From: Wietse Venema <wietse@porcupine.org>
Date: Mon, 3 Feb 2020 05:00:00 +0000 (-0500)
Subject: postfix-3.3.7
X-Git-Tag: v3.3.7^0
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ef871daf1d91ed629146a3aefec256a418e78bcf;p=thirdparty%2Fpostfix.git

postfix-3.3.7
---

diff --git a/postfix/HISTORY b/postfix/HISTORY
index c16fc3eb5..375ca695d 100644
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@@ -23521,3 +23521,31 @@ Apologies for any names omitted.
 	Bugfix (introduced: Postfix-2.9.0): null pointer read, while
 	logging a warning after a postscreen_command_filter read
 	error. File: postscreen/postscreen_smtpd.c.
+
+20191014
+
+	Bugfix (introduced: Postfix 2.8): don't gratuitously enable
+	all after-220 tests when only one such test is enabled.
+	This made selective tests impossible with 'good' clients.
+	File: postscreen/postscreen_smtpd.c.
+
+20191214
+
+	Bugfix (introduced: Postfix 3.1): support for
+	smtp_dns_resolver_options was broken while adding support
+	for negative DNS response caching in postscreen. Postfix
+	was inadvertently changed to call res_query() instead of
+	res_search(). Reported by Jaroslav Skarvada. File:
+	dns/dns_lookup.c.
+
+	Bugfix (introduced: Postfix 3.0): sanitize server responses
+	before storing them in the verify database, to avoid Postfix
+	warnings about malformed UTF8. File: verify/verify.c.
+
+20200115
+
+	Bugfix (introduced: Postfix 2.5): the Milter connect event
+	macros were evaluated before the Milter connection itself
+	had been negotiated. Problem reported by David Bürgin.
+	Files: milter/milter.h, milter/milter.c, milter/milter8.c
+
diff --git a/postfix/src/dns/dns_lookup.c b/postfix/src/dns/dns_lookup.c
index 1ea98b387..1bfeb7ee6 100644
--- a/postfix/src/dns/dns_lookup.c
+++ b/postfix/src/dns/dns_lookup.c
@@ -396,7 +396,7 @@ static int dns_res_search(const char *name, int class, int type,
     if (keep_notfound)
 	/* Prepare for returning a null-padded server reply. */
 	memset(answer, 0, anslen);
-    len = res_query(name, class, type, answer, anslen);
+    len = res_search(name, class, type, answer, anslen);
     /* Begin API creep workaround. */
     if (len < 0 && h_errno == 0) {
 	SET_H_ERRNO(TRY_AGAIN);
diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h
index b5ee8ae9f..f273d61d6 100644
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -20,8 +20,8 @@
   * Patches change both the patchlevel and the release date. Snapshots have no
   * patchlevel; they change the release date only.
   */
-#define MAIL_RELEASE_DATE	"20190921"
-#define MAIL_VERSION_NUMBER	"3.3.6"
+#define MAIL_RELEASE_DATE	"20200203"
+#define MAIL_VERSION_NUMBER	"3.3.7"
 
 #ifdef SNAPSHOT
 #define MAIL_VERSION_DATE	"-" MAIL_RELEASE_DATE
diff --git a/postfix/src/milter/milter.c b/postfix/src/milter/milter.c
index ac2baaf77..cee169cb4 100644
--- a/postfix/src/milter/milter.c
+++ b/postfix/src/milter/milter.c
@@ -417,6 +417,8 @@ const char *milter_conn_event(MILTERS *milters,
     if (msg_verbose)
 	msg_info("report connect to all milters");
     for (resp = 0, m = milters->milter_list; resp == 0 && m != 0; m = m->next) {
+	if (m->connect_on_demand != 0)
+	    m->connect_on_demand(m);
 	any_macros = MILTER_MACRO_EVAL(global_macros, m, milters, conn_macros);
 	resp = m->conn_event(m, client_name, client_addr, client_port,
 			     addr_family, any_macros);
diff --git a/postfix/src/milter/milter.h b/postfix/src/milter/milter.h
index f744910d7..951744fdb 100644
--- a/postfix/src/milter/milter.h
+++ b/postfix/src/milter/milter.h
@@ -35,6 +35,7 @@ typedef struct MILTER {
     struct MILTER *next;		/* linkage */
     struct MILTERS *parent;		/* parent information */
     struct MILTER_MACROS *macros;	/* private macros */
+    void    (*connect_on_demand) (struct MILTER *);
     const char *(*conn_event) (struct MILTER *, const char *, const char *, const char *, unsigned, ARGV *);
     const char *(*helo_event) (struct MILTER *, const char *, int, ARGV *);
     const char *(*mail_event) (struct MILTER *, const char **, ARGV *);
diff --git a/postfix/src/milter/milter8.c b/postfix/src/milter/milter8.c
index 47966da46..317e55152 100644
--- a/postfix/src/milter/milter8.c
+++ b/postfix/src/milter/milter8.c
@@ -1915,15 +1915,6 @@ static const char *milter8_conn_event(MILTER *m,
 #define STR_EQ(x,y)	(strcmp((x), (y)) == 0)
 #define STR_NE(x,y)	(strcmp((x), (y)) != 0)
 
-    /*
-     * XXX Sendmail 8 libmilter closes the MTA-to-filter socket when it finds
-     * out that the SMTP client has disconnected. Because of this, Postfix
-     * has to open a new MTA-to-filter socket for each SMTP client.
-     */
-#ifdef LIBMILTER_AUTO_DISCONNECT
-    milter8_connect(milter);
-#endif
-
     /*
      * Report the event.
      */
@@ -2833,6 +2824,10 @@ static MILTER8 *milter8_alloc(const char *name, int conn_timeout,
 
     /*
      * Fill in the structure. Note: all strings must be copied.
+     * 
+     * XXX Sendmail 8 libmilter closes the MTA-to-filter socket when it finds
+     * out that the SMTP client has disconnected. Because of this, Postfix
+     * has to open a new MTA-to-filter socket for each SMTP client.
      */
     milter = (MILTER8 *) mymalloc(sizeof(*milter));
     milter->m.name = mystrdup(name);
@@ -2840,6 +2835,11 @@ static MILTER8 *milter8_alloc(const char *name, int conn_timeout,
     milter->m.next = 0;
     milter->m.parent = parent;
     milter->m.macros = 0;
+#ifdef LIBMILTER_AUTO_DISCONNECT
+    milter->m.connect_on_demand = (void (*) (struct MILTER *)) milter8_connect;
+#else
+    milter->m.connect_on_demand = 0;
+#endif
     milter->m.conn_event = milter8_conn_event;
     milter->m.helo_event = milter8_helo_event;
     milter->m.mail_event = milter8_mail_event;
diff --git a/postfix/src/postscreen/postscreen_smtpd.c b/postfix/src/postscreen/postscreen_smtpd.c
index d043aee8a..a42e48be0 100644
--- a/postfix/src/postscreen/postscreen_smtpd.c
+++ b/postfix/src/postscreen/postscreen_smtpd.c
@@ -1133,16 +1133,18 @@ void    psc_smtpd_tests(PSC_STATE *state)
     state->read_state = PSC_SMTPD_CMD_ST_ANY;
 
     /*
-     * Opportunistically make postscreen more useful by turning on the
-     * pipelining and non-SMTP command tests when a pre-handshake test
-     * failed, or when some deep test is configured as enabled.
+     * Disable all after-220 tests when we need to hang up immediately after
+     * reading the first SMTP client command.
      * 
-     * XXX Make "opportunistically" configurable for each test.
+     * Opportunistically make postscreen more useful, by turning on all
+     * after-220 tests when a bad client failed a before-220 test.
+     * 
+     * Otherwise, only apply the explicitly-configured after-220 tests.
      */
-    if ((state->flags & PSC_STATE_FLAG_SMTPD_X21) == 0) {
-	state->flags |= PSC_STATE_MASK_SMTPD_TODO;
-    } else {
+    if (state->flags & PSC_STATE_FLAG_SMTPD_X21) {
 	state->flags &= ~PSC_STATE_MASK_SMTPD_TODO;
+    } else if (state->flags & PSC_STATE_MASK_ANY_FAIL) {
+	state->flags |= PSC_STATE_MASK_SMTPD_TODO;
     }
 
     /*
diff --git a/postfix/src/verify/verify.c b/postfix/src/verify/verify.c
index 0fecb9097..f2d2750ab 100644
--- a/postfix/src/verify/verify.c
+++ b/postfix/src/verify/verify.c
@@ -399,6 +399,7 @@ static void verify_update_service(VSTREAM *client_stream)
 		|| STATUS_FROM_RAW_ENTRY(raw_data) != DEL_RCPT_STAT_OK) {
 		probed = 0;
 		updated = (long) time((time_t *) 0);
+		printable(STR(text), '?');
 		verify_make_entry(buf, addr_status, probed, updated, STR(text));
 		if (msg_verbose)
 		    msg_info("PUT %s status=%d probed=%ld updated=%ld text=%s",