Bugfix (introduced: Postfix-2.9.0): null pointer read, while
logging a warning after a postscreen_command_filter read
error. File: postscreen/postscreen_smtpd.c.
+
+20191014
+
+ Bugfix (introduced: Postfix 2.8): don't gratuitously enable
+ all after-220 tests when only one such test is enabled.
+ This made selective tests impossible with 'good' clients.
+ File: postscreen/postscreen_smtpd.c.
+
+20191214
+
+ Bugfix (introduced: Postfix 3.1): support for
+ smtp_dns_resolver_options was broken while adding support
+ for negative DNS response caching in postscreen. Postfix
+ was inadvertently changed to call res_query() instead of
+ res_search(). Reported by Jaroslav Skarvada. File:
+ dns/dns_lookup.c.
+
+ Bugfix (introduced: Postfix 3.0): sanitize server responses
+ before storing them in the verify database, to avoid Postfix
+ warnings about malformed UTF8. File: verify/verify.c.
+
+20200115
+
+ Bugfix (introduced: Postfix 2.5): the Milter connect event
+ macros were evaluated before the Milter connection itself
+ had been negotiated. Problem reported by David Bürgin.
+ Files: milter/milter.h, milter/milter.c, milter/milter8.c
+
if (keep_notfound)
/* Prepare for returning a null-padded server reply. */
memset(answer, 0, anslen);
- len = res_query(name, class, type, answer, anslen);
+ len = res_search(name, class, type, answer, anslen);
/* Begin API creep workaround. */
if (len < 0 && h_errno == 0) {
SET_H_ERRNO(TRY_AGAIN);
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20190921"
-#define MAIL_VERSION_NUMBER "3.2.11"
+#define MAIL_RELEASE_DATE "20200203"
+#define MAIL_VERSION_NUMBER "3.2.12"
#ifdef SNAPSHOT
#define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE
if (msg_verbose)
msg_info("report connect to all milters");
for (resp = 0, m = milters->milter_list; resp == 0 && m != 0; m = m->next) {
+ if (m->connect_on_demand != 0)
+ m->connect_on_demand(m);
any_macros = MILTER_MACRO_EVAL(global_macros, m, milters, conn_macros);
resp = m->conn_event(m, client_name, client_addr, client_port,
addr_family, any_macros);
struct MILTER *next; /* linkage */
struct MILTERS *parent; /* parent information */
struct MILTER_MACROS *macros; /* private macros */
+ void (*connect_on_demand) (struct MILTER *);
const char *(*conn_event) (struct MILTER *, const char *, const char *, const char *, unsigned, ARGV *);
const char *(*helo_event) (struct MILTER *, const char *, int, ARGV *);
const char *(*mail_event) (struct MILTER *, const char **, ARGV *);
#define STR_EQ(x,y) (strcmp((x), (y)) == 0)
#define STR_NE(x,y) (strcmp((x), (y)) != 0)
- /*
- * XXX Sendmail 8 libmilter closes the MTA-to-filter socket when it finds
- * out that the SMTP client has disconnected. Because of this, Postfix
- * has to open a new MTA-to-filter socket for each SMTP client.
- */
-#ifdef LIBMILTER_AUTO_DISCONNECT
- milter8_connect(milter);
-#endif
-
/*
* Report the event.
*/
/*
* Fill in the structure. Note: all strings must be copied.
+ *
+ * XXX Sendmail 8 libmilter closes the MTA-to-filter socket when it finds
+ * out that the SMTP client has disconnected. Because of this, Postfix
+ * has to open a new MTA-to-filter socket for each SMTP client.
*/
milter = (MILTER8 *) mymalloc(sizeof(*milter));
milter->m.name = mystrdup(name);
milter->m.next = 0;
milter->m.parent = parent;
milter->m.macros = 0;
+#ifdef LIBMILTER_AUTO_DISCONNECT
+ milter->m.connect_on_demand = (void (*) (struct MILTER *)) milter8_connect;
+#else
+ milter->m.connect_on_demand = 0;
+#endif
milter->m.conn_event = milter8_conn_event;
milter->m.helo_event = milter8_helo_event;
milter->m.mail_event = milter8_mail_event;
state->read_state = PSC_SMTPD_CMD_ST_ANY;
/*
- * Opportunistically make postscreen more useful by turning on the
- * pipelining and non-SMTP command tests when a pre-handshake test
- * failed, or when some deep test is configured as enabled.
+ * Disable all after-220 tests when we need to hang up immediately after
+ * reading the first SMTP client command.
*
- * XXX Make "opportunistically" configurable for each test.
+ * Opportunistically make postscreen more useful, by turning on all
+ * after-220 tests when a bad client failed a before-220 test.
+ *
+ * Otherwise, only apply the explicitly-configured after-220 tests.
*/
- if ((state->flags & PSC_STATE_FLAG_SMTPD_X21) == 0) {
- state->flags |= PSC_STATE_MASK_SMTPD_TODO;
- } else {
+ if (state->flags & PSC_STATE_FLAG_SMTPD_X21) {
state->flags &= ~PSC_STATE_MASK_SMTPD_TODO;
+ } else if (state->flags & PSC_STATE_MASK_ANY_FAIL) {
+ state->flags |= PSC_STATE_MASK_SMTPD_TODO;
}
/*
|| STATUS_FROM_RAW_ENTRY(raw_data) != DEL_RCPT_STAT_OK) {
probed = 0;
updated = (long) time((time_t *) 0);
+ printable(STR(text), '?');
verify_make_entry(buf, addr_status, probed, updated, STR(text));
if (msg_verbose)
msg_info("PUT %s status=%d probed=%ld updated=%ld text=%s",
projects / thirdparty / postfix.git / commitdiff
