From: Wietse Venema Date: Thu, 6 Oct 2022 05:00:00 +0000 (-0500) Subject: postfix-3.8-20221006 X-Git-Tag: v3.8.0-RC1~18 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b65530350fa4a7eee40946160fd80c3e1e0b63e5;p=thirdparty%2Fpostfix.git postfix-3.8-20221006 --- diff --git a/postfix/HISTORY b/postfix/HISTORY index a650537fd..d9724778e 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -26592,3 +26592,35 @@ Apologies for any names omitted. Updated the postscreen_dnsbl_sites documentation, based on questions on the postfix-users mailing list. File: proto/postconf.proto. + +20220905 + + Cleanup: uninitialized verify_append() request status in case + of a null original recipient address. File: global/verify.c. + +20220907 + + Support for Linux 6.x. Eray Aslan. Files: makedefs, + util/sys_defs.h. + +20220930 + + Documented the use of the JSON LINES format in the postqueue(1) + manpage. File: postqueue/postqueue.c. + +20221006 + + Bugfix (introduced: Postfix 3.7). A message could falsely + be flagged as corrupt with "warning: Unexpected record type + 'X'. Such messages were moved to the "corrupt" queue + directory, where they may still be found. + + This could happen for messages with 500 or more recipients, + or with fewer recipients on a busy mail server. Problem + reported by Frank Brendel, reproduced by John Alex. Files: + qmgr/qmgr_message.c, oqmgr/qmgr_message.c. + + A file in the "corrupt" queue directory may be inspected + with the command "postcat /var/spool/postfix/corrupt/. + If delivery of the file is still desired, the file can be + moved back to /var/spool/postfix/incoming. diff --git a/postfix/WISHLIST b/postfix/WISHLIST index 6738649a9..6a736d434 100644 --- a/postfix/WISHLIST +++ b/postfix/WISHLIST @@ -9,11 +9,15 @@ Wish list: Scan Postfix code with github.com/googleprojectzero/weggli (depends on "rust"). - Migrate masquerade_domains from ARGV to STRING_LIST. + Migrate masquerade_domains from ARGV to STRING_LIST, or + deprecate this feature because it breaks table-driven address + validation. - Enforce var_line_limit in util/attr_scan*c. + Enforce var_line_limit in util/attr_scan*c. This is needed if + we want to expose Postfix RPC protocols externally. - Investigate clang-format compatibility compared to indent. + Investigate clang-format compatibility as a possible migration + away from indent. This requires that the output is stable. Can tests use LD_PRELOAD to inject fake modules such as fake_dns(3), fake_msg(3), fake_myaddrinfo(3) and so on? @@ -28,17 +32,25 @@ Wish list: WARN_IF_REJECT like prefix that disables the error counter increment. - postscreen_dnsbl_sites is evaluated in the reverse order, breaking - expectations when different reply patterns have different weights. - We need a compatibility_level feature to correct this. + Consider migrating Postfix server sockets from directory + $queue_directory/public to $queue_directory/protected. The + directory $queue_directory/public can then be used for + non-Postfix listeners (one subdirectory per application). FILTER_README needs some text on multi-instance implementations, and existing multi-instance references need to be updated. Fix code that still uses "long" for data_size and data_offset, - and that uses "%ld" in sscanf(). + and sscanf("%ld or strtou?l()). This seems relevant for 32-bit + systems. This would use a new REC_TYPE_OFFS with a corresponding + data type of off_t, using off_cvt() for conversion from string, + and new code to convert off_t to string. A smart query service for live Postfix tables that outputs JSON? + If the idea is to introspect on a running Postfix system, this + involves adding an RPC endpoint to specific Postfix services. + That could work for single-instance services like qmgr, verify, + postscreen. JSON logging? diff --git a/postfix/makedefs b/postfix/makedefs index 2839f3a8a..9e061b379 100644 --- a/postfix/makedefs +++ b/postfix/makedefs @@ -627,7 +627,8 @@ EOF : ${SHLIB_ENV="LD_LIBRARY_PATH=`pwd`/lib"} : ${PLUGIN_LD="${CC-gcc} -shared"} ;; - Linux.[345].*) SYSTYPE=LINUX$RELEASE_MAJOR + Linux.[3456].*) + SYSTYPE=LINUX$RELEASE_MAJOR case "$CCARGS" in *-DNO_DB*) ;; *-DHAS_DB*) ;; diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h index 820708a2d..302518aca 100644 --- a/postfix/src/global/mail_version.h +++ b/postfix/src/global/mail_version.h @@ -20,7 +20,7 @@ * Patches change both the patchlevel and the release date. Snapshots have no * patchlevel; they change the release date only. */ -#define MAIL_RELEASE_DATE "20220816" +#define MAIL_RELEASE_DATE "20221006" #define MAIL_VERSION_NUMBER "3.8" #ifdef SNAPSHOT diff --git a/postfix/src/global/verify.c b/postfix/src/global/verify.c index cfb564859..2ce091a5d 100644 --- a/postfix/src/global/verify.c +++ b/postfix/src/global/verify.c @@ -108,6 +108,8 @@ int verify_append(const char *queue_id, MSG_STATS *stats, if (recipient->orig_addr[0]) req_stat = verify_clnt_update(recipient->orig_addr, vrfy_stat, my_dsn.reason); + else + req_stat = VRFY_STAT_OK; /* Two verify updates for one verify request! */ if (req_stat == VRFY_STAT_OK && strcmp(recipient->address, recipient->orig_addr) != 0) diff --git a/postfix/src/oqmgr/qmgr_message.c b/postfix/src/oqmgr/qmgr_message.c index 96409ceb7..b885264a2 100644 --- a/postfix/src/oqmgr/qmgr_message.c +++ b/postfix/src/oqmgr/qmgr_message.c @@ -465,9 +465,15 @@ static int qmgr_message_read(QMGR_MESSAGE *message) message->rflags |= QMGR_READ_FLAG_SEEN_ALL_NON_RCPT; break; } - /* Examine non-recipient records in extracted segment. */ - if (vstream_fseek(message->fp, message->data_offset - + message->data_size, SEEK_SET) < 0) + + /* + * Examine non-recipient records in the extracted + * segment. Note that this skips to the message start + * record, because the handler for that record changes + * the expectations for allowed record types. + */ + if (vstream_fseek(message->fp, message->data_offset, + SEEK_SET) < 0) msg_fatal("seek file %s: %m", VSTREAM_PATH(message->fp)); continue; } diff --git a/postfix/src/postqueue/postqueue.c b/postfix/src/postqueue/postqueue.c index 09e5bcaf8..ca8bcd348 100644 --- a/postfix/src/postqueue/postqueue.c +++ b/postfix/src/postqueue/postqueue.c @@ -49,11 +49,9 @@ /* /* This feature is available with Postfix version 2.4 and later. /* .IP "\fB-j\fR" -/* Produce a queue listing in JSON format, based on output -/* from the showq(8) daemon. The result is a stream of zero -/* or more JSON objects, one per queue file. Each object is -/* followed by a newline character to support simple streaming -/* parsers. See "\fBJSON OBJECT FORMAT\fR" below for details. +/* Produce a queue listing in JSON LINES format, based on +/* output from the showq(8) daemon. See "\fBJSON OBJECT +/* FORMAT\fR" below for details. /* /* This feature is available in Postfix 3.1 and later. /* .IP \fB-p\fR diff --git a/postfix/src/qmgr/qmgr_message.c b/postfix/src/qmgr/qmgr_message.c index 8b5631d41..79143f3d3 100644 --- a/postfix/src/qmgr/qmgr_message.c +++ b/postfix/src/qmgr/qmgr_message.c @@ -505,9 +505,15 @@ static int qmgr_message_read(QMGR_MESSAGE *message) message->rflags |= QMGR_READ_FLAG_SEEN_ALL_NON_RCPT; break; } - /* Examine non-recipient records in extracted segment. */ - if (vstream_fseek(message->fp, message->data_offset - + message->data_size, SEEK_SET) < 0) + + /* + * Examine non-recipient records in the extracted + * segment. Note that this skips to the message start + * record, because the handler for that record changes + * the expectations for allowed record types. + */ + if (vstream_fseek(message->fp, message->data_offset, + SEEK_SET) < 0) msg_fatal("seek file %s: %m", VSTREAM_PATH(message->fp)); continue; } diff --git a/postfix/src/util/sys_defs.h b/postfix/src/util/sys_defs.h index c9ebc3375..37e460f9c 100644 --- a/postfix/src/util/sys_defs.h +++ b/postfix/src/util/sys_defs.h @@ -751,7 +751,8 @@ extern int initgroups(const char *, int); /* * LINUX. */ -#if defined(LINUX2) || defined(LINUX3) || defined(LINUX4) || defined(LINUX5) +#if defined(LINUX2) || defined(LINUX3) || defined(LINUX4) || defined(LINUX5) \ + || defined(LINUX6) #define SUPPORTED #define UINT32_TYPE unsigned int #define UINT16_TYPE unsigned short