (i != 0) sm_syslog(LOG_ERR, NOQID, - "key=%ld, sm_shmsetowner=%d, RunAsUid=%d, RunAsGid=%d", - (long) ShmKey, i, - RunAsUid, RunAsGid); + "key=%ld, sm_shmsetowner=%d, RunAsUid=%d, RunAsGid=%d", + (long) ShmKey, i, RunAsUid, RunAsGid); } p = (int *) Pshm; if (owner) @@ -7722,8 +7743,11 @@ dup_df(old, new) ** are on the same file system. */ - ofs = Queue[old->e_qgrp]->qg_qpaths[old->e_qdir].qp_fsysidx; - nfs = Queue[new->e_qgrp]->qg_qpaths[new->e_qdir].qp_fsysidx; + SM_REQUIRE(ISVALIDQGRP(old->e_dfqgrp) && ISVALIDQDIR(old->e_dfqdir)); + SM_REQUIRE(ISVALIDQGRP(new->e_dfqgrp) && ISVALIDQDIR(new->e_dfqdir)); + + ofs = Queue[old->e_dfqgrp]->qg_qpaths[old->e_dfqdir].qp_fsysidx; + nfs = Queue[new->e_dfqgrp]->qg_qpaths[new->e_dfqdir].qp_fsysidx; if (FILE_SYS_DEV(ofs) == FILE_SYS_DEV(nfs)) { if (link(opath, npath) == 0) diff --git a/contrib/sendmail/src/ratectrl.c b/contrib/sendmail/src/ratectrl.c index d141125e27c0..3185eae7bfff 100644 --- a/contrib/sendmail/src/ratectrl.c +++ b/contrib/sendmail/src/ratectrl.c @@ -45,7 +45,7 @@ */ #include <sendmail.h> -SM_RCSID("@(#)$Id: ratectrl.c,v 8.9 2004/07/07 21:23:57 ca Exp $") +SM_RCSID("@(#)$Id: ratectrl.c,v 8.10 2005/06/14 23:07:23 ca Exp $") /* ** stuff included - given some warnings (inet_ntoa) @@ -56,7 +56,7 @@ SM_RCSID("@(#)$Id: ratectrl.c,v 8.9 2004/07/07 21:23:57 ca Exp $") # include <arpa/inet.h> #endif /* NETINET || NETINET6 */ -#include <sys/time.h> +#include <sm/time.h> #ifndef HASH_ALG # define HASH_ALG 2 diff --git a/contrib/sendmail/src/readcf.c b/contrib/sendmail/src/readcf.c index b362391818bc..f4a37593bea3 100644 --- a/contrib/sendmail/src/readcf.c +++ b/contrib/sendmail/src/readcf.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2004 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2006 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -13,7 +13,7 @@ #include <sendmail.h> -SM_RCSID("@(#)$Id: readcf.c,v 8.642 2004/08/04 21:17:57 ca Exp $") +SM_RCSID("@(#)$Id: readcf.c,v 8.651 2006/03/02 19:17:09 ca Exp $") #if NETINET || NETINET6 # include <arpa/inet.h> @@ -679,7 +679,7 @@ readcf(cfname, safe, e) p = strchr(bp, '='); if (p != NULL) *p++ = '\0'; - setuserenv(&bp[1], p); + sm_setuserenv(&bp[1], p); break; case 'X': /* mail filter */ @@ -2191,6 +2191,26 @@ static struct optioninfo # define O_HELONAME 0xd8 { "HeloName", O_HELONAME, OI_NONE }, #endif /* _FFR_HELONAME */ +#if _FFR_MEMSTAT +# define O_REFUSELOWMEM 0xd9 + { "RefuseLowMem", O_REFUSELOWMEM, OI_NONE }, +# define O_QUEUELOWMEM 0xda + { "QueueLowMem", O_QUEUELOWMEM, OI_NONE }, +# define O_MEMRESOURCE 0xdb + { "MemoryResource", O_MEMRESOURCE, OI_NONE }, +#endif /* _FFR_MEMSTAT */ +#if _FFR_MAXNOOPCOMMANDS +# define O_MAXNOOPCOMMANDS 0xdc + { "MaxNOOPCommands", O_MAXNOOPCOMMANDS, OI_NONE }, +#endif /* _FFR_MAXNOOPCOMMANDS */ +#if _FFR_MSG_ACCEPT +# define O_MSG_ACCEPT 0xdd + { "MessageAccept", O_MSG_ACCEPT, OI_NONE }, +#endif /* _FFR_MSG_ACCEPT */ +#if _FFR_QUEUE_RUN_PARANOIA +# define O_CHK_Q_RUNNERS 0xde + { "CheckQueueRunners", O_CHK_Q_RUNNERS, OI_NONE }, +#endif /* _FFR_QUEUE_RUN_PARANOIA */ { NULL, '\0', OI_NONE } }; @@ -2231,10 +2251,10 @@ setoption(opt, val, safe, sticky, e) #if _FFR_ALLOW_SASLINFO extern unsigned int SubmitMode; #endif /* _FFR_ALLOW_SASLINFO */ -#if STARTTLS +#if STARTTLS || (_FFR_SELECT_SHM && SM_CONF_SHM) char *newval; char exbuf[MAXLINE]; -#endif /* STARTTLS */ +#endif /* STARTTLS || (_FFR_SELECT_SHM && SM_CONF_SHM) */ errno = 0; if (opt == ' ') @@ -2472,6 +2492,10 @@ setoption(opt, val, safe, sticky, e) case SM_DEFER: /* queue only and defer map lookups */ case SM_DELIVER: /* do everything */ case SM_FORK: /* fork after verification */ +#if _FFR_DM_ONE + /* deliver first TA in background, then queue */ + case SM_DM_ONE: +#endif /* _FFR_DM_ONE */ set_delivery_mode(*val, e); break; @@ -3707,9 +3731,38 @@ setoption(opt, val, safe, sticky, e) #if _FFR_HELONAME case O_HELONAME: - HeloName = newstr(val); - break; + HeloName = newstr(val); + break; #endif /* _FFR_HELONAME */ +#if _FFR_MEMSTAT + case O_REFUSELOWMEM: + RefuseLowMem = atoi(val); + break; + case O_QUEUELOWMEM: + QueueLowMem = atoi(val); + break; + case O_MEMRESOURCE: + MemoryResource = newstr(val); + break; +#endif /* _FFR_MEMSTAT */ + +#if _FFR_MAXNOOPCOMMANDS + case O_MAXNOOPCOMMANDS: + MaxNOOPCommands = atoi(val); + break; +#endif /* _FFR_MAXNOOPCOMMANDS */ + +#if _FFR_MSG_ACCEPT + case O_MSG_ACCEPT: + MessageAccept = newstr(val); + break; +#endif /* _FFR_MSG_ACCEPT */ + +#if _FFR_QUEUE_RUN_PARANOIA + case O_CHK_Q_RUNNERS: + CheckQueueRunners = atoi(val); + break; +#endif /* _FFR_QUEUE_RUN_PARANOIA */ default: if (tTd(37, 1)) diff --git a/contrib/sendmail/src/sendmail.h b/contrib/sendmail/src/sendmail.h index ea48a75857cf..302079eaee73 100644 --- a/contrib/sendmail/src/sendmail.h +++ b/contrib/sendmail/src/sendmail.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2005 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2006 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -52,7 +52,7 @@ #ifdef _DEFINE # ifndef lint -SM_UNUSED(static char SmailId[]) = "@(#)$Id: sendmail.h,v 8.993 2005/03/07 18:03:17 ca Exp $"; +SM_UNUSED(static char SmailId[]) = "@(#)$Id: sendmail.h,v 8.1006 2006/02/27 17:49:09 ca Exp $"; # endif /* ! lint */ #endif /* _DEFINE */ @@ -809,13 +809,13 @@ extern struct hdrinfo HdrInfo[]; /* functions */ extern void addheader __P((char *, char *, int, ENVELOPE *)); extern unsigned long chompheader __P((char *, int, HDR **, ENVELOPE *)); -extern void commaize __P((HDR *, char *, bool, MCI *, ENVELOPE *)); +extern bool commaize __P((HDR *, char *, bool, MCI *, ENVELOPE *)); extern HDR *copyheader __P((HDR *, SM_RPOOL_T *)); extern void eatheader __P((ENVELOPE *, bool, bool)); extern char *hvalue __P((char *, HDR *)); extern void insheader __P((int, char *, char *, int, ENVELOPE *)); extern bool isheader __P((char *)); -extern void putfromline __P((MCI *, ENVELOPE *)); +extern bool putfromline __P((MCI *, ENVELOPE *)); extern void setupheaders __P((void)); /* @@ -870,9 +870,9 @@ struct envelope short e_sendmode; /* message send mode */ short e_errormode; /* error return mode */ short e_timeoutclass; /* message timeout class */ - void (*e_puthdr)__P((MCI *, HDR *, ENVELOPE *, int)); + bool (*e_puthdr)__P((MCI *, HDR *, ENVELOPE *, int)); /* function to put header of message */ - void (*e_putbody)__P((MCI *, ENVELOPE *, char *)); + bool (*e_putbody)__P((MCI *, ENVELOPE *, char *)); /* function to put body of message */ ENVELOPE *e_parent; /* the message this one encloses */ ENVELOPE *e_sibling; /* the next envelope of interest */ @@ -965,8 +965,8 @@ extern void dropenvelope __P((ENVELOPE *, bool, bool)); extern ENVELOPE *newenvelope __P((ENVELOPE *, ENVELOPE *, SM_RPOOL_T *)); extern void clrsessenvelope __P((ENVELOPE *)); extern void printenvflags __P((ENVELOPE *)); -extern void putbody __P((MCI *, ENVELOPE *, char *)); -extern void putheader __P((MCI *, HDR *, ENVELOPE *, int)); +extern bool putbody __P((MCI *, ENVELOPE *, char *)); +extern bool putheader __P((MCI *, HDR *, ENVELOPE *, int)); /* ** Message priority classes. @@ -1213,7 +1213,7 @@ MAP #define MF_REGEX_NOT 0x00040000 /* regular expression negation */ #define MF_DEFER 0x00080000 /* don't lookup map in defer mode */ #define MF_SINGLEMATCH 0x00100000 /* successful only if match one key */ -/* 0x00200000 available for use */ +#define MF_SINGLEDN 0x00200000 /* only one match, but multi values */ #define MF_FILECLASS 0x00400000 /* this is a file class map */ #define MF_OPENBOGUS 0x00800000 /* open failed, don't call map_close */ #define MF_CLOSING 0x01000000 /* map is being closed */ @@ -1542,9 +1542,13 @@ extern void stabapply __P((void (*)(STAB *, int), int)); /* values for e_sendmode -- send modes */ #define SM_DELIVER 'i' /* interactive delivery */ #define SM_FORK 'b' /* deliver in background */ +#if _FFR_DM_ONE +#define SM_DM_ONE 'o' /* deliver first TA in background, then queue */ +#endif /* _FFR_DM_ONE */ #define SM_QUEUE 'q' /* queue, don't deliver */ #define SM_DEFER 'd' /* defer map lookups as well as queue */ #define SM_VERIFY 'v' /* verify only (used internally) */ +#define DM_NOTSET (-1) /* DeliveryMode (per daemon) option not set */ #define WILL_BE_QUEUED(m) ((m) == SM_QUEUE || (m) == SM_DEFER) @@ -1650,7 +1654,7 @@ EXTERN unsigned long PrivacyFlags; /* privacy flags */ #define M87F_NO8TO7 0x0004 /* don't do 8->7 bit conversions */ /* functions */ -extern void mime7to8 __P((MCI *, HDR *, ENVELOPE *)); +extern bool mime7to8 __P((MCI *, HDR *, ENVELOPE *)); extern int mime8to7 __P((MCI *, HDR *, ENVELOPE *, char **, int)); /* @@ -1820,11 +1824,12 @@ struct termescape #define TLS_I_SRV_CERT (TLS_I_CERT_EX | TLS_I_KEY_EX | \ TLS_I_KEY_UNR | TLS_I_KEY_OUNR | \ TLS_I_CERTP_EX | TLS_I_CERTF_EX | \ - TLS_I_USE_KEY | TLS_I_USE_CERT) + TLS_I_USE_KEY | TLS_I_USE_CERT | TLS_I_CACHE) /* server requirements */ #define TLS_I_SRV (TLS_I_SRV_CERT | TLS_I_RSA_TMP | TLS_I_VRFY_PATH | \ - TLS_I_VRFY_LOC | TLS_I_TRY_DH | TLS_I_DH512) + TLS_I_VRFY_LOC | TLS_I_TRY_DH | TLS_I_DH512 | \ + TLS_I_CACHE) /* client requirements */ #define TLS_I_CLT (TLS_I_KEY_UNR | TLS_I_KEY_OUNR) @@ -1841,7 +1846,7 @@ extern void setclttls __P((bool)); extern bool initsrvtls __P((bool)); extern int tls_get_info __P((SSL *, bool, char *, MACROS_T *, bool)); extern int endtls __P((SSL *, char *)); -extern void tlslogerr __P((char *)); +extern void tlslogerr __P((const char *)); EXTERN char *CACertPath; /* path to CA certificates (dir. with hashes) */ @@ -2141,11 +2146,13 @@ extern unsigned char tTdvect[100]; /* trace vector */ EXTERN bool AllowBogusHELO; /* allow syntax errors on HELO command */ EXTERN bool CheckAliases; /* parse addresses during newaliases */ +#if _FFR_QUEUE_RUN_PARANOIA +EXTERN int CheckQueueRunners; /* check whether queue runners are OK */ +#endif /* _FFR_QUEUE_RUN_PARANOIA */ EXTERN bool ColonOkInAddr; /* single colon legal in address */ #if !defined(_USE_SUN_NSSWITCH_) && !defined(_USE_DEC_SVC_CONF_) EXTERN bool ConfigFileRead; /* configuration file has been read */ #endif /* !defined(_USE_SUN_NSSWITCH_) && !defined(_USE_DEC_SVC_CONF_) */ -EXTERN bool volatile DataProgress; /* have we sent anything since last check */ EXTERN bool DisConnected; /* running with OutChannel redirect to transcript file */ EXTERN bool DontExpandCnames; /* do not $[...$] expand CNAMEs */ EXTERN bool DontInitGroups; /* avoid initgroups() because of NIS cost */ @@ -2212,9 +2219,14 @@ EXTERN int MaxHopCount; /* max # of hops until bounce */ EXTERN int MaxMacroRecursion; /* maximum depth of macro recursion */ EXTERN int MaxMimeFieldLength; /* maximum MIME field length */ EXTERN int MaxMimeHeaderLength; /* maximum MIME header length */ +EXTERN int MaxNOOPCommands; /* max "noise" commands before slowdown */ EXTERN int MaxRcptPerMsg; /* max recipients per SMTP message */ EXTERN int MaxRuleRecursion; /* maximum depth of ruleset recursion */ +#if _FFR_MSG_ACCEPT +EXTERN char *MessageAccept; +#endif /* _FFR_MSG_ACCEPT */ + EXTERN int MimeMode; /* MIME processing mode */ EXTERN int NoRecipientAction; @@ -2229,6 +2241,11 @@ EXTERN int NumFileSys; /* number of queue file systems */ EXTERN int QueueLA; /* load average starting forced queueing */ EXTERN int RefuseLA; /* load average refusing connections */ EXTERN time_t RejectLogInterval; /* time btwn log msgs while refusing */ +#if _FFR_MEMSTAT +EXTERN long QueueLowMem; /* low memory starting forced queueing */ +EXTERN long RefuseLowMem; /* low memory refusing connections */ +EXTERN char *MemoryResource;/* memory resource to look up */ +#endif /* _FFR_MEMSTAT */ EXTERN int SuperSafe; /* be extra careful, even if expensive */ EXTERN int VendorCode; /* vendor-specific operation enhancements */ EXTERN int Verbose; /* set if blow-by-blow desired */ @@ -2371,6 +2388,7 @@ extern void smtpquit __P((MAILER *, MCI *, ENVELOPE *)); extern int smtprcpt __P((ADDRESS *, MAILER *, MCI *, ENVELOPE *, ADDRESS *, time_t)); extern void smtprset __P((MAILER *, MCI *, ENVELOPE *)); +#define REPLYTYPE(r) ((r) / 100) /* first digit of reply code */ #define ISSMTPCODE(c) (isascii(c[0]) && isdigit(c[0]) && \ isascii(c[1]) && isdigit(c[1]) && \ isascii(c[2]) && isdigit(c[2])) @@ -2519,8 +2537,8 @@ extern void printopenfds __P((bool)); extern void printqueue __P((void)); extern void printrules __P((void)); extern pid_t prog_open __P((char **, int *, ENVELOPE *)); -extern void putline __P((char *, MCI *)); -extern void putxline __P((char *, size_t, MCI *, int)); +extern bool putline __P((char *, MCI *)); +extern bool putxline __P((char *, size_t, MCI *, int)); extern void queueup_macros __P((int, SM_FILE_T *, ENVELOPE *)); extern void readcf __P((char *, bool, ENVELOPE *)); extern SIGFUNC_DECL reapchild __P((int)); @@ -2540,7 +2558,7 @@ extern bool setvendor __P((char *)); extern void set_op_mode __P((int)); extern void setoption __P((int, char *, bool, bool, ENVELOPE *)); extern sigfunc_t setsignal __P((int, sigfunc_t)); -extern void setuserenv __P((const char *, const char *)); +extern void sm_setuserenv __P((const char *, const char *)); extern void settime __P((ENVELOPE *)); extern char *sfgets __P((char *, int, SM_FILE_T *, time_t, char *)); extern char *shortenstring __P((const char *, size_t)); diff --git a/contrib/sendmail/src/sfsasl.c b/contrib/sendmail/src/sfsasl.c index 38eb7aff8010..89fb390a0b93 100644 --- a/contrib/sendmail/src/sfsasl.c +++ b/contrib/sendmail/src/sfsasl.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999-2004 Sendmail, Inc. and its suppliers. + * Copyright (c) 1999-2006 Sendmail, Inc. and its suppliers. * All rights reserved. * * By using this file, you agree to the terms and conditions set @@ -9,7 +9,7 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Id: sfsasl.c,v 8.101 2004/12/15 22:45:55 ca Exp $") +SM_RCSID("@(#)$Id: sfsasl.c,v 8.113 2006/03/02 19:18:27 ca Exp $") #include <stdlib.h> #include <sendmail.h> #include <errno.h> @@ -223,6 +223,9 @@ sasl_read(fp, buf, size) (unsigned int) len, &outbuf, &outlen); if (result != SASL_OK) { + if (LogLevel > 7) + sm_syslog(LOG_WARNING, NOQID, + "AUTH: sasl_decode error=%d", result); outbuf = NULL; offset = 0; outlen = 0; @@ -304,7 +307,7 @@ sasl_write(fp, buf, size) */ result = sasl_getprop(so->conn, SASL_MAXOUTBUF, - (const void **) &maxencode); + (const void **) &maxencode); if (result == SASL_OK && size > *maxencode && *maxencode > 0) size = *maxencode; @@ -312,7 +315,12 @@ sasl_write(fp, buf, size) (unsigned int) size, &outbuf, &outlen); if (result != SASL_OK) + { + if (LogLevel > 7) + sm_syslog(LOG_WARNING, NOQID, + "AUTH: sasl_encode error=%d", result); return -1; + } if (outbuf != NULL) { @@ -541,6 +549,125 @@ tls_close(fp) # define MAX_TLS_IOS 4 /* +** TLS_RETRY -- check whether a failed SSL operation can be retried +** +** Parameters: +** ssl -- TLS structure +** rfd -- read fd +** wfd -- write fd +** tlsstart -- start time of TLS operation +** timeout -- timeout for TLS operation +** err -- SSL error +** where -- description of operation +** +** Results: +** >0 on success +** 0 on timeout +** <0 on error +*/ + +int +tls_retry(ssl, rfd, wfd, tlsstart, timeout, err, where) + SSL *ssl; + int rfd; + int wfd; + time_t tlsstart; + int timeout; + int err; + const char *where; +{ + int ret; + time_t left; + time_t now = curtime(); + struct timeval tv; + + ret = -1; + + /* + ** For SSL_ERROR_WANT_{READ,WRITE}: + ** There is not a complete SSL record available yet + ** or there is only a partial SSL record removed from + ** the network (socket) buffer into the SSL buffer. + ** The SSL_connect will only succeed when a full + ** SSL record is available (assuming a "real" error + ** doesn't happen). To handle when a "real" error + ** does happen the select is set for exceptions too. + ** The connection may be re-negotiated during this time + ** so both read and write "want errors" need to be handled. + ** A select() exception loops back so that a proper SSL + ** error message can be gotten. + */ + + left = timeout - (now - tlsstart); + if (left <= 0) + return 0; /* timeout */ + tv.tv_sec = left; + tv.tv_usec = 0; + + if (LogLevel > 14) + { + sm_syslog(LOG_INFO, NOQID, + "STARTTLS=%s, info: fds=%d/%d, err=%d", + where, rfd, wfd, err); + } + + if (FD_SETSIZE > 0 && + ((err == SSL_ERROR_WANT_READ && rfd >= FD_SETSIZE) || + (err == SSL_ERROR_WANT_WRITE && wfd >= FD_SETSIZE))) + { + if (LogLevel > 5) + { + sm_syslog(LOG_ERR, NOQID, + "STARTTLS=%s, error: fd %d/%d too large", + where, rfd, wfd); + if (LogLevel > 8) + tlslogerr(where); + } + errno = EINVAL; + } + else if (err == SSL_ERROR_WANT_READ) + { + fd_set ssl_maskr, ssl_maskx; + + FD_ZERO(&ssl_maskr); + FD_SET(rfd, &ssl_maskr); + FD_ZERO(&ssl_maskx); + FD_SET(rfd, &ssl_maskx); + do + { + ret = select(rfd + 1, &ssl_maskr, NULL, &ssl_maskx, + &tv); + } while (ret < 0 && errno == EINTR); + if (ret < 0 && errno > 0) + ret = -errno; + } + else if (err == SSL_ERROR_WANT_WRITE) + { + fd_set ssl_maskw, ssl_maskx; + + FD_ZERO(&ssl_maskw); + FD_SET(wfd, &ssl_maskw); + FD_ZERO(&ssl_maskx); + FD_SET(rfd, &ssl_maskx); + do + { + ret = select(wfd + 1, NULL, &ssl_maskw, &ssl_maskx, + &tv); + } while (ret < 0 && errno == EINTR); + if (ret < 0 && errno > 0) + ret = -errno; + } + return ret; +} + +/* errno to force refill() etc to stop (see IS_IO_ERROR()) */ +#ifdef ETIMEDOUT +# define SM_ERR_TIMEOUT ETIMEDOUT +#else /* ETIMEDOUT */ +# define SM_ERR_TIMEOUT EIO +#endif /* ETIMEDOUT */ + +/* ** TLS_READ -- read secured information for the caller ** ** Parameters: @@ -561,38 +688,42 @@ tls_read(fp, buf, size) char *buf; size_t size; { - int r; - static int again = MAX_TLS_IOS; + int r, rfd, wfd, try, ssl_err; struct tls_obj *so = (struct tls_obj *) fp->f_cookie; + time_t tlsstart; char *err; + try = 99; + err = NULL; + tlsstart = curtime(); + + retry: r = SSL_read(so->con, (char *) buf, size); if (r > 0) - { - again = MAX_TLS_IOS; return r; - } err = NULL; - switch (SSL_get_error(so->con, r)) + switch (ssl_err = SSL_get_error(so->con, r)) { case SSL_ERROR_NONE: case SSL_ERROR_ZERO_RETURN: - again = MAX_TLS_IOS; break; case SSL_ERROR_WANT_WRITE: - if (--again <= 0) - err = "read W BLOCK"; - else - errno = EAGAIN; - break; + err = "read W BLOCK"; + /* FALLTHROUGH */ case SSL_ERROR_WANT_READ: - if (--again <= 0) + if (err == NULL) err = "read R BLOCK"; - else - errno = EAGAIN; + rfd = SSL_get_rfd(so->con); + wfd = SSL_get_wfd(so->con); + try = tls_retry(so->con, rfd, wfd, tlsstart, + TimeOuts.to_datablock, ssl_err, "read"); + if (try > 0) + goto retry; + errno = SM_ERR_TIMEOUT; break; + case SSL_ERROR_WANT_X509_LOOKUP: err = "write X BLOCK"; break; @@ -625,15 +756,22 @@ tls_read(fp, buf, size) int save_errno; save_errno = (errno == 0) ? EIO : errno; - again = MAX_TLS_IOS; - if (LogLevel > 9) + if (try == 0 && save_errno == SM_ERR_TIMEOUT) + { + if (LogLevel > 7) + sm_syslog(LOG_WARNING, NOQID, + "STARTTLS: read error=timeout"); + } + else if (LogLevel > 8) sm_syslog(LOG_WARNING, NOQID, - "STARTTLS: read error=%s (%d), errno=%d, get_error=%s", + "STARTTLS: read error=%s (%d), errno=%d, get_error=%s, retry=%d, ssl_err=%d", err, r, errno, - ERR_error_string(ERR_get_error(), NULL)); + ERR_error_string(ERR_get_error(), NULL), try, + ssl_err); else if (LogLevel > 7) sm_syslog(LOG_WARNING, NOQID, - "STARTTLS: read error=%s (%d)", err, r); + "STARTTLS: read error=%s (%d), retry=%d, ssl_err=%d", + err, r, errno, try, ssl_err); errno = save_errno; } return r; @@ -660,36 +798,39 @@ tls_write(fp, buf, size) const char *buf; size_t size; { - int r; - static int again = MAX_TLS_IOS; + int r, rfd, wfd, try, ssl_err; struct tls_obj *so = (struct tls_obj *) fp->f_cookie; + time_t tlsstart; char *err; + try = 99; + err = NULL; + tlsstart = curtime(); + + retry: r = SSL_write(so->con, (char *) buf, size); if (r > 0) - { - again = MAX_TLS_IOS; return r; - } err = NULL; - switch (SSL_get_error(so->con, r)) + switch (ssl_err = SSL_get_error(so->con, r)) { case SSL_ERROR_NONE: case SSL_ERROR_ZERO_RETURN: - again = MAX_TLS_IOS; break; case SSL_ERROR_WANT_WRITE: - if (--again <= 0) - err = "write W BLOCK"; - else - errno = EAGAIN; - break; + err = "read W BLOCK"; + /* FALLTHROUGH */ case SSL_ERROR_WANT_READ: - if (--again <= 0) - err = "write R BLOCK"; - else - errno = EAGAIN; + if (err == NULL) + err = "read R BLOCK"; + rfd = SSL_get_rfd(so->con); + wfd = SSL_get_wfd(so->con); + try = tls_retry(so->con, rfd, wfd, tlsstart, + DATA_PROGRESS_TIMEOUT, ssl_err, "write"); + if (try > 0) + goto retry; + errno = SM_ERR_TIMEOUT; break; case SSL_ERROR_WANT_X509_LOOKUP: err = "write X BLOCK"; @@ -722,15 +863,22 @@ tls_write(fp, buf, size) int save_errno; save_errno = (errno == 0) ? EIO : errno; - again = MAX_TLS_IOS; - if (LogLevel > 9) + if (try == 0 && save_errno == SM_ERR_TIMEOUT) + { + if (LogLevel > 7) + sm_syslog(LOG_WARNING, NOQID, + "STARTTLS: write error=timeout"); + } + else if (LogLevel > 8) sm_syslog(LOG_WARNING, NOQID, - "STARTTLS: write error=%s (%d), errno=%d, get_error=%s", + "STARTTLS: write error=%s (%d), errno=%d, get_error=%s, retry=%d, ssl_err=%d", err, r, errno, - ERR_error_string(ERR_get_error(), NULL)); + ERR_error_string(ERR_get_error(), NULL), try, + ssl_err); else if (LogLevel > 7) sm_syslog(LOG_WARNING, NOQID, - "STARTTLS: write error=%s (%d)", err, r); + "STARTTLS: write error=%s (%d), errno=%d, retry=%d, ssl_err=%d", + err, r, errno, try, ssl_err); errno = save_errno; } return r; diff --git a/contrib/sendmail/src/sfsasl.h b/contrib/sendmail/src/sfsasl.h index c75418a1f3b8..1cc1892d4bb3 100644 --- a/contrib/sendmail/src/sfsasl.h +++ b/contrib/sendmail/src/sfsasl.h @@ -1,12 +1,12 @@ /* - * Copyright (c) 1999, 2000 Sendmail, Inc. and its suppliers. + * Copyright (c) 1999, 2000, 2006 Sendmail, Inc. and its suppliers. * All rights reserved. * * By using this file, you agree to the terms and conditions set * forth in the LICENSE file which can be found at the top level of * the sendmail distribution. * - * $Id: sfsasl.h,v 8.17 2000/09/19 21:30:49 ca Exp $" + * $Id: sfsasl.h,v 8.19 2006/02/27 19:53:37 ca Exp $" */ #ifndef SFSASL_H @@ -17,6 +17,8 @@ extern int sfdcsasl __P((SM_FILE_T **, SM_FILE_T **, sasl_conn_t *)); #endif /* SASL */ # if STARTTLS +extern int tls_retry __P((SSL *, int, int, time_t, int, int, + const char *)); extern int sfdctls __P((SM_FILE_T **, SM_FILE_T **, SSL *)); # endif /* STARTTLS */ diff --git a/contrib/sendmail/src/srvrsmtp.c b/contrib/sendmail/src/srvrsmtp.c index bfa2872b3a29..e5cfdcf7a065 100644 --- a/contrib/sendmail/src/srvrsmtp.c +++ b/contrib/sendmail/src/srvrsmtp.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2005 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2006 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -17,9 +17,9 @@ # include <libmilter/mfdef.h> #endif /* MILTER */ -SM_RCSID("@(#)$Id: srvrsmtp.c,v 8.906 2005/03/16 00:36:09 ca Exp $") +SM_RCSID("@(#)$Id: srvrsmtp.c,v 8.922 2006/02/28 00:42:13 ca Exp $") -#include <sys/time.h> +#include <sm/time.h> #include <sm/fdset.h> #if SASL || STARTTLS @@ -36,6 +36,9 @@ static SSL_CTX *srv_ctx = NULL; /* TLS server context */ static SSL *srv_ssl = NULL; /* per connection context */ static bool tls_ok_srv = false; +#if _FFR_DM_ONE +static bool NotFirstDelivery = false; +#endif /* _FFR_DM_ONE */ extern void tls_set_verify __P((SSL_CTX *, SSL *, bool)); # define TLS_VERIFY_CLIENT() tls_set_verify(srv_ctx, srv_ssl, \ @@ -221,9 +224,6 @@ static char *CurSmtpClient; /* who's at the other end of channel */ #ifndef MAXBADCOMMANDS # define MAXBADCOMMANDS 25 /* maximum number of bad commands */ #endif /* ! MAXBADCOMMANDS */ -#ifndef MAXNOOPCOMMANDS -# define MAXNOOPCOMMANDS 20 /* max "noise" commands before slowdown */ -#endif /* ! MAXNOOPCOMMANDS */ #ifndef MAXHELOCOMMANDS # define MAXHELOCOMMANDS 3 /* max HELO/EHLO commands before slowdown */ #endif /* ! MAXHELOCOMMANDS */ @@ -292,6 +292,24 @@ static bool smtp_data __P((SMTP_T *, ENVELOPE *)); \ switch (state) \ { \ + case SMFIR_SHUTDOWN: \ + if (MilterLogLevel > 3) \ + { \ + sm_syslog(LOG_INFO, e->e_id, \ + "Milter: %s=%s, reject=421, errormode=4", \ + str, addr); \ + LogUsrErrs = false; \ + } \ + { \ + bool tsave = QuickAbort; \ + \ + QuickAbort = false; \ + usrerr("421 4.3.0 closing connection"); \ + QuickAbort = tsave; \ + e->e_sendqueue = NULL; \ + goto doquit; \ + } \ + break; \ case SMFIR_REPLYCODE: \ if (MilterLogLevel > 3) \ { \ @@ -300,7 +318,8 @@ static bool smtp_data __P((SMTP_T *, ENVELOPE *)); str, addr, response); \ LogUsrErrs = false; \ } \ - if (strncmp(response, "421 ", 4) == 0) \ + if (strncmp(response, "421 ", 4) == 0 \ + || strncmp(response, "421-", 4) == 0) \ { \ bool tsave = QuickAbort; \ \ @@ -504,7 +523,6 @@ smtp(nullserver, d_flags, e) #endif /* SASL */ int r; #if STARTTLS - int fdfl; int rfd, wfd; volatile bool tls_active = false; volatile bool smtps = bitnset(D_SMTPS, d_flags); @@ -810,6 +828,19 @@ smtp(nullserver, d_flags, e) tempfail = true; smtp.sm_milterize = false; break; + + case SMFIR_SHUTDOWN: + if (MilterLogLevel > 3) + sm_syslog(LOG_INFO, e->e_id, + "Milter: initialization failed, closing connection"); + tempfail = true; + smtp.sm_milterize = false; + message("421 4.7.0 %s closing connection", + MyHostName); + + /* arrange to ignore send list */ + e->e_sendqueue = NULL; + goto doquit; } } @@ -896,6 +927,9 @@ smtp(nullserver, d_flags, e) int fd; fd_set readfds; struct timeval timeout; +#if _FFR_LOG_GREET_PAUSE + struct timeval bp, ep, tp; /* {begin,end,total}pause */ +#endif /* _FFR_LOG_GREET_PAUSE */ /* pause for a moment */ timeout.tv_sec = msecs / 1000; @@ -912,16 +946,32 @@ smtp(nullserver, d_flags, e) fd = sm_io_getinfo(InChannel, SM_IO_WHAT_FD, NULL); FD_ZERO(&readfds); SM_FD_SET(fd, &readfds); +#if _FFR_LOG_GREET_PAUSE + gettimeofday(&bp, NULL); +#endif /* _FFR_LOG_GREET_PAUSE */ if (select(fd + 1, FDSET_CAST &readfds, NULL, NULL, &timeout) > 0 && FD_ISSET(fd, &readfds)) { +#if _FFR_LOG_GREET_PAUSE + gettimeofday(&ep, NULL); + timersub(&ep, &bp, &tp); +#endif /* _FFR_LOG_GREET_PAUSE */ greetcode = "554"; nullserver = "Command rejected"; sm_syslog(LOG_INFO, e->e_id, +#if _FFR_LOG_GREET_PAUSE + "rejecting commands from %s [%s] after %d seconds due to pre-greeting traffic", +#else /* _FFR_LOG_GREET_PAUSE */ "rejecting commands from %s [%s] due to pre-greeting traffic", +#endif /* _FFR_LOG_GREET_PAUSE */ peerhostname, - anynet_ntoa(&RealHostAddr)); + anynet_ntoa(&RealHostAddr) +#if _FFR_LOG_GREET_PAUSE + , (int) tp.tv_sec + + (tp.tv_usec >= 500000 ? 1 : 0) +#endif /* _FFR_LOG_GREET_PAUSE */ + ); } } } @@ -1693,97 +1743,26 @@ smtp(nullserver, d_flags, e) # define SSL_ACC(s) SSL_accept(s) tlsstart = curtime(); - fdfl = fcntl(rfd, F_GETFL); - if (fdfl != -1) - fcntl(rfd, F_SETFL, fdfl|O_NONBLOCK); ssl_retry: if ((r = SSL_ACC(srv_ssl)) <= 0) { - int i; - bool timedout; - time_t left; - time_t now = curtime(); - struct timeval tv; + int i, ssl_err; - /* what to do in this case? */ - i = SSL_get_error(srv_ssl, r); + ssl_err = SSL_get_error(srv_ssl, r); + i = tls_retry(srv_ssl, rfd, wfd, tlsstart, + TimeOuts.to_starttls, ssl_err, + "server"); + if (i > 0) + goto ssl_retry; - /* - ** For SSL_ERROR_WANT_{READ,WRITE}: - ** There is no SSL record available yet - ** or there is only a partial SSL record - ** removed from the network (socket) buffer - ** into the SSL buffer. The SSL_accept will - ** only succeed when a full SSL record is - ** available (assuming a "real" error - ** doesn't happen). To handle when a "real" - ** error does happen the select is set for - ** exceptions too. - ** The connection may be re-negotiated - ** during this time so both read and write - ** "want errors" need to be handled. - ** A select() exception loops back so that - ** a proper SSL error message can be gotten. - */ - - left = TimeOuts.to_starttls - (now - tlsstart); - timedout = left <= 0; - if (!timedout) - { - tv.tv_sec = left; - tv.tv_usec = 0; - } - - if (!timedout && FD_SETSIZE > 0 && - (rfd >= FD_SETSIZE || - (i == SSL_ERROR_WANT_WRITE && - wfd >= FD_SETSIZE))) - { - if (LogLevel > 5) - { - sm_syslog(LOG_ERR, NOQID, - "STARTTLS=server, error: fd %d/%d too large", - rfd, wfd); - if (LogLevel > 8) - tlslogerr("server"); - } - goto tlsfail; - } - - /* XXX what about SSL_pending() ? */ - if (!timedout && i == SSL_ERROR_WANT_READ) - { - fd_set ssl_maskr, ssl_maskx; - - FD_ZERO(&ssl_maskr); - FD_SET(rfd, &ssl_maskr); - FD_ZERO(&ssl_maskx); - FD_SET(rfd, &ssl_maskx); - if (select(rfd + 1, &ssl_maskr, NULL, - &ssl_maskx, &tv) > 0) - goto ssl_retry; - } - if (!timedout && i == SSL_ERROR_WANT_WRITE) - { - fd_set ssl_maskw, ssl_maskx; - - FD_ZERO(&ssl_maskw); - FD_SET(wfd, &ssl_maskw); - FD_ZERO(&ssl_maskx); - FD_SET(rfd, &ssl_maskx); - if (select(wfd + 1, NULL, &ssl_maskw, - &ssl_maskx, &tv) > 0) - goto ssl_retry; - } if (LogLevel > 5) { sm_syslog(LOG_WARNING, NOQID, - "STARTTLS=server, error: accept failed=%d, SSL_error=%d, timedout=%d, errno=%d", - r, i, (int) timedout, errno); + "STARTTLS=server, error: accept failed=%d, SSL_error=%d, errno=%d, retry=%d", + r, ssl_err, errno, i); if (LogLevel > 8) tlslogerr("server"); } -tlsfail: tls_ok_srv = false; SSL_free(srv_ssl); srv_ssl = NULL; @@ -1798,9 +1777,6 @@ tlsfail: goto doquit; } - if (fdfl != -1) - fcntl(rfd, F_SETFL, fdfl); - /* ignore return code for now, it's in {verify} */ (void) tls_get_info(srv_ssl, true, CurSmtpClient, @@ -1998,10 +1974,8 @@ tlsfail: q = "accepting invalid domain name"; } - if (gothello) - { + if (gothello || smtp.sm_gotmail) CLEAR_STATE(cmdbuf); - } #if MILTER if (smtp.sm_milterlist && smtp.sm_milterize && @@ -2039,6 +2013,19 @@ tlsfail: tempfail = true; smtp.sm_milterize = false; break; + + case SMFIR_SHUTDOWN: + if (MilterLogLevel > 3) + sm_syslog(LOG_INFO, e->e_id, + "Milter: Milter: helo=%s, reject=421 4.7.0 %s closing connection", + p, MyHostName); + tempfail = true; + smtp.sm_milterize = false; + message("421 4.7.0 %s closing connection", + MyHostName); + /* arrange to ignore send list */ + e->e_sendqueue = NULL; + goto doquit; } if (response != NULL) sm_free(response); @@ -2475,7 +2462,11 @@ tlsfail: goto rcpt_done; } - if (e->e_sendmode != SM_DELIVER) + if (e->e_sendmode != SM_DELIVER +#if _FFR_DM_ONE + && (NotFirstDelivery || SM_DM_ONE != e->e_sendmode) +#endif /* _FFR_DM_ONE */ + ) e->e_flags |= EF_VRFYONLY; #if MILTER @@ -2900,7 +2891,7 @@ tlsfail: case CMDNOOP: /* noop -- do nothing */ DELAY_CONN("NOOP"); - STOP_IF_ATTACK(checksmtpattack(&n_noop, MAXNOOPCOMMANDS, + STOP_IF_ATTACK(checksmtpattack(&n_noop, MaxNOOPCommands, true, "NOOP", e)); message("250 2.0.0 OK"); break; @@ -2974,6 +2965,9 @@ doquit: finis(true, true, ExitStat); /* NOTREACHED */ + /* just to avoid bogus warning from some compilers */ + exit(EX_OSERR); + case CMDVERB: /* set verbose mode */ DELAY_CONN("VERB"); if (!bitset(SRV_OFFER_EXPN, features) || @@ -2983,7 +2977,7 @@ doquit: message("502 5.7.0 Verbose unavailable"); break; } - STOP_IF_ATTACK(checksmtpattack(&n_noop, MAXNOOPCOMMANDS, + STOP_IF_ATTACK(checksmtpattack(&n_noop, MaxNOOPCommands, true, "VERB", e)); Verbose = 1; set_delivery_mode(SM_DELIVER, e); @@ -3044,7 +3038,8 @@ doquit: MILTER_REPLY("unknown"); if (state == SMFIR_REPLYCODE || state == SMFIR_REJECT || - state == SMFIR_TEMPFAIL) + state == SMFIR_TEMPFAIL || + state == SMFIR_SHUTDOWN) { /* MILTER_REPLY already gave an error */ break; @@ -3111,6 +3106,7 @@ smtp_data(smtp, e) char *id; char *oldid; char buf[32]; + bool rv = true; SmtpPhase = "server DATA"; if (!smtp->sm_gotmail) @@ -3149,7 +3145,8 @@ smtp_data(smtp, e) LogUsrErrs = false; } usrerr(response); - if (strncmp(response, "421 ", 4) == 0) + if (strncmp(response, "421 ", 4) == 0 + || strncmp(response, "421-", 4) == 0) { e->e_sendqueue = NULL; return false; @@ -3183,6 +3180,18 @@ smtp_data(smtp, e) } usrerr(MSG_TEMPFAIL); return true; + + case SMFIR_SHUTDOWN: + if (MilterLogLevel > 3) + { + sm_syslog(LOG_INFO, e->e_id, + "Milter: cmd=data, reject=421 4.7.0 %s closing connection", + MyHostName); + LogUsrErrs = false; + } + usrerr("421 4.7.0 %s closing connection", MyHostName); + e->e_sendqueue = NULL; + return false; } LogUsrErrs = savelogusrerrs; if (response != NULL) @@ -3273,6 +3282,16 @@ smtp_data(smtp, e) milteraccept = false; usrerr(MSG_TEMPFAIL); break; + + case SMFIR_SHUTDOWN: + if (MilterLogLevel > 3) + sm_syslog(LOG_INFO, e->e_id, + "Milter: data, reject=421 4.7.0 %s closing connection", + MyHostName); + milteraccept = false; + usrerr("421 4.7.0 %s closing connection", MyHostName); + rv = false; + break; } if (response != NULL) sm_free(response); @@ -3451,8 +3470,26 @@ smtp_data(smtp, e) } else { + int mode; + /* send to all recipients */ - sendall(ee, SM_DEFAULT); + mode = SM_DEFAULT; +#if _FFR_DM_ONE + if (SM_DM_ONE == e->e_sendmode) + { + if (NotFirstDelivery) + { + mode = SM_QUEUE; + e->e_sendmode = SM_QUEUE; + } + else + { + mode = SM_FORK; + NotFirstDelivery = true; + } + } +#endif /* _FFR_DM_ONE */ + sendall(ee, mode); } ee->e_to = NULL; } @@ -3462,6 +3499,16 @@ smtp_data(smtp, e) CurEnv->e_id = id; /* issue success message */ +#if _FFR_MSG_ACCEPT + if (MessageAccept != NULL && *MessageAccept != '\0') + { + char msg[MAXLINE]; + + expand(MessageAccept, msg, sizeof msg, e); + message("250 2.0.0 %s", msg); + } + else +#endif /* _FFR_MSG_ACCEPT */ message("250 2.0.0 %s Message accepted for delivery", id); CurEnv->e_id = oldid; @@ -3566,7 +3613,7 @@ smtp_data(smtp, e) macdefine(&e->e_macro, A_PERM, macid("{quarantine}"), e->e_quarmsg); } - return true; + return rv; } /* ** LOGUNDELRCPTS -- log undelivered (or all) recipients. diff --git a/contrib/sendmail/src/timers.c b/contrib/sendmail/src/timers.c index 43dd73a0f336..fdace0150029 100644 --- a/contrib/sendmail/src/timers.c +++ b/contrib/sendmail/src/timers.c @@ -11,11 +11,11 @@ */ #include <sm/gen.h> -SM_RCSID("@(#)$Id: timers.c,v 8.24 2001/09/11 04:05:17 gshapiro Exp $") +SM_RCSID("@(#)$Id: timers.c,v 8.25 2005/06/14 23:07:23 ca Exp $") #if _FFR_TIMERS # include <sys/types.h> -# include <sys/time.h> +# include <sm/time.h> # include "sendmail.h" # include <sys/resource.h> /* Must be after sendmail.h for NCR MP-RAS */ diff --git a/contrib/sendmail/src/tls.c b/contrib/sendmail/src/tls.c index 3b915cb055c9..dc4a1d92d91e 100644 --- a/contrib/sendmail/src/tls.c +++ b/contrib/sendmail/src/tls.c @@ -10,7 +10,7 @@ #include <sendmail.h> -SM_RCSID("@(#)$Id: tls.c,v 8.97 2005/03/08 22:20:52 ca Exp $") +SM_RCSID("@(#)$Id: tls.c,v 8.102 2006/03/02 19:18:27 ca Exp $") #if STARTTLS # include <openssl/err.h> @@ -497,6 +497,15 @@ tls_safe_f(var, sff, srv) ** succeeded? */ +/* +** The session_id_context identifies the service that created a session. +** This information is used to distinguish between multiple TLS-based +** servers running on the same server. We use the name of the mail system. +** Note: the session cache is not persistent. +*/ + +static char server_session_id_context[] = "sendmail8"; + bool inittls(ctx, req, srv, certfile, keyfile, cacertpath, cacertfile, dhparam) SSL_CTX **ctx; @@ -972,8 +981,20 @@ inittls(ctx, req, srv, certfile, keyfile, cacertpath, cacertfile, dhparam) /* XXX do we need this cache here? */ if (bitset(TLS_I_CACHE, req)) - SSL_CTX_sess_set_cache_size(*ctx, 128); - /* timeout? SSL_CTX_set_timeout(*ctx, TimeOut...); */ + { + SSL_CTX_sess_set_cache_size(*ctx, 1); + SSL_CTX_set_timeout(*ctx, 1); + SSL_CTX_set_session_id_context(*ctx, + (void *) &server_session_id_context, + sizeof(server_session_id_context)); + (void) SSL_CTX_set_session_cache_mode(*ctx, + SSL_SESS_CACHE_SERVER); + } + else + { + (void) SSL_CTX_set_session_cache_mode(*ctx, + SSL_SESS_CACHE_OFF); + } /* load certificate locations and default CA paths */ if (bitset(TLS_S_CERTP_EX, status) && bitset(TLS_S_CERTF_EX, status)) @@ -1557,7 +1578,7 @@ tls_verify_cb(ctx, unused) void tlslogerr(who) - char *who; + const char *who; { unsigned long l; int line, flags; diff --git a/contrib/sendmail/src/udb.c b/contrib/sendmail/src/udb.c index aaf856928615..83312300f467 100644 --- a/contrib/sendmail/src/udb.c +++ b/contrib/sendmail/src/udb.c @@ -14,9 +14,9 @@ #include <sendmail.h> #if USERDB -SM_RCSID("@(#)$Id: udb.c,v 8.160 2003/04/03 16:32:46 ca Exp $ (with USERDB)") +SM_RCSID("@(#)$Id: udb.c,v 8.161 2005/08/31 21:34:20 ca Exp $ (with USERDB)") #else /* USERDB */ -SM_RCSID("@(#)$Id: udb.c,v 8.160 2003/04/03 16:32:46 ca Exp $ (without USERDB)") +SM_RCSID("@(#)$Id: udb.c,v 8.161 2005/08/31 21:34:20 ca Exp $ (without USERDB)") #endif /* USERDB */ #if USERDB @@ -137,7 +137,7 @@ udbexpand(a, sendq, aliaslevel, e) int keylen; int naddrs; char *user; - char keybuf[MAXKEY]; + char keybuf[MAXUDBKEY]; memset(&key, '\0', sizeof key); memset(&info, '\0', sizeof info); @@ -597,7 +597,7 @@ udbmatch(user, field, rpool) int i; int keylen; DBT key, info; - char keybuf[MAXKEY]; + char keybuf[MAXUDBKEY]; if (tTd(28, 1)) sm_dprintf("udbmatch(%s, %s)\n", user, field); @@ -1232,7 +1232,7 @@ hes_udb_get(key, info) { char *name, *type; char **hp; - char kbuf[MAXKEY + 1]; + char kbuf[MAXUDBKEY + 1]; if (sm_strlcpy(kbuf, key->data, sizeof kbuf) >= sizeof kbuf) return 0; diff --git a/contrib/sendmail/src/usersmtp.c b/contrib/sendmail/src/usersmtp.c index bd3de971045e..0c5195eb9fef 100644 --- a/contrib/sendmail/src/usersmtp.c +++ b/contrib/sendmail/src/usersmtp.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2005 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2006 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -13,12 +13,11 @@ #include <sendmail.h> -SM_RCSID("@(#)$Id: usersmtp.c,v 8.463 2005/03/16 00:36:09 ca Exp $") +SM_RCSID("@(#)$Id: usersmtp.c,v 8.467 2006/03/19 06:07:56 ca Exp $") #include <sysexits.h> -static void datatimeout __P((int)); static void esmtp_check __P((char *, bool, MAILER *, MCI *, ENVELOPE *)); static void helo_options __P((char *, bool, MAILER *, MCI *, ENVELOPE *)); static int smtprcptstat __P((ADDRESS *, MAILER *, MCI *, ENVELOPE *)); @@ -34,7 +33,6 @@ extern void sm_sasl_free __P((void *)); ** This protocol is described in RFC821. */ -#define REPLYTYPE(r) ((r) / 100) /* first digit of reply code */ #define REPLYCLASS(r) (((r) / 10) % 10) /* second digit of reply code */ #define SMTPCLOSING 421 /* "Service Shutting Down" */ @@ -2491,9 +2489,6 @@ smtprcptstat(to, m, mci, e) ** exit status corresponding to DATA command. */ -static jmp_buf CtxDataTimeout; -static SM_EVENT *volatile DataTimeout = NULL; - int smtpdata(m, mci, e, ctladdr, xstart) MAILER *m; @@ -2505,7 +2500,7 @@ smtpdata(m, mci, e, ctladdr, xstart) register int r; int rstat; int xstat; - time_t timeout; + int timeout; char *enhsc; /* @@ -2629,43 +2624,22 @@ smtpdata(m, mci, e, ctladdr, xstart) ** factor. The main thing is that it should not be infinite. */ - if (setjmp(CtxDataTimeout) != 0) - { - mci->mci_errno = errno; - mci->mci_state = MCIS_ERROR; - mci_setstat(mci, EX_TEMPFAIL, "4.4.2", NULL); - - /* - ** If putbody() couldn't finish due to a timeout, - ** rewind it here in the timeout handler. See - ** comments at the end of putbody() for reasoning. - */ - - if (e->e_dfp != NULL) - (void) bfrewind(e->e_dfp); - - errno = mci->mci_errno; - syserr("451 4.4.1 timeout writing message to %s", CurHostName); - smtpquit(m, mci, e); - return EX_TEMPFAIL; - } - if (tTd(18, 101)) { /* simulate a DATA timeout */ - timeout = 1; + timeout = 10; } else - timeout = DATA_PROGRESS_TIMEOUT; - - DataTimeout = sm_setevent(timeout, datatimeout, 0); + timeout = DATA_PROGRESS_TIMEOUT * 1000; + sm_io_setinfo(mci->mci_out, SM_IO_WHAT_TIMEOUT, &timeout); /* ** Output the actual message. */ - (*e->e_puthdr)(mci, e->e_header, e, M87F_OUTER); + if (!(*e->e_puthdr)(mci, e->e_header, e, M87F_OUTER)) + goto writeerr; if (tTd(18, 101)) { @@ -2673,14 +2647,13 @@ smtpdata(m, mci, e, ctladdr, xstart) (void) sleep(2); } - (*e->e_putbody)(mci, e, NULL); + if (!(*e->e_putbody)(mci, e, NULL)) + goto writeerr; /* ** Cleanup after sending message. */ - if (DataTimeout != NULL) - sm_clrevent(DataTimeout); #if PIPELINING } @@ -2720,7 +2693,9 @@ smtpdata(m, mci, e, ctladdr, xstart) } /* terminate the message */ - (void) sm_io_fprintf(mci->mci_out, SM_TIME_DEFAULT, ".%s", m->m_eol); + if (sm_io_fprintf(mci->mci_out, SM_TIME_DEFAULT, ".%s", m->m_eol) == + SM_IO_EOF) + goto writeerr; if (TrafficLogFile != NULL) (void) sm_io_fprintf(TrafficLogFile, SM_TIME_DEFAULT, "%05d >>> .\n", (int) CurrentPid); @@ -2771,51 +2746,27 @@ smtpdata(m, mci, e, ctladdr, xstart) shortenstring(SmtpReplyBuffer, 403)); } return rstat; -} -static void -datatimeout(ignore) - int ignore; -{ - int save_errno = errno; + writeerr: + mci->mci_errno = errno; + mci->mci_state = MCIS_ERROR; + mci_setstat(mci, EX_TEMPFAIL, "4.4.2", NULL); /* - ** NOTE: THIS CAN BE CALLED FROM A SIGNAL HANDLER. DO NOT ADD - ** ANYTHING TO THIS ROUTINE UNLESS YOU KNOW WHAT YOU ARE - ** DOING. + ** If putbody() couldn't finish due to a timeout, + ** rewind it here in the timeout handler. See + ** comments at the end of putbody() for reasoning. */ - if (DataProgress) - { - time_t timeout; - - /* check back again later */ - if (tTd(18, 101)) - { - /* simulate a DATA timeout */ - timeout = 1; - } - else - timeout = DATA_PROGRESS_TIMEOUT; - - /* reset the timeout */ - DataTimeout = sm_sigsafe_setevent(timeout, datatimeout, 0); - DataProgress = false; - } - else - { - /* event is done */ - DataTimeout = NULL; - } + if (e->e_dfp != NULL) + (void) bfrewind(e->e_dfp); - /* if no progress was made or problem resetting event, die now */ - if (DataTimeout == NULL) - { - errno = ETIMEDOUT; - longjmp(CtxDataTimeout, 1); - } - errno = save_errno; + errno = mci->mci_errno; + syserr("451 4.4.1 timeout writing message to %s", CurHostName); + smtpquit(m, mci, e); + return EX_TEMPFAIL; } + /* ** SMTPGETSTAT -- get status code from DATA in LMTP ** @@ -3021,6 +2972,8 @@ smtprset(m, mci, e) if (mci->mci_state != MCIS_SSD && mci->mci_state != MCIS_CLOSED) mci->mci_state = MCIS_OPEN; + else if (mci->mci_exitstat == EX_OK) + mci_setstat(mci, EX_TEMPFAIL, "4.5.0", NULL); } /* ** SMTPPROBE -- check the connection state diff --git a/contrib/sendmail/src/util.c b/contrib/sendmail/src/util.c index e7a3ff015d5c..ea36b6e793c1 100644 --- a/contrib/sendmail/src/util.c +++ b/contrib/sendmail/src/util.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2004 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2006 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -13,7 +13,7 @@ #include <sendmail.h> -SM_RCSID("@(#)$Id: util.c,v 8.383 2004/08/02 18:50:59 ca Exp $") +SM_RCSID("@(#)$Id: util.c,v 8.392 2006/03/09 19:49:35 ca Exp $") #include <sysexits.h> #include <sm/xtrap.h> @@ -456,6 +456,8 @@ xalloc(sz) { register char *p; + SM_REQUIRE(sz >= 0); + /* some systems can't handle size zero mallocs */ if (sz <= 0) sz = 1; @@ -970,18 +972,18 @@ fixcrlf(line, stripnl) ** mci -- the mailer connection information. ** ** Returns: -** none +** true iff line was written successfully ** ** Side Effects: ** output of l to mci->mci_out. */ -void +bool putline(l, mci) register char *l; register MCI *mci; { - putxline(l, strlen(l), mci, PXLF_MAPFROM); + return putxline(l, strlen(l), mci, PXLF_MAPFROM); } /* ** PUTXLINE -- putline with flags bits. @@ -1000,13 +1002,13 @@ putline(l, mci) ** PXLF_NOADDEOL -- don't add an EOL if one wasn't present. ** ** Returns: -** none +** true iff line was written successfully ** ** Side Effects: ** output of l to mci->mci_out. */ -void +bool putxline(l, len, mci, pxflags) register char *l; size_t len; @@ -1058,11 +1060,6 @@ putxline(l, len, mci, pxflags) if (sm_io_putc(mci->mci_out, SM_TIME_DEFAULT, '.') == SM_IO_EOF) dead = true; - else - { - /* record progress for DATA timeout */ - DataProgress = true; - } if (TrafficLogFile != NULL) (void) sm_io_putc(TrafficLogFile, SM_TIME_DEFAULT, '.'); @@ -1075,11 +1072,6 @@ putxline(l, len, mci, pxflags) if (sm_io_putc(mci->mci_out, SM_TIME_DEFAULT, '>') == SM_IO_EOF) dead = true; - else - { - /* record progress for DATA timeout */ - DataProgress = true; - } if (TrafficLogFile != NULL) (void) sm_io_putc(TrafficLogFile, SM_TIME_DEFAULT, @@ -1091,16 +1083,11 @@ putxline(l, len, mci, pxflags) while (l < q) { if (sm_io_putc(mci->mci_out, SM_TIME_DEFAULT, - (unsigned char) *l++) == SM_IO_EOF) + (unsigned char) *l++) == SM_IO_EOF) { dead = true; break; } - else - { - /* record progress for DATA timeout */ - DataProgress = true; - } } if (dead) break; @@ -1116,11 +1103,6 @@ putxline(l, len, mci, pxflags) dead = true; break; } - else - { - /* record progress for DATA timeout */ - DataProgress = true; - } if (TrafficLogFile != NULL) { for (l = l_base; l < q; l++) @@ -1144,11 +1126,9 @@ putxline(l, len, mci, pxflags) { if (sm_io_putc(mci->mci_out, SM_TIME_DEFAULT, '.') == SM_IO_EOF) - break; - else { - /* record progress for DATA timeout */ - DataProgress = true; + dead = true; + break; } if (TrafficLogFile != NULL) (void) sm_io_putc(TrafficLogFile, @@ -1161,11 +1141,9 @@ putxline(l, len, mci, pxflags) { if (sm_io_putc(mci->mci_out, SM_TIME_DEFAULT, '>') == SM_IO_EOF) - break; - else { - /* record progress for DATA timeout */ - DataProgress = true; + dead = true; + break; } if (TrafficLogFile != NULL) (void) sm_io_putc(TrafficLogFile, @@ -1183,11 +1161,6 @@ putxline(l, len, mci, pxflags) dead = true; break; } - else - { - /* record progress for DATA timeout */ - DataProgress = true; - } } if (dead) break; @@ -1198,11 +1171,9 @@ putxline(l, len, mci, pxflags) if ((!bitset(PXLF_NOADDEOL, pxflags) || !noeol) && sm_io_fputs(mci->mci_out, SM_TIME_DEFAULT, mci->mci_mailer->m_eol) == SM_IO_EOF) - break; - else { - /* record progress for DATA timeout */ - DataProgress = true; + dead = true; + break; } if (l < end && *l == '\n') { @@ -1211,11 +1182,9 @@ putxline(l, len, mci, pxflags) { if (sm_io_putc(mci->mci_out, SM_TIME_DEFAULT, ' ') == SM_IO_EOF) - break; - else { - /* record progress for DATA timeout */ - DataProgress = true; + dead = true; + break; } if (TrafficLogFile != NULL) @@ -1224,10 +1193,10 @@ putxline(l, len, mci, pxflags) } } - /* record progress for DATA timeout */ - DataProgress = true; } while (l < end); + return !dead; } + /* ** XUNLINK -- unlink a file, doing logging as appropriate. ** @@ -2096,6 +2065,9 @@ prog_open(argv, pfd, e) /* run as default user */ endpwent(); sm_mbdb_terminate(); +#if _FFR_MEMSTAT + (void) sm_memstat_close(); +#endif /* _FFR_MEMSTAT */ if (setgid(DefGid) < 0 && geteuid() == 0) { syserr("prog_open: setgid(%ld) failed", (long) DefGid); @@ -2433,6 +2405,7 @@ str2prt(s) *h++ = 'r'; break; default: + SM_ASSERT(l >= 2); (void) sm_snprintf(h, l, "%03o", (unsigned int)((unsigned char) c)); @@ -2669,11 +2642,11 @@ proc_list_drop(pid, st, other) type = ProcListVec[i].proc_type; if (other != NULL) *other = ProcListVec[i].proc_other; + if (CurChildren > 0) + CurChildren--; break; } } - if (CurChildren > 0) - CurChildren--; if (type == PROC_CONTROL && WIFEXITED(st)) @@ -2732,14 +2705,20 @@ proc_list_clear() void proc_list_probe() { - int i; + int i, children; + int chldwasblocked; + pid_t pid; + + children = 0; + chldwasblocked = sm_blocksignal(SIGCHLD); /* start from 1 since 0 is the daemon itself */ for (i = 1; i < ProcListSize; i++) { - if (ProcListVec[i].proc_pid == NO_PID) + pid = ProcListVec[i].proc_pid; + if (pid == NO_PID || pid == CurrentPid) continue; - if (kill(ProcListVec[i].proc_pid, 0) < 0) + if (kill(pid, 0) < 0) { if (LogLevel > 3) sm_syslog(LOG_DEBUG, CurEnv->e_id, @@ -2749,9 +2728,21 @@ proc_list_probe() SM_FREE_CLR(ProcListVec[i].proc_task); CurChildren--; } + else + { + ++children; + } } if (CurChildren < 0) CurChildren = 0; + if (chldwasblocked == 0) + (void) sm_releasesignal(SIGCHLD); + if (LogLevel > 10 && children != CurChildren) + { + sm_syslog(LOG_ERR, NOQID, + "proc_list_probe: found %d children, expected %d", + children, CurChildren); + } } /* @@ -2859,7 +2850,6 @@ count_open_connections(hostaddr) { if (ProcListVec[i].proc_pid == NO_PID) continue; - if (hostaddr->sa.sa_family != ProcListVec[i].proc_hostaddr.sa.sa_family) continue; diff --git a/contrib/sendmail/src/version.c b/contrib/sendmail/src/version.c index 9fcf31cc36c0..7ca90a8a8709 100644 --- a/contrib/sendmail/src/version.c +++ b/contrib/sendmail/src/version.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2005 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2006 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1983 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -13,6 +13,6 @@ #include <sm/gen.h> -SM_RCSID("@(#)$Id: version.c,v 8.145 2005/03/25 18:44:44 ca Exp $") +SM_RCSID("@(#)$Id: version.c,v 8.160 2006/03/08 19:21:21 ca Exp $") -char Version[] = "8.13.4"; +char Version[] = "8.13.6"; |