From: Wietse Venema Date: Sun, 5 Jan 2003 05:00:00 +0000 (-0500) Subject: postfix-2.0.0-20030105 X-Git-Tag: v2.1-RC1-20040331~87 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4268b309fa51a5569887dd56e291e1274727af39;p=thirdparty%2Fpostfix.git postfix-2.0.0-20030105 --- diff --git a/postfix/RELEASE_NOTES b/postfix/RELEASE_NOTES index 68ae6f7a0..69a06c461 100644 --- a/postfix/RELEASE_NOTES +++ b/postfix/RELEASE_NOTES @@ -26,7 +26,7 @@ Incompatible changes with Postfix snapshot 2.0.0-20030104 ========================================================= This release adds the new proxymap service (table lookup via a -proxy process) to the the master.cf file. If you get warnings about +proxy process) to the master.cf file. If you get warnings about problems connecting to the proxymap service, then you did not properly upgrade Postfix. @@ -51,7 +51,7 @@ to automatically restart even on busy mail systems. Clients of multi-server daemons such as trivial-rewrite and the new proxymap service now automatically disconnect after $ipc_ttl seconds of activity (default: 1000s). This allows multi-server -daemons to automatically restart even on busy mail mail systems. +daemons to automatically restart even on busy mail systems. Incompatible changes with Postfix snapshot 1.1.11-trace-20021119 ================================================================ diff --git a/postfix/conf/main.cf b/postfix/conf/main.cf index f088bd1c9..11a99cc36 100644 --- a/postfix/conf/main.cf +++ b/postfix/conf/main.cf @@ -188,7 +188,7 @@ mail_owner = postfix # the system passwd file in the chroot jail is just not practical. # #local_recipient_maps = unix:passwd.byname $alias_maps -#local_recipient_maps = proxy:passwd.byname $alias_maps +#local_recipient_maps = proxy:unix:passwd.byname $alias_maps #local_recipient_maps = # The unknown_local_recipient_reject_code specifies the SMTP server diff --git a/postfix/conf/sample-smtpd.cf b/postfix/conf/sample-smtpd.cf index ac9b17bef..73c3cd797 100644 --- a/postfix/conf/sample-smtpd.cf +++ b/postfix/conf/sample-smtpd.cf @@ -39,7 +39,7 @@ # #local_recipient_maps = #local_recipient_maps = unix:passwd.byname $alias_maps -local_recipient_maps = proxy:passwd.byname $alias_maps +local_recipient_maps = proxy:unix:passwd.byname $alias_maps # The unknown_local_recipient_reject_code specifies the SMTP server # response code when a recipient domain matches $mydestination or diff --git a/postfix/html/proxymap.8.html b/postfix/html/proxymap.8.html index e1d0cf4b7..96dc9abaf 100644 --- a/postfix/html/proxymap.8.html +++ b/postfix/html/proxymap.8.html @@ -49,21 +49,22 @@ PROXYMAP(8) PROXYMAP(8) type:mapname and flags are the same as with the PROXY_REQ_OPEN request. - There is no close command. This does not seem to be useful - because tables are meant to be shared among client pro- - cesses. + There is no close command, nor are tables implicitly + closed when a client disconnects. One of the purposes of + the proxymap server is to share tables among multiple + client processes. The request completion status code is one of: PROXY_STAT_OK - The specified table was opened, or the requested + The specified table was opened, or the requested entry was found. PROXY_STAT_NOKEY The requested table entry was not found. PROXY_STAT_BAD - The request was rejected (bad request parameter + The request was rejected (bad request parameter value). PROXY_STAT_RETRY @@ -75,50 +76,50 @@ PROXYMAP(8) PROXYMAP(8) SERVER PROCESS MANAGEMENT The proxymap servers run under control by the Postfix mas- - ter server. Each server can handle multiple simultaneous - connections. When all servers are busy while a client - connects, the master creates a new proxymap server pro- - cess, provided that the proxymap server process limit is - not exceeded. Each proxymap server stops accepting new - connections after serving $max_use clients or terminates + ter server. Each server can handle multiple simultaneous + connections. When all servers are busy while a client + connects, the master creates a new proxymap server pro- + cess, provided that the proxymap server process limit is + not exceeded. Each proxymap server stops accepting new + connections after serving $max_use clients or terminates after $max_idle seconds of idle time. SECURITY - The proxymap server opens only tables that are approved - via the proxy_read_maps configuration parameter, does not - talk to users, and can run at fixed low privilege, + The proxymap server opens only tables that are approved + via the proxy_read_maps configuration parameter, does not + talk to users, and can run at fixed low privilege, chrooted or not. - The proxymap server is not a trusted daemon process, and - must not be used to look up sensitive information such as - user or group IDs, mailbox file/directory names or exter- + The proxymap server is not a trusted daemon process, and + must not be used to look up sensitive information such as + user or group IDs, mailbox file/directory names or exter- nal commands. DIAGNOSTICS Problems and transactions are logged to syslogd(8). BUGS - The proxymap server provides service to multiple clients, - and must therefore not be used for tables that have high- + The proxymap server provides service to multiple clients, + and must therefore not be used for tables that have high- latency lookups. CONFIGURATION PARAMETERS - The following main.cf parameters are especially relevant - to this program. Use the postfix reload command after a + The following main.cf parameters are especially relevant + to this program. Use the postfix reload command after a configuration change. proxy_read_maps - A list of zero or more parameter values that may - contain references to Postfix lookup tables. Only - table references that begin with proxy: are - approved for read-only access via the proxymap + A list of zero or more parameter values that may + contain references to Postfix lookup tables. Only + table references that begin with proxy: are + approved for read-only access via the proxymap server. SEE ALSO dict_proxy(3) proxy map client LICENSE - The Secure Mailer license must be distributed with this + The Secure Mailer license must be distributed with this software. AUTHOR(S) diff --git a/postfix/man/man8/proxymap.8 b/postfix/man/man8/proxymap.8 index 876563fdb..149b2d6e6 100644 --- a/postfix/man/man8/proxymap.8 +++ b/postfix/man/man8/proxymap.8 @@ -51,8 +51,9 @@ the lookup result value. The \fImaptype:mapname\fR and \fIflags\fR are the same as with the \fBPROXY_REQ_OPEN\fR request. .PP -There is no close command. This does not seem to be useful -because tables are meant to be shared among client processes. +There is no close command, nor are tables implicitly closed +when a client disconnects. One of the purposes of the proxymap +server is to share tables among multiple client processes. The request completion status code is one of: .IP \fBPROXY_STAT_OK\fR diff --git a/postfix/src/global/clnt_stream.c b/postfix/src/global/clnt_stream.c index 8a736939e..a35876eec 100644 --- a/postfix/src/global/clnt_stream.c +++ b/postfix/src/global/clnt_stream.c @@ -115,7 +115,7 @@ static void clnt_stream_event(int unused_event, char *context) clnt_stream_close(clnt_stream); } -/* clnt_stream_ttl_event - server-initiated disconnect or client-side timeout */ +/* clnt_stream_ttl_event - client-side expiration */ static void clnt_stream_ttl_event(int event, char *context) { diff --git a/postfix/src/global/dict_proxy.c b/postfix/src/global/dict_proxy.c index 6cbe8ee59..28a6b3566 100644 --- a/postfix/src/global/dict_proxy.c +++ b/postfix/src/global/dict_proxy.c @@ -132,6 +132,7 @@ static const char *dict_proxy_lookup(DICT *dict, const char *key) case PROXY_STAT_OK: return (STR(dict_proxy->result)); case PROXY_STAT_NOKEY: + dict_errno = 0; return (0); case PROXY_STAT_RETRY: dict_errno = DICT_ERR_RETRY; diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h index 59b18fdb2..61919dd0c 100644 --- a/postfix/src/global/mail_version.h +++ b/postfix/src/global/mail_version.h @@ -20,7 +20,7 @@ * Patches change the patchlevel and the release date. Snapshots change the * release date only, unless they include the same bugfix as a patch release. */ -#define MAIL_RELEASE_DATE "20030104" +#define MAIL_RELEASE_DATE "20030105" #define VAR_MAIL_VERSION "mail_version" #define DEF_MAIL_VERSION "2.0.0-" MAIL_RELEASE_DATE diff --git a/postfix/src/proxymap/proxymap.c b/postfix/src/proxymap/proxymap.c index 871200efd..39b4f713f 100644 --- a/postfix/src/proxymap/proxymap.c +++ b/postfix/src/proxymap/proxymap.c @@ -45,8 +45,9 @@ /* The \fImaptype:mapname\fR and \fIflags\fR are the same /* as with the \fBPROXY_REQ_OPEN\fR request. /* .PP -/* There is no close command. This does not seem to be useful -/* because tables are meant to be shared among client processes. +/* There is no close command, nor are tables implicitly closed +/* when a client disconnects. One of the purposes of the proxymap +/* server is to share tables among multiple client processes. /* /* The request completion status code is one of: /* .IP \fBPROXY_STAT_OK\fR