-TINTV
-TINT_TABLE
-TJMP_BUF_WRAPPER
+-TLDAP
+-TLDAPMessage
-TLDAP_CONN
-TLMTP_ATTR
-TLMTP_RESP
20061227
- Bugfix: the MX hostname syntax check was accidentally skipped
- with reject_unknown_helo_hostname/sender_domain/recipient_domain.
- File: smtpd/smtpd_check.c.
+ Bugfix (introduced with Postfix 2.3): the MX hostname syntax
+ check was skipped with reject_unknown_helo_hostname and
+ reject_unknown_sender/recipient_domain, so that Postfix
+ would still accept mail from domains with a zero-length MX
+ hostname. File: smtpd/smtpd_check.c.
20061229
Cleanup: use separate TLS_LEGACY_README to document the old
TLS user interface. This will simplify TLS_README dramatically.
+ Cleanup: untangled spaghetti code. File: util/inet_listen.c.
+
+20070104
+
+ Bugfix (introduced Postfix 2.3): when creating an alias map
+ on a NIS-enabled system, don't case-fold the YP_MASTER_NAME
+ and YP_LAST_MODIFIED lookup keys. This requires that an
+ application can turn on/off case folding on the fly. Files:
+ postalias/postalias.c, global/dict_mumble.c, util/dict_mumble.c,
+ proxymap/proxymap.c.
+
+ Cleanup: after the above revision of the proxymap protocol,
+ the proxymap server can now share the same map with clients
+ that have only minor differences in dictionary open/access
+ options.
+
Wish list:
+ Update BACKSCATTER_README to use PCRE because that's what I
+ am using now.
+
Update MILTER_README with Martinec info.
Make postcat header/body aware so people can grep headers.
$database_name="/var/mta/greylist.db";
$greylist_delay=60;
+#
+# Auto-whitelist threshold. Specify 0 to disable, or the number of
+# successful "come backs" after which a client is no longer subject
+# to greylisting.
+#
+$auto_whitelist_threshold = 10;
+
#
# Syslogging options for verbose mode and for fatal errors.
# NOTE: comment out the $syslog_socktype line if syslogging does not
# table. Request attributes are available via the %attr hash.
#
sub smtpd_access_policy {
- my($key, $time_stamp, $now);
+ my($key, $time_stamp, $now, $count);
# Open the database on the fly.
open_database() unless $database_obj;
+ # Search the auto-whitelist.
+ if ($auto_whitelist_threshold > 0) {
+ $count = read_database($attr{"client_address"});
+ if ($count > $auto_whitelist_threshold) {
+ return "dunno";
+ }
+ }
+
# Lookup the time stamp for this client/sender/recipient.
$key =
lc $attr{"client_address"}."/".$attr{"sender"}."/".$attr{"recipient"};
#
syslog $syslog_priority, "request age %d", $now - $time_stamp if $verbose;
if ($now - $time_stamp > $greylist_delay) {
+ # Update the auto-whitelist.
+ if ($auto_whitelist_threshold > 0) {
+ update_database($attr{"client_address"}, $count + 1);
+ }
return "dunno";
} else {
return "defer_if_permit Service is unavailable";
<b>-f</b> Do not fold the lookup key to lower case while cre-
ating or querying a table.
- <b>-i</b> Incremental mode. Read entries from standard input
+ With Postfix version 2.3 and later, this option has
+ no effect for regular expression tables. There,
+ case folding is controlled by appending a flag to a
+ pattern.
+
+ <b>-i</b> Incremental mode. Read entries from standard input
and do not truncate an existing database. By
- default, <a href="postalias.1.html"><b>postalias</b>(1)</a> creates a new database from
+ default, <a href="postalias.1.html"><b>postalias</b>(1)</a> creates a new database from
the entries in <i>file</i><b>_</b><i>name</i>.
- <b>-N</b> Include the terminating null character that termi-
- nates lookup keys and values. By default, <b>postal-</b>
- <b>ias</b>(1) does whatever is the default for the host
+ <b>-N</b> Include the terminating null character that termi-
+ nates lookup keys and values. By default, <b>postal-</b>
+ <b>ias</b>(1) does whatever is the default for the host
operating system.
- <b>-n</b> Don't include the terminating null character that
- terminates lookup keys and values. By default,
- <a href="postalias.1.html"><b>postalias</b>(1)</a> does whatever is the default for the
+ <b>-n</b> Don't include the terminating null character that
+ terminates lookup keys and values. By default,
+ <a href="postalias.1.html"><b>postalias</b>(1)</a> does whatever is the default for the
host operating system.
- <b>-o</b> Do not release root privileges when processing a
+ <b>-o</b> Do not release root privileges when processing a
non-root input file. By default, <a href="postalias.1.html"><b>postalias</b>(1)</a> drops
- root privileges and runs as the source file owner
+ root privileges and runs as the source file owner
instead.
<b>-p</b> Do not inherit the file access permissions from the
input file when creating a new file. Instead, cre-
- ate a new file with default access permissions
+ ate a new file with default access permissions
(mode 0644).
- <b>-q</b> <i>key</i> Search the specified maps for <i>key</i> and write the
- first value found to the standard output stream.
+ <b>-q</b> <i>key</i> Search the specified maps for <i>key</i> and write the
+ first value found to the standard output stream.
The exit status is zero when the requested informa-
tion was found.
If a key value of <b>-</b> is specified, the program reads
- key values from the standard input stream and
- writes one line of <i>key: value</i> output for each key
- that was found. The exit status is zero when at
+ key values from the standard input stream and
+ writes one line of <i>key: value</i> output for each key
+ that was found. The exit status is zero when at
least one of the requested keys was found.
<b>-r</b> When updating a table, do not complain about
attempts to update existing entries, and make those
updates anyway.
- <b>-s</b> Retrieve all database elements, and write one line
+ <b>-s</b> Retrieve all database elements, and write one line
of <i>key: value</i> output for each element. The elements
- are printed in database order, which is not neces-
- sarily the same as the original input order. This
- feature is available in Postfix version 2.2 and
+ are printed in database order, which is not neces-
+ sarily the same as the original input order. This
+ feature is available in Postfix version 2.2 and
later, and is not available for all database types.
<b>-v</b> Enable verbose logging for debugging purposes. Mul-
- tiple <b>-v</b> options make the software increasingly
+ tiple <b>-v</b> options make the software increasingly
verbose.
<b>-w</b> When updating a table, do not complain about
- attempts to update existing entries, and ignore
+ attempts to update existing entries, and ignore
those attempts.
Arguments:
<i>file</i><b>_</b><i>type</i>
- The database type. To find out what types are sup-
+ The database type. To find out what types are sup-
ported, use the "<b>postconf -m</b>" command.
- The <a href="postalias.1.html"><b>postalias</b>(1)</a> command can query any supported
- file type, but it can create only the following
+ The <a href="postalias.1.html"><b>postalias</b>(1)</a> command can query any supported
+ file type, but it can create only the following
file types:
- <b>btree</b> The output is a btree file, named
- <i>file</i><b>_</b><i>name</i><b>.db</b>. This is available on systems
+ <b>btree</b> The output is a btree file, named
+ <i>file</i><b>_</b><i>name</i><b>.db</b>. This is available on systems
with support for <b>db</b> databases.
- <b>cdb</b> The output is one file named <i>file</i><b>_</b><i>name</i><b>.cdb</b>.
- This is available on systems with support
+ <b>cdb</b> The output is one file named <i>file</i><b>_</b><i>name</i><b>.cdb</b>.
+ This is available on systems with support
for <b>cdb</b> databases.
- <b>dbm</b> The output consists of two files, named
- <i>file</i><b>_</b><i>name</i><b>.pag</b> and <i>file</i><b>_</b><i>name</i><b>.dir</b>. This is
- available on systems with support for <b>dbm</b>
+ <b>dbm</b> The output consists of two files, named
+ <i>file</i><b>_</b><i>name</i><b>.pag</b> and <i>file</i><b>_</b><i>name</i><b>.dir</b>. This is
+ available on systems with support for <b>dbm</b>
databases.
- <b>hash</b> The output is a hashed file, named
- <i>file</i><b>_</b><i>name</i><b>.db</b>. This is available on systems
+ <b>hash</b> The output is a hashed file, named
+ <i>file</i><b>_</b><i>name</i><b>.db</b>. This is available on systems
with support for <b>db</b> databases.
- <b>sdbm</b> The output consists of two files, named
- <i>file</i><b>_</b><i>name</i><b>.pag</b> and <i>file</i><b>_</b><i>name</i><b>.dir</b>. This is
- available on systems with support for <b>sdbm</b>
+ <b>sdbm</b> The output consists of two files, named
+ <i>file</i><b>_</b><i>name</i><b>.pag</b> and <i>file</i><b>_</b><i>name</i><b>.dir</b>. This is
+ available on systems with support for <b>sdbm</b>
databases.
- When no <i>file</i><b>_</b><i>type</i> is specified, the software uses
- the
database type specified via the <b><a href="postconf.5.html#default_database_type">default_data</a>-</b>
+ When no <i>file</i><b>_</b><i>type</i> is specified, the software uses
+ the
database type specified via the <b><a href="postconf.5.html#default_database_type">default_data</a>-</b>
<b><a href="postconf.5.html#default_database_type">base_type</a></b> configuration parameter. The default
- value for this parameter depends on the host envi-
+ value for this parameter depends on the host envi-
ronment.
<i>file</i><b>_</b><i>name</i>
- The name of the alias database source file when
+ The name of the alias database source file when
creating a database.
<b>DIAGNOSTICS</b>
- Problems are logged to the standard error stream and to
- <b>syslogd</b>(8). No output means that no problems were
- detected. Duplicate entries are skipped and are flagged
+ Problems are logged to the standard error stream and to
+ <b>syslogd</b>(8). No output means that no problems were
+ detected. Duplicate entries are skipped and are flagged
with a warning.
- <a href="postalias.1.html"><b>postalias</b>(1)</a> terminates with zero exit status in case of
- success (including successful "<b>postalias -q</b>" lookup) and
+ <a href="postalias.1.html"><b>postalias</b>(1)</a> terminates with zero exit status in case of
+ success (including successful "<b>postalias -q</b>" lookup) and
terminates with non-zero exit status in case of failure.
<b>ENVIRONMENT</b>
Enable verbose logging for debugging purposes.
<b>CONFIGURATION PARAMETERS</b>
- The following <a href="postconf.5.html"><b>main.cf</b></a> parameters are especially relevant
+ The following <a href="postconf.5.html"><b>main.cf</b></a> parameters are especially relevant
to this program.
- The text below provides only a parameter summary. See
+ The text below provides only a parameter summary. See
<a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
<b><a href="postconf.5.html#alias_database">alias_database</a> (see 'postconf -d' output)</b>
- The alias databases for <a href="local.8.html"><b>local</b>(8)</a> delivery that are
+ The alias databases for <a href="local.8.html"><b>local</b>(8)</a> delivery that are
updated with "<b>newaliases</b>" or with "<b>sendmail -bi</b>".
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
- The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
+ The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
<a href="master.5.html">master.cf</a> configuration files.
<b><a href="postconf.5.html#berkeley_db_create_buffer_size">berkeley_db_create_buffer_size</a> (16777216)</b>
- The per-table I/O buffer size for programs that
+ The per-table I/O buffer size for programs that
create Berkeley DB hash or btree tables.
<b><a href="postconf.5.html#berkeley_db_read_buffer_size">berkeley_db_read_buffer_size</a> (131072)</b>
- The per-table I/O buffer size for programs that
+ The per-table I/O buffer size for programs that
read Berkeley DB hash or btree tables.
<b><a href="postconf.5.html#default_database_type">default_database_type</a> (see 'postconf -d' output)</b>
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the
- process name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b>STANDARDS</b>
<a href="DATABASE_README.html">DATABASE_README</a>, Postfix lookup table overview
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
<b>-f</b> Do not fold the lookup key to lower case while cre-
ating or querying a table.
- <b>-i</b> Incremental mode. Read entries from standard input
+ With Postfix version 2.3 and later, this option has
+ no effect for regular expression tables. There,
+ case folding is controlled by appending a flag to a
+ pattern.
+
+ <b>-i</b> Incremental mode. Read entries from standard input
and do not truncate an existing database. By
default, <a href="postmap.1.html"><b>postmap</b>(1)</a> creates a new database from the
entries in <b>file_name</b>.
- <b>-N</b> Include the terminating null character that termi-
- nates lookup keys and values. By default,
- <a href="postmap.1.html"><b>postmap</b>(1)</a> does whatever is the default for the
+ <b>-N</b> Include the terminating null character that termi-
+ nates lookup keys and values. By default,
+ <a href="postmap.1.html"><b>postmap</b>(1)</a> does whatever is the default for the
host operating system.
- <b>-n</b> Don't include the terminating null character that
- terminates lookup keys and values. By default,
- <a href="postmap.1.html"><b>postmap</b>(1)</a> does whatever is the default for the
+ <b>-n</b> Don't include the terminating null character that
+ terminates lookup keys and values. By default,
+ <a href="postmap.1.html"><b>postmap</b>(1)</a> does whatever is the default for the
host operating system.
- <b>-o</b> Do not release root privileges when processing a
- non-root input file. By default, <a href="postmap.1.html"><b>postmap</b>(1)</a> drops
- root privileges and runs as the source file owner
+ <b>-o</b> Do not release root privileges when processing a
+ non-root input file. By default, <a href="postmap.1.html"><b>postmap</b>(1)</a> drops
+ root privileges and runs as the source file owner
instead.
<b>-p</b> Do not inherit the file access permissions from the
input file when creating a new file. Instead, cre-
- ate a new file with default access permissions
+ ate a new file with default access permissions
(mode 0644).
- <b>-q</b> <i>key</i> Search the specified maps for <i>key</i> and write the
- first value found to the standard output stream.
+ <b>-q</b> <i>key</i> Search the specified maps for <i>key</i> and write the
+ first value found to the standard output stream.
The exit status is zero when the requested informa-
tion was found.
If a key value of <b>-</b> is specified, the program reads
- key values from the standard input stream and
- writes one line of <i>key value</i> output for each key
- that was found. The exit status is zero when at
+ key values from the standard input stream and
+ writes one line of <i>key value</i> output for each key
+ that was found. The exit status is zero when at
least one of the requested keys was found.
<b>-r</b> When updating a table, do not complain about
attempts to update existing entries, and make those
updates anyway.
- <b>-s</b> Retrieve all database elements, and write one line
- of <i>key value</i> output for each element. The elements
- are printed in database order, which is not neces-
- sarily the same as the original input order. This
- feature is available in Postfix version 2.2 and
+ <b>-s</b> Retrieve all database elements, and write one line
+ of <i>key value</i> output for each element. The elements
+ are printed in database order, which is not neces-
+ sarily the same as the original input order. This
+ feature is available in Postfix version 2.2 and
later, and is not available for all database types.
<b>-v</b> Enable verbose logging for debugging purposes. Mul-
- tiple <b>-v</b> options make the software increasingly
+ tiple <b>-v</b> options make the software increasingly
verbose.
<b>-w</b> When updating a table, do not complain about
- attempts to update existing entries, and ignore
+ attempts to update existing entries, and ignore
those attempts.
Arguments:
<i>file</i><b>_</b><i>type</i>
- The database type. To find out what types are sup-
+ The database type. To find out what types are sup-
ported, use the "<b>postconf -m</b>" command.
The <a href="postmap.1.html"><b>postmap</b>(1)</a> command can query any supported file
- type, but it can create only the following file
+ type, but it can create only the following file
types:
- <b>btree</b> The output file is a btree file, named
- <i>file</i><b>_</b><i>name</i><b>.db</b>. This is available on systems
+ <b>btree</b> The output file is a btree file, named
+ <i>file</i><b>_</b><i>name</i><b>.db</b>. This is available on systems
with support for <b>db</b> databases.
<b>cdb</b> The output consists of one file, named
<i>file</i><b>_</b><i>name</i><b>.cdb</b>. This is available on systems
with support for <b>cdb</b> databases.
- <b>dbm</b> The output consists of two files, named
- <i>file</i><b>_</b><i>name</i><b>.pag</b> and <i>file</i><b>_</b><i>name</i><b>.dir</b>. This is
- available on systems with support for <b>dbm</b>
+ <b>dbm</b> The output consists of two files, named
+ <i>file</i><b>_</b><i>name</i><b>.pag</b> and <i>file</i><b>_</b><i>name</i><b>.dir</b>. This is
+ available on systems with support for <b>dbm</b>
databases.
- <b>hash</b> The output file is a hashed file, named
- <i>file</i><b>_</b><i>name</i><b>.db</b>. This is available on systems
+ <b>hash</b> The output file is a hashed file, named
+ <i>file</i><b>_</b><i>name</i><b>.db</b>. This is available on systems
with support for <b>db</b> databases.
- <b>sdbm</b> The output consists of two files, named
- <i>file</i><b>_</b><i>name</i><b>.pag</b> and <i>file</i><b>_</b><i>name</i><b>.dir</b>. This is
- available on systems with support for <b>sdbm</b>
+ <b>sdbm</b> The output consists of two files, named
+ <i>file</i><b>_</b><i>name</i><b>.pag</b> and <i>file</i><b>_</b><i>name</i><b>.dir</b>. This is
+ available on systems with support for <b>sdbm</b>
databases.
- When no <i>file</i><b>_</b><i>type</i> is specified, the software uses
- the
database type specified via the <b><a href="postconf.5.html#default_database_type">default_data</a>-</b>
+ When no <i>file</i><b>_</b><i>type</i> is specified, the software uses
+ the
database type specified via the <b><a href="postconf.5.html#default_database_type">default_data</a>-</b>
<b><a href="postconf.5.html#default_database_type">base_type</a></b> configuration parameter.
<i>file</i><b>_</b><i>name</i>
- The name of the lookup table source file when
+ The name of the lookup table source file when
rebuilding a database.
<b>DIAGNOSTICS</b>
- Problems are logged to the standard error stream and to
- <b>syslogd</b>(8). No output means that no problems were
- detected. Duplicate entries are skipped and are flagged
+ Problems are logged to the standard error stream and to
+ <b>syslogd</b>(8). No output means that no problems were
+ detected. Duplicate entries are skipped and are flagged
with a warning.
- <a href="postmap.1.html"><b>postmap</b>(1)</a> terminates with zero exit status in case of
- success (including successful "<b>postmap -q</b>" lookup) and
+ <a href="postmap.1.html"><b>postmap</b>(1)</a> terminates with zero exit status in case of
+ success (including successful "<b>postmap -q</b>" lookup) and
terminates with non-zero exit status in case of failure.
<b>ENVIRONMENT</b>
Enable verbose logging for debugging purposes.
<b>CONFIGURATION PARAMETERS</b>
- The following <a href="postconf.5.html"><b>main.cf</b></a> parameters are especially relevant
+ The following <a href="postconf.5.html"><b>main.cf</b></a> parameters are especially relevant
to this program. The text below provides only a parameter
- summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including exam-
+ summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including exam-
ples.
<b><a href="postconf.5.html#berkeley_db_create_buffer_size">berkeley_db_create_buffer_size</a> (16777216)</b>
- The per-table I/O buffer size for programs that
+ The per-table I/O buffer size for programs that
create Berkeley DB hash or btree tables.
<b><a href="postconf.5.html#berkeley_db_read_buffer_size">berkeley_db_read_buffer_size</a> (131072)</b>
- The per-table I/O buffer size for programs that
+ The per-table I/O buffer size for programs that
read Berkeley DB hash or btree tables.
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
- The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
+ The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
<a href="master.5.html">master.cf</a> configuration files.
<b><a href="postconf.5.html#default_database_type">default_database_type</a> (see 'postconf -d' output)</b>
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the
- process name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b>SEE ALSO</b>
<a href="DATABASE_README.html">DATABASE_README</a>, Postfix lookup table overview
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
.IP \fB-f\fR
Do not fold the lookup key to lower case while creating or querying
a table.
+
+With Postfix version 2.3 and later, this option has no
+effect for regular expression tables. There, case folding
+is controlled by appending a flag to a pattern.
.IP \fB-i\fR
Incremental mode. Read entries from standard input and do not
truncate an existing database. By default, \fBpostalias\fR(1) creates
.IP \fB-f\fR
Do not fold the lookup key to lower case while creating or querying
a table.
+
+With Postfix version 2.3 and later, this option has no
+effect for regular expression tables. There, case folding
+is controlled by appending a flag to a pattern.
.IP \fB-i\fR
Incremental mode. Read entries from standard input and do not
truncate an existing database. By default, \fBpostmap\fR(1) creates
/*
* Optionally fold the key.
*/
- if (dict->fold_buf) {
+ if (dict->flags & DICT_FLAG_FOLD_FIX) {
+ if (dict->fold_buf == 0)
+ dict->fold_buf = vstring_alloc(10);
vstring_strcpy(dict->fold_buf, name);
name = lowercase(vstring_str(dict->fold_buf));
}
/*
* Optionally fold the key.
*/
- if (dict->fold_buf) {
+ if (dict->flags & DICT_FLAG_FOLD_FIX) {
+ if (dict->fold_buf == 0)
+ dict->fold_buf = vstring_alloc(10);
vstring_strcpy(dict->fold_buf, name);
name = lowercase(vstring_str(dict->fold_buf));
}
/*
* Optionally fold the key.
*/
- if (dict->fold_buf) {
+ if (dict->flags & DICT_FLAG_FOLD_FIX) {
+ if (dict->fold_buf == 0)
+ dict->fold_buf = vstring_alloc(10);
vstring_strcpy(dict->fold_buf, name);
name = lowercase(vstring_str(dict->fold_buf));
}
msg_fatal("%s service is not configured for table \"%s\"",
MAIL_SERVICE_PROXYMAP, dict_proxy->dict.name);
case PROXY_STAT_OK:
- dict_proxy->dict.flags = dict_proxy->in_flags | server_flags;
+ dict_proxy->dict.flags = dict_proxy->in_flags
+ | (server_flags & DICT_FLAG_IMPL_MASK);
return (DICT_DEBUG (&dict_proxy->dict));
default:
msg_warn("%s open failed for table \"%s\": unexpected status %d",
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20061229"
+#define MAIL_RELEASE_DATE "20070104"
#define MAIL_VERSION_NUMBER "2.4"
#ifdef SNAPSHOT
/* .IP \fB-f\fR
/* Do not fold the lookup key to lower case while creating or querying
/* a table.
+/*
+/* With Postfix version 2.3 and later, this option has no
+/* effect for regular expression tables. There, case folding
+/* is controlled by appending a flag to a pattern.
/* .IP \fB-i\fR
/* Incremental mode. Read entries from standard input and do not
/* truncate an existing database. By default, \fBpostalias\fR(1) creates
mkmap->dict->flags |= DICT_FLAG_TRY0NULL;
vstring_sprintf(value_buffer, "%010ld", (long) time((time_t *) 0));
#if (defined(HAS_NIS) || defined(HAS_NISPLUS))
+ mkmap->dict->flags &= ~DICT_FLAG_FOLD_FIX;
mkmap_append(mkmap, "YP_LAST_MODIFIED", STR(value_buffer));
mkmap_append(mkmap, "YP_MASTER_NAME", var_myhostname);
#endif
/* .IP \fB-f\fR
/* Do not fold the lookup key to lower case while creating or querying
/* a table.
+/*
+/* With Postfix version 2.3 and later, this option has no
+/* effect for regular expression tables. There, case folding
+/* is controlled by appending a flag to a pattern.
/* .IP \fB-i\fR
/* Incremental mode. Read entries from standard input and do not
/* truncate an existing database. By default, \fBpostmap\fR(1) creates
/*
* Open one instance of a map for each combination of name+flags.
+ *
+ * Assume that a map instance can be shared among clients with different
+ * paranoia flag settings and with different map lookup flag settings.
*/
- vstring_sprintf(map_type_name_flags, "%s:%s",
- map_type_name, dict_flags_str(request_flags));
+ vstring_sprintf(map_type_name_flags, "%s:%s", map_type_name,
+ dict_flags_str(request_flags & DICT_FLAG_NP_INST_MASK));
if ((dict = dict_handle(STR(map_type_name_flags))) == 0)
dict = dict_open(map_type_name, READ_OPEN_FLAGS, request_flags);
if (dict == 0)
} else if ((dict = proxy_map_find(STR(request_map), request_flags,
&reply_status)) == 0) {
reply_value = "";
- } else if ((reply_value = dict_get(dict, STR(request_key))) != 0) {
+ } else if (dict->flags = ((dict->flags & ~DICT_FLAG_RQST_MASK)
+ | (request_flags & DICT_FLAG_RQST_MASK)),
+ (reply_value = dict_get(dict, STR(request_key))) != 0) {
reply_status = PROXY_STAT_OK;
} else if (dict_errno == 0) {
reply_status = PROXY_STAT_NOKEY;
extern void dict_free(DICT *);
extern DICT *dict_debug(DICT *);
+
#define DICT_DEBUG(d) ((d)->flags & DICT_FLAG_DEBUG ? dict_debug(d) : (d))
#define DICT_FLAG_NONE (0)
/* IMPORTANT: Update the dict_mask[] table when the above changes */
+ /*
+ * The subsets of flags that control how a map is used. These are relevant
+ * mainly for proxymap support. Note: some categories overlap.
+ *
+ * DICT_FLAG_PARANOID - flags that forbid the use of insecure map types for
+ * security-sensitive operations. These flags are specified by the caller,
+ * and are checked by the map implementation itself upon open, lookup etc.
+ * requests.
+ *
+ * DICT_FLAG_IMPL_MASK - flags that specify properties of the lookup table
+ * implementation. These flags are set by the map implementation itself.
+ *
+ * DICT_FLAG_INST_MASK - flags that control how a specific table instance is
+ * opened or used. The caller specifies these flags, and the caller may not
+ * change them between open, lookup, etc. requests (although the map itself
+ * may make changes to some of these flags).
+ *
+ * DICT_FLAG_NP_INST_MASK - ditto, but without the paranoia flags.
+ *
+ * DICT_FLAG_RQST_MASK - flags that the caller specifies, and that the caller
+ * may change between open, lookup etc. requests.
+ */
#define DICT_FLAG_PARANOID \
(DICT_FLAG_NO_REGSUB | DICT_FLAG_NO_PROXY | DICT_FLAG_NO_UNAUTH)
+#define DICT_FLAG_IMPL_MASK (DICT_FLAG_FIXED | DICT_FLAG_PATTERN)
+#define DICT_FLAG_RQST_MASK DICT_FLAG_FOLD_ANY
+#define DICT_FLAG_NP_INST_MASK ~(DICT_FLAG_IMPL_MASK | DICT_FLAG_RQST_MASK)
+#define DICT_FLAG_INST_MASK (DICT_FLAG_NP_INST_MASK | DICT_FLAG_PARANOID)
extern int dict_unknown_allowed;
extern int dict_errno;
/*
* Optionally fold the key.
*/
- if (dict->fold_buf) {
+ if (dict->flags & DICT_FLAG_FOLD_FIX) {
+ if (dict->fold_buf == 0)
+ dict->fold_buf = vstring_alloc(10);
vstring_strcpy(dict->fold_buf, name);
name = lowercase(vstring_str(dict->fold_buf));
}
/*
* Optionally fold the key.
*/
- if (dict->fold_buf) {
+ if (dict->flags & DICT_FLAG_FOLD_FIX) {
+ if (dict->fold_buf == 0)
+ dict->fold_buf = vstring_alloc(10);
vstring_strcpy(dict->fold_buf, name);
name = lowercase(vstring_str(dict->fold_buf));
}
-
ksize = strlen(name);
vsize = strlen(value);
/*
* Optionally fold the key.
*/
- if (dict->fold_buf) {
+ if (dict->flags & DICT_FLAG_FOLD_FIX) {
+ if (dict->fold_buf == 0)
+ dict->fold_buf = vstring_alloc(10);
vstring_strcpy(dict->fold_buf, name);
name = lowercase(vstring_str(dict->fold_buf));
}
/*
* Optionally fold the key.
*/
- if (dict->fold_buf) {
+ if (dict->flags & DICT_FLAG_FOLD_FIX) {
+ if (dict->fold_buf == 0)
+ dict->fold_buf = vstring_alloc(10);
vstring_strcpy(dict->fold_buf, name);
name = lowercase(vstring_str(dict->fold_buf));
}
/*
* Optionally fold the key.
*/
- if (dict->fold_buf) {
+ if (dict->flags & DICT_FLAG_FOLD_FIX) {
+ if (dict->fold_buf == 0)
+ dict->fold_buf = vstring_alloc(10);
vstring_strcpy(dict->fold_buf, name);
name = lowercase(vstring_str(dict->fold_buf));
}
/*
* Optionally fold the key.
*/
- if (dict->fold_buf) {
+ if (dict->flags & DICT_FLAG_FOLD_FIX) {
+ if (dict->fold_buf == 0)
+ dict->fold_buf = vstring_alloc(10);
vstring_strcpy(dict->fold_buf, name);
name = lowercase(vstring_str(dict->fold_buf));
}
/*
* Optionally fold the key.
*/
- if (dict->fold_buf) {
+ if (dict->flags & DICT_FLAG_FOLD_FIX) {
+ if (dict->fold_buf == 0)
+ dict->fold_buf = vstring_alloc(10);
vstring_strcpy(dict->fold_buf, name);
name = lowercase(vstring_str(dict->fold_buf));
}
/*
* Optionally fold the key.
*/
- if (dict->fold_buf) {
+ if (dict->flags & DICT_FLAG_FOLD_FIX) {
+ if (dict->fold_buf == 0)
+ dict->fold_buf = vstring_alloc(10);
vstring_strcpy(dict->fold_buf, name);
name = lowercase(vstring_str(dict->fold_buf));
}
/*
* Optionally fold the key.
*/
- if (dict->fold_buf) {
+ if (dict->flags & DICT_FLAG_FOLD_FIX) {
+ if (dict->fold_buf == 0)
+ dict->fold_buf = vstring_alloc(10);
vstring_strcpy(dict->fold_buf, name);
name = lowercase(vstring_str(dict->fold_buf));
}
/*
* Optionally fold the key.
*/
- if (dict->fold_buf) {
+ if (dict->flags & DICT_FLAG_FOLD_FIX) {
+ if (dict->fold_buf == 0)
+ dict->fold_buf = vstring_alloc(10);
vstring_strcpy(dict->fold_buf, name);
name = lowercase(vstring_str(dict->fold_buf));
}
/*
* Optionally fold the key.
*/
- if (dict->fold_buf) {
+ if (dict->flags & DICT_FLAG_FOLD_FIX) {
+ if (dict->fold_buf == 0)
+ dict->fold_buf = vstring_alloc(10);
vstring_strcpy(dict->fold_buf, key);
key = lowercase(vstring_str(dict->fold_buf));
}
/*
* Optionally fold the key.
*/
- if (dict->fold_buf) {
+ if (dict->flags & DICT_FLAG_FOLD_FIX) {
+ if (dict->fold_buf == 0)
+ dict->fold_buf = vstring_alloc(10);
vstring_strcpy(dict->fold_buf, key);
key = lowercase(vstring_str(dict->fold_buf));
}
/*
* Optionally fold the key.
*/
- if (dict->fold_buf) {
+ if (dict->flags & DICT_FLAG_FOLD_FIX) {
+ if (dict->fold_buf == 0)
+ dict->fold_buf = vstring_alloc(10);
vstring_strcpy(dict->fold_buf, key);
key = lowercase(vstring_str(dict->fold_buf));
}
/*
* Optionally fold the key.
*/
- if (dict->fold_buf) {
+ if (dict->flags & DICT_FLAG_FOLD_MUL) {
+ if (dict->fold_buf == 0)
+ dict->fold_buf = vstring_alloc(10);
vstring_strcpy(dict->fold_buf, lookup_string);
lookup_string = lowercase(vstring_str(dict->fold_buf));
}
/*
* Optionally fold the key.
*/
- if (dict->fold_buf) {
+ if (dict->flags & DICT_FLAG_FOLD_MUL) {
+ if (dict->fold_buf == 0)
+ dict->fold_buf = vstring_alloc(10);
vstring_strcpy(dict->fold_buf, lookup_string);
lookup_string = lowercase(vstring_str(dict->fold_buf));
}
/*
* Optionally fold the key.
*/
- if (dict->fold_buf) {
+ if (dict->flags & DICT_FLAG_FOLD_FIX) {
+ if (dict->fold_buf == 0)
+ dict->fold_buf = vstring_alloc(10);
vstring_strcpy(dict->fold_buf, name);
name = lowercase(vstring_str(dict->fold_buf));
}
/*
* Optionally fold the key.
*/
- if (dict->fold_buf) {
+ if (dict->flags & DICT_FLAG_FOLD_FIX) {
+ if (dict->fold_buf == 0)
+ dict->fold_buf = vstring_alloc(10);
vstring_strcpy(dict->fold_buf, name);
name = lowercase(vstring_str(dict->fold_buf));
}
-
dbm_key.dptr = (void *) name;
dbm_value.dptr = (void *) value;
dbm_key.dsize = strlen(name);
/*
* Optionally fold the key.
*/
- if (dict->fold_buf) {
+ if (dict->flags & DICT_FLAG_FOLD_FIX) {
+ if (dict->fold_buf == 0)
+ dict->fold_buf = vstring_alloc(10);
vstring_strcpy(dict->fold_buf, name);
name = lowercase(vstring_str(dict->fold_buf));
}
/*
* Optionally fold the key.
*/
- if (dict->fold_buf) {
+ if (dict->flags & DICT_FLAG_FOLD_MUL) {
+ if (dict->fold_buf == 0)
+ dict->fold_buf = vstring_alloc(10);
vstring_strcpy(dict->fold_buf, key);
key = lowercase(vstring_str(dict->fold_buf));
}
/*
* Optionally fold the key.
*/
- if (dict->fold_buf) {
+ if (dict->flags & DICT_FLAG_FOLD_FIX) {
+ if (dict->fold_buf == 0)
+ dict->fold_buf = vstring_alloc(10);
vstring_strcpy(dict->fold_buf, key);
key = lowercase(vstring_str(dict->fold_buf));
}
/*
* Optionally fold the key.
*/
- if (dict->fold_buf) {
+ if (dict->flags & DICT_FLAG_FOLD_FIX) {
+ if (dict->fold_buf == 0)
+ dict->fold_buf = vstring_alloc(10);
vstring_strcpy(dict->fold_buf, key);
key = lowercase(vstring_str(dict->fold_buf));
}
MAI_HOSTADDR_STR hostaddr;
MAI_SERVPORT_STR portnum;
INET_PROTO_INFO *proto_info;
- int found;
/*
* Translate address information to internal form.
/* No early returns or res0 leaks. */
proto_info = inet_proto_info();
- for (found = 0, res = res0; res != 0; res = res->ai_next) {
+ for (res = res0; /* see below */ ; res = res->ai_next) {
/*
- * Safety net.
+ * No usable address found.
*/
- if (strchr((char *) proto_info->sa_family_list, res->ai_family) == 0) {
- msg_info("skipping address family %d for %s",
- res->ai_family, addr);
- continue;
- }
- found++;
+ if (res == 0)
+ msg_fatal("%s: host found but no usable address", addr);
/*
- * Show what address we're trying.
+ * Safety net.
*/
- if (msg_verbose) {
- SOCKADDR_TO_HOSTADDR(res->ai_addr, res->ai_addrlen,
- &hostaddr, &portnum, 0);
- msg_info("trying... [%s]:%s", hostaddr.buf, portnum.buf);
- }
+ if (strchr((char *) proto_info->sa_family_list, res->ai_family) != 0)
+ break;
- /*
- * Create a listener socket.
- */
- if ((sock = socket(res->ai_family, res->ai_socktype, 0)) < 0)
- msg_fatal("socket: %m");
+ msg_info("skipping address family %d for %s", res->ai_family, addr);
+ }
+
+ /*
+ * Show what address we're trying.
+ */
+ if (msg_verbose) {
+ SOCKADDR_TO_HOSTADDR(res->ai_addr, res->ai_addrlen,
+ &hostaddr, &portnum, 0);
+ msg_info("trying... [%s]:%s", hostaddr.buf, portnum.buf);
+ }
+
+ /*
+ * Create a listener socket.
+ */
+ if ((sock = socket(res->ai_family, res->ai_socktype, 0)) < 0)
+ msg_fatal("socket: %m");
#ifdef HAS_IPV6
# if defined(IPV6_V6ONLY) && !defined(BROKEN_AI_PASSIVE_NULL_HOST)
- if (res->ai_family == AF_INET6
- && setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY,
- (char *) &on, sizeof(on)) < 0)
- msg_fatal("setsockopt(IPV6_V6ONLY): %m");
+ if (res->ai_family == AF_INET6
+ && setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY,
+ (char *) &on, sizeof(on)) < 0)
+ msg_fatal("setsockopt(IPV6_V6ONLY): %m");
# endif
#endif
- if (setsockopt(sock, SOL_SOCKET, SO_REUSEADDR,
- (char *) &on, sizeof(on)) < 0)
- msg_fatal("setsockopt(SO_REUSEADDR): %m");
- if (bind(sock, res->ai_addr, res->ai_addrlen) < 0) {
- SOCKADDR_TO_HOSTADDR(res->ai_addr, res->ai_addrlen,
- &hostaddr, &portnum, 0);
- msg_fatal("bind %s port %s: %m", hostaddr.buf, portnum.buf);
- }
- break;
+ if (setsockopt(sock, SOL_SOCKET, SO_REUSEADDR,
+ (char *) &on, sizeof(on)) < 0)
+ msg_fatal("setsockopt(SO_REUSEADDR): %m");
+ if (bind(sock, res->ai_addr, res->ai_addrlen) < 0) {
+ SOCKADDR_TO_HOSTADDR(res->ai_addr, res->ai_addrlen,
+ &hostaddr, &portnum, 0);
+ msg_fatal("bind %s port %s: %m", hostaddr.buf, portnum.buf);
}
freeaddrinfo(res0);
- if (found == 0)
- msg_fatal("%s: host not found", addr);
non_blocking(sock, block_mode);
if (listen(sock, backlog) < 0)
msg_fatal("listen: %m");
projects / thirdparty / postfix.git / commitdiff
