From: Wietse Venema Date: Mon, 19 Feb 2018 05:00:00 +0000 (-0500) Subject: postfix-3.3.0-RC2 X-Git-Tag: v3.3.0-RC2^0 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5b28bab85faccf1102de1fd87971bec69978a4e1;p=thirdparty%2Fpostfix.git postfix-3.3.0-RC2 --- diff --git a/postfix/HISTORY b/postfix/HISTORY index 2ef5bb07b..f73f89960 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -23324,3 +23324,13 @@ Apologies for any names omitted. to take the software under the license of their choice. Those who are more comfortable with the IPL can continue with that license. File: LICENSE. + +20180218 + + Cleanup: added 22 missing *_maps parameters to the default + proxy_read_maps setting. Files: global/mail_params.h. + + Bugfix (introduced: 20120117): postconf should scan only + built-in or service-defined parameters for ldap, *sql, etc. + database names. Problem reported by Christian Rößner. Files: + postconf/postconf_user.c. diff --git a/postfix/RELEASE_NOTES b/postfix/RELEASE_NOTES index f5b9bc22e..e3762d8d4 100644 --- a/postfix/RELEASE_NOTES +++ b/postfix/RELEASE_NOTES @@ -1,13 +1,13 @@ This is the Postfix 3.3 (stable) release. The stable Postfix release is called postfix-3.3.x where 3=major -release number, 3=minor release number, x=patchlevel. The stable +release number, 3=minor release number, x=patchlevel. The stable release never changes except for patches that address bugs or emergencies. Patches change the patchlevel and the release date. New features are developed in snapshot releases. These are called postfix-3.4-yyyymmdd where yyyymmdd is the release date (yyyy=year, -mm=month, dd=day). Patches are never issued for snapshot releases; +mm=month, dd=day). Patches are never issued for snapshot releases; instead, a new snapshot is released. The mail_release_date configuration parameter (format: yyyymmdd) @@ -33,7 +33,7 @@ now warns for mail that would be blocked by the Postfix 2.10 smtpd_relay_restrictions feature, without blocking that mail. This extends the compatibility safety net for sites that upgrade from earlier Postfix versions (questions on the postfix-users list show -there is a steady trickle). See COMPATIBILITY_README for details. +there is a steady trickle). See COMPATIBILITY_README for details. Major changes - configuration ----------------------------- @@ -44,7 +44,7 @@ parameter names, these warnings can help to find typos early. [20180113] New read-only service_name parameter that contains the master.cf service name of a Postfix daemon process (it that is empty -in a non-daemon process). This can make Postfix SMTP server logging +in a non-daemon process). This can make Postfix SMTP server logging logging distinct by setting the syslog_name in master.cf with "-o syslog_name=postfix/$service_name" for the "submission" and "smtps" services, and can make Postfix SMTP client distinct by setting "-o @@ -56,9 +56,11 @@ Major changes - container support [20171218] Preliminary support to run Postfix in the foreground, with "postfix start-fg". This requires that Postfix multi-instance support is disabled. To receive Postfix syslog information on the -container's host, mount the host's /dev/log socket into the container, -for example, "docker run -v /dev/log:/dev/log ...". Postfix does -not log systemd events. +container's host, mount the host's /dev/log socket inside the +container (example: "docker run -v /dev/log:/dev/log ..."), and +specify a distinct Postfix "syslog_name" prefix that identifies the +logging from the Postfix instance. Postfix does not log systemd +events. Major changes - database support --------------------------------- @@ -100,16 +102,17 @@ in SMFIR_CHGFROM (change envelope sender) requests. Major changes - mixed IPv6/IPv4 support --------------------------------------- -[20170505] Workaround for mail delivery problems with destinations -that announce multiple primary IPv6 MX addresses but that are -unreachable over IPv6. This can happen when the smtp_address_limit -eliminates most or all IPv4 addresses, or when Postfix IPv6 support -is turned on but the local machine has no IPv6 connectivity. +[20170505] Workaround for mail delivery problems when 1) both Postfix +IPv6 and IPv4 support are enabled, 2) some destination announces +more primary IPv6 MX addresses than primary IPv4 MX addresses, 3) +the destination is unreachable over IPv6, and 4) Postfix runs into +the smtp_mx_address_limit before it can try to deliver over IPv4. When both Postfix IPv6 and IPv4 support are enabled, the Postfix -SMTP client will now attempt to schedule similar numbers of IPv4 -and IPv6 addresses, so that an IPv6 connectivity problem will not -prevent mail from being delivered. Specify "smtp_balance_mx_inet_protocols +SMTP client will now relax MX preferences so that it can schedule +similar numbers of IPv4 and IPv6 destination addresses. This ensures +that an IPv6 connectivity problem will not prevent mail from being +delivered over IPv4 (and vice versa). Specify "smtp_balance_inet_protocols = no" to disable this workaround. Major changes - xclient diff --git a/postfix/html/postconf.5.html b/postfix/html/postconf.5.html index 05cb72d24..093a3c6b5 100644 --- a/postfix/html/postconf.5.html +++ b/postfix/html/postconf.5.html @@ -3232,8 +3232,6 @@ address verification result under the original probe destination address; instead, it can store the result only under the rewritten address).

- -

This feature is available in Postfix 2.1 and later. Postfix version 2.0 behaves as if this parameter is always set to yes. Postfix versions before 2.0 have no support for the original recipient diff --git a/postfix/html/postfix.1.html b/postfix/html/postfix.1.html index 218ffeb46..cff351cc3 100644 --- a/postfix/html/postfix.1.html +++ b/postfix/html/postfix.1.html @@ -39,7 +39,12 @@ POSTFIX(1) POSTFIX(1) start-fg Like start, but keep the master daemon running in the fore- ground. This requires that multi-instance support is disabled - (i.e. the multi_instance_directories parameter value is empty). + (i.e. the multi_instance_directories parameter value must be + empty). When running Postfix inside a container, mount the con- + tainer host's /dev/log socket inside the container (example: + "docker run -v /dev/log:/dev/log ...") and specify a distinct + Postfix "syslog_name" prefix that identifies logging from the + Postfix instance. stop Stop the Postfix mail system in an orderly fashion. If possible, running processes are allowed to terminate at their earliest diff --git a/postfix/man/man1/postfix.1 b/postfix/man/man1/postfix.1 index 4fdd71301..fa0216050 100644 --- a/postfix/man/man1/postfix.1 +++ b/postfix/man/man1/postfix.1 @@ -41,7 +41,11 @@ check described above. Like \fBstart\fR, but keep the master daemon running in the foreground. This requires that multi\-instance support is disabled (i.e. the multi_instance_directories parameter -value is empty). +value must be empty). When running Postfix inside a container, +mount the container host's /dev/log socket inside the +container (example: "docker run \-v /dev/log:/dev/log ...") +and specify a distinct Postfix "syslog_name" prefix that +identifies logging from the Postfix instance. .IP \fBstop\fR Stop the Postfix mail system in an orderly fashion. If possible, running processes are allowed to terminate at diff --git a/postfix/man/man5/postconf.5 b/postfix/man/man5/postconf.5 index 0f02f901d..b2dff862e 100644 --- a/postfix/man/man5/postconf.5 +++ b/postfix/man/man5/postconf.5 @@ -2034,7 +2034,6 @@ aliased or otherwise rewritten (Postfix is unable to store the address verification result under the original probe destination address; instead, it can store the result only under the rewritten address). -.br .PP This feature is available in Postfix 2.1 and later. Postfix version 2.0 behaves as if this parameter is always set to \fByes\fR. diff --git a/postfix/proto/postconf.proto b/postfix/proto/postconf.proto index 880283f01..23f4f63e6 100644 --- a/postfix/proto/postconf.proto +++ b/postfix/proto/postconf.proto @@ -1431,8 +1431,6 @@ address verification result under the original probe destination address; instead, it can store the result only under the rewritten address).

- -

This feature is available in Postfix 2.1 and later. Postfix version 2.0 behaves as if this parameter is always set to yes. Postfix versions before 2.0 have no support for the original recipient diff --git a/postfix/src/global/mail_params.h b/postfix/src/global/mail_params.h index 16a8e1e7f..dd2589fe0 100644 --- a/postfix/src/global/mail_params.h +++ b/postfix/src/global/mail_params.h @@ -2389,7 +2389,29 @@ extern int var_local_rcpt_code; " $" VAR_HELO_CHECKS \ " $" VAR_MAIL_CHECKS \ " $" VAR_RELAY_CHECKS \ - " $" VAR_RCPT_CHECKS + " $" VAR_RCPT_CHECKS \ + " $" VAR_VRFY_SND_DEF_XPORT_MAPS \ + " $" VAR_VRFY_RELAY_MAPS \ + " $" VAR_VRFY_XPORT_MAPS \ + " $" VAR_FBCK_TRANSP_MAPS \ + " $" VAR_LMTP_EHLO_DIS_MAPS \ + " $" VAR_LMTP_PIX_BUG_MAPS \ + " $" VAR_LMTP_SASL_PASSWD \ + " $" VAR_LMTP_TLS_POLICY \ + " $" VAR_MAILBOX_CMD_MAPS \ + " $" VAR_MBOX_TRANSP_MAPS \ + " $" VAR_PSC_EHLO_DIS_MAPS \ + " $" VAR_RBL_REPLY_MAPS \ + " $" VAR_SND_DEF_XPORT_MAPS \ + " $" VAR_SND_RELAY_MAPS \ + " $" VAR_SMTP_EHLO_DIS_MAPS \ + " $" VAR_SMTP_PIX_BUG_MAPS \ + " $" VAR_SMTP_SASL_PASSWD \ + " $" VAR_SMTP_TLS_POLICY \ + " $" VAR_SMTPD_EHLO_DIS_MAPS \ + " $" VAR_SMTPD_MILTER_MAPS \ + " $" VAR_VIRT_GID_MAPS \ + " $" VAR_VIRT_UID_MAPS extern char *var_proxy_read_maps; #define VAR_PROXY_WRITE_MAPS "proxy_write_maps" diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h index 32c99abfa..e4b67e8da 100644 --- a/postfix/src/global/mail_version.h +++ b/postfix/src/global/mail_version.h @@ -20,8 +20,8 @@ * Patches change both the patchlevel and the release date. Snapshots have no * patchlevel; they change the release date only. */ -#define MAIL_RELEASE_DATE "20180204" -#define MAIL_VERSION_NUMBER "3.3.0-RC1" +#define MAIL_RELEASE_DATE "20180219" +#define MAIL_VERSION_NUMBER "3.3.0-RC2" #ifdef SNAPSHOT #define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE diff --git a/postfix/src/postconf/Makefile.in b/postfix/src/postconf/Makefile.in index 5deed50b3..d306b1ca5 100644 --- a/postfix/src/postconf/Makefile.in +++ b/postfix/src/postconf/Makefile.in @@ -54,7 +54,7 @@ tests: test1 test2 test3 test4 test5 test6 test7 test8 test9 test10 test11 \ test31 test32 test33 test34 test35 test36 test37 test39 test40 test41 \ test42 test43 test44 test45 test46 test47 test48 test49 test50 test51 \ test52 test53 test54 test55 test56 test57 test58 test59 test60 test61 \ - test62 test63 test64 test65 test66 test67 + test62 test63 test64 test65 test66 test67 test68 test69 root_tests: @@ -436,8 +436,8 @@ test28: $(PROG) test28.ref echo 'yy = aap' >> main.cf echo 'db = memcache' >> main.cf echo whatevershebrings unix - n n - 0 other >> master.cf - echo ' -o body_checks=$$db:zz' >> master.cf - echo 'zz_domain = whatever' >> main.cf + echo ' -o body_checks=$$db:$$zz' >> master.cf + echo 'aap_domain = whatever' >> main.cf echo 'aa_domain = whatever' >> main.cf touch -t 197101010000 main.cf $(SHLIB_ENV) ./$(PROG) -nc . >test28.tmp 2>&1 @@ -920,6 +920,35 @@ test67: $(PROG) test67.ref diff test67.ref test67.tmp rm -f main.cf master.cf test67.tmp +test68: $(PROG) test68.ref + rm -f main.cf master.cf + touch master.cf + echo foo = ldap:`pwd` >> main.cf + echo 'alias_maps = $$foo/test68.cf' >> main.cf + echo " " mysql:`pwd`/test68.cf >> main.cf + echo " " pgsql:`pwd`/test68.cf >> main.cf + echo " " sqlite:`pwd`/test68.cf >> main.cf + echo " " memcache:`pwd`/test68.cf >> main.cf + echo junk = junk >> test68.cf + touch -t 197101010000 main.cf + $(SHLIB_ENV) ./$(PROG) -c. 2>test68.tmp >/dev/null + sed "s;PWD;`pwd`;" test68.ref | diff - test68.tmp + rm -f main.cf master.cf test68.tmp test68.cf + +# See also test28 for user-defined parameters defined in main.cf. + +test69: $(PROG) test69.ref + rm -f main.cf master.cf + touch main.cf master.cf + echo whatevershebrings unix - n n - 0 other >> master.cf + echo " -o ldap=ldap:`pwd`" >> master.cf + echo ' -o body_checks=$$ldap/test69.cf' >> master.cf + echo junk = junk >> test69.cf + touch -t 197101010000 main.cf + $(SHLIB_ENV) ./$(PROG) -nc . >test69.tmp 2>&1 + diff test69.ref test69.tmp + rm -f main.cf master.cf test69.tmp test69.cf + printfck: $(OBJS) $(PROG) rm -rf printfck mkdir printfck diff --git a/postfix/src/postconf/postconf.h b/postfix/src/postconf/postconf.h index 814e597d3..0f4764875 100644 --- a/postfix/src/postconf/postconf.h +++ b/postfix/src/postconf/postconf.h @@ -75,6 +75,9 @@ typedef struct { ((node)->flags = (((node)->flags & ~PCF_PARAM_MASK_CLASS) | (class))) #define PCF_RAW_PARAMETER(node) ((node)->flags & PCF_PARAM_FLAG_RAW) +#define PCF_BUILTIN_PARAMETER(node) ((node)->flags & PCF_PARAM_FLAG_BUILTIN) +#define PCF_SERVICE_PARAMETER(node) ((node)->flags & PCF_PARAM_FLAG_SERVICE) +#define PCF_USER_PARAMETER(node) ((node)->flags & PCF_PARAM_FLAG_USER) #define PCF_LEGACY_PARAMETER(node) ((node)->flags & PCF_PARAM_FLAG_LEGACY) #define PCF_READONLY_PARAMETER(node) ((node)->flags & PCF_PARAM_FLAG_READONLY) #define PCF_DBMS_PARAMETER(node) ((node)->flags & PCF_PARAM_FLAG_DBMS) diff --git a/postfix/src/postconf/postconf_dbms.c b/postfix/src/postconf/postconf_dbms.c index e2cbe534a..707bafa54 100644 --- a/postfix/src/postconf/postconf_dbms.c +++ b/postfix/src/postconf/postconf_dbms.c @@ -53,6 +53,7 @@ /* System library. */ #include +#include #include #include @@ -163,6 +164,7 @@ static void pcf_check_dbms_client(const PCF_DBMS_INFO *dp, const char *cf_file) */ dict_spec = concatenate(dp->db_type, ":", cf_file, (char *) 0); if ((dict = dict_handle(dict_spec)) == 0) { + struct stat st; /* * Populate the dictionary with settings in this database client @@ -179,6 +181,13 @@ static void pcf_check_dbms_client(const PCF_DBMS_INFO *dp, const char *cf_file) myfree(dict_spec); return; } + if (fstat(vstream_fileno(fp), &st) == 0 && !S_ISREG(st.st_mode)) { + msg_warn("open \"%s\" configuration \"%s\": not a regular file", + dp->db_type, cf_file); + myfree(dict_spec); + (void) vstream_fclose(fp); + return; + } dict_load_fp(dict_spec, fp); if (vstream_fclose(fp)) { msg_warn("read \"%s\" configuration \"%s\": %m", diff --git a/postfix/src/postconf/postconf_user.c b/postfix/src/postconf/postconf_user.c index b638ab3b6..8d0e726d9 100644 --- a/postfix/src/postconf/postconf_user.c +++ b/postfix/src/postconf/postconf_user.c @@ -35,6 +35,11 @@ /* name spaces for user-defined parameters and flags parameters /* as "valid" in the global name space (pcf_param_table) or /* in the per-service name space (valid_params). +/* +/* This function also invokes pcf_register_dbms_parameters() to +/* to instantiate legacy per-dbms parameters, and to examine +/* per-dbms configuration files. This is limited to the content +/* of global and local, built-in and per-service, parameters. /* DIAGNOSTICS /* Problems are reported to the standard error stream. /* LICENSE @@ -46,6 +51,11 @@ /* IBM T.J. Watson Research /* P.O. Box 704 /* Yorktown Heights, NY 10598, USA +/* +/* Wietse Venema +/* Google, Inc. +/* 111 8th Avenue +/* New York, NY 10011, USA /*--*/ /* System library. */ @@ -290,8 +300,16 @@ static void pcf_scan_user_parameter_namespace(const char *dict_name, } SCAN_USER_PARAMETER_VALUE(cparam_value, PCF_PARAM_FLAG_USER, local_scope); #ifdef LEGACY_DBMS_SUPPORT - pcf_register_dbms_parameters(cparam_value, pcf_flag_user_parameter, - local_scope); + + /* + * Scan global or local parameters that are built-in or per-service + * (when node == 0, the parameter doesn't exist in the global + * namespace and therefore it can't be built-in or per-service). + */ + if (node != 0 + && (PCF_BUILTIN_PARAMETER(node) || PCF_SERVICE_PARAMETER(node))) + pcf_register_dbms_parameters(cparam_value, pcf_flag_user_parameter, + local_scope); #endif } } diff --git a/postfix/src/postconf/test28.ref b/postfix/src/postconf/test28.ref index a16ae5e02..cb117b009 100644 --- a/postfix/src/postconf/test28.ref +++ b/postfix/src/postconf/test28.ref @@ -1,10 +1,10 @@ +aap_domain = whatever config_directory = . db = memcache -foo_domain = bar header_checks = ldap:hh hh_domain = whatever yy = aap -zz_domain = whatever -./postconf: warning: ./main.cf: unused parameter: zz=$yy +zz = $yy +./postconf: warning: ./main.cf: unused parameter: foo_domain=bar ./postconf: warning: ./main.cf: unused parameter: aa_domain=whatever ./postconf: warning: ./main.cf: unused parameter: xx=proxy:ldap:foo diff --git a/postfix/src/postconf/test29.ref b/postfix/src/postconf/test29.ref index 75a2efafd..d44e38dcb 100644 --- a/postfix/src/postconf/test29.ref +++ b/postfix/src/postconf/test29.ref @@ -1,16 +1,16 @@ config_directory = . -ldapfoo_domain = bar -memcachefoo_domain = bar -mysqlfoo_domain = bar -pgsqlfoo_domain = bar -sqlitefoo_domain = bar ./postconf: warning: ./main.cf: unused parameter: sqlitexx=proxy:sqlite:sqlitefoo ./postconf: warning: ./main.cf: unused parameter: pgsqlxx=proxy:pgsql:pgsqlfoo +./postconf: warning: ./main.cf: unused parameter: ldapfoo_domain=bar ./postconf: warning: ./main.cf: unused parameter: memcachefoo_domainx=bar ./postconf: warning: ./main.cf: unused parameter: sqlitefoo_domainx=bar +./postconf: warning: ./main.cf: unused parameter: sqlitefoo_domain=bar ./postconf: warning: ./main.cf: unused parameter: memcachexx=proxy:memcache:memcachefoo ./postconf: warning: ./main.cf: unused parameter: mysqlxx=proxy:mysql:mysqlfoo ./postconf: warning: ./main.cf: unused parameter: ldapxx=proxy:ldap:ldapfoo ./postconf: warning: ./main.cf: unused parameter: ldapfoo_domainx=bar +./postconf: warning: ./main.cf: unused parameter: memcachefoo_domain=bar ./postconf: warning: ./main.cf: unused parameter: pgsqlfoo_domainx=bar ./postconf: warning: ./main.cf: unused parameter: mysqlfoo_domainx=bar +./postconf: warning: ./main.cf: unused parameter: mysqlfoo_domain=bar +./postconf: warning: ./main.cf: unused parameter: pgsqlfoo_domain=bar diff --git a/postfix/src/postconf/test68.ref b/postfix/src/postconf/test68.ref new file mode 100644 index 000000000..e2d7c7d0f --- /dev/null +++ b/postfix/src/postconf/test68.ref @@ -0,0 +1,5 @@ +./postconf: warning: ldap:PWD/test68.cf: unused parameter: junk=junk +./postconf: warning: mysql:PWD/test68.cf: unused parameter: junk=junk +./postconf: warning: pgsql:PWD/test68.cf: unused parameter: junk=junk +./postconf: warning: sqlite:PWD/test68.cf: unused parameter: junk=junk +./postconf: warning: memcache:PWD/test68.cf: unused parameter: junk=junk diff --git a/postfix/src/postconf/test69.ref b/postfix/src/postconf/test69.ref new file mode 100644 index 000000000..520ad08e5 --- /dev/null +++ b/postfix/src/postconf/test69.ref @@ -0,0 +1,2 @@ +./postconf: warning: ldap:/home/wietse/postfix-3.4-20180217/src/postconf/test69.cf: unused parameter: junk=junk +config_directory = . diff --git a/postfix/src/postfix/postfix.c b/postfix/src/postfix/postfix.c index 474201527..c9b3174e8 100644 --- a/postfix/src/postfix/postfix.c +++ b/postfix/src/postfix/postfix.c @@ -35,7 +35,11 @@ /* Like \fBstart\fR, but keep the master daemon running in the /* foreground. This requires that multi-instance support is /* disabled (i.e. the multi_instance_directories parameter -/* value is empty). +/* value must be empty). When running Postfix inside a container, +/* mount the container host's /dev/log socket inside the +/* container (example: "docker run -v /dev/log:/dev/log ...") +/* and specify a distinct Postfix "syslog_name" prefix that +/* identifies logging from the Postfix instance. /* .IP \fBstop\fR /* Stop the Postfix mail system in an orderly fashion. If /* possible, running processes are allowed to terminate at