restrictions. Files: dns/dns.h, dns/dns_lookup.c, dns/dns_rr.c,
dns/test_dns_lookup.c, posttls-finger/posttls-finger.c,
smtp/smtp_addr.c, smtpd/smtpd_check.c.
+
+20240930
+
+ Bugfix (defect introduced: Postfix 2.9, date 20111218):
+ with "smtpd_sasl_auth_enable = no", info received with
+ XCLIENT LOGIN was ignored by permit_sasl_authenticated.
+ The fix was to remove a test and to rely solely on the
+ sasl_mechanism property which is null when a remote SMTP
+ client is not authenticated. File: src/smtpd/smtpd_check.c.
+
+20241021
+
+ Bugfix (defect introduced: postfix 3.0): the default master.cf
+ syslog_name setting for the relay service did not preserve
+ multi-instance information. File: conf/master.cf.
+
+20241027
+
+ Bugfix (defect introduced: Postfix 2.3, date 20051222):
+ file descriptor leak after failure to connect to a Dovecot
+ auth server. The impact is limited because there are limits
+ on the number of retries (one), on the number of errors per
+ SMTP session (smtpd_hard_error_limit), on the number of
+ sessions per SMTP server process (max_use), and on the
+ number file handles per process (managed with sysctl).
+ File: xsasl/xsasl_dovecot_server.c.
+
+20241122
+
+ Bugfix (defect introduced: Postfix 3.4, date 20190121): the
+ postsuper command failed with "open logfile 'xxx': Permission
+ denied" when the maillog_file parameter specified a filename
+ and Postfix was not running. This was fixed by opening the
+ maillog_file before dropping root privileges. Files:
+ util/msg_logger.c, global/maillog_client.c.
+
+20241201
+
+ Bugfix (defect introduced Postfix 3.0). Missing UTF8
+ autodetection for headers that are automatically generated
+ by Postfix (for example, a From: header with UTF8 full name
+ information from the password file). Reported by Michael
+ Tokarev. File: src/cleanup/cleanup_message.c.
proxywrite unix - - n - 1 proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
- -o syslog_name=postfix/$service_name
+ -o syslog_name=${multi_instance_name?{$multi_instance_name}:{postfix}}/$service_name
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - n - - showq
error unix - - n - - error
vstring_sprintf(state->temp1, "%s.%s@%s",
time_stamp, state->queue_id, var_myhostname);
}
- cleanup_out_format(state, REC_TYPE_NORM, "%sMessage-Id: <%s>",
- state->resent, vstring_str(state->temp1));
+ vstring_sprintf(state->temp2, "%sMessage-Id: <%s>",
+ state->resent, vstring_str(state->temp1));
+ cleanup_out_header(state, state->temp2);
msg_info("%s: %smessage-id=<%s>",
state->queue_id, *state->resent ? "resent-" : "",
vstring_str(state->temp1));
if ((state->hdr_rewrite_context || var_always_add_hdrs)
&& (state->headers_seen & (1 << (state->resent[0] ?
HDR_RESENT_DATE : HDR_DATE))) == 0) {
- cleanup_out_format(state, REC_TYPE_NORM, "%sDate: %s",
+ vstring_sprintf(state->temp2, "%sDate: %s",
state->resent, mail_date(state->arrival_time.tv_sec));
+ cleanup_out_header(state, state->temp2);
}
/*
vstring_sprintf(state->temp2, "%sFrom: %s",
state->resent, vstring_str(state->temp1));
}
- CLEANUP_OUT_BUF(state, REC_TYPE_NORM, state->temp2);
+ cleanup_out_header(state, state->temp2);
}
/*
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20240304"
-#define MAIL_VERSION_NUMBER "3.8.6"
+#define MAIL_RELEASE_DATE "20241204"
+#define MAIL_VERSION_NUMBER "3.8.7"
#ifdef SNAPSHOT
#define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE
static void maillog_client_logwriter_fallback(const char *text)
{
static int fallback_guard = 0;
+ static VSTREAM *fp;
/*
* Guard against recursive calls.
* logfile. All we can do is to hope that stderr logging will bring out
* the bad news.
*/
- if (fallback_guard == 0 && var_maillog_file && *var_maillog_file
- && logwriter_one_shot(var_maillog_file, text, strlen(text)) < 0) {
- fallback_guard = 1;
- msg_fatal("logfile '%s' write error: %m", var_maillog_file);
+ if (fallback_guard++ == 0 && var_maillog_file && *var_maillog_file) {
+ if (text == 0 && fp != 0) {
+ (void) vstream_fclose(fp);
+ fp = 0;
+ }
+ if (fp == 0) {
+ fp = logwriter_open_or_die(var_maillog_file);
+ close_on_exec(vstream_fileno(fp), CLOSE_ON_EXEC);
+ }
+ if (text && (logwriter_write(fp, text, strlen(text)) != 0 ||
+ vstream_fflush(fp) != 0)) {
+ msg_fatal("logfile '%s' write error: %m", var_maillog_file);
+ }
+ fallback_guard = 0;
}
}
cpp[1], CHECK_RELAY_DOMAINS);
} else if (strcasecmp(name, PERMIT_SASL_AUTH) == 0) {
#ifdef USE_SASL_AUTH
- if (smtpd_sasl_is_active(state)) {
- status = permit_sasl_auth(state,
- SMTPD_CHECK_OK, SMTPD_CHECK_DUNNO);
- if (status == SMTPD_CHECK_OK)
- status = smtpd_acl_permit(state, name, SMTPD_NAME_CLIENT,
- state->namaddr, NO_PRINT_ARGS);
- }
+ status = permit_sasl_auth(state,
+ SMTPD_CHECK_OK, SMTPD_CHECK_DUNNO);
+ if (status == SMTPD_CHECK_OK)
+ status = smtpd_acl_permit(state, name, SMTPD_NAME_CLIENT,
+ state->namaddr, NO_PRINT_ARGS);
#endif
} else if (strcasecmp(name, PERMIT_TLS_ALL_CLIENTCERTS) == 0) {
status = permit_tls_clientcerts(state, 1);
/* Override the fallback setting (see above) with the specified
/* function pointer. This remains in effect until the next
/* msg_logger_init() or msg_logger_control() call.
+/* When the function is called with a null argument, it should
+/* allocate resources immediately. This is needed in programs
+/* that drop privileges after process initialization.
/* .IP CA_MSG_LOGGER_CTL_DISABLE
/* Disable the msg_logger. This remains in effect until the
/* next msg_logger_init() call.
msg_logger_disconnect();
if (MSG_LOGGER_NEED_SOCKET())
msg_logger_connect();
+ if (msg_logger_sock == MSG_LOGGER_SOCK_NONE
+ && msg_logger_fallback_fn)
+ msg_logger_fallback_fn((char *) 0);
break;
default:
msg_panic("%s: bad name %d", myname, name);
(unsigned int) getpid());
if (vstream_fflush(sasl_stream) == VSTREAM_EOF) {
msg_warn("SASL: Couldn't send handshake: %m");
+ (void) vstream_fclose(sasl_stream);
return (-1);
}
success = 0;
projects / thirdparty / postfix.git / commitdiff
