postfix-2.5.15

diff --git a/postfix/HISTORY b/postfix/HISTORY
index db434c13fa39468625d74d38473611a230cc7d48..3c853f8f3e2aaa9fc7e1bcffa7f891ddb7935dde 100644 (file)
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@@ -14721,3 +14721,22 @@ Apologies for any names omitted.
        IP queries" even if the name has an alphanumerical prefix.
        We play safe, and skip RHSBL queries for names ending in a
        numerical suffix.  File: smtpd/smtpd_check.c.
+
+20110811
+
+        Workaround: report a {client_connections} Milter macro value
+        of zero instead of garbage, when the remote SMTP client is
+        not subject to any smtpd_client_* limits. Problem reported
+        by Christian Roessner. File: smtpd/smtpd_state.c,
+        proto/MILTER_README.html.
+
+20110831
+
+       Bugfix: allow for Milters that send an SMTP server reply
+       without RFC 3463 enhanced status code. Reported by Vladimir
+       Vassiliev.  File: milter/milter8.c.
+
+20110902
+
+       Bitrot: OpenSSL const-ified some function result value.
+       Files: tls/tls_client.c, tls/tls_server.c.

diff --git a/postfix/README_FILES/MILTER_README b/postfix/README_FILES/MILTER_README
index a67fa044d3200ee323102e69c767d020dd8209ac..05d0776c8c0b139b499bfa6e7443b6b456a6057f 100644 (file)
--- a/postfix/README_FILES/MILTER_README
+++ b/postfix/README_FILES/MILTER_README
@@ -333,8 +333,11 @@ Sendmail. See the workarounds section below for solutions.
     |_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
     |{client_addr}       |Always                   |Client IP address         |
     |_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
-    |{client_connections}|CONNECT                  |Connection concurrency for|
-    |                    |                         |this client               |
+    |                    |                         |Connection concurrency for|
+    |                    |                         |this client (zero if the  |
+    |{client_connections}|CONNECT                  |client is excluded from   |
+    |                    |                         |all smtpd_client_*        |
+    |                    |                         |limits).                  |
     |_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
     |                    |                         |Client hostname, "unknown"|
     |{client_name}       |Always                   |when lookup or            |

diff --git a/postfix/html/MILTER_README.html b/postfix/html/MILTER_README.html
index ce06e5ca28396ad600244f11c05d5c95fdea5677..b6eb07dcac38909244b48b397a750f62cc81d57f 100644 (file)
--- a/postfix/html/MILTER_README.html
+++ b/postfix/html/MILTER_README.html
@@ -547,7 +547,8 @@ login method </td> </tr>
 address </td> </tr>
 
 <tr> <td> {client_connections} </td> <td> CONNECT </td> <td>
-Connection concurrency for this client </td> </tr>
+Connection concurrency for this client (zero if the client is
+excluded from all smtpd_client_* limits). </td> </tr>
 
 <tr> <td> {client_name} </td> <td> Always </td> <td> Client hostname,
 "unknown" when lookup or verification fails </td> </tr>

diff --git a/postfix/proto/MILTER_README.html b/postfix/proto/MILTER_README.html
index 5085ed8a088e987ab423e691919b0f9c6e558c86..34a05fea3654c3eb1da4f629682d6b48b05b4e2c 100644 (file)
--- a/postfix/proto/MILTER_README.html
+++ b/postfix/proto/MILTER_README.html
@@ -547,7 +547,8 @@ login method </td> </tr>
 address </td> </tr>
 
 <tr> <td> {client_connections} </td> <td> CONNECT </td> <td>
-Connection concurrency for this client </td> </tr>
+Connection concurrency for this client (zero if the client is
+excluded from all smtpd_client_* limits). </td> </tr>
 
 <tr> <td> {client_name} </td> <td> Always </td> <td> Client hostname,
 "unknown" when lookup or verification fails </td> </tr>

diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h
index 4d11674beb3ca0af3491273881acff43bfa6591d..ded3e42c6960aa61e9f32a302b69b881d45387c9 100644 (file)
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -20,8 +20,8 @@
   * Patches change both the patchlevel and the release date. Snapshots have no
   * patchlevel; they change the release date only.
   */
-#define MAIL_RELEASE_DATE      "20110707"
-#define MAIL_VERSION_NUMBER    "2.5.14"
+#define MAIL_RELEASE_DATE      "20110902"
+#define MAIL_VERSION_NUMBER    "2.5.15"
 
 #ifdef SNAPSHOT
 # define MAIL_VERSION_DATE     "-" MAIL_RELEASE_DATE

diff --git a/postfix/src/milter/milter8.c b/postfix/src/milter/milter8.c
index aa1a75c7ebc0c30870e621a8a54dd577aecd5b67..a49d608ed80c8771c0f2cf8982c1e63a04623676 100644 (file)
--- a/postfix/src/milter/milter8.c
+++ b/postfix/src/milter/milter8.c
@@ -1248,11 +1248,13 @@ static const char *milter8_event(MILTER8 *milter, int event,
                                  MILTER8_DATA_BUFFER, milter->buf,
                                  MILTER8_DATA_END) != 0)
                MILTER8_EVENT_BREAK(milter->def_reply);
+           /* XXX Enforce this for each line of a multi-line reply. */
            if ((STR(milter->buf)[0] != '4' && STR(milter->buf)[0] != '5')
                || !ISDIGIT(STR(milter->buf)[1])
                || !ISDIGIT(STR(milter->buf)[2])
                || (STR(milter->buf)[3] != ' ' && STR(milter->buf)[3] != '-')
-               || STR(milter->buf)[4] != STR(milter->buf)[0]) {
+               || (ISDIGIT(STR(milter->buf)[4])
+                   && (STR(milter->buf)[4] != STR(milter->buf)[0]))) {
                msg_warn("milter %s: malformed reply: %s",
                         milter->m.name, STR(milter->buf));
                milter8_conf_error(milter);

diff --git a/postfix/src/smtpd/smtpd_state.c b/postfix/src/smtpd/smtpd_state.c
index a104a117424c5c1dfcc7a09e4388c76df3bd6138..3357d6e2e9eeb21cbcbfeff51cad552aa9efc03a 100644 (file)
--- a/postfix/src/smtpd/smtpd_state.c
+++ b/postfix/src/smtpd/smtpd_state.c
@@ -84,6 +84,7 @@ void    smtpd_state_init(SMTPD_STATE *state, VSTREAM *stream,
     state->service = mystrdup(service);
     state->buffer = vstring_alloc(100);
     state->addr_buf = vstring_alloc(100);
+    state->conn_count = state->conn_rate = 0;
     state->error_count = 0;
     state->error_mask = 0;
     state->notify_mask = name_mask(VAR_NOTIFY_CLASSES, mail_error_masks,

diff --git a/postfix/src/tls/tls_client.c b/postfix/src/tls/tls_client.c
index 04d186c36a4bb89dc1b030057169620858de04e2..ccee0bce345c38b6982ddaa374e823af5f7e3d7c 100644 (file)
--- a/postfix/src/tls/tls_client.c
+++ b/postfix/src/tls/tls_client.c
@@ -721,7 +721,7 @@ TLS_SESS_STATE *tls_client_start(const TLS_CLIENT_START_PROPS *props)
     int     protomask;
     const char *cipher_list;
     SSL_SESSION *session;
-    SSL_CIPHER *cipher;
+    const SSL_CIPHER *cipher;
     X509   *peercert;
     TLS_SESS_STATE *TLScontext;
     TLS_APPL_STATE *app_ctx = props->ctx;

diff --git a/postfix/src/tls/tls_server.c b/postfix/src/tls/tls_server.c
index efca6be42bf2776b1d09fc0d49f3ef66cebe65c9..6d2d6410fdff931f499ada17b41d38c39a920767 100644 (file)
--- a/postfix/src/tls/tls_server.c
+++ b/postfix/src/tls/tls_server.c
@@ -545,7 +545,7 @@ TLS_SESS_STATE *tls_server_start(const TLS_SERVER_START_PROPS *props)
 {
     int     sts;
     TLS_SESS_STATE *TLScontext;
-    SSL_CIPHER *cipher;
+    const SSL_CIPHER *cipher;
     X509   *peer;
     char    buf[CCERT_BUFSIZ];
     const char *cipher_list;