diff --git a/0001-remove-libdb-dependency.patch b/0001-remove-libdb-dependency.patch deleted file mode 100644 index f5daec7d5ac3620b174d30474ef73a586486a665..0000000000000000000000000000000000000000 --- a/0001-remove-libdb-dependency.patch +++ /dev/null @@ -1,359 +0,0 @@ -From 2736cf77113b65b2fe34eea70347e923b9c02af5 Mon Sep 17 00:00:00 2001 -From: eaglegai -Date: Fri, 15 Jan 2021 16:30:34 +0800 -Subject: [PATCH] remove libdb dependency - ---- - sendmail-8.15.2-format-security.patch | 92 ++++++++++++ - sendmail-8.15.2-openssl-1.1.0-fix.patch | 183 ++++++++++++++++++++++++ - sendmail.spec | 20 ++- - 3 files changed, 289 insertions(+), 6 deletions(-) - create mode 100644 sendmail-8.15.2-format-security.patch - create mode 100644 sendmail-8.15.2-openssl-1.1.0-fix.patch - -diff --git a/sendmail-8.15.2-format-security.patch b/sendmail-8.15.2-format-security.patch -new file mode 100644 -index 0000000..d4ff443 ---- /dev/null -+++ b/sendmail-8.15.2-format-security.patch -@@ -0,0 +1,92 @@ -+diff --git a/sendmail/srvrsmtp.c b/sendmail/srvrsmtp.c -+index ba636a8..46c5356 100644 -+--- a/sendmail/srvrsmtp.c -++++ b/sendmail/srvrsmtp.c -+@@ -159,6 +159,26 @@ -+ #define SKIP_SPACE(s) while (SM_ISSPACE(*s)) \ -+ (s)++ -+ -++static inline void -++message1(fmt) -++ char *fmt; -++{ -++ if (strchr(fmt, '%') == NULL) -++ message(fmt, NULL); -++ else -++ message("%s", fmt); -++} -++ -++static inline void -++usrerr1(fmt) -++ char *fmt; -++{ -++ if (strchr(fmt, '%') == NULL) -++ usrerr(fmt, NULL); -++ else -++ usrerr("%s", fmt); -++} -++ -+ #if _FFR_EAI -+ /* -+ ** ADDR_IS_ASCII -- check whether an address is 100% printable ASCII -+@@ -638,13 +658,13 @@ -+ bool tsave = QuickAbort; \ -+ \ -+ QuickAbort = false; \ -+- usrerr(response); \ -++ usrerr1(response); \ -+ QuickAbort = tsave; \ -+ e->e_sendqueue = NULL; \ -+ goto doquit; \ -+ } \ -+ else \ -+- usrerr(response); \ -++ usrerr1(response); \ -+ break; \ -+ \ -+ case SMFIR_REJECT: \ -+@@ -1011,7 +1031,7 @@ -+ else if (strncmp(nullserver, "421 ", 4) == 0) -+ { -+ /* Can't use ("%s", ...) due to message() requirements */ -+- message(nullserver); -++ message1(nullserver); -+ goto doquit; -+ } -+ -+@@ -1953,7 +1973,7 @@ -+ if (ISSMTPREPLY(nullserver)) -+ { -+ /* Can't use ("%s", ...) due to usrerr() requirements */ -+- usrerr(nullserver); -++ usrerr1(nullserver); -+ } -+ else -+ { -+@@ -2561,7 +2581,7 @@ -+ if (response != NULL) -+ { -+ /* Can't use ("%s", ...) due to usrerr() requirements */ -+- usrerr(response); -++ usrerr1(response); -+ } -+ else -+ { -+@@ -3800,7 +3820,7 @@ -+ #endif -+ -+ /* Can't use ("%s", ...) due to usrerr() requirements */ -+- usrerr(response); -++ usrerr1(response); -+ if (strncmp(response, "421 ", 4) == 0 -+ || strncmp(response, "421-", 4) == 0) -+ { -+@@ -3922,7 +3942,7 @@ -+ (void) extenhsc(response + 4, ' ', e->e_enhsc); -+ #endif -+ /* Can't use ("%s", ...) due to usrerr() requirements */ -+- usrerr(response); -++ usrerr1(response); -+ if (strncmp(response, "421 ", 4) == 0 -+ || strncmp(response, "421-", 4) == 0) -+ rv = false; -diff --git a/sendmail-8.15.2-openssl-1.1.0-fix.patch b/sendmail-8.15.2-openssl-1.1.0-fix.patch -new file mode 100644 -index 0000000..c0023b1 ---- /dev/null -+++ b/sendmail-8.15.2-openssl-1.1.0-fix.patch -@@ -0,0 +1,183 @@ -+--- sendmail-8.15.2.orig/sendmail/tls.c 2016-12-01 15:20:59.953546417 +0100 -++++ sendmail-8.15.2.orig/sendmail/tls.c 2016-12-01 17:26:43.868521378 +0100 -+@@ -79,7 +79,8 @@ -+ static DH * -+ get_dh512() -+ { -+- DH *dh = NULL; -++ DH *dh; -++ BIGNUM *p, *g; -+ # if MTA_HAVE_DH_set0_pqg -+ BIGNUM *dhp_bn, *dhg_bn; -+ # endif -+@@ -96,13 +97,23 @@ -+ return NULL; -+ } -+ # else -+- dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL); -+- dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL); -+- if ((dh->p == NULL) || (dh->g == NULL)) -++ p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL); -++ g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL); -++ if (p == NULL || g == NULL) -+ { -++ BN_free(p); -++ BN_free(g); -+ DH_free(dh); -+ return NULL; -+ } -++ -++#if OPENSSL_VERSION_NUMBER >= 0x10100005L -++ DH_set0_pqg(dh, p, NULL, g); -++#else -++ dh->p = p; -++ dh->g = g; -++#endif -++ -+ # endif -+ return dh; -+ } -+@@ -150,6 +161,8 @@ -+ }; -+ static unsigned char dh2048_g[]={ 0x02, }; -+ DH *dh; -++ BIGNUM *p, *g; -++ -+ # if MTA_HAVE_DH_set0_pqg -+ BIGNUM *dhp_bn, *dhg_bn; -+ # endif -+@@ -166,13 +179,23 @@ -+ return NULL; -+ } -+ # else -+- dh->p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL); -+- dh->g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL); -+- if ((dh->p == NULL) || (dh->g == NULL)) -++ p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL); -++ g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL); -++ if (p == NULL || g == NULL) -+ { -++ BN_free(p); -++ BN_free(g); -+ DH_free(dh); -+- return(NULL); -++ return NULL; -+ } -++ -++#if OPENSSL_VERSION_NUMBER >= 0x10100005L -++ DH_set0_pqg(dh, p, NULL, g); -++#else -++ dh->p = p; -++ dh->g = g; -++#endif -++ -+ # endif -+ return(dh); -+ } -+@@ -929,6 +952,54 @@ -+ # define SM_SSL_OP_TLS_BLOCK_PADDING_BUG 0 -+ # endif -+ -++static RSA * -++generate_rsa_key(bits, e) -++ int bits; -++ unsigned long e; -++{ -++#if OPENSSL_VERSION_NUMBER < 0x00908000L -++ return RSA_generate_key(bits, e, NULL, NULL); -++#else -++ BIGNUM *bne; -++ RSA *rsa = NULL; -++ -++ bne = BN_new(); -++ if (bne && BN_set_word(bne, e) != 1) -++ rsa = RSA_new(); -++ if (rsa && RSA_generate_key_ex(rsa, bits, bne, NULL) != 1) -++ { -++ RSA_free(rsa); -++ rsa = NULL; -++ } -++ BN_free(bne); -++ return rsa; -++#endif -++} -++ -++static DSA * -++generate_dsa_parameters(bits, seed, seed_len, counter_ret, h_ret) -++ int bits; -++ unsigned char *seed; -++ int seed_len; -++ int *counter_ret; -++ unsigned long *h_ret; -++{ -++#if OPENSSL_VERSION_NUMBER < 0x00908000L -++ return DSA_generate_parameters(bits, seed, seed_len, counter_ret, -++ h_ret, NULL, NULL); -++#else -++ DSA *dsa = DSA_new(); -++ -++ if (dsa && DSA_generate_parameters_ex(dsa, bits, seed, seed_len, -++ counter_ret, h_ret, NULL) != 1) -++ { -++ DSA_free(dsa); -++ dsa = NULL; -++ } -++ return dsa; -++#endif -++} -++ -+ bool -+ inittls(ctx, req, options, srv, certfile, keyfile, cacertpath, cacertfile, dhparam) -+ SSL_CTX **ctx; -+@@ -1183,8 +1254,7 @@ -+ if (bitset(TLS_I_RSA_TMP, req) -+ # if SM_CONF_SHM -+ && ShmId != SM_SHM_NO_ID && -+- (rsa_tmp = RSA_generate_key(RSA_KEYLENGTH, RSA_F4, NULL, -+- NULL)) == NULL -++ (rsa_tmp = generate_rsa_key(RSA_KEYLENGTH, RSA_F4)) == NULL -+ # else /* SM_CONF_SHM */ -+ && 0 /* no shared memory: no need to generate key now */ -+ # endif /* SM_CONF_SHM */ -+@@ -1391,8 +1461,8 @@ -+ } -+ # else -+ /* this takes a while! */ -+- dsa = DSA_generate_parameters(bits, NULL, 0, NULL, -+- NULL, 0, NULL); -++ dsa = generate_dsa_parameters(bits, NULL, 0, NULL, -++ NULL); -+ dh = DSA_dup_DH(dsa); -+ # endif -+ DSA_free(dsa); -+@@ -2081,7 +2151,7 @@ -+ -+ if (rsa_tmp != NULL) -+ RSA_free(rsa_tmp); -+- rsa_tmp = RSA_generate_key(RSA_KEYLENGTH, RSA_F4, NULL, NULL); -++ rsa_tmp = generate_rsa_key(RSA_KEYLENGTH, RSA_F4); -+ if (rsa_tmp == NULL) -+ { -+ if (LogLevel > 0) -+@@ -2526,12 +2596,21 @@ -+ SM_GETTLSI; -+ if (LogLevel > 13) -+ tls_verify_log(ok, ctx, "X509"); -++#if OPENSSL_VERSION_NUMBER >= 0x10100005L -++ if (X509_STORE_CTX_get_error(ctx) == -++ X509_V_ERR_UNABLE_TO_GET_CRL) -++ { -++ X509_STORE_CTX_set_error(ctx, 0); -++ return 1; /* override it */ -++ } -++#else -+ if (X509_STORE_CTX_get_error(ctx) == X509_V_ERR_UNABLE_TO_GET_CRL && -+ !SM_TLSI_IS(tlsi_ctx, TLSI_FL_CRLREQ)) -+ { -+ X509_STORE_CTX_set_error(ctx, 0); -+ return 1; /* override it */ -+ } -++#endif -+ return ok; -+ } -+ -diff --git a/sendmail.spec b/sendmail.spec -index eb15495..273cca2 100644 ---- a/sendmail.spec -+++ b/sendmail.spec -@@ -1,6 +1,6 @@ - Name: sendmail - Version: 8.16.1 --Release: 2 -+Release: 3 - Summary: A classic mail transfer agent from the Unix world - License: Sendmail - URL: http://www.sendmail.org/ -@@ -21,7 +21,7 @@ Source13: sendmail-etc-mail-local-host-names - Source14: sendmail-etc-mail-mailertable - Source15: sendmail-etc-mail-trusted-users - --BuildRequires: openssl-devel openldap-devel libdb-devel libnsl2-devel -+BuildRequires: openssl-devel openldap-devel libnsl2-devel - BuildRequires: cyrus-sasl-devel groff ghostscript m4 systemd setup >= 2.5.31-1 - Requires: bash >= 2.0 setup >= 2.5.31-1 %{_sbindir}/saslauthd - Requires(pre): shadow-utils -@@ -46,6 +46,8 @@ Patch9: sendmail-8.15.2-switchfile.patch - Patch10: sendmail-8.14.8-sasl2-in-etc.patch - Patch11: sendmail-8.16.1-qos.patch - Patch12: sendmail-8.15.2-libmilter-socket-activation.patch -+Patch13: sendmail-8.15.2-openssl-1.1.0-fix.patch -+Patch14: sendmail-8.15.2-format-security.patch - - %description - Sendmail is a general purpose internetwork email routing facility that -@@ -94,21 +96,21 @@ cp devtools/M4/UNIX/library.m4 devtools/M4/UNIX/sharedlibrary.m4 - export CFLAGS="${RPM_OPT_FLAGS}" - - cat << EOF > config.m4 --define(\`confMAPDEF', \`-DNEWDB -DNIS -DMAP_REGEX -DSOCKETMAP -DNAMED_BIND=1') -+define(\`confMAPDEF', \`-DNIS -DMAP_REGEX -DSOCKETMAP -DNAMED_BIND=1') - define(\`confOPTIMIZE', \`\`\`\`${RPM_OPT_FLAGS}'''') --define(\`confLIBS', \`-lnsl -lcrypt -ldb -lresolv') -+define(\`confLIBS', \`-lnsl -lcrypt -lresolv') - define(\`confSTDIR', \`%{_localstatedir}/log/mail') - define(\`confLDOPTS', \`-Xlinker -z -Xlinker relro -Xlinker -z -Xlinker now') - define(\`confMANOWN', \`root') - define(\`confMANGRP', \`root') --define(\`confENVDEF', \`-I%{_includedir}/libdb -I/usr/kerberos/include -Wall -DXDEBUG=0') -+define(\`confENVDEF', \`-I/usr/kerberos/include -Wall -DXDEBUG=0') - define(\`confLIBDIRS', \`-L/usr/kerberos/%{_lib}') - define(\`confMANMODE', \`644') - define(\`confMAN1SRC', \`1') - define(\`confMAN5SRC', \`5') - define(\`confMAN8SRC', \`8') - define(\`STATUS_FILE', \`%{_localstatedir}/log/mail/statistics') --define(\`confLIBSEARCH', \`db resolv 44bsd') -+define(\`confLIBSEARCH', \`resolv 44bsd') - EOF - #' - --- -2.23.0 - diff --git a/Sendmail-sasl2.conf b/Sendmail-sasl2.conf index 74ef83f212619e660e161294ff8d5d07fafe7d45..6a029a219d2dce3ec48446775ab464caf2630289 100644 --- a/Sendmail-sasl2.conf +++ b/Sendmail-sasl2.conf @@ -1 +1,2 @@ pwcheck_method:saslauthd +ldapdb_uri: ldapi:/// diff --git a/sendmail-8.13.0-cyrus.patch b/backport-sendmail-8.13.0-cyrus.patch similarity index 100% rename from sendmail-8.13.0-cyrus.patch rename to backport-sendmail-8.13.0-cyrus.patch diff --git a/sendmail-8.14.3-sharedmilter.patch b/backport-sendmail-8.14.3-sharedmilter.patch similarity index 100% rename from sendmail-8.14.3-sharedmilter.patch rename to backport-sendmail-8.14.3-sharedmilter.patch diff --git a/sendmail-8.14.4-makemapman.patch b/backport-sendmail-8.14.4-makemapman.patch similarity index 100% rename from sendmail-8.14.4-makemapman.patch rename to backport-sendmail-8.14.4-makemapman.patch diff --git a/sendmail-8.14.9-noversion.patch b/backport-sendmail-8.14.9-noversion.patch similarity index 100% rename from sendmail-8.14.9-noversion.patch rename to backport-sendmail-8.14.9-noversion.patch diff --git a/sendmail-8.14.9-pid.patch b/backport-sendmail-8.14.9-pid.patch similarity index 100% rename from sendmail-8.14.9-pid.patch rename to backport-sendmail-8.14.9-pid.patch diff --git a/sendmail-8.16.1-aliases_dir.patch b/backport-sendmail-8.17.1-aliases_dir.patch similarity index 74% rename from sendmail-8.16.1-aliases_dir.patch rename to backport-sendmail-8.17.1-aliases_dir.patch index a3c12c86b6da9b56555e64b39eb042a8aa890aa8..0258ddc2f716d795920a99ec1fb4eb46914034c7 100644 --- a/sendmail-8.16.1-aliases_dir.patch +++ b/backport-sendmail-8.17.1-aliases_dir.patch @@ -1,8 +1,8 @@ diff --git a/cf/m4/cfhead.m4 b/cf/m4/cfhead.m4 -index 6d12e85..15af608 100644 +index c30fad0..492882e 100644 --- a/cf/m4/cfhead.m4 +++ b/cf/m4/cfhead.m4 -@@ -269,7 +269,7 @@ ifdef(`MAIL_SETTINGS_DIR', , `define(`MAIL_SETTINGS_DIR', `/etc/mail/')') +@@ -275,7 +275,7 @@ ifdef(`MAIL_SETTINGS_DIR', , `define(`MAIL_SETTINGS_DIR', `/etc/mail/')') define(`DATABASE_MAP_TYPE', `hash') # set up default values for options @@ -12,10 +12,10 @@ index 6d12e85..15af608 100644 define(`confFROM_LINE', `From $g $d') define(`confOPERATORS', `.:%@!^/[]+') diff --git a/sendmail/aliases.0 b/sendmail/aliases.0 -index ba855d4..edb3b19 100644 +index 64d439c..1db4fd6 100644 --- a/sendmail/aliases.0 +++ b/sendmail/aliases.0 -@@ -63,7 +63,7 @@ ALIASES(5) ALIASES(5) +@@ -63,7 +63,7 @@ DDEESSCCRRIIPPTTIIOONN the list of users defined in that file. This is only the raw data file; the actual aliasing information is @@ -25,48 +25,48 @@ index ba855d4..edb3b19 100644 time the aliases file is changed for the change to take effect. diff --git a/sendmail/aliases.5 b/sendmail/aliases.5 -index f09b49c..7b16db2 100644 +index cb67508..52e5124 100644 --- a/sendmail/aliases.5 +++ b/sendmail/aliases.5 @@ -23,7 +23,7 @@ ID - aliases used by + aliases used by sendmail. - The file resides in --/etc/mail + The file resides in +-/etc/mail +/etc - and + and is formatted as a series of lines of the form .IP @@ -96,7 +96,7 @@ list of users defined in that file. .PP This is only the raw data file; the actual aliasing information is - placed into a binary format in the file + placed into a binary format in the file -/etc/mail/aliases.db +/etc/aliases.db - using the program - newaliases(1). - A + using the program + newaliases(1). + A diff --git a/sendmail/newaliases.0 b/sendmail/newaliases.0 -index 49ff2b0..247a276 100644 +index d8952ee..0be8986 100644 --- a/sendmail/newaliases.0 +++ b/sendmail/newaliases.0 -@@ -10,7 +10,7 @@ NEWALIASES(1) NEWALIASES(1) +@@ -10,7 +10,7 @@ SSYYNNOOPPSSIISS - DESCRIPTION - Newaliases rebuilds the random access data base for the mail aliases + DDEESSCCRRIIPPTTIIOONN + NNeewwaalliiaasseess rebuilds the random access data base for the mail aliases - file /etc/mail/aliases. It must be run each time this file is changed + file /etc/aliases. It must be run each time this file is changed in order for the change to take effect. - Newaliases is identical to ``sendmail -bi''. -@@ -22,7 +22,7 @@ NEWALIASES(1) NEWALIASES(1) - sendmail. + NNeewwaalliiaasseess is identical to ``sendmail -bi''. +@@ -22,7 +22,7 @@ DDEESSCCRRIIPPTTIIOONN + sseennddmmaaiill.. - FILES + FFIILLEESS - /etc/mail/aliases The mail aliases file + /etc/aliases The mail aliases file - SEE ALSO + SSEEEE AALLSSOO aliases(5), sendmail(8) diff --git a/sendmail/newaliases.1 b/sendmail/newaliases.1 index 59dc0de..9ba8752 100644 @@ -91,13 +91,13 @@ index 59dc0de..9ba8752 100644 .SH SEE ALSO aliases(5), sendmail(8) diff --git a/sendmail/sendmail.0 b/sendmail/sendmail.0 -index 60ab1cd..5f3bf93 100644 +index 8eceedd..24a17da 100644 --- a/sendmail/sendmail.0 +++ b/sendmail/sendmail.0 -@@ -434,10 +434,10 @@ SENDMAIL(8) SENDMAIL(8) +@@ -433,10 +433,10 @@ FFIILLEESS + names are all specified in _/_e_t_c_/_m_a_i_l_/_s_e_n_d_m_a_i_l_._c_f. Thus, these values are only approximations. - - /etc/mail/aliases + /etc/aliases raw data for alias names @@ -108,10 +108,10 @@ index 60ab1cd..5f3bf93 100644 /etc/mail/sendmail.cf diff --git a/sendmail/sendmail.8 b/sendmail/sendmail.8 -index 0356839..1258c26 100644 +index 26685d0..60e7b64 100644 --- a/sendmail/sendmail.8 +++ b/sendmail/sendmail.8 -@@ -711,10 +711,10 @@ Thus, +@@ -716,10 +716,10 @@ Thus, these values are only approximations. .PP .TP diff --git a/sendmail-8.16.1-dynamic.patch b/backport-sendmail-8.17.1-dynamic.patch similarity index 36% rename from sendmail-8.16.1-dynamic.patch rename to backport-sendmail-8.17.1-dynamic.patch index 2252ce0a2bcafa65d47e91679fc763e514d64f24..bdeb83aa6845973f1cce8df0d9b9ac31ed8f52a5 100644 --- a/sendmail-8.16.1-dynamic.patch +++ b/backport-sendmail-8.17.1-dynamic.patch @@ -33,14 +33,3 @@ - define(`confOPTIMIZE',`-O2') + define(`confOPTIMIZE',`-O2 -fpie') ') ---- sendmail-8.14.4/libsm/Makefile.m4 2006-08-16 23:06:31.000000000 +0200 -+++ sendmail-8.14.4/libsm/Makefile.m4.dynamic 2010-01-03 23:01:36.000000000 +0100 -@@ -6,7 +6,7 @@ - define(`confREQUIRE_SM_OS_H', `true') - PREPENDDEF(`confENVDEF', `confMAPDEF') - bldPRODUCT_START(`library', `libsm') --define(`bldSOURCES', ` assert.c debug.c errstring.c exc.c heap.c match.c rpool.c strdup.c strerror.c strl.c clrerr.c fclose.c feof.c ferror.c fflush.c fget.c fpos.c findfp.c flags.c fopen.c fprintf.c fpurge.c fput.c fread.c fscanf.c fseek.c fvwrite.c fwalk.c fwrite.c get.c makebuf.c put.c refill.c rewind.c setvbuf.c smstdio.c snprintf.c sscanf.c stdio.c strio.c ungetc.c vasprintf.c vfprintf.c vfscanf.c vprintf.c vsnprintf.c wbuf.c wsetup.c string.c stringf.c xtrap.c strto.c test.c strcasecmp.c strrevcmp.c signal.c clock.c config.c shm.c sem.c mbdb.c strexit.c cf.c ldap.c niprop.c mpeix.c memstat.c util.c inet6_ntop.c notify.c ') -+define(`bldSOURCES', ` assert.c debug.c errstring.c exc.c heap.c match.c rpool.c strdup.c strl.c clrerr.c fclose.c feof.c ferror.c fflush.c fget.c fpos.c findfp.c flags.c fopen.c fprintf.c fpurge.c fput.c fread.c fscanf.c fseek.c fvwrite.c fwalk.c fwrite.c get.c makebuf.c put.c refill.c rewind.c setvbuf.c smstdio.c snprintf.c sscanf.c stdio.c strio.c ungetc.c vasprintf.c vfprintf.c vfscanf.c vprintf.c vsnprintf.c wbuf.c wsetup.c string.c stringf.c xtrap.c strto.c test.c strcasecmp.c strrevcmp.c signal.c clock.c config.c shm.c sem.c mbdb.c strexit.c cf.c ldap.c niprop.c mpeix.c memstat.c util.c inet6_ntop.c notify.c ') - bldPRODUCT_END - dnl msg.c - dnl syslogio.c diff --git a/sendmail-8.15.2-libmilter-socket-activation.patch b/backport-sendmail-8.17.1-libmilter-socket-activation.patch similarity index 89% rename from sendmail-8.15.2-libmilter-socket-activation.patch rename to backport-sendmail-8.17.1-libmilter-socket-activation.patch index b4a05d3d47071f920ff48b70609cb8c72104bb3b..0047528b7679786adf5b1ed36a689eaf035c2d0f 100644 --- a/sendmail-8.15.2-libmilter-socket-activation.patch +++ b/backport-sendmail-8.17.1-libmilter-socket-activation.patch @@ -1,10 +1,8 @@ -Description: systemd-like socket activation support for libmilter -Author: Mikhail Gusarov {unix|local}:/path/to/file -- A named pipe.
  • inet:port@{hostname|ip-address} -- An IPV4 socket.
  • inet6:port@{hostname|ip-address} -- An IPV6 socket. @@ -13,7 +11,7 @@ index eba7c5b..5b272a0 100644 diff --git a/libmilter/listener.c b/libmilter/listener.c -index 11d92bb..2ab533d 100644 +index 25ff895..23cec0a 100644 --- a/libmilter/listener.c +++ b/libmilter/listener.c @@ -197,6 +197,11 @@ mi_milteropen(conn, backlog, rmsocket, name) @@ -70,9 +68,9 @@ index 11d92bb..2ab533d 100644 smi_log(SMI_LOG_ERR, "%s: Unable to bind to port %s: %s", @@ -818,7 +839,7 @@ mi_listener(conn, dbg, smfi, timeout, backlog) - # ifdef BSD4_4_SOCKADDR + #ifdef BSD4_4_SOCKADDR cliaddr.sa.sa_len == 0 || - # endif + #endif - cliaddr.sa.sa_family != L_family)) + (L_family != AF_UNSPEC && cliaddr.sa.sa_family != L_family))) { diff --git a/sendmail-8.15.2-localdomain.patch b/backport-sendmail-8.17.1-localdomain.patch similarity index 84% rename from sendmail-8.15.2-localdomain.patch rename to backport-sendmail-8.17.1-localdomain.patch index 36ec981dfe7687ed2730245f630048e4a5113c55..646880e928f706205a9118bb0bbf72819068f98d 100644 --- a/sendmail-8.15.2-localdomain.patch +++ b/backport-sendmail-8.17.1-localdomain.patch @@ -1,8 +1,8 @@ diff --git a/cf/m4/proto.m4 b/cf/m4/proto.m4 -index 696bf36..5a5963b 100644 +index cfd71b3..6a7cf1c 100644 --- a/cf/m4/proto.m4 +++ b/cf/m4/proto.m4 -@@ -1898,6 +1898,8 @@ R<@> < $* @ [IPv6:::1] > +@@ -1921,6 +1921,8 @@ R<@> < $* @ [IPv6:::1] > $: < ? $&{client_name} > < $1 @ [IPv6:::1] > R<@> < $* @ localhost.$m > $: < ? $&{client_name} > < $1 @ localhost.$m > diff --git a/sendmail-8.15.1-manpage.patch b/backport-sendmail-8.17.1-manpage.patch similarity index 76% rename from sendmail-8.15.1-manpage.patch rename to backport-sendmail-8.17.1-manpage.patch index 4cf5fff013fba6e1237f442448d907869de834ab..c785ea194f2695a7e17433ff61d9af0039641d0e 100644 --- a/sendmail-8.15.1-manpage.patch +++ b/backport-sendmail-8.17.1-manpage.patch @@ -1,8 +1,8 @@ diff --git a/sendmail/sendmail.8 b/sendmail/sendmail.8 -index 9e0b9af..0356839 100644 +index 6b10fac..26685d0 100644 --- a/sendmail/sendmail.8 +++ b/sendmail/sendmail.8 -@@ -729,13 +729,11 @@ collected statistics +@@ -734,13 +734,11 @@ collected statistics /var/spool/mqueue/* temp files .SH SEE ALSO @@ -14,5 +14,5 @@ index 9e0b9af..0356839 100644 mailaddr(7), -rc(8) .PP - DARPA + DARPA Internet Request For Comments diff --git a/sendmail-8.16.1-qos.patch b/backport-sendmail-8.17.1-qos.patch similarity index 90% rename from sendmail-8.16.1-qos.patch rename to backport-sendmail-8.17.1-qos.patch index 381cc5a39f0aac3bae2481d06b16b731d07d1f6a..e08617d7d34da41d14fcb66af2c8f1f7a9ea3823 100644 --- a/sendmail-8.16.1-qos.patch +++ b/backport-sendmail-8.17.1-qos.patch @@ -1,5 +1,5 @@ diff --git a/cf/cf/submit.mc b/cf/cf/submit.mc -index b9dfb16..cb325cc 100644 +index 6e2b360..45df0e6 100644 --- a/cf/cf/submit.mc +++ b/cf/cf/submit.mc @@ -22,6 +22,8 @@ define(`__OSTYPE__',`')dnl dirty hack to keep proto.m4 from complaining @@ -12,10 +12,10 @@ index b9dfb16..cb325cc 100644 dnl define(`confDIRECT_SUBMISSION_MODIFIERS',`C')dnl FEATURE(`use_ct_file')dnl diff --git a/cf/m4/proto.m4 b/cf/m4/proto.m4 -index 8c460ce..a68ab8d 100644 +index 6a7cf1c..fd54e87 100644 --- a/cf/m4/proto.m4 +++ b/cf/m4/proto.m4 -@@ -253,6 +253,9 @@ _OPTION(SevenBitInput, `confSEVEN_BIT_INPUT', `False') +@@ -264,6 +264,9 @@ _OPTION(SevenBitInput, `confSEVEN_BIT_INPUT', `False') # 8-bit data handling _OPTION(EightBitMode, `confEIGHT_BIT_HANDLING', `pass8') @@ -26,10 +26,10 @@ index 8c460ce..a68ab8d 100644 _OPTION(AliasWait, `confALIAS_WAIT', `5m') diff --git a/sendmail/conf.c b/sendmail/conf.c -index e9fa42c..fa64b11 100644 +index f1bc1b2..ca5dc85 100644 --- a/sendmail/conf.c +++ b/sendmail/conf.c -@@ -6614,6 +6614,10 @@ char *FFRCompileOptions[] = +@@ -6678,6 +6678,10 @@ char *FFRCompileOptions[] = /* Check to make sure key fields were read from qf */ "_FFR_QF_PARANOIA", #endif @@ -41,10 +41,10 @@ index e9fa42c..fa64b11 100644 /* Allow QueueSortOrder per queue group. */ /* XXX: Still need to actually use qgrp->qg_sortorder */ diff --git a/sendmail/daemon.c b/sendmail/daemon.c -index 19a9378..5561cf5 100644 +index 5b42e32..c4604f0 100644 --- a/sendmail/daemon.c +++ b/sendmail/daemon.c -@@ -124,6 +124,10 @@ static int NDaemons = 0; /* actual number of daemons */ +@@ -129,6 +129,10 @@ static int NDaemons = 0; /* actual number of daemons */ static time_t NextDiskSpaceCheck = 0; @@ -55,7 +55,7 @@ index 19a9378..5561cf5 100644 /* ** GETREQUESTS -- open mail IPC port and get requests. ** -@@ -1159,6 +1163,16 @@ opendaemonsocket(d, firsttime) +@@ -1173,6 +1177,16 @@ opendaemonsocket(d, firsttime) (void) setsockopt(d->d_socket, SOL_SOCKET, SO_KEEPALIVE, (char *)&on, sizeof(on)); @@ -72,7 +72,7 @@ index 19a9378..5561cf5 100644 #ifdef SO_RCVBUF if (d->d_tcprcvbufsize > 0) { -@@ -2688,6 +2702,16 @@ gothostent: +@@ -2704,6 +2718,16 @@ gothostent: return EX_TEMPFAIL; } @@ -90,7 +90,7 @@ index 19a9378..5561cf5 100644 if (ClientSettings[family].d_tcpsndbufsize > 0) { diff --git a/sendmail/readcf.c b/sendmail/readcf.c -index e6f6296..adb09da 100644 +index 47c9777..bb98dbf 100644 --- a/sendmail/readcf.c +++ b/sendmail/readcf.c @@ -24,6 +24,7 @@ SM_RCSID("@(#)$Id: readcf.c,v 8.692 2013-11-22 20:51:56 ca Exp $") @@ -101,7 +101,7 @@ index e6f6296..adb09da 100644 #endif -@@ -2917,8 +2918,8 @@ static struct optioninfo +@@ -2983,8 +2984,8 @@ static struct optioninfo # define O_RCPTTHROTDELAY 0xe6 { "BadRcptThrottleDelay", O_RCPTTHROTDELAY, OI_SAFE }, #endif @@ -112,7 +112,7 @@ index e6f6296..adb09da 100644 { "InetQoS", O_INETQOS, OI_NONE }, #endif #if STARTTLS && _FFR_FIPSMODE -@@ -2982,6 +2983,77 @@ static struct optioninfo +@@ -3059,6 +3060,77 @@ static struct optioninfo { NULL, '\0', OI_NONE } }; @@ -190,9 +190,9 @@ index e6f6296..adb09da 100644 # define CANONIFY(val) # define SET_OPT_DEFAULT(opt, val) opt = val -@@ -4679,6 +4751,33 @@ setoption(opt, val, safe, sticky, e) +@@ -4795,6 +4867,33 @@ setoption(opt, val, safe, sticky, e) break; - # endif + #endif +#ifdef O_INETQOS + case O_INETQOS: @@ -225,10 +225,10 @@ index e6f6296..adb09da 100644 if (tTd(37, 1)) { diff --git a/sendmail/sendmail.h b/sendmail/sendmail.h -index e6cf45d..7f5cf9f 100644 +index ae7ed3a..9e34dd9 100644 --- a/sendmail/sendmail.h +++ b/sendmail/sendmail.h -@@ -2566,6 +2566,15 @@ EXTERN SOCKADDR ConnectOnlyTo; /* override connection address (for testing) */ +@@ -2646,6 +2646,15 @@ EXTERN SOCKADDR ConnectOnlyTo; /* override connection address (for testing) */ EXTERN SOCKADDR RealHostAddr; /* address of host we are talking to */ extern const SM_EXC_TYPE_T EtypeQuickAbort; /* type of a QuickAbort exception */ diff --git a/sendmail-8.14.8-sasl2-in-etc.patch b/backport-sendmail-8.17.1-sasl2-in-etc.patch similarity index 75% rename from sendmail-8.14.8-sasl2-in-etc.patch rename to backport-sendmail-8.17.1-sasl2-in-etc.patch index d2b9e918c399c3aa237751841b571fc5cb0e9c0b..5b18c996589750970c28dda125bc484bcc2c8df9 100644 --- a/sendmail-8.14.8-sasl2-in-etc.patch +++ b/backport-sendmail-8.17.1-sasl2-in-etc.patch @@ -1,19 +1,19 @@ diff --git a/sendmail/usersmtp.c b/sendmail/usersmtp.c -index c217ffa..e4dadd3 100644 +index 5fe0791..2417558 100644 --- a/sendmail/usersmtp.c +++ b/sendmail/usersmtp.c -@@ -1331,9 +1331,7 @@ safesaslfile(context, file) +@@ -1374,9 +1374,7 @@ safesaslfile(context, file) { long sff; int r; --#if SASL <= 10515 +-# if SASL <= 10515 size_t len; --#endif +-# endif char *p; - if (file == NULL || *file == '\0') -@@ -1369,9 +1367,16 @@ safesaslfile(context, file) - #endif /* SASL <= 10515 */ + if (SM_IS_EMPTY(file)) +@@ -1414,9 +1414,16 @@ safesaslfile(context, file) + # endif /* SASL <= 10515 */ p = (char *) file; + len = strlen(p); diff --git a/sendmail-8.15.2-switchfile.patch b/backport-sendmail-8.17.1-switchfile.patch similarity index 47% rename from sendmail-8.15.2-switchfile.patch rename to backport-sendmail-8.17.1-switchfile.patch index e579abf11f5507d64a18d12e10ae0ce713df3f47..636e56d109e723ade4175819e45d8464dda6f523 100644 --- a/sendmail-8.15.2-switchfile.patch +++ b/backport-sendmail-8.17.1-switchfile.patch @@ -1,13 +1,13 @@ diff --git a/sendmail/conf.c b/sendmail/conf.c -index c73334e..cbb9c76 100644 +index e7a9615..f1bc1b2 100644 --- a/sendmail/conf.c +++ b/sendmail/conf.c -@@ -986,7 +986,7 @@ switch_map_find(service, maptype, mapreturn) +@@ -1044,7 +1044,7 @@ switch_map_find(service, maptype, mapreturn) if (p != NULL) *p = '\0'; - #ifndef SM_NSSWITCH_DELIMS --# define SM_NSSWITCH_DELIMS " \t" -+# define SM_NSSWITCH_DELIMS " \t:" - #endif + # ifndef SM_NSSWITCH_DELIMS +-# define SM_NSSWITCH_DELIMS " \t" ++# define SM_NSSWITCH_DELIMS " \t:" + # endif p = strpbrk(buf, SM_NSSWITCH_DELIMS); if (p != NULL) diff --git a/sendmail-redhat.mc b/sendmail-redhat.mc index dd9bc9648b513efa7693d9b9cc92c4f94d91b5cd..837f161d5b30f01407423ff83ed42abc039abd06 100644 --- a/sendmail-redhat.mc +++ b/sendmail-redhat.mc @@ -80,8 +80,8 @@ dnl define(`confINET_QOS', `AF11')dnl dnl FEATURE(delay_checks)dnl FEATURE(`no_default_msa', `dnl')dnl FEATURE(`smrsh', `/usr/sbin/smrsh')dnl -FEATURE(`mailertable', `hash -o /etc/mail/mailertable.db')dnl -FEATURE(`virtusertable', `hash -o /etc/mail/virtusertable.db')dnl +dnl #FEATURE(`mailertable', `hash -o /etc/mail/mailertable.db')dnl +dnl #FEATURE(`virtusertable', `hash -o /etc/mail/virtusertable.db')dnl FEATURE(redirect)dnl FEATURE(always_add_domain)dnl FEATURE(use_cw_file)dnl @@ -103,7 +103,7 @@ dnl # dnl # The -t option will retry delivery if e.g. the user runs over his quota. dnl # FEATURE(local_procmail, `', `procmail -t -Y -a $h -d $u')dnl -FEATURE(`access_db', `hash -T -o /etc/mail/access.db')dnl +dnl #FEATURE(`access_db', `hash -T -o /etc/mail/access.db')dnl FEATURE(`blacklist_recipients')dnl EXPOSED_USER(`root')dnl dnl # diff --git a/sendmail.8.16.1.tar.gz b/sendmail.8.16.1.tar.gz deleted file mode 100644 index 4eb2ee1ce0bdc005b65cc1d7920cd682057ca1c6..0000000000000000000000000000000000000000 Binary files a/sendmail.8.16.1.tar.gz and /dev/null differ diff --git a/sendmail.8.17.1.tar.gz b/sendmail.8.17.1.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..5492000873f464cb6ca92fa64475a244626ced3a Binary files /dev/null and b/sendmail.8.17.1.tar.gz differ diff --git a/sendmail.service b/sendmail.service index 9a7c9c324bcea74f10bb5df374ddbffc33258ab2..597c2c3d0e7cfe6163b6f2df95e40d03f6ea0db6 100644 --- a/sendmail.service +++ b/sendmail.service @@ -13,6 +13,7 @@ EnvironmentFile=-/etc/sysconfig/sendmail ExecStartPre=-/etc/mail/make ExecStartPre=-/etc/mail/make aliases ExecStart=/usr/sbin/sendmail -bd $SENDMAIL_OPTS $SENDMAIL_OPTARG +ExecStartPost=/usr/bin/sleep 0.1 ExecReload=/usr/bin/kill -HUP $MAINPID # hack to allow async reload to complete, otherwise systemd may signal error ExecReload=/usr/bin/sleep 2 diff --git a/sendmail.spec b/sendmail.spec index f9ed301a3d168a4dd71b6ef96d1a42792c674976..c77167dc1d29973d6c36e4a4c83f9b1b8ffa6d3b 100644 --- a/sendmail.spec +++ b/sendmail.spec @@ -1,6 +1,6 @@ Name: sendmail -Version: 8.16.1 -Release: 6 +Version: 8.17.1 +Release: 1 Summary: A classic mail transfer agent from the Unix world License: Sendmail URL: http://www.sendmail.org/ @@ -34,21 +34,19 @@ Provides: MTA smtpdaemon server(smtp) Provides: sendmail-cf Obsoletes: sendmail-cf -Patch0001: sendmail-8.14.4-makemapman.patch -Patch0003: sendmail-8.14.9-pid.patch -Patch0004: sendmail-8.15.1-manpage.patch -Patch0005: sendmail-8.16.1-dynamic.patch -Patch0006: sendmail-8.13.0-cyrus.patch -Patch0007: sendmail-8.16.1-aliases_dir.patch -Patch0009: sendmail-8.14.9-noversion.patch -Patch0010: sendmail-8.15.2-localdomain.patch -Patch0011: sendmail-8.14.3-sharedmilter.patch -Patch0012: sendmail-8.15.2-switchfile.patch -Patch0013: sendmail-8.14.8-sasl2-in-etc.patch -Patch0014: sendmail-8.16.1-qos.patch -Patch0015: sendmail-8.15.2-libmilter-socket-activation.patch -Patch0016: sendmail-8.15.2-openssl-1.1.0-fix.patch -Patch0017: sendmail-8.15.2-format-security.patch +Patch0001: backport-sendmail-8.14.4-makemapman.patch +Patch0002: backport-sendmail-8.14.9-pid.patch +Patch0003: backport-sendmail-8.17.1-manpage.patch +Patch0004: backport-sendmail-8.17.1-dynamic.patch +Patch0005: backport-sendmail-8.13.0-cyrus.patch +Patch0006: backport-sendmail-8.17.1-aliases_dir.patch +Patch0007: backport-sendmail-8.14.9-noversion.patch +Patch0008: backport-sendmail-8.17.1-localdomain.patch +Patch0009: backport-sendmail-8.14.3-sharedmilter.patch +Patch0010: backport-sendmail-8.17.1-switchfile.patch +Patch0011: backport-sendmail-8.17.1-sasl2-in-etc.patch +Patch0012: backport-sendmail-8.17.1-qos.patch +Patch0013: backport-sendmail-8.17.1-libmilter-socket-activation.patch %description Sendmail is a general purpose internetwork email routing facility that @@ -469,6 +467,12 @@ exit 0 %changelog +* Mon Mar 21 2022 xihaochen - 8.17.1-1 +- Type:requirements +- ID:NA +- SUG:NA +- DESC:update sendmail to 8.17.1 + * Wed Feb 23 2022 xihaochen - 8.16.1-6 - Type:bugfix - ID:NA