postfix-2.6-20081205

diff --git a/postfix/HISTORY b/postfix/HISTORY
index 859cb3b753c958ba137d8ad229bf4e3cef00f2f7..c0057198c61b34756934a0b2780a72581ccd6b1c 100644 (file)
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@@ -14782,4 +14782,19 @@ Apologies for any names omitted.
 
        Cleanup: adjust the VSTREAM buffer strategy when reusing
        an SMTP connection with a large TCP MSS value. File:
-       smtp/smtp_proto.c.
+       smtp/smtp_reuse.c.
+
+20081204
+
+       Cleanup: state the SMTP client PIPELINING implementation's
+       dependency on monotonic VSTREAM buffer size behavior, and
+       add some checks for boundary cases with VSTREAM buffer size
+       change requests. Files: util/vstream.c, smtp/smtp_proto.c.
+
+20081205
+
+       Fix 20081202 flush code. Victor Duchovni. File: smtpd/smtpd.c.
+
+       Safety: add another check to "postfix check", in this case
+       for group or other writable queue_directory. File:
+       conf/postfix-script.

diff --git a/postfix/conf/postfix-script b/postfix/conf/postfix-script
index c441797c8abc176405744175c3bab99ca7c20f9d..56c410ee5c5cd12845cdfb5256465a301e6175ae 100644 (file)
--- a/postfix/conf/postfix-script
+++ b/postfix/conf/postfix-script
@@ -222,6 +222,10 @@ check-warn)
                    $WARN not owned by root: $dir)
        done
 
+       # Some people break Postfix's security model.
+       ls -lLd $queue_directory | egrep '^.....(w|...w)' >/dev/null && \
+               $WARN group or other writable: $queue_directory
+
        find $daemon_directory/* $config_directory/* ! -user root \
                -exec $WARN not owned by root: {} \;
 

diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h
index f1e7ab2f9983f53fd28d5be200980fb57396bdbc..2c795782b1a9d14534015f560339e32a86a9603b 100644 (file)
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -20,7 +20,7 @@
   * Patches change both the patchlevel and the release date. Snapshots have no
   * patchlevel; they change the release date only.
   */
-#define MAIL_RELEASE_DATE      "20081203"
+#define MAIL_RELEASE_DATE      "20081205"
 #define MAIL_VERSION_NUMBER    "2.6"
 
 #ifdef SNAPSHOT

diff --git a/postfix/src/smtp/smtp_proto.c b/postfix/src/smtp/smtp_proto.c
index d79828fd89f568d3a6f250304ffcbce62721ea87..86a3d5a8e91fe81d97c95ac07ae257999290b059 100644 (file)
--- a/postfix/src/smtp/smtp_proto.c
+++ b/postfix/src/smtp/smtp_proto.c
@@ -558,6 +558,9 @@ int     smtp_helo(SMTP_STATE *state)
      * 
      * XXX No need to do this before and after STARTTLS, but it's not a big deal
      * if we do.
+     * 
+     * XXX This critically depends on VSTREAM buffers to never be smaller than
+     * VSTREAM_BUFSIZE.
      */
     if (session->features & SMTP_FEATURE_PIPELINING) {
        optlen = sizeof(sndbufsize);

diff --git a/postfix/src/smtpd/smtpd.c b/postfix/src/smtpd/smtpd.c
index 204fc838ccc9bae842c6d5251e222087cbde5f8d..f200610c75e585bd6c05072f6e9eb8ee2d8a8cdc 100644 (file)
--- a/postfix/src/smtpd/smtpd.c
+++ b/postfix/src/smtpd/smtpd.c
@@ -3272,6 +3272,7 @@ static int etrn_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv)
 
 static int quit_cmd(SMTPD_STATE *state, int unused_argc, SMTPD_TOKEN *unused_argv)
 {
+    int     out_pending = vstream_bufstat(state->client, VSTREAM_BST_OUT_PEND);
 
     /*
      * Don't bother checking the syntax.
@@ -3286,7 +3287,7 @@ static int quit_cmd(SMTPD_STATE *state, int unused_argc, SMTPD_TOKEN *unused_arg
      * XXX When this was added in Postfix 2.1 we used vstream_fflush(). As of
      * Postfix 2.3 we use smtp_flush() for better error reporting.
      */
-    if (vstream_bufstat(state->client, VSTREAM_BST_OUT_PEND) > 0)
+    if (out_pending > 0)
        smtp_flush(state->client);
     return (0);
 }

diff --git a/postfix/src/util/vstream.c b/postfix/src/util/vstream.c
index 299899795f9fb72556f9d1f2109faadd53fc62b9..f3f333ba7b5028ef56009533f2927f9f0d5ebd29 100644 (file)
--- a/postfix/src/util/vstream.c
+++ b/postfix/src/util/vstream.c
@@ -1304,7 +1304,10 @@ void    vstream_control(VSTREAM *stream, int name,...)
            if (req_bufsize < 0)
                msg_panic("VSTREAM_CTL_BUFSIZE with negative size: %ld",
                          (long) req_bufsize);
-           if (req_bufsize > stream->req_bufsize)
+           if (stream->req_bufsize == 0)
+               stream->req_bufsize = VSTREAM_BUFSIZE;  /* 2.4 binary compat. */
+           if (stream != VSTREAM_ERR
+               && req_bufsize > stream->req_bufsize)
                stream->req_bufsize = req_bufsize;
            break;
        default: