From 12dcf4eaa5de367a450bc245917b851c710749b4 Mon Sep 17 00:00:00 2001 From: Wietse Venema Date: Thu, 18 Apr 2019 00:00:00 -0500 Subject: [PATCH] postfix-3.5-20190418 --- postfix/HISTORY | 21 ++++++++++++++++++++ postfix/html/postconf.5.html | 3 --- postfix/man/man5/postconf.5 | 4 ---- postfix/proto/postconf.proto | 3 --- postfix/src/global/mail_version.h | 2 +- postfix/src/milter/test-milter.c | 5 +++-- postfix/src/smtp/smtp_addr.c | 4 ++-- postfix/src/smtpd/smtpd.c | 15 ++++++++------ postfix/src/util/printable.c | 28 ++++++++++++++++++++++++++- postfix/src/util/stringops.h | 5 ++++- postfix/src/util/unix_dgram_connect.c | 1 + 11 files changed, 68 insertions(+), 23 deletions(-) diff --git a/postfix/HISTORY b/postfix/HISTORY index 90eb4946c..d8dacdcad 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -24219,3 +24219,24 @@ Apologies for any names omitted. could exhaust LMTP server resources, resulting in two-second pauses between email deliveries. This problem was investigated by Juliana Rodrigueiro. File: smtp/smtp_connect.c. + +20190331 + + Documentation: tlsext_padding is not a tls_ssl_options + feature. File: proto/postconf.proto. + +20190401 + + Portability: to avoid a compile-time error on Solaris, added + "#undef sun" to util/unix_dgram_connect.c. + +20190403 + + Bugfix (introduced: Postfix 2.3): a censoring filter broke + multiline Milter responses for header/body events. Problem + report by Andreas Thienemann. Files: util/printable.c, + util/stringops.h, smtpd/smtpd.c. + + Bugfix (introduced: Postfix 3.3): "smtp_mx_address_limit = 0" + no longer meant 'unlimited'. Problem report by Luc Pardon. + File: smtp/smtp_addr.c. diff --git a/postfix/html/postconf.5.html b/postfix/html/postconf.5.html index 88b8b87bf..6d2044d93 100644 --- a/postfix/html/postconf.5.html +++ b/postfix/html/postconf.5.html @@ -18890,9 +18890,6 @@ SSL_CTX_set_options(3).
PRIORITIZE_CHACHA
Postfix ≥ 3.4. See SSL_CTX_set_options(3).
-
TLSEXT_PADDING
Postfix ≥ 3.4. See -SSL_CTX_set_options(3).
-

This feature is available in Postfix 2.11 and later.

diff --git a/postfix/man/man5/postconf.5 b/postfix/man/man5/postconf.5 index a97621d4d..db745eaf5 100644 --- a/postfix/man/man5/postconf.5 +++ b/postfix/man/man5/postconf.5 @@ -13221,10 +13221,6 @@ Postfix .IP "\fBPRIORITIZE_CHACHA\fR" Postfix >= 3.4. See SSL_CTX_\fBset_options\fR(3). .br -.IP "\fBTLSEXT_PADDING\fR" -Postfix >= 3.4. See -SSL_CTX_\fBset_options\fR(3). -.br .br .PP This feature is available in Postfix 2.11 and later. diff --git a/postfix/proto/postconf.proto b/postfix/proto/postconf.proto index 77a1baff8..9851adb77 100644 --- a/postfix/proto/postconf.proto +++ b/postfix/proto/postconf.proto @@ -16130,9 +16130,6 @@ SSL_CTX_set_options(3).
PRIORITIZE_CHACHA
Postfix ≥ 3.4. See SSL_CTX_set_options(3).
-
TLSEXT_PADDING
Postfix ≥ 3.4. See -SSL_CTX_set_options(3).
-

This feature is available in Postfix 2.11 and later.

diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h index 61be3f1ed..a7a5473f4 100644 --- a/postfix/src/global/mail_version.h +++ b/postfix/src/global/mail_version.h @@ -20,7 +20,7 @@ * Patches change both the patchlevel and the release date. Snapshots have no * patchlevel; they change the release date only. */ -#define MAIL_RELEASE_DATE "20190330" +#define MAIL_RELEASE_DATE "20190418" #define MAIL_VERSION_NUMBER "3.5" #ifdef SNAPSHOT diff --git a/postfix/src/milter/test-milter.c b/postfix/src/milter/test-milter.c index ac0d8e52e..0494ff0e7 100644 --- a/postfix/src/milter/test-milter.c +++ b/postfix/src/milter/test-milter.c @@ -18,7 +18,8 @@ /* Arguments (multiple alternatives are separated by "\fB|\fR"): /* .IP "\fB-a accept|tempfail|reject|discard|skip|\fIddd x.y.z text\fR" /* Specifies a non-default reply for the MTA command specified -/* with \fB-c\fR. The default is \fBtempfail\fR. +/* with \fB-c\fR. The default is \fBtempfail\fR. The \fItext\fR +/* is repeated once, to produce multi-line reply text. /* .IP "\fB-A address\fR" /* Add the specified recipient address (specify ESMTP parameters /* separated by space). Multiple -A options are supported. @@ -218,7 +219,7 @@ static int test_reply(SMFICTX *ctx, int code) if (code == SMFIR_REPLYCODE) { if (smfi_setmlreply(ctx, reply_code, reply_dsn, reply_message, reply_message, (char *) 0) == MI_FAILURE) fprintf(stderr, "smfi_setmlreply failed\n"); - printf("test_reply %s\n", reply_code); + printf("test_reply %s\n\n", reply_code); return (reply_code[0] == '4' ? SMFIS_TEMPFAIL : SMFIS_REJECT); } else { printf("test_reply %d\n\n", code); diff --git a/postfix/src/smtp/smtp_addr.c b/postfix/src/smtp/smtp_addr.c index f374adad5..2210ff7d8 100644 --- a/postfix/src/smtp/smtp_addr.c +++ b/postfix/src/smtp/smtp_addr.c @@ -623,7 +623,7 @@ DNS_RR *smtp_domain_addr(const char *name, DNS_RR **mxrr, int misc_flags, if (var_smtp_rand_addr) addr_list = dns_rr_shuffle(addr_list); addr_list = dns_rr_sort(addr_list, SMTP_COMPARE_ADDR(misc_flags)); - if (var_smtp_balance_inet_proto) + if (var_smtp_mxaddr_limit > 0 && var_smtp_balance_inet_proto) addr_list = smtp_balance_inet_proto(addr_list, misc_flags, var_smtp_mxaddr_limit); } @@ -683,7 +683,7 @@ DNS_RR *smtp_host_addr(const char *host, int misc_flags, DSN_BUF *why) /* The following changes the order of equal-preference hosts. */ if (inet_proto_info()->ai_family_list[1] != 0) addr_list = dns_rr_sort(addr_list, SMTP_COMPARE_ADDR(misc_flags)); - if (var_smtp_balance_inet_proto) + if (var_smtp_mxaddr_limit > 0 && var_smtp_balance_inet_proto) addr_list = smtp_balance_inet_proto(addr_list, misc_flags, var_smtp_mxaddr_limit); } diff --git a/postfix/src/smtpd/smtpd.c b/postfix/src/smtpd/smtpd.c index f3e107072..124449819 100644 --- a/postfix/src/smtpd/smtpd.c +++ b/postfix/src/smtpd/smtpd.c @@ -3528,6 +3528,11 @@ static int common_post_message_handling(SMTPD_STATE *state) int saved_err; const CLEANUP_STAT_DETAIL *detail; +#define IS_SMTP_REJECT(s) \ + (((s)[0] == '4' || (s)[0] == '5') \ + && ISDIGIT((s)[1]) && ISDIGIT((s)[2]) \ + && ((s)[3] == '\0' || (s)[3] == ' ' || (s)[3] == '-')) + if (state->err == CLEANUP_STAT_OK && SMTPD_STAND_ALONE(state) == 0 && (err = smtpd_check_eod(state)) != 0) { @@ -3598,7 +3603,10 @@ static int common_post_message_handling(SMTPD_STATE *state) if (state->err == 0) { why = vstring_alloc(10); state->err = mail_stream_finish(state->dest, why); - printable(STR(why), ' '); + if (IS_SMTP_REJECT(STR(why))) + printable_except(STR(why), ' ', "\r\n"); + else + printable(STR(why), ' '); } else mail_stream_cleanup(state->dest); state->dest = 0; @@ -3633,11 +3641,6 @@ static int common_post_message_handling(SMTPD_STATE *state) * * See also: qmqpd.c */ -#define IS_SMTP_REJECT(s) \ - (((s)[0] == '4' || (s)[0] == '5') \ - && ISDIGIT((s)[1]) && ISDIGIT((s)[2]) \ - && ((s)[3] == '\0' || (s)[3] == ' ' || (s)[3] == '-')) - if (state->err == CLEANUP_STAT_OK) { state->error_count = 0; state->error_mask = 0; diff --git a/postfix/src/util/printable.c b/postfix/src/util/printable.c index a37ff6306..6c148fd00 100644 --- a/postfix/src/util/printable.c +++ b/postfix/src/util/printable.c @@ -11,6 +11,11 @@ /* char *printable(buffer, replacement) /* char *buffer; /* int replacement; +/* +/* char *printable_except(buffer, replacement, except) +/* char *buffer; +/* int replacement; +/* const char *except; /* DESCRIPTION /* printable() replaces non-printable characters /* in its input with the given replacement. @@ -24,6 +29,8 @@ /* .IP replacement /* Replacement value for characters in \fIbuffer\fR that do not /* pass the ASCII isprint(3) test or that are not valid UTF8. +/* .IP except +/* Null-terminated sequence of non-replaced ASCII characters. /* LICENSE /* .ad /* .fi @@ -33,12 +40,18 @@ /* IBM T.J. Watson Research /* P.O. Box 704 /* Yorktown Heights, NY 10598, USA +/* +/* Wietse Venema +/* Google, Inc. +/* 111 8th Avenue +/* New York, NY 10011, USA /*--*/ /* System library. */ #include "sys_defs.h" #include +#include /* Utility library. */ @@ -46,7 +59,20 @@ int util_utf8_enable = 0; +/* printable - binary compatibility */ + +#undef printable + +char *printable(char *, int); + char *printable(char *string, int replacement) +{ + return (printable_except(string, replacement, (char *) 0)); +} + +/* printable_except - pass through printable or other preserved characters */ + +char *printable_except(char *string, int replacement, const char *except) { unsigned char *cp; int ch; @@ -57,7 +83,7 @@ char *printable(char *string, int replacement) */ cp = (unsigned char *) string; while ((ch = *cp) != 0) { - if (ISASCII(ch) && ISPRINT(ch)) { + if (ISASCII(ch) && (ISPRINT(ch) || (except && strchr(except, ch)))) { /* ok */ } else if (util_utf8_enable && ch >= 194 && ch <= 254 && cp[1] >= 128 && cp[1] < 192) { diff --git a/postfix/src/util/stringops.h b/postfix/src/util/stringops.h index c227b8460..c54a5268b 100644 --- a/postfix/src/util/stringops.h +++ b/postfix/src/util/stringops.h @@ -20,7 +20,7 @@ * External interface. */ extern int util_utf8_enable; -extern char *printable(char *, int); +extern char *printable_except(char *, int, const char *); extern char *neuter(char *, const char *, int); extern char *lowercase(char *); extern char *casefoldx(int, VSTRING *, const char *, ssize_t); @@ -32,6 +32,9 @@ extern char *mystrtok(char **, const char *); extern char *mystrtokq(char **, const char *, const char *); extern char *translit(char *, const char *, const char *); +#define printable(string, replacement) \ + printable_except((string), (replacement), (char *) 0) + #ifndef HAVE_BASENAME #define basename postfix_basename extern char *basename(const char *); diff --git a/postfix/src/util/unix_dgram_connect.c b/postfix/src/util/unix_dgram_connect.c index b3492f731..83a035e76 100644 --- a/postfix/src/util/unix_dgram_connect.c +++ b/postfix/src/util/unix_dgram_connect.c @@ -60,6 +60,7 @@ int unix_dgram_connect(const char *path, int block_mode) { const char myname[] = "unix_dgram_connect"; +#undef sun struct sockaddr_un sun; ssize_t path_len; int sock;