SLFO-pool/sendmail
SHA256
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
sendmail/sendmail-8.18.1.dif

1503 lines
53 KiB
Plaintext
Raw Permalink Blame History

---
cf/README | 2 -
cf/domain/generic.m4 | 2 -
cf/feature/masquerade_envelope.m4 | 2 +
cf/feature/msp.m4 | 9 +++++-
cf/feature/use_cw_file.m4 | 2 -
cf/m4/cfhead.m4 | 1
cf/m4/proto.m4 | 6 ++++
cf/mailer/cyrus.m4 | 3 +-
cf/mailer/fax.m4 | 1
cf/mailer/local.m4 | 2 +
cf/mailer/mail11.m4 | 10 ++++---
cf/mailer/phquery.m4 | 1
cf/mailer/pop.m4 | 1
cf/mailer/procmail.m4 | 1
cf/mailer/qpage.m4 | 1
cf/mailer/smtp.m4 | 2 +
cf/mailer/usenet.m4 | 1
cf/mailer/uucp.m4 | 3 +-
cf/sh/makeinfo.sh | 15 ++++++++--
contrib/bounce-resender.pl | 4 +-
contrib/doublebounce.pl | 10 ++++++-
contrib/etrn.pl | 2 -
contrib/expn.pl | 26 +++++++++++++++----
contrib/passwd-to-alias.pl | 2 -
contrib/qtool.pl | 4 +-
contrib/smcontrol.pl | 2 -
devtools/M4/UNIX/manpage.m4 | 2 -
devtools/M4/depend/CC-M.m4 | 2 -
devtools/OS/Linux | 3 +-
devtools/bin/install.sh | 5 ++-
doc/op/op.me | 52 +++++++++++++++++++-------------------
include/sm/conf.h | 48 +++++++++++++++++++++++++++--------
libmilter/Makefile.m4 | 28 ++++++++++++++++++++
libsm/Makefile.m4 | 4 ++
libsm/inet6_ntop.c | 2 -
libsmutil/Makefile.m4 | 4 ++
mail.local/Makefile.m4 | 6 +++-
mailstats/mailstats.8 | 5 ++-
makemap/makemap.8 | 6 ----
praliases/Makefile.m4 | 3 +-
rmail/rmail.c | 2 -
sendmail/Makefile.m4 | 3 ++
sendmail/SECURITY | 31 +++++++++++-----------
sendmail/control.c | 2 -
sendmail/domain.c | 10 +++++--
sendmail/readcf.c | 8 ++++-
sendmail/udb.c | 14 +++++++---
smrsh/README | 32 +++++++++++------------
smrsh/smrsh.8 | 25 ++++++++----------
vacation/vacation.c | 3 ++
50 files changed, 283 insertions(+), 132 deletions(-)
--- cf/README
+++ cf/README 2024-02-05 08:37:43.824410516 +0000
@@ -364,7 +364,7 @@ LOCAL_MAILER_DSN_DIAGNOSTIC_CODE
local mailer. This should be changed with care.
LOCAL_SHELL_PATH [/bin/sh] The shell used to deliver piped email.
LOCAL_SHELL_FLAGS [eu9] The flags used by the shell mailer. The
- flags lsDFM are always included.
+ flags lsDFMoq are always included.
LOCAL_SHELL_ARGS [sh -c $u] The arguments passed to deliver "prog"
mail.
LOCAL_SHELL_DIR [$z:/] The directory search path in which the
--- cf/domain/generic.m4
+++ cf/domain/generic.m4 2024-02-05 08:37:43.828410442 +0000
@@ -25,4 +25,4 @@ define(`confFORWARD_PATH', `$z/.forward.
define(`confMAX_HEADERS_LENGTH', `32768')dnl
FEATURE(`redirect')dnl
FEATURE(`use_cw_file')dnl
-EXPOSED_USER(`root')
+ifdef(`_MAILER_uucp_', `EXPOSED_USER(`root uucp')',`EXPOSED_USER(`root')')dnl
--- cf/feature/masquerade_envelope.m4
+++ cf/feature/masquerade_envelope.m4 2024-02-05 08:37:43.828410442 +0000
@@ -17,3 +17,5 @@ VERSIONID(`$Id: masquerade_envelope.m4,v
divert(-1)
define(`_MASQUERADE_ENVELOPE_', 1)
+
+divert(0)dnl
--- cf/feature/msp.m4
+++ cf/feature/msp.m4 2024-02-05 08:37:43.828410442 +0000
@@ -20,7 +20,7 @@ define(`confPRIVACY_FLAGS', `goaway,noet
define(`confDONT_PROBE_INTERFACES', `True')
dnl ---------------------------------------------
dnl run as this user (even if called by root)
-ifdef(`confRUN_AS_USER',,`define(`confRUN_AS_USER', `smmsp')')
+ifdef(`confRUN_AS_USER',,`define(`confRUN_AS_USER', `mail')')
ifdef(`confTRUSTED_USER',,`define(`confTRUSTED_USER',
`ifelse(index(confRUN_AS_USER,`:'), -1, `confRUN_AS_USER',
`substr(confRUN_AS_USER,0,index(confRUN_AS_USER,`:'))')')')
@@ -62,11 +62,18 @@ MODIFY_MAILER_FLAGS(`ESMTP', `+k5')dnl
MODIFY_MAILER_FLAGS(`DSMTP', `+k5')dnl
MODIFY_MAILER_FLAGS(`SMTP8', `+k5')dnl
MODIFY_MAILER_FLAGS(`RELAY', `+k')dnl
+define(`SMTP_MAILER_ARGS', `TCP $h ${MTAPort}')dnl
+define(`ESMTP_MAILER_ARGS', `TCP $h ${MTAPort}')dnl
+define(`DSMTP_MAILER_ARGS', `TCP $h ${MTAPort}')dnl
+define(`SMTP8_MAILER_ARGS', `TCP $h ${MTAPort}')dnl
+ifelse(_ARG2_, `', `define(`RELAY_MAILER_ARGS', `TCP $h ${MTAPort}')')dnl
+ifdef(`confMTAPort', `define(`_MTA_PORT_', confMTAPort)', `define(`_MTA_PORT_', `smtp')')dnl
MAILER(`local')dnl
MAILER(`smtp')dnl
LOCAL_CONFIG
D{MTAHost}_MTA_HOST_
+D{MTAPort}_MTA_PORT_
LOCAL_RULESETS
SLocal_localaddr
--- cf/feature/use_cw_file.m4
+++ cf/feature/use_cw_file.m4 2024-02-05 08:37:43.828410442 +0000
@@ -22,4 +22,4 @@ divert(-1)
define(`USE_CW_FILE', `')
-divert(0)
+divert(0)dnl
--- cf/m4/cfhead.m4
+++ cf/m4/cfhead.m4 2024-02-05 08:37:43.828410442 +0000
@@ -319,6 +319,7 @@ define(`confMILTER_MACROS_HELO', ``{tls_
define(`confMILTER_MACROS_ENVFROM', ``i, {auth_type}, {auth_authen}, {auth_ssf}, {auth_author}, {mail_mailer}, {mail_host}, {mail_addr}'')
define(`confMILTER_MACROS_ENVRCPT', ``{rcpt_mailer}, {rcpt_host}, {rcpt_addr}'')
define(`confMILTER_MACROS_EOM', `{msg_id}')
+undefine(`confMTAPort')
divert(0)dnl
--- cf/m4/proto.m4
+++ cf/m4/proto.m4 2024-02-05 08:37:43.828410442 +0000
@@ -1304,6 +1304,12 @@ ifdef(`_PRESERVE_LUSER_HOST_', `dnl
R< $+ > $+ $: < $1 > $2 $&{Host}')
dnl')
+ifdef(`_LDAP_', `dnl
+# Now attempt to lookup in ldap (ldap map)
+R< $L > $+ $: < $L > $(ldap $1 $) look up user
+R< $* > $+ @ $+ $: < $3 > $2 rewrite if forward',
+`dnl')
+
ifdef(`MAIL_HUB', `dnl
R< > $+ $: < $H > $1 try hub', `dnl')
ifdef(`LOCAL_RELAY', `dnl
--- cf/mailer/cyrus.m4
+++ cf/mailer/cyrus.m4 2024-02-05 08:37:43.828410442 +0000
@@ -36,7 +36,7 @@ PUSHDIVERT(-1)
#
_DEFIFNOT(`CYRUS_MAILER_FLAGS', `Ah5@/:|')
-ifdef(`CYRUS_MAILER_PATH',, `define(`CYRUS_MAILER_PATH', /usr/cyrus/bin/deliver)')
+ifdef(`CYRUS_MAILER_PATH',, `define(`CYRUS_MAILER_PATH', `/usr/lib/cyrus/bin/deliver')')
ifdef(`CYRUS_MAILER_ARGS',, `define(`CYRUS_MAILER_ARGS', `deliver -e -m $h -- $u')')
ifdef(`CYRUS_MAILER_USER',, `define(`CYRUS_MAILER_USER', `cyrus:mail')')
_DEFIFNOT(`CYRUS_BB_MAILER_FLAGS', `u')
@@ -51,6 +51,7 @@ POPDIVERT
VERSIONID(`$Id: cyrus.m4,v 8.24 2013-11-22 20:51:14 ca Exp $ (Carnegie Mellon)')
+MAILER_DEFINITIONS
Mcyrus, P=CYRUS_MAILER_PATH, F=_MODMF_(CONCAT(`lsDFMnPq', CYRUS_MAILER_FLAGS), `CYRUS'), S=EnvFromL, R=EnvToL/HdrToL,
ifdef(`CYRUS_MAILER_MAX', `M=CYRUS_MAILER_MAX, ')U=CYRUS_MAILER_USER, T=DNS/RFC822/X-Unix,_CYRUS_QGRP
A=CYRUS_MAILER_ARGS
--- cf/mailer/fax.m4
+++ cf/mailer/fax.m4 2024-02-05 08:37:43.828410442 +0000
@@ -30,6 +30,7 @@ POPDIVERT
VERSIONID(`$Id: fax.m4,v 8.17 2013-11-22 20:51:14 ca Exp $')
+MAILER_DEFINITIONS
Mfax, P=FAX_MAILER_PATH, F=DFMhu, S=14, R=24,
M=FAX_MAILER_MAX, T=X-Phone/X-FAX/X-Unix,_FAX_QGRP
A=FAX_MAILER_ARGS
--- cf/mailer/local.m4
+++ cf/mailer/local.m4 2024-02-05 08:37:43.828410442 +0000
@@ -34,6 +34,7 @@ POPDIVERT
VERSIONID(`$Id: local.m4,v 8.60 2013-11-22 20:51:14 ca Exp $')
+LOCAL_RULESETS
#
# Envelope sender rewriting
#
@@ -85,6 +86,7 @@ R$+ $@ $1 < @ *LOCAL* > add local qual
`R$+ $@ $1 < @ _ALWAYS_ADD_DOMAIN_ > add qualification')',
`dnl')
+MAILER_DEFINITIONS
Mlocal, P=LOCAL_MAILER_PATH, F=_MODMF_(CONCAT(_DEF_LOCAL_MAILER_FLAGS, LOCAL_MAILER_FLAGS), `LOCAL'), LOCAL_RWR,_OPTINS(`LOCAL_MAILER_EOL', ` E=', `, ')
_OPTINS(`LOCAL_MAILER_MAX', `M=', `, ')_OPTINS(`LOCAL_MAILER_MAXMSGS', `m=', `, ')_OPTINS(`LOCAL_MAILER_MAXRCPTS', `r=', `, ')_OPTINS(`LOCAL_MAILER_CHARSET', `C=', `, ')T=DNS/RFC822/LOCAL_MAILER_DSN_DIAGNOSTIC_CODE,_LOCAL_QGRP
A=LOCAL_MAILER_ARGS
--- cf/mailer/mail11.m4
+++ cf/mailer/mail11.m4 2024-02-05 08:37:43.828410442 +0000
@@ -34,7 +34,7 @@ R$* < @ $=w .DECNET. > $#_LOCAL_ $: $1
R$+ < @ $+ .DECNET. > $#mail11 $@ $2 $: $1 DECnet user
POPDIVERT
-PUSHDIVERT(6)
+LOCAL_CONFIG
CPDECNET
POPDIVERT
@@ -44,6 +44,7 @@ POPDIVERT
VERSIONID(`$Id: mail11.m4,v 8.23 2013-11-22 20:51:14 ca Exp $')
+LOCAL_RULESETS
SMail11To
R$+ < @ $- .UUCP > $: $2 ! $1 back to old style
R$+ < @ $- .DECNET > $: $2 :: $1 convert to DECnet style
@@ -56,6 +57,7 @@ SMail11From
R$+ $: $>Mail11To $1 preprocess
R$w :: $+ $@ $w :: $1 ready to go
-Mmail11, P=MAIL11_MAILER_PATH, F=_MODMF_(MAIL11_MAILER_FLAGS, `MAIL11'), S=Mail11From, R=Mail11To,
- T=DNS/X-DECnet/X-Unix,_MAIL11_QGRP
- A=MAIL11_MAILER_ARGS
+MAILER_DEFINITIONS
+Mmail11, P=MAIL11_MAILER_PATH, F=_MODMF_(MAIL11_MAILER_FLAGS, `MAIL11'), S=Mail11From, R=Mail11To,
+ T=DNS/X-DECnet/X-Unix,_MAIL11_QGRP
+ A=MAIL11_MAILER_ARGS
--- cf/mailer/phquery.m4
+++ cf/mailer/phquery.m4 2024-02-05 08:37:43.828410442 +0000
@@ -27,6 +27,7 @@ POPDIVERT
VERSIONID(`$Id: phquery.m4,v 8.18 2013-11-22 20:51:14 ca Exp $')
+MAILER_DEFINITIONS
Mph, P=PH_MAILER_PATH, F=_MODMF_(CONCAT(`nrDFM', PH_MAILER_FLAGS), `PH'), S=EnvFromL, R=EnvToL/HdrToL,
T=DNS/RFC822/X-Unix,_PH_QGRP
A=PH_MAILER_ARGS
--- cf/mailer/pop.m4
+++ cf/mailer/pop.m4 2024-02-05 08:37:43.828410442 +0000
@@ -25,6 +25,7 @@ POPDIVERT
VERSIONID(`$Id: pop.m4,v 8.23 2013-11-22 20:51:14 ca Exp $')
+MAILER_DEFINITIONS
Mpop, P=POP_MAILER_PATH, F=_MODMF_(CONCAT(`lsDFMq', POP_MAILER_FLAGS), `POP'), S=EnvFromL, R=EnvToL/HdrToL,
T=DNS/RFC822/X-Unix,_POP_QGRP
A=POP_MAILER_ARGS
--- cf/mailer/procmail.m4
+++ cf/mailer/procmail.m4 2024-02-05 08:37:43.828410442 +0000
@@ -29,6 +29,7 @@ POPDIVERT
VERSIONID(`$Id: procmail.m4,v 8.23 2013-11-22 20:51:14 ca Exp $')
+MAILER_DEFINITIONS
Mprocmail, P=PROCMAIL_MAILER_PATH, F=_MODMF_(CONCAT(`DFM', PROCMAIL_MAILER_FLAGS), `PROCMAIL'), S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP/HdrFromSMTP,
ifdef(`PROCMAIL_MAILER_MAX', `M=PROCMAIL_MAILER_MAX, ')T=DNS/RFC822/X-Unix,_PROCMAIL_QGRP
A=PROCMAIL_MAILER_ARGS
--- cf/mailer/qpage.m4
+++ cf/mailer/qpage.m4 2024-02-05 08:37:43.832410367 +0000
@@ -26,6 +26,7 @@ POPDIVERT
VERSIONID(`$Id: qpage.m4,v 8.11 2013-11-22 20:51:14 ca Exp $')
+MAILER_DEFINITIONS
Mqpage, P=QPAGE_MAILER_PATH, F=_MODMF_(QPAGE_MAILER_FLAGS, `QPAGE'),
M=QPAGE_MAILER_MAX, T=DNS/RFC822/X-Unix,_QPAGE_QGRP
A=QPAGE_MAILER_ARGS
--- cf/mailer/smtp.m4
+++ cf/mailer/smtp.m4 2024-02-05 08:37:43.832410367 +0000
@@ -33,6 +33,7 @@ POPDIVERT
VERSIONID(`$Id: smtp.m4,v 8.66 2013-11-22 20:51:14 ca Exp $')
+LOCAL_RULESETS
#
# common sender and masquerading recipient rewriting
#
@@ -107,6 +108,7 @@ SMasqRelay
R$+ $: $>MasqSMTP $1
R$+ $: $>MasqHdr $1
+MAILER_DEFINITIONS
Msmtp, P=[IPC], F=_MODMF_(CONCAT(_DEF_SMTP_MAILER_FLAGS, SMTP_MAILER_FLAGS), `SMTP'), S=EnvFromSMTP/HdrFromSMTP, R=ifdef(`_ALL_MASQUERADE_', `EnvToSMTP/HdrFromSMTP', `EnvToSMTP'), E=\r\n, L=SMTP_MAILER_LL,
_OPTINS(`SMTP_MAILER_MAX', `M=', `, ')_OPTINS(`SMTP_MAILER_MAXMSGS', `m=', `, ')_OPTINS(`SMTP_MAILER_MAXRCPTS', `r=', `, ')_OPTINS(`SMTP_MAILER_CHARSET', `C=', `, ')T=DNS/RFC822/SMTP,_SMTP_QGRP
A=SMTP_MAILER_ARGS
--- cf/mailer/usenet.m4
+++ cf/mailer/usenet.m4 2024-02-05 08:37:43.832410367 +0000
@@ -23,6 +23,7 @@ POPDIVERT
VERSIONID(`$Id: usenet.m4,v 8.23 2013-11-22 20:51:14 ca Exp $')
+MAILER_DEFINITIONS
Musenet, P=USENET_MAILER_PATH, F=_MODMF_(USENET_MAILER_FLAGS, `USENET'), S=EnvFromL, R=EnvToL,
_OPTINS(`USENET_MAILER_MAX', `M=', `, ')T=X-Usenet/X-Usenet/X-Unix,_USENET_QGRP
A=USENET_MAILER_ARGS $u
--- cf/mailer/uucp.m4
+++ cf/mailer/uucp.m4 2024-02-05 08:37:43.832410367 +0000
@@ -26,6 +26,7 @@ POPDIVERT
VERSIONID(`$Id: uucp.m4,v 8.45 2013-11-22 20:51:14 ca Exp $')
+LOCAL_RULESETS
#
# envelope and header sender rewriting
#
@@ -122,6 +123,7 @@ R$* < @ $=Y . UUCP. > $* $#uucp-new $@ $
R$* < @ $=U . UUCP. > $* $#uucp-old $@ $2 $: $1 < @ $2 .UUCP. > $3
POPDIVERT
+MAILER_DEFINITIONS
#
# There are innumerable variations on the UUCP mailer. It really
# is rather absurd.
@@ -154,4 +156,3 @@ Muucp-uudom, P=UUCP_MAILER_PATH, F=_MODM
M=UUCP_MAILER_MAX, _OPTINS(`UUCP_MAILER_CHARSET', `C=', `, ')T=X-UUCP/X-UUCP/X-Unix,_UUCP_QGRP
A=UUCP_MAILER_ARGS')
-
--- cf/sh/makeinfo.sh
+++ cf/sh/makeinfo.sh 2024-02-05 08:37:43.832410367 +0000
@@ -22,7 +22,7 @@ do
then
p="."
fi
- if [ -f $p/whoami ]
+ if [ -x $p/whoami ]
then
usewhoami=1
if [ $usehostname -ne 0 ]
@@ -30,7 +30,7 @@ do
break;
fi
fi
- if [ -f $p/hostname ]
+ if [ -x $p/hostname ]
then
usehostname=1
if [ $usewhoami -ne 0 ]
@@ -48,11 +48,20 @@ fi
if [ $usehostname -ne 0 ]
then
- host=`hostname`
+ [ -r /etc/rc.config ] && host="$( . /etc/rc.config &> /dev/null ; echo $FQHOSTNAME)"
+ [ -z "$host" -a -r /etc/HOSTNAME ] && read host < /etc/HOSTNAME
+ [ -z "$host" ] && host=`hostname -f`
else
host=`uname -n`
fi
echo '#####' built by $user@$host on `date`
+if [ -r /etc/os-release ] ; then
+ . /etc/os-release
+ echo '#####' on $PRETTY_NAME
+elif [ -r /etc/SuSE-release ] ; then
+ read line < /etc/SuSE-release
+ echo '#####' on $line
+fi
echo '#####' in `pwd` | sed 's/\/tmp_mnt//'
echo '#####' using $1 as configuration include directory | sed 's/\/tmp_mnt//'
echo "define(\`__HOST__', \`$host')dnl"
--- contrib/bounce-resender.pl
+++ contrib/bounce-resender.pl 2024-02-05 08:37:43.832410367 +0000
@@ -1,4 +1,4 @@
-#!/usr/local/bin/perl -w
+#!/usr/bin/perl -w
#
# bounce-resender: constructs mail queue from bounce spool for
# subsequent reprocessing by sendmail
@@ -30,7 +30,7 @@ $uname = "PhilOS"; # You don't want to
$myname = $0;
$myname =~ s,.*/([^/]*),$1,;
-chomp($hostname = `hostname`);
+chomp($hostname = `hostname -f`);
chomp($uname = `uname`);
# FIXME: Define the functions "major" and "minor" for your OS.
--- contrib/doublebounce.pl
+++ contrib/doublebounce.pl 2024-02-05 08:37:43.832410367 +0000
@@ -111,6 +111,11 @@ EOT
return $result;
}
+sub cleanup
+{
+ unlink("$tmpfile");
+}
+
sub main {
# Get our command line options
getopts('d');
@@ -127,6 +132,10 @@ sub main {
# it in memory, get a temporary file.
$tmpfile = tmpnam();
+ $SIG{'INT'} = "cleanup";
+ $SIG{'TERM'} = "cleanup";
+ $SIG{'HUP'} = "cleanup";
+
if (!open(MSG, ">$tmpfile")) {
syslog('err', "Unable to open temporary file $tmpfile");
exit(75); # 75 is a temporary failure, sendmail should retry
@@ -222,4 +231,3 @@ sub main {
main();
exit(0);
-
--- contrib/etrn.pl
+++ contrib/etrn.pl 2024-02-05 08:37:43.832410367 +0000
@@ -1,4 +1,4 @@
-#!/usr/perl5/bin/perl -w
+#!/usr/bin/perl -w
#
# CDDL HEADER START
#
--- contrib/expn.pl
+++ contrib/expn.pl 2024-02-05 08:37:43.832410367 +0000
@@ -101,6 +101,7 @@ use Fcntl;
$have_nslookup = 1; # we have the nslookup program
$port = 'smtp';
+$tmp_dir = "/tmp/.expn$$";
$av0 = $0;
$ENV{'PATH'} .= ":/usr/etc" unless $ENV{'PATH'} =~ m,/usr/etc,;
$ENV{'PATH'} .= ":/usr/ucb" unless $ENV{'PATH'} =~ m,/usr/ucb,;
@@ -112,6 +113,19 @@ chop($name = `hostname || uname -n`);
$0 = "$av0 - lookup host FQDN and IP addr";
($hostname,$aliases,$type,$len,$thisaddr) = gethostbyname($name);
+mkdir("$tmp_dir",0700) || die "mkdir $tmp_dir: $!";
+
+sub cleanup
+{
+ unlink("/tmp/.expn$$/expn$$");
+ rmdir $tmp_dir;
+ exit(1);
+}
+
+$SIG{'INT'} = "cleanup";
+$SIG{'TERM'} = "cleanup";
+$SIG{'HUP'} = "cleanup";
+
$0 = "$av0 - parsing args";
$usage = "Usage: $av0 [-1avwd] user[\@host] [user2[host2] ...]";
for $a (@ARGV) {
@@ -402,7 +416,9 @@ select(STDOUT);
for $f (sort @final) {
print "$f\n";
}
-unlink("/tmp/expn$$");
+unlink("/tmp/.expn$$/expn$$");
+rmdir $tmp_dir;
+
exit(0);
@@ -1000,13 +1016,13 @@ sub mxlookup
}
$0 = "$av0 - nslookup of $server";
- sysopen(T,"/tmp/expn$$",O_RDWR|O_CREAT|O_EXCL,0600) || die "open > /tmp/expn$$: $!\n";
+ sysopen(T,"/tmp/.expn$$/expn$$",O_RDWR|O_CREAT|O_EXCL,0600) || die "open > /tmp/.expn$$/expn$$: $!\n";
print T "set querytype=MX\n";
print T "$server\n";
close(T);
$cpref = 1.0E12;
undef $nserver;
- open(NSLOOKUP,"nslookup < /tmp/expn$$ 2>&1 |") || die "open nslookup: $!";
+ open(NSLOOKUP,"nslookup < /tmp/.expn$$/expn$$ 2>&1 |") || die "open nslookup: $!";
while(<NSLOOKUP>) {
print if ($debug > 2);
if (/mail exchanger = ([-A-Za-z_.0-9+]+)/) {
@@ -1037,7 +1053,7 @@ sub mxlookup
}
close(NSLOOKUP);
- unlink("/tmp/expn$$");
+ unlink("/tmp/.expn$$/expn$$");
unless ($nserver) {
$0 = "$o0 - finished mxlookup";
return 0 unless $lastchance;
@@ -1309,7 +1325,7 @@ it is possible to eliminate bugs.
No environment variables are used.
.SH FILES
.PD 0
-.B /tmp/expn$$
+.B /tmp/.expn$$/expn$$
.B temporary file used as input to
.BR nslookup .
.SH SEE ALSO
--- contrib/passwd-to-alias.pl
+++ contrib/passwd-to-alias.pl 2024-02-05 08:37:43.832410367 +0000
@@ -1,4 +1,4 @@
-#!/bin/perl
+#!/usr/bin/perl
#
# Convert GECOS information in password files to alias syntax.
--- contrib/qtool.pl
+++ contrib/qtool.pl 2024-02-05 08:37:43.832410367 +0000
@@ -1,4 +1,4 @@
-#!/usr/bin/env perl
+#!/usr/bin/perl
##
## Copyright (c) 1998-2002 Proofpoint, Inc. and its suppliers.
## All rights reserved.
@@ -151,7 +151,7 @@ if ($action == \&move_action)
# determine queue_root by reading config file
my $queue_root;
{
- my $config_file = "/etc/mail/sendmail.cf";
+ my $config_file = "/etc/sendmail.cf";
if (defined $opts{C})
{
$config_file = $opts{C};
--- contrib/smcontrol.pl
+++ contrib/smcontrol.pl 2024-02-05 08:37:43.832410367 +0000
@@ -25,7 +25,7 @@ sub get_controlname
my $cn = undef;
my $qd = undef;
- open(CF, "</etc/mail/sendmail.cf") or return $cn;
+ open(CF, "</etc/sendmail.cf") or open(CF, "</etc/mail/sendmail.cf") or return $cn;
while (<CF>)
{
chomp;
--- devtools/M4/UNIX/manpage.m4
+++ devtools/M4/UNIX/manpage.m4 2024-02-05 08:37:43.832410367 +0000
@@ -69,7 +69,7 @@ ifdef(`confNO_MAN_INSTALL', `divert(-1)'
define(`bldMAN_INSTALL_CMD',
`ifdef(`confDONT_INSTALL_CATMAN', `dnl',
` ifdef(`confMKDIR', `if [ ! -d ${DESTDIR}${MAN'bldGET_MAN_SOURCE_NUM($1)`SRC} ]; then confMKDIR -p ${DESTDIR}${MAN'bldGET_MAN_SOURCE_NUM($1)`SRC}; else :; fi ')
- ${INSTALL} -c -o ${MANOWN} -g ${MANGRP} -m ${MANMODE} bldGET_MAN_BASE_NAME($1).`${MAN'bldGET_MAN_SOURCE_NUM($1)`SRC}' `${DESTDIR}${MAN'bldGET_MAN_SOURCE_NUM($1)}/bldGET_MAN_BASE_NAME($1)`.${MAN'bldGET_MAN_SOURCE_NUM($1)`EXT}'')
+ ${INSTALL} -c -o ${MANOWN} -g ${MANGRP} -m ${MANMODE} bldGET_MAN_BASE_NAME($1).`${MAN'bldGET_MAN_SOURCE_NUM($1)`SRC}' `${DESTDIR}${MAN'bldGET_MAN_SOURCE_NUM($1)}`MAN'/bldGET_MAN_BASE_NAME($1)`.${MAN'bldGET_MAN_SOURCE_NUM($1)`EXT}'')
ifdef(`confINSTALL_RAWMAN',
` ifdef(`confMKDIR', `if [ ! -d ${DESTDIR}${MAN'bldGET_MAN_SOURCE_NUM($1)`MAN} ]; then confMKDIR -p ${DESTDIR}${MAN'bldGET_MAN_SOURCE_NUM($1)`MAN}; else :; fi ')
${INSTALL} -c -o ${MANOWN} -g ${MANGRP} -m ${MANMODE} bldGET_MAN_BASE_NAME($1).bldGET_MAN_SOURCE_NUM($1) `${DESTDIR}${MAN'bldGET_MAN_SOURCE_NUM($1)`MAN}'/bldGET_MAN_BASE_NAME($1)`.${MAN'bldGET_MAN_SOURCE_NUM($1)`EXT}'', `dnl')'
--- devtools/M4/depend/CC-M.m4
+++ devtools/M4/depend/CC-M.m4 2024-02-05 08:37:43.836410293 +0000
@@ -3,6 +3,6 @@ depend: ${BEFORE} ${LINKS}
@mv Makefile Makefile.old
@sed -e '/^# Do not edit or remove this line or anything below it.$$/,$$d' < Makefile.old > Makefile
@echo "# Do not edit or remove this line or anything below it." >> Makefile
- ${CC} -M ${COPTS} ${SRCS} >> Makefile
+ ${CC} -M ${O} ${COPTS} ${SRCS} >> Makefile
# End of $RCSfile: CC-M.m4,v $
--- devtools/OS/Linux
+++ devtools/OS/Linux 2024-02-05 08:37:43.836410293 +0000
@@ -5,8 +5,9 @@ dnl Place personal settings in devtools/
define(`confDEPEND_TYPE', `CC-M')
define(`confCCOPTS_SO', `-fPIC')
+define(`confENVDEF', `-DNETINET6')
define(`confSM_OS_HEADER', `sm_os_linux')
-define(`confMANROOT', `/usr/man/man')
+define(`confMANROOT', `/usr/share/man/man')
define(`confLIBS', `-ldl')
define(`confEBINDIR', `/usr/sbin')
APPENDDEF(`confLIBSEARCH', `crypt nsl')
--- devtools/bin/install.sh
+++ devtools/bin/install.sh 2024-02-05 08:37:43.836410293 +0000
@@ -16,6 +16,7 @@ owner=""
group=""
mode=""
strip=""
+id=$(id -u)
# chown program -- ultrix keeps it in /etc/chown and /usr/etc/chown
if [ -f /etc/chown ]
@@ -102,7 +103,7 @@ then
fi
# Change owner if requested
-if [ ! -z "$owner" ]
+if [ ! -z "$owner" -a $id -eq 0 ]
then
$chown $owner $dst
if [ $? != 0 ]
@@ -112,7 +113,7 @@ then
fi
# Change group if requested
-if [ ! -z "$group" ]
+if [ ! -z "$group" -a $id -eq 0 ]
then
chgrp $group $dst
if [ $? != 0 ]
--- doc/op/op.me
+++ doc/op/op.me 2024-02-05 08:37:43.836410293 +0000
@@ -589,7 +589,7 @@ The binary for
.i sendmail
is located in /usr/\*(SD\**.
.(f
-\**This is usually
+\** This is usually
/usr/sbin
on 4.4BSD and newer systems;
many systems install it in
@@ -603,7 +603,7 @@ For security reasons,
/, /usr, and /usr/\*(SD
should be owned by root, mode 0755\**.
.(f
-\**Some vendors ship them owned by bin;
+\** Some vendors ship them owned by bin;
this creates a security hole that is not actually related to
.i sendmail .
Other important directories that should have restrictive ownerships
@@ -615,7 +615,7 @@ and permissions are
This is the main configuration file for
.i sendmail \**.
.(f
-\**Actually, the pathname varies depending on the operating system;
+\** Actually, the pathname varies depending on the operating system;
/etc/mail is the preferred directory.
Some older systems install it in
.b /usr/lib/sendmail.cf ,
@@ -631,7 +631,7 @@ This is one of the two non-library file
.i sendmail \**,
the other is /etc/mail/submit.cf.
.(f
-\**The system libraries can reference other files;
+\** The system libraries can reference other files;
in particular, system library subroutines that
.i sendmail
calls probably reference
@@ -1055,7 +1055,7 @@ are logged under the
.sm LOG_MAIL
facility\**.
.(f
-\**Except on Ultrix,
+\** Except on Ultrix,
which does not support facilities in the syslog.
.)f
.sh 3 "Format"
@@ -1069,7 +1069,7 @@ the word
.q sendmail: ,
and a message\**.
.(f
-\**This format may vary slightly if your vendor has changed
+\** This format may vary slightly if your vendor has changed
the syntax.
.)f
Most messages are a sequence of
@@ -1520,7 +1520,7 @@ The disk based host information is store
directory called
.b \&.hoststat \**.
.(f
-\**This is the usual value of the
+\** This is the usual value of the
.b HostStatusDirectory
option;
it can, of course, go anywhere you like in your filesystem.
@@ -1571,7 +1571,7 @@ and sendmail knows about it,
will use the native version.
Ultrix, Solaris, and DEC OSF/1 are examples of such systems\**.
.(f
-\**HP-UX 10 has service switch support,
+\** HP-UX 10 has service switch support,
but since the APIs are apparently not available in the libraries
.i sendmail
does not use the native service switch in this release.
@@ -1678,7 +1678,7 @@ will not have the desired effect
(except on prep.ai.MIT.EDU,
and they probably don't want me)\**.
.(f
-\**Actually, any mailer that has the `A' mailer flag set
+\** Actually, any mailer that has the `A' mailer flag set
will permit aliasing;
this is normally limited to the local mailer.
.)f
@@ -1694,7 +1694,7 @@ The second form is processed by one of t
e.g.,
.i ndbm \|(3)\**
.(f
-\**The
+\** The
.i gdbm
package does not work.
.)f
@@ -1826,7 +1826,7 @@ Before
will access the database,
it checks to insure that this entry exists\**.
.(f
-\**The
+\** The
.b AliasWait
option is required in the configuration
for this action to occur.
@@ -2249,7 +2249,7 @@ Some options have security implications.
Sendmail allows you to set these,
but relinquishes its set-user-ID or set-group-ID permissions thereafter\**.
.(f
-\**That is, it sets its effective uid to the real uid;
+\** That is, it sets its effective uid to the real uid;
thus, if you are executing as root,
as from root's crontab file or during system startup
the root permissions will still be honored.
@@ -2617,7 +2617,7 @@ the time to wait for another command.
The timeout waiting for a reply to an IDENT query
[5s\**, unspecified].
.(f
-\**On some systems the default is zero to turn the protocol off entirely.
+\** On some systems the default is zero to turn the protocol off entirely.
.)f
.ip lhlo
The wait for a reply to an LMTP LHLO command
@@ -3872,7 +3872,7 @@ and
is looked up in the host database(s)
and replaced by the canonical name\**.
.(f
-\**This is actually
+\** This is actually
completely equivalent
to $(host \fIhostname\fP$).
In particular, a
@@ -3957,7 +3957,7 @@ part.
If the mailer is local
the host part may be omitted\**.
.(f
-\**You may want to use it for special
+\** You may want to use it for special
.q "per user"
extensions.
For example, in the address
@@ -4917,7 +4917,7 @@ for interpolation into argv's for mailer
or for other contexts.
The ones marked \(dg are information passed into sendmail\**,
.(f
-\**As of version 8.6,
+\** As of version 8.6,
all of these macros have reasonable defaults.
Previous versions required that they be defined.
.)f
@@ -5456,7 +5456,7 @@ and then passing that to
.i gethostbyname (3)
which is supposed to return the canonical version of that host name.\**
.(f
-\**For example, on some systems
+\** For example, on some systems
.i gethostname
might return
.q foo
@@ -5484,7 +5484,7 @@ it is imperative that the config file se
.b $j
to the fully qualified domain name\**.
.(f
-\**Older versions of sendmail didn't pre-define
+\** Older versions of sendmail didn't pre-define
.b $j
at all, so up until 8.6,
config files
@@ -7254,7 +7254,7 @@ will run as this user.
Defaults to 1:1.
The value can also be given as a symbolic user name.\**
.(f
-\**The old
+\** The old
.b g
option has been combined into the
.b DefaultUser
@@ -7993,7 +7993,7 @@ noactualrecipient Don't put X-Actual-Rec
which reveal the actual account that addresses map to.
.)b
.(f
-\**N.B.:
+\** N.B.:
the
.b noreceipts
flag turns off support for RFC 1891
@@ -8226,7 +8226,7 @@ If set to a non-zero (non-root) value,
.i sendmail
will change to this user id shortly after startup\**.
.(f
-\**When running as a daemon,
+\** When running as a daemon,
it changes to this user after accepting a connection
but before reading any
.sm SMTP
@@ -8911,7 +8911,7 @@ line may have an optional
to indicate that this configuration file uses modifications
specific to a particular vendor\**.
.(f
-\**And of course, vendors are encouraged to add themselves
+\** And of course, vendors are encouraged to add themselves
to the list of recognized vendors by editing the routine
.i setvendor
in
@@ -10155,7 +10155,7 @@ gets their outgoing mail stamped as
but people not listed in the database use the local hostname.
.sh 3 "Creating the database\**"
.(f
-\**These instructions are known to be incomplete.
+\** These instructions are known to be incomplete.
Other features are available which provide similar functionality,
e.g., virtual hosting and mapping local addresses into a
generic form as explained in cf/README.
@@ -10734,7 +10734,7 @@ and
fields are always scanned on ARPANET mail
to determine the sender\**;
.(f
-\**Actually, this is no longer true in SMTP;
+\** Actually, this is no longer true in SMTP;
this information is contained in the envelope.
The older ARPANET protocols did not completely distinguish
envelope from header.
@@ -10962,7 +10962,7 @@ The distribution includes several possib
If you are porting to a new environment
you may need to add some new tweaks.\**
.(f
-\**If you do, please send updates to
+\** If you do, please send updates to
sendmail@Sendmail.ORG.
.)f
.sh 2 "Configuration in sendmail/daemon.c"
@@ -11955,7 +11955,7 @@ the following is a queue file sent to
and
.q bostic@okeeffe.CS.Berkeley.EDU \**:
.(f
-\**This example is contrived and probably inaccurate for your environment.
+\** This example is contrived and probably inaccurate for your environment.
Glance over it to get an idea;
nothing can replace looking at what your own system generates.
.)f
--- include/sm/conf.h
+++ include/sm/conf.h 2024-02-05 08:37:43.836410293 +0000
@@ -1475,23 +1475,47 @@ extern void *malloc();
# define KERNEL_VERSION(a,b,c) (((a) << 16) + ((b) << 8) + (c))
# endif
# define BSD 1 /* include BSD defines */
+# include <features.h>
+# if defined(__GLIBC__) && defined(__GLIBC_MINOR__)
+# undef GLIBC_VERSION
+# define GLIBC_VERSION ((__GLIBC__ << 8) + __GLIBC_MINOR__)
+# define HASSTRERROR 1 /* has strerror(3) */
+# endif /* __GLIBC__ && __GLIBC_MINOR__ */
# define HASSETREGID 1 /* use setregid(2) to set saved gid */
# ifndef REQUIRES_DIR_FSYNC
# define REQUIRES_DIR_FSYNC 1 /* requires fsync() on directory */
# endif
-# ifndef USESETEUID
-# define USESETEUID 0 /* has it due to POSIX, but doesn't work */
-# endif
+# if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,0,0))
+# if defined (GLIBC_VERSION) && (GLIBC_VERSION >= 0x201)
+# define USESETEUID 1 /* It works */
+# else /* GLIBC_VERSION >= 0x201 */
+# define USESETEUID 0 /* has it due to POSIX, but doesn't work */
+# endif /* GLIBC_VERSION >= 0x201 */
+# if defined (GLIBC_VERSION) && (GLIBC_VERSION >= 0x200)
+# define HASSETREUID 1 /* has setreuid(2) call */
+# endif /* GLIBC_VERSION >= 0x200 */
+# else /* LINUX_VERSION_CODE < 2.2.0 */
+# ifndef USESETEUID
+# define USESETEUID 0 /* has it due to POSIX, but doesn't work */
+# endif /* USESETEUID */
+# endif /* LINUX_VERSION_CODE < 2.2.0 */
# define SM_CONF_GETOPT 0 /* need a replacement for getopt(3) */
# define HASUNAME 1 /* use System V uname(2) system call */
# define HASUNSETENV 1 /* has unsetenv(3) call */
# define ERRLIST_PREDEFINED /* don't declare sys_errlist */
# define GIDSET_T gid_t /* from <linux/types.h> */
+# define HAVE_NANOSLEEP 1 /* moved from librt to libc in S11 */
+# define SOCKADDR_LEN_T socklen_t /* arg#3 to accept, getsockname */
+# define SOCKOPT_LEN_T socklen_t /* arg#5 to getsockopt */
# ifndef HASGETUSERSHELL
# define HASGETUSERSHELL 0 /* getusershell(3) broken in Slackware 2.0 */
# endif
# ifndef IP_SRCROUTE
-# define IP_SRCROUTE 0 /* linux <= 1.2.8 doesn't support IP_OPTIONS */
+# if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,2,0))
+# define IP_SRCROUTE 1 /* can check IP source routing */
+# else
+# define IP_SRCROUTE 0 /* linux <= 1.2.8 doesn't support IP_OPTIONS */
+# endif
# endif
# ifndef HAS_IN_H
# define HAS_IN_H 1 /* use netinet/in.h */
@@ -1500,15 +1524,15 @@ extern void *malloc();
# define USE_SIGLONGJMP 1 /* sigsetjmp needed for signal handling */
# endif
# ifndef HASFLOCK
-# if LINUX_VERSION_CODE < 66399
+# if (LINUX_VERSION_CODE < KERNEL_VERSION(1,3,95))
# define HASFLOCK 0 /* flock(2) is broken after 0.99.13 */
-# else /* LINUX_VERSION_CODE < 66399 */
+# else /* (LINUX_VERSION_CODE < KERNEL_VERSION(1,3,95)) */
# if (LINUX_VERSION_CODE < KERNEL_VERSION(2,4,0))
# define HASFLOCK 1 /* flock(2) fixed after 1.3.95 */
# else
# define HASFLOCK 0 /* flock(2) is broken (again) after 2.4.0 */
# endif
-# endif /* LINUX_VERSION_CODE < 66399 */
+# endif /* (LINUX_VERSION_CODE < KERNEL_VERSION(1,3,95)) */
# endif /* ! HASFLOCK */
# ifndef LA_TYPE
# define LA_TYPE LA_PROCSTR
@@ -1522,6 +1546,7 @@ extern void *malloc();
# endif /* (LINUX_VERSION_CODE >= KERNEL_VERSION(2,0,0)) */
# if defined(__GLIBC__) && defined(__GLIBC_MINOR__)
# define HASSTRERROR 1 /* has strerror(3) */
+# define HASSNPRINTF 1 /* has snprintf */
# endif
# ifndef TZ_TYPE
# define TZ_TYPE TZ_NONE /* no standard for Linux */
@@ -1536,13 +1561,16 @@ extern void *malloc();
# undef atol /* wounded in <stdlib.h> */
# if defined(__GLIBC__) && defined(__GLIBC_MINOR__)
-# define GLIBC_VERSION ((__GLIBC__ << 9) + __GLIBC_MINOR__)
# if (GLIBC_VERSION >= 0x201)
# define SOCKADDR_LEN_T socklen_t
# define SOCKOPT_LEN_T socklen_t
# endif
# endif /* defined(__GLIBC__) && defined(__GLIBC_MINOR__) */
+# if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,2,0))
+# undef NETINET6
+# define NETINET6 1 /* IPv6 added in 2.2 and upper */
+# endif /* LINUX_VERSION_CODE >= 2.2.0 */
# if NETINET6
/*
** Linux doesn't have a good way to tell userland what interfaces are
@@ -1556,7 +1584,7 @@ extern void *malloc();
** Indirectly included from glibc's <feature.h>. IPv6 support is native
** in 2.1 and later, but the APIs appear before the functions.
*/
-# if defined(__GLIBC__) && defined(__GLIBC_MINOR__)
+# if defined(GLIBC_VERSION)
# if (GLIBC_VERSION >= 0x201)
# undef IPPROTO_ICMPV6 /* linux #defines, glibc enums */
# else
@@ -1567,7 +1595,7 @@ extern void *malloc();
# define NEEDSGETIPNODE 1
# endif
# undef GLIBC_VERSION
-# endif /* defined(__GLIBC__) && defined(__GLIBC_MINOR__) */
+# endif /* defined(GLIBC_VERSION) */
# endif /* NETINET6 */
# ifndef HASFCHOWN
# define HASFCHOWN 1 /* fchown(2) */
--- libmilter/Makefile.m4
+++ libmilter/Makefile.m4 2024-02-05 08:37:43.836410293 +0000
@@ -12,6 +12,8 @@ PREPENDDEF(`confINCDIRS', `-I${SMSRCDIR}
bldPRODUCT_START(`library', `libmilter')
define(`bldINSTALLABLE', `true')
define(`LIBMILTER_EXTRAS', `errstring.c strl.c')
+REPLACEDEF(`confCCOPTS', `-fPIE')
+APPENDDEF(`confCCOPTS', `-fPIC')
APPENDDEF(`confENVDEF', `-DNOT_SENDMAIL -Dsm_snprintf=snprintf')
define(`bldSOURCES', `main.c engine.c listener.c worker.c handler.c comm.c smfi.c signal.c sm_gethost.c monitor.c LIBMILTER_EXTRAS ')
define(`confBEFORE', `LIBMILTER_EXTRAS')
@@ -28,6 +30,32 @@ POPDIVERT
divert(bldTARGETS_SECTION)
+sm_libmilter_somajor = conf_libmilter_SOMAJOR
+sm_libmilter_soname = conf_libmilter_SONAME
+sm_libmilter_soversion = conf_libmilter_SOVERSION
+
+libmilter.a: libmilter.so.${sm_libmilter_soversion}
+libmilter.so.${sm_libmilter_soversion}: ${BEFORE} ${libmilterOBJS}
+ ${CC} -shared -pthread \
+ -o libmilter.so.${sm_libmilter_soversion} \
+ -fPIC ${CFLAGS} \
+ -Wl,-soname,${sm_libmilter_soname} \
+ $(filter-out -fpie,${LDFLAGS}) \
+ ${libmilterOBJS}
+ ${LN} ${LNOPTS} libmilter.so.${sm_libmilter_soversion} ${sm_libmilter_soname}
+ ${LN} ${LNOPTS} libmilter.so.${sm_libmilter_soversion} libmilter.so
+
+install-libmilter: install-libmilter-shared
+install-libmilter-shared: libmilter.so.${sm_libmilter_soversion}
+ ${INSTALL} -d ${DESTDIR}${LIBDIR}
+ ${INSTALL} -c -o ${LIBOWN} -g ${LIBGRP} -m ${LIBMODE} libmilter.so.${sm_libmilter_soversion} ${DESTDIR}${LIBDIR}
+ ${LN} ${LNOPTS} libmilter.so.${sm_libmilter_soversion} ${DESTDIR}${LIBDIR}/${sm_libmilter_soname}
+ ${LN} ${LNOPTS} libmilter.so.${sm_libmilter_soversion} ${DESTDIR}${LIBDIR}/libmilter.so
+
+libmilter-clean: libmilter-clean-shared
+libmilter-clean-shared:
+ rm -f libmilter.so libmilter.so.${sm_libmilter_soname} libmilter.so.${sm_libmilter_soversion}
+
# Install the API header files
MFAPI= ${SRCDIR}/inc`'lude/libmilter/mfapi.h
MFDEF= ${SRCDIR}/inc`'lude/libmilter/mfdef.h
--- libsm/Makefile.m4
+++ libsm/Makefile.m4 2024-02-05 08:37:43.836410293 +0000
@@ -4,8 +4,12 @@ include(confBUILDTOOLSDIR`/M4/switch.m4'
define(`confREQUIRE_LIBSM', `true')
define(`confREQUIRE_SM_OS_H', `true')
+REPLACEDEF(`confCCOPTS', `-fPIE')
+APPENDDEF(`confCCOPTS', `-fPIC')
PREPENDDEF(`confENVDEF', `confMAPDEF')
bldPRODUCT_START(`library', `libsm')
+define(`bldINSTALL_DIR', `')
+define(`bldINSTALLABLE', `true')
define(`bldSOURCES', ` assert.c debug.c errstring.c exc.c heap.c match.c rpool.c strdup.c strerror.c strl.c clrerr.c fclose.c feof.c ferror.c fflush.c fget.c fpos.c findfp.c flags.c fopen.c fprintf.c fpurge.c fput.c fread.c fscanf.c fseek.c fvwrite.c fwalk.c fwrite.c get.c makebuf.c put.c refill.c rewind.c setvbuf.c smstdio.c snprintf.c sscanf.c stdio.c strio.c ungetc.c vasprintf.c vfprintf.c vfscanf.c vprintf.c vsnprintf.c wbuf.c wsetup.c string.c stringf.c xtrap.c strto.c test.c strcasecmp.c strrevcmp.c signal.c clock.c config.c shm.c sem.c mbdb.c strexit.c cf.c ldap.c niprop.c mpeix.c memstat.c util.c inet6_ntop.c notify.c ilenx.c xleni.c utf8_valid.c uxtext_unquote.c lowercase.c strcaseeq.c ')
bldPRODUCT_END
dnl msg.c
--- libsm/inet6_ntop.c
+++ libsm/inet6_ntop.c 2024-02-05 08:37:43.836410293 +0000
@@ -11,8 +11,8 @@
#include <sm/gen.h>
SM_RCSID("@(#)$Id: inet6_ntop.c,v 1.2 2013-11-22 20:51:43 ca Exp $")
-#if NETINET6
# include <sm/conf.h>
+#if NETINET6
# include <sm/types.h>
# include <sm/io.h>
# include <sm/string.h>
--- libsmutil/Makefile.m4
+++ libsmutil/Makefile.m4 2024-02-05 08:37:43.836410293 +0000
@@ -6,8 +6,12 @@ define(`confREQUIRE_SM_OS_H', `true')
SMSRCDIR= ifdef(`confSMSRCDIR', `confSMSRCDIR', `${SRCDIR}/sendmail')
PREPENDDEF(`confENVDEF', `confMAPDEF')
PREPENDDEF(`confINCDIRS', `-I${SMSRCDIR} ')
+REPLACEDEF(`confCCOPTS', `-fPIE')
+APPENDDEF(`confCCOPTS', `-fPIC')
bldPRODUCT_START(`library', `libsmutil')
+define(`bldINSTALL_DIR', `')
+define(`bldINSTALLABLE', `true')
define(`bldSOURCES', `debug.c err.c lockfile.c safefile.c snprintf.c cf.c ')
APPENDDEF(`confENVDEF', `-DNOT_SENDMAIL')
bldPRODUCT_END
--- mail.local/Makefile.m4
+++ mail.local/Makefile.m4 2024-02-05 08:37:43.840410218 +0000
@@ -20,8 +20,12 @@ bldPRODUCT_START(`manpage', `mail.local'
define(`bldSOURCES', `mail.local.8')
bldPRODUCT_END
+MAILLOCAL=ifdef(`confFORCE_MAILLOCAL', `force-install', `defeat-install')
+
divert(bldTARGETS_SECTION)
-install:
+install: ${MAILLOCAL}
+
+defeat-install:
@echo "NOTE: This version of mail.local is not suited for some operating"
@echo " systems such as HP-UX and Solaris. Please consult the"
@echo " README file in the mail.local directory. You can force"
--- mailstats/mailstats.8
+++ mailstats/mailstats.8 2024-02-05 08:37:43.840410218 +0000
@@ -108,10 +108,13 @@ The default
.B sendmail
configuration file.
.TP
-/etc/mail/statistics
+/var/lib/sendmail/statistics
The default
.B sendmail
statistics file.
+.TP
+/etc/mail/statistics
+The symbolic link to the statistics file.
.PD
.SH SEE ALSO
mailq(1),
--- makemap/makemap.8
+++ makemap/makemap.8 2024-02-05 08:37:43.840410218 +0000
@@ -54,12 +54,6 @@ selected using the
parameter.
They may be
.TP
-dbm
-DBM format maps.
-This requires the
-ndbm(3)
-library.
-.TP
btree
B-Tree format maps.
This requires the new Berkeley DB
--- praliases/Makefile.m4
+++ praliases/Makefile.m4 2024-02-05 08:37:43.840410218 +0000
@@ -9,7 +9,8 @@ PREPENDDEF(`confENVDEF', `confMAPDEF')
PREPENDDEF(`confINCDIRS', `-I${SMSRCDIR} ')
bldPRODUCT_START(`executable', `praliases')
-define(`bldINSTALL_DIR', `S')
+define(`bldBIN_TYPE', `U')
+define(`bldINSTALL_DIR', `')
define(`bldSOURCES', `praliases.c ')
bldPUSH_SMLIB(`sm')
bldPUSH_SMLIB(`smutil')
--- rmail/rmail.c
+++ rmail/rmail.c 2024-02-05 08:37:43.840410218 +0000
@@ -276,7 +276,7 @@ main(argc, argv)
args[i++] = _PATH_SENDMAIL; /* Build sendmail's argument list. */
args[i++] = "-G"; /* relay submission */
args[i++] = "-oee"; /* No errors, just status. */
- args[i++] = "-odq"; /* Queue it, don't try to deliver. */
+ args[i++] = "-odi"; /* deliver in the foreground. */
args[i++] = "-oi"; /* Ignore '.' on a line by itself. */
/* set from system and protocol used */
--- sendmail/Makefile.m4
+++ sendmail/Makefile.m4 2024-02-05 08:37:43.840410218 +0000
@@ -49,13 +49,16 @@ ${DESTDIR}/etc/mail/submit.cf:
cd ${SRCDIR}/cf/cf && make install-submit-cf
MSPQ=ifdef(`confMSP_QUEUE_DIR', `confMSP_QUEUE_DIR', `/var/spool/clientmqueue')
+ID=`$(shell id -u)'
${DESTDIR}${MSPQ}:
@echo "Please read INSTALL if anything fails while installing the binary."
@echo "You must have set up a new user ${MSPQOWN} and a new group ${GBINGRP}"
@echo "as explained in sendmail/SECURITY."
mkdir -p ${DESTDIR}${MSPQ}
+ test ${ID} -ne 0 || \
chown ${MSPQOWN} ${DESTDIR}${MSPQ}
+ test ${ID} -ne 0 || \
chgrp ${GBINGRP} ${DESTDIR}${MSPQ}
chmod 0770 ${DESTDIR}${MSPQ}
--- sendmail/SECURITY
+++ sendmail/SECURITY 2024-02-05 08:37:43.840410218 +0000
@@ -49,14 +49,14 @@ The default configuration starting with
sendmail binary which acts differently based on operation mode and
supplied options.
-sendmail must be a set-group-ID (default group: smmsp, recommended
-gid: 25) program to allow for queueing mail in a group-writable
+sendmail must be a set-group-ID (default group: mail, recommended
+gid: 12) program to allow for queueing mail in a group-writable
directory. Two .cf files are required: sendmail.cf for the daemon
and submit.cf for the submission program. The following permissions
should be used:
--r-xr-sr-x root smmsp ... /PATH/TO/sendmail
-drwxrwx--- smmsp smmsp ... /var/spool/clientmqueue
+-r-xr-sr-x root mail ... /PATH/TO/sendmail
+drwxrwx--- mail mail ... /var/spool/clientmqueue
drwx------ root wheel ... /var/spool/mqueue
-r--r--r-- root wheel ... /etc/mail/sendmail.cf
-r--r--r-- root wheel ... /etc/mail/submit.cf
@@ -64,10 +64,10 @@ drwx------ root wheel ... /var/spool/m
[Notice: On some OS "wheel" is not used but "bin" or "root" instead,
however, this is not important here.]
-That is, the owner of sendmail is root, the group is smmsp, and
+That is, the owner of sendmail is root, the group is mail, and
the binary is set-group-ID. The client mail queue is owned by
-smmsp with group smmsp and is group writable. The client mail
-queue directory must be writable by smmsp, but it must not be
+mail with group mail and is group writable. The client mail
+queue directory must be writable by mail, but it must not be
accessible for others. That is, do not use world read or execute
permissions. In submit.cf the option UseMSP must be set, and
QueueFileMode must be set to 0660. submit.cf is available in
@@ -83,7 +83,7 @@ sendmail.cf. This selection can be chan
The daemon must be started by root as usual, e.g.,
-/PATH/TO/sendmail -L sm-mta -bd -q1h
+/PATH/TO/sendmail -L sendmail -bd -q1h
(replace /PATH/TO with the right path for your OS, e.g.,
/usr/sbin or /usr/lib).
@@ -102,14 +102,15 @@ which, however, may have undesired side
a discussion. In general it is necessary to clean the queue either
via a cronjob or by running a daemon, e.g.,
-/PATH/TO/sendmail -L sm-msp-queue -Ac -q30m
+/PATH/TO/sendmail -L sendmail-client -Ac -q30m
If the option UseMSP is not set, sendmail will complain during
queue runs about bogus file permission. If you want a queue runner
for the client queue, you probably have to change OS specific
scripts to accomplish this (check the man pages of your OS for more
information.) You can start this program as root, it will change
-its user id to RunAsUser (smmsp by default, recommended uid: 25).
+its user id to RunAsUser (mail by default, recommended uid is
+given back by the command: id -un mail).
This way smmsp does not need a valid shell.
@@ -121,7 +122,7 @@ This is a brief summary how the two conf
sendmail.cf For the MTA (mail transmission agent)
The MTA is started by root as daemon:
- /PATH/TO/sendmail -L sm-mta -bd -q1h
+ /PATH/TO/sendmail -L sendmail -bd -q1h
it accepts SMTP connections (on ports 25 and 587 by default);
it runs the main queue (/var/spool/mqueue by default).
@@ -132,20 +133,20 @@ submit.cf For the MSP (mail submission p
daemon; it uses /var/spool/clientmqueue by default; it
can be started to run that queue periodically:
- /PATH/TO/sendmail -L sm-msp-queue -Ac -q30m
+ /PATH/TO/sendmail -L sendmail-client -Ac -q30m
Hints and Troubleshooting
-------------------------
-RunAsUser: FEATURE(`msp') sets the option RunAsUser to smmsp.
-This user must have the group smmsp, i.e., the same group as the
+RunAsUser: FEATURE(`msp') sets the option RunAsUser to mail.
+This user must have the group mail, i.e., the same group as the
clientmqueue directory. If you specify a user whose primary group
is not the same as that of the clientmqueue directory, then you
should explicitly set the group, e.g.,
FEATURE(`msp')
- define(`confRUN_AS_USER', `mailmsp:smmsp')
+ define(`confRUN_AS_USER', `mailmsp:mail')
STARTTLS: If sendmail is compiled with STARTTLS support on a platform
that does not have HASURANDOMDEV defined, you either need to specify
--- sendmail/control.c
+++ sendmail/control.c 2024-02-05 08:37:43.840410218 +0000
@@ -136,7 +136,7 @@ opencontrolsocket()
}
}
- if (chmod(ControlSocketName, S_IRUSR|S_IWUSR) < 0)
+ if (chmod(ControlSocketName, S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP) < 0)
{
save_errno = errno;
closecontrolsocket(true);
--- sendmail/domain.c
+++ sendmail/domain.c 2024-02-05 08:37:43.840410218 +0000
@@ -1750,14 +1750,20 @@ cnameloop:
if (qtype == initial)
gotmx = false;
if (tTd(8, 5))
+# if NETINET6
sm_dprintf("dns_getcanonname: trying %s.%s (%s)\n",
host, dp,
-# if NETINET6
qtype == T_AAAA ? "AAAA" :
-# endif
qtype == T_A ? "A" :
qtype == T_MX ? "MX" :
"???");
+# else
+ sm_dprintf("dns_getcanonname: trying %s.%s (%s)\n",
+ host, dp,
+ qtype == T_A ? "A" :
+ qtype == T_MX ? "MX" :
+ "???");
+# endif /* NETINET6 */
errno = 0;
hp = (HEADER *) &answer;
ret = (*resqdomain)(host, dp, C_IN, qtype,
--- sendmail/readcf.c
+++ sendmail/readcf.c 2024-02-05 08:37:43.844410144 +0000
@@ -1906,15 +1906,19 @@ makemailer(line)
#endif
)
{
+#if NETUNIX
(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
"M%s: Warning: first argument in %s mailer must be %s\n",
m->m_name, m->m_mailer,
-#if NETUNIX
"TCP or FILE"
+ );
#else
+ (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
+ "M%s: Warning: first argument in %s mailer must be %s\n",
+ m->m_name, m->m_mailer,
"TCP"
-#endif
);
+#endif
}
if (m->m_mtatype == NULL)
m->m_mtatype = "dns";
--- sendmail/udb.c
+++ sendmail/udb.c 2024-02-05 08:37:43.844410144 +0000
@@ -1050,24 +1050,29 @@ _udbx_init(e)
# if DB_VERSION_MAJOR < 2
sm_dprintf("dbopen(%s): %s\n",
+ up->udb_dbname,
+ sm_errstring(errno));
# else /* DB_VERSION_MAJOR < 2 */
sm_dprintf("db_open(%s): %s\n",
-# endif /* DB_VERSION_MAJOR < 2 */
up->udb_dbname,
sm_errstring(errno));
+# endif /* DB_VERSION_MAJOR < 2 */
errno = save_errno;
}
if (errno != ENOENT && errno != EACCES)
{
if (LogLevel > 2)
- sm_syslog(LOG_ERR, e->e_id,
# if DB_VERSION_MAJOR < 2
+ sm_syslog(LOG_ERR, e->e_id,
"dbopen(%s): %s",
+ up->udb_dbname,
+ sm_errstring(errno));
# else /* DB_VERSION_MAJOR < 2 */
+ sm_syslog(LOG_ERR, e->e_id,
"db_open(%s): %s",
-# endif /* DB_VERSION_MAJOR < 2 */
up->udb_dbname,
sm_errstring(errno));
+# endif /* DB_VERSION_MAJOR < 2 */
up->udb_type = UDB_EOLIST;
if (up->udb_dbname != spec)
sm_free(up->udb_dbname); /* XXX */
@@ -1081,10 +1086,11 @@ _udbx_init(e)
{
# if DB_VERSION_MAJOR < 2
sm_dprintf("_udbx_init: dbopen(%s)\n",
+ up->udb_dbname);
# else /* DB_VERSION_MAJOR < 2 */
sm_dprintf("_udbx_init: db_open(%s)\n",
-# endif /* DB_VERSION_MAJOR < 2 */
up->udb_dbname);
+# endif /* DB_VERSION_MAJOR < 2 */
}
up->udb_type = UDB_DBFETCH;
up->udb_pid = CurrentPid;
--- smrsh/README
+++ smrsh/README 2024-02-05 08:37:43.844410144 +0000
@@ -6,7 +6,7 @@ Software Engineering Institute, Carnegie
intended as a supplement to the CERT advisory CA-93:16.sendmail.vulnerability,
and to the software, smrsh.c, written by Eric Allman.
-
+* Modified to reflect different paths. *
The smrsh(8) program is intended as a replacement for /bin/sh in the
program mailer definition of sendmail(8). This README file describes
@@ -56,15 +56,15 @@ These can be added to the devtools/Site/
global M4 macro confENVDEF or the smrsh specific M4 macro
conf_smrsh_ENVDEF.
-As root, install smrsh in /usr/libexec. Using the Build script:
+As root, install smrsh in /usr/lib/sendmail.d/bin/. Using the Build script:
host.domain# sh ./Build install
-For manual installation: install smrsh in the /usr/libexec
+For manual installation: install smrsh in the /usr/lib/sendmail.d/bin/
directory, with mode 511.
- host.domain# mv smrsh /usr/libexec
- host.domain# chmod 511 /usr/libexec/smrsh
+ host.domain# mv smrsh /usr/lib/sendmail.d/bin/
+ host.domain# chmod 511 /usr/lib/sendmail.d/bin/smrsh
@@ -79,14 +79,14 @@ to run. This list of allowable commands
See the man page for aliases(5) if you are unfamiliar with the format of
these specifications. Additionally, you should include in the list,
-popular commands such as /usr/ucb/vacation.
+popular commands such as /usr/bin/vacation.
You should NOT include interpreter programs such as sh(1), csh(1),
perl(1), uudecode(1) or the stream editor sed(1) in your list of
acceptable commands.
If your platform doesn't have a default SMRSH_CMDDIR setting, you will
-next need to create the directory /usr/adm/sm.bin and populate
+next need to create the directory /usr/lib/sendmail.d/bin/ and populate
it with the programs that your site feels are allowable for sendmail
to execute. This directory is explicitly specified in the source
code for smrsh, so changing this directory must be accompanied with
@@ -95,22 +95,22 @@ a change in smrsh.c.
You will have to be root to make these modifications.
-After creating the /usr/adm/sm.bin directory, either copy the programs
+After creating the /usr/lib/sendmail.d/bin/ directory, either copy the programs
to the directory, or establish links to the allowable programs from
-/usr/adm/sm.bin. Change the file permissions, so that these programs
+/usr/lib/sendmail.d/bin/. Change the file permissions, so that these programs
can not be modified by non-root users. If you use links, you should
ensure that the target programs are not modifiable.
To allow the popular vacation(1) program by creating a link in the
-/usr/adm/sm.bin directory, you should:
+/usr/lib/sendmail.d/bin/ directory, you should:
- host.domain# cd /usr/adm/sm.bin
- host.domain# ln -s /usr/ucb/vacation vacation
+ host.domain# cd /usr/lib/sendmail.d/bin/
+ host.domain# ln -s /usr/bin/vacation vacation
-After populating the /usr/adm/sm.bin directory, you can now configure
+After populating the /usr/lib/sendmail.d/bin/ directory, you can now configure
sendmail to use the restricted shell. Save the current sendmail.cf
file prior to modifying it, as a prudent precaution.
@@ -125,7 +125,7 @@ help to locate it.
In order to configure sendmail to use smrsh, you must modify the Mprog
definition in the sendmail.cf file, by replacing the /bin/sh specification
-with /usr/libexec/smrsh.
+with /usr/lib/sendmail.d/bin/smrsh.
As an example:
@@ -133,14 +133,14 @@ In most Sun Microsystems' sendmail.cf fi
Mprog, P=/bin/sh, F=lsDFMeuP, S=10, R=20, A=sh -c $u
which should be changed to:
-Mprog, P=/usr/libexec/smrsh, F=lsDFMeuP, S=10, R=20, A=sh -c $u
+Mprog, P=/usr/lib/sendmail.d/bin/smrsh, F=lsDFMeuP, S=10, R=20, A=sh -c $u
^^^^^^^^^^^^^^^^^^
A more generic line may be:
Mprog, P=/bin/sh, F=lsDFM, A=sh -c $u
and should be changed to;
-Mprog, P=/usr/libexec/smrsh, F=lsDFM, A=sh -c $u
+Mprog, P=/usr/lib/sendmail.d/bin/smrsh, F=lsDFM, A=sh -c $u
After modifying the Mprog definition in the sendmail.cf file, if a frozen
--- smrsh/smrsh.8
+++ smrsh/smrsh.8 2024-02-05 08:37:43.844410144 +0000
@@ -39,7 +39,7 @@ Briefly,
.I smrsh
limits programs to be in a single directory,
by default
-/usr/adm/sm.bin,
+/usr/lib/sendmail.d/bin/
allowing the system administrator to choose the set of acceptable commands,
and to the shell builtin commands ``exec'', ``exit'', and ``echo''.
It also rejects any commands with the characters
@@ -50,16 +50,18 @@ It allows ``||'' and ``&&'' to enable co
``"|exec /usr/local/bin/filter || exit 75"''
.PP
Initial pathnames on programs are stripped,
-so forwarding to ``/usr/ucb/vacation'',
+so forwarding to ``/usr/bin/vacation'',
``/usr/bin/vacation'',
``/home/server/mydir/bin/vacation'',
and
``vacation''
all actually forward to
-``/usr/adm/sm.bin/vacation''.
+`/usr/lib/sendmail.d/bin/vacation''.
.PP
System administrators should be conservative about populating
-the sm.bin directory.
+the
+/usr/lib/sendmail.d/bin/
+directory.
For example, a reasonable additions is
.IR vacation (1),
and the like.
@@ -68,10 +70,10 @@ never include any shell or shell-like pr
(such as
.IR perl (1))
in the
-sm.bin
+/usr/lib/sendmail.d/bin/
directory.
Note that this does not restrict the use of shell or perl scripts
-in the sm.bin directory (using the ``#!'' syntax);
+in the /usr/lib/sendmail.d/bin/ directory (using the ``#!'' syntax);
it simply disallows execution of arbitrary programs.
Also, including mail filtering programs such as
.IR procmail (1)
@@ -83,16 +85,11 @@ allows users to run arbitrary programs i
Compilation should be trivial on most systems.
You may need to use \-DSMRSH_PATH=\e"\fIpath\fP\e"
to adjust the default search path
-(defaults to ``/bin:/usr/bin:/usr/ucb'')
+(defaults to ``/bin:/usr/bin'')
and/or \-DSMRSH_CMDDIR=\e"\fIdir\fP\e"
to change the default program directory
-(defaults to ``/usr/adm/sm.bin'').
+(defaults to ``/usr/lib/sendmail.d/bin/'').
.SH FILES
-/usr/adm/sm.bin \- default directory for restricted programs on most OSs
-.PP
-/var/adm/sm.bin \- directory for restricted programs on HP UX and Solaris
-.PP
-/usr/libexec/sm.bin \- directory for restricted programs on FreeBSD (>= 3.3) and DragonFly BSD
-
+/usr/lib/sendmail.d/bin/ \- default directory for restricted programs on SuSE Linux
.SH SEE ALSO
sendmail(8)
--- vacation/vacation.c
+++ vacation/vacation.c 2024-02-05 08:37:43.844410144 +0000
@@ -774,6 +774,7 @@ junkmail(from)
{ "uucp", 4 },
{ "mailer-daemon", 13 },
{ "mailer", 6 },
+ { "bugzilla-daemon", 15 },
{ NULL, 0 }
};
@@ -782,6 +783,8 @@ junkmail(from)
{ "-request", 8 },
{ "-relay", 6 },
{ "-owner", 6 },
+ { "-activists", 10 },
+ { "-programmers", 12 },
{ NULL, 0 }
};
Reference in New Issue View Git Blame Copy Permalink