From 0d2ad91a2a60915a6988a7a7889f81fdbe57f358 Mon Sep 17 00:00:00 2001 From: Michael Mair-Keimberger Date: Sat, 28 Apr 2018 09:45:22 +0200 Subject: [PATCH] mail-mta/exim: remove unused patches Signed-off-by: Fabian Groffen --- .../files/exim-4.89-CVE-2017-1000369.patch | 58 ------------- .../exim/files/exim-4.89-CVE-2017-16943.patch | 40 --------- .../exim/files/exim-4.89-CVE-2017-16944.patch | 57 ------------- .../exim-4.89-address-expando-crash.patch | 85 ------------------- .../files/exim-4.89-transport-crash.patch | 62 -------------- 5 files changed, 302 deletions(-) delete mode 100644 mail-mta/exim/files/exim-4.89-CVE-2017-1000369.patch delete mode 100644 mail-mta/exim/files/exim-4.89-CVE-2017-16943.patch delete mode 100644 mail-mta/exim/files/exim-4.89-CVE-2017-16944.patch delete mode 100644 mail-mta/exim/files/exim-4.89-address-expando-crash.patch delete mode 100644 mail-mta/exim/files/exim-4.89-transport-crash.patch diff --git a/mail-mta/exim/files/exim-4.89-CVE-2017-1000369.patch b/mail-mta/exim/files/exim-4.89-CVE-2017-1000369.patch deleted file mode 100644 index c3d976a2b9071..0000000000000 --- a/mail-mta/exim/files/exim-4.89-CVE-2017-1000369.patch +++ /dev/null @@ -1,58 +0,0 @@ -CVE-2017-1000369 - -https://github.com/Exim/exim/commit/65e061b76867a9ea7aeeb535341b790b90ae6c21 - ---- a/doc/exim.8 -+++ b/doc/exim.8 -@@ -1350,7 +1350,7 @@ option sets the received protocol value that is stored in - or \fB\-bs\fP is used. For \fB\-bh\fP, the protocol is forced to one of the standard - SMTP protocol names. For \fB\-bs\fP, the protocol is always "local\-" followed by - one of those same names. For \fB\-bS\fP (batched SMTP) however, the protocol can --be set by \fB\-oMr\fP. -+be set by \fB\-oMr\fP. Repeated use of this option is not supported. - .TP 10 - \fB\-oMs\fP <\fIhost name\fP> - See \fB\-oMa\fP above for general remarks about the \fB\-oM\fP options. The \fB\-oMs\fP -@@ -1418,6 +1418,7 @@ host name and its colon can be omitted when only the protocol is to be set. - Note the Exim already has two private options, \fB\-pd\fP and \fB\-ps\fP, that refer - to embedded Perl. It is therefore impossible to set a protocol value of d - or s using this option (but that does not seem a real limitation). -+Repeated use of this option is not supported. - .TP 10 - \fB\-q\fP - This option is normally restricted to admin users. However, there is a ---- a/src/exim.c -+++ b/src/exim.c -@@ -3092,7 +3092,14 @@ for (i = 1; i < argc; i++) - - /* -oMr: Received protocol */ - -- else if (Ustrcmp(argrest, "Mr") == 0) received_protocol = argv[++i]; -+ else if (Ustrcmp(argrest, "Mr") == 0) -+ -+ if (received_protocol) -+ { -+ fprintf(stderr, "received_protocol is set already\n"); -+ exit(EXIT_FAILURE); -+ } -+ else received_protocol = argv[++i]; - - /* -oMs: Set sender host name */ - -@@ -3188,7 +3195,15 @@ for (i = 1; i < argc; i++) - - if (*argrest != 0) - { -- uschar *hn = Ustrchr(argrest, ':'); -+ uschar *hn; -+ -+ if (received_protocol) -+ { -+ fprintf(stderr, "received_protocol is set already\n"); -+ exit(EXIT_FAILURE); -+ } -+ -+ hn = Ustrchr(argrest, ':'); - if (hn == NULL) - { - received_protocol = argrest; diff --git a/mail-mta/exim/files/exim-4.89-CVE-2017-16943.patch b/mail-mta/exim/files/exim-4.89-CVE-2017-16943.patch deleted file mode 100644 index b864ffa5ad17f..0000000000000 --- a/mail-mta/exim/files/exim-4.89-CVE-2017-16943.patch +++ /dev/null @@ -1,40 +0,0 @@ -From 4e6ae6235c68de243b1c2419027472d7659aa2b4 Mon Sep 17 00:00:00 2001 -From: Jeremy Harris -Date: Fri, 24 Nov 2017 20:22:33 +0000 -Subject: [PATCH] Avoid release of store if there have been later allocations. - Bug 2199 - ---- - src/src/receive.c | 7 ++++--- - 1 file changed, 4 insertions(+), 3 deletions(-) - -diff --git a/src/src/receive.c b/src/src/receive.c -index e7e518a..d9b5001 100644 ---- a/src/src/receive.c -+++ b/src/src/receive.c -@@ -1810,8 +1810,8 @@ for (;;) - (and sometimes lunatic messages can have ones that are 100s of K long) we - call store_release() for strings that have been copied - if the string is at - the start of a block (and therefore the only thing in it, because we aren't -- doing any other gets), the block gets freed. We can only do this because we -- know there are no other calls to store_get() going on. */ -+ doing any other gets), the block gets freed. We can only do this release if -+ there were no allocations since the once that we want to free. */ - - if (ptr >= header_size - 4) - { -@@ -1820,9 +1820,10 @@ for (;;) - header_size *= 2; - if (!store_extend(next->text, oldsize, header_size)) - { -+ BOOL release_ok = store_last_get[store_pool] == next->text; - uschar *newtext = store_get(header_size); - memcpy(newtext, next->text, ptr); -- store_release(next->text); -+ if (release_ok) store_release(next->text); - next->text = newtext; - } - } --- -1.9.1 - diff --git a/mail-mta/exim/files/exim-4.89-CVE-2017-16944.patch b/mail-mta/exim/files/exim-4.89-CVE-2017-16944.patch deleted file mode 100644 index 285a6170aa82b..0000000000000 --- a/mail-mta/exim/files/exim-4.89-CVE-2017-16944.patch +++ /dev/null @@ -1,57 +0,0 @@ -From 178ecb70987f024f0e775d87c2f8b2cf587dd542 Mon Sep 17 00:00:00 2001 -From: "Heiko Schlittermann (HS12-RIPE)" -Date: Mon, 27 Nov 2017 22:42:33 +0100 -Subject: [PATCH] Chunking: do not treat the first lonely dot special. - CVE-2017-16944, Bug 2201 - -Modified to apply on 4.89-gentoo - ---- - src/src/receive.c | 2 +- - src/src/smtp_in.c | 7 +++++++ - 2 files changed, 8 insertions(+), 1 deletion(-) - -diff --git a/src/src/receive.c b/src/src/receive.c -index 541eba1..417e975 100644 ---- a/src/src/receive.c -+++ b/src/src/receive.c -@@ -1865,7 +1865,7 @@ for (;;) - prevent further reading), and break out of the loop, having freed the - empty header, and set next = NULL to indicate no data line. */ - -- if (ptr == 0 && ch == '.' && (smtp_input || dot_ends)) -+ if (ptr == 0 && ch == '.' && dot_ends) - { - ch = (receive_getc)(GETC_BUFFER_UNLIMITED); - if (ch == '\r') -diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c -index 1fdb705..0aabc53 100644 ---- a/src/src/smtp_in.c -+++ b/src/src/smtp_in.c -@@ -5094,16 +5094,23 @@ while (done <= 0) - DEBUG(D_receive) debug_printf("chunking state %d, %d bytes\n", - (int)chunking_state, chunking_data_left); - -+ /* push the current receive_* function on the "stack", and -+ replace them by bdat_getc(), which in turn will use the lwr_receive_* -+ functions to do the dirty work. */ - lwr_receive_getc = receive_getc; - lwr_receive_ungetc = receive_ungetc; -+ - receive_getc = bdat_getc; - receive_ungetc = bdat_ungetc; - -+ dot_ends = FALSE; -+ - goto DATA_BDAT; - } - - case DATA_CMD: - HAD(SCH_DATA); -+ dot_ends = TRUE; - - DATA_BDAT: /* Common code for DATA and BDAT */ - if (!discarded && recipients_count <= 0) --- -1.9.1 - diff --git a/mail-mta/exim/files/exim-4.89-address-expando-crash.patch b/mail-mta/exim/files/exim-4.89-address-expando-crash.patch deleted file mode 100644 index 2a868490a4268..0000000000000 --- a/mail-mta/exim/files/exim-4.89-address-expando-crash.patch +++ /dev/null @@ -1,85 +0,0 @@ -ignoring parts which don't match due to repo reorg post release - -From 1b7cf216d933b395dee691f05becca4dd44b26f7 Mon Sep 17 00:00:00 2001 -From: "Heiko Schlittermann (HS12-RIPE)" -Date: Wed, 4 Oct 2017 22:25:45 +0200 -Subject: [PATCH] Check for proper output separator in expanding - ${addresses:STRING} (Closes 2171) - -Better yet would be to force setting the output separator literally, -and not after expansion of the STRING. But this would be an incompatible -change. ---- - doc/doc-docbook/spec.xfpt | 10 +++++++++- - src/src/expand.c | 8 +++++++- - test/scripts/0000-Basic/0002 | 1 + - test/stdout/0002 | 1 + - 4 files changed, 18 insertions(+), 2 deletions(-) - -ignored - diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt -ignored - index 4a8e1d0..c140945 100644 -ignored - --- a/doc/doc-docbook/spec.xfpt -ignored - +++ b/doc/doc-docbook/spec.xfpt -ignored - @@ -10118,7 +10118,15 @@ character. For example: -ignored - .code -ignored - ${addresses:>& Chief , sec@base.ment (dogsbody)} -ignored - .endd -ignored - -expands to &`ceo@up.stairs&&sec@base.ment`&. Compare the &*address*& (singular) -ignored - +expands to &`ceo@up.stairs&&sec@base.ment`&. The string is expanded -ignored - +first, so if the expanded string starts with >, it may change the output -ignored - +separator unintentionally. This can be avoided by setting the output -ignored - +separator explicitly: -ignored - +.code -ignored - +${addresses:>:$h_from:} -ignored - +.endd -ignored - + -ignored - +Compare the &*address*& (singular) -ignored - expansion item, which extracts the working address from a single RFC2822 -ignored - address. See the &*filter*&, &*map*&, and &*reduce*& items for ways of -ignored - processing lists. -diff --git a/src/src/expand.c b/src/src/expand.c -index 353b8ea..67b3d65 100644 ---- a/src/src/expand.c -+++ b/src/src/expand.c -@@ -6797,7 +6797,13 @@ while (*s != 0) - int start, end, domain; /* Not really used */ - - while (isspace(*sub)) sub++; -- if (*sub == '>') { *outsep = *++sub; ++sub; } -+ if (*sub == '>') -+ if (*outsep = *++sub) ++sub; -+ else { -+ expand_string_message = string_sprintf("output separator " -+ "missing in expanding ${addresses:%s}", --sub); -+ goto EXPAND_FAILED; -+ } - parse_allow_group = TRUE; - - for (;;) -ignored - diff --git a/test/scripts/0000-Basic/0002 b/test/scripts/0000-Basic/0002 -ignored - index cb0bb18..dd9cea2 100644 -ignored - --- a/test/scripts/0000-Basic/0002 -ignored - +++ b/test/scripts/0000-Basic/0002 -ignored - @@ -133,6 +133,7 @@ addresses: ${addresses:>+ Exim Person (that's me),\ -ignored - addresses: ${addresses:Exim Person (that's me), \ -ignored - xyz@abc, nullgroupname:;, group: p@q, r@s; } -ignored - addresses: ${addresses:local-part@dom.ain } -ignored - +addresses: ${addresses:>} -ignored - -ignored - escape: ${escape:B7·F2ò} -ignored - excape8bit: ${escape8bit:undisturbed text\ttab\nnewline\ttab\\backslash \176tilde\177DEL\200\x81.} -ignored - diff --git a/test/stdout/0002 b/test/stdout/0002 -ignored - index 5593f06..1422289 100644 -ignored - --- a/test/stdout/0002 -ignored - +++ b/test/stdout/0002 -ignored - @@ -123,6 +123,7 @@ -ignored - > addresses: local-part@dom.ain+xyz@abc -ignored - > addresses: local-part@dom.ain:xyz@abc:p@q:r@s -ignored - > addresses: -ignored - +> Failed: output separator missing in expanding ${addresses:>} -ignored - > -ignored - > escape: B7\267F2\362 -ignored - > excape8bit: undisturbed text tab --- -1.9.1 - diff --git a/mail-mta/exim/files/exim-4.89-transport-crash.patch b/mail-mta/exim/files/exim-4.89-transport-crash.patch deleted file mode 100644 index 94a1d6b155250..0000000000000 --- a/mail-mta/exim/files/exim-4.89-transport-crash.patch +++ /dev/null @@ -1,62 +0,0 @@ -This is a manual backport of the following commit which fixes the -original bug as well as https://bugs.exim.org/show_bug.cgi?id=2166: - -From e69636bc9ddf3617be688b07941d7d659d50eaa7 Mon Sep 17 00:00:00 2001 -From: Jeremy Harris -Date: Sat, 3 Jun 2017 13:39:18 +0100 -Subject: [PATCH 1/1] Fix crash in transport, on second smtp-connect fail for a - list of target hosts - -Reported as the sequence: - 1MX: 554 on connect (banner) - 2MX: TCP conn timeout - -diff --git a/src/src/transports/smtp.c b/src/src/transports/smtp.c -index 454c0f7..dc9e03b 100644 ---- a/src/src/transports/smtp.c -+++ b/src/src/transports/smtp.c -@@ -2177,25 +2177,34 @@ return OK; - - /* The failure happened while setting up the call; see if the failure was - a 5xx response (this will either be on connection, or following HELO - a 5xx -- after EHLO causes it to try HELO). If so, fail all addresses, as this host is -- never going to accept them. For other errors during setting up (timeouts or -- whatever), defer all addresses, and yield DEFER, so that the host is not -- tried again for a while. */ -+ after EHLO causes it to try HELO). If so, and there are no more hosts to try, -+ fail all addresses, as this host is never going to accept them. For other -+ errors during setting up (timeouts or whatever), defer all addresses, and -+ yield DEFER, so that the host is not tried again for a while. -+ -+ XXX This peeking for another host feels like a layering violation. We want -+ to note the host as unusable, but down here we shouldn't know if this was -+ the last host to try for the addr(list). Perhaps the upper layer should be -+ the one to do set_errno() ? The problem is that currently the addr is where -+ errno etc. are stashed, but until we run out of hosts to try the errors are -+ host-specific. Maybe we should enhance the host_item definition? */ - - FAILED: - sx->ok = FALSE; /* For when reached by GOTO */ -- -- yield = code == '5' -+ set_errno(sx->addrlist, errno, message, -+ sx->host->next -+ ? DEFER -+ : code == '5' - #ifdef SUPPORT_I18N -- || errno == ERRNO_UTF8_FWD -+ || errno == ERRNO_UTF8_FWD - #endif -- ? FAIL : DEFER; -- -- set_errno(sx->addrlist, errno, message, yield, pass_message, sx->host -+ ? FAIL : DEFER, -+ pass_message, sx->host - #ifdef EXPERIMENTAL_DSN_INFO - , sx->smtp_greeting, sx->helo_response - #endif - ); -+ yield = DEFER; - } - -