From: Wietse Venema Date: Fri, 5 Dec 2008 05:00:00 +0000 (-0500) Subject: postfix-2.6-20081205 X-Git-Tag: v2.6.0-RC1~9 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=95433330d6fef6b57363171465000cb64836ee67;p=thirdparty%2Fpostfix.git postfix-2.6-20081205 --- diff --git a/postfix/HISTORY b/postfix/HISTORY index 859cb3b75..c0057198c 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -14782,4 +14782,19 @@ Apologies for any names omitted. Cleanup: adjust the VSTREAM buffer strategy when reusing an SMTP connection with a large TCP MSS value. File: - smtp/smtp_proto.c. + smtp/smtp_reuse.c. + +20081204 + + Cleanup: state the SMTP client PIPELINING implementation's + dependency on monotonic VSTREAM buffer size behavior, and + add some checks for boundary cases with VSTREAM buffer size + change requests. Files: util/vstream.c, smtp/smtp_proto.c. + +20081205 + + Fix 20081202 flush code. Victor Duchovni. File: smtpd/smtpd.c. + + Safety: add another check to "postfix check", in this case + for group or other writable queue_directory. File: + conf/postfix-script. diff --git a/postfix/conf/postfix-script b/postfix/conf/postfix-script index c441797c8..56c410ee5 100644 --- a/postfix/conf/postfix-script +++ b/postfix/conf/postfix-script @@ -222,6 +222,10 @@ check-warn) $WARN not owned by root: $dir) done + # Some people break Postfix's security model. + ls -lLd $queue_directory | egrep '^.....(w|...w)' >/dev/null && \ + $WARN group or other writable: $queue_directory + find $daemon_directory/* $config_directory/* ! -user root \ -exec $WARN not owned by root: {} \; diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h index f1e7ab2f9..2c795782b 100644 --- a/postfix/src/global/mail_version.h +++ b/postfix/src/global/mail_version.h @@ -20,7 +20,7 @@ * Patches change both the patchlevel and the release date. Snapshots have no * patchlevel; they change the release date only. */ -#define MAIL_RELEASE_DATE "20081203" +#define MAIL_RELEASE_DATE "20081205" #define MAIL_VERSION_NUMBER "2.6" #ifdef SNAPSHOT diff --git a/postfix/src/smtp/smtp_proto.c b/postfix/src/smtp/smtp_proto.c index d79828fd8..86a3d5a8e 100644 --- a/postfix/src/smtp/smtp_proto.c +++ b/postfix/src/smtp/smtp_proto.c @@ -558,6 +558,9 @@ int smtp_helo(SMTP_STATE *state) * * XXX No need to do this before and after STARTTLS, but it's not a big deal * if we do. + * + * XXX This critically depends on VSTREAM buffers to never be smaller than + * VSTREAM_BUFSIZE. */ if (session->features & SMTP_FEATURE_PIPELINING) { optlen = sizeof(sndbufsize); diff --git a/postfix/src/smtpd/smtpd.c b/postfix/src/smtpd/smtpd.c index 204fc838c..f200610c7 100644 --- a/postfix/src/smtpd/smtpd.c +++ b/postfix/src/smtpd/smtpd.c @@ -3272,6 +3272,7 @@ static int etrn_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv) static int quit_cmd(SMTPD_STATE *state, int unused_argc, SMTPD_TOKEN *unused_argv) { + int out_pending = vstream_bufstat(state->client, VSTREAM_BST_OUT_PEND); /* * Don't bother checking the syntax. @@ -3286,7 +3287,7 @@ static int quit_cmd(SMTPD_STATE *state, int unused_argc, SMTPD_TOKEN *unused_arg * XXX When this was added in Postfix 2.1 we used vstream_fflush(). As of * Postfix 2.3 we use smtp_flush() for better error reporting. */ - if (vstream_bufstat(state->client, VSTREAM_BST_OUT_PEND) > 0) + if (out_pending > 0) smtp_flush(state->client); return (0); } diff --git a/postfix/src/util/vstream.c b/postfix/src/util/vstream.c index 299899795..f3f333ba7 100644 --- a/postfix/src/util/vstream.c +++ b/postfix/src/util/vstream.c @@ -1304,7 +1304,10 @@ void vstream_control(VSTREAM *stream, int name,...) if (req_bufsize < 0) msg_panic("VSTREAM_CTL_BUFSIZE with negative size: %ld", (long) req_bufsize); - if (req_bufsize > stream->req_bufsize) + if (stream->req_bufsize == 0) + stream->req_bufsize = VSTREAM_BUFSIZE; /* 2.4 binary compat. */ + if (stream != VSTREAM_ERR + && req_bufsize > stream->req_bufsize) stream->req_bufsize = req_bufsize; break; default: