From: Wietse Venema Date: Wed, 18 Jun 2014 05:00:00 +0000 (-0500) Subject: postfix-2.12-20140618 X-Git-Tag: v3.0.0-RC1~53 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f69b42d56f56708a43801f1a637222c1933fccde;p=thirdparty%2Fpostfix.git postfix-2.12-20140618 --- diff --git a/postfix/.indent.pro b/postfix/.indent.pro index 901ccc0fd..c690ce828 100644 --- a/postfix/.indent.pro +++ b/postfix/.indent.pro @@ -98,7 +98,10 @@ -TDICT_PCRE_REGEXP -TDICT_PCRE_RULE -TDICT_PGSQL +-TDICT_PIPE -TDICT_PROXY +-TDICT_RAND +-TDICT_RANDOM -TDICT_REGEXP -TDICT_REGEXP_EXPAND_CONTEXT -TDICT_REGEXP_IF_RULE @@ -110,7 +113,6 @@ -TDICT_SOCKMAP -TDICT_SOCKMAP_REFC_HANDLE -TDICT_SQLITE --TDICT_STACK -TDICT_SURROGATE -TDICT_TCP -TDICT_TEXT diff --git a/postfix/HISTORY b/postfix/HISTORY index 87eaa0ec5..14f0b5aae 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -19875,3 +19875,47 @@ Apologies for any names omitted. the "ln -n" option is not universally implemented, so we remove the old symlink first. Problem reported by Viktor. File: postfix-install. + +20140603 + + Cleanup: use the OpenSSL session id accessor (available + since OpenSSL 0.9.8 or so) instead of groping a session + object directly. Viktor Dukhovni. File: tls_server.c. + +20140605 + + Feature: the pipe(8) daemon logs some command output after + successful delivery as "dsn=2.0.0, status=sent (delivered + via XXX service (YYY))" where XXX is the master.cf service + name, and YYY is command output. Files: pipe/command.c, + pipe.c. + +20140613 + + Feature: the "pipeline" table implements a table pipeline. + Example "pipeline:!type_1:name_1!...!type_n:name_n". The + ASCII character after "pipeline:" will be used as the + separator between the lookup tables that follow (do not use + space, ",", ":" or non-ASCII). Each "pipeline:" query is + given to the first table. Each lookup result becomes the + query for the next table in the pipeline, and the last table + produces the final result. When any table lookup produces + no result, the pipeline produces no result. Files: + dict_pipe.[hc], dict_open.c, postlink, DATABASE_README.html, + postconf.c. + +20140617 + + Feature: the "random" table performs random selection. + Example: "random:!result_1!...!result_n". Each table query + returns a random choice from the specified results. The + ASCII character after "random:" will be used as the separator + between the results that follow (do not use space, ",", ":" + or non-ASCII). Files: dict_random.[hc], dict_open.c, + postlink, DATABASE_README.html, postconf.c. + +20140618 + + Cleanup: INFO action in access(5) tables, for consistency + with header/body_checks. Viktor Dukhovni. Files: + smtpd/smtpd_check.c, proto/access. diff --git a/postfix/README_FILES/DATABASE_README b/postfix/README_FILES/DATABASE_README index 06fe6f5be..708d845a3 100644 --- a/postfix/README_FILES/DATABASE_README +++ b/postfix/README_FILES/DATABASE_README @@ -242,12 +242,26 @@ To find out what database types your Postfix system supports, use the "ppooss A lookup table based on Perl Compatible Regular Expressions. The file format is described in pcre_table(5). The lookup table name as used in "pcre:table" is the name of the regular expression file. + ppiippeelliinnee (read-only) + A pipeline of lookup tables. Example: "ppiippeelliinnee::!type_1:name_1! ... + !type_n:name_n". Each "pipeline:" query is given to the first table. + Each lookup result becomes the query for the next table in the + pipeline, and the last table produces the final result. When any table + lookup produces no result, the pipeline produces no result. The ASCII + character after "pipeline:" will be used as the separator between the + lookup tables that follow (do not use space, ",", ":" or non-ASCII). ppggssqqll (read-only) PostgreSQL database client. Configuration details are given in pgsql_table(5). pprrooxxyy Postfix proxymap(8) client for shared access to Postfix databases. The lookup table name syntax is "proxy:type:table". + rraannddoomm (read-only) + An in-memory table that performs random selection. Example: "rraannddoomm:: + !result_1! ... !result_n". Each table query returns a random choice + from the specified results. The ASCII character after "random:" will be + used as the separator between the results that follow (do not use + space, ",", ":" or non-ASCII). rreeggeexxpp (read-only) A lookup table based on regular expressions. The file format is described in regexp_table(5). The lookup table name as used in "regexp: diff --git a/postfix/RELEASE_NOTES b/postfix/RELEASE_NOTES index 005ecab3b..7db5b309e 100644 --- a/postfix/RELEASE_NOTES +++ b/postfix/RELEASE_NOTES @@ -33,6 +33,79 @@ Maintainers may also benefit from the makedefs documentation (mantools/srctoman - makedefs | nroff -man | less) with information about build options that are not described in the INSTALL instructions. +Incompatible changes with snapshot 20140618 +=========================================== + +The pipe(8) delivery agent will now log a limited amount of command +output upon successful delivery, and will report that output in +"SUCCESS" delivery status reports. This is another good reason to +disable inbound DSN requests at the Internet perimeter. + +Major changes with snapshot 20140618 +==================================== + +This introduces several lookup tables with unusual properties. + +random table +------------ + +The "random" lookup table performs random selection. This may be +used to implement load balancing, for example: + +/etc/postfix/transport: + # Deliver my own domain as usual. + example.com : + .example.com : + +/etc/postfix/main.cf: + transport_maps = + # Deliver my own domain as usual. + hash:/etc/postfix/transport + # Deliver other domains via randomly-selected relayhosts + random:!smtp:smtp0.example.com!smtp:smtp1.example.com + +A variant of this can randomly select SMTP clients with different +smtp_bind_address settings. + +The ASCII character after "random:" will be used as the separator +between the results that follow (do not use space, ",", ":" or +non-ASCII). + +Some future version may support the form random:/path/to/file, +to load the list of random values, one per line, from a textfile. + +To implement different weights, specify lookup results multiple +times. For example, to choose smtp:smtp1.example.com twice as often +as smtp:smtp0.example.com, specify smtp:smtp1.example.com twice. + +pipeline table +-------------- + +As the name suggests, the "pipeline" table implements a pipeline +of lookup tables. The name of the table specifies the pipeline as +a sequence of tables. For example, the following prevents SMTP mail +to system accounts that have "nologin" as their login shell: + + /etc/postfix/main.cf: + local_recipient_maps = + pipeline:!unix:passwd.byname!pcre:/etc/postfix/no-nologin.pcre + alias_maps + + /etc/postfix/no-nologin.pcre: + !/nologin/ whatever + +The ASCII character after "pipeline:" will be used as the separator +between the lookup tables that follow (do not use space, ",", ":" +or non-ASCII). + +Each "pipeline:" query is given to the first table. Each table +lookup result becomes the query for the next table in the pipeline, +and the last table produces the final result. When any table lookup +produces no result, the entire pipeline produces no result. + +Some future version may support the form pipeline:/path/to/file, +to load the list of lookup tables, one per line, from a textfile. + Incompatible changes with snapshot 20140530 =========================================== diff --git a/postfix/WISHLIST b/postfix/WISHLIST index 8908a5e3e..cfa02d813 100644 --- a/postfix/WISHLIST +++ b/postfix/WISHLIST @@ -8,6 +8,15 @@ Wish list: Things to do after the stable release: + Don't accept AUTH or other features that are not announced + in the EHLO response. + + Per-Milter error action. + + Suggested at Mailserver conference: Postscreen RDNS-based + reputation (but this introduces dependency on random DNS + servers). + Discourage the use of "after 220" tests in POSTSCREEN_README and the documentation of individual parameter settings. diff --git a/postfix/conf/access b/postfix/conf/access index cadc57d65..e3a94de15 100644 --- a/postfix/conf/access +++ b/postfix/conf/access @@ -363,6 +363,15 @@ # # This feature is available in Postfix 2.1 and later. # +# INFO optional text... +# Log an informational record with the optional text, +# together with client information and if available, +# with helo, sender, recipient and protocol informa- +# tion. +# +# This feature is available in Postfix 2.12 and +# later. +# # WARN optional text... # Log a warning with the optional text, together with # client information and if available, with helo, diff --git a/postfix/conf/header_checks b/postfix/conf/header_checks index 490e214c7..b68e148f8 100644 --- a/postfix/conf/header_checks +++ b/postfix/conf/header_checks @@ -130,18 +130,18 @@ # # if /pattern/flags # -# endif Match the input string against the patterns between -# if and endif, if and only if the same input string -# also matches /pattern/. The if..endif can nest. +# endif If the input string matches /pattern/, then match +# that input string against the patterns between if +# and endif. The if..endif can nest. # # Note: do not prepend whitespace to patterns inside # if..endif. # # if !/pattern/flags # -# endif Match the input string against the patterns between -# if and endif, if and only if the same input string -# does not match /pattern/. The if..endif can nest. +# endif If the input string does not match /pattern/, then +# match that input string against the patterns +# between if and endif. The if..endif can nest. # # blank lines and comments # Empty lines and whitespace-only lines are ignored, diff --git a/postfix/html/DATABASE_README.html b/postfix/html/DATABASE_README.html index 2bc86d2aa..06e909430 100644 --- a/postfix/html/DATABASE_README.html +++ b/postfix/html/DATABASE_README.html @@ -362,6 +362,17 @@ The file format is described in pcre_table(5). T name as used in "pcre:table" is the name of the regular expression file. +
pipeline (read-only)
+ +
A pipeline of lookup tables. Example: +"pipeline:!type_1:name_1! ... !type_n:name_n". Each +"pipeline:" query is given to the first table. Each lookup result +becomes the query for the next table in the pipeline, and the last +table produces the final result. When any table lookup produces +no result, the pipeline produces no result. The ASCII character +after "pipeline:" will be used as the separator between the lookup +tables that follow (do not use space, ",", ":" or non-ASCII).
+
pgsql (read-only)
PostgreSQL database client. Configuration details are given @@ -373,6 +384,15 @@ in pgsql_table(5).
databases. The lookup table name syntax is "proxy:type:table". +
random (read-only)
+ +
An in-memory table that performs random selection. Example: +"random:!result_1! ... !result_n". Each table query +returns a random choice from the specified results. The ASCII +character after "random:" will be used as the separator between the +results that follow (do not use space, ",", ":" or non-ASCII). +
+
regexp (read-only)
A lookup table based on regular expressions. The file format diff --git a/postfix/html/access.5.html b/postfix/html/access.5.html index 29a68b96c..2b4dcd3a4 100644 --- a/postfix/html/access.5.html +++ b/postfix/html/access.5.html @@ -333,6 +333,13 @@ ACCESS(5) ACCESS(5) This feature is available in Postfix 2.1 and later. + INFO optional text... + Log an informational record with the optional text, together + with client information and if available, with helo, sender, + recipient and protocol information. + + This feature is available in Postfix 2.12 and later. + WARN optional text... Log a warning with the optional text, together with client information and if available, with helo, sender, recipient and diff --git a/postfix/html/header_checks.5.html b/postfix/html/header_checks.5.html index 6f1e86fc5..ce7272a64 100644 --- a/postfix/html/header_checks.5.html +++ b/postfix/html/header_checks.5.html @@ -124,17 +124,17 @@ HEADER_CHECKS(5) HEADER_CHECKS(5) if /pattern/flags - endif Match the input string against the patterns between if and - endif, if and only if the same input string also matches /pat- - tern/. The if..endif can nest. + endif If the input string matches /pattern/, then match that input + string against the patterns between if and endif. The if..endif + can nest. Note: do not prepend whitespace to patterns inside if..endif. if !/pattern/flags - endif Match the input string against the patterns between if and - endif, if and only if the same input string does not match /pat- - tern/. The if..endif can nest. + endif If the input string does not match /pattern/, then match that + input string against the patterns between if and endif. The + if..endif can nest. blank lines and comments Empty lines and whitespace-only lines are ignored, as are lines diff --git a/postfix/html/pcre_table.5.html b/postfix/html/pcre_table.5.html index e686a7324..3689ff2e5 100644 --- a/postfix/html/pcre_table.5.html +++ b/postfix/html/pcre_table.5.html @@ -48,9 +48,9 @@ PCRE_TABLE(5) PCRE_TABLE(5) if /pattern/flags - endif Match the input string against the patterns between if and - endif, if and only if that same input string also matches pat- - tern. The if..endif can nest. + endif If the input string matches /pattern/, then match that input + string against the patterns between if and endif. The if..endif + can nest. Note: do not prepend whitespace to patterns inside if..endif. @@ -58,9 +58,9 @@ PCRE_TABLE(5) PCRE_TABLE(5) if !/pattern/flags - endif Match the input string against the patterns between if and - endif, if and only if that same input string does not match pat- - tern. The if..endif can nest. + endif If the input string does not match /pattern/, then match that + input string against the patterns between if and endif. The + if..endif can nest. Note: do not prepend whitespace to patterns inside if..endif. diff --git a/postfix/html/pipe.8.html b/postfix/html/pipe.8.html index 8c21f4c7e..81f7d69d5 100644 --- a/postfix/html/pipe.8.html +++ b/postfix/html/pipe.8.html @@ -346,26 +346,31 @@ PIPE(8) PIPE(8) tion. In the case of a non-zero exit status, a limited amount of command out- - put is reported in an delivery status notification. When the output - begins with a 4.X.X or 5.X.X enhanced status code, the status code - takes precedence over the non-zero exit status (Postfix version 2.3 and - later). + put is logged, and reported in a delivery status notification. When + the output begins with a 4.X.X or 5.X.X enhanced status code, the sta- + tus code takes precedence over the non-zero exit status (Postfix ver- + sion 2.3 and later). - Problems and transactions are logged to syslogd(8). Corrupted message + After successful delivery (zero exit status) a limited amount of com- + mand output is logged, and reported in "success" delivery status noti- + fications (Postfix 2.12 and later). This command output is not exam- + ined for the presence of an enhanced status code. + + Problems and transactions are logged to syslogd(8). Corrupted message files are marked so that the queue manager can move them to the corrupt queue for further inspection. SECURITY - This program needs a dual personality 1) to access the private Postfix - queue and IPC mechanisms, and 2) to execute external commands as the + This program needs a dual personality 1) to access the private Postfix + queue and IPC mechanisms, and 2) to execute external commands as the specified user. It is therefore security sensitive. CONFIGURATION PARAMETERS Changes to main.cf are picked up automatically as pipe(8) processes run - for only a limited amount of time. Use the command "postfix reload" to + for only a limited amount of time. Use the command "postfix reload" to speed up a change. - The text below provides only a parameter summary. See postconf(5) for + The text below provides only a parameter summary. See postconf(5) for more details including examples. RESOURCE AND RATE CONTROLS @@ -374,51 +379,51 @@ PIPE(8) PIPE(8) transport_destination_concurrency_limit ($default_destination_concur- rency_limit) Limit the number of parallel deliveries to the same destination, - for delivery via the named transport. The limit is enforced by + for delivery via the named transport. The limit is enforced by the Postfix queue manager. transport_destination_recipient_limit ($default_destination_recipi- ent_limit) - Limit the number of recipients per message delivery, for deliv- + Limit the number of recipients per message delivery, for deliv- ery via the named transport. The limit is enforced by the Post- fix queue manager. transport_time_limit ($command_time_limit) - Limit the time for delivery to external command, for delivery - via the named transport. The limit is enforced by the pipe + Limit the time for delivery to external command, for delivery + via the named transport. The limit is enforced by the pipe delivery agent. - Postfix 2.4 and later support a suffix that specifies the time - unit: s (seconds), m (minutes), h (hours), d (days), w (weeks). + Postfix 2.4 and later support a suffix that specifies the time + unit: s (seconds), m (minutes), h (hours), d (days), w (weeks). The default time unit is seconds. MISCELLANEOUS CONTROLS config_directory (see 'postconf -d' output) - The default location of the Postfix main.cf and master.cf con- + The default location of the Postfix main.cf and master.cf con- figuration files. daemon_timeout (18000s) - How much time a Postfix daemon process may take to handle a + How much time a Postfix daemon process may take to handle a request before it is terminated by a built-in watchdog timer. delay_logging_resolution_limit (2) - The maximal number of digits after the decimal point when log- + The maximal number of digits after the decimal point when log- ging sub-second delay values. export_environment (see 'postconf -d' output) - The list of environment variables that a Postfix process will + The list of environment variables that a Postfix process will export to non-Postfix processes. ipc_timeout (3600s) - The time limit for sending or receiving information over an + The time limit for sending or receiving information over an internal communication channel. mail_owner (postfix) - The UNIX system account that owns the Postfix queue and most + The UNIX system account that owns the Postfix queue and most Postfix daemon processes. max_idle (100s) - The maximum amount of time that an idle Postfix daemon process + The maximum amount of time that an idle Postfix daemon process waits for an incoming connection before terminating voluntarily. max_use (100) @@ -435,22 +440,22 @@ PIPE(8) PIPE(8) The location of the Postfix top-level queue directory. recipient_delimiter (empty) - The set of characters that can separate a user name from its - extension (example: user+foo), or a .forward file name from its + The set of characters that can separate a user name from its + extension (example: user+foo), or a .forward file name from its extension (example: .forward+foo). syslog_facility (mail) The syslog facility of Postfix logging. syslog_name (see 'postconf -d' output) - The mail system name that is prepended to the process name in - syslog records, so that "smtpd" becomes, for example, "post- + The mail system name that is prepended to the process name in + syslog records, so that "smtpd" becomes, for example, "post- fix/smtpd". Available in Postfix version 2.12 and later: pipe_delivery_status_filter ($default_delivery_status_filter) - Optional filter for the pipe(8) delivery agent to change the + Optional filter for the pipe(8) delivery agent to change the delivery status code or explanatory text of successful or unsuc- cessful deliveries. diff --git a/postfix/html/postconf.1.html b/postfix/html/postconf.1.html index aa16a13a4..f5969b753 100644 --- a/postfix/html/postconf.1.html +++ b/postfix/html/postconf.1.html @@ -253,27 +253,46 @@ POSTCONF(1) POSTCONF(1) PostgreSQL database client. This is described in pgsql_table(5). + pipeline (read-only) + A pipeline of lookup tables. Example: "pipe- + line:!type_1:name_1! ... !type_n:name_n". Each "pipe- + line:" query is given to the first table. Each lookup + result becomes the query for the next table in the pipe- + line, and the last table produces the final result. When + any table lookup produces no result, the pipeline pro- + duces no result. The ASCII character after "pipeline:" + will be used as the separator between the lookup tables + that follow (do not use space, ",", ":" or non-ASCII). + proxy Postfix proxymap(8) client for shared access to Postfix databases. The table name syntax is type:name. + random (read-only) + An in-memory table that performs random selection. Exam- + ple: "random:!result_1! ... !result_n". Each table query + returns a random choice from the specified results. The + ASCII character after "random:" will be used as the sepa- + rator between the results that follow (do not use space, + ",", ":" or non-ASCII). + regexp (read-only) - A lookup table based on regular expressions. The file + A lookup table based on regular expressions. The file format is described in regexp_table(5). sdbm An indexed file type based on hashing. Available on sys- tems with support for SDBM databases. socketmap (read-only) - Sendmail-style socketmap client. The table name is - inet:host:port:name for a TCP/IP server, or unix:path- - name:name for a UNIX-domain server. This is described in + Sendmail-style socketmap client. The table name is + inet:host:port:name for a TCP/IP server, or unix:path- + name:name for a UNIX-domain server. This is described in socketmap_table(5). sqlite (read-only) SQLite database. This is described in sqlite_table(5). static (read-only) - A table that always returns its name as lookup result. + A table that always returns its name as lookup result. For example, static:foobar always returns the string foo- bar as lookup result. @@ -281,48 +300,48 @@ POSTCONF(1) POSTCONF(1) TCP/IP client. The protocol is described in tcp_table(5). texthash (read-only) - Produces similar results as hash: files, except that you - don't need to run the postmap(1) command before you can - use the file, and that it does not detect changes after + Produces similar results as hash: files, except that you + don't need to run the postmap(1) command before you can + use the file, and that it does not detect changes after the file is read. unix (read-only) - A limited view of the UNIX authentication database. The + A limited view of the UNIX authentication database. The following tables are implemented: unix:passwd.byname - The table is the UNIX password database. The key - is a login name. The result is a password file + The table is the UNIX password database. The key + is a login name. The result is a password file entry in passwd(5) format. unix:group.byname The table is the UNIX group database. The key is a - group name. The result is a group file entry in + group name. The result is a group file entry in group(5) format. - Other table types may exist depending on how Postfix was built. + Other table types may exist depending on how Postfix was built. - -M Show master.cf file contents instead of main.cf file contents. + -M Show master.cf file contents instead of main.cf file contents. Specify -Mf to fold long lines for human readability. Specify zero or more arguments, each with a service-name or ser- - vice-name/service-type pair, where service-name is the first - field of a master.cf entry and service-type is one of (inet, + vice-name/service-type pair, where service-name is the first + field of a master.cf entry and service-type is one of (inet, unix, fifo, or pass). - If service-name or service-name/service-type is specified, only - the matching master.cf entries will be output. For example, - "postconf -Mf smtp" will output all services named "smtp", and - "postconf -Mf smtp/inet" will output only the smtp service that - listens on the network. Trailing service type fields that are + If service-name or service-name/service-type is specified, only + the matching master.cf entries will be output. For example, + "postconf -Mf smtp" will output all services named "smtp", and + "postconf -Mf smtp/inet" will output only the smtp service that + listens on the network. Trailing service type fields that are omitted will be handled as "*" wildcard fields. This feature is available with Postfix 2.9 and later. The syntax - was changed from "name.type" to "name/type", and "*" wildcard + was changed from "name.type" to "name/type", and "*" wildcard support was added with Postfix 2.11. -n Show only configuration parameters that have explicit name=value - settings in main.cf. Specify -nf to fold long lines for human + settings in main.cf. Specify -nf to fold long lines for human readability (Postfix 2.9 and later). -o name=value @@ -334,50 +353,50 @@ POSTCONF(1) POSTCONF(1) This feature is available with Postfix 2.11 and later. - -P Show master.cf service parameter settings (by default all ser- + -P Show master.cf service parameter settings (by default all ser- vices and all parameters). formatted as one "ser- - vice/type/parameter=value" per line. Specify -Pf to fold long + vice/type/parameter=value" per line. Specify -Pf to fold long lines. - Specify one or more "service/type/parameter" instances on the - postconf(1) command line to limit the output to parameters of - interest. Trailing parameter name or service type fields that + Specify one or more "service/type/parameter" instances on the + postconf(1) command line to limit the output to parameters of + interest. Trailing parameter name or service type fields that are omitted will be handled as "*" wildcard fields. This feature is available with Postfix 2.11 and later. -t [template_file] - Display the templates for text that appears at the beginning of - delivery status notification (DSN) messages, without expanding + Display the templates for text that appears at the beginning of + delivery status notification (DSN) messages, without expanding $name expressions. To override the built-in templates, specify a template file name - at the end of the postconf(1) command line, or specify a file + at the end of the postconf(1) command line, or specify a file name in main.cf with the bounce_template_file parameter. - To force selection of the built-in templates, specify an empty - template file name on the postconf(1) command line (in shell + To force selection of the built-in templates, specify an empty + template file name on the postconf(1) command line (in shell language: ""). This feature is available with Postfix 2.3 and later. - -v Enable verbose logging for debugging purposes. Multiple -v + -v Enable verbose logging for debugging purposes. Multiple -v options make the software increasingly verbose. - -x Expand $name in main.cf or master.cf parameter values. The + -x Expand $name in main.cf or master.cf parameter values. The expansion is recursive. This feature is available with Postfix 2.10 and later. - -X Edit the main.cf configuration file, and remove the parameters + -X Edit the main.cf configuration file, and remove the parameters named on the postconf(1) command line. Specify a list of param- eter names, not "name=value" pairs. - With -M, edit the master.cf configuration file, and remove one - or more service entries as specified with "service/type" on the + With -M, edit the master.cf configuration file, and remove one + or more service entries as specified with "service/type" on the postconf(1) command line. - With -P, edit the master.cf configuration file, and remove one + With -P, edit the master.cf configuration file, and remove one or more service parameter settings (-o parameter=value settings) as specied with "service/type/parameter" on the postconf(1) com- mand line. @@ -386,10 +405,10 @@ POSTCONF(1) POSTCONF(1) into place. Specify quotes to protect special characters on the postconf(1) command line. - There is no postconf(1) command to perform the reverse opera- + There is no postconf(1) command to perform the reverse opera- tion. - This feature is available with Postfix 2.10 and later. Support + This feature is available with Postfix 2.10 and later. Support for -M and -P was added with Postfix 2.11. -# Edit the main.cf configuration file, and comment out the parame- @@ -397,18 +416,18 @@ POSTCONF(1) POSTCONF(1) eters revert to their default values. Specify a list of parame- ter names, not "name=value" pairs. - With -M, edit the master.cf configuration file, and comment out - one or more service entries as specified with "service/type" on + With -M, edit the master.cf configuration file, and comment out + one or more service entries as specified with "service/type" on the postconf(1) command line. In all cases the file is copied to a temporary file then renamed into place. Specify quotes to protect special characters on the postconf(1) command line. - There is no postconf(1) command to perform the reverse opera- + There is no postconf(1) command to perform the reverse opera- tion. - This feature is available with Postfix 2.6 and later. Support + This feature is available with Postfix 2.6 and later. Support for -M was added with Postfix 2.11. DIAGNOSTICS @@ -419,18 +438,18 @@ POSTCONF(1) POSTCONF(1) Directory with Postfix configuration files. CONFIGURATION PARAMETERS - The following main.cf parameters are especially relevant to this pro- + The following main.cf parameters are especially relevant to this pro- gram. - The text below provides only a parameter summary. See postconf(5) for + The text below provides only a parameter summary. See postconf(5) for more details including examples. config_directory (see 'postconf -d' output) - The default location of the Postfix main.cf and master.cf con- + The default location of the Postfix main.cf and master.cf con- figuration files. bounce_template_file (empty) - Pathname of a configuration file with bounce message templates. + Pathname of a configuration file with bounce message templates. FILES /etc/postfix/main.cf, Postfix configuration parameters diff --git a/postfix/html/regexp_table.5.html b/postfix/html/regexp_table.5.html index 0b154e3c0..90a1d3af2 100644 --- a/postfix/html/regexp_table.5.html +++ b/postfix/html/regexp_table.5.html @@ -48,9 +48,9 @@ REGEXP_TABLE(5) REGEXP_TABLE(5) if /pattern/flags - endif Match the input string against the patterns between if and - endif, if and only if that same input string also matches pat- - tern. The if..endif can nest. + endif If the input string matches /pattern/, then match that input + string against the patterns between if and endif. The if..endif + can nest. Note: do not prepend whitespace to patterns inside if..endif. @@ -58,9 +58,9 @@ REGEXP_TABLE(5) REGEXP_TABLE(5) if !/pattern/flags - endif Match the input string against the patterns between if and - endif, if and only if that same input string does not match pat- - tern. The if..endif can nest. + endif If the input string does not match /pattern/, then match that + input string against the patterns between if and endif. The + if..endif can nest. Note: do not prepend whitespace to patterns inside if..endif. diff --git a/postfix/makedefs b/postfix/makedefs index c9b721945..58bb9eca9 100644 --- a/postfix/makedefs +++ b/postfix/makedefs @@ -4,17 +4,20 @@ # NAME # makedefs 1 # SUMMARY -# makefile configuration utility +# Postfix makefile configuration utility # SYNOPSIS # \fBmake makefiles \fIname=value...\fR # DESCRIPTION # The \fBmakedefs\fR command identifies the compilation -# environment, and emits macro definitions on the standard output -# stream that can be prepended to template Makefiles. +# environment, and emits macro definitions on the standard +# output stream that can be prepended to template Makefiles. +# These macros implement an internal interface and are subject +# to change without notice. # # Default settings can be overruled by specifying them as -# environment variables. Use quotes if variables contain -# whitespace or shell meta characters. +# environment variables (or as name=value pairs on the "make" +# command line). Use quotes if variables contain whitespace +# or shell meta characters. # .IP \fBAUXLIBS=\fIobject_library...\fR # Specifies one or more non-default object libraries. Postfix # 2,12 and later specify some of their database library @@ -77,12 +80,16 @@ # .IP \fBshared=no\fR # Enable (disable) Postfix builds with shared libraries # typically named $shlib_directory/libpostfix-*.so.*. +# +# This feature was introduced with Postfix 2.12. # .IP \fBdynamicmaps=yes\fR # .IP \fBdynamicmaps=no\fR # Enable (disable) Postfix builds with the configuration file -# $plugin_directory/dynamicmaps.cf for dynamically-loadable +# $plugin_directory/dynamicmaps.cf and dynamically-loadable # database plugins typically named postfix-*.so.*. The setting # "dynamicmaps=yes" implicitly enables Postfix shared libraries. +# +# This feature was introduced with Postfix 2.12. # .IP \fIinstallation_parameter\fB=\fIvalue\fR... # Override the compiled-in default value of the specified # installation parameter(s). The following parameters are @@ -95,10 +102,14 @@ # # See the postconf(5) manpage for a description of these # parameters. +# +# This feature was introduced with Postfix 2.12. # .IP \fBSHLIB_VERSION=\fIversion\fR # Specifies a non-default shared-library version for Postfix # libraries and database plugins. By default, the version # equals the default value for the $mail_version parameter. +# +# This feature was introduced with Postfix 2.12. # .IP \fBWARN=\fIwarning_flags\fR # Specifies non-default gcc compiler warning options for use when # "make" is invoked in a source subdirectory only. @@ -904,8 +915,7 @@ DEFINED_MAP_TYPES=` { for (n = 1; n <= NF; n++) if ($n ~ /^-dhas_/) if (seen[name = substr($n, 7)]++ == 0) - names = name " " names } - END { print names } + printf(" %s", name) } '` # Propagate AUXLIBS_FOO or merge them into global AUXLIBS (i.e. SYSLIBS). diff --git a/postfix/man/man1/postconf.1 b/postfix/man/man1/postconf.1 index 07784d596..ec7d2db2c 100644 --- a/postfix/man/man1/postconf.1 +++ b/postfix/man/man1/postconf.1 @@ -273,9 +273,26 @@ The file format is described in \fBpcre_table\fR(5). .IP "\fBpgsql\fR (read-only)" PostgreSQL database client. This is described in \fBpgsql_table\fR(5). +.IP "\fBpipeline\fR (read-only)" +A pipeline of lookup tables. Example: +"\fBpipeline:\fI!type_1:name_1! ... !type_n:name_n\fR". +Each "pipeline:" query is given to the first table. Each +lookup result becomes the query for the next table in the +pipeline, and the last table produces the final result. +When any table lookup produces no result, the pipeline +produces no result. The ASCII character after "pipeline:" +will be used as the separator between the lookup tables +that follow (do not use space, ",", ":" or non-ASCII). .IP "\fBproxy\fR" Postfix \fBproxymap\fR(8) client for shared access to Postfix databases. The table name syntax is \fItype\fB:\fIname\fR. +.IP "\fBrandom\fR (read-only)" +An in-memory table that performs random selection. Example: +"\fBrandom:\fI!result_1! ... !result_n\fR". Each table query +returns a random choice from the specified results. The +ASCII character after "random:" will be used as the separator +between the results that follow (do not use space, ",", ":" +or non-ASCII). .IP "\fBregexp\fR (read-only)" A lookup table based on regular expressions. The file format is described in \fBregexp_table\fR(5). diff --git a/postfix/man/man5/access.5 b/postfix/man/man5/access.5 index c1f45ae58..24eb89b6d 100644 --- a/postfix/man/man5/access.5 +++ b/postfix/man/man5/access.5 @@ -341,6 +341,12 @@ Note: this action overrides the FILTER action, and currently affects all recipients of the message. .sp This feature is available in Postfix 2.1 and later. +.IP "\fBINFO \fIoptional text...\fR +Log an informational record with the optional text, together +with client information and if available, with helo, sender, +recipient and protocol information. +.sp +This feature is available in Postfix 2.12 and later. .IP "\fBWARN \fIoptional text...\fR Log a warning with the optional text, together with client information and if available, with helo, sender, recipient and protocol information. diff --git a/postfix/man/man5/header_checks.5 b/postfix/man/man5/header_checks.5 index 6976eb915..f5419fbf0 100644 --- a/postfix/man/man5/header_checks.5 +++ b/postfix/man/man5/header_checks.5 @@ -136,18 +136,17 @@ When /\fIpattern\fR/ does \fBnot\fR match the input string, execute the corresponding \fIaction\fR. .IP "\fBif /\fIpattern\fB/\fIflags\fR" .IP "\fBendif\fR" -Match the input string against the patterns between \fBif\fR -and \fBendif\fR, if and only if the same input string also -matches /\fIpattern\fR/. The \fBif\fR..\fBendif\fR can nest. +If the input string matches /\fIpattern\fR/, then match that +input string against the patterns between \fBif\fR and +\fBendif\fR. The \fBif\fR..\fBendif\fR can nest. .sp Note: do not prepend whitespace to patterns inside \fBif\fR..\fBendif\fR. .IP "\fBif !/\fIpattern\fB/\fIflags\fR" .IP "\fBendif\fR" -Match the input string against the patterns between \fBif\fR -and \fBendif\fR, if and only if the same input string does -\fBnot\fR match /\fIpattern\fR/. The \fBif\fR..\fBendif\fR -can nest. +If the input string does not match /\fIpattern\fR/, then +match that input string against the patterns between \fBif\fR +and \fBendif\fR. The \fBif\fR..\fBendif\fR can nest. .IP "blank lines and comments" Empty lines and whitespace-only lines are ignored, as are lines whose first non-whitespace character is a `#'. diff --git a/postfix/man/man5/pcre_table.5 b/postfix/man/man5/pcre_table.5 index 2a4333059..c70cc6f53 100644 --- a/postfix/man/man5/pcre_table.5 +++ b/postfix/man/man5/pcre_table.5 @@ -50,9 +50,9 @@ When \fIpattern\fR does \fBnot\fR match the input string, use the corresponding \fIresult\fR value. .IP "\fBif /\fIpattern\fB/\fIflags\fR" .IP "\fBendif\fR" -Match the input string against the patterns between \fBif\fR -and \fBendif\fR, if and only if that same input string also matches -\fIpattern\fR. The \fBif\fR..\fBendif\fR can nest. +If the input string matches /\fIpattern\fR/, then match that +input string against the patterns between \fBif\fR and +\fBendif\fR. The \fBif\fR..\fBendif\fR can nest. .sp Note: do not prepend whitespace to patterns inside \fBif\fR..\fBendif\fR. @@ -60,9 +60,9 @@ Note: do not prepend whitespace to patterns inside This feature is available in Postfix 2.1 and later. .IP "\fBif !/\fIpattern\fB/\fIflags\fR" .IP "\fBendif\fR" -Match the input string against the patterns between \fBif\fR -and \fBendif\fR, if and only if that same input string does \fBnot\fR -match \fIpattern\fR. The \fBif\fR..\fBendif\fR can nest. +If the input string does not match /\fIpattern\fR/, then +match that input string against the patterns between \fBif\fR +and \fBendif\fR. The \fBif\fR..\fBendif\fR can nest. .sp Note: do not prepend whitespace to patterns inside \fBif\fR..\fBendif\fR. diff --git a/postfix/man/man5/regexp_table.5 b/postfix/man/man5/regexp_table.5 index ba7fe3f5e..2d3385e81 100644 --- a/postfix/man/man5/regexp_table.5 +++ b/postfix/man/man5/regexp_table.5 @@ -50,9 +50,9 @@ When \fIpattern\fR does \fBnot\fR match the input string, use the corresponding \fIresult\fR value. .IP "\fBif /\fIpattern\fB/\fIflags\fR" .IP "\fBendif\fR" -Match the input string against the patterns between \fBif\fR -and \fBendif\fR, if and only if that same input string also -matches \fIpattern\fR. The \fBif\fR..\fBendif\fR can nest. +If the input string matches /\fIpattern\fR/, then match that +input string against the patterns between \fBif\fR and +\fBendif\fR. The \fBif\fR..\fBendif\fR can nest. .sp Note: do not prepend whitespace to patterns inside \fBif\fR..\fBendif\fR. @@ -60,9 +60,9 @@ Note: do not prepend whitespace to patterns inside This feature is available in Postfix 2.1 and later. .IP "\fBif !/\fIpattern\fB/\fIflags\fR" .IP "\fBendif\fR" -Match the input string against the patterns between \fBif\fR -and \fBendif\fR, if and only if that same input string does -\fBnot\fR match \fIpattern\fR. The \fBif\fR..\fBendif\fR can nest. +If the input string does not match /\fIpattern\fR/, then +match that input string against the patterns between \fBif\fR +and \fBendif\fR. The \fBif\fR..\fBendif\fR can nest. .sp Note: do not prepend whitespace to patterns inside \fBif\fR..\fBendif\fR. diff --git a/postfix/man/man8/pipe.8 b/postfix/man/man8/pipe.8 index a3754d291..8d6eb3a2e 100644 --- a/postfix/man/man8/pipe.8 +++ b/postfix/man/man8/pipe.8 @@ -330,10 +330,16 @@ follow the conventions defined in <\fBsysexits.h\fR>. Exit status 0 means normal successful completion. In the case of a non-zero exit status, a limited amount of -command output is reported in an delivery status notification. -When the output begins with a 4.X.X or 5.X.X enhanced status -code, the status code takes precedence over the non-zero -exit status (Postfix version 2.3 and later). +command output is logged, and reported in a delivery status +notification. When the output begins with a 4.X.X or 5.X.X +enhanced status code, the status code takes precedence over +the non-zero exit status (Postfix version 2.3 and later). + +After successful delivery (zero exit status) a limited +amount of command output is logged, and reported in "success" +delivery status notifications (Postfix 2.12 and later). +This command output is not examined for the presence of an +enhanced status code. Problems and transactions are logged to \fBsyslogd\fR(8). Corrupted message files are marked so that the queue manager diff --git a/postfix/mantools/postlink b/postfix/mantools/postlink index 72181e65d..5622e5d9b 100755 --- a/postfix/mantools/postlink +++ b/postfix/mantools/postlink @@ -1114,7 +1114,9 @@ while (<>) { s/\b(nisplus):/$1<\/a>:/g; s/\b(pcre):/$1<\/a>:/g; s/\b(pgsql):/$1<\/a>:/g; + s;\b(pipe[-]*\n*[ ]*line):;$1<\/a>:;g; s/\b(proxy):/$1<\/a>:/g; + s/\b(random):/$1<\/a>:/g; s/\b(regexp):/$1<\/a>:/g; s/\b(sdbm):/$1<\/a>:/g; s/\b(socketmap):/$1<\/a>:/g; diff --git a/postfix/postfix-env.sh b/postfix/postfix-env.sh new file mode 100644 index 000000000..2d1d63d58 --- /dev/null +++ b/postfix/postfix-env.sh @@ -0,0 +1,8 @@ +#!/bin/sh + +# Run a program with the new libraries, not the installed ones. + +export LD_LIBRARY_PATH +LD_LIBRARY_PATH=`pwd`/lib + +"$@" diff --git a/postfix/proto/DATABASE_README.html b/postfix/proto/DATABASE_README.html index dcc895d6e..c21396db3 100644 --- a/postfix/proto/DATABASE_README.html +++ b/postfix/proto/DATABASE_README.html @@ -362,6 +362,17 @@ The file format is described in pcre_table(5). The lookup table name as used in "pcre:table" is the name of the regular expression file.
+
pipeline (read-only)
+ +
A pipeline of lookup tables. Example: +"pipeline:!type_1:name_1! ... !type_n:name_n". Each +"pipeline:" query is given to the first table. Each lookup result +becomes the query for the next table in the pipeline, and the last +table produces the final result. When any table lookup produces +no result, the pipeline produces no result. The ASCII character +after "pipeline:" will be used as the separator between the lookup +tables that follow (do not use space, ",", ":" or non-ASCII).
+
pgsql (read-only)
PostgreSQL database client. Configuration details are given @@ -373,6 +384,15 @@ in pgsql_table(5).
databases. The lookup table name syntax is "proxy:type:table". +
random (read-only)
+ +
An in-memory table that performs random selection. Example: +"random:!result_1! ... !result_n". Each table query +returns a random choice from the specified results. The ASCII +character after "random:" will be used as the separator between the +results that follow (do not use space, ",", ":" or non-ASCII). +
+
regexp (read-only)
A lookup table based on regular expressions. The file format diff --git a/postfix/proto/access b/postfix/proto/access index 12b56a378..7b3c2eb67 100644 --- a/postfix/proto/access +++ b/postfix/proto/access @@ -346,6 +346,12 @@ # all recipients of the message. # .sp # This feature is available in Postfix 2.1 and later. +# .IP "\fBINFO \fIoptional text...\fR +# Log an informational record with the optional text, together +# with client information and if available, with helo, sender, +# recipient and protocol information. +# .sp +# This feature is available in Postfix 2.12 and later. # .IP "\fBWARN \fIoptional text...\fR # Log a warning with the optional text, together with client information # and if available, with helo, sender, recipient and protocol information. diff --git a/postfix/proto/header_checks b/postfix/proto/header_checks index 015d3a375..c4c5b628e 100644 --- a/postfix/proto/header_checks +++ b/postfix/proto/header_checks @@ -120,18 +120,17 @@ # execute the corresponding \fIaction\fR. # .IP "\fBif /\fIpattern\fB/\fIflags\fR" # .IP "\fBendif\fR" -# Match the input string against the patterns between \fBif\fR -# and \fBendif\fR, if and only if the same input string also -# matches /\fIpattern\fR/. The \fBif\fR..\fBendif\fR can nest. +# If the input string matches /\fIpattern\fR/, then match that +# input string against the patterns between \fBif\fR and +# \fBendif\fR. The \fBif\fR..\fBendif\fR can nest. # .sp # Note: do not prepend whitespace to patterns inside # \fBif\fR..\fBendif\fR. # .IP "\fBif !/\fIpattern\fB/\fIflags\fR" # .IP "\fBendif\fR" -# Match the input string against the patterns between \fBif\fR -# and \fBendif\fR, if and only if the same input string does -# \fBnot\fR match /\fIpattern\fR/. The \fBif\fR..\fBendif\fR -# can nest. +# If the input string does not match /\fIpattern\fR/, then +# match that input string against the patterns between \fBif\fR +# and \fBendif\fR. The \fBif\fR..\fBendif\fR can nest. # .IP "blank lines and comments" # Empty lines and whitespace-only lines are ignored, as # are lines whose first non-whitespace character is a `#'. diff --git a/postfix/proto/pcre_table b/postfix/proto/pcre_table index 56ddcb94b..0afeb346e 100644 --- a/postfix/proto/pcre_table +++ b/postfix/proto/pcre_table @@ -40,9 +40,9 @@ # the corresponding \fIresult\fR value. # .IP "\fBif /\fIpattern\fB/\fIflags\fR" # .IP "\fBendif\fR" -# Match the input string against the patterns between \fBif\fR -# and \fBendif\fR, if and only if that same input string also matches -# \fIpattern\fR. The \fBif\fR..\fBendif\fR can nest. +# If the input string matches /\fIpattern\fR/, then match that +# input string against the patterns between \fBif\fR and +# \fBendif\fR. The \fBif\fR..\fBendif\fR can nest. # .sp # Note: do not prepend whitespace to patterns inside # \fBif\fR..\fBendif\fR. @@ -50,9 +50,9 @@ # This feature is available in Postfix 2.1 and later. # .IP "\fBif !/\fIpattern\fB/\fIflags\fR" # .IP "\fBendif\fR" -# Match the input string against the patterns between \fBif\fR -# and \fBendif\fR, if and only if that same input string does \fBnot\fR -# match \fIpattern\fR. The \fBif\fR..\fBendif\fR can nest. +# If the input string does not match /\fIpattern\fR/, then +# match that input string against the patterns between \fBif\fR +# and \fBendif\fR. The \fBif\fR..\fBendif\fR can nest. # .sp # Note: do not prepend whitespace to patterns inside # \fBif\fR..\fBendif\fR. diff --git a/postfix/proto/regexp_table b/postfix/proto/regexp_table index 49b3d50ec..b448ff101 100644 --- a/postfix/proto/regexp_table +++ b/postfix/proto/regexp_table @@ -40,9 +40,9 @@ # use the corresponding \fIresult\fR value. # .IP "\fBif /\fIpattern\fB/\fIflags\fR" # .IP "\fBendif\fR" -# Match the input string against the patterns between \fBif\fR -# and \fBendif\fR, if and only if that same input string also -# matches \fIpattern\fR. The \fBif\fR..\fBendif\fR can nest. +# If the input string matches /\fIpattern\fR/, then match that +# input string against the patterns between \fBif\fR and +# \fBendif\fR. The \fBif\fR..\fBendif\fR can nest. # .sp # Note: do not prepend whitespace to patterns inside # \fBif\fR..\fBendif\fR. @@ -50,9 +50,9 @@ # This feature is available in Postfix 2.1 and later. # .IP "\fBif !/\fIpattern\fB/\fIflags\fR" # .IP "\fBendif\fR" -# Match the input string against the patterns between \fBif\fR -# and \fBendif\fR, if and only if that same input string does -# \fBnot\fR match \fIpattern\fR. The \fBif\fR..\fBendif\fR can nest. +# If the input string does not match /\fIpattern\fR/, then +# match that input string against the patterns between \fBif\fR +# and \fBendif\fR. The \fBif\fR..\fBendif\fR can nest. # .sp # Note: do not prepend whitespace to patterns inside # \fBif\fR..\fBendif\fR. diff --git a/postfix/src/global/dynamicmaps.c b/postfix/src/global/dynamicmaps.c index e5bb34a52..544661620 100644 --- a/postfix/src/global/dynamicmaps.c +++ b/postfix/src/global/dynamicmaps.c @@ -240,7 +240,7 @@ static void dymap_entry_free(char *ptr) /* dymap_read_conf - read dynamicmaps.cf-like file */ -static void dymap_read_conf(const char *path, const char *base) +static void dymap_read_conf(const char *path, const char *path_base) { VSTREAM *fp; VSTRING *buf; @@ -274,7 +274,7 @@ static void dymap_read_conf(const char *path, const char *base) msg_fatal("%s, line %d: unsupported syntax \"%s\"", path, linenum, argv->argv[0]); if (argv->argv[1][0] != '/') { - cp = concatenate(base, "/", argv->argv[1], (char *) 0); + cp = concatenate(path_base, "/", argv->argv[1], (char *) 0); argv_replace_one(argv, 1, cp); myfree(cp); } diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h index ab7894a61..bd2583373 100644 --- a/postfix/src/global/mail_version.h +++ b/postfix/src/global/mail_version.h @@ -20,7 +20,7 @@ * Patches change both the patchlevel and the release date. Snapshots have no * patchlevel; they change the release date only. */ -#define MAIL_RELEASE_DATE "20140531" +#define MAIL_RELEASE_DATE "20140618" #define MAIL_VERSION_NUMBER "2.12" #ifdef SNAPSHOT diff --git a/postfix/src/global/pipe_command.c b/postfix/src/global/pipe_command.c index 9c4d8b8cf..aac532c53 100644 --- a/postfix/src/global/pipe_command.c +++ b/postfix/src/global/pipe_command.c @@ -26,7 +26,8 @@ /* An open message queue file, positioned at the start of the actual /* message content. /* .IP why -/* Delivery status information. +/* Delivery status information. The reason attribute may contain +/* a limited portion of command output, among other free text. /* .IP key /* Specifies what value will follow. pipe_command() takes a list /* of (key, value) arguments, terminated by PIPE_CMD_END. The @@ -675,6 +676,7 @@ int pipe_command(VSTREAM *src, DSN_BUF *why,...) vstring_sprintf_append(why->reason, ": \"%s\"", args.command); return (PIPE_STAT_BOUNCE); } else { + vstring_strcpy(why->reason, log_buf); return (PIPE_STAT_OK); } } diff --git a/postfix/src/pipe/pipe.c b/postfix/src/pipe/pipe.c index 954fecfaf..b255da876 100644 --- a/postfix/src/pipe/pipe.c +++ b/postfix/src/pipe/pipe.c @@ -316,10 +316,16 @@ /* Exit status 0 means normal successful completion. /* /* In the case of a non-zero exit status, a limited amount of -/* command output is reported in an delivery status notification. -/* When the output begins with a 4.X.X or 5.X.X enhanced status -/* code, the status code takes precedence over the non-zero -/* exit status (Postfix version 2.3 and later). +/* command output is logged, and reported in a delivery status +/* notification. When the output begins with a 4.X.X or 5.X.X +/* enhanced status code, the status code takes precedence over +/* the non-zero exit status (Postfix version 2.3 and later). +/* +/* After successful delivery (zero exit status) a limited +/* amount of command output is logged, and reported in "success" +/* delivery status notifications (Postfix 2.12 and later). +/* This command output is not examined for the presence of an +/* enhanced status code. /* /* Problems and transactions are logged to \fBsyslogd\fR(8). /* Corrupted message files are marked so that the queue manager @@ -1008,6 +1014,7 @@ static int eval_command_status(int command_status, char *service, int status; int result = 0; int n; + char *saved_text; /* * Depending on the result, bounce or defer the message, and mark the @@ -1015,9 +1022,21 @@ static int eval_command_status(int command_status, char *service, */ switch (command_status) { case PIPE_STAT_OK: + /* Save the command output before dsb_update() clobbers it. */ + vstring_truncate(why->reason, trimblanks(STR(why->reason), + VSTRING_LEN(why->reason)) - STR(why->reason)); + if (VSTRING_LEN(why->reason) > 0) { + VSTRING_TERMINATE(why->reason); + saved_text = + vstring_export(vstring_sprintf( + vstring_alloc(VSTRING_LEN(why->reason)), + " (%.100s)", STR(why->reason))); + } else + saved_text = mystrdup(""); /* uses shared R/O storage */ dsb_update(why, "2.0.0", (attr->flags & PIPE_OPT_FINAL_DELIVERY) ? "delivered" : "relayed", DSB_SKIP_RMTA, DSB_SKIP_REPLY, - "delivered via %s service", service); + "delivered via %s service%s", service, saved_text); + myfree(saved_text); (void) DSN_FROM_DSN_BUF(why); for (n = 0; n < request->rcpt_list.len; n++) { rcpt = request->rcpt_list.info + n; diff --git a/postfix/src/postconf/postconf.c b/postfix/src/postconf/postconf.c index 973628ee8..127de63e1 100644 --- a/postfix/src/postconf/postconf.c +++ b/postfix/src/postconf/postconf.c @@ -267,9 +267,26 @@ /* .IP "\fBpgsql\fR (read-only)" /* PostgreSQL database client. This is described in /* \fBpgsql_table\fR(5). +/* .IP "\fBpipeline\fR (read-only)" +/* A pipeline of lookup tables. Example: +/* "\fBpipeline:\fI!type_1:name_1! ... !type_n:name_n\fR". +/* Each "pipeline:" query is given to the first table. Each +/* lookup result becomes the query for the next table in the +/* pipeline, and the last table produces the final result. +/* When any table lookup produces no result, the pipeline +/* produces no result. The ASCII character after "pipeline:" +/* will be used as the separator between the lookup tables +/* that follow (do not use space, ",", ":" or non-ASCII). /* .IP "\fBproxy\fR" /* Postfix \fBproxymap\fR(8) client for shared access to Postfix /* databases. The table name syntax is \fItype\fB:\fIname\fR. +/* .IP "\fBrandom\fR (read-only)" +/* An in-memory table that performs random selection. Example: +/* "\fBrandom:\fI!result_1! ... !result_n\fR". Each table query +/* returns a random choice from the specified results. The +/* ASCII character after "random:" will be used as the separator +/* between the results that follow (do not use space, ",", ":" +/* or non-ASCII). /* .IP "\fBregexp\fR (read-only)" /* A lookup table based on regular expressions. The file format /* is described in \fBregexp_table\fR(5). diff --git a/postfix/src/smtpd/smtpd_check.c b/postfix/src/smtpd/smtpd_check.c index 715d82e33..930f47567 100644 --- a/postfix/src/smtpd/smtpd_check.c +++ b/postfix/src/smtpd/smtpd_check.c @@ -2128,6 +2128,14 @@ static int check_table_result(SMTPD_STATE *state, const char *table, vstream_longjmp(state->client, SMTP_ERR_QUIET); } + /* + * INFO. Text is optional. + */ + if (STREQUAL(value, "INFO", cmd_len)) { + log_whatsup(state, "info", cmd_text); + return (SMTPD_CHECK_DUNNO); + } + /* * WARN. Text is optional. */ diff --git a/postfix/src/tls/tls_server.c b/postfix/src/tls/tls_server.c index 3a18cdc8e..f6b283549 100644 --- a/postfix/src/tls/tls_server.c +++ b/postfix/src/tls/tls_server.c @@ -164,6 +164,15 @@ */ static const char server_session_id_context[] = "Postfix/TLS"; +#if OPENSSL_VERSION_NUMBER >= 0x1000000fL +#define GET_SID(s, v, lptr) ((v) = SSL_SESSION_get_id((s), (lptr))) + +#else /* Older OpenSSL releases */ +#define GET_SID(s, v, lptr) \ + do { (v) = (s)->session_id; *(lptr) = (s)->session_id_length; } while (0) + +#endif /* OPENSSL_VERSION_NUMBER */ + /* get_server_session_cb - callback to retrieve session from server cache */ static SSL_SESSION *get_server_session_cb(SSL *ssl, unsigned char *session_id, @@ -221,14 +230,16 @@ static void uncache_session(SSL_CTX *ctx, TLS_SESS_STATE *TLScontext) { VSTRING *cache_id; SSL_SESSION *session = SSL_get_session(TLScontext->con); + const unsigned char *sid; + unsigned int sid_length; SSL_CTX_remove_session(ctx, session); if (TLScontext->cache_type == 0) return; - GEN_CACHE_ID(cache_id, session->session_id, session->session_id_length, - TLScontext->serverid); + GET_SID(session, sid, &sid_length); + GEN_CACHE_ID(cache_id, sid, sid_length, TLScontext->serverid); if (TLScontext->log_mask & TLS_LOG_CACHE) msg_info("%s: remove session %s from %s cache", TLScontext->namaddr, @@ -246,12 +257,14 @@ static int new_server_session_cb(SSL *ssl, SSL_SESSION *session) VSTRING *cache_id; TLS_SESS_STATE *TLScontext; VSTRING *session_data; + const unsigned char *sid; + unsigned int sid_length; if ((TLScontext = SSL_get_ex_data(ssl, TLScontext_index)) == 0) msg_panic("%s: null TLScontext in new session callback", myname); - GEN_CACHE_ID(cache_id, session->session_id, session->session_id_length, - TLScontext->serverid); + GET_SID(session, sid, &sid_length); + GEN_CACHE_ID(cache_id, sid, sid_length, TLScontext->serverid); if (TLScontext->log_mask & TLS_LOG_CACHE) msg_info("%s: save session %s to %s cache", TLScontext->namaddr, diff --git a/postfix/src/util/Makefile.in b/postfix/src/util/Makefile.in index d9c332bcc..f32f8f07e 100644 --- a/postfix/src/util/Makefile.in +++ b/postfix/src/util/Makefile.in @@ -37,7 +37,7 @@ SRCS = alldig.c allprint.c argv.c argv_split.c attr_clnt.c attr_print0.c \ ip_match.c nbbio.c base32_code.c dict_test.c \ dict_fail.c msg_rate_delay.c dict_surrogate.c warn_stat.c \ dict_sockmap.c line_number.c recv_pass_attr.c pass_accept.c \ - poll_fd.c timecmp.c slmdb.c + poll_fd.c timecmp.c slmdb.c dict_pipe.c dict_random.c OBJS = alldig.o allprint.o argv.o argv_split.o attr_clnt.o attr_print0.o \ attr_print64.o attr_print_plain.o attr_scan0.o attr_scan64.o \ attr_scan_plain.o auto_clnt.o base64_code.o basename.o binhash.o \ @@ -76,7 +76,7 @@ OBJS = alldig.o allprint.o argv.o argv_split.o attr_clnt.o attr_print0.o \ ip_match.o nbbio.o base32_code.o dict_test.o \ dict_fail.o msg_rate_delay.o dict_surrogate.o warn_stat.o \ dict_sockmap.o line_number.o recv_pass_attr.o pass_accept.o \ - poll_fd.o timecmp.o $(NON_PLUGIN_MAP_OBJ) + poll_fd.o timecmp.o $(NON_PLUGIN_MAP_OBJ) dict_pipe.o dict_random.o # MAP_OBJ is for maps that may be dynamically loaded with dynamicmaps.cf. # When hard-linking these, makedefs sets NON_PLUGIN_MAP_OBJ=$(MAP_OBJ), # otherwise it sets the PLUGIN_* macros. @@ -104,7 +104,7 @@ HDRS = argv.h attr.h attr_clnt.h auto_clnt.h base64_code.h binhash.h \ vstring_vstream.h watchdog.h format_tv.h load_file.h killme_after.h \ edit_file.h dict_cache.h dict_thash.h ip_match.h nbbio.h base32_code.h \ dict_fail.h warn_stat.h dict_sockmap.h line_number.h timecmp.h \ - slmdb.h compat_va_copy.h + slmdb.h compat_va_copy.h dict_pipe.h dict_random.h TESTSRC = fifo_open.c fifo_rdwr_bug.c fifo_rdonly_bug.c select_bug.c \ stream_test.c dup2_pass_on_exec.c DEFS = -I. -D$(SYSTYPE) @@ -1093,9 +1093,11 @@ dict_open.o: dict_nis.h dict_open.o: dict_nisplus.h dict_open.o: dict_open.c dict_open.o: dict_pcre.h +dict_open.o: dict_random.h dict_open.o: dict_regexp.h dict_open.o: dict_sdbm.h dict_open.o: dict_sockmap.h +dict_open.o: dict_pipe.h dict_open.o: dict_static.h dict_open.o: dict_tcp.h dict_open.o: dict_thash.h @@ -1126,6 +1128,18 @@ dict_pcre.o: vbuf.h dict_pcre.o: vstream.h dict_pcre.o: vstring.h dict_pcre.o: warn_stat.h +dict_random.o: argv.h +dict_random.o: dict.h +dict_random.o: dict_random.c +dict_random.o: dict_random.h +dict_random.o: msg.h +dict_random.o: myflock.h +dict_random.o: mymalloc.h +dict_random.o: myrand.h +dict_random.o: sys_defs.h +dict_random.o: vbuf.h +dict_random.o: vstream.h +dict_random.o: vstring.h dict_regexp.o: argv.h dict_regexp.o: dict.h dict_regexp.o: dict_regexp.c @@ -1173,6 +1187,19 @@ dict_sockmap.o: sys_defs.h dict_sockmap.o: vbuf.h dict_sockmap.o: vstream.h dict_sockmap.o: vstring.h +dict_pipe.o: argv.h +dict_pipe.o: dict.h +dict_pipe.o: dict_pipe.c +dict_pipe.o: dict_pipe.h +dict_pipe.o: htable.h +dict_pipe.o: msg.h +dict_pipe.o: myflock.h +dict_pipe.o: mymalloc.h +dict_pipe.o: stringops.h +dict_pipe.o: sys_defs.h +dict_pipe.o: vbuf.h +dict_pipe.o: vstream.h +dict_pipe.o: vstring.h dict_static.o: argv.h dict_static.o: dict.h dict_static.o: dict_static.c @@ -1213,6 +1240,7 @@ dict_tcp.o: vstring.h dict_tcp.o: vstring_vstream.h dict_test.o: argv.h dict_test.o: dict.h +dict_test.o: dict_lmdb.h dict_test.o: dict_test.c dict_test.o: msg.h dict_test.o: msg_vstream.h @@ -1486,8 +1514,6 @@ load_file.o: vbuf.h load_file.o: vstream.h load_file.o: warn_stat.h load_lib.o: load_lib.c -load_lib.o: load_lib.h -load_lib.o: msg.h load_lib.o: sys_defs.h lowercase.o: lowercase.c lowercase.o: stringops.h diff --git a/postfix/src/util/dict.h b/postfix/src/util/dict.h index e7a1d4d19..db73624ff 100644 --- a/postfix/src/util/dict.h +++ b/postfix/src/util/dict.h @@ -43,6 +43,16 @@ typedef struct DICT_OWNER { #define DICT_OWNER_TRUSTED (!1) /* ex: root-owned config file */ #define DICT_OWNER_UNTRUSTED (!0) /* ex: non-root config file */ +#define DICT_OWNER_AGGREGATE(dst, src) do { \ + if ((src).status == DICT_OWNER_UNKNOWN) { \ + (dst).status = (src).status; \ + (dst).uid = ~0; \ + } else if ((src).status == DICT_OWNER_UNTRUSTED) { \ + (dst).status = (src).status; \ + (dst).uid = ~0; \ + } \ + } while (0) + /* * Generic dictionary interface - in reality, a dictionary extends this * structure with private members to maintain internal state. diff --git a/postfix/src/util/dict_open.c b/postfix/src/util/dict_open.c index 4408061ab..d5ed9ce2f 100644 --- a/postfix/src/util/dict_open.c +++ b/postfix/src/util/dict_open.c @@ -298,6 +298,8 @@ #include #include #include +#include +#include #include #include #include @@ -340,6 +342,8 @@ static const DICT_OPEN_INFO dict_open_info[] = { DICT_TYPE_THASH, dict_thash_open, DICT_TYPE_SOCKMAP, dict_sockmap_open, DICT_TYPE_FAIL, dict_fail_open, + DICT_TYPE_PIPE, dict_pipe_open, + DICT_TYPE_RANDOM, dict_random_open, #ifndef USE_DYNAMIC_MAPS #ifdef HAS_PCRE DICT_TYPE_PCRE, dict_pcre_open, diff --git a/postfix/src/util/dict_pipe.c b/postfix/src/util/dict_pipe.c new file mode 100644 index 000000000..de8f086d8 --- /dev/null +++ b/postfix/src/util/dict_pipe.c @@ -0,0 +1,195 @@ +/*++ +/* NAME +/* dict_pipe 3 +/* SUMMARY +/* dictionary manager interface for pipelined tables +/* SYNOPSIS +/* #include +/* +/* DICT *dict_pipe_open(name, open_flags, dict_flags) +/* const char *name; +/* int open_flags; +/* int dict_flags; +/* DESCRIPTION +/* dict_pipe_open() opens a pipeline of one or more tables. +/* Example: "\fBpipeline:\fI!type_1:name_1! ... !type_n:name_n\fR". +/* +/* Each "pipeline:" query is given to the first table. Each +/* lookup result becomes the query for the next table in the +/* pipeline, and the last table produces the final result. +/* When any table lookup produces no result, the pipeline +/* produces no result. +/* +/* The ASCII character after "pipeline:" will be used as the +/* separator between the lookup tables that follow (do not use +/* space, ",", ":" or non-ASCII). +/* +/* The open_flags and dict_flags arguments are passed on to +/* the underlying dictionaries. +/* SEE ALSO +/* dict(3) generic dictionary manager +/* LICENSE +/* .ad +/* .fi +/* The Secure Mailer license must be distributed with this software. +/* AUTHOR(S) +/* Wietse Venema +/* IBM T.J. Watson Research +/* P.O. Box 704 +/* Yorktown Heights, NY 10598, USA +/*--*/ + +/* System library. */ + +#include +#include + +/* Utility library. */ + +#include +#include "mymalloc.h" +#include "htable.h" +#include "dict.h" +#include "dict_pipe.h" +#include "stringops.h" +#include "vstring.h" + +/* Application-specific. */ + +typedef struct { + DICT dict; /* generic members */ + ARGV *map_pipe; /* pipelined tables */ + VSTRING *qr_buf; /* query/reply buffer */ +} DICT_PIPE; + +#define STR(x) vstring_str(x) + +/* dict_pipe_lookup - search pipelined tables */ + +static const char *dict_pipe_lookup(DICT *dict, const char *query) +{ + const char myname[] = "dict_pipe_lookup"; + DICT_PIPE *dict_pipe = (DICT_PIPE *) dict; + DICT *map; + char **cpp; + char *dict_type_name; + const char *result = 0; + + vstring_strcpy(dict_pipe->qr_buf, query); + for (cpp = dict_pipe->map_pipe->argv; (dict_type_name = *cpp) != 0; cpp++) { + if ((map = dict_handle(dict_type_name)) == 0) + msg_panic("%s: dictionary \"%s\" not found", myname, dict_type_name); + if ((result = dict_get(map, STR(dict_pipe->qr_buf))) == 0) + DICT_ERR_VAL_RETURN(dict, map->error, result); + vstring_strcpy(dict_pipe->qr_buf, result); + } + DICT_ERR_VAL_RETURN(dict, DICT_ERR_NONE, STR(dict_pipe->qr_buf)); +} + +/* dict_pipe_close - disassociate from pipelined tables */ + +static void dict_pipe_close(DICT *dict) +{ + DICT_PIPE *dict_pipe = (DICT_PIPE *) dict; + char **cpp; + char *dict_type_name; + + for (cpp = dict_pipe->map_pipe->argv; (dict_type_name = *cpp) != 0; cpp++) + dict_unregister(dict_type_name); + argv_free(dict_pipe->map_pipe); + vstring_free(dict_pipe->qr_buf); + dict_free(dict); +} + +/* dict_pipe_open - open pipelined tables */ + +DICT *dict_pipe_open(const char *name, int open_flags, int dict_flags) +{ + const char myname[] = "dict_pipe_open"; + DICT_PIPE *dict_pipe; + char *saved_name = 0; + char *dict_type_name; + ARGV *argv = 0; + char **cpp; + DICT *dict; + int match_flags = 0; + struct DICT_OWNER aggr_owner; + char delim[2]; + + /* + * Clarity first. Let the optimizer worry about redundant code. + */ +#define DICT_PIPE_RETURN(x) do { \ + if (saved_name != 0) \ + myfree(saved_name); \ + if (argv != 0) \ + argv_free(argv); \ + return (x); \ + } while (0) + + /* + * Sanity checks. + */ + if (open_flags != O_RDONLY) + DICT_PIPE_RETURN(dict_surrogate(DICT_TYPE_PIPE, name, + open_flags, dict_flags, + "%s:%s map requires O_RDONLY access mode", + DICT_TYPE_PIPE, name)); + if (name[0] == ':') + DICT_PIPE_RETURN(dict_surrogate(DICT_TYPE_PIPE, name, + open_flags, dict_flags, + "invalid list delimiter \"%c\" in \"%s:%s\"", + name[0], DICT_TYPE_PIPE, name)); + + /* + * Split the table name on the user-specified delimiter. + */ + delim[0] = name[0]; /* XXX ASCII delimiter */ + delim[1] = 0; + saved_name = mystrdup(name + 1); /* XXX ASCII delimiter */ + if (*saved_name == 0) + DICT_PIPE_RETURN(dict_surrogate(DICT_TYPE_PIPE, name, + open_flags, dict_flags, + "bad syntax: \"%s:%s\"; need \"%s:%stype:name%s...\"", + DICT_TYPE_PIPE, name, + DICT_TYPE_PIPE, delim, delim)); + + /* + * The least-trusted table in the pipeline determines the over-all trust + * level. The first table determines the pattern-matching flags. + */ + aggr_owner.status = DICT_OWNER_TRUSTED; + aggr_owner.uid = 0; + argv = argv_split(saved_name, delim); + for (cpp = argv->argv; (dict_type_name = *cpp) != 0; cpp++) { + if (msg_verbose) + msg_info("%s: %s", myname, dict_type_name); + if (strchr(dict_type_name, ':') == 0) + DICT_PIPE_RETURN(dict_surrogate(DICT_TYPE_PIPE, name, + open_flags, dict_flags, + "bad syntax: \"%s\" in \"%s:%s\"; " + "need \"type:name\"", + dict_type_name, DICT_TYPE_PIPE, + name)); + if ((dict = dict_handle(dict_type_name)) == 0) + dict = dict_open(dict_type_name, open_flags, dict_flags); + dict_register(dict_type_name, dict); + DICT_OWNER_AGGREGATE(aggr_owner, dict->owner); + if (cpp == argv->argv) + match_flags = dict->flags & (DICT_FLAG_FIXED | DICT_FLAG_PATTERN); + } + + /* + * Bundle up the result. + */ + dict_pipe = + (DICT_PIPE *) dict_alloc(DICT_TYPE_PIPE, name, sizeof(*dict_pipe)); + dict_pipe->dict.lookup = dict_pipe_lookup; + dict_pipe->dict.close = dict_pipe_close; + dict_pipe->dict.flags = dict_flags | match_flags; + dict_pipe->dict.owner = aggr_owner; + dict_pipe->qr_buf = vstring_alloc(100); + dict_pipe->map_pipe = argv; + argv = 0; + DICT_PIPE_RETURN(DICT_DEBUG (&dict_pipe->dict)); +} diff --git a/postfix/src/util/dict_pipe.h b/postfix/src/util/dict_pipe.h new file mode 100644 index 000000000..442fd4a84 --- /dev/null +++ b/postfix/src/util/dict_pipe.h @@ -0,0 +1,37 @@ +#ifndef _DICT_PIPE_H_INCLUDED_ +#define _DICT_PIPE_H_INCLUDED_ + +/*++ +/* NAME +/* dict_pipe 3h +/* SUMMARY +/* dictionary manager interface for pipelined tables +/* SYNOPSIS +/* #include +/* DESCRIPTION +/* .nf + + /* + * Utility library. + */ +#include + + /* + * External interface. + */ +#define DICT_TYPE_PIPE "pipeline" + +extern DICT *dict_pipe_open(const char *, int, int); + +/* LICENSE +/* .ad +/* .fi +/* The Secure Mailer license must be distributed with this software. +/* AUTHOR(S) +/* Wietse Venema +/* IBM T.J. Watson Research +/* P.O. Box 704 +/* Yorktown Heights, NY 10598, USA +/*--*/ + +#endif diff --git a/postfix/src/util/dict_random.c b/postfix/src/util/dict_random.c new file mode 100644 index 000000000..e085b2005 --- /dev/null +++ b/postfix/src/util/dict_random.c @@ -0,0 +1,129 @@ +/*++ +/* NAME +/* dict_random 3 +/* SUMMARY +/* dictionary manager interface for randomized tables +/* SYNOPSIS +/* #include +/* +/* DICT *dict_random_open(name, open_flags, dict_flags) +/* const char *name; +/* int open_flags; +/* int dict_flags; +/* DESCRIPTION +/* dict_random_open() opens an in-memory, read-only, table. +/* Example: "\fBrandom:\fI!result_1! ... !result_n\fR". +/* +/* Each table query returns a random choice from the specified +/* results. Other table access methods are not supported. +/* +/* The ASCII character after "random:" will be used as the +/* separator between the results that follow (do not use space, +/* ",", ":" or non-ASCII). +/* SEE ALSO +/* dict(3) generic dictionary manager +/* LICENSE +/* .ad +/* .fi +/* The Secure Mailer license must be distributed with this software. +/* AUTHOR(S) +/* Wietse Venema +/* IBM T.J. Watson Research +/* P.O. Box 704 +/* Yorktown Heights, NY 10598, USA +/*--*/ + +/* System library. */ + +#include +#include + +/* Utility library. */ + +#include +#include +#include +#include + +/* Application-specific. */ + +typedef struct { + DICT dict; /* generic members */ + ARGV *replies; /* reply values */ +} DICT_RANDOM; + +#define STR(x) vstring_str(x) + +/* dict_random_lookup - find randomized-table entry */ + +static const char *dict_random_lookup(DICT *dict, const char *unused_query) +{ + DICT_RANDOM *dict_random = (DICT_RANDOM *) dict; + + DICT_ERR_VAL_RETURN(dict, DICT_ERR_NONE, + dict_random->replies->argv[myrand() % dict_random->replies->argc]); +} + +/* dict_random_close - disassociate from randomized table */ + +static void dict_random_close(DICT *dict) +{ + DICT_RANDOM *dict_random = (DICT_RANDOM *) dict; + + argv_free(dict_random->replies); + dict_free(dict); +} + +/* dict_random_open - open a randomized table */ + +DICT *dict_random_open(const char *name, int open_flags, int dict_flags) +{ + DICT_RANDOM *dict_random; + char *saved_name = 0; + char delim[2]; + + /* + * Clarity first. Let the optimizer worry about redundant code. + */ +#define DICT_RANDOM_RETURN(x) do { \ + if (saved_name != 0) \ + myfree(saved_name); \ + return (x); \ + } while (0) + + /* + * Sanity checks. + */ + if (open_flags != O_RDONLY) + DICT_RANDOM_RETURN(dict_surrogate(DICT_TYPE_RANDOM, name, + open_flags, dict_flags, + "%s:%s map requires O_RDONLY access mode", + DICT_TYPE_RANDOM, name)); + + /* + * Split the name on the user-specified delimiter. + */ + delim[0] = name[0]; /* XXX ASCII delimiter */ + delim[1] = 0; + saved_name = mystrdup(name + 1); /* XXX ASCII delimiter */ + if (*saved_name == 0) + DICT_RANDOM_RETURN(dict_surrogate(DICT_TYPE_RANDOM, name, + open_flags, dict_flags, + "bad syntax: \"%s:%s\"; need \"%s:%svalue%s...\"", + DICT_TYPE_RANDOM, name, + DICT_TYPE_RANDOM, delim, delim)); + + /* + * Bundle up the result. + */ + dict_random = + (DICT_RANDOM *) dict_alloc(DICT_TYPE_RANDOM, name, sizeof(*dict_random)); + dict_random->dict.lookup = dict_random_lookup; + dict_random->dict.close = dict_random_close; + dict_random->dict.flags = dict_flags | DICT_FLAG_PATTERN; + dict_random->replies = argv_split(saved_name, delim); + dict_random->dict.owner.status = DICT_OWNER_TRUSTED; + dict_random->dict.owner.uid = 0; + + DICT_RANDOM_RETURN(DICT_DEBUG(&dict_random->dict)); +} diff --git a/postfix/src/util/dict_random.h b/postfix/src/util/dict_random.h new file mode 100644 index 000000000..374f8537e --- /dev/null +++ b/postfix/src/util/dict_random.h @@ -0,0 +1,37 @@ +#ifndef _DICT_RANDOM_H_INCLUDED_ +#define _DICT_RANDOM_H_INCLUDED_ + +/*++ +/* NAME +/* dict_random 3h +/* SUMMARY +/* dictionary manager interface for ramdomized tables +/* SYNOPSIS +/* #include +/* DESCRIPTION +/* .nf + + /* + * Utility library. + */ +#include + + /* + * External interface. + */ +#define DICT_TYPE_RANDOM "random" + +extern DICT *dict_random_open(const char *, int, int); + +/* LICENSE +/* .ad +/* .fi +/* The Secure Mailer license must be distributed with this software. +/* AUTHOR(S) +/* Wietse Venema +/* IBM T.J. Watson Research +/* P.O. Box 704 +/* Yorktown Heights, NY 10598, USA +/*--*/ + +#endif