Changes 4.76:

* The new ldap_require_cert option would segfault if used.  Fixed.
* Harmonised TLS library version reporting; only show if debugging.
  Layout now matches that introduced for other libraries in 4.74 PP/03.
* New openssl_options items: no_sslv2 no_sslv3 no_ticket no_tlsv1
* New "dns_use_edns0" global option.
* Don't segfault on misconfiguration of ref:name exim-user as uid.
* Extra paranoia around buffer usage at the STARTTLS transition.
  nb: Exim is not vulnerable to http://www.kb.cert.org/vuls/id/555316
* Updated PolarSSL code to 0.14.2.
* Catch divide-by-zero in ${eval:...}.
* Condition negation of bool{}/bool_lax{} did not negate.  Fixed.
* CVE-2011-1764 - DKIM log line was subject to a format-string attack --
  SECURITY: remote arbitrary code execution.
* SECURITY - DKIM signature header parsing was double-expanded, second
  time unintentionally subject to list matching rules, letting the header
  cause arbitrary Exim lookups (of items which can occur in lists, *not*
  arbitrary string expansion). This allowed for information disclosure.
* Fix another SIGFPE (x86) in ${eval:...} expansion, this time related to
  INT_MIN/-1 -- value coerced to INT_MAX.

6 files changed, 40 insertions, 62 deletions

diff --git a/mail/exim/Makefile b/mail/exim/Makefile
index c00a67a32ba..cfba26df38c 100644
--- a/mail/exim/Makefile
+++ b/mail/exim/Makefile
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.107 2011/05/07 14:32:02 drochner Exp $
+# $NetBSD: Makefile,v 1.108 2011/05/09 13:30:47 adam Exp $
 
-DISTNAME=	exim-4.75
-PKGREVISION=	1
+DISTNAME=	exim-4.76
 CATEGORIES=	mail net
 MASTER_SITES=	ftp://ftp.exim.org/pub/exim/exim4/ \
 		http://dl.ambiweb.de/mirrors/ftp.exim.org/exim/exim4/
diff --git a/mail/exim/distinfo b/mail/exim/distinfo
index 9a95bd0874c..e6bb90915c9 100644
--- a/mail/exim/distinfo
+++ b/mail/exim/distinfo
@@ -1,12 +1,10 @@
-$NetBSD: distinfo,v 1.50 2011/05/07 14:32:02 drochner Exp $
+$NetBSD: distinfo,v 1.51 2011/05/09 13:30:47 adam Exp $
 
-SHA1 (exim-4.75.tar.bz2) = e3196a9035f433c380bb2cec4cbbcfd7ad6c00b3
-RMD160 (exim-4.75.tar.bz2) = 2dfea8750cc95d057c0b804c0379f69fbed927a9
-Size (exim-4.75.tar.bz2) = 1600867 bytes
-SHA1 (patch-aa) = 2ec7f3c7c6e18c7cc2388de00c1108b56c239ab8
+SHA1 (exim-4.76.tar.bz2) = b0df27b0407eef2d79e130597916cde18f2bbe30
+RMD160 (exim-4.76.tar.bz2) = b619e6e6674584c97ae0503911e95e1016407c34
+Size (exim-4.76.tar.bz2) = 1605832 bytes
+SHA1 (patch-aa) = 5b9b5f459151912b936bf91d393072b872d48d5c
 SHA1 (patch-ab) = ffb9fb28e4e5548777db31b3de34673a08a1c0fa
-SHA1 (patch-ac) = 9a260a07f5e8cc89c60188925f01fc5b46164a37
+SHA1 (patch-ac) = 84bb4c01868fc28b7b00bcd9aacab0dddf4c01c8
 SHA1 (patch-ae) = 4a9d2fde403cfd6386742b31f062e7801ef081b9
 SHA1 (patch-ag) = 8512795060ad913f4699c277867fd24e7a785519
-SHA1 (patch-ah) = 99eae6cf5a3d4b771db39934c3e468706f7497b9
-SHA1 (patch-ba) = 6647a95bb8e3bce2bc7f075e4be2217b3a97ce8b
diff --git a/mail/exim/patches/patch-aa b/mail/exim/patches/patch-aa
index edeb0c8058c..20d4ce8f1af 100644
--- a/mail/exim/patches/patch-aa
+++ b/mail/exim/patches/patch-aa
@@ -1,6 +1,6 @@
-$NetBSD: patch-aa,v 1.21 2011/01/12 07:52:44 adam Exp $
+$NetBSD: patch-aa,v 1.22 2011/05/09 13:30:47 adam Exp $
 
---- Local/Makefile.pkgsrc.orig	2011-01-12 07:35:17.000000000 +0000
+--- Local/Makefile.pkgsrc.orig	2011-05-09 13:16:39.000000000 +0000
 +++ Local/Makefile.pkgsrc
 @@ -100,7 +100,7 @@
  # /usr/local/sbin. The installation script will try to create this directory,
@@ -47,7 +47,7 @@ $NetBSD: patch-aa,v 1.21 2011/01/12 07:52:44 adam Exp $
  
  
  
-@@ -332,7 +332,7 @@ PCRE_LIBS=-lpcre
+@@ -357,7 +357,7 @@ PCRE_LIBS=-lpcre
  # files are defaulted in the OS/Makefile-Default file, but can be overridden in
  # local OS-specific make files.
  
@@ -56,7 +56,7 @@ $NetBSD: patch-aa,v 1.21 2011/01/12 07:52:44 adam Exp $
  
  
  #------------------------------------------------------------------------------
-@@ -527,11 +527,11 @@ FIXED_NEVER_USERS=root
+@@ -552,11 +552,11 @@ FIXED_NEVER_USERS=root
  # included in the Exim binary. You will then need to set up the run time
  # configuration to make use of the mechanism(s) selected.
  
@@ -71,7 +71,7 @@ $NetBSD: patch-aa,v 1.21 2011/01/12 07:52:44 adam Exp $
  
  
  #------------------------------------------------------------------------------
-@@ -697,7 +697,7 @@ HEADERS_CHARSET="ISO-8859-1"
+@@ -722,7 +722,7 @@ HEADERS_CHARSET="ISO-8859-1"
  # %s. This will be replaced by one of the strings "main", "panic", or "reject"
  # to form the final file names. Some installations may want something like this:
  
@@ -80,7 +80,7 @@ $NetBSD: patch-aa,v 1.21 2011/01/12 07:52:44 adam Exp $
  
  # which results in files with names /var/log/exim_mainlog, etc. The directory
  # in which the log files are placed must exist; Exim does not try to create
-@@ -945,13 +945,13 @@ SYSTEM_ALIASES_FILE=/etc/aliases
+@@ -970,13 +970,13 @@ SYSTEM_ALIASES_FILE=/etc/aliases
  # haven't got Perl, Exim will still build and run; you just won't be able to
  # use those utilities.
  
@@ -101,7 +101,7 @@ $NetBSD: patch-aa,v 1.21 2011/01/12 07:52:44 adam Exp $
  
  
  #------------------------------------------------------------------------------
-@@ -1145,7 +1145,7 @@ TMPDIR="/tmp"
+@@ -1170,7 +1170,7 @@ TMPDIR="/tmp"
  # (process id) to a file so that it can easily be identified. The path of the
  # file can be specified here. Some installations may want something like this:
  
@@ -110,7 +110,7 @@ $NetBSD: patch-aa,v 1.21 2011/01/12 07:52:44 adam Exp $
  
  # If PID_FILE_PATH is not defined, Exim writes a file in its spool directory
  # using the name "exim-daemon.pid".
-@@ -1197,3 +1197,10 @@ TMPDIR="/tmp"
+@@ -1222,3 +1222,10 @@ TMPDIR="/tmp"
  # ENABLE_DISABLE_FSYNC=yes
  
  # End of EDITME for Exim 4.
diff --git a/mail/exim/patches/patch-ac b/mail/exim/patches/patch-ac
index 38e522a0938..3f4a036a1b7 100644
--- a/mail/exim/patches/patch-ac
+++ b/mail/exim/patches/patch-ac
@@ -1,8 +1,8 @@
-$NetBSD: patch-ac,v 1.14 2010/11/08 13:59:11 adam Exp $
+$NetBSD: patch-ac,v 1.15 2011/05/09 13:30:47 adam Exp $
 
---- src/dns.c.orig	2009-11-16 19:50:36.000000000 +0000
+--- src/dns.c.orig	2011-05-09 08:36:25.000000000 +0000
 +++ src/dns.c
-@@ -168,18 +168,34 @@ Returns:            nothing
+@@ -168,26 +168,39 @@ Returns:            nothing
  void
  dns_init(BOOL qualify_single, BOOL search_parents)
  {
@@ -38,13 +38,31 @@ $NetBSD: patch-ac,v 1.14 2010/11/08 13:59:11 adam Exp $
 -if (dns_retry > 0) _res.retry = dns_retry;
 +if (dns_retrans > 0) rs->retrans = dns_retrans;
 +if (dns_retry > 0) rs->retry = dns_retry;
+ 
+ #ifdef RES_USE_EDNS0
+ if (dns_use_edns0 >= 0)
+   {
+   if (dns_use_edns0)
+-    _res.options |= RES_USE_EDNS0;
++    rs->options |= RES_USE_EDNS0;
+   else
+-    _res.options &= ~RES_USE_EDNS0;
++    rs->options &= ~RES_USE_EDNS0;
+   DEBUG(D_resolver)
+     debug_printf("Coerced resolver EDNS0 support %s.\n",
+         dns_use_edns0 ? "on" : "off");
+@@ -198,6 +211,10 @@ if (dns_use_edns0 >= 0)
+     debug_printf("Unable to %sset EDNS0 without resolver support.\n",
+         dns_use_edns0 ? "" : "un");
+ #endif
++
 +#ifdef __NetBSD__
 +__res_put_state(rs);
 +#endif
  }
  
  
-@@ -424,9 +440,15 @@ Returns:     the return code
+@@ -442,9 +459,15 @@ Returns:     the return code
  static int
  dns_return(uschar *name, int type, int rc)
  {
@@ -61,7 +79,7 @@ $NetBSD: patch-ac,v 1.14 2010/11/08 13:59:11 adam Exp $
  node->data.val = rc;
  (void)tree_insertnode(&tree_dns_fails, node);
  return rc;
-@@ -466,6 +488,12 @@ dns_basic_lookup(dns_answer *dnsa, uscha
+@@ -484,6 +507,12 @@ dns_basic_lookup(dns_answer *dnsa, uscha
  int rc = -1;
  uschar *save;
  #endif
@@ -74,7 +92,7 @@ $NetBSD: patch-ac,v 1.14 2010/11/08 13:59:11 adam Exp $
  
  tree_node *previous;
  uschar node_name[290];
-@@ -476,7 +504,7 @@ have many addresses in the same domain. 
+@@ -494,7 +523,7 @@ have many addresses in the same domain. 
  caching for successful lookups. */
  
  sprintf(CS node_name, "%.255s-%s-%lx", name, dns_text_type(type),
diff --git a/mail/exim/patches/patch-ah b/mail/exim/patches/patch-ah
deleted file mode 100644
index 4c8c79e2385..00000000000
--- a/mail/exim/patches/patch-ah
+++ /dev/null
@@ -1,24 +0,0 @@
-$NetBSD: patch-ah,v 1.1 2011/05/07 14:32:02 drochner Exp $
-
-CVE-2011-1764
-
---- src/dkim.c.orig	2011-03-22 08:00:51.000000000 +0000
-+++ src/dkim.c
-@@ -108,7 +108,7 @@ void dkim_exim_verify_finish(void) {
-     /* Log a line for each signature */
-     uschar *logmsg = string_append(NULL, &size, &ptr, 5,
- 
--      string_sprintf( "DKIM: d=%s s=%s c=%s/%s a=%s ",
-+      string_sprintf( "d=%s s=%s c=%s/%s a=%s ",
-                       sig->domain,
-                       sig->selector,
-                       (sig->canon_headers == PDKIM_CANON_SIMPLE)?"simple":"relaxed",
-@@ -176,7 +176,7 @@ void dkim_exim_verify_finish(void) {
-     }
- 
-     logmsg[ptr] = '\0';
--    log_write(0, LOG_MAIN, (char *)logmsg);
-+    log_write(0, LOG_MAIN, "DKIM: %s", logmsg);
- 
-     /* Build a colon-separated list of signing domains (and identities, if present) in dkim_signers */
-     dkim_signers = string_append(dkim_signers,
diff --git a/mail/exim/patches/patch-ba b/mail/exim/patches/patch-ba
deleted file mode 100644
index 92eb17b3c25..00000000000
--- a/mail/exim/patches/patch-ba
+++ /dev/null
@@ -1,13 +0,0 @@
-$NetBSD: patch-ba,v 1.2 2011/03/22 13:52:19 adam Exp $
-
---- src/lookups/ldap.c.orig	2011-03-22 11:32:30.000000000 +0000
-+++ src/lookups/ldap.c
-@@ -481,7 +481,7 @@ if (lcp == NULL)
-       {
-       cert_option = LDAP_OPT_X_TLS_TRY;
-       }
--    ldap_set_option(ld, LDAP_OPT_X_TLS_REQUIRE_CERT, cert_option);
-+    ldap_set_option(ld, LDAP_OPT_X_TLS_REQUIRE_CERT, &cert_option);
-     }
-   #endif
-