Postfix 2.1 Patchlevel 5 catches up with minor fixes that appeared
in Postfix 2.2 snapshot releases. See HISTORY records a few lines
below for the details.
Prereq: "2.1.4"
diff -cr /tmp/postfix-2.1.4/src/global/mail_version.h ./src/global/mail_version.h
*** /tmp/postfix-2.1.4/src/global/mail_version.h Mon Jun 28 14:26:39 2004
--- ./src/global/mail_version.h Wed Sep 15 11:32:11 2004
***************
*** 20,27 ****
* Patches change the patchlevel and the release date. Snapshots change the
* release date only.
*/
! #define MAIL_RELEASE_DATE "20040628"
! #define MAIL_VERSION_NUMBER "2.1.4"
#define VAR_MAIL_VERSION "mail_version"
#ifdef SNAPSHOT
--- 20,27 ----
* Patches change the patchlevel and the release date. Snapshots change the
* release date only.
*/
! #define MAIL_RELEASE_DATE "20040915"
! #define MAIL_VERSION_NUMBER "2.1.5"
#define VAR_MAIL_VERSION "mail_version"
#ifdef SNAPSHOT
diff -cr /tmp/postfix-2.1.4/HISTORY ./HISTORY
*** /tmp/postfix-2.1.4/HISTORY Wed Jun 30 09:40:21 2004
--- ./HISTORY Wed Sep 15 11:29:39 2004
***************
*** 9406,9408 ****
--- 9406,9454 ----
recipient delimiter if one is defined, so that extended
addresses don't get extra delivery concurrency slots.
Files: *qmgr/qmgr_message.c.
+
+ 20040714
+
+ Bugfix: the code to eliminate the local MTA from the MX
+ address list did not handle the case that inet_interfaces
+ produced a less preferred match than proxy_interfaces.
+ Victor Duchovni, Morgan Stanley. File: smtp/smtp_addr.c.
+
+ 20040723
+
+ Safety: spawn(8) now rejects a user with the -1 UID or GID
+ value, so that commands will not end up running as root.
+ Files: util/spawn_command.c, spawn/spawn.c.
+
+ Bugfix: "421 Timeout exceeded" wasn't guarded by setjmp().
+ Victor Duchovni, Morgan Stanley. File: smtpd/smtpd.c.
+
+ 20040801
+
+ Portability: h_errno is not an lvalue in the UnixWare 7.1
+ multi-threaded environment. Olivier PRENANT.
+
+ 20040812
+
+ Bugfix: update SMTP server error counter when a client is
+ denied access with smtpd_delay_reject=no.
+
+ 20040817
+
+ Bugfix: The smtp_chat_cmd() output flushing code in the
+ SMTP client could run before an I/O error handler was set
+ up. Problem diagnosed by Victor Duchovni, Morgan Stanley.
+ The fix is to disable the smtp_chat_cmd() output flushing
+ code as it duplicates better code in smtp_loop(). File:
+ smtp/smtp_chat.c.
+
+ 20030823
+
+ Bugfix: vstream_popen() did not close the child pipe after
+ failure to fork(). File: util/vstream_popen.c.
+
+ 20040913
+
+ Bugfix (introduced 20020803): sent the wrong bounce message
+ type when a Delivered-To: loop was detected for a mailing
+ list alias. Nicolas Riendeau. File: bounce_notify_util.c.
diff -cr /tmp/postfix-2.1.4/conf/header_checks ./conf/header_checks
*** /tmp/postfix-2.1.4/conf/header_checks Fri May 7 15:25:21 2004
--- ./conf/header_checks Sun Aug 15 12:40:14 2004
***************
*** 297,303 ****
#
# /etc/postfix/header_checks:
# /^content-(type|disposition):.*name[[:space:]]*=.*\.(exe|vbs)/
! # REJECT Bad attachment file name extension: $1
#
# Body pattern to stop a specific HTML browser vulnerability
# exploit.
--- 297,303 ----
#
# /etc/postfix/header_checks:
# /^content-(type|disposition):.*name[[:space:]]*=.*\.(exe|vbs)/
! # REJECT Bad attachment file name extension: $2
#
# Body pattern to stop a specific HTML browser vulnerability
# exploit.
diff -cr /tmp/postfix-2.1.4/examples/smtpd-policy/spf.pl ./examples/smtpd-policy/spf.pl
*** /tmp/postfix-2.1.4/examples/smtpd-policy/spf.pl Sun Feb 1 14:00:56 2004
--- ./examples/smtpd-policy/spf.pl Tue Jun 29 17:39:25 2004
***************
*** 196,202 ****
if ($result eq "pass") { return "DUNNO"; }
elsif ($result eq "fail") { return "REJECT " . ($smtp_comment || $header_comment); }
! elsif ($result eq "error") { return "450 temporary failure: $smtp_comemnt"; }
else { return "DUNNO"; }
# unknown, softfail, and none all return DUNNO
--- 196,202 ----
if ($result eq "pass") { return "DUNNO"; }
elsif ($result eq "fail") { return "REJECT " . ($smtp_comment || $header_comment); }
! elsif ($result eq "error") { return "450 temporary failure: $smtp_comment"; }
else { return "DUNNO"; }
# unknown, softfail, and none all return DUNNO
diff -cr /tmp/postfix-2.1.4/html/header_checks.5.html ./html/header_checks.5.html
*** /tmp/postfix-2.1.4/html/header_checks.5.html Fri May 7 15:25:23 2004
--- ./html/header_checks.5.html Sun Aug 15 12:40:18 2004
***************
*** 303,309 ****
/etc/postfix/header_checks:
/^content-(type|disposition):.*name[[:space:]]*=.*\.(exe|vbs)/
! REJECT Bad attachment file name extension: $1
Body pattern to stop a specific HTML browser vulnerability
exploit.
--- 303,309 ----
/etc/postfix/header_checks:
/^content-(type|disposition):.*name[[:space:]]*=.*\.(exe|vbs)/
! REJECT Bad attachment file name extension: $2
Body pattern to stop a specific HTML browser vulnerability
exploit.
diff -cr /tmp/postfix-2.1.4/html/postconf.5.html ./html/postconf.5.html
*** /tmp/postfix-2.1.4/html/postconf.5.html Wed Jun 16 18:40:35 2004
--- ./html/postconf.5.html Thu Sep 2 15:59:39 2004
***************
*** 4854,4863 ****
address extension.
Look up the "user+extension" address local part when the
! recipient domain equals $myorigin, $mydestination, $inet_interfaces
or $proxy_interfaces.
! Look up the "user" address local part when the recipient domain
equals $myorigin, $mydestination, $inet_interfaces or $proxy_interfaces.
Look up the "@domain.tld" part.
--- 4854,4863 ----
address extension.
Look up the "user+extension" address local part when the
! sender domain equals $myorigin, $mydestination, $inet_interfaces
or $proxy_interfaces.
! Look up the "user" address local part when the sender domain
equals $myorigin, $mydestination, $inet_interfaces or $proxy_interfaces.
Look up the "@domain.tld" part.
***************
*** 6663,6671 ****
or $proxy_interfaces, but the recipient is not listed in
$local_recipient_maps, and $local_recipient_maps is not null.
! The recipient domain matches $virtual_alias_maps but the
! recipient is not listed in $virtual_alias_maps, and $virtual_alias_maps
! is not null.
The recipient domain matches $virtual_mailbox_domains but the
recipient is not listed in $virtual_mailbox_maps, and $virtual_mailbox_maps
--- 6663,6670 ----
or $proxy_interfaces, but the recipient is not listed in
$local_recipient_maps, and $local_recipient_maps is not null.
! The recipient domain matches $virtual_alias_domains but the
! recipient is not listed in $virtual_alias_maps.
The recipient domain matches $virtual_mailbox_domains but the
recipient is not listed in $virtual_mailbox_maps, and $virtual_mailbox_maps
***************
*** 6698,6706 ****
$proxy_interfaces, but the recipient is not listed in
$local_recipient_maps, and $local_recipient_maps is not null.
! The sender domain matches $virtual_alias_maps but the recipient
! is not listed in $virtual_alias_maps, and $virtual_alias_maps is
! not null.
The sender domain matches $virtual_mailbox_domains but the
recipient is not listed in $virtual_mailbox_maps, and $virtual_mailbox_maps
--- 6697,6704 ----
$proxy_interfaces, but the recipient is not listed in
$local_recipient_maps, and $local_recipient_maps is not null.
! The sender domain matches $virtual_alias_domains but the recipient
! is not listed in $virtual_alias_maps.
The sender domain matches $virtual_mailbox_domains but the
recipient is not listed in $virtual_mailbox_maps, and $virtual_mailbox_maps
diff -cr /tmp/postfix-2.1.4/man/man5/header_checks.5 ./man/man5/header_checks.5
*** /tmp/postfix-2.1.4/man/man5/header_checks.5 Fri May 7 15:25:22 2004
--- ./man/man5/header_checks.5 Sun Aug 15 12:40:15 2004
***************
*** 282,288 ****
.ti +4
/^content-(type|disposition):.*name[[:space:]]*=.*\\.(exe|vbs)/
.ti +8
! REJECT Bad attachment file name extension: $1
.ad
.fi
--- 282,288 ----
.ti +4
/^content-(type|disposition):.*name[[:space:]]*=.*\\.(exe|vbs)/
.ti +8
! REJECT Bad attachment file name extension: $2
.ad
.fi
diff -cr /tmp/postfix-2.1.4/man/man5/postconf.5 ./man/man5/postconf.5
*** /tmp/postfix-2.1.4/man/man5/postconf.5 Wed Jun 16 18:40:35 2004
--- ./man/man5/postconf.5 Thu Sep 2 15:59:39 2004
***************
*** 2525,2534 ****
address extension.
.IP \(bu
Look up the "user+extension" address local part when the
! recipient domain equals $myorigin, $mydestination, $inet_interfaces
or $proxy_interfaces.
.IP \(bu
! Look up the "user" address local part when the recipient domain
equals $myorigin, $mydestination, $inet_interfaces or $proxy_interfaces.
.IP \(bu
Look up the "@domain.tld" part.
--- 2525,2534 ----
address extension.
.IP \(bu
Look up the "user+extension" address local part when the
! sender domain equals $myorigin, $mydestination, $inet_interfaces
or $proxy_interfaces.
.IP \(bu
! Look up the "user" address local part when the sender domain
equals $myorigin, $mydestination, $inet_interfaces or $proxy_interfaces.
.IP \(bu
Look up the "@domain.tld" part.
***************
*** 3547,3555 ****
or $proxy_interfaces, but the recipient is not listed in
$local_recipient_maps, and $local_recipient_maps is not null.
.IP \(bu
! The recipient domain matches $virtual_alias_maps but the
! recipient is not listed in $virtual_alias_maps, and $virtual_alias_maps
! is not null.
.IP \(bu
The recipient domain matches $virtual_mailbox_domains but the
recipient is not listed in $virtual_mailbox_maps, and $virtual_mailbox_maps
--- 3547,3554 ----
or $proxy_interfaces, but the recipient is not listed in
$local_recipient_maps, and $local_recipient_maps is not null.
.IP \(bu
! The recipient domain matches $virtual_alias_domains but the
! recipient is not listed in $virtual_alias_maps.
.IP \(bu
The recipient domain matches $virtual_mailbox_domains but the
recipient is not listed in $virtual_mailbox_maps, and $virtual_mailbox_maps
***************
*** 3570,3578 ****
$proxy_interfaces, but the recipient is not listed in
$local_recipient_maps, and $local_recipient_maps is not null.
.IP \(bu
! The sender domain matches $virtual_alias_maps but the recipient
! is not listed in $virtual_alias_maps, and $virtual_alias_maps is
! not null.
.IP \(bu
The sender domain matches $virtual_mailbox_domains but the
recipient is not listed in $virtual_mailbox_maps, and $virtual_mailbox_maps
--- 3569,3576 ----
$proxy_interfaces, but the recipient is not listed in
$local_recipient_maps, and $local_recipient_maps is not null.
.IP \(bu
! The sender domain matches $virtual_alias_domains but the recipient
! is not listed in $virtual_alias_maps.
.IP \(bu
The sender domain matches $virtual_mailbox_domains but the
recipient is not listed in $virtual_mailbox_maps, and $virtual_mailbox_maps
diff -cr /tmp/postfix-2.1.4/proto/header_checks ./proto/header_checks
*** /tmp/postfix-2.1.4/proto/header_checks Fri May 7 15:24:35 2004
--- ./proto/header_checks Sun Aug 15 12:40:09 2004
***************
*** 262,268 ****
# .ti +4
# /^content-(type|disposition):.*name[[:space:]]*=.*\\.(exe|vbs)/
# .ti +8
! # REJECT Bad attachment file name extension: $1
#
# .ad
# .fi
--- 262,268 ----
# .ti +4
# /^content-(type|disposition):.*name[[:space:]]*=.*\\.(exe|vbs)/
# .ti +8
! # REJECT Bad attachment file name extension: $2
#
# .ad
# .fi
diff -cr /tmp/postfix-2.1.4/proto/postconf.proto ./proto/postconf.proto
*** /tmp/postfix-2.1.4/proto/postconf.proto Wed Jun 16 18:40:26 2004
--- ./proto/postconf.proto Tue Aug 31 10:24:30 2004
***************
*** 3004,3013 ****
address extension.
Look up the "user+extension" address local part when the
! recipient domain equals $myorigin, $mydestination, $inet_interfaces
or $proxy_interfaces.
! Look up the "user" address local part when the recipient domain
equals $myorigin, $mydestination, $inet_interfaces or $proxy_interfaces.
Look up the "@domain.tld" part.
--- 3004,3013 ----
address extension.
Look up the "user+extension" address local part when the
! sender domain equals $myorigin, $mydestination, $inet_interfaces
or $proxy_interfaces.
! Look up the "user" address local part when the sender domain
equals $myorigin, $mydestination, $inet_interfaces or $proxy_interfaces.
Look up the "@domain.tld" part.
***************
*** 6345,6353 ****
or $proxy_interfaces, but the recipient is not listed in
$local_recipient_maps, and $local_recipient_maps is not null.
! The recipient domain matches $virtual_alias_maps but the
! recipient is not listed in $virtual_alias_maps, and $virtual_alias_maps
! is not null.
The recipient domain matches $virtual_mailbox_domains but the
recipient is not listed in $virtual_mailbox_maps, and $virtual_mailbox_maps
--- 6345,6352 ----
or $proxy_interfaces, but the recipient is not listed in
$local_recipient_maps, and $local_recipient_maps is not null.
! The recipient domain matches $virtual_alias_domains but the
! recipient is not listed in $virtual_alias_maps.
The recipient domain matches $virtual_mailbox_domains but the
recipient is not listed in $virtual_mailbox_maps, and $virtual_mailbox_maps
***************
*** 6376,6384 ****
$proxy_interfaces, but the recipient is not listed in
$local_recipient_maps, and $local_recipient_maps is not null.
! The sender domain matches $virtual_alias_maps but the recipient
! is not listed in $virtual_alias_maps, and $virtual_alias_maps is
! not null.
The sender domain matches $virtual_mailbox_domains but the
recipient is not listed in $virtual_mailbox_maps, and $virtual_mailbox_maps
--- 6375,6382 ----
$proxy_interfaces, but the recipient is not listed in
$local_recipient_maps, and $local_recipient_maps is not null.
! The sender domain matches $virtual_alias_domains but the recipient
! is not listed in $virtual_alias_maps.
The sender domain matches $virtual_mailbox_domains but the
recipient is not listed in $virtual_mailbox_maps, and $virtual_mailbox_maps
diff -cr /tmp/postfix-2.1.4/src/bounce/bounce_notify_util.c ./src/bounce/bounce_notify_util.c
*** /tmp/postfix-2.1.4/src/bounce/bounce_notify_util.c Sun Apr 18 20:34:29 2004
--- ./src/bounce/bounce_notify_util.c Mon Sep 13 09:57:23 2004
***************
*** 345,356 ****
* Initialize the bounce_info structure. Forge a logfile record for just
* one recipient.
*/
- #define REALLY_BOUNCE 1
-
log_handle = bounce_log_forge(orig_recipient, recipient, offset, dsn_status,
dsn_action, why);
bounce_info = bounce_mail_alloc("none", queue_name, queue_id,
! encoding, REALLY_BOUNCE, log_handle);
return (bounce_info);
}
--- 345,354 ----
* Initialize the bounce_info structure. Forge a logfile record for just
* one recipient.
*/
log_handle = bounce_log_forge(orig_recipient, recipient, offset, dsn_status,
dsn_action, why);
bounce_info = bounce_mail_alloc("none", queue_name, queue_id,
! encoding, BOUNCE_MSG_FAIL, log_handle);
return (bounce_info);
}
diff -cr /tmp/postfix-2.1.4/src/dns/dns_lookup.c ./src/dns/dns_lookup.c
*** /tmp/postfix-2.1.4/src/dns/dns_lookup.c Tue Dec 16 08:40:24 2003
--- ./src/dns/dns_lookup.c Sun Aug 1 17:05:44 2004
***************
*** 512,518 ****
vstring_sprintf(why,
"Name service error for %s: invalid host or domain name",
name);
! h_errno = HOST_NOT_FOUND;
return (DNS_NOTFOUND);
}
--- 512,518 ----
vstring_sprintf(why,
"Name service error for %s: invalid host or domain name",
name);
! SET_H_ERRNO(HOST_NOT_FOUND);
return (DNS_NOTFOUND);
}
***************
*** 524,530 ****
vstring_sprintf(why,
"Name service error for %s: invalid host or domain name",
name);
! h_errno = HOST_NOT_FOUND;
return (DNS_NOTFOUND);
}
--- 524,530 ----
vstring_sprintf(why,
"Name service error for %s: invalid host or domain name",
name);
! SET_H_ERRNO(HOST_NOT_FOUND);
return (DNS_NOTFOUND);
}
diff -cr /tmp/postfix-2.1.4/src/smtp/smtp_addr.c ./src/smtp/smtp_addr.c
*** /tmp/postfix-2.1.4/src/smtp/smtp_addr.c Fri Dec 26 14:26:01 2003
--- ./src/smtp/smtp_addr.c Wed Jul 14 12:49:45 2004
***************
*** 262,301 ****
{
char *myname = "smtp_find_self";
INET_ADDR_LIST *self;
DNS_RR *addr;
int i;
- /*
- * Find the first address that lists any address that this mail system is
- * supposed to be listening on.
- */
#define INADDRP(x) ((struct in_addr *) (x))
self = own_inet_addr_list();
for (addr = addr_list; addr; addr = addr->next) {
for (i = 0; i < self->used; i++)
if (INADDRP(addr->data)->s_addr == self->addrs[i].s_addr) {
if (msg_verbose)
! msg_info("%s: found at pref %d", myname, addr->pref);
return (addr);
}
- }
! /*
! * Find out if this mail system has a proxy listening on this address.
! */
! self = proxy_inet_addr_list();
! for (addr = addr_list; addr; addr = addr->next) {
! for (i = 0; i < self->used; i++)
! if (INADDRP(addr->data)->s_addr == self->addrs[i].s_addr) {
if (msg_verbose)
! msg_info("%s: found at pref %d", myname, addr->pref);
return (addr);
}
}
/*
! * Didn't find myself.
*/
if (msg_verbose)
msg_info("%s: not found", myname);
--- 262,302 ----
{
char *myname = "smtp_find_self";
INET_ADDR_LIST *self;
+ INET_ADDR_LIST *proxy;
DNS_RR *addr;
int i;
#define INADDRP(x) ((struct in_addr *) (x))
self = own_inet_addr_list();
+ proxy = proxy_inet_addr_list();
+
for (addr = addr_list; addr; addr = addr->next) {
+
+ /*
+ * Find out if this mail system is listening on this address.
+ */
for (i = 0; i < self->used; i++)
if (INADDRP(addr->data)->s_addr == self->addrs[i].s_addr) {
if (msg_verbose)
! msg_info("%s: found self at pref %d", myname, addr->pref);
return (addr);
}
! /*
! * Find out if this mail system has a proxy listening on this
! * address.
! */
! for (i = 0; i < proxy->used; i++)
! if (INADDRP(addr->data)->s_addr == proxy->addrs[i].s_addr) {
if (msg_verbose)
! msg_info("%s: found proxy at pref %d", myname, addr->pref);
return (addr);
}
}
/*
! * Didn't find myself, or my proxy.
*/
if (msg_verbose)
msg_info("%s: not found", myname);
diff -cr /tmp/postfix-2.1.4/src/smtp/smtp_chat.c ./src/smtp/smtp_chat.c
*** /tmp/postfix-2.1.4/src/smtp/smtp_chat.c Thu Jul 24 12:12:38 2003
--- ./src/smtp/smtp_chat.c Tue Aug 17 16:47:36 2004
***************
*** 151,156 ****
--- 151,163 ----
smtp_fputs(STR(state->buffer), LEN(state->buffer), session->stream);
/*
+ * This code is in the wrong place and can run before an I/O error
+ * handler is set up. To make matters worse, this code pre-empts better
+ * output flushing code that sits in the smtp_xfer() routine.
+ */
+ #if 0
+
+ /*
* Flush unsent data to avoid timeouts after slow DNS lookups.
*/
if (time((time_t *) 0) - vstream_ftime(session->stream) > 10)
***************
*** 163,168 ****
--- 170,176 ----
vstream_longjmp(session->stream, SMTP_ERR_TIME);
if (vstream_ferror(session->stream))
vstream_longjmp(session->stream, SMTP_ERR_EOF);
+ #endif
}
/* smtp_chat_resp - read and process SMTP server response */
diff -cr /tmp/postfix-2.1.4/src/smtpd/smtpd.c ./src/smtpd/smtpd.c
*** /tmp/postfix-2.1.4/src/smtpd/smtpd.c Wed Jun 16 18:40:36 2004
--- ./src/smtpd/smtpd.c Fri Aug 13 18:28:41 2004
***************
*** 2393,2400 ****
case SMTP_ERR_TIME:
state->reason = "timeout";
! smtpd_chat_reply(state, "421 %s Error: timeout exceeded",
! var_myhostname);
break;
case SMTP_ERR_EOF:
--- 2393,2401 ----
case SMTP_ERR_TIME:
state->reason = "timeout";
! if (vstream_setjmp(state->client) == 0)
! smtpd_chat_reply(state, "421 %s Error: timeout exceeded",
! var_myhostname);
break;
case SMTP_ERR_EOF:
***************
*** 2437,2442 ****
--- 2438,2444 ----
&& var_smtpd_delay_reject == 0
&& (state->access_denied = smtpd_check_client(state)) != 0) {
smtpd_chat_reply(state, "%s", state->access_denied);
+ state->error_count++;
} else {
smtpd_chat_reply(state, "220 %s", var_smtpd_banner);
}
diff -cr /tmp/postfix-2.1.4/src/smtpd/smtpd_check.c ./src/smtpd/smtpd_check.c
*** /tmp/postfix-2.1.4/src/smtpd/smtpd_check.c Mon May 3 11:40:13 2004
--- ./src/smtpd/smtpd_check.c Sun Aug 1 17:08:32 2004
***************
*** 2183,2189 ****
FULL, &found, reply_name, reply_class,
def_acl)) != 0 || found)
CHECK_SERVER_RETURN(status);
! h_errno = 0; /* XXX */
if ((hp = gethostbyname((char *) server->data)) == 0) {
msg_warn("Unable to look up %s host %s for %s %s: %s",
dns_strtype(type), (char *) server->data,
--- 2183,2189 ----
FULL, &found, reply_name, reply_class,
def_acl)) != 0 || found)
CHECK_SERVER_RETURN(status);
! SET_H_ERRNO(0); /* XXX */
if ((hp = gethostbyname((char *) server->data)) == 0) {
msg_warn("Unable to look up %s host %s for %s %s: %s",
dns_strtype(type), (char *) server->data,
diff -cr /tmp/postfix-2.1.4/src/spawn/spawn.c ./src/spawn/spawn.c
*** /tmp/postfix-2.1.4/src/spawn/spawn.c Mon Jun 14 17:17:41 2004
--- ./src/spawn/spawn.c Fri Jul 23 19:14:42 2004
***************
*** 247,252 ****
--- 247,256 ----
msg_fatal("request to use privileged group id %ld", (long) attr->gid);
if (attr->gid == var_owner_gid)
msg_fatal("request to use mail system owner group id %ld", (long) attr->gid);
+ if (attr->uid == (uid_t) (-1))
+ msg_fatal("user must not have user ID -1");
+ if (attr->gid == (gid_t) (-1))
+ msg_fatal("user must not have group ID -1");
/*
* Give the poor tester a clue of what is going on.
diff -cr /tmp/postfix-2.1.4/src/util/spawn_command.c ./src/util/spawn_command.c
*** /tmp/postfix-2.1.4/src/util/spawn_command.c Fri Dec 8 19:09:20 2000
--- ./src/util/spawn_command.c Fri Jul 23 19:16:47 2004
***************
*** 43,51 ****
/* Each of these specifies I/O redirection of one of the standard file
/* descriptors for the command.
/* .IP "SPAWN_CMD_UID (int)"
! /* The user ID to execute the command as.
/* .IP "SPAWN_CMD_GID (int)"
! /* The group ID to execute the command as.
/* .IP "SPAWN_CMD_TIME_LIMIT (int)"
/* The amount of time in seconds the command is allowed to run before
/* it is terminated with SIGKILL. The default is no time limit.
--- 43,53 ----
/* Each of these specifies I/O redirection of one of the standard file
/* descriptors for the command.
/* .IP "SPAWN_CMD_UID (int)"
! /* The user ID to execute the command as. The value -1 is reserved
! /* and cannot be specified.
/* .IP "SPAWN_CMD_GID (int)"
! /* The group ID to execute the command as. The value -1 is reserved
! /* and cannot be specified.
/* .IP "SPAWN_CMD_TIME_LIMIT (int)"
/* The amount of time in seconds the command is allowed to run before
/* it is terminated with SIGKILL. The default is no time limit.
***************
*** 162,171 ****
args->stderr_fd = va_arg(ap, int);
break;
case SPAWN_CMD_UID:
! args->uid = va_arg(ap, int); /* in case uid_t is short */
break;
case SPAWN_CMD_GID:
! args->gid = va_arg(ap, int); /* in case gid_t is short */
break;
case SPAWN_CMD_TIME_LIMIT:
args->time_limit = va_arg(ap, int);
--- 164,177 ----
args->stderr_fd = va_arg(ap, int);
break;
case SPAWN_CMD_UID:
! args->uid = va_arg(ap, uid_t);
! if (args->uid == (uid_t) (-1))
! msg_panic("spawn_command: request with reserved user ID: -1");
break;
case SPAWN_CMD_GID:
! args->gid = va_arg(ap, gid_t);
! if (args->gid == (gid_t) (-1))
! msg_panic("spawn_command: request with reserved group ID: -1");
break;
case SPAWN_CMD_TIME_LIMIT:
args->time_limit = va_arg(ap, int);
diff -cr /tmp/postfix-2.1.4/src/util/sys_defs.h ./src/util/sys_defs.h
*** /tmp/postfix-2.1.4/src/util/sys_defs.h Mon Jun 14 14:13:40 2004
--- ./src/util/sys_defs.h Sun Aug 1 17:05:23 2004
***************
*** 338,343 ****
--- 338,345 ----
#define USE_STATVFS
#define STATVFS_IN_SYS_STATVFS_H
#define UNIX_DOMAIN_CONNECT_BLOCKS_FOR_ACCEPT
+ #define STRCASECMP_IN_STRINGS_H
+ #define SET_H_ERRNO(err) (set_h_errno(err))
#endif
#ifdef UW21 /* UnixWare 2.1.x */
***************
*** 1156,1161 ****
--- 1158,1171 ----
#define __MAXINT__(T) ((T) (((((T) 1) << ((sizeof(T) * CHAR_BIT) - 1)) ^ ((T) -1))))
#ifndef OFF_T_MAX
#define OFF_T_MAX __MAXINT__(off_t)
+ #endif
+
+ /*
+ * Setting globals like h_errno can be problematic when Postfix is linked
+ * with multi-threaded libraries.
+ */
+ #ifndef SET_H_ERRNO
+ #define SET_H_ERRNO(err) (h_errno = (err))
#endif
/*
diff -cr /tmp/postfix-2.1.4/src/util/vstream_popen.c ./src/util/vstream_popen.c
*** /tmp/postfix-2.1.4/src/util/vstream_popen.c Sun Dec 10 15:17:28 2000
--- ./src/util/vstream_popen.c Mon Aug 23 20:33:33 2004
***************
*** 213,218 ****
--- 213,220 ----
switch (pid = fork()) {
case -1: /* error */
+ (void) close(sockfd[0]);
+ (void) close(sockfd[1]);
return (0);
case 0: /* child */
if (close(sockfd[1]))