diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2020-05-30 11:44:06 +0100 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2020-05-30 11:44:06 +0100 |
commit | f516638b7fe9592837389826a6152a7e1b251c54 (patch) | |
tree | 8bfecb640b7b6403d7a3d662d923eed630033da7 /mail-mta/netqmail | |
parent | 1a61119f9f7b057830e2ce0563f913ec86f282ad (diff) |
gentoo resync : 30.05.2020
Diffstat (limited to 'mail-mta/netqmail')
-rw-r--r-- | mail-mta/netqmail/Manifest | 5 | ||||
-rw-r--r-- | mail-mta/netqmail/files/netqmail-1.06-CVE-2005-1513.patch | 66 | ||||
-rw-r--r-- | mail-mta/netqmail/files/netqmail-1.06-CVE-2005-1514.patch | 39 | ||||
-rw-r--r-- | mail-mta/netqmail/files/netqmail-1.06-CVE-2005-1515.patch | 64 | ||||
-rw-r--r-- | mail-mta/netqmail/files/netqmail-1.06-overflows.patch | 223 | ||||
-rw-r--r-- | mail-mta/netqmail/netqmail-1.06-r13.ebuild | 203 |
6 files changed, 600 insertions, 0 deletions
diff --git a/mail-mta/netqmail/Manifest b/mail-mta/netqmail/Manifest index 04ba575761c8..f57b6812d1e5 100644 --- a/mail-mta/netqmail/Manifest +++ b/mail-mta/netqmail/Manifest @@ -1,8 +1,12 @@ AUX 1.06-exit.patch 551 BLAKE2B 77a928b1aff304bce5b5df69d067e1271f6ce5ecf0342486d4c8dcbb3546f1a19cdf758a3af3ebbc24d02d3e924a05dceaf7ab6c27605f662df4ec66fc80067b SHA512 9623d4c045d1399ca035ad49f82e50a344529edffaf7c0e2f1015fe0958dfaf8814462a70b944403203d84b86852e8a01f6a3c4688228b45443258dc908e9236 AUX 1.06-fbsd-utmpx.patch 1902 BLAKE2B 8c2a278e10ed48db89b76c7005655f6e7707ee4e61d9cbfdcfbd3b7f335450131eecb810b1bc92fd49243ae03ab7f94384bf9078115f01bcf625d8c87d624040 SHA512 c1267365a1199aa5041cc75769e838cfacddd82e1f6dddcc99d86f4b4fc901d8604abdab96a86479109f2278970d88249d8013115dfb89d3e2cfa0e823a01a86 AUX 1.06-readwrite.patch 237 BLAKE2B a8c9af939378bb423c68aebdafeeb3ecb53def9e7d050272e6f669c4d99d938a10a268420b1cf7e699146b3f71bb75c461e45f3f0905b9ccd3371572947aafca SHA512 4cfb7991f2b30740d007a655743e77f5271ebefb4ed31ceb44d10ee53168eec713bbe64ff3616c372851c5fe1f04e57601dc83a27f1ce9cccdd0e2fbc942b550 +AUX netqmail-1.06-CVE-2005-1513.patch 2362 BLAKE2B 9fa61890284f6ef84de6c0781ccad4bc998865785a7ce3bb5ce2b6fa6d3d84a65718262d009d72cb787609272b830b87ba19c393cbfecf91721b018185a72fee SHA512 0f0a6c72b3479e44f105f629599a08f55baa03d7794075baaea20897079888fb14dcac0227a280f9dd91d1d62e8b05984383e150e61d40c674131a105dfad762 +AUX netqmail-1.06-CVE-2005-1514.patch 972 BLAKE2B 464f62fb87e3aa7580e850a3210f3b606e24e9e586cdceca4c3b3270f0e073a020db457d4efce27ad500e89b30c3c73192d48305ac6aa53e21951f6e6429dff3 SHA512 7b6cd95ff2e1f238877b2208440808dd28fccdbeb1b87cc827c92e1fb433b2e829a21eadce9e1cab07da4a2838a2ee391850bd451ce775004fb1fcb4bd3fafd9 +AUX netqmail-1.06-CVE-2005-1515.patch 1820 BLAKE2B 05bef22814dea4925e04f9cf5533d97c7c102184ff0cc026ae57f09c9f20ac750c73b390680383278f2bb78bb76872f5b412a70f90e133ad5b01edf6bfad6fd4 SHA512 83da821b37abf34b36e36cf95ea07624d7d2e4780328e2e0c1a2580dcbb1b0f38f41b8106217d4277b7576a3b065bd1dd35da979817e36d4b2e4a904687b300e AUX netqmail-1.06-any-to-cname.patch 3242 BLAKE2B ea216ecf0d2f3fd4decc92d4826559438edc9764b6910c8ef328863f4c94a1b6af57b1619a74ffd67eb09ae2725a24e53ff75cc24d2aa7896f6bb39392840ed4 SHA512 9f2fea79807d1f6da0494c992993217809f2fda2b00847ed7af7ea73e81fc421c26a14fcae7d77783e2c15be425159f5fba3f20e6c3d88e67134ec0678d3a4cd AUX netqmail-1.06-ipme-multiple.patch 3694 BLAKE2B 53d1db0766a1720cf626210bd9272f2e5bbe310738c934ed8c3c0ffc7adb54ba8938af0d12771c77f59cada9d1c97f858cacfd86a4a0b0bcbb5c6c4e7d0d0d6e SHA512 08f26af9ecab24258956d20c8e7201bd4f3d55ce9f2793417ae3fa1ecae4e610eaa2fcfe01462ffa70f4974b5ee4969851c254ab051fe039dd2a8eb9fb8b8f5e +AUX netqmail-1.06-overflows.patch 5874 BLAKE2B d54f69a8696612ef542de8fadbc36463b56fdcb756d9d6e606440586533fb7929e755c1cf64d9cb88f7c8503bfd36b356b2e003c26e3b074889b1b897c75141e SHA512 dfd34f5005c33fdcce6be90765420c485c89e282cc5db4d667f254f7cc83112f08b99a93c4f520a7380c60fa5c0944a183bf5455b6d51f5fbb66e9bac899c196 AUX qmail-smtputf8-crlf-fix.patch 397 BLAKE2B 3ca4abcb9f1c1604828c31f358a6da3b3f9734a76d736b1dacada786e69ef010bdb0254d8106c82859ad66f21e1f81249db5f49984116ac84e7c719770999306 SHA512 b6e8060ef00464f429bc8b6d47d294c8e021ddef1991b7cf212a277f375872672d7f4ef799d93f1913fcb9260cb6d74049e6e9978aa43b59228e6c0c067cd87b AUX qmail-smtputf8.patch 6693 BLAKE2B 1b9cd78e63ab9f2f8ca9f49c49406f603efb31d323bb4423aaa8b970c2c26a7e76496a449a98501765dc1a5e6659d9bfd49a6dafbdba14db9a9594e1d1c9b94f SHA512 8cafdf1a4f1fd41e6b11ee2abddac5c3da4a1d2ab17b5d3847433875a91f867a26eb358ae8c41791f1e77758e5a2c311134a286d888ccd23fbede6d9f0b475c4 DIST big-todo.103.patch 5546 BLAKE2B 34889a97c642bafedebdd3fba7dd848e58f692bbebb33da26f39d47d65ac2067cc6bfeea9f044dcebcdce53bf789c7b2e029d6542ad1926a420291d4b59d7554 SHA512 fe6e19a94fb7dbe51f7164e38a91d8edb636251569d44ace1e146fe5f607b240edafb2884daaac481ff3219142ab553cfd5b01786e0dfc4662ef07336b789975 @@ -14,4 +18,5 @@ DIST qmail-smtputf8.patch 6693 BLAKE2B 1b9cd78e63ab9f2f8ca9f49c49406f603efb31d32 DIST qmail-spp-0.42.tar.gz 18689 BLAKE2B df67f10f6daf9601fd074c774c5be4decca59f3e790774d502c28ebd495f9d7523ecebfd37abd333e347151647364d08d3ccc25099c82748bf7b7ea84bb18977 SHA512 03449862886a0ca20fbadab4c94b34b55d185f8df3261bd68aea99e9ded9edfab4477c6b38a8e0295e9b38b0045615da8b1a906a458f28745eadd3c4d882bcbf DIST vu555316.patch 617 BLAKE2B fa98c360cb199fc4367c668d605399cc53ab2d26668f5ed6bbf0c26449fdf584f71fd415d80ba7babb6593dc842ec342aba4f7357ae838e6556d43f1dc76b6d9 SHA512 5d7810360e5eaa8e8ee141fe92c765d9458aa12198a8d0ac702e0630e08d060ad4a1d33690d434f20f5aff79eb200cd8173bebc334c411e340c0198b5d8d1a65 EBUILD netqmail-1.06-r12.ebuild 4558 BLAKE2B 9adfc66473fb61f908cb90f881fa3f23341df3d2e734e997164c3d6151fc540db39efd6680c289c0f86e3d78ba1fdc49e8f6ba2ef325562ffbf177024af2d3fa SHA512 736fab292b62cd258357a612159485adf80681e1244aa9057d8eb7b8ec2069b5538654653f9ca5d4132139151dcb935c54a9e8395a8aa0517e2f92654ab0d4f5 +EBUILD netqmail-1.06-r13.ebuild 4716 BLAKE2B caa266393bebd340fe69c0db66340b5b58545da63d0118f6dabf247f0f8dd887b394fd1900b5e808499d410fc31ab9e24d602164f9c1b62450958c0e8032607c SHA512 99d405d30686b2fd603b2d93acac021057305aa369a536494232f2499901005b43dde2483de79024a7c4328d2e3a901e3f217699ec66b6edcaa40fa2df6e2c13 MISC metadata.xml 720 BLAKE2B 9bd0209a0db8075a22507fb63fa9f045959323da3b4c53e3d9da9d412fd39ff3576dc29c6d2af9db949e5fee4e98e166bbc41ce1d48ba0f8964e85fbe99728bb SHA512 57330a6fa33d3c65b0fe1289f89d356bebca6e7c8ba47cb5edfe53cd74938646ca60e3d001facab1fa5c4071fee7c3a8e0ad2ba2b4604aea3a8525c391991715 diff --git a/mail-mta/netqmail/files/netqmail-1.06-CVE-2005-1513.patch b/mail-mta/netqmail/files/netqmail-1.06-CVE-2005-1513.patch new file mode 100644 index 000000000000..58af5a9cee11 --- /dev/null +++ b/mail-mta/netqmail/files/netqmail-1.06-CVE-2005-1513.patch @@ -0,0 +1,66 @@ +From bb92ea678c2a2a524d2ee6e9d598275a659168d2 Mon Sep 17 00:00:00 2001 +From: Rolf Eike Beer <eike@sf-mail.de> +Date: Mon, 11 May 2020 18:30:13 +0200 +Subject: [PATCH 3/4] mimimum fix for CVE-2005-1513 + +The first allocation at the tail of the function is not changed as that +one starts with a small number of elements and grows only on +subsequent call.s +--- + gen_allocdefs.h | 27 ++++++++++++++++++++++----- + 1 file changed, 22 insertions(+), 5 deletions(-) + +diff --git a/gen_allocdefs.h b/gen_allocdefs.h +index 783a9b1..0588441 100644 +--- a/gen_allocdefs.h ++++ b/gen_allocdefs.h +@@ -4,24 +4,41 @@ + #define GEN_ALLOC_ready(ta,type,field,len,a,i,n,x,base,ta_ready) \ + int ta_ready(x,n) register ta *x; register unsigned int n; \ + { register unsigned int i; \ ++ unsigned int nlen; \ + if (x->field) { \ + i = x->a; \ + if (n > i) { \ +- x->a = base + n + (n >> 3); \ +- if (alloc_re(&x->field,i * sizeof(type),x->a * sizeof(type))) return 1; \ ++ unsigned int nnum; \ ++ if (__builtin_add_overflow(base, n, &nlen)) \ ++ return 0; \ ++ if (__builtin_add_overflow(nlen, n >> 3, &nlen)) \ ++ return 0; \ ++ if (__builtin_mul_overflow(nlen, sizeof(type), &nnum)) \ ++ return 0; \ ++ x->a = nlen; \ ++ if (alloc_re(&x->field,i * sizeof(type),nnum)) return 1; \ + x->a = i; return 0; } \ + return 1; } \ + x->len = 0; \ + return !!(x->field = (type *) alloc((x->a = n) * sizeof(type))); } + + #define GEN_ALLOC_readyplus(ta,type,field,len,a,i,n,x,base,ta_rplus) \ +-int ta_rplus(x,n) register ta *x; register unsigned int n; \ ++int ta_rplus(x,n) register ta *x; unsigned int n; \ + { register unsigned int i; \ + if (x->field) { \ + i = x->a; n += x->len; \ ++ if (__builtin_add_overflow(n, x->len, &n)) \ ++ return 0; \ + if (n > i) { \ +- x->a = base + n + (n >> 3); \ +- if (alloc_re(&x->field,i * sizeof(type),x->a * sizeof(type))) return 1; \ ++ unsigned int nlen, nnum; \ ++ if (__builtin_add_overflow(base, n, &nlen)) \ ++ return 0; \ ++ if (__builtin_add_overflow(nlen, n >> 3, &nlen)) \ ++ return 0; \ ++ if (__builtin_mul_overflow(nlen, sizeof(type), &nnum)) \ ++ return 0; \ ++ x->a = nlen; \ ++ if (alloc_re(&x->field,i * sizeof(type),nnum)) return 1; \ + x->a = i; return 0; } \ + return 1; } \ + x->len = 0; \ +-- +2.26.1 + diff --git a/mail-mta/netqmail/files/netqmail-1.06-CVE-2005-1514.patch b/mail-mta/netqmail/files/netqmail-1.06-CVE-2005-1514.patch new file mode 100644 index 000000000000..3876c290b676 --- /dev/null +++ b/mail-mta/netqmail/files/netqmail-1.06-CVE-2005-1514.patch @@ -0,0 +1,39 @@ +From dc617a2f2d31e4c448b806791b3f8736cf9d1ffb Mon Sep 17 00:00:00 2001 +From: Rolf Eike Beer <eike@sf-mail.de> +Date: Tue, 12 May 2020 20:06:38 +0200 +Subject: [PATCH 2/4] fix possible signed integer overflow in commands() + (CVE-2005-1514) + +Fix it as suggested by the Qualys Security Advisory team. +--- + commands.c | 7 ++++--- + 1 file changed, 4 insertions(+), 3 deletions(-) + +diff --git a/commands.c b/commands.c +index b0d3f61..90a50c9 100644 +--- a/commands.c ++++ b/commands.c +@@ -10,16 +10,17 @@ int commands(ss,c) + substdio *ss; + struct commands *c; + { +- int i; ++ unsigned int i; + char *arg; + + for (;;) { + if (!stralloc_copys(&cmd,"")) return -1; + + for (;;) { ++ int j; + if (!stralloc_readyplus(&cmd,1)) return -1; +- i = substdio_get(ss,cmd.s + cmd.len,1); +- if (i != 1) return i; ++ j = substdio_get(ss,cmd.s + cmd.len,1); ++ if (j != 1) return j; + if (cmd.s[cmd.len] == '\n') break; + ++cmd.len; + } +-- +2.26.1 + diff --git a/mail-mta/netqmail/files/netqmail-1.06-CVE-2005-1515.patch b/mail-mta/netqmail/files/netqmail-1.06-CVE-2005-1515.patch new file mode 100644 index 000000000000..f1df70022e17 --- /dev/null +++ b/mail-mta/netqmail/files/netqmail-1.06-CVE-2005-1515.patch @@ -0,0 +1,64 @@ +From 5540e1b47ac043033e6661b4e04dcaf958db0110 Mon Sep 17 00:00:00 2001 +From: Rolf Eike Beer <eike@sf-mail.de> +Date: Mon, 11 May 2020 18:55:11 +0200 +Subject: [PATCH 1/4] fix signedness wraparound in substdio_put() + (CVE-2005-1515) + +--- + qmail.c | 2 +- + substdo.c | 14 ++++++++------ + 2 files changed, 9 insertions(+), 7 deletions(-) + +diff --git a/qmail.c b/qmail.c +index 186c092..7c86a04 100644 +--- a/qmail.c ++++ b/qmail.c +@@ -61,7 +61,7 @@ void qmail_fail(qq) struct qmail *qq; + qq->flagerr = 1; + } + +-void qmail_put(qq,s,len) struct qmail *qq; char *s; int len; ++void qmail_put(qq,s,len) struct qmail *qq; char *s; unsigned int len; + { + if (!qq->flagerr) if (substdio_put(&qq->ss,s,len) == -1) qq->flagerr = 1; + } +diff --git a/substdo.c b/substdo.c +index fb616f7..bccf0d6 100644 +--- a/substdo.c ++++ b/substdo.c +@@ -7,7 +7,7 @@ static int allwrite(op,fd,buf,len) + register int (*op)(); + register int fd; + register char *buf; +-register int len; ++register unsigned int len; + { + register int w; + +@@ -55,16 +55,18 @@ register int len; + int substdio_put(s,buf,len) + register substdio *s; + register char *buf; +-register int len; ++register unsigned int len; + { +- register int n; ++ register unsigned int n = s->n; /* how many bytes to write in next chunk */ + +- n = s->n; +- if (len > n - s->p) { ++ /* check if the input would fit in the buffer without flushing */ ++ if (len > n - (unsigned int)s->p) { + if (substdio_flush(s) == -1) return -1; + /* now s->p == 0 */ + if (n < SUBSTDIO_OUTSIZE) n = SUBSTDIO_OUTSIZE; +- while (len > s->n) { ++ /* as long as the remainder would not fit into s->x write it directly ++ * from buf to s->fd. */ ++ while (len > (unsigned int)s->n) { + if (n > len) n = len; + if (allwrite(s->op,s->fd,buf,n) == -1) return -1; + buf += n; +-- +2.26.1 + diff --git a/mail-mta/netqmail/files/netqmail-1.06-overflows.patch b/mail-mta/netqmail/files/netqmail-1.06-overflows.patch new file mode 100644 index 000000000000..d9932df972c4 --- /dev/null +++ b/mail-mta/netqmail/files/netqmail-1.06-overflows.patch @@ -0,0 +1,223 @@ +From e8a1e037afc8729bd65d4bda36dedf444f301c0f Mon Sep 17 00:00:00 2001 +From: Rolf Eike Beer <eike@sf-mail.de> +Date: Mon, 11 May 2020 18:30:13 +0200 +Subject: [PATCH 4/4] fix additional length overflows + +--- + Makefile | 6 +++--- + alloc.c | 21 ++++++++++++++------- + qmail-local.c | 3 ++- + qmail-pop3d.c | 3 ++- + quote.c | 10 +++++++++- + stralloc_catb.c | 8 +++++++- + stralloc_opyb.c | 8 +++++++- + substdo.c | 4 ++-- + 8 files changed, 46 insertions(+), 17 deletions(-) + +diff --git a/Makefile b/Makefile +index 0f0e31a..4b592c6 100644 +--- a/Makefile ++++ b/Makefile +@@ -1673,7 +1673,7 @@ qsutil.h + ./compile qsutil.c + + quote.o: \ +-compile quote.c stralloc.h gen_alloc.h str.h quote.h ++compile quote.c stralloc.h gen_alloc.h str.h quote.h error.h + ./compile quote.c + + rcpthosts.o: \ +@@ -1965,7 +1965,7 @@ compile stralloc_cat.c byte.h stralloc.h gen_alloc.h + ./compile stralloc_cat.c + + stralloc_catb.o: \ +-compile stralloc_catb.c stralloc.h gen_alloc.h byte.h ++compile stralloc_catb.c stralloc.h gen_alloc.h byte.h error.h + ./compile stralloc_catb.c + + stralloc_cats.o: \ +@@ -1982,7 +1982,7 @@ gen_allocdefs.h + ./compile stralloc_eady.c + + stralloc_opyb.o: \ +-compile stralloc_opyb.c stralloc.h gen_alloc.h byte.h ++compile stralloc_opyb.c stralloc.h gen_alloc.h byte.h error.h + ./compile stralloc_opyb.c + + stralloc_opys.o: \ +diff --git a/alloc.c b/alloc.c +index c661453..3ab5f6f 100644 +--- a/alloc.c ++++ b/alloc.c +@@ -1,7 +1,6 @@ ++#include <stdlib.h> + #include "alloc.h" + #include "error.h" +-extern char *malloc(); +-extern void free(); + + #define ALIGNMENT 16 /* XXX: assuming that this alignment is enough */ + #define SPACE 4096 /* must be multiple of ALIGNMENT */ +@@ -11,15 +10,23 @@ static aligned realspace[SPACE / ALIGNMENT]; + #define space ((char *) realspace) + static unsigned int avail = SPACE; /* multiple of ALIGNMENT; 0<=avail<=SPACE */ + ++static char *m_alloc(unsigned int n) ++{ ++ char *x = malloc(n); ++ if (!x) errno = error_nomem; ++ return x; ++} ++ + /*@null@*//*@out@*/char *alloc(n) + unsigned int n; + { +- char *x; +- n = ALIGNMENT + n - (n & (ALIGNMENT - 1)); /* XXX: could overflow */ ++ if (n >= SPACE) ++ return m_alloc(n); ++ /* Round it up to the next multiple of alignment. Could overflow if n is ++ * close to 2**32, but by the check above this is already ruled out. */ ++ n = ALIGNMENT + n - (n & (ALIGNMENT - 1)); + if (n <= avail) { avail -= n; return space + avail; } +- x = malloc(n); +- if (!x) errno = error_nomem; +- return x; ++ return m_alloc(n); + } + + void alloc_free(x) +diff --git a/qmail-local.c b/qmail-local.c +index 6fec288..f5e33fd 100644 +--- a/qmail-local.c ++++ b/qmail-local.c +@@ -1,5 +1,6 @@ + #include <sys/types.h> + #include <sys/stat.h> ++#include <stdlib.h> + #include "readwrite.h" + #include "sig.h" + #include "env.h" +@@ -633,7 +634,7 @@ char **argv; + i = j + 1; + } + +- recips = (char **) alloc((numforward + 1) * sizeof(char *)); ++ recips = (char **) calloc(numforward + 1, sizeof(char *)); + if (!recips) temp_nomem(); + numforward = 0; + +diff --git a/qmail-pop3d.c b/qmail-pop3d.c +index 0ca4f9c..1916433 100644 +--- a/qmail-pop3d.c ++++ b/qmail-pop3d.c +@@ -1,5 +1,6 @@ + #include <sys/types.h> + #include <sys/stat.h> ++#include <stdlib.h> + #include "commands.h" + #include "sig.h" + #include "getln.h" +@@ -131,7 +132,7 @@ void getlist() + if (maildir_scan(&pq,&filenames,1,1) == -1) die_scan(); + + numm = pq.p ? pq.len : 0; +- m = (struct message *) alloc(numm * sizeof(struct message)); ++ m = (struct message *) calloc(numm, sizeof(struct message)); + if (!m) die_nomem(); + + for (i = 0;i < numm;++i) { +diff --git a/quote.c b/quote.c +index 659cfcd..73b7214 100644 +--- a/quote.c ++++ b/quote.c +@@ -1,3 +1,4 @@ ++#include "error.h" + #include "stralloc.h" + #include "str.h" + #include "quote.h" +@@ -23,8 +24,15 @@ stralloc *sain; + char ch; + int i; + int j; ++ unsigned int nlen; + +- if (!stralloc_ready(saout,sain->len * 2 + 2)) return 0; ++ /* make sure the size calculation below does not overflow */ ++ if (__builtin_mul_overflow(sain->len, 2, &nlen) || ++ __builtin_add_overflow(nlen, 2, &nlen)) { ++ errno = error_nomem; ++ return 0; ++ } ++ if (!stralloc_ready(saout,nlen)) return 0; + j = 0; + saout->s[j++] = '"'; + for (i = 0;i < sain->len;++i) +diff --git a/stralloc_catb.c b/stralloc_catb.c +index 67dbcc0..a315810 100644 +--- a/stralloc_catb.c ++++ b/stralloc_catb.c +@@ -1,13 +1,19 @@ + #include "stralloc.h" + #include "byte.h" ++#include "error.h" + + int stralloc_catb(sa,s,n) + stralloc *sa; + char *s; + unsigned int n; + { ++ unsigned int i; + if (!sa->s) return stralloc_copyb(sa,s,n); +- if (!stralloc_readyplus(sa,n + 1)) return 0; ++ if (__builtin_add_overflow(n, 1, &i)) { ++ errno = error_nomem; ++ return 0; ++ } ++ if (!stralloc_readyplus(sa,i)) return 0; + byte_copy(sa->s + sa->len,n,s); + sa->len += n; + sa->s[sa->len] = 'Z'; /* ``offensive programming'' */ +diff --git a/stralloc_opyb.c b/stralloc_opyb.c +index ac258b3..8a6f305 100644 +--- a/stralloc_opyb.c ++++ b/stralloc_opyb.c +@@ -1,12 +1,18 @@ + #include "stralloc.h" + #include "byte.h" ++#include "error.h" + + int stralloc_copyb(sa,s,n) + stralloc *sa; + char *s; + unsigned int n; + { +- if (!stralloc_ready(sa,n + 1)) return 0; ++ unsigned int i; ++ if (__builtin_add_overflow(n, 1, &i)) { ++ errno = error_nomem; ++ return 0; ++ } ++ if (!stralloc_ready(sa,i)) return 0; + byte_copy(sa->s,n,s); + sa->len = n; + sa->s[n] = 'Z'; /* ``offensive programming'' */ +diff --git a/substdo.c b/substdo.c +index bccf0d6..ad7232a 100644 +--- a/substdo.c ++++ b/substdo.c +@@ -38,9 +38,9 @@ register substdio *s; + int substdio_bput(s,buf,len) + register substdio *s; + register char *buf; +-register int len; ++register unsigned int len; + { +- register int n; ++ register unsigned int n; + + while (len > (n = s->n - s->p)) { + byte_copy(s->x + s->p,n,buf); s->p += n; buf += n; len -= n; +-- +2.26.1 + diff --git a/mail-mta/netqmail/netqmail-1.06-r13.ebuild b/mail-mta/netqmail/netqmail-1.06-r13.ebuild new file mode 100644 index 000000000000..ae21c36a52c5 --- /dev/null +++ b/mail-mta/netqmail/netqmail-1.06-r13.ebuild @@ -0,0 +1,203 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +GENQMAIL_PV=20191010 +QMAIL_SPP_PV=0.42 + +QMAIL_TLS_PV=20190114 +QMAIL_TLS_F=${PN}-1.05-tls-smtpauth-${QMAIL_TLS_PV}.patch +QMAIL_TLS_CVE=vu555316.patch + +QMAIL_BIGTODO_PV=103 +QMAIL_BIGTODO_F=big-todo.${QMAIL_BIGTODO_PV}.patch + +QMAIL_LARGE_DNS='qmail-103.patch' + +QMAIL_SMTPUTF8='qmail-smtputf8.patch' + +inherit qmail + +DESCRIPTION="qmail -- a secure, reliable, efficient, simple message transfer agent" +HOMEPAGE=" + http://netqmail.org + https://cr.yp.to/qmail.html + http://qmail.org +" +SRC_URI="mirror://qmail/${P}.tar.gz + https://github.com/DerDakon/genqmail/releases/download/genqmail-${GENQMAIL_PV}/${GENQMAIL_F} + https://www.ckdhr.com/ckd/${QMAIL_LARGE_DNS} + !vanilla? ( + highvolume? ( mirror://qmail/${QMAIL_BIGTODO_F} ) + qmail-spp? ( mirror://sourceforge/qmail-spp/${QMAIL_SPP_F} ) + ssl? ( + https://mirror.alexh.name/qmail/netqmail/${QMAIL_TLS_F} + http://inoa.net/qmail-tls/${QMAIL_TLS_CVE} + https://arnt.gulbrandsen.priv.no/qmail/qmail-smtputf8.patch + ) + ) +" + +LICENSE="public-domain" +SLOT="0" +KEYWORDS="~alpha amd64 ~arm hppa ~ia64 ~mips ppc ppc64 ~s390 sparc ~x86" +IUSE="authcram gencertdaily highvolume libressl pop3 qmail-spp ssl vanilla" +REQUIRED_USE="vanilla? ( !ssl !qmail-spp !highvolume )" +RESTRICT="test" + +DEPEND=" + acct-group/nofiles + acct-group/qmail + acct-user/alias + acct-user/qmaild + acct-user/qmaill + acct-user/qmailp + acct-user/qmailq + acct-user/qmailr + acct-user/qmails + net-dns/libidn2 + net-mail/queue-repair + sys-apps/gentoo-functions + sys-apps/groff + ssl? ( + !libressl? ( >=dev-libs/openssl-1.1:0= ) + libressl? ( dev-libs/libressl:= ) + ) +" +RDEPEND="${DEPEND} + sys-apps/ucspi-tcp + virtual/checkpassword + virtual/daemontools + authcram? ( >=net-mail/cmd5checkpw-0.30 ) + ssl? ( + pop3? ( sys-apps/ucspi-ssl ) + ) + !mail-mta/courier + !mail-mta/esmtp + !mail-mta/exim + !mail-mta/mini-qmail + !mail-mta/msmtp[mta] + !mail-mta/nullmailer + !mail-mta/opensmtpd + !mail-mta/postfix + !mail-mta/qmail-ldap + !mail-mta/sendmail + !mail-mta/ssmtp[mta] +" + +pkg_setup() { + if [[ -n "${QMAIL_PATCH_DIR}" ]]; then + eerror + eerror "The QMAIL_PATCH_DIR variable for custom patches" + eerror "has been removed from ${PN}. If you need custom patches" + eerror "see 'user patches' in the portage manual." + eerror + die "QMAIL_PATCH_DIR is not supported anymore" + fi +} + +src_unpack() { + genqmail_src_unpack + use qmail-spp && qmail_spp_src_unpack + + unpack ${P}.tar.gz +} + +PATCHES=( + "${FILESDIR}/${PV}-exit.patch" + "${FILESDIR}/${PV}-readwrite.patch" + "${DISTDIR}/${QMAIL_LARGE_DNS}" + "${FILESDIR}/${PV}-fbsd-utmpx.patch" + "${FILESDIR}/${P}-ipme-multiple.patch" + "${FILESDIR}/${P}-any-to-cname.patch" + "${FILESDIR}/${P}-CVE-2005-1513.patch" + "${FILESDIR}/${P}-CVE-2005-1514.patch" + "${FILESDIR}/${P}-CVE-2005-1515.patch" + "${FILESDIR}/${P}-overflows.patch" +) + +src_prepare() { + if ! use vanilla; then + if use ssl; then + # This patch contains relative paths and needs to be cleaned up. + sed 's~^--- \.\./\.\./~--- ~g' \ + < "${DISTDIR}"/${QMAIL_TLS_F} \ + > "${T}"/${QMAIL_TLS_F} || die + PATCHES+=( "${T}/${QMAIL_TLS_F}" + "${DISTDIR}/${QMAIL_TLS_CVE}" + "${FILESDIR}/qmail-smtputf8.patch" + "${FILESDIR}/qmail-smtputf8-crlf-fix.patch" + ) + fi + if use highvolume; then + PATCHES+=( "${DISTDIR}/${QMAIL_BIGTODO_F}" ) + fi + + if use qmail-spp; then + if use ssl; then + SPP_PATCH="${QMAIL_SPP_S}/qmail-spp-smtpauth-tls-20060105.diff" + else + SPP_PATCH="${QMAIL_SPP_S}/netqmail-spp.diff" + fi + # make the patch work with "-p1" + sed -e 's#^--- \([Mq]\)#--- a/\1#' -e 's#^+++ \([Mq]\)#+++ b/\1#' -i ${SPP_PATCH} || die + + PATCHES+=( "${SPP_PATCH}" ) + fi + fi + + default + + qmail_src_postunpack + + # Fix bug #33818 but for netqmail (Bug 137015) + if ! use authcram; then + einfo "Disabled CRAM_MD5 support" + sed -e 's,^#define CRAM_MD5$,/*&*/,' -i "${S}"/qmail-smtpd.c || die + else + einfo "Enabled CRAM_MD5 support" + fi + + ht_fix_file Makefile* +} + +src_compile() { + qmail_src_compile + use qmail-spp && qmail_spp_src_compile +} + +src_install() { + qmail_src_install +} + +pkg_postinst() { + qmail_queue_setup + qmail_rootmail_fixup + qmail_tcprules_build + + qmail_config_notice + qmail_supervise_config_notice + elog + elog "If you are looking for documentation, check those links:" + elog "https://wiki.gentoo.org/wiki/Virtual_mail_hosting_with_qmail" + elog " -- qmail/vpopmail Virtual Mail Hosting System Guide" + elog "http://www.lifewithqmail.com/" + elog " -- Life with qmail" + elog +} + +pkg_preinst() { + qmail_tcprules_fixup +} + +pkg_config() { + # avoid some weird locale problems + export LC_ALL=C + + qmail_config_fast + qmail_tcprules_config + qmail_tcprules_build + + use ssl && qmail_ssl_generate +} |