Postfix 2.0 patchlevel 04 fixes some ancient bugs and updates the
maildir delivery code. A companion snapshot release has the same
bugfixes and some new features.
- The format of maildir filenames is synchronized with the present
version of the maildir definition document. This format was already
adopted by the 20030126 snapshot release.
- The time limit on delivery to external commands was not enforced.
This was broken probably some time before the first public Postfix
release.
- Duplicate elimination after virtual alias expansion works again.
This was broken with the introduction of the original recipient
attribute.
- The local pickup daemon dropped incomplete records from local
submissions. This was broken somewhere in the middle of 2002.
Prereq: "2.0.3"
diff -cr /tmp/postfix-2.0.3/src/global/mail_version.h ./src/global/mail_version.h
*** /tmp/postfix-2.0.3/src/global/mail_version.h Fri Jan 24 09:53:38 2003
--- ./src/global/mail_version.h Wed Feb 19 15:59:53 2003
***************
*** 20,29 ****
* Patches change the patchlevel and the release date. Snapshots change the
* release date only, unless they include the same bugfix as a patch release.
*/
! #define MAIL_RELEASE_DATE "20030124"
#define VAR_MAIL_VERSION "mail_version"
! #define DEF_MAIL_VERSION "2.0.3"
extern char *var_mail_version;
/*
--- 20,29 ----
* Patches change the patchlevel and the release date. Snapshots change the
* release date only, unless they include the same bugfix as a patch release.
*/
! #define MAIL_RELEASE_DATE "20030219"
#define VAR_MAIL_VERSION "mail_version"
! #define DEF_MAIL_VERSION "2.0.4"
extern char *var_mail_version;
/*
diff -cr /tmp/postfix-2.0.3/HISTORY ./HISTORY
*** /tmp/postfix-2.0.3/HISTORY Fri Jan 24 09:50:50 2003
--- ./HISTORY Thu Feb 20 10:26:34 2003
***************
*** 7620,7625 ****
--- 7620,7661 ----
manager, since a better test was implemented recently in
the trivial-rewrite server. Files: *qmgr/qmgr_message.c.
+ 20030126
+
+ Update: maildir filename algorithm updated according to
+ today's version of http://cr.yp.to/proto/maildir.html.
+
+ 20030127
+
+ Cleanup: use separate error messages for separate problems
+ with computing the list of SASL authentication mechanisms.
+ File: smtpd/smtpd_sasl_glue.c.
+
+ 20030130
+
+ Bugfix: allow $name in default time values. File:
+ global/mail_conf_time.c.
+
+ 20030219
+
+ Bugfix: the local pickup daemon skipped unterminated records,
+ since they happened to have the same record type code as
+ content filtering instructions. Victor Duchovni. Files:
+ global/rec_type.h, pickup/pickup.c.
+
+ Portability: Postfix could block, and thus not enforce
+ command execution time limits, while delivering mail to
+ command. File: global/pipe_command.c.
+
+ Bugfix: command execution time limits were not enforced
+ because the child process killing code in pipe_command()
+ was running with the wrong privileges. Problem reported by
+ Ben Rosengart, Panix. File: global/pipe_command.c.
+
+ Bugfix: duplicate recipient filtering in the cleanup server
+ did not eliminate virtual expansion duplicates with the
+ same original recipient. File: cleanup/cleanup_out_recipient.c.
+
Open problems:
Low: after successful delivery, per-queue window += 1/window,
diff -cr /tmp/postfix-2.0.3/README_FILES/LOCAL_RECIPIENT_README ./README_FILES/LOCAL_RECIPIENT_README
*** /tmp/postfix-2.0.3/README_FILES/LOCAL_RECIPIENT_README Thu Jan 23 23:07:29 2003
--- ./README_FILES/LOCAL_RECIPIENT_README Thu Feb 20 14:04:15 2003
***************
*** 24,29 ****
--- 24,33 ----
all names or addresses of local recipients. A recipient address is
local when the address domain matches $mydestination or $inet_interfaces.
+ The right-hand side of the lookup tables is conveniently ignored.
+ In the left-hand side, specify a bare username, an @domain.tld
+ wild-card, or specify a user@domain.tld address.
+
If the local_recipient_maps parameter value is non-empty, then the
SMTP server will reject for an unknown local recipient mail with
"User unknown in local recipient table".
diff -cr /tmp/postfix-2.0.3/RELEASE_NOTES ./RELEASE_NOTES
*** /tmp/postfix-2.0.3/RELEASE_NOTES Sun Jan 12 20:16:25 2003
--- ./RELEASE_NOTES Wed Feb 19 16:29:50 2003
***************
*** 24,29 ****
--- 24,43 ----
date. Snapshots change only the release date, unless they include
the same bugfixes as a patch release.
+ Incompatible changes with Postfix version 2.0.4 (released 20030219)
+ ===================================================================
+
+ The maildir file naming algorithm has changed in accordance with
+ an updated version of http://cr.yp.to/proto/maildir.html. The name
+ is now TIME.VdevIinum.HOST
+
+ Incompatible changes with Postfix version 2.0.3 (released 20030124)
+ ===================================================================
+
+ The maildir file naming algorithm has changed. Pending a usable
+ version of http://cr.yp.to/proto/maildir.html, the name is now
+ TIME.DEV_INUM.HOST.
+
Incompatible changes with Postfix version 2.0.1 (released 20030112)
===================================================================
diff -cr /tmp/postfix-2.0.3/conf/access ./conf/access
*** /tmp/postfix-2.0.3/conf/access Wed Dec 18 21:18:42 2002
--- ./conf/access Sat Jan 25 17:48:23 2003
***************
*** 164,201 ****
# about content filters is in the Postfix FIL-
# TER_README file.
#
! # Note: this action currently affects all recipients
! # of the message.
#
# restriction...
# Apply the named UCE restriction(s) (permit, reject,
# reject_unauth_destination, and so on).
#
# REGULAR EXPRESSION TABLES
! # This section describes how the table lookups change when
# the table is given in the form of regular expressions. For
! # a description of regular expression lookup table syntax,
# see regexp_table(5) or pcre_table(5).
#
! # Each pattern is a regular expression that is applied to
# the entire string being looked up. Depending on the appli-
! # cation, that string is an entire client hostname, an
# entire client IP address, or an entire mail address. Thus,
# no parent domain or parent network search is done,
! # user@domain mail addresses are not broken up into their
# user@ and domain constituent parts, nor is user+foo broken
# up into user and foo.
#
! # Patterns are applied in the order as specified in the
! # table, until a pattern is found that matches the search
# string.
#
! # Actions are the same as with indexed file lookups, with
! # the additional feature that parenthesized substrings from
# the pattern can be interpolated as $1, $2 and so on.
#
# BUGS
! # The table format does not understand quoting conventions.
#
# SEE ALSO
# postmap(1) create mapping table
--- 164,202 ----
# about content filters is in the Postfix FIL-
# TER_README file.
#
! # Note: this action overrides the main.cf con-
! # tent_filter setting, and currently affects all
! # recipients of the message.
#
# restriction...
# Apply the named UCE restriction(s) (permit, reject,
# reject_unauth_destination, and so on).
#
# REGULAR EXPRESSION TABLES
! # This section describes how the table lookups change when
# the table is given in the form of regular expressions. For
! # a description of regular expression lookup table syntax,
# see regexp_table(5) or pcre_table(5).
#
! # Each pattern is a regular expression that is applied to
# the entire string being looked up. Depending on the appli-
! # cation, that string is an entire client hostname, an
# entire client IP address, or an entire mail address. Thus,
# no parent domain or parent network search is done,
! # user@domain mail addresses are not broken up into their
# user@ and domain constituent parts, nor is user+foo broken
# up into user and foo.
#
! # Patterns are applied in the order as specified in the
! # table, until a pattern is found that matches the search
# string.
#
! # Actions are the same as with indexed file lookups, with
! # the additional feature that parenthesized substrings from
# the pattern can be interpolated as $1, $2 and so on.
#
# BUGS
! # The table format does not understand quoting conventions.
#
# SEE ALSO
# postmap(1) create mapping table
***************
*** 204,210 ****
# regexp_table(5) format of POSIX regular expression tables
#
# LICENSE
! # The Secure Mailer license must be distributed with this
# software.
#
# AUTHOR(S)
--- 205,211 ----
# regexp_table(5) format of POSIX regular expression tables
#
# LICENSE
! # The Secure Mailer license must be distributed with this
# software.
#
# AUTHOR(S)
diff -cr /tmp/postfix-2.0.3/conf/main.cf ./conf/main.cf
*** /tmp/postfix-2.0.3/conf/main.cf Thu Jan 23 20:42:20 2003
--- ./conf/main.cf Thu Feb 20 09:44:47 2003
***************
*** 188,193 ****
--- 188,197 ----
# to access the passwd file via the proxymap service, in order to
# overcome chroot restrictions. The alternative, having a copy of
# the system passwd file in the chroot jail is just not practical.
+ #
+ # The right-hand side of the lookup tables is conveniently ignored.
+ # In the left-hand side, specify a bare username, an @domain.tld
+ # wild-card, or specify a user@domain.tld address.
#
#local_recipient_maps = unix:passwd.byname $alias_maps
#local_recipient_maps = proxy:unix:passwd.byname $alias_maps
***************
*** 307,312 ****
--- 311,320 ----
#
# If this parameter is defined, then the SMTP server will reject
# mail for unknown relay users. This feature is off by default.
+ #
+ # The right-hand side of the lookup tables is conveniently ignored.
+ # In the left-hand side, specify an @domain.tld wild-card, or specify
+ # a user@domain.tld address.
#
#relay_recipient_maps = hash:/etc/postfix/relay_recipients
diff -cr /tmp/postfix-2.0.3/conf/sample-pcre-body.cf ./conf/sample-pcre-body.cf
*** /tmp/postfix-2.0.3/conf/sample-pcre-body.cf Tue Sep 17 13:14:00 2002
--- ./conf/sample-pcre-body.cf Sat Jan 25 17:43:59 2003
***************
*** 51,57 ****
# and after the filter, with header/body
# checks turned off in the second cleanup
# server. More information about content filters
! # is in the Postfix FILTER_README file.
#
# Substitution of sub-strings from the matched expression is
# possible using the conventional perl syntax. The macros in the
--- 51,58 ----
# and after the filter, with header/body
# checks turned off in the second cleanup
# server. More information about content filters
! # is in the Postfix FILTER_README file. This feature
! # overrides the main.cf content_filter setting.
#
# Substitution of sub-strings from the matched expression is
# possible using the conventional perl syntax. The macros in the
diff -cr /tmp/postfix-2.0.3/conf/sample-pcre-header.cf ./conf/sample-pcre-header.cf
*** /tmp/postfix-2.0.3/conf/sample-pcre-header.cf Tue Jan 7 16:55:37 2003
--- ./conf/sample-pcre-header.cf Sat Jan 25 17:45:18 2003
***************
*** 52,58 ****
# and after the filter, with header/body
# checks turned off in the second cleanup
# server. More information about content filters
! # is in the Postfix FILTER_README file.
#
# Substitution of sub-strings from the matched expression is
# possible using the conventional perl syntax. The macros in the
--- 52,59 ----
# and after the filter, with header/body
# checks turned off in the second cleanup
# server. More information about content filters
! # is in the Postfix FILTER_README file. This feature
! # overrides the main.cf content_filter setting.
#
# Substitution of sub-strings from the matched expression is
# possible using the conventional perl syntax. The macros in the
diff -cr /tmp/postfix-2.0.3/conf/sample-regexp-body.cf ./conf/sample-regexp-body.cf
*** /tmp/postfix-2.0.3/conf/sample-regexp-body.cf Sat Dec 21 21:29:19 2002
--- ./conf/sample-regexp-body.cf Sat Jan 25 17:45:52 2003
***************
*** 43,49 ****
# After the message is queued, send the entire message through
# a content filter. This requires different cleanup servers
# before and after the filter, with header/body checks turned
! # off in the second cleanup server.
# Skip over base 64 encoded blocks. This saves lots of CPU cycles.
# Expressions by Liviu Daia. Amended by Victor Duchovni.
--- 43,50 ----
# After the message is queued, send the entire message through
# a content filter. This requires different cleanup servers
# before and after the filter, with header/body checks turned
! # off in the second cleanup server. This overrides the main.cf
! # content filter setting.
# Skip over base 64 encoded blocks. This saves lots of CPU cycles.
# Expressions by Liviu Daia. Amended by Victor Duchovni.
diff -cr /tmp/postfix-2.0.3/conf/sample-regexp-header.cf ./conf/sample-regexp-header.cf
*** /tmp/postfix-2.0.3/conf/sample-regexp-header.cf Sun Jan 12 12:11:06 2003
--- ./conf/sample-regexp-header.cf Sat Jan 25 17:46:20 2003
***************
*** 43,49 ****
# After the message is queued, send the entire message through
# a content filter. This requires different cleanup servers
# before and after the filter, with header/body checks turned
! # off in the second cleanup server.
/^Subject: Make Money Fast/ REJECT
/^To: friend@public.com/ REJECT
--- 43,50 ----
# After the message is queued, send the entire message through
# a content filter. This requires different cleanup servers
# before and after the filter, with header/body checks turned
! # off in the second cleanup server. This overrides the main.cf
! # content filter setting.
/^Subject: Make Money Fast/ REJECT
/^To: friend@public.com/ REJECT
diff -cr /tmp/postfix-2.0.3/conf/sample-smtpd.cf ./conf/sample-smtpd.cf
*** /tmp/postfix-2.0.3/conf/sample-smtpd.cf Sun Jan 12 12:01:46 2003
--- ./conf/sample-smtpd.cf Thu Feb 20 14:02:55 2003
***************
*** 32,42 ****
--- 32,48 ----
# - You use the "luser_relay", "mailbox_transport", or "fallback_transport"
# feature of the Postfix local delivery agent (see sample-local.cf).
#
+ # Details are described in the LOCAL_RECIPIENT_README file.
+ #
# Beware: if the Postfix SMTP server runs chrooted, you probably have
# to access the passwd file via the proxymap service, in order to
# overcome chroot restrictions. The alternative, having a copy of
# the system passwd file in the chroot jail is just not practical.
#
+ # The right-hand side of the lookup tables is conveniently ignored.
+ # In the left-hand side, specify a bare username, an @domain.tld
+ # wild-card, or specify a user@domain.tld address.
+ #
#local_recipient_maps =
#local_recipient_maps = unix:passwd.byname $alias_maps
local_recipient_maps = proxy:unix:passwd.byname $alias_maps
***************
*** 60,65 ****
--- 66,75 ----
#
# If this parameter is defined, then the SMTP server will reject
# mail for unknown relay users. This feature is off by default.
+ #
+ # The right-hand side of the lookup tables is conveniently ignored.
+ # In the left-hand side, specify an @domain.tld wild-card, or specify
+ # a user@domain.tld address.
#
#relay_recipient_maps = hash:/etc/postfix/relay_recipients
***************
*** 266,271 ****
--- 276,282 ----
# Discard the message if the result is DISCARD text...
# Hold the message in the queue if the result is HOLD text...
# Release mail "on hold" with the postsuper(1) command.
+ # Filter the message if the result is FILTER transport:nexthop.
# Permit the SMTP client if the result is OK or all numerical.
# reject_rbl_client domain.tld: reject if the reversed client IP address
# is listed in an A record under domain.tld.
***************
*** 312,317 ****
--- 323,329 ----
# Discard the message if the result is DISCARD text...
# Hold the message in the queue if the result is HOLD text...
# Release mail "on hold" with the postsuper(1) command.
+ # Filter the message if the result is FILTER transport:nexthop.
# Permit the HELO command if the result is OK or all numerical.
# reject: reject the request. Place this at the end of a restriction.
# permit: permit the request. Place this at the end of a restriction.
***************
*** 349,354 ****
--- 361,367 ----
# Discard the message if the result is DISCARD text...
# Hold the message in the queue if the result is HOLD text...
# Release mail "on hold" with the postsuper(1) command.
+ # Filter the message if the result is FILTER transport:nexthop.
# Permit the sender if the result is OK or all numerical.
# reject_sender_login_mismatch: reject if $smtpd_sender_login_maps specifies
# a MAIL FROM address owner, but the client is not (SASL) logged in as
***************
*** 420,425 ****
--- 433,439 ----
# Discard the message if the result is DISCARD text...
# Hold the message in the queue if the result is HOLD text...
# Release mail "on hold" with the postsuper(1) command.
+ # Filter the message if the result is FILTER transport:nexthop.
# Permit the recipient if the result is OK or all numerical.
# reject_non_fqdn_recipient: reject recipient address that is not in FQDN form
# reject: reject the request. Place this at the end of a restriction.
diff -cr /tmp/postfix-2.0.3/html/access.5.html ./html/access.5.html
*** /tmp/postfix-2.0.3/html/access.5.html Wed Dec 18 21:18:45 2002
--- ./html/access.5.html Sat Jan 25 17:48:24 2003
***************
*** 165,202 ****
about content filters is in the Postfix FIL-
TER_README file.
! Note: this action currently affects all recipients
! of the message.
restriction...
Apply the named UCE restriction(s) (permit, reject,
reject_unauth_destination, and so on).
REGULAR EXPRESSION TABLES
! This section describes how the table lookups change when
the table is given in the form of regular expressions. For
! a description of regular expression lookup table syntax,
see regexp_table(5) or pcre_table(5).
! Each pattern is a regular expression that is applied to
the entire string being looked up. Depending on the appli-
! cation, that string is an entire client hostname, an
entire client IP address, or an entire mail address. Thus,
no parent domain or parent network search is done,
! user@domain mail addresses are not broken up into their
user@ and domain constituent parts, nor is user+foo broken
up into user and foo.
! Patterns are applied in the order as specified in the
! table, until a pattern is found that matches the search
string.
! Actions are the same as with indexed file lookups, with
! the additional feature that parenthesized substrings from
the pattern can be interpolated as $1, $2 and so on.
BUGS
! The table format does not understand quoting conventions.
SEE ALSO
postmap(1) create mapping table
--- 165,203 ----
about content filters is in the Postfix FIL-
TER_README file.
! Note: this action overrides the main.cf con-
! tent_filter setting, and currently affects all
! recipients of the message.
restriction...
Apply the named UCE restriction(s) (permit, reject,
reject_unauth_destination, and so on).
REGULAR EXPRESSION TABLES
! This section describes how the table lookups change when
the table is given in the form of regular expressions. For
! a description of regular expression lookup table syntax,
see regexp_table(5) or pcre_table(5).
! Each pattern is a regular expression that is applied to
the entire string being looked up. Depending on the appli-
! cation, that string is an entire client hostname, an
entire client IP address, or an entire mail address. Thus,
no parent domain or parent network search is done,
! user@domain mail addresses are not broken up into their
user@ and domain constituent parts, nor is user+foo broken
up into user and foo.
! Patterns are applied in the order as specified in the
! table, until a pattern is found that matches the search
string.
! Actions are the same as with indexed file lookups, with
! the additional feature that parenthesized substrings from
the pattern can be interpolated as $1, $2 and so on.
BUGS
! The table format does not understand quoting conventions.
SEE ALSO
postmap(1) create mapping table
***************
*** 205,211 ****
regexp_table(5) format of POSIX regular expression tables
LICENSE
! The Secure Mailer license must be distributed with this
software.
AUTHOR(S)
--- 206,212 ----
regexp_table(5) format of POSIX regular expression tables
LICENSE
! The Secure Mailer license must be distributed with this
software.
AUTHOR(S)
diff -cr /tmp/postfix-2.0.3/man/man5/access.5 ./man/man5/access.5
*** /tmp/postfix-2.0.3/man/man5/access.5 Wed Dec 18 21:18:43 2002
--- ./man/man5/access.5 Sat Jan 25 17:48:24 2003
***************
*** 152,158 ****
a content filter. More information about content filters
is in the Postfix FILTER_README file.
.sp
! Note: this action currently affects all recipients of the message.
.IP \fIrestriction...\fR
Apply the named UCE restriction(s) (\fBpermit\fR, \fBreject\fR,
\fBreject_unauth_destination\fR, and so on).
--- 152,159 ----
a content filter. More information about content filters
is in the Postfix FILTER_README file.
.sp
! Note: this action overrides the \fBmain.cf content_filter\fR setting,
! and currently affects all recipients of the message.
.IP \fIrestriction...\fR
Apply the named UCE restriction(s) (\fBpermit\fR, \fBreject\fR,
\fBreject_unauth_destination\fR, and so on).
diff -cr /tmp/postfix-2.0.3/proto/access ./proto/access
*** /tmp/postfix-2.0.3/proto/access Wed Dec 18 21:01:46 2002
--- ./proto/access Sat Jan 25 17:42:46 2003
***************
*** 136,142 ****
# a content filter. More information about content filters
# is in the Postfix FILTER_README file.
# .sp
! # Note: this action currently affects all recipients of the message.
# .IP \fIrestriction...\fR
# Apply the named UCE restriction(s) (\fBpermit\fR, \fBreject\fR,
# \fBreject_unauth_destination\fR, and so on).
--- 136,143 ----
# a content filter. More information about content filters
# is in the Postfix FILTER_README file.
# .sp
! # Note: this action overrides the \fBmain.cf content_filter\fR setting,
! # and currently affects all recipients of the message.
# .IP \fIrestriction...\fR
# Apply the named UCE restriction(s) (\fBpermit\fR, \fBreject\fR,
# \fBreject_unauth_destination\fR, and so on).
diff -cr /tmp/postfix-2.0.3/src/cleanup/cleanup_out_recipient.c ./src/cleanup/cleanup_out_recipient.c
*** /tmp/postfix-2.0.3/src/cleanup/cleanup_out_recipient.c Tue Dec 3 10:59:39 2002
--- ./src/cleanup/cleanup_out_recipient.c Wed Feb 19 15:49:54 2003
***************
*** 69,93 ****
char **cpp;
/*
! * Apply the duplicate recipient filter before virtual expansion, so that
! * we can distinguish between different addresses that map onto the same
! * mailbox. The recipient will use our original recipient message header
! * to figure things out.
*/
- if (been_here_fixed(state->dups, recip) != 0)
- return;
-
if (cleanup_virt_alias_maps == 0) {
! cleanup_out_string(state, REC_TYPE_ORCP, orcpt);
! cleanup_out_string(state, REC_TYPE_RCPT, recip);
! state->rcpt_count++;
} else {
argv = cleanup_map1n_internal(state, recip, cleanup_virt_alias_maps,
cleanup_ext_prop_mask & EXT_PROP_VIRTUAL);
for (cpp = argv->argv; *cpp; cpp++) {
! cleanup_out_string(state, REC_TYPE_ORCP, orcpt);
! cleanup_out_string(state, REC_TYPE_RCPT, *cpp);
! state->rcpt_count++;
}
argv_free(argv);
}
--- 69,93 ----
char **cpp;
/*
! * Distinguish between different original recipient addresses that map
! * onto the same mailbox. The recipient will use our original recipient
! * message header to figure things out.
*/
if (cleanup_virt_alias_maps == 0) {
! if (been_here(state->dups, "%s\n%s", orcpt, recip) == 0) {
! cleanup_out_string(state, REC_TYPE_ORCP, orcpt);
! cleanup_out_string(state, REC_TYPE_RCPT, recip);
! state->rcpt_count++;
! }
} else {
argv = cleanup_map1n_internal(state, recip, cleanup_virt_alias_maps,
cleanup_ext_prop_mask & EXT_PROP_VIRTUAL);
for (cpp = argv->argv; *cpp; cpp++) {
! if (been_here(state->dups, "%s\n%s", orcpt, *cpp) == 0) {
! cleanup_out_string(state, REC_TYPE_ORCP, orcpt);
! cleanup_out_string(state, REC_TYPE_RCPT, *cpp);
! state->rcpt_count++;
! }
}
argv_free(argv);
}
diff -cr /tmp/postfix-2.0.3/src/global/Makefile.in ./src/global/Makefile.in
*** /tmp/postfix-2.0.3/src/global/Makefile.in Sun Jan 12 12:17:39 2003
--- ./src/global/Makefile.in Wed Feb 19 19:22:49 2003
***************
*** 1022,1027 ****
--- 1022,1028 ----
pipe_command.o: ../../include/iostuff.h
pipe_command.o: ../../include/timed_wait.h
pipe_command.o: ../../include/set_ugid.h
+ pipe_command.o: ../../include/set_eugid.h
pipe_command.o: ../../include/argv.h
pipe_command.o: mail_params.h
pipe_command.o: mail_copy.h
diff -cr /tmp/postfix-2.0.3/src/global/mail_conf_time.c ./src/global/mail_conf_time.c
*** /tmp/postfix-2.0.3/src/global/mail_conf_time.c Mon Dec 10 19:47:55 2001
--- ./src/global/mail_conf_time.c Thu Jan 30 16:07:35 2003
***************
*** 140,146 ****
{
const char *cp;
! for (cp = defval; /* void */ ; cp++) {
if (*cp == 0)
msg_panic("parameter %s: missing time unit in default value: %s",
name, defval);
--- 140,146 ----
{
const char *cp;
! for (cp = mail_conf_eval(defval); /* void */ ; cp++) {
if (*cp == 0)
msg_panic("parameter %s: missing time unit in default value: %s",
name, defval);
diff -cr /tmp/postfix-2.0.3/src/global/pipe_command.c ./src/global/pipe_command.c
*** /tmp/postfix-2.0.3/src/global/pipe_command.c Fri Oct 25 21:12:10 2002
--- ./src/global/pipe_command.c Wed Feb 19 18:37:15 2003
***************
*** 132,137 ****
--- 132,138 ----
#include
#include
#include
+ #include
#include
/* Global library. */
***************
*** 292,300 ****
}
}
/* pipe_command_wait_or_kill - wait for command with time limit, or kill it */
! static int pipe_command_wait_or_kill(pid_t pid, WAIT_STATUS_T *statusp, int sig)
{
int maxtime = (pipe_command_timeout == 0) ? pipe_command_maxtime : 1;
char *myname = "pipe_command_wait_or_kill";
--- 293,320 ----
}
}
+ /* kill_command - terminate command forcibly */
+
+ static void kill_command(pid_t pid, int sig, uid_t kill_uid, gid_t kill_gid)
+ {
+ pid_t saved_euid = geteuid();
+ gid_t saved_egid = getegid();
+
+ /*
+ * Switch privileges to that of the child process. Terminate the child
+ * and its offspring.
+ */
+ set_eugid(kill_uid, kill_gid);
+ if (kill(-pid, sig) < 0 && kill(pid, sig) < 0)
+ msg_warn("cannot kill process (group) %lu: %m",
+ (unsigned long) pid);
+ set_eugid(saved_euid, saved_egid);
+ }
+
/* pipe_command_wait_or_kill - wait for command with time limit, or kill it */
! static int pipe_command_wait_or_kill(pid_t pid, WAIT_STATUS_T *statusp, int sig,
! uid_t kill_uid, gid_t kill_gid)
{
int maxtime = (pipe_command_timeout == 0) ? pipe_command_maxtime : 1;
char *myname = "pipe_command_wait_or_kill";
***************
*** 309,315 ****
msg_info("%s: time limit exceeded", myname);
pipe_command_timeout = 1;
}
! kill(-pid, sig);
n = waitpid(pid, statusp, 0);
}
return (n);
--- 329,335 ----
msg_info("%s: time limit exceeded", myname);
pipe_command_timeout = 1;
}
! kill_command(pid, sig, kill_uid, kill_gid);
n = waitpid(pid, statusp, 0);
}
return (n);
***************
*** 358,367 ****
--- 378,391 ----
* truncated without too much loss. I could even argue that truncating
* the amount of diagnostic output is a good thing to do, but I won't go
* that far.
+ *
+ * Turn on non-blocking writes to the child process so that we can enforce
+ * timeouts after partial writes.
*/
if (pipe(cmd_in_pipe) < 0 || pipe(cmd_out_pipe) < 0)
msg_fatal("%s: pipe: %m", myname);
non_blocking(cmd_out_pipe[1], NON_BLOCKING);
+ non_blocking(cmd_in_pipe[1], NON_BLOCKING);
/*
* Spawn off a child process and irrevocably change privilege to the
***************
*** 488,495 ****
* not just the child process but also its offspring.
*/
if (pipe_command_timeout)
! (void) kill(-pid, SIGKILL);
! if (pipe_command_wait_or_kill(pid, &wait_status, SIGKILL) < 0)
msg_fatal("wait: %m");
if (pipe_command_timeout) {
vstring_sprintf(why, "Command time limit exceeded: \"%s\"%s%s",
--- 512,520 ----
* not just the child process but also its offspring.
*/
if (pipe_command_timeout)
! kill_command(pid, SIGKILL, args.uid, args.gid);
! if (pipe_command_wait_or_kill(pid, &wait_status, SIGKILL,
! args.uid, args.gid) < 0)
msg_fatal("wait: %m");
if (pipe_command_timeout) {
vstring_sprintf(why, "Command time limit exceeded: \"%s\"%s%s",
diff -cr /tmp/postfix-2.0.3/src/global/rec_type.h ./src/global/rec_type.h
*** /tmp/postfix-2.0.3/src/global/rec_type.h Thu Aug 22 09:06:52 2002
--- ./src/global/rec_type.h Wed Feb 19 09:25:24 2003
***************
*** 63,72 ****
* this is "postfix internal" information. However, the pickup server has to
* allow for the presence of A records in the extracted segment, because it
* can be requested to re-process already queued mail with `postsuper -r'.
*/
#define REC_TYPE_ENVELOPE "MCTFILSDROWVA"
#define REC_TYPE_CONTENT "XLN"
! #define REC_TYPE_EXTRACT "EDROPreAFI"
/*
* The record at the beginning of the envelope segment specifies the message
--- 63,75 ----
* this is "postfix internal" information. However, the pickup server has to
* allow for the presence of A records in the extracted segment, because it
* can be requested to re-process already queued mail with `postsuper -r'.
+ *
+ * Note: REC_TYPE_FILT and REC_TYPE_CONT are encoded with the same 'L'
+ * constant, and it is too late to change that now.
*/
#define REC_TYPE_ENVELOPE "MCTFILSDROWVA"
#define REC_TYPE_CONTENT "XLN"
! #define REC_TYPE_EXTRACT "EDROPreAFIL"
/*
* The record at the beginning of the envelope segment specifies the message
diff -cr /tmp/postfix-2.0.3/src/local/maildir.c ./src/local/maildir.c
*** /tmp/postfix-2.0.3/src/local/maildir.c Thu Jan 23 18:19:00 2003
--- ./src/local/maildir.c Wed Feb 19 14:16:03 2003
***************
*** 134,144 ****
* the file to new/ we use the device number and inode number. I do not
* care if this breaks on a remote AFS file system, because people should
* know better.
*/
#define STR vstring_str
set_eugid(usr_attr.uid, usr_attr.gid);
! vstring_sprintf(buf, "%lu.%d.%s",
(unsigned long) starttime, var_pid, get_hostname());
tmpfile = concatenate(tmpdir, STR(buf), (char *) 0);
newfile = 0;
--- 134,174 ----
* the file to new/ we use the device number and inode number. I do not
* care if this breaks on a remote AFS file system, because people should
* know better.
+ *
+ * On January 26, 2003, http://cr.yp.to/proto/maildir.html said:
+ *
+ * A unique name has three pieces, separated by dots. On the left is the
+ * result of time() or the second counter from gettimeofday(). On the
+ * right is the result of gethostname(). (To deal with invalid host
+ * names, replace / with \057 and : with \072.) In the middle is a
+ * delivery identifier, discussed below.
+ *
+ * [...]
+ *
+ * Modern delivery identifiers are created by concatenating enough of the
+ * following strings to guarantee uniqueness:
+ *
+ * [...]
+ *
+ * In, where n is (in hexadecimal) the UNIX inode number of this file.
+ * Unfortunately, inode numbers aren't always available through NFS.
+ *
+ * Vn, where n is (in hexadecimal) the UNIX device number of this file.
+ * Unfortunately, device numbers aren't always available through NFS.
+ * (Device numbers are also not helpful with the standard UNIX
+ * filesystem: a maildir has to be within a single UNIX device for link()
+ * and rename() to work.)
+ *
+ * [...]
+ *
+ * Pn, where n is (in decimal) the process ID.
+ *
+ * [...]
*/
#define STR vstring_str
set_eugid(usr_attr.uid, usr_attr.gid);
! vstring_sprintf(buf, "%lu.P%d.%s",
(unsigned long) starttime, var_pid, get_hostname());
tmpfile = concatenate(tmpdir, STR(buf), (char *) 0);
newfile = 0;
***************
*** 150,156 ****
} else if (fstat(vstream_fileno(dst), &st) < 0) {
vstring_sprintf(why, "create %s: %m", tmpfile);
} else {
! vstring_sprintf(buf, "%lu.%lu_%lu.%s",
(unsigned long) starttime, (unsigned long) st.st_dev,
(unsigned long) st.st_ino, get_hostname());
newfile = concatenate(newdir, STR(buf), (char *) 0);
--- 180,186 ----
} else if (fstat(vstream_fileno(dst), &st) < 0) {
vstring_sprintf(why, "create %s: %m", tmpfile);
} else {
! vstring_sprintf(buf, "%lu.V%lxI%lx.%s",
(unsigned long) starttime, (unsigned long) st.st_dev,
(unsigned long) st.st_ino, get_hostname());
newfile = concatenate(newdir, STR(buf), (char *) 0);
diff -cr /tmp/postfix-2.0.3/src/pickup/pickup.c ./src/pickup/pickup.c
*** /tmp/postfix-2.0.3/src/pickup/pickup.c Wed Dec 18 21:01:46 2002
--- ./src/pickup/pickup.c Wed Feb 19 09:51:38 2003
***************
*** 224,230 ****
if (type == REC_TYPE_INSP)
/* Use current content inspection settings instead. */
continue;
! if (type == REC_TYPE_FILT)
/* Use current content filter settings instead. */
continue;
else {
--- 224,235 ----
if (type == REC_TYPE_INSP)
/* Use current content inspection settings instead. */
continue;
!
! /*
! * XXX Workaround: REC_TYPE_FILT (used in envelopes) == REC_TYPE_CONT
! * (used in message content).
! */
! if (type == REC_TYPE_FILT && *expected != REC_TYPE_CONTENT[0])
/* Use current content filter settings instead. */
continue;
else {
diff -cr /tmp/postfix-2.0.3/src/proxymap/proxymap.c ./src/proxymap/proxymap.c
*** /tmp/postfix-2.0.3/src/proxymap/proxymap.c Sun Jan 12 19:39:25 2003
--- ./src/proxymap/proxymap.c Sat Jan 25 16:04:42 2003
***************
*** 149,162 ****
char *var_local_rcpt_maps;
char *var_virt_alias_maps;
char *var_virt_alias_doms;
! char *var_virt_mbox_maps;
! char *var_virt_mbox_doms;
char *var_relay_rcpt_maps;
char *var_relay_domains;
char *var_canonical_maps;
char *var_send_canon_maps;
char *var_rcpt_canon_maps;
! char *var_relocatedmaps;
char *var_transport_maps;
char *var_proxy_read_maps;
--- 149,162 ----
char *var_local_rcpt_maps;
char *var_virt_alias_maps;
char *var_virt_alias_doms;
! char *var_virt_mailbox_maps;
! char *var_virt_mailbox_doms;
char *var_relay_rcpt_maps;
char *var_relay_domains;
char *var_canonical_maps;
char *var_send_canon_maps;
char *var_rcpt_canon_maps;
! char *var_relocated_maps;
char *var_transport_maps;
char *var_proxy_read_maps;
***************
*** 385,398 ****
VAR_LOCAL_RCPT_MAPS, DEF_LOCAL_RCPT_MAPS, &var_local_rcpt_maps, 0, 0,
VAR_VIRT_ALIAS_MAPS, DEF_VIRT_ALIAS_MAPS, &var_virt_alias_maps, 0, 0,
VAR_VIRT_ALIAS_DOMS, DEF_VIRT_ALIAS_DOMS, &var_virt_alias_doms, 0, 0,
! VAR_VIRT_MAILBOX_MAPS, DEF_VIRT_MAILBOX_MAPS, &var_virt_mbox_maps, 0, 0,
! VAR_VIRT_MAILBOX_DOMS, DEF_VIRT_MAILBOX_DOMS, &var_virt_mbox_doms, 0, 0,
VAR_RELAY_RCPT_MAPS, DEF_RELAY_RCPT_MAPS, &var_relay_rcpt_maps, 0, 0,
VAR_RELAY_DOMAINS, DEF_RELAY_DOMAINS, &var_relay_domains, 0, 0,
VAR_CANONICAL_MAPS, DEF_CANONICAL_MAPS, &var_canonical_maps, 0, 0,
VAR_SEND_CANON_MAPS, DEF_SEND_CANON_MAPS, &var_send_canon_maps, 0, 0,
VAR_RCPT_CANON_MAPS, DEF_RCPT_CANON_MAPS, &var_rcpt_canon_maps, 0, 0,
! VAR_RELOCATED_MAPS, DEF_RELOCATED_MAPS, &var_relocatedmaps, 0, 0,
VAR_TRANSPORT_MAPS, DEF_TRANSPORT_MAPS, &var_transport_maps, 0, 0,
VAR_PROXY_READ_MAPS, DEF_PROXY_READ_MAPS, &var_proxy_read_maps, 0, 0,
0,
--- 385,398 ----
VAR_LOCAL_RCPT_MAPS, DEF_LOCAL_RCPT_MAPS, &var_local_rcpt_maps, 0, 0,
VAR_VIRT_ALIAS_MAPS, DEF_VIRT_ALIAS_MAPS, &var_virt_alias_maps, 0, 0,
VAR_VIRT_ALIAS_DOMS, DEF_VIRT_ALIAS_DOMS, &var_virt_alias_doms, 0, 0,
! VAR_VIRT_MAILBOX_MAPS, DEF_VIRT_MAILBOX_MAPS, &var_virt_mailbox_maps, 0, 0,
! VAR_VIRT_MAILBOX_DOMS, DEF_VIRT_MAILBOX_DOMS, &var_virt_mailbox_doms, 0, 0,
VAR_RELAY_RCPT_MAPS, DEF_RELAY_RCPT_MAPS, &var_relay_rcpt_maps, 0, 0,
VAR_RELAY_DOMAINS, DEF_RELAY_DOMAINS, &var_relay_domains, 0, 0,
VAR_CANONICAL_MAPS, DEF_CANONICAL_MAPS, &var_canonical_maps, 0, 0,
VAR_SEND_CANON_MAPS, DEF_SEND_CANON_MAPS, &var_send_canon_maps, 0, 0,
VAR_RCPT_CANON_MAPS, DEF_RCPT_CANON_MAPS, &var_rcpt_canon_maps, 0, 0,
! VAR_RELOCATED_MAPS, DEF_RELOCATED_MAPS, &var_relocated_maps, 0, 0,
VAR_TRANSPORT_MAPS, DEF_TRANSPORT_MAPS, &var_transport_maps, 0, 0,
VAR_PROXY_READ_MAPS, DEF_PROXY_READ_MAPS, &var_proxy_read_maps, 0, 0,
0,
diff -cr /tmp/postfix-2.0.3/src/smtpd/smtpd_check.c ./src/smtpd/smtpd_check.c
*** /tmp/postfix-2.0.3/src/smtpd/smtpd_check.c Sat Jan 18 11:04:57 2003
--- ./src/smtpd/smtpd_check.c Sat Jan 25 17:56:39 2003
***************
*** 1674,1684 ****
*/
if (STREQUAL(value, "FILTER", cmd_len)) {
if (*cmd_text == 0) {
! msg_warn("access map %s entry %s has FILTER entry without value",
table, datum);
return (SMTPD_CHECK_DUNNO);
} else if (strchr(cmd_text, ':') == 0) {
! msg_warn("access map %s entry %s requires transport:destination",
table, datum);
return (SMTPD_CHECK_DUNNO);
} else {
--- 1674,1684 ----
*/
if (STREQUAL(value, "FILTER", cmd_len)) {
if (*cmd_text == 0) {
! msg_warn("access map %s entry \"%s\" has FILTER entry without value",
table, datum);
return (SMTPD_CHECK_DUNNO);
} else if (strchr(cmd_text, ':') == 0) {
! msg_warn("access map %s entry \"%s\" requires transport:destination",
table, datum);
return (SMTPD_CHECK_DUNNO);
} else {
diff -cr /tmp/postfix-2.0.3/src/smtpd/smtpd_sasl_glue.c ./src/smtpd/smtpd_sasl_glue.c
*** /tmp/postfix-2.0.3/src/smtpd/smtpd_sasl_glue.c Sat Aug 17 19:13:34 2002
--- ./src/smtpd/smtpd_sasl_glue.c Mon Jan 27 09:06:14 2003
***************
*** 310,317 ****
"", " ", "",
&state->sasl_mechanism_list,
IGNORE_MECHANISM_LEN,
! &sasl_mechanism_count) != SASL_OK
! || sasl_mechanism_count <= 0)
msg_fatal("no SASL authentication mechanisms");
}
--- 310,318 ----
"", " ", "",
&state->sasl_mechanism_list,
IGNORE_MECHANISM_LEN,
! &sasl_mechanism_count) != SASL_OK)
! msg_fatal("cannot lookup SASL authentication mechanisms");
! if (sasl_mechanism_count <= 0)
msg_fatal("no SASL authentication mechanisms");
}
diff -cr /tmp/postfix-2.0.3/src/util/Makefile.in ./src/util/Makefile.in
*** /tmp/postfix-2.0.3/src/util/Makefile.in Sun Jan 12 12:17:34 2003
--- ./src/util/Makefile.in Wed Feb 19 19:22:20 2003
***************
*** 624,629 ****
--- 624,641 ----
dict_open.o: htable.h
dict_pcre.o: dict_pcre.c
dict_pcre.o: sys_defs.h
+ dict_pcre.o: mymalloc.h
+ dict_pcre.o: msg.h
+ dict_pcre.o: safe.h
+ dict_pcre.o: vstream.h
+ dict_pcre.o: vbuf.h
+ dict_pcre.o: vstring.h
+ dict_pcre.o: stringops.h
+ dict_pcre.o: readlline.h
+ dict_pcre.o: dict.h
+ dict_pcre.o: argv.h
+ dict_pcre.o: dict_pcre.h
+ dict_pcre.o: mac_parse.h
dict_regexp.o: dict_regexp.c
dict_regexp.o: sys_defs.h
dict_regexp.o: mymalloc.h
diff -cr /tmp/postfix-2.0.3/src/virtual/maildir.c ./src/virtual/maildir.c
*** /tmp/postfix-2.0.3/src/virtual/maildir.c Thu Jan 23 18:18:56 2003
--- ./src/virtual/maildir.c Wed Feb 19 14:15:11 2003
***************
*** 131,141 ****
* the file to new/ we use the device number and inode number. I do not
* care if this breaks on a remote AFS file system, because people should
* know better.
*/
#define STR vstring_str
set_eugid(usr_attr.uid, usr_attr.gid);
! vstring_sprintf(buf, "%lu.%d.%s",
(unsigned long) starttime, var_pid, get_hostname());
tmpfile = concatenate(tmpdir, STR(buf), (char *) 0);
newfile = 0;
--- 131,171 ----
* the file to new/ we use the device number and inode number. I do not
* care if this breaks on a remote AFS file system, because people should
* know better.
+ *
+ * On January 26, 2003, http://cr.yp.to/proto/maildir.html said:
+ *
+ * A unique name has three pieces, separated by dots. On the left is the
+ * result of time() or the second counter from gettimeofday(). On the
+ * right is the result of gethostname(). (To deal with invalid host
+ * names, replace / with \057 and : with \072.) In the middle is a
+ * delivery identifier, discussed below.
+ *
+ * [...]
+ *
+ * Modern delivery identifiers are created by concatenating enough of the
+ * following strings to guarantee uniqueness:
+ *
+ * [...]
+ *
+ * In, where n is (in hexadecimal) the UNIX inode number of this file.
+ * Unfortunately, inode numbers aren't always available through NFS.
+ *
+ * Vn, where n is (in hexadecimal) the UNIX device number of this file.
+ * Unfortunately, device numbers aren't always available through NFS.
+ * (Device numbers are also not helpful with the standard UNIX
+ * filesystem: a maildir has to be within a single UNIX device for link()
+ * and rename() to work.)
+ *
+ * [...]
+ *
+ * Pn, where n is (in decimal) the process ID.
+ *
+ * [...]
*/
#define STR vstring_str
set_eugid(usr_attr.uid, usr_attr.gid);
! vstring_sprintf(buf, "%lu.P%d.%s",
(unsigned long) starttime, var_pid, get_hostname());
tmpfile = concatenate(tmpdir, STR(buf), (char *) 0);
newfile = 0;
***************
*** 147,153 ****
} else if (fstat(vstream_fileno(dst), &st) < 0) {
vstring_sprintf(why, "create %s: %m", tmpfile);
} else {
! vstring_sprintf(buf, "%lu.%lu_%lu.%s",
(unsigned long) starttime, (unsigned long) st.st_dev,
(unsigned long) st.st_ino, get_hostname());
newfile = concatenate(newdir, STR(buf), (char *) 0);
--- 177,183 ----
} else if (fstat(vstream_fileno(dst), &st) < 0) {
vstring_sprintf(why, "create %s: %m", tmpfile);
} else {
! vstring_sprintf(buf, "%lu.V%lxI%lx.%s",
(unsigned long) starttime, (unsigned long) st.st_dev,
(unsigned long) st.st_ino, get_hostname());
newfile = concatenate(newdir, STR(buf), (char *) 0);