From: Wietse Venema Date: Sat, 7 Aug 2021 05:00:00 +0000 (-0500) Subject: postfix-3.7-20210807 X-Git-Tag: v3.7.0-RC1~17 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=36f034268b88109aadd60c9c1161020fcb07a275;p=thirdparty%2Fpostfix.git postfix-3.7-20210807 --- diff --git a/postfix/HISTORY b/postfix/HISTORY index f6adcd861..f42b7c42f 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -25653,24 +25653,58 @@ Apologies for any names omitted. 20210705 - Bugfix (introduced: Postfix 3.3): with "header_from_format - = standard" (the default as of Postfix 3.3) the cleanup - daemon crashed with a "null pointer read" error when email - was submitted with /usr/sbin/sendmail without From: header, - and an all-space full name was specified in the password - file, with "sendmail -F", or with the NAME environment - variable. Found by Renaud Metrich. File: - cleanup/cleanup_message.c. + Bugfix (introduced: Postfix 3.3): "null pointer read" error + in the cleanup daemon when "header_from_format = standard" + (the default as of Postfix 3.3) and email was submitted + with /usr/sbin/sendmail without From: header, and an all-space + full name was specified in 1) the password file, 2) with + "sendmail -F", or 3) with the NAME environment variable. + Found by Renaud Metrich. File: cleanup/cleanup_message.c. 20210708 Bugfix (introduced: 1999): the Postfix SMTP server was sending all session transcripts to the error_notice_recipient, instead of sending transcripts of bounced mail to the - bounce_notice_recipient. File: smtpd/smtpd_chat.c. + bounce_notice_recipient. Reported by Hans van Zijst. File: + smtpd/smtpd_chat.c. 20210713 - Cleanup: the 20060903 code for record loop detection was - comparing memory addresses instead of queue file names. It - now properly compares strings. File: global/record.c. + Bugfix (introduced: Postfix 2.4): false "too many reverse + jump" warnings in the showq daemon. The loop detection code + was comparing memory addresses instead of queue file names. + It now properly compares strings. Reported by Mehmet Avcioglu. + File: global/record.c. + +20210724 + + Cleanup: missing const in the 20210713 bugfix. File: + global/record.c. + +20210728 + + Bitrot: GLIBC 2.34 has closefrom(), and of course their + interface is different. File: util/sys_defs.h. + +20210804 + + Cleanup: replace ad-hoc object-to-VSTRING serialization with + attr_print*() based serialization. Files: tls/tls_proxy.h, + tls/tls_proxy_client_misc.c, tlsproxy.c/tlsproxy.c. + + Cleanup: left-over code from a DANE on/off workaround. File: + tlsproxy.c/tlsproxy.c. + + Constified the object argument of functions that write objects + to VSTREAM. Files: global/bounce.c, global/defer.c, + global/deliver_pass.c, global/deliver_request.c, + global/dsn_print.c, global/dsn_print.h, + global/msg_stats.h, global/msg_stats_print.c, + global/rcpt_print.c, global/rcpt_print.h, global/trace.c, + milter/milter8.c, milter/milter.c, milter/milter.h, + milter/milter_macros.c, oqmgr/qmgr_deliver.c, + qmgr/qmgr_deliver.c, tls/tls_proxy_client_misc.c, + tls/tls_proxy_client_print.c, tls/tls_proxy_context_print.c, + tls/tls_proxy.h, tls/tls_proxy_server_print.c, util/argv_attr.h, + util/argv_attr_print.c, util/attr.h. diff --git a/postfix/WISHLIST b/postfix/WISHLIST index c9b6a94a5..fb7f5d64e 100644 --- a/postfix/WISHLIST +++ b/postfix/WISHLIST @@ -2,6 +2,10 @@ Wish list: Add verp=+= to the qmgr "from=" logging. + Need canonical Dovecot example that has virtual_mailbox_domains, + (virtual_mailbox_maps or reject unverified_recipient), and + virtual_transport. + In addition to the xxx_per_record_deadline, specify a minimum data rate for the DATA stage. diff --git a/postfix/src/global/bounce.c b/postfix/src/global/bounce.c index b03530750..072a7a73b 100644 --- a/postfix/src/global/bounce.c +++ b/postfix/src/global/bounce.c @@ -319,8 +319,8 @@ int bounce_append_intern(int flags, const char *id, MSG_STATS *stats, SEND_ATTR_INT(MAIL_ATTR_NREQ, BOUNCE_CMD_APPEND), SEND_ATTR_INT(MAIL_ATTR_FLAGS, flags), SEND_ATTR_STR(MAIL_ATTR_QUEUEID, id), - SEND_ATTR_FUNC(rcpt_print, (void *) rcpt), - SEND_ATTR_FUNC(dsn_print, (void *) &my_dsn), + SEND_ATTR_FUNC(rcpt_print, (const void *) rcpt), + SEND_ATTR_FUNC(dsn_print, (const void *) &my_dsn), ATTR_TYPE_END) == 0 && ((flags & DEL_REQ_FLAG_RECORD) == 0 || trace_append(flags, id, stats, rcpt, relay, @@ -512,8 +512,8 @@ int bounce_one_intern(int flags, const char *queue, const char *id, SEND_ATTR_STR(MAIL_ATTR_SENDER, sender), SEND_ATTR_STR(MAIL_ATTR_DSN_ENVID, dsn_envid), SEND_ATTR_INT(MAIL_ATTR_DSN_RET, dsn_ret), - SEND_ATTR_FUNC(rcpt_print, (void *) rcpt), - SEND_ATTR_FUNC(dsn_print, (void *) &my_dsn), + SEND_ATTR_FUNC(rcpt_print, (const void *) rcpt), + SEND_ATTR_FUNC(dsn_print, (const void *) &my_dsn), ATTR_TYPE_END) == 0 && ((flags & DEL_REQ_FLAG_RECORD) == 0 || trace_append(flags, id, stats, rcpt, relay, diff --git a/postfix/src/global/defer.c b/postfix/src/global/defer.c index f904ec677..8eaf082c2 100644 --- a/postfix/src/global/defer.c +++ b/postfix/src/global/defer.c @@ -266,8 +266,8 @@ int defer_append_intern(int flags, const char *id, MSG_STATS *stats, SEND_ATTR_INT(MAIL_ATTR_NREQ, BOUNCE_CMD_APPEND), SEND_ATTR_INT(MAIL_ATTR_FLAGS, flags), SEND_ATTR_STR(MAIL_ATTR_QUEUEID, id), - SEND_ATTR_FUNC(rcpt_print, (void *) rcpt), - SEND_ATTR_FUNC(dsn_print, (void *) &my_dsn), + SEND_ATTR_FUNC(rcpt_print, (const void *) rcpt), + SEND_ATTR_FUNC(dsn_print, (const void *) &my_dsn), ATTR_TYPE_END) != 0) msg_warn("%s: %s service failure", id, var_defer_service); log_adhoc(id, stats, rcpt, relay, &my_dsn, "deferred"); diff --git a/postfix/src/global/deliver_pass.c b/postfix/src/global/deliver_pass.c index f744ad533..231b07000 100644 --- a/postfix/src/global/deliver_pass.c +++ b/postfix/src/global/deliver_pass.c @@ -113,7 +113,7 @@ static int deliver_pass_send_request(VSTREAM *stream, DELIVER_REQUEST *request, SEND_ATTR_STR(MAIL_ATTR_SENDER, request->sender), SEND_ATTR_STR(MAIL_ATTR_DSN_ENVID, request->dsn_envid), SEND_ATTR_INT(MAIL_ATTR_DSN_RET, request->dsn_ret), - SEND_ATTR_FUNC(msg_stats_print, (void *) &request->msg_stats), + SEND_ATTR_FUNC(msg_stats_print, (const void *) &request->msg_stats), /* XXX Should be encapsulated with ATTR_TYPE_FUNC. */ SEND_ATTR_STR(MAIL_ATTR_LOG_CLIENT_NAME, request->client_name), SEND_ATTR_STR(MAIL_ATTR_LOG_CLIENT_ADDR, request->client_addr), @@ -130,7 +130,7 @@ static int deliver_pass_send_request(VSTREAM *stream, DELIVER_REQUEST *request, SEND_ATTR_INT(MAIL_ATTR_RCPT_COUNT, 1), ATTR_TYPE_END); attr_print(stream, ATTR_FLAG_NONE, - SEND_ATTR_FUNC(rcpt_print, (void *) rcpt), + SEND_ATTR_FUNC(rcpt_print, (const void *) rcpt), ATTR_TYPE_END); if (vstream_fflush(stream)) { diff --git a/postfix/src/global/deliver_request.c b/postfix/src/global/deliver_request.c index d5add7873..591c6c6d1 100644 --- a/postfix/src/global/deliver_request.c +++ b/postfix/src/global/deliver_request.c @@ -170,7 +170,7 @@ static int deliver_request_final(VSTREAM *stream, DELIVER_REQUEST *request, msg_info("deliver_request_final: send: \"%s\" %d", hop_status->reason, status); attr_print(stream, ATTR_FLAG_NONE, - SEND_ATTR_FUNC(dsn_print, (void *) hop_status), + SEND_ATTR_FUNC(dsn_print, (const void *) hop_status), SEND_ATTR_INT(MAIL_ATTR_STATUS, status), ATTR_TYPE_END); if ((err = vstream_fflush(stream)) != 0) diff --git a/postfix/src/global/dsn_print.c b/postfix/src/global/dsn_print.c index b31ac63d8..fde2c349b 100644 --- a/postfix/src/global/dsn_print.c +++ b/postfix/src/global/dsn_print.c @@ -16,7 +16,7 @@ /* the specified attribute print routine. dsn_print() is meant /* to be passed as a call-back to attr_print(), thusly: /* -/* ... SEND_ATTR_FUNC(dsn_print, (void *) dsn), ... +/* ... SEND_ATTR_FUNC(dsn_print, (const void *) dsn), ... /* DIAGNOSTICS /* Fatal: out of memory. /* LICENSE @@ -51,7 +51,7 @@ /* dsn_print - write DSN to stream */ int dsn_print(ATTR_PRINT_COMMON_FN print_fn, VSTREAM *fp, - int flags, void *ptr) + int flags, const void *ptr) { DSN *dsn = (DSN *) ptr; int ret; diff --git a/postfix/src/global/dsn_print.h b/postfix/src/global/dsn_print.h index 45808b7c6..d258e6eb1 100644 --- a/postfix/src/global/dsn_print.h +++ b/postfix/src/global/dsn_print.h @@ -25,7 +25,7 @@ /* * External interface. */ -extern int dsn_print(ATTR_PRINT_COMMON_FN, VSTREAM *, int, void *); +extern int dsn_print(ATTR_PRINT_COMMON_FN, VSTREAM *, int, const void *); /* LICENSE /* .ad diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h index 636021c64..9fcfbb4ab 100644 --- a/postfix/src/global/mail_version.h +++ b/postfix/src/global/mail_version.h @@ -20,7 +20,7 @@ * Patches change both the patchlevel and the release date. Snapshots have no * patchlevel; they change the release date only. */ -#define MAIL_RELEASE_DATE "20210717" +#define MAIL_RELEASE_DATE "20210807" #define MAIL_VERSION_NUMBER "3.7" #ifdef SNAPSHOT diff --git a/postfix/src/global/msg_stats.h b/postfix/src/global/msg_stats.h index 312accc0b..c2ab364b7 100644 --- a/postfix/src/global/msg_stats.h +++ b/postfix/src/global/msg_stats.h @@ -83,7 +83,7 @@ typedef struct { ) extern int msg_stats_scan(ATTR_SCAN_COMMON_FN, VSTREAM *, int, void *); -extern int msg_stats_print(ATTR_PRINT_COMMON_FN, VSTREAM *, int, void *); +extern int msg_stats_print(ATTR_PRINT_COMMON_FN, VSTREAM *, int, const void *); /* LICENSE /* .ad diff --git a/postfix/src/global/msg_stats_print.c b/postfix/src/global/msg_stats_print.c index 69c96b559..6fe667a11 100644 --- a/postfix/src/global/msg_stats_print.c +++ b/postfix/src/global/msg_stats_print.c @@ -17,7 +17,7 @@ /* msg_stats_print() is meant to be passed as a call-back to /* attr_print(), thusly: /* -/* ... SEND_ATTR_FUNC(msg_stats_print, (void *) stats), ... +/* ... SEND_ATTR_FUNC(msg_stats_print, (const void *) stats), ... /* DIAGNOSTICS /* Fatal: out of memory. /* LICENSE @@ -52,7 +52,7 @@ /* msg_stats_print - write MSG_STATS to stream */ int msg_stats_print(ATTR_PRINT_COMMON_FN print_fn, VSTREAM *fp, - int flags, void *ptr) + int flags, const void *ptr) { int ret; diff --git a/postfix/src/global/rcpt_print.c b/postfix/src/global/rcpt_print.c index b81f6a969..9e001b6c3 100644 --- a/postfix/src/global/rcpt_print.c +++ b/postfix/src/global/rcpt_print.c @@ -17,7 +17,7 @@ /* routine. rcpt_print() is meant to be passed as a call-back /* to attr_print(), thusly: /* -/* ... SEND_ATTR_FUNC(rcpt_print, (void *) recipient), ... +/* ... SEND_ATTR_FUNC(rcpt_print, (const void *) recipient), ... /* DIAGNOSTICS /* Fatal: out of memory. /* LICENSE @@ -54,7 +54,7 @@ /* rcpt_print - write recipient to stream */ int rcpt_print(ATTR_PRINT_COMMON_FN print_fn, VSTREAM *fp, - int flags, void *ptr) + int flags, const void *ptr) { RECIPIENT *rcpt = (RECIPIENT *) ptr; int ret; diff --git a/postfix/src/global/rcpt_print.h b/postfix/src/global/rcpt_print.h index d501d2d0a..a677970a7 100644 --- a/postfix/src/global/rcpt_print.h +++ b/postfix/src/global/rcpt_print.h @@ -25,7 +25,7 @@ /* * External interface. */ -extern int rcpt_print(ATTR_SCAN_COMMON_FN, VSTREAM *, int, void *); +extern int rcpt_print(ATTR_SCAN_COMMON_FN, VSTREAM *, int, const void *); /* LICENSE /* .ad diff --git a/postfix/src/global/record.c b/postfix/src/global/record.c index 8f5d53ce3..80cb1ac3b 100644 --- a/postfix/src/global/record.c +++ b/postfix/src/global/record.c @@ -323,7 +323,7 @@ int rec_get_raw(VSTREAM *stream, VSTRING *buf, ssize_t maxsize, int flags) int rec_goto(VSTREAM *stream, const char *buf) { off_t offset; - static const char *saved_path; + static char *saved_path; static off_t saved_offset; static int reverse_count; diff --git a/postfix/src/global/trace.c b/postfix/src/global/trace.c index 22bdefe8b..d826a6494 100644 --- a/postfix/src/global/trace.c +++ b/postfix/src/global/trace.c @@ -130,8 +130,8 @@ int trace_append(int flags, const char *id, MSG_STATS *stats, SEND_ATTR_INT(MAIL_ATTR_NREQ, BOUNCE_CMD_APPEND), SEND_ATTR_INT(MAIL_ATTR_FLAGS, flags), SEND_ATTR_STR(MAIL_ATTR_QUEUEID, id), - SEND_ATTR_FUNC(rcpt_print, (void *) rcpt), - SEND_ATTR_FUNC(dsn_print, (void *) &my_dsn), + SEND_ATTR_FUNC(rcpt_print, (const void *) rcpt), + SEND_ATTR_FUNC(dsn_print, (const void *) &my_dsn), ATTR_TYPE_END) != 0) { msg_warn("%s: %s service failure", id, var_trace_service); req_stat = -1; diff --git a/postfix/src/milter/milter.c b/postfix/src/milter/milter.c index 3d71cc6b4..dfd5e1c48 100644 --- a/postfix/src/milter/milter.c +++ b/postfix/src/milter/milter.c @@ -798,7 +798,7 @@ int milter_send(MILTERS *milters, VSTREAM *stream) */ (void) attr_print(stream, ATTR_FLAG_MORE, SEND_ATTR_FUNC(milter_macros_print, - (void *) milters->macros), + (const void *) milters->macros), ATTR_TYPE_END); /* diff --git a/postfix/src/milter/milter.h b/postfix/src/milter/milter.h index 8f672c304..fb59099a6 100644 --- a/postfix/src/milter/milter.h +++ b/postfix/src/milter/milter.h @@ -79,7 +79,7 @@ extern MILTER_MACROS *milter_macros_create(const char *, const char *, const char *, const char *); extern MILTER_MACROS *milter_macros_alloc(int); extern void milter_macros_free(MILTER_MACROS *); -extern int milter_macros_print(ATTR_PRINT_COMMON_FN, VSTREAM *, int, void *); +extern int milter_macros_print(ATTR_PRINT_COMMON_FN, VSTREAM *, int, const void *); extern int milter_macros_scan(ATTR_SCAN_COMMON_FN, VSTREAM *, int, void *); #define MILTER_MACROS_ALLOC_ZERO 1 /* null pointer */ diff --git a/postfix/src/milter/milter8.c b/postfix/src/milter/milter8.c index 892c38721..1e6d49616 100644 --- a/postfix/src/milter/milter8.c +++ b/postfix/src/milter/milter8.c @@ -2672,7 +2672,7 @@ static int milter8_send(MILTER *m, VSTREAM *stream) || (milter->m.macros != 0 && attr_print(stream, ATTR_FLAG_NONE, SEND_ATTR_FUNC(milter_macros_print, - (void *) milter->m.macros), + (const void *) milter->m.macros), ATTR_TYPE_END) != 0) || (milter->m.macros == 0 && attr_print(stream, ATTR_FLAG_NONE, diff --git a/postfix/src/milter/milter_macros.c b/postfix/src/milter/milter_macros.c index 8dd60e36a..27f5509f2 100644 --- a/postfix/src/milter/milter_macros.c +++ b/postfix/src/milter/milter_macros.c @@ -77,7 +77,7 @@ /* print routine. milter_macros_print() is meant to be passed /* as a call-back to attr_print*(), thusly: /* -/* SEND_ATTR_FUNC(milter_macros_print, (void *) macros), +/* SEND_ATTR_FUNC(milter_macros_print, (const void *) macros), /* /* milter_macros_scan() reads a MILTER_MACROS structure from /* the named stream using the specified attribute scan routine. @@ -136,7 +136,7 @@ /* milter_macros_print - write macros structure to stream */ int milter_macros_print(ATTR_PRINT_COMMON_FN print_fn, VSTREAM *fp, - int flags, void *ptr) + int flags, const void *ptr) { MILTER_MACROS *mp = (MILTER_MACROS *) ptr; int ret; diff --git a/postfix/src/oqmgr/qmgr_deliver.c b/postfix/src/oqmgr/qmgr_deliver.c index 7a1c8eac3..100ccc73d 100644 --- a/postfix/src/oqmgr/qmgr_deliver.c +++ b/postfix/src/oqmgr/qmgr_deliver.c @@ -191,7 +191,7 @@ static int qmgr_deliver_send_request(QMGR_ENTRY *entry, VSTREAM *stream) SEND_ATTR_STR(MAIL_ATTR_SENDER, sender), SEND_ATTR_STR(MAIL_ATTR_DSN_ENVID, message->dsn_envid), SEND_ATTR_INT(MAIL_ATTR_DSN_RET, message->dsn_ret), - SEND_ATTR_FUNC(msg_stats_print, (void *) &stats), + SEND_ATTR_FUNC(msg_stats_print, (const void *) &stats), /* XXX Should be encapsulated with ATTR_TYPE_FUNC. */ SEND_ATTR_STR(MAIL_ATTR_LOG_CLIENT_NAME, message->client_name), SEND_ATTR_STR(MAIL_ATTR_LOG_CLIENT_ADDR, message->client_addr), @@ -211,7 +211,7 @@ static int qmgr_deliver_send_request(QMGR_ENTRY *entry, VSTREAM *stream) vstring_free(sender_buf); for (recipient = list.info; recipient < list.info + list.len; recipient++) attr_print(stream, ATTR_FLAG_NONE, - SEND_ATTR_FUNC(rcpt_print, (void *) recipient), + SEND_ATTR_FUNC(rcpt_print, (const void *) recipient), ATTR_TYPE_END); if (vstream_fflush(stream) != 0) { msg_warn("write to process (%s): %m", entry->queue->transport->name); diff --git a/postfix/src/qmgr/qmgr_deliver.c b/postfix/src/qmgr/qmgr_deliver.c index c87f6c6f3..07e89d448 100644 --- a/postfix/src/qmgr/qmgr_deliver.c +++ b/postfix/src/qmgr/qmgr_deliver.c @@ -196,7 +196,7 @@ static int qmgr_deliver_send_request(QMGR_ENTRY *entry, VSTREAM *stream) SEND_ATTR_STR(MAIL_ATTR_SENDER, sender), SEND_ATTR_STR(MAIL_ATTR_DSN_ENVID, message->dsn_envid), SEND_ATTR_INT(MAIL_ATTR_DSN_RET, message->dsn_ret), - SEND_ATTR_FUNC(msg_stats_print, (void *) &stats), + SEND_ATTR_FUNC(msg_stats_print, (const void *) &stats), /* XXX Should be encapsulated with ATTR_TYPE_FUNC. */ SEND_ATTR_STR(MAIL_ATTR_LOG_CLIENT_NAME, message->client_name), SEND_ATTR_STR(MAIL_ATTR_LOG_CLIENT_ADDR, message->client_addr), @@ -216,7 +216,7 @@ static int qmgr_deliver_send_request(QMGR_ENTRY *entry, VSTREAM *stream) vstring_free(sender_buf); for (recipient = list.info; recipient < list.info + list.len; recipient++) attr_print(stream, ATTR_FLAG_NONE, - SEND_ATTR_FUNC(rcpt_print, (void *) recipient), + SEND_ATTR_FUNC(rcpt_print, (const void *) recipient), ATTR_TYPE_END); if (vstream_fflush(stream) != 0) { msg_warn("write to process (%s): %m", entry->queue->transport->name); diff --git a/postfix/src/tls/tls_proxy.h b/postfix/src/tls/tls_proxy.h index f32f9a0c8..c25f527a8 100644 --- a/postfix/src/tls/tls_proxy.h +++ b/postfix/src/tls/tls_proxy.h @@ -77,9 +77,8 @@ typedef struct TLS_CLIENT_PARAMS { * tls_proxy_client_param_scan.c. */ extern TLS_CLIENT_PARAMS *tls_proxy_client_param_from_config(TLS_CLIENT_PARAMS *); -extern char *tls_proxy_client_param_to_string(VSTRING *, TLS_CLIENT_PARAMS *); -extern char *tls_proxy_client_param_with_names_to_string(VSTRING *, TLS_CLIENT_PARAMS *); -extern int tls_proxy_client_param_print(ATTR_PRINT_COMMON_FN, VSTREAM *, int, void *); +extern char *tls_proxy_client_param_serialize(ATTR_PRINT_COMMON_FN, VSTRING *, const TLS_CLIENT_PARAMS *); +extern int tls_proxy_client_param_print(ATTR_PRINT_COMMON_FN, VSTREAM *, int, const void *); extern void tls_proxy_client_param_free(TLS_CLIENT_PARAMS *); extern int tls_proxy_client_param_scan(ATTR_SCAN_COMMON_FN, VSTREAM *, int, void *); @@ -114,24 +113,23 @@ extern VSTREAM *tls_proxy_open(const char *, int, VSTREAM *, const char *, extern TLS_SESS_STATE *tls_proxy_context_receive(VSTREAM *); extern void tls_proxy_context_free(TLS_SESS_STATE *); -extern int tls_proxy_context_print(ATTR_PRINT_COMMON_FN, VSTREAM *, int, void *); +extern int tls_proxy_context_print(ATTR_PRINT_COMMON_FN, VSTREAM *, int, const void *); extern int tls_proxy_context_scan(ATTR_SCAN_COMMON_FN, VSTREAM *, int, void *); -extern int tls_proxy_client_init_print(ATTR_PRINT_COMMON_FN, VSTREAM *, int, void *); +extern int tls_proxy_client_init_print(ATTR_PRINT_COMMON_FN, VSTREAM *, int, const void *); extern int tls_proxy_client_init_scan(ATTR_SCAN_COMMON_FN, VSTREAM *, int, void *); extern void tls_proxy_client_init_free(TLS_CLIENT_INIT_PROPS *); -extern char *tls_proxy_client_init_to_string(VSTRING *, TLS_CLIENT_INIT_PROPS *); -extern char *tls_proxy_client_init_with_names_to_string(VSTRING *, TLS_CLIENT_INIT_PROPS *); +extern char *tls_proxy_client_init_serialize(ATTR_PRINT_COMMON_FN, VSTRING *, const TLS_CLIENT_INIT_PROPS *); -extern int tls_proxy_client_start_print(ATTR_PRINT_COMMON_FN, VSTREAM *, int, void *); +extern int tls_proxy_client_start_print(ATTR_PRINT_COMMON_FN, VSTREAM *, int, const void *); extern int tls_proxy_client_start_scan(ATTR_SCAN_COMMON_FN, VSTREAM *, int, void *); extern void tls_proxy_client_start_free(TLS_CLIENT_START_PROPS *); -extern int tls_proxy_server_init_print(ATTR_PRINT_COMMON_FN, VSTREAM *, int, void *); +extern int tls_proxy_server_init_print(ATTR_PRINT_COMMON_FN, VSTREAM *, int, const void *); extern int tls_proxy_server_init_scan(ATTR_SCAN_COMMON_FN, VSTREAM *, int, void *); extern void tls_proxy_server_init_free(TLS_SERVER_INIT_PROPS *); -extern int tls_proxy_server_start_print(ATTR_PRINT_COMMON_FN, VSTREAM *, int, void *); +extern int tls_proxy_server_start_print(ATTR_PRINT_COMMON_FN, VSTREAM *, int, const void *); extern int tls_proxy_server_start_scan(ATTR_SCAN_COMMON_FN, VSTREAM *, int, void *); extern void tls_proxy_server_start_free(TLS_SERVER_START_PROPS *); diff --git a/postfix/src/tls/tls_proxy_client_misc.c b/postfix/src/tls/tls_proxy_client_misc.c index 6c4158563..fea4cbfae 100644 --- a/postfix/src/tls/tls_proxy_client_misc.c +++ b/postfix/src/tls/tls_proxy_client_misc.c @@ -9,39 +9,27 @@ /* TLS_CLIENT_PARAMS *tls_proxy_client_param_from_config(params) /* TLS_CLIENT_PARAMS *params; /* -/* char *tls_proxy_client_param_to_string(buf, params) +/* char *tls_proxy_client_param_serialize(print_fn, buf, params) +/* ATTR_PRINT_COMMON_FN print_fn; /* VSTRING *buf; -/* TLS_CLIENT_PARAMS *params; +/* const TLS_CLIENT_PARAMS *params; /* -/* char *tls_proxy_client_param_with_names_to_string(buf, params) +/* char *tls_proxy_client_init_serialize(print_fn, buf, init_props) +/* ATTR_PRINT_COMMON_FN print_fn; /* VSTRING *buf; -/* TLS_CLIENT_PARAMS *params; -/* -/* char *tls_proxy_client_init_to_string(buf, init_props) -/* VSTRING *buf; -/* TLS_CLIENT_INIT_PROPS *init_props; +/* const TLS_CLIENT_INIT_PROPS *init_props; /* DESCRIPTION /* tls_proxy_client_param_from_config() initializes a TLS_CLIENT_PARAMS /* structure from configuration parameters and returns its /* argument. Strings are not copied. The result must therefore /* not be passed to tls_proxy_client_param_free(). /* -/* tls_proxy_client_param_to_string() produces a lookup key -/* that is unique for the TLS_CLIENT_PARAMS member values. -/* -/* tls_proxy_client_param_with_names_to_string() produces a -/* string with "name = value\n" for each TLS_CLIENT_PARAMS -/* member. This may be useful for reporting differences between -/* TLS_CLIENT_PARAMS instances. -/* -/* tls_proxy_client_init_to_string() produces a lookup key -/* that is unique for the properties received by -/* tls_proxy_client_init_scan(). -/* -/* tls_proxy_client_init_with_names_to_string() produces a -/* string with "name = value\n" for each TLS_CLIENT_INIT_PROPS -/* member. This may be useful for reporting differences between -/* TLS_CLIENT_INIT_PROPS instances. +/* tls_proxy_client_param_serialize() and +/* tls_proxy_client_init_serialize() serialize the specified +/* object to a memory buffer, using the specified print function +/* (typically, attr_print_plain). The result can be used +/* determine whether there are any differences between instances +/* of the same object type. /* LICENSE /* .ad /* .fi @@ -99,91 +87,41 @@ TLS_CLIENT_PARAMS *tls_proxy_client_param_from_config(TLS_CLIENT_PARAMS *params) return (params); } -/* tls_proxy_client_param_to_string - serialize TLS_CLIENT_PARAMS to string */ - -char *tls_proxy_client_param_to_string(VSTRING *buf, TLS_CLIENT_PARAMS *params) -{ - vstring_sprintf(buf, "%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n" - "%s\n%s\n%d\n%d\n%d\n%d\n%d\n", - params->tls_high_clist, params->tls_medium_clist, - params->tls_low_clist, params->tls_export_clist, - params->tls_null_clist, params->tls_eecdh_auto, - params->tls_eecdh_strong, params->tls_eecdh_ultra, - params->tls_bug_tweaks, params->tls_ssl_options, - params->tls_dane_digests, params->tls_mgr_service, - params->tls_tkt_cipher, params->tls_daemon_rand_bytes, - params->tls_append_def_CA, params->tls_bc_pkey_fprint, - params->tls_preempt_clist, params->tls_multi_wildcard); - return (vstring_str(buf)); -} - -/* tls_proxy_client_param_with_names_to_string - serialize TLS_CLIENT_PARAMS to string */ - -char *tls_proxy_client_param_with_names_to_string(VSTRING *buf, TLS_CLIENT_PARAMS *params) -{ - vstring_sprintf(buf, "%s = %s\n%s = %s\n%s = %s\n%s = %s\n%s = %s\n" - "%s = %s\n%s = %s\n%s = %s\n%s = %s\n%s = %s\n%s = %s\n" - "%s = %s\n%s = %s\n%s = %d\n" - "%s = %d\n%s = %d\n%s = %d\n%s = %d\n", - VAR_TLS_HIGH_CLIST, params->tls_high_clist, - VAR_TLS_MEDIUM_CLIST, params->tls_medium_clist, - VAR_TLS_LOW_CLIST, params->tls_low_clist, - VAR_TLS_EXPORT_CLIST, params->tls_export_clist, - VAR_TLS_NULL_CLIST, params->tls_null_clist, - VAR_TLS_EECDH_AUTO, params->tls_eecdh_auto, - VAR_TLS_EECDH_STRONG, params->tls_eecdh_strong, - VAR_TLS_EECDH_ULTRA, params->tls_eecdh_ultra, - VAR_TLS_BUG_TWEAKS, params->tls_bug_tweaks, - VAR_TLS_SSL_OPTIONS, params->tls_ssl_options, - VAR_TLS_DANE_DIGESTS, params->tls_dane_digests, - VAR_TLS_MGR_SERVICE, params->tls_mgr_service, - VAR_TLS_TKT_CIPHER, params->tls_tkt_cipher, - VAR_TLS_DAEMON_RAND_BYTES, params->tls_daemon_rand_bytes, - VAR_TLS_APPEND_DEF_CA, params->tls_append_def_CA, - VAR_TLS_BC_PKEY_FPRINT, params->tls_bc_pkey_fprint, - VAR_TLS_PREEMPT_CLIST, params->tls_preempt_clist, - VAR_TLS_MULTI_WILDCARD, params->tls_multi_wildcard); - return (vstring_str(buf)); -} - -/* tls_proxy_client_init_to_string - serialize to string */ +/* tls_proxy_client_param_serialize - serialize TLS_CLIENT_PARAMS to string */ -char *tls_proxy_client_init_to_string(VSTRING *buf, - TLS_CLIENT_INIT_PROPS *props) +char *tls_proxy_client_param_serialize(ATTR_PRINT_COMMON_FN print_fn, + VSTRING *buf, + const TLS_CLIENT_PARAMS *params) { - vstring_sprintf(buf, "%s\n%s\n%d\n%s\n%s\n%s\n%s\n%s\n%s\n" - "%s\n%s\n%s\n%s\n%s\n", props->log_param, - props->log_level, props->verifydepth, - props->cache_type, props->chain_files, - props->cert_file, props->key_file, - props->dcert_file, props->dkey_file, - props->eccert_file, props->eckey_file, - props->CAfile, props->CApath, props->mdalg); + const char myname[] = "tls_proxy_client_param_serialize"; + VSTREAM *mp; + + if ((mp = vstream_memopen(buf, O_WRONLY)) == 0 + || print_fn(mp, ATTR_FLAG_NONE, + SEND_ATTR_FUNC(tls_proxy_client_param_print, + (const void *) params), + ATTR_TYPE_END) != 0 + || vstream_fclose(mp) != 0) + msg_fatal("%s: can't serialize properties: %m", myname); return (vstring_str(buf)); } -/* tls_proxy_client_init_with_names_to_string - serialize to string */ +/* tls_proxy_client_init_serialize - serialize to string */ -char *tls_proxy_client_init_with_names_to_string(VSTRING *buf, - TLS_CLIENT_INIT_PROPS *props) +char *tls_proxy_client_init_serialize(ATTR_PRINT_COMMON_FN print_fn, + VSTRING *buf, + const TLS_CLIENT_INIT_PROPS *props) { - vstring_sprintf(buf, "%s = %s\n%s = %s\n%s = %d\n%s = %s\n%s = %s\n" - "%s = %s\n%s = %s\n%s = %s\n%s = %s\n%s = %s\n" - "%s = %s\n%s = %s\n%s = %s\n%s = %s\n", - TLS_ATTR_LOG_PARAM, props->log_param, - TLS_ATTR_LOG_LEVEL, props->log_level, - TLS_ATTR_VERIFYDEPTH, props->verifydepth, - TLS_ATTR_CACHE_TYPE, props->cache_type, - TLS_ATTR_CHAIN_FILES, props->chain_files, - TLS_ATTR_CERT_FILE, props->cert_file, - TLS_ATTR_KEY_FILE, props->key_file, - TLS_ATTR_DCERT_FILE, props->dcert_file, - TLS_ATTR_DKEY_FILE, props->dkey_file, - TLS_ATTR_ECCERT_FILE, props->eccert_file, - TLS_ATTR_ECKEY_FILE, props->eckey_file, - TLS_ATTR_CAFILE, props->CAfile, - TLS_ATTR_CAPATH, props->CApath, - TLS_ATTR_MDALG, props->mdalg); + const char myname[] = "tls_proxy_client_init_serialize"; + VSTREAM *mp; + + if ((mp = vstream_memopen(buf, O_WRONLY)) == 0 + || print_fn(mp, ATTR_FLAG_NONE, + SEND_ATTR_FUNC(tls_proxy_client_init_print, + (const void *) props), + ATTR_TYPE_END) != 0 + || vstream_fclose(mp) != 0) + msg_fatal("%s: can't serialize properties: %m", myname); return (vstring_str(buf)); } diff --git a/postfix/src/tls/tls_proxy_client_print.c b/postfix/src/tls/tls_proxy_client_print.c index ac628502e..1e6c922fd 100644 --- a/postfix/src/tls/tls_proxy_client_print.c +++ b/postfix/src/tls/tls_proxy_client_print.c @@ -10,33 +10,33 @@ /* ATTR_PRINT_COMMON_FN print_fn; /* VSTREAM *stream; /* int flags; -/* void *ptr; +/* const void *ptr; /* /* int tls_proxy_client_init_print(print_fn, stream, flags, ptr) /* ATTR_PRINT_COMMON_FN print_fn; /* VSTREAM *stream; /* int flags; -/* void *ptr; +/* const void *ptr; /* /* int tls_proxy_client_start_print(print_fn, stream, flags, ptr) /* ATTR_PRINT_COMMON_FN print_fn; /* VSTREAM *stream; /* int flags; -/* void *ptr; +/* const void *ptr; /* DESCRIPTION /* tls_proxy_client_param_print() writes a TLS_CLIENT_PARAMS structure to /* the named stream using the specified attribute print routine. /* tls_proxy_client_param_print() is meant to be passed as a call-back to /* attr_print(), thusly: /* -/* SEND_ATTR_FUNC(tls_proxy_client_param_print, (void *) param), ... +/* SEND_ATTR_FUNC(tls_proxy_client_param_print, (const void *) param), ... /* /* tls_proxy_client_init_print() writes a full TLS_CLIENT_INIT_PROPS /* structure to the named stream using the specified attribute /* print routine. tls_proxy_client_init_print() is meant to /* be passed as a call-back to attr_print(), thusly: /* -/* SEND_ATTR_FUNC(tls_proxy_client_init_print, (void *) init_props), ... +/* SEND_ATTR_FUNC(tls_proxy_client_init_print, (const void *) init_props), ... /* /* tls_proxy_client_start_print() writes a TLS_CLIENT_START_PROPS /* structure, without stream or file descriptor members, to @@ -44,7 +44,7 @@ /* tls_proxy_client_start_print() is meant to be passed as a /* call-back to attr_print(), thusly: /* -/* SEND_ATTR_FUNC(tls_proxy_client_start_print, (void *) start_props), ... +/* SEND_ATTR_FUNC(tls_proxy_client_start_print, (const void *) start_props), ... /* DIAGNOSTICS /* Fatal: out of memory. /* LICENSE @@ -86,9 +86,9 @@ /* tls_proxy_client_param_print - send TLS_CLIENT_PARAMS over stream */ int tls_proxy_client_param_print(ATTR_PRINT_COMMON_FN print_fn, VSTREAM *fp, - int flags, void *ptr) + int flags, const void *ptr) { - TLS_CLIENT_PARAMS *params = (TLS_CLIENT_PARAMS *) ptr; + const TLS_CLIENT_PARAMS *params = (const TLS_CLIENT_PARAMS *) ptr; int ret; if (msg_verbose) @@ -135,9 +135,9 @@ int tls_proxy_client_param_print(ATTR_PRINT_COMMON_FN print_fn, VSTREAM *fp, /* tls_proxy_client_init_print - send TLS_CLIENT_INIT_PROPS over stream */ int tls_proxy_client_init_print(ATTR_PRINT_COMMON_FN print_fn, VSTREAM *fp, - int flags, void *ptr) + int flags, const void *ptr) { - TLS_CLIENT_INIT_PROPS *props = (TLS_CLIENT_INIT_PROPS *) ptr; + const TLS_CLIENT_INIT_PROPS *props = (const TLS_CLIENT_INIT_PROPS *) ptr; int ret; if (msg_verbose) @@ -183,10 +183,10 @@ int tls_proxy_client_init_print(ATTR_PRINT_COMMON_FN print_fn, VSTREAM *fp, /* tls_proxy_client_tlsa_print - send TLS_TLSA over stream */ static int tls_proxy_client_tlsa_print(ATTR_PRINT_COMMON_FN print_fn, - VSTREAM *fp, int flags, void *ptr) + VSTREAM *fp, int flags, const void *ptr) { - TLS_TLSA *head = (TLS_TLSA *) ptr; - TLS_TLSA *tp; + const TLS_TLSA *head = (const TLS_TLSA *) ptr; + const TLS_TLSA *tp; int count; int ret; @@ -216,9 +216,9 @@ static int tls_proxy_client_tlsa_print(ATTR_PRINT_COMMON_FN print_fn, /* tls_proxy_client_dane_print - send TLS_DANE over stream */ static int tls_proxy_client_dane_print(ATTR_PRINT_COMMON_FN print_fn, - VSTREAM *fp, int flags, void *ptr) + VSTREAM *fp, int flags, const void *ptr) { - TLS_DANE *dane = (TLS_DANE *) ptr; + const TLS_DANE *dane = (const TLS_DANE *) ptr; int ret; ret = print_fn(fp, flags | ATTR_FLAG_MORE, @@ -233,7 +233,7 @@ static int tls_proxy_client_dane_print(ATTR_PRINT_COMMON_FN print_fn, SEND_ATTR_STR(TLS_ATTR_DOMAIN, STRING_OR_EMPTY(dane->base_domain)), SEND_ATTR_FUNC(tls_proxy_client_tlsa_print, - (void *) dane->tlsa), + (const void *) dane->tlsa), ATTR_TYPE_END); } /* Do not flush the stream. */ @@ -245,9 +245,9 @@ static int tls_proxy_client_dane_print(ATTR_PRINT_COMMON_FN print_fn, /* tls_proxy_client_start_print - send TLS_CLIENT_START_PROPS over stream */ int tls_proxy_client_start_print(ATTR_PRINT_COMMON_FN print_fn, - VSTREAM *fp, int flags, void *ptr) + VSTREAM *fp, int flags, const void *ptr) { - TLS_CLIENT_START_PROPS *props = (TLS_CLIENT_START_PROPS *) ptr; + const TLS_CLIENT_START_PROPS *props = (const TLS_CLIENT_START_PROPS *) ptr; int ret; if (msg_verbose) @@ -277,11 +277,11 @@ int tls_proxy_client_start_print(ATTR_PRINT_COMMON_FN print_fn, SEND_ATTR_STR(TLS_ATTR_CIPHER_EXCLUSIONS, STRING_OR_EMPTY(props->cipher_exclusions)), SEND_ATTR_FUNC(argv_attr_print, - (void *) props->matchargv), + (const void *) props->matchargv), SEND_ATTR_STR(TLS_ATTR_MDALG, STRING_OR_EMPTY(props->mdalg)), SEND_ATTR_FUNC(tls_proxy_client_dane_print, - (void *) props->dane), + (const void *) props->dane), ATTR_TYPE_END); /* Do not flush the stream. */ if (msg_verbose) diff --git a/postfix/src/tls/tls_proxy_context_print.c b/postfix/src/tls/tls_proxy_context_print.c index 4e7f9127d..04123cb02 100644 --- a/postfix/src/tls/tls_proxy_context_print.c +++ b/postfix/src/tls/tls_proxy_context_print.c @@ -10,14 +10,14 @@ /* ATTR_PRINT_COMMON_FN print_fn; /* VSTREAM *stream; /* int flags; -/* void *ptr; +/* const void *ptr; /* DESCRIPTION /* tls_proxy_context_print() writes the public members of a /* TLS_ATTR_STATE structure to the named stream using the /* specified attribute print routine. tls_proxy_context_print() /* is meant to be passed as a call-back to attr_print(), thusly: /* -/* ... SEND_ATTR_FUNC(tls_proxy_context_print, (void *) tls_context), ... +/* ... SEND_ATTR_FUNC(tls_proxy_context_print, (const void *) tls_context), ... /* DIAGNOSTICS /* Fatal: out of memory. /* LICENSE @@ -54,9 +54,9 @@ /* tls_proxy_context_print - send TLS session state over stream */ int tls_proxy_context_print(ATTR_PRINT_COMMON_FN print_fn, VSTREAM *fp, - int flags, void *ptr) + int flags, const void *ptr) { - TLS_SESS_STATE *tp = (TLS_SESS_STATE *) ptr; + const TLS_SESS_STATE *tp = (const TLS_SESS_STATE *) ptr; int ret; #define STRING_OR_EMPTY(s) ((s) ? (s) : "") diff --git a/postfix/src/tls/tls_proxy_server_print.c b/postfix/src/tls/tls_proxy_server_print.c index c49f67052..8d5142215 100644 --- a/postfix/src/tls/tls_proxy_server_print.c +++ b/postfix/src/tls/tls_proxy_server_print.c @@ -23,14 +23,14 @@ /* routine. tls_proxy_server_init_print() is meant to be passed as /* a call-back to attr_print(), thusly: /* -/* ... SEND_ATTR_FUNC(tls_proxy_server_init_print, (void *) init_props), ... +/* ... SEND_ATTR_FUNC(tls_proxy_server_init_print, (const void *) init_props), ... /* /* tls_proxy_server_start_print() writes a TLS_SERVER_START_PROPS /* structure to the named stream using the specified attribute print /* routine. tls_proxy_server_start_print() is meant to be passed as /* a call-back to attr_print(), thusly: /* -/* ... SEND_ATTR_FUNC(tls_proxy_server_start_print, (void *) start_props), ... +/* ... SEND_ATTR_FUNC(tls_proxy_server_start_print, (const void *) start_props), ... /* DIAGNOSTICS /* Fatal: out of memory. /* LICENSE @@ -62,9 +62,9 @@ /* tls_proxy_server_init_print - send TLS_SERVER_INIT_PROPS over stream */ int tls_proxy_server_init_print(ATTR_PRINT_COMMON_FN print_fn, VSTREAM *fp, - int flags, void *ptr) + int flags, const void *ptr) { - TLS_SERVER_INIT_PROPS *props = (TLS_SERVER_INIT_PROPS *) ptr; + const TLS_SERVER_INIT_PROPS *props = (const TLS_SERVER_INIT_PROPS *) ptr; int ret; #define STRING_OR_EMPTY(s) ((s) ? (s) : "") @@ -115,9 +115,9 @@ int tls_proxy_server_init_print(ATTR_PRINT_COMMON_FN print_fn, VSTREAM *fp, /* tls_proxy_server_start_print - send TLS_SERVER_START_PROPS over stream */ int tls_proxy_server_start_print(ATTR_PRINT_COMMON_FN print_fn, VSTREAM *fp, - int flags, void *ptr) + int flags, const void *ptr) { - TLS_SERVER_START_PROPS *props = (TLS_SERVER_START_PROPS *) ptr; + const TLS_SERVER_START_PROPS *props = (const TLS_SERVER_START_PROPS *) ptr; int ret; #define STRING_OR_EMPTY(s) ((s) ? (s) : "") diff --git a/postfix/src/tlsproxy/tlsproxy.c b/postfix/src/tlsproxy/tlsproxy.c index 5ad7784f4..39a2a8227 100644 --- a/postfix/src/tlsproxy/tlsproxy.c +++ b/postfix/src/tlsproxy/tlsproxy.c @@ -1195,8 +1195,6 @@ static TLS_APPL_STATE *tlsp_client_init(TLS_CLIENT_PARAMS *tls_params, char *param_key; VSTRING *init_buf; char *init_key; - VSTRING *init_buf_for_hashing; - char *init_key_for_hashing; int log_hints = 0; /* @@ -1208,21 +1206,13 @@ static TLS_APPL_STATE *tlsp_client_init(TLS_CLIENT_PARAMS *tls_params, * First, compute the TLS_APPL_STATE cache lookup key. Save a copy of the * pre-jail request TLS_CLIENT_PARAMS and TLSPROXY_CLIENT_INIT_PROPS * settings, so that we can detect post-jail requests that do not match. - * - * Workaround: salt the hash-table key with DANE on/off info. This avoids - * cross-talk between DANE and non-DANE sessions. Postfix DANE support - * modifies SSL_CTX to override certificate verification because there is - * no other way to do this before OpenSSL 1.1.0. */ param_buf = vstring_alloc(100); - param_key = tls_proxy_client_param_with_names_to_string( - param_buf, tls_params); + param_key = tls_proxy_client_param_serialize(attr_print_plain, param_buf, + tls_params); init_buf = vstring_alloc(100); - init_key = tls_proxy_client_init_with_names_to_string( - init_buf, init_props); - init_buf_for_hashing = vstring_alloc(100); - init_key_for_hashing = STR(vstring_sprintf(init_buf_for_hashing, "%s\n", - init_key)); + init_key = tls_proxy_client_init_serialize(attr_print_plain, init_buf, + init_props); if (tlsp_pre_jail_done == 0) { if (tlsp_pre_jail_client_param_key == 0 || tlsp_pre_jail_client_init_key == 0) { @@ -1252,7 +1242,7 @@ static TLS_APPL_STATE *tlsp_client_init(TLS_CLIENT_PARAMS *tls_params, * Look up the cached TLS_APPL_STATE for this tls_client_init request. */ if ((appl_state = (TLS_APPL_STATE *) - htable_find(tlsp_client_app_cache, init_key_for_hashing)) == 0) { + htable_find(tlsp_client_app_cache, init_key)) == 0) { /* * Before creating a TLS_APPL_STATE instance, log a warning if a @@ -1303,7 +1293,7 @@ static TLS_APPL_STATE *tlsp_client_init(TLS_CLIENT_PARAMS *tls_params, */ if (appl_state == 0 && (appl_state = tls_client_init(init_props)) != 0) { - (void) htable_enter(tlsp_client_app_cache, init_key_for_hashing, + (void) htable_enter(tlsp_client_app_cache, init_key, (void *) appl_state); /* @@ -1317,7 +1307,6 @@ static TLS_APPL_STATE *tlsp_client_init(TLS_CLIENT_PARAMS *tls_params, SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER); } - vstring_free(init_buf_for_hashing); vstring_free(init_buf); vstring_free(param_buf); return (appl_state); diff --git a/postfix/src/util/argv_attr.h b/postfix/src/util/argv_attr.h index 670b05662..53c587f28 100644 --- a/postfix/src/util/argv_attr.h +++ b/postfix/src/util/argv_attr.h @@ -26,7 +26,7 @@ #define ARGV_ATTR_VALUE "argv_value" #define ARGV_ATTR_MAX 1024 -extern int argv_attr_print(ATTR_PRINT_COMMON_FN, VSTREAM *, int, void *); +extern int argv_attr_print(ATTR_PRINT_COMMON_FN, VSTREAM *, int, const void *); extern int argv_attr_scan(ATTR_SCAN_COMMON_FN, VSTREAM *, int, void *); /* LICENSE diff --git a/postfix/src/util/argv_attr_print.c b/postfix/src/util/argv_attr_print.c index c30e77b54..78e33153f 100644 --- a/postfix/src/util/argv_attr_print.c +++ b/postfix/src/util/argv_attr_print.c @@ -16,7 +16,7 @@ /* the specified attribute print routine. argv_attr_print() is meant /* to be passed as a call-back to attr_print(), thusly: /* -/* ... SEND_ATTR_FUNC(argv_attr_print, (void *) argv), ... +/* ... SEND_ATTR_FUNC(argv_attr_print, (const void *) argv), ... /* DIAGNOSTICS /* Fatal: out of memory. /* @@ -50,7 +50,7 @@ /* argv_attr_print - write ARGV to stream */ int argv_attr_print(ATTR_PRINT_COMMON_FN print_fn, VSTREAM *fp, - int flags, void *ptr) + int flags, const void *ptr) { ARGV *argv = (ARGV *) ptr; int n; diff --git a/postfix/src/util/attr.h b/postfix/src/util/attr.h index fe44beb1e..c62c22607 100644 --- a/postfix/src/util/attr.h +++ b/postfix/src/util/attr.h @@ -31,7 +31,7 @@ typedef int (*ATTR_SCAN_COMMON_FN) (VSTREAM *, int,...); typedef int (*ATTR_SCAN_CUSTOM_FN) (ATTR_SCAN_COMMON_FN, VSTREAM *, int, void *); typedef int (*ATTR_PRINT_COMMON_FN) (VSTREAM *, int,...); -typedef int (*ATTR_PRINT_CUSTOM_FN) (ATTR_PRINT_COMMON_FN, VSTREAM *, int, void *); +typedef int (*ATTR_PRINT_CUSTOM_FN) (ATTR_PRINT_COMMON_FN, VSTREAM *, int, const void *); /* * Attribute types. See attr_scan(3) for documentation. diff --git a/postfix/src/util/sys_defs.h b/postfix/src/util/sys_defs.h index 2e1c95373..886d2a8b9 100644 --- a/postfix/src/util/sys_defs.h +++ b/postfix/src/util/sys_defs.h @@ -827,6 +827,9 @@ extern int initgroups(const char *, int); #define HAVE_POSIX_GETPW_R #endif #endif +#if HAVE_GLIBC_API_VERSION_SUPPORT(2, 34) +#define HAS_CLOSEFROM +#endif #endif