diff --git a/mail/sendmail/Makefile b/mail/sendmail/Makefile index a1d607b86886..429054c70871 100644 --- a/mail/sendmail/Makefile +++ b/mail/sendmail/Makefile @@ -1,376 +1,377 @@ PORTNAME= sendmail -PORTVERSION= 8.17.2 -PORTREVISION= 3 +PORTVERSION= 8.18.1 +PORTREVISION= 0 CATEGORIES= mail MASTER_SITES= ftp://ftp.sendmail.org/pub/sendmail/ DISTNAME= ${PORTNAME}.${PORTVERSION} MAINTAINER= dinoex@FreeBSD.org COMMENT= Reliable, highly configurable mail transfer agent with utilities WWW= https://www.sendmail.org/ LICENSE= Sendmail LICENSE_NAME= Sendmail License LICENSE_FILE= ${WRKSRC}/LICENSE LICENSE_PERMS= dist-mirror dist-sell pkg-mirror pkg-sell auto-accept CONFLICTS?= courier-0.* postfix-1.* postfix-2.* smail-3.* zmailer-2.* opensmtpd USERS= smmsp GROUPS= smmsp USES= cpe uidfix groff MAKE_ARGS= UBINOWN=${UID} UBINGRP=${GID} \ SBINOWN=${UID} SBINGRP=${GID} \ GBINOWN=${UID} GBINGRP=${GID} \ MANOWN=${UID} MANGRP=${GID} \ CFOWN=${UID} CFGRP=${GID} \ MSPQOWN=${UID} \ LIBMODE=0644 UBINMODE=0755 GBINMODE=2755 WRKSRC= ${WRKDIR}/${PORTNAME}-${PORTVERSION} DOCS= KNOWNBUGS LICENSE PGPKEYS README RELEASE_NOTES \ sendmail/TRACEFLAGS sendmail/SECURITY sendmail/TUNING PLIST_SUB+= PREFIX=${PREFIX:S=${PREFIX}/==} \ MANPREFIX=${PREFIX}/share/ SUB_FILES= pkg-message WCONF= ${WRKSRC}/devtools/Site SITE= ${FILESDIR}/site.config.m4.pre4 PLIST= ${WRKDIR}/.PLIST.more LMAN1= mailq.1 newaliases.1 vacation.1 LMAN5= aliases.5 LMAN8= sendmail.8 mailstats.8 makemap.8 praliases.8 smrsh.8 \ mail.local.8 rmail.8 editmap.8 SENDMAIL= ${PREFIX}/sbin/sendmail BASEMAIL= /usr/libexec/sendmail/sendmail MILTER_SOVER?= 6 OPTIONS_DEFINE?= SHMEM SEM LA NIS IPV6 TLS DANE SASL SASLAUTHD LDAP \ BDB GDBM SOCKETMAP CYRUSLOOKUP BLACKLISTD SMTPUTF8 \ PICKY_HELO_CHECK MILTER MTA_STS TLS_CERT_CHAIN DOCS OPTIONS_DEFAULT?= SHMEM SEM LA NIS TLS DANE SASL SASLAUTHD BDB1 \ BLACKLISTD PICKY_HELO_CHECK MILTER NO_OPTIONS_SORT=yes SHMEM_DESC= System V shared memory support LA_DESC= load averages support TLS_DESC= SMTP-TLS and SMTPS support DANE_DESC= Enable DANE support SASLAUTHD_DESC= SASLAUTHD support BDB_DESC= Berkeley DB version 4+ support GDBM_DESC= GNU dbm library support (option COMPAT needed) SOCKETMAP_DESC= Enable socketmap feature BLACKLISTD_DESC= Enable blacklistd support CYRUSLOOKUP_DESC= Enable cyruslookup feature PICKY_HELO_CHECK_DESC= Enable picky HELO check MILTER_DESC= Enable milter support SMTPUTF8_DESC= Enable unicode address support MTA_STS_DESC= Enable MTA-STS support (option SOCKETMAP and TLS needed) TLS_CERT_CHAIN_DESC= Enable certificate chain file support (incompatibility) TLS_USES= ssl SASL_LIB_DEPENDS= libsasl2.so:security/cyrus-sasl2 SASLAUTHD_RUN_DEPENDS= saslauthd:security/cyrus-sasl2-saslauthd DANE_IMPLIES= TLS LDAP_USES= ldap LDAP_IMPLIES= DANE BDB_USES= bdb GDBM_LIB_DEPENDS= libgdbm.so:databases/gdbm GDBM_CONFIGURE_WITH= compat CYRUSLOOKUP_IMPLIES= SOCKETMAP SMTPUTF8_LIB_DEPENDS= libidn2.so:dns/libidn2 libicui18n.so:devel/icu MTA_STS_IMPLIES= SOCKETMAP TLS TLS_CERT_CHAIN_IMPLIES= TLS .include .if ${PORT_OPTIONS:MSHMEM} && !defined(BUILDING_INDEX) IPCCHECK!= ipcrm -q 0 2>&1 || true .if ${IPCCHECK:Mimplemented} IGNORE= your system does not support sysvipc .endif .endif .if ${PORT_OPTIONS:MBDB} BDB_SUFFIX= +${BDB_INCLUDE_DIR:S,^${LOCALBASE}/include/,,} CONFLICTS+= sendmail-ldap-8.* sendmail-sasl2-8.* sendmail-tls-8.* .endif .if ${PORT_OPTIONS:MLDAP} LDAP_SUFFIX?= +ldap CONFLICTS+= sendmail-sasl2-8.* sendmail-tls-8.* .endif .if ${PORT_OPTIONS:MSASL} SASL_SUFFIX?= +sasl2 CONFLICTS+= sendmail-ldap-8.* sendmail-tls-8.* .endif .if ${PORT_OPTIONS:MCYRUSLOOKUP} EXTRA_PATCHES+= ${FILESDIR}/cyruslookup.patch .endif .if ${PORT_OPTIONS:MTLS} TLS_SUFFIX?= +tls CONFLICTS+= sendmail-ldap-8.* sendmail-sasl2-8.* .endif MAKE_PKGNAMES= for i in "" +tls; do \ for j in "" +sasl2; do \ for k in "" +ldap; do \ for l in "" +db48 +db5 +db6; do \ echo "sendmail$${i}$${j}$${k}$${l}-8.*" ;\ done done done done ALL_PKGNAMES!= ${MAKE_PKGNAMES} CONFLICTS2!= ${MAKE_PKGNAMES} | ${GREP} -v "${PORTNAME}${PKGNAMESUFFIX:S|${PKGNAMESUFFIX2}||}-8." CONFLICTS+= ${CONFLICTS2} # Build site.config.m4 SITE+= ${FILESDIR}/site.config.m4 .if ${PORT_OPTIONS:MIPV6} SITE+= ${FILESDIR}/site.config.m4.ipv6 .endif .if ${PORT_OPTIONS:MDANE} SITE+= ${FILESDIR}/site.config.m4.dane .endif .if ${PORT_OPTIONS:MSASL} SITE+= ${FILESDIR}/site.config.m4.sasl2 .endif .if ${PORT_OPTIONS:MLDAP} SITE+= ${FILESDIR}/site.config.m4.ldap .endif .if ${PORT_OPTIONS:MBLACKLISTD} SITE+= ${FILESDIR}/site.config.m4.blacklistd .endif .if ${PORT_OPTIONS:MSMTPUTF8} SITE+= ${FILESDIR}/site.config.m4.smtputf8 .endif .if ${PORT_OPTIONS:MMILTER} SITE+= ${FILESDIR}/site.config.m4.milter .endif .if ${PORT_OPTIONS:MGDBM} LICENSE_PERMS= dist-mirror dist-sell no-pkg-mirror no-pkg-sell auto-accept SITE+= ${FILESDIR}/site.config.m4.gdbm .endif .if ${PORT_OPTIONS:MMTA_STS} SITE+= ${FILESDIR}/site.config.m4.mta-sts .endif SED_SCRIPT= -e "s|\`-O'|\`${CFLAGS}'|" \ -e 's|%%CC%%|${CC}|' -e 's|%%LD%%|${LD}|' .if ! ${PORT_OPTIONS:MNIS} SED_SCRIPT+= -e "s;-DNIS ;;" .endif post-patch: @cd ${WRKSRC} && ${FIND} cf -type f -name "*.orig" -print0 | ${XARGS} -0 ${RM} do-configure: .if ${PORT_OPTIONS:MGDBM} @(if [ ! -e "${LOCALBASE}/lib/libgdbm_compat.so" ] ; then \ ${ECHO_MSG} "===> option COMPAT is missing in databases/gdbm."; \ ${FALSE}; \ fi) .endif ${REINPLACE_CMD} ${SED_SCRIPT} ${WRKSRC}/devtools/OS/FreeBSD ${SED} -e "s=%%PREFIX%%=${PREFIX}=g" \ -e "s=%%LOCALBASE%%=${LOCALBASE}=g" \ ${SITE} > ${WCONF}/site.config.m4 .if ${PORT_OPTIONS:MBDB} ${ECHO_CMD} \ 'APPENDDEF(`confENVDEF'\'', `-I${BDB_INCLUDE_DIR}'\'')' \ >> ${WCONF}/site.config.m4 ${ECHO_CMD} \ 'APPENDDEF(`confLIBDIRS'\'', `-L${LOCALBASE}/lib'\'')' \ >> ${WCONF}/site.config.m4 .for i in sendmail editmap makemap praliases vacation ${ECHO_CMD} \ 'APPENDDEF(`conf_${i}_LIBS'\'', `-l${BDB_LIB_NAME}'\'')' \ >> ${WCONF}/site.config.m4 .endfor .endif .if ${PORT_OPTIONS:MSOCKETMAP} ${ECHO_CMD} \ 'APPENDDEF(`conf_sendmail_ENVDEF'\'', `-DSOCKETMAP'\'')' \ >> ${WCONF}/site.config.m4 .endif .if ${PORT_OPTIONS:MPICKY_HELO_CHECK} ${ECHO_CMD} \ 'APPENDDEF(`conf_sendmail_ENVDEF'\'', `-DPICKY_HELO_CHECK'\'')' \ >> ${WCONF}/site.config.m4 .endif .if ! ${PORT_OPTIONS:MSHMEM} ${ECHO_CMD} \ 'APPENDDEF(`confENVDEF'\'', `-DSM_CONF_SHM=0'\'')' \ >> ${WCONF}/site.config.m4 .endif .if ! ${PORT_OPTIONS:MSEM} ${ECHO_CMD} \ 'APPENDDEF(`confENVDEF'\'', `-DSM_CONF_SEM=0'\'')' \ >> ${WCONF}/site.config.m4 .endif .if ! ${PORT_OPTIONS:MLA} ${ECHO_CMD} \ 'APPENDDEF(`confENVDEF'\'', `-DLA_TYPE=LA_ZERO'\'')' \ >> ${WCONF}/site.config.m4 .endif post-build: (cd ${WRKSRC}/doc/op && \ ${SETENV} ${MAKE_ENV} ${MAKE} ${MAKE_FLAGS} ${MAKEFILE} op.txt) pre-install: ${MKDIR} ${STAGEDIR}/etc/mail \ + ${STAGEDIR}${PREFIX}/share/man/cat1 \ ${STAGEDIR}${PREFIX}/share/man/cat5 \ ${STAGEDIR}${PREFIX}/share/man/cat8 @${CAT} ${PKGDIR}/pkg-plist >${PLIST} @cd ${WRKSRC} && ${FIND} cf -type f | \ ${AWK} '{print "share/sendmail/" $$1}' >>${PLIST} .if ${PORT_OPTIONS:MDOCS} .for i in ${DOCS} @${ECHO_CMD} `${BASENAME} ${i}` | \ ${AWK} '{print "%%DOCSDIR%%/" $$1}' >>${PLIST} .endfor .if ${PORT_OPTIONS:MCYRUSLOOKUP} @${ECHO_CMD} "share/doc/sendmail/CYRUS_LOOKUP" >>${PLIST} .endif .endif ${MKDIR} ${STAGEDIR}${PREFIX}/etc/mail @${SED} \ -e "s=\([ ]\)/.*$$=\\1${SENDMAIL}=" \ ${FILESDIR}/mailer.conf \ > ${STAGEDIR}${PREFIX}/etc/mail/mailer.conf.sendmail # We want mail.local and rmail for our system. # the build install catmans only, we have to fix this. post-install: (cd ${WRKSRC}/mail.local && \ ${SETENV} ${MAKE_ENV} ${MAKE} ${MAKE_FLAGS} ${MAKEFILE} ${MAKE_ARGS} force-install) (cd ${WRKSRC}/rmail && \ ${SETENV} ${MAKE_ENV} ${MAKE} ${MAKE_FLAGS} ${MAKEFILE} ${MAKE_ARGS} force-install) .for i in ${LMAN8} ${INSTALL_MAN} ${WRKSRC}/*/${i} ${STAGEDIR}${PREFIX}/share/man/man8/ .endfor .for i in ${LMAN5} ${INSTALL_MAN} ${WRKSRC}/*/${i} ${STAGEDIR}${PREFIX}/share/man/man5/ .endfor .for i in ${LMAN1} ${INSTALL_MAN} ${WRKSRC}/*/${i} ${STAGEDIR}${PREFIX}/share/man/man1/ .endfor ${MKDIR} ${STAGEDIR}${PREFIX}/share/sendmail ${TAR} -C ${WRKSRC} -cf - cf | \ ${TAR} -C ${STAGEDIR}${PREFIX}/share/sendmail -xf - ${RM} -rfv ${STAGEDIR}${PREFIX}/share/man/cat* # final perm of sendmail is 2555 (see plist), needed for strip cmd ${CHMOD} 755 ${STAGEDIR}${PREFIX}/sbin/sendmail ${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/vacation ${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/rmail ${STRIP_CMD} ${STAGEDIR}${PREFIX}/sbin/* ${STRIP_CMD} ${STAGEDIR}${PREFIX}/libexec/* post-install-DOCS-on: ${MKDIR} ${STAGEDIR}${DOCSDIR} cd ${WRKSRC} && ${INSTALL_DATA} ${DOCS} ${STAGEDIR}${DOCSDIR}/ ${INSTALL_DATA} ${WRKSRC}/doc/op/op.ps ${STAGEDIR}${DOCSDIR}/op.ps ${INSTALL_DATA} ${WRKSRC}/doc/op/op.txt ${STAGEDIR}${DOCSDIR}/op.txt ${INSTALL_DATA} ${WRKSRC}/devtools/README ${STAGEDIR}${DOCSDIR}/DEVTOOLS ${INSTALL_DATA} ${WRKSRC}/sendmail/README ${STAGEDIR}${DOCSDIR}/SENDMAIL ${INSTALL_DATA} ${WRKSRC}/mail.local/README ${STAGEDIR}${DOCSDIR}/MAIL.LOCAL ${INSTALL_DATA} ${WRKSRC}/smrsh/README ${STAGEDIR}${DOCSDIR}/SMRSH .if ${PORT_OPTIONS:MCYRUSLOOKUP} ${INSTALL_DATA} ${FILESDIR}/CYRUS_LOOKUP ${STAGEDIR}${DOCSDIR}/CYRUS_LOOKUP .endif mailer.base: @${SED} \ -e "s=\([ ]\)/.*$$=\\1${BASEMAIL}=" \ ${FILESDIR}/mailer.conf > ${DESTDIR}/etc/mail/mailer.conf.new ${MV} ${DESTDIR}/etc/mail/mailer.conf.new \ ${DESTDIR}/etc/mail/mailer.conf mailer.conf: .if exists(${DESTDIR}${PREFIX}/etc/mail/mailer.conf.sendmail) @${CP} -v ${DESTDIR}${PREFIX}/etc/mail/mailer.conf.sendmail \ ${DESTDIR}${PREFIX}/etc/mail/mailer.conf .else @${MKDIR} ${DESTDIR}${PREFIX}/etc/mail @${SED} \ -e "s=\([ ]\)/.*$$=\\1${SENDMAIL}=" \ ${FILESDIR}/mailer.conf \ > ${DESTDIR}${PREFIX}/etc/mail/mailer.conf .endif # create sumbit.cf on older systems # submit.cf: ${DESTDIR}/etc/mail/submit.cf ${DESTDIR}/etc/mail/submit.mc: ${INSTALL_DATA} ${PREFIX}/share/sendmail/cf/cf/submit.mc \ ${DESTDIR}/etc/mail/submit.mc ${DESTDIR}/etc/mail/submit.cf: ${DESTDIR}/etc/mail/submit.mc @( cd ${DESTDIR}/etc/mail && ${MAKE} \ SENDMAIL_CF_DIR=${PREFIX}/share/sendmail/cf \ SENDMAIL_MC=submit ) # create basics for smtp-auth # howto-sasldb: @${ECHO_CMD} "# Links:" @${ECHO_CMD} "#" @${ECHO_CMD} "# http://www.sendmail.org/~gshapiro/" @${ECHO_CMD} "# http://www.sendmail.org/~ca/email/auth.html" @${ECHO_CMD} "# http://www.bme.ogi.edu/~pchytil/linux/sendmail/" @${ECHO_CMD} "# http://blue-labs.org/software/sm-pgsql/" @${ECHO_CMD} "# http://www.falkotimme.com/howtos/sendmail_smtp_auth_tls/" @${ECHO_CMD} "#" # create certificates for TLS/SSL # tls-install: ${SETENV} DESTDIR=${DESTDIR} FILESDIR=${FILESDIR} \ ${SH} ${FILESDIR}/tls-install.sh help: @${ECHO_CMD} "# additional targets:" @${ECHO_CMD} "#" @${ECHO_CMD} "# configure ${DESTDIR}/etc/mail/mailer.conf" @${ECHO_CMD} "# for sendmail from ports" @${ECHO_CMD} "make mailer.conf" @${ECHO_CMD} "# for sendmail in the base" @${ECHO_CMD} "make mailer.base" @${ECHO_CMD} "#" @${ECHO_CMD} "# show howto for configuring sasldb" @${ECHO_CMD} "make howto-sasldb" @${ECHO_CMD} "#" @${ECHO_CMD} "# create a self-signed certificate" @${ECHO_CMD} "make tls-install" @${ECHO_CMD} "#" .include .if ${PORT_OPTIONS:MTLS} .if ${SSL_DEFAULT} != base SITE+= ${FILESDIR}/site.config.m4.ssl .endif SITE+= ${FILESDIR}/site.config.m4.tls .if ${PORT_OPTIONS:MTLS_CERT_CHAIN} SITE+= ${FILESDIR}/site.config.m4.tls-cert-chain .endif .endif .if exists(${FILESDIR}/site.config.m4.local) SITE+= ${FILESDIR}/site.config.m4.local .endif .if ${PREFIX} == "/usr" pre-everything:: @${ECHO_CMD} "#" @${ECHO_CMD} "# You can't override the base sendmail this way." @${ECHO_CMD} "# your version FreeBSD use mailwrapper." @${ECHO_CMD} "#" @${ECHO_CMD} "# Please install with normal PREFIX" @${ECHO_CMD} "# and activate the port version with" @${ECHO_CMD} "# cd /usr/local/etc/mail && cp mailer.conf.sendmail mailer.conf" @${ECHO_CMD} "#" @${FALSE} .endif .include diff --git a/mail/sendmail/distinfo b/mail/sendmail/distinfo index 712e3b995c2e..a078e037b045 100644 --- a/mail/sendmail/distinfo +++ b/mail/sendmail/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1685791197 -SHA256 (sendmail.8.17.2.tar.gz) = 90f5ae74c35a84808861933ba094201b901b70c6b2903684dcf39bdae8a5a1a2 -SIZE (sendmail.8.17.2.tar.gz) = 2313458 +TIMESTAMP = 1706725980 +SHA256 (sendmail.8.18.1.tar.gz) = cbf1f309c38e4806f7cf3ead24260f17d1fe8fb63256d13edb3cdd1a098f0770 +SIZE (sendmail.8.18.1.tar.gz) = 2401566 diff --git a/mail/sendmail/files/patch-cfhead.m4 b/mail/sendmail/files/patch-cfhead.m4 index 4d24bce603ea..f6c5c298072a 100644 --- a/mail/sendmail/files/patch-cfhead.m4 +++ b/mail/sendmail/files/patch-cfhead.m4 @@ -1,12 +1,12 @@ ---- cf/m4/cfhead.m4.orig 2020-05-19 19:54:31 UTC +--- cf/m4/cfhead.m4.orig 2024-01-31 06:38:32 UTC +++ cf/m4/cfhead.m4 -@@ -278,7 +278,8 @@ define(`_REC_AUTH_', `$.$?{auth_type}(authenticated') +@@ -284,7 +284,8 @@ define(`_REC_AUTH_', `$.$?{auth_type}(authenticated') define(`_REC_FULL_AUTH_', `$.$?{auth_type}(user=${auth_authen} $?{auth_author}author=${auth_author} $.mech=${auth_type}') define(`_REC_HDR_', `$?sfrom $s $.$?_($?s$|from $.$_)') define(`_REC_END_', `for $u; $|; - $.$b') + $.$b$?g + (envelope-from $g)$.') define(`_REC_TLS_', `(version=${tls_version} cipher=${cipher} bits=${cipher_bits} verify=${verify})$.$?u') define(`_REC_BY_', `$.by $j ($v/$Z)$?r with $r$. id $i$?{tls_version}') define(`confRECEIVED_HEADER', `_REC_HDR_ diff --git a/mail/sendmail/files/patch-cfproto.m4 b/mail/sendmail/files/patch-cfproto.m4 deleted file mode 100644 index 7ee522401c00..000000000000 --- a/mail/sendmail/files/patch-cfproto.m4 +++ /dev/null @@ -1,24 +0,0 @@ ---- cf/m4/proto.m4.orig 2023-02-09 18:24:38 UTC -+++ cf/m4/proto.m4 -@@ -2888,10 +2888,6 @@ R$* $: $(macro {saved_verify} $@ $1 $) $1') - R$* $| $* $: $1', `dnl') - ifdef(`_TLS_FAILURES_',`dnl - R$* $: $(macro {saved_verify} $@ $1 $) $1') --ifdef(`_MTA_STS_', `dnl --R$* $: $1 $| $>"STS_secure" $1 --R$* $| $#$* $#$2 --R$* $| $* $: $1', `dnl') - ifdef(`_ACCESS_TABLE_', `dnl - dnl store name of other side - R$* $: $(macro {TLS_Name} $@ $&{server_name} $) $1 -@@ -2899,6 +2895,10 @@ R$* $| $* $: $1 $| <$(access TLS_SRV_TAG`'_TAG_DELI - R$* $| $* $: $1 $| $>A <$&{server_addr}> <> - dnl do a default lookup: just TLS_SRV_TAG - R$* $| $* $: $1 $| <$(access TLS_SRV_TAG`'_TAG_DELIM_ $: ? $)> -+ifdef(`_MTA_STS_', `dnl -+R$* $: $1 $| $>"STS_secure" $1 -+R$* $| $#$* $#$2 -+R$* $| $* $: $1', `dnl') - ifdef(`_ATMPF_', `dnl tempfail? - R$* $| <$* _ATMPF_> $#error $@ 4.3.0 $: _TMPFMSG_(`TS')', `dnl') - R$* $@ $>"TLS_connection" $1', `dnl diff --git a/mail/sendmail/files/patch-daemon.c b/mail/sendmail/files/patch-daemon.c index 4d1a8cd58f89..21edf8ff4383 100644 --- a/mail/sendmail/files/patch-daemon.c +++ b/mail/sendmail/files/patch-daemon.c @@ -1,11 +1,11 @@ ---- sendmail/daemon.c.orig 2021-07-14 05:34:51 UTC +--- sendmail/daemon.c.orig 2024-01-31 06:38:32 UTC +++ sendmail/daemon.c -@@ -788,6 +788,8 @@ getrequests(e) +@@ -782,6 +782,8 @@ getrequests(e) anynet_ntoa(&RealHostAddr)); } + BLACKLIST_INIT(); + if (pipefd[0] != -1) { auto char c; diff --git a/mail/sendmail/files/patch-makeinfo.sh b/mail/sendmail/files/patch-makeinfo.sh index c3a668f80c76..57e13e650b76 100644 --- a/mail/sendmail/files/patch-makeinfo.sh +++ b/mail/sendmail/files/patch-makeinfo.sh @@ -1,11 +1,11 @@ ---- cf/sh/makeinfo.sh.orig 2014-03-05 00:59:45 UTC +--- cf/sh/makeinfo.sh.orig 2024-01-31 06:38:32 UTC +++ cf/sh/makeinfo.sh @@ -52,7 +52,7 @@ then else host=`uname -n` fi -echo '#####' built by $user@$host on `date` +echo '#####' built by $user@$host on `LC_TIME=C date` echo '#####' in `pwd` | sed 's/\/tmp_mnt//' echo '#####' using $1 as configuration include directory | sed 's/\/tmp_mnt//' - echo "define(\`__HOST__', $host)dnl" + echo "define(\`__HOST__', \`$host')dnl" diff --git a/mail/sendmail/files/patch-readcf.c b/mail/sendmail/files/patch-readcf.c index 67ce57ab7d99..c777f3c55f1e 100644 --- a/mail/sendmail/files/patch-readcf.c +++ b/mail/sendmail/files/patch-readcf.c @@ -1,26 +1,26 @@ ---- sendmail/readcf.c.orig 2021-07-14 05:34:51 UTC +--- sendmail/readcf.c.orig 2024-01-25 05:27:02 UTC +++ sendmail/readcf.c -@@ -3056,6 +3056,10 @@ static struct optioninfo +@@ -3208,6 +3208,10 @@ static struct optioninfo { "CipherSuites", O_CIPHERSUITES, OI_NONE }, #endif +#if USE_BLACKLIST -+# define O_BLACKLIST 0xf2 ++# define O_BLACKLIST 0xfb + { "UseBlacklist", O_BLACKLIST, OI_NONE }, +#endif { NULL, '\0', OI_NONE } }; -@@ -4795,6 +4799,12 @@ setoption(opt, val, safe, sticky, e) - break; - #endif - -+#if USE_BLACKLIST -+ case O_BLACKLIST: -+ UseBlacklist = atobool(val); +@@ -4943,6 +4947,12 @@ setoption(opt, val, safe, sticky, e) + #if _FFR_MTA_STS + case O_MTASTS: + MTASTS = atobool(val); + break; +#endif + - default: - if (tTd(37, 1)) - { ++#if USE_BLACKLIST ++ case O_BLACKLIST: ++ UseBlacklist = atobool(val); + break; + #endif + diff --git a/mail/sendmail/files/patch-sendmail.h b/mail/sendmail/files/patch-sendmail.h index 8d247ed47782..9f0c0bf3cf11 100644 --- a/mail/sendmail/files/patch-sendmail.h +++ b/mail/sendmail/files/patch-sendmail.h @@ -1,24 +1,24 @@ ---- sendmail/sendmail.h.orig 2021-07-14 05:34:51 UTC +--- sendmail/sendmail.h.orig 2024-01-31 06:38:32 UTC +++ sendmail/sendmail.h @@ -73,6 +73,10 @@ SM_UNUSED(static char SmailId[]) = "@(#)$Id: sendmail. #endif #include "bf.h" +#if USE_BLACKLIST +#include +#endif +#include "blacklist_client.h" #include "timers.h" #include #include -@@ -2655,6 +2659,10 @@ EXTERN int Hacks; /* bit field of run-time enabled "ha +@@ -2734,6 +2738,10 @@ EXTERN int Hacks; /* bit field of run-time enabled "ha #endif EXTERN int ConnectionRateWindowSize; + +#if USE_BLACKLIST +EXTERN bool UseBlacklist; +#endif /* ** Declarations of useful functions diff --git a/mail/sendmail/files/patch-srvrsmtp.c b/mail/sendmail/files/patch-srvrsmtp.c index a20d84e3cd3e..b2d019c6f386 100644 --- a/mail/sendmail/files/patch-srvrsmtp.c +++ b/mail/sendmail/files/patch-srvrsmtp.c @@ -1,92 +1,102 @@ ---- sendmail/srvrsmtp.c.orig 2021-08-03 10:35:09 UTC +--- sendmail/srvrsmtp.c.orig 2024-01-31 06:38:32 UTC +++ sendmail/srvrsmtp.c -@@ -940,6 +940,9 @@ smtp(nullserver, d_flags, e) - #if _FFR_BADRCPT_SHUTDOWN - int n_badrcpts_adj; +@@ -940,6 +940,9 @@ do \ + # define SHOWCMDINREPLY(inp) inp + # define SHOWSHRTCMDINREPLY(inp) shortenstring(inp, MAXSHORTSTR) #endif +#ifdef USE_BLACKLIST + int saved_bl_fd; +#endif - RESET_AUTH_FAIL_LOG_USER; - SevenBitInput_Saved = SevenBitInput; -@@ -1442,6 +1445,7 @@ smtp(nullserver, d_flags, e) - (int) tp.tv_sec + - (tp.tv_usec >= 500000 ? 1 : 0) + void + smtp(nullserver, d_flags, e) +@@ -1528,6 +1531,8 @@ smtp(nullserver, d_flags, e) + /* check if data is on the socket during the pause */ + if ((tp = channel_readable(InChannel, msecs)) != NULL) + { ++ int fd; ++ + greetcode = "554"; + nullserver = "Command rejected"; + sm_syslog(LOG_INFO, e->e_id, +@@ -1537,6 +1542,8 @@ smtp(nullserver, d_flags, e) + (int) tp->tv_sec + + (tp->tv_usec >= 500000 ? 1 : 0) ); ++ fd = sm_io_getinfo(InChannel, SM_IO_WHAT_FD, NULL); + BLACKLIST_NOTIFY(BLACKLIST_AUTH_FAIL, fd, "pre-greeting traffic"); } } } -@@ -1544,6 +1548,10 @@ smtp(nullserver, d_flags, e) +@@ -1655,6 +1662,10 @@ smtp(nullserver, d_flags, e) SmtpPhase = "server cmd read"; sm_setproctitle(true, e, "server %s cmd read", CurSmtpClient); +#ifdef USE_BLACKLIST + saved_bl_fd = dup(sm_io_getinfo(InChannel, SM_IO_WHAT_FD, NULL)); +#endif + /* handle errors */ if (sm_io_error(OutChannel) || (p = sfgets(inp, sizeof(inp), InChannel, -@@ -1860,8 +1868,11 @@ smtp(nullserver, d_flags, e) +@@ -1965,8 +1976,11 @@ smtp(nullserver, d_flags, e) #define LOGAUTHFAIL \ do \ { \ + int fd; \ SET_AUTH_USER_CONDITIONALLY \ message("535 5.7.0 authentication failed"); \ + fd = sm_io_getinfo(InChannel, SM_IO_WHAT_FD, NULL); \ + BLACKLIST_NOTIFY(BLACKLIST_AUTH_FAIL, fd, "AUTH FAIL"); \ if (LogLevel >= 9) \ sm_syslog(LOG_WARNING, e->e_id, \ "AUTH failure (%s): %s (%d) %s%s%.*s, relay=%.100s", \ -@@ -2011,6 +2022,9 @@ smtp(nullserver, d_flags, e) +@@ -2116,6 +2130,9 @@ smtp(nullserver, d_flags, e) DELAY_CONN("AUTH"); if (!sasl_ok || n_mechs <= 0) { + int fd; + fd = sm_io_getinfo(InChannel, SM_IO_WHAT_FD, NULL); + BLACKLIST_NOTIFY(BLACKLIST_AUTH_FAIL, fd, "AUTH LOGIN FAIL"); message("503 5.3.3 AUTH not available"); break; } -@@ -3704,10 +3718,17 @@ doquit: +@@ -3841,10 +3858,17 @@ smtp(nullserver, d_flags, e) ** timeouts for the same connection. */ +#ifdef USE_BLACKLIST + /* no immediate BLACKLIST_ABUSIVE_BEHAVIOR */ + BLACKLIST_NOTIFY(BLACKLIST_AUTH_FAIL, saved_bl_fd, "no command issued"); +#endif sm_syslog(LOG_INFO, e->e_id, "%s did not issue MAIL/EXPN/VRFY/ETRN during connection to %s", CurSmtpClient, d); } +#ifdef USE_BLACKLIST + close(saved_bl_fd); +#endif if (tTd(93, 100)) { /* return to handle next connection */ -@@ -3789,7 +3810,10 @@ doquit: +@@ -3926,7 +3950,10 @@ smtp(nullserver, d_flags, e) #if MAXBADCOMMANDS > 0 if (++n_badcmds > MAXBADCOMMANDS) { + int fd; stopattack: + fd = sm_io_getinfo(InChannel, SM_IO_WHAT_FD, NULL); + BLACKLIST_NOTIFY(BLACKLIST_ABUSIVE_BEHAVIOR, fd, "too many bad commands"); message("421 4.7.0 %s Too many bad commands; closing connection", MyHostName); -@@ -3843,6 +3867,9 @@ doquit: +@@ -3980,6 +4007,9 @@ smtp(nullserver, d_flags, e) } #if SASL } +#endif +#ifdef USE_BLACKLIST + close(saved_bl_fd); #endif } SM_EXCEPT(exc, "[!F]*") diff --git a/mail/sendmail/files/patch-usersmtp.c b/mail/sendmail/files/patch-usersmtp.c index 5c63c03bab75..8fff657c2384 100644 --- a/mail/sendmail/files/patch-usersmtp.c +++ b/mail/sendmail/files/patch-usersmtp.c @@ -1,26 +1,26 @@ ---- sendmail/usersmtp.c.orig 2021-07-14 05:34:51 UTC +--- sendmail/usersmtp.c.orig 2023-07-27 07:12:46 UTC +++ sendmail/usersmtp.c -@@ -1870,6 +1870,9 @@ attemptauth(m, mci, e, sai) +@@ -1875,6 +1875,9 @@ attemptauth(m, mci, e, sai) if (saslresult != SASL_OK && saslresult != SASL_CONTINUE) { + int fd = sm_io_getinfo(mci->mci_in, SM_IO_WHAT_FD, NULL); + BLACKLIST_NOTIFY(BLACKLIST_AUTH_FAIL, fd, "AUTH FAIL"); + if (tTd(95, 5)) sm_dprintf("AUTH FAIL=%s (%d)\n", sasl_errstring(saslresult, NULL, NULL), -@@ -2015,9 +2018,11 @@ smtpauth(m, mci, e) +@@ -2020,9 +2023,11 @@ smtpauth(m, mci, e) do { result = attemptauth(m, mci, e, &(mci->mci_sai)); - if (result == EX_OK) + if (result == EX_OK) { + int fd = sm_io_getinfo(mci->mci_in, SM_IO_WHAT_FD, NULL); + BLACKLIST_NOTIFY(BLACKLIST_AUTH_OK, fd, "AUTH OK"); mci->mci_sasl_auth = true; - else if (result == EX_TEMPFAIL || result == EX_NOPERM) + } else if (result == EX_TEMPFAIL || result == EX_NOPERM) { mci->mci_saslcap = removemech((mci->mci_sai)[SASL_MECH], mci->mci_saslcap,