From aec43b3124283cd715c93979364988903ed9faca Mon Sep 17 00:00:00 2001
From: Miroslav Lichvar <mlichvar@fedoraproject.org>
Date: Dec 15 2009 14:40:42 +0000
Subject: - fix milter file descriptors leaks (#485426)

- skip colon separator when parsing service name in ServiceSwitchFile
- return with non-zero exit code when free space is below MinFreeBlocks
- fix service stop/restart when only smclient is running
- fix submit.cf and helpfile permissions
- more merge review fixes (#226407)

---

diff --git a/Sendmail-sasl1.conf b/Sendmail-sasl1.conf
deleted file mode 100644
index 44af343..0000000
--- a/Sendmail-sasl1.conf
+++ /dev/null
@@ -1 +0,0 @@
-pwcheck_method:pam
diff --git a/sendmail-8.14.3-exitpanic.patch b/sendmail-8.14.3-exitpanic.patch
new file mode 100644
index 0000000..33df0a6
--- /dev/null
+++ b/sendmail-8.14.3-exitpanic.patch
@@ -0,0 +1,64 @@
+diff -up sendmail-8.14.3/sendmail/envelope.c.exitpanic sendmail-8.14.3/sendmail/envelope.c
+--- sendmail-8.14.3/sendmail/envelope.c.exitpanic	2008-03-31 18:32:13.000000000 +0200
++++ sendmail-8.14.3/sendmail/envelope.c	2009-12-15 13:55:52.000000000 +0100
+@@ -163,14 +163,14 @@ newenvelope(e, parent, rpool)
+ **		split -- if true, split by recipient if message is queued up
+ **
+ **	Returns:
+-**		none.
++**		true if savemail panic'ed.
+ **
+ **	Side Effects:
+ **		housekeeping necessary to dispose of an envelope.
+ **		Unlocks this queue file.
+ */
+ 
+-void
++bool
+ dropenvelope(e, fulldrop, split)
+ 	register ENVELOPE *e;
+ 	bool fulldrop;
+@@ -209,7 +209,7 @@ dropenvelope(e, fulldrop, split)
+ 
+ 	/* we must have an id to remove disk files */
+ 	if (id == NULL)
+-		return;
++		return panic;
+ 
+ 	/* if verify-only mode, we can skip most of this */
+ 	if (OpMode == MD_VERIFY)
+@@ -618,6 +618,8 @@ simpledrop:
+ 	}
+ 	e->e_id = NULL;
+ 	e->e_flags &= ~EF_HAS_DF;
++
++	return panic;
+ }
+ /*
+ **  CLEARENVELOPE -- clear an envelope without unlocking
+diff -up sendmail-8.14.3/sendmail/main.c.exitpanic sendmail-8.14.3/sendmail/main.c
+--- sendmail-8.14.3/sendmail/main.c.exitpanic	2008-03-31 18:32:13.000000000 +0200
++++ sendmail-8.14.3/sendmail/main.c	2009-12-15 13:55:52.000000000 +0100
+@@ -2952,7 +2952,9 @@ finis(drop, cleanup, exitstat)
+ 		{
+ 			if (CurEnv->e_id != NULL)
+ 			{
+-				dropenvelope(CurEnv, true, false);
++				if (dropenvelope(CurEnv, true, false))
++					/* exit with OS error if savemail panic'ed */
++					exitstat = EX_OSERR;
+ 				sm_rpool_free(CurEnv->e_rpool);
+ 				CurEnv->e_rpool = NULL;
+ 
+diff -up sendmail-8.14.3/sendmail/sendmail.h.exitpanic sendmail-8.14.3/sendmail/sendmail.h
+--- sendmail-8.14.3/sendmail/sendmail.h.exitpanic	2008-02-16 00:19:58.000000000 +0100
++++ sendmail-8.14.3/sendmail/sendmail.h	2009-12-15 13:55:52.000000000 +0100
+@@ -982,7 +982,7 @@ extern ENVELOPE	BlankEnvelope;
+ 
+ /* functions */
+ extern void	clearenvelope __P((ENVELOPE *, bool, SM_RPOOL_T *));
+-extern void	dropenvelope __P((ENVELOPE *, bool, bool));
++extern bool	dropenvelope __P((ENVELOPE *, bool, bool));
+ extern ENVELOPE	*newenvelope __P((ENVELOPE *, ENVELOPE *, SM_RPOOL_T *));
+ extern void	clrsessenvelope __P((ENVELOPE *));
+ extern void	printenvflags __P((ENVELOPE *));
diff --git a/sendmail-8.14.3-milterfdleaks.patch b/sendmail-8.14.3-milterfdleaks.patch
new file mode 100644
index 0000000..7154394
--- /dev/null
+++ b/sendmail-8.14.3-milterfdleaks.patch
@@ -0,0 +1,75 @@
+Patches by Paul Howarth
+https://bugzilla.redhat.com/show_bug.cgi?id=485426
+
+--- sendmail-8.14.3/sendmail/milter.c	2008-09-19 15:51:03.000000000 +0100
++++ sendmail-8.14.3/sendmail/milter.c	2008-09-19 16:37:57.000000000 +0100
+@@ -30,6 +30,9 @@
+ 
+ # include <sm/fdset.h>
+ 
++# include <unistd.h>
++# include <fcntl.h>
++
+ static void	milter_connect_timeout __P((int));
+ static void	milter_error __P((struct milter *, ENVELOPE *));
+ static int	milter_open __P((struct milter *, bool, ENVELOPE *));
+@@ -650,6 +653,7 @@
+ 	SOCKADDR_LEN_T addrlen = 0;
+ 	int addrno = 0;
+ 	int save_errno;
++	int fdflags;
+ 	char *p;
+ 	char *colon;
+ 	char *at;
+@@ -1186,6 +1190,21 @@
+ 			   (char *)&nodelay, sizeof(nodelay));
+ 	}
+ # endif /* MILTER_NO_NAGLE && !defined(TCP_CORK) */
++
++	/*
++	** Need to set close-on-exec for sock to prevent it
++	** leaking to the local delivery process
++	*/
++	if ((fdflags = fcntl(sock, F_GETFD, 0)) == -1 ||
++	    fcntl(sock, F_SETFD, fdflags | FD_CLOEXEC) == -1)
++	{
++		save_errno = errno;
++		if (MilterLogLevel > 0)
++			sm_syslog(LOG_WARNING, e->e_id,
++				"Milter (%s): Unable to set close-on-exec on sock (%s)",
++					m->mf_name, sm_errstring(save_errno = errno));
++	}
++
+ 	return sock;
+ }
+ 
+--- sendmail-8.14.3/libmilter/listener.c	2007-04-23 23:22:50.000000000 +0100
++++ sendmail-8.14.3/libmilter/listener.c	2008-06-18 16:36:38.000000000 +0100
+@@ -728,6 +728,7 @@
+ 	int acnt = 0;	/* error count for accept() failures */
+ 	int scnt = 0;	/* error count for select() failures */
+ 	int save_errno = 0;
++	int fdflags;
+ #if !_FFR_WORKERS_POOL
+ 	sthread_t thread_id;
+ #endif /* !_FFR_WORKERS_POOL */
+@@ -807,6 +808,19 @@
+ 		(void) smutex_unlock(&L_Mutex);
+ 
+ 		/*
++		** Need to set close-on-exec for connfd in case a user's
++		** filter starts other applications
++		*/
++		if ((fdflags = fcntl(connfd, F_GETFD, 0)) == -1 ||
++		    fcntl(connfd, F_SETFD, fdflags | FD_CLOEXEC) == -1)
++		{
++			smi_log(SMI_LOG_WARN,
++				"%s: Unable to set close-on-exec on connfd (%s)",
++				smfi->xxfi_name, sm_errstring(errno));
++			/* XXX: continue? */
++		}
++
++		/*
+ 		**  If remote side closes before accept() finishes,
+ 		**  sockaddr might not be fully filled in.
+ 		*/
diff --git a/sendmail-8.14.3-switchfile.patch b/sendmail-8.14.3-switchfile.patch
new file mode 100644
index 0000000..7891e27
--- /dev/null
+++ b/sendmail-8.14.3-switchfile.patch
@@ -0,0 +1,12 @@
+diff -up sendmail-8.14.3/sendmail/conf.c.switchfile sendmail-8.14.3/sendmail/conf.c
+--- sendmail-8.14.3/sendmail/conf.c.switchfile	2008-04-14 04:09:35.000000000 +0200
++++ sendmail-8.14.3/sendmail/conf.c	2009-12-15 13:32:55.000000000 +0100
+@@ -968,7 +968,7 @@ switch_map_find(service, maptype, mapret
+ 				p = strpbrk(buf, "#\n");
+ 				if (p != NULL)
+ 					*p = '\0';
+-				p = strpbrk(buf, " \t");
++				p = strpbrk(buf, " \t:");
+ 				if (p != NULL)
+ 					*p++ = '\0';
+ 				if (buf[0] == '\0')
diff --git a/sendmail.init b/sendmail.init
index 8430622..54dafec 100644
--- a/sendmail.init
+++ b/sendmail.init
@@ -116,7 +116,7 @@ stop() {
     return $RETVAL
 }
 
-status -p /var/run/sendmail.pid >/dev/null && status -p /var/run/sm-client.pid >/dev/null
+status -p /var/run/sendmail.pid >/dev/null || status -p /var/run/sm-client.pid >/dev/null
 running=$?
 
 # See how we were called.
diff --git a/sendmail.spec b/sendmail.spec
index 2e279d7..1f0ffd5 100644
--- a/sendmail.spec
+++ b/sendmail.spec
@@ -1,6 +1,5 @@
 # package options
 %define with_tls	yes
-%define with_sasl1	no
 %define with_sasl2	yes
 %define with_milter	yes
 %define with_ldap	yes
@@ -15,11 +14,10 @@
 Summary: A widely used Mail Transport Agent (MTA)
 Name: sendmail
 Version: 8.14.3
-Release: 8%{?dist}
+Release: 9%{?dist}
 License: Sendmail
 Group: System Environment/Daemons
 URL: http://www.sendmail.org/
-Provides: MTA smtpdaemon server(smtp)
 Source0: ftp://ftp.sendmail.org/pub/sendmail/sendmail.%{version}.tar.gz
 Source1: sendmail.init
 Source2: sendmail.nm-dispatcher
@@ -27,7 +25,6 @@ Source3: sendmail.etc-mail-make
 Source4: sendmail.sysconfig
 Source5: sendmail.etc-mail-Makefile
 Source6: sendmail-redhat.mc
-Source7: Sendmail-sasl1.conf
 Source8: sendmail.pam
 Source9: sendmail-8.12.5-newconfig.readme
 Source11: Sendmail-sasl2.conf
@@ -50,6 +47,9 @@ Patch14: sendmail-8.13.7-vacation.patch
 Patch15: sendmail-8.14.1-noversion.patch
 Patch16: sendmail-8.13.1-localdomain.patch
 Patch17: sendmail-8.14.3-sharedmilter.patch
+Patch18: sendmail-8.14.3-switchfile.patch
+Patch19: sendmail-8.14.3-exitpanic.patch
+Patch20: sendmail-8.14.3-milterfdleaks.patch
 Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildRequires: tcp_wrappers-devel
 BuildRequires: db4-devel
@@ -57,6 +57,7 @@ BuildRequires: hesiod-devel
 BuildRequires: groff
 BuildRequires: ghostscript
 BuildRequires: m4
+Provides: MTA smtpdaemon server(smtp)
 Provides: %{_sbindir}/sendmail %{_bindir}/mailq %{_bindir}/newaliases
 Provides: %{_bindir}/rmail /usr/lib/sendmail
 Provides: %{_sysconfdir}/pam.d/smtp
@@ -65,22 +66,21 @@ Provides: %{_mandir}/man5/aliases.5.gz %{_mandir}/man8/sendmail.8.gz
 Requires(pre): shadow-utils
 Requires(preun): %{_sbindir}/alternatives chkconfig
 Requires(post): %{_sbindir}/alternatives chkconfig coreutils
-Requires(postun): %{_sbindir}/alternatives chkconfig coreutils
+Requires(postun): %{_sbindir}/alternatives coreutils
+Requires: initscripts
 Requires: procmail
 Requires: bash >= 2.0
 Requires: setup >= 2.5.31-1
 BuildRequires: setup >= 2.5.31-1
 %if "%{with_tls}" == "yes"
 BuildRequires: openssl-devel
-Requires: openssl
 %endif
-%if "%{with_sasl1}" == "yes" || "%{with_sasl2}" == "yes"
+%if "%{with_sasl2}" == "yes"
 BuildRequires: cyrus-sasl-devel openssl-devel
-Requires: %{_sbindir}/saslauthd openssl
+Requires: %{_sbindir}/saslauthd
 %endif
 %if "%{with_ldap}" == "yes"
 BuildRequires: openldap-devel openssl-devel
-Requires: openldap openssl
 %endif
 
 
@@ -98,13 +98,14 @@ Sendmail, you can install the sendmail-doc package.
 %package doc
 Summary: Documentation about the Sendmail Mail Transport Agent program
 Group: Documentation
+BuildArch: noarch
 Requires: sendmail = %{version}-%{release}
 
 %description doc
 The sendmail-doc package contains documentation about the Sendmail
 Mail Transport Agent (MTA) program, including release notes, the
 Sendmail FAQ, and a few papers written about Sendmail. The papers are
-provided in PostScript(TM) and troff formats.
+provided in PDF and troff formats.
 
 %package devel
 Summary: Extra development include files and development files
@@ -120,6 +121,7 @@ of sendmail.
 Summary: The files needed to reconfigure Sendmail
 Group: System Environment/Daemons
 Requires: sendmail = %{version}-%{release}
+BuildArch: noarch
 Requires: m4
 
 %description cf
@@ -158,7 +160,11 @@ This package includes the milter shared library.
 cp devtools/M4/UNIX/{,shared}library.m4
 %patch17 -p1 -b .sharedmilter
 
-for f in RELEASE_NOTES; do
+%patch18 -p1 -b .switchfile
+%patch19 -p1 -b .exitpanic
+%patch20 -p1 -b .milterfdleaks
+
+for f in RELEASE_NOTES contrib/etrn.0; do
 	iconv -f iso8859-1 -t utf8 -o ${f}{_,} &&
 		touch -r ${f}{,_} && mv -f ${f}{_,}
 done
@@ -210,13 +216,6 @@ APPENDDEF(\`conf_sendmail_LIBS', \`-lssl -lcrypto')dnl
 EOF
 %endif
 
-%if "%{with_sasl1}" == "yes"
-cat >> redhat.config.m4 << EOF
-APPENDDEF(\`confENVDEF', \`-DSASL=1')dnl
-APPENDDEF(\`confLIBS', \`-lsasl -lcrypto')dnl
-EOF
-%endif
-
 %if "%{with_sasl2}" == "yes"
 cat >> redhat.config.m4 << EOF
 APPENDDEF(\`confENVDEF', \`-DSASL=2')dnl
@@ -288,7 +287,7 @@ Make() {
 		LIBOWN=${nameuser} LIBGRP=${namegroup} \
 		GBINOWN=${nameuser} GBINGRP=${namegroup} \
 		CFOWN=${nameuser} CFGRP=${namegroup} \
-		MSPQOWN=${nameuser}
+		CFMODE=0644 MSPQOWN=${nameuser}
 }
 
 OBJDIR=obj.$(uname -s).$(uname -r).$(uname -m)
@@ -327,6 +326,7 @@ install -p -m 644 libmilter/README %{buildroot}%{_docdir}/sendmail-%{version}/RE
 install -p -m 644 cf/README %{buildroot}%{_docdir}/sendmail-%{version}/README.cf
 install -m 644 %{SOURCE9} %{buildroot}%{_docdir}/sendmail-%{version}/README.redhat
 install -p -m 644 contrib/* %{buildroot}%{_docdir}/sendmail-%{version}/contrib
+sed -i 's|/usr/local/bin/perl|%{_bindir}/perl|' %{buildroot}%{_docdir}/sendmail-%{version}/contrib/*.pl
 
 # install the cf files for the sendmail-cf package.
 cp -ar cf/* %{buildroot}%{sendmailcf}
@@ -375,14 +375,12 @@ install -p -m 755 %{SOURCE2} %{buildroot}%{_sysconfdir}/NetworkManager/dispatche
 install -p -m 755 %{SOURCE3} %{buildroot}%{maildir}/make
 install -p -m 644 %{SOURCE5} %{buildroot}%{maildir}/Makefile
 
+chmod 644 %{buildroot}%{maildir}/helpfile
+
 # fix permissions to allow debuginfo extraction and stripping
 chmod 755 %{buildroot}%{_sbindir}/{mailstats,makemap,praliases,sendmail,smrsh}
 chmod 755 %{buildroot}%{_bindir}/rmail
 
-%if "%{with_sasl1}" == "yes"
-install -m 755 -d %{buildroot}%{_libdir}/sasl
-install -m 644 %{SOURCE7} %{buildroot}%{_libdir}/sasl/Sendmail.conf
-%endif
 %if "%{with_sasl2}" == "yes"
 install -m 755 -d %{buildroot}%{_libdir}/sasl2
 install -m 644 %{SOURCE11} %{buildroot}%{_libdir}/sasl2/Sendmail.conf
@@ -518,7 +516,7 @@ exit 0
 %ghost %{maildir}/domaintable.db
 %ghost %{maildir}/mailertable.db
 
-%attr(0755,root,root) %{_initrddir}/sendmail
+%{_initrddir}/sendmail
 %config(noreplace) %{_sysconfdir}/sysconfig/sendmail
 %config(noreplace) %{_sysconfdir}/pam.d/smtp.sendmail
 %{_sysconfdir}/NetworkManager/dispatcher.d/10-sendmail
@@ -566,6 +564,14 @@ exit 0
 
 
 %changelog
+* Tue Dec 15 2009 Miroslav Lichvar <mlichvar@redhat.com> 8.14.3-9
+- fix milter file descriptors leaks (#485426)
+- skip colon separator when parsing service name in ServiceSwitchFile
+- return with non-zero exit code when free space is below MinFreeBlocks
+- fix service stop/restart when only smclient is running
+- fix submit.cf and helpfile permissions
+- more merge review fixes (#226407)
+
 * Wed Sep 16 2009 Tomas Mraz <tmraz@redhat.com> - 8.14.3-8
 - Use password-auth common PAM configuration instead of system-auth
 
@@ -970,7 +976,7 @@ exit 0
 
 * Mon Jan 13 2003 Florian La Roche <Florian.LaRoche@redhat.de>
 - do not reject all numeric login names if hesiod support is
-  compiled in.   #80060
+  compiled in. #80060
 - remove reference to non-existing man-pages #74552
 
 * Sun Jan 12 2003 Florian La Roche <Florian.LaRoche@redhat.de>
@@ -1075,7 +1081,7 @@ exit 0
 - add sendmail/SECURITY as docu #61870, #61545
 
 * Wed Mar 20 2002 Florian La Roche <Florian.LaRoche@redhat.de>
-- add libsm.a    #61270
+- add libsm.a #61270
 - change from /etc/sendmail.cf to /etc/mail/sendmail.cf
 - add milter patch