diff --git a/.gitignore b/.gitignore index ebe7439..a8d6123 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ /sendmail.8.14.?.tar.gz /sendmail.8.15.1.tar.gz /sendmail.8.15.2.tar.gz +/sendmail.8.16.1.tar.gz diff --git a/sendmail-8.15.2-fix-covscan-issues.patch b/sendmail-8.15.2-fix-covscan-issues.patch deleted file mode 100644 index 9cb1f34..0000000 --- a/sendmail-8.15.2-fix-covscan-issues.patch +++ /dev/null @@ -1,149 +0,0 @@ -diff --git a/include/sm/varargs.h b/include/sm/varargs.h -index 612858d..2609630 100644 ---- a/include/sm/varargs.h -+++ b/include/sm/varargs.h -@@ -32,6 +32,11 @@ - # define SM_VA_COPY(dst, src) __va_copy((dst), (src)) - # else - # define SM_VA_COPY(dst, src) memcpy(&(dst), &(src), sizeof((dst))) -+# define SM_VA_END_COPY(ap) do { } while (0) -+# endif -+ -+# ifndef SM_VA_END_COPY -+# define SM_VA_END_COPY(ap) va_end(ap) - # endif - - /* -diff --git a/libsm/vfprintf.c b/libsm/vfprintf.c -index 87c353c..c99d4e5 100644 ---- a/libsm/vfprintf.c -+++ b/libsm/vfprintf.c -@@ -782,6 +782,7 @@ number: if ((dprec = prec) >= 0) - done: - FLUSH(); - error: -+ SM_VA_END_COPY(orgap); - if ((argtable != NULL) && (argtable != statargtable)) - sm_free(argtable); - return sm_error(fp) ? SM_IO_EOF : ret; -diff --git a/sendmail/milter.c b/sendmail/milter.c -index 9b3667d..190bf9f 100644 ---- a/sendmail/milter.c -+++ b/sendmail/milter.c -@@ -2441,8 +2441,7 @@ milter_negotiate(m, e, milters) - sm_syslog(LOG_ERR, e->e_id, - "Milter (%s): negotiate: returned %c instead of %c", - m->mf_name, rcmd, SMFIC_OPTNEG); -- if (response != NULL) -- sm_free(response); /* XXX */ -+ SM_FREE(response); - milter_error(m, e); - return -1; - } -@@ -2457,8 +2456,7 @@ milter_negotiate(m, e, milters) - sm_syslog(LOG_ERR, e->e_id, - "Milter (%s): negotiate: did not return valid info", - m->mf_name); -- if (response != NULL) -- sm_free(response); /* XXX */ -+ SM_FREE(response); - milter_error(m, e); - return -1; - } -@@ -2476,8 +2474,7 @@ milter_negotiate(m, e, milters) - sm_syslog(LOG_ERR, e->e_id, - "Milter (%s): negotiate: did not return enough info", - m->mf_name); -- if (response != NULL) -- sm_free(response); /* XXX */ -+ SM_FREE(response); - milter_error(m, e); - return -1; - } -@@ -2593,11 +2590,11 @@ milter_negotiate(m, e, milters) - if (tTd(64, 5)) - sm_dprintf("milter_negotiate(%s): received: version %u, fflags 0x%x, pflags 0x%x\n", - m->mf_name, m->mf_fvers, m->mf_fflags, m->mf_pflags); -+ SM_FREE(response); - return 0; - - error: -- if (response != NULL) -- sm_free(response); /* XXX */ -+ SM_FREE(response); - return -1; - } - -@@ -3233,6 +3230,7 @@ milter_changeheader(m, response, rlen, e) - addheader(newstr(field), mh_value, H_USER, e, - !bitset(SMFIP_HDR_LEADSPC, m->mf_pflags)); - } -+ SM_FREE(mh_value); - return; - } - -@@ -3441,6 +3439,8 @@ milter_chgfrom(response, rlen, e) - { - if (tTd(64, 10)) - sm_dprintf("didn't follow protocol argc=%d\n", argc); -+ if (argv != NULL) -+ free(argv); - return; - } - -@@ -3459,6 +3459,7 @@ milter_chgfrom(response, rlen, e) - mail_esmtp_args); - } - Errors = olderrors; -+ free(argv); - return; - } - -@@ -3506,6 +3507,8 @@ milter_addrcpt_par(response, rlen, e) - { - if (tTd(64, 10)) - sm_dprintf("didn't follow protocol argc=%d\n", argc); -+ if (argv != NULL) -+ free(argv); - return; - } - olderrors = Errors; -@@ -3530,6 +3533,7 @@ milter_addrcpt_par(response, rlen, e) - } - - Errors = olderrors; -+ free(argv); - return; - } - -diff --git a/sendmail/queue.c b/sendmail/queue.c -index a323301..d61f626 100644 ---- a/sendmail/queue.c -+++ b/sendmail/queue.c -@@ -8433,6 +8433,7 @@ split_by_recipient(e) - if (split_within_queue(ee) == SM_SPLIT_FAIL) - { - e->e_sibling = firstsibling; -+ SM_FREE(lsplits); - return false; - } - ee->e_flags |= EF_SPLIT; -@@ -8447,8 +8448,7 @@ split_by_recipient(e) - if (p == NULL) - { - /* let's try to get this done */ -- sm_free(lsplits); -- lsplits = NULL; -+ SM_FREE(lsplits); - } - else - lsplits = p; -@@ -8470,7 +8470,7 @@ split_by_recipient(e) - { - sm_syslog(LOG_NOTICE, e->e_id, "split: count=%d, id%s=%s", - n - 1, n > 2 ? "s" : "", lsplits); -- sm_free(lsplits); -+ SM_FREE(lsplits); - } - split = split_within_queue(e) != SM_SPLIT_FAIL; - if (split) diff --git a/sendmail-8.15.2-format-security.patch b/sendmail-8.15.2-format-security.patch deleted file mode 100644 index 5acd75a..0000000 --- a/sendmail-8.15.2-format-security.patch +++ /dev/null @@ -1,127 +0,0 @@ -diff --git a/sendmail/envelope.c b/sendmail/envelope.c -index bae6b00..beb91a1 100644 ---- a/sendmail/envelope.c -+++ b/sendmail/envelope.c -@@ -323,7 +323,7 @@ dropenvelope(e, fulldrop, split) - - /* don't free, allocated from e_rpool */ - e->e_message = sm_rpool_strdup_x(e->e_rpool, buf); -- message(buf); -+ message("%s", buf); - e->e_flags |= EF_CLRQUEUE; - } - if (msg_timeout == MSG_NOT_BY) -@@ -420,7 +420,7 @@ dropenvelope(e, fulldrop, split) - /* don't free, allocated from e_rpool */ - e->e_message = sm_rpool_strdup_x(e->e_rpool, - buf); -- message(buf); -+ message("%s", buf); - e->e_flags |= EF_WARNING; - } - if (msg_timeout == MSG_WARN_BY) -diff --git a/sendmail/parseaddr.c b/sendmail/parseaddr.c -index 2adb39c..ba99414 100644 ---- a/sendmail/parseaddr.c -+++ b/sendmail/parseaddr.c -@@ -218,7 +218,7 @@ parseaddr(addr, a, flags, delim, delimptr, e, isrcpt) - msg = "Deferring message until queue run"; - if (tTd(20, 1)) - sm_dprintf("parseaddr: queueing message\n"); -- message(msg); -+ message("%s", msg); - if (e->e_message == NULL && e->e_sendmode != SM_DEFER) - e->e_message = sm_rpool_strdup_x(e->e_rpool, msg); - a->q_state = QS_QUEUEUP; -diff --git a/sendmail/srvrsmtp.c b/sendmail/srvrsmtp.c -index ba636a8..46c5356 100644 ---- a/sendmail/srvrsmtp.c -+++ b/sendmail/srvrsmtp.c -@@ -122,6 +122,26 @@ extern ENVELOPE BlankEnvelope; - #define SKIP_SPACE(s) while (isascii(*s) && isspace(*s)) \ - (s)++ - -+static inline void -+message1(fmt) -+ char *fmt; -+{ -+ if (strchr(fmt, '%') == NULL) -+ message(fmt, NULL); -+ else -+ message("%s", fmt); -+} -+ -+static inline void -+usrerr1(fmt) -+ char *fmt; -+{ -+ if (strchr(fmt, '%') == NULL) -+ usrerr(fmt, NULL); -+ else -+ usrerr("%s", fmt); -+} -+ - /* - ** PARSE_ESMTP_ARGS -- parse EMSTP arguments (for MAIL, RCPT) - ** -@@ -578,13 +598,13 @@ static bool smtp_data __P((SMTP_T *, ENVELOPE *)); - bool tsave = QuickAbort; \ - \ - QuickAbort = false; \ -- usrerr(response); \ -+ usrerr1(response); \ - QuickAbort = tsave; \ - e->e_sendqueue = NULL; \ - goto doquit; \ - } \ - else \ -- usrerr(response); \ -+ usrerr1(response); \ - break; \ - \ - case SMFIR_REJECT: \ -@@ -931,7 +951,7 @@ smtp(nullserver, d_flags, e) - } - else if (strncmp(nullserver, "421 ", 4) == 0) - { -- message(nullserver); -+ message1(nullserver); - goto doquit; - } - -@@ -1849,7 +1869,7 @@ smtp(nullserver, d_flags, e) - if (nullserver != NULL) - { - if (ISSMTPREPLY(nullserver)) -- usrerr(nullserver); -+ usrerr1(nullserver); - else - usrerr("550 5.0.0 %s", - nullserver); -@@ -2449,7 +2469,7 @@ smtp(nullserver, d_flags, e) - tempfail = true; - smtp.sm_milterize = false; - if (response != NULL) -- usrerr(response); -+ usrerr1(response); - else - message("421 4.7.0 %s closing connection", - MyHostName); -@@ -3656,7 +3676,7 @@ smtp_data(smtp, e) - (void) extenhsc(response + 4, ' ', e->e_enhsc); - #endif /* _FFR_MILTER_ENHSC */ - -- usrerr(response); -+ usrerr1(response); - if (strncmp(response, "421 ", 4) == 0 - || strncmp(response, "421-", 4) == 0) - { -@@ -3776,7 +3796,7 @@ smtp_data(smtp, e) - if (ISSMTPCODE(response)) - (void) extenhsc(response + 4, ' ', e->e_enhsc); - #endif /* _FFR_MILTER_ENHSC */ -- usrerr(response); -+ usrerr1(response); - if (strncmp(response, "421 ", 4) == 0 - || strncmp(response, "421-", 4) == 0) - rv = false; diff --git a/sendmail-8.15.2-gcc-10-fix.patch b/sendmail-8.15.2-gcc-10-fix.patch deleted file mode 100644 index a50b742..0000000 --- a/sendmail-8.15.2-gcc-10-fix.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff --git a/sendmail/sendmail.h b/sendmail/sendmail.h -index 441399c..95b90b8 100644 ---- a/sendmail/sendmail.h -+++ b/sendmail/sendmail.h -@@ -2551,7 +2551,7 @@ extern const SM_EXC_TYPE_T EtypeQuickAbort; /* type of a QuickAbort exception */ - # define SOL_IP IPPROTO_IP - # endif - # if defined(SOL_IP) && defined(IP_TOS) --EXTERN int InetQoS; /* QoS mapping */ -+extern int InetQoS; /* QoS mapping */ - # endif - #endif - diff --git a/sendmail-8.15.2-gethostbyname2.patch b/sendmail-8.15.2-gethostbyname2.patch deleted file mode 100644 index 03ff909..0000000 --- a/sendmail-8.15.2-gethostbyname2.patch +++ /dev/null @@ -1,39 +0,0 @@ -diff --git a/libmilter/sm_gethost.c b/libmilter/sm_gethost.c -index a025c8f..cd0ef31 100644 ---- a/libmilter/sm_gethost.c -+++ b/libmilter/sm_gethost.c -@@ -49,8 +49,16 @@ sm_getipnodebyname(name, family, flags, err) - int flags; - int *err; - { -- bool resv6 = true; - struct hostent *h; -+# if HAS_GETHOSTBYNAME2 -+ -+ h = gethostbyname2(name, family); -+ if (h == NULL) -+ *err = h_errno; -+ return h; -+ -+# else /* HAS_GETHOSTBYNAME2 */ -+ bool resv6 = true; - - if (family == AF_INET6) - { -@@ -60,7 +68,7 @@ sm_getipnodebyname(name, family, flags, err) - } - SM_SET_H_ERRNO(0); - h = gethostbyname(name); -- if (family == AF_INET6 && !resv6) -+ if (!resv6) - _res.options &= ~RES_USE_INET6; - - /* the function is supposed to return only the requested family */ -@@ -75,6 +83,7 @@ sm_getipnodebyname(name, family, flags, err) - else - *err = h_errno; - return h; -+# endif /* HAS_GETHOSTBYNAME2 */ - } - - void diff --git a/sendmail-8.15.2-openssl-1.1.0-ecdhe-fix.patch b/sendmail-8.15.2-openssl-1.1.0-ecdhe-fix.patch deleted file mode 100644 index b470358..0000000 --- a/sendmail-8.15.2-openssl-1.1.0-ecdhe-fix.patch +++ /dev/null @@ -1,20 +0,0 @@ -diff --git a/sendmail/tls.c b/sendmail/tls.c -index 16cb93f..9338380 100644 ---- a/sendmail/tls.c -+++ b/sendmail/tls.c -@@ -1329,13 +1329,8 @@ inittls(ctx, req, options, srv, certfile, keyfile, cacertpath, cacertfile, dhpar - } - - #if _FFR_TLS_EC -- ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); -- if (ecdh != NULL) -- { -- SSL_CTX_set_options(*ctx, SSL_OP_SINGLE_ECDH_USE); -- SSL_CTX_set_tmp_ecdh(*ctx, ecdh); -- EC_KEY_free(ecdh); -- } -+ SSL_CTX_set_options(*ctx, SSL_OP_SINGLE_ECDH_USE); -+ SSL_CTX_set_ecdh_auto(*ctx, 1); - #endif /* _FFR_TLS_EC */ - - } diff --git a/sendmail-8.15.2-openssl-1.1.0-fix.patch b/sendmail-8.15.2-openssl-1.1.0-fix.patch deleted file mode 100644 index 54a6754..0000000 --- a/sendmail-8.15.2-openssl-1.1.0-fix.patch +++ /dev/null @@ -1,182 +0,0 @@ ---- sendmail-8.15.2.orig/sendmail/tls.c 2016-12-01 15:20:59.953546417 +0100 -+++ sendmail-8.15.2.orig/sendmail/tls.c 2016-12-01 17:26:43.868521378 +0100 -@@ -63,14 +63,28 @@ static unsigned char dh512_g[] = - static DH * - get_dh512() - { -- DH *dh = NULL; -+ DH *dh; -+ BIGNUM *p, *g; - - if ((dh = DH_new()) == NULL) - return NULL; -- dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL); -- dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL); -- if ((dh->p == NULL) || (dh->g == NULL)) -+ p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL); -+ g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL); -+ if (p == NULL || g == NULL) -+ { -+ BN_free(p); -+ BN_free(g); -+ DH_free(dh); - return NULL; -+ } -+ -+#if OPENSSL_VERSION_NUMBER >= 0x10100005L -+ DH_set0_pqg(dh, p, NULL, g); -+#else -+ dh->p = p; -+ dh->g = g; -+#endif -+ - return dh; - } - -@@ -117,16 +131,27 @@ get_dh2048() - }; - static unsigned char dh2048_g[]={ 0x02, }; - DH *dh; -+ BIGNUM *p, *g; - - if ((dh=DH_new()) == NULL) - return(NULL); -- dh->p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL); -- dh->g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL); -- if ((dh->p == NULL) || (dh->g == NULL)) -+ p = BN_bin2bn(dh2048_p, sizeof(dh2048_p), NULL); -+ g = BN_bin2bn(dh2048_g, sizeof(dh2048_g), NULL); -+ if (p == NULL || g == NULL) - { -+ BN_free(p); -+ BN_free(g); - DH_free(dh); -- return(NULL); -+ return NULL; - } -+ -+#if OPENSSL_VERSION_NUMBER >= 0x10100005L -+ DH_set0_pqg(dh, p, NULL, g); -+#else -+ dh->p = p; -+ dh->g = g; -+#endif -+ - return(dh); - } - # endif /* !NO_DH */ -@@ -715,6 +740,54 @@ static char server_session_id_context[] - # define SM_SSL_OP_TLS_BLOCK_PADDING_BUG 0 - #endif - -+static RSA * -+generate_rsa_key(bits, e) -+ int bits; -+ unsigned long e; -+{ -+#if OPENSSL_VERSION_NUMBER < 0x00908000L -+ return RSA_generate_key(bits, e, NULL, NULL); -+#else -+ BIGNUM *bne; -+ RSA *rsa = NULL; -+ -+ bne = BN_new(); -+ if (bne && BN_set_word(bne, e) != 1) -+ rsa = RSA_new(); -+ if (rsa && RSA_generate_key_ex(rsa, bits, bne, NULL) != 1) -+ { -+ RSA_free(rsa); -+ rsa = NULL; -+ } -+ BN_free(bne); -+ return rsa; -+#endif -+} -+ -+static DSA * -+generate_dsa_parameters(bits, seed, seed_len, counter_ret, h_ret) -+ int bits; -+ unsigned char *seed; -+ int seed_len; -+ int *counter_ret; -+ unsigned long *h_ret; -+{ -+#if OPENSSL_VERSION_NUMBER < 0x00908000L -+ return DSA_generate_parameters(bits, seed, seed_len, counter_ret, -+ h_ret, NULL, NULL); -+#else -+ DSA *dsa = DSA_new(); -+ -+ if (dsa && DSA_generate_parameters_ex(dsa, bits, seed, seed_len, -+ counter_ret, h_ret, NULL) != 1) -+ { -+ DSA_free(dsa); -+ dsa = NULL; -+ } -+ return dsa; -+#endif -+} -+ - bool - inittls(ctx, req, options, srv, certfile, keyfile, cacertpath, cacertfile, dhparam) - SSL_CTX **ctx; -@@ -926,7 +999,7 @@ inittls(ctx, req, options, srv, certfile - { - /* get a pointer to the current certificate validation store */ - store = SSL_CTX_get_cert_store(*ctx); /* does not fail */ -- crl_file = BIO_new(BIO_s_file_internal()); -+ crl_file = BIO_new(BIO_s_file()); - if (crl_file != NULL) - { - if (BIO_read_filename(crl_file, CRLFile) >= 0) -@@ -1003,8 +1076,7 @@ inittls(ctx, req, options, srv, certfile - if (bitset(TLS_I_RSA_TMP, req) - # if SM_CONF_SHM - && ShmId != SM_SHM_NO_ID && -- (rsa_tmp = RSA_generate_key(RSA_KEYLENGTH, RSA_F4, NULL, -- NULL)) == NULL -+ (rsa_tmp = generate_rsa_key(RSA_KEYLENGTH, RSA_F4)) == NULL - # else /* SM_CONF_SHM */ - && 0 /* no shared memory: no need to generate key now */ - # endif /* SM_CONF_SHM */ -@@ -1210,8 +1282,8 @@ inittls(ctx, req, options, srv, certfile - sm_dprintf("inittls: Generating %d bit DH parameters\n", bits); - - /* this takes a while! */ -- dsa = DSA_generate_parameters(bits, NULL, 0, NULL, -- NULL, 0, NULL); -+ dsa = generate_dsa_parameters(bits, NULL, 0, NULL, -+ NULL); - dh = DSA_dup_DH(dsa); - DSA_free(dsa); - } -@@ -1747,7 +1819,7 @@ tmp_rsa_key(s, export, keylength) - - if (rsa_tmp != NULL) - RSA_free(rsa_tmp); -- rsa_tmp = RSA_generate_key(RSA_KEYLENGTH, RSA_F4, NULL, NULL); -+ rsa_tmp = generate_rsa_key(RSA_KEYLENGTH, RSA_F4); - if (rsa_tmp == NULL) - { - if (LogLevel > 0) -@@ -1974,11 +2046,20 @@ x509_verify_cb(ok, ctx) - { - if (LogLevel > 13) - tls_verify_log(ok, ctx, "x509"); -+#if OPENSSL_VERSION_NUMBER >= 0x10100005L -+ if (X509_STORE_CTX_get_error(ctx) == -+ X509_V_ERR_UNABLE_TO_GET_CRL) -+ { -+ X509_STORE_CTX_set_error(ctx, 0); -+ return 1; /* override it */ -+ } -+#else - if (ctx->error == X509_V_ERR_UNABLE_TO_GET_CRL) - { - ctx->error = 0; - return 1; /* override it */ - } -+#endif - } - return ok; - } diff --git a/sendmail-8.15.2-smtp-session-reuse-fix.patch b/sendmail-8.15.2-smtp-session-reuse-fix.patch deleted file mode 100644 index bc14841..0000000 --- a/sendmail-8.15.2-smtp-session-reuse-fix.patch +++ /dev/null @@ -1,249 +0,0 @@ -diff -ru a/sendmail/deliver.c b/sendmail/deliver.c ---- a/sendmail/deliver.c 2016-02-29 06:01:55.000000000 -0800 -+++ b/sendmail/deliver.c 2016-02-29 06:02:06.000000000 -0800 -@@ -6274,8 +6274,7 @@ - tlslogerr(LOG_WARNING, "client"); - } - -- SSL_free(clt_ssl); -- clt_ssl = NULL; -+ SM_SSL_FREE(clt_ssl); - return EX_SOFTWARE; - } - mci->mci_ssl = clt_ssl; -@@ -6287,8 +6286,7 @@ - return EX_OK; - - /* failure */ -- SSL_free(clt_ssl); -- clt_ssl = NULL; -+ SM_SSL_FREE(clt_ssl); - return EX_SOFTWARE; - } - /* -@@ -6309,7 +6307,7 @@ - - if (!bitset(MCIF_TLSACT, mci->mci_flags)) - return EX_OK; -- r = endtls(mci->mci_ssl, "client"); -+ r = endtls(&mci->mci_ssl, "client"); - mci->mci_flags &= ~MCIF_TLSACT; - return r; - } -diff -ru a/sendmail/macro.c b/sendmail/macro.c ---- a/sendmail/macro.c 2016-02-29 06:01:55.000000000 -0800 -+++ b/sendmail/macro.c 2016-02-29 06:02:06.000000000 -0800 -@@ -362,6 +362,33 @@ - } - - /* -+** MACTABCLEAR -- clear entire macro table -+** -+** Parameters: -+** mac -- Macro table. -+** -+** Returns: -+** none. -+** -+** Side Effects: -+** clears entire mac structure including rpool pointer! -+*/ -+ -+void -+mactabclear(mac) -+ MACROS_T *mac; -+{ -+ int i; -+ -+ if (mac->mac_rpool == NULL) -+ { -+ for (i = 0; i < MAXMACROID; i++) -+ SM_FREE_CLR(mac->mac_table[i]); -+ } -+ memset((char *) mac, '\0', sizeof(*mac)); -+} -+ -+/* - ** MACDEFINE -- bind a macro name to a value - ** - ** Set a macro to a value, with fancy storage management. -diff -ru a/sendmail/mci.c b/sendmail/mci.c ---- a/sendmail/mci.c 2016-02-29 06:01:55.000000000 -0800 -+++ b/sendmail/mci.c 2016-02-29 06:02:06.000000000 -0800 -@@ -25,6 +25,7 @@ - int, bool)); - static bool mci_load_persistent __P((MCI *)); - static void mci_uncache __P((MCI **, bool)); -+static void mci_clear __P((MCI *)); - static int mci_lock_host_statfile __P((MCI *)); - static int mci_read_persistent __P((SM_FILE_T *, MCI *)); - -@@ -253,6 +254,7 @@ - SM_FREE_CLR(mci->mci_status); - SM_FREE_CLR(mci->mci_rstatus); - SM_FREE_CLR(mci->mci_heloname); -+ mci_clear(mci); - if (mci->mci_rpool != NULL) - { - sm_rpool_free(mci->mci_rpool); -@@ -315,6 +317,41 @@ - } - - /* -+** MCI_CLEAR -- clear mci -+** -+** Parameters: -+** mci -- the connection to clear. -+** -+** Returns: -+** none. -+*/ -+ -+static void -+mci_clear(mci) -+ MCI *mci; -+{ -+ if (mci == NULL) -+ return; -+ -+ mci->mci_maxsize = 0; -+ mci->mci_min_by = 0; -+ mci->mci_deliveries = 0; -+#if SASL -+ if (bitset(MCIF_AUTHACT, mci->mci_flags)) -+ sasl_dispose(&mci->mci_conn); -+#endif -+#if STARTTLS -+ if (bitset(MCIF_TLSACT, mci->mci_flags) && mci->mci_ssl != NULL) -+ SM_SSL_FREE(mci->mci_ssl); -+#endif -+ -+ /* which flags to preserve? */ -+ mci->mci_flags &= MCIF_CACHED; -+ mactabclear(&mci->mci_macro); -+} -+ -+ -+/* - ** MCI_GET -- get information about a particular host - ** - ** Parameters: -@@ -419,6 +456,7 @@ - mci->mci_errno = 0; - mci->mci_exitstat = EX_OK; - } -+ mci_clear(mci); - } - - return mci; -diff -ru a/sendmail/sendmail.h b/sendmail/sendmail.h ---- a/sendmail/sendmail.h 2016-02-29 06:01:55.000000000 -0800 -+++ b/sendmail/sendmail.h 2016-02-29 06:02:06.000000000 -0800 -@@ -1186,6 +1186,7 @@ - #define macid(name) macid_parse(name, NULL) - extern char *macname __P((int)); - extern char *macvalue __P((int, ENVELOPE *)); -+extern void mactabclear __P((MACROS_T *)); - extern int rscheck __P((char *, char *, char *, ENVELOPE *, int, int, char *, char *, ADDRESS *, char **)); - extern int rscap __P((char *, char *, char *, ENVELOPE *, char ***, char *, int)); - extern void setclass __P((int, char *)); -@@ -2002,7 +2003,15 @@ - extern void setclttls __P((bool)); - extern bool initsrvtls __P((bool)); - extern int tls_get_info __P((SSL *, bool, char *, MACROS_T *, bool)); --extern int endtls __P((SSL *, char *)); -+#define SM_SSL_FREE(ssl) \ -+ do { \ -+ if (ssl != NULL) \ -+ { \ -+ SSL_free(ssl); \ -+ ssl = NULL; \ -+ } \ -+ } while (0) -+extern int endtls __P((SSL **, char *)); - extern void tlslogerr __P((int, const char *)); - - -diff -ru a/sendmail/srvrsmtp.c b/sendmail/srvrsmtp.c ---- a/sendmail/srvrsmtp.c 2016-02-29 06:01:55.000000000 -0800 -+++ b/sendmail/srvrsmtp.c 2016-02-29 06:02:06.000000000 -0800 -@@ -2122,8 +2122,7 @@ - if (get_tls_se_options(e, srv_ssl, true) != 0) - { - message("454 4.3.3 TLS not available: error setting options"); -- SSL_free(srv_ssl); -- srv_ssl = NULL; -+ SM_SSL_FREE(srv_ssl); - goto tls_done; - } - -@@ -2145,8 +2144,7 @@ - SSL_set_wfd(srv_ssl, wfd) <= 0) - { - message("454 4.3.3 TLS not available: error set fd"); -- SSL_free(srv_ssl); -- srv_ssl = NULL; -+ SM_SSL_FREE(srv_ssl); - goto tls_done; - } - if (!smtps) -@@ -2188,8 +2186,7 @@ - tlslogerr(LOG_WARNING, "server"); - } - tls_ok_srv = false; -- SSL_free(srv_ssl); -- srv_ssl = NULL; -+ SM_SSL_FREE(srv_ssl); - - /* - ** according to the next draft of -@@ -3416,7 +3413,7 @@ - /* shutdown TLS connection */ - if (tls_active) - { -- (void) endtls(srv_ssl, "server"); -+ (void) endtls(&srv_ssl, "server"); - tls_active = false; - } - #endif /* STARTTLS */ -diff -ru a/sendmail/tls.c b/sendmail/tls.c ---- a/sendmail/tls.c 2016-02-29 06:01:55.000000000 -0800 -+++ b/sendmail/tls.c 2016-02-29 06:02:06.000000000 -0800 -@@ -1624,7 +1624,7 @@ - ** ENDTLS -- shutdown secure connection - ** - ** Parameters: --** ssl -- SSL connection information. -+** pssl -- pointer to TLS session context - ** side -- server/client (for logging). - ** - ** Returns: -@@ -1632,12 +1632,16 @@ - */ - - int --endtls(ssl, side) -- SSL *ssl; -+endtls(pssl, side) -+ SSL **pssl; - char *side; - { - int ret = EX_OK; -+ SSL *ssl; - -+ SM_REQUIRE(pssl != NULL); -+ ret = EX_OK; -+ ssl = *pssl; - if (ssl != NULL) - { - int r; -@@ -1703,8 +1707,7 @@ - ret = EX_SOFTWARE; - } - # endif /* !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER > 0x0090602fL */ -- SSL_free(ssl); -- ssl = NULL; -+ SM_SSL_FREE(*pssl); - } - return ret; - } diff --git a/sendmail-8.15.1-aliases_dir.patch b/sendmail-8.16.1-aliases_dir.patch similarity index 80% rename from sendmail-8.15.1-aliases_dir.patch rename to sendmail-8.16.1-aliases_dir.patch index 808e298..a3c12c8 100644 --- a/sendmail-8.15.1-aliases_dir.patch +++ b/sendmail-8.16.1-aliases_dir.patch @@ -1,8 +1,8 @@ diff --git a/cf/m4/cfhead.m4 b/cf/m4/cfhead.m4 -index 714a3ec..3fd6c1c 100644 +index 6d12e85..15af608 100644 --- a/cf/m4/cfhead.m4 +++ b/cf/m4/cfhead.m4 -@@ -260,7 +260,7 @@ ifdef(`MAIL_SETTINGS_DIR', , `define(`MAIL_SETTINGS_DIR', `/etc/mail/')') +@@ -269,7 +269,7 @@ ifdef(`MAIL_SETTINGS_DIR', , `define(`MAIL_SETTINGS_DIR', `/etc/mail/')') define(`DATABASE_MAP_TYPE', `hash') # set up default values for options @@ -12,10 +12,10 @@ index 714a3ec..3fd6c1c 100644 define(`confFROM_LINE', `From $g $d') define(`confOPERATORS', `.:%@!^/[]+') diff --git a/sendmail/aliases.0 b/sendmail/aliases.0 -index cfdbe17..5ea4c28 100644 +index ba855d4..edb3b19 100644 --- a/sendmail/aliases.0 +++ b/sendmail/aliases.0 -@@ -63,7 +63,7 @@ DDEESSCCRRIIPPTTIIOONN +@@ -63,7 +63,7 @@ ALIASES(5) ALIASES(5) the list of users defined in that file. This is only the raw data file; the actual aliasing information is @@ -47,26 +47,26 @@ index f09b49c..7b16db2 100644 newaliases(1). A diff --git a/sendmail/newaliases.0 b/sendmail/newaliases.0 -index c77f401..e2a1670 100644 +index 49ff2b0..247a276 100644 --- a/sendmail/newaliases.0 +++ b/sendmail/newaliases.0 -@@ -10,7 +10,7 @@ SSYYNNOOPPSSIISS +@@ -10,7 +10,7 @@ NEWALIASES(1) NEWALIASES(1) - DDEESSCCRRIIPPTTIIOONN - NNeewwaalliiaasseess rebuilds the random access data base for the mail aliases + DESCRIPTION + Newaliases rebuilds the random access data base for the mail aliases - file /etc/mail/aliases. It must be run each time this file is changed + file /etc/aliases. It must be run each time this file is changed in order for the change to take effect. - NNeewwaalliiaasseess is identical to ``sendmail -bi''. -@@ -22,7 +22,7 @@ DDEESSCCRRIIPPTTIIOONN - sseennddmmaaiill.. + Newaliases is identical to ``sendmail -bi''. +@@ -22,7 +22,7 @@ NEWALIASES(1) NEWALIASES(1) + sendmail. - FFIILLEESS + FILES - /etc/mail/aliases The mail aliases file + /etc/aliases The mail aliases file - SSEEEE AALLSSOO + SEE ALSO aliases(5), sendmail(8) diff --git a/sendmail/newaliases.1 b/sendmail/newaliases.1 index 59dc0de..9ba8752 100644 @@ -91,10 +91,10 @@ index 59dc0de..9ba8752 100644 .SH SEE ALSO aliases(5), sendmail(8) diff --git a/sendmail/sendmail.0 b/sendmail/sendmail.0 -index 515d5f7..8236411 100644 +index 60ab1cd..5f3bf93 100644 --- a/sendmail/sendmail.0 +++ b/sendmail/sendmail.0 -@@ -434,10 +434,10 @@ FFIILLEESS +@@ -434,10 +434,10 @@ SENDMAIL(8) SENDMAIL(8) are only approximations. diff --git a/sendmail-8.15.1-dynamic.patch b/sendmail-8.16.1-dynamic.patch similarity index 95% rename from sendmail-8.15.1-dynamic.patch rename to sendmail-8.16.1-dynamic.patch index bf6ceed..2252ce0 100644 --- a/sendmail-8.15.1-dynamic.patch +++ b/sendmail-8.16.1-dynamic.patch @@ -39,8 +39,8 @@ define(`confREQUIRE_SM_OS_H', `true') PREPENDDEF(`confENVDEF', `confMAPDEF') bldPRODUCT_START(`library', `libsm') --define(`bldSOURCES', ` assert.c debug.c errstring.c exc.c heap.c match.c rpool.c strdup.c strerror.c strl.c clrerr.c fclose.c feof.c ferror.c fflush.c fget.c fpos.c findfp.c flags.c fopen.c fprintf.c fpurge.c fput.c fread.c fscanf.c fseek.c fvwrite.c fwalk.c fwrite.c get.c makebuf.c put.c refill.c rewind.c setvbuf.c smstdio.c snprintf.c sscanf.c stdio.c strio.c ungetc.c vasprintf.c vfprintf.c vfscanf.c vprintf.c vsnprintf.c wbuf.c wsetup.c string.c stringf.c xtrap.c strto.c test.c strcasecmp.c strrevcmp.c signal.c clock.c config.c shm.c sem.c mbdb.c strexit.c cf.c ldap.c niprop.c mpeix.c memstat.c util.c inet6_ntop.c ') -+define(`bldSOURCES', ` assert.c debug.c errstring.c exc.c heap.c match.c rpool.c strdup.c strl.c clrerr.c fclose.c feof.c ferror.c fflush.c fget.c fpos.c findfp.c flags.c fopen.c fprintf.c fpurge.c fput.c fread.c fscanf.c fseek.c fvwrite.c fwalk.c fwrite.c get.c makebuf.c put.c refill.c rewind.c setvbuf.c smstdio.c snprintf.c sscanf.c stdio.c strio.c ungetc.c vasprintf.c vfprintf.c vfscanf.c vprintf.c vsnprintf.c wbuf.c wsetup.c string.c stringf.c xtrap.c strto.c test.c strcasecmp.c strrevcmp.c signal.c clock.c config.c shm.c sem.c mbdb.c strexit.c cf.c ldap.c niprop.c mpeix.c memstat.c util.c inet6_ntop.c ') +-define(`bldSOURCES', ` assert.c debug.c errstring.c exc.c heap.c match.c rpool.c strdup.c strerror.c strl.c clrerr.c fclose.c feof.c ferror.c fflush.c fget.c fpos.c findfp.c flags.c fopen.c fprintf.c fpurge.c fput.c fread.c fscanf.c fseek.c fvwrite.c fwalk.c fwrite.c get.c makebuf.c put.c refill.c rewind.c setvbuf.c smstdio.c snprintf.c sscanf.c stdio.c strio.c ungetc.c vasprintf.c vfprintf.c vfscanf.c vprintf.c vsnprintf.c wbuf.c wsetup.c string.c stringf.c xtrap.c strto.c test.c strcasecmp.c strrevcmp.c signal.c clock.c config.c shm.c sem.c mbdb.c strexit.c cf.c ldap.c niprop.c mpeix.c memstat.c util.c inet6_ntop.c notify.c ') ++define(`bldSOURCES', ` assert.c debug.c errstring.c exc.c heap.c match.c rpool.c strdup.c strl.c clrerr.c fclose.c feof.c ferror.c fflush.c fget.c fpos.c findfp.c flags.c fopen.c fprintf.c fpurge.c fput.c fread.c fscanf.c fseek.c fvwrite.c fwalk.c fwrite.c get.c makebuf.c put.c refill.c rewind.c setvbuf.c smstdio.c snprintf.c sscanf.c stdio.c strio.c ungetc.c vasprintf.c vfprintf.c vfscanf.c vprintf.c vsnprintf.c wbuf.c wsetup.c string.c stringf.c xtrap.c strto.c test.c strcasecmp.c strrevcmp.c signal.c clock.c config.c shm.c sem.c mbdb.c strexit.c cf.c ldap.c niprop.c mpeix.c memstat.c util.c inet6_ntop.c notify.c ') bldPRODUCT_END dnl msg.c dnl syslogio.c diff --git a/sendmail-8.15.2-libmilter-socket-activation.patch b/sendmail-8.16.1-libmilter-socket-activation.patch similarity index 88% rename from sendmail-8.15.2-libmilter-socket-activation.patch rename to sendmail-8.16.1-libmilter-socket-activation.patch index e8251bc..3485aa4 100644 --- a/sendmail-8.15.2-libmilter-socket-activation.patch +++ b/sendmail-8.16.1-libmilter-socket-activation.patch @@ -1,10 +1,8 @@ -Description: systemd-like socket activation support for libmilter -Author: Mikhail Gusarov {unix|local}:/path/to/file -- A named pipe.
  • inet:port@{hostname|ip-address} -- An IPV4 socket.
  • inet6:port@{hostname|ip-address} -- An IPV6 socket. @@ -13,7 +11,7 @@ index eba7c5b..5b272a0 100644 diff --git a/libmilter/listener.c b/libmilter/listener.c -index 11d92bb..2ab533d 100644 +index 0468a62..72e7a4f 100644 --- a/libmilter/listener.c +++ b/libmilter/listener.c @@ -197,6 +197,11 @@ mi_milteropen(conn, backlog, rmsocket, name) @@ -54,7 +52,7 @@ index 11d92bb..2ab533d 100644 @@ -466,6 +485,7 @@ mi_milteropen(conn, backlog, rmsocket, name) #if NETUNIX addr.sa.sa_family != AF_UNIX && - #endif /* NETUNIX */ + #endif + addr.sa.sa_family != AF_UNSPEC && setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void *) &sockopt, sizeof(sockopt)) == -1) @@ -72,7 +70,7 @@ index 11d92bb..2ab533d 100644 @@ -818,7 +839,7 @@ mi_listener(conn, dbg, smfi, timeout, backlog) # ifdef BSD4_4_SOCKADDR cliaddr.sa.sa_len == 0 || - # endif /* BSD4_4_SOCKADDR */ + # endif - cliaddr.sa.sa_family != L_family)) + (L_family != AF_UNSPEC && cliaddr.sa.sa_family != L_family))) { diff --git a/sendmail-8.15.2-localdomain.patch b/sendmail-8.16.1-localdomain.patch similarity index 84% rename from sendmail-8.15.2-localdomain.patch rename to sendmail-8.16.1-localdomain.patch index 36ec981..15c29f5 100644 --- a/sendmail-8.15.2-localdomain.patch +++ b/sendmail-8.16.1-localdomain.patch @@ -1,8 +1,8 @@ diff --git a/cf/m4/proto.m4 b/cf/m4/proto.m4 -index 696bf36..5a5963b 100644 +index 618dde0..8c460ce 100644 --- a/cf/m4/proto.m4 +++ b/cf/m4/proto.m4 -@@ -1898,6 +1898,8 @@ R<@> < $* @ [IPv6:::1] > +@@ -1910,6 +1910,8 @@ R<@> < $* @ [IPv6:::1] > $: < ? $&{client_name} > < $1 @ [IPv6:::1] > R<@> < $* @ localhost.$m > $: < ? $&{client_name} > < $1 @ localhost.$m > diff --git a/sendmail-8.15.2-qos.patch b/sendmail-8.16.1-qos.patch similarity index 84% rename from sendmail-8.15.2-qos.patch rename to sendmail-8.16.1-qos.patch index c0b8b6a..381cc5a 100644 --- a/sendmail-8.15.2-qos.patch +++ b/sendmail-8.16.1-qos.patch @@ -12,10 +12,10 @@ index b9dfb16..cb325cc 100644 dnl define(`confDIRECT_SUBMISSION_MODIFIERS',`C')dnl FEATURE(`use_ct_file')dnl diff --git a/cf/m4/proto.m4 b/cf/m4/proto.m4 -index 5a5963b..0df3416 100644 +index 8c460ce..a68ab8d 100644 --- a/cf/m4/proto.m4 +++ b/cf/m4/proto.m4 -@@ -251,6 +251,9 @@ _OPTION(SevenBitInput, `confSEVEN_BIT_INPUT', `False') +@@ -253,6 +253,9 @@ _OPTION(SevenBitInput, `confSEVEN_BIT_INPUT', `False') # 8-bit data handling _OPTION(EightBitMode, `confEIGHT_BIT_HANDLING', `pass8') @@ -26,11 +26,11 @@ index 5a5963b..0df3416 100644 _OPTION(AliasWait, `confALIAS_WAIT', `5m') diff --git a/sendmail/conf.c b/sendmail/conf.c -index cbb9c76..1b55533 100644 +index e9fa42c..fa64b11 100644 --- a/sendmail/conf.c +++ b/sendmail/conf.c -@@ -6430,6 +6430,10 @@ char *FFRCompileOptions[] = - #if _FFR_QF_PARANOIA +@@ -6614,6 +6614,10 @@ char *FFRCompileOptions[] = + /* Check to make sure key fields were read from qf */ "_FFR_QF_PARANOIA", #endif +#if _FFR_QOS && defined(SOL_IP) && defined(IP_TOS) @@ -41,10 +41,10 @@ index cbb9c76..1b55533 100644 /* Allow QueueSortOrder per queue group. */ /* XXX: Still need to actually use qgrp->qg_sortorder */ diff --git a/sendmail/daemon.c b/sendmail/daemon.c -index 4288365..86fe319 100644 +index 19a9378..5561cf5 100644 --- a/sendmail/daemon.c +++ b/sendmail/daemon.c -@@ -104,6 +104,10 @@ static int NDaemons = 0; /* actual number of daemons */ +@@ -124,6 +124,10 @@ static int NDaemons = 0; /* actual number of daemons */ static time_t NextDiskSpaceCheck = 0; @@ -55,7 +55,7 @@ index 4288365..86fe319 100644 /* ** GETREQUESTS -- open mail IPC port and get requests. ** -@@ -1139,6 +1143,16 @@ opendaemonsocket(d, firsttime) +@@ -1159,6 +1163,16 @@ opendaemonsocket(d, firsttime) (void) setsockopt(d->d_socket, SOL_SOCKET, SO_KEEPALIVE, (char *)&on, sizeof(on)); @@ -72,7 +72,7 @@ index 4288365..86fe319 100644 #ifdef SO_RCVBUF if (d->d_tcprcvbufsize > 0) { -@@ -2571,6 +2585,16 @@ gothostent: +@@ -2688,6 +2702,16 @@ gothostent: return EX_TEMPFAIL; } @@ -90,21 +90,21 @@ index 4288365..86fe319 100644 if (ClientSettings[family].d_tcpsndbufsize > 0) { diff --git a/sendmail/readcf.c b/sendmail/readcf.c -index 2b0fbf7..86892f5 100644 +index e6f6296..adb09da 100644 --- a/sendmail/readcf.c +++ b/sendmail/readcf.c -@@ -18,6 +18,7 @@ SM_RCSID("@(#)$Id: readcf.c,v 8.692 2013-11-22 20:51:56 ca Exp $") +@@ -24,6 +24,7 @@ SM_RCSID("@(#)$Id: readcf.c,v 8.692 2013-11-22 20:51:56 ca Exp $") #if NETINET || NETINET6 # include +# include - #endif /* NETINET || NETINET6 */ + #endif -@@ -2888,8 +2889,8 @@ static struct optioninfo +@@ -2917,8 +2918,8 @@ static struct optioninfo # define O_RCPTTHROTDELAY 0xe6 { "BadRcptThrottleDelay", O_RCPTTHROTDELAY, OI_SAFE }, - #endif /* _FFR_RCPTTHROTDELAY */ + #endif -#if 0 && _FFR_QOS && defined(SOL_IP) && defined(IP_TOS) -# define O_INETQOS 0xe7 /* reserved for FFR_QOS */ +#if _FFR_QOS && defined(SOL_IP) && defined(IP_TOS) @@ -112,7 +112,7 @@ index 2b0fbf7..86892f5 100644 { "InetQoS", O_INETQOS, OI_NONE }, #endif #if STARTTLS && _FFR_FIPSMODE -@@ -2914,6 +2915,77 @@ static struct optioninfo +@@ -2982,6 +2983,77 @@ static struct optioninfo { NULL, '\0', OI_NONE } }; @@ -190,9 +190,9 @@ index 2b0fbf7..86892f5 100644 # define CANONIFY(val) # define SET_OPT_DEFAULT(opt, val) opt = val -@@ -4540,6 +4612,33 @@ setoption(opt, val, safe, sticky, e) - UseCompressedIPv6Addresses = atobool(val); +@@ -4679,6 +4751,33 @@ setoption(opt, val, safe, sticky, e) break; + # endif +#ifdef O_INETQOS + case O_INETQOS: @@ -225,22 +225,22 @@ index 2b0fbf7..86892f5 100644 if (tTd(37, 1)) { diff --git a/sendmail/sendmail.h b/sendmail/sendmail.h -index b2d0211..3bcc2e2 100644 +index e6cf45d..7f5cf9f 100644 --- a/sendmail/sendmail.h +++ b/sendmail/sendmail.h -@@ -2537,7 +2537,14 @@ EXTERN struct termescape TermEscape; /* terminal escape codes */ - EXTERN SOCKADDR ConnectOnlyTo; /* override connection address (for testing) */ +@@ -2566,6 +2566,15 @@ EXTERN SOCKADDR ConnectOnlyTo; /* override connection address (for testing) */ EXTERN SOCKADDR RealHostAddr; /* address of host we are talking to */ extern const SM_EXC_TYPE_T EtypeQuickAbort; /* type of a QuickAbort exception */ -- + +#if _FFR_QOS +# if !defined(SOL_IP) && defined(IPPROTO_IP) +# define SOL_IP IPPROTO_IP +# endif +# if defined(SOL_IP) && defined(IP_TOS) -+EXTERN int InetQoS; /* QoS mapping */ ++extern int InetQoS; /* QoS mapping */ +# endif +#endif - - EXTERN int ConnectionRateWindowSize; - #if STARTTLS && USE_OPENSSL_ENGINE ++ + #if _FFR_BLANKENV_MACV + EXTERN int Hacks; /* bit field of run-time enabled "hacks" */ + # define H_LOOKUP_MACRO_IN_BLANKENV 0x0001 diff --git a/sendmail-8.14.8-sasl2-in-etc.patch b/sendmail-8.16.1-sasl2-in-etc.patch similarity index 83% rename from sendmail-8.14.8-sasl2-in-etc.patch rename to sendmail-8.16.1-sasl2-in-etc.patch index fe8f353..96fc5e2 100644 --- a/sendmail-8.14.8-sasl2-in-etc.patch +++ b/sendmail-8.16.1-sasl2-in-etc.patch @@ -1,18 +1,18 @@ diff --git a/sendmail/usersmtp.c b/sendmail/usersmtp.c -index c217ffa..e4dadd3 100644 +index b4ff5cc..dddbb0a 100644 --- a/sendmail/usersmtp.c +++ b/sendmail/usersmtp.c -@@ -1331,9 +1331,7 @@ safesaslfile(context, file) +@@ -1346,9 +1346,7 @@ safesaslfile(context, file) { long sff; int r; -#if SASL <= 10515 size_t len; --#endif /* SASL <= 10515 */ +-#endif char *p; if (file == NULL || *file == '\0') -@@ -1369,9 +1367,16 @@ safesaslfile(context, file) +@@ -1386,9 +1384,16 @@ safesaslfile(context, file) #endif /* SASL <= 10515 */ p = (char *) file; diff --git a/sendmail-8.14.3-smrsh_paths.patch b/sendmail-8.16.1-smrsh_paths.patch similarity index 98% rename from sendmail-8.14.3-smrsh_paths.patch rename to sendmail-8.16.1-smrsh_paths.patch index 9240f39..947e80e 100644 --- a/sendmail-8.14.3-smrsh_paths.patch +++ b/sendmail-8.16.1-smrsh_paths.patch @@ -165,18 +165,18 @@ diff -up sendmail-8.14.3/smrsh/smrsh.c.smrsh_paths sendmail-8.14.3/smrsh/smrsh.c @@ -77,7 +77,7 @@ SM_IDSTR(id, "@(#)$Id: smrsh.c,v 8.65 20 # ifdef SMRSH_CMDDIR # define CMDDIR SMRSH_CMDDIR - # else /* SMRSH_CMDDIR */ + # else -# define CMDDIR "/usr/adm/sm.bin" +# define CMDDIR "/etc/smrsh" - # endif /* SMRSH_CMDDIR */ + # endif #endif /* ! CMDDIR */ @@ -89,7 +89,7 @@ SM_IDSTR(id, "@(#)$Id: smrsh.c,v 8.65 20 # ifdef SMRSH_PATH # define PATH SMRSH_PATH - # else /* SMRSH_PATH */ + # else -# define PATH "/bin:/usr/bin:/usr/ucb" +# define PATH "/bin:/usr/bin" - # endif /* SMRSH_PATH */ + # endif #endif /* ! PATH */ diff --git a/sendmail-8.15.2-switchfile.patch b/sendmail-8.16.1-switchfile.patch similarity index 69% rename from sendmail-8.15.2-switchfile.patch rename to sendmail-8.16.1-switchfile.patch index 940d5a7..42b1d95 100644 --- a/sendmail-8.15.2-switchfile.patch +++ b/sendmail-8.16.1-switchfile.patch @@ -1,13 +1,13 @@ diff --git a/sendmail/conf.c b/sendmail/conf.c -index c73334e..cbb9c76 100644 +index 63c545c..e9fa42c 100644 --- a/sendmail/conf.c +++ b/sendmail/conf.c -@@ -986,7 +986,7 @@ switch_map_find(service, maptype, mapreturn) +@@ -1039,7 +1039,7 @@ switch_map_find(service, maptype, mapreturn) if (p != NULL) *p = '\0'; #ifndef SM_NSSWITCH_DELIMS -# define SM_NSSWITCH_DELIMS " \t" +# define SM_NSSWITCH_DELIMS " \t:" - #endif /* SM_NSSWITCH_DELIMS */ + #endif p = strpbrk(buf, SM_NSSWITCH_DELIMS); if (p != NULL) diff --git a/sendmail-redhat.mc b/sendmail-redhat.mc index dd9bc96..6426204 100644 --- a/sendmail-redhat.mc +++ b/sendmail-redhat.mc @@ -104,7 +104,7 @@ dnl # The -t option will retry delivery if e.g. the user runs over his quota. dnl # FEATURE(local_procmail, `', `procmail -t -Y -a $h -d $u')dnl FEATURE(`access_db', `hash -T -o /etc/mail/access.db')dnl -FEATURE(`blacklist_recipients')dnl +FEATURE(`blocklist_recipients')dnl EXPOSED_USER(`root')dnl dnl # dnl # For using Cyrus-IMAPd as POP3/IMAP server through LMTP delivery uncomment diff --git a/sendmail.spec b/sendmail.spec index 86c1b0c..0c7fb56 100644 --- a/sendmail.spec +++ b/sendmail.spec @@ -18,8 +18,8 @@ Summary: A widely used Mail Transport Agent (MTA) Name: sendmail -Version: 8.15.2 -Release: 44%{?dist} +Version: 8.16.1 +Release: 1%{?dist} License: Sendmail URL: http://www.sendmail.org/ @@ -57,47 +57,33 @@ Source17: sendmail-etc-mail-virtusertable # fix man path and makemap man page Patch3: sendmail-8.14.4-makemapman.patch # fix smrsh paths -Patch4: sendmail-8.14.3-smrsh_paths.patch +Patch4: sendmail-8.16.1-smrsh_paths.patch # fix sm-client.pid path Patch7: sendmail-8.14.9-pid.patch # fix sendmail man page Patch10: sendmail-8.15.1-manpage.patch # compile with -fpie -Patch11: sendmail-8.15.1-dynamic.patch +Patch11: sendmail-8.16.1-dynamic.patch # fix cyrus path Patch12: sendmail-8.13.0-cyrus.patch # fix aliases.db path -Patch13: sendmail-8.15.1-aliases_dir.patch +Patch13: sendmail-8.16.1-aliases_dir.patch # fix vacation Makefile Patch14: sendmail-8.14.9-vacation.patch # remove version information from sendmail helpfile Patch15: sendmail-8.14.9-noversion.patch # do not accept localhost.localdomain as valid address from SMTP -Patch16: sendmail-8.15.2-localdomain.patch +Patch16: sendmail-8.16.1-localdomain.patch # build libmilter as DSO Patch17: sendmail-8.14.3-sharedmilter.patch # skip colon separator when parsing service name in ServiceSwitchFile -Patch18: sendmail-8.15.2-switchfile.patch +Patch18: sendmail-8.16.1-switchfile.patch # silence warning about missing sasl2 config in /usr/lib*, now in /etc/sasl2 -Patch23: sendmail-8.14.8-sasl2-in-etc.patch +Patch23: sendmail-8.16.1-sasl2-in-etc.patch # add QoS support, patch from Philip Prindeville # upstream reserved option ID 0xe7 for testing of this new feature, #576643 -Patch25: sendmail-8.15.2-qos.patch -Patch26: sendmail-8.15.2-libmilter-socket-activation.patch -# patch provided by upstream -Patch27: sendmail-8.15.2-smtp-session-reuse-fix.patch -Patch28: sendmail-8.15.2-openssl-1.1.0-fix.patch -# patch taken from Debian -# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=807258 -Patch29: sendmail-8.15.2-format-security.patch -# rhbz#1473971 -Patch30: sendmail-8.15.2-openssl-1.1.0-ecdhe-fix.patch -# rhbz#1736650 -Patch31: sendmail-8.15.2-gethostbyname2.patch -# upstream patch: -Patch32: sendmail-8.15.2-fix-covscan-issues.patch -# sent upstream -Patch33: sendmail-8.15.2-gcc-10-fix.patch +Patch25: sendmail-8.16.1-qos.patch +Patch26: sendmail-8.16.1-libmilter-socket-activation.patch BuildRequires: libdb-devel BuildRequires: libnsl2-devel @@ -204,13 +190,6 @@ cp devtools/M4/UNIX/{,shared}library.m4 %patch23 -p1 -b .sasl2-in-etc %patch25 -p1 -b .qos %patch26 -p1 -b .libmilter-socket-activation -%patch27 -p1 -b .smtp-session-reuse-fix -%patch28 -p1 -b .openssl-1.1.0-fix -%patch29 -p1 -b .format-security -%patch30 -p1 -b .openssl-1.1.0-ecdhe-fix -%patch31 -p1 -b .gethostbyname2 -%patch32 -p1 -b .fix-covscan-issues -%patch33 -p1 -b .gcc-10-fix for f in RELEASE_NOTES contrib/etrn.0; do iconv -f iso8859-1 -t utf8 -o ${f}{_,} && @@ -263,7 +242,7 @@ EOF %if "%{with_tls}" == "yes" cat >> redhat.config.m4 << EOF -APPENDDEF(\`conf_sendmail_ENVDEF', \`-DSTARTTLS -D_FFR_TLS_1 -D_FFR_TLS_EC -D_FFR_TLS_USE_CERTIFICATE_CHAIN_FILE')dnl +APPENDDEF(\`conf_sendmail_ENVDEF', \`-DSTARTTLS -D_FFR_TLS_1 -DTLS_EC -D_FFR_TLS_USE_CERTIFICATE_CHAIN_FILE -DDANE')dnl APPENDDEF(\`conf_sendmail_LIBS', \`-lssl -lcrypto')dnl EOF %endif @@ -714,6 +693,14 @@ exit 0 %changelog +* Tue Jul 7 2020 Jaroslav Škarvada - 8.16.1-1 +- New version + Resolves: rhbz#1853885 +- Dropped smtp-session-reuse-fix, openssl-1.1.0-fix, openssl-1.1.0-ecdhe-fix, + gethostbyname2, fix-covscan-issues, gcc-10-fix patches (not needed) +- Dropped format-security patch (upstreamed) +- Updated patches + * Fri Apr 03 2020 Tom Stellard - 8.15.2-44 - Specify value for confCC in redhat.config.m4 diff --git a/sources b/sources index 1654f0b..4e825c9 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -a824fa7dea4d3341efb6462ccd816f00 sendmail.8.15.2.tar.gz +SHA512 (sendmail.8.16.1.tar.gz) = d7d4aac3c6d7505782abdb166204901b8b51cac000d610dfe40eda9eef7441a073af9e8e0b14c8719b07b445f55a1e2c28ac63d663d0daa7f1eafc5a101788b2