diff --git a/postfix/HISTORY b/postfix/HISTORY
index b22edd068..ea741cb8b 100644
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@@ -7814,9 +7814,46 @@ Apologies for any names omitted.
20030126
- Update: maildir filename algorithm updated according to
+ Update: maildir filename algorithm updated according to
today's version of http://cr.yp.to/proto/maildir.html.
+20030127
+
+ Cleanup: use separate error messages for separate problems
+ with computing the list of SASL authentication mechanisms.
+ File: smtpd/smtpd_sasl_glue.c.
+
+20030130
+
+ Bugfix: allow $name in default time values. File:
+ global/mail_conf_time.c.
+
+20030205
+
+ Feature: allow !, /file/name and map:name in masquerade_exceptions.
+ By Liviu Daia. Files:cleanup_init.c, cleanup.h,
+ cleanup_masquerade.c.
+
+20030219
+
+ Bugfix: the local pickup daemon skipped unterminated records,
+ since they happened to have the same record type code as
+ content filtering instructions. Victor Duchovni. Files:
+ global/rec_type.h, pickup/pickup.c.
+
+ Portability: Postfix could block, and thus not enforce
+ command execution time limits, while delivering mail to
+ command. File: global/pipe_command.c.
+
+ Bugfix: command execution time limits were not enforced
+ because the child process killing code in pipe_command()
+ was running with the wrong privileges. Problem reported by
+ Ben Rosengart, Panix. File: global/pipe_command.c.
+
+ Bugfix: duplicate recipient filtering in the cleanup server
+ did not eliminate virtual expansion duplicates with the
+ same original recipient. File: cleanup/cleanup_out_recipient.c.
+
Open problems:
Med: make qmgr recipient bounce/defer activity asynchronous
diff --git a/postfix/README_FILES/LOCAL_RECIPIENT_README b/postfix/README_FILES/LOCAL_RECIPIENT_README
index 7c693f2cd..0b9c3e77b 100644
--- a/postfix/README_FILES/LOCAL_RECIPIENT_README
+++ b/postfix/README_FILES/LOCAL_RECIPIENT_README
@@ -24,6 +24,10 @@ The local_recipient_maps parameter specifies lookup tables with
all names or addresses of local recipients. A recipient address is
local when the address domain matches $mydestination or $inet_interfaces.
+The right-hand side of the lookup tables is conveniently ignored.
+In the left-hand side, specify a bare username, an @domain.tld
+wild-card, or specify a user@domain.tld address.
+
If the local_recipient_maps parameter value is non-empty, then the
SMTP server will reject for an unknown local recipient mail with
"User unknown in local recipient table".
diff --git a/postfix/conf/main.cf b/postfix/conf/main.cf
index a8a5f1141..3d3bc6706 100644
--- a/postfix/conf/main.cf
+++ b/postfix/conf/main.cf
@@ -188,6 +188,10 @@ mail_owner = postfix
# to access the passwd file via the proxymap service, in order to
# overcome chroot restrictions. The alternative, having a copy of
# the system passwd file in the chroot jail is just not practical.
+#
+# The right-hand side of the lookup tables is conveniently ignored.
+# In the left-hand side, specify a bare username, an @domain.tld
+# wild-card, or specify a user@domain.tld address.
#
#local_recipient_maps = unix:passwd.byname $alias_maps
#local_recipient_maps = proxy:unix:passwd.byname $alias_maps
@@ -307,6 +311,10 @@ unknown_local_recipient_reject_code = 450
#
# If this parameter is defined, then the SMTP server will reject
# mail for unknown relay users. This feature is off by default.
+#
+# The right-hand side of the lookup tables is conveniently ignored.
+# In the left-hand side, specify an @domain.tld wild-card, or specify
+# a user@domain.tld address.
#
#relay_recipient_maps = hash:/etc/postfix/relay_recipients
diff --git a/postfix/conf/sample-rewrite.cf b/postfix/conf/sample-rewrite.cf
index e34d99b17..660462faa 100644
--- a/postfix/conf/sample-rewrite.cf
+++ b/postfix/conf/sample-rewrite.cf
@@ -68,6 +68,14 @@ masquerade_domains =
# names that are not subjected to address masquerading.
#
# By default, address masquerading makes no exceptions.
+#
+# Specify a list of user names, /file/name or type:table patterns,
+# separated by commas and/or whitespace. The list is matched left to
+# right, and the search stops on the first match. Specify !name to
+# exclude a name from the list. A /file/name pattern is replaced by
+# its contents; a type:table is matched when a name matches a lookup
+# key (the right-hand side is ignored). Continue long lines by
+# starting the next line with whitespace.
#
#masquerade_exceptions = root,mailer-daemon
#masquerade_exceptions = root
diff --git a/postfix/conf/sample-smtpd.cf b/postfix/conf/sample-smtpd.cf
index b6a6643d2..7fc8c761f 100644
--- a/postfix/conf/sample-smtpd.cf
+++ b/postfix/conf/sample-smtpd.cf
@@ -32,11 +32,17 @@
# - You use the "luser_relay", "mailbox_transport", or "fallback_transport"
# feature of the Postfix local delivery agent (see sample-local.cf).
#
+# Details are described in the LOCAL_RECIPIENT_README file.
+#
# Beware: if the Postfix SMTP server runs chrooted, you probably have
# to access the passwd file via the proxymap service, in order to
# overcome chroot restrictions. The alternative, having a copy of
# the system passwd file in the chroot jail is just not practical.
#
+# The right-hand side of the lookup tables is conveniently ignored.
+# In the left-hand side, specify a bare username, an @domain.tld
+# wild-card, or specify a user@domain.tld address.
+#
#local_recipient_maps =
#local_recipient_maps = unix:passwd.byname $alias_maps
local_recipient_maps = proxy:unix:passwd.byname $alias_maps
@@ -61,6 +67,10 @@ unknown_local_recipient_reject_code = 550
# If this parameter is defined, then the SMTP server will reject
# mail for unknown relay users. This feature is off by default.
#
+# The right-hand side of the lookup tables is conveniently ignored.
+# In the left-hand side, specify an @domain.tld wild-card, or specify
+# a user@domain.tld address.
+#
#relay_recipient_maps = hash:/etc/postfix/relay_recipients
#
diff --git a/postfix/html/rewrite.html b/postfix/html/rewrite.html
index eeb374310..a432b0194 100644
--- a/postfix/html/rewrite.html
+++ b/postfix/html/rewrite.html
@@ -265,13 +265,21 @@ but strips any.thing.else.example.com to example.com.
The masquerade_exceptions configuration parameter specifies
what user names should not be subjected to address masquerading.
-Specify one or more user names separated by whitespace or commas.
+Specify a list of user names, /file/name or type:table patterns,
+separated by commas and/or whitespace. The list is matched left to
+right, and the search stops on the first match. Specify !name to
+exclude a name from the list. A /file/name pattern is replaced by
+its contents; a type:table is matched when a name matches a lookup
+key (the right-hand side is ignored). Continue long lines by
+starting the next line with whitespace.
For example,
- masquerade_exceptions = root
+
- masquerade_exceptions = /etc/postfix/masquerade-exceptions
+
diff --git a/postfix/src/cleanup/Makefile.in b/postfix/src/cleanup/Makefile.in
index 362990e16..3a5110c1d 100644
--- a/postfix/src/cleanup/Makefile.in
+++ b/postfix/src/cleanup/Makefile.in
@@ -110,6 +110,9 @@ cleanup.o: ../../include/been_here.h
cleanup.o: ../../include/mail_stream.h
cleanup.o: ../../include/mime_state.h
cleanup.o: ../../include/header_opts.h
+cleanup.o: ../../include/string_list.h
+cleanup.o: ../../include/match_list.h
+cleanup.o: ../../include/match_ops.h
cleanup_api.o: cleanup_api.c
cleanup_api.o: ../../include/sys_defs.h
cleanup_api.o: ../../include/msg.h
@@ -140,6 +143,9 @@ cleanup_api.o: ../../include/been_here.h
cleanup_api.o: ../../include/mail_conf.h
cleanup_api.o: ../../include/mime_state.h
cleanup_api.o: ../../include/header_opts.h
+cleanup_api.o: ../../include/string_list.h
+cleanup_api.o: ../../include/match_list.h
+cleanup_api.o: ../../include/match_ops.h
cleanup_envelope.o: cleanup_envelope.c
cleanup_envelope.o: ../../include/sys_defs.h
cleanup_envelope.o: ../../include/msg.h
@@ -169,6 +175,9 @@ cleanup_envelope.o: ../../include/mail_stream.h
cleanup_envelope.o: ../../include/mail_conf.h
cleanup_envelope.o: ../../include/mime_state.h
cleanup_envelope.o: ../../include/header_opts.h
+cleanup_envelope.o: ../../include/string_list.h
+cleanup_envelope.o: ../../include/match_list.h
+cleanup_envelope.o: ../../include/match_ops.h
cleanup_extracted.o: cleanup_extracted.c
cleanup_extracted.o: ../../include/sys_defs.h
cleanup_extracted.o: ../../include/msg.h
@@ -197,6 +206,9 @@ cleanup_extracted.o: ../../include/mail_stream.h
cleanup_extracted.o: ../../include/mail_conf.h
cleanup_extracted.o: ../../include/mime_state.h
cleanup_extracted.o: ../../include/header_opts.h
+cleanup_extracted.o: ../../include/string_list.h
+cleanup_extracted.o: ../../include/match_list.h
+cleanup_extracted.o: ../../include/match_ops.h
cleanup_init.o: cleanup_init.c
cleanup_init.o: ../../include/sys_defs.h
cleanup_init.o: ../../include/msg.h
@@ -222,6 +234,9 @@ cleanup_init.o: ../../include/mail_stream.h
cleanup_init.o: ../../include/mail_conf.h
cleanup_init.o: ../../include/mime_state.h
cleanup_init.o: ../../include/header_opts.h
+cleanup_init.o: ../../include/string_list.h
+cleanup_init.o: ../../include/match_list.h
+cleanup_init.o: ../../include/match_ops.h
cleanup_map11.o: cleanup_map11.c
cleanup_map11.o: ../../include/sys_defs.h
cleanup_map11.o: ../../include/msg.h
@@ -246,6 +261,9 @@ cleanup_map11.o: ../../include/mail_stream.h
cleanup_map11.o: ../../include/mail_conf.h
cleanup_map11.o: ../../include/mime_state.h
cleanup_map11.o: ../../include/header_opts.h
+cleanup_map11.o: ../../include/string_list.h
+cleanup_map11.o: ../../include/match_list.h
+cleanup_map11.o: ../../include/match_ops.h
cleanup_map1n.o: cleanup_map1n.c
cleanup_map1n.o: ../../include/sys_defs.h
cleanup_map1n.o: ../../include/mymalloc.h
@@ -270,6 +288,9 @@ cleanup_map1n.o: ../../include/mail_stream.h
cleanup_map1n.o: ../../include/mail_conf.h
cleanup_map1n.o: ../../include/mime_state.h
cleanup_map1n.o: ../../include/header_opts.h
+cleanup_map1n.o: ../../include/string_list.h
+cleanup_map1n.o: ../../include/match_list.h
+cleanup_map1n.o: ../../include/match_ops.h
cleanup_masquerade.o: cleanup_masquerade.c
cleanup_masquerade.o: ../../include/sys_defs.h
cleanup_masquerade.o: ../../include/msg.h
@@ -294,6 +315,9 @@ cleanup_masquerade.o: ../../include/mail_stream.h
cleanup_masquerade.o: ../../include/mail_conf.h
cleanup_masquerade.o: ../../include/mime_state.h
cleanup_masquerade.o: ../../include/header_opts.h
+cleanup_masquerade.o: ../../include/string_list.h
+cleanup_masquerade.o: ../../include/match_list.h
+cleanup_masquerade.o: ../../include/match_ops.h
cleanup_message.o: cleanup_message.c
cleanup_message.o: ../../include/sys_defs.h
cleanup_message.o: ../../include/msg.h
@@ -330,6 +354,9 @@ cleanup_message.o: ../../include/dict.h
cleanup_message.o: ../../include/been_here.h
cleanup_message.o: ../../include/mail_stream.h
cleanup_message.o: ../../include/mail_conf.h
+cleanup_message.o: ../../include/string_list.h
+cleanup_message.o: ../../include/match_list.h
+cleanup_message.o: ../../include/match_ops.h
cleanup_out.o: cleanup_out.c
cleanup_out.o: ../../include/sys_defs.h
cleanup_out.o: ../../include/msg.h
@@ -354,6 +381,9 @@ cleanup_out.o: ../../include/mail_stream.h
cleanup_out.o: ../../include/mail_conf.h
cleanup_out.o: ../../include/mime_state.h
cleanup_out.o: ../../include/header_opts.h
+cleanup_out.o: ../../include/string_list.h
+cleanup_out.o: ../../include/match_list.h
+cleanup_out.o: ../../include/match_ops.h
cleanup_out_recipient.o: cleanup_out_recipient.c
cleanup_out_recipient.o: ../../include/sys_defs.h
cleanup_out_recipient.o: ../../include/argv.h
@@ -376,6 +406,9 @@ cleanup_out_recipient.o: ../../include/mail_stream.h
cleanup_out_recipient.o: ../../include/mail_conf.h
cleanup_out_recipient.o: ../../include/mime_state.h
cleanup_out_recipient.o: ../../include/header_opts.h
+cleanup_out_recipient.o: ../../include/string_list.h
+cleanup_out_recipient.o: ../../include/match_list.h
+cleanup_out_recipient.o: ../../include/match_ops.h
cleanup_rewrite.o: cleanup_rewrite.c
cleanup_rewrite.o: ../../include/sys_defs.h
cleanup_rewrite.o: ../../include/msg.h
@@ -399,6 +432,9 @@ cleanup_rewrite.o: ../../include/mail_stream.h
cleanup_rewrite.o: ../../include/mail_conf.h
cleanup_rewrite.o: ../../include/mime_state.h
cleanup_rewrite.o: ../../include/header_opts.h
+cleanup_rewrite.o: ../../include/string_list.h
+cleanup_rewrite.o: ../../include/match_list.h
+cleanup_rewrite.o: ../../include/match_ops.h
cleanup_state.o: cleanup_state.c
cleanup_state.o: ../../include/sys_defs.h
cleanup_state.o: ../../include/mymalloc.h
@@ -419,3 +455,6 @@ cleanup_state.o: ../../include/tok822.h
cleanup_state.o: ../../include/resolve_clnt.h
cleanup_state.o: ../../include/mail_stream.h
cleanup_state.o: ../../include/mail_conf.h
+cleanup_state.o: ../../include/string_list.h
+cleanup_state.o: ../../include/match_list.h
+cleanup_state.o: ../../include/match_ops.h
diff --git a/postfix/src/cleanup/cleanup.h b/postfix/src/cleanup/cleanup.h
index 88636ef12..8c6ee5345 100644
--- a/postfix/src/cleanup/cleanup.h
+++ b/postfix/src/cleanup/cleanup.h
@@ -25,6 +25,7 @@
#include
#include
#include
+#include
/*
* These state variables are accessed by many functions, and there is only
@@ -82,6 +83,7 @@ extern MAPS *cleanup_nesthdr_checks;
extern MAPS *cleanup_body_checks;
extern MAPS *cleanup_virt_alias_maps;
extern ARGV *cleanup_masq_domains;
+extern STRING_LIST *cleanup_masq_exceptions;
extern int cleanup_masq_flags;
/*
diff --git a/postfix/src/cleanup/cleanup_init.c b/postfix/src/cleanup/cleanup_init.c
index 8a5884af3..296c88c75 100644
--- a/postfix/src/cleanup/cleanup_init.c
+++ b/postfix/src/cleanup/cleanup_init.c
@@ -157,6 +157,7 @@ MAPS *cleanup_nesthdr_checks;
MAPS *cleanup_body_checks;
MAPS *cleanup_virt_alias_maps;
ARGV *cleanup_masq_domains;
+STRING_LIST *cleanup_masq_exceptions;
int cleanup_masq_flags;
/*
@@ -213,6 +214,9 @@ void cleanup_pre_jail(char *unused_name, char **unused_argv)
if (*var_body_checks)
cleanup_body_checks =
maps_create(VAR_BODY_CHECKS, var_body_checks, DICT_FLAG_LOCK);
+ if (*var_masq_exceptions)
+ cleanup_masq_exceptions =
+ string_list_init(MATCH_FLAG_NONE, var_masq_exceptions);
if (*var_masq_classes)
cleanup_masq_flags = name_mask(VAR_MASQ_CLASSES, masq_class_table,
var_masq_classes);
diff --git a/postfix/src/cleanup/cleanup_masquerade.c b/postfix/src/cleanup/cleanup_masquerade.c
index 0220e4080..dd0fa0768 100644
--- a/postfix/src/cleanup/cleanup_masquerade.c
+++ b/postfix/src/cleanup/cleanup_masquerade.c
@@ -88,23 +88,9 @@ void cleanup_masquerade_external(VSTRING *addr, ARGV *masq_domains)
int truncate;
/* Stuff for excluded names. */
- static HTABLE *masq_except_table = 0;
- char *saved_names;
char *name;
- char *ptr;
int excluded;
- /*
- * First time, build a lookup table for excluded names.
- */
- if (*var_masq_exceptions && masq_except_table == 0) {
- masq_except_table = htable_create(5);
- ptr = saved_names = mystrdup(var_masq_exceptions);
- while ((name = mystrtok(&ptr, ", \t\r\n")) != 0)
- htable_enter(masq_except_table, lowercase(name), (char *) 0);
- myfree(saved_names);
- }
-
/*
* Find the domain part.
*/
@@ -116,9 +102,9 @@ void cleanup_masquerade_external(VSTRING *addr, ARGV *masq_domains)
/*
* Don't masquerade excluded names (regardless of domain).
*/
- if (masq_except_table) {
+ if (*var_masq_exceptions) {
name = mystrndup(STR(addr), domain - 1 - STR(addr));
- excluded = (htable_locate(masq_except_table, lowercase(name)) != 0);
+ excluded = (string_list_match(cleanup_masq_exceptions, lowercase(name)) != 0);
myfree(name);
if (excluded)
return;
@@ -190,6 +176,7 @@ void cleanup_masquerade_internal(VSTRING *addr, ARGV *masq_domains)
#include
char *var_masq_exceptions;
+STRING_LIST *cleanup_masq_exceptions;
int main(int argc, char **argv)
{
@@ -200,6 +187,8 @@ int main(int argc, char **argv)
msg_fatal("usage: %s exceptions masquerade_list address", argv[0]);
var_masq_exceptions = argv[1];
+ cleanup_masq_exceptions =
+ string_list_init(MATCH_FLAG_NONE, var_masq_exceptions);
masq_domains = argv_split(argv[2], " ,\t\r\n");
addr = vstring_alloc(1);
if (strchr(argv[3], '@') == 0)
diff --git a/postfix/src/cleanup/cleanup_out_recipient.c b/postfix/src/cleanup/cleanup_out_recipient.c
index 427a1faf9..97129487e 100644
--- a/postfix/src/cleanup/cleanup_out_recipient.c
+++ b/postfix/src/cleanup/cleanup_out_recipient.c
@@ -69,25 +69,25 @@ void cleanup_out_recipient(CLEANUP_STATE *state, const char *orcpt,
char **cpp;
/*
- * Apply the duplicate recipient filter before virtual expansion, so that
- * we can distinguish between different addresses that map onto the same
- * mailbox. The recipient will use our original recipient message header
- * to figure things out.
+ * Distinguish between different original recipient addresses that map
+ * onto the same mailbox. The recipient will use our original recipient
+ * message header to figure things out.
*/
- if (been_here_fixed(state->dups, recip) != 0)
- return;
-
if (cleanup_virt_alias_maps == 0) {
- cleanup_out_string(state, REC_TYPE_ORCP, orcpt);
- cleanup_out_string(state, REC_TYPE_RCPT, recip);
- state->rcpt_count++;
+ if (been_here(state->dups, "%s\n%s", orcpt, recip) == 0) {
+ cleanup_out_string(state, REC_TYPE_ORCP, orcpt);
+ cleanup_out_string(state, REC_TYPE_RCPT, recip);
+ state->rcpt_count++;
+ }
} else {
argv = cleanup_map1n_internal(state, recip, cleanup_virt_alias_maps,
cleanup_ext_prop_mask & EXT_PROP_VIRTUAL);
for (cpp = argv->argv; *cpp; cpp++) {
- cleanup_out_string(state, REC_TYPE_ORCP, orcpt);
- cleanup_out_string(state, REC_TYPE_RCPT, *cpp);
- state->rcpt_count++;
+ if (been_here(state->dups, "%s\n%s", orcpt, *cpp) == 0) {
+ cleanup_out_string(state, REC_TYPE_ORCP, orcpt);
+ cleanup_out_string(state, REC_TYPE_RCPT, *cpp);
+ state->rcpt_count++;
+ }
}
argv_free(argv);
}
diff --git a/postfix/src/global/Makefile.in b/postfix/src/global/Makefile.in
index 267ee712b..c2f7e5948 100644
--- a/postfix/src/global/Makefile.in
+++ b/postfix/src/global/Makefile.in
@@ -1052,6 +1052,7 @@ pipe_command.o: ../../include/stringops.h
pipe_command.o: ../../include/iostuff.h
pipe_command.o: ../../include/timed_wait.h
pipe_command.o: ../../include/set_ugid.h
+pipe_command.o: ../../include/set_eugid.h
pipe_command.o: ../../include/argv.h
pipe_command.o: mail_params.h
pipe_command.o: mail_copy.h
@@ -1157,12 +1158,6 @@ resolve_local.o: mail_params.h
resolve_local.o: own_inet_addr.h
resolve_local.o: resolve_local.h
resolve_local.o: match_parent_style.h
-resover.o: resover.c
-resover.o: ../../include/sys_defs.h
-resover.o: ../../include/msg.h
-resover.o: ../../include/vstring.h
-resover.o: ../../include/vbuf.h
-resover.o: ../../include/split_at.h
rewrite_clnt.o: rewrite_clnt.c
rewrite_clnt.o: ../../include/sys_defs.h
rewrite_clnt.o: ../../include/msg.h
diff --git a/postfix/src/global/mail_conf_time.c b/postfix/src/global/mail_conf_time.c
index 8a160a16d..682a6863d 100644
--- a/postfix/src/global/mail_conf_time.c
+++ b/postfix/src/global/mail_conf_time.c
@@ -140,7 +140,7 @@ static int get_def_time_unit(const char *name, const char *defval)
{
const char *cp;
- for (cp = defval; /* void */ ; cp++) {
+ for (cp = mail_conf_eval(defval); /* void */ ; cp++) {
if (*cp == 0)
msg_panic("parameter %s: missing time unit in default value: %s",
name, defval);
diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h
index ea4eda2be..0b630c3bc 100644
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -20,10 +20,10 @@
* Patches change the patchlevel and the release date. Snapshots change the
* release date only, unless they include the same bugfix as a patch release.
*/
-#define MAIL_RELEASE_DATE "20030126"
+#define MAIL_RELEASE_DATE "20030219"
#define VAR_MAIL_VERSION "mail_version"
-#define DEF_MAIL_VERSION "2.0.3-" MAIL_RELEASE_DATE
+#define DEF_MAIL_VERSION "2.0.4-" MAIL_RELEASE_DATE
extern char *var_mail_version;
/*
diff --git a/postfix/src/global/pipe_command.c b/postfix/src/global/pipe_command.c
index b8f07823b..40026f2a4 100644
--- a/postfix/src/global/pipe_command.c
+++ b/postfix/src/global/pipe_command.c
@@ -132,6 +132,7 @@
#include
#include
#include
+#include
#include
/* Global library. */
@@ -292,9 +293,28 @@ static int pipe_command_read(int fd, void *buf, unsigned len)
}
}
+/* kill_command - terminate command forcibly */
+
+static void kill_command(pid_t pid, int sig, uid_t kill_uid, gid_t kill_gid)
+{
+ pid_t saved_euid = geteuid();
+ gid_t saved_egid = getegid();
+
+ /*
+ * Switch privileges to that of the child process. Terminate the child
+ * and its offspring.
+ */
+ set_eugid(kill_uid, kill_gid);
+ if (kill(-pid, sig) < 0 && kill(pid, sig) < 0)
+ msg_warn("cannot kill process (group) %lu: %m",
+ (unsigned long) pid);
+ set_eugid(saved_euid, saved_egid);
+}
+
/* pipe_command_wait_or_kill - wait for command with time limit, or kill it */
-static int pipe_command_wait_or_kill(pid_t pid, WAIT_STATUS_T *statusp, int sig)
+static int pipe_command_wait_or_kill(pid_t pid, WAIT_STATUS_T *statusp, int sig,
+ uid_t kill_uid, gid_t kill_gid)
{
int maxtime = (pipe_command_timeout == 0) ? pipe_command_maxtime : 1;
char *myname = "pipe_command_wait_or_kill";
@@ -309,7 +329,7 @@ static int pipe_command_wait_or_kill(pid_t pid, WAIT_STATUS_T *statusp, int sig)
msg_info("%s: time limit exceeded", myname);
pipe_command_timeout = 1;
}
- kill(-pid, sig);
+ kill_command(pid, sig, kill_uid, kill_gid);
n = waitpid(pid, statusp, 0);
}
return (n);
@@ -358,10 +378,14 @@ int pipe_command(VSTREAM *src, VSTRING *why,...)
* truncated without too much loss. I could even argue that truncating
* the amount of diagnostic output is a good thing to do, but I won't go
* that far.
+ *
+ * Turn on non-blocking writes to the child process so that we can enforce
+ * timeouts after partial writes.
*/
if (pipe(cmd_in_pipe) < 0 || pipe(cmd_out_pipe) < 0)
msg_fatal("%s: pipe: %m", myname);
non_blocking(cmd_out_pipe[1], NON_BLOCKING);
+ non_blocking(cmd_in_pipe[1], NON_BLOCKING);
/*
* Spawn off a child process and irrevocably change privilege to the
@@ -488,8 +512,9 @@ int pipe_command(VSTREAM *src, VSTRING *why,...)
* not just the child process but also its offspring.
*/
if (pipe_command_timeout)
- (void) kill(-pid, SIGKILL);
- if (pipe_command_wait_or_kill(pid, &wait_status, SIGKILL) < 0)
+ kill_command(pid, SIGKILL, args.uid, args.gid);
+ if (pipe_command_wait_or_kill(pid, &wait_status, SIGKILL,
+ args.uid, args.gid) < 0)
msg_fatal("wait: %m");
if (pipe_command_timeout) {
vstring_sprintf(why, "Command time limit exceeded: \"%s\"%s%s",
diff --git a/postfix/src/global/rec_type.h b/postfix/src/global/rec_type.h
index 0e54d7ee9..3f3d10d85 100644
--- a/postfix/src/global/rec_type.h
+++ b/postfix/src/global/rec_type.h
@@ -64,10 +64,13 @@
* this is "postfix internal" information. However, the pickup server has to
* allow for the presence of A records in the extracted segment, because it
* can be requested to re-process already queued mail with `postsuper -r'.
+ *
+ * Note: REC_TYPE_FILT and REC_TYPE_CONT are encoded with the same 'L'
+ * constant, and it is too late to change that now.
*/
#define REC_TYPE_ENVELOPE "MCTFILSDROWVA>"
#define REC_TYPE_CONTENT "XLN"
-#define REC_TYPE_EXTRACT "EDROPreAFI>"
+#define REC_TYPE_EXTRACT "EDROPreAFIL>"
/*
* The record at the beginning of the envelope segment specifies the message
diff --git a/postfix/src/local/maildir.c b/postfix/src/local/maildir.c
index b9f537c93..dca519394 100644
--- a/postfix/src/local/maildir.c
+++ b/postfix/src/local/maildir.c
@@ -168,7 +168,7 @@ int deliver_maildir(LOCAL_STATE state, USER_ATTR usr_attr, char *path)
*
* [...]
*
- * # Pn, where n is (in decimal) the process ID.
+ * Pn, where n is (in decimal) the process ID.
*
* [...]
*/
diff --git a/postfix/src/pickup/pickup.c b/postfix/src/pickup/pickup.c
index 281ee54ac..fd586072f 100644
--- a/postfix/src/pickup/pickup.c
+++ b/postfix/src/pickup/pickup.c
@@ -225,7 +225,12 @@ static int copy_segment(VSTREAM *qfile, VSTREAM *cleanup, PICKUP_INFO *info,
if (type == REC_TYPE_INSP)
/* Use current content inspection settings instead. */
continue;
- if (type == REC_TYPE_FILT)
+
+ /*
+ * XXX Workaround: REC_TYPE_FILT (used in envelopes) == REC_TYPE_CONT
+ * (used in message content).
+ */
+ if (type == REC_TYPE_FILT && *expected != REC_TYPE_CONTENT[0])
/* Use current content filter settings instead. */
continue;
else {
diff --git a/postfix/src/smtpd/smtpd_sasl_glue.c b/postfix/src/smtpd/smtpd_sasl_glue.c
index c05b7d672..936f16736 100644
--- a/postfix/src/smtpd/smtpd_sasl_glue.c
+++ b/postfix/src/smtpd/smtpd_sasl_glue.c
@@ -310,8 +310,9 @@ void smtpd_sasl_connect(SMTPD_STATE *state)
"", " ", "",
&state->sasl_mechanism_list,
IGNORE_MECHANISM_LEN,
- &sasl_mechanism_count) != SASL_OK
- || sasl_mechanism_count <= 0)
+ &sasl_mechanism_count) != SASL_OK)
+ msg_fatal("cannot lookup SASL authentication mechanisms");
+ if (sasl_mechanism_count <= 0)
msg_fatal("no SASL authentication mechanisms");
}
diff --git a/postfix/src/virtual/maildir.c b/postfix/src/virtual/maildir.c
index 0d435083d..b84c1fa74 100644
--- a/postfix/src/virtual/maildir.c
+++ b/postfix/src/virtual/maildir.c
@@ -165,7 +165,7 @@ int deliver_maildir(LOCAL_STATE state, USER_ATTR usr_attr)
*
* [...]
*
- * # Pn, where n is (in decimal) the process ID.
+ * Pn, where n is (in decimal) the process ID.
*
* [...]
*/