diff --git a/contrib/sendmail/RELEASE_NOTES b/contrib/sendmail/RELEASE_NOTES index 3282fde3c667..b5e6d1893a5e 100644 --- a/contrib/sendmail/RELEASE_NOTES +++ b/contrib/sendmail/RELEASE_NOTES @@ -1,11 +1,91 @@ SENDMAIL RELEASE NOTES - $Id: RELEASE_NOTES,v 8.1340.2.9 2002/06/25 22:53:32 ca Exp $ + $Id: RELEASE_NOTES,v 8.1340.2.43 2002/08/26 21:53:31 gshapiro Exp $ This listing shows the version of the sendmail binary, the version of the sendmail configuration files, the date of release, and a summary of the changes in that release. +8.12.6/8.12.6 2002/08/26 + Do not add the FallbackMXhost (or its MX records) to the list + returned by the bestmx map when -z is used as option. + Otherwise sendmail may act as an open relay if FallbackMXhost + and FEATURE(`relay_based_on_MX') are used together. + Problem noted by Alexander Ignatyev. + Properly split owner- mailing list messages when SuperSafe is set + to interactive. Problem noted by Todd C. Miller of + Courtesan Consulting. + Make sure that an envelope is queued in the selected queue group + even if some recipients are deleted or invalid. Problem + found by Chris Adams of HiWAAY Informations Services. + Do not send a bounce message if a message is completely collected + from the SMTP client. Problem noted by Kari Hurtta of the + Finnish Meteorological Institute. + Provide an 'install-submit-st' target for sendmail/Makefile to + install the MSP statistics file using the file named in the + confMSP_STFILE devtools variable. Requested by Jeff + Earickson of Colby College. + Queue up mail with a temporary error if setusercontext() fails + during a delivery attempt. Patch from Todd C. Miller of + Courtesan Consulting. + Fix handling of base64 encoded client authentication data for + SMTP AUTH. Patch from Elena Slobodnik of life medien GmbH. + Set the OpenLDAP option LDAP_OPT_RESTART so the client libraries + restart interrupted system calls. Problem noted by Luiz + Henrique Duma of BSIOne. + Prevent a segmentation fault if a program passed a NULL envp using + execve(). + Document a problem with the counting of queue runners that may + cause delays if MaxQueueChildren is set too low. Problem + noted by Ian Duplisse of Cable Television Laboratories, Inc. + If discarding a message based on a recipient, don't try to look up + the recipient in the mailbox database if F=w is set. This + allows users to discard bogus recipients when dealing with + spammers without tipping them off. Problem noted by Neil + Rickert of Northern Illinois University. + If applying a header check to a header with unstructured data, + e.g., Subject:, then do not run syntax checks that are + supposed for addresses on the header content. + Count messages rejected/discarded via the check_data ruleset. + Portability: + Fix compilation on systems which do not allow simple + copying of the variable argument va_list. Based on + fix from Scott Walters. + Fix NSD map open bug. From Michel Bourget of SGI. + Add some additional IRIX shells to the default shell + list. From Michel Bourget of SGI. + Fix compilation issues on Mac OS X 10.2 (Darwin 6.0). + NETISO support has been dropped. + CONFIG: There was a seemingly minor change in 8.12.4 with respect + to handling entries of IP nets/addresses with RHS REJECT. + These would be rejected in check_rcpt instead of only + being activated in check_relay. This change has been made to + avoid potential bogus temporary rejection of relay attempts + "450 4.7.1 Relaying temporarily denied. Cannot resolve PTR + record for ..." if delay_checks is enabled. However, this + modification causes a change of behavior if an IP net/address + is listed in the access map with REJECT and a host/domain + name is listed with OK or RELAY, hence it has been reversed + such that the behavior of 8.12.3 is restored. The original + change was made on request of Neil Rickert of Northern + Illinois University, the side effect has been found by + Stefaan Van Hoornick. + CONFIG: Make sure delay_checks works even for sender addresses + using the local hostname ($j) or domains in class {P}. + Based on patch from Neil Rickert of Northern Illinois + University. + CONFIG: Fix temporary error handling for LDAP Routing lookups. + Fix from Andrzej Filip. + CONTRIB: New version of etrn.pl script and external man page + (etrn.0) from John Beck of Sun Microsystems. + LIBMILTER: Protect a free(3) operation from being called with a + NULL pointer. Problem noted by Andrey J. Melnikoff. + LIBMILTER: Protect against more interrupted select() calls. Based + on patch from Jose Marcio Martins da Cruz of Ecole Nationale + Superieure des Mines de Paris. + New Files: + contrib/etrn.0 + 8.12.5/8.12.5 2002/06/25 SECURITY: The DNS map can cause a buffer overflow if the user specifies a dns map using TXT records in the configuration diff --git a/contrib/sendmail/cf/README b/contrib/sendmail/cf/README index 952a16c10f69..6a556c80d141 100644 --- a/contrib/sendmail/cf/README +++ b/contrib/sendmail/cf/README @@ -350,7 +350,7 @@ USENET_MAILER_ARGS [-m -h -n] The command line arguments for the (such as those shipped with newer versions of INN) use different flags. Double check the defaults against the inews man page. -USENET_MAILER_MAX [100000] The maximum size of messages that will +USENET_MAILER_MAX [undefined] The maximum size of messages that will be accepted by the usenet mailer. USENET_MAILER_QGRP [undefined] The queue group for the usenet mailer. SMTP_MAILER_FLAGS [undefined] Flags added to SMTP mailer. Default @@ -4311,4 +4311,4 @@ M4 DIVERSIONS 8 DNS based blacklists 9 special local rulesets (1 and 2) -$Revision: 8.623 $, Last updated $Date: 2002/06/07 14:14:14 $ +$Revision: 8.623.2.1 $, Last updated $Date: 2002/08/07 23:14:56 $ diff --git a/contrib/sendmail/cf/cf/submit.cf b/contrib/sendmail/cf/cf/submit.cf index 0613bc14607d..5b85e7a3972c 100644 --- a/contrib/sendmail/cf/cf/submit.cf +++ b/contrib/sendmail/cf/cf/submit.cf @@ -32,7 +32,7 @@ ##### $Id: no_default_msa.m4,v 8.2 2001/02/14 05:03:22 gshapiro Exp $ ##### -##### $Id: proto.m4,v 8.649 2002/06/13 18:53:24 ca Exp $ ##### +##### $Id: proto.m4,v 8.649.2.5 2002/08/15 02:39:01 ca Exp $ ##### # level 10 config file format V10/Berkeley @@ -110,7 +110,7 @@ D{MTAHost}[localhost] # Configuration version number -DZ8.12.5/Submit +DZ8.12.6/Submit ############### @@ -999,8 +999,8 @@ R $* $: $1 R$* $: $>CanonAddr $1 canonify sender address and mark it R $* < @ $+ . > $1 < @ $2 > strip trailing dots # handle non-DNS hostnames (*.bitnet, *.decnet, *.uucp, etc) -R $* < @ $* $=P > $: $1 < @ $2 $3 > -R $* < @ $j > $: $1 < @ $j > +R $* < @ $* $=P > $: $1 < @ $2 $3 > +R $* < @ $j > $: $1 < @ $j > R $* < @ $+ > $: $) > $1 < @ $2 > R> $* < @ $+ > $: <$2> $3 < @ $4 > @@ -1011,7 +1011,7 @@ R $* $: $&{daemon_flags} $| $1 R$* u $* $| $* $: $3 R$* $| $* $: $2 R $* $: < ? $&{client_name} > $1 -R $* $@ ...local unqualed ok +R $* $@ ...local unqualed ok R $* $#error $@ 5.5.4 $: "553 Domain name required for sender address " $&f ...remote is not # check results diff --git a/contrib/sendmail/cf/m4/proto.m4 b/contrib/sendmail/cf/m4/proto.m4 index d601b6710025..19a72f7c09c5 100644 --- a/contrib/sendmail/cf/m4/proto.m4 +++ b/contrib/sendmail/cf/m4/proto.m4 @@ -13,7 +13,7 @@ divert(-1) # divert(0) -VERSIONID(`$Id: proto.m4,v 8.649 2002/06/13 18:53:24 ca Exp $') +VERSIONID(`$Id: proto.m4,v 8.649.2.5 2002/08/15 02:39:01 ca Exp $') # level CF_LEVEL config file format V`'CF_LEVEL/ifdef(`VENDOR_NAME', `VENDOR_NAME', `Berkeley') @@ -1424,8 +1424,8 @@ SLDAPExpand R<$+><$+><$*> $: <$(ldapmra $2 $: $)> <$(ldapmh $2 $: $)> <$1> <$2> <$3> # look for temporary failures (return original address, MTA will queue up) -R<$* > <$*> <$+> <$+> <$*> $@ $2 -R<$*> <$* > <$+> <$+> <$*> $@ $2 +R<$* > <$*> <$+> <$+> <$*> $@ $3 +R<$*> <$* > <$+> <$+> <$*> $@ $3 # if mailRoutingAddress and local or non-existant mailHost, # return the new mailRoutingAddress @@ -1800,10 +1800,10 @@ dnl workspace: CanonicalAddress (i.e. address in canonical form localpart<@h dnl there is nothing behind the <@host> so no trailing $* needed R $* < @ $+ . > $1 < @ $2 > strip trailing dots # handle non-DNS hostnames (*.bitnet, *.decnet, *.uucp, etc) -R $* < @ $* $=P > $: $1 < @ $2 $3 > +R $* < @ $* $=P > $: <_RES_OK_> $1 < @ $2 $3 > dnl workspace CanonicalAddress where mark is ? or OK dnl A sender address with my local host name ($j) is safe -R $* < @ $j > $: $1 < @ $j > +R $* < @ $j > $: <_RES_OK_> $1 < @ $j > ifdef(`_ACCEPT_UNRESOLVABLE_DOMAINS_', `R $* < @ $+ > $: <_RES_OK_> $1 < @ $2 > ... unresolvable OK', `R $* < @ $+ > $: $) > $1 < @ $2 > @@ -1842,7 +1842,7 @@ R$* u $* $| $* $: <_RES_OK_> $3 dnl remove daemon_flags R$* $| $* $: $2 R $* $: < ? $&{client_name} > $1 -R $* $@ ...local unqualed ok +R $* $@ <_RES_OK_> ...local unqualed ok R $* $#error $@ 5.5.4 $: "_CODE553 Domain name required for sender address " $&f ...remote is not') # check results @@ -2102,7 +2102,12 @@ R$=R $* $@ RELAY relayable IP address ifdef(`_ACCESS_TABLE_', `dnl R$* $: $>A <$1> <+ Connect> <$1> R $* $@ RELAY relayable IP address -R $* $@ REJECT rejected IP address +ifdef(`_FFR_REJECT_IP_IN_CHECK_RCPT_',`dnl +dnl this will cause rejections in cases like: +dnl Connect:My.Host.Domain RELAY +dnl Connect:My.Net REJECT +dnl since in check_relay client_name is checked before client_addr +R $* $@ REJECT rejected IP address') ifdef(`_ATMPF_', `R<_ATMPF_> $* $#TEMP $@ 4.3.0 $: "451 Temporary system failure. Please try again later."', `dnl') R<$*> <$*> $: $2', `dnl') R$* $: [ $1 ] put brackets around it... @@ -2471,7 +2476,7 @@ R$* $@ OK ifdef(`_ATMPF_', `dnl tempfail? R<$* _ATMPF_>$* $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."', `dnl') R$* $#error $@ 5.7.1 $: "550 do not try TLS with " $&{server_name} " ["$&{server_addr}"]" - + ###################################################################### ### tls_rcpt: is connection with server "good" enough? ### (done in client, per recipient) diff --git a/contrib/sendmail/cf/m4/version.m4 b/contrib/sendmail/cf/m4/version.m4 index 72d8c22f19bd..04757c86e513 100644 --- a/contrib/sendmail/cf/m4/version.m4 +++ b/contrib/sendmail/cf/m4/version.m4 @@ -11,8 +11,8 @@ divert(-1) # the sendmail distribution. # # -VERSIONID(`$Id: version.m4,v 8.92.2.2 2002/06/25 22:51:52 ca Exp $') +VERSIONID(`$Id: version.m4,v 8.92.2.5 2002/08/24 16:27:23 ca Exp $') # divert(0) # Configuration version number -DZ8.12.5`'ifdef(`confCF_VERSION', `/confCF_VERSION') +DZ8.12.6`'ifdef(`confCF_VERSION', `/confCF_VERSION') diff --git a/contrib/sendmail/contrib/etrn.0 b/contrib/sendmail/contrib/etrn.0 new file mode 100644 index 000000000000..66f7975d1393 --- /dev/null +++ b/contrib/sendmail/contrib/etrn.0 @@ -0,0 +1,58 @@ +System Administration Commands etrn(1M) + + +NAME + etrn - start mail queue run + +SYNOPSIS + etrn [-v] server-host [client-hosts] + +DESCRIPTION + SMTP's ETRN command allows an SMTP client and server to + interact, giving the server an opportunity to start the pro­ + cessing of its queues for messages to go to a given host. + This is meant to be used in start-up conditions, as well as + for mail nodes that have transient connections to their ser­ + vice providers. + + The etrn utility initiates an SMTP session with the host + server-host and sends one or more ETRN commands as follows: + If no client-hosts are specified, etrn looks up every host + name for which sendmail(1M) accepts email and, for each + name, sends an ETRN command with that name as the argument. + If any client-hosts are specified, etrn uses each of these + as arguments for successive ETRN commands. + +OPTIONS + The following option is supported: + + -v The normal mode of operation for etrn is to do all of + its work silently. The -v option makes it verbose, + which causes etrn to display its conversations with + the remote SMTP server. + +ENVIRONMENT + No environment variables are used. + +FILES + /etc/mail/sendmail.cf + sendmail configuration file + +SEE ALSO + sendmail(1M), RFC 1985. + +CAVEATS + Not all SMTP servers support ETRN. + +CREDITS + Leveraged from David Muir Sharnoff's expn.pl script. Chris­ + tian von Roques added support for args and fixed a couple of + bugs. + +AVAILABILITY + The latest version of etrn is available in the contrib + directory of the sendmail distribution through anonymous ftp + at ftp://ftp.sendmail.org/ucb/src/sendmail/. + +AUTHOR + John T. Beck diff --git a/contrib/sendmail/contrib/etrn.pl b/contrib/sendmail/contrib/etrn.pl index 2dfb58d22709..2d50cb42c95b 100755 --- a/contrib/sendmail/contrib/etrn.pl +++ b/contrib/sendmail/contrib/etrn.pl @@ -1,195 +1,158 @@ -#!/usr/local/bin/perl -'di '; -'ds 00 \\"'; -'ig 00 '; +#!/usr/local/bin/perl -w # -# THIS PROGRAM IS ITS OWN MANUAL PAGE. INSTALL IN man & bin. +# Copyright (c) 1996-2000 by John T. Beck +# All rights reserved. # +# Copyright (c) 2000 by Sun Microsystems, Inc. +# All rights reserved. +# +#ident "@(#)etrn.pl 1.1 00/09/06 SMI" + +require 5.005; # minimal Perl version required +use strict; +use English; # hardcoded constants, should work fine for BSD-based systems use Socket; use Getopt::Std; -$sockaddr = 'S n a4 x8'; +use vars qw($opt_v); +my $sockaddr = 'S n a4 x8'; # system requirements: # must have 'hostname' program. -############################################################################# -# Copyright (c) 1996-2000 John T. Beck -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# 3. All advertising materials mentioning features or use of this software -# must display the following acknowledgement: -# This product includes software developed by John T. Beck. -# 4. The name of John Beck may not be used to endorse or promote products -# derived from this software without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY JOHN T. BECK ``AS IS'' AND ANY EXPRESS OR -# IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -# OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -# IN NO EVENT SHALL JOHN T. BECK BE LIABLE FOR ANY DIRECT, INDIRECT, -# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY -# OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING -# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, -# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -# -# This copyright notice derived from material copyrighted by the Regents -# of the University of California. -# -# Contributions accepted. -############################################################################# -# Further disclaimer: the etrn.pl script was highly leveraged from the -# expn.pl script which is (C) 1993 David Muir Sharnoff. -############################################################################# - -$port = 'smtp'; -$av0 = $0; +my $port = 'smtp'; select(STDERR); -$0 = "$av0 - running hostname"; -chop($name = `hostname || uname -n`); +chop(my $name = `hostname || uname -n`); -$0 = "$av0 - lookup host FQDN and IP addr"; -($hostname,$aliases,$type,$len,undef) = gethostbyname($name); +(my $hostname, my $aliases, my $type, my $len, undef) = gethostbyname($name); -$0 = "$av0 - parsing args"; -$usage = "Usage: $av0 [-wd] host [args]"; -getopts('dw'); -$watch = $opt_w; -$debug = $opt_d; -$server = shift(@ARGV); -@hosts = @ARGV; +my $usage = "Usage: $PROGRAM_NAME [-v] host [args]"; +getopts('v'); +my $verbose = $opt_v; +my $server = shift(@ARGV); +my @hosts = @ARGV; die $usage unless $server; -@cwfiles = (); -$alarm_action = ""; +my @cwfiles = (); +my $alarm_action = ""; if (!@hosts) { - push(@hosts,$hostname); + push(@hosts, $hostname); - $0 = "$av0 - parsing sendmail.cf"; - open(CF, "){ - if (/^Fw.*$/){ # look for a line starting with "Fw" - $cwfile = $_; + # look for a line starting with "Fw" + if (/^Fw.*$/) { + my $cwfile = $ARG; chop($cwfile); - $optional = /^Fw-o/; - $cwfile =~ s,^Fw[^/]*,,; # extract the file name + my $optional = /^Fw-o/; + # extract the file name + $cwfile =~ s,^Fw[^/]*,,; + + # strip the options after the filename + $cwfile =~ s/ [^ ]+$//; if (-r $cwfile) { - push (@cwfiles, $cwfile); + push (@cwfiles, $cwfile); } else { - die "$cwfile is not readable" unless $optional; + die "$cwfile is not readable" unless $optional; } } - if (/^Cw(.*)$/){ # look for a line starting with "Cw" - @cws = split (' ', $1); + # look for a line starting with "Cw" + if (/^Cw(.*)$/) { + my @cws = split (' ', $1); while (@cws) { - $thishost = shift(@cws); - push(@hosts, $thishost) unless $thishost =~ "$hostname|localhost"; + my $thishost = shift(@cws); + push(@hosts, $thishost) + unless $thishost =~ "$hostname|localhost"; } } } close(CF); - for $cwfile (@cwfiles) { - $0 = "$av0 - reading $cwfile"; - if (open(CW, "<$cwfile")){ - while (){ + for my $cwfile (@cwfiles) { + if (open(CW, "<$cwfile")) { + while () { next if /^\#/; - $thishost = $_; + my $thishost = $ARG; chop($thishost); - push(@hosts, $thishost) unless $thishost =~ $hostname; + push(@hosts, $thishost) + unless $thishost =~ $hostname; } close(CW); } else { - die "open $cwfile: $!"; + die "open $cwfile: $ERRNO"; } } } -$0 = "$av0 - building local socket"; -($name,$aliases,$proto) = getprotobyname('tcp'); -($name,$aliases,$port) = getservbyname($port,'tcp') +($name, $aliases, my $proto) = getprotobyname('tcp'); +($name, $aliases, $port) = getservbyname($port, 'tcp') unless $port =~ /^\d+/; # look it up -$0 = "$av0 - gethostbyname($server)"; -($name,$aliases,$type,$len,$thataddr) = gethostbyname($server); +($name, $aliases, $type, $len, my $thataddr) = gethostbyname($server); (!defined($name)) && die "gethostbyname failed, unknown host $server"; # get a connection -$0 = "$av0 - socket to $server"; -$that = pack($sockaddr, &AF_INET, $port, $thataddr); +my $that = pack($sockaddr, &AF_INET, $port, $thataddr); socket(S, &AF_INET, &SOCK_STREAM, $proto) - || die "socket: $!"; -$0 = "$av0 - connect to $server"; -print "debug = $debug server = $server\n" if (defined($debug) && $debug > 8); + || die "socket: $ERRNO"; +print "server = $server\n" if (defined($verbose)); &alarm("connect to $server"); if (! connect(S, $that)) { - die "cannot connect to $server: $!\n"; + die "cannot connect to $server: $ERRNO\n"; } alarm(0); -select((select(S),$| = 1)[0]); # don't buffer output to S +select((select(S), $OUTPUT_AUTOFLUSH = 1)[0]); # don't buffer output to S # read the greeting -$0 = "$av0 - talking to $server"; &alarm("greeting with $server"); -while() { +while () { alarm(0); - print if $watch; + print if $verbose; if (/^(\d+)([- ])/) { + # SMTP's initial greeting response code is 220. if ($1 != 220) { - $0 = "$av0 - bad numeric response from $server"; &alarm("giving up after bad response from $server"); - &read_response($2,$watch); + &read_response($2, $verbose); alarm(0); - print STDERR "$server: NOT 220 greeting: $_" - if ($debug || $watch); + print STDERR "$server: NOT 220 greeting: $ARG" + if ($verbose); } last if ($2 eq " "); } else { - $0 = "$av0 - bad response from $server"; - print STDERR "$server: NOT 220 greeting: $_" - if ($debug || $watch); + print STDERR "$server: NOT 220 greeting: $ARG" + if ($verbose); close(S); } &alarm("greeting with $server"); } alarm(0); -# if this causes problems, remove it -$0 = "$av0 - sending helo to $server"; &alarm("sending ehlo to $server"); &ps("ehlo $hostname"); -$etrn_support = 0; -while() { - if (/^250([- ])ETRN(.+)$/){ +my $etrn_support = 0; +while () { + if (/^250([- ])ETRN(.+)$/) { $etrn_support = 1; } - print if $watch; + print if $verbose; last if /^\d+ /; } alarm(0); -if ($etrn_support){ - print "ETRN supported\n" if ($debug); +if ($etrn_support) { + print "ETRN supported\n" if ($verbose); &alarm("sending etrn to $server"); while (@hosts) { $server = shift(@hosts); &ps("etrn $server"); - while() { - print if $watch; + while () { + print if $verbose; last if /^\d+ /; } sleep(1); @@ -199,10 +162,9 @@ if ($etrn_support){ } &alarm("sending 'quit' to $server"); -$0 = "$av0 - sending 'quit' to $server"; &ps("quit"); -while() { - print if $watch; +while () { + print if $verbose; last if /^\d+ /; } close(S); @@ -211,11 +173,11 @@ alarm(0); select(STDOUT); exit(0); -# print to the server (also to stdout, if -w) +# print to the server (also to stdout, if -v) sub ps { - local($p) = @_; - print ">>> $p\n" if $watch; + my ($p) = @_; + print ">>> $p\n" if $verbose; print S "$p\n"; } @@ -233,107 +195,24 @@ sub handle_alarm sub giveup { - local($reason) = @_; - local($pk,$file,$line); + my $reason = @_; + (my $pk, my $file, my $line); ($pk, $file, $line) = caller; - $0 = "$av0 - giving up on $server: $reason"; - print "Timed out during $reason\n" if $debug; + print "Timed out during $reason\n" if $verbose; exit(1); } # read the rest of the current smtp daemon's response (and toss it away) sub read_response { - local($done,$watch) = @_; - local(@resp); - print $s if $watch; - while(($done eq "-") && ($s = ) && ($s =~ /^\d+([- ])/)) { - print $s if $watch; + (my $done, $verbose) = @_; + (my @resp); + print my $s if $verbose; + while (($done eq "-") && ($s = ) && ($s =~ /^\d+([- ])/)) { + print $s if $verbose; $done = $1; - push(@resp,$s); + push(@resp, $s); } return @resp; } -# to pass perl -w: -my $x; -$x=$opt_d; -$x=$opt_w; -&handle_alarm; -################### BEGIN PERL/TROFF TRANSITION -.00 ; - -'di -.nr nl 0-1 -.nr % 0 -.\\"'; __END__ -.\" ############## END PERL/TROFF TRANSITION -.TH ETRN 1 "January 25, 1997" -.AT 3 -.SH NAME -etrn \- start mail queue run -.SH SYNOPSIS -.B etrn -.RI [ -w ] -.RI [ -d ] -.IR hostname -.RI [ args ] -.SH DESCRIPTION -.B etrn -will use the SMTP -.B etrn -command to start mail delivery from the host given on the command line. -.B etrn -usually sends an -.B etrn -for each host the local sendmail accepts e-mail for, but if -.IR args -are specified, -.B etrn -uses these as arguments for the SMTP -.B etrn -commands passed to the host given on the command line. -.SH OPTIONS -.LP -The normal mode of operation for -.B etrn -is to do all of its work silently. -The following options make it more verbose. -It is not necessary to make it verbose to see what it is -doing because as it works, it changes its -.BR argv [0] -variable to reflect its current activity. -The -.IR -w , -watch, flag will cause -.B etrn -to show you its conversations with the mail daemons. -The -.IR -d , -debug, flag will expose many of the inner workings so that -it is possible to eliminate bugs. -.SH ENVIRONMENT -No enviroment variables are used. -.SH FILES -.B /etc/mail/sendmail.cf -.SH SEE ALSO -.BR sendmail (8), -RFC 1985. -.SH BUGS -Not all mail daemons will implement -.B etrn . -.LP -It is assumed that you are running domain names. -.SH CREDITS -Leveraged from David Muir Sharnoff's expn.pl script. -Christian von Roques added support for -.IR args -and fixed a couple of bugs. -.SH AVAILABILITY -The latest version of -.B etrn -is available in the contrib directory of the sendmail -distribution through anonymous ftp at -.IR ftp://ftp.sendmail.org/ucb/src/sendmail/ . -.SH AUTHOR -.I John T. Beck\ \ \ \ diff --git a/contrib/sendmail/contrib/expn.pl b/contrib/sendmail/contrib/expn.pl index dd777e699118..d67fb0f4e1d3 100755 --- a/contrib/sendmail/contrib/expn.pl +++ b/contrib/sendmail/contrib/expn.pl @@ -1305,7 +1305,7 @@ Finally, the debug, flag will expose many of the inner workings so that it is possible to eliminate bugs. .SH ENVIRONMENT -No enviroment variables are used. +No environment variables are used. .SH FILES .PD 0 .B /tmp/expn$$ diff --git a/contrib/sendmail/doc/op/op.me b/contrib/sendmail/doc/op/op.me index 6780db5dca5c..b353696cfa7b 100644 --- a/contrib/sendmail/doc/op/op.me +++ b/contrib/sendmail/doc/op/op.me @@ -9,7 +9,7 @@ .\" the sendmail distribution. .\" .\" -.\" $Id: op.me,v 8.609.2.2 2002/06/25 20:30:35 ca Exp $ +.\" $Id: op.me,v 8.609.2.5 2002/08/04 19:12:07 ca Exp $ .\" .\" eqn op.me | pic | troff -me .\" @@ -88,7 +88,7 @@ Sendmail, Inc. .de Ve Version \\$2 .. -.Ve $Revision: 8.609.2.2 $ +.Ve $Revision: 8.609.2.5 $ .rm Ve .sp For Sendmail Version 8.12 @@ -4577,6 +4577,13 @@ and the third is either `s' or `r' for sender/recipient address. Notice: for header addresses no distinction is currently made between sender and recipient addresses, i.e., the macro contains only `h'. +.ip ${alg_bits} +The maximum keylength (in bits) of the symmetric encryption algorithm +used for a TLS connection. +This may be less than the effective keylength, +which is stored in +.b ${cipher_bits} , +for ``export controlled'' algorithms. .ip ${auth_authen} The client's authentication credentials as determined by authentication (only set if successful). @@ -4610,7 +4617,7 @@ The cipher suite used for the connection, e.g., EDH-DSS-DES-CBC3-SHA, EDH-RSA-DES-CBC-SHA, DES-CBC-MD5, DES-CBC3-SHA (STARTTLS only). .ip ${cipher_bits} -The keylength (in bits) of the symmetric encryption algorithm +The effective keylength (in bits) of the symmetric encryption algorithm used for a TLS connection. .ip ${client_addr} The IP address of the SMTP client. @@ -6769,8 +6776,12 @@ p Print error messages (default) q No messages, just give exit status m Mail back errors w Write back errors (mail if user not logged in) -e Mail back errors and give zero exit stat always +e Mail back errors (when applicable) and give zero exit stat always .)b +Note that the last mode, +.q e , +is for Berknet error processing and +should not be used in normal circumstances. .ip FallbackMXhost=\fIfallbackhost\fP [V] If specified, the @@ -6996,6 +7007,15 @@ will not be exceeded, while the remaining queue groups will be run later (in round robin order). See also .i MaxRunnersPerQueue and the section \fBQueue Group Declaration\fP. +Notice: +.i sendmail +does not count individual queue runners, but only sets of processes +that act on a workgroup. +Hence the actual number of queue runners may be lower than the limit +imposed by +.i MaxQueueChildren . +This discrepancy can be large if some queue runners have to wait +for a slow server and if short intervals are used. .ip MaxQueueRunSize=\fIN\fP [no short name] The maximum number of jobs that will be processed @@ -7300,7 +7320,7 @@ and the option divided by the difference in the current load average and the .b QueueLA option plus one -is less than the priority of the message, +is less than the priority of the message, just queue messages (i.e., don't try to send them). Defaults to 8 multiplied by @@ -10671,7 +10691,7 @@ replace it with a blank sheet for double-sided output. .\".sz 10 .\"Eric Allman .\".sp -.\"Version $Revision: 8.609.2.2 $ +.\"Version $Revision: 8.609.2.5 $ .\".ce 0 .bp 3 .ce diff --git a/contrib/sendmail/include/sm/conf.h b/contrib/sendmail/include/sm/conf.h index 83950bc85fa7..f1549225a2b9 100644 --- a/contrib/sendmail/include/sm/conf.h +++ b/contrib/sendmail/include/sm/conf.h @@ -10,7 +10,7 @@ * the sendmail distribution. * * - * $Id: conf.h,v 1.90.2.2 2002/06/21 22:31:35 gshapiro Exp $ + * $Id: conf.h,v 1.90.2.4 2002/08/26 22:58:37 gshapiro Exp $ */ /* @@ -721,6 +721,7 @@ typedef int pid_t; # define HASSTRERROR 1 /* has strerror(3) */ # define HASGETDTABLESIZE 1 # define HASGETUSERSHELL 1 +# define HAS_IN_H 1 # define SM_CONF_GETOPT 0 /* need a replacement for getopt(3) */ # define BSD4_4_SOCKADDR /* has sa_len */ # define NETLINK 1 /* supports AF_LINK */ @@ -733,6 +734,7 @@ typedef int pid_t; # define ERRLIST_PREDEFINED /* don't declare sys_errlist */ # ifndef NOT_SENDMAIL # define sleep sleepX +extern unsigned int sleepX __P((unsigned int seconds)); # endif /* ! NOT_SENDMAIL */ # endif /* defined(DARWIN) */ diff --git a/contrib/sendmail/include/sm/varargs.h b/contrib/sendmail/include/sm/varargs.h index 7d2b5cadde60..34f75124af11 100644 --- a/contrib/sendmail/include/sm/varargs.h +++ b/contrib/sendmail/include/sm/varargs.h @@ -6,7 +6,7 @@ * forth in the LICENSE file which can be found at the top level of * the sendmail distribution. * - * $Id: varargs.h,v 1.7 2001/09/13 16:45:40 ca Exp $ + * $Id: varargs.h,v 1.7.2.1 2002/07/29 21:43:20 gshapiro Exp $ */ /* @@ -31,7 +31,7 @@ # elif defined(__va_copy) # define SM_VA_COPY(dst, src) __va_copy((dst), (src)) # else -# define SM_VA_COPY(dst, src) (dst) = (src) +# define SM_VA_COPY(dst, src) memcpy(&(dst), &(src), sizeof((dst))) # endif /* diff --git a/contrib/sendmail/libmilter/comm.c b/contrib/sendmail/libmilter/comm.c index 0bf7e5c0010d..73d51b14ca52 100644 --- a/contrib/sendmail/libmilter/comm.c +++ b/contrib/sendmail/libmilter/comm.c @@ -9,7 +9,7 @@ */ #include -SM_RCSID("@(#)$Id: comm.c,v 8.54 2002/03/06 16:03:26 ca Exp $") +SM_RCSID("@(#)$Id: comm.c,v 8.54.2.2 2002/08/16 17:09:13 ca Exp $") #include "libmilter.h" #include @@ -63,10 +63,19 @@ mi_rd_cmd(sd, timeout, cmd, rlen, name) return NULL; } - FD_Z; i = 0; - while ((ret = select(sd + 1, &readset, NULL, &excset, timeout)) >= 1) + for (;;) { + FD_Z; + ret = select(sd + 1, &readset, NULL, &excset, timeout); + if (ret == 0) + break; + else if (ret < 0) + { + if (errno == EINTR) + continue; + break; + } if (FD_ISSET(sd, &excset)) { *cmd = SMFIC_SELECT; @@ -90,7 +99,6 @@ mi_rd_cmd(sd, timeout, cmd, rlen, name) if (len >= (ssize_t) sizeof data - i) break; i += len; - FD_Z; } if (ret == 0) { @@ -129,9 +137,18 @@ mi_rd_cmd(sd, timeout, cmd, rlen, name) } i = 0; - FD_Z; - while ((ret = select(sd + 1, &readset, NULL, &excset, timeout)) == 1) + for (;;) { + FD_Z; + ret = select(sd + 1, &readset, NULL, &excset, timeout); + if (ret == 0) + break; + else if (ret < 0) + { + if (errno == EINTR) + continue; + break; + } if (FD_ISSET(sd, &excset)) { *cmd = SMFIC_SELECT; @@ -169,7 +186,6 @@ mi_rd_cmd(sd, timeout, cmd, rlen, name) return buf; } i += len; - FD_Z; } save_errno = errno; diff --git a/contrib/sendmail/libmilter/engine.c b/contrib/sendmail/libmilter/engine.c index 74140720352b..221a99fc80f6 100644 --- a/contrib/sendmail/libmilter/engine.c +++ b/contrib/sendmail/libmilter/engine.c @@ -9,7 +9,7 @@ */ #include -SM_RCSID("@(#)$Id: engine.c,v 8.109 2002/03/13 17:18:44 gshapiro Exp $") +SM_RCSID("@(#)$Id: engine.c,v 8.109.2.1 2002/07/29 16:40:47 ca Exp $") #include "libmilter.h" @@ -308,8 +308,11 @@ mi_engine(ctx) curstate = ST_HELO; if (!trans_ok(curstate, newstate)) { - free(buf); - buf = NULL; + if (buf != NULL) + { + free(buf); + buf = NULL; + } continue; } } diff --git a/contrib/sendmail/libmilter/listener.c b/contrib/sendmail/libmilter/listener.c index 03d8acd34e68..e809a7b615aa 100644 --- a/contrib/sendmail/libmilter/listener.c +++ b/contrib/sendmail/libmilter/listener.c @@ -9,7 +9,7 @@ */ #include -SM_RCSID("@(#)$Id: listener.c,v 8.85 2002/05/28 18:17:41 gshapiro Exp $") +SM_RCSID("@(#)$Id: listener.c,v 8.85.2.1 2002/08/09 22:13:36 gshapiro Exp $") /* ** listener.c -- threaded network listener @@ -621,12 +621,19 @@ mi_closener() st.tv_sec = (s); \ st.tv_usec = 0; \ if (st.tv_sec > 0) \ - rs = select(0, NULL, NULL, NULL, &st); \ - if (rs != 0) \ { \ - smi_log(SMI_LOG_ERR, \ - "MI_SLEEP(): select() returned non-zero result %d, errno = %d", \ - rs, errno); \ + for (;;) \ + { \ + rs = select(0, NULL, NULL, NULL, &st); \ + if (rs < 0 && errno == EINTR) \ + continue; \ + if (rs != 0) \ + { \ + smi_log(SMI_LOG_ERR, \ + "MI_SLEEP(): select() returned non-zero result %d, errno = %d", \ + rs, errno); \ + } \ + } \ } \ } #else /* BROKEN_PTHREAD_SLEEP */ diff --git a/contrib/sendmail/libsm/clock.c b/contrib/sendmail/libsm/clock.c index fb7e9112eaa0..4a8bf3896d0d 100644 --- a/contrib/sendmail/libsm/clock.c +++ b/contrib/sendmail/libsm/clock.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2001 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -12,7 +12,7 @@ */ #include -SM_RCSID("@(#)$Id: clock.c,v 1.35.2.1 2002/06/20 05:14:45 gshapiro Exp $") +SM_RCSID("@(#)$Id: clock.c,v 1.35.2.2 2002/06/27 23:24:20 gshapiro Exp $") #include #include #include diff --git a/contrib/sendmail/libsm/ldap.c b/contrib/sendmail/libsm/ldap.c index 3e85a87664e0..bc426a0afdc2 100644 --- a/contrib/sendmail/libsm/ldap.c +++ b/contrib/sendmail/libsm/ldap.c @@ -8,7 +8,7 @@ */ #include -SM_RCSID("@(#)$Id: ldap.c,v 1.44 2002/02/22 21:54:02 gshapiro Exp $") +SM_RCSID("@(#)$Id: ldap.c,v 1.44.2.2 2002/08/09 22:23:12 gshapiro Exp $") #if LDAPMAP # include @@ -888,7 +888,8 @@ sm_ldap_results(lmap, msgid, flags, delim, rpool, result, for (i = 0; vals[i] != NULL; i++) { - if (*resultln > 0) + if (*resultln > 0 && + p < pe) *p++ = (char) delim; if (lmap->ldap_attrsep != '\0') @@ -1162,6 +1163,9 @@ sm_ldap_setopts(ld, lmap) ldap_set_option(ld, LDAP_OPT_REFERRALS, LDAP_OPT_OFF); ldap_set_option(ld, LDAP_OPT_SIZELIMIT, &lmap->ldap_sizelimit); ldap_set_option(ld, LDAP_OPT_TIMELIMIT, &lmap->ldap_timelimit); +# ifdef LDAP_OPT_RESTART + ldap_set_option(ld, LDAP_OPT_RESTART, LDAP_OPT_ON); +# endif /* LDAP_OPT_RESTART */ # else /* USE_LDAP_SET_OPTION */ /* From here on in we can use ldap internal timelimits */ ld->ld_deref = lmap->ldap_deref; diff --git a/contrib/sendmail/src/Makefile.m4 b/contrib/sendmail/src/Makefile.m4 index 615ac594f937..6143bbedd46d 100644 --- a/contrib/sendmail/src/Makefile.m4 +++ b/contrib/sendmail/src/Makefile.m4 @@ -1,4 +1,4 @@ -dnl $Id: Makefile.m4,v 8.91.2.1 2002/06/21 21:58:47 ca Exp $ +dnl $Id: Makefile.m4,v 8.91.2.3 2002/07/29 22:08:09 gshapiro Exp $ include(confBUILDTOOLSDIR`/M4/switch.m4') define(`confREQUIRE_LIBSM', `true') @@ -20,8 +20,12 @@ define(`bldTARGET_LINKS', ifdef(`confLINKS', `confLINKS', # location of sendmail statistics file (usually /etc/mail/ or /var/log) STDIR= ifdef(`confSTDIR', `confSTDIR', `/etc/mail') +# statistics file name +STFILE= ifdef(`confSTFILE', `confSTFILE', `statistics') +MSPSTFILE=ifdef(`confMSP_STFILE', `confMSP_STFILE', `sm-client.st') + # full path to installed statistics file (usually ${STDIR}/statistics) -STFILE= ${STDIR}/ifdef(`confSTFILE', `confSTFILE', `statistics') +STPATH= ${STDIR}/${STFILE} # location of sendmail helpfile file (usually /etc/mail) HFDIR= ifdef(`confHFDIR', `confHFDIR', `/etc/mail') @@ -66,7 +70,7 @@ install-set-user-id: bldCURRENT_PRODUCT ifdef(`confNO_HELPFILE_INSTALL',, `insta ${INSTALL} -c -o ${S`'BINOWN} -g ${S`'BINGRP} -m ${S`'BINMODE} bldCURRENT_PRODUCT ${DESTDIR}${M`'BINDIR} for i in ${sendmailTARGET_LINKS}; do \ rm -f $$i; \ - ln -s ${M`'BINDIR}/sendmail $$i; \ + ${LN} ${LNOPTS} ${M`'BINDIR}/sendmail $$i; \ done define(`confMTA_LINKS', `${DESTDIR}${UBINDIR}/newaliases ${DESTDIR}${UBINDIR}/mailq ${DESTDIR}${UBINDIR}/hoststat ${DESTDIR}${UBINDIR}/purgestat') @@ -74,7 +78,7 @@ install-sm-mta: bldCURRENT_PRODUCT ${INSTALL} -c -o ${M`'BINOWN} -g ${M`'BINGRP} -m ${M`'BINMODE} bldCURRENT_PRODUCT ${DESTDIR}${M`'BINDIR}/sm-mta for i in confMTA_LINKS; do \ rm -f $$i; \ - ln -s ${M`'BINDIR}/sm-mta $$i; \ + ${LN} ${LNOPTS} ${M`'BINDIR}/sm-mta $$i; \ done install-hf: @@ -83,7 +87,11 @@ install-hf: install-st: statistics if [ ! -d ${DESTDIR}${STDIR} ]; then mkdir -p ${DESTDIR}${STDIR}; else :; fi - ${INSTALL} -c -o ${SBINOWN} -g ${UBINGRP} -m ifdef(`confSTMODE', `confSTMODE', `0600') statistics ${DESTDIR}${STFILE} + ${INSTALL} -c -o ${SBINOWN} -g ${UBINGRP} -m ifdef(`confSTMODE', `confSTMODE', `0600') statistics ${DESTDIR}${STPATH} + +install-submit-st: statistics ${DESTDIR}${MSPQ} + ${INSTALL} -c -o ${MSPQOWN} -g ${GBINGRP} -m ifdef(`confSTMODE', `confSTMODE', `0600') statistics ${DESTDIR}${MSPQ}/${MSPSTFILE} + divert(0) bldPRODUCT_END diff --git a/contrib/sendmail/src/TRACEFLAGS b/contrib/sendmail/src/TRACEFLAGS index c64afd1a4c80..2aad39b80008 100644 --- a/contrib/sendmail/src/TRACEFLAGS +++ b/contrib/sendmail/src/TRACEFLAGS @@ -1,4 +1,4 @@ -# $Id: TRACEFLAGS,v 8.37 2002/05/24 23:37:32 ca Exp $ +# $Id: TRACEFLAGS,v 8.37.2.1 2002/07/01 20:55:47 gshapiro Exp $ 0, 4 main.c main canonical name, UUCP node name, a.k.a.s 0, 15 main.c main print configuration 0, 44 util.c printav print address of each string @@ -80,6 +80,7 @@ #if _FFR_QUARANTINE 70 queue.c quarantining #endif /* _FFR_QUARANTINE */ +71,>99 milter.c quarantine on errors 80 content length 81 sun remote mode 91 mci.c syslogging of MCI cache information diff --git a/contrib/sendmail/src/collect.c b/contrib/sendmail/src/collect.c index a926d61f0ec6..a4149fb0a260 100644 --- a/contrib/sendmail/src/collect.c +++ b/contrib/sendmail/src/collect.c @@ -13,7 +13,7 @@ #include -SM_RCSID("@(#)$Id: collect.c,v 8.242 2002/05/10 15:40:09 ca Exp $") +SM_RCSID("@(#)$Id: collect.c,v 8.242.2.2 2002/08/16 14:56:01 ca Exp $") static void collecttimeout __P((time_t)); static void dferror __P((SM_FILE_T *volatile, char *, ENVELOPE *)); @@ -60,8 +60,8 @@ collect_eoh(e, numhdrs, hdrslen) if (tTd(30, 10)) sm_dprintf("collect: rscheck(\"check_eoh\", \"%s $| %s\")\n", hnum, hsize); - (void) rscheck("check_eoh", hnum, hsize, e, false, true, 3, NULL, - e->e_id); + (void) rscheck("check_eoh", hnum, hsize, e, RSF_UNSTRUCTURED|RSF_COUNT, + 3, NULL, e->e_id); /* ** Process the header, @@ -765,6 +765,7 @@ collect(fp, smtpmode, hdrp, e) { char *host; char *problem; + ADDRESS *q; host = RealHostName; if (host == NULL) @@ -795,6 +796,14 @@ collect(fp, smtpmode, hdrp, e) e->e_flags &= ~EF_FATALERRS; e->e_flags |= EF_CLRQUEUE; + /* Don't send any message notification to sender */ + for (q = e->e_sendqueue; q != NULL; q = q->q_next) + { + if (QS_IS_DEAD(q->q_state)) + continue; + q->q_state = QS_FATALERR; + } + finis(true, true, ExitStat); /* NOTREACHED */ } diff --git a/contrib/sendmail/src/deliver.c b/contrib/sendmail/src/deliver.c index e70e1daa54f9..46f5a912ad42 100644 --- a/contrib/sendmail/src/deliver.c +++ b/contrib/sendmail/src/deliver.c @@ -14,7 +14,7 @@ #include #include -SM_RCSID("@(#)$Id: deliver.c,v 8.940 2002/06/06 00:03:16 gshapiro Exp $") +SM_RCSID("@(#)$Id: deliver.c,v 8.940.2.3 2002/08/16 14:56:01 ca Exp $") #if HASSETUSERCONTEXT # include @@ -1013,6 +1013,16 @@ dup_queue_file(e, ee, type) (void) sm_strlcpy(f1buf, queuename(e, type), sizeof f1buf); (void) sm_strlcpy(f2buf, queuename(ee, type), sizeof f2buf); + + /* Force the df to disk if it's not there yet */ + if (type == DATAFL_LETTER && e->e_dfp != NULL && + sm_io_setinfo(e->e_dfp, SM_BF_COMMIT, NULL) < 0 && + errno != EINVAL) + { + syserr("!dup_queue_file: can't commit %s", f1buf); + /* NOTREACHED */ + } + if (link(f1buf, f2buf) < 0) { int save_errno = errno; @@ -1545,7 +1555,8 @@ deliver(e, firstto) quarantine = (e->e_quarmsg != NULL); #endif /* _FFR_QUARANTINE */ rcode = rscheck("check_compat", e->e_from.q_paddr, to->q_paddr, - e, true, true, 3, NULL, e->e_id); + e, RSF_RMCOMM|RSF_COUNT, 3, NULL, + e->e_id); if (rcode == EX_OK) { /* do in-code checking if not discarding */ @@ -2347,10 +2358,14 @@ deliver(e, firstto) pwd = sm_getpwnam(contextaddr->q_ruser); else pwd = sm_getpwnam(contextaddr->q_user); - if (pwd != NULL) - (void) setusercontext(NULL, - pwd, pwd->pw_uid, - LOGIN_SETRESOURCES|LOGIN_SETPRIORITY); + if (pwd != NULL && + setusercontext(NULL, pwd, pwd->pw_uid, + LOGIN_SETRESOURCES|LOGIN_SETPRIORITY) == -1 && + suidwarn) + { + syserr("openmailer: setusercontext() failed"); + exit(EX_TEMPFAIL); + } } # endif /* HASSETUSERCONTEXT */ @@ -2879,8 +2894,8 @@ deliver(e, firstto) olderrors = Errors; QuickAbort = false; SuprErrs = true; - if (rscheck("try_tls", host, NULL, e, true, - false, 7, host, NOQID) != EX_OK + if (rscheck("try_tls", host, NULL, e, + RSF_RMCOMM, 7, host, NOQID) != EX_OK || Errors > olderrors) usetls = false; SuprErrs = saveSuprErrs; @@ -2948,8 +2963,8 @@ deliver(e, firstto) if (rscheck("tls_server", macvalue(macid("{verify}"), e), - NULL, e, true, true, 5, host, - NOQID) != EX_OK || + NULL, e, RSF_RMCOMM|RSF_COUNT, 5, + host, NOQID) != EX_OK || Errors > olderrors || rcode == EX_SOFTWARE) { @@ -3241,8 +3256,8 @@ deliver(e, firstto) e->e_to = to->q_paddr; # if STARTTLS i = rscheck("tls_rcpt", to->q_user, NULL, e, - true, true, 3, mci->mci_host, - e->e_id); + RSF_RMCOMM|RSF_COUNT, 3, + mci->mci_host, e->e_id); if (i != EX_OK) { markfailure(e, to, mci, i, false); diff --git a/contrib/sendmail/src/domain.c b/contrib/sendmail/src/domain.c index f48f987fd892..f086d8085431 100644 --- a/contrib/sendmail/src/domain.c +++ b/contrib/sendmail/src/domain.c @@ -14,9 +14,9 @@ #include #if NAMED_BIND -SM_RCSID("@(#)$Id: domain.c,v 8.181 2002/05/24 23:48:42 gshapiro Exp $ (with name server)") +SM_RCSID("@(#)$Id: domain.c,v 8.181.2.1 2002/06/27 16:55:04 ca Exp $ (with name server)") #else /* NAMED_BIND */ -SM_RCSID("@(#)$Id: domain.c,v 8.181 2002/05/24 23:48:42 gshapiro Exp $ (without name server)") +SM_RCSID("@(#)$Id: domain.c,v 8.181.2.1 2002/06/27 16:55:04 ca Exp $ (without name server)") #endif /* NAMED_BIND */ #if NAMED_BIND @@ -664,7 +664,7 @@ bestmx_map_lookup(map, name, av, statp) #endif /* _FFR_BESTMX_BETTER_TRUNCATION */ _res.options &= ~(RES_DNSRCH|RES_DEFNAMES); - nmx = getmxrr(name, mxhosts, NULL, false, statp, true, NULL); + nmx = getmxrr(name, mxhosts, NULL, false, statp, false, NULL); _res.options = saveopts; if (nmx <= 0) return NULL; diff --git a/contrib/sendmail/src/main.c b/contrib/sendmail/src/main.c index 22a1aaccaf0b..2aff085ab2b4 100644 --- a/contrib/sendmail/src/main.c +++ b/contrib/sendmail/src/main.c @@ -25,7 +25,7 @@ SM_UNUSED(static char copyright[]) = The Regents of the University of California. All rights reserved.\n"; #endif /* ! lint */ -SM_RCSID("@(#)$Id: main.c,v 8.887 2002/06/17 22:25:52 gshapiro Exp $") +SM_RCSID("@(#)$Id: main.c,v 8.887.2.1 2002/08/04 17:36:06 gshapiro Exp $") #if NETINET || NETINET6 @@ -3380,7 +3380,7 @@ getextenv(envar) int l; l = strlen(envar); - for (envp = ExternalEnviron; *envp != NULL; envp++) + for (envp = ExternalEnviron; envp != NULL && *envp != NULL; envp++) { if (strncmp(*envp, envar, l) == 0 && (*envp)[l] == '=') return &(*envp)[l + 1]; diff --git a/contrib/sendmail/src/map.c b/contrib/sendmail/src/map.c index f0301ebed5f1..feba80bea0af 100644 --- a/contrib/sendmail/src/map.c +++ b/contrib/sendmail/src/map.c @@ -13,7 +13,7 @@ #include -SM_RCSID("@(#)$Id: map.c,v 8.645.2.1 2002/06/21 20:25:23 ca Exp $") +SM_RCSID("@(#)$Id: map.c,v 8.645.2.3 2002/08/09 22:23:13 gshapiro Exp $") #if LDAPMAP # include @@ -3811,6 +3811,8 @@ ldapmap_lookup(map, name, av, statp) { p += sm_strlcpy(p, attr, vsize - (p - vp_tmp)); + if (p >= vp_tmp + vsize) + syserr("ldapmap_lookup: Internal error: buffer too small for LDAP values"); *p++ = lmap->ldap_attrsep; } p += sm_strlcpy(p, vals[i], @@ -7198,6 +7200,7 @@ ns_map_t_find(mapname) ns_map = (ns_map_list_t *) xalloc(sizeof *ns_map); ns_map->mapname = newstr(mapname); ns_map->map = (ns_map_t *) xalloc(sizeof *ns_map->map); + memset(ns_map->map, '\0', sizeof *ns_map->map); ns_map->next = ns_maps; ns_maps = ns_map; } diff --git a/contrib/sendmail/src/milter.c b/contrib/sendmail/src/milter.c index 2e45e509ac6d..271f7dca3950 100644 --- a/contrib/sendmail/src/milter.c +++ b/contrib/sendmail/src/milter.c @@ -10,7 +10,7 @@ #include -SM_RCSID("@(#)$Id: milter.c,v 8.197 2002/06/12 22:33:48 gshapiro Exp $") +SM_RCSID("@(#)$Id: milter.c,v 8.197.2.2 2002/08/06 22:58:38 gshapiro Exp $") #if MILTER # include @@ -45,13 +45,33 @@ static char *MilterEnvRcptMacros[MAXFILTERMACROS + 1]; milter_abort(e); \ } -# define MILTER_CHECK_ERROR(action) \ +# if _FFR_QUARANTINE +# define MILTER_CHECK_ERROR(action) \ + if (tTd(71, 101)) \ + { \ + if (e->e_quarmsg == NULL) \ + { \ + e->e_quarmsg = sm_rpool_strdup_x(e->e_rpool, \ + "filter failure"); \ + macdefine(&e->e_macro, A_PERM, macid("{quarantine}"), \ + e->e_quarmsg); \ + } \ + } \ + else if (bitnset(SMF_TEMPFAIL, m->mf_flags)) \ + *state = SMFIR_TEMPFAIL; \ + else if (bitnset(SMF_REJECT, m->mf_flags)) \ + *state = SMFIR_REJECT; \ + else \ + action; +# else /* _FFR_QUARANTINE */ +# define MILTER_CHECK_ERROR(action) \ if (bitnset(SMF_TEMPFAIL, m->mf_flags)) \ *state = SMFIR_TEMPFAIL; \ else if (bitnset(SMF_REJECT, m->mf_flags)) \ *state = SMFIR_REJECT; \ else \ action; +# endif /* _FFR_QUARANTINE */ # define MILTER_CHECK_REPLYCODE(default) \ if (response == NULL || \ diff --git a/contrib/sendmail/src/parseaddr.c b/contrib/sendmail/src/parseaddr.c index 0c9d49e146fe..c7de84b07acb 100644 --- a/contrib/sendmail/src/parseaddr.c +++ b/contrib/sendmail/src/parseaddr.c @@ -13,7 +13,7 @@ #include -SM_RCSID("@(#)$Id: parseaddr.c,v 8.359.2.1 2002/06/19 18:24:26 gshapiro Exp $") +SM_RCSID("@(#)$Id: parseaddr.c,v 8.359.2.2 2002/08/16 14:56:01 ca Exp $") static void allocaddr __P((ADDRESS *, int, char *, ENVELOPE *)); static int callsubr __P((char**, int, ENVELOPE *)); @@ -2871,8 +2871,7 @@ dequote_map(map, name, av, statp) ** p1 -- the first string to check. ** p2 -- the second string to check -- may be null. ** e -- the current envelope. -** rmcomm -- remove comments? -** cnt -- count rejections (statistics)? +** flags -- control some behavior, see RSF_ in sendmail.h ** logl -- logging level. ** host -- NULL or relay host. ** logid -- id for sm_syslog. @@ -2883,12 +2882,12 @@ dequote_map(map, name, av, statp) */ int -rscheck(rwset, p1, p2, e, rmcomm, cnt, logl, host, logid) +rscheck(rwset, p1, p2, e, flags, logl, host, logid) char *rwset; char *p1; char *p2; ENVELOPE *e; - bool rmcomm, cnt; + int flags; int logl; char *host; char *logid; @@ -2948,7 +2947,7 @@ rscheck(rwset, p1, p2, e, rmcomm, cnt, logl, host, logid) SuprErrs = true; QuickAbort = false; pvp = prescan(buf, '\0', pvpbuf, sizeof pvpbuf, NULL, - rmcomm ? NULL : TokTypeNoC); + bitset(RSF_RMCOMM, flags) ? NULL : TokTypeNoC); SuprErrs = saveSuprErrs; if (pvp == NULL) { @@ -2961,7 +2960,11 @@ rscheck(rwset, p1, p2, e, rmcomm, cnt, logl, host, logid) */ goto finis; } + if (bitset(RSF_UNSTRUCTURED, flags)) + SuprErrs = true; (void) REWRITE(pvp, rsno, e); + if (bitset(RSF_UNSTRUCTURED, flags)) + SuprErrs = saveSuprErrs; if (pvp[0] == NULL || (pvp[0][0] & 0377) != CANONNET || pvp[1] == NULL || (strcmp(pvp[1], "error") != 0 && strcmp(pvp[1], "discard") != 0)) @@ -3012,7 +3015,7 @@ rscheck(rwset, p1, p2, e, rmcomm, cnt, logl, host, logid) ExitStat = saveexitstat; if (!logged) { - if (cnt) + if (bitset(RSF_COUNT, flags)) markstats(e, &a1, STATS_REJECT); logged = true; } diff --git a/contrib/sendmail/src/queue.c b/contrib/sendmail/src/queue.c index 98096c7c3f50..26e73f0f52c1 100644 --- a/contrib/sendmail/src/queue.c +++ b/contrib/sendmail/src/queue.c @@ -13,7 +13,7 @@ #include -SM_RCSID("@(#)$Id: queue.c,v 8.863.2.2 2002/06/25 21:34:31 gshapiro Exp $") +SM_RCSID("@(#)$Id: queue.c,v 8.863.2.6 2002/08/16 16:27:37 gshapiro Exp $") #include @@ -1463,21 +1463,36 @@ runqueue(forkflag, verbose, persistent, runall) ** Pick up where we left off (curnum), in case we ** used up all the children last time without finishing. ** This give a round-robin fairness to queue runs. + ** + ** Increment CurRunners before calling run_work_group() + ** to avoid a "race condition" with proc_list_drop() which + ** decrements CurRunners if the queue runners terminate. + ** This actually doesn't cause any harm, but CurRunners + ** might become negative which is at least confusing. + ** + ** Notice: CurRunners is an upper limit, in some cases + ** (too few jobs in the queue) this value is larger than + ** the actual number of queue runners. The discrepancy can + ** increase if some queue runners "hang" for a long time. */ + CurRunners += WorkGrp[curnum].wg_maxact; ret = run_work_group(curnum, forkflag, verbose, persistent, runall); /* ** Failure means a message was printed for ETRN ** and subsequent queues are likely to fail as well. + ** Decrement CurRunners in that case because + ** none have been started. */ if (!ret) + { + CurRunners -= WorkGrp[curnum].wg_maxact; break; + } - /* Success means the runner count needs to be updated. */ - CurRunners += WorkGrp[curnum].wg_maxact; if (!persistent) schedule_queue_runs(runall, curnum, true); INCR_MOD(curnum, NumWorkGroups); @@ -2000,6 +2015,24 @@ run_work_group(wgrp, forkflag, verbose, persistent, runall) maxrunners = njobs; for (loop = 0; loop < maxrunners; loop++) { +#if _FFR_NONSTOP_PERSISTENCE + /* + ** Require a free "slot" before processing + ** this queue runner. + */ + + while (MaxQueueChildren > 0 && + CurChildren > MaxQueueChildren) + { + int status; + pid_t ret; + + while ((ret = sm_wait(&status)) <= 0) + continue; + proc_list_drop(ret, status, NULL); + } +#endif /* _FFR_NONSTOP_PERSISTENCE */ + /* ** Since the delivery may happen in a child and the ** parent does not wait, the parent may close the @@ -2083,6 +2116,7 @@ run_work_group(wgrp, forkflag, verbose, persistent, runall) sm_releasesignal(SIGCHLD); +#if !_FFR_NONSTOP_PERSISTENCE /* ** Wait until all of the runners have completed before ** seeing if there is another queue group in the @@ -2101,6 +2135,7 @@ run_work_group(wgrp, forkflag, verbose, persistent, runall) continue; proc_list_drop(ret, status, NULL); } +#endif /* !_FFR_NONSTOP_PERSISTENCE */ } else { @@ -5632,21 +5667,33 @@ setnewqueue(e) /* not set somewhere else */ if (e->e_qgrp == NOQGRP) { + ADDRESS *q; + /* - ** Use the queue group of the first recipient, as set by + ** Use the queue group of the "first" recipient, as set by ** the "queuegroup" rule set. If that is not defined, then ** use the queue group of the mailer of the first recipient. ** If that is not defined either, then use the default ** queue group. + ** Notice: "first" depends on the sorting of sendqueue + ** in recipient(). + ** To avoid problems with "bad" recipients look + ** for a valid address first. */ - if (e->e_sendqueue == NULL) + q = e->e_sendqueue; + while (q != NULL && + (QS_IS_BADADDR(q->q_state) || QS_IS_DEAD(q->q_state))) + { + q = q->q_next; + } + if (q == NULL) e->e_qgrp = 0; - else if (e->e_sendqueue->q_qgrp >= 0) - e->e_qgrp = e->e_sendqueue->q_qgrp; - else if (e->e_sendqueue->q_mailer != NULL && - ISVALIDQGRP(e->e_sendqueue->q_mailer->m_qgrp)) - e->e_qgrp = e->e_sendqueue->q_mailer->m_qgrp; + else if (q->q_qgrp >= 0) + e->e_qgrp = q->q_qgrp; + else if (q->q_mailer != NULL && + ISVALIDQGRP(q->q_mailer->m_qgrp)) + e->e_qgrp = q->q_mailer->m_qgrp; else e->e_qgrp = 0; e->e_dfqgrp = e->e_qgrp; @@ -7670,6 +7717,7 @@ split_across_queue_groups(e) ENVELOPE *e; { int naddrs, nsplits, i; + bool changed; char **pvp; ADDRESS *q, **addrs; ENVELOPE *ee, *es; @@ -7680,6 +7728,7 @@ split_across_queue_groups(e) /* Count addresses and assign queue groups. */ naddrs = 0; + changed = false; for (q = e->e_sendqueue; q != NULL; q = q->q_next) { if (QS_IS_DEAD(q->q_state)) @@ -7704,6 +7753,7 @@ split_across_queue_groups(e) if (ISVALIDQGRP(i)) { q->q_qgrp = i; + changed = true; if (tTd(20, 4)) sm_syslog(LOG_INFO, NOQID, "queue group name %s -> %d", @@ -7717,7 +7767,10 @@ split_across_queue_groups(e) } if (q->q_mailer != NULL && ISVALIDQGRP(q->q_mailer->m_qgrp)) + { + changed = true; q->q_qgrp = q->q_mailer->m_qgrp; + } else if (ISVALIDQGRP(e->e_qgrp)) q->q_qgrp = e->e_qgrp; else @@ -7726,7 +7779,7 @@ split_across_queue_groups(e) } /* only one address? nothing to split. */ - if (naddrs <= 1) + if (naddrs <= 1 && !changed) return SM_SPLIT_NONE; /* sort the addresses by queue group */ diff --git a/contrib/sendmail/src/readcf.c b/contrib/sendmail/src/readcf.c index 31810a2a5580..fbfdef136079 100644 --- a/contrib/sendmail/src/readcf.c +++ b/contrib/sendmail/src/readcf.c @@ -13,7 +13,7 @@ #include -SM_RCSID("@(#)$Id: readcf.c,v 8.607 2002/06/14 16:57:32 ca Exp $") +SM_RCSID("@(#)$Id: readcf.c,v 8.607.2.2 2002/08/19 21:50:49 gshapiro Exp $") #if NETINET || NETINET6 # include @@ -2039,11 +2039,11 @@ static struct optioninfo #define O_SRVCERTFILE 0xb4 { "ServerCertFile", O_SRVCERTFILE, OI_NONE }, #define O_SRVKEYFILE 0xb5 - { "Serverkeyfile", O_SRVKEYFILE, OI_NONE }, + { "ServerKeyFile", O_SRVKEYFILE, OI_NONE }, #define O_CLTCERTFILE 0xb6 { "ClientCertFile", O_CLTCERTFILE, OI_NONE }, #define O_CLTKEYFILE 0xb7 - { "Clientkeyfile", O_CLTKEYFILE, OI_NONE }, + { "ClientKeyFile", O_CLTKEYFILE, OI_NONE }, #define O_CACERTFILE 0xb8 { "CACERTFile", O_CACERTFILE, OI_NONE }, #define O_CACERTPATH 0xb9 @@ -4101,7 +4101,6 @@ settimeout(name, val, sticky) TimeOuts.to_q_return[TOC_NONURGENT] = toval; break; - case TO_HOSTSTATUS: MciInfoTimeout = toval; break; diff --git a/contrib/sendmail/src/sasl.c b/contrib/sendmail/src/sasl.c index f6aa5defc49a..b172677c5149 100644 --- a/contrib/sendmail/src/sasl.c +++ b/contrib/sendmail/src/sasl.c @@ -9,7 +9,7 @@ */ #include -SM_RCSID("@(#)$Id: sasl.c,v 8.19 2002/06/12 15:06:12 ca Exp $") +SM_RCSID("@(#)$Id: sasl.c,v 8.19.2.1 2002/07/13 18:04:56 ca Exp $") #if SASL # include @@ -208,7 +208,7 @@ intersect(s1, s2, rpool) # if SASL >= 20000 /* ** IPTOSTRING -- create string for SASL_IP*PORT property -** (borrowed from lib/iptostring.c in Cyrus-IMAP) +** (borrowed from lib/iptostring.c in Cyrus-IMAP) ** ** Parameters: ** addr -- (pointer to) socket address diff --git a/contrib/sendmail/src/sendmail.h b/contrib/sendmail/src/sendmail.h index 544e54ea3b72..7dc34fa4903c 100644 --- a/contrib/sendmail/src/sendmail.h +++ b/contrib/sendmail/src/sendmail.h @@ -48,7 +48,7 @@ #ifdef _DEFINE # ifndef lint -SM_UNUSED(static char SmailId[]) = "@(#)$Id: sendmail.h,v 8.919.2.1 2002/06/21 20:25:22 ca Exp $"; +SM_UNUSED(static char SmailId[]) = "@(#)$Id: sendmail.h,v 8.919.2.4 2002/08/16 14:56:01 ca Exp $"; # endif /* ! lint */ #endif /* _DEFINE */ @@ -293,6 +293,7 @@ typedef struct address ADDRESS; #define QS_REMOVED 12 /* removed (removefromlist()) */ #define QS_DUPLICATE 13 /* duplicate suppressed */ #define QS_INCLUDED 14 /* :include: delivery */ +#define QS_FATALERR 15 /* fatal error, don't deliver */ /* address state testing primitives */ #define QS_IS_OK(s) ((s) == QS_OK) @@ -905,34 +906,34 @@ struct envelope }; /* values for e_flags */ -#define EF_OLDSTYLE 0x0000001L /* use spaces (not commas) in hdrs */ -#define EF_INQUEUE 0x0000002L /* this message is fully queued */ -#define EF_NO_BODY_RETN 0x0000004L /* omit message body on error */ -#define EF_CLRQUEUE 0x0000008L /* disk copy is no longer needed */ -#define EF_SENDRECEIPT 0x0000010L /* send a return receipt */ -#define EF_FATALERRS 0x0000020L /* fatal errors occurred */ -#define EF_DELETE_BCC 0x0000040L /* delete Bcc: headers entirely */ -#define EF_RESPONSE 0x0000080L /* this is an error or return receipt */ -#define EF_RESENT 0x0000100L /* this message is being forwarded */ -#define EF_VRFYONLY 0x0000200L /* verify only (don't expand aliases) */ -#define EF_WARNING 0x0000400L /* warning message has been sent */ -#define EF_QUEUERUN 0x0000800L /* this envelope is from queue */ -#define EF_GLOBALERRS 0x0001000L /* treat errors as global */ -#define EF_PM_NOTIFY 0x0002000L /* send return mail to postmaster */ -#define EF_METOO 0x0004000L /* send to me too */ -#define EF_LOGSENDER 0x0008000L /* need to log the sender */ -#define EF_NORECEIPT 0x0010000L /* suppress all return-receipts */ -#define EF_HAS8BIT 0x0020000L /* at least one 8-bit char in body */ -#define EF_NL_NOT_EOL 0x0040000L /* don't accept raw NL as EOLine */ -#define EF_CRLF_NOT_EOL 0x0080000L /* don't accept CR-LF as EOLine */ -#define EF_RET_PARAM 0x0100000L /* RCPT command had RET argument */ -#define EF_HAS_DF 0x0200000L /* set when data file is instantiated */ -#define EF_IS_MIME 0x0400000L /* really is a MIME message */ -#define EF_DONT_MIME 0x0800000L /* never MIME this message */ -#define EF_DISCARD 0x1000000L /* discard the message */ -#define EF_TOOBIG 0x2000000L /* message is too big */ -#define EF_SPLIT 0x4000000L /* envelope has been split */ -#define EF_UNSAFE 0x8000000L /* unsafe: read from untrusted source */ +#define EF_OLDSTYLE 0x00000001L /* use spaces (not commas) in hdrs */ +#define EF_INQUEUE 0x00000002L /* this message is fully queued */ +#define EF_NO_BODY_RETN 0x00000004L /* omit message body on error */ +#define EF_CLRQUEUE 0x00000008L /* disk copy is no longer needed */ +#define EF_SENDRECEIPT 0x00000010L /* send a return receipt */ +#define EF_FATALERRS 0x00000020L /* fatal errors occurred */ +#define EF_DELETE_BCC 0x00000040L /* delete Bcc: headers entirely */ +#define EF_RESPONSE 0x00000080L /* this is an error or return receipt */ +#define EF_RESENT 0x00000100L /* this message is being forwarded */ +#define EF_VRFYONLY 0x00000200L /* verify only (don't expand aliases) */ +#define EF_WARNING 0x00000400L /* warning message has been sent */ +#define EF_QUEUERUN 0x00000800L /* this envelope is from queue */ +#define EF_GLOBALERRS 0x00001000L /* treat errors as global */ +#define EF_PM_NOTIFY 0x00002000L /* send return mail to postmaster */ +#define EF_METOO 0x00004000L /* send to me too */ +#define EF_LOGSENDER 0x00008000L /* need to log the sender */ +#define EF_NORECEIPT 0x00010000L /* suppress all return-receipts */ +#define EF_HAS8BIT 0x00020000L /* at least one 8-bit char in body */ +#define EF_NL_NOT_EOL 0x00040000L /* don't accept raw NL as EOLine */ +#define EF_CRLF_NOT_EOL 0x00080000L /* don't accept CR-LF as EOLine */ +#define EF_RET_PARAM 0x00100000L /* RCPT command had RET argument */ +#define EF_HAS_DF 0x00200000L /* set when data file is instantiated */ +#define EF_IS_MIME 0x00400000L /* really is a MIME message */ +#define EF_DONT_MIME 0x00800000L /* never MIME this message */ +#define EF_DISCARD 0x01000000L /* discard the message */ +#define EF_TOOBIG 0x02000000L /* message is too big */ +#define EF_SPLIT 0x04000000L /* envelope has been split */ +#define EF_UNSAFE 0x08000000L /* unsafe: read from untrusted source */ #define DLVR_NOTIFY 0x01 #define DLVR_RETURN 0x02 @@ -1086,7 +1087,7 @@ extern int macid_parse __P((char *, char **)); #define macid(name) macid_parse(name, NULL) extern char *macname __P((int)); extern char *macvalue __P((int, ENVELOPE *)); -extern int rscheck __P((char *, char *, char *, ENVELOPE *, bool, bool, int, char *, char *)); +extern int rscheck __P((char *, char *, char *, ENVELOPE *, int, int, char *, char *)); extern int rscap __P((char *, char *, char *, ENVELOPE *, char ***, char *, int)); extern void setclass __P((int, char *)); extern int strtorwset __P((char *, char **, int)); @@ -1562,6 +1563,13 @@ EXTERN unsigned long PrivacyFlags; /* privacy flags */ #define RF_COPYALL (RF_COPYPARSE|RF_COPYPADDR) #define RF_COPYNONE 0 +/* +** Flags passed to rscheck +*/ + +#define RSF_RMCOMM 0x0001 /* strip comments */ +#define RSF_UNSTRUCTURED 0x0002 /* unstructured, ignore syntax errors */ +#define RSF_COUNT 0x0004 /* count rejections (statistics)? */ /* ** Flags passed to mime8to7 and putheader. diff --git a/contrib/sendmail/src/sfsasl.c b/contrib/sendmail/src/sfsasl.c index 53d72764f267..dc8742913f56 100644 --- a/contrib/sendmail/src/sfsasl.c +++ b/contrib/sendmail/src/sfsasl.c @@ -9,7 +9,7 @@ */ #include -SM_RCSID("@(#)$Id: sfsasl.c,v 8.91 2002/06/07 00:06:27 geir Exp $") +SM_RCSID("@(#)$Id: sfsasl.c,v 8.91.2.1 2002/08/27 01:35:17 ca Exp $") #include #include #include @@ -557,9 +557,19 @@ tls_read(fp, buf, size) */ break; case SSL_ERROR_SSL: +#if _FFR_DEAL_WITH_ERROR_SSL + if (r == 0 && errno == 0) /* out of protocol EOF found */ + break; +#endif /* _FFR_DEAL_WITH_ERROR_SSL */ err = "generic SSL error"; if (LogLevel > 9) tlslogerr("read"); + +#if _FFR_DEAL_WITH_ERROR_SSL + /* avoid repeated calls? */ + if (r == 0) + r = -1; +#endif /* _FFR_DEAL_WITH_ERROR_SSL */ break; } if (err != NULL) @@ -646,6 +656,12 @@ tls_write(fp, buf, size) */ if (LogLevel > 9) tlslogerr("write"); + +#if _FFR_DEAL_WITH_ERROR_SSL + /* avoid repeated calls? */ + if (r == 0) + r = -1; +#endif /* _FFR_DEAL_WITH_ERROR_SSL */ break; } if (err != NULL) diff --git a/contrib/sendmail/src/srvrsmtp.c b/contrib/sendmail/src/srvrsmtp.c index dd14ffa7b269..8bbc02987e17 100644 --- a/contrib/sendmail/src/srvrsmtp.c +++ b/contrib/sendmail/src/srvrsmtp.c @@ -16,7 +16,7 @@ # include #endif /* MILTER */ -SM_RCSID("@(#)$Id: srvrsmtp.c,v 8.829 2002/06/17 21:54:57 gshapiro Exp $") +SM_RCSID("@(#)$Id: srvrsmtp.c,v 8.829.2.4 2002/08/16 14:56:01 ca Exp $") #if SASL || STARTTLS # include @@ -382,9 +382,9 @@ smtp(nullserver, d_flags, e) char *user; char *in, *out2; # if SASL >= 20000 - char *auth_id; + char *auth_id; const char *out; - sasl_ssf_t ext_ssf; + sasl_ssf_t ext_ssf; # else /* SASL >= 20000 */ char *out; const char *errstr; @@ -654,7 +654,7 @@ smtp(nullserver, d_flags, e) sasl_ok = ((sasl_setprop(conn, SASL_SSF_EXTERNAL, &ext_ssf) == SASL_OK) && (sasl_setprop(conn, SASL_AUTH_EXTERNAL, - auth_id) == SASL_OK)); + auth_id) == SASL_OK)); # else /* SASL >= 20000 */ ext_ssf.ssf = 0; ext_ssf.auth_id = NULL; @@ -1296,7 +1296,7 @@ smtp(nullserver, d_flags, e) /* could this be shorter? XXX */ # if SASL >= 20000 in = xalloc(strlen(q) + 1); - result = sasl_decode64(q, strlen(q), in, + result = sasl_decode64(q, strlen(q), in, strlen(q), &inlen); # else /* SASL >= 20000 */ in = sm_rpool_malloc(e->e_rpool, strlen(q)); @@ -1329,7 +1329,7 @@ smtp(nullserver, d_flags, e) /* see if that auth type exists */ # if SASL >= 20000 - result = sasl_server_start(conn, p, in, inlen, + result = sasl_server_start(conn, p, in, inlen, &out, &outlen); if (in != NULL) sm_free(in); @@ -1597,8 +1597,9 @@ smtp(nullserver, d_flags, e) QuickAbort = false; if (rscheck("tls_client", macvalue(macid("{verify}"), e), - "STARTTLS", e, true, true, 5, - NULL, NOQID) != EX_OK || + "STARTTLS", e, + RSF_RMCOMM|RSF_COUNT, + 5, NULL, NOQID) != EX_OK || Errors > 0) { extern char MsgBuf[]; @@ -1621,9 +1622,9 @@ smtp(nullserver, d_flags, e) s = macvalue(macid("{cipher_bits}"), e); # if SASL >= 20000 if (s != NULL && (ext_ssf = atoi(s)) > 0) - { + { auth_id = macvalue(macid("{cert_subject}"), - e); + e); sasl_ok = ((sasl_setprop(conn, SASL_SSF_EXTERNAL, &ext_ssf) == SASL_OK) && (sasl_setprop(conn, SASL_AUTH_EXTERNAL, @@ -2133,8 +2134,8 @@ smtp(nullserver, d_flags, e) e->e_from.q_paddr); #endif /* _FFR_MAIL_MACRO */ if (rscheck("check_mail", addr, - NULL, e, true, true, 3, NULL, - e->e_id) != EX_OK || + NULL, e, RSF_RMCOMM|RSF_COUNT, 3, + NULL, e->e_id) != EX_OK || Errors > 0) sm_exc_raisenew_x(&EtypeQuickAbort, 1); macdefine(&e->e_macro, A_PERM, @@ -2373,13 +2374,17 @@ smtp(nullserver, d_flags, e) macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), "e r"); if (rscheck("check_rcpt", addr, - NULL, e, true, true, 3, NULL, - e->e_id) != EX_OK || + NULL, e, RSF_RMCOMM|RSF_COUNT, 3, + NULL, e->e_id) != EX_OK || Errors > 0) goto rcpt_done; macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), NULL); + /* If discarding, don't bother to verify user */ + if (bitset(EF_DISCARD, e->e_flags)) + a->q_state = QS_VERIFIED; + #if MILTER if (smtp.sm_milterlist && smtp.sm_milterize && !bitset(EF_DISCARD, e->e_flags)) @@ -2528,8 +2533,8 @@ smtp(nullserver, d_flags, e) { /* do config file checking of the address */ if (rscheck(vrfy ? "check_vrfy" : "check_expn", - p, NULL, e, true, false, 3, NULL, - NOQID) != EX_OK || + p, NULL, e, RSF_RMCOMM, + 3, NULL, NOQID) != EX_OK || Errors > 0) sm_exc_raisenew_x(&EtypeQuickAbort, 1); (void) sendtolist(p, NULLADDR, &vrfyqueue, 0, e); @@ -2624,8 +2629,9 @@ smtp(nullserver, d_flags, e) ** available to make a decision. */ - if (rscheck("check_etrn", p, NULL, e, true, false, 3, - NULL, NOQID) != EX_OK || Errors > 0) + if (rscheck("check_etrn", p, NULL, e, + RSF_RMCOMM, 3, NULL, NOQID) != EX_OK || + Errors > 0) break; if (LogLevel > 5) @@ -2883,7 +2889,8 @@ smtp_data(smtp, e) } (void) sm_snprintf(buf, sizeof buf, "%u", smtp->sm_nrcpts); if (rscheck("check_data", buf, NULL, e, - true, false, 3, NULL, e->e_id) != EX_OK) + RSF_RMCOMM|RSF_UNSTRUCTURED|RSF_COUNT, 3, NULL, + e->e_id) != EX_OK) return; /* put back discard bit */ @@ -2926,8 +2933,8 @@ smtp_data(smtp, e) #if _FFR_CHECK_EOM /* rscheck() will set Errors or EF_DISCARD if it trips */ - (void) rscheck("check_eom", buf, NULL, e, false, - true, 3, NULL, e->e_id); + (void) rscheck("check_eom", buf, NULL, e, RSF_UNSTRUCTURED|RSF_COUNT, + 3, NULL, e->e_id); #endif /* _FFR_CHECK_EOM */ #if MILTER @@ -3593,8 +3600,8 @@ mail_esmtp_args(kp, vp, e) SuprErrs = true; QuickAbort = false; if (strcmp(auth_param, "<>") != 0 && - (rscheck("trust_auth", pbuf, NULL, e, true, false, 9, - NULL, NOQID) != EX_OK || Errors > 0)) + (rscheck("trust_auth", pbuf, NULL, e, RSF_RMCOMM, + 9, NULL, NOQID) != EX_OK || Errors > 0)) { if (tTd(95, 8)) { diff --git a/contrib/sendmail/src/usersmtp.c b/contrib/sendmail/src/usersmtp.c index 2ec9ac49d402..931e6b3408dc 100644 --- a/contrib/sendmail/src/usersmtp.c +++ b/contrib/sendmail/src/usersmtp.c @@ -13,7 +13,7 @@ #include -SM_RCSID("@(#)$Id: usersmtp.c,v 8.437 2002/05/24 18:53:48 gshapiro Exp $") +SM_RCSID("@(#)$Id: usersmtp.c,v 8.437.2.5 2002/08/16 16:48:11 ca Exp $") #include @@ -918,14 +918,14 @@ getauth(mci, e, sai) /* '=base64' (decode) */ # if SASL >= 20000 - r = sasl_decode64(pvp[i + 1] + 3, + ret = sasl_decode64(pvp[i + 1] + 3, (unsigned int) l, (*sai)[r], (unsigned int) l + 1, &len); # else /* SASL >= 20000 */ - r = sasl_decode64(pvp[i + 1] + 3, + ret = sasl_decode64(pvp[i + 1] + 3, (unsigned int) l, (*sai)[r], &len); # endif /* SASL >= 20000 */ - if (r != SASL_OK) + if (ret != SASL_OK) goto fail; got |= 1 << r; } @@ -938,6 +938,7 @@ getauth(mci, e, sai) } /* did we get the expected data? */ + /* XXX: EXTERNAL mechanism only requires (and only uses) SASL_USER */ if (!(bitset(SASL_USER_BIT|SASL_AUTHID_BIT, got) && bitset(SASL_PASSWORD_BIT, got))) goto fail; @@ -1571,8 +1572,8 @@ attemptauth(m, mci, e, sai) /* make a new client sasl connection */ # if SASL >= 20000 - saslresult = sasl_client_new(bitnset(M_LMTP, m->m_flags) ? "lmtp" - : "smtp", + saslresult = sasl_client_new(bitnset(M_LMTP, m->m_flags) ? "lmtp" + : "smtp", CurHostName, NULL, NULL, NULL, 0, &mci->mci_conn); # else /* SASL >= 20000 */ @@ -1733,7 +1734,14 @@ attemptauth(m, mci, e, sai) (*sai)[SASL_MECH] = mechusing; /* send the info across the wire */ - if (out == NULL) + if (out == NULL +#if _FFR_SASL_INITIAL_WORKAROUND + /* login and digest-md5 up to 1.5.28 set out="" */ + || (outlen == 0 && + (sm_strcasecmp(mechusing, "LOGIN") == 0 || + sm_strcasecmp(mechusing, "DIGEST-MD5") == 0)) +#endif /* _FFR_SASL_INITIAL_WORKAROUND */ + ) { /* no initial response */ smtpmessage("AUTH %s", m, mci, mechusing); diff --git a/contrib/sendmail/src/version.c b/contrib/sendmail/src/version.c index 3600b84ef045..882233357f83 100644 --- a/contrib/sendmail/src/version.c +++ b/contrib/sendmail/src/version.c @@ -13,6 +13,6 @@ #include -SM_RCSID("@(#)$Id: version.c,v 8.104.2.2 2002/06/25 22:51:53 ca Exp $") +SM_RCSID("@(#)$Id: version.c,v 8.104.2.5 2002/08/24 16:27:21 ca Exp $") -char Version[] = "8.12.5"; +char Version[] = "8.12.6"; diff --git a/contrib/sendmail/vacation/vacation.c b/contrib/sendmail/vacation/vacation.c index ab4f4e8bc33e..4a7a4c15ce16 100644 --- a/contrib/sendmail/vacation/vacation.c +++ b/contrib/sendmail/vacation/vacation.c @@ -20,7 +20,7 @@ SM_IDSTR(copyright, The Regents of the University of California. All rights reserved.\n\ Copyright (c) 1983 Eric P. Allman. All rights reserved.\n") -SM_IDSTR(id, "@(#)$Id: vacation.c,v 8.137 2002/04/22 18:48:12 gshapiro Exp $") +SM_IDSTR(id, "@(#)$Id: vacation.c,v 8.137.2.1 2002/08/15 16:23:08 gshapiro Exp $") #include