packages/sendmail
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

update sendmail to 8.17.1

Browse Source
This commit is contained in:
xihaochen 2022-03-21 16:51:46 +08:00
parent c0a8103b7f
commit 96a3af8be1
22 changed files with 134 additions and 500 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

359
0001-remove-libdb-dependency.patch
View File

@ -1,359 +0,0 @@
From 2736cf77113b65b2fe34eea70347e923b9c02af5 Mon Sep 17 00:00:00 2001
From: eaglegai <eaglegai@163.com>
Date: Fri, 15 Jan 2021 16:30:34 +0800
Subject: [PATCH] remove libdb dependency
---
sendmail-8.15.2-format-security.patch | 92 ++++++++++++
sendmail-8.15.2-openssl-1.1.0-fix.patch | 183 ++++++++++++++++++++++++
sendmail.spec | 20 ++-
3 files changed, 289 insertions(+), 6 deletions(-)
create mode 100644 sendmail-8.15.2-format-security.patch
create mode 100644 sendmail-8.15.2-openssl-1.1.0-fix.patch
diff --git a/sendmail-8.15.2-format-security.patch b/sendmail-8.15.2-format-security.patch
new file mode 100644
index 0000000..d4ff443
--- /dev/null
+++ b/sendmail-8.15.2-format-security.patch
@@ -0,0 +1,92 @@
+diff --git a/sendmail/srvrsmtp.c b/sendmail/srvrsmtp.c
+index ba636a8..46c5356 100644
+--- a/sendmail/srvrsmtp.c
++++ b/sendmail/srvrsmtp.c
+@@ -159,6 +159,26 @@
+ #define SKIP_SPACE(s) while (SM_ISSPACE(*s)) \
+ (s)++
+
++static inline void
++message1(fmt)
++ char *fmt;
++{
++ if (strchr(fmt, '%') == NULL)
++ message(fmt, NULL);
++ else
++ message("%s", fmt);
++}
++
++static inline void
++usrerr1(fmt)
++ char *fmt;
++{
++ if (strchr(fmt, '%') == NULL)
++ usrerr(fmt, NULL);
++ else
++ usrerr("%s", fmt);
++}
++
+ #if _FFR_EAI
+ /*
+ ** ADDR_IS_ASCII -- check whether an address is 100% printable ASCII
+@@ -638,13 +658,13 @@
+ bool tsave = QuickAbort; \
+ \
+ QuickAbort = false; \
+- usrerr(response); \
++ usrerr1(response); \
+ QuickAbort = tsave; \
+ e->e_sendqueue = NULL; \
+ goto doquit; \
+ } \
+ else \
+- usrerr(response); \
++ usrerr1(response); \
+ break; \
+ \
+ case SMFIR_REJECT: \
+@@ -1011,7 +1031,7 @@
+ else if (strncmp(nullserver, "421 ", 4) == 0)
+ {
+ /* Can't use ("%s", ...) due to message() requirements */
+- message(nullserver);
++ message1(nullserver);
+ goto doquit;
+ }
+
+@@ -1953,7 +1973,7 @@
+ if (ISSMTPREPLY(nullserver))
+ {
+ /* Can't use ("%s", ...) due to usrerr() requirements */
+- usrerr(nullserver);
++ usrerr1(nullserver);
+ }
+ else
+ {
+@@ -2561,7 +2581,7 @@
+ if (response != NULL)
+ {
+ /* Can't use ("%s", ...) due to usrerr() requirements */
+- usrerr(response);
++ usrerr1(response);
+ }
+ else
+ {
+@@ -3800,7 +3820,7 @@
+ #endif
+
+ /* Can't use ("%s", ...) due to usrerr() requirements */
+- usrerr(response);
++ usrerr1(response);
+ if (strncmp(response, "421 ", 4) == 0
+ || strncmp(response, "421-", 4) == 0)
+ {
+@@ -3922,7 +3942,7 @@
+ (void) extenhsc(response + 4, ' ', e->e_enhsc);
+ #endif
+ /* Can't use ("%s", ...) due to usrerr() requirements */
+- usrerr(response);
++ usrerr1(response);
+ if (strncmp(response, "421 ", 4) == 0
+ || strncmp(response, "421-", 4) == 0)
+ rv = false;
diff --git a/sendmail-8.15.2-openssl-1.1.0-fix.patch b/sendmail-8.15.2-openssl-1.1.0-fix.patch
new file mode 100644
index 0000000..c0023b1
--- /dev/null
+++ b/sendmail-8.15.2-openssl-1.1.0-fix.patch
@@ -0,0 +1,183 @@
+--- sendmail-8.15.2.orig/sendmail/tls.c 2016-12-01 15:20:59.953546417 +0100
++++ sendmail-8.15.2.orig/sendmail/tls.c 2016-12-01 17:26:43.868521378 +0100
+@@ -79,7 +79,8 @@
+ static DH *
+ get_dh512()
+ {
+- DH *dh = NULL;
++ DH *dh;
++ BIGNUM *p, *g;
+ # if MTA_HAVE_DH_set0_pqg
+ BIGNUM *dhp_bn, *dhg_bn;
+ # endif
+@@ -96,13 +97,23 @@
+ return NULL;
+ }
+ # else
+- dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
+- dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
+- if ((dh->p == NULL) || (dh->g == NULL))
++ p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
++ g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
++ if (p == NULL || g == NULL)
+ {
++ BN_free(p);
++ BN_free(g);
+ DH_free(dh);
+ return NULL;
+ }
++
++#if OPENSSL_VERSION_NUMBER >= 0x10100005L
++ DH_set0_pqg(dh, p, NULL, g);
++#else
++ dh->p = p;
++ dh->g = g;
++#endif
++
+ # endif
+ return dh;
+ }
+@@ -150,6 +161,8 @@
+ };
+ static unsigned char dh2048_g[]={ 0x02, };
+ DH *dh;
++ BIGNUM *p, *g;
++
+ # if MTA_HAVE_DH_set0_pqg
+ BIGNUM *dhp_bn, *dhg_bn;
+ # endif
+@@ -166,13 +179,23 @@
+ return NULL;
+ }
+ # else
+- dh->p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL);
+- dh->g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL);
+- if ((dh->p == NULL) || (dh->g == NULL))
++ p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL);
++ g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL);
++ if (p == NULL || g == NULL)
+ {
++ BN_free(p);
++ BN_free(g);
+ DH_free(dh);
+- return(NULL);
++ return NULL;
+ }
++
++#if OPENSSL_VERSION_NUMBER >= 0x10100005L
++ DH_set0_pqg(dh, p, NULL, g);
++#else
++ dh->p = p;
++ dh->g = g;
++#endif
++
+ # endif
+ return(dh);
+ }
+@@ -929,6 +952,54 @@
+ # define SM_SSL_OP_TLS_BLOCK_PADDING_BUG 0
+ # endif
+
++static RSA *
++generate_rsa_key(bits, e)
++ int bits;
++ unsigned long e;
++{
++#if OPENSSL_VERSION_NUMBER < 0x00908000L
++ return RSA_generate_key(bits, e, NULL, NULL);
++#else
++ BIGNUM *bne;
++ RSA *rsa = NULL;
++
++ bne = BN_new();
++ if (bne && BN_set_word(bne, e) != 1)
++ rsa = RSA_new();
++ if (rsa && RSA_generate_key_ex(rsa, bits, bne, NULL) != 1)
++ {
++ RSA_free(rsa);
++ rsa = NULL;
++ }
++ BN_free(bne);
++ return rsa;
++#endif
++}
++
++static DSA *
++generate_dsa_parameters(bits, seed, seed_len, counter_ret, h_ret)
++ int bits;
++ unsigned char *seed;
++ int seed_len;
++ int *counter_ret;
++ unsigned long *h_ret;
++{
++#if OPENSSL_VERSION_NUMBER < 0x00908000L
++ return DSA_generate_parameters(bits, seed, seed_len, counter_ret,
++ h_ret, NULL, NULL);
++#else
++ DSA *dsa = DSA_new();
++
++ if (dsa && DSA_generate_parameters_ex(dsa, bits, seed, seed_len,
++ counter_ret, h_ret, NULL) != 1)
++ {
++ DSA_free(dsa);
++ dsa = NULL;
++ }
++ return dsa;
++#endif
++}
++
+ bool
+ inittls(ctx, req, options, srv, certfile, keyfile, cacertpath, cacertfile, dhparam)
+ SSL_CTX **ctx;
+@@ -1183,8 +1254,7 @@
+ if (bitset(TLS_I_RSA_TMP, req)
+ # if SM_CONF_SHM
+ && ShmId != SM_SHM_NO_ID &&
+- (rsa_tmp = RSA_generate_key(RSA_KEYLENGTH, RSA_F4, NULL,
+- NULL)) == NULL
++ (rsa_tmp = generate_rsa_key(RSA_KEYLENGTH, RSA_F4)) == NULL
+ # else /* SM_CONF_SHM */
+ && 0 /* no shared memory: no need to generate key now */
+ # endif /* SM_CONF_SHM */
+@@ -1391,8 +1461,8 @@
+ }
+ # else
+ /* this takes a while! */
+- dsa = DSA_generate_parameters(bits, NULL, 0, NULL,
+- NULL, 0, NULL);
++ dsa = generate_dsa_parameters(bits, NULL, 0, NULL,
++ NULL);
+ dh = DSA_dup_DH(dsa);
+ # endif
+ DSA_free(dsa);
+@@ -2081,7 +2151,7 @@
+
+ if (rsa_tmp != NULL)
+ RSA_free(rsa_tmp);
+- rsa_tmp = RSA_generate_key(RSA_KEYLENGTH, RSA_F4, NULL, NULL);
++ rsa_tmp = generate_rsa_key(RSA_KEYLENGTH, RSA_F4);
+ if (rsa_tmp == NULL)
+ {
+ if (LogLevel > 0)
+@@ -2526,12 +2596,21 @@
+ SM_GETTLSI;
+ if (LogLevel > 13)
+ tls_verify_log(ok, ctx, "X509");
++#if OPENSSL_VERSION_NUMBER >= 0x10100005L
++ if (X509_STORE_CTX_get_error(ctx) ==
++ X509_V_ERR_UNABLE_TO_GET_CRL)
++ {
++ X509_STORE_CTX_set_error(ctx, 0);
++ return 1; /* override it */
++ }
++#else
+ if (X509_STORE_CTX_get_error(ctx) == X509_V_ERR_UNABLE_TO_GET_CRL &&
+ !SM_TLSI_IS(tlsi_ctx, TLSI_FL_CRLREQ))
+ {
+ X509_STORE_CTX_set_error(ctx, 0);
+ return 1; /* override it */
+ }
++#endif
+ return ok;
+ }
+
diff --git a/sendmail.spec b/sendmail.spec
index eb15495..273cca2 100644
--- a/sendmail.spec
+++ b/sendmail.spec
@@ -1,6 +1,6 @@
Name: sendmail
Version: 8.16.1
-Release: 2
+Release: 3
Summary: A classic mail transfer agent from the Unix world
License: Sendmail
URL: http://www.sendmail.org/
@@ -21,7 +21,7 @@ Source13: sendmail-etc-mail-local-host-names
Source14: sendmail-etc-mail-mailertable
Source15: sendmail-etc-mail-trusted-users
-BuildRequires: openssl-devel openldap-devel libdb-devel libnsl2-devel
+BuildRequires: openssl-devel openldap-devel libnsl2-devel
BuildRequires: cyrus-sasl-devel groff ghostscript m4 systemd setup >= 2.5.31-1
Requires: bash >= 2.0 setup >= 2.5.31-1 %{_sbindir}/saslauthd
Requires(pre): shadow-utils
@@ -46,6 +46,8 @@ Patch9: sendmail-8.15.2-switchfile.patch
Patch10: sendmail-8.14.8-sasl2-in-etc.patch
Patch11: sendmail-8.16.1-qos.patch
Patch12: sendmail-8.15.2-libmilter-socket-activation.patch
+Patch13: sendmail-8.15.2-openssl-1.1.0-fix.patch
+Patch14: sendmail-8.15.2-format-security.patch
%description
Sendmail is a general purpose internetwork email routing facility that
@@ -94,21 +96,21 @@ cp devtools/M4/UNIX/library.m4 devtools/M4/UNIX/sharedlibrary.m4
export CFLAGS="${RPM_OPT_FLAGS}"
cat << EOF > config.m4
-define(\`confMAPDEF', \`-DNEWDB -DNIS -DMAP_REGEX -DSOCKETMAP -DNAMED_BIND=1')
+define(\`confMAPDEF', \`-DNIS -DMAP_REGEX -DSOCKETMAP -DNAMED_BIND=1')
define(\`confOPTIMIZE', \`\`\`\`${RPM_OPT_FLAGS}'''')
-define(\`confLIBS', \`-lnsl -lcrypt -ldb -lresolv')
+define(\`confLIBS', \`-lnsl -lcrypt -lresolv')
define(\`confSTDIR', \`%{_localstatedir}/log/mail')
define(\`confLDOPTS', \`-Xlinker -z -Xlinker relro -Xlinker -z -Xlinker now')
define(\`confMANOWN', \`root')
define(\`confMANGRP', \`root')
-define(\`confENVDEF', \`-I%{_includedir}/libdb -I/usr/kerberos/include -Wall -DXDEBUG=0')
+define(\`confENVDEF', \`-I/usr/kerberos/include -Wall -DXDEBUG=0')
define(\`confLIBDIRS', \`-L/usr/kerberos/%{_lib}')
define(\`confMANMODE', \`644')
define(\`confMAN1SRC', \`1')
define(\`confMAN5SRC', \`5')
define(\`confMAN8SRC', \`8')
define(\`STATUS_FILE', \`%{_localstatedir}/log/mail/statistics')
-define(\`confLIBSEARCH', \`db resolv 44bsd')
+define(\`confLIBSEARCH', \`resolv 44bsd')
EOF
#'
--
2.23.0

1
Sendmail-sasl2.conf
View File

@ -1 +1,2 @@
pwcheck_method:saslauthd
ldapdb_uri: ldapi:///

0
sendmail-8.13.0-cyrus.patch → backport-sendmail-8.13.0-cyrus.patch
View File

0
sendmail-8.14.3-sharedmilter.patch → backport-sendmail-8.14.3-sharedmilter.patch
View File

0
sendmail-8.14.4-makemapman.patch → backport-sendmail-8.14.4-makemapman.patch
View File

0
sendmail-8.14.9-noversion.patch → backport-sendmail-8.14.9-noversion.patch
View File

0
sendmail-8.14.9-pid.patch → backport-sendmail-8.14.9-pid.patch
View File

54
sendmail-8.16.1-aliases_dir.patch → backport-sendmail-8.17.1-aliases_dir.patch
View File

@ -1,8 +1,8 @@
diff --git a/cf/m4/cfhead.m4 b/cf/m4/cfhead.m4
index 6d12e85..15af608 100644
index c30fad0..492882e 100644
--- a/cf/m4/cfhead.m4
+++ b/cf/m4/cfhead.m4
@@ -269,7 +269,7 @@ ifdef(`MAIL_SETTINGS_DIR', , `define(`MAIL_SETTINGS_DIR', `/etc/mail/')')
@@ -275,7 +275,7 @@ ifdef(`MAIL_SETTINGS_DIR', , `define(`MAIL_SETTINGS_DIR', `/etc/mail/')')
define(`DATABASE_MAP_TYPE', `hash')
# set up default values for options
@ -12,10 +12,10 @@ index 6d12e85..15af608 100644
define(`confFROM_LINE', `From $g $d')
define(`confOPERATORS', `.:%@!^/[]+')
diff --git a/sendmail/aliases.0 b/sendmail/aliases.0
index ba855d4..edb3b19 100644
index 64d439c..1db4fd6 100644
--- a/sendmail/aliases.0
+++ b/sendmail/aliases.0
@@ -63,7 +63,7 @@ ALIASES(5) ALIASES(5)
@@ -63,7 +63,7 @@ DDEESSCCRRIIPPTTIIOONN
the list of users defined in that file.
This is only the raw data file; the actual aliasing information is
@ -25,48 +25,48 @@ index ba855d4..edb3b19 100644
time the aliases file is changed for the change to take effect.
diff --git a/sendmail/aliases.5 b/sendmail/aliases.5
index f09b49c..7b16db2 100644
index cb67508..52e5124 100644
--- a/sendmail/aliases.5
+++ b/sendmail/aliases.5
@@ -23,7 +23,7 @@ ID
aliases used by
aliases used by
sendmail.
The file resides in
-/etc/mail
The file resides in
-/etc/mail
+/etc
and
and
is formatted as a series of lines of the form
.IP
@@ -96,7 +96,7 @@ list of users defined in that file.
.PP
This is only the raw data file; the actual aliasing information is
placed into a binary format in the file
placed into a binary format in the file
-/etc/mail/aliases.db
+/etc/aliases.db
using the program
newaliases(1).
A
using the program
newaliases(1).
A
diff --git a/sendmail/newaliases.0 b/sendmail/newaliases.0
index 49ff2b0..247a276 100644
index d8952ee..0be8986 100644
--- a/sendmail/newaliases.0
+++ b/sendmail/newaliases.0
@@ -10,7 +10,7 @@ NEWALIASES(1) NEWALIASES(1)
@@ -10,7 +10,7 @@ SSYYNNOOPPSSIISS
DESCRIPTION
Newaliases rebuilds the random access data base for the mail aliases
DDEESSCCRRIIPPTTIIOONN
NNeewwaalliiaasseess rebuilds the random access data base for the mail aliases
- file /etc/mail/aliases. It must be run each time this file is changed
+ file /etc/aliases. It must be run each time this file is changed
in order for the change to take effect.
Newaliases is identical to ``sendmail -bi''.
@@ -22,7 +22,7 @@ NEWALIASES(1) NEWALIASES(1)
sendmail.
NNeewwaalliiaasseess is identical to ``sendmail -bi''.
@@ -22,7 +22,7 @@ DDEESSCCRRIIPPTTIIOONN
sseennddmmaaiill..
FILES
FFIILLEESS
- /etc/mail/aliases The mail aliases file
+ /etc/aliases The mail aliases file
SEE ALSO
SSEEEE AALLSSOO
aliases(5), sendmail(8)
diff --git a/sendmail/newaliases.1 b/sendmail/newaliases.1
index 59dc0de..9ba8752 100644
@ -91,13 +91,13 @@ index 59dc0de..9ba8752 100644
.SH SEE ALSO
aliases(5), sendmail(8)
diff --git a/sendmail/sendmail.0 b/sendmail/sendmail.0
index 60ab1cd..5f3bf93 100644
index 8eceedd..24a17da 100644
--- a/sendmail/sendmail.0
+++ b/sendmail/sendmail.0
@@ -434,10 +434,10 @@ SENDMAIL(8) SENDMAIL(8)
@@ -433,10 +433,10 @@ FFIILLEESS
names are all specified in _/_e_t_c_/_m_a_i_l_/_s_e_n_d_m_a_i_l_._c_f. Thus, these values
are only approximations.
- /etc/mail/aliases
+ /etc/aliases
raw data for alias names
@ -108,10 +108,10 @@ index 60ab1cd..5f3bf93 100644
/etc/mail/sendmail.cf
diff --git a/sendmail/sendmail.8 b/sendmail/sendmail.8
index 0356839..1258c26 100644
index 26685d0..60e7b64 100644
--- a/sendmail/sendmail.8
+++ b/sendmail/sendmail.8
@@ -711,10 +711,10 @@ Thus,
@@ -716,10 +716,10 @@ Thus,
these values are only approximations.
.PP
.TP

35
backport-sendmail-8.17.1-dynamic.patch Normal file
View File

@ -0,0 +1,35 @@
--- sendmail-8.14.4/devtools/OS/Linux 2010-01-03 22:55:35.000000000 +0100
+++ sendmail-8.14.4/devtools/OS/Linux.dynamic 2010-01-03 22:59:03.000000000 +0100
@@ -7,7 +7,7 @@
define(`confCCOPTS_SO', `-fPIC')
define(`confSM_OS_HEADER', `sm_os_linux')
define(`confMANROOT', `/usr/share/man/man')
-define(`confLIBS', `-ldl')
+define(`confLIBS', `-pie -ldl')
define(`confEBINDIR', `/usr/sbin')
APPENDDEF(`confLIBSEARCH', `crypt nsl')
@@ -22,19 +22,19 @@
ifelse(confBLDVARIANT, `DEBUG',
dnl Debug build
`
- define(`confOPTIMIZE',`-g -Wall')
+ define(`confOPTIMIZE',`-g -Wall -fpie')
',
dnl Optimized build
confBLDVARIANT, `OPTIMIZED',
`
- define(`confOPTIMIZE',`-O2')
+ define(`confOPTIMIZE',`-O2 -fpie')
',
dnl Purify build
confBLDVARIANT, `PURIFY',
`
- define(`confOPTIMIZE',`-g')
+ define(`confOPTIMIZE',`-g -fpie')
',
dnl default
`
- define(`confOPTIMIZE',`-O2')
+ define(`confOPTIMIZE',`-O2 -fpie')
')

12
sendmail-8.15.2-libmilter-socket-activation.patch → backport-sendmail-8.17.1-libmilter-socket-activation.patch
View File

@ -1,10 +1,8 @@
Description: systemd-like socket activation support for libmilter
Author: Mikhail Gusarov <dottedmag@debian.org
diff --git a/libmilter/docs/smfi_setconn.html b/libmilter/docs/smfi_setconn.html
index eba7c5b..5b272a0 100644
index 8897f5a..0e04120 100644
--- a/libmilter/docs/smfi_setconn.html
+++ b/libmilter/docs/smfi_setconn.html
@@ -43,6 +43,7 @@ Set the socket through which this filter should communicate with sendmail.
@@ -44,6 +44,7 @@ Set the socket through which this filter should communicate with sendmail.
<LI><CODE>{unix|local}:/path/to/file</CODE> -- A named pipe.
<LI><CODE>inet:port@{hostname|ip-address}</CODE> -- An IPV4 socket.
<LI><CODE>inet6:port@{hostname|ip-address}</CODE> -- An IPV6 socket.
@ -13,7 +11,7 @@ index eba7c5b..5b272a0 100644
</TD></TR>
</TABLE>
diff --git a/libmilter/listener.c b/libmilter/listener.c
index 11d92bb..2ab533d 100644
index 25ff895..23cec0a 100644
--- a/libmilter/listener.c
+++ b/libmilter/listener.c
@@ -197,6 +197,11 @@ mi_milteropen(conn, backlog, rmsocket, name)
@ -70,9 +68,9 @@ index 11d92bb..2ab533d 100644
smi_log(SMI_LOG_ERR,
"%s: Unable to bind to port %s: %s",
@@ -818,7 +839,7 @@ mi_listener(conn, dbg, smfi, timeout, backlog)
# ifdef BSD4_4_SOCKADDR
#ifdef BSD4_4_SOCKADDR
cliaddr.sa.sa_len == 0 ||
# endif
#endif
- cliaddr.sa.sa_family != L_family))
+ (L_family != AF_UNSPEC && cliaddr.sa.sa_family != L_family)))
{

4
sendmail-8.15.2-localdomain.patch → backport-sendmail-8.17.1-localdomain.patch
View File

@ -1,8 +1,8 @@
diff --git a/cf/m4/proto.m4 b/cf/m4/proto.m4
index 696bf36..5a5963b 100644
index cfd71b3..6a7cf1c 100644
--- a/cf/m4/proto.m4
+++ b/cf/m4/proto.m4
@@ -1898,6 +1898,8 @@ R<@> < $* @ [IPv6:::1] >
@@ -1921,6 +1921,8 @@ R<@> < $* @ [IPv6:::1] >
$: < ? $&{client_name} > < $1 @ [IPv6:::1] >
R<@> < $* @ localhost.$m >
$: < ? $&{client_name} > < $1 @ localhost.$m >

6
sendmail-8.15.1-manpage.patch → backport-sendmail-8.17.1-manpage.patch
View File

@ -1,8 +1,8 @@
diff --git a/sendmail/sendmail.8 b/sendmail/sendmail.8
index 9e0b9af..0356839 100644
index 6b10fac..26685d0 100644
--- a/sendmail/sendmail.8
+++ b/sendmail/sendmail.8
@@ -729,13 +729,11 @@ collected statistics
@@ -734,13 +734,11 @@ collected statistics
/var/spool/mqueue/*
temp files
.SH SEE ALSO
@ -14,5 +14,5 @@ index 9e0b9af..0356839 100644
mailaddr(7),
-rc(8)
.PP
DARPA
DARPA
Internet Request For Comments

32
sendmail-8.16.1-qos.patch → backport-sendmail-8.17.1-qos.patch
View File

@ -1,5 +1,5 @@
diff --git a/cf/cf/submit.mc b/cf/cf/submit.mc
index b9dfb16..cb325cc 100644
index 6e2b360..45df0e6 100644
--- a/cf/cf/submit.mc
+++ b/cf/cf/submit.mc
@@ -22,6 +22,8 @@ define(`__OSTYPE__',`')dnl dirty hack to keep proto.m4 from complaining
@ -12,10 +12,10 @@ index b9dfb16..cb325cc 100644
dnl define(`confDIRECT_SUBMISSION_MODIFIERS',`C')dnl
FEATURE(`use_ct_file')dnl
diff --git a/cf/m4/proto.m4 b/cf/m4/proto.m4
index 8c460ce..a68ab8d 100644
index 6a7cf1c..fd54e87 100644
--- a/cf/m4/proto.m4
+++ b/cf/m4/proto.m4
@@ -253,6 +253,9 @@ _OPTION(SevenBitInput, `confSEVEN_BIT_INPUT', `False')
@@ -264,6 +264,9 @@ _OPTION(SevenBitInput, `confSEVEN_BIT_INPUT', `False')
# 8-bit data handling
_OPTION(EightBitMode, `confEIGHT_BIT_HANDLING', `pass8')
@ -26,10 +26,10 @@ index 8c460ce..a68ab8d 100644
_OPTION(AliasWait, `confALIAS_WAIT', `5m')
diff --git a/sendmail/conf.c b/sendmail/conf.c
index e9fa42c..fa64b11 100644
index f1bc1b2..ca5dc85 100644
--- a/sendmail/conf.c
+++ b/sendmail/conf.c
@@ -6614,6 +6614,10 @@ char *FFRCompileOptions[] =
@@ -6678,6 +6678,10 @@ char *FFRCompileOptions[] =
/* Check to make sure key fields were read from qf */
"_FFR_QF_PARANOIA",
#endif
@ -41,10 +41,10 @@ index e9fa42c..fa64b11 100644
/* Allow QueueSortOrder per queue group. */
/* XXX: Still need to actually use qgrp->qg_sortorder */
diff --git a/sendmail/daemon.c b/sendmail/daemon.c
index 19a9378..5561cf5 100644
index 5b42e32..c4604f0 100644
--- a/sendmail/daemon.c
+++ b/sendmail/daemon.c
@@ -124,6 +124,10 @@ static int NDaemons = 0; /* actual number of daemons */
@@ -129,6 +129,10 @@ static int NDaemons = 0; /* actual number of daemons */
static time_t NextDiskSpaceCheck = 0;
@ -55,7 +55,7 @@ index 19a9378..5561cf5 100644
/*
** GETREQUESTS -- open mail IPC port and get requests.
**
@@ -1159,6 +1163,16 @@ opendaemonsocket(d, firsttime)
@@ -1173,6 +1177,16 @@ opendaemonsocket(d, firsttime)
(void) setsockopt(d->d_socket, SOL_SOCKET,
SO_KEEPALIVE, (char *)&on, sizeof(on));
@ -72,7 +72,7 @@ index 19a9378..5561cf5 100644
#ifdef SO_RCVBUF
if (d->d_tcprcvbufsize > 0)
{
@@ -2688,6 +2702,16 @@ gothostent:
@@ -2704,6 +2718,16 @@ gothostent:
return EX_TEMPFAIL;
}
@ -90,7 +90,7 @@ index 19a9378..5561cf5 100644
if (ClientSettings[family].d_tcpsndbufsize > 0)
{
diff --git a/sendmail/readcf.c b/sendmail/readcf.c
index e6f6296..adb09da 100644
index 47c9777..bb98dbf 100644
--- a/sendmail/readcf.c
+++ b/sendmail/readcf.c
@@ -24,6 +24,7 @@ SM_RCSID("@(#)$Id: readcf.c,v 8.692 2013-11-22 20:51:56 ca Exp $")
@ -101,7 +101,7 @@ index e6f6296..adb09da 100644
#endif
@@ -2917,8 +2918,8 @@ static struct optioninfo
@@ -2983,8 +2984,8 @@ static struct optioninfo
# define O_RCPTTHROTDELAY 0xe6
{ "BadRcptThrottleDelay", O_RCPTTHROTDELAY, OI_SAFE },
#endif
@ -112,7 +112,7 @@ index e6f6296..adb09da 100644
{ "InetQoS", O_INETQOS, OI_NONE },
#endif
#if STARTTLS && _FFR_FIPSMODE
@@ -2982,6 +2983,77 @@ static struct optioninfo
@@ -3059,6 +3060,77 @@ static struct optioninfo
{ NULL, '\0', OI_NONE }
};
@ -190,9 +190,9 @@ index e6f6296..adb09da 100644
# define CANONIFY(val)
# define SET_OPT_DEFAULT(opt, val) opt = val
@@ -4679,6 +4751,33 @@ setoption(opt, val, safe, sticky, e)
@@ -4795,6 +4867,33 @@ setoption(opt, val, safe, sticky, e)
break;
# endif
#endif
+#ifdef O_INETQOS
+ case O_INETQOS:
@ -225,10 +225,10 @@ index e6f6296..adb09da 100644
if (tTd(37, 1))
{
diff --git a/sendmail/sendmail.h b/sendmail/sendmail.h
index e6cf45d..7f5cf9f 100644
index ae7ed3a..9e34dd9 100644
--- a/sendmail/sendmail.h
+++ b/sendmail/sendmail.h
@@ -2566,6 +2566,15 @@ EXTERN SOCKADDR ConnectOnlyTo; /* override connection address (for testing) */
@@ -2646,6 +2646,15 @@ EXTERN SOCKADDR ConnectOnlyTo; /* override connection address (for testing) */
EXTERN SOCKADDR RealHostAddr; /* address of host we are talking to */
extern const SM_EXC_TYPE_T EtypeQuickAbort; /* type of a QuickAbort exception */

14
sendmail-8.14.8-sasl2-in-etc.patch → backport-sendmail-8.17.1-sasl2-in-etc.patch
View File

@ -1,19 +1,19 @@
diff --git a/sendmail/usersmtp.c b/sendmail/usersmtp.c
index c217ffa..e4dadd3 100644
index 5fe0791..2417558 100644
--- a/sendmail/usersmtp.c
+++ b/sendmail/usersmtp.c
@@ -1331,9 +1331,7 @@ safesaslfile(context, file)
@@ -1374,9 +1374,7 @@ safesaslfile(context, file)
{
long sff;
int r;
-#if SASL <= 10515
-# if SASL <= 10515
size_t len;
-#endif
-# endif
char *p;
if (file == NULL || *file == '\0')
@@ -1369,9 +1367,16 @@ safesaslfile(context, file)
#endif /* SASL <= 10515 */
if (SM_IS_EMPTY(file))
@@ -1414,9 +1414,16 @@ safesaslfile(context, file)
# endif /* SASL <= 10515 */
p = (char *) file;
+ len = strlen(p);

13
backport-sendmail-8.17.1-switchfile.patch Normal file
View File

@ -0,0 +1,13 @@
diff --git a/sendmail/conf.c b/sendmail/conf.c
index e7a9615..f1bc1b2 100644
--- a/sendmail/conf.c
+++ b/sendmail/conf.c
@@ -1044,7 +1044,7 @@ switch_map_find(service, maptype, mapreturn)
if (p != NULL)
*p = '\0';
# ifndef SM_NSSWITCH_DELIMS
-# define SM_NSSWITCH_DELIMS " \t"
+# define SM_NSSWITCH_DELIMS " \t:"
# endif
p = strpbrk(buf, SM_NSSWITCH_DELIMS);
if (p != NULL)

13
sendmail-8.15.2-switchfile.patch
View File

@ -1,13 +0,0 @@
diff --git a/sendmail/conf.c b/sendmail/conf.c
index c73334e..cbb9c76 100644
--- a/sendmail/conf.c
+++ b/sendmail/conf.c
@@ -986,7 +986,7 @@ switch_map_find(service, maptype, mapreturn)
if (p != NULL)
*p = '\0';
#ifndef SM_NSSWITCH_DELIMS
-# define SM_NSSWITCH_DELIMS " \t"
+# define SM_NSSWITCH_DELIMS " \t:"
#endif
p = strpbrk(buf, SM_NSSWITCH_DELIMS);
if (p != NULL)

46
sendmail-8.16.1-dynamic.patch
View File

@ -1,46 +0,0 @@
--- sendmail-8.14.4/devtools/OS/Linux 2010-01-03 22:55:35.000000000 +0100
+++ sendmail-8.14.4/devtools/OS/Linux.dynamic 2010-01-03 22:59:03.000000000 +0100
@@ -7,7 +7,7 @@
define(`confCCOPTS_SO', `-fPIC')
define(`confSM_OS_HEADER', `sm_os_linux')
define(`confMANROOT', `/usr/share/man/man')
-define(`confLIBS', `-ldl')
+define(`confLIBS', `-pie -ldl')
define(`confEBINDIR', `/usr/sbin')
APPENDDEF(`confLIBSEARCH', `crypt nsl')
@@ -22,19 +22,19 @@
ifelse(confBLDVARIANT, `DEBUG',
dnl Debug build
`
- define(`confOPTIMIZE',`-g -Wall')
+ define(`confOPTIMIZE',`-g -Wall -fpie')
',
dnl Optimized build
confBLDVARIANT, `OPTIMIZED',
`
- define(`confOPTIMIZE',`-O2')
+ define(`confOPTIMIZE',`-O2 -fpie')
',
dnl Purify build
confBLDVARIANT, `PURIFY',
`
- define(`confOPTIMIZE',`-g')
+ define(`confOPTIMIZE',`-g -fpie')
',
dnl default
`
- define(`confOPTIMIZE',`-O2')
+ define(`confOPTIMIZE',`-O2 -fpie')
')
--- sendmail-8.14.4/libsm/Makefile.m4 2006-08-16 23:06:31.000000000 +0200
+++ sendmail-8.14.4/libsm/Makefile.m4.dynamic 2010-01-03 23:01:36.000000000 +0100
@@ -6,7 +6,7 @@
define(`confREQUIRE_SM_OS_H', `true')
PREPENDDEF(`confENVDEF', `confMAPDEF')
bldPRODUCT_START(`library', `libsm')
-define(`bldSOURCES', ` assert.c debug.c errstring.c exc.c heap.c match.c rpool.c strdup.c strerror.c strl.c clrerr.c fclose.c feof.c ferror.c fflush.c fget.c fpos.c findfp.c flags.c fopen.c fprintf.c fpurge.c fput.c fread.c fscanf.c fseek.c fvwrite.c fwalk.c fwrite.c get.c makebuf.c put.c refill.c rewind.c setvbuf.c smstdio.c snprintf.c sscanf.c stdio.c strio.c ungetc.c vasprintf.c vfprintf.c vfscanf.c vprintf.c vsnprintf.c wbuf.c wsetup.c string.c stringf.c xtrap.c strto.c test.c strcasecmp.c strrevcmp.c signal.c clock.c config.c shm.c sem.c mbdb.c strexit.c cf.c ldap.c niprop.c mpeix.c memstat.c util.c inet6_ntop.c notify.c ')
+define(`bldSOURCES', ` assert.c debug.c errstring.c exc.c heap.c match.c rpool.c strdup.c strl.c clrerr.c fclose.c feof.c ferror.c fflush.c fget.c fpos.c findfp.c flags.c fopen.c fprintf.c fpurge.c fput.c fread.c fscanf.c fseek.c fvwrite.c fwalk.c fwrite.c get.c makebuf.c put.c refill.c rewind.c setvbuf.c smstdio.c snprintf.c sscanf.c stdio.c strio.c ungetc.c vasprintf.c vfprintf.c vfscanf.c vprintf.c vsnprintf.c wbuf.c wsetup.c string.c stringf.c xtrap.c strto.c test.c strcasecmp.c strrevcmp.c signal.c clock.c config.c shm.c sem.c mbdb.c strexit.c cf.c ldap.c niprop.c mpeix.c memstat.c util.c inet6_ntop.c notify.c ')
bldPRODUCT_END
dnl msg.c
dnl syslogio.c

6
sendmail-redhat.mc
View File

@ -80,8 +80,8 @@ dnl define(`confINET_QOS', `AF11')dnl
dnl FEATURE(delay_checks)dnl
FEATURE(`no_default_msa', `dnl')dnl
FEATURE(`smrsh', `/usr/sbin/smrsh')dnl
FEATURE(`mailertable', `hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable', `hash -o /etc/mail/virtusertable.db')dnl
dnl #FEATURE(`mailertable', `hash -o /etc/mail/mailertable.db')dnl
dnl #FEATURE(`virtusertable', `hash -o /etc/mail/virtusertable.db')dnl
FEATURE(redirect)dnl
FEATURE(always_add_domain)dnl
FEATURE(use_cw_file)dnl
@ -103,7 +103,7 @@ dnl #
dnl # The -t option will retry delivery if e.g. the user runs over his quota.
dnl #
FEATURE(local_procmail, `', `procmail -t -Y -a $h -d $u')dnl
FEATURE(`access_db', `hash -T<TMPF> -o /etc/mail/access.db')dnl
dnl #FEATURE(`access_db', `hash -T<TMPF> -o /etc/mail/access.db')dnl
FEATURE(`blacklist_recipients')dnl
EXPOSED_USER(`root')dnl
dnl #

BIN
sendmail.8.16.1.tar.gz
View File

Binary file not shown.

BIN
sendmail.8.17.1.tar.gz Normal file
View File

Binary file not shown.

1
sendmail.service
View File

@ -13,6 +13,7 @@ EnvironmentFile=-/etc/sysconfig/sendmail
ExecStartPre=-/etc/mail/make
ExecStartPre=-/etc/mail/make aliases
ExecStart=/usr/sbin/sendmail -bd $SENDMAIL_OPTS $SENDMAIL_OPTARG
ExecStartPost=/usr/bin/sleep 0.1
ExecReload=/usr/bin/kill -HUP $MAINPID
# hack to allow async reload to complete, otherwise systemd may signal error
ExecReload=/usr/bin/sleep 2

38
sendmail.spec
View File

@ -1,6 +1,6 @@
Name: sendmail
Version: 8.16.1
Release: 6
Version: 8.17.1
Release: 1
Summary: A classic mail transfer agent from the Unix world
License: Sendmail
URL: http://www.sendmail.org/
@ -34,21 +34,19 @@ Provides: MTA smtpdaemon server(smtp)
Provides: sendmail-cf
Obsoletes: sendmail-cf
Patch0001: sendmail-8.14.4-makemapman.patch
Patch0003: sendmail-8.14.9-pid.patch
Patch0004: sendmail-8.15.1-manpage.patch
Patch0005: sendmail-8.16.1-dynamic.patch
Patch0006: sendmail-8.13.0-cyrus.patch
Patch0007: sendmail-8.16.1-aliases_dir.patch
Patch0009: sendmail-8.14.9-noversion.patch
Patch0010: sendmail-8.15.2-localdomain.patch
Patch0011: sendmail-8.14.3-sharedmilter.patch
Patch0012: sendmail-8.15.2-switchfile.patch
Patch0013: sendmail-8.14.8-sasl2-in-etc.patch
Patch0014: sendmail-8.16.1-qos.patch
Patch0015: sendmail-8.15.2-libmilter-socket-activation.patch
Patch0016: sendmail-8.15.2-openssl-1.1.0-fix.patch
Patch0017: sendmail-8.15.2-format-security.patch
Patch0001: backport-sendmail-8.14.4-makemapman.patch
Patch0002: backport-sendmail-8.14.9-pid.patch
Patch0003: backport-sendmail-8.17.1-manpage.patch
Patch0004: backport-sendmail-8.17.1-dynamic.patch
Patch0005: backport-sendmail-8.13.0-cyrus.patch
Patch0006: backport-sendmail-8.17.1-aliases_dir.patch
Patch0007: backport-sendmail-8.14.9-noversion.patch
Patch0008: backport-sendmail-8.17.1-localdomain.patch
Patch0009: backport-sendmail-8.14.3-sharedmilter.patch
Patch0010: backport-sendmail-8.17.1-switchfile.patch
Patch0011: backport-sendmail-8.17.1-sasl2-in-etc.patch
Patch0012: backport-sendmail-8.17.1-qos.patch
Patch0013: backport-sendmail-8.17.1-libmilter-socket-activation.patch
%description
Sendmail is a general purpose internetwork email routing facility that
@ -469,6 +467,12 @@ exit 0
%changelog
* Mon Mar 21 2022 xihaochen<xihaochen@h-partner.com> - 8.17.1-1
- Type:requirements
- ID:NA
- SUG:NA
- DESC:update sendmail to 8.17.1
* Wed Feb 23 2022 xihaochen<xihaochen@h-partner.com> - 8.16.1-6
- Type:bugfix
- ID:NA