git://git.exim.org
/
users
/
jgh
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Fix CVE-2016-1531
[users/jgh/exim.git]
/
src
/
src
/
exim.c
diff --git
a/src/src/exim.c
b/src/src/exim.c
index 4e90ca8fd086dd6dce1c98e0233bdaa9e5b330c9..d6f2d4aac601c3fde28b0167461785bad131543e 100644
(file)
--- a/
src/src/exim.c
+++ b/
src/src/exim.c
@@
-823,6
+823,12
@@
fprintf(f, "Support for:");
#ifndef DISABLE_DNSSEC
fprintf(f, " DNSSEC");
#endif
#ifndef DISABLE_DNSSEC
fprintf(f, " DNSSEC");
#endif
+#ifndef DISABLE_EVENT
+ fprintf(f, " Event");
+#endif
+#ifdef SUPPORT_I18N
+ fprintf(f, " I18N");
+#endif
#ifndef DISABLE_OCSP
fprintf(f, " OCSP");
#endif
#ifndef DISABLE_OCSP
fprintf(f, " OCSP");
#endif
@@
-856,15
+862,6
@@
fprintf(f, "Support for:");
#ifdef EXPERIMENTAL_DSN_INFO
fprintf(f, " Experimental_DSN_info");
#endif
#ifdef EXPERIMENTAL_DSN_INFO
fprintf(f, " Experimental_DSN_info");
#endif
-#ifdef EXPERIMENTAL_INTERNATIONAL
- fprintf(f, " Experimental_International");
-#endif
-#ifdef EXPERIMENTAL_EVENT
- fprintf(f, " Experimental_Event");
-#endif
-#ifdef EXPERIMENTAL_REDIS
- fprintf(f, " Experimental_Redis");
-#endif
fprintf(f, "\n");
fprintf(f, "Lookups (built-in):");
fprintf(f, "\n");
fprintf(f, "Lookups (built-in):");
@@
-907,6
+904,9
@@
fprintf(f, "Lookups (built-in):");
#if defined(LOOKUP_PGSQL) && LOOKUP_PGSQL!=2
fprintf(f, " pgsql");
#endif
#if defined(LOOKUP_PGSQL) && LOOKUP_PGSQL!=2
fprintf(f, " pgsql");
#endif
+#if defined(LOOKUP_REDIS) && LOOKUP_REDIS!=2
+ fprintf(f, " redis");
+#endif
#if defined(LOOKUP_SQLITE) && LOOKUP_SQLITE!=2
fprintf(f, " sqlite");
#endif
#if defined(LOOKUP_SQLITE) && LOOKUP_SQLITE!=2
fprintf(f, " sqlite");
#endif
@@
-1031,7
+1031,7
@@
DEBUG(D_any) do {
#ifdef SUPPORT_TLS
tls_version_report(f);
#endif
#ifdef SUPPORT_TLS
tls_version_report(f);
#endif
-#ifdef
EXPERIMENTAL_INTERNATIONAL
+#ifdef
SUPPORT_I18N
utf8_version_report(f);
#endif
utf8_version_report(f);
#endif
@@
-1760,7
+1760,6
@@
regex_whitelisted_macro =
for (i = 0; i < REGEX_VARS; i++) regex_vars[i] = NULL;
for (i = 0; i < REGEX_VARS; i++) regex_vars[i] = NULL;
-
/* If the program is called as "mailq" treat it as equivalent to "exim -bp";
this seems to be a generally accepted convention, since one finds symbolic
links called "mailq" in standard OS configurations. */
/* If the program is called as "mailq" treat it as equivalent to "exim -bp";
this seems to be a generally accepted convention, since one finds symbolic
links called "mailq" in standard OS configurations. */
@@
-2561,12
+2560,12
@@
for (i = 1; i < argc; i++)
if (temp >= argrest && *temp == '.') f_end_dot = TRUE;
allow_domain_literals = TRUE;
strip_trailing_dot = TRUE;
if (temp >= argrest && *temp == '.') f_end_dot = TRUE;
allow_domain_literals = TRUE;
strip_trailing_dot = TRUE;
-#ifdef
EXPERIMENTAL_INTERNATIONAL
+#ifdef
SUPPORT_I18N
allow_utf8_domains = TRUE;
#endif
sender_address = parse_extract_address(argrest, &errmess,
&dummy_start, &dummy_end, &sender_address_domain, TRUE);
allow_utf8_domains = TRUE;
#endif
sender_address = parse_extract_address(argrest, &errmess,
&dummy_start, &dummy_end, &sender_address_domain, TRUE);
-#ifdef
EXPERIMENTAL_INTERNATIONAL
+#ifdef
SUPPORT_I18N
message_smtputf8 = string_is_utf8(sender_address);
allow_utf8_domains = FALSE;
#endif
message_smtputf8 = string_is_utf8(sender_address);
allow_utf8_domains = FALSE;
#endif
@@
-3736,7
+3735,7
@@
is equivalent to the ability to modify a setuid binary!
This needs to happen before we read the main configuration. */
init_lookup_list();
This needs to happen before we read the main configuration. */
init_lookup_list();
-#ifdef
EXPERIMENTAL_INTERNATIONAL
+#ifdef
SUPPORT_I18N
if (running_in_test_harness) smtputf8_advertise_hosts = NULL;
#endif
if (running_in_test_harness) smtputf8_advertise_hosts = NULL;
#endif
@@
-3744,8
+3743,19
@@
if (running_in_test_harness) smtputf8_advertise_hosts = NULL;
is a failure. It leaves the configuration file open so that the subsequent
configuration data for delivery can be read if needed. */
is a failure. It leaves the configuration file open so that the subsequent
configuration data for delivery can be read if needed. */
+/* To be safe: change the working directory to /. */
+if (Uchdir("/") < 0)
+ {
+ perror("exim: chdir `/': ");
+ exit(EXIT_FAILURE);
+ }
+
readconf_main();
readconf_main();
+if (cleanup_environment() == FALSE)
+ log_write(0, LOG_PANIC_DIE, "Can't cleanup environment");
+
+
/* If an action on specific messages is requested, or if a daemon or queue
runner is being started, we need to know if Exim was called by an admin user.
This is the case if the real user is root or exim, or if the real group is
/* If an action on specific messages is requested, or if a daemon or queue
runner is being started, we need to know if Exim was called by an admin user.
This is the case if the real user is root or exim, or if the real group is
@@
-3900,20
+3910,23
@@
if (log_oneline)
temporary files are created; Exim doesn't use these (apart from when delivering
to MBX mailboxes), but called libraries such as DBM libraries may require them.
If TMPDIR is found in the environment, reset it to the value defined in the
temporary files are created; Exim doesn't use these (apart from when delivering
to MBX mailboxes), but called libraries such as DBM libraries may require them.
If TMPDIR is found in the environment, reset it to the value defined in the
-TMPDIR macro, if this macro is defined. */
+EXIM_TMPDIR macro, if this macro is defined. For backward compatibility this
+macro may be called TMPDIR in old "Local/Makefile"s. It's converted to
+EXIM_TMPDIR by the build scripts.
+*/
-#ifdef TMPDIR
+#ifdef
EXIM_
TMPDIR
{
uschar **p;
{
uschar **p;
- for (p = USS environ; *p != NULL; p++)
+
if (environ)
for (p = USS environ; *p != NULL; p++)
{
if (Ustrncmp(*p, "TMPDIR=", 7) == 0 &&
{
if (Ustrncmp(*p, "TMPDIR=", 7) == 0 &&
- Ustrcmp(*p+7, TMPDIR) != 0)
+ Ustrcmp(*p+7,
EXIM_
TMPDIR) != 0)
{
{
- uschar *newp = malloc(Ustrlen(TMPDIR) + 8);
- sprintf(CS newp, "TMPDIR=%s", TMPDIR);
+ uschar *newp = malloc(Ustrlen(
EXIM_
TMPDIR) + 8);
+ sprintf(CS newp, "TMPDIR=%s",
EXIM_
TMPDIR);
*p = newp;
*p = newp;
- DEBUG(D_any) debug_printf("reset TMPDIR=%s in environment\n", TMPDIR);
+ DEBUG(D_any) debug_printf("reset TMPDIR=%s in environment\n",
EXIM_
TMPDIR);
}
}
}
}
}
}
@@
-3945,10
+3958,10
@@
else
uschar **new;
uschar **newp;
int count = 0;
uschar **new;
uschar **newp;
int count = 0;
- while (*p++ != NULL) count++;
+
if (environ)
while (*p++ != NULL) count++;
if (envtz == NULL) count++;
newp = new = malloc(sizeof(uschar *) * (count + 1));
if (envtz == NULL) count++;
newp = new = malloc(sizeof(uschar *) * (count + 1));
- for (p = USS environ; *p != NULL; p++)
+
if (environ)
for (p = USS environ; *p != NULL; p++)
{
if (Ustrncmp(*p, "TZ=", 3) == 0) continue;
*newp++ = *p;
{
if (Ustrncmp(*p, "TZ=", 3) == 0) continue;
*newp++ = *p;
@@
-4538,7
+4551,8
@@
if (list_options)
(Ustrcmp(argv[i], "router") == 0 ||
Ustrcmp(argv[i], "transport") == 0 ||
Ustrcmp(argv[i], "authenticator") == 0 ||
(Ustrcmp(argv[i], "router") == 0 ||
Ustrcmp(argv[i], "transport") == 0 ||
Ustrcmp(argv[i], "authenticator") == 0 ||
- Ustrcmp(argv[i], "macro") == 0))
+ Ustrcmp(argv[i], "macro") == 0 ||
+ Ustrcmp(argv[i], "environment") == 0))
{
readconf_print(argv[i+1], argv[i], flag_n);
i++;
{
readconf_print(argv[i+1], argv[i], flag_n);
i++;
@@
-4556,6
+4570,12
@@
if (list_config)
}
}
+/* Initialise subsystems as required */
+#ifndef DISABLE_DKIM
+dkim_exim_init();
+#endif
+
+
/* Handle a request to deliver one or more messages that are already on the
queue. Values of msg_action other than MSG_DELIVER and MSG_LOAD are dealt with
above. MSG_LOAD is handled with -be (which is the only time it applies) below.
/* Handle a request to deliver one or more messages that are already on the
queue. Values of msg_action other than MSG_DELIVER and MSG_LOAD are dealt with
above. MSG_LOAD is handled with -be (which is the only time it applies) below.
@@
-5051,6
+5071,7
@@
if (host_checking)
"**** This is not for real!\n\n",
sender_host_address);
"**** This is not for real!\n\n",
sender_host_address);
+ memset(sender_host_cache, 0, sizeof(sender_host_cache));
if (verify_check_host(&hosts_connection_nolog) == OK)
BIT_CLEAR(log_selector, log_selector_size, Li_smtp_connection);
log_write(L_smtp_connection, LOG_MAIN, "%s", smtp_get_connection_info());
if (verify_check_host(&hosts_connection_nolog) == OK)
BIT_CLEAR(log_selector, log_selector_size, Li_smtp_connection);
log_write(L_smtp_connection, LOG_MAIN, "%s", smtp_get_connection_info());
@@
-5121,7
+5142,7
@@
if (mua_wrapper)
deliver_drop_privilege = TRUE;
queue_smtp = FALSE;
queue_smtp_domains = NULL;
deliver_drop_privilege = TRUE;
queue_smtp = FALSE;
queue_smtp_domains = NULL;
-#ifdef
EXPERIMENTAL_INTERNATIONAL
+#ifdef
SUPPORT_I18N
message_utf8_downconvert = -1; /* convert-if-needed */
#endif
}
message_utf8_downconvert = -1; /* convert-if-needed */
#endif
}
@@
-5225,6
+5246,7
@@
if (smtp_input)
{
smtp_in = stdin;
smtp_out = stdout;
{
smtp_in = stdin;
smtp_out = stdout;
+ memset(sender_host_cache, 0, sizeof(sender_host_cache));
if (verify_check_host(&hosts_connection_nolog) == OK)
BIT_CLEAR(log_selector, log_selector_size, Li_smtp_connection);
log_write(L_smtp_connection, LOG_MAIN, "%s", smtp_get_connection_info());
if (verify_check_host(&hosts_connection_nolog) == OK)
BIT_CLEAR(log_selector, log_selector_size, Li_smtp_connection);
log_write(L_smtp_connection, LOG_MAIN, "%s", smtp_get_connection_info());
@@
-5414,7
+5436,7
@@
while (more)
errors_sender_rc : EXIT_FAILURE;
}
errors_sender_rc : EXIT_FAILURE;
}
-#ifdef
EXPERIMENTAL_INTERNATIONAL
+#ifdef
SUPPORT_I18N
{
BOOL b = allow_utf8_domains;
allow_utf8_domains = TRUE;
{
BOOL b = allow_utf8_domains;
allow_utf8_domains = TRUE;
@@
-5422,7
+5444,7
@@
while (more)
recipient =
parse_extract_address(s, &errmess, &start, &end, &domain, FALSE);
recipient =
parse_extract_address(s, &errmess, &start, &end, &domain, FALSE);
-#ifdef
EXPERIMENTAL_INTERNATIONAL
+#ifdef
SUPPORT_I18N
if (string_is_utf8(recipient))
message_smtputf8 = TRUE;
else
if (string_is_utf8(recipient))
message_smtputf8 = TRUE;
else