2005-11-18 Greg A. Woods * level: - this is release 3.2.0.121 * src/string.c: - fix chop() so it doesn't back up over the beginning of an empty (or almost empty) string. (only revealed on NetBSD/i386 1.5W, but not 1.6.x) - slightly optimize is_string_in_list(). - minor style fix. 2005-11-17 Greg A. Woods * mkRelease.sh: - also copy smail-pkgsrc.shar to $DISTFILES. * myPreview.sh: - pretty up the output. * myPreview.sh: - fix the pkgsrc Makefile.common edit script. * mkRelease.sh: - add a really simple debug feature to check the release number handling. - fix the pkgsrc Makefile.common edit script. * src/bindlib.c: - try to improve the CNAME error message for bind_check_if_canonical_host(). * util/checkerr.sh: - try to improve the error message for the dead-mail.senders entries. 2005-11-15 Greg A. Woods * util/mkdbm.c: - avoid unsigned/signed comparison with dataum.size value. * src/transports/smtplib.c: - avoid unsigned/signed parameter mismatch in a sscanf(). * src/transport.c: - need to include "transports/smtplib.h" for rfc821_*() decls. - improved a DEBUG() in get_return_addr(). * src/dys.h: - STR_FREE() should probably be an expression resulting in (void), at least according to gcc-3.3.3 on NetBSD. 2005-11-14 Greg A. Woods * mkRelease.sh: - try implementing schemes to handle PATCH and MINOR releases. - possible improvements to robustness of release generation. * ToDo: - ideas. * man/man5/smailtrns.an: - mention the effects of the local_xform flag on the error sender addr. * src/modes.c: - add a check to kill_some_children() so that it doesn't signal PID# 0 either. - other tweaks and hacks to signal handlers, et al, in hopes of making diagnostics better and making them easier to read and follow. * src/transport.c: - write_bsmtp_prologue() should just use the same logic as smtplib.c for sending "MAIL FROM:". - get_return_addr() needs to avoid using '<+>' unless the LOCAL_XFORM flag is set for the current transport. * src/smailstring.h: - fix minor typo in a comment. * src/lookup.c: - there's no need to use STR_TRIM() in bsearch_lookup(). - fix up some comments. * src/dys.h: - rewrite STR_TRIM() so that it hopefully deals with growth, though logging it since that is not expected. - fix up some comments. 2005-11-03 Greg A. Woods * src/smtprecv.c: - fix typo in name of variable for smtp_sender_reject_db log message, making matches easier to find in the logs! 2005-11-02 Greg A. Woods * README: - rewrite the section on release numbers as mkRelease.sh evolves. 2005-10-28 Greg A. Woods * conf/os/linux-glibc2.1+, conf/os/unixpc, conf/os/freebsd, conf/os/freebsd4, conf/os/netbsd1.5: - add emacs mode hint comment line. * conf/os/bsdi, conf/os/bsdi2, conf/os/openbsd: - add HAVE_HDB_UUCP since uux has -g and -a options. * conf/os/freebsd: - add HAVE_HDB_UUCP since Taylor UUCP's uux has -g and -a options. * conf/os/template: - update the comment about HDB_UUCP. * src/transport.c: - in C it doesn't work to add bitwise flags together to find out if more than one is set -- one must test them and then add either one or zero in order to get a count of the number of flag bits that are set. (This was causing any and all appearances of the *_xform attributes in the transports file to trigger a fatal error.) - use a semi-colon to separate the possible multiple error messages from the *_xform attribute conflict check. - improve the warning about builtin transports that have been overridden by a custom transport, and only show that warning if '-v' or '-d' is also given. * src/config.h: - oops -- made a typo removing all the "shquote:" things from the various pipe driver command line strings and ended up with a broken substitution. [discovered and reported by Bruce Becker] * src/retry.c: - retry_addr_before(), which is used by the pipe and appendfile transport drivers, wasn't creating new spool/retry sub-dirs for the specific transport instances. - one DEBUG() in retry_addr_before() was a bit too noisy. * src/expand.c: - improve a comment, fix some coding style. 2005-10-26 Greg A. Woods * ToDo: - updates * src/config.h, src/notify.c: - give in to RFC 822 4.4.1 and stop trying to use groups in From: headers. * src/field.c: - remove '%' as a one of the non_text_tokens in tokenize() and add a great big comment explaining why. - edit some other comments too. * src/main.c, src/main.h, src/modes.c: - process_recipients() gains a new flag parameter so that it can tell if the message being handled is already in the spool or not. - add some ifdef'ed out code to show how process_recipients() can avoid using process_field() if and when the address qualification features are factored out of proces_field() and can be easily used on command-line address parameters as well. - try fixing error handling in process_recipients() by calling freeze_message() if process_field() fails. * src/smtprecv.c: - for the time being make all the *_reject_hostnames log messages consistent in that they always print the "reason" text, if any, from the config file so that debugging is a bit easier. Eventually maybe this extra verbiage can be removed from the logs when Smail gets some better command-line test options for running values through the associated config variable rules. - also always format the reason text with %v. 2005-10-24 Greg A. Woods * src/smtprecv.c: - note that preparse_address_1() (or preparse_address()) should be used before every call to verify_addr() so that it doesn't have to do it again (and other callers need to do it themselves anyway). * src/smtprecv.c: - note that preparse_address_1() (or preparse_address()) should be used before every call to verify_addr() so that it doesn't have to do it again (and other callers need to do it themselves anyway). - return NULL, not FALSE, in check_addr_operand(). 2005-10-11 Greg A. Woods * src/transports/smtplib.c, src/transports/tcpsmtp.c: - delay the dont_deliver handling until the DATA command so we can more easily see if the envelope addresses are to be accepted. - clean up the session tracing DEBUG() output slightly. * src/queue.c: - correct a comment. 2005-10-07 Greg A. Woods * mkRelease.sh: - re-sync the 'shar' parameters and add a comment about keeping them in sync with those in myPreview.sh. * myPreview.sh: - add a comment about keeping the 'shar' parameters in sync with those in mkRelease.sh. * src/main.c: - fix the test for trusted users setting MAILBOX or UUCP_ROUTE sender addresses, now only properly testing if the non-trusted user matches the local part of an address using a local domain, and rejecting all non-local domains from non-trusted users. - remove weird unnecessary whitespace in a debug message for process_field()'s results. * src/route.c: - get rid of the confusing colon after the "matched by foo router" debug message. 2005-09-30 Greg A. Woods * src/smtprecv.c: - in verify_addr() expand the error message with send_smtp_msg() as it can be arbitrary length, e.g. from the error director. - add support in verify_addr() for error director errors ERR_192 and ERR_193 (re-arranging the order of the error switch cases to be a little more sensible). 2005-09-09 Greg A. Woods * src/config.h: - put angle brackets around the $return_address values in command lines so that the error sender values work right (and don't worry about "<+>") - go back to using $sender for uucp commands for now. * src/transport.c: - damn, remember that parse_address() is destructive and that it shouldn't be used on global string values that cannot be modified! * src/smtprecv.c: - try to avoid the "<<>>" uglies in the "sender OK" response. * src/queue.c: - don't clobber sender when reading the queue file. * src/main.c: - perhaps we should try to allow trusted users to set non-local sender addresses with '-f', since UUCP might, and also handle UUCP_ROUTE sender address forms. * util/mksort.c: - oops, missed a #include "smailsock.h" before "bindlib.h". 2005-09-07 Greg A. Woods * src/config.h: - oops, still had one too many curly brace pairs in that last change. * src/config.h: - OK, fix the (sender: <>) comment in the received_field definition so that it uses the proper new $return_address (which is much simpler), and use the alternate "from" and "fullname" variable names in the definition of from_field. * src/config.h: - thats's return_address, not return_addr! 2005-09-06 Greg A. Woods * mkRelease.sh: - make doubly sure CVSROOT can't foil us. * mkRelease.sh: - make sure CVSROOT can't foil us. * mkRelease.sh: - no need to remind about updating pkgsrc module now that's been automated * man/man8/unfreezemail.an, util/unfreezemail.sh: - implement and document a '-u addr' feature which makes it easier to find and retry all of the messages to a given recipient. * ToDo: - they come and they go! * pcre/AUTHORS, pcre/COPYING, pcre/ChangeLog, pcre/LICENCE, pcre/Makefile.in, pcre/NEWS, pcre/README, pcre/RunTest.in, pcre/config.guess, pcre/config.sub, pcre/configure, pcre/configure.in, pcre/dftables.c, pcre/get.c, pcre/internal.h, pcre/libpcre.def, pcre/libpcreposix.def, pcre/ltmain.sh, pcre/maketables.c, pcre/mkinstalldirs, pcre/pcre.c, pcre/pcre.def, pcre/pcre.in, pcre/pcregrep.c, pcre/pcreposix.c, pcre/pcreposix.h, pcre/pcretest.c, pcre/printint.c, pcre/study.c, pcre/doc/Tech.Notes, pcre/doc/pcre.3, pcre/doc/pcre_compile.3, pcre/doc/pcre_config.3, pcre/doc/pcre_copy_named_substring.3, pcre/doc/pcre_copy_substring.3, pcre/doc/pcre_exec.3, pcre/doc/pcre_free_substring.3, pcre/doc/pcre_free_substring_list.3, pcre/doc/pcre_fullinfo.3, pcre/doc/pcre_get_named_substring.3, pcre/doc/pcre_get_stringnumber.3, pcre/doc/pcre_get_substring.3, pcre/doc/pcre_get_substring_list.3, pcre/doc/pcre_info.3, pcre/doc/pcre_maketables.3, pcre/doc/pcre_study.3, pcre/doc/pcre_version.3, pcre/doc/pcreapi.3, pcre/doc/pcrebuild.3, pcre/doc/pcrecallout.3, pcre/doc/pcrecompat.3, pcre/doc/pcregrep.1, pcre/doc/pcrepattern.3, pcre/doc/pcreperform.3, pcre/doc/pcreposix.3, pcre/doc/pcresample.3, pcre/doc/pcretest.1, pcre/testdata/testinput1, pcre/testdata/testinput2, pcre/testdata/testoutput1, pcre/testdata/testoutput2, pcre/testdata/testoutput3, pcre/testdata/testoutput4, pcre/testdata/testoutput5: - check in PCRE-6.3 after having run the following command: %s rm -rf NON-UNIX-USE makevp.bat perltest doc/*.txt doc/html %s and due to re-org a "cvs add" of all the new files and a "cvs rm" of the following: %s ucptypetable.c ucp.c study.c printint.c pcre.c maketables.c internal.h get.c * src/config.h: - make the default retry_duration and resolve_timeout be the same, at 4 days, which is long enough for a long weekend plus one extra day. Also move their definitions to be adjacent. 2005-09-01 Greg A. Woods * man/man5/smailconf.an: - oops -- missed changing some backslashes to \e. * man/man5/smail.an, src/config.h, src/expand.c: - implement, document, and use $return_addr which is the return value of get_return_addr(), or "MAILER-DAEMON" if that fails. * man/man8/smail.an: - better document '-f'. * man/man5/smaildrct.an: - fix what seems to have been a typo in the description for $sender_okay. 2005-08-31 Greg A. Woods * man/man5/smailtrns.an: - the old "uucp" and "inet" transport attributes are renamed with "_xform" suffixes to reflect their use, and descriptions are re- ordered a bit too. * src/transports/pipe.c: - internal get_pipe_env() and get_pipe_ugid() don't need a separate pointer to the transport when that's in the addr already. - now that get_return_addr() can fail I guess maybe the SENDER environment variable could also use MAILER-DAEMON as a fall-back too. * src/transports/appendfile.c: - write_message() doesn't need a separate pointer to the transport when that's in the addr already. - it might be better to use the GCC __attribute__((unused)) syntax directly, with a possible nullifying macro, instead of the GCC_UNUSED_HACK macro (and then that's compatible with the *BSD's too). * src/transport.c, src/transport.h: - get_sender_address() becomes get_return_addr() to better reflect its purpose and behaviour, and more-or-less re-implemnt it to properly handle as many of the *_XFORM flags that it should. - write_message() and write_bsmtp_prologue() don't need a separate pointer to the transport when that's in the addr already. - inet_from_line() now needs the whole struct addr, not just the transport. - inet_from_line() defaults to MAILER-DAEMON if get_return_addr() fails (hopefully this is the last and only hard-coded use of that local-part). - the old "uucp" and "inet" transport attributes are renamed with "_xform" suffixes to reflect their use (and the old form names are marked with FA_FMT_DEPRECATED) - try to make it impossible to set multiple (and implicitly conflicting) *_XFORM flags. - it might be better to use the GCC __attribute__((unused)) syntax directly, with a possible nullifying macro, instead of the GCC_UNUSED_HACK macro (and then that's compatible with the *BSD's too). * src/transports/smtplib.c, src/transports/smtplib.h: - use new get_return_addr() for MAIL FROM: - rfc821_quote_local_part() becomes rfc821_quote_the_local_part() since it (can) deal with fully qualified addresses. - clean up some comments, variable names, etc. too. - it might be better to use the GCC __attribute__((unused)) syntax directly, with a possible nullifying macro, instead of the GCC_UNUSED_HACK macro (and then that's compatible with the *BSD's too). * src/header.c: - delete and log bogus message-id fields (empty after stripping comments and whitespace) - log deletion of non-trusted sender fields. - note some places where header field text might leak allocated memory. * src/bindlib.c: - some more errors that don't need ERR_NPOSTMAST. 2005-08-28 Greg A. Woods * man/man5/smailconf.an: - document return_path_field as deprecated. * src/addr.c: - fix some comments and wording in a DEBUG(). 2005-08-26 Greg A. Woods * src/modes.c: - it might be better to use the GCC __attribute__((unused)) syntax directly, with a possible nullifying macro, instead of the GCC_UNUSED_HACK macro (and then that's compatible with the *BSD's too). - error 184 shouldn't go to the postmaster too -- it's almost always just about some other site's DNS. * src/header.c: - get rid of return_path_field in build_return_path() -- it's not configurable or optional in the RFCs. - improve $insert_header and $remove_header panic messages. - fix up some comments. * src/direct.c, src/field.c, src/pathto.c, src/retry.c, src/smail.h, src/directors/altuser.c, src/directors/error.c, src/directors/include.c, src/directors/smartuser.c, src/directors/user.c, src/smtprecv.c, src/sysdep.c, src/routers/bind.c, src/routers/gethost.c, src/routers/pathalias.c, src/routers/queryprog.c, src/routers/reroute.c, src/routers/rewrite.c, src/routers/smarthost.c, src/routers/uuname.c, src/transports/tcpsmtp.c: - it might be better to use the GCC __attribute__((unused)) syntax directly, with a possible nullifying macro, instead of the GCC_UNUSED_HACK macro (and then that's compatible with the *BSD's too). 2005-07-25 Greg A. Woods * src/smailconf.c: - return_path_field is deprecated -- it need not be configurable. * src/route.c, src/route.h: - rename route_to_route_addr() to uucp_to_route_addr(), reflecting its true nature, and make it global. * src/main.c: - add a comment. * src/config.c, src/config.h: - return_path_field is deprecated -- it need not be configurable. * src/addr.h: - suggest keeping track of parse_address() result, as well as keeping a whole struct addr for the owner address, if any. * src/addr.c: - fix another same spello in same comment. 2005-07-23 Greg A. Woods * src/modes.c: - describe the error from preparse_address() as a "parse error". * src/addr.h: - fix the comment about PARSE_ERROR and note that FAIL is also a possible return value from parse_address(). * src/addr.c: - fix a spello in a comment 2005-07-20 Greg A. Woods * ToDo: - blah, blah-blah, blah, blah. * util/logsumm.awk: - adapt for the new invalid_operand_warning() log entries. * src/smtprecv.c: - be a little more explicit that the invalid_operand_warning() log entry is just a warning. - add "blank" lines before "Reason given:" output in SMTP responses. * src/directors/aliasfile.c: - use angle brackets around target addresses in DEBUG() msgs. * src/directors/smartuser.c: - avoid potential side effects from using assignment in macro parameters for xrealloc(). - use angle brackets around target addresses in DEBUG() msgs. * src/string.c: - avoid potential side effects from using assignment in macro parameters for xrealloc(). - misc style fixups. * src/expand.c: - avoid potential side effects from using assignment in macro parameters for xrealloc(). - don't do an explicit X_CHECK() call before xrealloc() now that it's a macro and does its own check. * src/alloc.h: - X_CHECK() should write to syslog and the tty too, just like panic() does. * src/alloc.c: - consistently use array syntax to access the magic number location. * myPreview.sh: - was missing new files/config.hubclient in the pkgsrc shar file. 2005-07-16 Greg A. Woods * ToDo: - one down, one more. * src/routers/rewrite.c: - note that maybe the rewritten struct addr in_addr field should just contain the short-form of the ":fail:" (or whatever) address, i.e. without the explanation text. * src/directors/error.c: - modify the ERR_139 message format to not show the input address if that address matches the special prefixes matched by the error director. This is especially nice for handling addresses generated by routers using the "rt_info->next_host = NULL; rt_info->matchlen = strlen(addr->target);" trick to cause a full reparse. (Note error addresses produced by directors get by without needing this because they don't put the new error address into the in_addr field, but that seems to be the prudent thing for the rewrite-like routers to do because there's no good intermediate to put there, unless it's just the short form of the error address (i.e. without the text).) - use angle brackets when displaying addresses in DEBUG() or error msgs. 2005-07-15 Greg A. Woods * ToDo: - one down. * util/logsumm.awk: - much more refinement for counting various errors. * util/logsumm.sh: - allow multiple '-d' for bigger DEBUG settings. * src/smtprecv.c: - include the target domain in "matched RHSBL" log entries so logsumm can more easily calculate its length to find the top RHSBL domain. - in "matched RHSBL" log entries print domains and the matched A RR with '%q' for consistency and safety to ensure they appear as one field. * src/addr.c: - use opening and closing single quotes around literal chars in error messages. - one more DEBUG() prints addr with '%v'. 2005-07-14 Greg A. Woods * src/addr.c: - undo part of last change to strip_rfc822_whitespace() that caused repeated copying (assignment to the location of the destination pointer followed by a post-increment of the destination pointer) of the last quote-char in a quoted string which then resulted in the trailing NUL being skipped over and an eventual SIGSEGV. 2005-07-13 Greg A. Woods * src/smailconf.c: - add a missing newline to a warning in read_config_file(), and only print it if debugging is enabled. * src/main.c: - don't paniclog read_config_file() errors unless in daemon mode. * man/man5/smailconf.an: - mention the old name for smtp_hello_reject_broken_ptr since the warning about it being depreacted says to "see the manual". * src/smtprecv.c: - fix handling of secondary MX's when smtp_permit_mx_backup isn't set [bug reported by Bruce Becker] * src/match.c: - add a couple of wishlist comments * src/smtprecv.c: - one more go at fixing up check_addr_operand() so that we can do without the angle brackets. - better SMTP output format for check_addr_operand() and verify_addr_form() errors. - improve compile-time optional version of invalid_operand_warning(). - fix a couple other minor annoyances and comments, etc. * src/addr.c: - do the strip_rfc822_whitespace() call in preparse_address_1() since internal whitespace is best cleaned here and now (especially for calls from the SMTP client engine!). - preparse_address_1() s/rest/restp/ to make its reference obvious. - preparse_address_1() final DEBUG() shows what restp returns too. 2005-07-12 Greg A. Woods * ToDo: - closer * util/logsumm.awk: - merge some similar code into functions and update for latest new log messages. * conf/EDITME-dist, src/main.c: - Actually, no, a DATA_RLIMIT chosen by the installer should be adjusted too -- it's too complicated to explain whats wrong if smail dies just as it tries to allocate the buffer. * src/main.c: - warn if printing vars or at DAEMON_MODE startup if message_buf_size is smaller than max_message_size and if either or both of body_checks and body_checks_always are set. - move the RLIMIT code down to after the configs are loaded so that message_buf_size can be used in the data segment limit. For now a DATA_RLIMIT chosen by the installer is not adjusted. - s/message_bufsiz/message_buf_size/ to match the attribute name. * src/main.c: - warn if printing vars or at DAEMON_MODE startup if message_buf_size is smaller than max_message_size and if either or both of body_checks and body_checks_always are set. - s/message_bufsiz/message_buf_size/ to match the attribute name. * src/config.c, src/extern.h, src/modes.c, src/smailconf.c, src/smtprecv.c, src/spool.c: - s/message_bufsiz/message_buf_size/ to match the attribute name. * src/alloc.h: - whitespace cleanup. * util/mksort.c: - need log.h and exitcodes.h now for recent alloc.h changes. - add stub functions and vars for everything brought in by log.o from ${LOCAL_LIB}. * util/mkline.c: - need log.h now for recent alloc.h changes. - only_testing is a library support var, not a local var. - we don't need stubs for the rfc821_is_*() functions. * util/mkdbm.c: - need log.h now for recent alloc.h changes * util/Makefile: - mksort needs to be linked with ${LOCAL_LIB} now. 2005-07-11 Greg A. Woods * src/smtprecv.c: - move the preparse_address_1() calls for RCPT and MAIL into check_addr_operand(). - fix missing decrement of num_smtp_recipients in error condition. - we know the sender value won't ever have angle brackets so we can always re-add them. - read_smtp_command() no longer skips whitespace before the operand since not all commands allow extra whitespace there and we want to log warnings when we find it where it shouldn't be. - make orig_data local to the places it's used -- simplifies its release! - add some VERB output in decode_mail_options() to show what's parsed from them. * src/addr.c: - radically simplify preparse_address_1(). It was going way overboard to accept total both nested angle brackets (totally forbidden by RFC 822 since approx. forever); as well as the stupid mess of "mutant" "route-addr with route" forms that could never get into this code in the first place, at least not since the addr field parser was fixed. This helps immensely for the use of preparse_addr[_1]() in the SMTP client code, and ripping the old crap out earlier would have avoided the recent heap overflow too! Sigh. - try to fix strip_rfc822_whitespace() so that it doesn't actually butcher comments and quoted strings. - fix check_target_and_remainder() so that it doesn't think remainder parts in non-MAILBOX, or non-PCT_MAILBOX or, non-LOCAL forms are supposed to be in strict local-part syntax. For now we do nothing to validate the remainder in other forms, though perhaps we should.... - use new %p for printing pointers. - sprinkle #include "exitcodes.h" and also "log.h" around for the panic() calls in the new xfree() and xrealloc() macros. * src/directors/user.c: - change the level of a DEBUG() about VRFY_ONLY -- too noisy. * src/queue.c: - since some systems (still) have "(unsigned) short int" uid_t and gid_t, and since their compilers might also allocate storage for these objects at addresses that are not properly aligned for full "int" storage, and since it's not possible in C to force sufficient alignment when passing by reference (as is done for scanf() etc.), we will read the stored UID/GID values by passing the addresses of "unsigned int" local variables to sscanf() to avoid risking an almost certain SIGBUS. [reported by Bruce Becker on SunOS-4.1.4 sparc] * src/modes.c: - oops -- missed some places where the angle-bracketing wasn't being done in the optional text and so showed up as empty addrs sometimes. * src/main.c: - PCRE needs to use the new priv_xfree() and priv_xrealloc() functions. * src/lookup.c: - the key in lsearch_lookup() might not be a full e-mail address so don't wrap it in angle brackets in DEBUG()s. * src/hash.c: - use new %p for printing pointers. * src/expand.c: - we shouldn't need to cast sprintf() to void on any supported platform. * src/bindlib.c, src/list.c, src/pwcache.c, src/qualify.c, src/retry.c, src/routers/bind.c, src/routers/gethost.c, src/routers/pathalias.c, src/routers/queryprog.c, src/routers/reroute.c, src/routers/rewrite.c, src/routers/smarthost.c, src/routers/uuname.c, src/transports/smtplib.c: - sprinkle #include "exitcodes.h" and also "log.h" around for the panic() calls in the new xfree() and xrealloc() macros. * src/string.c: - implement %p in str_printf_va() for printing POINTER_TYPE values in a standard notation. * src/dys.h: - we shouldn't need the silly cast to void of a constant in STR_FREE() to fool GCC any more. * src/alloc.c, src/alloc.h: - implement xfree() and xrealloc() as wrapper macros so that their outer X_CHECK() call will have a source file and line which means something. 2005-07-09 Greg A. Woods * src/transports/smtplib.c: - call it a "remote SMTP server", not a "process". * util/mkline.c: - pass the filename to mkaliasline() and mklistline(), esp. for read_entry(). * ToDo: - nothing to see... move along now.... * man/man5/smailconf.an: - update received_field default, and note that it may be deprecated in the future. * man/man5/smaildrct.an: - better example for the lists director. * src/log.c, src/modes.c, src/queue.c, src/smtprecv.c, src/transports/appendfile.c: - add missing newlines to some DEBUG()s. * src/main.c: - back to %s (instead of %v) for the error message in process_recipients(). 2005-07-06 Greg A. Woods * src/parse.c: - improve the comment for read_entry(). * src/parse.c: - rework the error handling and some error detection, in the config file parser. - read_entry() needs the filename too as a parameter so it can be used in the panic() message it might trigger. * src/direct.c, src/lookup.c, src/parse.h, src/qualify.c, src/retry.c, src/route.c, src/smailconf.c, src/smailconf.h, src/routers/queryprog.c, src/transport.c: - parse.c:read_entry() needs the filename too as a parameter so it can be used in the panic() message it might trigger. - as a result read_standard_file() also needs the filename as a parameter. * src/mkdrivtab.sh: - directors/include.o will depend on ../drivertab.h so add a rule in the Makefile template to say how make it, even though normal people will never run make in the driver subdirectories without first having run make in this source directory. * src/directors/include.c: - more new and improved DEBUG()s. - use the defines from ../drivertab.h for driver names. * src/directors/fwdfile.c: - more new and improved DEBUG()s. * src/directors/altuser.c, src/directors/error.c: - use the word "pass" in DEBUG()s when the director passes on an un-matched address. * src/directors/aliasfile.c: - use the word "pass" in DEBUG()s when the director passes on an un-matched address. - improve the comments about verifying owner addresses. * src/directors/smartuser.c, src/directors/user.c: - more new and improved DEBUG()s. * src/default.c: - remove the "proper", but completely useless, "owner" director since verification of owner addresses explicitly prevents use of the smartuser driver, which this director tried to use. * src/config.h: - in the definition of LIST_FILENAME use '${if def:ignore_user_case' to determine whether or not to explicitly lowercase the mailbox name. - use $addr instead of $user for LIST_* definitions to try to avoid any implication of this being a user-name. * src/addr.h: - update the comment about ADDR_SMARTUSER. 2005-07-05 Greg A. Woods * src/smtprecv.c: - oops -- fix syntax error in last! 2005-07-04 Greg A. Woods * src/smtprecv.c: - bind_check_if_canonical_host(sender_host_really, ... ) call in verify_host() was dereferencing sender_host_really when NULL. 2005-07-03 Greg A. Woods * src/modes.c: - woops -- missed updating one pid_t cast. * src/config.h: - move byte count down to follow the "with ... via ..." subfields. * src/debug.h, src/main.c, src/modes.c, src/notify.c, src/routers/uuname.c, src/transports/pipe.c: - one more sweep through to try to consistently print, store, and scan pid_t values as long ints, now that intlist_t stores long ints too. - also try to be more uniform of how PID values are presented in log entries and DEBUG() output. * src/string.c: - mention in the comment that str_printf() supports %u and %lu. * src/list.c, src/list.h: - intlist_t needs to store a long int since we normally store PIDs in them and since SuSv3 says pid_t can be stored in an id_t and that the latter must be no wider than a long int in at least some valid programming environment on every compatible host. - list counts are size_t -- be consistent about it. 2005-07-01 Greg A. Woods * man/man8/smail.an: - document the new -oMn, -oMN, and -oMR options used primarily to pass more info through the queue between smtpd and runq. * man/man5/smail.an: - document $sender_host_really (was missing, not new) - document the new $sender_host_invalid and $sender_host_really_invalid. - also add more in the comment for $foraddrs: 2005-06-29 Greg A. Woods * src/main.c, src/queue.c: - store and handle as queue/command-line parameters the sender_host_really (how did this get missed before!?!?!?) sender_host_invalid, and sender_host_really_invalid values. - I hate waffling back and forth like this, esp. in a near vacuum, but let's go back to formatting (and scanning) uid_t and gid_t as "unsigned int". Trying to use a "long" can cause warnings on Alpha, and no doubt other even more alignment-restrictive CPUs, and after all all known systems (at least those modern Smail will run on) have 32-bit UID and GID values anyway. (Some are signed, and some are not, but -1 is the only magic value in any API used here.) * src/modes.c, src/pwcache.c, src/sysdep.c: - I hate waffling back and forth like this, esp. in a near vacuum, but let's go back to formatting (and scanning) uid_t and gid_t as "unsigned int". Trying to use a "long" can cause warnings on Alpha, and no doubt other even more alignment-restrictive CPUs, and after all all known systems (at least those modern Smail will run on) have 32-bit UID and GID values anyway. (Some are signed, and some are not, but -1 is the only magic value in any API used here.) * src/config.h: - woops! missing {} around else clause in received_field. (This really should be C code with a couple of useful simple binary flags to control various optional features, such as the "for" sub-field.) * src/queue.c: - make sure we always treat real_uid and prog_egid as unsigned longs in sprintf() and scanf(). [likely was the cause of a SIGBUS on SunOS-4, reported by Bruce Becker] * src/queue.c: - fix a double-comma in the old log format printf(). [pointed out by Bruce Becker] 2005-06-27 Greg A. Woods * src/queue.c: - the empty check in queue_message_with_dots() has to be done for EOFs too! - yet more DEBUG()s for queue_message_with_dots(). * src/main.c: - if we want to xfree() something we have to do so _before_ the pointer to it gets clobbered with something new (which might not be pointing to allocated storage)! * ToDo: - here today, gone tomorrow (at least we can hope! :-) * src/smtprecv.c: - verify_host() can't be using a char const **errorp as it doesn't always return a const char *! - verify_host() sets sender_host_invalid and sender_host_really_invalid to be the simple format error messages that would be returned iff the sender_host is permitted because smtp_hello_broken_allow (or peer_is_localhost). * src/smailport.h: - define AF_LOCAL (to AF_UNIX) if necessary. * src/extern.h: - declare sender_host_invalid and sender_host_really_invalid (for smtprecv.c). * src/expand.c: - provide $sender_host_invalid and $sender_host_really_invalid. * src/addr.c, src/addr.h: - rfc1035_is_valid_domainname() can't be using a char const **errorp. - rfc1035_is_valid_domainname() should always set *errorp if it finds an underscore, even if it returns TRUE. * src/config.h: - make use of the new $sender_host_invalid and $sender_host_really_invalid messages in received_field. - TRUSTED_USERS must include daemon, at least on hosts using Vixie Cron, and probably on others as well; and it will likely need uucp too. - move the BOGUS_?ID definitions to "smail.h" -- they are not configurable. * src/smail.h: - move the BOGUS_?ID definitions here -- they are not configurable. * src/directors/error.c, src/directors/include.c, src/pwcache.c, src/sysdep.c, src/transports/appendfile.c, src/transports/pipe.c: - these will no longer need "config.h". * src/modes.c: - log_incoming() must be called _after_ read_message(). * src/direct.c: - move "config.h" after "smail.h" for consistency ("smail.h" should be first) * src/string.c: - add a comment about implementing our own %p in str_printf_va(). * src/alloc.h: - argh! I somehow forgot write_log() uses str_printf() and thus can only use %lx for now. [need to implement our own %p!] * src/addr.c: - the 'target' field, like 'remainder', is also a pointer into work_addr and so cannot be freed. * ToDo: - less is less. * src/string.c: - in the is*_in_list() functions use chop() to ignore whitespace on entries. * src/match.c: - (also) chop() spaces (off the end) of IP patterns in IP lists. - chop() spaces off messages from IP lists too. - add comments about skipping spaces between options and ';' in PCRE expressions, as well as off the message text too. 2005-06-26 Greg A. Woods * src/modes.c: - also check that real_hostname is non-empty. - only set real_domain if the first dot wasn't at the end of real_hostname. - truly once and for all ignore empty entries, and whitespace around names, in visible_domains and hostnames. - turn on those EXTREME_DEBUGGING statments again, but increase their level by twice the DBG_*_HI value. * src/smailstring.h, src/string.c: - implement a simple whitespace chopper -- chop(). * src/lookup.c: - pretend to fix a nasty looking style bug. * src/match.c: - fix some comments. * src/smtprecv.c: - don't bother to do WHOSON checks if the session is not going to be denied. - factor out the address and ESMTP option validation for RCPT_CMD and MAIL_CMD into a new unified function check_addr_operand(). - modify invalid_operand_warning() to take an e_smtp_cmds value instead of a static string copy of the command name. - fix non_compliant_reply() to do the same so it can have multiple callers. - fix non_compliant_reply() so that it uses send_smtp_msg(). - use preparse_address_1() to validate RCPT_CMD operands too! - complain about unsupported ESMTP options on RCPT_CMD. - try for now to always store RCPT_CMD addresses with their angle brackets. - improve variable names in decode_mail_options(). - make sure in_addr is new storage when setting up addr structs. - use free_addr() in a few more places. - add more DEBUG()s as alternates to "if (out)" responses. * src/addr.c: - print the pointer values in dump_addr() [for debugging double-frees]. - tweak some comments. * src/resolve.c: - local_name needs to always be its own allocated storage if free_addr() is to have any hope of not leaking it. - add an #if0'ed xfree() around a place where work_addr is overwritten -- not sure if it's always safe to free the old pointer here or not. * src/directors/aliasfile.c, src/directors/fwdfile.c: - fix the logic, and some DEBUG() and write_log() stuff, related to expanding and verifying owner addresses. * src/directors/user.c: - mention why we cannot use free_addr() to clean up a temporary struct addr. * src/debug.h, src/log.c: - make it easier to identify multiple processes in trace output by adding the PID to the front of most debug messages, either at -v91 or higher, or whenever the daemon mode is being debugged. * src/alloc.h: - X_CHECK() should probably always format pointers to their full width with leading zero padding (e.g. so folks on I32LP64 systems don't get confused into thinking the whole pointer value isn't being printed). - more comments about X_CHECK() and X_MAGIC, and separate the format string for X_CHECK()'s panic message into a separate macro so it's easier to adapt should we ever encounter a system where a long int is smaller than a pointer. 2005-06-25 Greg A. Woods * src/main.c: - in process_recipients() write to all the logs (and tty) when the recipient count from process_field() doesn't match the parameter count. (maybe this should be re-designed to allow a return of an error instead of effectively having to panic()) 2005-06-24 Greg A. Woods * src/transports/smtplib.c, src/transports/smtplib.h: - don't complain about rfc2852's "deliverby" ESMTP option [which we should really try to implement someday soon] * src/smtprecv.c: - we can't just save a pointer to the clobbered sender value -- we have to make a new copy of the value since the old copy is xfree()d by read_message()'s call to initialize_state and yet we'll be accessing it again! * src/notify.c: - fix grammar a bit more in the bounce intro text. * src/config.h: - update some comments. * src/addr.c: - OK, this code in preparse_address_1() is just way to opaque. Try making it more readable by reducing the abusive re-use of "ap". * ToDo: - more is more. * src/smtprecv.c: - try once more to handle getpeername() failures properly. - lots of re-arraning to avoid worrying about gethostby*() calls clobbering each other's values -- always call right before use. - clean up the APIs that were #ifdef'ed by using void *. - fix some PTR testing logic in verify_host(). - minor fixes to error message formatting. - log domain literal "explanations" as warnings. - save the sender pointer around read_message() so that our call to log_incoming() records the right envelope sender without also having to use process_args() and check_sender(). - reset sender_proto on HELO_CMD so those that fail EHLO but succedd with HELO will have the right info. * src/modes.c: - always use the args from read_message() -- especially needed now that it calls initialize_state() and clobbers recipients et al! - print the stored invoker-IDs in mailq. - detect lack of recipients in verify_addrs() when using '-t'. - fix signed comparison warning. - note some places where read_message()'s returned argv leaks storage. * util/logsumm.awk: - take account of recent minor improvements to error checking and reporting in bind_check_if_canonical_host(). * src/match.c: - oops -- don't return pointers to freed space when debugging! * src/debug.h: - oops -- stray left-over under-90 PID printing for DEBUG5()! * src/bindlib.c: - minor improvements to error checking and reporting in bind_check_if_canonical_host(). * util/mkdbm.c, util/mkline.c, util/unsharmap.c: - add stand-alone prog_egid for match.c:trusted_invoker(). * src/match.c: - wso_query()'s third parameter is an int despite being a buffer length. 2005-06-23 Greg A. Woods * ToDo: - more is less. * src/main.c: - note the need for better validation and verification of sender addresses that have been supplied on the command-line. * src/smtprecv.c: - fixup some comments. * src/queue.c, src/smtprecv.c: - further and better explain why messages received by smtpd will still have sender_is_trusted set to TRUE and what the implication is. * src/queue.c: - define sender_is_trusted global flag. - explain why messages received by smtpd will still have sender_is_trusted set to TRUE. * src/main.c, src/main.h: - sender_is_trusted belongs only to queue.c. * src/extern.h: - move declaration for sender_is_trusted here as there's no queue.h file right now. - rename trusted to trusted_users. * src/config.h: - rename TRUSTED to TRUSTED_USERS and give it the default value of "root". * src/config.c, src/match.c, src/smailconf.c: - rename trusted to trusted_users. * man/man5/smailconf.an: - update the *_field definitions. - try to explain sender_env_variable better. * src/config.h: - fix up uses of $sender in the *_field definitions. - use new $local_sender in received_field. * src/modes.c: - read_message() now calls initialize_state() itself. - process_args() doesn't need the from_spool parameter any more. - move compute_nobody() to sysdep.c -- better place than here! - perform_deliver_mail() must call log_spool_errors() if ever there's an error reading the message. * src/main.h: - process_args() doesn't need the from_spool parameter any more. * src/main.c: - initialize all the basic type static vars. - fix up initialize_state() to really only set per-message state, and free sender and sender_name if necessary before clearing them. - call compute_local_sender() before initialize_state(). - process_args() doesn't need the from_spool parameter any more and it always sets the sender variable from '-f' -- it gets checked properly . - always free sender and sender_name before setting them. - check_sender() handles <> and <+> specially. - check_sender() rewrites bad addresses to "postmaster" (for now). - check_sender_perms() uses new trusted_invoker(). - tweak style, comments, and simplify some minor logic. * src/queue.c: - s/fixup_login_user()/fixup_login_sender()/ - fixup_login_sender() always does its job, even though it should only ever be called once. - read_message() now calls initialize_state() itself. - read_message() now frees and reset local_sender, using nobody if no name is found in the spool file. - free sender before setting it. - use new trusted_invoker(). * src/transport.c: - add a comment/implementation-question. * src/sysdep.c: - move compute_nobody() in here even though it's not really system dependent and get rid of the unnecessary loop to "fix up" the IDs in current recipients because there cannot ever be any. * src/smtprecv.c: - don't call initialize_state() -- it'll be done by read_message() on the resulting spool files. - free local_sender before changing it. - free and clear sender_name -- we can't know it. - don't do smtp_greeting_delay for connections from INADDR_LOOPBACK. * src/notify.c: - doesn't need . * src/match.c, src/match.h: - implement trusted_invoker() to test $trusted_users and $trusted_groups. * src/expand.c: - don't fail if ${if, etc. expand to an empty string. - implement $local_sender. * src/direct.c: - pass all lower-case static strings to EQIC() to differentiate them. * src/addr.c: - internal_build_uucp_route() should handle <> and <+> specially. - minor style and DEBUG() improvements. * man/man5/smail.an: - document new $local_sender variable. 2005-06-22 Greg A. Woods * src/addr.c, src/alloc.c, src/bindlib.c, src/direct.c, src/field.c, src/hash.c, src/header.c, src/list.c, src/parse.c, src/qualify.c, src/resolve.c, src/route.c, src/directors/aliasfile.c, src/directors/smartuser.c, src/directors/user.c, src/string.c, src/transport.c, src/routers/bind.c, src/routers/gethost.c, src/routers/pathalias.c, src/routers/queryprog.c, src/routers/reroute.c, src/routers/rewrite.c, src/routers/rtlib.c, src/routers/smarthost.c: - include everywhere needed by DEBUG() for getpid() decl. * man/man5/smailconf.an: - another new default definition fix for from_field. * src/smtprecv.c: - do_greeting() needs to know if there was a peer address before it goes off checking anything about that address, so pass 'peer' to it. - re-arrange the setting and use of sender_host_addr et al so that they're done right for '-bs', '-bS', and remote connections and so that various checks can be done in what should be the most efficient manner while still not risking (too much) a excessive delay for the 220. - don't check for slammers unless there is a peer address, i.e. don't delay the 220 for '-bs'. - use 'nobody' as local_sender for remote clients. - use new rfc1035_is_valid_domainname() instead of hand-crafted checks. - distinguish SIGTERM and SIGINT in the 421 text. * src/main.c, src/main.h, src/modes.c: - call compute_local_sender() from initialize_state(). - move *_*id setting up above call to initialize_state() so compute_local_sender() will know the real_uid. - process_args() gets another parameter so that it knows whether it's handling args from a spool file or from the command line. - fix process_args() handling of '-f' so that it trusts '-f' from spool files. - don't munge the '-f <>' and '-f <+>' sender addresses -- leave them alone. - change variable name s/restrict/restricted/ - use a separate 'remainder' variable in check_sender(). - don't log sender syntax errors from the command line. - use logfile, not paniclog, for sender syntax errors in spool file. - implement trusted_users and trusted_group checking for '-f sender' given on the command-line. 2005-06-21 Greg A. Woods * src/addr.c, src/addr.h: - implement a proper rfc1035_is_valid_domainname() and use it in check_target_and_remainder() (will also be used in smtprecv.c). (note one version of the old code wasn't properly detecting bogus hostnames that ended in a dot)! - properly detect and report a missing closing ']' on domain literals. - properly reject all domain literals on hosts without BSD_NETWORKING. - fix comments, style, etc. * src/queue.c: - fix a major off-by-one error in fixup_login_user() -- the opening '!' of the in-core copy of the queue file was being over-written. - try harder to detect and report bogus spool files. - compute_local_sender() will move to initialize_state() so adjust the logic instead to handle local_sender being already set. - improve DEBUG() support a bit. - use TRUE/FALSE for logic values. * src/modes.c: - mailq now prints the local_sender and envelope sender properly. - mailq now uses initialize_state() before read_message() even when parsing the "other" queue. * src/config.h: - fix from_field -- the internal bounce sender is a bare "+", with no angle brackets. * src/directors/aliasfile.c: - move the ERR_113 handler up to where it belongs. - paniclog the owner address verification failure. - improve some DEBUG() output (e.g. mention filename). * src/notify.c: - fix a major boo-boo in the SMTP output -- DATA must be on its own line! - should be safe now to always just add angle brackets on addresses. - minor style fixes, use of dprintf(), casts, etc. * src/debug.h: - add "[PID]" to every output IFF debug>90, which sometimes helps separate the different notify processes. * src/expand.c: - improved DEBUG() stuff somewhat. 2005-06-20 Greg A. Woods * src/sysdep.c: - use COPY_STRING() not separate xmalloc()+strncpy(). * src/spool.c: - add a fun new DEBUG() message and fix some comments & whitespace. * src/route.c: - wonder again why premunge_remote_addrs() moves trailing dots to be leading dots.... * man/man5/smailconf.an: - new default definitions of from_field and return_path_field. - improve description of trusted_* attrs. * man/man8/smail.an: - '-bq' paragraph got split by a bad edit * src/routers/gethost.c: - improve some DEBUG() messages. * src/directors/fwdfile.c: - add angle brackets around an address in a DEBUG() message. 2005-06-19 Greg A. Woods * src/modes.c: - add a silly debugging assert() to smtp_mode() to try to guarantee do_smtp is always called correctly. * src/match.c: - fix the match_pcre_expr() to always print the first 60 bytes of the string being matched, adding "[....]" if it's longer. - use DBG_ADDR_* instead of DBG_DRIVER_*. [but should invent DBG_MATCH_*] * src/field.c: - add some debug code to print the address list returned by process_field(). 2005-06-17 Greg A. Woods * src/parse.c: - don't spew the whole remaining config value into the paniclog when a parse error is encountered -- just the first 40 bytes of it. * src/smtprecv.c: - don't dump core in verify_addr() if the "out" file pointer is NULL! * ToDo: - 3, 2, 1, .... * util/logsumm.awk: - count and report slammers. - fix wording of "matched in *" messages. - include all 'command too long' records in its count. * src/smtprecv.c: - fix wording of "DNS spoofing attempt" message to work better as a "warning" message. 2005-06-16 Greg A. Woods * src/smtprecv.c: - try a wee bit harder to not clobber a NULL smtp_sess_deny_msg (e.g. from match_dnsbl()) with bogus text from a later test. * man/man8/smail.an: - minor grammar fixes. - add commented out description of '-bT'. * src/modes.c: - don't cause bounces when there's no address to deliver to if dont_deliver is set! - make sure smtp_greeting_delay and smtp_receive_*_timeout values are in their proper ranges. - add one-time paniclog messages when config attributes are forced into their proper ranges. * src/transports/tcpsmtp.c: - add newline to DEBUG()s before smtp_shutdown() calls (and remove the one after) so that the "sent QUIT" message looks right. * util/mkdbm.c, util/mkline.c, util/unsharmap.c: - stand-alone operation_mode definition. * src/main.c: OOPS! Last commit message was wrong! Here's the right one: - catch all invalid option flags -- we need to no-op any that are needed for compatability so that we know what they are and can reserve (or even implement) them. - mention smail(8) in other "invalid option" error messages too. * man/man5/smailconf.an: - document smtp_greeting_delay attribute to control pause before banner, with a minimum delay of one second and a maximum of half the current smtp_receive_command_timeout. - mention valid ranges for smtp_receive_*_timeout too. * src/smtprecv.c: - use smtp_greeting_delay attribute to control pause before banner, with a minimum delay of one second. - send a 554, not 521, response when dropping slammer (corresponds to the code used by sendmail and exim). * src/config.c, src/extern.h, src/smailconf.c: - add smtp_greeting_delay attribute to control pause before banner. * src/match.c, src/main.c: - make the "DNSBL ... is empty" message show up even without any '-v'. 2005-06-15 Greg A. Woods * man/man8/smail.an: - document new '-bD' mode for testing DNSBLs. 2005-06-13 Greg A. Woods * src/main.c: - tweak some comments. * src/smtprecv.c: - if the platform supports fcntl(O_NONBLOCK) then sleep for a second after the connection is open and before spitting out the banner so that we can test to see whether or not the client sent anything before reading the banner. If it did then drop the connection -- it is spamware or an e-mail worm, etc. * src/modes.c: - log the accept() result to get a closer timestamp for the incoming connection -- one not delayed by PTR lookup. - remove the SMALL_MEMORY limiters on runq_max, smtp_accept_queue, and smtp_accept_max -- more rope. * src/geniobpeek.sh: - add an IOB_NOT_EMPTY_P() macro to iobpeek.h for completeness. 2005-06-11 Greg A. Woods * src/smtprecv.c: - oops! use '%v', not '%q' to format the reason string from smtp_hello_reject_hostnames. * src/queue.c: - OOPS! missing a break statement in a critical loop in queue_message_with_dots()! * ToDo: - more ideas. 2005-06-10 Greg A. Woods * util/logsumm.awk: - adapt to new smtp_hello_reject_hostnames error format. * src/config.h: - with the smtp_hello_reject_hostnames check into verify_host() where it probably belongs we don't have to bypass domain literals in its default setting. - remove comments aabout not using "?:" in PCRE expressions -- it's in the manual page. * src/smtprecv.c: - move the smtp_hello_reject_hostnames check into verify_host() where it probably belongs. - try to at least make this compile without HAVE_BSD_NETWORKING and HAVE_BIND being defined. * src/modes.c: - try to at least make this compile without HAVE_BSD_NETWORKING and HAVE_BIND being defined. * util/Makefile: - make the source file copies from ../src be read-only in here. * src/sysdep.c: - compute_domain()'s parameter may not be used if HAVE_BSD_NETWORKING is not defined. * src/lookup.c: - this may need . * src/match.c: - don't include bindlib.h or bindsmtpth.h if HAVE_BIND is not defined. * util/mkdbm.c, util/mkline.c, util/unsharmap.c: - add a stub for bind_lookup_txt_rr() to adapt for match_dnsbl() moving into match.c. 2005-06-09 Greg A. Woods * src/extern.h, src/main.c, src/main.h, src/modes.c: - add a new command-line operation mode, -bD, for testing DNSBLs. - move the only_testing initialization into main.c so that none of the early write_log() calls get tripped up when not necessary. * src/match.c: - always run through the whole list in match_dnsbl(), not stopping on the first successful lookup when debug is >= 9. - fix DEBUG()s in match_dnsbl() (esp. no more crash when DNS returns NODATA). * src/bindlib.c: - always insert a newline between TXT RR content in bind_lookup_txt_rr(). - increase level for opening DEBUG() in bind_lookup_txt_rr(). * src/smailconf.c: - always at least try to print a warning if a config file cannot be opened and only_testing mode is set, otherwise callers will only know to complain if required_configs is set. * src/match.c, src/match.h, src/smtprecv.c: - move match_dnsbl() to match.* and make it a global function. * src/smtprecv.c: - add timekeeping and more DEBUG() to match_dnsbl() so that it can warn when lookups take too long. * src/debug.h: - fix the comment for DBG_REMOTE_*. - GC the DBG_STARTUP_* values -- there is no startup.c. 2005-06-07 Greg A. Woods * src/queue.c: - ignore EINTR when reading message content -- expecting it to be from a SIGHUP.... (SIGINT and SIGALRM handlers should be set at this point to functions that never return). * ToDo: - EINTR while reading a message wasn't a race -- we just never got to report it before! * src/smtprecv.c: - add a note about the possibility of moving the smtp_hello_reject_hostnames check into verify_host(). * src/modes.c: - move the <> around an optional %v to the optional prefix and suffix text. 2005-06-06 Greg A. Woods * src/smtprecv.c: - the WHOSON wso_query() function actually takes an int, not size_t, third parameter. - consistently clear tmpmsg after xfree() in deny_greeting(). * and fix one more less catastrophic bug in the following change (sender_host is not yet set, must log the "data" value): - do the cheap smtp_hello_reject_hostnames check before DNS lookups. * src/smtprecv.c: * oops! fix bug in the following change (sender_host is not yet set, must verify against the "data" value): - do the cheap smtp_hello_reject_hostnames check before DNS lookups. * src/smtprecv.c: - do_greeting() can figure out ehlo_p using sender_proto just like everyone else so don't pass it as a parameter. - improve the syntax conformance checks for RCPT and MAIL. - add a comment string to the invalid_operand_warning() log. - make sure we log errors from preparse_address_1(sender). - rename rcpt_to_had_comments to the more apt rcpt_to_had_options. - don't even bother calling check_smtp_remote_allow() if no stdout. - in check_smtp_remote_allow() allow relay if no sender_host_addr. - just pass sender_host_addr directly to invalid_relay_error() -- it does its own tests and substitution. - only log QUIT if there were not messages collected. - do the cheap smtp_hello_reject_hostnames check before DNS lookups. - try using smtp_cmd_list[smtp_cmd_id].name instead of many hopefully identical static strings. - improve some DEBUG()s and some comments. - use <> around %v for addresses in more DEBUG() messages. - more GCC_UNUSED_HACK hacks. * ToDo: - more more more! (but maybe have fixed the "smail -bt" crashes from over-eager GC). * src/addr.c: - implement rfc2822_is_{dot,quote}_string() and use them to verify mailbox local parts instead of using the not-quite-right rfc821_*() variants we were using. - fix strip_rfc822_whitespace() so that it tries to collapse FWS (unfold) inside quoted strings, leaving just one space. - don't GC parent or true addrs in free_addr() -- they could be pointed to by multiple addrs and thus could result in double xfree() calls. - improve some DEBUG()s. - use <> around %v for addresses in more DEBUG() messages. * src/field.c: - FWS inside quoted strings is unfolded to a single space right away during field tokenization to avoid future hassles with parsing it. - detect partial matches of route-addrs as syntax errors even when the field has been modified. - garbage collect addresses that have been extracted by match_general() if it fails as it always calls enqueue_address() and we don't detect partial matches until after it returns. - add some new DEBUG()s, improve some others, fix up some comments and make a few minor style adjustments. * src/transports/smtplib.c: - fix the algorithm implemented by rfc821_is_quoted_string() so that it properly terminates on the first double-quote and then tests to see if its at the end of the string or not. - adjust some comments about RFC stuff. * util/logsumm.awk: - it seems the message sizes rarely match a good bell-shaped Gaussian distribution, so let's also get the true 95'th and 99'th percentile by feeding a "sort -n" pipeline as we read each Received record. [if this works efficiently enough then the SD method of estimating the 95'th percentile should be removed, at least for sizes] * src/expand.c: - note that ${shquote: is not need for the pipe driver's "cmd" attribute. * src/modes.c, src/resolve.c, src/route.c, src/direct.c: - use <> around %v for addresses in more DEBUG() messages. * src/config.h: * way back with revision 1.59 on 1998/04/10 I said the following, and it seems I need to say it again: - we don't need or want ${shquote on LOCAL_MAIL_COMMAND. It always goes directly through build_cmd_line() and not a shell command line. %s - also use ${} around more variables where it makes the name easier to read. * man/man5/smailtrns.an: - note that ${shquote: is not need for the pipe driver's "cmd" attribute. - remove use of ${strip: in examples too -- it's bogus for them all. * src/string.c: - improve the comment for strip(). * src/resolve.c: - fix the comment about why strip() is needed for local addresses. - use %v in a few more places. * src/queue.c: - fix opening DEBUG() in queue_message_with_dots() (missing %s). - detect when no input has been received when reading a message and handle that as a special error so that delivery isn't attempted of empty messages (which would then trigger a bounce attempt in some cases). * src/notify.c: - default new extra_info output to "" in notify_new_message(). - improve a couple of DEBUG() messages. * src/hash.c: - use %v to print hash key strings. * src/expand.c: - rename internal strip_quotes() [used for ${strip:] to strip_making_filename() to more appropriately describe what it really does. * src/config.h: - use ${shquote: (not ${strip:) for $user, where appropriate on command-line definitions. - also ${shquote: $host in command-line definitions too. * man/man5/smailconf.an: - try to improve the grammar for ignore_user_case. 2005-06-05 Greg A. Woods * ToDo: - +3 new, -1 old. * src/addr.h: - declarations for new rfc2822_is_{dot,quoted}_string() functions. * src/notify.c: - minor improvements to the internal notify_new_message() API. - minor improvements to bounce message prologue. 2005-06-03 Greg A. Woods * src/config.h: - oops -- missing backslash in definition of FROM_FIELD. * ToDo: - we win some, we lose some, and we try to fix some typos! * src/config.h: - in the default from_field setting try to take care not to accept blame for empty return paths or remotely originated mail (i.e. do not put anything in the from (or sender) field resembling a local username or use any of the local domain or hostnames). * src/expand.c: - allow eq{} et al condition operators to test against an empty string. * src/header.c: - stop the old "apparently-to:" nonsense, and don't bother with the "undisclosed-recipients:;" crap either -- just do "to:" properly. - add some paniclog writes to reveal problems with $*_field settings. 2005-06-02 Greg A. Woods * src/smtprecv.c: - don't bother passing sender_host_addr to deny_greeting(). - add an explicit got_sighup state variable that can be used to discern an actual EINTR when reading input vs. a left-over errno value. This fixes the occasional infinite loops after SIGHUP in recent snapshots. - be more careful to not always clobber smtp_sess_deny in the smtp_reject_hosts test, even though it is now the first use. - do not clear smtp_sess_deny in RSET_CMD handling! - move the smtp_host_dnsbl_domains test up a bit to get it up above where the WHOSON check resets smtp_sess_deny (and partly to group it in with the other HAVE_BSD_NETWORKING code,). - try to make all the log entries have consistent formatting of client identification (especially remove space before IP addr, eliminate accidental "(null)" and explicit "UNKNOWN" junk, make use of parens and braces on IPs more consistent, and try once again to fix up the "remote HELO:" entries to be more sensible). - change the log message for smtp_mua_only_hosts matches and "SUBMISSION" clients to explicitly say "rejecting bounce". - change the smtp_sess_deny log entry to explicitly say "refusing unwanted command" instead of the text that was already used elsewhere. - decrement num_smtp_recipients again in RCPT_CMD handling if verify_addr() fails -- this gives human testers and others using the empty return path a chance to correct their mistakes. - don't give an OK early in verify_addr() when BSMTP is in use -- do all the tests and rely on sender_host_addr checks et al to avoid those that can only apply when the client is TCP connected. - fix "lost connection" message to say "got EOF" when BSMTP in use. - add DEBUG() output at lowest level for BSMTP (smail -v -bS) testing. 2005-06-01 Greg A. Woods * util/logsumm.awk: - relaxed matching for "via message submission" records. - remove unnecessary comment * src/queue.c: - fix one potential place where PUTSPOOL() might be called in queue_message_with_dots() after a failure has already occured. - try to fully document the algorithms implemented by the queue_message_with_dots() function. - improve the opening DEBUG() in queue_message_with_dots() so that the need for dot-stuffing is also mentioned. - very minor style tweaks. * src/routers/uuname.c: - when any error is encountered in rtc_uuname() [cache function], write the error message to the paniclog as well as saving it in the private info for possible eventual use by actual routing. This helps better identify and timestamp any error messages also written to the paniclog by uuname. - adapt to use of a struct config_stat to store the stat(statfile) results in private info. * src/default.c: - adapt to use of a struct config_stat to store the stat(statfile) results in the uuname driver's private info. * src/routers/uuname.h: - use a struct config_stat to store the stat(statfile) results. * src/smailconf.c, src/smailconf.h: - move definition of struct config_stat out to smailconf.h so it can be used by driver cache functions, e.g. rtc_uuname(). 2005-05-27 Greg A. Woods * src/smtprecv.c: - fix reset_state() so that virus scanners can continue to use RSET to keep the connection alive without a timeout -- only clear sender_host in QUIT and do_greeting(). - improve some error messages in the rDNS checks. * src/smtprecv.c: - be more explicit about which name caused the error when there are problems verifying the PTR name. * src/smtprecv.c: - rename aresult2 to aresult_ptrname. - fix a bug in handling of smtp_hello_reject_broken_ptr -- need to check the right result! * myPreview.sh: - allow override of $DATE to allow backdating (if near midnight! :-). * src/Makefile: - smtprecv.c now uses drivertab.h, which being a target file needs to be added to smtprecv.o as an explict dependency (in case "make depend" was not run). * src/expand.c: - don't expand empty list items in ${foreach: expansions. - add/improve some more comments. 2005-05-10 Greg A. Woods * ToDo: - more, more, more. * src/smtprecv.c: - make sure smtp_sess_deny_msg is cleared if a test is not setting smtp_sess_deny (and it's not already set). This is extra paranoia to make sure the explicitly negated matches in reject lists don't spew the junk messages that might be given with the negated pattern when some subsequent test fails and which also doesn't set the deny_msg for some reason (e.g. a DNSBL without associated TXT records). This should only be necessary near match_hostname(), but done everywhere for consistency. I'm not sure why match_dnsbl()'s explicit clearing of the message doesn't always work though.... - try to improve the resolv_addr_list()/check_smtp_remote_allow() error handling. - try to improve grammar in verify_addr() responses. - fix check_smtp_remote_allow() to defer the address if smtp_remote_allow is unset or empty -- fail safe! [suggested by Andrew Buckeridge ] - other minor tweaks and cleanups. 2005-05-09 Greg A. Woods * src/expand.c: - comment tweak. * src/modes.c: - print the argv list for execv(). - include the strerror() in the panic message if execv() fails. * src/smailconf.c: - add spaces for readability around '=' in config attribute and attribute type output. * src/smailstring.h, src/string.c: - revamp quote()'s needs_quote tests to allow pathnames and command-line flags to go unquoted (which are still legal dot-strings too). - add quote_args() to turn "char *argv[]" into a nice string with args quoted as needed. 2005-05-08 Greg A. Woods * util/logsumm.awk: - major pattern matching simplification for ERR193 messages. * util/checkerr.sh: - minor grammar improvement in "double-bounce" messages. * src/modes.c: - refactor to combine the nearly identical guts of kill_runq_children() and kill_smtpd_children() into the new kill_some_children(). 2005-05-03 Greg A. Woods * pcre/AUTHORS, pcre/COPYING, pcre/ChangeLog, pcre/LICENCE, pcre/Makefile.in, pcre/NEWS, pcre/README, pcre/RunTest.in, pcre/config.guess, pcre/config.in, pcre/config.sub, pcre/configure, pcre/configure.in, pcre/dftables.c, pcre/get.c, pcre/internal.h, pcre/ltmain.sh, pcre/maketables.c, pcre/mkinstalldirs, pcre/pcre-config.in, pcre/pcre.c, pcre/pcre.in, pcre/pcredemo.c, pcre/pcregrep.c, pcre/pcreposix.c, pcre/pcreposix.h, pcre/pcretest.c, pcre/printint.c, pcre/study.c, pcre/doc/Tech.Notes, pcre/doc/pcre.3, pcre/doc/pcre_compile.3, pcre/doc/pcre_config.3, pcre/doc/pcre_copy_named_substring.3, pcre/doc/pcre_copy_substring.3, pcre/doc/pcre_exec.3, pcre/doc/pcre_free_substring.3, pcre/doc/pcre_free_substring_list.3, pcre/doc/pcre_fullinfo.3, pcre/doc/pcre_get_named_substring.3, pcre/doc/pcre_get_stringnumber.3, pcre/doc/pcre_get_substring.3, pcre/doc/pcre_get_substring_list.3, pcre/doc/pcre_info.3, pcre/doc/pcre_maketables.3, pcre/doc/pcre_study.3, pcre/doc/pcre_version.3, pcre/doc/pcreapi.3, pcre/doc/pcrebuild.3, pcre/doc/pcrecallout.3, pcre/doc/pcrecompat.3, pcre/doc/pcregrep.1, pcre/doc/pcrepattern.3, pcre/doc/pcreperform.3, pcre/doc/pcreposix.3, pcre/doc/pcresample.3, pcre/doc/pcretest.1, pcre/testdata/testinput2, pcre/testdata/testinput4, pcre/testdata/testinput5, pcre/testdata/testoutput1, pcre/testdata/testoutput2, pcre/testdata/testoutput3, pcre/testdata/testoutput4, pcre/testdata/testoutput5: - check in PCRE-5.0 after having run the following command: %s rm -rf NON-UNIX-USE makevp.bat perltest doc/*.txt doc/html * src/smtprecv.c: - rename set_reload_signal() to smtp_reload_sig() for consistency. - get rid of unnecessary got_reload_signal flag variable. - get rid of now-unnecessary code at end of the (endless) command loop. - in read_smtp_command() if getc() returns EOF then be sure to check for EINTR as otherwise SIGHUP will look like an EOF_CMD. - always turn off alarms and set SIGHUP to smtp_reload_sig() and SIGALRM to smtp_receive_timeout_sig() (instead of only when "out" is non-nil). - always turn off smtp_remove_on_timeout in reset_state(). - do the unlink_spool() early in smtp_receive_timeout_sig(). - fix up some comments about signal handling. * src/modes.c: - OH, how embarrassing! Fix the order of parameters to kill(2)! - always cast pid_t values to int for printing since we assume in many other places that they are signed and no wider than int. - update some comments, minor style tweaks, etc. * ToDo: - mention that check_sender() allows bogus "@domain". - mention that delivery_signals() should cause SIGTERM to kill process while between transport driver calls. * src/smtprecv.c: - rename term_signal to got_reload_signal since it will now be set with SIGHUP, and similarly set_term_signal() becomes set_reload_signal(). - make sure there's no pending alarm before setting SIGALRM handler for the first time. - while reading a message [smtp_input_signals()] SIGHUP sets the reload and queue_only flags, and SIGTERM & SIGINT call smtp_sig_unlink(). - while processing commands [smtp_processing_signals()] SIGHUP still sets the reload and queue_only flags, while SIGINT & SIGTERM call smtp_receive_timeout_sig(). - use sig2str() in debug and log messages. - improve the HELP command output a bit (include '.'). - "mother may I" hacks for the no_files_by_email_msg text. * src/modes.c: - make sure the child process in bg_run_queue() resets "interrupt" signals to their default state before doing anything (this should make sure runq background jobs are easily killable). [noting that the runq process should really pass on the signal to its child message handler before dying itself] - make sure process_one_spool_file() sets processing_signals() early so that it does the right thing with signals up to when deliver_mail() sets delivery_signals(). 2005-05-02 Greg A. Woods * src/modes.c: - make sure runq and smtpd children don't have a copy of either of the runq_children or smtpd_children lists (and make sure these lists are clear at other key points too). - send SIGHUP to all runq and smtpd children when reloading configs. - use sig2str() for log and debug messages. - add suicide prevention to the kill_*_children() functions. - improve and fix some comments, esp. about signal handling. * src/transport.c: - call add_charplist() instead of adding to lists manually (making sure the pointed to storage is newly allocated, just in case anyone ever tries to free one or the other). * src/spool.c, src/spool.h, src/config.c, src/extern.h: - make use of voidplist_t instead of charplist_t for pcre_info_t lists, and provide free_pcre_info() for use by free_voidplist(). * src/main.c: - update the comment about logstr initialisation. * src/match.c, src/match.h, src/smailconf.c: - make use of voidplist_t instead of charplist_t for pcre_info_t lists, and provide free_pcre_info() for use by free_voidplist(). * src/list.c, src/list.h: - add voidplist_t stuff -- can store a pointer to a "free it" function for freeing complex data structures. - add free_*() functions for all list types. * man/man8/smail.an: - mention something about signal handling behaviour. - add authors and standards sections. - style tweaks. 2005-05-01 Greg A. Woods * util/logsumm.awk: - flexible matching for DNS spoofing message * src/smtprecv.c: - perhaps better wording for DNS spoofing message. 2005-04-27 Greg A. Woods * src/smtprecv.c: - clean up the logic around the smtp_sender_rhsbl_domains test to fix a very silly but sly C expression bug that was introduced in revision 1.242 2005-04-25 Greg A. Woods * src/bindlib.c: - get rid of an (unnecessary) memory leak in get_addr_hints() [pointed out by Eric Siegerman] * src/directors/user.c: - oops -- buglet in last change... * src/directors/user.c: - lower the "re-writing" DEBUG() to _LO (1) and change it to use the same form as the following "matched" DEBUG(). 2005-04-24 Greg A. Woods * util/logsumm.awk: - count and report "invalid characters" errors. * src/smtprecv.c: - make the "remote QUIT" log entry more consistent with others. - invalid-chars and/or command-too-long should return a 521 since the connection is immediately dropped. - always show sender_host in the "remote HELO" log entry, even if it is the same as the orig_data value (makes info more consistent), and also put a space before the "source []" part for easier parsing. - two more verify_host() errors need no trailing periods. - protect sender_host from null deref when logging remote deferred. - remove unnecessary double spaces from some log entries. * man/man5/smailconf.an: - a wee grammatical fix for the previous change. * src/smtprecv.c: - error messages returned by verify_host() should not end in a period. * man/man5/smailconf.an: - adjust wording to allow for the fact that if smtp_hello_verify is turned off then verify_host() will still make one last-chance check to see if at least the "IP -> name -> IP" mapping from the PTR is consistent, if necessary. * src/smtprecv.c: - fix up verify_host() so that if smtp_hello_verify is turned off then it will still make one last-chance check to see if at least the "IP -> name -> IP" mapping from the PTR is consistent if necessary. - update some comments. - make sure verify_host() always returns its result in a canonical representation ("%q"), and that the name stored in sender_host_really is similarly canonicalized (hopefully this doesn't screw up anyone not expecting it in any of the ACLs these names will be matched in). - compact the "your reverse DNS is misconfigured" formatting a bit. * ToDo: - rearrange some entries, and clean up others to better reflect reality. * src/bindlib.c: - add a DEBUG() call to make_mx_hints() to show when precedence is adjusted. - update some comments. - other minor style tweaks. 2005-04-22 Greg A. Woods * src/routers/rtlib.c: - s/target/last_target/ in rtd_standard(). - use the new LOOKUP_DBG_NAME() to show the previous lookup result. * src/lookup.h: - add a macro to be used in DEBUG() calls so that lookup results (DB_* and FILE_*) can be be printed symbolically. 2005-04-21 Greg A. Woods * src/addr.c: - comment as to why a +1 isn't needed in the host!(host!)*@route form handling in preparse_address_1(). 2005-04-18 Greg A. Woods * man/man5/smailconf.an, src/config.c, src/config.h, src/extern.h, src/smailconf.c, src/smtprecv.c: - change smtp_hello_reject_dns_paranoid to smtp_hello_reject_broken_ptr to better reflect what it does. * src/notify.c, src/queue.c: - if time appears to have gone backwards since the message started then just use a fixed delay of one second. * src/smtprecv.c: - fix up comments, etc. in verify_host(). - be a bit more explicit in the "misconfigured DNS" messages. * src/directors/error.c: - add missing trailing single quote in the optional "derived from" parts of the ERR192 and ERR193 messages. * util/logsumm.awk: - ignore delay times that are more than 2 weeks old. - fix the pattern for ERR193 matching. - whitespace tweak. 2005-04-17 Greg A. Woods * NOTES/ESMTP.hdr, NOTES/RFC1413, NOTES/SIMPLE.DOMAIN, NOTES/SMART-HOST: - remove some irrelevant/stale NOTES files. 2005-04-10 Greg A. Woods * src/dys.h: - make sure the xmalloc() param in STR_INIT() has the right width to avoid warnings on alpha et al. * src/transports/smtplib.c: - fix DEBUG() msg (write_message() sends the whole message DATA, not just the message body). * src/transport.c: - adapt DEBUG() output for the new progress indicator in send_spool(). * src/spool.c: - add a DEBUG() progress indicator in send_spool(). * src/smtprecv.c: - make sure we clear sender_host (HELO param) in reset_state() so that it's done on RSET, and call reset_state() very early in do_greeting() instead of separately clearing sender_host and then only calling reset_state() at the end. - don't allow NUL bytes to be read in read_smtp_command() [even though they seem to be allowed by RFC 821, and even though they probably won't have any affect other than to terminate a string early] 2005-04-06 Greg A. Woods * man/man5/smailconf.an, src/pwcache.c: - OK, this attempt at iterating through all pwd entries just so we can do a case-insensitive comparision is ludicrous. Those who want case-insensitive e-mail addresses to work will just have to live with the fact that system usernames will have to be all lower-case. If you don't want all-lowercase usernames then you _MUST_ have exact case-matched mailboxes. Period. * src/dys.h: - oops -- that last change resulted in calling xmalloc() with an uninitialized value -- we need to use the STR_BUMP macro in the call (and that's OK since that's what we se the allocated length value in the str structure to anyway). * src/sysdep.c: - closing more than OPEN_MAX (or NOFILE) descriptors is insanity and not worth the system overhead. Anyone who can make use of a descriptor leak like this has already broken through all the front lines of defense. 2005-04-02 Greg A. Woods * src/modes.c: - comment about the message length in sig_unlink(). - move some debug info from write_log() to DEBUG() in sig_close(). * src/log.c, src/log.h, src/main.c: - export logstr from log.c via log.h, eliminate the STR_INIT() from write_log_va() and move it to early in main(). This should avoid ever having to call malloc() from a user-triggered SIGINT. * src/smailstring.h: - comment on the inclusion of dys.h. * src/dys.h: - in STR_INIT() set the allocation size only after xmalloc() has succeeded. * src/smtprecv.c: - cut out half the crap a remote client can send by only accepting isascii() characters in read_smtp_command(). * src/alloc.h: - improve the comment about X_MAGIC & X_CHECK(). * src/alloc.c: - fix the comment about "double frees" in xrealloc(). - fix style nit there too. * src/addr.c: - fix many comments in preparse_address_1(). 2005-04-01 Greg A. Woods * mkRelease.sh, myPreview.sh: - fix /most/distfiles path. * src/config.h: - improve default SMTP_BAD_MX_TARGETS a wee bit. - remove literal 255.255.255.255 from SMTP_SENDER_REJECT_HOSTNAMES. * src/addr.c: - fix a long-standing heap buffer overflow in preparse_address_1() handling of "host!(host!)*@route" forms. [not likely exploitable] (reported to BUGTRAQ by sean ) - improve DEBUG() output in preparse_address_1() somewhat. - fix a bug with trailing '>' handling. * ToDo: - more about lmtp 2005-03-26 Greg A. Woods * mkRelease.sh, myPreview.sh: - adapt to new SMAIL_VERSION variable in the pkgsrc modules. * src/smtprecv.c: - fix some logic in verify_sender() related to localhost checking and domain literal checking. * src/match.c: - improve wildcard logic in match_ip_net(). - clean up some DEBUG() calls. - remove some dead code that'll never be used. 2005-03-25 Greg A. Woods * conf/EDITME-weirdo: - -lpcreposix is needed too. Oops. * conf/EDITME-netbsdpkg: - special case for 'proven.weird' 2005-01-16 Greg A. Woods * util/.cvsignore: - new updates to sysdep.c will required hash.c and pwcache.c. - make all the files pulled from ../src into a library to simplify things a bit. 2005-01-14 Greg A. Woods * conf/os/sun_os4.1: - some NO_HAVE settings suggested by Bruce Becker. * ToDo: - more new and old items. * man/man5/smailtrns.an: - make a stab at documenting the pipe driver's new environment variable settings. * src/transports/pipe.c: - ammend previous: don't bother setting $HOST if parent_env is set. * man/man5/smailconf.an: - clean up the received_field default value a bit. * src/transports/pipe.c: - set new, different, better, and hopefully more useful and less confusing environment variables! - getpwbyname()'s icase parameter goes back to being a plain int. * conf/EDITME-netbsdpkg: - use $PKG_SYSCONFDIR for LIB_DIR, if set, else /etc/smail. (finally!) - use $:= instead of $:- as it's simpler and more succinct. * myPreview.sh: - new pkgsrc module includes a Makefile.common file. * src/config.h: - clean up the received_field default value a bit. * src/expand.c: - fix $target_domain to hopefully always expand to the domain in which the currend address mailbox matched (or $primary_name if no domain was specified). - getpwbyname()'s icase parameter goes back to being a plain int. - expand on the #if 0'ed foraddrs: prototype. * src/direct.c, src/directors/aliasfile.c, src/directors/altuser.c, src/directors/fwdfile.c, src/directors/include.c, src/extern.h, src/header.c, src/modes.c, src/queue.c, src/transports/appendfile.c: - getpwbyname()'s icase parameter goes back to being a plain int. * src/pwcache.c: - fix this mess to cache the whole struct passwd and struct group structures, but only after copying the desired string values into newly allocated storage. This once and hopefully for all gets rid of the username length limit (PW_SIZE) once enforced by Smail. - getpwbyname()'s icase parameter goes back to being a plain int. * src/queue.c: - fix a recently introduced core dump in the old SMAIL_LOG_STYLE=1 code reported by Bruce Becker (the delay parameter had the wrong format flag). * src/sysdep.c: - use the pwcache.c routines when looking up user information. * src/hash.c, src/hash.h: - use void * for anonymous data pointers. - adjust some parameter names to reflect whether they are pass-by-reference or pass-by-value. * src/directors/user.c: - tweak some comments about direct_userinfo_pwfile(), which is only built if the host system has fgetpwent(). * util/Makefile: - new updates to sysdep.c will required hash.c and pwcache.c. - make all the files pulled from ../src into a library to simplify things a bit. * util/init.sh: - use $:= instead of $:- as it's simpler and more succinct. - don`t rely on @PREFIX@ substitution. - don't try running ps if the pidfile is empty. 2004-12-30 Greg A. Woods * src/smtprecv.c: - add the same "no exceptions list" comment for smtp_hello_reject_hostnames as is there for smtp_host_reject_hostnames. * src/transport.c: - the uucp_from_hack transport attribute is a deprecated alias for unix_from_hack -- make sure it's not printed out when we dump the transports! 2004-12-22 Greg A. Woods * src/directors/user.c: - the change to use rcopy() in rev. 1.35 resulted in a cust&paste typo that had the matching suffix string being stored in the rem_prefix field. 2004-12-14 Greg A. Woods * conf/EDITME-netbsdpkg: - use new more-specific conf/os/netbsd1.* OS_TYPEs. * conf/os/netbsd1.5: - base on new conf/os/netbsd1.4. * src/smail.h: - try a different trick, using typedef and #define, for the missing HAVE_TYPE_* types. * conf/os/bsd4.4: - 4.4BSD did _not_ have socklen_t, in_addr_t, nor in_port_t. * conf/EDITME-netbsdpkg: - fix typo in a comment about 1.3.3. * ToDo: - ho ho humbug -- no presents for you! * src/modes.c: - don't call free_addr_list() at the bottom of the loop in test_addresses(). It still tries to free something it shouldn't [reported by Jay Schuster] * man/man5/smailconf.an: - oops -- incomplete sentence in last commit. * man/man5/smailconf.an: - re-document smtp_hello_verify_ptr and smtp_hello_reject_dns_paranoid (new, better, implementations). * src/smtprecv.c: - re-think and re-implement the smtp_hello_reject_dns_paranoid checks based on the much simplified rule that just as you need to check that "IP -> name -> IP" to detect DNS spoofing and to verify a PTR has the right name, you similarly need to check "name -> IP -> name" to verify that a name has the right IP address and that it has not been spoofed. Now this setting just means that any PTR matching the hello name is OK (unless smtp_hello_verify is off and that check would have failed had it been turned on). I.e. this is now just a slightly less strict check than the full-blown smtp_hello_verify_ptr -- they do the same but the latter requires a PTR to be found. Note that for some time now AOL has been requiring every SMTP client to have a PTR, but there's no telling whether or not they verify the names at all. * util/unfreezemail.sh: - the "rm" option variable is called "$interactive", not "$force"! [reported by Jay Schuster] * src/bindlib.c: - remove unwanted newline from error message related to smtp_bad_mx_targets. [reported by Jay Schuster] * util/logsumm.awk: - update timestamp matching to adapt to new YYYY/MM/DD form. [reported by Jay Schuster] * util/checkerr.sh: - fix logic error in checking for .dead_double_bounces. - fix two syntax errors in botched $(cmd) to `cmd` edit. [both reported by Jay Schuster] * src/smailsock.h: - should come _after_ . [reported by Jay Schuster, caused problems on AIX 4.3] * src/match.c: - remove one too many '%s' from opening DEBUG3() of match_re_list() [reported by Jay Schuster] * src/config.h: - copy the domain literal pattern in the default smtp_hello_reject_hostnames to smtp_sender_reject_hostnames. - also add explicit reject for domain literal [255.255.255.255] in smtp_sender_reject_hostnames. * mkChangeLog.sh: - the NetBSD-installed "rcs2log" (on building.weird.com) does the right thing now... * man/man5/smaildrct.an: - remove the description of the no-longer-implemented "matchdirector" driver attribute for the error director. * src/expand.c: - add a note about returning an error message. * src/directors/error.c, src/directors/error.h: - fix the error message generation so that we always report both the immediate parent address and the original address to make error messages a bit more meaningful. - get rid of the unnecessary "matchdirector" driver attribute. 2004-10-20 Greg A. Woods * src/routers/gethost.c: - fix a problem with referencing freed memory. * src/addr.c: - NULL-deref protection and proper casting in the X_SHOW_ALLOC() macro. 2004-08-31 Greg A. Woods * src/spool.c: - blocks_free should be fsblkcnt_t, not blkcnt_t, at least for P1003.1-2001's statvfs(). - OK, re-thinking, little1 and big1 are my way of turning these system types back into normal integer types, so they go back to unsigned long. (retested on NetBSD/alpha and IRIX 6.5, which both had signed/unsigned complaints before the last go-around) * src/smail.h: - fix blkcnt_t cut&past-o found by JPR. - add fsblkcnt_t (also a p1003.1-2001 feature). * conf/os/bsd4.4: - posix is p1003.1-1990. - make NO_HAVE setting extensible. * conf/os/irix6: - mention idea of using conf/os/posix-2001 instead of sys5.4 - add HAVE's for TYPE_BLKCNT_T and TYPE_FSBLKCNT_T (which are also in posix-2001). * conf/os/sco5: - for some reason OpenServer-5 doesn't have the P1003-1.1990 or SuSv2 (1997) netinet/in.h types in_addr_t, in_port_t, at least not where they're supposed to be. Dunno about socklen_t from sys/socket.h, but for now the test was done with the assumption it wasn't there. * conf/os/posix: - belay that order! ;-) leave this as P1003.1-1990 and we'll add a posix-2001 file to adapt for newer features. * conf/os/posix: - if we're going to define blkcnt_t we may as well define fsblkcnt_t as well. - note that we've slipped into using some P1003.1-2001 features. * myPreview.sh: - don't force removal of local conf files -- just don't put them in the archive. 2004-08-30 Greg A. Woods * src/smail.h, src/smailport.h: - well it seems some of our other headers do indeed depend on the likes of in_addr_t being defined or typedef'ed and so move the backward compatability macros for them wholesale from smailport.h (which is always included last) to smail.h (which is always included first. This gets smail to build on bsdi-1.1 again, and has no adverse affect on NetBSD, so maybe it'll "Just Work" across the board. * mkRelease.sh: - DISTNAME will be commented out when we get to it. * myPreview.sh: - simplify version edit script a bit. * ToDo: - mention BIND libresolv's tendancy to debug to stdout.... * src/main.c: - don't complain about needing foreground delivery if it's already been specified! * src/main.c: - document all the options fully on their 'case' lines in process_args() so that it's easier to search for one without getting lost in the sub-option cases. * src/modes.c, src/smailconf.c: - turn off some really noisy debugging. * src/main.c: - force deliver_mode to FOREGROUND when error_processing is to TERMINAL. - re-arrange setup of deliver_mode and error_processing to be able to warn about "conflicts" in command-line options. - support intuitive new '-bq' (same as '-q' with no interval). - move the *_checks compile_pcre_list() calls down after the arg_debug_file will have been opened and also only do them if in an operation_mode where a message might be collected. 2004-08-29 Greg A. Woods * src/header.c: - tweak comment about addr list use by write_header(). * src/notify.c: - in fail_delivery() if error_processing says to write to the terminal then make sure we do. - in fail_delivery(), classify_addr() and notify() (and defer_delivery()) deal with the "fake" address used when no valid recipients were found so that a bounce can be sent to the sender. - don't leave tport auto pointer in addr->transport in write_notify_header(). * src/modes.c: - don't deliver in the background if error_processing says to write errors to the terminal. - don't just return after process_header() error when using recipients from the command-line. - fix handling of "no valid recipients" and process_header() errors so that a bounce message to the sender is actually generated if necessary. - use free_addr() to free struct addr's. - don't even call some functions that do nothing when they are called with a NULL input parameter. - other very minor tweaks and improvements, mostly to comments. * src/queue.c: - fix recording of error_processing value in queue file to handle -oeq. - tweak recording of deliver_mode so that GCC can give an error if any new value is added to the enum. * src/log.c: - include the message-ID in debug messages to make it easier to make it easier to separate those from a child process, i.e. the one started for error handling from notify(). * src/config.h: - allow more liberal address specification in the domain literals pattern of SMTP_HELLO_REJECT_HOSTNAMES. - fix up some comments and some comments inside RE lists. * man/man8/smail.an: - minor improvements to better document some option flags. * src/addr.c: - use free_error() to free an error struct. - adjust some comments. * src/smtprecv.c: - the reject response ager a failed verify_host() in do_greeting() was incorrectly handling the multiline output when errstr was non-NULL (oops. another case of inverted test logic.) - fix up the sender_host_addr+sender_host_really debug message and only print it when there's a chance it'll be informative. * src/queue.c: - add appropriate DEBUG() messages to internal queue_message() routines to prompt user to enter message and to tell them how to end the message. * src/spool.c: - increase the level of the spool file debug message so that it's only seen when more intensive debugging is requested (now that queue_message() will prompt properly for message entry. * src/main.h: - notify.c is going to need arg_debug_file in order to pass it on to the error message child. * src/match.c: - fix operator for boundary check on whitespace-after-! check. oops. 2004-08-27 Greg A. Woods * level: - post 3.2.0.120 -- get ready to preview release 3.2.0.121