aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGregory Neil Shapiro <gshapiro@FreeBSD.org>2004-08-01 01:04:57 +0000
committerGregory Neil Shapiro <gshapiro@FreeBSD.org>2004-08-01 01:04:57 +0000
commite92d3f3ffe83a6ed7eaafac70da9cf4fafe13243 (patch)
treef6477ae85b00ee6d58b086b0d1d597dd9a403391
parent323f6dcb88194c5561fc9e314d5b98539ab3fe5a (diff)
downloadsrc-e92d3f3ffe83a6ed7eaafac70da9cf4fafe13243.tar.gz
src-e92d3f3ffe83a6ed7eaafac70da9cf4fafe13243.zip
Import sendmail 8.13.1
Notes
Notes: svn path=/vendor/sendmail/dist/; revision=132943
-rw-r--r--contrib/sendmail/CACerts302
-rw-r--r--contrib/sendmail/KNOWNBUGS2
-rw-r--r--contrib/sendmail/LICENSE4
-rw-r--r--contrib/sendmail/PGPKEYS2
-rw-r--r--contrib/sendmail/README2
-rw-r--r--contrib/sendmail/RELEASE_NOTES465
-rw-r--r--contrib/sendmail/cf/README424
-rw-r--r--contrib/sendmail/cf/cf/Makefile9
-rw-r--r--contrib/sendmail/cf/cf/knecht.mc94
-rw-r--r--contrib/sendmail/cf/cf/submit.cf104
-rw-r--r--contrib/sendmail/cf/cf/submit.mc2
-rw-r--r--contrib/sendmail/cf/feature/access_db.m49
-rw-r--r--contrib/sendmail/cf/feature/authinfo.m46
-rw-r--r--contrib/sendmail/cf/feature/bitdomain.m46
-rw-r--r--contrib/sendmail/cf/feature/conncontrol.m436
-rw-r--r--contrib/sendmail/cf/feature/dnsbl.m45
-rw-r--r--contrib/sendmail/cf/feature/domaintable.m46
-rw-r--r--contrib/sendmail/cf/feature/genericstable.m46
-rw-r--r--contrib/sendmail/cf/feature/greet_pause.m444
-rw-r--r--contrib/sendmail/cf/feature/ldap_routing.m413
-rw-r--r--contrib/sendmail/cf/feature/local_lmtp.m49
-rw-r--r--contrib/sendmail/cf/feature/local_procmail.m42
-rw-r--r--contrib/sendmail/cf/feature/mailertable.m46
-rw-r--r--contrib/sendmail/cf/feature/msp.m48
-rw-r--r--contrib/sendmail/cf/feature/mtamark.m433
-rw-r--r--contrib/sendmail/cf/feature/ratecontrol.m436
-rw-r--r--contrib/sendmail/cf/feature/use_client_ptr.m421
-rw-r--r--contrib/sendmail/cf/feature/uucpdomain.m46
-rw-r--r--contrib/sendmail/cf/feature/virtusertable.m46
-rw-r--r--contrib/sendmail/cf/m4/cfhead.m45
-rw-r--r--contrib/sendmail/cf/m4/proto.m4175
-rw-r--r--contrib/sendmail/cf/m4/version.m44
-rw-r--r--contrib/sendmail/cf/mailer/usenet.m42
-rw-r--r--contrib/sendmail/cf/ostype/unicos.m422
-rw-r--r--contrib/sendmail/cf/ostype/unicosmk.m422
-rw-r--r--contrib/sendmail/cf/ostype/unicosmp.m427
-rw-r--r--contrib/sendmail/cf/sendmail.schema73
-rwxr-xr-xcontrib/sendmail/contrib/buildvirtuser2
-rwxr-xr-xcontrib/sendmail/contrib/cidrexpand149
-rw-r--r--contrib/sendmail/contrib/qtool.815
-rwxr-xr-xcontrib/sendmail/contrib/qtool.pl3
-rwxr-xr-xcontrib/sendmail/contrib/socketmapClient.pl67
-rwxr-xr-xcontrib/sendmail/contrib/socketmapServer.pl98
-rw-r--r--contrib/sendmail/doc/op/Makefile3
-rw-r--r--contrib/sendmail/doc/op/README13
-rw-r--r--contrib/sendmail/doc/op/op.me666
-rw-r--r--contrib/sendmail/editmap/Makefile.m42
-rw-r--r--contrib/sendmail/editmap/editmap.86
-rw-r--r--contrib/sendmail/include/libmilter/mfapi.h88
-rw-r--r--contrib/sendmail/include/libmilter/mfdef.h35
-rw-r--r--contrib/sendmail/include/libmilter/milter.h6
-rw-r--r--contrib/sendmail/include/libsmdb/smdb.h2
-rw-r--r--contrib/sendmail/include/sendmail/mailstats.h10
-rw-r--r--contrib/sendmail/include/sendmail/sendmail.h3
-rw-r--r--contrib/sendmail/include/sm/bdb.h2
-rw-r--r--contrib/sendmail/include/sm/cdefs.h2
-rw-r--r--contrib/sendmail/include/sm/conf.h152
-rw-r--r--contrib/sendmail/include/sm/config.h44
-rw-r--r--contrib/sendmail/include/sm/debug.h28
-rw-r--r--contrib/sendmail/include/sm/errstring.h5
-rw-r--r--contrib/sendmail/include/sm/fdset.h2
-rw-r--r--contrib/sendmail/include/sm/gen.h7
-rw-r--r--contrib/sendmail/include/sm/io.h16
-rw-r--r--contrib/sendmail/include/sm/ldap.h40
-rw-r--r--contrib/sendmail/include/sm/os/sm_os_aix.h2
-rw-r--r--contrib/sendmail/include/sm/os/sm_os_unicos.h19
-rw-r--r--contrib/sendmail/include/sm/os/sm_os_unicosmk.h18
-rw-r--r--contrib/sendmail/include/sm/os/sm_os_unicosmp.h22
-rw-r--r--contrib/sendmail/include/sm/os/sm_os_unixware.h2
-rw-r--r--contrib/sendmail/include/sm/rpool.h8
-rw-r--r--contrib/sendmail/include/sm/shm.h2
-rw-r--r--contrib/sendmail/include/sm/string.h88
-rw-r--r--contrib/sendmail/include/sm/varargs.h2
-rw-r--r--contrib/sendmail/libmilter/Makefile.m42
-rw-r--r--contrib/sendmail/libmilter/README24
-rw-r--r--contrib/sendmail/libmilter/comm.c177
-rw-r--r--contrib/sendmail/libmilter/docs/api.html43
-rw-r--r--contrib/sendmail/libmilter/docs/design.html3
-rw-r--r--contrib/sendmail/libmilter/docs/index.html2
-rw-r--r--contrib/sendmail/libmilter/docs/installation.html3
-rw-r--r--contrib/sendmail/libmilter/docs/other.html3
-rw-r--r--contrib/sendmail/libmilter/docs/overview.html2
-rw-r--r--contrib/sendmail/libmilter/docs/sample.html16
-rw-r--r--contrib/sendmail/libmilter/docs/smfi_addheader.html5
-rw-r--r--contrib/sendmail/libmilter/docs/smfi_addrcpt.html3
-rw-r--r--contrib/sendmail/libmilter/docs/smfi_chgheader.html3
-rw-r--r--contrib/sendmail/libmilter/docs/smfi_delrcpt.html3
-rw-r--r--contrib/sendmail/libmilter/docs/smfi_getpriv.html3
-rw-r--r--contrib/sendmail/libmilter/docs/smfi_getsymval.html3
-rw-r--r--contrib/sendmail/libmilter/docs/smfi_insheader.html123
-rw-r--r--contrib/sendmail/libmilter/docs/smfi_main.html3
-rw-r--r--contrib/sendmail/libmilter/docs/smfi_opensocket.html78
-rw-r--r--contrib/sendmail/libmilter/docs/smfi_progress.html68
-rw-r--r--contrib/sendmail/libmilter/docs/smfi_quarantine.html73
-rw-r--r--contrib/sendmail/libmilter/docs/smfi_register.html3
-rw-r--r--contrib/sendmail/libmilter/docs/smfi_replacebody.html3
-rw-r--r--contrib/sendmail/libmilter/docs/smfi_setbacklog.html3
-rw-r--r--contrib/sendmail/libmilter/docs/smfi_setconn.html3
-rw-r--r--contrib/sendmail/libmilter/docs/smfi_setdbg.html67
-rw-r--r--contrib/sendmail/libmilter/docs/smfi_setmlreply.html147
-rw-r--r--contrib/sendmail/libmilter/docs/smfi_setpriv.html3
-rw-r--r--contrib/sendmail/libmilter/docs/smfi_setreply.html11
-rw-r--r--contrib/sendmail/libmilter/docs/smfi_settimeout.html3
-rw-r--r--contrib/sendmail/libmilter/docs/smfi_stop.html73
-rw-r--r--contrib/sendmail/libmilter/docs/xxfi_abort.html3
-rw-r--r--contrib/sendmail/libmilter/docs/xxfi_body.html3
-rw-r--r--contrib/sendmail/libmilter/docs/xxfi_close.html17
-rw-r--r--contrib/sendmail/libmilter/docs/xxfi_connect.html7
-rw-r--r--contrib/sendmail/libmilter/docs/xxfi_envfrom.html3
-rw-r--r--contrib/sendmail/libmilter/docs/xxfi_envrcpt.html3
-rw-r--r--contrib/sendmail/libmilter/docs/xxfi_eoh.html3
-rw-r--r--contrib/sendmail/libmilter/docs/xxfi_eom.html3
-rw-r--r--contrib/sendmail/libmilter/docs/xxfi_header.html3
-rw-r--r--contrib/sendmail/libmilter/docs/xxfi_helo.html3
-rw-r--r--contrib/sendmail/libmilter/engine.c128
-rw-r--r--contrib/sendmail/libmilter/handler.c2
-rw-r--r--contrib/sendmail/libmilter/libmilter.h8
-rw-r--r--contrib/sendmail/libmilter/listener.c59
-rw-r--r--contrib/sendmail/libmilter/main.c7
-rw-r--r--contrib/sendmail/libmilter/signal.c2
-rw-r--r--contrib/sendmail/libmilter/smfi.c130
-rw-r--r--contrib/sendmail/libsm/Makefile.m44
-rw-r--r--contrib/sendmail/libsm/README5
-rw-r--r--contrib/sendmail/libsm/assert.c2
-rw-r--r--contrib/sendmail/libsm/clock.c11
-rw-r--r--contrib/sendmail/libsm/config.c8
-rw-r--r--contrib/sendmail/libsm/debug.c27
-rw-r--r--contrib/sendmail/libsm/errstring.c75
-rw-r--r--contrib/sendmail/libsm/exc.c2
-rw-r--r--contrib/sendmail/libsm/flags.c4
-rw-r--r--contrib/sendmail/libsm/ldap.c191
-rw-r--r--contrib/sendmail/libsm/local.h2
-rw-r--r--contrib/sendmail/libsm/mbdb.c8
-rw-r--r--contrib/sendmail/libsm/refill.c2
-rw-r--r--contrib/sendmail/libsm/rpool.c32
-rw-r--r--contrib/sendmail/libsm/shm.c2
-rw-r--r--contrib/sendmail/libsm/smstdio.c4
-rw-r--r--contrib/sendmail/libsm/stdio.c4
-rw-r--r--contrib/sendmail/libsm/strdup.c98
-rw-r--r--contrib/sendmail/libsm/t-shm.c5
-rw-r--r--contrib/sendmail/libsm/vasprintf.c2
-rw-r--r--contrib/sendmail/libsmdb/Makefile.m42
-rw-r--r--contrib/sendmail/libsmdb/smdb2.c2
-rw-r--r--contrib/sendmail/libsmutil/Makefile.m42
-rw-r--r--contrib/sendmail/libsmutil/cf.c2
-rw-r--r--contrib/sendmail/libsmutil/lockfile.c3
-rw-r--r--contrib/sendmail/libsmutil/safefile.c32
-rw-r--r--contrib/sendmail/mail.local/Makefile.m42
-rw-r--r--contrib/sendmail/mail.local/README27
-rw-r--r--contrib/sendmail/mail.local/mail.local.829
-rw-r--r--contrib/sendmail/mail.local/mail.local.c186
-rw-r--r--contrib/sendmail/mailstats/Makefile.m42
-rw-r--r--contrib/sendmail/mailstats/mailstats.87
-rw-r--r--contrib/sendmail/mailstats/mailstats.c20
-rw-r--r--contrib/sendmail/makemap/Makefile.m42
-rw-r--r--contrib/sendmail/makemap/makemap.812
-rw-r--r--contrib/sendmail/makemap/makemap.c20
-rw-r--r--contrib/sendmail/praliases/Makefile.m42
-rw-r--r--contrib/sendmail/rmail/Makefile.m42
-rw-r--r--contrib/sendmail/smrsh/Makefile.m42
-rw-r--r--contrib/sendmail/smrsh/README2
-rw-r--r--contrib/sendmail/smrsh/smrsh.86
-rw-r--r--contrib/sendmail/smrsh/smrsh.c2
-rw-r--r--contrib/sendmail/src/Makefile.m44
-rw-r--r--contrib/sendmail/src/README43
-rw-r--r--contrib/sendmail/src/SECURITY2
-rw-r--r--contrib/sendmail/src/TRACEFLAGS16
-rw-r--r--contrib/sendmail/src/TUNING2
-rw-r--r--contrib/sendmail/src/alias.c4
-rw-r--r--contrib/sendmail/src/aliases.515
-rw-r--r--contrib/sendmail/src/bf.c7
-rw-r--r--contrib/sendmail/src/collect.c31
-rw-r--r--contrib/sendmail/src/conf.c276
-rw-r--r--contrib/sendmail/src/conf.h12
-rw-r--r--contrib/sendmail/src/control.c2
-rw-r--r--contrib/sendmail/src/daemon.c120
-rw-r--r--contrib/sendmail/src/deliver.c209
-rw-r--r--contrib/sendmail/src/domain.c108
-rw-r--r--contrib/sendmail/src/envelope.c40
-rw-r--r--contrib/sendmail/src/err.c6
-rw-r--r--contrib/sendmail/src/headers.c206
-rw-r--r--contrib/sendmail/src/macro.c18
-rw-r--r--contrib/sendmail/src/mailq.118
-rw-r--r--contrib/sendmail/src/main.c191
-rw-r--r--contrib/sendmail/src/map.c1189
-rw-r--r--contrib/sendmail/src/mci.c16
-rw-r--r--contrib/sendmail/src/milter.c403
-rw-r--r--contrib/sendmail/src/mime.c12
-rw-r--r--contrib/sendmail/src/parseaddr.c178
-rw-r--r--contrib/sendmail/src/queue.c375
-rw-r--r--contrib/sendmail/src/ratectrl.c534
-rw-r--r--contrib/sendmail/src/readcf.c231
-rw-r--r--contrib/sendmail/src/recipient.c45
-rw-r--r--contrib/sendmail/src/sasl.c4
-rw-r--r--contrib/sendmail/src/savemail.c15
-rw-r--r--contrib/sendmail/src/sendmail.822
-rw-r--r--contrib/sendmail/src/sendmail.h232
-rw-r--r--contrib/sendmail/src/sfsasl.c16
-rw-r--r--contrib/sendmail/src/sm_resolve.c2
-rw-r--r--contrib/sendmail/src/srvrsmtp.c620
-rw-r--r--contrib/sendmail/src/stab.c8
-rw-r--r--contrib/sendmail/src/stats.c6
-rw-r--r--contrib/sendmail/src/sysexits.c2
-rw-r--r--contrib/sendmail/src/tls.c142
-rw-r--r--contrib/sendmail/src/trace.c2
-rw-r--r--contrib/sendmail/src/udb.c10
-rw-r--r--contrib/sendmail/src/usersmtp.c63
-rw-r--r--contrib/sendmail/src/util.c221
-rw-r--r--contrib/sendmail/src/version.c4
-rw-r--r--contrib/sendmail/test/Makefile.m42
-rw-r--r--contrib/sendmail/vacation/Makefile.m42
-rw-r--r--contrib/sendmail/vacation/vacation.121
-rw-r--r--contrib/sendmail/vacation/vacation.c21
213 files changed, 8573 insertions, 2976 deletions
diff --git a/contrib/sendmail/CACerts b/contrib/sendmail/CACerts
new file mode 100644
index 000000000000..c708677e902e
--- /dev/null
+++ b/contrib/sendmail/CACerts
@@ -0,0 +1,302 @@
+# $Id: CACerts,v 8.1 2004/03/01 22:05:47 ca Exp $
+# This file contains some CA certificates that are used to sign the
+# certificates of mail servers of members of the sendmail consortium
+# who may reply to questions etc sent to sendmail.org.
+# It is useful to allow connections from those MTAs that can present
+# a certificate signed by one of these CA certificates.
+#
+
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 0 (0x0)
+ Signature Algorithm: md5WithRSAEncryption
+ Issuer: C=US, ST=California, L=Berkeley, O=Sendmail Consortium, CN=Certificate Authority/emailAddress=certificates@sendmail.org
+ Validity
+ Not Before: Feb 1 21:51:47 2003 GMT
+ Not After : Jan 31 21:51:47 2008 GMT
+ Subject: C=US, ST=California, L=Berkeley, O=Sendmail Consortium, CN=Certificate Authority/emailAddress=certificates@sendmail.org
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:9a:fb:dc:4c:a3:58:21:1b:84:78:0a:53:56:b3:
+ 8d:84:05:b7:db:dd:d7:81:ea:dd:c1:ab:d4:be:d9:
+ 2b:12:e0:6d:3a:31:d5:f0:7b:13:fc:d8:da:09:0b:
+ 71:11:8e:b9:48:c4:ab:ae:f5:9c:4c:e2:04:27:8e:
+ c8:03:3a:aa:00:8b:46:f2:79:09:ae:65:b2:9a:66:
+ e7:ac:a9:ea:32:f7:4a:4e:fd:da:41:48:34:5a:9d:
+ b0:42:ea:55:40:17:27:5e:67:9e:e5:ce:dc:84:6d:
+ 1d:48:37:23:11:68:9d:a8:d4:58:02:05:ea:88:35:
+ bd:0d:b6:28:d5:cd:d4:d8:95
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ DE:CD:6E:B8:89:34:06:3D:E9:CD:A7:FE:45:4F:4E:FB:E1:8D:E7:79
+ X509v3 Authority Key Identifier:
+ keyid:DE:CD:6E:B8:89:34:06:3D:E9:CD:A7:FE:45:4F:4E:FB:E1:8D:E7:79
+ DirName:/C=US/ST=California/L=Berkeley/O=Sendmail Consortium/CN=Certificate Authority/emailAddress=certificates@sendmail.org
+ serial:00
+
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Signature Algorithm: md5WithRSAEncryption
+ 66:92:b9:57:17:3b:6a:0e:72:b1:85:29:53:9f:11:68:a0:0d:
+ 79:43:d0:7c:48:73:b9:71:09:50:08:02:03:0b:28:0c:33:9a:
+ 00:ac:94:69:4f:bc:0f:45:6b:f5:3a:ca:6a:87:a1:7f:28:f7:
+ 9a:c4:b6:b0:f3:dc:a3:eb:42:95:9f:99:19:f8:b8:84:6d:f1:
+ 1d:bc:9f:f0:a0:cc:60:2d:00:6b:17:55:33:16:85:d1:73:e1:
+ 00:59:89:33:19:c4:2e:29:5a:39:a7:0e:e7:9b:d2:4c:c7:b9:
+ 7d:6a:3e:b4:00:83:86:d3:16:28:fd:ad:55:65:60:4e:14:02:
+ 46:d3
+-----BEGIN CERTIFICATE-----
+MIIDsDCCAxmgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBnTELMAkGA1UEBhMCVVMx
+EzARBgNVBAgTCkNhbGlmb3JuaWExETAPBgNVBAcTCEJlcmtlbGV5MRwwGgYDVQQK
+ExNTZW5kbWFpbCBDb25zb3J0aXVtMR4wHAYDVQQDExVDZXJ0aWZpY2F0ZSBBdXRo
+b3JpdHkxKDAmBgkqhkiG9w0BCQEWGWNlcnRpZmljYXRlc0BzZW5kbWFpbC5vcmcw
+HhcNMDMwMjAxMjE1MTQ3WhcNMDgwMTMxMjE1MTQ3WjCBnTELMAkGA1UEBhMCVVMx
+EzARBgNVBAgTCkNhbGlmb3JuaWExETAPBgNVBAcTCEJlcmtlbGV5MRwwGgYDVQQK
+ExNTZW5kbWFpbCBDb25zb3J0aXVtMR4wHAYDVQQDExVDZXJ0aWZpY2F0ZSBBdXRo
+b3JpdHkxKDAmBgkqhkiG9w0BCQEWGWNlcnRpZmljYXRlc0BzZW5kbWFpbC5vcmcw
+gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJr73EyjWCEbhHgKU1azjYQFt9vd
+14Hq3cGr1L7ZKxLgbTox1fB7E/zY2gkLcRGOuUjEq671nEziBCeOyAM6qgCLRvJ5
+Ca5lsppm56yp6jL3Sk792kFINFqdsELqVUAXJ15nnuXO3IRtHUg3IxFonajUWAIF
+6og1vQ22KNXN1NiVAgMBAAGjgf0wgfowHQYDVR0OBBYEFN7NbriJNAY96c2n/kVP
+Tvvhjed5MIHKBgNVHSMEgcIwgb+AFN7NbriJNAY96c2n/kVPTvvhjed5oYGjpIGg
+MIGdMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMI
+QmVya2VsZXkxHDAaBgNVBAoTE1NlbmRtYWlsIENvbnNvcnRpdW0xHjAcBgNVBAMT
+FUNlcnRpZmljYXRlIEF1dGhvcml0eTEoMCYGCSqGSIb3DQEJARYZY2VydGlmaWNh
+dGVzQHNlbmRtYWlsLm9yZ4IBADAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBAUA
+A4GBAGaSuVcXO2oOcrGFKVOfEWigDXlD0HxIc7lxCVAIAgMLKAwzmgCslGlPvA9F
+a/U6ymqHoX8o95rEtrDz3KPrQpWfmRn4uIRt8R28n/CgzGAtAGsXVTMWhdFz4QBZ
+iTMZxC4pWjmnDueb0kzHuX1qPrQAg4bTFij9rVVlYE4UAkbT
+-----END CERTIFICATE-----
+
+
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 0 (0x0)
+ Signature Algorithm: md5WithRSAEncryption
+ Issuer: C=US, ST=California, L=Emeryville, O=gshapiro.net, CN=Certificate Authority/emailAddress=certificates@gshapiro.net
+ Validity
+ Not Before: Jan 1 04:39:54 2002 GMT
+ Not After : Dec 31 04:39:54 2006 GMT
+ Subject: C=US, ST=California, L=Emeryville, O=gshapiro.net, CN=Certificate Authority/emailAddress=certificates@gshapiro.net
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:aa:dd:a2:fe:3b:fa:2f:5c:3d:f1:e1:d4:1d:55:
+ 04:27:6b:01:62:00:d7:02:cb:74:47:69:84:d7:c6:
+ c5:71:55:79:35:3a:a8:ce:de:48:23:53:80:3c:cd:
+ 54:2e:e9:fe:b1:76:5a:be:cb:fd:2d:dc:a3:36:c5:
+ c7:1e:4e:ef:76:f0:55:8f:a0:a5:f8:07:c5:52:1d:
+ a2:42:81:4d:8a:c8:42:3f:f3:01:80:f9:46:35:a6:
+ bc:c0:9b:9f:33:8b:49:9b:1d:87:8f:19:48:15:21:
+ 23:57:df:6e:4d:03:ed:ae:9f:0b:91:b7:a9:47:66:
+ f1:0d:1b:1c:5d:b4:57:60:c7
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ A0:6D:E0:06:AF:61:94:B4:C6:84:15:B4:8B:74:22:67:4A:43:60:CA
+ X509v3 Authority Key Identifier:
+ keyid:A0:6D:E0:06:AF:61:94:B4:C6:84:15:B4:8B:74:22:67:4A:43:60:CA
+ DirName:/C=US/ST=California/L=Emeryville/O=gshapiro.net/CN=Certificate Authority/emailAddress=certificates@gshapiro.net
+ serial:00
+
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Signature Algorithm: md5WithRSAEncryption
+ 87:27:d2:2a:3a:dc:04:cd:ef:e8:7b:1c:34:47:2e:13:34:a5:
+ 08:f9:4d:df:d8:e1:6d:e6:9a:db:38:ee:20:6d:4a:ae:6f:1e:
+ bc:71:61:a4:b4:d6:40:24:ee:65:ca:e9:81:5a:ef:ee:62:57:
+ 70:05:46:91:6b:d0:c6:a6:e9:38:65:ae:ea:50:b3:5c:27:c4:
+ 7a:bd:95:8c:cb:45:ef:fc:fc:99:e5:6a:61:c3:44:77:d8:1f:
+ d6:b4:17:44:15:9a:bc:26:5b:ec:4e:29:5d:fd:cf:61:f3:be:
+ 91:a4:3b:51:e6:73:5b:17:82:9d:5a:56:2c:63:c2:f1:d6:a2:
+ 4c:5a
+-----BEGIN CERTIFICATE-----
+MIIDoTCCAwqgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBmDELMAkGA1UEBhMCVVMx
+EzARBgNVBAgTCkNhbGlmb3JuaWExEzARBgNVBAcTCkVtZXJ5dmlsbGUxFTATBgNV
+BAoTDGdzaGFwaXJvLm5ldDEeMBwGA1UEAxMVQ2VydGlmaWNhdGUgQXV0aG9yaXR5
+MSgwJgYJKoZIhvcNAQkBFhljZXJ0aWZpY2F0ZXNAZ3NoYXBpcm8ubmV0MB4XDTAy
+MDEwMTA0Mzk1NFoXDTA2MTIzMTA0Mzk1NFowgZgxCzAJBgNVBAYTAlVTMRMwEQYD
+VQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpFbWVyeXZpbGxlMRUwEwYDVQQKEwxn
+c2hhcGlyby5uZXQxHjAcBgNVBAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTEoMCYG
+CSqGSIb3DQEJARYZY2VydGlmaWNhdGVzQGdzaGFwaXJvLm5ldDCBnzANBgkqhkiG
+9w0BAQEFAAOBjQAwgYkCgYEAqt2i/jv6L1w98eHUHVUEJ2sBYgDXAst0R2mE18bF
+cVV5NTqozt5II1OAPM1ULun+sXZavsv9LdyjNsXHHk7vdvBVj6Cl+AfFUh2iQoFN
+ishCP/MBgPlGNaa8wJufM4tJmx2HjxlIFSEjV99uTQPtrp8LkbepR2bxDRscXbRX
+YMcCAwEAAaOB+DCB9TAdBgNVHQ4EFgQUoG3gBq9hlLTGhBW0i3QiZ0pDYMowgcUG
+A1UdIwSBvTCBuoAUoG3gBq9hlLTGhBW0i3QiZ0pDYMqhgZ6kgZswgZgxCzAJBgNV
+BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpFbWVyeXZpbGxl
+MRUwEwYDVQQKEwxnc2hhcGlyby5uZXQxHjAcBgNVBAMTFUNlcnRpZmljYXRlIEF1
+dGhvcml0eTEoMCYGCSqGSIb3DQEJARYZY2VydGlmaWNhdGVzQGdzaGFwaXJvLm5l
+dIIBADAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBAUAA4GBAIcn0io63ATN7+h7
+HDRHLhM0pQj5Td/Y4W3mmts47iBtSq5vHrxxYaS01kAk7mXK6YFa7+5iV3AFRpFr
+0Mam6ThlrupQs1wnxHq9lYzLRe/8/JnlamHDRHfYH9a0F0QVmrwmW+xOKV39z2Hz
+vpGkO1Hmc1sXgp1aVixjwvHWokxa
+-----END CERTIFICATE-----
+
+
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 0 (0x0)
+ Signature Algorithm: md5WithRSAEncryption
+ Issuer: C=US, ST=Illinois, L=De Kalb, O=Northern Illinois University, OU=Computer Science, CN=Neil Rickert/emailAddress=rickert@cs.niu.edu
+ Validity
+ Not Before: May 12 00:40:50 2000 GMT
+ Not After : May 20 00:40:50 2010 GMT
+ Subject: C=US, ST=Illinois, L=De Kalb, O=Northern Illinois University, OU=Computer Science, CN=Neil Rickert/emailAddress=rickert@cs.niu.edu
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:b1:1b:49:06:ef:3f:44:e0:93:ad:8c:a7:f7:21:
+ 7c:87:cb:da:35:f6:4b:a2:fd:8a:a0:07:5b:cc:6a:
+ 9b:89:33:fc:24:f5:b1:24:59:5a:25:50:fd:16:d7:
+ d4:bc:c7:04:1d:df:90:9b:5e:c3:a8:e9:8b:7d:a3:
+ 5d:9a:e9:7f:e5:2b:ea:15:a7:ad:ba:58:26:0a:11:
+ 49:4f:da:9a:67:7f:b0:a6:66:f4:27:b6:61:4e:3c:
+ c8:3e:a0:2f:6a:b4:0e:15:d6:39:f8:92:60:85:df:
+ a6:34:f3:fa:a4:a5:e4:47:49:e7:87:a4:a5:5c:8e:
+ 6a:2f:13:76:5f:29:f3:64:73
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ B6:31:78:BB:7E:AA:4D:A1:5D:FD:A2:24:18:C6:90:5A:2D:2F:19:48
+ X509v3 Authority Key Identifier:
+ keyid:B6:31:78:BB:7E:AA:4D:A1:5D:FD:A2:24:18:C6:90:5A:2D:2F:19:48
+ DirName:/C=US/ST=Illinois/L=De Kalb/O=Northern Illinois University/OU=Computer Science/CN=Neil Rickert/emailAddress=rickert@cs.niu.edu
+ serial:00
+
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Signature Algorithm: md5WithRSAEncryption
+ 60:69:23:65:97:51:5c:06:a4:42:cb:00:e7:9a:dc:39:70:c3:
+ d3:5d:bf:0f:e0:04:54:4d:d9:dc:12:57:12:6c:67:fd:5b:b0:
+ 39:63:ea:c4:12:65:51:bb:3d:f1:f7:25:b4:cd:0b:f6:5b:7a:
+ 61:25:ad:06:0a:01:55:dc:71:05:29:0d:73:e9:30:51:be:d3:
+ e1:b2:89:fc:0f:28:f7:06:75:96:1b:34:75:e0:07:e5:3b:b3:
+ 0b:28:24:e5:79:ea:55:39:e7:d2:ee:ec:63:b4:e4:c6:ee:cb:
+ 15:d0:c8:eb:3b:4f:36:10:a4:6a:c0:6b:03:e8:29:72:c7:a7:
+ 10:00
+-----BEGIN CERTIFICATE-----
+MIID5TCCA06gAwIBAgIBADANBgkqhkiG9w0BAQQFADCBrjELMAkGA1UEBhMCVVMx
+ETAPBgNVBAgTCElsbGlub2lzMRAwDgYDVQQHEwdEZSBLYWxiMSUwIwYDVQQKExxO
+b3J0aGVybiBJbGxpbm9pcyBVbml2ZXJzaXR5MRkwFwYDVQQLExBDb21wdXRlciBT
+Y2llbmNlMRUwEwYDVQQDEwxOZWlsIFJpY2tlcnQxITAfBgkqhkiG9w0BCQEWEnJp
+Y2tlcnRAY3Mubml1LmVkdTAeFw0wMDA1MTIwMDQwNTBaFw0xMDA1MjAwMDQwNTBa
+MIGuMQswCQYDVQQGEwJVUzERMA8GA1UECBMISWxsaW5vaXMxEDAOBgNVBAcTB0Rl
+IEthbGIxJTAjBgNVBAoTHE5vcnRoZXJuIElsbGlub2lzIFVuaXZlcnNpdHkxGTAX
+BgNVBAsTEENvbXB1dGVyIFNjaWVuY2UxFTATBgNVBAMTDE5laWwgUmlja2VydDEh
+MB8GCSqGSIb3DQEJARYScmlja2VydEBjcy5uaXUuZWR1MIGfMA0GCSqGSIb3DQEB
+AQUAA4GNADCBiQKBgQCxG0kG7z9E4JOtjKf3IXyHy9o19kui/YqgB1vMapuJM/wk
+9bEkWVolUP0W19S8xwQd35CbXsOo6Yt9o12a6X/lK+oVp626WCYKEUlP2ppnf7Cm
+ZvQntmFOPMg+oC9qtA4V1jn4kmCF36Y08/qkpeRHSeeHpKVcjmovE3ZfKfNkcwID
+AQABo4IBDzCCAQswHQYDVR0OBBYEFLYxeLt+qk2hXf2iJBjGkFotLxlIMIHbBgNV
+HSMEgdMwgdCAFLYxeLt+qk2hXf2iJBjGkFotLxlIoYG0pIGxMIGuMQswCQYDVQQG
+EwJVUzERMA8GA1UECBMISWxsaW5vaXMxEDAOBgNVBAcTB0RlIEthbGIxJTAjBgNV
+BAoTHE5vcnRoZXJuIElsbGlub2lzIFVuaXZlcnNpdHkxGTAXBgNVBAsTEENvbXB1
+dGVyIFNjaWVuY2UxFTATBgNVBAMTDE5laWwgUmlja2VydDEhMB8GCSqGSIb3DQEJ
+ARYScmlja2VydEBjcy5uaXUuZWR1ggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcN
+AQEEBQADgYEAYGkjZZdRXAakQssA55rcOXDD012/D+AEVE3Z3BJXEmxn/VuwOWPq
+xBJlUbs98fcltM0L9lt6YSWtBgoBVdxxBSkNc+kwUb7T4bKJ/A8o9wZ1lhs0deAH
+5TuzCygk5XnqVTnn0u7sY7Tkxu7LFdDI6ztPNhCkasBrA+gpcsenEAA=
+-----END CERTIFICATE-----
+
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 0 (0x0)
+ Signature Algorithm: md5WithRSAEncryption
+ Issuer: C=US, ST=California, L=Berkeley, O=Endmail Org, OU=MTA, CN=Claus Assmann CA RSA 2003/emailAddress=ca+ca-rsa2003@esmtp.org
+ Validity
+ Not Before: Aug 7 15:56:45 2003 GMT
+ Not After : Aug 6 15:56:45 2006 GMT
+ Subject: C=US, ST=California, L=Berkeley, O=Endmail Org, OU=MTA, CN=Claus Assmann CA RSA 2003/emailAddress=ca+ca-rsa2003@esmtp.org
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (2048 bit)
+ Modulus (2048 bit):
+ 00:aa:37:0f:09:a9:1c:e3:1a:0c:fe:bd:6c:37:a4:
+ cf:87:db:af:6b:b4:19:d4:11:db:c6:56:ca:39:80:
+ c6:a4:38:b0:bc:ac:7e:be:71:30:86:2c:dc:fa:b5:
+ fd:58:23:a0:c1:ad:11:53:85:ca:fb:e6:d8:7e:28:
+ eb:84:3b:cd:a3:fa:28:a5:cb:c7:b2:54:99:3e:40:
+ 2a:27:43:4b:0c:26:4b:af:97:3d:92:82:d9:eb:2c:
+ 7f:77:fd:b8:cd:7e:1e:04:81:17:3c:e2:44:68:ce:
+ 88:66:02:90:24:35:24:c4:4c:ad:77:04:1a:3a:d5:
+ 59:28:28:03:da:03:9d:f4:2e:52:6e:b5:36:96:4b:
+ 14:f8:fc:8e:c6:d3:9b:e2:80:90:8b:71:d7:d0:5c:
+ 43:b2:49:f1:5a:26:f3:5d:9e:3b:01:98:db:e3:ed:
+ 5e:8d:dd:cf:aa:68:9d:0b:c9:e2:4e:fc:16:44:72:
+ 93:07:62:18:05:c1:47:81:3c:3d:e4:e4:22:da:2c:
+ d6:4a:44:52:06:7a:83:b5:e9:52:38:97:2f:75:a6:
+ 5c:6f:87:8a:8d:83:f4:d0:04:a5:34:18:5e:a1:06:
+ 16:b3:54:ce:64:47:ca:70:56:a3:6f:b9:7f:af:91:
+ 76:78:70:b4:ab:ae:8e:d5:22:26:57:b1:ba:e7:4b:
+ 18:21
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 3A:12:03:DB:0F:9E:28:45:A6:34:8D:38:AB:BA:47:8C:2A:A0:E4:2E
+ X509v3 Authority Key Identifier:
+ keyid:3A:12:03:DB:0F:9E:28:45:A6:34:8D:38:AB:BA:47:8C:2A:A0:E4:2E
+ DirName:/C=US/ST=California/L=Berkeley/O=Endmail Org/OU=MTA/CN=Claus Assmann CA RSA 2003/emailAddress=ca+ca-rsa2003@esmtp.org
+ serial:00
+
+ X509v3 Basic Constraints:
+ CA:TRUE
+ X509v3 Subject Alternative Name:
+ email:ca+ca-rsa2003@esmtp.org
+ X509v3 Issuer Alternative Name:
+ email:ca+ca-rsa2003@esmtp.org
+ Signature Algorithm: md5WithRSAEncryption
+ 96:83:b6:54:93:df:38:d0:48:a7:a1:c8:08:c9:0f:e9:80:05:
+ e3:7e:c3:61:51:88:7b:7a:bb:24:b0:69:a3:22:e4:98:38:da:
+ c8:c3:eb:52:70:63:e2:66:f2:59:ef:56:be:aa:7c:87:6e:94:
+ 85:d4:71:ba:35:f7:ee:d0:6e:52:1d:1f:e4:fd:2f:e2:70:31:
+ 5d:b7:8b:13:cc:70:10:21:fa:34:29:8f:8d:d8:4a:c7:0f:b2:
+ 36:e7:1e:1e:46:d1:11:84:80:7c:bb:24:c4:63:be:2a:24:53:
+ 74:0c:89:e0:6a:f4:08:63:bf:54:d3:0a:d9:fc:fe:6c:de:4f:
+ 97:61:08:a0:10:92:eb:af:06:ec:50:86:c4:cc:6b:31:32:60:
+ 25:7a:09:47:f8:42:7a:a2:d5:90:fa:48:be:bf:0a:e1:03:b8:
+ 56:24:b9:12:e9:ba:09:30:47:be:a5:8e:a2:92:a4:dc:a6:a7:
+ c6:29:39:65:6e:64:4a:1b:b2:c3:07:29:f5:c0:7e:78:e0:22:
+ 9b:98:d4:87:91:ca:e1:66:9d:2f:70:f1:4c:a5:8e:2e:68:52:
+ b3:bd:95:76:56:40:0e:46:47:e4:b3:ec:aa:3c:e8:86:96:5a:
+ ed:fa:c9:10:95:53:04:13:71:01:91:ce:cd:3a:51:c6:30:e9:
+ 48:49:64:a3
+-----BEGIN CERTIFICATE-----
+MIIFFzCCA/+gAwIBAgIBADANBgkqhkiG9w0BAQQFADCBpTELMAkGA1UEBhMCVVMx
+EzARBgNVBAgTCkNhbGlmb3JuaWExETAPBgNVBAcTCEJlcmtlbGV5MRQwEgYDVQQK
+EwtFbmRtYWlsIE9yZzEMMAoGA1UECxMDTVRBMSIwIAYDVQQDExlDbGF1cyBBc3Nt
+YW5uIENBIFJTQSAyMDAzMSYwJAYJKoZIhvcNAQkBFhdjYStjYS1yc2EyMDAzQGVz
+bXRwLm9yZzAeFw0wMzA4MDcxNTU2NDVaFw0wNjA4MDYxNTU2NDVaMIGlMQswCQYD
+VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIQmVya2VsZXkx
+FDASBgNVBAoTC0VuZG1haWwgT3JnMQwwCgYDVQQLEwNNVEExIjAgBgNVBAMTGUNs
+YXVzIEFzc21hbm4gQ0EgUlNBIDIwMDMxJjAkBgkqhkiG9w0BCQEWF2NhK2NhLXJz
+YTIwMDNAZXNtdHAub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+qjcPCakc4xoM/r1sN6TPh9uva7QZ1BHbxlbKOYDGpDiwvKx+vnEwhizc+rX9WCOg
+wa0RU4XK++bYfijrhDvNo/oopcvHslSZPkAqJ0NLDCZLr5c9koLZ6yx/d/24zX4e
+BIEXPOJEaM6IZgKQJDUkxEytdwQaOtVZKCgD2gOd9C5SbrU2lksU+PyOxtOb4oCQ
+i3HX0FxDsknxWibzXZ47AZjb4+1ejd3PqmidC8niTvwWRHKTB2IYBcFHgTw95OQi
+2izWSkRSBnqDtelSOJcvdaZcb4eKjYP00ASlNBheoQYWs1TOZEfKcFajb7l/r5F2
+eHC0q66O1SImV7G650sYIQIDAQABo4IBTjCCAUowHQYDVR0OBBYEFDoSA9sPnihF
+pjSNOKu6R4wqoOQuMIHSBgNVHSMEgcowgceAFDoSA9sPnihFpjSNOKu6R4wqoOQu
+oYGrpIGoMIGlMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8G
+A1UEBxMIQmVya2VsZXkxFDASBgNVBAoTC0VuZG1haWwgT3JnMQwwCgYDVQQLEwNN
+VEExIjAgBgNVBAMTGUNsYXVzIEFzc21hbm4gQ0EgUlNBIDIwMDMxJjAkBgkqhkiG
+9w0BCQEWF2NhK2NhLXJzYTIwMDNAZXNtdHAub3JnggEAMAwGA1UdEwQFMAMBAf8w
+IgYDVR0RBBswGYEXY2ErY2EtcnNhMjAwM0Blc210cC5vcmcwIgYDVR0SBBswGYEX
+Y2ErY2EtcnNhMjAwM0Blc210cC5vcmcwDQYJKoZIhvcNAQEEBQADggEBAJaDtlST
+3zjQSKehyAjJD+mABeN+w2FRiHt6uySwaaMi5Jg42sjD61JwY+Jm8lnvVr6qfIdu
+lIXUcbo19+7QblIdH+T9L+JwMV23ixPMcBAh+jQpj43YSscPsjbnHh5G0RGEgHy7
+JMRjviokU3QMieBq9Ahjv1TTCtn8/mzeT5dhCKAQkuuvBuxQhsTMazEyYCV6CUf4
+Qnqi1ZD6SL6/CuEDuFYkuRLpugkwR76ljqKSpNymp8YpOWVuZEobssMHKfXAfnjg
+IpuY1IeRyuFmnS9w8Uylji5oUrO9lXZWQA5GR+Sz7Ko86IaWWu36yRCVUwQTcQGR
+zs06UcYw6UhJZKM=
+-----END CERTIFICATE-----
diff --git a/contrib/sendmail/KNOWNBUGS b/contrib/sendmail/KNOWNBUGS
index b2c6c44327f0..1d45bef88150 100644
--- a/contrib/sendmail/KNOWNBUGS
+++ b/contrib/sendmail/KNOWNBUGS
@@ -241,4 +241,4 @@ Kresolve sequence dnsmx canon
be used if set instead of LOCAL_RELAY ($R). This will be fixed in a
future version.
-$Revision: 8.55.2.1 $, Last updated $Date: 2002/12/18 22:38:48 $
+$Revision: 8.56 $, Last updated $Date: 2002/12/18 22:39:06 $
diff --git a/contrib/sendmail/LICENSE b/contrib/sendmail/LICENSE
index 7602ad4689ec..e8639f5a5a92 100644
--- a/contrib/sendmail/LICENSE
+++ b/contrib/sendmail/LICENSE
@@ -33,7 +33,7 @@ each of the following conditions is met:
forth as paragraph 6 below, in the documentation and/or other materials
provided with the distribution. For the purposes of binary distribution
the "Copyright Notice" refers to the following language:
- "Copyright (c) 1998-2003 Sendmail, Inc. All rights reserved."
+ "Copyright (c) 1998-2004 Sendmail, Inc. All rights reserved."
4. Neither the name of Sendmail, Inc. nor the University of California nor
the names of their contributors may be used to endorse or promote
@@ -76,4 +76,4 @@ each of the following conditions is met:
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
-$Revision: 8.11.2.1 $, Last updated $Date: 2003/04/19 14:30:36 $
+$Revision: 8.13 $, Last updated $Date: 2004/05/11 23:57:57 $
diff --git a/contrib/sendmail/PGPKEYS b/contrib/sendmail/PGPKEYS
index 860252b6e672..ddd08baeaf10 100644
--- a/contrib/sendmail/PGPKEYS
+++ b/contrib/sendmail/PGPKEYS
@@ -1022,4 +1022,4 @@ SIXqPke2iCW6+zdG1T/gS5T9T9/Lf2c9FQf0FjURAi3ynDA2RBLA5FDsI8v3
=dbDm
-----END PGP PUBLIC KEY BLOCK-----
-$Revision: 8.13.2.4 $, Last updated $Date: 2004/01/13 21:18:06 $
+$Revision: 8.17 $, Last updated $Date: 2004/01/13 21:17:49 $
diff --git a/contrib/sendmail/README b/contrib/sendmail/README
index ec4d441e335b..c93c11f1f410 100644
--- a/contrib/sendmail/README
+++ b/contrib/sendmail/README
@@ -463,4 +463,4 @@ sendmail Source for the sendmail program itself.
test Some test scripts (currently only for compilation aids).
vacation Source for the vacation program. NOT PART OF SENDMAIL!
-$Revision: 8.90.2.1 $, Last updated $Date: 2002/11/09 23:32:28 $
+$Revision: 8.91 $, Last updated $Date: 2002/11/09 23:33:07 $
diff --git a/contrib/sendmail/RELEASE_NOTES b/contrib/sendmail/RELEASE_NOTES
index 0d6377d420c6..6df95cf3d4fb 100644
--- a/contrib/sendmail/RELEASE_NOTES
+++ b/contrib/sendmail/RELEASE_NOTES
@@ -1,11 +1,474 @@
SENDMAIL RELEASE NOTES
- $Id: RELEASE_NOTES,v 8.1340.2.189 2004/01/18 17:50:57 ca Exp $
+ $Id: RELEASE_NOTES,v 8.1679 2004/07/30 18:03:07 ca Exp $
This listing shows the version of the sendmail binary, the version
of the sendmail configuration files, the date of release, and a
summary of the changes in that release.
+8.13.1/8.13.1 2004/07/30
+ Using the default AliasFile ldap: specification would cause the
+ objectClasses of the LDAP response to be included in the
+ alias expansion. Problem noted by Brenden Conte of
+ Rensselaer Polytechnic Institute.
+ Fix support for a fallback smart host for system where DNS is
+ (partially) available. From John Beck of Sun Microsystems.
+ Fix SuperSafe=PostMilter behavior when a milter replaces a body
+ but the data file is not yet stored on disk because it is
+ smaller than the size of the memory buffer. Problem noted
+ by David Russell.
+ Fix certificate revocation list support; if a CRL was specified
+ but the other side presented a cert that was signed by
+ a different (trusted) CA than the one which issued the CRL,
+ verification would always fail. Problem noted by Al Smith.
+ Run mailer programs as the RunAsUser when RunAsUser is set and
+ the F=S mailer flag is set without a U= mailer equate.
+ Problem noted by John Gardiner Myers of Proofpoint.
+ ${nbadrcpts} was off by one if BadRcptThrottle is zero.
+ Patch from Sung-hoon Choi of DreamWiz Inc.
+ CONFIG: Emit a warning if FEATURE(`access_db') is used after
+ FEATURE(`greet_pause') because then the latter will not
+ use the access map. Note: if no default value is given
+ for FEATURE(`greet_pause') then it issues an error if
+ FEATURE(`access_db') is not specified before it.
+ Problem noted by Alexander Dalloz of University of
+ Bielefeld.
+ CONFIG: Invoke ruleset Local_greet_pause if FEATURE(`greet_pause')
+ is used to give more flexibility for local changes.
+ Portability:
+ Fix a 64 bit problem in the socket map code. Problem
+ noted by Geoff Adams.
+ NetBSD 2.0F has closefrom(3). Patch from Andrew Brown.
+ NetBSD can use sysctl(3) to get the number of CPUs in
+ a system. Patch from Andrew Brown.
+ Add a README file in doc/op/ to explain potential
+ incompatibilities with various *roff related
+ tools. Problem tracked down by Per Hedeland.
+ New Files:
+ doc/op/README
+
+8.13.0/8.13.0 2004/06/20
+ Do not include AUTH data in a bounce to avoid leaking confidential
+ information. See also cf/README about MSP and the section
+ "Providing SMTP AUTH Data when sendmail acts as Client".
+ Problem noted by Neil Rickert of Northern Illinois
+ University.
+ Fix compilation error in libsm/clock.c for -D_FFR_SLEEP_USE_SELECT=n
+ and -DSM_CONF_SETITIMER=0. Problem noted by Juergen Georgi
+ of RUS University of Stuttgart.
+ Fix bug in conversion from 8bit to quoted-printable. Problem found
+ by Christof Haerens, patch from Per Hedeland.
+ Add support for LDAP recursion based on types given to attribute
+ specifications in an LDAP map definition. This allows
+ LDAP queries to return a new query, a DN, or an LDAP
+ URL which will in turn be queried. See the ``LDAP
+ Recursion'' section of doc/op/op.me for more information.
+ Based on patch from Andrew Baucom.
+ Extend the default LDAP specifications for AliasFile
+ (O AliasFile=ldap:) and file classes (F{X}@LDAP) to
+ include support for LDAP recursion via new attributes.
+ See ``USING LDAP FOR ALIASES, MAPS, and CLASSES'' section
+ of cf/README for more information.
+ New option for LDAP maps: the -w option allows you to specify the
+ LDAP API/protocol version to use. The default depends on
+ the LDAP library.
+ New option for LDAP maps: the -H option allows you to specify an
+ LDAP URI instead of specifying the LDAP server via -h host
+ and -p port. This also allows for the use of LDAP over
+ SSL and connections via named sockets if your LDAP
+ library supports it.
+ New compile time flag SM_CONF_LDAP_INITIALIZE: set this if
+ ldap_initialize(3) is available (and LDAPMAP is set).
+ If MaxDaemonChildren is set and a command is repeated too often
+ during a SMTP session then terminate it just like it is
+ done for too many bad SMTP commands.
+ Basic connection rate control support has been added: the daemon
+ maintains the number of incoming connections per client
+ IP address and total in the macros {client_rate} and
+ {total_rate}, respectively. These macros can be used
+ in the cf file to impose connection rate limits.
+ A new option ConnectionRateWindowSize (default: 60s)
+ determines the length of the interval for which the
+ number of connections is stored. Based on patch from
+ Jose Marcio Martins da Cruz, Ecole des Mines de Paris.
+ Add optional protection from open proxies and SMTP slammers which
+ send SMTP traffic without waiting for the SMTP greeting.
+ If enabled by the new ruleset greet_pause (see
+ FEATURE(`greet_pause')), sendmail will wait the specified
+ amount of time before sending the initial 220 SMTP
+ greeting. If any traffic is received before then, a 554
+ SMTP response is sent and all SMTP commands are rejected
+ during that connection.
+ If 32 NOOP (or unknown/bad) commands are issued by a client the SMTP
+ server could sleep for a very long time. Fix based on
+ patch from Tadashi Kobayashi of IIJ.
+ Fix a potential memory leak in persistent queue runners if the
+ number of entries in the queue exceeds the limit of jobs.
+ Problem noted by Steve Hubert of University of Washington.
+ Do not use 4.7.1 as enhanced status code because some broken systems
+ misinterpret it as a permanent error.
+ New value for SuperSafe: PostMilter which will delay fsync() until
+ all milters accepted the mail. This can increase
+ performance if many mails are rejected by milters due to
+ body scans. Based on patch from David F. Skoll.
+ New macro {msg_id} which contains the value of the Message-Id:
+ header, whether provided by the client or generated by
+ sendmail.
+ New macro {client_connections} which contains the number of open
+ connections in the SMTP server for the client IP address.
+ Based on patch from Jose Marcio Martins da Cruz, Ecole des
+ Mines de Paris.
+ sendmail will now remove its pidfile when it exits. This was done
+ to prevent confusion caused by running sendmail stop
+ scripts two or more times, where the second and subsequent
+ runs would report misleading error messages about sendmail's
+ pid no longer existing. See section 1.3.15 of doc/op/op.me
+ for a discussion of the implications of this, including
+ how to correct broken scripts which may have depended on
+ the old behavior. From John Beck of Sun Microsystems.
+ Support per-daemon input filter lists which override the default
+ filter list specified in InputMailFilters. The filters
+ can be listed in the I= equate of DaemonPortOptions.
+ Do not add all domain prefixes of the hostname to class 'w'. If
+ your configuration relies on this behavior, you have to
+ add those names to class 'w' yourself. Problem noted
+ by Sander Eerkes.
+ Support message quarantining in the mail queue. Quarantined
+ messages are not run on normal queue displays or runs
+ unless specifically requested with -qQ. Quarantined queue
+ files are named with an hf prefix instead of a qf prefix.
+ The -q command line option now can specify which queue to display
+ or run. -qQ operates on quarantined queue items. -qL
+ operates on lost queue items.
+ Restricted mail queue runs and displays can be done based on the
+ quarantined reason using -qQtext to run or display
+ quarantined items if the quarantine reason contains the
+ given text. Similarly, -q!Qtext will run or display
+ quarantined items which do not have the given text in the
+ quarantine reason.
+ Items in the queue can be quarantined or unquarantined using the
+ new -Q option. See doc/op/op.me for more information.
+ When displaying the quarantine mailq with 'mailq -qQ', the
+ quarantine reason is shown in a new line prefixed by
+ "QUARANTINE:".
+ A new error code for the $#error mailer, $@ quarantine, can be used
+ to quarantine messages in check_* (except check_compat) and
+ header check rulesets. The $: of the mailer triplet will
+ be used for the quarantine reason.
+ Add a new quarantine count to the mailstats collected.
+ Add a new macro ${quarantine} which is the quarantine reason for a
+ message if it is quarantined.
+ New map type "socket" for a trivial query protocol over UNIX domain
+ or TCP sockets (requires compile time option SOCKETMAP).
+ See sendmail/README and doc/op/op.me for details as well as
+ socketmapServer.pl and socketmapClient.pl in contrib.
+ Code donated by Bastiaan Bakker of LifeLine Networks.
+ Define new macro ${client_ptr} which holds the result of the PTR
+ lookup for the client IP address. Note: this is the same
+ as ${client_name} if and only if ${client_resolve} is OK.
+ Add a new macro ${nbadrcpts} which contains the number of bad
+ recipients received so far in a transaction.
+ Call check_relay with the value of ${client_name} to deal with bogus
+ DNS entries. See also FEATURE(`use_client_ptr'). Problem
+ noted by Kai Schlichting.
+ Treat Delivery-Receipt-To: headers the same as Return-Receipt-To:
+ headers (turn them into DSNs). Delivery-Receipt-To: is
+ apparently used by SIMS (Sun Internet Mail System).
+ Enable connection caching for LPC mailers. Patch from Christophe
+ Wolfhugel of France Telecom Oleane.
+ Do not silently truncate long strings in address rewriting.
+ Add support for Cyrus SASL version 2. From Kenneth Murchison of
+ Oceana Matrix Ltd.
+ Add a new AuthOption=m flag to require the use of mechanisms which
+ support mutual authentication. From Kenneth Murchison of
+ Oceana Matrix Ltd.
+ Fix logging of TLS related problems (introduced in 8.12.11).
+ The macros {auth_author} and {auth_authen} are stored in xtext
+ format just like the STARTTLS related macros to avoid
+ problems with parsing them. Problem noted by Pierangelo
+ Masarati of SysNet s.n.c.
+ New option AuthRealm to set the authentication realm that is
+ passed to the Cyrus SASL library. Patch from Gary Mills
+ of the University of Manitoba.
+ Enable AUTH mechanism EXTERNAL if STARTTLS verification was
+ successful, otherwise relaying would be allowed if
+ EXTERNAL is listed in TRUST_AUTH_MECH() and STARTTLS
+ is active.
+ Add basic support for certificate revocation lists. Note: if a
+ CRLFile is specified but the file is unusable, STARTTLS
+ is disabled. Based on patch by Ralf Hornik.
+ Enable workaround for inconsistent Cyrus SASLv1 API for mechanisms
+ DIGEST-MD5 and LOGIN.
+ Write pid to file also if sendmail only acts as persistent queue
+ runner. Proposed by Gary Mills of the University of Manitoba.
+ Keep daemon pid file(s) locked so other daemons don't try to
+ overwrite each other's pid files.
+ Increase maximum length of logfile fields for {cert_subject} and
+ {cert_issuer} from 128 to 256. Requested by Christophe
+ Wolfhugel of France Telecom.
+ Log the TLS verification message on the STARTTLS= log line at
+ LogLevel 12 or higher.
+ If the MSP is invoked with the verbose option (-v) then it will
+ try to use the SMTP command VERB to propagate this option
+ to the MTA which in turn will show the delivery just like
+ it was done before the default 8.12 separation of MSP and
+ MTA. Based on patch by Per Hedeland.
+ If a daemon is refusing connections for longer than the time specified
+ by the new option RejectLogInterval (default: 3 hours) due
+ to high load, log this information. Patch from John Beck
+ of Sun Microsystems.
+ Remove the ability for non-trusted users to raise the value of
+ CheckpointInterval on the command line.
+ New mailer flag 'B' to strip leading backslashes, which is a
+ subset of the functionality of the 's' flag.
+ New mailer flag 'W' to ignore long term host status information.
+ Patch from Juergen Georgi of RUS University of Stuttgart.
+ Enable generic mail filter API (milter) by default. To turn
+ it off, add -DMILTER=0 to the compile time options.
+ An internal SMTP session discard flag was lost after an RSET/HELO/EHLO
+ causing subsequent messages to be sent instead of being
+ discarded. This also caused milter callbacks to be called
+ out of order after the SMTP session was reset.
+ New option RequiresDirfsync to turn off the compile time flag
+ REQUIRES_DIR_FSYNC at runtime. See sendmail/README for
+ further information.
+ New command line option -D logfile to send debug output to
+ the indicated log file instead of stdout.
+ Add Timeout.queuereturn.dsn and Timeout.queuewarn.dsn to control
+ queue return and warning times for delivery status
+ notifications.
+ New queue sort order option: 'n'one for not sorting the queue entries
+ at all.
+ Several more return values for ruleset srv_features have been added
+ to enable/disable certain features in the server per
+ connection. See doc/op/op.me for details.
+ Support for SMTP over SSL (smtps), activated by Modifier=s
+ for DaemonPortOptions.
+ Continue with DNS lookups on ECONNREFUSED and TRY_AGAIN when
+ trying to canonify hostnames. Suggested by Neil Rickert
+ of Northern Illinois University.
+ Add support for a fallback smart host (option FallbackSmartHost) to
+ be tried as a last resort after all other fallbacks. This
+ is designed for sites with partial DNS (e.g., an accurate
+ view of inside the company, but an incomplete view of
+ outside). From John Beck of Sun Microsystems.
+ Enable timeout for STARTTLS even if client does not start the TLS
+ handshake. Based on patch by Andrey J. Melnikoff.
+ Remove deprecated -v option for PH map, use -k instead. Patch from
+ Mark Roth of the University of Illinois at Urbana-Champaign.
+ libphclient is version 1.2.x by default, if version 1.1.x is required
+ then compile with -DNPH_VERSION=10100. Patch from Mark Roth
+ of the University of Illinois at Urbana-Champaign.
+ Add Milter.macros.eom, allowing macros to be sent to milter
+ applications for use in the xxfi_eom() callback.
+ New macro {time} which contains the output of the time(3) function,
+ i.e., the number of seconds since 0 hours, 0 minutes,
+ 0 seconds, January 1, 1970, Coordinated Universal Time (UTC).
+ If check_relay sets the reply code to "421" the SMTP server will
+ terminate the SMTP session with a 421 error message.
+ Get rid of dead code that tried to access the environment variable
+ HOSTALIASES.
+ Deprecate the use of ErrorMode=write. To enable this in 8.13
+ compile with -DUSE_TTYPATH=1.
+ Header check rulesets using $>+ (do not strip comments) will get
+ the header value passed in without balancing quotes,
+ parentheses, and angle brackets. Based on patch from
+ Oleg Bulyzhin.
+ Do not complain and fix up unbalanced quotes, parentheses, and
+ angle brackets when reading in rulesets. This allows
+ rules to be written for header checks to catch strings
+ that contain quotes, parentheses, and/or angle brackets.
+ Based on patch from Oleg Bulyzhin.
+ Do not close socket when accept(2) in the daemon encounters
+ some temporary errors like ECONNABORTED.
+ Added list of CA certificates that are used by members of the
+ sendmail consortium, see CACerts.
+ Portability:
+ Two new compile options have been added:
+ HASCLOSEFROM System has closefrom(3).
+ HASFDWALK System has fdwalk(3).
+ Based on patch from John Beck of Sun Microsystems.
+ The Linux kernel version 2.4 series has a broken flock() so
+ change to using fcntl() locking until they can fix
+ it. Be sure to update other sendmail related
+ programs to match locking techniques.
+ New compile time option NEEDINTERRNO which should be set
+ if <errno.h> does not declare errno itself.
+ Support for UNICOS/mk and UNICOS/mp added, some changes for
+ UNICOS. Patches contributed by Aaron Davis and
+ Brian Ginsbach, Cray Inc., and Manu Mahonen of
+ Center for Scientific Computing.
+ Add support for Darwin 7.0/Mac OS X 10.3 (a.k.a. Panther).
+ Extend support to Darwin 7.x/Mac OS X 10.3 (a.k.a. Panther).
+ Remove path from compiler definition for Interix because
+ Interix 3.0 and 3.5 put gcc in different locations.
+ Also use <sys/mkdev.h> to get the correct
+ major()/minor() definitions. Based on feedback
+ from Mark Funkenhauser.
+ CONFIG: Add support for LDAP recursion to the default LDAP searches
+ for maps via new attributes. See the ``USING LDAP FOR
+ ALIASES, MAPS, and CLASSES'' section of cf/README and
+ cf/sendmail.schema for more information.
+ CONFIG: Make sure confTRUSTED_USER is valid even if confRUN_AS_USER
+ is of the form "user:group" when used for submit.mc.
+ Problem noted by Carsten P. Gehrke, patch from Neil Rickert
+ of Northern Illinois University.
+ CONFIG: Add a new access DB value of QUARANTINE:reason which
+ instructs the check_* (except check_compat) to quarantine
+ the message using the given reason.
+ CONFIG: Use "dns -R A" as map type for dnsbl (just as for enhdnsbl)
+ instead of "host" to avoid problem with looking up other
+ DNS records than just A.
+ CONFIG: New option confCONNECTION_RATE_WINDOW_SIZE to define the
+ length of the interval for which the number of incoming
+ connections is maintained.
+ CONFIG: New FEATURE(`ratecontrol') to set the limits for connection
+ rate control for individual hosts or nets.
+ CONFIG: New FEATURE(`conncontrol') to set the limits for the
+ number of open SMTP connections for individual hosts or nets.
+ CONFIG: New FEATURE(`greet_pause') enables open proxy and SMTP
+ slamming protection described above. The feature can
+ take an argument specifying the milliseconds to wait and/or
+ use the access database to look the pause time based on
+ client hostname, domain, IP address, or subnet.
+ CONFIG: New FEATURE(`use_client_ptr') to have check_relay use
+ $&{client_ptr} as its first argument. This is useful for
+ rejections based on the unverified hostname of client,
+ which turns on the same behavior as in earlier sendmail
+ versions when delay_checks was not in use. See also entry
+ above about check_relay being invoked with ${client_name}.
+ CONFIG: New option confREJECT_LOG_INTERVAL to specify the log
+ interval when refusing connections for this long.
+ CONFIG: Remove quotes around usage of confREJECT_MSG; in some cases
+ this requires a change in a mc file. Requested by
+ Ted Roberts of Electronic Data Systems.
+ CONFIG: New option confAUTH_REALM to set the authentication realm
+ that is passed to the Cyrus SASL library. Patch from
+ Gary Mills of the University of Manitoba.
+ CONFIG: Rename the (internal) classes {tls}/{src} to {Tls}/{Src}
+ to follow the naming conventions.
+ CONFIG: Add a third optional argument to local_lmtp to specify
+ the A= argument.
+ CONFIG: Remove the f flag from the default mailer flags of
+ local_lmtp.
+ CONFIG: New option confREQUIRES_DIR_FSYNC to turn off the compile
+ time flag REQUIRES_DIR_FSYNC at runtime.
+ CONFIG: New LOCAL_UUCP macro to insert rules into the generated
+ cf file at the same place where MAILER(`uucp') inserts
+ its rules.
+ CONFIG: New options confTO_QUEUERETURN_DSN and confTO_QUEUEWARN_DSN
+ to control queue return and warning times for delivery
+ status notifications.
+ CONFIG: New option confFALLBACK_SMARTHOST to define FallbackSmartHost.
+ CONFIG: Add the mc file which has been used to create the cf
+ file to the end of the cf file when using make in cf/cf/.
+ Patch from Richard Rognlie.
+ CONFIG: FEATURE(nodns) has been removed, it was a no-op since 8.9.
+ Use ServiceSwitchFile to turn off DNS lookups, see
+ doc/op/op.me.
+ CONFIG: New option confMILTER_MACROS_EOM (sendmail Milter.macros.eom
+ option) defines macros to be sent to milter applications for
+ use in the xxfi_eom() callback.
+ CONFIG: New option confCRL to specify file which contains
+ certificate revocations lists.
+ CONFIG: Add a new value (sendertoo) for the third argument to
+ FEATURE(`ldap_routing') which will reject the SMTP
+ MAIL From: command if the sender address doesn't exist
+ in LDAP. See cf/README for more information.
+ CONFIG: Add a fifth argument to FEATURE(`ldap_routing') which
+ instructs the rulesets on whether or not to do a domain
+ lookup if a full address lookup doesn't match. See cf/README
+ for more information.
+ CONFIG: Add a sixth argument to FEATURE(`ldap_routing') which
+ instructs the rulesets on whether or not to queue the mail
+ or give an SMTP temporary error if the LDAP server can't be
+ reached. See cf/README for more information. Based on
+ patch from Billy Ray Miller of Caterpillar.
+ CONFIG: Experimental support for MTAMark, see cf/README for details.
+ CONFIG: New option confMESSAGEID_HEADER to define a different
+ Message-Id: header format. Patch from Bastiaan Bakker
+ of LifeLine Networks.
+ CONTRIB: New version of cidrexpand which uses Net::CIDR. From
+ Derek J. Balling.
+ CONTRIB: oldbind.compat.c has been removed due to security problems.
+ Found by code inspection done by Reasoning, Inc.
+ DEVTOOLS: Add an example file for devtools/Site/, contributed
+ by Neil Rickert of Northern Illinois University.
+ LIBMILTER: Add new function smfi_quarantine() which allows the
+ filter's EOM routine to quarantine the current message.
+ Filters which use this function must include the
+ SMFIF_QUARANTINE flag in the registered smfiDesc structure.
+ LIBMILTER: If a milter sets the reply code to "421", the SMTP server
+ will terminate the SMTP session with that error.
+ LIBMILTER: Upon filter shutdown, libmilter will not remove a
+ named socket in the file system if it is running as root.
+ LIBMILTER: Add new function smfi_progress() which allows the filter
+ to notify the MTA that an EOM operation is still in progress,
+ resetting the timeout.
+ LIBMILTER: Add new function smfi_opensocket() which allows the filter
+ to attempt to establish the interface socket, and detect
+ failure to do so before calling smfi_main().
+ LIBMILTER: Add new function smfi_setmlreply() which allows the
+ filter to return a multi-line SMTP reply.
+ LIBMILTER: Deal with more temporary errors in accept() by ignoring
+ them instead of stopping after too many occurred.
+ Suggested by James Carlson of Sun Microsystems.
+ LIBMILTER: Fix a descriptor leak in the sample program found in
+ docs/sample.html. Reported by Dmitry Adamushko.
+ LIBMILTER: The sample program also needs to use SMFIF_ADDRCPT.
+ Reported by Carl Byington of 510 Software Group.
+ LIBMILTER: Document smfi_stop() and smfi_setdbg(). Patches
+ from Bryan Costales.
+ LIBMILTER: New compile time option SM_CONF_POLL; define this if
+ poll(2) should be used instead of select(2).
+ LIBMILTER: New function smfi_insheader() and related protocol
+ amendments to support header insertion operations.
+ MAIL.LOCAL: Add support for hashed mail directories, see
+ mail.local/README. Contributed by Chris Adams of HiWAAY
+ Informations Services.
+ MAILSTATS: Display quarantine message counts.
+ MAKEMAP: Add new flag -D to specify the comment character to use
+ instead of '#'.
+ VACATION: Add new flag -j to auto-respond to messages regardless of
+ whether or not the recipient is listed in the To: or Cc:
+ headers.
+ VACATION: Add new flag -R to specify the envelope sender address
+ for the auto-response message.
+ New Files:
+ CACerts
+ cf/feature/conncontrol.m4
+ cf/feature/greet_pause.m4
+ cf/feature/mtamark.m4
+ cf/feature/ratecontrol.m4
+ cf/feature/use_client_ptr.m4
+ cf/ostype/unicos.m4
+ cf/ostype/unicosmk.m4
+ cf/ostype/unicosmp.m4
+ contrib/socketmapClient.pl
+ contrib/socketmapServer.pl
+ devtools/OS/Darwin.7.0
+ devtools/OS/UNICOS-mk
+ devtools/OS/UNICOS-mp
+ devtools/Site/site.config.m4.sample
+ include/sm/os/sm_os_unicos.h
+ include/sm/os/sm_os_unicosmk.h
+ include/sm/os/sm_os_unicosmp.h
+ libmilter/docs/smfi_insheader.html
+ libmilter/docs/smfi_progress.html
+ libmilter/docs/smfi_quarantine.html
+ libmilter/docs/smfi_setdbg.html
+ libmilter/docs/smfi_setmlreply.html
+ libmilter/docs/smfi_stop.html
+ sendmail/ratectrl.c
+ Deleted Files:
+ cf/feature/nodns.m4
+ contrib/oldbind.compat.c
+ devtools/OS/CRAYT3E.2.0.x
+ devtools/OS/CRAYTS.10.0.x
+ libsm/vsprintf.c
+ Renamed Files:
+ devtools/OS/Darwin.7.0 => devtools/OS/Darwin.7.x
+
8.12.11/8.12.11 2004/01/18
Use QueueFileMode when opening qf files. This error was a
regression in 8.12.10. Problem detected and diagnosed
diff --git a/contrib/sendmail/cf/README b/contrib/sendmail/cf/README
index ff7057944b75..52985bb33de5 100644
--- a/contrib/sendmail/cf/README
+++ b/contrib/sendmail/cf/README
@@ -28,6 +28,7 @@ MASQUERADING AND RELAYING
USING LDAP FOR ALIASES, MAPS, AND CLASSES
LDAP ROUTING
ANTI-SPAM CONFIGURATION CONTROL
+CONNECTION CONTROL
STARTTLS
SMTP AUTHENTICATION
ADDING NEW MAILERS OR RULESETS
@@ -76,7 +77,7 @@ Let's examine a typical .mc file:
divert(-1)
#
- # Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers.
+ # Copyright (c) 1998-2004 Sendmail, Inc. and its suppliers.
# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
@@ -130,8 +131,8 @@ definition appropriate for your environment.
These describe the mailers used at the default CS site. The local
mailer is always included automatically. Beware: MAILER declarations
-should always be at the end of the configuration file. The general
-rules are that the order should be:
+should only be followed by LOCAL_* sections. The general rules are
+that the order should be:
VERSIONID
OSTYPE
@@ -1051,6 +1052,12 @@ local_lmtp Use an LMTP capable local mailer. The argument to this
LMTP capable. The path to mail.local is set by the
confEBINDIR m4 variable -- making the default
LOCAL_MAILER_PATH /usr/libexec/mail.local.
+ If a different LMTP capable mailer is used, its pathname
+ can be specified as second parameter and the arguments
+ passed to it (A=) as third parameter, e.g.,
+
+ FEATURE(`local_lmtp', `/usr/local/bin/lmtp', `lmtp')
+
WARNING: This feature sets LOCAL_MAILER_FLAGS unconditionally,
i.e., without respecting any definitions in an OSTYPE setting.
@@ -1226,6 +1233,13 @@ delay_checks The rulesets check_mail and check_relay will not be called
section. Note: this feature is incompatible to the versions
in 8.10 and 8.11.
+use_client_ptr If this feature is enabled then check_relay will override
+ its first argument with $&{client_ptr}. This is useful for
+ rejections based on the unverified hostname of client,
+ which turns on the same behavior as in earlier sendmail
+ versions when delay_checks was not in use. See doc/op/op.*
+ about check_relay, {client_name}, and {client_ptr}.
+
dnsbl Turns on rejection of hosts found in an DNS based rejection
list. If an argument is provided it is used as the domain
in which blocked hosts are listed; otherwise it defaults to
@@ -1299,6 +1313,67 @@ enhdnsbl Enhanced version of dnsbl (see above). Further arguments
will be logged).
+ratecontrol Enable simple ruleset to do connection rate control
+ checking. This requires entries in access_db of the form
+
+ ClientRate:IP.ADD.RE.SS LIMIT
+
+ The RHS specifies the maximum number of connections
+ (an integer number) over the time interval defined
+ by ConnectionRateWindowSize, where 0 means unlimited.
+
+ Take the following example:
+
+ ClientRate:10.1.2.3 4
+ ClientRate:127.0.0.1 0
+ ClientRate: 10
+
+ 10.1.2.3 can only make up to 4 connections, the
+ general limit it 10, and 127.0.0.1 can make an unlimited
+ number of connections per ConnectionRateWindowSize.
+
+ See also CONNECTION CONTROL.
+
+conncontrol Enable a simple check of the number of incoming SMTP
+ connections. This requires entries in access_db of the
+ form
+
+ ClientConn:IP.ADD.RE.SS LIMIT
+
+ The RHS specifies the maximum number of open connections
+ (an integer number).
+
+ Take the following example:
+
+ ClientConn:10.1.2.3 4
+ ClientConn:127.0.0.1 0
+ ClientConn: 10
+
+ 10.1.2.3 can only have up to 4 open connections, the
+ general limit it 10, and 127.0.0.1 does not have any
+ explicit limit.
+
+ See also CONNECTION CONTROL.
+
+mtamark Experimental support for "Marking Mail Transfer Agents in
+ Reverse DNS with TXT RRs" (MTAMark), see
+ draft-stumpf-dns-mtamark-01. Optional arguments are:
+
+ 1. Error message, default:
+
+ 550 Rejected: $&{client_addr} not listed as MTA
+
+ 2. Temporary lookup failures are ignored unless a second
+ argument is given, which must be either `t' or a full
+ error message.
+
+ 3. Lookup prefix, default: _perm._smtp._srv. This should
+ not be changed unless the draft changes it.
+
+ Example:
+
+ FEATURE(`mtamark', `', `t')
+
lookupdotdomain Look up also .domain in the access map. This allows to
match only subdomains. It does not work well with
FEATURE(`relay_hosts_only'), because most lookups for
@@ -1393,6 +1468,32 @@ queuegroup A simple example how to select a queue group based
Note: please read the warning in doc/op/op.me about
queue groups and possible queue manipulations.
+greet_pause Adds the greet_pause ruleset which enables open proxy
+ and SMTP slamming protection. The feature can take an
+ argument specifying the milliseconds to wait:
+
+ FEATURE(`greet_pause', `5000') dnl 5 seconds
+
+ If FEATURE(`access_db') is enabled, an access database
+ lookup with the GreetPause tag is done using client
+ hostname, domain, IP address, or subnet to determine the
+ pause time:
+
+ GreetPause:my.domain 0
+ GreetPause:example.com 5000
+ GreetPause:10.1.2 2000
+ GreetPause:127.0.0.1 0
+
+ When using FEATURE(`access_db'), the optional
+ FEATURE(`greet_pause') argument becomes the default if
+ nothing is found in the access database. A ruleset called
+ Local_greet_pause can be used for local modifications, e.g.,
+
+ LOCAL_RULESETS
+ SLocal_greet_pause
+ R$* $: $&{daemon_flags}
+ R$* a $* $# 0
+
+-------+
| HACKS |
+-------+
@@ -1461,6 +1562,9 @@ The second example demonstrates that you can use two names on the
same line; these are usually aliases for the same host (or are at
least in the same company).
+The macro LOCAL_UUCP can be used to add rules into the generated
+cf file at the place where MAILER(`uucp') inserts its rules. This
+should only be used if really necessary.
+--------------------+
| USING UUCP MAILERS |
@@ -1787,7 +1891,8 @@ declared as follows:
(|(sendmailMTACluster=${sendmailMTACluster})
(sendmailMTAHost=$j))
(sendmailMTAKey=%0))
- -v sendmailMTAAliasValue
+ -v sendmailMTAAliasValue,sendmailMTAAliasSearch:FILTER:sendmailMTAAliasObject,sendmailMTAAliasURL:URL:sendmailMTAAliasObject
+
NOTE: The macros shown above ${sendmailMTACluster} and $j are not actually
used when the binary expands the `ldap:' token as the AliasFile option is
@@ -1893,7 +1998,7 @@ For example, FEATURE(`mailertable', `LDAP') would use the map definition:
(|(sendmailMTACluster=${sendmailMTACluster})
(sendmailMTAHost=$j))
(sendmailMTAKey=%0))
- -1 -v sendmailMTAMapValue
+ -1 -v sendmailMTAMapValue,sendmailMTAMapSearch:FILTER:sendmailMTAMapObject,sendmailMTAMapURL:URL:sendmailMTAMapObject
An example LDAP LDIF entry using this map might be:
@@ -1960,7 +2065,7 @@ specification:
(sendmailMTAClassName=R)
(|(sendmailMTACluster=${sendmailMTACluster})
(sendmailMTAHost=$j)))
- -v sendmailMTAClassValue
+ -v sendmailMTAClassValue,sendmailMTAClassSearch:FILTER:sendmailMTAClass,sendmailMTAClassURL:URL:sendmailMTAClass
NOTE: The macros shown above ${sendmailMTACluster} and $j are not actually
used when the binary expands the `@LDAP' token as class declarations are
@@ -2053,18 +2158,25 @@ and will not reject addresses not found by the LDAP lookup. However,
this behavior can be changed by giving additional arguments to the FEATURE()
command:
- FEATURE(`ldap_routing', <mailHost>, <mailRoutingAddress>, <bounce>, <detail>)
+ FEATURE(`ldap_routing', <mailHost>, <mailRoutingAddress>, <bounce>,
+ <detail>, <nodomain>, <tempfail>)
where <mailHost> is a map definition describing how to lookup an alternative
mail host for a particular address; <mailRoutingAddress> is a map definition
describing how to lookup an alternative address for a particular address;
the <bounce> argument, if present and not the word "passthru", dictates
that mail should be bounced if neither a mailHost nor mailRoutingAddress
-is found; and <detail> indicates what actions to take if the address
+is found, if set to "sendertoo", the sender will be rejected if not
+found in LDAP; and <detail> indicates what actions to take if the address
contains +detail information -- `strip' tries the lookup with the +detail
and if no matches are found, strips the +detail and tries the lookup again;
`preserve', does the same as `strip' but if a mailRoutingAddress match is
-found, the +detail information is copied to the new address.
+found, the +detail information is copied to the new address; the <nodomain>
+argument, if present, will prevent the @domain lookup if the full
+address is not found in LDAP; the <tempfail> argument, if set to
+"tempfail", instructs the rules to give an SMTP 4XX temporary
+error if the LDAP server gives the MTA a temporary failure, or if set to
+"queue" (the default), the MTA will locally queue the mail.
The default <mailHost> map definition is:
@@ -2237,12 +2349,11 @@ access map. If an optional argument `domain' (this is the literal
word `domain', not a placeholder) is given, the domain portion of
the mail sender is also checked to allowing relaying. This option
only works together with the tag From: for the LHS of the access
-map entries (see below: Finer control...). This feature allows
-spammers to abuse your mail server by specifying a return address
-that you enabled in your access file. This may be harder to figure
-out for spammers, but it should not be used unless necessary.
-Instead use SMTP AUTH or STARTTLS to allow relaying for roaming
-users.
+map entries. This feature allows spammers to abuse your mail server
+by specifying a return address that you enabled in your access file.
+This may be harder to figure out for spammers, but it should not
+be used unless necessary. Instead use SMTP AUTH or STARTTLS to
+allow relaying for roaming users.
If source routing is used in the recipient address (e.g.,
@@ -2338,12 +2449,13 @@ The table itself uses e-mail addresses, domain names, and network
numbers as keys. Note that IPv6 addresses must be prefaced with "IPv6:".
For example,
- spammer@aol.com REJECT
- cyberspammer.com REJECT
- TLD REJECT
- 192.168.212 REJECT
- IPv6:2002:c0a8:02c7 RELAY
- IPv6:2002:c0a8:51d2::23f4 REJECT
+ From:spammer@aol.com REJECT
+ From:cyberspammer.com REJECT
+ Connect:cyberspammer.com REJECT
+ Connect:TLD REJECT
+ Connect:192.168.212 REJECT
+ Connect:IPv6:2002:c0a8:02c7 RELAY
+ Connect:IPv6:2002:c0a8:51d2::23f4 REJECT
would refuse mail from spammer@aol.com, any user from cyberspammer.com
(or any host within the cyberspammer.com domain), any host in the entire
@@ -2351,6 +2463,41 @@ top level domain TLD, 192.168.212.* network, and the IPv6 address
2002:c0a8:51d2::23f4. It would allow relay for the IPv6 network
2002:c0a8:02c7::/48.
+Entries in the access map should be tagged according to their type.
+Three tags are available:
+
+ Connect: connection information (${client_addr}, ${client_name})
+ From: envelope sender
+ To: envelope recipient
+
+Notice: untagged entries are deprecated.
+
+If the required item is looked up in a map, it will be tried first
+with the corresponding tag in front, then (as fallback to enable
+backward compatibility) without any tag, unless the specific feature
+requires a tag. For example,
+
+ From:spammer@some.dom REJECT
+ To:friend.domain RELAY
+ Connect:friend.domain OK
+ Connect:from.domain RELAY
+ From:good@another.dom OK
+ From:another.dom REJECT
+
+This would deny mails from spammer@some.dom but you could still
+send mail to that address even if FEATURE(`blacklist_recipients')
+is enabled. Your system will allow relaying to friend.domain, but
+not from it (unless enabled by other means). Connections from that
+domain will be allowed even if it ends up in one of the DNS based
+rejection lists. Relaying is enabled from from.domain but not to
+it (since relaying is based on the connection information for
+outgoing relaying, the tag Connect: must be used; for incoming
+relaying, which is based on the recipient address, To: must be
+used). The last two entries allow mails from good@another.dom but
+reject mail from all other addresses with another.dom as domain
+part.
+
+
The value part of the map can contain:
OK Accept mail even if other rules in the running
@@ -2377,38 +2524,46 @@ The value part of the map can contain:
"any text" is a message to return for the command.
The string should be quoted to avoid surprises,
e.g., sendmail may remove spaces otherwise.
- This type is deprecated, use one the two
+ This type is deprecated, use one of the two
ERROR: entries below instead.
ERROR:### any text
as above, but useful to mark error messages as such.
ERROR:D.S.N:### any text
where D.S.N is an RFC 1893 compliant error code
and the rest as above.
+ QUARANTINE:any text
+ Quarantine the message using the given text as the
+ quarantining reason.
For example:
- cyberspammer.com ERROR:"550 We don't accept mail from spammers"
- okay.cyberspammer.com OK
- sendmail.org RELAY
- 128.32 RELAY
- IPv6:1:2:3:4:5:6:7 RELAY
- [127.0.0.3] OK
- [IPv6:1:2:3:4:5:6:7:8] OK
-
-would accept mail from okay.cyberspammer.com, but would reject mail from
-all other hosts at cyberspammer.com with the indicated message. It would
-allow relaying mail from and to any hosts in the sendmail.org domain, and
-allow relaying from the 128.32.*.* network and the IPv6 1:2:3:4:5:6:7:*
-network. The latter two entries are for checks against ${client_name} if
-the IP address doesn't resolve to a hostname (or is considered as "may be
-forged"). That is, using square brackets means these are host names,
-not network numbers.
+ From:cyberspammer.com ERROR:"550 We don't accept mail from spammers"
+ From:okay.cyberspammer.com OK
+ Connect:sendmail.org RELAY
+ To:sendmail.org RELAY
+ Connect:128.32 RELAY
+ Connect:128.32.2 SKIP
+ Connect:IPv6:1:2:3:4:5:6:7 RELAY
+ Connect:suspicious.example.com QUARANTINE:Mail from suspicious host
+ Connect:[127.0.0.3] OK
+ Connect:[IPv6:1:2:3:4:5:6:7:8] OK
+
+would accept mail from okay.cyberspammer.com, but would reject mail
+from all other hosts at cyberspammer.com with the indicated message.
+It would allow relaying mail from and to any hosts in the sendmail.org
+domain, and allow relaying from the IPv6 1:2:3:4:5:6:7:* network
+and from the 128.32.*.* network except for the 128.32.2.* network,
+which shows how SKIP is useful to exempt subnets/subdomains. The
+last two entries are for checks against ${client_name} if the IP
+address doesn't resolve to a hostname (or is considered as "may be
+forged"). That is, using square brackets means these are host
+names, not network numbers.
Warning: if you change the RFC 821 compliant error code from the default
value of 550, then you should probably also change the RFC 1893 compliant
error code to match it. For example, if you use
- user@example.com ERROR:450 mailbox full
+ To:user@example.com ERROR:450 mailbox full
the error returned would be "450 5.0.0 mailbox full" which is wrong.
Use "ERROR:4.2.2:450 mailbox full" instead.
@@ -2427,7 +2582,7 @@ hosts listed in class {R} to be fully qualified host names.
You can also use the access database to block sender addresses based on
the username portion of the address. For example:
- FREE.STEALTH.MAILER@ ERROR:550 Spam not accepted
+ From:FREE.STEALTH.MAILER@ ERROR:550 Spam not accepted
Note that you must include the @ after the username to signify that
this database entry is for checking only the username portion of the
@@ -2440,24 +2595,24 @@ If you use:
then you can add entries to the map for local users, hosts in your
domains, or addresses in your domain which should not receive mail:
- badlocaluser@ ERROR:550 Mailbox disabled for this username
- host.mydomain.com ERROR:550 That host does not accept mail
- user@otherhost.mydomain.com ERROR:550 Mailbox disabled for this recipient
+ To:badlocaluser@ ERROR:550 Mailbox disabled for badlocaluser
+ To:host.my.TLD ERROR:550 That host does not accept mail
+ To:user@other.my.TLD ERROR:550 Mailbox disabled for this recipient
-This would prevent a recipient of badlocaluser@mydomain.com, any
-user at host.mydomain.com, and the single address
-user@otherhost.mydomain.com from receiving mail. Please note: a
-local username must be now tagged with an @ (this is consistent
-with the check of the sender address, and hence it is possible to
-distinguish between hostnames and usernames). Enabling this feature
-will keep you from sending mails to all addresses that have an
-error message or REJECT as value part in the access map. Taking
-the example from above:
+This would prevent a recipient of badlocaluser in any of the local
+domains (class {w}), any user at host.my.TLD, and the single address
+user@other.my.TLD from receiving mail. Please note: a local username
+must be now tagged with an @ (this is consistent with the check of
+the sender address, and hence it is possible to distinguish between
+hostnames and usernames). Enabling this feature will keep you from
+sending mails to all addresses that have an error message or REJECT
+as value part in the access map. Taking the example from above:
spammer@aol.com REJECT
cyberspammer.com REJECT
Mail can't be sent to spammer@aol.com or anyone at cyberspammer.com.
+That's why tagged entries should be used.
There are several DNS based blacklists, the first of which was
the RBL (``Realtime Blackhole List'') run by the MAPS project,
@@ -2533,46 +2688,12 @@ regex map:
These rules are called with the original arguments of the corresponding
check_* ruleset. If the local ruleset returns $#OK, no further checking
-is done by the features described above and the mail is accepted. If the
-local ruleset resolves to a mailer (such as $#error or $#discard), the
-appropriate action is taken. Otherwise, the results of the local
-rewriting are ignored.
-
-Finer control by using tags for the LHS of the access map
----------------------------------------------------------
-
-Read this section only if the options listed so far are not sufficient
-for your purposes. There is now the option to tag entries in the
-access map according to their type. Three tags are available:
-
- Connect: connection information (${client_addr}, ${client_name})
- From: envelope sender
- To: envelope recipient
-
-If the required item is looked up in a map, it will be tried first
-with the corresponding tag in front, then (as fallback to enable
-backward compatibility) without any tag, unless the specific feature
-requires a tag. For example,
-
- From:spammer@some.dom REJECT
- To:friend.domain RELAY
- Connect:friend.domain OK
- Connect:from.domain RELAY
- From:good@another.dom OK
- From:another.dom REJECT
-
-This would deny mails from spammer@some.dom but you could still
-send mail to that address even if FEATURE(`blacklist_recipients')
-is enabled. Your system will allow relaying to friend.domain, but
-not from it (unless enabled by other means). Connections from that
-domain will be allowed even if it ends up in one of the DNS based
-rejection lists. Relaying is enabled from from.domain but not to
-it (since relaying is based on the connection information for
-outgoing relaying, the tag Connect: must be used; for incoming
-relaying, which is based on the recipient address, To: must be
-used). The last two entries allow mails from good@another.dom but
-reject mail from all other addresses with another.dom as domain
-part.
+is done by the features described above and the mail is accepted. If
+the local ruleset resolves to a mailer (such as $#error or $#discard),
+the appropriate action is taken. Other results starting with $# are
+interpreted by sendmail and may lead to unspecified behavior. Note: do
+NOT create a mailer with the name OK. Return values that do not start
+with $# are ignored, i.e., normal processing continues.
Delay all checks
----------------
@@ -2677,6 +2798,8 @@ to $&{currHeader}.
2. There are no default rulesets coming with this distribution of
sendmail. You can either write your own or you can search the
WWW for examples, e.g., http://www.digitalanswers.org/check_local/
+3. When using a default ruleset for headers, the name of the header
+currently being checked can be found in the $&{hdr_name} macro.
After all of the headers are read, the check_eoh ruleset will be called for
any final header-related checks. The ruleset is called with the number of
@@ -2711,6 +2834,38 @@ probably not be used in production.
# Otherwise, reject the mail
R$* $#error $: 553 Header Error
+
++--------------------+
+| CONNECTION CONTROL |
++--------------------+
+
+The features ratecontrol and conncontrol allow to establish connection
+limits per client IP address or net. These features can limit the
+rate of connections (connections per time unit) or the number of
+incoming SMTP connections, respectively. If enabled, appropriate
+rulesets are called at the end of check_relay, i.e., after DNS
+blacklists and generic access_db operations. The features require
+FEATURE(`access_db') to be listed earlier in the mc file.
+
+Note: FEATURE(`delay_checks') delays those connection control checks
+after a recipient address has been received, hence making these
+connection control features less useful. To run the checks as early
+as possible, specify the parameter `nodelay', e.g.,
+
+ FEATURE(`ratecontrol', `nodelay')
+
+In that case, FEATURE(`delay_checks') has no effect on connection
+control (and it must be specified earlier in the mc file).
+
+An optional second argument `terminate' specifies whether the
+rulesets should return the error code 421 which will cause
+sendmail to terminate the session with that error if it is
+returned from check_relay, i.e., not delayed as explained in
+the previous paragraph. Example:
+
+ FEATURE(`ratecontrol', `nodelay', `terminate')
+
+
+----------+
| STARTTLS |
+----------+
@@ -2774,6 +2929,7 @@ If it is SUBJECT, the DN of the cert subject is looked up next in the
access map using the tag CERTSUBJECT. If the value is RELAY, relaying
is allowed.
+To make things a bit more flexible (or complicated), the values for
${cert_issuer} and ${cert_subject} can be optionally modified by regular
expressions defined in the m4 variables _CERT_REGEX_ISSUER_ and
_CERT_REGEX_SUBJECT_, respectively. To avoid problems with those macros in
@@ -2818,8 +2974,11 @@ Darth+20Mail+20+28Cert+29/Email=darth+2Bcert@endmail.org SUBJECT
CertSubject:/C=US/ST=California/O=endmail.org/OU=private/CN=
DeathStar/Email=deathstar@endmail.org RELAY
-Note: line breaks have been inserted after "CN=" for readability,
-each tagged entry must be one (long) line in the access map.
+Notes:
+- line breaks have been inserted after "CN=" for readability,
+ each tagged entry must be one (long) line in the access map.
+- if OpenSSL 0.9.7 or newer is used then the "Email=" part of a DN
+ is replaced by "emailAddress=".
Of course it is also possible to write a simple ruleset that allows
relaying for everyone who can present a cert that can be verified, e.g.,
@@ -2952,7 +3111,7 @@ R$* $: $&{auth_type}
R$+ $# OK
which checks whether a user has successfully authenticated using
-any available mechanism. Depending on the setup of the CYRUS SASL
+any available mechanism. Depending on the setup of the Cyrus SASL
library, more sophisticated rulesets might be required, e.g.,
SLocal_check_rcpt
@@ -2980,6 +3139,9 @@ If the selected mechanism provides a security layer the number of
bits used for the key of the symmetric cipher is stored in the
macro ${auth_ssf}.
+Providing SMTP AUTH Data when sendmail acts as Client
+-----------------------------------------------------
+
If sendmail acts as client, it needs some information how to
authenticate against another MTA. This information can be provided
by the ruleset authinfo or by the option DefaultAuthInfo. The
@@ -2991,6 +3153,12 @@ only performed if the access map is used; if the authinfo feature
is used then only up to three lookups are performed (two exact
matches, one default).
+Note: If your daemon does client authentication when sending, and
+if it uses either PLAIN or LOGIN authentication, then you *must*
+prevent ordinary users from seeing verbose output. Do NOT install
+sendmail set-user-ID. Use PrivacyOptions to turn off verbose output
+("goaway" works for this).
+
Notice: the default configuration file causes the option DefaultAuthInfo
to fail since the ruleset authinfo is in the .cf file. If you really
want to use DefaultAuthInfo (it is deprecated) then you have to
@@ -3341,12 +3509,17 @@ off, do so.
+--------------------------------+
There are a large number of configuration options that don't normally
-need to be changed. However, if you feel you need to tweak them, you
-can define the following M4 variables. This list is shown in four
-columns: the name you define, the default value for that definition,
-the option or macro that is affected (either Ox for an option or Dx
-for a macro), and a brief description. Greater detail of the semantics
-can be found in the Installation and Operations Guide.
+need to be changed. However, if you feel you need to tweak them,
+you can define the following M4 variables. Note that some of these
+variables require formats that are defined in RFC 2821 or RFC 2822.
+Before changing them you need to make sure you do not violate those
+(and other relevant) RFCs.
+
+This list is shown in four columns: the name you define, the default
+value for that definition, the option or macro that is affected
+(either Ox for an option or Dx for a macro), and a brief description.
+Greater detail of the semantics can be found in the Installation
+and Operations Guide.
Some options are likely to be deprecated in future versions -- that is,
the option is only included to provide back-compatibility. These are
@@ -3358,7 +3531,7 @@ be ``double quoted, like this phrase'' to avoid having the comma
confuse things. This is common for alias file definitions and for
the read timeout.
-M4 Variable Name Configuration Description & [Default]
+M4 Variable Name Configuration [Default] & Description
================ ============= =======================
confMAILER_NAME $n macro [MAILER-DAEMON] The sender name used
for internally generated outgoing
@@ -3387,6 +3560,9 @@ confRECEIVED_HEADER Received:
The format of the Received: header
in messages passed through this host.
It is unwise to try to change this.
+confMESSAGEID_HEADER Message-Id: [<$t.$i@$j>] The format of an
+ internally generated Message-Id:
+ header.
confCW_FILE Fw class [/etc/mail/local-host-names] Name
of file used to get the local
additions to class {w} (local host
@@ -3590,6 +3766,10 @@ confTO_QUEUERETURN_NONURGENT
Timeout.queuereturn.non-urgent
[undefined] As above, for non-urgent
(low) priority messages.
+confTO_QUEUERETURN_DSN
+ Timeout.queuereturn.dsn
+ [undefined] As above, for delivery
+ status notification messages.
confTO_QUEUEWARN Timeout.queuewarn
[4h] The timeout before a warning
message is sent to the sender telling
@@ -3605,6 +3785,10 @@ confTO_QUEUEWARN_NONURGENT
Timeout.queuewarn.non-urgent
[undefined] As above, for non-urgent
(low) priority messages.
+confTO_QUEUEWARN_DSN
+ Timeout.queuewarn.dsn
+ [undefined] As above, for delivery
+ status notification messages.
confTO_HOSTSTATUS Timeout.hoststatus
[30m] How long information about host
statuses will be maintained before it
@@ -3653,6 +3837,8 @@ confUSERDB_SPEC UserDatabaseSpec
[undefined] User database
specification.
confFALLBACK_MX FallbackMXhost [undefined] Fallback MX host.
+confFALLBACK_SMARTHOST FallbackSmartHost
+ [undefined] Fallback smart host.
confTRY_NULL_MX_LIST TryNullMXList [False] If this host is the best MX
for a host and other arrangements
haven't been made, try connecting
@@ -3670,6 +3856,8 @@ confREFUSE_LA RefuseLA [varies] Load average at which
numproc) where numproc is the
number of processors online (if
that can be determined).
+confREJECT_LOG_INTERVAL RejectLogInterval [3h] Log interval when
+ refusing connections for this long.
confDELAY_LA DelayLA [0] Load average at which sendmail
will sleep for one second on most
SMTP commands and before accepting
@@ -3688,7 +3876,6 @@ confMAX_HEADERS_LENGTH MaxHeadersLength
confMAX_MIME_HEADER_LENGTH MaxMimeHeaderLength
[undefined] Maximum length of
certain MIME header field values.
- If not set, sendmail uses 2048/1024.
confCONNECTION_RATE_THROTTLE ConnectionRateThrottle
[undefined] The maximum number of
connections permitted per second per
@@ -3696,6 +3883,10 @@ confCONNECTION_RATE_THROTTLE ConnectionRateThrottle
are accepted, further connections
will be delayed. If not set or <= 0,
there is no limit.
+confCONNECTION_RATE_WINDOW_SIZE ConnectionRateWindowSize
+ [60s] Define the length of the
+ interval for which the number of
+ incoming connections is maintained.
confWORK_RECIPIENT_FACTOR
RecipientFactor [30000] Cost of each recipient.
confSEPARATE_PROC ForkEachJob [False] Run all deliveries in a
@@ -3768,7 +3959,7 @@ confMAX_QUEUE_CHILDREN MaxQueueChildren
of concurrent queue runners active.
This is to keep system resources used
within a reasonable limit. Relates to
- Queue Groups and ForkAllJobs.
+ Queue Groups and ForkEachJob.
confMAX_RUNNERS_PER_QUEUE MaxRunnersPerQueue
[1] Only active when MaxQueueChildren
defined. Controls the maximum number
@@ -3909,7 +4100,11 @@ confAUTH_MECHANISMS AuthMechanisms [GSSAPI KERBEROS_V4 DIGEST-MD5
authentication mechanisms will be the
intersection of this list and the list
of available mechanisms as determined
- by the CYRUS SASL library.
+ by the Cyrus SASL library.
+confAUTH_REALM AuthRealm [undefined] The authentication realm
+ that is passed to the Cyrus SASL
+ library. If no realm is specified,
+ $j is used.
confDEF_AUTH_INFO DefaultAuthInfo [undefined] Name of file that contains
authentication information for
outgoing connections. This file must
@@ -3973,6 +4168,10 @@ confCLIENT_CERT ClientCertFile [undefined] File containing the
confCLIENT_KEY ClientKeyFile [undefined] File containing the
private key belonging to the client
cert.
+confCRL CRLFile [undefined] File containing certificate
+ revocation status, useful for X.509v3
+ authentication. Note that CRL requires
+ at least OpenSSL version 0.9.7.
confDH_PARAMETERS DHParameters [undefined] File containing the
DH parameters.
confRAND_FILE RandFile [undefined] File containing random
@@ -3992,6 +4191,10 @@ confUSE_MSP UseMSP [false] Use as mail submission
program, see sendmail/SECURITY.
confDELIVER_BY_MIN DeliverByMin [0] Minimum time for Deliver By
SMTP Service Extension (RFC 2852).
+confREQUIRES_DIR_FSYNC RequiresDirfsync [true] RequiresDirfsync can
+ be used to turn off the compile time
+ flag REQUIRES_DIR_FSYNC at runtime.
+ See sendmail/README for details.
confSHARED_MEMORY_KEY SharedMemoryKey [0] Key for shared memory.
confFAST_SPLIT FastSplit [1] If set to a value greater than
zero, the initial MX lookups on
@@ -4035,6 +4238,9 @@ confMILTER_MACROS_ENVRCPT Milter.macros.envrcpt
[{rcpt_mailer}, {rcpt_host},
{rcpt_addr}] Macros to transmit to
milters after RCPT TO command.
+confMILTER_MACROS_EOM Milter.macros.eom
+ [{msg_id}] Macros to transmit to
+ milters after DATA command.
See also the description of OSTYPE for some parameters that can be
@@ -4177,6 +4383,12 @@ adding the following to your sendmail.mc file:
R$* $: $&{auth_authen}
Rsmmsp $# OK
+Note: the authentication data can leak to local users who invoke
+the MSP with debug options or even with -v. For that reason either
+an authentication mechanism that does not show the password in the
+AUTH dialogue (e.g., DIGEST-MD5) or a different authentication
+method like STARTTLS should be used.
+
feature/msp.m4 defines almost all settings for the MSP. Most of
those should not be changed at all. Some of the features and options
can be overridden if really necessary. It is a bit tricky to do
@@ -4375,4 +4587,4 @@ M4 DIVERSIONS
8 DNS based blacklists
9 special local rulesets (1 and 2)
-$Revision: 8.623.2.27 $, Last updated $Date: 2004/01/11 17:58:25 $
+$Revision: 8.691 $, Last updated $Date: 2004/07/19 17:47:34 $
diff --git a/contrib/sendmail/cf/cf/Makefile b/contrib/sendmail/cf/cf/Makefile
index 9a69a1805af0..04d5eeeec137 100644
--- a/contrib/sendmail/cf/cf/Makefile
+++ b/contrib/sendmail/cf/cf/Makefile
@@ -1,7 +1,7 @@
#
# Makefile for configuration files.
#
-# $Id: Makefile,v 8.56 2001/12/13 23:56:37 gshapiro Exp $
+# $Id: Makefile,v 8.58 2003/10/20 22:01:00 ca Exp $
#
#
@@ -19,6 +19,8 @@ SUBMIT= submit
MAILDIR=/etc/mail
M4= m4
CFDIR= ..
+SED= sed
+ECHO= echo
CHMOD= chmod
ROMODE= 444
RM= rm -f
@@ -35,6 +37,8 @@ CFMODE=0444
.mc.cf:
$(RM) $@
$(M4) ${CFDIR}/m4/cf.m4 $*.mc > $@ || ( $(RM) $@ && exit 1 )
+ $(ECHO) "### $*.mc ###" >>$@
+ $(SED) -e 's/^/# /' $*.mc >>$@
$(CHMOD) $(ROMODE) $@
GENERIC=generic-bsd4.4.cf generic-hpux9.cf generic-hpux10.cf \
@@ -99,6 +103,7 @@ M4FILES=\
${CFDIR}/feature/bestmx_is_local.m4 \
${CFDIR}/feature/bitdomain.m4 \
${CFDIR}/feature/blacklist_recipients.m4 \
+ ${CFDIR}/feature/conncontrol.m4 \
${CFDIR}/feature/dnsbl.m4 \
${CFDIR}/feature/domaintable.m4 \
${CFDIR}/feature/generics_entire_domain.m4 \
@@ -113,12 +118,12 @@ M4FILES=\
${CFDIR}/feature/masquerade_envelope.m4 \
${CFDIR}/feature/no_default_msa.m4 \
${CFDIR}/feature/nocanonify.m4 \
- ${CFDIR}/feature/nodns.m4 \
${CFDIR}/feature/notsticky.m4 \
${CFDIR}/feature/nouucp.m4 \
${CFDIR}/feature/nullclient.m4 \
${CFDIR}/feature/promiscuous_relay.m4 \
${CFDIR}/feature/redirect.m4 \
+ ${CFDIR}/feature/ratecontrol.m4 \
${CFDIR}/feature/relay_based_on_MX.m4 \
${CFDIR}/feature/relay_entire_domain.m4 \
${CFDIR}/feature/relay_hosts_only.m4 \
diff --git a/contrib/sendmail/cf/cf/knecht.mc b/contrib/sendmail/cf/cf/knecht.mc
index 6c370fdc7fa1..98dbef9eea54 100644
--- a/contrib/sendmail/cf/cf/knecht.mc
+++ b/contrib/sendmail/cf/cf/knecht.mc
@@ -19,16 +19,15 @@ divert(-1)
#
divert(0)
-VERSIONID(`$Id: knecht.mc,v 8.55 2001/08/01 22:20:40 eric Exp $')
+VERSIONID(`$Id: knecht.mc,v 8.58 2004/01/28 00:54:41 eric Exp $')
OSTYPE(bsd4.4)
DOMAIN(generic)
-define(`ALIAS_FILE', ``/etc/mail/aliases, /var/listmanager/aliases'')
+define(`ALIAS_FILE', ``/etc/mail/aliases, /etc/mail/lists/sendmail.org/aliases, /var/listmanager/aliases'')
define(`confFORWARD_PATH', `$z/.forward.$w:$z/.forward+$h:$z/.forward')
define(`confDEF_USER_ID', `mailnull')
define(`confHOST_STATUS_DIRECTORY', `.hoststat')
define(`confTO_ICONNECT', `10s')
-define(`confCOPY_ERRORS_TO', `Postmaster')
define(`confTO_QUEUEWARN', `8h')
define(`confMIN_QUEUE_AGE', `27m')
define(`confTRUSTED_USERS', ``www listmgr'')
@@ -42,9 +41,12 @@ define(`confSERVER_KEY', `CERT_DIR/MYkey.pem')
define(`confCLIENT_CERT', `CERT_DIR/MYcert.pem')
define(`confCLIENT_KEY', `CERT_DIR/MYkey.pem')
+define(`CYRUS_MAILER_PATH', `/usr/local/cyrus/bin/deliver')
+
FEATURE(access_db)
FEATURE(local_lmtp)
FEATURE(virtusertable)
+FEATURE(mailertable)
FEATURE(`nocanonify', `canonify_hosts')
CANONIFY_DOMAIN(`sendmail.org')
@@ -61,8 +63,17 @@ define(`confFAST_SPLIT', `10')
dnl # 10 runners, split into at most 15 recipients per envelope
QUEUE_GROUP(`mqueue', `P=/var/spool/mqueue, R=5, r=15, F=f')
+
+dnl # enable spam assassin
+INPUT_MAIL_FILTER(`spamassassin', `S=local:/var/run/spamass-milter.sock, F=, T=C:15m;S:4m;R:4m;E:10m')
+
MAILER(local)
MAILER(smtp)
+MAILER(cyrus)
+
+LOCAL_RULE_0
+Rcyrus.$+ + $+ < @ $=w . > $#cyrus $@ $2 $: $1
+Rcyrus.$+ < @ $=w . > $#cyrus $: $1
LOCAL_CONFIG
#
@@ -73,6 +84,7 @@ LOCAL_CONFIG
Kcheckaddress regex -a@MATCH
^([0-9]+<@(aol|msn)\.com|[0-9][^<]*<@juno\.com)\.?>
+######################################################################
#
# Names that won't be allowed in a To: line (local-part and domains)
#
@@ -86,18 +98,42 @@ SCheckTo
R$={RejectToLocalparts}@$* $#error $: "553 Header error"
R$*@$={RejectToDomains} $#error $: "553 Header error"
+######################################################################
HMessage-Id: $>CheckMessageId
SCheckMessageId
+# Record the presence of the header
+R$* $: $(storage {MessageIdCheck} $@ OK $) $1
+
+# validate syntax
R< $+ @ $+ > $@ OK
R$* $#error $: "554 Header error"
+
+######################################################################
HReceived: $>CheckReceived
SCheckReceived
+# Record the presence of any Received header
+R$* $: $(storage {ReceivedCheck} $@ OK $) $1
+
+# check syntax
R$* ......................................................... $*
$#error $: "554 Header error"
+######################################################################
+#
+# Reject advertising subjects
+#
+
+Kadvsubj regex -b -a@MATCH ?
+HSubject: $>+CheckSubject
+SCheckSubject
+R$* $: $(advsubj $&{currHeader} $: OK $)
+ROK $@ OK
+R$* $#error $@ 5.7.0 $: 550 5.7.0 spam rejected.
+
+######################################################################
#
# Reject certain senders
# Regex match to catch things in quotes
@@ -159,13 +195,65 @@ LOCAL_RULESETS
KSirCamWormMarker regex -f -aSUSPECT multipart/mixed;boundary=----.+_Outlook_Express_message_boundary
HContent-Type: $>CheckContentType
+######################################################################
SCheckContentType
R$+ $: $(SirCamWormMarker $1 $)
RSUSPECT $#error $: "553 Possible virus, see http://www.symantec.com/avcenter/venc/data/w32.sircam.worm@mm.html"
HContent-Disposition: $>CheckContentDisposition
+######################################################################
SCheckContentDisposition
R$- $@ OK
R$- ; $+ $@ OK
R$* $#error $: "553 Illegal Content-Disposition"
+
+
+#
+# Sobig.F
+#
+
+LOCAL_CONFIG
+Kstorage macro
+
+LOCAL_RULESETS
+######################################################################
+### check for the existance of the X-MailScanner Header
+HX-MailScanner: $>+CheckXMSc
+D{SobigFPat}Found to be clean
+D{SobigFMsg}This message may contain the Sobig.F virus.
+
+SCheckXMSc
+### if it exists, and the defined value is set, record the presence
+R${SobigFPat} $* $: $(storage {SobigFCheck} $@ SobigF $) $1
+R$* $@ OK
+
+######################################################################
+Scheck_eoh
+# Check if a Message-Id was found
+R$* $: < $&{MessageIdCheck} >
+
+# If Message-Id was found clear the X-MailScanner store and return with OK
+R< $+ > $@ OK $>ClearStorage
+
+# Are we the first Hop?
+R$* $: < $&{ReceivedCheck} >
+R< $+ > $@ OK $>ClearStorage
+
+# no Message-Id->check X-Mailscanner presence, too
+R$* $: < $&{SobigFCheck} >
+
+# clear store
+R$* $: $>ClearStorage $1
+# no msgid, first hop and Header found? -> reject the message
+R < SobigF > $#error $: 553 ${SobigFMsg}
+
+# No Header! Fine, take the message
+R$* $@ OK
+
+######################################################################
+SClearStorage
+R$* $: $(storage {SobigFCheck} $) $1
+R$* $: $(storage {ReceivedCheck} $) $1
+R$* $: $(storage {MessageIdCheck} $) $1
+R$* $@ $1
diff --git a/contrib/sendmail/cf/cf/submit.cf b/contrib/sendmail/cf/cf/submit.cf
index cb9f8c708d02..ee9ae0936d36 100644
--- a/contrib/sendmail/cf/cf/submit.cf
+++ b/contrib/sendmail/cf/cf/submit.cf
@@ -1,5 +1,5 @@
#
-# Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers.
+# Copyright (c) 1998-2004 Sendmail, Inc. and its suppliers.
# All rights reserved.
# Copyright (c) 1983, 1995 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
@@ -16,6 +16,9 @@
#####
##### SENDMAIL CONFIGURATION FILE
#####
+##### built by ca@wiz.smi.sendmail.com on Fri Jul 30 11:06:26 PDT 2004
+##### in /extra/home/ca/sm-8.13.1/OpenSource/sendmail-8.13.1/cf/cf
+##### using ../ as configuration include directory
#####
######################################################################
#####
@@ -24,15 +27,15 @@
######################################################################
######################################################################
-##### $Id: cfhead.m4,v 8.108.2.6 2003/12/05 02:26:47 ca Exp $ #####
+##### $Id: cfhead.m4,v 8.116 2004/01/28 22:02:22 ca Exp $ #####
##### $Id: cf.m4,v 8.32 1999/02/07 07:26:14 gshapiro Exp $ #####
-##### $Id: submit.mc,v 8.6.2.7 2003/09/10 22:11:56 ca Exp $ #####
-##### $Id: msp.m4,v 1.32 2002/03/26 22:02:03 ca Exp $ #####
+##### $Id: submit.mc,v 8.13 2003/09/10 22:12:48 ca Exp $ #####
+##### $Id: msp.m4,v 1.33 2004/02/09 22:32:38 ca Exp $ #####
##### $Id: no_default_msa.m4,v 8.2 2001/02/14 05:03:22 gshapiro Exp $ #####
-##### $Id: proto.m4,v 8.649.2.30 2004/01/11 17:54:06 ca Exp $ #####
+##### $Id: proto.m4,v 8.710 2004/07/27 17:32:48 ca Exp $ #####
# level 10 config file format
V10/Berkeley
@@ -111,7 +114,7 @@ D{MTAHost}[127.0.0.1]
# Configuration version number
-DZ8.12.11/Submit
+DZ8.13.1/Submit
###############
@@ -134,7 +137,7 @@ O AliasWait=10
O MinFreeBlocks=100
# maximum message size
-#O MaxMessageSize=1000000
+#O MaxMessageSize=0
# substitution for space (blank) characters
O BlankSub=.
@@ -277,19 +280,19 @@ O QueueDirectory=/var/spool/clientmqueue
#O Timeout.quit=2m
#O Timeout.misc=2m
#O Timeout.command=1h
-O Timeout.ident=0
+#O Timeout.ident=5s
#O Timeout.fileopen=60s
#O Timeout.control=2m
O Timeout.queuereturn=5d
#O Timeout.queuereturn.normal=5d
#O Timeout.queuereturn.urgent=2d
#O Timeout.queuereturn.non-urgent=7d
-
+#O Timeout.queuereturn.dsn=5d
O Timeout.queuewarn=4h
#O Timeout.queuewarn.normal=4h
#O Timeout.queuewarn.urgent=1h
#O Timeout.queuewarn.non-urgent=12h
-
+#O Timeout.queuewarn.dsn=4h
#O Timeout.hoststatus=30m
#O Timeout.resolver.retrans=5s
#O Timeout.resolver.retrans.first=5s
@@ -328,6 +331,9 @@ O TimeZoneSpec=
# fallback MX host
#O FallbackMXhost=fall.back.host.net
+# fallback smart host
+#O FallbackSmartHost=fall.back.host.net
+
# if we are the best MX host for a site, try it directly instead of config err
#O TryNullMXList=False
@@ -337,6 +343,9 @@ O TimeZoneSpec=
# load average at which we refuse connections
#O RefuseLA=12
+# log interval when refusing connections for this long
+#O RejectLogInterval=3h
+
# load average at which we delay connections; 0 means no limit
#O DelayLA=0
@@ -346,6 +355,9 @@ O TimeZoneSpec=
# maximum number of new connections per second
#O ConnectionRateThrottle=0
+# Width of the window
+#O ConnectionRateWindowSize=60s
+
# work recipient factor
#O RecipientFactor=30000
@@ -418,11 +430,11 @@ O DontInitGroups=True
O RunAsUser=smmsp
# maximum number of recipients per SMTP envelope
-#O MaxRecipientsPerMessage=100
+#O MaxRecipientsPerMessage=0
# limit the rate recipients per SMTP envelope are accepted
# once the threshold number of recipients have been rejected
-#O BadRcptThrottle=20
+#O BadRcptThrottle=0
# shall we get local names from our installed interfaces?
O DontProbeInterfaces=True
@@ -440,7 +452,7 @@ O TrustedUser=smmsp
#O ControlSocketName=/var/spool/mqueue/.control
# Maximum MIME header length to protect MUAs
-#O MaxMimeHeaderLength=2048/1024
+#O MaxMimeHeaderLength=0/0
# Maximum length of the sum of all headers
#O MaxHeadersLength=32768
@@ -463,9 +475,15 @@ O PidFile=/var/spool/clientmqueue/sm-client.pid
# lookup type to find information about local mailboxes
#O MailboxDatabase=pw
+# override compile time flag REQUIRES_DIR_FSYNC
+#O RequiresDirfsync=true
+
# list of authentication mechanisms
#O AuthMechanisms=EXTERNAL GSSAPI KERBEROS_V4 DIGEST-MD5 CRAM-MD5
+# Authentication realm
+#O AuthRealm
+
# default authentication information for outgoing connections
#O DefaultAuthInfo=/etc/mail/default-auth-info
@@ -494,6 +512,8 @@ O PidFile=/var/spool/clientmqueue/sm-client.pid
#O ClientCertFile
# Client private key
#O ClientKeyFile
+# File containing certificate revocation lists
+#O CRLFile
# DHParameters (only required if DSA/DH is used)
#O DHParameters
# Random data source (required for systems without /dev/urandom under OpenSSL)
@@ -944,6 +964,8 @@ R<$+> $* $@ $2
### check_relay -- check hostname/address on SMTP startup
######################################################################
+
+
SLocal_check_relay
Scheck_relay
R$* $: $1 $| $>"Local_check_relay" $1
@@ -1086,6 +1108,7 @@ R$+ < @ $* $=R > $@ RELAY
+
# check for local user (i.e. unqualified address)
R$* $: <?> $1
R<?> $* < @ $+ > $: <REMOTE> $1 < @ $2 >
@@ -1111,7 +1134,7 @@ R$=w $@ RELAY ... and see if it is local
# check client name: first: did it resolve?
R$* $: < $&{client_resolve} >
-R<TEMP> $#TEMP $@ 4.7.1 $: "450 Relaying temporarily denied. Cannot resolve PTR record for " $&{client_addr}
+R<TEMP> $#TEMP $@ 4.4.0 $: "450 Relaying temporarily denied. Cannot resolve PTR record for " $&{client_addr}
R<FORGED> $#error $@ 5.7.1 $: "550 Relaying denied. IP name possibly forged " $&{client_name}
R<FAIL> $#error $@ 5.7.1 $: "550 Relaying denied. IP name lookup failed " $&{client_name}
R$* $: <@> $&{client_name}
@@ -1151,6 +1174,28 @@ R$* $#error $@ 5.7.1 $: "550 " $&{auth_authen} " not allowed to act as " $&{au
######################################################################
SLocal_Relay_Auth
+######################################################################
+### srv_features: which features to offer to a client?
+### (done in server)
+######################################################################
+Ssrv_features
+
+
+######################################################################
+### try_tls: try to use STARTTLS?
+### (done in client)
+######################################################################
+Stry_tls
+
+
+######################################################################
+### tls_rcpt: is connection with server "good" enough?
+### (done in client, per recipient)
+###
+### Parameters:
+### $1: recipient
+######################################################################
+Stls_rcpt
######################################################################
@@ -1205,6 +1250,10 @@ Sauthinfo
+
+
+
+
SLocal_localaddr
R$+ $: $>ParseRecipient $1
R$* < @ $+ > $* $#relay $@ ${MTAHost} $: $1 < @ $2 > $3
@@ -1374,3 +1423,30 @@ Mrelay, P=[IPC], F=mDFMuXa8k, S=EnvFromSMTP/HdrFromSMTP, R=MasqSMTP, E=\r\n, L=
T=DNS/RFC822/SMTP,
A=TCP $h
+### submit.mc ###
+# divert(-1)
+# #
+# # Copyright (c) 2001-2003 Sendmail, Inc. and its suppliers.
+# # All rights reserved.
+# #
+# # By using this file, you agree to the terms and conditions set
+# # forth in the LICENSE file which can be found at the top level of
+# # the sendmail distribution.
+# #
+# #
+#
+# #
+# # This is the prototype file for a set-group-ID sm-msp sendmail that
+# # acts as a initial mail submission program.
+# #
+#
+# divert(0)dnl
+# VERSIONID(`$Id: submit.mc,v 8.13 2003/09/10 22:12:48 ca Exp $')
+# define(`confCF_VERSION', `Submit')dnl
+# define(`__OSTYPE__',`')dnl dirty hack to keep proto.m4 from complaining
+# define(`_USE_DECNET_SYNTAX_', `1')dnl support DECnet
+# define(`confTIME_ZONE', `USE_TZ')dnl
+# define(`confDONT_INIT_GROUPS', `True')dnl
+# dnl
+# dnl If you use IPv6 only, change [127.0.0.1] to [IPv6:::1]
+# FEATURE(`msp', `[127.0.0.1]')dnl
diff --git a/contrib/sendmail/cf/cf/submit.mc b/contrib/sendmail/cf/cf/submit.mc
index 26393c381969..610bbeff32a4 100644
--- a/contrib/sendmail/cf/cf/submit.mc
+++ b/contrib/sendmail/cf/cf/submit.mc
@@ -15,7 +15,7 @@ divert(-1)
#
divert(0)dnl
-VERSIONID(`$Id: submit.mc,v 8.6.2.7 2003/09/10 22:11:56 ca Exp $')
+VERSIONID(`$Id: submit.mc,v 8.13 2003/09/10 22:12:48 ca Exp $')
define(`confCF_VERSION', `Submit')dnl
define(`__OSTYPE__',`')dnl dirty hack to keep proto.m4 from complaining
define(`_USE_DECNET_SYNTAX_', `1')dnl support DECnet
diff --git a/contrib/sendmail/cf/feature/access_db.m4 b/contrib/sendmail/cf/feature/access_db.m4
index 796cc13219d2..5488a452745e 100644
--- a/contrib/sendmail/cf/feature/access_db.m4
+++ b/contrib/sendmail/cf/feature/access_db.m4
@@ -1,6 +1,6 @@
divert(-1)
#
-# Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers.
+# Copyright (c) 1998-2002, 2004 Sendmail, Inc. and its suppliers.
# All rights reserved.
#
# By using this file, you agree to the terms and conditions set
@@ -10,7 +10,7 @@ divert(-1)
#
divert(0)
-VERSIONID(`$Id: access_db.m4,v 8.24 2002/03/06 21:50:25 ca Exp $')
+VERSIONID(`$Id: access_db.m4,v 8.26 2004/06/24 18:10:02 ca Exp $')
divert(-1)
define(`_ACCESS_TABLE_', `')
@@ -33,9 +33,12 @@ ifelse(defn(`_ARG_'), `', `',
')
')
')
+ifdef(`_GREET_PAUSE_',
+ `errprint(`*** WARNING: FEATURE(`greet_pause') before FEATURE(`access_db')
+ greet_pause will not use access_db!')')
LOCAL_CONFIG
# Access list database (for spam stomping)
Kaccess ifelse(defn(`_ARG_'), `', DATABASE_MAP_TYPE -T`'_ATMPF_ MAIL_SETTINGS_DIR`access',
- defn(`_ARG_'), `LDAP', `ldap -T`'_ATMPF_ -1 -v sendmailMTAMapValue -k (&(objectClass=sendmailMTAMapObject)(|(sendmailMTACluster=${sendmailMTACluster})(sendmailMTAHost=$j))(sendmailMTAMapName=access)(sendmailMTAKey=%0))',
+ defn(`_ARG_'), `LDAP', `ldap -T`'_ATMPF_ -1 -v sendmailMTAMapValue,sendmailMTAMapSearch:FILTER:sendmailMTAMapObject,sendmailMTAMapURL:URL:sendmailMTAMapObject -k (&(objectClass=sendmailMTAMapObject)(|(sendmailMTACluster=${sendmailMTACluster})(sendmailMTAHost=$j))(sendmailMTAMapName=access)(sendmailMTAKey=%0))',
defn(`_NARG_'), `', `_ARG_', `_NARG_')
diff --git a/contrib/sendmail/cf/feature/authinfo.m4 b/contrib/sendmail/cf/feature/authinfo.m4
index 3533d3067946..99dd6e9e2361 100644
--- a/contrib/sendmail/cf/feature/authinfo.m4
+++ b/contrib/sendmail/cf/feature/authinfo.m4
@@ -1,6 +1,6 @@
divert(-1)
#
-# Copyright (c) 2000-2001 Sendmail, Inc. and its suppliers.
+# Copyright (c) 2000-2002 Sendmail, Inc. and its suppliers.
# All rights reserved.
#
# By using this file, you agree to the terms and conditions set
@@ -10,7 +10,7 @@ divert(-1)
#
divert(0)
-VERSIONID(`$Id: authinfo.m4,v 1.7 2001/03/16 00:51:25 gshapiro Exp $')
+VERSIONID(`$Id: authinfo.m4,v 1.9 2002/06/27 23:23:57 gshapiro Exp $')
divert(-1)
define(`_AUTHINFO_TABLE_', `')
@@ -18,5 +18,5 @@ define(`_AUTHINFO_TABLE_', `')
LOCAL_CONFIG
# authinfo list database: contains info for authentication as client
Kauthinfo ifelse(defn(`_ARG_'), `', DATABASE_MAP_TYPE MAIL_SETTINGS_DIR`authinfo',
- defn(`_ARG_'), `LDAP', `ldap -1 -v sendmailMTAMapValue -k (&(objectClass=sendmailMTAMapObject)(|(sendmailMTACluster=${sendmailMTACluster})(sendmailMTAHost=$j))(sendmailMTAMapName=authinfo)(sendmailMTAKey=%0))',
+ defn(`_ARG_'), `LDAP', `ldap -1 -v sendmailMTAMapValue,sendmailMTAMapSearch:FILTER:sendmailMTAMapObject,sendmailMTAMapURL:URL:sendmailMTAMapObject -k (&(objectClass=sendmailMTAMapObject)(|(sendmailMTACluster=${sendmailMTACluster})(sendmailMTAHost=$j))(sendmailMTAMapName=authinfo)(sendmailMTAKey=%0))',
`_ARG_')
diff --git a/contrib/sendmail/cf/feature/bitdomain.m4 b/contrib/sendmail/cf/feature/bitdomain.m4
index 3232be80d316..2ff3fa6eecd0 100644
--- a/contrib/sendmail/cf/feature/bitdomain.m4
+++ b/contrib/sendmail/cf/feature/bitdomain.m4
@@ -1,6 +1,6 @@
divert(-1)
#
-# Copyright (c) 1998, 1999, 2001 Sendmail, Inc. and its suppliers.
+# Copyright (c) 1998, 1999, 2001-2002 Sendmail, Inc. and its suppliers.
# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
@@ -13,7 +13,7 @@ divert(-1)
#
divert(0)
-VERSIONID(`$Id: bitdomain.m4,v 8.28 2001/03/16 00:51:25 gshapiro Exp $')
+VERSIONID(`$Id: bitdomain.m4,v 8.30 2002/06/27 23:23:57 gshapiro Exp $')
divert(-1)
define(`_BITDOMAIN_TABLE_', `')
@@ -21,5 +21,5 @@ define(`_BITDOMAIN_TABLE_', `')
LOCAL_CONFIG
# BITNET mapping table
Kbitdomain ifelse(defn(`_ARG_'), `', DATABASE_MAP_TYPE MAIL_SETTINGS_DIR`bitdomain',
- defn(`_ARG_'), `LDAP', `ldap -1 -v sendmailMTAMapValue -k (&(objectClass=sendmailMTAMapObject)(|(sendmailMTACluster=${sendmailMTACluster})(sendmailMTAHost=$j))(sendmailMTAMapName=bitdomain)(sendmailMTAKey=%0))',
+ defn(`_ARG_'), `LDAP', `ldap -1 -v sendmailMTAMapValue,sendmailMTAMapSearch:FILTER:sendmailMTAMapObject,sendmailMTAMapURL:URL:sendmailMTAMapObject -k (&(objectClass=sendmailMTAMapObject)(|(sendmailMTACluster=${sendmailMTACluster})(sendmailMTAHost=$j))(sendmailMTAMapName=bitdomain)(sendmailMTAKey=%0))',
`_ARG_')
diff --git a/contrib/sendmail/cf/feature/conncontrol.m4 b/contrib/sendmail/cf/feature/conncontrol.m4
new file mode 100644
index 000000000000..87c23b0fd548
--- /dev/null
+++ b/contrib/sendmail/cf/feature/conncontrol.m4
@@ -0,0 +1,36 @@
+divert(-1)
+#
+# Copyright (c) 2003, 2004 Sendmail, Inc. and its suppliers.
+# All rights reserved.
+#
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+#
+#
+
+divert(0)
+VERSIONID(`$Id: conncontrol.m4,v 1.4 2004/02/19 21:31:47 ca Exp $')
+
+divert(-1)
+ifdef(`_ACCESS_TABLE_', `
+ define(`_CONN_CONTROL_', `1')
+ ifelse(defn(`_ARG_'), `', `',
+ strcasecmp(defn(`_ARG_'), `nodelay'), `1',
+ `ifdef(`_DELAY_CHECKS_',
+ `
+ define(`_CONN_CONTROL_IMMEDIATE_', `1')
+ define(`_CONTROL_IMMEDIATE_', `1')
+ ',
+ `errprint(`*** ERROR: FEATURE(`conncontrol', `nodelay') requires FEATURE(`delay_checks')')'
+ )',
+ `errprint(`*** ERROR: unknown parameter '"defn(`_ARG_')"` for FEATURE(`conncontrol')')')
+ define(`_FFR_SRCHLIST_A', `1')
+ ifelse(len(X`'_ARG2_), `1', `',
+ _ARG2_, `terminate', `define(`_CONN_CONTROL_REPLY', `421')',
+ `errprint(`*** ERROR: FEATURE(`conncontrol'): unknown argument '"_ARG2_"
+)'
+ )
+ ', `errprint(`*** ERROR: FEATURE(`conncontrol') requires FEATURE(`access_db')
+')')
+ifdef(`_CONN_CONTROL_REPLY',,`define(`_CONN_CONTROL_REPLY', `452')')
diff --git a/contrib/sendmail/cf/feature/dnsbl.m4 b/contrib/sendmail/cf/feature/dnsbl.m4
index 7389646bec1a..c560586cf460 100644
--- a/contrib/sendmail/cf/feature/dnsbl.m4
+++ b/contrib/sendmail/cf/feature/dnsbl.m4
@@ -9,11 +9,10 @@ divert(-1)
#
#
-dnl 8.13: ifdef(`DNSBL_MAP', `', `define(`DNSBL_MAP', `dns -R A')')
-ifdef(`DNSBL_MAP', `', `define(`DNSBL_MAP', `host')')
+ifdef(`DNSBL_MAP', `', `define(`DNSBL_MAP', `dns -R A')')
divert(0)
ifdef(`_DNSBL_R_',`dnl',`dnl
-VERSIONID(`$Id: dnsbl.m4,v 8.28 2002/05/19 21:22:40 gshapiro Exp $')
+VERSIONID(`$Id: dnsbl.m4,v 8.29 2002/08/09 21:02:08 ca Exp $')
define(`_DNSBL_R_',`')
LOCAL_CONFIG
# map for DNS based blacklist lookups
diff --git a/contrib/sendmail/cf/feature/domaintable.m4 b/contrib/sendmail/cf/feature/domaintable.m4
index b04b4971b863..fadf816ca0ff 100644
--- a/contrib/sendmail/cf/feature/domaintable.m4
+++ b/contrib/sendmail/cf/feature/domaintable.m4
@@ -1,6 +1,6 @@
divert(-1)
#
-# Copyright (c) 1998, 1999, 2001 Sendmail, Inc. and its suppliers.
+# Copyright (c) 1998, 1999, 2001-2002 Sendmail, Inc. and its suppliers.
# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
@@ -13,7 +13,7 @@ divert(-1)
#
divert(0)
-VERSIONID(`$Id: domaintable.m4,v 8.22 2001/03/16 00:51:25 gshapiro Exp $')
+VERSIONID(`$Id: domaintable.m4,v 8.24 2002/06/27 23:23:57 gshapiro Exp $')
divert(-1)
define(`_DOMAIN_TABLE_', `')
@@ -21,5 +21,5 @@ define(`_DOMAIN_TABLE_', `')
LOCAL_CONFIG
# Domain table (adding domains)
Kdomaintable ifelse(defn(`_ARG_'), `', DATABASE_MAP_TYPE MAIL_SETTINGS_DIR`domaintable',
- defn(`_ARG_'), `LDAP', `ldap -1 -v sendmailMTAMapValue -k (&(objectClass=sendmailMTAMapObject)(|(sendmailMTACluster=${sendmailMTACluster})(sendmailMTAHost=$j))(sendmailMTAMapName=domain)(sendmailMTAKey=%0))',
+ defn(`_ARG_'), `LDAP', `ldap -1 -v sendmailMTAMapValue,sendmailMTAMapSearch:FILTER:sendmailMTAMapObject,sendmailMTAMapURL:URL:sendmailMTAMapObject -k (&(objectClass=sendmailMTAMapObject)(|(sendmailMTACluster=${sendmailMTACluster})(sendmailMTAHost=$j))(sendmailMTAMapName=domain)(sendmailMTAKey=%0))',
`_ARG_')
diff --git a/contrib/sendmail/cf/feature/genericstable.m4 b/contrib/sendmail/cf/feature/genericstable.m4
index c20022a91850..dfdfeac86272 100644
--- a/contrib/sendmail/cf/feature/genericstable.m4
+++ b/contrib/sendmail/cf/feature/genericstable.m4
@@ -1,6 +1,6 @@
divert(-1)
#
-# Copyright (c) 1998, 1999, 2001 Sendmail, Inc. and its suppliers.
+# Copyright (c) 1998, 1999, 2001-2002 Sendmail, Inc. and its suppliers.
# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
@@ -13,7 +13,7 @@ divert(-1)
#
divert(0)
-VERSIONID(`$Id: genericstable.m4,v 8.21 2001/03/16 00:51:26 gshapiro Exp $')
+VERSIONID(`$Id: genericstable.m4,v 8.23 2002/06/27 23:23:57 gshapiro Exp $')
divert(-1)
define(`_GENERICS_TABLE_', `')
@@ -21,5 +21,5 @@ define(`_GENERICS_TABLE_', `')
LOCAL_CONFIG
# Generics table (mapping outgoing addresses)
Kgenerics ifelse(defn(`_ARG_'), `', DATABASE_MAP_TYPE MAIL_SETTINGS_DIR`genericstable',
- defn(`_ARG_'), `LDAP', `ldap -1 -v sendmailMTAMapValue -k (&(objectClass=sendmailMTAMapObject)(|(sendmailMTACluster=${sendmailMTACluster})(sendmailMTAHost=$j))(sendmailMTAMapName=generics)(sendmailMTAKey=%0))',
+ defn(`_ARG_'), `LDAP', `ldap -1 -v sendmailMTAMapValue,sendmailMTAMapSearch:FILTER:sendmailMTAMapObject,sendmailMTAMapURL:URL:sendmailMTAMapObject -k (&(objectClass=sendmailMTAMapObject)(|(sendmailMTACluster=${sendmailMTACluster})(sendmailMTAHost=$j))(sendmailMTAMapName=generics)(sendmailMTAKey=%0))',
`_ARG_')
diff --git a/contrib/sendmail/cf/feature/greet_pause.m4 b/contrib/sendmail/cf/feature/greet_pause.m4
new file mode 100644
index 000000000000..1dddb58e5054
--- /dev/null
+++ b/contrib/sendmail/cf/feature/greet_pause.m4
@@ -0,0 +1,44 @@
+divert(-1)
+#
+# Copyright (c) 2004 Sendmail, Inc. and its suppliers.
+# All rights reserved.
+#
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+#
+#
+
+divert(0)
+VERSIONID(`$Id: greet_pause.m4,v 1.4 2004/07/06 20:49:51 ca Exp $')
+divert(-1)
+
+ifelse(len(X`'_ARG_),`1',`ifdef(`_ACCESS_TABLE_', `',
+ `errprint(`*** ERROR: FEATURE(`greet_pause') requires FEATURE(`access_db')
+')')')
+
+define(`_GREET_PAUSE_', `')
+
+LOCAL_RULESETS
+######################################################################
+### greet_pause: lookup pause time before 220 greeting
+###
+### Parameters:
+### $1: {client_name}
+### $2: {client_addr}
+######################################################################
+SLocal_greet_pause
+Sgreet_pause
+R$* $: <$1><?> $| $>"Local_greet_pause" $1
+R<$*><?> $| $#$* $#$2
+R<$*><?> $| $* $: $1
+ifdef(`_ACCESS_TABLE_', `dnl
+R$+ $| $+ $: $>D < $1 > <?> <! GreetPause> < $2 >
+R $| $+ $: $>A < $1 > <?> <! GreetPause> <> empty client_name
+R<?> <$+> $: $>A < $1 > <?> <! GreetPause> <> no: another lookup
+ifelse(len(X`'_ARG_),`1',
+`R<?> <$*> $@',
+`R<?> <$*> $# _ARG_')
+R<$* <TMPF>> <$*> $@
+R<$+> <$*> $# $1',`dnl
+R$* $# _ARG_')
diff --git a/contrib/sendmail/cf/feature/ldap_routing.m4 b/contrib/sendmail/cf/feature/ldap_routing.m4
index 72a6e2643da7..ad7f142aafc5 100644
--- a/contrib/sendmail/cf/feature/ldap_routing.m4
+++ b/contrib/sendmail/cf/feature/ldap_routing.m4
@@ -1,6 +1,6 @@
divert(-1)
#
-# Copyright (c) 1999-2002 Sendmail, Inc. and its suppliers.
+# Copyright (c) 1999-2002, 2004 Sendmail, Inc. and its suppliers.
# All rights reserved.
#
# By using this file, you agree to the terms and conditions set
@@ -10,24 +10,31 @@ divert(-1)
#
divert(0)
-VERSIONID(`$Id: ldap_routing.m4,v 8.10 2002/03/27 22:17:43 ca Exp $')
+VERSIONID(`$Id: ldap_routing.m4,v 8.14 2004/02/18 02:45:11 gshapiro Exp $')
divert(-1)
# Check first two arguments. If they aren't set, may need to warn in proto.m4
ifelse(len(X`'_ARG1_), `1', `define(`_LDAP_ROUTING_WARN_', `yes')')
ifelse(len(X`'_ARG2_), `1', `define(`_LDAP_ROUTING_WARN_', `yes')')
+ifelse(len(X`'_ARG5_), `1', `', `define(`_LDAP_ROUTE_NODOMAIN_', `yes')')
# Check for third argument to indicate how to deal with non-existant
# LDAP records
ifelse(len(X`'_ARG3_), `1', `define(`_LDAP_ROUTING_', `_PASS_THROUGH_')',
_ARG3_, `passthru', `define(`_LDAP_ROUTING_', `_PASS_THROUGH_')',
+ _ARG3_, `sendertoo', `define(`_LDAP_ROUTING_', `_MUST_EXIST_')define(`_LDAP_SENDER_MUST_EXIST_')',
`define(`_LDAP_ROUTING_', `_MUST_EXIST_')')
-# Check for fouth argument to indicate how to deal with +detail info
+# Check for fourth argument to indicate how to deal with +detail info
ifelse(len(X`'_ARG4_), `1', `',
_ARG4_, `strip', `define(`_LDAP_ROUTE_DETAIL_', `_STRIP_')',
_ARG4_, `preserve', `define(`_LDAP_ROUTE_DETAIL_', `_PRESERVE_')')
+# Check for sixth argument to indicate how to deal with tempfails
+ifelse(len(X`'_ARG6_), `1', `define(`_LDAP_ROUTE_MAPTEMP_', `_QUEUE_')',
+ _ARG6_, `tempfail', `define(`_LDAP_ROUTE_MAPTEMP_', `_TEMPFAIL_')',
+ _ARG6_, `queue', `define(`_LDAP_ROUTE_MAPTEMP_', `_QUEUE_')')
+
LOCAL_CONFIG
# LDAP routing maps
Kldapmh ifelse(len(X`'_ARG1_), `1',
diff --git a/contrib/sendmail/cf/feature/local_lmtp.m4 b/contrib/sendmail/cf/feature/local_lmtp.m4
index f3c371b9384f..6f3888add2bc 100644
--- a/contrib/sendmail/cf/feature/local_lmtp.m4
+++ b/contrib/sendmail/cf/feature/local_lmtp.m4
@@ -1,6 +1,6 @@
divert(-1)
#
-# Copyright (c) 1998-2000 Sendmail, Inc. and its suppliers.
+# Copyright (c) 1998-2000, 2002 Sendmail, Inc. and its suppliers.
# All rights reserved.
#
# By using this file, you agree to the terms and conditions set
@@ -10,7 +10,7 @@ divert(-1)
#
divert(0)
-VERSIONID(`$Id: local_lmtp.m4,v 8.16 2000/08/18 18:58:45 ca Exp $')
+VERSIONID(`$Id: local_lmtp.m4,v 8.17 2002/11/17 04:41:04 ca Exp $')
divert(-1)
ifdef(`_MAILER_local_',
@@ -21,7 +21,8 @@ define(`LOCAL_MAILER_PATH',
ifelse(defn(`_ARG_'), `',
ifdef(`confEBINDIR', confEBINDIR, `/usr/libexec')`/mail.local',
_ARG_))
-define(`LOCAL_MAILER_FLAGS', `PSXfmnz9')
-define(`LOCAL_MAILER_ARGS', `mail.local -l')
+define(`LOCAL_MAILER_FLAGS', `PSXmnz9')
+define(`LOCAL_MAILER_ARGS',
+ ifelse(len(X`'_ARG2_), `1', `mail.local -l', _ARG2_))
define(`LOCAL_MAILER_DSN_DIAGNOSTIC_CODE', `SMTP')
define(`_LOCAL_LMTP_', `1')
diff --git a/contrib/sendmail/cf/feature/local_procmail.m4 b/contrib/sendmail/cf/feature/local_procmail.m4
index eaf83eab3828..694c3d9ef9b8 100644
--- a/contrib/sendmail/cf/feature/local_procmail.m4
+++ b/contrib/sendmail/cf/feature/local_procmail.m4
@@ -13,7 +13,7 @@ divert(-1)
#
divert(0)
-VERSIONID(`$Id: local_procmail.m4,v 8.21.42.1 2002/11/17 04:25:07 ca Exp $')
+VERSIONID(`$Id: local_procmail.m4,v 8.22 2002/11/17 04:24:19 ca Exp $')
divert(-1)
ifdef(`_MAILER_local_',
diff --git a/contrib/sendmail/cf/feature/mailertable.m4 b/contrib/sendmail/cf/feature/mailertable.m4
index e4dcd701cd41..e3e1d0344b8b 100644
--- a/contrib/sendmail/cf/feature/mailertable.m4
+++ b/contrib/sendmail/cf/feature/mailertable.m4
@@ -1,6 +1,6 @@
divert(-1)
#
-# Copyright (c) 1998, 1999, 2001 Sendmail, Inc. and its suppliers.
+# Copyright (c) 1998, 1999, 2001-2002 Sendmail, Inc. and its suppliers.
# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
@@ -13,7 +13,7 @@ divert(-1)
#
divert(0)
-VERSIONID(`$Id: mailertable.m4,v 8.23 2001/03/16 00:51:26 gshapiro Exp $')
+VERSIONID(`$Id: mailertable.m4,v 8.25 2002/06/27 23:23:57 gshapiro Exp $')
divert(-1)
define(`_MAILER_TABLE_', `')
@@ -21,5 +21,5 @@ define(`_MAILER_TABLE_', `')
LOCAL_CONFIG
# Mailer table (overriding domains)
Kmailertable ifelse(defn(`_ARG_'), `', DATABASE_MAP_TYPE MAIL_SETTINGS_DIR`mailertable',
- defn(`_ARG_'), `LDAP', `ldap -1 -v sendmailMTAMapValue -k (&(objectClass=sendmailMTAMapObject)(|(sendmailMTACluster=${sendmailMTACluster})(sendmailMTAHost=$j))(sendmailMTAMapName=mailer)(sendmailMTAKey=%0))',
+ defn(`_ARG_'), `LDAP', `ldap -1 -v sendmailMTAMapValue,sendmailMTAMapSearch:FILTER:sendmailMTAMapObject,sendmailMTAMapURL:URL:sendmailMTAMapObject -k (&(objectClass=sendmailMTAMapObject)(|(sendmailMTACluster=${sendmailMTACluster})(sendmailMTAHost=$j))(sendmailMTAMapName=mailer)(sendmailMTAKey=%0))',
`_ARG_')
diff --git a/contrib/sendmail/cf/feature/msp.m4 b/contrib/sendmail/cf/feature/msp.m4
index f4bc64a9d733..6ecf3342555a 100644
--- a/contrib/sendmail/cf/feature/msp.m4
+++ b/contrib/sendmail/cf/feature/msp.m4
@@ -1,6 +1,6 @@
divert(-1)
#
-# Copyright (c) 2000-2002 Sendmail, Inc. and its suppliers.
+# Copyright (c) 2000-2002, 2004 Sendmail, Inc. and its suppliers.
# All rights reserved.
#
# By using this file, you agree to the terms and conditions set
@@ -10,7 +10,7 @@ divert(-1)
#
divert(0)dnl
-VERSIONID(`$Id: msp.m4,v 1.32 2002/03/26 22:02:03 ca Exp $')
+VERSIONID(`$Id: msp.m4,v 1.33 2004/02/09 22:32:38 ca Exp $')
divert(-1)
undefine(`ALIAS_FILE')
define(`confDELIVERY_MODE', `i')
@@ -21,7 +21,9 @@ define(`confDONT_PROBE_INTERFACES', `True')
dnl ---------------------------------------------
dnl run as this user (even if called by root)
ifdef(`confRUN_AS_USER',,`define(`confRUN_AS_USER', `smmsp')')
-ifdef(`confTRUSTED_USER',,`define(`confTRUSTED_USER', confRUN_AS_USER)')
+ifdef(`confTRUSTED_USER',,`define(`confTRUSTED_USER',
+`ifelse(index(confRUN_AS_USER,`:'), -1, `confRUN_AS_USER',
+`substr(confRUN_AS_USER,0,index(confRUN_AS_USER,`:'))')')')
dnl ---------------------------------------------
dnl This queue directory must have the same group
dnl as sendmail and it must be group-writable.
diff --git a/contrib/sendmail/cf/feature/mtamark.m4 b/contrib/sendmail/cf/feature/mtamark.m4
new file mode 100644
index 000000000000..ae5f07a24b5a
--- /dev/null
+++ b/contrib/sendmail/cf/feature/mtamark.m4
@@ -0,0 +1,33 @@
+divert(-1)
+#
+# Copyright (c) 2004 Sendmail, Inc. and its suppliers.
+# All rights reserved.
+#
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+#
+#
+
+divert(0)
+ifdef(`_MTAMARK_R',`dnl',`dnl
+VERSIONID(`$Id: mtamark.m4,v 1.1 2004/03/22 19:22:40 ca Exp $')
+LOCAL_CONFIG
+define(`_MTAMARK_R',`')dnl
+# map for MTA mark
+Kmtamark dns -R TXT -a. -T<TMP> -r`'ifdef(`MTAMARK_TO',`MTAMARK_TO',`5')
+')
+divert(-1)
+define(`_MTAMARK_RR_', `ifelse(len(X`'_ARG3_),`1',`_perm._smtp._srv',`_ARG3_')')dnl
+define(`_MTAMARK_MSG_', `ifelse(len(X`'_ARG_),`1',`"550 Rejected: " $`'&{client_addr} " not listed as MTA"',`_ARG_')')dnl
+define(`_MTAMARK_MSG_TMP_', `ifelse(_ARG2_,`t',`"451 Temporary lookup failure of " _MTAMARK_RR_.$`'&{client_addr}',`_ARG2_')')dnl
+divert(8)
+# DNS based IP MTA list
+R$* $: $&{client_addr}
+R$-.$-.$-.$- $: <?> $(mtamark _MTAMARK_RR_.$4.$3.$2.$1.in-addr.arpa. $: OK $)
+R<?>1. $: OKSOFAR
+R<?>0. $#error $@ 5.7.1 $: _MTAMARK_MSG_
+ifelse(len(X`'_ARG2_),`1',
+`R<?>$+<TMP> $: TMPOK',
+`R<?>$+<TMP> $#error $@ 4.7.1 $: _MTAMARK_MSG_TMP_')
+divert(-1)
diff --git a/contrib/sendmail/cf/feature/ratecontrol.m4 b/contrib/sendmail/cf/feature/ratecontrol.m4
new file mode 100644
index 000000000000..e3389c0c1b41
--- /dev/null
+++ b/contrib/sendmail/cf/feature/ratecontrol.m4
@@ -0,0 +1,36 @@
+divert(-1)
+#
+# Copyright (c) 2003, 2004 Sendmail, Inc. and its suppliers.
+# All rights reserved.
+#
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+#
+#
+
+divert(0)
+VERSIONID(`$Id: ratecontrol.m4,v 1.5 2004/02/19 21:31:47 ca Exp $')
+
+divert(-1)
+ifdef(`_ACCESS_TABLE_', `
+ define(`_RATE_CONTROL_', `1')
+ ifelse(defn(`_ARG_'), `', `',
+ strcasecmp(defn(`_ARG_'), `nodelay'), `1',
+ `ifdef(`_DELAY_CHECKS_',
+ `
+ define(`_RATE_CONTROL_IMMEDIATE_', `1')
+ define(`_CONTROL_IMMEDIATE_', `1')
+ ',
+ `errprint(`*** ERROR: FEATURE(`ratecontrol', `nodelay') requires FEATURE(`delay_checks')')'
+ )',
+ `errprint(`*** ERROR: unknown parameter '"defn(`_ARG_')"` for FEATURE(`ratecontrol')')')
+ define(`_FFR_SRCHLIST_A', `1')
+ ifelse(len(X`'_ARG2_), `1', `',
+ _ARG2_, `terminate', `define(`_RATE_CONTROL_REPLY', `421')',
+ `errprint(`*** ERROR: FEATURE(`ratecontrol'): unknown argument '"_ARG2_"
+)'
+ )
+ ', `errprint(`*** ERROR: FEATURE(`ratecontrol') requires FEATURE(`access_db')
+')')
+ifdef(`_RATE_CONTROL_REPLY',,`define(`_RATE_CONTROL_REPLY', `452')')
diff --git a/contrib/sendmail/cf/feature/use_client_ptr.m4 b/contrib/sendmail/cf/feature/use_client_ptr.m4
new file mode 100644
index 000000000000..918dff13c651
--- /dev/null
+++ b/contrib/sendmail/cf/feature/use_client_ptr.m4
@@ -0,0 +1,21 @@
+divert(-1)
+#
+# Copyright (c) 2004 Sendmail, Inc. and its suppliers.
+# All rights reserved.
+#
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+#
+#
+
+divert(0)
+VERSIONID(`$Id: use_client_ptr.m4,v 1.1 2004/04/20 22:27:14 ca Exp $')
+divert(-1)
+
+# if defined, check_relay will use {client_ptr} instead of whatever
+# is passed in as its first argument.
+
+define(`_USE_CLIENT_PTR_', `1')
+
+divert(0)
diff --git a/contrib/sendmail/cf/feature/uucpdomain.m4 b/contrib/sendmail/cf/feature/uucpdomain.m4
index 4d23229135f6..c6fbc5cc3a64 100644
--- a/contrib/sendmail/cf/feature/uucpdomain.m4
+++ b/contrib/sendmail/cf/feature/uucpdomain.m4
@@ -1,6 +1,6 @@
divert(-1)
#
-# Copyright (c) 1998, 1999, 2001 Sendmail, Inc. and its suppliers.
+# Copyright (c) 1998, 1999, 2001-2002 Sendmail, Inc. and its suppliers.
# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
@@ -13,7 +13,7 @@ divert(-1)
#
divert(0)
-VERSIONID(`$Id: uucpdomain.m4,v 8.27 2001/03/16 00:51:26 gshapiro Exp $')
+VERSIONID(`$Id: uucpdomain.m4,v 8.29 2002/06/27 23:23:57 gshapiro Exp $')
divert(-1)
define(`_UUDOMAIN_TABLE_', `')
@@ -21,5 +21,5 @@ define(`_UUDOMAIN_TABLE_', `')
LOCAL_CONFIG
# UUCP domain table
Kuudomain ifelse(defn(`_ARG_'), `', DATABASE_MAP_TYPE MAIL_SETTINGS_DIR`uudomain',
- defn(`_ARG_'), `LDAP', `ldap -1 -v sendmailMTAMapValue -k (&(objectClass=sendmailMTAMapObject)(|(sendmailMTACluster=${sendmailMTACluster})(sendmailMTAHost=$j))(sendmailMTAMapName=uucpdomain)(sendmailMTAKey=%0))',
+ defn(`_ARG_'), `LDAP', `ldap -1 -v sendmailMTAMapValue,sendmailMTAMapSearch:FILTER:sendmailMTAMapObject,sendmailMTAMapURL:URL:sendmailMTAMapObject -k (&(objectClass=sendmailMTAMapObject)(|(sendmailMTACluster=${sendmailMTACluster})(sendmailMTAHost=$j))(sendmailMTAMapName=uucpdomain)(sendmailMTAKey=%0))',
`_ARG_')
diff --git a/contrib/sendmail/cf/feature/virtusertable.m4 b/contrib/sendmail/cf/feature/virtusertable.m4
index d9c628f5fbaf..1717b663b20e 100644
--- a/contrib/sendmail/cf/feature/virtusertable.m4
+++ b/contrib/sendmail/cf/feature/virtusertable.m4
@@ -1,6 +1,6 @@
divert(-1)
#
-# Copyright (c) 1998, 1999, 2001 Sendmail, Inc. and its suppliers.
+# Copyright (c) 1998, 1999, 2001-2002 Sendmail, Inc. and its suppliers.
# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
@@ -13,7 +13,7 @@ divert(-1)
#
divert(0)
-VERSIONID(`$Id: virtusertable.m4,v 8.21 2001/03/16 00:51:26 gshapiro Exp $')
+VERSIONID(`$Id: virtusertable.m4,v 8.23 2002/06/27 23:23:57 gshapiro Exp $')
divert(-1)
define(`_VIRTUSER_TABLE_', `')
@@ -21,5 +21,5 @@ define(`_VIRTUSER_TABLE_', `')
LOCAL_CONFIG
# Virtual user table (maps incoming users)
Kvirtuser ifelse(defn(`_ARG_'), `', DATABASE_MAP_TYPE MAIL_SETTINGS_DIR`virtusertable',
- defn(`_ARG_'), `LDAP', `ldap -1 -v sendmailMTAMapValue -k (&(objectClass=sendmailMTAMapObject)(|(sendmailMTACluster=${sendmailMTACluster})(sendmailMTAHost=$j))(sendmailMTAMapName=virtuser)(sendmailMTAKey=%0))',
+ defn(`_ARG_'), `LDAP', `ldap -1 -v sendmailMTAMapValue,sendmailMTAMapSearch:FILTER:sendmailMTAMapObject,sendmailMTAMapURL:URL:sendmailMTAMapObject -k (&(objectClass=sendmailMTAMapObject)(|(sendmailMTACluster=${sendmailMTACluster})(sendmailMTAHost=$j))(sendmailMTAMapName=virtuser)(sendmailMTAKey=%0))',
`_ARG_')
diff --git a/contrib/sendmail/cf/m4/cfhead.m4 b/contrib/sendmail/cf/m4/cfhead.m4
index c8b6f35b7dcc..9ccaa244887c 100644
--- a/contrib/sendmail/cf/m4/cfhead.m4
+++ b/contrib/sendmail/cf/m4/cfhead.m4
@@ -1,5 +1,5 @@
#
-# Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers.
+# Copyright (c) 1998-2004 Sendmail, Inc. and its suppliers.
# All rights reserved.
# Copyright (c) 1983, 1995 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
@@ -302,7 +302,8 @@ define(`confMILTER_MACROS_CONNECT', ``j, _, {daemon_name}, {if_name}, {if_addr}'
define(`confMILTER_MACROS_HELO', ``{tls_version}, {cipher}, {cipher_bits}, {cert_subject}, {cert_issuer}'')
define(`confMILTER_MACROS_ENVFROM', ``i, {auth_type}, {auth_authen}, {auth_ssf}, {auth_author}, {mail_mailer}, {mail_host}, {mail_addr}'')
define(`confMILTER_MACROS_ENVRCPT', ``{rcpt_mailer}, {rcpt_host}, {rcpt_addr}'')
+define(`confMILTER_MACROS_EOM', `{msg_id}')
divert(0)dnl
-VERSIONID(`$Id: cfhead.m4,v 8.108.2.6 2003/12/05 02:26:47 ca Exp $')
+VERSIONID(`$Id: cfhead.m4,v 8.116 2004/01/28 22:02:22 ca Exp $')
diff --git a/contrib/sendmail/cf/m4/proto.m4 b/contrib/sendmail/cf/m4/proto.m4
index 48f4eabda02b..2397bc7283db 100644
--- a/contrib/sendmail/cf/m4/proto.m4
+++ b/contrib/sendmail/cf/m4/proto.m4
@@ -13,7 +13,7 @@ divert(-1)
#
divert(0)
-VERSIONID(`$Id: proto.m4,v 8.649.2.30 2004/01/11 17:54:06 ca Exp $')
+VERSIONID(`$Id: proto.m4,v 8.710 2004/07/27 17:32:48 ca Exp $')
# level CF_LEVEL config file format
V`'CF_LEVEL/ifdef(`VENDOR_NAME', `VENDOR_NAME', `Berkeley')
@@ -197,7 +197,7 @@ ifdef(`_MACRO_MAP_', `', `# macro storage map
define(`_MACRO_MAP_', `1')dnl
Kmacro macro')
# possible values for TLS_connection in access map
-C{tls}VERIFY ENCR', `dnl')
+C{Tls}VERIFY ENCR', `dnl')
ifdef(`_CERT_REGEX_ISSUER_', `dnl
# extract relevant part from cert issuer
KCERTIssuer regex _CERT_REGEX_ISSUER_', `dnl')
@@ -261,7 +261,7 @@ _OPTION(AliasFile, `ALIAS_FILE', `MAIL_SETTINGS_DIR`'aliases')
_OPTION(MinFreeBlocks, `confMIN_FREE_BLOCKS', `100')
# maximum message size
-_OPTION(MaxMessageSize, `confMAX_MESSAGE_SIZE', `1000000')
+_OPTION(MaxMessageSize, `confMAX_MESSAGE_SIZE', `0')
# substitution for space (blank) characters
_OPTION(BlankSub, `confBLANK_SUB', `_')
@@ -425,14 +425,12 @@ _OPTION(Timeout.queuereturn, `confTO_QUEUERETURN', `5d')
_OPTION(Timeout.queuereturn.normal, `confTO_QUEUERETURN_NORMAL', `5d')
_OPTION(Timeout.queuereturn.urgent, `confTO_QUEUERETURN_URGENT', `2d')
_OPTION(Timeout.queuereturn.non-urgent, `confTO_QUEUERETURN_NONURGENT', `7d')
-ifdef(`confTO_QUEUERETURN_DSN', `dnl
-O Timeout.queuereturn.dsn=confTO_QUEUERETURN_DSN')
+_OPTION(Timeout.queuereturn.dsn, `confTO_QUEUERETURN_DSN', `5d')
_OPTION(Timeout.queuewarn, `confTO_QUEUEWARN', `4h')
_OPTION(Timeout.queuewarn.normal, `confTO_QUEUEWARN_NORMAL', `4h')
_OPTION(Timeout.queuewarn.urgent, `confTO_QUEUEWARN_URGENT', `1h')
_OPTION(Timeout.queuewarn.non-urgent, `confTO_QUEUEWARN_NONURGENT', `12h')
-ifdef(`confTO_QUEUEWARN_DSN', `dnl
-O Timeout.queuewarn.dsn=confTO_QUEUEWARN_DSN')
+_OPTION(Timeout.queuewarn.dsn, `confTO_QUEUEWARN_DSN', `4h')
_OPTION(Timeout.hoststatus, `confTO_HOSTSTATUS', `30m')
_OPTION(Timeout.resolver.retrans, `confTO_RESOLVER_RETRANS', `5s')
_OPTION(Timeout.resolver.retrans.first, `confTO_RESOLVER_RETRANS_FIRST', `5s')
@@ -473,6 +471,9 @@ _OPTION(UserDatabaseSpec, `confUSERDB_SPEC', `MAIL_SETTINGS_DIR`'userdb')
# fallback MX host
_OPTION(FallbackMXhost, `confFALLBACK_MX', `fall.back.host.net')
+# fallback smart host
+_OPTION(FallbackSmartHost, `confFALLBACK_SMARTHOST', `fall.back.host.net')
+
# if we are the best MX host for a site, try it directly instead of config err
_OPTION(TryNullMXList, `confTRY_NULL_MX_LIST', `False')
@@ -482,6 +483,9 @@ _OPTION(QueueLA, `confQUEUE_LA', `8')
# load average at which we refuse connections
_OPTION(RefuseLA, `confREFUSE_LA', `12')
+# log interval when refusing connections for this long
+_OPTION(RejectLogInterval, `confREJECT_LOG_INTERVAL', `3h')
+
# load average at which we delay connections; 0 means no limit
_OPTION(DelayLA, `confDELAY_LA', `0')
@@ -491,6 +495,9 @@ _OPTION(MaxDaemonChildren, `confMAX_DAEMON_CHILDREN', `0')
# maximum number of new connections per second
_OPTION(ConnectionRateThrottle, `confCONNECTION_RATE_THROTTLE', `0')
+# Width of the window
+_OPTION(ConnectionRateWindowSize, `confCONNECTION_RATE_WINDOW_SIZE', `60s')
+
# work recipient factor
_OPTION(RecipientFactor, `confWORK_RECIPIENT_FACTOR', `30000')
@@ -565,11 +572,11 @@ _OPTION(DeadLetterDrop, `confDEAD_LETTER_DROP', `/var/tmp/dead.letter')
_OPTION(RunAsUser, `confRUN_AS_USER', `sendmail')
# maximum number of recipients per SMTP envelope
-_OPTION(MaxRecipientsPerMessage, `confMAX_RCPTS_PER_MESSAGE', `100')
+_OPTION(MaxRecipientsPerMessage, `confMAX_RCPTS_PER_MESSAGE', `0')
# limit the rate recipients per SMTP envelope are accepted
# once the threshold number of recipients have been rejected
-_OPTION(BadRcptThrottle, `confBAD_RCPT_THROTTLE', `20')
+_OPTION(BadRcptThrottle, `confBAD_RCPT_THROTTLE', `0')
# shall we get local names from our installed interfaces?
_OPTION(DontProbeInterfaces, `confDONT_PROBE_INTERFACES', `False')
@@ -587,7 +594,7 @@ _OPTION(TrustedUser, `confTRUSTED_USER', `root')
_OPTION(ControlSocketName, `confCONTROL_SOCKET_NAME', `/var/spool/mqueue/.control')
# Maximum MIME header length to protect MUAs
-_OPTION(MaxMimeHeaderLength, `confMAX_MIME_HEADER_LENGTH', `2048/1024')
+_OPTION(MaxMimeHeaderLength, `confMAX_MIME_HEADER_LENGTH', `0/0')
# Maximum length of the sum of all headers
_OPTION(MaxHeadersLength, `confMAX_HEADERS_LENGTH', `32768')
@@ -610,9 +617,15 @@ _OPTION(XscriptFileBufferSize, `confXF_BUFFER_SIZE', `4096')
# lookup type to find information about local mailboxes
_OPTION(MailboxDatabase, `confMAILBOX_DATABASE', `pw')
+# override compile time flag REQUIRES_DIR_FSYNC
+_OPTION(RequiresDirfsync, `confREQUIRES_DIR_FSYNC', `true')
+
# list of authentication mechanisms
_OPTION(AuthMechanisms, `confAUTH_MECHANISMS', `EXTERNAL GSSAPI KERBEROS_V4 DIGEST-MD5 CRAM-MD5')
+# Authentication realm
+_OPTION(AuthRealm, `confAUTH_REALM', `')
+
# default authentication information for outgoing connections
_OPTION(DefaultAuthInfo, `confDEF_AUTH_INFO', `MAIL_SETTINGS_DIR`'default-auth-info')
@@ -635,7 +648,7 @@ _OPTION(Milter.macros.connect, `confMILTER_MACROS_CONNECT', `')
_OPTION(Milter.macros.helo, `confMILTER_MACROS_HELO', `')
_OPTION(Milter.macros.envfrom, `confMILTER_MACROS_ENVFROM', `')
_OPTION(Milter.macros.envrcpt, `confMILTER_MACROS_ENVRCPT', `')
-')
+_OPTION(Milter.macros.eom, `confMILTER_MACROS_EOM', `')')
# CA directory
_OPTION(CACertPath, `confCACERT_PATH', `')
@@ -649,6 +662,8 @@ _OPTION(ServerKeyFile, `confSERVER_KEY', `')
_OPTION(ClientCertFile, `confCLIENT_CERT', `')
# Client private key
_OPTION(ClientKeyFile, `confCLIENT_KEY', `')
+# File containing certificate revocation lists
+_OPTION(CRLFile, `confCRL', `')
# DHParameters (only required if DSA/DH is used)
_OPTION(DHParameters, `confDH_PARAMETERS', `')
# Random data source (required for systems without /dev/urandom under OpenSSL)
@@ -685,6 +700,7 @@ ifdef(`confTRUSTED_USERS', `T`'confTRUSTED_USERS', `dnl')
#########################
ifdef(`confFROM_HEADER',, `define(`confFROM_HEADER', `$?x$x <$g>$|$g$.')')dnl
+ifdef(`confMESSAGEID_HEADER',, `define(`confMESSAGEID_HEADER', `<$t.$i@$j>')')dnl
H?P?Return-Path: <$g>
HReceived: confRECEIVED_HEADER
H?D?Resent-Date: $a
@@ -694,8 +710,8 @@ H?F?From: confFROM_HEADER
H?x?Full-Name: $x
# HPosted-Date: $a
# H?l?Received-Date: $b
-H?M?Resent-Message-Id: <$t.$i@$j>
-H?M?Message-Id: <$t.$i@$j>
+H?M?Resent-Message-Id: confMESSAGEID_HEADER
+H?M?Message-Id: confMESSAGEID_HEADER
#
######################################################################
@@ -1429,13 +1445,21 @@ ifdef(`_LDAP_ROUTING_', `dnl
### Parsed address (user < @ domain . >)
######################################################################
+# SMTP operation modes
+C{SMTPOpModes} s d D
+
SLDAPExpand
# do the LDAP lookups
R<$+><$+><$*> $: <$(ldapmra $2 $: $)> <$(ldapmh $2 $: $)> <$1> <$2> <$3>
-# look for temporary failures (return original address, MTA will queue up)
-R<$* <TMPF>> <$*> <$+> <$+> <$*> $@ $3
-R<$*> <$* <TMPF>> <$+> <$+> <$*> $@ $3
+# look for temporary failures and...
+R<$* <TMPF>> <$*> <$+> <$+> <$*> $: $&{opMode} $| TMPF <$&{addr_type}> $| $3
+R<$*> <$* <TMPF>> <$+> <$+> <$*> $: $&{opMode} $| TMPF <$&{addr_type}> $| $3
+ifelse(_LDAP_ROUTE_MAPTEMP_, `_TEMPFAIL_', `dnl
+# ... temp fail RCPT SMTP commands
+R$={SMTPOpModes} $| TMPF <e r> $| $+ $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."')
+# ... return original address for MTA to queue up
+R$* $| TMPF <$*> $| $+ $@ $3
# if mailRoutingAddress and local or non-existant mailHost,
# return the new mailRoutingAddress
@@ -1475,11 +1499,12 @@ ifdef(`_LDAP_ROUTE_DETAIL_',
# try without +detail
R<> <> <$+> <$+ + $* @ $+> <> $@ $>LDAPExpand <$1> <$2 @ $4> <+$3>')dnl
+ifdef(`_LDAP_ROUTE_NODOMAIN_', `dnl', `
# if still no mailRoutingAddress and no mailHost,
# try @domain
ifelse(_LDAP_ROUTE_DETAIL_, `_PRESERVE_', `dnl
R<> <> <$+> <$+ + $* @ $+> <> $@ $>LDAPExpand <$1> <@ $4> <+$3>')
-R<> <> <$+> <$+ @ $+> <$*> $@ $>LDAPExpand <$1> <@ $3> <$4>
+R<> <> <$+> <$+ @ $+> <$*> $@ $>LDAPExpand <$1> <@ $3> <$4>')
# if no mailRoutingAddress and no mailHost and this was a domain attempt,
ifelse(_LDAP_ROUTING_, `_MUST_EXIST_', `dnl
@@ -1487,6 +1512,9 @@ ifelse(_LDAP_ROUTING_, `_MUST_EXIST_', `dnl
R<> <> <$+> <@ $+> <$*> $: <?> < $&{addr_type} > < $1 >
# only give error for envelope recipient
R<?> <e r> <$+> $#error $@ nouser $: "550 User unknown"
+ifdef(`_LDAP_SENDER_MUST_EXIST_', `dnl
+# and the sender too
+R<?> <e s> <$+> $#error $@ nouser $: "550 User unknown"')
R<?> <$*> <$+> $@ $2',
`dnl
# return the original address
@@ -1675,7 +1703,7 @@ R<$+> <$+> $: <$1> $2',`dnl')')
ifdef(`_RELAY_MX_SERVED_', `dnl
dnl do "we" ($=w) act as backup MX server for the destination domain?
R<NO> $* < @ $+ > $: <MX> < : $(mxserved $2 $) : > < $1 < @$2 > >
-R<MX> < : $* <TEMP> : > $* $#TEMP $@ 4.7.1 $: "450 Can not check MX records for recipient host " $1
+R<MX> < : $* <TEMP> : > $* $#TEMP $@ 4.4.0 $: "450 Can not check MX records for recipient host " $1
dnl yes: mark it as <RELAY>
R<MX> < $* : $=w. : $* > < $+ > $: <RELAY> $4
dnl no: put old <NO> mark back
@@ -1691,8 +1719,20 @@ R<$+> $* $@ $2
### check_relay -- check hostname/address on SMTP startup
######################################################################
+ifdef(`_CONTROL_IMMEDIATE_',`dnl
+Scheck_relay
+ifdef(`_RATE_CONTROL_IMMEDIATE_',`dnl
+dnl workspace: ignored...
+R$* $: $>"RateControl" dummy', `dnl')
+ifdef(`_CONN_CONTROL_IMMEDIATE_',`dnl
+dnl workspace: ignored...
+R$* $: $>"ConnControl" dummy', `dnl')
+dnl')
+
SLocal_check_relay
Scheck`'_U_`'relay
+ifdef(`_USE_CLIENT_PTR_',`dnl
+R$* $| $* $: $&{client_ptr} $| $2', `dnl')
R$* $: $1 $| $>"Local_check_relay" $1
R$* $| $* $| $#$* $#$3
R$* $| $* $| $* $@ $>"Basic_check_relay" $1 $| $2
@@ -1715,10 +1755,9 @@ dnl workspace: <result-of-lookup> (<>|<{client_addr}>)
R<?> <$*> $: OK found nothing
dnl workspace: <result-of-lookup> (<>|<{client_addr}>) | OK
R<$={Accept}> <$*> $@ $1 return value of lookup
-R<REJECT> <$*> $#error ifdef(`confREJECT_MSG', `$: "confREJECT_MSG"', `$@ 5.7.1 $: "550 Access denied"')
+R<REJECT> <$*> $#error ifdef(`confREJECT_MSG', `$: confREJECT_MSG', `$@ 5.7.1 $: "550 Access denied"')
R<DISCARD> <$*> $#discard $: discard
-ifdef(`_FFR_QUARANTINE',
-`R<QUARANTINE:$+> <$*> $#error $@ quarantine $: $1', `dnl')
+R<QUARANTINE:$+> <$*> $#error $@ quarantine $: $1
dnl error tag
R<ERROR:$-.$-.$-:$+> <$*> $#error $@ $1.$2.$3 $: $4
R<ERROR:$+> <$*> $#error $: $1
@@ -1734,6 +1773,14 @@ R$-.$-.$-.$- $: <?> $(host $4.$3.$2.$1._RBL_. $: OK $)
R<?>OK $: OKSOFAR
R<?>$+ $#error $@ 5.7.1 $: "550 Rejected: " $&{client_addr} " listed at _RBL_"',
`dnl')
+ifdef(`_RATE_CONTROL_',`dnl
+ifdef(`_RATE_CONTROL_IMMEDIATE_',`', `dnl
+dnl workspace: ignored...
+R$* $: $>"RateControl" dummy')', `dnl')
+ifdef(`_CONN_CONTROL_',`dnl
+ifdef(`_CONN_CONTROL_IMMEDIATE_',`',`dnl
+dnl workspace: ignored...
+R$* $: $>"ConnControl" dummy')', `dnl')
undivert(8)
######################################################################
@@ -1866,9 +1913,8 @@ R<PERM> $* $#error $@ 5.1.8 $: "_CODE553 Domain of sender address " $&f " does
ifdef(`_ACCESS_TABLE_', `dnl
R<$={Accept}> $* $# $1 accept from access map
R<DISCARD> $* $#discard $: discard
-ifdef(`_FFR_QUARANTINE',
-`R<QUARANTINE:$+> $* $#error $@ quarantine $: $1', `dnl')
-R<REJECT> $* $#error ifdef(`confREJECT_MSG', `$: "confREJECT_MSG"', `$@ 5.7.1 $: "550 Access denied"')
+R<QUARANTINE:$+> $* $#error $@ quarantine $: $1
+R<REJECT> $* $#error ifdef(`confREJECT_MSG', `$: confREJECT_MSG', `$@ 5.7.1 $: "550 Access denied"')
dnl error tag
R<ERROR:$-.$-.$-:$+> $* $#error $@ $1.$2.$3 $: $4
R<ERROR:$+> $* $#error $: $1
@@ -2007,8 +2053,7 @@ dnl maybe we should stop checks already here (if SPAM_xyx)?
R<$={SpamTag}> <$*> $: @ $2 mark address as no match')
R<REJECT> $* $#error $@ 5.2.1 $: confRCPTREJ_MSG
R<DISCARD> $* $#discard $: discard
-ifdef(`_FFR_QUARANTINE',
-`R<QUARANTINE:$+> $* $#error $@ quarantine $: $1', `dnl')
+R<QUARANTINE:$+> $* $#error $@ quarantine $: $1
dnl error tag
R<ERROR:$-.$-.$-:$+> $* $#error $@ $1.$2.$3 $: $4
R<ERROR:$+> $* $#error $: $1
@@ -2053,7 +2098,11 @@ dnl workspace: <Result-of-lookup | ?> <localpart<@domain>>
R<?> <$+ < @ $+ >> $: <$(access $2 $: ? $)> <$1 < @ $2 >>',`dnl')',
`R$+ < @ $* $=R > $@ RELAY
ifdef(`_ACCESS_TABLE_', `dnl
-R$+ < @ $+ > $: $>D <$2> <?> <+ To> <$1 < @ $2 >>',`dnl')')
+ifdef(`_RELAY_FULL_ADDR_', `dnl
+R$+ < @ $+ > $: $1 < @ $2 > $| $>SearchList <+ To> $| <F:$1@$2> <D:$2> <F:$1@> <>
+R$+ < @ $+ > $| <$*> $: <$3> <$1 <@ $2>>
+R$+ < @ $+ > $| $* $: <$3> <$1 <@ $2>>',
+`R$+ < @ $+ > $: $>D <$2> <?> <+ To> <$1 < @ $2 >>')')')
ifdef(`_ACCESS_TABLE_', `dnl
dnl workspace: <Result-of-lookup | ?> <localpart<@domain>>
R<RELAY> $* $@ RELAY
@@ -2065,7 +2114,7 @@ ifdef(`_RELAY_MX_SERVED_', `dnl
# allow relaying for hosts which we MX serve
R$+ < @ $+ > $: < : $(mxserved $2 $) : > $1 < @ $2 >
dnl this must not necessarily happen if the client is checked first...
-R< : $* <TEMP> : > $* $#TEMP $@ 4.7.1 $: "450 Can not check MX records for recipient host " $1
+R< : $* <TEMP> : > $* $#TEMP $@ 4.4.0 $: "450 Can not check MX records for recipient host " $1
R<$* : $=w . : $*> $* $@ RELAY
R< : $* : > $* $: $2',
`dnl')
@@ -2158,7 +2207,7 @@ dnl the input. otherwise these rules must "clean up" the workspace.
# check client name: first: did it resolve?
dnl input: ignored
R$* $: < $&{client_resolve} >
-R<TEMP> $#TEMP $@ 4.7.1 $: "450 Relaying temporarily denied. Cannot resolve PTR record for " $&{client_addr}
+R<TEMP> $#TEMP $@ 4.4.0 $: "450 Relaying temporarily denied. Cannot resolve PTR record for " $&{client_addr}
R<FORGED> $#error $@ 5.7.1 $: "550 Relaying denied. IP name possibly forged " $&{client_name}
R<FAIL> $#error $@ 5.7.1 $: "550 Relaying denied. IP name lookup failed " $&{client_name}
dnl ${client_resolve} should be OK, so go ahead
@@ -2441,11 +2490,11 @@ dnl A: recursive address lookup (LookUpAddress) [not yet required]
# class with valid marks for SearchList
dnl if A is activated: add it
-C{src}E F D U ifdef(`_FFR_SRCHLIST_A', `A')
+C{Src}E F D U ifdef(`_FFR_SRCHLIST_A', `A')
SSearchList
# just call the ruleset with the name of the tag... nice trick...
dnl 2 3 4
-R<$+> $| <$={src}:$*> <$*> $: <$1> $| <$4> $| $>$2 <$3> <?> <$1> <>
+R<$+> $| <$={Src}:$*> <$*> $: <$1> $| <$4> $| $>$2 <$3> <?> <$1> <>
dnl workspace: <o tag> $| <rest> $| <result of lookup> <>
dnl no match and nothing left: return
R<$+> $| <> $| <?> <> $@ <?>
@@ -2488,7 +2537,6 @@ R$* $#error $@ 5.7.1 $: "550 " $&{auth_authen} " not allowed to act as " $&{au
######################################################################
SLocal_Relay_Auth
-ifdef(`_ACCESS_TABLE_', `dnl
######################################################################
### srv_features: which features to offer to a client?
### (done in server)
@@ -2498,13 +2546,14 @@ ifdef(`_LOCAL_SRV_FEATURES_', `dnl
R$* $: $1 $| $>"Local_srv_features" $1
R$* $| $#$* $#$2
R$* $| $* $: $1', `dnl')
+ifdef(`_ACCESS_TABLE_', `dnl
R$* $: $>D <$&{client_name}> <?> <! SRV_FEAT_TAG> <>
R<?>$* $: $>A <$&{client_addr}> <?> <! SRV_FEAT_TAG> <>
R<?>$* $: <$(access SRV_FEAT_TAG`'_TAG_DELIM_ $: ? $)>
R<?>$* $@ OK
ifdef(`_ATMPF_', `dnl tempfail?
R<$* _ATMPF_>$* $#temp', `dnl')
-R<$+>$* $# $1
+R<$+>$* $# $1')
######################################################################
### try_tls: try to use STARTTLS?
@@ -2515,14 +2564,15 @@ ifdef(`_LOCAL_TRY_TLS_', `dnl
R$* $: $1 $| $>"Local_try_tls" $1
R$* $| $#$* $#$2
R$* $| $* $: $1', `dnl')
+ifdef(`_ACCESS_TABLE_', `dnl
R$* $: $>D <$&{server_name}> <?> <! TLS_TRY_TAG> <>
R<?>$* $: $>A <$&{server_addr}> <?> <! TLS_TRY_TAG> <>
R<?>$* $: <$(access TLS_TRY_TAG`'_TAG_DELIM_ $: ? $)>
R<?>$* $@ OK
ifdef(`_ATMPF_', `dnl tempfail?
R<$* _ATMPF_>$* $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."', `dnl')
-R<NO>$* $#error $@ 5.7.1 $: "550 do not try TLS with " $&{server_name} " ["$&{server_addr}"]"
-
+R<NO>$* $#error $@ 5.7.1 $: "550 do not try TLS with " $&{server_name} " ["$&{server_addr}"]"')
+
######################################################################
### tls_rcpt: is connection with server "good" enough?
### (done in client, per recipient)
@@ -2536,6 +2586,7 @@ ifdef(`_LOCAL_TLS_RCPT_', `dnl
R$* $: $1 $| $>"Local_tls_rcpt" $1
R$* $| $#$* $#$2
R$* $| $* $: $1', `dnl')
+ifdef(`_ACCESS_TABLE_', `dnl
dnl store name of other side
R$* $: $(macro {TLS_Name} $@ $&{server_name} $) $1
dnl canonify recipient address
@@ -2637,10 +2688,10 @@ R$* $| <$*>$* $: $1 $| <$2>
dnl workspace: ${verify} $| <ResultOfLookup>
# create the appropriate error codes
dnl permanent or temporary error?
-R$* $| <PERM + $={tls} $*> $: $1 $| <503:5.7.0> <$2 $3>
-R$* $| <TEMP + $={tls} $*> $: $1 $| <403:4.7.0> <$2 $3>
+R$* $| <PERM + $={Tls} $*> $: $1 $| <503:5.7.0> <$2 $3>
+R$* $| <TEMP + $={Tls} $*> $: $1 $| <403:4.7.0> <$2 $3>
dnl default case depends on TLS_PERM_ERR
-R$* $| <$={tls} $*> $: $1 $| <ifdef(`TLS_PERM_ERR', `503:5.7.0', `403:4.7.0')> <$2 $3>
+R$* $| <$={Tls} $*> $: $1 $| <ifdef(`TLS_PERM_ERR', `503:5.7.0', `403:4.7.0')> <$2 $3>
dnl workspace: ${verify} $| [<SMTP:ESC>] <ResultOfLookup>
# deal with TLS handshake failures: abort
RSOFTWARE $| <$-:$+> $* $#error $@ $2 $: $1 " TLS handshake failed."
@@ -2650,9 +2701,9 @@ RSOFTWARE $| $* $#error $@ ifdef(`TLS_PERM_ERR', `5.7.0', `4.7.0') $: "ifdef(`
R$* $| <$*> <VERIFY> $: <$2> <VERIFY> <> $1
dnl separate optional requirements
R$* $| <$*> <VERIFY + $+> $: <$2> <VERIFY> <$3> $1
-R$* $| <$*> <$={tls}:$->$* $: <$2> <$3:$4> <> $1
+R$* $| <$*> <$={Tls}:$->$* $: <$2> <$3:$4> <> $1
dnl separate optional requirements
-R$* $| <$*> <$={tls}:$- + $+>$* $: <$2> <$3:$4> <$5> $1
+R$* $| <$*> <$={Tls}:$- + $+>$* $: <$2> <$3:$4> <$5> $1
dnl some other value in access map: accept
dnl this also allows to override the default case (if used)
R$* $| $* $@ OK
@@ -2821,6 +2872,50 @@ R$* $| <?>$* $@ no no authinfo available
R$* $| <$*> <> $# $2
dnl', `dnl')')
+ifdef(`_RATE_CONTROL_',`dnl
+######################################################################
+### RateControl:
+### Parameters: ignored
+### return: $#error or OK
+######################################################################
+SRateControl
+ifdef(`_ACCESS_TABLE_', `dnl
+R$* $: <A:$&{client_addr}> <E:>
+dnl also look up a default value via E:
+R$+ $: $>SearchList <! ClientRate> $| $1 <>
+dnl found nothing: stop here
+R<?> $@ OK
+ifdef(`_ATMPF_', `dnl tempfail?
+R<$* _ATMPF_> $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."', `dnl')
+dnl use the generic routine (for now)
+R<0> $@ OK no limit
+R<$+> $: <$1> $| $(arith l $@ $&{client_rate} $@ $1 $)
+dnl log this? Connection rate $&{client_rate} exceeds limit $1.
+R<$+> $| FALSE $#error $@ 4.3.2 $: _RATE_CONTROL_REPLY Connection rate limit exceeded.
+')')
+
+ifdef(`_CONN_CONTROL_',`dnl
+######################################################################
+### ConnControl:
+### Parameters: ignored
+### return: $#error or OK
+######################################################################
+SConnControl
+ifdef(`_ACCESS_TABLE_', `dnl
+R$* $: <A:$&{client_addr}> <E:>
+dnl also look up a default value via E:
+R$+ $: $>SearchList <! ClientConn> $| $1 <>
+dnl found nothing: stop here
+R<?> $@ OK
+ifdef(`_ATMPF_', `dnl tempfail?
+R<$* _ATMPF_> $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."', `dnl')
+dnl use the generic routine (for now)
+R<0> $@ OK no limit
+R<$+> $: <$1> $| $(arith l $@ $&{client_connections} $@ $1 $)
+dnl log this: Open connections $&{client_connections} exceeds limit $1.
+R<$+> $| FALSE $#error $@ 4.3.2 $: _CONN_CONTROL_REPLY Too many open connections.
+')')
+
undivert(9)dnl LOCAL_RULESETS
#
######################################################################
diff --git a/contrib/sendmail/cf/m4/version.m4 b/contrib/sendmail/cf/m4/version.m4
index b6cc2289bc7c..d06e15d7edc2 100644
--- a/contrib/sendmail/cf/m4/version.m4
+++ b/contrib/sendmail/cf/m4/version.m4
@@ -11,8 +11,8 @@ divert(-1)
# the sendmail distribution.
#
#
-VERSIONID(`$Id: version.m4,v 8.92.2.26 2004/01/13 00:29:26 ca Exp $')
+VERSIONID(`$Id: version.m4,v 8.117 2004/07/30 18:03:07 ca Exp $')
#
divert(0)
# Configuration version number
-DZ8.12.11`'ifdef(`confCF_VERSION', `/confCF_VERSION')
+DZ8.13.1`'ifdef(`confCF_VERSION', `/confCF_VERSION')
diff --git a/contrib/sendmail/cf/mailer/usenet.m4 b/contrib/sendmail/cf/mailer/usenet.m4
index d28c3214d397..39f49b8bf06d 100644
--- a/contrib/sendmail/cf/mailer/usenet.m4
+++ b/contrib/sendmail/cf/mailer/usenet.m4
@@ -21,7 +21,7 @@ POPDIVERT
### USENET Mailer specification ###
####################################
-VERSIONID(`$Id: usenet.m4,v 8.21.4.1 2003/03/03 22:53:03 ca Exp $')
+VERSIONID(`$Id: usenet.m4,v 8.22 2003/02/20 21:16:13 ca Exp $')
Musenet, P=USENET_MAILER_PATH, F=_MODMF_(USENET_MAILER_FLAGS, `USENET'), S=EnvFromL, R=EnvToL,
_OPTINS(`USENET_MAILER_MAX', `M=', `, ')T=X-Usenet/X-Usenet/X-Unix,_USENET_QGRP
diff --git a/contrib/sendmail/cf/ostype/unicos.m4 b/contrib/sendmail/cf/ostype/unicos.m4
new file mode 100644
index 000000000000..d73f3faaec0c
--- /dev/null
+++ b/contrib/sendmail/cf/ostype/unicos.m4
@@ -0,0 +1,22 @@
+divert(-1)
+#
+# Copyright (c) 2003 Sendmail, Inc. and its suppliers.
+# All rights reserved.
+#
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+#
+#
+#
+
+divert(0)
+VERSIONID(`$Id: unicos.m4,v 1.1 2003/04/21 17:03:51 ca Exp $')
+define(`ALIAS_FILE', `/usr/lib/aliases')
+define(`HELP_FILE', `/usr/lib/sendmail.hf')
+define(`QUEUE_DIR', `/usr/spool/mqueue')
+define(`STATUS_FILE', `/usr/lib/sendmail.st')
+MODIFY_MAILER_FLAGS(`LOCAL', `+aSPpmnxXu')
+MODIFY_MAILER_FLAGS(`SMTP', `+anpeLC')
+define(`LOCAL_SHELL_FLAGS', `pxehu')
+define(`confPID_FILE', `/etc/sendmail.pid')dnl
diff --git a/contrib/sendmail/cf/ostype/unicosmk.m4 b/contrib/sendmail/cf/ostype/unicosmk.m4
new file mode 100644
index 000000000000..e9cec04fe674
--- /dev/null
+++ b/contrib/sendmail/cf/ostype/unicosmk.m4
@@ -0,0 +1,22 @@
+divert(-1)
+#
+# Copyright (c) 2003 Sendmail, Inc. and its suppliers.
+# All rights reserved.
+#
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+#
+#
+#
+
+divert(0)
+VERSIONID(`$Id: unicosmk.m4,v 1.1 2003/04/21 17:03:51 ca Exp $')
+define(`ALIAS_FILE', `/usr/lib/aliases')
+define(`HELP_FILE', `/usr/lib/sendmail.hf')
+define(`QUEUE_DIR', `/usr/spool/mqueue')
+define(`STATUS_FILE', `/usr/lib/sendmail.st')
+MODIFY_MAILER_FLAGS(`LOCAL' , `+aSPpmnxXu')
+MODIFY_MAILER_FLAGS(`SMTP', `+anpeLC')
+define(`LOCAL_SHELL_FLAGS', `lsDFMpxehuo')
+define(`confPID_FILE', `/etc/sendmail.pid')dnl
diff --git a/contrib/sendmail/cf/ostype/unicosmp.m4 b/contrib/sendmail/cf/ostype/unicosmp.m4
new file mode 100644
index 000000000000..79543d2ffb58
--- /dev/null
+++ b/contrib/sendmail/cf/ostype/unicosmp.m4
@@ -0,0 +1,27 @@
+divert(-1)
+#
+# Copyright (c) 2003 Sendmail, Inc. and its suppliers.
+# All rights reserved.
+#
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+#
+#
+#
+
+#
+# Notes:
+# - In UNICOSMP seems that TZ variable is needed that correct time is marked
+# to syslog
+#
+
+divert(0)
+VERSIONID(`$Id: unicosmp.m4,v 1.1 2003/04/21 17:03:51 ca Exp $')
+_DEFIFNOT(`LOCAL_MAILER_FLAGS', `Ehm9')dnl
+ifdef(`LOCAL_MAILER_ARGS',, `define(`LOCAL_MAILER_ARGS', `mail -s -d $u')')dnl
+ifdef(`QUEUE_DIR',, `define(`QUEUE_DIR', /var/spool/mqueue)')dnl
+ifdef(`STATUS_FILE',, `define(`STATUS_FILE', `/var/log/sendmail.st')')dnl
+define(`LOCAL_MAILER_PATH', `/usr/bin/mail')dnl
+define(`confTIME_ZONE', USE_TZ)dnl
+define(`confEBINDIR', `/usr/lib')dnl
diff --git a/contrib/sendmail/cf/sendmail.schema b/contrib/sendmail/cf/sendmail.schema
index f16782229f14..a532f8b33f65 100644
--- a/contrib/sendmail/cf/sendmail.schema
+++ b/contrib/sendmail/cf/sendmail.schema
@@ -5,13 +5,12 @@
# forth in the LICENSE file which can be found at the top level of
# the sendmail distribution.
#
-# $Id: sendmail.schema,v 8.19.2.1 2002/11/20 23:13:27 gshapiro Exp $
+# $Id: sendmail.schema,v 8.21 2002/11/20 23:13:50 gshapiro Exp $
# Note that this schema is experimental at this point as it has had little
# public review. Therefore, it may change in future versions. Feedback
# via sendmail@sendmail.org is encouraged.
-
# OID arcs for Sendmail
# enterprise: 1.3.6.1.4.1
# sendmail: enterprise.6152
@@ -88,6 +87,19 @@ attributetype ( 1.3.6.1.4.1.6152.10.3.1.16
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
+# attribute sendmailMTAMapSearch cis
+attributetype ( 1.3.6.1.4.1.6152.10.3.1.24
+ NAME 'sendmailMTAMapSearch'
+ DESC 'recursive search for values of a map entry'
+ EQUALITY caseExactMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
+
+# attribute sendmailMTAMapURL cis
+attributetype ( 1.3.6.1.4.1.6152.10.3.1.25
+ NAME 'sendmailMTAMapURL'
+ DESC 'recursive search URL for values of a map entry'
+ EQUALITY caseExactMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
#objectClass sendmailMTAMap
# requires
@@ -110,18 +122,22 @@ objectclass ( 1.3.6.1.4.1.6152.10.3.2.11
# objectClass,
# sendmailMTAMapName,
# sendmailMTAKey,
-# sendmailMTAMapValue,
# allows
# sendmailMTACluster,
# sendmailMTAHost,
+# sendmailMTAMapValue,
+# sendmailMTAMapSearch,
+# sendmailMTAMapURL,
# Description
objectclass ( 1.3.6.1.4.1.6152.10.3.2.12
NAME 'sendmailMTAMapObject'
SUP sendmailMTAMap STRUCTURAL
DESC 'Sendmail MTA map object'
- MUST ( sendmailMTAMapName $ sendmailMTAKey $ sendmailMTAMapValue )
- MAY ( sendmailMTACluster $ sendmailMTAHost $ Description ) )
+ MUST ( sendmailMTAMapName $ sendmailMTAKey )
+ MAY ( sendmailMTACluster $ sendmailMTAHost $
+ sendmailMTAMapValue $ sendmailMTAMapSearch $
+ sendmailMTAMapURL $ Description ) )
###########################################################################
@@ -145,6 +161,19 @@ attributetype ( 1.3.6.1.4.1.6152.10.3.1.20
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+# attribute sendmailMTAAliasSearch cis
+attributetype ( 1.3.6.1.4.1.6152.10.3.1.26
+ NAME 'sendmailMTAAliasSearch'
+ DESC 'recursive search for values of an alias'
+ EQUALITY caseExactMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
+
+# attribute sendmailMTAAliasURL cis
+attributetype ( 1.3.6.1.4.1.6152.10.3.1.27
+ NAME 'sendmailMTAAliasURL'
+ DESC 'recursive search URL for values of an alias'
+ EQUALITY caseExactMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
#objectClass sendmailMTAAlias
# requires
@@ -166,20 +195,23 @@ objectclass ( 1.3.6.1.4.1.6152.10.3.2.13
# requires
# objectClass,
# sendmailMTAKey,
-# sendmailMTAAliasValue,
# allows
# sendmailMTAAliasGrouping,
# sendmailMTACluster,
# sendmailMTAHost,
+# sendmailMTAAliasValue,
+# sendmailMTAAliasSearch,
+# sendmailMTAAliasURL,
# Description
objectclass ( 1.3.6.1.4.1.6152.10.3.2.14
NAME 'sendmailMTAAliasObject'
SUP sendmailMTAAlias STRUCTURAL
DESC 'Sendmail MTA alias object'
- MUST ( sendmailMTAKey $ sendmailMTAAliasValue )
- MAY ( sendmailMTAAliasGrouping $
- sendmailMTACluster $ sendmailMTAHost $ Description ) )
+ MUST sendmailMTAKey
+ MAY ( sendmailMTAAliasGrouping $ sendmailMTACluster $
+ sendmailMTAHost $ sendmailMTAAliasValue $
+ sendmailMTAAliasSearch $ sendmailMTAAliasURL $ Description ) )
###########################################################################
#
@@ -201,20 +233,37 @@ attributetype ( 1.3.6.1.4.1.6152.10.3.1.23
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+# attribute sendmailMTAClassSearch cis
+attributetype ( 1.3.6.1.4.1.6152.10.3.1.28
+ NAME 'sendmailMTAClassSearch'
+ DESC 'recursive search for members of a class'
+ EQUALITY caseExactMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
+
+# attribute sendmailMTAClassURL cis
+attributetype ( 1.3.6.1.4.1.6152.10.3.1.29
+ NAME 'sendmailMTAClassURL'
+ DESC 'recursive search URL for members of a class'
+ EQUALITY caseExactMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
#objectClass sendmailMTAClass
# requires
# objectClass,
# sendmailMTAClassName,
-# sendmailMTAClassValue,
# allows
# sendmailMTACluster,
# sendmailMTAHost,
+# sendmailMTAClassValue,
+# sendmailMTAClassSearch,
+# sendmailMTAClassURL,
# Description
objectclass ( 1.3.6.1.4.1.6152.10.3.2.15
NAME 'sendmailMTAClass'
SUP sendmailMTA STRUCTURAL
DESC 'Sendmail MTA class definition'
- MUST ( sendmailMTAClassName $ sendmailMTAClassValue )
- MAY ( sendmailMTACluster $ sendmailMTAHost $ Description ) )
+ MUST sendmailMTAClassName
+ MAY ( sendmailMTACluster $ sendmailMTAHost $
+ sendmailMTAClassValue $ sendmailMTAClassSearch $
+ sendmailMTAClassURL $ Description ) )
diff --git a/contrib/sendmail/contrib/buildvirtuser b/contrib/sendmail/contrib/buildvirtuser
index 8c0aa44777aa..abed167bbb51 100755
--- a/contrib/sendmail/contrib/buildvirtuser
+++ b/contrib/sendmail/contrib/buildvirtuser
@@ -27,7 +27,7 @@
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
-# $Id: buildvirtuser,v 1.5.2.1 2003/03/15 23:30:26 gshapiro Exp $
+# $Id: buildvirtuser,v 1.6 2003/03/15 23:30:09 gshapiro Exp $
=head1 NAME
diff --git a/contrib/sendmail/contrib/cidrexpand b/contrib/sendmail/contrib/cidrexpand
index 67b62c565849..b7ace25adfbe 100755
--- a/contrib/sendmail/contrib/cidrexpand
+++ b/contrib/sendmail/contrib/cidrexpand
@@ -1,17 +1,13 @@
-#!/usr/local/bin/perl -w
+#!/usr/bin/perl -w
-# v 0.2-very-beta
+# $Id: cidrexpand,v 8.4 2002/11/22 21:13:14 ca Exp $
#
-# 17 July 2000 Derek J. Balling (dredd@megacity.org)
-#
-# The $SENDMAIL flag tells the code to lump networks in sendmail format
-# if applicable. If this flag is disabled, cidrexpand will literally create
-# a single line for each entry, which may or may not be what you want. :)
-# makes for a rather large hash table...
+# v 0.4
#
+# 17 July 2000 Derek J. Balling (dredd@megacity.org)
+#
# Acts as a preparser on /etc/mail/access_db to allow you to use address/bit
-# notation. Caveat: the address portion MUST be the start address or your
-# results will NOT be what what you want.
+# notation.
#
# If you have two overlapping CIDR blocks with conflicting actions
# e.g. 10.2.3.128/25 REJECT and 10.2.3.143 ACCEPT
@@ -22,27 +18,35 @@
#
# Modifications
# -------------
-# 5 Nov 2002 Richard Rognlie (richard@sendmail.com)
+# 26 Jul 2001 Derek Balling (dredd@megacity.org)
+# Now uses Net::CIDR because it makes life a lot easier.
+#
+# 5 Nov 2002 Richard Rognlie (richard@sendmail.com)
# Added code to deal with the prefix tags that may now be included in
# the access_db
#
# Added clarification in the notes for what to do if you have
# exceptions to a larger CIDR block.
#
-# usage:
+# usage:
# cidrexpand < /etc/mail/access | makemap -r hash /etc/mail/access
#
-# Report bugs to: dredd@megacity.org
#
+# Report bugs to: <dredd@megacity.org>
+#
+
+
+use strict;
+use Net::CIDR;
my $spaceregex = '\s+';
while (my $arg = shift @ARGV)
{
- if ($arg eq '-t')
- {
+ if ($arg eq '-t')
+ {
$spaceregex = shift;
- }
+ }
}
use strict;
@@ -51,109 +55,40 @@ my $SENDMAIL = 1;
while (<>)
{
- my ($prefix,$left,$right,$space);
+ my ($prefix,$left,$right,$space);
- if (! /^(|\S\S*:)(\d+\.){3}\d+\/\d\d?$spaceregex.*/ )
- {
+ if (! /^(|\S\S*:)(\d+\.){3}\d+\/\d\d?$spaceregex.*/ )
+ {
print;
- }
- else
- {
+ }
+ else
+ {
($prefix,$left,$space,$right) = /^(|\S\S*:)((?:\d+\.){3}\d+\/\d\d?)($spaceregex)(.*)$/;
-
+
my @new_lefts = expand_network($left);
foreach my $nl (@new_lefts)
{
print "$prefix$nl$space$right\n";
}
-
- }
+ }
}
sub expand_network
{
- my ($network,$mask) = split /\//, shift;
- my @diffs = calc_changes($network,$mask);
- my ($first,$second,$third,$fourth) = split /\./, $network;
-
- my @rc = ();
-
- for my $f ($first..($first+$diffs[0]))
- {
- if ( ( $SENDMAIL ) and ($diffs[1] == 255))
- {
- push @rc, "$f";
- }
- else
+ my $left_input = shift;
+ my @rc = ($left_input);
+ my ($network,$mask) = split /\//, $left_input;
+ if (defined $mask)
+ {
+ my @parts = split /\./, $network;
+ while ($#parts < 3)
{
- for my $s ($second..($second+$diffs[1]))
- {
- if ( ($SENDMAIL) and ($diffs[2] == 255) )
- {
- push @rc,"$f\.$s";
- }
- else
- {
- for my $t ($third..($third+$diffs[2]))
- {
- if ( ($SENDMAIL) and ($diffs[3] == 255))
- {
- push @rc, "$f\.$s\.$t";
- }
- else
- {
- for my $fr ($fourth..($fourth+$diffs[3]))
- {
- push @rc, "$f\.$s\.$t\.$fr";
- }
- }
- }
- }
- }
+ push @parts, "0";
}
- }
- return @rc;
-}
-
-sub calc_changes
-{
- my ($network,$mask) = @_;
-
- my @octs = split /\./, $network;
-
- my ($first,$second,$third,$fourth) = (0,0,0,0);
-
- my $power = 32 - $mask;
-
- if ($mask > 24)
- {
- $fourth = 2**$power - 1;
- }
- elsif ($mask > 16)
- {
- $fourth = 255;
- $third = 2**($power-8) - 1;
- }
- elsif ($mask > 8)
- {
- $fourth = 255;
- $third = 255;
- $second = 2**($power-16) - 1;
- }
- elsif ($mask > 0)
- {
- $fourth = 255;
- $third = 255;
- $second = 255;
- $first = 2**($power-24) - 1;
- }
- elsif ($mask == 0)
- {
- $fourth = 255;
- $third = 255;
- $second = 255;
- $first = 255;
- }
-
- return ($first,$second,$third,$fourth);
+ my $clean_input = join '.', @parts;
+ $clean_input .= "/$mask";
+ my @octets = Net::CIDR::cidr2octets($clean_input);
+ @rc = @octets;
+ }
+ return @rc;
}
diff --git a/contrib/sendmail/contrib/qtool.8 b/contrib/sendmail/contrib/qtool.8
index fbc90fac466d..0a4cbffee023 100644
--- a/contrib/sendmail/contrib/qtool.8
+++ b/contrib/sendmail/contrib/qtool.8
@@ -6,9 +6,9 @@
.\" the sendmail distribution.
.\"
.\"
-.\" $Id: qtool.8,v 8.17 2002/01/29 21:55:49 ca Exp $
+.\" $Id: qtool.8,v 8.20 2004/06/28 17:49:41 ca Exp $
.\"
-.TH QTOOL 8 "$Date: 2002/01/29 21:55:49 $"
+.TH QTOOL 8 "$Date: 2004/06/28 17:49:41 $"
.SH NAME
qtool
\- manipulate sendmail queues
@@ -56,7 +56,7 @@ Defaults to /etc/mail/sendmail.cf.
Delete all of the messages specified by source.
.TP
\fB\-e\fP \fIperl_expression\fP
-Evalute \fIperl_expression\fP for each queue file as specified
+Evaluate \fIperl_expression\fP for each queue file as specified
by \fIsource\fP. If \fIperl_expression\fP evaluates to true, then that
queue file is moved. See below for more detail on \fIperl_expression\fP.
.TP
@@ -102,9 +102,6 @@ The size of the control file in bytes.
\fBcreation_time\fP
The time when the control file was created.
.TP
-\fBcurrent_delay\fP
-Current delay for queue delay algorithm if _FFR_QUEUEDELAY is enabled.
-.TP
\fBdata_file_name\fP
The data file name (deprecated).
.TP
@@ -173,11 +170,7 @@ Original recipient (ORCPT= parameter).
Adjusted priority of message.
.TP
\fBquarantine_reason\fP
-Quarantine reason for quarantined (held) envelopes if _FFR_QUARANTINE is
-enabled.
-.TP
-\fBqueue_delay\fP
-Queue delay algorithm if _FFR_QUEUEDELAY is enabled.
+Quarantine reason for quarantined (held) envelopes.
.TP
\fBrecipient\fP
Array of character flags followed by colon and recipient name. Flags:
diff --git a/contrib/sendmail/contrib/qtool.pl b/contrib/sendmail/contrib/qtool.pl
index 08f808bb9914..ba944c2e14eb 100755
--- a/contrib/sendmail/contrib/qtool.pl
+++ b/contrib/sendmail/contrib/qtool.pl
@@ -3,7 +3,7 @@
## Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers.
## All rights reserved.
##
-## $Id: qtool.pl,v 8.27 2002/01/29 21:55:49 ca Exp $
+## $Id: qtool.pl,v 8.28 2002/06/27 23:06:16 gshapiro Exp $
##
use strict;
use File::Basename;
@@ -485,7 +485,6 @@ sub parse
'E' => 'error_recipient',
'F' => 'flags',
'H' => 'parse_header',
- 'G' => 'queue_delay',
'I' => 'inode_number',
'K' => 'next_delivery_time',
'L' => 'content-length',
diff --git a/contrib/sendmail/contrib/socketmapClient.pl b/contrib/sendmail/contrib/socketmapClient.pl
new file mode 100755
index 000000000000..28fe603980ab
--- /dev/null
+++ b/contrib/sendmail/contrib/socketmapClient.pl
@@ -0,0 +1,67 @@
+#!/usr/bin/perl -w
+#
+# Contributed by Bastiaan Bakker for SOCKETMAP
+# $Id: socketmapClient.pl,v 1.1 2003/05/21 15:36:33 ca Exp $
+
+use strict;
+use IO::Socket;
+
+die "usage: $0 <connection> <mapname> <key> [<key2> ...]" if (@ARGV < 3);
+
+my $connection = shift @ARGV;
+my $mapname = shift @ARGV;
+
+my $sock;
+
+if ($connection =~ /tcp:(.+):([0-9]*)/) {
+ $sock = new IO::Socket::INET (
+ PeerAddr => $1,
+ PeerPort => $2,
+ Proto => 'tcp',
+ );
+} elsif ($connection =~ /((unix)|(local)):(.+)/) {
+ $sock = new IO::Socket::UNIX (
+ Type => SOCK_STREAM,
+ Peer => $4
+ );
+} else {
+ die "unrecognized connection specification $connection";
+}
+
+die "Could not create socket: $!\n" unless $sock;
+
+while(my $key = shift @ARGV) {
+ my $request = "$mapname $key";
+ netstringWrite($sock, $request);
+ $sock->flush();
+ my $response = netstringRead($sock);
+
+ print "$key => $response\n";
+}
+
+$sock->close();
+
+sub netstringWrite {
+ my $sock = shift;
+ my $data = shift;
+
+ print $sock length($data).':'.$data.',';
+}
+
+sub netstringRead {
+ my $sock = shift;
+ my $saveSeparator = $/;
+ $/ = ':';
+ my $dataLength = <$sock>;
+ die "cannot read netstring length" unless defined($dataLength);
+ chomp $dataLength;
+ my $data;
+ if ($sock->read($data, $dataLength) == $dataLength) {
+ ($sock->getc() eq ',') or die "data misses closing ,";
+ } else {
+ die "received only ".length($data)." of $dataLength bytes";
+ }
+
+ $/ = $saveSeparator;
+ return $data;
+}
diff --git a/contrib/sendmail/contrib/socketmapServer.pl b/contrib/sendmail/contrib/socketmapServer.pl
new file mode 100755
index 000000000000..153e9ef0abee
--- /dev/null
+++ b/contrib/sendmail/contrib/socketmapServer.pl
@@ -0,0 +1,98 @@
+#!/usr/bin/perl -w
+#
+# Contributed by Bastiaan Bakker for SOCKETMAP
+# $Id: socketmapServer.pl,v 1.1 2003/05/21 15:36:33 ca Exp $
+
+use strict;
+use IO::Socket;
+
+die "usage: $0 <connection>" if (@ARGV < 1);
+my $connection = shift @ARGV;
+my $sock;
+
+if ($connection =~ /tcp:(.+):([0-9]*)/) {
+ $sock = new IO::Socket::INET (
+ LocalAddr => $1,
+ LocalPort => $2,
+ Proto => 'tcp',
+ Listen => 32,
+ ReuseAddr => 1
+ );
+} elsif ($connection =~ /((unix)|(local)):(.+)/) {
+ unlink($4);
+ $sock = new IO::Socket::UNIX (
+ Type => SOCK_STREAM,
+ Local => $4,
+ Listen => 32
+ );
+} else {
+ die "unrecognized connection specification $connection";
+}
+
+while(my $client = $sock->accept()) {
+ my $childpid = fork();
+ if ($childpid) {
+ $client->close();
+ } else {
+ die "can't fork $!" unless defined($childpid);
+ $sock->close();
+ handleConnection($client);
+ $client->close();
+ exit;
+ }
+}
+
+$sock->close();
+
+sub handleConnection {
+ my $client = shift;
+ $client->autoflush(1);
+
+ while(!eof($client)) {
+ eval {
+ my $request = netstringRead($client);
+ my ($mapName, $key) = split(' ', $request);
+ my $value = mapLookup($mapName, $key);
+ my $result = (defined($value)) ? "OK $value" : "NOTFOUND";
+ netstringWrite($client, $result);
+ };
+ if ($@) {
+ print STDERR "$@\n";
+ last;
+ }
+ }
+}
+
+sub mapLookup {
+ my %mapping = ('bastiaan.bakker@example.com' => 'bastiaan',
+ 'wolter.eldering@example.com' => 'wolter@other.example.com');
+ my $mapName = shift;
+ my $key = shift;
+ my $value = ($mapName eq "virtuser") ? $mapping{$key} : undef;
+ return $value;
+}
+
+sub netstringWrite {
+ my $sock = shift;
+ my $data = shift;
+
+ print $sock length($data).':'.$data.',';
+}
+
+sub netstringRead {
+ my $sock = shift;
+ my $saveSeparator = $/;
+ $/ = ':';
+ my $dataLength = <$sock>;
+ die "cannot read netstring length" unless defined($dataLength);
+ chomp $dataLength;
+ my $data;
+ if ($sock->read($data, $dataLength) == $dataLength) {
+ ($sock->getc() eq ',') or die "data misses closing ,";
+ } else {
+ die "received only ".length($data)." of $dataLength bytes";
+ }
+
+ $/ = $saveSeparator;
+ return $data;
+}
diff --git a/contrib/sendmail/doc/op/Makefile b/contrib/sendmail/doc/op/Makefile
index 09f459234a84..ffa4e76d19d4 100644
--- a/contrib/sendmail/doc/op/Makefile
+++ b/contrib/sendmail/doc/op/Makefile
@@ -1,4 +1,4 @@
-# $Id: Makefile,v 8.14 2002/01/07 22:24:36 gshapiro Exp $
+# $Id: Makefile,v 8.15 2004/07/20 20:25:10 ca Exp $
DIR= smm/08.sendmailop
SRCS= op.me
@@ -25,6 +25,7 @@ op.ps: ${SRCS}
op.txt: ${SRCS}
rm -f $@
+ @echo "Note: see README file in case of errors."
${PIC} ${SRCS} | ${EQNASCII} | ${ROFFASCII} | ${ULASCII} > $@
op.pdf: op.ps
diff --git a/contrib/sendmail/doc/op/README b/contrib/sendmail/doc/op/README
new file mode 100644
index 000000000000..9ad8f5a9d677
--- /dev/null
+++ b/contrib/sendmail/doc/op/README
@@ -0,0 +1,13 @@
+Known Problems with some *roff versions
+
+If you encounter the error:
+
+Unknown escape sequence in input: 33, 133
+
+when trying to create op.txt then set the GROFF_NO_SGR environment
+variable (see grotty(1) man page), e.g.,
+
+csh% setenv GROFF_NO_SGR 1
+sh$ GROFF_NO_SGR=1; export GROFF_NO_SGR
+
+$Id: README,v 8.1 2004/07/20 20:25:10 ca Exp $
diff --git a/contrib/sendmail/doc/op/op.me b/contrib/sendmail/doc/op/op.me
index d34b7b4966b4..098d75cad1d0 100644
--- a/contrib/sendmail/doc/op/op.me
+++ b/contrib/sendmail/doc/op/op.me
@@ -1,4 +1,4 @@
-.\" Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers.
+.\" Copyright (c) 1998-2004 Sendmail, Inc. and its suppliers.
.\" All rights reserved.
.\" Copyright (c) 1983, 1995 Eric P. Allman. All rights reserved.
.\" Copyright (c) 1983, 1993
@@ -9,7 +9,7 @@
.\" the sendmail distribution.
.\"
.\"
-.\" $Id: op.me,v 8.609.2.29 2004/01/11 17:58:24 ca Exp $
+.\" $Id: op.me,v 8.699 2004/06/03 18:29:01 ca Exp $
.\"
.\" eqn op.me | pic | troff -me
.\"
@@ -83,17 +83,17 @@ This documentation is under modification.
.sp
.r
Eric Allman
-Gregory Neil Shapiro
Claus Assmann
+Gregory Neil Shapiro
Sendmail, Inc.
.sp
.de Ve
Version \\$2
..
-.Ve $Revision: 8.609.2.29 $
+.Ve $Revision: 8.699 $
.rm Ve
.sp
-For Sendmail Version 8.12
+For Sendmail Version 8.13
.)l
.(f
Sendmail is a trademark of Sendmail, Inc.
@@ -869,14 +869,16 @@ and
causes it to run the queue every half hour.
.pp
Some people use a more complex startup script,
-removing zero length qf files and df files for which there is no qf file.
+removing zero length qf/hf/Qf files and df files for which there is no
+qf/hf/Qf file.
+Note this is not advisable.
For example, see Figure 1
for an example of a complex script which does this clean up.
.(z
.hl
#!/bin/sh
-# remove zero length qf files
-for qffile in qf*
+# remove zero length qf/hf/Qf files
+for qffile in qf* hf* Qf*
do
if [ \-r $qffile ]
then
@@ -903,11 +905,13 @@ do
fi
fi
done
-# remove df files with no corresponding qf files
+# remove df files with no corresponding qf/hf/Qf files
for dffile in df*
do
qffile=`echo $dffile | sed 's/d/q/'`
- if [ \-r $dffile \-a ! \-f $qffile ]
+ hffile=`echo $dffile | sed 's/d/h/'`
+ Qffile=`echo $dffile | sed 's/d/Q/'`
+ if [ \-r $dffile \-a ! \-f $qffile \-a ! \-f $hffile \-a ! \-f $Qffile ]
then
echo \-n " <incomplete: $dffile>" > /dev/console
mv $dffile `echo $dffile | sed 's/d/D/'`
@@ -995,6 +999,31 @@ change the permissions accordingly, e.g.,
.(b
chmod 0600 /var/run/sendmail.pid
.)b
+Note that as of version 8.13, this file is unlinked when
+.i sendmail
+exits.
+As a result of this change, a script such as the following,
+which may have worked prior to 8.13, will no longer work:
+.(b
+# stop & start sendmail
+PIDFILE=/var/run/sendmail.pid
+kill `head -1 $PIDFILE`
+`tail -1 $PIDFILE`
+.)b
+because it assumes that the pidfile will still exist even
+after killing the process to which it refers.
+Below is a script which will work correctly
+on both newer and older versions:
+.(b
+# stop & start sendmail
+PIDFILE=/var/run/sendmail.pid
+pid=`head -1 $PIDFILE`
+cmd=`tail -1 $PIDFILE`
+kill $pid
+$cmd
+.)b
+This is just an example script, it does not perform any error checks,
+e.g., whether the pidfile exists at all.
.sh 3 "Map Files"
.pp
To prevent local denial of service attacks
@@ -1123,9 +1152,7 @@ Levels from 11\-64 are reserved for verbose information
that some sites might want.
.pp
A complete description of the log levels
-is given in section
-.\" XREF
-4.7.
+is given in section ``Log Level''.
.sh 2 "Dumping State"
.pp
You can ask
@@ -1171,6 +1198,10 @@ messages are queued rather than immediately delivered.
One or more addresses are marked as expensive and delivery is postponed
until the next queue run or one or more address are marked as held via
mailer which uses the hold mailer flag.
+.bu
+The mail message has been marked as quarantined via a mail filter or
+rulesets.
+.bu
.sh 3 "Queue Groups and Queue Directories"
.pp
There are one or more mail queues.
@@ -1372,7 +1403,7 @@ You can also specify the moved queue directory on the command line
but this requires that you do not have
queue groups in the configuration file,
because those are not subdirectories of the moved directory.
-See the section about "Queue Group Declaration" for details;
+See the section about ``Queue Group Declaration'' for details;
you most likely need a different configuration file to correctly deal
with this problem.
However, a proper configuration of queue groups should avoid
@@ -1388,6 +1419,51 @@ you can remove the directory:
.(b
rmdir /var/spool/omqueue
.)b
+.sh 3 "Quarantined Queue Items"
+.pp
+It is possible to "quarantine" mail messages,
+otherwise known as envelopes.
+Envelopes (queue files) are stored but not considered for delivery or
+display unless the "quarantine" state of the envelope is undone or
+delivery or display of quarantined items is requested.
+Quarantined messages are tagged by using a different name for the queue
+file, 'hf' instead of 'qf', and by adding the quarantine reason to the
+queue file.
+.pp
+Delivery or display of quarantined items can be requested using the
+.b \-qQ
+flag to
+.i sendmail
+or
+.i mailq .
+Additionally, messages already in the queue can be quarantined or
+unquarantined using the new
+.b \-Q
+flag to sendmail.
+For example,
+.(b
+sendmail -Qreason -q[!][I|R|S][matchstring]
+.)b
+Quarantines the normal queue items matching the criteria specified by the
+.b "-q[!][I|R|S][matchstring]"
+using the reason given on the
+.b \-Q
+flag.
+Likewise,
+.(b
+sendmail -qQ -Q[reason] -q[!][I|R|S|Q][matchstring]
+.)b
+Change the quarantine reason for the quarantined items matching the
+criteria specified by the
+.b "-q[!][I|R|S|Q][matchstring]"
+using the reason given on the
+.b \-Q
+flag.
+If there is no reason,
+ unquarantine the matching items and make them normal queue items.
+Note that the
+.b \-qQ
+flag tells sendmail to operate on quarantined items instead of normal items.
.sh 2 "Disk Based Connection Information"
.pp
.i Sendmail
@@ -2013,7 +2089,7 @@ when this is done to watch what happens:
.)b
.pp
You can also limit the jobs to those with a particular queue identifier,
-recipient, sender, or queue group
+recipient, sender, quarantine reason, or queue group
using one of the queue modifiers.
For example,
.q \-qRberkeley
@@ -2025,6 +2101,9 @@ Similarly,
limits the run to particular senders,
.q \-qIstring
limits it to particular queue identifiers, and
+.q \-qQstring
+limits it to particular quarantined reasons and only operated on
+quarantined queue items, and
.q \-qGstring
limits it to a particular queue group.
The named queue group will be run even if it is set to have 0 runners.
@@ -2036,6 +2115,8 @@ or
.b R
or
.b S
+or
+.b Q
to indicate that jobs are limited to not including a particular queue
identifier, recipient or sender.
For example,
@@ -2063,7 +2144,9 @@ You should
.b never
run a production sendmail server in debug mode.
Many of the debug flags will result in debug output being sent over the
-SMTP channel.
+SMTP channel unless the option
+.b \-D
+is used.
This will confuse many mail programs.
However, for testing purposes, it can be useful
when sending mail manually via
@@ -2622,7 +2705,7 @@ can be further qualified with a tag based on the Precedence: field
in the message;
they must be one of
.q urgent
-(indicating a positive non-zero precedence)
+(indicating a positive non-zero precedence),
.q normal
(indicating a zero precedence), or
.q non-urgent
@@ -2633,6 +2716,13 @@ sets the warning timeout for urgent messages only
to one hour.
The default if no precedence is indicated
is to set the timeout for all precedences.
+If the message has a normal (default) precedence
+and it is a delivery status notification (DSN),
+.b Timeout.queuereturn.dsn
+and
+.b Timeout.queuewarn.dsn
+can be used to give an alternative warn and return time
+for DSNs.
The value "now" can be used for
-O Timeout.queuereturn
to return entries immediately during a queue run,
@@ -2827,6 +2917,42 @@ For example, if
then an attacker needs to open only 10 SMTP sessions to the server,
leave them idle for most of the time,
and no more connections will be accepted.
+If this option is set then the timeouts used in a SMTP session
+should be lowered from their default values to
+their minimum values as specified in RFC 2821 and listed in
+section
+.\"XREF
+4.1.2.
+.sh 2 "Measures against Denial of Service Attacks"
+.pp
+.i Sendmail
+has some built-in measures against simple denial of service (DoS) attacks.
+The SMTP server by default slows down if too many bad commands are
+issued or if some commands are repeated too often within a session.
+Details can be found in the source file
+.b sendmail/srvrsmtp.c
+by looking for the macro definitions of
+.b MAXBADCOMMANDS ,
+.b MAXNOOPCOMMANDS ,
+.b MAXHELOCOMMANDS ,
+.b MAXVRFYCOMMANDS ,
+and
+.b MAXETRNCOMMANDS .
+If an SMTP command is issued more often than the corresponding
+.b MAXcmdCOMMANDS
+value, then the response is delayed exponentially,
+starting with a sleep time of one second,
+up to a maximum of four minutes (as defined by
+.b MAXTIMEOUT ).
+If the option
+.b MaxDaemonChildren
+is set to a value greater than zero,
+then this could make a DoS attack even worse since it
+keeps a connection open longer than necessary.
+Therefore a connection is terminated with a 421 SMTP reply code
+if the number of commands exceeds the limit by a factor of two and
+.b MAXBADCOMMANDS
+is set to a value greater than zero (the default is 25).
.sh 2 "Delivery Mode"
.pp
There are a number of delivery modes that
@@ -3229,7 +3355,7 @@ When processing the queue,
.i sendmail
will try to keep the last few open connections open
to avoid startup and shutdown costs.
-This only applies to IPC connections.
+This only applies to IPC and LPC connections.
.pp
When trying to open a connection
the cache is first searched.
@@ -3366,7 +3492,7 @@ Notice: it might be necessary to apply the same (or similar) options to
too.
.pp
Version level 1 configurations (see the section about
-Configuration Version Level)
+``Configuration Version Level'')
turn DNSRCH and DEFNAMES off when doing delivery lookups,
but leave them on everywhere else.
Version 8 of
@@ -3998,6 +4124,16 @@ is defined into the
.b $h
macro
for use in the argv expansion of the specified mailer.
+Notice: since the envelope sender address will be used if
+a delivery status notification must be send,
+i.e., is may specify a recipient,
+it is also run through ruleset zero.
+If ruleset zero returns a temporary error
+.b 4xy
+then delivery is deferred.
+This can be used to temporarily disable delivery,
+e.g., based on the time of the day or other varying parameters.
+It should not be used to quarantine e-mails.
.pp
Rulesets one and two
are applied to all sender and recipient addresses respectively.
@@ -4028,7 +4164,13 @@ forms all give accept/reject status;
falling off the end or returning normally is an accept,
and resolving to
.b $#error
-is a reject.
+is a reject or quarantine.
+Quarantining is chosen by specifying
+.b quarantine
+in the second part of the mailer triplet:
+.(b
+$#error $@ quarantine $: Reason for quarantine
+.)b
Many of these can also resolve to the special mailer name
.b $#discard ;
this accepts the message as though it were successful
@@ -4252,12 +4394,47 @@ delimited by white space).
If the return value starts with anything else it is silently ignored.
Generally upper case characters turn off a feature
while lower case characters turn it on.
-The option `S' causes the server not to offer STARTTLS.
-This is useful to interact with MTAs/MUAs that have broken
+Option `S' causes the server not to offer STARTTLS,
+which is useful to interact with MTAs/MUAs that have broken
STARTTLS implementations by simply not offering it.
-`V' turns off the request for a client certificate
-during the TLS handshake.
-Option `A' and `P' suppress SMTP AUTH and PIPELINING, respectively.
+`V' turns off the request for a client certificate during the TLS handshake.
+Options `A' and `P' suppress SMTP AUTH and PIPELINING, respectively.
+`c' is the equivalent to AuthOptions=p, i.e.,
+it doesn't permit mechanisms susceptible to simple
+passive attack (e.g., PLAIN, LOGIN), unless a security layer is active.
+Option `l' requires SMTP AUTH for a connection.
+Options 'B', 'D', 'E', and 'X' suppress SMTP VERB, DSN, ETRN, and EXPN,
+respectively.
+.(b
+.ta 9n
+A Do not offer AUTH
+a Offer AUTH (default)
+B Do not offer VERB
+b Offer VERB (default)
+C Do not require security layer for
+ plaintext AUTH (default)
+c Require security layer for plaintext AUTH
+D Do not offer DSN
+d Offer DSN (default)
+E Do not offer ETRN
+e Offer ETRN (default)
+L Do not require AUTH (default)
+l Require AUTH
+P Do not offer PIPELINING
+p Offer PIPELINING (default)
+S Do not offer STARTTLS
+s Offer STARTTLS (default)
+V Do not request a client certificate
+v Request a client certificate (default)
+X Do not offer EXPN
+x Offer EXPN (default)
+.)b
+Note: the entries marked as ``(default)'' may require that some
+configuration has been made, e.g., SMTP AUTH is only available if
+properly configured.
+Moreover, many options can be changed on a global basis via other
+settings as explained in this document, e.g., via DaemonPortOptions.
+.pp
The ruleset may return `$#temp' to indicate that there is a temporary
problem determining the correct features, e.g., if a map is unavailable.
In that case, the SMTP server issues a temporary failure and does not
@@ -4315,8 +4492,32 @@ The ruleset should return
.b $#
followed by the name of a queue group.
If the return value starts with anything else it is silently ignored.
-See the section about Queue Groups and Queue Directories
+See the section about ``Queue Groups and Queue Directories''
for further information.
+.sh 4 "greet_pause"
+.pp
+The
+.i greet_pause
+ruleset is used to specify the amount of time to pause before sending the
+initial SMTP 220 greeting.
+If any traffic is received during that pause, an SMTP 554 rejection
+response is given instead of the 220 greeting and all SMTP commands are
+rejected during that connection.
+This helps protect sites from open proxies and SMTP slammers.
+The ruleset should return
+.b $#
+followed by the number of milliseconds (thousandths of a second) to
+pause.
+If the return value starts with anything else or is not a number,
+it is silently ignored.
+Note: this ruleset is not invoked (and hence the feature is disabled)
+when the smtps (SMTP over SSL) is used, i.e.,
+the
+.i s
+modifier is set for the daemon via
+.b DaemonPortOptions ,
+because in this case the SSL handshake is performed before
+the greeting is sent.
.sh 3 "IPC mailers"
.pp
Some special processing occurs
@@ -4582,7 +4783,9 @@ Set from the
.b \-p
command line flag or by the SMTP server code.
.ip $t
-A numeric representation of the current time.
+A numeric representation of the current time in the format YYYYMMDDHHmm
+(4 digit year 1900-9999, 2 digit month 01-12, 2 digit day 01-31,
+2 digit hours 00-23, 2 digit minutes 00-59).
.ip $u
The recipient user.
.ip $v
@@ -4655,6 +4858,8 @@ used for a TLS connection.
The IP address of the SMTP client.
IPv6 addresses are tagged with "IPv6:" before the address.
Defined in the SMTP server only.
+.ip ${client_connections}
+The number of open connections in the SMTP server for the client IP address.
.ip ${client_name}
The host name of the SMTP client.
This may be the client's bracketed IP address
@@ -4670,6 +4875,17 @@ See also
.ip ${client_port}
The port number of the SMTP client.
Defined in the SMTP server only.
+.ip ${client_ptr}
+The result of the PTR lookup for the client IP address.
+Note: this is the same as
+.b ${client_name}
+if and only if
+.b ${client_resolve}
+is OK.
+Defined in the SMTP server only.
+.ip ${client_rate}
+The number of incoming connections for the client IP address
+over the time interval specified by ConnectionRateWindowSize.
.ip ${client_resolve}
Holds the result of the resolve call for
.b ${client_name} .
@@ -4804,6 +5020,8 @@ The mailer from the resolved triple of the address given for the
.sm "SMTP MAIL"
command.
Defined in the SMTP server only.
+.ip ${msg_id}
+The value of the Message-Id: header.
.ip ${msg_size}
The value of the SIZE= parameter,
i.e., usually the size of the message (in an ESMTP dialogue),
@@ -4811,6 +5029,8 @@ before the message has been collected, thereafter
the message size as computed by
.i sendmail
(and can be used in check_compat).
+.ip ${nbadrcpts}
+The number of bad recipients for a single message.
.ip ${nrcpts}
The number of validated recipients for a single message.
Note: since recipient validation happens after
@@ -4823,6 +5043,9 @@ The number of delivery attempts.
The current operation mode (from the
.b \-b
flag).
+.ip ${quarantine}
+The quarantine reason for the envelope,
+if it is quarantined.
.ip ${queue_interval}
The queue run interval given by the
.b \-q
@@ -4853,9 +5076,17 @@ The address of the server of the current outgoing SMTP connection.
For LMTP delivery the macro is set to the name of the mailer.
.ip ${server_name}
The name of the server of the current outgoing SMTP or LMTP connection.
+.ip ${time}
+The output of the
+.i time (3)
+function, i.e., the number of seconds since 0 hours, 0 minutes,
+0 seconds, January 1, 1970, Coordinated Universal Time (UTC).
.ip ${tls_version}
The TLS/SSL version used for the connection, e.g., TLSv1, SSLv3, SSLv2;
defined after STARTTLS has been used.
+.ip ${total_rate}
+The total number of incoming connections over the time interval specified
+by ConnectionRateWindowSize.
.ip ${verify}
The result of the verification of the presented cert;
only defined after STARTTLS has been used.
@@ -5373,6 +5604,11 @@ This is intended to work around some stupid versions of
/bin/mail
that require a blank line, but do not provide it themselves.
It would not normally be used on network mail.
+.ip B
+Strip leading backslashes (\e) off of the address;
+this is a subset of the functionality of the
+.b s
+flag.
.ip c
Do not include comments in addresses.
This should only be used if you have to work around
@@ -5616,6 +5852,9 @@ option.
This is required to get
.q \&.forward
capability.
+.ip W
+Ignore long term host status information (see Section
+"Persistent Host Status Information").
.ip x\(dg
This mailer wants a
.q Full-Name:
@@ -5735,6 +5974,9 @@ exit status to be returned
if the LHS matches.
This mailer is only functional in rulesets 0, 5,
or one of the check_* rulesets.
+The host field can also contain the special token
+.b quarantine
+which instructs sendmail to quarantine the current message.
.pp
The mailer with the special name
.q discard
@@ -5977,7 +6219,7 @@ is called for the specified
.i Header ,
and can return
.b $#error
-to reject the message or
+to reject or quarantine the message or
.b $#discard
to discard the message
(as with the other
@@ -6209,6 +6451,8 @@ d don't permit mechanisms susceptible to passive
dictionary attack.
f require forward secrecy between sessions
(breaking one won't help break next).
+m require mechanisms which provide mutual authentication
+ (only available if using Cyrus SASL v2 or later).
p don't permit mechanisms susceptible to simple
passive attack (e.g., PLAIN, LOGIN), unless a
security layer is active.
@@ -6225,6 +6469,12 @@ provided by STARTTLS) is already active.
The options 'a', 'c', 'd', 'f', 'p', and 'y' refer to properties of the
selected SASL mechanisms.
Explanations of these properties can be found in the Cyrus SASL documentation.
+.ip AuthRealm
+[no short name]
+The authentication realm that is passed to the Cyrus SASL library.
+If no realm is specified,
+.b $j
+is used.
.ip BadRcptThrottle=\fIN\fP
[no short name]
If set and the specified number of recipients in a single SMTP
@@ -6384,6 +6634,11 @@ incoming connections in a one second period per daemon.
This is intended to flatten out peaks
and allow the load average checking to cut in.
Defaults to zero (no limits).
+.ip ConnectionRateWindowSize=\fIN\fP
+[no short name]
+Define the length of the interval for which
+the number of incoming connections is maintained.
+The default is 60 seconds.
.ip ControlSocketName=\fIname\fP
[no short name]
Name of the control socket for daemon management.
@@ -6404,6 +6659,13 @@ the free disk space (in blocks) of the queue directory,
and the load average of the machine expressed as an integer.
If not set, no control socket will be available.
Solaris and pre-4.4BSD kernel users should see the note in sendmail/README .
+.ip CRLFile=\fIname\fP
+[no short name]
+Name of file that contains certificate
+revocation status, useful for X.509v3 authentication.
+CRL checking requires at least OpenSSL version 0.9.7.
+Note: if a CRLFile is specified but the file is unusable,
+STARTTLS is disabled.
.ip DHParameters
File with DH parameters for STARTTLS.
This is only required if a ciphersuite containing DSA/DH is used.
@@ -6425,6 +6687,7 @@ Name User-definable name for the daemon (defaults to "Daemon#")
Port Name/number of listening port (defaults to "smtp")
Addr Address mask (defaults INADDR_ANY)
Family Address family (defaults to INET)
+InputMailFilters List of input mail filters for the daemon
Listen Size of listen queue (defaults to 10)
Modifier Options (flags) for the daemon
SndBufSize Size of TCP send buffer
@@ -6444,6 +6707,13 @@ IPv6 users who wish to also accept IPv6 connections
should add additional Family=inet6
.b DaemonPortOptions
lines.
+The
+.i InputMailFilters
+key overrides the default list of input mail filters listed in the
+.b InputMailFilters
+option.
+If multiple input mail filters are required, they must be separated
+by semicolons (not commas).
.i Modifier
can be a sequence (without any delimiters)
of the following characters:
@@ -6453,6 +6723,7 @@ a always require authentication
b bind to interface through which mail has been received
c perform hostname canonification (.cf)
f require fully qualified hostname (.cf)
+s Run smtps (SMTP over SSL) instead of smtp
u allow unqualified addresses (.cf)
A disable AUTH (overrides 'a' modifier)
C don't perform hostname canonification
@@ -6839,6 +7110,13 @@ This is intended to be used by sites with poor network connectivity.
Messages which are undeliverable due to temporary address failures
(e.g., DNS failure)
also go to the FallbackMXhost.
+.ip FallBackSmartHost=\fIhostname\fP
+If specified, the
+.i FallBackSmartHost
+will be used in a last-ditch effort for each host.
+This is intended to be used by sites with "fake internal DNS",
+e.g., a company whose DNS accurately reflects the world
+inside that company's domain but not outside.
.ip FastSplit
[no short name]
If set to a value greater than zero (the default is one),
@@ -7124,6 +7402,7 @@ connect After session connection start
helo After HELO command
envfrom After MAIL FROM command
envrcpt After RCPT TO command
+eom After DATA command and terminating ``.''
.)b
By default the lists of macros are empty.
Example:
@@ -7224,7 +7503,9 @@ Filename of the pid file.
(default is _PATH_SENDMAILPID).
The
.i filename
-is macro-expanded before it is opened.
+is macro-expanded before it is opened, and unlinked when
+.i sendmail
+exits.
.ip PostmasterCopy=\fIpostmaster\fP
[P]
If set,
@@ -7395,6 +7676,8 @@ Legal values are
(to order randomly),
.q modification
(to order by the modification time of the qf file (older entries first)),
+.q none
+(to not order),
and
.q priority
(to order by message priority).
@@ -7470,6 +7753,20 @@ which return SERVFAIL (a temporary failure) on T_AAAA (IPv6) lookups.
Notice: it might be necessary to apply the same (or similar) options to
.i submit.cf
too.
+.ip RequiresDirfsync
+[no short name]
+This option can be used to override the compile time flag
+.b REQUIRES_DIR_FSYNC
+at runtime by setting it to
+.sm false .
+If the compile time flag is not set, the option is ignored.
+The flag turns on support for file systems that require to call
+.i fsync()
+for a directory if the meta-data in it has been changed.
+This should be turned on at least for older versions of ReiserFS;
+it is enabled by default for Linux.
+According to some information this flag is not needed
+anymore for kernel 2.4.16 and newer.
.ip RrtImpliesDsn
[R]
If this option is set, a
@@ -7541,6 +7838,10 @@ refuse incoming SMTP connections.
Defaults to 12 multiplied by
the number of processors online on the system
(if that can be determined).
+.ip RejectLogInterval=\fItimeout\fP
+[no short name]
+Log interval when refusing connections for this long
+(default: 3h).
.ip RetryFactor=\fIfact\fP
[Z]
The
@@ -7706,7 +8007,7 @@ It can be printed using the
program.
.ip SuperSafe
[s]
-This option can be set to True, False, or Interactive.
+This option can be set to True, False, Interactive, or PostMilter.
If set to True,
.i sendmail
will be super-safe when running things,
@@ -7724,6 +8025,14 @@ be used together with
.b DeliveryMode=i .
It skips some synchronization calls which are effectively
doubled in the code execution path for this mode.
+If set to PostMilter,
+.i sendmail
+defers synchronizing the queue file until any milters have
+signaled acceptance of the message.
+PostMilter is useful only when
+.i sendmail
+is running as an SMTP server; in all other situations it
+acts the same as True.
.ip TLSSrvOptions
[no short name]
List of options for SMTP STARTTLS for the server
@@ -7852,6 +8161,19 @@ should
.i never
be set in the configuration file;
it is intended for command line use only.
+Note that the use of option
+.b Verbose
+can cause authentication information to leak, if you use a
+sendmail client to authenticate to a server.
+If the authentication mechanism uses plain text passwords
+(as with LOGIN or PLAIN),
+then the password could be compromised.
+To avoid this, do not install sendmail set-user-ID root,
+and disable the
+.b VERB
+SMTP command with a suitable
+.b PrivacyOptions
+setting.
.ip XscriptFileBufferSize=\fIthreshold\fP
[no short name]
Set the
@@ -8487,6 +8809,68 @@ Scheck_etrn
R$* $: $(comp l $@ $&{load_avg} $@ 7 $) $1
RFALSE $# error \&...
.)b
+.ip socket
+The socket map uses a simple request/reply protocol over TCP or UNIX domain
+sockets to query an external server.
+Both requests and replies are text based and encoded as netstrings,
+i.e., a string "hello there" becomes:
+.(b
+11:hello there,
+.)b
+Note: neither requests nor replies end with CRLF.
+
+The request consists of the database map name and the lookup key separated
+by a space character:
+
+.(b
+<mapname> ' ' <key>
+.)b
+
+The server responds with a status indicator and the result (if any):
+
+.(b
+<status> ' ' <result>
+.)b
+
+The status indicator is one of the following upper case words:
+.(b
+.ta 9n
+OK the key was found, result contains the looked up value
+NOTFOUND the key was not found, the result is empty
+TEMP a temporary failure occured
+TIMEOUT a timeout occured on the server side
+PERM a permanent failure occured
+.)b
+
+In case of errors (status TEMP, TIMEOUT or PERM) the result field may
+contain an explanatory message.
+
+Example replies:
+.(b
+31:OK resolved.address@example.com,
+.)b
+
+in case of a successful lookup, or:
+.(b
+8:NOTFOUND,
+.)b
+
+in case the key was not found, or:
+.(b
+55:TEMP this text explains that we had a temporary failure,
+.)b
+
+in case of a failure.
+
+The socket map uses the same syntax as milters
+(see Section "X \*- Mail Filter (Milter) Definitions")
+to specify the remote endpoint, e.g.,
+.(b
+Ksocket mySocketMap inet:12345@127.0.0.1
+.)b
+
+If multiple socket maps define the same remote endpoint, they will share
+a single connection to this endpoint.
.pp
Most of these accept as arguments the same optional flags
and a filename
@@ -8578,6 +8962,8 @@ attributes to be returned;
multiple attributes can be separated by commas.
If not specified, all attributes found in the match
will be returned.
+The attributes listed can also include a type and one or more
+objectClass values for matching as described in the LDAP section.
.ip "\-z\fIdelim\fP"
The column delimiter (for text lookups).
It can be a single character or one of the special strings
@@ -8678,10 +9064,40 @@ Some LDAP libraries allow you to specify multiple, space-separated hosts for
redundancy.
In addition, each of the hosts listed can be followed by a colon and a port
number to override the default LDAP port.
-.ip "\-b\fIbase\fP"
-LDAP search base.
.ip "\-p\fIport\fP"
LDAP service port.
+.ip "\-H \fILDAPURI\fP"
+Use the specified LDAP URI instead of specifying the hostname and port
+separately with the the
+.b \-h
+and
+.b \-p
+options shown above.
+For example,
+.(b
+-h server.example.com -p 389 -b dc=example,dc=com
+.)b
+is equivalent to
+.(b
+-H ldap://server.example.com:389/dc=example,dc=com
+.)b
+If the LDAP library supports it,
+the LDAP URI format however can also request LDAP over SSL by using
+.b ldaps://
+instead of
+.b ldap:// .
+For example:
+.(b
+O LDAPDefaultSpec=-H ldaps://ldap.example.com/dc=example,dc=com
+.)b
+Similarly, if the LDAP library supports it,
+It can also be used to specify a UNIX domain socket using
+.b ldapi:// :
+.(b
+O LDAPDefaultSpec=-H ldapi://socketfile/dc=example,dc=com
+.)b
+.ip "\-b\fIbase\fP"
+LDAP search base.
.ip "\-l\fItimelimit\fP"
Time limit for LDAP queries.
.ip "\-Z\fIsizelimit\fP"
@@ -8705,6 +9121,14 @@ or the name of the Kerberos ticket file for
Force LDAP searches to only succeed if a single match is found.
If multiple values are found,
the search is treated as if no match was found.
+.ip "\-w\fIversion\fP"
+Set the LDAP API/protocol version to use.
+The default depends on the LDAP client libraries in use.
+For example,
+.b "\-w 3"
+will cause
+.i sendmail
+to use LDAPv3 when communicating with the LDAP server.
.pp
The
.i dbm
@@ -8777,8 +9201,9 @@ where
is the symbolic name of the queue group under which
it can be referenced in various places
and the
-.q field=name
+.q field=value
pairs define attributes of the queue group.
+The name must only consist of alphanumeric characters.
Fields are:
.ip Flags
Flags for this queue group.
@@ -9934,6 +10359,107 @@ if you wanted to generalize
.b $]
lookups.
We now recommend that you create a new keyed map instead.
+.sh 2 "LDAP"
+.pp
+In this section we assume that
+.i sendmail
+has been compiled with support for LDAP.
+.sh 3 "LDAP Recursion"
+.pp
+LDAP Recursion allows you to add types to the search attributes on an
+LDAP map specification.
+The syntax is:
+.ip "\-v \fIATTRIBUTE\fP[:\fITYPE\fP[:\fIOBJECTCLASS\fP[|\fIOBJECTCLASS\fP|...]]]
+.pp
+The new \fITYPE\fPs are:
+.nr ii 1i
+.ip NORMAL
+This attribute type specifies the attribute to add to the results string.
+This is the default.
+.ip DN
+Any matches for this attribute are expected to have a value of a
+fully qualified distinguished name.
+.i sendmail
+will lookup that DN and apply the attributes requested to the
+returned DN record.
+.ip FILTER
+Any matches for this attribute are expected to have a value of an
+LDAP search filter.
+.i sendmail
+will perform a lookup with the same parameters as the original
+search but replaces the search filter with the one specified here.
+.ip URL
+Any matches for this attribute are expected to have a value of an LDAP URL.
+.i sendmail
+will perform a lookup of that URL and use the results from the attributes
+named in that URL.
+Note however that the search is done using the current LDAP connection,
+regardless of what is specified as the scheme, LDAP host, and LDAP
+port in the LDAP URL.
+.lp
+Any untyped attributes are considered
+.sm NORMAL
+attributes as described above.
+.pp
+The optional \fIOBJECTCLASS\fP (| separated) list contains the
+objectClass values for which that attribute applies.
+If the list is given,
+the attribute named will only be used if the LDAP record being returned is a
+member of that object class.
+Note that if these new value attribute \fITYPE\fPs are used in an
+AliasFile
+option setting, it will need to be double quoted to prevent
+.i sendmail
+from misparsing the colons.
+.pp
+Note that LDAP recursion attributes which do not ultimately point to an
+LDAP record are not considered an error.
+.sh 4 "Example"
+.pp
+Since examples usually help clarify, here is an example which uses all
+four of the new types:
+.(b
+O LDAPDefaultSpec=-h ldap.example.com -b dc=example,dc=com
+
+Kexample ldap
+ -z,
+ -k (&(objectClass=sendmailMTAAliasObject)(sendmailMTAKey=%0))
+ -v sendmailMTAAliasValue,mail:NORMAL:inetOrgPerson,
+ uniqueMember:DN:groupOfUniqueNames,
+ sendmailMTAAliasSearch:FILTER:sendmailMTAAliasObject,
+ sendmailMTAAliasURL:URL:sendmailMTAAliasObject
+.)b
+.pp
+That definition specifies that:
+.bu
+Any value in a
+.sm sendmailMTAAliasValue
+attribute will be added to the result string regardless of object class.
+.bu
+The
+.sm mail
+attribute will be added to the result string if
+the LDAP record is a member of the
+.sm inetOrgPerson
+object class.
+.bu
+The
+.sm uniqueMember
+attribute is a recursive attribute, used only in
+.sm groupOfUniqueNames
+records, and should contain an LDAP DN pointing to another LDAP record.
+The desire here is to return the
+.sm mail
+attribute from those DNs.
+.bu
+The
+.sm sendmailMTAAliasSearch
+attribute and
+.sm sendmailMTAAliasURL
+are both used only if referenced in a
+.sm sendmailMTAAliasObject .
+They are both recursive, the first for a new LDAP search string and the
+latter for an LDAP URL.
.sh 2 "STARTTLS"
.pp
In this section we assume that
@@ -9991,27 +10517,6 @@ To allow for automatic startup of sendmail, private keys
must be stored unencrypted.
The keys are only protected by the permissions of the file system.
Never make a private key available to a third party.
-.sh 3 "Encoding of STARTTLS related Macros"
-.pp
-Macros that contain STARTTLS related data which comes from outside
-sources, e.g., all macros containing information from certificates,
-are encoded to avoid problems with non-printable or special characters.
-The latter are '<', '>', '(', ')', '"', '+', and ' '.
-All of these characters are replaced by their value in hexadecimal
-with a leading '+'.
-For example:
-.(b
-/C=US/ST=California/O=endmail.org/OU=private/CN=Darth Mail (Cert)/
-Email=darth+cert@endmail.org
-.)b
-is encoded as:
-.(b
-/C=US/ST=California/O=endmail.org/OU=private/
-CN=Darth+20Mail+20+28Cert+29/Email=darth+2Bcert@endmail.org
-.)b
-(line breaks have been inserted for readability).
-The macros which are subject to this encoding are
-{cert_subject}, {cert_issuer}, {cn_subject}, and {cn_issuer}.
.sh 3 "PRNG for STARTTLS"
.pp
STARTTLS requires a strong pseudo random number generator (PRNG)
@@ -10059,6 +10564,29 @@ generation of (temporary) keys.
Please see the OpenSSL documentation or other sources
for further information about certificates, their creation and their usage,
the importance of a good PRNG, and other aspects of TLS.
+.sh 2 "Encoding of STARTTLS and AUTH related Macros"
+.pp
+Macros that contain STARTTLS and AUTH related data which comes from outside
+sources, e.g., all macros containing information from certificates,
+are encoded to avoid problems with non-printable or special characters.
+The latter are '\\', '<', '>', '(', ')', '"', '+', and ' '.
+All of these characters are replaced by their value in hexadecimal
+with a leading '+'.
+For example:
+.(b
+/C=US/ST=California/O=endmail.org/OU=private/CN=Darth Mail (Cert)/
+Email=darth+cert@endmail.org
+.)b
+is encoded as:
+.(b
+/C=US/ST=California/O=endmail.org/OU=private/
+CN=Darth+20Mail+20+28Cert+29/Email=darth+2Bcert@endmail.org
+.)b
+(line breaks have been inserted for readability).
+The macros which are subject to this encoding are
+{cert_subject}, {cert_issuer}, {cn_subject}, {cn_issuer},
+as well as
+{auth_authen} and {auth_author}.
.sh 1 "ACKNOWLEDGEMENTS"
.pp
I've worked on
@@ -10193,6 +10721,10 @@ Use a different configuration file.
.i Sendmail
runs as the invoking user (rather than root)
when this flag is specified.
+.ip "\-D \fIlogfile\fP"
+Send debugging output to the indicated
+.i logfile
+instead of stdout.
.ip \-d\fIlevel\fP
Set debugging level.
.ip "\-f\ \fIaddr\fP"
@@ -10340,10 +10872,12 @@ can be
to limit based on queue identifier,
.b R
to limit based on recipient,
-or
.b S
-to limit based on sender.
-A particular queued job is accepted if one of the corresponding addresses
+to limit based on sender,
+or
+.b Q
+to limit based on quarantine reason for quarantined jobs.
+A particular queued job is accepted if one of the corresponding attributes
contains the indicated
.i string .
The optional ! character negates the condition tested.
@@ -10355,6 +10889,12 @@ with items with the same key letter
together, and items with different key letters
.q and'ed
together.
+.ip "\-Q[reason]"
+Quarantine a normal queue items with the given reason or
+unquarantine quarantined queue items if no reason is given.
+This should only be used with some sort of item matching using
+.b \-q[!]\fIXstring\fP
+as described above.
.ip "\-R ret"
What information you want returned if the message bounces;
.i ret
@@ -10413,7 +10953,7 @@ running as daemon.
.pp
This appendix describes the format of the queue files.
These files live in a queue directory.
-The individual qf, df, and xf files
+The individual qf, hf, Qf, df, and xf files
may be stored in separate
.i qf/ ,
.i df/ ,
@@ -10462,6 +11002,8 @@ The types are:
.ip qf
The queue control file.
This file contains the information necessary to process the job.
+.ip hf
+The same as a queue control file, but for a quarantined queue job.
.ip df
The data file.
The message body (excluding the header) is kept in this file.
@@ -10501,9 +11043,7 @@ file to
.b qf
and send it again.
.pp
-The
-.b qf
-file is structured as a series of lines
+The queue control file is structured as a series of lines
each beginning with a code letter.
The lines are as follows:
.ip V
@@ -10537,6 +11077,8 @@ will be flagged so that deliveries will be run as the
.i aliasname
is the name of the alias that expanded to this address
(used for printing messages).
+.ip q
+The quarantine reason for quarantined queue items.
.ip Q
The ``original recipient'',
specified by the ORCPT= field in an ESMTP transaction.
@@ -10768,7 +11310,7 @@ replace it with a blank sheet for double-sided output.
.\".sz 10
.\"Eric Allman
.\".sp
-.\"Version $Revision: 8.609.2.29 $
+.\"Version $Revision: 8.699 $
.\".ce 0
.bp 3
.ce
diff --git a/contrib/sendmail/editmap/Makefile.m4 b/contrib/sendmail/editmap/Makefile.m4
index 566b6e2bbb6c..d9c611ca4fdc 100644
--- a/contrib/sendmail/editmap/Makefile.m4
+++ b/contrib/sendmail/editmap/Makefile.m4
@@ -1,4 +1,4 @@
-dnl $Id: Makefile.m4,v 1.4.6.1 2002/06/21 21:58:27 ca Exp $
+dnl $Id: Makefile.m4,v 1.5 2002/06/21 22:01:30 ca Exp $
include(confBUILDTOOLSDIR`/M4/switch.m4')
define(`confREQUIRE_LIBSM', `true')
diff --git a/contrib/sendmail/editmap/editmap.8 b/contrib/sendmail/editmap/editmap.8
index deb2f672ec8e..9b0b3ad13e6f 100644
--- a/contrib/sendmail/editmap/editmap.8
+++ b/contrib/sendmail/editmap/editmap.8
@@ -1,4 +1,4 @@
-.\" Copyright (c) 2000-2001 Sendmail, Inc. and its suppliers.
+.\" Copyright (c) 2000-2001, 2003 Sendmail, Inc. and its suppliers.
.\" All rights reserved.
.\"
.\" By using this file, you agree to the terms and conditions set
@@ -6,9 +6,9 @@
.\" the sendmail distribution.
.\"
.\"
-.\" $Id: editmap.8,v 1.8.4.1 2003/03/15 23:38:57 gshapiro Exp $
+.\" $Id: editmap.8,v 1.9 2003/02/01 17:07:42 ca Exp $
.\"
-.TH EDITMAP 8 "$Date: 2003/03/15 23:38:57 $"
+.TH EDITMAP 8 "$Date: 2003/02/01 17:07:42 $"
.SH NAME
.B editmap
\- query and edit single records in database maps for sendmail
diff --git a/contrib/sendmail/include/libmilter/mfapi.h b/contrib/sendmail/include/libmilter/mfapi.h
index 9a7e7d8b17b3..b226a1a408b7 100644
--- a/contrib/sendmail/include/libmilter/mfapi.h
+++ b/contrib/sendmail/include/libmilter/mfapi.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1999-2002 Sendmail, Inc. and its suppliers.
+ * Copyright (c) 1999-2004 Sendmail, Inc. and its suppliers.
* All rights reserved.
*
* By using this file, you agree to the terms and conditions set
@@ -7,7 +7,7 @@
* the sendmail distribution.
*
*
- * $Id: mfapi.h,v 8.44.2.4 2003/10/20 21:51:49 msk Exp $
+ * $Id: mfapi.h,v 8.59 2004/07/07 21:41:31 ca Exp $
*/
/*
@@ -17,14 +17,23 @@
#ifndef _LIBMILTER_MFAPI_H
# define _LIBMILTER_MFAPI_H 1
-# include <sys/types.h>
+#ifndef SMFI_VERSION
+# define SMFI_VERSION 2 /* version number */
+#endif /* ! SMFI_VERSION */
+# include <sys/types.h>
# include <sys/socket.h>
-# include "libmilter/mfdef.h"
+
+#include "libmilter/mfdef.h"
# define LIBMILTER_API extern
+/* Only need to export C interface if used by C++ source code */
+#ifdef __cplusplus
+extern "C" {
+#endif /* __cplusplus */
+
#ifndef _SOCK_ADDR
# define _SOCK_ADDR struct sockaddr
#endif /* ! _SOCK_ADDR */
@@ -66,6 +75,19 @@ typedef int sfsistat;
# endif /* __STDC__ */
#endif /* __P */
+#if SM_CONF_STDBOOL_H
+# include <stdbool.h>
+#else /* SM_CONF_STDBOOL_H */
+# ifndef __cplusplus
+# ifndef bool
+# ifndef __bool_true_false_are_defined
+typedef int bool;
+# define __bool_true_false_are_defined 1
+# endif /* ! __bool_true_false_are_defined */
+# endif /* bool */
+# endif /* ! __cplusplus */
+#endif /* SM_CONF_STDBOOL_H */
+
/*
** structure describing one milter
*/
@@ -105,11 +127,19 @@ struct smfiDesc
/* connection cleanup */
sfsistat (*xxfi_close) SM__P((SMFICTX *));
+
+#if SMFI_VERSION > 2
+ /* any unrecognized or unimplemented command filter */
+ sfsistat (*xxfi_unknown) SM__P((SMFICTX *, char *));
+#endif /* SMFI_VERSION > 2 */
+
+#if SMFI_VERSION > 3
+ /* any unrecognized or unimplemented command filter */
+ sfsistat (*xxfi_data) SM__P((SMFICTX *));
+#endif /* SMFI_VERSION > 3 */
};
-#if _FFR_SMFI_OPENSOCKET
LIBMILTER_API int smfi_opensocket __P((bool));
-#endif /* _FFR_SMFI_OPENSOCKET */
LIBMILTER_API int smfi_register __P((struct smfiDesc));
LIBMILTER_API int smfi_main __P((void));
LIBMILTER_API int smfi_setbacklog __P((int));
@@ -117,8 +147,9 @@ LIBMILTER_API int smfi_setdbg __P((int));
LIBMILTER_API int smfi_settimeout __P((int));
LIBMILTER_API int smfi_setconn __P((char *));
LIBMILTER_API int smfi_stop __P((void));
-
-#define SMFI_VERSION 2 /* version number */
+#if _FFR_MAXDATASIZE
+LIBMILTER_API size_t smfi_setmaxdatasize __P((size_t));
+#endif /* _FFR_MAXDATASIZE */
/*
** What the filter might do -- values to be ORed together for
@@ -132,9 +163,7 @@ LIBMILTER_API int smfi_stop __P((void));
#define SMFIF_ADDRCPT 0x00000004L /* filter may add recipients */
#define SMFIF_DELRCPT 0x00000008L /* filter may delete recipients */
#define SMFIF_CHGHDRS 0x00000010L /* filter may change/delete headers */
-#if _FFR_QUARANTINE
-# define SMFIF_QUARANTINE 0x00000020L /* filter may quarantine envelope */
-#endif /* _FFR_QUARANTINE */
+#define SMFIF_QUARANTINE 0x00000020L /* filter may quarantine envelope */
/*
** Continue processing message/connection.
@@ -230,6 +259,16 @@ extern sfsistat xxfi_envrcpt __P((SMFICTX *, char **));
** Later arguments are the ESMTP arguments.
*/
+/* unknown command filter */
+
+extern sfsistat *xxfi_unknown __P((SMFICTX *, char *));
+
+/*
+** xxfi_unknown(ctx, arg) Invoked when SMTP command is not recognized or not
+** implemented.
+** char *arg; Null-terminated SMTP command
+*/
+
/* header filter */
extern sfsistat xxfi_header __P((SMFICTX *, char *, char *));
@@ -311,14 +350,12 @@ LIBMILTER_API char * smfi_getsymval __P((SMFICTX *, char *));
LIBMILTER_API int smfi_setreply __P((SMFICTX *, char *, char *, char *));
-#if _FFR_MULTILINE
/*
** Alternatively, smfi_setmlreply can be called if a multi-line SMTP reply
** is needed.
*/
LIBMILTER_API int smfi_setmlreply __P((SMFICTX *, const char *, const char *, ...));
-#endif /* _FFR_MULTILINE */
/*
** Set the specific reply code to be used in response to the active
@@ -342,10 +379,9 @@ LIBMILTER_API int smfi_setmlreply __P((SMFICTX *, const char *, const char *, ..
LIBMILTER_API int smfi_addheader __P((SMFICTX *, char *, char *));
/*
-** Add a header to the message. This header is not passed to other
-** filters. It is not checked for standards compliance; the mail filter
-** must ensure that no protocols are violated as a result of adding this
-** header.
+** Add a header to the message. It is not checked for standards
+** compliance; the mail filter must ensure that no protocols are violated
+** as a result of adding this header.
**
** SMFICTX *ctx; Opaque context structure
** char *headerf; Header field name
@@ -365,6 +401,19 @@ LIBMILTER_API int smfi_chgheader __P((SMFICTX *, char *, int, char *));
** char *headerv; New header field value (empty for delete header)
*/
+LIBMILTER_API int smfi_insheader __P((SMFICTX *, int, char *, char *));
+
+/*
+** Insert a header into the message. It is not checked for standards
+** compliance; the mail filter must ensure that no protocols are violated
+** as a result of adding this header.
+**
+** SMFICTX *ctx; Opaque context structure
+** int idx; index into the header list where the insertion should happen
+** char *headerh; Header field name
+** char *headerv; Header field value
+*/
+
LIBMILTER_API int smfi_addrcpt __P((SMFICTX *, char *));
/*
@@ -413,7 +462,6 @@ LIBMILTER_API int smfi_replacebody __P((SMFICTX *, unsigned char *, int));
** xxfi_abort is called. This can be used to reset state.
*/
-#if _FFR_QUARANTINE
/*
** Quarantine an envelope
**
@@ -422,7 +470,6 @@ LIBMILTER_API int smfi_replacebody __P((SMFICTX *, unsigned char *, int));
*/
LIBMILTER_API int smfi_quarantine __P((SMFICTX *ctx, char *reason));
-#endif /* _FFR_QUARANTINE */
/*
** Connection-private data (specific to an SMTP connection) can be
@@ -441,5 +488,8 @@ LIBMILTER_API int smfi_setpriv __P((SMFICTX *, void *));
LIBMILTER_API void *smfi_getpriv __P((SMFICTX *));
+#ifdef __cplusplus
+}
+#endif /* __cplusplus */
#endif /* ! _LIBMILTER_MFAPI_H */
diff --git a/contrib/sendmail/include/libmilter/mfdef.h b/contrib/sendmail/include/libmilter/mfdef.h
index ab543e826ca2..3261d4bb2826 100644
--- a/contrib/sendmail/include/libmilter/mfdef.h
+++ b/contrib/sendmail/include/libmilter/mfdef.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1999-2001 Sendmail, Inc. and its suppliers.
+ * Copyright (c) 1999-2004 Sendmail, Inc. and its suppliers.
* All rights reserved.
*
* By using this file, you agree to the terms and conditions set
@@ -7,7 +7,7 @@
* the sendmail distribution.
*
*
- * $Id: mfdef.h,v 8.11.2.1 2002/11/11 23:22:28 ca Exp $
+ * $Id: mfdef.h,v 8.21 2004/07/07 21:41:31 ca Exp $
*/
/*
@@ -21,14 +21,11 @@
# define MILTER_LEN_BYTES 4 /* length of 32 bit integer in bytes */
# define MILTER_OPTLEN (MILTER_LEN_BYTES * 3) /* length of options */
# define MILTER_CHUNK_SIZE 65535 /* body chunk size */
+# define MILTER_MAX_DATA_SIZE 65535 /* default milter command data limit */
/* These apply to SMFIF_* flags */
#define SMFI_V1_ACTS 0x0000000FL /* The actions of V1 filter */
-#if _FFR_QUARANTINE
-# define SMFI_V2_ACTS 0x0000003FL /* The actions of V2 filter */
-#else /* _FFR_QUARANTINE */
-# define SMFI_V2_ACTS 0x0000001FL /* The actions of V2 filter */
-#endif /* _FFR_QUARANTINE */
+#define SMFI_V2_ACTS 0x0000003FL /* The actions of V2 filter */
#define SMFI_CURR_ACTS SMFI_V2_ACTS /* The current version */
/* address families */
@@ -50,6 +47,12 @@
# define SMFIC_OPTNEG 'O' /* Option negotiation */
# define SMFIC_QUIT 'Q' /* QUIT */
# define SMFIC_RCPT 'R' /* RCPT to */
+# if SMFI_VERSION > 3
+# define SMFIC_DATA 'T' /* DATA */
+# endif /* SMFI_VERSION > 3 */
+# if SMFI_VERSION > 2
+# define SMFIC_UNKNOWN 'U' /* Any unknown command */
+# endif /* SMFI_VERSION > 2 */
/* actions (replies) */
# define SMFIR_ADDRCPT '+' /* add recipient */
@@ -62,14 +65,11 @@
# define SMFIR_PROGRESS 'p' /* progress */
# define SMFIR_REJECT 'r' /* reject */
# define SMFIR_TEMPFAIL 't' /* tempfail */
-# if _FFR_MILTER_421
-# define SMFIR_SHUTDOWN '4' /* 421: shutdown (internal to MTA) */
-# endif /* _FFR_MILTER_421 */
+# define SMFIR_SHUTDOWN '4' /* 421: shutdown (internal to MTA) */
# define SMFIR_ADDHEADER 'h' /* add header */
+# define SMFIR_INSHEADER 'i' /* insert header */
# define SMFIR_REPLYCODE 'y' /* reply code etc */
-# if _FFR_QUARANTINE
-# define SMFIR_QUARANTINE 'q' /* quarantine */
-# endif /* _FFR_QUARANTINE */
+# define SMFIR_QUARANTINE 'q' /* quarantine */
/* What the MTA can send/filter wants in protocol */
# define SMFIP_NOCONNECT 0x00000001L /* MTA should not send connect info */
@@ -79,9 +79,16 @@
# define SMFIP_NOBODY 0x00000010L /* MTA should not send body */
# define SMFIP_NOHDRS 0x00000020L /* MTA should not send headers */
# define SMFIP_NOEOH 0x00000040L /* MTA should not send EOH */
+# if _FFR_MILTER_NOHDR_RESP
+# define SMFIP_NOHREPL 0x00000080L /* No reply for headers */
+# endif /* _FFR_MILTER_NOHDR_RESP */
# define SMFI_V1_PROT 0x0000003FL /* The protocol of V1 filter */
# define SMFI_V2_PROT 0x0000007FL /* The protocol of V2 filter */
-# define SMFI_CURR_PROT SMFI_V2_PROT /* The current version */
+# if _FFR_MILTER_NOHDR_RESP
+# define SMFI_CURR_PROT 0x000000FFL /* The current version */
+# else /* _FFR_MILTER_NOHDR_RESP */
+# define SMFI_CURR_PROT SMFI_V2_PROT /* The current version */
+# endif /* _FFR_MILTER_NOHDR_RESP */
#endif /* !_LIBMILTER_MFDEF_H */
diff --git a/contrib/sendmail/include/libmilter/milter.h b/contrib/sendmail/include/libmilter/milter.h
index c18be73e34e0..5178f75620fa 100644
--- a/contrib/sendmail/include/libmilter/milter.h
+++ b/contrib/sendmail/include/libmilter/milter.h
@@ -7,7 +7,7 @@
* the sendmail distribution.
*
*
- * $Id: milter.h,v 8.37.2.3 2003/12/02 00:19:51 msk Exp $
+ * $Id: milter.h,v 8.39 2003/12/02 00:21:42 msk Exp $
*/
/*
@@ -25,11 +25,7 @@
typedef pthread_t sthread_t;
typedef int socket_t;
-#if _FFR_MILTER_MACROS_EOM
# define MAX_MACROS_ENTRIES 5 /* max size of macro pointer array */
-#else /* _FFR_MILTER_MACROS_EOM */
-# define MAX_MACROS_ENTRIES 4 /* max size of macro pointer array */
-#endif /* _FFR_MILTER_MACROS_EOM */
/*
** context for milter
diff --git a/contrib/sendmail/include/libsmdb/smdb.h b/contrib/sendmail/include/libsmdb/smdb.h
index c891ea56d0e4..6db0103ccd8b 100644
--- a/contrib/sendmail/include/libsmdb/smdb.h
+++ b/contrib/sendmail/include/libsmdb/smdb.h
@@ -6,7 +6,7 @@
* forth in the LICENSE file which can be found at the top level of
* the sendmail distribution.
*
- * $Id: smdb.h,v 8.40.2.1 2002/10/05 17:04:51 ca Exp $
+ * $Id: smdb.h,v 8.41 2002/09/24 19:53:28 ca Exp $
*
*/
diff --git a/contrib/sendmail/include/sendmail/mailstats.h b/contrib/sendmail/include/sendmail/mailstats.h
index 9a8a6350cc3b..faa83cb45036 100644
--- a/contrib/sendmail/include/sendmail/mailstats.h
+++ b/contrib/sendmail/include/sendmail/mailstats.h
@@ -10,14 +10,10 @@
* the sendmail distribution.
*
*
- * $Id: mailstats.h,v 8.18 2001/11/21 13:39:10 gshapiro Exp $
+ * $Id: mailstats.h,v 8.19 2002/06/27 22:47:22 gshapiro Exp $
*/
-#if _FFR_QUARANTINE
-# define STAT_VERSION 4
-#else /* _FFR_QUARANTINE */
-# define STAT_VERSION 3
-#endif /* _FFR_QUARANTINE */
+#define STAT_VERSION 4
#define STAT_MAGIC 0x1B1DE
/*
@@ -39,7 +35,5 @@ struct statistics
long stat_bt[MAXMAILERS]; /* kbytes to each mailer */
long stat_nr[MAXMAILERS]; /* # rejects by each mailer */
long stat_nd[MAXMAILERS]; /* # discards by each mailer */
-#if _FFR_QUARANTINE
long stat_nq[MAXMAILERS]; /* # quarantines by each mailer */
-#endif /* _FFR_QUARANTINE */
};
diff --git a/contrib/sendmail/include/sendmail/sendmail.h b/contrib/sendmail/include/sendmail/sendmail.h
index bbd3177a8a89..b12a5a1af605 100644
--- a/contrib/sendmail/include/sendmail/sendmail.h
+++ b/contrib/sendmail/include/sendmail/sendmail.h
@@ -10,7 +10,7 @@
* the sendmail distribution.
*
*
- * $Id: sendmail.h,v 8.67 2001/09/08 01:20:57 gshapiro Exp $
+ * $Id: sendmail.h,v 8.68 2002/07/01 22:18:53 gshapiro Exp $
*/
/*
@@ -55,6 +55,7 @@
#define SFF_NOWRFILES 0x00010000L /* disallow o readable files */
#define SFF_NOTEXCL 0x00020000L /* creates don't need to be exclusive */
#define SFF_EXECOK 0x00040000L /* executable files are ok (E_SM_ISEXEC) */
+#define SFF_NBLOCK 0x00080000L /* use a non-blocking lock */
#define SFF_NORFILES (SFF_NOGRFILES|SFF_NOWRFILES)
/* pseudo-flags */
diff --git a/contrib/sendmail/include/sm/bdb.h b/contrib/sendmail/include/sm/bdb.h
index 453eaa706c5e..babe1fff9961 100644
--- a/contrib/sendmail/include/sm/bdb.h
+++ b/contrib/sendmail/include/sm/bdb.h
@@ -7,7 +7,7 @@
* the sendmail distribution.
*
*
- * $Id: bdb.h,v 1.1.2.4 2003/03/06 16:27:38 ca Exp $
+ * $Id: bdb.h,v 1.4 2003/03/06 16:30:05 ca Exp $
*/
#ifndef SM_BDB_H
diff --git a/contrib/sendmail/include/sm/cdefs.h b/contrib/sendmail/include/sm/cdefs.h
index 7b06e797bdd9..046ea04920e4 100644
--- a/contrib/sendmail/include/sm/cdefs.h
+++ b/contrib/sendmail/include/sm/cdefs.h
@@ -6,7 +6,7 @@
* forth in the LICENSE file which can be found at the top level of
* the sendmail distribution.
*
- * $Id: cdefs.h,v 1.15.2.1 2003/12/05 22:44:17 ca Exp $
+ * $Id: cdefs.h,v 1.16 2003/12/05 22:45:25 ca Exp $
*/
/*
diff --git a/contrib/sendmail/include/sm/conf.h b/contrib/sendmail/include/sm/conf.h
index 055b958ea389..355d4278d490 100644
--- a/contrib/sendmail/include/sm/conf.h
+++ b/contrib/sendmail/include/sm/conf.h
@@ -10,7 +10,7 @@
* the sendmail distribution.
*
*
- * $Id: conf.h,v 1.90.2.20 2004/01/07 00:52:16 ca Exp $
+ * $Id: conf.h,v 1.116 2004/07/26 18:08:35 ca Exp $
*/
/*
@@ -436,6 +436,8 @@ typedef int pid_t;
# endif /* SOLARIS >= 20800 || (SOLARIS < 10000 && SOLARIS >= 208) */
# if SOLARIS >= 20900 || (SOLARIS < 10000 && SOLARIS >= 209)
# define HASURANDOMDEV 1 /* /dev/[u]random added in S9 */
+# define HASCLOSEFROM 1 /* closefrom(3c) added in S9 */
+# define HASFDWALK 1 /* fdwalk(3c) added in S9 */
# endif /* SOLARIS >= 20900 || (SOLARIS < 10000 && SOLARIS >= 209) */
# if SOLARIS >= 21000 || (SOLARIS < 10000 && SOLARIS >= 210)
# define HASUNSETENV 1 /* unsetenv() added in S10 */
@@ -481,7 +483,7 @@ extern char *getenv();
# else /* SUNOS403 */
/* 4.1.x specifics */
-# define HASSETSID 1 /* has Posix setsid(2) call */
+# define HASSETSID 1 /* has POSIX setsid(2) call */
# define HASSETVBUF 1 /* we have setvbuf(3) in libc */
# endif /* SUNOS403 */
@@ -510,7 +512,7 @@ extern char *getenv();
# define LA_TYPE LA_DGUX
# define HASSETREUID 1 /* has setreuid(2) call */
# define HASUNAME 1 /* use System V uname(2) system call */
-# define HASSETSID 1 /* has Posix setsid(2) call */
+# define HASSETSID 1 /* has POSIX setsid(2) call */
# define HASINITGROUPS 1 /* has initgroups(3) call */
# define IP_SRCROUTE 0 /* does not have <netinet/ip_var.h> */
# define HASGETUSERSHELL 0 /* does not have getusershell(3) */
@@ -714,8 +716,7 @@ typedef int pid_t;
# endif /* NeXT */
/*
-** Apple Darwin (aka Rhapsody)
-**
+** Apple Darwin
** Contributed by Wilfredo Sanchez <wsanchez@mit.edu>
*/
@@ -725,7 +726,7 @@ typedef int pid_t;
# define HASFLOCK 1 /* has flock(2) */
# define HASUNAME 1 /* has uname(2) */
# define HASUNSETENV 1 /* has unsetenv(3) */
-# define HASSETSID 1 /* has the setsid(2) */
+# define HASSETSID 1 /* has POSIX setsid(2) call */
# define HASINITGROUPS 1 /* has initgroups(3) */
# define HASSETVBUF 1 /* has setvbuf (3) */
# define HASSETREUID 0 /* setreuid(2) unusable */
@@ -794,7 +795,7 @@ extern unsigned int sleepX __P((unsigned int seconds));
# include <paths.h>
# define HASUNSETENV 1 /* has the unsetenv(3) call */
# define HASSETREUID 0 /* BSD-OS has broken setreuid(2) emulation */
-# define HASSETSID 1 /* has the setsid(2) POSIX syscall */
+# define HASSETSID 1 /* has POSIX setsid(2) call */
# define USESETEUID 1 /* has usable seteuid(2) call */
# define HASFCHMOD 1 /* has fchmod(2) syscall */
# define HASSETLOGIN 1 /* has setlogin(2) */
@@ -842,7 +843,7 @@ extern unsigned int sleepX __P((unsigned int seconds));
# include <unix.h>
# include <sys/select.h>
# undef NGROUPS_MAX
-# define HASSETSID 1 /* has the setsid(2) POSIX syscall */
+# define HASSETSID 1 /* has POSIX setsid(2) call */
# define USESETEUID 1 /* has usable seteuid(2) call */
# define HASFCHMOD 1 /* has fchmod(2) syscall */
# define HASGETDTABLESIZE 1 /* has getdtablesize(2) call */
@@ -876,10 +877,10 @@ extern unsigned int sleepX __P((unsigned int seconds));
# if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__)
# include <paths.h>
# define HASUNSETENV 1 /* has unsetenv(3) call */
-# define HASSETSID 1 /* has the setsid(2) POSIX syscall */
+# define HASSETSID 1 /* has POSIX setsid(2) call */
# define USESETEUID 1 /* has usable seteuid(2) call */
# define HASFCHMOD 1 /* has fchmod(2) syscall */
-# define HASFCHOWN 1 /* fchown(2) */
+# define HASFCHOWN 1 /* has fchown(2) syscall */
# define HASUNAME 1 /* has uname(2) syscall */
# define HASSTRERROR 1 /* has strerror(3) */
# define HAS_ST_GEN 1 /* has st_gen field in stat struct */
@@ -894,7 +895,12 @@ extern unsigned int sleepX __P((unsigned int seconds));
# ifndef LA_TYPE
# define LA_TYPE LA_SUBR
# endif /* ! LA_TYPE */
-# define SFS_TYPE SFS_MOUNT /* use <sys/mount.h> statfs() impl */
+# if defined(__NetBSD__) && defined(__NetBSD_Version__) && __NetBSD_Version__ >= 200040000
+# undef SFS_TYPE
+# define SFS_TYPE SFS_STATVFS
+# else
+# define SFS_TYPE SFS_MOUNT /* use <sys/mount.h> statfs() impl */
+# endif
# if defined(__NetBSD__) && (NetBSD > 199307 || NetBSD0_9 > 1)
# undef SPT_TYPE
# define SPT_TYPE SPT_BUILTIN /* setproctitle is in libc */
@@ -902,6 +908,17 @@ extern unsigned int sleepX __P((unsigned int seconds));
# if defined(__NetBSD__) && ((__NetBSD_Version__ > 102070000) || (NetBSD1_2 > 8) || defined(NetBSD1_4) || defined(NetBSD1_3))
# define HASURANDOMDEV 1 /* has /dev/urandom(4) */
# endif /* defined(__NetBSD__) && ((__NetBSD_Version__ > 102070000) || (NetBSD1_2 > 8) || defined(NetBSD1_4) || defined(NetBSD1_3)) */
+# if defined(__NetBSD__) && defined(__NetBSD_Version__) && __NetBSD_Version__ >= 104170000
+# define HASSETUSERCONTEXT 1 /* BSDI-style login classes */
+# endif
+# if defined(__NetBSD__) && defined(__NetBSD_Version__) && __NetBSD_Version__ >= 200060000
+# define HASCLOSEFROM 1 /* closefrom(3) added in 2.0F */
+# endif
+# if defined(__NetBSD__)
+# define USESYSCTL 1 /* use sysctl(3) for getting ncpus */
+# include <sys/param.h>
+# include <sys/sysctl.h>
+# endif
# if defined(__FreeBSD__)
# define HASSETLOGIN 1 /* has setlogin(2) */
# if __FreeBSD_version >= 227001
@@ -949,6 +966,9 @@ extern unsigned int sleepX __P((unsigned int seconds));
# if OpenBSD >= 200012
# define HASSETUSERCONTEXT 1 /* BSDI-style login classes */
# endif /* OpenBSD >= 200012 */
+# if OpenBSD >= 200405
+# define HASCLOSEFROM 1 /* closefrom(3) added in 3.5 */
+# endif /* OpenBSD >= 200405 */
# endif /* defined(__OpenBSD__) */
# endif /* defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__) */
@@ -1365,7 +1385,11 @@ extern void *malloc();
# if LINUX_VERSION_CODE < 66399
# define HASFLOCK 0 /* flock(2) is broken after 0.99.13 */
# else /* LINUX_VERSION_CODE < 66399 */
-# define HASFLOCK 1 /* flock(2) fixed after 1.3.95 */
+# if (LINUX_VERSION_CODE < KERNEL_VERSION(2,4,0))
+# define HASFLOCK 1 /* flock(2) fixed after 1.3.95 */
+# else /* (LINUX_VERSION_CODE < KERNEL_VERSION(2,4,0)) */
+# define HASFLOCK 0 /* flock(2) is broken (again) after 2.4.0 */
+# endif /* (LINUX_VERSION_CODE < KERNEL_VERSION(2,4,0)) */
# endif /* LINUX_VERSION_CODE < 66399 */
# endif /* ! HASFLOCK */
# ifndef LA_TYPE
@@ -1379,9 +1403,7 @@ extern void *malloc();
# endif /* ! HASURANDOMDEV */
# endif /* (LINUX_VERSION_CODE >= KERNEL_VERSION(2,0,0)) */
# if defined(__GLIBC__) && defined(__GLIBC_MINOR__)
-# ifndef HASSTRERROR
-# define HASSTRERROR 1 /* has strerror(3) */
-# endif /* HASSTRERROR */
+# define HASSTRERROR 1 /* has strerror(3) */
# endif /* defined(__GLIBC__) && defined(__GLIBC_MINOR__) */
# ifndef TZ_TYPE
# define TZ_TYPE TZ_NONE /* no standard for Linux */
@@ -1600,22 +1622,66 @@ typedef int pid_t;
# endif /* ! _PATH_SENDMAILPID */
# endif /* _SEQUENT_ */
-
/*
-** Cray Unicos
+** Cray UNICOS, UNICOS/mk, and UNICOS/mp
**
+** UNICOS:
** Ported by David L. Kensiski, Sterling Sofware <kensiski@nas.nasa.gov>
+** Update Brian Ginsbach <ginsbach@cray.com>
+** UNICOS/mk (Cray T3E):
+** Contributed by Manu Mahonen <mailadm@csc.fi>
+** of Center for Scientific Computing.
+** Update Brian Ginsbach <ginsbach@cray.com>
+** UNICOS/mp:
+** From Aaron Davis <awd@cray.com> & Brian Ginsbach <ginsbach@cray.com>
*/
-# ifdef UNICOS
+# if defined(_CRAY) || defined(UNICOS) || defined(_UNICOSMP)
# define SYSTEM5 1 /* include all the System V defines */
-# define SYS5SIGNALS 1 /* SysV signal semantics -- reset on each sig */
-# define MAXPATHLEN PATHSIZE
-# define LA_TYPE LA_ZERO
+# define HASFCHMOD 1 /* has fchmod(2) syscall */
+# define HASFCHOWN 1 /* has fchown(2) */
+# define HASUNSETENV 1 /* has unsetenv(3) call */
+# define HASINITGROUPS 1 /* has initgroups(3) call */
+# define HASSETREUID 1 /* has setreuid(2) call */
+# define USESETEUID 1 /* has usable seteuid(2) call */
+# define HASGETDTABLESIZE 1 /* has getdtablesize(2) syscall */
+# define HASSTRERROR 1 /* has strerror(3) */
+# define GIDSET_T gid_t
# define SFS_TYPE SFS_4ARGS /* four argument statfs() call */
-# define SFS_BAVAIL f_bfree /* alternate field name */
-# endif /* UNICOS */
-
+# define SFS_BAVAIL f_bfree /* alternate field name */
+# define SAFENFSPATHCONF 1 /* pathconf(2) pessimizes on NFS filesystems */
+# ifdef UNICOS
+# define SYS5SIGNALS 1 /* SysV signal semantics -- reset on each sig */
+# define LA_TYPE LA_ZERO
+# define _PATH_MAILDIR "/usr/spool/mail"
+# define GET_IPOPT_DST(dst) *(struct in_addr *)&(dst)
+# ifndef MAXPATHLEN
+# define MAXPATHLEN PATHSIZE
+# endif /* ! MAXPATHLEN */
+# ifndef _PATH_UNIX
+# ifdef UNICOSMK
+# define _PATH_UNIX "/unicosmk.ar"
+# else
+# define _PATH_UNIX "/unicos"
+# endif /* UNICOSMK */
+# endif /* ! _PATH_UNIX */
+# ifndef _PATH_VENDOR_CF
+# define _PATH_VENDOR_CF "/usr/lib/sendmail.cf"
+# endif /* ! _PATH_VENDOR_CF */
+# endif /* UNICOS */
+# ifdef _UNICOSMP
+# if defined(_SC_NPROC_ONLN) && !defined(_SC_NPROCESSORS_ONLN)
+ /* _SC_NPROC_ONLN is 'mpadmin -u', total # of unrestricted processors */
+# define _SC_NPROCESSORS_ONLN _SC_NPROC_ONLN
+# endif /* if defined(_SC_NPROC_ONLN) && !defined(_SC_NPROCESSORS_ONLN) */
+# define HASGETUSERSHELL 0 /* does not have getusershell(3) call */
+# define HASSETRLIMIT 1 /* has setrlimit(2) syscall */
+# define LA_TYPE LA_IRIX6 /* figure out at run time */
+# include <sys/cdefs.h>
+# include <paths.h>
+# define ARGV_T char *const *
+# endif /* _UNICOSMP */
+# endif /* _CRAY */
/*
** Apollo DomainOS
@@ -1731,7 +1797,7 @@ extern struct passwd * sendmail_mpe_getpwuid __P((uid_t));
# define __svr4__
# define SYS5SIGNALS 1
# define HASFCHOWN 1 /* has fchown(2) call */
-# define HASSETSID 1
+# define HASSETSID 1 /* has POSIX setsid(2) call */
# define HASSETREUID 1
# define HASWAITPID 1
# define HASGETDTABLESIZE 1
@@ -1781,7 +1847,7 @@ extern struct passwd * sendmail_mpe_getpwuid __P((uid_t));
# define SYSTEM5 1
# define HASGETUSERSHELL 0 /* does not have getusershell(3) call */
# define HASSETREUID 1
-# define HASSETSID 1
+# define HASSETSID 1 /* has POSIX setsid(2) call */
# define HASINITGROUPS 1
# define GIDSET_T gid_t
# define SLEEP_T unsigned
@@ -2003,7 +2069,7 @@ typedef int (*sigfunc_t)();
# ifndef __svr4__
# define __svr4__ /* use all System V Release 4 defines below */
# endif /* ! __svr4__ */
-# define HASSETSID 1 /* has Posix setsid(2) call */
+# define HASSETSID 1 /* has POSIX setsid(2) call */
# define HASGETUSERSHELL 1 /* DOES have getusershell(3) call in libc */
# define LA_TYPE LA_READKSYM /* use MIOC_READKSYM ioctl */
# ifndef SPT_TYPE
@@ -2082,7 +2148,7 @@ extern char *getenv();
# define __svr4__ /* use all System V Release 4 defines below */
# endif /* ! __svr4__ */
# define SYS5SIGNALS 1 /* SysV signal semantics -- reset on each sig */
-# define HASSETSID 1 /* has Posix setsid(2) call */
+# define HASSETSID 1 /* has POSIX setsid(2) call */
# define LA_TYPE LA_READKSYM /* use MIOC_READSYM ioctl */
# define SFS_TYPE SFS_USTAT /* use System V ustat(2) syscall */
# define GIDSET_T gid_t
@@ -2204,19 +2270,6 @@ typedef struct msgb mblk_t;
# define SM_INT32 int /* 32bit integer */
# endif /* sinix */
-/*
-** CRAY T3E
-**
-** Contributed by Manu Mahonen <mailadm@csc.fi>
-** of Center for Scientific Computing.
-*/
-# ifdef _CRAY
-# define GET_IPOPT_DST(dst) *(struct in_addr *)&(dst)
-# define _PATH_MAILDIR "/usr/spool/mail"
-# if !defined(MAXPATHLEN)
-# define MAXPATHLEN PATHSIZE
-# endif /* !defined(MAXPATHLEN) */
-# endif /* _CRAY */
/*
** Motorola 922, MC88110, UNIX SYSTEM V/88 Release 4.0 Version 4.3
@@ -2227,7 +2280,7 @@ typedef struct msgb mblk_t;
# ifdef MOTO
# define HASFCHMOD 1
# define HASSETRLIMIT 0
-# define HASSETSID 1
+# define HASSETSID 1 /* has POSIX setsid(2) call */
# define HASSETREUID 1
# define HASULIMIT 1
# define HASWAITPID 1
@@ -2257,8 +2310,13 @@ typedef struct msgb mblk_t;
# undef HAVE_SYS_ERRLIST
# define sys_errlist __sys_errlist
# define sys_nerr __sys_nerr
-# define major(dev) ((int)(((dev) >> 8) & 0xff))
-# define minor(dev) ((int)((dev) & 0xff))
+# include <sys/mkdev.h>
+# ifndef major
+# define major(dev) ((int)(((dev) >> 8) & 0xff))
+# endif /* ! major */
+# ifndef minor
+# define minor(dev) ((int)((dev) & 0xff))
+# endif /* ! minor */
# endif /* defined(__INTERIX) */
@@ -2359,8 +2417,8 @@ typedef struct msgb mblk_t;
/* general POSIX defines */
# ifdef _POSIX_VERSION
-# define HASSETSID 1 /* has Posix setsid(2) call */
-# define HASWAITPID 1 /* has Posix waitpid(2) call */
+# define HASSETSID 1 /* has POSIX setsid(2) call */
+# define HASWAITPID 1 /* has POSIX waitpid(2) call */
# if _POSIX_VERSION >= 199500 && !defined(USESETEUID)
# define USESETEUID 1 /* has usable seteuid(2) call */
# endif /* _POSIX_VERSION >= 199500 && !defined(USESETEUID) */
@@ -2578,7 +2636,7 @@ typedef struct msgb mblk_t;
#endif /* ! EX_NOTFOUND */
/* pseudo-code used for mci_setstat */
-# define EX_NOTSTICKY -5 /* don't save persistent status */
+# define EX_NOTSTICKY (-5) /* don't save persistent status */
/*
diff --git a/contrib/sendmail/include/sm/config.h b/contrib/sendmail/include/sm/config.h
index 791a525326a2..3e4a91281fc5 100644
--- a/contrib/sendmail/include/sm/config.h
+++ b/contrib/sendmail/include/sm/config.h
@@ -1,12 +1,12 @@
/*
- * Copyright (c) 2000-2001 Sendmail, Inc. and its suppliers.
+ * Copyright (c) 2000-2003 Sendmail, Inc. and its suppliers.
* All rights reserved.
*
* By using this file, you agree to the terms and conditions set
* forth in the LICENSE file which can be found at the top level of
* the sendmail distribution.
*
- * $Id: config.h,v 1.44 2002/01/23 17:47:15 gshapiro Exp $
+ * $Id: config.h,v 1.46 2003/12/10 03:19:06 gshapiro Exp $
*/
/*
@@ -143,8 +143,12 @@
# define SM_CONF_TEST_LLONG 1
# endif /* !SM_CONF_TEST_LLONG */
-/* Does LDAP library have ldap_memfree()? */
-# ifndef SM_CONF_LDAP_MEMFREE
+/* LDAP Checks */
+# if LDAPMAP
+# include <ldap.h>
+
+/* Does the LDAP library have ldap_memfree()? */
+# ifndef SM_CONF_LDAP_MEMFREE
/*
** The new LDAP C API (draft-ietf-ldapext-ldap-c-api-04.txt) includes
@@ -152,11 +156,31 @@
** of 2004 to identify the API.
*/
-# if USING_NETSCAPE_LDAP || LDAP_API_VERSION >= 2004
-# define SM_CONF_LDAP_MEMFREE 1
-# else /* USING_NETSCAPE_LDAP || LDAP_API_VERSION >= 2004 */
-# define SM_CONF_LDAP_MEMFREE 0
-# endif /* USING_NETSCAPE_LDAP || LDAP_API_VERSION >= 2004 */
-# endif /* ! SM_CONF_LDAP_MEMFREE */
+# if USING_NETSCAPE_LDAP || LDAP_API_VERSION >= 2004
+# define SM_CONF_LDAP_MEMFREE 1
+# else /* USING_NETSCAPE_LDAP || LDAP_API_VERSION >= 2004 */
+# define SM_CONF_LDAP_MEMFREE 0
+# endif /* USING_NETSCAPE_LDAP || LDAP_API_VERSION >= 2004 */
+# endif /* ! SM_CONF_LDAP_MEMFREE */
+
+/* Does the LDAP library have ldap_initialize()? */
+# ifndef SM_CONF_LDAP_INITIALIZE
+
+/*
+** Check for ldap_initialize() support for support for LDAP URI's with
+** non-ldap:// schemes.
+*/
+
+/* OpenLDAP does it with LDAP_OPT_URI */
+# ifdef LDAP_OPT_URI
+# define SM_CONF_LDAP_INITIALIZE 1
+# endif /* LDAP_OPT_URI */
+# endif /* !SM_CONF_LDAP_INITIALIZE */
+# endif /* LDAPMAP */
+
+/* don't use strcpy() */
+# ifndef DO_NOT_USE_STRCPY
+# define DO_NOT_USE_STRCPY 1
+# endif /* ! DO_NOT_USE_STRCPY */
#endif /* ! SM_CONFIG_H */
diff --git a/contrib/sendmail/include/sm/debug.h b/contrib/sendmail/include/sm/debug.h
index eba29ad25013..e3142b2fa423 100644
--- a/contrib/sendmail/include/sm/debug.h
+++ b/contrib/sendmail/include/sm/debug.h
@@ -1,12 +1,12 @@
/*
- * Copyright (c) 2000-2001 Sendmail, Inc. and its suppliers.
+ * Copyright (c) 2000, 2001, 2003 Sendmail, Inc. and its suppliers.
* All rights reserved.
*
* By using this file, you agree to the terms and conditions set
* forth in the LICENSE file which can be found at the top level of
* the sendmail distribution.
*
- * $Id: debug.h,v 1.15 2001/03/08 03:23:07 ca Exp $
+ * $Id: debug.h,v 1.16 2003/01/10 00:26:06 ca Exp $
*/
/*
@@ -28,29 +28,26 @@ extern SM_FILE_T *
sm_debug_file __P((void));
extern void
-sm_debug_setfile __P((
- SM_FILE_T *));
+sm_debug_setfile __P(( SM_FILE_T *));
extern void PRINTFLIKE(1, 2)
-sm_dprintf __P((
- char *_fmt,
- ...));
+sm_dprintf __P((char *_fmt, ...));
extern void
sm_dflush __P((void));
+extern void
+sm_debug_close __P((void));
+
/*
** abstractions for setting and testing debug activation levels
*/
extern void
-sm_debug_addsettings_x __P((
- const char *));
+sm_debug_addsettings_x __P((const char *));
extern void
-sm_debug_addsetting_x __P((
- const char *,
- int));
+sm_debug_addsetting_x __P((const char *, int));
# define SM_DEBUG_UNKNOWN ((SM_ATOMIC_UINT_T)(-1))
@@ -123,13 +120,10 @@ struct sm_debug
# endif /* SM_DEBUG_CHECK */
extern bool
-sm_debug_loadactive __P((
- SM_DEBUG_T *,
- int));
+sm_debug_loadactive __P((SM_DEBUG_T *, int));
extern int
-sm_debug_loadlevel __P((
- SM_DEBUG_T *));
+sm_debug_loadlevel __P((SM_DEBUG_T *));
# define SM_DEBUG_INITIALIZER(name, desc) { \
SmDebugMagic, \
diff --git a/contrib/sendmail/include/sm/errstring.h b/contrib/sendmail/include/sm/errstring.h
index cc69c51c4aab..2b937328fd72 100644
--- a/contrib/sendmail/include/sm/errstring.h
+++ b/contrib/sendmail/include/sm/errstring.h
@@ -6,7 +6,7 @@
* forth in the LICENSE file which can be found at the top level of
* the sendmail distribution.
*
- * $Id: errstring.h,v 1.4.4.3 2003/06/24 17:16:10 ca Exp $
+ * $Id: errstring.h,v 1.9 2003/12/10 03:19:06 gshapiro Exp $
*/
/*
@@ -17,7 +17,9 @@
# define SM_ERRSTRING_H
#include <errno.h>
+#if NEEDINTERRNO
extern int errno;
+#endif /* NEEDINTERRNO */
/*
** These are used in a few cases where we need some special
@@ -44,6 +46,7 @@ extern int errno;
#define E_DNSBASE (E_PSEUDOBASE + 20) /* base for DNS h_errno */
#define E_SMDBBASE (E_PSEUDOBASE + 40) /* base for libsmdb errors */
#define E_LDAPBASE (E_PSEUDOBASE + 70) /* base for LDAP errors */
+#define E_LDAPURLBASE (E_PSEUDOBASE + 200) /* base for LDAP URL errors */
/* libsmdb */
diff --git a/contrib/sendmail/include/sm/fdset.h b/contrib/sendmail/include/sm/fdset.h
index 31a0e3045591..bb42185647ee 100644
--- a/contrib/sendmail/include/sm/fdset.h
+++ b/contrib/sendmail/include/sm/fdset.h
@@ -6,7 +6,7 @@
* forth in the LICENSE file which can be found at the top level of
* the sendmail distribution.
*
- * $Id: fdset.h,v 1.3.10.2 2002/12/10 04:02:25 ca Exp $
+ * $Id: fdset.h,v 1.5 2002/12/10 19:48:19 ca Exp $
*/
#ifndef SM_FDSET_H
diff --git a/contrib/sendmail/include/sm/gen.h b/contrib/sendmail/include/sm/gen.h
index 61b6e1b8f34d..6fec06c23a34 100644
--- a/contrib/sendmail/include/sm/gen.h
+++ b/contrib/sendmail/include/sm/gen.h
@@ -6,7 +6,7 @@
* forth in the LICENSE file which can be found at the top level of
* the sendmail distribution.
*
- * $Id: gen.h,v 1.22 2002/04/03 00:40:42 ca Exp $
+ * $Id: gen.h,v 1.23 2003/11/04 18:51:54 ca Exp $
*/
/*
@@ -43,7 +43,7 @@
# else /* SM_CONF_STDDEF_H */
# ifndef NULL
# define NULL 0
-# endif
+# endif /* ! NULL */
# define offsetof(type, member) ((size_t)(&((type *)0)->member))
# endif /* SM_CONF_STDDEF_H */
@@ -58,7 +58,8 @@
typedef int bool;
# define false 0
# define true 1
-# endif
+# define __bool_true_false_are_defined 1
+# endif /* ! __cplusplus */
# endif /* SM_CONF_STDBOOL_H */
/*
diff --git a/contrib/sendmail/include/sm/io.h b/contrib/sendmail/include/sm/io.h
index 0e50c235b2e8..d3f21d073686 100644
--- a/contrib/sendmail/include/sm/io.h
+++ b/contrib/sendmail/include/sm/io.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2000-2003 Sendmail, Inc. and its suppliers.
+ * Copyright (c) 2000-2002, 2004 Sendmail, Inc. and its suppliers.
* All rights reserved.
* Copyright (c) 1990
* The Regents of the University of California. All rights reserved.
@@ -11,7 +11,7 @@
* forth in the LICENSE file which can be found at the top level of
* the sendmail distribution.
*
- * $Id: io.h,v 1.23.2.2 2003/09/05 20:35:28 ca Exp $
+ * $Id: io.h,v 1.24 2004/03/03 19:14:49 ca Exp $
*/
/*-
@@ -34,15 +34,15 @@
#define SM_IO_RDWRTR 6 /* read-write with truncation indicated */
# define SM_IO_BINARY 0x0 /* binary mode: not used in Unix */
-#define SM_IS_BINARY(mode) ((mode) & SM_IO_BINARY != 0)
+#define SM_IS_BINARY(mode) (((mode) & SM_IO_BINARY) != 0)
#define SM_IO_MODE(mode) ((mode) & 0x0f)
-#define SM_IO_RDWR_B (SM_IO_RDWR|SM_IO_BINARY)
-#define SM_IO_RDONLY_B (SM_IO_RDONLY|SM_IO_BINARY)
-#define SM_IO_WRONLY_B (SM_IO_WRONLY|SM_IO_BINARY)
-#define SM_IO_APPEND_B (SM_IO_APPEND|SM_IO_BINARY)
+#define SM_IO_RDWR_B (SM_IO_RDWR|SM_IO_BINARY)
+#define SM_IO_RDONLY_B (SM_IO_RDONLY|SM_IO_BINARY)
+#define SM_IO_WRONLY_B (SM_IO_WRONLY|SM_IO_BINARY)
+#define SM_IO_APPEND_B (SM_IO_APPEND|SM_IO_BINARY)
#define SM_IO_APPENDRW_B (SM_IO_APPENDRW|SM_IO_BINARY)
-#define SM_IO_RDWRTR_B (SM_IO_RDWRTR|SM_IO_BINARY)
+#define SM_IO_RDWRTR_B (SM_IO_RDWRTR|SM_IO_BINARY)
/* for sm_io_fseek, et al api's (exposed) */
#define SM_IO_SEEK_SET 0
diff --git a/contrib/sendmail/include/sm/ldap.h b/contrib/sendmail/include/sm/ldap.h
index dfa0463b6266..8df8fe14b846 100644
--- a/contrib/sendmail/include/sm/ldap.h
+++ b/contrib/sendmail/include/sm/ldap.h
@@ -6,7 +6,7 @@
* forth in the LICENSE file which can be found at the top level of
* the sendmail distribution.
*
- * $Id: ldap.h,v 1.22 2002/03/05 02:17:26 ca Exp $
+ * $Id: ldap.h,v 1.27 2003/12/20 09:23:47 gshapiro Exp $
*/
#ifndef SM_LDAP_H
@@ -32,34 +32,26 @@
# if LDAPMAP
-# if _FFR_LDAP_RECURSION
-
/* Attribute types */
-# define SM_LDAP_ATTR_NONE (-1)
-# define SM_LDAP_ATTR_OBJCLASS 0
-# define SM_LDAP_ATTR_NORMAL 1
-# define SM_LDAP_ATTR_DN 2
-# define SM_LDAP_ATTR_FILTER 3
-# define SM_LDAP_ATTR_URL 4
+# define SM_LDAP_ATTR_NONE (-1)
+# define SM_LDAP_ATTR_OBJCLASS 0
+# define SM_LDAP_ATTR_NORMAL 1
+# define SM_LDAP_ATTR_DN 2
+# define SM_LDAP_ATTR_FILTER 3
+# define SM_LDAP_ATTR_URL 4
/* sm_ldap_results() flags */
-# define SM_LDAP_SINGLEMATCH 0x0001
-# define SM_LDAP_MATCHONLY 0x0002
-# define SM_LDAP_USE_ALLATTR 0x0004
-
-# endif /* _FFR_LDAP_RECURSION */
+# define SM_LDAP_SINGLEMATCH 0x0001
+# define SM_LDAP_MATCHONLY 0x0002
+# define SM_LDAP_USE_ALLATTR 0x0004
struct sm_ldap_struct
{
/* needed for ldap_open or ldap_init */
- char *ldap_target;
+ char *ldap_uri;
+ char *ldap_host;
int ldap_port;
-# if _FFR_LDAP_URI
- bool ldap_uri;
-# endif /* _FFR_LDAP_URI */
-# if _FFR_LDAP_SETVERSION
int ldap_version;
-# endif /* _FFR_LDAP_SETVERSION */
pid_t ldap_pid;
/* options set in ld struct before ldap_bind_s */
@@ -79,10 +71,8 @@ struct sm_ldap_struct
int ldap_scope;
char *ldap_filter;
char *ldap_attr[LDAPMAP_MAX_ATTR + 1];
-# if _FFR_LDAP_RECURSION
int ldap_attr_type[LDAPMAP_MAX_ATTR + 1];
char *ldap_attr_needobjclass[LDAPMAP_MAX_ATTR + 1];
-# endif /* _FFR_LDAP_RECURSION */
bool ldap_attrsonly;
/* args for ldap_result */
@@ -98,11 +88,12 @@ struct sm_ldap_struct
typedef struct sm_ldap_struct SM_LDAP_STRUCT;
-# if _FFR_LDAP_RECURSION
struct sm_ldap_recurse_entry
{
char *lr_search;
int lr_type;
+ LDAPURLDesc *lr_ludp;
+ char **lr_attrs;
bool lr_done;
};
@@ -115,17 +106,14 @@ struct sm_ldap_recurse_list
typedef struct sm_ldap_recurse_entry SM_LDAP_RECURSE_ENTRY;
typedef struct sm_ldap_recurse_list SM_LDAP_RECURSE_LIST;
-# endif /* _FFR_LDAP_RECURSION */
/* functions */
extern void sm_ldap_clear __P((SM_LDAP_STRUCT *));
extern bool sm_ldap_start __P((char *, SM_LDAP_STRUCT *));
extern int sm_ldap_search __P((SM_LDAP_STRUCT *, char *));
-# if _FFR_LDAP_RECURSION
extern int sm_ldap_results __P((SM_LDAP_STRUCT *, int, int, int,
SM_RPOOL_T *, char **, int *, int *,
SM_LDAP_RECURSE_LIST *));
-# endif /* _FFR_LDAP_RECURSION */
extern void sm_ldap_setopts __P((LDAP *, SM_LDAP_STRUCT *));
extern int sm_ldap_geterrno __P((LDAP *));
extern void sm_ldap_close __P((SM_LDAP_STRUCT *));
diff --git a/contrib/sendmail/include/sm/os/sm_os_aix.h b/contrib/sendmail/include/sm/os/sm_os_aix.h
index 9c3f469cefec..4669a3cecfc4 100644
--- a/contrib/sendmail/include/sm/os/sm_os_aix.h
+++ b/contrib/sendmail/include/sm/os/sm_os_aix.h
@@ -6,7 +6,7 @@
* forth in the LICENSE file which can be found at the top level of
* the sendmail distribution.
*
- * $Id: sm_os_aix.h,v 1.9.2.1 2003/04/28 23:11:07 ca Exp $
+ * $Id: sm_os_aix.h,v 1.11 2003/04/28 23:42:23 ca Exp $
*/
/*
diff --git a/contrib/sendmail/include/sm/os/sm_os_unicos.h b/contrib/sendmail/include/sm/os/sm_os_unicos.h
new file mode 100644
index 000000000000..57d6b72f863b
--- /dev/null
+++ b/contrib/sendmail/include/sm/os/sm_os_unicos.h
@@ -0,0 +1,19 @@
+/*
+ * Copyright (c) 2003 Sendmail, Inc. and its suppliers.
+ * All rights reserved.
+ *
+ * By using this file, you agree to the terms and conditions set
+ * forth in the LICENSE file which can be found at the top level of
+ * the sendmail distribution.
+ *
+ * $Id: sm_os_unicos.h,v 1.1 2003/04/21 17:03:51 ca Exp $
+ */
+
+/*
+** Cray UNICOS
+*/
+
+#define SM_OS_NAME "unicos"
+
+#define SM_CONF_LONGLONG 1
+#define SM_CONF_SETITIMER 0
diff --git a/contrib/sendmail/include/sm/os/sm_os_unicosmk.h b/contrib/sendmail/include/sm/os/sm_os_unicosmk.h
new file mode 100644
index 000000000000..ce87c04e35af
--- /dev/null
+++ b/contrib/sendmail/include/sm/os/sm_os_unicosmk.h
@@ -0,0 +1,18 @@
+/*
+ * Copyright (c) 2003 Sendmail, Inc. and its suppliers.
+ * All rights reserved.
+ *
+ * By using this file, you agree to the terms and conditions set
+ * forth in the LICENSE file which can be found at the top level of
+ * the sendmail distribution.
+ *
+ * $Id: sm_os_unicosmk.h,v 1.1 2003/04/21 17:03:51 ca Exp $
+ */
+
+/*
+** Cray UNICOS/mk
+*/
+
+#define SM_OS_NAME "unicosmk"
+
+#define SM_CONF_LONGLONG 1
diff --git a/contrib/sendmail/include/sm/os/sm_os_unicosmp.h b/contrib/sendmail/include/sm/os/sm_os_unicosmp.h
new file mode 100644
index 000000000000..b11350b78c4d
--- /dev/null
+++ b/contrib/sendmail/include/sm/os/sm_os_unicosmp.h
@@ -0,0 +1,22 @@
+/*
+ * Copyright (c) 2003 Sendmail, Inc. and its suppliers.
+ * All rights reserved.
+ *
+ * By using this file, you agree to the terms and conditions set
+ * forth in the LICENSE file which can be found at the top level of
+ * the sendmail distribution.
+ *
+ * $Id: sm_os_unicosmp.h,v 1.1 2003/04/21 17:03:51 ca Exp $
+ */
+
+/*
+** Cray UNICOS/mp
+*/
+
+#define SM_OS_NAME "unicosmp"
+
+#define SM_CONF_LONGLONG 1
+#define SM_CONF_SYS_CDEFS_H 1
+#define SM_CONF_MSG 1
+#define SM_CONF_SHM 1
+#define SM_CONF_SEM 1
diff --git a/contrib/sendmail/include/sm/os/sm_os_unixware.h b/contrib/sendmail/include/sm/os/sm_os_unixware.h
index aac431eb91da..6c7bfe62ad8f 100644
--- a/contrib/sendmail/include/sm/os/sm_os_unixware.h
+++ b/contrib/sendmail/include/sm/os/sm_os_unixware.h
@@ -6,7 +6,7 @@
* forth in the LICENSE file which can be found at the top level of
* the sendmail distribution.
*
- * $Id: sm_os_unixware.h,v 1.7.2.1 2002/10/24 18:02:14 ca Exp $
+ * $Id: sm_os_unixware.h,v 1.8 2002/10/24 18:04:54 ca Exp $
*/
#define SM_OS_NAME "unixware"
diff --git a/contrib/sendmail/include/sm/rpool.h b/contrib/sendmail/include/sm/rpool.h
index e750fcb7d3fd..cdff4c774292 100644
--- a/contrib/sendmail/include/sm/rpool.h
+++ b/contrib/sendmail/include/sm/rpool.h
@@ -1,12 +1,12 @@
/*
- * Copyright (c) 2000-2001 Sendmail, Inc. and its suppliers.
+ * Copyright (c) 2000-2001, 2003 Sendmail, Inc. and its suppliers.
* All rights reserved.
*
* By using this file, you agree to the terms and conditions set
* forth in the LICENSE file which can be found at the top level of
* the sendmail distribution.
*
- * $Id: rpool.h,v 1.15 2001/09/04 22:41:55 ca Exp $
+ * $Id: rpool.h,v 1.16 2003/09/05 23:07:49 ca Exp $
*/
/*
@@ -165,8 +165,12 @@ sm_rpool_malloc __P((
size_t _size));
# endif /* SM_HEAP_CHECK */
+#if DO_NOT_USE_STRCPY
+extern char *sm_rpool_strdup_x __P((SM_RPOOL_T *rpool, const char *s));
+#else /* DO_NOT_USE_STRCPY */
# define sm_rpool_strdup_x(rpool, str) \
strcpy(sm_rpool_malloc_x(rpool, strlen(str) + 1), str)
+#endif /* DO_NOT_USE_STRCPY */
extern SM_RPOOL_ATTACH_T
sm_rpool_attach_x __P((
diff --git a/contrib/sendmail/include/sm/shm.h b/contrib/sendmail/include/sm/shm.h
index 36033ed3d1b4..0334ae340376 100644
--- a/contrib/sendmail/include/sm/shm.h
+++ b/contrib/sendmail/include/sm/shm.h
@@ -6,7 +6,7 @@
* forth in the LICENSE file which can be found at the top level of
* the sendmail distribution.
*
- * $Id: shm.h,v 1.8.2.2 2003/05/17 18:34:16 ca Exp $
+ * $Id: shm.h,v 1.10 2003/05/17 18:34:54 ca Exp $
*/
#ifndef SM_SHM_H
diff --git a/contrib/sendmail/include/sm/string.h b/contrib/sendmail/include/sm/string.h
index c8cb59f690e9..7c96b8f6d44a 100644
--- a/contrib/sendmail/include/sm/string.h
+++ b/contrib/sendmail/include/sm/string.h
@@ -1,12 +1,12 @@
/*
- * Copyright (c) 2000-2001 Sendmail, Inc. and its suppliers.
+ * Copyright (c) 2000-2001, 2003 Sendmail, Inc. and its suppliers.
* All rights reserved.
*
* By using this file, you agree to the terms and conditions set
* forth in the LICENSE file which can be found at the top level of
* the sendmail distribution.
*
- * $Id: string.h,v 1.36 2001/06/17 21:31:11 ca Exp $
+ * $Id: string.h,v 1.38 2003/10/10 17:56:57 ca Exp $
*/
/*
@@ -24,25 +24,30 @@
#define SPACELEFT(buf, ptr) (sizeof buf - ((ptr) - buf))
extern int PRINTFLIKE(3, 4)
-sm_snprintf __P((
- char *,
- size_t,
- const char *,
- ...));
+sm_snprintf __P((char *, size_t, const char *, ...));
extern bool
-sm_match __P((
- const char *_str,
- const char *_pattern));
+sm_match __P((const char *_str, const char *_pattern));
extern char *
-sm_strdup __P((
- char *));
+sm_strdup __P((char *));
extern char *
-sm_strndup_x __P((
- const char *_str,
- size_t _len));
+sm_strndup_x __P((const char *_str, size_t _len));
+
+#if DO_NOT_USE_STRCPY
+/* for "normal" data (free'd before end of process) */
+extern char *
+sm_strdup_x __P((const char *_str));
+
+/* for data that is supposed to be persistent. */
+extern char *
+sm_pstrdup_x __P((const char *_str));
+
+extern char *
+sm_strdup_tagged_x __P((const char *str, char *file, int line, int group));
+
+#else /* DO_NOT_USE_STRCPY */
/* for "normal" data (free'd before end of process) */
# define sm_strdup_x(str) strcpy(sm_malloc_x(strlen(str) + 1), str)
@@ -52,35 +57,22 @@ sm_strndup_x __P((
# define sm_strdup_tagged_x(str, file, line, group) \
strcpy(sm_malloc_tagged_x(strlen(str) + 1, file, line, group), str)
+#endif /* DO_NOT_USE_STRCPY */
extern char *
-sm_stringf_x __P((
- const char *_fmt,
- ...));
+sm_stringf_x __P((const char *_fmt, ...));
extern char *
-sm_vstringf_x __P((
- const char *_fmt,
- va_list _ap));
+sm_vstringf_x __P((const char *_fmt, va_list _ap));
extern size_t
-sm_strlcpy __P((
- char *_dst,
- const char *_src,
- ssize_t _len));
+sm_strlcpy __P((char *_dst, const char *_src, ssize_t _len));
extern size_t
-sm_strlcat __P((
- char *_dst,
- const char *_src,
- ssize_t _len));
+sm_strlcat __P((char *_dst, const char *_src, ssize_t _len));
extern size_t
-sm_strlcat2 __P((
- char *,
- const char *,
- const char *,
- ssize_t));
+sm_strlcat2 __P((char *, const char *, const char *, ssize_t));
extern size_t
#ifdef __STDC__
@@ -94,40 +86,26 @@ sm_strlcpyn __P((char *,
# if !HASSTRERROR
extern char *
-strerror __P((
- int _errno));
+strerror __P((int _errno));
# endif /* !HASSTRERROR */
extern int
-sm_strrevcmp __P((
- const char *,
- const char *));
+sm_strrevcmp __P((const char *, const char *));
extern int
-sm_strrevcasecmp __P((
- const char *,
- const char *));
+sm_strrevcasecmp __P((const char *, const char *));
extern int
-sm_strcasecmp __P((
- const char *,
- const char *));
+sm_strcasecmp __P((const char *, const char *));
extern int
-sm_strncasecmp __P((
- const char *,
- const char *,
- size_t));
+sm_strncasecmp __P((const char *, const char *, size_t));
extern LONGLONG_T
-sm_strtoll __P((
- const char *,
- char**, int));
+sm_strtoll __P((const char *, char**, int));
extern ULONGLONG_T
-sm_strtoull __P((
- const char *,
- char**, int));
+sm_strtoull __P((const char *, char**, int));
extern void
stripquotes __P((char *));
diff --git a/contrib/sendmail/include/sm/varargs.h b/contrib/sendmail/include/sm/varargs.h
index 34f75124af11..7746e3a62d77 100644
--- a/contrib/sendmail/include/sm/varargs.h
+++ b/contrib/sendmail/include/sm/varargs.h
@@ -6,7 +6,7 @@
* forth in the LICENSE file which can be found at the top level of
* the sendmail distribution.
*
- * $Id: varargs.h,v 1.7.2.1 2002/07/29 21:43:20 gshapiro Exp $
+ * $Id: varargs.h,v 1.8 2002/07/29 21:31:00 gshapiro Exp $
*/
/*
diff --git a/contrib/sendmail/libmilter/Makefile.m4 b/contrib/sendmail/libmilter/Makefile.m4
index d824298ed501..5bc1a92a4a39 100644
--- a/contrib/sendmail/libmilter/Makefile.m4
+++ b/contrib/sendmail/libmilter/Makefile.m4
@@ -1,4 +1,4 @@
-dnl $Id: Makefile.m4,v 8.30.2.1 2002/06/21 21:58:28 ca Exp $
+dnl $Id: Makefile.m4,v 8.31 2002/06/21 22:01:31 ca Exp $
include(confBUILDTOOLSDIR`/M4/switch.m4')
dnl only required for compilation of EXTRAS
diff --git a/contrib/sendmail/libmilter/README b/contrib/sendmail/libmilter/README
index 96fba669755a..ec1f84b7eb04 100644
--- a/contrib/sendmail/libmilter/README
+++ b/contrib/sendmail/libmilter/README
@@ -9,11 +9,8 @@ through reference to a sample filter which is attached at the end of this
file. It is necessary to first build libmilter.a, which can be done by
issuing the './Build' command in SRCDIR/libmilter .
-NOTE: If you intend to use filters in sendmail, you must compile sendmail
-with -DMILTER defined. You can do this by adding the following to
-your devtools/Site/site.config.m4 file:
-
- APPENDDEF(`conf_sendmail_ENVDEF', `-DMILTER')
+Starting with 8.13 sendmail is compiled by default with support for
+the milter API.
+----------------+
| SECURITY HINTS |
@@ -23,13 +20,18 @@ Note: we strongly recommend not to run any milter as root. Libmilter
does not need root access to communicate with sendmail. It is a
good security practice to run a program only with root privileges
if really necessary. A milter should probably check first whether
-it runs as root and refuse to start in that case. There is a
-compile time option _FFR_MILTER_ROOT_UNSAFE which keeps libmilter
-from unlinking a socket when running as root. It is recommended
-to turn on this option:
+it runs as root and refuse to start in that case. libmilter will
+not unlink a socket when running as root.
+
++----------------------+
+| CONFIGURATION MACROS |
++----------------------+
- APPENDDEF(`conf_libmilter_ENVDEF', `-D_FFR_MILTER_ROOT_UNSAFE ')
+Libmilter uses a set of C preprocessor macros to specify platform specific
+features of the C compiler and standard C libraries.
+SM_CONF_POLL
+ Set to 1 if poll(2) should be used instead of select(2).
+-------------------+
| BUILDING A FILTER |
@@ -464,4 +466,4 @@ main(argc, argv)
/* eof */
-$Revision: 8.35.2.2 $, Last updated $Date: 2003/05/26 04:10:06 $
+$Revision: 8.40 $, Last updated $Date: 2003/12/11 18:14:34 $
diff --git a/contrib/sendmail/libmilter/comm.c b/contrib/sendmail/libmilter/comm.c
index aa48cf78791d..552e7e492351 100644
--- a/contrib/sendmail/libmilter/comm.c
+++ b/contrib/sendmail/libmilter/comm.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1999-2003 Sendmail, Inc. and its suppliers.
+ * Copyright (c) 1999-2004 Sendmail, Inc. and its suppliers.
* All rights reserved.
*
* By using this file, you agree to the terms and conditions set
@@ -9,10 +9,36 @@
*/
#include <sm/gen.h>
-SM_RCSID("@(#)$Id: comm.c,v 8.54.2.6 2003/01/03 22:14:40 ca Exp $")
+SM_RCSID("@(#)$Id: comm.c,v 8.65 2004/07/07 21:41:30 ca Exp $")
#include "libmilter.h"
#include <sm/errstring.h>
+#include <sys/uio.h>
+
+static size_t Maxdatasize = MILTER_MAX_DATA_SIZE;
+
+#if _FFR_MAXDATASIZE
+/*
+** SMFI_SETMAXDATASIZE -- set limit for milter data read/write.
+**
+** Parameters:
+** sz -- new limit.
+**
+** Returns:
+** old limit
+*/
+
+size_t
+smfi_setmaxdatasize(sz)
+ size_t sz;
+{
+ size_t old;
+
+ old = Maxdatasize;
+ Maxdatasize = sz;
+ return old;
+}
+#endif /* _FFR_MAXDATASIZE */
/*
** MI_RD_CMD -- read a command
@@ -107,7 +133,7 @@ mi_rd_cmd(sd, timeout, cmd, rlen, name)
expl = ntohl(expl) - 1;
if (expl <= 0)
return NULL;
- if (expl > MILTER_CHUNK_SIZE)
+ if (expl > Maxdatasize)
{
*cmd = SMFIC_TOOBIG;
return NULL;
@@ -195,12 +221,94 @@ mi_rd_cmd(sd, timeout, cmd, rlen, name)
*cmd = SMFIC_UNKNERR;
return NULL;
}
+
+/*
+** RETRY_WRITEV -- Keep calling the writev() system call
+** until all the data is written out or an error occurs.
+**
+** Parameters:
+** fd -- socket descriptor
+** iov -- io vector
+** iovcnt -- number of elements in io vector
+** must NOT exceed UIO_MAXIOV.
+** timeout -- maximum time to wait
+**
+** Returns:
+** success: number of bytes written
+** otherwise: MI_FAILURE
+*/
+
+static ssize_t
+retry_writev(fd, iov, iovcnt, timeout)
+ socket_t fd;
+ struct iovec *iov;
+ int iovcnt;
+ struct timeval *timeout;
+{
+ int i;
+ ssize_t n, written;
+ FD_WR_VAR(wrs);
+
+ written = 0;
+ for (;;)
+ {
+ while (iovcnt > 0 && iov[0].iov_len == 0)
+ {
+ iov++;
+ iovcnt--;
+ }
+ if (iovcnt <= 0)
+ return written;
+
+ /*
+ ** We don't care much about the timeout here,
+ ** it's very long anyway; correct solution would be
+ ** to take the time before the loop and reduce the
+ ** timeout after each invocation.
+ ** FD_SETSIZE is checked when socket is created.
+ */
+
+ FD_WR_INIT(fd, wrs);
+ i = FD_WR_READY(fd, wrs, timeout);
+ if (i == 0)
+ return MI_FAILURE;
+ if (i < 0)
+ {
+ if (errno == EINTR || errno == EAGAIN)
+ continue;
+ return MI_FAILURE;
+ }
+ n = writev(fd, iov, iovcnt);
+ if (n == -1)
+ {
+ if (errno == EINTR || errno == EAGAIN)
+ continue;
+ return MI_FAILURE;
+ }
+
+ written += n;
+ for (i = 0; i < iovcnt; i++)
+ {
+ if (iov[i].iov_len > (unsigned int) n)
+ {
+ iov[i].iov_base = (char *)iov[i].iov_base + n;
+ iov[i].iov_len -= (unsigned int) n;
+ break;
+ }
+ n -= (int) iov[i].iov_len;
+ iov[i].iov_len = 0;
+ }
+ if (i == iovcnt)
+ return written;
+ }
+}
+
/*
** MI_WR_CMD -- write a cmd to sd
**
** Parameters:
** sd -- socket descriptor
-** timeout -- maximum time to wait (currently unused)
+** timeout -- maximum time to wait
** cmd -- single character command to write
** buf -- buffer with further data
** len -- length of buffer (without cmd!)
@@ -209,38 +317,6 @@ mi_rd_cmd(sd, timeout, cmd, rlen, name)
** MI_SUCCESS/MI_FAILURE
*/
-/*
-** we don't care much about the timeout here, it's very long anyway
-** FD_SETSIZE is checked when socket is created.
-** XXX l == 0 ?
-*/
-
-#define MI_WR(data) \
- while (sl > 0) \
- { \
- FD_WR_INIT(sd, wrs); \
- ret = FD_WR_READY(sd, wrs, timeout); \
- if (ret == 0) \
- return MI_FAILURE; \
- if (ret < 0) \
- { \
- if (errno == EINTR) \
- continue; \
- else \
- return MI_FAILURE; \
- } \
- l = MI_SOCK_WRITE(sd, (void *) ((data) + i), sl); \
- if (l < 0) \
- { \
- if (errno == EINTR) \
- continue; \
- else \
- return MI_FAILURE; \
- } \
- i += l; \
- sl -= l; \
- }
-
int
mi_wr_cmd(sd, timeout, cmd, buf, len)
socket_t sd;
@@ -252,27 +328,32 @@ mi_wr_cmd(sd, timeout, cmd, buf, len)
size_t sl, i;
ssize_t l;
mi_int32 nl;
- int ret;
- FD_WR_VAR(wrs);
+ int iovcnt;
+ struct iovec iov[2];
char data[MILTER_LEN_BYTES + 1];
- if (len > MILTER_CHUNK_SIZE)
+ if (len > Maxdatasize || (len > 0 && buf == NULL))
return MI_FAILURE;
+
nl = htonl(len + 1); /* add 1 for the cmd char */
(void) memcpy(data, (void *) &nl, MILTER_LEN_BYTES);
data[MILTER_LEN_BYTES] = (char) cmd;
i = 0;
sl = MILTER_LEN_BYTES + 1;
- /* use writev() instead to send the whole stuff at once? */
-
- MI_WR(data);
- if (len > 0 && buf == NULL)
+ /* set up the vector for the size / command */
+ iov[0].iov_base = (void *) data;
+ iov[0].iov_len = sl;
+ iovcnt = 1;
+ if (len >= 0 && buf != NULL)
+ {
+ iov[1].iov_base = (void *) buf;
+ iov[1].iov_len = len;
+ iovcnt = 2;
+ }
+
+ l = retry_writev(sd, iov, iovcnt, timeout);
+ if (l == MI_FAILURE)
return MI_FAILURE;
- if (len == 0 || buf == NULL)
- return MI_SUCCESS;
- i = 0;
- sl = len;
- MI_WR(buf);
return MI_SUCCESS;
}
diff --git a/contrib/sendmail/libmilter/docs/api.html b/contrib/sendmail/libmilter/docs/api.html
index 936abed0d0db..23c4de41b42d 100644
--- a/contrib/sendmail/libmilter/docs/api.html
+++ b/contrib/sendmail/libmilter/docs/api.html
@@ -1,6 +1,9 @@
<html>
<head><title>Milter API</title></head>
<body>
+<!--
+$Id: api.html,v 1.18 2004/04/28 23:26:51 msk Exp $
+-->
<h1>Milter API</h1>
<h2>Contents</h2>
@@ -26,12 +29,20 @@ href="smfi_main.html">smfi_main</a>.
<p>
<table border="1" cellspacing=0 cellpadding=2><tr bgcolor="#dddddd"><th>Function</th><th>Description</th></tr>
+<tr><td><a href="smfi_opensocket.html">smfi_opensocket</a></td><td>Try to create the interface socket.</td></tr>
+
<tr><td><a href="smfi_register.html">smfi_register</a></td><td>Register a filter.</td></tr>
<tr><td><a href="smfi_setconn.html">smfi_setconn</a></td><td>Specify socket to use.</td></tr>
<tr><td><a href="smfi_settimeout.html">smfi_settimeout</a></td><td>Set timeout.</td></tr>
+<tr><td><a href="smfi_setbacklog.html">smfi_setbacklog</a></td><td>Define the incoming <i>listen</i>(2) queue size.</td></tr>
+
+<tr><td><a href="smfi_setdbg.html">smfi_setdbg</a></td><td>Set the milter library debugging (tracing) level.</td></tr>
+
+<tr><td><a href="smfi_stop.html">smfi_stop</a></td><td>Cause an orderly shutdown.</td></tr>
+
<tr><td><a href="smfi_main.html">smfi_main</a></td><td>Hand control to libmilter.</td></tr>
</table>
@@ -54,6 +65,9 @@ pointer.</td></tr>
<tr><td><a href="smfi_setreply.html">smfi_setreply</a></td><td>Set the specific
reply code to be used.</td></tr>
+<tr><td><a href="smfi_setmlreply.html">smfi_setmlreply</a></td><td>Set the
+specific multi-line reply to be used.</td></tr>
+
</table>
<h2>Message Modification Functions</h2>
@@ -85,6 +99,9 @@ the message.</td><td>SMFIF_ADDHDRS</td></tr>
<tr><td><a href="smfi_chgheader.html">smfi_chgheader</a></td><td>Change or delete a header.</td><td>SMFIF_CHGHDRS</td></tr>
+<tr><td><a href="smfi_insheader.html">smfi_insheader</a></td><td>Insert a
+header into the message.</td><td>SMFIF_ADDHDRS</td></tr>
+
<tr><td><a href="smfi_addrcpt.html">smfi_addrcpt</a></td><td>Add a recipient to
the envelope.</td><td>SMFIF_ADDRCPT</td></tr>
@@ -96,7 +113,29 @@ body of the message.</td><td>SMFIF_CHGBODY</td></tr>
</table>
-<h2>Callbacks</h2>
+<h2>Other Message Handling Functions</h2>
+
+The following functions provide special case handling instructions for
+milter or the MTA, without altering the content or status of the message.
+<b>They too may only be called in <a href="xxfi_eom.html">xxfi_eom</a></b>.
+All of these functions may invoke additional communication with the MTA.
+They will return either MI_SUCCESS or MI_FAILURE to indicate the status of
+the operation.
+
+<p>
+Note that the status returned indicates only whether or not the
+filter's message was successfully sent to the MTA, not whether or not
+the MTA performed the requested operation.
+
+<p>
+<table border="1" cellspacing=0 cellpadding=2><tr bgcolor="#dddddd"><th>Function</th><th>Description</th></tr>
+<tr><td><a href="smfi_progress.html">smfi_progress</a></td><td>Report operation in progress.</td></tr>
+
+<tr><td><a href="smfi_quarantine.html">smfi_quarantine</a></td><td>Quarantine a message.</td></tr>
+
+</table>
+
+<h2><a name="callbacks">Callbacks</a></h2>
The filter should implement one or more of the following callbacks,
which are registered via <a href="smfi_register.html">smfi_register</a>:
@@ -131,7 +170,7 @@ having the indicated meanings. Any return other than one of the below
values constitutes an error, and will cause sendmail to terminate its
connection to the offending filter.
-<p><a name="conn-spec"></a>Milter distinguishes between recipient-,
+<p><a name="conn-spec">Milter</a> distinguishes between recipient-,
message-, and connection-oriented routines. Recipient-oriented
callbacks may affect the processing of a single message recipient;
message-oriented callbacks, a single message; connection-oriented
diff --git a/contrib/sendmail/libmilter/docs/design.html b/contrib/sendmail/libmilter/docs/design.html
index 91804861e0a0..3cf289829d88 100644
--- a/contrib/sendmail/libmilter/docs/design.html
+++ b/contrib/sendmail/libmilter/docs/design.html
@@ -3,6 +3,9 @@
<title>Architecture</title>
</head>
<body>
+<!--
+$Id: design.html,v 1.11 2003/03/05 19:57:54 ca Exp $
+-->
<h1>Architecture</h1>
diff --git a/contrib/sendmail/libmilter/docs/index.html b/contrib/sendmail/libmilter/docs/index.html
index 93eb3f83432b..3c39abf478f5 100644
--- a/contrib/sendmail/libmilter/docs/index.html
+++ b/contrib/sendmail/libmilter/docs/index.html
@@ -4,7 +4,7 @@
</head>
<body>
<!--
-$Id: index.html,v 1.10.4.1 2003/03/05 19:54:19 ca Exp $
+$Id: index.html,v 1.12 2003/03/05 19:57:54 ca Exp $
-->
<h1>Filtering Mail with Sendmail</h1>
diff --git a/contrib/sendmail/libmilter/docs/installation.html b/contrib/sendmail/libmilter/docs/installation.html
index 370f1d3baf07..5353ea74a6d0 100644
--- a/contrib/sendmail/libmilter/docs/installation.html
+++ b/contrib/sendmail/libmilter/docs/installation.html
@@ -2,6 +2,9 @@
<head><title>Installation and Configuration</title>
</head>
<body>
+<!--
+$Id: installation.html,v 1.20 2003/03/05 19:57:54 ca Exp $
+-->
<h1>Installation</h1>
<h2>Contents</h2>
<ul>
diff --git a/contrib/sendmail/libmilter/docs/other.html b/contrib/sendmail/libmilter/docs/other.html
index 4647c5380872..22ef8229adbe 100644
--- a/contrib/sendmail/libmilter/docs/other.html
+++ b/contrib/sendmail/libmilter/docs/other.html
@@ -2,6 +2,9 @@
<head><title>Other Resources</title>
</head>
<body>
+<!--
+$Id: other.html,v 1.5 2003/03/05 19:57:54 ca Exp $
+-->
FAQ? Mailing list? More sample filters?
<hr size="1">
<font size="-1">
diff --git a/contrib/sendmail/libmilter/docs/overview.html b/contrib/sendmail/libmilter/docs/overview.html
index 981856446c22..f06fbdf22f87 100644
--- a/contrib/sendmail/libmilter/docs/overview.html
+++ b/contrib/sendmail/libmilter/docs/overview.html
@@ -4,7 +4,7 @@
</head>
<body>
<!--
-$Id: overview.html,v 1.12.4.1 2003/03/05 19:54:20 ca Exp $
+$Id: overview.html,v 1.14 2003/03/05 19:57:54 ca Exp $
-->
<h1>Technical Overview</h1>
diff --git a/contrib/sendmail/libmilter/docs/sample.html b/contrib/sendmail/libmilter/docs/sample.html
index 2cc1948dd381..29ee67ab7c1d 100644
--- a/contrib/sendmail/libmilter/docs/sample.html
+++ b/contrib/sendmail/libmilter/docs/sample.html
@@ -1,6 +1,9 @@
<html>
<head><title>A Sample Filter</title></head>
<body>
+<!--
+$Id: sample.html,v 1.18 2004/02/27 00:49:28 msk Exp $
+-->
<h1>A Sample Filter</h1>
The following sample logs each message to a separate temporary file,
@@ -121,9 +124,10 @@ sfsistat
SMFICTX *ctx;
char **argv;
{
+ int fd = -1;
+ int argc = 0;
struct mlfiPriv *priv = MLFIPRIV;
char *mailaddr = <a href="smfi_getsymval.html">smfi_getsymval</a>(ctx, "{mail_addr}");
- int argc = 0;
/* open a file to store this message */
if ((priv-&gt;mlfi_fname = strdup("/tmp/msg.XXXXXX")) == NULL)
@@ -132,14 +136,15 @@ sfsistat
return SMFIS_TEMPFAIL;
}
- if (mkstemp(priv-&gt;mlfi_fname) == -1)
+ if ((fd = mkstemp(priv-&gt;mlfi_fname)) == -1)
{
(void) mlfi_cleanup(ctx, FALSE);
return SMFIS_TEMPFAIL;
}
- if ((priv-&gt;mlfi_fp = fopen(priv-&gt;mlfi_fname, "w+")) == NULL)
+ if ((priv-&gt;mlfi_fp = fdopen(fd, "w+")) == NULL)
{
+ (void) close(fd);
(void) mlfi_cleanup(ctx, FALSE);
return SMFIS_TEMPFAIL;
}
@@ -361,7 +366,8 @@ struct smfiDesc smfilter =
{
"SampleFilter", /* filter name */
SMFI_VERSION, /* version code -- do not change */
- SMFIF_ADDHDRS, /* flags */
+ SMFIF_ADDHDRS|SMFIF_ADDRCPT,
+ /* flags */
<a href="xxfi_connect.html">mlfi_connect</a>, /* connection info filter */
<a href="xxfi_helo.html">mlfi_helo</a>, /* SMTP HELO command filter */
<a href="xxfi_envfrom.html">mlfi_envfrom</a>, /* envelope sender filter */
@@ -488,7 +494,7 @@ main(argc, argv)
</pre>
<hr size="1">
<font size="-1">
-Copyright (c) 2000-2003 Sendmail, Inc. and its suppliers.
+Copyright (c) 2000-2004 Sendmail, Inc. and its suppliers.
All rights reserved.
<br>
By using this file, you agree to the terms and conditions set
diff --git a/contrib/sendmail/libmilter/docs/smfi_addheader.html b/contrib/sendmail/libmilter/docs/smfi_addheader.html
index a49c648780ff..e1fe69d648c8 100644
--- a/contrib/sendmail/libmilter/docs/smfi_addheader.html
+++ b/contrib/sendmail/libmilter/docs/smfi_addheader.html
@@ -1,6 +1,9 @@
<html>
<head><title>smfi_addheader</title></head>
<body>
+<!--
+$Id: smfi_addheader.html,v 1.15 2004/05/04 17:55:50 ca Exp $
+-->
<h1>smfi_addheader</h1>
<table border="0" cellspacing=4 cellpadding=4>
@@ -69,7 +72,7 @@ Otherwise, it returns MI_SUCCESS.
To change a header's current value, use <a
href="smfi_chgheader.html">smfi_chgheader</a>.
<li>A filter which calls smfi_addheader must have set the SMFIF_ADDHDRS flag in the smfiDesc_str passed to <a href="smfi_register.html">smfi_register</a>.
- <li>For smfi_chgheader, filter order is important. <b>Later filters will see the header changes made by earlier ones.</b>
+ <li>For smfi_addheader, filter order is important. <b>Later filters will see the header changes made by earlier ones.</b>
<li>Neither the name nor the value of the header is checked for
standards compliance. However, each line of the header must be under
2048 characters and should be under 998 characters. If longer headers
diff --git a/contrib/sendmail/libmilter/docs/smfi_addrcpt.html b/contrib/sendmail/libmilter/docs/smfi_addrcpt.html
index 16f86c949770..05770bf28d11 100644
--- a/contrib/sendmail/libmilter/docs/smfi_addrcpt.html
+++ b/contrib/sendmail/libmilter/docs/smfi_addrcpt.html
@@ -1,6 +1,9 @@
<html>
<head><title>smfi_addrcpt</title></head>
<body>
+<!--
+$Id: smfi_addrcpt.html,v 1.9 2003/10/08 17:55:00 gshapiro Exp $
+-->
<h1>smfi_addrcpt</h1>
<table border="0" cellspacing=4 cellpadding=4>
diff --git a/contrib/sendmail/libmilter/docs/smfi_chgheader.html b/contrib/sendmail/libmilter/docs/smfi_chgheader.html
index 53ad73ce3cd8..5c7e50794945 100644
--- a/contrib/sendmail/libmilter/docs/smfi_chgheader.html
+++ b/contrib/sendmail/libmilter/docs/smfi_chgheader.html
@@ -1,6 +1,9 @@
<html>
<head><title>smfi_chgheader</title></head>
<body>
+<!--
+$Id: smfi_chgheader.html,v 1.15 2003/04/30 22:10:53 ca Exp $
+-->
<h1>smfi_chgheader</h1>
<table border="0" cellspacing=4 cellpadding=4>
diff --git a/contrib/sendmail/libmilter/docs/smfi_delrcpt.html b/contrib/sendmail/libmilter/docs/smfi_delrcpt.html
index 9608e61eaeff..7776a4369a86 100644
--- a/contrib/sendmail/libmilter/docs/smfi_delrcpt.html
+++ b/contrib/sendmail/libmilter/docs/smfi_delrcpt.html
@@ -1,6 +1,9 @@
<html>
<head><title>smfi_delrcpt</title></head>
<body>
+<!--
+$Id: smfi_delrcpt.html,v 1.9 2003/10/27 15:51:12 ca Exp $
+-->
<h1>smfi_delrcpt</h1>
<table border="0" cellspacing=4 cellpadding=4>
diff --git a/contrib/sendmail/libmilter/docs/smfi_getpriv.html b/contrib/sendmail/libmilter/docs/smfi_getpriv.html
index 85c994cd89f5..3d9f9850388c 100644
--- a/contrib/sendmail/libmilter/docs/smfi_getpriv.html
+++ b/contrib/sendmail/libmilter/docs/smfi_getpriv.html
@@ -1,6 +1,9 @@
<html>
<head><title>smfi_getpriv</title></head>
<body>
+<!--
+$Id: smfi_getpriv.html,v 1.7 2003/03/05 19:57:54 ca Exp $
+-->
<h1>smfi_getpriv</h1>
<table border="0" cellspacing=4 cellpadding=4>
diff --git a/contrib/sendmail/libmilter/docs/smfi_getsymval.html b/contrib/sendmail/libmilter/docs/smfi_getsymval.html
index 7f3db6ae0ce0..0e9bc58f6560 100644
--- a/contrib/sendmail/libmilter/docs/smfi_getsymval.html
+++ b/contrib/sendmail/libmilter/docs/smfi_getsymval.html
@@ -1,6 +1,9 @@
<html>
<head><title>smfi_getsymval</title></head>
<body>
+<!--
+$Id: smfi_getsymval.html,v 1.10 2003/03/05 19:57:54 ca Exp $
+-->
<h1>smfi_getsymval</h1>
<table border="0" cellspacing=4 cellpadding=4>
diff --git a/contrib/sendmail/libmilter/docs/smfi_insheader.html b/contrib/sendmail/libmilter/docs/smfi_insheader.html
new file mode 100644
index 000000000000..837a1fd9b07d
--- /dev/null
+++ b/contrib/sendmail/libmilter/docs/smfi_insheader.html
@@ -0,0 +1,123 @@
+<html>
+<head><title>smfi_insheader</title></head>
+<body>
+<!--
+$Id: smfi_insheader.html,v 1.3 2004/05/04 16:20:34 gshapiro Exp $
+-->
+<h1>smfi_insheader</h1>
+
+<table border="0" cellspacing=4 cellpadding=4>
+<!---------- Synopsis ----------->
+<tr><th valign="top" align=left width=150>SYNOPSIS</th><td>
+<pre>
+#include &lt;libmilter/mfapi.h&gt;
+int smfi_insheader(
+ SMFICTX *ctx,
+ int hdridx,
+ char *headerf,
+ char *headerv
+);
+</pre>
+Prepend a header to the current message.
+</td></tr>
+
+<!----------- Description ---------->
+<tr><th valign="top" align=left>DESCRIPTION</th><td>
+<table border="1" cellspacing=1 cellpadding=4>
+<tr align="left" valign=top>
+<th width="80">Called When</th>
+<td>Called only from <a href="xxfi_eom.html">xxfi_eom</a>.</td>
+</tr>
+<tr align="left" valign=top>
+<th width="80">Effects</th>
+<td>Prepends a header to the current message.</td>
+</tr>
+</table>
+
+<!----------- Arguments ---------->
+<tr><th valign="top" align=left>ARGUMENTS</th><td>
+ <table border="1" cellspacing=0>
+ <tr bgcolor="#dddddd"><th>Argument</th><th>Description</th></tr>
+ <tr valign="top"><td>ctx</td>
+ <td>Opaque context structure.
+ </td></tr>
+ <tr valign="top"><td>hdridx</td>
+ <td>The location in the internal header list where this header should
+ be inserted; 0 makes it the topmost header, etc.
+ </td></tr>
+ <tr valign="top"><td>headerf</td>
+ <td>The header name, a non-NULL, null-terminated string.
+ </td></tr>
+ <tr valign="top"><td>headerv</td>
+ <td>The header value to be added, a non-NULL, null-terminated string. This may be the empty string.
+ </td></tr>
+ </table>
+</td></tr>
+
+<!----------- Return values ---------->
+<tr>
+<th valign="top" align=left>RETURN VALUES</th>
+
+<td>smfi_insheader returns MI_FAILURE if:
+<ul><li>headerf or headerv is NULL.
+ <li>Adding headers in the current connection state is invalid.
+ <li>Memory allocation fails.
+ <li>A network error occurs.
+ <li>SMFIF_ADDHDRS was not set when <a href="smfi_register.html">smfi_register</a> was called.
+</ul>
+Otherwise, it returns MI_SUCCESS.
+</td>
+</tr>
+
+<!----------- Notes ---------->
+<tr align="left" valign=top>
+<th>NOTES</th>
+<td>
+<ul><li>smfi_insheader does not change a message's existing headers.
+To change a header's current value, use <a
+href="smfi_chgheader.html">smfi_chgheader</a>.
+ <li>A filter which calls smfi_insheader must have set the SMFIF_ADDHDRS flag in the smfiDesc_str passed to <a href="smfi_register.html">smfi_register</a>.
+ <li>For smfi_insheader, filter order is important. <b>Later filters will see the header changes made by earlier ones.</b>
+ <li>If hdridx is a number larger than the number of headers in the message, the header will simply be appended.
+ <li>Neither the name nor the value of the header is checked for
+ standards compliance. However, each line of the header must be under
+ 2048 characters and should be under 998 characters. If longer headers
+ are needed, make them multi-line. To make a multi-line header, insert
+ a line feed (ASCII 0x0a, or <tt>\n</tt> in C) followed by at least
+ one whitespace character such as a space (ASCII 0x20) or tab (ASCII 0x09,
+ or <tt>\t</tt> in C). The line feed should NOT be preceded by a
+ carriage return (ASCII 0x0d); the MTA will add this automatically.
+ <b>It is the filter writer's responsibility to ensure that no standards
+ are violated.</b>
+</ul>
+</td>
+</tr>
+
+<!----------- Example code ---------->
+<tr>
+<th valign="top" align=left>EXAMPLE</th>
+
+<td>
+ <pre>
+ int ret;
+ SMFICTX *ctx;
+
+ ...
+
+ ret = smfi_insheader(ctx, 0, "First", "See me?");
+ </pre>
+</td>
+</tr>
+
+</table>
+
+<hr size="1">
+<font size="-1">
+Copyright (c) 2004 Sendmail, Inc. and its suppliers.
+All rights reserved.
+<br>
+By using this file, you agree to the terms and conditions set
+forth in the LICENSE.
+</font>
+</body>
+</html>
diff --git a/contrib/sendmail/libmilter/docs/smfi_main.html b/contrib/sendmail/libmilter/docs/smfi_main.html
index 674ef69a282f..4e772a10d62d 100644
--- a/contrib/sendmail/libmilter/docs/smfi_main.html
+++ b/contrib/sendmail/libmilter/docs/smfi_main.html
@@ -1,6 +1,9 @@
<html>
<head><title>smfi_main</title></head>
<body>
+<!--
+$Id: smfi_main.html,v 1.7 2003/03/05 19:57:54 ca Exp $
+-->
<h1>smfi_main</h1>
<table border="0" cellspacing=4 cellpadding=4>
diff --git a/contrib/sendmail/libmilter/docs/smfi_opensocket.html b/contrib/sendmail/libmilter/docs/smfi_opensocket.html
new file mode 100644
index 000000000000..914ae5036b14
--- /dev/null
+++ b/contrib/sendmail/libmilter/docs/smfi_opensocket.html
@@ -0,0 +1,78 @@
+<html>
+<head><title>smfi_opensocket</title></head>
+<body>
+<!--
+$Id: smfi_opensocket.html,v 1.4 2003/10/20 22:28:57 msk Exp $
+-->
+<h1>smfi_opensocket</h1>
+
+<table border="0" cellspacing=4 cellpadding=4>
+<!---------- Synopsis ----------->
+<tr><th valign="top" align=left width=150>SYNOPSIS</th><td>
+<pre>
+#include &lt;libmilter/mfapi.h&gt;
+int smfi_opensocket(
+ bool rmsocket
+);
+</pre>
+Attempt to create the interface socket MTAs will use to connect to the
+filter.
+</td></tr>
+
+<!----------- Description ---------->
+<tr><th valign="top" align=left>DESCRIPTION</th><td>
+<table border="1" cellspacing=1 cellpadding=4>
+<tr align="left" valign=top>
+<th width="80">Called When</th>
+<td>Called only from program mainline, before calling
+<tt>smfi_main()</tt>.</td>
+</tr>
+<tr align="left" valign=top>
+<th width="80">Effects</th>
+<td>smfi_opensocket attempts to create the socket specified previously by
+a call to <tt>smfi_setconn()</tt> which will be the interface between MTAs
+and the filter. This allows the calling application to ensure that the
+socket can be created. If this is not called, <tt>smfi_main()</tt> will
+do so implicitly. </td>
+</tr>
+</table>
+
+<!----------- Arguments ---------->
+<tr><th valign="top" align=left>ARGUMENTS</th><td>
+ <table border="1" cellspacing=0>
+ <tr bgcolor="#dddddd"><th>Argument</th><th>Description</th></tr>
+ <tr valign="top"><td>rmsocket</td>
+ <td>A flag indicating whether or not the library should try to
+ remove any existing UNIX domain socket before trying to create
+ a new one.
+ </td></tr>
+ </table>
+</td></tr>
+
+<!----------- Return values ---------->
+<tr>
+<th valign="top" align=left>RETURN VALUES</th>
+
+<td>smfi_opensocket will fail and return MI_FAILURE if:
+<ul>
+ <li>The interface socket could not be created for any reason.
+ <li><tt>rmsocket</tt> was <tt>true</tt>, and either the socket could
+ not be examined, or exists and could not be removed.
+ <li><tt>smfi_setconn()</tt> has not been called.
+</ul>
+Otherwise, it will return MI_SUCCESS
+</td>
+</tr>
+
+</table>
+
+<hr size="1">
+<font size="-1">
+Copyright (c) 2003 Sendmail, Inc. and its suppliers.
+All rights reserved.
+<br>
+By using this file, you agree to the terms and conditions set
+forth in the LICENSE.
+</font>
+</body>
+</html>
diff --git a/contrib/sendmail/libmilter/docs/smfi_progress.html b/contrib/sendmail/libmilter/docs/smfi_progress.html
new file mode 100644
index 000000000000..85f12195b519
--- /dev/null
+++ b/contrib/sendmail/libmilter/docs/smfi_progress.html
@@ -0,0 +1,68 @@
+<html>
+<head><title>smfi_progress</title></head>
+<body>
+<!--
+$Id: smfi_progress.html,v 1.3 2003/03/05 19:57:54 ca Exp $
+-->
+<h1>smfi_progress</h1>
+
+<table border="0" cellspacing=4 cellpadding=4>
+<!---------- Synopsis ----------->
+<tr><th valign="top" align=left width=150>SYNOPSIS</th><td>
+<pre>
+#include &lt;libmilter/mfapi.h&gt;
+int smfi_progress(
+ SMFICTX *ctx;
+);
+</pre>
+Notify the MTA that an operation is still in progress.
+</td></tr>
+
+<!----------- Description ---------->
+<tr><th valign="top" align=left>DESCRIPTION</th><td>
+<table border="1" cellspacing=1 cellpadding=4>
+<tr align="left" valign=top>
+<th width="80">Called When</th>
+<td>Called only from <a href="xxfi_eom.html">xxfi_eom</a>.</td>
+</tr>
+<tr align="left" valign=top>
+<th width="80">Effects</th>
+<td>smfi_progress notifies the MTA that the filter is still working
+on a message, causing the MTA to re-start its timeouts.</td>
+</tr>
+</table>
+
+<!----------- Arguments ---------->
+<tr><th valign="top" align=left>ARGUMENTS</th><td>
+ <table border="1" cellspacing=0>
+ <tr bgcolor="#dddddd"><th>Argument</th><th>Description</th></tr>
+ <tr valign="top"><td>ctx</td>
+ <td>Opaque context structure.
+ </td></tr>
+ </table>
+</td></tr>
+
+<!----------- Return values ---------->
+<tr>
+<th valign="top" align=left>RETURN VALUES</th>
+
+<td>smfi_progress will fail and return MI_FAILURE if:
+<ul>
+ <li>A network error occurs.
+</ul>
+Otherwise, it will return MI_SUCCESS
+</td>
+</tr>
+
+</table>
+
+<hr size="1">
+<font size="-1">
+Copyright (c) 2003 Sendmail, Inc. and its suppliers.
+All rights reserved.
+<br>
+By using this file, you agree to the terms and conditions set
+forth in the LICENSE.
+</font>
+</body>
+</html>
diff --git a/contrib/sendmail/libmilter/docs/smfi_quarantine.html b/contrib/sendmail/libmilter/docs/smfi_quarantine.html
new file mode 100644
index 000000000000..066cce81d739
--- /dev/null
+++ b/contrib/sendmail/libmilter/docs/smfi_quarantine.html
@@ -0,0 +1,73 @@
+<html>
+<head><title>smfi_quarantine</title></head>
+<body>
+<!--
+$Id: smfi_quarantine.html,v 1.3 2003/03/05 19:57:54 ca Exp $
+-->
+<h1>smfi_quarantine</h1>
+
+<table border="0" cellspacing=4 cellpadding=4>
+<!---------- Synopsis ----------->
+<tr><th valign="top" align=left width=150>SYNOPSIS</th><td>
+<pre>
+#include &lt;libmilter/mfapi.h&gt;
+int smfi_quarantine(
+ SMFICTX *ctx;
+ char *reason;
+);
+</pre>
+Quarantine the message using the given reason.
+</td></tr>
+
+<!----------- Description ---------->
+<tr><th valign="top" align=left>DESCRIPTION</th><td>
+<table border="1" cellspacing=1 cellpadding=4>
+<tr align="left" valign=top>
+<th width="80">Called When</th>
+<td>Called only from <a href="xxfi_eom.html">xxfi_eom</a>.</td>
+</tr>
+<tr align="left" valign=top>
+<th width="80">Effects</th>
+<td>smfi_quarantine quarantines the message using the given reason.</td>
+</tr>
+</table>
+
+<!----------- Arguments ---------->
+<tr><th valign="top" align=left>ARGUMENTS</th><td>
+ <table border="1" cellspacing=0>
+ <tr bgcolor="#dddddd"><th>Argument</th><th>Description</th></tr>
+ <tr valign="top"><td>ctx</td>
+ <td>Opaque context structure.
+ </td></tr>
+ <tr valign="top"><td>reason</td>
+ <td>The quarantine reason, a non-NULL and non-empty null-terminated string.
+ </td></tr>
+ </table>
+</td></tr>
+
+<!----------- Return values ---------->
+<tr>
+<th valign="top" align=left>RETURN VALUES</th>
+
+<td>smfi_quarantine will fail and return MI_FAILURE if:
+<ul>
+ <li>reason is NULL or empty.
+ <li>A network error occurs.
+ <li>SMFIF_QUARANTINE was not set when <a href="smfi_register.html">smfi_register</a> was called.
+</ul>
+Otherwise, it will return MI_SUCCESS
+</td>
+</tr>
+
+</table>
+
+<hr size="1">
+<font size="-1">
+Copyright (c) 2002-2003 Sendmail, Inc. and its suppliers.
+All rights reserved.
+<br>
+By using this file, you agree to the terms and conditions set
+forth in the LICENSE.
+</font>
+</body>
+</html>
diff --git a/contrib/sendmail/libmilter/docs/smfi_register.html b/contrib/sendmail/libmilter/docs/smfi_register.html
index 0aac254a6b40..3f6ed8301ee2 100644
--- a/contrib/sendmail/libmilter/docs/smfi_register.html
+++ b/contrib/sendmail/libmilter/docs/smfi_register.html
@@ -1,6 +1,9 @@
<html>
<head><title>smfi_register</title></head>
<body>
+<!--
+$Id: smfi_register.html,v 1.11 2003/05/26 04:10:52 gshapiro Exp $
+-->
<h1>smfi_register</h1>
<table border="0" cellspacing=4 cellpadding=4>
diff --git a/contrib/sendmail/libmilter/docs/smfi_replacebody.html b/contrib/sendmail/libmilter/docs/smfi_replacebody.html
index 2ef0f4933529..91ac8822ec9a 100644
--- a/contrib/sendmail/libmilter/docs/smfi_replacebody.html
+++ b/contrib/sendmail/libmilter/docs/smfi_replacebody.html
@@ -1,6 +1,9 @@
<html>
<head><title>smfi_replacebody</title></head>
<body>
+<!--
+$Id: smfi_replacebody.html,v 1.13 2003/03/05 19:57:54 ca Exp $
+-->
<h1>smfi_replacebody</h1>
<table border="0" cellspacing=4 cellpadding=4>
diff --git a/contrib/sendmail/libmilter/docs/smfi_setbacklog.html b/contrib/sendmail/libmilter/docs/smfi_setbacklog.html
index d55926619002..79d8d527209b 100644
--- a/contrib/sendmail/libmilter/docs/smfi_setbacklog.html
+++ b/contrib/sendmail/libmilter/docs/smfi_setbacklog.html
@@ -1,6 +1,9 @@
<html>
<head><title>smfi_setbacklog</title></head>
<body>
+<!--
+$Id: smfi_setbacklog.html,v 1.3 2003/03/05 19:57:54 ca Exp $
+-->
<h1>smfi_setbacklog</h1>
<table border="0" cellspacing=4 cellpadding=4>
diff --git a/contrib/sendmail/libmilter/docs/smfi_setconn.html b/contrib/sendmail/libmilter/docs/smfi_setconn.html
index 0f810b4b3385..07461ccced2f 100644
--- a/contrib/sendmail/libmilter/docs/smfi_setconn.html
+++ b/contrib/sendmail/libmilter/docs/smfi_setconn.html
@@ -1,6 +1,9 @@
<html>
<head><title>smfi_setconn</title></head>
<body>
+<!--
+$Id: smfi_setconn.html,v 1.14 2003/05/26 05:09:16 gshapiro Exp $
+-->
<h1>smfi_setconn</h1>
<table border="0" cellspacing=4 cellpadding=4>
diff --git a/contrib/sendmail/libmilter/docs/smfi_setdbg.html b/contrib/sendmail/libmilter/docs/smfi_setdbg.html
new file mode 100644
index 000000000000..3203f0ff8bfd
--- /dev/null
+++ b/contrib/sendmail/libmilter/docs/smfi_setdbg.html
@@ -0,0 +1,67 @@
+<html>
+<head><title>smfi_setdbg</title></head>
+<body>
+<!--
+$Id: smfi_setdbg.html,v 1.1 2003/12/03 17:28:49 ca Exp $
+-->
+<h1>smfi_setdbg</h1>
+
+<table border="0" cellspacing=4 cellpadding=4>
+<!---------- Synopsis ----------->
+<tr><th valign="top" align=left width=150>SYNOPSIS</th><td>
+<pre>
+#include &lt;libmilter/mfapi.h&gt;
+int smfi_setdbg(
+ int level;
+);
+</pre>
+Set the debugging (tracing) level for the milter library.
+</td></tr>
+
+<!----------- Description ---------->
+<tr><th valign="top" align=left>DESCRIPTION</th><td>
+<table border="1" cellspacing=1 cellpadding=4>
+<tr align="left" valign=top>
+<th width="80">Called When</th>
+<td>Called from any any routine at any time.</td>
+</tr>
+<tr align="left" valign=top>
+<th width="80">Effects</th>
+<td>smfi_setdbg sets the milter library's internal debugging level
+to a new level so that code details may be traced.
+A level of zero turns off debugging. The greater
+(more positive) the level the more detailed the debugging. Six is
+the current, highest, useful value.</td>
+</tr>
+</table>
+
+<!----------- Arguments ---------->
+<tr><th valign="top" align=left>ARGUMENTS</th><td>
+ <table border="1" cellspacing=0>
+ <tr bgcolor="#dddddd"><th>Argument</th><th>Description</th></tr>
+ <tr valign="top"><td>level</td>
+ <td>The new debugging level
+ </td></tr>
+ </table>
+</td></tr>
+
+<!----------- Return values ---------->
+<tr>
+<th valign="top" align=left>RETURN VALUES</th>
+
+<td>smfi_setdbg returns MI_SUCCESS by default.
+</td>
+</tr>
+
+</table>
+
+<hr size="1">
+<font size="-1">
+Copyright (c) 2003 Sendmail, Inc. and its suppliers.
+All rights reserved.
+<br>
+By using this file, you agree to the terms and conditions set
+forth in the LICENSE.
+</font>
+</body>
+</html>
diff --git a/contrib/sendmail/libmilter/docs/smfi_setmlreply.html b/contrib/sendmail/libmilter/docs/smfi_setmlreply.html
new file mode 100644
index 000000000000..060c81d4d944
--- /dev/null
+++ b/contrib/sendmail/libmilter/docs/smfi_setmlreply.html
@@ -0,0 +1,147 @@
+<html>
+<head><title>smfi_setmlreply</title></head>
+<body>
+<!--
+$Id: smfi_setmlreply.html,v 1.1 2004/01/01 00:32:45 gshapiro Exp $
+-->
+<h1>smfi_setmlreply</h1>
+
+<table border="0" cellspacing=4 cellpadding=4>
+<!---------- Synopsis ----------->
+<tr><th valign="top" align=left width=150>SYNOPSIS</th><td>
+<pre>
+#include &lt;libmilter/mfapi.h&gt;
+int smfi_setmlreply(
+ SMFICTX *ctx,
+ char *rcode,
+ char *xcode,
+ ...
+);
+</pre>
+Set the default SMTP error reply code to a multi-line response. Only 4XX
+and 5XX replies are accepted.
+</td></tr>
+
+<!----------- Description ---------->
+<tr><th valign="top" align=left>DESCRIPTION</th><td>
+<table border="1" cellspacing=1 cellpadding=4>
+<tr align="left" valign=top>
+<th width="80">Called When</th>
+<td>smfi_setmlreply may be called from any of the xxfi_ callbacks
+other than xxfi_connect.</td>
+</tr>
+<tr align="left" valign=top>
+<th width="80">Effects</th>
+<td>Directly set the SMTP error reply code for this connection to the given
+lines after the xcode. The list of arguments must be NULL terminated.
+This code will be used on subsequent error replies resulting from actions
+taken by this filter.</td>
+</tr>
+</table>
+
+<!----------- Arguments ---------->
+<tr><th valign="top" align=left>ARGUMENTS</th><td>
+ <table border="1" cellspacing=0>
+ <tr bgcolor="#dddddd"><th>Argument</th><th>Description</th></tr>
+ <tr valign="top"><td>ctx</td>
+ <td>Opaque context structure.
+ </td></tr>
+ <tr valign="top"><td>rcode</td>
+ <td>The three-digit (RFC 821/2821) SMTP reply code, as a
+ null-terminated string. rcode cannot be NULL, and must be a valid
+ 4XX or 5XX reply code.
+ </td></tr>
+ <tr valign="top"><td>xcode</td>
+ <td>The extended (RFC 1893/2034) reply code. If xcode is NULL, no
+ extended code is used. Otherwise, xcode must conform to RFC 1893/2034.
+ </td></tr>
+ <tr valign="top"><td>...</td>
+ <td>The remainder of the arguments are single lines of text, up to
+ 32 arguments, which will be used as the text part of the SMTP
+ reply. The list must be NULL terminated.
+ </td></tr>
+ </table>
+</td></tr>
+
+<!----------- Example ---------->
+<tr>
+<th valign="top" align=left>RETURN VALUES</th>
+<td>
+For example, the code:<BR>
+<pre>
+ ret = smfi_setmlreply(ctx, "550", "5.7.0",
+ "Spammer access rejected",
+ "Please see our policy at:",
+ "http://www.example.com/spampolicy.html",
+ NULL);
+</pre>
+<BR>would give the SMTP response:<BR>
+<pre>
+550-5.7.0 Spammer access rejected
+550-5.7.0 Please see our policy at:
+550 5.7.0 http://www.example.com/spampolicy.html
+</td>
+</tr>
+
+<!----------- Return values ---------->
+<tr>
+<th valign="top" align=left>RETURN VALUES</th>
+
+<td>smfi_setmlreply will fail and return MI_FAILURE if:
+<ul>
+ <li>The rcode or xcode argument is invalid.
+ <li>A memory-allocation failure occurs.
+ <li>If any text line contains a carraige return or line feed.
+ <li>The length of any text line is more than MAXREPLYLEN (980).
+ <li>More than 32 lines of text replies are given.
+</ul>
+Otherwise, it return MI_SUCCESS.
+</td>
+</tr>
+
+<!----------- Notes ---------->
+<tr align="left" valign=top>
+<th>NOTES</th>
+<td>
+<ul>
+<li>Values passed to smfi_setmlreply are not checked for standards compliance.
+<li>The message parameter should contain only printable characters,
+other characters may lead to undefined behavior.
+For example, CR or LF will cause the call to fail,
+single '%' characters will cause the text to be ignored
+(if there really should be a '%' in the string,
+use '%%' just like for <tt>printf(3)</tt>).
+<li>For details about reply codes and their meanings, please see RFC's
+<a href="http://www.rfc-editor.org/rfc/rfc821.txt">821</a>/
+<a href="http://www.rfc-editor.org/rfc/rfc2821.txt">2821</a>
+and
+<a href="http://www.rfc-editor.org/rfc/rfc1893.txt">1893</a>/
+<a href="http://www.rfc-editor.org/rfc/rfc2034.txt">2034</a>.
+<li>If the reply code (rcode) given is a '4XX' code but SMFI_REJECT is used
+for the message, the custom reply is not used.
+<li>Similarly, if the reply code (rcode) given is a '5XX' code but
+SMFI_TEMPFAIL is used for the message, the custom reply is not used.
+<BR>
+Note: in neither of the last two cases an error is returned to the milter,
+libmilter silently ignores the reply code.
+<li>
+If the milter returns SMFI_TEMPFAIL
+and sets the reply code to '421',
+then the SMTP server will terminate the SMTP session with a 421
+error code.
+</ul>
+</td>
+</tr>
+
+</table>
+
+<hr size="1">
+<font size="-1">
+Copyright (c) 2000, 2002-2003 Sendmail, Inc. and its suppliers.
+All rights reserved.
+<br>
+By using this file, you agree to the terms and conditions set
+forth in the LICENSE.
+</font>
+</body>
+</html>
diff --git a/contrib/sendmail/libmilter/docs/smfi_setpriv.html b/contrib/sendmail/libmilter/docs/smfi_setpriv.html
index 6bd79965da60..61e30a9841b1 100644
--- a/contrib/sendmail/libmilter/docs/smfi_setpriv.html
+++ b/contrib/sendmail/libmilter/docs/smfi_setpriv.html
@@ -1,6 +1,9 @@
<html>
<head><title>smfi_setpriv</title></head>
<body>
+<!--
+$Id: smfi_setpriv.html,v 1.9 2003/03/05 19:57:54 ca Exp $
+-->
<h1>smfi_setpriv</h1>
<table border="0" cellspacing=4 cellpadding=4>
diff --git a/contrib/sendmail/libmilter/docs/smfi_setreply.html b/contrib/sendmail/libmilter/docs/smfi_setreply.html
index d5b0e2453306..f62196b7a6cb 100644
--- a/contrib/sendmail/libmilter/docs/smfi_setreply.html
+++ b/contrib/sendmail/libmilter/docs/smfi_setreply.html
@@ -1,6 +1,9 @@
<html>
<head><title>smfi_setreply</title></head>
<body>
+<!--
+$Id: smfi_setreply.html,v 1.14 2003/11/16 05:04:01 ca Exp $
+-->
<h1>smfi_setreply</h1>
<table border="0" cellspacing=4 cellpadding=4>
@@ -91,6 +94,14 @@ and
for the message, the custom reply is not used.
<li>Similarly, if the reply code (rcode) given is a '5XX' code but
SMFI_TEMPFAIL is used for the message, the custom reply is not used.
+<BR>
+Note: in neither of the last two cases an error is returned to the milter,
+libmilter silently ignores the reply code.
+<li>
+If the milter returns SMFI_TEMPFAIL
+and sets the reply code to '421',
+then the SMTP server will terminate the SMTP session with a 421
+error code.
</ul>
</td>
</tr>
diff --git a/contrib/sendmail/libmilter/docs/smfi_settimeout.html b/contrib/sendmail/libmilter/docs/smfi_settimeout.html
index c27f8176f5aa..08f01ed97801 100644
--- a/contrib/sendmail/libmilter/docs/smfi_settimeout.html
+++ b/contrib/sendmail/libmilter/docs/smfi_settimeout.html
@@ -1,6 +1,9 @@
<html>
<head><title>smfi_settimeout</title></head>
<body>
+<!--
+$Id: smfi_settimeout.html,v 1.11 2003/03/05 19:57:54 ca Exp $
+-->
<h1>smfi_settimeout</h1>
<table border="0" cellspacing=4 cellpadding=4>
diff --git a/contrib/sendmail/libmilter/docs/smfi_stop.html b/contrib/sendmail/libmilter/docs/smfi_stop.html
new file mode 100644
index 000000000000..bf934231c99e
--- /dev/null
+++ b/contrib/sendmail/libmilter/docs/smfi_stop.html
@@ -0,0 +1,73 @@
+<html>
+<head><title>smfi_stop</title></head>
+<body>
+<!--
+$Id: smfi_stop.html,v 1.2 2003/11/24 23:38:26 ca Exp $
+-->
+<h1>smfi_stop</h1>
+
+<table border="0" cellspacing=4 cellpadding=4>
+<!---------- Synopsis ----------->
+<tr><th valign="top" align=left width=150>SYNOPSIS</th><td>
+<pre>
+#include &lt;libmilter/mfapi.h&gt;
+int smfi_stop(void);
+</pre>
+Start an orderly shutdown of the milter. No connections will be accepted
+after this call.
+</td></tr>
+
+<!----------- Description ---------->
+<tr><th valign="top" align=left>DESCRIPTION</th><td>
+<table border="1" cellspacing=1 cellpadding=4>
+<tr align="left" valign=top>
+<th width="80">Called When</th>
+<td>Called from any of the <a href="api.html#callbacks">Callback</a> routines
+or any error-handling routines at any time.</td>
+</tr>
+<tr align="left" valign=top>
+<th width="80">Effects</th>
+<td>The smfi_stop routine
+causes each thread to finish its current connection, then exit.
+When all threads have exited, the call
+to <a href="smfi_main.html">smfi_main</a> returns to your calling program,
+which may then exit or warm-restart.
+</td>
+</tr>
+</table>
+
+<!----------- Arguments ---------->
+<tr><th valign="top" align=left>ARGUMENTS</th><td>
+ <table border="1" cellspacing=0>
+ <tr bgcolor="#dddddd"><th>Argument</th><th>Description</th></tr>
+ <tr valign="top"><td>void</td>
+ <td>Takes no arguement.
+ </td></tr>
+ </table>
+</td></tr>
+
+<!----------- Return values ---------->
+<tr>
+<th valign="top" align=left>RETURN VALUES</th>
+
+<td>smfi_stop always returns SMFI_CONTINUE. But note:
+<ul>
+ <li>Another internal routine may already have asked the milter to abort.
+ <li>Another routine may already have asked the milter to stop.
+ <li>There is no way to cancel the stop process once it has begun.
+</ul>
+</td>
+</tr>
+
+</table>
+
+<hr size="1">
+<font size="-1">
+Copyright (c) 2003 Sendmail, Inc. and its suppliers.
+All rights reserved.
+<br>
+By using this file, you agree to the terms and conditions set
+forth in the LICENSE.
+</font>
+</body>
+</html>
diff --git a/contrib/sendmail/libmilter/docs/xxfi_abort.html b/contrib/sendmail/libmilter/docs/xxfi_abort.html
index d47b50518bff..3db1117c0d1a 100644
--- a/contrib/sendmail/libmilter/docs/xxfi_abort.html
+++ b/contrib/sendmail/libmilter/docs/xxfi_abort.html
@@ -1,6 +1,9 @@
<html>
<head><title>xxfi_abort</title></head>
<body>
+<!--
+$Id: xxfi_abort.html,v 1.9 2003/03/05 19:57:55 ca Exp $
+-->
<h1>xxfi_abort</h1>
<table border="0" cellspacing=4 cellpadding=4>
diff --git a/contrib/sendmail/libmilter/docs/xxfi_body.html b/contrib/sendmail/libmilter/docs/xxfi_body.html
index 6aed207c8480..044e9ce22f33 100644
--- a/contrib/sendmail/libmilter/docs/xxfi_body.html
+++ b/contrib/sendmail/libmilter/docs/xxfi_body.html
@@ -1,6 +1,9 @@
<html>
<head><title>xxfi_body</title></head>
<body>
+<!--
+$Id: xxfi_body.html,v 1.12 2003/03/05 19:57:55 ca Exp $
+-->
<h1>xxfi_body</h1>
<table border="0" cellspacing=4 cellpadding=4>
diff --git a/contrib/sendmail/libmilter/docs/xxfi_close.html b/contrib/sendmail/libmilter/docs/xxfi_close.html
index 30db78643d7f..99b36e66acc7 100644
--- a/contrib/sendmail/libmilter/docs/xxfi_close.html
+++ b/contrib/sendmail/libmilter/docs/xxfi_close.html
@@ -1,6 +1,9 @@
<html>
<head><title>xxfi_close</title></head>
<body>
+<!--
+$Id: xxfi_close.html,v 1.10 2004/06/16 22:41:36 ca Exp $
+-->
<h1>xxfi_close</h1>
<table border="0" cellspacing=4 cellpadding=4>
@@ -43,6 +46,18 @@ The current connection is being closed.
<th valign="top" align=left>NOTES</th>
<td>
<ul>
+<li>xxfi_close may be called "out-of-order", i.e. before even the
+xxfi_connect is called.
+After a connection is established by the MTA to the filter,
+if the MTA decides this connection's traffic will be discarded
+(e.g. via an access_db result), no data will be passed to the
+filter from the MTA until the client closes down.
+At that time, xxfi_close is called.
+It can therefore be the only callback ever used for a given connection,
+and developers should anticipate this possibility when crafting their
+xxfi_close code.
+In particular, it is incorrect to assume the private context pointer
+will be something other than NULL in this callback.
<li>xxfi_close is called on close even if the previous mail
transaction was aborted.
<li>xxfi_close is responsible for freeing any resources allocated on a
@@ -56,7 +71,7 @@ currently ignored.
<hr size="1">
<font size="-1">
-Copyright (c) 2000, 2003 Sendmail, Inc. and its suppliers.
+Copyright (c) 2000, 2003, 2004 Sendmail, Inc. and its suppliers.
All rights reserved.
<br>
By using this file, you agree to the terms and conditions set
diff --git a/contrib/sendmail/libmilter/docs/xxfi_connect.html b/contrib/sendmail/libmilter/docs/xxfi_connect.html
index 85d02e412663..b39bc946f1bc 100644
--- a/contrib/sendmail/libmilter/docs/xxfi_connect.html
+++ b/contrib/sendmail/libmilter/docs/xxfi_connect.html
@@ -1,6 +1,9 @@
<html>
<head><title>xxfi_connect</title></head>
<body>
+<!--
+$Id: xxfi_connect.html,v 1.13 2003/10/29 22:54:16 msk Exp $
+-->
<h1>xxfi_connect</h1>
<table border="0" cellspacing=4 cellpadding=4>
@@ -78,7 +81,9 @@ is passed to smfi_register().
<tr valign="top">
<td>SMFIS_TEMPFAIL</td>
<td>Reject all commands and messages from this client with a
- temporary failure reply code. </td>
+ temporary failure reply code. If also used in conjunction
+ with <tt>smfi_setreply()</tt> to set a reply whose SMTP
+ code is 421, the MTA will drop the connection immediately. </td>
</tr>
<tr valign="top">
<td>SMFIS_REJECT</td>
diff --git a/contrib/sendmail/libmilter/docs/xxfi_envfrom.html b/contrib/sendmail/libmilter/docs/xxfi_envfrom.html
index 5eeaa376fdc9..df9e0fc2cd95 100644
--- a/contrib/sendmail/libmilter/docs/xxfi_envfrom.html
+++ b/contrib/sendmail/libmilter/docs/xxfi_envfrom.html
@@ -1,6 +1,9 @@
<html>
<head><title>xxfi_envfrom</title></head>
<body>
+<!--
+$Id: xxfi_envfrom.html,v 1.9 2003/03/05 19:57:55 ca Exp $
+-->
<h1>xxfi_envfrom</h1>
<table border="0" cellspacing=4 cellpadding=4>
diff --git a/contrib/sendmail/libmilter/docs/xxfi_envrcpt.html b/contrib/sendmail/libmilter/docs/xxfi_envrcpt.html
index a96ac95f2e15..e0c609421b91 100644
--- a/contrib/sendmail/libmilter/docs/xxfi_envrcpt.html
+++ b/contrib/sendmail/libmilter/docs/xxfi_envrcpt.html
@@ -1,6 +1,9 @@
<html>
<head><title>xxfi_envrcpt</title></head>
<body>
+<!--
+$Id: xxfi_envrcpt.html,v 1.11 2003/12/30 00:19:42 gshapiro Exp $
+-->
<h1>xxfi_envrcpt</h1>
<table border="0" cellspacing=4 cellpadding=4>
diff --git a/contrib/sendmail/libmilter/docs/xxfi_eoh.html b/contrib/sendmail/libmilter/docs/xxfi_eoh.html
index b745959594c0..350ca969f56f 100644
--- a/contrib/sendmail/libmilter/docs/xxfi_eoh.html
+++ b/contrib/sendmail/libmilter/docs/xxfi_eoh.html
@@ -1,6 +1,9 @@
<html>
<head><title>xxfi_eoh</title></head>
<body>
+<!--
+$Id: xxfi_eoh.html,v 1.8 2003/03/05 19:57:55 ca Exp $
+-->
<h1>xxfi_eoh</h1>
<table border="0" cellspacing=4 cellpadding=4>
diff --git a/contrib/sendmail/libmilter/docs/xxfi_eom.html b/contrib/sendmail/libmilter/docs/xxfi_eom.html
index 1c99103cd1e8..78c6943babb1 100644
--- a/contrib/sendmail/libmilter/docs/xxfi_eom.html
+++ b/contrib/sendmail/libmilter/docs/xxfi_eom.html
@@ -1,6 +1,9 @@
<html>
<head><title>xxfi_eom</title></head>
<body>
+<!--
+$Id: xxfi_eom.html,v 1.9 2003/03/05 19:57:55 ca Exp $
+-->
<h1>xxfi_eom</h1>
<table border="0" cellspacing=4 cellpadding=4>
diff --git a/contrib/sendmail/libmilter/docs/xxfi_header.html b/contrib/sendmail/libmilter/docs/xxfi_header.html
index 1be49584c808..3ad3e5b2e71b 100644
--- a/contrib/sendmail/libmilter/docs/xxfi_header.html
+++ b/contrib/sendmail/libmilter/docs/xxfi_header.html
@@ -1,6 +1,9 @@
<html>
<head><title>xxfi_header</title></head>
<body>
+<!--
+$Id: xxfi_header.html,v 1.10 2003/03/05 19:57:55 ca Exp $
+-->
<h1>xxfi_header</h1>
<table border="0" cellspacing=4 cellpadding=4>
diff --git a/contrib/sendmail/libmilter/docs/xxfi_helo.html b/contrib/sendmail/libmilter/docs/xxfi_helo.html
index 0eb8df6703cb..dc7bbf33ca5f 100644
--- a/contrib/sendmail/libmilter/docs/xxfi_helo.html
+++ b/contrib/sendmail/libmilter/docs/xxfi_helo.html
@@ -1,6 +1,9 @@
<html>
<head><title>xxfi_helo</title></head>
<body>
+<!--
+$Id: xxfi_helo.html,v 1.8 2003/03/05 19:57:55 ca Exp $
+-->
<h1>xxfi_helo</h1>
<table border="0" cellspacing=4 cellpadding=4>
diff --git a/contrib/sendmail/libmilter/engine.c b/contrib/sendmail/libmilter/engine.c
index 6bd225ce5542..66ed99223f96 100644
--- a/contrib/sendmail/libmilter/engine.c
+++ b/contrib/sendmail/libmilter/engine.c
@@ -9,7 +9,7 @@
*/
#include <sm/gen.h>
-SM_RCSID("@(#)$Id: engine.c,v 8.109.2.8 2003/12/01 23:57:45 msk Exp $")
+SM_RCSID("@(#)$Id: engine.c,v 8.119 2003/12/02 18:53:57 ca Exp $")
#include "libmilter.h"
@@ -64,16 +64,10 @@ typedef struct cmdfct_t cmdfct;
#define CI_HELO 1
#define CI_MAIL 2
#define CI_RCPT 3
-#if _FFR_MILTER_MACROS_EOM
-# define CI_EOM 4
-# if CI_EOM >= MAX_MACROS_ENTRIES
+#define CI_EOM 4
+#if CI_EOM >= MAX_MACROS_ENTRIES
ERROR: do not compile with CI_EOM >= MAX_MACROS_ENTRIES
-# endif
-#else /* _FFR_MILTER_MACROS_EOM */
-# if CI_RCPT >= MAX_MACROS_ENTRIES
-ERROR: do not compile with CI_RCPT >= MAX_MACROS_ENTRIES
-# endif
-#endif /* _FFR_MILTER_MACROS_EOM */
+#endif
/* function prototypes */
static int st_abortfct __P((genarg *));
@@ -86,6 +80,12 @@ static int st_helo __P((genarg *));
static int st_header __P((genarg *));
static int st_sender __P((genarg *));
static int st_rcpt __P((genarg *));
+#if SMFI_VERSION > 2
+static int st_unknown __P((genarg *));
+#endif /* SMFI_VERSION > 2 */
+#if SMFI_VERSION > 3
+static int st_data __P((genarg *));
+#endif /* SMFI_VERSION > 3 */
static int st_eoh __P((genarg *));
static int st_quit __P((genarg *));
static int sendreply __P((sfsistat, socket_t, struct timeval *, SMFICTX_PTR));
@@ -102,13 +102,15 @@ static int dec_arg2 __P((char *, size_t, char **, char **));
#define ST_HELO 3 /* helo */
#define ST_MAIL 4 /* mail from */
#define ST_RCPT 5 /* rcpt to */
-#define ST_HDRS 6 /* headers */
-#define ST_EOHS 7 /* end of headers */
-#define ST_BODY 8 /* body */
-#define ST_ENDM 9 /* end of message */
-#define ST_QUIT 10 /* quit */
-#define ST_ABRT 11 /* abort */
-#define ST_LAST ST_ABRT
+#define ST_DATA 6 /* data */
+#define ST_HDRS 7 /* headers */
+#define ST_EOHS 8 /* end of headers */
+#define ST_BODY 9 /* body */
+#define ST_ENDM 10 /* end of message */
+#define ST_QUIT 11 /* quit */
+#define ST_ABRT 12 /* abort */
+#define ST_UNKN 13 /* unknown SMTP command */
+#define ST_LAST ST_UNKN /* last valid state */
#define ST_SKIP 15 /* not a state but required for the state table */
/* in a mail transaction? must be before eom according to spec. */
@@ -125,19 +127,25 @@ static int dec_arg2 __P((char *, size_t, char **, char **));
#define MI_MASK(x) (0x0001 << (x)) /* generate a bit "mask" for a state */
#define NX_INIT (MI_MASK(ST_OPTS))
-#define NX_OPTS (MI_MASK(ST_CONN))
-#define NX_CONN (MI_MASK(ST_HELO) | MI_MASK(ST_MAIL))
-#define NX_HELO (MI_MASK(ST_HELO) | MI_MASK(ST_MAIL))
-#define NX_MAIL (MI_MASK(ST_RCPT) | MI_MASK(ST_ABRT))
-#define NX_RCPT (MI_MASK(ST_HDRS) | MI_MASK(ST_EOHS) | \
+#define NX_OPTS (MI_MASK(ST_CONN) | MI_MASK(ST_UNKN))
+#define NX_CONN (MI_MASK(ST_HELO) | MI_MASK(ST_MAIL) | MI_MASK(ST_UNKN))
+#define NX_HELO (MI_MASK(ST_HELO) | MI_MASK(ST_MAIL) | MI_MASK(ST_UNKN))
+#define NX_MAIL (MI_MASK(ST_RCPT) | MI_MASK(ST_ABRT) | MI_MASK(ST_UNKN))
+#define NX_RCPT (MI_MASK(ST_HDRS) | MI_MASK(ST_EOHS) | MI_MASK(ST_DATA) | \
MI_MASK(ST_BODY) | MI_MASK(ST_ENDM) | \
- MI_MASK(ST_RCPT) | MI_MASK(ST_ABRT))
+ MI_MASK(ST_RCPT) | MI_MASK(ST_ABRT) | MI_MASK(ST_UNKN))
+#define NX_DATA (MI_MASK(ST_EOHS) | MI_MASK(ST_HDRS) | MI_MASK(ST_ABRT))
#define NX_HDRS (MI_MASK(ST_EOHS) | MI_MASK(ST_HDRS) | MI_MASK(ST_ABRT))
#define NX_EOHS (MI_MASK(ST_BODY) | MI_MASK(ST_ENDM) | MI_MASK(ST_ABRT))
#define NX_BODY (MI_MASK(ST_ENDM) | MI_MASK(ST_BODY) | MI_MASK(ST_ABRT))
-#define NX_ENDM (MI_MASK(ST_QUIT) | MI_MASK(ST_MAIL))
+#define NX_ENDM (MI_MASK(ST_QUIT) | MI_MASK(ST_MAIL) | MI_MASK(ST_UNKN))
#define NX_QUIT 0
#define NX_ABRT 0
+#define NX_UNKN (MI_MASK(ST_HELO) | MI_MASK(ST_MAIL) | \
+ MI_MASK(ST_RCPT) | MI_MASK(ST_ABRT) | \
+ MI_MASK(ST_DATA) | \
+ MI_MASK(ST_BODY) | MI_MASK(ST_UNKN) | \
+ MI_MASK(ST_ABRT) | MI_MASK(ST_QUIT))
#define NX_SKIP MI_MASK(ST_SKIP)
static int next_states[] =
@@ -148,12 +156,14 @@ static int next_states[] =
NX_HELO,
NX_MAIL,
NX_RCPT,
+ NX_DATA,
NX_HDRS,
NX_EOHS,
NX_BODY,
NX_ENDM,
NX_QUIT,
- NX_ABRT
+ NX_ABRT,
+ NX_UNKN
};
/* commands received by milter */
@@ -163,18 +173,20 @@ static cmdfct cmds[] =
{SMFIC_MACRO, CM_ARGV, ST_NONE, CT_KEEP, CI_NONE, st_macros },
{SMFIC_BODY, CM_ARG1, ST_BODY, CT_CONT, CI_NONE, st_bodychunk },
{SMFIC_CONNECT, CM_ARG2, ST_CONN, CT_CONT, CI_CONN, st_connectinfo },
-#if _FFR_MILTER_MACROS_EOM
{SMFIC_BODYEOB, CM_ARG1, ST_ENDM, CT_CONT, CI_EOM, st_bodyend },
-#else /* _FFR_MILTER_MACROS_EOM */
-{SMFIC_BODYEOB, CM_ARG1, ST_ENDM, CT_CONT, CI_NONE, st_bodyend },
-#endif /* _FFR_MILTER_MACROS_EOM */
{SMFIC_HELO, CM_ARG1, ST_HELO, CT_CONT, CI_HELO, st_helo },
{SMFIC_HEADER, CM_ARG2, ST_HDRS, CT_CONT, CI_NONE, st_header },
{SMFIC_MAIL, CM_ARGV, ST_MAIL, CT_CONT, CI_MAIL, st_sender },
{SMFIC_OPTNEG, CM_ARGO, ST_OPTS, CT_CONT, CI_NONE, st_optionneg },
{SMFIC_EOH, CM_ARG0, ST_EOHS, CT_CONT, CI_NONE, st_eoh },
{SMFIC_QUIT, CM_ARG0, ST_QUIT, CT_END, CI_NONE, st_quit },
+#if SMFI_VERSION > 3
+{SMFIC_DATA, CM_ARG0, ST_DATA, CT_CONT, CI_NONE, st_data },
+#endif /* SMFI_VERSION > 3 */
{SMFIC_RCPT, CM_ARGV, ST_RCPT, CT_IGNO, CI_RCPT, st_rcpt }
+#if SMFI_VERSION > 2
+,{SMFIC_UNKNOWN,CM_ARG1, ST_UNKN, CT_IGNO, CI_NONE, st_unknown }
+#endif /* SMFI_VERSION > 2 */
};
/* additional (internal) reply codes */
@@ -698,6 +710,7 @@ st_connectinfo(g)
return (*fi_connect)(g->a_ctx, g->a_buf,
family != SMFIA_UNKNOWN ? &sockaddr : NULL);
}
+
/*
** ST_EOH -- end of headers
**
@@ -721,6 +734,33 @@ st_eoh(g)
return (*fi_eoh)(g->a_ctx);
return SMFIS_CONTINUE;
}
+
+#if SMFI_VERSION > 3
+/*
+** ST_DATA -- DATA command
+**
+** Parameters:
+** g -- generic argument structure
+**
+** Returns:
+** continue or filter-specified value
+*/
+
+static int
+st_data(g)
+ genarg *g;
+{
+ sfsistat (*fi_data) __P((SMFICTX *));
+
+ if (g == NULL)
+ return _SMFIS_ABORT;
+ if (g->a_ctx->ctx_smfi != NULL &&
+ (fi_data = g->a_ctx->ctx_smfi->xxfi_data) != NULL)
+ return (*fi_data)(g->a_ctx);
+ return SMFIS_CONTINUE;
+}
+#endif /* SMFI_VERSION > 3 */
+
/*
** ST_HELO -- helo/ehlo command
**
@@ -826,6 +866,34 @@ st_rcpt(g)
{
ARGV_FCT(fi_envrcpt, xxfi_envrcpt, CI_RCPT)
}
+
+#if SMFI_VERSION > 2
+/*
+** ST_UNKNOWN -- unrecognized or unimplemented command
+**
+** Parameters:
+** g -- generic argument structure
+**
+** Returns:
+** continue or filter-specified value
+*/
+
+static int
+st_unknown(g)
+ genarg *g;
+{
+ sfsistat (*fi_unknown) __P((SMFICTX *, char *));
+
+ if (g == NULL)
+ return _SMFIS_ABORT;
+ mi_clr_macros(g->a_ctx, g->a_idx + 1);
+ if (g->a_ctx->ctx_smfi != NULL &&
+ (fi_unknown = g->a_ctx->ctx_smfi->xxfi_unknown) != NULL)
+ return (*fi_unknown)(g->a_ctx, g->a_buf);
+ return SMFIS_CONTINUE;
+}
+#endif /* SMFI_VERSION > 2 */
+
/*
** ST_MACROS -- deal with macros received from the MTA
**
@@ -864,11 +932,9 @@ st_macros(g)
case SMFIC_RCPT:
i = CI_RCPT;
break;
-#if _FFR_MILTER_MACROS_EOM
case SMFIC_BODYEOB:
i = CI_EOM;
break;
-#endif /* _FFR_MILTER_MACROS_EOM */
default:
free(argv);
return _SMFIS_FAIL;
diff --git a/contrib/sendmail/libmilter/handler.c b/contrib/sendmail/libmilter/handler.c
index db3cc4645d8d..3acfc5fca379 100644
--- a/contrib/sendmail/libmilter/handler.c
+++ b/contrib/sendmail/libmilter/handler.c
@@ -9,7 +9,7 @@
*/
#include <sm/gen.h>
-SM_RCSID("@(#)$Id: handler.c,v 8.30.2.4 2003/01/23 22:28:36 ca Exp $")
+SM_RCSID("@(#)$Id: handler.c,v 8.36 2003/09/08 21:27:14 yuri Exp $")
#include "libmilter.h"
diff --git a/contrib/sendmail/libmilter/libmilter.h b/contrib/sendmail/libmilter/libmilter.h
index 13bddcefea1d..65b0a47d9abe 100644
--- a/contrib/sendmail/libmilter/libmilter.h
+++ b/contrib/sendmail/libmilter/libmilter.h
@@ -19,7 +19,7 @@
#ifdef _DEFINE
# define EXTERN
# define INIT(x) = x
-SM_IDSTR(MilterlId, "@(#)$Id: libmilter.h,v 8.33.2.13 2003/10/20 21:51:50 msk Exp $")
+SM_IDSTR(MilterlId, "@(#)$Id: libmilter.h,v 8.50 2003/12/11 18:14:34 ca Exp $")
#else /* _DEFINE */
# define EXTERN extern
# define INIT(x)
@@ -49,7 +49,7 @@ typedef pthread_mutex_t smutex_t;
# define smutex_unlock(mp) (pthread_mutex_unlock(mp) == 0)
# define smutex_trylock(mp) (pthread_mutex_trylock(mp) == 0)
-#if _FFR_USE_POLL
+#if SM_CONF_POLL
# include <poll.h>
# define MI_POLLSELECT "poll"
@@ -86,7 +86,7 @@ typedef pthread_mutex_t smutex_t;
# define FD_RD_READY(sd, rds, excs, timeout) \
poll(&(rds), 1, MI_MS(timeout))
-#else /* _FFR_USE_POLL */
+#else /* SM_CONF_POLL */
# include <sm/fdset.h>
# define MI_POLLSELECT "select"
@@ -113,7 +113,7 @@ typedef pthread_mutex_t smutex_t;
# define FD_RD_READY(sd, rds, excs, timeout) \
select((sd) + 1, &(rds), NULL, &(excs), (timeout))
-#endif /* _FFR_USE_POLL */
+#endif /* SM_CONF_POLL */
#include <sys/time.h>
diff --git a/contrib/sendmail/libmilter/listener.c b/contrib/sendmail/libmilter/listener.c
index bb7a297d44df..ee88f2325c72 100644
--- a/contrib/sendmail/libmilter/listener.c
+++ b/contrib/sendmail/libmilter/listener.c
@@ -9,7 +9,7 @@
*/
#include <sm/gen.h>
-SM_RCSID("@(#)$Id: listener.c,v 8.85.2.17 2003/10/21 17:22:57 ca Exp $")
+SM_RCSID("@(#)$Id: listener.c,v 8.109 2004/02/04 22:55:59 ca Exp $")
/*
** listener.c -- threaded network listener
@@ -41,7 +41,7 @@ static socket_t mi_milteropen __P((char *, int, bool, char *));
** backlog -- listen backlog
** dbg -- debug level
** rmsocket -- if true, try to unlink() the socket first
-** (UNIX domain sockets only)
+** (UNIX domain sockets only)
** smfi -- filter structure to use
**
** Return value:
@@ -79,7 +79,7 @@ mi_opensocket(conn, backlog, dbg, rmsocket, smfi)
(void) smutex_unlock(&L_Mutex);
return MI_FAILURE;
}
-#if !_FFR_USE_POLL
+#if !SM_CONF_POLL
if (!SM_FD_OK_SELECT(listenfd))
{
smi_log(SMI_LOG_ERR, "%s: fd %d is larger than FD_SETSIZE %d",
@@ -87,7 +87,7 @@ mi_opensocket(conn, backlog, dbg, rmsocket, smfi)
(void) smutex_unlock(&L_Mutex);
return MI_FAILURE;
}
-#endif /* !_FFR_USE_POLL */
+#endif /* !SM_CONF_POLL */
return MI_SUCCESS;
}
@@ -585,9 +585,7 @@ mi_closener()
struct stat fileinfo;
removable = sockpath != NULL &&
-#if _FFR_MILTER_ROOT_UNSAFE
geteuid() != 0 &&
-#endif /* _FFR_MILTER_ROOT_UNSAFE */
fstat(listenfd, &sockinfo) == 0 &&
(S_ISFIFO(sockinfo.st_mode)
# ifdef S_ISSOCK
@@ -635,8 +633,6 @@ mi_closener()
** Parameters:
** conn -- connection description
** dbg -- debug level
-** rmsocket -- if true, try to unlink() the socket first
-** (UNIX domain sockets only)
** smfi -- filter structure to use
** timeout -- timeout for reads/writes
** backlog -- listen queue backlog size
@@ -704,6 +700,9 @@ mi_listener(conn, dbg, smfi, timeout, backlog)
int backlog;
{
socket_t connfd = INVALID_SOCKET;
+#if _FFR_DUP_FD
+ socket_t dupfd = INVALID_SOCKET;
+#endif /* _FFR_DUP_FD */
int sockopt = 1;
int r, mistop;
int ret = MI_SUCCESS;
@@ -802,7 +801,7 @@ mi_listener(conn, dbg, smfi, timeout, backlog)
save_errno = EINVAL;
}
-#if !_FFR_USE_POLL
+#if !SM_CONF_POLL
/* check if acceptable for select() */
if (ValidSocket(connfd) && !SM_FD_OK_SELECT(connfd))
{
@@ -810,11 +809,36 @@ mi_listener(conn, dbg, smfi, timeout, backlog)
connfd = INVALID_SOCKET;
save_errno = ERANGE;
}
-#endif /* !_FFR_USE_POLL */
+#endif /* !SM_CONF_POLL */
if (!ValidSocket(connfd))
{
- if (save_errno == EINTR)
+ if (save_errno == EINTR
+#ifdef EAGAIN
+ || save_errno == EAGAIN
+#endif /* EAGAIN */
+#ifdef ECONNABORTED
+ || save_errno == ECONNABORTED
+#endif /* ECONNABORTED */
+#ifdef EMFILE
+ || save_errno == EMFILE
+#endif /* EMFILE */
+#ifdef ENFILE
+ || save_errno == ENFILE
+#endif /* ENFILE */
+#ifdef ENOBUFS
+ || save_errno == ENOBUFS
+#endif /* ENOBUFS */
+#ifdef ENOMEM
+ || save_errno == ENOMEM
+#endif /* ENOMEM */
+#ifdef ENOSR
+ || save_errno == ENOSR
+#endif /* ENOSR */
+#ifdef EWOULDBLOCK
+ || save_errno == EWOULDBLOCK
+#endif /* EWOULDBLOCK */
+ )
continue;
acnt++;
smi_log(SMI_LOG_ERR,
@@ -830,6 +854,19 @@ mi_listener(conn, dbg, smfi, timeout, backlog)
continue;
}
acnt = 0; /* reset error counter for accept() */
+#if _FFR_DUP_FD
+ dupfd = fcntl(connfd, F_DUPFD, 256);
+ if (ValidSocket(dupfd)
+# if !SM_CONF_POLL
+ && SM_FD_OK_SELECT(dupfd)
+# endif /* !SM_CONF_POLL */
+ )
+ {
+ close(connfd);
+ connfd = dupfd;
+ dupfd = INVALID_SOCKET;
+ }
+#endif /* _FFR_DUP_FD */
if (setsockopt(connfd, SOL_SOCKET, SO_KEEPALIVE,
(void *) &sockopt, sizeof sockopt) < 0)
diff --git a/contrib/sendmail/libmilter/main.c b/contrib/sendmail/libmilter/main.c
index 36b99f0e63dc..8692127b834a 100644
--- a/contrib/sendmail/libmilter/main.c
+++ b/contrib/sendmail/libmilter/main.c
@@ -9,7 +9,7 @@
*/
#include <sm/gen.h>
-SM_RCSID("@(#)$Id: main.c,v 8.64.2.13 2003/10/20 22:27:13 ca Exp $")
+SM_RCSID("@(#)$Id: main.c,v 8.79 2003/10/20 22:25:09 ca Exp $")
#define _DEFINE 1
#include "libmilter.h"
@@ -95,10 +95,9 @@ static char *conn = NULL;
static int timeout = MI_TIMEOUT;
static int backlog = MI_SOMAXCONN;
-#if _FFR_SMFI_OPENSOCKET
/*
** SMFI_OPENSOCKET -- try the socket setup to make sure we'll be
-** able to start up
+** able to start up
**
** Parameters:
** rmsocket -- if true, instructs libmilter to attempt
@@ -118,7 +117,6 @@ smfi_opensocket(rmsocket)
return mi_opensocket(conn, backlog, dbg, rmsocket, smfi);
}
-#endif /* _FFR_SMFI_OPENSOCKET */
/*
** SMFI_SETDBG -- set debug level.
@@ -239,6 +237,7 @@ smfi_main()
/* Startup the listener */
if (mi_listener(conn, dbg, smfi, timeout, backlog) != MI_SUCCESS)
r = MI_FAILURE;
+
return r;
}
diff --git a/contrib/sendmail/libmilter/signal.c b/contrib/sendmail/libmilter/signal.c
index 94e7f153bd70..eed8b7cdb4aa 100644
--- a/contrib/sendmail/libmilter/signal.c
+++ b/contrib/sendmail/libmilter/signal.c
@@ -9,7 +9,7 @@
*/
#include <sm/gen.h>
-SM_RCSID("@(#)$Id: signal.c,v 8.37.2.4 2003/11/19 00:22:40 ca Exp $")
+SM_RCSID("@(#)$Id: signal.c,v 8.41 2003/11/19 00:25:20 ca Exp $")
#include "libmilter.h"
diff --git a/contrib/sendmail/libmilter/smfi.c b/contrib/sendmail/libmilter/smfi.c
index 032a6acb288f..ead2c04beffd 100644
--- a/contrib/sendmail/libmilter/smfi.c
+++ b/contrib/sendmail/libmilter/smfi.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1999-2002 Sendmail, Inc. and its suppliers.
+ * Copyright (c) 1999-2004 Sendmail, Inc. and its suppliers.
* All rights reserved.
*
* By using this file, you agree to the terms and conditions set
@@ -9,58 +9,122 @@
*/
#include <sm/gen.h>
-SM_RCSID("@(#)$Id: smfi.c,v 8.64 2002/04/30 22:22:02 msk Exp $")
+SM_RCSID("@(#)$Id: smfi.c,v 8.72 2004/05/05 00:07:21 msk Exp $")
#include <sm/varargs.h>
#include "libmilter.h"
+static int smfi_header __P((SMFICTX *, int, int, char *, char *));
+
/* for smfi_set{ml}reply, let's be generous. 256/16 should be sufficient */
#define MAXREPLYLEN 980 /* max. length of a reply string */
#define MAXREPLIES 32 /* max. number of reply strings */
/*
-** SMFI_ADDHEADER -- send a new header to the MTA
+** SMFI_HEADER -- send a header to the MTA
**
** Parameters:
** ctx -- Opaque context structure
+** cmd -- Header modification command
+** hdridx -- Header index
** headerf -- Header field name
** headerv -- Header field value
**
+**
** Returns:
** MI_SUCCESS/MI_FAILURE
*/
-int
-smfi_addheader(ctx, headerf, headerv)
+static int
+smfi_header(ctx, cmd, hdridx, headerf, headerv)
SMFICTX *ctx;
+ int cmd;
+ int hdridx;
char *headerf;
char *headerv;
{
- /* do we want to copy the stuff or have a special mi_wr_cmd call? */
- size_t len, l1, l2;
+ size_t len, l1, l2, offset;
int r;
+ mi_int32 v;
char *buf;
struct timeval timeout;
if (headerf == NULL || *headerf == '\0' || headerv == NULL)
return MI_FAILURE;
- if (!mi_sendok(ctx, SMFIF_ADDHDRS))
- return MI_FAILURE;
timeout.tv_sec = ctx->ctx_timeout;
timeout.tv_usec = 0;
- l1 = strlen(headerf);
- l2 = strlen(headerv);
- len = l1 + l2 + 2;
+ l1 = strlen(headerf) + 1;
+ l2 = strlen(headerv) + 1;
+ len = l1 + l2;
+ if (hdridx >= 0)
+ len += MILTER_LEN_BYTES;
buf = malloc(len);
if (buf == NULL)
return MI_FAILURE;
- (void) memcpy(buf, headerf, l1 + 1);
- (void) memcpy(buf + l1 + 1, headerv, l2 + 1);
- r = mi_wr_cmd(ctx->ctx_sd, &timeout, SMFIR_ADDHEADER, buf, len);
+ offset = 0;
+ if (hdridx >= 0)
+ {
+ v = htonl(hdridx);
+ (void) memcpy(&(buf[0]), (void *) &v, MILTER_LEN_BYTES);
+ offset += MILTER_LEN_BYTES;
+ }
+ (void) memcpy(buf + offset, headerf, l1);
+ (void) memcpy(buf + offset + l1, headerv, l2);
+ r = mi_wr_cmd(ctx->ctx_sd, &timeout, cmd, buf, len);
free(buf);
return r;
}
/*
+** SMFI_ADDHEADER -- send a new header to the MTA
+**
+** Parameters:
+** ctx -- Opaque context structure
+** headerf -- Header field name
+** headerv -- Header field value
+**
+** Returns:
+** MI_SUCCESS/MI_FAILURE
+*/
+
+int
+smfi_addheader(ctx, headerf, headerv)
+ SMFICTX *ctx;
+ char *headerf;
+ char *headerv;
+{
+ if (!mi_sendok(ctx, SMFIF_ADDHDRS))
+ return MI_FAILURE;
+
+ return smfi_header(ctx, SMFIR_ADDHEADER, -1, headerf, headerv);
+}
+
+/*
+** SMFI_INSHEADER -- send a new header to the MTA (to be inserted)
+**
+** Parameters:
+** ctx -- Opaque context structure
+** hdridx -- index into header list where insertion should occur
+** headerf -- Header field name
+** headerv -- Header field value
+**
+** Returns:
+** MI_SUCCESS/MI_FAILURE
+*/
+
+int
+smfi_insheader(ctx, hdridx, headerf, headerv)
+ SMFICTX *ctx;
+ int hdridx;
+ char *headerf;
+ char *headerv;
+{
+ if (!mi_sendok(ctx, SMFIF_ADDHDRS) || hdridx < 0)
+ return MI_FAILURE;
+
+ return smfi_header(ctx, SMFIR_INSHEADER, hdridx, headerf, headerv);
+}
+
+/*
** SMFI_CHGHEADER -- send a changed header to the MTA
**
** Parameters:
@@ -80,36 +144,12 @@ smfi_chgheader(ctx, headerf, hdridx, headerv)
mi_int32 hdridx;
char *headerv;
{
- /* do we want to copy the stuff or have a special mi_wr_cmd call? */
- size_t len, l1, l2;
- int r;
- mi_int32 v;
- char *buf;
- struct timeval timeout;
-
- if (headerf == NULL || *headerf == '\0')
- return MI_FAILURE;
- if (hdridx < 0)
- return MI_FAILURE;
- if (!mi_sendok(ctx, SMFIF_CHGHDRS))
+ if (!mi_sendok(ctx, SMFIF_CHGHDRS) || hdridx < 0)
return MI_FAILURE;
- timeout.tv_sec = ctx->ctx_timeout;
- timeout.tv_usec = 0;
if (headerv == NULL)
headerv = "";
- l1 = strlen(headerf);
- l2 = strlen(headerv);
- len = l1 + l2 + 2 + MILTER_LEN_BYTES;
- buf = malloc(len);
- if (buf == NULL)
- return MI_FAILURE;
- v = htonl(hdridx);
- (void) memcpy(&(buf[0]), (void *) &v, MILTER_LEN_BYTES);
- (void) memcpy(buf + MILTER_LEN_BYTES, headerf, l1 + 1);
- (void) memcpy(buf + MILTER_LEN_BYTES + l1 + 1, headerv, l2 + 1);
- r = mi_wr_cmd(ctx->ctx_sd, &timeout, SMFIR_CHGHEADER, buf, len);
- free(buf);
- return r;
+
+ return smfi_header(ctx, SMFIR_CHGHEADER, hdridx, headerf, headerv);
}
/*
@@ -214,7 +254,6 @@ smfi_replacebody(ctx, bodyp, bodylen)
return MI_SUCCESS;
}
-#if _FFR_QUARANTINE
/*
** SMFI_QUARANTINE -- quarantine an envelope
**
@@ -251,7 +290,6 @@ smfi_quarantine(ctx, reason)
free(buf);
return r;
}
-#endif /* _FFR_QUARANTINE */
/*
** MYISENHSC -- check whether a string contains an enhanced status code
@@ -365,7 +403,6 @@ smfi_setreply(ctx, rcode, xcode, message)
return MI_SUCCESS;
}
-#if _FFR_MULTILINE
/*
** SMFI_SETMLREPLY -- set multiline reply code for the next reply to the MTA
**
@@ -477,7 +514,6 @@ smfi_setmlreply(ctx, rcode, xcode, va_alist)
SM_VA_END(ap);
return MI_SUCCESS;
}
-#endif /* _FFR_MULTILINE */
/*
** SMFI_SETPRIV -- set private data
@@ -584,7 +620,6 @@ smfi_getsymval(ctx, symname)
return NULL;
}
-#if _FFR_SMFI_PROGRESS
/*
** SMFI_PROGRESS -- send "progress" message to the MTA to prevent premature
** timeouts during long milter-side operations
@@ -610,4 +645,3 @@ smfi_progress(ctx)
return mi_wr_cmd(ctx->ctx_sd, &timeout, SMFIR_PROGRESS, NULL, 0);
}
-#endif /* _FFR_SMFI_PROGRESS */
diff --git a/contrib/sendmail/libsm/Makefile.m4 b/contrib/sendmail/libsm/Makefile.m4
index 563cf1083834..f028c24476d6 100644
--- a/contrib/sendmail/libsm/Makefile.m4
+++ b/contrib/sendmail/libsm/Makefile.m4
@@ -1,11 +1,11 @@
-dnl $Id: Makefile.m4,v 1.64.2.1 2002/06/21 21:58:29 ca Exp $
+dnl $Id: Makefile.m4,v 1.66 2003/11/03 18:28:26 ca Exp $
define(`confREQUIRE_LIBUNIX')
include(confBUILDTOOLSDIR`/M4/switch.m4')
define(`confREQUIRE_LIBSM', `true')
PREPENDDEF(`confENVDEF', `confMAPDEF')
bldPRODUCT_START(`library', `libsm')
-define(`bldSOURCES', ` assert.c debug.c errstring.c exc.c heap.c match.c rpool.c strdup.c strerror.c strl.c clrerr.c fclose.c feof.c ferror.c fflush.c fget.c fpos.c findfp.c flags.c fopen.c fprintf.c fpurge.c fput.c fread.c fscanf.c fseek.c fvwrite.c fwalk.c fwrite.c get.c makebuf.c put.c refill.c rewind.c setvbuf.c smstdio.c snprintf.c sscanf.c stdio.c strio.c ungetc.c vasprintf.c vfprintf.c vfscanf.c vprintf.c vsnprintf.c vsprintf.c vsscanf.c wbuf.c wsetup.c string.c stringf.c xtrap.c strto.c test.c path.c strcasecmp.c strrevcmp.c signal.c clock.c config.c shm.c mbdb.c strexit.c cf.c ldap.c niprop.c mpeix.c ')
+define(`bldSOURCES', ` assert.c debug.c errstring.c exc.c heap.c match.c rpool.c strdup.c strerror.c strl.c clrerr.c fclose.c feof.c ferror.c fflush.c fget.c fpos.c findfp.c flags.c fopen.c fprintf.c fpurge.c fput.c fread.c fscanf.c fseek.c fvwrite.c fwalk.c fwrite.c get.c makebuf.c put.c refill.c rewind.c setvbuf.c smstdio.c snprintf.c sscanf.c stdio.c strio.c ungetc.c vasprintf.c vfprintf.c vfscanf.c vprintf.c vsnprintf.c vsscanf.c wbuf.c wsetup.c string.c stringf.c xtrap.c strto.c test.c path.c strcasecmp.c strrevcmp.c signal.c clock.c config.c shm.c mbdb.c strexit.c cf.c ldap.c niprop.c mpeix.c ')
bldPRODUCT_END
dnl sem.c msg.c
dnl syslogio.c
diff --git a/contrib/sendmail/libsm/README b/contrib/sendmail/libsm/README
index d75d55f8ea87..aff25a1c9e8f 100644
--- a/contrib/sendmail/libsm/README
+++ b/contrib/sendmail/libsm/README
@@ -5,7 +5,7 @@
# forth in the LICENSE file which can be found at the top level of
# the sendmail distribution.
#
-# $Id: README,v 1.21 2002/01/23 17:30:48 gshapiro Exp $
+# $Id: README,v 1.24 2003/12/20 09:23:48 gshapiro Exp $
#
Libsm is a library of generally useful C abstractions.
@@ -109,6 +109,9 @@ SM_CONF_BROKEN_STRTOD
SM_CONF_GETOPT
Set to 1 if your operating system does not include getopt(3).
+SM_CONF_LDAP_INITIALIZE
+ Set to 1 if your LDAP client libraries include ldap_initialize(3).
+
SM_CONF_LDAP_MEMFREE
Set to 1 if your LDAP client libraries include ldap_memfree(3).
diff --git a/contrib/sendmail/libsm/assert.c b/contrib/sendmail/libsm/assert.c
index 7ba5c1a78e27..7200a0f4cb88 100644
--- a/contrib/sendmail/libsm/assert.c
+++ b/contrib/sendmail/libsm/assert.c
@@ -9,7 +9,7 @@
*/
#include <sm/gen.h>
-SM_RCSID("@(#)$Id: assert.c,v 1.25.2.1 2003/12/05 22:44:17 ca Exp $")
+SM_RCSID("@(#)$Id: assert.c,v 1.26 2003/12/05 22:45:24 ca Exp $")
/*
** Abnormal program termination and assertion checking.
diff --git a/contrib/sendmail/libsm/clock.c b/contrib/sendmail/libsm/clock.c
index 4d70cb83b482..580555448540 100644
--- a/contrib/sendmail/libsm/clock.c
+++ b/contrib/sendmail/libsm/clock.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers.
+ * Copyright (c) 1998-2004 Sendmail, Inc. and its suppliers.
* All rights reserved.
* Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved.
* Copyright (c) 1988, 1993
@@ -12,7 +12,7 @@
*/
#include <sm/gen.h>
-SM_RCSID("@(#)$Id: clock.c,v 1.35.2.10 2003/06/26 16:36:49 ca Exp $")
+SM_RCSID("@(#)$Id: clock.c,v 1.45 2004/01/19 19:32:08 ca Exp $")
#include <unistd.h>
#include <time.h>
#include <errno.h>
@@ -523,11 +523,14 @@ sleep(intvl)
SM_EVENT *ev;
#if _FFR_SLEEP_USE_SELECT > 0
int r;
+# if _FFR_SLEEP_USE_SELECT > 0
+ struct timeval sm_io_to;
+# endif /* _FFR_SLEEP_USE_SELECT > 0 */
#endif /* _FFR_SLEEP_USE_SELECT > 0 */
#if SM_CONF_SETITIMER
struct timeval now, begin, diff;
# if _FFR_SLEEP_USE_SELECT > 0
- struct timeval sm_io_to, slpv;
+ struct timeval slpv;
# endif /* _FFR_SLEEP_USE_SELECT > 0 */
#else /* SM_CONF_SETITIMER */
time_t begin, now;
@@ -596,7 +599,7 @@ sleep(intvl)
sm_io_to.tv_sec = intvl - (now - begin);
if (sm_io_to.tv_sec <= 0)
sm_io_to.tv_sec = 1;
- sm_io_to.utv_sec = 0;
+ sm_io_to.tv_usec = 0;
# endif /* _FFR_SLEEP_USE_SELECT > 0 */
#endif /* SM_CONF_SETITIMER */
#if _FFR_SLEEP_USE_SELECT > 0
diff --git a/contrib/sendmail/libsm/config.c b/contrib/sendmail/libsm/config.c
index ea6aeb96bcb7..a5e13270a096 100644
--- a/contrib/sendmail/libsm/config.c
+++ b/contrib/sendmail/libsm/config.c
@@ -9,7 +9,7 @@
*/
#include <sm/gen.h>
-SM_RCSID("@(#)$Id: config.c,v 1.27.2.1 2003/03/06 02:16:24 ca Exp $")
+SM_RCSID("@(#)$Id: config.c,v 1.30 2003/12/10 03:19:07 gshapiro Exp $")
#include <stdlib.h>
#include <sm/heap.h>
@@ -176,6 +176,9 @@ char *SmCompileOptions[] =
#if SM_CONF_GETOPT
"SM_CONF_GETOPT",
#endif /* SM_CONF_GETOPT */
+#if SM_CONF_LDAP_INITIALIZE
+ "SM_CONF_LDAP_INITIALIZE",
+#endif /* SM_CONF_LDAP_INITIALIZE */
#if SM_CONF_LDAP_MEMFREE
"SM_CONF_LDAP_MEMFREE",
#endif /* SM_CONF_LDAP_MEMFREE */
@@ -232,6 +235,9 @@ char *SmCompileOptions[] =
#if SM_CONF_UID_GID
"SM_CONF_UID_GID",
#endif /* SM_CONF_UID_GID */
+#if DO_NOT_USE_STRCPY
+ "DO_NOT_USE_STRCPY",
+#endif /* DO_NOT_USE_STRCPY */
#if SM_HEAP_CHECK
"SM_HEAP_CHECK",
#endif /* SM_HEAP_CHECK */
diff --git a/contrib/sendmail/libsm/debug.c b/contrib/sendmail/libsm/debug.c
index 37e5e829cb31..a6582aeb4ce6 100644
--- a/contrib/sendmail/libsm/debug.c
+++ b/contrib/sendmail/libsm/debug.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2000-2001 Sendmail, Inc. and its suppliers.
+ * Copyright (c) 2000, 2001, 2003 Sendmail, Inc. and its suppliers.
* All rights reserved.
*
* By using this file, you agree to the terms and conditions set
@@ -8,7 +8,7 @@
*/
#include <sm/gen.h>
-SM_RCSID("@(#)$Id: debug.c,v 1.28 2001/09/25 19:57:05 gshapiro Exp $")
+SM_RCSID("@(#)$Id: debug.c,v 1.29 2003/01/10 00:26:06 ca Exp $")
/*
** libsm debugging and tracing
@@ -77,6 +77,29 @@ sm_debug_setfile(fp)
}
/*
+** SM_DEBUG_CLOSE -- Close debug file pointer.
+**
+** Parameters:
+** none.
+**
+** Returns:
+** none.
+**
+** Side Effects:
+** Closes SmDebugOutput.
+*/
+
+void
+sm_debug_close()
+{
+ if (SmDebugOutput != NULL && SmDebugOutput != smioout)
+ {
+ sm_io_close(SmDebugOutput, SM_TIME_DEFAULT);
+ SmDebugOutput = NULL;
+ }
+}
+
+/*
** SM_DPRINTF -- printf() for debug output.
**
** Parameters:
diff --git a/contrib/sendmail/libsm/errstring.c b/contrib/sendmail/libsm/errstring.c
index 74387a96d5c5..b2999bdec971 100644
--- a/contrib/sendmail/libsm/errstring.c
+++ b/contrib/sendmail/libsm/errstring.c
@@ -11,7 +11,7 @@
*/
#include <sm/gen.h>
-SM_RCSID("@(#)$Id: errstring.c,v 1.12.2.4 2003/06/24 17:16:09 ca Exp $")
+SM_RCSID("@(#)$Id: errstring.c,v 1.19 2003/12/10 03:53:05 gshapiro Exp $")
#include <errno.h>
#include <stdio.h> /* sys_errlist, on some platforms */
@@ -189,13 +189,84 @@ sm_errstring(errnum)
case SMDBE_VERSION_MISMATCH:
return "Berkeley DB version mismatch between include file and library";
+
+#if LDAPMAP
+
+ /*
+ ** LDAP URL error messages.
+ */
+
+ /* OpenLDAP errors */
+# ifdef LDAP_URL_ERR_MEM
+ case E_LDAPURLBASE + LDAP_URL_ERR_MEM:
+ return "LDAP URL can't allocate memory space";
+# endif /* LDAP_URL_ERR_MEM */
+
+# ifdef LDAP_URL_ERR_PARAM
+ case E_LDAPURLBASE + LDAP_URL_ERR_PARAM:
+ return "LDAP URL parameter is bad";
+# endif /* LDAP_URL_ERR_PARAM */
+
+# ifdef LDAP_URL_ERR_BADSCHEME
+ case E_LDAPURLBASE + LDAP_URL_ERR_BADSCHEME:
+ return "LDAP URL doesn't begin with \"ldap[si]://\"";
+# endif /* LDAP_URL_ERR_BADSCHEME */
+
+# ifdef LDAP_URL_ERR_BADENCLOSURE
+ case E_LDAPURLBASE + LDAP_URL_ERR_BADENCLOSURE:
+ return "LDAP URL is missing trailing \">\"";
+# endif /* LDAP_URL_ERR_BADENCLOSURE */
+
+# ifdef LDAP_URL_ERR_BADURL
+ case E_LDAPURLBASE + LDAP_URL_ERR_BADURL:
+ return "LDAP URL is bad";
+# endif /* LDAP_URL_ERR_BADURL */
+
+# ifdef LDAP_URL_ERR_BADHOST
+ case E_LDAPURLBASE + LDAP_URL_ERR_BADHOST:
+ return "LDAP URL host port is bad";
+# endif /* LDAP_URL_ERR_BADHOST */
+
+# ifdef LDAP_URL_ERR_BADATTRS
+ case E_LDAPURLBASE + LDAP_URL_ERR_BADATTRS:
+ return "LDAP URL bad (or missing) attributes";
+# endif /* LDAP_URL_ERR_BADATTRS */
+
+# ifdef LDAP_URL_ERR_BADSCOPE
+ case E_LDAPURLBASE + LDAP_URL_ERR_BADSCOPE:
+ return "LDAP URL scope string is invalid (or missing)";
+# endif /* LDAP_URL_ERR_BADSCOPE */
+
+# ifdef LDAP_URL_ERR_BADFILTER
+ case E_LDAPURLBASE + LDAP_URL_ERR_BADFILTER:
+ return "LDAP URL bad or missing filter";
+# endif /* LDAP_URL_ERR_BADFILTER */
+
+# ifdef LDAP_URL_ERR_BADEXTS
+ case E_LDAPURLBASE + LDAP_URL_ERR_BADEXTS:
+ return "LDAP URL bad or missing extensions";
+# endif /* LDAP_URL_ERR_BADEXTS */
+
+ /* Sun LDAP errors */
+# ifdef LDAP_URL_ERR_NOTLDAP
+ case E_LDAPURLBASE + LDAP_URL_ERR_NOTLDAP:
+ return "LDAP URL doesn't begin with \"ldap://\"";
+# endif /* LDAP_URL_ERR_NOTLDAP */
+
+# ifdef LDAP_URL_ERR_NODN
+ case E_LDAPURLBASE + LDAP_URL_ERR_NODN:
+ return "LDAP URL has no DN (required)";
+# endif /* LDAP_URL_ERR_NODN */
+
+#endif /* LDAPMAP */
}
+#if LDAPMAP
+
/*
** LDAP error messages.
*/
-#if LDAPMAP
if (errnum >= E_LDAPBASE)
return ldap_err2string(errnum - E_LDAPBASE);
#endif /* LDAPMAP */
diff --git a/contrib/sendmail/libsm/exc.c b/contrib/sendmail/libsm/exc.c
index e2360c624850..26ad020ba753 100644
--- a/contrib/sendmail/libsm/exc.c
+++ b/contrib/sendmail/libsm/exc.c
@@ -9,7 +9,7 @@
*/
#include <sm/gen.h>
-SM_RCSID("@(#)$Id: exc.c,v 1.47.2.1 2003/12/05 22:44:17 ca Exp $")
+SM_RCSID("@(#)$Id: exc.c,v 1.48 2003/12/05 22:45:24 ca Exp $")
/*
** exception handling
diff --git a/contrib/sendmail/libsm/flags.c b/contrib/sendmail/libsm/flags.c
index 7e2b0e2486d4..94ecd5cbe9e1 100644
--- a/contrib/sendmail/libsm/flags.c
+++ b/contrib/sendmail/libsm/flags.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2000-2001, 2003 Sendmail, Inc. and its suppliers.
+ * Copyright (c) 2000-2001, 2004 Sendmail, Inc. and its suppliers.
* All rights reserved.
* Copyright (c) 1990, 1993
* The Regents of the University of California. All rights reserved.
@@ -13,7 +13,7 @@
*/
#include <sm/gen.h>
-SM_RCSID("@(#)$Id: flags.c,v 1.20.2.1 2003/09/03 18:51:56 ca Exp $")
+SM_RCSID("@(#)$Id: flags.c,v 1.22 2004/03/03 19:20:29 ca Exp $")
#include <sys/types.h>
#include <sys/file.h>
#include <errno.h>
diff --git a/contrib/sendmail/libsm/ldap.c b/contrib/sendmail/libsm/ldap.c
index 0e1c7185725d..570c3cdb77c0 100644
--- a/contrib/sendmail/libsm/ldap.c
+++ b/contrib/sendmail/libsm/ldap.c
@@ -8,7 +8,7 @@
*/
#include <sm/gen.h>
-SM_RCSID("@(#)$Id: ldap.c,v 1.44.2.5 2003/12/23 21:21:56 gshapiro Exp $")
+SM_RCSID("@(#)$Id: ldap.c,v 1.59 2003/12/23 21:20:15 gshapiro Exp $")
#if LDAPMAP
# include <sys/types.h>
@@ -52,14 +52,10 @@ sm_ldap_clear(lmap)
if (lmap == NULL)
return;
- lmap->ldap_target = NULL;
+ lmap->ldap_host = NULL;
lmap->ldap_port = LDAP_PORT;
-#if _FFR_LDAP_URI
- lmap->ldap_uri = false;
-#endif /* _FFR_LDAP_URI */
-# if _FFR_LDAP_SETVERSION
+ lmap->ldap_uri = NULL;
lmap->ldap_version = 0;
-# endif /* _FFR_LDAP_SETVERSION */
lmap->ldap_deref = LDAP_DEREF_NEVER;
lmap->ldap_timelimit = LDAP_NO_LIMIT;
lmap->ldap_sizelimit = LDAP_NO_LIMIT;
@@ -80,10 +76,8 @@ sm_ldap_clear(lmap)
lmap->ldap_ld = NULL;
lmap->ldap_filter = NULL;
lmap->ldap_attr[0] = NULL;
-#if _FFR_LDAP_RECURSION
lmap->ldap_attr_type[0] = SM_LDAP_ATTR_NONE;
lmap->ldap_attr_needobjclass[0] = NULL;
-#endif /* _FFR_LDAP_RECURSION */
lmap->ldap_res = NULL;
lmap->ldap_next = NULL;
lmap->ldap_pid = 0;
@@ -133,39 +127,79 @@ sm_ldap_start(name, lmap)
{
int bind_result;
int save_errno;
+ char *id;
SM_EVENT *ev = NULL;
- LDAP *ld;
+ LDAP *ld = NULL;
if (sm_debug_active(&SmLDAPTrace, 2))
sm_dprintf("ldapmap_start(%s)\n", name == NULL ? "" : name);
+ if (lmap->ldap_host != NULL)
+ id = lmap->ldap_host;
+ else if (lmap->ldap_uri != NULL)
+ id = lmap->ldap_uri;
+ else
+ id = "localhost";
+
if (sm_debug_active(&SmLDAPTrace, 9))
- sm_dprintf("ldapmap_start(%s, %d)\n",
- lmap->ldap_target == NULL ? "localhost" : lmap->ldap_target,
- lmap->ldap_port);
+ {
+ /* Don't print a port number for LDAP URIs */
+ if (lmap->ldap_uri != NULL)
+ sm_dprintf("ldapmap_start(%s)\n", id);
+ else
+ sm_dprintf("ldapmap_start(%s, %d)\n", id,
+ lmap->ldap_port);
+ }
+
+ if (lmap->ldap_uri != NULL)
+ {
+#if SM_CONF_LDAP_INITIALIZE
+ /* LDAP server supports URIs so use them directly */
+ save_errno = ldap_initialize(&ld, lmap->ldap_uri);
+#else /* SM_CONF_LDAP_INITIALIZE */
+ int err;
+ LDAPURLDesc *ludp = NULL;
+
+ /* Blast apart URL and use the ldap_init/ldap_open below */
+ err = ldap_url_parse(lmap->ldap_uri, &ludp);
+ if (err != 0)
+ {
+ errno = err + E_LDAPURLBASE;
+ return false;
+ }
+ lmap->ldap_host = sm_strdup_x(ludp->lud_host);
+ if (lmap->ldap_host == NULL)
+ {
+ save_errno = errno;
+ ldap_free_urldesc(ludp);
+ errno = save_errno;
+ return false;
+ }
+ lmap->ldap_port = ludp->lud_port;
+ ldap_free_urldesc(ludp);
+#endif /* SM_CONF_LDAP_INITIALIZE */
+ }
+ if (ld == NULL)
+ {
# if USE_LDAP_INIT
-# if _FFR_LDAP_URI
- if (lmap->ldap_uri)
- errno = ldap_initialize(&ld, lmap->ldap_target);
- else
-# endif /* _FFR_LDAP_URI */
- ld = ldap_init(lmap->ldap_target, lmap->ldap_port);
- save_errno = errno;
+ ld = ldap_init(lmap->ldap_host, lmap->ldap_port);
+ save_errno = errno;
# else /* USE_LDAP_INIT */
- /*
- ** If using ldap_open(), the actual connection to the server
- ** happens now so we need the timeout here. For ldap_init(),
- ** the connection happens at bind time.
- */
+ /*
+ ** If using ldap_open(), the actual connection to the server
+ ** happens now so we need the timeout here. For ldap_init(),
+ ** the connection happens at bind time.
+ */
- SM_LDAP_SETTIMEOUT(lmap->ldap_timeout.tv_sec);
- ld = ldap_open(lmap->ldap_target, lmap->ldap_port);
- save_errno = errno;
+ SM_LDAP_SETTIMEOUT(lmap->ldap_timeout.tv_sec);
+ ld = ldap_open(lmap->ldap_host, lmap->ldap_port);
+ save_errno = errno;
- /* clear the event if it has not sprung */
- SM_LDAP_CLEARTIMEOUT();
+ /* clear the event if it has not sprung */
+ SM_LDAP_CLEARTIMEOUT();
# endif /* USE_LDAP_INIT */
+ }
errno = save_errno;
if (ld == NULL)
@@ -232,7 +266,7 @@ ldaptimeout(unused)
}
/*
-** SM_LDAP_SEARCH -- iniate LDAP search
+** SM_LDAP_SEARCH -- initiate LDAP search
**
** Initiate an LDAP search, return the msgid.
** The calling function must collect the results.
@@ -319,7 +353,6 @@ sm_ldap_search(lmap, key)
return msgid;
}
-# if _FFR_LDAP_RECURSION
/*
** SM_LDAP_HAS_OBJECTCLASS -- determine if an LDAP entry is part of a
** particular objectClass
@@ -509,6 +542,8 @@ sm_ldap_add_recurse(top, item, type, rpool)
newe->lr_search = sm_rpool_strdup_x(rpool, item);
newe->lr_type = type;
+ newe->lr_ludp = NULL;
+ newe->lr_attrs = NULL;
newe->lr_done = false;
((*top)->lr_data)[insertat] = newe;
@@ -941,6 +976,16 @@ sm_ldap_results(lmap, msgid, flags, delim, rpool, result,
/* mark this DN as done */
rl->lr_done = true;
+ if (rl->lr_ludp != NULL)
+ {
+ ldap_free_urldesc(rl->lr_ludp);
+ rl->lr_ludp = NULL;
+ }
+ if (rl->lr_attrs != NULL)
+ {
+ free(rl->lr_attrs);
+ rl->lr_attrs = NULL;
+ }
/* We don't want multiple values and we have one */
if ((char) delim == '\0' && *result != NULL)
@@ -1050,10 +1095,71 @@ sm_ldap_results(lmap, msgid, flags, delim, rpool, result,
}
else if (rl->lr_type == SM_LDAP_ATTR_URL)
{
- /* do new URL search */
- sid = ldap_url_search(lmap->ldap_ld,
- rl->lr_search,
- lmap->ldap_attrsonly);
+ /* Parse URL */
+ sid = ldap_url_parse(rl->lr_search,
+ &rl->lr_ludp);
+
+ if (sid != 0)
+ {
+ errno = sid + E_LDAPURLBASE;
+ return EX_TEMPFAIL;
+ }
+
+ /* We need to add objectClass */
+ if (rl->lr_ludp->lud_attrs != NULL)
+ {
+ int attrnum = 0;
+
+ while (rl->lr_ludp->lud_attrs[attrnum] != NULL)
+ {
+ if (strcasecmp(rl->lr_ludp->lud_attrs[attrnum],
+ "objectClass") == 0)
+ {
+ /* already requested */
+ attrnum = -1;
+ break;
+ }
+ attrnum++;
+ }
+
+ if (attrnum >= 0)
+ {
+ int i;
+
+ rl->lr_attrs = (char **)malloc(sizeof(char *) * (attrnum + 2));
+ if (rl->lr_attrs == NULL)
+ {
+ save_errno = errno;
+ ldap_free_urldesc(rl->lr_ludp);
+ errno = save_errno;
+ return EX_TEMPFAIL;
+ }
+ for (i = 0 ; i < attrnum; i++)
+ {
+ rl->lr_attrs[i] = rl->lr_ludp->lud_attrs[i];
+ }
+ rl->lr_attrs[i++] = "objectClass";
+ rl->lr_attrs[i++] = NULL;
+ }
+ }
+
+ /*
+ ** Use the existing connection
+ ** for this search. It really
+ ** should use lud_scheme://lud_host:lud_port/
+ ** instead but that would require
+ ** opening a new connection.
+ ** This should be fixed ASAP.
+ */
+
+ sid = ldap_search(lmap->ldap_ld,
+ rl->lr_ludp->lud_dn,
+ rl->lr_ludp->lud_scope,
+ rl->lr_ludp->lud_filter,
+ rl->lr_attrs,
+ lmap->ldap_attrsonly);
+
+ /* Use the attributes specified by URL */
newflags |= SM_LDAP_USE_ALLATTR;
}
else
@@ -1100,6 +1206,16 @@ sm_ldap_results(lmap, msgid, flags, delim, rpool, result,
/* Mark as done */
rl->lr_done = true;
+ if (rl->lr_ludp != NULL)
+ {
+ ldap_free_urldesc(rl->lr_ludp);
+ rl->lr_ludp = NULL;
+ }
+ if (rl->lr_attrs != NULL)
+ {
+ free(rl->lr_attrs);
+ rl->lr_attrs = NULL;
+ }
/* Reset rlidx as new items may have been added */
rlidx = -1;
@@ -1107,7 +1223,6 @@ sm_ldap_results(lmap, msgid, flags, delim, rpool, result,
}
return statp;
}
-#endif /* _FFR_LDAP_RECURSION */
/*
** SM_LDAP_CLOSE -- close LDAP connection
@@ -1151,13 +1266,11 @@ sm_ldap_setopts(ld, lmap)
SM_LDAP_STRUCT *lmap;
{
# if USE_LDAP_SET_OPTION
-# if _FFR_LDAP_SETVERSION
if (lmap->ldap_version != 0)
{
ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION,
&lmap->ldap_version);
}
-# endif /* _FFR_LDAP_SETVERSION */
ldap_set_option(ld, LDAP_OPT_DEREF, &lmap->ldap_deref);
if (bitset(LDAP_OPT_REFERRALS, lmap->ldap_options))
ldap_set_option(ld, LDAP_OPT_REFERRALS, LDAP_OPT_ON);
diff --git a/contrib/sendmail/libsm/local.h b/contrib/sendmail/libsm/local.h
index 610663daf601..6d64195d515e 100644
--- a/contrib/sendmail/libsm/local.h
+++ b/contrib/sendmail/libsm/local.h
@@ -11,7 +11,7 @@
* forth in the LICENSE file which can be found at the top level of
* the sendmail distribution.
*
- * $Id: local.h,v 1.51.2.2 2004/01/09 18:32:44 ca Exp $
+ * $Id: local.h,v 1.53 2004/01/09 18:34:22 ca Exp $
*/
/*
diff --git a/contrib/sendmail/libsm/mbdb.c b/contrib/sendmail/libsm/mbdb.c
index 0c338fe9a409..ad0e7ccbd13f 100644
--- a/contrib/sendmail/libsm/mbdb.c
+++ b/contrib/sendmail/libsm/mbdb.c
@@ -8,7 +8,7 @@
*/
#include <sm/gen.h>
-SM_RCSID("@(#)$Id: mbdb.c,v 1.38.2.1 2002/11/20 22:59:06 gshapiro Exp $")
+SM_RCSID("@(#)$Id: mbdb.c,v 1.40 2003/12/10 03:19:07 gshapiro Exp $")
#include <sys/param.h>
@@ -441,13 +441,13 @@ mbdb_ldap_initialize(arg)
{
sm_ldap_clear(&LDAPLMAP);
LDAPLMAP.ldap_base = MBDB_DEFAULT_LDAP_BASEDN;
- LDAPLMAP.ldap_target = MBDB_DEFAULT_LDAP_SERVER;
+ LDAPLMAP.ldap_host = MBDB_DEFAULT_LDAP_SERVER;
LDAPLMAP.ldap_filter = MBDB_LDAP_FILTER;
/* Only want one match */
LDAPLMAP.ldap_sizelimit = 1;
- /* interpolate new ldap_base and ldap_target from arg if given */
+ /* interpolate new ldap_base and ldap_host from arg if given */
if (arg != NULL && *arg != '\0')
{
char *new;
@@ -463,7 +463,7 @@ mbdb_ldap_initialize(arg)
if (sep != NULL)
{
*sep++ = '\0';
- LDAPLMAP.ldap_target = sep;
+ LDAPLMAP.ldap_host = sep;
}
LDAPLMAP.ldap_base = new;
}
diff --git a/contrib/sendmail/libsm/refill.c b/contrib/sendmail/libsm/refill.c
index 6e06783d05da..c3db17222957 100644
--- a/contrib/sendmail/libsm/refill.c
+++ b/contrib/sendmail/libsm/refill.c
@@ -13,7 +13,7 @@
*/
#include <sm/gen.h>
-SM_RCSID("@(#)$Id: refill.c,v 1.49.2.1 2002/09/09 21:38:08 gshapiro Exp $")
+SM_RCSID("@(#)$Id: refill.c,v 1.50 2002/09/09 21:50:10 gshapiro Exp $")
#include <stdlib.h>
#include <unistd.h>
#include <errno.h>
diff --git a/contrib/sendmail/libsm/rpool.c b/contrib/sendmail/libsm/rpool.c
index 863216660f7b..57c03939b0d8 100644
--- a/contrib/sendmail/libsm/rpool.c
+++ b/contrib/sendmail/libsm/rpool.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2000-2002 Sendmail, Inc. and its suppliers.
+ * Copyright (c) 2000-2003 Sendmail, Inc. and its suppliers.
* All rights reserved.
*
* By using this file, you agree to the terms and conditions set
@@ -8,7 +8,7 @@
*/
#include <sm/gen.h>
-SM_RCSID("@(#)$Id: rpool.c,v 1.24 2002/01/11 21:54:43 ca Exp $")
+SM_RCSID("@(#)$Id: rpool.c,v 1.27 2003/10/09 17:49:47 ca Exp $")
/*
** resource pools
@@ -491,3 +491,31 @@ sm_rpool_attach_x(rpool, rfree, rcontext)
--rpool->sm_ravail;
return a;
}
+
+#if DO_NOT_USE_STRCPY
+/*
+** SM_RPOOL_STRDUP_X -- Create a copy of a C string
+**
+** Parameters:
+** rpool -- rpool to use.
+** s -- the string to copy.
+**
+** Returns:
+** pointer to newly allocated string.
+*/
+
+char *
+sm_rpool_strdup_x(rpool, s)
+ SM_RPOOL_T *rpool;
+ const char *s;
+{
+ size_t l;
+ char *n;
+
+ l = strlen(s);
+ SM_ASSERT(l + 1 > l);
+ n = sm_rpool_malloc_x(rpool, l + 1);
+ sm_strlcpy(n, s, l + 1);
+ return n;
+}
+#endif /* DO_NOT_USE_STRCPY */
diff --git a/contrib/sendmail/libsm/shm.c b/contrib/sendmail/libsm/shm.c
index 2299aed34a80..4cef8929e283 100644
--- a/contrib/sendmail/libsm/shm.c
+++ b/contrib/sendmail/libsm/shm.c
@@ -8,7 +8,7 @@
*/
#include <sm/gen.h>
-SM_RCSID("@(#)$Id: shm.c,v 1.10.2.6 2003/06/13 21:17:48 ca Exp $")
+SM_RCSID("@(#)$Id: shm.c,v 1.16 2003/06/13 21:18:08 ca Exp $")
#if SM_CONF_SHM
# include <stdlib.h>
diff --git a/contrib/sendmail/libsm/smstdio.c b/contrib/sendmail/libsm/smstdio.c
index d561e8d67a02..e8637c15f0af 100644
--- a/contrib/sendmail/libsm/smstdio.c
+++ b/contrib/sendmail/libsm/smstdio.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2000-2002 Sendmail, Inc. and its suppliers.
+ * Copyright (c) 2000-2002, 2004 Sendmail, Inc. and its suppliers.
* All rights reserved.
*
* By using this file, you agree to the terms and conditions set
@@ -8,7 +8,7 @@
*/
#include <sm/gen.h>
-SM_IDSTR(id, "@(#)$Id: smstdio.c,v 1.32.2.2 2003/09/05 20:35:28 ca Exp $")
+SM_IDSTR(id, "@(#)$Id: smstdio.c,v 1.33 2004/03/03 19:14:51 ca Exp $")
#include <unistd.h>
#include <stdio.h>
#include <fcntl.h>
diff --git a/contrib/sendmail/libsm/stdio.c b/contrib/sendmail/libsm/stdio.c
index 23cc2af3c08e..0df98ab8b088 100644
--- a/contrib/sendmail/libsm/stdio.c
+++ b/contrib/sendmail/libsm/stdio.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2000-2003 Sendmail, Inc. and its suppliers.
+ * Copyright (c) 2000-2004 Sendmail, Inc. and its suppliers.
* All rights reserved.
* Copyright (c) 1990, 1993
* The Regents of the University of California. All rights reserved.
@@ -13,7 +13,7 @@
*/
#include <sm/gen.h>
-SM_RCSID("@(#)$Id: stdio.c,v 1.56.2.13 2003/09/04 01:18:08 ca Exp $")
+SM_RCSID("@(#)$Id: stdio.c,v 1.68 2004/03/03 19:20:29 ca Exp $")
#include <unistd.h>
#include <errno.h>
#include <fcntl.h>
diff --git a/contrib/sendmail/libsm/strdup.c b/contrib/sendmail/libsm/strdup.c
index 64fe5c2a9a9c..7094275e046c 100644
--- a/contrib/sendmail/libsm/strdup.c
+++ b/contrib/sendmail/libsm/strdup.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2000-2001 Sendmail, Inc. and its suppliers.
+ * Copyright (c) 2000-2001, 2003 Sendmail, Inc. and its suppliers.
* All rights reserved.
*
* By using this file, you agree to the terms and conditions set
@@ -9,7 +9,7 @@
*/
#include <sm/gen.h>
-SM_RCSID("@(#)$Id: strdup.c,v 1.13 2001/09/11 04:04:49 gshapiro Exp $")
+SM_RCSID("@(#)$Id: strdup.c,v 1.15 2003/10/10 17:56:57 ca Exp $")
#include <sm/heap.h>
#include <sm/string.h>
@@ -70,3 +70,97 @@ sm_strdup(s)
(void) sm_strlcpy(d, s, l);
return d;
}
+
+#if DO_NOT_USE_STRCPY
+
+/*
+** SM_STRDUP_X -- Duplicate a string
+**
+** Allocates memory and copies source string into it.
+**
+** Parameters:
+** s -- string to copy.
+**
+** Returns:
+** copy of string, exception if out of memory.
+**
+** Side Effects:
+** allocate memory for new string.
+*/
+
+char *
+sm_strdup_x(s)
+ const char *s;
+{
+ size_t l;
+ char *d;
+
+ l = strlen(s) + 1;
+ d = sm_malloc_tagged_x(l, "sm_strdup_x", 0, sm_heap_group());
+ (void) sm_strlcpy(d, s, l);
+ return d;
+}
+
+/*
+** SM_PSTRDUP_X -- Duplicate a string (using "permanent" memory)
+**
+** Allocates memory and copies source string into it.
+**
+** Parameters:
+** s -- string to copy.
+**
+** Returns:
+** copy of string, exception if out of memory.
+**
+** Side Effects:
+** allocate memory for new string.
+*/
+
+char *
+sm_pstrdup_x(s)
+ const char *s;
+{
+ size_t l;
+ char *d;
+
+ l = strlen(s) + 1;
+ d = sm_pmalloc_x(l);
+ (void) sm_strlcpy(d, s, l);
+ return d;
+}
+
+/*
+** SM_STRDUP_X -- Duplicate a string
+**
+** Allocates memory and copies source string into it.
+**
+** Parameters:
+** s -- string to copy.
+** file -- name of source file
+** line -- line in source file
+** group -- heap group
+**
+** Returns:
+** copy of string, exception if out of memory.
+**
+** Side Effects:
+** allocate memory for new string.
+*/
+
+char *
+sm_strdup_tagged_x(s, file, line, group)
+ const char *s;
+ char *file;
+ int line, group;
+{
+ size_t l;
+ char *d;
+
+ l = strlen(s) + 1;
+ d = sm_malloc_tagged_x(l, file, line, group);
+ (void) sm_strlcpy(d, s, l);
+ return d;
+}
+
+#endif /* DO_NOT_USE_STRCPY */
+
diff --git a/contrib/sendmail/libsm/t-shm.c b/contrib/sendmail/libsm/t-shm.c
index 5da07c1e369b..b20040a35639 100644
--- a/contrib/sendmail/libsm/t-shm.c
+++ b/contrib/sendmail/libsm/t-shm.c
@@ -8,7 +8,7 @@
*/
#include <sm/gen.h>
-SM_RCSID("@(#)$Id: t-shm.c,v 1.18 2002/01/31 04:11:41 ca Exp $")
+SM_RCSID("@(#)$Id: t-shm.c,v 1.19 2004/04/20 23:14:21 ca Exp $")
#include <stdio.h>
@@ -45,7 +45,7 @@ shminter(owner)
bool owner;
{
int *shm, shmid;
- int i, j, t;
+ int i, t;
shm = (int *) sm_shmstart(T_SHMKEY, SHMSIZE, 0, &shmid, owner);
if (shm == (int *) 0)
@@ -74,7 +74,6 @@ shminter(owner)
t = *shm;
for (i = 0; i < SHM_MAX; i++)
{
- j += i;
++*shm;
}
if (*shm != SHM_MAX + t)
diff --git a/contrib/sendmail/libsm/vasprintf.c b/contrib/sendmail/libsm/vasprintf.c
index 3441a3dee074..69d857633995 100644
--- a/contrib/sendmail/libsm/vasprintf.c
+++ b/contrib/sendmail/libsm/vasprintf.c
@@ -24,7 +24,7 @@
*/
#include <sm/gen.h>
-SM_RCSID("@(#)$Id: vasprintf.c,v 1.26.2.1 2003/06/03 02:14:09 ca Exp $")
+SM_RCSID("@(#)$Id: vasprintf.c,v 1.27 2003/06/03 02:14:24 ca Exp $")
#include <stdlib.h>
#include <errno.h>
#include <sm/io.h>
diff --git a/contrib/sendmail/libsmdb/Makefile.m4 b/contrib/sendmail/libsmdb/Makefile.m4
index 23f39d0b561f..caadfe8c88c6 100644
--- a/contrib/sendmail/libsmdb/Makefile.m4
+++ b/contrib/sendmail/libsmdb/Makefile.m4
@@ -1,4 +1,4 @@
-dnl $Id: Makefile.m4,v 8.13.4.1 2002/06/21 21:58:33 ca Exp $
+dnl $Id: Makefile.m4,v 8.14 2002/06/21 22:01:34 ca Exp $
include(confBUILDTOOLSDIR`/M4/switch.m4')
define(`confREQUIRE_LIBSM', `true')
diff --git a/contrib/sendmail/libsmdb/smdb2.c b/contrib/sendmail/libsmdb/smdb2.c
index 0e505e6e096b..be07d636b47f 100644
--- a/contrib/sendmail/libsmdb/smdb2.c
+++ b/contrib/sendmail/libsmdb/smdb2.c
@@ -8,7 +8,7 @@
*/
#include <sm/gen.h>
-SM_RCSID("@(#)$Id: smdb2.c,v 8.72.2.7 2003/06/24 17:16:10 ca Exp $")
+SM_RCSID("@(#)$Id: smdb2.c,v 8.79 2003/06/13 21:33:11 ca Exp $")
#include <fcntl.h>
#include <stdlib.h>
diff --git a/contrib/sendmail/libsmutil/Makefile.m4 b/contrib/sendmail/libsmutil/Makefile.m4
index 36c5d7a5a479..ea3730562923 100644
--- a/contrib/sendmail/libsmutil/Makefile.m4
+++ b/contrib/sendmail/libsmutil/Makefile.m4
@@ -1,4 +1,4 @@
-dnl $Id: Makefile.m4,v 8.16.4.1 2002/06/21 21:58:35 ca Exp $
+dnl $Id: Makefile.m4,v 8.17 2002/06/21 22:01:34 ca Exp $
include(confBUILDTOOLSDIR`/M4/switch.m4')
define(`confREQUIRE_LIBSM', `true')
diff --git a/contrib/sendmail/libsmutil/cf.c b/contrib/sendmail/libsmutil/cf.c
index 1db2a6793f91..f313762f5577 100644
--- a/contrib/sendmail/libsmutil/cf.c
+++ b/contrib/sendmail/libsmutil/cf.c
@@ -9,7 +9,7 @@
*/
#include <sendmail.h>
-SM_RCSID("@(#)$Id: cf.c,v 8.18.2.1 2002/09/24 21:48:23 ca Exp $")
+SM_RCSID("@(#)$Id: cf.c,v 8.19 2002/09/24 20:40:59 ca Exp $")
#include <sendmail/pathnames.h>
/*
diff --git a/contrib/sendmail/libsmutil/lockfile.c b/contrib/sendmail/libsmutil/lockfile.c
index 5eca360ce8f9..17d6237eaa64 100644
--- a/contrib/sendmail/libsmutil/lockfile.c
+++ b/contrib/sendmail/libsmutil/lockfile.c
@@ -13,7 +13,7 @@
#include <sendmail.h>
-SM_RCSID("@(#)$Id: lockfile.c,v 8.19 2001/09/11 04:04:55 gshapiro Exp $")
+SM_RCSID("@(#)$Id: lockfile.c,v 8.21 2003/11/10 22:57:38 ca Exp $")
/*
@@ -43,7 +43,6 @@ lockfile(fd, filename, ext, type)
#if !HASFLOCK
int action;
struct flock lfd;
- extern int errno;
memset(&lfd, '\0', sizeof lfd);
if (bitset(LOCK_UN, type))
diff --git a/contrib/sendmail/libsmutil/safefile.c b/contrib/sendmail/libsmutil/safefile.c
index aed40a0482e0..c6cfb53ef876 100644
--- a/contrib/sendmail/libsmutil/safefile.c
+++ b/contrib/sendmail/libsmutil/safefile.c
@@ -15,7 +15,7 @@
#include <sm/io.h>
#include <sm/errstring.h>
-SM_RCSID("@(#)$Id: safefile.c,v 8.124 2002/05/24 20:50:15 gshapiro Exp $")
+SM_RCSID("@(#)$Id: safefile.c,v 8.127 2004/05/27 22:37:51 msk Exp $")
/*
@@ -304,7 +304,7 @@ safefile(fn, uid, gid, user, flags, mode, st)
bitset(S_IXUSR|S_IXGRP|S_IXOTH, st->st_mode))
{
if (tTd(44, 4))
- sm_dprintf("\t[exec bits %lo]\tE_SM_ISEXEC]\n",
+ sm_dprintf("\t[exec bits %lo]\tE_SM_ISEXEC\n",
(unsigned long) st->st_mode);
return E_SM_ISEXEC;
}
@@ -684,6 +684,9 @@ safeopen(fn, omode, cmode, sff)
int cmode;
long sff;
{
+#if !NOFTRUNCATE
+ bool truncate;
+#endif /* !NOFTRUNCATE */
int rval;
int fd;
int smode;
@@ -735,6 +738,12 @@ safeopen(fn, omode, cmode, sff)
return -1;
}
+#if !NOFTRUNCATE
+ truncate = bitset(O_TRUNC, omode);
+ if (truncate)
+ omode &= ~O_TRUNC;
+#endif /* !NOFTRUNCATE */
+
fd = dfopen(fn, omode, cmode, sff);
if (fd < 0)
return fd;
@@ -745,6 +754,22 @@ safeopen(fn, omode, cmode, sff)
errno = E_SM_FILECHANGE;
return -1;
}
+
+#if !NOFTRUNCATE
+ if (truncate &&
+ ftruncate(fd, (off_t) 0) < 0)
+ {
+ int save_errno;
+
+ save_errno = errno;
+ syserr("554 5.3.0 cannot open: file %s could not be truncated",
+ fn);
+ (void) close(fd);
+ errno = save_errno;
+ return -1;
+ }
+#endif /* !NOFTRUNCATE */
+
return fd;
}
/*
@@ -940,6 +965,9 @@ dfopen(filename, omode, cmode, sff)
locktype = LOCK_EX;
else
locktype = LOCK_SH;
+ if (bitset(SFF_NBLOCK, sff))
+ locktype |= LOCK_NB;
+
if (!lockfile(fd, filename, NULL, locktype))
{
int save_errno = errno;
diff --git a/contrib/sendmail/mail.local/Makefile.m4 b/contrib/sendmail/mail.local/Makefile.m4
index 63c14e0dfac3..3a06a3b44b80 100644
--- a/contrib/sendmail/mail.local/Makefile.m4
+++ b/contrib/sendmail/mail.local/Makefile.m4
@@ -1,4 +1,4 @@
-dnl $Id: Makefile.m4,v 8.49.2.1 2002/06/21 21:58:36 ca Exp $
+dnl $Id: Makefile.m4,v 8.50 2002/06/21 22:01:39 ca Exp $
include(confBUILDTOOLSDIR`/M4/switch.m4')
define(`confREQUIRE_LIBSM', `true')
diff --git a/contrib/sendmail/mail.local/README b/contrib/sendmail/mail.local/README
index 651de4bc9113..2ab9dbc4af97 100644
--- a/contrib/sendmail/mail.local/README
+++ b/contrib/sendmail/mail.local/README
@@ -36,4 +36,29 @@ delivery agent without LMTP mode, use:
in the .mc file.
-$Revision: 8.10 $, Last updated $Date: 2001/09/08 01:21:04 $
+Defining HASHSPOOL (-DHASHSPOOL) will build a mail.local which supports
+delivering to subdirectories of the mail spool, based on a hash of the
+username (i.e., a hash depth of 2 and a username of "user" will result in
+/var/spool/mail/u/s/user). If the hash depth is greater than the length
+of the username, "_" will be used. The necessary subdirectories must
+exist; mail.local will not create them. Use the "-H" option to set the
+hash type and depth (like "-H u2" for a username hash two levels deep).
+
+The HASHSPOOL option also adds two other options: "-p path" to specify
+an alternate mail spool path (i.e., "-p /local/mail") and "-n" to specify
+that mail.local should not strip the @domain part of recipient addresses
+in LMTP mode.
+
+In addition to HASHSPOOL, defining HASHSPOOLMD5 and linking against
+libcrypto from OpenSSL like:
+
+ APPENDDEF(`conf_mail_local_ENVDEF', `-DHASHSPOOL -DHASHSPOOLMD5')
+ APPENDDEF(`conf_mail_local_LIBS', `-lcrypto')
+
+will offer an alternate hash, using a base64 encoding (changing / to _)
+of an MD5 hash of the username. This results in a more balanced
+subdirectory tree. The subdirectories will be named with A-Z, a-z, 0-9,
++, and _. The hash type is "m", so use "-H m3" to get a three level MD5
+based hash.
+
+$Revision: 8.11 $, Last updated $Date: 2003/10/20 20:19:13 $
diff --git a/contrib/sendmail/mail.local/mail.local.8 b/contrib/sendmail/mail.local/mail.local.8
index 5cd1c137ec4b..0181f1635dee 100644
--- a/contrib/sendmail/mail.local/mail.local.8
+++ b/contrib/sendmail/mail.local/mail.local.8
@@ -1,4 +1,4 @@
-.\" Copyright (c) 1998-2001 Sendmail, Inc. and its suppliers.
+.\" Copyright (c) 1998-2001, 2003 Sendmail, Inc. and its suppliers.
.\" All rights reserved.
.\" Copyright (c) 1990, 1993
.\" The Regents of the University of California. All rights reserved.
@@ -8,9 +8,9 @@
.\" the sendmail distribution.
.\"
.\"
-.\" $Id: mail.local.8,v 8.23 2001/04/05 23:27:35 gshapiro Exp $
+.\" $Id: mail.local.8,v 8.25 2003/10/20 20:26:51 ca Exp $
.\"
-.TH MAIL.LOCAL 8 "$Date: 2001/04/05 23:27:35 $"
+.TH MAIL.LOCAL 8 "$Date: 2003/10/20 20:26:51 $"
.SH NAME
mail.local
\- store mail in a mailbox
@@ -65,6 +65,29 @@ Same as \-f.
Store incoming mail in \fIfilename\fR in the user's home directory instead
of a system mail spool directory.
.PP
+The next options are only available if
+.B mail.local
+has been compiled with -DHASHSPOOL.
+.TP
+.BI \-H " hashtypehashdepth"
+Select hashed mail directories.
+Valid hash types are
+.B u
+for user name and
+.B m
+for MD5 (requires compilation with -DHASHSPOOLMD5).
+Example:
+.BI \-H " u2"
+selects user name hashing with a hash depth of 2.
+Note: there must be no space between the hash type and the depth.
+.TP
+.BI \-p " path"
+Specify an alternate mail spool path.
+.TP
+.BI \-n
+Specify that the domain part of recipient addresses in LMTP mode
+should not be stripped.
+.PP
Individual mail messages in the mailbox are delimited by an empty
line followed by a line beginning with the string ``From ''.
A line containing the string ``From '', the sender's name and a time stamp
diff --git a/contrib/sendmail/mail.local/mail.local.c b/contrib/sendmail/mail.local/mail.local.c
index ff82a94453cf..72305843723b 100644
--- a/contrib/sendmail/mail.local/mail.local.c
+++ b/contrib/sendmail/mail.local/mail.local.c
@@ -18,7 +18,7 @@ SM_IDSTR(copyright,
Copyright (c) 1990, 1993, 1994\n\
The Regents of the University of California. All rights reserved.\n")
-SM_IDSTR(id, "@(#)$Id: mail.local.c,v 8.239.2.11 2003/09/01 01:49:46 gshapiro Exp $")
+SM_IDSTR(id, "@(#)$Id: mail.local.c,v 8.251 2003/11/03 18:38:29 ca Exp $")
#include <stdlib.h>
#include <sm/errstring.h>
@@ -32,6 +32,13 @@ SM_IDSTR(id, "@(#)$Id: mail.local.c,v 8.239.2.11 2003/09/01 01:49:46 gshapiro Ex
#include <sm/mbdb.h>
#include <sm/sysexits.h>
+#ifndef HASHSPOOL
+# define HASHSPOOL 0
+#endif /* ! HASHSPOOL */
+#ifndef HASHSPOOLMD5
+# define HASHSPOOLMD5 0
+#endif /* ! HASHSPOOLMD5 */
+
/*
** This is not intended to work on System V derived systems
** such as Solaris or HP-UX, since they use a totally different
@@ -63,6 +70,15 @@ SM_IDSTR(id, "@(#)$Id: mail.local.c,v 8.239.2.11 2003/09/01 01:49:46 gshapiro Ex
#include <sm/conf.h>
#include <sendmail/pathnames.h>
+#if HASHSPOOL
+# define HASH_NONE 0
+# define HASH_USER 1
+# if HASHSPOOLMD5
+# define HASH_MD5 2
+# include <openssl/md5.h>
+# endif /* HASHSPOOLMD5 */
+#endif /* HASHSPOOL */
+
#ifndef LOCKTO_RM
# define LOCKTO_RM 300 /* timeout for stale lockfile removal */
@@ -130,6 +146,15 @@ bool LMTPMode = false;
bool BounceQuota = false; /* permanent error when over quota */
char *HomeMailFile = NULL; /* store mail in homedir */
+#if HASHSPOOL
+int HashType = HASH_NONE;
+int HashDepth = 0;
+bool StripRcptDomain = true;
+#else /* HASHSPOOL */
+# define StripRcptDomain true
+#endif /* HASHSPOOL */
+char SpoolPath[MAXPATHLEN];
+
void deliver __P((int, char *));
int e_to_sys __P((int));
void notifybiff __P((char *));
@@ -139,6 +164,9 @@ int lockmbox __P((char *));
void unlockmbox __P((void));
void mailerr __P((const char *, const char *, ...));
void flush_error __P((void));
+#if HASHSPOOL
+const char *hashname __P((char *));
+#endif /* HASHSPOOL */
int
@@ -170,7 +198,17 @@ main(argc, argv)
# endif /* LOG_MAIL */
from = NULL;
+ if (sm_strlcpy(SpoolPath, _PATH_MAILDIR, sizeof(SpoolPath)) >=
+ sizeof(SpoolPath))
+ {
+ mailerr("421", "Configuration error: _PATH_MAILDIR too large");
+ exit(EX_CONFIG);
+ }
+#if HASHSPOOL
+ while ((ch = getopt(argc, argv, "7bdD:f:h:r:lH:p:n")) != -1)
+#else /* HASHSPOOL */
while ((ch = getopt(argc, argv, "7bdD:f:h:r:l")) != -1)
+#endif /* HASHSPOOL */
{
switch(ch)
{
@@ -213,6 +251,62 @@ main(argc, argv)
LMTPMode = true;
break;
+
+#if HASHSPOOL
+ case 'H':
+ if (optarg == NULL || *optarg == '\0')
+ {
+ mailerr(NULL, "-H: missing hashinfo");
+ usage();
+ }
+ switch(optarg[0])
+ {
+ case 'u':
+ HashType = HASH_USER;
+ break;
+
+# if HASHSPOOLMD5
+ case 'm':
+ HashType = HASH_MD5;
+ break;
+# endif /* HASHSPOOLMD5 */
+
+ default:
+ mailerr(NULL, "-H: unknown hash type");
+ usage();
+ }
+ if (optarg[1] == '\0')
+ {
+ mailerr(NULL, "-H: invalid hash depth");
+ usage();
+ }
+ HashDepth = atoi(&optarg[1]);
+ if ((HashDepth <= 0) || ((HashDepth * 2) >= MAXPATHLEN))
+ {
+ mailerr(NULL, "-H: invalid hash depth");
+ usage();
+ }
+ break;
+
+ case 'p':
+ if (optarg == NULL || *optarg == '\0')
+ {
+ mailerr(NULL, "-p: missing spool path");
+ usage();
+ }
+ if (sm_strlcpy(SpoolPath, optarg, sizeof(SpoolPath)) >=
+ sizeof(SpoolPath))
+ {
+ mailerr(NULL, "-p: invalid spool path");
+ usage();
+ }
+ break;
+
+ case 'n':
+ StripRcptDomain = false;
+ break;
+#endif /* HASHSPOOL */
+
case '?':
default:
usage();
@@ -580,7 +674,7 @@ dolmtp()
}
if (sm_strncasecmp(buf + 5, "to:", 3) != 0 ||
((rcpt_addr[rcpt_num] = parseaddr(buf + 8,
- true)) == NULL))
+ StripRcptDomain)) == NULL))
{
mailerr("501 5.5.4",
"Syntax error in parameters");
@@ -903,6 +997,7 @@ deliver(fd, name)
** Also, clear out any bogus characters.
*/
+#if !HASHSPOOL
if (strlen(name) > 40)
name[40] = '\0';
for (p = name; *p != '\0'; p++)
@@ -912,12 +1007,22 @@ deliver(fd, name)
else if (!isprint(*p))
*p = '.';
}
+#endif /* !HASHSPOOL */
if (HomeMailFile == NULL)
{
- if (sm_snprintf(path, sizeof(path), "%s/%s",
- _PATH_MAILDIR, name) >= sizeof(path))
+ if (sm_strlcpyn(path, sizeof(path),
+#if HASHSPOOL
+ 4,
+#else /* HASHSPOOL */
+ 3,
+#endif /* HASHSPOOL */
+ SpoolPath, "/",
+#if HASHSPOOL
+ hashname(name),
+#endif /* HASHSPOOL */
+ name) >= sizeof(path))
{
exitval = EX_UNAVAILABLE;
mailerr("550 5.1.1", "%s: Invalid mailbox path", name);
@@ -1493,6 +1598,79 @@ flush_error()
}
}
+#if HASHSPOOL
+const char *
+hashname(name)
+ char *name;
+{
+ static char p[MAXPATHLEN];
+ int i;
+ int len;
+ char *str;
+# if HASHSPOOLMD5
+ char Base64[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+_";
+ MD5_CTX ctx;
+ unsigned char md5[18];
+# if MAXPATHLEN <= 24
+ ERROR _MAXPATHLEN <= 24
+# endif /* MAXPATHLEN <= 24 */
+ char b64[24];
+ MD5_LONG bits;
+ int j;
+# endif /* HASHSPOOLMD5 */
+
+ if (HashType == HASH_NONE || HashDepth * 2 >= MAXPATHLEN)
+ {
+ p[0] = '\0';
+ return p;
+ }
+
+ switch(HashType)
+ {
+ case HASH_USER:
+ str = name;
+ break;
+
+# if HASHSPOOLMD5
+ case HASH_MD5:
+ MD5_Init(&ctx);
+ MD5_Update(&ctx, name, strlen(name));
+ MD5_Final(md5, &ctx);
+ md5[16] = 0;
+ md5[17] = 0;
+
+ for (i = 0; i < 6; i++)
+ {
+ bits = (unsigned) md5[(3 * i)] << 16;
+ bits |= (unsigned) md5[(3 * i) + 1] << 8;
+ bits |= (unsigned) md5[(3 * i) + 2];
+
+ for (j = 3; j >= 0; j--)
+ {
+ b64[(4 * i) + j] = Base64[(bits & 0x3f)];
+ bits >>= 6;
+ }
+ }
+ b64[22] = '\0';
+ str = b64;
+ break;
+# endif /* HASHSPOOLMD5 */
+ }
+
+ len = strlen(str);
+ for (i = 0; i < HashDepth; i++)
+ {
+ if (i < len)
+ p[i * 2] = str[i];
+ else
+ p[i * 2] = '_';
+ p[(i * 2) + 1] = '/';
+ }
+ p[HashDepth * 2] = '\0';
+ return p;
+}
+#endif /* HASHSPOOL */
+
/*
* e_to_sys --
* Guess which errno's are temporary. Gag me.
diff --git a/contrib/sendmail/mailstats/Makefile.m4 b/contrib/sendmail/mailstats/Makefile.m4
index e981401d1917..61f56924b538 100644
--- a/contrib/sendmail/mailstats/Makefile.m4
+++ b/contrib/sendmail/mailstats/Makefile.m4
@@ -1,4 +1,4 @@
-dnl $Id: Makefile.m4,v 8.34.4.1 2002/06/21 21:58:37 ca Exp $
+dnl $Id: Makefile.m4,v 8.35 2002/06/21 22:01:40 ca Exp $
include(confBUILDTOOLSDIR`/M4/switch.m4')
define(`confREQUIRE_LIBSM', `true')
diff --git a/contrib/sendmail/mailstats/mailstats.8 b/contrib/sendmail/mailstats/mailstats.8
index 582055d11617..d6c25def5d9e 100644
--- a/contrib/sendmail/mailstats/mailstats.8
+++ b/contrib/sendmail/mailstats/mailstats.8
@@ -6,9 +6,9 @@
.\" the sendmail distribution.
.\"
.\"
-.\" $Id: mailstats.8,v 8.30.2.1 2002/09/26 23:03:39 gshapiro Exp $
+.\" $Id: mailstats.8,v 8.31 2002/06/27 22:47:29 gshapiro Exp $
.\"
-.TH MAILSTATS 8 "$Date: 2002/09/26 23:03:39 $"
+.TH MAILSTATS 8 "$Date: 2002/06/27 22:47:29 $"
.SH NAME
mailstats
\- display mail statistics
@@ -55,6 +55,9 @@ Number of messages rejected.
.B msgsdis
Number of messages discarded.
.TP
+.B msgsqur
+Number of messages quarantined.
+.TP
.B Mailer
The name of the mailer.
.PD
diff --git a/contrib/sendmail/mailstats/mailstats.c b/contrib/sendmail/mailstats/mailstats.c
index ec56e3a7e5c8..f8b57b37bf00 100644
--- a/contrib/sendmail/mailstats/mailstats.c
+++ b/contrib/sendmail/mailstats/mailstats.c
@@ -15,12 +15,12 @@
#include <sm/gen.h>
SM_IDSTR(copyright,
-"@(#) Copyright (c) 1998-2001 Sendmail, Inc. and its suppliers.\n\
+"@(#) Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers.\n\
All rights reserved.\n\
Copyright (c) 1988, 1993\n\
The Regents of the University of California. All rights reserved.\n")
-SM_IDSTR(id, "@(#)$Id: mailstats.c,v 8.98 2002/05/24 23:10:15 gshapiro Exp $")
+SM_IDSTR(id, "@(#)$Id: mailstats.c,v 8.100 2002/06/27 23:24:06 gshapiro Exp $")
#include <unistd.h>
#include <stddef.h>
@@ -59,9 +59,7 @@ main(argc, argv)
bool trunc;
long frmsgs = 0, frbytes = 0, tomsgs = 0, tobytes = 0, rejmsgs = 0;
long dismsgs = 0;
-#if _FFR_QUARANTINE
long quarmsgs = 0;
-#endif /* _FFR_QUARANTINE */
time_t now;
char mtable[MAXMAILERS][MNAMELEN + 1];
char sfilebuf[MAXPATHLEN];
@@ -285,18 +283,14 @@ main(argc, argv)
ctime(&stats.stat_itime));
(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
" M msgsfr bytes_from msgsto bytes_to msgsrej msgsdis");
-#if _FFR_QUARANTINE
(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, " msgsqur");
-#endif /* _FFR_QUARANTINE */
(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, "%s\n",
mnames ? " Mailer" : "");
}
for (i = 0; i < MAXMAILERS; i++)
{
if (stats.stat_nf[i] || stats.stat_nt[i] ||
-#if _FFR_QUARANTINE
stats.stat_nq[i] ||
-#endif /* _FFR_QUARANTINE */
stats.stat_nr[i] || stats.stat_nd[i])
{
char *format;
@@ -313,10 +307,8 @@ main(argc, argv)
stats.stat_bt[i],
stats.stat_nr[i],
stats.stat_nd[i]);
-#if _FFR_QUARANTINE
(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
" %6ld", stats.stat_nq[i]);
-#endif /* _FFR_QUARANTINE */
if (mnames)
(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
" %s",
@@ -328,9 +320,7 @@ main(argc, argv)
tobytes += stats.stat_bt[i];
rejmsgs += stats.stat_nr[i];
dismsgs += stats.stat_nd[i];
-#if _FFR_QUARANTINE
quarmsgs += stats.stat_nq[i];
-#endif /* _FFR_QUARANTINE */
}
}
if (progmode)
@@ -339,10 +329,8 @@ main(argc, argv)
" T %8ld %10ld %8ld %10ld %6ld %6ld",
frmsgs, frbytes, tomsgs, tobytes, rejmsgs,
dismsgs);
-#if _FFR_QUARANTINE
(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
" %6ld", quarmsgs);
-#endif /* _FFR_QUARANTINE */
(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, "\n");
(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
" C %8ld %8ld %6ld\n",
@@ -360,18 +348,14 @@ main(argc, argv)
{
(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
"=============================================================");
-#if _FFR_QUARANTINE
(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, "========");
-#endif /* _FFR_QUARANTINE */
(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, "\n");
(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
" T %8ld %10ldK %8ld %10ldK %6ld %6ld",
frmsgs, frbytes, tomsgs, tobytes, rejmsgs,
dismsgs);
-#if _FFR_QUARANTINE
(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
" %6ld", quarmsgs);
-#endif /* _FFR_QUARANTINE */
(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, "\n");
(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
" C %8ld %10s %8ld %10s %6ld\n",
diff --git a/contrib/sendmail/makemap/Makefile.m4 b/contrib/sendmail/makemap/Makefile.m4
index 2396311ae952..a4664cf4369e 100644
--- a/contrib/sendmail/makemap/Makefile.m4
+++ b/contrib/sendmail/makemap/Makefile.m4
@@ -1,4 +1,4 @@
-dnl $Id: Makefile.m4,v 8.42.4.1 2002/06/21 21:58:38 ca Exp $
+dnl $Id: Makefile.m4,v 8.43 2002/06/21 22:01:44 ca Exp $
include(confBUILDTOOLSDIR`/M4/switch.m4')
define(`confREQUIRE_LIBSM', `true')
diff --git a/contrib/sendmail/makemap/makemap.8 b/contrib/sendmail/makemap/makemap.8
index 9faaef7fcb60..96338e79cb0f 100644
--- a/contrib/sendmail/makemap/makemap.8
+++ b/contrib/sendmail/makemap/makemap.8
@@ -1,4 +1,4 @@
-.\" Copyright (c) 1998-2001 Sendmail, Inc. and its suppliers.
+.\" Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers.
.\" All rights reserved.
.\" Copyright (c) 1988, 1991, 1993
.\" The Regents of the University of California. All rights reserved.
@@ -8,9 +8,9 @@
.\" the sendmail distribution.
.\"
.\"
-.\" $Id: makemap.8,v 8.29 2001/10/10 03:23:02 ca Exp $
+.\" $Id: makemap.8,v 8.30 2002/06/27 23:41:04 gshapiro Exp $
.\"
-.TH MAKEMAP 8 "$Date: 2001/10/10 03:23:02 $"
+.TH MAKEMAP 8 "$Date: 2002/06/27 23:41:04 $"
.SH NAME
makemap
\- create database maps for sendmail
@@ -22,6 +22,8 @@ makemap
.RB [ \-c
.IR cachesize ]
.RB [ \-d ]
+.RB [ \-D
+.IR commentchar ]
.RB [ \-e ]
.RB [ \-f ]
.RB [ \-l ]
@@ -111,6 +113,10 @@ This must match the \-N flag in the sendmail.cf
.B \-c
Use the specified hash and B-Tree cache size.
.TP
+.B \-D
+Use to specify the character to use to indicate a comment (which is ignored)
+instead of the default of '#'.
+.TP
.B \-d
Allow duplicate keys in the map.
This is only allowed on B-Tree format maps.
diff --git a/contrib/sendmail/makemap/makemap.c b/contrib/sendmail/makemap/makemap.c
index 59c28f627df8..bf3d282380d8 100644
--- a/contrib/sendmail/makemap/makemap.c
+++ b/contrib/sendmail/makemap/makemap.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1998-2001 Sendmail, Inc. and its suppliers.
+ * Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers.
* All rights reserved.
* Copyright (c) 1992 Eric P. Allman. All rights reserved.
* Copyright (c) 1992, 1993
@@ -20,7 +20,7 @@ SM_IDSTR(copyright,
Copyright (c) 1992, 1993\n\
The Regents of the University of California. All rights reserved.\n")
-SM_IDSTR(id, "@(#)$Id: makemap.c,v 8.175 2001/12/28 22:44:01 ca Exp $")
+SM_IDSTR(id, "@(#)$Id: makemap.c,v 8.176 2002/06/27 23:41:04 gshapiro Exp $")
#include <sys/types.h>
@@ -56,13 +56,15 @@ static void
usage(progname)
char *progname;
{
- /* XXX break the usage output into multiple lines? it's too long */
sm_io_fprintf(smioerr, SM_TIME_DEFAULT,
- "Usage: %s [-C cffile] [-N] [-c cachesize] [-d] [-e] [-f] [-l] [-o] [-r] [-s] [-t delimiter] [-u] [-v] type mapname\n",
- progname);
-#if _FFR_COMMENT_CHAR
- /* add -D comment-char */
-#endif /* _FFR_COMMENT_CHAR */
+ "Usage: %s [-C cffile] [-N] [-c cachesize] [-D commentchar]\n",
+ progname);
+ sm_io_fprintf(smioerr, SM_TIME_DEFAULT,
+ " %*s [-d] [-e] [-f] [-l] [-o] [-r] [-s] [-t delimiter]\n",
+ (int) strlen(progname), "");
+ sm_io_fprintf(smioerr, SM_TIME_DEFAULT,
+ " %*s [-u] [-v] type mapname\n",
+ (int) strlen(progname), "");
exit(EX_USAGE);
}
@@ -161,11 +163,9 @@ main(argc, argv)
foldcase = false;
break;
-#if _FFR_COMMENT_CHAR
case 'D':
comment = *optarg;
break;
-#endif /* _FFR_COMMENT_CHAR */
case 'l':
smdb_print_available_types();
diff --git a/contrib/sendmail/praliases/Makefile.m4 b/contrib/sendmail/praliases/Makefile.m4
index 248fccd2e5ac..2ba5c7eb06a0 100644
--- a/contrib/sendmail/praliases/Makefile.m4
+++ b/contrib/sendmail/praliases/Makefile.m4
@@ -1,4 +1,4 @@
-dnl $Id: Makefile.m4,v 8.34.4.1 2002/06/21 21:58:39 ca Exp $
+dnl $Id: Makefile.m4,v 8.35 2002/06/21 22:01:47 ca Exp $
include(confBUILDTOOLSDIR`/M4/switch.m4')
define(`confREQUIRE_LIBSM', `true')
diff --git a/contrib/sendmail/rmail/Makefile.m4 b/contrib/sendmail/rmail/Makefile.m4
index 6b2a0498f13c..f8ee2ff54be9 100644
--- a/contrib/sendmail/rmail/Makefile.m4
+++ b/contrib/sendmail/rmail/Makefile.m4
@@ -1,4 +1,4 @@
-dnl $Id: Makefile.m4,v 8.42.4.1 2002/06/21 21:58:46 ca Exp $
+dnl $Id: Makefile.m4,v 8.43 2002/06/21 22:01:49 ca Exp $
include(confBUILDTOOLSDIR`/M4/switch.m4')
define(`confREQUIRE_LIBSM', `true')
diff --git a/contrib/sendmail/smrsh/Makefile.m4 b/contrib/sendmail/smrsh/Makefile.m4
index f090250ff185..1fa55349b02b 100644
--- a/contrib/sendmail/smrsh/Makefile.m4
+++ b/contrib/sendmail/smrsh/Makefile.m4
@@ -1,4 +1,4 @@
-dnl $Id: Makefile.m4,v 8.34.2.1 2002/06/21 21:58:48 ca Exp $
+dnl $Id: Makefile.m4,v 8.35 2002/06/21 22:01:52 ca Exp $
include(confBUILDTOOLSDIR`/M4/switch.m4')
define(`confREQUIRE_LIBSM', `true')
diff --git a/contrib/sendmail/smrsh/README b/contrib/sendmail/smrsh/README
index d2b0b643201d..0719a3f506c9 100644
--- a/contrib/sendmail/smrsh/README
+++ b/contrib/sendmail/smrsh/README
@@ -163,4 +163,4 @@ a typical system follows:
host.domain# /usr/sbin/sendmail -bd -q30m
-$Revision: 8.8.4.1 $, Last updated $Date: 2003/05/26 04:29:42 $
+$Revision: 8.9 $, Last updated $Date: 2003/05/26 04:30:58 $
diff --git a/contrib/sendmail/smrsh/smrsh.8 b/contrib/sendmail/smrsh/smrsh.8
index b15a16ce0555..e209fe449dac 100644
--- a/contrib/sendmail/smrsh/smrsh.8
+++ b/contrib/sendmail/smrsh/smrsh.8
@@ -1,4 +1,4 @@
-.\" Copyright (c) 1998-2001 Sendmail, Inc. and its suppliers.
+.\" Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers.
.\" All rights reserved.
.\" Copyright (c) 1993 Eric P. Allman. All rights reserved.
.\" Copyright (c) 1993
@@ -9,9 +9,9 @@
.\" the sendmail distribution.
.\"
.\"
-.\" $Id: smrsh.8,v 8.16.2.2 2003/10/07 18:05:37 ca Exp $
+.\" $Id: smrsh.8,v 8.20 2003/10/07 18:05:12 ca Exp $
.\"
-.TH SMRSH 8 "$Date: 2003/10/07 18:05:37 $"
+.TH SMRSH 8 "$Date: 2003/10/07 18:05:12 $"
.SH NAME
smrsh \- restricted shell for sendmail
.SH SYNOPSIS
diff --git a/contrib/sendmail/smrsh/smrsh.c b/contrib/sendmail/smrsh/smrsh.c
index bfcfcbe21b1c..4aab7baebb1c 100644
--- a/contrib/sendmail/smrsh/smrsh.c
+++ b/contrib/sendmail/smrsh/smrsh.c
@@ -20,7 +20,7 @@ SM_IDSTR(copyright,
Copyright (c) 1993\n\
The Regents of the University of California. All rights reserved.\n")
-SM_IDSTR(id, "@(#)$Id: smrsh.c,v 8.58.2.5 2003/12/15 17:09:39 ca Exp $")
+SM_IDSTR(id, "@(#)$Id: smrsh.c,v 8.63 2003/12/15 17:12:29 ca Exp $")
/*
** SMRSH -- sendmail restricted shell
diff --git a/contrib/sendmail/src/Makefile.m4 b/contrib/sendmail/src/Makefile.m4
index 1100dea5572d..5cf0f78411ab 100644
--- a/contrib/sendmail/src/Makefile.m4
+++ b/contrib/sendmail/src/Makefile.m4
@@ -1,11 +1,11 @@
-dnl $Id: Makefile.m4,v 8.91.2.4 2002/09/09 02:48:54 gshapiro Exp $
+dnl $Id: Makefile.m4,v 8.96 2003/08/08 20:31:17 ca Exp $
include(confBUILDTOOLSDIR`/M4/switch.m4')
define(`confREQUIRE_LIBSM', `true')
bldPRODUCT_START(`executable', `sendmail')
define(`bldBIN_TYPE', `G')
define(`bldINSTALL_DIR', `')
-define(`bldSOURCES', `main.c alias.c arpadate.c bf.c collect.c conf.c control.c convtime.c daemon.c deliver.c domain.c envelope.c err.c headers.c macro.c map.c mci.c milter.c mime.c parseaddr.c queue.c readcf.c recipient.c sasl.c savemail.c sfsasl.c shmticklib.c sm_resolve.c srvrsmtp.c stab.c stats.c sysexits.c timers.c tls.c trace.c udb.c usersmtp.c util.c version.c ')
+define(`bldSOURCES', `main.c alias.c arpadate.c bf.c collect.c conf.c control.c convtime.c daemon.c deliver.c domain.c envelope.c err.c headers.c macro.c map.c mci.c milter.c mime.c parseaddr.c queue.c ratectrl.c readcf.c recipient.c sasl.c savemail.c sfsasl.c shmticklib.c sm_resolve.c srvrsmtp.c stab.c stats.c sysexits.c timers.c tls.c trace.c udb.c usersmtp.c util.c version.c ')
PREPENDDEF(`confENVDEF', `confMAPDEF')
bldPUSH_SMLIB(`sm')
bldPUSH_SMLIB(`smutil')
diff --git a/contrib/sendmail/src/README b/contrib/sendmail/src/README
index e0af96b1d8c6..b2e11c436722 100644
--- a/contrib/sendmail/src/README
+++ b/contrib/sendmail/src/README
@@ -1,4 +1,4 @@
-# Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers.
+# Copyright (c) 1998-2004 Sendmail, Inc. and its suppliers.
# All rights reserved.
# Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved.
# Copyright (c) 1988
@@ -9,7 +9,7 @@
# the sendmail distribution.
#
#
-# $Id: README,v 8.355.2.16 2004/01/08 21:54:55 ca Exp $
+# $Id: README,v 8.384 2004/07/26 18:03:55 ca Exp $
#
This directory contains the source files for sendmail(TM).
@@ -127,6 +127,8 @@ DNSMAP DNS map support. Requires NAMED_BIND.
PH_MAP PH map support. You will need the libphclient library from
the nph package (http://www-dev.cites.uiuc.edu/ph/nph/).
MAP_NSD nsd map support (IRIX 6.5 and later).
+SOCKETMAP Support for a trivial query protocol over UNIX domain or TCP
+ sockets.
>>> NOTE WELL for NEWDB support: If you want to get ndbm support, for
>>> Berkeley DB versions under 2.0, it is CRITICAL that you remove
@@ -180,6 +182,15 @@ addresses, so "^[0-9]+$" would match this. By using such a map in a
check_* rule-set, you can block a certain range of addresses that would
otherwise be considered valid.
+The socket map uses a simple request/reply protocol over TCP or
+UNIX domain sockets to query an external server. Both requests and
+replies are text based and encoded as netstrings. The socket map
+uses the same syntax as milters the specify the remote endpoint,
+e.g.:
+
+Ksocket mySocketMap inet:12345@127.0.0.1
+
+See doc/op/op.me for details.
+---------------+
| COMPILE FLAGS |
@@ -287,6 +298,8 @@ HASURANDOMDEV Define this if your system has /dev/urandom(4).
HASSTRERROR Define this if you have the libc strerror(3) function (which
should be declared in <errno.h>), and it should be used
instead of sys_errlist.
+HASCLOSEFROM Define this if your system has closefrom(3).
+HASFDWALK Define this if your system has fdwalk(3).
SM_CONF_GETOPT Define this as 0 if you need a reimplementation of getopt(3).
On some systems, getopt does very odd things if called
to scan the arguments twice. This flag will ask sendmail
@@ -481,6 +494,11 @@ USE_DOUBLE_FORK By default this is on (1). Set it to 0 to suppress the
ALLOW_255 Do not convert (char)0xff to (char)0x7f in headers etc.
This can also be done at runtime with the command line
option -d82.101.
+NEEDINTERRNO Set this if <errno.h> does not declare errno, i.e., if an
+ application needs to use
+ extern int errno;
+USE_TTYPATH Set this to 1 to enable ErrorMode=write.
+USESYSCTL Use sysctl(3) to determine the number of CPUs in a system.
+-----------------------+
@@ -604,8 +622,11 @@ STARTTLS Enables SMTP STARTTLS (RFC 2487). This requires OpenSSL
See STARTTLS COMPILATION AND CONFIGURATION for further
information.
TLS_NO_RSA Turn off support for RSA algorithms in STARTTLS.
-MILTER Turn on support for external filters using the Milter API.
- See libmilter/README for more information.
+MILTER Turn on support for external filters using the Milter API;
+ this option is set by default, to turn it off use
+ APPENDDEF(`conf_sendmail_ENVDEF', `-DMILTER')
+ in devtools/Site/site.config.m4 (see devtools/README).
+ See libmilter/README for more information about milter.
REQUIRES_DIR_FSYNC Turn on support for file systems that require to
call fsync() for a directory if the meta-data in it has
been changed. This should be turned on at least for older
@@ -1303,12 +1324,12 @@ Linux
Something broke between versions 0.99.13 and 0.99.14 of Linux: the
flock() system call gives errors. If you are running .14, you must
not use flock. You can do this with -DHASFLOCK=0. We have also
- been getting complaints since version 2.4.X was released. Unless
- the bug is fixed before sendmail 8.13 is shipped, 8.13 will change
- the default locking method to fcntl() for Linux kernel version 2.4
- and later. Be sure to update other sendmail related programs to
- match locking techniques (some examples, besides makemap and
- mail.local, include procmail, mailx, mutt, elm, etc).
+ been getting complaints since version 2.4.X was released.
+ sendmail 8.13 has changed the default locking method to fcntl()
+ for Linux kernel version 2.4 and later. Be sure to update other
+ sendmail related programs to match locking techniques (some
+ examples, besides makemap and mail.local, include procmail, mailx,
+ mutt, elm, etc).
Around the inclusion of bind-4.9.3 & Linux libc-4.6.20, the
initialization of the _res structure changed. If /etc/hosts.conf
@@ -1802,4 +1823,4 @@ util.c Some general purpose routines used by sendmail.
version.c The version number and information about this
version of sendmail.
-(Version $Revision: 8.355.2.16 $, last update $Date: 2004/01/08 21:54:55 $ )
+(Version $Revision: 8.384 $, last update $Date: 2004/07/26 18:03:55 $ )
diff --git a/contrib/sendmail/src/SECURITY b/contrib/sendmail/src/SECURITY
index 71b4643ae10f..0445e445235c 100644
--- a/contrib/sendmail/src/SECURITY
+++ b/contrib/sendmail/src/SECURITY
@@ -5,7 +5,7 @@
# forth in the LICENSE file which can be found at the top level of
# the sendmail distribution.
#
-# $Id: SECURITY,v 1.50.2.1 2002/09/23 21:28:48 ca Exp $
+# $Id: SECURITY,v 1.51 2002/09/23 21:29:18 ca Exp $
#
This file gives some hints how to configure and run sendmail for
diff --git a/contrib/sendmail/src/TRACEFLAGS b/contrib/sendmail/src/TRACEFLAGS
index 1d7d28b244fc..9927922072fa 100644
--- a/contrib/sendmail/src/TRACEFLAGS
+++ b/contrib/sendmail/src/TRACEFLAGS
@@ -1,4 +1,4 @@
-# $Id: TRACEFLAGS,v 8.37.2.4 2003/06/13 21:59:45 lijian Exp $
+# $Id: TRACEFLAGS,v 8.42 2003/06/13 22:29:11 lijian Exp $
0, 4 main.c main canonical name, UUCP node name, a.k.a.s
0, 15 main.c main print configuration
0, 44 util.c printav print address of each string
@@ -75,15 +75,13 @@
63 queue.c runqueue process watching
64 multiple Milter
65 main.c permission checks
-#if _FFR_ADAPTIVE_EOL
-66 srvrsmtp.c conformance checks
-#endif /* _FFR_ADAPTIVE_EOL */
-#if _FFR_QUEUE_SCHED_DBG
-69 queue.c scheduling
-#endif /* _FFR_QUEUE_SCHED_DBG */
-#if _FFR_QUARANTINE
+#if _FFR_ADAPTIVE_EOL
+66 srvrsmtp.c conformance checks
+#endif /* _FFR_ADAPTIVE_EOL */
+#if _FFR_QUEUE_SCHED_DBG
+69 queue.c scheduling
+#endif /* _FFR_QUEUE_SCHED_DBG */
70 queue.c quarantining
-#endif /* _FFR_QUARANTINE */
71,>99 milter.c quarantine on errors
80 content length
81 sun remote mode
diff --git a/contrib/sendmail/src/TUNING b/contrib/sendmail/src/TUNING
index 61121cbbfd15..6ccff9a19407 100644
--- a/contrib/sendmail/src/TUNING
+++ b/contrib/sendmail/src/TUNING
@@ -5,7 +5,7 @@
# forth in the LICENSE file which can be found at the top level of
# the sendmail distribution.
#
-# $Id: TUNING,v 1.18.4.1 2003/02/07 18:19:51 ca Exp $
+# $Id: TUNING,v 1.19 2003/01/25 23:06:02 ca Exp $
#
********************************************
diff --git a/contrib/sendmail/src/alias.c b/contrib/sendmail/src/alias.c
index c944388bcb80..3c052123a4b5 100644
--- a/contrib/sendmail/src/alias.c
+++ b/contrib/sendmail/src/alias.c
@@ -13,7 +13,7 @@
#include <sendmail.h>
-SM_RCSID("@(#)$Id: alias.c,v 8.214.2.2 2003/10/06 20:43:29 ca Exp $")
+SM_RCSID("@(#)$Id: alias.c,v 8.217 2003/07/28 17:47:18 ca Exp $")
#define SEPARATOR ':'
# define ALIAS_SPEC_SEPARATORS " ,/:"
@@ -139,7 +139,7 @@ alias(a, sendq, aliaslevel, e)
if (tTd(27, 5))
{
sm_dprintf("alias: QS_EXPANDED ");
- printaddr(a, false);
+ printaddr(sm_debug_file(), a, false);
}
a->q_state = QS_EXPANDED;
diff --git a/contrib/sendmail/src/aliases.5 b/contrib/sendmail/src/aliases.5
index 62b5dfb55891..32fb50c4fcff 100644
--- a/contrib/sendmail/src/aliases.5
+++ b/contrib/sendmail/src/aliases.5
@@ -9,9 +9,9 @@
.\" the sendmail distribution.
.\"
.\"
-.\" $Id: aliases.5,v 8.17 2000/12/14 23:09:46 gshapiro Exp $
+.\" $Id: aliases.5,v 8.19 2004/07/12 05:39:21 ca Exp $
.\"
-.TH ALIASES 5 "$Date: 2000/12/14 23:09:46 $"
+.TH ALIASES 5 "$Date: 2004/07/12 05:39:21 $"
.SH NAME
aliases
\- aliases file for sendmail
@@ -78,6 +78,17 @@ are comments.
Aliasing occurs only on local names.
Loops can not occur, since no message will be sent to any person more than once.
.PP
+If an alias is found for
+.IR name ,
+sendmail then checks for an alias for
+.IR owner-name .
+If it is found and the result of the lookup expands to a single
+address, the envelope sender address of the message is rewritten to
+that address.
+If it is found and the result expands to more than one address, the
+envelope sender address is changed to
+.IR owner-name .
+.PP
After aliasing has been done, local and valid recipients who have a
``.forward''
file in their home directory have messages forwarded to the
diff --git a/contrib/sendmail/src/bf.c b/contrib/sendmail/src/bf.c
index 4e672b9431ce..211ed02f6db4 100644
--- a/contrib/sendmail/src/bf.c
+++ b/contrib/sendmail/src/bf.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1999-2002 Sendmail, Inc. and its suppliers.
+ * Copyright (c) 1999-2002, 2004 Sendmail, Inc. and its suppliers.
* All rights reserved.
*
* By using this file, you agree to the terms and conditions set
@@ -18,7 +18,7 @@
*/
#include <sm/gen.h>
-SM_RCSID("@(#)$Id: bf.c,v 8.54.2.3 2003/09/03 19:58:26 ca Exp $")
+SM_RCSID("@(#)$Id: bf.c,v 8.60 2004/04/14 18:12:49 ca Exp $")
#include <sys/types.h>
#include <sys/stat.h>
@@ -701,7 +701,8 @@ sm_bfcommit(fp)
/* Clear umask as bf_filemode are the true perms */
omask = umask(0);
- retval = OPEN(bfp->bf_filename, O_RDWR | O_CREAT | O_EXCL,
+ retval = OPEN(bfp->bf_filename,
+ O_RDWR | O_CREAT | O_EXCL | QF_O_EXTRA,
bfp->bf_filemode, bfp->bf_flags);
save_errno = errno;
(void) umask(omask);
diff --git a/contrib/sendmail/src/collect.c b/contrib/sendmail/src/collect.c
index 20a2c1cabc9c..392941ba43cb 100644
--- a/contrib/sendmail/src/collect.c
+++ b/contrib/sendmail/src/collect.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers.
+ * Copyright (c) 1998-2004 Sendmail, Inc. and its suppliers.
* All rights reserved.
* Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved.
* Copyright (c) 1988, 1993
@@ -13,10 +13,9 @@
#include <sendmail.h>
-SM_RCSID("@(#)$Id: collect.c,v 8.242.2.8 2003/07/08 01:16:35 ca Exp $")
+SM_RCSID("@(#)$Id: collect.c,v 8.254 2004/04/05 18:41:38 ca Exp $")
static void collecttimeout __P((time_t));
-static void dferror __P((SM_FILE_T *volatile, char *, ENVELOPE *));
static void eatfrom __P((char *volatile, ENVELOPE *));
static void collect_doheader __P((ENVELOPE *));
static SM_FILE_T *collect_dfopen __P((ENVELOPE *));
@@ -724,7 +723,9 @@ readerr:
finis(true, true, ExitStat);
/* NOTREACHED */
}
- else if (SuperSafe != SAFE_REALLY)
+ else if (SuperSafe == SAFE_NO ||
+ SuperSafe == SAFE_INTERACTIVE ||
+ (SuperSafe == SAFE_REALLY_POSTMILTER && smtpmode))
{
/* skip next few clauses */
/* EMPTY */
@@ -743,7 +744,7 @@ readerr:
if (stat(dfile, &st) < 0)
st.st_size = -1;
errno = EEXIST;
- syserr("@collect: bfcommit(%s): already on disk, size = %ld",
+ syserr("@collect: bfcommit(%s): already on disk, size=%ld",
dfile, (long) st.st_size);
dfd = sm_io_getinfo(df, SM_IO_WHAT_FD, NULL);
if (dfd >= 0)
@@ -754,8 +755,14 @@ readerr:
flush_errors(true);
finis(save_errno != EEXIST, true, ExitStat);
}
- else if ((afd = sm_io_getinfo(df, SM_IO_WHAT_FD, NULL)) >= 0 &&
- fsync(afd) < 0)
+ else if ((afd = sm_io_getinfo(df, SM_IO_WHAT_FD, NULL)) < 0)
+ {
+ dferror(df, "sm_io_getinfo", e);
+ flush_errors(true);
+ finis(true, true, ExitStat);
+ /* NOTREACHED */
+ }
+ else if (fsync(afd) < 0)
{
dferror(df, "fsync", e);
flush_errors(true);
@@ -873,7 +880,7 @@ readerr:
{
char *dfname = queuename(e, DATAFL_LETTER);
if ((e->e_dfp = sm_io_open(SmFtStdio, SM_TIME_DEFAULT, dfname,
- SM_IO_RDONLY, NULL)) == NULL)
+ SM_IO_RDONLY_B, NULL)) == NULL)
{
/* we haven't acked receipt yet, so just chuck this */
syserr("@Cannot reopen %s", dfname);
@@ -896,10 +903,6 @@ readerr:
e->e_msgpriority = e->e_msgsize
- e->e_class * WkClassFact
+ e->e_nrcpts * WkRecipFact;
- if (tTd(90, 1))
- sm_syslog(LOG_INFO, e->e_id,
- "collect: at end: msgsize=%ld, msgpriority=%ld",
- e->e_msgsize, e->e_msgpriority);
markstats(e, (ADDRESS *) NULL, STATS_NORMAL);
}
}
@@ -958,7 +961,7 @@ collecttimeout(timeout)
** Arranges for following output to go elsewhere.
*/
-static void
+void
dferror(df, msg, e)
SM_FILE_T *volatile df;
char *msg;
@@ -989,7 +992,7 @@ dferror(df, msg, e)
< 0)
st.st_size = 0;
(void) sm_io_reopen(SmFtStdio, SM_TIME_DEFAULT, dfname,
- SM_IO_WRONLY, NULL, df);
+ SM_IO_WRONLY_B, NULL, df);
if (st.st_size <= 0)
(void) sm_io_fprintf(df, SM_TIME_DEFAULT,
"\n*** Mail could not be accepted");
diff --git a/contrib/sendmail/src/conf.c b/contrib/sendmail/src/conf.c
index 56a840403a28..5f91e452d917 100644
--- a/contrib/sendmail/src/conf.c
+++ b/contrib/sendmail/src/conf.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers.
+ * Copyright (c) 1998-2004 Sendmail, Inc. and its suppliers.
* All rights reserved.
* Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved.
* Copyright (c) 1988, 1993
@@ -13,7 +13,7 @@
#include <sendmail.h>
-SM_RCSID("@(#)$Id: conf.c,v 8.972.2.54 2004/01/08 21:54:55 ca Exp $")
+SM_RCSID("@(#)$Id: conf.c,v 8.1047 2004/07/14 21:54:23 ca Exp $")
#include <sendmail/pathnames.h>
#if NEWDB
@@ -81,6 +81,7 @@ struct hdrinfo HdrInfo[] =
{ "errors-to", H_FROM|H_ERRORSTO, NULL },
{ "full-name", H_ACHECK, NULL },
{ "return-receipt-to", H_RECEIPTTO, NULL },
+ { "delivery-receipt-to", H_RECEIPTTO, NULL },
{ "disposition-notification-to", H_FROM, NULL },
/* destination fields */
@@ -259,9 +260,7 @@ setdefaults(e)
WkClassFact = 1800L; /* option z */
WkTimeFact = 90000L; /* option Z */
QueueFactor = WkRecipFact * 20; /* option q */
-#if _FFR_QUARANTINE
QueueMode = QM_NORMAL; /* what queue items to act upon */
-#endif /* _FFR_QUARANTINE */
FileMode = (RealUid != geteuid()) ? 0644 : 0600;
/* option F */
QueueFileMode = (RealUid != geteuid()) ? 0644 : 0600;
@@ -338,6 +337,7 @@ setdefaults(e)
FastSplit = 1;
#if SASL
AuthMechanisms = newstr(AUTH_MECHANISMS);
+ AuthRealm = NULL;
MaxSLBits = INT_MAX;
#endif /* SASL */
#if STARTTLS
@@ -368,12 +368,11 @@ setdefaults(e)
#if MILTER
InputFilters[0] = NULL;
#endif /* MILTER */
-#if _FFR_REJECT_LOG
RejectLogInterval = 3 HOURS;
-#endif /* _FFR_REJECT_LOG */
-#if _FFR_REQ_DIR_FSYNC_OPT
+#if REQUIRES_DIR_FSYNC
RequiresDirfsync = true;
-#endif /* _FFR_REQ_DIR_FSYNC_OPT */
+#endif /* REQUIRES_DIR_FSYNC */
+ ConnectionRateWindowSize = 60;
setupmaps();
setupqueues();
setupmailers();
@@ -640,6 +639,13 @@ setupmaps()
dequote_init, null_map_open, null_map_close,
arith_map_lookup, null_map_store);
+#if SOCKETMAP
+ /* arbitrary daemons */
+ MAPDEF("socket", NULL, MCF_ALIASOK,
+ map_parseargs, socket_map_open, socket_map_close,
+ socket_map_lookup, null_map_store);
+#endif /* SOCKETMAP */
+
if (tTd(38, 2))
{
/* bogus map -- always return tempfail */
@@ -1492,7 +1498,6 @@ getla()
double avenrun[3];
# endif /* LA_TYPE == LA_SHORT */
# endif /* LA_TYPE == LA_INT */
- extern int errno;
extern off_t lseek();
if (kmem < 0)
@@ -1600,7 +1605,6 @@ getla()
int j;
static int kmem = -1;
long avenrun[3];
- extern int errno;
struct mioc_rksym mirk;
if (kmem < 0)
@@ -1828,6 +1832,12 @@ getla()
# include <sys/sysmp.h>
+# ifdef _UNICOSMP
+# define CAST_SYSMP(x) (x)
+# else /* _UNICOSMP */
+# define CAST_SYSMP(x) ((x) & 0x7fffffff)
+# endif /* _UNICOSMP */
+
int
getla(void)
{
@@ -1857,7 +1867,8 @@ getla(void)
}
}
- if (lseek(kmem, (sysmp(MP_KERNADDR, MPKA_AVENRUN) & 0x7fffffff), SEEK_SET) == -1 ||
+ if (lseek(kmem, CAST_SYSMP(sysmp(MP_KERNADDR, MPKA_AVENRUN)), SEEK_SET)
+ == -1 ||
read(kmem, (char *) avenrun, sizeof(avenrun)) < sizeof(avenrun))
{
if (tTd(3, 1))
@@ -2193,16 +2204,16 @@ refuseconnections(name, e, d, active)
{
static time_t lastconn[MAXDAEMONS];
static int conncnt[MAXDAEMONS];
-#if _FFR_REJECT_LOG
static time_t firstrejtime[MAXDAEMONS];
static time_t nextlogtime[MAXDAEMONS];
-#endif /* _FFR_REJECT_LOG */
#if XLA
if (!xla_smtp_ok())
return true;
#endif /* XLA */
+ SM_ASSERT(d >= 0);
+ SM_ASSERT(d < MAXDAEMONS);
if (ConnRateThrottle > 0)
{
time_t now;
@@ -2234,16 +2245,13 @@ refuseconnections(name, e, d, active)
sm_getla();
if (RefuseLA > 0 && CurrentLA >= RefuseLA)
{
-# if _FFR_REJECT_LOG
time_t now;
-# define R2_MSG_LA "have been rejecting connections on daemon %s for %s"
-# endif /* _FFR_REJECT_LOG */
# define R_MSG_LA "rejecting connections on daemon %s: load average: %d"
+# define R2_MSG_LA "have been rejecting connections on daemon %s for %s"
sm_setproctitle(true, e, R_MSG_LA, name, CurrentLA);
if (LogLevel > 8)
sm_syslog(LOG_NOTICE, NOQID, R_MSG_LA, name, CurrentLA);
-# if _FFR_REJECT_LOG
now = curtime();
if (firstrejtime[d] == 0)
{
@@ -2256,13 +2264,10 @@ refuseconnections(name, e, d, active)
pintvl(now - firstrejtime[d], true));
nextlogtime[d] = now + RejectLogInterval;
}
-# endif /* _FFR_REJECT_LOG */
return true;
}
-# if _FFR_REJECT_LOG
else
firstrejtime[d] = 0;
-# endif /* _FFR_REJECT_LOG */
if (DelayLA > 0 && CurrentLA >= DelayLA)
{
@@ -3968,6 +3973,7 @@ validate_connection(sap, hostname, e)
sm_dprintf("validate_connection(%s, %s)\n",
hostname, anynet_ntoa(sap));
+ connection_rate_check(sap, e);
if (rscheck("check_relay", hostname, anynet_ntoa(sap),
e, RSF_RMCOMM|RSF_COUNT, 3, NULL, NOQID) != EX_OK)
{
@@ -5155,6 +5161,80 @@ get_num_procs_online()
return nproc;
}
/*
+** SM_CLOSEFROM -- close file descriptors
+**
+** Parameters:
+** lowest -- first fd to close
+** highest -- last fd + 1 to close
+**
+** Returns:
+** none
+*/
+
+void
+sm_closefrom(lowest, highest)
+ int lowest, highest;
+{
+#if HASCLOSEFROM
+ closefrom(lowest);
+#else /* HASCLOSEFROM */
+ int i;
+
+ for (i = lowest; i < highest; i++)
+ (void) close(i);
+#endif /* HASCLOSEFROM */
+}
+#if HASFDWALK
+/*
+** CLOSEFD_WALK -- walk fd's arranging to close them
+** Callback for fdwalk()
+**
+** Parameters:
+** lowest -- first fd to arrange to be closed
+** fd -- fd to arrange to be closed
+**
+** Returns:
+** zero
+*/
+
+static int
+closefd_walk(lowest, fd)
+ void *lowest;
+ int fd;
+{
+ if (fd >= *(int *)lowest)
+ (void) fcntl(fd, F_SETFD, FD_CLOEXEC);
+ return 0;
+}
+#endif /* HASFDWALK */
+/*
+** SM_CLOSE_ON_EXEC -- arrange for file descriptors to be closed
+**
+** Parameters:
+** lowest -- first fd to arrange to be closed
+** highest -- last fd + 1 to arrange to be closed
+**
+** Returns:
+** none
+*/
+
+void
+sm_close_on_exec(highest, lowest)
+ int highest, lowest;
+{
+#if HASFDWALK
+ (void) fdwalk(closefd_walk, &lowest);
+#else /* HASFDWALK */
+ int i, j;
+
+ for (i = lowest; i < highest; i++)
+ {
+ if ((j = fcntl(i, F_GETFD, 0)) != -1)
+ (void) fcntl(i, F_SETFD, j | FD_CLOEXEC);
+ }
+#endif /* HASFDWALK */
+}
+/*
** SEED_RANDOM -- seed the random number generator
**
** Parameters:
@@ -5536,6 +5616,9 @@ link(source, target)
char *CompileOptions[] =
{
+#if ALLOW_255
+ "ALLOW_255",
+#endif /* ALLOW_255 */
#if NAMED_BIND
# if DNSMAP
"DNSMAP",
@@ -5638,6 +5721,9 @@ char *CompileOptions[] =
#if SMTPDEBUG
"SMTPDEBUG",
#endif /* SMTPDEBUG */
+#if SOCKETMAP
+ "SOCKETMAP",
+#endif /* SOCKETMAP */
#if STARTTLS
"STARTTLS",
#endif /* STARTTLS */
@@ -5659,6 +5745,9 @@ char *CompileOptions[] =
#if USE_LDAP_INIT
"USE_LDAP_INIT",
#endif /* USE_LDAP_INIT */
+#if USE_TTYPATH
+ "USE_TTYPATH",
+#endif /* USE_TTYPATH */
#if XDEBUG
"XDEBUG",
#endif /* XDEBUG */
@@ -5678,9 +5767,6 @@ char *OsCompileOptions[] =
#if ADDRCONFIG_IS_BROKEN
"ADDRCONFIG_IS_BROKEN",
#endif /* ADDRCONFIG_IS_BROKEN */
-#if ALLOW_255
- "ALLOW_255",
-#endif /* ALLOW_255 */
#ifdef AUTO_NETINFO_HOSTS
"AUTO_NETINFO_HOSTS",
#endif /* AUTO_NETINFO_HOSTS */
@@ -5702,12 +5788,18 @@ char *OsCompileOptions[] =
#if FAST_PID_RECYCLE
"FAST_PID_RECYCLE",
#endif /* FAST_PID_RECYCLE */
+#if HASCLOSEFROM
+ "HASCLOSEFROM",
+#endif /* HASCLOSEFROM */
#if HASFCHOWN
"HASFCHOWN",
#endif /* HASFCHOWN */
#if HASFCHMOD
"HASFCHMOD",
#endif /* HASFCHMOD */
+#if HASFDWALK
+ "HASFDWALK",
+#endif /* HASFDWALK */
#if HASFLOCK
"HASFLOCK",
#endif /* HASFLOCK */
@@ -5885,20 +5977,11 @@ char *OsCompileOptions[] =
char *FFRCompileOptions[] =
{
-#if _FFR_ADAPTIVE_EOL
- /* tries to be smart about \r\n versus \n from broken clients */
- /* known to be broken, do not use */
- "_FFR_ADAPTIVE_EOL",
-#endif /* _FFR_ADAPTIVE_EOL */
#if _FFR_ALLOW_SASLINFO
/* DefaultAuthInfo can be specified by user. */
- /* DefaultAuthInfo doesn't really work in 8.12 anymore. */
+ /* DefaultAuthInfo doesn't really work in 8.13 anymore. */
"_FFR_ALLOW_SASLINFO",
#endif /* _FFR_ALLOW_SASLINFO */
-#if _FFR_ALLOW_S0_ERROR_4XX
- /* Allow for tempfail from S0 (ruleset 0). */
- "_FFR_ALLOW_S0_ERROR_4XX",
-#endif /* _FFR_ALLOW_S0_ERROR_4XX */
#if _FFR_BESTMX_BETTER_TRUNCATION
/* Better truncation of list of MX records for dns map. */
"_FFR_BESTMX_BETTER_TRUNCATION",
@@ -5911,19 +5994,10 @@ char *FFRCompileOptions[] =
"_FFR_BLOCK_PROXIES",
#endif /* _FFR_BLOCK_PROXIES */
-#if _FFR_CACHE_LPC
- /* Cache connections to LCP based mailers */
-/* Christophe Wolfhugel of France Telecom Oleane */
- "_FFR_CACHE_LPC",
-#endif /* _FFR_CACHE_LPC */
#if _FFR_CATCH_BROKEN_MTAS
/* Deal with MTAs that send a reply during the DATA phase. */
"_FFR_CATCH_BROKEN_MTAS",
#endif /* _FFR_CATCH_BROKEN_MTAS */
-#if _FFR_CATCH_LONG_STRINGS
- /* Report long address strings instead of silently ignoring them. */
- "_FFR_CATCH_LONG_STRINGS",
-#endif /* _FFR_CATCH_LONG_STRINGS */
#if _FFR_CHECK_EOM
/* Enable check_eom ruleset */
"_FFR_CHECK_EOM",
@@ -5940,6 +6014,10 @@ char *FFRCompileOptions[] =
/* Extended daemon status. */
"_FFR_CONTROL_MSTAT",
#endif /* _FFR_CONTROL_MSTAT */
+#if _FFR_CRLPATH
+ /* CRLPath; needs documentation; Al Smith */
+ "_FFR_CRLPATH",
+#endif /* _FFR_CRLPATH */
#if _FFR_DAEMON_NETUNIX
/* Allow local (not just TCP) socket connection to server. */
"_FFR_DAEMON_NETUNIX",
@@ -5978,11 +6056,6 @@ char *FFRCompileOptions[] =
/* Enable DontLockFilesForRead option. */
"_FFR_DONTLOCKFILESFORREAD_OPTION",
#endif /* _FFR_DONTLOCKFILESFORREAD_OPTION */
-#if _FFR_DONT_STOP_LOOKING
- /* Continue with DNS lookups on ECONNREFUSED and TRY_AGAIN. */
-/* Noted by Neil Rickert of Northern Illinois University */
- "_FFR_DONT_STOP_LOOKING",
-#endif /* _FFR_DONT_STOP_LOOKING */
#if _FFR_DOTTED_USERNAMES
/* Allow usernames with '.' */
"_FFR_DOTTED_USERNAMES",
@@ -6033,6 +6106,10 @@ char *FFRCompileOptions[] =
/* Set 'h' in {addr_type} for headers. */
"_FFR_HDR_TYPE",
#endif /* _FFR_HDR_TYPE */
+#if _FFR_HELONAME
+ /* option to set heloname; Nik Clayton of FreeBSD */
+ "_FFR_HELONAME",
+#endif /* _FFR_HELONAME */
#if _FFR_HPUX_NSSWITCH
/* Use nsswitch on HP-UX */
"_FFR_HPUX_NSSWITCH",
@@ -6045,19 +6122,16 @@ char *FFRCompileOptions[] =
/* Ignore extensions offered in response to HELO */
"_FFR_IGNORE_EXT_ON_HELO",
#endif /* _FFR_IGNORE_EXT_ON_HELO */
-#if _FFR_LDAP_RECURSION
- /* Support LDAP recursion in LDAP responses */
-/* Andrew Baucom */
- "_FFR_LDAP_RECURSION",
-#endif /* _FFR_LDAP_RECURSION */
-#if _FFR_LDAP_SETVERSION
- /* New LDAP map option for setting LDAP protocol version */
- "_FFR_LDAP_SETVERSION",
-#endif /* _FFR_LDAP_SETVERSION */
-#if _FFR_LDAP_URI
- /* Support LDAP URI form of specifying host/port (and allows ldaps) */
- "_FFR_LDAP_URI",
-#endif /* _FFR_LDAP_URI */
+#if _FFR_MAXDATASIZE
+ /*
+ ** It is possible that a header is larger than MILTER_CHUNK_SIZE,
+ ** hence this shouldn't be used as limit for milter communication.
+ ** see also libmilter/comm.c
+ ** Gurusamy Sarathy of ActiveState
+ */
+
+ "_FFR_MAXDATASIZE"
+#endif /* _FFR_MAXDATASIZE */
#if _FFR_MAX_FORWARD_ENTRIES
/* Try to limit number of .forward entries */
/* (doesn't work) */
@@ -6068,24 +6142,20 @@ char *FFRCompileOptions[] =
/* Limit sleep(2) time in libsm/clock.c */
"_FFR_MAX_SLEEP_TIME",
#endif /* _FFR_MAX_SLEEP_TIME */
-#if _FFR_MESSAGEID_MACRO
- /* stick the message ID header's value in a macro */
- "_FFR_MESSAGEID_MACRO",
-#endif /* _FFR_MESSAGEID_MACRO */
-#if MILTER
-# if _FFR_MILTER_421
- /* If a filter returns 421, close the SMTP connection */
- "_FFR_MILTER_421",
-# endif /* _FFR_MILTER_421 */
-# if _FFR_MILTER_MACROS_EOM
- /* Add an EOM macro set for milter */
- "_FFR_MILTER_MACROS_EOM",
-# endif /* _FFR_MILTER_MACROS_EOM */
-# if _FFR_MILTER_PERDAEMON
- /* Per DaemonPortOptions InputMailFilter lists */
- "_FFR_MILTER_PERDAEMON",
-# endif /* _FFR_MILTER_PERDAEMON */
-#endif /* MILTER */
+#if _FFR_MILTER_NAGLE
+ /* milter: turn off Nagle ("cork" on Linux) */
+ /* John Gardiner Myers of Proofpoint */
+ "_FFR_MILTER_NAGLE ",
+#endif /* _FFR_MILTER_NAGLE */
+#if _FFR_MILTER_NOHDR_RESP
+ /* milter: no response expected when sending headers */
+ /* John Gardiner Myers of Proofpoint */
+ "_FFR_MILTER_NOHDR_RESP",
+#endif /* _FFR_MILTER_NOHDR_RESP */
+#if _FFR_MIME7TO8_OLD
+ /* Old mime7to8 code, the new is broken for at least one example. */
+ "_FFR_MIME7TO8_OLD",
+#endif /* _FFR_MAX_SLEEP_TIME */
#if _FFR_NODELAYDSN_ON_HOLD
/* Do not issue a DELAY DSN for mailers that use the hold flag. */
/* Steven Pitzl */
@@ -6095,10 +6165,6 @@ char *FFRCompileOptions[] =
/* Disable PIPELINING, delay client if used. */
"_FFR_NO_PIPE",
#endif /* _FFR_NO_PIPE */
-#if _FFR_QUARANTINE
- /* Quarantine items in the queue */
- "_FFR_QUARANTINE",
-#endif /* _FFR_QUARANTINE */
#if _FFR_QUEUEDELAY
/* Exponential queue delay; disabled in 8.13 since it isn't used. */
"_FFR_QUEUEDELAY",
@@ -6112,16 +6178,6 @@ char *FFRCompileOptions[] =
/* Define {queue} macro. */
"_FFR_QUEUE_MACRO",
#endif /* _FFR_QUEUE_MACRO */
-#if _FFR_QUEUERETURN_DSN
- /*
- ** Provide an option for different Timeout.queue{warn,return} for
- ** DSN messages. These days, queues are filled with bounces for
- ** spam that will never make it to the sender and therefore slow
- ** down queue runs until they timeout.
- */
-
- "_FFR_QUEUERETURN_DSN",
-#endif /* _FFR_QUEUERETURN_DSN */
#if _FFR_QUEUE_RUN_PARANOIA
/* Additional checks when doing queue runs. */
"_FFR_QUEUE_RUN_PARANOIA",
@@ -6139,30 +6195,14 @@ char *FFRCompileOptions[] =
"_FFR_REDIRECTEMPTY",
#endif /* _FFR_REDIRECTEMPTY */
-#if _FFR_REJECT_LOG
- /* Log when we start/stop rejecting connections due to load, etc */
- "_FFR_REJECT_LOG",
-#endif /* _FFR_REJECT_LOG */
-#if _FFR_REQ_DIR_FSYNC_OPT
- /* Add cf option to fsync() directories */
- "_FFR_REQ_DIR_FSYNC_OPT",
-#endif /* _FFR_REQ_DIR_FSYNC_OPT */
#if _FFR_RESET_MACRO_GLOBALS
/* Allow macro 'j' to be set dynamically via rulesets. */
"_FFR_RESET_MACRO_GLOBALS",
#endif /* _FFR_RESET_MACRO_GLOBALS */
-#if _FFR_RESPOND_ALL
- /* in vacation: respond to every message, not just once per interval */
- "_FFR_RESPOND_ALL",
-#endif /* _FFR_RESPOND_ALL */
#if _FFR_RHS
/* Random shuffle for queue sorting. */
"_FFR_RHS",
#endif /* _FFR_RHS */
-#if _FFR_SASL_OPT_M
- /* Support SASL's SASL_SEC_MUTUAL_AUTH option */
- "_FFR_SASL_OPT_M",
-#endif /* _FFR_SASL_OPT_M */
#if _FFR_SELECT_SHM
/* Auto-select of shared memory key */
"_FFR_SELECT_SHM",
@@ -6171,18 +6211,14 @@ char *FFRCompileOptions[] =
/* Donated code (unused). */
"_FFR_SHM_STATUS",
#endif /* _FFR_SHM_STATUS */
+#if _FFR_SKIP_DOMAINS
+ /* process every N'th domain instead of every N'th message */
+ "_FFR_SKIP_DOMAINS"
+#endif /* _FFR_SKIP_DOMAINS */
#if _FFR_SLEEP_USE_SELECT
/* Use select(2) in libsm/clock.c to emulate sleep(2) */
"_FFR_SLEEP_USE_SELECT ",
#endif /* _FFR_SLEEP_USE_SELECT */
-#if _FFR_SMFI_OPENSOCKET
- /* libmilter: smfi_opensocket() to force the socket open early */
- "_FFR_SMFI_OPENSOCKET",
-#endif /* _FFR_SMFI_OPENSOCKET */
-#if _FFR_SMTP_SSL
- /* Support for smtps (SMTP over SSL) */
- "_FFR_SMTP_SSL",
-#endif /* _FFR_SMTP_SSL */
#if _FFR_SOFT_BOUNCE
/* Turn all errors into temporary errors. */
"_FFR_SOFT_BOUNCE",
@@ -6199,14 +6235,6 @@ char *FFRCompileOptions[] =
/* Chris Adams of HiWAAY Informations Services */
"_FFR_SPT_ALIGN",
#endif /* _FFR_SPT_ALIGN */
-#if _FFR_STRIPBACKSL
- /*
- ** Strip backslash from addresses (so sender doesn't
- ** decide to ignore forward)
- */
-
- "_FFR_STRIPBACKSL",
-#endif /* _FFR_STRIPBACKSL */
#if _FFR_TIMERS
/* Donated code (unused). */
"_FFR_TIMERS",
diff --git a/contrib/sendmail/src/conf.h b/contrib/sendmail/src/conf.h
index 0675c2dd92a0..77577c4aaa63 100644
--- a/contrib/sendmail/src/conf.h
+++ b/contrib/sendmail/src/conf.h
@@ -10,7 +10,7 @@
* the sendmail distribution.
*
*
- * $Id: conf.h,v 8.563.2.3 2002/10/31 03:28:36 ca Exp $
+ * $Id: conf.h,v 8.567 2004/07/23 20:45:01 gshapiro Exp $
*/
/*
@@ -145,6 +145,16 @@ struct rusage; /* forward declaration to get gcc to shut up in wait.h */
# define DBMMODE 0640
#endif /* ! DBMMODE */
+/*
+** Value which means a uid or gid value should not change
+*/
+
+#ifndef NO_UID
+# define NO_UID -1
+#endif /* ! NO_UID */
+#ifndef NO_GID
+# define NO_GID -1
+#endif /* ! NO_GID */
/**********************************************************************
** Compilation options.
diff --git a/contrib/sendmail/src/control.c b/contrib/sendmail/src/control.c
index d93f0cf80122..60eab3ca328e 100644
--- a/contrib/sendmail/src/control.c
+++ b/contrib/sendmail/src/control.c
@@ -10,7 +10,7 @@
#include <sendmail.h>
-SM_RCSID("@(#)$Id: control.c,v 8.118.4.8 2003/06/24 17:45:27 ca Exp $")
+SM_RCSID("@(#)$Id: control.c,v 8.125 2003/06/24 17:46:06 ca Exp $")
#include <sm/fdset.h>
diff --git a/contrib/sendmail/src/daemon.c b/contrib/sendmail/src/daemon.c
index 88c55cdc5339..c5939013fe2d 100644
--- a/contrib/sendmail/src/daemon.c
+++ b/contrib/sendmail/src/daemon.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers.
+ * Copyright (c) 1998-2004 Sendmail, Inc. and its suppliers.
* All rights reserved.
* Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved.
* Copyright (c) 1988, 1993
@@ -13,7 +13,7 @@
#include <sendmail.h>
-SM_RCSID("@(#)$Id: daemon.c,v 8.613.2.20 2003/11/25 19:02:24 ca Exp $")
+SM_RCSID("@(#)$Id: daemon.c,v 8.649 2004/07/14 21:57:52 ca Exp $")
#if defined(SOCK_STREAM) || defined(__GNU_LIBRARY__)
# define USE_SOCK_STREAM 1
@@ -74,10 +74,8 @@ struct daemon
char *d_mflags; /* flags for use in macro */
char *d_name; /* user-supplied name */
#if MILTER
-# if _FFR_MILTER_PERDAEMON
char *d_inputfilterlist;
struct milter *d_inputfilters[MAXFILTERS];
-# endif /* _FFR_MILTER_PERDAEMON */
#endif /* MILTER */
};
@@ -212,7 +210,7 @@ getrequests(e)
#endif /* XDEBUG */
/* Add parent process as first item */
- proc_list_add(CurrentPid, "Sendmail daemon", PROC_DAEMON, 0, -1);
+ proc_list_add(CurrentPid, "Sendmail daemon", PROC_DAEMON, 0, -1, NULL);
if (tTd(15, 1))
{
@@ -280,6 +278,7 @@ getrequests(e)
/* May have been sleeping above, check again */
CHECK_RESTART;
+
getrequests_checkdiskspace(e);
#if XDEBUG
@@ -490,6 +489,21 @@ getrequests(e)
if (t < 0)
{
errno = save_errno;
+
+ /* let's ignore these temporary errors */
+ if (save_errno == EINTR
+#ifdef EAGAIN
+ || save_errno == EAGAIN
+#endif /* EAGAIN */
+#ifdef ECONNABORTED
+ || save_errno == ECONNABORTED
+#endif /* ECONNABORTED */
+#ifdef EWOULDBLOCK
+ || save_errno == EWOULDBLOCK
+#endif /* EWOULDBLOCK */
+ )
+ continue;
+
syserr("getrequests: accept");
/* arrange to re-open the socket next time around */
@@ -568,6 +582,16 @@ getrequests(e)
}
/*
+ ** If connection rate is exceeded here, connection shall be
+ ** refused later by a new call after fork() by the
+ ** validate_connection() function. Closing the connection
+ ** at this point violates RFC 2821.
+ ** Do NOT remove this call, its side effects are needed.
+ */
+
+ connection_rate_check(&RealHostAddr, NULL);
+
+ /*
** Create a subprocess to process the mail.
*/
@@ -594,13 +618,13 @@ getrequests(e)
#if NAMED_BIND
/*
- ** Update MX records for FallBackMX.
+ ** Update MX records for FallbackMX.
** Let's hope this is fast otherwise we screw up the
** response time.
*/
- if (FallBackMX != NULL)
- (void) getfallbackmxrr(FallBackMX);
+ if (FallbackMX != NULL)
+ (void) getfallbackmxrr(FallbackMX);
#endif /* NAMED_BIND */
if (tTd(93, 100))
@@ -655,6 +679,7 @@ getrequests(e)
ShutdownRequest = NULL;
PendingSignal = 0;
CurrentPid = getpid();
+ close_sendmail_pid();
(void) sm_releasesignal(SIGALRM);
(void) sm_releasesignal(SIGCHLD);
@@ -697,7 +722,7 @@ getrequests(e)
/* Add control socket process */
proc_list_add(CurrentPid,
"console socket child",
- PROC_CONTROL_CHILD, 0, -1);
+ PROC_CONTROL_CHILD, 0, -1, NULL);
}
else
{
@@ -708,7 +733,7 @@ getrequests(e)
/* Add parent process as first child item */
proc_list_add(CurrentPid, "daemon child",
- PROC_DAEMON_CHILD, 0, -1);
+ PROC_DAEMON_CHILD, 0, -1, NULL);
/* don't schedule queue runs if ETRN */
QueueIntvl = 0;
@@ -759,21 +784,23 @@ getrequests(e)
h_errno == TRY_AGAIN ? "TEMP" : "FAIL");
}
else
+ {
macdefine(&BlankEnvelope.e_macro, A_PERM,
- macid("{client_resolve}"), "OK");
+ macid("{client_resolve}"), "OK");
+ }
sm_setproctitle(true, e, "startup with %s", p);
markstats(e, NULL, STATS_CONNECT);
if ((inchannel = sm_io_open(SmFtStdiofd,
SM_TIME_DEFAULT,
(void *) &t,
- SM_IO_RDONLY,
+ SM_IO_RDONLY_B,
NULL)) == NULL ||
(t = dup(t)) < 0 ||
(outchannel = sm_io_open(SmFtStdiofd,
SM_TIME_DEFAULT,
(void *) &t,
- SM_IO_WRONLY,
+ SM_IO_WRONLY_B,
NULL)) == NULL)
{
syserr("cannot open SMTP server channel, fd=%d",
@@ -856,14 +883,15 @@ getrequests(e)
{
(void) sm_snprintf(status, sizeof status,
"control socket server child");
- proc_list_add(pid, status, PROC_CONTROL, 0, -1);
+ proc_list_add(pid, status, PROC_CONTROL, 0, -1, NULL);
}
else
{
(void) sm_snprintf(status, sizeof status,
"SMTP server child for %s",
anynet_ntoa(&RealHostAddr));
- proc_list_add(pid, status, PROC_DAEMON, 0, -1);
+ proc_list_add(pid, status, PROC_DAEMON, 0, -1,
+ &RealHostAddr);
}
(void) sm_releasesignal(SIGCHLD);
@@ -888,7 +916,6 @@ getrequests(e)
sm_dprintf("getreq: returning\n");
#if MILTER
-# if _FFR_MILTER_PERDAEMON
/* set the filters for this daemon */
if (Daemons[curdaemon].d_inputfilterlist != NULL)
{
@@ -902,7 +929,6 @@ getrequests(e)
if (i < MAXFILTERS)
InputFilters[i] = NULL;
}
-# endif /* _FFR_MILTER_PERDAEMON */
#endif /* MILTER */
return &Daemons[curdaemon].d_flags;
}
@@ -1465,11 +1491,9 @@ setsockaddroptions(p, d)
break;
#if MILTER
-# if _FFR_MILTER_PERDAEMON
case 'I':
d->d_inputfilterlist = v;
break;
-# endif /* _FFR_MILTER_PERDAEMON */
#endif /* MILTER */
case 'P': /* port */
@@ -1711,9 +1735,7 @@ static struct dflags DaemonFlags[] =
{ "IFNHELO", D_IFNHELO },
{ "FQMAIL", D_FQMAIL },
{ "FQRCPT", D_FQRCPT },
-#if _FFR_SMTP_SSL
{ "SMTPS", D_SMTPS },
-#endif /* _FFR_SMTP_SSL */
{ "UNQUALOK", D_UNQUALOK },
{ "NOAUTH", D_NOAUTH },
{ "NOCANON", D_NOCANON },
@@ -1738,15 +1760,13 @@ printdaemonflags(d)
if (!bitnset(df->d_flag, d->d_flags))
continue;
if (first)
- (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, "<%s",
- df->d_name);
+ sm_dprintf("<%s", df->d_name);
else
- (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, ",%s",
- df->d_name);
+ sm_dprintf(",%s", df->d_name);
first = false;
}
if (!first)
- (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, ">");
+ sm_dprintf(">");
}
bool
@@ -1761,10 +1781,8 @@ setdaemonoptions(p)
setsockaddroptions(p, &Daemons[NDaemons]);
#if MILTER
-# if _FFR_MILTER_PERDAEMON
if (Daemons[NDaemons].d_inputfilterlist != NULL)
Daemons[NDaemons].d_inputfilterlist = newstr(Daemons[NDaemons].d_inputfilterlist);
-# endif /* _FFR_MILTER_PERDAEMON */
#endif /* MILTER */
if (Daemons[NDaemons].d_name != NULL)
@@ -1929,7 +1947,6 @@ chkclientmodifiers(flag)
}
#if MILTER
-# if _FFR_MILTER_PERDAEMON
/*
** SETUP_DAEMON_FILTERS -- Parse per-socket filters
**
@@ -1961,7 +1978,6 @@ setup_daemon_milters()
}
}
}
-# endif /* _FFR_MILTER_PERDAEMON */
#endif /* MILTER */
/*
** MAKECONNECTION -- make a connection to an SMTP socket on a machine.
@@ -2673,11 +2689,11 @@ nextaddr:
mci->mci_out = NULL;
if ((mci->mci_out = sm_io_open(SmFtStdiofd, SM_TIME_DEFAULT,
(void *) &s,
- SM_IO_WRONLY, NULL)) == NULL ||
+ SM_IO_WRONLY_B, NULL)) == NULL ||
(s = dup(s)) < 0 ||
(mci->mci_in = sm_io_open(SmFtStdiofd, SM_TIME_DEFAULT,
(void *) &s,
- SM_IO_RDONLY, NULL)) == NULL)
+ SM_IO_RDONLY_B, NULL)) == NULL)
{
save_errno = errno;
syserr("cannot open SMTP client channel, fd=%d", s);
@@ -2746,6 +2762,13 @@ nextaddr:
macdefine(&BlankEnvelope.e_macro, A_PERM,
macid("{if_family_out}"), NULL);
}
+
+#if _FFR_HELONAME
+ /* Use the configured HeloName as appropriate */
+ if (HeloName != NULL && HeloName[0] != '\0')
+ mci->mci_heloname = newstr(HeloName);
+#endif /* _FFR_HELONAME */
+
mci_setstat(mci, EX_OK, NULL, NULL);
return EX_OK;
}
@@ -2795,7 +2818,8 @@ makeconnection_ds(mux_path, mci)
if (rval != 0)
{
- syserr("makeconnection_ds: unsafe domain socket");
+ syserr("makeconnection_ds: unsafe domain socket %s",
+ mux_path);
mci_setstat(mci, EX_TEMPFAIL, "4.3.5", NULL);
errno = rval;
return EX_TEMPFAIL;
@@ -2807,7 +2831,8 @@ makeconnection_ds(mux_path, mci)
if (strlen(mux_path) >= sizeof unix_addr.sun_path)
{
- syserr("makeconnection_ds: domain socket name too long");
+ syserr("makeconnection_ds: domain socket name %s too long",
+ mux_path);
/* XXX why TEMPFAIL but 5.x.y ? */
mci_setstat(mci, EX_TEMPFAIL, "5.3.5", NULL);
@@ -2822,7 +2847,8 @@ makeconnection_ds(mux_path, mci)
if (sock == -1)
{
save_errno = errno;
- syserr("makeconnection_ds: could not create domain socket");
+ syserr("makeconnection_ds: could not create domain socket %s",
+ mux_path);
mci_setstat(mci, EX_TEMPFAIL, "4.4.5", NULL);
errno = save_errno;
return EX_TEMPFAIL;
@@ -2843,11 +2869,11 @@ makeconnection_ds(mux_path, mci)
/* connection ok, put it into canonical form */
mci->mci_out = NULL;
if ((mci->mci_out = sm_io_open(SmFtStdiofd, SM_TIME_DEFAULT,
- (void *) &sock, SM_IO_WRONLY, NULL))
+ (void *) &sock, SM_IO_WRONLY_B, NULL))
== NULL
|| (sock = dup(sock)) < 0 ||
(mci->mci_in = sm_io_open(SmFtStdiofd, SM_TIME_DEFAULT,
- (void *) &sock, SM_IO_RDONLY, NULL))
+ (void *) &sock, SM_IO_RDONLY_B, NULL))
== NULL)
{
save_errno = errno;
@@ -2891,8 +2917,8 @@ shutdown_daemon()
ShutdownRequest = NULL;
PendingSignal = 0;
- if (LogLevel > 79)
- sm_syslog(LOG_DEBUG, CurEnv->e_id, "interrupt (%s)",
+ if (LogLevel > 9)
+ sm_syslog(LOG_INFO, CurEnv->e_id, "stopping daemon, reason=%s",
reason == NULL ? "implicit call" : reason);
FileName = NULL;
@@ -2964,7 +2990,6 @@ void
restart_daemon()
{
bool drop;
- int i;
int save_errno;
char *reason;
sigfunc_t ignore, oalrm, ousr1;
@@ -2996,6 +3021,9 @@ restart_daemon()
cleanup_shm(DaemonPid == getpid());
#endif /* SM_CONF_SHM */
+ /* close locked pid file */
+ close_sendmail_pid();
+
/*
** Want to drop to the user who started the process in all cases
** *but* when running as "smmsp" for the clientmqueue queue run
@@ -3016,14 +3044,7 @@ restart_daemon()
/* NOTREACHED */
}
- /* arrange for all the files to be closed */
- for (i = 3; i < DtableSize; i++)
- {
- register int j;
-
- if ((j = fcntl(i, F_GETFD, 0)) != -1)
- (void) fcntl(i, F_SETFD, j | FD_CLOEXEC);
- }
+ sm_close_on_exec(STDERR_FILENO + 1, DtableSize);
/*
** Need to allow signals before execve() to make them "harmless".
@@ -3340,6 +3361,7 @@ getauthinfo(fd, may_be_forged)
hp = sm_gethostbyname(RealHostName, family);
if (hp == NULL)
{
+ /* XXX: Could be a temporary error on forward lookup */
*may_be_forged = true;
}
else
@@ -3826,7 +3848,7 @@ host_map_lookup(map, name, av, statp)
return NULL;
if (s->s_namecanon.nc_cname == NULL)
{
- syserr("host_map_lookup(%s): bogus NULL cache entry, errno = %d, h_errno = %d",
+ syserr("host_map_lookup(%s): bogus NULL cache entry, errno=%d, h_errno=%d",
name,
s->s_namecanon.nc_errno,
s->s_namecanon.nc_herrno);
diff --git a/contrib/sendmail/src/deliver.c b/contrib/sendmail/src/deliver.c
index eb98f8374984..5839cbe6a4c5 100644
--- a/contrib/sendmail/src/deliver.c
+++ b/contrib/sendmail/src/deliver.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers.
+ * Copyright (c) 1998-2004 Sendmail, Inc. and its suppliers.
* All rights reserved.
* Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved.
* Copyright (c) 1988, 1993
@@ -14,7 +14,7 @@
#include <sendmail.h>
#include <sys/time.h>
-SM_RCSID("@(#)$Id: deliver.c,v 8.940.2.20 2003/09/26 18:26:19 ca Exp $")
+SM_RCSID("@(#)$Id: deliver.c,v 8.976 2004/07/23 20:45:01 gshapiro Exp $")
#if HASSETUSERCONTEXT
# include <login_cap.h>
@@ -123,11 +123,11 @@ sendall(e, mode)
{
sm_dprintf("\n===== SENDALL: mode %c, id %s, e_from ",
mode, e->e_id);
- printaddr(&e->e_from, false);
+ printaddr(sm_debug_file(), &e->e_from, false);
sm_dprintf("\te_flags = ");
printenvflags(e);
sm_dprintf("sendqueue:\n");
- printaddr(e->e_sendqueue, true);
+ printaddr(sm_debug_file(), e->e_sendqueue, true);
}
/*
@@ -184,7 +184,7 @@ sendall(e, mode)
if (tTd(13, 5))
{
sm_dprintf("sendall: QS_SENDER ");
- printaddr(&e->e_from, false);
+ printaddr(sm_debug_file(), &e->e_from, false);
}
e->e_from.q_state = QS_SENDER;
(void) recipient(&e->e_from, &e->e_sendqueue, 0, e);
@@ -215,7 +215,7 @@ sendall(e, mode)
if (tTd(13, 25))
{
sm_dprintf("\nAfter first owner pass, sendq =\n");
- printaddr(e->e_sendqueue, true);
+ printaddr(sm_debug_file(), e->e_sendqueue, true);
}
owner = "";
@@ -233,7 +233,7 @@ sendall(e, mode)
if (tTd(13, 30))
{
sm_dprintf("Checking ");
- printaddr(q, false);
+ printaddr(sm_debug_file(), q, false);
}
if (QS_IS_DEAD(q->q_state))
{
@@ -244,7 +244,7 @@ sendall(e, mode)
if (tTd(13, 29) && !tTd(13, 30))
{
sm_dprintf("Checking ");
- printaddr(q, false);
+ printaddr(sm_debug_file(), q, false);
}
if (q->q_owner != NULL)
@@ -304,8 +304,8 @@ sendall(e, mode)
** set, send directly to the fallback MX host.
*/
- if (FallBackMX != NULL &&
- !wordinclass(FallBackMX, 'w') &&
+ if (FallbackMX != NULL &&
+ !wordinclass(FallbackMX, 'w') &&
mode != SM_VERIFY &&
!bitnset(M_NOMX, m->m_flags) &&
strcmp(m->m_mailer, "[IPC]") == 0 &&
@@ -316,11 +316,11 @@ sendall(e, mode)
char *p;
if (tTd(13, 30))
- sm_dprintf(" ... FallBackMX\n");
+ sm_dprintf(" ... FallbackMX\n");
- len = strlen(FallBackMX) + 1;
+ len = strlen(FallbackMX) + 1;
p = sm_rpool_malloc_x(e->e_rpool, len);
- (void) sm_strlcpy(p, FallBackMX, len);
+ (void) sm_strlcpy(p, FallbackMX, len);
q->q_state = QS_OK;
q->q_host = p;
}
@@ -359,7 +359,6 @@ sendall(e, mode)
q->q_state = QS_QUEUEUP;
expensive = true;
}
-#if _FFR_QUARANTINE
else if (QueueMode != QM_QUARANTINE &&
e->e_quarmsg != NULL)
{
@@ -369,7 +368,6 @@ sendall(e, mode)
q->q_state = QS_QUEUEUP;
expensive = true;
}
-#endif /* _FFR_QUARANTINE */
else
{
if (tTd(13, 30))
@@ -407,7 +405,7 @@ sendall(e, mode)
if (tTd(13, 5))
{
sm_dprintf("sendall(split): QS_SENDER ");
- printaddr(&ee->e_from, false);
+ printaddr(sm_debug_file(), &ee->e_from, false);
}
ee->e_from.q_state = QS_SENDER;
ee->e_dfp = NULL;
@@ -418,11 +416,9 @@ sendall(e, mode)
ee->e_errormode = EM_MAIL;
ee->e_sibling = splitenv;
ee->e_statmsg = NULL;
-#if _FFR_QUARANTINE
if (e->e_quarmsg != NULL)
ee->e_quarmsg = sm_rpool_strdup_x(ee->e_rpool,
e->e_quarmsg);
-#endif /* _FFR_QUARANTINE */
splitenv = ee;
for (q = e->e_sendqueue; q != NULL; q = q->q_next)
@@ -485,7 +481,7 @@ sendall(e, mode)
if (tTd(13, 5))
{
sm_dprintf("sendall(owner): QS_SENDER ");
- printaddr(&e->e_from, false);
+ printaddr(sm_debug_file(), &e->e_from, false);
}
e->e_from.q_state = QS_SENDER;
e->e_errormode = EM_MAIL;
@@ -517,7 +513,9 @@ sendall(e, mode)
}
if ((WILL_BE_QUEUED(mode) || mode == SM_FORK ||
- (mode != SM_VERIFY && SuperSafe == SAFE_REALLY)) &&
+ (mode != SM_VERIFY &&
+ (SuperSafe == SAFE_REALLY ||
+ SuperSafe == SAFE_REALLY_POSTMILTER))) &&
(!bitset(EF_INQUEUE, e->e_flags) || splitenv != NULL))
{
bool msync;
@@ -555,12 +553,12 @@ sendall(e, mode)
sm_dprintf("\n================ Final Send Queue(s) =====================\n");
sm_dprintf("\n *** Envelope %s, e_from=%s ***\n",
e->e_id, e->e_from.q_paddr);
- printaddr(e->e_sendqueue, true);
+ printaddr(sm_debug_file(), e->e_sendqueue, true);
for (ee = splitenv; ee != NULL; ee = ee->e_sibling)
{
sm_dprintf("\n *** Envelope %s, e_from=%s ***\n",
ee->e_id, ee->e_from.q_paddr);
- printaddr(ee->e_sendqueue, true);
+ printaddr(sm_debug_file(), ee->e_sendqueue, true);
}
sm_dprintf("==========================================================\n\n");
}
@@ -623,6 +621,7 @@ sendall(e, mode)
/* and save qid for reacquisition */
ee->e_id = qid;
}
+
#endif /* !HASFLOCK */
/*
@@ -953,10 +952,8 @@ sync_dir(filename, panic)
char *dirp;
char dir[MAXPATHLEN];
-#if _FFR_REQ_DIR_FSYNC_OPT
if (!RequiresDirfsync)
return;
-#endif /* _FFR_REQ_DIR_FSYNC_OPT */
/* filesystems which require the directory be synced */
dirp = strrchr(filename, '/');
@@ -1180,6 +1177,50 @@ coloncmp(a, b)
return ret;
}
+
+/*
+** SHOULD_TRY_FBSH -- Should try FallbackSmartHost?
+**
+** Parameters:
+** e -- envelope
+** tried_fallbacksmarthost -- has been tried already? (in/out)
+** hostbuf -- buffer for hostname (expand FallbackSmartHost) (out)
+** hbsz -- size of hostbuf
+** status -- current delivery status
+**
+** Returns:
+** true iff FallbackSmartHost should be tried.
+*/
+
+static bool
+should_try_fbsh(e, tried_fallbacksmarthost, hostbuf, hbsz, status)
+ ENVELOPE *e;
+ bool *tried_fallbacksmarthost;
+ char *hostbuf;
+ size_t hbsz;
+ int status;
+{
+ /*
+ ** If the host was not found and a FallbackSmartHost is defined
+ ** (and we have not yet tried it), then make one last try with
+ ** it as the host.
+ */
+
+ if (status == EX_NOHOST && FallbackSmartHost != NULL &&
+ !*tried_fallbacksmarthost)
+ {
+ *tried_fallbacksmarthost = true;
+ expand(FallbackSmartHost, hostbuf, hbsz, e);
+ if (!wordinclass(hostbuf, 'w'))
+ {
+ if (tTd(11, 1))
+ sm_dprintf("one last try with FallbackSmartHost %s\n",
+ hostbuf);
+ return true;
+ }
+ }
+ return false;
+}
/*
** DELIVER -- Deliver a message to a list of addresses.
**
@@ -1241,13 +1282,6 @@ coloncmp(a, b)
** The standard input is passed off to someone.
*/
-#ifndef NO_UID
-# define NO_UID -1
-#endif /* ! NO_UID */
-#ifndef NO_GID
-# define NO_GID -1
-#endif /* ! NO_GID */
-
static int
deliver(e, firstto)
register ENVELOPE *e;
@@ -1284,9 +1318,7 @@ deliver(e, firstto)
bool anyok; /* at least one address was OK */
SM_NONVOLATILE bool goodmxfound = false; /* at least one MX was OK */
bool ovr;
-#if _FFR_QUARANTINE
bool quarantine;
-#endif /* _FFR_QUARANTINE */
int strsize;
int rcptcount;
int ret;
@@ -1327,6 +1359,7 @@ deliver(e, firstto)
if (bitset(EF_RESPONSE, e->e_flags))
{
macdefine(&e->e_macro, A_PERM, macid("{client_name}"), "");
+ macdefine(&e->e_macro, A_PERM, macid("{client_ptr}"), "");
macdefine(&e->e_macro, A_PERM, macid("{client_addr}"), "");
macdefine(&e->e_macro, A_PERM, macid("{client_port}"), "");
macdefine(&e->e_macro, A_PERM, macid("{client_resolve}"), "");
@@ -1369,6 +1402,10 @@ deliver(e, firstto)
pvp = pv;
*pvp++ = m->m_argv[0];
+ /* ignore long term host status information if mailer flag W is set */
+ if (bitnset(M_NOHOSTSTAT, m->m_flags))
+ IgnoreHostStatus = true;
+
/* insert -f or -r flag as appropriate */
if (FromFlag &&
(bitnset(M_FOPT, m->m_flags) ||
@@ -1507,7 +1544,7 @@ deliver(e, firstto)
if (tTd(10, 1))
{
sm_dprintf("\nsend to ");
- printaddr(to, false);
+ printaddr(sm_debug_file(), to, false);
}
/* compute effective uid/gid when sending */
@@ -1521,7 +1558,7 @@ deliver(e, firstto)
if (tTd(10, 2))
{
sm_dprintf("ctladdr=");
- printaddr(ctladdr, false);
+ printaddr(sm_debug_file(), ctladdr, false);
}
user = to->q_user;
@@ -1555,9 +1592,7 @@ deliver(e, firstto)
ovr = true;
/* do config file checking of compatibility */
-#if _FFR_QUARANTINE
quarantine = (e->e_quarmsg != NULL);
-#endif /* _FFR_QUARANTINE */
rcode = rscheck("check_compat", e->e_from.q_paddr, to->q_paddr,
e, RSF_RMCOMM|RSF_COUNT, 3, NULL,
e->e_id);
@@ -1577,7 +1612,6 @@ deliver(e, firstto)
NULL, ctladdr, xstart, e, to);
continue;
}
-#if _FFR_QUARANTINE
if (!quarantine && e->e_quarmsg != NULL)
{
/*
@@ -1590,13 +1624,12 @@ deliver(e, firstto)
macdefine(&e->e_macro, A_PERM,
macid("{quarantine}"), "");
}
-#endif /* _FFR_QUARANTINE */
if (bitset(EF_DISCARD, e->e_flags))
{
if (tTd(10, 5))
{
sm_dprintf("deliver: discarding recipient ");
- printaddr(to, false);
+ printaddr(sm_debug_file(), to, false);
}
/* pretend the message was sent */
@@ -1624,7 +1657,7 @@ deliver(e, firstto)
stripquotes(user);
stripquotes(host);
}
-#if _FFR_STRIPBACKSL
+
/*
** Strip one leading backslash if requested and the
** next character is alphanumerical (the latter can
@@ -1633,7 +1666,6 @@ deliver(e, firstto)
if (bitnset(M_STRIPBACKSL, m->m_flags) && user[0] == '\\')
stripbackslash(user);
-#endif /* _FFR_STRIPBACKSL */
/* hack attack -- delivermail compatibility */
if (m == ProgMailer && *user == '|')
@@ -1827,7 +1859,7 @@ deliver(e, firstto)
if (tTd(11, 1))
{
sm_dprintf("openmailer:");
- printav(pv);
+ printav(sm_debug_file(), pv);
}
errno = 0;
SM_SET_H_ERRNO(0);
@@ -1879,7 +1911,6 @@ deliver(e, firstto)
/* check for Local Person Communication -- not for mortals!!! */
if (strcmp(m->m_mailer, "[LPC]") == 0)
{
-#if _FFR_CACHE_LPC
if (clever)
{
/* flush any expired connections */
@@ -1913,13 +1944,6 @@ deliver(e, firstto)
}
else
mci->mci_state = MCIS_OPEN;
-#else /* _FFR_CACHE_LPC */
- mci = mci_new(e->e_rpool);
- mci->mci_in = smioin;
- mci->mci_out = smioout;
- mci->mci_state = clever ? MCIS_OPENING : MCIS_OPEN;
- mci->mci_mailer = m;
-#endif /* _FFR_CACHE_LPC */
}
else if (strcmp(m->m_mailer, "[IPC]") == 0)
{
@@ -1989,6 +2013,7 @@ tryhost:
char sep = ':';
char *endp;
static char hostbuf[MAXNAME + 1];
+ bool tried_fallbacksmarthost = false;
# if NETINET6
if (*mxhosts[hostnum] == '[')
@@ -2040,6 +2065,7 @@ tryhost:
if (endp != NULL)
*endp = sep;
+ one_last_try:
/* see if we already know that this host is fried */
CurHostName = hostbuf;
mci = mci_get(hostbuf, m);
@@ -2050,7 +2076,7 @@ tryhost:
if (tTd(11, 1))
{
sm_dprintf("openmailer: ");
- mci_dump(mci, false);
+ mci_dump(sm_debug_file(), mci, false);
}
CurHostName = mci->mci_host;
if (bitnset(M_LMTP, m->m_flags))
@@ -2069,6 +2095,13 @@ tryhost:
{
if (mci->mci_exitstat == EX_TEMPFAIL)
goodmxfound = true;
+
+ /* Try FallbackSmartHost? */
+ if (should_try_fbsh(e, &tried_fallbacksmarthost,
+ hostbuf, sizeof hostbuf,
+ mci->mci_exitstat))
+ goto one_last_try;
+
continue;
}
@@ -2121,9 +2154,9 @@ tryhost:
{
int h;
# if NAMED_BIND
- extern int NumFallBackMXHosts;
+ extern int NumFallbackMXHosts;
# else /* NAMED_BIND */
- const int NumFallBackMXHosts = 0;
+ const int NumFallbackMXHosts = 0;
# endif /* NAMED_BIND */
if (hostnum < nummxhosts && LogLevel > 9)
@@ -2131,11 +2164,11 @@ tryhost:
"Timeout.to_aconnect occurred before exhausting all addresses");
/* turn off timeout if fallback available */
- if (NumFallBackMXHosts > 0)
+ if (NumFallbackMXHosts > 0)
enough = 0;
/* skip to a fallback MX host */
- h = nummxhosts - NumFallBackMXHosts;
+ h = nummxhosts - NumFallbackMXHosts;
if (hostnum < h)
hostnum = h;
}
@@ -2155,6 +2188,11 @@ tryhost:
}
else
{
+ /* Try FallbackSmartHost? */
+ if (should_try_fbsh(e, &tried_fallbacksmarthost,
+ hostbuf, sizeof hostbuf, i))
+ goto one_last_try;
+
if (tTd(11, 1))
sm_dprintf("openmailer: makeconnection => stat=%d, errno=%d\n",
i, errno);
@@ -2320,7 +2358,6 @@ tryhost:
}
else if (pid == 0)
{
- int i;
int save_errno;
int sff;
int new_euid = NO_UID;
@@ -2396,7 +2433,12 @@ tryhost:
/* reset group id */
if (bitnset(M_SPECIFIC_UID, m->m_flags))
- new_gid = m->m_gid;
+ {
+ if (m->m_gid == NO_GID)
+ new_gid = RunAsGid;
+ else
+ new_gid = m->m_gid;
+ }
else if (bitset(S_ISGID, stb.st_mode))
new_gid = stb.st_gid;
else if (ctladdr != NULL && ctladdr->q_gid != 0)
@@ -2455,7 +2497,7 @@ tryhost:
exit(EX_TEMPFAIL);
}
}
- if (m->m_gid == 0)
+ if (m->m_gid == NO_GID)
new_gid = DefGid;
else
new_gid = m->m_gid;
@@ -2507,7 +2549,10 @@ tryhost:
sm_mbdb_terminate();
if (bitnset(M_SPECIFIC_UID, m->m_flags))
{
- new_euid = m->m_uid;
+ if (m->m_uid == NO_UID)
+ new_euid = RunAsUid;
+ else
+ new_euid = m->m_uid;
/*
** Undo the effects of the uid change in main
@@ -2537,7 +2582,7 @@ tryhost:
new_ruid = stb.st_uid;
else if (ctladdr != NULL && ctladdr->q_uid != 0)
new_ruid = ctladdr->q_uid;
- else if (m->m_uid != 0)
+ else if (m->m_uid != NO_UID)
new_ruid = m->m_uid;
else
new_ruid = DefUid;
@@ -2679,14 +2724,7 @@ tryhost:
(void) close(mpvect[0]);
/* arrange for all the files to be closed */
- for (i = 3; i < DtableSize; i++)
- {
- register int j;
-
- if ((j = fcntl(i, F_GETFD, 0)) != -1)
- (void) fcntl(i, F_SETFD,
- j | FD_CLOEXEC);
- }
+ sm_close_on_exec(STDERR_FILENO + 1, DtableSize);
# if !_FFR_USE_SETLOGIN
/* run disconnected from terminal */
@@ -2743,7 +2781,7 @@ tryhost:
mci->mci_pid = pid;
(void) close(mpvect[0]);
mci->mci_out = sm_io_open(SmFtStdiofd, SM_TIME_DEFAULT,
- (void *) &(mpvect[1]), SM_IO_WRONLY,
+ (void *) &(mpvect[1]), SM_IO_WRONLY_B,
NULL);
if (mci->mci_out == NULL)
{
@@ -2758,7 +2796,7 @@ tryhost:
(void) close(rpvect[1]);
mci->mci_in = sm_io_open(SmFtStdiofd, SM_TIME_DEFAULT,
- (void *) &(rpvect[0]), SM_IO_RDONLY,
+ (void *) &(rpvect[0]), SM_IO_RDONLY_B,
NULL);
if (mci->mci_in == NULL)
{
@@ -3118,7 +3156,7 @@ reconnect: /* after switching to an encrypted connection */
/* avoid bogus error msg */
mci->mci_errno = 0;
rcode = EX_TEMPFAIL;
- mci_setstat(mci, rcode, "4.7.1", p);
+ mci_setstat(mci, rcode, "4.3.0", p);
/*
** hack to get the error message into
@@ -3162,7 +3200,7 @@ do_transfer:
if (tTd(11, 1))
{
sm_dprintf("openmailer: ");
- mci_dump(mci, false);
+ mci_dump(sm_debug_file(), mci, false);
}
#if _FFR_CLIENT_SIZE
@@ -3208,7 +3246,7 @@ do_transfer:
syserr("554 5.3.5 deliver: mci=%lx rcode=%d errno=%d state=%d sig=%s",
(unsigned long) mci, rcode, errno,
mci->mci_state, firstsig);
- mci_dump_all(true);
+ mci_dump_all(smioout, true);
rcode = EX_SOFTWARE;
}
else if (nummxhosts > hostnum)
@@ -4197,7 +4235,6 @@ logdelivery(m, mci, dsn, status, ctladdr, xstart, e)
anynet_ntoa(&CurHostAddr));
}
}
-#if _FFR_QUARANTINE
else if (strcmp(status, "quarantined") == 0)
{
if (e->e_quarmsg != NULL)
@@ -4205,7 +4242,6 @@ logdelivery(m, mci, dsn, status, ctladdr, xstart, e)
", quarantine=%s",
shortenstring(e->e_quarmsg, 40));
}
-#endif /* _FFR_QUARANTINE */
else if (strcmp(status, "queued") != 0)
{
p = macvalue('h', e);
@@ -4344,7 +4380,6 @@ logdelivery(m, mci, dsn, status, ctladdr, xstart, e)
" [%.100s]",
anynet_ntoa(&CurHostAddr));
}
-#if _FFR_QUARANTINE
else if (strcmp(status, "quarantined") == 0)
{
if (e->e_quarmsg != NULL)
@@ -4352,7 +4387,6 @@ logdelivery(m, mci, dsn, status, ctladdr, xstart, e)
", quarantine=%.100s",
e->e_quarmsg);
}
-#endif /* _FFR_QUARANTINE */
else if (strcmp(status, "queued") != 0)
{
p = macvalue('h', e);
@@ -5036,7 +5070,7 @@ mailfile(filename, mailer, ctladdr, sfflags, e)
if (tTd(11, 1))
{
sm_dprintf("mailfile %s\n ctladdr=", filename);
- printaddr(ctladdr, false);
+ printaddr(sm_debug_file(), ctladdr, false);
}
if (mailer == NULL)
@@ -5226,7 +5260,10 @@ mailfile(filename, mailer, ctladdr, sfflags, e)
if (bitnset(M_SPECIFIC_UID, mailer->m_flags))
{
RealUserName = NULL;
- RealUid = mailer->m_uid;
+ if (mailer->m_uid == NO_UID)
+ RealUid = RunAsUid;
+ else
+ RealUid = mailer->m_uid;
if (RunAsUid != 0 && RealUid != RunAsUid)
{
/* Only root can change the uid */
@@ -5248,7 +5285,7 @@ mailfile(filename, mailer, ctladdr, sfflags, e)
RealUserName = ctladdr->q_user;
RealUid = ctladdr->q_uid;
}
- else if (mailer != NULL && mailer->m_uid != 0)
+ else if (mailer != NULL && mailer->m_uid != NO_UID)
{
RealUserName = DefUser;
RealUid = mailer->m_uid;
@@ -5262,7 +5299,10 @@ mailfile(filename, mailer, ctladdr, sfflags, e)
/* select a new group to run as */
if (bitnset(M_SPECIFIC_UID, mailer->m_flags))
{
- RealGid = mailer->m_gid;
+ if (mailer->m_gid == NO_GID)
+ RealGid = RunAsGid;
+ else
+ RealGid = mailer->m_gid;
if (RunAsUid != 0 &&
(RealGid != getgid() ||
RealGid != getegid()))
@@ -5291,7 +5331,7 @@ mailfile(filename, mailer, ctladdr, sfflags, e)
}
else if (ctladdr != NULL && ctladdr->q_uid != 0)
RealGid = ctladdr->q_gid;
- else if (mailer != NULL && mailer->m_gid != 0)
+ else if (mailer != NULL && mailer->m_gid != NO_GID)
RealGid = mailer->m_gid;
else
RealGid = DefGid;
@@ -6014,7 +6054,8 @@ starttls(m, mci, e)
smtpmessage("STARTTLS", m, mci);
/* get the reply */
- smtpresult = reply(m, mci, e, TimeOuts.to_starttls, NULL, NULL);
+ smtpresult = reply(m, mci, e, TimeOuts.to_starttls, NULL, NULL,
+ XS_STARTTLS);
/* check return code from server */
if (smtpresult == 454)
diff --git a/contrib/sendmail/src/domain.c b/contrib/sendmail/src/domain.c
index f4a8810a27cc..dd2427207e1f 100644
--- a/contrib/sendmail/src/domain.c
+++ b/contrib/sendmail/src/domain.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers.
+ * Copyright (c) 1998-2004 Sendmail, Inc. and its suppliers.
* All rights reserved.
* Copyright (c) 1986, 1995-1997 Eric P. Allman. All rights reserved.
* Copyright (c) 1988, 1993
@@ -14,9 +14,9 @@
#include <sendmail.h>
#if NAMED_BIND
-SM_RCSID("@(#)$Id: domain.c,v 8.181.2.9 2003/08/11 23:23:40 gshapiro Exp $ (with name server)")
+SM_RCSID("@(#)$Id: domain.c,v 8.194 2004/01/14 01:47:34 ca Exp $ (with name server)")
#else /* NAMED_BIND */
-SM_RCSID("@(#)$Id: domain.c,v 8.181.2.9 2003/08/11 23:23:40 gshapiro Exp $ (without name server)")
+SM_RCSID("@(#)$Id: domain.c,v 8.194 2004/01/14 01:47:34 ca Exp $ (without name server)")
#endif /* NAMED_BIND */
#if NAMED_BIND
@@ -76,7 +76,6 @@ static char MXHostBuf[MXHOSTBUFSIZE];
# define RES_UNC_T unsigned char *
# endif /* defined(__RES) && (__RES >= 19940415) */
-static char *gethostalias __P((char *));
static int mxrand __P((char *));
static int fallbackmxrr __P((int, unsigned short *, char **));
@@ -96,11 +95,11 @@ static int fallbackmxrr __P((int, unsigned short *, char **));
** number of MX records.
**
** Side Effects:
-** Populates NumFallBackMXHosts and fbhosts.
+** Populates NumFallbackMXHosts and fbhosts.
** Sets renewal time (based on TTL).
*/
-int NumFallBackMXHosts = 0; /* Number of fallback MX hosts (after MX expansion) */
+int NumFallbackMXHosts = 0; /* Number of fallback MX hosts (after MX expansion) */
static char *fbhosts[MAXMXHOSTS + 1];
int
@@ -116,27 +115,27 @@ getfallbackmxrr(host)
if (host == NULL || *host == '\0')
return 0;
#endif /* 0 */
- if (NumFallBackMXHosts > 0 && renew > curtime())
- return NumFallBackMXHosts;
+ if (NumFallbackMXHosts > 0 && renew > curtime())
+ return NumFallbackMXHosts;
if (host[0] == '[')
{
fbhosts[0] = host;
- NumFallBackMXHosts = 1;
+ NumFallbackMXHosts = 1;
}
else
{
/* free old data */
- for (i = 0; i < NumFallBackMXHosts; i++)
+ for (i = 0; i < NumFallbackMXHosts; i++)
sm_free(fbhosts[i]);
/* get new data */
- NumFallBackMXHosts = getmxrr(host, fbhosts, NULL, false,
+ NumFallbackMXHosts = getmxrr(host, fbhosts, NULL, false,
&rcode, false, &ttl);
renew = curtime() + ttl;
- for (i = 0; i < NumFallBackMXHosts; i++)
+ for (i = 0; i < NumFallbackMXHosts; i++)
fbhosts[i] = newstr(fbhosts[i]);
}
- return NumFallBackMXHosts;
+ return NumFallbackMXHosts;
}
/*
@@ -151,7 +150,7 @@ getfallbackmxrr(host)
** new number of MX records.
**
** Side Effects:
-** If FallBackMX was set, it appends the MX records for
+** If FallbackMX was set, it appends the MX records for
** that host to mxhosts (and modifies prefs accordingly).
*/
@@ -163,7 +162,7 @@ fallbackmxrr(nmx, prefs, mxhosts)
{
int i;
- for (i = 0; i < NumFallBackMXHosts && nmx < MAXMXHOSTS; i++)
+ for (i = 0; i < NumFallbackMXHosts && nmx < MAXMXHOSTS; i++)
{
if (nmx > 0)
prefs[nmx] = prefs[nmx - 1] + 1;
@@ -221,7 +220,7 @@ getmxrr(host, mxhosts, mxprefs, droplocalhost, rcode, tryfallback, pttl)
bool seenlocal = false;
unsigned short pref, type;
unsigned short localpref = 256;
- char *fallbackMX = FallBackMX;
+ char *fallbackMX = FallbackMX;
bool trycanon = false;
unsigned short *prefs;
int (*resfunc)();
@@ -342,7 +341,7 @@ getmxrr(host, mxhosts, mxprefs, droplocalhost, rcode, tryfallback, pttl)
ancount = ntohs((unsigned short) hp->ancount);
/* See RFC 1035 for layout of RRs. */
- /* XXX leave room for FallBackMX ? */
+ /* XXX leave room for FallbackMX ? */
while (--ancount >= 0 && cp < eom && nmx < MAXMXHOSTS - 1)
{
if ((n = dn_expand((unsigned char *)&answer, eom, cp,
@@ -805,7 +804,6 @@ dns_getcanonname(host, hbsize, trymx, statp, pttl)
int qtype;
int initial;
int loopcnt;
- char *xp;
char nbuf[SM_MAX(MAXPACKET, MAXDNAME*2+2)];
char *searchlist[MAXDNSRCH + 2];
@@ -840,24 +838,6 @@ cnameloop:
n++;
/*
- ** If this is a simple name, determine whether it matches an
- ** alias in the file defined by the environment variable HOSTALIASES.
- */
-
- if (n == 0 && (xp = gethostalias(host)) != NULL)
- {
- if (loopcnt++ > MAXCNAMEDEPTH)
- {
- syserr("loop in ${HOSTALIASES} file");
- }
- else
- {
- (void) sm_strlcpy(host, xp, hbsize);
- goto cnameloop;
- }
- }
-
- /*
** Build the search list.
** If there is at least one dot in name, start with a null
** domain to search the unmodified name first.
@@ -933,14 +913,12 @@ cnameloop:
*/
SM_SET_H_ERRNO(TRY_AGAIN);
-# if _FFR_DONT_STOP_LOOKING
if (**dp == '\0')
{
if (*statp == EX_OK)
*statp = EX_TEMPFAIL;
goto nexttype;
}
-# endif /* _FFR_DONT_STOP_LOOKING */
*statp = EX_TEMPFAIL;
if (WorkAroundBrokenAAAA)
@@ -962,9 +940,7 @@ cnameloop:
return false;
}
-# if _FFR_DONT_STOP_LOOKING
nexttype:
-# endif /* _FFR_DONT_STOP_LOOKING */
if (h_errno != HOST_NOT_FOUND)
{
/* might have another type of interest */
@@ -1189,56 +1165,4 @@ nexttype:
*pttl = ttl;
return true;
}
-
-static char *
-gethostalias(host)
- char *host;
-{
- char *fname;
- SM_FILE_T *fp;
- register char *p = NULL;
- long sff = SFF_REGONLY;
- char buf[MAXLINE];
- static char hbuf[MAXDNAME];
-
- if (ResNoAliases)
- return NULL;
- if (DontLockReadFiles)
- sff |= SFF_NOLOCK;
- fname = getenv("HOSTALIASES");
- if (fname == NULL ||
- (fp = safefopen(fname, O_RDONLY, 0, sff)) == NULL)
- return NULL;
- while (sm_io_fgets(fp, SM_TIME_DEFAULT, buf, sizeof buf) != NULL)
- {
- for (p = buf; p != '\0' && !(isascii(*p) && isspace(*p)); p++)
- continue;
- if (*p == 0)
- {
- /* syntax error */
- continue;
- }
- *p++ = '\0';
- if (sm_strcasecmp(buf, host) == 0)
- break;
- }
-
- if (sm_io_eof(fp))
- {
- /* no match */
- (void) sm_io_close(fp, SM_TIME_DEFAULT);
- return NULL;
- }
- (void) sm_io_close(fp, SM_TIME_DEFAULT);
-
- /* got a match; extract the equivalent name */
- while (*p != '\0' && isascii(*p) && isspace(*p))
- p++;
- host = p;
- while (*p != '\0' && !(isascii(*p) && isspace(*p)))
- p++;
- *p = '\0';
- (void) sm_strlcpy(hbuf, host, sizeof hbuf);
- return hbuf;
-}
#endif /* NAMED_BIND */
diff --git a/contrib/sendmail/src/envelope.c b/contrib/sendmail/src/envelope.c
index c29871f3b806..1aedd3e57157 100644
--- a/contrib/sendmail/src/envelope.c
+++ b/contrib/sendmail/src/envelope.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers.
+ * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers.
* All rights reserved.
* Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved.
* Copyright (c) 1988, 1993
@@ -13,7 +13,7 @@
#include <sendmail.h>
-SM_RCSID("@(#)$Id: envelope.c,v 8.282.2.2 2002/12/04 15:44:08 ca Exp $")
+SM_RCSID("@(#)$Id: envelope.c,v 8.293 2004/02/18 00:46:18 gshapiro Exp $")
/*
** CLRSESSENVELOPE -- clear session oriented data in an envelope
@@ -101,7 +101,6 @@ newenvelope(e, parent, rpool)
if (parent != NULL)
{
e->e_msgpriority = parent->e_msgsize;
-#if _FFR_QUARANTINE
if (parent->e_quarmsg == NULL)
{
e->e_quarmsg = NULL;
@@ -115,7 +114,6 @@ newenvelope(e, parent, rpool)
macdefine(&e->e_macro, A_PERM,
macid("{quarantine}"), e->e_quarmsg);
}
-#endif /* _FFR_QUARANTINE */
}
e->e_puthdr = putheader;
e->e_putbody = putbody;
@@ -176,13 +174,13 @@ dropenvelope(e, fulldrop, split)
if (tTd(50, 1))
{
sm_dprintf("dropenvelope %p: id=", e);
- xputs(e->e_id);
+ xputs(sm_debug_file(), e->e_id);
sm_dprintf(", flags=");
printenvflags(e);
if (tTd(50, 10))
{
sm_dprintf("sendq=");
- printaddr(e->e_sendqueue, true);
+ printaddr(sm_debug_file(), e->e_sendqueue, true);
}
}
@@ -507,7 +505,6 @@ simpledrop:
}
if (!panic)
(void) xunlink(queuename(e, DATAFL_LETTER));
-#if _FFR_QUARANTINE
if (panic && QueueMode == QM_LOST)
{
/*
@@ -518,7 +515,6 @@ simpledrop:
/* EMPTY */
}
else
-#endif /* _FFR_QUARANTINE */
if (xunlink(queuename(e, ANYQFL_LETTER)) == 0)
{
/* add to available space in filesystem */
@@ -655,11 +651,9 @@ clearenvelope(e, fullclear, rpool)
*e = BlankEnvelope;
e->e_message = NULL;
-#if _FFR_QUARANTINE
e->e_qfletter = '\0';
e->e_quarmsg = NULL;
macdefine(&e->e_macro, A_PERM, macid("{quarantine}"), "");
-#endif /* _FFR_QUARANTINE */
/*
** Copy the macro table.
@@ -732,13 +726,7 @@ initsys(e)
openxscript(e);
e->e_ctime = curtime();
-#if _FFR_QUARANTINE
e->e_qfletter = '\0';
-#endif /* _FFR_QUARANTINE */
-#if _FFR_QUEUEDELAY
- e->e_queuealg = QueueAlg;
- e->e_queuedelay = QueueInitDelay;
-#endif /* _FFR_QUEUEDELAY */
/*
** Set OutChannel to something useful if stdout isn't it.
@@ -807,6 +795,8 @@ settime(e)
register struct tm *tm;
now = curtime();
+ (void) sm_snprintf(buf, sizeof buf, "%ld", (long) now);
+ macdefine(&e->e_macro, A_TEMP, macid("{time}"), buf);
tm = gmtime(&now);
(void) sm_snprintf(buf, sizeof buf, "%04d%02d%02d%02d%02d",
tm->tm_year + 1900, tm->tm_mon + 1, tm->tm_mday,
@@ -1044,7 +1034,7 @@ setsender(from, e, delimptr, delimchar, internal)
if (tTd(45, 5))
{
sm_dprintf("setsender: QS_SENDER ");
- printaddr(&e->e_from, false);
+ printaddr(sm_debug_file(), &e->e_from, false);
}
SuprErrs = false;
@@ -1140,7 +1130,7 @@ setsender(from, e, delimptr, delimchar, internal)
** links in the net.
*/
- pvp = prescan(from, delimchar, pvpbuf, sizeof pvpbuf, NULL, NULL);
+ pvp = prescan(from, delimchar, pvpbuf, sizeof pvpbuf, NULL, NULL, false);
if (pvp == NULL)
{
/* don't need to give error -- prescan did that already */
@@ -1180,15 +1170,17 @@ setsender(from, e, delimptr, delimchar, internal)
/* strip off to the last "@" sign */
for (lastat = NULL; *pvp != NULL; pvp++)
+ {
if (strcmp(*pvp, "@") == 0)
lastat = pvp;
+ }
if (lastat != NULL)
{
e->e_fromdomain = copyplist(lastat, true, e->e_rpool);
if (tTd(45, 3))
{
sm_dprintf("Saving from domain: ");
- printav(e->e_fromdomain);
+ printav(sm_debug_file(), e->e_fromdomain);
}
}
}
@@ -1249,19 +1241,17 @@ printenvflags(e)
register struct eflags *ef;
bool first = true;
- (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, "%lx", e->e_flags);
+ sm_dprintf("%lx", e->e_flags);
for (ef = EnvelopeFlags; ef->ef_name != NULL; ef++)
{
if (!bitset(ef->ef_bit, e->e_flags))
continue;
if (first)
- (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, "<%s",
- ef->ef_name);
+ sm_dprintf("<%s", ef->ef_name);
else
- (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, ",%s",
- ef->ef_name);
+ sm_dprintf(",%s", ef->ef_name);
first = false;
}
if (!first)
- (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, ">\n");
+ sm_dprintf(">\n");
}
diff --git a/contrib/sendmail/src/err.c b/contrib/sendmail/src/err.c
index 484af9e85ddd..5a0b5b1dfbaf 100644
--- a/contrib/sendmail/src/err.c
+++ b/contrib/sendmail/src/err.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers.
+ * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers.
* All rights reserved.
* Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved.
* Copyright (c) 1988, 1993
@@ -13,7 +13,7 @@
#include <sendmail.h>
-SM_RCSID("@(#)$Id: err.c,v 8.189 2002/01/09 18:52:30 ca Exp $")
+SM_RCSID("@(#)$Id: err.c,v 8.191 2003/01/10 02:16:46 ca Exp $")
#if LDAPMAP
# include <lber.h>
@@ -238,7 +238,7 @@ syserr(fmt, va_alist)
case ESTALE:
#endif /* ESTALE */
printopenfds(true);
- mci_dump_all(true);
+ mci_dump_all(smioout, true);
break;
}
if (panic)
diff --git a/contrib/sendmail/src/headers.c b/contrib/sendmail/src/headers.c
index 8012b51987ef..12a567dbdc47 100644
--- a/contrib/sendmail/src/headers.c
+++ b/contrib/sendmail/src/headers.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers.
+ * Copyright (c) 1998-2004 Sendmail, Inc. and its suppliers.
* All rights reserved.
* Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved.
* Copyright (c) 1988, 1993
@@ -13,8 +13,9 @@
#include <sendmail.h>
-SM_RCSID("@(#)$Id: headers.c,v 8.266.4.9 2003/10/30 00:17:22 gshapiro Exp $")
+SM_RCSID("@(#)$Id: headers.c,v 8.286 2004/07/08 17:57:32 ca Exp $")
+static HDR *allocheader __P((char *, char *, int, SM_RPOOL_T *));
static size_t fix_mime_header __P((HDR *, ENVELOPE *));
static int priencode __P((char *));
static void put_vanilla_header __P((HDR *, char *, MCI *));
@@ -87,7 +88,7 @@ chompheader(line, pflag, hdrp, e)
if (tTd(31, 6))
{
sm_dprintf("chompheader: ");
- xputs(line);
+ xputs(sm_debug_file(), line);
sm_dprintf("\n");
}
@@ -291,11 +292,12 @@ hse:
int rscheckflags;
char *rs;
- /* no ruleset? look for default */
- rs = hi->hi_ruleset;
rscheckflags = RSF_COUNT;
if (!bitset(hi->hi_flags, H_FROM|H_RCPT))
rscheckflags |= RSF_UNSTRUCTURED;
+
+ /* no ruleset? look for default */
+ rs = hi->hi_ruleset;
if (rs == NULL)
{
s = stab("*", ST_HEADER, ST_FIND);
@@ -357,17 +359,10 @@ hse:
(void) sm_snprintf(qval, sizeof qval, "%d", k);
macdefine(&e->e_macro, A_TEMP, macid("{hdrlen}"), qval);
#if _FFR_HDR_TYPE
- /*
- ** XXX: h isn't set yet
- ** If we really want to be precise then we have
- ** to lookup the header (see below).
- ** It's probably not worth the effort.
- */
-
- if (bitset(H_FROM, h->h_flags))
+ if (bitset(H_FROM, hi->hi_flags))
macdefine(&e->e_macro, A_PERM,
macid("{addr_type}"), "h s");
- else if (bitset(H_RCPT, h->h_flags))
+ else if (bitset(H_RCPT, hi->hi_flags))
macdefine(&e->e_macro, A_PERM,
macid("{addr_type}"), "h r");
else
@@ -466,6 +461,44 @@ hse:
return h->h_flags;
}
/*
+** ALLOCHEADER -- allocate a header entry
+**
+** Parameters:
+** field -- the name of the header field.
+** value -- the value of the field.
+** flags -- flags to add to h_flags.
+** rp -- resource pool for allocations
+**
+** Returns:
+** Pointer to a newly allocated and populated HDR.
+*/
+
+static HDR *
+allocheader(field, value, flags, rp)
+ char *field;
+ char *value;
+ int flags;
+ SM_RPOOL_T *rp;
+{
+ HDR *h;
+ STAB *s;
+
+ /* find info struct */
+ s = stab(field, ST_HEADER, ST_FIND);
+
+ /* allocate space for new header */
+ h = (HDR *) sm_rpool_malloc_x(rp, sizeof *h);
+ h->h_field = field;
+ h->h_value = sm_rpool_strdup_x(rp, value);
+ h->h_flags = flags;
+ if (s != NULL)
+ h->h_flags |= s->s_header.hi_flags;
+ clrbitmap(h->h_mflags);
+ h->h_macro = '\0';
+
+ return h;
+}
+/*
** ADDHEADER -- add a header entry to the end of the queue.
**
** This bypasses the special checking of chompheader.
@@ -491,13 +524,9 @@ addheader(field, value, flags, e)
ENVELOPE *e;
{
register HDR *h;
- STAB *s;
HDR **hp;
HDR **hdrlist = &e->e_header;
- /* find info struct */
- s = stab(field, ST_HEADER, ST_FIND);
-
/* find current place in list -- keep back pointer? */
for (hp = hdrlist; (h = *hp) != NULL; hp = &h->h_link)
{
@@ -506,18 +535,65 @@ addheader(field, value, flags, e)
}
/* allocate space for new header */
- h = (HDR *) sm_rpool_malloc_x(e->e_rpool, sizeof *h);
- h->h_field = field;
- h->h_value = sm_rpool_strdup_x(e->e_rpool, value);
+ h = allocheader(field, value, flags, e->e_rpool);
h->h_link = *hp;
- h->h_flags = flags;
- if (s != NULL)
- h->h_flags |= s->s_header.hi_flags;
- clrbitmap(h->h_mflags);
- h->h_macro = '\0';
*hp = h;
}
/*
+** INSHEADER -- insert a header entry at the specified index
+**
+** This bypasses the special checking of chompheader.
+**
+** Parameters:
+** idx -- index into the header list at which to insert
+** field -- the name of the header field.
+** value -- the value of the field.
+** flags -- flags to add to h_flags.
+** e -- envelope.
+**
+** Returns:
+** none.
+**
+** Side Effects:
+** inserts the field on the list of headers for this envelope.
+*/
+
+void
+insheader(idx, field, value, flags, e)
+ int idx;
+ char *field;
+ char *value;
+ int flags;
+ ENVELOPE *e;
+{
+ HDR *h, *srch, *last = NULL;
+
+ /* allocate space for new header */
+ h = allocheader(field, value, flags, e->e_rpool);
+
+ /* find insertion position */
+ for (srch = e->e_header; srch != NULL && idx > 0;
+ srch = srch->h_link, idx--)
+ last = srch;
+
+ if (e->e_header == NULL)
+ {
+ e->e_header = h;
+ h->h_link = NULL;
+ }
+ else if (srch == NULL)
+ {
+ SM_ASSERT(last != NULL);
+ last->h_link = h;
+ h->h_link = NULL;
+ }
+ else
+ {
+ h->h_link = srch->h_link;
+ srch->h_link = h;
+ }
+}
+/*
** HVALUE -- return value of a header.
**
** Only "real" fields (i.e., ones that have not been supplied
@@ -673,7 +749,7 @@ eatheader(e, full, log)
if (tTd(32, 1))
{
sm_dprintf("(");
- xputs(h->h_value);
+ xputs(sm_debug_file(), h->h_value);
sm_dprintf(") ");
}
expand(h->h_value, buf, sizeof buf, e);
@@ -688,7 +764,7 @@ eatheader(e, full, log)
}
if (tTd(32, 1))
{
- xputs(h->h_value);
+ xputs(sm_debug_file(), h->h_value);
sm_dprintf("\n");
}
@@ -730,10 +806,8 @@ eatheader(e, full, log)
e->e_msgid = h->h_value;
while (isascii(*e->e_msgid) && isspace(*e->e_msgid))
e->e_msgid++;
-#if _FFR_MESSAGEID_MACRO
macdefine(&e->e_macro, A_PERM, macid("{msg_id}"),
- e->e_msgid);
-#endif /* _FFR_MESSAGEID_MACRO */
+ e->e_msgid);
}
}
if (tTd(32, 1))
@@ -766,6 +840,60 @@ eatheader(e, full, log)
+ e->e_nrcpts * WkRecipFact;
}
+ /* check for DSN to properly set e_timeoutclass */
+ p = hvalue("content-type", e->e_header);
+ if (p != NULL)
+ {
+ bool oldsupr;
+ char **pvp;
+ char pvpbuf[MAXLINE];
+ extern unsigned char MimeTokenTab[256];
+
+ /* tokenize header */
+ oldsupr = SuprErrs;
+ SuprErrs = true;
+ pvp = prescan(p, '\0', pvpbuf, sizeof pvpbuf, NULL,
+ MimeTokenTab, false);
+ SuprErrs = oldsupr;
+
+ /* Check if multipart/report */
+ if (pvp != NULL && pvp[0] != NULL &&
+ pvp[1] != NULL && pvp[2] != NULL &&
+ sm_strcasecmp(*pvp++, "multipart") == 0 &&
+ strcmp(*pvp++, "/") == 0 &&
+ sm_strcasecmp(*pvp++, "report") == 0)
+ {
+ /* Look for report-type=delivery-status */
+ while (*pvp != NULL)
+ {
+ /* skip to semicolon separator */
+ while (*pvp != NULL && strcmp(*pvp, ";") != 0)
+ pvp++;
+
+ /* skip semicolon */
+ if (*pvp++ == NULL || *pvp == NULL)
+ break;
+
+ /* look for report-type */
+ if (sm_strcasecmp(*pvp++, "report-type") != 0)
+ continue;
+
+ /* skip equal */
+ if (*pvp == NULL || strcmp(*pvp, "=") != 0)
+ continue;
+
+ /* check value */
+ if (*++pvp != NULL &&
+ sm_strcasecmp(*pvp,
+ "delivery-status") == 0)
+ e->e_timeoutclass = TOC_DSN;
+
+ /* found report-type, no need to continue */
+ break;
+ }
+ }
+ }
+
/* message timeout priority */
p = hvalue("priority", e->e_header);
if (p != NULL)
@@ -777,15 +905,11 @@ eatheader(e, full, log)
e->e_timeoutclass = TOC_NORMAL;
else if (sm_strcasecmp(p, "non-urgent") == 0)
e->e_timeoutclass = TOC_NONURGENT;
-#if _FFR_QUEUERETURN_DSN
else if (bitset(EF_RESPONSE, e->e_flags))
e->e_timeoutclass = TOC_DSN;
-#endif /* _FFR_QUEUERETURN_DSN */
}
-#if _FFR_QUEUERETURN_DSN
else if (bitset(EF_RESPONSE, e->e_flags))
e->e_timeoutclass = TOC_DSN;
-#endif /* _FFR_QUEUERETURN_DSN */
/* date message originated */
p = hvalue("posted-date", e->e_header);
@@ -1239,12 +1363,8 @@ crackaddr(addr, e)
{
c = *q++;
if (quoteit && c == '"')
- {
SM_APPEND_CHAR('\\');
- SM_APPEND_CHAR(c);
- }
- else
- SM_APPEND_CHAR(c);
+ SM_APPEND_CHAR(c);
}
if (quoteit)
{
@@ -1406,7 +1526,7 @@ crackaddr(addr, e)
if (tTd(33, 1))
{
sm_dprintf("crackaddr=>`");
- xputs(buf);
+ xputs(sm_debug_file(), buf);
sm_dprintf("'\n");
}
return buf;
@@ -1459,7 +1579,7 @@ putheader(mci, hdr, e, flags)
if (tTd(34, 11))
{
sm_dprintf(" %s: ", h->h_field);
- xputs(p);
+ xputs(sm_debug_file(), p);
}
/* Skip empty headers */
@@ -1813,7 +1933,7 @@ commaize(h, p, oldstyle, mci, e)
char pvpbuf[PSBUFSIZE];
res = prescan(p, oldstyle ? ' ' : ',', pvpbuf,
- sizeof pvpbuf, &oldp, NULL);
+ sizeof pvpbuf, &oldp, NULL, false);
p = oldp;
#if _FFR_IGNORE_BOGUS_ADDR
/* ignore addresses that can't be parsed */
diff --git a/contrib/sendmail/src/macro.c b/contrib/sendmail/src/macro.c
index fc7a2c277c84..af8f6d5b1945 100644
--- a/contrib/sendmail/src/macro.c
+++ b/contrib/sendmail/src/macro.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1998-2001 Sendmail, Inc. and its suppliers.
+ * Copyright (c) 1998-2001, 2003 Sendmail, Inc. and its suppliers.
* All rights reserved.
* Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved.
* Copyright (c) 1988, 1993
@@ -13,7 +13,7 @@
#include <sendmail.h>
-SM_RCSID("@(#)$Id: macro.c,v 8.86 2001/09/11 04:05:14 gshapiro Exp $")
+SM_RCSID("@(#)$Id: macro.c,v 8.88 2003/09/05 23:11:18 ca Exp $")
#if MAXMACROID != (BITMAPBITS - 1)
ERROR Read the comment in conf.h
@@ -130,7 +130,7 @@ expand(s, buf, bufsize, e)
if (tTd(35, 24))
{
sm_dprintf("expand(");
- xputs(s);
+ xputs(sm_debug_file(), s);
sm_dprintf(")\n");
}
@@ -223,7 +223,7 @@ expand(s, buf, bufsize, e)
if (tTd(35, 24))
{
sm_dprintf("expand ==> ");
- xputs(xbuf);
+ xputs(sm_debug_file(), xbuf);
sm_dprintf("\n");
}
@@ -305,7 +305,7 @@ macdefine(mac, vclass, id, value)
{
sm_dprintf("%sdefine(%s as ",
mac->mac_table[id] == NULL ? "" : "re", macname(id));
- xputs(value);
+ xputs(sm_debug_file(), value);
sm_dprintf(")\n");
}
@@ -325,7 +325,11 @@ macdefine(mac, vclass, id, value)
}
else
{
+#if SM_HEAP_CHECK
newvalue = sm_strdup_tagged_x(value, file, line, 0);
+#else /* SM_HEAP_CHECK */
+ newvalue = sm_strdup_x(value);
+#endif /* SM_HEAP_CHECK */
setbitn(id, mac->mac_allocated);
}
mac->mac_table[id] = newvalue;
@@ -377,7 +381,7 @@ macset(mac, i, value)
if (tTd(35, 9))
{
sm_dprintf("macset(%s as ", macname(i));
- xputs(value);
+ xputs(sm_debug_file(), value);
sm_dprintf(")\n");
}
mac->mac_table[i] = value;
@@ -487,7 +491,7 @@ macid_parse(p, ep)
if (tTd(35, 14))
{
sm_dprintf("macid(");
- xputs(p);
+ xputs(sm_debug_file(), p);
sm_dprintf(") => ");
}
diff --git a/contrib/sendmail/src/mailq.1 b/contrib/sendmail/src/mailq.1
index 1eb234e38ebb..f67a9ddf99a0 100644
--- a/contrib/sendmail/src/mailq.1
+++ b/contrib/sendmail/src/mailq.1
@@ -9,9 +9,9 @@
.\" the sendmail distribution.
.\"
.\"
-.\" $Id: mailq.1,v 8.19.2.1 2002/09/26 23:03:39 gshapiro Exp $
+.\" $Id: mailq.1,v 8.20 2002/06/27 22:47:34 gshapiro Exp $
.\"
-.TH MAILQ 1 "$Date: 2002/09/26 23:03:39 $"
+.TH MAILQ 1 "$Date: 2002/06/27 22:47:34 $"
.SH NAME
mailq
\- print the mail queue
@@ -55,6 +55,13 @@ Show the mail submission queue specified in
instead of the MTA queue specified in
.IR /etc/mail/sendmail.cf .
.TP
+.B \-qL
+Show the "lost" items in the mail queue instead of the normal queue items.
+.TP
+.B \-qQ
+Show the quarantined items in the mail queue instead of the normal queue
+items.
+.TP
\fB\-q\fR[\fI!\fR]I substr
Limit processed jobs to those containing
.I substr
@@ -62,6 +69,13 @@ as a substring of the queue id or not when
.I !
is specified.
.TP
+\fB\-q\fR[\fI!\fR]Q substr
+Limit processed jobs to quarantined jobs containing
+.I substr
+as a substring of the quarantine reason or not when
+.I !
+is specified.
+.TP
\fB\-q\fR[\fI!\fR]R substr
Limit processed jobs to those containing
.I substr
diff --git a/contrib/sendmail/src/main.c b/contrib/sendmail/src/main.c
index 0d8c0ce4d5e5..f274ad871d87 100644
--- a/contrib/sendmail/src/main.c
+++ b/contrib/sendmail/src/main.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers.
+ * Copyright (c) 1998-2004 Sendmail, Inc. and its suppliers.
* All rights reserved.
* Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved.
* Copyright (c) 1988, 1993
@@ -18,14 +18,14 @@
#ifndef lint
SM_UNUSED(static char copyright[]) =
-"@(#) Copyright (c) 1998-2001 Sendmail, Inc. and its suppliers.\n\
+"@(#) Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers.\n\
All rights reserved.\n\
Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved.\n\
Copyright (c) 1988, 1993\n\
The Regents of the University of California. All rights reserved.\n";
#endif /* ! lint */
-SM_RCSID("@(#)$Id: main.c,v 8.887.2.29 2003/11/07 00:09:31 ca Exp $")
+SM_RCSID("@(#)$Id: main.c,v 8.939 2004/06/17 16:39:21 ca Exp $")
#if NETINET || NETINET6
@@ -175,15 +175,14 @@ main(argc, argv, envp)
char *sysloglabel = NULL; /* label for syslog */
char *conffile = NULL; /* name of .cf file */
char *queuegroup = NULL; /* queue group to process */
-#if _FFR_QUARANTINE
char *quarantining = NULL; /* quarantine queue items? */
-#endif /* _FFR_QUARANTINE */
bool extraprivs;
bool forged, negate;
bool queuepersistent = false; /* queue runner process runs forever */
bool foregroundqueue = false; /* queue run in foreground */
bool save_val; /* to save some bool var. */
int cftype; /* which cf file to use? */
+ SM_FILE_T *smdebug;
static time_t starttime = 0; /* when was process started */
struct stat traf_st; /* for TrafficLog FIFO check */
char buf[MAXLINE];
@@ -268,14 +267,9 @@ main(argc, argv, envp)
if (errno != 0)
fill_errno = errno;
- i = DtableSize;
- while (--i > 0)
- {
- if (i != STDIN_FILENO && i != STDOUT_FILENO &&
- i != STDERR_FILENO)
- (void) close(i);
- }
+ sm_closefrom(STDERR_FILENO + 1, DtableSize);
errno = 0;
+ smdebug = NULL;
#if LOG
# ifndef SM_LOG_STR
@@ -371,27 +365,15 @@ main(argc, argv, envp)
else if (strcmp(p, "purgestat") == 0)
OpMode = MD_PURGESTAT;
-#if _FFR_QUARANTINE
-# if defined(__osf__) || defined(_AIX3)
-# define OPTIONS "A:B:b:C:cd:e:F:f:Gh:IiL:M:mN:nO:o:p:q:R:r:sTtV:vX:xQ:"
-# endif /* defined(__osf__) || defined(_AIX3) */
-# if defined(sony_news)
-# define OPTIONS "A:B:b:C:cd:E:e:F:f:Gh:IiJ:L:M:mN:nO:o:p:q:R:r:sTtV:vX:Q:"
-# endif /* defined(sony_news) */
-# ifndef OPTIONS
-# define OPTIONS "A:B:b:C:cd:e:F:f:Gh:IiL:M:mN:nO:o:p:q:R:r:sTtV:vX:Q:"
-# endif /* ! OPTIONS */
-#else /* _FFR_QUARANTINE */
-# if defined(__osf__) || defined(_AIX3)
-# define OPTIONS "A:B:b:C:cd:e:F:f:Gh:IiL:M:mN:nO:o:p:q:R:r:sTtV:vX:x"
-# endif /* defined(__osf__) || defined(_AIX3) */
-# if defined(sony_news)
-# define OPTIONS "A:B:b:C:cd:E:e:F:f:Gh:IiJ:L:M:mN:nO:o:p:q:R:r:sTtV:vX:"
-# endif /* defined(sony_news) */
-# ifndef OPTIONS
-# define OPTIONS "A:B:b:C:cd:e:F:f:Gh:IiL:M:mN:nO:o:p:q:R:r:sTtV:vX:"
-# endif /* ! OPTIONS */
-#endif /* _FFR_QUARANTINE */
+#if defined(__osf__) || defined(_AIX3)
+# define OPTIONS "A:B:b:C:cD:d:e:F:f:Gh:IiL:M:mN:nO:o:p:Q:q:R:r:sTtV:vX:x"
+#endif /* defined(__osf__) || defined(_AIX3) */
+#if defined(sony_news)
+# define OPTIONS "A:B:b:C:cD:d:E:e:F:f:Gh:IiJ:L:M:mN:nO:o:p:Q:q:R:r:sTtV:vX:"
+#endif /* defined(sony_news) */
+#ifndef OPTIONS
+# define OPTIONS "A:B:b:C:cD:d:e:F:f:Gh:IiL:M:mN:nO:o:p:Q:q:R:r:sTtV:vX:"
+#endif /* ! OPTIONS */
/* Set to 0 to allow -b; need to check optarg before using it! */
opterr = 0;
@@ -431,10 +413,31 @@ main(argc, argv, envp)
}
break;
+ case 'D':
+ if (debug)
+ {
+ errno = 0;
+ syserr("-D file must be before -d");
+ ExitStat = EX_USAGE;
+ break;
+ }
+ dp = drop_privileges(true);
+ setstat(dp);
+ smdebug = sm_io_open(SmFtStdio, SM_TIME_DEFAULT,
+ optarg, SM_IO_APPEND, NULL);
+ if (smdebug == NULL)
+ {
+ syserr("cannot open %s", optarg);
+ ExitStat = EX_CANTCREAT;
+ break;
+ }
+ sm_debug_setfile(smdebug);
+ break;
+
case 'd':
debug = true;
tTflag(optarg);
- (void) sm_io_setvbuf(smioout, SM_TIME_DEFAULT,
+ (void) sm_io_setvbuf(sm_debug_file(), SM_TIME_DEFAULT,
(char *) NULL, SM_IO_NBF,
SM_IO_BUFSIZ);
break;
@@ -451,16 +454,14 @@ main(argc, argv, envp)
(char) j);
return EX_USAGE;
}
- j = SM_MIN(strlen(optarg), 24) + 1;
+ j = SM_MIN(strlen(optarg), 32) + 1;
sysloglabel = xalloc(j);
(void) sm_strlcpy(sysloglabel, optarg, j);
SyslogPrefixLen = PIDLEN + (MAXQFNAME - 3) +
SL_FUDGE + j;
break;
-#if _FFR_QUARANTINE
case 'Q':
-#endif /* _FFR_QUARANTINE */
case 'q':
/* just check if it is there */
queuerun = true;
@@ -474,6 +475,7 @@ main(argc, argv, envp)
{
(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
"WARNING: Can not use -d with -q. Disabling debugging.\n");
+ sm_debug_close();
sm_debug_setfile(NULL);
(void) memset(tTdvect, '\0', sizeof tTdvect);
}
@@ -667,8 +669,6 @@ main(argc, argv, envp)
else
_res.options &= ~RES_DEBUG;
# ifdef RES_NOALIASES
- if (bitset(RES_NOALIASES, _res.options))
- ResNoAliases = true;
_res.options |= RES_NOALIASES;
# endif /* RES_NOALIASES */
TimeOuts.res_retry[RES_TO_DEFAULT] = _res.retry;
@@ -701,23 +701,8 @@ main(argc, argv, envp)
setclass('w', jbuf);
p = strchr(jbuf, '.');
- if (p != NULL)
- {
- if (p[1] != '\0')
- {
- macdefine(&BlankEnvelope.e_macro, A_TEMP, 'm',
- &p[1]);
- }
- while (p != NULL && strchr(&p[1], '.') != NULL)
- {
- *p = '\0';
- if (tTd(0, 4))
- sm_dprintf("\ta.k.a.: %s\n", jbuf);
- setclass('w', jbuf);
- *p++ = '.';
- p = strchr(p, '.');
- }
- }
+ if (p != NULL && p[1] != '\0')
+ macdefine(&BlankEnvelope.e_macro, A_TEMP, 'm', &p[1]);
if (uname(&utsname) >= 0)
p = utsname.nodename;
@@ -806,9 +791,7 @@ main(argc, argv, envp)
QueueLimitRecipient = (QUEUE_CHAR *) NULL;
QueueLimitSender = (QUEUE_CHAR *) NULL;
QueueLimitId = (QUEUE_CHAR *) NULL;
-#if _FFR_QUARANTINE
QueueLimitQuarantine = (QUEUE_CHAR *) NULL;
-#endif /* _FFR_QUARANTINE */
/*
** Crack argv.
@@ -842,6 +825,7 @@ main(argc, argv, envp)
safecf = false;
break;
+ case 'D':
case 'd': /* debugging */
/* already done */
break;
@@ -957,7 +941,6 @@ main(argc, argv, envp)
}
break;
-#if _FFR_QUARANTINE
case 'Q': /* change quarantining on queued items */
/* sanity check */
if (OpMode != MD_DELIVER &&
@@ -975,7 +958,6 @@ main(argc, argv, envp)
quarantining = newstr(optarg);
break;
-#endif /* _FFR_QUARANTINE */
case 'q': /* run queue files at intervals */
/* sanity check */
@@ -1049,7 +1031,6 @@ main(argc, argv, envp)
foregroundqueue = true;
break;
-#if _FFR_QUARANTINE
case 'Q': /* Limit by quarantine message */
if (optarg[1] != '\0')
{
@@ -1065,7 +1046,6 @@ main(argc, argv, envp)
case 'L': /* act on lost items */
QueueMode = QM_LOST;
break;
-#endif /* _FFR_QUARANTINE */
case 'p': /* Persistent queue */
queuepersistent = true;
@@ -1308,8 +1288,8 @@ main(argc, argv, envp)
}
#if NAMED_BIND
- if (FallBackMX != NULL)
- (void) getfallbackmxrr(FallBackMX);
+ if (FallbackMX != NULL)
+ (void) getfallbackmxrr(FallbackMX);
#endif /* NAMED_BIND */
if (SuperSafe == SAFE_INTERACTIVE && CurEnv->e_sendmode != SM_DELIVER)
@@ -1418,13 +1398,13 @@ main(argc, argv, envp)
{
sm_dprintf("\n============ SYSTEM IDENTITY (after readcf) ============");
sm_dprintf("\n (short domain name) $w = ");
- xputs(macvalue('w', &BlankEnvelope));
+ xputs(sm_debug_file(), macvalue('w', &BlankEnvelope));
sm_dprintf("\n (canonical domain name) $j = ");
- xputs(macvalue('j', &BlankEnvelope));
+ xputs(sm_debug_file(), macvalue('j', &BlankEnvelope));
sm_dprintf("\n (subdomain name) $m = ");
- xputs(macvalue('m', &BlankEnvelope));
+ xputs(sm_debug_file(), macvalue('m', &BlankEnvelope));
sm_dprintf("\n (node name) $k = ");
- xputs(macvalue('k', &BlankEnvelope));
+ xputs(sm_debug_file(), macvalue('k', &BlankEnvelope));
sm_dprintf("\n========================================================\n\n");
}
@@ -1459,10 +1439,6 @@ main(argc, argv, envp)
if (DefaultNotify == 0)
DefaultNotify = QPINGONFAILURE|QPINGONDELAY;
- /* be sure we don't pick up bogus HOSTALIASES environment variable */
- if (OpMode == MD_QUEUERUN && RealUid != 0)
- (void) unsetenv("HOSTALIASES");
-
/* check for sane configuration level */
if (ConfigLevel > MAXCONFIGLEVEL)
{
@@ -1495,14 +1471,14 @@ main(argc, argv, envp)
switch (OpMode)
{
case MD_QUEUERUN:
-#if _FFR_QUARANTINE
if (quarantining != NULL)
action = "quarantine jobs";
else
-#endif /* _FFR_QUARANTINE */
- /* Normal users can do a single queue run */
- if (QueueIntvl == 0)
- break;
+ {
+ /* Normal users can do a single queue run */
+ if (QueueIntvl == 0)
+ break;
+ }
/* but not persistent queue runners */
if (action == NULL)
@@ -1757,7 +1733,7 @@ main(argc, argv, envp)
else
PSTRSET(MyHostName, jbuf);
if (strchr(MyHostName, '.') == NULL)
- message("WARNING: local host name (%s) is not qualified; fix $j in config file",
+ message("WARNING: local host name (%s) is not qualified; see cf/README: WHO AM I?",
MyHostName);
/* make certain that this name is part of the $=w class */
@@ -1917,9 +1893,7 @@ main(argc, argv, envp)
if (OpMode == MD_DAEMON || OpMode == MD_SMTP)
{
milter_config(InputFilterList, InputFilters, MAXFILTERS);
-# if _FFR_MILTER_PERDAEMON
setup_daemon_milters();
-# endif /* _FFR_MILTER_PERDAEMON */
}
#endif /* MILTER */
@@ -1991,7 +1965,6 @@ main(argc, argv, envp)
/* NOTREACHED */
break;
-#if _FFR_QUARANTINE
case MD_QUEUERUN:
/* only handle quarantining here */
if (quarantining == NULL)
@@ -2009,7 +1982,6 @@ main(argc, argv, envp)
quarantine_queue(quarantining, qgrp);
finis(false, true, EX_OK);
break;
-#endif /* _FFR_QUARANTINE */
case MD_HOSTSTAT:
(void) sm_signal(SIGPIPE, sigpipe);
@@ -2056,7 +2028,7 @@ main(argc, argv, envp)
for (i = 0; i < MAXMAILERS; i++)
{
if (Mailer[i] != NULL)
- printmailer(Mailer[i]);
+ printmailer(sm_debug_file(), Mailer[i]);
}
}
@@ -2286,7 +2258,7 @@ main(argc, argv, envp)
if (OpMode == MD_SMTP)
{
proc_list_add(CurrentPid, "Sendmail SMTP Agent",
- PROC_DAEMON, 0, -1);
+ PROC_DAEMON, 0, -1, NULL);
/* clean up background delivery children */
(void) sm_signal(SIGCHLD, reapchild);
@@ -2385,6 +2357,13 @@ main(argc, argv, envp)
if (OpMode != MD_DAEMON && queuepersistent)
{
+ /*
+ ** Write the pid to file
+ ** XXX Overwrites sendmail.pid
+ */
+
+ log_sendmail_pid(&MainEnvelope);
+
/* set the title to make it easier to find */
sm_setproctitle(true, CurEnv, "Queue control");
(void) sm_signal(SIGCHLD, SIG_DFL);
@@ -2488,7 +2467,9 @@ main(argc, argv, envp)
for (;;)
{
(void) pause();
+
CHECK_RESTART;
+
if (doqueuerun())
(void) runqueue(true, false,
false, false);
@@ -2554,6 +2535,8 @@ main(argc, argv, envp)
else
macdefine(&BlankEnvelope.e_macro, A_PERM,
macid("{client_name}"), RealHostName);
+ macdefine(&BlankEnvelope.e_macro, A_PERM,
+ macid("{client_ptr}"), RealHostName);
macdefine(&BlankEnvelope.e_macro, A_TEMP,
macid("{client_addr}"), anynet_ntoa(&RealHostAddr));
sm_getla();
@@ -2584,8 +2567,9 @@ main(argc, argv, envp)
/* validate the connection */
HoldErrs = true;
nullserver = validate_connection(&RealHostAddr,
- RealHostName,
- &MainEnvelope);
+ macvalue(macid("{client_name}"),
+ &MainEnvelope),
+ &MainEnvelope);
HoldErrs = false;
}
else if (p_flags == NULL)
@@ -2785,11 +2769,9 @@ main(argc, argv, envp)
sm_dprintf("From person = \"%s\"\n",
MainEnvelope.e_from.q_paddr);
-#if _FFR_QUARANTINE
/* Check if quarantining stats should be updated */
if (MainEnvelope.e_quarmsg != NULL)
markstats(&MainEnvelope, NULL, STATS_QUARANTINE);
-#endif /* _FFR_QUARANTINE */
/*
** Actually send everything.
@@ -2813,7 +2795,7 @@ main(argc, argv, envp)
if (tTd(1, 5))
{
sm_dprintf("main[%d]: QS_SENDER ", i);
- printaddr(&e->e_from, false);
+ printaddr(sm_debug_file(), &e->e_from, false);
}
e->e_to = NULL;
sm_getla();
@@ -2881,6 +2863,7 @@ finis(drop, cleanup, exitstat)
bool cleanup;
volatile int exitstat;
{
+ char pidpath[MAXPATHLEN];
/* Still want to process new timeouts added below */
sm_clear_events();
@@ -2953,6 +2936,16 @@ finis(drop, cleanup, exitstat)
cleanup_shm(DaemonPid == getpid());
#endif /* SM_CONF_SHM */
+ /* close locked pid file */
+ close_sendmail_pid();
+
+ if (DaemonPid == getpid() || PidFilePid == getpid())
+ {
+ /* blow away the pid file */
+ expand(PidFile, pidpath, sizeof pidpath, CurEnv);
+ (void) unlink(pidpath);
+ }
+
/* reset uid for process accounting */
endpwent();
sm_mbdb_terminate();
@@ -3309,7 +3302,6 @@ obsolete(argv)
if (ap[0] != '-' || ap[1] == '-')
return;
-#if _FFR_QUARANTINE
/* Don't allow users to use "-Q." or "-Q ." */
if ((ap[1] == 'Q' && ap[2] == '.') ||
(ap[1] == 'Q' && argv[1] != NULL &&
@@ -3319,7 +3311,6 @@ obsolete(argv)
"Can not use -Q.\n");
exit(EX_USAGE);
}
-#endif /* _FFR_QUARANTINE */
/* skip over options that do have a value */
op = strchr(OPTIONS, ap[1]);
@@ -3347,11 +3338,9 @@ obsolete(argv)
if (ap[1] == 'q' && ap[2] == '\0')
*argv = "-q0";
-#if _FFR_QUARANTINE
/* If -Q doesn't have an argument, disable quarantining */
if (ap[1] == 'Q' && ap[2] == '\0')
*argv = "-Q.";
-#endif /* _FFR_QUARANTINE */
/* if -d doesn't have an argument, use 0-99.1 */
if (ap[1] == 'd' && ap[2] == '\0')
@@ -3531,7 +3520,7 @@ dumpstate(when)
sm_syslog(LOG_DEBUG, CurEnv->e_id, "--- open file descriptors: ---");
printopenfds(true);
sm_syslog(LOG_DEBUG, CurEnv->e_id, "--- connection cache: ---");
- mci_dump_all(true);
+ mci_dump_all(smioout, true);
rs = strtorwset("debug_dumpstate", NULL, ST_FIND);
if (rs > 0)
{
@@ -3999,7 +3988,7 @@ testmodeline(line, e)
s = rw->r_lhs;
while (*s != NULL)
{
- xputs(*s++);
+ xputs(smioout, *s++);
(void) sm_io_putc(smioout,
SM_TIME_DEFAULT, ' ');
}
@@ -4010,7 +3999,7 @@ testmodeline(line, e)
s = rw->r_rhs;
while (*s != NULL)
{
- xputs(*s++);
+ xputs(smioout, *s++);
(void) sm_io_putc(smioout,
SM_TIME_DEFAULT, ' ');
}
@@ -4023,7 +4012,7 @@ testmodeline(line, e)
for (i = 0; i < MAXMAILERS; i++)
{
if (Mailer[i] != NULL)
- printmailer(Mailer[i]);
+ printmailer(smioout, Mailer[i]);
}
break;
@@ -4075,7 +4064,7 @@ testmodeline(line, e)
"Undefined\n");
else
{
- xputs(p);
+ xputs(smioout, p);
(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
"\n");
}
@@ -4292,7 +4281,7 @@ testmodeline(line, e)
q = crackaddr(p, e);
(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
"Cracked address = ");
- xputs(q);
+ xputs(smioout, q);
(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
"\nParsing %s %s address\n",
bitset(RF_HEADERADDR, tryflags) ?
@@ -4344,8 +4333,8 @@ testmodeline(line, e)
register char **pvp;
char pvpbuf[PSBUFSIZE];
- pvp = prescan(++p, ',', pvpbuf, sizeof pvpbuf,
- &delimptr, ConfigLevel >= 9 ? TokTypeNoC : NULL);
+ pvp = prescan(++p, ',', pvpbuf, sizeof pvpbuf, &delimptr,
+ ConfigLevel >= 9 ? TokTypeNoC : NULL, false);
if (pvp == NULL)
continue;
p = q;
diff --git a/contrib/sendmail/src/map.c b/contrib/sendmail/src/map.c
index 83623276aca5..ad9fa70e5913 100644
--- a/contrib/sendmail/src/map.c
+++ b/contrib/sendmail/src/map.c
@@ -13,7 +13,7 @@
#include <sendmail.h>
-SM_RCSID("@(#)$Id: map.c,v 8.645.2.10 2003/07/24 18:24:17 ca Exp $")
+SM_RCSID("@(#)$Id: map.c,v 8.664 2004/06/28 17:46:13 ca Exp $")
#if LDAPMAP
# include <sm/ldap.h>
@@ -66,6 +66,12 @@ static bool nis_getcanonname __P((char *, int, int *));
static bool ni_getcanonname __P((char *, int, int *));
#endif /* NETINFO */
static bool text_getcanonname __P((char *, int, int *));
+#if SOCKETMAP
+static STAB *socket_map_findconn __P((const char*));
+
+/* XXX arbitrary limit for sanity */
+# define SOCKETMAP_MAXL 1000000
+#endif /* SOCKETMAP */
/* default error message for trying to open a map in write mode */
#ifdef ENOSYS
@@ -3307,6 +3313,7 @@ ldapmap_open(map, mode)
{
SM_LDAP_STRUCT *lmap;
STAB *s;
+ char *id;
if (tTd(38, 2))
sm_dprintf("ldapmap_open(%s, %d): ", map->map_mname, mode);
@@ -3342,6 +3349,13 @@ ldapmap_open(map, mode)
if (tTd(38, 2))
sm_dprintf("opening new connection\n");
+ if (lmap->ldap_host != NULL)
+ id = lmap->ldap_host;
+ else if (lmap->ldap_uri != NULL)
+ id = lmap->ldap_uri;
+ else
+ id = "localhost";
+
/* No connection yet, connect */
if (!sm_ldap_start(map->map_mname, lmap))
{
@@ -3350,31 +3364,31 @@ ldapmap_open(map, mode)
if (LogLevel > 1)
sm_syslog(LOG_NOTICE, CurEnv->e_id,
"timeout conning to LDAP server %.100s",
- lmap->ldap_target == NULL ? "localhost" : lmap->ldap_target);
+ id);
}
if (!bitset(MF_OPTIONAL, map->map_mflags))
{
if (bitset(MF_NODEFER, map->map_mflags))
+ {
syserr("%s failed to %s in map %s",
# if USE_LDAP_INIT
"ldap_init/ldap_bind",
# else /* USE_LDAP_INIT */
"ldap_open",
# endif /* USE_LDAP_INIT */
- lmap->ldap_target == NULL ? "localhost"
- : lmap->ldap_target,
- map->map_mname);
+ id, map->map_mname);
+ }
else
+ {
syserr("451 4.3.5 %s failed to %s in map %s",
# if USE_LDAP_INIT
"ldap_init/ldap_bind",
# else /* USE_LDAP_INIT */
"ldap_open",
# endif /* USE_LDAP_INIT */
- lmap->ldap_target == NULL ? "localhost"
- : lmap->ldap_target,
- map->map_mname);
+ id, map->map_mname);
+ }
}
return false;
}
@@ -3470,19 +3484,14 @@ ldapmap_lookup(map, name, av, statp)
char **av;
int *statp;
{
-# if _FFR_LDAP_RECURSION
+ int flags;
int plen = 0;
int psize = 0;
-# else /* _FFR_LDAP_RECURSION */
- int entries = 0;
- int i;
- int ret;
- int vsize;
-# endif /* _FFR_LDAP_RECURSION */
int msgid;
int save_errno;
char *vp, *p;
char *result = NULL;
+ SM_RPOOL_T *rpool;
SM_LDAP_STRUCT *lmap = NULL;
char keybuf[MAXNAME + 1];
@@ -3537,391 +3546,37 @@ ldapmap_lookup(map, name, av, statp)
*statp = EX_NOTFOUND;
vp = NULL;
-# if _FFR_LDAP_RECURSION
- {
- int flags;
- SM_RPOOL_T *rpool;
-
- flags = 0;
- if (bitset(MF_SINGLEMATCH, map->map_mflags))
- flags |= SM_LDAP_SINGLEMATCH;
- if (bitset(MF_MATCHONLY, map->map_mflags))
- flags |= SM_LDAP_MATCHONLY;
-
- /* Create an rpool for search related memory usage */
- rpool = sm_rpool_new_x(NULL);
+ flags = 0;
+ if (bitset(MF_SINGLEMATCH, map->map_mflags))
+ flags |= SM_LDAP_SINGLEMATCH;
+ if (bitset(MF_MATCHONLY, map->map_mflags))
+ flags |= SM_LDAP_MATCHONLY;
- p = NULL;
- *statp = sm_ldap_results(lmap, msgid, flags, map->map_coldelim,
- rpool, &p, &plen, &psize, NULL);
- save_errno = errno;
+ /* Create an rpool for search related memory usage */
+ rpool = sm_rpool_new_x(NULL);
- /* Copy result so rpool can be freed */
- if (*statp == EX_OK && p != NULL)
- vp = newstr(p);
- sm_rpool_free(rpool);
+ p = NULL;
+ *statp = sm_ldap_results(lmap, msgid, flags, map->map_coldelim,
+ rpool, &p, &plen, &psize, NULL);
+ save_errno = errno;
- /* need to restart LDAP connection? */
- if (*statp == EX_RESTART)
- {
- *statp = EX_TEMPFAIL;
- ldapmap_close(map);
- }
+ /* Copy result so rpool can be freed */
+ if (*statp == EX_OK && p != NULL)
+ vp = newstr(p);
+ sm_rpool_free(rpool);
- errno = save_errno;
- if (*statp != EX_OK && *statp != EX_NOTFOUND)
- {
- if (!bitset(MF_OPTIONAL, map->map_mflags))
- {
- if (bitset(MF_NODEFER, map->map_mflags))
- syserr("Error getting LDAP results in map %s",
- map->map_mname);
- else
- syserr("451 4.3.5 Error getting LDAP results in map %s",
- map->map_mname);
- }
- errno = save_errno;
- return NULL;
- }
- }
-# else /* _FFR_LDAP_RECURSION */
-
- /* Get results */
- while ((ret = ldap_result(lmap->ldap_ld, msgid, 0,
- (lmap->ldap_timeout.tv_sec == 0 ? NULL :
- &(lmap->ldap_timeout)),
- &(lmap->ldap_res))) == LDAP_RES_SEARCH_ENTRY)
+ /* need to restart LDAP connection? */
+ if (*statp == EX_RESTART)
{
- LDAPMessage *entry;
-
- if (bitset(MF_SINGLEMATCH, map->map_mflags))
- {
- entries += ldap_count_entries(lmap->ldap_ld,
- lmap->ldap_res);
- if (entries > 1)
- {
- *statp = EX_NOTFOUND;
- if (lmap->ldap_res != NULL)
- {
- ldap_msgfree(lmap->ldap_res);
- lmap->ldap_res = NULL;
- }
- (void) ldap_abandon(lmap->ldap_ld, msgid);
- if (vp != NULL)
- sm_free(vp); /* XXX */
- if (tTd(38, 25))
- sm_dprintf("ldap search found multiple on a single match query\n");
- return NULL;
- }
- }
-
- /* If we don't want multiple values and we have one, break */
- if (map->map_coldelim == '\0' && vp != NULL)
- break;
-
- /* Cycle through all entries */
- for (entry = ldap_first_entry(lmap->ldap_ld, lmap->ldap_res);
- entry != NULL;
- entry = ldap_next_entry(lmap->ldap_ld, lmap->ldap_res))
- {
- BerElement *ber;
- char *attr;
- char **vals = NULL;
-
- /*
- ** If matching only and found an entry,
- ** no need to spin through attributes
- */
-
- if (*statp == EX_OK &&
- bitset(MF_MATCHONLY, map->map_mflags))
- continue;
-
-# if !defined(LDAP_VERSION_MAX) && !defined(LDAP_OPT_SIZELIMIT)
- /*
- ** Reset value to prevent lingering
- ** LDAP_DECODING_ERROR due to
- ** OpenLDAP 1.X's hack (see below)
- */
-
- lmap->ldap_ld->ld_errno = LDAP_SUCCESS;
-# endif /* !defined(LDAP_VERSION_MAX) !defined(LDAP_OPT_SIZELIMIT) */
-
- for (attr = ldap_first_attribute(lmap->ldap_ld, entry,
- &ber);
- attr != NULL;
- attr = ldap_next_attribute(lmap->ldap_ld, entry,
- ber))
- {
- char *tmp, *vp_tmp;
-
- if (lmap->ldap_attrsonly == LDAPMAP_FALSE)
- {
- vals = ldap_get_values(lmap->ldap_ld,
- entry,
- attr);
- if (vals == NULL)
- {
- save_errno = sm_ldap_geterrno(lmap->ldap_ld);
- if (save_errno == LDAP_SUCCESS)
- {
- ldap_memfree(attr);
- continue;
- }
-
- /* Must be an error */
- save_errno += E_LDAPBASE;
- if (!bitset(MF_OPTIONAL,
- map->map_mflags))
- {
- errno = save_errno;
- if (bitset(MF_NODEFER,
- map->map_mflags))
- syserr("Error getting LDAP values in map %s",
- map->map_mname);
- else
- syserr("451 4.3.5 Error getting LDAP values in map %s",
- map->map_mname);
- }
- *statp = EX_TEMPFAIL;
- ldap_memfree(attr);
- if (lmap->ldap_res != NULL)
- {
- ldap_msgfree(lmap->ldap_res);
- lmap->ldap_res = NULL;
- }
- (void) ldap_abandon(lmap->ldap_ld,
- msgid);
- if (vp != NULL)
- sm_free(vp); /* XXX */
- errno = save_errno;
- return NULL;
- }
- }
-
- *statp = EX_OK;
-
-# if !defined(LDAP_VERSION_MAX) && !defined(LDAP_OPT_SIZELIMIT)
- /*
- ** Reset value to prevent lingering
- ** LDAP_DECODING_ERROR due to
- ** OpenLDAP 1.X's hack (see below)
- */
-
- lmap->ldap_ld->ld_errno = LDAP_SUCCESS;
-# endif /* !defined(LDAP_VERSION_MAX) !defined(LDAP_OPT_SIZELIMIT) */
-
- /*
- ** If matching only,
- ** no need to spin through entries
- */
-
- if (bitset(MF_MATCHONLY, map->map_mflags))
- {
- if (lmap->ldap_attrsonly == LDAPMAP_FALSE)
- ldap_value_free(vals);
-
- ldap_memfree(attr);
- continue;
- }
-
- /*
- ** If we don't want multiple values,
- ** return first found.
- */
-
- if (map->map_coldelim == '\0')
- {
- if (lmap->ldap_attrsonly == LDAPMAP_TRUE)
- {
- vp = newstr(attr);
- ldap_memfree(attr);
- break;
- }
-
- if (vals[0] == NULL)
- {
- ldap_value_free(vals);
- ldap_memfree(attr);
- continue;
- }
-
- vsize = strlen(vals[0]) + 1;
- if (lmap->ldap_attrsep != '\0')
- vsize += strlen(attr) + 1;
- vp = xalloc(vsize);
- if (lmap->ldap_attrsep != '\0')
- sm_snprintf(vp, vsize,
- "%s%c%s",
- attr,
- lmap->ldap_attrsep,
- vals[0]);
- else
- sm_strlcpy(vp, vals[0], vsize);
- ldap_value_free(vals);
- ldap_memfree(attr);
- break;
- }
-
- /* attributes only */
- if (lmap->ldap_attrsonly == LDAPMAP_TRUE)
- {
- if (vp == NULL)
- vp = newstr(attr);
- else
- {
- vsize = strlen(vp) +
- strlen(attr) + 2;
- tmp = xalloc(vsize);
- (void) sm_snprintf(tmp,
- vsize, "%s%c%s",
- vp, map->map_coldelim,
- attr);
- sm_free(vp); /* XXX */
- vp = tmp;
- }
- ldap_memfree(attr);
- continue;
- }
-
- /*
- ** If there is more than one,
- ** munge then into a map_coldelim
- ** separated string
- */
-
- vsize = 0;
- for (i = 0; vals[i] != NULL; i++)
- {
- vsize += strlen(vals[i]) + 1;
- if (lmap->ldap_attrsep != '\0')
- vsize += strlen(attr) + 1;
- }
- vp_tmp = xalloc(vsize);
- *vp_tmp = '\0';
-
- p = vp_tmp;
- for (i = 0; vals[i] != NULL; i++)
- {
- if (lmap->ldap_attrsep != '\0')
- {
- p += sm_strlcpy(p, attr,
- vsize - (p - vp_tmp));
- if (p >= vp_tmp + vsize)
- syserr("ldapmap_lookup: Internal error: buffer too small for LDAP values");
- *p++ = lmap->ldap_attrsep;
- }
- p += sm_strlcpy(p, vals[i],
- vsize - (p - vp_tmp));
- if (p >= vp_tmp + vsize)
- syserr("ldapmap_lookup: Internal error: buffer too small for LDAP values");
- if (vals[i + 1] != NULL)
- *p++ = map->map_coldelim;
- }
-
- ldap_value_free(vals);
- ldap_memfree(attr);
- if (vp == NULL)
- {
- vp = vp_tmp;
- continue;
- }
- vsize = strlen(vp) + strlen(vp_tmp) + 2;
- tmp = xalloc(vsize);
- (void) sm_snprintf(tmp, vsize, "%s%c%s",
- vp, map->map_coldelim, vp_tmp);
-
- sm_free(vp); /* XXX */
- sm_free(vp_tmp); /* XXX */
- vp = tmp;
- }
- save_errno = sm_ldap_geterrno(lmap->ldap_ld);
-
- /*
- ** We check errno != LDAP_DECODING_ERROR since
- ** OpenLDAP 1.X has a very ugly *undocumented*
- ** hack of returning this error code from
- ** ldap_next_attribute() if the library freed the
- ** ber attribute. See:
- ** http://www.openldap.org/lists/openldap-devel/9901/msg00064.html
- */
-
- if (save_errno != LDAP_SUCCESS &&
- save_errno != LDAP_DECODING_ERROR)
- {
- /* Must be an error */
- save_errno += E_LDAPBASE;
- if (!bitset(MF_OPTIONAL, map->map_mflags))
- {
- errno = save_errno;
- if (bitset(MF_NODEFER, map->map_mflags))
- syserr("Error getting LDAP attributes in map %s",
- map->map_mname);
- else
- syserr("451 4.3.5 Error getting LDAP attributes in map %s",
- map->map_mname);
- }
- *statp = EX_TEMPFAIL;
- if (lmap->ldap_res != NULL)
- {
- ldap_msgfree(lmap->ldap_res);
- lmap->ldap_res = NULL;
- }
- (void) ldap_abandon(lmap->ldap_ld, msgid);
- if (vp != NULL)
- sm_free(vp); /* XXX */
- errno = save_errno;
- return NULL;
- }
-
- /* We don't want multiple values and we have one */
- if (map->map_coldelim == '\0' && vp != NULL)
- break;
- }
- save_errno = sm_ldap_geterrno(lmap->ldap_ld);
- if (save_errno != LDAP_SUCCESS &&
- save_errno != LDAP_DECODING_ERROR)
- {
- /* Must be an error */
- save_errno += E_LDAPBASE;
- if (!bitset(MF_OPTIONAL, map->map_mflags))
- {
- errno = save_errno;
- if (bitset(MF_NODEFER, map->map_mflags))
- syserr("Error getting LDAP entries in map %s",
- map->map_mname);
- else
- syserr("451 4.3.5 Error getting LDAP entries in map %s",
- map->map_mname);
- }
- *statp = EX_TEMPFAIL;
- if (lmap->ldap_res != NULL)
- {
- ldap_msgfree(lmap->ldap_res);
- lmap->ldap_res = NULL;
- }
- (void) ldap_abandon(lmap->ldap_ld, msgid);
- if (vp != NULL)
- sm_free(vp); /* XXX */
- errno = save_errno;
- return NULL;
- }
- ldap_msgfree(lmap->ldap_res);
- lmap->ldap_res = NULL;
+ *statp = EX_TEMPFAIL;
+ ldapmap_close(map);
}
- if (ret == 0)
- save_errno = ETIMEDOUT;
- else
- save_errno = sm_ldap_geterrno(lmap->ldap_ld);
- if (save_errno != LDAP_SUCCESS)
+ errno = save_errno;
+ if (*statp != EX_OK && *statp != EX_NOTFOUND)
{
- if (ret != 0)
- save_errno += E_LDAPBASE;
-
if (!bitset(MF_OPTIONAL, map->map_mflags))
{
- errno = save_errno;
if (bitset(MF_NODEFER, map->map_mflags))
syserr("Error getting LDAP results in map %s",
map->map_mname);
@@ -3929,25 +3584,9 @@ ldapmap_lookup(map, name, av, statp)
syserr("451 4.3.5 Error getting LDAP results in map %s",
map->map_mname);
}
- *statp = EX_TEMPFAIL;
- if (vp != NULL)
- sm_free(vp); /* XXX */
-
- switch (save_errno - E_LDAPBASE)
- {
-# ifdef LDAP_SERVER_DOWN
- case LDAP_SERVER_DOWN:
-# endif /* LDAP_SERVER_DOWN */
- case LDAP_TIMEOUT:
- case LDAP_UNAVAILABLE:
- /* server disappeared, try reopen on next search */
- ldapmap_close(map);
- break;
- }
errno = save_errno;
return NULL;
}
-# endif /* _FFR_LDAP_RECURSION */
/* Did we match anything? */
if (vp == NULL && !bitset(MF_MATCHONLY, map->map_mflags))
@@ -3994,23 +3633,24 @@ ldapmap_findconn(lmap)
{
char *format;
char *nbuf;
+ char *id;
STAB *SM_NONVOLATILE s = NULL;
-# if _FFR_LDAP_SETVERSION
+ if (lmap->ldap_host != NULL)
+ id = lmap->ldap_host;
+ else if (lmap->ldap_uri != NULL)
+ id = lmap->ldap_uri;
+ else
+ id = "localhost";
+
format = "%s%c%d%c%d%c%s%c%s%d";
-# else /* _FFR_LDAP_SETVERSION */
- format = "%s%c%d%c%s%c%s%d";
-# endif /* _FFR_LDAP_SETVERSION */
nbuf = sm_stringf_x(format,
- (lmap->ldap_target == NULL ? "localhost"
- : lmap->ldap_target),
+ id,
CONDELSE,
lmap->ldap_port,
CONDELSE,
-# if _FFR_LDAP_SETVERSION
lmap->ldap_version,
CONDELSE,
-# endif /* _FFR_LDAP_SETVERSION */
(lmap->ldap_binddn == NULL ? ""
: lmap->ldap_binddn),
CONDELSE,
@@ -4061,9 +3701,7 @@ ldapmap_parseargs(map, args)
char *args;
{
bool secretread = true;
-# if _FFR_LDAP_URI
- bool ldaphost = false;
-# endif /* _FFR_LDAP_URI */
+ bool attrssetup = false;
int i;
register char *p = args;
SM_LDAP_STRUCT *lmap;
@@ -4132,8 +3770,22 @@ ldapmap_parseargs(map, args)
/* default args for an alias LDAP entry */
lmap->ldap_filter = ldapfilt;
- lmap->ldap_attr[0] = "sendmailMTAAliasValue";
- lmap->ldap_attr[1] = NULL;
+ lmap->ldap_attr[0] = "objectClass";
+ lmap->ldap_attr_type[0] = SM_LDAP_ATTR_OBJCLASS;
+ lmap->ldap_attr_needobjclass[0] = NULL;
+ lmap->ldap_attr[1] = "sendmailMTAAliasValue";
+ lmap->ldap_attr_type[1] = SM_LDAP_ATTR_NORMAL;
+ lmap->ldap_attr_needobjclass[1] = NULL;
+ lmap->ldap_attr[2] = "sendmailMTAAliasSearch";
+ lmap->ldap_attr_type[2] = SM_LDAP_ATTR_FILTER;
+ lmap->ldap_attr_needobjclass[2] = "sendmailMTAMapObject";
+ lmap->ldap_attr[3] = "sendmailMTAAliasURL";
+ lmap->ldap_attr_type[3] = SM_LDAP_ATTR_URL;
+ lmap->ldap_attr_needobjclass[3] = "sendmailMTAMapObject";
+ lmap->ldap_attr[4] = NULL;
+ lmap->ldap_attr_type[4] = SM_LDAP_ATTR_NONE;
+ lmap->ldap_attr_needobjclass[4] = NULL;
+ attrssetup = true;
}
}
else if (bitset(MF_FILECLASS, map->map_mflags))
@@ -4345,16 +3997,13 @@ ldapmap_parseargs(map, args)
case 'h': /* ldap host */
while (isascii(*++p) && isspace(*p))
continue;
-# if _FFR_LDAP_URI
- if (lmap->ldap_uri)
+ if (lmap->ldap_uri != NULL)
{
syserr("Can not specify both an LDAP host and an LDAP URI in map %s",
map->map_mname);
return false;
}
- ldaphost = true;
-# endif /* _FFR_LDAP_URI */
- lmap->ldap_target = p;
+ lmap->ldap_host = p;
break;
case 'b': /* search base */
@@ -4436,14 +4085,13 @@ ldapmap_parseargs(map, args)
secretread = false;
break;
-# if _FFR_LDAP_URI
case 'H': /* Use LDAP URI */
# if !USE_LDAP_INIT
syserr("Must compile with -DUSE_LDAP_INIT to use LDAP URIs (-H) in map %s",
map->map_mname);
return false;
-# else /* !USE_LDAP_INIT */
- if (ldaphost)
+# else /* !USE_LDAP_INIT */
+ if (lmap->ldap_host != NULL)
{
syserr("Can not specify both an LDAP host and an LDAP URI in map %s",
map->map_mname);
@@ -4451,19 +4099,16 @@ ldapmap_parseargs(map, args)
}
while (isascii(*++p) && isspace(*p))
continue;
- lmap->ldap_target = p;
- lmap->ldap_uri = true;
+ lmap->ldap_uri = p;
break;
# endif /* !USE_LDAP_INIT */
-# endif /* _FFR_LDAP_URI */
-# if _FFR_LDAP_SETVERSION
case 'w':
/* -w should be for passwd, -P should be for version */
while (isascii(*++p) && isspace(*p))
continue;
lmap->ldap_version = atoi(p);
-# ifdef LDAP_VERSION_MAX
+# ifdef LDAP_VERSION_MAX
if (lmap->ldap_version > LDAP_VERSION_MAX)
{
syserr("LDAP version %d exceeds max of %d in map %s",
@@ -4471,8 +4116,8 @@ ldapmap_parseargs(map, args)
map->map_mname);
return false;
}
-# endif /* LDAP_VERSION_MAX */
-# ifdef LDAP_VERSION_MIN
+# endif /* LDAP_VERSION_MAX */
+# ifdef LDAP_VERSION_MIN
if (lmap->ldap_version < LDAP_VERSION_MIN)
{
syserr("LDAP version %d is lower than min of %d in map %s",
@@ -4480,9 +4125,8 @@ ldapmap_parseargs(map, args)
map->map_mname);
return false;
}
-# endif /* LDAP_VERSION_MIN */
+# endif /* LDAP_VERSION_MIN */
break;
-# endif /* _FFR_LDAP_SETVERSION */
default:
syserr("Illegal option %c map %s", *p, map->map_mname);
@@ -4517,12 +4161,19 @@ ldapmap_parseargs(map, args)
** and dump it into map->map_dbptr1
*/
- if (lmap->ldap_target != NULL &&
+ if (lmap->ldap_host != NULL &&
+ (LDAPDefaults == NULL ||
+ LDAPDefaults == lmap ||
+ LDAPDefaults->ldap_host != lmap->ldap_host))
+ lmap->ldap_host = newstr(ldapmap_dequote(lmap->ldap_host));
+ map->map_domain = lmap->ldap_host;
+
+ if (lmap->ldap_uri != NULL &&
(LDAPDefaults == NULL ||
LDAPDefaults == lmap ||
- LDAPDefaults->ldap_target != lmap->ldap_target))
- lmap->ldap_target = newstr(ldapmap_dequote(lmap->ldap_target));
- map->map_domain = lmap->ldap_target;
+ LDAPDefaults->ldap_uri != lmap->ldap_uri))
+ lmap->ldap_uri = newstr(ldapmap_dequote(lmap->ldap_uri));
+ map->map_domain = lmap->ldap_uri;
if (lmap->ldap_binddn != NULL &&
(LDAPDefaults == NULL ||
@@ -4649,24 +4300,20 @@ ldapmap_parseargs(map, args)
}
}
- if (lmap->ldap_attr[0] != NULL)
+ if (!attrssetup && lmap->ldap_attr[0] != NULL)
{
-# if _FFR_LDAP_RECURSION
bool recurse = false;
bool normalseen = false;
-# endif /* _FFR_LDAP_RECURSION */
i = 0;
p = ldapmap_dequote(lmap->ldap_attr[0]);
lmap->ldap_attr[0] = NULL;
-# if _FFR_LDAP_RECURSION
/* Prime the attr list with the objectClass attribute */
lmap->ldap_attr[i] = "objectClass";
lmap->ldap_attr_type[i] = SM_LDAP_ATTR_OBJCLASS;
lmap->ldap_attr_needobjclass[i] = NULL;
i++;
-# endif /* _FFR_LDAP_RECURSION */
while (p != NULL)
{
@@ -4689,7 +4336,6 @@ ldapmap_parseargs(map, args)
}
if (*v != '\0')
{
-# if _FFR_LDAP_RECURSION
int j;
int use;
char *type;
@@ -4781,14 +4427,11 @@ ldapmap_parseargs(map, args)
lmap->ldap_attr_type[use] = SM_LDAP_ATTR_NORMAL;
normalseen = true;
}
-# else /* _FFR_LDAP_RECURSION */
- lmap->ldap_attr[i] = newstr(v);
-# endif /* _FFR_LDAP_RECURSION */
i++;
}
}
lmap->ldap_attr[i] = NULL;
-# if _FFR_LDAP_RECURSION
+ attrssetup = true;
if (recurse && !normalseen)
{
syserr("LDAP recursion requested in %s but no returnable attribute given",
@@ -4801,7 +4444,6 @@ ldapmap_parseargs(map, args)
map->map_mname);
return false;
}
-# endif /* _FFR_LDAP_RECURSION */
}
map->map_db1 = (ARBPTR_T) lmap;
return true;
@@ -4889,9 +4531,9 @@ static char phmap_id[128];
/* sendmail version for phmap id string */
extern const char Version[];
-/* assume we're using nph-1.1.x if not specified */
+/* assume we're using nph-1.2.x if not specified */
# ifndef NPH_VERSION
-# define NPH_VERSION 10100
+# define NPH_VERSION 10200
# endif
/* compatibility for versions older than nph-1.2.0 */
@@ -5000,12 +4642,6 @@ ph_map_parseargs(map, args)
pmap->ph_servers = p;
break;
- case 'v':
- sm_syslog(LOG_WARNING, NULL,
- "ph_map_parseargs: WARNING: -v option will be removed in a future release - please use -k instead");
- /* intentional fallthrough for backward compatibility */
- /* FALLTHROUGH */
-
case 'k': /* fields to search for */
while (isascii(*++p) && isspace(*p))
continue;
@@ -7399,3 +7035,638 @@ arith_map_lookup(map, name, av, statp)
*statp = EX_CONFIG;
return NULL;
}
+
+#if SOCKETMAP
+
+# if NETINET || NETINET6
+# include <arpa/inet.h>
+# endif /* NETINET || NETINET6 */
+
+# define socket_map_next map_stack[0]
+
+/*
+** SOCKET_MAP_OPEN -- open socket table
+*/
+
+bool
+socket_map_open(map, mode)
+ MAP *map;
+ int mode;
+{
+ STAB *s;
+ int sock = 0;
+ SOCKADDR_LEN_T addrlen = 0;
+ int addrno = 0;
+ int save_errno;
+ char *p;
+ char *colon;
+ char *at;
+ struct hostent *hp = NULL;
+ SOCKADDR addr;
+
+ if (tTd(38, 2))
+ sm_dprintf("socket_map_open(%s, %s, %d)\n",
+ map->map_mname, map->map_file, mode);
+
+ mode &= O_ACCMODE;
+
+ /* sendmail doesn't have the ability to write to SOCKET (yet) */
+ if (mode != O_RDONLY)
+ {
+ /* issue a pseudo-error message */
+ errno = SM_EMAPCANTWRITE;
+ return false;
+ }
+
+ if (*map->map_file == '\0')
+ {
+ syserr("socket map \"%s\": empty or missing socket information",
+ map->map_mname);
+ return false;
+ }
+
+ s = socket_map_findconn(map->map_file);
+ if (s->s_socketmap != NULL)
+ {
+ /* Copy open connection */
+ map->map_db1 = s->s_socketmap->map_db1;
+
+ /* Add this map as head of linked list */
+ map->socket_map_next = s->s_socketmap;
+ s->s_socketmap = map;
+
+ if (tTd(38, 2))
+ sm_dprintf("using cached connection\n");
+ return true;
+ }
+
+ if (tTd(38, 2))
+ sm_dprintf("opening new connection\n");
+
+ /* following code is ripped from milter.c */
+ /* XXX It should be put in a library... */
+
+ /* protocol:filename or protocol:port@host */
+ memset(&addr, '\0', sizeof addr);
+ p = map->map_file;
+ colon = strchr(p, ':');
+ if (colon != NULL)
+ {
+ *colon = '\0';
+
+ if (*p == '\0')
+ {
+# if NETUNIX
+ /* default to AF_UNIX */
+ addr.sa.sa_family = AF_UNIX;
+# else /* NETUNIX */
+# if NETINET
+ /* default to AF_INET */
+ addr.sa.sa_family = AF_INET;
+# else /* NETINET */
+# if NETINET6
+ /* default to AF_INET6 */
+ addr.sa.sa_family = AF_INET6;
+# else /* NETINET6 */
+ /* no protocols available */
+ syserr("socket map \"%s\": no valid socket protocols available",
+ map->map_mname);
+ return false;
+# endif /* NETINET6 */
+# endif /* NETINET */
+# endif /* NETUNIX */
+ }
+# if NETUNIX
+ else if (sm_strcasecmp(p, "unix") == 0 ||
+ sm_strcasecmp(p, "local") == 0)
+ addr.sa.sa_family = AF_UNIX;
+# endif /* NETUNIX */
+# if NETINET
+ else if (sm_strcasecmp(p, "inet") == 0)
+ addr.sa.sa_family = AF_INET;
+# endif /* NETINET */
+# if NETINET6
+ else if (sm_strcasecmp(p, "inet6") == 0)
+ addr.sa.sa_family = AF_INET6;
+# endif /* NETINET6 */
+ else
+ {
+# ifdef EPROTONOSUPPORT
+ errno = EPROTONOSUPPORT;
+# else /* EPROTONOSUPPORT */
+ errno = EINVAL;
+# endif /* EPROTONOSUPPORT */
+ syserr("socket map \"%s\": unknown socket type %s",
+ map->map_mname, p);
+ return false;
+ }
+ *colon++ = ':';
+ }
+ else
+ {
+ colon = p;
+#if NETUNIX
+ /* default to AF_UNIX */
+ addr.sa.sa_family = AF_UNIX;
+#else /* NETUNIX */
+# if NETINET
+ /* default to AF_INET */
+ addr.sa.sa_family = AF_INET;
+# else /* NETINET */
+# if NETINET6
+ /* default to AF_INET6 */
+ addr.sa.sa_family = AF_INET6;
+# else /* NETINET6 */
+ syserr("socket map \"%s\": unknown socket type %s",
+ map->map_mname, p);
+ return false;
+# endif /* NETINET6 */
+# endif /* NETINET */
+#endif /* NETUNIX */
+ }
+
+# if NETUNIX
+ if (addr.sa.sa_family == AF_UNIX)
+ {
+ long sff = SFF_SAFEDIRPATH|SFF_OPENASROOT|SFF_NOLINK|SFF_EXECOK;
+
+ at = colon;
+ if (strlen(colon) >= sizeof addr.sunix.sun_path)
+ {
+ syserr("socket map \"%s\": local socket name %s too long",
+ map->map_mname, colon);
+ return false;
+ }
+ errno = safefile(colon, RunAsUid, RunAsGid, RunAsUserName, sff,
+ S_IRUSR|S_IWUSR, NULL);
+
+ if (errno != 0)
+ {
+ /* if not safe, don't create */
+ syserr("socket map \"%s\": local socket name %s unsafe",
+ map->map_mname, colon);
+ return false;
+ }
+
+ (void) sm_strlcpy(addr.sunix.sun_path, colon,
+ sizeof addr.sunix.sun_path);
+ addrlen = sizeof (struct sockaddr_un);
+ }
+ else
+# endif /* NETUNIX */
+# if NETINET || NETINET6
+ if (false
+# if NETINET
+ || addr.sa.sa_family == AF_INET
+# endif /* NETINET */
+# if NETINET6
+ || addr.sa.sa_family == AF_INET6
+# endif /* NETINET6 */
+ )
+ {
+ unsigned short port;
+
+ /* Parse port@host */
+ at = strchr(colon, '@');
+ if (at == NULL)
+ {
+ syserr("socket map \"%s\": bad address %s (expected port@host)",
+ map->map_mname, colon);
+ return false;
+ }
+ *at = '\0';
+ if (isascii(*colon) && isdigit(*colon))
+ port = htons((unsigned short) atoi(colon));
+ else
+ {
+# ifdef NO_GETSERVBYNAME
+ syserr("socket map \"%s\": invalid port number %s",
+ map->map_mname, colon);
+ return false;
+# else /* NO_GETSERVBYNAME */
+ register struct servent *sp;
+
+ sp = getservbyname(colon, "tcp");
+ if (sp == NULL)
+ {
+ syserr("socket map \"%s\": unknown port name %s",
+ map->map_mname, colon);
+ return false;
+ }
+ port = sp->s_port;
+# endif /* NO_GETSERVBYNAME */
+ }
+ *at++ = '@';
+ if (*at == '[')
+ {
+ char *end;
+
+ end = strchr(at, ']');
+ if (end != NULL)
+ {
+ bool found = false;
+# if NETINET
+ unsigned long hid = INADDR_NONE;
+# endif /* NETINET */
+# if NETINET6
+ struct sockaddr_in6 hid6;
+# endif /* NETINET6 */
+
+ *end = '\0';
+# if NETINET
+ if (addr.sa.sa_family == AF_INET &&
+ (hid = inet_addr(&at[1])) != INADDR_NONE)
+ {
+ addr.sin.sin_addr.s_addr = hid;
+ addr.sin.sin_port = port;
+ found = true;
+ }
+# endif /* NETINET */
+# if NETINET6
+ (void) memset(&hid6, '\0', sizeof hid6);
+ if (addr.sa.sa_family == AF_INET6 &&
+ anynet_pton(AF_INET6, &at[1],
+ &hid6.sin6_addr) == 1)
+ {
+ addr.sin6.sin6_addr = hid6.sin6_addr;
+ addr.sin6.sin6_port = port;
+ found = true;
+ }
+# endif /* NETINET6 */
+ *end = ']';
+ if (!found)
+ {
+ syserr("socket map \"%s\": Invalid numeric domain spec \"%s\"",
+ map->map_mname, at);
+ return false;
+ }
+ }
+ else
+ {
+ syserr("socket map \"%s\": Invalid numeric domain spec \"%s\"",
+ map->map_mname, at);
+ return false;
+ }
+ }
+ else
+ {
+ hp = sm_gethostbyname(at, addr.sa.sa_family);
+ if (hp == NULL)
+ {
+ syserr("socket map \"%s\": Unknown host name %s",
+ map->map_mname, at);
+ return false;
+ }
+ addr.sa.sa_family = hp->h_addrtype;
+ switch (hp->h_addrtype)
+ {
+# if NETINET
+ case AF_INET:
+ memmove(&addr.sin.sin_addr,
+ hp->h_addr, INADDRSZ);
+ addr.sin.sin_port = port;
+ addrlen = sizeof (struct sockaddr_in);
+ addrno = 1;
+ break;
+# endif /* NETINET */
+
+# if NETINET6
+ case AF_INET6:
+ memmove(&addr.sin6.sin6_addr,
+ hp->h_addr, IN6ADDRSZ);
+ addr.sin6.sin6_port = port;
+ addrlen = sizeof (struct sockaddr_in6);
+ addrno = 1;
+ break;
+# endif /* NETINET6 */
+
+ default:
+ syserr("socket map \"%s\": Unknown protocol for %s (%d)",
+ map->map_mname, at, hp->h_addrtype);
+# if NETINET6
+ freehostent(hp);
+# endif /* NETINET6 */
+ return false;
+ }
+ }
+ }
+ else
+# endif /* NETINET || NETINET6 */
+ {
+ syserr("socket map \"%s\": unknown socket protocol",
+ map->map_mname);
+ return false;
+ }
+
+ /* nope, actually connecting */
+ for (;;)
+ {
+ sock = socket(addr.sa.sa_family, SOCK_STREAM, 0);
+ if (sock < 0)
+ {
+ save_errno = errno;
+ if (tTd(38, 5))
+ sm_dprintf("socket map \"%s\": error creating socket: %s\n",
+ map->map_mname,
+ sm_errstring(save_errno));
+# if NETINET6
+ if (hp != NULL)
+ freehostent(hp);
+# endif /* NETINET6 */
+ return false;
+ }
+
+ if (connect(sock, (struct sockaddr *) &addr, addrlen) >= 0)
+ break;
+
+ /* couldn't connect.... try next address */
+ save_errno = errno;
+ p = CurHostName;
+ CurHostName = at;
+ if (tTd(38, 5))
+ sm_dprintf("socket_open (%s): open %s failed: %s\n",
+ map->map_mname, at, sm_errstring(save_errno));
+ CurHostName = p;
+ (void) close(sock);
+
+ /* try next address */
+ if (hp != NULL && hp->h_addr_list[addrno] != NULL)
+ {
+ switch (addr.sa.sa_family)
+ {
+# if NETINET
+ case AF_INET:
+ memmove(&addr.sin.sin_addr,
+ hp->h_addr_list[addrno++],
+ INADDRSZ);
+ break;
+# endif /* NETINET */
+
+# if NETINET6
+ case AF_INET6:
+ memmove(&addr.sin6.sin6_addr,
+ hp->h_addr_list[addrno++],
+ IN6ADDRSZ);
+ break;
+# endif /* NETINET6 */
+
+ default:
+ if (tTd(38, 5))
+ sm_dprintf("socket map \"%s\": Unknown protocol for %s (%d)\n",
+ map->map_mname, at,
+ hp->h_addrtype);
+# if NETINET6
+ freehostent(hp);
+# endif /* NETINET6 */
+ return false;
+ }
+ continue;
+ }
+ p = CurHostName;
+ CurHostName = at;
+ if (tTd(38, 5))
+ sm_dprintf("socket map \"%s\": error connecting to socket map: %s\n",
+ map->map_mname, sm_errstring(save_errno));
+ CurHostName = p;
+# if NETINET6
+ if (hp != NULL)
+ freehostent(hp);
+# endif /* NETINET6 */
+ return false;
+ }
+# if NETINET6
+ if (hp != NULL)
+ {
+ freehostent(hp);
+ hp = NULL;
+ }
+# endif /* NETINET6 */
+ if ((map->map_db1 = (ARBPTR_T) sm_io_open(SmFtStdiofd,
+ SM_TIME_DEFAULT,
+ (void *) &sock,
+ SM_IO_RDWR,
+ NULL)) == NULL)
+ {
+ close(sock);
+ if (tTd(38, 2))
+ sm_dprintf("socket_open (%s): failed to create stream: %s\n",
+ map->map_mname, sm_errstring(errno));
+ return false;
+ }
+
+ /* Save connection for reuse */
+ s->s_socketmap = map;
+ return true;
+}
+
+/*
+** SOCKET_MAP_FINDCONN -- find a SOCKET connection to the server
+**
+** Cache SOCKET connections based on the connection specifier
+** and PID so we don't have multiple connections open to
+** the same server for different maps. Need a separate connection
+** per PID since a parent process may close the map before the
+** child is done with it.
+**
+** Parameters:
+** conn -- SOCKET map connection specifier
+**
+** Returns:
+** Symbol table entry for the SOCKET connection.
+*/
+
+static STAB *
+socket_map_findconn(conn)
+ const char *conn;
+{
+ char *nbuf;
+ STAB *SM_NONVOLATILE s = NULL;
+
+ nbuf = sm_stringf_x("%s%c%d", conn, CONDELSE, (int) CurrentPid);
+ SM_TRY
+ s = stab(nbuf, ST_SOCKETMAP, ST_ENTER);
+ SM_FINALLY
+ sm_free(nbuf);
+ SM_END_TRY
+ return s;
+}
+
+/*
+** SOCKET_MAP_CLOSE -- close the socket
+*/
+
+void
+socket_map_close(map)
+ MAP *map;
+{
+ STAB *s;
+ MAP *smap;
+
+ if (tTd(38, 20))
+ sm_dprintf("socket_map_close(%s), pid=%ld\n", map->map_file,
+ (long) CurrentPid);
+
+ /* Check if already closed */
+ if (map->map_db1 == NULL)
+ {
+ if (tTd(38, 20))
+ sm_dprintf("socket_map_close(%s) already closed\n",
+ map->map_file);
+ return;
+ }
+ sm_io_close((SM_FILE_T *)map->map_db1, SM_TIME_DEFAULT);
+
+ /* Mark all the maps that share the connection as closed */
+ s = socket_map_findconn(map->map_file);
+ smap = s->s_socketmap;
+ while (smap != NULL)
+ {
+ MAP *next;
+
+ if (tTd(38, 2) && smap != map)
+ sm_dprintf("socket_map_close(%s): closed %s (shared SOCKET connection)\n",
+ map->map_mname, smap->map_mname);
+
+ smap->map_mflags &= ~(MF_OPEN|MF_WRITABLE);
+ smap->map_db1 = NULL;
+ next = smap->socket_map_next;
+ smap->socket_map_next = NULL;
+ smap = next;
+ }
+ s->s_socketmap = NULL;
+}
+
+/*
+** SOCKET_MAP_LOOKUP -- look up a datum in a SOCKET table
+*/
+
+char *
+socket_map_lookup(map, name, av, statp)
+ MAP *map;
+ char *name;
+ char **av;
+ int *statp;
+{
+ unsigned int nettolen, replylen, recvlen;
+ char *replybuf, *rval, *value, *status;
+ SM_FILE_T *f;
+
+ replybuf = NULL;
+ rval = NULL;
+ f = (SM_FILE_T *)map->map_db1;
+ if (tTd(38, 20))
+ sm_dprintf("socket_map_lookup(%s, %s) %s\n",
+ map->map_mname, name, map->map_file);
+
+ nettolen = strlen(map->map_mname) + 1 + strlen(name);
+ SM_ASSERT(nettolen > strlen(map->map_mname));
+ SM_ASSERT(nettolen > strlen(name));
+ if ((sm_io_fprintf(f, SM_TIME_DEFAULT, "%u:%s %s,",
+ nettolen, map->map_mname, name) == SM_IO_EOF) ||
+ (sm_io_flush(f, SM_TIME_DEFAULT) != 0) ||
+ (sm_io_error(f)))
+ {
+ syserr("451 4.3.0 socket_map_lookup(%s): failed to send lookup request",
+ map->map_mname);
+ *statp = EX_TEMPFAIL;
+ goto errcl;
+ }
+
+ if (sm_io_fscanf(f, SM_TIME_DEFAULT, "%9u", &replylen) != 1)
+ {
+ syserr("451 4.3.0 socket_map_lookup(%s): failed to read length parameter of reply",
+ map->map_mname);
+ *statp = EX_TEMPFAIL;
+ goto errcl;
+ }
+ if (replylen > SOCKETMAP_MAXL)
+ {
+ syserr("451 4.3.0 socket_map_lookup(%s): reply too long: %u",
+ map->map_mname, replylen);
+ *statp = EX_TEMPFAIL;
+ goto errcl;
+ }
+ if (sm_io_getc(f, SM_TIME_DEFAULT) != ':')
+ {
+ syserr("451 4.3.0 socket_map_lookup(%s): missing ':' in reply",
+ map->map_mname);
+ *statp = EX_TEMPFAIL;
+ goto error;
+ }
+
+ replybuf = (char *) sm_malloc(replylen + 1);
+ if (replybuf == NULL)
+ {
+ syserr("451 4.3.0 socket_map_lookup(%s): can't allocate %u bytes",
+ map->map_mname, replylen + 1);
+ *statp = EX_OSERR;
+ goto error;
+ }
+
+ recvlen = sm_io_read(f, SM_TIME_DEFAULT, replybuf, replylen);
+ if (recvlen < replylen)
+ {
+ syserr("451 4.3.0 socket_map_lookup(%s): received only %u of %u reply characters",
+ map->map_mname, recvlen, replylen);
+ *statp = EX_TEMPFAIL;
+ goto errcl;
+ }
+ if (sm_io_getc(f, SM_TIME_DEFAULT) != ',')
+ {
+ syserr("451 4.3.0 socket_map_lookup(%s): missing ',' in reply",
+ map->map_mname);
+ *statp = EX_TEMPFAIL;
+ goto errcl;
+ }
+ status = replybuf;
+ replybuf[recvlen] = '\0';
+ value = strchr(replybuf, ' ');
+ if (value != NULL)
+ {
+ *value = '\0';
+ value++;
+ }
+ if (strcmp(status, "OK") == 0)
+ {
+ *statp = EX_OK;
+
+ /* collect the return value */
+ if (bitset(MF_MATCHONLY, map->map_mflags))
+ rval = map_rewrite(map, name, strlen(name), NULL);
+ else
+ rval = map_rewrite(map, value, strlen(value), av);
+ }
+ else if (strcmp(status, "NOTFOUND") == 0)
+ {
+ *statp = EX_NOTFOUND;
+ if (tTd(38, 20))
+ sm_dprintf("socket_map_lookup(%s): %s not found\n",
+ map->map_mname, name);
+ }
+ else
+ {
+ if (tTd(38, 5))
+ sm_dprintf("socket_map_lookup(%s, %s): server returned error: type=%s, reason=%s\n",
+ map->map_mname, name, status,
+ value ? value : "");
+ if ((strcmp(status, "TEMP") == 0) ||
+ (strcmp(status, "TIMEOUT") == 0))
+ *statp = EX_TEMPFAIL;
+ else if(strcmp(status, "PERM") == 0)
+ *statp = EX_UNAVAILABLE;
+ else
+ *statp = EX_PROTOCOL;
+ }
+
+ if (replybuf != NULL)
+ sm_free(replybuf);
+ return rval;
+
+ errcl:
+ socket_map_close(map);
+ error:
+ if (replybuf != NULL)
+ sm_free(replybuf);
+ return rval;
+}
+#endif /* SOCKETMAP */
diff --git a/contrib/sendmail/src/mci.c b/contrib/sendmail/src/mci.c
index b8c0de208e80..dd8d7c340420 100644
--- a/contrib/sendmail/src/mci.c
+++ b/contrib/sendmail/src/mci.c
@@ -13,7 +13,7 @@
#include <sendmail.h>
-SM_RCSID("@(#)$Id: mci.c,v 8.205.2.4 2003/03/31 17:35:27 ca Exp $")
+SM_RCSID("@(#)$Id: mci.c,v 8.211 2003/03/31 17:35:50 ca Exp $")
#if NETINET || NETINET6
# include <arpa/inet.h>
@@ -487,6 +487,7 @@ mci_setstat(mci, xstat, dstat, rstat)
** MCI_DUMP -- dump the contents of an MCI structure.
**
** Parameters:
+** fp -- output file pointer
** mci -- the MCI structure to dump.
**
** Returns:
@@ -529,7 +530,8 @@ static struct mcifbits MciFlags[] =
};
void
-mci_dump(mci, logit)
+mci_dump(fp, mci, logit)
+ SM_FILE_T *fp;
register MCI *mci;
bool logit;
{
@@ -597,12 +599,13 @@ printit:
if (logit)
sm_syslog(LOG_DEBUG, CurEnv->e_id, "%.1000s", buf);
else
- (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, "%s\n", buf);
+ (void) sm_io_fprintf(fp, SM_TIME_DEFAULT, "%s\n", buf);
}
/*
** MCI_DUMP_ALL -- print the entire MCI cache
**
** Parameters:
+** fp -- output file pointer
** logit -- if set, log the result instead of printing
** to stdout.
**
@@ -611,7 +614,8 @@ printit:
*/
void
-mci_dump_all(logit)
+mci_dump_all(fp, logit)
+ SM_FILE_T *fp;
bool logit;
{
register int i;
@@ -620,7 +624,7 @@ mci_dump_all(logit)
return;
for (i = 0; i < MaxMciCache; i++)
- mci_dump(MciCache[i], logit);
+ mci_dump(fp, MciCache[i], logit);
}
/*
** MCI_LOCK_HOST -- Lock host while sending.
@@ -925,7 +929,7 @@ mci_read_persistent(fp, mci)
case '.': /* end of file */
if (tTd(56, 93))
- mci_dump(mci, false);
+ mci_dump(sm_debug_file(), mci, false);
return 0;
default:
diff --git a/contrib/sendmail/src/milter.c b/contrib/sendmail/src/milter.c
index c25101c24562..b89fac093df7 100644
--- a/contrib/sendmail/src/milter.c
+++ b/contrib/sendmail/src/milter.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1999-2003 Sendmail, Inc. and its suppliers.
+ * Copyright (c) 1999-2004 Sendmail, Inc. and its suppliers.
* All rights reserved.
*
* By using this file, you agree to the terms and conditions set
@@ -10,7 +10,7 @@
#include <sendmail.h>
-SM_RCSID("@(#)$Id: milter.c,v 8.197.2.10 2003/12/01 23:57:44 msk Exp $")
+SM_RCSID("@(#)$Id: milter.c,v 8.225 2004/07/08 21:52:20 ca Exp $")
#if MILTER
# include <libmilter/mfapi.h>
@@ -18,9 +18,13 @@ SM_RCSID("@(#)$Id: milter.c,v 8.197.2.10 2003/12/01 23:57:44 msk Exp $")
# include <errno.h>
# include <sys/time.h>
+# include <sys/uio.h>
# if NETINET || NETINET6
# include <arpa/inet.h>
+# if _FFR_MILTER_NAGLE
+# include <netinet/tcp.h>
+# endif /* _FFR_MILTER_NAGLE */
# endif /* NETINET || NETINET6 */
# include <sm/fdset.h>
@@ -34,9 +38,9 @@ static char *MilterConnectMacros[MAXFILTERMACROS + 1];
static char *MilterHeloMacros[MAXFILTERMACROS + 1];
static char *MilterEnvFromMacros[MAXFILTERMACROS + 1];
static char *MilterEnvRcptMacros[MAXFILTERMACROS + 1];
-#if _FFR_MILTER_MACROS_EOM
+static char *MilterDataMacros[MAXFILTERMACROS + 1];
static char *MilterEOMMacros[MAXFILTERMACROS + 1];
-#endif /* _FFR_MILTER_MACROS_EOM */
+static size_t MilterMaxDataSize = MILTER_MAX_DATA_SIZE;
# define MILTER_CHECK_DONE_MSG() \
if (*state == SMFIR_REPLYCODE || \
@@ -48,8 +52,7 @@ static char *MilterEOMMacros[MAXFILTERMACROS + 1];
milter_abort(e); \
}
-# if _FFR_QUARANTINE
-# define MILTER_CHECK_ERROR(initial, action) \
+# define MILTER_CHECK_ERROR(initial, action) \
if (!initial && tTd(71, 100)) \
{ \
if (e->e_quarmsg == NULL) \
@@ -76,15 +79,6 @@ static char *MilterEOMMacros[MAXFILTERMACROS + 1];
*state = SMFIR_REJECT; \
else \
action;
-# else /* _FFR_QUARANTINE */
-# define MILTER_CHECK_ERROR(initial, action) \
- if (bitnset(SMF_TEMPFAIL, m->mf_flags)) \
- *state = SMFIR_TEMPFAIL; \
- else if (bitnset(SMF_REJECT, m->mf_flags)) \
- *state = SMFIR_REJECT; \
- else \
- action;
-# endif /* _FFR_QUARANTINE */
# define MILTER_CHECK_REPLYCODE(default) \
if (response == NULL || \
@@ -346,6 +340,11 @@ milter_read(m, cmd, rlen, to, e)
time_t readstart = 0;
ssize_t expl;
mi_int32 i;
+# if _FFR_MILTER_NAGLE
+# ifdef TCP_CORK
+ int cork = 0;
+# endif
+# endif /* _FFR_MILTER_NAGLE */
char *buf;
char data[MILTER_LEN_BYTES + 1];
@@ -355,9 +354,24 @@ milter_read(m, cmd, rlen, to, e)
if (to > 0)
readstart = curtime();
+# if _FFR_MILTER_NAGLE
+# ifdef TCP_CORK
+ setsockopt(m->mf_sock, IPPROTO_TCP, TCP_CORK, (char *)&cork,
+ sizeof(cork));
+# endif
+# endif /* _FFR_MILTER_NAGLE */
+
if (milter_sysread(m, data, sizeof data, to, e) == NULL)
return NULL;
+# if _FFR_MILTER_NAGLE
+# ifdef TCP_CORK
+ cork = 1;
+ setsockopt(m->mf_sock, IPPROTO_TCP, TCP_CORK, (char *)&cork,
+ sizeof(cork));
+# endif
+# endif /* _FFR_MILTER_NAGLE */
+
/* reset timeout */
if (to > 0)
{
@@ -418,6 +432,7 @@ milter_read(m, cmd, rlen, to, e)
*rlen = expl;
return buf;
}
+
/*
** MILTER_WRITE -- write to a remote milter filter
**
@@ -446,11 +461,19 @@ milter_write(m, cmd, buf, len, to, e)
{
time_t writestart = (time_t) 0;
ssize_t sl, i;
+ int num_vectors;
mi_int32 nl;
char data[MILTER_LEN_BYTES + 1];
bool started = false;
+ struct iovec vector[2];
+
+ /*
+ ** At most two buffers will be written, though
+ ** only one may actually be used (see num_vectors).
+ ** The first is the size/command and the second is the command data.
+ */
- if (len < 0 || len > MILTER_CHUNK_SIZE)
+ if (len < 0 || len > MilterMaxDataSize)
{
if (tTd(64, 5))
sm_dprintf("milter_write(%s): length %ld out of range\n",
@@ -472,65 +495,48 @@ milter_write(m, cmd, buf, len, to, e)
data[MILTER_LEN_BYTES] = cmd;
sl = MILTER_LEN_BYTES + 1;
- if (to > 0)
- {
- writestart = curtime();
- MILTER_TIMEOUT("write", to, true, started);
- }
+ /* set up the vector for the size / command */
+ vector[0].iov_base = (void *) data;
+ vector[0].iov_len = sl;
- /* use writev() instead to send the whole stuff at once? */
- i = write(m->mf_sock, (void *) data, sl);
- if (i != sl)
- {
- int save_errno = errno;
+ /*
+ ** Determine if there is command data. If so, there will be two
+ ** vectors. If not, there will be only one. The vectors are set
+ ** up here and 'num_vectors' and 'sl' are set appropriately.
+ */
- if (tTd(64, 5))
- sm_dprintf("milter_write (%s): write(%c) returned %ld, expected %ld: %s\n",
- m->mf_name, cmd, (long) i, (long) sl,
- sm_errstring(save_errno));
- if (MilterLogLevel > 0)
- sm_syslog(LOG_ERR, e->e_id,
- "Milter (%s): write(%c) returned %ld, expected %ld: %s",
- m->mf_name, cmd, (long) i, (long) sl,
- sm_errstring(save_errno));
- milter_error(m, e);
- return buf;
+ /* NOTE: len<0 has already been checked for. Pedantic */
+ if (len <= 0 || buf == NULL)
+ {
+ /* There is no command data -- only a size / command data */
+ num_vectors = 1;
}
+ else
+ {
+ /*
+ ** There is both size / command and command data.
+ ** Set up the vector for the command data.
+ */
- if (len <= 0 || buf == NULL)
- return buf;
+ num_vectors = 2;
+ sl += len;
+ vector[1].iov_base = (void *) buf;
+ vector[1].iov_len = len;
- if (tTd(64, 50))
- sm_dprintf("milter_write(%s): Sending %*s\n",
- m->mf_name, (int) len, buf);
- started = true;
+ if (tTd(64, 50))
+ sm_dprintf("milter_write(%s): Sending %*s\n",
+ m->mf_name, (int) len, buf);
+ }
if (to > 0)
{
- time_t now;
-
- now = curtime();
- if (now - writestart >= to)
- {
- if (tTd(64, 5))
- sm_dprintf("milter_write(%s): timeout before data write\n",
- m->mf_name);
- if (MilterLogLevel > 0)
- sm_syslog(LOG_ERR, e->e_id,
- "Milter (%s): timeout before data write",
- m->mf_name);
- milter_error(m, e);
- return NULL;
- }
- else
- {
- to -= now - writestart;
- MILTER_TIMEOUT("write", to, true, started);
- }
+ writestart = curtime();
+ MILTER_TIMEOUT("write", to, true, started);
}
- i = write(m->mf_sock, (void *) buf, len);
- if (i != len)
+ /* write the vector(s) */
+ i = writev(m->mf_sock, vector, num_vectors);
+ if (i != sl)
{
int save_errno = errno;
@@ -541,7 +547,7 @@ milter_write(m, cmd, buf, len, to, e)
if (MilterLogLevel > 0)
sm_syslog(LOG_ERR, e->e_id,
"Milter (%s): write(%c) returned %ld, expected %ld: %s",
- m->mf_name, cmd, (long) i, (long) len,
+ m->mf_name, cmd, (long) i, (long) sl,
sm_errstring(save_errno));
milter_error(m, e);
return NULL;
@@ -1107,6 +1113,16 @@ milter_open(m, parseonly, e)
hp = NULL;
}
# endif /* NETINET6 */
+# if _FFR_MILTER_NAGLE
+# ifndef TCP_CORK
+ {
+ int nodelay = 1;
+
+ setsockopt(m->mf_sock, IPPROTO_TCP, TCP_NODELAY,
+ (char *)&nodelay, sizeof(nodelay));
+ }
+# endif /* TCP_CORK */
+# endif /* _FFR_MILTER_NAGLE */
return sock;
}
@@ -1270,11 +1286,7 @@ milter_config(spec, list, max)
list[0] = NULL;
return;
}
-#if _FFR_MILTER_PERDAEMON
p = strpbrk(p, ";,");
-#else /* _FFR_MILTER_PERDAEMON */
- p = strpbrk(p, ",");
-#endif /* _FFR_MILTER_PERDAEMON */
if (p != NULL)
*p++ = '\0';
@@ -1312,6 +1324,7 @@ milter_parse_timeouts(spec, m)
struct milter *m;
{
char fcode;
+ int tcode;
register char *p;
p = spec;
@@ -1339,40 +1352,25 @@ milter_parse_timeouts(spec, m)
/* p now points to the field body */
p = munchstring(p, &delimptr, ';');
+ tcode = -1;
/* install the field into the filter struct */
switch (fcode)
{
case 'C':
- m->mf_timeout[SMFTO_CONNECT] = convtime(p, 's');
- if (tTd(64, 5))
- sm_dprintf("X%s: %c=%lu\n",
- m->mf_name, fcode,
- (unsigned long) m->mf_timeout[SMFTO_CONNECT]);
+ tcode = SMFTO_CONNECT;
break;
case 'S':
- m->mf_timeout[SMFTO_WRITE] = convtime(p, 's');
- if (tTd(64, 5))
- sm_dprintf("X%s: %c=%lu\n",
- m->mf_name, fcode,
- (unsigned long) m->mf_timeout[SMFTO_WRITE]);
+ tcode = SMFTO_WRITE;
break;
case 'R':
- m->mf_timeout[SMFTO_READ] = convtime(p, 's');
- if (tTd(64, 5))
- sm_dprintf("X%s: %c=%lu\n",
- m->mf_name, fcode,
- (unsigned long) m->mf_timeout[SMFTO_READ]);
+ tcode = SMFTO_READ;
break;
case 'E':
- m->mf_timeout[SMFTO_EOM] = convtime(p, 's');
- if (tTd(64, 5))
- sm_dprintf("X%s: %c=%lu\n",
- m->mf_name, fcode,
- (unsigned long) m->mf_timeout[SMFTO_EOM]);
+ tcode = SMFTO_EOM;
break;
default:
@@ -1383,6 +1381,14 @@ milter_parse_timeouts(spec, m)
m->mf_name, fcode);
break;
}
+ if (tcode >= 0)
+ {
+ m->mf_timeout[tcode] = convtime(p, 's');
+ if (tTd(64, 5))
+ sm_dprintf("X%s: %c=%ld\n",
+ m->mf_name, fcode,
+ (u_long) m->mf_timeout[tcode]);
+ }
p = delimptr;
}
}
@@ -1416,12 +1422,16 @@ static struct milteropt
{ "macros.envfrom", MO_MACROS_ENVFROM },
# define MO_MACROS_ENVRCPT 0x04
{ "macros.envrcpt", MO_MACROS_ENVRCPT },
-# define MO_LOGLEVEL 0x05
- { "loglevel", MO_LOGLEVEL },
-#if _FFR_MILTER_MACROS_EOM
+# define MO_MACROS_DATA 0x05
+ { "macros.data", MO_MACROS_DATA },
# define MO_MACROS_EOM 0x06
{ "macros.eom", MO_MACROS_EOM },
-#endif /* _FFR_MILTER_MACROS_EOM */
+# define MO_LOGLEVEL 0x07
+ { "loglevel", MO_LOGLEVEL },
+# if _FFR_MAXDATASIZE
+# define MO_MAXDATASIZE 0x08
+ { "maxdatasize", MO_MAXDATASIZE },
+# endif /* _FFR_MAXDATASIZE */
{ NULL, 0 },
};
@@ -1477,6 +1487,12 @@ milter_set_option(name, val, sticky)
MilterLogLevel = atoi(val);
break;
+#if _FFR_MAXDATASIZE
+ case MO_MAXDATASIZE:
+ MilterMaxDataSize = (size_t)atol(val);
+ break;
+#endif /* _FFR_MAXDATASIZE */
+
case MO_MACROS_CONNECT:
if (macros == NULL)
macros = MilterConnectMacros;
@@ -1495,13 +1511,16 @@ milter_set_option(name, val, sticky)
case MO_MACROS_ENVRCPT:
if (macros == NULL)
macros = MilterEnvRcptMacros;
-#if _FFR_MILTER_MACROS_EOM
/* FALLTHROUGH */
case MO_MACROS_EOM:
if (macros == NULL)
macros = MilterEOMMacros;
-#endif /* _FFR_MILTER_MACROS_EOM */
+ /* FALLTHROUGH */
+
+ case MO_MACROS_DATA:
+ if (macros == NULL)
+ macros = MilterDataMacros;
p = newstr(val);
while (*p != '\0')
@@ -1567,9 +1586,8 @@ milter_reopen_df(e)
** read only again).
**
** In SuperSafe != SAFE_REALLY mode, e->e_dfp still points at the
- ** buffered file I/O descriptor, still open for writing
- ** so there isn't as much work to do, just truncate it
- ** and go.
+ ** buffered file I/O descriptor, still open for writing so there
+ ** isn't any work to do here (except checking for consistency).
*/
if (SuperSafe == SAFE_REALLY)
@@ -1861,6 +1879,9 @@ milter_send_command(m, command, data, sz, e, state)
char rcmd;
ssize_t rlen;
unsigned long skipflag;
+#if _FFR_MILTER_NOHDR_RESP
+ unsigned long norespflag = 0;
+#endif /* _FFR_MILTER_NOHDR_RESP */
char *action;
char *defresponse;
char *response;
@@ -1898,6 +1919,9 @@ milter_send_command(m, command, data, sz, e, state)
case SMFIC_HEADER:
skipflag = SMFIP_NOHDRS;
+#if _FFR_MILTER_NOHDR_RESP
+ norespflag = SMFIP_NOHREPL;
+#endif /* _FFR_MILTER_NOHDR_RESP */
action = "header";
defresponse = "550 5.7.1 Command rejected";
break;
@@ -1914,6 +1938,13 @@ milter_send_command(m, command, data, sz, e, state)
defresponse = "550 5.7.1 Command rejected";
break;
+#if SMFI_VERSION > 2
+ case SMFIC_UNKNOWN:
+ action = "unknown";
+ defresponse = "550 5.7.1 Command rejected";
+ break;
+#endif /* SMFI_VERSION > 2 */
+
case SMFIC_BODYEOB:
case SMFIC_OPTNEG:
case SMFIC_MACRO:
@@ -1943,6 +1974,12 @@ milter_send_command(m, command, data, sz, e, state)
return NULL;
}
+#if _FFR_MILTER_NOHDR_RESP
+ /* check if filter sends response to this command */
+ if (norespflag != 0 && bitset(norespflag, m->mf_pflags))
+ return NULL;
+#endif /* _FFR_MILTER_NOHDR_RESP */
+
/* get the response from the filter */
response = milter_read(m, &rcmd, &rlen,
m->mf_timeout[SMFTO_READ], e);
@@ -2364,7 +2401,7 @@ milter_headers(m, e, state)
/* don't send over deleted headers */
if (h->h_value == NULL)
{
- /* strip H_USER so not counted in milter_chgheader() */
+ /* strip H_USER so not counted in milter_changeheader() */
h->h_flags &= ~H_USER;
continue;
}
@@ -2621,6 +2658,84 @@ milter_addheader(response, rlen, e)
}
}
/*
+** MILTER_INSHEADER -- Insert the supplied header
+**
+** Parameters:
+** response -- encoded form of header/value.
+** rlen -- length of response.
+** e -- current envelope.
+**
+** Returns:
+** none
+**
+** Notes:
+** Unlike milter_addheader(), this does not attempt to determine
+** if the header already exists in the envelope, even a
+** deleted version. It just blindly inserts.
+*/
+
+static void
+milter_insheader(response, rlen, e)
+ char *response;
+ ssize_t rlen;
+ ENVELOPE *e;
+{
+ mi_int32 idx, i;
+ char *field;
+ char *val;
+
+ if (tTd(64, 10))
+ sm_dprintf("milter_insheader: ");
+
+ /* sanity checks */
+ if (response == NULL)
+ {
+ if (tTd(64, 10))
+ sm_dprintf("NULL response\n");
+ return;
+ }
+
+ if (rlen < 2 || strlen(response) + 1 >= (size_t) rlen)
+ {
+ if (tTd(64, 10))
+ sm_dprintf("didn't follow protocol (total len)\n");
+ return;
+ }
+
+ /* decode */
+ (void) memcpy((char *) &i, response, MILTER_LEN_BYTES);
+ idx = ntohl(i);
+ field = response + MILTER_LEN_BYTES;
+ val = field + strlen(field) + 1;
+
+ /* another sanity check */
+ if (MILTER_LEN_BYTES + strlen(field) + 1 +
+ strlen(val) + 1 != (size_t) rlen)
+ {
+ if (tTd(64, 10))
+ sm_dprintf("didn't follow protocol (part len)\n");
+ return;
+ }
+
+ if (*field == '\0')
+ {
+ if (tTd(64, 10))
+ sm_dprintf("empty field name\n");
+ return;
+ }
+
+ /* add to e_msgsize */
+ e->e_msgsize += strlen(response) + 2 + strlen(val);
+
+ if (tTd(64, 10))
+ sm_dprintf("Insert (%d) %s: %s\n", idx, response, val);
+ if (MilterLogLevel > 8)
+ sm_syslog(LOG_INFO, e->e_id,
+ "Milter insert (%d): header: %s: %s",
+ idx, field, val);
+ insheader(idx, newstr(field), val, H_USER, e);
+}
+/*
** MILTER_CHANGEHEADER -- Change the supplied header in the message
**
** Parameters:
@@ -27