to mumble_destination_rate_delay, because it really is a
per-destination feature. With this change we keep the option
of implementing a future per-transport rate delay.
+
+20080125
+
+ Bugfix: missing {} in the LDAP client. Victor Duchovni.
+ File: global/dict_ldap.c.
+
+20080126
+
+ Cleanup: the post-install script now requires that it is
+ invoked via the postfix(1) command. This was the intended
+ use since Postfix 2.1, but it was never enforced. The
+ documentation for package maintainers has been updated
+ accordingly. File: conf/post-install.
slow unix - - n - 1 smtp
-o fallback_relay=problem.example.com
-o smtp_connect_timeout=1
- -o smtp_cache_connection=no
+ -o smtp_connection_cache_on_demand=no
This solution forces the Postfix smtp(8) client to wait for
$smtp_connect_timeout seconds between deliveries. The connection caching
If you upgrade from Postfix 2.4 or earlier, read RELEASE_NOTES-2.5
before proceeding.
+
+Incompatible changes with snapshot 20080127
+===========================================
+
+The post-install script now requires explicitly that it is invoked
+via the postfix(1) command. This was the intended usage since Postfix
+version 2.1, but it was never enforced. The internal documentation
+for package maintainers has been updated accordingly.
#
# EXAMPLES
# Header pattern to block attachments with bad file name
-# extensions.
+# extensions. For convenience, the PCRE /x flag is speci-
+# fied, so that there is no need to collapse the pattern
+# into a single line of text. The purpose of the
+# [[:xdigit:]] sub-expressions is to recognize Windows CLSID
+# strings.
#
# /etc/postfix/main.cf:
-# header_checks = regexp:/etc/postfix/header_checks
-#
-# /etc/postfix/header_checks:
-# /^content-(type|disposition):.*name[[:space:]]*=.*\.(exe|vbs)/
-# REJECT Bad attachment file name extension: $2
+# header_checks = pcre:/etc/postfix/header_checks.pcre
+#
+# /etc/postfix/header_checks.pcre:
+# /^Content-(Disposition|Type).*name\s*=\s*"?(.*(\.|=2E)(
+# ade|adp|asp|bas|bat|chm|cmd|com|cpl|crt|dll|exe|
+# hlp|ht[at]|
+# inf|ins|isp|jse?|lnk|md[betw]|ms[cipt]|nws|
+# \{[[:xdigit:]]{8}(?:-[[:xdigit:]]{4}){3}-[[:xdigit:]]{12}\}|
+# ops|pcd|pif|prf|reg|sc[frt]|sh[bsm]|swf|
+# vb[esx]?|vxd|ws[cfh]))(\?=)?"?\s*(;|$)/x
+# REJECT Attachment name "$2" may not end with ".$4"
#
# Body pattern to stop a specific HTML browser vulnerability
# exploit.
# SUMMARY
# Postfix post-installation script
# SYNOPSIS
-# post-install [name=value] command ...
+# postfix post-install [name=value] command ...
# DESCRIPTION
# The post-install script performs the finishing touch of a Postfix
# installation, after the executable programs and configuration
# copy the configuration files from the primary Postfix instance to
# a secondary configuration directory and execute:
#
-# post-install config_directory=secondary-config-directory \e
+# postfix post-install config_directory=secondary-config-directory \e
# .in +4
# queue_directory=secondary-queue-directory \e
# .br
# To upgrade a secondary Postfix installation on the same machine,
# execute:
#
-# post-install config_directory=secondary-config-directory \e
+# postfix post-install config_directory=secondary-config-directory \e
# .in +4
# upgrade-permissions upgrade-configuration
# INSTALLATION PARAMETER INPUT METHODS
# .IP command_directory
# The directory for Postfix administrative commands. This
# directory should be in the command search path of adminstrative users.
+# .IP data_directory
+# The directory for Postfix writable data files (caches, etc.).
# .IP queue_directory
# The directory for Postfix queues.
# .IP sendmail_path
IFS="
"
BACKUP_IFS="$IFS"
+MOST_PARAMETERS="command_directory daemon_directory data_directory
+ html_directory mail_owner mailq_path manpage_directory
+ newaliases_path queue_directory readme_directory sample_directory
+ sendmail_path setgid_group"
USAGE="Usage: $0 [name=value] command
create-missing Create missing queue directories.
+ set-permissions Update file permission and ownership.
+ upgrade-configuration Update configuration files.
upgrade-source When installing or upgrading from source code.
upgrade-package When installing or upgrading from pre-built package.
first-install-reminder Remind of mandatory first-time configuration steps.
exit 1
}
-# Bootstrapping problem.
+for name in config_directory $MOST_PARAMETERS
+do
+ eval test -n \${$name} || {
+ echo "$0: Error: do not invoke this command directly" 1>&2
+ echo Re-run this command as: postfix $0 ... 1>&2
+ exit 1
+ }
+done
-if [ -n "$command_directory" ]
-then
- POSTCONF="$command_directory/postconf"
-else
- POSTCONF="postconf"
-fi
+POSTCONF="$command_directory/postconf"
$POSTCONF -d mail_version >/dev/null 2>/dev/null || {
echo $0: Error: no $POSTCONF command found. 1>&2
- echo Re-run this command as $0 command_directory=/some/where. 1>&2
+ echo Re-run this command as: postfix $0 command_directory=/some/where. 1>&2
exit 1
}
*) FMT=fmt;;
esac
-# If a parameter is not set via the command line or environment,
-# try to use settings from installed configuration files.
-
-# Extract parameter settings from the obsolete install.cf file, as
-# a transitional aid.
-
-grep setgid_group $config_directory/main.cf >/dev/null 2>&1 || {
- test -f $config_directory/install.cf && {
- for name in sendmail_path newaliases_path mailq_path setgid manpages
- do
- eval junk=\$$name
- case "$junk" in
- "") eval unset $name;;
- esac
- eval : \${$name="\`. $config_directory/install.cf; echo \$$name\`"} \
- || exit 1
- done
- : ${setgid_group=$setgid}
- : ${manpage_directory=$manpages}
- }
-}
-
-# Extract parameter settings from the installed main.cf file.
-
-test -f $config_directory/main.cf && {
- for name in daemon_directory command_directory queue_directory mail_owner \
- setgid_group sendmail_path newaliases_path mailq_path \
- html_directory manpage_directory sample_directory readme_directory
- do
- eval junk=\$$name
- case "$junk" in
- "") eval unset $name;;
- esac
- eval : \${$name=\`$POSTCONF -c $config_directory -h $name\`} || exit 1
- done
-}
-
# Sanity checks
case $manpage_directory in
no) echo $0: Error: manpage_directory no longer accepts \"no\" values. 1>&2
- echo Try again with \"$0 manpage_directory=/pathname ...\". 1>&2; exit 1;;
+ echo Try again with \"postfix $0 manpage_directory=/pathname ...\". 1>&2
+ exit 1;;
esac
case $setgid_group in
no) echo $0: Error: setgid_group no longer accepts \"no\" values. 1>&2
- echo Try again with \"$0 setgid_group=groupname ...\" 1>&2; exit 1;;
+ echo Try again with \"postfix $0 setgid_group=groupname ...\" 1>&2
+ exit 1;;
esac
for path in "$daemon_directory" "$command_directory" "$queue_directory" \
case "$path" in
/*) ;;
no) ;;
- *) echo $0: Error: \"$path\" should be \"no\" or an absolute path name. 1>&2; exit 1;;
+ *) echo $0: Error: \"$path\" should be \"no\" or an absolute path name. 1>&2
+ exit 1;;
esac
done
-# Find out what parameters were not specified via command line,
-# via environment, or via installed configuration files.
-
-missing=
-for name in daemon_directory command_directory queue_directory mail_owner \
- setgid_group sendmail_path newaliases_path mailq_path manpage_directory \
- readme_directory html_directory
-do
- eval test -n \"\$$name\" || missing="$missing $name"
-done
-
-# All parameters must be specified at this point.
-
-test -n "$non_interactive" -a -n "$missing" && {
- cat <<EOF | ${FMT} 1>&2
-$0: Error: some required installation parameters are not defined.
-
-- Either the parameters need to be given in the $config_directory/main.cf
-file from a recent Postfix installation,
-
-- Or the parameters need to be specified through the process
-environment.
-
-- Or the parameters need to be specified as name=value arguments
-on the $0 command line,
-
-The following parameters were missing:
-
- $missing
-
-EOF
- exit 1
-}
-
-POSTCONF="$command_directory/postconf"
-
# Save settings, allowing command line/environment override.
+# Optimization: don't update main.cf if nothing has changed.
+# Caution: "`command`" removes the last newline character.
-override=
-for name in daemon_directory command_directory queue_directory mail_owner \
- setgid_group sendmail_path newaliases_path mailq_path manpage_directory \
- sample_directory readme_directory html_directory
-do
- eval test \"\$$name\" = \"`$POSTCONF -c $config_directory -h $name`\" || {
- override=1
- break
- }
-done
-
-test -n "$override" && {
+test "`for name in $MOST_PARAMETERS; do eval echo \\\${\$name}; done`" = \
+ "`$POSTCONF -h $MOST_PARAMETERS`" || {
$POSTCONF -c $config_directory -e \
"daemon_directory = $daemon_directory" \
"command_directory = $command_directory" \
+ "data_directory = $data_directory" \
"queue_directory = $queue_directory" \
"mail_owner = $mail_owner" \
"setgid_group = $setgid_group" \
test -n "$upgrade_conf" && {
+ # Postfix 2.0.
# Add missing relay service to master.cf.
grep '^relay' $config_directory/master.cf >/dev/null || {
EOF
}
+ # Postfix 1.1.
# Add missing flush service to master.cf.
grep '^flush.*flush' $config_directory/master.cf >/dev/null || {
EOF
}
+ # Postfix 2.1.
# Add missing trace service to master.cf.
grep 'trace.*bounce' $config_directory/master.cf >/dev/null || {
EOF
}
+ # Postfix 2.1.
# Add missing verify service to master.cf.
grep '^verify.*verify' $config_directory/master.cf >/dev/null || {
EOF
}
+ # Postfix 2.1.
# Fix verify service process limit.
grep '^verify.*[ ]0[ ]*verify' \
EOF
}
+ # Postfix 1.1.
# Change privileged pickup service into unprivileged.
grep "^pickup[ ]*fifo[ ]*n[ ]*n" \
EOF
}
+ # Postfix 1.1.
# Change private cleanup and flush services into public.
for name in cleanup flush
}
done
+ # Postfix 2.2.
# File systems have improved since Postfix came out, and all we
- # require now is that defer and deferred are hashed because those
+ # require now that defer and deferred are hashed because those
# can contain lots of files.
found=`$POSTCONF -c $config_directory -h hash_queue_names`
# [The "unknown_local_recipient_reject_code = 450" safety net,
# introduced with Postfix 2.0 and deleted after Postfix 2.3.]
+ # Postfix 2.0.
# Add missing proxymap service to master.cf.
grep '^proxymap.*proxymap' $config_directory/master.cf >/dev/null || {
EOF
}
+ # Postfix 2.1.
# Add missing anvil service to master.cf.
grep '^anvil.*anvil' $config_directory/master.cf >/dev/null || {
EOF
}
+ # Postfix 2.2.
# Add missing scache service to master.cf.
grep '^scache.*scache' $config_directory/master.cf >/dev/null || {
EOF
}
+ # Postfix 2.2.
# Add missing discard service to master.cf.
grep '^discard.*discard' $config_directory/master.cf >/dev/null || {
EOF
}
+ # Postfix 2.2.
# Update the tlsmgr fifo->unix service.
grep "^tlsmgr[ ]*fifo[ ]" \
EOF
}
+ # Postfix 2.2.
# Add missing tlsmgr service to master.cf.
grep '^tlsmgr.*tlsmgr' $config_directory/master.cf >/dev/null || {
EOF
}
+ # Postfix 2.2.
# Add missing retry service to master.cf.
grep '^retry.*error' $config_directory/master.cf >/dev/null || {
EOF
}
+ # Postfix 2.5.
# Add missing proxywrite service to master.cf.
grep '^proxywrite.*proxymap' $config_directory/master.cf >/dev/null || {
slow unix - - n - 1 smtp
-o <a href="postconf.5.html#fallback_relay">fallback_relay</a>=problem.example.com
-o <a href="postconf.5.html#smtp_connect_timeout">smtp_connect_timeout</a>=1
- -o smtp_cache_connection=no
+ -o <a href="postconf.5.html#smtp_connection_cache_on_demand">smtp_connection_cache_on_demand</a>=no
</pre>
</ul>
<b>EXAMPLES</b>
Header pattern to block attachments with bad file name
- extensions.
+ extensions. For convenience, the PCRE /x flag is speci-
+ fied, so that there is no need to collapse the pattern
+ into a single line of text. The purpose of the
+ [[:xdigit:]] sub-expressions is to recognize Windows CLSID
+ strings.
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
- <a href="postconf.5.html#header_checks">header_checks</a> = <a href="regexp_table.5.html">regexp</a>:/etc/postfix/header_checks
-
- /etc/postfix/header_checks:
- /^content-(type|disposition):.*name[[:space:]]*=.*\.(exe|vbs)/
- REJECT Bad attachment file name extension: $2
+ <a href="postconf.5.html#header_checks">header_checks</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/header_checks.pcre
+
+ /etc/postfix/header_checks.<a href="pcre_table.5.html">pcre</a>:
+ /^Content-(Disposition|Type).*name\s*=\s*"?(.*(\.|=2E)(
+ ade|adp|asp|bas|bat|chm|cmd|com|cpl|crt|dll|exe|
+ hlp|ht[at]|
+ inf|ins|isp|jse?|lnk|md[betw]|ms[cipt]|nws|
+ \{[[:xdigit:]]{8}(?:-[[:xdigit:]]{4}){3}-[[:xdigit:]]{12}\}|
+ ops|pcd|pif|prf|reg|sc[frt]|sh[bsm]|swf|
+ vb[esx]?|vxd|ws[cfh]))(\?=)?"?\s*(;|$)/x
+ REJECT Attachment name "$2" may not end with ".$4"
Body pattern to stop a specific HTML browser vulnerability
exploit.
<p>
Restrict the characters that the <a href="local.8.html">local(8)</a> delivery agent allows in
-$name expansions of $<a href="postconf.5.html#mailbox_command">mailbox_command</a>. Characters outside the
+$name expansions of $<a href="postconf.5.html#mailbox_command">mailbox_command</a> and $<a href="postconf.5.html#command_execution_directory">command_execution_directory</a>.
+Characters outside the
allowed set are replaced by underscores.
</p>
.nf
.ad
.fi
-Header pattern to block attachments with bad file name extensions.
+Header pattern to block attachments with bad file name
+extensions. For convenience, the PCRE /x flag is specified,
+so that there is no need to collapse the pattern into a
+single line of text. The purpose of the [[:xdigit:]]
+sub-expressions is to recognize Windows CLSID strings.
.na
.nf
/etc/postfix/main.cf:
- header_checks = regexp:/etc/postfix/header_checks
-
-/etc/postfix/header_checks:
- /^content-(type|disposition):.*name[[:space:]]*=.*\\.(exe|vbs)/
- REJECT Bad attachment file name extension: $2
+ header_checks = pcre:/etc/postfix/header_checks.pcre
+/etc/postfix/header_checks.pcre:
+ /^Content-(Disposition|Type).*name\es*=\es*"?(.*(\e.|=2E)(
+ ade|adp|asp|bas|bat|chm|cmd|com|cpl|crt|dll|exe|
+ hlp|ht[at]|
+ inf|ins|isp|jse?|lnk|md[betw]|ms[cipt]|nws|
+ \e{[[:xdigit:]]{8}(?:-[[:xdigit:]]{4}){3}-[[:xdigit:]]{12}\e}|
+ ops|pcd|pif|prf|reg|sc[frt]|sh[bsm]|swf|
+ vb[esx]?|vxd|ws[cfh]))(\e?=)?"?\es*(;|$)/x
+ REJECT Attachment name "$2" may not end with ".$4"
.ad
.fi
+
Body pattern to stop a specific HTML browser vulnerability exploit.
.na
This feature is available in Postfix 2.2 and later.
.SH command_expansion_filter (default: see "postconf -d" output)
Restrict the characters that the \fBlocal\fR(8) delivery agent allows in
-$name expansions of $mailbox_command. Characters outside the
+$name expansions of $mailbox_command and $command_execution_directory.
+Characters outside the
allowed set are replaced by underscores.
.SH command_time_limit (default: 1000s)
Time limit for delivery to external commands. This limit is used
.fi
.ad
.ft R
-.SH default_destination_rate_delay (default: 0s)
-The default amount of delay that is inserted between individual
-deliveries to the same destination; with per-destination recipient
-limit > 1, a destination is a domain, otherwise it is a recipient.
-.PP
-To enable the delay, specify a non-zero time value (an integral
-value plus an optional one-letter suffix that specifies the time
-unit).
-.PP
-Time units: s (seconds), m (minutes), h (hours), d (days), w
-(weeks). The default time unit is s (seconds).
-.PP
-NOTE: the delay is enforced by the queue manager. The delay
-timer state does not survive "postfix reload" or "postfix stop".
-.PP
-Use \fItransport\fR_destination_rate_delay to specify a
-transport-specific override, where \fItransport\fR is the master.cf
-name of the message delivery transport.
-.PP
-This feature is available in Postfix 2.5 and later.
.SH default_delivery_slot_cost (default: 5)
How often the Postfix queue manager's scheduler is allowed to
preempt delivery of one message with another.
is the master.cf name of the message delivery transport.
.PP
This feature is available in Postfix 2.5 and later.
+.SH default_destination_rate_delay (default: 0s)
+The default amount of delay that is inserted between individual
+deliveries to the same destination; with per-destination recipient
+limit > 1, a destination is a domain, otherwise it is a recipient.
+.PP
+To enable the delay, specify a non-zero time value (an integral
+value plus an optional one-letter suffix that specifies the time
+unit).
+.PP
+Time units: s (seconds), m (minutes), h (hours), d (days), w
+(weeks). The default time unit is s (seconds).
+.PP
+NOTE: the delay is enforced by the queue manager. The delay
+timer state does not survive "postfix reload" or "postfix stop".
+.PP
+Use \fItransport\fR_destination_rate_delay to specify a
+transport-specific override, where \fItransport\fR is the master.cf
+name of the message delivery transport.
+.PP
+This feature is available in Postfix 2.5 and later.
.SH default_destination_recipient_limit (default: 50)
The default maximal number of recipients per message delivery.
This is the default limit for delivery via the \fBlmtp\fR(8), \fBpipe\fR(8),
delivery is requested with "\fBsendmail -v\fR".
.PP
This feature is available in Postfix 2.1 and later.
-.SH transport_destination_rate_delay (default: $default_destination_rate_delay)
-A transport-specific override for the default_destination_rate_delay
-parameter value, where \fItransport\fR is the master.cf name of
-the message delivery transport.
-.PP
-This feature is available in Postfix 2.5 and later.
.SH transport_delivery_slot_cost (default: $default_delivery_slot_cost)
A transport-specific override for the default_delivery_slot_cost
parameter value, where \fItransport\fR is the master.cf name of
transport.
.PP
This feature is available in Postfix 2.5 and later.
+.SH transport_destination_rate_delay (default: $default_destination_rate_delay)
+A transport-specific override for the default_destination_rate_delay
+parameter value, where \fItransport\fR is the master.cf name of
+the message delivery transport.
+.PP
+This feature is available in Postfix 2.5 and later.
.SH transport_destination_recipient_limit (default: $default_destination_recipient_limit)
A transport-specific override for the
default_destination_recipient_limit parameter value, where
slow unix - - n - 1 smtp
-o fallback_relay=problem.example.com
-o smtp_connect_timeout=1
- -o smtp_cache_connection=no
+ -o smtp_connection_cache_on_demand=no
</pre>
</ul>
# EXAMPLES
# .ad
# .fi
-# Header pattern to block attachments with bad file name extensions.
+# Header pattern to block attachments with bad file name
+# extensions. For convenience, the PCRE /x flag is specified,
+# so that there is no need to collapse the pattern into a
+# single line of text. The purpose of the [[:xdigit:]]
+# sub-expressions is to recognize Windows CLSID strings.
#
# .na
# .nf
# /etc/postfix/main.cf:
-# header_checks = regexp:/etc/postfix/header_checks
-#
-# /etc/postfix/header_checks:
-# /^content-(type|disposition):.*name[[:space:]]*=.*\\.(exe|vbs)/
-# REJECT Bad attachment file name extension: $2
+# header_checks = pcre:/etc/postfix/header_checks.pcre
#
+# /etc/postfix/header_checks.pcre:
+# /^Content-(Disposition|Type).*name\es*=\es*"?(.*(\e.|=2E)(
+# ade|adp|asp|bas|bat|chm|cmd|com|cpl|crt|dll|exe|
+# hlp|ht[at]|
+# inf|ins|isp|jse?|lnk|md[betw]|ms[cipt]|nws|
+# \e{[[:xdigit:]]{8}(?:-[[:xdigit:]]{4}){3}-[[:xdigit:]]{12}\e}|
+# ops|pcd|pif|prf|reg|sc[frt]|sh[bsm]|swf|
+# vb[esx]?|vxd|ws[cfh]))(\e?=)?"?\es*(;|$)/x
+# REJECT Attachment name "$2" may not end with ".$4"
# .ad
# .fi
+#
# Body pattern to stop a specific HTML browser vulnerability exploit.
#
# .na
<p>
Restrict the characters that the local(8) delivery agent allows in
-$name expansions of $mailbox_command. Characters outside the
+$name expansions of $mailbox_command and $command_execution_directory.
+Characters outside the
allowed set are replaced by underscores.
</p>
if (dict_ldap->start_tls || dict_ldap->ldap_ssl) {
if (*dict_ldap->tls_random_file) {
if ((rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_RANDOM_FILE,
- dict_ldap->tls_random_file)) != LDAP_SUCCESS)
+ dict_ldap->tls_random_file)) != LDAP_SUCCESS) {
msg_warn("%s: Unable to set tls_random_file to %s: %d: %s",
myname, dict_ldap->tls_random_file,
rc, ldap_err2string(rc));
- return (-1);
+ return (-1);
+ }
}
if (*dict_ldap->tls_ca_cert_file) {
if ((rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_CACERTFILE,
- dict_ldap->tls_ca_cert_file)) != LDAP_SUCCESS)
+ dict_ldap->tls_ca_cert_file)) != LDAP_SUCCESS) {
msg_warn("%s: Unable to set tls_ca_cert_file to %s: %d: %s",
myname, dict_ldap->tls_ca_cert_file,
rc, ldap_err2string(rc));
- return (-1);
+ return (-1);
+ }
}
if (*dict_ldap->tls_ca_cert_dir) {
if ((rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_CACERTDIR,
- dict_ldap->tls_ca_cert_dir)) != LDAP_SUCCESS)
+ dict_ldap->tls_ca_cert_dir)) != LDAP_SUCCESS) {
msg_warn("%s: Unable to set tls_ca_cert_dir to %s: %d: %s",
myname, dict_ldap->tls_ca_cert_dir,
rc, ldap_err2string(rc));
- return (-1);
+ return (-1);
+ }
}
if (*dict_ldap->tls_cert) {
if ((rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_CERTFILE,
- dict_ldap->tls_cert)) != LDAP_SUCCESS)
+ dict_ldap->tls_cert)) != LDAP_SUCCESS) {
msg_warn("%s: Unable to set tls_cert to %s: %d: %s",
myname, dict_ldap->tls_cert,
rc, ldap_err2string(rc));
- return (-1);
+ return (-1);
+ }
}
if (*dict_ldap->tls_key) {
if ((rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_KEYFILE,
- dict_ldap->tls_key)) != LDAP_SUCCESS)
+ dict_ldap->tls_key)) != LDAP_SUCCESS) {
msg_warn("%s: Unable to set tls_key to %s: %d: %s",
myname, dict_ldap->tls_key,
rc, ldap_err2string(rc));
- return (-1);
+ return (-1);
+ }
}
if (*dict_ldap->tls_cipher_suite) {
if ((rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_CIPHER_SUITE,
- dict_ldap->tls_cipher_suite)) != LDAP_SUCCESS)
+ dict_ldap->tls_cipher_suite)) != LDAP_SUCCESS) {
msg_warn("%s: Unable to set tls_cipher_suite to %s: %d: %s",
myname, dict_ldap->tls_cipher_suite,
rc, ldap_err2string(rc));
- return (-1);
+ return (-1);
+ }
}
- if (dict_ldap->tls_require_cert) {
- if ((rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_REQUIRE_CERT,
- &(dict_ldap->tls_require_cert))) != LDAP_SUCCESS)
- msg_warn("%s: Unable to set tls_require_cert to %d: %d: %s",
- myname, dict_ldap->tls_require_cert,
- rc, ldap_err2string(rc));
+ if ((rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_REQUIRE_CERT,
+ &(dict_ldap->tls_require_cert))) != LDAP_SUCCESS) {
+ msg_warn("%s: Unable to set tls_require_cert to %d: %d: %s",
+ myname, dict_ldap->tls_require_cert,
+ rc, ldap_err2string(rc));
return (-1);
}
}
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20080123"
+#define MAIL_RELEASE_DATE "20080127"
#define MAIL_VERSION_NUMBER "2.6"
#ifdef SNAPSHOT
projects / thirdparty / postfix.git / commitdiff
