d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Import sendmail 8.13.7

Browse Source 
Security: FreeBSD-SA-06:17.sendmail
This commit is contained in:
Gregory Neil Shapiro 2006-06-14 16:23:02 +00:00
parent 4e4196cb74
commit af9557fdd1
37 changed files with 1443 additions and 760 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1636
contrib/sendmail/PGPKEYS
View File

File diff suppressed because it is too large Load Diff

49
contrib/sendmail/RELEASE_NOTES
View File

@ -1,11 +1,58 @@
SENDMAIL RELEASE NOTES
$Id: RELEASE_NOTES,v 8.1765 2006/03/08 02:15:03 ca Exp $
$Id: RELEASE_NOTES,v 8.1777.2.6 2006/06/05 22:32:41 ca Exp $
This listing shows the version of the sendmail binary, the version
of the sendmail configuration files, the date of release, and a
summary of the changes in that release.
8.13.7/8.13.7 2006/06/14
A malformed MIME structure with many parts can cause sendmail to
crash while trying to send a mail due to a stack overflow,
e.g., if the stack size is limited (ulimit -s). This
happens because the recursion of the function mime8to7()
was not restricted. The function is called for MIME 8 to
7 bit conversion and also to enforce MaxMimeHeaderLength.
To work around this problem, recursive calls are limited to
a depth of MAXMIMENESTING (20); message content after this
limit is treated as opaque and is not checked further.
Problem noted by Frank Sheiness.
The changes to the I/O layer in 8.13.6 caused a regression for
SASL mechanisms that use the security layer, e.g.,
DIGEST-MD5. Problem noted by Robert Stampfli.
If a timeout occurs while reading a message (during the DATA phase)
a df file might have been left behind in the queue.
This was another side effect of the changes to the I/O
layer made in 8.13.6.
Several minor problems have been fixed that were found by a
Coverity scan of sendmail 8 as part of the NetBSD
distribution. See http://scan.coverity.com/
Note: the scan generated also a lot of "false positives",
e.g., "error" reports about situations that cannot happen.
Most of those code places are marked with lint(1) comments
like NOTREACHED, but Coverity does not understand those.
Hence an explicit assertion has been added in some cases
to avoid those false positives.
If the start of the sendmail daemon fails due to a configuration
error then in some cases shared memory segments or pid
files were not removed.
If DSN support is disabled via access_db, then related ESMTP
parameters for MAIL and RCPT should be rejected. Problem
reported by Akihiro Sagawa.
Enabling zlib compression in OpenSSL 0.9.8[ab] breaks the padding
bug work-around. Hence if sendmail is linked against
either of these versions and compression is available,
the padding bug work-around is turned off. Based on
patch from Victor Duchovni of Morgan Stanley.
CONFIG: FEATURE(`dnsbl') and FEATURE(`enhdnsbl') used
blackholes.mail-abuse.org as default domain for lookups,
however, that list is no longer available. To avoid
further problems, no default value is available anymore,
but an argument must be specified.
Portability:
Fix compilation on OSF/1 for sfsasl.c. Patch from
Pieter Bowman of the University of Utah.
8.13.6/8.13.6 2006/03/22
SECURITY: Replace unsafe use of setjmp(3)/longjmp(3) in the server
and client side of sendmail with timeouts in the libsm I/O

43
contrib/sendmail/cf/README
View File

@ -1242,13 +1242,10 @@ use_client_ptr If this feature is enabled then check_relay will override
about check_relay, {client_name}, and {client_ptr}.
dnsbl Turns on rejection of hosts found in an DNS based rejection
list. If an argument is provided it is used as the domain
in which blocked hosts are listed; otherwise it defaults to
blackholes.mail-abuse.org. An explanation for an DNS based
rejection list can be found at http://mail-abuse.org/rbl/.
A second argument can be used to change the default error
message. Without that second argument, the error message
will be
list. The first is used as the domain in which blocked
hosts are listed. A second argument can be used to change
the default error message. Without that second argument,
the error message will be
Rejected: IP-ADDRESS listed at SERVER
where IP-ADDRESS and SERVER are replaced by the appropriate
information. By default, temporary lookup failures are
@ -1279,13 +1276,6 @@ dnsbl Turns on rejection of hosts found in an DNS based rejection
See below (EDNSBL_TO) for an explanation.
NOTE: The default DNS blacklist, blackholes.mail-abuse.org,
is a service offered by the Mail Abuse Prevention System
(MAPS). As of July 31, 2001, MAPS is a subscription
service, so using that network address won't work if you
haven't subscribed. Contact MAPS to subscribe
(http://mail-abuse.org/).
enhdnsbl Enhanced version of dnsbl (see above). Further arguments
(up to 5) can be used to specify specific return values
from lookups. Temporary lookup failures are ignored unless
@ -2631,22 +2621,16 @@ as value part in the access map. Taking the example from above:
Mail can't be sent to spammer@aol.com or anyone at cyberspammer.com.
That's why tagged entries should be used.
There are several DNS based blacklists, the first of which was
the RBL (``Realtime Blackhole List'') run by the MAPS project,
see http://mail-abuse.org/. These are databases of spammers
There are several DNS based blacklists which can be found by
querying a search engine. These are databases of spammers
maintained in DNS. To use such a database, specify
FEATURE(`dnsbl')
FEATURE(`dnsbl', `dnsbl.example.com')
This will cause sendmail to reject mail from any site in the original
Realtime Blackhole List database. This default DNS blacklist,
blackholes.mail-abuse.org, is a service offered by the Mail Abuse
Prevention System (MAPS). As of July 31, 2001, MAPS is a subscription
service, so using that network address won't work if you haven't
subscribed. Contact MAPS to subscribe (http://mail-abuse.org/).
You can specify an alternative RBL server to check by specifying an
argument to the FEATURE. The default error message is
This will cause sendmail to reject mail from any site listed in the
DNS based blacklist. You must select an DNSB based blacklist domain
to check by specifying an argument to the FEATURE. The default
error message is
Rejected: IP-ADDRESS listed at SERVER
@ -2668,8 +2652,7 @@ where IP-ADDRESS and SERVER are replaced by the appropriate
information.
This FEATURE can be included several times to query different
DNS based rejection lists, e.g., the dial-up user list (see
http://mail-abuse.org/dul/).
DNS based rejection lists.
Notice: to avoid checking your own local domains against those
blacklists, use the access_db feature and add:
@ -4605,4 +4588,4 @@ M4 DIVERSIONS
8 DNS based blacklists
9 special local rulesets (1 and 2)
$Revision: 8.704 $, Last updated $Date: 2006/02/15 05:49:31 $
$Revision: 8.706 $, Last updated $Date: 2006/04/18 22:31:06 $

12
contrib/sendmail/cf/cf/submit.cf
View File

@ -16,8 +16,8 @@
#####
##### SENDMAIL CONFIGURATION FILE
#####
##### built by ca@wiz.smi.sendmail.com on Sun Mar 19 22:37:26 PST 2006
##### in /extra/home/ca/sm-8.13.6/OpenSource/sendmail-8.13.6/cf/cf
##### built by ca@nother.smi.sendmail.com on Mon Jun 5 15:34:16 PDT 2006
##### in /extra/home/ca/sm-8.13.7/OpenSource/sendmail-8.13.7/cf/cf
##### using ../ as configuration include directory
#####
######################################################################
@ -29,13 +29,13 @@
##### $Id: cfhead.m4,v 8.116 2004/01/28 22:02:22 ca Exp $ #####
##### $Id: cf.m4,v 8.32 1999/02/07 07:26:14 gshapiro Exp $ #####
##### $Id: submit.mc,v 8.13 2003/09/10 22:12:48 ca Exp $ #####
##### $Id: submit.mc,v 8.14 2006/04/05 05:54:41 ca Exp $ #####
##### $Id: msp.m4,v 1.33 2004/02/09 22:32:38 ca Exp $ #####
##### $Id: no_default_msa.m4,v 8.2 2001/02/14 05:03:22 gshapiro Exp $ #####
##### $Id: proto.m4,v 8.718 2005/08/24 18:07:23 ca Exp $ #####
##### $Id: proto.m4,v 8.719 2006/03/30 20:50:13 ca Exp $ #####
# level 10 config file format
V10/Berkeley
@ -114,7 +114,7 @@ D{MTAHost}[127.0.0.1]
# Configuration version number
DZ8.13.6/Submit
DZ8.13.7/Submit
###############
@ -1441,7 +1441,7 @@ Mrelay, P=[IPC], F=mDFMuXa8k, S=EnvFromSMTP/HdrFromSMTP, R=MasqSMTP, E=\r\n, L=
# #
#
# divert(0)dnl
# VERSIONID(`$Id: submit.mc,v 8.13 2003/09/10 22:12:48 ca Exp $')
# VERSIONID(`$Id: submit.mc,v 8.14 2006/04/05 05:54:41 ca Exp $')
# define(`confCF_VERSION', `Submit')dnl
# define(`__OSTYPE__',`')dnl dirty hack to keep proto.m4 from complaining
# define(`_USE_DECNET_SYNTAX_', `1')dnl support DECnet

2
contrib/sendmail/cf/cf/submit.mc
View File

@ -15,7 +15,7 @@ divert(-1)
#
divert(0)dnl
VERSIONID(`$Id: submit.mc,v 8.13 2003/09/10 22:12:48 ca Exp $')
VERSIONID(`$Id: submit.mc,v 8.14 2006/04/05 05:54:41 ca Exp $')
define(`confCF_VERSION', `Submit')dnl
define(`__OSTYPE__',`')dnl dirty hack to keep proto.m4 from complaining
define(`_USE_DECNET_SYNTAX_', `1')dnl support DECnet

8
contrib/sendmail/cf/feature/dnsbl.m4
View File

@ -1,6 +1,6 @@
divert(-1)
#
# Copyright (c) 1998-2002, 2005 Sendmail, Inc. and its suppliers.
# Copyright (c) 1998-2002, 2005, 2006 Sendmail, Inc. and its suppliers.
# All rights reserved.
#
# By using this file, you agree to the terms and conditions set
@ -12,13 +12,15 @@ divert(-1)
ifdef(`DNSBL_MAP', `', `define(`DNSBL_MAP', `dns -R A')')
divert(0)
ifdef(`_DNSBL_R_',`dnl',`dnl
VERSIONID(`$Id: dnsbl.m4,v 8.30 2005/07/25 20:56:53 ca Exp $')
VERSIONID(`$Id: dnsbl.m4,v 8.32 2006/03/29 22:50:16 ca Exp $')
define(`_DNSBL_R_',`')
ifelse(defn(`_ARG_'), `',
`errprint(`*** ERROR: missing argument for FEATURE(`dnsbl')')')
LOCAL_CONFIG
# map for DNS based blacklist lookups
Kdnsbl DNSBL_MAP -T<TMP>ifdef(`DNSBL_MAP_OPT',` DNSBL_MAP_OPT')')
divert(-1)
define(`_DNSBL_SRV_', `ifelse(len(X`'_ARG_),`1',`blackholes.mail-abuse.org',_ARG_)')dnl
define(`_DNSBL_SRV_', `_ARG_')dnl
define(`_DNSBL_MSG_', `ifelse(len(X`'_ARG2_),`1',`"550 Rejected: " $`'&{client_addr} " listed at '_DNSBL_SRV_`"',`_ARG2_')')dnl
define(`_DNSBL_MSG_TMP_', `ifelse(_ARG3_,`t',`"451 Temporary lookup failure of " $`'&{client_addr} " at '_DNSBL_SRV_`"',`_ARG3_')')dnl
divert(8)

8
contrib/sendmail/cf/feature/enhdnsbl.m4
View File

@ -1,6 +1,6 @@
divert(-1)
#
# Copyright (c) 2000-2002, 2005 Sendmail, Inc. and its suppliers.
# Copyright (c) 2000-2002, 2005, 2006 Sendmail, Inc. and its suppliers.
# All rights reserved.
#
# By using this file, you agree to the terms and conditions set
@ -9,16 +9,18 @@ divert(-1)
#
#
ifelse(defn(`_ARG_'), `',
`errprint(`*** ERROR: missing argument for FEATURE(`enhdnsbl')')')
divert(0)
ifdef(`_EDNSBL_R_',`dnl',`dnl
VERSIONID(`$Id: enhdnsbl.m4,v 1.10 2005/07/25 20:56:53 ca Exp $')
VERSIONID(`$Id: enhdnsbl.m4,v 1.11 2006/03/31 19:56:16 ca Exp $')
LOCAL_CONFIG
define(`_EDNSBL_R_',`')dnl
# map for enhanced DNS based blacklist lookups
Kednsbl dns -R A -a. -T<TMP> -r`'ifdef(`EDNSBL_TO',`EDNSBL_TO',`5')
')
divert(-1)
define(`_EDNSBL_SRV_', `ifelse(len(X`'_ARG_),`1',`blackholes.mail-abuse.org',_ARG_)')dnl
define(`_EDNSBL_SRV_', `_ARG_')dnl
define(`_EDNSBL_MSG_', `ifelse(len(X`'_ARG2_),`1',`"550 Rejected: " $`'&{client_addr} " listed at '_EDNSBL_SRV_`"',`_ARG2_')')dnl
define(`_EDNSBL_MSG_TMP_', `ifelse(_ARG3_,`t',`"451 Temporary lookup failure of " $`'&{client_addr} " at '_EDNSBL_SRV_`"',`_ARG3_')')dnl
define(`_EDNSBL_MATCH_', `ifelse(len(X`'_ARG4_),`1',`$`'+',_ARG4_)')dnl

6
contrib/sendmail/cf/m4/proto.m4
View File

@ -1,6 +1,6 @@
divert(-1)
#
# Copyright (c) 1998-2005 Sendmail, Inc. and its suppliers.
# Copyright (c) 1998-2006 Sendmail, Inc. and its suppliers.
# All rights reserved.
# Copyright (c) 1983, 1995 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
@ -13,7 +13,7 @@ divert(-1)
#
divert(0)
VERSIONID(`$Id: proto.m4,v 8.718 2005/08/24 18:07:23 ca Exp $')
VERSIONID(`$Id: proto.m4,v 8.719 2006/03/30 20:50:13 ca Exp $')
# level CF_LEVEL config file format
V`'CF_LEVEL/ifdef(`VENDOR_NAME', `VENDOR_NAME', `Berkeley')
@ -1959,7 +1959,7 @@ R<@> < $* @ $+ . $+ > $: < $1 @ $2 . $3 >
dnl prepend daemon_flags
R<@> $* $: $&{daemon_flags} $| <@> $1
dnl workspace: ${daemon_flags} $| <@> <address>
dnl 'r'equire qual.rcpt: ok
dnl _r_equire qual.rcpt: ok
R$* r $* $| <@> < $+ @ $+ > $: < $3 @ $4 >
dnl do not allow these at all or only from local systems?
R$* r $* $| <@> < $* > $: < ? $&{client_name} > < $3 >

4
contrib/sendmail/cf/m4/version.m4
View File

@ -11,8 +11,8 @@ divert(-1)
# the sendmail distribution.
#
#
VERSIONID(`$Id: version.m4,v 8.147 2006/03/08 19:21:23 ca Exp $')
VERSIONID(`$Id: version.m4,v 8.150.2.4 2006/06/05 22:32:40 ca Exp $')
#
divert(0)
# Configuration version number
DZ8.13.6`'ifdef(`confCF_VERSION', `/confCF_VERSION')
DZ8.13.7`'ifdef(`confCF_VERSION', `/confCF_VERSION')

4
contrib/sendmail/include/libmilter/mfapi.h
View File

@ -7,7 +7,7 @@
* the sendmail distribution.
*
*
* $Id: mfapi.h,v 8.60 2004/08/20 21:24:14 ca Exp $
* $Id: mfapi.h,v 8.61 2006/05/04 17:02:01 ca Exp $
*/
/*
@ -134,7 +134,7 @@ struct smfiDesc
#endif /* SMFI_VERSION > 2 */
#if SMFI_VERSION > 3
/* any unrecognized or unimplemented command filter */
/* SMTP DATA command filter */
sfsistat (*xxfi_data) SM__P((SMFICTX *));
#endif /* SMFI_VERSION > 3 */
};

13
contrib/sendmail/libmilter/docs/xxfi_header.html
View File

@ -2,7 +2,7 @@
<head><title>xxfi_header</title></head>
<body>
<!--
$Id: xxfi_header.html,v 1.10 2003/03/05 19:57:55 ca Exp $
$Id: xxfi_header.html,v 1.11 2006/04/05 17:10:43 ca Exp $
-->
<h1>xxfi_header</h1>
@ -44,10 +44,11 @@ Handle a message header.
<td> Header field name.
</td></tr>
<tr valign="top"><td>headerv</td>
<td>Header field value. The
content of the header may include folded white space (i.e. multiple
lines with following white space). The trailing line terminator (CR/LF)
is removed.
<td>Header field value.
The content of the header may include folded white space,
i.e., multiple lines with following white space
where lines are separated by LF (not CR/LF).
The trailing line terminator (CR/LF) is removed.
</td></tr>
</table>
</td></tr>
@ -67,7 +68,7 @@ RFC <a href="http://www.rfc-editor.org/rfc/rfc822.html">822</a>
<hr size="1">
<font size="-1">
Copyright (c) 2000, 2003 Sendmail, Inc. and its suppliers.
Copyright (c) 2000, 2003, 2006 Sendmail, Inc. and its suppliers.
All rights reserved.
<br>
By using this file, you agree to the terms and conditions set

12
contrib/sendmail/libmilter/engine.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1999-2003 Sendmail, Inc. and its suppliers.
* Copyright (c) 1999-2004, 2006 Sendmail, Inc. and its suppliers.
* All rights reserved.
*
* By using this file, you agree to the terms and conditions set
@ -9,7 +9,7 @@
*/
#include <sm/gen.h>
SM_RCSID("@(#)$Id: engine.c,v 8.120 2004/10/20 21:09:00 ca Exp $")
SM_RCSID("@(#)$Id: engine.c,v 8.121 2006/04/18 21:01:46 ca Exp $")
#include "libmilter.h"
@ -166,6 +166,8 @@ static int next_states[] =
NX_UNKN
};
#define SIZE_NEXT_STATES (sizeof(next_states) / sizeof(next_states[0]))
/* commands received by milter */
static cmdfct cmds[] =
{
@ -1076,6 +1078,8 @@ trans_ok(old, new)
int s, n;
s = old;
if (s >= SIZE_NEXT_STATES)
return false;
do
{
/* is this state transition allowed? */
@ -1089,6 +1093,8 @@ trans_ok(old, new)
*/
n = s + 1;
if (n >= SIZE_NEXT_STATES)
return false;
/*
** can we actually "skip" this state?
@ -1100,7 +1106,7 @@ trans_ok(old, new)
s = n;
else
return false;
} while (s <= ST_LAST);
} while (s < SIZE_NEXT_STATES);
return false;
}
/*

10
contrib/sendmail/libsm/t-memstat.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2005 Sendmail, Inc. and its suppliers.
* Copyright (c) 2005, 2006 Sendmail, Inc. and its suppliers.
* All rights reserved.
*
* By using this file, you agree to the terms and conditions set
@ -8,16 +8,20 @@
*/
#include <sm/gen.h>
SM_IDSTR(id, "@(#)$Id: t-memstat.c,v 1.5 2005/12/22 19:05:42 ca Exp $")
SM_IDSTR(id, "@(#)$Id: t-memstat.c,v 1.6 2006/03/27 22:34:47 ca Exp $")
/*
** Simple test program for memstat
** Simple test program for memstat
*/
#include <stdlib.h>
#include <unistd.h>
#include <stdio.h>
#include <strings.h>
#include <string.h>
extern char *optarg;
extern int optind;
int
main(argc, argv)

16
contrib/sendmail/src/README
View File

@ -9,7 +9,7 @@
# the sendmail distribution.
#
#
# $Id: README,v 8.388 2005/07/26 05:45:39 ca Exp $
# $Id: README,v 8.389 2006/05/02 16:58:50 ca Exp $
#
This directory contains the source files for sendmail(TM).
@ -1716,6 +1716,18 @@ Regular Expressions (MAP_REGEX)
Make sure, your compiler reads regex.h from the distribution,
not from /usr/include, otherwise sendmail will dump a core.
Fedora Core 5, 64 bit version
If the ld stage fails with undefined functions like
__res_querydomain, __dn_expand
then add these lines to devtools/Site/site.config.m4
APPENDDEF(`confLIBDIRS', `-L/usr/lib64')
APPENDDEF(`confINCDIRS', `-I/usr/include/bind9')
and rebuild (sh ./Build -c).
Problem noted by Daniel Krones, solution suggested by
Anthony Howe.
+--------------+
| MANUAL PAGES |
@ -1832,4 +1844,4 @@ util.c Some general purpose routines used by sendmail.
version.c The version number and information about this
version of sendmail.
(Version $Revision: 8.388 $, last update $Date: 2005/07/26 05:45:39 $ )
(Version $Revision: 8.389 $, last update $Date: 2006/05/02 16:58:50 $ )

7
contrib/sendmail/src/bf.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1999-2002, 2004 Sendmail, Inc. and its suppliers.
* Copyright (c) 1999-2002, 2004, 2006 Sendmail, Inc. and its suppliers.
* All rights reserved.
*
* By using this file, you agree to the terms and conditions set
@ -18,7 +18,7 @@
*/
#include <sm/gen.h>
SM_RCSID("@(#)$Id: bf.c,v 8.61 2004/08/03 23:59:02 ca Exp $")
SM_RCSID("@(#)$Id: bf.c,v 8.62 2006/03/31 18:45:56 ca Exp $")
#include <sys/types.h>
#include <sys/stat.h>
@ -540,13 +540,16 @@ sm_bfwrite(fp, buf, nbytes)
if (!bfp->bf_ondisk)
{
MODE_T omask;
int save_errno;
/* Clear umask as bf_filemode are the true perms */
omask = umask(0);
retval = OPEN(bfp->bf_filename,
O_RDWR | O_CREAT | O_TRUNC | QF_O_EXTRA,
bfp->bf_filemode, bfp->bf_flags);
save_errno = errno;
(void) umask(omask);
errno = save_errno;
/* Couldn't create file: failure */
if (retval < 0)

4
contrib/sendmail/src/collect.c
View File

@ -13,7 +13,7 @@
#include <sendmail.h>
SM_RCSID("@(#)$Id: collect.c,v 8.272 2006/03/02 19:09:26 ca Exp $")
SM_RCSID("@(#)$Id: collect.c,v 8.273 2006/03/31 18:51:47 ca Exp $")
static void eatfrom __P((char *volatile, ENVELOPE *));
static void collect_doheader __P((ENVELOPE *));
@ -857,6 +857,8 @@ collect(fp, smtpmode, hdrp, e, rsetsize)
q->q_state = QS_FATALERR;
}
(void) sm_io_close(df, SM_TIME_DEFAULT);
df = NULL;
finis(true, true, ExitStat);
/* NOTREACHED */
}

4
contrib/sendmail/src/conf.c
View File

@ -13,7 +13,7 @@
#include <sendmail.h>
SM_RCSID("@(#)$Id: conf.c,v 8.1081 2006/02/24 02:21:53 ca Exp $")
SM_RCSID("@(#)$Id: conf.c,v 8.1082 2006/03/22 22:49:33 ca Exp $")
#include <sendmail/pathnames.h>
#if NEWDB
@ -2197,7 +2197,7 @@ shouldqueue(pri, ct)
memfree < QueueLowMem)
{
if (tTd(3, 30))
sm_dprintf("true (memfree=%ld < QueueLowMem)\n",
sm_dprintf("true (memfree=%ld < QueueLowMem=%ld)\n",
memfree, QueueLowMem);
return true;
}

27
contrib/sendmail/src/daemon.c
View File

@ -13,7 +13,7 @@
#include <sendmail.h>
SM_RCSID("@(#)$Id: daemon.c,v 8.665 2006/03/02 19:12:00 ca Exp $")
SM_RCSID("@(#)$Id: daemon.c,v 8.666 2006/04/18 01:23:42 ca Exp $")
#if defined(SOCK_STREAM) || defined(__GNU_LIBRARY__)
# define USE_SOCK_STREAM 1
@ -520,18 +520,22 @@ getrequests(e)
syserr("getrequests: accept");
/* arrange to re-open the socket next time around */
(void) close(Daemons[curdaemon].d_socket);
Daemons[curdaemon].d_socket = -1;
if (curdaemon >= 0)
{
/* arrange to re-open socket next time around */
(void) close(Daemons[curdaemon].d_socket);
Daemons[curdaemon].d_socket = -1;
#if SO_REUSEADDR_IS_BROKEN
/*
** Give time for bound socket to be released.
** This creates a denial-of-service if you can
** force accept() to fail on affected systems.
*/
/*
** Give time for bound socket to be released.
** This creates a denial-of-service if you can
** force accept() to fail on affected systems.
*/
Daemons[curdaemon].d_refuse_connections_until = curtime() + 15;
Daemons[curdaemon].d_refuse_connections_until =
curtime() + 15;
#endif /* SO_REUSEADDR_IS_BROKEN */
}
continue;
}
@ -2083,7 +2087,7 @@ makeconnection(host, port, mci, e, enough)
SOCKADDR clt_addr;
int save_errno = 0;
volatile SOCKADDR_LEN_T addrlen;
volatile bool firstconnect;
volatile bool firstconnect = true;
SM_EVENT *volatile ev = NULL;
#if NETINET6
volatile bool v6found = false;
@ -2486,7 +2490,6 @@ makeconnection(host, port, mci, e, enough)
}
#endif /* XLA */
firstconnect = true;
for (;;)
{
if (tTd(16, 1))

25
contrib/sendmail/src/deliver.c
View File

@ -14,7 +14,7 @@
#include <sendmail.h>
#include <sm/time.h>
SM_RCSID("@(#)$Id: deliver.c,v 8.1000 2006/03/02 01:37:39 ca Exp $")
SM_RCSID("@(#)$Id: deliver.c,v 8.1003.2.1 2006/05/23 01:32:08 ca Exp $")
#if HASSETUSERCONTEXT
# include <login_cap.h>
@ -3127,15 +3127,18 @@ deliver(e, firstto)
if (result == SASL_OK && *ssf > 0)
{
int tmo;
/*
** Convert I/O layer to use SASL.
** If the call fails, the connection
** is aborted.
*/
tmo = DATA_PROGRESS_TIMEOUT * 1000;
if (sfdcsasl(&mci->mci_in,
&mci->mci_out,
mci->mci_conn) == 0)
mci->mci_conn, tmo) == 0)
{
mci->mci_flags &= ~MCIF_EXTENS;
mci->mci_flags |= MCIF_AUTHACT|
@ -3961,7 +3964,11 @@ giveresponse(status, dsn, m, mci, ctladdr, xstart, e, to)
char *exmsg;
if (e == NULL)
{
syserr("giveresponse: null envelope");
/* NOTREACHED */
SM_ASSERT(0);
}
/*
** Compute status message from code.
@ -4623,7 +4630,7 @@ putbody(mci, e, separator)
/* now do the hard work */
boundaries[0] = NULL;
mci->mci_flags |= MCIF_INHEADER;
if (mime8to7(mci, e->e_header, e, boundaries, M87F_OUTER) ==
if (mime8to7(mci, e->e_header, e, boundaries, M87F_OUTER, 0) ==
SM_IO_EOF)
goto writeerr;
}
@ -4654,7 +4661,7 @@ putbody(mci, e, separator)
SuprErrs = true;
if (mime8to7(mci, e->e_header, e, boundaries,
M87F_OUTER|M87F_NO8TO7) == SM_IO_EOF)
M87F_OUTER|M87F_NO8TO7, 0) == SM_IO_EOF)
goto writeerr;
/* restore SuprErrs */
@ -5217,8 +5224,14 @@ mailfile(filename, mailer, ctladdr, sfflags, e)
CurrentPid = getpid();
if (e->e_lockfp != NULL)
(void) close(sm_io_getinfo(e->e_lockfp, SM_IO_WHAT_FD,
NULL));
{
int fd;
fd = sm_io_getinfo(e->e_lockfp, SM_IO_WHAT_FD, NULL);
/* SM_ASSERT(fd >= 0); */
if (fd >= 0)
(void) close(fd);
}
(void) sm_signal(SIGINT, SIG_DFL);
(void) sm_signal(SIGHUP, SIG_DFL);

14
contrib/sendmail/src/domain.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1998-2004 Sendmail, Inc. and its suppliers.
* Copyright (c) 1998-2004, 2006 Sendmail, Inc. and its suppliers.
* All rights reserved.
* Copyright (c) 1986, 1995-1997 Eric P. Allman. All rights reserved.
* Copyright (c) 1988, 1993
@ -14,9 +14,9 @@
#include <sendmail.h>
#if NAMED_BIND
SM_RCSID("@(#)$Id: domain.c,v 8.197 2005/03/04 00:54:42 ca Exp $ (with name server)")
SM_RCSID("@(#)$Id: domain.c,v 8.199 2006/04/18 00:00:34 ca Exp $ (with name server)")
#else /* NAMED_BIND */
SM_RCSID("@(#)$Id: domain.c,v 8.197 2005/03/04 00:54:42 ca Exp $ (without name server)")
SM_RCSID("@(#)$Id: domain.c,v 8.199 2006/04/18 00:00:34 ca Exp $ (without name server)")
#endif /* NAMED_BIND */
#if NAMED_BIND
@ -521,7 +521,7 @@ getmxrr(host, mxhosts, mxprefs, droplocalhost, rcode, tryfallback, pttl)
}
# if NETINET6
freehostent(h);
hp = NULL;
h = NULL;
# endif /* NETINET6 */
}
if (strlen(host) >= sizeof MXHostBuf)
@ -972,11 +972,7 @@ dns_getcanonname(host, hbsize, trymx, statp, pttl)
/* avoid problems after truncation in tcp packets */
if (ret > sizeof(answer))
ret = sizeof(answer);
if (ret < 0)
{
*statp = EX_SOFTWARE;
return false;
}
SM_ASSERT(ret >= 0);
/*
** Appear to have a match. Confirm it by searching for A or

9
contrib/sendmail/src/envelope.c
View File

@ -13,7 +13,7 @@
#include <sendmail.h>
SM_RCSID("@(#)$Id: envelope.c,v 8.295 2005/06/15 20:32:18 ca Exp $")
SM_RCSID("@(#)$Id: envelope.c,v 8.296 2006/03/31 18:53:50 ca Exp $")
/*
** CLRSESSENVELOPE -- clear session oriented data in an envelope
@ -519,7 +519,14 @@ dropenvelope(e, fulldrop, split)
printenvflags(e);
}
if (!panic)
{
if (e->e_dfp != NULL)
{
(void) sm_io_close(e->e_dfp, SM_TIME_DEFAULT);
e->e_dfp = NULL;
}
(void) xunlink(queuename(e, DATAFL_LETTER));
}
if (panic && QueueMode == QM_LOST)
{
/*

8
contrib/sendmail/src/headers.c
View File

@ -13,7 +13,7 @@
#include <sendmail.h>
SM_RCSID("@(#)$Id: headers.c,v 8.290 2006/02/25 02:16:52 ca Exp $")
SM_RCSID("@(#)$Id: headers.c,v 8.291 2006/03/24 01:01:56 ca Exp $")
static HDR *allocheader __P((char *, char *, int, SM_RPOOL_T *));
static size_t fix_mime_header __P((HDR *, ENVELOPE *));
@ -1542,7 +1542,7 @@ crackaddr(addr, e)
** flags -- MIME conversion flags.
**
** Returns:
** success
** true iff header part was written successfully
**
** Side Effects:
** none.
@ -1810,7 +1810,7 @@ putheader(mci, hdr, e, flags)
** mci -- the connection info for output
**
** Returns:
** success
** true iff header was written successfully
*/
static bool
@ -1871,7 +1871,7 @@ put_vanilla_header(h, v, mci)
** e -- the envelope containing the message.
**
** Returns:
** success
** true iff header field was written successfully
**
** Side Effects:
** outputs "p" to file "fp".

18
contrib/sendmail/src/helpfile
View File

@ -1,6 +1,6 @@
#vers 2
cpyr
cpyr Copyright (c) 1998-2000, 2002, 2004, 2005 Sendmail, Inc. and its suppliers.
cpyr Copyright (c) 1998-2000, 2002, 2004-2006 Sendmail, Inc. and its suppliers.
cpyr All rights reserved.
cpyr Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved.
cpyr Copyright (c) 1988, 1993
@ -11,7 +11,7 @@ cpyr By using this file, you agree to the terms and conditions set
cpyr forth in the LICENSE file which can be found at the top level of
cpyr the sendmail distribution.
cpyr
cpyr $$Id: helpfile,v 8.45 2005/09/13 00:05:23 ca Exp $$
cpyr $$Id: helpfile,v 8.47 2006/04/26 18:22:54 ca Exp $$
cpyr
smtp This is sendmail version $v
smtp Topics:
@ -20,8 +20,8 @@ smtp RSET NOOP QUIT HELP VRFY
smtp EXPN VERB ETRN DSN AUTH
smtp STARTTLS
smtp For more info use "HELP <topic>".
smtp To report bugs in the implementation send email to
smtp sendmail-bugs@sendmail.org.
smtp To report bugs in the implementation see
smtp http://www.sendmail.org/email-addresses.html
smtp For local information send email to Postmaster at your site.
help HELP [ <topic> ]
help The HELP command gives help info.
@ -77,14 +77,14 @@ expn Expand an address. If the address indicates a mailing
expn list, return the contents of that list.
noop NOOP
noop Do nothing.
send SEND FROM: <sender>
send SEND FROM:<sender>
send replaces the MAIL command, and can be used to send
send directly to a users terminal. Not supported in this
send implementation.
soml SOML FROM: <sender>
soml SOML FROM:<sender>
soml Send or mail. If the user is logged in, send directly,
soml otherwise mail. Not supported in this implementation.
saml SAML FROM: <sender>
saml SAML FROM:<sender>
saml Send and mail. Send directly to the user's terminal,
saml and also mail a letter. Not supported in this
saml implementation.
@ -95,8 +95,8 @@ etrn ETRN [ <hostname> | @<domain> | \#<queuename> ]
etrn Run the queue for the specified <hostname>, or
etrn all hosts within a given <domain>, or a specially-named
etrn <queuename> (implementation-specific).
dsn MAIL FROM: <sender> [ RET={ FULL | HDRS} ] [ ENVID=<envid> ]
dsn RCPT TO: <recipient> [ NOTIFY={NEVER,SUCCESS,FAILURE,DELAY} ]
dsn MAIL From:<sender> [ RET={ FULL | HDRS} ] [ ENVID=<envid> ]
dsn RCPT To:<recipient> [ NOTIFY={NEVER,SUCCESS,FAILURE,DELAY} ]
dsn [ ORCPT=<recipient> ]
dsn SMTP Delivery Status Notifications.
dsn Descriptions:

26
contrib/sendmail/src/main.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1998-2005 Sendmail, Inc. and its suppliers.
* Copyright (c) 1998-2006 Sendmail, Inc. and its suppliers.
* All rights reserved.
* Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved.
* Copyright (c) 1988, 1993
@ -25,7 +25,7 @@ SM_UNUSED(static char copyright[]) =
The Regents of the University of California. All rights reserved.\n";
#endif /* ! lint */
SM_RCSID("@(#)$Id: main.c,v 8.942 2005/12/26 04:39:13 ca Exp $")
SM_RCSID("@(#)$Id: main.c,v 8.944 2006/04/21 23:56:42 ca Exp $")
#if NETINET || NETINET6
@ -516,6 +516,8 @@ main(argc, argv, envp)
/* reset macro */
set_op_mode(OpMode);
if (OpMode == MD_DAEMON)
DaemonPid = CurrentPid; /* needed for finis() to work */
pw = sm_getpwuid(RealUid);
if (pw != NULL)
@ -2319,10 +2321,7 @@ main(argc, argv, envp)
dtype[0] = '\0';
if (OpMode == MD_DAEMON)
{
(void) sm_strlcat(dtype, "+SMTP", sizeof dtype);
DaemonPid = CurrentPid;
}
if (QueueIntvl > 0)
{
(void) sm_strlcat2(dtype,
@ -2874,6 +2873,7 @@ finis(drop, cleanup, exitstat)
volatile int exitstat;
{
char pidpath[MAXPATHLEN];
pid_t pid;
/* Still want to process new timeouts added below */
sm_clear_events();
@ -2942,14 +2942,15 @@ finis(drop, cleanup, exitstat)
/* XXX clean up queues and related data structures */
cleanup_queues();
pid = getpid();
#if SM_CONF_SHM
cleanup_shm(DaemonPid == getpid());
cleanup_shm(DaemonPid == pid);
#endif /* SM_CONF_SHM */
/* close locked pid file */
close_sendmail_pid();
if (DaemonPid == getpid() || PidFilePid == getpid())
if (DaemonPid == pid || PidFilePid == pid)
{
/* blow away the pid file */
expand(PidFile, pidpath, sizeof pidpath, CurEnv);
@ -3275,13 +3276,18 @@ disconnect(droplev, e)
{
fd = open(SM_PATH_DEVNULL, O_WRONLY, 0666);
if (fd == -1)
{
sm_syslog(LOG_ERR, e->e_id,
"disconnect: open(\"%s\") failed: %s",
SM_PATH_DEVNULL, sm_errstring(errno));
}
(void) sm_io_flush(smioout, SM_TIME_DEFAULT);
(void) dup2(fd, STDOUT_FILENO);
(void) dup2(fd, STDERR_FILENO);
(void) close(fd);
if (fd >= 0)
{
(void) dup2(fd, STDOUT_FILENO);
(void) dup2(fd, STDERR_FILENO);
(void) close(fd);
}
}
/* drop our controlling TTY completely if possible */

6
contrib/sendmail/src/map.c
View File

@ -13,7 +13,7 @@
#include <sendmail.h>
SM_RCSID("@(#)$Id: map.c,v 8.671 2005/10/25 17:55:50 ca Exp $")
SM_RCSID("@(#)$Id: map.c,v 8.672 2006/04/18 01:26:41 ca Exp $")
#if LDAPMAP
# include <sm/ldap.h>
@ -5992,6 +5992,10 @@ user_map_lookup(map, key, av, statp)
case 7:
rwval = user.mbdb_shell;
break;
default:
syserr("user_map %s: bogus field %d",
map->map_mname, map->map_valcolno);
return NULL;
}
return map_rewrite(map, rwval, strlen(rwval), av);
}

10
contrib/sendmail/src/mci.c
View File

@ -13,7 +13,7 @@
#include <sendmail.h>
SM_RCSID("@(#)$Id: mci.c,v 8.216 2005/07/12 22:27:44 ca Exp $")
SM_RCSID("@(#)$Id: mci.c,v 8.217 2006/04/18 01:27:36 ca Exp $")
#if NETINET || NETINET6
# include <arpa/inet.h>
@ -922,9 +922,17 @@ mci_read_persistent(fp, mci)
char buf[MAXLINE];
if (fp == NULL)
{
syserr("mci_read_persistent: NULL fp");
/* NOTREACHED */
return -1;
}
if (mci == NULL)
{
syserr("mci_read_persistent: NULL mci");
/* NOTREACHED */
return -1;
}
if (tTd(56, 93))
{
sm_dprintf("mci_read_persistent: fp=%lx, mci=",

42
contrib/sendmail/src/mime.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers.
* Copyright (c) 1998-2003, 2006 Sendmail, Inc. and its suppliers.
* All rights reserved.
* Copyright (c) 1994, 1996-1997 Eric P. Allman. All rights reserved.
* Copyright (c) 1994
@ -14,7 +14,7 @@
#include <sendmail.h>
#include <string.h>
SM_RCSID("@(#)$Id: mime.c,v 8.139 2006/03/01 18:07:45 ca Exp $")
SM_RCSID("@(#)$Id: mime.c,v 8.142.2.1 2006/05/23 01:32:08 ca Exp $")
/*
** MIME support.
@ -80,6 +80,7 @@ static bool MapNLtoCRLF;
** boundaries -- the currently pending message boundaries.
** NULL if we are processing the outer portion.
** flags -- to tweak processing.
** level -- recursion level.
**
** Returns:
** An indicator of what terminated the message part:
@ -96,12 +97,13 @@ struct args
};
int
mime8to7(mci, header, e, boundaries, flags)
mime8to7(mci, header, e, boundaries, flags, level)
register MCI *mci;
HDR *header;
register ENVELOPE *e;
char **boundaries;
int flags;
int level;
{
register char *p;
int linelen;
@ -122,6 +124,18 @@ mime8to7(mci, header, e, boundaries, flags)
char pvpbuf[MAXLINE];
extern unsigned char MimeTokenTab[256];
if (level > MAXMIMENESTING)
{
if (!bitset(EF_TOODEEP, e->e_flags))
{
if (tTd(43, 4))
sm_dprintf("mime8to7: too deep, level=%d\n",
level);
usrerr("mime8to7: recursion level %d exceeded",
level);
e->e_flags |= EF_DONT_MIME|EF_TOODEEP;
}
}
if (tTd(43, 1))
{
sm_dprintf("mime8to7: flags = %x, boundaries =", flags);
@ -213,7 +227,7 @@ mime8to7(mci, header, e, boundaries, flags)
if (subtype == NULL)
subtype = "-none-";
/* don't propogate some flags more than one level into the message */
/* don't propagate some flags more than one level into the message */
flags &= ~M87F_DIGEST;
/*
@ -242,7 +256,9 @@ mime8to7(mci, header, e, boundaries, flags)
*/
if (sm_strcasecmp(type, "multipart") == 0 &&
(!bitset(M87F_NO8BIT, flags) || bitset(M87F_NO8TO7, flags)))
(!bitset(M87F_NO8BIT, flags) || bitset(M87F_NO8TO7, flags)) &&
!bitset(EF_TOODEEP, e->e_flags)
)
{
if (sm_strcasecmp(subtype, "digest") == 0)
@ -286,10 +302,13 @@ mime8to7(mci, header, e, boundaries, flags)
}
if (i >= MAXMIMENESTING)
{
usrerr("mime8to7: multipart nesting boundary too deep");
if (tTd(43, 4))
sm_dprintf("mime8to7: too deep, i=%d\n", i);
if (!bitset(EF_TOODEEP, e->e_flags))
usrerr("mime8to7: multipart nesting boundary too deep");
/* avoid bounce loops */
e->e_flags |= EF_DONT_MIME;
e->e_flags |= EF_DONT_MIME|EF_TOODEEP;
}
else
{
@ -333,7 +352,8 @@ mime8to7(mci, header, e, boundaries, flags)
goto writeerr;
if (tTd(43, 101))
putline("+++after putheader", mci);
bt = mime8to7(mci, hdr, e, boundaries, flags);
bt = mime8to7(mci, hdr, e, boundaries, flags,
level + 1);
if (bt == SM_IO_EOF)
goto writeerr;
}
@ -374,7 +394,8 @@ mime8to7(mci, header, e, boundaries, flags)
if (sm_strcasecmp(type, "message") == 0)
{
if (!wordinclass(subtype, 's'))
if (!wordinclass(subtype, 's') ||
bitset(EF_TOODEEP, e->e_flags))
{
flags |= M87F_NO8BIT;
}
@ -397,7 +418,8 @@ mime8to7(mci, header, e, boundaries, flags)
!bitset(M87F_NO8TO7, flags) &&
!putline("MIME-Version: 1.0", mci))
goto writeerr;
bt = mime8to7(mci, hdr, e, boundaries, flags);
bt = mime8to7(mci, hdr, e, boundaries, flags,
level + 1);
mci->mci_flags &= ~MCIF_INMIME;
return bt;
}

16
contrib/sendmail/src/parseaddr.c
View File

@ -13,7 +13,7 @@
#include <sendmail.h>
SM_RCSID("@(#)$Id: parseaddr.c,v 8.383 2006/02/01 19:46:11 ca Exp $")
SM_RCSID("@(#)$Id: parseaddr.c,v 8.384 2006/04/18 01:28:47 ca Exp $")
static void allocaddr __P((ADDRESS *, int, char *, ENVELOPE *));
static int callsubr __P((char**, int, ENVELOPE *));
@ -1442,7 +1442,11 @@ rewrite(pvp, ruleset, reclevel, e, maxatom)
endtoken = LOOKUPEND;
mapname = *++rvp;
if (mapname == NULL)
{
syserr("554 5.3.0 rewrite: missing mapname");
/* NOTREACHED */
SM_ASSERT(0);
}
}
map = stab(mapname, ST_MAP, ST_FIND);
if (map == NULL)
@ -1452,8 +1456,12 @@ rewrite(pvp, ruleset, reclevel, e, maxatom)
/* extract the match part */
key_rvp = ++rvp;
if (key_rvp == NULL)
{
syserr("554 5.3.0 rewrite: missing key for map %s",
mapname);
/* NOTREACHED */
SM_ASSERT(0);
}
default_rvp = NULL;
arg_rvp = argvect;
xpvp = NULL;
@ -1522,7 +1530,8 @@ rewrite(pvp, ruleset, reclevel, e, maxatom)
if (replac == NULL && default_rvp != NULL)
{
/* create the default */
cataddr(default_rvp, NULL, cbuf, sizeof cbuf, '\0');
cataddr(default_rvp, NULL, cbuf, sizeof cbuf,
'\0');
replac = cbuf;
}
@ -3175,8 +3184,7 @@ rscap(rwset, p1, p2, e, pvp, pvpbuf, size)
sm_dprintf("rscap(%s, %s, %s)\n", rwset, p1,
p2 == NULL ? "(NULL)" : p2);
if (pvp != NULL)
*pvp = NULL;
SM_REQUIRE(pvp != NULL);
rsno = strtorwset(rwset, NULL, ST_FIND);
if (rsno < 0)
return EX_UNAVAILABLE;

20
contrib/sendmail/src/queue.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1998-2005 Sendmail, Inc. and its suppliers.
* Copyright (c) 1998-2006 Sendmail, Inc. and its suppliers.
* All rights reserved.
* Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved.
* Copyright (c) 1988, 1993
@ -14,7 +14,7 @@
#include <sendmail.h>
#include <sm/sem.h>
SM_RCSID("@(#)$Id: queue.c,v 8.951 2006/03/02 19:13:38 ca Exp $")
SM_RCSID("@(#)$Id: queue.c,v 8.954 2006/04/22 01:07:00 ca Exp $")
#include <dirent.h>
@ -3902,6 +3902,7 @@ readqf(e, openonly)
** Read and process the file.
*/
bp = NULL;
(void) sm_strlcpy(qf, queuename(e, ANYQFL_LETTER), sizeof qf);
qfp = sm_io_open(SmFtStdio, SM_TIME_DEFAULT, qf, SM_IO_RDWR_B, NULL);
if (qfp == NULL)
@ -4033,6 +4034,7 @@ readqf(e, openonly)
}
if (delim != '\0')
*bp = delim;
bp = NULL;
}
if (!bogus)
bogus = bitset(qsafe, st.st_mode);
@ -4468,7 +4470,10 @@ readqf(e, openonly)
}
if (bp != buf)
{
sm_free(bp); /* XXX */
bp = NULL;
}
}
/*
@ -4541,6 +4546,11 @@ readqf(e, openonly)
** queueup() with bogus data.
*/
if (bp != NULL && bp != buf)
{
sm_free(bp); /* XXX */
bp = NULL;
}
if (qfp != NULL)
(void) sm_io_close(qfp, SM_TIME_DEFAULT);
e->e_lockfp = NULL;
@ -5180,7 +5190,7 @@ queuename(e, type)
else
{
if (e->e_qgrp == NOQGRP || e->e_qdir == NOQDIR)
setnewqueue(e);
(void) setnewqueue(e);
if (type == DATAFL_LETTER)
{
qd = e->e_dfqdir;
@ -5194,7 +5204,7 @@ queuename(e, type)
}
/* xf files always have a valid qd and qg picked above */
if (e->e_qdir == NOQDIR && type != XSCRPT_LETTER)
if ((qd == NOQDIR || qg == NOQGRP) && type != XSCRPT_LETTER)
(void) sm_strlcpyn(buf, sizeof buf, 2, pref, e->e_id);
else
{
@ -6397,7 +6407,7 @@ filesys_update()
#if SM_CONF_SHM
/* only the daemon updates this structure */
if (ShmId != SM_SHM_NO_ID && DaemonPid != CurrentPid)
if (ShmId == SM_SHM_NO_ID || DaemonPid != CurrentPid)
return;
#endif /* SM_CONF_SHM */
now = curtime();

10
contrib/sendmail/src/savemail.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers.
* Copyright (c) 1998-2003, 2006 Sendmail, Inc. and its suppliers.
* All rights reserved.
* Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved.
* Copyright (c) 1988, 1993
@ -13,7 +13,7 @@
#include <sendmail.h>
SM_RCSID("@(#)$Id: savemail.c,v 8.306 2006/02/25 02:16:53 ca Exp $")
SM_RCSID("@(#)$Id: savemail.c,v 8.308 2006/04/18 01:31:33 ca Exp $")
static bool errbody __P((MCI *, ENVELOPE *, char *));
static bool pruneroute __P((char *));
@ -733,7 +733,7 @@ returntosender(msg, returnq, flags, e)
** separator -- any possible MIME separator (unused).
**
** Returns:
** success
** true iff body was written successfully
**
** Side Effects:
** Outputs the body of an error message.
@ -1264,8 +1264,8 @@ errbody(mci, e, separator)
/* Diagnostic-Code: -- actual result from other end */
if (q->q_rstatus != NULL)
{
p = q->q_mailer->m_diagtype;
if (p == NULL)
if (q->q_mailer == NULL ||
(p = q->q_mailer->m_diagtype) == NULL)
p = "smtp";
(void) sm_snprintf(buf, sizeof buf,
"Diagnostic-Code: %s; %.800s",

7
contrib/sendmail/src/sendmail.h
View File

@ -52,7 +52,7 @@
#ifdef _DEFINE
# ifndef lint
SM_UNUSED(static char SmailId[]) = "@(#)$Id: sendmail.h,v 8.1006 2006/02/27 17:49:09 ca Exp $";
SM_UNUSED(static char SmailId[]) = "@(#)$Id: sendmail.h,v 8.1008.2.1 2006/05/23 01:32:07 ca Exp $";
# endif /* ! lint */
#endif /* _DEFINE */
@ -942,6 +942,7 @@ struct envelope
#define EF_TOOBIG 0x02000000L /* message is too big */
#define EF_SPLIT 0x04000000L /* envelope has been split */
#define EF_UNSAFE 0x08000000L /* unsafe: read from untrusted source */
#define EF_TOODEEP 0x10000000L /* message is nested too deep */
#define DLVR_NOTIFY 0x01
#define DLVR_RETURN 0x02
@ -1655,7 +1656,7 @@ EXTERN unsigned long PrivacyFlags; /* privacy flags */
/* functions */
extern bool mime7to8 __P((MCI *, HDR *, ENVELOPE *));
extern int mime8to7 __P((MCI *, HDR *, ENVELOPE *, char **, int));
extern int mime8to7 __P((MCI *, HDR *, ENVELOPE *, char **, int, int));
/*
** Flags passed to returntosender.
@ -2224,7 +2225,7 @@ EXTERN int MaxNOOPCommands; /* max "noise" commands before slowdown */
EXTERN int MaxRcptPerMsg; /* max recipients per SMTP message */
EXTERN int MaxRuleRecursion; /* maximum depth of ruleset recursion */
#if _FFR_MSG_ACCEPT
EXTERN char *MessageAccept;
EXTERN char *MessageAccept; /* "Message accepted for delivery" reply text */
#endif /* _FFR_MSG_ACCEPT */
EXTERN int MimeMode; /* MIME processing mode */

17
contrib/sendmail/src/sfsasl.c
View File

@ -9,9 +9,10 @@
*/
#include <sm/gen.h>
SM_RCSID("@(#)$Id: sfsasl.c,v 8.113 2006/03/02 19:18:27 ca Exp $")
SM_RCSID("@(#)$Id: sfsasl.c,v 8.115 2006/04/18 21:34:07 ca Exp $")
#include <stdlib.h>
#include <sendmail.h>
#include <sm/time.h>
#include <errno.h>
/* allow to disable error handling code just in case... */
@ -326,6 +327,7 @@ sasl_write(fp, buf, size)
{
while (outlen > 0)
{
errno = 0;
/* XXX result == 0? */
ret = sm_io_write(so->fp, SM_TIME_DEFAULT,
&outbuf[total], outlen);
@ -347,8 +349,9 @@ sasl_write(fp, buf, size)
**
** Parameters:
** fin -- the sm_io file encrypted data to be read from
** fout -- the sm_io file encrypted data to be writen to
** fout -- the sm_io file encrypted data to be written to
** conn -- the sasl connection pointer
** tmo -- timeout
**
** Returns:
** -1 on error
@ -360,15 +363,16 @@ sasl_write(fp, buf, size)
*/
int
sfdcsasl(fin, fout, conn)
sfdcsasl(fin, fout, conn, tmo)
SM_FILE_T **fin;
SM_FILE_T **fout;
sasl_conn_t *conn;
int tmo;
{
SM_FILE_T *newin, *newout;
SM_FILE_T SM_IO_SET_TYPE(sasl_vector, "sasl", sasl_open, sasl_close,
sasl_read, sasl_write, NULL, sasl_getinfo, NULL,
SM_TIME_FOREVER);
SM_TIME_DEFAULT);
struct sasl_info info;
if (conn == NULL)
@ -379,7 +383,7 @@ sfdcsasl(fin, fout, conn)
SM_IO_INIT_TYPE(sasl_vector, "sasl", sasl_open, sasl_close,
sasl_read, sasl_write, NULL, sasl_getinfo, NULL,
SM_TIME_FOREVER);
SM_TIME_DEFAULT);
info.fp = *fin;
info.conn = conn;
newin = sm_io_open(&sasl_vector, SM_TIME_DEFAULT, &info,
@ -400,6 +404,9 @@ sfdcsasl(fin, fout, conn)
}
sm_io_automode(newin, newout);
sm_io_setinfo(*fin, SM_IO_WHAT_TIMEOUT, &tmo);
sm_io_setinfo(*fout, SM_IO_WHAT_TIMEOUT, &tmo);
*fin = newin;
*fout = newout;
return 0;

8
contrib/sendmail/src/sfsasl.h
View File

@ -6,15 +6,15 @@
* forth in the LICENSE file which can be found at the top level of
* the sendmail distribution.
*
* $Id: sfsasl.h,v 8.19 2006/02/27 19:53:37 ca Exp $"
* $Id: sfsasl.h,v 8.20 2006/03/27 21:31:00 ca Exp $"
*/
#ifndef SFSASL_H
# define SFSASL_H
#if SASL
extern int sfdcsasl __P((SM_FILE_T **, SM_FILE_T **, sasl_conn_t *));
#endif /* SASL */
# if SASL
extern int sfdcsasl __P((SM_FILE_T **, SM_FILE_T **, sasl_conn_t *, int));
# endif /* SASL */
# if STARTTLS
extern int tls_retry __P((SSL *, int, int, time_t, int, int,

39
contrib/sendmail/src/srvrsmtp.c
View File

@ -17,7 +17,7 @@
# include <libmilter/mfdef.h>
#endif /* MILTER */
SM_RCSID("@(#)$Id: srvrsmtp.c,v 8.922 2006/02/28 00:42:13 ca Exp $")
SM_RCSID("@(#)$Id: srvrsmtp.c,v 8.924.2.2 2006/05/31 20:56:37 ca Exp $")
#include <sm/time.h>
#include <sm/fdset.h>
@ -70,9 +70,10 @@ static unsigned int srvfeatures __P((ENVELOPE *, char *, unsigned int));
#define STOP_ATTACK ((time_t) -1)
static time_t checksmtpattack __P((volatile unsigned int *, unsigned int,
bool, char *, ENVELOPE *));
static void mail_esmtp_args __P((char *, char *, ENVELOPE *));
static void mail_esmtp_args __P((char *, char *, ENVELOPE *, unsigned int));
static void printvrfyaddr __P((ADDRESS *, bool, bool));
static void rcpt_esmtp_args __P((ADDRESS *, char *, char *, ENVELOPE *));
static void rcpt_esmtp_args __P((ADDRESS *, char *, char *, ENVELOPE *,
unsigned int));
static char *skipword __P((char *volatile, char *));
static void setup_smtpd_io __P((void));
@ -588,8 +589,8 @@ smtp(nullserver, d_flags, e)
: (SRV_OFFER_EXPN
| (bitset(PRIV_NOVERB, PrivacyFlags)
? SRV_NONE : SRV_OFFER_VERB)))
| (bitset(PRIV_NORECEIPTS, PrivacyFlags) ? SRV_NONE
: SRV_OFFER_DSN)
| ((bitset(PRIV_NORECEIPTS, PrivacyFlags) || !SendMIMEErrors)
? SRV_NONE : SRV_OFFER_DSN)
#if SASL
| (bitnset(D_NOAUTH, d_flags) ? SRV_NONE : SRV_OFFER_AUTH)
| (bitset(SASL_SEC_NOPLAINTEXT, SASLOpts) ? SRV_REQ_SEC
@ -1285,14 +1286,17 @@ smtp(nullserver, d_flags, e)
if (ssf != NULL && *ssf > 0)
{
int tmo;
/*
** Convert I/O layer to use SASL.
** If the call fails, the connection
** is aborted.
*/
tmo = TimeOuts.to_datablock * 1000;
if (sfdcsasl(&InChannel, &OutChannel,
conn) == 0)
conn, tmo) == 0)
{
/* restart dialogue */
n_helo = 0;
@ -2017,7 +2021,7 @@ smtp(nullserver, d_flags, e)
case SMFIR_SHUTDOWN:
if (MilterLogLevel > 3)
sm_syslog(LOG_INFO, e->e_id,
"Milter: Milter: helo=%s, reject=421 4.7.0 %s closing connection",
"Milter: helo=%s, reject=421 4.7.0 %s closing connection",
p, MyHostName);
tempfail = true;
smtp.sm_milterize = false;
@ -2296,7 +2300,7 @@ smtp(nullserver, d_flags, e)
sm_dprintf("MAIL: got arg %s=\"%s\"\n", kp,
vp == NULL ? "<null>" : vp);
mail_esmtp_args(kp, vp, e);
mail_esmtp_args(kp, vp, e, features);
if (equal != NULL)
*equal = '=';
args[argno++] = kp;
@ -2566,7 +2570,7 @@ smtp(nullserver, d_flags, e)
sm_dprintf("RCPT: got arg %s=\"%s\"\n", kp,
vp == NULL ? "<null>" : vp);
rcpt_esmtp_args(a, kp, vp, e);
rcpt_esmtp_args(a, kp, vp, e, features);
if (equal != NULL)
*equal = '=';
args[argno++] = kp;
@ -3848,6 +3852,7 @@ skipword(p, w)
return p;
}
/*
** MAIL_ESMTP_ARGS -- process ESMTP arguments from MAIL line
**
@ -3855,16 +3860,18 @@ skipword(p, w)
** kp -- the parameter key.
** vp -- the value of that parameter.
** e -- the envelope.
** features -- current server features
**
** Returns:
** none.
*/
static void
mail_esmtp_args(kp, vp, e)
mail_esmtp_args(kp, vp, e, features)
char *kp;
char *vp;
ENVELOPE *e;
unsigned int features;
{
if (sm_strcasecmp(kp, "size") == 0)
{
@ -3911,7 +3918,7 @@ mail_esmtp_args(kp, vp, e)
}
else if (sm_strcasecmp(kp, "envid") == 0)
{
if (bitset(PRIV_NORECEIPTS, PrivacyFlags))
if (!bitset(SRV_OFFER_DSN, features))
{
usrerr("504 5.7.0 Sorry, ENVID not supported, we do not allow DSN");
/* NOTREACHED */
@ -3937,7 +3944,7 @@ mail_esmtp_args(kp, vp, e)
}
else if (sm_strcasecmp(kp, "ret") == 0)
{
if (bitset(PRIV_NORECEIPTS, PrivacyFlags))
if (!bitset(SRV_OFFER_DSN, features))
{
usrerr("504 5.7.0 Sorry, RET not supported, we do not allow DSN");
/* NOTREACHED */
@ -4130,23 +4137,25 @@ mail_esmtp_args(kp, vp, e)
** kp -- the parameter key.
** vp -- the value of that parameter.
** e -- the envelope.
** features -- current server features
**
** Returns:
** none.
*/
static void
rcpt_esmtp_args(a, kp, vp, e)
rcpt_esmtp_args(a, kp, vp, e, features)
ADDRESS *a;
char *kp;
char *vp;
ENVELOPE *e;
unsigned int features;
{
if (sm_strcasecmp(kp, "notify") == 0)
{
char *p;
if (bitset(PRIV_NORECEIPTS, PrivacyFlags))
if (!bitset(SRV_OFFER_DSN, features))
{
usrerr("504 5.7.0 Sorry, NOTIFY not supported, we do not allow DSN");
/* NOTREACHED */
@ -4187,7 +4196,7 @@ rcpt_esmtp_args(a, kp, vp, e)
}
else if (sm_strcasecmp(kp, "orcpt") == 0)
{
if (bitset(PRIV_NORECEIPTS, PrivacyFlags))
if (!bitset(SRV_OFFER_DSN, features))
{
usrerr("504 5.7.0 Sorry, ORCPT not supported, we do not allow DSN");
/* NOTREACHED */

45
contrib/sendmail/src/tls.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2000-2005 Sendmail, Inc. and its suppliers.
* Copyright (c) 2000-2006 Sendmail, Inc. and its suppliers.
* All rights reserved.
*
* By using this file, you agree to the terms and conditions set
@ -10,7 +10,7 @@
#include <sendmail.h>
SM_RCSID("@(#)$Id: tls.c,v 8.102 2006/03/02 19:18:27 ca Exp $")
SM_RCSID("@(#)$Id: tls.c,v 8.105 2006/05/11 22:59:31 ca Exp $")
#if STARTTLS
# include <openssl/err.h>
@ -506,6 +506,13 @@ tls_safe_f(var, sff, srv)
static char server_session_id_context[] = "sendmail8";
/* 0.9.8a and b have a problem with SSL_OP_TLS_BLOCK_PADDING_BUG */
#if (OPENSSL_VERSION_NUMBER >= 0x0090800fL)
# define SM_SSL_OP_TLS_BLOCK_PADDING_BUG 1
#else
# define SM_SSL_OP_TLS_BLOCK_PADDING_BUG 0
#endif
bool
inittls(ctx, req, srv, certfile, keyfile, cacertpath, cacertfile, dhparam)
SSL_CTX **ctx;
@ -518,7 +525,7 @@ inittls(ctx, req, srv, certfile, keyfile, cacertpath, cacertfile, dhparam)
# endif /* !NO_DH */
int r;
bool ok;
long sff, status;
long sff, status, options;
char *who;
# if _FFR_TLS_1
char *cf2, *kf2;
@ -531,11 +538,19 @@ inittls(ctx, req, srv, certfile, keyfile, cacertpath, cacertfile, dhparam)
X509_CRL *crl;
X509_STORE *store;
# endif /* OPENSSL_VERSION_NUMBER > 0x00907000L */
#if SM_SSL_OP_TLS_BLOCK_PADDING_BUG
long rt_version;
STACK_OF(SSL_COMP) *comp_methods;
#endif
status = TLS_S_NONE;
who = srv ? "server" : "client";
if (ctx == NULL)
{
syserr("STARTTLS=%s, inittls: ctx == NULL", who);
/* NOTREACHED */
SM_ASSERT(ctx != NULL);
}
/* already initialized? (we could re-init...) */
if (*ctx != NULL)
@ -895,7 +910,29 @@ inittls(ctx, req, srv, certfile, keyfile, cacertpath, cacertfile, dhparam)
# endif /* _FFR_TLS_1 */
/* SSL_CTX_set_quiet_shutdown(*ctx, 1); violation of standard? */
SSL_CTX_set_options(*ctx, SSL_OP_ALL); /* XXX bug compatibility? */
options = SSL_OP_ALL; /* bug compatibility? */
#if SM_SSL_OP_TLS_BLOCK_PADDING_BUG
/*
** In OpenSSL 0.9.8[ab], enabling zlib compression breaks the
** padding bug work-around, leading to false positives and
** failed connections. We may not interoperate with systems
** with the bug, but this is better than breaking on all 0.9.8[ab]
** systems that have zlib support enabled.
** Note: this checks the runtime version of the library, not
** just the compile time version.
*/
rt_version = SSLeay();
if (rt_version >= 0x00908000L && rt_version <= 0x0090802fL)
{
comp_methods = SSL_COMP_get_compression_methods();
if (comp_methods != NULL && sk_SSL_COMP_num(comp_methods) > 0)
options &= ~SSL_OP_TLS_BLOCK_PADDING_BUG;
}
#endif
SSL_CTX_set_options(*ctx, options);
# if !NO_DH
/* Diffie-Hellman initialization */

14
contrib/sendmail/src/util.c
View File

@ -13,7 +13,7 @@
#include <sendmail.h>
SM_RCSID("@(#)$Id: util.c,v 8.392 2006/03/09 19:49:35 ca Exp $")
SM_RCSID("@(#)$Id: util.c,v 8.394 2006/05/03 23:55:29 ca Exp $")
#include <sysexits.h>
#include <sm/xtrap.h>
@ -2044,7 +2044,15 @@ prog_open(argv, pfd, e)
/* this process has no right to the queue file */
if (e->e_lockfp != NULL)
(void) close(sm_io_getinfo(e->e_lockfp, SM_IO_WHAT_FD, NULL));
{
int fd;
fd = sm_io_getinfo(e->e_lockfp, SM_IO_WHAT_FD, NULL);
if (fd >= 0)
(void) close(fd);
else
syserr("%s: lockfp does not have a fd", argv[0]);
}
/* chroot to the program mailer directory, if defined */
if (ProgMailer != NULL && ProgMailer->m_rootdir != NULL)
@ -2737,7 +2745,7 @@ proc_list_probe()
CurChildren = 0;
if (chldwasblocked == 0)
(void) sm_releasesignal(SIGCHLD);
if (LogLevel > 10 && children != CurChildren)
if (LogLevel > 10 && children != CurChildren && CurrentPid == DaemonPid)
{
sm_syslog(LOG_ERR, NOQID,
"proc_list_probe: found %d children, expected %d",

4
contrib/sendmail/src/version.c
View File

@ -13,6 +13,6 @@
#include <sm/gen.h>
SM_RCSID("@(#)$Id: version.c,v 8.160 2006/03/08 19:21:21 ca Exp $")
SM_RCSID("@(#)$Id: version.c,v 8.163.2.4 2006/06/05 22:32:40 ca Exp $")
char Version[] = "8.13.6";
char Version[] = "8.13.7";