mirror/freebsd
1
0
Fork 0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-19 10:53:58 +00:00
Code Issues Releases Activity

Fix conflicts from sendmail 8.12.8 import

Browse Source
This commit is contained in:
Gregory Neil Shapiro 2003-03-03 17:18:01 +00:00
parent bdf8df5292
commit f9218d3d4f
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=111826
4 changed files with 191 additions and 110 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
contrib/sendmail/mail.local/mail.local.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers.
* Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers.
* All rights reserved.
* Copyright (c) 1990, 1993, 1994
* The Regents of the University of California. All rights reserved.
@ -20,7 +20,7 @@ SM_IDSTR(copyright,
Copyright (c) 1990, 1993, 1994\n\
The Regents of the University of California. All rights reserved.\n")
SM_IDSTR(id, "@(#)$Id: mail.local.c,v 8.239.2.2 2002/09/24 02:09:09 ca Exp $")
SM_IDSTR(id, "@(#)$Id: mail.local.c,v 8.239.2.4 2003/01/15 19:17:15 ca Exp $")
#include <stdlib.h>
#include <sm/errstring.h>
@ -1051,7 +1051,12 @@ deliver(fd, name)
mbfd = -1;
}
}
else if (sb.st_nlink != 1 || !S_ISREG(sb.st_mode))
else if (sb.st_nlink != 1)
{
mailerr("550 5.2.0", "%s: too many links", path);
goto err0;
}
else if (!S_ISREG(sb.st_mode))
{
mailerr("550 5.2.0", "%s: irregular file", path);
goto err0;

4
contrib/sendmail/src/conf.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers.
* Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers.
* All rights reserved.
* Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved.
* Copyright (c) 1988, 1993
@ -13,7 +13,7 @@
#include <sendmail.h>
SM_RCSID("@(#)$Id: conf.c,v 8.972.2.25 2002/12/12 21:19:29 ca Exp $")
SM_RCSID("@(#)$Id: conf.c,v 8.972.2.27 2003/01/15 19:17:14 ca Exp $")
#include <sendmail/pathnames.h>

280
contrib/sendmail/src/headers.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1998-2001 Sendmail, Inc. and its suppliers.
* Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers.
* All rights reserved.
* Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved.
* Copyright (c) 1988, 1993
@ -13,9 +13,9 @@
#include <sendmail.h>
SM_RCSID("@(#)$Id: headers.c,v 8.266.4.2 2002/09/23 23:42:02 ca Exp $")
SM_RCSID("@(#)$Id: headers.c,v 8.266.4.4 2003/01/18 00:41:48 gshapiro Exp $")
static size_t fix_mime_header __P((char *));
static size_t fix_mime_header __P((HDR *, ENVELOPE *));
static int priencode __P((char *));
static void put_vanilla_header __P((HDR *, char *, MCI *));
@ -676,8 +676,8 @@ eatheader(e, full, log)
if (buf[0] != '\0')
{
if (bitset(H_FROM, h->h_flags))
expand(crackaddr(buf), buf, sizeof buf,
e);
expand(crackaddr(buf, e),
buf, sizeof buf, e);
h->h_value = sm_rpool_strdup_x(e->e_rpool, buf);
h->h_flags &= ~H_DEFAULT;
}
@ -998,7 +998,11 @@ priencode(p)
** it and replaces it with "$g". The parse is totally ad hoc
** and isn't even guaranteed to leave something syntactically
** identical to what it started with. However, it does leave
** something semantically identical.
** something semantically identical if possible, else at least
** syntactically correct.
**
** For example, it changes "Real Name <real@example.com> (Comment)"
** to "Real Name <$g> (Comment)".
**
** This algorithm has been cleaned up to handle a wider range
** of cases -- notably quoted and backslash escaped strings.
@ -1007,6 +1011,7 @@ priencode(p)
**
** Parameters:
** addr -- the address to be cracked.
** e -- the current envelope.
**
** Returns:
** a pointer to the new version.
@ -1019,28 +1024,50 @@ priencode(p)
** be copied if it is to be reused.
*/
#define SM_HAVE_ROOM ((bp < buflim) && (buflim <= bufend))
/*
** Append a character to bp if we have room.
** If not, punt and return $g.
*/
#define SM_APPEND_CHAR(c) \
do \
{ \
if (SM_HAVE_ROOM) \
*bp++ = (c); \
else \
goto returng; \
} while (0)
#if MAXNAME < 10
ERROR MAXNAME must be at least 10
#endif /* MAXNAME < 10 */
char *
crackaddr(addr)
crackaddr(addr, e)
register char *addr;
ENVELOPE *e;
{
register char *p;
register char c;
int cmtlev;
int realcmtlev;
int anglelev, realanglelev;
int copylev;
int bracklev;
bool qmode;
bool realqmode;
bool skipping;
bool putgmac = false;
bool quoteit = false;
bool gotangle = false;
bool gotcolon = false;
int cmtlev; /* comment level in input string */
int realcmtlev; /* comment level in output string */
int anglelev; /* angle level in input string */
int copylev; /* 0 == in address, >0 copying */
int bracklev; /* bracket level for IPv6 addr check */
bool addangle; /* put closing angle in output */
bool qmode; /* quoting in original string? */
bool realqmode; /* quoting in output string? */
bool putgmac = false; /* already wrote $g */
bool quoteit = false; /* need to quote next character */
bool gotangle = false; /* found first '<' */
bool gotcolon = false; /* found a ':' */
register char *bp;
char *buflim;
char *bufhead;
char *addrhead;
char *bufend;
static char buf[MAXNAME + 1];
if (tTd(33, 1))
@ -1055,25 +1082,22 @@ crackaddr(addr)
** adjusted later if we find them.
*/
buflim = bufend = &buf[sizeof(buf) - 1];
bp = bufhead = buf;
buflim = &buf[sizeof buf - 7];
p = addrhead = addr;
copylev = anglelev = realanglelev = cmtlev = realcmtlev = 0;
copylev = anglelev = cmtlev = realcmtlev = 0;
bracklev = 0;
qmode = realqmode = false;
qmode = realqmode = addangle = false;
while ((c = *p++) != '\0')
{
/*
** If the buffer is overful, go into a special "skipping"
** mode that tries to keep legal syntax but doesn't actually
** output things.
** Try to keep legal syntax using spare buffer space
** (maintained by buflim).
*/
skipping = bp >= buflim;
if (copylev > 0 && !skipping)
*bp++ = c;
if (copylev > 0)
SM_APPEND_CHAR(c);
/* check for backslash escapes */
if (c == '\\')
@ -1088,8 +1112,8 @@ crackaddr(addr)
p--;
goto putg;
}
if (copylev > 0 && !skipping)
*bp++ = c;
if (copylev > 0)
SM_APPEND_CHAR(c);
goto putg;
}
@ -1097,8 +1121,14 @@ crackaddr(addr)
if (c == '"' && cmtlev <= 0)
{
qmode = !qmode;
if (copylev > 0 && !skipping)
if (copylev > 0 && SM_HAVE_ROOM)
{
if (realqmode)
buflim--;
else
buflim++;
realqmode = !realqmode;
}
continue;
}
if (qmode)
@ -1110,15 +1140,15 @@ crackaddr(addr)
cmtlev++;
/* allow space for closing paren */
if (!skipping)
if (SM_HAVE_ROOM)
{
buflim--;
realcmtlev++;
if (copylev++ <= 0)
{
if (bp != bufhead)
*bp++ = ' ';
*bp++ = c;
SM_APPEND_CHAR(' ');
SM_APPEND_CHAR(c);
}
}
}
@ -1128,7 +1158,7 @@ crackaddr(addr)
{
cmtlev--;
copylev--;
if (!skipping)
if (SM_HAVE_ROOM)
{
realcmtlev--;
buflim++;
@ -1139,7 +1169,7 @@ crackaddr(addr)
else if (c == ')')
{
/* syntax error: unmatched ) */
if (copylev > 0 && !skipping)
if (copylev > 0 && SM_HAVE_ROOM)
bp--;
}
@ -1157,7 +1187,7 @@ crackaddr(addr)
/*
** Check for DECnet phase IV ``::'' (host::user)
** or ** DECnet phase V ``:.'' syntaxes. The latter
** or DECnet phase V ``:.'' syntaxes. The latter
** covers ``user@DEC:.tay.myhost'' and
** ``DEC:.tay.myhost::user'' syntaxes (bletch).
*/
@ -1166,10 +1196,10 @@ crackaddr(addr)
{
if (cmtlev <= 0 && !qmode)
quoteit = true;
if (copylev > 0 && !skipping)
if (copylev > 0)
{
*bp++ = c;
*bp++ = *p;
SM_APPEND_CHAR(c);
SM_APPEND_CHAR(*p);
}
p++;
goto putg;
@ -1180,41 +1210,43 @@ crackaddr(addr)
bp = bufhead;
if (quoteit)
{
*bp++ = '"';
SM_APPEND_CHAR('"');
/* back up over the ':' and any spaces */
--p;
while (isascii(*--p) && isspace(*p))
while (p > addr &&
isascii(*--p) && isspace(*p))
continue;
p++;
}
for (q = addrhead; q < p; )
{
c = *q++;
if (bp < buflim)
if (quoteit && c == '"')
{
if (quoteit && c == '"')
*bp++ = '\\';
*bp++ = c;
SM_APPEND_CHAR('\\');
SM_APPEND_CHAR(c);
}
else
SM_APPEND_CHAR(c);
}
if (quoteit)
{
if (bp == &bufhead[1])
bp--;
else
*bp++ = '"';
SM_APPEND_CHAR('"');
while ((c = *p++) != ':')
{
if (bp < buflim)
*bp++ = c;
}
*bp++ = c;
SM_APPEND_CHAR(c);
SM_APPEND_CHAR(c);
}
/* any trailing white space is part of group: */
while (isascii(*p) && isspace(*p) && bp < buflim)
*bp++ = *p++;
while (isascii(*p) && isspace(*p))
{
SM_APPEND_CHAR(*p);
p++;
}
copylev = 0;
putgmac = quoteit = false;
bufhead = bp;
@ -1223,10 +1255,7 @@ crackaddr(addr)
}
if (c == ';' && copylev <= 0 && !ColonOkInAddr)
{
if (bp < buflim)
*bp++ = c;
}
SM_APPEND_CHAR(c);
/* check for characters that may have to be quoted */
if (strchr(MustQuoteChars, c) != NULL)
@ -1254,42 +1283,45 @@ crackaddr(addr)
/* oops -- have to change our mind */
anglelev = 1;
if (!skipping)
realanglelev = 1;
if (SM_HAVE_ROOM)
{
if (!addangle)
buflim--;
addangle = true;
}
bp = bufhead;
if (quoteit)
{
*bp++ = '"';
SM_APPEND_CHAR('"');
/* back up over the '<' and any spaces */
--p;
while (isascii(*--p) && isspace(*p))
while (p > addr &&
isascii(*--p) && isspace(*p))
continue;
p++;
}
for (q = addrhead; q < p; )
{
c = *q++;
if (bp < buflim)
if (quoteit && c == '"')
{
if (quoteit && c == '"')
*bp++ = '\\';
*bp++ = c;
SM_APPEND_CHAR('\\');
SM_APPEND_CHAR(c);
}
else
SM_APPEND_CHAR(c);
}
if (quoteit)
{
if (bp == &buf[1])
bp--;
else
*bp++ = '"';
SM_APPEND_CHAR('"');
while ((c = *p++) != '<')
{
if (bp < buflim)
*bp++ = c;
}
*bp++ = c;
SM_APPEND_CHAR(c);
SM_APPEND_CHAR(c);
}
copylev = 0;
putgmac = quoteit = false;
@ -1301,13 +1333,14 @@ crackaddr(addr)
if (anglelev > 0)
{
anglelev--;
if (!skipping)
if (SM_HAVE_ROOM)
{
realanglelev--;
buflim++;
if (addangle)
buflim++;
addangle = false;
}
}
else if (!skipping)
else if (SM_HAVE_ROOM)
{
/* syntax error: unmatched > */
if (copylev > 0)
@ -1316,7 +1349,7 @@ crackaddr(addr)
continue;
}
if (copylev++ <= 0)
*bp++ = c;
SM_APPEND_CHAR(c);
continue;
}
@ -1324,30 +1357,42 @@ crackaddr(addr)
putg:
if (copylev <= 0 && !putgmac)
{
if (bp > bufhead && bp[-1] == ')')
*bp++ = ' ';
*bp++ = MACROEXPAND;
*bp++ = 'g';
if (bp > buf && bp[-1] == ')')
SM_APPEND_CHAR(' ');
SM_APPEND_CHAR(MACROEXPAND);
SM_APPEND_CHAR('g');
putgmac = true;
}
}
/* repair any syntactic damage */
if (realqmode)
if (realqmode && bp < bufend)
*bp++ = '"';
while (realcmtlev-- > 0)
while (realcmtlev-- > 0 && bp < bufend)
*bp++ = ')';
while (realanglelev-- > 0)
if (addangle && bp < bufend)
*bp++ = '>';
*bp++ = '\0';
*bp = '\0';
if (bp < bufend)
goto success;
returng:
/* String too long, punt */
buf[0] = '<';
buf[1] = MACROEXPAND;
buf[2]= 'g';
buf[3] = '>';
buf[4]= '\0';
sm_syslog(LOG_ALERT, e->e_id,
"Dropped invalid comments from header address");
success:
if (tTd(33, 1))
{
sm_dprintf("crackaddr=>`");
xputs(buf);
sm_dprintf("'\n");
}
return buf;
}
/*
@ -1412,7 +1457,7 @@ putheader(mci, hdr, e, flags)
{
size_t len;
len = fix_mime_header(h->h_value);
len = fix_mime_header(h, e);
if (len > 0)
{
sm_syslog(LOG_ALERT, e->e_id,
@ -1455,13 +1500,28 @@ putheader(mci, hdr, e, flags)
if (shorten_rfc822_string(h->h_value,
MaxMimeHeaderLength))
{
sm_syslog(LOG_ALERT, e->e_id,
"Truncated long MIME %s header (length = %ld) (possible attack)",
h->h_field, (unsigned long) len);
if (tTd(34, 11))
sm_dprintf(" truncated long MIME %s header (length = %ld) (possible attack)\n",
h->h_field,
(unsigned long) len);
if (len < MaxMimeHeaderLength)
{
/* we only rebalanced a bogus header */
sm_syslog(LOG_ALERT, e->e_id,
"Fixed MIME %s header (possible attack)",
h->h_field);
if (tTd(34, 11))
sm_dprintf(" fixed MIME %s header (possible attack)\n",
h->h_field);
}
else
{
/* we actually shortened header */
sm_syslog(LOG_ALERT, e->e_id,
"Truncated long MIME %s header (length = %ld) (possible attack)",
h->h_field,
(unsigned long) len);
if (tTd(34, 11))
sm_dprintf(" truncated long MIME %s header (length = %ld) (possible attack)\n",
h->h_field,
(unsigned long) len);
}
}
}
@ -1856,7 +1916,8 @@ copyheader(header, rpool)
** to MaxMimeFieldLength.
**
** Parameters:
** string -- the full header
** h -- the header to truncate/rebalance
** e -- the current envelope
**
** Returns:
** length of last offending field, 0 if all ok.
@ -1866,15 +1927,16 @@ copyheader(header, rpool)
*/
static size_t
fix_mime_header(string)
char *string;
fix_mime_header(h, e)
HDR *h;
ENVELOPE *e;
{
char *begin = string;
char *begin = h->h_value;
char *end;
size_t len = 0;
size_t retlen = 0;
if (string == NULL || *string == '\0')
if (begin == NULL || *begin == '\0')
return 0;
/* Split on each ';' */
@ -1889,7 +1951,23 @@ fix_mime_header(string)
/* Shorten individual parameter */
if (shorten_rfc822_string(begin, MaxMimeFieldLength))
retlen = len;
{
if (len < MaxMimeFieldLength)
{
/* we only rebalanced a bogus field */
sm_syslog(LOG_ALERT, e->e_id,
"Fixed MIME %s header field (possible attack)",
h->h_field);
if (tTd(34, 11))
sm_dprintf(" fixed MIME %s header field (possible attack)\n",
h->h_field);
}
else
{
/* we actually shortened the header */
retlen = len;
}
}
/* Collapse the possibly shortened string with rest */
bp = begin + strlen(begin);

6
contrib/sendmail/src/mci.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers.
* Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers.
* All rights reserved.
* Copyright (c) 1995-1997 Eric P. Allman. All rights reserved.
* Copyright (c) 1988, 1993
@ -13,7 +13,7 @@
#include <sendmail.h>
SM_RCSID("@(#)$Id: mci.c,v 8.205.2.2 2002/11/26 19:15:19 gshapiro Exp $")
SM_RCSID("@(#)$Id: mci.c,v 8.205.2.3 2003/01/07 03:56:19 ca Exp $")
#if NETINET || NETINET6
# include <arpa/inet.h>
@ -1244,10 +1244,8 @@ mci_print_persistent(pathname, hostname)
locked ? '*' : ' ', hostname,
pintvl(curtime() - mcib.mci_lastuse, true));
if (mcib.mci_rstatus != NULL)
{
(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, "%.*s\n", width,
mcib.mci_rstatus);
}
else if (mcib.mci_exitstat == EX_TEMPFAIL && mcib.mci_errno != 0)
(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
"Deferred: %.*s\n", width - 10,