rpms
/
sendmail
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

New version 

Resolves: rhbz#1853885
Dropped smtp-session-reuse-fix, openssl-1.1.0-fix, openssl-1.1.0-ecdhe-fix,
  gethostbyname2, fix-covscan-issues, gcc-10-fix patches (not needed)
Dropped format-security patch (upstreamed)
Updated patches
This commit is contained in:
Jaroslav Škarvada 2020-07-07 22:06:27 +02:00
parent eda1a426f3
commit c29ebcc8ac
19 changed files with 82 additions and 875 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -1,3 +1,4 @@
/sendmail.8.14.?.tar.gz
/sendmail.8.15.1.tar.gz
/sendmail.8.15.2.tar.gz
/sendmail.8.16.1.tar.gz

149
sendmail-8.15.2-fix-covscan-issues.patch
View File

@ -1,149 +0,0 @@
diff --git a/include/sm/varargs.h b/include/sm/varargs.h
index 612858d..2609630 100644
--- a/include/sm/varargs.h
+++ b/include/sm/varargs.h
@@ -32,6 +32,11 @@
# define SM_VA_COPY(dst, src) __va_copy((dst), (src))
# else
# define SM_VA_COPY(dst, src) memcpy(&(dst), &(src), sizeof((dst)))
+# define SM_VA_END_COPY(ap) do { } while (0)
+# endif
+
+# ifndef SM_VA_END_COPY
+# define SM_VA_END_COPY(ap) va_end(ap)
# endif
/*
diff --git a/libsm/vfprintf.c b/libsm/vfprintf.c
index 87c353c..c99d4e5 100644
--- a/libsm/vfprintf.c
+++ b/libsm/vfprintf.c
@@ -782,6 +782,7 @@ number: if ((dprec = prec) >= 0)
done:
FLUSH();
error:
+ SM_VA_END_COPY(orgap);
if ((argtable != NULL) && (argtable != statargtable))
sm_free(argtable);
return sm_error(fp) ? SM_IO_EOF : ret;
diff --git a/sendmail/milter.c b/sendmail/milter.c
index 9b3667d..190bf9f 100644
--- a/sendmail/milter.c
+++ b/sendmail/milter.c
@@ -2441,8 +2441,7 @@ milter_negotiate(m, e, milters)
sm_syslog(LOG_ERR, e->e_id,
"Milter (%s): negotiate: returned %c instead of %c",
m->mf_name, rcmd, SMFIC_OPTNEG);
- if (response != NULL)
- sm_free(response); /* XXX */
+ SM_FREE(response);
milter_error(m, e);
return -1;
}
@@ -2457,8 +2456,7 @@ milter_negotiate(m, e, milters)
sm_syslog(LOG_ERR, e->e_id,
"Milter (%s): negotiate: did not return valid info",
m->mf_name);
- if (response != NULL)
- sm_free(response); /* XXX */
+ SM_FREE(response);
milter_error(m, e);
return -1;
}
@@ -2476,8 +2474,7 @@ milter_negotiate(m, e, milters)
sm_syslog(LOG_ERR, e->e_id,
"Milter (%s): negotiate: did not return enough info",
m->mf_name);
- if (response != NULL)
- sm_free(response); /* XXX */
+ SM_FREE(response);
milter_error(m, e);
return -1;
}
@@ -2593,11 +2590,11 @@ milter_negotiate(m, e, milters)
if (tTd(64, 5))
sm_dprintf("milter_negotiate(%s): received: version %u, fflags 0x%x, pflags 0x%x\n",
m->mf_name, m->mf_fvers, m->mf_fflags, m->mf_pflags);
+ SM_FREE(response);
return 0;
error:
- if (response != NULL)
- sm_free(response); /* XXX */
+ SM_FREE(response);
return -1;
}
@@ -3233,6 +3230,7 @@ milter_changeheader(m, response, rlen, e)
addheader(newstr(field), mh_value, H_USER, e,
!bitset(SMFIP_HDR_LEADSPC, m->mf_pflags));
}
+ SM_FREE(mh_value);
return;
}
@@ -3441,6 +3439,8 @@ milter_chgfrom(response, rlen, e)
{
if (tTd(64, 10))
sm_dprintf("didn't follow protocol argc=%d\n", argc);
+ if (argv != NULL)
+ free(argv);
return;
}
@@ -3459,6 +3459,7 @@ milter_chgfrom(response, rlen, e)
mail_esmtp_args);
}
Errors = olderrors;
+ free(argv);
return;
}
@@ -3506,6 +3507,8 @@ milter_addrcpt_par(response, rlen, e)
{
if (tTd(64, 10))
sm_dprintf("didn't follow protocol argc=%d\n", argc);
+ if (argv != NULL)
+ free(argv);
return;
}
olderrors = Errors;
@@ -3530,6 +3533,7 @@ milter_addrcpt_par(response, rlen, e)
}
Errors = olderrors;
+ free(argv);
return;
}
diff --git a/sendmail/queue.c b/sendmail/queue.c
index a323301..d61f626 100644
--- a/sendmail/queue.c
+++ b/sendmail/queue.c
@@ -8433,6 +8433,7 @@ split_by_recipient(e)
if (split_within_queue(ee) == SM_SPLIT_FAIL)
{
e->e_sibling = firstsibling;
+ SM_FREE(lsplits);
return false;
}
ee->e_flags |= EF_SPLIT;
@@ -8447,8 +8448,7 @@ split_by_recipient(e)
if (p == NULL)
{
/* let's try to get this done */
- sm_free(lsplits);
- lsplits = NULL;
+ SM_FREE(lsplits);
}
else
lsplits = p;
@@ -8470,7 +8470,7 @@ split_by_recipient(e)
{
sm_syslog(LOG_NOTICE, e->e_id, "split: count=%d, id%s=%s",
n - 1, n > 2 ? "s" : "", lsplits);
- sm_free(lsplits);
+ SM_FREE(lsplits);
}
split = split_within_queue(e) != SM_SPLIT_FAIL;
if (split)

127
sendmail-8.15.2-format-security.patch
View File

@ -1,127 +0,0 @@
diff --git a/sendmail/envelope.c b/sendmail/envelope.c
index bae6b00..beb91a1 100644
--- a/sendmail/envelope.c
+++ b/sendmail/envelope.c
@@ -323,7 +323,7 @@ dropenvelope(e, fulldrop, split)
/* don't free, allocated from e_rpool */
e->e_message = sm_rpool_strdup_x(e->e_rpool, buf);
- message(buf);
+ message("%s", buf);
e->e_flags |= EF_CLRQUEUE;
}
if (msg_timeout == MSG_NOT_BY)
@@ -420,7 +420,7 @@ dropenvelope(e, fulldrop, split)
/* don't free, allocated from e_rpool */
e->e_message = sm_rpool_strdup_x(e->e_rpool,
buf);
- message(buf);
+ message("%s", buf);
e->e_flags |= EF_WARNING;
}
if (msg_timeout == MSG_WARN_BY)
diff --git a/sendmail/parseaddr.c b/sendmail/parseaddr.c
index 2adb39c..ba99414 100644
--- a/sendmail/parseaddr.c
+++ b/sendmail/parseaddr.c
@@ -218,7 +218,7 @@ parseaddr(addr, a, flags, delim, delimptr, e, isrcpt)
msg = "Deferring message until queue run";
if (tTd(20, 1))
sm_dprintf("parseaddr: queueing message\n");
- message(msg);
+ message("%s", msg);
if (e->e_message == NULL && e->e_sendmode != SM_DEFER)
e->e_message = sm_rpool_strdup_x(e->e_rpool, msg);
a->q_state = QS_QUEUEUP;
diff --git a/sendmail/srvrsmtp.c b/sendmail/srvrsmtp.c
index ba636a8..46c5356 100644
--- a/sendmail/srvrsmtp.c
+++ b/sendmail/srvrsmtp.c
@@ -122,6 +122,26 @@ extern ENVELOPE BlankEnvelope;
#define SKIP_SPACE(s) while (isascii(*s) && isspace(*s)) \
(s)++
+static inline void
+message1(fmt)
+ char *fmt;
+{
+ if (strchr(fmt, '%') == NULL)
+ message(fmt, NULL);
+ else
+ message("%s", fmt);
+}
+
+static inline void
+usrerr1(fmt)
+ char *fmt;
+{
+ if (strchr(fmt, '%') == NULL)
+ usrerr(fmt, NULL);
+ else
+ usrerr("%s", fmt);
+}
+
/*
** PARSE_ESMTP_ARGS -- parse EMSTP arguments (for MAIL, RCPT)
**
@@ -578,13 +598,13 @@ static bool smtp_data __P((SMTP_T *, ENVELOPE *));
bool tsave = QuickAbort; \
\
QuickAbort = false; \
- usrerr(response); \
+ usrerr1(response); \
QuickAbort = tsave; \
e->e_sendqueue = NULL; \
goto doquit; \
} \
else \
- usrerr(response); \
+ usrerr1(response); \
break; \
\
case SMFIR_REJECT: \
@@ -931,7 +951,7 @@ smtp(nullserver, d_flags, e)
}
else if (strncmp(nullserver, "421 ", 4) == 0)
{
- message(nullserver);
+ message1(nullserver);
goto doquit;
}
@@ -1849,7 +1869,7 @@ smtp(nullserver, d_flags, e)
if (nullserver != NULL)
{
if (ISSMTPREPLY(nullserver))
- usrerr(nullserver);
+ usrerr1(nullserver);
else
usrerr("550 5.0.0 %s",
nullserver);
@@ -2449,7 +2469,7 @@ smtp(nullserver, d_flags, e)
tempfail = true;
smtp.sm_milterize = false;
if (response != NULL)
- usrerr(response);
+ usrerr1(response);
else
message("421 4.7.0 %s closing connection",
MyHostName);
@@ -3656,7 +3676,7 @@ smtp_data(smtp, e)
(void) extenhsc(response + 4, ' ', e->e_enhsc);
#endif /* _FFR_MILTER_ENHSC */
- usrerr(response);
+ usrerr1(response);
if (strncmp(response, "421 ", 4) == 0
|| strncmp(response, "421-", 4) == 0)
{
@@ -3776,7 +3796,7 @@ smtp_data(smtp, e)
if (ISSMTPCODE(response))
(void) extenhsc(response + 4, ' ', e->e_enhsc);
#endif /* _FFR_MILTER_ENHSC */
- usrerr(response);
+ usrerr1(response);
if (strncmp(response, "421 ", 4) == 0
|| strncmp(response, "421-", 4) == 0)
rv = false;

13
sendmail-8.15.2-gcc-10-fix.patch
View File

@ -1,13 +0,0 @@
diff --git a/sendmail/sendmail.h b/sendmail/sendmail.h
index 441399c..95b90b8 100644
--- a/sendmail/sendmail.h
+++ b/sendmail/sendmail.h
@@ -2551,7 +2551,7 @@ extern const SM_EXC_TYPE_T EtypeQuickAbort; /* type of a QuickAbort exception */
# define SOL_IP IPPROTO_IP
# endif
# if defined(SOL_IP) && defined(IP_TOS)
-EXTERN int InetQoS; /* QoS mapping */
+extern int InetQoS; /* QoS mapping */
# endif
#endif

39
sendmail-8.15.2-gethostbyname2.patch
View File

@ -1,39 +0,0 @@
diff --git a/libmilter/sm_gethost.c b/libmilter/sm_gethost.c
index a025c8f..cd0ef31 100644
--- a/libmilter/sm_gethost.c
+++ b/libmilter/sm_gethost.c
@@ -49,8 +49,16 @@ sm_getipnodebyname(name, family, flags, err)
int flags;
int *err;
{
- bool resv6 = true;
struct hostent *h;
+# if HAS_GETHOSTBYNAME2
+
+ h = gethostbyname2(name, family);
+ if (h == NULL)
+ *err = h_errno;
+ return h;
+
+# else /* HAS_GETHOSTBYNAME2 */
+ bool resv6 = true;
if (family == AF_INET6)
{
@@ -60,7 +68,7 @@ sm_getipnodebyname(name, family, flags, err)
}
SM_SET_H_ERRNO(0);
h = gethostbyname(name);
- if (family == AF_INET6 && !resv6)
+ if (!resv6)
_res.options &= ~RES_USE_INET6;
/* the function is supposed to return only the requested family */
@@ -75,6 +83,7 @@ sm_getipnodebyname(name, family, flags, err)
else
*err = h_errno;
return h;
+# endif /* HAS_GETHOSTBYNAME2 */
}
void

20
sendmail-8.15.2-openssl-1.1.0-ecdhe-fix.patch
View File

@ -1,20 +0,0 @@
diff --git a/sendmail/tls.c b/sendmail/tls.c
index 16cb93f..9338380 100644
--- a/sendmail/tls.c
+++ b/sendmail/tls.c
@@ -1329,13 +1329,8 @@ inittls(ctx, req, options, srv, certfile, keyfile, cacertpath, cacertfile, dhpar
}
#if _FFR_TLS_EC
- ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
- if (ecdh != NULL)
- {
- SSL_CTX_set_options(*ctx, SSL_OP_SINGLE_ECDH_USE);
- SSL_CTX_set_tmp_ecdh(*ctx, ecdh);
- EC_KEY_free(ecdh);
- }
+ SSL_CTX_set_options(*ctx, SSL_OP_SINGLE_ECDH_USE);
+ SSL_CTX_set_ecdh_auto(*ctx, 1);
#endif /* _FFR_TLS_EC */
}

182
sendmail-8.15.2-openssl-1.1.0-fix.patch
View File

@ -1,182 +0,0 @@
--- sendmail-8.15.2.orig/sendmail/tls.c 2016-12-01 15:20:59.953546417 +0100
+++ sendmail-8.15.2.orig/sendmail/tls.c 2016-12-01 17:26:43.868521378 +0100
@@ -63,14 +63,28 @@ static unsigned char dh512_g[] =
static DH *
get_dh512()
{
- DH *dh = NULL;
+ DH *dh;
+ BIGNUM *p, *g;
if ((dh = DH_new()) == NULL)
return NULL;
- dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
- dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
- if ((dh->p == NULL) || (dh->g == NULL))
+ p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
+ g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
+ if (p == NULL || g == NULL)
+ {
+ BN_free(p);
+ BN_free(g);
+ DH_free(dh);
return NULL;
+ }
+
+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
+ DH_set0_pqg(dh, p, NULL, g);
+#else
+ dh->p = p;
+ dh->g = g;
+#endif
+
return dh;
}
@@ -117,16 +131,27 @@ get_dh2048()
};
static unsigned char dh2048_g[]={ 0x02, };
DH *dh;
+ BIGNUM *p, *g;
if ((dh=DH_new()) == NULL)
return(NULL);
- dh->p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL);
- dh->g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL);
- if ((dh->p == NULL) || (dh->g == NULL))
+ p = BN_bin2bn(dh2048_p, sizeof(dh2048_p), NULL);
+ g = BN_bin2bn(dh2048_g, sizeof(dh2048_g), NULL);
+ if (p == NULL || g == NULL)
{
+ BN_free(p);
+ BN_free(g);
DH_free(dh);
- return(NULL);
+ return NULL;
}
+
+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
+ DH_set0_pqg(dh, p, NULL, g);
+#else
+ dh->p = p;
+ dh->g = g;
+#endif
+
return(dh);
}
# endif /* !NO_DH */
@@ -715,6 +740,54 @@ static char server_session_id_context[]
# define SM_SSL_OP_TLS_BLOCK_PADDING_BUG 0
#endif
+static RSA *
+generate_rsa_key(bits, e)
+ int bits;
+ unsigned long e;
+{
+#if OPENSSL_VERSION_NUMBER < 0x00908000L
+ return RSA_generate_key(bits, e, NULL, NULL);
+#else
+ BIGNUM *bne;
+ RSA *rsa = NULL;
+
+ bne = BN_new();
+ if (bne && BN_set_word(bne, e) != 1)
+ rsa = RSA_new();
+ if (rsa && RSA_generate_key_ex(rsa, bits, bne, NULL) != 1)
+ {
+ RSA_free(rsa);
+ rsa = NULL;
+ }
+ BN_free(bne);
+ return rsa;
+#endif
+}
+
+static DSA *
+generate_dsa_parameters(bits, seed, seed_len, counter_ret, h_ret)
+ int bits;
+ unsigned char *seed;
+ int seed_len;
+ int *counter_ret;
+ unsigned long *h_ret;
+{
+#if OPENSSL_VERSION_NUMBER < 0x00908000L
+ return DSA_generate_parameters(bits, seed, seed_len, counter_ret,
+ h_ret, NULL, NULL);
+#else
+ DSA *dsa = DSA_new();
+
+ if (dsa && DSA_generate_parameters_ex(dsa, bits, seed, seed_len,
+ counter_ret, h_ret, NULL) != 1)
+ {
+ DSA_free(dsa);
+ dsa = NULL;
+ }
+ return dsa;
+#endif
+}
+
bool
inittls(ctx, req, options, srv, certfile, keyfile, cacertpath, cacertfile, dhparam)
SSL_CTX **ctx;
@@ -926,7 +999,7 @@ inittls(ctx, req, options, srv, certfile
{
/* get a pointer to the current certificate validation store */
store = SSL_CTX_get_cert_store(*ctx); /* does not fail */
- crl_file = BIO_new(BIO_s_file_internal());
+ crl_file = BIO_new(BIO_s_file());
if (crl_file != NULL)
{
if (BIO_read_filename(crl_file, CRLFile) >= 0)
@@ -1003,8 +1076,7 @@ inittls(ctx, req, options, srv, certfile
if (bitset(TLS_I_RSA_TMP, req)
# if SM_CONF_SHM
&& ShmId != SM_SHM_NO_ID &&
- (rsa_tmp = RSA_generate_key(RSA_KEYLENGTH, RSA_F4, NULL,
- NULL)) == NULL
+ (rsa_tmp = generate_rsa_key(RSA_KEYLENGTH, RSA_F4)) == NULL
# else /* SM_CONF_SHM */
&& 0 /* no shared memory: no need to generate key now */
# endif /* SM_CONF_SHM */
@@ -1210,8 +1282,8 @@ inittls(ctx, req, options, srv, certfile
sm_dprintf("inittls: Generating %d bit DH parameters\n", bits);
/* this takes a while! */
- dsa = DSA_generate_parameters(bits, NULL, 0, NULL,
- NULL, 0, NULL);
+ dsa = generate_dsa_parameters(bits, NULL, 0, NULL,
+ NULL);
dh = DSA_dup_DH(dsa);
DSA_free(dsa);
}
@@ -1747,7 +1819,7 @@ tmp_rsa_key(s, export, keylength)
if (rsa_tmp != NULL)
RSA_free(rsa_tmp);
- rsa_tmp = RSA_generate_key(RSA_KEYLENGTH, RSA_F4, NULL, NULL);
+ rsa_tmp = generate_rsa_key(RSA_KEYLENGTH, RSA_F4);
if (rsa_tmp == NULL)
{
if (LogLevel > 0)
@@ -1974,11 +2046,20 @@ x509_verify_cb(ok, ctx)
{
if (LogLevel > 13)
tls_verify_log(ok, ctx, "x509");
+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
+ if (X509_STORE_CTX_get_error(ctx) ==
+ X509_V_ERR_UNABLE_TO_GET_CRL)
+ {
+ X509_STORE_CTX_set_error(ctx, 0);
+ return 1; /* override it */
+ }
+#else
if (ctx->error == X509_V_ERR_UNABLE_TO_GET_CRL)
{
ctx->error = 0;
return 1; /* override it */
}
+#endif
}
return ok;
}

249
sendmail-8.15.2-smtp-session-reuse-fix.patch
View File

@ -1,249 +0,0 @@
diff -ru a/sendmail/deliver.c b/sendmail/deliver.c
--- a/sendmail/deliver.c 2016-02-29 06:01:55.000000000 -0800
+++ b/sendmail/deliver.c 2016-02-29 06:02:06.000000000 -0800
@@ -6274,8 +6274,7 @@
tlslogerr(LOG_WARNING, "client");
}
- SSL_free(clt_ssl);
- clt_ssl = NULL;
+ SM_SSL_FREE(clt_ssl);
return EX_SOFTWARE;
}
mci->mci_ssl = clt_ssl;
@@ -6287,8 +6286,7 @@
return EX_OK;
/* failure */
- SSL_free(clt_ssl);
- clt_ssl = NULL;
+ SM_SSL_FREE(clt_ssl);
return EX_SOFTWARE;
}
/*
@@ -6309,7 +6307,7 @@
if (!bitset(MCIF_TLSACT, mci->mci_flags))
return EX_OK;
- r = endtls(mci->mci_ssl, "client");
+ r = endtls(&mci->mci_ssl, "client");
mci->mci_flags &= ~MCIF_TLSACT;
return r;
}
diff -ru a/sendmail/macro.c b/sendmail/macro.c
--- a/sendmail/macro.c 2016-02-29 06:01:55.000000000 -0800
+++ b/sendmail/macro.c 2016-02-29 06:02:06.000000000 -0800
@@ -362,6 +362,33 @@
}
/*
+** MACTABCLEAR -- clear entire macro table
+**
+** Parameters:
+** mac -- Macro table.
+**
+** Returns:
+** none.
+**
+** Side Effects:
+** clears entire mac structure including rpool pointer!
+*/
+
+void
+mactabclear(mac)
+ MACROS_T *mac;
+{
+ int i;
+
+ if (mac->mac_rpool == NULL)
+ {
+ for (i = 0; i < MAXMACROID; i++)
+ SM_FREE_CLR(mac->mac_table[i]);
+ }
+ memset((char *) mac, '\0', sizeof(*mac));
+}
+
+/*
** MACDEFINE -- bind a macro name to a value
**
** Set a macro to a value, with fancy storage management.
diff -ru a/sendmail/mci.c b/sendmail/mci.c
--- a/sendmail/mci.c 2016-02-29 06:01:55.000000000 -0800
+++ b/sendmail/mci.c 2016-02-29 06:02:06.000000000 -0800
@@ -25,6 +25,7 @@
int, bool));
static bool mci_load_persistent __P((MCI *));
static void mci_uncache __P((MCI **, bool));
+static void mci_clear __P((MCI *));
static int mci_lock_host_statfile __P((MCI *));
static int mci_read_persistent __P((SM_FILE_T *, MCI *));
@@ -253,6 +254,7 @@
SM_FREE_CLR(mci->mci_status);
SM_FREE_CLR(mci->mci_rstatus);
SM_FREE_CLR(mci->mci_heloname);
+ mci_clear(mci);
if (mci->mci_rpool != NULL)
{
sm_rpool_free(mci->mci_rpool);
@@ -315,6 +317,41 @@
}
/*
+** MCI_CLEAR -- clear mci
+**
+** Parameters:
+** mci -- the connection to clear.
+**
+** Returns:
+** none.
+*/
+
+static void
+mci_clear(mci)
+ MCI *mci;
+{
+ if (mci == NULL)
+ return;
+
+ mci->mci_maxsize = 0;
+ mci->mci_min_by = 0;
+ mci->mci_deliveries = 0;
+#if SASL
+ if (bitset(MCIF_AUTHACT, mci->mci_flags))
+ sasl_dispose(&mci->mci_conn);
+#endif
+#if STARTTLS
+ if (bitset(MCIF_TLSACT, mci->mci_flags) && mci->mci_ssl != NULL)
+ SM_SSL_FREE(mci->mci_ssl);
+#endif
+
+ /* which flags to preserve? */
+ mci->mci_flags &= MCIF_CACHED;
+ mactabclear(&mci->mci_macro);
+}
+
+
+/*
** MCI_GET -- get information about a particular host
**
** Parameters:
@@ -419,6 +456,7 @@
mci->mci_errno = 0;
mci->mci_exitstat = EX_OK;
}
+ mci_clear(mci);
}
return mci;
diff -ru a/sendmail/sendmail.h b/sendmail/sendmail.h
--- a/sendmail/sendmail.h 2016-02-29 06:01:55.000000000 -0800
+++ b/sendmail/sendmail.h 2016-02-29 06:02:06.000000000 -0800
@@ -1186,6 +1186,7 @@
#define macid(name) macid_parse(name, NULL)
extern char *macname __P((int));
extern char *macvalue __P((int, ENVELOPE *));
+extern void mactabclear __P((MACROS_T *));
extern int rscheck __P((char *, char *, char *, ENVELOPE *, int, int, char *, char *, ADDRESS *, char **));
extern int rscap __P((char *, char *, char *, ENVELOPE *, char ***, char *, int));
extern void setclass __P((int, char *));
@@ -2002,7 +2003,15 @@
extern void setclttls __P((bool));
extern bool initsrvtls __P((bool));
extern int tls_get_info __P((SSL *, bool, char *, MACROS_T *, bool));
-extern int endtls __P((SSL *, char *));
+#define SM_SSL_FREE(ssl) \
+ do { \
+ if (ssl != NULL) \
+ { \
+ SSL_free(ssl); \
+ ssl = NULL; \
+ } \
+ } while (0)
+extern int endtls __P((SSL **, char *));
extern void tlslogerr __P((int, const char *));
diff -ru a/sendmail/srvrsmtp.c b/sendmail/srvrsmtp.c
--- a/sendmail/srvrsmtp.c 2016-02-29 06:01:55.000000000 -0800
+++ b/sendmail/srvrsmtp.c 2016-02-29 06:02:06.000000000 -0800
@@ -2122,8 +2122,7 @@
if (get_tls_se_options(e, srv_ssl, true) != 0)
{
message("454 4.3.3 TLS not available: error setting options");
- SSL_free(srv_ssl);
- srv_ssl = NULL;
+ SM_SSL_FREE(srv_ssl);
goto tls_done;
}
@@ -2145,8 +2144,7 @@
SSL_set_wfd(srv_ssl, wfd) <= 0)
{
message("454 4.3.3 TLS not available: error set fd");
- SSL_free(srv_ssl);
- srv_ssl = NULL;
+ SM_SSL_FREE(srv_ssl);
goto tls_done;
}
if (!smtps)
@@ -2188,8 +2186,7 @@
tlslogerr(LOG_WARNING, "server");
}
tls_ok_srv = false;
- SSL_free(srv_ssl);
- srv_ssl = NULL;
+ SM_SSL_FREE(srv_ssl);
/*
** according to the next draft of
@@ -3416,7 +3413,7 @@
/* shutdown TLS connection */
if (tls_active)
{
- (void) endtls(srv_ssl, "server");
+ (void) endtls(&srv_ssl, "server");
tls_active = false;
}
#endif /* STARTTLS */
diff -ru a/sendmail/tls.c b/sendmail/tls.c
--- a/sendmail/tls.c 2016-02-29 06:01:55.000000000 -0800
+++ b/sendmail/tls.c 2016-02-29 06:02:06.000000000 -0800
@@ -1624,7 +1624,7 @@
** ENDTLS -- shutdown secure connection
**
** Parameters:
-** ssl -- SSL connection information.
+** pssl -- pointer to TLS session context
** side -- server/client (for logging).
**
** Returns:
@@ -1632,12 +1632,16 @@
*/
int
-endtls(ssl, side)
- SSL *ssl;
+endtls(pssl, side)
+ SSL **pssl;
char *side;
{
int ret = EX_OK;
+ SSL *ssl;
+ SM_REQUIRE(pssl != NULL);
+ ret = EX_OK;
+ ssl = *pssl;
if (ssl != NULL)
{
int r;
@@ -1703,8 +1707,7 @@
ret = EX_SOFTWARE;
}
# endif /* !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER > 0x0090602fL */
- SSL_free(ssl);
- ssl = NULL;
+ SM_SSL_FREE(*pssl);
}
return ret;
}

30
sendmail-8.15.1-aliases_dir.patch → sendmail-8.16.1-aliases_dir.patch
View File

@ -1,8 +1,8 @@
diff --git a/cf/m4/cfhead.m4 b/cf/m4/cfhead.m4
index 714a3ec..3fd6c1c 100644
index 6d12e85..15af608 100644
--- a/cf/m4/cfhead.m4
+++ b/cf/m4/cfhead.m4
@@ -260,7 +260,7 @@ ifdef(`MAIL_SETTINGS_DIR', , `define(`MAIL_SETTINGS_DIR', `/etc/mail/')')
@@ -269,7 +269,7 @@ ifdef(`MAIL_SETTINGS_DIR', , `define(`MAIL_SETTINGS_DIR', `/etc/mail/')')
define(`DATABASE_MAP_TYPE', `hash')
# set up default values for options
@ -12,10 +12,10 @@ index 714a3ec..3fd6c1c 100644
define(`confFROM_LINE', `From $g $d')
define(`confOPERATORS', `.:%@!^/[]+')
diff --git a/sendmail/aliases.0 b/sendmail/aliases.0
index cfdbe17..5ea4c28 100644
index ba855d4..edb3b19 100644
--- a/sendmail/aliases.0
+++ b/sendmail/aliases.0
@@ -63,7 +63,7 @@ DDEESSCCRRIIPPTTIIOONN
@@ -63,7 +63,7 @@ ALIASES(5) ALIASES(5)
the list of users defined in that file.
This is only the raw data file; the actual aliasing information is
@ -47,26 +47,26 @@ index f09b49c..7b16db2 100644
newaliases(1).
A
diff --git a/sendmail/newaliases.0 b/sendmail/newaliases.0
index c77f401..e2a1670 100644
index 49ff2b0..247a276 100644
--- a/sendmail/newaliases.0
+++ b/sendmail/newaliases.0
@@ -10,7 +10,7 @@ SSYYNNOOPPSSIISS
@@ -10,7 +10,7 @@ NEWALIASES(1) NEWALIASES(1)
DDEESSCCRRIIPPTTIIOONN
NNeewwaalliiaasseess rebuilds the random access data base for the mail aliases
DESCRIPTION
Newaliases rebuilds the random access data base for the mail aliases
- file /etc/mail/aliases. It must be run each time this file is changed
+ file /etc/aliases. It must be run each time this file is changed
in order for the change to take effect.
NNeewwaalliiaasseess is identical to ``sendmail -bi''.
@@ -22,7 +22,7 @@ DDEESSCCRRIIPPTTIIOONN
sseennddmmaaiill..
Newaliases is identical to ``sendmail -bi''.
@@ -22,7 +22,7 @@ NEWALIASES(1) NEWALIASES(1)
sendmail.
FFIILLEESS
FILES
- /etc/mail/aliases The mail aliases file
+ /etc/aliases The mail aliases file
SSEEEE AALLSSOO
SEE ALSO
aliases(5), sendmail(8)
diff --git a/sendmail/newaliases.1 b/sendmail/newaliases.1
index 59dc0de..9ba8752 100644
@ -91,10 +91,10 @@ index 59dc0de..9ba8752 100644
.SH SEE ALSO
aliases(5), sendmail(8)
diff --git a/sendmail/sendmail.0 b/sendmail/sendmail.0
index 515d5f7..8236411 100644
index 60ab1cd..5f3bf93 100644
--- a/sendmail/sendmail.0
+++ b/sendmail/sendmail.0
@@ -434,10 +434,10 @@ FFIILLEESS
@@ -434,10 +434,10 @@ SENDMAIL(8) SENDMAIL(8)
are only approximations.

4
sendmail-8.15.1-dynamic.patch → sendmail-8.16.1-dynamic.patch
View File

@ -39,8 +39,8 @@
define(`confREQUIRE_SM_OS_H', `true')
PREPENDDEF(`confENVDEF', `confMAPDEF')
bldPRODUCT_START(`library', `libsm')
-define(`bldSOURCES', ` assert.c debug.c errstring.c exc.c heap.c match.c rpool.c strdup.c strerror.c strl.c clrerr.c fclose.c feof.c ferror.c fflush.c fget.c fpos.c findfp.c flags.c fopen.c fprintf.c fpurge.c fput.c fread.c fscanf.c fseek.c fvwrite.c fwalk.c fwrite.c get.c makebuf.c put.c refill.c rewind.c setvbuf.c smstdio.c snprintf.c sscanf.c stdio.c strio.c ungetc.c vasprintf.c vfprintf.c vfscanf.c vprintf.c vsnprintf.c wbuf.c wsetup.c string.c stringf.c xtrap.c strto.c test.c strcasecmp.c strrevcmp.c signal.c clock.c config.c shm.c sem.c mbdb.c strexit.c cf.c ldap.c niprop.c mpeix.c memstat.c util.c inet6_ntop.c ')
+define(`bldSOURCES', ` assert.c debug.c errstring.c exc.c heap.c match.c rpool.c strdup.c strl.c clrerr.c fclose.c feof.c ferror.c fflush.c fget.c fpos.c findfp.c flags.c fopen.c fprintf.c fpurge.c fput.c fread.c fscanf.c fseek.c fvwrite.c fwalk.c fwrite.c get.c makebuf.c put.c refill.c rewind.c setvbuf.c smstdio.c snprintf.c sscanf.c stdio.c strio.c ungetc.c vasprintf.c vfprintf.c vfscanf.c vprintf.c vsnprintf.c wbuf.c wsetup.c string.c stringf.c xtrap.c strto.c test.c strcasecmp.c strrevcmp.c signal.c clock.c config.c shm.c sem.c mbdb.c strexit.c cf.c ldap.c niprop.c mpeix.c memstat.c util.c inet6_ntop.c ')
-define(`bldSOURCES', ` assert.c debug.c errstring.c exc.c heap.c match.c rpool.c strdup.c strerror.c strl.c clrerr.c fclose.c feof.c ferror.c fflush.c fget.c fpos.c findfp.c flags.c fopen.c fprintf.c fpurge.c fput.c fread.c fscanf.c fseek.c fvwrite.c fwalk.c fwrite.c get.c makebuf.c put.c refill.c rewind.c setvbuf.c smstdio.c snprintf.c sscanf.c stdio.c strio.c ungetc.c vasprintf.c vfprintf.c vfscanf.c vprintf.c vsnprintf.c wbuf.c wsetup.c string.c stringf.c xtrap.c strto.c test.c strcasecmp.c strrevcmp.c signal.c clock.c config.c shm.c sem.c mbdb.c strexit.c cf.c ldap.c niprop.c mpeix.c memstat.c util.c inet6_ntop.c notify.c ')
+define(`bldSOURCES', ` assert.c debug.c errstring.c exc.c heap.c match.c rpool.c strdup.c strl.c clrerr.c fclose.c feof.c ferror.c fflush.c fget.c fpos.c findfp.c flags.c fopen.c fprintf.c fpurge.c fput.c fread.c fscanf.c fseek.c fvwrite.c fwalk.c fwrite.c get.c makebuf.c put.c refill.c rewind.c setvbuf.c smstdio.c snprintf.c sscanf.c stdio.c strio.c ungetc.c vasprintf.c vfprintf.c vfscanf.c vprintf.c vsnprintf.c wbuf.c wsetup.c string.c stringf.c xtrap.c strto.c test.c strcasecmp.c strrevcmp.c signal.c clock.c config.c shm.c sem.c mbdb.c strexit.c cf.c ldap.c niprop.c mpeix.c memstat.c util.c inet6_ntop.c notify.c ')
bldPRODUCT_END
dnl msg.c
dnl syslogio.c

12
sendmail-8.15.2-libmilter-socket-activation.patch → sendmail-8.16.1-libmilter-socket-activation.patch
View File

@ -1,10 +1,8 @@
Description: systemd-like socket activation support for libmilter
Author: Mikhail Gusarov <dottedmag@debian.org
diff --git a/libmilter/docs/smfi_setconn.html b/libmilter/docs/smfi_setconn.html
index eba7c5b..5b272a0 100644
index 8897f5a..0e04120 100644
--- a/libmilter/docs/smfi_setconn.html
+++ b/libmilter/docs/smfi_setconn.html
@@ -43,6 +43,7 @@ Set the socket through which this filter should communicate with sendmail.
@@ -44,6 +44,7 @@ Set the socket through which this filter should communicate with sendmail.
<LI><CODE>{unix|local}:/path/to/file</CODE> -- A named pipe.
<LI><CODE>inet:port@{hostname|ip-address}</CODE> -- An IPV4 socket.
<LI><CODE>inet6:port@{hostname|ip-address}</CODE> -- An IPV6 socket.
@ -13,7 +11,7 @@ index eba7c5b..5b272a0 100644
</TD></TR>
</TABLE>
diff --git a/libmilter/listener.c b/libmilter/listener.c
index 11d92bb..2ab533d 100644
index 0468a62..72e7a4f 100644
--- a/libmilter/listener.c
+++ b/libmilter/listener.c
@@ -197,6 +197,11 @@ mi_milteropen(conn, backlog, rmsocket, name)
@ -54,7 +52,7 @@ index 11d92bb..2ab533d 100644
@@ -466,6 +485,7 @@ mi_milteropen(conn, backlog, rmsocket, name)
#if NETUNIX
addr.sa.sa_family != AF_UNIX &&
#endif /* NETUNIX */
#endif
+ addr.sa.sa_family != AF_UNSPEC &&
setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void *) &sockopt,
sizeof(sockopt)) == -1)
@ -72,7 +70,7 @@ index 11d92bb..2ab533d 100644
@@ -818,7 +839,7 @@ mi_listener(conn, dbg, smfi, timeout, backlog)
# ifdef BSD4_4_SOCKADDR
cliaddr.sa.sa_len == 0 ||
# endif /* BSD4_4_SOCKADDR */
# endif
- cliaddr.sa.sa_family != L_family))
+ (L_family != AF_UNSPEC && cliaddr.sa.sa_family != L_family)))
{

4
sendmail-8.15.2-localdomain.patch → sendmail-8.16.1-localdomain.patch
View File

@ -1,8 +1,8 @@
diff --git a/cf/m4/proto.m4 b/cf/m4/proto.m4
index 696bf36..5a5963b 100644
index 618dde0..8c460ce 100644
--- a/cf/m4/proto.m4
+++ b/cf/m4/proto.m4
@@ -1898,6 +1898,8 @@ R<@> < $* @ [IPv6:::1] >
@@ -1910,6 +1910,8 @@ R<@> < $* @ [IPv6:::1] >
$: < ? $&{client_name} > < $1 @ [IPv6:::1] >
R<@> < $* @ localhost.$m >
$: < ? $&{client_name} > < $1 @ localhost.$m >

50
sendmail-8.15.2-qos.patch → sendmail-8.16.1-qos.patch
View File

@ -12,10 +12,10 @@ index b9dfb16..cb325cc 100644
dnl define(`confDIRECT_SUBMISSION_MODIFIERS',`C')dnl
FEATURE(`use_ct_file')dnl
diff --git a/cf/m4/proto.m4 b/cf/m4/proto.m4
index 5a5963b..0df3416 100644
index 8c460ce..a68ab8d 100644
--- a/cf/m4/proto.m4
+++ b/cf/m4/proto.m4
@@ -251,6 +251,9 @@ _OPTION(SevenBitInput, `confSEVEN_BIT_INPUT', `False')
@@ -253,6 +253,9 @@ _OPTION(SevenBitInput, `confSEVEN_BIT_INPUT', `False')
# 8-bit data handling
_OPTION(EightBitMode, `confEIGHT_BIT_HANDLING', `pass8')
@ -26,11 +26,11 @@ index 5a5963b..0df3416 100644
_OPTION(AliasWait, `confALIAS_WAIT', `5m')
diff --git a/sendmail/conf.c b/sendmail/conf.c
index cbb9c76..1b55533 100644
index e9fa42c..fa64b11 100644
--- a/sendmail/conf.c
+++ b/sendmail/conf.c
@@ -6430,6 +6430,10 @@ char *FFRCompileOptions[] =
#if _FFR_QF_PARANOIA
@@ -6614,6 +6614,10 @@ char *FFRCompileOptions[] =
/* Check to make sure key fields were read from qf */
"_FFR_QF_PARANOIA",
#endif
+#if _FFR_QOS && defined(SOL_IP) && defined(IP_TOS)
@ -41,10 +41,10 @@ index cbb9c76..1b55533 100644
/* Allow QueueSortOrder per queue group. */
/* XXX: Still need to actually use qgrp->qg_sortorder */
diff --git a/sendmail/daemon.c b/sendmail/daemon.c
index 4288365..86fe319 100644
index 19a9378..5561cf5 100644
--- a/sendmail/daemon.c
+++ b/sendmail/daemon.c
@@ -104,6 +104,10 @@ static int NDaemons = 0; /* actual number of daemons */
@@ -124,6 +124,10 @@ static int NDaemons = 0; /* actual number of daemons */
static time_t NextDiskSpaceCheck = 0;
@ -55,7 +55,7 @@ index 4288365..86fe319 100644
/*
** GETREQUESTS -- open mail IPC port and get requests.
**
@@ -1139,6 +1143,16 @@ opendaemonsocket(d, firsttime)
@@ -1159,6 +1163,16 @@ opendaemonsocket(d, firsttime)
(void) setsockopt(d->d_socket, SOL_SOCKET,
SO_KEEPALIVE, (char *)&on, sizeof(on));
@ -72,7 +72,7 @@ index 4288365..86fe319 100644
#ifdef SO_RCVBUF
if (d->d_tcprcvbufsize > 0)
{
@@ -2571,6 +2585,16 @@ gothostent:
@@ -2688,6 +2702,16 @@ gothostent:
return EX_TEMPFAIL;
}
@ -90,21 +90,21 @@ index 4288365..86fe319 100644
if (ClientSettings[family].d_tcpsndbufsize > 0)
{
diff --git a/sendmail/readcf.c b/sendmail/readcf.c
index 2b0fbf7..86892f5 100644
index e6f6296..adb09da 100644
--- a/sendmail/readcf.c
+++ b/sendmail/readcf.c
@@ -18,6 +18,7 @@ SM_RCSID("@(#)$Id: readcf.c,v 8.692 2013-11-22 20:51:56 ca Exp $")
@@ -24,6 +24,7 @@ SM_RCSID("@(#)$Id: readcf.c,v 8.692 2013-11-22 20:51:56 ca Exp $")
#if NETINET || NETINET6
# include <arpa/inet.h>
+# include <netinet/ip.h>
#endif /* NETINET || NETINET6 */
#endif
@@ -2888,8 +2889,8 @@ static struct optioninfo
@@ -2917,8 +2918,8 @@ static struct optioninfo
# define O_RCPTTHROTDELAY 0xe6
{ "BadRcptThrottleDelay", O_RCPTTHROTDELAY, OI_SAFE },
#endif /* _FFR_RCPTTHROTDELAY */
#endif
-#if 0 && _FFR_QOS && defined(SOL_IP) && defined(IP_TOS)
-# define O_INETQOS 0xe7 /* reserved for FFR_QOS */
+#if _FFR_QOS && defined(SOL_IP) && defined(IP_TOS)
@ -112,7 +112,7 @@ index 2b0fbf7..86892f5 100644
{ "InetQoS", O_INETQOS, OI_NONE },
#endif
#if STARTTLS && _FFR_FIPSMODE
@@ -2914,6 +2915,77 @@ static struct optioninfo
@@ -2982,6 +2983,77 @@ static struct optioninfo
{ NULL, '\0', OI_NONE }
};
@ -190,9 +190,9 @@ index 2b0fbf7..86892f5 100644
# define CANONIFY(val)
# define SET_OPT_DEFAULT(opt, val) opt = val
@@ -4540,6 +4612,33 @@ setoption(opt, val, safe, sticky, e)
UseCompressedIPv6Addresses = atobool(val);
@@ -4679,6 +4751,33 @@ setoption(opt, val, safe, sticky, e)
break;
# endif
+#ifdef O_INETQOS
+ case O_INETQOS:
@ -225,22 +225,22 @@ index 2b0fbf7..86892f5 100644
if (tTd(37, 1))
{
diff --git a/sendmail/sendmail.h b/sendmail/sendmail.h
index b2d0211..3bcc2e2 100644
index e6cf45d..7f5cf9f 100644
--- a/sendmail/sendmail.h
+++ b/sendmail/sendmail.h
@@ -2537,7 +2537,14 @@ EXTERN struct termescape TermEscape; /* terminal escape codes */
EXTERN SOCKADDR ConnectOnlyTo; /* override connection address (for testing) */
@@ -2566,6 +2566,15 @@ EXTERN SOCKADDR ConnectOnlyTo; /* override connection address (for testing) */
EXTERN SOCKADDR RealHostAddr; /* address of host we are talking to */
extern const SM_EXC_TYPE_T EtypeQuickAbort; /* type of a QuickAbort exception */
-
+#if _FFR_QOS
+# if !defined(SOL_IP) && defined(IPPROTO_IP)
+# define SOL_IP IPPROTO_IP
+# endif
+# if defined(SOL_IP) && defined(IP_TOS)
+EXTERN int InetQoS; /* QoS mapping */
+extern int InetQoS; /* QoS mapping */
+# endif
+#endif
EXTERN int ConnectionRateWindowSize;
#if STARTTLS && USE_OPENSSL_ENGINE
+
#if _FFR_BLANKENV_MACV
EXTERN int Hacks; /* bit field of run-time enabled "hacks" */
# define H_LOOKUP_MACRO_IN_BLANKENV 0x0001

8
sendmail-8.14.8-sasl2-in-etc.patch → sendmail-8.16.1-sasl2-in-etc.patch
View File

@ -1,18 +1,18 @@
diff --git a/sendmail/usersmtp.c b/sendmail/usersmtp.c
index c217ffa..e4dadd3 100644
index b4ff5cc..dddbb0a 100644
--- a/sendmail/usersmtp.c
+++ b/sendmail/usersmtp.c
@@ -1331,9 +1331,7 @@ safesaslfile(context, file)
@@ -1346,9 +1346,7 @@ safesaslfile(context, file)
{
long sff;
int r;
-#if SASL <= 10515
size_t len;
-#endif /* SASL <= 10515 */
-#endif
char *p;
if (file == NULL || *file == '\0')
@@ -1369,9 +1367,16 @@ safesaslfile(context, file)
@@ -1386,9 +1384,16 @@ safesaslfile(context, file)
#endif /* SASL <= 10515 */
p = (char *) file;

8
sendmail-8.14.3-smrsh_paths.patch → sendmail-8.16.1-smrsh_paths.patch
View File

@ -165,18 +165,18 @@ diff -up sendmail-8.14.3/smrsh/smrsh.c.smrsh_paths sendmail-8.14.3/smrsh/smrsh.c
@@ -77,7 +77,7 @@ SM_IDSTR(id, "@(#)$Id: smrsh.c,v 8.65 20
# ifdef SMRSH_CMDDIR
# define CMDDIR SMRSH_CMDDIR
# else /* SMRSH_CMDDIR */
# else
-# define CMDDIR "/usr/adm/sm.bin"
+# define CMDDIR "/etc/smrsh"
# endif /* SMRSH_CMDDIR */
# endif
#endif /* ! CMDDIR */
@@ -89,7 +89,7 @@ SM_IDSTR(id, "@(#)$Id: smrsh.c,v 8.65 20
# ifdef SMRSH_PATH
# define PATH SMRSH_PATH
# else /* SMRSH_PATH */
# else
-# define PATH "/bin:/usr/bin:/usr/ucb"
+# define PATH "/bin:/usr/bin"
# endif /* SMRSH_PATH */
# endif
#endif /* ! PATH */

6
sendmail-8.15.2-switchfile.patch → sendmail-8.16.1-switchfile.patch
View File

@ -1,13 +1,13 @@
diff --git a/sendmail/conf.c b/sendmail/conf.c
index c73334e..cbb9c76 100644
index 63c545c..e9fa42c 100644
--- a/sendmail/conf.c
+++ b/sendmail/conf.c
@@ -986,7 +986,7 @@ switch_map_find(service, maptype, mapreturn)
@@ -1039,7 +1039,7 @@ switch_map_find(service, maptype, mapreturn)
if (p != NULL)
*p = '\0';
#ifndef SM_NSSWITCH_DELIMS
-# define SM_NSSWITCH_DELIMS " \t"
+# define SM_NSSWITCH_DELIMS " \t:"
#endif /* SM_NSSWITCH_DELIMS */
#endif
p = strpbrk(buf, SM_NSSWITCH_DELIMS);
if (p != NULL)

2
sendmail-redhat.mc
View File

@ -104,7 +104,7 @@ dnl # The -t option will retry delivery if e.g. the user runs over his quota.
dnl #
FEATURE(local_procmail, `', `procmail -t -Y -a $h -d $u')dnl
FEATURE(`access_db', `hash -T<TMPF> -o /etc/mail/access.db')dnl
FEATURE(`blacklist_recipients')dnl
FEATURE(`blocklist_recipients')dnl
EXPOSED_USER(`root')dnl
dnl #
dnl # For using Cyrus-IMAPd as POP3/IMAP server through LMTP delivery uncomment

51
sendmail.spec
View File

@ -18,8 +18,8 @@
Summary: A widely used Mail Transport Agent (MTA)
Name: sendmail
Version: 8.15.2
Release: 44%{?dist}
Version: 8.16.1
Release: 1%{?dist}
License: Sendmail
URL: http://www.sendmail.org/
@ -57,47 +57,33 @@ Source17: sendmail-etc-mail-virtusertable
# fix man path and makemap man page
Patch3: sendmail-8.14.4-makemapman.patch
# fix smrsh paths
Patch4: sendmail-8.14.3-smrsh_paths.patch
Patch4: sendmail-8.16.1-smrsh_paths.patch
# fix sm-client.pid path
Patch7: sendmail-8.14.9-pid.patch
# fix sendmail man page
Patch10: sendmail-8.15.1-manpage.patch
# compile with -fpie
Patch11: sendmail-8.15.1-dynamic.patch
Patch11: sendmail-8.16.1-dynamic.patch
# fix cyrus path
Patch12: sendmail-8.13.0-cyrus.patch
# fix aliases.db path
Patch13: sendmail-8.15.1-aliases_dir.patch
Patch13: sendmail-8.16.1-aliases_dir.patch
# fix vacation Makefile
Patch14: sendmail-8.14.9-vacation.patch
# remove version information from sendmail helpfile
Patch15: sendmail-8.14.9-noversion.patch
# do not accept localhost.localdomain as valid address from SMTP
Patch16: sendmail-8.15.2-localdomain.patch
Patch16: sendmail-8.16.1-localdomain.patch
# build libmilter as DSO
Patch17: sendmail-8.14.3-sharedmilter.patch
# skip colon separator when parsing service name in ServiceSwitchFile
Patch18: sendmail-8.15.2-switchfile.patch
Patch18: sendmail-8.16.1-switchfile.patch
# silence warning about missing sasl2 config in /usr/lib*, now in /etc/sasl2
Patch23: sendmail-8.14.8-sasl2-in-etc.patch
Patch23: sendmail-8.16.1-sasl2-in-etc.patch
# add QoS support, patch from Philip Prindeville <philipp@fedoraproject.org>
# upstream reserved option ID 0xe7 for testing of this new feature, #576643
Patch25: sendmail-8.15.2-qos.patch
Patch26: sendmail-8.15.2-libmilter-socket-activation.patch
# patch provided by upstream
Patch27: sendmail-8.15.2-smtp-session-reuse-fix.patch
Patch28: sendmail-8.15.2-openssl-1.1.0-fix.patch
# patch taken from Debian
# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=807258
Patch29: sendmail-8.15.2-format-security.patch
# rhbz#1473971
Patch30: sendmail-8.15.2-openssl-1.1.0-ecdhe-fix.patch
# rhbz#1736650
Patch31: sendmail-8.15.2-gethostbyname2.patch
# upstream patch:
Patch32: sendmail-8.15.2-fix-covscan-issues.patch
# sent upstream
Patch33: sendmail-8.15.2-gcc-10-fix.patch
Patch25: sendmail-8.16.1-qos.patch
Patch26: sendmail-8.16.1-libmilter-socket-activation.patch
BuildRequires: libdb-devel
BuildRequires: libnsl2-devel
@ -204,13 +190,6 @@ cp devtools/M4/UNIX/{,shared}library.m4
%patch23 -p1 -b .sasl2-in-etc
%patch25 -p1 -b .qos
%patch26 -p1 -b .libmilter-socket-activation
%patch27 -p1 -b .smtp-session-reuse-fix
%patch28 -p1 -b .openssl-1.1.0-fix
%patch29 -p1 -b .format-security
%patch30 -p1 -b .openssl-1.1.0-ecdhe-fix
%patch31 -p1 -b .gethostbyname2
%patch32 -p1 -b .fix-covscan-issues
%patch33 -p1 -b .gcc-10-fix
for f in RELEASE_NOTES contrib/etrn.0; do
iconv -f iso8859-1 -t utf8 -o ${f}{_,} &&
@ -263,7 +242,7 @@ EOF
%if "%{with_tls}" == "yes"
cat >> redhat.config.m4 << EOF
APPENDDEF(\`conf_sendmail_ENVDEF', \`-DSTARTTLS -D_FFR_TLS_1 -D_FFR_TLS_EC -D_FFR_TLS_USE_CERTIFICATE_CHAIN_FILE')dnl
APPENDDEF(\`conf_sendmail_ENVDEF', \`-DSTARTTLS -D_FFR_TLS_1 -DTLS_EC -D_FFR_TLS_USE_CERTIFICATE_CHAIN_FILE -DDANE')dnl
APPENDDEF(\`conf_sendmail_LIBS', \`-lssl -lcrypto')dnl
EOF
%endif
@ -714,6 +693,14 @@ exit 0
%changelog
* Tue Jul 7 2020 Jaroslav Škarvada <jskarvad@redhat.com> - 8.16.1-1
- New version
Resolves: rhbz#1853885
- Dropped smtp-session-reuse-fix, openssl-1.1.0-fix, openssl-1.1.0-ecdhe-fix,
gethostbyname2, fix-covscan-issues, gcc-10-fix patches (not needed)
- Dropped format-security patch (upstreamed)
- Updated patches
* Fri Apr 03 2020 Tom Stellard <tstellar@redhat.com> - 8.15.2-44
- Specify value for confCC in redhat.config.m4

2
sources
View File

@ -1 +1 @@
a824fa7dea4d3341efb6462ccd816f00 sendmail.8.15.2.tar.gz
SHA512 (sendmail.8.16.1.tar.gz) = d7d4aac3c6d7505782abdb166204901b8b51cac000d610dfe40eda9eef7441a073af9e8e0b14c8719b07b445f55a1e2c28ac63d663d0daa7f1eafc5a101788b2