util/timed_read.c and as precautionary measure,
util/timed_write.c.
+20030908
+
+ The 20030905 workaround triggers too many warnings. TCP
+ sockets are back to blocking, and keepalives are turned on
+ to kill off dead sockets, as suggested by Leandro Santi.
+ Files: master/{single,multi}_server.c, smtpd/smtpd.c,
+ util/sys_defs.h.
+
+20030909
+
+ Bugfix: the LMTP session caching code had problems with
+ SASL authentication after the first connection, and pipelining
+ was working poorly. Fix by Viktor Dukhovni, Morgan Stanley.
+ Files: lmtp/lmtp.c, lmtp/lmtp_proto.c.
+
+20030912
+
+ Workaround: besides SMTP server sockets, SMTP client sockets
+ can also hang on Solaris, as reported by Leandro Santi. In
+ order to deal with this at the root, all connection management
+ is now done by sane_accept() and sane_connect(). Both turn
+ on keepalives on Solaris.
+
+20030913
+
+ Safety: set-gid commands don't trust TZ. File: msg_syslog.c.
+
Open problems:
Doc: mention the proxy_interfaces parameter everywhere the
#
# if /pattern/flags
#
-# if !/pattern/flags
-#
# endif Match the search string against the patterns
# between if and endif, if and only if the search
-# string matches (does not match) pattern. The
-# if..endif can nest.
+# string matches pattern. The if..endif can nest.
#
-# Note: do not prepend whitespace to patterns inside
+# Note: do not prepend whitespace to patterns inside
# if..endif.
#
# Each pattern is a perl-like regular expression. The
-# expression delimiter can be any character, except whites-
-# pace or characters that have special meaning (tradition-
-# ally the forward slash is used). The regular expression
+# expression delimiter can be any character, except whites-
+# pace or characters that have special meaning (tradition-
+# ally the forward slash is used). The regular expression
# can contain whitespace.
#
# By default, matching is case-insensitive, and newlines are
-# not treated as special characters. The behavior is con-
-# trolled by flags, which are toggled by appending one or
+# not treated as special characters. The behavior is con-
+# trolled by flags, which are toggled by appending one or
# more of the following characters after the pattern:
#
# i (default: on)
-# Toggles the case sensitivity flag. By default,
+# Toggles the case sensitivity flag. By default,
# matching is case insensitive.
#
# m (default: off)
-# Toggles the PCRE_MULTILINE flag. When this flag is
-# on, the ^ and $ metacharacters match immediately
-# after and immediately before a newline character,
-# respectively, in addition to matching at the start
+# Toggles the PCRE_MULTILINE flag. When this flag is
+# on, the ^ and $ metacharacters match immediately
+# after and immediately before a newline character,
+# respectively, in addition to matching at the start
# and end of the subject string.
#
# s (default: on)
# Toggles the PCRE_DOTALL flag. When this flag is on,
# the . metacharacter matches the newline character.
-# With Postfix versions prior to 20020528, The flag
+# With Postfix versions prior to 20020528, The flag
# is off by default, which is inconvenient for multi-
# line message header matching.
#
# x (default: off)
-# Toggles the pcre extended flag. When this flag is
-# on, whitespace in the pattern (other than in a
+# Toggles the pcre extended flag. When this flag is
+# on, whitespace in the pattern (other than in a
# character class) and characters between a # outside
-# a character class and the next newline character
-# are ignored. An escaping backslash can be used to
-# include a whitespace or # character as part of the
+# a character class and the next newline character
+# are ignored. An escaping backslash can be used to
+# include a whitespace or # character as part of the
# pattern.
#
# A (default: off)
-# Toggles the PCRE_ANCHORED flag. When this flag is
-# on, the pattern is forced to be "anchored", that
+# Toggles the PCRE_ANCHORED flag. When this flag is
+# on, the pattern is forced to be "anchored", that
# is, it is constrained to match only at the start of
-# the string which is being searched (the "subject
-# string"). This effect can also be achieved by
+# the string which is being searched (the "subject
+# string"). This effect can also be achieved by
# appropriate constructs in the pattern itself.
#
# E (default: off)
-# Toggles the PCRE_DOLLAR_ENDONLY flag. When this
-# flag is on, a $ metacharacter in the pattern
-# matches only at the end of the subject string.
-# Without this flag, a dollar also matches immedi-
+# Toggles the PCRE_DOLLAR_ENDONLY flag. When this
+# flag is on, a $ metacharacter in the pattern
+# matches only at the end of the subject string.
+# Without this flag, a dollar also matches immedi-
# ately before the final character if it is a newline
# character (but not before any other newline charac-
-# ters). This flag is ignored if PCRE_MULTILINE flag
+# ters). This flag is ignored if PCRE_MULTILINE flag
# is set.
#
# U (default: off)
# Toggles the ungreedy matching flag. When this flag
-# is on, the pattern matching engine inverts the
-# "greediness" of the quantifiers so that they are
-# not greedy by default, but become greedy if fol-
-# lowed by "?". This flag can also set by a (?U)
+# is on, the pattern matching engine inverts the
+# "greediness" of the quantifiers so that they are
+# not greedy by default, but become greedy if fol-
+# lowed by "?". This flag can also set by a (?U)
# modifier within the pattern.
#
# X (default: off)
# Toggles the PCRE_EXTRA flag. When this flag is on,
-# any backslash in a pattern that is followed by a
+# any backslash in a pattern that is followed by a
# letter that has no special meaning causes an error,
# thus reserving these combinations for future expan-
# sion.
#
-# Each pattern is applied to the entire lookup key string.
-# Depending on the application, that string is an entire
+# Each pattern is applied to the entire lookup key string.
+# Depending on the application, that string is an entire
# client hostname, an entire client IP address, or an entire
-# mail address. Thus, no parent domain or parent network
-# search is done, and user@domain mail addresses are not
-# broken up into their user and domain constituent parts,
+# mail address. Thus, no parent domain or parent network
+# search is done, and user@domain mail addresses are not
+# broken up into their user and domain constituent parts,
# nor is user+foo broken up into user and foo.
#
-# Patterns are applied in the order as specified in the
-# table, until a pattern is found that matches the search
+# Patterns are applied in the order as specified in the
+# table, until a pattern is found that matches the search
# string.
#
-# Substitution of substrings from the matched expression
-# into the result string is possible using the conventional
-# perl syntax ($1, $2, etc.). The macros in the result
-# string may need to be written as ${n} or $(n) if they
+# Substitution of substrings from the matched expression
+# into the result string is possible using the conventional
+# perl syntax ($1, $2, etc.). The macros in the result
+# string may need to be written as ${n} or $(n) if they
# aren't followed by whitespace.
#
# EXAMPLE SMTPD ACCESS MAP
<b>if</b> <b>/</b><i>pattern</i><b>/</b><i>flags</i>
- <b>if</b> <b>!/</b><i>pattern</i><b>/</b><i>flags</i>
-
<b>endif</b> Match the search string against the patterns
between <b>if</b> and <b>endif</b>, if and only if the search
- string matches (does not match) <i>pattern</i>. The
- <b>if</b>..<b>endif</b> can nest.
+ string matches <i>pattern</i>. The <b>if</b>..<b>endif</b> can nest.
- Note: do not prepend whitespace to patterns inside
+ Note: do not prepend whitespace to patterns inside
<b>if</b>..<b>endif</b>.
Each pattern is a perl-like regular expression. The
- expression delimiter can be any character, except whites-
- pace or characters that have special meaning (tradition-
- ally the forward slash is used). The regular expression
+ expression delimiter can be any character, except whites-
+ pace or characters that have special meaning (tradition-
+ ally the forward slash is used). The regular expression
can contain whitespace.
By default, matching is case-insensitive, and newlines are
- not treated as special characters. The behavior is con-
- trolled by flags, which are toggled by appending one or
+ not treated as special characters. The behavior is con-
+ trolled by flags, which are toggled by appending one or
more of the following characters after the pattern:
<b>i</b> (default: on)
- Toggles the case sensitivity flag. By default,
+ Toggles the case sensitivity flag. By default,
matching is case insensitive.
<b>m</b> (default: off)
- Toggles the PCRE_MULTILINE flag. When this flag is
- on, the <b>^</b> and <b>$</b> metacharacters match immediately
- after and immediately before a newline character,
- respectively, in addition to matching at the start
+ Toggles the PCRE_MULTILINE flag. When this flag is
+ on, the <b>^</b> and <b>$</b> metacharacters match immediately
+ after and immediately before a newline character,
+ respectively, in addition to matching at the start
and end of the subject string.
<b>s</b> (default: on)
Toggles the PCRE_DOTALL flag. When this flag is on,
the <b>.</b> metacharacter matches the newline character.
- With Postfix versions prior to 20020528, The flag
+ With Postfix versions prior to 20020528, The flag
is off by default, which is inconvenient for multi-
line message header matching.
<b>x</b> (default: off)
- Toggles the pcre extended flag. When this flag is
- on, whitespace in the pattern (other than in a
+ Toggles the pcre extended flag. When this flag is
+ on, whitespace in the pattern (other than in a
character class) and characters between a <b>#</b> outside
- a character class and the next newline character
- are ignored. An escaping backslash can be used to
- include a whitespace or <b>#</b> character as part of the
+ a character class and the next newline character
+ are ignored. An escaping backslash can be used to
+ include a whitespace or <b>#</b> character as part of the
pattern.
<b>A</b> (default: off)
- Toggles the PCRE_ANCHORED flag. When this flag is
- on, the pattern is forced to be "anchored", that
+ Toggles the PCRE_ANCHORED flag. When this flag is
+ on, the pattern is forced to be "anchored", that
is, it is constrained to match only at the start of
- the string which is being searched (the "subject
- string"). This effect can also be achieved by
+ the string which is being searched (the "subject
+ string"). This effect can also be achieved by
appropriate constructs in the pattern itself.
<b>E</b> (default: off)
- Toggles the PCRE_DOLLAR_ENDONLY flag. When this
- flag is on, a <b>$</b> metacharacter in the pattern
- matches only at the end of the subject string.
- Without this flag, a dollar also matches immedi-
+ Toggles the PCRE_DOLLAR_ENDONLY flag. When this
+ flag is on, a <b>$</b> metacharacter in the pattern
+ matches only at the end of the subject string.
+ Without this flag, a dollar also matches immedi-
ately before the final character if it is a newline
character (but not before any other newline charac-
- ters). This flag is ignored if PCRE_MULTILINE flag
+ ters). This flag is ignored if PCRE_MULTILINE flag
is set.
<b>U</b> (default: off)
Toggles the ungreedy matching flag. When this flag
- is on, the pattern matching engine inverts the
- "greediness" of the quantifiers so that they are
- not greedy by default, but become greedy if fol-
- lowed by "?". This flag can also set by a (?U)
+ is on, the pattern matching engine inverts the
+ "greediness" of the quantifiers so that they are
+ not greedy by default, but become greedy if fol-
+ lowed by "?". This flag can also set by a (?U)
modifier within the pattern.
<b>X</b> (default: off)
Toggles the PCRE_EXTRA flag. When this flag is on,
- any backslash in a pattern that is followed by a
+ any backslash in a pattern that is followed by a
letter that has no special meaning causes an error,
thus reserving these combinations for future expan-
sion.
- Each pattern is applied to the entire lookup key string.
- Depending on the application, that string is an entire
+ Each pattern is applied to the entire lookup key string.
+ Depending on the application, that string is an entire
client hostname, an entire client IP address, or an entire
- mail address. Thus, no parent domain or parent network
- search is done, and <i>user@domain</i> mail addresses are not
- broken up into their <i>user</i> and <i>domain</i> constituent parts,
+ mail address. Thus, no parent domain or parent network
+ search is done, and <i>user@domain</i> mail addresses are not
+ broken up into their <i>user</i> and <i>domain</i> constituent parts,
nor is <i>user+foo</i> broken up into <i>user</i> and <i>foo</i>.
- Patterns are applied in the order as specified in the
- table, until a pattern is found that matches the search
+ Patterns are applied in the order as specified in the
+ table, until a pattern is found that matches the search
string.
- Substitution of substrings from the matched expression
- into the result string is possible using the conventional
- perl syntax ($1, $2, etc.). The macros in the result
- string may need to be written as ${n} or $(n) if they
+ Substitution of substrings from the matched expression
+ into the result string is possible using the conventional
+ perl syntax ($1, $2, etc.). The macros in the result
+ string may need to be written as ${n} or $(n) if they
aren't followed by whitespace.
<b>EXAMPLE</b> <b>SMTPD</b> <b>ACCESS</b> <b>MAP</b>
with comments that Sendmail allows.
<b>broken</b><i>_</i><b>sasl</b><i>_</i><b>auth</b><i>_</i><b>clients</b>
- Support older Microsoft clients that mis-implement
- the AUTH protocol, and that expect an EHLO response
- of "250 AUTH=list" instead of "250 AUTH list".
+ Support Microsoft clients that implement an older
+ version of the AUTH protocol, and that expect an
+ EHLO response of "250 AUTH=list" instead of "250
+ AUTH list".
<b>smtpd</b><i>_</i><b>noop</b><i>_</i><b>commands</b>
List of commands that are treated as NOOP (no oper-
- ation) commands, without any parameter syntax
- checking and without any state change. This list
+ ation) commands, without any parameter syntax
+ checking and without any state change. This list
overrides built-in command definitions.
<b>Content</b> <b>inspection</b> <b>controls</b>
<b>content</b><i>_</i><b>filter</b>
- The name of a mail delivery transport that filters
+ The name of a mail delivery transport that filters
mail and that either bounces mail or re-injects the
- result back into Postfix. This parameter uses the
- same syntax as the right-hand side of a Postfix
+ result back into Postfix. This parameter uses the
+ same syntax as the right-hand side of a Postfix
transport table.
<b>Authentication</b> <b>controls</b>
- <b>enable</b><i>_</i><b>sasl</b><i>_</i><b>authentication</b>
- Enable per-session authentication as per <a href="http://www.faqs.org/rfcs/rfc2554.html">RFC 2554</a>
- (SASL). This functionality is available only when
+ <b>smtpd</b><i>_</i><b>sasl</b><i>_</i><b>auth</b><i>_</i><b>enable</b>
+ Enable per-session authentication as per <a href="http://www.faqs.org/rfcs/rfc2554.html">RFC 2554</a>
+ (SASL). This functionality is available only when
explicitly selected at program build time and
explicitly enabled at runtime.
Disallow anonymous logins.
<b>smtpd</b><i>_</i><b>sender</b><i>_</i><b>login</b><i>_</i><b>maps</b>
- Maps that specify the SASL login name that owns a
- MAIL FROM sender address. Used by the
+ Maps that specify the SASL login name that owns a
+ MAIL FROM sender address. Used by the
<b>reject</b><i>_</i><b>sender</b><i>_</i><b>login</b><i>_</i><b>mismatch</b> sender anti-spoofing
restriction.
<b>Miscellaneous</b>
<b>always</b><i>_</i><b>bcc</b>
- Address to send a copy of each message that enters
+ Address to send a copy of each message that enters
the system.
<b>authorized</b><i>_</i><b>verp</b><i>_</i><b>clients</b>
that are authorized to use the XVERP extension.
<b>debug</b><i>_</i><b>peer</b><i>_</i><b>level</b>
- Increment in verbose logging level when a remote
+ Increment in verbose logging level when a remote
host matches a pattern in the <b>debug</b><i>_</i><b>peer</b><i>_</i><b>list</b>
parameter.
<b>debug</b><i>_</i><b>peer</b><i>_</i><b>list</b>
- List of domain or network patterns. When a remote
- host matches a pattern, increase the verbose log-
- ging level by the amount specified in the
+ List of domain or network patterns. When a remote
+ host matches a pattern, increase the verbose log-
+ ging level by the amount specified in the
<b>debug</b><i>_</i><b>peer</b><i>_</i><b>level</b> parameter.
<b>default</b><i>_</i><b>verp</b><i>_</i><b>delimiters</b>
The default VERP delimiter characters that are used
- when the XVERP command is specified without
+ when the XVERP command is specified without
explicit delimiters.
<b>error</b><i>_</i><b>notice</b><i>_</i><b>recipient</b>
- Recipient of protocol/policy/resource/software
+ Recipient of protocol/policy/resource/software
error notices.
<b>hopcount</b><i>_</i><b>limit</b>
<b>notify</b><i>_</i><b>classes</b>
List of error classes. Of special interest are:
- <b>policy</b> When a client violates any policy, mail a
+ <b>policy</b> When a client violates any policy, mail a
transcript of the entire SMTP session to the
postmaster.
<b>protocol</b>
- When a client violates the SMTP protocol or
+ When a client violates the SMTP protocol or
issues an unimplemented command, mail a
transcript of the entire SMTP session to the
postmaster.
<b>smtpd</b><i>_</i><b>banner</b>
- Text that follows the <b>220</b> status code in the SMTP
+ Text that follows the <b>220</b> status code in the SMTP
greeting banner.
<b>smtpd</b><i>_</i><b>expansion</b><i>_</i><b>filter</b>
expansion of rbl template responses and other text.
<b>smtpd</b><i>_</i><b>recipient</b><i>_</i><b>limit</b>
- Restrict the number of recipients that the SMTP
+ Restrict the number of recipients that the SMTP
server accepts per message delivery.
<b>smtpd</b><i>_</i><b>timeout</b>
- Limit the time to send a server response and to
+ Limit the time to send a server response and to
receive a client request.
<b>soft</b><i>_</i><b>bounce</b>
- Change hard (5xx) reject responses into soft (4xx)
- reject responses. This can be useful for testing
+ Change hard (5xx) reject responses into soft (4xx)
+ reject responses. This can be useful for testing
purposes.
<b>verp</b><i>_</i><b>delimiter</b><i>_</i><b>filter</b>
- The characters that Postfix accepts as VERP delim-
+ The characters that Postfix accepts as VERP delim-
iter characters.
<b>Known</b> <b>versus</b> <b>unknown</b> <b>recipients</b>
<b>show</b><i>_</i><b>user</b><i>_</i><b>unknown</b><i>_</i><b>table</b><i>_</i><b>name</b>
- Whether or not to reveal the table name in the
- "User unknown" responses. The extra detail makes
- trouble shooting easier but also reveals informa-
+ Whether or not to reveal the table name in the
+ "User unknown" responses. The extra detail makes
+ trouble shooting easier but also reveals informa-
tion that is nobody elses business.
<b>unknown</b><i>_</i><b>local</b><i>_</i><b>recipient</b><i>_</i><b>reject</b><i>_</i><b>code</b>
The response code when a client specifies a recipi-
- ent whose domain matches <b>$mydestination</b> or
+ ent whose domain matches <b>$mydestination</b> or
<b>$inet</b><i>_</i><b>interfaces</b>, while <b>$local</b><i>_</i><b>recipient</b><i>_</i><b>maps</b> is
- non-empty and does not list the recipient address
+ non-empty and does not list the recipient address
or address local-part.
<b>unknown</b><i>_</i><b>relay</b><i>_</i><b>recipient</b><i>_</i><b>reject</b><i>_</i><b>code</b>
The response code when a client specifies a recipi-
ent whose domain matches <b>$relay</b><i>_</i><b>domains</b>, while
- <b>$relay</b><i>_</i><b>recipient</b><i>_</i><b>maps</b> is non-empty and does not
+ <b>$relay</b><i>_</i><b>recipient</b><i>_</i><b>maps</b> is non-empty and does not
list the recipient address.
<b>unknown</b><i>_</i><b>virtual</b><i>_</i><b>alias</b><i>_</i><b>reject</b><i>_</i><b>code</b>
The response code when a client specifies a recipi-
- ent whose domain matches <b>$virtual</b><i>_</i><b>alias</b><i>_</i><b>domains</b>,
- while the recipient is not listed in <b>$vir-</b>
+ ent whose domain matches <b>$virtual</b><i>_</i><b>alias</b><i>_</i><b>domains</b>,
+ while the recipient is not listed in <b>$vir-</b>
<b>tual</b><i>_</i><b>alias</b><i>_</i><b>maps</b>.
<b>unknown</b><i>_</i><b>virtual</b><i>_</i><b>mailbox</b><i>_</i><b>reject</b><i>_</i><b>code</b>
The response code when a client specifies a recipi-
- ent whose domain matches <b>$virtual</b><i>_</i><b>mailbox</b><i>_</i><b>domains</b>,
+ ent whose domain matches <b>$virtual</b><i>_</i><b>mailbox</b><i>_</i><b>domains</b>,
while the recipient is not listed in <b>$virtual</b><i>_</i><b>mail-</b>
<b>box</b><i>_</i><b>maps</b>.
<b>Resource</b> <b>controls</b>
<b>line</b><i>_</i><b>length</b><i>_</i><b>limit</b>
- Limit the amount of memory in bytes used for the
+ Limit the amount of memory in bytes used for the
handling of partial input lines.
<b>message</b><i>_</i><b>size</b><i>_</i><b>limit</b>
ing on-disk storage for envelope information.
<b>queue</b><i>_</i><b>minfree</b>
- Minimal amount of free space in bytes in the queue
- file system for the SMTP server to accept any mail
+ Minimal amount of free space in bytes in the queue
+ file system for the SMTP server to accept any mail
at all.
<b>smtpd</b><i>_</i><b>history</b><i>_</i><b>flush</b><i>_</i><b>threshold</b>
<b>smtpd</b><i>_</i><b>soft</b><i>_</i><b>error</b><i>_</i><b>limit</b>
When an SMTP client has made this number of errors,
- wait <i>error_count</i> seconds before responding to any
+ wait <i>error_count</i> seconds before responding to any
client request.
<b>smtpd</b><i>_</i><b>hard</b><i>_</i><b>error</b><i>_</i><b>limit</b>
- Disconnect after a client has made this number of
+ Disconnect after a client has made this number of
errors.
<b>smtpd</b><i>_</i><b>junk</b><i>_</i><b>command</b><i>_</i><b>limit</b>
Limit the number of times a client can issue a junk
- command such as NOOP, VRFY, ETRN or RSET in one
- SMTP session before it is penalized with tarpit
+ command such as NOOP, VRFY, ETRN or RSET in one
+ SMTP session before it is penalized with tarpit
delays.
<b>UCE</b> <b>control</b> <b>restrictions</b>
<b>parent</b><i>_</i><b>domain</b><i>_</i><b>matches</b><i>_</i><b>subdomains</b>
- List of Postfix features that use <i>domain.tld</i> pat-
- terns to match <i>sub.domain.tld</i> (as opposed to
+ List of Postfix features that use <i>domain.tld</i> pat-
+ terns to match <i>sub.domain.tld</i> (as opposed to
requiring <i>.domain.tld</i> patterns).
<b>smtpd</b><i>_</i><b>client</b><i>_</i><b>restrictions</b>
tem.
<b>smtpd</b><i>_</i><b>helo</b><i>_</i><b>required</b>
- Require that clients introduce themselves at the
+ Require that clients introduce themselves at the
beginning of an SMTP session.
<b>smtpd</b><i>_</i><b>helo</b><i>_</i><b>restrictions</b>
- Restrict what client hostnames are allowed in <b>HELO</b>
+ Restrict what client hostnames are allowed in <b>HELO</b>
and <b>EHLO</b> commands.
<b>smtpd</b><i>_</i><b>sender</b><i>_</i><b>restrictions</b>
- Restrict what sender addresses are allowed in <b>MAIL</b>
+ Restrict what sender addresses are allowed in <b>MAIL</b>
<b>FROM</b> commands.
<b>smtpd</b><i>_</i><b>recipient</b><i>_</i><b>restrictions</b>
- Restrict what recipient addresses are allowed in
+ Restrict what recipient addresses are allowed in
<b>RCPT</b> <b>TO</b> commands.
<b>smtpd</b><i>_</i><b>etrn</b><i>_</i><b>restrictions</b>
mands, and what clients may issue <b>ETRN</b> commands.
<b>smtpd</b><i>_</i><b>data</b><i>_</i><b>restrictions</b>
- Restrictions on the <b>DATA</b> command. Currently, the
- only restriction that makes sense here is
+ Restrictions on the <b>DATA</b> command. Currently, the
+ only restriction that makes sense here is
<b>reject</b><i>_</i><b>unauth</b><i>_</i><b>pipelining</b>.
<b>allow</b><i>_</i><b>untrusted</b><i>_</i><b>routing</b>
- Allow untrusted clients to specify addresses with
- sender-specified routing. Enabling this opens up
- nasty relay loopholes involving trusted backup MX
+ Allow untrusted clients to specify addresses with
+ sender-specified routing. Enabling this opens up
+ nasty relay loopholes involving trusted backup MX
hosts.
<b>smtpd</b><i>_</i><b>restriction</b><i>_</i><b>classes</b>
- Declares the name of zero or more parameters that
- contain a list of UCE restrictions. The names of
- these parameters can then be used instead of the
+ Declares the name of zero or more parameters that
+ contain a list of UCE restrictions. The names of
+ these parameters can then be used instead of the
restriction lists that they represent.
<b>smtpd</b><i>_</i><b>null</b><i>_</i><b>access</b><i>_</i><b>lookup</b><i>_</i><b>key</b>
- The lookup key to be used in SMTPD access tables
- instead of the null sender address. A null sender
+ The lookup key to be used in SMTPD access tables
+ instead of the null sender address. A null sender
address cannot be looked up.
<b>maps</b><i>_</i><b>rbl</b><i>_</i><b>domains</b> (deprecated)
- List of DNS domains that publish the addresses of
+ List of DNS domains that publish the addresses of
blacklisted hosts. This is used with the deprecated
<b>reject</b><i>_</i><b>maps</b><i>_</i><b>rbl</b> restriction.
<b>permit</b><i>_</i><b>mx</b><i>_</i><b>backup</b><i>_</i><b>networks</b>
- Only domains whose primary MX hosts match the
- listed networks are eligible for the <b>per-</b>
+ Only domains whose primary MX hosts match the
+ listed networks are eligible for the <b>per-</b>
<b>mit</b><i>_</i><b>mx</b><i>_</i><b>backup</b> feature.
<b>relay</b><i>_</i><b>domains</b>
- Restrict what domains this mail system will relay
- mail to. The domains are routed to the delivery
+ Restrict what domains this mail system will relay
+ mail to. The domains are routed to the delivery
agent specified with the <b>relay</b><i>_</i><b>transport</b> setting.
<b>UCE</b> <b>control</b> <b>responses</b>
<b>access</b><i>_</i><b>map</b><i>_</i><b>reject</b><i>_</i><b>code</b>
- Response code when a client violates an access
+ Response code when a client violates an access
database restriction.
<b>default</b><i>_</i><b>rbl</b><i>_</i><b>reply</b>
Default template reply when a request is RBL black-
- listed. This template is used by the <b>reject</b><i>_</i><b>rbl</b><i>_</i><b>*</b>
- and <b>reject</b><i>_</i><b>rhsbl</b><i>_</i><b>*</b> restrictions. See also:
+ listed. This template is used by the <b>reject</b><i>_</i><b>rbl</b><i>_</i><b>*</b>
+ and <b>reject</b><i>_</i><b>rhsbl</b><i>_</i><b>*</b> restrictions. See also:
<b>rbl</b><i>_</i><b>reply</b><i>_</i><b>maps</b> and <b>smtpd</b><i>_</i><b>expansion</b><i>_</i><b>filter</b>.
<b>defer</b><i>_</i><b>code</b>
- Response code when a client request is rejected by
+ Response code when a client request is rejected by
the <b>defer</b> restriction.
<b>invalid</b><i>_</i><b>hostname</b><i>_</i><b>reject</b><i>_</i><b>code</b>
- Response code when a client violates the
+ Response code when a client violates the
<b>reject</b><i>_</i><b>invalid</b><i>_</i><b>hostname</b> restriction.
<b>maps</b><i>_</i><b>rbl</b><i>_</i><b>reject</b><i>_</i><b>code</b>
Response code when a request is RBL blacklisted.
<b>rbl</b><i>_</i><b>reply</b><i>_</i><b>maps</b>
- Table with template responses for RBL blacklisted
- requests, indexed by RBL domain name. These tem-
+ Table with template responses for RBL blacklisted
+ requests, indexed by RBL domain name. These tem-
plates are used by the <b>reject</b><i>_</i><b>rbl</b><i>_</i><b>*</b> and
- <b>reject</b><i>_</i><b>rhsbl</b><i>_</i><b>*</b> restrictions. See also:
+ <b>reject</b><i>_</i><b>rhsbl</b><i>_</i><b>*</b> restrictions. See also:
<b>default</b><i>_</i><b>rbl</b><i>_</i><b>reply</b> and <b>smtpd</b><i>_</i><b>expansion</b><i>_</i><b>filter</b>.
<b>reject</b><i>_</i><b>code</b>
- Response code when the client matches a <b>reject</b>
+ Response code when the client matches a <b>reject</b>
restriction.
<b>relay</b><i>_</i><b>domains</b><i>_</i><b>reject</b><i>_</i><b>code</b>
mail relay policy.
<b>unknown</b><i>_</i><b>address</b><i>_</i><b>reject</b><i>_</i><b>code</b>
- Response code when a client violates the
+ Response code when a client violates the
<b>reject</b><i>_</i><b>unknown</b><i>_</i><b>address</b> restriction.
<b>unknown</b><i>_</i><b>client</b><i>_</i><b>reject</b><i>_</i><b>code</b>
tion.
<b>unknown</b><i>_</i><b>hostname</b><i>_</i><b>reject</b><i>_</i><b>code</b>
- Response code when a client violates the
+ Response code when a client violates the
<b>reject</b><i>_</i><b>unknown</b><i>_</i><b>hostname</b> restriction.
<b>SEE</b> <b>ALSO</b>
syslogd(8) system logging
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
A logical line starts with non-whitespace text. A line that
starts with whitespace continues a logical line.
.IP "\fBif /\fIpattern\fB/\fIflags\fR"
-.IP "\fBif !/\fIpattern\fB/\fIflags\fR"
.IP "\fBendif\fR"
Match the search string against the patterns between \fBif\fR
-and \fBendif\fR, if and only if the search string matches (does
-not match) \fIpattern\fR. The \fBif\fR..\fBendif\fR can nest.
+and \fBendif\fR, if and only if the search string matches
+\fIpattern\fR. The \fBif\fR..\fBendif\fR can nest.
.sp
Note: do not prepend whitespace to patterns inside
\fBif\fR..\fBendif\fR.
Disallow non-RFC 821 style addresses in SMTP commands. For example,
the RFC822-style address forms with comments that Sendmail allows.
.IP \fBbroken_sasl_auth_clients\fR
-Support older Microsoft clients that mis-implement the AUTH
+Support Microsoft clients that implement an older version of the AUTH
protocol, and that expect an EHLO response of "250 AUTH=list"
instead of "250 AUTH list".
.IP \fBsmtpd_noop_commands\fR
This parameter uses the same syntax as the right-hand side of
a Postfix transport table.
.SH "Authentication controls"
-.IP \fBenable_sasl_authentication\fR
+.IP \fBsmtpd_sasl_auth_enable\fR
Enable per-session authentication as per RFC 2554 (SASL).
This functionality is available only when explicitly selected
at program build time and explicitly enabled at runtime.
# A logical line starts with non-whitespace text. A line that
# starts with whitespace continues a logical line.
# .IP "\fBif /\fIpattern\fB/\fIflags\fR"
-# .IP "\fBif !/\fIpattern\fB/\fIflags\fR"
# .IP "\fBendif\fR"
# Match the search string against the patterns between \fBif\fR
-# and \fBendif\fR, if and only if the search string matches (does
-# not match) \fIpattern\fR. The \fBif\fR..\fBendif\fR can nest.
+# and \fBendif\fR, if and only if the search string matches
+# \fIpattern\fR. The \fBif\fR..\fBendif\fR can nest.
# .sp
# Note: do not prepend whitespace to patterns inside
# \fBif\fR..\fBendif\fR.
bounce_notify_util.o: ../../include/vbuf.h
bounce_notify_util.o: ../../include/vstream.h
bounce_notify_util.o: ../../include/line_wrap.h
+bounce_notify_util.o: ../../include/stringops.h
bounce_notify_util.o: ../../include/mail_queue.h
bounce_notify_util.o: ../../include/quote_822_local.h
bounce_notify_util.o: ../../include/quote_flags.h
* Patches change the patchlevel and the release date. Snapshots change the
* release date only, unless they include the same bugfix as a patch release.
*/
-#define MAIL_RELEASE_DATE "20030905"
+#define MAIL_RELEASE_DATE "20030913"
#define VAR_MAIL_VERSION "mail_version"
-#define DEF_MAIL_VERSION "2.0.15"
+#define DEF_MAIL_VERSION "2.0.16"
extern char *var_mail_version;
/*
lmtp_connect.o: ../../include/timed_connect.h
lmtp_connect.o: ../../include/stringops.h
lmtp_connect.o: ../../include/host_port.h
+lmtp_connect.o: ../../include/sane_connect.h
lmtp_connect.o: ../../include/mail_params.h
lmtp_connect.o: ../../include/mail_proto.h
lmtp_connect.o: ../../include/attr.h
lmtp_quit(state);
lmtp_chat_reset(state);
state->session = lmtp_session_free(state->session);
+#ifdef USE_SASL_AUTH
+ if (var_lmtp_sasl_enable)
+ lmtp_sasl_cleanup(state);
+#endif
}
/*
else if (lmtp_rset(state) != 0) {
lmtp_chat_reset(state);
state->session = lmtp_session_free(state->session);
+#ifdef USE_SASL_AUTH
+ if (var_lmtp_sasl_enable)
+ lmtp_sasl_cleanup(state);
+#endif
}
/*
*/
else if (lmtp_lhlo(state) != 0) {
state->session = lmtp_session_free(state->session);
+#ifdef USE_SASL_AUTH
+ if (var_lmtp_sasl_enable)
+ lmtp_sasl_cleanup(state);
+#endif
}
/*
sasl_callback_t *sasl_callbacks; /* stateful callbacks */
#endif
int sndbufsize; /* total window size */
- int sndbuffree; /* remaining window */
int reuse; /* connection being reused */
} LMTP_STATE;
#include <timed_connect.h>
#include <stringops.h>
#include <host_port.h>
+#include <sane_connect.h>
/* Global library. */
non_blocking(sock, BLOCKING);
errno = saved_errno;
} else {
- conn_stat = connect(sock, sa, len);
+ conn_stat = sane_connect(sock, sa, len);
}
if (conn_stat < 0) {
vstring_sprintf(why, "connect to %s[%s]: %m",
if (msg_verbose)
msg_info("server features: 0x%x", state->features);
-#ifdef USE_SASL_AUTH
- if (var_lmtp_sasl_enable && (state->features & LMTP_FEATURE_AUTH))
- return (lmtp_sasl_helo_login(state));
-#endif
-
/*
* We use LMTP command pipelining if the server said it supported it.
* Since we use blocking I/O, RFC 2197 says that we should inspect the
} else
state->sndbufsize = 0;
+#ifdef USE_SASL_AUTH
+ if (var_lmtp_sasl_enable && (state->features & LMTP_FEATURE_AUTH))
+ return (lmtp_sasl_helo_login(state));
+#endif
+
return (0);
}
/*
* Copy the next command to the buffer and update the sender state.
*/
- if (state->sndbuffree > 0)
- state->sndbuffree -= VSTRING_LEN(next_command) + 2;
+ if (sndbuffree > 0)
+ sndbuffree -= VSTRING_LEN(next_command) + 2;
lmtp_chat_cmd(state, "%s", vstring_str(next_command));
send_state = next_state;
send_rcpt = next_rcpt;
/* authentication.
/*
/* lmtp_sasl_passwd_lookup() looks up the username/password
-/* for the current SMTP server. The result is zero in case
+/* for the current LMTP server. The result is zero in case
/* of failure.
/*
/* lmtp_sasl_authenticate() implements the SASL authentication
/* suceeds.
/*
/* lmtp_sasl_cleanup() cleans up. It must be called at the
-/* end of every SMTP session that uses SASL authentication.
+/* end of every LMTP session that uses SASL authentication.
/* This routine is a noop for non-SASL sessions.
/*
/* Arguments:
lmtp_sasl_connect(state);
#endif
state->sndbufsize = 0;
- state->sndbuffree = 0;
state->reuse = 0;
return (state);
}
smtp_connect.o: ../../include/timed_connect.h
smtp_connect.o: ../../include/stringops.h
smtp_connect.o: ../../include/host_port.h
+smtp_connect.o: ../../include/sane_connect.h
smtp_connect.o: ../../include/mail_params.h
smtp_connect.o: ../../include/own_inet_addr.h
smtp_connect.o: ../../include/dns.h
#include <timed_connect.h>
#include <stringops.h>
#include <host_port.h>
+#include <sane_connect.h>
/* Global library. */
non_blocking(sock, BLOCKING);
errno = saved_errno;
} else {
- conn_stat = connect(sock, (struct sockaddr *) & sin, sizeof(sin));
+ conn_stat = sane_connect(sock, (struct sockaddr *) & sin, sizeof(sin));
}
if (conn_stat < 0) {
vstring_sprintf(why, "connect to %s[%s]: %m",
/* Disallow non-RFC 821 style addresses in SMTP commands. For example,
/* the RFC822-style address forms with comments that Sendmail allows.
/* .IP \fBbroken_sasl_auth_clients\fR
-/* Support older Microsoft clients that mis-implement the AUTH
+/* Support Microsoft clients that implement an older version of the AUTH
/* protocol, and that expect an EHLO response of "250 AUTH=list"
/* instead of "250 AUTH list".
/* .IP \fBsmtpd_noop_commands\fR
/* This parameter uses the same syntax as the right-hand side of
/* a Postfix transport table.
/* .SH "Authentication controls"
-/* .IP \fBenable_sasl_authentication\fR
+/* .IP \fBsmtpd_sasl_auth_enable\fR
/* Enable per-session authentication as per RFC 2554 (SASL).
/* This functionality is available only when explicitly selected
/* at program build time and explicitly enabled at runtime.
smtpd_state_init(&state, stream);
msg_info("connect from %s[%s]", state.name, state.addr);
- /*
- * XXX non_blocking() aborts upon error.
- */
-#ifdef BROKEN_READ_SELECT_ON_BLOCKING_SOCKET
- non_blocking(vstream_fileno(stream), NON_BLOCKING);
-#endif
-
/*
* See if we need to turn on verbose logging for this client.
*/
qmqp-source.o: ../../include/events.h
qmqp-source.o: ../../include/find_inet.h
qmqp-source.o: ../../include/netstring.h
+qmqp-source.o: ../../include/sane_connect.h
qmqp-source.o: ../../include/mail_date.h
qmqp-source.o: ../../include/qmqp_proto.h
smtp-sink.o: smtp-sink.c
smtp-sink.o: ../../include/mymalloc.h
smtp-sink.o: ../../include/msg_vstream.h
smtp-sink.o: ../../include/stringops.h
+smtp-sink.o: ../../include/sane_accept.h
smtp-sink.o: ../../include/smtp_stream.h
smtp-source.o: smtp-source.c
smtp-source.o: ../../include/sys_defs.h
smtp-source.o: ../../include/mymalloc.h
smtp-source.o: ../../include/events.h
smtp-source.o: ../../include/find_inet.h
+smtp-source.o: ../../include/sane_connect.h
smtp-source.o: ../../include/smtp_stream.h
smtp-source.o: ../../include/mail_date.h
#include <find_inet.h>
#include <iostuff.h>
#include <netstring.h>
+#include <sane_connect.h>
/* Global library. */
session->stream = vstream_fdopen(fd, O_RDWR);
event_enable_write(fd, connect_done, (char *) session);
netstring_setup(session->stream, var_timeout);
- if (connect(fd, sa, sa_length) < 0 && errno != EINPROGRESS)
+ if (sane_connect(fd, sa, sa_length) < 0 && errno != EINPROGRESS)
fail_connect(session);
}
#include <iostuff.h>
#include <msg_vstream.h>
#include <stringops.h>
+#include <sane_accept.h>
/* Global library. */
SINK_STATE *state;
int fd;
- if ((fd = accept(sock, &sa, &len)) >= 0) {
+ if ((fd = sane_accept(sock, &sa, &len)) >= 0) {
if (msg_verbose)
msg_info("connect (%s)",
#ifdef AF_LOCAL
#include <events.h>
#include <find_inet.h>
#include <iostuff.h>
+#include <sane_connect.h>
/* Global library. */
session->stream = vstream_fdopen(fd, O_RDWR);
event_enable_write(fd, connect_done, (char *) session);
smtp_timeout_setup(session->stream, var_timeout);
- if (connect(fd, sa, sa_length) < 0 && errno != EINPROGRESS)
+ if (sane_connect(fd, sa, sa_length) < 0 && errno != EINPROGRESS)
fail_connect(session);
}
unix_connect.c unix_listen.c unix_trigger.c unsafe.c username.c \
valid_hostname.c vbuf.c vbuf_print.c vstream.c vstream_popen.c \
vstring.c vstring_vstream.c watchdog.c writable.c write_buf.c \
- write_wait.c strcasecmp.c nvtable.c host_port.c
+ write_wait.c strcasecmp.c nvtable.c host_port.c sane_connect.c
OBJS = alldig.o argv.o argv_split.o attr_print0.o attr_print64.o \
attr_scan0.o attr_scan64.o base64_code.o basename.o binhash.o \
chroot_uid.o clean_env.o close_on_exec.o concatenate.o ctable.o \
unix_connect.o unix_listen.o unix_trigger.o unsafe.o username.o \
valid_hostname.o vbuf.o vbuf_print.o vstream.o vstream_popen.o \
vstring.o vstring_vstream.o watchdog.o writable.o write_buf.o \
- write_wait.o nvtable.o $(STRCASE) host_port.o
+ write_wait.o nvtable.o host_port.o sane_connect.o $(STRCASE)
HDRS = argv.h attr.h base64_code.h binhash.h chroot_uid.h clean_env.h \
connect.h ctable.h dict.h dict_db.h dict_dbm.h dict_env.h \
dict_ht.h dict_ldap.h dict_mysql.h dict_ni.h dict_nis.h \
split_at.h stat_as.h stringops.h sys_defs.h timed_connect.h \
timed_wait.h trigger.h username.h valid_hostname.h vbuf.h \
vbuf_print.h vstream.h vstring.h vstring_vstream.h watchdog.h \
- nvtable.h host_port.h
+ nvtable.h host_port.h sane_connect.h
TESTSRC = fifo_open.c fifo_rdwr_bug.c fifo_rdonly_bug.c select_bug.c \
stream_test.c dup2_pass_on_exec.c
WARN = -W -Wformat -Wimplicit -Wmissing-prototypes \
inet_connect.o: find_inet.h
inet_connect.o: inet_util.h
inet_connect.o: iostuff.h
+inet_connect.o: sane_connect.h
inet_connect.o: connect.h
inet_connect.o: timed_connect.h
inet_listen.o: inet_listen.c
msg_syslog.o: msg.h
msg_syslog.o: msg_output.h
msg_syslog.o: msg_syslog.h
+msg_syslog.o: safe.h
msg_vstream.o: msg_vstream.c
msg_vstream.o: sys_defs.h
msg_vstream.o: vstream.h
sane_accept.o: sys_defs.h
sane_accept.o: msg.h
sane_accept.o: sane_accept.h
+sane_connect.o: sane_connect.c
+sane_connect.o: sys_defs.h
+sane_connect.o: msg.h
+sane_connect.o: sane_connect.h
sane_link.o: sane_link.c
sane_link.o: sys_defs.h
sane_link.o: msg.h
timed_connect.o: sys_defs.h
timed_connect.o: msg.h
timed_connect.o: iostuff.h
+timed_connect.o: sane_connect.h
timed_connect.o: timed_connect.h
timed_read.o: timed_read.c
timed_read.o: sys_defs.h
+timed_read.o: msg.h
timed_read.o: iostuff.h
timed_wait.o: timed_wait.c
timed_wait.o: sys_defs.h
timed_wait.o: timed_wait.h
timed_write.o: timed_write.c
timed_write.o: sys_defs.h
+timed_write.o: msg.h
timed_write.o: iostuff.h
translit.o: translit.c
translit.o: sys_defs.h
unix_connect.o: sys_defs.h
unix_connect.o: msg.h
unix_connect.o: iostuff.h
+unix_connect.o: sane_connect.h
unix_connect.o: connect.h
unix_connect.o: timed_connect.h
unix_listen.o: unix_listen.c
#include "find_inet.h"
#include "inet_util.h"
#include "iostuff.h"
+#include "sane_connect.h"
#include "connect.h"
#include "timed_connect.h"
*/
else {
non_blocking(sock, block_mode);
- if (connect(sock, (struct sockaddr *) & sin, sizeof(sin)) < 0
+ if (sane_connect(sock, (struct sockaddr *) & sin, sizeof(sin)) < 0
&& errno != EINPROGRESS) {
close(sock);
return (-1);
int inet_accept(int fd)
{
- return (sane_accept(fd, (struct sockaddr *) 0, (SOCKADDR_SIZE *) 0));
+ struct sockaddr_in sin;
+ SOCKADDR_SIZE len = sizeof(sin);
+
+ return (sane_accept(fd, (struct sockaddr *) & sin, &len));
}
#include <errno.h>
#include <syslog.h>
#include <string.h>
+#include <time.h>
/* Application-specific. */
#include "msg.h"
#include "msg_output.h"
#include "msg_syslog.h"
+#include "safe.h"
/*
* Stay a little below the 2048-byte limit of older syslog()
{
static int first_call = 1;
+ /*
+ * XXX If this program is set-gid, then TZ must not be trusted.
+ * This scrubbing code is in the wrong place.
+ */
+ if (unsafe())
+ putenv("TZ=");
+ tzset();
openlog(name, LOG_NDELAY | logopt, facility);
if (first_call) {
first_call = 0;
/* DESCRIPTION
/* sane_accept() implements the accept(2) socket call, and maps
/* known harmless error results to EAGAIN.
+/*
+/* If the buf and len arguments are not null, then additional
+/* workarounds may be enabled that depend on the socket type.
/* BUGS
/* Bizarre systems may have other harmless error results. Such
/* systems encourage programers to ignore error results, and
}
}
}
+
+ /*
+ * XXX Solaris select() produces false read events, so that read() blocks
+ * forever on a blocking socket, and fails with EAGAIN on a non-blocking
+ * socket. Turning on keepalives will fix a blocking socket provided that
+ * the kernel's keepalive timer expires before the Postfix watchdog
+ * timer.
+ */
+#if defined(BROKEN_READ_SELECT_ON_TCP_SOCKET) && defined(SO_KEEPALIVE)
+ else if (sa != 0 && sa->sa_family == AF_INET) {
+ int on = 1;
+
+ (void) setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE,
+ (char *) &on, sizeof(on));
+ }
+#endif
return (fd);
}
--- /dev/null
+/*++
+/* NAME
+/* sane_connect 3
+/* SUMMARY
+/* sanitize connect() results
+/* SYNOPSIS
+/* #include <sane_connect.h>
+/*
+/* int sane_connect(sock, buf, len)
+/* int sock;
+/* struct sockaddr *buf;
+/* SOCKADDR_SIZE *len;
+/* DESCRIPTION
+/* sane_connect() implements the accept(2) socket call, and maps
+/* known harmless error results to EAGAIN.
+/* BUGS
+/* Bizarre systems may have other harmless error results. Such
+/* systems encourage programers to ignore error results, and
+/* penalizes programmers who code defensively.
+/* LICENSE
+/* .ad
+/* .fi
+/* The Secure Mailer license must be distributed with this software.
+/* AUTHOR(S)
+/* Wietse Venema
+/* IBM T.J. Watson Research
+/* P.O. Box 704
+/* Yorktown Heights, NY 10598, USA
+/*--*/
+
+/* System library. */
+
+#include "sys_defs.h"
+#include <sys/socket.h>
+#include <errno.h>
+
+/* Utility library. */
+
+#include "msg.h"
+#include "sane_connect.h"
+
+/* sane_connect - sanitize connect() results */
+
+int sane_connect(int sock, struct sockaddr * sa, SOCKADDR_SIZE len)
+{
+
+ /*
+ * XXX Solaris select() produces false read events, so that read() blocks
+ * forever on a blocking socket, and fails with EAGAIN on a non-blocking
+ * socket. Turning on keepalives will fix a blocking socket provided that
+ * the kernel's keepalive timer expires before the Postfix watchdog
+ * timer.
+ */
+#if defined(BROKEN_READ_SELECT_ON_TCP_SOCKET) && defined(SO_KEEPALIVE)
+ if (sa->sa_family == AF_INET) {
+ int on = 1;
+
+ (void) setsockopt(sock, SOL_SOCKET, SO_KEEPALIVE,
+ (char *) &on, sizeof(on));
+ }
+#endif
+ return (connect(sock, sa, len));
+}
--- /dev/null
+#ifndef _SANE_CONNECT_H_
+#define _SANE_CONNECT_H_
+
+/*++
+/* NAME
+/* sane_connect 3h
+/* SUMMARY
+/* sanitize connect() results
+/* SYNOPSIS
+/* #include <sane_connect.h>
+/* DESCRIPTION
+/* .nf
+
+ /* External interface. */
+
+extern int sane_connect(int, struct sockaddr *, SOCKADDR_SIZE);
+
+/* LICENSE
+/* .ad
+/* .fi
+/* The Secure Mailer license must be distributed with this software.
+/* AUTHOR(S)
+/* Wietse Venema
+/* IBM T.J. Watson Research
+/* P.O. Box 704
+/* Yorktown Heights, NY 10598, USA
+/*--*/
+
+#endif
#define LOCAL_CONNECT stream_connect
#define LOCAL_TRIGGER stream_trigger
#define HAS_VOLATILE_LOCKS
-#define BROKEN_READ_SELECT_ON_BLOCKING_SOCKET
+#define BROKEN_READ_SELECT_ON_TCP_SOCKET
/*
* Allow build environment to override paths.
*/
#include "msg.h"
#include "iostuff.h"
+#include "sane_connect.h"
#include "timed_connect.h"
/* timed_connect - connect with deadline */
/*
* Start the connection, and handle all possible results.
*/
- if (connect(sock, sa, len) == 0)
+ if (sane_connect(sock, sa, len) == 0)
return (0);
if (errno != EINPROGRESS)
return (-1);
#include "msg.h"
#include "iostuff.h"
+#include "sane_connect.h"
#include "connect.h"
#include "timed_connect.h"
*/
else {
non_blocking(sock, block_mode);
- if (connect(sock, (struct sockaddr *) & sun, sizeof(sun)) < 0
+ if (sane_connect(sock, (struct sockaddr *) & sun, sizeof(sun)) < 0
&& errno != EINPROGRESS) {
close(sock);
return (-1);
projects / thirdparty / postfix.git / commitdiff
