20071030
- Bugfix: Postfix mistakenly enforced the 64kbyte limit (for
- sending body parts TO Milter applications) also while
- receiving packets FROM Milter applications. The limit is
- now at least 1GB. File: milter/milter8.c.
+ Bugfix (introduced Postfix 2.3): Postfix mistakenly enforced
+ the 64kbyte limit (for sending body parts TO Milter
+ applications) also while receiving packets FROM Milter
+ applications. The limit is now at least 1GB. File:
+ milter/milter8.c.
20071105
features code easier. Files: *qmgr/qmgr_transport.c,
*qmgr/qmgr_queue.c, *qmgr/qmgr_entry.c.
- Bugfix: don't update the back-to-back delivery time stamp
- while deferring mail. File: *qmgr/qmgr_entry.c.
+ Bugfix (introduced Postfix 2.2): don't update the back-to-back
+ delivery time stamp while deferring mail. File: *qmgr/qmgr_entry.c.
20071203
*qmgr/qmgr_entry.c, smtp/smtp_connect.c,
proto/SCHEDULER_README.html.
- Bugfix: qmqpd ignored the qmqpd_client_port_logging parameter
- setting. File: qmqpd/qmqpd.c.
+ Bugfix (introduced snapshot 20071006): qmqpd ignored the
+ qmqpd_client_port_logging parameter setting. File:
+ qmqpd/qmqpd.c.
20071216
The "tls_require_cert" is now compatible with OpenLDAP 2.1
and later. Victor Duchovni. Files: proto/ldap_table,
global/dict_ldap.c.
+
+20071218
+
+ Cleanup: removed the "#ifdef USE_LIBMILTER_INCLUDES"
+ dependencies on system-installed Milter protocol include
+ files. Verified that the object code has not changed. File:
+ milter/milter8.c.
+
+ Sanity check: idiot filter to detect attempts to use the
+ same database file for different TLS session caches. File:
+ tlsmgr/tlsmgr.c.
+
+ Cleanup: updated the spell check stoplist and the spell
+ check script. Files: mantools/spell, proto/stop.
+
+ Cleanup: replaced documentation references to xxgdb by ddd.
+ The xxgdb program hasn't been updated in more than 10 years.
+ Files: proto/postconf.proto, conf/main.cf.
data_directory. As a migration aid, an attempt to open the file under a non-
Postfix directory is redirected to the Postfix-owned data_directory, and a
warning is logged. If you wish to continue using an pre-existing database file,
-move it to the data_directory, and change ownership to the account specfied
+move it to the data_directory, and change ownership to the account specified
with the mail_owner parameter.
NOTE 2: Do not put this file in a file system that may run out of space. When
# sendmail -bd -qwhatever
and watch your maillog file for any error messages. The pathname is /var/log/
-maillog, /var/log/mail, /var/log/syslog, or someting else. Typically, the
+maillog, /var/log/mail, /var/log/syslog, or something else. Typically, the
pathname is defined in the /etc/syslog.conf file.
% egrep '(reject|warning|error|fatal|panic):' /some/log/file
#
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
- xxgdb $daemon_directory/$process_name $process_id & sleep 5
+ ddd $daemon_directory/$process_name $process_id & sleep 5
# If you can't use X, use this to capture the call stack when a
# daemon crashes. The result is in a file in the configuration
open the file under a non-Postfix directory is redirected to the
Postfix-owned <a href="postconf.5.html#data_directory">data_directory</a>, and a warning is logged. If you wish
to continue using an pre-existing database file, move it to the
-<a href="postconf.5.html#data_directory">data_directory</a>, and change ownership to the account specfied with
+<a href="postconf.5.html#data_directory">data_directory</a>, and change ownership to the account specified with
the <a href="postconf.5.html#mail_owner">mail_owner</a> parameter. </p>
<p> NOTE 2: Do not put this file in a file system that may run out
</blockquote>
<p> and watch your maillog file for any error messages. The pathname
-is /var/log/maillog, /var/log/mail, /var/log/syslog, or someting
+is /var/log/maillog, /var/log/mail, /var/log/syslog, or something
else. Typically, the pathname is defined in the /etc/syslog.conf
file. </p>
<pre>
<a href="postconf.5.html#debugger_command">debugger_command</a> =
PATH=/usr/bin:/usr/X11R6/bin
-
xxgdb $<a href="postconf.5.html#daemon_directory">daemon_directory</a>/$<a href="postconf.5.html#process_name">process_name</a> $<a href="postconf.5.html#process_id">process_id</a> & sleep 5
+
ddd $<a href="postconf.5.html#daemon_directory">daemon_directory</a>/$<a href="postconf.5.html#process_name">process_name</a> $<a href="postconf.5.html#process_id">process_id</a> & sleep 5
</pre>
.ft C
debugger_command =
PATH=/usr/bin:/usr/X11R6/bin
- xxgdb $daemon_directory/$process_name $process_id & sleep 5
+ ddd $daemon_directory/$process_name $process_id & sleep 5
.fi
.ad
.ft R
for i in $*
do
echo === $i ===
- dehtml $i | spell | fgrep -vxf proto/stop
+ mantools/html2readme $i | col -b | spell | fgrep -vxf proto/stop
done
open the file under a non-Postfix directory is redirected to the
Postfix-owned data_directory, and a warning is logged. If you wish
to continue using an pre-existing database file, move it to the
-data_directory, and change ownership to the account specfied with
+data_directory, and change ownership to the account specified with
the mail_owner parameter. </p>
<p> NOTE 2: Do not put this file in a file system that may run out
</blockquote>
<p> and watch your maillog file for any error messages. The pathname
-is /var/log/maillog, /var/log/mail, /var/log/syslog, or someting
+is /var/log/maillog, /var/log/mail, /var/log/syslog, or something
else. Typically, the pathname is defined in the /etc/syslog.conf
file. </p>
<pre>
debugger_command =
PATH=/usr/bin:/usr/X11R6/bin
- xxgdb $daemon_directory/$process_name $process_id & sleep 5
+ ddd $daemon_directory/$process_name $process_id & sleep 5
</pre>
%PARAM 2bounce_notice_recipient postmaster
qwhatever
readme
setenv
-someting
syslog
syslogd
util
sotruss
strace
tcpdump
-tcpdumpx
-xxgdb
BUILTIN
SPAM
website
yulszqocfzsficvzzju
yyyyyy
zzzzzz
+BC
+DKIM
+DomainKeys
+Hmm
+Jnicke
+QAdGVzdHBhc
+RBL's
+RBLs
+RST
+SMTPS
+Spamhaus
+Ss
+Ubuntu
+blocklists
+botnet
+botnets
+bx
+cb
+co
+dest
+foreach
+int
+jp
+le
+mind's
+nqmgr's
+overinflating
+portscan
+preemptions
+ps
+qf
+refcount
+ru
+spamhaus
+stddev
+sysadmins
+timeline
+todo
+tt
+unsubscribe
+wl
+zen
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20071216"
+#define MAIL_RELEASE_DATE "20071218"
#define MAIL_VERSION_NUMBER "2.5"
#ifdef SNAPSHOT
/* Sendmail 8 Milter protocol. */
-#ifdef USE_LIBMILTER_INCLUDES
-
- /*
- * Use the include files that match the installed libmilter library. This
- * requires that the libmilter files are installed before Postfix can be
- * built with milter support, and requires that Postfix is rebuilt whenever
- * protocol version in these files changes. The other option (below) is to
- * use our own protocol definitions.
- */
-#include <libmilter/mfapi.h>
-#include <libmilter/mfdef.h>
-
- /*
- * Compatibility for missing definitions or for names that have changed over
- * time.
- */
-#ifndef SMFIF_CHGBODY
-#define SMFIF_CHGBODY SMFIF_MODBODY
-#endif
-#ifndef SMFIF_CHGHDRS
-#define SMFIF_CHGHDRS SMFIF_MODHDRS
-#endif
-#if defined(SMFIC_UNKNOWN) && !defined(SMFIP_NOUNKNOWN)
-#define SMFIP_NOUNKNOWN (1L<<8) /* MTA should not send unknown cmd */
-#endif
-#if defined(SMFIC_DATA) && !defined(SMFIP_NODATA)
-#define SMFIP_NODATA (1L<<9) /* MTA should not send DATA */
-#endif
-
-#else
-
/*
* Use our own protocol definitions, so that Postfix can be built even when
* libmilter is not installed. This means that we must specify the libmilter
*/
#define MILTER_CHUNK_SIZE 65535 /* body chunk size */
-#endif
-
/* Utility library. */
#include <msg.h>
int version; /* application protocol version */
int rq_mask; /* application requests (SMFIF_*) */
int ev_mask; /* application events (SMFIP_*) */
-#ifndef USE_LIBMILTER_INCLUDES
int np_mask; /* events outside my protocol version */
-#endif
VSTRING *buf; /* I/O buffer */
VSTRING *body; /* I/O buffer */
VSTREAM *fp; /* stream or null (closed) */
#define XXX_MAX_DATA (INT_MAX / 2)
#define XXX_TIMEOUT 10
-#ifndef USE_LIBMILTER_INCLUDES
-
/*
* If we're not using Sendmail's libmilter include files, then we implement
* the protocol up to and including version 4, and configure in main.cf what
0, -1,
};
-#endif
-
/*
* Tables to map the above symbolic constants to printable strings. We use
* NAME_CODE for commands and replies, and NAME_MASK for bit mask values.
/*
* Skip this event if it doesn't exist in the protocol that I announced.
*/
-#ifndef USE_LIBMILTER_INCLUDES
if ((skip_event_flag & milter->np_mask) != 0) {
if (msg_verbose)
msg_info("skipping non-protocol event %s for milter %s",
smfic_name : "(unknown MTA event)", milter->m.name);
return (milter->def_reply);
}
-#endif
/*
* Send the macros for this event, even when we're not reporting the
#endif
);
-#ifdef USE_LIBMILTER_INCLUDES
- const UINT32_TYPE my_version = SMFI_VERSION;
- const UINT32_TYPE my_events = (SMFIP_NOCONNECT | SMFIP_NOHELO
- | SMFIP_NOMAIL | SMFIP_NORCPT
- | SMFIP_NOBODY | SMFIP_NOHDRS
- | SMFIP_NOEOH
-#ifdef SMFIP_NOHREPL
- | SMFIP_NOHREPL
-#endif
-#ifdef SMFIP_NOUNKNOWN
- | SMFIP_NOUNKNOWN
-#endif
-#ifdef SMFIP_NODATA
- | SMFIP_NODATA
-#endif
- );
-
-#else
UINT32_TYPE my_version = 0;
UINT32_TYPE my_events = 0;
char *saved_version;
char *cp;
char *name;
-#endif
-
/*
* Sanity check.
*/
msg_panic("%s: milter %s: socket is not closed",
myname, milter->m.name);
-#ifndef USE_LIBMILTER_INCLUDES
-
/*
* For user friendliness reasons the milter_protocol configuration
* parameter can specify both the protocol version and protocol
myname, my_version,
str_name_mask_opt(milter->buf, "non-protocol event mask",
smfip_table, milter->np_mask, NAME_MASK_NUMBER));
-#endif
/*
* Parse the Milter application endpoint.
ATTR_TYPE_INT, MAIL_ATTR_MILT_VERS, milter->version,
ATTR_TYPE_INT, MAIL_ATTR_MILT_ACTS, milter->rq_mask,
ATTR_TYPE_INT, MAIL_ATTR_MILT_EVTS, milter->ev_mask,
-#ifndef USE_LIBMILTER_INCLUDES
ATTR_TYPE_INT, MAIL_ATTR_MILT_NPTS, milter->np_mask,
-#endif
ATTR_TYPE_INT, MAIL_ATTR_MILT_STAT, milter->state,
ATTR_TYPE_INT, MAIL_ATTR_MILT_CONN, milter->conn_timeout,
ATTR_TYPE_INT, MAIL_ATTR_MILT_CMD, milter->cmd_timeout,
ATTR_TYPE_INT, MAIL_ATTR_MILT_VERS, &version,
ATTR_TYPE_INT, MAIL_ATTR_MILT_ACTS, &rq_mask,
ATTR_TYPE_INT, MAIL_ATTR_MILT_EVTS, &ev_mask,
-#ifndef USE_LIBMILTER_INCLUDES
ATTR_TYPE_INT, MAIL_ATTR_MILT_NPTS, &np_mask,
-#endif
ATTR_TYPE_INT, MAIL_ATTR_MILT_STAT, &state,
ATTR_TYPE_INT, MAIL_ATTR_MILT_CONN, &conn_timeout,
ATTR_TYPE_INT, MAIL_ATTR_MILT_CMD, &cmd_timeout,
#endif
} else {
#define NO_PROTOCOL ((char *) 0)
-
+
if (msg_verbose)
msg_info("%s: milter %s", myname, STR(name_buf));
milter->version = version;
milter->rq_mask = rq_mask;
milter->ev_mask = ev_mask;
-#ifndef USE_LIBMILTER_INCLUDES
milter->np_mask = np_mask;
-#endif
milter->state = state;
return (&milter->m);
}
tlsmgr.o: ../../include/data_redirect.h
tlsmgr.o: ../../include/dict.h
tlsmgr.o: ../../include/events.h
+tlsmgr.o: ../../include/htable.h
tlsmgr.o: ../../include/iostuff.h
tlsmgr.o: ../../include/mail_conf.h
tlsmgr.o: ../../include/mail_params.h
#include <vstring_vstream.h>
#include <attr.h>
#include <set_eugid.h>
+#include <htable.h>
/* Global library. */
* State for TLS session caches.
*/
typedef struct {
- char *cache_label;
- TLS_SCACHE *cache_info;
- int cache_active;
- char **cache_db;
- int *cache_loglevel;
- int *cache_timeout;
+ char *cache_label; /* cache short-hand name */
+ TLS_SCACHE *cache_info; /* cache handle */
+ int cache_active; /* cache status */
+ char **cache_db; /* main.cf parameter value */
+ int *cache_loglevel; /* main.cf parameter value */
+ int *cache_timeout; /* main.cf parameter value */
} TLSMGR_SCACHE;
TLSMGR_SCACHE cache_table[] = {
struct timeval tv;
TLSMGR_SCACHE *ent;
VSTRING *redirect;
+ HTABLE *dup_filter;
+ const char *dup_label;
/*
* If nothing else works then at least this will get us a few bits of
* Open the session cache files and discard old information before going
* to jail, but don't use root privilege. Start the cache maintenance
* pseudo threads after dropping privileges.
- *
- * XXX Need sanity check that the databases have different names.
*/
- for (ent = cache_table; ent->cache_label; ++ent)
- if (**ent->cache_db)
+ dup_filter = htable_create(sizeof(cache_table) / sizeof(cache_table[0]));
+ for (ent = cache_table; ent->cache_label; ++ent) {
+ if (**ent->cache_db) {
+ if ((dup_label = htable_find(dup_filter, *ent->cache_db)) != 0)
+ msg_fatal("do not use the same TLS cache file %s for %s and %s",
+ *ent->cache_db, dup_label, ent->cache_label);
+ htable_enter(dup_filter, *ent->cache_db, ent->cache_label);
ent->cache_info =
tls_scache_open(data_redirect_map(redirect, *ent->cache_db),
ent->cache_label,
*ent->cache_loglevel >= 2,
*ent->cache_timeout);
+ }
+ }
+ htable_free(dup_filter, (void (*) (char *)) 0);
/*
* Clean up and restore privilege.
projects / thirdparty / postfix.git / commitdiff
