Pullup ticket 1812 - requested by tv

security/bugfix update for sendmail

Revisions pulled up:
- pkgsrc/mail/sendmail/Makefile				1.91
- pkgsrc/mail/sendmail/Makefile.common			1.37-1.38
- pkgsrc/mail/sendmail/distinfo				1.31-1.32
- pkgsrc/mail/sendmail/patches/patch-aj			1.4
- pkgsrc/mail/sendmail/patches/patch-ak			removed
- pkgsrc/mail/sendmail/patches/patch-al			removed
- pkgsrc/mail/sendmail/patches/patch-am			removed

   Module Name:	pkgsrc
   Committed By:	tv
   Date:		Fri Jul  7 18:06:28 UTC 2006

   Modified Files:
	pkgsrc/mail/sendmail: Makefile Makefile.common distinfo
	pkgsrc/mail/sendmail/patches: patch-aj
   Removed Files:
	pkgsrc/mail/sendmail/patches: patch-ak patch-al patch-am

   Log Message:
   Update to 8.13.7; changelog below.  (8.13.6nb3 already had the security
   fixes by patch.)

   While here, fix PR pkg/33821 by substituting pkgsrc's BINOWN, BINGRP, and
   INSTALL definitions into the installed share/sendmail/cf/Makefile.

   8.13.7/8.13.7	2006/06/14
	A malformed MIME structure with many parts can cause sendmail to
		crash while trying to send a mail due to a stack overflow,
		e.g., if the stack size is limited (ulimit -s).  This
		happens because the recursion of the function mime8to7()
		was not restricted.  The function is called for MIME 8 to
		7 bit conversion and also to enforce MaxMimeHeaderLength.
		To work around this problem, recursive calls are limited to
		a depth of MAXMIMENESTING (20); message content after this
		limit is treated as opaque and is not checked further.
		Problem noted by Frank Sheiness.
	The changes to the I/O layer in 8.13.6 caused a regression for
		SASL mechanisms that use the security layer, e.g.,
		DIGEST-MD5.  Problem noted by Robert Stampfli.
	If a timeout occurs while reading a message (during the DATA phase)
		a df file might have been left behind in the queue.
		This was another side effect of the changes to the I/O
		layer made in 8.13.6.
	Several minor problems have been fixed that were found by a
		Coverity scan of sendmail 8 as part of the NetBSD
		distribution. See http://scan.coverity.com/
		Note: the scan generated also a lot of "false positives",
		e.g., "error" reports about situations that cannot happen.
		Most of those code places are marked with lint(1) comments
		like NOTREACHED, but Coverity does not understand those.
		Hence an explicit assertion has been added in some cases
		to avoid those false positives.
	If the start of the sendmail daemon fails due to a configuration
		error then in some cases shared memory segments or pid
		files were not removed.
	If DSN support is disabled via access_db, then related ESMTP
		parameters for MAIL and RCPT should be rejected.  Problem
		reported by Akihiro Sagawa.
	Enabling zlib compression in OpenSSL 0.9.8[ab] breaks the padding
		bug work-around.  Hence if sendmail is linked against
		either of these versions and compression is available,
		the padding bug work-around is turned off.  Based on
		patch from Victor Duchovni of Morgan Stanley.
	CONFIG: FEATURE(`dnsbl') and FEATURE(`enhdnsbl') used
		blackholes.mail-abuse.org as default domain for lookups,
		however, that list is no longer available.  To avoid
		further problems, no default value is available anymore,
		but an argument must be specified.
	Portability:
		Fix compilation on OSF/1 for sfsasl.c.  Patch from
		Pieter Bowman of the University of Utah.
---
   Module Name:	pkgsrc
   Committed By:	tv
   Date:		Wed Aug  9 21:23:00 UTC 2006

   Modified Files:
	pkgsrc/mail/sendmail: Makefile.common distinfo

   Log Message:
   Update to 8.13.8.  Changes:

   8.13.8/8.13.8   2006/08/09
        Fix a regression in 8.13.7: if shared memory is activated, then
                the server can erroneously report that there is
                insufficient disk space.  Additionally make sure that
                an internal variable is set properly to avoid those
                misleading errors.  Based on patch from Steve Hubert
                of University of Washington.
        Fix a regression in 8.13.7: the PidFile could be removed after
                the process that forks the daemon exited, i.e., if
                sendmail -bd is invoked.  Problem reported by Kan Sasaki
                of Fusion Communications Corp. and Werner Wiethege.
        Avoid opening qf files if QueueSortOrder is "none".  Patch from
                David F. Skoll.
        Avoid a crash when finishing due to referencing a freed variable.
                Problem reported and diagnosed by Moritz Jodeit.
        CONTRIB: cidrexpand now deals with /0 by issuing the entire IPv4
                range (0..255).
        LIBMILTER: The "hostname" argument of the xxfi_connect() callback
                previously was the equivalent of {client_ptr}.  However,
                this did not match the documentation of the function, hence
                it has been changed to {client_name}.  See doc/op/op.*
                about these macros.

7 files changed, 29 insertions, 166 deletions

diff --git a/mail/sendmail/Makefile b/mail/sendmail/Makefile
index 8729ee3b57e..217d46736aa 100644
--- a/mail/sendmail/Makefile
+++ b/mail/sendmail/Makefile
@@ -1,9 +1,8 @@
-# $NetBSD: Makefile,v 1.90 2006/06/14 18:53:54 adrianp Exp $
+# $NetBSD: Makefile,v 1.90.2.1 2006/08/29 06:53:23 ghen Exp $
 
 .include "../../mail/sendmail/Makefile.common"
 
 PKGNAME=	sendmail-${DIST_VERS}
-PKGREVISION=	3
 COMMENT=	The well known Mail Transport Agent
 
 CONFLICTS+=	courier-mta-[0-9]* fastforward>=0.51nb2 postfix-[0-9]*
@@ -16,9 +15,12 @@ PLIST_SUBST+=	SMRSH_CMDDIR=${SMRSH_CMDDIR:Q}
 RCD_SCRIPTS=	sendmail smmsp
 
 SUBST_CLASSES+=		paths
-SUBST_STAGE.paths=	pre-build
-SUBST_FILES.paths=	../mailer.conf include/sm/conf.h smrsh/smrsh.8
-SUBST_SED.paths=	-e "s|@@PREFIX@@|${PREFIX}|g"
+SUBST_STAGE.paths=	pre-configure
+SUBST_FILES.paths=	../mailer.conf include/sm/conf.h smrsh/smrsh.8 cf/cf/Makefile
+SUBST_SED.paths+=	-e "s|@@BINGRP@@|${BINGRP}|g"
+SUBST_SED.paths+=	-e "s|@@BINOWN@@|${BINOWN}|g"
+SUBST_SED.paths+=	-e "s|@@INSTALL@@|${INSTALL}|g"
+SUBST_SED.paths+=	-e "s|@@PREFIX@@|${PREFIX}|g"
 SUBST_SED.paths+=	-e "s|@@SMRSH_CMDDIR@@|${SMRSH_CMDDIR}|g"
 SUBST_MESSAGE.paths=	Fixing paths.
 
diff --git a/mail/sendmail/Makefile.common b/mail/sendmail/Makefile.common
index 2240b32d444..43dfe705b97 100644
--- a/mail/sendmail/Makefile.common
+++ b/mail/sendmail/Makefile.common
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.common,v 1.36 2006/06/08 02:26:32 jlam Exp $
+# $NetBSD: Makefile.common,v 1.36.2.1 2006/08/29 06:53:23 ghen Exp $
 #
 # Makefile fragment shared with libmilter
 #
@@ -19,7 +19,7 @@ DISTINFO_FILE?=	${.CURDIR}/../../mail/sendmail/distinfo
 FILESDIR?=	${.CURDIR}/../../mail/sendmail/files
 PATCHDIR?=	${.CURDIR}/../../mail/sendmail/patches
 
-DIST_VERS=	8.13.6
+DIST_VERS=	8.13.8
 
 MAKE_ENV+=	BSD_BINOWN=${BINOWN:Q} BSD_BINGRP=${BINGRP:Q} \
 		BSD_MANOWN=${MANOWN:Q} BSD_MANGRP=${MANGRP:Q} \
diff --git a/mail/sendmail/distinfo b/mail/sendmail/distinfo
index 921c3c04b4e..cfadd624813 100644
--- a/mail/sendmail/distinfo
+++ b/mail/sendmail/distinfo
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.30 2006/06/14 18:53:54 adrianp Exp $
+$NetBSD: distinfo,v 1.30.2.1 2006/08/29 06:53:23 ghen Exp $
 
-SHA1 (sendmail.8.13.6.tar.gz) = 6c35f4780bd9fc5f8982977ad699752e2ccb26d0
-RMD160 (sendmail.8.13.6.tar.gz) = cbb0649b5dec8e4b4850c76ad4a132a15335df3b
-Size (sendmail.8.13.6.tar.gz) = 1986576 bytes
+SHA1 (sendmail.8.13.8.tar.gz) = 8e97c10f52efe5204c08f6cb3f90c08e077ac505
+RMD160 (sendmail.8.13.8.tar.gz) = a5d333b073d681f056421e836df4067f331a8ac8
+Size (sendmail.8.13.8.tar.gz) = 2010975 bytes
 SHA1 (patch-aa) = b7ceece7760e3d637016da039f8429c1fb89f2cf
 SHA1 (patch-ab) = a2abf6e78772e257e2a1973e7730159ff24a91aa
 SHA1 (patch-ac) = 96c19300b4188dbcbd202768eea912f675dadc27
@@ -12,7 +12,4 @@ SHA1 (patch-af) = d26481845328adad6d46fdf797785ec2ad003e28
 SHA1 (patch-ag) = 672c3e8a0c897f2c721d45393d85d4ea819d55a6
 SHA1 (patch-ah) = e6be09008b9230ffdd1560aaacbdbb2ee4fb8028
 SHA1 (patch-ai) = 8ade5888074ad9a328f87d66836c04eacf7785d5
-SHA1 (patch-aj) = 5dbceffb6397e28beb0c9350398238877928ead8
-SHA1 (patch-ak) = 0688b603018fc58510174a012ca7d2425665a7cd
-SHA1 (patch-al) = 9527aa7046a6b4be63c12108b5e03d6b13009d2d
-SHA1 (patch-am) = 6a7e14410ddc619a08142b90bd15f55eb23d32b8
+SHA1 (patch-aj) = e65e6fe44380de2f9c397c1a97677eb4ad285433
diff --git a/mail/sendmail/patches/patch-aj b/mail/sendmail/patches/patch-aj
index 74389d9c065..c9226fe87d9 100644
--- a/mail/sendmail/patches/patch-aj
+++ b/mail/sendmail/patches/patch-aj
@@ -1,22 +1,18 @@
-$NetBSD: patch-aj,v 1.3 2006/06/14 18:53:53 adrianp Exp $
+$NetBSD: patch-aj,v 1.3.2.1 2006/08/29 06:53:23 ghen Exp $
 
---- sendmail/deliver.c.orig	2006-03-02 01:37:39.000000000 +0000
-+++ sendmail/deliver.c
-@@ -4623,7 +4623,7 @@ putbody(mci, e, separator)
- 		/* now do the hard work */
- 		boundaries[0] = NULL;
- 		mci->mci_flags |= MCIF_INHEADER;
--		if (mime8to7(mci, e->e_header, e, boundaries, M87F_OUTER) ==
-+		if (mime8to7(mci, e->e_header, e, boundaries, M87F_OUTER, 0) ==
- 								SM_IO_EOF)
- 			goto writeerr;
- 	}
-@@ -4654,7 +4654,7 @@ putbody(mci, e, separator)
- 			SuprErrs = true;
+--- cf/cf/Makefile.orig	2005-06-13 22:16:34.000000000 -0400
++++ cf/cf/Makefile
+@@ -25,10 +25,10 @@ CHMOD=	chmod
+ ROMODE=	444
+ RM=	rm -f
+ # use our own install program; should be really confINSTALL
+-INSTALL=../../devtools/bin/install.sh
++INSTALL=@@INSTALL@@
+ # CF file ownership/permissions
+-CFOWN=root
+-CFGRP=bin
++CFOWN=@@BINOWN@@
++CFGRP=@@BINGRP@@
+ CFMODE=0444
  
- 		if (mime8to7(mci, e->e_header, e, boundaries,
--				M87F_OUTER|M87F_NO8TO7) == SM_IO_EOF)
-+				M87F_OUTER|M87F_NO8TO7, 0) == SM_IO_EOF)
- 			goto writeerr;
  
- 		/* restore SuprErrs */
diff --git a/mail/sendmail/patches/patch-ak b/mail/sendmail/patches/patch-ak
deleted file mode 100644
index 92ac4b5b253..00000000000
--- a/mail/sendmail/patches/patch-ak
+++ /dev/null
@@ -1,103 +0,0 @@
-$NetBSD: patch-ak,v 1.3 2006/06/14 18:53:53 adrianp Exp $
-
---- sendmail/mime.c.orig	2006-03-01 18:07:45.000000000 +0000
-+++ sendmail/mime.c
-@@ -80,6 +80,7 @@ static bool	MapNLtoCRLF;
- **		boundaries -- the currently pending message boundaries.
- **			NULL if we are processing the outer portion.
- **		flags -- to tweak processing.
-+**		level -- recursion level.
- **
- **	Returns:
- **		An indicator of what terminated the message part:
-@@ -96,12 +97,13 @@ struct args
- };
- 
- int
--mime8to7(mci, header, e, boundaries, flags)
-+mime8to7(mci, header, e, boundaries, flags, level)
- 	register MCI *mci;
- 	HDR *header;
- 	register ENVELOPE *e;
- 	char **boundaries;
- 	int flags;
-+	int level;
- {
- 	register char *p;
- 	int linelen;
-@@ -122,6 +124,18 @@ mime8to7(mci, header, e, boundaries, fla
- 	char pvpbuf[MAXLINE];
- 	extern unsigned char MimeTokenTab[256];
- 
-+	if (level > MAXMIMENESTING)
-+	{
-+		if (!bitset(EF_TOODEEP, e->e_flags))
-+		{
-+			if (tTd(43, 4))
-+				sm_dprintf("mime8to7: too deep, level=%d\n",
-+					   level);
-+			usrerr("mime8to7: recursion level %d exceeded",
-+				level);
-+			e->e_flags |= EF_DONT_MIME|EF_TOODEEP;
-+		}
-+	}
- 	if (tTd(43, 1))
- 	{
- 		sm_dprintf("mime8to7: flags = %x, boundaries =", flags);
-@@ -242,7 +256,9 @@ mime8to7(mci, header, e, boundaries, fla
- 	*/
- 
- 	if (sm_strcasecmp(type, "multipart") == 0 &&
--	    (!bitset(M87F_NO8BIT, flags) || bitset(M87F_NO8TO7, flags)))
-+	    (!bitset(M87F_NO8BIT, flags) || bitset(M87F_NO8TO7, flags)) &&
-+	    !bitset(EF_TOODEEP, e->e_flags)
-+	   )
- 	{
- 
- 		if (sm_strcasecmp(subtype, "digest") == 0)
-@@ -286,10 +302,13 @@ mime8to7(mci, header, e, boundaries, fla
- 		}
- 		if (i >= MAXMIMENESTING)
- 		{
--			usrerr("mime8to7: multipart nesting boundary too deep");
-+			if (tTd(43, 4))
-+				sm_dprintf("mime8to7: too deep, i=%d\n", i);
-+			if (!bitset(EF_TOODEEP, e->e_flags))
-+				usrerr("mime8to7: multipart nesting boundary too deep");
- 
- 			/* avoid bounce loops */
--			e->e_flags |= EF_DONT_MIME;
-+			e->e_flags |= EF_DONT_MIME|EF_TOODEEP;
- 		}
- 		else
- 		{
-@@ -333,7 +352,8 @@ mime8to7(mci, header, e, boundaries, fla
- 				goto writeerr;
- 			if (tTd(43, 101))
- 				putline("+++after putheader", mci);
--			bt = mime8to7(mci, hdr, e, boundaries, flags);
-+			bt = mime8to7(mci, hdr, e, boundaries, flags,
-+				      level + 1);
- 			if (bt == SM_IO_EOF)
- 				goto writeerr;
- 		}
-@@ -374,7 +394,8 @@ mime8to7(mci, header, e, boundaries, fla
- 
- 	if (sm_strcasecmp(type, "message") == 0)
- 	{
--		if (!wordinclass(subtype, 's'))
-+		if (!wordinclass(subtype, 's') ||
-+		    bitset(EF_TOODEEP, e->e_flags))
- 		{
- 			flags |= M87F_NO8BIT;
- 		}
-@@ -397,7 +418,8 @@ mime8to7(mci, header, e, boundaries, fla
- 			    !bitset(M87F_NO8TO7, flags) &&
- 			    !putline("MIME-Version: 1.0", mci))
- 				goto writeerr;
--			bt = mime8to7(mci, hdr, e, boundaries, flags);
-+			bt = mime8to7(mci, hdr, e, boundaries, flags,
-+				      level + 1);
- 			mci->mci_flags &= ~MCIF_INMIME;
- 			return bt;
- 		}
diff --git a/mail/sendmail/patches/patch-al b/mail/sendmail/patches/patch-al
deleted file mode 100644
index ceb096e6d5a..00000000000
--- a/mail/sendmail/patches/patch-al
+++ /dev/null
@@ -1,21 +0,0 @@
-$NetBSD: patch-al,v 1.3 2006/06/14 18:53:53 adrianp Exp $
-
---- sendmail/sendmail.h.orig	2006-02-27 17:49:09.000000000 +0000
-+++ sendmail/sendmail.h
-@@ -942,6 +942,7 @@ struct envelope
- #define EF_TOOBIG	0x02000000L	/* message is too big */
- #define EF_SPLIT	0x04000000L	/* envelope has been split */
- #define EF_UNSAFE	0x08000000L	/* unsafe: read from untrusted source */
-+#define EF_TOODEEP	0x10000000L	/* message is nested too deep */
- 
- #define DLVR_NOTIFY	0x01
- #define DLVR_RETURN	0x02
-@@ -1655,7 +1656,7 @@ EXTERN unsigned long	PrivacyFlags;	/* pr
- 
- /* functions */
- extern bool	mime7to8 __P((MCI *, HDR *, ENVELOPE *));
--extern int	mime8to7 __P((MCI *, HDR *, ENVELOPE *, char **, int));
-+extern int	mime8to7 __P((MCI *, HDR *, ENVELOPE *, char **, int, int));
- 
- /*
- **  Flags passed to returntosender.
diff --git a/mail/sendmail/patches/patch-am b/mail/sendmail/patches/patch-am
deleted file mode 100644
index 6c0a628abc1..00000000000
--- a/mail/sendmail/patches/patch-am
+++ /dev/null
@@ -1,8 +0,0 @@
-$NetBSD: patch-am,v 1.1 2006/06/14 18:53:53 adrianp Exp $
-
---- sendmail/version.c.orig	2006-03-08 19:21:21.000000000 +0000
-+++ sendmail/version.c
-@@ -17,2 +17,2 @@ SM_RCSID("@(#)$Id: version.c,v 8.160 200
- 
--char	Version[] = "8.13.6";
-+char	Version[] = "8.13.6.20060614";