git: 99c5dc1049a2 - main - mail/exim: update to 4.95 release (+)

From: Dima Panov <fluffy_at_FreeBSD.org>
Date: Tue, 28 Dec 2021 19:32:55 UTC
The branch main has been updated by fluffy:

URL: https://cgit.FreeBSD.org/ports/commit/?id=99c5dc1049a23570016dcb5ac44882e408800622

commit 99c5dc1049a23570016dcb5ac44882e408800622
Author:     Dima Panov <fluffy@FreeBSD.org>
AuthorDate: 2021-12-28 19:23:16 +0000
Commit:     Dima Panov <fluffy@FreeBSD.org>
CommitDate: 2021-12-28 19:23:16 +0000

    mail/exim: update to 4.95 release (+)
    
    Finally, Exim will be pushed to 4.95 release.
    Long wait was caused by some criticals errors in vanilla release,
    upstream fixes got a some time to come.
    
    * Apply sendfile patch, fixes SIGSEGV using clamd via TCP [1]
    * Convert select() to poll(), fixes crashes (SIGSEV) on FreeBSD 12.2 [2]
    
    PR:     258848 [1], 259822 [2]
    Sponsored by:   Netzkommune GmbH
---
 mail/exim/Makefile                                 |  35 +-
 mail/exim/distinfo                                 |   6 +-
 ...ain-config-option-allow_insecure_tainted_.patch | 230 -----
 mail/exim/files/debian/75_02-search.patch          |  39 -
 mail/exim/files/debian/75_03-dbstuff.patch         |  30 -
 mail/exim/files/debian/75_04-acl.patch             |  67 --
 mail/exim/files/debian/75_05-parse.patch           |  30 -
 mail/exim/files/debian/75_06-rda.patch             |  28 -
 mail/exim/files/debian/75_07-appendfile.patch      |  34 -
 mail/exim/files/debian/75_08-autoreply.patch       |  70 --
 mail/exim/files/debian/75_09-pipe.patch            |  36 -
 mail/exim/files/debian/75_10-deliver.patch         |  49 --
 mail/exim/files/debian/75_11-directory.patch       |  26 -
 mail/exim/files/debian/75_12-expand.patch          |  34 -
 mail/exim/files/debian/75_13-lf_sqlperform.patch   |  49 --
 .../exim/files/debian/75_14-rf_get_transport.patch |  28 -
 mail/exim/files/debian/75_15-deliver.patch         |  31 -
 mail/exim/files/debian/75_16-smtp_out.patch        |  38 -
 mail/exim/files/debian/75_17-smtp.patch            |  29 -
 mail/exim/files/debian/75_18-update-doc.patch      | 154 ----
 ...g_name-and-rejectlog_name-unconditionally.patch |  42 -
 mail/exim/files/debian/75_21-tidy-log.c.patch      | 124 ---
 .../exim/files/debian/75_22-Silence-compiler.patch | 222 -----
 ...e-the-main-_log-if-we-do-not-see-a-chance.patch | 166 ----
 .../files/debian/75_24-Silence-the-compiler.patch  |  57 --
 ...ntchecks-for-mkdir-this-isn-t-part-of-4.9.patch |  27 -
 ...ng-gettimeofday-select-per-char-for-cmdli.patch | 616 ++++++++++++++
 ...vert-all-uses-of-select-to-poll.-Bug-2831.patch | 931 +++++++++++++++++++++
 ...-Fix-basic-memory-use-for-SPARC.-Bug-2838.patch | 140 ++++
 mail/exim/files/patch-OS_os.c-FreeBSD              |  15 +
 mail/exim/files/patch-OS_os.h-FreeBSD              |  17 -
 mail/exim/files/patch-src__EDITME                  |  46 +-
 mail/exim/options                                  |   1 -
 33 files changed, 1736 insertions(+), 1711 deletions(-)

diff --git a/mail/exim/Makefile b/mail/exim/Makefile
index 874f352e5ae3..efb374f816e3 100644
--- a/mail/exim/Makefile
+++ b/mail/exim/Makefile
@@ -2,7 +2,7 @@
 
 PORTNAME=	exim
 PORTVERSION?=	${EXIM_VERSION}
-PORTREVISION?=	2
+PORTREVISION?=	0
 CATEGORIES=	mail
 MASTER_SITES=	EXIM:exim
 MASTER_SITE_SUBDIR=	/exim4/:exim \
@@ -65,32 +65,11 @@ SPF_LIB_DEPENDS=	libspf2.so:mail/libspf2
 SQLITE_LIB_DEPENDS=	libicudata.so:devel/icu
 SQLITE_USES=	pkgconfig sqlite
 
-TAINTWARN_PATCHES_PREFIX=	${FILESDIR}/debian/75
-TAINTWARN_EXTRA_PATCHES= \
-		${TAINTWARN_PATCHES_PREFIX}_01-Introduce-main-config-option-allow_insecure_tainted_.patch:-p1 \
-		${TAINTWARN_PATCHES_PREFIX}_02-search.patch:-p1 \
-		${TAINTWARN_PATCHES_PREFIX}_03-dbstuff.patch:-p1 \
-		${TAINTWARN_PATCHES_PREFIX}_04-acl.patch:-p1 \
-		${TAINTWARN_PATCHES_PREFIX}_05-parse.patch:-p1 \
-		${TAINTWARN_PATCHES_PREFIX}_06-rda.patch:-p1 \
-		${TAINTWARN_PATCHES_PREFIX}_07-appendfile.patch:-p1 \
-		${TAINTWARN_PATCHES_PREFIX}_08-autoreply.patch:-p1 \
-		${TAINTWARN_PATCHES_PREFIX}_09-pipe.patch:-p1 \
-		${TAINTWARN_PATCHES_PREFIX}_10-deliver.patch:-p1 \
-		${TAINTWARN_PATCHES_PREFIX}_11-directory.patch:-p1 \
-		${TAINTWARN_PATCHES_PREFIX}_12-expand.patch:-p1 \
-		${TAINTWARN_PATCHES_PREFIX}_13-lf_sqlperform.patch:-p1 \
-		${TAINTWARN_PATCHES_PREFIX}_14-rf_get_transport.patch:-p1 \
-		${TAINTWARN_PATCHES_PREFIX}_15-deliver.patch:-p1 \
-		${TAINTWARN_PATCHES_PREFIX}_16-smtp_out.patch:-p1 \
-		${TAINTWARN_PATCHES_PREFIX}_17-smtp.patch:-p1 \
-		${TAINTWARN_PATCHES_PREFIX}_18-update-doc.patch:-p1 \
-		${TAINTWARN_PATCHES_PREFIX}_20-Set-mainlog_name-and-rejectlog_name-unconditionally.patch:-p1 \
-		${TAINTWARN_PATCHES_PREFIX}_21-tidy-log.c.patch:-p1 \
-		${TAINTWARN_PATCHES_PREFIX}_22-Silence-compiler.patch:-p1 \
-		${TAINTWARN_PATCHES_PREFIX}_23-Do-not-close-the-main-_log-if-we-do-not-see-a-chance.patch:-p1 \
-		${TAINTWARN_PATCHES_PREFIX}_24-Silence-the-compiler.patch:-p1 \
-		${TAINTWARN_PATCHES_PREFIX}_26-Disable-taintchecks-for-mkdir-this-isn-t-part-of-4.9.patch:-p1
+DEBIAN_PATCHES_PREFIX=	${FILESDIR}/debian/75
+EXTRA_PATCHES= \
+		${DEBIAN_PATCHES_PREFIX}_30-Avoid-calling-gettimeofday-select-per-char-for-cmdli.patch:-p1 \
+		${DEBIAN_PATCHES_PREFIX}_38-Convert-all-uses-of-select-to-poll.-Bug-2831.patch:-p1 \
+		${DEBIAN_PATCHES_PREFIX}_40-Fix-basic-memory-use-for-SPARC.-Bug-2838.patch:-p1
 
 .include <bsd.port.options.mk>
 
@@ -131,7 +110,7 @@ EXTRA_PATCHES+=	${FILESDIR}/extra-patch-Local-sa-exim.c
 EXTRA_PATCHES+=	${FILESDIR}/extra-patch-Local-sa-exim.conf
 .endif
 
-EXIM_VERSION=	4.94.2
+EXIM_VERSION=	4.95
 SA_EXIM_VERSION=4.2.1
 EXIM_INSTALL_ARG+=	"-no_chown" "-no_symlink"
 EXTRA_PATCHES+=	`${FIND} ${PATCHDIR} -name '74_*.patch'|${SORT} -h`
diff --git a/mail/exim/distinfo b/mail/exim/distinfo
index cf1ae320eaa8..c007834ea4bb 100644
--- a/mail/exim/distinfo
+++ b/mail/exim/distinfo
@@ -1,5 +1,5 @@
-TIMESTAMP = 1620141511
-SHA256 (exim/exim-4.94.2.tar.bz2) = 902e611486400608691dff31e1d8725eb9e23602399ad75670ec18878643bc4f
-SIZE (exim/exim-4.94.2.tar.bz2) = 2007178
+TIMESTAMP = 1632918983
+SHA256 (exim/exim-4.95.tar.bz2) = 7f4716cc1b3fee66930d83b249f1c7b119fa1957f6f46e3f4372805cbc97ea63
+SIZE (exim/exim-4.95.tar.bz2) = 2035738
 SHA256 (exim/sa-exim-4.2.1.tar.gz) = 24d4bf7b0fdddaea11f132981cebb6a86a4ab20ef54111a8ebd481b421c6e2c1
 SIZE (exim/sa-exim-4.2.1.tar.gz) = 68933
diff --git a/mail/exim/files/debian/75_01-Introduce-main-config-option-allow_insecure_tainted_.patch b/mail/exim/files/debian/75_01-Introduce-main-config-option-allow_insecure_tainted_.patch
deleted file mode 100644
index 0295ec18fa6e..000000000000
--- a/mail/exim/files/debian/75_01-Introduce-main-config-option-allow_insecure_tainted_.patch
+++ /dev/null
@@ -1,230 +0,0 @@
-From ec06d64532e4952fc36429f73e0222d26997ef7c Mon Sep 17 00:00:00 2001
-From: "Heiko Schlittermann (HS12-RIPE)" <hs@schlittermann.de>
-Date: Thu, 1 Apr 2021 22:44:31 +0200
-Subject: [PATCH 01/23] Introduce main config option
- allow_insecure_tainted_data
-
-This option is deprecated already now.
----
- src/EDITME            |  7 +++++
- src/config.h.defaults |  2 ++
- src/functions.h       | 54 ++++++++++++++++++++++++++++++---------
- src/globals.c         | 10 ++++++++
- src/globals.h         |  4 +++
- src/macros.h          |  3 +++
- src/readconf.c        |  3 +++
- 7 files changed, 71 insertions(+), 12 deletions(-)
-
-diff --git a/src/EDITME b/src/EDITME
-index 8da36a353..cebb8e2ec 100644
---- a/src/EDITME
-+++ b/src/EDITME
-@@ -749,6 +749,13 @@ FIXED_NEVER_USERS=root
- 
- # WHITELIST_D_MACROS=TLS:SPOOL
- 
-+# The next setting enables a main config option
-+# "allow_insecure_tainted_data" to turn taint failures into warnings.
-+# Though this option is new, it is deprecated already now, and will be
-+# ignored in future releases of Exim. It is meant as mitigation for
-+# upgrading old (possibly insecure) configurations to more secure ones.
-+ALLOW_INSECURE_TAINTED_DATA=yes
-+
- #------------------------------------------------------------------------------
- # Exim has support for the AUTH (authentication) extension of the SMTP
- # protocol, as defined by RFC 2554. If you don't know what SMTP authentication
-diff --git a/src/config.h.defaults b/src/config.h.defaults
-index e17f015f9..4e8b18904 100644
---- a/src/config.h.defaults
-+++ b/src/config.h.defaults
-@@ -17,6 +17,8 @@ Do not put spaces between # and the 'define'.
- #define ALT_CONFIG_PREFIX
- #define TRUSTED_CONFIG_LIST
- 
-+#define ALLOW_INSECURE_TAINTED_DATA
-+
- #define APPENDFILE_MODE            0600
- #define APPENDFILE_DIRECTORY_MODE  0700
- #define APPENDFILE_LOCKFILE_MODE   0600
-diff --git a/src/functions.h b/src/functions.h
-index 51bb17a09..1e8083673 100644
---- a/src/functions.h
-+++ b/src/functions.h
-@@ -1083,36 +1083,66 @@ if (f.running_in_test_harness && f.testsuite_delays) millisleep(millisec);
- 
- /******************************************************************************/
- /* Taint-checked file opens */
-+static inline uschar *
-+is_tainted2(const void *p, int lflags, const uschar* fmt, ...)
-+{
-+va_list ap;
-+uschar *msg;
-+rmark mark;
-+
-+if (!is_tainted(p))
-+  return NULL;
-+
-+mark = store_mark();
-+va_start(ap, fmt);
-+msg = string_from_gstring(string_vformat(NULL, SVFMT_TAINT_NOCHK|SVFMT_EXTEND, fmt, ap));
-+va_end(ap);
-+
-+#ifdef ALLOW_INSECURE_TAINTED_DATA
-+if (allow_insecure_tainted_data)
-+  {
-+  if LOGGING(tainted) log_write(0, LOG_MAIN, "Warning: %s", msg);
-+  store_reset(mark);
-+  return NULL;
-+  }
-+#endif
-+
-+if (lflags) log_write(0, lflags, "%s", msg);
-+return msg; /* no store_reset(), as the message might be used afterwards and Exim
-+            is expected to exit anyway, so we do not care about the leaked
-+            storage */
-+}
- 
- static inline int
- exim_open2(const char *pathname, int flags)
- {
--if (!is_tainted(pathname)) return open(pathname, flags);
--log_write(0, LOG_MAIN|LOG_PANIC, "Tainted filename '%s'", pathname);
-+if (!is_tainted2(pathname, LOG_MAIN|LOG_PANIC, "Tainted filename '%s'", pathname))
-+  return open(pathname, flags);
- errno = EACCES;
- return -1;
- }
-+
- static inline int
- exim_open(const char *pathname, int flags, mode_t mode)
- {
--if (!is_tainted(pathname)) return open(pathname, flags, mode);
--log_write(0, LOG_MAIN|LOG_PANIC, "Tainted filename '%s'", pathname);
-+if (!is_tainted2(pathname, LOG_MAIN|LOG_PANIC, "Tainted filename '%s'", pathname))
-+  return open(pathname, flags, mode);
- errno = EACCES;
- return -1;
- }
- static inline int
- exim_openat(int dirfd, const char *pathname, int flags)
- {
--if (!is_tainted(pathname)) return openat(dirfd, pathname, flags);
--log_write(0, LOG_MAIN|LOG_PANIC, "Tainted filename '%s'", pathname);
-+if (!is_tainted2(pathname, LOG_MAIN|LOG_PANIC, "Tainted filename '%s'", pathname))
-+  return openat(dirfd, pathname, flags);
- errno = EACCES;
- return -1;
- }
- static inline int
- exim_openat4(int dirfd, const char *pathname, int flags, mode_t mode)
- {
--if (!is_tainted(pathname)) return openat(dirfd, pathname, flags, mode);
--log_write(0, LOG_MAIN|LOG_PANIC, "Tainted filename '%s'", pathname);
-+if (!is_tainted2(pathname, LOG_MAIN|LOG_PANIC, "Tainted filename '%s'", pathname))
-+  return openat(dirfd, pathname, flags, mode);
- errno = EACCES;
- return -1;
- }
-@@ -1120,8 +1150,8 @@ return -1;
- static inline FILE *
- exim_fopen(const char *pathname, const char *mode)
- {
--if (!is_tainted(pathname)) return fopen(pathname, mode);
--log_write(0, LOG_MAIN|LOG_PANIC, "Tainted filename '%s'", pathname);
-+if (!is_tainted2(pathname, LOG_MAIN|LOG_PANIC, "Tainted filename '%s'", pathname))
-+  return fopen(pathname, mode);
- errno = EACCES;
- return NULL;
- }
-@@ -1129,8 +1159,8 @@ return NULL;
- static inline DIR *
- exim_opendir(const uschar * name)
- {
--if (!is_tainted(name)) return opendir(CCS name);
--log_write(0, LOG_MAIN|LOG_PANIC, "Tainted dirname '%s'", name);
-+if (!is_tainted2(name, LOG_MAIN|LOG_PANIC, "Tainted dirname '%s'", name))
-+  return opendir(CCS name);
- errno = EACCES;
- return NULL;
- }
-diff --git a/src/globals.c b/src/globals.c
-index c34ac9ddd..ff660c352 100644
---- a/src/globals.c
-+++ b/src/globals.c
-@@ -98,6 +98,10 @@ int     sqlite_lock_timeout    = 5;
- BOOL    move_frozen_messages   = FALSE;
- #endif
- 
-+#ifdef ALLOW_INSECURE_TAINTED_DATA
-+BOOL    allow_insecure_tainted_data = FALSE;
-+#endif
-+
- /* These variables are outside the #ifdef because it keeps the code less
- cluttered in several places (e.g. during logging) if we can always refer to
- them. Also, the tls_ variables are now always visible.  Note that these are
-@@ -1033,6 +1037,9 @@ int     log_default[]          = { /* for initializing log_selector */
-   Li_size_reject,
-   Li_skip_delivery,
-   Li_smtp_confirmation,
-+#ifdef ALLOW_INSECURE_TAINTED_DATA
-+  Li_tainted,
-+#endif
-   Li_tls_certificate_verified,
-   Li_tls_cipher,
-   -1
-@@ -1100,6 +1107,9 @@ bit_table log_options[]        = { /* must be in alphabetical order,
-   BIT_TABLE(L, smtp_protocol_error),
-   BIT_TABLE(L, smtp_syntax_error),
-   BIT_TABLE(L, subject),
-+#ifdef ALLOW_INSECURE_TAINTED_DATA
-+  BIT_TABLE(L, tainted),
-+#endif
-   BIT_TABLE(L, tls_certificate_verified),
-   BIT_TABLE(L, tls_cipher),
-   BIT_TABLE(L, tls_peerdn),
-diff --git a/src/globals.h b/src/globals.h
-index a4c1143b7..8d72577e0 100644
---- a/src/globals.h
-+++ b/src/globals.h
-@@ -77,6 +77,10 @@ extern int     sqlite_lock_timeout;    /* Internal lock waiting timeout */
- extern BOOL    move_frozen_messages;   /* Get them out of the normal directory */
- #endif
- 
-+#ifdef ALLOW_INSECURE_TAINTED_DATA
-+extern BOOL    allow_insecure_tainted_data;
-+#endif
-+
- /* These variables are outside the #ifdef because it keeps the code less
- cluttered in several places (e.g. during logging) if we can always refer to
- them. Also, the tls_ variables are now always visible. */
-diff --git a/src/macros.h b/src/macros.h
-index f78ae2e3d..322ddbf56 100644
---- a/src/macros.h
-+++ b/src/macros.h
-@@ -498,6 +498,9 @@ enum logbit {
-   Li_smtp_mailauth,
-   Li_smtp_no_mail,
-   Li_subject,
-+#ifdef ALLOW_INSECURE_TAINTED_DATA
-+  Li_tainted,
-+#endif
-   Li_tls_certificate_verified,
-   Li_tls_cipher,
-   Li_tls_peerdn,
-diff --git a/src/readconf.c b/src/readconf.c
-index 948fa2403..133135f8f 100644
---- a/src/readconf.c
-+++ b/src/readconf.c
-@@ -68,6 +68,9 @@ static optionlist optionlist_config[] = {
-   { "add_environment",          opt_stringptr,   {&add_environment} },
-   { "admin_groups",             opt_gidlist,     {&admin_groups} },
-   { "allow_domain_literals",    opt_bool,        {&allow_domain_literals} },
-+#ifdef ALLOW_INSECURE_TAINTED_DATA
-+  { "allow_insecure_tainted_data", opt_bool,     {&allow_insecure_tainted_data} },
-+#endif
-   { "allow_mx_to_ip",           opt_bool,        {&allow_mx_to_ip} },
-   { "allow_utf8_domains",       opt_bool,        {&allow_utf8_domains} },
-   { "auth_advertise_hosts",     opt_stringptr,   {&auth_advertise_hosts} },
--- 
-2.30.2
-
diff --git a/mail/exim/files/debian/75_02-search.patch b/mail/exim/files/debian/75_02-search.patch
deleted file mode 100644
index 226a350af10d..000000000000
--- a/mail/exim/files/debian/75_02-search.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-From b71d675f695c2cf17357b190476129535d5f446c Mon Sep 17 00:00:00 2001
-From: "Heiko Schlittermann (HS12-RIPE)" <hs@schlittermann.de>
-Date: Thu, 1 Apr 2021 22:45:03 +0200
-Subject: [PATCH 02/23] search
-
----
- src/search.c | 8 ++------
- 1 file changed, 2 insertions(+), 6 deletions(-)
-
-diff --git a/src/search.c b/src/search.c
-index f8aaacb04..f6e4d1f5b 100644
---- a/src/search.c
-+++ b/src/search.c
-@@ -343,12 +343,8 @@ lookup_info *lk = lookup_list[search_type];
- uschar keybuffer[256];
- int old_pool = store_pool;
- 
--if (filename && is_tainted(filename))
--  {
--  log_write(0, LOG_MAIN|LOG_PANIC,
--    "Tainted filename for search: '%s'", filename);
-+if (filename && is_tainted2(filename, LOG_MAIN|LOG_PANIC, "Tainted filename for search '%s'", filename))
-   return NULL;
--  }
- 
- /* Change to the search store pool and remember our reset point */
- 
-@@ -639,7 +635,7 @@ DEBUG(D_lookup)
- /* Arrange to put this database at the top of the LRU chain if it is a type
- that opens real files. */
- 
--if (  open_top != (tree_node *)handle 
-+if (  open_top != (tree_node *)handle
-    && lookup_list[t->name[0]-'0']->type == lookup_absfile)
-   {
-   search_cache *c = (search_cache *)(t->data.ptr);
--- 
-2.30.2
-
diff --git a/mail/exim/files/debian/75_03-dbstuff.patch b/mail/exim/files/debian/75_03-dbstuff.patch
deleted file mode 100644
index dc9da8e44c54..000000000000
--- a/mail/exim/files/debian/75_03-dbstuff.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-From 35b11dd0e52b5ac176849f807cca8898bcaf0c3d Mon Sep 17 00:00:00 2001
-From: "Heiko Schlittermann (HS12-RIPE)" <hs@schlittermann.de>
-Date: Sun, 28 Mar 2021 10:49:49 +0200
-Subject: [PATCH 03/23] dbstuff
-
----
- src/dbstuff.h | 6 ++----
- 1 file changed, 2 insertions(+), 4 deletions(-)
-
-diff --git a/src/dbstuff.h b/src/dbstuff.h
-index c1fb54346..dcee78696 100644
---- a/src/dbstuff.h
-+++ b/src/dbstuff.h
-@@ -643,11 +643,9 @@ after reading data. */
-       : (flags) == O_RDWR ? "O_RDWR"	\
-       : (flags) == (O_RDWR|O_CREAT) ? "O_RDWR|O_CREAT"	\
-       : "??");	\
--  if (is_tainted(name) || is_tainted(dirname)) \
--    { \
--    log_write(0, LOG_MAIN|LOG_PANIC, "Tainted name for DB file not permitted"); \
-+  if (is_tainted2(name, LOG_MAIN|LOG_PANIC, "Tainted name '%s' for DB file not permitted", name) \
-+      || is_tainted2(dirname, LOG_MAIN|LOG_PANIC, "Tainted name '%s' for DB directory not permitted", dirname)) \
-     *dbpp = NULL; \
--    } \
-   else \
-     { EXIM_DBOPEN__(name, dirname, flags, mode, dbpp); } \
-   DEBUG(D_hints_lookup) debug_printf_indent("returned from EXIM_DBOPEN: %p\n", *dbpp); \
--- 
-2.30.2
-
diff --git a/mail/exim/files/debian/75_04-acl.patch b/mail/exim/files/debian/75_04-acl.patch
deleted file mode 100644
index 810b2e591675..000000000000
--- a/mail/exim/files/debian/75_04-acl.patch
+++ /dev/null
@@ -1,67 +0,0 @@
-From 44fd80ad8abcd885fc1c8dbb294fc2140e4ef481 Mon Sep 17 00:00:00 2001
-From: "Heiko Schlittermann (HS12-RIPE)" <hs@schlittermann.de>
-Date: Sun, 28 Mar 2021 10:50:14 +0200
-Subject: [PATCH 04/23] acl
-Last-Update: 2021-05-01
-
----
- src/acl.c | 32 ++++++++++++++++----------------
- 1 file changed, 16 insertions(+), 16 deletions(-)
-
---- a/src/acl.c
-+++ b/src/acl.c
-@@ -3596,24 +3596,26 @@
-     rc = mime_regex(&arg);
-     break;
-     #endif
- 
-     case ACLC_QUEUE:
--    if (is_tainted(arg))
-       {
--      *log_msgptr = string_sprintf("Tainted name '%s' for queue not permitted",
--				    arg);
--      return ERROR;
-+      uschar *m;
-+      if (m = is_tainted2(arg, 0, "Tainted name '%s' for queue not permitted", arg))
-+        {
-+        *log_msgptr = m;
-+        return ERROR;
-+        }
-+      if (Ustrchr(arg, '/'))
-+        {
-+        *log_msgptr = string_sprintf(
-+                "Directory separator not permitted in queue name: '%s'", arg);
-+        return ERROR;
-+        }
-+      queue_name = string_copy_perm(arg, FALSE);
-+      break;
-       }
--    if (Ustrchr(arg, '/'))
--      {
--      *log_msgptr = string_sprintf(
--	      "Directory separator not permitted in queue name: '%s'", arg);
--      return ERROR;
--      }
--    queue_name = string_copy_perm(arg, FALSE);
--    break;
- 
-     case ACLC_RATELIMIT:
-     rc = acl_ratelimit(arg, where, log_msgptr);
-     break;
- 
-@@ -4005,14 +4007,12 @@
-     }
- 
-   else if (*ss == '/')
-     {
-     struct stat statbuf;
--    if (is_tainted(ss))
-+    if (is_tainted2(ss, LOG_MAIN|LOG_PANIC, "Tainted ACL file name '%s'", ss))
-       {
--      log_write(0, LOG_MAIN|LOG_PANIC,
--	"attempt to open tainted ACL file name \"%s\"", ss);
-       /* Avoid leaking info to an attacker */
-       *log_msgptr = US"internal configuration error";
-       return ERROR;
-       }
-     if ((fd = Uopen(ss, O_RDONLY, 0)) < 0)
diff --git a/mail/exim/files/debian/75_05-parse.patch b/mail/exim/files/debian/75_05-parse.patch
deleted file mode 100644
index f9dab900f88e..000000000000
--- a/mail/exim/files/debian/75_05-parse.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-From 7eeeb6f26af05322814ecc77c87f09c72ab2216a Mon Sep 17 00:00:00 2001
-From: "Heiko Schlittermann (HS12-RIPE)" <hs@schlittermann.de>
-Date: Sun, 28 Mar 2021 10:58:46 +0200
-Subject: [PATCH 05/23] parse
-
----
- src/parse.c | 6 +-----
- 1 file changed, 1 insertion(+), 5 deletions(-)
-
-diff --git a/src/parse.c b/src/parse.c
-index 3ea758ac9..d1bc79039 100644
---- a/src/parse.c
-+++ b/src/parse.c
-@@ -1402,12 +1402,8 @@ for (;;)
-       return FF_ERROR;
-       }
- 
--    if (is_tainted(filename))
--      {
--      *error = string_sprintf("Tainted name '%s' for included file  not permitted\n",
--       filename);
-+    if (*error = is_tainted2(filename, 0, "Tainted name '%s' for included file not permitted\n", filename))
-       return FF_ERROR;
--      }
- 
-     /* Check file name if required */
- 
--- 
-2.30.2
-
diff --git a/mail/exim/files/debian/75_06-rda.patch b/mail/exim/files/debian/75_06-rda.patch
deleted file mode 100644
index f4ca2afc13f1..000000000000
--- a/mail/exim/files/debian/75_06-rda.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-From a6da9c67acaee699616516be141d600cc178a633 Mon Sep 17 00:00:00 2001
-From: "Heiko Schlittermann (HS12-RIPE)" <hs@schlittermann.de>
-Date: Sun, 28 Mar 2021 10:59:46 +0200
-Subject: [PATCH 06/23] rda
-
----
- src/rda.c | 4 +---
- 1 file changed, 1 insertion(+), 3 deletions(-)
-
-diff --git a/src/rda.c b/src/rda.c
-index aed8abc24..6ad7dd8bd 100644
---- a/src/rda.c
-+++ b/src/rda.c
-@@ -179,10 +179,8 @@ struct stat statbuf;
- /* Reading a file is a form of expansion; we wish to deny attackers the
- capability to specify the file name. */
- 
--if (is_tainted(filename))
-+if (*error = is_tainted2(filename, 0, "Tainted name '%s' for file read not permitted\n", filename))
-   {
--  *error = string_sprintf("Tainted name '%s' for file read not permitted\n",
--			filename);
-   *yield = FF_ERROR;
-   return NULL;
-   }
--- 
-2.30.2
-
diff --git a/mail/exim/files/debian/75_07-appendfile.patch b/mail/exim/files/debian/75_07-appendfile.patch
deleted file mode 100644
index 5a9e37861d7f..000000000000
--- a/mail/exim/files/debian/75_07-appendfile.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-From c29b50d2fe17cc108d751175ed4f4113c25c1768 Mon Sep 17 00:00:00 2001
-From: "Heiko Schlittermann (HS12-RIPE)" <hs@schlittermann.de>
-Date: Sun, 28 Mar 2021 11:00:06 +0200
-Subject: [PATCH 07/23] appendfile
-
----
- src/transports/appendfile.c | 8 +++++---
- 1 file changed, 5 insertions(+), 3 deletions(-)
-
-diff --git a/src/transports/appendfile.c b/src/transports/appendfile.c
-index 8ab8b6016..7dbbaa2f9 100644
---- a/src/transports/appendfile.c
-+++ b/src/transports/appendfile.c
-@@ -1286,12 +1286,14 @@ if (!(path = expand_string(fdname)))
-     expand_string_message);
-   goto ret_panic;
-   }
--if (is_tainted(path))
-+{ uschar *m;
-+if (m = is_tainted2(path, 0, "Tainted '%s' (file or directory "
-+          "name for %s transport) not permitted", path, tblock->name))
-   {
--  addr->message = string_sprintf("Tainted '%s' (file or directory "
--    "name for %s transport) not permitted", path, tblock->name);
-+  addr->message = m;
-   goto ret_panic;
-   }
-+}
- 
- if (path[0] != '/')
-   {
--- 
-2.30.2
-
diff --git a/mail/exim/files/debian/75_08-autoreply.patch b/mail/exim/files/debian/75_08-autoreply.patch
deleted file mode 100644
index de5eb1dd3c20..000000000000
--- a/mail/exim/files/debian/75_08-autoreply.patch
+++ /dev/null
@@ -1,70 +0,0 @@
-From 26de37d8960da80473866fb59b9dfd10a5761538 Mon Sep 17 00:00:00 2001
-From: "Heiko Schlittermann (HS12-RIPE)" <hs@schlittermann.de>
-Date: Sun, 28 Mar 2021 11:06:27 +0200
-Subject: [PATCH 08/23] autoreply
-
----
- src/transports/autoreply.c | 21 ++++++++++++---------
- 1 file changed, 12 insertions(+), 9 deletions(-)
-
-diff --git a/src/transports/autoreply.c b/src/transports/autoreply.c
-index 865abbf4f..ed99de4c6 100644
---- a/src/transports/autoreply.c
-+++ b/src/transports/autoreply.c
-@@ -404,14 +404,15 @@ recipient cache. */
- 
- if (oncelog && *oncelog && to)
-   {
-+  uschar *m;
-   time_t then = 0;
- 
--  if (is_tainted(oncelog))
-+  if (m = is_tainted2(oncelog, 0, "Tainted '%s' (once file for %s transport)"
-+      " not permitted", oncelog, tblock->name))
-     {
-     addr->transport_return = DEFER;
-     addr->basic_errno = EACCES;
--    addr->message = string_sprintf("Tainted '%s' (once file for %s transport)"
--      " not permitted", oncelog, tblock->name);
-+    addr->message = m;
-     goto END_OFF;
-     }
- 
-@@ -515,13 +516,14 @@ if (oncelog && *oncelog && to)
- 
-   if (then != 0 && (once_repeat_sec <= 0 || now - then < once_repeat_sec))
-     {
-+    uschar *m;
-     int log_fd;
--    if (is_tainted(logfile))
-+    if (m = is_tainted2(logfile, 0, "Tainted '%s' (logfile for %s transport)"
-+	" not permitted", logfile, tblock->name))
-       {
-       addr->transport_return = DEFER;
-       addr->basic_errno = EACCES;
--      addr->message = string_sprintf("Tainted '%s' (logfile for %s transport)"
--	" not permitted", logfile, tblock->name);
-+      addr->message = m;
-       goto END_OFF;
-       }
- 
-@@ -548,12 +550,13 @@ if (oncelog && *oncelog && to)
- /* We are going to send a message. Ensure any requested file is available. */
- if (file)
-   {
--  if (is_tainted(file))
-+  uschar *m;
-+  if (m = is_tainted2(file, 0, "Tainted '%s' (file for %s transport)"
-+      " not permitted", file, tblock->name))
-     {
-     addr->transport_return = DEFER;
-     addr->basic_errno = EACCES;
--    addr->message = string_sprintf("Tainted '%s' (file for %s transport)"
--      " not permitted", file, tblock->name);
-+    addr->message = m;
-     return FALSE;
-     }
-   if (!(ff = Ufopen(file, "rb")) && !ob->file_optional)
--- 
-2.30.2
-
diff --git a/mail/exim/files/debian/75_09-pipe.patch b/mail/exim/files/debian/75_09-pipe.patch
deleted file mode 100644
index 0ec9bcfaed19..000000000000
--- a/mail/exim/files/debian/75_09-pipe.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-From f9628406706112be459adb3f121db8e6cf282c2d Mon Sep 17 00:00:00 2001
-From: "Heiko Schlittermann (HS12-RIPE)" <hs@schlittermann.de>
-Date: Fri, 2 Apr 2021 17:30:27 +0200
-Subject: [PATCH 09/23] pipe
-
----
- src/transports/pipe.c | 9 ++++++---
- 1 file changed, 6 insertions(+), 3 deletions(-)
-
-diff --git a/src/transports/pipe.c b/src/transports/pipe.c
-index 27422bd42..4c9e68beb 100644
---- a/src/transports/pipe.c
-+++ b/src/transports/pipe.c
-@@ -599,13 +599,16 @@ if (!cmd || !*cmd)
-     tblock->name);
-   return FALSE;
-   }
--if (is_tainted(cmd))
-+
-+{ uschar *m;
-+if (m = is_tainted2(cmd, 0, "Tainted '%s' (command "
-+    "for %s transport) not permitted", cmd, tblock->name))
-   {
--  addr->message = string_sprintf("Tainted '%s' (command "
--    "for %s transport) not permitted", cmd, tblock->name);
-   addr->transport_return = PANIC;
-+  addr->message = m;
-   return FALSE;
-   }
-+}
- 
- /* When a pipe is set up by a filter file, there may be values for $thisaddress
- and numerical the variables in existence. These are passed in
--- 
-2.30.2
-
diff --git a/mail/exim/files/debian/75_10-deliver.patch b/mail/exim/files/debian/75_10-deliver.patch
deleted file mode 100644
index ea4a54239e31..000000000000
--- a/mail/exim/files/debian/75_10-deliver.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-From 2fee91ae42e974c21202e0b5e17185f6a87bf8af Mon Sep 17 00:00:00 2001
-From: "Heiko Schlittermann (HS12-RIPE)" <hs@schlittermann.de>
-Date: Wed, 31 Mar 2021 23:12:44 +0200
-Subject: [PATCH 10/23] deliver
-
----
- src/deliver.c | 16 +++++++++-------
- 1 file changed, 9 insertions(+), 7 deletions(-)
-
-diff --git a/src/deliver.c b/src/deliver.c
-index d85edd70e..8b7998f37 100644
---- a/src/deliver.c
-+++ b/src/deliver.c
-@@ -5538,10 +5538,11 @@ FILE * fp = NULL;
- if (!s || !*s)
-   log_write(0, LOG_MAIN|LOG_PANIC,
-     "Failed to expand %s: '%s'\n", varname, filename);
--else if (*s != '/' || is_tainted(s))
--  log_write(0, LOG_MAIN|LOG_PANIC,
--    "%s is not %s after expansion: '%s'\n",
--    varname, *s == '/' ? "untainted" : "absolute", s);
-+else if (*s != '/')
-+  log_write(0, LOG_MAIN|LOG_PANIC, "%s is not absolute after expansion: '%s'\n",
-+    varname, s);
-+else if (is_tainted2(s, LOG_MAIN|LOG_PANIC, "Tainted %s after expansion: '%s'\n", varname, s))
-+  ;
- else if (!(fp = Ufopen(s, "rb")))
-   log_write(0, LOG_MAIN|LOG_PANIC, "Failed to open %s for %s "
-     "message texts: %s", s, reason, strerror(errno));
-@@ -6148,12 +6149,13 @@ else if (system_filter && process_recipients != RECIP_FAIL_TIMEOUT)
-           {
-           uschar *tmp = expand_string(tpname);
-           address_file = address_pipe = NULL;
-+          uschar *m;
-           if (!tmp)
-             p->message = string_sprintf("failed to expand \"%s\" as a "
-               "system filter transport name", tpname);
--	  if (is_tainted(tmp))
--            p->message = string_sprintf("attempt to used tainted value '%s' for"
--	      "transport '%s' as a system filter", tmp, tpname);
-+	  if (is_tainted2(tmp, 0, m = string_sprintf("Tainted values '%s' "
-+              "for transport '%s' as a system filter", tmp, tpname)))
-+            p->message = m;
-           tpname = tmp;
-           }
-         else
--- 
-2.30.2
-
diff --git a/mail/exim/files/debian/75_11-directory.patch b/mail/exim/files/debian/75_11-directory.patch
deleted file mode 100644
index 4c3a68418c0b..000000000000
--- a/mail/exim/files/debian/75_11-directory.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-From 5f41e800ce9cc7ad154047298914df955e905bf4 Mon Sep 17 00:00:00 2001
-From: "Heiko Schlittermann (HS12-RIPE)" <hs@schlittermann.de>
-Date: Thu, 1 Apr 2021 21:28:59 +0200
-Subject: [PATCH 11/23] directory
-
----
- src/directory.c | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/src/directory.c b/src/directory.c
-index 2d4d565f4..9f88f4141 100644
---- a/src/directory.c
-+++ b/src/directory.c
-@@ -44,6 +44,9 @@ uschar c = 1;
- struct stat statbuf;
- uschar * path;
- 
-+if (is_tainted2(name, LOG_MAIN|LOG_PANIC, "Tainted path '%s' for new directory", name))
-+  { p = US"create"; path = US name; errno = EACCES; goto bad; }
-+
- if (parent)
-   {
-   path = string_sprintf("%s%s%s", parent, US"/", name);
--- 
-2.30.2
-
diff --git a/mail/exim/files/debian/75_12-expand.patch b/mail/exim/files/debian/75_12-expand.patch
deleted file mode 100644
index ebb099d284f2..000000000000
--- a/mail/exim/files/debian/75_12-expand.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-From c02ea85f525ff256d78e084d6f76fe3032fd52e1 Mon Sep 17 00:00:00 2001
-From: "Heiko Schlittermann (HS12-RIPE)" <hs@schlittermann.de>
-Date: Thu, 1 Apr 2021 21:33:50 +0200
-Subject: [PATCH 12/23] expand
-
----
- src/expand.c | 8 ++++----
- 1 file changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/src/expand.c b/src/expand.c
-index 05de94c49..21b86ebf5 100644
---- a/src/expand.c
-+++ b/src/expand.c
-@@ -4383,13 +4383,13 @@ DEBUG(D_expand)
- f.expand_string_forcedfail = FALSE;
- expand_string_message = US"";
- 
--if (is_tainted(string))
-+{ uschar *m;
-+if (m = is_tainted2(string, LOG_MAIN|LOG_PANIC, "Tainted string '%s' in expansion", s))
-   {
--  expand_string_message =
--    string_sprintf("attempt to expand tainted string '%s'", s);
--  log_write(0, LOG_MAIN|LOG_PANIC, "%s", expand_string_message);
-+  expand_string_message = m;
-   goto EXPAND_FAILED;
-   }
-+}
- 
- while (*s != 0)
-   {
--- 
-2.30.2
-
diff --git a/mail/exim/files/debian/75_13-lf_sqlperform.patch b/mail/exim/files/debian/75_13-lf_sqlperform.patch
deleted file mode 100644
index 67283a02676e..000000000000
--- a/mail/exim/files/debian/75_13-lf_sqlperform.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-From 9810dfc25d8b9687b46e57963a3ac30bf5c9b2c9 Mon Sep 17 00:00:00 2001
-From: "Heiko Schlittermann (HS12-RIPE)" <hs@schlittermann.de>
-Date: Thu, 1 Apr 2021 21:36:12 +0200
-Subject: [PATCH 13/23] lf_sqlperform
-
----
- src/lookups/lf_sqlperform.c | 14 +++++++++-----
- 1 file changed, 9 insertions(+), 5 deletions(-)
-
-diff --git a/src/lookups/lf_sqlperform.c b/src/lookups/lf_sqlperform.c
-index ad1df29d1..eda3089e2 100644
---- a/src/lookups/lf_sqlperform.c
-+++ b/src/lookups/lf_sqlperform.c
-@@ -102,11 +102,13 @@ if (Ustrncmp(query, "servers", 7) == 0)
-         }
-       }
- 
--    if (is_tainted(server))
--      {
--      *errmsg = string_sprintf("%s server \"%s\" is tainted", name, server);
-+    { uschar *m;
-+    if (m = is_tainted2(server, 0, "Tainted %s server '%s'", name, server))
-+     {
-+      *errmsg = m;
-       return DEFER;
-       }
-+    }
- 
-     rc = (*fn)(ss+1, server, result, errmsg, &defer_break, do_cache, opts);
-     if (rc != DEFER || defer_break) return rc;
-@@ -158,11 +160,13 @@ else
- 	server = ele;
- 	}
- 
--      if (is_tainted(server))
-+      { uschar *m;
-+      if (is_tainted2(server, 0, "Tainted %s server '%s'", name, server))
-         {
--        *errmsg = string_sprintf("%s server \"%s\" is tainted", name, server);
-+        *errmsg = m;
-         return DEFER;
-         }
-+      }
- 
-       rc = (*fn)(query, server, result, errmsg, &defer_break, do_cache, opts);
-       if (rc != DEFER || defer_break) return rc;
--- 
-2.30.2
-
diff --git a/mail/exim/files/debian/75_14-rf_get_transport.patch b/mail/exim/files/debian/75_14-rf_get_transport.patch
deleted file mode 100644
index 9e8b69d3ad6a..000000000000
--- a/mail/exim/files/debian/75_14-rf_get_transport.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-From 015fff57c854184f8bce61476c46a2830a97daf8 Mon Sep 17 00:00:00 2001
-From: "Heiko Schlittermann (HS12-RIPE)" <hs@schlittermann.de>
-Date: Fri, 2 Apr 2021 08:36:24 +0200
-Subject: [PATCH 14/23] rf_get_transport
-
----
- src/routers/rf_get_transport.c | 4 +---
- 1 file changed, 1 insertion(+), 3 deletions(-)
-
-diff --git a/src/routers/rf_get_transport.c b/src/routers/rf_get_transport.c
-index 4a43818ff..32bde9ec3 100644
---- a/src/routers/rf_get_transport.c
-+++ b/src/routers/rf_get_transport.c
-@@ -66,10 +66,8 @@ if (expandable)
-       "\"%s\" in %s router: %s", tpname, router_name, expand_string_message);
-     return FALSE;
-     }
--  if (is_tainted(ss))
-+  if (is_tainted2(ss, LOG_MAIN|LOG_PANIC, "Tainted tainted value '%s' from '%s' for transport", ss, tpname))
-     {
--    log_write(0, LOG_MAIN|LOG_PANIC,
--      "attempt to use tainted value '%s' from '%s' for transport", ss, tpname);
-     addr->basic_errno = ERRNO_BADTRANSPORT;
-     /* Avoid leaking info to an attacker */
-     addr->message = US"internal configuration error";
--- 
-2.30.2
-
diff --git a/mail/exim/files/debian/75_15-deliver.patch b/mail/exim/files/debian/75_15-deliver.patch
deleted file mode 100644
index 0c2ca2772d10..000000000000
--- a/mail/exim/files/debian/75_15-deliver.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From 2bafe3fc82cf62f0c21f939f5891b8d067f3abc7 Mon Sep 17 00:00:00 2001
-From: "Heiko Schlittermann (HS12-RIPE)" <hs@schlittermann.de>
-Date: Sat, 3 Apr 2021 10:54:22 +0200
-Subject: [PATCH 15/23] deliver
-
----
- src/deliver.c  | 5 +++--
- test/paniclog/0622 | 2 +-
- test/stderr/0622   | 2 +-
- 3 files changed, 5 insertions(+), 4 deletions(-)
-
-diff --git a/src/deliver.c b/src/deliver.c
-index 8b7998f37..87e944b03 100644
---- a/src/deliver.c
-+++ b/src/deliver.c
-@@ -6153,9 +6153,10 @@ else if (system_filter && process_recipients != RECIP_FAIL_TIMEOUT)
-           if (!tmp)
*** 2847 LINES SKIPPED ***