From: Wietse Venema Date: Wed, 13 Apr 2005 05:00:00 +0000 (-0500) Subject: postfix-2.3-20050413 X-Git-Tag: v2.3-RC1~83 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5385bb446414b9bba3cbcba4f8b93cb59669d8f8;p=thirdparty%2Fpostfix.git postfix-2.3-20050413 --- diff --git a/postfix/HISTORY b/postfix/HISTORY index af7f827aa..6f7753fa0 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -10622,6 +10622,44 @@ Apologies for any names omitted. world. Based on code by Branko F. Gracnar. Files: smtpd/smtpd.c, and documentation. +20050407 + + @%^!#& Thanks to inadequate SASL documentation the client + could negotiate a security layer where none was desired. + Better documentation has become available since Postfix + SASL support was implemented, and now Postfix needs to be + fixed. Files: */*_sasl_glue.c. + +20050409 + + Safety: the CDB map now logs a warning when the source file + is newer than the indexed file, just like the Berkeley DB + and DBM maps. Michael Tokarev. File: util/dict_cdb.c. + +20040411 + + Portability: put the SASL DLL Hell guard after the declarations + instead of before. Reported by Marcus Grando. Files: + smtp/smtp_sasl_glue.c, lmtp/lmtp_sasl_glue.c. + +20050412 + + Infrastructure: change the disposition or other properties + of an embryonic queue file. This is currently used only to + place mail on hold. After code by Victor Duchovni. Files: + global/mail_stream.[hc], cleanup/cleanup_api.c. + +20040513 + + Portability: don't mix socket message send/receive calls + with socket stream read/write calls. The fact that you can + get away with it only on some stacks implies that there is + no long-term guarantee. Specify -DCAN_WRITE_BEFORE_SENDING_FD + if you feel brave. File: util/sys_defs.h. + + Robustness: re-compile all object files after the "make + makefiles" options have changed. Files: src/*/Makefile.in. + Open problems: Med: disable header address rewriting after XCLIENT? diff --git a/postfix/README_FILES/STANDARD_CONFIGURATION_README b/postfix/README_FILES/STANDARD_CONFIGURATION_README index f0161c115..9ee8d3dcd 100644 --- a/postfix/README_FILES/STANDARD_CONFIGURATION_README +++ b/postfix/README_FILES/STANDARD_CONFIGURATION_README @@ -277,6 +277,22 @@ the relay_recipients table. Execute the command "ppoossttmmaapp //eettcc//ppoossttffiixx//ttrraannssppoorrtt" whenever you change the transport table. +In some installations, there may be separate instances of Postfix processing +inbound and outbound mail on a multi-homed firewall. The inbound Postfix +instance has an SMTP server listening on the external firewall interface, and +the outbound Postfix instance has an SMTP server listening on the internal +interface. In such a configuration is it is tempting to configure +$inet_interfaces in each instance with just the corresponding interface +address. + +In most cases, using inet_interfaces in this way will not work, because as +documented in the $inet_interfaces reference manual, the smtp(8) delivery agent +will also use the specified interface address as the source address for +outbound connections and will be unable to reach hosts on "the other side" of +the firewall. The symptoms are that the firewall is unable to connect to hosts +that are in fact up. See the inet_interfaces parameter documentation for +suggested work-arounds. + DDeelliivveerriinngg ssoommee bbuutt nnoott aallll aaccccoouunnttss llooccaallllyy A drawback of sending mail as "user@example.com" (instead of @@ -298,22 +314,6 @@ Translation: listed in $mydestination, or when it matches $inet_interfaces or $proxy_interfaces. -In some installations, there may be separate instances of Postfix processing -inbound and outbound mail on a multi-homed firewall. The inbound Postfix -instance has an SMTP server listening on the external firewall interface, and -the outbound Postfix instance has an SMTP server listening on the internal -interface. In such a configuration is it is tempting to configure -$inet_interfaces in each instance with just the corresponding interface -address. - -In most cases, using inet_interfaces in this way will not work, because as -documented in the $inet_interfaces reference manual, the smtp(8) delivery agent -will also use the specified interface address as the source address for -outbound connections and will be unable to reach hosts on "the other side" of -the firewall. The symptoms are that the firewall is unable to connect to hosts -that are in fact up. See the inet_interfaces parameter documentation for -suggested work-arounds. - RRuunnnniinngg PPoossttffiixx bbeehhiinndd aa ffiirreewwaallll The simplest way to set up Postfix on a host behind a firewalled network is to diff --git a/postfix/RELEASE_NOTES b/postfix/RELEASE_NOTES index 8ea1805bc..93daf420a 100644 --- a/postfix/RELEASE_NOTES +++ b/postfix/RELEASE_NOTES @@ -28,7 +28,8 @@ Incompatibility with snapshot 20050328 The logging format has changed. Postfix delivery agents now log the RFC 3463 enhanced status code as "dsn=x.y.z" where y and z can be -up to three digits each. +up to three digits each. See the file pfloggsum-dsn-patch for an +update to the pfloggsum script. After you upgrade from Postfix 2.2 or 2.3 you need to execute "postfix reload", otherwise you will keep running the old Postfix diff --git a/postfix/conf/virtual b/postfix/conf/virtual index 6aa789bc9..d6d1dc0e6 100644 --- a/postfix/conf/virtual +++ b/postfix/conf/virtual @@ -12,11 +12,11 @@ # # DESCRIPTION # The optional virtual(5) alias table rewrites recipient -# addresses for all local, virtual and remote mail destina- -# tions. This is unlike the aliases(5) table which is used -# only for local(8) delivery. Virtual aliasing is recur- -# sive, and is implemented by the Postfix cleanup(8) daemon -# before mail is queued. +# addresses for all local, all virtual, and all remote mail +# destinations. This is unlike the aliases(5) table which +# is used only for local(8) delivery. Virtual aliasing is +# recursive, and is implemented by the Postfix cleanup(8) +# daemon before mail is queued. # # The main applications of virtual aliasing are: # diff --git a/postfix/html/STANDARD_CONFIGURATION_README.html b/postfix/html/STANDARD_CONFIGURATION_README.html index 188e023f4..98b9f260e 100644 --- a/postfix/html/STANDARD_CONFIGURATION_README.html +++ b/postfix/html/STANDARD_CONFIGURATION_README.html @@ -391,6 +391,22 @@ whenever you change the relay_recipients table.

Execute the command "postmap /etc/postfix/transport" whenever you change the transport table.

+

In some installations, there may be separate instances of Postfix +processing inbound and outbound mail on a multi-homed firewall. The +inbound Postfix instance has an SMTP server listening on the external +firewall interface, and the outbound Postfix instance has an SMTP server +listening on the internal interface. In such a configuration is it is +tempting to configure $inet_interfaces in each instance with just the +corresponding interface address.

+ +

In most cases, using inet_interfaces in this way will not work, +because as documented in the $inet_interfaces reference manual, the +smtp(8) delivery agent will also use the specified interface address +as the source address for outbound connections and will be unable to +reach hosts on "the other side" of the firewall. The symptoms are that +the firewall is unable to connect to hosts that are in fact up. See the +inet_interfaces parameter documentation for suggested work-arounds.

+

Delivering some but not all accounts locally

@@ -422,22 +438,6 @@ matches $inet_interfaces or $ -

In some installations, there may be separate instances of Postfix -processing inbound and outbound mail on a multi-homed firewall. The -inbound Postfix instance has an SMTP server listening on the external -firewall interface, and the outbound Postfix instance has an SMTP server -listening on the internal interface. In such a configuration is it is -tempting to configure $inet_interfaces in each instance with just the -corresponding interface address.

- -

In most cases, using inet_interfaces in this way will not work, -because as documented in the $inet_interfaces reference manual, the -smtp(8) delivery agent will also use the specified interface address -as the source address for outbound connections and will be unable to -reach hosts on "the other side" of the firewall. The symptoms are that -the firewall is unable to connect to hosts that are in fact up. See the -inet_interfaces parameter documentation for suggested work-arounds.

-

Running Postfix behind a firewall

The simplest way to set up Postfix on a host behind a firewalled diff --git a/postfix/html/bounce.8.html b/postfix/html/bounce.8.html index a3ed1ee99..e9caeec1d 100644 --- a/postfix/html/bounce.8.html +++ b/postfix/html/bounce.8.html @@ -44,6 +44,7 @@ BOUNCE(8) BOUNCE(8) STANDARDS RFC 822 (ARPA Internet Text Messages) + RFC 1892 (Delivery Status Notifications) RFC 1894 (Delivery Status Notifications) RFC 2045 (Format of Internet Message Bodies) diff --git a/postfix/html/postconf.5.html b/postfix/html/postconf.5.html index 868399d67..f3fa3df3d 100644 --- a/postfix/html/postconf.5.html +++ b/postfix/html/postconf.5.html @@ -4057,6 +4057,9 @@ manager and by other long-lived Postfix daemon processes. The maximal time between attempts to deliver a deferred message.

+

This parameter should be set to a value greater than or equal +to $minimal_backoff_time. See also $queue_run_delay.

+

Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (seconds). @@ -4150,6 +4153,9 @@ This parameter also limits the time an unreachable destination is kept in the short-term, in-memory, destination status cache.

+

It is recommended that this parameter be set greater than or +equal to $queue_run_delay. See also $maximal_backoff_time.

+

Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (seconds). @@ -4910,6 +4916,9 @@ zero means there is no minimum required amount of free space. The time between deferred queue scans by the queue manager.

+

It is recommended that this parameter be set less than or equal +to $minimal_backoff_time. See also $maximal_backoff_time.

+

Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (seconds). diff --git a/postfix/html/virtual.5.html b/postfix/html/virtual.5.html index 51d3b7e9f..1c20d4fb5 100644 --- a/postfix/html/virtual.5.html +++ b/postfix/html/virtual.5.html @@ -18,11 +18,11 @@ VIRTUAL(5) VIRTUAL(5) DESCRIPTION The optional virtual(5) alias table rewrites recipient - addresses for all local, virtual and remote mail destina- - tions. This is unlike the aliases(5) table which is used - only for local(8) delivery. Virtual aliasing is recur- - sive, and is implemented by the Postfix cleanup(8) daemon - before mail is queued. + addresses for all local, all virtual, and all remote mail + destinations. This is unlike the aliases(5) table which + is used only for local(8) delivery. Virtual aliasing is + recursive, and is implemented by the Postfix cleanup(8) + daemon before mail is queued. The main applications of virtual aliasing are: diff --git a/postfix/man/man5/postconf.5 b/postfix/man/man5/postconf.5 index c6b33c764..2743d1935 100644 --- a/postfix/man/man5/postconf.5 +++ b/postfix/man/man5/postconf.5 @@ -2200,6 +2200,9 @@ manager and by other long-lived Postfix daemon processes. .SH maximal_backoff_time (default: 4000s) The maximal time between attempts to deliver a deferred message. .PP +This parameter should be set to a value greater than or equal +to $minimal_backoff_time. See also $queue_run_delay. +.PP Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (seconds). .SH maximal_queue_lifetime (default: 5d) @@ -2233,6 +2236,9 @@ The minimal time between attempts to deliver a deferred message. This parameter also limits the time an unreachable destination is kept in the short-term, in-memory, destination status cache. .PP +It is recommended that this parameter be set greater than or +equal to $queue_run_delay. See also $maximal_backoff_time. +.PP Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (seconds). .SH multi_recipient_bounce_reject_code (default: 550) @@ -2659,6 +2665,9 @@ zero means there is no minimum required amount of free space. .SH queue_run_delay (default: 1000s) The time between deferred queue scans by the queue manager. .PP +It is recommended that this parameter be set less than or equal +to $minimal_backoff_time. See also $maximal_backoff_time. +.PP Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (seconds). .SH queue_service_name (default: qmgr) diff --git a/postfix/man/man5/virtual.5 b/postfix/man/man5/virtual.5 index 9250663fc..42088e867 100644 --- a/postfix/man/man5/virtual.5 +++ b/postfix/man/man5/virtual.5 @@ -17,7 +17,8 @@ Postfix virtual alias table format .ad .fi The optional \fBvirtual\fR(5) alias table rewrites recipient -addresses for all local, virtual and remote mail destinations. +addresses for all local, all virtual, and all remote mail +destinations. This is unlike the \fBaliases\fR(5) table which is used only for \fBlocal\fR(8) delivery. Virtual aliasing is recursive, and is implemented by the Postfix \fBcleanup\fR(8) diff --git a/postfix/man/man8/bounce.8 b/postfix/man/man8/bounce.8 index cf8799842..97cc496f5 100644 --- a/postfix/man/man8/bounce.8 +++ b/postfix/man/man8/bounce.8 @@ -41,6 +41,7 @@ themselves, and that depend on retry logic in their own client. .na .nf RFC 822 (ARPA Internet Text Messages) +RFC 1892 (Delivery Status Notifications) RFC 1894 (Delivery Status Notifications) RFC 2045 (Format of Internet Message Bodies) .SH DIAGNOSTICS diff --git a/postfix/pflogsumm-dsn-patch b/postfix/pflogsumm-dsn-patch new file mode 100644 index 000000000..6c312d616 --- /dev/null +++ b/postfix/pflogsumm-dsn-patch @@ -0,0 +1,23 @@ +Postfix 2.3 changes the logging format, introducing a field that +reports the delivery status code as "dsn=x.yy.zz", where yy and zz +can be up to three digits long. This breaks pflogsumm analysis. + +The patch below appeared in: + + Message-ID: <4257CF98.10309@michaweb.net> + Date: Sat, 09 Apr 2005 14:50:32 +0200 + From: John Fawcett + To: postfix-users@postfix.org + Subject: postfix 2.3 and pflogsumm + +--- pflogsumm.original 2005-04-09 12:54:44.140532258 +0200 ++++ pflogsumm 2005-04-09 12:55:33.246949650 +0200 +@@ -696,7 +696,7 @@ + } + } + elsif((($addr, $relay, $delay, $status, $toRmdr) = $logRmdr =~ +- /to=<([^>]*)>, (?:orig_to=<[^>]*>, )?relay=([^,]+), delay=([^,]+), status=(\S+)(.*)$/o) >= 4) ++ /to=<([^>]*)>, (?:orig_to=<[^>]*>, )?relay=([^,]+), delay=([^,]+), (?:dsn=\d+\.\d+\.\d+, )?status=(\S+)(.*)$/o) >= 4) + { + + if($opts{'m'} && $addr =~ /^(.*!)*([^!]+)!([^!@]+)@([^\.]+)$/o) { diff --git a/postfix/proto/STANDARD_CONFIGURATION_README.html b/postfix/proto/STANDARD_CONFIGURATION_README.html index 9b0ae01cb..fcc7c275a 100644 --- a/postfix/proto/STANDARD_CONFIGURATION_README.html +++ b/postfix/proto/STANDARD_CONFIGURATION_README.html @@ -391,6 +391,22 @@ whenever you change the relay_recipients table.

Execute the command "postmap /etc/postfix/transport" whenever you change the transport table.

+

In some installations, there may be separate instances of Postfix +processing inbound and outbound mail on a multi-homed firewall. The +inbound Postfix instance has an SMTP server listening on the external +firewall interface, and the outbound Postfix instance has an SMTP server +listening on the internal interface. In such a configuration is it is +tempting to configure $inet_interfaces in each instance with just the +corresponding interface address.

+ +

In most cases, using inet_interfaces in this way will not work, +because as documented in the $inet_interfaces reference manual, the +smtp(8) delivery agent will also use the specified interface address +as the source address for outbound connections and will be unable to +reach hosts on "the other side" of the firewall. The symptoms are that +the firewall is unable to connect to hosts that are in fact up. See the +inet_interfaces parameter documentation for suggested work-arounds.

+

Delivering some but not all accounts locally

@@ -422,22 +438,6 @@ matches $inet_interfaces or $proxy_interfaces.

-

In some installations, there may be separate instances of Postfix -processing inbound and outbound mail on a multi-homed firewall. The -inbound Postfix instance has an SMTP server listening on the external -firewall interface, and the outbound Postfix instance has an SMTP server -listening on the internal interface. In such a configuration is it is -tempting to configure $inet_interfaces in each instance with just the -corresponding interface address.

- -

In most cases, using inet_interfaces in this way will not work, -because as documented in the $inet_interfaces reference manual, the -smtp(8) delivery agent will also use the specified interface address -as the source address for outbound connections and will be unable to -reach hosts on "the other side" of the firewall. The symptoms are that -the firewall is unable to connect to hosts that are in fact up. See the -inet_interfaces parameter documentation for suggested work-arounds.

-

Running Postfix behind a firewall

The simplest way to set up Postfix on a host behind a firewalled diff --git a/postfix/proto/postconf.proto b/postfix/proto/postconf.proto index 281fd98ec..31512d80c 100644 --- a/postfix/proto/postconf.proto +++ b/postfix/proto/postconf.proto @@ -2508,6 +2508,9 @@ manager and by other long-lived Postfix daemon processes. The maximal time between attempts to deliver a deferred message.

+

This parameter should be set to a value greater than or equal +to $minimal_backoff_time. See also $queue_run_delay.

+

Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (seconds). @@ -2543,6 +2546,9 @@ This parameter also limits the time an unreachable destination is kept in the short-term, in-memory, destination status cache.

+

It is recommended that this parameter be set greater than or +equal to $queue_run_delay. See also $maximal_backoff_time.

+

Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (seconds). @@ -2982,6 +2988,9 @@ zero means there is no minimum required amount of free space. The time between deferred queue scans by the queue manager.

+

It is recommended that this parameter be set less than or equal +to $minimal_backoff_time. See also $maximal_backoff_time.

+

Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is s (seconds). diff --git a/postfix/proto/virtual b/postfix/proto/virtual index 8a2a0b1f2..4cf5ef1b5 100644 --- a/postfix/proto/virtual +++ b/postfix/proto/virtual @@ -11,7 +11,8 @@ # \fBpostmap -q - /etc/postfix/virtual <\fIinputfile\fR # DESCRIPTION # The optional \fBvirtual\fR(5) alias table rewrites recipient -# addresses for all local, virtual and remote mail destinations. +# addresses for all local, all virtual, and all remote mail +# destinations. # This is unlike the \fBaliases\fR(5) table which is used # only for \fBlocal\fR(8) delivery. Virtual aliasing is # recursive, and is implemented by the Postfix \fBcleanup\fR(8) diff --git a/postfix/src/anvil/Makefile.in b/postfix/src/anvil/Makefile.in index 5ff109e3a..f753a2067 100644 --- a/postfix/src/anvil/Makefile.in +++ b/postfix/src/anvil/Makefile.in @@ -15,6 +15,8 @@ LIBS = ../../lib/libmaster.a ../../lib/libglobal.a ../../lib/libutil.a $(PROG): $(OBJS) $(LIBS) $(CC) $(CFLAGS) -o $@ $(OBJS) $(LIBS) $(SYSLIBS) +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@ diff --git a/postfix/src/bounce/Makefile.in b/postfix/src/bounce/Makefile.in index 1d89b537b..7cbf77aec 100644 --- a/postfix/src/bounce/Makefile.in +++ b/postfix/src/bounce/Makefile.in @@ -19,6 +19,8 @@ LIBS = ../../lib/libmaster.a ../../lib/libglobal.a ../../lib/libutil.a $(PROG): $(OBJS) $(LIBS) $(CC) $(CFLAGS) -o $@ $(OBJS) $(LIBS) $(SYSLIBS) +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@ diff --git a/postfix/src/bounce/bounce.c b/postfix/src/bounce/bounce.c index 4d7c4371c..43286c3d8 100644 --- a/postfix/src/bounce/bounce.c +++ b/postfix/src/bounce/bounce.c @@ -33,6 +33,7 @@ /* themselves, and that depend on retry logic in their own client. /* STANDARDS /* RFC 822 (ARPA Internet Text Messages) +/* RFC 1892 (Delivery Status Notifications) /* RFC 1894 (Delivery Status Notifications) /* RFC 2045 (Format of Internet Message Bodies) /* DIAGNOSTICS diff --git a/postfix/src/cleanup/Makefile.in b/postfix/src/cleanup/Makefile.in index 66212f8e5..e2454b97a 100644 --- a/postfix/src/cleanup/Makefile.in +++ b/postfix/src/cleanup/Makefile.in @@ -23,6 +23,8 @@ LIBS = ../../lib/libmaster.a ../../lib/libglobal.a ../../lib/libutil.a $(PROG): $(OBJS) $(LIBS) $(CC) $(CFLAGS) -o $@ $(OBJS) $(LIBS) $(SYSLIBS) +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@ diff --git a/postfix/src/cleanup/cleanup.c b/postfix/src/cleanup/cleanup.c index 720e4fe97..b0e9aed6f 100644 --- a/postfix/src/cleanup/cleanup.c +++ b/postfix/src/cleanup/cleanup.c @@ -338,6 +338,7 @@ static void cleanup_service(VSTREAM *src, char *unused_service, char **argv) CLEANUP_STATE *state; int flags; int type = 0; + int status; /* * Sanity check. This service takes no command-line arguments. @@ -403,8 +404,9 @@ static void cleanup_service(VSTREAM *src, char *unused_service, char **argv) /* * Finish this message, and report the result status to the client. */ + status = cleanup_flush(state); /* in case state is modified */ attr_print(src, ATTR_FLAG_NONE, - ATTR_TYPE_NUM, MAIL_ATTR_STATUS, cleanup_flush(state), + ATTR_TYPE_NUM, MAIL_ATTR_STATUS, status, ATTR_TYPE_STR, MAIL_ATTR_WHY, state->reason ? state->reason : "", ATTR_TYPE_END); diff --git a/postfix/src/cleanup/cleanup_api.c b/postfix/src/cleanup/cleanup_api.c index cac4ce6a8..050cd57b7 100644 --- a/postfix/src/cleanup/cleanup_api.c +++ b/postfix/src/cleanup/cleanup_api.c @@ -105,7 +105,7 @@ #include #include #include -#include +#include #include /* Application-specific. */ @@ -218,15 +218,22 @@ int cleanup_flush(CLEANUP_STATE *state) */ if (state->errs == 0 && (state->flags & CLEANUP_FLAG_DISCARD) == 0) { if ((state->flags & CLEANUP_FLAG_HOLD) != 0) { - if (hold_message(state->temp1, state->queue_name, state->queue_id) < 0) - msg_fatal("%s: problem putting message on hold: %m", - state->queue_id); + mail_stream_ctl(state->handle, + MAIL_STREAM_CTL_QUEUE, MAIL_QUEUE_HOLD, + MAIL_STREAM_CTL_CLASS, 0, + MAIL_STREAM_CTL_SERVICE, 0, + MAIL_STREAM_CTL_END); junk = cleanup_path; - cleanup_path = mystrdup(vstring_str(state->temp1)); + cleanup_path = mystrdup(VSTREAM_PATH(state->handle->stream)); myfree(junk); - vstream_control(state->handle->stream, - VSTREAM_CTL_PATH, cleanup_path, - VSTREAM_CTL_END); + + /* + * XXX: When delivering to a non-incoming queue, do not consume + * in_flow tokens. Unfortunately we can't move the code that + * consumes tokens until after the mail is received, because that + * would increase the risk of duplicate deliveries. + */ + (void) mail_flow_put(1); } state->errs = mail_stream_finish(state->handle, (VSTRING *) 0); } else { diff --git a/postfix/src/cleanup/cleanup_init.c b/postfix/src/cleanup/cleanup_init.c index f5d4c869e..738ee1326 100644 --- a/postfix/src/cleanup/cleanup_init.c +++ b/postfix/src/cleanup/cleanup_init.c @@ -66,6 +66,7 @@ /* System library. */ #include +#include /* Utility library. */ @@ -197,8 +198,17 @@ int cleanup_ext_prop_mask; void cleanup_all(void) { - if (cleanup_path && REMOVE(cleanup_path)) - msg_warn("cleanup_all: remove %s: %m", cleanup_path); + + /* + * msg_fatal() is safe against calling itself recursively, but signals + * need extra safety. + */ + if (signal(SIGTERM, SIG_IGN) != SIG_IGN) { + if (cleanup_path && REMOVE(cleanup_path)) { + msg_warn("cleanup_all: remove %s: %m", cleanup_path); + cleanup_path = 0; + } + } } /* cleanup_pre_jail - initialize before entering the chroot jail */ diff --git a/postfix/src/discard/Makefile.in b/postfix/src/discard/Makefile.in index 224cd90a7..24fb6bc6e 100644 --- a/postfix/src/discard/Makefile.in +++ b/postfix/src/discard/Makefile.in @@ -15,6 +15,8 @@ LIBS = ../../lib/libmaster.a ../../lib/libglobal.a ../../lib/libutil.a $(PROG): $(OBJS) $(LIBS) $(CC) $(CFLAGS) -o $@ $(OBJS) $(LIBS) $(SYSLIBS) +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@ diff --git a/postfix/src/dns/Makefile.in b/postfix/src/dns/Makefile.in index 9b4573abc..8144875cf 100644 --- a/postfix/src/dns/Makefile.in +++ b/postfix/src/dns/Makefile.in @@ -18,6 +18,8 @@ INC_DIR = ../../include all: $(LIB) +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@ diff --git a/postfix/src/error/Makefile.in b/postfix/src/error/Makefile.in index a9ccd8e1e..59a02d3ca 100644 --- a/postfix/src/error/Makefile.in +++ b/postfix/src/error/Makefile.in @@ -15,6 +15,8 @@ LIBS = ../../lib/libmaster.a ../../lib/libglobal.a ../../lib/libutil.a $(PROG): $(OBJS) $(LIBS) $(CC) $(CFLAGS) -o $@ $(OBJS) $(LIBS) $(SYSLIBS) +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@ diff --git a/postfix/src/flush/Makefile.in b/postfix/src/flush/Makefile.in index a21128049..26b877a0d 100644 --- a/postfix/src/flush/Makefile.in +++ b/postfix/src/flush/Makefile.in @@ -15,6 +15,8 @@ LIBS = ../../lib/libmaster.a ../../lib/libglobal.a ../../lib/libutil.a $(PROG): $(OBJS) $(LIBS) $(CC) $(CFLAGS) -o $@ $(OBJS) $(LIBS) $(SYSLIBS) +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@ diff --git a/postfix/src/fsstone/Makefile.in b/postfix/src/fsstone/Makefile.in index 39d22cc35..022bd0746 100644 --- a/postfix/src/fsstone/Makefile.in +++ b/postfix/src/fsstone/Makefile.in @@ -14,6 +14,8 @@ LIBS = ../../lib/libglobal.a ../../lib/libutil.a all: $(PROG) +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@ diff --git a/postfix/src/global/Makefile.in b/postfix/src/global/Makefile.in index ec70f10a9..bdb1632f4 100644 --- a/postfix/src/global/Makefile.in +++ b/postfix/src/global/Makefile.in @@ -97,6 +97,8 @@ MAKES = all: $(LIB) +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@ diff --git a/postfix/src/global/mail_stream.c b/postfix/src/global/mail_stream.c index 6edeea7ad..5c002888b 100644 --- a/postfix/src/global/mail_stream.c +++ b/postfix/src/global/mail_stream.c @@ -33,6 +33,10 @@ /* int mail_stream_finish(info, why) /* MAIL_STREAM *info; /* VSTRING *why; +/* +/* void mail_stream_ctl(info, op, ...) +/* MAIL_STREAM *info; +/* int op; /* DESCRIPTION /* This module provides a generic interface to Postfix queue file /* format messages to file, to Postfix server, or to external command. @@ -44,7 +48,8 @@ /* mail_stream_file() opens a mail stream to a newly-created file and /* arranges for trigger delivery at finish time. This call never fails. /* But it may take forever. The mode argument specifies additional -/* file permissions that will be OR-ed in. +/* file permissions that will be OR-ed in when the file is finished. +/* While embryonic files have mode 0600, finished files have mode 0700. /* /* mail_stream_command() opens a mail stream to external command, /* and receives queue ID information from the command. The result @@ -66,6 +71,24 @@ /* The result is any of the status codes defined in . /* It is up to the caller to remove incomplete file objects. /* The why argument can be a null pointer. +/* +/* mail_stream_ctl() selectively overrides information that +/* was specified with mail_stream_file(); none of the attributes +/* are applicable for other mail stream types. The arguments +/* are a list of (operation, value) pairs, terminated with +/* MAIL_STREAM_CTL_END. The following lists the operation +/* codes and the types of the corresponding value arguments. +/* .IP "MAIL_STREAM_CTL_QUEUE (char *)" +/* The argument specifies an alternate destination queue. The +/* queue file is moved to the specified queue before the call +/* returns. Failure to rename the queue file results in a fatal +/* error. +/* .IP "MAIL_STREAM_CTL_CLASS (char *)" +/* The argument specifies an alternate trigger class. +/* .IP "MAIL_STREAM_CTL_SERVICE (char *)" +/* The argument specifies an alternate trigger service. +/* .IP "MAIL_STREAM_CTL_MODE (int)" +/* The argument specifies an altername file mode. /* LICENSE /* .ad /* .fi @@ -85,6 +108,7 @@ #include #include #include +#include /* Utility library. */ @@ -94,6 +118,7 @@ #include #include #include +#include /* Global library. */ @@ -108,7 +133,9 @@ static VSTRING *id_buf; -#define FREE_AND_WIPE(free, arg) { if (arg) free(arg); arg = 0; } +#define FREE_AND_WIPE(free, arg) do { if (arg) free(arg); arg = 0; } while (0) + +#define STR(x) vstring_str(x) /* mail_stream_cleanup - clean up after success or failure */ @@ -126,7 +153,7 @@ void mail_stream_cleanup(MAIL_STREAM *info) static int mail_stream_finish_file(MAIL_STREAM *info, VSTRING *unused_why) { - int status = 0; + int status = CLEANUP_STAT_OK; static char wakeup[] = {TRIGGER_REQ_WAKEUP}; struct stat st; time_t now; @@ -135,6 +162,7 @@ static int mail_stream_finish_file(MAIL_STREAM *info, VSTRING *unused_why) static int incoming_fs_clock_ok = 0; static int incoming_clock_warned = 0; int check_incoming_fs_clock; + int err; /* * Make sure the message makes it to file. Set the execute bit when no @@ -199,17 +227,20 @@ static int mail_stream_finish_file(MAIL_STREAM *info, VSTRING *unused_why) * remote file system is not recommended, if only for performance * reasons. */ - if (info->close(info->stream)) - status = (errno == EFBIG ? CLEANUP_STAT_SIZE : CLEANUP_STAT_WRITE); + err = info->close(info->stream); info->stream = 0; + if (status == CLEANUP_STAT_OK && err != 0) + status = (errno == EFBIG ? CLEANUP_STAT_SIZE : CLEANUP_STAT_WRITE); /* * Work around file system clocks that are ahead of local time. */ if (path_to_reset != 0) { - tbuf.actime = tbuf.modtime = now; - if (utime(path_to_reset, &tbuf) < 0 && errno != ENOENT) - msg_fatal("%s: update file time stamps: %m", info->id); + if (status == CLEANUP_STAT_OK) { + tbuf.actime = tbuf.modtime = now; + if (utime(path_to_reset, &tbuf) < 0 && errno != ENOENT) + msg_fatal("%s: update file time stamps: %m", info->id); + } myfree(path_to_reset); } @@ -217,7 +248,7 @@ static int mail_stream_finish_file(MAIL_STREAM *info, VSTRING *unused_why) * When all is well, notify the next service that a new message has been * queued. */ - if (status == CLEANUP_STAT_OK) + if (status == CLEANUP_STAT_OK && info->class && info->service) mail_trigger(info->class, info->service, wakeup, sizeof(wakeup)); /* @@ -363,3 +394,100 @@ MAIL_STREAM *mail_stream_command(const char *command) return (info); } } + +/* mail_stream_ctl - update file-based mail stream properties */ + +void mail_stream_ctl(MAIL_STREAM *info, int op,...) +{ + char *myname = "mail_stream_ctl"; + va_list ap; + char *new_queue = 0; + char *string_value; + + /* + * Sanity check. None of the attributes below are applicable unless the + * target is a file-based stream. + */ + if (info->finish != mail_stream_finish_file) + msg_panic("%s: attempt to update non-file stream %s", + myname, info->id); + + for (va_start(ap, op); op != MAIL_STREAM_CTL_END; op = va_arg(ap, int)) { + + switch (op) { + + /* + * Change the queue directory. We do this at the end of this + * call. + */ + case MAIL_STREAM_CTL_QUEUE: + if ((new_queue = va_arg(ap, char *)) == 0) + msg_panic("%s: NULL queue", + myname); + break; + + /* + * Change the service that needs to be notified. + */ + case MAIL_STREAM_CTL_CLASS: + FREE_AND_WIPE(myfree, info->class); + if ((string_value = va_arg(ap, char *)) != 0) + info->class = mystrdup(string_value); + break; + + case MAIL_STREAM_CTL_SERVICE: + FREE_AND_WIPE(myfree, info->service); + if ((string_value = va_arg(ap, char *)) != 0) + info->service = mystrdup(string_value); + break; + + /* + * Change the (finished) file access mode. + */ + case MAIL_STREAM_CTL_MODE: + info->mode = va_arg(ap, int); + break; + + default: + msg_panic("%s: bad op code %d", myname, op); + } + } + + /* + * Rename the queue file after allocating memory for new information, so + * that the caller can still remove an embryonic file when memory + * allocation fails (there is no risk of deleting the wrong file). + * + * Wietse opposed the idea to update run-time error handler information + * here, because this module wasn't designed to defend against internal + * concurrency issues with error handlers that attempt to follow dangling + * pointers. + * + * This code duplicates mail_queue_rename(), except that we need the new + * path to update the stream pathname. + */ + if (new_queue != 0 && strcmp(info->queue, new_queue) != 0) { + char *saved_queue = info->queue; + char *saved_path = mystrdup(VSTREAM_PATH(info->stream)); + VSTRING *new_path = vstring_alloc(100); + + (void) mail_queue_path(new_path, new_queue, info->id); + info->queue = mystrdup(new_queue); + vstream_control(info->stream, VSTREAM_CTL_PATH, STR(new_path), + VSTREAM_CTL_END); + + if (sane_rename(saved_path, STR(new_path)) == 0 + || (mail_queue_mkdirs(STR(new_path)) == 0 + && sane_rename(saved_path, STR(new_path)) == 0)) { + if (msg_verbose) + msg_info("%s: placed in %s queue", info->id, info->queue); + } else { + msg_fatal("%s: move to %s queue failed: %m", info->id, + info->queue); + } + + myfree(saved_path); + myfree(saved_queue); + vstring_free(new_path); + } +} diff --git a/postfix/src/global/mail_stream.h b/postfix/src/global/mail_stream.h index a1e64f13e..455b65011 100644 --- a/postfix/src/global/mail_stream.h +++ b/postfix/src/global/mail_stream.h @@ -36,11 +36,18 @@ struct MAIL_STREAM { int mode; /* additional permissions */ }; +#define MAIL_STREAM_CTL_END 0 /* Terminator */ +#define MAIL_STREAM_CTL_QUEUE 1 /* Change queue */ +#define MAIL_STREAM_CTL_CLASS 2 /* Change notification class */ +#define MAIL_STREAM_CTL_SERVICE 3 /* Change notification service */ +#define MAIL_STREAM_CTL_MODE 4 /* Change final queue file mode */ + extern MAIL_STREAM *mail_stream_file(const char *, const char *, const char *, int); extern MAIL_STREAM *mail_stream_service(const char *, const char *); extern MAIL_STREAM *mail_stream_command(const char *); extern void mail_stream_cleanup(MAIL_STREAM *); extern int mail_stream_finish(MAIL_STREAM *, VSTRING *); +extern void mail_stream_ctl(MAIL_STREAM *, int, ...); /* LICENSE diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h index f2dea7da0..847f470a3 100644 --- a/postfix/src/global/mail_version.h +++ b/postfix/src/global/mail_version.h @@ -20,7 +20,7 @@ * Patches change the patchlevel and the release date. Snapshots change the * release date only. */ -#define MAIL_RELEASE_DATE "20050404" +#define MAIL_RELEASE_DATE "20050413" #define MAIL_VERSION_NUMBER "2.3" #define VAR_MAIL_VERSION "mail_version" diff --git a/postfix/src/lmtp/Makefile.in b/postfix/src/lmtp/Makefile.in index 4208feb0d..13c127dea 100644 --- a/postfix/src/lmtp/Makefile.in +++ b/postfix/src/lmtp/Makefile.in @@ -19,6 +19,8 @@ LIBS = ../../lib/libmaster.a ../../lib/libglobal.a ../../lib/libdns.a ../../lib/ $(PROG): $(OBJS) $(LIBS) $(CC) $(CFLAGS) -o $@ $(OBJS) $(LIBS) $(SYSLIBS) +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@ diff --git a/postfix/src/lmtp/lmtp_sasl_glue.c b/postfix/src/lmtp/lmtp_sasl_glue.c index d2a790f0d..ed5d8692d 100644 --- a/postfix/src/lmtp/lmtp_sasl_glue.c +++ b/postfix/src/lmtp/lmtp_sasl_glue.c @@ -292,6 +292,15 @@ int lmtp_sasl_passwd_lookup(LMTP_STATE *state) void lmtp_sasl_initialize(void) { + + /* + * Global callbacks. These have no per-session context. + */ + static sasl_callback_t callbacks[] = { + {SASL_CB_LOG, &lmtp_sasl_log, 0}, + {SASL_CB_LIST_END, 0, 0} + }; + #if SASL_VERSION_MAJOR >= 2 && (SASL_VERSION_MINOR >= 2 \ || (SASL_VERSION_MINOR == 1 && SASL_VERSION_STEP >= 19)) int sasl_major; @@ -305,23 +314,18 @@ void lmtp_sasl_initialize(void) &sasl_major, &sasl_minor, &sasl_step, (int *) 0); if (sasl_major != SASL_VERSION_MAJOR +#if 0 || sasl_minor != SASL_VERSION_MINOR - || sasl_step != SASL_VERSION_STEP) + || sasl_step != SASL_VERSION_STEP +#endif + ) msg_fatal("incorrect SASL library version. " - "Postfix was built for version %d.%d.%d, " + "Postfix was built with include files from version %d.%d.%d, " "but the run-time library version is %d.%d.%d", SASL_VERSION_MAJOR, SASL_VERSION_MINOR, SASL_VERSION_STEP, sasl_major, sasl_minor, sasl_step); #endif - /* - * Global callbacks. These have no per-session context. - */ - static sasl_callback_t callbacks[] = { - {SASL_CB_LOG, &lmtp_sasl_log, 0}, - {SASL_CB_LIST_END, 0, 0} - }; - /* * Sanity check. */ diff --git a/postfix/src/local/Makefile.in b/postfix/src/local/Makefile.in index ad00531bc..921e9ad9b 100644 --- a/postfix/src/local/Makefile.in +++ b/postfix/src/local/Makefile.in @@ -21,6 +21,8 @@ LIBS = ../../lib/libmaster.a ../../lib/libglobal.a ../../lib/libutil.a $(PROG): $(OBJS) $(LIBS) $(CC) $(CFLAGS) -o $@ $(OBJS) $(LIBS) $(SYSLIBS) +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@ diff --git a/postfix/src/master/Makefile.in b/postfix/src/master/Makefile.in index a6ae05998..36cfa45cd 100644 --- a/postfix/src/master/Makefile.in +++ b/postfix/src/master/Makefile.in @@ -24,6 +24,8 @@ BIN_DIR = ../../libexec all: $(PROG) $(LIB) +$(OBJS) $(LIB_OBJ): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@ diff --git a/postfix/src/oqmgr/Makefile.in b/postfix/src/oqmgr/Makefile.in index 26ed78b79..4016c3563 100644 --- a/postfix/src/oqmgr/Makefile.in +++ b/postfix/src/oqmgr/Makefile.in @@ -19,6 +19,8 @@ LIBS = ../../lib/libmaster.a ../../lib/libglobal.a ../../lib/libutil.a $(PROG): $(OBJS) $(LIBS) $(CC) $(CFLAGS) -o $@ $(OBJS) $(LIBS) $(SYSLIBS) +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@ diff --git a/postfix/src/pickup/Makefile.in b/postfix/src/pickup/Makefile.in index b5d53ee56..3a47b3255 100644 --- a/postfix/src/pickup/Makefile.in +++ b/postfix/src/pickup/Makefile.in @@ -15,6 +15,8 @@ LIBS = ../../lib/libmaster.a ../../lib/libglobal.a ../../lib/libutil.a $(PROG): $(OBJS) $(LIBS) $(CC) $(CFLAGS) -o $@ $(OBJS) $(LIBS) $(SYSLIBS) +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@ diff --git a/postfix/src/pipe/Makefile.in b/postfix/src/pipe/Makefile.in index a3b622ffe..0aaef70e6 100644 --- a/postfix/src/pipe/Makefile.in +++ b/postfix/src/pipe/Makefile.in @@ -15,6 +15,8 @@ LIBS = ../../lib/libmaster.a ../../lib/libglobal.a ../../lib/libutil.a $(PROG): $(OBJS) $(LIBS) $(CC) $(CFLAGS) -o $@ $(OBJS) $(LIBS) $(SYSLIBS) +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@ diff --git a/postfix/src/postalias/Makefile.in b/postfix/src/postalias/Makefile.in index 84029ab70..b898c0b40 100644 --- a/postfix/src/postalias/Makefile.in +++ b/postfix/src/postalias/Makefile.in @@ -15,6 +15,8 @@ LIBS = ../../lib/libglobal.a ../../lib/libutil.a $(PROG): $(OBJS) $(LIBS) $(CC) $(CFLAGS) -o $@ $(OBJS) $(LIBS) $(SYSLIBS) +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@ diff --git a/postfix/src/postcat/Makefile.in b/postfix/src/postcat/Makefile.in index 39821d87c..7ed56122c 100644 --- a/postfix/src/postcat/Makefile.in +++ b/postfix/src/postcat/Makefile.in @@ -15,6 +15,8 @@ LIBS = ../../lib/libglobal.a ../../lib/libutil.a $(PROG): $(OBJS) $(LIBS) $(CC) $(CFLAGS) -o $@ $(OBJS) $(LIBS) $(SYSLIBS) +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@ diff --git a/postfix/src/postconf/Makefile.in b/postfix/src/postconf/Makefile.in index ede96260c..caf534f28 100644 --- a/postfix/src/postconf/Makefile.in +++ b/postfix/src/postconf/Makefile.in @@ -25,6 +25,8 @@ $(PROG): $(OBJS) $(LIBS) echo "#"; \ ./$(PROG) -d) |egrep -v '^(myhostname|mydomain|mynetworks) ' >$@ +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@ diff --git a/postfix/src/postdrop/Makefile.in b/postfix/src/postdrop/Makefile.in index 3b0b2e83a..777b421d0 100644 --- a/postfix/src/postdrop/Makefile.in +++ b/postfix/src/postdrop/Makefile.in @@ -15,6 +15,8 @@ LIBS = ../../lib/libglobal.a ../../lib/libutil.a $(PROG): $(OBJS) $(LIBS) $(CC) $(CFLAGS) -o $@ $(OBJS) $(LIBS) $(SYSLIBS) +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@ diff --git a/postfix/src/postdrop/postdrop.c b/postfix/src/postdrop/postdrop.c index d5cf5fa0a..ba12f7187 100644 --- a/postfix/src/postdrop/postdrop.c +++ b/postfix/src/postdrop/postdrop.c @@ -175,13 +175,25 @@ static void postdrop_cleanup(void) * * msg_xxx() does not allocate memory, so it is safe as long as the signal * handler can't be invoked recursively. + * + * Assume atomic signal() updates, even when emulated with sigaction(). We + * use the in-kernel SIGINT handler address as an atomic variable to + * prevent nested postdrop_sig() calls. For this reason, main() must + * configure postdrop_sig() as SIGINT handler before other signal + * handlers are allowed to invoke postdrop_sig(). */ - if (postdrop_path) { - if (remove(postdrop_path)) - msg_warn("uid=%ld: remove %s: %m", (long) getuid(), postdrop_path); - else if (msg_verbose) - msg_info("remove %s", postdrop_path); - postdrop_path = 0; + if (signal(SIGINT, SIG_IGN) != SIG_IGN) { + (void) signal(SIGQUIT, SIG_IGN); + (void) signal(SIGTERM, SIG_IGN); + (void) signal(SIGHUP, SIG_IGN); + if (postdrop_path) { + if (remove(postdrop_path)) + msg_warn("uid=%ld: remove %s: %m", + (long) getuid(), postdrop_path); + else if (msg_verbose) + msg_info("remove %s", postdrop_path); + postdrop_path = 0; + } } } @@ -189,22 +201,9 @@ static void postdrop_cleanup(void) static void postdrop_sig(int sig) { - - /* - * Assume atomic signal() updates, even when emulated with sigaction(). - * We use the in-kernel SIGINT handler address as an atomic variable to - * prevent nested postdrop_sig() calls. For this reason, main() must - * configure postdrop_sig() as SIGINT handler before other signal - * handlers are allowed to invoke postdrop_sig(). - */ - if (signal(SIGINT, SIG_IGN) != SIG_IGN) { - (void)signal(SIGQUIT, SIG_IGN); - (void)signal(SIGTERM, SIG_IGN); - (void)signal(SIGHUP, SIG_IGN); - postdrop_cleanup(); - /* Future proofing. If you need exit() here then you broke Postfix. */ - _exit(sig); - } + postdrop_cleanup(); + /* Future proofing. If you need exit() here then you broke Postfix. */ + _exit(sig); } /* main - the main program */ @@ -228,6 +227,7 @@ int main(int argc, char **argv) char *attr_name; char *attr_value; const char *errstr; + char *junk; /* * Be consistent with file permissions. @@ -428,8 +428,9 @@ int main(int argc, char **argv) * will not be deleted after we have taken responsibility for delivery. */ if (postdrop_path) { - myfree(postdrop_path); + junk = postdrop_path; postdrop_path = 0; + myfree(junk); } /* diff --git a/postfix/src/postfix/Makefile.in b/postfix/src/postfix/Makefile.in index 50415d18b..41bfe840e 100644 --- a/postfix/src/postfix/Makefile.in +++ b/postfix/src/postfix/Makefile.in @@ -16,6 +16,8 @@ LIBS = ../../lib/libglobal.a ../../lib/libutil.a $(PROG): $(OBJS) $(LIBS) $(CC) $(CFLAGS) -o $@ $(OBJS) $(LIBS) $(SYSLIBS) +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@ diff --git a/postfix/src/postkick/Makefile.in b/postfix/src/postkick/Makefile.in index afe3d565f..e4401db49 100644 --- a/postfix/src/postkick/Makefile.in +++ b/postfix/src/postkick/Makefile.in @@ -15,6 +15,8 @@ LIBS = ../../lib/libglobal.a ../../lib/libutil.a $(PROG): $(OBJS) $(LIBS) $(CC) $(CFLAGS) -o $@ $(OBJS) $(LIBS) $(SYSLIBS) +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@ diff --git a/postfix/src/postlock/Makefile.in b/postfix/src/postlock/Makefile.in index c40f41da9..872b6f295 100644 --- a/postfix/src/postlock/Makefile.in +++ b/postfix/src/postlock/Makefile.in @@ -15,6 +15,8 @@ LIBS = ../../lib/libglobal.a ../../lib/libutil.a $(PROG): $(OBJS) $(LIBS) $(CC) $(CFLAGS) -o $@ $(OBJS) $(LIBS) $(SYSLIBS) +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@ diff --git a/postfix/src/postlog/Makefile.in b/postfix/src/postlog/Makefile.in index d8f03eec0..3457c758a 100644 --- a/postfix/src/postlog/Makefile.in +++ b/postfix/src/postlog/Makefile.in @@ -16,6 +16,8 @@ LIBS = ../../lib/libglobal.a ../../lib/libutil.a $(PROG): $(OBJS) $(LIBS) $(CC) $(CFLAGS) -o $@ $(OBJS) $(LIBS) $(SYSLIBS) +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@ diff --git a/postfix/src/postmap/Makefile.in b/postfix/src/postmap/Makefile.in index 13b7cf7f3..5fa2bec2f 100644 --- a/postfix/src/postmap/Makefile.in +++ b/postfix/src/postmap/Makefile.in @@ -15,6 +15,8 @@ LIBS = ../../lib/libglobal.a ../../lib/libutil.a $(PROG): $(OBJS) $(LIBS) $(CC) $(CFLAGS) -o $@ $(OBJS) $(LIBS) $(SYSLIBS) +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@ diff --git a/postfix/src/postqueue/Makefile.in b/postfix/src/postqueue/Makefile.in index b4b9f6a4d..be70e25f7 100644 --- a/postfix/src/postqueue/Makefile.in +++ b/postfix/src/postqueue/Makefile.in @@ -15,6 +15,8 @@ LIBS = ../../lib/libglobal.a ../../lib/libutil.a $(PROG): $(OBJS) $(LIBS) $(CC) $(CFLAGS) -o $@ $(OBJS) $(LIBS) $(SYSLIBS) +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@ diff --git a/postfix/src/postsuper/Makefile.in b/postfix/src/postsuper/Makefile.in index 62075eac6..73838ac29 100644 --- a/postfix/src/postsuper/Makefile.in +++ b/postfix/src/postsuper/Makefile.in @@ -15,6 +15,8 @@ LIBS = ../../lib/libglobal.a ../../lib/libutil.a $(PROG): $(OBJS) $(LIBS) $(CC) $(CFLAGS) -o $@ $(OBJS) $(LIBS) $(SYSLIBS) +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@ diff --git a/postfix/src/proxymap/Makefile.in b/postfix/src/proxymap/Makefile.in index bc78e18ff..2fefa3e1c 100644 --- a/postfix/src/proxymap/Makefile.in +++ b/postfix/src/proxymap/Makefile.in @@ -15,6 +15,8 @@ LIBS = ../../lib/libmaster.a ../../lib/libglobal.a ../../lib/libutil.a $(PROG): $(OBJS) $(LIBS) $(CC) $(CFLAGS) -o $@ $(OBJS) $(LIBS) $(SYSLIBS) +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@ diff --git a/postfix/src/qmgr/Makefile.in b/postfix/src/qmgr/Makefile.in index 6e7f13063..c38bd99ee 100644 --- a/postfix/src/qmgr/Makefile.in +++ b/postfix/src/qmgr/Makefile.in @@ -21,6 +21,8 @@ LIBS = ../../lib/libmaster.a ../../lib/libglobal.a ../../lib/libutil.a $(PROG): $(OBJS) $(LIBS) $(CC) $(CFLAGS) -o $@ $(OBJS) $(LIBS) $(SYSLIBS) +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@ diff --git a/postfix/src/qmqpd/Makefile.in b/postfix/src/qmqpd/Makefile.in index 4b83fa5e9..aaf91d5e3 100644 --- a/postfix/src/qmqpd/Makefile.in +++ b/postfix/src/qmqpd/Makefile.in @@ -15,6 +15,8 @@ LIBS = ../../lib/libmaster.a ../../lib/libglobal.a ../../lib/libdns.a ../../lib/ $(PROG): $(OBJS) $(LIBS) $(CC) $(CFLAGS) -o $@ $(OBJS) $(LIBS) $(SYSLIBS) +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@ @@ -27,17 +29,6 @@ update: ../../libexec/$(PROG) ../../libexec/$(PROG): $(PROG) cp $(PROG) ../../libexec -SMTPD_CHECK_OBJ = qmqpd_state.o qmqpd_peer.o - -qmqpd_token: qmqpd_token.c $(LIBS) - $(CC) $(CFLAGS) -DTEST -o $@ $@.c $(LIBS) $(SYSLIBS) - -qmqpd_check: qmqpd_check.c $(SMTPD_CHECK_OBJ) $(LIBS) - mv $@.o junk - $(CC) $(CFLAGS) -DTEST -o $@ qmqpd_check.c $(SMTPD_CHECK_OBJ) \ - $(LIBS) $(SYSLIBS) - mv junk $@.o - printfck: $(OBJS) $(PROG) rm -rf printfck mkdir printfck diff --git a/postfix/src/scache/Makefile.in b/postfix/src/scache/Makefile.in index 3274b4cbd..e9ccb35c0 100644 --- a/postfix/src/scache/Makefile.in +++ b/postfix/src/scache/Makefile.in @@ -15,6 +15,8 @@ LIBS = ../../lib/libmaster.a ../../lib/libglobal.a ../../lib/libutil.a $(PROG): $(OBJS) $(LIBS) $(CC) $(CFLAGS) -o $@ $(OBJS) $(LIBS) $(SYSLIBS) +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@ diff --git a/postfix/src/sendmail/Makefile.in b/postfix/src/sendmail/Makefile.in index b084ba65e..90dcae647 100644 --- a/postfix/src/sendmail/Makefile.in +++ b/postfix/src/sendmail/Makefile.in @@ -15,6 +15,8 @@ LIBS = ../../lib/libglobal.a ../../lib/libutil.a $(PROG): $(OBJS) $(LIBS) $(CC) $(CFLAGS) -o $@ $(OBJS) $(LIBS) $(SYSLIBS) +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@ diff --git a/postfix/src/showq/Makefile.in b/postfix/src/showq/Makefile.in index 4d7c8cd93..3f5b0821a 100644 --- a/postfix/src/showq/Makefile.in +++ b/postfix/src/showq/Makefile.in @@ -15,6 +15,8 @@ LIBS = ../../lib/libmaster.a ../../lib/libglobal.a ../../lib/libutil.a $(PROG): $(OBJS) $(LIBS) $(CC) $(CFLAGS) -o $@ $(OBJS) $(LIBS) $(SYSLIBS) +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@ diff --git a/postfix/src/smtp/Makefile.in b/postfix/src/smtp/Makefile.in index 2e464af0a..e3a0ec3b2 100644 --- a/postfix/src/smtp/Makefile.in +++ b/postfix/src/smtp/Makefile.in @@ -20,6 +20,8 @@ LIBS = ../../lib/libmaster.a ../../lib/libtls.a ../../lib/libdns.a \ $(PROG): $(OBJS) $(LIBS) $(CC) $(CFLAGS) -o $@ $(OBJS) $(LIBS) $(SYSLIBS) +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@ diff --git a/postfix/src/smtp/smtp_sasl_glue.c b/postfix/src/smtp/smtp_sasl_glue.c index e9303db82..ca9b6203b 100644 --- a/postfix/src/smtp/smtp_sasl_glue.c +++ b/postfix/src/smtp/smtp_sasl_glue.c @@ -321,6 +321,15 @@ int smtp_sasl_passwd_lookup(SMTP_SESSION *session) void smtp_sasl_initialize(void) { + + /* + * Global callbacks. These have no per-session context. + */ + static sasl_callback_t callbacks[] = { + {SASL_CB_LOG, &smtp_sasl_log, 0}, + {SASL_CB_LIST_END, 0, 0} + }; + #if SASL_VERSION_MAJOR >= 2 && (SASL_VERSION_MINOR >= 2 \ || (SASL_VERSION_MINOR == 1 && SASL_VERSION_STEP >= 19)) int sasl_major; @@ -334,23 +343,18 @@ void smtp_sasl_initialize(void) &sasl_major, &sasl_minor, &sasl_step, (int *) 0); if (sasl_major != SASL_VERSION_MAJOR +#if 0 || sasl_minor != SASL_VERSION_MINOR - || sasl_step != SASL_VERSION_STEP) + || sasl_step != SASL_VERSION_STEP +#endif + ) msg_fatal("incorrect SASL library version. " - "Postfix was built for version %d.%d.%d, " + "Postfix was built with include files from version %d.%d.%d, " "but the run-time library version is %d.%d.%d", SASL_VERSION_MAJOR, SASL_VERSION_MINOR, SASL_VERSION_STEP, sasl_major, sasl_minor, sasl_step); #endif - /* - * Global callbacks. These have no per-session context. - */ - static sasl_callback_t callbacks[] = { - {SASL_CB_LOG, &smtp_sasl_log, 0}, - {SASL_CB_LIST_END, 0, 0} - }; - /* * Sanity check. */ @@ -433,7 +437,7 @@ void smtp_sasl_start(SMTP_SESSION *session, const char *sasl_opts_name, */ memset(&sec_props, 0L, sizeof(sec_props)); sec_props.min_ssf = 0; - sec_props.max_ssf = 1; /* don't allow real SASL + sec_props.max_ssf = 0; /* don't allow real SASL * security layer */ sec_props.security_flags = name_mask(sasl_opts_name, smtp_sasl_sec_mask, sasl_opts_val); diff --git a/postfix/src/smtpd/Makefile.in b/postfix/src/smtpd/Makefile.in index b265a4474..4badd37ca 100644 --- a/postfix/src/smtpd/Makefile.in +++ b/postfix/src/smtpd/Makefile.in @@ -21,6 +21,8 @@ LIBS = ../../lib/libmaster.a ../../lib/libtls.a ../../lib/libdns.a \ $(PROG): $(OBJS) $(LIBS) $(CC) $(CFLAGS) -o $@ $(OBJS) $(LIBS) $(SYSLIBS) +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@ diff --git a/postfix/src/smtpd/smtpd.c b/postfix/src/smtpd/smtpd.c index 5c68e4b0b..610b3b4c9 100644 --- a/postfix/src/smtpd/smtpd.c +++ b/postfix/src/smtpd/smtpd.c @@ -1493,7 +1493,7 @@ static int mail_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv) if (argc < 3 || strcasecmp(argv[1].strval, "from:") != 0) { state->error_mask |= MAIL_ERROR_PROTOCOL; - smtpd_chat_reply(state, "501 5.5.4 Syntax: MAIL FROM:

"); + smtpd_chat_reply(state, "501 5.5.4 Syntax: MAIL FROM:
"); return (-1); } @@ -1703,7 +1703,7 @@ static int rcpt_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv) if (argc < 3 || strcasecmp(argv[1].strval, "to:") != 0) { state->error_mask |= MAIL_ERROR_PROTOCOL; - smtpd_chat_reply(state, "501 5.5.4 Syntax: RCPT TO:
"); + smtpd_chat_reply(state, "501 5.5.4 Syntax: RCPT TO:
"); return (-1); } diff --git a/postfix/src/smtpd/smtpd_sasl_glue.c b/postfix/src/smtpd/smtpd_sasl_glue.c index f89777d90..1869b3c72 100644 --- a/postfix/src/smtpd/smtpd_sasl_glue.c +++ b/postfix/src/smtpd/smtpd_sasl_glue.c @@ -221,10 +221,13 @@ void smtpd_sasl_initialize(void) &sasl_major, &sasl_minor, &sasl_step, (int *) 0); if (sasl_major != SASL_VERSION_MAJOR +#if 0 || sasl_minor != SASL_VERSION_MINOR - || sasl_step != SASL_VERSION_STEP) + || sasl_step != SASL_VERSION_STEP +#endif + ) msg_fatal("incorrect SASL library version. " - "Postfix was built for version %d.%d.%d, " + "Postfix was built with include files from version %d.%d.%d, " "but the run-time library version is %d.%d.%d", SASL_VERSION_MAJOR, SASL_VERSION_MINOR, SASL_VERSION_STEP, sasl_major, sasl_minor, sasl_step); @@ -310,7 +313,7 @@ void smtpd_sasl_connect(SMTPD_STATE *state, const char *sasl_opts_name, */ memset(&sec_props, 0, sizeof(sec_props)); sec_props.min_ssf = 0; - sec_props.max_ssf = 1; /* don't allow real SASL + sec_props.max_ssf = 0; /* don't allow real SASL * security layer */ sec_props.security_flags = name_mask(sasl_opts_name, smtpd_sasl_mask, sasl_opts_val); diff --git a/postfix/src/smtpstone/Makefile.in b/postfix/src/smtpstone/Makefile.in index 9f8d9683a..f6b35abf5 100644 --- a/postfix/src/smtpstone/Makefile.in +++ b/postfix/src/smtpstone/Makefile.in @@ -14,6 +14,8 @@ LIBS = ../../lib/libglobal.a ../../lib/libutil.a all: $(PROG) +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@ diff --git a/postfix/src/spawn/Makefile.in b/postfix/src/spawn/Makefile.in index e2859cde4..f79a8f265 100644 --- a/postfix/src/spawn/Makefile.in +++ b/postfix/src/spawn/Makefile.in @@ -15,6 +15,8 @@ LIBS = ../../lib/libmaster.a ../../lib/libglobal.a ../../lib/libutil.a $(PROG): $(OBJS) $(LIBS) $(CC) $(CFLAGS) -o $@ $(OBJS) $(LIBS) $(SYSLIBS) +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@ diff --git a/postfix/src/tls/Makefile.in b/postfix/src/tls/Makefile.in index 113b30504..442de65f0 100644 --- a/postfix/src/tls/Makefile.in +++ b/postfix/src/tls/Makefile.in @@ -24,6 +24,8 @@ MAKES = all: $(LIB) +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@ diff --git a/postfix/src/tlsmgr/Makefile.in b/postfix/src/tlsmgr/Makefile.in index e3333d3ee..da08f3cd6 100644 --- a/postfix/src/tlsmgr/Makefile.in +++ b/postfix/src/tlsmgr/Makefile.in @@ -16,6 +16,8 @@ LIBS = ../../lib/libmaster.a ../../lib/libtls.a ../../lib/libglobal.a \ $(PROG): $(OBJS) $(LIBS) $(CC) $(CFLAGS) -o $@ $(OBJS) $(LIBS) $(SYSLIBS) +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (set -e; echo "# DO NOT EDIT"; $(OPTS) $(SHELL) ../../makedefs && cat $?) >$@ diff --git a/postfix/src/trivial-rewrite/Makefile.in b/postfix/src/trivial-rewrite/Makefile.in index ec1c77061..4af1c5beb 100644 --- a/postfix/src/trivial-rewrite/Makefile.in +++ b/postfix/src/trivial-rewrite/Makefile.in @@ -20,6 +20,8 @@ all: $(PROG) $(LIB) $(PROG): $(OBJS) $(LIBS) $(CC) $(CFLAGS) -o $@ $(OBJS) $(LIBS) $(SYSLIBS) +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@ diff --git a/postfix/src/util/Makefile.in b/postfix/src/util/Makefile.in index 17917a2c2..1548a1ade 100644 --- a/postfix/src/util/Makefile.in +++ b/postfix/src/util/Makefile.in @@ -109,6 +109,8 @@ INC_DIR = ../../include all: $(LIB) +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@ diff --git a/postfix/src/util/dict_cdb.c b/postfix/src/util/dict_cdb.c index a66004d44..1c596ffea 100644 --- a/postfix/src/util/dict_cdb.c +++ b/postfix/src/util/dict_cdb.c @@ -189,6 +189,15 @@ static DICT *dict_cdbq_open(const char *path, int dict_flags) dict_cdbq->dict.mtime = st.st_mtime; close_on_exec(fd, CLOSE_ON_EXEC); + /* + * Warn if the source file is newer than the indexed file, except when + * the source file changed only seconds ago. + */ + if (stat(path, &st) == 0 + && st.st_mtime > dict_cdbq->dict.mtime + && st.st_mtime < time((time_t *)0) - 100) + msg_warn("database %s is older than source file %s", cdb_path, path); + /* * If undecided about appending a null byte to key and value, choose to * try both in query mode. diff --git a/postfix/src/util/sys_defs.h b/postfix/src/util/sys_defs.h index 9676882ef..32c8cb778 100644 --- a/postfix/src/util/sys_defs.h +++ b/postfix/src/util/sys_defs.h @@ -1292,6 +1292,15 @@ typedef int pid_t; */ #ifndef SET_H_ERRNO #define SET_H_ERRNO(err) (h_errno = (err)) +#endif + + /* + * Don't mix socket message send/receive calls with socket stream read/write + * calls. The fact that you can get away with it only on some stacks implies + * that there is no long-term guarantee. + */ +#ifndef CAN_WRITE_BEFORE_SENDING_FD +#define CANT_WRITE_BEFORE_SENDING_FD #endif /* diff --git a/postfix/src/verify/Makefile.in b/postfix/src/verify/Makefile.in index 73ee73f4a..e4f231e1d 100644 --- a/postfix/src/verify/Makefile.in +++ b/postfix/src/verify/Makefile.in @@ -15,6 +15,8 @@ LIBS = ../../lib/libmaster.a ../../lib/libglobal.a ../../lib/libutil.a $(PROG): $(OBJS) $(LIBS) $(CC) $(CFLAGS) -o $@ $(OBJS) $(LIBS) $(SYSLIBS) +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@ diff --git a/postfix/src/virtual/Makefile.in b/postfix/src/virtual/Makefile.in index 41a6c38dc..9a4ed2edb 100644 --- a/postfix/src/virtual/Makefile.in +++ b/postfix/src/virtual/Makefile.in @@ -15,6 +15,8 @@ LIBS = ../../lib/libmaster.a ../../lib/libglobal.a ../../lib/libutil.a $(PROG): $(OBJS) $(LIBS) $(CC) $(CFLAGS) -o $@ $(OBJS) $(LIBS) $(SYSLIBS) +$(OBJS): ../../conf/makedefs.out + Makefile: Makefile.in (cat ../../conf/makedefs.out $?) >$@