From: Wietse Venema Date: Sun, 27 Jun 2021 05:00:00 +0000 (-0500) Subject: postfix-3.7-20210627 X-Git-Tag: v3.7.0-RC1~20 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=379f938876bf680f3cdb7a150dad8ed2cf5b6563;p=thirdparty%2Fpostfix.git postfix-3.7-20210627 --- diff --git a/postfix/HISTORY b/postfix/HISTORY index 862671a88..4e60ec2c1 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -25637,3 +25637,16 @@ Apologies for any names omitted. Cleanup: simplify the LMDB error recovery code. File: util/slmdb.c. + +20210623 + + Cleanup: the known_tcp_ports parameter was not hyperlinked. + File: mantools/postlink. + + Bugfix: some strtou?l() calls had no 'errno=0' statement + before the call. Fixed with strtou?l() wrapper functions + that reset errno before calling strtou?l(), and calling + these from code that did not explicitly reset errno. Other + strtou?l() can be migrated later. Problem reported by David + Bohman. Files: util/sane_strtol.[hc], global/compat_level.c, + postscreen/postscreen_tests.c, util/mac_expand.c. diff --git a/postfix/html/master.8.html b/postfix/html/master.8.html index f229bce8b..f1fc336a6 100644 --- a/postfix/html/master.8.html +++ b/postfix/html/master.8.html @@ -186,7 +186,7 @@ MASTER(8) MASTER(8) Available in Postfix 3.6 and later: - known_tcp_ports (lmtp=24, smtp=25, smtps=submissions=465, submis- + known_tcp_ports (lmtp=24, smtp=25, smtps=submissions=465, submis- sion=587) Optional setting that avoids lookups in the services(5) data- base. diff --git a/postfix/html/postconf.5.html b/postfix/html/postconf.5.html index 5b0691c36..2a1ec882f 100644 --- a/postfix/html/postconf.5.html +++ b/postfix/html/postconf.5.html @@ -4339,13 +4339,13 @@ of the port "465" service. The ABNF is:

-known_tcp_ports = empty | name-to-port *("," name-to-port)
+known_tcp_ports = empty | name-to-port *("," name-to-port)
name-to-port = 1*(service-name "=') port-number

-

Whitespace is optional but it cannot appear inside a service -name or port number.

+

The comma is required. Whitespace is optional but it cannot appear +inside a service name or port number.

This feature is available in Postfix 3.6 and later.

diff --git a/postfix/man/man5/postconf.5 b/postfix/man/man5/postconf.5 index f9c0263a3..d33e5c56a 100644 --- a/postfix/man/man5/postconf.5 +++ b/postfix/man/man5/postconf.5 @@ -2752,8 +2752,8 @@ known_tcp_ports = empty | name\-to\-port *("," name\-to\-port) name\-to\-port = 1*(service\-name "=') port\-number .in -4 .PP -Whitespace is optional but it cannot appear inside a service -name or port number. +The comma is required. Whitespace is optional but it cannot appear +inside a service name or port number. .PP This feature is available in Postfix 3.6 and later. .SH line_length_limit (default: 2048) diff --git a/postfix/mantools/postlink b/postfix/mantools/postlink index b69a9e400..20dac88f5 100755 --- a/postfix/mantools/postlink +++ b/postfix/mantools/postlink @@ -775,6 +775,7 @@ while (<>) { s;\breset_owner_alias\b;$&;g; s;\benable_long_queue_ids\b;$&;g; s;\benable_threaded_bounces\b;$&;g; + s;\bknown_tcp_ports\b;$&;g; # Transport-dependent magical parameters. @@ -882,6 +883,7 @@ while (<>) { s/[]*vir[-<\/bB>]*\n*[ ]*tual[<\/bB>]*\(8\)/$&<\/a>/g; s/[]*cidr_ta[-<\/bB>]*\n*[ ]*ble[<\/bB>]*\(5\)/$&<\/a>/g; s/[]*tcp_ta[-<\/bB>]*\n*[ ]*ble[<\/bB>]*\(5\)/$&<\/a>/g; + # Workaround... s/body_checks<\/a><\/b>\(5\)/body_checks<\/b>(5)/; s/header_checks<\/a><\/b>\(5\)/header_checks<\/b>(5)/; @@ -1134,6 +1136,7 @@ while (<>) { s;\bmail[-]*\n*[ ]*log_file_rotate_suffix\b;$&;g; s;\bpostlog_service_name\b;$&;g; s;\bpostlogd_watchdog_timeout\b;$&;g; + s;\blocal_login_sender_maps\b;$&;g; s;\bempty_address_local_login_sender_maps_lookup_key\b;$&;g; diff --git a/postfix/proto/postconf.proto b/postfix/proto/postconf.proto index 59aecf5e7..bef8dcfc1 100644 --- a/postfix/proto/postconf.proto +++ b/postfix/proto/postconf.proto @@ -18061,7 +18061,7 @@ name-to-port = 1*(service-name "=') port-number

-

Whitespace is optional but it cannot appear inside a service -name or port number.

+

The comma is required. Whitespace is optional but it cannot appear +inside a service name or port number.

This feature is available in Postfix 3.6 and later.

diff --git a/postfix/src/global/Makefile.in b/postfix/src/global/Makefile.in index 1ee7496fb..fc5244175 100644 --- a/postfix/src/global/Makefile.in +++ b/postfix/src/global/Makefile.in @@ -983,6 +983,7 @@ compat_level.o: ../../include/check_arg.h compat_level.o: ../../include/mac_expand.h compat_level.o: ../../include/mac_parse.h compat_level.o: ../../include/msg.h +compat_level.o: ../../include/sane_strtol.h compat_level.o: ../../include/sys_defs.h compat_level.o: ../../include/vbuf.h compat_level.o: ../../include/vstring.h diff --git a/postfix/src/global/compat_level.c b/postfix/src/global/compat_level.c index 1fb3a6851..98d65c439 100644 --- a/postfix/src/global/compat_level.c +++ b/postfix/src/global/compat_level.c @@ -106,6 +106,7 @@ */ #include #include +#include /* * For easy comparison we convert a three-number compatibility level into @@ -157,21 +158,21 @@ long compat_level_from_string(const char *str, char *remainder; start = str; - major = strtol(start, &remainder, 10); + major = sane_strtol(start, &remainder, 10); if (start < remainder && (*remainder == 0 || *remainder == '.') && errno != ERANGE && GOOD_MAJOR(major)) { res = ENCODE_MAJOR(major); if (*remainder == 0) return res; start = remainder + 1; - minor = strtol(start, &remainder, 10); + minor = sane_strtol(start, &remainder, 10); if (start < remainder && (*remainder == 0 || *remainder == '.') && errno != ERANGE && GOOD_MINOR(minor)) { res |= ENCODE_MINOR(minor); if (*remainder == 0) return (res); start = remainder + 1; - patch = strtol(start, &remainder, 10); + patch = sane_strtol(start, &remainder, 10); if (start < remainder && *remainder == 0 && errno != ERANGE && GOOD_PATCH(patch)) { return (res | ENCODE_PATCH(patch)); @@ -407,6 +408,7 @@ static void test_convert(void) msg_warn)) < 0) continue; msg_info("%s -> 0x%lx", vstring_str(buf), compat_level); + errno = ERANGE; if ((as_string = compat_level_to_string(compat_level, msg_warn)) == 0) continue; diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h index 989ba2a78..d7a25e60c 100644 --- a/postfix/src/global/mail_version.h +++ b/postfix/src/global/mail_version.h @@ -20,7 +20,7 @@ * Patches change both the patchlevel and the release date. Snapshots have no * patchlevel; they change the release date only. */ -#define MAIL_RELEASE_DATE "20210615" +#define MAIL_RELEASE_DATE "20210627" #define MAIL_VERSION_NUMBER "3.7" #ifdef SNAPSHOT diff --git a/postfix/src/postscreen/Makefile.in b/postfix/src/postscreen/Makefile.in index 82798ed73..8ed869229 100644 --- a/postfix/src/postscreen/Makefile.in +++ b/postfix/src/postscreen/Makefile.in @@ -417,6 +417,7 @@ postscreen_tests.o: ../../include/msg.h postscreen_tests.o: ../../include/myaddrinfo.h postscreen_tests.o: ../../include/myflock.h postscreen_tests.o: ../../include/name_code.h +postscreen_tests.o: ../../include/sane_strtol.h postscreen_tests.o: ../../include/server_acl.h postscreen_tests.o: ../../include/string_list.h postscreen_tests.o: ../../include/sys_defs.h diff --git a/postfix/src/postscreen/postscreen_tests.c b/postfix/src/postscreen/postscreen_tests.c index 02dadcac1..5e186221b 100644 --- a/postfix/src/postscreen/postscreen_tests.c +++ b/postfix/src/postscreen/postscreen_tests.c @@ -90,12 +90,12 @@ #include #include /* sscanf */ -#include /* strtoul */ /* Utility library. */ #include #include +#include /* Global library. */ @@ -175,7 +175,7 @@ void psc_parse_tests(PSC_STATE *state, * at the time that the cache entry was written. */ for (sp = time_stamps; sp < time_stamps + PSC_TINDX_COUNT; sp++) { - *sp = strtoul(start, &cp, 10); + *sp = sane_strtoul(start, &cp, 10); if (*start == 0 || (*cp != '\0' && *cp != ';') || errno == ERANGE) *sp = PSC_TIME_STAMP_DISABLED; if (msg_verbose) diff --git a/postfix/src/util/Makefile.in b/postfix/src/util/Makefile.in index a0bb00a91..fa23e20e2 100644 --- a/postfix/src/util/Makefile.in +++ b/postfix/src/util/Makefile.in @@ -42,7 +42,8 @@ SRCS = alldig.c allprint.c argv.c argv_split.c attr_clnt.c attr_print0.c \ extpar.c dict_inline.c casefold.c dict_utf8.c strcasecmp_utf8.c \ split_qnameval.c argv_attr_print.c argv_attr_scan.c dict_file.c \ msg_logger.c logwriter.c unix_dgram_connect.c unix_dgram_listen.c \ - byte_mask.c known_tcp_ports.c argv_split_at.c dict_stream.c + byte_mask.c known_tcp_ports.c argv_split_at.c dict_stream.c \ + sane_strtol.c OBJS = alldig.o allprint.o argv.o argv_split.o attr_clnt.o attr_print0.o \ attr_print64.o attr_print_plain.o attr_scan0.o attr_scan64.o \ attr_scan_plain.o auto_clnt.o base64_code.o basename.o binhash.o \ @@ -86,7 +87,8 @@ OBJS = alldig.o allprint.o argv.o argv_split.o attr_clnt.o attr_print0.o \ extpar.o dict_inline.o casefold.o dict_utf8.o strcasecmp_utf8.o \ split_qnameval.o argv_attr_print.o argv_attr_scan.o dict_file.o \ msg_logger.o logwriter.o unix_dgram_connect.o unix_dgram_listen.o \ - byte_mask.o known_tcp_ports.o argv_split_at.o dict_stream.o + byte_mask.o known_tcp_ports.o argv_split_at.o dict_stream.o \ + sane_strtol.o # MAP_OBJ is for maps that may be dynamically loaded with dynamicmaps.cf. # When hard-linking these, makedefs sets NON_PLUGIN_MAP_OBJ=$(MAP_OBJ), # otherwise it sets the PLUGIN_* macros. @@ -117,7 +119,7 @@ HDRS = argv.h attr.h attr_clnt.h auto_clnt.h base64_code.h binhash.h \ slmdb.h compat_va_copy.h dict_pipe.h dict_random.h \ valid_utf8_hostname.h midna_domain.h dict_union.h dict_inline.h \ check_arg.h argv_attr.h msg_logger.h logwriter.h byte_mask.h \ - known_tcp_ports.h + known_tcp_ports.h sane_strtol.h TESTSRC = fifo_open.c fifo_rdwr_bug.c fifo_rdonly_bug.c select_bug.c \ stream_test.c dup2_pass_on_exec.c DEFS = -I. -D$(SYSTYPE) @@ -2066,6 +2068,7 @@ mac_expand.o: mac_parse.h mac_expand.o: msg.h mac_expand.o: mymalloc.h mac_expand.o: name_code.h +mac_expand.o: sane_strtol.h mac_expand.o: stringops.h mac_expand.o: sys_defs.h mac_expand.o: vbuf.h @@ -2387,6 +2390,9 @@ sane_socketpair.o: msg.h sane_socketpair.o: sane_socketpair.c sane_socketpair.o: sane_socketpair.h sane_socketpair.o: sys_defs.h +sane_strtol.o: sane_strtol.c +sane_strtol.o: sane_strtol.h +sane_strtol.o: sys_defs.h sane_time.o: msg.h sane_time.o: sane_time.c sane_time.o: sane_time.h diff --git a/postfix/src/util/mac_expand.c b/postfix/src/util/mac_expand.c index 03dc2d8da..8817e9102 100644 --- a/postfix/src/util/mac_expand.c +++ b/postfix/src/util/mac_expand.c @@ -177,6 +177,7 @@ #include #include #include +#include #include #include @@ -274,7 +275,7 @@ static long atol_or_die(const char *strval) long result; char *remainder; - result = strtol(strval, &remainder, 10); + result = sane_strtol(strval, &remainder, 10); if (*strval == 0 /* can't happen */ || *remainder != 0 || errno == ERANGE) msg_fatal("mac_exp_eval: bad conversion: %s", strval); return (result); diff --git a/postfix/src/util/sane_strtol.c b/postfix/src/util/sane_strtol.c new file mode 100644 index 000000000..b7435ddc3 --- /dev/null +++ b/postfix/src/util/sane_strtol.c @@ -0,0 +1,59 @@ +/*++ +/* NAME +/* sane_strtol 3 +/* SUMMARY +/* strtol() with mandatory errno reset +/* SYNOPSIS +/* #include +/* +/* long sane_strtol( +/* const char *start, +/* char **restrict end, +/* int base) +/* +/* unsigned long sane_strtoul( +/* const char *start, +/* char **restrict end, +/* int base) +/* DESCRIPTION +/* These functions are wrappers around the strtol() and strtoul() +/* standard library functions that reset errno first, so that a +/* prior ERANGE error won't cause false errors. +/* LICENSE +/* .ad +/* .fi +/* The Secure Mailer license must be distributed with this software. +/* AUTHOR(S) +/* Wietse Venema +/* Google, Inc. +/* 111 8th Avenue +/* New York, NY 10011, USA +/*--*/ + + /* + * System library. + */ +#include +#include +#include + + /* + * Utility library. + */ +#include + +/* sane_strtol - strtol() with mandatory initialization */ + +long sane_strtol(const char *start, char **end, int base) +{ + errno = 0; + return (strtol(start, end, base)); +} + +/* sane_strtoul - strtoul() with mandatory initialization */ + +unsigned long sane_strtoul(const char *start, char **end, int base) +{ + errno = 0; + return (strtoul(start, end, base)); +} diff --git a/postfix/src/util/sane_strtol.h b/postfix/src/util/sane_strtol.h new file mode 100644 index 000000000..ac0831636 --- /dev/null +++ b/postfix/src/util/sane_strtol.h @@ -0,0 +1,26 @@ +/*++ +/* NAME +/* sane_strtol 3h +/* SUMMARY +/* strtol() with mandatory errno reset +/* SYNOPSIS +/* #include +/* DESCRIPTION +/* .nf + + /* + * External API. + */ +extern long sane_strtol(const char *start, char **end, int); +extern unsigned long sane_strtoul(const char *start, char **end, int); + +/* LICENSE +/* .ad +/* .fi +/* The Secure Mailer license must be distributed with this software. +/* AUTHOR(S) +/* Wietse Venema +/* Google, Inc. +/* 111 8th Avenue +/* New York, NY 10011, USA +/*--*/ diff --git a/postfix/src/util/slmdb.c b/postfix/src/util/slmdb.c index 9f03b477d..499589d04 100644 --- a/postfix/src/util/slmdb.c +++ b/postfix/src/util/slmdb.c @@ -203,6 +203,11 @@ /* IBM T.J. Watson Research /* P.O. Box 704 /* Yorktown Heights, NY 10598, USA +/* +/* Wietse Venema +/* Google, Inc. +/* 111 8th Avenue +/* New York, NY 10011, USA /*--*/ /*