From: Wietse Venema Date: Thu, 28 May 2009 05:00:00 +0000 (-0500) Subject: postfix-2.7-20090528 X-Git-Tag: v2.7.0-RC1~21 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0e408b8ff3207f075ad56a8d1e9ddad533201f2e;p=thirdparty%2Fpostfix.git postfix-2.7-20090528 --- diff --git a/postfix/HISTORY b/postfix/HISTORY index 1cb927103..11e8501ef 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -15259,3 +15259,12 @@ Apologies for any names omitted. -h" to get the message header only. With large messages, "postcat -h" is much faster than manually stripping the message body from the output. File: postcat/postcat.c. + +20090528 + + Bugfix (introduced: Postfix 2.6 change 20080629): with + plaintext sessions, smtpd_tls_auth_only=yes caused spurious + warnings with reject_authenticated_sender_login_mismatch, + and broke reject_unauthenticated_sender_login_mismatch and + reject_sender_login_mismatch. Based on fix by Victor + Duchovni. File: smtpd/smtpd_check.c. diff --git a/postfix/html/postcat.1.html b/postfix/html/postcat.1.html index cfd23409a..52a2eb7da 100644 --- a/postfix/html/postcat.1.html +++ b/postfix/html/postcat.1.html @@ -10,7 +10,7 @@ POSTCAT(1) POSTCAT(1) postcat - show Postfix queue file contents SYNOPSIS - postcat [-bhmoqv] [-c config_dir] [files...] + postcat [-bdehnoqv] [-c config_dir] [files...] DESCRIPTION The postcat(1) command prints the contents of the named @@ -18,9 +18,9 @@ POSTCAT(1) POSTCAT(1) in Postfix queue file format. If no files are specified on the command line, the program reads from standard input. - By default, postcat(1) behaves as if all three options -b, - -e, and -h are given. To view message content only, spec- - ify -bh (Postfix 2.7 and later). + By default, postcat(1) shows the envelope and message con- + tent, as if the options -beh were specified. To view mes- + sage content only, specify -bh (Postfix 2.7 and later). Options: @@ -28,35 +28,34 @@ POSTCAT(1) POSTCAT(1) output at the first non-header line, and stops when the end of the message is reached. - This feature is available in Postfix version 2.7 - and later. + This feature is available in Postfix 2.7 and later. -c config_dir The main.cf configuration file is in the named directory instead of the default configuration directory. + -d Print the decimal type of each record. + -e Show message envelope content. - This feature is available in Postfix version 2.7 - and later. + This feature is available in Postfix 2.7 and later. -h Show message header content. The -h option pro- duces output from the beginning of the message up to, but not including, the first non-header line. - This feature is available in Postfix version 2.7 - and later. + This feature is available in Postfix 2.7 and later. -o Print the queue file offset of each record. -q Search the Postfix queue for the named files instead of taking the names literally. - Available in Postfix version 2.0 and later. + This feature is available in Postfix 2.0 and later. -v Enable verbose logging for debugging purposes. Mul- - tiple -v options make the software increasingly + tiple -v options make the software increasingly verbose. DIAGNOSTICS @@ -67,18 +66,18 @@ POSTCAT(1) POSTCAT(1) Directory with Postfix configuration files. CONFIGURATION PARAMETERS - The following main.cf parameters are especially relevant + The following main.cf parameters are especially relevant to this program. - The text below provides only a parameter summary. See + The text below provides only a parameter summary. See postconf(5) for more details including examples. config_directory (see 'postconf -d' output) - The default location of the Postfix main.cf and + The default location of the Postfix main.cf and master.cf configuration files. queue_directory (see 'postconf -d' output) - The location of the Postfix top-level queue direc- + The location of the Postfix top-level queue direc- tory. FILES @@ -88,7 +87,7 @@ POSTCAT(1) POSTCAT(1) postconf(5), Postfix configuration LICENSE - The Secure Mailer license must be distributed with this + The Secure Mailer license must be distributed with this software. AUTHOR(S) diff --git a/postfix/html/postconf.5.html b/postfix/html/postconf.5.html index 48940dc62..f351fdd76 100644 --- a/postfix/html/postconf.5.html +++ b/postfix/html/postconf.5.html @@ -7475,6 +7475,8 @@ This feature is available in Postfix 2.0 and later.

The name of the directory with example Postfix configuration files. +Starting with Postfix 2.1, these files have been replaced with the +postconf(5) manual page.

diff --git a/postfix/man/man1/postcat.1 b/postfix/man/man1/postcat.1 index 0a83ee41c..bf01c06c4 100644 --- a/postfix/man/man1/postcat.1 +++ b/postfix/man/man1/postcat.1 @@ -8,19 +8,20 @@ show Postfix queue file contents .SH "SYNOPSIS" .na .nf -\fBpostcat\fR [\fB-bhmoqv\fR] [\fB-c \fIconfig_dir\fR] [\fIfiles\fR...] +\fBpostcat\fR [\fB-bdehnoqv\fR] [\fB-c \fIconfig_dir\fR] [\fIfiles\fR...] .SH DESCRIPTION .ad .fi -The \fBpostcat\fR(1) command prints the contents of the named -\fIfiles\fR in human-readable form. The files are expected -to be in Postfix queue file format. If no -\fIfiles\fR are specified on the command line, the program -reads from standard input. +The \fBpostcat\fR(1) command prints the contents of the +named \fIfiles\fR in human-readable form. The files are +expected to be in Postfix queue file format. If no \fIfiles\fR +are specified on the command line, the program reads from +standard input. -By default, \fBpostcat\fR(1) behaves as if all three options -\fB-b\fR, \fB-e\fR, and \fB-h\fR are given. To view message -content only, specify \fB-bh\fR (Postfix 2.7 and later). +By default, \fBpostcat\fR(1) shows the envelope and message +content, as if the options \fB-beh\fR were specified. To +view message content only, specify \fB-bh\fR (Postfix 2.7 +and later). Options: .IP \fB-b\fR @@ -28,27 +29,29 @@ Show body content. The \fB-b\fR option starts producing output at the first non-header line, and stops when the end of the message is reached. .sp -This feature is available in Postfix version 2.7 and later. +This feature is available in Postfix 2.7 and later. .IP "\fB-c \fIconfig_dir\fR" The \fBmain.cf\fR configuration file is in the named directory instead of the default configuration directory. +.IP \fB-d\fR +Print the decimal type of each record. .IP \fB-e\fR Show message envelope content. .sp -This feature is available in Postfix version 2.7 and later. +This feature is available in Postfix 2.7 and later. .IP \fB-h\fR Show message header content. The \fB-h\fR option produces output from the beginning of the message up to, but not including, the first non-header line. .sp -This feature is available in Postfix version 2.7 and later. +This feature is available in Postfix 2.7 and later. .IP \fB-o\fR Print the queue file offset of each record. .IP \fB-q\fR Search the Postfix queue for the named \fIfiles\fR instead of taking the names literally. -Available in Postfix version 2.0 and later. +This feature is available in Postfix 2.0 and later. .IP \fB-v\fR Enable verbose logging for debugging purposes. Multiple \fB-v\fR options make the software increasingly verbose. diff --git a/postfix/man/man5/postconf.5 b/postfix/man/man5/postconf.5 index ec635793a..48a38dcfe 100644 --- a/postfix/man/man5/postconf.5 +++ b/postfix/man/man5/postconf.5 @@ -4210,6 +4210,8 @@ next-hop host, recipient) triple. This feature is available in Postfix 2.0 and later. .SH sample_directory (default: /etc/postfix) The name of the directory with example Postfix configuration files. +Starting with Postfix 2.1, these files have been replaced with the +\fBpostconf\fR(5) manual page. .SH send_cyrus_sasl_authzid (default: no) When authenticating to a remote SMTP or LMTP server with the default setting "no", send no SASL authoriZation ID (authzid); send diff --git a/postfix/proto/postconf.proto b/postfix/proto/postconf.proto index 3b2ff6102..6fd144ef2 100644 --- a/postfix/proto/postconf.proto +++ b/postfix/proto/postconf.proto @@ -7528,6 +7528,8 @@ This feature is available in Postfix 2.0 and later.

The name of the directory with example Postfix configuration files. +Starting with Postfix 2.1, these files have been replaced with the +postconf(5) manual page.

%PARAM sender_based_routing no diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h index f045565a4..8a6f55a6d 100644 --- a/postfix/src/global/mail_version.h +++ b/postfix/src/global/mail_version.h @@ -20,7 +20,7 @@ * Patches change both the patchlevel and the release date. Snapshots have no * patchlevel; they change the release date only. */ -#define MAIL_RELEASE_DATE "20090524" +#define MAIL_RELEASE_DATE "20090528" #define MAIL_VERSION_NUMBER "2.7" #ifdef SNAPSHOT diff --git a/postfix/src/postcat/postcat.c b/postfix/src/postcat/postcat.c index 6838776a0..1a728ed9b 100644 --- a/postfix/src/postcat/postcat.c +++ b/postfix/src/postcat/postcat.c @@ -4,17 +4,18 @@ /* SUMMARY /* show Postfix queue file contents /* SYNOPSIS -/* \fBpostcat\fR [\fB-bhmoqv\fR] [\fB-c \fIconfig_dir\fR] [\fIfiles\fR...] +/* \fBpostcat\fR [\fB-bdehnoqv\fR] [\fB-c \fIconfig_dir\fR] [\fIfiles\fR...] /* DESCRIPTION -/* The \fBpostcat\fR(1) command prints the contents of the named -/* \fIfiles\fR in human-readable form. The files are expected -/* to be in Postfix queue file format. If no -/* \fIfiles\fR are specified on the command line, the program -/* reads from standard input. +/* The \fBpostcat\fR(1) command prints the contents of the +/* named \fIfiles\fR in human-readable form. The files are +/* expected to be in Postfix queue file format. If no \fIfiles\fR +/* are specified on the command line, the program reads from +/* standard input. /* -/* By default, \fBpostcat\fR(1) behaves as if all three options -/* \fB-b\fR, \fB-e\fR, and \fB-h\fR are given. To view message -/* content only, specify \fB-bh\fR (Postfix 2.7 and later). +/* By default, \fBpostcat\fR(1) shows the envelope and message +/* content, as if the options \fB-beh\fR were specified. To +/* view message content only, specify \fB-bh\fR (Postfix 2.7 +/* and later). /* /* Options: /* .IP \fB-b\fR @@ -22,27 +23,29 @@ /* output at the first non-header line, and stops when the end /* of the message is reached. /* .sp -/* This feature is available in Postfix version 2.7 and later. +/* This feature is available in Postfix 2.7 and later. /* .IP "\fB-c \fIconfig_dir\fR" /* The \fBmain.cf\fR configuration file is in the named directory /* instead of the default configuration directory. +/* .IP \fB-d\fR +/* Print the decimal type of each record. /* .IP \fB-e\fR /* Show message envelope content. /* .sp -/* This feature is available in Postfix version 2.7 and later. +/* This feature is available in Postfix 2.7 and later. /* .IP \fB-h\fR /* Show message header content. The \fB-h\fR option produces /* output from the beginning of the message up to, but not /* including, the first non-header line. /* .sp -/* This feature is available in Postfix version 2.7 and later. +/* This feature is available in Postfix 2.7 and later. /* .IP \fB-o\fR /* Print the queue file offset of each record. /* .IP \fB-q\fR /* Search the Postfix queue for the named \fIfiles\fR instead /* of taking the names literally. /* -/* Available in Postfix version 2.0 and later. +/* This feature is available in Postfix 2.0 and later. /* .IP \fB-v\fR /* Enable verbose logging for debugging purposes. Multiple \fB-v\fR /* options make the software increasingly verbose. @@ -121,6 +124,8 @@ #define PC_FLAG_PRINT_ENV (1<<2) /* print envelope records */ #define PC_FLAG_PRINT_HEADER (1<<3) /* print header records */ #define PC_FLAG_PRINT_BODY (1<<4) /* print body records */ +#define PC_FLAG_PRINT_RTYPE_DEC (1<<5) /* print decimal record type */ +#define PC_FLAG_PRINT_RTYPE_SYM (1<<6) /* print symbolic record type */ #define PC_MASK_PRINT_TEXT (PC_FLAG_PRINT_HEADER | PC_FLAG_PRINT_BODY) #define PC_MASK_PRINT_ALL (PC_FLAG_PRINT_ENV | PC_MASK_PRINT_TEXT) @@ -198,9 +203,11 @@ static void postcat(VSTREAM *fp, VSTRING *buffer, int flags) * likely need to be revised when the queue file organization is * changed. */ -#define PRINT_MARKER(flags, fp, offset, text) do { \ +#define PRINT_MARKER(flags, fp, offset, type, text) do { \ if ((flags) & PC_FLAG_PRINT_OFFSET) \ vstream_printf("%9lu ", (unsigned long) (offset)); \ + if (flags & PC_FLAG_PRINT_RTYPE_DEC) \ + vstream_printf("%3d ", (type)); \ vstream_printf("*** %s %s ***\n", (text), VSTREAM_PATH(fp)); \ vstream_fflush(VSTREAM_OUT); \ } while (0) @@ -208,6 +215,8 @@ static void postcat(VSTREAM *fp, VSTRING *buffer, int flags) #define PRINT_RECORD(flags, offset, type, value) do { \ if ((flags) & PC_FLAG_PRINT_OFFSET) \ vstream_printf("%9lu ", (unsigned long) (offset)); \ + if (flags & PC_FLAG_PRINT_RTYPE_DEC) \ + vstream_printf("%3d ", (type)); \ vstream_printf("%s: %s\n", rec_type_name(rec_type), (value)); \ vstream_fflush(VSTREAM_OUT); \ } while (0) @@ -237,7 +246,7 @@ static void postcat(VSTREAM *fp, VSTRING *buffer, int flags) VSTREAM_PATH(fp)); /* Optional output. */ if (flags & PC_FLAG_PRINT_ENV) - PRINT_MARKER(flags, fp, offset, "MESSAGE CONTENTS"); + PRINT_MARKER(flags, fp, offset, rec_type, "MESSAGE CONTENTS"); /* Optimization: skip to extracted segment marker. */ if ((flags & PC_MASK_PRINT_TEXT) == 0 && data_offset >= 0 && data_size >= 0 @@ -256,7 +265,7 @@ static void postcat(VSTREAM *fp, VSTRING *buffer, int flags) if (do_print && prev_type == REC_TYPE_CONT) VSTREAM_PUTCHAR('\n'); if (flags & PC_FLAG_PRINT_ENV) - PRINT_MARKER(flags, fp, offset, "HEADER EXTRACTED"); + PRINT_MARKER(flags, fp, offset, rec_type, "HEADER EXTRACTED"); /* Update the state machine. */ state = PC_STATE_ENV; do_print = (flags & PC_FLAG_PRINT_ENV); @@ -271,7 +280,7 @@ static void postcat(VSTREAM *fp, VSTRING *buffer, int flags) VSTREAM_PATH(fp)); /* Optional output. */ if (flags & PC_FLAG_PRINT_ENV) - PRINT_MARKER(flags, fp, offset, "MESSAGE FILE END"); + PRINT_MARKER(flags, fp, offset, rec_type, "MESSAGE FILE END"); /* Terminate the state machine. */ break; } else if (rec_type == REC_TYPE_PTR) { @@ -284,15 +293,16 @@ static void postcat(VSTREAM *fp, VSTRING *buffer, int flags) msg_fatal("bad pointer record, or input is not seekable"); continue; } else if (rec_type == REC_TYPE_SIZE) { + /* Optional output (here before we update the state machine). */ + if (do_print) + PRINT_RECORD(flags, offset, rec_type, STR(buffer)); + /* Read the message size/offset for the state machine optimizer. */ if (data_size >= 0 || data_offset >= 0) { msg_warn("file contains multiple size records"); } else { if (sscanf(STR(buffer), "%ld %ld", &data_size, &data_offset) != 2 || data_offset <= 0 || data_size <= 0) msg_fatal("invalid size record: %.100s", STR(buffer)); - /* Optional output (here since we update the state machine). */ - if (do_print) - PRINT_RECORD(flags, offset, rec_type, STR(buffer)); /* Optimization: skip to the message header. */ if ((flags & PC_FLAG_PRINT_ENV) == 0) { if (vstream_fseek(fp, data_offset, SEEK_SET) < 0) @@ -312,6 +322,8 @@ static void postcat(VSTREAM *fp, VSTRING *buffer, int flags) continue; if (flags & PC_FLAG_PRINT_OFFSET) vstream_printf("%9lu ", (unsigned long) offset); + if (flags & PC_FLAG_PRINT_RTYPE_DEC) + vstream_printf("%3d ", rec_type); switch (rec_type) { case REC_TYPE_TIME: REC_TYPE_TIME_SCAN(STR(buffer), tv); @@ -381,7 +393,7 @@ static void postcat(VSTREAM *fp, VSTRING *buffer, int flags) static NORETURN usage(char *myname) { - msg_fatal("usage: %s [-c config_dir] [-q (access queue)] [-v] [file(s)...]", + msg_fatal("usage: %s [-b (body text)] [-c config_dir] [-d (decimal record type)] [-e (envelope records)] [-h (header text)] [-q (access queue)] [-v] [file(s)...]", myname); } @@ -429,7 +441,7 @@ int main(int argc, char **argv) /* * Parse JCL. */ - while ((ch = GETOPT(argc, argv, "bc:ehoqv")) > 0) { + while ((ch = GETOPT(argc, argv, "bc:dehoqv")) > 0) { switch (ch) { case 'b': flags |= PC_FLAG_PRINT_BODY; @@ -438,6 +450,9 @@ int main(int argc, char **argv) if (setenv(CONF_ENV_PATH, optarg, 1) < 0) msg_fatal("out of memory"); break; + case 'd': + flags |= PC_FLAG_PRINT_RTYPE_DEC; + break; case 'e': flags |= PC_FLAG_PRINT_ENV; break; diff --git a/postfix/src/smtpd/smtpd_check.c b/postfix/src/smtpd/smtpd_check.c index 1a18f92e3..ea3dfbf9c 100644 --- a/postfix/src/smtpd/smtpd_check.c +++ b/postfix/src/smtpd/smtpd_check.c @@ -3278,10 +3278,16 @@ static int reject_auth_sender_login_mismatch(SMTPD_STATE *state, const char *sen char *name; int found = 0; + /* + * Replace obscure code by self-evident code. + */ +#define SMTPD_SASL_AUTHENTICATED(state) \ + (smtpd_sasl_is_active(state) && state->sasl_username != 0) + /* * Reject if the client is logged in and does not own the sender address. */ - if (smtpd_sasl_is_active(state) && state->sasl_username != 0) { + if (var_smtpd_sasl_enable && SMTPD_SASL_AUTHENTICATED(state)) { reply = smtpd_resolve_addr(sender); if (reply->flags & RESOLVE_FLAG_FAIL) reject_dict_retry(state, sender); @@ -3314,7 +3320,7 @@ static int reject_unauth_sender_login_mismatch(SMTPD_STATE *state, const char *s * Reject if the client is not logged in and the sender address has an * owner. */ - if (smtpd_sasl_is_active(state) && state->sasl_username == 0) { + if (var_smtpd_sasl_enable && !SMTPD_SASL_AUTHENTICATED(state)) { reply = smtpd_resolve_addr(sender); if (reply->flags & RESOLVE_FLAG_FAIL) reject_dict_retry(state, sender); @@ -3766,7 +3772,7 @@ static int generic_checks(SMTPD_STATE *state, ARGV *restrictions, state->sender, SMTPD_NAME_SENDER); } else if (strcasecmp(name, REJECT_AUTH_SENDER_LOGIN_MISMATCH) == 0) { #ifdef USE_SASL_AUTH - if (smtpd_sasl_is_active(state)) { + if (var_smtpd_sasl_enable) { if (state->sender && *state->sender) status = reject_auth_sender_login_mismatch(state, state->sender); } else @@ -3774,7 +3780,7 @@ static int generic_checks(SMTPD_STATE *state, ARGV *restrictions, msg_warn("restriction `%s' ignored: no SASL support", name); } else if (strcasecmp(name, REJECT_UNAUTH_SENDER_LOGIN_MISMATCH) == 0) { #ifdef USE_SASL_AUTH - if (smtpd_sasl_is_active(state)) { + if (var_smtpd_sasl_enable) { if (state->sender && *state->sender) status = reject_unauth_sender_login_mismatch(state, state->sender); } else