mirror/freebsd
1
0
Fork 0
mirror of https://git.FreeBSD.org/src.git synced 2025-01-28 16:43:09 +00:00
Code Issues Releases Activity

Import sendmail-8.8.7 onto vendor branch.

Browse Source 
Obtained from: ftp.sendmail.org
This commit is contained in:
Peter Wemm 1997-08-04 05:00:07 +00:00
parent f3a1fc342b
commit e54babdf0c
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/vendor/sendmail/dist-old/; revision=27876
40 changed files with 1455 additions and 590 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
usr.sbin/sendmail/FAQ
View File

@ -1,11 +1,11 @@
The FAQ is no longer maintained with the sendmail release. It is
posted regularly to comp.mail.sendmail, comp.mail.misc, comp.mail.smail,
comp.answers, and news.answers, and can be obtained via anonymous FTP
from ftp://rtfm.mit.edu/pub/usenet/news.answers/mail/sendmail-faq.
from ftp://rtfm.mit.edu/pub/usenet/news.answers/mail/sendmail-faq/.
If you do not have access to anonymous FTP, you can retrieve it by
sending email to mail-server@rtfm.mit.edu with the command "send
usenet/news.answers/mail/sendmail-faq" in the message.
An HTML version is also available at http://www.sendmail.org/faq.
An HTML version is also available at http://www.sendmail.org/faq/.
--Eric Allman 14 June 1997
--Eric Allman 19 June 1997

38
usr.sbin/sendmail/READ_ME
View File

@ -1,5 +1,5 @@
/*-
* @(#)READ_ME 8.30 (Berkeley) 5/8/97
* @(#)READ_ME 8.32 (Berkeley) 7/6/97
*/
SENDMAIL RELEASE 8
@ -164,10 +164,10 @@ RFC1035.
IF YOU WANT TO RUN THE NEW BERKELEY DB SOFTWARE: **** DO NOT ****
use the version that was on the Net2 tape -- it has a number of
nefarious bugs that were bad enough when I got them; you shouldn't have
to go through the same thing. Instead, get a new version via public
FTP from ftp.sleepycat.com, file db/packages/db.1.85.tar.gz. This
software is highly recommended; it gets rid of several stupid limits, it's
much faster, and the interface is nicer to animals and plants. You will
to go through the same thing. Instead, get a new version via the web at
http://www.sleepycat.com/packages/db.1.85.tar.gz. This software is
highly recommended; it gets rid of several stupid limits, it's much
faster, and the interface is nicer to animals and plants. You will
also probably find that you have to add -I/where/you/put/db/include
to the sendmail makefile to get db.h to work properly.
@ -253,6 +253,34 @@ Makefiles, so you could drop it in as your default make.
For more details, see src/READ_ME.
+-----------------------+
| DIRECTORY PERMISSIONS |
+-----------------------+
Sendmail often gets blamed for many problems that are actually the
result of other problems, such as overly permissive modes on directories.
For this reason, sendmail checks the modes on system directories and
files to determine if they have been trusted. For sendmail to run
without complaining, you MUST execute the following command:
chmod go-w / /etc /usr /var /var/spool /var/spool/mqueue
You will probably have to tweak this for your environment (for example,
some systems put the spool directory into /usr/spool instead of
/var/spool). As a general rule, after you have compiled sendmail,
run the command
sendmail -v -bi
to initialize the alias database. If it gives messages such as
WARNING: writable directory /etc
WARNING: writable directory /usr/spool/mqueue
then the directories listed have inappropriate write permissions and
should be secured to avoid various possible security attacks.
+---------------------+
| DIRECTORY STRUCTURE |
+---------------------+

155
usr.sbin/sendmail/RELEASE_NOTES
View File

@ -1,11 +1,163 @@
SENDMAIL RELEASE NOTES
@(#)RELEASE_NOTES 8.8.6.11 (Berkeley) 6/14/97
@(#)RELEASE_NOTES 8.8.7.7 (Berkeley) 8/3/97
This listing shows the version of the sendmail binary, the version
of the sendmail configuration files, the date of release, and a
summary of the changes in that release.
8.8.7/8.8.7 97/08/03
If using Berkeley DB on systems without O_EXLOCK (open a file with
an exclusive lock already set -- i.e., almost all systems
except 4.4-BSD derived systems), the initial attempt at
rebuilding aliases file if the database didn't already
exist would fail. Patch from Raymund Will of LST Software
GmbH.
Bogus incoming SMTP commands would reset the SMTP conversation.
Problem noted by Fredrik Jönsson of the Royal Institute
of Technology, Stockholm.
Since TCP Wrappers includes setenv(), unsetenv(), and putenv(),
some environments could give "multiple definitions" for these
routines during compilation. If using TCP Wrappers, assume
that these routines are included as though they were in the
C library. Patch from Robert La Ferla.
When a NEWDB database map was rebuilt at the same time it was being
used by a queue run, the maps could be left locked for the
duration of the queue run, causing other processes to hang.
Problem noted by Kendall Libby of Shore.NET.
In some cases, NoRecipientAction=add-bcc was being ignored, so the
mail was passed on without any recipient header. This could
cause problems downstream. Problem noted by Xander Jansen
of SURFnet ExpertiseCentrum.
Give error when GDBM is used with sendmail. GDBM's locking and
linking of the .dir and .pag files interferes with sendmail's
locking and security checks. Problems noted by Fyodor
Yarochkin of the Kyrgyz Republic FreeNet.
Don't fsync qf files if SuperSafe option is not set.
Avoid extra calls to gethostbyname for addresses for which a
gethostbyaddr found no value. Also, ignore any returns
from gethostbyaddr that look like a dotted quad.
If PTR lookup fails when looking up an SMTP peer, don't tag it as
"may be forged", since at the network level we pretty much
have to assume that the information is good.
In some cases, errors during an SMTP session could leave files
open or locked.
Better handling of missing file descriptors (0, 1, 2) on startup.
Better handling of non-setuid binaries -- avoids certain obnoxious
errors during testing.
Errors in file locking of NEWDB maps had the incorrect file name
printed in the error message.
If the AllowBogusHELO option were set and an EHLO with a bad or
missing parameter were issued, the EHLO behaved like a HELO.
Load limiting never kicked in for incoming SMTP transactions if the
DeliverMode=background and any recipient was an alias or
had a .forward file. From Nik Conwell of Boston University.
On some non-Posix systems, the decision of whether chown(2) permits
file giveaway was undefined. From Tetsu Ushijima of the
Tokyo Institute of Technology.
Fix race condition that could cause the body of a message to be
lost (so only the header was delivered). This only occurs
on systems that do not use flock(2), and only when a queue
runner runs during a critical section in another message
delivery. Based on a patch from Steve Schweinhart of
Results Computing.
If a qf file was found in a mail queue directory that had a problem
(wrong ownership, bad format, etc.) and the file name was
exactly MAXQFNAME bytes long, then instead of being tried
once, it would be tried on every queue run. Problem noted
by Bryan Costales of Mercury Mail.
If the system supports an st_gen field in the status structure,
include it when reporting that a file has changed after open.
This adds a new compile flag, HAS_ST_GEN (0/1 option).
This out to be checked as well as reported, since it is
theoretically possible for an attacker to remove a file after
it is opened and replace it with another file that has the
same i-number, but some filesystems (notably AFS) return
garbage in this field, and hence always look like the file
has changed. As a practical matter this is not a security
problem, since the files can be neither hard nor soft links,
and on no filesystem (that I am aware of) is it possible to
have two files on the same filesystem with the same i-number
simultaneously.
Delete the root Makefile from the distribution -- it is only for
use internally, and does not work at customer sites.
Fix botch that caused the second MAIL FROM: command in a single
transaction to clear the entire transaction. Problem
noted by John Kennedy of Cal State University, Chico.
Work properly on machines that have _PATH_VARTMP defined without
a trailing slash. (And a pox on vendors that decide to
ignore the established conventions!) Problem noted by
Gregory Neil Shapiro of WPI.
Internal changes to make it easier to add another protocol family
(intended for IPv6). Patches are from John Kennedy of
CSU Chico.
In certain cases, 7->8 bit MIME decoding of Base64 text could leave
an extra space at the beginning of some lines. Problem
noted by Charles Karney of Princeton University; fix based
on a patch from Christophe Wolfhugel.
Portability:
Allow _PATH_VENDOR_CF to be set in Makefile for consistency
with the _Sendmail_ book, 2nd edition. Note that
the book is actually wrong: _PATH_SENDMAILCF should
be used instead.
AIX 3.x: Include <sys/select.h>. Patch from Gene Rackow
of Argonne National Laboratory.
OpenBSD from from Paul DuBois of the University of Wisconsin.
RISC/os 4.0 from Paul DuBois of the University of Wisconsin.
SunOS: Include <memory.h> to fix warning from util.c. From
James Aldridge of EUnet Ltd.
Solaris: Change STDIR (location of status file) to /etc/mail
in Makefiles.
Linux, Dynix, UNICOS: Remove -DNDBM and -lgdbm from
Makefiles. Use NEWDB on Linux instead.
NCR MP-RAS 3.x with STREAMware TCP/IP: SIOCGIFNUM ioctl
exists but behaves differently than other OSes.
Add SIOCGIFNUM_IS_BROKEN compile flag to get
around the problem. Problem noted by Tom Moore of
NCR Corp.
HP-UX 9.x: fix compile warnings for old select API. Problem
noted by Tom Smith of Digital Equipment Corp.
UnixWare 2.x: compile warnings on offsetof macro. Problem
noted by Tom Good of the Community Access Information
Resource Network
SCO 4.2: compile problems caused by a change in the type of
the "length" parameters passed to accept, getpeername,
getsockname, and getsockopt. Adds new compile flags
SOCKADDR_SIZE_T and SOCKOPT_SIZE_T. Problem reported
by Tom Good of St. Vincent's North Richmond Community
Mental Health Center Residential Services.
AIX 4: Use size_t for SOCKADDR_SIZE_T and SOCKOPT_SIZE_T.
Suggested by Brett Hogden of Rochester Gas & Electric
Corp.
Linux: avoid compile problem for versions of <setjmp.h> that
#define both setjmp and longjmp. Problem pointed out
by J.R. Oldroyd of TerraNet.
CONFIG: SCO UnixWare 2.1: Support for OSTYPE(sco-uw-2.1)
from Christopher Durham of SCO.
CONFIG: NEXTSTEP: define confCW_FILE to
/etc/sendmail/sendmail.cw to match the usual
configuration. Patch from Dennis Glatting of
PlainTalk.
CONFIG: MAILER(fax) called a program that hasn't existed for a long
time. Convert to use the HylaFAX 4.0 conventions. Suggested
by Harry Styron.
CONFIG: Improve sample anti-spam rulesets in cf/cf/knecht.mc. These
are the rulesets in use on sendmail.org.
MAKEMAP: give error on GDBM files.
MAIL.LOCAL: Make error messages a bit more explicit, for example,
telling more details on what actually changed when "file
changed after open".
CONTRIB: etrn.pl: Ignore comments in Fw files. Support multiple Fw
files.
CONTRIB: passwd-to-alias.pl: Handle 8 bit characters and '-'.
NEW FILES:
src/Makefiles/Makefile.OpenBSD
src/Makefiles/Makefile.RISCos.4_0
test/t_exclopen.c
cf/ostype/sco-uw-2.1.m4
DELETED FILES:
Makefile
8.8.6/8.8.6 97/06/14
*************************************************************
* The extensive assistance of Gregory Neil Shapiro of WPI *
@ -303,7 +455,6 @@ summary of the changes in that release.
cf/ostype/gnuhurd.m4
cf/ostype/irix6.m4
contrib/passwd-to-alias.pl
test/t_exclopen.c
src/Makefiles/Makefile.IRIX64.6.1
src/Makefiles/Makefile.IRIX64.6.x
RENAMED FILES:

135
usr.sbin/sendmail/cf/README
View File

@ -4,7 +4,7 @@
Eric Allman <eric@CS.Berkeley.EDU>
@(#)README 8.120 (Berkeley) 6/14/97
@(#)README 8.122 (Berkeley) 7/6/97
This document describes the sendmail configuration files being used
@ -443,8 +443,8 @@ usenet Usenet (network news) delivery. If this is specified,
and may be considered a security problem.
fax Facsimile transmission. This is experimental and based
on Sam Leffler's FlexFAX software. For more information,
see below.
on Sam Leffler's HylaFAX software. For more information,
see http://www.vix.com/hylafax/.
pop Post Office Protocol.
@ -1297,133 +1297,6 @@ In general, file giveaways are a mistake -- if you can turn them
off I recommend you do so.
+------------------+
| FlexFAX SOFTWARE |
+------------------+
Sam Leffler's FlexFAX software is still in beta test -- but he expects a
public version out "later this week" [as of 3/1/93]. The following
blurb is direct from Sam:
$Header: /usr/people/sam/fax/RCS/HOWTO,v 1.14 93/05/24 11:42:16 sam Exp $
How To Obtain This Software (in case all you get is this file)
--------------------------------------------------------------
The source code is available for public ftp on
sgi.com sgi/fax/v2.1.src.tar.Z
(192.48.153.1)
You can also obtain inst'able images for Silicon Graphics machines from
sgi.com sgi/fax/v2.1.inst.tar
(192.48.153.1)
For example,
% ftp -n sgi.com
....
ftp> user anonymous
... <type in password>
ftp> cd sgi/fax
ftp> binary
ftp> get v2.1.src.tar.Z
In general, the latest version of the 2.1 release of the software is
always available as "v2.1.src.tar.Z" or "v2.1.inst.tar" in the ftp
directory. This file is a link to the appropriate released version (so
don't waste your time retrieving the linked file as well!) Any files of
the form v2.1.*.patch are shell scripts that can be used to patch older
versions of the source code. For example, the file v2.1.0.patch would
contain patches to update v2.1.0.tar.Z. (Note to beta testers: this is
different than the naming conventions used during beta testing.) Patch
files only work to go between consecutive versions, so if you are
multiple versions behind the latest release, you will need to apply
each patch file between your current version and the latest.
Obtaining the Software by Electronic Mail
-----------------------------------------
Do not send me requests for the software; they will be ignored (without
response). If you cannot use FTP at all, there is a service called
"ftpmail" available from gatekeeper.dec.com: you can send e-mail to
this machine and it will use FTP to retrieve files for you and send you
the files back again via e-mail. To find out more about the ftpmail
service, send a message to "ftpmail@gatekeeper.dec.com" whose body
consists of the single line "help".
Obtaining the Software Within Silicon Graphics
----------------------------------------------
Internal to Silicon Graphics there are inst'able images on the host
flake.asd in the directory /usr/dist. Thus you can do something like:
% inst -f flake.asd.sgi.com:/usr/dist/flexfax
to install the latest version of the software on your machine.
What to do Once You've Retrieved Stuff
--------------------------------------
The external distributions come in a compressed or uncompressed tar
file. To extract the source distribution:
% zcat v2.1.src.tar.Z | tar xf -
(uncompress and extract individual files in current directory). To
unpack and install the client portion of the inst'able distribution:
% mkdir dist
% cd dist; tar xf ../v2.1.inst.tar; cd ..
% inst -f dist/flexfax
...
inst> go
(Note, the dist subdirectory is because some versions of inst fail if
the files are in the current directory.) Server binaries are also
included in the inst'able images as flexfax.server.*. They are not
installed by default, so to get them also you need to do:
% inst -f flexfax
...
inst> install flexfax.server.*
inst> go
The SGI binaries were built for Version 4.0.5H of the IRIX operating
system. They should work w/o problem on earlier versions of the
system, but I have not fully tested this. Also, note that to install a
server on an SGI machine, you need to have installed the Display
PostScript execution environment product (dps_eoe). Otherwise, the fax
server will not be able to convert PostScript to facsimile for
transmission.
If you are working from the source distribution, look at the file
README in the top of the source tree. If you are working from the inst
images, the subsystem flexfax.man.readme contains the README file and
other useful pieces of information--the installed files are placed in
the directory /usr/local/doc/flexfax). Basically you will need to run
the faxaddmodem script to setup and configure your fax modem. Consult
the README file and the manual page for faxaddmodem for information.
FlexFAX Mail List
-----------------
A mailing list for users of this software is located on sgi.com.
If you want to join this mailing list or have a list-related request
such as getting your name removed from it, send a request to
majordomo@whizzer.wpd.sgi.com
For example, to subscribe, send the line "subscribe flexfax" in
the body of your message. The line "help" will return a list of
the commands understood by the mailing list management software.
Submissions (including bug reports) should be directed to:
flexfax@sgi.com
When corresponding about this software please always specify what
version you have, what system you're running on, and, if the problem is
specific to your modem, identify the modem and firmware revision.
+--------------------------------+
| TWEAKING CONFIGURATION OPTIONS |
+--------------------------------+
@ -1905,7 +1778,7 @@ MAILERS
1 [e]smtp, relay SMTP channel
2 uucp-* UNIX-to-UNIX Copy Program
3 netnews Network News delivery
4 fax Sam Leffler's FlexFAX software
4 fax Sam Leffler's HylaFAX software
5 mail11 DECnet mailer

67
usr.sbin/sendmail/cf/cf/knecht.mc
View File

@ -38,9 +38,10 @@ divert(-1)
#
divert(0)dnl
VERSIONID(`@(#)knecht.mc 8.11 (Berkeley) 6/12/97')
VERSIONID(`@(#)knecht.mc 8.13 (Berkeley) 7/7/97')
OSTYPE(bsd4.4)dnl
DOMAIN(generic)dnl
define(`confFORWARD_PATH', `$z/.forward.$w:$z/.forward+$h:$z/.forward')dnl
define(`confDEF_USER_ID', `mailnull')dnl
define(`confHOST_STATUS_DIRECTORY', `.hoststat')dnl
define(`confTO_ICONNECT', `10s')dnl
@ -61,23 +62,71 @@ Kdomaincheck hash -o /etc/domaincheck
LOCAL_RULESETS
# reject bogus return addresses
######################################################################
### LookUpDomain -- search for domain in domaincheck database
###
### Parameters:
### <$1> -- key (domain name)
### <$2> -- default (what to return if not found in db)
### <$3> -- passthru (additional data passed through)
######################################################################
SLookUpDomain
R<$+> <$+> <$*> $: < $( domaincheck $1 $: ? $) > <$1> <$2> <$3>
R<OK> <$+> <$+> <$*> $@ <OK> < $3 >
R<?> <$+.$+> <$+> <$*> $@ $>LookUpDomain <. $2> <$3> <$4>
R<?> <$+> <$+> <$*> $@ <$2> <$3>
R<$+> $* $#error $: $1
######################################################################
### LookUpAddress -- search for host address in domaincheck database
###
### Parameters:
### <$1> -- key (dot quadded host address)
### <$2> -- default (what to return if not found in db)
### <$3> -- passthru (additional data passed through)
######################################################################
SLookUpAddress
R<$+> <$+> <$*> $: < $( domaincheck $1 $: ? $) > <$1> <$2> <$3>
R<OK> <$+> <$+> <$*> $@ <OK> < $3 >
R<?> <$+.$-> <$+> <$*> $@ $>LookUpAddress <$1> <$3> <$4>
R<?> <$+> <$+> <$*> $@ <$2> <$3>
R<$+> $* $#error $: $1
######################################################################
### check_relay
######################################################################
Scheck_relay
R$+ $| $+ $: $>LookUpDomain < $1 > <?> < $2 >
R<?> < $+ > $: $>LookUpAddress < $1 > <OK> <>
######################################################################
### check_mail
######################################################################
Scheck_mail
R<> $@ <OK>
R$* $: <?> $>Parse0 $>3 $1 make domain canonical
R<?> $* < @ $+ . > $* $: < $( domaincheck $2 $: OK $) > $1 < @ $2 . > $3
tag resolved names
R<?> $* < @ $+ > $* $: < $( domaincheck $2 $: ? $) > $1 < @ $2 > $3
check for overrides
R<?> $* < @ $+ . > $* $: <OK> $1 < @ $2 > $3 pick default tag
R<?> $* < @ $+ > $* $: <FAIL> $1 < @ $2 > $3 ... OK or FAIL
R<$+> $* < @ $+ > $* $: $>LookUpDomain <$3> <$1> <>
R<OK> $* $@ <OK>
R<?> $* < @ $+ > $* $#error $: 451 Sender domain must resolve
R<?> $* $: < ? $&{client_name} > $1 no @domain on address...
R<FAIL> $* $#error $: 451 Sender domain must resolve
# handle case of no @domain on address
R<?> $* $: < ? $&{client_name} > $1
R<?> $* $@ <OK> ...local unqualed ok
R<? $+> $* $#error $: 551 Domain name required
...remote is not
R<$+> $* $#error $: $1 error from domaincheck
# disallow relaying
######################################################################
### check_rcpt
######################################################################
Scheck_rcpt
# anything terminating locally is ok
R$* $: $>Parse0 $>3 $1 strip local crud

6
usr.sbin/sendmail/cf/m4/proto.m4
View File

@ -34,7 +34,7 @@ divert(-1)
#
divert(0)
VERSIONID(`@(#)proto.m4 8.149 (Berkeley) 4/30/97')
VERSIONID(`@(#)proto.m4 8.151 (Berkeley) 7/31/97')
MAILER(local)dnl
@ -871,7 +871,9 @@ S93
# handle generics database
define(`X', ifdef(`GENERICS_TABLE', `', `#'))dnl
X`'R$+ < @ $=G . > $: < $1@$2 > $1 < @ $2 . > @ mark
ifdef(`_GENERICS_ENTIRE_DOMAIN_',
`X`'R$+ < @ $* $=G . > $: < $1@$2$3 > $1 < @ $2$3 . > @ mark',
`X`'R$+ < @ $=G . > $: < $1@$2 > $1 < @ $2 . > @ mark')
X`'R$+ < @ *LOCAL* > $: < $1@$j > $1 < @ *LOCAL* > @ mark
X`'R< $+ > $+ < $* > @ $: < $(generics $1 $: $) > $2 < $3 >
X`'R< > $+ < @ $+ > $: < $(generics $1 $: $) > $1 < @ $2 >

4
usr.sbin/sendmail/cf/m4/version.m4
View File

@ -32,8 +32,8 @@ divert(-1)
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
#
VERSIONID(`@(#)version.m4 8.8.6.1 (Berkeley) 6/14/97')
VERSIONID(`@(#)version.m4 8.8.7.1 (Berkeley) 8/1/97')
#
divert(0)
# Configuration version number
DZ8.8.6`'ifdef(`confCF_VERSION', `/confCF_VERSION')
DZ8.8.7`'ifdef(`confCF_VERSION', `/confCF_VERSION')

10
usr.sbin/sendmail/cf/mailer/fax.m4
View File

@ -4,7 +4,9 @@ PUSHDIVERT(-1)
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
#
# This assumes you already have Sam Leffler's FAX software.
# This assumes you already have Sam Leffler's HylaFAX software.
#
# Tested with HylaFAX 4.0pl1
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
@ -36,9 +38,9 @@ PUSHDIVERT(-1)
#
ifdef(`FAX_MAILER_ARGS',,
`define(`FAX_MAILER_ARGS', mailfax $u $h $f)')
`define(`FAX_MAILER_ARGS', faxmail -d $u@$h $f)')
ifdef(`FAX_MAILER_PATH',,
`define(`FAX_MAILER_PATH', /usr/local/lib/fax/mailfax)')
`define(`FAX_MAILER_PATH', /usr/local/bin/faxmail)')
ifdef(`FAX_MAILER_MAX',,
`define(`FAX_MAILER_MAX', 100000)')
POPDIVERT
@ -46,7 +48,7 @@ POPDIVERT
### FAX Mailer specification ###
####################################
VERSIONID(`@(#)fax.m4 8.5 (Berkeley) 5/10/96')
VERSIONID(`@(#)fax.m4 8.6 (Berkeley) 7/6/97')
Mfax, P=FAX_MAILER_PATH, F=DFMhu, S=14, R=24, M=FAX_MAILER_MAX, T=X-Phone/X-FAX/X-Unix,
A=FAX_MAILER_ARGS

3
usr.sbin/sendmail/cf/ostype/nextstep.m4
View File

@ -34,8 +34,9 @@ divert(-1)
#
divert(0)
VERSIONID(`@(#)nextstep.m4 8.7 (Berkeley) 9/25/96')
VERSIONID(`@(#)nextstep.m4 8.8 (Berkeley) 6/18/97')
define(`ALIAS_FILE', /etc/sendmail/aliases)dnl
define(`confCW_FILE', /etc/sendmail/sendmail.cw)dnl
ifdef(`HELP_FILE',, `define(`HELP_FILE', /usr/lib/sendmail.hf)')dnl
ifdef(`STATUS_FILE',, `define(`STATUS_FILE', /etc/sendmail/sendmail.st)')dnl
ifdef(`UUCP_MAILER_PATH',, `define(`UUCP_MAILER_PATH', /usr/bin/uux)')dnl

16
usr.sbin/sendmail/cf/ostype/sco-uw-2.1.m4 Normal file
View File

@ -0,0 +1,16 @@
#
# SCO UnixWare 2.1.2 ostype file
#
# Contributed by Christopher Durham <chrisdu@SCO.COM> of SCO.
#
divert(0)
VERSIONID(`@(#)sco-uw-2.1.m4 8.1 (Berkeley) 7/6/97')
define(`ALIAS_FILE', /usr/lib/mail/aliases)dnl
ifdef(`HELP_FILE',,`define(`HELP_FILE', /usr/ucblib/sendmail.hf)')dnl
ifdef(`STATUS_FILE',,`define(`STATUS_FILE', /usr/ucblib/sendmail.st)')dnl
define(`LOCAL_MAILER_PATH', `/usr/bin/rmail')dnl
define(`LOCAL_MAILER_FLAGS', `fhCEn9')dnl
define(`LOCAL_SHELL_FLAGS', `ehuP')dnl
define(`UUCP_MAILER_ARGS', `uux - -r -a$g -gmedium $h!rmail ($u)')dnl
define(`LOCAL_MAILER_ARGS',`rmail $u')dnl

12
usr.sbin/sendmail/contrib/etrn.pl
View File

@ -70,6 +70,7 @@ $debug = $opt_d;
$server = shift(@ARGV);
@hosts = @ARGV;
die $usage unless $server;
@cwfiles = ();
if (!@hosts) {
push(@hosts,$hostname);
@ -82,6 +83,12 @@ if (!@hosts) {
chop($cwfile);
$optional = /^Fw-o/;
$cwfile =~ s,^Fw[^/]*,,; # extract the file name
if (-r $cwfile) {
push (@cwfiles, $cwfile);
} else {
die "$cwfile is not readable" unless $optional;
}
}
if (/^Cw(.*)$/){ # look for a line starting with "Cw"
@cws = split (' ', $1);
@ -93,17 +100,18 @@ if (!@hosts) {
}
close(CF);
if ($cwfile){
for $cwfile (@cwfiles) {
$0 = "$av0 - reading $cwfile";
if (open(CW, "<$cwfile")){
while (<CW>){
next if /^\#/;
$thishost = $_;
chop($thishost);
push(@hosts, $thishost) unless $thishost =~ $hostname;
}
close(CW);
} else {
die "open $cwfile: $!" unless $optional;
die "open $cwfile: $!";
}
}
}

4
usr.sbin/sendmail/contrib/passwd-to-alias.pl
View File

@ -18,7 +18,9 @@ while (@a = getpwent) {
}
$fullname =~ s/\.*[ _]+\.*/./g;
if ($fullname =~ /^[a-zA-Z]+(\.[a-zA-Z]+)+$/) {
$fullname =~ tr [ĺäöĹÄÖé] [aaoAAOe]; # <hakan@af.lu.se> 1997-06-15
if ($fullname =~ /^[a-zA-Z][a-zA-Z-]+(\.[a-zA-Z][a-zA-Z-]+)+$/) {
# if ($fullname =~ /^[a-zA-Z]+(\.[a-zA-Z]+)+$/) { # Kari E. Hurtta
print "$fullname: $name\n";
} else {
print "# $fullname: $name\n";

34
usr.sbin/sendmail/doc/op/op.me
View File

@ -30,7 +30,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" @(#)op.me 8.104 (Berkeley) 3/10/97
.\" @(#)op.me 8.105 (Berkeley) 7/3/97
.\"
.\" eqn op.me | pic | troff -me
.eh 'SMM:08-%''Sendmail Installation and Operation Guide'
@ -67,7 +67,7 @@
Eric Allman
eric@Sendmail.ORG
.sp
Version 8.104
Version 8.105
.sp
For Sendmail Version 8.8
.)l
@ -675,7 +675,7 @@ routines preset the mode reasonably,
so this step can be skipped.
The actual path of this file
is defined in the
.b A
.b AliasFile
option of the
.i sendmail.cf
file.
@ -1179,6 +1179,32 @@ and the other system routines that would be necessary
to make this work seamlessly.
.sh 2 "The Alias Database"
.pp
After recipient addresses are read from the SMTP connection
or command line
they are parsed by ruleset 0,
which must resolve to a
{\c
.i mailer ,
.i host ,
.i user }
triple.
If the flags selected by the
.i mailer
includes the
.b A
(aliasable) flag,
the
.i user
part of the triple is looked up as the key
(i.e., the left hand side)
into the alias database
If there is a match, the address is deleted from the send queue
and all addresses on the right hand side of the alias
are added in place of the alias that was found.
This is a recursive operation,
so aliases found in the right hand side of the alias
are similarly expanded.
.pp
The alias database exists in two forms.
One is a text form,
maintained in the file
@ -8159,7 +8185,7 @@ replace it with a blank sheet for double-sided output.
.\".sz 10
.\"Eric Allman
.\".sp
.\"Version 8.104
.\"Version 8.105
.\".ce 0
.bp 3
.ce

39
usr.sbin/sendmail/mail.local/mail.local.c
View File

@ -38,7 +38,7 @@ static char copyright[] =
#endif /* not lint */
#ifndef lint
static char sccsid[] = "@(#)mail.local.c 8.39 (Berkeley) 5/28/97";
static char sccsid[] = "@(#)mail.local.c 8.43 (Berkeley) 8/2/97";
#endif /* not lint */
/*
@ -143,24 +143,24 @@ static char sccsid[] = "@(#)mail.local.c 8.39 (Berkeley) 5/28/97";
# endif
#endif
#ifndef BSD4_4
#ifdef BSD4_4
# define HAS_ST_GEN 1
#else
# define _BSD_VA_LIST_ va_list
#endif
#if defined(BSD4_4) || defined(linux)
# define HASSNPRINTF 1
#else
extern char *strerror __P((int));
extern int snprintf __P((char *, size_t, const char *, ...));
extern FILE *fdopen __P((int, const char *));
#endif
#if SOLARIS >= 20600 || (SOLARIS < 10000 && SOLARIS >= 206)
# define HASSNPRINTF 1 /* has snprintf starting in 2.6 */
#endif
#if !defined(BSD4_4) && !defined(linux)
extern char *strerror __P((int));
extern int snprintf __P((char *, size_t, const char *, ...));
extern FILE *fdopen __P((int, const char *));
#endif
/*
* If you don't have setreuid, and you have saved uids, and you have
* a seteuid() call that doesn't try to emulate using setuid(), then
@ -387,7 +387,11 @@ deliver(fd, name)
mbfd = open(path,
O_APPEND|O_CREAT|O_EXCL|O_WRONLY, S_IRUSR|S_IWUSR);
if (lstat(path, &sb) < 0)
goto filechanged;
{
eval = EX_CANTCREAT;
warn("%s: lstat: file changed after open", path);
goto err1;
}
else
sb.st_uid = pw->pw_uid;
if (mbfd == -1) {
@ -415,12 +419,17 @@ deliver(fd, name)
warn("%s: %s", path, strerror(errno));
goto err0;
} else if (fstat(mbfd, &fsb) < 0 ||
fsb.st_nlink != 1 || sb.st_nlink != 1 ||
!S_ISREG(fsb.st_mode) || sb.st_dev != fsb.st_dev ||
sb.st_ino != fsb.st_ino || sb.st_uid != fsb.st_uid) {
filechanged:
eval = EX_CANTCREAT;
warn("%s: file changed after open", path);
fsb.st_nlink != 1 ||
sb.st_nlink != 1 ||
!S_ISREG(fsb.st_mode) ||
sb.st_dev != fsb.st_dev ||
sb.st_ino != fsb.st_ino ||
#if HAS_ST_GEN && 0 /* AFS returns random values for st_gen */
sb.st_gen != fsb.st_gen ||
#endif
sb.st_uid != fsb.st_uid) {
eval = EX_TEMPFAIL;
warn("%s: fstat: file changed after open", path);
goto err1;
}

4
usr.sbin/sendmail/makemap/makemap.8
View File

@ -29,7 +29,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" @(#)makemap.8 8.3 (Berkeley) 7/24/94
.\" @(#)makemap.8 8.4 (Berkeley) 7/23/97
.\"
.Dd November 16, 1992
.Dt MAKEMAP 8
@ -89,7 +89,7 @@ the second is the value.
The value may contain
``%\fIn\fP''
strings to indicated parameter substitution.
Literal parentheses should be doubled
Literal percents should be doubled
(``%%'').
Blank lines and lines beginning with ``#'' are ignored.
.Ss Flags

27
usr.sbin/sendmail/makemap/makemap.c
View File

@ -33,7 +33,7 @@
*/
#ifndef lint
static char sccsid[] = "@(#)makemap.c 8.35 (Berkeley) 6/10/97";
static char sccsid[] = "@(#)makemap.c 8.37 (Berkeley) 7/10/97";
#endif /* not lint */
#include <sys/types.h>
@ -137,7 +137,7 @@ main(argc, argv)
RunAsUid = RealUid = getuid();
RunAsGid = RealGid = getgid();
pw = getpwuid(RealUid);
if (pw != NULL)
if (pw != NULL)
{
if (strlen(pw->pw_name) > MAXNAME - 1)
pw->pw_name[MAXNAME] = 0;
@ -314,7 +314,7 @@ main(argc, argv)
if (!notrunc)
sff |= SFF_CREAT;
switch (type)
switch (type)
{
#ifdef NEWDB
case T_BTREE:
@ -328,7 +328,7 @@ main(argc, argv)
strcpy(dbuf, mapname);
if (!ignoresafeties &&
(st = safefile(dbuf, RealUid, RealGid, RealUserName,
sff, S_IWUSR, &std)) != 0)
sff, S_IWUSR, &std)) != 0)
{
fprintf(stderr,
"%s: could not create: %s\n",
@ -346,9 +346,8 @@ main(argc, argv)
exit(EX_USAGE);
}
sprintf(dbuf, "%s.dir", mapname);
if (!ignoresafeties &&
(st = safefile(dbuf, RealUid, RealGid, RealUserName,
sff, S_IWUSR, &std)) != 0)
if ((st = safefile(dbuf, RealUid, RealGid, RealUserName,
sff, S_IWUSR, &std)) != 0 && !ignoresafeties)
{
fprintf(stderr,
"%s: could not create: %s\n",
@ -356,15 +355,21 @@ main(argc, argv)
exit(EX_CANTCREAT);
}
sprintf(pbuf, "%s.pag", mapname);
if (!ignoresafeties &&
(st = safefile(pbuf, RealUid, RealGid, RealUserName,
sff, S_IWUSR, &stp)) != 0)
if ((st = safefile(pbuf, RealUid, RealGid, RealUserName,
sff, S_IWUSR, &stp)) != 0 && !ignoresafeties)
{
fprintf(stderr,
"%s: could not create: %s\n",
pbuf, errstring(st));
exit(EX_CANTCREAT);
}
if (std.st_dev == stp.st_dev && std.st_ino == stp.st_ino)
{
fprintf(stderr,
"%s: cannot run with GDBM\n",
mapname);
exit(EX_CONFIG);
}
break;
#endif
default:
@ -765,7 +770,7 @@ errstring(err)
#if HASSTRERROR
return strerror(err);
#else
if (err < 0 || err > sys_nerr)
if (err < 0 || err > sys_nerr)
{
sprintf(errstr, "Error %d", err);
return errstr;

29
usr.sbin/sendmail/src/READ_ME
View File

@ -30,7 +30,7 @@
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
#
# @(#)READ_ME 8.142 (Berkeley) 6/3/97
# @(#)READ_ME 8.148 (Berkeley) 8/1/97
#
This directory contains the source files for sendmail.
@ -149,7 +149,7 @@ The options are:
NEWDB The new Berkeley DB package. Some systems (e.g., BSD/OS and
Digital UNIX 4.0) have this package pre-installed. If your
system does not have NEWDB installed, get the latest version
from FTP://ftp.sleepycat.com/db/packages/db.1.85.tar.gz.
from http://www.sleepycat.com/packages/db.1.85.tar.gz.
DO NOT use the version from the Net2 distribution. If you are
still running BSD/386 1.x, you will also need to define
OLD_NEWDB.
@ -295,6 +295,8 @@ HASULIMIT Define this if you have the ulimit(2) syscall (System V
HASWAITPID Define this if you have the waitpid(2) syscall.
HASGETDTABLESIZE
Define this if you have the getdtablesize(2) syscall.
HAS_ST_GEN Define this to 1 if your system has the st_gen field in
the stat structure (see stat(2)).
USESTRERROR Define this if you have the libc strerror function (which
should be declared in <errno.h>), and it should be used
instead of sys_errlist.
@ -339,6 +341,12 @@ SLEEP_T The type returned by the system sleep() function.
ARBPTR_T The type of an arbitrary pointer -- defaults to "void *".
If you are an very old compiler you may need to define
this to be "char *".
SOCKADDR_LEN_T The type used for the third parameter to accept(2),
getsockname(2), and getpeername(2), representing the
length of a struct sockaddr. Defaults to int.
SOCKOPT_LEN_T The type used for the fifth parameter to getsockopt(2)
and setsockopt(2), representing the length of the option
buffer. Defaults to int.
LA_TYPE The type of load average your kernel supports. These
can be one of:
LA_ZERO (1) -- it always returns the load average as
@ -457,6 +465,14 @@ SAFENFSPATHCONF Set this to 1 if and only if you have verified that a
assumption! The test/t_pathconf.c program will try this
for you -- you have to run it in a directory that is
mounted from a server that allows file giveaway.
SIOCGIFCONF_IS_BROKEN
Set this if your system has an SIOCGIFCONF ioctl defined,
but it doesn't behave the same way as "most" systems (BSD,
Solaris, SunOS, HP-UX, etc.)
SIOCGIFNUM_IS_BROKEN
Set this if your system has an SIOCGIFNUM ioctl defined,
but it doesn't behave the same way as "most" systems
(Solaris, HP-UX).
@ -633,6 +649,12 @@ GCC 2.7.x problems
problems. I recommend against using -O on that architecture. This
has been seen on FreeBSD 2.0.5 RELEASE.
GDBM GDBM does not work with sendmail 8.8 because the additional
security checks and file locking cause problems. Unfortunately,
gdbm does not provide a compile flag in its version of ndbm.h so
the code can adapt. We expect this to be fixed in 8.9, but
probably at the cost of a new command line compile flag.
Configuration file location
Up to 8.6, sendmail tried to find the sendmail.cf file in the same
place as the vendors had put it, even when this was obviously
@ -960,6 +982,7 @@ A/UX
then re-compile sendmail with "-lgdbm", "-DNDBM", and using the
ndbm.h header file that comes with the gnu-package. This makes
things behave properly.
[NOTE: see comment above about GDBM]
I suppose porting the New Berkeley db package is another route,
however, I made a quick attempt at it, and found it difficult
@ -1416,4 +1439,4 @@ version.c The version number and information about this
Eric Allman
(Version 8.142, last update 6/3/97 11:34:09)
(Version 8.148, last update 8/1/97 16:41:54)

3
usr.sbin/sendmail/src/TRACEFLAGS
View File

@ -55,6 +55,9 @@
44 safefile.c safefile, safedirpath, filechanged
45 envelope.c setsender
46 envelope.c openxscript
47 main.c drop_privileges
48 parseaddr.c rscheck
48 conf.c validate_connection
49 conf.c checkcompat
50 envelope.c dropenvelope
51 queue.c unlockqueue

7
usr.sbin/sendmail/src/collect.c
View File

@ -33,7 +33,7 @@
*/
#ifndef lint
static char sccsid[] = "@(#)collect.c 8.69 (Berkeley) 5/29/97";
static char sccsid[] = "@(#)collect.c 8.71 (Berkeley) 6/30/97";
#endif /* not lint */
# include <errno.h>
@ -427,7 +427,8 @@ collect(fp, smtpmode, hdrp, e)
return;
if (tf != NULL &&
(fflush(tf) != 0 || ferror(tf) || fsync(fileno(tf)) < 0 ||
(fflush(tf) != 0 || ferror(tf) ||
(SuperSafe && fsync(fileno(tf)) < 0) ||
fclose(tf) < 0))
{
tferror(tf, e);
@ -541,7 +542,7 @@ collect(fp, smtpmode, hdrp, e)
break;
case NRA_ADD_BCC:
addheader("Bcc", "", &e->e_header);
addheader("Bcc", " ", &e->e_header);
break;
case NRA_ADD_TO_UNDISCLOSED:

55
usr.sbin/sendmail/src/conf.c
View File

@ -33,7 +33,7 @@
*/
#ifndef lint
static char sccsid[] = "@(#)conf.c 8.362 (Berkeley) 6/14/97";
static char sccsid[] = "@(#)conf.c 8.374 (Berkeley) 8/2/97";
#endif /* not lint */
# include "sendmail.h"
@ -177,6 +177,10 @@ int DtableSize = 50; /* max open files; reset in 4.2bsd */
#define HOURS * 60 MINUTES
#define DAYS * 24 HOURS
#ifndef _PATH_VARTMP
# define _PATH_VARTMP "/usr/tmp/"
#endif
#ifndef MAXRULERECURSION
# define MAXRULERECURSION 50 /* max ruleset recursion depth */
#endif
@ -186,6 +190,7 @@ setdefaults(e)
register ENVELOPE *e;
{
int i;
char buf[MAXNAME];
extern void inittimeouts();
extern void setdefuser();
extern void setupmaps();
@ -233,7 +238,12 @@ setdefaults(e)
MaxAliasRecursion = 10;
MaxMacroRecursion = 10;
ColonOkInAddr = TRUE;
DontLockReadFiles = TRUE;
DoubleBounceAddr = "postmaster";
snprintf(buf, sizeof buf, "%s%sdead.letter",
_PATH_VARTMP,
_PATH_VARTMP[sizeof _PATH_VARTMP - 2] == '/' ? "" : "/");
DeadLetterDrop = newstr(buf);
setdefuser();
setupmaps();
setupmailers();
@ -412,6 +422,13 @@ setupmaps()
MAPDEF("null", NULL, MCF_ALIASOK|MCF_OPTFILE,
map_parseargs, null_map_open, null_map_close,
null_map_lookup, null_map_store);
#if _FFR_SYSLOG_MAP
/* syslog map -- logs information to syslog */
MAPDEF("syslog", NULL, 0,
syslog_map_parseargs, null_map_open, null_map_close,
syslog_map_lookup, null_map_store);
#endif
}
#undef MAPDEF
@ -3826,8 +3843,8 @@ chownsafe(fd, safedir)
int fd;
bool safedir;
{
#if !defined(_POSIX_CHOWN_RESTRICTED) || _POSIX_CHOWN_RESTRICTED != -1
# if defined(_PC_CHOWN_RESTRICTED)
#if (!defined(_POSIX_CHOWN_RESTRICTED) || _POSIX_CHOWN_RESTRICTED != -1) && \
defined(_PC_CHOWN_RESTRICTED)
int rval;
/* give the system administrator a chance to override */
@ -3842,11 +3859,10 @@ chownsafe(fd, safedir)
errno = 0;
rval = fpathconf(fd, _PC_CHOWN_RESTRICTED);
# if SAFENFSPATHCONF
# if SAFENFSPATHCONF
return errno == 0 && rval IS_SAFE_CHOWN;
# else
# else
return safedir && errno == 0 && rval IS_SAFE_CHOWN;
# endif
# endif
#else
return ChownAlwaysSafe;
@ -3985,7 +4001,7 @@ vendor_pre_defaults(e)
/* OTHERUID is defined in shares.h, do not be alarmed */
DefShareUid = OTHERUID;
#endif
#ifdef SUN_EXTENSIONS
#if defined(SUN_EXTENSIONS) && defined(SUN_DEFAULT_VALUES)
sun_pre_defaults(e);
#endif
#ifdef apollo
@ -4000,7 +4016,7 @@ void
vendor_post_defaults(e)
ENVELOPE *e;
{
#ifdef SUN_EXTENSIONS
#if defined(SUN_EXTENSIONS) && defined(SUN_DEFAULT_VALUES)
sun_post_defaults(e);
#endif
}
@ -4080,12 +4096,22 @@ validate_connection(sap, hostname, e)
char *hostname;
ENVELOPE *e;
{
if (tTd(48, 3))
printf("validate_connection(%s, %s)\n",
hostname, anynet_ntoa(sap));
if (rscheck("check_relay", hostname, anynet_ntoa(sap), e) != EX_OK)
{
if (tTd(48, 4))
printf(" ... validate_connection: BAD (rscheck)\n");
return FALSE;
}
#if TCPWRAPPERS
if (!hosts_ctl("sendmail", hostname, anynet_ntoa(sap), STRING_UNKNOWN))
{
if (tTd(48, 4))
printf(" ... validate_connection: BAD (tcpwrappers)\n");
if (LogLevel >= 4)
sm_syslog(LOG_NOTICE, NOQID,
"tcpwrappers (%s, %s) rejection",
@ -4093,6 +4119,8 @@ validate_connection(sap, hostname, e)
return FALSE;
}
#endif
if (tTd(48, 4))
printf(" ... validate_connection: OK\n");
return TRUE;
}
@ -4466,7 +4494,7 @@ load_if_names()
return;
/* get the list of known IP address from the kernel */
# ifdef SIOCGIFNUM
# if defined(SIOCGIFNUM) && !SIOCGIFNUM_IS_BROKEN
if (ioctl(s, SIOCGIFNUM, (char *) &numifs) < 0)
{
/* can't get number of interfaces -- fall back */
@ -4971,6 +4999,9 @@ char *OsCompileOptions[] =
#if HASSNPRINTF
"HASSNPRINTF",
#endif
#if HAS_ST_GEN
"HAS_ST_GEN",
#endif
#if HASSTRERROR
"HASSTRERROR",
#endif
@ -4992,6 +5023,9 @@ char *OsCompileOptions[] =
#if IP_SRCROUTE
"IP_SRCROUTE",
#endif
#if O_EXLOCK && HASFLOCK && !BOGUS_O_EXCL
"LOCK_ON_OPEN",
#endif
#if NEEDFSYNC
"NEEDFSYNC",
#endif
@ -5013,6 +5047,9 @@ char *OsCompileOptions[] =
#if SIOCGIFCONF_IS_BROKEN
"SIOCGIFCONF_IS_BROKEN",
#endif
#if SIOCGIFNUM_IS_BROKEN
"SIOCGIFNUM_IS_BROKEN",
#endif
#if SYS5SETPGRP
"SYS5SETPGRP",
#endif

169
usr.sbin/sendmail/src/conf.h
View File

@ -31,7 +31,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* @(#)conf.h 8.313 (Berkeley) 6/11/97
* @(#)conf.h 8.328 (Berkeley) 8/3/97
*/
/*
@ -192,7 +192,9 @@ struct rusage; /* forward declaration to get gcc to shut up in wait.h */
# ifdef V4FS
/* HP-UX 10.x */
# define _PATH_UNIX "/stand/vmunix"
# define _PATH_VENDOR_CF "/etc/mail/sendmail.cf"
# ifndef _PATH_VENDOR_CF
# define _PATH_VENDOR_CF "/etc/mail/sendmail.cf"
# endif
# ifndef _PATH_SENDMAILPID
# define _PATH_SENDMAILPID "/etc/mail/sendmail.pid"
# endif
@ -203,13 +205,16 @@ struct rusage; /* forward declaration to get gcc to shut up in wait.h */
# else
/* HP-UX 9.x */
# define _PATH_UNIX "/hp-ux"
# define _PATH_VENDOR_CF "/usr/lib/sendmail.cf"
# ifndef _PATH_VENDOR_CF
# define _PATH_VENDOR_CF "/usr/lib/sendmail.cf"
# endif
# ifndef IDENTPROTO
# define IDENTPROTO 0 /* TCP/IP implementation is broken */
# endif
# ifdef __STDC__
extern void hard_syslog(int, char *, ...);
# endif
# define FDSET_CAST (int *) /* cast for fd_set parameters to select */
# endif
#endif
@ -220,10 +225,11 @@ extern void hard_syslog(int, char *, ...);
*/
#ifdef _AIX4
# include <sys/select.h>
# define _AIX3 1 /* pull in AIX3 stuff */
# define USESETEUID 1 /* seteuid(2) works */
# define TZ_TYPE TZ_NAME /* use tzname[] vector */
# define SOCKADDR_LEN_T size_t /* e.g., arg#3 to accept, getsockname */
# define SOCKOPT_LEN_T size_t /* arg#5 to getsockopt */
# if _AIX4 >= 40200
# define HASSETREUID 1 /* setreuid(2) works as of AIX 4.2 */
# endif
@ -237,6 +243,7 @@ extern void hard_syslog(int, char *, ...);
#ifdef _AIX3
# include <paths.h>
# include <sys/machine.h> /* to get byte order */
# include <sys/select.h>
# define HASINITGROUPS 1 /* has initgroups(3) call */
# define HASUNAME 1 /* use System V uname(2) system call */
# define HASGETUSERSHELL 0 /* does not have getusershell(3) call */
@ -398,7 +405,9 @@ typedef int pid_t;
# ifndef _PATH_UNIX
# define _PATH_UNIX "/dev/ksyms"
# endif
# define _PATH_VENDOR_CF "/etc/mail/sendmail.cf"
# ifndef _PATH_VENDOR_CF
# define _PATH_VENDOR_CF "/etc/mail/sendmail.cf"
# endif
# ifndef _PATH_SENDMAILPID
# define _PATH_SENDMAILPID "/etc/mail/sendmail.pid"
# endif
@ -435,6 +444,7 @@ typedef int pid_t;
# endif
# define SFS_TYPE SFS_VFS /* use <sys/vfs.h> statfs() implementation */
# define TZ_TYPE TZ_TM_ZONE /* use tm->tm_zone */
# include <memory.h>
# include <vfork.h>
# ifdef SUNOS403
@ -585,12 +595,15 @@ extern long dgux_inet_addr();
# define HASINITGROUPS 1 /* has initgroups(3) call */
# define HASFCHMOD 1 /* has fchmod(2) syscall */
# define IP_SRCROUTE 1 /* can check IP source routing */
# define HAS_ST_GEN 1 /* has st_gen field in stat struct */
# ifndef HASFLOCK
# define HASFLOCK 1 /* has flock(2) call */
# endif
# define LA_TYPE LA_ALPHAOSF
# define SFS_TYPE SFS_MOUNT /* use <sys/mount.h> statfs() impl */
# define _PATH_VENDOR_CF "/var/adm/sendmail/sendmail.cf"
# ifndef _PATH_VENDOR_CF
# define _PATH_VENDOR_CF "/var/adm/sendmail/sendmail.cf"
# endif
# ifndef _PATH_SENDMAILPID
# define _PATH_SENDMAILPID "/var/run/sendmail.pid"
# endif
@ -625,10 +638,20 @@ typedef int pid_t;
# undef WEXITSTATUS
# undef WIFEXITED
# endif
# define _PATH_VENDOR_CF "/etc/sendmail/sendmail.cf"
# ifndef _PATH_VENDOR_CF
# define _PATH_VENDOR_CF "/etc/sendmail/sendmail.cf"
# endif
# ifndef _PATH_SENDMAILPID
# define _PATH_SENDMAILPID "/etc/sendmail/sendmail.pid"
# endif
# ifdef TCPWRAPPERS
# ifndef HASUNSETENV
# define HASUNSETENV 1
# endif
# undef NEEDPUTENV
# endif
#endif
@ -645,6 +668,7 @@ typedef int pid_t;
# define HASFCHMOD 1 /* has fchmod(2) syscall */
# define HASSNPRINTF 1 /* has snprintf(3) and vsnprintf(3) */
# define HASSTRERROR 1 /* has strerror(3) */
# define HAS_ST_GEN 1 /* has st_gen field in stat struct */
# include <sys/cdefs.h>
# define ERRLIST_PREDEFINED /* don't declare sys_errlist */
# define BSD4_4_SOCKADDR /* has sa_len */
@ -671,6 +695,7 @@ typedef int pid_t;
# define HASSNPRINTF 1 /* has snprintf(3) and vsnprintf(3) */
# define HASUNAME 1 /* has uname(2) syscall */
# define HASSTRERROR 1 /* has strerror(3) */
# define HAS_ST_GEN 1 /* has st_gen field in stat struct */
# include <sys/cdefs.h>
# define ERRLIST_PREDEFINED /* don't declare sys_errlist */
# define BSD4_4_SOCKADDR /* has sa_len */
@ -713,6 +738,7 @@ typedef int pid_t;
# define HASSNPRINTF 1 /* has snprintf(3) and vsnprintf(3) */
# define HASUNAME 1 /* has uname(2) syscall */
# define HASSTRERROR 1 /* has strerror(3) */
# define HAS_ST_GEN 1 /* has st_gen field in stat struct */
# include <sys/cdefs.h>
# define ERRLIST_PREDEFINED /* don't declare sys_errlist */
# define BSD4_4_SOCKADDR /* has sa_len */
@ -772,7 +798,9 @@ typedef int pid_t;
# undef HASSETVBUF /* don't actually have setvbuf(3) */
# undef WEXITSTATUS
# undef WIFEXITED
# define _PATH_VENDOR_CF "/usr/lib/sendmail.cf"
# ifndef _PATH_VENDOR_CF
# define _PATH_VENDOR_CF "/usr/lib/sendmail.cf"
# endif
# ifndef _PATH_SENDMAILPID
# define _PATH_SENDMAILPID "/etc/sendmail.pid"
# endif
@ -840,7 +868,9 @@ typedef int pid_t;
# ifndef LA_TYPE
# define LA_TYPE LA_FLOAT
# endif
# define _PATH_VENDOR_CF "/usr/lib/sendmail.cf"
# ifndef _PATH_VENDOR_CF
# define _PATH_VENDOR_CF "/usr/lib/sendmail.cf"
# endif
# ifndef IDENTPROTO
# define IDENTPROTO 0 /* TCP/IP implementation is broken */
# endif
@ -884,6 +914,8 @@ extern int errno;
# define LA_TYPE LA_DEVSHORT
# endif
# define _PATH_AVENRUN "/dev/table/avenrun"
# define SOCKADDR_LEN_T size_t /* e.g., arg#3 to accept, getsockname */
# define SOCKOPT_LEN_T size_t /* arg#5 to getsockopt */
#endif
/* SCO UNIX 3.2v4.2/Open Desktop 3.0 */
@ -908,7 +940,9 @@ extern int errno;
# define GID_T gid_t
# define GIDSET_T gid_t
# define _PATH_UNIX "/unix"
# define _PATH_VENDOR_CF "/usr/lib/sendmail.cf"
# ifndef _PATH_VENDOR_CF
# define _PATH_VENDOR_CF "/usr/lib/sendmail.cf"
# endif
# ifndef _PATH_SENDMAILPID
# define _PATH_SENDMAILPID "/etc/sendmail.pid"
# endif
@ -949,7 +983,9 @@ extern int errno;
# define SFS_TYPE SFS_STATFS /* use <sys/statfs.h> statfs() impl */
# define SFS_BAVAIL f_bfree /* alternate field name */
# define _PATH_UNIX "/unix"
# define _PATH_VENDOR_CF "/usr/lib/sendmail.cf"
# ifndef _PATH_VENDOR_CF
# define _PATH_VENDOR_CF "/usr/lib/sendmail.cf"
# endif
# ifndef _PATH_SENDMAILPID
# define _PATH_SENDMAILPID "/etc/sendmail.pid"
# endif
@ -1028,7 +1064,9 @@ extern struct group *getgrnam();
# define IP_SRCROUTE 0 /* Something is broken with getsockopt() */
# define LA_TYPE LA_FLOAT
# define SFS_TYPE SFS_VFS /* use <sys/vfs.h> statfs() implementation */
# define _PATH_VENDOR_CF "/usr/lib/sendmail.cf"
# ifndef _PATH_VENDOR_CF
# define _PATH_VENDOR_CF "/usr/lib/sendmail.cf"
# endif
# ifndef S_IREAD
# define S_IREAD _S_IREAD
# define S_IWRITE _S_IWRITE
@ -1084,13 +1122,22 @@ extern struct group *getgrnam();
extern int errno;
typedef int pid_t;
#define SIGFUNC_DEFINED
#define SIGFUNC_RETURN (0)
#define SIGFUNC_DECL int
# define SIGFUNC_DEFINED
# define SIGFUNC_RETURN (0)
# define SIGFUNC_DECL int
typedef int (*sigfunc_t)();
extern char *getenv();
extern void *malloc();
/* added for RISC/os 4.01...which is dumber than 4.50 */
# ifdef RISCOS_4_0
# ifndef ARBPTR_T
# define ARBPTR_T char *
# endif
# undef HASFLOCK
# define HASFLOCK 0
# endif /* RISCOS_4_0 */
# include <sys/time.h>
#endif
@ -1199,7 +1246,9 @@ extern void *malloc();
# ifndef _PATH_UNIX
# define _PATH_UNIX "/unix" /* should be in <paths.h> */
# endif
# define _PATH_VENDOR_CF "/usr/lib/sendmail.cf"
# ifndef _PATH_VENDOR_CF
# define _PATH_VENDOR_CF "/usr/lib/sendmail.cf"
# endif
# undef WIFEXITED
# undef WEXITSTATUS
#endif
@ -1279,8 +1328,9 @@ typedef int pid_t;
# ifndef _PATH_UNIX
# define _PATH_UNIX "/dynix"
# endif
# define _PATH_VENDOR_CF "/usr/lib/sendmail.cf"
# ifndef _PATH_VENDOR_CF
# define _PATH_VENDOR_CF "/usr/lib/sendmail.cf"
# endif
#endif
@ -1308,7 +1358,9 @@ typedef int pid_t;
# ifndef IDENTPROTO
# define IDENTPROTO 0 /* TCP/IP implementation is broken */
# endif
# define _PATH_VENDOR_CF "/usr/lib/sendmail.cf"
# ifndef _PATH_VENDOR_CF
# define _PATH_VENDOR_CF "/usr/lib/sendmail.cf"
# endif
# ifndef _PATH_SENDMAILPID
# define _PATH_SENDMAILPID "/etc/sendmail.pid"
# endif
@ -1349,7 +1401,9 @@ typedef int pid_t;
# define SFS_TYPE SFS_4ARGS /* four argument statfs() call */
# define SFS_BAVAIL f_bfree /* alternate field name */
# define TZ_TYPE TZ_TZNAME
# define _PATH_VENDOR_CF "/usr/lib/sendmail.cf"
# ifndef _PATH_VENDOR_CF
# define _PATH_VENDOR_CF "/usr/lib/sendmail.cf"
# endif
# ifndef _PATH_SENDMAILPID
# define _PATH_SENDMAILPID "/etc/sendmail.pid"
# endif
@ -1373,6 +1427,7 @@ typedef int pid_t;
#ifdef UNIXWARE2
# define UNIXWARE 1
# define HASSNPRINTF 1 /* has snprintf(3) and vsnprintf(3) */
# undef offsetof /* avoid stddefs.h, sys/sysmacros.h conflict */
#endif
@ -1397,7 +1452,9 @@ typedef int pid_t;
# undef WIFEXITED
# undef WEXITSTATUS
# define _PATH_UNIX "/unix"
# define _PATH_VENDOR_CF "/usr/ucblib/sendmail.cf"
# ifndef _PATH_VENDOR_CF
# define _PATH_VENDOR_CF "/usr/ucblib/sendmail.cf"
# endif
# ifndef _PATH_SENDMAILPID
# define _PATH_SENDMAILPID "/usr/ucblib/sendmail.pid"
# endif
@ -1447,8 +1504,9 @@ typedef int pid_t;
#ifdef NCR_MP_RAS3
# define __svr4__
# define SIOCGIFNUM_IS_BROKEN 1 /* SIOCGIFNUM has non-std interface */
# define SYSLOG_BUFSIZE 1024
# define SPT_TYPE SPT_NONE
# define SPT_TYPE SPT_NONE
#endif
@ -1483,7 +1541,9 @@ typedef int pid_t;
# ifndef _PATH_UNIX
# define _PATH_UNIX "/HI-UX"
# endif
# define _PATH_VENDOR_CF "/usr/lib/sendmail.cf"
# ifndef _PATH_VENDOR_CF
# define _PATH_VENDOR_CF "/usr/lib/sendmail.cf"
# endif
# ifndef IDENTPROTO
# define IDENTPROTO 0 /* TCP/IP implementation is broken */
# endif
@ -1524,7 +1584,9 @@ extern int syslog(int, char *, ...);
# define SFS_TYPE SFS_4ARGS /* use 4-arg statfs() */
# define SFS_BAVAIL f_bfree /* alternate field name */
# define _PATH_UNIX "/unix"
# define _PATH_VENDOR_CF "/usr/lib/sendmail.cf"
# ifndef _PATH_VENDOR_CF
# define _PATH_VENDOR_CF "/usr/lib/sendmail.cf"
# endif
#endif
/*
@ -1594,7 +1656,9 @@ typedef int (*sigfunc_t)();
# define SYSLOG_BUFSIZE 1024
# endif
# define _PATH_UNIX "/stand/unix"
# define _PATH_VENDOR_CF "/etc/mail/sendmail.cf"
# ifndef _PATH_VENDOR_CF
# define _PATH_VENDOR_CF "/etc/mail/sendmail.cf"
# endif
# ifndef _PATH_SENDMAILPID
# define _PATH_SENDMAILPID "/etc/mail/sendmail.pid"
# endif
@ -1643,7 +1707,9 @@ typedef int (*sigfunc_t)();
# define SIGFUNC_DECL int
extern char *getenv();
extern int errno;
# define _PATH_VENDOR_CF "/usr/lib/sendmail.cf"
# ifndef _PATH_VENDOR_CF
# define _PATH_VENDOR_CF "/usr/lib/sendmail.cf"
# endif
#endif
@ -1692,7 +1758,9 @@ extern int errno;
# define HASSNPRINTF 1 /* has snprintf(3) and vsnprintf(3) */
# endif
# define _PATH_UNIX "/stand/unix"
# define _PATH_VENDOR_CF "/usr/ucblib/sendmail.cf"
# ifndef _PATH_VENDOR_CF
# define _PATH_VENDOR_CF "/usr/ucblib/sendmail.cf"
# endif
# ifndef _PATH_SENDMAILPID
# define _PATH_SENDMAILPID "/usr/ucblib/sendmail.pid"
# endif
@ -1755,7 +1823,9 @@ extern int errno;
# ifndef __svr4__
# define __svr4__
# endif
# define _PATH_VENDOR_CF "/etc/mail/sendmail.cf"
# ifndef _PATH_VENDOR_CF
# define _PATH_VENDOR_CF "/etc/mail/sendmail.cf"
# endif
# ifndef _PATH_SENDMAILPID
# define _PATH_SENDMAILPID "/etc/mail/sendmail.pid"
# endif
@ -1950,6 +2020,10 @@ typedef struct msgb mblk_t;
# define USE_SIGLONGJMP 0 /* assume setjmp handles signals properly */
#endif
#ifndef FDSET_CAST
# define FDSET_CAST /* (empty) cast for fd_set arg to select */
#endif
/*
** If no type for argument two of getgroups call is defined, assume
** it's an integer -- unfortunately, there seem to be several choices
@ -1979,6 +2053,14 @@ typedef struct msgb mblk_t;
#ifndef ARGV_T
# define ARGV_T char **
#endif
#ifndef SOCKADDR_LEN_T
# define SOCKADDR_LEN_T int
#endif
#ifndef SOCKOPT_LEN_T
# define SOCKOPT_LEN_T int
#endif
/**********************************************************************
** Remaining definitions should never have to be changed. They are
** primarily to provide back compatibility for older systems -- for
@ -2072,28 +2154,6 @@ typedef struct msgb mblk_t;
extern int h_errno;
#endif
/*
** The size of an IP address -- can't use sizeof because of problems
** on Crays, where everything is 64 bits. This will break if/when
** IP addresses are expanded to eight bytes.
*/
#ifndef INADDRSZ
# define INADDRSZ 4
#endif
/*
** The size of various known types -- for reading network protocols.
** Again, we can't use sizeof because of compiler randomness.
*/
#ifndef INT16SZ
# define INT16SZ 2
#endif
#ifndef INT32SZ
# define INT32SZ 4
#endif
/*
** Do some required dependencies
*/
@ -2252,12 +2312,17 @@ typedef void (*sigfunc_t) __P((int));
*/
#if USE_SIGLONGJMP
/* Silly SCO /usr/include/setjmp.h file has #define setjmp(env) setjmp(env) */
# ifdef jmp_buf
# undef jmp_buf
# endif
# define jmp_buf sigjmp_buf
# ifdef setjmp
# undef setjmp
# endif
# define jmp_buf sigjmp_buf
# define setjmp(env) sigsetjmp(env, 1)
# ifdef longjmp
# undef longjmp
# endif
# define longjmp(env, val) siglongjmp(env, val)
#endif

109
usr.sbin/sendmail/src/daemon.c
View File

@ -37,9 +37,9 @@
#ifndef lint
#ifdef DAEMON
static char sccsid[] = "@(#)daemon.c 8.175 (Berkeley) 6/1/97 (with daemon mode)";
static char sccsid[] = "@(#)daemon.c 8.186 (Berkeley) 8/2/97 (with daemon mode)";
#else
static char sccsid[] = "@(#)daemon.c 8.175 (Berkeley) 6/1/97 (without daemon mode)";
static char sccsid[] = "@(#)daemon.c 8.186 (Berkeley) 8/2/97 (without daemon mode)";
#endif
#endif /* not lint */
@ -130,6 +130,7 @@ getrequests(e)
bool refusingconnections = TRUE;
FILE *pidf;
int socksize;
u_short port;
#if XDEBUG
bool j_has_dot;
#endif
@ -140,11 +141,24 @@ getrequests(e)
** Set up the address for the mailer.
*/
if (DaemonAddr.sin.sin_family == 0)
DaemonAddr.sin.sin_family = AF_INET;
if (DaemonAddr.sin.sin_addr.s_addr == 0)
DaemonAddr.sin.sin_addr.s_addr = INADDR_ANY;
if (DaemonAddr.sin.sin_port == 0)
switch (DaemonAddr.sa.sa_family)
{
case AF_UNSPEC:
DaemonAddr.sa.sa_family = AF_INET;
/* fall through ... */
case AF_INET:
if (DaemonAddr.sin.sin_addr.s_addr == 0)
DaemonAddr.sin.sin_addr.s_addr = INADDR_ANY;
port = DaemonAddr.sin.sin_port;
break;
default:
/* unknown protocol */
port = 0;
break;
}
if (port == 0)
{
register struct servent *sp;
@ -152,10 +166,21 @@ getrequests(e)
if (sp == NULL)
{
syserr("554 service \"smtp\" unknown");
DaemonAddr.sin.sin_port = htons(25);
port = htons(25);
}
else
DaemonAddr.sin.sin_port = sp->s_port;
port = sp->s_port;
}
switch (DaemonAddr.sa.sa_family)
{
case AF_INET:
DaemonAddr.sin.sin_port = port;
break;
default:
/* unknown protocol */
break;
}
/*
@ -171,7 +196,7 @@ getrequests(e)
(void) setsignal(SIGCHLD, reapchild);
/* write the pid to the log file for posterity */
pidf = safefopen(PidFile, O_WRONLY|O_CREAT|O_TRUNC, 0644,
pidf = safefopen(PidFile, O_WRONLY|O_TRUNC, 0644,
SFF_NOLINK|SFF_ROOTOK|SFF_REGONLY|SFF_CREAT);
if (pidf == NULL)
{
@ -206,7 +231,7 @@ getrequests(e)
for (;;)
{
register pid_t pid;
auto int lotherend;
auto SOCKADDR_LEN_T lotherend;
int savederrno;
int pipefd[2];
extern bool refuseconnections();
@ -281,7 +306,8 @@ getrequests(e)
timeout.tv_sec = 60;
timeout.tv_usec = 0;
t = select(DaemonSocket + 1, &readfds, NULL, NULL, &timeout);
t = select(DaemonSocket + 1, FDSET_CAST &readfds,
NULL, NULL, &timeout);
if (DoQueueRun)
(void) runqueue(TRUE, FALSE);
if (t <= 0 || !FD_ISSET(DaemonSocket, &readfds))
@ -972,7 +998,7 @@ makeconnection(host, port, mci, e)
}
else
{
s = socket(AF_INET, SOCK_STREAM, 0);
s = socket(addr.sa.sa_family, SOCK_STREAM, 0);
}
if (s < 0)
{
@ -1176,6 +1202,35 @@ myhostname(hostbuf, size)
return (hp);
}
/*
** ADDRCMP -- compare two host addresses
**
** Parameters:
** hp -- hostent structure for the first address
** ha -- actual first address
** sa -- second address
**
** Returns:
** 0 -- if ha and sa match
** else -- they don't match
*/
int
addrcmp(hp, ha, sa)
struct hostent *hp;
char *ha;
SOCKADDR *sa;
{
switch (sa->sa.sa_family)
{
case AF_INET:
if (hp->h_addrtype == AF_INET)
return bcmp(ha, (char *) &sa->sin.sin_addr, hp->h_length);
break;
}
return -1;
}
/*
** GETAUTHINFO -- get the real host name asociated with a file descriptor
**
** Uses RFC1413 protocol to try to get info from the other end.
@ -1199,10 +1254,10 @@ char *
getauthinfo(fd)
int fd;
{
int falen;
SOCKADDR_LEN_T falen;
register char *volatile p = NULL;
SOCKADDR la;
int lalen;
SOCKADDR_LEN_T lalen;
register struct servent *sp;
volatile int s;
int i;
@ -1239,19 +1294,22 @@ getauthinfo(fd)
/* address is not a socket */
may_be_forged = FALSE;
}
else if (RealHostName[0] == '[')
{
/* have IP address with no forward lookup */
may_be_forged = FALSE;
}
else
{
/* try to match the reverse against the forward lookup */
hp = gethostbyname(RealHostName);
hp = sm_gethostbyname(RealHostName);
if (hp == NULL)
may_be_forged = TRUE;
else
{
for (ha = hp->h_addr_list; *ha != NULL; ha++)
if (bcmp(*ha,
(char *) &RealHostAddr.sin.sin_addr,
hp->h_length) == 0)
if (addrcmp(hp, *ha, &RealHostAddr) == 0)
break;
may_be_forged = *ha == NULL;
}
@ -1412,7 +1470,8 @@ getauthinfo(fd)
if (RealHostAddr.sa.sa_family == AF_INET)
{
int ipoptlen, j;
SOCKOPT_LEN_T ipoptlen;
int j;
u_char *q;
u_char *o;
int l;
@ -1573,6 +1632,14 @@ host_map_lookup(map, name, av, statp)
}
if (*statp != EX_OK)
return NULL;
if (s->s_namecanon.nc_cname == NULL)
{
syserr("host_map_lookup(%s): bogus NULL cache entry, errno = %d, h_errno = %d",
name,
s->s_namecanon.nc_errno,
s->s_namecanon.nc_herrno);
return NULL;
}
if (bitset(MF_MATCHONLY, map->map_mflags))
cp = map_rewrite(map, name, strlen(name), NULL);
else
@ -1959,7 +2026,7 @@ hostnamebyanyaddr(sap)
_res.retry = saveretry;
#endif /* NAMED_BIND */
if (hp != NULL)
if (hp != NULL && hp->h_name[0] != '[')
return (char *) hp->h_name;
else
{

20
usr.sbin/sendmail/src/deliver.c
View File

@ -33,7 +33,7 @@
*/
#ifndef lint
static char sccsid[] = "@(#)deliver.c 8.282 (Berkeley) 6/11/97";
static char sccsid[] = "@(#)deliver.c 8.285 (Berkeley) 8/2/97";
#endif /* not lint */
#include "sendmail.h"
@ -543,7 +543,7 @@ sendall(e, mode)
}
/* be sure to give error messages in child */
QuickAbort = OnlyOneError = FALSE;
QuickAbort = FALSE;
/*
** Close any cached connections.
@ -3105,7 +3105,7 @@ mailfile(filename, ctladdr, sfflags, e)
{
register FILE *f;
register pid_t pid = -1;
int mode;
int mode = ST_MODE_NOFILE;
bool suidwarn = geteuid() == 0;
if (tTd(11, 1))
@ -3153,19 +3153,20 @@ mailfile(filename, ctladdr, sfflags, e)
ExitStat = EX_OK;
#ifdef HASLSTAT
if ((SafeFileEnv != NULL ? lstat(filename, &stb)
: stat(filename, &stb)) < 0)
if (lstat(filename, &stb) < 0)
#else
if (stat(filename, &stb) < 0)
#endif
{
stb.st_mode = FileMode;
stb.st_mode = ST_MODE_NOFILE;
mode = FileMode;
oflags |= O_CREAT|O_EXCL;
}
else if (bitset(0111, stb.st_mode) || stb.st_nlink != 1 ||
(SafeFileEnv != NULL && !S_ISREG(stb.st_mode)))
exit(EX_CANTCREAT);
mode = stb.st_mode;
if (mode == ST_MODE_NOFILE)
mode = stb.st_mode;
/* limit the errors to those actually caused in the child */
errno = 0;
@ -3275,6 +3276,11 @@ mailfile(filename, ctladdr, sfflags, e)
message("554 cannot open: %s", errstring(errno));
exit(EX_CANTCREAT);
}
if (filechanged(filename, fileno(f), &stb, sfflags))
{
message("554 file changed after open");
exit(EX_CANTCREAT);
}
if (fstat(fileno(f), &stb) < 0)
{
message("554 cannot fstat %s", errstring(errno));

9
usr.sbin/sendmail/src/domain.c
View File

@ -36,9 +36,9 @@
#ifndef lint
#if NAMED_BIND
static char sccsid[] = "@(#)domain.c 8.67 (Berkeley) 4/9/97 (with name server)";
static char sccsid[] = "@(#)domain.c 8.68 (Berkeley) 8/2/97 (with name server)";
#else
static char sccsid[] = "@(#)domain.c 8.67 (Berkeley) 4/9/97 (without name server)";
static char sccsid[] = "@(#)domain.c 8.68 (Berkeley) 8/2/97 (without name server)";
#endif
#endif /* not lint */
@ -854,12 +854,15 @@ gethostalias(host)
char *fname;
FILE *fp;
register char *p = NULL;
int sff = SFF_REGONLY;
char buf[MAXLINE];
static char hbuf[MAXDNAME];
if (DontLockReadFiles)
sff |= SFF_NOLOCK;
fname = getenv("HOSTALIASES");
if (fname == NULL ||
(fp = safefopen(fname, O_RDONLY, 0, SFF_REGONLY)) == NULL)
(fp = safefopen(fname, O_RDONLY, 0, sff)) == NULL)
return NULL;
while (fgets(buf, sizeof buf, fp) != NULL)
{

4
usr.sbin/sendmail/src/envelope.c
View File

@ -33,7 +33,7 @@
*/
#ifndef lint
static char sccsid[] = "@(#)envelope.c 8.104 (Berkeley) 6/3/97";
static char sccsid[] = "@(#)envelope.c 8.105 (Berkeley) 6/24/97";
#endif /* not lint */
#include "sendmail.h"
@ -178,7 +178,7 @@ dropenvelope(e, fulldrop)
{
failure_return = TRUE;
if (q->q_owner == NULL && !emptyaddr(&e->e_from))
(void) sendtolist(e->e_from.q_paddr, NULL,
(void) sendtolist(e->e_from.q_paddr, NULLADDR,
&e->e_errorqueue, 0, e);
}
else if (bitset(QPINGONSUCCESS, q->q_flags) &&

32
usr.sbin/sendmail/src/err.c
View File

@ -33,7 +33,7 @@
*/
#ifndef lint
static char sccsid[] = "@(#)err.c 8.62 (Berkeley) 6/5/97";
static char sccsid[] = "@(#)err.c 8.64 (Berkeley) 7/25/97";
#endif /* not lint */
# include "sendmail.h"
@ -112,7 +112,7 @@ syserr(fmt, va_alist)
puterrmsg(MsgBuf);
/* save this message for mailq printing */
if (!panic)
if (!panic && CurEnv != NULL)
{
if (CurEnv->e_message != NULL)
free(CurEnv->e_message);
@ -140,9 +140,10 @@ syserr(fmt, va_alist)
}
if (LogLevel > 0)
sm_syslog(panic ? LOG_ALERT : LOG_CRIT, CurEnv->e_id,
"SYSERR(%s): %.900s",
uname, &MsgBuf[4]);
sm_syslog(panic ? LOG_ALERT : LOG_CRIT,
CurEnv == NULL ? NOQID : CurEnv->e_id,
"SYSERR(%s): %.900s",
uname, &MsgBuf[4]);
switch (olderrno)
{
case EBADF:
@ -178,7 +179,7 @@ syserr(fmt, va_alist)
exit(EX_OSERR);
}
errno = 0;
if (QuickAbort || (OnlyOneError && !HoldErrs))
if (QuickAbort)
longjmp(TopFrame, 2);
}
/*
@ -254,7 +255,7 @@ usrerr(fmt, va_alist)
"%.900s",
&MsgBuf[4]);
if (QuickAbort || (OnlyOneError && !HoldErrs))
if (QuickAbort)
longjmp(TopFrame, 1);
}
/*
@ -397,7 +398,8 @@ putoutmsg(msg, holdmsg, heldmsg)
msg[0] = '4';
/* output to transcript if serious */
if (!heldmsg && CurEnv->e_xfp != NULL && strchr("45", msg[0]) != NULL)
if (!heldmsg && CurEnv != NULL && CurEnv->e_xfp != NULL &&
strchr("45", msg[0]) != NULL)
fprintf(CurEnv->e_xfp, "%s\n", msg);
if (LogLevel >= 15 && (OpMode == MD_SMTP || OpMode == MD_DAEMON))
@ -421,6 +423,9 @@ putoutmsg(msg, holdmsg, heldmsg)
(void) fflush(stdout);
if (OutChannel == NULL)
return;
/* if DisConnected, OutChannel now points to the transcript */
if (!DisConnected &&
(OpMode == MD_SMTP || OpMode == MD_DAEMON || OpMode == MD_ARPAFTP))
@ -441,7 +446,8 @@ putoutmsg(msg, holdmsg, heldmsg)
** rude servers don't read result.
*/
if (feof(InChannel) || ferror(InChannel) || strncmp(msg, "221", 3) == 0)
if (InChannel == NULL || feof(InChannel) || ferror(InChannel) ||
strncmp(msg, "221", 3) == 0)
return;
/* can't call syserr, 'cause we are using MsgBuf */
@ -474,8 +480,16 @@ puterrmsg(msg)
/* output the message as usual */
putoutmsg(msg, HoldErrs, FALSE);
/* be careful about multiple error messages */
if (OnlyOneError)
HoldErrs = TRUE;
/* signal the error */
Errors++;
if (CurEnv == NULL)
return;
if (msgcode == '6')
{
/* notify the postmaster */

5
usr.sbin/sendmail/src/headers.c
View File

@ -33,7 +33,7 @@
*/
#ifndef lint
static char sccsid[] = "@(#)headers.c 8.110 (Berkeley) 6/14/97";
static char sccsid[] = "@(#)headers.c 8.111 (Berkeley) 7/9/97";
#endif /* not lint */
# include <errno.h>
@ -192,7 +192,8 @@ chompheader(line, def, hdrp, e)
printf("no header flags match\n");
else
printf("header match, flags=%x, ruleset=%s\n",
hi->hi_flags, hi->hi_ruleset);
hi->hi_flags,
hi->hi_ruleset == NULL ? "<NULL>" : hi->hi_ruleset);
}
/* see if this is a resent message */

162
usr.sbin/sendmail/src/main.c
View File

@ -39,7 +39,7 @@ static char copyright[] =
#endif /* not lint */
#ifndef lint
static char sccsid[] = "@(#)main.c 8.246 (Berkeley) 6/11/97";
static char sccsid[] = "@(#)main.c 8.249 (Berkeley) 7/25/97";
#endif /* not lint */
#define _DEFINE
@ -93,6 +93,7 @@ ADDRESS NullAddress = /* a null address */
char *CommandLineArgs; /* command line args for pid file */
bool Warn_Q_option = FALSE; /* warn about Q option use */
char **SaveArgv; /* argument vector for re-execing */
int MissingFds = 0; /* bit map of fds missing on startup */
#ifdef NGROUPS_MAX
GIDSET_T InitialGidSet[NGROUPS_MAX];
@ -164,7 +165,6 @@ main(argc, argv, envp)
extern void printqueue __P((void));
extern void sendtoargv __P((char **, ENVELOPE *));
extern void resetlimits __P((void));
extern void drop_privileges __P((void));
/*
** Check to see if we reentered.
@ -185,11 +185,6 @@ main(argc, argv, envp)
/* do machine-dependent initializations */
init_md(argc, argv);
#ifdef SIGUSR1
/* arrange to dump state on user-1 signal */
setsignal(SIGUSR1, sigusr1);
#endif
/* in 4.4BSD, the table can be huge; impose a reasonable limit */
DtableSize = getdtsize();
if (DtableSize > 256)
@ -200,15 +195,9 @@ main(argc, argv, envp)
** But also be sure that 0, 1, & 2 are open.
*/
i = open("/dev/null", O_RDWR, 0);
if (fstat(STDIN_FILENO, &stb) < 0 && errno != EOPNOTSUPP)
(void) dup2(i, STDIN_FILENO);
if (fstat(STDOUT_FILENO, &stb) < 0 && errno != EOPNOTSUPP)
(void) dup2(i, STDOUT_FILENO);
if (fstat(STDERR_FILENO, &stb) < 0 && errno != EOPNOTSUPP)
(void) dup2(i, STDERR_FILENO);
if (i != STDIN_FILENO && i != STDOUT_FILENO && i != STDERR_FILENO)
(void) close(i);
fill_fd(STDIN_FILENO, NULL);
fill_fd(STDOUT_FILENO, NULL);
fill_fd(STDERR_FILENO, NULL);
i = DtableSize;
while (--i > 0)
@ -226,6 +215,28 @@ main(argc, argv, envp)
# endif
#endif
if (MissingFds != 0)
{
char mbuf[MAXLINE];
mbuf[0] = '\0';
if (bitset(1 << STDIN_FILENO, MissingFds))
strcat(mbuf, ", stdin");
if (bitset(1 << STDOUT_FILENO, MissingFds))
strcat(mbuf, ", stdout");
if (bitset(1 << STDERR_FILENO, MissingFds))
strcat(mbuf, ", stderr");
syserr("File descriptors missing on startup: %s", &mbuf[2]);
}
/* reset status from syserr() calls for missing file descriptors */
Errors = 0;
ExitStat = EX_OK;
#if XDEBUG
checkfd012("after openlog");
#endif
tTsetup(tTdvect, sizeof tTdvect, "0-99.1");
#ifdef NGROUPS_MAX
@ -238,7 +249,12 @@ main(argc, argv, envp)
#endif
/* drop group id privileges (RunAsUser not yet set) */
drop_privileges();
(void) drop_privileges(FALSE);
#ifdef SIGUSR1
/* arrange to dump state on user-1 signal */
setsignal(SIGUSR1, sigusr1);
#endif
/* Handle any non-getoptable constructions. */
obsolete(argv);
@ -301,6 +317,17 @@ main(argc, argv, envp)
(void) snprintf(rnamebuf, sizeof rnamebuf, "Unknown UID %d", RealUid);
RealUserName = rnamebuf;
/* if running non-setuid binary, pretend we are the RunAsUid */
if (geteuid() == RealUid)
{
if (tTd(47, 1))
printf("Non-setuid binary: RunAsUid = RealUid = %d\n",
RealUid);
RunAsUid = RealUid;
}
if (getegid() == RealGid)
RunAsGid = RealGid;
/* save command line arguments */
i = 0;
for (av = argv; *av != NULL; )
@ -572,9 +599,7 @@ main(argc, argv, envp)
if (RealUid != 0)
warn_C_flag = TRUE;
ConfFile = optarg;
endpwent();
(void) setgid(RealGid);
(void) setuid(RealUid);
(void) drop_privileges(TRUE);
safecf = FALSE;
break;
@ -726,9 +751,7 @@ main(argc, argv, envp)
break;
case 'X': /* traffic log file */
endpwent();
setgid(RealGid);
setuid(RealUid);
(void) drop_privileges(TRUE);
TrafficLogFile = fopen(optarg, "a");
if (TrafficLogFile == NULL)
{
@ -815,7 +838,7 @@ main(argc, argv, envp)
if (OpMode != MD_DAEMON && OpMode != MD_FGDAEMON)
{
/* drop privileges -- daemon mode done after socket/bind */
drop_privileges();
(void) drop_privileges(FALSE);
}
/*
@ -1351,7 +1374,7 @@ main(argc, argv, envp)
nullserver = getrequests(CurEnv);
/* drop privileges */
drop_privileges();
(void) drop_privileges(FALSE);
/* at this point we are in a child: reset state */
(void) newenvelope(CurEnv, CurEnv);
@ -2017,11 +2040,11 @@ sighup(sig)
sm_syslog(LOG_INFO, NOQID, "restarting %s on signal", SaveArgv[0]);
alarm(0);
releasesignal(SIGHUP);
if (setgid(RealGid) < 0 || setuid(RealUid) < 0)
if (drop_privileges(TRUE) != EX_OK)
{
if (LogLevel > 0)
sm_syslog(LOG_ALERT, NOQID, "could not set[ug]id(%d, %d): %m",
RealUid, RealGid);
RunAsUid, RunAsGid);
exit(EX_OSERR);
}
execv(SaveArgv[0], (ARGV_T) SaveArgv);
@ -2033,26 +2056,91 @@ sighup(sig)
** DROP_PRIVILEGES -- reduce privileges to those of the RunAsUser option
**
** Parameters:
** none.
** to_real_uid -- if set, drop to the real uid instead
** of the RunAsUser.
**
** Returns:
** none.
** EX_OSERR if the setuid failed.
** EX_OK otherwise.
*/
void
drop_privileges()
int
drop_privileges(to_real_uid)
bool to_real_uid;
{
int rval = EX_OK;
#ifdef NGROUPS_MAX
GIDSET_T emptygidset[NGROUPS_MAX];
#endif
if (tTd(47, 1))
printf("drop_privileges(%d): Real[UG]id=%d:%d, RunAs[UG]id=%d:%d\n",
to_real_uid, RealUid, RealGid, RunAsUid, RunAsGid);
if (to_real_uid)
{
RunAsUserName = RealUserName;
RunAsUid = RealUid;
RunAsGid = RealGid;
}
/* make sure no one can grab open descriptors for secret files */
endpwent();
#ifdef NGROUPS_MAX
/* reset group permissions; these can be set later */
GIDSET_T emptygidset[NGROUPS_MAX];
emptygidset[0] = RunAsGid == 0 ? getegid() : RunAsGid;
(void) setgroups(1, emptygidset);
#endif
if (RunAsGid != 0)
(void) setgid(RunAsGid);
if (RunAsUid != 0)
(void) setuid(RunAsUid);
/* reset primary group and user id */
if (RunAsGid != 0 && setgid(RunAsGid) < 0)
rval = EX_OSERR;
if (RunAsUid != 0 && setuid(RunAsUid) < 0)
rval = EX_OSERR;
return rval;
}
/*
** FILL_FD -- make sure a file descriptor has been properly allocated
**
** Used to make sure that stdin/out/err are allocated on startup
**
** Parameters:
** fd -- the file descriptor to be filled.
** where -- a string used for logging. If NULL, this is
** being called on startup, and logging should
** not be done.
**
** Returns:
** none
*/
void
fill_fd(fd, where)
int fd;
char *where;
{
int i;
struct stat stbuf;
if (fstat(fd, &stbuf) >= 0 || errno != EBADF)
return;
if (where != NULL)
syserr("fill_fd: %s: fd %d not open", where, fd);
else
MissingFds |= 1 << fd;
i = open("/dev/null", fd == 0 ? O_RDONLY : O_WRONLY, 0666);
if (i < 0)
{
syserr("!fill_fd: %s: cannot open /dev/null",
where == NULL ? "startup" : where);
}
if (fd != i)
{
(void) dup2(i, fd);
(void) close(i);
}
}
/*
** TESTMODELINE -- process a test mode input line

330
usr.sbin/sendmail/src/map.c
View File

@ -33,7 +33,7 @@
*/
#ifndef lint
static char sccsid[] = "@(#)map.c 8.168 (Berkeley) 6/14/97";
static char sccsid[] = "@(#)map.c 8.181 (Berkeley) 7/9/97";
#endif /* not lint */
#include "sendmail.h"
@ -113,14 +113,6 @@ extern bool extract_canonname __P((char *, char *, char[], int));
# define LOCK_ON_OPEN 0 /* no such luck -- bend over backwards */
#endif
#ifndef O_LEAVELOCKED
# if O_SHLOCK
# define O_LEAVELOCKED O_SHLOCK
# else
# define O_LEAVELOCKED 0x1000
# endif
#endif
#ifndef O_ACCMODE
# define O_ACCMODE (O_RDONLY|O_WRONLY|O_RDWR)
#endif
@ -733,7 +725,7 @@ extract_canonname(name, line, cbuf, cbuflen)
#ifdef NDBM
/*
** DBM_MAP_OPEN -- DBM-style map open
** NDBM_MAP_OPEN -- DBM-style map open
*/
bool
@ -743,7 +735,8 @@ ndbm_map_open(map, mode)
{
register DBM *dbm;
struct stat st;
int fd;
int dfd;
int pfd;
int sff;
int ret;
int smode = S_IREAD;
@ -760,10 +753,10 @@ ndbm_map_open(map, mode)
/* do initial file and directory checks */
snprintf(dirfile, sizeof dirfile, "%s.dir", map->map_file);
snprintf(pagfile, sizeof pagfile, "%s.pag", map->map_file);
sff = SFF_ROOTOK|SFF_REGONLY|SFF_CREAT;
sff = SFF_ROOTOK|SFF_REGONLY;
if (mode == O_RDWR)
{
sff |= SFF_NOLINK;
sff |= SFF_NOLINK|SFF_CREAT;
smode = S_IWRITE;
}
else
@ -786,13 +779,21 @@ ndbm_map_open(map, mode)
return FALSE;
}
if (std.st_mode == ST_MODE_NOFILE)
mode |= O_EXCL;
mode |= O_CREAT|O_EXCL;
/* heuristic: if files are linked, this is actually gdbm */
if (std.st_dev == stp.st_dev && std.st_ino == stp.st_ino)
{
syserr("dbm map \"%s\": cannot support GDBM",
map->map_mname);
return FALSE;
}
#if LOCK_ON_OPEN
if (mode == O_RDONLY)
mode |= O_SHLOCK;
else
mode |= O_CREAT|O_TRUNC|O_EXLOCK;
mode |= O_TRUNC|O_EXLOCK;
#else
if ((mode & O_ACCMODE) == O_RDWR)
{
@ -804,7 +805,7 @@ ndbm_map_open(map, mode)
** but there isn't anything we can do about it.
*/
mode |= O_CREAT|O_TRUNC;
mode |= O_TRUNC;
# else
/*
** This ugly code opens the map without truncating it,
@ -815,29 +816,57 @@ ndbm_map_open(map, mode)
int dirfd;
int pagfd;
dirfd = safeopen(dirfile, mode|O_CREAT, DBMMODE,
dirfd = safeopen(dirfile, mode, DBMMODE,
SFF_NOLINK|SFF_CREAT|SFF_OPENASROOT);
pagfd = safeopen(pagfile, mode|O_CREAT, DBMMODE,
pagfd = safeopen(pagfile, mode, DBMMODE,
SFF_NOLINK|SFF_CREAT|SFF_OPENASROOT);
if (dirfd < 0 || pagfd < 0)
{
int save_errno = errno;
if (dirfd >= 0)
(void) close(dirfd);
if (pagfd >= 0)
(void) close(pagfd);
errno = save_errno;
syserr("ndbm_map_open: cannot create database %s",
map->map_file);
close(dirfd);
close(pagfd);
return FALSE;
}
if (ftruncate(dirfd, (off_t) 0) < 0)
syserr("ndbm_map_open: cannot truncate %s.dir",
if (ftruncate(dirfd, (off_t) 0) < 0 ||
ftruncate(pagfd, (off_t) 0) < 0)
{
int save_errno = errno;
(void) close(dirfd);
(void) close(pagfd);
errno = save_errno;
syserr("ndbm_map_open: cannot truncate %s.{dir,pag}",
map->map_file);
if (ftruncate(pagfd, (off_t) 0) < 0)
syserr("ndbm_map_open: cannot truncate %s.pag",
return FALSE;
}
/* if new file, get "before" bits for later filechanged check */
if (std.st_mode == ST_MODE_NOFILE &&
(fstat(dirfd, &std) < 0 || fstat(pagfd, &stp) < 0))
{
int save_errno = errno;
(void) close(dirfd);
(void) close(pagfd);
errno = save_errno;
syserr("ndbm_map_open(%s.{dir,pag}): cannot fstat pre-opened file",
map->map_file);
return FALSE;
}
/* have to save the lock for the duration (bletch) */
map->map_lockfd = dirfd;
close(pagfd);
/* twiddle bits for dbm_open */
mode &= ~(O_CREAT|O_EXCL);
# endif
}
#endif
@ -846,37 +875,46 @@ ndbm_map_open(map, mode)
dbm = dbm_open(map->map_file, mode, DBMMODE);
if (dbm == NULL)
{
int save_errno = errno;
if (bitset(MF_ALIAS, map->map_mflags) &&
aliaswait(map, ".pag", FALSE))
return TRUE;
if (!bitset(MF_OPTIONAL, map->map_mflags))
syserr("Cannot open DBM database %s", map->map_file);
#if !LOCK_ON_OPEN && !NOFTRUNCATE
if (map->map_lockfd >= 0)
close(map->map_lockfd);
#endif
errno = save_errno;
if (!bitset(MF_OPTIONAL, map->map_mflags))
syserr("Cannot open DBM database %s", map->map_file);
return FALSE;
}
if (filechanged(dirfile, dbm_dirfno(dbm), &std, sff) ||
filechanged(pagfile, dbm_pagfno(dbm), &stp, sff))
dfd = dbm_dirfno(dbm);
pfd = dbm_pagfno(dbm);
if (filechanged(dirfile, dfd, &std, sff) ||
filechanged(pagfile, pfd, &stp, sff))
{
syserr("ndbm_map_open(%s): file changed after open",
map->map_file);
int save_errno = errno;
dbm_close(dbm);
#if !LOCK_ON_OPEN && !NOFTRUNCATE
if (map->map_lockfd >= 0)
close(map->map_lockfd);
#endif
errno = save_errno;
syserr("ndbm_map_open(%s): file changed after open",
map->map_file);
return FALSE;
}
map->map_db1 = (void *) dbm;
fd = dbm_dirfno((DBM *) map->map_db1);
map->map_db1 = (ARBPTR_T) dbm;
if (mode == O_RDONLY)
{
#if LOCK_ON_OPEN
if (fd >= 0)
(void) lockfile(fd, map->map_file, ".pag", LOCK_UN);
if (dfd >= 0)
(void) lockfile(dfd, map->map_file, ".dir", LOCK_UN);
if (pfd >= 0)
(void) lockfile(pfd, map->map_file, ".pag", LOCK_UN);
#endif
if (bitset(MF_ALIAS, map->map_mflags) &&
!aliaswait(map, ".pag", TRUE))
@ -886,14 +924,14 @@ ndbm_map_open(map, mode)
{
map->map_mflags |= MF_LOCKED;
}
if (fstat(dbm_dirfno((DBM *) map->map_db1), &st) >= 0)
if (fstat(dfd, &st) >= 0)
map->map_mtime = st.st_mtime;
return TRUE;
}
/*
** DBM_MAP_LOOKUP -- look up a datum in a DBM-type map
** NDBM_MAP_LOOKUP -- look up a datum in a DBM-type map
*/
char *
@ -951,7 +989,7 @@ ndbm_map_lookup(map, name, av, statp)
/*
** DBM_MAP_STORE -- store a datum in the database
** NDBM_MAP_STORE -- store a datum in the database
*/
void
@ -994,7 +1032,7 @@ ndbm_map_store(map, lhs, rhs)
if (stat > 0)
{
if (!bitset(MF_APPEND, map->map_mflags))
usrerr("050 Warning: duplicate alias name %s", lhs);
message("050 Warning: duplicate alias name %s", lhs);
else
{
static char *buf = NULL;
@ -1157,7 +1195,6 @@ db_map_open(map, mode, mapclassname, dbtype, openinfo)
int fd;
int sff;
int saveerrno;
bool leavelocked = bitset(O_LEAVELOCKED, mode);
struct stat st;
char buf[MAXNAME + 1];
@ -1170,10 +1207,10 @@ db_map_open(map, mode, mapclassname, dbtype, openinfo)
mode &= O_ACCMODE;
omode = mode;
sff = SFF_ROOTOK|SFF_REGONLY|SFF_CREAT;
sff = SFF_ROOTOK|SFF_REGONLY;
if (mode == O_RDWR)
{
sff |= SFF_NOLINK;
sff |= SFF_NOLINK|SFF_CREAT;
smode = S_IWRITE;
}
else
@ -1187,28 +1224,26 @@ db_map_open(map, mode, mapclassname, dbtype, openinfo)
{
/* cannot open this map */
if (tTd(38, 2))
printf("\tunsafe map file: %d\n", i);
printf("\tunsafe map file: %s\n", errstring(i));
errno = i;
if (!bitset(MF_OPTIONAL, map->map_mflags))
syserr("%s map \"%s\": unsafe map file %s",
mapclassname, map->map_mname, map->map_file);
return FALSE;
}
if (st.st_mode == ST_MODE_NOFILE)
omode |= O_EXCL;
omode |= O_CREAT|O_EXCL;
map->map_lockfd = -1;
#if LOCK_ON_OPEN
if (mode == O_RDWR)
omode |= O_CREAT|O_TRUNC|O_EXLOCK;
omode |= O_TRUNC|O_EXLOCK;
# if !OLD_NEWDB
else
omode |= O_SHLOCK;
# endif
#else
if (mode == O_RDWR)
omode |= O_CREAT;
/*
** Pre-lock the file to avoid race conditions. In particular,
** since dbopen returns NULL if the file is zero length, we
@ -1216,26 +1251,51 @@ db_map_open(map, mode, mapclassname, dbtype, openinfo)
*/
fd = open(buf, omode, DBMMODE);
if (fd < 0)
{
if (!bitset(MF_OPTIONAL, map->map_mflags))
syserr("db_map_open: cannot pre-open database %s", buf);
close(fd);
return FALSE;
}
if (!lockfile(fd, map->map_file, ".db",
mode == O_RDONLY ? LOCK_SH : LOCK_EX))
/* make sure no baddies slipped in just before the open... */
if (filechanged(buf, fd, &st, sff))
{
int save_errno = errno;
(void) close(fd);
errno = save_errno;
syserr("db_map_open(%s): file changed after pre-open", buf);
return FALSE;
}
/* if new file, get the "before" bits for later filechanged check */
if (st.st_mode == ST_MODE_NOFILE && fstat(fd, &st) < 0)
{
int save_errno = errno;
(void) close(fd);
errno = save_errno;
syserr("db_map_open(%s): cannot fstat pre-opened file",
buf);
return FALSE;
}
/* actually lock the pre-opened file */
if (!lockfile(fd, buf, NULL, mode == O_RDONLY ? LOCK_SH : LOCK_EX))
syserr("db_map_open: cannot lock %s", buf);
/* set up mode bits for dbopen */
if (mode == O_RDWR)
omode |= O_TRUNC;
omode &= ~(O_EXCL|O_CREAT);
#endif
db = dbopen(buf, omode, DBMMODE, dbtype, openinfo);
saveerrno = errno;
#if !LOCK_ON_OPEN
if (leavelocked || mode == O_RDWR)
if (mode == O_RDWR)
map->map_lockfd = fd;
else
(void) close(fd);
@ -1246,25 +1306,28 @@ db_map_open(map, mode, mapclassname, dbtype, openinfo)
if (mode == O_RDONLY && bitset(MF_ALIAS, map->map_mflags) &&
aliaswait(map, ".db", FALSE))
return TRUE;
errno = saveerrno;
if (!bitset(MF_OPTIONAL, map->map_mflags))
syserr("Cannot open %s database %s",
mapclassname, map->map_file);
#if !LOCK_ON_OPEN
if (map->map_lockfd >= 0)
(void) close(map->map_lockfd);
#endif
errno = saveerrno;
if (!bitset(MF_OPTIONAL, map->map_mflags))
syserr("Cannot open %s database %s",
mapclassname, map->map_file);
return FALSE;
}
if (filechanged(buf, db->fd(db), &st, sff))
{
syserr("db_map_open(%s): file changed after open", buf);
int save_errno = errno;
db->close(db);
#if !LOCK_ON_OPEN
if (map->map_lockfd >= 0)
close(map->map_lockfd);
#endif
errno = save_errno;
syserr("db_map_open(%s): file changed after open", buf);
return FALSE;
}
@ -1273,9 +1336,9 @@ db_map_open(map, mode, mapclassname, dbtype, openinfo)
#if !OLD_NEWDB
fd = db->fd(db);
# if LOCK_ON_OPEN
if (fd >= 0 && mode == O_RDONLY && !leavelocked)
if (fd >= 0 && mode == O_RDONLY)
{
(void) lockfile(fd, map->map_file, ".db", LOCK_UN);
(void) lockfile(fd, buf, NULL, LOCK_UN);
}
# endif
#endif
@ -1291,7 +1354,7 @@ db_map_open(map, mode, mapclassname, dbtype, openinfo)
map->map_mtime = st.st_mtime;
#endif
map->map_db2 = (void *) db;
map->map_db2 = (ARBPTR_T) db;
if (mode == O_RDONLY && bitset(MF_ALIAS, map->map_mflags) &&
!aliaswait(map, ".db", TRUE))
return FALSE;
@ -1312,16 +1375,26 @@ db_map_lookup(map, name, av, statp)
{
DBT key, val;
register DB *db = (DB *) map->map_db2;
int i;
int st;
int saveerrno;
int fd;
struct stat stbuf;
char keybuf[MAXNAME + 1];
char buf[MAXNAME + 1];
if (tTd(38, 20))
printf("db_map_lookup(%s, %s)\n",
map->map_mname, name);
i = strlen(map->map_file);
if (i > MAXNAME)
i = MAXNAME;
strncpy(buf, map->map_file, i);
buf[i] = '\0';
if (i > 3 && strcmp(&buf[i - 3], ".db") == 0)
buf[i - 3] = '\0';
key.size = strlen(name);
if (key.size > sizeof keybuf - 1)
key.size = sizeof keybuf - 1;
@ -1331,9 +1404,10 @@ db_map_lookup(map, name, av, statp)
if (!bitset(MF_NOFOLDCASE, map->map_mflags))
makelower(keybuf);
#if !OLD_NEWDB
lockdb:
fd = db->fd(db);
if (fd >= 0 && !bitset(MF_LOCKED, map->map_mflags))
(void) lockfile(fd, map->map_file, ".db", LOCK_SH);
(void) lockfile(fd, buf, ".db", LOCK_SH);
if (fd < 0 || fstat(fd, &stbuf) < 0 || stbuf.st_mtime > map->map_mtime)
{
/* Reopen the database to sync the cache */
@ -1342,14 +1416,13 @@ db_map_lookup(map, name, av, statp)
map->map_class->map_close(map);
map->map_mflags &= ~(MF_OPEN|MF_WRITABLE);
omode |= O_LEAVELOCKED;
if (map->map_class->map_open(map, omode))
{
map->map_mflags |= MF_OPEN;
if ((omode && O_ACCMODE) == O_RDWR)
map->map_mflags |= MF_WRITABLE;
db = (DB *) map->map_db2;
fd = db->fd(db);
goto lockdb;
}
else
{
@ -1385,7 +1458,7 @@ db_map_lookup(map, name, av, statp)
saveerrno = errno;
#if !OLD_NEWDB
if (fd >= 0 && !bitset(MF_LOCKED, map->map_mflags))
(void) lockfile(fd, map->map_file, ".db", LOCK_UN);
(void) lockfile(fd, buf, ".db", LOCK_UN);
#endif
if (st != 0)
{
@ -1446,7 +1519,7 @@ db_map_store(map, lhs, rhs)
if (stat > 0)
{
if (!bitset(MF_APPEND, map->map_mflags))
usrerr("050 Warning: duplicate alias name %s", lhs);
message("050 Warning: duplicate alias name %s", lhs);
else
{
static char *buf = NULL;
@ -1500,13 +1573,19 @@ db_map_close(map)
db_map_store(map, "@", "@");
}
if (db->close(db) != 0)
syserr("readaliases: db close failure");
#if OLD_NEWDB
(void) db->sync(db);
#else
(void) db->sync(db, 0);
#endif
#if !LOCK_ON_OPEN
if (map->map_lockfd >= 0)
(void) close(map->map_lockfd);
#endif
if (db->close(db) != 0)
syserr("readaliases: db close failure");
}
#endif
@ -2735,6 +2814,123 @@ ldap_map_parseargs(map,args)
#endif /* LDAP Modules */
/*
** syslog map
*/
#if _FFR_SYSLOG_MAP
#define map_prio map_lockfd /* overload field */
/*
** SYSLOG_MAP_PARSEARGS -- check for priority level to syslog messages.
*/
bool
syslog_map_parseargs(map, args)
MAP *map;
char *args;
{
char *p = args;
char *priority = NULL;
for (;;)
{
while (isascii(*p) && isspace(*p))
p++;
if (*p != '-')
break;
if (*++p == 'L')
priority = ++p;
while (*p != '\0' && !(isascii(*p) && isspace(*p)))
p++;
if (*p != '\0')
*p++ = '\0';
}
if (priority == NULL)
map->map_prio = LOG_INFO;
else
{
if (strncasecmp("LOG_", priority, 4) == 0)
priority += 4;
#ifdef LOG_EMERG
if (strcasecmp("EMERG", priority) == 0)
map->map_prio = LOG_EMERG;
else
#endif
#ifdef LOG_ALERT
if (strcasecmp("ALERT", priority) == 0)
map->map_prio = LOG_ALERT;
else
#endif
#ifdef LOG_CRIT
if (strcasecmp("CRIT", priority) == 0)
map->map_prio = LOG_CRIT;
else
#endif
#ifdef LOG_ERR
if (strcasecmp("ERR", priority) == 0)
map->map_prio = LOG_ERR;
else
#endif
#ifdef LOG_WARNING
if (strcasecmp("WARNING", priority) == 0)
map->map_prio = LOG_WARNING;
else
#endif
#ifdef LOG_NOTICE
if (strcasecmp("NOTICE", priority) == 0)
map->map_prio = LOG_NOTICE;
else
#endif
#ifdef LOG_INFO
if (strcasecmp("INFO", priority) == 0)
map->map_prio = LOG_INFO;
else
#endif
#ifdef LOG_DEBUG
if (strcasecmp("DEBUG", priority) == 0)
map->map_prio = LOG_DEBUG;
else
#endif
{
syserr("syslog_map_parseargs: Unknown priority %s\n",
priority);
return FALSE;
}
}
return TRUE;
}
/*
** SYSLOG_MAP_LOOKUP -- rewrite and syslog message. Always return empty string
*/
char *
syslog_map_lookup(map, string, args, statp)
MAP *map;
char *string;
char **args;
int *statp;
{
char *ptr = map_rewrite(map, string, strlen(string), args);
if (ptr != NULL)
{
if (tTd(38, 20))
printf("syslog_map_lookup(%s (priority %d): %s\n",
map->map_mname, map->map_prio, ptr);
sm_syslog(map->map_prio, CurEnv->e_id, "%s", ptr);
}
*statp = EX_OK;
return "";
}
#endif /* _FFR_SYSLOG_MAP */
/*
** HESIOD Modules
*/

10
usr.sbin/sendmail/src/mci.c
View File

@ -33,7 +33,7 @@
*/
#ifndef lint
static char sccsid[] = "@(#)mci.c 8.62 (Berkeley) 5/29/97";
static char sccsid[] = "@(#)mci.c 8.66 (Berkeley) 8/2/97";
#endif /* not lint */
#include "sendmail.h"
@ -330,10 +330,10 @@ mci_get(host, m)
{
/* get peer host address for logging reasons only */
/* (this should really be in the mci struct) */
int socksize = sizeof CurHostAddr;
SOCKADDR_LEN_T socklen = sizeof CurHostAddr;
(void) getpeername(fileno(mci->mci_in),
(struct sockaddr *) &CurHostAddr, &socksize);
(struct sockaddr *) &CurHostAddr, &socklen);
}
# endif
}
@ -571,7 +571,7 @@ mci_lock_host_statfile(mci)
goto cleanup;
}
mci->mci_statfile = safefopen(fname, O_RDWR|O_CREAT, FileMode,
mci->mci_statfile = safefopen(fname, O_RDWR, FileMode,
SFF_NOLOCK|SFF_NOLINK|SFF_OPENASROOT|SFF_REGONLY|SFF_CREAT);
if (mci->mci_statfile == NULL)
@ -694,7 +694,7 @@ mci_load_persistent(mci)
}
fp = safefopen(fname, O_RDONLY, FileMode,
SFF_NOLOCK|SFF_NOLINK|SFF_OPENASROOT|SFF_REGONLY);
SFF_NOLINK|SFF_OPENASROOT|SFF_REGONLY);
if (fp == NULL)
{
/* I can't think of any reason this should ever happen */

38
usr.sbin/sendmail/src/parseaddr.c
View File

@ -33,7 +33,7 @@
*/
#ifndef lint
static char sccsid[] = "@(#)parseaddr.c 8.128 (Berkeley) 6/14/97";
static char sccsid[] = "@(#)parseaddr.c 8.130 (Berkeley) 8/2/97";
#endif /* not lint */
# include "sendmail.h"
@ -2349,7 +2349,6 @@ rscheck(rwset, p1, p2, e)
auto ADDRESS a1;
bool saveQuickAbort = QuickAbort;
bool saveSuprErrs = SuprErrs;
bool saveOnlyOneError = OnlyOneError;
char buf0[MAXLINE];
char pvpbuf[PSBUFSIZE];
extern char MsgBuf[];
@ -2387,7 +2386,7 @@ rscheck(rwset, p1, p2, e)
(void) snprintf(buf, bufsize, "%s", p1);
}
SuprErrs = TRUE;
OnlyOneError = QuickAbort = FALSE;
QuickAbort = FALSE;
pvp = prescan(buf, '\0', pvpbuf, sizeof pvpbuf, NULL, NULL);
SuprErrs = saveSuprErrs;
if (pvp == NULL)
@ -2413,25 +2412,38 @@ rscheck(rwset, p1, p2, e)
if (LogLevel >= 4)
{
if (p2 == NULL)
sm_syslog(LOG_NOTICE, e->e_id,
"Ruleset %s (%s) rejection: %s",
rwset, p1, MsgBuf);
else
sm_syslog(LOG_NOTICE, e->e_id,
"Ruleset %s (%s, %s) rejection: %s",
rwset, p1, p2, MsgBuf);
char *relay;
char *p;
char lbuf[MAXLINE];
p = lbuf;
if (p2 != NULL)
{
snprintf(p, SPACELEFT(lbuf, p),
", arg2=%s",
p2);
p += strlen(p);
}
if ((relay = macvalue('_', e)) != NULL)
{
snprintf(p, SPACELEFT(lbuf, p),
", relay=%s", relay);
p += strlen(p);
}
*p = '\0';
sm_syslog(LOG_NOTICE, e->e_id,
"ruleset=%s, arg1=%s%s, reject=%s",
rwset, p1, lbuf, MsgBuf);
}
finis:
/* clean up */
QuickAbort = saveQuickAbort;
OnlyOneError = saveOnlyOneError;
setstat(rstat);
if (buf != buf0)
free(buf);
if (rstat != EX_OK && (QuickAbort || (OnlyOneError && !HoldErrs)))
if (rstat != EX_OK && QuickAbort)
longjmp(TopFrame, 2);
return rstat;
}

24
usr.sbin/sendmail/src/queue.c
View File

@ -36,9 +36,9 @@
#ifndef lint
#if QUEUE
static char sccsid[] = "@(#)queue.c 8.169 (Berkeley) 6/14/97 (with queueing)";
static char sccsid[] = "@(#)queue.c 8.174 (Berkeley) 7/23/97 (with queueing)";
#else
static char sccsid[] = "@(#)queue.c 8.169 (Berkeley) 6/14/97 (without queueing)";
static char sccsid[] = "@(#)queue.c 8.174 (Berkeley) 7/23/97 (without queueing)";
#endif
#endif /* not lint */
@ -431,7 +431,9 @@ queueup(e, announce)
fprintf(tfp, ".\n");
if (fflush(tfp) < 0 || fsync(fileno(tfp)) < 0 || ferror(tfp))
if (fflush(tfp) < 0 ||
(SuperSafe && fsync(fileno(tfp)) < 0) ||
ferror(tfp))
{
if (newid)
syserr("!552 Error writing control file %s", tf);
@ -553,7 +555,6 @@ runqueue(forkflag, verbose)
extern ENVELOPE BlankEnvelope;
extern void clrdaemon __P((void));
extern void runqueueevent __P((void));
extern void drop_privileges __P((void));
DoQueueRun = FALSE;
@ -670,7 +671,7 @@ runqueue(forkflag, verbose)
/* drop privileges */
if (geteuid() == (uid_t) 0)
drop_privileges();
(void) drop_privileges(FALSE);
/*
** Create ourselves an envelope
@ -684,7 +685,7 @@ runqueue(forkflag, verbose)
if (forkflag)
{
disconnect(1, e);
OnlyOneError = QuickAbort = FALSE;
QuickAbort = FALSE;
}
/*
@ -1463,6 +1464,7 @@ dowork(id, forkflag, requeueflag, e)
{
if (tTd(40, 4))
printf("readqf(%s) failed\n", e->e_id);
e->e_id = NULL;
if (forkflag)
exit(EX_OK);
else
@ -2325,13 +2327,17 @@ loseqfile(e, why)
char *why;
{
char *p;
char buf[MAXQFNAME];
char buf[MAXQFNAME + 1];
if (e == NULL || e->e_id == NULL)
return;
if (strlen(e->e_id) > (SIZE_T) sizeof buf - 4)
p = queuename(e, 'q');
if (strlen(p) > MAXQFNAME)
{
syserr("loseqfile: queuename (%s) too long", p);
return;
strcpy(buf, queuename(e, 'q'));
}
strcpy(buf, p);
p = queuename(e, 'Q');
if (rename(buf, p) < 0)
syserr("cannot rename(%s, %s), uid=%d", buf, p, geteuid());

65
usr.sbin/sendmail/src/readcf.c
View File

@ -33,7 +33,7 @@
*/
#ifndef lint
static char sccsid[] = "@(#)readcf.c 8.196 (Berkeley) 5/29/97";
static char sccsid[] = "@(#)readcf.c 8.200 (Berkeley) 8/2/97";
#endif /* not lint */
# include "sendmail.h"
@ -105,13 +105,14 @@ readcf(cfname, safe, e)
char *file;
bool optional;
int mid;
char buf[MAXLINE];
register char *p;
extern char **copyplist();
int sff = SFF_OPENASROOT;
struct stat statb;
char buf[MAXLINE];
char exbuf[MAXLINE];
char pvpbuf[MAXLINE + MAXATOM];
static char *null_list[1] = { NULL };
extern char **copyplist __P((char **, bool));
extern char *munchstring __P((char *, char **, int));
extern void fileclass __P((int, char *, char *, bool, bool));
extern void toomany __P((int, int));
@ -121,7 +122,9 @@ readcf(cfname, safe, e)
FileName = cfname;
LineNumber = 0;
cf = safefopen(cfname, O_RDONLY, 0444, SFF_OPENASROOT|SFF_NOLOCK);
if (DontLockReadFiles)
sff |= SFF_NOLOCK;
cf = safefopen(cfname, O_RDONLY, 0444, sff);
if (cf == NULL)
{
syserr("cannot open");
@ -438,11 +441,14 @@ readcf(cfname, safe, e)
break;
#endif
#ifdef SUN_EXTENSIONS
#if defined(SUN_EXTENSIONS) && defined(SUN_LOOKUP_MACRO)
case 'L': /* lookup macro */
case 'G': /* lookup class */
/* reserved for Sun -- NIS+ database lookup */
goto badline;
if (VendorCode != VENDOR_SUN)
goto badline;
sun_lg_config_line(bp, e);
break;
#endif
case 'M': /* define mailer */
@ -747,6 +753,8 @@ fileclass(class, filename, fmt, safe, optional)
sff = SFF_REGONLY|SFF_NOWLINK;
if (safe)
sff |= SFF_OPENASROOT;
if (DontLockReadFiles)
sff |= SFF_NOLOCK;
f = safefopen(filename, O_RDONLY, 0, sff);
}
if (f == NULL)
@ -1505,6 +1513,14 @@ struct optioninfo
#define O_MAXRCPT 0xa3
{ "MaxRecipientPerMessage", O_MAXRCPT, FALSE },
#endif
#if _FFR_DEADLETTERDROP_OPTION
#define O_DEADLETTER 0xa4
{ "DeadLetterDrop", O_DEADLETTER, FALSE },
#endif
#if _FFR_DONTLOCKFILESFORREAD_OPTION
#define O_DONTLOCK 0xa5
{ "DontLockFilesForRead", O_DONTLOCK, FALSE },
#endif
{ NULL, '\0', FALSE }
};
@ -1644,14 +1660,7 @@ setoption(opt, val, safe, sticky, e)
{
if (tTd(37, 1))
printf(" (unsafe)");
if (RealUid != geteuid())
{
if (tTd(37, 1))
printf("(Resetting uid)");
endpwent();
(void) setgid(RealGid);
(void) setuid(RealUid);
}
(void) drop_privileges(TRUE);
}
}
if (tTd(37, 1))
@ -2256,7 +2265,10 @@ setoption(opt, val, safe, sticky, e)
}
}
if (isascii(*val) && isdigit(*val))
RunAsUid = atoi(val);
{
if (RunAsUid == 0)
RunAsUid = atoi(val);
}
else
{
register struct passwd *pw;
@ -2264,7 +2276,7 @@ setoption(opt, val, safe, sticky, e)
pw = sm_getpwnam(val);
if (pw == NULL)
syserr("readcf: option RunAsUser: unknown user %s", val);
else
else if (RunAsUid == 0)
{
if (*p == '\0')
RunAsUserName = newstr(val);
@ -2275,7 +2287,10 @@ setoption(opt, val, safe, sticky, e)
if (*p == '\0')
break;
if (isascii(*p) && isdigit(*p))
RunAsGid = atoi(p);
{
if (RunAsGid == 0)
RunAsGid = atoi(p);
}
else
{
register struct group *gr;
@ -2284,7 +2299,7 @@ setoption(opt, val, safe, sticky, e)
if (gr == NULL)
syserr("readcf: option RunAsUser: unknown group %s",
p);
else
else if (RunAsGid == 0)
RunAsGid = gr->gr_gid;
}
break;
@ -2326,6 +2341,20 @@ setoption(opt, val, safe, sticky, e)
break;
#endif
#if _FFR_DEADLETTERDROP_OPTION
case O_DEADLETTER:
if (DeadLetterDrop != NULL)
free(DeadLetterDrop);
DeadLetterDrop = newstr(val);
break;
#endif
#if _FFR_DONTLOCKFILESFORREAD_OPTION
case O_DONTLOCK:
DontLockReadFiles = atobool(val);
break;
#endif
default:
if (tTd(37, 1))
{

32
usr.sbin/sendmail/src/safefile.c
View File

@ -33,7 +33,7 @@
*/
#ifndef lint
static char sccsid[] = "@(#)safefile.c 8.12 (Berkeley) 6/14/97";
static char sccsid[] = "@(#)safefile.c 8.18 (Berkeley) 8/1/97";
#endif /* not lint */
# include "sendmail.h"
@ -108,6 +108,10 @@ safefile(fn, uid, gid, uname, flags, mode, st)
strcpy(fbuf, fn);
fn = fbuf;
/* ignore SFF_SAFEDIRPATH if we are debugging */
if (RealUid != 0 && RunAsUid == RealUid)
flags &= ~SFF_SAFEDIRPATH;
/* first check to see if the file exists at all */
#ifdef HASLSTAT
if ((bitset(SFF_NOSLINK, flags) ? lstat(fn, st)
@ -464,6 +468,7 @@ safeopen(fn, omode, cmode, sff)
if (bitset(O_CREAT, omode))
sff |= SFF_CREAT;
omode &= ~O_CREAT;
smode = 0;
switch (omode & O_ACCMODE)
{
@ -494,8 +499,8 @@ safeopen(fn, omode, cmode, sff)
errno = rval;
return -1;
}
if (stb.st_mode == ST_MODE_NOFILE)
omode |= O_EXCL;
if (stb.st_mode == ST_MODE_NOFILE && bitset(SFF_CREAT, sff))
omode |= O_EXCL|O_CREAT;
fd = dfopen(fn, omode, cmode, sff);
if (fd < 0)
@ -561,10 +566,24 @@ safefopen(fn, omode, cmode, sff)
}
fd = safeopen(fn, omode, cmode, sff);
if (fd < 0)
{
if (tTd(44, 10))
printf("safefopen: safeopen failed: %s\n",
errstring(errno));
return NULL;
}
fp = fdopen(fd, fmode);
if (fp != NULL)
return fp;
if (tTd(44, 10))
{
printf("safefopen: fdopen(%s, %s) failed: omode=%x, sff=%x, err=%s\n",
fn, fmode, omode, sff, errstring(errno));
#ifndef NOT_SENDMAIL
dumpfd(fd, TRUE, FALSE);
#endif
}
(void) close(fd);
return NULL;
}
@ -607,6 +626,9 @@ filechanged(fn, fd, stb, sff)
if (sta.st_nlink != stb->st_nlink ||
sta.st_dev != stb->st_dev ||
sta.st_ino != stb->st_ino ||
#if HAS_ST_GEN && 0 /* AFS returns garbage in st_gen */
sta.st_gen != stb->st_gen ||
#endif
sta.st_uid != stb->st_uid ||
sta.st_gid != stb->st_gid)
{
@ -619,6 +641,10 @@ filechanged(fn, fd, stb, sff)
(long) stb->st_dev, (long) sta.st_dev);
printf(" ino = %ld/%ld\n",
(long) stb->st_ino, (long) sta.st_ino);
#if HAS_ST_GEN
printf(" gen = %ld/%ld\n",
(long) stb->st_gen, (long) sta.st_gen);
#endif
printf(" uid = %ld/%ld\n",
(long) stb->st_uid, (long) sta.st_uid);
printf(" gid = %ld/%ld\n",

31
usr.sbin/sendmail/src/savemail.c
View File

@ -33,7 +33,7 @@
*/
#ifndef lint
static char sccsid[] = "@(#)savemail.c 8.110 (Berkeley) 4/7/97";
static char sccsid[] = "@(#)savemail.c 8.114 (Berkeley) 8/2/97";
#endif /* not lint */
# include "sendmail.h"
@ -70,10 +70,6 @@ static char sccsid[] = "@(#)savemail.c 8.110 (Berkeley) 4/7/97";
# define ESM_PANIC 6 /* leave the locked queue/transcript files */
# define ESM_DONE 7 /* the message is successfully delivered */
# ifndef _PATH_VARTMP
# define _PATH_VARTMP "/usr/tmp/"
# endif
void
savemail(e, sendbody)
@ -301,7 +297,8 @@ savemail(e, sendbody)
*/
q = NULL;
if (sendtolist(DoubleBounceAddr, NULL, &q, 0, e) <= 0)
if (sendtolist(DoubleBounceAddr,
NULLADDR, &q, 0, e) <= 0)
{
syserr("553 cannot parse %s!", DoubleBounceAddr);
ExitStat = EX_SOFTWARE;
@ -375,17 +372,16 @@ savemail(e, sendbody)
break;
}
if (SafeFileEnv != NULL && SafeFileEnv[0] != '\0')
if ((SafeFileEnv != NULL && SafeFileEnv[0] != '\0') ||
DeadLetterDrop == NULL || DeadLetterDrop[0] == '\0')
{
state = ESM_PANIC;
break;
}
snprintf(buf, sizeof buf, "%sdead.letter", _PATH_VARTMP);
flags = SFF_NOLINK|SFF_CREAT|SFF_REGONLY|SFF_OPENASROOT|SFF_MUSTOWN;
if (!writable(buf, NULL, flags) ||
(fp = safefopen(buf, O_WRONLY|O_CREAT|O_APPEND,
if (!writable(DeadLetterDrop, NULL, flags) ||
(fp = safefopen(DeadLetterDrop, O_WRONLY|O_APPEND,
FileMode, flags)) == NULL)
{
state = ESM_PANIC;
@ -410,15 +406,15 @@ savemail(e, sendbody)
int oldverb = Verbose;
Verbose = 1;
message("Saved message in %s", buf);
message("Saved message in %s", DeadLetterDrop);
Verbose = oldverb;
if (LogLevel > 3)
sm_syslog(LOG_NOTICE, e->e_id,
"Saved message in %s",
buf);
DeadLetterDrop);
state = ESM_DONE;
}
(void) xfclose(fp, "savemail", buf);
(void) xfclose(fp, "savemail", DeadLetterDrop);
break;
default:
@ -758,8 +754,11 @@ errbody(mci, e, separator)
{
if (*ErrMsgFile == '/')
{
xfile = safefopen(ErrMsgFile, O_RDONLY, 0444,
SFF_ROOTOK|SFF_REGONLY);
int sff = SFF_ROOTOK|SFF_REGONLY;
if (DontLockReadFiles)
sff |= SFF_NOLOCK;
xfile = safefopen(ErrMsgFile, O_RDONLY, 0444, sff);
if (xfile != NULL)
{
while (fgets(buf, sizeof buf, xfile) != NULL)

31
usr.sbin/sendmail/src/sendmail.h
View File

@ -31,7 +31,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* @(#)sendmail.h 8.236 (Berkeley) 6/5/97
* @(#)sendmail.h 8.242 (Berkeley) 8/2/97
*/
/*
@ -41,7 +41,7 @@
# ifdef _DEFINE
# define EXTERN
# ifndef lint
static char SmailSccsId[] = "@(#)sendmail.h 8.236 6/5/97";
static char SmailSccsId[] = "@(#)sendmail.h 8.242 8/2/97";
# endif
# else /* _DEFINE */
# define EXTERN extern
@ -94,6 +94,25 @@ static char SmailSccsId[] = "@(#)sendmail.h 8.236 6/5/97";
# endif
#endif
/*
** Following are "sort of" configuration constants, but they should
** be pretty solid on most architectures today. They have to be
** defined after <arpa/nameser.h> because some versions of that
** file also define them. In all cases, we can't use sizeof because
** some systems (e.g., Crays) always treat everything as being at
** least 64 bits.
*/
#ifndef INADDRSZ
# define INADDRSZ 4 /* size of an IPv4 address in bytes */
#endif
#ifndef INT16SZ
# define INT16SZ 2 /* size of a 16 bit integer in bytes */
#endif
#ifndef INT32SZ
# define INT32SZ 4 /* size of a 32 bit integer in bytes */
#endif
/* forward references for prototypes */
@ -426,7 +445,7 @@ extern void addheader __P((char *, char *, HDR **));
extern char *hvalue __P((char *, HDR *));
extern void commaize __P((HDR *, char *, bool, MCI *, ENVELOPE *));
extern void put_vanilla_header __P((HDR *, char *, MCI *));
extern void eatheader __P((ENVELOPE *e, bool));
extern void eatheader __P((ENVELOPE *, bool));
extern int chompheader __P((char *, bool, HDR **, ENVELOPE *));
/*
** Envelope structure.
@ -1197,12 +1216,14 @@ EXTERN bool DoQueueRun; /* non-interrupt time queue run needed */
#if _FFR_DSN_RRT_OPTION
EXTERN bool RrtImpliesDsn; /* turn Return-Receipt-To: into DSN */
#endif
EXTERN char *DeadLetterDrop; /* path to dead letter office */
EXTERN bool DontProbeInterfaces; /* don't probe interfaces for names */
EXTERN bool ChownAlwaysSafe; /* treat chown(2) as safe */
EXTERN bool IgnoreHostStatus; /* ignore long term host status files */
EXTERN bool SingleThreadDelivery; /* single thread hosts on delivery */
EXTERN bool UnsafeGroupWrites; /* group-writable files are unsafe */
EXTERN bool SingleLineFromHeader; /* force From: header to be one line */
EXTERN bool DontLockReadFiles; /* don't read lock support files */
EXTERN int ConnRateThrottle; /* throttle for SMTP connection rate */
EXTERN int MaxAliasRecursion; /* maximum depth of alias recursion */
EXTERN int MaxMacroRecursion; /* maximum depth of macro recursion */
@ -1396,6 +1417,8 @@ extern int prog_open __P((char **, int *, ENVELOPE *));
extern bool getcanonname __P((char *, int, bool));
extern bool path_is_dir __P((char *, bool));
extern pid_t dowork __P((char *, bool, bool, ENVELOPE *));
extern int drop_privileges __P((bool));
extern void fill_fd __P((int, char *));
extern const char *errstring __P((int));
extern sigfunc_t setsignal __P((int, sigfunc_t));
@ -1419,7 +1442,7 @@ extern void syserr(const char *, ...);
extern void usrerr(const char *, ...);
extern void message(const char *, ...);
extern void nmessage(const char *, ...);
extern void setproctitle(const char *fmt, ...);
extern void setproctitle(const char *, ...);
extern void sm_syslog(int, const char *, const char *, ...);
#else
extern void auth_warning();

183
usr.sbin/sendmail/src/srvrsmtp.c
View File

@ -36,9 +36,9 @@
#ifndef lint
#if SMTP
static char sccsid[] = "@(#)srvrsmtp.c 8.146 (Berkeley) 6/11/97 (with SMTP)";
static char sccsid[] = "@(#)srvrsmtp.c 8.154 (Berkeley) 8/2/97 (with SMTP)";
#else
static char sccsid[] = "@(#)srvrsmtp.c 8.146 (Berkeley) 6/11/97 (without SMTP)";
static char sccsid[] = "@(#)srvrsmtp.c 8.154 (Berkeley) 8/2/97 (without SMTP)";
#endif
#endif /* not lint */
@ -154,6 +154,7 @@ smtp(nullserver, e)
volatile int n_helo = 0; /* count of HELO/EHLO commands */
bool ok;
int lognullconnection = TRUE;
register char *q;
char inp[MAXLINE];
char cmdbuf[MAXLINE];
extern ENVELOPE BlankEnvelope;
@ -221,16 +222,7 @@ smtp(nullserver, e)
for (;;)
{
/* arrange for backout */
if (setjmp(TopFrame) > 0)
{
/* if() nesting is necessary for Cray UNICOS */
if (InChild)
{
QuickAbort = FALSE;
SuprErrs = TRUE;
finis();
}
}
(void) setjmp(TopFrame);
QuickAbort = FALSE;
HoldErrs = FALSE;
SuprErrs = FALSE;
@ -375,51 +367,50 @@ smtp(nullserver, e)
cmdbuf);
break;
}
else
{
register char *q;
for (q = p; *q != '\0'; q++)
for (q = p; *q != '\0'; q++)
{
if (!isascii(*q))
break;
if (isalnum(*q))
continue;
if (isspace(*q))
{
if (!isascii(*q))
break;
if (isalnum(*q))
continue;
if (isspace(*q))
{
*q = '\0';
break;
}
if (strchr("[].-_#", *q) == NULL)
break;
}
if (*q != '\0')
{
if (!AllowBogusHELO)
usrerr("501 Invalid domain name");
else
{
message("250 %s Invalid domain name, accepting anyway",
MyHostName);
gothello = TRUE;
}
*q = '\0';
break;
}
if (strchr("[].-_#", *q) == NULL)
break;
}
sendinghost = newstr(p);
gothello = TRUE;
if (c->cmdcode != CMDEHLO)
if (*q == '\0')
{
/* print old message and be done with it */
message("250 %s Hello %s, pleased to meet you",
MyHostName, CurSmtpClient);
q = "pleased to meet you";
sendinghost = newstr(p);
}
else if (!AllowBogusHELO)
{
usrerr("501 Invalid domain name");
break;
}
else
{
q = "accepting invalid domain name";
}
gothello = TRUE;
/* print extended message and brag */
message("250-%s Hello %s, pleased to meet you",
MyHostName, CurSmtpClient);
/* print HELO response message */
if (c->cmdcode != CMDEHLO)
{
message("250 %s Hello %s, %s",
MyHostName, CurSmtpClient, q);
break;
}
message("250-%s Hello %s, %s",
MyHostName, CurSmtpClient, q);
/* print EHLO features list */
if (!bitset(PRIV_NOEXPN, PrivacyFlags))
{
message("250-EXPN");
@ -446,23 +437,14 @@ smtp(nullserver, e)
SmtpPhase = "server MAIL";
/* check for validity of this command */
if (!gothello)
if (!gothello && bitset(PRIV_NEEDMAILHELO, PrivacyFlags))
{
/* set sending host to our known value */
if (sendinghost == NULL)
sendinghost = peerhostname;
if (bitset(PRIV_NEEDMAILHELO, PrivacyFlags))
{
usrerr("503 Polite people say HELO first");
break;
}
usrerr("503 Polite people say HELO first");
break;
}
if (gotmail)
{
usrerr("503 Sender already specified");
if (InChild)
finis();
break;
}
if (InChild)
@ -472,6 +454,10 @@ smtp(nullserver, e)
finis();
}
/* make sure we know who the sending host is */
if (sendinghost == NULL)
sendinghost = peerhostname;
p = skipword(p, "from");
if (p == NULL)
break;
@ -479,6 +465,8 @@ smtp(nullserver, e)
/* fork a subprocess to process this command */
if (runinchild("SMTP-MAIL", e) > 0)
break;
if (Errors > 0)
goto undo_subproc_no_pm;
if (!gothello)
{
auth_warning(e,
@ -500,6 +488,8 @@ smtp(nullserver, e)
define('r', protocol, e);
define('s', sendinghost, e);
initsys(e);
if (Errors > 0)
goto undo_subproc_no_pm;
nrcpts = 0;
e->e_flags |= EF_LOGSENDER|EF_CLRQUEUE;
setproctitle("%s %s: %.80s", e->e_id, CurSmtpClient, inp);
@ -508,6 +498,8 @@ smtp(nullserver, e)
if (setjmp(TopFrame) > 0)
{
/* this failed -- undo work */
undo_subproc_no_pm:
e->e_flags &= ~EF_PM_NOTIFY;
undo_subproc:
if (InChild)
{
@ -525,10 +517,13 @@ smtp(nullserver, e)
setsender(p, e, &delimptr, ' ', FALSE);
if (delimptr != NULL && *delimptr != '\0')
*delimptr++ = '\0';
if (Errors > 0)
goto undo_subproc_no_pm;
/* do config file checking of the sender */
if (rscheck("check_mail", p, NULL, e) != EX_OK)
goto undo_subproc;
if (rscheck("check_mail", p, NULL, e) != EX_OK ||
Errors > 0)
goto undo_subproc_no_pm;
/* check for possible spoofing */
if (RealUid != 0 && OpMode == MD_SMTP &&
@ -579,20 +574,26 @@ smtp(nullserver, e)
vp == NULL ? "<null>" : vp);
mail_esmtp_args(kp, vp, e);
if (Errors > 0)
goto undo_subproc_no_pm;
}
if (Errors > 0)
goto undo_subproc_no_pm;
if (MaxMessageSize > 0 && e->e_msgsize > MaxMessageSize)
{
usrerr("552 Message size exceeds fixed maximum message size (%ld)",
MaxMessageSize);
/* NOTREACHED */
goto undo_subproc_no_pm;
}
if (!enoughdiskspace(e->e_msgsize))
{
usrerr("452 Insufficient disk space; try again later");
break;
goto undo_subproc_no_pm;
}
if (Errors > 0)
goto undo_subproc_no_pm;
message("250 Sender ok");
gotmail = TRUE;
break;
@ -615,7 +616,7 @@ smtp(nullserver, e)
/* limit flooding of our machine */
if (MaxRcptPerMsg > 0 && nrcpts >= MaxRcptPerMsg)
{
usrerr("450 Too many recipients");
usrerr("452 Too many recipients");
break;
}
@ -626,13 +627,14 @@ smtp(nullserver, e)
if (p == NULL)
break;
a = parseaddr(p, NULLADDR, RF_COPYALL, ' ', &delimptr, e);
if (a == NULL)
if (a == NULL || Errors > 0)
break;
if (delimptr != NULL && *delimptr != '\0')
*delimptr++ = '\0';
/* do config file checking of the recipient */
if (rscheck("check_rcpt", p, NULL, e) != EX_OK)
if (rscheck("check_rcpt", p, NULL, e) != EX_OK ||
Errors > 0)
break;
/* now parse ESMTP arguments */
@ -673,12 +675,15 @@ smtp(nullserver, e)
vp == NULL ? "<null>" : vp);
rcpt_esmtp_args(a, kp, vp, e);
if (Errors > 0)
break;
}
if (Errors > 0)
break;
/* save in recipient list after ESMTP mods */
a = recipient(a, &e->e_sendqueue, 0, e);
if (Errors != 0)
if (Errors > 0)
break;
/* no errors during parsing, but might be a duplicate */
@ -732,9 +737,12 @@ smtp(nullserver, e)
SmtpPhase = "collect";
buffer_errors();
collect(InChannel, TRUE, NULL, e);
flush_errors(TRUE);
if (Errors != 0)
if (Errors > 0)
{
flush_errors(TRUE);
buffer_errors();
goto abortmessage;
}
/* make sure we actually do delivery */
e->e_flags &= ~EF_CLRQUEUE;
@ -781,13 +789,19 @@ smtp(nullserver, e)
message("250 %s Message accepted for delivery", id);
/* if we just queued, poke it */
if (doublequeue && e->e_sendmode != SM_QUEUE &&
if (doublequeue &&
e->e_sendmode != SM_QUEUE &&
e->e_sendmode != SM_DEFER)
{
extern pid_t dowork();
CurrentLA = getla();
unlockqueue(e);
(void) dowork(id, TRUE, TRUE, e);
if (!shouldqueue(e->e_msgpriority, e->e_ctime))
{
extern pid_t dowork();
unlockqueue(e);
(void) dowork(id, TRUE, TRUE, e);
}
}
abortmessage:
@ -849,11 +863,15 @@ smtp(nullserver, e)
}
if (runinchild(vrfy ? "SMTP-VRFY" : "SMTP-EXPN", e) > 0)
break;
if (Errors > 0)
goto undo_subproc;
if (LogLevel > 5)
sm_syslog(LOG_INFO, e->e_id,
"%.100s: %s",
CurSmtpClient,
shortenstring(inp, 203));
if (setjmp(TopFrame) > 0)
goto undo_subproc;
vrfyqueue = NULL;
if (vrfy)
e->e_flags |= EF_VRFYONLY;
@ -867,12 +885,8 @@ smtp(nullserver, e)
{
(void) sendtolist(p, NULLADDR, &vrfyqueue, 0, e);
}
if (Errors != 0)
{
if (InChild)
finis();
break;
}
if (Errors > 0)
goto undo_subproc;
if (vrfyqueue == NULL)
{
usrerr("554 Nothing to %s", vrfy ? "VRFY" : "EXPN");
@ -916,7 +930,7 @@ smtp(nullserver, e)
QueueLimitRecipient = id;
ok = runqueue(TRUE, TRUE);
QueueLimitRecipient = NULL;
if (ok)
if (ok && Errors == 0)
message("250 Queuing for node %s started", p);
break;
@ -1427,12 +1441,15 @@ help(topic)
register FILE *hf;
int len;
bool noinfo;
int sff = SFF_OPENASROOT|SFF_REGONLY;
char buf[MAXLINE];
extern char Version[];
if (DontLockReadFiles)
sff |= SFF_NOLOCK;
if (HelpFile == NULL ||
(hf = safefopen(HelpFile, O_RDONLY, 0444, SFF_OPENASROOT|SFF_REGONLY|SFF_NOLOCK)) == NULL)
(hf = safefopen(HelpFile, O_RDONLY, 0444, sff)) == NULL)
{
/* no help */
errno = 0;

42
usr.sbin/sendmail/src/util.c
View File

@ -33,7 +33,7 @@
*/
#ifndef lint
static char sccsid[] = "@(#)util.c 8.129 (Berkeley) 6/11/97";
static char sccsid[] = "@(#)util.c 8.133 (Berkeley) 8/1/97";
#endif /* not lint */
# include "sendmail.h"
@ -536,13 +536,14 @@ putxline(l, len, mci, pxflags)
int pxflags;
{
register char *p, *end;
register char svchar;
int slop = 0;
/* strip out 0200 bits -- these can look like TELNET protocol */
if (bitset(MCIF_7BIT, mci->mci_flags) ||
bitset(PXLF_STRIP8BIT, pxflags))
{
register char svchar;
for (p = l; (svchar = *p) != '\0'; ++p)
if (bitset(0200, svchar))
*p = svchar &~ 0200;
@ -563,10 +564,9 @@ putxline(l, len, mci, pxflags)
while (mci->mci_mailer->m_linelimit > 0 &&
(p - l + slop) > mci->mci_mailer->m_linelimit)
{
char *l_base = l;
register char *q = &l[mci->mci_mailer->m_linelimit - slop - 1];
svchar = *q;
*q = '\0';
if (l[0] == '.' && slop == 0 &&
bitnset(M_XDOT, mci->mci_mailer->m_flags))
{
@ -583,19 +583,18 @@ putxline(l, len, mci, pxflags)
if (TrafficLogFile != NULL)
(void) putc('>', TrafficLogFile);
}
fputs(l, mci->mci_out);
while (l < q)
(void) putc(*l++, mci->mci_out);
(void) putc('!', mci->mci_out);
fputs(mci->mci_mailer->m_eol, mci->mci_out);
(void) putc(' ', mci->mci_out);
if (TrafficLogFile != NULL)
{
for ( ; l < q; ++l)
for (l = l_base; l < q; l++)
(void) putc(*l, TrafficLogFile);
fprintf(TrafficLogFile, "!\n%05d >>> ",
(int) getpid());
}
*q = svchar;
l = q;
slop = 1;
}
@ -625,7 +624,7 @@ putxline(l, len, mci, pxflags)
if (TrafficLogFile != NULL)
(void) putc('\n', TrafficLogFile);
fputs(mci->mci_mailer->m_eol, mci->mci_out);
if (*l == '\n')
if (l < end && *l == '\n')
{
if (*++l != ' ' && *l != '\t' && *l != '\0')
{
@ -1062,21 +1061,7 @@ checkfd012(where)
struct stat stbuf;
for (i = 0; i < 3; i++)
{
if (fstat(i, &stbuf) < 0 && errno == EBADF)
{
/* oops.... */
int fd;
syserr("%s: fd %d not open", where, i);
fd = open("/dev/null", i == 0 ? O_RDONLY : O_WRONLY, 0666);
if (fd != i)
{
(void) dup2(fd, i);
(void) close(fd);
}
}
}
fill_fd(i, where);
#endif /* XDEBUG */
}
/*
@ -1210,7 +1195,8 @@ dumpfd(fd, printclosed, logit)
#ifdef S_IFSOCK
SOCKADDR sa;
#endif
auto int slen;
auto SOCKADDR_LEN_T slen;
int i;
struct stat st;
char buf[200];
extern char *hostnamebyanyaddr();
@ -1235,10 +1221,10 @@ dumpfd(fd, printclosed, logit)
return;
}
slen = fcntl(fd, F_GETFL, NULL);
if (slen != -1)
i = fcntl(fd, F_GETFL, NULL);
if (i != -1)
{
snprintf(p, SPACELEFT(buf, p), "fl=0x%x, ", slen);
snprintf(p, SPACELEFT(buf, p), "fl=0x%x, ", i);
p += strlen(p);
}

4
usr.sbin/sendmail/src/version.c
View File

@ -33,7 +33,7 @@
*/
#ifndef lint
static char sccsid[] = "@(#)version.c 8.8.6.1 (Berkeley) 6/14/97";
static char sccsid[] = "@(#)version.c 8.8.7.3 (Berkeley) 8/3/97";
#endif /* not lint */
char Version[] = "8.8.6";
char Version[] = "8.8.7";

91
usr.sbin/sendmail/test/t_exclopen.c Normal file
View File

@ -0,0 +1,91 @@
/*
** This program tests your system to see if you have the lovely
** security-defeating semantics that an open with O_CREAT|O_EXCL
** set will successfully open a file named by a symbolic link that
** points to a non-existent file. Sadly, Posix is mute on what
** should happen in this situation.
**
** Results to date:
** AIX 3.2 OK
** BSD family OK
** BSD/OS 2.1 OK
** FreeBSD 2.1 OK
** DEC OSF/1 3.0 OK
** HP-UX 9.04 FAIL
** HP-UX 9.05 FAIL
** HP-UX 9.07 OK
** HP-UX 10.01 OK
** HP-UX 10.10 OK
** HP-UX 10.20 OK
** Irix 5.3 OK
** Irix 6.2 OK
** Linux OK
** NeXT 2.1 OK
** Solaris 2.x OK
** SunOS 4.x OK
** Ultrix 4.3 OK
*/
#include <stdio.h>
#include <errno.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
char Attacker[128];
char Attackee[128];
main(argc, argv)
int argc;
char **argv;
{
struct stat st;
sprintf(Attacker, "/tmp/attacker.%d.%ld", getpid(), time(NULL));
sprintf(Attackee, "/tmp/attackee.%d.%ld", getpid(), time(NULL));
if (symlink(Attackee, Attacker) < 0)
{
printf("Could not create %s->%s symlink: %d\n",
Attacker, Attackee, errno);
bail(1);
}
(void) unlink(Attackee);
if (stat(Attackee, &st) >= 0)
{
printf("%s already exists -- remove and try again.\n",
Attackee);
bail(1);
}
if (open(Attacker, O_WRONLY|O_CREAT|O_EXCL, 0644) < 0)
{
int saveerr = errno;
if (stat(Attackee, &st) >= 0)
{
printf("Weird. Open failed but %s was created anyhow (errno = %d)\n",
Attackee, saveerr);
bail(1);
}
printf("Good show! Exclusive open works properly with symbolic links (errno = %d).\n",
saveerr);
bail(0);
}
if (stat(Attackee, &st) < 0)
{
printf("Weird. Open succeeded but %s was not created\n",
Attackee);
bail(2);
}
printf("Bad news: you can do an exclusive open through a symbolic link\n");
printf("\tBe sure you #define BOGUS_O_EXCL in conf.h\n");
bail(1);
}
bail(stat)
int stat;
{
(void) unlink(Attacker);
(void) unlink(Attackee);
exit(stat);
}