From 015fdf16e82dd207e2575112d5d68c1c3dd106b2 Mon Sep 17 00:00:00 2001 From: Wietse Venema Date: Wed, 16 Jun 2004 00:00:00 -0500 Subject: [PATCH] postfix-2.2-20040616 --- postfix/HISTORY | 16 ++ .../README_FILES/BASIC_CONFIGURATION_README | 4 +- postfix/html/BASIC_CONFIGURATION_README.html | 2 +- postfix/html/postconf.5.html | 2 +- postfix/man/man5/postconf.5 | 2 +- postfix/proto/BASIC_CONFIGURATION_README.html | 2 +- postfix/proto/postconf.proto | 2 +- postfix/src/global/mail_version.h | 2 +- postfix/src/global/mynetworks.c | 11 + postfix/src/global/resolve_clnt.c | 23 +- postfix/src/global/resolve_clnt.in | 94 ++++--- postfix/src/global/resolve_clnt.ref | 259 +++++++++++------- postfix/src/global/rewrite_clnt.c | 8 +- postfix/src/global/verify.c | 3 +- postfix/src/smtpd/smtpd.c | 10 +- 15 files changed, 280 insertions(+), 160 deletions(-) diff --git a/postfix/HISTORY b/postfix/HISTORY index 0e38da29b..67c97aebb 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -9398,6 +9398,22 @@ Apologies for any names omitted. Documentation: typo fixes by IKEDA Nozomu. +20040616 + + Bugfix: one missed variadic argument list fix. Victor + Duchovni, Morgan Stanley. File: global/verify.c. + + Bugfix: the resolver client cache should be context dependent + because address verification probes may use a different + route than normal mail deliveries. File: global/resolve_clnt.c. + + Safety: added similar context dependence to the address + rewriting client in order to avoid trouble when Postfix is + changed. File: global/rewrite_clnt.c. + + Bugfix: space in HELO commands could end up in XFORWARD + commands. File: smtpd/smtpd.c. + Open problems: Low: make sure CCARGS -I options come at the end. diff --git a/postfix/README_FILES/BASIC_CONFIGURATION_README b/postfix/README_FILES/BASIC_CONFIGURATION_README index dd17c5282..9883e6567 100644 --- a/postfix/README_FILES/BASIC_CONFIGURATION_README +++ b/postfix/README_FILES/BASIC_CONFIGURATION_README @@ -116,8 +116,8 @@ small site, you probably want to change that into $mydomain, which defaults to the parent domain of the machine name. For the sake of consistency between sender and recipient addresses, myorigin -also specifies the default domain name that is appended to an unqualified -recipient address. +also specifies the domain name that is appended to an unqualified recipient +address. Examples (specify only one of the following): diff --git a/postfix/html/BASIC_CONFIGURATION_README.html b/postfix/html/BASIC_CONFIGURATION_README.html index 59c1442c1..cee197662 100644 --- a/postfix/html/BASIC_CONFIGURATION_README.html +++ b/postfix/html/BASIC_CONFIGURATION_README.html @@ -187,7 +187,7 @@ want to change that into $mydomain, which domain of the machine name.

For the sake of consistency between sender and recipient addresses, -myorigin also specifies the default domain name that is appended +myorigin also specifies the domain name that is appended to an unqualified recipient address.

Examples (specify only one of the following):

diff --git a/postfix/html/postconf.5.html b/postfix/html/postconf.5.html index fa7adaa4b..ec6ac71ed 100644 --- a/postfix/html/postconf.5.html +++ b/postfix/html/postconf.5.html @@ -3335,7 +3335,7 @@ What addresses are subject to address masquerading.

-By default, address masquerading is limited to envelope recipient +By default, address masquerading is limited to envelope sender addresses, and to header sender and header recipient addresses. This allows you to use address masquerading on a mail gateway while still being able to forward mail to users on individual machines. diff --git a/postfix/man/man5/postconf.5 b/postfix/man/man5/postconf.5 index 2f96c4028..3c0ebc243 100644 --- a/postfix/man/man5/postconf.5 +++ b/postfix/man/man5/postconf.5 @@ -1670,7 +1670,7 @@ Do not change this unless you have a complete understanding of RFC 821. .SH masquerade_classes (default: envelope_sender, header_sender, header_recipient) What addresses are subject to address masquerading. .PP -By default, address masquerading is limited to envelope recipient +By default, address masquerading is limited to envelope sender addresses, and to header sender and header recipient addresses. This allows you to use address masquerading on a mail gateway while still being able to forward mail to users on individual machines. diff --git a/postfix/proto/BASIC_CONFIGURATION_README.html b/postfix/proto/BASIC_CONFIGURATION_README.html index d658123bb..24576b87f 100644 --- a/postfix/proto/BASIC_CONFIGURATION_README.html +++ b/postfix/proto/BASIC_CONFIGURATION_README.html @@ -187,7 +187,7 @@ want to change that into $mydomain, which defaults to the parent domain of the machine name.

For the sake of consistency between sender and recipient addresses, -myorigin also specifies the default domain name that is appended +myorigin also specifies the domain name that is appended to an unqualified recipient address.

Examples (specify only one of the following):

diff --git a/postfix/proto/postconf.proto b/postfix/proto/postconf.proto index 25de67296..fa132d941 100644 --- a/postfix/proto/postconf.proto +++ b/postfix/proto/postconf.proto @@ -2064,7 +2064,7 @@ What addresses are subject to address masquerading.

-By default, address masquerading is limited to envelope recipient +By default, address masquerading is limited to envelope sender addresses, and to header sender and header recipient addresses. This allows you to use address masquerading on a mail gateway while still being able to forward mail to users on individual machines. diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h index 952acb0c9..891c2fca5 100644 --- a/postfix/src/global/mail_version.h +++ b/postfix/src/global/mail_version.h @@ -20,7 +20,7 @@ * Patches change the patchlevel and the release date. Snapshots change the * release date only. */ -#define MAIL_RELEASE_DATE "20040615" +#define MAIL_RELEASE_DATE "20040616" #define MAIL_VERSION_NUMBER "2.2" #define VAR_MAIL_VERSION "mail_version" diff --git a/postfix/src/global/mynetworks.c b/postfix/src/global/mynetworks.c index 5eb649ba3..a40fea4d0 100644 --- a/postfix/src/global/mynetworks.c +++ b/postfix/src/global/mynetworks.c @@ -91,6 +91,17 @@ const char *mynetworks(void) mask_style = name_mask("mynetworks mask style", mask_styles, var_mynetworks_style); + /* + * XXX Workaround: name_mask() needs a flags argument so that we can + * require exactly one value, or we need to provide an API that is + * dedicated for single-valued flags. + */ + for (i = 0, junk = mask_style; junk != 0; junk >>= 1) + i += (junk & 1); + if (i != 1) + msg_fatal("bad %s value: %s; specify exactly one value", + VAR_MYNETWORKS_STYLE, var_mynetworks_style); + result = vstring_alloc(20); my_addr_list = own_inet_addr_list(); my_mask_list = own_inet_mask_list(); diff --git a/postfix/src/global/resolve_clnt.c b/postfix/src/global/resolve_clnt.c index 566983e81..358bc932a 100644 --- a/postfix/src/global/resolve_clnt.c +++ b/postfix/src/global/resolve_clnt.c @@ -127,6 +127,7 @@ */ extern CLNT_STREAM *rewrite_clnt_stream; +static VSTRING *last_class; static VSTRING *last_addr; static RESOLVE_REPLY last_reply; @@ -151,6 +152,7 @@ void resolve_clnt(const char *class, const char *addr, RESOLVE_REPLY *reply) * One-entry cache. */ if (last_addr == 0) { + last_class = vstring_alloc(10); last_addr = vstring_alloc(100); resolve_clnt_init(&last_reply); } @@ -169,7 +171,8 @@ void resolve_clnt(const char *class, const char *addr, RESOLVE_REPLY *reply) */ #define IFSET(flag, text) ((reply->flags & (flag)) ? (text) : "") - if (*addr && strcmp(addr, STR(last_addr)) == 0) { + if (*addr && strcmp(addr, STR(last_addr)) == 0 + && strcmp(class, STR(last_class)) == 0) { vstring_strcpy(reply->transport, STR(last_reply.transport)); vstring_strcpy(reply->nexthop, STR(last_reply.nexthop)); vstring_strcpy(reply->recipient, STR(last_reply.recipient)); @@ -246,6 +249,7 @@ void resolve_clnt(const char *class, const char *addr, RESOLVE_REPLY *reply) /* * Update the cache. */ + vstring_strcpy(last_class, class); vstring_strcpy(last_addr, addr); vstring_strcpy(last_reply.transport, STR(reply->transport)); vstring_strcpy(last_reply.nexthop, STR(reply->nexthop)); @@ -267,6 +271,7 @@ void resolve_clnt_free(RESOLVE_REPLY *reply) #include #include #include +#include #include static NORETURN usage(char *myname) @@ -274,7 +279,7 @@ static NORETURN usage(char *myname) msg_fatal("usage: %s [-v] [address...]", myname); } -static void resolve(char *addr, RESOLVE_REPLY *reply) +static void resolve(char *class, char *addr, RESOLVE_REPLY *reply) { struct RESOLVE_FLAG_TABLE { int flag; @@ -294,10 +299,11 @@ static void resolve(char *addr, RESOLVE_REPLY *reply) }; struct RESOLVE_FLAG_TABLE *fp; - resolve_clnt_query(addr, reply); + resolve_clnt(class, addr, reply); if (reply->flags & RESOLVE_FLAG_FAIL) { vstream_printf("request failed\n"); } else { + vstream_printf("%-10s %s\n", "class", class); vstream_printf("%-10s %s\n", "address", addr); vstream_printf("%-10s %s\n", "transport", STR(reply->transport)); vstream_printf("%-10s %s\n", "nexthop", *STR(reply->nexthop) ? @@ -320,6 +326,7 @@ static void resolve(char *addr, RESOLVE_REPLY *reply) int main(int argc, char **argv) { RESOLVE_REPLY reply; + char *addr; int ch; msg_vstream_init(argv[0], VSTREAM_ERR); @@ -341,15 +348,17 @@ int main(int argc, char **argv) resolve_clnt_init(&reply); if (argc > optind) { - while (argv[optind]) { - resolve(argv[optind], &reply); - optind++; + while (argv[optind] && argv[optind + 1]) { + resolve(argv[optind], argv[optind + 1], &reply); + optind += 2; } } else { VSTRING *buffer = vstring_alloc(1); while (vstring_fgets_nonl(buffer, VSTREAM_IN)) { - resolve(STR(buffer), &reply); + if ((addr = split_at(STR(buffer), ' ')) == 0 || *STR(buffer) == 0) + msg_fatal("need as input: class address"); + resolve(STR(buffer), addr, &reply); } vstring_free(buffer); } diff --git a/postfix/src/global/resolve_clnt.in b/postfix/src/global/resolve_clnt.in index d44aa3d6b..8368a42ff 100644 --- a/postfix/src/global/resolve_clnt.in +++ b/postfix/src/global/resolve_clnt.in @@ -1,45 +1,49 @@ - -@ -@@ -@a. -@.. -@.@. -! -a! -!b -a!b -!@ -a!@ -!b@ -a!b@ -% -a% -%b -a%b -%@ -a%@ -%b@ -@@ -a@@ -@b@ -a@b@ -a%b@ -a%b@MYHOSTNAME -a!b@MYHOSTNAME -a@b@MYHOSTNAME -a[b]@MYHOSTNAME@MYHOSTNAME -a[b]%MYHOSTNAME@MYHOSTNAME -a[b]%MYHOSTNAME%MYHOSTNAME -MYHOSTNAME!a[b]@MYHOSTNAME -MYHOSTNAME!a[b]%MYHOSTNAME -MYHOSTNAME!MYHOSTNAME!a[b] -user@dom.ain1@dom.ain2 -user%dom.ain1@dom.ain2 -dom.ain1!user@dom.ain2 -user@[1.2.3.4]@dom.ain2 -user%[1.2.3.4]@dom.ain2 -[1.2.3.4]!user@dom.ain2 -user@localhost.MYDOMAIN -user@[321.1.2.3] -user@1.2.3 -user@host:port +resolve +resolve @ +resolve @@ +resolve @a. +resolve @.. +resolve @.@. +resolve ! +resolve a! +resolve !b +resolve a!b +resolve !@ +resolve a!@ +resolve !b@ +resolve a!b@ +resolve % +resolve a% +resolve %b +resolve a%b +resolve %@ +resolve a%@ +resolve %b@ +resolve @@ +resolve a@@ +resolve @b@ +resolve a@b@ +resolve a%b@ +resolve a%b@MYHOSTNAME +resolve a!b@MYHOSTNAME +resolve a@b@MYHOSTNAME +resolve a[b]@MYHOSTNAME@MYHOSTNAME +resolve a[b]%MYHOSTNAME@MYHOSTNAME +resolve a[b]%MYHOSTNAME%MYHOSTNAME +resolve MYHOSTNAME!a[b]@MYHOSTNAME +resolve MYHOSTNAME!a[b]%MYHOSTNAME +resolve MYHOSTNAME!MYHOSTNAME!a[b] +resolve user@dom.ain1@dom.ain2 +resolve user%dom.ain1@dom.ain2 +resolve dom.ain1!user@dom.ain2 +resolve user@[1.2.3.4]@dom.ain2 +resolve user%[1.2.3.4]@dom.ain2 +resolve [1.2.3.4]!user@dom.ain2 +resolve user@localhost.MYDOMAIN +resolve user@[321.1.2.3] +resolve user@1.2.3 +resolve user@host:port +resolve user@host +resolve user@host +verify user@host +verify user@host diff --git a/postfix/src/global/resolve_clnt.ref b/postfix/src/global/resolve_clnt.ref index c4d69084e..4a28f50c4 100644 --- a/postfix/src/global/resolve_clnt.ref +++ b/postfix/src/global/resolve_clnt.ref @@ -1,270 +1,343 @@ +class resolve address transport local -nexthop MYHOSTNAME -recipient MAILER-DAEMON@MYHOSTNAME +nexthop tail.porcupine.org +recipient MAILER-DAEMON@tail.porcupine.org flags CLASS_LOCAL +class resolve address @ transport local -nexthop MYHOSTNAME -recipient MAILER-DAEMON@MYHOSTNAME +nexthop tail.porcupine.org +recipient MAILER-DAEMON@tail.porcupine.org flags CLASS_LOCAL +class resolve address @@ transport local -nexthop MYHOSTNAME -recipient MAILER-DAEMON@MYHOSTNAME +nexthop tail.porcupine.org +recipient MAILER-DAEMON@tail.porcupine.org flags CLASS_LOCAL +class resolve address @a. transport smtp -nexthop RELAYHOST +nexthop porcupine.org recipient @a flags CLASS_DEFAULT +class resolve address @.. -transport smtp -nexthop RELAYHOST +transport CHANNEL NOT UPDATED +nexthop NEXTHOP NOT UPDATED recipient @.. flags FLAG_ERROR CLASS_DEFAULT +class resolve address @.@. -transport smtp -nexthop RELAYHOST +transport CHANNEL NOT UPDATED +nexthop NEXTHOP NOT UPDATED recipient @.@. -flags FLAG_ROUTED FLAG_ERROR CLASS_DEFAULT +flags FLAG_ERROR CLASS_DEFAULT +class resolve address ! transport local -nexthop MYHOSTNAME -recipient MAILER-DAEMON@MYHOSTNAME +nexthop tail.porcupine.org +recipient MAILER-DAEMON@tail.porcupine.org flags CLASS_LOCAL +class resolve address a! transport smtp -nexthop RELAYHOST -recipient @a.MYDOMAIN +nexthop porcupine.org +recipient @a.porcupine.org flags CLASS_DEFAULT +class resolve address !b transport local -nexthop MYHOSTNAME -recipient b@MYHOSTNAME +nexthop tail.porcupine.org +recipient b@tail.porcupine.org flags CLASS_LOCAL +class resolve address a!b transport smtp -nexthop RELAYHOST -recipient b@a.MYDOMAIN +nexthop porcupine.org +recipient b@a.porcupine.org flags CLASS_DEFAULT +class resolve address !@ transport local -nexthop MYHOSTNAME -recipient MAILER-DAEMON@MYHOSTNAME +nexthop tail.porcupine.org +recipient MAILER-DAEMON@tail.porcupine.org flags CLASS_LOCAL +class resolve address a!@ transport smtp -nexthop RELAYHOST -recipient @a.MYDOMAIN +nexthop porcupine.org +recipient @a.porcupine.org flags CLASS_DEFAULT +class resolve address !b@ transport local -nexthop MYHOSTNAME -recipient b@MYHOSTNAME +nexthop tail.porcupine.org +recipient b@tail.porcupine.org flags CLASS_LOCAL +class resolve address a!b@ transport smtp -nexthop RELAYHOST -recipient b@a.MYDOMAIN +nexthop porcupine.org +recipient b@a.porcupine.org flags CLASS_DEFAULT +class resolve address % transport local -nexthop MYHOSTNAME -recipient MAILER-DAEMON@MYHOSTNAME +nexthop tail.porcupine.org +recipient MAILER-DAEMON@tail.porcupine.org flags CLASS_LOCAL +class resolve address a% transport local -nexthop MYHOSTNAME -recipient a@MYHOSTNAME +nexthop tail.porcupine.org +recipient a@tail.porcupine.org flags CLASS_LOCAL +class resolve address %b transport smtp -nexthop RELAYHOST -recipient @b.MYDOMAIN +nexthop porcupine.org +recipient @b.porcupine.org flags CLASS_DEFAULT +class resolve address a%b transport smtp -nexthop RELAYHOST -recipient a@b.MYDOMAIN +nexthop porcupine.org +recipient a@b.porcupine.org flags CLASS_DEFAULT +class resolve address %@ transport local -nexthop MYHOSTNAME -recipient MAILER-DAEMON@MYHOSTNAME +nexthop tail.porcupine.org +recipient MAILER-DAEMON@tail.porcupine.org flags CLASS_LOCAL +class resolve address a%@ transport local -nexthop MYHOSTNAME -recipient a@MYHOSTNAME +nexthop tail.porcupine.org +recipient a@tail.porcupine.org flags CLASS_LOCAL +class resolve address %b@ transport smtp -nexthop RELAYHOST -recipient @b.MYDOMAIN +nexthop porcupine.org +recipient @b.porcupine.org flags CLASS_DEFAULT +class resolve address @@ transport local -nexthop MYHOSTNAME -recipient MAILER-DAEMON@MYHOSTNAME +nexthop tail.porcupine.org +recipient MAILER-DAEMON@tail.porcupine.org flags CLASS_LOCAL +class resolve address a@@ transport local -nexthop MYHOSTNAME -recipient a@MYHOSTNAME +nexthop tail.porcupine.org +recipient a@tail.porcupine.org flags CLASS_LOCAL +class resolve address @b@ transport smtp -nexthop RELAYHOST -recipient @b.MYDOMAIN +nexthop porcupine.org +recipient @b.porcupine.org flags CLASS_DEFAULT +class resolve address a@b@ transport smtp -nexthop RELAYHOST -recipient a@b.MYDOMAIN +nexthop porcupine.org +recipient a@b.porcupine.org flags CLASS_DEFAULT +class resolve address a%b@ transport smtp -nexthop RELAYHOST -recipient a@b.MYDOMAIN +nexthop porcupine.org +recipient a@b.porcupine.org flags CLASS_DEFAULT -address a%b@MYHOSTNAME +class resolve +address a%b@tail.porcupine.org transport smtp -nexthop RELAYHOST -recipient a@b.MYDOMAIN +nexthop porcupine.org +recipient a@b.porcupine.org flags CLASS_DEFAULT -address a!b@MYHOSTNAME +class resolve +address a!b@tail.porcupine.org transport smtp -nexthop RELAYHOST -recipient b@a.MYDOMAIN +nexthop porcupine.org +recipient b@a.porcupine.org flags CLASS_DEFAULT -address a@b@MYHOSTNAME +class resolve +address a@b@tail.porcupine.org transport smtp -nexthop RELAYHOST -recipient a@b.MYDOMAIN +nexthop porcupine.org +recipient a@b.porcupine.org flags CLASS_DEFAULT -address a[b]@MYHOSTNAME@MYHOSTNAME +class resolve +address a[b]@tail.porcupine.org@tail.porcupine.org transport local -nexthop MYHOSTNAME -recipient a[b]@MYHOSTNAME +nexthop tail.porcupine.org +recipient a[b]@tail.porcupine.org flags CLASS_LOCAL -address a[b]%MYHOSTNAME@MYHOSTNAME +class resolve +address a[b]%tail.porcupine.org@tail.porcupine.org transport local -nexthop MYHOSTNAME -recipient a[b]@MYHOSTNAME +nexthop tail.porcupine.org +recipient a[b]@tail.porcupine.org flags CLASS_LOCAL -address a[b]%MYHOSTNAME%MYHOSTNAME +class resolve +address a[b]%tail.porcupine.org%tail.porcupine.org transport local -nexthop MYHOSTNAME -recipient a[b]@MYHOSTNAME +nexthop tail.porcupine.org +recipient a[b]@tail.porcupine.org flags CLASS_LOCAL -address MYHOSTNAME!a[b]@MYHOSTNAME +class resolve +address tail.porcupine.org!a[b]@tail.porcupine.org transport local -nexthop MYHOSTNAME -recipient a [b]@MYHOSTNAME +nexthop tail.porcupine.org +recipient a [b]@tail.porcupine.org flags CLASS_LOCAL -address MYHOSTNAME!a[b]%MYHOSTNAME +class resolve +address tail.porcupine.org!a[b]%tail.porcupine.org transport local -nexthop MYHOSTNAME -recipient a [b]@MYHOSTNAME +nexthop tail.porcupine.org +recipient a [b]@tail.porcupine.org flags CLASS_LOCAL -address MYHOSTNAME!MYHOSTNAME!a[b] +class resolve +address tail.porcupine.org!tail.porcupine.org!a[b] transport local -nexthop MYHOSTNAME -recipient a [b]@MYHOSTNAME +nexthop tail.porcupine.org +recipient a [b]@tail.porcupine.org flags CLASS_LOCAL +class resolve address user@dom.ain1@dom.ain2 transport smtp -nexthop RELAYHOST +nexthop porcupine.org recipient user@dom.ain1@dom.ain2 flags FLAG_ROUTED CLASS_DEFAULT +class resolve address user%dom.ain1@dom.ain2 transport smtp -nexthop RELAYHOST +nexthop porcupine.org recipient user%dom.ain1@dom.ain2 flags FLAG_ROUTED CLASS_DEFAULT +class resolve address dom.ain1!user@dom.ain2 transport smtp -nexthop RELAYHOST +nexthop porcupine.org recipient dom.ain1!user@dom.ain2 flags FLAG_ROUTED CLASS_DEFAULT +class resolve address user@[1.2.3.4]@dom.ain2 transport smtp -nexthop RELAYHOST +nexthop porcupine.org recipient user@[1.2.3.4]@dom.ain2 flags FLAG_ROUTED CLASS_DEFAULT +class resolve address user%[1.2.3.4]@dom.ain2 transport smtp -nexthop RELAYHOST +nexthop porcupine.org recipient user%[1.2.3.4]@dom.ain2 flags FLAG_ROUTED CLASS_DEFAULT +class resolve address [1.2.3.4]!user@dom.ain2 transport smtp -nexthop RELAYHOST +nexthop porcupine.org recipient [1.2.3.4]!user@dom.ain2 flags FLAG_ROUTED CLASS_DEFAULT -address user@localhost.MYDOMAIN +class resolve +address user@localhost.porcupine.org transport local -nexthop MYHOSTNAME -recipient user@localhost.MYDOMAIN +nexthop tail.porcupine.org +recipient user@localhost.porcupine.org flags CLASS_LOCAL +class resolve address user@[321.1.2.3] -transport smtp -nexthop RELAYHOST +transport CHANNEL NOT UPDATED +nexthop NEXTHOP NOT UPDATED recipient user@[321.1.2.3] flags FLAG_ERROR CLASS_DEFAULT +class resolve address user@1.2.3 transport smtp -nexthop RELAYHOST +nexthop porcupine.org recipient user@1.2.3 flags CLASS_DEFAULT +class resolve address user@host:port -transport smtp -nexthop RELAYHOST +transport CHANNEL NOT UPDATED +nexthop NEXTHOP NOT UPDATED recipient user@host:port flags FLAG_ERROR CLASS_DEFAULT +class resolve +address user@host +transport smtp +nexthop porcupine.org +recipient user@host +flags CLASS_DEFAULT + +class resolve +address user@host +transport smtp +nexthop porcupine.org +recipient user@host +flags CLASS_DEFAULT + +class verify +address user@host +transport smtp +nexthop porcupine.org +recipient user@host +flags CLASS_DEFAULT + +class verify +address user@host +transport smtp +nexthop porcupine.org +recipient user@host +flags CLASS_DEFAULT + diff --git a/postfix/src/global/rewrite_clnt.c b/postfix/src/global/rewrite_clnt.c index 6b70baaef..ac28d2546 100644 --- a/postfix/src/global/rewrite_clnt.c +++ b/postfix/src/global/rewrite_clnt.c @@ -72,6 +72,7 @@ */ CLNT_STREAM *rewrite_clnt_stream = 0; +static VSTRING *last_rule; static VSTRING *last_addr; static VSTRING *last_result; @@ -85,6 +86,7 @@ VSTRING *rewrite_clnt(const char *rule, const char *addr, VSTRING *result) * One-entry cache. */ if (last_addr == 0) { + last_rule = vstring_alloc(10); last_addr = vstring_alloc(100); last_result = vstring_alloc(100); } @@ -102,10 +104,9 @@ VSTRING *rewrite_clnt(const char *rule, const char *addr, VSTRING *result) /* * Peek at the cache. - * - * XXX Must be made "rule" specific. */ - if (strcmp(addr, STR(last_addr)) == 0) { + if (strcmp(addr, STR(last_addr)) == 0 + && strcmp(rule, STR(last_rule)) == 0) { vstring_strcpy(result, STR(last_result)); if (msg_verbose) msg_info("rewrite_clnt: cached: %s: %s -> %s", @@ -152,6 +153,7 @@ VSTRING *rewrite_clnt(const char *rule, const char *addr, VSTRING *result) /* * Update the cache. */ + vstring_strcpy(last_rule, rule); vstring_strcpy(last_addr, addr); vstring_strcpy(last_result, STR(result)); diff --git a/postfix/src/global/verify.c b/postfix/src/global/verify.c index e2829406f..623013be5 100644 --- a/postfix/src/global/verify.c +++ b/postfix/src/global/verify.c @@ -142,7 +142,8 @@ int vverify_append(const char *queue_id, const char *orig_rcpt, */ vstring_vsprintf(text, fmt, ap); if (var_verify_neg_cache || rcpt_stat == DEL_RCPT_STAT_OK) { - req_stat = verify_clnt_vupdate(orig_rcpt, rcpt_stat, fmt, ap); + req_stat = verify_clnt_update(orig_rcpt, rcpt_stat, + "%s", vstring_str(text)); if (req_stat == VRFY_STAT_OK && strcasecmp(recipient, orig_rcpt) != 0) req_stat = verify_clnt_update(recipient, rcpt_stat, "%s", vstring_str(text)); diff --git a/postfix/src/smtpd/smtpd.c b/postfix/src/smtpd/smtpd.c index b9e61f542..2f41f29dd 100644 --- a/postfix/src/smtpd/smtpd.c +++ b/postfix/src/smtpd/smtpd.c @@ -811,6 +811,11 @@ static void mail_reset(SMTPD_STATE *); static void rcpt_reset(SMTPD_STATE *); static void chat_reset(SMTPD_STATE *, int); + /* + * This filter is applied after printable(). + */ +#define NEUTER_CHARACTERS " <>()\\\";:@" + #ifdef USE_SASL_AUTH /* @@ -882,7 +887,7 @@ static int helo_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv) mail_reset(state); rcpt_reset(state); state->helo_name = mystrdup(printable(argv[1].strval, '?')); - neuter(state->helo_name, "<>()\\\";:@", '?'); + neuter(state->helo_name, NEUTER_CHARACTERS, '?'); /* Downgrading the protocol name breaks the unauthorized pipelining test. */ if (strcasecmp(state->protocol, MAIL_PROTO_ESMTP) != 0 && strcasecmp(state->protocol, MAIL_PROTO_SMTP) != 0) { @@ -923,7 +928,7 @@ static int ehlo_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv) mail_reset(state); rcpt_reset(state); state->helo_name = mystrdup(printable(argv[1].strval, '?')); - neuter(state->helo_name, "<>()\\\";:@", '?'); + neuter(state->helo_name, NEUTER_CHARACTERS, '?'); if (strcasecmp(state->protocol, MAIL_PROTO_ESMTP) != 0) { myfree(state->protocol); state->protocol = mystrdup(MAIL_PROTO_ESMTP); @@ -2012,7 +2017,6 @@ static int xclient_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv) if (s) myfree(s); \ s = (v) ? mystrdup(v) : 0; \ } while(0) -#define NEUTER_CHARACTERS "<>()\\\";:@" /* * Iterate over all attribute=value elements.