diff --git a/contrib/sendmail/PGPKEYS b/contrib/sendmail/PGPKEYS index 11654e967861..35f3a5a45c96 100644 --- a/contrib/sendmail/PGPKEYS +++ b/contrib/sendmail/PGPKEYS @@ -3,6 +3,7 @@ sendmail. You can add them to your PGP keyring using: PGP 2.X: pgp -ka PGPKEYS PGP 5.X: pgpk -a PGPKEYS +GPG: gpg --import PGPKEYS Other versions of PGP may require you to separate each key into a separate file and add them one at a time. @@ -87,6 +88,53 @@ y+PVZ1MwnEXfTQReVSla0AAOIRirHEh4YnUVZzFSNEJqoDRZQwVd7Q== =shxn -----END PGP PUBLIC KEY BLOCK----- +Type Bits KeyID Created Expires Algorithm Use +pub 1024 0x396F0789 2003-01-15 ---------- RSA Sign & Encrypt + Key fingerprint = C4 73 DF 4A 97 9C 27 A9 EE 4F B2 BD 55 B5 E0 0F +uid Sendmail Signing Key/2003 + +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.2.1 (FreeBSD) + +mQCNAz4ktksAAAEEAM9Vrk1RpJV8oPwEUPPbqUY14VYc/LY5JQYV8ZU704C4c65D +L7VRxnO1U2FcJsd8IXz0Dd8xf5r5x3HMj00zEYe4x89gUEBW8bUODL3oH5Ww9064 +2Cxlq7qK3nNPtct4QrXTadg378CJrsgVQ3V/L1Zaj1Tt7J2PByGD4bE5bweJAAUT +tDFTZW5kbWFpbCBTaWduaW5nIEtleS8yMDAzIDxzZW5kbWFpbEBTZW5kbWFpbC5P +Ukc+iQCVAwUQPiS2SyGD4bE5bweJAQHbfAQAixSSHRd464OikvI7cPBkCVG7v/jo +n3/jc3fbOD3Y2jO+1L5K7SswDh2DwHfSx1BiUvhJutQPLbHv0SmrJwPQwR/DTi2e +PQV0dCx1rv+ztRjXaE7tLA5XsS8RTiBXfQRNamxUqPVA1hCAl6ulBbZ+uIGG8F6H +LgRV8jvNqjDxcKyJAJUDBRM+JLd071iWZNQy4Z0BATagBACq7IebGrBRDJtwPcps +O2K9eb1PPkMg57MYE5OmnNgMnMtVWBnMz+V+7Dg+72Hh+B8AL+0tRLNFxCWCr8Q0 +iW08kzgKA891NyZcvGyYCGr1vbaxGpHcb8wdgLE/2nu5E5poksA1x+Bo+ojJga17 +r5XKiOoSIR3ubyAtm4PrXlo14okAlQMFEz4kt8bBnB0lEtNGHQEBa6oEALajY9IY +M8zZkuuGNvZvjYKX1wt+TQwobFPOucx8RPT2NENF2jg+tstaansWBEXtFBbJO4Pw +MkbGrSirdUMjy20SZKZV9SbVUtT3JbZjrD844N7emc97DNZNd5p52FjSX3518U8A +e8p0K8+L4/o/P0UnEJodz+u6gTDPSlPJwJamiQCVAwUTPiS37m9Sk9ijm6ZVAQH4 +mAP/ZccU08EeDnjwGXAIYXNRTxxdfmlyR1GvCinrDrKBfdoNSzzHkwHIwWsXuMkg +mEcGeXNlXxBsEJTiBuXbKOyxnjMhxBX02mFgMNyYjcy9Vu7+zXiJSUgSAVlwontm +083bNqH1yoE+fwF9xWQX3UVMvkQXS1yAKuE457GvflnEkjGJAJUDBRM+JLgFnBy9 +4uNcVjUBAfSZBACZAHhb+RCbihhAvk5LMgNznUkKEU+p002FQpk5+hMSDI+nVwTK +D/2XdZe1P6hrKxJGWXjp0BXmZAonZB15b8DgdLDyCqTv+RLVPKTnpj+sGsBaq972 +ZU4CiWVeXzxUoqV81lrHrox1kdgJ1vZ6015Xhnk8WdHrFGmB6s/l9ixTqYkAlQMF +Ez4kuA44IttHzDdPLQEBsbsD/iKHrN0wAUWjxEMWvuH4KhtBgJc2D6B+tU1iMaVc +Fx9rKPMAgNrufOwMyFd/QaRHwQHPZx64FDlmyUEMiTw3VDNkPuqqjKJ+Cp8Bbzyt +Xgqnlqv3b2UhVB6hZhiMZAhlR/EqBNdEY6nYy2t8YS9zX0O6tjY+0bNU5uadXkYr +7D3YiQCVAwUTPiS4GolpYrhnjAoDAQEstQP8C4jFy6PVU9Hu71pVQJ6BemCi2c4M +WzktX//DPcJOR/rVyDAdxqTMnq8BRRDGwoNgcd3RYEhXriVWxlIqioSVgRPQHRxS +lLk11k0Hdt0W485XxXDU/1omxdeHWo+tNU0XBNEW3yn5h8SQLpla2ZpBxspKpiMa +TrlBLymoNi8MzruJAJUDBRM+JLgkfEtnbaAOFWMBATxFA/9XNnyggYxIsdfO2Q2s +Ea3/G/qLuq6Yh3xFE3dWdWiAglXrrqRaDN07UPI1gSOX+ZLxwxhsBQg0l6+gNQ/A +RYKzO8e9mHaNSJBHTeb+j/6+ku8KNeAa6RBkWDi0OgMl1uVzc+Mmc08huOS78UJI +c76tDuFvf86HlIEXLHeKE9xwwIkAlQMFEz4kuD7AKcpAFvTM6QEBAlYEAJ17jgMR +241DJIiYRp/VSEBOHb6YMqQCX5MQy2nFlg54Sv6cnEbbBh75McM3t11q10pBHqZH +8Tld6RQIXwmtSRxmORxpitPDl2L5IybqpBj1TzdxwPC6CL4dGJLTDAp3+U9OLdvG +12GCKplT9viigapaOUdjG188rAYH8yExwNv8iQCVAwUTPiS4ldbgof5PvirdAQF9 +PgP8DrP0iuPCCK09P56ICm6zydYZ3WbU75zquW501Q55Q/GHWyDXS68YlJr5LyBG +vZqVhxjmtSqM2T0Rmsg/xz443kEwvu5AYRZNIdOwCAuU6hnZJGPIWqZ+e6oAFQK3 +yA0WPZiRKE5lciWqgWlan38jN/JkzwOeUsExJjRmj2AF7cI= +=lYWm +-----END PGP PUBLIC KEY BLOCK----- + Type Bits KeyID Created Expires Algorithm Use sec+ 1024 0x678C0A03 2001-12-18 ---------- RSA Sign & Encrypt f16 Fingerprint16 = 7B 02 F4 AA FC C0 22 DA 47 3E 2A 9A 9B 35 22 45 @@ -904,4 +952,4 @@ SIXqPke2iCW6+zdG1T/gS5T9T9/Lf2c9FQf0FjURAi3ynDA2RBLA5FDsI8v3 =dbDm -----END PGP PUBLIC KEY BLOCK----- -$Revision: 8.13 $, Last updated $Date: 2001/12/19 19:10:01 $ +$Revision: 8.13.2.2 $, Last updated $Date: 2003/01/15 01:55:04 $ diff --git a/contrib/sendmail/RELEASE_NOTES b/contrib/sendmail/RELEASE_NOTES index f5bc81ec03cd..c499d543e0ed 100644 --- a/contrib/sendmail/RELEASE_NOTES +++ b/contrib/sendmail/RELEASE_NOTES @@ -1,11 +1,31 @@ SENDMAIL RELEASE NOTES - $Id: RELEASE_NOTES,v 8.1340.2.100 2002/12/28 19:47:00 ca Exp $ + $Id: RELEASE_NOTES,v 8.1340.2.113 2003/02/11 19:17:41 gshapiro Exp $ This listing shows the version of the sendmail binary, the version of the sendmail configuration files, the date of release, and a summary of the changes in that release. +8.12.8/8.12.8 2003/02/11 + SECURITY: Fix a remote buffer overflow in header parsing by + dropping sender and recipient header comments if the + comments are too long. Problem noted by Mark Dowd + of ISS X-Force. + Fix a potential non-exploitable buffer overflow in parsing the + .cf queue settings and potential buffer underflow in + parsing ident responses. Problem noted by Yichen Xie of + Stanford University Compilation Group. + Fix ETRN #queuegroup command: actually start a queue run for + the selected queue group. Problem noted by Jos Vos. + If MaxMimeHeaderLength is set and a malformed MIME header is fixed, + log the fixup as "Fixed MIME header" instead of "Truncated + MIME header". Problem noted by Ian J Hart. + CONFIG: Fix regression bug in proto.m4 that caused a bogus + error message: "FEATURE() should be before MAILER()". + MAIL.LOCAL: Be more explicit in some error cases, i.e., whether + a mailbox has more than one link or whether it is not + a regular file. Patch from John Beck of Sun Microsystems. + 8.12.7/8.12.7 2002/12/29 Properly clean up macros to avoid persistence of session data across various connections. This could cause session @@ -60,7 +80,7 @@ summary of the changes in that release. If -f "" is specified, set the sender address to "<>". Problem noted by Matthias Andree. Fix formatting problem of footnotes for plain text output on some - versions of tmac. Patch from Per Hedeland of Ericsson. + versions of tmac. Patch from Per Hedeland. Portability: Berkeley DB 4.1 support (requires at least 4.1.25). Some getopt(3) implementations in GNU/Linux are broken diff --git a/contrib/sendmail/cf/README b/contrib/sendmail/cf/README index 167d6a4a3f48..dceb1bc5bb7c 100644 --- a/contrib/sendmail/cf/README +++ b/contrib/sendmail/cf/README @@ -630,8 +630,8 @@ procmail An interface to procmail (does not come with sendmail). ! -oi -f $1 person@other.host This would arrange for (anything)@host.com to be sent - to person@other.host. Within the procmail script, $1 is - the name of the sender and $2 is the name of the recipient. + to person@other.host. In a procmail script, $1 is the + name of the sender and $2 is the name of the recipient. If you use this with FEATURE(`local_procmail'), the FEATURE should be listed first. @@ -1256,7 +1256,13 @@ dnsbl Turns on rejection of hosts found in an DNS based rejection define(`DNSBL_MAP', `dns -R A') before the first use of this feature. Alternatively you - can use enhdnsbl instead (see below). + can use enhdnsbl instead (see below). Moreover, this + statement can be used to reduce the number of DNS retries, + e.g., + + define(`DNSBL_MAP', `dns -R A -r2') + + See below (EDNSBL_TO) for an explanation. NOTE: The default DNS blacklist, blackholes.mail-abuse.org, is a service offered by the Mail Abuse Prevention System @@ -1285,7 +1291,13 @@ enhdnsbl Enhanced version of dnsbl (see above). Further arguments has been compiled with the flag DNSMAP (see sendmail/README). Set the EDNSBL_TO mc option to change the DNS retry count - from the default value of 5. + from the default value of 5, this can be very useful when + a DNS server is not responding, which in turn may cause + clients to time out (an entry stating + + did not issue MAIL/EXPN/VRFY/ETRN + + will be logged). lookupdotdomain Look up also .domain in the access map. This allows to match only subdomains. It does not work well with @@ -2975,7 +2987,10 @@ by the ruleset authinfo or by the option DefaultAuthInfo. The authinfo ruleset looks up {server_name} using the tag AuthInfo: in the access map. If no entry is found, {server_addr} is looked up in the same way and finally just the tag AuthInfo: to provide -default values. +default values. Note: searches for domain parts or IP nets are +only performed if the access map is used; if the authinfo feature +is used then only up to three lookups are performed (two exact +matches, one default). Notice: the default configuration file causes the option DefaultAuthInfo to fail since the ruleset authinfo is in the .cf file. If you really @@ -2997,9 +3012,9 @@ Valid values for the tag are: Example entries are: AuthInfo:other.dom "U:user" "I:user" "P:secret" "R:other.dom" "M:DIGEST-MD5" -AuthInfo:more.dom "U:user" "P=c2VjcmV0" +AuthInfo:host.more.dom "U:user" "P=c2VjcmV0" -User or authentication id must exist as well as the password. All +User id or authentication id must exist as well as the password. All other entries have default values. If one of user or authentication id is missing, the existing value is used for the missing item. If "R:" is not specified, realm defaults to $j. The list of mechanisms @@ -4360,4 +4375,4 @@ M4 DIVERSIONS 8 DNS based blacklists 9 special local rulesets (1 and 2) -$Revision: 8.623.2.18 $, Last updated $Date: 2002/12/29 04:16:51 $ +$Revision: 8.623.2.21 $, Last updated $Date: 2003/01/17 00:36:57 $ diff --git a/contrib/sendmail/cf/cf/submit.cf b/contrib/sendmail/cf/cf/submit.cf index 6024a971836a..216716e0500b 100644 --- a/contrib/sendmail/cf/cf/submit.cf +++ b/contrib/sendmail/cf/cf/submit.cf @@ -32,7 +32,7 @@ ##### $Id: no_default_msa.m4,v 8.2 2001/02/14 05:03:22 gshapiro Exp $ ##### -##### $Id: proto.m4,v 8.649.2.13 2002/12/04 00:12:18 ca Exp $ ##### +##### $Id: proto.m4,v 8.649.2.14 2002/12/30 15:46:02 ca Exp $ ##### # level 10 config file format V10/Berkeley @@ -110,7 +110,7 @@ D{MTAHost}[127.0.0.1] # Configuration version number -DZ8.12.7/Submit +DZ8.12.8/Submit ############### diff --git a/contrib/sendmail/cf/m4/version.m4 b/contrib/sendmail/cf/m4/version.m4 index 40bf18419061..2a886db57f0e 100644 --- a/contrib/sendmail/cf/m4/version.m4 +++ b/contrib/sendmail/cf/m4/version.m4 @@ -1,6 +1,6 @@ divert(-1) # -# Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. +# Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. # All rights reserved. # Copyright (c) 1983 Eric P. Allman. All rights reserved. # Copyright (c) 1988, 1993 @@ -11,8 +11,8 @@ divert(-1) # the sendmail distribution. # # -VERSIONID(`$Id: version.m4,v 8.92.2.11 2002/12/28 19:45:55 ca Exp $') +VERSIONID(`$Id: version.m4,v 8.92.2.14 2003/01/15 17:55:43 ca Exp $') # divert(0) # Configuration version number -DZ8.12.7`'ifdef(`confCF_VERSION', `/confCF_VERSION') +DZ8.12.8`'ifdef(`confCF_VERSION', `/confCF_VERSION') diff --git a/contrib/sendmail/doc/op/op.me b/contrib/sendmail/doc/op/op.me index be3340de2f38..ca967b2a8c03 100644 --- a/contrib/sendmail/doc/op/op.me +++ b/contrib/sendmail/doc/op/op.me @@ -1,4 +1,4 @@ -.\" Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. +.\" Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. .\" All rights reserved. .\" Copyright (c) 1983, 1995 Eric P. Allman. All rights reserved. .\" Copyright (c) 1983, 1993 @@ -9,7 +9,7 @@ .\" the sendmail distribution. .\" .\" -.\" $Id: op.me,v 8.609.2.17 2002/12/18 22:50:15 ca Exp $ +.\" $Id: op.me,v 8.609.2.20 2003/01/15 19:17:16 ca Exp $ .\" .\" eqn op.me | pic | troff -me .\" @@ -90,7 +90,7 @@ Sendmail, Inc. .de Ve Version \\$2 .. -.Ve $Revision: 8.609.2.17 $ +.Ve $Revision: 8.609.2.20 $ .rm Ve .sp For Sendmail Version 8.12 @@ -6819,6 +6819,10 @@ Note that the last mode, .q e , is for Berknet error processing and should not be used in normal circumstances. +Note, too, that mode +.q q , +only applies to errors recognized before sendmail forks for +background delivery. .ip FallbackMXhost=\fIfallbackhost\fP [V] If specified, the @@ -6880,9 +6884,6 @@ If no file name is specified, "helpfile" is used. [c] If an outgoing mailer is marked as being expensive, don't connect immediately. -This requires that queueing be compiled in, -since it will depend on a queue run process to -actually send the mail. .ip HostsFile=\fIpath\fP [no short name] The path to the hosts database, @@ -10754,7 +10755,7 @@ replace it with a blank sheet for double-sided output. .\".sz 10 .\"Eric Allman .\".sp -.\"Version $Revision: 8.609.2.17 $ +.\"Version $Revision: 8.609.2.20 $ .\".ce 0 .bp 3 .ce diff --git a/contrib/sendmail/libmilter/comm.c b/contrib/sendmail/libmilter/comm.c index 707a7ce32a83..aa48cf78791d 100644 --- a/contrib/sendmail/libmilter/comm.c +++ b/contrib/sendmail/libmilter/comm.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1999-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * * By using this file, you agree to the terms and conditions set @@ -9,16 +9,11 @@ */ #include -SM_RCSID("@(#)$Id: comm.c,v 8.54.2.4 2002/12/03 17:32:45 ca Exp $") +SM_RCSID("@(#)$Id: comm.c,v 8.54.2.6 2003/01/03 22:14:40 ca Exp $") #include "libmilter.h" #include -#define FD_Z FD_ZERO(&readset); \ - FD_SET((unsigned int) sd, &readset); \ - FD_ZERO(&excset); \ - FD_SET((unsigned int) sd, &excset) - /* ** MI_RD_CMD -- read a command ** @@ -46,7 +41,7 @@ mi_rd_cmd(sd, timeout, cmd, rlen, name) ssize_t len; mi_int32 expl; ssize_t i; - fd_set readset, excset; + FD_RD_VAR(rds, excs); int ret; int save_errno; char *buf; @@ -58,8 +53,8 @@ mi_rd_cmd(sd, timeout, cmd, rlen, name) i = 0; for (;;) { - FD_Z; - ret = select(sd + 1, &readset, NULL, &excset, timeout); + FD_RD_INIT(sd, rds, excs); + ret = FD_RD_READY(sd, rds, excs, timeout); if (ret == 0) break; else if (ret < 0) @@ -68,7 +63,7 @@ mi_rd_cmd(sd, timeout, cmd, rlen, name) continue; break; } - if (FD_ISSET(sd, &excset)) + if (FD_IS_RD_EXC(sd, rds, excs)) { *cmd = SMFIC_SELECT; return NULL; @@ -131,8 +126,8 @@ mi_rd_cmd(sd, timeout, cmd, rlen, name) i = 0; for (;;) { - FD_Z; - ret = select(sd + 1, &readset, NULL, &excset, timeout); + FD_RD_INIT(sd, rds, excs); + ret = FD_RD_READY(sd, rds, excs, timeout); if (ret == 0) break; else if (ret < 0) @@ -141,7 +136,7 @@ mi_rd_cmd(sd, timeout, cmd, rlen, name) continue; break; } - if (FD_ISSET(sd, &excset)) + if (FD_IS_RD_EXC(sd, rds, excs)) { *cmd = SMFIC_SELECT; free(buf); @@ -223,9 +218,8 @@ mi_rd_cmd(sd, timeout, cmd, rlen, name) #define MI_WR(data) \ while (sl > 0) \ { \ - FD_ZERO(&wrtset); \ - FD_SET((unsigned int) sd, &wrtset); \ - ret = select(sd + 1, NULL, &wrtset, NULL, timeout); \ + FD_WR_INIT(sd, wrs); \ + ret = FD_WR_READY(sd, wrs, timeout); \ if (ret == 0) \ return MI_FAILURE; \ if (ret < 0) \ @@ -259,7 +253,7 @@ mi_wr_cmd(sd, timeout, cmd, buf, len) ssize_t l; mi_int32 nl; int ret; - fd_set wrtset; + FD_WR_VAR(wrs); char data[MILTER_LEN_BYTES + 1]; if (len > MILTER_CHUNK_SIZE) diff --git a/contrib/sendmail/libmilter/docs/smfi_setreply.html b/contrib/sendmail/libmilter/docs/smfi_setreply.html index 29cbbf8dff33..73852f21c4d3 100644 --- a/contrib/sendmail/libmilter/docs/smfi_setreply.html +++ b/contrib/sendmail/libmilter/docs/smfi_setreply.html @@ -23,7 +23,8 @@ Set the default SMTP error reply code. - + diff --git a/contrib/sendmail/libmilter/handler.c b/contrib/sendmail/libmilter/handler.c index 5bbb97b6bf3b..db3cc4645d8d 100644 --- a/contrib/sendmail/libmilter/handler.c +++ b/contrib/sendmail/libmilter/handler.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1999-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * * By using this file, you agree to the terms and conditions set @@ -9,7 +9,7 @@ */ #include -SM_RCSID("@(#)$Id: handler.c,v 8.30.2.2 2002/12/18 23:15:35 ca Exp $") +SM_RCSID("@(#)$Id: handler.c,v 8.30.2.4 2003/01/23 22:28:36 ca Exp $") #include "libmilter.h" diff --git a/contrib/sendmail/libmilter/libmilter.h b/contrib/sendmail/libmilter/libmilter.h index 2b7b791e457a..7ae5bcd1ce0d 100644 --- a/contrib/sendmail/libmilter/libmilter.h +++ b/contrib/sendmail/libmilter/libmilter.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1999-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * * By using this file, you agree to the terms and conditions set @@ -19,7 +19,7 @@ #ifdef _DEFINE # define EXTERN # define INIT(x) = x -SM_IDSTR(MilterlId, "@(#)$Id: libmilter.h,v 8.33.2.7 2002/12/18 23:15:35 ca Exp $") +SM_IDSTR(MilterlId, "@(#)$Id: libmilter.h,v 8.33.2.9 2003/01/03 22:14:40 ca Exp $") #else /* _DEFINE */ # define EXTERN extern # define INIT(x) @@ -49,6 +49,72 @@ typedef pthread_mutex_t smutex_t; # define smutex_unlock(mp) (pthread_mutex_unlock(mp) == 0) # define smutex_trylock(mp) (pthread_mutex_trylock(mp) == 0) +#if _FFR_USE_POLL + +# include +# define MI_POLLSELECT "poll" + +# define MI_POLL_RD_FLAGS (POLLIN | POLLPRI) +# define MI_POLL_WR_FLAGS (POLLOUT) +# define MI_MS(timeout) (((timeout)->tv_sec * 1000) + (timeout)->tv_usec) + +# define FD_RD_VAR(rds, excs) struct pollfd rds +# define FD_WR_VAR(wrs) struct pollfd wrs + +# define FD_RD_INIT(sd, rds, excs) \ + (rds).fd = (sd); \ + (rds).events = MI_POLL_RD_FLAGS; \ + (rds).revents = 0 + +# define FD_WR_INIT(sd, wrs) \ + (wrs).fd = (sd); \ + (wrs).events = MI_POLL_WR_FLAGS; \ + (wrs).revents = 0 + +# define FD_IS_RD_EXC(sd, rds, excs) \ + (((rds).revents & (POLLERR | POLLHUP | POLLNVAL)) != 0) + +# define FD_IS_WR_RDY(sd, wrs) \ + (((wrs).revents & MI_POLL_WR_FLAGS) != 0) + +# define FD_IS_RD_RDY(sd, rds, excs) \ + (((rds).revents & MI_POLL_RD_FLAGS) != 0) + +# define FD_WR_READY(sd, excs, timeout) \ + poll(&(wrs), 1, MI_MS(timeout)) + +# define FD_RD_READY(sd, rds, excs, timeout) \ + poll(&(rds), 1, MI_MS(timeout)) + +#else /* _FFR_USE_POLL */ + +# include +# define MI_POLLSELECT "select" + +# define FD_RD_VAR(rds, excs) fd_set rds, excs +# define FD_WR_VAR(wrs) fd_set wrs + +# define FD_RD_INIT(sd, rds, excs) \ + FD_ZERO(&(rds)); \ + FD_SET((unsigned int) (sd), &(rds)); \ + FD_ZERO(&(excs)); \ + FD_SET((unsigned int) (sd), &(excs)) + +# define FD_WR_INIT(sd, wrs) \ + FD_ZERO(&(wrs)); \ + FD_SET((unsigned int) (sd), &(wrs)); \ + +# define FD_IS_RD_EXC(sd, rds, excs) FD_ISSET(sd, &(excs)) +# define FD_IS_WR_RDY(sd, wrs) FD_ISSET((sd), &(wrs)) +# define FD_IS_RD_RDY(sd, rds, excs) FD_ISSET((sd), &(rds)) + +# define FD_WR_READY(sd, wrs, timeout) \ + select((sd) + 1, NULL, &(wrs), NULL, (timeout)) +# define FD_RD_READY(sd, rds, excs, timeout) \ + select((sd) + 1, &(rds), NULL, &(excs), (timeout)) + +#endif /* _FFR_USE_POLL */ + #include /* version info */ diff --git a/contrib/sendmail/libmilter/listener.c b/contrib/sendmail/libmilter/listener.c index 532920a1dd57..06087b6ae5fd 100644 --- a/contrib/sendmail/libmilter/listener.c +++ b/contrib/sendmail/libmilter/listener.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1999-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * * By using this file, you agree to the terms and conditions set @@ -9,7 +9,7 @@ */ #include -SM_RCSID("@(#)$Id: listener.c,v 8.85.2.7 2002/12/10 04:02:25 ca Exp $") +SM_RCSID("@(#)$Id: listener.c,v 8.85.2.9 2003/01/03 22:14:40 ca Exp $") /* ** listener.c -- threaded network listener @@ -17,7 +17,6 @@ SM_RCSID("@(#)$Id: listener.c,v 8.85.2.7 2002/12/10 04:02:25 ca Exp $") #include "libmilter.h" #include -#include # if NETINET || NETINET6 @@ -74,6 +73,7 @@ mi_opensocket(conn, backlog, dbg, smfi) (void) smutex_unlock(&L_Mutex); return MI_FAILURE; } +#if !_FFR_USE_POLL if (!SM_FD_OK_SELECT(listenfd)) { smi_log(SMI_LOG_ERR, "%s: fd %d is larger than FD_SETSIZE %d", @@ -81,6 +81,7 @@ mi_opensocket(conn, backlog, dbg, smfi) (void) smutex_unlock(&L_Mutex); return MI_FAILURE; } +#endif /* !_FFR_USE_POLL */ return MI_SUCCESS; } @@ -669,7 +670,7 @@ mi_listener(conn, dbg, smfi, timeout, backlog) _SOCK_ADDR cliaddr; SOCKADDR_LEN_T clilen; SMFICTX_PTR ctx; - fd_set readset, excset; + FD_RD_VAR(rds, excs); struct timeval chktime; if (mi_opensocket(conn, backlog, dbg, smfi) == MI_FAILURE) @@ -687,13 +688,10 @@ mi_listener(conn, dbg, smfi, timeout, backlog) } /* select on interface ports */ - FD_ZERO(&readset); - FD_ZERO(&excset); - FD_SET((unsigned int) listenfd, &readset); - FD_SET((unsigned int) listenfd, &excset); + FD_RD_INIT(listenfd, rds, excs); chktime.tv_sec = MI_CHK_TIME; chktime.tv_usec = 0; - r = select(listenfd + 1, &readset, NULL, &excset, &chktime); + r = FD_RD_READY(listenfd, rds, excs, &chktime); if (r == 0) /* timeout */ { (void) smutex_unlock(&L_Mutex); @@ -718,14 +716,14 @@ mi_listener(conn, dbg, smfi, timeout, backlog) } continue; } - if (!FD_ISSET(listenfd, &readset)) + if (!FD_IS_RD_RDY(listenfd, rds, excs)) { /* some error: just stop for now... */ ret = MI_FAILURE; (void) smutex_unlock(&L_Mutex); smi_log(SMI_LOG_ERR, - "%s: select() returned exception for socket, abort", - smfi->xxfi_name); + "%s: %s() returned exception for socket, abort", + smfi->xxfi_name, MI_POLLSELECT); break; } scnt = 0; /* reset error counter for select() */ @@ -754,6 +752,7 @@ mi_listener(conn, dbg, smfi, timeout, backlog) save_errno = EINVAL; } +#if !_FFR_USE_POLL /* check if acceptable for select() */ if (ValidSocket(connfd) && !SM_FD_OK_SELECT(connfd)) { @@ -761,6 +760,7 @@ mi_listener(conn, dbg, smfi, timeout, backlog) connfd = INVALID_SOCKET; save_errno = ERANGE; } +#endif /* !_FFR_USE_POLL */ if (!ValidSocket(connfd)) { diff --git a/contrib/sendmail/libmilter/main.c b/contrib/sendmail/libmilter/main.c index 1828debee77c..4e62c45fb144 100644 --- a/contrib/sendmail/libmilter/main.c +++ b/contrib/sendmail/libmilter/main.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1999-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * * By using this file, you agree to the terms and conditions set @@ -9,7 +9,7 @@ */ #include -SM_RCSID("@(#)$Id: main.c,v 8.64.2.8 2002/12/18 23:13:45 ca Exp $") +SM_RCSID("@(#)$Id: main.c,v 8.64.2.10 2003/01/23 22:34:24 ca Exp $") #define _DEFINE 1 #include "libmilter.h" diff --git a/contrib/sendmail/libsm/stdio.c b/contrib/sendmail/libsm/stdio.c index 0e5165f097b6..d45a774bcf63 100644 --- a/contrib/sendmail/libsm/stdio.c +++ b/contrib/sendmail/libsm/stdio.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 2000-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1990, 1993 * The Regents of the University of California. All rights reserved. @@ -13,7 +13,7 @@ */ #include -SM_RCSID("@(#)$Id: stdio.c,v 1.56.2.3 2002/10/22 23:07:19 ca Exp $") +SM_RCSID("@(#)$Id: stdio.c,v 1.56.2.10 2003/01/10 23:07:17 ca Exp $") #include #include #include diff --git a/contrib/sendmail/libsmdb/smdb2.c b/contrib/sendmail/libsmdb/smdb2.c index 1ccff5d3d545..b3274da6d147 100644 --- a/contrib/sendmail/libsmdb/smdb2.c +++ b/contrib/sendmail/libsmdb/smdb2.c @@ -1,5 +1,5 @@ /* -** Copyright (c) 1999-2002 Sendmail, Inc. and its suppliers. +** Copyright (c) 1999-2003 Sendmail, Inc. and its suppliers. ** All rights reserved. ** ** By using this file, you agree to the terms and conditions set @@ -8,7 +8,7 @@ */ #include -SM_RCSID("@(#)$Id: smdb2.c,v 8.72.2.4 2002/12/03 17:01:15 ca Exp $") +SM_RCSID("@(#)$Id: smdb2.c,v 8.72.2.6 2003/01/23 22:21:39 ca Exp $") #include #include diff --git a/contrib/sendmail/mail.local/mail.local.c b/contrib/sendmail/mail.local/mail.local.c index 027829f1aa1d..68160b583f41 100644 --- a/contrib/sendmail/mail.local/mail.local.c +++ b/contrib/sendmail/mail.local/mail.local.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1990, 1993, 1994 * The Regents of the University of California. All rights reserved. @@ -18,7 +18,7 @@ SM_IDSTR(copyright, Copyright (c) 1990, 1993, 1994\n\ The Regents of the University of California. All rights reserved.\n") -SM_IDSTR(id, "@(#)$Id: mail.local.c,v 8.239.2.2 2002/09/24 02:09:09 ca Exp $") +SM_IDSTR(id, "@(#)$Id: mail.local.c,v 8.239.2.4 2003/01/15 19:17:15 ca Exp $") #include #include @@ -1038,7 +1038,12 @@ deliver(fd, name) mbfd = -1; } } - else if (sb.st_nlink != 1 || !S_ISREG(sb.st_mode)) + else if (sb.st_nlink != 1) + { + mailerr("550 5.2.0", "%s: too many links", path); + goto err0; + } + else if (!S_ISREG(sb.st_mode)) { mailerr("550 5.2.0", "%s: irregular file", path); goto err0; diff --git a/contrib/sendmail/src/README b/contrib/sendmail/src/README index bb0dc15710be..ba9d12692462 100644 --- a/contrib/sendmail/src/README +++ b/contrib/sendmail/src/README @@ -1,4 +1,4 @@ -# Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. +# Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. # All rights reserved. # Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. # Copyright (c) 1988 @@ -9,7 +9,7 @@ # the sendmail distribution. # # -# $Id: README,v 8.355.2.11 2002/12/18 17:15:46 ca Exp $ +# $Id: README,v 8.355.2.13 2003/01/15 19:17:15 ca Exp $ # This directory contains the source files for sendmail(TM). @@ -291,7 +291,8 @@ SM_CONF_GETOPT Define this as 0 if you need a reimplementation of getopt(3). On some systems, getopt does very odd things if called to scan the arguments twice. This flag will ask sendmail to compile in a local version of getopt that works - properly. + properly. You may also need this if you build with + another library that introduces a non-standard getopt(3). NEEDSTRTOL Define this if your standard C library does not define strtol(3). This will compile in a local version. NEEDFSYNC Define this if your standard C library does not define @@ -1793,4 +1794,4 @@ util.c Some general purpose routines used by sendmail. version.c The version number and information about this version of sendmail. -(Version $Revision: 8.355.2.11 $, last update $Date: 2002/12/18 17:15:46 $ ) +(Version $Revision: 8.355.2.13 $, last update $Date: 2003/01/15 19:17:15 $ ) diff --git a/contrib/sendmail/src/TUNING b/contrib/sendmail/src/TUNING index 52da793b6d59..61121cbbfd15 100644 --- a/contrib/sendmail/src/TUNING +++ b/contrib/sendmail/src/TUNING @@ -1,11 +1,11 @@ -# Copyright (c) 2001-2002 Sendmail, Inc. and its suppliers. +# Copyright (c) 2001-2003 Sendmail, Inc. and its suppliers. # All rights reserved. # # By using this file, you agree to the terms and conditions set # forth in the LICENSE file which can be found at the top level of # the sendmail distribution. # -# $Id: TUNING,v 1.18 2002/03/03 03:38:21 ca Exp $ +# $Id: TUNING,v 1.18.4.1 2003/02/07 18:19:51 ca Exp $ # ******************************************** @@ -159,7 +159,6 @@ QUEUE_GROUP(`one', `P=/var/spool/mqueue/one, F=f, r=50, R=3')dnl QUEUE_GROUP(`two', `P=/var/spool/mqueue/two, F=f, r=30, R=4')dnl QUEUE_GROUP(`remote', `P=/var/spool/mqueue/remote, F=f, r=5, R=8, I=2m')dnl define(`ESMTP_MAILER_QGRP', `remote')dnl -define(`confSPLIT_ACROSS_QUEUEGROUPS', `True')dnl define(`confDELIVERY_MODE', `q')dnl define(`confMAX_QUEUE_CHILDREN', `50')dnl define(`confMIN_QUEUE_AGE', `27m')dnl diff --git a/contrib/sendmail/src/conf.c b/contrib/sendmail/src/conf.c index 69e5c67abd97..29e8a21b1149 100644 --- a/contrib/sendmail/src/conf.c +++ b/contrib/sendmail/src/conf.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -13,7 +13,7 @@ #include -SM_RCSID("@(#)$Id: conf.c,v 8.972.2.25 2002/12/12 21:19:29 ca Exp $") +SM_RCSID("@(#)$Id: conf.c,v 8.972.2.27 2003/01/15 19:17:14 ca Exp $") #include diff --git a/contrib/sendmail/src/daemon.c b/contrib/sendmail/src/daemon.c index 5f8f146c0688..d12e162d9c9d 100644 --- a/contrib/sendmail/src/daemon.c +++ b/contrib/sendmail/src/daemon.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -13,7 +13,7 @@ #include -SM_RCSID("@(#)$Id: daemon.c,v 8.613.2.11 2002/12/05 16:13:52 ca Exp $") +SM_RCSID("@(#)$Id: daemon.c,v 8.613.2.14 2003/02/11 17:17:22 ca Exp $") #if defined(SOCK_STREAM) || defined(__GNU_LIBRARY__) # define USE_SOCK_STREAM 1 @@ -3518,7 +3518,7 @@ getauthinfo(fd, may_be_forged) if (i < 0 || p == &ibuf[0]) goto noident; - if (*--p == '\n' && *--p == '\r') + if (p >= &ibuf[2] && *--p == '\n' && *--p == '\r') p--; *++p = '\0'; diff --git a/contrib/sendmail/src/deliver.c b/contrib/sendmail/src/deliver.c index 46b5ba6a46d9..2cb6e3f6e001 100644 --- a/contrib/sendmail/src/deliver.c +++ b/contrib/sendmail/src/deliver.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -14,7 +14,7 @@ #include #include -SM_RCSID("@(#)$Id: deliver.c,v 8.940.2.10 2002/12/12 22:46:34 ca Exp $") +SM_RCSID("@(#)$Id: deliver.c,v 8.940.2.15 2003/02/07 17:57:43 ca Exp $") #if HASSETUSERCONTEXT # include @@ -6124,8 +6124,8 @@ starttls(m, mci, e) if (LogLevel > 5) { sm_syslog(LOG_ERR, e->e_id, - "STARTTLS=client, error: connect failed=%d, SSL_error=%d, timedout=%d", - result, i, (int) timedout); + "STARTTLS=client, error: connect failed=%d, SSL_error=%d, timedout=%d, errno=%d", + result, i, (int) timedout, errno); if (LogLevel > 8) tlslogerr("client"); } diff --git a/contrib/sendmail/src/domain.c b/contrib/sendmail/src/domain.c index f086d8085431..05199077c7fa 100644 --- a/contrib/sendmail/src/domain.c +++ b/contrib/sendmail/src/domain.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1986, 1995-1997 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -14,9 +14,9 @@ #include #if NAMED_BIND -SM_RCSID("@(#)$Id: domain.c,v 8.181.2.1 2002/06/27 16:55:04 ca Exp $ (with name server)") +SM_RCSID("@(#)$Id: domain.c,v 8.181.2.6 2003/01/15 19:17:15 ca Exp $ (with name server)") #else /* NAMED_BIND */ -SM_RCSID("@(#)$Id: domain.c,v 8.181.2.1 2002/06/27 16:55:04 ca Exp $ (without name server)") +SM_RCSID("@(#)$Id: domain.c,v 8.181.2.6 2003/01/15 19:17:15 ca Exp $ (without name server)") #endif /* NAMED_BIND */ #if NAMED_BIND diff --git a/contrib/sendmail/src/headers.c b/contrib/sendmail/src/headers.c index 5d90344658dd..d9966b14b67e 100644 --- a/contrib/sendmail/src/headers.c +++ b/contrib/sendmail/src/headers.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2001 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -13,9 +13,9 @@ #include -SM_RCSID("@(#)$Id: headers.c,v 8.266.4.2 2002/09/23 23:42:02 ca Exp $") +SM_RCSID("@(#)$Id: headers.c,v 8.266.4.4 2003/01/18 00:41:48 gshapiro Exp $") -static size_t fix_mime_header __P((char *)); +static size_t fix_mime_header __P((HDR *, ENVELOPE *)); static int priencode __P((char *)); static void put_vanilla_header __P((HDR *, char *, MCI *)); @@ -676,8 +676,8 @@ eatheader(e, full, log) if (buf[0] != '\0') { if (bitset(H_FROM, h->h_flags)) - expand(crackaddr(buf), buf, sizeof buf, - e); + expand(crackaddr(buf, e), + buf, sizeof buf, e); h->h_value = sm_rpool_strdup_x(e->e_rpool, buf); h->h_flags &= ~H_DEFAULT; } @@ -998,7 +998,11 @@ priencode(p) ** it and replaces it with "$g". The parse is totally ad hoc ** and isn't even guaranteed to leave something syntactically ** identical to what it started with. However, it does leave -** something semantically identical. +** something semantically identical if possible, else at least +** syntactically correct. +** +** For example, it changes "Real Name (Comment)" +** to "Real Name <$g> (Comment)". ** ** This algorithm has been cleaned up to handle a wider range ** of cases -- notably quoted and backslash escaped strings. @@ -1007,6 +1011,7 @@ priencode(p) ** ** Parameters: ** addr -- the address to be cracked. +** e -- the current envelope. ** ** Returns: ** a pointer to the new version. @@ -1019,28 +1024,50 @@ priencode(p) ** be copied if it is to be reused. */ +#define SM_HAVE_ROOM ((bp < buflim) && (buflim <= bufend)) + +/* +** Append a character to bp if we have room. +** If not, punt and return $g. +*/ + +#define SM_APPEND_CHAR(c) \ + do \ + { \ + if (SM_HAVE_ROOM) \ + *bp++ = (c); \ + else \ + goto returng; \ + } while (0) + +#if MAXNAME < 10 +ERROR MAXNAME must be at least 10 +#endif /* MAXNAME < 10 */ + char * -crackaddr(addr) +crackaddr(addr, e) register char *addr; + ENVELOPE *e; { register char *p; register char c; - int cmtlev; - int realcmtlev; - int anglelev, realanglelev; - int copylev; - int bracklev; - bool qmode; - bool realqmode; - bool skipping; - bool putgmac = false; - bool quoteit = false; - bool gotangle = false; - bool gotcolon = false; + int cmtlev; /* comment level in input string */ + int realcmtlev; /* comment level in output string */ + int anglelev; /* angle level in input string */ + int copylev; /* 0 == in address, >0 copying */ + int bracklev; /* bracket level for IPv6 addr check */ + bool addangle; /* put closing angle in output */ + bool qmode; /* quoting in original string? */ + bool realqmode; /* quoting in output string? */ + bool putgmac = false; /* already wrote $g */ + bool quoteit = false; /* need to quote next character */ + bool gotangle = false; /* found first '<' */ + bool gotcolon = false; /* found a ':' */ register char *bp; char *buflim; char *bufhead; char *addrhead; + char *bufend; static char buf[MAXNAME + 1]; if (tTd(33, 1)) @@ -1055,25 +1082,22 @@ crackaddr(addr) ** adjusted later if we find them. */ + buflim = bufend = &buf[sizeof(buf) - 1]; bp = bufhead = buf; - buflim = &buf[sizeof buf - 7]; p = addrhead = addr; - copylev = anglelev = realanglelev = cmtlev = realcmtlev = 0; + copylev = anglelev = cmtlev = realcmtlev = 0; bracklev = 0; - qmode = realqmode = false; + qmode = realqmode = addangle = false; while ((c = *p++) != '\0') { /* - ** If the buffer is overful, go into a special "skipping" - ** mode that tries to keep legal syntax but doesn't actually - ** output things. + ** Try to keep legal syntax using spare buffer space + ** (maintained by buflim). */ - skipping = bp >= buflim; - - if (copylev > 0 && !skipping) - *bp++ = c; + if (copylev > 0) + SM_APPEND_CHAR(c); /* check for backslash escapes */ if (c == '\\') @@ -1088,8 +1112,8 @@ crackaddr(addr) p--; goto putg; } - if (copylev > 0 && !skipping) - *bp++ = c; + if (copylev > 0) + SM_APPEND_CHAR(c); goto putg; } @@ -1097,8 +1121,14 @@ crackaddr(addr) if (c == '"' && cmtlev <= 0) { qmode = !qmode; - if (copylev > 0 && !skipping) + if (copylev > 0 && SM_HAVE_ROOM) + { + if (realqmode) + buflim--; + else + buflim++; realqmode = !realqmode; + } continue; } if (qmode) @@ -1110,15 +1140,15 @@ crackaddr(addr) cmtlev++; /* allow space for closing paren */ - if (!skipping) + if (SM_HAVE_ROOM) { buflim--; realcmtlev++; if (copylev++ <= 0) { if (bp != bufhead) - *bp++ = ' '; - *bp++ = c; + SM_APPEND_CHAR(' '); + SM_APPEND_CHAR(c); } } } @@ -1128,7 +1158,7 @@ crackaddr(addr) { cmtlev--; copylev--; - if (!skipping) + if (SM_HAVE_ROOM) { realcmtlev--; buflim++; @@ -1139,7 +1169,7 @@ crackaddr(addr) else if (c == ')') { /* syntax error: unmatched ) */ - if (copylev > 0 && !skipping) + if (copylev > 0 && SM_HAVE_ROOM) bp--; } @@ -1157,7 +1187,7 @@ crackaddr(addr) /* ** Check for DECnet phase IV ``::'' (host::user) - ** or ** DECnet phase V ``:.'' syntaxes. The latter + ** or DECnet phase V ``:.'' syntaxes. The latter ** covers ``user@DEC:.tay.myhost'' and ** ``DEC:.tay.myhost::user'' syntaxes (bletch). */ @@ -1166,10 +1196,10 @@ crackaddr(addr) { if (cmtlev <= 0 && !qmode) quoteit = true; - if (copylev > 0 && !skipping) + if (copylev > 0) { - *bp++ = c; - *bp++ = *p; + SM_APPEND_CHAR(c); + SM_APPEND_CHAR(*p); } p++; goto putg; @@ -1180,41 +1210,43 @@ crackaddr(addr) bp = bufhead; if (quoteit) { - *bp++ = '"'; + SM_APPEND_CHAR('"'); /* back up over the ':' and any spaces */ --p; - while (isascii(*--p) && isspace(*p)) + while (p > addr && + isascii(*--p) && isspace(*p)) continue; p++; } for (q = addrhead; q < p; ) { c = *q++; - if (bp < buflim) + if (quoteit && c == '"') { - if (quoteit && c == '"') - *bp++ = '\\'; - *bp++ = c; + SM_APPEND_CHAR('\\'); + SM_APPEND_CHAR(c); } + else + SM_APPEND_CHAR(c); } if (quoteit) { if (bp == &bufhead[1]) bp--; else - *bp++ = '"'; + SM_APPEND_CHAR('"'); while ((c = *p++) != ':') - { - if (bp < buflim) - *bp++ = c; - } - *bp++ = c; + SM_APPEND_CHAR(c); + SM_APPEND_CHAR(c); } /* any trailing white space is part of group: */ - while (isascii(*p) && isspace(*p) && bp < buflim) - *bp++ = *p++; + while (isascii(*p) && isspace(*p)) + { + SM_APPEND_CHAR(*p); + p++; + } copylev = 0; putgmac = quoteit = false; bufhead = bp; @@ -1223,10 +1255,7 @@ crackaddr(addr) } if (c == ';' && copylev <= 0 && !ColonOkInAddr) - { - if (bp < buflim) - *bp++ = c; - } + SM_APPEND_CHAR(c); /* check for characters that may have to be quoted */ if (strchr(MustQuoteChars, c) != NULL) @@ -1254,42 +1283,45 @@ crackaddr(addr) /* oops -- have to change our mind */ anglelev = 1; - if (!skipping) - realanglelev = 1; + if (SM_HAVE_ROOM) + { + if (!addangle) + buflim--; + addangle = true; + } bp = bufhead; if (quoteit) { - *bp++ = '"'; + SM_APPEND_CHAR('"'); /* back up over the '<' and any spaces */ --p; - while (isascii(*--p) && isspace(*p)) + while (p > addr && + isascii(*--p) && isspace(*p)) continue; p++; } for (q = addrhead; q < p; ) { c = *q++; - if (bp < buflim) + if (quoteit && c == '"') { - if (quoteit && c == '"') - *bp++ = '\\'; - *bp++ = c; + SM_APPEND_CHAR('\\'); + SM_APPEND_CHAR(c); } + else + SM_APPEND_CHAR(c); } if (quoteit) { if (bp == &buf[1]) bp--; else - *bp++ = '"'; + SM_APPEND_CHAR('"'); while ((c = *p++) != '<') - { - if (bp < buflim) - *bp++ = c; - } - *bp++ = c; + SM_APPEND_CHAR(c); + SM_APPEND_CHAR(c); } copylev = 0; putgmac = quoteit = false; @@ -1301,13 +1333,14 @@ crackaddr(addr) if (anglelev > 0) { anglelev--; - if (!skipping) + if (SM_HAVE_ROOM) { - realanglelev--; - buflim++; + if (addangle) + buflim++; + addangle = false; } } - else if (!skipping) + else if (SM_HAVE_ROOM) { /* syntax error: unmatched > */ if (copylev > 0) @@ -1316,7 +1349,7 @@ crackaddr(addr) continue; } if (copylev++ <= 0) - *bp++ = c; + SM_APPEND_CHAR(c); continue; } @@ -1324,30 +1357,42 @@ crackaddr(addr) putg: if (copylev <= 0 && !putgmac) { - if (bp > bufhead && bp[-1] == ')') - *bp++ = ' '; - *bp++ = MACROEXPAND; - *bp++ = 'g'; + if (bp > buf && bp[-1] == ')') + SM_APPEND_CHAR(' '); + SM_APPEND_CHAR(MACROEXPAND); + SM_APPEND_CHAR('g'); putgmac = true; } } /* repair any syntactic damage */ - if (realqmode) + if (realqmode && bp < bufend) *bp++ = '"'; - while (realcmtlev-- > 0) + while (realcmtlev-- > 0 && bp < bufend) *bp++ = ')'; - while (realanglelev-- > 0) + if (addangle && bp < bufend) *bp++ = '>'; - *bp++ = '\0'; + *bp = '\0'; + if (bp < bufend) + goto success; + returng: + /* String too long, punt */ + buf[0] = '<'; + buf[1] = MACROEXPAND; + buf[2]= 'g'; + buf[3] = '>'; + buf[4]= '\0'; + sm_syslog(LOG_ALERT, e->e_id, + "Dropped invalid comments from header address"); + + success: if (tTd(33, 1)) { sm_dprintf("crackaddr=>`"); xputs(buf); sm_dprintf("'\n"); } - return buf; } /* @@ -1412,7 +1457,7 @@ putheader(mci, hdr, e, flags) { size_t len; - len = fix_mime_header(h->h_value); + len = fix_mime_header(h, e); if (len > 0) { sm_syslog(LOG_ALERT, e->e_id, @@ -1455,13 +1500,28 @@ putheader(mci, hdr, e, flags) if (shorten_rfc822_string(h->h_value, MaxMimeHeaderLength)) { - sm_syslog(LOG_ALERT, e->e_id, - "Truncated long MIME %s header (length = %ld) (possible attack)", - h->h_field, (unsigned long) len); - if (tTd(34, 11)) - sm_dprintf(" truncated long MIME %s header (length = %ld) (possible attack)\n", - h->h_field, - (unsigned long) len); + if (len < MaxMimeHeaderLength) + { + /* we only rebalanced a bogus header */ + sm_syslog(LOG_ALERT, e->e_id, + "Fixed MIME %s header (possible attack)", + h->h_field); + if (tTd(34, 11)) + sm_dprintf(" fixed MIME %s header (possible attack)\n", + h->h_field); + } + else + { + /* we actually shortened header */ + sm_syslog(LOG_ALERT, e->e_id, + "Truncated long MIME %s header (length = %ld) (possible attack)", + h->h_field, + (unsigned long) len); + if (tTd(34, 11)) + sm_dprintf(" truncated long MIME %s header (length = %ld) (possible attack)\n", + h->h_field, + (unsigned long) len); + } } } @@ -1856,7 +1916,8 @@ copyheader(header, rpool) ** to MaxMimeFieldLength. ** ** Parameters: -** string -- the full header +** h -- the header to truncate/rebalance +** e -- the current envelope ** ** Returns: ** length of last offending field, 0 if all ok. @@ -1866,15 +1927,16 @@ copyheader(header, rpool) */ static size_t -fix_mime_header(string) - char *string; +fix_mime_header(h, e) + HDR *h; + ENVELOPE *e; { - char *begin = string; + char *begin = h->h_value; char *end; size_t len = 0; size_t retlen = 0; - if (string == NULL || *string == '\0') + if (begin == NULL || *begin == '\0') return 0; /* Split on each ';' */ @@ -1889,7 +1951,23 @@ fix_mime_header(string) /* Shorten individual parameter */ if (shorten_rfc822_string(begin, MaxMimeFieldLength)) - retlen = len; + { + if (len < MaxMimeFieldLength) + { + /* we only rebalanced a bogus field */ + sm_syslog(LOG_ALERT, e->e_id, + "Fixed MIME %s header field (possible attack)", + h->h_field); + if (tTd(34, 11)) + sm_dprintf(" fixed MIME %s header field (possible attack)\n", + h->h_field); + } + else + { + /* we actually shortened the header */ + retlen = len; + } + } /* Collapse the possibly shortened string with rest */ bp = begin + strlen(begin); diff --git a/contrib/sendmail/src/main.c b/contrib/sendmail/src/main.c index fd981fc95be2..e79d92358b0f 100644 --- a/contrib/sendmail/src/main.c +++ b/contrib/sendmail/src/main.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -25,7 +25,7 @@ SM_UNUSED(static char copyright[]) = The Regents of the University of California. All rights reserved.\n"; #endif /* ! lint */ -SM_RCSID("@(#)$Id: main.c,v 8.887.2.12 2002/12/05 17:38:44 ca Exp $") +SM_RCSID("@(#)$Id: main.c,v 8.887.2.20 2003/02/07 17:57:44 ca Exp $") #if NETINET || NETINET6 @@ -77,7 +77,7 @@ static SIGFUNC_DECL sigusr1 __P((int)); ** UCB/Mammoth Project (10/89 - 7/95). ** InReference, Inc. (8/95 - 1/97). ** Sendmail, Inc. (1/98 - present). -** The support of the my employers is gratefully acknowledged. +** The support of my employers is gratefully acknowledged. ** Few of them (Britton-Lee in particular) have had ** anything to gain from my involvement in this project. ** @@ -4241,7 +4241,7 @@ testmodeline(line, e) "Usage: /parse address\n"); return; } - q = crackaddr(p); + q = crackaddr(p, e); (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, "Cracked address = "); xputs(q); diff --git a/contrib/sendmail/src/mci.c b/contrib/sendmail/src/mci.c index 5172333812f2..033387b05415 100644 --- a/contrib/sendmail/src/mci.c +++ b/contrib/sendmail/src/mci.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1995-1997 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -13,7 +13,7 @@ #include -SM_RCSID("@(#)$Id: mci.c,v 8.205.2.2 2002/11/26 19:15:19 gshapiro Exp $") +SM_RCSID("@(#)$Id: mci.c,v 8.205.2.3 2003/01/07 03:56:19 ca Exp $") #if NETINET || NETINET6 # include @@ -1244,10 +1244,8 @@ mci_print_persistent(pathname, hostname) locked ? '*' : ' ', hostname, pintvl(curtime() - mcib.mci_lastuse, true)); if (mcib.mci_rstatus != NULL) - { (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, "%.*s\n", width, mcib.mci_rstatus); - } else if (mcib.mci_exitstat == EX_TEMPFAIL && mcib.mci_errno != 0) (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, "Deferred: %.*s\n", width - 10, diff --git a/contrib/sendmail/src/milter.c b/contrib/sendmail/src/milter.c index 585981c168ea..305c3041a93f 100644 --- a/contrib/sendmail/src/milter.c +++ b/contrib/sendmail/src/milter.c @@ -10,7 +10,7 @@ #include -SM_RCSID("@(#)$Id: milter.c,v 8.197.2.5 2002/11/11 23:22:28 ca Exp $") +SM_RCSID("@(#)$Id: milter.c,v 8.197.2.6 2002/12/30 05:54:00 ca Exp $") #if MILTER # include @@ -549,7 +549,7 @@ milter_write(m, cmd, buf, len, to, e) ** e -- current envelope. ** ** Returns: -** connected socket if sucessful && !parseonly, +** connected socket if successful && !parseonly, ** 0 upon parse success if parseonly, ** -1 otherwise. */ diff --git a/contrib/sendmail/src/parseaddr.c b/contrib/sendmail/src/parseaddr.c index a69554a32f12..296d01cfb119 100644 --- a/contrib/sendmail/src/parseaddr.c +++ b/contrib/sendmail/src/parseaddr.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -13,7 +13,7 @@ #include -SM_RCSID("@(#)$Id: parseaddr.c,v 8.359.2.3 2002/09/26 23:03:39 gshapiro Exp $") +SM_RCSID("@(#)$Id: parseaddr.c,v 8.359.2.4 2003/01/18 00:41:48 gshapiro Exp $") static void allocaddr __P((ADDRESS *, int, char *, ENVELOPE *)); static int callsubr __P((char**, int, ENVELOPE *)); @@ -2509,7 +2509,7 @@ remotename(name, m, flags, pstat, e) if (bitset(RF_CANONICAL, flags) || bitnset(M_NOCOMMENT, m->m_flags)) fancy = "\201g"; else - fancy = crackaddr(name); + fancy = crackaddr(name, e); /* ** Turn the name into canonical form. diff --git a/contrib/sendmail/src/queue.c b/contrib/sendmail/src/queue.c index a0ce797cb6cd..0d618ed68ac2 100644 --- a/contrib/sendmail/src/queue.c +++ b/contrib/sendmail/src/queue.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -13,14 +13,10 @@ #include -SM_RCSID("@(#)$Id: queue.c,v 8.863.2.22 2002/12/19 18:00:39 ca Exp $") +SM_RCSID("@(#)$Id: queue.c,v 8.863.2.28 2003/02/11 17:17:22 ca Exp $") #include -#if SM_CONF_SHM -# include -#endif /* SM_CONF_SHM */ - # define RELEASE_QUEUE (void) 0 # define ST_INODE(st) (st).st_ino @@ -77,7 +73,7 @@ static int NumWorkGroups; /* number of work groups */ ** Notice: DoQueueRun is modified in a signal handler! */ -static bool volatile DoQueueRun; /* non-interrupt time queue run needed */ +static bool volatile DoQueueRun; /* non-interrupt time queue run needed */ /* ** Work group definition structure. @@ -1691,7 +1687,7 @@ runner_work(e, sequenceno, didfork, skip, njobs) w->w_name + 2); (void) dowork(w->w_qgrp, w->w_qdir, w->w_name + 2, - ForkQueueRuns , false, e); + ForkQueueRuns, false, e); errno = 0; } sm_free(w->w_name); /* XXX */ @@ -3446,7 +3442,6 @@ dowork(qgrp, qdir, id, forkflag, requeueflag, e) ** handler for child process. */ - /* Reset global flags */ RestartRequest = NULL; RestartWorkGroup = false; @@ -3633,7 +3628,6 @@ doworklist(el, forkflag, requeueflag) ** handler for child process. */ - /* Reset global flags */ RestartRequest = NULL; RestartWorkGroup = false; @@ -6722,10 +6716,12 @@ setup_queues(owner) hashval = 0; errno = 0; len = sm_strlcpy(basedir, QueueDir, sizeof basedir); - if (len >= sizeof basedir) + + /* Provide space for trailing '/' */ + if (len >= sizeof basedir - 1) { syserr("QueueDirectory: path too long: %d, max %d", - len, (int) sizeof basedir); + len, (int) sizeof basedir - 1); ExitStat = EX_CONFIG; return; } diff --git a/contrib/sendmail/src/sendmail.h b/contrib/sendmail/src/sendmail.h index 61b0d13af76f..2bfad159428e 100644 --- a/contrib/sendmail/src/sendmail.h +++ b/contrib/sendmail/src/sendmail.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -48,7 +48,7 @@ #ifdef _DEFINE # ifndef lint -SM_UNUSED(static char SmailId[]) = "@(#)$Id: sendmail.h,v 8.919.2.15 2002/12/12 22:46:35 ca Exp $"; +SM_UNUSED(static char SmailId[]) = "@(#)$Id: sendmail.h,v 8.919.2.16 2003/01/18 00:41:50 gshapiro Exp $"; # endif /* ! lint */ #endif /* _DEFINE */ @@ -325,7 +325,7 @@ extern ADDRESS NullAddress; /* a null (template) address [main.c] */ /* functions */ extern void cataddr __P((char **, char **, char *, int, int)); -extern char *crackaddr __P((char *)); +extern char *crackaddr __P((char *, ENVELOPE *)); extern bool emptyaddr __P((ADDRESS *)); extern ADDRESS *getctladdr __P((ADDRESS *)); extern int include __P((char *, bool, ADDRESS *, ADDRESS **, int, ENVELOPE *)); diff --git a/contrib/sendmail/src/srvrsmtp.c b/contrib/sendmail/src/srvrsmtp.c index 12ad2e7e45a4..2be4d65e018f 100644 --- a/contrib/sendmail/src/srvrsmtp.c +++ b/contrib/sendmail/src/srvrsmtp.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -16,7 +16,7 @@ # include #endif /* MILTER */ -SM_RCSID("@(#)$Id: srvrsmtp.c,v 8.829.2.17 2002/12/09 16:46:18 ca Exp $") +SM_RCSID("@(#)$Id: srvrsmtp.c,v 8.829.2.21 2003/01/15 19:17:14 ca Exp $") #if SASL || STARTTLS # include @@ -1635,8 +1635,8 @@ smtp(nullserver, d_flags, e) if (LogLevel > 5) { sm_syslog(LOG_WARNING, NOQID, - "STARTTLS=server, error: accept failed=%d, SSL_error=%d, timedout=%d", - r, i, (int) timedout); + "STARTTLS=server, error: accept failed=%d, SSL_error=%d, timedout=%d, errno=%d", + r, i, (int) timedout, errno); if (LogLevel > 8) tlslogerr("server"); } @@ -2717,17 +2717,22 @@ smtp(nullserver, d_flags, e) id = p; if (*id == '#') { - int wgrp; + int i, qgrp; id++; - wgrp = name2qid(id); - if (!ISVALIDQGRP(wgrp)) + qgrp = name2qid(id); + if (!ISVALIDQGRP(qgrp)) { usrerr("459 4.5.4 Queue %s unknown", id); break; } - ok = run_work_group(wgrp, RWG_FORK|RWG_RUNALL); + for (i = 0; i < NumQueue && Queue[i] != NULL; + i++) + Queue[i]->qg_nextrun = (time_t) -1; + Queue[qgrp]->qg_nextrun = 0; + ok = run_work_group(Queue[qgrp]->qg_wgrp, + RWG_FORK|RWG_FORCE); if (ok && Errors == 0) message("250 2.0.0 Queuing for queue group %s started", id); break; diff --git a/contrib/sendmail/src/tls.c b/contrib/sendmail/src/tls.c index 8a7fa9f48275..10a6fe2a7ed2 100644 --- a/contrib/sendmail/src/tls.c +++ b/contrib/sendmail/src/tls.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 2000-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * * By using this file, you agree to the terms and conditions set @@ -10,7 +10,7 @@ #include -SM_RCSID("@(#)$Id: tls.c,v 8.79.4.1 2002/09/03 17:31:45 gshapiro Exp $") +SM_RCSID("@(#)$Id: tls.c,v 8.79.4.2 2003/01/23 23:16:24 ca Exp $") #if STARTTLS # include @@ -19,9 +19,6 @@ SM_RCSID("@(#)$Id: tls.c,v 8.79.4.1 2002/09/03 17:31:45 gshapiro Exp $") # ifndef HASURANDOMDEV # include # endif /* ! HASURANDOMDEV */ -# if SM_CONF_SHM -# include -# endif /* SM_CONF_SHM */ # if !TLS_NO_RSA static RSA *rsa_tmp = NULL; /* temporary RSA key */ static RSA *tmp_rsa_key __P((SSL *, int, int)); diff --git a/contrib/sendmail/src/version.c b/contrib/sendmail/src/version.c index 2be1ca964f9c..d8a2983d3fd3 100644 --- a/contrib/sendmail/src/version.c +++ b/contrib/sendmail/src/version.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1983 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -13,6 +13,6 @@ #include -SM_RCSID("@(#)$Id: version.c,v 8.104.2.11 2002/12/28 19:45:53 ca Exp $") +SM_RCSID("@(#)$Id: version.c,v 8.104.2.14 2003/01/15 17:55:43 ca Exp $") -char Version[] = "8.12.7"; +char Version[] = "8.12.8";
Called Whensmfi_setreply may be called from any of the xxfi_ callbacks.smfi_setreply may be called from any of the xxfi_ callbacks +other than xxfi_connect.
Effects