postfix-2.8.1

2025-09-01 14:45:32 +00:00 · 2011-02-22 00:00:00 -05:00
parent 8b118cf292
commit 29719aa21f
13 changed files with 181 additions and 205 deletions
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@@ -16515,7 +16515,26 @@ Apologies for any names omitted.
 	from the postscreen_access_list implementation.  File:
 	postscreen/postscreen_access.c.
 20110123
 	Cleanup: remove #ifdef MIGRATION_WARNING transitional code
 	from postscreen. File: postscreen/postscreen.c.
 20110201
 	Cleanup: when verifying that the client_address->client_name
 	lookup result resolves to the client_address, request
 	hostname->address lookup with the same protocol family (IPv4
 	or IPv6) as the client_address.  Files: util/myaddrinfo.[hc],
 	smtpd/smtpd_peer.c, qmqpd/qmqpd_peer.c.
 20110207
 	Bugfix (introduced Postfix 2.8): segfault with smtpd_tls_loglevel
 	>= 3. Files: tls/tls_server.c, tls.h, smtpd.c, tlsproxy.c.
 20110216
 	Cleanup: don't log a "connection reset by peer" warning
 	when postscreen(8) tries to send a server response.  File:
 	postscreen/postscreen_send.c.
--- a/postfix/README_FILES/POSTSCREEN_README
+++ b/postfix/README_FILES/POSTSCREEN_README
@@ -318,11 +318,12 @@ in SMTP engine anyway. This is to make postscreen(8) logging more informative.
 When a client sends multiple commands, postscreen(8) logs this as:
-    CCOOMMMMAANNDD PPIIPPEELLIINNIINNGG aafftteerr time ffrroomm [address]:port
+    CCOOMMMMAANNDD PPIIPPEELLIINNIINNGG ffrroomm [address]:port aafftteerr command
 Translation: the SMTP client at [address]:port sent multiple SMTP commands,
 instead of sending one command and then waiting for the server to reply. This
-happened time seconds after the "220 " server greeting was sent.
+happened after the client sent command. Postfix 2.8 does not log the input that
 was sent too early.
 The postscreen_pipelining_action parameter specifies the action that is taken
 next. See "When tests fail after the 220 SMTP server greeting" below.
--- a/postfix/html/POSTSCREEN_README.html
+++ b/postfix/html/POSTSCREEN_README.html
@@ -432,13 +432,14 @@ logging more informative. </p>
 as: </p>
 <pre>
-    <b>COMMAND PIPELINING after</b> <i>time</i> <b>from</b> <i>[address]:port</i>
+    <b>COMMAND PIPELINING from</b> <i>[address]:port</i> <b>after</b> <i>command</i>
 </pre>
-<p> Translation: the SMTP client at <i>[address]:port</i> sent multiple
+<p> Translation: the SMTP client at <i>[address]:port</i> sent
-SMTP commands, instead of sending one command and then waiting for
+multiple SMTP commands, instead of sending one command and then
-the server to reply. This happened <i>time</i> seconds after the
+waiting for the server to reply. This happened after the client
-"220 " server greeting was sent. </p>
+sent <i>command</i>. Postfix 2.8 does not log the input that was
 sent too early. </p>
 <p> The <a href="postconf.5.html#postscreen_pipelining_action">postscreen_pipelining_action</a> parameter specifies the action
 that is taken next.  See "<a href="#fail_after_220">When tests fail
--- a/postfix/html/postscreen.8.html
+++ b/postfix/html/postscreen.8.html
@@ -76,7 +76,8 @@ POSTSCREEN(8)                                                    POSTSCREEN(8)
       Support for AUTH may be added in the future.  In the  mean
       time, if you need to make these services available on port
       25, then do not enable  the  optional  "after  220  server
-       greeting" tests.
+       greeting" tests, and do not use DNSBLs that reject traffic
       from dial-up and residential networks.
       The optional "after 220  server  greeting"  tests  involve
       <a href="postscreen.8.html"><b>postscreen</b>(8)</a>'s  built-in SMTP protocol engine. When these
--- a/postfix/man/man8/postscreen.8
+++ b/postfix/man/man8/postscreen.8
@@ -82,7 +82,8 @@ XFORWARD.
 Support for AUTH may be added in the future.
 In the mean time, if you need to make these services available
 on port 25, then do not enable the optional "after 220
-server greeting" tests.
+server greeting" tests, and do not use DNSBLs that reject
 traffic from dial-up and residential networks.
 The optional "after 220 server greeting" tests involve
 \fBpostscreen\fR(8)'s built-in SMTP protocol engine. When
--- a/postfix/proto/POSTSCREEN_README.html
+++ b/postfix/proto/POSTSCREEN_README.html
@@ -432,13 +432,14 @@ logging more informative. </p>
 as: </p>
 <pre>
-    <b>COMMAND PIPELINING after</b> <i>time</i> <b>from</b> <i>[address]:port</i>
+    <b>COMMAND PIPELINING from</b> <i>[address]:port</i> <b>after</b> <i>command</i>
 </pre>
-<p> Translation: the SMTP client at <i>[address]:port</i> sent multiple
+<p> Translation: the SMTP client at <i>[address]:port</i> sent
-SMTP commands, instead of sending one command and then waiting for
+multiple SMTP commands, instead of sending one command and then
-the server to reply. This happened <i>time</i> seconds after the
+waiting for the server to reply. This happened after the client
-"220 " server greeting was sent. </p>
+sent <i>command</i>. Postfix 2.8 does not log the input that was
 sent too early. </p>
 <p> The postscreen_pipelining_action parameter specifies the action
 that is taken next.  See "<a href="#fail_after_220">When tests fail
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -20,8 +20,8 @@
  * Patches change both the patchlevel and the release date. Snapshots have no
  * patchlevel; they change the release date only.
  */
-#define MAIL_RELEASE_DATE	"20110207"
+#define MAIL_RELEASE_DATE	"20110222"
-#define MAIL_VERSION_NUMBER	"2.8.1-RC1"
+#define MAIL_VERSION_NUMBER	"2.8.1"
 #ifdef SNAPSHOT
 # define MAIL_VERSION_DATE	"-" MAIL_RELEASE_DATE
--- a/postfix/src/postscreen/postscreen.c
+++ b/postfix/src/postscreen/postscreen.c
@@ -68,7 +68,8 @@
 /*	Support for AUTH may be added in the future.
 /*	In the mean time, if you need to make these services available
 /*	on port 25, then do not enable the optional "after 220
-/*	server greeting" tests.
+/*	server greeting" tests, and do not use DNSBLs that reject
 /*	traffic from dial-up and residential networks.
 /*
 /*	The optional "after 220 server greeting" tests involve
 /*	\fBpostscreen\fR(8)'s built-in SMTP protocol engine. When
@@ -416,13 +417,6 @@ int     var_psc_post_queue_limit;
 int     var_psc_pre_queue_limit;
 int     var_psc_watchdog;
 #undef MIGRATION_WARNING
 #ifdef MIGRATION_WARNING
 char   *var_psc_wlist_nets;
 char   *var_psc_blist_nets;
 #endif
 char   *var_psc_acl;
 char   *var_psc_blist_action;
@@ -495,11 +489,6 @@ HTABLE *psc_client_concurrency;		/* per-client concurrency */
 /*
  * Local variables.
  */
 #ifdef MIGRATION_WARNING
 static ADDR_MATCH_LIST *psc_wlist_nets;	/* permanently whitelisted networks */
 static ADDR_MATCH_LIST *psc_blist_nets;	/* permanently blacklisted networks */
 #endif
 static ARGV *psc_acl;			/* permanent white/backlist */
 static int psc_blist_action;		/* PSC_ACT_DROP/ENFORCE/etc */
@@ -715,47 +704,6 @@ static void psc_service(VSTREAM *smtp_client_stream,
 	    break;
 	}
    }
 #ifdef MIGRATION_WARNING
    /*
     * The permanent whitelist has highest precedence (never block mail from
     * whitelisted sites, and never run tests against those sites).
     */
    if (psc_wlist_nets != 0
    && psc_addr_match_list_match(psc_wlist_nets, state->smtp_client_addr)) {
 	msg_info("WHITELISTED [%s]:%s", PSC_CLIENT_ADDR_PORT(state));
 	psc_conclude(state);
 	return;
    }
    /*
     * The permanent blacklist has second precedence. If the client is
     * permanently blacklisted, send some generic reply and hang up
     * immediately, or run more tests for logging purposes.
     */
    if (psc_blist_nets != 0
    && psc_addr_match_list_match(psc_blist_nets, state->smtp_client_addr)) {
 	msg_info("BLACKLISTED [%s]:%s", PSC_CLIENT_ADDR_PORT(state));
 	PSC_FAIL_SESSION_STATE(state, PSC_STATE_FLAG_BLIST_FAIL);
 	switch (psc_blist_action) {
 	case PSC_ACT_DROP:
 	    PSC_DROP_SESSION_STATE(state,
 			     "521 5.3.2 Service currently unavailable\r\n");
 	    return;
 	case PSC_ACT_ENFORCE:
 	    PSC_ENFORCE_SESSION_STATE(state,
 			     "550 5.3.2 Service currently unavailable\r\n");
 	    break;
 	case PSC_ACT_IGNORE:
 	    PSC_UNFAIL_SESSION_STATE(state, PSC_STATE_FLAG_BLIST_FAIL);
 	    /* Not: PSC_PASS_SESSION_STATE. Repeat this test the next time. */
 	    break;
 	default:
 	    msg_panic("%s: unknown blacklist action value %d",
 		      myname, psc_blist_action);
 	}
    }
 #endif
    /*
     * The temporary whitelist (i.e. the postscreen cache) has the lowest
@@ -841,21 +789,6 @@ static void pre_jail_init(char *unused_name, char **unused_argv)
     * Open read-only maps before dropping privilege, for consistency with
     * other Postfix daemons.
     */
 #ifdef MIGRATION_WARNING
    if (*var_psc_wlist_nets)
 	psc_wlist_nets =
 	    addr_match_list_init(MATCH_FLAG_NONE, var_psc_wlist_nets);
    if (*var_psc_blist_nets)
 	psc_blist_nets = addr_match_list_init(MATCH_FLAG_NONE,
 					      var_psc_blist_nets);
    if (psc_blist_nets || psc_wlist_nets) {
 	msg_warn("The %s and %s features will be removed soon. Use %s instead",
 		 VAR_PSC_WLIST_NETS, VAR_PSC_BLIST_NETS, VAR_PSC_ACL);
 	msg_warn("To stop this warning, specify empty values for %s and %s",
 		 VAR_PSC_WLIST_NETS, VAR_PSC_BLIST_NETS);
    }
 #endif
    psc_acl_pre_jail_init();
    if (*var_psc_acl)
 	psc_acl = psc_acl_parse(var_psc_acl, VAR_PSC_ACL);
@@ -1095,10 +1028,6 @@ int     main(int argc, char **argv)
 	VAR_PSC_PIPEL_ACTION, DEF_PSC_PIPEL_ACTION, &var_psc_pipel_action, 1, 0,
 	VAR_PSC_NSMTP_ACTION, DEF_PSC_NSMTP_ACTION, &var_psc_nsmtp_action, 1, 0,
 	VAR_PSC_BARLF_ACTION, DEF_PSC_BARLF_ACTION, &var_psc_barlf_action, 1, 0,
 #ifdef MIGRATION_WARNING
 	VAR_PSC_WLIST_NETS, DEF_PSC_WLIST_NETS, &var_psc_wlist_nets, 0, 0,
 	VAR_PSC_BLIST_NETS, DEF_PSC_BLIST_NETS, &var_psc_blist_nets, 0, 0,
 #endif
 	VAR_PSC_ACL, DEF_PSC_ACL, &var_psc_acl, 0, 0,
 	VAR_PSC_BLIST_ACTION, DEF_PSC_BLIST_ACTION, &var_psc_blist_action, 1, 0,
 	VAR_PSC_FORBID_CMDS, DEF_PSC_FORBID_CMDS, &var_psc_forbid_cmds, 0, 0,
--- a/postfix/src/postscreen/postscreen_send.c
+++ b/postfix/src/postscreen/postscreen_send.c
@@ -121,7 +121,7 @@ int     psc_send_reply(PSC_STATE *state, const char *text)
 		STR(state->send_buf), LEN(state->send_buf));
    if (ret > 0)
 	vstring_truncate(state->send_buf, ret - LEN(state->send_buf));
-    if (ret < 0 && errno != EAGAIN && errno != EPIPE)
+    if (ret < 0 && errno != EAGAIN && errno != EPIPE && errno != ECONNRESET)
 	msg_warn("write [%s]:%s: %m", state->smtp_client_addr,
 		 state->smtp_client_port);
    return (ret < 0 && errno != EAGAIN);
--- a/postfix/src/qmqpd/qmqpd_peer.c
+++ b/postfix/src/qmqpd/qmqpd_peer.c
@@ -243,7 +243,8 @@ void    qmqpd_peer_init(QMQPD_STATE *state)
 	    /*
 	     * Reject the hostname if it does not list the peer address.
 	     */
-	    aierr = hostname_to_sockaddr(state->name, (char *) 0, 0, &res0);
+	    aierr = hostname_to_sockaddr_pf(state->name, state->addr_family,
 					    (char *) 0, 0, &res0);
 	    if (aierr) {
 		msg_warn("%s: hostname %s verification failed: %s",
 			 state->addr, state->name, MAI_STRERROR(aierr));
--- a/postfix/src/smtpd/smtpd_peer.c
+++ b/postfix/src/smtpd/smtpd_peer.c
@@ -337,7 +337,8 @@ void    smtpd_peer_init(SMTPD_STATE *state)
 	     * must not be allowed to enter the audit trail, as people would
 	     * draw false conclusions.
 	     */
-	    aierr = hostname_to_sockaddr(state->name, (char *) 0, 0, &res0);
+	    aierr = hostname_to_sockaddr_pf(state->name, state->addr_family,
 					    (char *) 0, 0, &res0);
 	    if (aierr) {
 		msg_warn("%s: hostname %s verification failed: %s",
 			 state->addr, state->name, MAI_STRERROR(aierr));
--- a/postfix/src/util/myaddrinfo.c
+++ b/postfix/src/util/myaddrinfo.c
@@ -22,6 +22,13 @@
 /*	int	socktype;
 /*	struct addrinfo **result;
 /*
 /*	int	hostname_to_sockaddr_pf(hostname, pf, service, socktype, result)
 /*	const char *hostname;
 /*	int	pf;
 /*	const char *service;
 /*	int	socktype;
 /*	struct addrinfo **result;
 /*
 /*	int	hostaddr_to_sockaddr(hostaddr, service, socktype, result)
 /*	const char *hostaddr;
 /*	const char *service;
@@ -59,6 +66,9 @@
 /*	result should be destroyed with freeaddrinfo(). A null host
 /*	pointer converts to the null host address.
 /*
 /*	hostname_to_sockaddr_pf() is an extended interface that
 /*	provides a protocol family override.
 /*
 /*	hostaddr_to_sockaddr() converts a printable network address
 /*	into the corresponding binary form.  The result should be
 /*	destroyed with freeaddrinfo(). A null host pointer converts
@@ -100,6 +110,10 @@
 /*	hostname, or a null pointer (meaning the wild-card listen
 /*	address).  On output from sockaddr_to_hostname(), storage
 /*	for the result hostname, or a null pointer.
 /* .IP pf
 /*	Protocol type: PF_UNSPEC (meaning: use any protocol that is
 /*	available), PF_INET, or PF_INET6.  This argument is ignored
 /*	in EMULATE_IPV4_ADDRINFO mode.
 /* .IP hostaddr
 /*	On input to hostaddr_to_sockaddr(), a numeric hostname,
 /*	or a null pointer (meaning the wild-card listen address).
@@ -274,10 +288,11 @@ static int find_service(const char *service, int socktype)
 #endif
-/* hostname_to_sockaddr - hostname to binary address form */
+/* hostname_to_sockaddr_pf - hostname to binary address form */
-int     hostname_to_sockaddr(const char *hostname, const char *service,
+int     hostname_to_sockaddr_pf(const char *hostname, int pf,
-			             int socktype, struct addrinfo ** res)
+			             const char *service, int socktype,
 			             struct addrinfo ** res)
 {
 #ifdef EMULATE_IPV4_ADDRINFO
@@ -408,7 +423,7 @@ int     hostname_to_sockaddr(const char *hostname, const char *service,
    int     err;
    memset((char *) &hints, 0, sizeof(hints));
-    hints.ai_family = inet_proto_info()->ai_family;
+    hints.ai_family = (pf != PF_UNSPEC) ? pf : inet_proto_info()->ai_family;
    hints.ai_socktype = service ? socktype : MAI_SOCKTYPE;
    if (!hostname) {
 	hints.ai_flags = AI_PASSIVE;
--- a/postfix/src/util/myaddrinfo.h
+++ b/postfix/src/util/myaddrinfo.h
@@ -154,7 +154,7 @@ typedef struct {
    char    buf[MAI_SERVPORT_STRSIZE];
 } MAI_SERVPORT_STR;
-extern int hostname_to_sockaddr(const char *, const char *, int,
+extern int hostname_to_sockaddr_pf(const char *, int, const char *, int,
 				           struct addrinfo **);
 extern int hostaddr_to_sockaddr(const char *, const char *, int,
 				        struct addrinfo **);
@@ -168,18 +168,24 @@ extern void myaddrinfo_control(int,...);
 #define MAI_STRERROR(e) ((e) == EAI_SYSTEM ? strerror(errno) : gai_strerror(e))
 #define hostname_to_sockaddr(host, serv, sock, res) \
 	hostname_to_sockaddr_pf((host), PF_UNSPEC, (serv), (sock), (res))
 /*
  * Macros for the case where we really don't want to be bothered with things
  * that may fail.
  */
-#define HOSTNAME_TO_SOCKADDR(host, serv, sock, res) \
+#define HOSTNAME_TO_SOCKADDR_PF(host, pf, serv, sock, res) \
    do { \
 	int _aierr; \
-	_aierr = hostname_to_sockaddr((host), (serv), (sock), (res)); \
+	_aierr = hostname_to_sockaddr_pf((host), (pf), (serv), (sock), (res)); \
 	if (_aierr) \
-	    msg_fatal("hostname_to_sockaddr: %s", MAI_STRERROR(_aierr)); \
+	    msg_fatal("hostname_to_sockaddr_pf: %s", MAI_STRERROR(_aierr)); \
    } while (0)
 #define HOSTNAME_TO_SOCKADDR(host, serv, sock, res) \
 	HOSTNAME_TO_SOCKADDR_PF((host), PF_UNSPEC, (serv), (sock), (res))
 #define HOSTADDR_TO_SOCKADDR(host, serv, sock, res) \
    do { \
 	int _aierr; \