diff options
| author |   Daniel Ahlberg <aliz@gentoo.org> | 2002-10-13 13:44:09 +0000 |
|---|---|---|
| committer | Daniel Ahlberg <aliz@gentoo.org> | 2002-10-13 13:44:09 +0000 |
| commit | ad63d20623ac1674cd2cfa51a7f7b9382fb2d474 (patch) | |
| tree | 92e9fc8c4e93c6942981438a641afa26d676c0b1 /net-mail/sendmail | |
| parent | fixed SRC_URI again (diff) | |
| download | historical-ad63d20623ac1674cd2cfa51a7f7b9382fb2d474.tar.gz historical-ad63d20623ac1674cd2cfa51a7f7b9382fb2d474.tar.bz2 historical-ad63d20623ac1674cd2cfa51a7f7b9382fb2d474.zip | |
Security update..
Diffstat (limited to 'net-mail/sendmail')
| -rw-r--r-- | net-mail/sendmail/ChangeLog | 7 | ||||
| -rw-r--r-- | net-mail/sendmail/files/digest-sendmail-8.12.6-r1 | 1 | ||||
| -rw-r--r-- | net-mail/sendmail/files/sendmail-8.12.6-r1-gentoo.diff | 63 | ||||
| -rw-r--r-- | net-mail/sendmail/sendmail-8.12.6-r1.ebuild | 177 |
4 files changed, 247 insertions, 1 deletions
diff --git a/net-mail/sendmail/ChangeLog b/net-mail/sendmail/ChangeLog index a46afc566fd6..90ea15531260 100644 --- a/net-mail/sendmail/ChangeLog +++ b/net-mail/sendmail/ChangeLog @@ -1,6 +1,11 @@ # ChangeLog for net-mail/sendmail # Copyright 2002 Gentoo Technologies, Inc.; Distributed under the GPL -# $Header: /var/cvsroot/gentoo-x86/net-mail/sendmail/ChangeLog,v 1.11 2002/09/03 15:08:21 raker Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-mail/sendmail/ChangeLog,v 1.12 2002/10/13 13:44:09 aliz Exp $ + +*sendmail-8.12.6-r1 (13 Oct 2002) + + 13 Oct 2002; Daniel Ahlberg <aliz@gentoo.org> : + Security update. Added patch from sendmail to fix smrsh. *sendmail-8.12.6 (03 Sep 2002) diff --git a/net-mail/sendmail/files/digest-sendmail-8.12.6-r1 b/net-mail/sendmail/files/digest-sendmail-8.12.6-r1 new file mode 100644 index 000000000000..1be64cde9ddb --- /dev/null +++ b/net-mail/sendmail/files/digest-sendmail-8.12.6-r1 @@ -0,0 +1 @@ +MD5 73e18ea78b2386b774963c8472cbd309 sendmail.8.12.6.tar.gz 1867436 diff --git a/net-mail/sendmail/files/sendmail-8.12.6-r1-gentoo.diff b/net-mail/sendmail/files/sendmail-8.12.6-r1-gentoo.diff new file mode 100644 index 000000000000..ae6f94c8570e --- /dev/null +++ b/net-mail/sendmail/files/sendmail-8.12.6-r1-gentoo.diff @@ -0,0 +1,63 @@ +Index: smrsh.c +=================================================================== +RCS file: /cvs/smrsh/smrsh.c,v +retrieving revision 8.58 +diff -u -r8.58 smrsh.c +--- smrsh.c 25 May 2002 02:41:31 -0000 8.58 ++++ smrsh.c 24 Sep 2002 23:58:16 -0000 +@@ -57,6 +57,8 @@ + #include <sm/limits.h> + #include <sm/string.h> + #include <sys/file.h> ++#include <sys/types.h> ++#include <sys/stat.h> + #include <string.h> + #include <ctype.h> + #include <errno.h> +@@ -145,6 +147,7 @@ + char *newenv[2]; + char pathbuf[1000]; + char specialbuf[32]; ++ struct stat st; + + #ifndef DEBUG + # ifndef LOG_MAIL +@@ -302,6 +305,38 @@ + (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, + "Trying %s\n", cmdbuf); + #endif /* DEBUG */ ++ if (stat(cmdbuf, &st) < 0) ++ { ++ /* can't stat it */ ++ (void) sm_io_fprintf(smioerr, SM_TIME_DEFAULT, ++ "%s: %s not available for sendmail programs (stat failed)\n", ++ prg, cmd); ++ if (p != NULL) ++ *p = ' '; ++#ifndef DEBUG ++ syslog(LOG_CRIT, "uid %d: attempt to use %s (stat failed)", ++ (int) getuid(), cmd); ++#endif /* ! DEBUG */ ++ exit(EX_UNAVAILABLE); ++ } ++ if (!S_ISREG(st.st_mode) ++#ifdef S_ISLNK ++ && !S_ISLNK(st.st_mode) ++#endif /* S_ISLNK */ ++ ) ++ { ++ /* can't stat it */ ++ (void) sm_io_fprintf(smioerr, SM_TIME_DEFAULT, ++ "%s: %s not available for sendmail programs (not a file)\n", ++ prg, cmd); ++ if (p != NULL) ++ *p = ' '; ++#ifndef DEBUG ++ syslog(LOG_CRIT, "uid %d: attempt to use %s (not a file)", ++ (int) getuid(), cmd); ++#endif /* ! DEBUG */ ++ exit(EX_UNAVAILABLE); ++ } + if (access(cmdbuf, X_OK) < 0) + { + /* oops.... crack attack possiblity */ diff --git a/net-mail/sendmail/sendmail-8.12.6-r1.ebuild b/net-mail/sendmail/sendmail-8.12.6-r1.ebuild new file mode 100644 index 000000000000..78fea5fc678b --- /dev/null +++ b/net-mail/sendmail/sendmail-8.12.6-r1.ebuild @@ -0,0 +1,177 @@ +# Copyright 1999-2002 Gentoo Technologies, Inc. +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-mail/sendmail/sendmail-8.12.6-r1.ebuild,v 1.1 2002/10/13 13:44:09 aliz Exp $ + +IUSE="ssl ldap sasl berkdb tcpd gdbm" + +DESCRIPTION="Widely-used Mail Transport Agent (MTA)." +HOMEPAGE="http://www.sendmail.org" + +LICENSE="Sendmail" +SLOT="0" +KEYWORDS="x86 ppc sparc sparc64" + +PROVIDE="virtual/mta" +DEPEND="net-dns/hesiod + net-mail/mailbase + sys-libs/gdbm + sys-devel/m4 + sasl? ( dev-libs/cyrus-sasl ) + tcpd? ( sys-apps/tcp-wrappers ) + ssl? ( dev-libs/openssl ) + ldap? ( net-nds/openldap )" + +# We need some db; pick gdbm if none in USE +if [ -n "`use gdbm`" ] +then + DEPEND="${DEPEND} + sys-libs/gdbm" +elif [ -n "`use berkdb`" ] +then + DEPEND="${DEPEND} + sys-libs/db-3.2" +else + DEPEND="${DEPEND} + sys-libs/gdbm" +fi + +RDEPEND="${DEPEND} + >=net-mail/mailbase-0.00 + !virtual/mta" + +SRC_URI="ftp://ftp.sendmail.org/pub/${PN}/${PN}.${PV}.tar.gz" + +S=${WORKDIR}/${P} + +pkg_preinst() { + if ! grep -q ^smmsp: /etc/group + then + groupadd smmsp || die "problem adding group smmsp" + fi + if ! grep -q ^smmsp: /etc/passwd + then + useradd -d /var/spool/mqueue -g smmsp -s /dev/null smmsp \ + || die "problem adding user smmsp" + fi +} + +src_unpack() { + unpack ${A} + for file in ${PN}-8.12.2-{makemapman,smrsh-paths,unix} + do + cat ${FILESDIR}/${file}.patch | patch -d ${S} -p1 || die "${file} patch failed" + done +echo "blah" + patch -d ${S}/smrsh -p0 < ${FILESDIR}/${PF}-gentoo.diff + + confCCOPTS="${CFLAGS}" + confMAPDEF="-DNEWDB -DMAP_REGEX" + confENVDEF="-DXDEBUG=0" + confLIBS="-lnsl -lcrypt" + conf_sendmail_ENVDEF="-DFALSE=0 -DTRUE=1" + conf_sendmail_LIBS="" + use sasl && confLIBS="${confLIBS} -lsasl2" \ + && confENVDEF="${confENVDEF} -DSASL" \ + && confCCOPTS="${confCCOPTS} -I/usr/include/sasl" \ + && conf_sendmail_ENVDEF="${conf_sendmail_ENVDEF} -DSASL" \ + && conf_sendmail_LIBS="${conf_sendmail_LIBS} -lsasl2" + use tcpd && confENVDEF="${confENVDEF} -DTCPWRAPPERS" \ + && confLIBS="${confLIBS} -lwrap" + use ssl && confENVDEF="${confENVDEF} -DSTARTTLS" \ + && confLIBS="${confLIBS} -lssl -lcrypto" \ + && conf_sendmail_ENVDEF="${conf_sendmail_ENVDEF} -DSTARTTLS" \ + && conf_sendmail_LIBS="${conf_sendmail_LIBS} -lssl -lcrypto" + use ldap && confMAPDEF="${confMAPDEF} -DLDAPMAP" \ + && confLIBS="${confLIBS} -lldap -llber" + use gdbm && confLIBS="${confLIBS} -lgdbm" + sed -e "s:@@confCCOPTS@@:${confCCOPTS}:" \ + -e "s/@@confMAPDEF@@/${confMAPDEF}/" \ + -e "s/@@confENVDEF@@/${confENVDEF}/" \ + -e "s/@@confLIBS@@/${confLIBS}/" \ + -e "s/@@conf_sendmail_ENVDEF@@/${conf_sendmail_ENVDEF}/" \ + -e "s/@@conf_sendmail_LIBS@@/${conf_sendmail_LIBS}/" \ + ${FILESDIR}/site.config.m4 > ${S}/devtools/Site/site.config.m4 +} + +src_compile() { + for x in libmilter libsmutil sendmail mailstats rmail praliases smrsh makemap vacation mail.local + do + pushd ${x} + sh Build + popd + done +} + +src_install () { + OBJDIR="obj.`uname -s`.`uname -r`.`arch`" + dodir /etc/pam.d /usr/bin /usr/include/libmilter /usr/lib + dodir /usr/share/man/man{1,5,8} /usr/sbin /var/log /usr/share/sendmail-cf + dodir /var/spool/{mqueue,clientmqueue} /etc/conf.d + keepdir /var/spool/{clientmqueue,mqueue} + for dir in libmilter libsmutil sendmail mailstats praliases smrsh makemap vacation + do + make DESTDIR=${D} MANROOT=/usr/share/man/man \ + SBINOWN=root SBINGRP=root UBINOWN=root UBINGRP=root \ + MANOWN=root MANGRP=root INCOWN=root INCGRP=root \ + LIBOWN=root LIBGRP=root GBINOWN=root GBINGRP=root \ + MSPQOWN=root CFOWN=root CFGRP=root \ + install -C ${OBJDIR}/${dir} \ + || die "install failed" + done + for dir in rmail mail.local + do + make DESTDIR=${D} MANROOT=/usr/share/man/man \ + SBINOWN=root SBINGRP=root UBINOWN=root UBINGRP=root \ + MANOWN=root MANGRP=root INCOWN=root INCGRP=root \ + LIBOWN=root LIBGRP=root GBINOWN=root GBINGRP=root \ + MSPQOWN=root CFOWN=root CFGRP=root \ + force-install -C ${OBJDIR}/${dir} \ + || die "install failed" + done + fowners root.smmsp /usr/sbin/sendmail + fowners root.smmsp /var/spool/clientmqueue + fperms 770 /var/spool/clientmqueue + fperms 700 /var/spool/mqueue + dosym /usr/sbin/sendmail /usr/lib/sendmail + dosym /usr/sbin/makemap /usr/bin/makemap + dodoc FAQ LICENSE KNOWNBUGS README RELEASE_NOTES doc/op/op.ps + newdoc sendmail/README README.sendmail + newdoc sendmail/SECURITY SECURITY + newdoc sendmail/TUNING TUNING + newdoc smrsh/README README.smrsh + newdoc libmilter/README README.libmilter + newdoc cf/README README.cf + newdoc cf/cf/README README.install-cf + cp -a cf/* ${D}/usr/share/sendmail-cf + insinto /etc/mail + doins ${FILESDIR}/{sendmail.cf,sendmail.mc} + echo "# local-host-names - include all aliases for your machine here" \ + > ${D}/etc/mail/local-host-names + cat << EOF > ${D}/etc/mail/trusted-users +# trusted-users - users that can send mail as others without a warning +# apache, mailman, majordomo, uucp are good candidates +EOF + cat << EOF > ${D}/etc/mail/access +# Check the /usr/share/doc/sendmail/README.cf file for a description +# of the format of this file. (search for access_db in that file) +# The /usr/share/doc/sendmail/README.cf is part of the sendmail-doc +# package. +# +# by default we allow relaying from localhost... +localhost.localdomain RELAY +localhost RELAY +127.0.0.1 RELAY + +EOF + cat << EOF > ${D}/etc/conf.d/sendmail +# Config file for /etc/init.d/sendmail + +PIDFILE=/var/run/sendmail.pid + +# add start-up options here +SENDMAIL_OPTS="-bd -q30m" # default daemon mode + +EOF + exeinto /etc/init.d + doexe ${FILESDIR}/sendmail +} |