From: millert Date: Fri, 7 Apr 2000 19:20:25 +0000 (+0000) Subject: Update to sendmail-8.10.1 X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=52fdffe7cfeb6f29fb27ea33fca5b5df72ae9dca;p=openbsd Update to sendmail-8.10.1 --- diff --git a/gnu/usr.sbin/sendmail/README b/gnu/usr.sbin/sendmail/README index 7417e7eef10..8b9b9123e7e 100644 --- a/gnu/usr.sbin/sendmail/README +++ b/gnu/usr.sbin/sendmail/README @@ -294,9 +294,7 @@ No ident server is included with this distribution. It is available from: ftp://ftp.lysator.liu.se/pub/ident/servers/ - ftp://romulus.ucs.uoknor.edu/networking/ident/servers/ - ftp://ftp.cyf-kr.edu.pl/agh/uciagh/network/ident/ - + http://sf.www.lysator.liu.se/~pen/pidentd/ +-------------------------+ | INTEROPERATION PROBLEMS | @@ -366,4 +364,4 @@ sendmail Source for the sendmail program itself. test Some test scripts (currently only for compilation aids). vacation Source for the vacation program. NOT PART OF SENDMAIL! -$Revision: 1.2 $, Last updated $Date: 2000/04/02 19:48:09 $ +$Revision: 1.3 $, Last updated $Date: 2000/04/07 19:20:25 $ diff --git a/gnu/usr.sbin/sendmail/RELEASE_NOTES b/gnu/usr.sbin/sendmail/RELEASE_NOTES index ec32d427cb8..0a6b4700fd6 100644 --- a/gnu/usr.sbin/sendmail/RELEASE_NOTES +++ b/gnu/usr.sbin/sendmail/RELEASE_NOTES @@ -1,11 +1,123 @@ SENDMAIL RELEASE NOTES - $Sendmail: RELEASE_NOTES,v 8.521 2000/03/03 19:28:31 gshapiro Exp $ + $Sendmail: RELEASE_NOTES,v 8.561 2000/04/06 23:51:49 gshapiro Exp $ This listing shows the version of the sendmail binary, the version of the sendmail configuration files, the date of release, and a summary of the changes in that release. +8.10.1/8.10.1 2000/04/06 + SECURITY: Limit the choice of outgoing (client-side) SMTP + Authentication mechanisms to those specified in + AuthMechanisms to prevent information leakage. We do not + recommend use of PLAIN for outgoing mail as it sends the + password in clear text to possibly untrusted servers. See + cf/README's DefAuthInfo section for additional information. + Copy the ident argument for openlog() to avoid problems on some + OSs. Based on patch from Rob Bajorek from Webhelp.com. + Avoid bogus error message when reporting an alias line as too long. + Avoid bogus socket error message if sendmail.cf version level is + greater than sendmail binary supported version. Patch + from John Beck of Sun Microsystems. + Prevent a malformed ruleset (missing right hand side) from causing + a segmentation fault when using address test mode. Based on + patch from John Beck of Sun Microsystems. + Prevent memory leak from use of NIS maps and yp_match(3). Problem + noted by Gil Kloepfer of the University of Texas at Austin. + Fix queue file permission checks to allow for TrustedUser ownership. + Change logging of errors from the trust_auth ruleset to LogLevel 10 + or higher. + Avoid simple password cracking attacks against SMTP AUTH by using + exponential delay after too many tries within one connection. + Encode an initial empty AUTH challenge as '=', not as empty string. + Avoid segmentation fault on EX_SOFTWARE internal error logs. + Problem noted by Allan E Johannesen of Worcester + Polytechnic Institute. + Ensure that a header check which resolves to $#discard actually + discards the message. + Emit missing value warnings for aliases with no right hand side + when newaliases is run instead of only when delivery is + attempted to the alias. + Remove AuthOptions missing value warning for consistency with other + flag options. + Portability: + SECURITY: Specify a run-time shared library search path for + AIX 4.X instead of using the dangerous AIX 4.X + linker semantics. AIX 4.X users should consult + sendmail/README for further information. Problem + noted by Valdis Kletnieks of Virginia Tech. + Avoid use of strerror(3) call. Problem noted by Charles + Levert of Ecole Polytechnique de Montreal. + DGUX requires -lsocket -lnsl and has a non-standard install + program. From Tim Boyer of Denman Tire Corporation. + HPUX 11.0 has a broken res_search() function. + Updates to devtools/OS/NeXT.3.X, NeXT.4.X, and NEXTSTEP.4.X + from J. P. McCann of E I A. + Digital UNIX/Compaq Tru64 5.0 now includes snprintf(3). + Problem noted by Michael Long of Info Avenue Internet + Services, LLC. + Modern (post-199912) OpenBSD versions include working + strlc{at,py}(3) functions. From Todd C. Miller of + Courtesan Consulting. + SINIX doesn't have random(3). From Gerald Rinske of + Siemens Business Services. + CONFIG: Change error message about unresolvable sender domain to + include the sender address. Proposed by Wolfgang Rupprecht + of WSRCC. + CONFIG: Fix usenet mailer calls. + CONFIG: If RELAY_MAILER_FLAGS is not defined, use SMTP_MAILER_FLAGS + to be backward compatible with 8.9. + CONFIG: Change handling of default case @domain for virtusertable + to allow for +*@domain to deal with +detail. + CONTRIB: Remove converting.sun.configs -- it is obsolete. + DEVTOOLS: confUBINMODE was being ignored. Fix from KITAZIMA, Tuneki + of NEC. + DEVTOOLS: Add to NCR platform list and include the architecture + (i486). From Tom J. Moore of NCR. + DEVTOOLS: SECURITY: Change method of linking with sendmail utility + libraries to work around the AIX 4.X and SunOS 4.X linker's + overloaded -L option. Problem noted by Valdis Kletnieks of + Virginia Tech. + DEVTOOLS: configure.sh was overriding the user's choice for + confNROFF. Problem noted by Glenn A. Malling of Syracuse + University. + DEVTOOLS: New variables conf_prog_LIB_POST and confBLDVARIANT added + for other internal projects but included in the open source + release. + LIBSMDB: Check for ".db" instead of simply "db" at the end of the + map name to determine whether or not to add the extension. + This fixes makemap when building the userdb file. Problem + noted by Andrew J Cole of the University of Leeds. + LIBSMDB: Allow a database to be opened for updating and created if + it doesn't already exist. Problem noted by Rand Wacker of + Sendmail. + LIBSMDB: If type is SMDB_TYPE_DEFAULT and both NEWDB and NDBM are + available, fall back to NDBM if NEWDB open fails. This + fixes praliases. Patch from John Beck of Sun Microsystems. + LIBSMUTIL: safefile()'s SFF_NOTEXCL check was being misinterpreted + as SFF_NOWRFILES. + OP.ME: Clarify some issues regarding mailer flags. Suggested by + Martin Mokrejs of The Charles University and Neil Rickert of + Northern Illinois University. + PRALIASES: Restore 8.9.X functionality of being able to search for + particular keys in a database by specifying the keys on the + command line. Man page updated accordingly. Patch from + John Beck of Sun Microsystems. + VACATION: SunOS 4.X portability from Charles Levert of Ecole + Polytechnique de Montreal. + VACATION: Fix -t option which is ignored but available for + compatibility with Sun's version, based on patch from + Volker Dobler of Infratest Burke. + Added Files: + devtools/M4/UNIX/smlib.m4 + devtools/OS/OSF1.V5.0 + Deleted Files: + contrib/converting.sun.configs + Deleted Directories (already done in 8.10.0 but not listed): + doc/intro + doc/usenix + doc/changes + 8.10.0/8.10.0 2000/03/01 ************************************************************* * The engineering department at Sendmail, Inc. has suffered * @@ -680,7 +792,7 @@ summary of the changes in that release. spoof their return address. Based on idea from Neil Rickert of Northern Illinois University and patch from Per Hedeland of Ericsson. - Report the proper UID in the bounce message if an :include: file is + Report the proper UID in the bounce message if an :include: file is owned by a uid that doesn't map to a username and the :include: file contains delivery to a file or program. Problem noted by John Beck of Sun Microsystems. @@ -1024,7 +1136,7 @@ summary of the changes in that release. CONFIG: Allow ":D.S.N:" for mailer/virtusertable "error:" entries, where "D.S.N" is an RFC 1893 compliant error code. CONFIG: Use /usr/lbin as confEBINDIR for Compaq Tru64 (Digital UNIX). - CONFIG: Remove second space between username and date in UNIX From_ + CONFIG: Remove second space between username and date in UNIX From_ line. Noted by Allan E Johannesen of Worcester Polytechnic Institute. CONFIG: Make sure all of the mailers have complete T= equates. diff --git a/gnu/usr.sbin/sendmail/cf/README b/gnu/usr.sbin/sendmail/cf/README index ac6e4feb084..ca0d3b5159a 100644 --- a/gnu/usr.sbin/sendmail/cf/README +++ b/gnu/usr.sbin/sendmail/cf/README @@ -165,7 +165,7 @@ them with directed quotes, `like this'. sendmail 8.9 has introduced a new configuration directory for sendmail related files, /etc/mail. The new files available for sendmail 8.9 -- -the class 'R' /etc/mail/relay-domains and the access database +the class {R} /etc/mail/relay-domains and the access database /etc/mail/access -- take advantage of this new directory. Beginning with 8.10, all files will use this directory by default (some options may be set by OSTYPE() files). This new directory should help to restore @@ -252,12 +252,14 @@ HELP_FILE [/etc/mail/helpfile] The name of the file containing information printed in response to the SMTP HELP command. QUEUE_DIR [/var/spool/mqueue] The directory containing - queue files. To use multiple queues, supply - a value ending with an asterisk. For + queue files. To use multiple queues, supply + a value ending with an asterisk. For example, /var/spool/mqueue/q* will use all of the directories or symbolic links to directories beginning with 'q' in /var/spool/mqueue as queue - directories. + directories. The names 'qf', 'df', and 'xf' are + used as specific subdirectories for the corresponding + queue file types. STATUS_FILE [/etc/mail/statistics] The file containing status information. LOCAL_MAILER_PATH [/bin/mail] The program used to deliver local mail. @@ -299,7 +301,8 @@ SMTP_MAILER_FLAGS [undefined] Flags added to SMTP mailer. Default "dsmtp" adds `%'. RELAY_MAILER_FLAGS [undefined] Flags added to the relay mailer. Default flags are `mDFMuX' for all SMTP-based mailers; the - relay mailer adds `a8'. + relay mailer adds `a8'. If this is not defined, + then SMTP_MAILER_FLAGS is used. SMTP_MAILER_MAX [undefined] The maximum size of messages that will be transported using the smtp, smtp8, esmtp, or dsmtp mailers. @@ -494,9 +497,9 @@ uucp The Unix-to-Unix Copy Program mailer. Actually, this ("uucp-dom" and "uucp-uudom") are also defined [warning: you MUST specify MAILER(smtp) before MAILER(uucp)]. When you include the uucp mailer, sendmail looks for all names in - the $=U class and sends them to the uucp-old mailer; all - names in the $=Y class are sent to uucp-new; and all - names in the $=Z class are sent to uucp-uudom. Note that + class {U} and sends them to the uucp-old mailer; all + names in class {Y} are sent to uucp-new; and all + names in class {Z} are sent to uucp-uudom. Note that this is a function of what version of rmail runs on the receiving end, and hence may be out of your control. See the section below describing UUCP mailers in more @@ -573,7 +576,7 @@ example, the .mc line: FEATURE(`use_cw_file') tells sendmail that you want to have it read an /etc/mail/local-host-names -file to get values for class $=w. The FEATURE may contain up to 9 +file to get values for class {w}. The FEATURE may contain up to 9 optional parameters -- for example: FEATURE(`mailertable', `dbm /usr/lib/mailertable') @@ -605,7 +608,7 @@ use_ct_file Read the file /etc/mail/trusted-users file to get the by redefining confCT_FILE. redirect Reject all mail addressed to "address.REDIRECT" with - a ``551 User not local; please try
'' message. + a ``551 User has moved; please try
'' message. If this is set, you can alias people who have left to their new address with ".REDIRECT" appended. @@ -663,10 +666,10 @@ stickyhost If set, email sent to "user@local.host" are marked turn this off. mailertable Include a "mailer table" which can be used to override - routing for particular domains (which are not in $=w, i.e. - local host names). The argument of the FEATURE may be the - key definition. If none is specified, the definition used - is: + routing for particular domains (which are not in class {w}, + i.e. local host names). The argument of the FEATURE may be + the key definition. If none is specified, the definition + used is: hash /etc/mail/mailertable @@ -746,10 +749,11 @@ allmasquerade If masquerading is enabled (using MASQUERADE_AS), this local entries. limited_masquerade - Normally, any hosts listed in $=w are masqueraded. If this - feature is given, only the hosts listed in $=M are masqueraded. - This is useful if you have several domains with disjoint - namespaces hosted on the same machine. + Normally, any hosts listed in class {w} are masqueraded. If + this feature is given, only the hosts listed in class {M} (see + below: MASQUERADE_DOMAIN) are masqueraded. This is useful + if you have several domains with disjoint namespaces hosted + on the same machine. masquerade_entire_domain If masquerading is enabled (using MASQUERADE_AS) and @@ -770,18 +774,18 @@ masquerade_entire_domain NOTE: only domains within your jurisdiction and current hierarchy should be masqueraded using this. -genericstable This feature will cause certain addresses originating locally - (i.e., that are unqualified) or a domain listed in $=G to be - looked up in a map and turned into another ("generic") form, - which can change both the domain name and the user name. This - is similar to the userdb functionality. The same types of +genericstable This feature will cause unqualified addresses (i.e., without + a domain) and addresses with a domain listed in class {G} + to be looked up in a map and turned into another ("generic") + form, which can change both the domain name and the user name. + This is similar to the userdb functionality. The same types of addresses as for masquerading are looked up, i.e., only header sender addresses unless the allmasquerade and/or masquerade_envelope features are given. Qualified addresses - must have the domain part in the list of names given by the - by the macros GENERICS_DOMAIN or GENERICS_DOMAIN_FILE - (analogously to MASQUERADE_DOMAIN and MASQUERADE_DOMAIN_FILE, - see below). + must have the domain part in class {G}; entries can + be added to this class by the macros GENERICS_DOMAIN or + GENERICS_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and + MASQUERADE_DOMAIN_FILE, see below). The argument of FEATURE(`genericstable') may be the map definition; the default map definition is: @@ -808,7 +812,7 @@ generics_entire_domain If the genericstable is enabled and GENERICS_DOMAIN or GENERICS_DOMAIN_FILE is used, this feature will cause addresses to be searched in the map if their domain - parts are subdomains of elements in class $=G. + parts are subdomains of elements in class {G}. virtusertable A domain-specific form of aliasing, allowing multiple virtual domains to be hosted on one machine. For example, @@ -840,17 +844,20 @@ virtusertable A domain-specific form of aliasing, allowing multiple old+*@foo.org new+%2@example.com gen+*@foo.org %2@example.com + +*@foo.org %1+%2@example.com - and other forms are possible. + and other forms are possible. Note: to preserve "+detail" + for a default case (@domain) +*@domain must be used as + exemplified above. All the host names on the left hand side (foo.com, bar.com, - and baz.org) must be in $=w or $={VirtHost}, the latter can - be defined by the macros VIRTUSER_DOMAIN or + and baz.org) must be in class {w} or class {VirtHost}, the + latter can be defined by the macros VIRTUSER_DOMAIN or VIRTUSER_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and MASQUERADE_DOMAIN_FILE, see below). If VIRTUSER_DOMAIN or - VIRTUSER_DOMAIN_FILE is used, then the entries of $={VirtHost} - are added to class 'R', i.e., relaying is allowed to - (and from) those domains. The default map definition is: + VIRTUSER_DOMAIN_FILE is used, then the entries of class + {VirtHost} are added to class {R}, i.e., relaying is allowed + to (and from) those domains. The default map definition is: hash /etc/mail/virtusertable @@ -863,12 +870,12 @@ virtuser_entire_domain If the virtusertable is enabled and VIRTUSER_DOMAIN or VIRTUSER_DOMAIN_FILE is used, this feature will cause addresses to be searched in the map if their domain - parts are subdomains of elements in class $={VirtHost}. + parts are subdomains of elements in class {VirtHost}. ldap_routing Implement LDAP-based e-mail recipient routing according to the Internet Draft draft-lachman-laser-ldap-mail-routing-01. This provides a method to re-route addresses with a - domain portion in the $={LDAPRoute} class to either a + domain portion in class {LDAPRoute} to either a different mail host or a different address. Hosts can be added to this class using LDAPROUTE_DOMAIN and LDAPROUTE_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and @@ -888,10 +895,7 @@ nullclient This is a special case -- it creates a configuration file is the name of that hub. The only other feature that should be used in conjunction - with this one is "nocanonify" (this causes addresses to - be sent unqualified via the SMTP connection; normally - they are qualified with the masquerade name, which - defaults to the name of the hub machine). No mailers + with this one is FEATURE(`nocanonify'). No mailers should be defined. No aliasing or forwarding is done. local_lmtp Use an LMTP capable local mailer. The argument to this @@ -965,19 +969,19 @@ promiscuous_relay domain and sending it to another host outside your domain). This option sets your site to allow mail relaying from any site to any site. In general, it is better to control the - relaying more carefully with the access db and the 'R' - class ($=R). Domains can be added to class 'R' by the - macros RELAY_DOMAIN or RELAY_DOMAIN_FILE (analogously to - MASQUERADE_DOMAIN and MASQUERADE_DOMAIN_FILE, see below). + relaying more carefully with the access db and class {R}. + Domains can be added to class {R} by the macros RELAY_DOMAIN + or RELAY_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and + MASQUERADE_DOMAIN_FILE, see below). relay_entire_domain By default, only hosts listed as RELAY in the access db will be allowed to relay. This option also allows any - host in your domain as defined by the 'm' class ($=m). + host in your domain as defined by class {m}. relay_hosts_only By default, names that are listed as RELAY in the access - db and class 'R' ($=R) are domain names, not host names. + db and class {R} are domain names, not host names. For example, if you specify ``foo.com'', then mail to or from foo.com, abc.foo.com, or a.very.deep.domain.foo.com will all be accepted for relaying. This feature changes @@ -1063,11 +1067,11 @@ rbl This feature is deprecated! Please use dnsbl instead. http://maps.vix.com/rbl/. dnsbl Turns on rejection of hosts found in an DNS based rejection - list. If an argument is provided it is used as the name - sever to contact; otherwise it defaults to rbl.maps.vix.com. - An explanation for an DNS based rejection list can be found - http://maps.vix.com/rbl/. A second argument can be used to - change the default error message of + list. If an argument is provided it is used as the domain + in which blocked hosts are listed; otherwise it defaults to + rbl.maps.vix.com. An explanation for an DNS based rejection + list can be found http://maps.vix.com/rbl/. A second argument + can be used to change the default error message of Mail from $&{client_addr} refused by blackhole site SERVER where SERVER is replaced by the first argument. This feature can be included several times to query different DNS based @@ -1075,7 +1079,7 @@ dnsbl Turns on rejection of hosts found in an DNS based rejection loose_relay_check Normally, if % addressing is used for a recipient, e.g. - user%site@othersite, and othersite is in class 'R', the + user%site@othersite, and othersite is in class {R}, the check_rcpt ruleset will strip @othersite and recheck user@site for relaying. This feature changes that behavior. It should not be needed for most installations. @@ -1115,7 +1119,7 @@ lists of UUCP hosts they speak with directly. This can get a bit more tricky. For an example of a "complex" site, see cf/ucbvax.mc. If your host is known by several different names, you need to augment -the $=w class. This is a list of names by which you are known, and +class {w}. This is a list of names by which you are known, and anything sent to an address using a host name in this list will be treated as local mail. You can do this in two ways: either create the file /etc/mail/local-host-names containing a list of your aliases (one per @@ -1133,13 +1137,13 @@ reads the file uucp.ucbvax for local connection information. The second parameter is the local name (in this case just "ucbvax" since it is locally connected, and hence a UUCP hostname). The third parameter is the name of both a macro to store the local name (in -this case, $U) and the name of the class (e.g., $=U) in which to store +this case, {U}) and the name of the class (e.g., {U}) in which to store the host information read from the file. Another SITECONFIG line reads SITECONFIG(`uucp.ucbarpa', `ucbarpa.Berkeley.EDU', `W') This says that the file uucp.ucbarpa contains the list of UUCP sites -connected to ucbarpa.Berkeley.EDU. The $=W class will be used to +connected to ucbarpa.Berkeley.EDU. Class {W} will be used to store this list, and $W is defined to be ucbarpa.Berkeley.EDU, that is, the name of the relay to which the hosts listed in uucp.ucbarpa are connected. [The machine ucbarpa is gone now, but this @@ -1149,7 +1153,7 @@ how you might do this.] Note that the case of SITECONFIG with a third parameter of ``U'' is special; the second parameter is assumed to be the UUCP name of the local site, rather than the name of a remote site, and the UUCP name -is entered into $=w (the list of local hostnames) as $U.UUCP. +is entered into class {w} (the list of local hostnames) as $U.UUCP. The siteconfig file (e.g., siteconfig/uucp.ucbvax.m4) contains nothing more than a sequence of SITE macros describing connectivity. For @@ -1323,8 +1327,9 @@ CNAME. However, if you use a CNAME, the receiving side may canonify it for you, so don't think you can cheat CNAME mapping this way. Normally the only addresses that are masqueraded are those that come -from this host (that is, are either unqualified or in $=w, the list -of local domain names). You can augment this list using +from this host (that is, are either unqualified or in class {w}, the list +of local domain names). You can augment this list, which is realized +by class {M} using MASQUERADE_DOMAIN(`otherhost.domain') @@ -1337,7 +1342,8 @@ If these names are in a file, you can use MASQUERADE_DOMAIN_FILE(`filename') -to read the list of names from the indicated file. +to read the list of names from the indicated file (i.e., to add +elements to class {M}). To exempt hosts or subdomains from being masqueraded, you can use @@ -1358,7 +1364,7 @@ You can add users to this list using EXPOSED_USER(`usernames') -This adds users to class E; you could also use something like +This adds users to class {E}; you could also use something like FE/etc/mail/exposed-users @@ -1376,7 +1382,7 @@ locally aliased. You can add entries to this list using LOCAL_USER(`usernames') -This adds users to class L; you could also use something like +This adds users to class {L}; you could also use something like FL/etc/mail/local-users @@ -1388,7 +1394,9 @@ shared /var/spool/mail scheme, use Again, ``mailer:'' defaults to "relay". If you define both LOCAL_RELAY and MAIL_HUB _AND_ you have FEATURE(`stickyhost'), unqualified names will be sent to the LOCAL_RELAY and other local names will be sent to MAIL_HUB. -Names in $=L will be delivered locally, so you MUST have aliases or +Note: there is a (long standing) bug which keeps this combination from +working for addresses of the form user+detail. +Names in class {L} will be delivered locally, so you MUST have aliases or .forward files for them. For example, if you are on machine mastodon.CS.Berkeley.EDU and you have @@ -1501,7 +1509,7 @@ address: original address *OR* bounced as unknown user -The term "local" host above means the host specified is in class 'w' ($=w). +The term "local" host above means the host specified is in class {w}. Note that the last case depends on whether the third argument is given to the FEATURE() command. The default is to deliver the message to the original address. @@ -1567,14 +1575,14 @@ this changed in sendmail 8.9; previous versions allowed relaying by default. If you want to revert to the old behaviour, you will need to use FEATURE(`promiscuous_relay'). You can allow certain domains to relay through your server by adding their domain name or IP address to -class 'R' ($=R) using RELAY_DOMAIN() and RELAY_DOMAIN_FILE() or via the +class {R} using RELAY_DOMAIN() and RELAY_DOMAIN_FILE() or via the access database (described below). If you use FEATURE(`relay_entire_domain') -then any host in any of your local domains (that is, the $=m class) +then any host in any of your local domains (that is, class {m}) will be relayed (that is, you will accept mail either to or from any host in your domain). @@ -1612,7 +1620,7 @@ the access map entries (see below: Finer control...). If source routing is used in the recipient address (i.e. RCPT TO: ), sendmail will check user@site.com for relaying if othersite.com is an allowed relay host -in either class 'R', class 'm' if FEATURE(`relay_entire_domain') is used, +in either class {R}, class {m} if FEATURE(`relay_entire_domain') is used, or the access database if FEATURE(`access_db') is used. To prevent the address from being stripped down, use: @@ -1740,13 +1748,13 @@ Use "450 4.2.2 mailbox full" or "ERROR:4.2.2:450 mailbox full" instead. Note, UUCP users may need to add hostname.UUCP to the access database -or class 'R' ($=R). If you also use: +or class {R}. If you also use: FEATURE(`relay_hosts_only') then the above example will allow relaying for sendmail.org, but not hosts within the sendmail.org domain. Note that this will also require -hosts listed in class 'R' ($=R) to be fully qualified host names. +hosts listed in class {R} to be fully qualified host names. You can also use the access database to block sender addresses based on the username portion of the address. For example: @@ -1960,7 +1968,7 @@ R$* $: $&{auth_type} R$+ $# OK which checks whether a user has successfully authenticated using -any available mechanism. Depending on the setup of the CYRUS SASL +any available mechanism. Depending on the setup of the CYRUS SASL library, more sophisticated rulesets might be required, e.g., SLocal_check_rcpt @@ -2014,7 +2022,7 @@ configured in your mc file using the two commands: The first command, MAIL_FILTER(), simply defines a filter with the given name and equates. For example: - MAIL_FILTER(`archiver', `S=local:/var/run/archivesock, F=R') + MAIL_FILTER(`archive', `S=local:/var/run/archivesock, F=R') This creates the equivalent sendmail.cf entry: @@ -2137,7 +2145,7 @@ any entry in the above table. You need to have something like: my.domain esmtp:host.my.domain The RHS should always be a "mailer:host" pair. The mailer is the -configuration name of a mailer (that is, an `M' line in the +configuration name of a mailer (that is, an {M} line in the sendmail.cf file). The "host" will be the hostname passed to that mailer. In domain-based matches (that is, those with leading dots) the "%1" may be used to interpolate the wildcarded part of @@ -2296,16 +2304,14 @@ confRECEIVED_HEADER Received: It is unwise to try to change this. confCW_FILE Fw class [/etc/mail/local-host-names] Name of file used to get the local - additions to the $=w (local host - names) class. + additions to class {w} (local host + names). confCT_FILE Ft class [/etc/mail/trusted-users] Name of - file used to get the local - additions to the $=t (trusted - users) class. + file used to get the local additions + to class {t} (trusted users). confCR_FILE FR class [/etc/mail/relay-domains] Name of file used to get the local additions - to the $=R (hosts allowed to relay) - class. + to class {R} (hosts allowed to relay). confTRUSTED_USERS Ct class [no default] Names of users to add to the list of trusted users. This list always includes root, uucp, and daemon. @@ -2321,8 +2327,8 @@ confSMTP_MAILER - [esmtp] The mailer name used when confUUCP_MAILER - [uucp-old] The mailer to be used by default for bang-format recipient addresses. See also discussion of - $=U, $=Y, and $=Z in the MAILER(`uucp') - section. + class {U}, class {Y}, and class {Z} + in the MAILER(`uucp') section. confLOCAL_MAILER - [local] The mailer name used when local connectivity is required. Almost always "local". @@ -2744,7 +2750,7 @@ confMAX_RCPTS_PER_MESSAGE MaxRecipientsPerMessage confDONT_PROBE_INTERFACES DontProbeInterfaces [False] If set, sendmail will _not_ insert the names and addresses of any - local interfaces into the $=w class + local interfaces into class {w} (list of known "equivalent" addresses). If you set this, you must also include some support for these addresses (e.g., @@ -2787,11 +2793,29 @@ confDEF_AUTH_INFO DefaultAuthInfo [undefined] Filename that contains outgoing connections. This file must contain the user id, the authorization id, the password - (plain text), and the realm to - use on separate lines and must be + (plain text), and the realm to use, + each on a separate line and must be readable by root (or the trusted user) only. If no realm is specified, $j is used. + + NOTE: Currently, AuthMechanisms is + used to determine the list of + mechanisms to use on an outgoing + connection. Sites which require a + different list of mechanisms for + incoming connections and outgoing + connections will have the ability + to do this in 8.11 by specifying a + list of mechanisms as the fifth + line of the DefaultAuthInfo file. + If no mechanisms are given in the + file, AuthMechanisms is used. The + code for doing so is included as + in the sendmail source code but + disabled. It can be enabled by + recompiling sendmail with: + -D_FFR_DEFAUTHINFO_MECHS confAUTH_OPTIONS AuthOptions [undefined] If this options is 'A' then the AUTH= parameter for the MAIL FROM command is only issued @@ -2959,9 +2983,9 @@ MACROS S Smart Host T U my UUCP name (if you have a UUCP connection) - V UUCP Relay (class V hosts) - W UUCP Relay (class W hosts) - X UUCP Relay (class X hosts) + V UUCP Relay (class {V} hosts) + W UUCP Relay (class {W} hosts) + X UUCP Relay (class {X} hosts) Y UUCP Relay (all other hosts) Z Version number @@ -3010,4 +3034,4 @@ M4 DIVERSIONS 8 DNS based blacklists 9 special local rulesets (1 and 2) -$Revision: 1.2 $, Last updated $Date: 2000/04/02 19:48:10 $ +$Revision: 1.3 $, Last updated $Date: 2000/04/07 19:20:28 $ diff --git a/gnu/usr.sbin/sendmail/cf/cf/clientproto.mc b/gnu/usr.sbin/sendmail/cf/cf/clientproto.mc index c1e978f77bf..d35f69a8516 100644 --- a/gnu/usr.sbin/sendmail/cf/cf/clientproto.mc +++ b/gnu/usr.sbin/sendmail/cf/cf/clientproto.mc @@ -1,6 +1,6 @@ divert(-1) # -# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers. +# Copyright (c) 1998-2000 Sendmail, Inc. and its suppliers. # All rights reserved. # Copyright (c) 1983 Eric P. Allman. All rights reserved. # Copyright (c) 1988, 1993 @@ -20,15 +20,10 @@ divert(-1) # To use this, you MUST use the nullclient feature with the name of # the mail hub as its argument. You MUST also define an `OSTYPE' to # define the location of the queue directories and the like. -# In addition, you MAY select the nocanonify feature. This causes -# addresses to be sent unqualified via the SMTP connection; normally -# they are qualifed with the masquerade name, which defaults to the -# name of the hub machine. -# Other than these, it should never contain any other lines. # divert(0)dnl -VERSIONID(`$Sendmail: clientproto.mc,v 8.15 1999/02/07 07:26:00 gshapiro Exp $') +VERSIONID(`$Sendmail: clientproto.mc,v 8.16 2000/03/21 21:05:26 ca Exp $') OSTYPE(openbsd) FEATURE(nullclient, mailhost.$m) diff --git a/gnu/usr.sbin/sendmail/cf/m4/cfhead.m4 b/gnu/usr.sbin/sendmail/cf/m4/cfhead.m4 index 239a26fc9d6..2502b41d288 100644 --- a/gnu/usr.sbin/sendmail/cf/m4/cfhead.m4 +++ b/gnu/usr.sbin/sendmail/cf/m4/cfhead.m4 @@ -196,7 +196,7 @@ define(`_OPTINS', `ifdef(`$1', `$2$1$3')') m4wrap(`include(_CF_DIR_`m4/proto.m4')') # default location for files -define(`MAIL_SETTINGS_DIR', `/etc/mail/') +ifdef(`MAIL_SETTINGS_DIR', , `define(`MAIL_SETTINGS_DIR', `/etc/mail/')') # set our default hashed database type define(`DATABASE_MAP_TYPE', `hash') @@ -245,4 +245,4 @@ define(`confMILTER_MACROS_ENVRCPT', ``{rcpt_mailer}, {rcpt_host}, {rcpt_addr}'') divert(0)dnl -VERSIONID(`$Sendmail: cfhead.m4,v 8.74 2000/02/26 01:00:32 gshapiro Exp $') +VERSIONID(`$Sendmail: cfhead.m4,v 8.76 2000/03/21 23:56:59 gshapiro Exp $') diff --git a/gnu/usr.sbin/sendmail/cf/m4/proto.m4 b/gnu/usr.sbin/sendmail/cf/m4/proto.m4 index 552a2c00d1b..a19332bdfde 100644 --- a/gnu/usr.sbin/sendmail/cf/m4/proto.m4 +++ b/gnu/usr.sbin/sendmail/cf/m4/proto.m4 @@ -13,7 +13,7 @@ divert(-1) # divert(0) -VERSIONID(`$Sendmail: proto.m4,v 8.434 2000/02/22 22:55:17 ca Exp $') +VERSIONID(`$Sendmail: proto.m4,v 8.446 2000/04/06 06:29:45 gshapiro Exp $') MAILER(local)dnl @@ -512,8 +512,8 @@ _OPTION(AuthMechanisms, `confAUTH_MECHANISMS', `GSSAPI KERBEROS_V4 DIGEST-MD5 CR # default authentication information for outgoing connections _OPTION(DefaultAuthInfo, `confDEF_AUTH_INFO', `MAIL_SETTINGS_DIR`'default-auth-info') -# try to authenticate? (Try when available/only when Authenticated) -_OPTION(AuthOptions, `confAUTH_OPTIONS', `T') +# SMTP AUTH flags +_OPTION(AuthOptions, `confAUTH_OPTIONS', `') ifdef(`_FFR_MILTER', ` # Input mail filters @@ -880,7 +880,9 @@ R<@> $+ + $* < @ $* . > R<@> $+ + $* < @ $* . > $: < $(virtuser $1 @ $3 $@ $1 $: @ $) > $1 + $2 < @ $3 . > dnl try default entry: @domain -dnl +detail +dnl +*@domain +R<@> $+ + $+ < @ $+ . > $: < $(virtuser + * @ $3 $@ $1 $@ $2 $: @ $) > $1 + $2 < @ $3 . > +dnl @domain if +detail exists R<@> $+ + $* < @ $+ . > $: < $(virtuser @ $3 $@ $1 $@ $2 $: @ $) > $1 + $2 < @ $3 . > dnl without +detail (or no match) R<@> $+ < @ $+ . > $: < $(virtuser @ $2 $@ $1 $: @ $) > $1 < @ $2 . > @@ -893,7 +895,7 @@ R< $+ > $+ < @ $+ > $: $>Recurse $1', # short circuit local delivery so forwarded email works ifdef(`_MAILER_usenet_', `dnl -R$+ . USENET < @ $=w . > $#usenet $: $1 handle usenet specially', `dnl') +R$+ . USENET < @ $=w . > $#usenet $@ usenet $: $1 handle usenet specially', `dnl') ifdef(`_STICKY_LOCAL_DOMAIN_', `R$+ < @ $=w . > $: < $H > $1 < @ $2 . > first try hub R< $+ > $+ < $+ > $>MailerToTriple < $1 > $2 < $3 > yep .... @@ -951,7 +953,7 @@ R$* < @ $+ .UUCP. > $* $#_UUCP_ $@ $2 $: $1 < @ $2 .UUCP. > $3 user@host.UUCP', `dnl')') ifdef(`_MAILER_usenet_', ` # addresses sent to net.group.USENET will get forwarded to a newsgroup -R$+ . USENET $#usenet $: $1', +R$+ . USENET $#usenet $@ usenet $: $1', `dnl') ifdef(`_LOCAL_RULES_', @@ -1305,23 +1307,33 @@ dnl') SParseRecipient dnl mark and canonify address R$* $: $>CanonAddr $1 +dnl workspace: localpart<@domain[.]> R $* < @ $* . > $1 < @ $2 > strip trailing dots +dnl workspace: localpart<@domain> R $- < @ $* > $: $(dequote $1 $) < @ $2 > dequote local part # if no $=O character, no host in the user portion, we are done R $* $=O $* < @ $* > $: $1 $2 $3 < @ $4> +dnl no $=O in localpart: return R $* $@ $1 +dnl workspace: localpart<@domain>, where localpart contains $=O +dnl mark everything which has an "authorized" domain with ifdef(`_RELAY_ENTIRE_DOMAIN_', `dnl # if we relay, check username portion for user%host so host can be checked also R $* < @ $* $=m > $: $1 < @ $2 $3 >', `dnl') ifdef(`_RELAY_MX_SERVED_', `dnl +dnl do "we" ($=w) act as backup MX server for the destination domain? R $* < @ $+ > $: < : $(mxserved $2 $) : > < $1 < @$2 > > R < : $* : > $* $#error $@ 4.7.1 $: "450 Can not check MX records for recipient host " $1 +dnl yes: mark it as R < $* : $=w. : $* > < $+ > $: $4 +dnl no: put old mark back R < : $* : > < $+ > $: $2', `dnl') +dnl workspace: <(NO|RELAY)> localpart<@domain>, where localpart contains $=O +dnl if mark is then change it to if domain is "authorized" ifdef(`_RELAY_HOSTS_ONLY_', `R $* < @ $=R > $: $1 < @ $2 > ifdef(`_ACCESS_TABLE_', `dnl @@ -1332,6 +1344,7 @@ ifdef(`_ACCESS_TABLE_', `dnl R $* < @ $+ > $: $>LookUpDomain <$2> <$1 < @ $2 >> <+To> R<$+> <$+> $: <$1> $2',`dnl')') + R $* < @ $* > $@ $>ParseRecipient $1 R<$-> $* $@ $2 @@ -1455,7 +1468,7 @@ dnl workspace CanonicalAddress where mark is ?, OK, PERM, TEMP dnl mark is ? iff the address is user (wo @domain) ifdef(`_ACCESS_TABLE_', `dnl -# check sender address: user@address, user@, @address +# check sender address: user@address, user@, address dnl should we remove +ext from user? dnl workspace: CanonicalAddress where mark is: ?, OK, PERM, TEMP R<$+> $+ < @ $* > $: @<$1> <$2 < @ $3 >> $| @@ -1490,10 +1503,10 @@ R $* $#error $@ 5.5.4 $: "553 Domain name required" # check results R $* $: @ $1 mark address: nothing known about it R $* $@ -R $* $#error $@ 4.1.8 $: "451 Sender domain must resolve" -R $* $#error $@ 5.1.8 $: "501 Sender domain must exist" +R $* $#error $@ 4.1.8 $: "451 Domain of sender address " $&f " does not resolve" +R $* $#error $@ 5.1.8 $: "501 Domain of sender address " $&f " does not exist" ifdef(`_ACCESS_TABLE_', `dnl -R<$={Accept}> $* $@ $1 +R<$={Accept}> $* $# $1 R $* $#discard $: discard R $* $#error ifdef(`confREJECT_MSG', `$: "confREJECT_MSG"', `$@ 5.7.1 $: "550 Access denied"') dnl error tag @@ -1610,6 +1623,7 @@ ifdef(`_ACCESS_TABLE_', `dnl R $* $@ RELAYTO R<$*> <$*> $: $2',`dnl') + ifdef(`_RELAY_MX_SERVED_', `dnl # allow relaying for hosts which we MX serve R$+ < @ $+ > $: < : $(mxserved $2 $) : > $1 < @ $2 > @@ -1691,6 +1705,9 @@ R $#error $@ 5.7.1 $: "550 Relaying denied. IP name possibly forged " $ R $#error $@ 5.7.1 $: "550 Relaying denied. IP name lookup failed " $&{client_name} dnl ${client_resolve} should be OK, so go ahead R$* $: $&{client_name} +# pass to name server to make hostname canonical +R $* $~P $: $[ $1 $2 $] +R$* . $1 strip trailing dots dnl should not be necessary since it has been done for client_addr already R $@ RELAYFROM ifdef(`_RELAY_ENTIRE_DOMAIN_', `dnl diff --git a/gnu/usr.sbin/sendmail/cf/m4/version.m4 b/gnu/usr.sbin/sendmail/cf/m4/version.m4 index b697d135b66..f28372c0c06 100644 --- a/gnu/usr.sbin/sendmail/cf/m4/version.m4 +++ b/gnu/usr.sbin/sendmail/cf/m4/version.m4 @@ -11,8 +11,8 @@ divert(-1) # the sendmail distribution. # # -VERSIONID(`$Sendmail: version.m4,v 8.34 2000/03/06 19:01:11 gshapiro Exp $') +VERSIONID(`$Sendmail: version.m4,v 8.39 2000/04/06 20:30:53 gshapiro Exp $') # divert(0) # Configuration version number -DZ8.10.0`'ifdef(`confCF_VERSION', `/confCF_VERSION') +DZ8.10.1`'ifdef(`confCF_VERSION', `/confCF_VERSION') diff --git a/gnu/usr.sbin/sendmail/cf/mailer/smtp.m4 b/gnu/usr.sbin/sendmail/cf/mailer/smtp.m4 index 6f9de7d5d20..23447a747f4 100644 --- a/gnu/usr.sbin/sendmail/cf/mailer/smtp.m4 +++ b/gnu/usr.sbin/sendmail/cf/mailer/smtp.m4 @@ -13,7 +13,7 @@ PUSHDIVERT(-1) # _DEFIFNOT(`_DEF_SMTP_MAILER_FLAGS', `mDFMuX') _DEFIFNOT(`SMTP_MAILER_FLAGS',`') -_DEFIFNOT(`RELAY_MAILER_FLAGS', `') +_DEFIFNOT(`RELAY_MAILER_FLAGS', `SMTP_MAILER_FLAGS') ifdef(`SMTP_MAILER_ARGS',, `define(`SMTP_MAILER_ARGS', `IPC $h')') ifdef(`ESMTP_MAILER_ARGS',, `define(`ESMTP_MAILER_ARGS', `IPC $h')') ifdef(`SMTP8_MAILER_ARGS',, `define(`SMTP8_MAILER_ARGS', `IPC $h')') @@ -24,7 +24,7 @@ POPDIVERT ### SMTP Mailer specification ### ##################################### -VERSIONID(`$Sendmail: smtp.m4,v 8.55 1999/09/21 20:26:18 ca Exp $') +VERSIONID(`$Sendmail: smtp.m4,v 8.56 2000/04/03 20:54:55 ca Exp $') # # common sender and masquerading recipient rewriting diff --git a/gnu/usr.sbin/sendmail/cf/ostype/mklinux.m4 b/gnu/usr.sbin/sendmail/cf/ostype/mklinux.m4 index e19ee8402d1..caa63cfd4ff 100644 --- a/gnu/usr.sbin/sendmail/cf/ostype/mklinux.m4 +++ b/gnu/usr.sbin/sendmail/cf/ostype/mklinux.m4 @@ -1,6 +1,6 @@ divert(-1) # -# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers. +# Copyright (c) 1998-2000 Sendmail, Inc. and its suppliers. # All rights reserved. # Copyright (c) 1983 Eric P. Allman. All rights reserved. # Copyright (c) 1988, 1993 @@ -15,9 +15,9 @@ divert(-1) # divert(0) -VERSIONID(`$Sendmail: mklinux.m4,v 8.12 1999/04/24 05:37:42 gshapiro Exp $') +VERSIONID(`$Sendmail: mklinux.m4,v 8.14 2000/03/17 07:32:39 gshapiro Exp $') ifdef(`STATUS_FILE',, `define(`STATUS_FILE', `/var/log/sendmail.st')') ifdef(`PROCMAIL_MAILER_PATH',, - define(`PROCMAIL_MAILER_PATH', `/usr/bin/procmail')) + `define(`PROCMAIL_MAILER_PATH', `/usr/bin/procmail')') FEATURE(local_procmail) diff --git a/gnu/usr.sbin/sendmail/contrib/converting.sun.configs b/gnu/usr.sbin/sendmail/contrib/converting.sun.configs deleted file mode 100644 index e6a3a9e8bd9..00000000000 --- a/gnu/usr.sbin/sendmail/contrib/converting.sun.configs +++ /dev/null @@ -1,446 +0,0 @@ - - Converting Standard Sun Config - Files to Sendmail Version 8 - - Rick McCarty - Texas Instruments Inc. - Latest Update: 08/25/93 - RJMc - -This document details the changes necessary to continue using your -current SunOS sendmail.cf with sendmail version 8. In the longer term, -it is recommended that one move to using an m4 based configuration such -as those shipped with sendmail, but if you're like me and have made -enough modifications to your .cf file that you'd rather put that task -off until later, here's the sum total of my experience to get you to -version 8 with minimal pain. I'll cover .cf as well as build issues. - -Some background - as many are surely aware, Sun has some "special" -features in the sendmail they ship ($%x, %y LHS lookup, NIS alias DB -search, etc.). (Some of those features can be had in alternative forms -in IDA sendmail, but v8 has picked up some IDA capabilities as well as -new ones, making it IMHO a most desirable version to go to.) What I -will explain below includes v8 functional "equivalences" to these Sun -sendmail features. - -So with that out of the way, let's begin. - -First, some assumptions: - - 1) I'm going to assume you've got sendmail version 8.6 or - later in hand - if not, grab it from ftp.cs.berkeley.edu - in the ucb/sendmail directory. There are bugs in earlier - versions which affect some of the needed functionality. - - 2) Second, I'm going to detail this based upon the - "sendmail.main.cf" configuration. (BTW, if you attempt - to move to using an m4 generated config in the future, - MAIL_HUB is the feature which should provide similar - functionality). - - In general, the changes will be similar for a subsidiary - file, but since we (my TI group) funnel all non-local mail - through our mailhost, we're not as interested in getting v8 - to run on such systems and I haven't tried it. - - 3) You're using DNS and sendmail.mx. If you're not, you ought - to be, even if you're also running it along with NIS (which - we do - except for gethostbyxxx() lookups, which I'll be - talking about later). I would imagine you could get things - running OK without DNS support, but I haven't tried it myself. - - 4) You're not mounting /var/spool/mail from other systems. - I haven't found a v8 feature to guarantee this will work - correctly. Anyway, in the past, we've tried doing that - here and found it to be a rather "ugly" feature, though - Sun ostensibly supports it ("R" option). Perhaps v8 - will one day have a similar feature, but for now, bottom - line, I would recommend against it. - - 5) You're not on Solaris or using NIS+. I'm on 4.1.3. I've - looked at Solaris briefly and have noted that things are - pretty much similar there except that they've moved some - things into the /etc/mail directory. I'd guess the - executables aren't functionally all that different from - what they had before - the configs are roughly the same. - So I'd bet most of what I say in here will apply to - Solaris. - -OK, let's configure our sendmail.cf! I'll just go from the top down... - - VARIOUS DECLARATIONS - -1) For v8, you need to define your .cf as AT LEAST a version level 4 - configuration. Add the following line: - - V4 - - There are some issues regarding certain predefined macros - $w, $j, and - $m. With a V4 configuration: - - $w is defined to be the hostname, which will usually be fully - qualified (i.e. "firefly.add.itg.ti.com"). - - $j should have the same value as $w. - - $m will be predefined as the domain portion of $w - (ex. "add.itg.ti.com"). - - One note about this - if your configuration relies on the "w" macro to - be the "simple" hostname (as mine does)... - - If the configuration version is 5 or larger: - - $w is supposed to be the "simple" name (ex. "firefly") - - $j should be the fully qualified name (i.e. "firefly.add.itg.ti.com") - - $m will be predefined as the domain portion of $j - (ex. "add.itg.ti.com"). - - I have not experimented with the various combinations, so I cannot - guarantee you that the above definitions will always come out as - expected. Bottom line: if your sendmail.cf depends on $w being the - simple hostname, test it carefully or define the name explicitly, - for example: - - Dwfirefly - -2) To replace the Sun's "%y" feature, we must use a hostname mapping - feature in v8. If you want to do similar lookups with v8, you need - to define the following map (we'll go over the rules that use this - map later): - - Khostlookup host -f -m -a. - - This will define a "lookup only" map that is otherwise the same as - sendmail version 8's built-in "host" map (see the "Sendmail - Installation and Operation Guide" for details on this map.). - - An important note: Whether or not these lookups will be done via - NIS is a function of what gethostbyxxx() functions you link into - your sendmail. DO NOT redefine your host mapping to use NIS - explicitly within sendmail - there can be unexpected behaviour if - you do so (if you do any canonicalization in your .cf, you can get - incorrect results, for one thing). - - For example, DO NOT TRY: - - Khost nis -f -a. hosts.byname - -3) If you're doing reverse alias mapping as done in ruleset 22, instead of: - - DZmail.byaddr - - you'll need to declare the following: - - Kaliasrev nis -f -N mail.byaddr - -4) If you are doing any other NIS map lookups, you'll need to define the - map as done in the below example. I have a "mailhosts" map, which I - use to distinguish between local and non-local hosts. Look at the - sendmail doc for details on this stuff. - - Kmailhosts nis -f -m -a. mailhosts - -5) You might wish to add the following line to support Errors-To: headers. - I don't. - - Ol - -6) Comment out/remove the following line: - - OR - - The R option means something different under v8 - check the documentation - if you're interested in using it. - -7) If you're running NIS and have a separate alias map, BELOW the - following line where the alias file is declared: - - OA/etc/aliases - - ADD the following: - - OAnis:mail.aliases - - This will set things up so v8 will look at the local alias DB first, - then the NIS map, just as Sun sendmail does. - -8) Though you don't have to, I'd suggest changing: - - OT3d - - to use v8's warning feature, which allows a warning message to be - sent if a message cannot be delivered within a specified period. - I use: - - OT5d/4h - - which says - bounce after 5 days, warn after 4 hours. - -9) I set the following option to be explicit about how I want DNS - handled: - - OI +DNSRCH +DEFNAMES - -10) The following line: - - T root daemon uucp - - may be deleted, though it will be ignored if you leave it around. - -11) It would probably be good to change the version macro value (which - shows up in "Received:" headers) so no one debugging mail problems - gets the wrong idea about what config you're running under. Look - for something like: - - DVSMI-4.1 - - Mine, for example is: - - DVADD-HUB-2.1 - - RULESETS - -1) In ruleset 3, BELOW this rule: - - # basic textual canonicalization - R$*<$+>$* $2 basic RFC822 parsing - - -I add the following rule to remove a trailing dot in the domain spec so -it won't interfere with v8 mapping features, etc. (Having a trailing dot is -not RFC-compliant anyway.): - - R$+. $1 - -2) Because ruleset 5 is special in v8, I rename it to S95 and also change - all RHS expressions containing ">5" to use ">95" instead. In v8, - 5 is executed against addresses which resolve to the local mailer and - are not an alias. If you don't change S5 to something else, you might - get a surprise! - -3) If you're doing any lookups via the generalized NIS "$%x/$!x" - mechanisms (such as with the mailhost map I referred to earlier) it's - done differently under v8. For example: - - DMmailhosts - ... - R$*<@$%M.uucp>$* $#ether $@$2 $:$1<@$2>$3 - - takes a different map definition and two rules under version 8: - - Kmailhosts nis -f -m -a. mailhosts - ... - R$*<@$+.uucp>$* $: $1<@$(mailhosts $2 $).uucp>$3 - R$*<@$+..uucp>$* $#ether $@$2 $:$1<@$2>$3 - -4) Sun has a special case of the "$%x" feature for host lookups - "%y" is - automagically defined to do an NIS "hosts.byname" search with no other - definition, as done in the below example: - - R$*<@$%y.LOCAL>$* $#ether $@$2 $:$1<@$2>$3 - - (Sun does this in more than one place. But the above syntax is almost - identical in each - mostly a case of changing names to protect the - innocent.) - - In version 8, the predefined "host" map can be used to do essentially - the same thing. (However, whether or not it does an NIS lookup is - a function of what gethostbyxxx() functions are linked in.) - - Recall the map definition I mentioned earlier in the DECLARATIONS - section: - - Khostlookup host -f -m -a. - - Here's where we will use it. It will take two rules: - - R$*<@$+.LOCAL>$* $: $1<@$(hostlookup $2 $).LOCAL>$3 - R$*<@$+..LOCAL>$* $#ether $@$2 $:$1<@$2>$3 - - Note that this is almost verbatim the same change as was used in the - previous "mailhosts" example. - -5) Although Sun's default configs don't do this, because I mentioned - canonicalization earlier, it deserves an example, as it's illustrative - of the functional difference in the map definitions I discussed before. - This stuff is also convered in the "Sendmail Installation and Operation - Guide". - - Remember the built-in "host" map definition? As you'll recall, unlike - the "hostlookup" map we defined, "host" will actually CHANGE the - hostname in addition to appending a dot. "hostlookup" only appends a - dot if the name is found and doesn't change it otherwise. Anyway, - here's the example: - - R$*<@$+>$* $: $1<@$(host $2 $)>$3 canonicalize - R$*<@$+.>$* $1<@$2>$3 remove trailing dot - - Using the above, say you had input of: - - joe<@tilde> - - OR - - joe<@[128.247.160.56]> - - Assuming "tilde" or the IP address is found, it might be - canonicalized as: - - joe<@tilde.csc.ti.com> - -6) As another instance of the NIS lookup feature, with a slightly - different twist, Sun implements reverse alias mapping in ruleset 22 - with the below: - - DZmail.byaddr - ... - R$-<@$-> $:$>3${Z$1@$2$} invert aliases - - To use this feature under v8, change the above rule a (remember to - define the alias map as I showed earlier): - - R$-<@$-> $:$>3$(aliasrev $1@$2 $) invert aliases - - - MAILER DEFINITIONS - -1) Where "TCP" is defined in the "P=" and "A=" parameters of mailers, I - changed it to "IPC". Version 8 will accept "TCP", but "IPC" is - preferred. - -2) On all IPC mailers, I also defined "E=\r\n" and added an "L=1000" as - in the below example: - - Mether, P=[IPC], F=mDFMuCX, S=11, R=21, L=1000, E=\r\n, A=IPC $h - - The "E=\r\n" will save you headaches interoperating with such things as - VMS TCP products. - - The "L=1000" is for RFC821 compatibility. Not strictly necessary. - - I also removed the "s" (strip quotes) mailer flag Sun puts in for - these mailers. Stripping quotes violates protocols, which say - clearly that you can't touch the local-part (left hand side of - the @) until you are on the delivering host. - -NOW. If I haven't left anything out, you should be able to run through -your Sun sendmail.cf file and convert it to run under v8. - - BUILD ISSUES - -Some important notes on building v8 on SunOS: - -Makefile - -The default makefile in the version 8 source (src) directory assumes the -new Berkeley make. Unless you want to go to the trouble of building it, -you can use your regular make, but you need to use a different makefile. -You can use "Makefile.dist" or "Makefile.SunOS" in the src directory. I -made changes to get it to build so it is as compatible as possible with -the file/directory locations Sun uses. Here are some relevant sections -out of my makefile: - - CC=gcc - - # use O=-O (usual) or O=-g (debugging) - O= -O - - # define the database mechanisms available for map & alias lookups: - # -DNDBM -- use new DBM - # -DNEWDB -- use new Berkeley DB - # -DNDBM -DNEWDB -DYPCOMPAT -- use both plus YP compatility - # -DNIS -- include client NIS support - # The really old (V7) DBM library is no longer supported. - # See README for a description of how these flags interact. - #DBMDEF= -DNDBM -DNEWDB - DBMDEF= -DNDBM -DNIS - - # environment definitions (e.g., -D_AIX3) - ENVDEF= - - # see also conf.h for additional compilation flags - - # library directories - LIBDIRS=-L/usr/local/lib - - # libraries required on your system - #LIBS= -ldb -ldbm - LIBS= -ldbm -lresolv - - # location of sendmail binary (usually /usr/sbin or /usr/lib) - BINDIR= ${DESTDIR}/usr/lib - - # location of sendmail.st file (usually /var/log or /usr/lib) - STDIR= ${DESTDIR}/etc - - # location of sendmail.hf file (usually /usr/share/misc or /usr/lib) - HFDIR= ${DESTDIR}/usr/lib - -For the resolver library, you can use the one shipped with Sun if you -want. But I'd recommend using another version of the resolver library -(such as the one with Bind 4.8.3 or 4.9). Sun's resolver stuff (at -least with 4.1.x) is quite old - I believe it is of 4.3.1 vintage. (Do -you get the impression I don't TRUST what Sun ships with their systems?) - -If you want NIS host lookup while maintaining DNS capability, you might -take a look at resolv+, which has NIS capable gethostbyxxx() functions -in it. My recommendation, however, is to avoid doing NIS host lookups -in sendmail altogether, and to use a "pure" version of the resolver -library. - -There are probably no situations (at least I think so) where it makes -any sense to link in Sun's NIS gethostbyxxx() functions from libc. -You could, I guess do it (I haven't tried it) and wind up with a -sendmail equivalent to the non-mx version Sun ships. You'd need to -insure that NAMED_BIND is not defined in the build. (If you do -this and have the "-b" DNS passthru option set in NIS, remember that -while you have some DNS functionality you'll not have any MX support. -(This, IMO, is what makes this a non-optimal choice.) - - INSTALLATION/TESTING ISSUES - -The sendmail.hf file in the src directory should replace the one currently -in /usr/lib. You also might choose to edit it a bit to "localize" what it -says. - -The sendmail executable goes, of course, in /usr/lib in place of the current -one. What I did was create a subdirectory in /usr/lib and put all of the -Sun sendmail stuff in there. I named the v8 sendmail executable to be -sendmail.v8.mx and then symbolically linked it to sendmail. - -One other thing. If you use address test mode, keep in mind that -Version 8 is like IDA in that it does not automatically execute ruleset -3 first. So say you're playing around with things testing addresses and -you're used to things like: - - 0 jimbob@good.old.boy.com - -under v8 you need to say instead: - - 3,0 jimbob@good.old.boy.com - - INTEROPERABILITY ISSUES YOU MIGHT ENCOUNTER - -Be aware that sendmail v8 issues a multi-line SMTP welcome (220) -response upon a client connection. Most systems in your network should -handle it OK, but there are some that choke on it, because whoever wrote -the clients assumed only a single line. THIS IS NOT SENDMAIL's FAULT. -A multi-line 220 response is perfectly valid. A likely place you'll -encounter this problem is with non-Un*x SMTP clients. If you do run -into it, you should report it to the vendor. - -A final note about version 8 - if you follow the above configuration -scenario, you'll notice it doesn't like to get envelope sender -addresses it doesn't know how to get back to. Sun sendmail would take -anything, even though it might not be able to bounce the message back -should something happen downstream. So if another sendmail on a host -that's not locally known is trying to pump mail through your v8 host, -the ENVELOPE sender it gives had better be fully qualified. This is -a GREAT thing, because it helps clear up problems we've had with not -being able to get things back to the sender, resulting in an -overburdened postmaster. - -I hope this helps those running Sun sendmail feel more at ease with moving -on to v8. It's really worth going to. diff --git a/gnu/usr.sbin/sendmail/doc/op/op.me b/gnu/usr.sbin/sendmail/doc/op/op.me index d68eea14b24..751619df899 100644 --- a/gnu/usr.sbin/sendmail/doc/op/op.me +++ b/gnu/usr.sbin/sendmail/doc/op/op.me @@ -9,7 +9,7 @@ .\" the sendmail distribution. .\" .\" -.\" $Sendmail: op.me,v 8.310 2000/02/01 22:19:12 gshapiro Exp $ +.\" $Sendmail: op.me,v 8.317 2000/04/06 21:05:27 gshapiro Exp $ .\" .\" eqn op.me | pic | troff -me .eh 'SMM:08-%''Sendmail Installation and Operation Guide' @@ -54,7 +54,7 @@ eric@Sendmail.COM .de Ve Version \\$2 .. -.Ve $Revision: 1.2 $ +.Ve $Revision: 1.3 $ .rm Ve .sp For Sendmail Version 8.10 @@ -1767,7 +1767,10 @@ For example, .)b For a complete list of the available debug flags you will have to look at the code -(they are too dynamic to keep this documentation up to date). +and the +.i TRACEFLAGS +file in the sendmail distribution +(they are too dynamic to keep this document up to date). .sh 2 "Changing the Values of Options" .pp Options can be overridden using the @@ -3927,7 +3930,7 @@ The format of the UNIX from line. Unless you have changed the UNIX mailbox format, you should not change the default, which is -.q "From $g $d" . +.q "From $g $d" . .ip $m The domain part of the \fIgethostname\fP return value. Under normal circumstances, @@ -4702,6 +4705,7 @@ error messages will be sent as from the MAILER-DAEMON macro). .ip h Upper case should be preserved in host names +(the $@ portion of the mailer triplet resolved from ruleset 0) for this mailer. .ip i Do User Database rewriting on envelope sender address. @@ -4755,6 +4759,8 @@ macro occurs in the part of the mailer definition, that field will be repeated as necessary for all qualifying users. +Removing this flag can defeat duplicate supression on a remote site +as each recipient is sent in a separate transaction. .ip M\(dg This mailer wants a .q Message-Id: @@ -4829,6 +4835,8 @@ this flag causes the effective user id to be set to that user. .ip u Upper case should be preserved in user names for this mailer. +Standards require preservation of case in the local part of addresses, +except for those address for which your system accepts responsibility. .ip U This mailer wants UUCP-style .q From @@ -6192,7 +6200,7 @@ can be selected from: public Allow open access needmailhelo Insist on HELO or EHLO command before MAIL needexpnhelo Insist on HELO or EHLO command before EXPN -noexpn Disallow EXPN entirely +noexpn Disallow EXPN entirely, implies noverb. needvrfyhelo Insist on HELO or EHLO command before VRFY novrfy Disallow VRFY entirely noetrn Disallow ETRN entirely @@ -7403,7 +7411,7 @@ or .q \|\et to indicate newline or tab respectively. If omitted entirely, -the column separator is any sequence of whitespace. +the column separator is any sequence of white space. For LDAP maps this is the separator character to combine multiple values into a single return string. @@ -8892,7 +8900,7 @@ used to allow new binaries to read queue files created by older versions. Defaults to version zero. Must be the first line of the file if present. -For 8.10 the version number is 3. +For 8.10 the version number is 4. .ip H A header definition. There may be any number of these lines. @@ -9122,7 +9130,7 @@ replace it with a blank sheet for double-sided output. .\".sz 10 .\"Eric Allman .\".sp -.\"Version $Revision: 1.2 $ +.\"Version $Revision: 1.3 $ .\".ce 0 .bp 3 .ce diff --git a/gnu/usr.sbin/sendmail/include/libsmdb/smdb.h b/gnu/usr.sbin/sendmail/include/libsmdb/smdb.h index 0503fa36582..f3fed09b3ba 100644 --- a/gnu/usr.sbin/sendmail/include/libsmdb/smdb.h +++ b/gnu/usr.sbin/sendmail/include/libsmdb/smdb.h @@ -1,12 +1,12 @@ /* -** Copyright (c) 1999 Sendmail, Inc. and its suppliers. +** Copyright (c) 1999-2000 Sendmail, Inc. and its suppliers. ** All rights reserved. ** ** By using this file, you agree to the terms and conditions set ** forth in the LICENSE file which can be found at the top level of ** the sendmail distribution. ** -** $Sendmail: smdb.h,v 8.26 2000/03/02 09:03:05 msk Exp $ +** $Sendmail: smdb.h,v 8.29 2000/03/17 07:32:42 gshapiro Exp $ */ #ifndef _SMDB_H_ @@ -253,6 +253,7 @@ typedef int (*db_cursor_get_func) __P((SMDB_CURSOR *cursor, #define SMDB_CURSOR_GET_FIRST 0 #define SMDB_CURSOR_GET_LAST 1 #define SMDB_CURSOR_GET_NEXT 2 +#define SMDB_CURSOR_GET_RANGE 3 /* @@ -346,23 +347,24 @@ typedef u_int SMDB_FLAG; extern SMDB_DATABASE *smdb_malloc_database __P((void)); extern void smdb_free_database __P((SMDB_DATABASE *)); extern int smdb_open_database __P((SMDB_DATABASE **, char *, int, - int, int, SMDB_DBTYPE, + int, long, SMDB_DBTYPE, SMDB_USER_INFO *, SMDB_DBPARAMS *)); # ifdef NEWDB extern int smdb_db_open __P((SMDB_DATABASE **, char *, int, int, - int, SMDB_DBTYPE, SMDB_USER_INFO *, + long, SMDB_DBTYPE, SMDB_USER_INFO *, SMDB_DBPARAMS *)); # endif /* NEWDB */ # ifdef NDBM extern int smdb_ndbm_open __P((SMDB_DATABASE **, char *, int, int, - int, SMDB_DBTYPE, SMDB_USER_INFO *, + long, SMDB_DBTYPE, + SMDB_USER_INFO *, SMDB_DBPARAMS *)); # endif /* NDBM */ extern int smdb_add_extension __P((char *, int, char *, char *)); -extern int smdb_setup_file __P((char *, char *, int, int, +extern int smdb_setup_file __P((char *, char *, int, long, SMDB_USER_INFO *, struct stat *)); -extern int smdb_lock_file __P((int *, char *, int, int, char *)); +extern int smdb_lock_file __P((int *, char *, int, long, char *)); extern int smdb_unlock_file __P((int)); extern int smdb_filechanged __P((char *, char *, int, struct stat *)); diff --git a/gnu/usr.sbin/sendmail/include/sendmail/sendmail.h b/gnu/usr.sbin/sendmail/include/sendmail/sendmail.h index 1deb635b362..db0a7fd9e1a 100644 --- a/gnu/usr.sbin/sendmail/include/sendmail/sendmail.h +++ b/gnu/usr.sbin/sendmail/include/sendmail/sendmail.h @@ -10,7 +10,7 @@ * the sendmail distribution. * * - * $Sendmail: sendmail.h,v 8.33 2000/02/17 21:30:34 ca Exp $ + * $Sendmail: sendmail.h,v 8.34 2000/03/16 22:05:28 gshapiro Exp $ */ /* @@ -86,16 +86,14 @@ typedef unsigned int BITMAP256[BITMAPBYTES / sizeof (int)]; #define SFF_NOWLINK 0x00000400L /* links only in non-writable dirs */ #define SFF_NOGWFILES 0x00000800L /* disallow world writable files */ #define SFF_NOWWFILES 0x00001000L /* disallow group writable files */ +#define SFF_OPENASROOT 0x00002000L /* open as root instead of real user */ +#define SFF_NOLOCK 0x00004000L /* don't lock the file */ #define SFF_NOGRFILES 0x00008000L /* disallow g readable files */ #define SFF_NOWRFILES 0x00010000L /* disallow o readable files */ +#define SFF_NOTEXCL 0x00020000L /* creates don't need to be exclusive */ +#define SFF_EXECOK 0x00040000L /* executable files are ok (E_SM_ISEXEC) */ #define SFF_NORFILES (SFF_NOGRFILES|SFF_NOWRFILES) -/* flags that are actually specific to safeopen/safefopen/dfopen */ -#define SFF_OPENASROOT 0x00002000L /* open as root instead of real user */ -#define SFF_NOLOCK 0x00004000L /* don't lock the file */ -#define SFF_NOTEXCL 0x00010000L /* creates don't need to be exclusive */ -#define SFF_EXECOK 0x00020000L /* executable files are ok (E_SM_ISEXEC) */ - /* pseudo-flags */ #define SFF_NOLINK (SFF_NOHLINK|SFF_NOSLINK) diff --git a/gnu/usr.sbin/sendmail/libmilter/README b/gnu/usr.sbin/sendmail/libmilter/README index 48e32869b7f..621219fb044 100644 --- a/gnu/usr.sbin/sendmail/libmilter/README +++ b/gnu/usr.sbin/sendmail/libmilter/README @@ -9,6 +9,14 @@ through reference to a sample filter which is attached at the end of this file. It is necessary to first build libmilter.a, which can be done by issuing the './Build' command in SRCDIR/libmilter . +NOTE: Both libmilter and the callouts in sendmail are marked as an FFR (For +Future Release). If you intend to use them in 8.10.X, you must compiled +both libmilter and sendmail with -D_FFR_MILTER defined. You can do this by +adding the following to your devtools/Site/site.config.m4 file: + + dnl Milter + APPENDDEF(`conf_sendmail_ENVDEF', `-D_FFR_MILTER=1') + APPENDDEF(`conf_libmilter_ENVDEF', `-D_FFR_MILTER=1') +-------------------+ | BUILDING A FILTER | @@ -18,11 +26,13 @@ The following command presumes that the sample code from the end of this README is saved to a file named 'sample.c' and built in the local platform- specific build subdirectory (SRCDIR/obj.*/libmilter). - cc -I../../sendmail -I../../include -o sample sample.c -L. -lmilter -pthread + cc -I../../sendmail -I../../include -o sample sample.c libmilter.a ../libsmutil/libsmutil.a -pthread It is recommended that you build your filters in a location outside of the sendmail source tree. Modify the compiler include references (-I) -and linker library locations (-L) accordingly. +and the library locations accordingly. Also, some operating systems may +require additional libraries. For example, SunOS 5.X requires '-lresolv +-lsocket -lnsl'. Filters must be thread-safe! Many operating systems now provide support for POSIX threads in the standard C libraries. The compiler flag to link with @@ -174,7 +184,7 @@ extern sfsistat mlfi_cleanup(SMFICTX *, bool); sfsistat mlfi_envfrom(ctx, envfrom) SMFICTX *ctx; - char *envfrom; + char **envfrom; { struct mlfiPriv *priv; int fd; @@ -214,10 +224,10 @@ sfsistat mlfi_header(ctx, headerf, headerv) SMFICTX *ctx; char *headerf; - u_char *headerv; + char *headerv; { /* write the header to the log file */ - fprintf(MLFIPRIV->mlfi_fp, "%s: %s\n", headerf, headerv); + fprintf(MLFIPRIV->mlfi_fp, "%s: %s\r\n", headerf, headerv); /* continue processing */ return SMFIS_CONTINUE; @@ -228,7 +238,7 @@ mlfi_eoh(ctx) SMFICTX *ctx; { /* output the blank line between the header and the body */ - fprintf(MLFIPRIV->mlfi_fp, "\n"); + fprintf(MLFIPRIV->mlfi_fp, "\r\n"); /* continue processing */ return SMFIS_CONTINUE; @@ -375,4 +385,4 @@ main(argc, argv) /* eof */ -$Revision: 1.2 $, Last updated $Date: 2000/04/02 19:48:31 $ +$Revision: 1.3 $, Last updated $Date: 2000/04/07 19:20:34 $ diff --git a/gnu/usr.sbin/sendmail/libmilter/engine.c b/gnu/usr.sbin/sendmail/libmilter/engine.c index ffad361f7ab..e0f4b378270 100644 --- a/gnu/usr.sbin/sendmail/libmilter/engine.c +++ b/gnu/usr.sbin/sendmail/libmilter/engine.c @@ -9,7 +9,7 @@ */ #ifndef lint -static char id[] = "@(#)$Sendmail: engine.c,v 8.65 2000/02/17 17:52:14 ca Exp $"; +static char id[] = "@(#)$Sendmail: engine.c,v 8.67 2000/03/27 05:04:16 ca Exp $"; #endif /* ! lint */ #if _FFR_MILTER @@ -384,7 +384,8 @@ sendreply(r, fd, timeout_ptr, ctx) if (ctx->ctx_reply != NULL) { ret = mi_wr_cmd(fd, timeout_ptr, SMFIR_REPLYCODE, - ctx->ctx_reply, strlen(ctx->ctx_reply)); + ctx->ctx_reply, + strlen(ctx->ctx_reply) + 1); free(ctx->ctx_reply); ctx->ctx_reply = NULL; } @@ -537,14 +538,17 @@ st_connectinfo(g) ++i; if (i >= l) return _SMFIS_ABORT; - family = s[++i]; + + /* Move past trailing \0 in host string */ + i++; + family = s[i++]; memset(&sockaddr, '\0', sizeof sockaddr); if (family != SMFIA_UNKNOWN) { (void) memcpy((void *) &port, (void *) (s + i), sizeof port); port = ntohs(port); - if ((i += 2) >= l) + if ((i += sizeof port) >= l) { smi_log(SMI_LOG_ERR, "%s: connect[%d]: wrong len %d >= %d", @@ -555,7 +559,7 @@ st_connectinfo(g) # if NETINET if (family == SMFIA_INET) { - if (inet_aton(s + i, (struct in_addr *) &sockaddr) + if (inet_aton(s + i, (struct in_addr *) &sockaddr.sin.sin_addr) == INADDR_NONE) { smi_log(SMI_LOG_ERR, diff --git a/gnu/usr.sbin/sendmail/libsmdb/smdb.c b/gnu/usr.sbin/sendmail/libsmdb/smdb.c index 59632ba6b26..c68b09ccc16 100644 --- a/gnu/usr.sbin/sendmail/libsmdb/smdb.c +++ b/gnu/usr.sbin/sendmail/libsmdb/smdb.c @@ -1,5 +1,5 @@ /* -** Copyright (c) 1999 Sendmail, Inc. and its suppliers. +** Copyright (c) 1999-2000 Sendmail, Inc. and its suppliers. ** All rights reserved. ** ** By using this file, you agree to the terms and conditions set @@ -8,16 +8,7 @@ */ #ifndef lint -static char copyright[] = -"@(#) Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.\n\ - All rights reserved.\n\ - Copyright (c) 1983, 1987, 1993\n\ - The Regents of the University of California. All rights reserved.\n\ - Copyright (c) 1983 Eric P. Allman. All rights reserved.\n"; -#endif /* ! lint */ - -#ifndef lint -static char id[] = "@(#)$Sendmail: smdb.c,v 8.33 1999/10/13 06:17:07 gshapiro Exp $"; +static char id[] = "@(#)$Sendmail: smdb.c,v 8.37 2000/03/17 07:32:43 gshapiro Exp $"; #endif /* ! lint */ #include @@ -109,48 +100,57 @@ smdb_open_database(database, db_name, mode, mode_mask, sff, type, user_info, char *db_name; int mode; int mode_mask; - int sff; + long sff; SMDB_DBTYPE type; SMDB_USER_INFO *user_info; SMDB_DBPARAMS *params; { int result; + bool type_was_default = FALSE; -#ifdef NEWDB if (type == SMDB_TYPE_DEFAULT) + { + type_was_default = TRUE; +#ifdef NEWDB type = SMDB_TYPE_HASH; -#endif /* NEWDB */ -#ifdef NDBM - if (type == SMDB_TYPE_DEFAULT) +#else /* NEWDB */ +# ifdef NDBM type = SMDB_TYPE_NDBM; -#endif /* NDBM */ +# endif /* NDBM */ +#endif /* NEWDB */ + } if (type == SMDB_TYPE_DEFAULT) return SMDBE_UNKNOWN_DB_TYPE; - if (strncmp(type, SMDB_TYPE_NDBM, SMDB_TYPE_NDBM_LEN) == 0) - { -#ifdef NDBM - result = smdb_ndbm_open(database, db_name, mode, mode_mask, - sff, type, user_info, params); - return result; -#else /* NDBM */ - return SMDBE_UNSUPPORTED_DB_TYPE; -#endif /* NDBM */ - } - if ((strncmp(type, SMDB_TYPE_HASH, SMDB_TYPE_HASH_LEN) == 0) || (strncmp(type, SMDB_TYPE_BTREE, SMDB_TYPE_BTREE_LEN) == 0)) { #ifdef NEWDB result = smdb_db_open(database, db_name, mode, mode_mask, sff, type, user_info, params); - return result; +# ifdef NDBM + if (result == ENOENT && type_was_default) + type = SMDB_TYPE_NDBM; + else +# endif /* NDBM */ + return result; #else /* NEWDB */ return SMDBE_UNSUPPORTED_DB_TYPE; #endif /* NEWDB */ } + if (strncmp(type, SMDB_TYPE_NDBM, SMDB_TYPE_NDBM_LEN) == 0) + { +#ifdef NDBM + result = smdb_ndbm_open(database, db_name, mode, mode_mask, + sff, type, user_info, params); + return result; +#else /* NDBM */ + return SMDBE_UNSUPPORTED_DB_TYPE; +#endif /* NDBM */ + } + return SMDBE_UNKNOWN_DB_TYPE; } @@ -191,7 +191,8 @@ smdb_add_extension(full_name, max_full_name_len, db_name, extension) if (extension_len + db_name_len + 2 > max_full_name_len) return SMDBE_DB_NAME_TOO_LONG; - if (db_name_len < extension_len || + if (db_name_len < extension_len + 1 || + db_name[db_name_len - extension_len - 1] != '.' || strcmp(&db_name[db_name_len - extension_len], extension) != 0) snprintf(full_name, max_full_name_len, "%s.%s", db_name, extension); @@ -222,7 +223,7 @@ smdb_lock_file(lock_fd, db_name, mode, sff, extension) int *lock_fd; char *db_name; int mode; - int sff; + long sff; char *extension; { int result; @@ -288,7 +289,7 @@ smdb_setup_file(db_name, extension, mode_mask, sff, user_info, stat_info) char *db_name; char *extension; int mode_mask; - int sff; + long sff; SMDB_USER_INFO *user_info; struct stat *stat_info; { diff --git a/gnu/usr.sbin/sendmail/libsmdb/smdb1.c b/gnu/usr.sbin/sendmail/libsmdb/smdb1.c index 27de7a6c8f2..1fd260741ac 100644 --- a/gnu/usr.sbin/sendmail/libsmdb/smdb1.c +++ b/gnu/usr.sbin/sendmail/libsmdb/smdb1.c @@ -1,5 +1,5 @@ /* -** Copyright (c) 1999 Sendmail, Inc. and its suppliers. +** Copyright (c) 1999-2000 Sendmail, Inc. and its suppliers. ** All rights reserved. ** ** By using this file, you agree to the terms and conditions set @@ -8,7 +8,7 @@ */ #ifndef lint -static char id[] = "@(#)$Sendmail: smdb1.c,v 8.40 1999/11/23 08:42:53 gshapiro Exp $"; +static char id[] = "@(#)$Sendmail: smdb1.c,v 8.43 2000/03/17 07:32:43 gshapiro Exp $"; #endif /* ! lint */ #include @@ -123,6 +123,9 @@ smdb_cursor_get_flags_to_smdb1(flags) case SMDB_CURSOR_GET_NEXT: return R_NEXT; + case SMDB_CURSOR_GET_RANGE: + return R_CURSOR; + default: return -1; } @@ -384,7 +387,7 @@ smdb_db_open(database, db_name, mode, mode_mask, sff, type, user_info, char *db_name; int mode; int mode_mask; - int sff; + long sff; SMDB_DBTYPE type; SMDB_USER_INFO *user_info; SMDB_DBPARAMS *db_params; diff --git a/gnu/usr.sbin/sendmail/libsmdb/smdb2.c b/gnu/usr.sbin/sendmail/libsmdb/smdb2.c index 658d0a35194..4566f006bd8 100644 --- a/gnu/usr.sbin/sendmail/libsmdb/smdb2.c +++ b/gnu/usr.sbin/sendmail/libsmdb/smdb2.c @@ -1,5 +1,5 @@ /* -** Copyright (c) 1999 Sendmail, Inc. and its suppliers. +** Copyright (c) 1999-2000 Sendmail, Inc. and its suppliers. ** All rights reserved. ** ** By using this file, you agree to the terms and conditions set @@ -8,7 +8,7 @@ */ #ifndef lint -static char id[] = "@(#)$Sendmail: smdb2.c,v 8.48 1999/11/23 08:42:54 gshapiro Exp $"; +static char id[] = "@(#)$Sendmail: smdb2.c,v 8.53 2000/03/17 07:32:43 gshapiro Exp $"; #endif /* ! lint */ #include @@ -200,6 +200,9 @@ smdb_cursor_get_flags_to_db2(flags) case SMDB_CURSOR_GET_NEXT: return DB_NEXT; + case SMDB_CURSOR_GET_RANGE: + return DB_SET_RANGE; + default: return -1; } @@ -516,11 +519,12 @@ smdb_db_open(database, db_name, mode, mode_mask, sff, type, user_info, db_params char *db_name; int mode; int mode_mask; - int sff; + long sff; SMDB_DBTYPE type; SMDB_USER_INFO *user_info; SMDB_DBPARAMS *db_params; { + bool lockcreated = FALSE; int result; int db_flags; int lock_fd; @@ -546,11 +550,21 @@ smdb_db_open(database, db_name, mode, mode_mask, sff, type, user_info, db_params lock_fd = -1; + if (stat_info.st_mode == ST_MODE_NOFILE && + bitset(mode, O_CREAT)) + lockcreated = TRUE; + result = smdb_lock_file(&lock_fd, db_name, mode, sff, SMDB2_FILE_EXTENSION); if (result != SMDBE_OK) return result; + if (lockcreated) + { + mode |= O_TRUNC; + mode &= ~(O_CREAT|O_EXCL); + } + smdb_db = smdb_malloc_database(); if (smdb_db == NULL) return SMDBE_MALLOC; @@ -566,11 +580,11 @@ smdb_db_open(database, db_name, mode, mode_mask, sff, type, user_info, db_params db = NULL; db_flags = 0; - if (O_CREAT & mode) + if (bitset(O_CREAT, mode)) db_flags |= DB_CREATE; - if (O_TRUNC & mode) + if (bitset(O_TRUNC, mode)) db_flags |= DB_TRUNCATE; - if (O_RDONLY == mode) + if (mode == O_RDONLY) db_flags |= DB_RDONLY; # if !HASFLOCK && defined(DB_FCNTL_LOCKING) db_flags |= DB_FCNTL_LOCKING; diff --git a/gnu/usr.sbin/sendmail/libsmdb/smndbm.c b/gnu/usr.sbin/sendmail/libsmdb/smndbm.c index 51e964aed1f..0292abf3b02 100644 --- a/gnu/usr.sbin/sendmail/libsmdb/smndbm.c +++ b/gnu/usr.sbin/sendmail/libsmdb/smndbm.c @@ -1,5 +1,5 @@ /* -** Copyright (c) 1999 Sendmail, Inc. and its suppliers. +** Copyright (c) 1999-2000 Sendmail, Inc. and its suppliers. ** All rights reserved. ** ** By using this file, you agree to the terms and conditions set @@ -8,7 +8,7 @@ */ #ifndef lint -static char id[] = "@(#)$Sendmail: smndbm.c,v 8.37 1999/10/28 01:58:36 eric Exp $"; +static char id[] = "@(#)$Sendmail: smndbm.c,v 8.40 2000/03/19 05:03:30 ca Exp $"; #endif /* ! lint */ #include @@ -313,6 +313,9 @@ smdbm_cursor_get(cursor, key, value, flags) SMDB_DBM_DATABASE *db = dbm_cursor->smndbmc_db; DBM *dbm = db->smndbm_dbm; + if (flags == SMDB_CURSOR_GET_RANGE) + return SMDBE_UNSUPPORTED; + if (dbm_cursor->smndbmc_current_key.dptr == NULL) { dbm_cursor->smndbmc_current_key = dbm_firstkey(dbm); @@ -457,7 +460,7 @@ smdb_ndbm_open(database, db_name, mode, mode_mask, sff, type, user_info, char *db_name; int mode; int mode_mask; - int sff; + long sff; SMDB_DBTYPE type; SMDB_USER_INFO *user_info; SMDB_DBPARAMS *db_params; diff --git a/gnu/usr.sbin/sendmail/mail.local/mail.local.c b/gnu/usr.sbin/sendmail/mail.local/mail.local.c index 10e9e94adff..1af104a0cbe 100644 --- a/gnu/usr.sbin/sendmail/mail.local/mail.local.c +++ b/gnu/usr.sbin/sendmail/mail.local/mail.local.c @@ -12,14 +12,14 @@ #ifndef lint static char copyright[] = -"@(#) Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.\n\ +"@(#) Copyright (c) 1998-2000 Sendmail, Inc. and its suppliers.\n\ All rights reserved.\n\ Copyright (c) 1990, 1993, 1994\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* ! lint */ #ifndef lint -static char id[] = "@(#)$Sendmail: mail.local.c,v 8.142 2000/02/26 01:32:19 gshapiro Exp $"; +static char id[] = "@(#)$Sendmail: mail.local.c,v 8.143 2000/03/17 07:32:44 gshapiro Exp $"; #endif /* ! lint */ /* diff --git a/gnu/usr.sbin/sendmail/makemap/makemap.c b/gnu/usr.sbin/sendmail/makemap/makemap.c index dbcfdf4ba64..f436a0014a8 100644 --- a/gnu/usr.sbin/sendmail/makemap/makemap.c +++ b/gnu/usr.sbin/sendmail/makemap/makemap.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2000 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1992 Eric P. Allman. All rights reserved. * Copyright (c) 1992, 1993 @@ -13,7 +13,7 @@ #ifndef lint static char copyright[] = -"@(#) Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.\n\ +"@(#) Copyright (c) 1998-2000 Sendmail, Inc. and its suppliers.\n\ All rights reserved.\n\ Copyright (c) 1992 Eric P. Allman. All rights reserved.\n\ Copyright (c) 1992, 1993\n\ @@ -21,7 +21,7 @@ static char copyright[] = #endif /* ! lint */ #ifndef lint -static char id[] = "@(#)$Sendmail: makemap.c,v 8.132 1999/12/28 17:10:34 gshapiro Exp $"; +static char id[] = "@(#)$Sendmail: makemap.c,v 8.135 2000/04/07 17:05:21 ca Exp $"; #endif /* ! lint */ #include @@ -63,12 +63,13 @@ usage(progname) { fprintf(stderr, "Usage: %s [-C cffile] [-N] [-c cachesize] [-d] [-e] [-f] [-l] [-o] [-r] [-s] %s[-u] [-v] type mapname\n", + progname, #if _FFR_DELIM - "[-t delimiter] ", + "[-t delimiter] " #else /* _FFR_DELIM */ - "", + "" #endif /* _FFR_DELIM */ - progname); + ); exit(EX_USAGE); } @@ -98,7 +99,7 @@ main(argc, argv) int mode; int smode; int putflags = 0; - int sff = SFF_ROOTOK|SFF_REGONLY; + long sff = SFF_ROOTOK|SFF_REGONLY; struct passwd *pw; SMDB_DATABASE *database; SMDB_CURSOR *cursor; diff --git a/gnu/usr.sbin/sendmail/rmail/rmail.c b/gnu/usr.sbin/sendmail/rmail/rmail.c index 7cdcc123c9b..4e370157cd2 100644 --- a/gnu/usr.sbin/sendmail/rmail/rmail.c +++ b/gnu/usr.sbin/sendmail/rmail/rmail.c @@ -12,14 +12,14 @@ #ifndef lint static char copyright[] = -"@(#) Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.\n\ +"@(#) Copyright (c) 1998-2000 Sendmail, Inc. and its suppliers.\n\ All rights reserved.\n\ Copyright (c) 1988, 1993\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* ! lint */ #ifndef lint -static char id[] = "@(#)$Sendmail: rmail.c,v 8.38 2000/02/26 01:32:22 gshapiro Exp $"; +static char id[] = "@(#)$Sendmail: rmail.c,v 8.39 2000/03/17 07:32:47 gshapiro Exp $"; #endif /* ! lint */ /* diff --git a/gnu/usr.sbin/sendmail/sendmail/README b/gnu/usr.sbin/sendmail/sendmail/README index e7bc231baed..e74a0acae7b 100644 --- a/gnu/usr.sbin/sendmail/sendmail/README +++ b/gnu/usr.sbin/sendmail/sendmail/README @@ -9,7 +9,7 @@ # the sendmail distribution. # # -# $Sendmail: README,v 8.257 2000/02/25 04:36:37 gshapiro Exp $ +# $Sendmail: README,v 8.263 2000/04/06 20:27:44 gshapiro Exp $ # This directory contains the source files for sendmail(TM). @@ -115,7 +115,7 @@ HESIOD Support for Hesiod (from the DEC/Athena distribution). You must already have Hesiod support on your system for this to work. You may be able to get this to work with the MIT/Athena version of Hesiod, but that's likely to be a lot of work. -LDAPMAP Lightweight Directory Lookup Protocol support. You will +LDAPMAP Lightweight Directory Access Protocol support. You will have to install the UMich or OpenLDAP (http://www.openldap.org/) ldap and lber libraries to use this flag. @@ -673,6 +673,13 @@ Configuration file location vendor location rather than changing the location in the sendmail binary. + NETINFO systems use NETINFO to determine the location of + sendmail.cf. The full path to sendmail.cf is stored as the value of + the "sendmail.cf" property in the "/locations/sendmail" + subdirectory of NETINFO. Set the value of this property to + "/etc/mail/sendmail.cf" (without the quotes) to use this new + default location for Sendmail 8.10.0 and higher. + ControlSocket permissions Paraphrased from BIND 8.2.1's README: @@ -712,6 +719,11 @@ SunOS 4.x (Solaris 1.x) and it should work. This info is thanks to Brian Bartholomew of I-Kinetics, Inc. + NOTE: The SunOS 4.X linker uses library paths specified during + compilation using -L for run-time shared library searches. + Therefore, it is vital that relative and unsafe directory paths not + be using when compiling sendmail. + SunOS 4.0.2 (Sun 386i) Date: Fri, 25 Aug 1995 11:13:58 +0200 (MET DST) From: teus@oce.nl @@ -893,7 +905,7 @@ Ultrix and therefore, sendmail can no longer automatically detect the newer version. If you get a compiler error: - /lib/libc.a(gethostent.o): local_hostname_length: multiply defined + /lib/libc.a(gethostent.o): local_hostname_length: multiply defined Then rebuild with this in devtools/Site/site.ULTRIX.m4: @@ -1173,6 +1185,27 @@ Linux implementation in the Linux 2.2.0 kernel and poll()-aware versions of glib (at least up to 2.0.111). +AIX 4.X + The AIX 4.X linker uses library paths specified during compilation + using -L for run-time shared library searches. Therefore, it is + vital that relative and unsafe directory paths not be using when + compiling sendmail. Because of this danger, by default, compiles + on AIX use the -blibpath option to limit shared libraries to + /usr/lib and /lib. If you need to allow more directories, such as + /usr/local/lib, modify your devtools/Site/site.AIX.4.2.m4, + site.AIX.4.3.m4, and/or site.AIX.4.x.m4 file(s) and set confLDOPTS + approriately. For example: + + define(`confLDOPTS', `-blibpath:/usr/lib:/lib:/usr/local/lib') + + Be sure to only add (safe) system directories. + + The AIX version of GNU ld also exhibits this problem. If you are + using that version, instead of -blibpath, use its -rpath option. + For example: + + gcc -Wl,-rpath /usr/lib -Wl,-rpath /lib -Wl,-rpath /usr/local/lib + AIX 4.2 The AIX m4 implements a different mechanism for ifdef which is inconsistent with other versions of m4. Therefore, it will not @@ -1353,7 +1386,7 @@ BIND 4.9.2 and Ultrix BIND 8.X BIND 8.X returns HOST_NOT_FOUND instead of TRY_AGAIN on temporary - DNS failures when trying to find the hostname associated with an IP + DNS failures when trying to find the hostname associated with an IP address (gethostbyaddr()). This can cause problems as $&{client_name} based lookups in class R ($=R) and the access database won't succeed. @@ -1538,4 +1571,4 @@ version.c The version number and information about this version of sendmail. Theoretically, this gets modified on every change. -(Version $Revision: 1.2 $, last update $Date: 2000/04/02 19:48:34 $ ) +(Version $Revision: 1.3 $, last update $Date: 2000/04/07 19:20:38 $ ) diff --git a/gnu/usr.sbin/sendmail/sendmail/alias.c b/gnu/usr.sbin/sendmail/sendmail/alias.c index 0f10e9d3ad1..e5afe0fdf3a 100644 --- a/gnu/usr.sbin/sendmail/sendmail/alias.c +++ b/gnu/usr.sbin/sendmail/sendmail/alias.c @@ -13,7 +13,7 @@ #include #ifndef lint -static char id[] = "@(#)$Sendmail: alias.c,v 8.140 2000/02/01 05:49:54 gshapiro Exp $"; +static char id[] = "@(#)$Sendmail: alias.c,v 8.142 2000/03/31 05:35:29 ca Exp $"; #endif /* ! lint */ static MAP *AliasFileMap = NULL; /* the actual aliases.files map */ @@ -666,6 +666,7 @@ readaliases(map, af, announcestats, logstats) *p = '\0'; else if (!feof(af)) { + errno = 0; syserr("554 5.3.0 alias line too long"); /* flush to end of line */ @@ -798,7 +799,29 @@ readaliases(map, af, announcestats, logstats) lhssize = strlen(al.q_user); rhssize = strlen(rhs); - map->map_class->map_store(map, al.q_user, rhs); + if (rhssize > 0) + { + /* is RHS empty (just spaces)? */ + p = rhs; + while (isascii(*p) && isspace(*p)) + p++; + } + if (rhssize == 0 || *p == '\0') + { + syserr("554 5.3.5 %.40s... missing value for alias", + line); + + } + else + { + map->map_class->map_store(map, al.q_user, rhs); + + /* statistics */ + naliases++; + bytes += lhssize + rhssize; + if (rhssize > longest) + longest = rhssize; + } if (al.q_paddr != NULL) free(al.q_paddr); @@ -806,12 +829,6 @@ readaliases(map, af, announcestats, logstats) free(al.q_host); if (al.q_user != NULL) free(al.q_user); - - /* statistics */ - naliases++; - bytes += lhssize + rhssize; - if (rhssize > longest) - longest = rhssize; } CurEnv->e_to = NULL; diff --git a/gnu/usr.sbin/sendmail/sendmail/collect.c b/gnu/usr.sbin/sendmail/sendmail/collect.c index 04e34554859..7251e44deac 100644 --- a/gnu/usr.sbin/sendmail/sendmail/collect.c +++ b/gnu/usr.sbin/sendmail/sendmail/collect.c @@ -12,7 +12,7 @@ */ #ifndef lint -static char id[] = "@(#)$Sendmail: collect.c,v 8.135 2000/02/27 01:27:43 gshapiro Exp $"; +static char id[] = "@(#)$Sendmail: collect.c,v 8.136 2000/03/15 21:47:27 ca Exp $"; #endif /* ! lint */ #include @@ -461,7 +461,7 @@ nextstate: dprintf("collect: rscheck(\"check_eoh\", \"%s $| %s\")\n", hnum, hsize); rstat = rscheck("check_eoh", hnum, hsize, e, FALSE, - TRUE); + TRUE, 4); #if _FFR_MILTER /* diff --git a/gnu/usr.sbin/sendmail/sendmail/conf.c b/gnu/usr.sbin/sendmail/sendmail/conf.c index d4789cfe240..7d92d7235e6 100644 --- a/gnu/usr.sbin/sendmail/sendmail/conf.c +++ b/gnu/usr.sbin/sendmail/sendmail/conf.c @@ -12,7 +12,7 @@ */ #ifndef lint -static char id[] = "@(#)$Sendmail: conf.c,v 8.643 2000/02/26 06:37:31 gshapiro Exp $"; +static char id[] = "@(#)$Sendmail: conf.c,v 8.646 2000/03/21 19:31:53 ca Exp $"; #endif /* ! lint */ #include @@ -4121,7 +4121,7 @@ validate_connection(sap, hostname, e) dprintf("validate_connection(%s, %s)\n", hostname, anynet_ntoa(sap)); - if (rscheck("check_relay", hostname, anynet_ntoa(sap), e, TRUE, TRUE) + if (rscheck("check_relay", hostname, anynet_ntoa(sap), e, TRUE, TRUE, 4) != EX_OK) { static char reject[BUFSIZ*2]; diff --git a/gnu/usr.sbin/sendmail/sendmail/conf.h b/gnu/usr.sbin/sendmail/sendmail/conf.h index 9de4ecf8e20..d3e8de743b9 100644 --- a/gnu/usr.sbin/sendmail/sendmail/conf.h +++ b/gnu/usr.sbin/sendmail/sendmail/conf.h @@ -10,7 +10,7 @@ * the sendmail distribution. * * - * $Sendmail: conf.h,v 8.492 2000/02/26 06:04:21 gshapiro Exp $ + * $Sendmail: conf.h,v 8.496 2000/04/06 02:15:29 gshapiro Exp $ */ /* @@ -228,6 +228,9 @@ struct rusage; /* forward declaration to get gcc to shut up in wait.h */ # endif /* ! HASGETUSERSHELL */ # ifdef HPUX11 # define HASSNPRINTF 1 /* has snprintf(3) */ +# ifndef BROKEN_RES_SEARCH +# define BROKEN_RES_SEARCH 1 /* res_search(unknown) returns h_errno=0 */ +# endif /* ! BROKEN_RES_SEARCH */ # else /* HPUX11 */ # ifndef NOT_SENDMAIL # define syslog hard_syslog @@ -972,11 +975,9 @@ typedef int pid_t; # define SPT_TYPE SPT_BUILTIN /* setproctitle is in libc */ # define HASSETLOGIN 1 /* has setlogin(2) */ # define HASARC4RANDOM 1 /* has arc4random(3) function */ - -/* strlcat(3) is broken in OpenBSD 2.5 and earlier */ # if OpenBSD < 199912 # define HASSTRL 0 /* strlcat(3) is broken in 2.5 and earlier */ -# else +# else /* OpenBSD < 199912 */ # define HASSTRL 1 /* has strlc{py,at}(3) functions */ # endif /* OpenBSD < 199912 */ # endif /* defined(__OpenBSD__) */ @@ -2138,6 +2139,7 @@ typedef struct msgb mblk_t; ** of Siemens Business Services VAS. */ #ifdef sinix +# define HASRANDOM 0 /* has random(3) */ # define SYSLOG_BUFSIZE 1024 #endif /* sinix */ diff --git a/gnu/usr.sbin/sendmail/sendmail/daemon.c b/gnu/usr.sbin/sendmail/sendmail/daemon.c index b4f806cfee3..5a61d06a7f6 100644 --- a/gnu/usr.sbin/sendmail/sendmail/daemon.c +++ b/gnu/usr.sbin/sendmail/sendmail/daemon.c @@ -15,9 +15,9 @@ #ifndef lint # ifdef DAEMON -static char id[] = "@(#)$Sendmail: daemon.c,v 8.399 2000/03/01 18:14:06 gshapiro Exp $ (with daemon mode)"; +static char id[] = "@(#)$Sendmail: daemon.c,v 8.401 2000/03/11 20:52:46 gshapiro Exp $ (with daemon mode)"; # else /* DAEMON */ -static char id[] = "@(#)$Sendmail: daemon.c,v 8.399 2000/03/01 18:14:06 gshapiro Exp $ (without daemon mode)"; +static char id[] = "@(#)$Sendmail: daemon.c,v 8.401 2000/03/11 20:52:46 gshapiro Exp $ (without daemon mode)"; # endif /* DAEMON */ #endif /* ! lint */ @@ -819,7 +819,7 @@ opendaemonsocket(d, firsttime) syserr("opendaemonsocket: daemon %s: failed to %s close-on-exec flag: %s", d->d_name, fdflags == -1 ? "get" : "set", - strerror(save_errno)); + errstring(save_errno)); (void) close(d->d_socket); goto severe; } @@ -2350,8 +2350,17 @@ getauthinfo(fd, may_be_forged) if (isatty(fd) || (i = getpeername(fd, &RealHostAddr.sa, &falen)) < 0 || falen <= 0 || RealHostAddr.sa.sa_family == 0) { - if (i < 0 && errno != ENOTSOCK) - return NULL; + if (i < 0) + { + /* + ** ENOTSOCK is OK: bail on anything else, but reset + ** errno in this case, so a mis-report doesn't + ** happen later. + */ + if (errno != ENOTSOCK) + return NULL; + errno = 0; + } (void) snprintf(hbuf, sizeof hbuf, "%s@localhost", RealUserName); if (tTd(9, 1)) diff --git a/gnu/usr.sbin/sendmail/sendmail/deliver.c b/gnu/usr.sbin/sendmail/sendmail/deliver.c index a63529243a8..9edc82f6bf0 100644 --- a/gnu/usr.sbin/sendmail/sendmail/deliver.c +++ b/gnu/usr.sbin/sendmail/sendmail/deliver.c @@ -12,7 +12,7 @@ */ #ifndef lint -static char id[] = "@(#)$Sendmail: deliver.c,v 8.594 2000/02/10 20:40:06 ca Exp $"; +static char id[] = "@(#)$Sendmail: deliver.c,v 8.600 2000/04/06 00:50:14 gshapiro Exp $"; #endif /* ! lint */ #include @@ -1184,8 +1184,8 @@ deliver(e, firstto) ovr = TRUE; /* do config file checking of compatibility */ - rcode = rscheck("check_compat", - e->e_from.q_paddr, to->q_paddr, e, TRUE, TRUE); + rcode = rscheck("check_compat", e->e_from.q_paddr, to->q_paddr, + e, TRUE, TRUE, 4); if (rcode == EX_OK) { /* do in-code checking if not discarding */ @@ -2219,7 +2219,9 @@ do_transfer: /* not enough room */ continue; } - else if ((i = smtprcpt(to, m, mci, e)) != EX_OK) + + + if ((i = smtprcpt(to, m, mci, e)) != EX_OK) { markfailure(e, to, mci, i, FALSE); giveresponse(i, to->q_status, m, @@ -3062,7 +3064,7 @@ logdelivery(m, mci, dsn, status, ctladdr, xstart, e) /* id, to: max 13 + TOBUFSIZE bytes */ l = SYSLOG_BUFSIZE - 100 - strlen(buf); - p = e->e_to; + p = e->e_to == NULL ? "NO-TO-LIST" : e->e_to; while (strlen(p) >= (SIZE_T) l) { register char *q = strchr(p + l, ','); @@ -3079,7 +3081,7 @@ logdelivery(m, mci, dsn, status, ctladdr, xstart, e) #else /* (SYSLOG_BUFSIZE) >= 256 */ l = SYSLOG_BUFSIZE - 85; - p = e->e_to; + p = e->e_to == NULL ? "NO-TO-LIST" : e->e_to; while (strlen(p) >= (SIZE_T) l) { register char *q = strchr(p + l, ','); diff --git a/gnu/usr.sbin/sendmail/sendmail/headers.c b/gnu/usr.sbin/sendmail/sendmail/headers.c index 3ef74094b7a..20637b622f8 100644 --- a/gnu/usr.sbin/sendmail/sendmail/headers.c +++ b/gnu/usr.sbin/sendmail/sendmail/headers.c @@ -12,7 +12,7 @@ */ #ifndef lint -static char id[] = "@(#)$Sendmail: headers.c,v 8.202 2000/02/17 17:18:17 ca Exp $"; +static char id[] = "@(#)$Sendmail: headers.c,v 8.203 2000/03/15 21:47:29 ca Exp $"; #endif /* ! lint */ #include @@ -345,7 +345,7 @@ hse: free(sp); define(macid("{currHeader}", NULL), newstr(qval), e); define(macid("{hdr_name}", NULL), newstr(fname), e); - (void) rscheck(rs, fvalue, NULL, e, stripcom, TRUE); + (void) rscheck(rs, fvalue, NULL, e, stripcom, TRUE, 4); } } diff --git a/gnu/usr.sbin/sendmail/sendmail/main.c b/gnu/usr.sbin/sendmail/sendmail/main.c index f01e8be3ecd..661220188ce 100644 --- a/gnu/usr.sbin/sendmail/sendmail/main.c +++ b/gnu/usr.sbin/sendmail/sendmail/main.c @@ -21,7 +21,7 @@ static char copyright[] = #endif /* ! lint */ #ifndef lint -static char id[] = "@(#)$Sendmail: main.c,v 8.483 2000/02/26 01:32:26 gshapiro Exp $"; +static char id[] = "@(#)$Sendmail: main.c,v 8.485 2000/03/11 19:53:01 ca Exp $"; #endif /* ! lint */ #define _DEFINE @@ -277,7 +277,9 @@ main(argc, argv, envp) break; case 'L': - sysloglabel = optarg; + j = min(strlen(optarg), 24) + 1; + sysloglabel = xalloc(j); + (void) strlcpy(sysloglabel, optarg, j); break; case 'U': /* initial (user) submission */ @@ -289,8 +291,6 @@ main(argc, argv, envp) if (sysloglabel != NULL) { - if (strlen(sysloglabel) > 24) - sysloglabel[24] = '\0'; #if LOG closelog(); # ifdef LOG_MAIL diff --git a/gnu/usr.sbin/sendmail/sendmail/map.c b/gnu/usr.sbin/sendmail/sendmail/map.c index 6dfa7805b45..d4e5eac201d 100644 --- a/gnu/usr.sbin/sendmail/sendmail/map.c +++ b/gnu/usr.sbin/sendmail/sendmail/map.c @@ -12,7 +12,7 @@ */ #ifndef lint -static char id[] = "@(#)$Sendmail: map.c,v 8.413 2000/02/26 05:35:01 gshapiro Exp $"; +static char id[] = "@(#)$Sendmail: map.c,v 8.414 2000/03/15 06:13:16 gshapiro Exp $"; #endif /* ! lint */ #include @@ -2118,11 +2118,15 @@ nis_map_open(map, mode) } /* check to see if this map actually exists */ + vp = NULL; yperr = yp_match(map->map_domain, map->map_file, "@", 1, &vp, &vsize); if (tTd(38, 10)) dprintf("nis_map_open: yp_match(@, %s, %s) => %s\n", map->map_domain, map->map_file, yperr_string(yperr)); + if (vp != NULL) + free(vp); + if (yperr == 0 || yperr == YPERR_KEY || yperr == YPERR_BUSY) { /* @@ -2179,6 +2183,7 @@ nis_map_lookup(map, name, av, statp) if (!bitset(MF_NOFOLDCASE, map->map_mflags)) makelower(keybuf); yperr = YPERR_KEY; + vp = NULL; if (bitset(MF_TRY0NULL, map->map_mflags)) { yperr = yp_match(map->map_domain, map->map_file, keybuf, buflen, @@ -2188,6 +2193,11 @@ nis_map_lookup(map, name, av, statp) } if (yperr == YPERR_KEY && bitset(MF_TRY1NULL, map->map_mflags)) { + if (vp != NULL) + { + free(vp); + vp = NULL; + } buflen++; yperr = yp_match(map->map_domain, map->map_file, keybuf, buflen, &vp, &vsize); @@ -2198,12 +2208,21 @@ nis_map_lookup(map, name, av, statp) { if (yperr != YPERR_KEY && yperr != YPERR_BUSY) map->map_mflags &= ~(MF_VALID|MF_OPEN); + if (vp != NULL) + free(vp); return NULL; } if (bitset(MF_MATCHONLY, map->map_mflags)) return map_rewrite(map, name, strlen(name), NULL); else - return map_rewrite(map, vp, vsize, av); + { + char *ret; + + ret = map_rewrite(map, vp, vsize, av); + if (vp != NULL) + free(vp); + return ret; + } } @@ -2243,6 +2262,7 @@ nis_getcanonname(name, hbsize, statp) (void) yp_get_default_domain(&yp_domain); makelower(nbuf); yperr = YPERR_KEY; + vp = NULL; if (try0null) { yperr = yp_match(yp_domain, "hosts.byname", nbuf, keylen, @@ -2252,6 +2272,11 @@ nis_getcanonname(name, hbsize, statp) } if (yperr == YPERR_KEY && try1null) { + if (vp != NULL) + { + free(vp); + vp = NULL; + } keylen++; yperr = yp_match(yp_domain, "hosts.byname", nbuf, keylen, &vp, &vsize); @@ -2266,9 +2291,12 @@ nis_getcanonname(name, hbsize, statp) *statp = EX_TEMPFAIL; else *statp = EX_UNAVAILABLE; + if (vp != NULL) + free(vp); return FALSE; } (void) strlcpy(host_record, vp, sizeof host_record); + free(vp); if (tTd(38, 44)) dprintf("got record `%s'\n", host_record); if (!extract_canonname(nbuf, host_record, cbuf, sizeof cbuf)) diff --git a/gnu/usr.sbin/sendmail/sendmail/milter.c b/gnu/usr.sbin/sendmail/sendmail/milter.c index dc47fe1e682..fdf1408738e 100644 --- a/gnu/usr.sbin/sendmail/sendmail/milter.c +++ b/gnu/usr.sbin/sendmail/sendmail/milter.c @@ -9,7 +9,7 @@ */ #ifndef lint -static char id[] = "@(#)$Sendmail: milter.c,v 8.45 2000/02/26 07:20:48 gshapiro Exp $"; +static char id[] = "@(#)$Sendmail: milter.c,v 8.50 2000/03/16 23:15:49 gshapiro Exp $"; #endif /* ! lint */ #if _FFR_MILTER @@ -136,11 +136,11 @@ static char *MilterEnvRcptMacros[MAXFILTERMACROS + 1]; save_errno = errno; \ if (tTd(64, 5)) \ dprintf("%s(%s): select: %s\n", \ - routine, m->mf_name, strerror(save_errno)); \ + routine, m->mf_name, errstring(save_errno)); \ if (LogLevel > 0) \ sm_syslog(LOG_ERR, e->e_id, \ "%s(%s): select: %s\n", \ - routine, m->mf_name, strerror(save_errno)); \ + routine, m->mf_name, errstring(save_errno)); \ milter_error(m); \ return NULL; \ \ @@ -207,12 +207,12 @@ milter_read(m, cmd, rlen, to, e) if (tTd(64, 5)) dprintf("milter_read(%s): read returned %ld: %s\n", - m->mf_name, (long) len, strerror(save_errno)); + m->mf_name, (long) len, errstring(save_errno)); if (LogLevel > 0) sm_syslog(LOG_ERR, e->e_id, "milter_read(%s): read returned %ld: %s", m->mf_name, (long) len, - strerror(save_errno)); + errstring(save_errno)); milter_error(m); return NULL; } @@ -289,12 +289,12 @@ milter_read(m, cmd, rlen, to, e) if (tTd(64, 5)) dprintf("milter_read(%s): read returned %ld: %s\n", - m->mf_name, (long) len, strerror(save_errno)); + m->mf_name, (long) len, errstring(save_errno)); if (LogLevel > 0) sm_syslog(LOG_ERR, e->e_id, "milter_read(%s): read returned %ld: %s", m->mf_name, (long) len, - strerror(save_errno)); + errstring(save_errno)); free(buf); milter_error(m); return NULL; @@ -385,12 +385,12 @@ milter_write(m, cmd, buf, len, to, e) if (tTd(64, 5)) dprintf("milter_write(%s): write(%c) returned %ld, expected %ld: %s\n", m->mf_name, cmd, (long) i, (long) sl, - strerror(save_errno)); + errstring(save_errno)); if (LogLevel > 0) sm_syslog(LOG_ERR, e->e_id, "milter_write(%s): write(%c) returned %ld, expected %ld: %s", m->mf_name, cmd, (long) i, (long) sl, - strerror(save_errno)); + errstring(save_errno)); milter_error(m); return buf; } @@ -434,12 +434,12 @@ milter_write(m, cmd, buf, len, to, e) if (tTd(64, 5)) dprintf("milter_write(%s): write(%c) returned %ld, expected %ld: %s\n", m->mf_name, cmd, (long) i, (long) sl, - strerror(save_errno)); + errstring(save_errno)); if (LogLevel > 0) sm_syslog(LOG_ERR, e->e_id, "milter_write(%s): write(%c) returned %ld, expected %ld: %s", m->mf_name, cmd, (long) i, (long) len, - strerror(save_errno)); + errstring(save_errno)); milter_error(m); return NULL; } @@ -869,11 +869,11 @@ milter_open(m, parseonly, e) save_errno = errno; if (tTd(64, 5)) dprintf("X%s: error creating socket: %s\n", - m->mf_name, strerror(save_errno)); + m->mf_name, errstring(save_errno)); if (LogLevel > 0) sm_syslog(LOG_ERR, e->e_id, "X%s: error creating socket: %s", - m->mf_name, strerror(save_errno)); + m->mf_name, errstring(save_errno)); milter_error(m); return -1; } @@ -1272,7 +1272,7 @@ milter_quit_filter(m, e) return; } - (void) milter_write(m, SMFIC_QUIT, NULL, 0, + (void) milter_write(m, SMFIC_QUIT, (char *) NULL, 0, m->mf_timeout[SMFTO_WRITE], e); (void) close(m->mf_sock); m->mf_sock = -1; @@ -1302,7 +1302,7 @@ milter_abort_filter(m, e) m->mf_state != SMFS_INMSG) return; - (void) milter_write(m, SMFIC_ABORT, NULL, 0, + (void) milter_write(m, SMFIC_ABORT, (char *) NULL, 0, m->mf_timeout[SMFTO_WRITE], e); if (m->mf_state != SMFS_ERROR) m->mf_state = SMFS_DONE; @@ -1637,7 +1637,7 @@ milter_negotiate(m, e) if (ntohl(fvers) != SMFI_VERSION) { if (tTd(64, 5)) - dprintf("milter_negotiate(%s): version %ld != MTA milter version %d\n", + dprintf("milter_negotiate(%s): version %lu != MTA milter version %d\n", m->mf_name, (u_long) ntohl(fvers), SMFI_VERSION); if (LogLevel > 0) @@ -1650,7 +1650,7 @@ milter_negotiate(m, e) } m->mf_fflags = ntohl(flags); if (tTd(64, 5)) - dprintf("milter_negotiate(%s): version %d, flags %x\n", + dprintf("milter_negotiate(%s): version %lu, flags %lx\n", m->mf_name, (u_long) ntohl(fvers), m->mf_fflags); return 0; } @@ -1905,12 +1905,12 @@ milter_replbody(response, rlen, rcmd, m, e) if (tTd(64, 5)) dprintf("milter_replbody(%s): fstat %s: %s\n", m->mf_name, dfname, - strerror(save_errno)); + errstring(save_errno)); if (LogLevel > 0) sm_syslog(LOG_ERR, e->e_id, "milter_replbody(%s): fstat %s: %s", m->mf_name, dfname, - strerror(save_errno)); + errstring(save_errno)); failure = TRUE; } else @@ -1950,12 +1950,12 @@ milter_replbody(response, rlen, rcmd, m, e) if (tTd(64, 5)) dprintf("milter_replbody(%s): fopen %s: %s\n", m->mf_name, dfname, - strerror(save_errno)); + errstring(save_errno)); if (LogLevel > 0) sm_syslog(LOG_ERR, e->e_id, "milter_replbody(%s): fopen %s: %s", m->mf_name, dfname, - strerror(save_errno)); + errstring(save_errno)); e->e_flags &= ~EF_HAS_DF; failure = TRUE; } @@ -1977,11 +1977,11 @@ milter_replbody(response, rlen, rcmd, m, e) save_errno = errno; if (tTd(64, 5)) dprintf("milter_replbody(%s): bftruncate %s: %s\n", - m->mf_name, dfname, strerror(save_errno)); + m->mf_name, dfname, errstring(save_errno)); if (LogLevel > 0) sm_syslog(LOG_ERR, e->e_id, "milter_replbody(%s): bftruncate %s: %s", - m->mf_name, dfname, strerror(save_errno)); + m->mf_name, dfname, errstring(save_errno)); failure = TRUE; } @@ -2076,11 +2076,11 @@ milter_replbody(response, rlen, rcmd, m, e) save_errno = errno; if (tTd(64, 5)) dprintf("milter_replbody(%s): error writing/flushing %s: %s\n", - m->mf_name, dfname, strerror(save_errno)); + m->mf_name, dfname, errstring(save_errno)); if (LogLevel > 0) sm_syslog(LOG_ERR, e->e_id, "milter_replbody(%s): error writing/flushing %s: %s", - m->mf_name, dfname, strerror(save_errno)); + m->mf_name, dfname, errstring(save_errno)); if (SuperSafe) { (void) fclose(e->e_dfp); @@ -2099,11 +2099,11 @@ milter_replbody(response, rlen, rcmd, m, e) save_errno = errno; if (tTd(64, 5)) dprintf("milter_replbody(%s): error sync'ing %s: %s\n", - m->mf_name, dfname, strerror(save_errno)); + m->mf_name, dfname, errstring(save_errno)); if (LogLevel > 0) sm_syslog(LOG_ERR, e->e_id, "milter_replbody(%s): error sync'ing %s: %s", - m->mf_name, dfname, strerror(save_errno)); + m->mf_name, dfname, errstring(save_errno)); (void) fclose(e->e_dfp); e->e_dfp = NULL; e->e_flags &= ~EF_HAS_DF; @@ -2114,11 +2114,11 @@ milter_replbody(response, rlen, rcmd, m, e) save_errno = errno; if (tTd(64, 5)) dprintf("milter_replbody(%s): error closing %s: %s\n", - m->mf_name, dfname, strerror(save_errno)); + m->mf_name, dfname, errstring(save_errno)); if (LogLevel > 0) sm_syslog(LOG_ERR, e->e_id, "milter_replbody(%s): error closing %s: %s", - m->mf_name, dfname, strerror(save_errno)); + m->mf_name, dfname, errstring(save_errno)); e->e_flags &= ~EF_HAS_DF; return -1; } @@ -2127,11 +2127,11 @@ milter_replbody(response, rlen, rcmd, m, e) save_errno = errno; if (tTd(64, 5)) dprintf("milter_replbody(%s): error reopening %s: %s", - m->mf_name, dfname, strerror(save_errno)); + m->mf_name, dfname, errstring(save_errno)); if (LogLevel > 0) sm_syslog(LOG_ERR, e->e_id, "milter_replbody(%s): error reopening %s: %s", - m->mf_name, dfname, strerror(save_errno)); + m->mf_name, dfname, errstring(save_errno)); e->e_flags &= ~EF_HAS_DF; return -1; } @@ -2537,7 +2537,7 @@ milter_header(name, value, e, state) snprintf(buf, s, "%s%c%s", name, '\0', value); /* send it over */ - response = milter_command(SMFIC_HEADER, buf, s, NULL, e, state); + response = milter_command(SMFIC_HEADER, buf, s, (char **)NULL, e, state); free(buf); /* @@ -2570,7 +2570,8 @@ milter_eoh(e, state) if (tTd(64, 10)) dprintf("milter_eoh\n"); - response = milter_command(SMFIC_EOH, NULL, 0, NULL, e, state); + response = milter_command(SMFIC_EOH, (void *) NULL, 0, + (char **)NULL, e, state); /* ** If filter rejects/discards a per message command, @@ -2706,7 +2707,7 @@ milter_body(e, state) { /* send chunk */ (void) milter_write(m, SMFIC_BODY, buf, - buf - bp, + bp - buf, m->mf_timeout[SMFTO_WRITE], e); if (m->mf_state == SMFS_ERROR) diff --git a/gnu/usr.sbin/sendmail/sendmail/parseaddr.c b/gnu/usr.sbin/sendmail/sendmail/parseaddr.c index 9ff47e4fd6b..3237ebfd802 100644 --- a/gnu/usr.sbin/sendmail/sendmail/parseaddr.c +++ b/gnu/usr.sbin/sendmail/sendmail/parseaddr.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2000 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. * Copyright (c) 1988, 1993 @@ -12,7 +12,7 @@ */ #ifndef lint -static char id[] = "@(#)$Sendmail: parseaddr.c,v 8.231 1999/12/06 21:48:51 ca Exp $"; +static char id[] = "@(#)$Sendmail: parseaddr.c,v 8.234 2000/03/17 07:32:48 gshapiro Exp $"; #endif /* ! lint */ #include @@ -1063,17 +1063,20 @@ rewrite(pvp, ruleset, reclevel, e) } rp = *rvp; - if ((*rp & 0377) == CANONUSER) + if (rp != NULL) { - rvp++; - rwr = rwr->r_next; - ruleno++; - loopcount = 0; - } - else if ((*rp & 0377) == CANONHOST) - { - rvp++; - rwr = NULL; + if ((*rp & 0377) == CANONUSER) + { + rvp++; + rwr = rwr->r_next; + ruleno++; + loopcount = 0; + } + else if ((*rp & 0377) == CANONHOST) + { + rvp++; + rwr = NULL; + } } /* substitute */ @@ -2640,6 +2643,7 @@ dequote_map(map, name, av, statp) ** e -- the current envelope. ** rmcomm -- remove comments? ** cnt -- count rejections (statistics)? +** logl -- logging level ** ** Returns: ** EX_OK -- if the rwset doesn't resolve to $#error @@ -2647,12 +2651,13 @@ dequote_map(map, name, av, statp) */ int -rscheck(rwset, p1, p2, e, rmcomm, cnt) +rscheck(rwset, p1, p2, e, rmcomm, cnt, logl) char *rwset; char *p1; char *p2; ENVELOPE *e; bool rmcomm, cnt; + int logl; { char *buf; int bufsize; @@ -2751,7 +2756,7 @@ rscheck(rwset, p1, p2, e, rmcomm, cnt) } } - if (LogLevel >= 4) + if (LogLevel >= logl) { char *relay; char *p; diff --git a/gnu/usr.sbin/sendmail/sendmail/queue.c b/gnu/usr.sbin/sendmail/sendmail/queue.c index 7581ec938b7..c8b09e9623f 100644 --- a/gnu/usr.sbin/sendmail/sendmail/queue.c +++ b/gnu/usr.sbin/sendmail/sendmail/queue.c @@ -15,9 +15,9 @@ #ifndef lint # if QUEUE -static char id[] = "@(#)$Sendmail: queue.c,v 8.342 2000/02/27 01:27:44 gshapiro Exp $ (with queueing)"; +static char id[] = "@(#)$Sendmail: queue.c,v 8.343 2000/03/15 06:58:09 gshapiro Exp $ (with queueing)"; # else /* QUEUE */ -static char id[] = "@(#)$Sendmail: queue.c,v 8.342 2000/02/27 01:27:44 gshapiro Exp $ (without queueing)"; +static char id[] = "@(#)$Sendmail: queue.c,v 8.343 2000/03/15 06:58:09 gshapiro Exp $ (without queueing)"; # endif /* QUEUE */ #endif /* ! lint */ @@ -1818,6 +1818,7 @@ readqf(e) register char *p; char *orcpt = NULL; bool nomore = FALSE; + MODE_T qsafe; char qf[MAXPATHLEN]; char buf[MAXLINE]; @@ -1867,8 +1868,16 @@ readqf(e) return FALSE; } - if ((st.st_uid != geteuid() && geteuid() != RealUid) || - bitset(S_IWOTH|S_IWGRP, st.st_mode)) + qsafe = S_IWOTH|S_IWGRP; +#if _FFR_QUEUE_FILE_MODE + if (bitset(S_IWGRP, QueueFileMode)) + qsafe &= ~S_IWGRP; +#endif /* _FFR_QUEUE_FILE_MODE */ + + if ((st.st_uid != geteuid() && + st.st_uid != TrustedUid && + geteuid() != RealUid) || + bitset(qsafe, st.st_mode)) { if (LogLevel > 0) { diff --git a/gnu/usr.sbin/sendmail/sendmail/readcf.c b/gnu/usr.sbin/sendmail/sendmail/readcf.c index 7d3e2b4f783..061500bed8c 100644 --- a/gnu/usr.sbin/sendmail/sendmail/readcf.c +++ b/gnu/usr.sbin/sendmail/sendmail/readcf.c @@ -12,7 +12,7 @@ */ #ifndef lint -static char id[] = "@(#)$Sendmail: readcf.c,v 8.380 2000/02/16 00:44:17 ca Exp $"; +static char id[] = "@(#)$Sendmail: readcf.c,v 8.382 2000/04/06 18:02:33 gshapiro Exp $"; #endif /* ! lint */ #include @@ -2832,18 +2832,43 @@ setoption(opt, val, safe, sticky, e) break; case O_SASLOPTS: - if (*val == '\0') + while (*val != '\0') { - printf("Warning: Option: %s requires parameter(s)\n", - o->o_name == NULL ? "" : o->o_name); - break; + switch(*val) + { + case 'A': + SASLOpts |= SASL_AUTH_AUTH; + break; +# if _FFR_SASL_OPTS + case 'a': + SASLOpts |= SASL_SEC_NOACTIVE; + break; + case 'c': + SASLOpts |= SASL_SEC_PASS_CREDENTIALS; + break; + case 'd': + SASLOpts |= SASL_SEC_NODICTIONARY; + break; + case 'f': + SASLOpts |= SASL_SEC_FORWARD_SECRECY; + break; + case 'p': + SASLOpts |= SASL_SEC_NOPLAINTEXT; + break; + case 'y': + SASLOpts |= SASL_SEC_NOANONYMOUS; + break; +# endif /* _FFR_SASL_OPTS */ + default: + printf("Warning: Option: %s unknown parameter '%c'\n", + o->o_name == NULL ? "" + : o->o_name, + (isascii(*val) && isprint(*val)) ? *val + : '?'); + break; + } + ++val; } - if (*val == 'A' || *val == 'a') - SASLTryAuth = SASL_AUTH_AUTH; - else - printf("Warning: Option: %s unknown parameter '%c'\n", - o->o_name == NULL ? "" : o->o_name, - (isascii(*val) && isprint(*val)) ? *val : '?'); break; #else /* SASL */ diff --git a/gnu/usr.sbin/sendmail/sendmail/savemail.c b/gnu/usr.sbin/sendmail/sendmail/savemail.c index fb88a961a43..679090d3209 100644 --- a/gnu/usr.sbin/sendmail/sendmail/savemail.c +++ b/gnu/usr.sbin/sendmail/sendmail/savemail.c @@ -12,7 +12,7 @@ */ #ifndef lint -static char id[] = "@(#)$Sendmail: savemail.c,v 8.211 2000/02/01 05:49:56 gshapiro Exp $"; +static char id[] = "@(#)$Sendmail: savemail.c,v 8.212 2000/03/13 22:56:51 ca Exp $"; #endif /* ! lint */ #include @@ -524,6 +524,12 @@ returntosender(msg, returnq, flags, e) define('r', "", ee); define('s', "localhost", ee); define('_', "localhost", ee); +#if SASL + define(macid("{auth_type}", NULL), "", ee); + define(macid("{auth_authen}", NULL), "", ee); + define(macid("{auth_author}", NULL), "", ee); +#endif /* SASL */ + ee->e_puthdr = putheader; ee->e_putbody = errbody; ee->e_flags |= EF_RESPONSE|EF_METOO; diff --git a/gnu/usr.sbin/sendmail/sendmail/sendmail.h b/gnu/usr.sbin/sendmail/sendmail/sendmail.h index 84d083170e4..e93b8a7863b 100644 --- a/gnu/usr.sbin/sendmail/sendmail/sendmail.h +++ b/gnu/usr.sbin/sendmail/sendmail/sendmail.h @@ -20,7 +20,7 @@ #ifdef _DEFINE # define EXTERN # ifndef lint -static char SmailId[] = "@(#)$Sendmail: sendmail.h,v 8.513 2000/02/26 07:30:06 gshapiro Exp $"; +static char SmailId[] = "@(#)$Sendmail: sendmail.h,v 8.517 2000/03/21 04:57:53 ca Exp $"; # endif /* ! lint */ #else /* _DEFINE */ # define EXTERN extern @@ -727,7 +727,7 @@ extern void expand __P((char *, char *, size_t, ENVELOPE *)); extern int macid __P((char *, char **)); extern char *macname __P((int)); extern char *macvalue __P((int, ENVELOPE *)); -extern int rscheck __P((char *, char *, char *, ENVELOPE *, bool, bool)); +extern int rscheck __P((char *, char *, char *, ENVELOPE *, bool, bool, int)); extern void setclass __P((int, char *)); extern int strtorwset __P((char *, char **, int)); extern void translate_dollars __P((char *)); @@ -1403,8 +1403,19 @@ struct termescape # define SASL_PROC_AUTH 1 /* in process of authenticating */ # define SASL_IS_AUTH 2 /* authenticated */ -/* use AUTH= ? */ -# define SASL_AUTH_AUTH 1 /* use auth= only if authenticated */ +/* SASL options */ +# define SASL_AUTH_AUTH 0x1000 /* use auth= only if authenticated */ +# if _FFR_SASL_OPTS +# define SASL_SEC_MASK 0x0fff /* mask for SASL_SEC_* values: sasl.h */ +# if (SASL_SEC_NOPLAINTEXT & SASL_SEC_MASK) == 0 || \ + (SASL_SEC_NOACTIVE & SASL_SEC_MASK) == 0 || \ + (SASL_SEC_NODICTIONARY & SASL_SEC_MASK) == 0 || \ + (SASL_SEC_FORWARD_SECRECY & SASL_SEC_MASK) == 0 || \ + (SASL_SEC_NOANONYMOUS & SASL_SEC_MASK) == 0 || \ + (SASL_SEC_PASS_CREDENTIALS & SASL_SEC_MASK) == 0 +ERROR: change SASL_SEC_MASK_ notify sendmail.org! +# endif +# endif /* _FFR_SASL_OPTS */ # define MAXOUTLEN 1024 /* length of output buffer */ #endif /* SASL */ @@ -1649,7 +1660,7 @@ EXTERN long WkTimeFact; /* priority offset each time this job is run */ EXTERN char *AuthMechanisms; /* AUTH mechanisms */ EXTERN char *SASLInfo; /* file with AUTH info */ #endif /* SASL */ -EXTERN int SASLTryAuth; /* use AUTH= ? */ +EXTERN int SASLOpts; /* options for SASL */ EXTERN char *ConfFile; /* location of configuration file [conf.c] */ EXTERN char *ControlSocketName; /* control socket filename [control.c] */ EXTERN char *CurHostName; /* current host we are dealing with */ diff --git a/gnu/usr.sbin/sendmail/sendmail/sfsasl.c b/gnu/usr.sbin/sendmail/sendmail/sfsasl.c index 8a82e000c30..1b356b95e3d 100644 --- a/gnu/usr.sbin/sendmail/sendmail/sfsasl.c +++ b/gnu/usr.sbin/sendmail/sendmail/sfsasl.c @@ -9,6 +9,6 @@ */ #ifndef lint -static char id[] = "@(#)$Sendmail: sfsasl.c,v 8.16 2000/02/01 21:55:24 ca Exp $"; +static char id[] = "@(#)$Sendmail: sfsasl.c,v 8.17 2000/03/10 17:58:19 ca Exp $"; #endif /* ! lint */ diff --git a/gnu/usr.sbin/sendmail/sendmail/sfsasl.h b/gnu/usr.sbin/sendmail/sendmail/sfsasl.h index 4e6603594bd..6aa542a12d6 100644 --- a/gnu/usr.sbin/sendmail/sendmail/sfsasl.h +++ b/gnu/usr.sbin/sendmail/sendmail/sfsasl.h @@ -1,12 +1,12 @@ /* - * Copyright (c) 1999 Sendmail, Inc. and its suppliers. + * Copyright (c) 1999, 2000 Sendmail, Inc. and its suppliers. * All rights reserved. * * By using this file, you agree to the terms and conditions set * forth in the LICENSE file which can be found at the top level of * the sendmail distribution. * - * $Sendmail: sfsasl.h,v 8.11 1999/07/13 22:00:03 ca Exp $" + * $Sendmail: sfsasl.h,v 8.13 2000/03/10 18:09:34 ca Exp $" */ #ifndef SFSASL_H diff --git a/gnu/usr.sbin/sendmail/sendmail/srvrsmtp.c b/gnu/usr.sbin/sendmail/sendmail/srvrsmtp.c index 4e502c06a7c..b9537f66318 100644 --- a/gnu/usr.sbin/sendmail/sendmail/srvrsmtp.c +++ b/gnu/usr.sbin/sendmail/sendmail/srvrsmtp.c @@ -15,16 +15,16 @@ #ifndef lint # if SMTP -static char id[] = "@(#)$Sendmail: srvrsmtp.c,v 8.457 2000/02/26 07:24:59 gshapiro Exp $ (with SMTP)"; +static char id[] = "@(#)$Sendmail: srvrsmtp.c,v 8.471 2000/04/06 08:39:58 gshapiro Exp $ (with SMTP)"; # else /* SMTP */ -static char id[] = "@(#)$Sendmail: srvrsmtp.c,v 8.457 2000/02/26 07:24:59 gshapiro Exp $ (without SMTP)"; +static char id[] = "@(#)$Sendmail: srvrsmtp.c,v 8.471 2000/04/06 08:39:58 gshapiro Exp $ (without SMTP)"; # endif /* SMTP */ #endif /* ! lint */ #if SMTP # if SASL # define ENC64LEN(l) (((l) + 2) * 4 / 3 + 1) -static bool saslmechs __P((sasl_conn_t *, char **, bool)); +static int saslmechs __P((sasl_conn_t *, char **)); # endif /* SASL */ static time_t checksmtpattack __P((volatile int *, int, bool, @@ -122,7 +122,7 @@ static struct cmd CmdTab[] = static bool OneXact = FALSE; /* one xaction only this run */ static char *CurSmtpClient; /* who's at the other end of channel */ -# define MAXBADCOMMANDS 25 /* maximum number of bad commands */ +# define MAXBADCOMMANDS 25 /* maximum number of bad commands */ # define MAXNOOPCOMMANDS 20 /* max "noise" commands before slowdown */ # define MAXHELOCOMMANDS 3 /* max HELO/EHLO commands before slowdown */ # define MAXVRFYCOMMANDS 6 /* max VRFY/EXPN commands before slowdown */ @@ -176,6 +176,7 @@ smtp(nullserver, d_flags, e) # if SASL sasl_conn_t *conn; volatile bool sasl_ok; + volatile int n_auth = 0; /* count of AUTH commands */ bool ismore; int result; volatile int authenticating; @@ -187,6 +188,7 @@ smtp(nullserver, d_flags, e) unsigned int outlen; char *volatile auth_type; char *mechlist; + volatile int n_mechs; int len; sasl_security_properties_t ssp; sasl_external_properties_t ext_ssf; @@ -215,6 +217,7 @@ smtp(nullserver, d_flags, e) # if SASL sasl_ok = FALSE; /* SASL can't be used (yet) */ + n_mechs = 0; /* SASL server new connection */ hostname = macvalue('j', e); @@ -272,6 +275,9 @@ smtp(nullserver, d_flags, e) /* set properties */ (void) memset(&ssp, '\0', sizeof ssp); +# if _FFR_SASL_OPTS + ssp.security_flags = SASLOpts & SASL_SEC_MASK; +# endif /* _FFR_SASL_OPTS */ sasl_ok = sasl_setprop(conn, SASL_SEC_PROPS, &ssp) == SASL_OK; if (sasl_ok) @@ -286,7 +292,10 @@ smtp(nullserver, d_flags, e) &ext_ssf) == SASL_OK; } if (sasl_ok) - sasl_ok = saslmechs(conn, &mechlist, sasl_ok); + { + n_mechs = saslmechs(conn, &mechlist); + sasl_ok = n_mechs > 0; + } } else { @@ -322,10 +331,9 @@ smtp(nullserver, d_flags, e) if (milterize && !bitset(EF_DISCARD, e->e_flags)) { char state; - char *response; - response = milter_connect(peerhostname, RealHostAddr, - e, &state); + (void) milter_connect(peerhostname, RealHostAddr, + e, &state); switch (state) { case SMFIR_REPLYCODE: /* REPLYCODE shouldn't happen */ @@ -685,6 +693,10 @@ smtp(nullserver, d_flags, e) } ismore = FALSE; + /* crude way to avoid crack attempts */ + (void) checksmtpattack(&n_auth, n_mechs + 1, TRUE, + "AUTH", e); + /* make sure it's a valid string */ for (q = p; *q != '\0' && isascii(*q); q++) { @@ -796,7 +808,7 @@ smtp(nullserver, d_flags, e) } else { - message("334 %s", out2); + message("334 %s", *out2 == '\0' ? "=" : out2); authenticating = SASL_PROC_AUTH; } @@ -1182,7 +1194,7 @@ smtp(nullserver, d_flags, e) /* do config file checking of the sender */ if (rscheck("check_mail", addr, - NULL, e, TRUE, TRUE) != EX_OK || + NULL, e, TRUE, TRUE, 4) != EX_OK || Errors > 0) goto undo_subproc_no_pm; @@ -1375,7 +1387,7 @@ smtp(nullserver, d_flags, e) /* do config file checking of the recipient */ if (rscheck("check_rcpt", addr, - NULL, e, TRUE, TRUE) != EX_OK || + NULL, e, TRUE, TRUE, 4) != EX_OK || Errors > 0) break; @@ -1577,6 +1589,16 @@ smtp(nullserver, d_flags, e) (void) bftruncate(e->e_xfp); id = e->e_id; + /* + ** If a header/body check (header checks or milter) + ** set EF_DISCARD, don't queueup the message -- + ** that would lose the EF_DISCARD bit and deliver + ** the message. + */ + + if (bitset(EF_DISCARD, e->e_flags)) + doublequeue = FALSE; + if (doublequeue) { /* make sure it is in the queue */ @@ -1714,8 +1736,8 @@ smtp(nullserver, d_flags, e) { /* do config file checking of the address */ if (rscheck(vrfy ? "check_vrfy" : "check_expn", - p, NULL, e, TRUE, FALSE) != EX_OK || - Errors > 0) + p, NULL, e, TRUE, FALSE, 4) + != EX_OK || Errors > 0) goto undo_subproc; (void) sendtolist(p, NULLADDR, &vrfyqueue, 0, e); } @@ -1772,7 +1794,7 @@ smtp(nullserver, d_flags, e) "ETRN", e); /* do config file checking of the parameter */ - if (rscheck("check_etrn", p, NULL, e, TRUE, FALSE) + if (rscheck("check_etrn", p, NULL, e, TRUE, FALSE, 4) != EX_OK || Errors > 0) break; @@ -2202,7 +2224,7 @@ mail_esmtp_args(kp, vp, e) SuprErrs = TRUE; QuickAbort = FALSE; if (strcmp(auth_param, "<>") != 0 && - (rscheck("trust_auth", pbuf, NULL, e, TRUE, FALSE) + (rscheck("trust_auth", pbuf, NULL, e, TRUE, FALSE, 10) != EX_OK || Errors > 0)) { if (tTd(95, 8)) @@ -2471,40 +2493,58 @@ runinchild(label, e) # if SASL -static bool -saslmechs(conn, mechlist, sasl_ok) + /* +** SASLMECHS -- get list of possible AUTH mechanisms +** +** Parameters: +** conn -- SASL connection info +** mechlist -- output parameter for list of mechanisms +** +** Returns: +** number of mechs +*/ +static int +saslmechs(conn, mechlist) sasl_conn_t *conn; char **mechlist; - bool sasl_ok; { int len, num, result; - if (sasl_ok) + /* "user" is currently unused */ + result = sasl_listmech(conn, "user", /* XXX */ + "", " ", "", mechlist, + (u_int *)&len, (u_int *)&num); + if (result == SASL_OK && num > 0) { - /* "user" is currently unused */ - result = sasl_listmech(conn, "user", /* XXX */ - "", " ", "", mechlist, - (u_int *)&len, (u_int *)&num); - if (result == SASL_OK && num > 0) - { - if (LogLevel > 11) - sm_syslog(LOG_INFO, NOQID, - "SASL: available mech=%s, allowed mech=%s", - *mechlist, AuthMechanisms); - *mechlist = intersect(AuthMechanisms, *mechlist); - } - else - { - sasl_ok = FALSE; - if (LogLevel > 9) - sm_syslog(LOG_WARNING, NOQID, - "SASL error: listmech=%d, num=%d", - result, num); - } + if (LogLevel > 11) + sm_syslog(LOG_INFO, NOQID, + "SASL: available mech=%s, allowed mech=%s", + *mechlist, AuthMechanisms); + *mechlist = intersect(AuthMechanisms, *mechlist); + } + else + { + if (LogLevel > 9) + sm_syslog(LOG_WARNING, NOQID, + "SASL error: listmech=%d, num=%d", + result, num); } - return sasl_ok; + return num; } + /* +** PROXY_POLICY -- define proxy policy for AUTH +** +** Parameters: +** conntext -- unused +** auth_identity -- authentication identity +** requested_user -- authorization identity +** user -- allowed user (output) +** errstr -- possible error string (output) +** +** Returns: +** ok? +*/ int proxy_policy(context, auth_identity, requested_user, user, errstr) void *context; @@ -2513,12 +2553,10 @@ proxy_policy(context, auth_identity, requested_user, user, errstr) const char **user; const char **errstr; { - if (user != NULL) - { - *user = newstr(auth_identity); - return SASL_OK; - } - return SASL_FAIL; + if (user == NULL || auth_identity == NULL) + return SASL_FAIL; + *user = newstr(auth_identity); + return SASL_OK; } # endif /* SASL */ diff --git a/gnu/usr.sbin/sendmail/sendmail/usersmtp.c b/gnu/usr.sbin/sendmail/sendmail/usersmtp.c index be15ea084a2..496498d3b2c 100644 --- a/gnu/usr.sbin/sendmail/sendmail/usersmtp.c +++ b/gnu/usr.sbin/sendmail/sendmail/usersmtp.c @@ -15,9 +15,9 @@ #ifndef lint # if SMTP -static char id[] = "@(#)$Sendmail: usersmtp.c,v 8.240 2000/02/23 06:56:16 gshapiro Exp $ (with SMTP)"; +static char id[] = "@(#)$Sendmail: usersmtp.c,v 8.245 2000/03/23 17:35:10 ca Exp $ (with SMTP)"; # else /* SMTP */ -static char id[] = "@(#)$Sendmail: usersmtp.c,v 8.240 2000/02/23 06:56:16 gshapiro Exp $ (without SMTP)"; +static char id[] = "@(#)$Sendmail: usersmtp.c,v 8.245 2000/03/23 17:35:10 ca Exp $ (without SMTP)"; # endif /* SMTP */ #endif /* ! lint */ @@ -435,6 +435,10 @@ getsasldata(line, firstline, m, mci, e) ** Returns: ** line from file ** +** Side Effects: +** overwrites local static buffer. The caller should copy +** the result. +** */ /* lines in authinfo file */ @@ -1194,6 +1198,7 @@ smtpauth(m, mci, e) char *mechused; char *h; static char *defrealm = NULL; + static char *mechs = NULL; mci->mci_sasl_auth = FALSE; if (defrealm == NULL) @@ -1206,6 +1211,18 @@ smtpauth(m, mci, e) defrealm = newstr(macvalue('j', CurEnv)); callbacks[CB_GETREALM_IDX].context = defrealm; +# if _FFR_DEFAUTHINFO_MECHS + if (mechs == NULL) + { + h = readauth(SASL_MECH, SASLInfo, TRUE); + if (h != NULL && *h != '\0') + mechs = newstr(h); + } +# endif /* _FFR_DEFAUTHINFO_MECHS */ + if (mechs == NULL || *mechs == '\0') + mechs = AuthMechanisms; + mci->mci_saslcap = intersect(mechs, mci->mci_saslcap); + /* initialize sasl client library */ result = sasl_client_init(callbacks); if (result != SASL_OK) @@ -1336,7 +1353,7 @@ smtpmailfrom(m, mci, e) if (bitset(MCIF_AUTH, mci->mci_flags) && e->e_auth_param != NULL && SPACELEFT(optbuf, bufp) > strlen(e->e_auth_param) + 7 # if SASL - && (SASLTryAuth != SASL_AUTH_AUTH || mci->mci_sasl_auth) + && (!bitset(SASL_AUTH_AUTH, SASLOpts) || mci->mci_sasl_auth) # endif /* SASL */ ) { diff --git a/gnu/usr.sbin/sendmail/sendmail/util.c b/gnu/usr.sbin/sendmail/sendmail/util.c index 815509e218f..f94f6534610 100644 --- a/gnu/usr.sbin/sendmail/sendmail/util.c +++ b/gnu/usr.sbin/sendmail/sendmail/util.c @@ -12,7 +12,7 @@ */ #ifndef lint -static char id[] = "@(#)$Sendmail: util.c,v 8.224 1999/11/24 08:44:38 gshapiro Exp $"; +static char id[] = "@(#)$Sendmail: util.c,v 8.225 2000/03/28 21:55:22 ca Exp $"; #endif /* ! lint */ #include @@ -1613,9 +1613,11 @@ dumpfd(fd, printclosed, logit) case S_IFSOCK: snprintf(p, SPACELEFT(buf, p), "SOCK "); p += strlen(p); + memset(&sa, '\0', sizeof sa); slen = sizeof sa; if (getsockname(fd, &sa.sa, &slen) < 0) - snprintf(p, SPACELEFT(buf, p), "(%s)", errstring(errno)); + snprintf(p, SPACELEFT(buf, p), "(%s)", + errstring(errno)); else { hp = hostnamebyanyaddr(&sa); diff --git a/gnu/usr.sbin/sendmail/sendmail/version.c b/gnu/usr.sbin/sendmail/sendmail/version.c index dd81833b7e0..ecf36e7ddfd 100644 --- a/gnu/usr.sbin/sendmail/sendmail/version.c +++ b/gnu/usr.sbin/sendmail/sendmail/version.c @@ -12,7 +12,7 @@ */ #ifndef lint -static char id[] = "@(#)$Sendmail: version.c,v 8.36 2000/03/06 19:01:09 gshapiro Exp $"; +static char id[] = "@(#)$Sendmail: version.c,v 8.43 2000/04/06 20:30:54 gshapiro Exp $"; #endif /* ! lint */ -char Version[] = "8.10.0"; +char Version[] = "8.10.1"; diff --git a/gnu/usr.sbin/sendmail/smrsh/smrsh.c b/gnu/usr.sbin/sendmail/smrsh/smrsh.c index 2dea853e788..be1f9999b24 100644 --- a/gnu/usr.sbin/sendmail/smrsh/smrsh.c +++ b/gnu/usr.sbin/sendmail/smrsh/smrsh.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers. + * Copyright (c) 1998-2000 Sendmail, Inc. and its suppliers. * All rights reserved. * Copyright (c) 1993 Eric P. Allman. All rights reserved. * Copyright (c) 1993 @@ -13,7 +13,7 @@ #ifndef lint static char copyright[] = -"@(#) Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.\n\ +"@(#) Copyright (c) 1998-2000 Sendmail, Inc. and its suppliers.\n\ All rights reserved.\n\ Copyright (c) 1993 Eric P. Allman. All rights reserved.\n\ Copyright (c) 1993\n\ @@ -21,7 +21,7 @@ static char copyright[] = #endif /* ! lint */ #ifndef lint -static char id[] = "@(#)$Sendmail: smrsh.c,v 8.28 1999/10/26 16:11:32 ca Exp $"; +static char id[] = "@(#)$Sendmail: smrsh.c,v 8.31 2000/03/17 07:32:49 gshapiro Exp $"; #endif /* ! lint */ /* @@ -39,7 +39,7 @@ static char id[] = "@(#)$Sendmail: smrsh.c,v 8.28 1999/10/26 16:11:32 ca Exp $"; ** ** Leading pathnames are stripped from program names so that ** existing .forward files that reference things like -** "/usr/ucb/vacation" will continue to work. +** "/usr/bin/vacation" will continue to work. ** ** The following characters are completely illegal: ** < > ^ & ` ( ) \n \r @@ -47,9 +47,7 @@ static char id[] = "@(#)$Sendmail: smrsh.c,v 8.28 1999/10/26 16:11:32 ca Exp $"; ** | & ** This is more restrictive than strictly necessary. ** -** To use this, edit /etc/sendmail.cf, search for ^Mprog, and -** change P=/bin/sh to P=/usr/local/etc/smrsh, where this compiled -** binary is installed /usr/local/etc/smrsh. +** To use this, add FEATURE(`smrsh') to your .mc file. ** ** This can be used on any version of sendmail. ** diff --git a/gnu/usr.sbin/sendmail/vacation/vacation.1 b/gnu/usr.sbin/sendmail/vacation/vacation.1 index f4d59429813..711d907de79 100644 --- a/gnu/usr.sbin/sendmail/vacation/vacation.1 +++ b/gnu/usr.sbin/sendmail/vacation/vacation.1 @@ -1,4 +1,4 @@ -.\" Copyright (c) 1999 Sendmail, Inc. and its suppliers. +.\" Copyright (c) 1999-2000 Sendmail, Inc. and its suppliers. .\" All rights reserved. .\" Copyright (c) 1985, 1987, 1990, 1991, 1993 .\" The Regents of the University of California. All rights reserved. @@ -11,7 +11,7 @@ .\" .\" $Sendmail: vacation.1,v 8.9 1999/10/27 03:42:07 ca Exp $ .\" -.TH VACATION 1 "$Date: 2000/04/02 19:48:37 $" +.TH VACATION 1 "$Date: 2000/04/07 19:20:47 $" .SH NAME .B vacation \- return ``I am not here'' indication @@ -30,6 +30,8 @@ .IR message ] .RB [ \-s .IR address ] +.RB [ \-t +.IR time ] .RB [ \-z ] .I login .SH DESCRIPTION @@ -97,6 +99,10 @@ instead of the sender address in the .I From line to determine the reply address. .TP +.BI \-t " time" +Ignored, available only for compatibility with Sun's +vacation program. +.TP .B \-x reads an exclusion list from stdin (one address per line). Mails coming from an address diff --git a/gnu/usr.sbin/sendmail/vacation/vacation.c b/gnu/usr.sbin/sendmail/vacation/vacation.c index 8602d801f08..fc218b1b58d 100644 --- a/gnu/usr.sbin/sendmail/vacation/vacation.c +++ b/gnu/usr.sbin/sendmail/vacation/vacation.c @@ -13,7 +13,7 @@ #ifndef lint static char copyright[] = -"@(#) Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.\n\ +"@(#) Copyright (c) 1998-2000 Sendmail, Inc. and its suppliers.\n\ All rights reserved.\n\ Copyright (c) 1983, 1987, 1993\n\ The Regents of the University of California. All rights reserved.\n\ @@ -21,7 +21,7 @@ static char copyright[] = #endif /* ! lint */ #ifndef lint -static char id[] = "@(#)$Sendmail: vacation.c,v 8.63 2000/02/01 05:50:00 gshapiro Exp $"; +static char id[] = "@(#)$Sendmail: vacation.c,v 8.68 2000/03/17 07:32:51 gshapiro Exp $"; #endif /* ! lint */ #include @@ -34,10 +34,6 @@ static char id[] = "@(#)$Sendmail: vacation.c,v 8.63 2000/02/01 05:50:00 gshapir #endif /* EX_OK */ #include -#if defined(sun) && !defined(BSD) && !defined(SOLARIS) -# include -#endif /* sun && ! BSD && ! SOLARIS */ - #include "sendmail/sendmail.h" #include "libsmdb/smdb.h" @@ -116,6 +112,7 @@ main(argc, argv) ALIAS *cur; char *dbfilename = VDB; char *msgfilename = VMSG; + char *name; SMDB_USER_INFO user_info; static char rnamebuf[MAXNAME]; extern int optind, opterr; @@ -156,7 +153,7 @@ main(argc, argv) exclude = FALSE; interval = INTERVAL_UNDEF; *From = '\0'; - while ((ch = getopt(argc, argv, "a:f:Iim:r:s:xz")) != -1) + while ((ch = getopt(argc, argv, "a:f:Iim:r:s:t:xz")) != -1) { switch((char)ch) { @@ -233,17 +230,22 @@ main(argc, argv) exit(EX_NOUSER); } } +#if _FFR_BLACKBOX + name = *argv; +#else /* _FFR_BLACKBOX */ else if ((pw = getpwnam(*argv)) == NULL) { syslog(LOG_ERR, "vacation: no such user %s.\n", *argv); exit(EX_NOUSER); } + name = pw->pw_name; if (chdir(pw->pw_dir) != 0) { syslog(LOG_NOTICE, "vacation: no such directory %s.\n", pw->pw_dir); exit(EX_NOINPUT); } +#endif /* _FFR_BLACKBOX */ user_info.smdbu_id = pw->pw_uid; user_info.smdbu_group_id = pw->pw_gid; (void) strlcpy(user_info.smdbu_name, pw->pw_name, @@ -283,7 +285,7 @@ main(argc, argv) "vacation: can't allocate memory for username.\n"); exit(EX_OSERR); } - cur->name = pw->pw_name; + cur->name = name; cur->next = Names; Names = cur; @@ -295,7 +297,7 @@ main(argc, argv) (void) time(&now); setreply(From, now); result = Db->smdb_close(Db); - sendmessage(pw->pw_name, msgfilename, emptysender); + sendmessage(name, msgfilename, emptysender); } else result = Db->smdb_close(Db); @@ -765,7 +767,7 @@ sendmessage(myname, msgfn, emptysender) void usage() { - syslog(LOG_NOTICE, "uid %u: usage: vacation [-i] [-a alias] [-f db] [-m msg] [-r interval] [-s sender] [-x] [-z] login\n", + syslog(LOG_NOTICE, "uid %u: usage: vacation [-i] [-a alias] [-f db] [-m msg] [-r interval] [-s sender] [-t time] [-x] [-z] login\n", getuid()); exit(EX_USAGE); }