From: Wietse Venema <wietse@porcupine.org>
Date: Sun, 20 May 2012 05:00:00 +0000 (-0500)
Subject: postfix-2.9.3
X-Git-Tag: v2.9.3^0
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f8d5a6455193a2bd3f5f0c6e7a1d467587e729fb;p=thirdparty%2Fpostfix.git

postfix-2.9.3
---

diff --git a/postfix/HISTORY b/postfix/HISTORY
index cbcd3bb88..0f043271a 100644
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@@ -17644,3 +17644,60 @@ Apologies for any names omitted.
 	a patch by Victor Duchovni.  Files: proto/TLS_README.html,
 	proto/postconf.proto, tls/tls.h, tls/tls_misc.c, tls/tls_client.c,
 	tls/tls_server.c.
+
+20120425
+
+	Workaround: bugs in 10-year old gcc versions break compilation
+	with #ifdef inside a macro invocation (NOT: definition).
+	This synchronizes the Postfix 2.9 TLS implementation with
+	Postfix 2.10 to simplify code maintenance.  Files: tls/tls.h,
+	tls/tls_client.c, tls/tls_server.c.
+
+20120426
+
+	Bugfix (introduced Postfix 2.9): the postconf command flagged
+	parameters defined in master.cf as "unused" when they were
+	used only in main.cf. Problem reported by Michael Tokarev.
+	Files: postconf/postconf_user.c.
+
+20120516
+
+	Workaround: apparently, FreeBSD 8.3 kqueue notifications
+	sometimes break when a dnsblog(8) process loses an accept()
+	race on a shared socket, resulting in repeated "connect to
+	private/dnsblog service: Connection refused" warnings.  This
+	condition is unique to dnsblog(8). The postscreen(8) daemon
+	closes a postscreen-to-dnsblog connection as soon as it
+	receives a dnsblog(8) reply, resulting in hundreds or
+	thousands of connection requests per second.  All other
+	multi-server daemons such as anvil(8) or proxymap(8) have
+	connection lifetimes ranging from 5s to 1000s depending on
+	server load.  The workaround is for dnsblog to use the
+	single_server driver instead of the multi_server driver.
+	This one-line code change eliminates the accept() race
+	without any Postfix performance impact.  Problem reported
+	by Sahil Tandon.  File: dnsblog/dnsblog.c.
+
+20120517
+
+	Workaround: to avoid crashes when the OpenSSL library is
+	updated without "postfix reload", the Postfix TLS session
+	cache ID now includes the OpenSSL library version number.
+	Note: this problem cannot be fixed in tlsmgr(8). Code by
+	Victor Duchovni. Files: tls/tls_server.c, tls_client.c.
+
+20120520
+
+	Bugfix (introduced Postfix 2.4): the event_drain() function
+	was comparing bitmasks incorrectly causing the program to
+	always wait for the full time limit. This error affected
+	the unused postkick command, but only after s/fifo/unix/
+	in master.cf.  File: util/events.c.
+
+	Cleanup: laptop users have always been able to avoid
+	unnecessary disk spin-up by doing s/fifo/unix/ in master.cf
+	(this is currently not supported on Solaris systems).
+	However, to make this work reliably, the "postqueue -f"
+	command must wait until its requests have reached the pickup
+	and qmgr servers before closing the UNIX-domain request
+	sockets.  Files: postqueue/postqueue.c, postqueue/Makefile.in.
diff --git a/postfix/src/dnsblog/dnsblog.c b/postfix/src/dnsblog/dnsblog.c
index 977a68347..d2f6843a8 100644
--- a/postfix/src/dnsblog/dnsblog.c
+++ b/postfix/src/dnsblog/dnsblog.c
@@ -257,6 +257,7 @@ static void post_jail_init(char *unused_name, char **unused_argv)
     query = vstring_alloc(100);
     why = vstring_alloc(100);
     result = vstring_alloc(100);
+    var_use_limit = 0;
 }
 
 MAIL_VERSION_STAMP_DECLARE;
@@ -275,9 +276,9 @@ int     main(int argc, char **argv)
      */
     MAIL_VERSION_STAMP_ALLOCATE;
 
-    multi_server_main(argc, argv, dnsblog_service,
-		      MAIL_SERVER_TIME_TABLE, time_table,
-		      MAIL_SERVER_POST_INIT, post_jail_init,
-		      MAIL_SERVER_UNLIMITED,
-		      0);
+    single_server_main(argc, argv, dnsblog_service,
+		       MAIL_SERVER_TIME_TABLE, time_table,
+		       MAIL_SERVER_POST_INIT, post_jail_init,
+		       MAIL_SERVER_UNLIMITED,
+		       0);
 }
diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h
index 91e9f1eac..cd3f0ccff 100644
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -20,8 +20,8 @@
   * Patches change both the patchlevel and the release date. Snapshots have no
   * patchlevel; they change the release date only.
   */
-#define MAIL_RELEASE_DATE	"20120424"
-#define MAIL_VERSION_NUMBER	"2.9.2"
+#define MAIL_RELEASE_DATE	"20120520"
+#define MAIL_VERSION_NUMBER	"2.9.3"
 
 #ifdef SNAPSHOT
 # define MAIL_VERSION_DATE	"-" MAIL_RELEASE_DATE
diff --git a/postfix/src/postconf/postconf_user.c b/postfix/src/postconf/postconf_user.c
index d3ff7e318..1ad955869 100644
--- a/postfix/src/postconf/postconf_user.c
+++ b/postfix/src/postconf/postconf_user.c
@@ -126,15 +126,28 @@ static const char *flag_user_parameter(const char *mac_name,
      * compatibility after a feature name change.
      */
     if (local_scope && dict_get(local_scope->all_params, mac_name)) {
+	/* $name in master.cf references name=value in master.cf. */
 	if (PC_PARAM_TABLE_LOCATE(local_scope->valid_names, mac_name) == 0)
 	    PC_PARAM_TABLE_ENTER(local_scope->valid_names, mac_name,
 				 PC_PARAM_FLAG_USER, PC_PARAM_NO_DATA,
 				 convert_user_parameter);
     } else if (mail_conf_lookup(mac_name) != 0) {
+	/* $name in main/master.cf references name=value in main.cf. */
 	if (PC_PARAM_TABLE_LOCATE(param_table, mac_name) == 0)
 	    PC_PARAM_TABLE_ENTER(param_table, mac_name, PC_PARAM_FLAG_USER,
 				 PC_PARAM_NO_DATA, convert_user_parameter);
     }
+    if (local_scope == 0) {
+	for (local_scope = master_table; local_scope->argv; local_scope++) {
+	    if (local_scope->all_params != 0
+		&& dict_get(local_scope->all_params, mac_name) != 0
+	    /* $name in main.cf references name=value in master.cf. */
+		&& PC_PARAM_TABLE_LOCATE(local_scope->valid_names, mac_name) == 0)
+		PC_PARAM_TABLE_ENTER(local_scope->valid_names, mac_name,
+				     PC_PARAM_FLAG_USER, PC_PARAM_NO_DATA,
+				     convert_user_parameter);
+	}
+    }
     return (0);
 }
 
@@ -277,21 +290,7 @@ void    register_user_parameters(void)
     rest_class_table = htable_create(1);
 
     /*
-     * Scan parameter values that are left at their defaults in the global
-     * name space. Some defaults contain the $name of an obsolete parameter
-     * for backwards compatilility purposes. We might warn that an explicit
-     * name=value is obsolete, but we must not warn that the parameter is
-     * unused.
-     */
-    scan_default_parameter_values(param_table, CONFIG_DICT, (PC_MASTER_ENT *) 0);
-
-    /*
-     * Scan the explicit name=value entries in the global name space.
-     */
-    scan_user_parameter_namespace(CONFIG_DICT, (PC_MASTER_ENT *) 0);
-
-    /*
-     * Scan the "-o parameter=value" instances in each master.cf name space.
+     * Initialize the per-service parameter name spaces.
      */
     for (masterp = master_table; (argv = masterp->argv) != 0; masterp++) {
 	for (field = PC_MASTER_MIN_FIELDS; argv->argv[field] != 0; field++) {
@@ -309,7 +308,27 @@ void    register_user_parameters(void)
 	if ((dict = dict_handle(masterp->name_space)) != 0) {
 	    masterp->all_params = dict;
 	    masterp->valid_names = htable_create(1);
-	    scan_user_parameter_namespace(masterp->name_space, masterp);
 	}
     }
+
+    /*
+     * Scan parameter values that are left at their defaults in the global
+     * name space. Some defaults contain the $name of an obsolete parameter
+     * for backwards compatilility purposes. We might warn that an explicit
+     * name=value is obsolete, but we must not warn that the parameter is
+     * unused.
+     */
+    scan_default_parameter_values(param_table, CONFIG_DICT, (PC_MASTER_ENT *) 0);
+
+    /*
+     * Scan the explicit name=value entries in the global name space.
+     */
+    scan_user_parameter_namespace(CONFIG_DICT, (PC_MASTER_ENT *) 0);
+
+    /*
+     * Scan the "-o parameter=value" instances in each master.cf name space.
+     */
+    for (masterp = master_table; masterp->argv != 0; masterp++)
+	if (masterp->all_params != 0)
+	    scan_user_parameter_namespace(masterp->name_space, masterp);
 }
diff --git a/postfix/src/postqueue/Makefile.in b/postfix/src/postqueue/Makefile.in
index c7ebd3c74..396ab97c6 100644
--- a/postfix/src/postqueue/Makefile.in
+++ b/postfix/src/postqueue/Makefile.in
@@ -61,6 +61,7 @@ postqueue.o: ../../include/argv.h
 postqueue.o: ../../include/attr.h
 postqueue.o: ../../include/clean_env.h
 postqueue.o: ../../include/connect.h
+postqueue.o: ../../include/events.h
 postqueue.o: ../../include/flush_clnt.h
 postqueue.o: ../../include/iostuff.h
 postqueue.o: ../../include/mail_conf.h
diff --git a/postfix/src/postqueue/postqueue.c b/postfix/src/postqueue/postqueue.c
index 6ea91f90b..ade5af9ee 100644
--- a/postfix/src/postqueue/postqueue.c
+++ b/postfix/src/postqueue/postqueue.c
@@ -187,6 +187,7 @@
 #include <connect.h>
 #include <valid_hostname.h>
 #include <warn_stat.h>
+#include <events.h>
 
 /* Global library. */
 
@@ -352,6 +353,7 @@ static void flush_queue(void)
     if (mail_flush_maildrop() < 0)
 	msg_fatal_status(EX_UNAVAILABLE,
 			 "Cannot flush mail queue - mail system is down");
+    event_drain(2);
 }
 
 /* flush_site - flush mail for site */
diff --git a/postfix/src/tls/tls.h b/postfix/src/tls/tls.h
index 870e7f4b3..66972c509 100644
--- a/postfix/src/tls/tls.h
+++ b/postfix/src/tls/tls.h
@@ -63,8 +63,6 @@ extern const NAME_CODE tls_level_table[];
 #include <name_mask.h>
 #include <name_code.h>
 
-#define TLS_BIO_BUFSIZE	8192
-
  /*
   * Names of valid tlsmgr(8) session caches.
   */
@@ -179,11 +177,15 @@ extern void tls_param_init(void);
 #define TLS_PROTOCOL_TLSv1_1	(1<<3)	/* TLSv1_1 */
 #else
 #define TLS_PROTOCOL_TLSv1_1	0	/* Unknown */
+#undef  SSL_OP_NO_TLSv1_1
+#define SSL_OP_NO_TLSv1_1	0L	/* Noop */
 #endif
 #ifdef SSL_TXT_TLSV1_2
 #define TLS_PROTOCOL_TLSv1_2	(1<<4)	/* TLSv1_2 */
 #else
 #define TLS_PROTOCOL_TLSv1_2	0	/* Unknown */
+#undef  SSL_OP_NO_TLSv1_2
+#define SSL_OP_NO_TLSv1_2	0L	/* Noop */
 #endif
 #define TLS_KNOWN_PROTOCOLS	\
 	( TLS_PROTOCOL_SSLv2 | TLS_PROTOCOL_SSLv3 | TLS_PROTOCOL_TLSv1 \
diff --git a/postfix/src/tls/tls_client.c b/postfix/src/tls/tls_client.c
index b75bca5b5..fc2684944 100644
--- a/postfix/src/tls/tls_client.c
+++ b/postfix/src/tls/tls_client.c
@@ -826,6 +826,12 @@ TLS_SESS_STATE *tls_client_start(const TLS_CLIENT_START_PROPS *props)
 	msg_info("%s: TLS cipher list \"%s\"", props->namaddr, cipher_list);
     vstring_sprintf_append(myserverid, "&c=%s", cipher_list);
 
+    /*
+     * Finally, salt the session key with the OpenSSL library version,
+     * (run-time, rather than compile-time, just in case that matters).
+     */
+    vstring_sprintf_append(myserverid, "&l=%ld", (long) SSLeay());
+
     /*
      * Allocate a new TLScontext for the new connection and get an SSL
      * structure. Add the location of TLScontext to the SSL to later retrieve
@@ -859,12 +865,8 @@ TLS_SESS_STATE *tls_client_start(const TLS_CLIENT_START_PROPS *props)
     if (protomask != 0)
 	SSL_set_options(TLScontext->con,
 		   ((protomask & TLS_PROTOCOL_TLSv1) ? SSL_OP_NO_TLSv1 : 0L)
-#ifdef SSL_OP_NO_TLSv1_1
 	     | ((protomask & TLS_PROTOCOL_TLSv1_1) ? SSL_OP_NO_TLSv1_1 : 0L)
-#endif
-#ifdef SSL_OP_NO_TLSv1_2
 	     | ((protomask & TLS_PROTOCOL_TLSv1_2) ? SSL_OP_NO_TLSv1_2 : 0L)
-#endif
 		 | ((protomask & TLS_PROTOCOL_SSLv3) ? SSL_OP_NO_SSLv3 : 0L)
 	       | ((protomask & TLS_PROTOCOL_SSLv2) ? SSL_OP_NO_SSLv2 : 0L));
 
diff --git a/postfix/src/tls/tls_server.c b/postfix/src/tls/tls_server.c
index 245722216..f0ebf669c 100644
--- a/postfix/src/tls/tls_server.c
+++ b/postfix/src/tls/tls_server.c
@@ -181,9 +181,10 @@ static SSL_SESSION *get_server_session_cb(SSL *ssl, unsigned char *session_id,
 
 #define GEN_CACHE_ID(buf, id, len, service) \
     do { \
-	buf = vstring_alloc(2 * (len) + 1 + strlen(service) + 3); \
+	buf = vstring_alloc(2 * (len + strlen(service))); \
 	hex_encode(buf, (char *) (id), (len)); \
     	vstring_sprintf_append(buf, "&s=%s", (service)); \
+    	vstring_sprintf_append(buf, "&l=%ld", (long) SSLeay()); \
     } while (0)
 
 
@@ -403,12 +404,8 @@ TLS_APPL_STATE *tls_server_init(const TLS_SERVER_INIT_PROPS *props)
     if (protomask != 0)
 	SSL_CTX_set_options(server_ctx,
 		   ((protomask & TLS_PROTOCOL_TLSv1) ? SSL_OP_NO_TLSv1 : 0L)
-#ifdef SSL_OP_NO_TLSv1_1
 	     | ((protomask & TLS_PROTOCOL_TLSv1_1) ? SSL_OP_NO_TLSv1_1 : 0L)
-#endif
-#ifdef SSL_OP_NO_TLSv1_2
 	     | ((protomask & TLS_PROTOCOL_TLSv1_2) ? SSL_OP_NO_TLSv1_2 : 0L)
-#endif
 		 | ((protomask & TLS_PROTOCOL_SSLv3) ? SSL_OP_NO_SSLv3 : 0L)
 	       | ((protomask & TLS_PROTOCOL_SSLv2) ? SSL_OP_NO_SSLv2 : 0L));
 
diff --git a/postfix/src/util/events.c b/postfix/src/util/events.c
index d79596f57..5dcfe5d55 100644
--- a/postfix/src/util/events.c
+++ b/postfix/src/util/events.c
@@ -180,6 +180,7 @@ typedef fd_set EVENT_MASK;
 #define EVENT_MASK_SET(fd, mask)	FD_SET((fd), (mask))
 #define EVENT_MASK_ISSET(fd, mask)	FD_ISSET((fd), (mask))
 #define EVENT_MASK_CLR(fd, mask)	FD_CLR((fd), (mask))
+#define EVENT_MASK_CMP(m1, m2) memcmp((m1), (m2), EVENT_MASK_BYTE_COUNT(m1))
 #else
 
  /*
@@ -226,6 +227,8 @@ typedef struct {
 	(EVENT_MASK_FD_BYTE((fd), (mask)) & EVENT_MASK_FD_BIT(fd))
 #define EVENT_MASK_CLR(fd, mask) \
 	(EVENT_MASK_FD_BYTE((fd), (mask)) &= ~EVENT_MASK_FD_BIT(fd))
+#define EVENT_MASK_CMP(m1, m2) \
+	memcmp((m1)->data, (m2)->data, EVENT_MASK_BYTE_COUNT(m1))
 #endif
 
  /*
@@ -664,8 +667,7 @@ void    event_drain(int time_limit)
     max_time = event_present + time_limit;
     while (event_present < max_time
 	   && (event_timer_head.pred != &event_timer_head
-	       || memcmp(&zero_mask, &event_xmask,
-			 EVENT_MASK_BYTE_COUNT(&zero_mask)) != 0)) {
+	       || EVENT_MASK_CMP(&zero_mask, &event_xmask) != 0)) {
 	event_loop(1);
 #if (EVENTS_STYLE != EVENTS_STYLE_SELECT)
 	if (EVENT_MASK_BYTE_COUNT(&zero_mask)