From afa93364ff6a43edeff048cf271b85f7e57e56c6 Mon Sep 17 00:00:00 2001
From: Wietse Venema <wietse@porcupine.org>
Date: Tue, 3 Jan 2006 00:00:00 -0500
Subject: [PATCH] postfix-2.2.8

---
 postfix/HISTORY                      | 42 ++++++++++++++++++++++++++++
 postfix/examples/chroot-setup/LINUX2 |  8 ++++++
 postfix/makedefs                     |  2 ++
 postfix/src/anvil/anvil.c            |  6 ++++
 postfix/src/global/mail_version.h    |  4 +--
 postfix/src/postqueue/postqueue.c    |  1 +
 postfix/src/smtp/smtp_chat.c         | 31 ++++++++++++++------
 postfix/src/smtp/smtp_proto.c        | 16 +++++------
 postfix/src/util/dict_regexp.c       |  9 ++++++
 postfix/src/util/sys_defs.h          |  2 +-
 10 files changed, 102 insertions(+), 19 deletions(-)

diff --git a/postfix/HISTORY b/postfix/HISTORY
index d325405a4..a6fac711b 100644
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@@ -10752,3 +10752,45 @@ Apologies for any names omitted.
 	defer logfile record when the target delivery agent was
 	broken.  This the analog of queue manager bugfix 20051119.
 	Files: global/deliver_pass.c.
+
+20051212
+
+	Bugfix: an EHLO I/O error after STARTTLS would be reported
+	as a STARTTLS I/O error. File: smtp/smtp_proto.c.
+
+20051213
+
+	Bugfix: the *SQL, proxy and LDAP maps were not defined in
+	user-land commands such as postqueue. Leandro Santi. File:
+	postqueue/postqueue.c.
+
+20051225
+
+	Workaround: the regexp map cleverly avoided scanning constant
+	results for non-existent $number expressions, but failed
+	to subject those constant results to $$ -> $ replacement.
+	Since fixing this requires too much change for a stable
+	release, the optimization is turned off (it doesn't exist
+	in the 2.2 PCRE map, either). Files: util/dict_regexp.c.
+
+20051231
+
+	Bugfix: the anvil server would terminate after "max_idle"
+	seconds, even when this was less than the anvil_rate_time_unit
+	interval. File: anvil/anvil.c.
+
+20060101
+
+	Portability: 64-bit support for LINUX chroot script by Keith
+	Owens.  File: examples/chroot-setup/LINUX2.
+
+20060103
+
+	Backout: the Postfix 2.2.6 paranoia about garbage in remote
+	server replies caused "multiple delivery" problems or "no
+	delivery" problems with broken servers/firewalls. Postfix
+	still logs a warning but no longer defers delivery.  File:
+	smtp/smtp_chat.c.
+
+	Portability: FreeBSD 6 is a supported platform. Files:
+	util/sys_defs.h, makedefs.
diff --git a/postfix/examples/chroot-setup/LINUX2 b/postfix/examples/chroot-setup/LINUX2
index f63c22c17..f9c6184d8 100644
--- a/postfix/examples/chroot-setup/LINUX2
+++ b/postfix/examples/chroot-setup/LINUX2
@@ -42,6 +42,8 @@
 # Revision 1.4  2001/01/15 09:36:35  emma
 # add note it was successfully tested on Debian sid
 #
+# 20060101 /lib64 support by Keith Owens.
+#
 
 CP="cp -p"
 
@@ -62,6 +64,7 @@ POSTFIX_DIR=${POSTFIX_DIR-/var/spool/postfix}
 cd ${POSTFIX_DIR}
 
 mkdir -p etc lib usr/lib/zoneinfo
+test -d /lib64 && mkdir -p lib64
 
 # find localtime (SuSE 5.3 does not have /etc/localtime)
 lt=/etc/localtime
@@ -79,5 +82,10 @@ ln -s -f /etc/localtime usr/lib/zoneinfo
 cond_copy '/lib/libnss_*.so*' lib
 cond_copy '/lib/libresolv.so*' lib
 cond_copy '/lib/libdb.so*' lib
+if test -d /lib64; then
+  cond_copy '/lib64/libnss_*.so*' lib64
+  cond_copy '/lib64/libresolv.so*' lib64
+  cond_copy '/lib64/libdb.so*' lib64
+fi
 
 postfix reload
diff --git a/postfix/makedefs b/postfix/makedefs
index 28058794d..0f2612d09 100644
--- a/postfix/makedefs
+++ b/postfix/makedefs
@@ -116,6 +116,8 @@ case "$SYSTEM.$RELEASE" in
 		;;
   FreeBSD.5*)	SYSTYPE=FREEBSD5
 		;;
+  FreeBSD.6*)	SYSTYPE=FREEBSD6
+		;;
   OpenBSD.2*)	SYSTYPE=OPENBSD2
 		;;
   OpenBSD.3*)	SYSTYPE=OPENBSD3
diff --git a/postfix/src/anvil/anvil.c b/postfix/src/anvil/anvil.c
index 8d40180d7..ad59716bb 100644
--- a/postfix/src/anvil/anvil.c
+++ b/postfix/src/anvil/anvil.c
@@ -806,6 +806,12 @@ static void post_jail_init(char *unused_name, char **unused_argv)
      * Do not limit the number of client requests.
      */
     var_use_limit = 0;
+
+    /*
+     * Don't exit before the sampling interval ends.
+     */
+    if (var_idle_limit < var_anvil_time_unit)
+	var_idle_limit = var_anvil_time_unit;
 }
 
 /* anvil_status_dump - log and reset extreme usage */
diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h
index e3ced8a03..07653d390 100644
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -20,8 +20,8 @@
   * Patches change the patchlevel and the release date. Snapshots change the
   * release date only.
   */
-#define MAIL_RELEASE_DATE	"20051208"
-#define MAIL_VERSION_NUMBER	"2.2.7"
+#define MAIL_RELEASE_DATE	"20060103"
+#define MAIL_VERSION_NUMBER	"2.2.8"
 
 #define VAR_MAIL_VERSION	"mail_version"
 #ifdef SNAPSHOT
diff --git a/postfix/src/postqueue/postqueue.c b/postfix/src/postqueue/postqueue.c
index 6f6ae1d90..a5d7d906c 100644
--- a/postfix/src/postqueue/postqueue.c
+++ b/postfix/src/postqueue/postqueue.c
@@ -451,6 +451,7 @@ int     main(int argc, char **argv)
      * Further initialization...
      */
     mail_conf_read();
+    mail_dict_init();				/* proxy, sql, ldap */
     get_mail_conf_str_table(str_table);
 
     /*
diff --git a/postfix/src/smtp/smtp_chat.c b/postfix/src/smtp/smtp_chat.c
index db694c062..846deeebf 100644
--- a/postfix/src/smtp/smtp_chat.c
+++ b/postfix/src/smtp/smtp_chat.c
@@ -247,18 +247,33 @@ SMTP_RESP *smtp_chat_resp(SMTP_SESSION *session)
 	}
 
 	/*
-	 * XXX Do not ignore garbage when ESMTP command pipelining is turned
-	 * on. After sending ".<CR><LF>QUIT<CR><LF>", Postfix might recognize
-	 * the server's 2XX QUIT reply as a 2XX END-OF-DATA reply after
-	 * garbage, causing mail to be lost. Instead, make a long jump so
-	 * that all recipients of multi-recipient mail get consistent
-	 * treatment.
+	 * XXX Do not simply ignore garbage in the server reply when ESMTP
+	 * command pipelining is turned on.  For example, after sending
+	 * ".<CR><LF>QUIT<CR><LF>" and receiving garbage followed by a
+	 * legitimate 2XX reply, Postfix recognizes the server's QUIT reply
+	 * as the END-OF-DATA reply after garbage, causing mail to be lost.
+	 * 
+	 * Without the ability to store per-domain status information in queue
+	 * files, automatic workarounds are problematic. Automatically
+	 * deferring the delivery creates "no delivery" or "repeated
+	 * delivery" problems, and automatically turning off pipelining for
+	 * "old" mail affects deliveries to sites with correct pipelining
+	 * implementations.
+	 * 
+	 * So we leave the decision with the administrator, but we don't force
+	 * them to take action, like we would with automatic deferral.  If
+	 * loss of mail is not acceptable then they can turn off pipelining
+	 * for specific sites, or they can turn off pipelining globally when
+	 * they find that there are just too many broken sites.
 	 */
 	session->error_mask |= MAIL_ERROR_PROTOCOL;
 	if (session->features & SMTP_FEATURE_PIPELINING) {
-	    msg_warn("non-SMTP response from %s: %s",
+	    msg_warn("non-SMTP response from %s: %.100s",
 		     session->namaddr, STR(session->buffer));
-	    vstream_longjmp(session->stream, SMTP_ERR_PROTO);
+	    if (var_helpful_warnings)
+		msg_warn("to prevent loss of mail, turn off command pipelining "
+			 "for %s with the %s parameter", session->addr,
+			 VAR_SMTP_EHLO_DIS_MAPS);
 	}
     }
     if (three_digs != 0)
diff --git a/postfix/src/smtp/smtp_proto.c b/postfix/src/smtp/smtp_proto.c
index 67dfaeca2..2041dcec7 100644
--- a/postfix/src/smtp/smtp_proto.c
+++ b/postfix/src/smtp/smtp_proto.c
@@ -252,20 +252,20 @@ int     smtp_helo(SMTP_STATE *state, NOCLOBBER int misc_flags)
 
 #endif
 
+    /*
+     * Prepare for disaster.
+     */
+    smtp_timeout_setup(state->session->stream, var_smtp_helo_tmout);
+    if ((except = vstream_setjmp(state->session->stream)) != 0)
+	return (smtp_stream_except(state, except,
+			      "performing the initial protocol handshake"));
+
     /*
      * If not recursing after STARTTLS, examine the server greeting banner
      * and decide if we are going to send EHLO as the next command.
      */
     if ((misc_flags & SMTP_MISC_FLAG_IN_STARTTLS) == 0) {
 
-	/*
-	 * Prepare for disaster.
-	 */
-	smtp_timeout_setup(state->session->stream, var_smtp_helo_tmout);
-	if ((except = vstream_setjmp(state->session->stream)) != 0)
-	    return (smtp_stream_except(state, except,
-				    "receiving the initial SMTP greeting"));
-
 	/*
 	 * Read and parse the server's SMTP greeting banner.
 	 */
diff --git a/postfix/src/util/dict_regexp.c b/postfix/src/util/dict_regexp.c
index 8bb73bc74..9a6d607b2 100644
--- a/postfix/src/util/dict_regexp.c
+++ b/postfix/src/util/dict_regexp.c
@@ -257,9 +257,18 @@ static const char *dict_regexp_lookup(DICT *dict, const char *lookup_string)
 	    /*
 	     * Skip $number substitutions when the replacement text contains
 	     * no $number strings (as learned during the pre-scan).
+	     * 
+	     * XXX This is incorrect. Replacement text without $number
+	     * expressions may still require $$ -> $ replacement. Fixing this
+	     * requires that we save the result after pre-scanning the
+	     * replacement text. This change is too invasive for a stable
+	     * release. Since this optimization does not exist in the PCRE
+	     * module, we forego it here too.
 	     */
+#if 0
 	    if (match_rule->max_sub == 0)
 		return (match_rule->replacement);
+#endif
 
 	    /*
 	     * Perform $number substitutions on the replacement text. We
diff --git a/postfix/src/util/sys_defs.h b/postfix/src/util/sys_defs.h
index 4bddae410..b67b27301 100644
--- a/postfix/src/util/sys_defs.h
+++ b/postfix/src/util/sys_defs.h
@@ -24,7 +24,7 @@
   * 4.4BSD and close derivatives.
   */
 #if defined(FREEBSD2) || defined(FREEBSD3) || defined(FREEBSD4) \
-    || defined(FREEBSD5) \
+    || defined(FREEBSD5) || defined(FREEBSD6) \
     || defined(BSDI2) || defined(BSDI3) || defined(BSDI4) \
     || defined(OPENBSD2) || defined(OPENBSD3) \
     || defined(NETBSD1) || defined(NETBSD2) \
-- 
2.47.3