kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

- update to 8.16.1

Browse source
This commit is contained in:
Dirk Meyer 2020-07-05 14:13:41 +00:00
parent 097677fde4
commit 7dca9547aa
Notes: svn2git 2021-03-31 03:12:20 +00:00 
svn path=/head/; revision=541282
15 changed files with 67 additions and 844 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
mail/sendmail/Makefile
View file

@ -1,8 +1,8 @@
# $FreeBSD$
PORTNAME= sendmail
PORTVERSION= 8.15.2
PORTREVISION= 23
PORTVERSION= 8.16.1
PORTREVISION= 0
CATEGORIES= mail
MASTER_SITES= ftp://ftp.sendmail.org/pub/sendmail/
DISTNAME= ${PORTNAME}.${PORTVERSION}
@ -106,9 +106,6 @@ IGNORE= option CYRUSLOOKUP requires option SOCKETMAP
EXTRA_PATCHES+= ${FILESDIR}/cyruslookup.patch
.endif
.endif
.if ${PORT_OPTIONS:MSMTPUTF8}
EXTRA_PATCHES+= ${FILESDIR}/smtputf8.patch
.endif
.if ${PORT_OPTIONS:MTLS}
TLS_SUFFIX?= +tls
CONFLICTS+= sendmail-ldap-8.* sendmail-sasl2-8.*

5
mail/sendmail/distinfo
View file

@ -1,2 +1,3 @@
SHA256 (sendmail.8.15.2.tar.gz) = 24f94b5fd76705f15897a78932a5f2439a32b1a2fdc35769bb1a5f5d9b4db439
SIZE (sendmail.8.15.2.tar.gz) = 2207417
TIMESTAMP = 1593954526
SHA256 (sendmail.8.16.1.tar.gz) = 7886d5dc4b436b86175f32b5b9c7305c80787749847e2909bf99123ecc4e64ba
SIZE (sendmail.8.16.1.tar.gz) = 2236402

4
mail/sendmail/files/patch-FreeBSD
View file

@ -1,6 +1,6 @@
--- devtools/OS/FreeBSD.orig 2014-03-05 00:59:45 UTC
--- devtools/OS/FreeBSD.orig 2020-05-19 19:54:32 UTC
+++ devtools/OS/FreeBSD
@@ -6,7 +6,7 @@ dnl Place personal settings in devtools/
@@ -6,7 +6,7 @@ dnl Place personal settings in devtools/Site/site.conf
define(`confMAPDEF', `-DNEWDB -DNIS -DMAP_REGEX')
define(`confLIBS', `-lutil')

6
mail/sendmail/files/patch-Makefile.m4
View file

@ -1,9 +1,9 @@
--- sendmail/Makefile.m4.orig 2015-06-19 12:59:29 UTC
--- sendmail/Makefile.m4.orig 2020-06-08 08:35:03 UTC
+++ sendmail/Makefile.m4
@@ -7,14 +7,14 @@ bldPRODUCT_START(`executable', `sendmail
@@ -7,14 +7,14 @@ bldPRODUCT_START(`executable', `sendmail')
define(`bldBIN_TYPE', `G')
define(`bldINSTALL_DIR', `')
define(`bldSOURCES', `main.c alias.c arpadate.c bf.c collect.c conf.c control.c convtime.c daemon.c deliver.c domain.c envelope.c err.c headers.c macro.c map.c mci.c milter.c mime.c parseaddr.c queue.c ratectrl.c readcf.c recipient.c sasl.c savemail.c sfsasl.c shmticklib.c sm_resolve.c srvrsmtp.c stab.c stats.c sysexits.c timers.c tls.c trace.c udb.c usersmtp.c util.c version.c ')
define(`bldSOURCES', `main.c alias.c arpadate.c bf.c collect.c conf.c control.c convtime.c daemon.c deliver.c domain.c envelope.c err.c headers.c macro.c map.c mci.c milter.c mime.c parseaddr.c queue.c ratectrl.c readcf.c recipient.c sasl.c savemail.c sfsasl.c shmticklib.c sm_resolve.c srvrsmtp.c stab.c stats.c sysexits.c timers.c tlsh.c tls.c trace.c udb.c usersmtp.c util.c version.c ')
+APPENDDEF(`bldSOURCES',`blacklist.c ')
PREPENDDEF(`confENVDEF', `confMAPDEF')
bldPUSH_SMLIB(`sm')

4
mail/sendmail/files/patch-cfhead.m4
View file

@ -1,6 +1,6 @@
--- cf/m4/cfhead.m4.orig 2015-02-28 00:20:38 UTC
--- cf/m4/cfhead.m4.orig 2020-05-19 19:54:31 UTC
+++ cf/m4/cfhead.m4
@@ -269,7 +269,8 @@ define(`_REC_AUTH_', `$.$?{auth_type}(au
@@ -278,7 +278,8 @@ define(`_REC_AUTH_', `$.$?{auth_type}(authenticated')
define(`_REC_FULL_AUTH_', `$.$?{auth_type}(user=${auth_authen} $?{auth_author}author=${auth_author} $.mech=${auth_type}')
define(`_REC_HDR_', `$?sfrom $s $.$?_($?s$|from $.$_)')
define(`_REC_END_', `for $u; $|;

12
mail/sendmail/files/patch-mail.local.c
View file

@ -1,6 +1,6 @@
--- mail.local/mail.local.c.orig 2014-06-12 17:30:47 UTC
--- mail.local/mail.local.c.orig 2020-04-30 11:52:48 UTC
+++ mail.local/mail.local.c
@@ -153,6 +153,8 @@ int ExitVal = EX_OK; /* sysexits.h erro
@@ -153,6 +153,8 @@ int ExitVal = EX_OK; /* sysexits.h error value. */
bool HoldErrs = false; /* Hold errors in ErrBuf */
bool LMTPMode = false;
bool BounceQuota = false; /* permanent error when over quota */
@ -19,10 +19,10 @@
# if _FFR_SPOOL_PATH
- while ((ch = getopt(argc, argv, "7bdD:f:h:r:lp:")) != -1)
+ while ((ch = getopt(argc, argv, "7bBdD:f:h:r:lsp:")) != -1)
# else /* _FFR_SPOOL_PATH */
# else
- while ((ch = getopt(argc, argv, "7bdD:f:h:r:l")) != -1)
+ while ((ch = getopt(argc, argv, "7bBdD:f:h:r:ls")) != -1)
# endif /* _FFR_SPOOL_PATH */
# endif
#endif /* HASHSPOOL */
{
@@ -249,6 +251,10 @@ main(argc, argv)
@ -89,9 +89,9 @@
# if _FFR_SPOOL_PATH
- mailerr(NULL, "usage: mail.local [-7] [-b] [-d] [-l] [-f from|-r from] [-h filename] [-p path] user ...");
+ mailerr(NULL, "usage: mail.local [-7] [-b] [-B] [-d] [-l] [-s] [-f from|-r from] [-h filename] [-p path] user ...");
# else /* _FFR_SPOOL_PATH */
# else
- mailerr(NULL, "usage: mail.local [-7] [-b] [-d] [-l] [-f from|-r from] [-h filename] user ...");
+ mailerr(NULL, "usage: mail.local [-7] [-b] [-B] [-d] [-l] [-s] [-f from|-r from] [-h filename] user ...");
# endif /* _FFR_SPOOL_PATH */
# endif
sm_exit(ExitVal);
}

20
mail/sendmail/files/patch-readcf.c
View file

@ -1,26 +1,26 @@
--- sendmail/readcf.c.orig 2015-06-17 16:51:58 UTC
--- sendmail/readcf.c.orig 2020-06-02 09:41:43 UTC
+++ sendmail/readcf.c
@@ -2910,6 +2910,10 @@ static struct optioninfo
@@ -2979,6 +2979,10 @@ static struct optioninfo
{ "SetCertAltnames", O_CHECKALTNAMES, OI_NONE },
#endif
#define O_USECOMPRESSEDIPV6ADDRESSES 0xec
{ "UseCompressedIPv6Addresses", O_USECOMPRESSEDIPV6ADDRESSES, OI_NONE },
+#if USE_BLACKLIST
+# define O_BLACKLIST 0xf2
+ { "UseBlacklist", O_BLACKLIST, OI_NONE },
+#endif
{ NULL, '\0', OI_NONE }
};
@@ -4540,6 +4544,12 @@ setoption(opt, val, safe, sticky, e)
UseCompressedIPv6Addresses = atobool(val);
break;
@@ -4678,6 +4682,12 @@ setoption(opt, val, safe, sticky, e)
SetCertAltnames = atobool(val);
break;
# endif
+
+#if USE_BLACKLIST
+ case O_BLACKLIST:
+ UseBlacklist = atobool(val);
+ break;
+#endif
+
default:
if (tTd(37, 1))
{

16
mail/sendmail/files/patch-sendmail.h
View file

@ -1,7 +1,7 @@
--- sendmail/sendmail.h.orig 2015-06-19 12:59:29 UTC
--- sendmail/sendmail.h.orig 2020-07-02 05:00:37 UTC
+++ sendmail/sendmail.h
@@ -57,6 +57,10 @@ SM_UNUSED(static char SmailId[]) = "@(#)
#endif /* _DEFINE */
@@ -63,6 +63,10 @@ SM_UNUSED(static char SmailId[]) = "@(#)$Id: sendmail.
#endif
#include "bf.h"
+#if USE_BLACKLIST
@ -11,14 +11,14 @@
#include "timers.h"
#include <sm/exc.h>
#include <sm/heap.h>
@@ -2544,6 +2548,10 @@ EXTERN int ConnectionRateWindowSize;
EXTERN bool SSLEngineInitialized;
#endif /* STARTTLS && USE_OPENSSL_ENGINE */
@@ -2575,6 +2579,10 @@ EXTERN int Hacks; /* bit field of run-time enabled "ha
#endif
EXTERN int ConnectionRateWindowSize;
+
+#if USE_BLACKLIST
+EXTERN bool UseBlacklist;
+#endif
+
/*
** Declarations of useful functions
*/

14
mail/sendmail/files/patch-sm_os_freebsd.h
View file

@ -1,14 +0,0 @@
--- include/sm/os/sm_os_freebsd.h.orig 2014-03-05 00:59:45 UTC
+++ include/sm/os/sm_os_freebsd.h
@@ -34,7 +34,11 @@
# define SM_CONF_SHM 1
#endif /* SM_CONF_SHM */
#ifndef SM_CONF_SEM
+#if __FreeBSD_version < 1200059
# define SM_CONF_SEM 1
+#else
+# define SM_CONF_SEM 2
+#endif
#endif /* SM_CONF_SEM */
#ifndef SM_CONF_MSG
# define SM_CONF_MSG 1

4
mail/sendmail/files/patch-smrsh.8
View file

@ -1,4 +1,4 @@
--- smrsh/smrsh.8.orig 2014-03-05 00:59:45 UTC
--- smrsh/smrsh.8.orig 2020-05-19 19:54:33 UTC
+++ smrsh/smrsh.8
@@ -39,7 +39,7 @@ Briefly,
.I smrsh
@ -9,7 +9,7 @@
allowing the system administrator to choose the set of acceptable commands,
and to the shell builtin commands ``exec'', ``exit'', and ``echo''.
It also rejects any commands with the characters
@@ -50,13 +50,12 @@ It allows ``||'' and ``&&'' to enable co
@@ -50,13 +50,12 @@ It allows ``||'' and ``&&'' to enable commands like:
``"|exec /usr/local/bin/filter || exit 75"''
.PP
Initial pathnames on programs are stripped,

50
mail/sendmail/files/patch-srvrsmtp.c
View file

@ -1,16 +1,16 @@
--- sendmail/srvrsmtp.c.orig 2015-03-18 11:47:12 UTC
--- sendmail/srvrsmtp.c.orig 2020-06-08 08:35:03 UTC
+++ sendmail/srvrsmtp.c
@@ -831,6 +831,9 @@ smtp(nullserver, d_flags, e)
@@ -906,6 +906,9 @@ smtp(nullserver, d_flags, e)
#if _FFR_BADRCPT_SHUTDOWN
int n_badrcpts_adj;
#endif /* _FFR_BADRCPT_SHUTDOWN */
#endif
+#ifdef USE_BLACKLIST
+ int saved_bl_fd;
+#endif
RESET_AUTH_FAIL_LOG_USER;
SevenBitInput_Saved = SevenBitInput;
smtp.sm_nrcpts = 0;
@@ -1328,6 +1331,7 @@ smtp(nullserver, d_flags, e)
@@ -1408,6 +1411,7 @@ smtp(nullserver, d_flags, e)
(int) tp.tv_sec +
(tp.tv_usec >= 500000 ? 1 : 0)
);
@ -18,7 +18,7 @@
}
}
}
@@ -1421,6 +1425,10 @@ smtp(nullserver, d_flags, e)
@@ -1510,6 +1514,10 @@ smtp(nullserver, d_flags, e)
SmtpPhase = "server cmd read";
sm_setproctitle(true, e, "server %s cmd read", CurSmtpClient);
@ -29,19 +29,19 @@
/* handle errors */
if (sm_io_error(OutChannel) ||
(p = sfgets(inp, sizeof(inp), InChannel,
@@ -1721,8 +1729,11 @@ smtp(nullserver, d_flags, e)
}
else
{
+ int fd;
/* not SASL_OK or SASL_CONT */
message("535 5.7.0 authentication failed");
+ fd = sm_io_getinfo(InChannel, SM_IO_WHAT_FD, NULL);
+ BLACKLIST_NOTIFY(BLACKLIST_AUTH_FAIL, fd, "AUTH FAIL");
if (LogLevel > 9)
sm_syslog(LOG_WARNING, e->e_id,
"AUTH failure (%s): %s (%d) %s, relay=%.100s",
@@ -1867,6 +1878,9 @@ smtp(nullserver, d_flags, e)
@@ -1823,8 +1831,11 @@ smtp(nullserver, d_flags, e)
#define LOGAUTHFAIL \
do \
{ \
+ int fd; \
SET_AUTH_USER_CONDITIONALLY \
message("535 5.7.0 authentication failed"); \
+ fd = sm_io_getinfo(InChannel, SM_IO_WHAT_FD, NULL); \
+ BLACKLIST_NOTIFY(BLACKLIST_AUTH_FAIL, fd, "AUTH FAIL"); \
if (LogLevel >= 9) \
sm_syslog(LOG_WARNING, e->e_id, \
"AUTH failure (%s): %s (%d) %s%s%.*s, relay=%.100s", \
@@ -1974,6 +1985,9 @@ smtp(nullserver, d_flags, e)
DELAY_CONN("AUTH");
if (!sasl_ok || n_mechs <= 0)
{
@ -51,7 +51,7 @@
message("503 5.3.3 AUTH not available");
break;
}
@@ -3462,10 +3476,17 @@ doquit:
@@ -3602,10 +3616,17 @@ doquit:
** timeouts for the same connection.
*/
@ -69,7 +69,7 @@
if (tTd(93, 100))
{
/* return to handle next connection */
@@ -3523,7 +3544,10 @@ doquit:
@@ -3663,7 +3684,10 @@ doquit:
#if MAXBADCOMMANDS > 0
if (++n_badcmds > MAXBADCOMMANDS)
{
@ -80,13 +80,13 @@
message("421 4.7.0 %s Too many bad commands; closing connection",
MyHostName);
@@ -3575,6 +3599,9 @@ doquit:
@@ -3714,6 +3738,9 @@ doquit:
}
#if SASL
}
#endif /* SASL */
+#endif
+#ifdef USE_BLACKLIST
+ close(saved_bl_fd);
+#endif
#endif
}
SM_EXCEPT(exc, "[!F]*")
{

161
mail/sendmail/files/patch-tls.c
View file

@ -1,161 +0,0 @@
--- sendmail/tls.c.orig 2015-06-20 01:37:28 UTC
+++ sendmail/tls.c
@@ -16,6 +16,9 @@ SM_RCSID("@(#)$Id: tls.c,v 8.127 2013-11-27 02:51:11 g
# include <openssl/err.h>
# include <openssl/bio.h>
# include <openssl/pem.h>
+# if !NO_DH
+# include <openssl/dh.h>
+# endif /* !NO_DH */
# ifndef HASURANDOMDEV
# include <openssl/rand.h>
# endif /* ! HASURANDOMDEV */
@@ -44,6 +47,23 @@ static bool tls_safe_f __P((char *, long, bool));
static int tls_verify_log __P((int, X509_STORE_CTX *, const char *));
# if !NO_DH
+# if !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100001L || \
+ (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20700000L)
+static int
+DH_set0_pqg(dh, p, q, g)
+ DH *dh;
+ BIGNUM *p;
+ BIGNUM *q;
+ BIGNUM *g;
+{
+ dh->p=p;
+ if (q != NULL)
+ dh->q=q;
+ dh->g=g;
+ return 1; /* success */
+}
+# endif /* !defined() || OPENSSL_VERSION_NUMBER < 0x00907000L */
+
static DH *get_dh512 __P((void));
static unsigned char dh512_p[] =
@@ -64,13 +84,17 @@ static DH *
get_dh512()
{
DH *dh = NULL;
+ BIGNUM *dhp_bn, *dhg_bn;
if ((dh = DH_new()) == NULL)
return NULL;
- dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
- dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
- if ((dh->p == NULL) || (dh->g == NULL))
+ dhp_bn = BN_bin2bn(dh512_p, sizeof (dh512_p), NULL);
+ dhg_bn = BN_bin2bn(dh512_g, sizeof (dh512_g), NULL);
+ if ((dhp_bn == NULL) || (dhg_bn == NULL) || !DH_set0_pqg(dh, dhp_bn, NULL, dhg_bn))
+ {
+ DH_free(dh);
return NULL;
+ }
return dh;
}
@@ -117,15 +141,16 @@ get_dh2048()
};
static unsigned char dh2048_g[]={ 0x02, };
DH *dh;
+ BIGNUM *dhp_bn, *dhg_bn;
if ((dh=DH_new()) == NULL)
return(NULL);
- dh->p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL);
- dh->g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL);
- if ((dh->p == NULL) || (dh->g == NULL))
+ dhp_bn = BN_bin2bn(dh2048_p, sizeof (dh2048_p), NULL);
+ dhg_bn = BN_bin2bn(dh2048_g, sizeof (dh2048_g), NULL);
+ if ((dhp_bn == NULL) || (dhg_bn == NULL) || !DH_set0_pqg(dh, dhp_bn, NULL, dhg_bn))
{
DH_free(dh);
- return(NULL);
+ return NULL;
}
return(dh);
}
@@ -708,6 +733,29 @@ load_certkey(ssl, srv, certfile, keyfile)
static char server_session_id_context[] = "sendmail8";
+# if !TLS_NO_RSA
+static RSA *
+sm_RSA_generate_key(num, e)
+ int num;
+ unsigned long e;
+{
+ RSA *rsa = NULL;
+ BIGNUM *bn_rsa_r4;
+
+ bn_rsa_r4 = BN_new();
+ if ((bn_rsa_r4 != NULL) && BN_set_word(bn_rsa_r4, e) && (rsa = RSA_new()) != NULL)
+ {
+ if (!RSA_generate_key_ex(rsa, num, bn_rsa_r4, NULL))
+ {
+ RSA_free(rsa);
+ rsa = NULL;
+ }
+ }
+ BN_free(bn_rsa_r4);
+ return rsa;
+}
+# endif /* !TLS_NO_RSA */
+
/* 0.9.8a and b have a problem with SSL_OP_TLS_BLOCK_PADDING_BUG */
#if (OPENSSL_VERSION_NUMBER >= 0x0090800fL)
# define SM_SSL_OP_TLS_BLOCK_PADDING_BUG 1
@@ -926,7 +974,7 @@ inittls(ctx, req, options, srv, certfile, keyfile, cac
{
/* get a pointer to the current certificate validation store */
store = SSL_CTX_get_cert_store(*ctx); /* does not fail */
- crl_file = BIO_new(BIO_s_file_internal());
+ crl_file = BIO_new(BIO_s_file());
if (crl_file != NULL)
{
if (BIO_read_filename(crl_file, CRLFile) >= 0)
@@ -1003,8 +1051,7 @@ inittls(ctx, req, options, srv, certfile, keyfile, cac
if (bitset(TLS_I_RSA_TMP, req)
# if SM_CONF_SHM
&& ShmId != SM_SHM_NO_ID &&
- (rsa_tmp = RSA_generate_key(RSA_KEYLENGTH, RSA_F4, NULL,
- NULL)) == NULL
+ (rsa_tmp = sm_RSA_generate_key(RSA_KEYLENGTH, RSA_F4)) == NULL
# else /* SM_CONF_SHM */
&& 0 /* no shared memory: no need to generate key now */
# endif /* SM_CONF_SHM */
@@ -1209,9 +1256,10 @@ inittls(ctx, req, options, srv, certfile, keyfile, cac
if (tTd(96, 2))
sm_dprintf("inittls: Generating %d bit DH parameters\n", bits);
+ dsa=DSA_new();
/* this takes a while! */
- dsa = DSA_generate_parameters(bits, NULL, 0, NULL,
- NULL, 0, NULL);
+ (void)DSA_generate_parameters_ex(dsa, bits, NULL, 0,
+ NULL, NULL, NULL);
dh = DSA_dup_DH(dsa);
DSA_free(dsa);
}
@@ -1744,7 +1792,7 @@ tmp_rsa_key(s, export, keylength)
if (rsa_tmp != NULL)
RSA_free(rsa_tmp);
- rsa_tmp = RSA_generate_key(RSA_KEYLENGTH, RSA_F4, NULL, NULL);
+ rsa_tmp = sm_RSA_generate_key(RSA_KEYLENGTH, RSA_F4);
if (rsa_tmp == NULL)
{
if (LogLevel > 0)
@@ -1971,9 +2019,9 @@ x509_verify_cb(ok, ctx)
{
if (LogLevel > 13)
tls_verify_log(ok, ctx, "x509");
- if (ctx->error == X509_V_ERR_UNABLE_TO_GET_CRL)
+ if (X509_STORE_CTX_get_error(ctx) == X509_V_ERR_UNABLE_TO_GET_CRL)
{
- ctx->error = 0;
+ X509_STORE_CTX_set_error(ctx, 0);
return 1; /* override it */
}
}

6
mail/sendmail/files/patch-usersmtp.c
View file

@ -1,6 +1,6 @@
--- sendmail/usersmtp.c.orig 2014-12-05 15:42:28 UTC
--- sendmail/usersmtp.c.orig 2020-06-03 05:48:46 UTC
+++ sendmail/usersmtp.c
@@ -1825,6 +1825,9 @@ attemptauth(m, mci, e, sai)
@@ -1842,6 +1842,9 @@ attemptauth(m, mci, e, sai)
if (saslresult != SASL_OK && saslresult != SASL_CONTINUE)
{
@ -10,7 +10,7 @@
if (tTd(95, 5))
sm_dprintf("AUTH FAIL=%s (%d)\n",
sasl_errstring(saslresult, NULL, NULL),
@@ -1970,9 +1973,11 @@ smtpauth(m, mci, e)
@@ -1987,9 +1990,11 @@ smtpauth(m, mci, e)
do
{
result = attemptauth(m, mci, e, &(mci->mci_sai));

2
mail/sendmail/files/site.config.m4.tls
View file

@ -1,2 +1,2 @@
APPENDDEF(`conf_sendmail_ENVDEF', `-DSTARTTLS -D_FFR_TLS_EC -D_FFR_TLS_SE_OPTS')
APPENDDEF(`conf_sendmail_ENVDEF', `-DSTARTTLS -DTLS_EC')
APPENDDEF(`conf_sendmail_LIBS', `-lssl -lcrypto')

600
mail/sendmail/files/smtputf8.patch
View file

@ -1,600 +0,0 @@
diff --git a/sendmail/conf.c b/sendmail/conf.c
index c73334e..28328e6 100644
--- sendmail/conf.c.orig
+++ sendmail/conf.c
@@ -314,6 +314,9 @@ setdefaults(e)
e->e_xfqgrp = NOQGRP;
e->e_xfqdir = NOQDIR;
e->e_ctime = curtime();
+#if _FFR_EAI
+ e->e_smtputf8 = false;
+#endif
SevenBitInput = false; /* option 7 */
MaxMciCache = 1; /* option k */
MciCacheTimeout = 5 MINUTES; /* option K */
@@ -5746,6 +5749,9 @@ char *CompileOptions[] =
"DNSMAP",
# endif
#endif
+#if _FFR_EAI
+ "EAI",
+#endif
#if EGD
"EGD",
#endif
@@ -6590,3 +6596,6 @@ char *FFRCompileOptions[] =
NULL
};
+#if _FFR_EAI && _FFR_EIGHT_BIT_ADDR_OK
+#error "Cannot enable both of these FFRs"
+#endif
diff --git a/sendmail/domain.c b/sendmail/domain.c
index 4d1b92d..adaa6ac 100644
--- sendmail/domain.c.orig
+++ sendmail/domain.c
@@ -13,6 +13,9 @@
#include <sendmail.h>
#include "map.h"
+#if _FFR_EAI
+#include <unicode/uidna.h>
+#endif
#if NAMED_BIND
SM_RCSID("@(#)$Id: domain.c,v 8.205 2013-11-22 20:51:55 ca Exp $ (with name server)")
@@ -236,6 +239,26 @@ getmxrr(host, mxhosts, mxprefs, droplocalhost, rcode, tryfallback, pttl)
if (host[0] == '[')
goto punt;
+#if _FFR_EAI
+ if (!addr_is_ascii(host))
+ {
+ char buf[1024];
+ UErrorCode error = U_ZERO_ERROR;
+ UIDNAInfo info = UIDNA_INFO_INITIALIZER;
+ UIDNA *idna;
+ int anl;
+
+ idna = uidna_openUTS46(UIDNA_NONTRANSITIONAL_TO_ASCII, &error);
+ anl = uidna_nameToASCII_UTF8(idna,
+ host, strlen(host),
+ buf, sizeof(buf) - 1,
+ &info,
+ &error);
+ uidna_close(idna);
+ host = sm_rpool_strdup_x(CurEnv->e_rpool, buf);
+ }
+#endif /* _FFR_EAI */
+
/*
** If we don't have MX records in our host switch, don't
** try for MX records. Note that this really isn't "right",
diff --git a/sendmail/err.c b/sendmail/err.c
index 0594eb9..67d0d09 100644
--- sendmail/err.c.orig
+++ sendmail/err.c
@@ -1010,15 +1010,23 @@ fmtmsg(eb, to, num, enhsc, eno, fmt, ap)
(void) sm_strlcpyn(eb, spaceleft, 2,
shortenstring(to, MAXSHORTSTR), "... ");
spaceleft -= strlen(eb);
+#if _FFR_EAI
+ eb += strlen(eb);
+#else
while (*eb != '\0')
*eb++ &= 0177;
+#endif
}
/* output the message */
(void) sm_vsnprintf(eb, spaceleft, fmt, ap);
spaceleft -= strlen(eb);
+#if _FFR_EAI
+ eb += strlen(eb);
+#else
while (*eb != '\0')
*eb++ &= 0177;
+#endif
/* output the error code, if any */
if (eno != 0)
diff --git a/sendmail/main.c b/sendmail/main.c
index 38eebbf..43e17a5 100644
--- sendmail/main.c.orig
+++ sendmail/main.c
@@ -1854,6 +1854,9 @@ main(argc, argv, envp)
/* MIME message/xxx subtypes that can be treated as messages */
setclass('s', "rfc822");
+#ifdef _FFR_EAI
+ setclass('s', "global");
+#endif
/* MIME Content-Transfer-Encodings that can be encoded */
setclass('e', "7bit");
diff --git a/sendmail/parseaddr.c b/sendmail/parseaddr.c
index 2adb39c..9ab0729 100644
--- sendmail/parseaddr.c.orig
+++ sendmail/parseaddr.c
@@ -273,12 +273,14 @@ invalidaddr(addr, delimptr, isrcpt)
}
for (; *addr != '\0'; addr++)
{
+#ifndef _FFR_EAI
if (!EightBitAddrOK && (*addr & 0340) == 0200)
{
setstat(EX_USAGE);
result = true;
*addr = BAD_CHAR_REPLACEMENT;
}
+#endif
if (++len > MAXNAME - 1)
{
char saved = *addr;
@@ -350,7 +352,7 @@ hasctrlchar(addr, isrcpt, complain)
}
result = "too long";
}
- if (!EightBitAddrOK && !quoted && (*addr < 32 || *addr == 127))
+ if (!quoted && ((unsigned char)*addr < 32 || *addr == 127))
{
result = "non-printable character";
*addr = BAD_CHAR_REPLACEMENT;
@@ -368,6 +370,7 @@ hasctrlchar(addr, isrcpt, complain)
break;
}
}
+#ifndef _FFR_EAI
if (!EightBitAddrOK && (*addr & 0340) == 0200)
{
setstat(EX_USAGE);
@@ -375,6 +378,7 @@ hasctrlchar(addr, isrcpt, complain)
*addr = BAD_CHAR_REPLACEMENT;
continue;
}
+#endif
}
if (quoted)
result = "unbalanced quote"; /* unbalanced quote */
diff --git a/sendmail/queue.c b/sendmail/queue.c
index a323301..95344d3 100644
--- sendmail/queue.c.orig
+++ sendmail/queue.c
@@ -665,6 +665,10 @@ queueup(e, announce, msync)
*p++ = 'n';
if (bitset(EF_SPLIT, e->e_flags))
*p++ = 's';
+#if _FFR_EAI
+ if (e->e_smtputf8)
+ *p++ = 'e';
+#endif
*p++ = '\0';
if (buf[0] != '\0')
(void) sm_io_fprintf(tfp, SM_TIME_DEFAULT, "F%s\n", buf);
@@ -4285,6 +4289,12 @@ readqf(e, openonly)
case 'w': /* warning sent */
e->e_flags |= EF_WARNING;
break;
+
+#if _FFR_EAI
+ case 'e': /* message requires EAI */
+ e->e_smtputf8 = true;
+ break;
+#endif /* _FFR_EAI */
}
}
break;
@@ -4550,6 +4560,23 @@ readqf(e, openonly)
/* other checks? */
#endif /* _FFR_QF_PARANOIA */
+#if _FFR_EAI
+ /*
+ ** If this message originates from something other than
+ ** srvrsmtp.c, then it might use UTF8 addresses but not be
+ ** marked. We'll just add the mark so we're sure that it
+ ** either can be delivered or will be returned.
+ */
+ if (!e->e_smtputf8) {
+ ADDRESS *q;
+ for (q = e->e_sendqueue; q != NULL; q = q->q_next)
+ if (!addr_is_ascii(q->q_paddr) && !e->e_smtputf8)
+ e->e_smtputf8 = true;
+ if (!addr_is_ascii(e->e_from.q_paddr) && !e->e_smtputf8)
+ e->e_smtputf8 = true;
+ }
+#endif /* _FFR_EAI */
+
/* possibly set ${dsn_ret} macro */
if (bitset(EF_RET_PARAM, e->e_flags))
{
diff --git a/sendmail/recipient.c b/sendmail/recipient.c
index 3fad957..09eac64 100644
--- sendmail/recipient.c.orig
+++ sendmail/recipient.c
@@ -508,6 +508,11 @@ recipient(new, sendq, aliaslevel, e)
p = e->e_from.q_mailer->m_addrtype;
if (p == NULL)
p = "rfc822";
+#ifdef _FFR_EAI
+ if (sm_strcasecmp(p, "rfc822") == 0 &&
+ !addr_is_ascii(q->q_user))
+ p = "utf-8";
+#endif
if (sm_strcasecmp(p, "rfc822") != 0)
{
(void) sm_snprintf(frbuf, sizeof(frbuf), "%s; %.800s",
diff --git a/sendmail/savemail.c b/sendmail/savemail.c
index 6de8f2f..8a9df36 100644
--- sendmail/savemail.c.orig
+++ sendmail/savemail.c
@@ -744,6 +744,34 @@ returntosender(msg, returnq, flags, e)
return ret;
}
+
+/*
+** DSNTYPENAME -- Returns the DSN name of the addrtype for this address
+**
+** Sendmail's addrtypes are largely in different universes, and
+** 'fred' may be a valid address in different addrtype
+** universes.
+**
+** EAI extends the rfc822 universe rather than introduce a new
+** universe. Because of that, sendmail uses the rfc822 addrtype,
+** but names it utf-8 when the EAI DSN extension requires that.
+*/
+
+const char *
+dsntypename(addrtype, addr)
+ const char * addrtype;
+ const char * addr;
+{
+ if (sm_strcasecmp(addrtype, "rfc822") != 0)
+ return addrtype;
+#ifdef _FFR_EAI
+ if (!addr_is_ascii(addr))
+ return "utf-8";
+#endif
+ return "rfc822";
+}
+
+
/*
** ERRBODY -- output the body of an error message.
**
@@ -1082,7 +1110,13 @@ errbody(mci, e, separator)
(void) sm_strlcpyn(buf, sizeof(buf), 2, "--", e->e_msgboundary);
if (!putline("", mci) ||
!putline(buf, mci) ||
+#ifdef _FFR_EAI
+ !putline(e->e_parent->e_smtputf8
+ ? "Content-Type: message/global-delivery-status"
+ : "Content-Type: message/delivery-status", mci) ||
+#else
!putline("Content-Type: message/delivery-status", mci) ||
+#endif
!putline("", mci))
goto writeerr;
@@ -1223,7 +1257,8 @@ errbody(mci, e, separator)
(void) sm_snprintf(actual,
sizeof(actual),
"%s; %.700s@%.100s",
- p, q->q_user,
+ dsntypename(p, q->q_user),
+ q->q_user,
MyHostName);
}
else
@@ -1231,7 +1266,8 @@ errbody(mci, e, separator)
(void) sm_snprintf(actual,
sizeof(actual),
"%s; %.800s",
- p, q->q_user);
+ dsntypename(p, q->q_user),
+ q->q_user);
}
}
@@ -1248,6 +1284,21 @@ errbody(mci, e, separator)
actual);
}
+#ifdef _FFR_EAI
+ if (sm_strncasecmp("rfc822;", q->q_finalrcpt, 7) == 0 &&
+ !addr_is_ascii(q->q_user)) {
+ char utf8rcpt[1024];
+ char * a;
+ a = strchr(q->q_finalrcpt, ';');
+ while(*a == ';' || *a == ' ')
+ a++;
+ sm_snprintf(utf8rcpt, 1023,
+ "utf-8; %.800s", a);
+ q->q_finalrcpt = sm_rpool_strdup_x(e->e_rpool,
+ utf8rcpt);
+ }
+#endif
+
if (q->q_finalrcpt != NULL)
{
(void) sm_snprintf(buf, sizeof(buf),
@@ -1373,9 +1424,21 @@ errbody(mci, e, separator)
if (!putline(buf, mci))
goto writeerr;
+#ifdef _FFR_EAI
+ if (e->e_parent->e_smtputf8)
+ (void) sm_strlcpyn(buf, sizeof(buf), 2,
+ "Content-Type: message/global",
+ sendbody ? "" : "-headers");
+ else
+ (void) sm_strlcpyn(buf, sizeof(buf), 2,
+ "Content-Type: ",
+ sendbody ? "message/rfc822"
+ : "text/rfc822-headers");
+#else
(void) sm_strlcpyn(buf, sizeof(buf), 2, "Content-Type: ",
sendbody ? "message/rfc822"
: "text/rfc822-headers");
+#endif
if (!putline(buf, mci))
goto writeerr;
diff --git a/sendmail/sendmail.h b/sendmail/sendmail.h
index b2d0211..63a2378 100644
--- sendmail/sendmail.h.orig
+++ sendmail/sendmail.h
@@ -781,8 +781,13 @@ MCI
#else
# define MCIF_NOTSTICKY 0
#endif
+#if _FFR_EAI
+#define MCIF_EAI 0x40000000 /* SMTPUTF8 supported */
+#else
+#define MCIF_EAI 0x00000000 /* for MCIF_EXTENS */
+#endif /* _FFR_EAI */
-#define MCIF_EXTENS (MCIF_EXPN | MCIF_SIZE | MCIF_8BITMIME | MCIF_DSN | MCIF_8BITOK | MCIF_AUTH | MCIF_ENHSTAT | MCIF_TLS | MCIF_AUTH2)
+#define MCIF_EXTENS (MCIF_EXPN | MCIF_SIZE | MCIF_8BITMIME | MCIF_DSN | MCIF_8BITOK | MCIF_AUTH | MCIF_ENHSTAT | MCIF_TLS | MCIF_AUTH2 | MCIF_EAI)
/* states */
#define MCIS_CLOSED 0 /* no traffic on this connection */
@@ -921,6 +926,9 @@ struct envelope
ADDRESS e_from; /* the person it is from */
char *e_sender; /* e_from.q_paddr w comments stripped */
char **e_fromdomain; /* the domain part of the sender */
+#if _FFR_EAI
+ bool e_smtputf8; /* whether the sender demanded SMTPUTF8 */
+#endif
ADDRESS *e_sendqueue; /* list of message recipients */
ADDRESS *e_errorqueue; /* the queue for error responses */
@@ -1928,6 +1936,9 @@ struct termescape
#define D_CANONREQ 'c' /* canonification required (cf) */
#define D_IFNHELO 'h' /* use if name for HELO */
#define D_FQMAIL 'f' /* fq sender address required (cf) */
+#if _FFR_EAI
+#define D_EAI 'I' /* EAI supported */
+#endif
#define D_FQRCPT 'r' /* fq recipient address required (cf) */
#define D_SMTPS 's' /* SMTP over SSL (smtps) */
#define D_UNQUALOK 'u' /* unqualified address is ok (cf) */
@@ -2355,7 +2366,7 @@ EXTERN bool ForkQueueRuns; /* fork for each job when running the queue */
EXTERN bool FromFlag; /* if set, "From" person is explicit */
EXTERN bool FipsMode;
EXTERN bool GrabTo; /* if set, get recipients from msg */
-EXTERN bool EightBitAddrOK; /* we'll let 8-bit addresses through */
+EXTERN bool EightBitAddrOK; /* we'll let 8-bit addresses through */
EXTERN bool HasEightBits; /* has at least one eight bit input byte */
EXTERN bool HasWildcardMX; /* don't use MX records when canonifying */
EXTERN bool HoldErrs; /* only output errors to transcript */
@@ -2855,6 +2866,10 @@ extern bool xtextok __P((char *));
extern int xunlink __P((char *));
extern char *xuntextify __P((char *));
+#if _FFR_EAI
+extern bool addr_is_ascii __P((const char *));
+#endif
+
#if _FFR_RCPTFLAGS
extern bool newmodmailer __P((ADDRESS *, int));
#endif
diff --git a/sendmail/srvrsmtp.c b/sendmail/srvrsmtp.c
index b05348d..91e6956 100644
--- sendmail/srvrsmtp.c.orig
+++ sendmail/srvrsmtp.c
@@ -65,6 +65,9 @@ static bool NotFirstDelivery = false;
#define SRV_REQ_AUTH 0x0400 /* require AUTH */
#define SRV_REQ_SEC 0x0800 /* require security - equiv to AuthOptions=p */
#define SRV_TMP_FAIL 0x1000 /* ruleset caused a temporary failure */
+#if _FFR_EAI
+# define SRV_OFFER_EAI 0x2000 /* offer SMTPUTF* */
+#endif
static unsigned int srvfeatures __P((ENVELOPE *, char *, unsigned int));
@@ -122,6 +125,29 @@ extern ENVELOPE BlankEnvelope;
#define SKIP_SPACE(s) while (isascii(*s) && isspace(*s)) \
(s)++
+#if _FFR_EAI
+/*
+** ADDR_IS_ASCII -- check whether an address is 100% printable ASCII
+**
+** Parameters:
+** a -- an address (or other string)
+**
+** Returns:
+** TRUE if a is non-NULL and points to only printable ASCII
+** FALSE if a is NULL and points to printable ASCII
+** FALSE if a is non-NULL and points to something containing 8-bittery
+*/
+
+bool
+addr_is_ascii(a)
+ const char * a;
+{
+ while (a != NULL && *a != '\0' && *a >= ' ' && (unsigned char)*a < 127)
+ a++;
+ return (a != NULL && *a == '\0');
+}
+#endif
+
/*
** PARSE_ESMTP_ARGS -- parse EMSTP arguments (for MAIL, RCPT)
**
@@ -722,10 +748,21 @@ do \
#else
# define auth_active false
#endif
+#ifdef _FFR_EAI
+#define GET_PROTOCOL() \
+ (e->e_smtputf8 \
+ ? (auth_active \
+ ? (tls_active ? "UTF8SMTPSA" : "UTF8SMTPA") \
+ : (tls_active ? "UTF8SMTPS" : "UTF8SMTP")) \
+ : (auth_active \
+ ? (tls_active ? "ESMTPSA" : "ESMTPA") \
+ : (tls_active ? "ESMTPS" : "ESMTP")))
+#else
#define GET_PROTOCOL() \
(auth_active \
? (tls_active ? "ESMTPSA" : "ESMTPA") \
: (tls_active ? "ESMTPS" : "ESMTP"))
+#endif
static bool SevenBitInput_Saved; /* saved version of SevenBitInput */
@@ -898,6 +935,9 @@ smtp(nullserver, d_flags, e)
| (bitset(TLS_I_NO_VRFY, TLS_Srv_Opts) ? SRV_NONE
: SRV_VRFY_CLT)
#endif /* STARTTLS */
+#if _FFR_EAI
+ | SRV_OFFER_EAI
+#endif /* _FFR_EAI */
;
if (nullserver == NULL)
{
@@ -2523,6 +2563,10 @@ smtp(nullserver, d_flags, e)
if (SendMIMEErrors && bitset(SRV_OFFER_DSN, features))
message("250-DSN");
#endif /* DSN */
+#if _FFR_EAI
+ if (bitset(SRV_OFFER_EAI, features))
+ message("250-SMTPUTF8");
+#endif /* _FFR_EAI */
if (bitset(SRV_OFFER_ETRN, features))
message("250-ETRN");
#if SASL
@@ -2696,6 +2740,18 @@ smtp(nullserver, d_flags, e)
if (Errors > 0)
sm_exc_raisenew_x(&EtypeQuickAbort, 1);
+#if _FFR_EAI
+ if (e->e_smtputf8) {
+ protocol = GET_PROTOCOL();
+ macdefine(&e->e_macro, A_PERM, 'r', protocol);
+ }
+ /* UTF8 addresses are only legal with SMTPUTF8 */
+ if (!e->e_smtputf8 && !addr_is_ascii(e->e_from.q_paddr)) {
+ usrerr("553 5.6.7 That address requires SMTPUTF8");
+ sm_exc_raisenew_x(&EtypeQuickAbort, 1);
+ }
+#endif
+
#if SASL
# if _FFR_AUTH_PASSING
/* set the default AUTH= if the sender didn't */
@@ -2933,6 +2989,13 @@ smtp(nullserver, d_flags, e)
usrerr("501 5.0.0 Missing recipient");
goto rcpt_done;
}
+#if _FFR_EAI
+ if (!e->e_smtputf8 && !addr_is_ascii(a->q_paddr))
+ {
+ usrerr("553 5.6.7 Address requires SMTPUTF8");
+ goto rcpt_done;
+ }
+#endif
if (delimptr != NULL && *delimptr != '\0')
*delimptr++ = '\0';
@@ -4820,6 +4883,17 @@ mail_esmtp_args(a, kp, vp, e)
/* XXX: check whether more characters follow? */
}
+#if _FFR_EAI
+ else if (sm_strcasecmp(kp, "smtputf8") == 0)
+ {
+ if (!bitset(SRV_OFFER_EAI, e->e_features))
+ {
+ usrerr("504 5.7.0 Sorry, SMTPUTF8 not supported/enabled");
+ /* NOTREACHED */
+ }
+ e->e_smtputf8 = true;
+ }
+#endif
else
{
usrerr("555 5.5.4 %s parameter unrecognized", kp);
@@ -5174,6 +5248,9 @@ static struct
{ 'C', SRV_REQ_SEC },
{ 'D', SRV_OFFER_DSN },
{ 'E', SRV_OFFER_ETRN },
+#if _FFR_EAI
+ { 'I', SRV_OFFER_EAI },
+#endif
{ 'L', SRV_REQ_AUTH },
#if PIPELINING
# if _FFR_NO_PIPE
diff --git a/sendmail/usersmtp.c b/sendmail/usersmtp.c
index 24d38ee..cbc6bb7 100644
--- sendmail/usersmtp.c.orig
+++ sendmail/usersmtp.c
@@ -465,6 +465,10 @@ helo_options(line, firstline, m, mci, e)
mci->mci_flags |= MCIF_PIPELINED;
else if (sm_strcasecmp(line, "verb") == 0)
mci->mci_flags |= MCIF_VERB;
+#if _FFR_EAI
+ else if (sm_strcasecmp(line, "smtputf8") == 0)
+ mci->mci_flags |= MCIF_EAI;
+#endif /* _FFR_EAI */
#if STARTTLS
else if (sm_strcasecmp(line, "starttls") == 0)
mci->mci_flags |= MCIF_TLS;
@@ -2027,6 +2031,19 @@ smtpmailfrom(m, mci, e)
return EX_TEMPFAIL;
}
+#if _FFR_EAI
+ /*
+ ** Abort right away if the message needs SMTPUTF8 and the
+ ** server does not advertise SMTPUTF8.
+ */
+
+ if (e->e_smtputf8 && !bitset(MCIF_EAI, mci->mci_flags)) {
+ usrerrenh("5.6.7", "%s does not support SMTPUTF8", CurHostName);
+ mci_setstat(mci, EX_NOTSTICKY, "5.6.7", NULL);
+ return EX_DATAERR;
+ }
+#endif /* _FFR_EAI */
+
/* set up appropriate options to include */
if (bitset(MCIF_SIZE, mci->mci_flags) && e->e_msgsize > 0)
{
@@ -2040,6 +2057,14 @@ smtpmailfrom(m, mci, e)
bufp = optbuf;
}
+#if _FFR_EAI
+ if (e->e_smtputf8) {
+ (void) sm_snprintf(bufp, SPACELEFT(optbuf, bufp),
+ " SMTPUTF8");
+ bufp += strlen(bufp);
+ }
+#endif /* _FFR_EAI */
+
bodytype = e->e_bodytype;
if (bitset(MCIF_8BITMIME, mci->mci_flags))
{