sendmail snapshot 8.18.1.9
From
Claus =?iso-8859-1?Q?A=DFmann?= @21:1/5 to All on Sat Feb 8 03:52:43 2025
sendmail snapshot 8.18.1.9 is available for testing. It fixes several
problems:
Avoid adding a second To: header to DSNs, instead any
additional addresses are appended to an existing
To: header (this also applies to Cc: and Bcc:).
Fix matching of wildcard SANs in the experimental support
for SMTP MTA Strict Transport Security (MTA-STS).
Problem reported by Dilyan Palauzo.
MaxQueueAge is now observed for all types of QueueSortOrder
even those which internally skip some code (including
the MaxQueueAge check).
On some systems the rejection of a RCPT by a milter could
silently be ignored.
and adds support for Darwin 24.
SHA256(sendmail.8.18.1.9.tar.gz)= 3e8b517f222d688b332999c42ed76756e8083dd107e77a82cf4a5595683bb7a2
SHA256(sendmail.8.18.1.9.tar.gz.sig)= fd6db75dd687e1b6eac126f8488c88567992cc7dbca145c3ea8011eacb3acd4a
Available at:
https://ftp.sendmail.org/snapshots/sendmail.8.18.1.9.tar.gz https://ftp.sendmail.org/snapshots/sendmail.8.18.1.9.tar.gz.sig
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)
From
HQuest@21:1/5 to
All on Sun Feb 9 13:48:48 2025
Thank you, Claus, for the Sunday update. A few warnings during build
time (some external to sendmail). Compiled against OpenSSL 3.4.0 on a
Slackware -current (current as of Feb 9, 2025). Apologies if the line
wrapping makes it harder to read.
$ more site.config.m4
APPENDDEF(`confMAPDEF', `-DNEWDB')
APPENDDEF(`confLIBS', `-lnsl -lssl -lcrypto -lsasl2 -lwrap -lm -ldb
-lresolv -licuuc -licui18n -licudata')
APPENDDEF(`conf_libmilter_ENVDEF', `-DMILTER') APPENDDEF(`conf_sendmail_ENVDEF', `-DMILTER')
APPENDDEF(`confENVDEF', `-DNETINET6 -DIPV6_FULL -DNEWDB -DSTARTTLS
-DDANE -DSASL=2 -DTCPWRAPPERS -DNIS -DMAP_REGEX -DSOCKETMAP -DTLS_EC
-DUSE_EAI -DDNSSEC_TEST -D_FFR_TLS_ALTNAMES -D_FFR_MTA_STS -DOPENSSL_NO_
ENGINE -DHAVE_ERR_get_error_all')dnl
cc -O2 -fPIC -fhardened -DDANE -I. -I../../include -DNEWDB -DNETINET6 -DIPV6_FULL -DNEWDB -DSTARTTLS -DDANE -DSASL=2 -DTCPWRAPPERS -DNIS
-DMAP_REGEX -DSOCKETMAP -DTLS_EC -DUSE_EAI -DDNSSEC_TEST
-D_FFR_TLS_ALTNAMES -D_FFR_MTA_STS -DOPENSSL_NO_ENGINE
-DHAVE_ERR_get_error_all -DMILTER -c -o main.o main.c
main.c: In function ‘stop_sendmail’:
main.c:3055:16: warning: ignoring return value of ‘setuid’ declared with attribute ‘warn_unused_result’ [-Wunused-result]
3055 | (void) setuid(RealUid);
| ^~~~~~~~~~~~~~~
main.c: In function ‘finis’:
main.c:3199:24: warning: ignoring return value of ‘setuid’ declared with attribute ‘warn_unused_result’ [-Wunused-result]
3199 | (void) setuid(RealUid);
| ^~~~~~~~~~~~~~~
cc -O2 -fPIC -fhardened -DDANE -I. -I../../include -DNEWDB -DNETINET6 -DIPV6_FULL -DNEWDB -DSTARTTLS -DDANE -DSASL=2 -DTCPWRAPPERS -DNIS
-DMAP_REGEX -DSOCKETMAP -DTLS_EC -DUSE_EAI -DDNSSEC_TEST
-D_FFR_TLS_ALTNAMES -D_FFR_MTA_STS -DOPENSSL_NO_ENGINE
-DHAVE_ERR_get_error_all -DMILTER -c -o deliver.o deliver.c
deliver.c: In function ‘deliver’:
deliver.c:3172:40: warning: ignoring return value of ‘nice’ declared
with attribute ‘warn_unused_result’ [-Wunused-result]
3172 | (void) nice(m->m_nice);
| ^~~~~~~~~~~~~~~
deliver.c: In function ‘mailfile’:
deliver.c:6884:32: warning: ignoring return value of ‘ftruncate’
declared with attribute ‘warn_unused_result’ [-Wunused-result]
6884 | (void) ftruncate(sm_io_getinfo(f, SM_IO_WHAT_FD, NULL),
|
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
6885 | curoff);
| ~~~~~~~
deliver.c:6899:24: warning: ignoring return value of ‘setuid’ declared
with attribute ‘warn_unused_result’ [-Wunused-result]
6899 | (void) setuid(RealUid);
| ^~~~~~~~~~~~~~~
cc -O2 -fPIC -fhardened -DDANE -I. -I../../include -DNEWDB -DNETINET6 -DIPV6_FULL -DNEWDB -DSTARTTLS -DDANE -DSASL=2 -DTCPWRAPPERS -DNIS
-DMAP_REGEX -DSOCKETMAP -DTLS_EC -DUSE_EAI -DDNSSEC_TEST
-D_FFR_TLS_ALTNAMES -D_FFR_MTA_STS -DOPENSSL_NO_ENGINE
-DHAVE_ERR_get_error_all -DMILTER -c -o mci.o mci.c
mci.c: In function ‘mci_store_persistent’:
mci.c:1130:16: warning: ignoring return value of ‘ftruncate’ declared
with attribute ‘warn_unused_result’ [-Wunused-result]
1130 | (void) ftruncate(sm_io_getinfo(mci->mci_statfile, SM_IO_WHAT_FD, NULL),
|
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1131 | (off_t) 0);
| ~~~~~~~~~~
cc -O2 -fPIC -fhardened -DDANE -I. -I../../include -DNEWDB -DNETINET6 -DIPV6_FULL -DNEWDB -DSTARTTLS -DDANE -DSASL=2 -DTCPWRAPPERS -DNIS
-DMAP_REGEX -DSOCKETMAP -DTLS_EC -DUSE_EAI -DDNSSEC_TEST
-D_FFR_TLS_ALTNAMES -D_FFR_MTA_STS -DOPENSSL_NO_ENGINE
-DHAVE_ERR_get_error_all -DMILTER -c -o queue.o queue.c
queue.c: In function ‘run_work_group’:
queue.c:2185:24: warning: ignoring return value of ‘nice’ declared with attribute ‘warn_unused_result’ [-Wunused-result]
2185 | (void) nice(Queue[qgrp]->qg_nice);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~
cc -O2 -fPIC -fhardened -DDANE -I. -I../../include -DNEWDB -DNETINET6 -DIPV6_FULL -DNEWDB -DSTARTTLS -DDANE -DSASL=2 -DTCPWRAPPERS -DNIS
-DMAP_REGEX -DSOCKETMAP -DTLS_EC -DUSE_EAI -DDNSSEC_TEST
-D_FFR_TLS_ALTNAMES -D_FFR_MTA_STS -DOPENSSL_NO_ENGINE
-DHAVE_ERR_get_error_all -DMILTER -c -o readcf.o readcf.c
readcf.c:2821:24: warning: RES_AAONLY is deprecated
2821 | { "aaonly", RES_AAONLY },
| ^~~~~~~~~~~~~~~~~~~~~~~
readcf.c:2823:20: warning: RES_PRIMARY is deprecated
2823 | { "primary", RES_PRIMARY },
| ^~~~~~~~~~~~~~~~~~~~~~~
cc -O2 -fPIC -fhardened -DDANE -I. -I../../include -DNEWDB -DNETINET6 -DIPV6_FULL -DNEWDB -DSTARTTLS -DDANE -DSASL=2 -DTCPWRAPPERS -DNIS
-DMAP_REGEX -DSOCKETMAP -DTLS_EC -DUSE_EAI -DDNSSEC_TEST
-D_FFR_TLS_ALTNAMES -D_FFR_MTA_STS -DOPENSSL_NO_ENGINE
-DHAVE_ERR_get_error_all -DMILTER -c -o stats.o stats.c
stats.c: In function ‘poststats’:
stats.c:192:16: warning: ignoring return value of ‘write’ declared with attribute ‘warn_unused_result’ [-Wunused-result]
192 | (void) write(fd, (char *) &stats, sizeof(stats));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc -O2 -fPIC -fhardened -DDANE -I. -I../../include -DNEWDB -DNETINET6 -DIPV6_FULL -DNEWDB -DSTARTTLS -DDANE -DSASL=2 -DTCPWRAPPERS -DNIS
-DMAP_REGEX -DSOCKETMAP -DTLS_EC -DUSE_EAI -DDNSSEC_TEST
-D_FFR_TLS_ALTNAMES -D_FFR_MTA_STS -DOPENSSL_NO_ENGINE
-DHAVE_ERR_get_error_all -DMILTER -c -o tls.o tls.c
tls.c: In function ‘get_dh512’:
tls.c:118:9: warning: ‘DH_new’ is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations]
118 | if ((dh = DH_new()) == NULL)
| ^~
In file included from /usr/include/openssl/dsa.h:31,
from /usr/include/openssl/x509.h:37,
from /usr/include/openssl/ssl.h:32,
from ./sendmail.h:43,
from tls.c:11:
/usr/include/openssl/dh.h:210:27: note: declared here
210 | OSSL_DEPRECATEDIN_3_0 DH *DH_new(void);
| ^~~~~~
tls.c:123:9: warning: ‘DH_set0_pqg’ is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations]
123 | if (dhp_bn == NULL || dhg_bn == NULL || !DH_set0_pqg(dh, dhp_bn, NULL, dhg_bn)) {
| ^~
/usr/include/openssl/dh.h:266:27: note: declared here
266 | OSSL_DEPRECATEDIN_3_0 int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM
*q, BIGNUM *g);
| ^~~~~~~~~~~
tls.c:124:17: warning: ‘DH_free’ is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations]
124 | DH_free(dh);
| ^~~~~~~
/usr/include/openssl/dh.h:211:28: note: declared here
211 | OSSL_DEPRECATEDIN_3_0 void DH_free(DH *dh);
| ^~~~~~~
tls.c: In function ‘get_dh2048’:
tls.c:188:9: warning: ‘DH_new’ is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations]
188 | if ((dh=DH_new()) == NULL)
| ^~
/usr/include/openssl/dh.h:210:27: note: declared here
210 | OSSL_DEPRECATEDIN_3_0 DH *DH_new(void);
| ^~~~~~
tls.c:193:9: warning: ‘DH_set0_pqg’ is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations]
193 | if (dhp_bn == NULL || dhg_bn == NULL || !DH_set0_pqg(dh, dhp_bn, NULL, dhg_bn)) {
| ^~
/usr/include/openssl/dh.h:266:27: note: declared here
266 | OSSL_DEPRECATEDIN_3_0 int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM
*q, BIGNUM *g);
| ^~~~~~~~~~~
tls.c:194:17: warning: ‘DH_free’ is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations]
194 | DH_free(dh);
| ^~~~~~~
/usr/include/openssl/dh.h:211:28: note: declared here
211 | OSSL_DEPRECATEDIN_3_0 void DH_free(DH *dh);
| ^~~~~~~
tls.c: In function ‘inittls’:
tls.c:1418:33: warning: ‘PEM_read_bio_DHparams’ is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations]
1418 | dh = PEM_read_bio_DHparams(bio,
NULL, NULL, NULL);
| ^~
In file included from /usr/include/openssl/ssl.h:37: /usr/include/openssl/pem.h:474:1: note: declared here
474 | DECLARE_PEM_rw_attr(OSSL_DEPRECATEDIN_3_0, DHparams, DH)
| ^~~~~~~~~~~~~~~~~~~
tls.c:1459:25: warning: ‘DSA_new’ is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations]
1459 | dsa = DSA_new();
| ^~~
/usr/include/openssl/dsa.h:130:28: note: declared here
130 | OSSL_DEPRECATEDIN_3_0 DSA *DSA_new(void);
| ^~~~~~~
tls.c:1462:33: warning: ‘DSA_generate_parameters_ex’ is deprecated:
Since OpenSSL 3.0 [-Wdeprecated-declarations]
1462 | r =
DSA_generate_parameters_ex(dsa, bits, NULL,
| ^
/usr/include/openssl/dsa.h:172:27: note: declared here
172 | OSSL_DEPRECATEDIN_3_0 int DSA_generate_parameters_ex(DSA *dsa,
int bits,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~
tls.c:1465:41: warning: ‘DSA_dup_DH’ is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations]
1465 | dh = DSA_dup_DH(dsa);
| ^~ /usr/include/openssl/dsa.h:203:27: note: declared here
203 | OSSL_DEPRECATEDIN_3_0 DH *DSA_dup_DH(const DSA *r);
| ^~~~~~~~~~
tls.c:1473:25: warning: ‘DSA_free’ is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations]
1473 | DSA_free(dsa);
| ^~~~~~~~
/usr/include/openssl/dsa.h:132:28: note: declared here
132 | OSSL_DEPRECATEDIN_3_0 void DSA_free(DSA *r);
| ^~~~~~~~
tls.c:1511:43: warning: ‘DH_size’ is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations]
1511 | who, 8 * DH_size(dh), *dhparam);
| ^~~ /usr/include/openssl/dh.h:214:27: note: declared here
214 | OSSL_DEPRECATEDIN_3_0 int DH_size(const DH *dh);
| ^~~~~~~
tls.c:1512:25: warning: ‘DH_free’ is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations]
1512 | DH_free(dh);
| ^~~~~~~
/usr/include/openssl/dh.h:211:28: note: declared here
211 | OSSL_DEPRECATEDIN_3_0 void DH_free(DH *dh);
| ^~~~~~~
tls.c:1519:17: warning: ‘EC_KEY_new_by_curve_name’ is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations]
1519 | ecdh =
EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
| ^~~~
In file included from /usr/include/openssl/x509.h:33: /usr/include/openssl/ec.h:1017:31: note: declared here
1017 | OSSL_DEPRECATEDIN_3_0 EC_KEY *EC_KEY_new_by_curve_name(int nid);
| ^~~~~~~~~~~~~~~~~~~~~~~~
tls.c:1524:25: warning: ‘EC_KEY_free’ is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations]
1524 | EC_KEY_free(ecdh);
| ^~~~~~~~~~~
/usr/include/openssl/ec.h:1022:28: note: declared here
1022 | OSSL_DEPRECATEDIN_3_0 void EC_KEY_free(EC_KEY *key);
| ^~~~~~~~~~~
cc -O2 -fPIC -fhardened -DDANE -I. -I../../include -DNEWDB -DNETINET6 -DIPV6_FULL -DNEWDB -DSTARTTLS -DDANE -DSASL=2 -DTCPWRAPPERS -DNIS
-DMAP_REGEX -DSOCKETMAP -DTLS_EC -DUSE_EAI -DDNSSEC_TEST
-D_FFR_TLS_ALTNAMES -D_FFR_MTA_STS -DOPENSSL_NO_ENGINE
-DHAVE_ERR_get_error_all -DMILTER -c -o util.o util.c
util.c: In function ‘prog_open’:
util.c:2305:32: warning: ignoring return value of ‘chdir’ declared with attribute ‘warn_unused_result’ [-Wunused-result]
2305 | (void) chdir("/");
| ^~~~~~~~~~
cc -O2 -fPIC -fhardened -DDANE -I. -I../../sendmail -I../../include
-DNEWDB -DNETINET6 -DIPV6_FULL -DNEWDB -DSTARTTLS -DDANE -DSASL=2
-DTCPWRAPPERS -DNIS -DMAP_REGEX -DSOCKETMAP -DTLS_EC -DUSE_EAI
-DDNSSEC_TEST -D_FFR_TLS_ALTNAMES -D_FFR_MTA_STS -DOPENSSL_NO_ENGINE -DHAVE_ERR_get_error_all -DNOT_SENDMAIL -c -o mail.local.o
mail.local.c
mail.local.c: In function ‘deliver’:
mail.local.c:1373:32: warning: ignoring return value of ‘ftruncate’ declared with attribute ‘warn_unused_result’ [-Wunused-result]
1373 | (void) ftruncate(mbfd, curoff);
| ^~~~~~~~~~~~~~~~~~~~~~~ mail.local.c:1380:24: warning: ignoring return value of ‘setreuid’
declared with attribute ‘warn_unused_result’ [-Wunused-result]
1380 | (void) setreuid(0, 0);
| ^~~~~~~~~~~~~~
mail.local.c: In function ‘lockmbox’:
mail.local.c:1540:32: warning: ignoring return value of ‘write’ declared with attribute ‘warn_unused_result’ [-Wunused-result]
1540 | (void) write(fd, "0", 2);
| ^~~~~~~~~~~~~~~~~
cc -O2 -I. -I../../sendmail -I../../include -DNETINET6 -DIPV6_FULL
-DNEWDB -DSTARTTLS -DDANE -DSASL=2 -DTCPWRAPPERS -DNIS -DMAP_REGEX
-DSOCKETMAP -DTLS_EC -DUSE_EAI -DDNSSEC_TEST -D_FFR_TLS_ALTNAMES
-D_FFR_MTA_STS -DOPENSSL_NO_ENGINE -DHAVE_ERR_get_error_all
-DNOT_SENDMAIL -Dsm_snprintf=snprintf -DMILTER -D_REENTRANT -DXP_MT -c
-o listener.o listener.c
listener.c: In function ‘mi_thread_handle_wrapper’:
listener.c:579:16: warning: cast to pointer from integer of different
size [-Wint-to-pointer-cast]
579 | return (void *) mi_handle_session(arg);
| ^
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)