Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/external/ibm-public/postfix/dist Import Postfix 2.11.3. Chan...
details: https://anonhg.NetBSD.org/src/rev/39e4d17be933
branches: trunk
changeset: 335810:39e4d17be933
user: tron <tron%NetBSD.org@localhost>
date: Sat Jan 24 18:08:05 2015 +0000
description:
Import Postfix 2.11.3. Changes since version 2.11.1:
- Fix for DMARC implementations based on SPF policy plus DKIM Milter. The
PREPEND access/policy action added headers ABOVE Postfix's own Received:
header, exposing Postfix's own Received: header to Milters (protocol
violation) and hiding the PREPENDed header from Milters. PREPENDed
headers are now added BELOW Postfix's own Received: header and remain
visible to Milters.
- The Postfix SMTP server logged an incorrect client name in reject
messages for check_reverse_client_hostname_access and
check_reverse_client_hostname_{mx,ns}_access. They replied with the
verified client name, instead of the name that was rejected.
- The TLS client logged that an anonymous TLS connection was "Untrusted",
instead of "Anonymous".
- Fix for configurations that prepend message headers with Postfix access
maps, policy servers or Milter applications. Postfix now hides its own
Received: header from Milters and exposes prepended headers to Milters,
regardless of the mechanism used to prepend a header. This fix reverts
a partial solution that was released on October 13, 2014, and replaces
it with a complete solution.
diffstat:
external/ibm-public/postfix/dist/HISTORY | 44 ++++++++++
external/ibm-public/postfix/dist/src/cleanup/cleanup_message.c | 14 ++-
external/ibm-public/postfix/dist/src/cleanup/cleanup_milter.c | 4 +-
external/ibm-public/postfix/dist/src/cleanup/cleanup_state.c | 4 +-
external/ibm-public/postfix/dist/src/global/mail_version.h | 6 +-
external/ibm-public/postfix/dist/src/milter/milter.c | 11 +-
external/ibm-public/postfix/dist/src/milter/milter.h | 6 +-
external/ibm-public/postfix/dist/src/milter/milter8.c | 20 +++-
external/ibm-public/postfix/dist/src/qmqpd/qmqpd.c | 5 +-
external/ibm-public/postfix/dist/src/smtpd/smtpd_check.c | 8 +-
10 files changed, 94 insertions(+), 28 deletions(-)
diffs (truncated from 335 to 300 lines):
diff -r dd50e4b9a636 -r 39e4d17be933 external/ibm-public/postfix/dist/HISTORY
--- a/external/ibm-public/postfix/dist/HISTORY Sat Jan 24 18:07:54 2015 +0000
+++ b/external/ibm-public/postfix/dist/HISTORY Sat Jan 24 18:08:05 2015 +0000
@@ -19574,3 +19574,47 @@
reported by Sahil Tandon, predicate error found by Viktor,
redundant connection restore request eliminated by Wietse.
File: smtp/smtp_connect.c.
+
+20140619
+
+ Bugfix (introduced: 2001): qmqpd null pointer bug when it
+ logs a lost connection while not in a mail transaction.
+ Reported by Michal Adamek. File: qmqpd/qmqpd.c.
+
+20140920
+
+ Bugfix (introduced: 20080212): incorrect client name in
+ reject messages from check_reverse_client_hostname_access
+ and check_reverse_client_hostname_{mx,ns}_access. They
+ replied with the verified client name, instead of the name
+ that was rejected. Problem reported by Reindl Harald. File:
+ smtpd/smtpd_check.c.
+
+20141012
+
+ Bugfix (introduced: Postfix 2.3): the PREPEND access/policy
+ action added headers ABOVE Postfix's own Received: header,
+ exposing Postfix's own Received: header to Milters (protocol
+ violation) and hiding the PREPENDed header from Milters.
+ The latter caused problems for DMARC implementations with
+ SPF policy plus DKIM Milter. PREPENDed headers are now
+ added BELOW Postfix's own Received: header and remain visible
+ to Milters. File: smtpd/smtpd.c.
+
+20141014
+
+ Portability: Darwin 11.x needs to link with -lresolv. Viktor
+ Dukhovni. File: makedefs.
+
+20141018
+
+ Bugfix (introduced: Postfix 2.3): when a Milter inserted a
+ header ABOVE Postfix's own Received: header, Postfix would
+ expose its own Received: header to Milters (violating
+ protocol) and hide the Milter-inserted header from Milters
+ (wtf). Files: cleanup/cleanup.h, cleanup/cleanup_message.c,
+ cleanup/cleanup_state.c, milter/milter.[hc], milter/milter8.c.
+
+ Cleanup: revert the workaround that places headers inserted
+ with PREPEND actions or policy requests BELOW Postfix's own
+ Received: message header. File: smtpd/smtpd.c.
diff -r dd50e4b9a636 -r 39e4d17be933 external/ibm-public/postfix/dist/src/cleanup/cleanup_message.c
--- a/external/ibm-public/postfix/dist/src/cleanup/cleanup_message.c Sat Jan 24 18:07:54 2015 +0000
+++ b/external/ibm-public/postfix/dist/src/cleanup/cleanup_message.c Sat Jan 24 18:08:05 2015 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: cleanup_message.c,v 1.1.1.4 2014/07/06 19:27:50 tron Exp $ */
+/* $NetBSD: cleanup_message.c,v 1.1.1.5 2015/01/24 18:08:23 tron Exp $ */
/*++
/* NAME
@@ -481,6 +481,10 @@
if (hdr_opts && (hdr_opts->flags & HDR_OPT_MIME))
header_class = MIME_HDR_MULTIPART;
+ /* Update the Received: header count before maybe dropping headers below. */
+ if (hdr_opts && hdr_opts->type == HDR_RECEIVED)
+ state->hop_count += 1;
+
if ((state->flags & CLEANUP_FLAG_FILTER)
&& (CHECK(MIME_HDR_PRIMARY, cleanup_header_checks, VAR_HEADER_CHECKS)
|| CHECK(MIME_HDR_MULTIPART, cleanup_mimehdr_checks, VAR_MIMEHDR_CHECKS)
@@ -581,9 +585,13 @@
msg_info("%s: message-id=%s", state->queue_id, hdrval);
if (hdr_opts->type == HDR_RESENT_MESSAGE_ID)
msg_info("%s: resent-message-id=%s", state->queue_id, hdrval);
- if (hdr_opts->type == HDR_RECEIVED)
- if (++state->hop_count >= var_hopcount_limit)
+ if (hdr_opts->type == HDR_RECEIVED) {
+ if (state->hop_count >= var_hopcount_limit)
state->errs |= CLEANUP_STAT_HOPS;
+ /* Save our Received: header after maybe updating headers above. */
+ if (state->hop_count == 1)
+ argv_add(state->auto_hdrs, vstring_str(header_buf), ARGV_END);
+ }
if (CLEANUP_OUT_OK(state)) {
if (hdr_opts->flags & HDR_OPT_RR)
state->resent = "Resent-";
diff -r dd50e4b9a636 -r 39e4d17be933 external/ibm-public/postfix/dist/src/cleanup/cleanup_milter.c
--- a/external/ibm-public/postfix/dist/src/cleanup/cleanup_milter.c Sat Jan 24 18:07:54 2015 +0000
+++ b/external/ibm-public/postfix/dist/src/cleanup/cleanup_milter.c Sat Jan 24 18:08:05 2015 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: cleanup_milter.c,v 1.1.1.8 2014/07/06 19:27:50 tron Exp $ */
+/* $NetBSD: cleanup_milter.c,v 1.1.1.9 2015/01/24 18:08:23 tron Exp $ */
/*++
/* NAME
@@ -2022,7 +2022,7 @@
* filter library.
*/
if ((resp = milter_message(milters, state->handle->stream,
- state->data_offset)) != 0)
+ state->data_offset, state->auto_hdrs)) != 0)
cleanup_milter_apply(state, "END-OF-MESSAGE", resp);
/*
diff -r dd50e4b9a636 -r 39e4d17be933 external/ibm-public/postfix/dist/src/cleanup/cleanup_state.c
--- a/external/ibm-public/postfix/dist/src/cleanup/cleanup_state.c Sat Jan 24 18:07:54 2015 +0000
+++ b/external/ibm-public/postfix/dist/src/cleanup/cleanup_state.c Sat Jan 24 18:08:05 2015 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: cleanup_state.c,v 1.1.1.3 2014/07/06 19:27:50 tron Exp $ */
+/* $NetBSD: cleanup_state.c,v 1.1.1.4 2015/01/24 18:08:23 tron Exp $ */
/*++
/* NAME
@@ -80,6 +80,7 @@
state->orig_rcpt = 0;
state->return_receipt = 0;
state->errors_to = 0;
+ state->auto_hdrs = argv_alloc(1);
state->flags = 0;
state->qmgr_opts = 0;
state->errs = 0;
@@ -153,6 +154,7 @@
myfree(state->return_receipt);
if (state->errors_to)
myfree(state->errors_to);
+ argv_free(state->auto_hdrs);
if (state->queue_name)
myfree(state->queue_name);
if (state->queue_id)
diff -r dd50e4b9a636 -r 39e4d17be933 external/ibm-public/postfix/dist/src/global/mail_version.h
--- a/external/ibm-public/postfix/dist/src/global/mail_version.h Sat Jan 24 18:07:54 2015 +0000
+++ b/external/ibm-public/postfix/dist/src/global/mail_version.h Sat Jan 24 18:08:05 2015 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: mail_version.h,v 1.1.1.21 2014/07/06 19:27:51 tron Exp $ */
+/* $NetBSD: mail_version.h,v 1.1.1.22 2015/01/24 18:08:25 tron Exp $ */
#ifndef _MAIL_VERSION_H_INCLUDED_
#define _MAIL_VERSION_H_INCLUDED_
@@ -22,8 +22,8 @@
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20140507"
-#define MAIL_VERSION_NUMBER "2.11.1"
+#define MAIL_RELEASE_DATE "20141019"
+#define MAIL_VERSION_NUMBER "2.11.3"
#ifdef SNAPSHOT
#define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE
diff -r dd50e4b9a636 -r 39e4d17be933 external/ibm-public/postfix/dist/src/milter/milter.c
--- a/external/ibm-public/postfix/dist/src/milter/milter.c Sat Jan 24 18:07:54 2015 +0000
+++ b/external/ibm-public/postfix/dist/src/milter/milter.c Sat Jan 24 18:08:05 2015 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: milter.c,v 1.1.1.3 2013/01/02 18:59:01 tron Exp $ */
+/* $NetBSD: milter.c,v 1.1.1.4 2015/01/24 18:08:26 tron Exp $ */
/*++
/* NAME
@@ -87,10 +87,11 @@
/* const char *milter_other_event(milters)
/* MILTERS *milters;
/*
-/* const char *milter_message(milters, qfile, data_offset)
+/* const char *milter_message(milters, qfile, data_offset, auto_hdrs)
/* MILTERS *milters;
/* VSTREAM *qfile;
/* off_t data_offset;
+/* ARGV *auto_hdrs;
/*
/* const char *milter_abort(milters)
/* MILTERS *milters;
@@ -483,7 +484,8 @@
/* milter_message - inspect message content */
-const char *milter_message(MILTERS *milters, VSTREAM *fp, off_t data_offset)
+const char *milter_message(MILTERS *milters, VSTREAM *fp, off_t data_offset,
+ ARGV *auto_hdrs)
{
const char *resp;
MILTER *m;
@@ -497,7 +499,8 @@
for (resp = 0, m = milters->milter_list; resp == 0 && m != 0; m = m->next) {
any_eoh_macros = MILTER_MACRO_EVAL(global_eoh_macros, m, milters, eoh_macros);
any_eod_macros = MILTER_MACRO_EVAL(global_eod_macros, m, milters, eod_macros);
- resp = m->message(m, fp, data_offset, any_eoh_macros, any_eod_macros);
+ resp = m->message(m, fp, data_offset, any_eoh_macros, any_eod_macros,
+ auto_hdrs);
if (any_eoh_macros != global_eoh_macros)
argv_free(any_eoh_macros);
if (any_eod_macros != global_eod_macros)
diff -r dd50e4b9a636 -r 39e4d17be933 external/ibm-public/postfix/dist/src/milter/milter.h
--- a/external/ibm-public/postfix/dist/src/milter/milter.h Sat Jan 24 18:07:54 2015 +0000
+++ b/external/ibm-public/postfix/dist/src/milter/milter.h Sat Jan 24 18:08:05 2015 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: milter.h,v 1.1.1.1 2009/06/23 10:08:49 tron Exp $ */
+/* $NetBSD: milter.h,v 1.1.1.2 2015/01/24 18:08:26 tron Exp $ */
#ifndef _MILTER_H_INCLUDED_
#define _MILTER_H_INCLUDED_
@@ -42,7 +42,7 @@
const char *(*mail_event) (struct MILTER *, const char **, ARGV *);
const char *(*rcpt_event) (struct MILTER *, const char **, ARGV *);
const char *(*data_event) (struct MILTER *, ARGV *);
- const char *(*message) (struct MILTER *, VSTREAM *, off_t, ARGV *, ARGV *);
+ const char *(*message) (struct MILTER *, VSTREAM *, off_t, ARGV *, ARGV *, ARGV *);
const char *(*unknown_event) (struct MILTER *, const char *, ARGV *);
const char *(*other_event) (struct MILTER *);
void (*abort) (struct MILTER *);
@@ -138,7 +138,7 @@
extern const char *milter_mail_event(MILTERS *, const char **);
extern const char *milter_rcpt_event(MILTERS *, int, const char **);
extern const char *milter_data_event(MILTERS *);
-extern const char *milter_message(MILTERS *, VSTREAM *, off_t);
+extern const char *milter_message(MILTERS *, VSTREAM *, off_t, ARGV *);
extern const char *milter_unknown_event(MILTERS *, const char *);
extern const char *milter_other_event(MILTERS *);
extern void milter_abort(MILTERS *);
diff -r dd50e4b9a636 -r 39e4d17be933 external/ibm-public/postfix/dist/src/milter/milter8.c
--- a/external/ibm-public/postfix/dist/src/milter/milter8.c Sat Jan 24 18:07:54 2015 +0000
+++ b/external/ibm-public/postfix/dist/src/milter/milter8.c Sat Jan 24 18:08:05 2015 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: milter8.c,v 1.1.1.7 2014/07/06 19:27:52 tron Exp $ */
+/* $NetBSD: milter8.c,v 1.1.1.8 2015/01/24 18:08:26 tron Exp $ */
/*++
/* NAME
@@ -2287,6 +2287,8 @@
MILTER8 *milter; /* milter client */
ARGV *eoh_macros; /* end-of-header macros */
ARGV *eod_macros; /* end-of-body macros */
+ ARGV *auto_hdrs; /* auto-generated headers */
+ int auto_done; /* good enough for now */
int first_header; /* first header */
int first_body; /* first body line */
const char *resp; /* milter application response */
@@ -2303,6 +2305,8 @@
MILTER8 *milter = msg_ctx->milter;
char *cp;
int skip_reply;
+ char **cpp;
+ unsigned done;
/*
* XXX Workaround: mime_state_update() may invoke multiple call-backs
@@ -2331,10 +2335,11 @@
* XXX Sendmail compatibility. It eats the first space (not tab) after the
* header label and ":".
*/
- if (msg_ctx->first_header) {
- msg_ctx->first_header = 0;
- return;
- }
+ for (cpp = msg_ctx->auto_hdrs->argv, done = 1; *cpp; cpp++, done <<= 1)
+ if ((msg_ctx->auto_done & done) == 0 && strcmp(*cpp, STR(buf)) == 0) {
+ msg_ctx->auto_done |= done;
+ return;
+ }
/*
* Sendmail 8 sends multi-line headers as text separated by newline.
@@ -2509,7 +2514,8 @@
static const char *milter8_message(MILTER *m, VSTREAM *qfile,
off_t data_offset,
ARGV *eoh_macros,
- ARGV *eod_macros)
+ ARGV *eod_macros,
+ ARGV *auto_hdrs)
{
const char *myname = "milter8_message";
MILTER8 *milter = (MILTER8 *) m;
@@ -2543,6 +2549,8 @@
msg_ctx.milter = milter;
msg_ctx.eoh_macros = eoh_macros;
msg_ctx.eod_macros = eod_macros;
+ msg_ctx.auto_hdrs = auto_hdrs;
+ msg_ctx.auto_done = 0;
msg_ctx.first_header = 1;
msg_ctx.first_body = 1;
msg_ctx.resp = 0;
diff -r dd50e4b9a636 -r 39e4d17be933 external/ibm-public/postfix/dist/src/qmqpd/qmqpd.c
--- a/external/ibm-public/postfix/dist/src/qmqpd/qmqpd.c Sat Jan 24 18:07:54 2015 +0000
+++ b/external/ibm-public/postfix/dist/src/qmqpd/qmqpd.c Sat Jan 24 18:08:05 2015 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: qmqpd.c,v 1.1.1.4 2013/09/25 19:06:34 tron Exp $ */
+/* $NetBSD: qmqpd.c,v 1.1.1.5 2015/01/24 18:08:29 tron Exp $ */
/*++
/* NAME
@@ -708,7 +708,8 @@
*/
if (state->reason && state->where)
msg_info("%s: %s: %s while %s",
- state->queue_id, state->namaddr, state->reason, state->where);
+ state->queue_id ? state->queue_id : "NOQUEUE",
+ state->namaddr, state->reason, state->where);
}
/* qmqpd_service - service one client */
Home |
Main Index |
Thread Index |
Old Index