From: Wietse Venema <wietse@porcupine.org>
Date: Thu, 24 Sep 2015 05:00:00 +0000 (-0500)
Subject: postfix-3.1-20150924
X-Git-Tag: v3.1.0-RC1~15
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=c4a1fba61600f10dede776677b2ef1052d7d8d62;p=thirdparty%2Fpostfix.git

postfix-3.1-20150924
---

diff --git a/postfix/HISTORY b/postfix/HISTORY
index 1a2130d48..b78ed1fe8 100644
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@@ -21916,8 +21916,31 @@ Apologies for any names omitted.
 
 	Feature: SMTPD policy service "policy_context" attribute
 	and smtpd_policy_service_policy_context main.cf parameter.
-	Originally, to share the same SMTPD service endpoint among
-	multiple check_policy_service clients. Markus Benning.
+	Originally, to share the same SMTPD policy service endpoint
+	among multiple check_policy_service clients. Markus Benning.
 	Files: mantools/postlink, proto/SMTPD_POLICY_README.html,
 	proto/postconf.proto, global/mail_params.h, global/mail_proto.h,
 	smtpd/smtpd.c, smtpd/smtpd_check.c.
+
+20150923
+
+	Bugfix: the Postfix SMTP server used a larger-than-1 buffer
+	to read the HaProxy connection hand-off information. This
+	broke TLS wrappermode, as the TLS helo packet would end up
+	in the plaintext VSTREAM buffer. Reported by Lukas Erlacher.
+	File: smtpd/smtpd_haproxy.c.
+
+20150924
+
+	Cleanup: eliminated a harmless warning message "seek error
+	after reading END record: Illegal seek" from the cleanup
+	server after a check_sender_access DISCARD action.  File:
+	cleanup/cleanup.c.
+
+	Bugfix: incorrect postmulti error message. Reported by
+	Patrik Koetter. Fix by Viktor Dukhovni. File:
+	postmulti/postmulti.c.
+
+	Workaround: don't create a new instance when the template
+	main.cf and master.cf files are missing, as happens on
+	Debian-like systems. Viktor Dukhovni. File: conf/postmulti-script.
diff --git a/postfix/conf/postmulti-script b/postfix/conf/postmulti-script
index 349c8941d..b1aea8e0e 100644
--- a/postfix/conf/postmulti-script
+++ b/postfix/conf/postmulti-script
@@ -142,6 +142,11 @@ create|import)
 		fatal "'$config_directory' lacks a master.cf file"
 	}
 
+	test -f $meta_directory/main.cf.proto ||
+	    fatal "Missing main.cf prototype: $meta_directory/main.cf.proto"
+	test -f $meta_directory/master.cf.proto ||
+	    fatal "Missing master.cf prototype: $meta_directory/master.cf.proto"
+
 	# Create instance-specific directories
 	#
 	test -d $config_directory ||
diff --git a/postfix/src/cleanup/cleanup.c b/postfix/src/cleanup/cleanup.c
index e81dfab6e..ffd448bf2 100644
--- a/postfix/src/cleanup/cleanup.c
+++ b/postfix/src/cleanup/cleanup.c
@@ -518,7 +518,7 @@ static void cleanup_service(VSTREAM *src, char *unused_service, char **argv)
      */
     if (CLEANUP_OUT_OK(state) == 0 && type > 0) {
 	while (type != REC_TYPE_END
-	       && (type = rec_get(src, buf, 0)) > 0) {
+	       && (type = rec_get_raw(src, buf, 0, REC_FLAG_NONE)) > 0) {
 	    if (type == REC_TYPE_MILT_COUNT) {
 		int     milter_count = atoi(vstring_str(buf));
 
diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h
index a06cec645..c4390885e 100644
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -20,7 +20,7 @@
   * Patches change both the patchlevel and the release date. Snapshots have no
   * patchlevel; they change the release date only.
   */
-#define MAIL_RELEASE_DATE	"20150913"
+#define MAIL_RELEASE_DATE	"20150924"
 #define MAIL_VERSION_NUMBER	"3.1"
 
 #ifdef SNAPSHOT
diff --git a/postfix/src/postmulti/postmulti.c b/postfix/src/postmulti/postmulti.c
index 0d124ae7b..8fdc23185 100644
--- a/postfix/src/postmulti/postmulti.c
+++ b/postfix/src/postmulti/postmulti.c
@@ -1711,7 +1711,7 @@ int     main(int argc, char **argv)
 	case 'e':
 	    if ((code = EDIT_CMD_CODE(optarg)) < 0)
 		msg_fatal("Invalid '-e' edit action '%s'. Specify '%s', "
-			  "'%s', '%s', '%s', '%s', '%s', '%s', '%s' or '%s'",
+			  "'%s', '%s', '%s', '%s', '%s', '%s' or '%s'",
 			  optarg,
 			  EDIT_CMD_STR(EDIT_CMD_CREATE),
 			  EDIT_CMD_STR(EDIT_CMD_DESTROY),
@@ -1720,8 +1720,7 @@ int     main(int argc, char **argv)
 			  EDIT_CMD_STR(EDIT_CMD_ENABLE),
 			  EDIT_CMD_STR(EDIT_CMD_DISABLE),
 			  EDIT_CMD_STR(EDIT_CMD_ASSIGN),
-			  EDIT_CMD_STR(EDIT_CMD_INIT),
-			  optarg);
+			  EDIT_CMD_STR(EDIT_CMD_INIT));
 	    if (cmd_mode != code)
 		command_mode_count++;
 	    cmd_mode = code;
diff --git a/postfix/src/smtpd/smtpd_haproxy.c b/postfix/src/smtpd/smtpd_haproxy.c
index 599e3ed42..dd2dc4161 100644
--- a/postfix/src/smtpd/smtpd_haproxy.c
+++ b/postfix/src/smtpd/smtpd_haproxy.c
@@ -95,6 +95,14 @@ int     smtpd_peer_from_haproxy(SMTPD_STATE *state)
     int     io_err;
     VSTRING *escape_buf;
 
+    /*
+     * While reading HaProxy handshake information, don't buffer input beyond
+     * the end-of-line. That would break the TLS wrappermode handshake.
+     */
+    vstream_control(state->client,
+		    VSTREAM_CTL_BUFSIZE, 1,
+		    VSTREAM_CTL_END);
+
     /*
      * Note: the haproxy_srvr_parse() routine performs address protocol
      * checks, address and port syntax checks, and converts IPv4-in-IPv6
@@ -142,6 +150,13 @@ int     smtpd_peer_from_haproxy(SMTPD_STATE *state)
 	 * Avoid surprises in the Dovecot authentication server.
 	 */
 	state->dest_addr = mystrdup(smtp_server_addr.buf);
+
+	/*
+	 * Enable normal buffering.
+	 */
+	vstream_control(state->client,
+			VSTREAM_CTL_BUFSIZE, VSTREAM_BUFSIZE,
+			VSTREAM_CTL_END);
 	return (0);
     }
 }