From: Wietse Venema <wietse@porcupine.org>
Date: Sat, 1 Mar 2003 05:00:00 +0000 (-0500)
Subject: postfix-2.0.5
X-Git-Tag: v2.0.5^0
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3680531b77ad034bf63aada974dabcc8191bdfbd;p=thirdparty%2Fpostfix.git

postfix-2.0.5
---

diff --git a/postfix/HISTORY b/postfix/HISTORY
index e9e085302..16067de9c 100644
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@@ -7656,6 +7656,25 @@ Apologies for any names omitted.
 	did not eliminate virtual expansion duplicates with the
 	same original recipient. File: cleanup/cleanup_out_recipient.c.
 
+20030223
+
+	Bugfix: smtpd_hard/soft_error_limit off-by-one error, so
+	that the real limit was one larger than the specified value.
+	File: smtpd/smtpd.c, smtpd/smtpd_chat.c.
+
+20030226
+
+	Safety: proxymap server defense against potential deadlock
+	when some library routine wants to open a proxied table.
+	Instead, proxymap opens the requested table directly. File:
+	proxymap/proxymap.c.
+
+20030227
+
+	Bugfix: added mynetworks to the list of proxy_read_maps
+	parameter settings that are pre-authorized to use proxied
+	table lookups.  File: global/mail_params.h.
+
 Open problems:
 
 	Low: after successful delivery, per-queue window += 1/window,
diff --git a/postfix/README_FILES/FILTER_README b/postfix/README_FILES/FILTER_README
index 63f99ee9a..e59ccfa51 100644
--- a/postfix/README_FILES/FILTER_README
+++ b/postfix/README_FILES/FILTER_README
@@ -343,9 +343,9 @@ new parameter:
 # cleanup service (defined further below).
 #
 smtp      inet  n       -       n       -       -       smtpd
-    -o cleanup_service=pre-cleanup
+    -o cleanup_service_name=pre-cleanup
 pickup    fifo  n       -       n       60      1       pickup
-    -o cleanup_service=pre-cleanup
+    -o cleanup_service_name=pre-cleanup
 #
 # ------------------------------------------------------------------
 #
diff --git a/postfix/RELEASE_NOTES b/postfix/RELEASE_NOTES
index 3348a9141..8229d641b 100644
--- a/postfix/RELEASE_NOTES
+++ b/postfix/RELEASE_NOTES
@@ -24,6 +24,15 @@ snapshot release).  Patches change the patchlevel and the release
 date. Snapshots change only the release date, unless they include
 the same bugfixes as a patch release.
 
+Incompatible changes with Postfix version 2.0.5 (released 20030301)
+===================================================================
+
+The smtpd_hard_error_limit and smtpd_soft_error_limit values now
+behave as documented, that is, smtpd_hard_error_limit=1 causes
+Postfix to disconnect upon the first client error. Previously,
+there was an off-by-one error causing Postfix to change behavior
+after smtpd_hard/soft_error_limit+1 errors.
+
 Incompatible changes with Postfix version 2.0.4 (released 20030219)
 ===================================================================
 
diff --git a/postfix/conf/transport b/postfix/conf/transport
index 73c15dbce..3ae93a7f0 100644
--- a/postfix/conf/transport
+++ b/postfix/conf/transport
@@ -101,8 +101,8 @@
 #        dependent. In the case of SMTP, specify host:service for a
 #        non-default  server port, and use [host] or [host]:port in
 #        order to disable MX (mail exchanger) DNS lookups.  The  []
-#        form  can  also be used with IP addresses instead of host-
-#        names.
+#        form is required when you specify an IP address instead of
+#        a hostname.
 # 
 #        A null transport and null nexthop  result  means  "do  not
 #        change":  use  the delivery transport and nexthop informa-
diff --git a/postfix/html/proxymap.8.html b/postfix/html/proxymap.8.html
index 12dad01ac..4ea05c096 100644
--- a/postfix/html/proxymap.8.html
+++ b/postfix/html/proxymap.8.html
@@ -29,10 +29,10 @@ PROXYMAP(8)                                           PROXYMAP(8)
               tions" errors. The solution:
 
               virtual_alias_maps =
-                  proxy:mysql:/etc/postfix/virtual.cf
+                  proxy:mysql:/etc/postfix/virtual_alias.cf
 
               The total number of connections is limited  by  the
-              number of proxymap server server processes.
+              number of proxymap server processes.
 
        The proxymap server implements the following requests:
 
diff --git a/postfix/html/transport.5.html b/postfix/html/transport.5.html
index 774c557f5..3d63496b8 100644
--- a/postfix/html/transport.5.html
+++ b/postfix/html/transport.5.html
@@ -102,8 +102,8 @@ TRANSPORT(5)                                         TRANSPORT(5)
        dependent. In the case of SMTP, specify <i>host</i>:<i>service</i> for a
        non-default  server port, and use [<i>host</i>] or [<i>host</i>]:<i>port</i> in
        order to disable MX (mail exchanger) DNS lookups.  The  []
-       form  can  also be used with IP addresses instead of host-
-       names.
+       form is required when you specify an IP address instead of
+       a hostname.
 
        A null <i>transport</i> and null <i>nexthop</i>  result  means  "do  not
        change":  use  the delivery transport and nexthop informa-
diff --git a/postfix/html/virtual.8.html b/postfix/html/virtual.8.html
index e350dcb3f..c36f4e313 100644
--- a/postfix/html/virtual.8.html
+++ b/postfix/html/virtual.8.html
@@ -17,8 +17,8 @@ VIRTUAL(8)                                             VIRTUAL(8)
 
        This delivery agent only delivers  mail.   Other  features
        such  as  mail  forwarding,  out-of-office  notifications,
-       etc., must be configured via virtual maps or  via  similar
-       lookup mechanisms.
+       etc., must be configured via  virtual_alias  maps  or  via
+       similar lookup mechanisms.
 
 <b>MAILBOX</b> <b>LOCATION</b>
        The  mailbox  location  is controlled by the <b>virtual</b><i>_</i><b>mail-</b>
diff --git a/postfix/man/man5/transport.5 b/postfix/man/man5/transport.5
index f244a96c1..e4c69f372 100644
--- a/postfix/man/man5/transport.5
+++ b/postfix/man/man5/transport.5
@@ -102,7 +102,7 @@ The interpretation of the nexthop field is transport
 dependent. In the case of SMTP, specify \fIhost\fR:\fIservice\fR for a
 non-default server port, and use [\fIhost\fR] or [\fIhost\fR]:\fIport\fR
 in order to disable MX (mail exchanger) DNS lookups. The [] form
-can also be used with IP addresses instead of hostnames.
+is required when you specify an IP address instead of a hostname.
 
 A null \fItransport\fR and null \fInexthop\fR result means "do
 not change": use the delivery transport and nexthop information
diff --git a/postfix/man/man8/proxymap.8 b/postfix/man/man8/proxymap.8
index b36119748..a801de872 100644
--- a/postfix/man/man8/proxymap.8
+++ b/postfix/man/man8/proxymap.8
@@ -33,10 +33,10 @@ in "too many connections" errors. The solution:
 .sp
 virtual_alias_maps =
 .ti +4
-proxy:mysql:/etc/postfix/virtual.cf
+proxy:mysql:/etc/postfix/virtual_alias.cf
 .sp
 The total number of connections is limited by the number of
-proxymap server server processes.
+proxymap server processes.
 .PP
 The proxymap server implements the following requests:
 .IP "\fBPROXY_REQ_OPEN\fI maptype:mapname flags\fR"
diff --git a/postfix/man/man8/virtual.8 b/postfix/man/man8/virtual.8
index c7517bc24..ea1335517 100644
--- a/postfix/man/man8/virtual.8
+++ b/postfix/man/man8/virtual.8
@@ -20,7 +20,7 @@ file lookups of the address local part only.
 
 This delivery agent only delivers mail.  Other features such as
 mail forwarding, out-of-office notifications, etc., must be
-configured via virtual maps or via similar lookup mechanisms.
+configured via virtual_alias maps or via similar lookup mechanisms.
 .SH MAILBOX LOCATION
 .na
 .nf
diff --git a/postfix/proto/transport b/postfix/proto/transport
index 243a4dcec..e9ca553a0 100644
--- a/postfix/proto/transport
+++ b/postfix/proto/transport
@@ -90,7 +90,7 @@
 #	dependent. In the case of SMTP, specify \fIhost\fR:\fIservice\fR for a
 #	non-default server port, and use [\fIhost\fR] or [\fIhost\fR]:\fIport\fR
 #	in order to disable MX (mail exchanger) DNS lookups. The [] form
-#	can also be used with IP addresses instead of hostnames.
+#	is required when you specify an IP address instead of a hostname.
 #
 #	A null \fItransport\fR and null \fInexthop\fR result means "do
 #	not change": use the delivery transport and nexthop information
diff --git a/postfix/src/global/mail_params.h b/postfix/src/global/mail_params.h
index 82261de22..baf358eb5 100644
--- a/postfix/src/global/mail_params.h
+++ b/postfix/src/global/mail_params.h
@@ -1317,7 +1317,8 @@ extern int var_local_rcpt_code;
                                 " $" VAR_SEND_CANON_MAPS \
                                 " $" VAR_RCPT_CANON_MAPS \
                                 " $" VAR_RELOCATED_MAPS \
-                                " $" VAR_TRANSPORT_MAPS
+                                " $" VAR_TRANSPORT_MAPS \
+				" $" VAR_MYNETWORKS
 extern char *var_proxy_read_maps;
 
  /*
diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h
index 186e9a3b5..404f1e875 100644
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -20,10 +20,10 @@
   * Patches change the patchlevel and the release date. Snapshots change the
   * release date only, unless they include the same bugfix as a patch release.
   */
-#define MAIL_RELEASE_DATE	"20030219"
+#define MAIL_RELEASE_DATE	"20030301"
 
 #define VAR_MAIL_VERSION	"mail_version"
-#define DEF_MAIL_VERSION	"2.0.4"
+#define DEF_MAIL_VERSION	"2.0.5"
 extern char *var_mail_version;
 
  /*
diff --git a/postfix/src/proxymap/proxymap.c b/postfix/src/proxymap/proxymap.c
index 0caed2983..362079da2 100644
--- a/postfix/src/proxymap/proxymap.c
+++ b/postfix/src/proxymap/proxymap.c
@@ -27,10 +27,10 @@
 /* .sp
 /*	virtual_alias_maps =
 /* .ti +4
-/*	proxy:mysql:/etc/postfix/virtual.cf
+/*	proxy:mysql:/etc/postfix/virtual_alias.cf
 /* .sp
 /*	The total number of connections is limited by the number of
-/*	proxymap server server processes.
+/*	proxymap server processes.
 /* .PP
 /*	The proxymap server implements the following requests:
 /* .IP "\fBPROXY_REQ_OPEN\fI maptype:mapname flags\fR"
@@ -332,6 +332,18 @@ static void proxymap_service(VSTREAM *client_stream, char *unused_service,
     vstream_fflush(client_stream);
 }
 
+/* dict_proxy_open - intercept remote map request from inside library */
+
+DICT   *dict_proxy_open(const char *map, int open_flags, int dict_flags)
+{
+    if (msg_verbose)
+	msg_info("dict_proxy_open(%s, 0%o, 0%o) called from internal routine",
+		 map, open_flags, dict_flags);
+    while (strncmp(map, PROXY_COLON, PROXY_COLON_LEN) == 0)
+	map += PROXY_COLON_LEN;
+    return (dict_open(map, open_flags, dict_flags));
+}
+
 /* post_jail_init - initialization after privilege drop */
 
 static void post_jail_init(char *unused_name, char **unused_argv)
diff --git a/postfix/src/smtpd/smtpd.c b/postfix/src/smtpd/smtpd.c
index 67d70a766..185ddd227 100644
--- a/postfix/src/smtpd/smtpd.c
+++ b/postfix/src/smtpd/smtpd.c
@@ -990,6 +990,7 @@ static int data_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *unused_argv)
     int     prev_rec_type;
     int     first = 1;
     VSTRING *why = 0;
+    int     saved_err;
 
     /*
      * Sanity checks. With ESMTP command pipelining the client can send DATA
@@ -1150,12 +1151,13 @@ static int data_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *unused_argv)
     /*
      * Cleanup. The client may send another MAIL command.
      */
+    saved_err = state->err;
     chat_reset(state, var_smtpd_hist_thrsh);
     mail_reset(state);
     rcpt_reset(state);
     if (why)
 	vstring_free(why);
-    return (state->err);
+    return (saved_err);
 }
 
 /* rset_cmd - process RSET */
@@ -1469,7 +1471,7 @@ static void smtpd_proto(SMTPD_STATE *state)
 	}
 
 	for (;;) {
-	    if (state->error_count > var_smtpd_hard_erlim) {
+	    if (state->error_count >= var_smtpd_hard_erlim) {
 		state->reason = "too many errors";
 		state->error_mask |= MAIL_ERROR_PROTOCOL;
 		smtpd_chat_reply(state, "421 Error: too many errors");
@@ -1529,7 +1531,9 @@ static void smtpd_proto(SMTPD_STATE *state)
      * things went wrong. Don't complain about clients that go away without
      * sending QUIT.
      */
-    if (state->reason && state->where && strcmp(state->where, SMTPD_AFTER_DOT))
+    if (state->reason && state->where
+	&& (strcmp(state->where, SMTPD_AFTER_DOT)
+	    || strcmp(state->reason, "lost connection")))
 	msg_info("%s after %s from %s[%s]",
 		 state->reason, state->where, state->name, state->addr);
 
diff --git a/postfix/src/smtpd/smtpd_chat.c b/postfix/src/smtpd/smtpd_chat.c
index 692a52c6e..9d68dd34f 100644
--- a/postfix/src/smtpd/smtpd_chat.c
+++ b/postfix/src/smtpd/smtpd_chat.c
@@ -157,7 +157,7 @@ void    smtpd_chat_reply(SMTPD_STATE *state, char *format,...)
      * sleep-on-anything slows down clients that make an excessive number of
      * errors within a session.
      */
-    if (state->error_count > var_smtpd_soft_erlim)
+    if (state->error_count >= var_smtpd_soft_erlim)
 	sleep(delay = (state->error_count > var_smtpd_err_sleep ?
 		       state->error_count : var_smtpd_err_sleep));
     else if (STR(state->buffer)[0] == '4' || STR(state->buffer)[0] == '5')
diff --git a/postfix/src/virtual/virtual.c b/postfix/src/virtual/virtual.c
index e0896f0b0..f25f52f4a 100644
--- a/postfix/src/virtual/virtual.c
+++ b/postfix/src/virtual/virtual.c
@@ -14,7 +14,7 @@
 /*
 /*	This delivery agent only delivers mail.  Other features such as
 /*	mail forwarding, out-of-office notifications, etc., must be
-/*	configured via virtual maps or via similar lookup mechanisms.
+/*	configured via virtual_alias maps or via similar lookup mechanisms.
 /* MAILBOX LOCATION
 /* .ad
 /* .fi