diff options
48 files changed, 370 insertions, 98 deletions
| diff --git a/contrib/sendmail/RELEASE_NOTES b/contrib/sendmail/RELEASE_NOTES index cf6855aecc2e..3282fde3c667 100644 --- a/contrib/sendmail/RELEASE_NOTES +++ b/contrib/sendmail/RELEASE_NOTES @@ -1,11 +1,45 @@  			SENDMAIL RELEASE NOTES -      $Id: RELEASE_NOTES,v 8.1336 2002/06/03 13:21:25 ca Exp $ +      $Id: RELEASE_NOTES,v 8.1340.2.9 2002/06/25 22:53:32 ca Exp $  This listing shows the version of the sendmail binary, the version  of the sendmail configuration files, the date of release, and a  summary of the changes in that release. +8.12.5/8.12.5	2002/06/25 +	SECURITY: The DNS map can cause a buffer overflow if the user +		specifies a dns map using TXT records in the configuration +		file and a rogue DNS server is queried.  None of the +		sendmail supplied configuration files use this option hence +		they are not vulnerable.  Problem noted independently by +		Joost Pol of PINE Internet and Anton Rang of Sun Microsystems. +	Unprintable characters in responses from DNS servers for the DNS +		map type are changed to 'X' to avoid potential problems +		with rogue DNS servers. +	Require a suboption when setting the Milter option.  Problem noted +		by Bryan Costales. +	Do not silently overwrite command line settings for +		DirectSubmissionModifiers.  Problem noted by Bryan +		Costales. +	Prevent a segmentation fault when clearing the event list by +		turning off alarms before checking if event list is +		empty.  Problem noted by Allan E Johannesen of Worcester +		Polytechnic Institute. +	Close a potential race condition in transitioning a memory buffered +		file onto disk.  From Janani Devarajan of Sun Microsystems. +	Portability: +		Include paths.h on Linux systems running glibc 2.0 or later +			to get the definition for _PATH_SENDMAIL, used by +			rmail and vacation.  Problem noted by Kevin +			A. McGrail of Peregrine Hardware. +		NOTE: Linux appears to have broken flock() again.  Unless +			the bug is fixed before sendmail 8.13 is shipped, +			8.13 will change the default locking method to +			fcntl() for Linux kernel 2.4 and later.  You may +			want to do this in 8.12 by compiling with +			-DHASFLOCK=0.  Be sure to update other sendmail +			related programs to match locking techniques. +  8.12.4/8.12.4	2002/06/03  	SECURITY: Inherent limitations in the UNIX file locking model  		can leave systems open to a local denial of service diff --git a/contrib/sendmail/cf/README b/contrib/sendmail/cf/README index 3c7b7d5a6735..952a16c10f69 100644 --- a/contrib/sendmail/cf/README +++ b/contrib/sendmail/cf/README @@ -1213,7 +1213,7 @@ dnsbl		Turns on rejection of hosts found in an DNS based rejection  		A second argument can be used to change the default error  		message.  Without that second argument, the error message  		will be -			Mail from IP-ADDRESS refused by blackhole site SERVER +			Rejected: IP-ADDRESS listed at SERVER  		where IP-ADDRESS and SERVER are replaced by the appropriate  		information.  By default, temporary lookup failures are  		ignored.  This behavior can be changed by specifying a @@ -2430,7 +2430,7 @@ subscribed.  Contact MAPS to subscribe (http://mail-abuse.org/).  You can specify an alternative RBL server to check by specifying an  argument to the FEATURE.  The default error message is -	Mail from IP-ADDRESS refused by blackhole site SERVER +	Rejected: IP-ADDRESS listed at SERVER  where IP-ADDRESS and SERVER are replaced by the appropriate  information.  A second argument can be used to specify a different @@ -4311,4 +4311,4 @@ M4 DIVERSIONS     8	DNS based blacklists     9	special local rulesets (1 and 2) -$Revision: 8.622 $, Last updated $Date: 2002/06/03 13:15:16 $ +$Revision: 8.623 $, Last updated $Date: 2002/06/07 14:14:14 $ diff --git a/contrib/sendmail/cf/cf/submit.cf b/contrib/sendmail/cf/cf/submit.cf index fe909626b4f3..0613bc14607d 100644 --- a/contrib/sendmail/cf/cf/submit.cf +++ b/contrib/sendmail/cf/cf/submit.cf @@ -1,5 +1,5 @@  # -# Copyright (c) 1998-2001 Sendmail, Inc. and its suppliers. +# Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers.  #	All rights reserved.  # Copyright (c) 1983, 1995 Eric P. Allman.  All rights reserved.  # Copyright (c) 1988, 1993 @@ -24,7 +24,7 @@  ######################################################################  ###################################################################### -#####  $Id: cfhead.m4,v 8.107 2001/07/22 03:25:37 ca Exp $  ##### +#####  $Id: cfhead.m4,v 8.108 2002/06/13 18:53:24 ca Exp $  #####  #####  $Id: cf.m4,v 8.32 1999/02/07 07:26:14 gshapiro Exp $  #####  #####  $Id: submit.mc,v 8.6 2002/03/26 03:30:58 ca Exp $  #####  #####  $Id: msp.m4,v 1.32 2002/03/26 22:02:03 ca Exp $  ##### @@ -32,7 +32,7 @@  #####  $Id: no_default_msa.m4,v 8.2 2001/02/14 05:03:22 gshapiro Exp $  ##### -#####  $Id: proto.m4,v 8.646 2002/05/19 21:22:40 gshapiro Exp $  ##### +#####  $Id: proto.m4,v 8.649 2002/06/13 18:53:24 ca Exp $  #####  # level 10 config file format  V10/Berkeley @@ -110,7 +110,7 @@ D{MTAHost}[localhost]  # Configuration version number -DZ8.12.4/Submit +DZ8.12.5/Submit  ############### @@ -338,7 +338,7 @@ O TimeZoneSpec=  #O DelayLA=0  # maximum number of children we allow at one time -#O MaxDaemonChildren=12 +#O MaxDaemonChildren=0  # maximum number of new connections per second  #O ConnectionRateThrottle=0 @@ -479,7 +479,6 @@ O PidFile=/var/spool/clientmqueue/sm-client.pid  #O InputMailFilters -  # CA directory  #O CACERTPath  # CA file diff --git a/contrib/sendmail/cf/m4/cfhead.m4 b/contrib/sendmail/cf/m4/cfhead.m4 index 708a095dcc7b..f956365fc652 100644 --- a/contrib/sendmail/cf/m4/cfhead.m4 +++ b/contrib/sendmail/cf/m4/cfhead.m4 @@ -1,5 +1,5 @@  # -# Copyright (c) 1998-2001 Sendmail, Inc. and its suppliers. +# Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers.  #	All rights reserved.  # Copyright (c) 1983, 1995 Eric P. Allman.  All rights reserved.  # Copyright (c) 1988, 1993 @@ -119,8 +119,10 @@ define(`_CPO_',`')  define(`CLIENT_OPTIONS', `define(`_CPO_', defn(`_CPO_')  O ClientPortOptions=`$1')')  define(`_MAIL_FILTERS_', `') +define(`_MAIL_FILTERS_DEF', `')  define(`MAIL_FILTER', `define(`_MAIL_FILTERS_', defn(`_MAIL_FILTERS_') -X`'$1`, '`$2')') +X`'$1`, '`$2') +define(`_MAIL_FILTERS_DEF', defn(`_MAIL_FILTERS_DEF')`X')')  define(`INPUT_MAIL_FILTER', `MAIL_FILTER(`$1', `$2')  ifelse(defn(`confINPUT_MAIL_FILTERS')X, `X',  `define(`confINPUT_MAIL_FILTERS', $1)', @@ -301,4 +303,4 @@ define(`confMILTER_MACROS_ENVRCPT', ``{rcpt_mailer}, {rcpt_host}, {rcpt_addr}'')  divert(0)dnl -VERSIONID(`$Id: cfhead.m4,v 8.107 2001/07/22 03:25:37 ca Exp $') +VERSIONID(`$Id: cfhead.m4,v 8.108 2002/06/13 18:53:24 ca Exp $') diff --git a/contrib/sendmail/cf/m4/proto.m4 b/contrib/sendmail/cf/m4/proto.m4 index ab8b457028f0..d601b6710025 100644 --- a/contrib/sendmail/cf/m4/proto.m4 +++ b/contrib/sendmail/cf/m4/proto.m4 @@ -13,7 +13,7 @@ divert(-1)  #  divert(0) -VERSIONID(`$Id: proto.m4,v 8.646 2002/05/19 21:22:40 gshapiro Exp $') +VERSIONID(`$Id: proto.m4,v 8.649 2002/06/13 18:53:24 ca Exp $')  # level CF_LEVEL config file format  V`'CF_LEVEL/ifdef(`VENDOR_NAME', `VENDOR_NAME', `Berkeley') @@ -479,7 +479,7 @@ _OPTION(RefuseLA, `confREFUSE_LA', `12')  _OPTION(DelayLA, `confDELAY_LA', `0')  # maximum number of children we allow at one time -_OPTION(MaxDaemonChildren, `confMAX_DAEMON_CHILDREN', `12') +_OPTION(MaxDaemonChildren, `confMAX_DAEMON_CHILDREN', `0')  # maximum number of new connections per second  _OPTION(ConnectionRateThrottle, `confCONNECTION_RATE_THROTTLE', `0') @@ -621,7 +621,7 @@ _OPTION(TLSSrvOptions, `confTLS_SRV_OPTIONS', `')  # Input mail filters  _OPTION(InputMailFilters, `confINPUT_MAIL_FILTERS', `') -ifdef(`confINPUT_MAIL_FILTERS', `dnl +ifelse(len(X`'_MAIL_FILTERS_DEF), `1', `dnl', `dnl  # Milter options  _OPTION(Milter.LogLevel, `confMILTER_LOG_LEVEL', `')  _OPTION(Milter.macros.connect, `confMILTER_MACROS_CONNECT', `') diff --git a/contrib/sendmail/cf/m4/version.m4 b/contrib/sendmail/cf/m4/version.m4 index 99021202a0d8..72d8c22f19bd 100644 --- a/contrib/sendmail/cf/m4/version.m4 +++ b/contrib/sendmail/cf/m4/version.m4 @@ -11,8 +11,8 @@ divert(-1)  # the sendmail distribution.  #  # -VERSIONID(`$Id: version.m4,v 8.92 2002/05/31 18:53:59 ca Exp $') +VERSIONID(`$Id: version.m4,v 8.92.2.2 2002/06/25 22:51:52 ca Exp $')  #  divert(0)  # Configuration version number -DZ8.12.4`'ifdef(`confCF_VERSION', `/confCF_VERSION') +DZ8.12.5`'ifdef(`confCF_VERSION', `/confCF_VERSION') diff --git a/contrib/sendmail/cf/sendmail.schema b/contrib/sendmail/cf/sendmail.schema index bab47e8c65fd..ebe4c96ac8fc 100644 --- a/contrib/sendmail/cf/sendmail.schema +++ b/contrib/sendmail/cf/sendmail.schema @@ -1,16 +1,17 @@ -# Copyright (c) 2000-2001 Sendmail, Inc. and its suppliers. +# Copyright (c) 2000-2002 Sendmail, Inc. and its suppliers.  #	All rights reserved.  #  # By using this file, you agree to the terms and conditions set  # forth in the LICENSE file which can be found at the top level of  # the sendmail distribution.  # -# $Id: sendmail.schema,v 8.14 2001/08/31 17:18:18 gshapiro Exp $ +# $Id: sendmail.schema,v 8.19 2002/06/04 17:31:43 gshapiro Exp $  # Note that this schema is experimental at this point as it has had little  # public review.  Therefore, it may change in future versions.  Feedback  # via sendmail@sendmail.org is encouraged. +  # OID arcs for Sendmail  # enterprise:		1.3.6.1.4.1  # sendmail:		enterprise.6152 @@ -87,6 +88,7 @@ attributetype ( 1.3.6.1.4.1.6152.10.3.1.16  	EQUALITY caseIgnoreMatch  	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) +  #objectClass sendmailMTAMap  #	requires  #		objectClass, @@ -143,6 +145,7 @@ attributetype ( 1.3.6.1.4.1.6152.10.3.1.20  	EQUALITY caseIgnoreMatch  	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +  #objectClass sendmailMTAAlias  #	requires  #		objectClass, @@ -198,6 +201,7 @@ attributetype ( 1.3.6.1.4.1.6152.10.3.1.23  	EQUALITY caseIgnoreMatch  	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +  #objectClass sendmailMTAClass  #	requires  #		objectClass, diff --git a/contrib/sendmail/doc/op/op.me b/contrib/sendmail/doc/op/op.me index 8d14002f0b65..6780db5dca5c 100644 --- a/contrib/sendmail/doc/op/op.me +++ b/contrib/sendmail/doc/op/op.me @@ -9,7 +9,7 @@  .\" the sendmail distribution.  .\"  .\" -.\"	$Id: op.me,v 8.607 2002/05/22 19:58:33 gshapiro Exp $ +.\"	$Id: op.me,v 8.609.2.2 2002/06/25 20:30:35 ca Exp $  .\"  .\" eqn op.me | pic | troff -me  .\" @@ -88,7 +88,7 @@ Sendmail, Inc.  .de Ve  Version \\$2  .. -.Ve $Revision: 8.607 $ +.Ve $Revision: 8.609.2.2 $  .rm Ve  .sp  For Sendmail Version 8.12 @@ -753,6 +753,12 @@ Notice: do not use the same key for  .i sendmail  invocations with different queue directories  or different queue group declarations. +Access to shared memory is not controlled by locks, +i.e., there is a race condition when data in the shared memory is updated. +However, since operation of +.i sendmail +does not rely on the data in the shared memory, this does not negatively +influence the behavior.  .sh 3 "/var/spool/clientmqueue"  .pp  The directory @@ -1274,6 +1280,13 @@ the flag  .b \-bP  can be used to print the number of entries in the queue(s),  provided a process updates the data. +However, as explained earlier, the output might be slightly wrong, +since access to the shared memory is not locked. +For example, +``unknown number of entries'' +might be shown. +The internal counters are updated after each queue run +to the correct value again.  .sh 3 "Forcing the queue"  .pp  .i Sendmail @@ -2769,6 +2782,34 @@ is still accepted.  Notice that the MSP submits mail to the MTA via SMTP, and hence  mail will be queued in the client queue in such a case.  Therefore it is necessary to run the client mail queue periodically. +.sh 2 "Resource Limits" +.pp +.i Sendmail +has several parameters to control resource usage. +Besides those mentionted in the previous section, there are at least +.b MaxDaemonChildren , +.b ConnectionRateThrottle , +.b MaxQueueChildren , +and +.b MaxRunnersPerQueue . +The latter two limit the number of +.i sendmail +processes that operate on the queue. +These are discussed in the section +``Queue Group Declaration''. +The former two can be used to limit the number of incoming connections. +Their appropriate values depend on the host operating system and +the hardware, e.g., amount of memory. +In many situations it might be useful to set limits to prevent +to have too many +.i sendmail +processes, however, these limits can be abused to mount a +denial of service attack. +For example, if +.b MaxDaemonChildren=10 +then an attacker needs to open only 10 SMTP sessions to the server, +leave them idle for most of the time, +and no more connections will be accepted.  .sh 2 "Delivery Mode"  .pp  There are a number of delivery modes that @@ -6557,6 +6598,7 @@ If not set,  is either "CC f" if the option  .b \-G  is used or "c u" otherwise. +Note that only the the "CC", "c", "f", and "u" flags are checked.  .ip DontBlameSendmail=\fIoption,option,...\fP  [no short name]  In order to avoid possible cracking attempts @@ -7050,6 +7092,7 @@ The characters ``@,;:\e()[]'' are always added to this list.  .ip NiceQueueRun  [no short name]  The priority of queue runners (nice(3)). +This value must be greater or equal zero.  .ip NoRecipientAction  [no short name]  The action to take when you receive a message that has no valid @@ -8674,6 +8717,7 @@ Fields are:  Flags for this queue group.  .ip Nice  The nice(2) increment for the queue group. +This value must be greater or equal zero.  .ip Interval  The time between two queue runs.  .ip Path @@ -10627,7 +10671,7 @@ replace it with a blank sheet for double-sided output.  .\".sz 10  .\"Eric Allman  .\".sp -.\"Version $Revision: 8.607 $ +.\"Version $Revision: 8.609.2.2 $  .\".ce 0  .bp 3  .ce diff --git a/contrib/sendmail/editmap/Makefile.m4 b/contrib/sendmail/editmap/Makefile.m4 index 906e198766cd..566b6e2bbb6c 100644 --- a/contrib/sendmail/editmap/Makefile.m4 +++ b/contrib/sendmail/editmap/Makefile.m4 @@ -1,3 +1,4 @@ +dnl $Id: Makefile.m4,v 1.4.6.1 2002/06/21 21:58:27 ca Exp $  include(confBUILDTOOLSDIR`/M4/switch.m4')  define(`confREQUIRE_LIBSM', `true') diff --git a/contrib/sendmail/include/libmilter/mfapi.h b/contrib/sendmail/include/libmilter/mfapi.h index 9cf07c753ad3..c36a38c7f9ef 100644 --- a/contrib/sendmail/include/libmilter/mfapi.h +++ b/contrib/sendmail/include/libmilter/mfapi.h @@ -7,7 +7,7 @@   * the sendmail distribution.   *   * - *	$Id: mfapi.h,v 8.42 2002/04/30 23:52:23 msk Exp $ + *	$Id: mfapi.h,v 8.44 2002/06/04 05:06:40 gshapiro Exp $   */  /* diff --git a/contrib/sendmail/include/sm/conf.h b/contrib/sendmail/include/sm/conf.h index 12688eaad103..83950bc85fa7 100644 --- a/contrib/sendmail/include/sm/conf.h +++ b/contrib/sendmail/include/sm/conf.h @@ -10,7 +10,7 @@   * the sendmail distribution.   *   * - *	$Id: conf.h,v 1.88 2002/05/01 16:09:41 gshapiro Exp $ + *	$Id: conf.h,v 1.90.2.2 2002/06/21 22:31:35 gshapiro Exp $   */  /* @@ -1358,6 +1358,9 @@ extern void		*malloc();  #  ifndef TZ_TYPE  #   define TZ_TYPE	TZ_NONE		/* no standard for Linux */  #  endif /* ! TZ_TYPE */ +#  if (__GLIBC__ >= 2) +#   include <paths.h> +#  endif /* (__GLIBC__ >= 2) */  #  ifndef _PATH_SENDMAILPID  #   define _PATH_SENDMAILPID	"/var/run/sendmail.pid"  #  endif /* ! _PATH_SENDMAILPID */ diff --git a/contrib/sendmail/libmilter/Makefile.m4 b/contrib/sendmail/libmilter/Makefile.m4 index ea1124d1f6a5..d824298ed501 100644 --- a/contrib/sendmail/libmilter/Makefile.m4 +++ b/contrib/sendmail/libmilter/Makefile.m4 @@ -1,3 +1,4 @@ +dnl $Id: Makefile.m4,v 8.30.2.1 2002/06/21 21:58:28 ca Exp $  include(confBUILDTOOLSDIR`/M4/switch.m4')  dnl only required for compilation of EXTRAS diff --git a/contrib/sendmail/libmilter/docs/smfi_getsymval.html b/contrib/sendmail/libmilter/docs/smfi_getsymval.html index d8a3304fee07..8cbde7d7cb79 100644 --- a/contrib/sendmail/libmilter/docs/smfi_getsymval.html +++ b/contrib/sendmail/libmilter/docs/smfi_getsymval.html @@ -37,7 +37,11 @@ Get the value of a sendmail macro.  	<td>The opaque context structure.  	</td></tr>      <tr valign="top"><td>symname</td> -	<td>The name of a sendmail macro, optinally enclosed in braces ("{" and "}").  <a href="#notes">See below</a> for default macros. +	<td>The name of a sendmail macro. +	Single letter macros can optionally be enclosed in braces ("{" and "}"), +	longer macro names must be enclosed in braces, just as in a +	<tt>sendmail.cf</tt> file. +	<a href="#notes">See below</a> for default macros.  	</td></tr>      </table>  </td></tr> @@ -82,7 +86,7 @@ sendmail distribution.  <hr size="1">  <font size="-1"> -Copyright (c) 2000 Sendmail, Inc. and its suppliers. +Copyright (c) 2000, 2002 Sendmail, Inc. and its suppliers.  All rights reserved.  <br>  By using this file, you agree to the terms and conditions set diff --git a/contrib/sendmail/libmilter/main.c b/contrib/sendmail/libmilter/main.c index 92690cd7cb14..6fc3f9587953 100644 --- a/contrib/sendmail/libmilter/main.c +++ b/contrib/sendmail/libmilter/main.c @@ -9,7 +9,7 @@   */  #include <sm/gen.h> -SM_RCSID("@(#)$Id: main.c,v 8.63 2002/04/30 23:52:24 msk Exp $") +SM_RCSID("@(#)$Id: main.c,v 8.64 2002/06/04 02:32:32 geir Exp $")  #define _DEFINE	1  #include "libmilter.h" diff --git a/contrib/sendmail/libsm/Makefile.m4 b/contrib/sendmail/libsm/Makefile.m4 index 957eb09222e2..563cf1083834 100644 --- a/contrib/sendmail/libsm/Makefile.m4 +++ b/contrib/sendmail/libsm/Makefile.m4 @@ -1,3 +1,4 @@ +dnl $Id: Makefile.m4,v 1.64.2.1 2002/06/21 21:58:29 ca Exp $  define(`confREQUIRE_LIBUNIX')  include(confBUILDTOOLSDIR`/M4/switch.m4') diff --git a/contrib/sendmail/libsm/clock.c b/contrib/sendmail/libsm/clock.c index ada9689980af..fb7e9112eaa0 100644 --- a/contrib/sendmail/libsm/clock.c +++ b/contrib/sendmail/libsm/clock.c @@ -12,7 +12,7 @@   */  #include <sm/gen.h> -SM_RCSID("@(#)$Id: clock.c,v 1.35 2002/03/22 18:34:38 gshapiro Exp $") +SM_RCSID("@(#)$Id: clock.c,v 1.35.2.1 2002/06/20 05:14:45 gshapiro Exp $")  #include <unistd.h>  #include <time.h>  #include <errno.h> @@ -257,9 +257,6 @@ sm_clear_events()  #endif /* SM_CONF_SETITIMER */  	int wasblocked; -	if (SmEventQueue == NULL) -		return; -  	/* nothing will be left in event queue, no need for an alarm */  #if SM_CONF_SETITIMER  	clr.it_interval.tv_sec = 0; @@ -270,6 +267,10 @@ sm_clear_events()  #else /* SM_CONF_SETITIMER */  	(void) alarm(0);  #endif /* SM_CONF_SETITIMER */ + +	if (SmEventQueue == NULL) +		return; +  	wasblocked = sm_blocksignal(SIGALRM);  	/* find the end of the EventQueue */ diff --git a/contrib/sendmail/libsmdb/Makefile.m4 b/contrib/sendmail/libsmdb/Makefile.m4 index 90cecfe12950..23f39d0b561f 100644 --- a/contrib/sendmail/libsmdb/Makefile.m4 +++ b/contrib/sendmail/libsmdb/Makefile.m4 @@ -1,3 +1,4 @@ +dnl $Id: Makefile.m4,v 8.13.4.1 2002/06/21 21:58:33 ca Exp $  include(confBUILDTOOLSDIR`/M4/switch.m4')  define(`confREQUIRE_LIBSM', `true') diff --git a/contrib/sendmail/libsmutil/Makefile.m4 b/contrib/sendmail/libsmutil/Makefile.m4 index 5348e33d104c..36c5d7a5a479 100644 --- a/contrib/sendmail/libsmutil/Makefile.m4 +++ b/contrib/sendmail/libsmutil/Makefile.m4 @@ -1,3 +1,4 @@ +dnl $Id: Makefile.m4,v 8.16.4.1 2002/06/21 21:58:35 ca Exp $  include(confBUILDTOOLSDIR`/M4/switch.m4')  define(`confREQUIRE_LIBSM', `true') diff --git a/contrib/sendmail/mail.local/Makefile.m4 b/contrib/sendmail/mail.local/Makefile.m4 index fa300558935a..63c14e0dfac3 100644 --- a/contrib/sendmail/mail.local/Makefile.m4 +++ b/contrib/sendmail/mail.local/Makefile.m4 @@ -1,3 +1,4 @@ +dnl $Id: Makefile.m4,v 8.49.2.1 2002/06/21 21:58:36 ca Exp $  include(confBUILDTOOLSDIR`/M4/switch.m4')  define(`confREQUIRE_LIBSM', `true') diff --git a/contrib/sendmail/mailstats/Makefile.m4 b/contrib/sendmail/mailstats/Makefile.m4 index 02dc956ef968..e981401d1917 100644 --- a/contrib/sendmail/mailstats/Makefile.m4 +++ b/contrib/sendmail/mailstats/Makefile.m4 @@ -1,3 +1,4 @@ +dnl $Id: Makefile.m4,v 8.34.4.1 2002/06/21 21:58:37 ca Exp $  include(confBUILDTOOLSDIR`/M4/switch.m4')  define(`confREQUIRE_LIBSM', `true') diff --git a/contrib/sendmail/makemap/Makefile.m4 b/contrib/sendmail/makemap/Makefile.m4 index 171a548b0526..2396311ae952 100644 --- a/contrib/sendmail/makemap/Makefile.m4 +++ b/contrib/sendmail/makemap/Makefile.m4 @@ -1,3 +1,4 @@ +dnl $Id: Makefile.m4,v 8.42.4.1 2002/06/21 21:58:38 ca Exp $  include(confBUILDTOOLSDIR`/M4/switch.m4')  define(`confREQUIRE_LIBSM', `true') diff --git a/contrib/sendmail/praliases/Makefile.m4 b/contrib/sendmail/praliases/Makefile.m4 index 20509a69772e..248fccd2e5ac 100644 --- a/contrib/sendmail/praliases/Makefile.m4 +++ b/contrib/sendmail/praliases/Makefile.m4 @@ -1,3 +1,4 @@ +dnl $Id: Makefile.m4,v 8.34.4.1 2002/06/21 21:58:39 ca Exp $  include(confBUILDTOOLSDIR`/M4/switch.m4')  define(`confREQUIRE_LIBSM', `true') diff --git a/contrib/sendmail/rmail/Makefile.m4 b/contrib/sendmail/rmail/Makefile.m4 index c78b6ca655ab..6b2a0498f13c 100644 --- a/contrib/sendmail/rmail/Makefile.m4 +++ b/contrib/sendmail/rmail/Makefile.m4 @@ -1,3 +1,4 @@ +dnl $Id: Makefile.m4,v 8.42.4.1 2002/06/21 21:58:46 ca Exp $  include(confBUILDTOOLSDIR`/M4/switch.m4')  define(`confREQUIRE_LIBSM', `true') diff --git a/contrib/sendmail/smrsh/Makefile.m4 b/contrib/sendmail/smrsh/Makefile.m4 index cdc094dd78a3..f090250ff185 100644 --- a/contrib/sendmail/smrsh/Makefile.m4 +++ b/contrib/sendmail/smrsh/Makefile.m4 @@ -1,3 +1,4 @@ +dnl $Id: Makefile.m4,v 8.34.2.1 2002/06/21 21:58:48 ca Exp $  include(confBUILDTOOLSDIR`/M4/switch.m4')  define(`confREQUIRE_LIBSM', `true') diff --git a/contrib/sendmail/src/Makefile.m4 b/contrib/sendmail/src/Makefile.m4 index bb5dc1a2ab07..615ac594f937 100644 --- a/contrib/sendmail/src/Makefile.m4 +++ b/contrib/sendmail/src/Makefile.m4 @@ -1,3 +1,4 @@ +dnl $Id: Makefile.m4,v 8.91.2.1 2002/06/21 21:58:47 ca Exp $  include(confBUILDTOOLSDIR`/M4/switch.m4')  define(`confREQUIRE_LIBSM', `true') diff --git a/contrib/sendmail/src/README b/contrib/sendmail/src/README index d24e47b92cbf..b8c31ec0ad86 100644 --- a/contrib/sendmail/src/README +++ b/contrib/sendmail/src/README @@ -9,7 +9,7 @@  # the sendmail distribution.  #  # -#	$Id: README,v 8.355 2002/05/22 19:46:26 gshapiro Exp $ +#	$Id: README,v 8.355.2.3 2002/06/21 22:44:56 gshapiro Exp $  #  This directory contains the source files for sendmail(TM). @@ -1266,9 +1266,15 @@ HP-UX 8.00  	README file for the future...  Linux -	Something broke between versions 0.99.13 and 0.99.14 of Linux: -	the flock() system call gives errors.  If you are running .14, -	you must not use flock.  You can do this with -DHASFLOCK=0. +	Something broke between versions 0.99.13 and 0.99.14 of Linux: the +	flock() system call gives errors.  If you are running .14, you must +	not use flock.  You can do this with -DHASFLOCK=0.  We have also +	been getting complaints since version 2.4.X was released.  Unless +	the bug is fixed before sendmail 8.13 is shipped, 8.13 will change +	the default locking method to fcntl() for Linux kernel version 2.4 +	and later.  Be sure to update other sendmail related programs to +	match locking techniques (some examples, besides makemap and +	mail.local, include procmail, mailx, mutt, elm, etc).  	Around the inclusion of bind-4.9.3 & Linux libc-4.6.20, the  	initialization of the _res structure changed.  If /etc/hosts.conf @@ -1515,6 +1521,28 @@ Darwin/Mac OS X (10.X.X)  	b. Set / to group unwritable (as superuser):  	   chmod g-w / +Darwin/Mac OS X (10.1.5) +	Apple's upgrade to sendmail 8.12 is incorrectly configured.  You +	will need to manually fix it up by doing the following: + +	1. chown smmsp:smmsp /var/spool/clientmqueue +	2. chmod 2770 /var/spool/clientmqueue +	3. chgrp smmsp /usr/sbin/sendmail +	4. chmod g+s /usr/sbin/sendmail + +	From Daniel J. Luke <dluke@geeklair.net>: + +	It appears that setting the sendmail.cf property in +	/locations/sendmail in NetInfo on Mac OS X 10.1.5 with sendmail +	8.12.4 causes 'bad things' to happen. + +	Specifically sendmail instances that should be getting their config +	from /etc/mail/submit.cf don't (so mail/mutt/perl scripts which +	open pipes to sendmail stop working as sendmail tries to write to +	/var/spool/mqueue and cannot as sendmail is no longer suid root). + +	Removing the entry from NetInfo fixes this problem. +  GNU getopt  	I'm told that GNU getopt has a problem in that it gets confused  	by the double call.  Use the version in conf.c instead. @@ -1740,4 +1768,4 @@ util.c		Some general purpose routines used by sendmail.  version.c	The version number and information about this  		version of sendmail. -(Version $Revision: 8.355 $, last update $Date: 2002/05/22 19:46:26 $ ) +(Version $Revision: 8.355.2.3 $, last update $Date: 2002/06/21 22:44:56 $ ) diff --git a/contrib/sendmail/src/aliases b/contrib/sendmail/src/aliases index 73899d427ded..2d06ae31255a 100644 --- a/contrib/sendmail/src/aliases +++ b/contrib/sendmail/src/aliases @@ -1,5 +1,5 @@  # -#	$Id: aliases,v 8.4 2001/12/30 04:46:23 gshapiro Exp $ +#	$Id: aliases,v 8.5 2002/06/05 22:54:26 gshapiro Exp $  #	@(#)aliases	8.2 (Berkeley) 3/5/94  #  #  Aliases in this file will NOT be expanded in the header from @@ -35,7 +35,6 @@ ingres:		root  nobody:		root  system:		root  toor:		root -uucp:		root  # Well-known aliases  manager:	root diff --git a/contrib/sendmail/src/bf.c b/contrib/sendmail/src/bf.c index eb417988a0a3..f6783089efc4 100644 --- a/contrib/sendmail/src/bf.c +++ b/contrib/sendmail/src/bf.c @@ -18,7 +18,7 @@  */  #include <sm/gen.h> -SM_RCSID("@(#)$Id: bf.c,v 8.54 2002/04/20 18:03:42 gshapiro Exp $") +SM_RCSID("@(#)$Id: bf.c,v 8.54.2.2 2002/06/21 19:58:40 gshapiro Exp $")  #include <sys/types.h>  #include <sys/stat.h> @@ -681,6 +681,7 @@ sm_bfcommit(fp)  	/* Do we need to open a file? */  	if (!bfp->bf_ondisk)  	{ +		int save_errno;  		MODE_T omask;  		struct stat st; @@ -700,14 +701,16 @@ sm_bfcommit(fp)  		/* Clear umask as bf_filemode are the true perms */  		omask = umask(0); -		retval = OPEN(bfp->bf_filename, O_RDWR | O_CREAT | O_TRUNC, +		retval = OPEN(bfp->bf_filename, O_RDWR | O_CREAT | O_EXCL,  			      bfp->bf_filemode, bfp->bf_flags); +		save_errno = errno;  		(void) umask(omask);  		/* Couldn't create file: failure */  		if (retval < 0)  		{  			/* errno is set implicitly by open() */ +			errno = save_errno;  			return -1;  		} diff --git a/contrib/sendmail/src/conf.c b/contrib/sendmail/src/conf.c index 4a0a25d4b674..59e485b84533 100644 --- a/contrib/sendmail/src/conf.c +++ b/contrib/sendmail/src/conf.c @@ -13,7 +13,7 @@  #include <sendmail.h> -SM_RCSID("@(#)$Id: conf.c,v 8.969 2002/05/24 23:48:55 gshapiro Exp $") +SM_RCSID("@(#)$Id: conf.c,v 8.972 2002/06/18 16:11:44 ca Exp $")  #include <sendmail/pathnames.h> @@ -2338,7 +2338,7 @@ typedef unsigned int	*pt_entry_t;  */  # ifdef SPT_ALIGN_SIZE -#  define SPT_ALIGN(x, align)	((((x) + SPT_ALIGN_SIZE) >> (align)) << (align)) +#  define SPT_ALIGN(x, align)	(((((x) + SPT_ALIGN_SIZE) >> (align)) << (align)) - 1)  # else /* SPT_ALIGN_SIZE */  #  define SPT_ALIGN(x, align)	(x)  # endif /* SPT_ALIGN_SIZE */ diff --git a/contrib/sendmail/src/conf.h b/contrib/sendmail/src/conf.h index 89bdd7ec8457..22d7737a33a0 100644 --- a/contrib/sendmail/src/conf.h +++ b/contrib/sendmail/src/conf.h @@ -10,7 +10,7 @@   * the sendmail distribution.   *   * - *	$Id: conf.h,v 8.562 2002/05/22 19:46:26 gshapiro Exp $ + *	$Id: conf.h,v 8.563 2002/06/04 02:13:50 geir Exp $   */  /* diff --git a/contrib/sendmail/src/daemon.c b/contrib/sendmail/src/daemon.c index 0b2cd94078be..28e96ff7babc 100644 --- a/contrib/sendmail/src/daemon.c +++ b/contrib/sendmail/src/daemon.c @@ -13,7 +13,7 @@  #include <sendmail.h> -SM_RCSID("@(#)$Id: daemon.c,v 8.612 2002/05/02 19:40:52 ca Exp $") +SM_RCSID("@(#)$Id: daemon.c,v 8.613 2002/06/05 21:26:35 gshapiro Exp $")  #if defined(SOCK_STREAM) || defined(__GNU_LIBRARY__)  # define USE_SOCK_STREAM	1 @@ -1710,6 +1710,58 @@ setsockaddroptions(p, d)  #define DEF_LISTENQUEUE	10 +struct dflags +{ +	char	*d_name; +	int	d_flag; +}; + +static struct dflags	DaemonFlags[] = +{ +	{ "AUTHREQ",		D_AUTHREQ	}, +	{ "BINDIF",		D_BINDIF	}, +	{ "CANONREQ",		D_CANONREQ	}, +	{ "IFNHELO",		D_IFNHELO	}, +	{ "FQMAIL",		D_FQMAIL	}, +	{ "FQRCPT",		D_FQRCPT	}, +#if _FFR_SMTP_SSL +	{ "SMTPS",		D_SMTPS		}, +#endif /* _FFR_SMTP_SSL */ +	{ "UNQUALOK",		D_UNQUALOK	}, +	{ "NOAUTH",		D_NOAUTH	}, +	{ "NOCANON",		D_NOCANON	}, +	{ "NOETRN",		D_NOETRN	}, +	{ "NOTLS",		D_NOTLS		}, +	{ "ETRNONLY",		D_ETRNONLY	}, +	{ "OPTIONAL",		D_OPTIONAL	}, +	{ "DISABLE",		D_DISABLE	}, +	{ "ISSET",		D_ISSET		}, +	{ NULL,			0		} +}; + +static void +printdaemonflags(d) +	DAEMON_T *d; +{ +	register struct dflags *df; +	bool first = true; + +	for (df = DaemonFlags; df->d_name != NULL; df++) +	{ +		if (!bitnset(df->d_flag, d->d_flags)) +			continue; +		if (first) +			(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, "<%s", +					     df->d_name); +		else +			(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, ",%s", +					     df->d_name); +		first = false; +	} +	if (!first) +		(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, ">"); +} +  bool  setdaemonoptions(p)  	register char *p; @@ -1741,10 +1793,7 @@ setdaemonoptions(p)  	if (tTd(37, 1))  	{  		sm_dprintf("Daemon %s flags: ", Daemons[NDaemons].d_name); -		if (bitnset(D_ETRNONLY, Daemons[NDaemons].d_flags)) -			sm_dprintf("ETRNONLY "); -		if (bitnset(D_NOETRN, Daemons[NDaemons].d_flags)) -			sm_dprintf("NOETRN "); +		printdaemonflags(&Daemons[NDaemons]);  		sm_dprintf("\n");  	}  	++NDaemons; diff --git a/contrib/sendmail/src/deliver.c b/contrib/sendmail/src/deliver.c index 2b1fc4c2190a..e70e1daa54f9 100644 --- a/contrib/sendmail/src/deliver.c +++ b/contrib/sendmail/src/deliver.c @@ -14,7 +14,7 @@  #include <sendmail.h>  #include <sys/time.h> -SM_RCSID("@(#)$Id: deliver.c,v 8.939 2002/05/25 00:46:00 gshapiro Exp $") +SM_RCSID("@(#)$Id: deliver.c,v 8.940 2002/06/06 00:03:16 gshapiro Exp $")  #if HASSETUSERCONTEXT  # include <login_cap.h> @@ -3282,7 +3282,7 @@ do_transfer:  				if (i != EX_OK)  				{  					markfailure(e, to, mci, i, false); -					giveresponse(i, to->q_status,  m, mci, +					giveresponse(i, to->q_status, m, mci,  						     ctladdr, xstart, e, to);  					if (i == EX_TEMPFAIL)  						to->q_state = QS_RETRY; diff --git a/contrib/sendmail/src/main.c b/contrib/sendmail/src/main.c index 78c1862343ce..22a1aaccaf0b 100644 --- a/contrib/sendmail/src/main.c +++ b/contrib/sendmail/src/main.c @@ -25,7 +25,7 @@ SM_UNUSED(static char copyright[]) =  	The Regents of the University of California.  All rights reserved.\n";  #endif /* ! lint */ -SM_RCSID("@(#)$Id: main.c,v 8.882 2002/05/10 16:20:55 ca Exp $") +SM_RCSID("@(#)$Id: main.c,v 8.887 2002/06/17 22:25:52 gshapiro Exp $")  #if NETINET || NETINET6 @@ -1064,6 +1064,11 @@ main(argc, argv, envp)  			  default:  				i = Errors;  				QueueIntvl = convtime(optarg, 'm'); +				if (QueueIntvl < 0) +				{ +					usrerr("Invalid -q value"); +					ExitStat = EX_USAGE; +				}  				/* check for bad conversion */  				if (i < Errors) @@ -1188,14 +1193,19 @@ main(argc, argv, envp)  	if (bitset(SUBMIT_MTA, SubmitMode))  	{ -		macdefine(&BlankEnvelope.e_macro, A_PERM, -			  macid("{daemon_flags}"), "CC f"); +		/* If set daemon_flags on command line, don't reset it */ +		if (macvalue(macid("{daemon_flags}"), &BlankEnvelope) == NULL) +			macdefine(&BlankEnvelope.e_macro, A_PERM, +				  macid("{daemon_flags}"), "CC f");  	}  	else if (OpMode == MD_DELIVER || OpMode == MD_SMTP)  	{  		SubmitMode = SUBMIT_MSA; -		macdefine(&BlankEnvelope.e_macro, A_PERM, -			  macid("{daemon_flags}"), "c u"); + +		/* If set daemon_flags on command line, don't reset it */ +		if (macvalue(macid("{daemon_flags}"), &BlankEnvelope) == NULL) +			macdefine(&BlankEnvelope.e_macro, A_PERM, +				  macid("{daemon_flags}"), "c u");  	}  	/* @@ -2243,7 +2253,7 @@ main(argc, argv, envp)  	**		during startup.  	*/ -	if (OpMode == MD_DAEMON || QueueIntvl != 0) +	if (OpMode == MD_DAEMON || QueueIntvl > 0)  	{  		char dtype[200]; @@ -2283,7 +2293,7 @@ main(argc, argv, envp)  			(void) sm_strlcat(dtype, "+SMTP", sizeof dtype);  			DaemonPid = CurrentPid;  		} -		if (QueueIntvl != 0) +		if (QueueIntvl > 0)  		{  			(void) sm_strlcat2(dtype,  					   queuepersistent @@ -2314,7 +2324,7 @@ main(argc, argv, envp)  		(void) sm_releasesignal(SIGHUP);  		(void) sm_signal(SIGTERM, sigterm); -		if (QueueIntvl != 0) +		if (QueueIntvl > 0)  		{  			(void) runqueue(true, false, queuepersistent, true); diff --git a/contrib/sendmail/src/map.c b/contrib/sendmail/src/map.c index d8570d3762e3..f0301ebed5f1 100644 --- a/contrib/sendmail/src/map.c +++ b/contrib/sendmail/src/map.c @@ -13,7 +13,7 @@  #include <sendmail.h> -SM_RCSID("@(#)$Id: map.c,v 8.645 2002/05/24 21:07:36 gshapiro Exp $") +SM_RCSID("@(#)$Id: map.c,v 8.645.2.1 2002/06/21 20:25:23 ca Exp $")  #if LDAPMAP  # include <sm/ldap.h> @@ -1234,6 +1234,7 @@ dns_map_lookup(map, name, av, statp)  #  endif /* NETINET6 */  		} +		(void) strreplnonprt(value, 'X');  		if (map_p->dns_m_type != rr->rr_type)  		{  			if (tTd(38, 40)) diff --git a/contrib/sendmail/src/milter.c b/contrib/sendmail/src/milter.c index f52a72500ecf..2e45e509ac6d 100644 --- a/contrib/sendmail/src/milter.c +++ b/contrib/sendmail/src/milter.c @@ -10,7 +10,7 @@  #include <sendmail.h> -SM_RCSID("@(#)$Id: milter.c,v 8.196 2002/04/14 03:55:07 gshapiro Exp $") +SM_RCSID("@(#)$Id: milter.c,v 8.197 2002/06/12 22:33:48 gshapiro Exp $")  #if MILTER  # include <libmilter/mfapi.h> @@ -1401,6 +1401,12 @@ milter_set_option(name, val, sticky)  	if (tTd(37, 2) || tTd(64, 5))  		sm_dprintf("milter_set_option(%s = %s)", name, val); +	if (name == NULL) +	{ +		syserr("milter_set_option: invalid Milter option, must specify suboption"); +		return; +	} +  	for (mo = MilterOptTab; mo->mo_name != NULL; mo++)  	{  		if (sm_strcasecmp(mo->mo_name, name) == 0) diff --git a/contrib/sendmail/src/parseaddr.c b/contrib/sendmail/src/parseaddr.c index aa0e31d1b969..0c9d49e146fe 100644 --- a/contrib/sendmail/src/parseaddr.c +++ b/contrib/sendmail/src/parseaddr.c @@ -13,7 +13,7 @@  #include <sendmail.h> -SM_RCSID("@(#)$Id: parseaddr.c,v 8.359 2002/03/29 16:20:47 ca Exp $") +SM_RCSID("@(#)$Id: parseaddr.c,v 8.359.2.1 2002/06/19 18:24:26 gshapiro Exp $")  static void	allocaddr __P((ADDRESS *, int, char *, ENVELOPE *));  static int	callsubr __P((char**, int, ENVELOPE *)); @@ -1124,7 +1124,7 @@ rewrite(pvp, ruleset, reclevel, e, maxatom)  				ap = macvalue(rp[1], e);  				mlp->match_first = avp;  				if (tTd(21, 2)) -					sm_dprintf("rewrite: LHS $&%s => \"%s\"\n", +					sm_dprintf("rewrite: LHS $&{%s} => \"%s\"\n",  						macname(rp[1]),  						ap == NULL ? "(NULL)" : ap); @@ -1309,7 +1309,7 @@ rewrite(pvp, ruleset, reclevel, e, maxatom)  				}  				else  				{ -					/* $&x replacement */ +					/* $&{x} replacement */  					char *mval = macvalue(rp[1], e);  					char **xpvp;  					int trsize = 0; @@ -1318,7 +1318,7 @@ rewrite(pvp, ruleset, reclevel, e, maxatom)  					char pvpbuf[PSBUFSIZE];  					if (tTd(21, 2)) -						sm_dprintf("rewrite: RHS $&%s => \"%s\"\n", +						sm_dprintf("rewrite: RHS $&{%s} => \"%s\"\n",  							macname(rp[1]),  							mval == NULL ? "(NULL)" : mval);  					if (mval == NULL || *mval == '\0') diff --git a/contrib/sendmail/src/queue.c b/contrib/sendmail/src/queue.c index 5920b1ed2611..98096c7c3f50 100644 --- a/contrib/sendmail/src/queue.c +++ b/contrib/sendmail/src/queue.c @@ -13,7 +13,7 @@  #include <sendmail.h> -SM_RCSID("@(#)$Id: queue.c,v 8.862 2002/05/09 23:51:53 ca Exp $") +SM_RCSID("@(#)$Id: queue.c,v 8.863.2.2 2002/06/25 21:34:31 gshapiro Exp $")  #include <dirent.h> @@ -280,7 +280,7 @@ hash_q(p, h)  **	I	data file's inode number  **	K	time of last delivery attempt  **	L	Solaris Content-Length: header (obsolete) -**	M	message (obsolete) +**	M	message  **	N	number of delivery attempts  **	P	message priority  **	q	quarantine reason (_FFR_QUARANTINE) @@ -4203,7 +4203,7 @@ readqf(e, openonly)  			orcpt = sm_rpool_strdup_x(e->e_rpool, &bp[1]);  			break; -		  case 'r':		/* original recipient */ +		  case 'r':		/* final recipient */  			frcpt = sm_rpool_strdup_x(e->e_rpool, &bp[1]);  			break; diff --git a/contrib/sendmail/src/readcf.c b/contrib/sendmail/src/readcf.c index c4d06375504b..31810a2a5580 100644 --- a/contrib/sendmail/src/readcf.c +++ b/contrib/sendmail/src/readcf.c @@ -13,7 +13,7 @@  #include <sendmail.h> -SM_RCSID("@(#)$Id: readcf.c,v 8.606 2002/05/09 21:09:01 ca Exp $") +SM_RCSID("@(#)$Id: readcf.c,v 8.607 2002/06/14 16:57:32 ca Exp $")  #if NETINET || NETINET6  # include <arpa/inet.h> @@ -2949,14 +2949,13 @@ setoption(opt, val, safe, sticky, e)  #if _FFR_SELECT_SHM  	  case O_SHMKEYFILE:		/* shared memory key file */  # if SM_CONF_SHM -		CANONIFY(val); -		ShmKeyFile = newstr(val); +		SET_STRING_EXP(ShmKeyFile);  # else /* SM_CONF_SHM */  		(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,  				     "Warning: Option: %s requires shared memory support (-DSM_CONF_SHM)\n",  				     OPTNAME); -# endif /* SM_CONF_SHM */  		break; +# endif /* SM_CONF_SHM */  #endif /* _FFR_SELECT_SHM */  #if _FFR_MAX_FORWARD_ENTRIES diff --git a/contrib/sendmail/src/sasl.c b/contrib/sendmail/src/sasl.c index beeece2e00b0..f6aa5defc49a 100644 --- a/contrib/sendmail/src/sasl.c +++ b/contrib/sendmail/src/sasl.c @@ -9,7 +9,7 @@   */  #include <sm/gen.h> -SM_RCSID("@(#)$Id: sasl.c,v 8.18 2002/05/25 00:26:42 gshapiro Exp $") +SM_RCSID("@(#)$Id: sasl.c,v 8.19 2002/06/12 15:06:12 ca Exp $")  #if SASL  # include <stdlib.h> @@ -262,10 +262,10 @@ iptostring(addr, addrlen, out, outlen)  		errno = EINVAL;  		return false;  	} -	if (inet_ntop(AF_INET, &(addr->sin.sin_addr), -		      hbuf, sizeof hbuf) == NULL) +	if (sm_strlcpy(hbuf, inet_ntoa(addr->sin.sin_addr), sizeof(hbuf)) +	    >= sizeof(hbuf))  	{ -		errno = EINVAL; +		errno = ENOMEM;  		return false;  	}  	sm_snprintf(pbuf, sizeof pbuf, "%d", ntohs(addr->sin.sin_port)); diff --git a/contrib/sendmail/src/sendmail.h b/contrib/sendmail/src/sendmail.h index 2284bd6efcf4..544e54ea3b72 100644 --- a/contrib/sendmail/src/sendmail.h +++ b/contrib/sendmail/src/sendmail.h @@ -48,7 +48,7 @@  #ifdef _DEFINE  # ifndef lint -SM_UNUSED(static char SmailId[]) = "@(#)$Id: sendmail.h,v 8.918 2002/05/23 20:01:56 gshapiro Exp $"; +SM_UNUSED(static char SmailId[]) = "@(#)$Id: sendmail.h,v 8.919.2.1 2002/06/21 20:25:22 ca Exp $";  # endif /* ! lint */  #endif /* _DEFINE */ @@ -2500,6 +2500,7 @@ extern pid_t	sm_wait __P((int *));  extern bool	split_by_recipient __P((ENVELOPE *e));  extern void	stop_sendmail __P((void));  extern char	*str2prt __P((char *)); +extern bool	strreplnonprt __P((char *, int));  extern bool	strcontainedin __P((bool, char *, char *));  extern int	switch_map_find __P((char *, char *[], short []));  extern bool	transienterror __P((int)); diff --git a/contrib/sendmail/src/sfsasl.c b/contrib/sendmail/src/sfsasl.c index cad58d23a65a..53d72764f267 100644 --- a/contrib/sendmail/src/sfsasl.c +++ b/contrib/sendmail/src/sfsasl.c @@ -9,7 +9,7 @@   */  #include <sm/gen.h> -SM_RCSID("@(#)$Id: sfsasl.c,v 8.90 2002/05/09 20:44:11 ca Exp $") +SM_RCSID("@(#)$Id: sfsasl.c,v 8.91 2002/06/07 00:06:27 geir Exp $")  #include <stdlib.h>  #include <sendmail.h>  #include <errno.h> @@ -151,7 +151,7 @@ sasl_close(fp)  /* how to deallocate a buffer allocated by SASL */  extern void	sm_sasl_free __P((void *)); -# define SASL_DEALLOC(b)	sm_sasl_free(b) +#  define SASL_DEALLOC(b)	sm_sasl_free(b)  /*  **  SASL_READ -- read encrypted information and decrypt it for the caller diff --git a/contrib/sendmail/src/sm_resolve.c b/contrib/sendmail/src/sm_resolve.c index e3eb77f5628b..a6f5862262e8 100644 --- a/contrib/sendmail/src/sm_resolve.c +++ b/contrib/sendmail/src/sm_resolve.c @@ -1,5 +1,5 @@  /* - * Copyright (c) 2000-2001 Sendmail, Inc. and its suppliers. + * Copyright (c) 2000-2002 Sendmail, Inc. and its suppliers.   *	All rights reserved.   *   * By using this file, you agree to the terms and conditions set @@ -46,7 +46,7 @@  # if NAMED_BIND  #  include "sm_resolve.h" -SM_RCSID("$Id: sm_resolve.c,v 8.24 2001/09/11 04:05:16 gshapiro Exp $") +SM_RCSID("$Id: sm_resolve.c,v 8.24.4.6 2002/06/25 04:22:41 ca Exp $")  static struct stot  { @@ -180,8 +180,8 @@ parse_dns_reply(data, len)  	p = data;  	/* doesn't work on Crays? */ -	memcpy(&r->dns_r_h, p, sizeof(HEADER)); -	p += sizeof(HEADER); +	memcpy(&r->dns_r_h, p, sizeof(r->dns_r_h)); +	p += sizeof(r->dns_r_h);  	status = dn_expand(data, data + len, p, host, sizeof host);  	if (status < 0)  	{ @@ -200,7 +200,7 @@ parse_dns_reply(data, len)  	rr = &r->dns_r_head;  	while (p < data + len)  	{ -		int type, class, ttl, size; +		int type, class, ttl, size, txtlen;  		status = dn_expand(data, data + len, p, host, sizeof host);  		if (status < 0) @@ -213,7 +213,21 @@ parse_dns_reply(data, len)  		GETSHORT(class, p);  		GETLONG(ttl, p);  		GETSHORT(size, p); -		*rr = (RESOURCE_RECORD_T *) xalloc(sizeof(RESOURCE_RECORD_T)); +		if (p + size > data + len) +		{ +			/* +			**  announced size of data exceeds length of +			**  data paket: someone is cheating. +			*/ + +			if (LogLevel > 5) +				sm_syslog(LOG_WARNING, NOQID, +					  "ERROR: DNS RDLENGTH=%d > data len=%d", +					  size, len - (p - data)); +			dns_free_data(r); +			return NULL; +		} +		*rr = (RESOURCE_RECORD_T *) xalloc(sizeof(**rr));  		if (*rr == NULL)  		{  			dns_free_data(r); @@ -260,7 +274,7 @@ parse_dns_reply(data, len)  			}  			l = strlen(host) + 1;  			(*rr)->rr_u.rr_mx = (MX_RECORD_T *) -				xalloc(sizeof(MX_RECORD_T) + l); +				xalloc(sizeof(*((*rr)->rr_u.rr_mx)) + l);  			if ((*rr)->rr_u.rr_mx == NULL)  			{  				dns_free_data(r); @@ -281,7 +295,7 @@ parse_dns_reply(data, len)  			}  			l = strlen(host) + 1;  			(*rr)->rr_u.rr_srv = (SRV_RECORDT_T*) -				xalloc(sizeof(SRV_RECORDT_T) + l); +				xalloc(sizeof(*((*rr)->rr_u.rr_srv)) + l);  			if ((*rr)->rr_u.rr_srv == NULL)  			{  				dns_free_data(r); @@ -295,14 +309,35 @@ parse_dns_reply(data, len)  			break;  		  case T_TXT: -			(*rr)->rr_u.rr_txt = (char *) xalloc(size + 1); + +			/* +			**  The TXT record contains the length as +			**  leading byte, hence the value is restricted +			**  to 255, which is less than the maximum value +			**  of RDLENGTH (size). Nevertheless, txtlen +			**  must be less than size because the latter +			**  specifies the length of the entire TXT +			**  record. +			*/ + +			txtlen = *p; +			if (txtlen >= size) +			{ +				if (LogLevel > 5) +					sm_syslog(LOG_WARNING, NOQID, +						  "ERROR: DNS TXT record size=%d <= text len=%d", +						  size, txtlen); +				dns_free_data(r); +				return NULL; +			} +			(*rr)->rr_u.rr_txt = (char *) xalloc(txtlen + 1);  			if ((*rr)->rr_u.rr_txt == NULL)  			{  				dns_free_data(r);  				return NULL;  			} -			(void) strncpy((*rr)->rr_u.rr_txt, (char*) p + 1, *p); -			(*rr)->rr_u.rr_txt[*p] = 0; +			(void) sm_strlcpy((*rr)->rr_u.rr_txt, (char*) p + 1, +					  txtlen + 1);  			break;  		  default: @@ -313,6 +348,7 @@ parse_dns_reply(data, len)  				return NULL;  			}  			(void) memcpy((*rr)->rr_u.rr_data, p, size); +			break;  		}  		p += size;  		rr = &(*rr)->rr_next; diff --git a/contrib/sendmail/src/srvrsmtp.c b/contrib/sendmail/src/srvrsmtp.c index bbcd31fc9a6a..dd14ffa7b269 100644 --- a/contrib/sendmail/src/srvrsmtp.c +++ b/contrib/sendmail/src/srvrsmtp.c @@ -16,7 +16,7 @@  # include <libmilter/mfdef.h>  #endif /* MILTER */ -SM_RCSID("@(#)$Id: srvrsmtp.c,v 8.827 2002/05/28 14:29:57 ca Exp $") +SM_RCSID("@(#)$Id: srvrsmtp.c,v 8.829 2002/06/17 21:54:57 gshapiro Exp $")  #if SASL || STARTTLS  # include <sys/time.h> @@ -1896,7 +1896,8 @@ smtp(nullserver, d_flags, e)  				message("250-AUTH %s", mechlist);  #endif /* SASL */  #if STARTTLS -			if (tls_ok_srv && bitset(SRV_OFFER_TLS, features)) +			if (tls_ok_srv && +			    bitset(SRV_OFFER_TLS, features))  				message("250-STARTTLS");  #endif /* STARTTLS */  			if (DeliverByMin > 0) diff --git a/contrib/sendmail/src/util.c b/contrib/sendmail/src/util.c index 497454133d03..52b37ec53720 100644 --- a/contrib/sendmail/src/util.c +++ b/contrib/sendmail/src/util.c @@ -13,7 +13,7 @@  #include <sendmail.h> -SM_RCSID("@(#)$Id: util.c,v 8.363 2002/05/24 20:44:05 gshapiro Exp $") +SM_RCSID("@(#)$Id: util.c,v 8.363.2.1 2002/06/21 20:25:25 ca Exp $")  #include <sysexits.h>  #include <sm/xtrap.h> @@ -2239,6 +2239,40 @@ denlstring(s, strict, logattacks)  	return bp;  } + +/* +**  STRREPLNONPRT -- replace "unprintable" characters in a string with subst +** +**	Parameters: +**		s -- string to manipulate (in place) +**		subst -- character to use as replacement +** +**	Returns: +**		true iff string did not contain "unprintable" characters +*/ + +bool +strreplnonprt(s, c) +	char *s; +	int c; +{ +	bool ok; + +	ok = true; +	if (s == NULL) +		return ok; +	while (*s != '\0') +	{ +		if (!(isascii(*s) && isprint(*s))) +		{ +			*s = c; +			ok = false; +		} +		++s; +	} +	return ok; +} +  /*  **  STR2PRT -- convert "unprintable" characters in a string to \oct  ** diff --git a/contrib/sendmail/src/version.c b/contrib/sendmail/src/version.c index 3e86eb068bfc..3600b84ef045 100644 --- a/contrib/sendmail/src/version.c +++ b/contrib/sendmail/src/version.c @@ -13,6 +13,6 @@  #include <sm/gen.h> -SM_RCSID("@(#)$Id: version.c,v 8.102 2002/05/31 18:53:59 ca Exp $") +SM_RCSID("@(#)$Id: version.c,v 8.104.2.2 2002/06/25 22:51:53 ca Exp $") -char	Version[] = "8.12.4"; +char	Version[] = "8.12.5"; diff --git a/contrib/sendmail/test/Makefile.m4 b/contrib/sendmail/test/Makefile.m4 index 14868a92858f..579eb4edb239 100644 --- a/contrib/sendmail/test/Makefile.m4 +++ b/contrib/sendmail/test/Makefile.m4 @@ -1,3 +1,4 @@ +dnl $Id: Makefile.m4,v 1.3.2.1 2002/06/21 21:58:49 ca Exp $  include(confBUILDTOOLSDIR`/M4/switch.m4')  bldPRODUCT_START(`executable', `test') diff --git a/contrib/sendmail/vacation/Makefile.m4 b/contrib/sendmail/vacation/Makefile.m4 index 6de9d4eee77e..0cd52361d719 100644 --- a/contrib/sendmail/vacation/Makefile.m4 +++ b/contrib/sendmail/vacation/Makefile.m4 @@ -1,3 +1,4 @@ +dnl $Id: Makefile.m4,v 8.24.4.1 2002/06/21 21:58:50 ca Exp $  include(confBUILDTOOLSDIR`/M4/switch.m4')  define(`confREQUIRE_LIBSM', `true') diff --git a/contrib/sendmail/vacation/vacation.1 b/contrib/sendmail/vacation/vacation.1 index 299df64a600c..055fb7a4bf95 100644 --- a/contrib/sendmail/vacation/vacation.1 +++ b/contrib/sendmail/vacation/vacation.1 @@ -9,9 +9,9 @@  .\" the sendmail distribution.  .\"  .\" -.\"	$Id: vacation.1,v 8.29 2002/03/23 19:17:36 gshapiro Exp $ +.\"	$Id: vacation.1,v 8.29.2.1 2002/06/21 21:28:06 ca Exp $  .\" -.TH VACATION 1 "$Date: 2002/03/23 19:17:36 $" +.TH VACATION 1 "$Date: 2002/06/21 21:28:06 $"  .SH NAME  vacation  \- E-mail auto-responder @@ -79,7 +79,7 @@ This option defaults to the standard sendmail configuration file,  located at /etc/mail/sendmail.cf on most systems.  .TP  .B \-d -Send error/debug messages to stdout instead of syslog. +Send error/debug messages to stderr instead of syslog.  Otherwise, fatal errors, such as calling  .B vacation  with incorrect arguments, or with non-existent | 
