From 74f701089ef7d00a203546481945329bbdc08d8d Mon Sep 17 00:00:00 2001
From: Wietse Venema <wietse@porcupine.org>
Date: Mon, 17 Mar 2008 00:00:00 -0500
Subject: [PATCH] postfix-2.5.2-RC1

---
 postfix/HISTORY                          | 18 +++++++++++++
 postfix/src/bounce/bounce_template.c     |  2 +-
 postfix/src/global/mail_version.h        |  4 +--
 postfix/src/smtpd/smtpd.c                |  8 +++---
 postfix/src/xsasl/xsasl_dovecot_server.c | 34 +++++++++++++++++++++---
 5 files changed, 55 insertions(+), 11 deletions(-)

diff --git a/postfix/HISTORY b/postfix/HISTORY
index a23b5eade..6d08693ca 100644
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@@ -14312,3 +14312,21 @@ Apologies for any names omitted.
 	Cleanup: multi-line support in SMTP server replies.  File:
 	smtpd/smtpd_chat.c.
 
+20080228
+
+	Bugfix: bounce(8) segfault on one-line template text.
+	Problem found by Sacha Chlytor. File: bounce/bounce_template.c.
+
+20080310
+
+	Safety: the SMTP server's Dovecot authentication client now
+	enforces the SASL mechanism output filter also on client
+	command input. File: src/xsasl/xsasl_dovecot_server.c.
+
+20080311
+
+	Bugfix (introduced 20070811): the MAIL and RCPT Milter
+	application call-backs no longer received {mail_addr} or
+	{rcpt_addr} information. Problem reported by Anton Yuzhaninov.
+	File: smtpd/smtpd.c.
+
diff --git a/postfix/src/bounce/bounce_template.c b/postfix/src/bounce/bounce_template.c
index 352944b59..ed67c81e5 100644
--- a/postfix/src/bounce/bounce_template.c
+++ b/postfix/src/bounce/bounce_template.c
@@ -343,7 +343,7 @@ static void bounce_template_parse_buffer(BOUNCE_TEMPLATE *tp)
      * Is this 7bit or 8bit text? If the character set is US-ASCII, then
      * don't allow 8bit text. Don't assume 8bit when charset was changed.
      */
-#define NON_ASCII(p) (*(p) && !allascii((p)))
+#define NON_ASCII(p) ((p) && *(p) && !allascii((p)))
 
     if (NON_ASCII(cp) || NON_ASCII(tval)) {
 	if (strcasecmp(tp->mime_charset, "us-ascii") == 0) {
diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h
index 3b0af353a..c9dfe56bf 100644
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -20,8 +20,8 @@
   * Patches change both the patchlevel and the release date. Snapshots have no
   * patchlevel; they change the release date only.
   */
-#define MAIL_RELEASE_DATE	"20080216"
-#define MAIL_VERSION_NUMBER	"2.5.1"
+#define MAIL_RELEASE_DATE	"20080317"
+#define MAIL_VERSION_NUMBER	"2.5.2-RC1"
 
 #ifdef SNAPSHOT
 # define MAIL_VERSION_DATE	"-" MAIL_RELEASE_DATE
diff --git a/postfix/src/smtpd/smtpd.c b/postfix/src/smtpd/smtpd.c
index 35d1cf045..266064a84 100644
--- a/postfix/src/smtpd/smtpd.c
+++ b/postfix/src/smtpd/smtpd.c
@@ -2108,14 +2108,14 @@ static int mail_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv)
     if (smtpd_milters != 0
 	&& SMTPD_STAND_ALONE(state) == 0
 	&& (state->saved_flags & MILTER_SKIP_FLAGS) == 0) {
+	PUSH_STRING(saved_sender, state->sender, STR(state->addr_buf));
 	err = milter_mail_event(smtpd_milters,
 				milter_argv(state, argc - 2, argv + 2));
 	if (err != 0) {
 	    /* Log reject etc. with correct sender information. */
-	    PUSH_STRING(saved_sender, state->sender, STR(state->addr_buf));
 	    err = check_milter_reply(state, err);
-	    POP_STRING(saved_sender, state->sender);
 	}
+	POP_STRING(saved_sender, state->sender);
 	if (err != 0) {
 	    /* XXX Reset access map side effects. */
 	    mail_reset(state);
@@ -2362,14 +2362,14 @@ static int rcpt_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv)
 	}
 	if (smtpd_milters != 0
 	    && (state->saved_flags & MILTER_SKIP_FLAGS) == 0) {
+	    PUSH_STRING(saved_rcpt, state->recipient, STR(state->addr_buf));
 	    err = milter_rcpt_event(smtpd_milters,
 				    milter_argv(state, argc - 2, argv + 2));
 	    if (err != 0) {
 		/* Log reject etc. with correct recipient information. */
-		PUSH_STRING(saved_rcpt, state->recipient, STR(state->addr_buf));
 		err = check_milter_reply(state, err);
-		POP_STRING(saved_rcpt, state->recipient);
 	    }
+	    POP_STRING(saved_rcpt, state->recipient);
 	    if (err != 0) {
 		smtpd_chat_reply(state, "%s", err);
 		return (-1);
diff --git a/postfix/src/xsasl/xsasl_dovecot_server.c b/postfix/src/xsasl/xsasl_dovecot_server.c
index 36bed9e7d..810cb8c7f 100644
--- a/postfix/src/xsasl/xsasl_dovecot_server.c
+++ b/postfix/src/xsasl/xsasl_dovecot_server.c
@@ -50,6 +50,10 @@
 #include <stdlib.h>
 #include <string.h>
 
+#ifdef STRCASECMP_IN_STRINGS_H
+#include <strings.h>
+#endif
+
 /* Utility library. */
 
 #include <msg.h>
@@ -60,6 +64,7 @@
 #include <vstream.h>
 #include <vstring_vstream.h>
 #include <name_mask.h>
+#include <argv.h>
 
 /* Global library. */
 
@@ -156,6 +161,7 @@ typedef struct {
     VSTRING *sasl_line;
     unsigned int sec_props;		/* Postfix mechanism filter */
     char   *mechanism_list;		/* filtered mechanism list */
+    ARGV   *mechanism_argv;		/* ditto */
 } XSASL_DOVECOT_SERVER;
 
  /*
@@ -208,7 +214,8 @@ static void xsasl_dovecot_server_mech_free(XSASL_DCSRV_MECH *mech_list)
 
 /* xsasl_dovecot_server_mech_filter - filter server mechanism list */
 
-static char *xsasl_dovecot_server_mech_filter(XSASL_DCSRV_MECH *mechanism_list,
+static char *xsasl_dovecot_server_mech_filter(ARGV *mechanism_argv,
+				           XSASL_DCSRV_MECH *mechanism_list,
 					            unsigned int conf_props)
 {
     const char *myname = "xsasl_dovecot_server_mech_filter";
@@ -226,6 +233,7 @@ static char *xsasl_dovecot_server_mech_filter(XSASL_DCSRV_MECH *mechanism_list,
 	    if (VSTRING_LEN(mechanisms_str) > 0)
 		VSTRING_ADDCH(mechanisms_str, ' ');
 	    vstring_strcat(mechanisms_str, mp->mech_name);
+	    argv_add(mechanism_argv, mp->mech_name, (char *) 0);
 	    if (msg_verbose)
 		msg_info("%s: keep mechanism: %s", myname, mp->mech_name);
 	} else {
@@ -400,6 +408,7 @@ static XSASL_SERVER *xsasl_dovecot_server_create(XSASL_SERVER_IMPL *impl,
     server->service = mystrdup(service);
     server->last_request_id = 0;
     server->mechanism_list = 0;
+    server->mechanism_argv = 0;
     server->sec_props =
 	name_mask_opt(myname, xsasl_dovecot_conf_sec_props,
 		      sec_props, NAME_MASK_ANY_CASE | NAME_MASK_FATAL);
@@ -417,10 +426,13 @@ static const char *xsasl_dovecot_server_get_mechanism_list(XSASL_SERVER *xp)
 	if (xsasl_dovecot_server_connect(server->impl) < 0)
 	    return (0);
     }
-    if (server->mechanism_list == 0)
+    if (server->mechanism_list == 0) {
+	server->mechanism_argv = argv_alloc(2);
 	server->mechanism_list =
-	    xsasl_dovecot_server_mech_filter(server->impl->mechanism_list,
+	    xsasl_dovecot_server_mech_filter(server->mechanism_argv,
+					     server->impl->mechanism_list,
 					     server->sec_props);
+    }
     return (server->mechanism_list[0] ? server->mechanism_list : 0);
 }
 
@@ -433,8 +445,10 @@ static void xsasl_dovecot_server_free(XSASL_SERVER *xp)
     vstring_free(server->sasl_line);
     if (server->username)
 	myfree(server->username);
-    if (server->mechanism_list)
+    if (server->mechanism_list) {
 	myfree(server->mechanism_list);
+	argv_free(server->mechanism_argv);
+    }
     myfree(server->service);
     myfree((char *) server);
 }
@@ -558,6 +572,7 @@ int     xsasl_dovecot_server_first(XSASL_SERVER *xp, const char *sasl_method,
     const char *myname = "xsasl_dovecot_server_first";
     XSASL_DOVECOT_SERVER *server = (XSASL_DOVECOT_SERVER *) xp;
     int     i;
+    char  **cpp;
 
 #define IFELSE(e1,e2,e3) ((e1) ? (e2) : (e3))
 
@@ -566,6 +581,17 @@ int     xsasl_dovecot_server_first(XSASL_SERVER *xp, const char *sasl_method,
 		 IFELSE(init_response, ", init_response ", ""),
 		 IFELSE(init_response, init_response, ""));
 
+    if (server->mechanism_argv == 0)
+	msg_panic("%s: no mechanism list", myname);
+
+    for (cpp = server->mechanism_argv->argv; /* see below */ ; cpp++) {
+	if (*cpp == 0) {
+	    vstring_strcpy(reply, "Invalid authentication mechanism");
+	    return XSASL_AUTH_FAIL;
+	}
+	if (strcasecmp(sasl_method, *cpp) == 0)
+	    break;
+    }
     if (init_response)
 	if (!is_valid_base64(init_response)) {
 	    vstring_strcpy(reply, "Invalid base64 data in initial response");
-- 
2.47.3