| smtpd_data_restrictions | ≥ 2.0 |
Optional |
diff -cr --new-file /var/tmp/postfix-3.1.7/src/dns/dns_lookup.c ./src/dns/dns_lookup.c
*** /var/tmp/postfix-3.1.7/src/dns/dns_lookup.c 2015-07-12 10:10:57.000000000 -0400
--- ./src/dns/dns_lookup.c 2017-12-20 20:50:28.000000000 -0500
***************
*** 397,402 ****
--- 397,410 ----
/* Prepare for returning a null-padded server reply. */
memset(answer, 0, anslen);
len = res_query(name, class, type, answer, anslen);
+ /* Begin API creep workaround. */
+ if (len < 0 && h_errno == 0) {
+ SET_H_ERRNO(TRY_AGAIN);
+ msg_warn("res_query(\"%s\", %d, %d, %p, %d) returns %d with h_errno==0"
+ " -- setting h_errno=TRY_AGAIN",
+ name, class, type, answer, anslen, len);
+ }
+ /* End API creep workaround. */
if (len > 0) {
SET_H_ERRNO(0);
} else if (keep_notfound && NOT_FOUND_H_ERRNO(h_errno)) {
diff -cr --new-file /var/tmp/postfix-3.1.7/src/local/mailbox.c ./src/local/mailbox.c
*** /var/tmp/postfix-3.1.7/src/local/mailbox.c 2015-01-11 15:30:20.000000000 -0500
--- ./src/local/mailbox.c 2018-01-21 17:10:13.000000000 -0500
***************
*** 97,103 ****
int deliver_status;
int copy_flags;
VSTRING *biff;
! long end;
struct stat st;
uid_t spool_uid;
gid_t spool_gid;
--- 97,103 ----
int deliver_status;
int copy_flags;
VSTRING *biff;
! off_t end;
struct stat st;
uid_t spool_uid;
gid_t spool_gid;
***************
*** 202,208 ****
msg_warn("specify \"%s = no\" to ignore mailbox ownership mismatch",
VAR_STRICT_MBOX_OWNER);
} else {
! end = vstream_fseek(mp->fp, (off_t) 0, SEEK_END);
mail_copy_status = mail_copy(COPY_ATTR(state.msg_attr), mp->fp,
copy_flags, "\n", why);
}
--- 202,209 ----
msg_warn("specify \"%s = no\" to ignore mailbox ownership mismatch",
VAR_STRICT_MBOX_OWNER);
} else {
! if ((end = vstream_fseek(mp->fp, (off_t) 0, SEEK_END)) < 0)
! msg_fatal("seek mailbox file %s: %m", mailbox);
mail_copy_status = mail_copy(COPY_ATTR(state.msg_attr), mp->fp,
copy_flags, "\n", why);
}
diff -cr --new-file /var/tmp/postfix-3.1.7/src/smtpd/smtpd_check.c ./src/smtpd/smtpd_check.c
*** /var/tmp/postfix-3.1.7/src/smtpd/smtpd_check.c 2017-01-01 12:48:24.000000000 -0500
--- ./src/smtpd/smtpd_check.c 2017-12-20 20:27:37.000000000 -0500
***************
*** 4053,4059 ****
static void forbid_whitelist(SMTPD_STATE *state, const char *name,
int status, const char *target)
{
! if (status == SMTPD_CHECK_OK) {
msg_warn("restriction %s returns OK for %s", name, target);
msg_warn("this is not allowed for security reasons");
msg_warn("use DUNNO instead of OK if you want to make an exception");
--- 4053,4059 ----
static void forbid_whitelist(SMTPD_STATE *state, const char *name,
int status, const char *target)
{
! if (state->discard == 0 && status == SMTPD_CHECK_OK) {
msg_warn("restriction %s returns OK for %s", name, target);
msg_warn("this is not allowed for security reasons");
msg_warn("use DUNNO instead of OK if you want to make an exception");
diff -cr --new-file /var/tmp/postfix-3.1.7/src/util/dict_db.c ./src/util/dict_db.c
*** /var/tmp/postfix-3.1.7/src/util/dict_db.c 2017-06-13 12:15:32.000000000 -0400
--- ./src/util/dict_db.c 2017-12-20 20:34:39.000000000 -0500
***************
*** 615,620 ****
--- 615,621 ----
struct stat st;
DB *db = 0;
char *db_path = 0;
+ VSTRING *db_base_buf = 0;
int lock_fd = -1;
int dbfd;
***************
*** 671,676 ****
--- 672,678 ----
#define FREE_RETURN(e) do { \
DICT *_dict = (e); if (db) DICT_DB_CLOSE(db); \
if (lock_fd >= 0) (void) close(lock_fd); \
+ if (db_base_buf) vstring_free(db_base_buf); \
if (db_path) myfree(db_path); return (_dict); \
} while (0)
***************
*** 735,752 ****
msg_panic("db_create null result");
if (type == DB_HASH && db->set_h_nelem(db, DICT_DB_NELM) != 0)
msg_fatal("set DB hash element count %d: %m", DICT_DB_NELM);
#if DB_VERSION_MAJOR == 6 || DB_VERSION_MAJOR == 5 || \
(DB_VERSION_MAJOR == 4 && DB_VERSION_MINOR > 0)
! if ((errno = db->open(db, 0, db_path, 0, type, db_flags, 0644)) != 0)
FREE_RETURN(dict_surrogate(class, path, open_flags, dict_flags,
"open database %s: %m", db_path));
#elif (DB_VERSION_MAJOR == 3 || DB_VERSION_MAJOR == 4)
! if ((errno = db->open(db, db_path, 0, type, db_flags, 0644)) != 0)
FREE_RETURN(dict_surrogate(class, path, open_flags, dict_flags,
"open database %s: %m", db_path));
#else
#error "Unsupported Berkeley DB version"
#endif
if ((errno = db->fd(db, &dbfd)) != 0)
msg_fatal("get database file descriptor: %m");
#endif
--- 737,758 ----
msg_panic("db_create null result");
if (type == DB_HASH && db->set_h_nelem(db, DICT_DB_NELM) != 0)
msg_fatal("set DB hash element count %d: %m", DICT_DB_NELM);
+ db_base_buf = vstring_alloc(100);
#if DB_VERSION_MAJOR == 6 || DB_VERSION_MAJOR == 5 || \
(DB_VERSION_MAJOR == 4 && DB_VERSION_MINOR > 0)
! if ((errno = db->open(db, 0, sane_basename(db_base_buf, db_path),
! 0, type, db_flags, 0644)) != 0)
FREE_RETURN(dict_surrogate(class, path, open_flags, dict_flags,
"open database %s: %m", db_path));
#elif (DB_VERSION_MAJOR == 3 || DB_VERSION_MAJOR == 4)
! if ((errno = db->open(db, sane_basename(db_base_buf, db_path), 0,
! type, db_flags, 0644)) != 0)
FREE_RETURN(dict_surrogate(class, path, open_flags, dict_flags,
"open database %s: %m", db_path));
#else
#error "Unsupported Berkeley DB version"
#endif
+ vstring_free(db_base_buf);
if ((errno = db->fd(db, &dbfd)) != 0)
msg_fatal("get database file descriptor: %m");
#endif
diff -cr --new-file /var/tmp/postfix-3.1.7/src/virtual/mailbox.c ./src/virtual/mailbox.c
*** /var/tmp/postfix-3.1.7/src/virtual/mailbox.c 2016-08-22 17:24:31.000000000 -0400
--- ./src/virtual/mailbox.c 2018-01-21 17:09:08.000000000 -0500
***************
*** 132,138 ****
VAR_STRICT_MBOX_OWNER);
} else {
if (vstream_fseek(mp->fp, (off_t) 0, SEEK_END) < 0)
! msg_fatal("%s: seek queue file %s: %m",
myname, VSTREAM_PATH(mp->fp));
mail_copy_status = mail_copy(COPY_ATTR(state.msg_attr), mp->fp,
copy_flags, "\n", why);
--- 132,138 ----
VAR_STRICT_MBOX_OWNER);
} else {
if (vstream_fseek(mp->fp, (off_t) 0, SEEK_END) < 0)
! msg_fatal("%s: seek mailbox file %s: %m",
myname, VSTREAM_PATH(mp->fp));
mail_copy_status = mail_copy(COPY_ATTR(state.msg_attr), mp->fp,
copy_flags, "\n", why);
|