diff options
| author | Richard A Nelson (Rick) <cowboy@debian.org> | 2007-10-20 23:35:30 +0000 |
|---|---|---|
| committer | Andreas Beckmann <debian@abeckmann.de> | 2012-10-01 20:07:32 +0200 |
| commit | 8b3bbf52a4ec4f30ddb352fb1b11e6a0c6e78099 (patch) | |
| tree | ee691b95f4c3e36bc779468175fb76f5937f7730 | |
| parent | 18180742925ca2df7ad3a7d11f4fabbfa4c2efef (diff) | |
| download | sendmail-8b3bbf52a4ec4f30ddb352fb1b11e6a0c6e78099.tar.gz | |
Imported Debian patch 8.14.1-11debian/8.14.1-11
21 files changed, 439 insertions, 101 deletions
diff --git a/debian/NEWS b/debian/NEWS index 9c72560..5dddeec 100644 --- a/debian/NEWS +++ b/debian/NEWS @@ -1,4 +1,4 @@ -sendmail (8.13.1-14) +sendmail (8.13.1-14) unstable; urgency=low * TLS errors: From http://lists.debian.org/debian-security/2003/09/msg00209.html @@ -14,7 +14,9 @@ sendmail (8.13.1-14) You have to do the same with SASLv2 m4 if you use SASLv2 -sendmail (8.13.1-8) + -- Richard A Nelson (Rick) <cowboy@debian.org> Fri, 19 Oct 2007 02:13:30 -0000 + +sendmail (8.13.1-8) unstable; urgency=low * Make initial install prompt free (by using a sane&safe default): + listen only to 127.0.0.1 @@ -36,3 +38,5 @@ sendmail (8.13.1-8) add the password to /etc/sasldb2 (automigrate) and subsequently, the user may use more secure mechanisms. + -- Richard A Nelson (Rick) <cowboy@debian.org> Fri, 19 Oct 2007 02:13:30 -0000 + diff --git a/debian/build/autoconf.mk b/debian/build/autoconf.mk index 5fdbd1d..7e5597b 100644 --- a/debian/build/autoconf.mk +++ b/debian/build/autoconf.mk @@ -2,7 +2,7 @@ #------------------------------------------------------------------------------ # vim: syntax=make # -# $Sendmail: autoconf.mk,v 8.14.1 2007-10-04 15:02:00 cowboy Exp $ +# $Sendmail: autoconf.mk,v 8.14.1 2007-10-20 16:39:52 cowboy Exp $ # # Copyright (c) 1998-2007 Richard Nelson. All Rights Reserved. # @@ -16,7 +16,7 @@ # on Debian slink, potato, woody, testing, sid, ... # but the generated file is customized to the version noted above. # -# Richard Nelson <cowboy@debian.org> 2007-10-04 15:02:00 (-0700) +# Richard Nelson <cowboy@debian.org> 2007-10-20 16:39:52 (-0700) #------------------------------------------------------------------------------ #SHELL := /bin/sh -x diff --git a/debian/build/debian/sendmail-base.dirs.in b/debian/build/debian/sendmail-base.dirs.in index 83ad2aa..c8e2877 100644 --- a/debian/build/debian/sendmail-base.dirs.in +++ b/debian/build/debian/sendmail-base.dirs.in @@ -18,6 +18,7 @@ .@sysconfdir@/mail/tls .@sysconfdir@/network .@sysconfdir@/network/if-down.d +.@sysconfdir@/network/if-post-down.d .@sysconfdir@/network/if-up.d .@sysconfdir@/pam.d .@sysconfdir@/ppp/ip-down.d @@ -49,6 +50,7 @@ .@datadir@/sendmail/examples/milter .@datadir@/sendmail/examples/network .@datadir@/sendmail/examples/network/if-down.d +.@datadir@/sendmail/examples/network/if-post-down.d .@datadir@/sendmail/examples/network/if-up.d .@datadir@/sendmail/examples/pam.d .@datadir@/sendmail/examples/resolvconf diff --git a/debian/cf/debian/sendmail.mc.in b/debian/cf/debian/sendmail.mc.in index 5ccf60e..f10f29e 100644 --- a/debian/cf/debian/sendmail.mc.in +++ b/debian/cf/debian/sendmail.mc.in @@ -68,6 +68,9 @@ define(`confCONNECTION_RATE_WINDOW_SIZE',`10m')dnl dnl # dnl # Features dnl # +dnl # use /etc/mail/local-host-names +FEATURE(`use_cw_file')dnl +dnl # dnl # The access db is the basis for most of sendmail's checking FEATURE(`access_db', , `skip')dnl dnl # diff --git a/debian/changelog b/debian/changelog index 23c8114..895f430 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,22 @@ +sendmail (8.14.1-11) unstable; urgency=low + + * /etc/init.d/sendmail will now rebuild databases on + start/reload/restart (like Redhat derived, various BSDs, etc) + + * Finally nailed (fingers crossed) the elusive cause of + ;; connection timed out; no servers could be reached + There are still issues on what state to leave things in, but + at least the file will be turned into garbage closes: #375787 + + sendmail.conf::DAEMON_NETMODE now defaults to Static + + /etc/{ppp,dhcp3,network,resolvconf}/*/sendmail pass an additional option + + /usr/share/sendmail/dynamic is much more careful + + * ARM is broken, disable -fstack-protector-all closes: #446415 + * add FEATURE(use_cw_file) to default sendmail.mc closes: #433216 + * remove /usr/share/bug/sendmail-doc -> sendmail closes: #387799 + + -- Richard A Nelson (Rick) <cowboy@debian.org> Sat, 20 Oct 2007 23:35:30 -0000 + sendmail (8.14.1-10) unstable; urgency=low * Do not blindly accept client certificates by default diff --git a/debian/examples/Makefile.in b/debian/examples/Makefile.in index 6b9876e..1dee680 100644 --- a/debian/examples/Makefile.in +++ b/debian/examples/Makefile.in @@ -298,9 +298,9 @@ nobase_dist_sysconf_DATA = dhcp3/dhclient-exit-hooks.d/sendmail \ logcheck/ignore.d.server/sendmail \ logcheck/ignore.d.workstation/sendmail \ logcheck/violations.ignore.d/logcheck-sendmail \ - network/if-down.d/sendmail network/if-up.d/sendmail pam.d/smtp \ - ppp/ip-down.d/sendmail ppp/ip-up.d/sendmail \ - resolvconf/update-libc.d/sendmail + network/if-down.d/sendmail network/if-post-down.d/sendmail \ + network/if-up.d/sendmail pam.d/smtp ppp/ip-down.d/sendmail \ + ppp/ip-up.d/sendmail resolvconf/update-libc.d/sendmail all: all-am .SUFFIXES: @@ -573,12 +573,14 @@ install-data-hook: chmod a+rx ${DESTDIR}${pkgdatadir}/examples/milter/Makefile; chmod a+rx ${DESTDIR}${pkgdatadir}/examples/dhcp3/dhclient-exit-hooks.d/sendmail; chmod a+rx ${DESTDIR}${pkgdatadir}/examples/network/if-down.d/sendmail; + chmod a+rx ${DESTDIR}${pkgdatadir}/examples/network/if-post-down.d/sendmail; chmod a+rx ${DESTDIR}${pkgdatadir}/examples/network/if-up.d/sendmail; chmod a+rx ${DESTDIR}${pkgdatadir}/examples/ppp/ip-down.d/sendmail; chmod a+rx ${DESTDIR}${pkgdatadir}/examples/ppp/ip-up.d/sendmail; chmod a+rx ${DESTDIR}${pkgdatadir}/examples/resolvconf/update-libc.d/sendmail; chmod a+rx ${DESTDIR}${sysconfdir}/dhcp3/dhclient-exit-hooks.d/sendmail; chmod a+rx ${DESTDIR}${sysconfdir}/network/if-down.d/sendmail; + chmod a+rx ${DESTDIR}${sysconfdir}/network/if-post-down.d/sendmail; chmod a+rx ${DESTDIR}${sysconfdir}/network/if-up.d/sendmail; chmod a+rx ${DESTDIR}${sysconfdir}/ppp/ip-down.d/sendmail; chmod a+rx ${DESTDIR}${sysconfdir}/ppp/ip-up.d/sendmail; diff --git a/debian/examples/dhcp3/dhclient-exit-hooks.d/sendmail.in b/debian/examples/dhcp3/dhclient-exit-hooks.d/sendmail.in index 0afc701..c517033 100644 --- a/debian/examples/dhcp3/dhclient-exit-hooks.d/sendmail.in +++ b/debian/examples/dhcp3/dhclient-exit-hooks.d/sendmail.in @@ -15,9 +15,9 @@ # No need to continue if we're called with an unsupported option case "$reason" in - EXPIRE|FAIL|RELEASE|STOP) # and TIMEOUT too ?? + EXPIRE|FAIL|RELEASE|STOP) #down... and TIMEOUT too ??? ;; - BOUND|RENEW|REBIND|REBOOT|TIMEOUT) + BOUND|RENEW|REBIND|REBOOT|TIMEOUT) #up... why TIMEOUT here ??? ;; *) return; @@ -42,8 +42,8 @@ if [ "$new_ip_address" != "$oldnew_ip_address" ]; then # If anything has been changed, update sendmail.cf and reload # Actually, we'll delay the reload because we'll be hit in a moment -# to handle the change in /etc/resolv.conf -update_sendmail Delayed; +# to handle the change by /etc/network/if-up.d/sendmail +update_sendmail "dhcp" Delayed; return; diff --git a/debian/examples/network/if-down.d/sendmail.in b/debian/examples/network/if-down.d/sendmail.in index 0f7d569..254445b 100644 --- a/debian/examples/network/if-down.d/sendmail.in +++ b/debian/examples/network/if-down.d/sendmail.in @@ -37,6 +37,6 @@ if [ -z "$provider" ]; then update_interface "$iface" "STOP"; # If anything has been changed, update sendmail.cf and reload -update_sendmail; +update_sendmail "ifupdown"; exit 0; diff --git a/debian/examples/network/if-post-down.d/sendmail b/debian/examples/network/if-post-down.d/sendmail new file mode 100644 index 0000000..5cb9322 --- /dev/null +++ b/debian/examples/network/if-post-down.d/sendmail @@ -0,0 +1,42 @@ +#!/bin/sh +# +# This script is called when a network device goes down. +# +# Here is where we'll stop sendmail if needed +# +# Written By Richard Nelson <cowboy@debian.org> +# +# NOTE: The following lines (without the #) must be in /etc/mail/sendmail.mc: +# include(`/etc/mail/dialup.m4')dnl +# include(`/etc/mail/provider.m4')dnl +# + +# These variables are for the use of the scripts run by run-parts +#IFACE=; +#IF_ADDRESS=; +#IF_PROVIDER=; + +if [ ! -z "$IFACE" ]; then + addr=$IF_ADDRESS; + provider=$IF_PROVIDER; + iface=$IFACE; +else + addr=$1; + provider=$2; + iface=$3; + fi; + +if [ -z "$provider" ]; then + exit 0; + fi; + +# Bring in some script functions to handle dynamic configuration +. /usr/share/sendmail/dynamic; + +# Note the interface that just changed +update_interface "$iface" "STOP"; + +# If anything has been changed, update sendmail.cf and reload +update_sendmail "ifupdown"; + +exit 0; diff --git a/debian/examples/network/if-post-down.d/sendmail.1.old b/debian/examples/network/if-post-down.d/sendmail.1.old new file mode 100644 index 0000000..88e719e --- /dev/null +++ b/debian/examples/network/if-post-down.d/sendmail.1.old @@ -0,0 +1,57 @@ +#!/bin/sh +# +# This script is called when ppp disconnects from the network. +# +# Here is where we'll stop sendmail if needed +# +# Written By Richard Nelson <cowboy@debian.org> +# +# NOTE: The following lines (without the #) must be in /etc/mail/sendmail.mc: +# include(`/etc/mail/dialup.m4')dnl +# include(`/etc/mail/provider.m4')dnl +# +# Exit by default, check for validity before commenting out the next line: +exit 0; + +# Purge any latent host status that might cause us to *NOT* send mail +AM='-Am'; +if [ ! -f /usr/share/sendmail/cf/feature/msp.m4 ]; then + AM=''; + fi; +sendmail $AM -bH -O Timeout.hoststatus=1s; + +# New mail will only be queued +file="/etc/mail/dialup.m4"; +if [ -f "$file" ]; then + cat <<-EOT > $file; + LOCAL_CONFIG + #------------------------------------------------------------ + # + # Dynamic updates from $0 + # + # NOTE: the following line *MUST* be in /etc/mail/sendmail.mc + dnl include(\`/etc/mail/dialup.m4')dnl + # + # sendmail is to only queue messages until connected again + define(\`confDELIVERY_MODE', \`deferred')dnl + # + # Allow the queue to age without carping every four hours + define(\`confTO_QUEUEWARN',\`1d')dnl + # + # Don't keep host status while the network is down + define(\`confHOST_STATUS_DIRECTORY')dnl + #------------------------------------------------------------ + EOT + fi; + +# Build a new sendmail.cf from sendmail.mc, including our address. +# NOTE: The following line (without the #) must be in /etc/mail/sendmail.mc: +# include(`/etc/mail/dialup.m4') +m4 /etc/mail/sendmail.mc \ + > /etc/mail/sendmail.cf.pnew; +chmod 0644 /etc/mail/sendmail.cf.pnew; +chown mail:mail /etc/mail/sendmail.cf.pnew; +mv -f /etc/mail/sendmail.cf.pnew /etc/mail/sendmail.cf; + +# Stop/reload sendmail daemon as needed +/etc/init.d/sendmail reload; diff --git a/debian/examples/network/if-post-down.d/sendmail.in b/debian/examples/network/if-post-down.d/sendmail.in new file mode 100644 index 0000000..254445b --- /dev/null +++ b/debian/examples/network/if-post-down.d/sendmail.in @@ -0,0 +1,42 @@ +#!/bin/sh +# +# This script is called when a network device goes down. +# +# Here is where we'll stop sendmail if needed +# +# Written By Richard Nelson <cowboy@debian.org> +# +# NOTE: The following lines (without the #) must be in /etc/mail/sendmail.mc: +# include(`/etc/mail/dialup.m4')dnl +# include(`/etc/mail/provider.m4')dnl +# + +# These variables are for the use of the scripts run by run-parts +#IFACE=; +#IF_ADDRESS=; +#IF_PROVIDER=; + +if [ ! -z "$IFACE" ]; then + addr=$IF_ADDRESS; + provider=$IF_PROVIDER; + iface=$IFACE; +else + addr=$1; + provider=$2; + iface=$3; + fi; + +if [ -z "$provider" ]; then + exit 0; + fi; + +# Bring in some script functions to handle dynamic configuration +. @datadir@/sendmail/dynamic; + +# Note the interface that just changed +update_interface "$iface" "STOP"; + +# If anything has been changed, update sendmail.cf and reload +update_sendmail "ifupdown"; + +exit 0; diff --git a/debian/examples/network/if-post-down.d/sendmail.md5sum b/debian/examples/network/if-post-down.d/sendmail.md5sum new file mode 100644 index 0000000..6afd10a --- /dev/null +++ b/debian/examples/network/if-post-down.d/sendmail.md5sum @@ -0,0 +1 @@ +fb749db92b73eca0480702c59f6b09ed sendmail diff --git a/debian/examples/network/if-up.d/sendmail.in b/debian/examples/network/if-up.d/sendmail.in index f0afd8a..f0d58d1 100644 --- a/debian/examples/network/if-up.d/sendmail.in +++ b/debian/examples/network/if-up.d/sendmail.in @@ -12,6 +12,8 @@ # # ALSO: make sure to use a 'provider <isp>' tag in /etc/network/interfaces # it will be used as the name of a file in /etc/mail/peers +# If you don't use provider, we'll use DNS_DOMAIN, or lacking that, +# the first entry in DNS_SEARCH # @@ -29,7 +31,7 @@ if [ ! -z "$IFACE" ]; then elif [ -n "$IF_DNS_DOMAIN" ]; then provider="$IF_DNS_DOMAIN"; elif [ -n "$IF_DNS_SEARCH" ]; then - provider="$IF_DNS_SEARCH"; + provider=$(echo "$IF_DNS_SEARCH" | /usr/bin/cut -d' ' -f 1); fi; iface=$IFACE; else @@ -55,7 +57,7 @@ if [ -n "$addr" ]; then fi; # If anything has been changed, update sendmail.cf and reload -update_sendmail; +update_sendmail "ifupdown"; exit 0; diff --git a/debian/examples/ppp/ip-down.d/sendmail.in b/debian/examples/ppp/ip-down.d/sendmail.in index 1baa7ee..71f42b6 100644 --- a/debian/examples/ppp/ip-down.d/sendmail.in +++ b/debian/examples/ppp/ip-down.d/sendmail.in @@ -40,6 +40,8 @@ if [ -z "$provider" ]; then update_interface "$iface" "STOP"; # If anything has been changed, update sendmail.cf and reload -update_sendmail; +# Actually, we'll delay the reload because we'll be hit in a moment +# to handle the change by /etc/network/if-up.d/sendmail +update_sendmail "ppp" Delayed; exit 0; diff --git a/debian/examples/ppp/ip-up.d/sendmail.in b/debian/examples/ppp/ip-up.d/sendmail.in index 5c26de8..191b9a8 100644 --- a/debian/examples/ppp/ip-up.d/sendmail.in +++ b/debian/examples/ppp/ip-up.d/sendmail.in @@ -51,7 +51,7 @@ update_provider "$provider"; update_host "$addr"; # If anything has been changed, update sendmail.cf and reload -update_sendmail; +update_sendmail "ppp"; exit 0; diff --git a/debian/examples/resolvconf/update-libc.d/sendmail.in b/debian/examples/resolvconf/update-libc.d/sendmail.in index 4b135a8..31a1638 100644 --- a/debian/examples/resolvconf/update-libc.d/sendmail.in +++ b/debian/examples/resolvconf/update-libc.d/sendmail.in @@ -3,13 +3,11 @@ # Make sendmail aware of changes to resolv.conf # so that we can reset the statistics for unresolvable hostnames -# Purge any latent host status that might cause us to *NOT* send mail -AM='-Am'; -if [ ! -f @datadir@/sendmail/cf/feature/msp.m4 ]; then - AM=''; - fi; -@sbindir@/sendmail $AM -bH -O Timeout.hoststatus=1s; +# Bring in some script functions to handle dynamic configuration +. /usr/share/sendmail/dynamic; -# Start/reload sendmail as needed -#@sysconfdir@/init.d/sendmail reload || true; +# Note the interface that just changed - unfortunately, we know not how :( +update_resolv; +# If anything has been changed, update sendmail.cf and reload +update_sendmail; diff --git a/debian/local/Parse_conf.pm.in b/debian/local/Parse_conf.pm.in index 3ebbeb6..917eae2 100644 --- a/debian/local/Parse_conf.pm.in +++ b/debian/local/Parse_conf.pm.in @@ -62,7 +62,7 @@ my $debug; # Global variables #------------------------------------------------------------------------------ my %parm_def = ( - 'DAEMON_NETMODE' => 'Dynamic' + 'DAEMON_NETMODE' => 'Static' ,'DAEMON_NETIF' => 'eth0' ,'DAEMON_MODE' => 'Daemon' ,'DAEMON_RUNASUSER' => 'No' diff --git a/debian/local/dynamic.in b/debian/local/dynamic.in index 9598e96..82b6d7c 100644 --- a/debian/local/dynamic.in +++ b/debian/local/dynamic.in @@ -8,31 +8,76 @@ # # Copyright (c) 2004-@SM_CPYRT@ Richard Nelson. All Rights Reserved. # +# This script is called from the following places: +# /etc/ppp/ip-down.d/sendmail #\ +# /etc/ppp/ip-up.d/sendmail # | These are deprecated +# /etc/dhcp3/dhclient-exit-hooks.d/sendmail #/ +# /etc/network/if-down.d/sendmail #standard +# /etc/network/if-post-down.d/sendmail #standard +# /etc/network/if-up.d/sendmail #standard +# /etc/resolvconf/update-libc.d/sendmail #More or less useless :( +# +# The other half of the logic is in /etc/mail/sendmail.conf +# +# DAEMON_NETMODE="Dynamic"; Keyword SMTP network mode +# static: Do not monitor any network interfaces for changes +# dynamic: Monitor one or more interfaces for changes +# +# DAEMON_NETIF="eth0"; string SMTP interface(s) +# This parameter defines the network interface(s) that the daemon +# will monitor for status changes (via ppp, dhcp, ifup/down hooks). +# +# NOTES: +# 1) Only list more than one interfaces if they only used for fallback, +# otherwise the daemon will wind up ping-ponging between interfaces. +# 2) Do not use 'lo' unless your daemon only listens on the localhost. +# +# LOG_CMDS="No"; Binary command logging flag +# Will cause syslog entries for many of the sendmail related commands +# like runq, mailq, etc - you'll also see cron jobs (if enabled). +# +# HANDS_OFF="No"; Binary Do *NOT* touch the configuration +# Set this *ONLY* if you are going to be fully responsible for the entire +# setup of sendmail - the directories, permissions, databases, etc. With +# this variable set to "Yes", nothing will be done for you during +# updates. +# +# In other words, "The blood be upon your hands" if you set this... +# My ability to help with problems will be greatly reduced ! +# +# "Well, a pet peeve of mine is people who directly edit the +# .cf file instead of using the m4 configuration files. +# Don't do it! [laughs] I treat the .cf file as a binary +# file - you should too." +# -- Eric Allman 1999/10/18 +# #------------------------------------------------------------------------ # +# The files we may alter provider_m4='@sysconfdir@/mail/m4/provider.m4'; dialup_m4='@sysconfdir@/mail/m4/dialup.m4'; # Default values -SM_ignore=1; -SM_changed=0; -SM_delay=0; -SM_interface=''; -SM_state='down'; -SM_provider=''; -SM_ip=''; -SM_host=''; -SM_debug=1; +SM_ignore=0; # Ignore any changes +SM_changed=0; # Something has changed, dunno what +SM_delay=0; # Expect another call soon, do work then +SM_interface=''; # The interface that changed +SM_state=''; # How the interface changed +SM_provider=''; # ISP/domain name/IPPARM/etc +SM_ip=''; # IP for the interface +SM_host=''; # Reverse FQDN of IP +SM_debug=1; # Of minimal value # Path to other sendmail helpers if [ -x ./update_sendmail ]; then sm_path='.'; -elif [ -x $(dirname $0)/update_sendmail ]; then - sm_path=$(dirname $0); +elif [ -x $(/usr/bin/dirname $0)/update_sendmail ]; then + sm_path=$(/usr/bin/dirname $0); else sm_path=@datadir@/sendmail; fi; + # Bring in sendmail.conf for the network definitions if [ ! -f @sysconfdir@/mail/sendmail.conf ]; then if [ -x $sm_path/update_conf ]; then @@ -42,7 +87,7 @@ if [ ! -f @sysconfdir@/mail/sendmail.conf ]; then DAEMON_NETMODE='Static'; DAEMON_NETIF=''; HANDS_OFF='No'; -LOG_CMDS='No'; +LOG_CMDS='Yes'; if [ -f @sysconfdir@/mail/sendmail.conf ]; then . @sysconfdir@/mail/sendmail.conf; fi; @@ -51,56 +96,68 @@ if [ -f @sysconfdir@/mail/sendmail.conf ]; then update_interface() { SM_interface="$1"; SM_reason="$2"; - # Do absolutely nothing if they say so... - if [ "$HANDS_OFF" != 'No' ]; then - return; - fi; - if [ -z "$SM_interface" ]; then - SM_ignore=1; - return; - fi; - # Check to see if we care about this interface - for if in $DAEMON_NETIF; do - if [ "$if" = "$SM_interface" ]; then - SM_ignore=0; - break; - fi; - done; - + # Translate DHCP style actions to a simple up/down case "$SM_reason" in - DOWN|EXPIRE|FAIL|RELEASE|STOP) # and TIMEOUT too ?? + DOWN|EXPIRE|FAIL|RELEASE|STOP) # and TIMEOUT too ??? SM_state='down'; ;; - UP|BOUND|RENEW|REBIND|REBOOT|TIMEOUT) + UP|BOUND|RENEW|REBIND|REBOOT|TIMEOUT) # why TIMEOUT here ??? SM_state='up'; if [ "$SM_reason" = "BOUND" ]; then SM_changed=1; fi; ;; + *) + SM_state='unknown'; + ;; esac; # Mark what we're doing... local msg="$SM_interface $SM_state $SM_provider $SM_ip $SM_host"; if [ "$LOG_CMDS" != 'No' ]; then - logger -i -p mail.debug -- "$0 update_interface: $msg"; + /usr/bin/logger -i -p mail.debug -- "$0 (dynamic) update_interface: $msg"; + fi; + + # Do absolutely nothing if they say so... + if [ "$HANDS_OFF" != 'No' ]; then + SM_ignore=1; + fi; + if [ -z "$SM_interface" ]; then + SM_ignore=1; + fi; + + # Check to see if we care about this interface + if [ $SM_ignore -eq 0 ]; then + SM_ignore=1; + for if in $DAEMON_NETIF; do + if [ "$if" = "$SM_interface" ]; then + SM_ignore=0; + break; + fi; + done; + fi; + + if [ $SM_ignore -ne 0 ]; then + return; fi; }; # Record information about the upstream provider update_provider() { SM_provider="$1"; + # Mark what we're doing... local msg="$SM_interface $SM_state $SM_provider $SM_ip $SM_host"; if [ "$LOG_CMDS" != 'No' ]; then - logger -i -p mail.debug -- "$0 update_provider: $msg"; + /usr/bin/logger -i -p mail.debug -- "$0 (dynamic) update_provider: $msg"; fi; # Do absolutely nothing if they say so... if [ "$HANDS_OFF" != 'No' ]; then - return; + SM_ignore=1; fi; - if [ $SM_ignore != 0 ]; then + if [ $SM_ignore -ne 0 ]; then return; fi; # Add smarthost information (if any)... @@ -118,10 +175,14 @@ update_provider() { LOCAL_CONFIG #------------------------------------------------------------ # - # Dynamic provider updates from $0 + # Dynamic provider updates from $0: + # Device=$SM_interface + # State=$SM_state + # Provider=$SM_provider + # + # NOTE: The following line *MUST* be in @sysconfdir@/mail/sendmail.mc + #dnl include(\`@sysconfdir@/mail/provider.m4')dnl # - # NOTE: the following line *MUST* be in @sysconfdir@/mail/sendmail.mc - dnl include(\`@sysconfdir@/mail/provider.m4')dnl # You may also need to include this file in submit.mc ! # # Provider information from @sysconfdir@/mail/peers/$SM_provider @@ -136,23 +197,27 @@ update_provider() { # Record information on an ip/host update_host() { SM_ip="$1"; + # Mark what we're doing... local msg="$SM_interface $SM_state $SM_provider $SM_ip $SM_host"; if [ "$LOG_CMDS" != 'No' ]; then - logger -i -p mail.debug -- "$0 update_host: $msg"; + /usr/bin/logger -i -p mail.debug -- "$0 (dynamic) update_host: $msg"; fi; # Do absolutely nothing if they say so... if [ "$HANDS_OFF" != 'No' ]; then - return; + SM_ignore=1; fi; - if [ $SM_ignore != 0 ]; then + if [ $SM_ignore -ne 0 ]; then return; fi; if [ -z "$SM_ip" ]; then return; fi; find_host; + if [ $SM_ignore -ne 0 ]; then + return; + fi; # Add ip related information (if any)... # But not if dialup.m4 is a link ! if [ ! -L "$dialup_m4" ]; then @@ -161,16 +226,27 @@ update_host() { LOCAL_CONFIG #------------------------------------------------------------ # - # Dynamic host/ip updates from $0 + # Dynamic host/ip updates from $0: + # Device=$SM_interface + # State=$SM_state + # Provider=$SM_provider + # IP=$SM_ip + # Host=$SM_host + # + # NOTE: The following line *MUST* be in @sysconfdir@/mail/sendmail.mc + #dnl include(\`@sysconfdir@/mail/dialup.m4')dnl # - # NOTE: the following line *MUST* be in @sysconfdir@/mail/sendmail.mc - dnl include(\`@sysconfdir@/mail/dialup.m4')dnl # This should *NOT* be included in submit.mc ! # # Make sure we accept mail as this ip (for bounces, etc) Cw$SM_ip EOT - if [ -n "$SM_host" ]; then + if [ -z "$SM_host" ]; then + cat <<-EOT >> "$dialup_m4"; + # + # Rats... FQDN lookup failed, your kit is incomplete :( + EOT + else cat <<-EOT >> "$dialup_m4"; # # Define our true hostname (from our ISP) - becomes \$j @@ -187,6 +263,46 @@ update_host() { fi; }; +# DNS support changed, we may (or may not) have a new name +# but in any case, we may have stale host info in the queue +update_resolv() { + + # Mark what we're doing... + local msg="$SM_interface $SM_state $SM_provider $SM_ip $SM_host"; + if [ "$LOG_CMDS" != 'No' ]; then + /usr/bin/logger -i -p mail.debug -- "$0 (dynamic) update_resolv: $msg"; + fi; + + # Do absolutely nothing if they say so... + if [ "$HANDS_OFF" != 'No' ]; then + SM_ignore=1; + fi; + if [ $SM_ignore -ne 0 ]; then + return; + fi; + + # Ideally, we should re-check our IP if we didn't find the + # FQDN previously - but we need a state file to do that :( + # + # Hell, we don't even know what IF is, and if it is up or down :( + + #SM_interface='?'; #\ + #SM_state='up'; # \ + #SM_provider='?'; # | Need to get these from somewhere ! + #SM_ip='?'; # / + #SM_host='?'; #/ + #find_host; + + # Purge any latent host status that might cause us to *NOT* send mail + if [ -x @sysconfdir@/init.d/sendmail ]; then + @sysconfdir@/init.d/sendmail purgestat now + fi; + + # resolvconf is called as a DHCP pre-exit, so we'll defer any changes + SM_changed=0; + } + +# Attempt to locate our FQDN find_host() { # Determine our fqdn from our ISP maxloop=30; @@ -210,33 +326,59 @@ find_host() { fi; fi; test=$(echo $SM_host | cut -d ' ' -f 1); + # continue scanning if we get this: + # ;; connection timed out; no servers could be reached if [ "$test" = ";;" ]; then - :; + SM_host=''; elif [ "$test" != "**" ]; then break; fi; sleep 1s; done; - echo "addr=$SM_ip, name=$SM_host"; + + # See if we actually found a host ! + if [ -z "$SM_host" ]; then + # Drats, no host name :( + # We have a few choices - none pretty + # 1) Do not start sendmail + # 2) Use the info we have (ip) - but + # then we may not accept mail we should, + # accept mail we should not, + # and our ougoing name may be wrong + # 3) Use the last known hostname + # If it is not correct, we have the same + # exposurs as option 2 ! + # + # For the nonce, I choose option 2 + : + fi; + + if [ $SM_debug -ne 0 ]; then + echo "addr=$SM_ip, name=$SM_host"; + fi; }; +# If our state has changed in any way, update sendmail update_sendmail() { + SM_caller="$1"; + SM_opts="$2"; + # Mark what we're doing... local msg="$SM_interface $SM_state $SM_provider $SM_ip $SM_host"; if [ "$LOG_CMDS" != 'No' ]; then - logger -i -p mail.debug -- "$0 update_sendmail: $msg"; + /usr/bin/logger -i -p mail.debug -- "$0 (dynamic) update_sendmail: $msg"; fi; # Do absolutely nothing if they say so... if [ "$HANDS_OFF" != 'No' ]; then - return; + SM_ignore=1; fi; - if [ $SM_ignore != 0 ]; then + if [ $SM_ignore -ne 0 ]; then return; fi; - # Check for a delayed restart (for DHCP) - case "$1" in + # Check for a delayed restart (for DHCP/PPP) + case "$SM_opts" in [Dd]*) if [ "$SM_state" = 'up' ]; then SM_delay=1; @@ -249,11 +391,15 @@ update_sendmail() { cat <<-EOT > "$dialup_m4"; LOCAL_CONFIG #------------------------------------------------------------ + # Dynamic host/ip updates from $0: + # Device=$SM_interface + # State=$SM_state + # Provider=$SM_provider + # IP=$SM_ip + # Host=$SM_host # - # $SM_interface is $SM_state - # - # NOTE: the following line *MUST* be in @sysconfdir@/mail/sendmail.mc - dnl include(\`@sysconfdir@/mail/dialup.m4')dnl + # NOTE: The following line *MUST* be in @sysconfdir@/mail/sendmail.mc + #dnl include(\`@sysconfdir@/mail/dialup.m4')dnl # This should *NOT* be included in submit.mc ! # # sendmail is to only queue messages until connected again @@ -268,32 +414,22 @@ update_sendmail() { EOT fi; - if [ $SM_changed = 1 ]; then + if [ $SM_changed -eq 1 ]; then # Build a new sendmail.cf from sendmail.mc, including our address. - make -f @sysconfdir@/mail/Makefile sendmail.cf; - make -f @sysconfdir@/mail/Makefile; + /usr/bin/make -f @sysconfdir@/mail/Makefile sendmail.cf; + /usr/bin/make -f @sysconfdir@/mail/Makefile; # Purge any latent host status that might cause us to *NOT* send mail - if [ "$SM_state" = "up" ]; then - AM='-Am'; - if [ ! -f @datadir@/sendmail/cf/feature/msp.m4 ]; then - AM=''; - fi; - if [ -x @libexecdir@/sendmail ]; then - @libexecdir@/sendmail $AM -bH -O Timeout.hoststatus=1s; - fi; - fi; - - # reload (but don't start) sendmail as needed - if [ $SM_delay = 0 ]; then - if [ -x @sysconfdir@/init.d/sendmail ]; then - @sysconfdir@/init.d/sendmail reload-if-running; # up, or down - fi; + # Reload sendmail, IFF already running + if [ -x @sysconfdir@/init.d/sendmail ]; then + @sysconfdir@/init.d/sendmail purgestat now + @sysconfdir@/init.d/sendmail reload-if-running; # up, or down fi; fi; # Process the sendmail queue # (background so as to not defer other ip-up work) + # This can be fatal on IF ping-pongs :( # runq & }; diff --git a/debian/local/sendmail.in b/debian/local/sendmail.in index b95baf7..b190c32 100644 --- a/debian/local/sendmail.in +++ b/debian/local/sendmail.in @@ -296,6 +296,8 @@ start_msp () { start_sendmail () { local result; + # Update databases + make_databases; result=0; start_mta || result=$?; if check_msp; then @@ -311,11 +313,13 @@ start_sendmail () { #------------------------------------------------------------------------------ reload_mta () { local result; - result=0; # # Make sure @localstatedir@/run/sendmail/ exists check_dirs; # + # Update databases + make_databases; + # # reload (signal -HUP) is *much* better/faster than stop/start # # Mark restarted for communication betwixt here and /etc/mail/Makefile @@ -327,6 +331,7 @@ reload_mta () { fi; # # Is running, must signal it... + result=0; $SIGNAL_MTAL_CMD --signal HUP --oknodo --quiet || result=$?; sleep 2; chown $DAEMON_UID:smmta $MTAL_SOCKET; @@ -957,6 +962,23 @@ daemon_check () { }; #------------------------------------------------------------------------------ +#------------------------------------------------------------------------------ +# Simple routine to update the databases on start/refresh/restart +#------------------------------------------------------------------------------ +make_databases () { + # + # Life is so much simpler with make + if test -x /usr/bin/make -a -f /etc/mail/Makefile; then + /usr/bin/make all -s -C /etc/mail >/dev/null; + # + # Here, all I could do would be handle a *few* database - + # quite frankly, it isn't worth it, someone will want yet another + else + echo "No make, you'll have to rebuild your databases by hand :("; + fi; + } +#------------------------------------------------------------------------------ + #------------------------------------------------------------------------------ # Clean sendmail queues (somewhat): does *not* support split qf/df/xf dirs. diff --git a/debian/rules b/debian/rules index 6356594..c93b505 100755 --- a/debian/rules +++ b/debian/rules @@ -14,11 +14,18 @@ include /usr/share/cdbs/1/rules/debhelper.mk #DEB_TAR_SRCDIR := . #include /usr/share/cdbs/1/rules/tarball.mk +# Determine architecture +DEB_HOST_GNU_CPU ?= $(shell dpkg-architecture -qDEB_HOST_GNU_CPU) + # Make it even harder to exploit sendmail. # Well, almost impossible now 8-) # * Compile all with -fPIC (works for pic or pie objects) # * Link with either -pie or -shared -MY_CFLAGS := -fPIC -fstack-protector-all +ifeq ($(DEB_HOST_GNU_CPU),arm) + MY_CFLAGS := -fPIC +else + MY_CFLAGS := -fPIC -fstack-protector-all + endif CFLAGS += ${MY_CFLAGS} export CFLAGS MY_LDFLAGS := -Wl,-z,noexecstack,-z,relro,-z,now -Wl,--warn-shared-textrel diff --git a/debian/sendmail-doc.links b/debian/sendmail-doc.links deleted file mode 100644 index ed0a695..0000000 --- a/debian/sendmail-doc.links +++ /dev/null @@ -1 +0,0 @@ -usr/share/bug/sendmail usr/share/bug/sendmail-doc |