20200419
- Bugfix: segfault in the tlsproxy client role when the server
- role was disabled. This typically happens with a first-time
- Postfix install and after configuring only outbound TLS.
- Found during program maintenance. File: tlsproxy/tlsproxy.c.
+ Bugfix (introduced: Postfix 3.4): segfault in the tlsproxy
+ client role when the server role was disabled. This typically
+ happens with a first-time Postfix install and after configuring
+ only outbound TLS. Found during program maintenance. File:
+ tlsproxy/tlsproxy.c.
20200420
20200422
- Security: disable TLSA/DANE on Alpine Linux because libc-musl
- provides no indication whether responses are authentic.
- This broke TLSA/DANE without a clear explanation. File:
- makedefs.
+ Security: disable DANE support on Alpine Linux because
+ libc-musl provides no indication whether DNS responses are
+ authentic. This broke DANE support without a clear explanation.
+ File: makedefs.
20200425
However, with a SHARED listen socket as used in Postfix,
kernel-based load balancing does not help, and Postfix still
requires locking to avoid waking up multiple processes when
- a connection arrives. Files: util/inet_listen.c,
+ a connection arrives. Files: util/inet_listen.c,
20200502
20200509
- Bugfix (introduced: Postfix 3.5): maillog_file_rotate_suffix
+ Bugfix (introduced: Postfix 3.4): maillog_file_rotate_suffix
default value used the minute instead of the month. Reported
by Larry Stone. Files: conf/postfix-tls-script,
proto/MAILLOG_README.html, proto/postconf.proto.
20200511
- Noise suppression: spurious "SSL_Shutdown:shutdown while
- in init" warnings. File: tls/tls_session.c.
+ Noise suppression: avoid "SSL_Shutdown:shutdown while in
+ init" warnings. File: tls/tls_session.c.
Debugging: with a single -v, the cleanup server now also
logs output envelope records, so that one -v option shows
20200515
- Bugfix (introduced: Postfix 2.2): TLS error status info
- from a PostgreSQL client caused a false 'lost connection'
- error for an SMTP-over-TLS session in the same Postfix
- process. Reported by Alexander Vasarab, diagnosed by Viktor
- Dukhovni. File: tls/tls_bio_ops.c.
+ Bugfix (introduced: Postfix 2.2): a TLS error for a PostgreSQL
+ client caused a false 'lost connection' error for an SMTP
+ over TLS session in the same Postfix process. Reported by
+ Alexander Vasarab, diagnosed by Viktor Dukhovni. File:
+ tls/tls_bio_ops.c.
+
+ Bugfix (introduced: Postfix 2.8): a TLS error for one TLS
+ session may cause a false 'lost connection' error for a
+ concurrent TLS session in the same tlsproxy process. File:
+ tlsproxy/tlsproxy.c.
+
+20200518
+
+ Documentation: updated the wording of recent HISTORY entries,
+ based on the text in the 20200516 stable releases.
- Bugfix (introduced: Postfix 2.8): TLS error status info
- from one TLS session may cause a false 'lost connection'
- error for concurrent TLS sessions in the same tlsproxy
- process. File: tlsproxy/tlsproxy.c.
+20200521
+
+ Cleanup: the value of __RES (defined in resolv.h) determines
+ whether the res_nxxx() API is available. Credit to Rich
+ Felker. Files: util/sys_defs.h, dns/dns_lookup.c.
+
+20200522
+
+ Cleanup: the postconf command builds with -fno-common.
+ Files: makedefs, Makefile.in, postconf/extract.awk,
+ postconf/install_vars.h.
+
+20200523
+
+ Cleanup: the 20200503 change did not prevent direct access
+ to the obsolete h_errno variable in smtpd_checks.c. This
+ variable may still be updated, but we should not count on
+ that. Files: dns/dns.h, dns/dns_lookup.c, smtpd/smtpd_check.c.
+
+ Cleanup: unit tests now build with -fno-common. Files:
+ global/server_acl.c, smtpd/smtpd_check.c, global/strip_addr.c,
+ proxymap/proxymap.c.
# To test with valgrind:
# make -i tests VALGRIND="valgrind --tool=memcheck --log-file=/some/where.%p"
SHELL = /bin/sh
-WARN = -Wmissing-prototypes -Wformat -Wno-comment -fcommon
+WARN = -Wmissing-prototypes -Wformat -Wno-comment -fno-common
OPTS = 'WARN=$(WARN)'
DIRS = src/util src/global src/dns src/tls src/xsasl src/master src/milter \
src/postfix src/fsstone src/smtpstone \
This is also the default for systems that are known not to support
the threadsafe resolver API, such systems that use libc-musl.
+
+Incompatible changes with snapshot 20200416
+===========================================
+
+Security: this release disables DANE support on Linux systems with
+libc-musl, because libc-musl provides no indication whether DNS
+responses are authentic. This broke DANE support without a clear
+explanation.
Wish list:
- Find a reasonable way to generate postconf configuration
- parameter tables without breaking gcc -fnocommon.
+ DNSSEC end-to-end test, probing a configurable zone (".")
+ and resource type (default: NS).
+
+ When a secondary instance has no multi_instance_name set,
+` postmulti -i won't be able to find it.
Read http://mmogilvi.users.sourceforge.net/software/oauthbearer.html
and see how we can improve on the Postfix side.
*) echo Warning: libc-musl breaks DANE/TLSA security. 1>&2
echo This build will not support DANE/TLSA. 1>&2
CCARGS="$CCARGS -DNO_DNSSEC";;
- esac
- case "$CCARGS" in
- *-DNO_RES_NCALLS*) ;;
- *) echo Warning: libc-musl does not support res_ninit etc. 1>&2
- echo This build will not support modern resolver features. 1>&2
- CCARGS="$CCARGS -DNO_RES_NCALLS";;
esac;;
esac;;
esac
: ${CC=gcc} ${OPT='-O'} ${DEBUG='-g'} ${AWK=awk} \
${WARN='-Wall -Wno-comment -Wformat -Wimplicit -Wmissing-prototypes \
-Wparentheses -Wstrict-prototypes -Wswitch -Wuninitialized \
- -Wunused -Wno-missing-braces -fcommon'}
+ -Wunused -Wno-missing-braces -fno-common'}
# Extract map type names from -DHAS_XXX compiler options. We avoid
# problems with tr(1) range syntax by using enumerations instead,
(cp) += 4; \
}
+#endif
+
+ /*
+ * Provide API compatibility for systems without res_nxxx() API. Also
+ * require calling dns_get_h_errno() instead of directly accessing the
+ * global h_errno variable. We should not count on that being updated.
+ */
+#if !defined(NO_RES_NCALLS) && defined(__RES) && (__RES >= 19991006)
+#define USE_RES_NCALLS
+#undef h_errno
+#define h_errno use_dns_get_h_errno_instead_of_h_errno
#endif
/*
VSTRING *, int *, int,...);
extern int dns_lookup_rv(const char *, unsigned, DNS_RR **, VSTRING *,
VSTRING *, int *, int, unsigned *);
+extern int dns_get_h_errno(void);
#define dns_lookup(name, type, rflags, list, fqdn, why) \
dns_lookup_x((name), (type), (rflags), (list), (fqdn), (why), (int *) 0, \
/* VSTRING *why;
/* int lflags;
/* unsigned *ltype;
+/*
+/* int dns_get_h_errno()
/* AUXILIARY FUNCTIONS
/* extern int var_dns_ncache_ttl_fix;
/*
/* an invalid name is reported as a DNS_INVAL result, while
/* malformed replies are reported as transient errors.
/*
+/* dns_get_h_errno() returns the last error. This deprecates
+/* usage of the global h_errno variable. We should not rely
+/* on that being updated.
+/*
/* dns_lookup_l() and dns_lookup_v() allow the user to specify
/* a list of resource types.
/*
vstring_free(hpref_rtext);
return (status);
}
+
+/* dns_get_h_errno - get the last lookup status */
+
+int dns_get_h_errno(void)
+{
+ return (DNS_GET_H_ERRNO(&dns_res_state));
+}
/* P.O. Box 704
/* Yorktown Heights, NY 10598, USA
/*
+/* Wietse Venema
+/* Google, Inc.
+/* 111 8th Avenue
+/* New York, NY 10011, USA
+/*
/* Liviu Daia
/* Institute of Mathematics of the Romanian Academy
/* P.O. BOX 1-764
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20200515"
+#define MAIL_RELEASE_DATE "20200523"
#define MAIL_VERSION_NUMBER "3.6"
#ifdef SNAPSHOT
/* IBM T.J. Watson Research
/* P.O. Box 704
/* Yorktown Heights, NY 10598, USA
+/*
+/* Wietse Venema
+/* Google, Inc.
+/* 111 8th Avenue
+/* New York, NY 10011, USA
/*--*/
/* System library. */
#include <vstring_vstream.h>
#include <name_code.h>
#include <split_at.h>
-
-char *var_par_dom_match = DEF_PAR_DOM_MATCH;
-char *var_mynetworks = "";
+
char *var_server_acl = "";
#define UPDATE_VAR(s,v) do { if (*(s)) myfree(s); (s) = mystrdup(v); } while (0)
0,
};
+ /*
+ * No static initializer because these are owned by a library.
+ */
+ var_par_dom_match = DEF_PAR_DOM_MATCH;
+ var_mynetworks = "";
+
#define VAR_SERVER_ACL "server_acl"
while (vstring_get_nonl(buf, VSTREAM_IN) != VSTREAM_EOF) {
#include <msg.h>
#include <mail_params.h>
-char *var_double_bounce_sender = DEF_DOUBLE_BOUNCE;
-
int main(int unused_argc, char **unused_argv)
{
char *extension;
#define NO_DELIM ""
+ /*
+ * No static initializer, because this is owned by a library.
+ */
+ var_double_bounce_sender = DEF_DOUBLE_BOUNCE;
+
/*
* Incredible. This function takes only three arguments, and the tests
* already take more lines of code than the code being tested.
# have a more modern implementation that is XPG4-compatible, but it
# is too much bother to find out where each system keeps these.
+{ owned_by_library = (FILENAME ~ /\/(global|tls)\//) }
+
/^(static| )*(const +)?CONFIG_INT_TABLE .*\{/,/\};/ {
if ($1 ~ /VAR/) {
- int_vars["int " substr($3,2,length($3)-2) ";"] = 1
+ if (!owned_by_library)
+ int_vars["int " substr($3,2,length($3)-2) ";"] = 1
if (++itab[$1 $2 $4 $5 $6 $7 $8 $9] == 1) {
int_table[$0] = 1
}
}
/^(static| )*(const +)?CONFIG_STR_TABLE .*\{/,/\};/ {
if ($1 ~ /^VAR/) {
- str_vars["char *" substr($3,2,length($3)-2) ";"] = 1
+ if (!owned_by_library)
+ str_vars["char *" substr($3,2,length($3)-2) ";"] = 1
if (++stab[$1 $2 $4 $5 $6 $7 $8 $9] == 1) {
str_table[$0] = 1
}
}
/^(static| )*(const +)?CONFIG_STR_FN_TABLE .*\{/,/\};/ {
if ($1 ~ /^VAR/) {
- str_fn_vars["char *" substr($3,2,length($3)-2) ";"] = 1
+ if (!owned_by_library)
+ str_fn_vars["char *" substr($3,2,length($3)-2) ";"] = 1
$2 = "pcf_" $2
if (++stab[$1 $2 $4 $5 $6 $7 $8 $9] == 1) {
str_fn_table[$0] = 1
}
/^(static| )*(const +)?CONFIG_RAW_TABLE .*\{/,/\};/ {
if ($1 ~ /^VAR/) {
- raw_vars["char *" substr($3,2,length($3)-2) ";"] = 1
+ if (!owned_by_library)
+ raw_vars["char *" substr($3,2,length($3)-2) ";"] = 1
if (++rtab[$1 $2 $4 $5 $6 $7 $8 $9] == 1) {
raw_table[$0] = 1
}
}
/^(static| )*(const +)?CONFIG_BOOL_TABLE .*\{/,/\};/ {
if ($1 ~ /^VAR/) {
- bool_vars["int " substr($3,2,length($3)-2) ";"] = 1
+ if (!owned_by_library)
+ bool_vars["int " substr($3,2,length($3)-2) ";"] = 1
if (++btab[$1 $2 $4 $5 $6 $7 $8 $9] == 1) {
bool_table[$0] = 1
}
}
/^(static| )*(const +)?CONFIG_TIME_TABLE .*\{/,/\};/ {
if ($1 ~ /^VAR/) {
- time_vars["int " substr($3,2,length($3)-2) ";"] = 1
+ if (!owned_by_library)
+ time_vars["int " substr($3,2,length($3)-2) ";"] = 1
if (++ttab[$1 $2 $4 $5 $6 $7 $8 $9] == 1) {
time_table[$0] = 1
}
}
/^(static| )*(const +)?CONFIG_NINT_TABLE .*\{/,/\};/ {
if ($1 ~ /VAR/) {
- nint_vars["int " substr($3,2,length($3)-2) ";"] = 1
+ if (!owned_by_library)
+ nint_vars["int " substr($3,2,length($3)-2) ";"] = 1
if (++itab[$1 $2 $4 $5 $6 $7 $8 $9] == 1) {
nint_table[$0] = 1
}
}
/^(static| )*(const +)?CONFIG_NBOOL_TABLE .*\{/,/\};/ {
if ($1 ~ /^VAR/) {
- nbool_vars["int " substr($3,2,length($3)-2) ";"] = 1
+ if (!owned_by_library)
+ nbool_vars["int " substr($3,2,length($3)-2) ";"] = 1
if (++btab[$1 $2 $4 $5 $6 $7 $8 $9] == 1) {
nbool_table[$0] = 1
}
}
/^(static| )*(const +)?CONFIG_LONG_TABLE .*\{/,/\};/ {
if ($1 ~ /VAR/) {
- long_vars["long " substr($3,2,length($3)-2) ";"] = 1
+ if (!owned_by_library)
+ long_vars["long " substr($3,2,length($3)-2) ";"] = 1
if (++itab[$1 $2 $4 $5 $6 $7 $8 $9] == 1) {
long_table[$0] = 1
}
-char *var_config_dir;
char *var_debug_command;
VAR_VIRT_MAILBOX_MAPS, DEF_VIRT_MAILBOX_MAPS, &var_virt_mailbox_maps, 0, 0,
VAR_VIRT_MAILBOX_DOMS, DEF_VIRT_MAILBOX_DOMS, &var_virt_mailbox_doms, 0, 0,
VAR_RELAY_RCPT_MAPS, DEF_RELAY_RCPT_MAPS, &var_relay_rcpt_maps, 0, 0,
- VAR_RELAY_DOMAINS, DEF_RELAY_DOMAINS, &var_relay_domains, 0, 0,
VAR_CANONICAL_MAPS, DEF_CANONICAL_MAPS, &var_canonical_maps, 0, 0,
VAR_SEND_CANON_MAPS, DEF_SEND_CANON_MAPS, &var_send_canon_maps, 0, 0,
VAR_RCPT_CANON_MAPS, DEF_RCPT_CANON_MAPS, &var_rcpt_canon_maps, 0, 0,
"%s as mail exchanger: %s",
reply_name, reply_class, host,
dns_status == DNS_POLICY ?
- "DNS reply filter policy" : dns_strerror(h_errno));
+ "DNS reply filter policy" :
+ dns_strerror(dns_get_h_errno()));
return (NOPE);
}
for (rr = addr_list; rr != 0; rr = rr->next) {
450, "4.4.4",
"<%s>: %s rejected: Unable to look up mail "
"exchanger information: %s",
- reply_name, reply_class, dns_status == DNS_POLICY ?
- "DNS reply filter policy" : dns_strerror(h_errno));
+ reply_name, reply_class,
+ dns_status == DNS_POLICY ?
+ "DNS reply filter policy" :
+ dns_strerror(dns_get_h_errno()));
return (SMTPD_CHECK_DUNNO);
}
}
if (dns_status != DNS_OK) {
msg_warn("Unable to look up %s host for %s: %s", dns_strtype(type),
- domain && domain[1] ? domain : name, dns_status == DNS_POLICY ?
- "DNS reply filter policy" : dns_strerror(h_errno));
+ domain && domain[1] ? domain : name,
+ dns_status == DNS_POLICY ?
+ "DNS reply filter policy" :
+ dns_strerror(dns_get_h_errno()));
return (SMTPD_CHECK_DUNNO);
}
}
char *var_etrn_checks = "";
char *var_data_checks = "";
char *var_eod_checks = "";
-char *var_relay_domains = "";
char *var_smtpd_uproxy_proto = "";
int var_smtpd_uproxy_tmout = 0;
char *var_relay_ccerts = "";
#endif
-char *var_mynetworks = "";
char *var_notify_classes = "";
char *var_smtpd_policy_def_action = "";
char *var_smtpd_policy_context = "";
* String-valued configuration parameters.
*/
char *var_maps_rbl_domains;
-char *var_myorigin;
-char *var_mydest;
-char *var_inet_interfaces;
-char *var_proxy_interfaces;
-char *var_rcpt_delim;
char *var_rest_classes;
char *var_alias_maps;
char *var_send_canon_maps;
char *var_virt_mailbox_doms;
char *var_local_rcpt_maps;
char *var_perm_mx_networks;
-char *var_par_dom_match;
char *var_smtpd_null_key;
char *var_smtpd_snd_auth_maps;
-char *var_double_bounce_sender;
char *var_rbl_reply_maps;
char *var_smtpd_exp_filter;
char *var_def_rbl_reply;
char *var_unv_rcpt_tf_act;
char *var_unv_from_tf_act;
char *var_smtpd_acl_perm_log;
-char *var_info_log_addr_form;
typedef struct {
char *name;
VAR_SMTPD_ACL_PERM_LOG, DEF_SMTPD_ACL_PERM_LOG, &var_smtpd_acl_perm_log,
VAR_SMTPD_DNS_RE_FILTER, DEF_SMTPD_DNS_RE_FILTER, &var_smtpd_dns_re_filter,
VAR_INFO_LOG_ADDR_FORM, DEF_INFO_LOG_ADDR_FORM, &var_info_log_addr_form,
+ /* XXX No static initialization with "", because owned by a library. */
+ VAR_MYNETWORKS, "", &var_mynetworks,
+ VAR_RELAY_DOMAINS, "", &var_relay_domains,
0,
};
/* IBM T.J. Watson Research
/* P.O. Box 704
/* Yorktown Heights, NY 10598, USA
+/*
+/* Wietse Venema
+/* Google, Inc.
+/* 111 8th Avenue
+/* New York, NY 10011, USA
/*--*/
#endif
*/
#define ENFORCING_SIZE_LIMIT(param) ((param) > 0)
- /*
- * The threadsafe resolver(5) API came out before 2002, and should be on by
- * default.
- */
-#ifndef NO_RES_NCALLS
-#define USE_RES_NCALLS
-#endif
-
/*
* Don't mix socket message send/receive calls with socket stream read/write
* calls. The fact that you can get away with it only on some stacks implies
projects / thirdparty / postfix.git / commitdiff
