mir/postfix
2
0
Fork 0
mirror of https://github.com/vdukhovni/postfix synced 2025-08-22 01:49:47 +00:00
Code Issues Releases Wiki Activity

postfix-2.11-20131104

Browse Source
This commit is contained in:
Wietse Venema 2013-11-04 00:00:00 -05:00 committed by Viktor Dukhovni
parent 78fe66320c
commit 1fa35743a5
20 changed files with 229 additions and 193 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
postfix/HISTORY
View File

@ -19035,19 +19035,36 @@ Apologies for any names omitted.
Documentation: added SASL_README example for check_sasl_access. Documentation: added SASL_README example for check_sasl_access.
File: proto/SASL_README.html. File: proto/SASL_README.html.
20131102 20131102-3
Security violation: by default, LMDB 0.9.9 writes fragments Security violation: by default, LMDB 0.9.9 writes uninitialized
of uninitialized heap memory to a world-readable database heap memory to a world-readable database file, as chunks
file. This is a basic memory disclosure vulnerability: of up to 4096 bytes. This is a gross memory disclosure
memory content that a program does not intend to share ends vulnerability: memory content that a program does not intend
up in a world-readable file. The content of uninitialized to share ends up in a world-readable file. The content of
heap memory depends on program execution history. That uninitialized heap memory depends on program execution
history includes code execution in other libraries that are history. That history includes code execution in other
linked into the program. To work around this problem we libraries that are linked into the program.
disable the use of malloc() in LMDB. However, that does not
address several disclosures of stack memory. File:
util/dict_lmdb.c.
Cleanup: expand TAB characters when generating HTML and This is a problem whenever the user who writes the database
README files. Files: proto/Makefile.in. file differs from the user who reads the database file. For
example, a privileged writer and an unprivileged reader.
In the case of Postfix, the postmap(1) and postalias(1)
commands would leak uninitialized heap memory, as chunks
of up to 4096 bytes, from a root-privileged process that
writes to a database file, to unprivileged processes that
read from that database file.
To work around this problem the postmap(1) and postalias(1)
commands disable the use of malloc() in LMDB. However, that
does not address several disclosures of stack memory. Other
Postfix databases do not need this workaround: those databases
are maintained by Postfix daemon processes, and are accessible
only by the postfix user. File: util/dict_lmdb.c.
20131102-3
Cleanup: expand TAB characters when generating documentation.
This was primarily an issue with non-HTML output, but it does
not hurt to do this also for HTML. Files: proto/Makefile.in,
proto/MULTI_INSTANCE_README.html.

6
postfix/README_FILES/ADDRESS_REWRITING_README
View File

@ -655,9 +655,9 @@ Example:
smtp_generic_maps = hash:/etc/postfix/generic smtp_generic_maps = hash:/etc/postfix/generic
/etc/postfix/generic: /etc/postfix/generic:
his@localdomain.local hisaccount@hisisp.example his@localdomain.local hisaccount@hisisp.example
her@localdomain.local heraccount@herisp.example her@localdomain.local heraccount@herisp.example
@localdomain.local hisaccount+local@hisisp.example @localdomain.local hisaccount+local@hisisp.example
When mail is sent to a remote host via SMTP, this replaces When mail is sent to a remote host via SMTP, this replaces
his@localdomain.local by his ISP mail address, replaces her@localdomain.local his@localdomain.local by his ISP mail address, replaces her@localdomain.local

4
postfix/README_FILES/BACKSCATTER_README
View File

@ -119,7 +119,7 @@ this:
endif endif
/^Message-ID:.* <!&!/ DUNNO /^Message-ID:.* <!&!/ DUNNO
/^Message-ID:.*@(porcupine\.org)/ /^Message-ID:.*@(porcupine\.org)/
reject forged domain name in Message-ID: header: $1 reject forged domain name in Message-ID: header: $1
/etc/postfix/body_checks: /etc/postfix/body_checks:
# Do not indent the patterns between "if" and "endif". # Do not indent the patterns between "if" and "endif".
@ -134,7 +134,7 @@ this:
endif endif
/^[> ]*Message-ID:.* <!&!/ DUNNO /^[> ]*Message-ID:.* <!&!/ DUNNO
/^[> ]*Message-ID:.*@(porcupine\.org)/ /^[> ]*Message-ID:.*@(porcupine\.org)/
reject forged domain name in Message-ID: header: $1 reject forged domain name in Message-ID: header: $1
Notes: Notes:

12
postfix/README_FILES/DATABASE_README
View File

@ -151,16 +151,16 @@ font.
# Note 1: commands are specified after a TAB character. # Note 1: commands are specified after a TAB character.
# Note 2: use postalias(1) for local aliases, postmap(1) for the rest. # Note 2: use postalias(1) for local aliases, postmap(1) for the rest.
aliases.db: aliases.in aliases.db: aliases.in
postalias aliases.in postalias aliases.in
mv aliases.in.db aliases.db mv aliases.in.db aliases.db
access.db: access.in access.db: access.in
postmap access.in postmap access.in
mv access.in.db access.db mv access.in.db access.db
virtual.db: virtual.in virtual.db: virtual.in
postmap virtual.in postmap virtual.in
mv virtual.in.db virtual.db mv virtual.in.db virtual.db
...etcetera... ...etcetera...
# vvii aacccceessss..iinn # vvii aacccceessss..iinn

24
postfix/README_FILES/MULTI_INSTANCE_README
View File

@ -157,13 +157,13 @@ submission null client:
# a template file. The build process expands the template into # a template file. The build process expands the template into
# "mtaadmin+root=mta1" # "mtaadmin+root=mta1"
# #
root mtaadmin+root=mta1 root mtaadmin+root=mta1
/etc/postfix/virtual: /etc/postfix/virtual:
# Caretaker aliases: # Caretaker aliases:
# #
root mtaadmin root mtaadmin
postmaster root postmaster root
You would typically also add a Makefile, to automatically run postmap(1) You would typically also add a Makefile, to automatically run postmap(1)
commands when source files change. This Makefile also creates a "generic" commands when source files change. This Makefile also creates a "generic"
@ -175,13 +175,13 @@ database when none exists.
all: virtual.cdb generic.cdb all: virtual.cdb generic.cdb
generic: Makefile generic: Makefile
@echo Creating $@ @echo Creating $@
@rm -f $@.tmp @rm -f $@.tmp
@printf '%s\t%s+root=%s\n' root $MTAADMIN `uname -n` > $@.tmp @printf '%s\t%s+root=%s\n' root $MTAADMIN `uname -n` > $@.tmp
@mv $@.tmp generic @mv $@.tmp generic
%.cdb: % %.cdb: %
postmap cdb:$< postmap cdb:$<
Construct the "virtual" and "generic" databases (the latter is created by Construct the "virtual" and "generic" databases (the latter is created by
running "make"), then start and test the null-client: running "make"), then start and test the null-client:
@ -875,9 +875,9 @@ If you want to override the conventional values of the instance installation
parameters, specify their values on the command-line: parameters, specify their values on the command-line:
# postmulti [-I postfix-myinst] [-G mygroup] -e create \ # postmulti [-I postfix-myinst] [-G mygroup] -e create \
"config_directory = /path/to/config_directory" \ "config_directory = /path/to/config_directory" \
"queue_directory = /path/to/queue_directory" \ "queue_directory = /path/to/queue_directory" \
"data_directory = /path/to/data_directory" "data_directory = /path/to/data_directory"
A note on the --II and --GG options above. These are always used to assign a name A note on the --II and --GG options above. These are always used to assign a name
or group name to an instance, while the --ii and --gg options always select or group name to an instance, while the --ii and --gg options always select
@ -924,7 +924,7 @@ match this name if necessary):
Otherwise, you must specify the location of its configuration directory: Otherwise, you must specify the location of its configuration directory:
# postmulti [-I postfix-myinst] [-G mygroup] -e import \ # postmulti [-I postfix-myinst] [-G mygroup] -e import \
"config_directory = /path/of/config_directory" "config_directory = /path/of/config_directory"
When the instance is imported, you can assign a name or a group. As with When the instance is imported, you can assign a name or a group. As with
"create", you can control the placement of the new instance in the start order "create", you can control the placement of the new instance in the start order

6
postfix/README_FILES/RESTRICTION_CLASS_README
View File

@ -30,9 +30,9 @@ Example:
smtpd_recipient_restrictions = smtpd_recipient_restrictions =
permit_mynetworks permit_mynetworks
# reject_unauth_destination is not needed here if the mail # reject_unauth_destination is not needed here if the mail
# relay policy is specified with smtpd_relay_restrictions # relay policy is specified with smtpd_relay_restrictions
# (available with Postfix 2.10 and later). # (available with Postfix 2.10 and later).
reject_unauth_destination reject_unauth_destination
check_recipient_access hash:/etc/postfix/recipient_access check_recipient_access hash:/etc/postfix/recipient_access
... ...

26
postfix/README_FILES/SASL_README
View File

@ -846,19 +846,19 @@ authenticated SMTP clients to send mail to remote destinations. Examples:
# preferably specified under smtpd_relay_restrictions. # preferably specified under smtpd_relay_restrictions.
/etc/postfix/main.cf: /etc/postfix/main.cf:
smtpd_relay_restrictions = smtpd_relay_restrictions =
permit_mynetworks permit_mynetworks
ppeerrmmiitt__ssaassll__aauutthheennttiiccaatteedd ppeerrmmiitt__ssaassll__aauutthheennttiiccaatteedd
reject_unauth_destination reject_unauth_destination
# Older configurations combine relay control and spam control under # Older configurations combine relay control and spam control under
# smtpd_recipient_restrictions. To use this example with Postfix >= # smtpd_recipient_restrictions. To use this example with Postfix >=
# 2.10 specify "smtpd_relay_restrictions=". # 2.10 specify "smtpd_relay_restrictions=".
/etc/postfix/main.cf: /etc/postfix/main.cf:
smtpd_recipient_restrictions = smtpd_recipient_restrictions =
permit_mynetworks permit_mynetworks
ppeerrmmiitt__ssaassll__aauutthheennttiiccaatteedd ppeerrmmiitt__ssaassll__aauutthheennttiiccaatteedd
reject_unauth_destination reject_unauth_destination
...other rules... ...other rules...
EEnnvveellooppee sseennddeerr aaddddrreessss aauutthhoorriizzaattiioonn EEnnvveellooppee sseennddeerr aaddddrreessss aauutthhoorriizzaattiioonn
@ -878,7 +878,7 @@ authenticated client is allowed to use a particular envelope sender address:
smtpd_recipient_restrictions = smtpd_recipient_restrictions =
... ...
rreejjeecctt__sseennddeerr__llooggiinn__mmiissmmaattcchh rreejjeecctt__sseennddeerr__llooggiinn__mmiissmmaattcchh
permit_sasl_authenticated permit_sasl_authenticated
... ...
The controlled_envelope_senders table specifies the binding between a sender The controlled_envelope_senders table specifies the binding between a sender
@ -915,14 +915,14 @@ credentials have been compromised.
/etc/postfix/main.cf: /etc/postfix/main.cf:
smtpd_recipient_restrictions = smtpd_recipient_restrictions =
permit_mynetworks permit_mynetworks
check_sasl_access hash:/etc/postfix/sasl_access check_sasl_access hash:/etc/postfix/sasl_access
permit_sasl_authenticated permit_sasl_authenticated
... ...
/etc/postfix/sasl_access: /etc/postfix/sasl_access:
# Use this when smtpd_sasl_local_domain is empty. # Use this when smtpd_sasl_local_domain is empty.
username HOLD username HOLD
# Use this when smtpd_sasl_local_domain=example.com. # Use this when smtpd_sasl_local_domain=example.com.
username@example.com HOLD username@example.com HOLD

8
postfix/README_FILES/SCHEDULER_README
View File

@ -594,10 +594,10 @@ The first approximation of the new scheduling algorithm is like this:
if transport process limit reached continue if transport process limit reached continue
foreach transport's job (in the order of the transport's job list) foreach transport's job (in the order of the transport's job list)
do do
foreach job's peer (round-robin-by-destination) foreach job's peer (round-robin-by-destination)
if peer->queue->concurrency < peer->queue->window if peer->queue->concurrency < peer->queue->window
return next peer entry. return next peer entry.
done done
done done
done done

6
postfix/README_FILES/TLS_README
View File

@ -1140,7 +1140,7 @@ the example above, we show two matching fingerprints:
smtp_tls_fingerprint_digest = md5 smtp_tls_fingerprint_digest = md5
/etc/postfix/tls_policy: /etc/postfix/tls_policy:
example.com fingerprint example.com fingerprint
match=3D:95:34:51:24:66:33:B9:D2:40:99:C0:C1:17:0B:D1 match=3D:95:34:51:24:66:33:B9:D2:40:99:C0:C1:17:0B:D1
match=EC:3B:2D:B0:5B:B1:FB:6D:20:A3:9D:72:F6:8D:12:35 match=EC:3B:2D:B0:5B:B1:FB:6D:20:A3:9D:72:F6:8D:12:35
@ -1753,8 +1753,8 @@ Example:
[mail.example.org]:587 secure match=nexthop [mail.example.org]:587 secure match=nexthop
# Postfix 2.5 and later # Postfix 2.5 and later
[thumb.example.org] fingerprint [thumb.example.org] fingerprint
match=EC:3B:2D:B0:5B:B1:FB:6D:20:A3:9D:72:F6:8D:12:35 match=EC:3B:2D:B0:5B:B1:FB:6D:20:A3:9D:72:F6:8D:12:35
match=3D:95:34:51:24:66:33:B9:D2:40:99:C0:C1:17:0B:D1 match=3D:95:34:51:24:66:33:B9:D2:40:99:C0:C1:17:0B:D1
# Postfix 2.6 and later # Postfix 2.6 and later
example.info may protocols=!SSLv2 ciphers=medium example.info may protocols=!SSLv2 ciphers=medium
exclude=3DES exclude=3DES

2
postfix/html/MULTI_INSTANCE_README.html
View File

@ -554,7 +554,7 @@ pre-filter input instance include: </p>
# Avoid splitting the envelope and scanning messages multiple times. # Avoid splitting the envelope and scanning messages multiple times.
# Match the re-injection server's recipient limit. # Match the re-injection server's recipient limit.
# #
<a href="postconf.5.html#smtp_destination_recipient_limit">smtp_destination_recipient_limit</a> = 1000 <a href="postconf.5.html#smtp_destination_recipient_limit">smtp_destination_recipient_limit</a> = 1000
# Tolerate occasional high latency in the content filter. # Tolerate occasional high latency in the content filter.
# #

2
postfix/proto/MULTI_INSTANCE_README.html
View File

@ -554,7 +554,7 @@ pre-filter input instance include: </p>
# Avoid splitting the envelope and scanning messages multiple times. # Avoid splitting the envelope and scanning messages multiple times.
# Match the re-injection server's recipient limit. # Match the re-injection server's recipient limit.
# #
smtp_destination_recipient_limit = 1000 smtp_destination_recipient_limit = 1000
# Tolerate occasional high latency in the content filter. # Tolerate occasional high latency in the content filter.
# #

216
postfix/proto/Makefile.in
View File

@ -139,328 +139,328 @@ clobber:
$(SRCTOMAN) - $? | $(AWK) | nroff -man | col -bx | uniq | sed 's/^/# /' >$@ $(SRCTOMAN) - $? | $(AWK) | nroff -man | col -bx | uniq | sed 's/^/# /' >$@
../html/ADDRESS_CLASS_README.html: ADDRESS_CLASS_README.html ../html/ADDRESS_CLASS_README.html: ADDRESS_CLASS_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/ADDRESS_REWRITING_README.html: ADDRESS_REWRITING_README.html ../html/ADDRESS_REWRITING_README.html: ADDRESS_REWRITING_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/ADDRESS_VERIFICATION_README.html: ADDRESS_VERIFICATION_README.html ../html/ADDRESS_VERIFICATION_README.html: ADDRESS_VERIFICATION_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/BACKSCATTER_README.html: BACKSCATTER_README.html ../html/BACKSCATTER_README.html: BACKSCATTER_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/CDB_README.html: CDB_README.html ../html/CDB_README.html: CDB_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/CONNECTION_CACHE_README.html: CONNECTION_CACHE_README.html ../html/CONNECTION_CACHE_README.html: CONNECTION_CACHE_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/CONTENT_INSPECTION_README.html: CONTENT_INSPECTION_README.html ../html/CONTENT_INSPECTION_README.html: CONTENT_INSPECTION_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/CYRUS_README.html: CYRUS_README.html ../html/CYRUS_README.html: CYRUS_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/BASIC_CONFIGURATION_README.html: BASIC_CONFIGURATION_README.html ../html/BASIC_CONFIGURATION_README.html: BASIC_CONFIGURATION_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/BUILTIN_FILTER_README.html: BUILTIN_FILTER_README.html ../html/BUILTIN_FILTER_README.html: BUILTIN_FILTER_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/DATABASE_README.html: DATABASE_README.html ../html/DATABASE_README.html: DATABASE_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/DB_README.html: DB_README.html ../html/DB_README.html: DB_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/DEBUG_README.html: DEBUG_README.html ../html/DEBUG_README.html: DEBUG_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/DSN_README.html: DSN_README.html ../html/DSN_README.html: DSN_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/ETRN_README.html: ETRN_README.html ../html/ETRN_README.html: ETRN_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/FILTER_README.html: FILTER_README.html ../html/FILTER_README.html: FILTER_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/INSTALL.html: INSTALL.html ../html/INSTALL.html: INSTALL.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/IPV6_README.html: IPV6_README.html ../html/IPV6_README.html: IPV6_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/LDAP_README.html: LDAP_README.html ../html/LDAP_README.html: LDAP_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/LINUX_README.html: LINUX_README.html ../html/LINUX_README.html: LINUX_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/LOCAL_RECIPIENT_README.html: LOCAL_RECIPIENT_README.html ../html/LOCAL_RECIPIENT_README.html: LOCAL_RECIPIENT_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/MAILDROP_README.html: MAILDROP_README.html ../html/MAILDROP_README.html: MAILDROP_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/LMDB_README.html: LMDB_README.html ../html/LMDB_README.html: LMDB_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/MEMCACHE_README.html: MEMCACHE_README.html ../html/MEMCACHE_README.html: MEMCACHE_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/MILTER_README.html: MILTER_README.html ../html/MILTER_README.html: MILTER_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/MULTI_INSTANCE_README.html: MULTI_INSTANCE_README.html ../html/MULTI_INSTANCE_README.html: MULTI_INSTANCE_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/MYSQL_README.html: MYSQL_README.html ../html/MYSQL_README.html: MYSQL_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/NFS_README.html: NFS_README.html ../html/NFS_README.html: NFS_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/OVERVIEW.html: OVERVIEW.html ../html/OVERVIEW.html: OVERVIEW.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/PACKAGE_README.html: PACKAGE_README.html ../html/PACKAGE_README.html: PACKAGE_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/PCRE_README.html: PCRE_README.html ../html/PCRE_README.html: PCRE_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/PGSQL_README.html: PGSQL_README.html ../html/PGSQL_README.html: PGSQL_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/POSTSCREEN_README.html: POSTSCREEN_README.html ../html/POSTSCREEN_README.html: POSTSCREEN_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/QMQP_README.html: QMQP_README.html ../html/QMQP_README.html: QMQP_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/QSHAPE_README.html: QSHAPE_README.html ../html/QSHAPE_README.html: QSHAPE_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/RESTRICTION_CLASS_README.html: RESTRICTION_CLASS_README.html ../html/RESTRICTION_CLASS_README.html: RESTRICTION_CLASS_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/SASL_README.html: SASL_README.html ../html/SASL_README.html: SASL_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/SCHEDULER_README.html: SCHEDULER_README.html ../html/SCHEDULER_README.html: SCHEDULER_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/SMTPD_ACCESS_README.html: SMTPD_ACCESS_README.html ../html/SMTPD_ACCESS_README.html: SMTPD_ACCESS_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/SMTPD_POLICY_README.html: SMTPD_POLICY_README.html ../html/SMTPD_POLICY_README.html: SMTPD_POLICY_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/SMTPD_PROXY_README.html: SMTPD_PROXY_README.html ../html/SMTPD_PROXY_README.html: SMTPD_PROXY_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/SOHO_README.html: $(MAKESOHO) $(DEPSOHO) ../html/SOHO_README.html: $(MAKESOHO) $(DEPSOHO)
$(MAKESOHO) | $(POSTLINK) | $(DETAB) >$@ $(MAKESOHO) | $(POSTLINK) | $(DETAB) >$@
../html/SQLITE_README.html: SQLITE_README.html ../html/SQLITE_README.html: SQLITE_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/STANDARD_CONFIGURATION_README.html: STANDARD_CONFIGURATION_README.html ../html/STANDARD_CONFIGURATION_README.html: STANDARD_CONFIGURATION_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/STRESS_README.html: STRESS_README.html ../html/STRESS_README.html: STRESS_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/TUNING_README.html: TUNING_README.html ../html/TUNING_README.html: TUNING_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/UUCP_README.html: UUCP_README.html ../html/UUCP_README.html: UUCP_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/ULTRIX_README.html: ULTRIX_README.html ../html/ULTRIX_README.html: ULTRIX_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/VERP_README.html: VERP_README.html ../html/VERP_README.html: VERP_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/VIRTUAL_README.html: VIRTUAL_README.html ../html/VIRTUAL_README.html: VIRTUAL_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/XCLIENT_README.html: XCLIENT_README.html ../html/XCLIENT_README.html: XCLIENT_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/XFORWARD_README.html: XFORWARD_README.html ../html/XFORWARD_README.html: XFORWARD_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/TLS_README.html: TLS_README.html ../html/TLS_README.html: TLS_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../html/TLS_LEGACY_README.html: TLS_LEGACY_README.html ../html/TLS_LEGACY_README.html: TLS_LEGACY_README.html
$(POSTLINK) $? | $(DETAB) >$@ $(DETAB) $? | $(POSTLINK) >$@
../README_FILES/ADDRESS_CLASS_README: ADDRESS_CLASS_README.html ../README_FILES/ADDRESS_CLASS_README: ADDRESS_CLASS_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/ADDRESS_REWRITING_README: ADDRESS_REWRITING_README.html ../README_FILES/ADDRESS_REWRITING_README: ADDRESS_REWRITING_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/ADDRESS_VERIFICATION_README: ADDRESS_VERIFICATION_README.html ../README_FILES/ADDRESS_VERIFICATION_README: ADDRESS_VERIFICATION_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/BACKSCATTER_README: BACKSCATTER_README.html ../README_FILES/BACKSCATTER_README: BACKSCATTER_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/BASIC_CONFIGURATION_README: BASIC_CONFIGURATION_README.html ../README_FILES/BASIC_CONFIGURATION_README: BASIC_CONFIGURATION_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/BUILTIN_FILTER_README: BUILTIN_FILTER_README.html ../README_FILES/BUILTIN_FILTER_README: BUILTIN_FILTER_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/CDB_README: CDB_README.html ../README_FILES/CDB_README: CDB_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/CONNECTION_CACHE_README: CONNECTION_CACHE_README.html ../README_FILES/CONNECTION_CACHE_README: CONNECTION_CACHE_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/CONTENT_INSPECTION_README: CONTENT_INSPECTION_README.html ../README_FILES/CONTENT_INSPECTION_README: CONTENT_INSPECTION_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/CYRUS_README: CYRUS_README.html ../README_FILES/CYRUS_README: CYRUS_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/DATABASE_README: DATABASE_README.html ../README_FILES/DATABASE_README: DATABASE_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/DB_README: DB_README.html ../README_FILES/DB_README: DB_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/DEBUG_README: DEBUG_README.html ../README_FILES/DEBUG_README: DEBUG_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/DSN_README: DSN_README.html ../README_FILES/DSN_README: DSN_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/ETRN_README: ETRN_README.html ../README_FILES/ETRN_README: ETRN_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/FILTER_README: FILTER_README.html ../README_FILES/FILTER_README: FILTER_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/INSTALL: INSTALL.html ../README_FILES/INSTALL: INSTALL.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/IPV6_README: IPV6_README.html ../README_FILES/IPV6_README: IPV6_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/LDAP_README: LDAP_README.html ../README_FILES/LDAP_README: LDAP_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/LINUX_README: LINUX_README.html ../README_FILES/LINUX_README: LINUX_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/LOCAL_RECIPIENT_README: LOCAL_RECIPIENT_README.html ../README_FILES/LOCAL_RECIPIENT_README: LOCAL_RECIPIENT_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/MAILDROP_README: MAILDROP_README.html ../README_FILES/MAILDROP_README: MAILDROP_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/LMDB_README: LMDB_README.html ../README_FILES/LMDB_README: LMDB_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/MEMCACHE_README: MEMCACHE_README.html ../README_FILES/MEMCACHE_README: MEMCACHE_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/MILTER_README: MILTER_README.html ../README_FILES/MILTER_README: MILTER_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/MULTI_INSTANCE_README: MULTI_INSTANCE_README.html ../README_FILES/MULTI_INSTANCE_README: MULTI_INSTANCE_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/MYSQL_README: MYSQL_README.html ../README_FILES/MYSQL_README: MYSQL_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/NFS_README: NFS_README.html ../README_FILES/NFS_README: NFS_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/OVERVIEW: OVERVIEW.html ../README_FILES/OVERVIEW: OVERVIEW.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/PACKAGE_README: PACKAGE_README.html ../README_FILES/PACKAGE_README: PACKAGE_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/PCRE_README: PCRE_README.html ../README_FILES/PCRE_README: PCRE_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/PGSQL_README: PGSQL_README.html ../README_FILES/PGSQL_README: PGSQL_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/POSTSCREEN_README: POSTSCREEN_README.html ../README_FILES/POSTSCREEN_README: POSTSCREEN_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/QMQP_README: QMQP_README.html ../README_FILES/QMQP_README: QMQP_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/QSHAPE_README: QSHAPE_README.html ../README_FILES/QSHAPE_README: QSHAPE_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/RESTRICTION_CLASS_README: RESTRICTION_CLASS_README.html ../README_FILES/RESTRICTION_CLASS_README: RESTRICTION_CLASS_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/SASL_README: SASL_README.html ../README_FILES/SASL_README: SASL_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/SCHEDULER_README: SCHEDULER_README.html ../README_FILES/SCHEDULER_README: SCHEDULER_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/SMTPD_ACCESS_README: SMTPD_ACCESS_README.html ../README_FILES/SMTPD_ACCESS_README: SMTPD_ACCESS_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/SMTPD_POLICY_README: SMTPD_POLICY_README.html ../README_FILES/SMTPD_POLICY_README: SMTPD_POLICY_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/SMTPD_PROXY_README: SMTPD_PROXY_README.html ../README_FILES/SMTPD_PROXY_README: SMTPD_PROXY_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/SOHO_README: $(MAKESOHO) $(DEPSOHO) ../README_FILES/SOHO_README: $(MAKESOHO) $(DEPSOHO)
$(MAKESOHO) | $(HT2READ) | $(DETAB) >$@ $(MAKESOHO) | $(HT2READ) | $(DETAB) >$@
../README_FILES/SQLITE_README: SQLITE_README.html ../README_FILES/SQLITE_README: SQLITE_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/STANDARD_CONFIGURATION_README: STANDARD_CONFIGURATION_README.html ../README_FILES/STANDARD_CONFIGURATION_README: STANDARD_CONFIGURATION_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/STRESS_README: STRESS_README.html ../README_FILES/STRESS_README: STRESS_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/TUNING_README: TUNING_README.html ../README_FILES/TUNING_README: TUNING_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/UUCP_README: UUCP_README.html ../README_FILES/UUCP_README: UUCP_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/ULTRIX_README: ULTRIX_README.html ../README_FILES/ULTRIX_README: ULTRIX_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/VERP_README: VERP_README.html ../README_FILES/VERP_README: VERP_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/VIRTUAL_README: VIRTUAL_README.html ../README_FILES/VIRTUAL_README: VIRTUAL_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/XCLIENT_README: XCLIENT_README.html ../README_FILES/XCLIENT_README: XCLIENT_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/XFORWARD_README: XFORWARD_README.html ../README_FILES/XFORWARD_README: XFORWARD_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/TLS_README: TLS_README.html ../README_FILES/TLS_README: TLS_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/TLS_LEGACY_README: TLS_LEGACY_README.html ../README_FILES/TLS_LEGACY_README: TLS_LEGACY_README.html
$(HT2READ) $? | $(DETAB) >$@ $(DETAB) $? | $(HT2READ) >$@
../README_FILES/AAAREADME: ../html/index.html $(MAKEAAA) ../README_FILES/AAAREADME: ../html/index.html $(MAKEAAA)
$(MAKEAAA) ../html/index.html | $(HT2READ) | $(DETAB) >$@ $(MAKEAAA) ../html/index.html | $(HT2READ) | $(DETAB) >$@
@ -468,8 +468,8 @@ clobber:
../man/man5/postconf.5: postconf.man.prolog postconf.proto postconf.man.epilog \ ../man/man5/postconf.5: postconf.man.prolog postconf.proto postconf.man.epilog \
../mantools/xpostconf ../mantools/postconf2html ../mantools/postconf2man ../mantools/xpostconf ../mantools/postconf2html ../mantools/postconf2man
(cat postconf.man.prolog; ../mantools/xpostconf postconf.proto | \ (cat postconf.man.prolog; ../mantools/xpostconf postconf.proto | \
../mantools/postconf2html | ../mantools/postconf2man | \ $(DETAB) | ../mantools/postconf2html | ../mantools/postconf2man | \
sed 's/\\e&/\\\&/'; cat postconf.man.epilog ) | $(DETAB) > $@ sed 's/\\e&/\\\&/'; cat postconf.man.epilog ) > $@
../html/postconf.5.html: postconf.html.prolog postconf.proto \ ../html/postconf.5.html: postconf.html.prolog postconf.proto \
postconf.html.epilog ../mantools/xpostconf ../mantools/postconf2html \ postconf.html.epilog ../mantools/xpostconf ../mantools/postconf2html \

2
postfix/src/global/mail_version.h
View File

@ -20,7 +20,7 @@
* Patches change both the patchlevel and the release date. Snapshots have no * Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only. * patchlevel; they change the release date only.
*/ */
#define MAIL_RELEASE_DATE "20131103" #define MAIL_RELEASE_DATE "20131104"
#define MAIL_VERSION_NUMBER "2.11" #define MAIL_VERSION_NUMBER "2.11"
#ifdef SNAPSHOT #ifdef SNAPSHOT

1
postfix/src/postalias/postalias.c
View File

@ -290,6 +290,7 @@ static void postalias(char *map_type, char *path_name, int postalias_flags,
if ((source_fp = vstream_fopen(path_name, O_RDONLY, 0)) == 0) if ((source_fp = vstream_fopen(path_name, O_RDONLY, 0)) == 0)
msg_fatal("open %s: %m", path_name); msg_fatal("open %s: %m", path_name);
} }
dict_flags |= DICT_FLAG_WORLD_READ;
if (fstat(vstream_fileno(source_fp), &st) < 0) if (fstat(vstream_fileno(source_fp), &st) < 0)
msg_fatal("fstat %s: %m", path_name); msg_fatal("fstat %s: %m", path_name);

1
postfix/src/postmap/postmap.c
View File

@ -353,6 +353,7 @@ static void postmap(char *map_type, char *path_name, int postmap_flags,
if ((source_fp = vstream_fopen(path_name, O_RDONLY, 0)) == 0) if ((source_fp = vstream_fopen(path_name, O_RDONLY, 0)) == 0)
msg_fatal("open %s: %m", path_name); msg_fatal("open %s: %m", path_name);
} }
dict_flags |= DICT_FLAG_WORLD_READ;
if (fstat(vstream_fileno(source_fp), &st) < 0) if (fstat(vstream_fileno(source_fp), &st) < 0)
msg_fatal("fstat %s: %m", path_name); msg_fatal("fstat %s: %m", path_name);

1
postfix/src/util/dict.c
View File

@ -590,6 +590,7 @@ static const NAME_MASK dict_mask[] = {
"fold_mul", DICT_FLAG_FOLD_MUL, /* case-fold with multi-case key map */ "fold_mul", DICT_FLAG_FOLD_MUL, /* case-fold with multi-case key map */
"open_lock", DICT_FLAG_OPEN_LOCK, /* permanent lock upon open */ "open_lock", DICT_FLAG_OPEN_LOCK, /* permanent lock upon open */
"bulk_update", DICT_FLAG_BULK_UPDATE, /* bulk update if supported */ "bulk_update", DICT_FLAG_BULK_UPDATE, /* bulk update if supported */
"world_read", DICT_FLAG_WORLD_READ, /* assume writer != reader */
0, 0,
}; };

1
postfix/src/util/dict.h
View File

@ -96,6 +96,7 @@ extern DICT *dict_debug(DICT *);
#define DICT_FLAG_FOLD_ANY (DICT_FLAG_FOLD_FIX | DICT_FLAG_FOLD_MUL) #define DICT_FLAG_FOLD_ANY (DICT_FLAG_FOLD_FIX | DICT_FLAG_FOLD_MUL)
#define DICT_FLAG_OPEN_LOCK (1<<16) /* perm lock if not multi-writer safe */ #define DICT_FLAG_OPEN_LOCK (1<<16) /* perm lock if not multi-writer safe */
#define DICT_FLAG_BULK_UPDATE (1<<17) /* optimize for bulk updates */ #define DICT_FLAG_BULK_UPDATE (1<<17) /* optimize for bulk updates */
#define DICT_FLAG_WORLD_READ (1<<18) /* assume writer != reader */
/* IMPORTANT: Update the dict_mask[] table when the above changes */ /* IMPORTANT: Update the dict_mask[] table when the above changes */

50
postfix/src/util/dict_lmdb.c
View File

@ -551,35 +551,45 @@ DICT *dict_lmdb_open(const char *path, int open_flags, int dict_flags)
mdb_path = concatenate(path, "." DICT_TYPE_LMDB, (char *) 0); mdb_path = concatenate(path, "." DICT_TYPE_LMDB, (char *) 0);
/* /*
* Security violation. * Impedance adapters.
*
* By default, LMDB 0.9.9 writes uninitialized heap memory to a
* world-readable database file. This is a basic memory disclosure
* vulnerability: memory content that a program does not intend to share
* ends up in a world-readable file. The content of uninitialized heap
* memory depends on program execution history. That history includes
* code execution in other libraries that are linked into the program.
*
* As a workaround we turn on MDB_WRITEMAP which disables the use of
* malloc() in LMDB. However, that does not address several disclosures
* of stack memory.
*/ */
mdb_flags = MDB_NOSUBDIR | MDB_NOLOCK; mdb_flags = MDB_NOSUBDIR | MDB_NOLOCK;
if (open_flags == O_RDONLY) if (open_flags == O_RDONLY)
mdb_flags |= MDB_RDONLY; mdb_flags |= MDB_RDONLY;
/*
* Replace with MDB_VERSION_FULL < MDB_VERINT(X, Y, Z) after this is
* fixed up-stream.
*/
#if 1
mdb_flags |= MDB_WRITEMAP;
#endif
slmdb_flags = 0; slmdb_flags = 0;
if (dict_flags & DICT_FLAG_BULK_UPDATE) if (dict_flags & DICT_FLAG_BULK_UPDATE)
slmdb_flags |= SLMDB_FLAG_BULK; slmdb_flags |= SLMDB_FLAG_BULK;
/*
* Security violation.
*
* By default, LMDB 0.9.9 writes uninitialized heap memory to a
* world-readable database file, as chunks of up to 4096 bytes. This is a
* gross memory disclosure vulnerability: memory content that a program
* does not intend to share ends up in a world-readable file. The content
* of uninitialized heap memory depends on program execution history.
* That history includes code execution in other libraries that are
* linked into the program.
*
* This is a problem whenever the user who writes the database file differs
* from the user who reads the database file. For example, a privileged
* writer and an unprivileged reader. In the case of Postfix, the
* postmap(1) and postalias(1) commands would leak uninitialized heap
* memory, as chunks of up to 4096 bytes, from a root-privileged process
* that writes to a database file, to unprivileged processes that read
* from that database file.
*
* As a workaround the postmap(1) and postalias(1) commands turn on
* MDB_WRITEMAP which disables the use of malloc() in LMDB. However, that
* does not address several disclosures of stack memory. Other Postfix
* databases do not need this workaround: those databases are maintained
* by Postfix daemon processes, and are accessible only by the postfix
* user.
*/
if (dict_flags & DICT_FLAG_WORLD_READ)
mdb_flags |= MDB_WRITEMAP;
/* /*
* Gracefully handle most database open errors. * Gracefully handle most database open errors.
*/ */

3
postfix/src/util/dict_open.c
View File

@ -126,6 +126,9 @@
/* Enable preliminary code for bulk-mode database updates. /* Enable preliminary code for bulk-mode database updates.
/* The caller must create an exception handler with dict_jmp_alloc() /* The caller must create an exception handler with dict_jmp_alloc()
/* and must trap exceptions from the database client with dict_setjmp(). /* and must trap exceptions from the database client with dict_setjmp().
/* .IP DICT_FLAG_WORLD_READ
/* Assume that the database file will be read by users other
/* than the writer.
/* .IP DICT_FLAG_DEBUG /* .IP DICT_FLAG_DEBUG
/* Enable additional logging. /* Enable additional logging.
/* .PP /* .PP

6
postfix/src/util/slmdb.c
View File

@ -295,9 +295,11 @@ static int slmdb_recover(SLMDB *slmdb, int status)
MDB_envinfo info; MDB_envinfo info;
/* /*
* Limit the number of recovery attempts per slmdb(3) API request. * Recover bulk transactions only if they can be restarted. Limit
* the number of recovery attempts per slmdb(3) API request.
*/ */
if ((slmdb->api_retry_count += 1) >= slmdb->api_retry_limit) if ((slmdb->txn != 0 && slmdb->longjmp_fn == 0)
|| ((slmdb->api_retry_count += 1) >= slmdb->api_retry_limit))
return (status); return (status);
/* /*