mir/postfix
2
0
Fork 0
mirror of https://github.com/vdukhovni/postfix synced 2025-08-30 13:48:06 +00:00
Code Issues Releases Wiki Activity

postfix-2.0.16-20031111

Browse Source
This commit is contained in:
Wietse Venema 2003-11-11 00:00:00 -05:00 committed by Viktor Dukhovni
parent f8571298ac
commit 42785b0fbd
63 changed files with 1222 additions and 1518 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
postfix/.indent.pro vendored
View File

@ -1,5 +1,7 @@
-TABOUNCE
-TALIAS_TOKEN
-TANVIL_LOCAL
-TANVIL_REMOTE
-TARGV
-TATTR_CLNT
-TATTR_TABLE
@ -23,8 +25,6 @@
-TCONFIG_STR_TABLE
-TCONFIG_TIME_FN_TABLE
-TCONFIG_TIME_TABLE
-TCRATE_LOCAL
-TCRATE_REMOTE
-TCTABLE
-TCTABLE_ENTRY
-TDELIVER_ATTR

19
postfix/HISTORY
View File

@ -8729,18 +8729,19 @@ Apologies for any names omitted.
20031103-20031110
Feature: preliminary support to restrict the number of
simultaneous and successive connections that a client is
can make to the Postfix SMTP server, with a whitelist
capability to disable the restriction for authorized clients.
Most of the work is implemented by a new "crate" server
(connection Count and RATE management). Parameters:
Feature: preliminary defense against SMTP clients that
hammer the SMTP server with too many simultaneous or
successive connection attempts, with a whitelist capability
to disable the restriction for authorized clients. Most
work is implemented by a new "anvil" server. Parameters:
smtpd_client_connection_count_limit, smtpd_client_connection-
_rate_limit, smtpd_client_connection_limit_exceptions,
connection_rate_time_unit, and connection_rate_purge_delay.
Documentation: smtpd(8), crate(8), sample-smtpd.cf. Files:
smtpd/smtpd.c, global/crate_clnt.[hc], crate/crate.c.
Documentation: smtpd(8), anvil(8), sample-smtpd.cf. Files:
smtpd/smtpd.c, global/anvil_clnt.[hc], anvil/anvil.c. The
anvil server logs peak count and rate information per client
when it terminates after running out of work or after
"postfix reload".
20031110

2
postfix/Makefile.in
View File

@ -7,7 +7,7 @@ DIRS = src/util src/global src/dns src/master src/postfix src/smtpstone \
src/showq src/postalias src/postcat src/postconf src/postdrop \
src/postkick src/postlock src/postlog src/postmap src/postqueue \
src/postsuper src/nqmgr src/qmqpd src/spawn src/flush src/verify \
src/virtual src/proxymap src/crate
src/virtual src/proxymap src/anvil
MANDIRS = proto man html
default: update

47
postfix/RELEASE_NOTES
View File

@ -22,25 +22,46 @@ snapshot release). Patches change the patchlevel and the release
date. Snapshots change only the release date, unless they include
the same bugfixes as a patch release.
Incompatible changes with Postfix snapshot 2.0.16-20031110
Incompatible changes with Postfix snapshot 2.0.16-20031111
==========================================================
The demo greylist policy server is now case insensitive.
Major changes with Postfix snapshot 2.0.16-20031110
Major changes with Postfix snapshot 2.0.16-20031111
===================================================
Preliminary support for limiting the number of connection attempts
from an SMTP client. The limits are disabled by default. The
parameter smtpd_client_connection_count_limit restricts the number
of simultaneous connections by any client, and the parameter
smtpd_client_connection_rate_limit restricts the number of connection
attempts per unit time that any client can make. The time unit is
specified with the connection_rate_time_unit parameter, default
one minute). When Postfix rejects a client, it sends a 450 status
code and disconnects. The smtpd_client_connection_limit_exceptions
parameter takes a list of network blocks or domain names that are
excluded from these restrictions (by default, clients in $mynetworks).
Preliminary defense against SMTP clients that hammer an SMTP server
with too many connections. By default, the number of simultaneous
connections per client is limited to half the default process limit,
and no limit is imposed on the number of successive connections
per time unit that a client is allowed to make.
The new anvil server maintains the connection statistics, and logs
the maximum connection count and connection rate per client whenever
it terminates (when there is no work to be done, or when "postfix
reload" was issued). Once you have an idea what the numbers look
like, you can clamp down the limits for your system.
The relevant main.cf configuration parameters are: smtpd_client_-
connection_count_limit for the number of simultaneous connections
per client, and smtpd_client_connection_rate_limit for the number
of successive connections per unit time and client. The time unit
is specified with the connection_rate_time_unit parameter, and is
one minute by default.
When Postfix rejects a client, it sends a 450 status code and
disconnects, and logs a warning with the client name/address and
the service name from master.cf. You can, for example, capture this
information with a logfile watching program that updates a firewall
rule (such a watcher program is not included with Postfix).
To avoid rejecting authorized hosts, the smtpd_client_connection_-
limit_exceptions parameter takes a list of network/netmask expressions,
hostnames or .domain names that are excluded from these restrictions.
By default, all clients in $mynetworks are excluded; you will
probably want to use a more restrictive setting.
See also: sample-smtpd.cf, smtpd(8), and anvil(8).
Incompatible changes with Postfix snapshot 2.0.16-20031022
==========================================================

2
postfix/conf/master.cf
View File

@ -98,7 +98,7 @@ error unix - - n - - error
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
crate unix - - n - 1 crate
anvil unix - - n - 1 anvil
#
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.

8
postfix/conf/post-install
View File

@ -575,12 +575,12 @@ proxymap unix - - n - - proxymap
EOF
}
# Add missing crate service to master.cf.
# Add missing anvil service to master.cf.
grep '^crate.*crate' $config_directory/master.cf >/dev/null || {
echo Editing $config_directory/master.cf, adding missing entry for crate service
grep '^anvil.*anvil' $config_directory/master.cf >/dev/null || {
echo Editing $config_directory/master.cf, adding missing entry for anvil service
cat >>$config_directory/master.cf <<EOF || exit 1
crate unix - - n - 1 crate
anvil unix - - n - 1 anvil
EOF
}

4
postfix/conf/postfix-files
View File

@ -56,7 +56,7 @@ $queue_directory/pid:d:root:-:755:uc
$queue_directory/trace:d:$mail_owner:-:700:ucr
$daemon_directory/bounce:f:root:-:755
$daemon_directory/cleanup:f:root:-:755
$daemon_directory/crate:f:root:-:755
$daemon_directory/anvil:f:root:-:755
$daemon_directory/error:f:root:-:755
$daemon_directory/flush:f:root:-:755
$daemon_directory/lmtp:f:root:-:755
@ -133,7 +133,7 @@ $manpage_directory/man5/transport.5:f:root:-:644
$manpage_directory/man5/virtual.5:f:root:-:644
$manpage_directory/man8/bounce.8:f:root:-:644
$manpage_directory/man8/cleanup.8:f:root:-:644
$manpage_directory/man8/crate.8:f:root:-:644
$manpage_directory/man8/anvil.8:f:root:-:644
$manpage_directory/man8/defer.8:f:root:-:644
$manpage_directory/man8/error.8:f:root:-:644
$manpage_directory/man8/flush.8:f:root:-:644

12
postfix/conf/sample-smtpd.cf
View File

@ -111,11 +111,13 @@ unknown_local_recipient_reject_code = 550
# simultaneous connections any client is allowed to make to this
# service.
#
# By default, every client can make as many connections as Postfix
# can accept (defined by the process limit in the master.cf file).
# By default, the limit is set it to half the default process limit
# value.
#
# smtpd_client_connection_count_limit = 10
smtpd_client_connection_count_limit = 0
# To disable this feature, specify a limit of 0.
#
# smtpd_client_connection_count_limit = 0
smtpd_client_connection_count_limit = 50
# The smtpd_client_connection_rate_limit parameter controls how many
# connection attempts any client is allowed to make to this service
@ -127,6 +129,8 @@ smtpd_client_connection_count_limit = 0
# By default, every client can make as many connections as Postfix
# can accept.
#
# To disable this feature, specify a limit of 0.
#
# smtpd_client_connection_rate_limit = 100
smtpd_client_connection_rate_limit = 0

4
postfix/html/Makefile.in
View File

@ -6,7 +6,7 @@ DAEMONS = bounce.8.html cleanup.8.html defer.8.html error.8.html local.8.html \
lmtp.8.html master.8.html pickup.8.html pipe.8.html qmgr.8.html \
showq.8.html smtp.8.html smtpd.8.html trivial-rewrite.8.html \
nqmgr.8.html spawn.8.html flush.8.html virtual.8.html qmqpd.8.html \
trace.8.html verify.8.html proxymap.8.html crate.8.html
trace.8.html verify.8.html proxymap.8.html anvil.8.html
COMMANDS= mailq.1.html newaliases.1.html postalias.1.html postcat.1.html \
postconf.1.html postfix.1.html postkick.1.html postlock.1.html \
postlog.1.html postdrop.1.html postmap.1.html sendmail.1.html \
@ -50,7 +50,7 @@ cleanup.8.html: ../src/cleanup/cleanup.c
PATH=../mantools:$$PATH; \
srctoman $? | $(AWK) | nroff -man | uniq | man2html | postlink >$@
crate.8.html: ../src/crate/crate.c
anvil.8.html: ../src/anvil/anvil.c
PATH=../mantools:$$PATH; \
srctoman $? | $(AWK) | nroff -man | uniq | man2html | postlink >$@

106
postfix/html/anvil.8.html Normal file
View File

@ -0,0 +1,106 @@
<html> <body> <pre>
ANVIL(8) ANVIL(8)
<b>NAME</b>
anvil - Postfix connection count and rate management
<b>SYNOPSIS</b>
<b>anvil</b> [generic Postfix daemon options]
<b>DESCRIPTION</b>
The Postfix <b>anvil</b> server maintains short-term statistics
to defend against clients that hammer a server with either
too many parallel connections or with too many successive
connection attempts within a configurable time interval.
This server is designed to run under control by the Post-
fix master server.
<b>PROTOCOL</b>
When a remote client connects, a connection count (or
rate) limited server should send the following request to
the <b>anvil</b> server:
<b>request=connect</b>
<b>ident=</b><i>string</i>
This registers a new connection for the (service, client)
combination specified with <b>ident</b>. The <b>anvil</b> server answers
with the number of simultaneous connections and the number
of connections per unit time for that (service, client)
combination:
<b>status=0</b>
<b>count=</b><i>number</i>
<b>rate=</b><i>number</i>
The <b>rate</b> is computed as the number of connections that
were registered in the current "time unit" interval. It
is left up to the server to decide if the remote client
exceeds the connection count (or rate) limit.
When a remote client disconnects, a connection count (or
rate) limited server should send the following request to
the <b>anvil</b> server:
<b>request=disconnect</b>
<b>ident=</b><i>string</i>
This registers a disconnect event for the (service,
client) combination specified with <b>ident</b>. The <b>anvil</b> server
replies with:
<b>status=0</b>
<b>SECURITY</b>
The <b>anvil</b> server does not talk to the network or to local
users, and can run chrooted at fixed low privilege.
The <b>anvil</b> server maintains an in-memory table with infor-
mation about recent clients of a connection count (or
rate) limited service. Although state is kept only tem-
porarily, this may require a lot of memory on systems that
handle connections from many remote clients. To reduce
memory usage, reduce the time unit over which state is
kept.
<b>DIAGNOSTICS</b>
Problems and transactions are logged to <b>syslogd</b>(8).
Upon process exit, the server logs the maximal count and
rate values measured, together with (service, client) and
time associated with those events.
<b>BUGS</b>
Systems behind network address translating routers or
proxies appear to have the same client address and can run
into connection count and/or rate limits falsely.
In this preliminary implementation, a count (or rate) lim-
ited server can have only one remote client at a time. If
a server reports multiple simultaneous clients, all but
the last reported client are ignored.
<b>CONFIGURATION PARAMETERS</b>
The following <b>main.cf</b> parameters are especially relevant
to this program. Use the <b>postfix reload</b> command after a
configuration change.
<b>connection_rate_time_unit</b>
The unit of time over which connection rates are
calculated.
<b>SEE ALSO</b>
<a href="smtpd.8.html">smtpd(8)</a> Postfix SMTP server
<b>LICENSE</b>
The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
Wietse Venema
IBM T.J. Watson Research
P.O. Box 704
Yorktown Heights, NY 10598, USA
ANVIL(8)
</pre> </body> </html>

106
postfix/html/crate.8.html
View File

@ -1,106 +0,0 @@
<html> <body> <pre>
CRATE(8) CRATE(8)
<b>NAME</b>
crate - Postfix connection count and rate management
<b>SYNOPSIS</b>
<b>crate</b> [generic Postfix daemon options]
<b>DESCRIPTION</b>
The Postfix <b>crate</b> server maintains statistics that other
Postfix servers can use to limit the number of simultane-
ous connections as well as the frequency of connection
attempts over a configurable unit of time. This server is
designed to run under control by the Postfix master
server.
<b>PROTOCOL</b>
When a connection is established, a rate limited server
sends the following request to the <b>crate</b> server:
<b>request=connect</b>
<b>ident=</b><i>string</i>
This registers a new connection for the remote client and
the rate limited service specified with <i>string</i>. The <b>crate</b>
server answers with the number of simultaneous connections
and the number of connections per unit time for that (ser-
vice, client) combination:
<b>status=0</b>
<b>count=</b><i>number</i>
<b>rate=</b><i>number</i>
It is left up to the rate limited service to decide if the
remote client connection request is acceptable.
When a remote client disconnects, a rate limited server
sends the following request to the <b>crate</b> server:
<b>request=disconnect</b>
<b>ident=</b><i>string</i>
This registers a disconnect event for the remote client
and the rate limited service specified with <i>string</i>. The
rate limit management server replies with:
<b>status=0</b>
<b>SECURITY</b>
The connection count and rate management service is not
security sensitive. It does not talk to the network or
local users, and it can run chrooted at fixed low privi-
lege.
This server maintains an in-memory table with information
about past and current clients of a rate limited service.
Although state is kept only temporarily, this may require
a lot of memory when a system handles connections from
many remote clients, or when a system comes under a dis-
tributed denial of service attack. In that case, reduce
the time unit over which statistics are kept.
Systems behind network address translating routers or
proxies appear to have the same client address and can run
into connection count and/or rate limits falsely.
<b>DIAGNOSTICS</b>
Problems and transactions are logged to <b>syslogd</b>(8).
<b>BUGS</b>
All state is lost when the service is restarted.
In this first implementation, a count or rate limited
server can have only one client at a time.
<b>CONFIGURATION PARAMETERS</b>
The following <b>main.cf</b> parameters are especially relevant
to this program. Use the <b>postfix reload</b> command after a
configuration change.
<b>connection_rate_purge_delay</b>
How long remote client state is remembered after
the remote client has disconnected completely. This
should not be smaller than the unit of time over
which connection rates are calculated.
<b>connection_rate_time_unit</b>
The unit of time over which connection rates are
calculated.
<b>SEE ALSO</b>
<a href="smtpd.8.html">smtpd(8)</a> Postfix SMTP server
<b>LICENSE</b>
The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
Wietse Venema
IBM T.J. Watson Research
P.O. Box 704
Yorktown Heights, NY 10598, USA
CRATE(8)
</pre> </body> </html>

52
postfix/html/postfix.1.html
View File

@ -1,11 +1,11 @@
<html> <head> </head> <body> <pre>
<html> <body> <pre>
POSTFIX(1) POSTFIX(1)
<b>NAME</b>
postfix - Postfix control program
<b>SYNOPSIS</b>
<b>postfix</b> [<b>-Dv</b>] [<b>-c</b> <i>config_dir</i>] <i>command</i>
<b>postfix</b> [<b>-Dv</b>] [<b>-c</b> <i>config</i><b>_</b><i>dir</i>] <i>command</i>
<b>DESCRIPTION</b>
This command is reserved for the superuser. To submit
@ -50,16 +50,16 @@ POSTFIX(1) POSTFIX(1)
The following options are implemented:
<b>-c</b> <i>config_dir</i>
<b>-c</b> <i>config</i><b>_</b><i>dir</i>
Read the <b>main.cf</b> and <b>master.cf</b> configuration files
in the named directory instead of the default con-
figuration directory. Use this to distinguish
between multiple Postfix instances on the same
host.
<b>-D</b> (with <b>postfix</b> <b>start</b> only)
<b>-D</b> (with <b>postfix start</b> only)
Run each Postfix daemon under control of a debugger
as specified via the <b>debugger</b><i>_</i><b>command</b> configuration
as specified via the <b>debugger_command</b> configuration
parameter.
<b>-v</b> Enable verbose logging for debugging purposes. Mul-
@ -70,76 +70,76 @@ POSTFIX(1) POSTFIX(1)
The <b>postfix</b> command exports the following environment
variables before executing the <b>postfix-script</b> file:
<b>MAIL</b><i>_</i><b>CONFIG</b>
<b>MAIL_CONFIG</b>
This is set when the -c command-line option is pre-
sent.
<b>MAIL</b><i>_</i><b>VERBOSE</b>
<b>MAIL_VERBOSE</b>
This is set when the -v command-line option is pre-
sent.
<b>MAIL</b><i>_</i><b>DEBUG</b>
<b>MAIL_DEBUG</b>
This is set when the -D command-line option is pre-
sent.
The following <b>main.cf</b> configuration parameters are
exported as environment variables with the same names:
<b>command</b><i>_</i><b>directory</b>
<b>command_directory</b>
Directory with Postfix administrative commands.
<b>daemon</b><i>_</i><b>directory</b>
<b>daemon_directory</b>
Directory with Postfix daemon programs.
<b>config</b><i>_</i><b>directory</b>
<b>config_directory</b>
Directory with Postfix configuration files and with
administrative shell scripts.
<b>queue</b><i>_</i><b>directory</b>
<b>queue_directory</b>
The directory with Postfix queue files, with local
inter-process communication endpoints, and with
files needed for daemon programs that run in the
optional chrooted environment.
<b>mail</b><i>_</i><b>owner</b>
<b>mail_owner</b>
The owner of Postfix queue files and of most Post-
fix processes.
<b>setgid</b><i>_</i><b>group</b>
<b>setgid_group</b>
The group for mail submission and queue management
commands.
<b>sendmail</b><i>_</i><b>path</b>
<b>sendmail_path</b>
The full pathname for the Postfix <b>sendmail</b> command.
<b>newaliases</b><i>_</i><b>path</b>
<b>newaliases_path</b>
The full pathname for the Postfix <b>newaliases</b> com-
mand.
<b>mailq</b><i>_</i><b>path</b>
<b>mailq_path</b>
The full pathname for the Postfix <b>mailq</b> command.
<b>manpage</b><i>_</i><b>directory</b>
<b>manpage_directory</b>
The directory for the Postfix on-line manual pages.
<b>sample</b><i>_</i><b>directory</b>
<b>sample_directory</b>
The directory for the Postfix sample configuration
files.
<b>readme</b><i>_</i><b>directory</b>
<b>readme_directory</b>
The directory for the Postfix README files.
<b>Other</b> <b>configuration</b> <b>parameters</b>
<b>import</b><i>_</i><b>environment</b>
<b>Other configuration parameters</b>
<b>import_environment</b>
List of names of environment parameters that can be
imported from non-Postfix processes.
<b>FILES</b>
$<b>config</b><i>_</i><b>directory/postfix-script</b>, administrative commands
$<b>config</b><i>_</i><b>directory/main.cf</b>, configuration parameters
$<b>config</b><i>_</i><b>directory/master.cf</b>, Postfix daemon processes
$<b>config_directory/postfix-script</b>, administrative commands
$<b>config_directory/main.cf</b>, configuration parameters
$<b>config_directory/master.cf</b>, Postfix daemon processes
<b>SEE</b> <b>ALSO</b>
<b>SEE ALSO</b>
<a href="postconf.1.html">postconf(1)</a> Postfix configuration management
<a href="postsuper.1.html">postsuper(1)</a> Postfix housekeeping
<a href="sendmail.1.html">sendmail(1)</a> Sendmail-compatible interface

14
postfix/html/smtpd.8.html
View File

@ -304,16 +304,22 @@ SMTPD(8) SMTPD(8)
<b>smtpd_client_connection_count_limit</b>
The maximal number of simultaneous connections that
any client is allowed to make to this service.
When a client exceeds the limit, the SMTP server
logs a warning with the client name/address and the
service name as configured in master.cf.
<b>smtpd_client_connection_rate_limit</b>
The maximal number of connections per unit time
(specified with <b>connection_rate_time_unit</b>) that any
client is allowed to make to this service.
client is allowed to make to this service. When a
client exceeds the limit, the SMTP server logs a
warning with the client name/address and the ser-
vice name as configured in master.cf.
<b>smtpd_client_connection_limit_exceptions</b>
Hostnames, .domain names or network address blocks
of clients that are excluded from connection count
or rate limits.
Hostnames, .domain names and/or network address
blocks of clients that are excluded from connection
count or rate limits.
<b>Tarpitting</b>
<b>smtpd_error_sleep_time</b>

4
postfix/man/Makefile.in
View File

@ -6,7 +6,7 @@ DAEMONS = man8/bounce.8 man8/defer.8 man8/cleanup.8 man8/error.8 man8/local.8 \
man8/lmtp.8 man8/master.8 man8/pickup.8 man8/pipe.8 man8/qmgr.8 \
man8/showq.8 man8/smtp.8 man8/smtpd.8 man8/trivial-rewrite.8 \
man8/nqmgr.8 man8/spawn.8 man8/flush.8 man8/virtual.8 man8/qmqpd.8 \
man8/verify.8 man8/trace.8 man8/proxymap.8 man8/crate.8
man8/verify.8 man8/trace.8 man8/proxymap.8 man8/anvil.8
COMMANDS= man1/postalias.1 man1/postcat.1 man1/postconf.1 man1/postfix.1 \
man1/postkick.1 man1/postlock.1 man1/postlog.1 man1/postdrop.1 \
man1/postmap.1 man1/sendmail.1 man1/mailq.1 man1/newaliases.1 \
@ -39,7 +39,7 @@ man8/defer.8:
man8/cleanup.8: ../src/cleanup/cleanup.c
../mantools/srctoman $? >$@
man8/crate.8: ../src/crate/crate.c
man8/anvil.8: ../src/anvil/anvil.c
../mantools/srctoman $? >$@
man8/error.8: ../src/error/error.c

129
postfix/man/man8/anvil.8 Normal file
View File

@ -0,0 +1,129 @@
.TH ANVIL 8
.ad
.fi
.SH NAME
anvil
\-
Postfix connection count and rate management
.SH SYNOPSIS
.na
.nf
\fBanvil\fR [generic Postfix daemon options]
.SH DESCRIPTION
.ad
.fi
The Postfix \fBanvil\fR server maintains short-term statistics
to defend against clients that hammer a server with either too
many parallel connections or with too many successive connection
attempts within a configurable time interval.
This server is designed to run under control by the Postfix
master server.
.SH PROTOCOL
.na
.nf
.ad
.fi
When a remote client connects, a connection count (or rate) limited
server should send the following request to the \fBanvil\fR server:
.PP
.in +4
\fBrequest=connect\fR
.br
\fBident=\fIstring\fR
.in
.PP
This registers a new connection for the (service, client)
combination specified with \fBident\fR. The \fBanvil\fR server
answers with the number of simultaneous connections and the
number of connections per unit time for that (service, client)
combination:
.PP
.in +4
\fBstatus=0\fR
.br
\fBcount=\fInumber\fR
.br
\fBrate=\fInumber\fR
.in
.PP
The \fBrate\fR is computed as the number of connections
that were registered in the current "time unit" interval.
It is left up to the server to decide if the remote client
exceeds the connection count (or rate) limit.
.PP
When a remote client disconnects, a connection count (or rate) limited
server should send the following request to the \fBanvil\fR server:
.PP
.in +4
\fBrequest=disconnect\fR
.br
\fBident=\fIstring\fR
.in
.PP
This registers a disconnect event for the (service, client)
combination specified with \fBident\fR. The \fBanvil\fR
server replies with:
.PP
.ti +4
\fBstatus=0\fR
.PP
.SH SECURITY
.na
.nf
.ad
.fi
The \fBanvil\fR server does not talk to the network or to local
users, and can run chrooted at fixed low privilege.
The \fBanvil\fR server maintains an in-memory table with information
about recent clients of a connection count (or rate) limited service.
Although state is kept only temporarily, this may require a lot of
memory on systems that handle connections from many remote clients.
To reduce memory usage, reduce the time unit over which state
is kept.
.SH DIAGNOSTICS
.ad
.fi
Problems and transactions are logged to \fBsyslogd\fR(8).
Upon process exit, the server logs the maximal count and rate
values measured, together with (service, client) and time
associated with those events.
.SH BUGS
.ad
.fi
Systems behind network address translating routers or proxies
appear to have the same client address and can run into connection
count and/or rate limits falsely.
In this preliminary implementation, a count (or rate) limited server
can have only one remote client at a time. If a server reports
multiple simultaneous clients, all but the last reported client
are ignored.
.SH CONFIGURATION PARAMETERS
.na
.nf
.ad
.fi
The following \fBmain.cf\fR parameters are especially relevant to
this program. Use the \fBpostfix reload\fR command after
a configuration change.
.IP \fBconnection_rate_time_unit\fR
The unit of time over which connection rates are calculated.
.SH SEE ALSO
.na
.nf
smtpd(8) Postfix SMTP server
.SH LICENSE
.na
.nf
.ad
.fi
The Secure Mailer license must be distributed with this software.
.SH AUTHOR(S)
.na
.nf
Wietse Venema
IBM T.J. Watson Research
P.O. Box 704
Yorktown Heights, NY 10598, USA

128
postfix/man/man8/crate.8
View File

@ -1,128 +0,0 @@
.TH CRATE 8
.ad
.fi
.SH NAME
crate
\-
Postfix connection count and rate management
.SH SYNOPSIS
.na
.nf
\fBcrate\fR [generic Postfix daemon options]
.SH DESCRIPTION
.ad
.fi
The Postfix \fBcrate\fR server maintains statistics that other
Postfix servers can use to limit the number of simultaneous
connections as well as the frequency of connection attempts
over a configurable unit of time.
This server is designed to run under control by the Postfix
master server.
.SH PROTOCOL
.na
.nf
.ad
.fi
When a connection is established, a rate limited server
sends the following request to the \fBcrate\fR server:
.PP
.in +4
\fBrequest=connect\fR
.br
\fBident=\fIstring\fR
.in
.PP
This registers a new connection for the remote client and the rate
limited service specified with \fIstring\fR. The \fBcrate\fR server
answers with the number of simultaneous connections and the
number of connections per unit time for that (service, client)
combination:
.PP
.in +4
\fBstatus=0\fR
.br
\fBcount=\fInumber\fR
.br
\fBrate=\fInumber\fR
.in
.PP
It is left up to the rate limited service to decide if the
remote client connection request is acceptable.
.PP
When a remote client disconnects, a rate limited server
sends the following request to the \fBcrate\fR server:
.PP
.in +4
\fBrequest=disconnect\fR
.br
\fBident=\fIstring\fR
.in
.PP
This registers a disconnect event for the remote client and the rate
limited service specified with \fIstring\fR. The rate limit management
server replies with:
.PP
.ti +4
\fBstatus=0\fR
.PP
.SH SECURITY
.na
.nf
.ad
.fi
The connection count and rate management service is not security
sensitive. It does not talk to the network or local users,
and it can run chrooted at fixed low privilege.
This server maintains an in-memory table with information about
past and current clients of a rate limited service. Although state
is kept only temporarily, this may require a lot of memory when a
system handles connections from many remote clients, or when a system
comes under a distributed denial of service attack. In that case,
reduce the time unit over which statistics are kept.
Systems behind network address translating routers or proxies
appear to have the same client address and can run into connection
count and/or rate limits falsely.
.SH DIAGNOSTICS
.ad
.fi
Problems and transactions are logged to \fBsyslogd\fR(8).
.SH BUGS
.ad
.fi
All state is lost when the service is restarted.
In this first implementation, a count or rate limited server
can have only one client at a time.
.SH CONFIGURATION PARAMETERS
.na
.nf
.ad
.fi
The following \fBmain.cf\fR parameters are especially relevant to
this program. Use the \fBpostfix reload\fR command after
a configuration change.
.IP \fBconnection_rate_purge_delay\fR
How long remote client state is remembered after the remote client
has disconnected completely. This should not be smaller than the
unit of time over which connection rates are calculated.
.IP \fBconnection_rate_time_unit\fR
The unit of time over which connection rates are calculated.
.SH SEE ALSO
.na
.nf
smtpd(8) Postfix SMTP server
.SH LICENSE
.na
.nf
.ad
.fi
The Secure Mailer license must be distributed with this software.
.SH AUTHOR(S)
.na
.nf
Wietse Venema
IBM T.J. Watson Research
P.O. Box 704
Yorktown Heights, NY 10598, USA

10
postfix/man/man8/smtpd.8
View File

@ -254,13 +254,17 @@ Flush the command history to postmaster after receipt of RSET etc.
only if the number of history lines exceeds the given threshold.
.IP \fBsmtpd_client_connection_count_limit\fR
The maximal number of simultaneous connections that any
client is allowed to make to this service.
client is allowed to make to this service. When a client exceeds
the limit, the SMTP server logs a warning with the client
name/address and the service name as configured in master.cf.
.IP \fBsmtpd_client_connection_rate_limit\fR
The maximal number of connections per unit time (specified
with \fBconnection_rate_time_unit\fR) that any client
is allowed to make to this service.
is allowed to make to this service. When a client exceeds
the limit, the SMTP server logs a warning with the client
name/address and the service name as configured in master.cf.
.IP \fBsmtpd_client_connection_limit_exceptions\fR
Hostnames, .domain names or network address blocks of clients
Hostnames, .domain names and/or network address blocks of clients
that are excluded from connection count or rate limits.
.SH Tarpitting
.ad

0
postfix/src/crate/.indent.pro → postfix/src/anvil/.indent.pro vendored
View File

0
postfix/src/crate/.printfck → postfix/src/anvil/.printfck
View File

44
postfix/src/crate/Makefile.in → postfix/src/anvil/Makefile.in
View File

@ -1,6 +1,6 @@
SHELL = /bin/sh
SRCS = crate.c
OBJS = crate.o
SRCS = anvil.c
OBJS = anvil.o
HDRS =
TESTSRC =
WARN = -W -Wformat -Wimplicit -Wmissing-prototypes \
@ -9,7 +9,7 @@ WARN = -W -Wformat -Wimplicit -Wmissing-prototypes \
DEFS = -I. -I$(INC_DIR) -D$(SYSTYPE)
CFLAGS = $(DEBUG) $(OPT) $(DEFS)
TESTPROG=
PROG = crate
PROG = anvil
INC_DIR = ../../include
LIBS = ../../lib/libmaster.a ../../lib/libglobal.a ../../lib/libutil.a
@ -55,22 +55,22 @@ depend: $(MAKES)
@$(EXPORT) make -f Makefile.in Makefile 1>&2
# do not edit below this line - it is generated by 'make depend'
crate.o: crate.c
crate.o: ../../include/sys_defs.h
crate.o: ../../include/msg.h
crate.o: ../../include/mymalloc.h
crate.o: ../../include/htable.h
crate.o: ../../include/binhash.h
crate.o: ../../include/stringops.h
crate.o: ../../include/vstring.h
crate.o: ../../include/vbuf.h
crate.o: ../../include/events.h
crate.o: ../../include/mail_conf.h
crate.o: ../../include/mail_params.h
crate.o: ../../include/crate_clnt.h
crate.o: ../../include/attr_clnt.h
crate.o: ../../include/attr.h
crate.o: ../../include/vstream.h
crate.o: ../../include/mail_proto.h
crate.o: ../../include/iostuff.h
crate.o: ../../include/mail_server.h
anvil.o: anvil.c
anvil.o: ../../include/sys_defs.h
anvil.o: ../../include/msg.h
anvil.o: ../../include/mymalloc.h
anvil.o: ../../include/htable.h
anvil.o: ../../include/binhash.h
anvil.o: ../../include/stringops.h
anvil.o: ../../include/vstring.h
anvil.o: ../../include/vbuf.h
anvil.o: ../../include/events.h
anvil.o: ../../include/mail_conf.h
anvil.o: ../../include/mail_params.h
anvil.o: ../../include/mail_proto.h
anvil.o: ../../include/vstream.h
anvil.o: ../../include/iostuff.h
anvil.o: ../../include/attr.h
anvil.o: ../../include/anvil_clnt.h
anvil.o: ../../include/attr_clnt.h
anvil.o: ../../include/mail_server.h

582
postfix/src/anvil/anvil.c Normal file
View File

@ -0,0 +1,582 @@
/*++
/* NAME
/* anvil 8
/* SUMMARY
/* Postfix connection count and rate management
/* SYNOPSIS
/* \fBanvil\fR [generic Postfix daemon options]
/* DESCRIPTION
/* The Postfix \fBanvil\fR server maintains short-term statistics
/* to defend against clients that hammer a server with either too
/* many parallel connections or with too many successive connection
/* attempts within a configurable time interval.
/* This server is designed to run under control by the Postfix
/* master server.
/* PROTOCOL
/* .ad
/* .fi
/* When a remote client connects, a connection count (or rate) limited
/* server should send the following request to the \fBanvil\fR server:
/* .PP
/* .in +4
/* \fBrequest=connect\fR
/* .br
/* \fBident=\fIstring\fR
/* .in
/* .PP
/* This registers a new connection for the (service, client)
/* combination specified with \fBident\fR. The \fBanvil\fR server
/* answers with the number of simultaneous connections and the
/* number of connections per unit time for that (service, client)
/* combination:
/* .PP
/* .in +4
/* \fBstatus=0\fR
/* .br
/* \fBcount=\fInumber\fR
/* .br
/* \fBrate=\fInumber\fR
/* .in
/* .PP
/* The \fBrate\fR is computed as the number of connections
/* that were registered in the current "time unit" interval.
/* It is left up to the server to decide if the remote client
/* exceeds the connection count (or rate) limit.
/* .PP
/* When a remote client disconnects, a connection count (or rate) limited
/* server should send the following request to the \fBanvil\fR server:
/* .PP
/* .in +4
/* \fBrequest=disconnect\fR
/* .br
/* \fBident=\fIstring\fR
/* .in
/* .PP
/* This registers a disconnect event for the (service, client)
/* combination specified with \fBident\fR. The \fBanvil\fR
/* server replies with:
/* .PP
/* .ti +4
/* \fBstatus=0\fR
/* .PP
/* SECURITY
/* .ad
/* .fi
/* The \fBanvil\fR server does not talk to the network or to local
/* users, and can run chrooted at fixed low privilege.
/*
/* The \fBanvil\fR server maintains an in-memory table with information
/* about recent clients of a connection count (or rate) limited service.
/* Although state is kept only temporarily, this may require a lot of
/* memory on systems that handle connections from many remote clients.
/* To reduce memory usage, reduce the time unit over which state
/* is kept.
/* DIAGNOSTICS
/* Problems and transactions are logged to \fBsyslogd\fR(8).
/*
/* Upon process exit, the server logs the maximal count and rate
/* values measured, together with (service, client) and time
/* associated with those events.
/* BUGS
/* Systems behind network address translating routers or proxies
/* appear to have the same client address and can run into connection
/* count and/or rate limits falsely.
/*
/* In this preliminary implementation, a count (or rate) limited server
/* can have only one remote client at a time. If a server reports
/* multiple simultaneous clients, all but the last reported client
/* are ignored.
/* CONFIGURATION PARAMETERS
/* .ad
/* .fi
/* The following \fBmain.cf\fR parameters are especially relevant to
/* this program. Use the \fBpostfix reload\fR command after
/* a configuration change.
/* .IP \fBconnection_rate_time_unit\fR
/* The unit of time over which connection rates are calculated.
/* SEE ALSO
/* smtpd(8) Postfix SMTP server
/* LICENSE
/* .ad
/* .fi
/* The Secure Mailer license must be distributed with this software.
/* AUTHOR(S)
/* Wietse Venema
/* IBM T.J. Watson Research
/* P.O. Box 704
/* Yorktown Heights, NY 10598, USA
/*--*/
/* System library. */
#include <sys_defs.h>
#include <sys/time.h>
#include <limits.h>
/* Utility library. */
#include <msg.h>
#include <mymalloc.h>
#include <htable.h>
#include <binhash.h>
#include <stringops.h>
#include <events.h>
/* Global library. */
#include <mail_conf.h>
#include <mail_params.h>
#include <mail_proto.h>
#include <anvil_clnt.h>
/* Server skeleton. */
#include <mail_server.h>
/* Application-specific. */
int var_anvil_time_unit;
/*
* State.
*/
static HTABLE *anvil_remote_map; /* indexed by service+ remote client */
static BINHASH *anvil_local_map; /* indexed by local client handle */
/*
* Absent a real-time query interface, these are logged at process exit
* time.
*/
static int max_count;
static char *max_count_user;
static time_t max_count_time;
static int max_rate;
static char *max_rate_user;
static time_t max_rate_time;
/*
* Remote connection state, one instance for each (service, client) pair.
*/
typedef struct {
char *ident; /* lookup key */
int count; /* connection count */
int rate; /* connection rate */
time_t start; /* time of first rate sample */
} ANVIL_REMOTE;
/*
* Local server state, one per server instance. This allows us to clean up
* connection state when a local server goes away without cleaning up.
*/
typedef struct {
ANVIL_REMOTE *anvil_remote; /* XXX should be list */
} ANVIL_LOCAL;
/*
* Silly little macros.
*/
#define STR(x) vstring_str(x)
#define STREQ(x,y) (strcmp((x), (y)) == 0)
/*
* The following operations are implemented as macros with recognizable
* names so that we don't lose sight of what the code is trying to do.
*
* Related operations are defined side by side so that the code implementing
* them isn't pages apart.
*/
/* Create new (service, client) state. */
#define ANVIL_REMOTE_FIRST(remote, id) \
do { \
(remote)->ident = mystrdup(id); \
(remote)->count = 1; \
(remote)->rate = 1; \
(remote)->start = event_time(); \
} while(0)
/* Destroy unused (service, client) state. */
#define ANVIL_REMOTE_FREE(remote) \
do { \
myfree((remote)->ident); \
myfree((char *) (remote)); \
} while(0)
/* Add connection to (service, client) state. */
#define ANVIL_REMOTE_NEXT(remote) \
do { \
time_t _now = event_time(); \
if ((remote)->start + var_anvil_time_unit < _now) { \
(remote)->rate = 1; \
(remote)->start = _now; \
} else if ((remote)->rate < INT_MAX) { \
(remote)->rate += 1; \
} \
if ((remote)->count == 0) \
event_cancel_timer(anvil_remote_expire, (char *) remote); \
(remote)->count++; \
} while(0)
/* Drop connection from (service, client) state. */
#define ANVIL_REMOTE_DROP_ONE(remote) \
do { \
if ((remote) && (remote)->count > 0) { \
if (--(remote)->count == 0) \
event_request_timer(anvil_remote_expire, (char *) remote, \
var_anvil_time_unit); \
} \
} while(0)
/* Create local server state. */
#define ANVIL_LOCAL_INIT(local) \
do { \
(local)->anvil_remote = 0; \
} while(0)
/* Add connection to local server. */
#define ANVIL_LOCAL_ADD_ONE(local, remote) \
do { \
/* XXX allow multiple remote clients per local server. */ \
if ((local)->anvil_remote) \
ANVIL_REMOTE_DROP_ONE((local)->anvil_remote); \
(local)->anvil_remote = (remote); \
} while(0)
/* Drop connection from local server. */
#define ANVIL_LOCAL_DROP_ONE(local, remote) \
do { \
/* XXX allow multiple remote clients per local server. */ \
if ((local)->anvil_remote == (remote)) \
(local)->anvil_remote = 0; \
} while(0)
/* Drop all connections from local server. */
#define ANVIL_LOCAL_DROP_ALL(stream, local) \
do { \
/* XXX allow multiple remote clients per local server. */ \
if ((local)->anvil_remote) \
anvil_remote_disconnect((stream), (local)->anvil_remote->ident); \
} while (0)
/* anvil_remote_expire - purge expired connection state */
static void anvil_remote_expire(int unused_event, char *context)
{
ANVIL_REMOTE *anvil_remote = (ANVIL_REMOTE *) context;
char *myname = "anvil_remote_expire";
if (msg_verbose)
msg_info("%s %s", myname, anvil_remote->ident);
if (anvil_remote->count != 0)
msg_panic("%s: bad connection count: %d",
myname, anvil_remote->count);
htable_delete(anvil_remote_map, anvil_remote->ident,
(void (*) (char *)) 0);
ANVIL_REMOTE_FREE(anvil_remote);
}
/* anvil_remote_lookup - dump address status */
static void anvil_remote_lookup(VSTREAM *client_stream, const char *ident)
{
ANVIL_REMOTE *anvil_remote;
char *myname = "anvil_remote_lookup";
HTABLE_INFO **ht_info;
HTABLE_INFO **ht;
if (msg_verbose)
msg_info("%s fd=%d stream=0x%lx ident=%s",
myname, vstream_fileno(client_stream),
(unsigned long) client_stream, ident);
/*
* Look up remote client information.
*/
if (STREQ(ident, "*")) {
attr_print_plain(client_stream, ATTR_FLAG_MORE,
ATTR_TYPE_NUM, ANVIL_ATTR_STATUS, ANVIL_STAT_OK,
ATTR_TYPE_END);
ht_info = htable_list(anvil_remote_map);
for (ht = ht_info; *ht; ht++) {
anvil_remote = (ANVIL_REMOTE *) ht[0]->value;
attr_print_plain(client_stream, ATTR_FLAG_MORE,
ATTR_TYPE_STR, ANVIL_ATTR_IDENT, ht[0]->key,
ATTR_TYPE_NUM, ANVIL_ATTR_COUNT, anvil_remote->count,
ATTR_TYPE_NUM, ANVIL_ATTR_RATE, anvil_remote->rate,
ATTR_TYPE_END);
}
attr_print_plain(client_stream, ATTR_FLAG_NONE, ATTR_TYPE_END);
myfree((char *) ht_info);
} else if ((anvil_remote =
(ANVIL_REMOTE *) htable_find(anvil_remote_map, ident)) == 0) {
attr_print_plain(client_stream, ATTR_FLAG_NONE,
ATTR_TYPE_NUM, ANVIL_ATTR_STATUS, ANVIL_STAT_FAIL,
ATTR_TYPE_NUM, ANVIL_ATTR_COUNT, 0,
ATTR_TYPE_NUM, ANVIL_ATTR_RATE, 0,
ATTR_TYPE_END);
} else {
attr_print_plain(client_stream, ATTR_FLAG_NONE,
ATTR_TYPE_NUM, ANVIL_ATTR_STATUS, ANVIL_STAT_OK,
ATTR_TYPE_NUM, ANVIL_ATTR_COUNT, anvil_remote->count,
ATTR_TYPE_NUM, ANVIL_ATTR_RATE, anvil_remote->rate,
ATTR_TYPE_END);
}
}
/* anvil_remote_connect - report connection event, query address status */
static void anvil_remote_connect(VSTREAM *client_stream, const char *ident)
{
ANVIL_REMOTE *anvil_remote;
ANVIL_LOCAL *anvil_local;
char *myname = "anvil_remote_connect";
if (msg_verbose)
msg_info("%s fd=%d stream=0x%lx ident=%s",
myname, vstream_fileno(client_stream),
(unsigned long) client_stream, ident);
/*
* Look up remote connection count information. Update remote connection
* rate information. Simply reset the counter every var_anvil_time_unit
* seconds. This is easier than maintaining a moving average and it gives
* a quicker response to tresspassers.
*/
if ((anvil_remote =
(ANVIL_REMOTE *) htable_find(anvil_remote_map, ident)) == 0) {
anvil_remote = (ANVIL_REMOTE *) mymalloc(sizeof(*anvil_remote));
ANVIL_REMOTE_FIRST(anvil_remote, ident);
htable_enter(anvil_remote_map, ident, (char *) anvil_remote);
} else {
ANVIL_REMOTE_NEXT(anvil_remote);
}
/*
* Record this connection under the local client information, so that we
* can clean up all its connection state when the local client goes away.
*/
if ((anvil_local =
(ANVIL_LOCAL *) binhash_find(anvil_local_map,
(char *) &client_stream,
sizeof(client_stream))) == 0) {
anvil_local = (ANVIL_LOCAL *) mymalloc(sizeof(*anvil_local));
ANVIL_LOCAL_INIT(anvil_local);
binhash_enter(anvil_local_map, (char *) &client_stream,
sizeof(client_stream), (char *) anvil_local);
}
ANVIL_LOCAL_ADD_ONE(anvil_local, anvil_remote);
if (msg_verbose)
msg_info("%s: anvil_local 0x%lx",
myname, (unsigned long) anvil_local);
/*
* Respond to the local client.
*/
attr_print_plain(client_stream, ATTR_FLAG_NONE,
ATTR_TYPE_NUM, ANVIL_ATTR_STATUS, ANVIL_STAT_OK,
ATTR_TYPE_NUM, ANVIL_ATTR_COUNT, anvil_remote->count,
ATTR_TYPE_NUM, ANVIL_ATTR_RATE, anvil_remote->rate,
ATTR_TYPE_END);
/*
* Update local statistics.
*/
if (anvil_remote->rate > max_rate) {
max_rate = anvil_remote->rate;
if (max_rate_user == 0) {
max_rate_user = mystrdup(anvil_remote->ident);
} else if (!STREQ(max_rate_user, anvil_remote->ident)) {
myfree(max_rate_user);
max_rate_user = mystrdup(anvil_remote->ident);
}
max_rate_time = event_time();
}
if (anvil_remote->count > max_count) {
max_count = anvil_remote->count;
if (max_count_user == 0) {
max_count_user = mystrdup(anvil_remote->ident);
} else if (!STREQ(max_count_user, anvil_remote->ident)) {
myfree(max_count_user);
max_count_user = mystrdup(anvil_remote->ident);
}
max_count_time = event_time();
}
}
/* anvil_remote_disconnect - report disconnect event */
static void anvil_remote_disconnect(VSTREAM *client_stream, const char *ident)
{
ANVIL_REMOTE *anvil_remote;
ANVIL_LOCAL *anvil_local;
char *myname = "anvil_remote_disconnect";
if (msg_verbose)
msg_info("%s fd=%d stream=0x%lx ident=%s",
myname, vstream_fileno(client_stream),
(unsigned long) client_stream, ident);
/*
* Look up the remote client.
*/
if ((anvil_remote =
(ANVIL_REMOTE *) htable_find(anvil_remote_map, ident)) != 0)
ANVIL_REMOTE_DROP_ONE(anvil_remote);
/*
* Update the local client information.
*/
if ((anvil_local =
(ANVIL_LOCAL *) binhash_find(anvil_local_map,
(char *) &client_stream,
sizeof(client_stream))) != 0)
ANVIL_LOCAL_DROP_ONE(anvil_local, anvil_remote);
if (msg_verbose)
msg_info("%s: anvil_local 0x%lx",
myname, (unsigned long) anvil_local);
/*
* Respond to the local client.
*/
attr_print_plain(client_stream, ATTR_FLAG_NONE,
ATTR_TYPE_NUM, ANVIL_ATTR_STATUS, ANVIL_STAT_OK,
ATTR_TYPE_END);
}
/* anvil_service_done - clean up */
static void anvil_service_done(VSTREAM *client_stream, char *unused_service,
char **unused_argv)
{
ANVIL_LOCAL *anvil_local;
char *myname = "anvil_service_done";
if (msg_verbose)
msg_info("%s fd=%d stream=0x%lx",
myname, vstream_fileno(client_stream),
(unsigned long) client_stream);
/*
* Look up the local client, and get rid of open remote connection state
* that we still have for this local client. Do not destroy remote client
* status information before it expires.
*/
if ((anvil_local =
(ANVIL_LOCAL *) binhash_find(anvil_local_map,
(char *) &client_stream,
sizeof(client_stream))) != 0) {
if (msg_verbose)
msg_info("%s: anvil_local 0x%lx",
myname, (unsigned long) anvil_local);
ANVIL_LOCAL_DROP_ALL(client_stream, anvil_local);
binhash_delete(anvil_local_map,
(char *) &client_stream,
sizeof(client_stream), myfree);
} else if (msg_verbose)
msg_info("client socket not found for fd=%d",
vstream_fileno(client_stream));
}
/* anvil_service - perform service for client */
static void anvil_service(VSTREAM *client_stream, char *unused_service, char **argv)
{
VSTRING *request = vstring_alloc(10);
VSTRING *ident = vstring_alloc(10);
/*
* Sanity check. This service takes no command-line arguments.
*/
if (argv[0])
msg_fatal("unexpected command-line argument: %s", argv[0]);
/*
* This routine runs whenever a client connects to the socket dedicated
* to the client connection rate management service. All
* connection-management stuff is handled by the common code in
* multi_server.c.
*/
if (attr_scan_plain(client_stream,
ATTR_FLAG_MISSING | ATTR_FLAG_STRICT,
ATTR_TYPE_STR, ANVIL_ATTR_REQ, request,
ATTR_TYPE_STR, ANVIL_ATTR_IDENT, ident,
ATTR_TYPE_END) == 2) {
if (STREQ(STR(request), ANVIL_REQ_CONN)) {
anvil_remote_connect(client_stream, STR(ident));
} else if (STREQ(STR(request), ANVIL_REQ_DISC)) {
anvil_remote_disconnect(client_stream, STR(ident));
} else if (STREQ(STR(request), ANVIL_REQ_LOOKUP)) {
anvil_remote_lookup(client_stream, STR(ident));
} else {
msg_warn("unrecognized request: \"%s\", ignored", STR(request));
attr_print_plain(client_stream, ATTR_FLAG_NONE,
ATTR_TYPE_NUM, ANVIL_ATTR_STATUS, ANVIL_STAT_FAIL,
ATTR_TYPE_END);
}
vstream_fflush(client_stream);
} else {
/* Note: invokes anvil_service_done() */
multi_server_disconnect(client_stream);
}
vstring_free(ident);
vstring_free(request);
}
/* post_jail_init - post-jail initialization */
static void post_jail_init(char *unused_name, char **unused_argv)
{
/*
* Initial client state tables.
*/
anvil_remote_map = htable_create(1000);
anvil_local_map = binhash_create(100);
/*
* Do not limit the number of client requests.
*/
var_use_limit = 0;
}
/* anvil_status_dump - log the extremes before terminating */
static void anvil_status_dump(char *unused_name, char **unused_argv)
{
if (max_rate > 0)
msg_info("statistics: maximal rate %d/%ds for (%s) at %.15s",
max_rate, var_anvil_time_unit,
max_rate_user, ctime(&max_rate_time) + 4);
if (max_count > 0)
msg_info("statistics: maximal count %d for (%s) at %.15s",
max_count, max_count_user, ctime(&max_count_time) + 4);
}
/* main - pass control to the multi-threaded skeleton */
int main(int argc, char **argv)
{
static CONFIG_TIME_TABLE time_table[] = {
VAR_ANVIL_TIME_UNIT, DEF_ANVIL_TIME_UNIT, &var_anvil_time_unit, 1, 0,
0,
};
multi_server_main(argc, argv, anvil_service,
MAIL_SERVER_TIME_TABLE, time_table,
MAIL_SERVER_POST_INIT, post_jail_init,
MAIL_SERVER_SOLITARY,
MAIL_SERVER_PRE_DISCONN, anvil_service_done,
MAIL_SERVER_EXIT, anvil_status_dump,
0);
}

25
postfix/src/bounce/Makefile.in
View File

@ -72,8 +72,6 @@ bounce.o: ../../include/iostuff.h
bounce.o: ../../include/attr.h
bounce.o: ../../include/mail_queue.h
bounce.o: ../../include/mail_params.h
bounce.o: ../../include/crate_clnt.h
bounce.o: ../../include/attr_clnt.h
bounce.o: ../../include/mail_conf.h
bounce.o: ../../include/bounce.h
bounce.o: ../../include/deliver_request.h
@ -90,9 +88,6 @@ bounce_append_service.o: ../../include/vbuf.h
bounce_append_service.o: ../../include/vstream.h
bounce_append_service.o: ../../include/stringops.h
bounce_append_service.o: ../../include/mail_params.h
bounce_append_service.o: ../../include/crate_clnt.h
bounce_append_service.o: ../../include/attr_clnt.h
bounce_append_service.o: ../../include/attr.h
bounce_append_service.o: ../../include/mail_queue.h
bounce_append_service.o: ../../include/quote_822_local.h
bounce_append_service.o: ../../include/quote_flags.h
@ -100,6 +95,7 @@ bounce_append_service.o: ../../include/deliver_flock.h
bounce_append_service.o: ../../include/myflock.h
bounce_append_service.o: ../../include/mail_proto.h
bounce_append_service.o: ../../include/iostuff.h
bounce_append_service.o: ../../include/attr.h
bounce_append_service.o: bounce_service.h
bounce_append_service.o: ../../include/bounce_log.h
bounce_cleanup.o: bounce_cleanup.c
@ -119,9 +115,6 @@ bounce_notify_service.o: ../../include/vstream.h
bounce_notify_service.o: ../../include/vbuf.h
bounce_notify_service.o: ../../include/name_mask.h
bounce_notify_service.o: ../../include/mail_params.h
bounce_notify_service.o: ../../include/crate_clnt.h
bounce_notify_service.o: ../../include/attr_clnt.h
bounce_notify_service.o: ../../include/attr.h
bounce_notify_service.o: ../../include/mail_queue.h
bounce_notify_service.o: ../../include/vstring.h
bounce_notify_service.o: ../../include/post_mail.h
@ -149,9 +142,6 @@ bounce_notify_util.o: ../../include/mail_queue.h
bounce_notify_util.o: ../../include/quote_822_local.h
bounce_notify_util.o: ../../include/quote_flags.h
bounce_notify_util.o: ../../include/mail_params.h
bounce_notify_util.o: ../../include/crate_clnt.h
bounce_notify_util.o: ../../include/attr_clnt.h
bounce_notify_util.o: ../../include/attr.h
bounce_notify_util.o: ../../include/is_header.h
bounce_notify_util.o: ../../include/record.h
bounce_notify_util.o: ../../include/rec_type.h
@ -164,6 +154,7 @@ bounce_notify_util.o: ../../include/bounce_log.h
bounce_notify_util.o: ../../include/mail_date.h
bounce_notify_util.o: ../../include/mail_proto.h
bounce_notify_util.o: ../../include/iostuff.h
bounce_notify_util.o: ../../include/attr.h
bounce_notify_util.o: ../../include/lex_822.h
bounce_notify_util.o: ../../include/deliver_completed.h
bounce_notify_util.o: bounce_service.h
@ -174,9 +165,6 @@ bounce_notify_verp.o: ../../include/vstream.h
bounce_notify_verp.o: ../../include/vbuf.h
bounce_notify_verp.o: ../../include/name_mask.h
bounce_notify_verp.o: ../../include/mail_params.h
bounce_notify_verp.o: ../../include/crate_clnt.h
bounce_notify_verp.o: ../../include/attr_clnt.h
bounce_notify_verp.o: ../../include/attr.h
bounce_notify_verp.o: ../../include/mail_queue.h
bounce_notify_verp.o: ../../include/vstring.h
bounce_notify_verp.o: ../../include/post_mail.h
@ -196,9 +184,6 @@ bounce_one_service.o: ../../include/vstream.h
bounce_one_service.o: ../../include/vbuf.h
bounce_one_service.o: ../../include/name_mask.h
bounce_one_service.o: ../../include/mail_params.h
bounce_one_service.o: ../../include/crate_clnt.h
bounce_one_service.o: ../../include/attr_clnt.h
bounce_one_service.o: ../../include/attr.h
bounce_one_service.o: ../../include/post_mail.h
bounce_one_service.o: ../../include/cleanup_user.h
bounce_one_service.o: ../../include/mail_addr.h
@ -215,9 +200,6 @@ bounce_trace_service.o: ../../include/msg.h
bounce_trace_service.o: ../../include/vstream.h
bounce_trace_service.o: ../../include/vbuf.h
bounce_trace_service.o: ../../include/mail_params.h
bounce_trace_service.o: ../../include/crate_clnt.h
bounce_trace_service.o: ../../include/attr_clnt.h
bounce_trace_service.o: ../../include/attr.h
bounce_trace_service.o: ../../include/mail_queue.h
bounce_trace_service.o: ../../include/vstring.h
bounce_trace_service.o: ../../include/post_mail.h
@ -234,9 +216,6 @@ bounce_warn_service.o: ../../include/vstream.h
bounce_warn_service.o: ../../include/vbuf.h
bounce_warn_service.o: ../../include/name_mask.h
bounce_warn_service.o: ../../include/mail_params.h
bounce_warn_service.o: ../../include/crate_clnt.h
bounce_warn_service.o: ../../include/attr_clnt.h
bounce_warn_service.o: ../../include/attr.h
bounce_warn_service.o: ../../include/mail_queue.h
bounce_warn_service.o: ../../include/vstring.h
bounce_warn_service.o: ../../include/post_mail.h

48
postfix/src/cleanup/Makefile.in
View File

@ -98,8 +98,6 @@ cleanup.o: ../../include/mail_proto.h
cleanup.o: ../../include/iostuff.h
cleanup.o: ../../include/attr.h
cleanup.o: ../../include/mail_params.h
cleanup.o: ../../include/crate_clnt.h
cleanup.o: ../../include/attr_clnt.h
cleanup.o: ../../include/record.h
cleanup.o: ../../include/rec_type.h
cleanup.o: ../../include/mail_server.h
@ -128,9 +126,6 @@ cleanup_addr.o: ../../include/stringops.h
cleanup_addr.o: ../../include/rec_type.h
cleanup_addr.o: ../../include/cleanup_user.h
cleanup_addr.o: ../../include/mail_params.h
cleanup_addr.o: ../../include/crate_clnt.h
cleanup_addr.o: ../../include/attr_clnt.h
cleanup_addr.o: ../../include/attr.h
cleanup_addr.o: ../../include/ext_prop.h
cleanup_addr.o: ../../include/mail_addr.h
cleanup_addr.o: ../../include/canon_addr.h
@ -167,8 +162,6 @@ cleanup_api.o: ../../include/bounce.h
cleanup_api.o: ../../include/deliver_request.h
cleanup_api.o: ../../include/recipient_list.h
cleanup_api.o: ../../include/mail_params.h
cleanup_api.o: ../../include/crate_clnt.h
cleanup_api.o: ../../include/attr_clnt.h
cleanup_api.o: ../../include/mail_stream.h
cleanup_api.o: ../../include/hold_message.h
cleanup_api.o: cleanup.h
@ -201,9 +194,6 @@ cleanup_envelope.o: ../../include/rec_type.h
cleanup_envelope.o: ../../include/cleanup_user.h
cleanup_envelope.o: ../../include/qmgr_user.h
cleanup_envelope.o: ../../include/mail_params.h
cleanup_envelope.o: ../../include/crate_clnt.h
cleanup_envelope.o: ../../include/attr_clnt.h
cleanup_envelope.o: ../../include/attr.h
cleanup_envelope.o: ../../include/verp_sender.h
cleanup_envelope.o: cleanup.h
cleanup_envelope.o: ../../include/argv.h
@ -233,11 +223,9 @@ cleanup_extracted.o: ../../include/qmgr_user.h
cleanup_extracted.o: ../../include/record.h
cleanup_extracted.o: ../../include/rec_type.h
cleanup_extracted.o: ../../include/mail_params.h
cleanup_extracted.o: ../../include/crate_clnt.h
cleanup_extracted.o: ../../include/attr_clnt.h
cleanup_extracted.o: ../../include/attr.h
cleanup_extracted.o: ../../include/mail_proto.h
cleanup_extracted.o: ../../include/iostuff.h
cleanup_extracted.o: ../../include/attr.h
cleanup_extracted.o: cleanup.h
cleanup_extracted.o: ../../include/argv.h
cleanup_extracted.o: ../../include/maps.h
@ -259,14 +247,11 @@ cleanup_init.o: ../../include/iostuff.h
cleanup_init.o: ../../include/name_mask.h
cleanup_init.o: ../../include/mail_addr.h
cleanup_init.o: ../../include/mail_params.h
cleanup_init.o: ../../include/crate_clnt.h
cleanup_init.o: ../../include/attr_clnt.h
cleanup_init.o: ../../include/attr.h
cleanup_init.o: ../../include/vstream.h
cleanup_init.o: ../../include/vbuf.h
cleanup_init.o: ../../include/ext_prop.h
cleanup_init.o: cleanup.h
cleanup_init.o: ../../include/vstring.h
cleanup_init.o: ../../include/vbuf.h
cleanup_init.o: ../../include/vstream.h
cleanup_init.o: ../../include/argv.h
cleanup_init.o: ../../include/nvtable.h
cleanup_init.o: ../../include/htable.h
@ -320,9 +305,6 @@ cleanup_map1n.o: ../../include/vbuf.h
cleanup_map1n.o: ../../include/dict.h
cleanup_map1n.o: ../../include/vstream.h
cleanup_map1n.o: ../../include/mail_params.h
cleanup_map1n.o: ../../include/crate_clnt.h
cleanup_map1n.o: ../../include/attr_clnt.h
cleanup_map1n.o: ../../include/attr.h
cleanup_map1n.o: ../../include/mail_addr_map.h
cleanup_map1n.o: ../../include/maps.h
cleanup_map1n.o: ../../include/cleanup_user.h
@ -351,15 +333,12 @@ cleanup_masquerade.o: ../../include/htable.h
cleanup_masquerade.o: ../../include/mymalloc.h
cleanup_masquerade.o: ../../include/stringops.h
cleanup_masquerade.o: ../../include/mail_params.h
cleanup_masquerade.o: ../../include/crate_clnt.h
cleanup_masquerade.o: ../../include/attr_clnt.h
cleanup_masquerade.o: ../../include/attr.h
cleanup_masquerade.o: ../../include/vstream.h
cleanup_masquerade.o: ../../include/tok822.h
cleanup_masquerade.o: ../../include/resolve_clnt.h
cleanup_masquerade.o: ../../include/quote_822_local.h
cleanup_masquerade.o: ../../include/quote_flags.h
cleanup_masquerade.o: cleanup.h
cleanup_masquerade.o: ../../include/vstream.h
cleanup_masquerade.o: ../../include/nvtable.h
cleanup_masquerade.o: ../../include/maps.h
cleanup_masquerade.o: ../../include/dict.h
@ -392,15 +371,13 @@ cleanup_message.o: ../../include/header_opts.h
cleanup_message.o: ../../include/quote_822_local.h
cleanup_message.o: ../../include/quote_flags.h
cleanup_message.o: ../../include/mail_params.h
cleanup_message.o: ../../include/crate_clnt.h
cleanup_message.o: ../../include/attr_clnt.h
cleanup_message.o: ../../include/attr.h
cleanup_message.o: ../../include/mail_date.h
cleanup_message.o: ../../include/mail_addr.h
cleanup_message.o: ../../include/is_header.h
cleanup_message.o: ../../include/ext_prop.h
cleanup_message.o: ../../include/mail_proto.h
cleanup_message.o: ../../include/iostuff.h
cleanup_message.o: ../../include/attr.h
cleanup_message.o: ../../include/mime_state.h
cleanup_message.o: ../../include/lex_822.h
cleanup_message.o: cleanup.h
@ -422,9 +399,6 @@ cleanup_out.o: ../../include/record.h
cleanup_out.o: ../../include/rec_type.h
cleanup_out.o: ../../include/cleanup_user.h
cleanup_out.o: ../../include/mail_params.h
cleanup_out.o: ../../include/crate_clnt.h
cleanup_out.o: ../../include/attr_clnt.h
cleanup_out.o: ../../include/attr.h
cleanup_out.o: cleanup.h
cleanup_out.o: ../../include/argv.h
cleanup_out.o: ../../include/nvtable.h
@ -447,16 +421,13 @@ cleanup_out_recipient.o: ../../include/sys_defs.h
cleanup_out_recipient.o: ../../include/argv.h
cleanup_out_recipient.o: ../../include/been_here.h
cleanup_out_recipient.o: ../../include/mail_params.h
cleanup_out_recipient.o: ../../include/crate_clnt.h
cleanup_out_recipient.o: ../../include/attr_clnt.h
cleanup_out_recipient.o: ../../include/attr.h
cleanup_out_recipient.o: ../../include/vstream.h
cleanup_out_recipient.o: ../../include/vbuf.h
cleanup_out_recipient.o: ../../include/rec_type.h
cleanup_out_recipient.o: ../../include/ext_prop.h
cleanup_out_recipient.o: ../../include/cleanup_user.h
cleanup_out_recipient.o: cleanup.h
cleanup_out_recipient.o: ../../include/vstring.h
cleanup_out_recipient.o: ../../include/vbuf.h
cleanup_out_recipient.o: ../../include/vstream.h
cleanup_out_recipient.o: ../../include/nvtable.h
cleanup_out_recipient.o: ../../include/htable.h
cleanup_out_recipient.o: ../../include/mymalloc.h
@ -505,13 +476,10 @@ cleanup_state.o: ../../include/vbuf.h
cleanup_state.o: ../../include/htable.h
cleanup_state.o: ../../include/been_here.h
cleanup_state.o: ../../include/mail_params.h
cleanup_state.o: ../../include/crate_clnt.h
cleanup_state.o: ../../include/attr_clnt.h
cleanup_state.o: ../../include/attr.h
cleanup_state.o: ../../include/vstream.h
cleanup_state.o: ../../include/mime_state.h
cleanup_state.o: ../../include/header_opts.h
cleanup_state.o: cleanup.h
cleanup_state.o: ../../include/vstream.h
cleanup_state.o: ../../include/argv.h
cleanup_state.o: ../../include/nvtable.h
cleanup_state.o: ../../include/maps.h

521
postfix/src/crate/crate.c
View File

@ -1,521 +0,0 @@
/*++
/* NAME
/* crate 8
/* SUMMARY
/* Postfix connection count and rate management
/* SYNOPSIS
/* \fBcrate\fR [generic Postfix daemon options]
/* DESCRIPTION
/* The Postfix \fBcrate\fR server maintains statistics that other
/* Postfix servers can use to limit the number of simultaneous
/* connections as well as the frequency of connection attempts
/* over a configurable unit of time.
/* This server is designed to run under control by the Postfix
/* master server.
/* PROTOCOL
/* .ad
/* .fi
/* When a connection is established, a rate limited server
/* sends the following request to the \fBcrate\fR server:
/* .PP
/* .in +4
/* \fBrequest=connect\fR
/* .br
/* \fBident=\fIstring\fR
/* .in
/* .PP
/* This registers a new connection for the remote client and the rate
/* limited service specified with \fIstring\fR. The \fBcrate\fR server
/* answers with the number of simultaneous connections and the
/* number of connections per unit time for that (service, client)
/* combination:
/* .PP
/* .in +4
/* \fBstatus=0\fR
/* .br
/* \fBcount=\fInumber\fR
/* .br
/* \fBrate=\fInumber\fR
/* .in
/* .PP
/* It is left up to the rate limited service to decide if the
/* remote client connection request is acceptable.
/* .PP
/* When a remote client disconnects, a rate limited server
/* sends the following request to the \fBcrate\fR server:
/* .PP
/* .in +4
/* \fBrequest=disconnect\fR
/* .br
/* \fBident=\fIstring\fR
/* .in
/* .PP
/* This registers a disconnect event for the remote client and the rate
/* limited service specified with \fIstring\fR. The rate limit management
/* server replies with:
/* .PP
/* .ti +4
/* \fBstatus=0\fR
/* .PP
/* SECURITY
/* .ad
/* .fi
/* The connection count and rate management service is not security
/* sensitive. It does not talk to the network or local users,
/* and it can run chrooted at fixed low privilege.
/*
/* This server maintains an in-memory table with information about
/* past and current clients of a rate limited service. Although state
/* is kept only temporarily, this may require a lot of memory when a
/* system handles connections from many remote clients, or when a system
/* comes under a distributed denial of service attack. In that case,
/* reduce the time unit over which statistics are kept.
/*
/* Systems behind network address translating routers or proxies
/* appear to have the same client address and can run into connection
/* count and/or rate limits falsely.
/* DIAGNOSTICS
/* Problems and transactions are logged to \fBsyslogd\fR(8).
/* BUGS
/* All state is lost when the service is restarted.
/*
/* In this first implementation, a count or rate limited server
/* can have only one client at a time.
/* CONFIGURATION PARAMETERS
/* .ad
/* .fi
/* The following \fBmain.cf\fR parameters are especially relevant to
/* this program. Use the \fBpostfix reload\fR command after
/* a configuration change.
/* .IP \fBconnection_rate_purge_delay\fR
/* How long remote client state is remembered after the remote client
/* has disconnected completely. This should not be smaller than the
/* unit of time over which connection rates are calculated.
/* .IP \fBconnection_rate_time_unit\fR
/* The unit of time over which connection rates are calculated.
/* SEE ALSO
/* smtpd(8) Postfix SMTP server
/* LICENSE
/* .ad
/* .fi
/* The Secure Mailer license must be distributed with this software.
/* AUTHOR(S)
/* Wietse Venema
/* IBM T.J. Watson Research
/* P.O. Box 704
/* Yorktown Heights, NY 10598, USA
/*--*/
/* System library. */
#include <sys_defs.h>
#include <sys/time.h>
#include <limits.h>
/* Utility library. */
#include <msg.h>
#include <mymalloc.h>
#include <htable.h>
#include <binhash.h>
#include <stringops.h>
#include <events.h>
/* Global library. */
#include <mail_conf.h>
#include <mail_params.h>
#include <mail_proto.h>
#include <crate_clnt.h>
/* Server skeleton. */
#include <mail_server.h>
/* Application-specific. */
int var_crate_sample;
int var_crate_purge;
/*
* State.
*/
static HTABLE *crate_remote_map;
static BINHASH *crate_local_map;
/*
* Remote client state.
*/
typedef struct {
char *ident; /* lookup key */
int count; /* connection count */
int rate; /* connection rate */
time_t start; /* time of first rate sample */
} CRATE_REMOTE;
/*
* Local (i.e. rate limit client) state.
*/
typedef struct {
CRATE_REMOTE *crate_remote; /* XXX should be list */
} CRATE_LOCAL;
/*
* Silly little macros.
*/
#define STR(x) vstring_str(x)
#define STREQ(x,y) (strcmp((x), (y)) == 0)
/*
* The following operations are implemented as macros with recognizable
* names so that we don't lose sight of what the code is trying to do, and
* related operations are defined side by side so that it isn't pages apart.
*/
#define CRATE_REMOTE_FIRST(remote, id) \
do { \
(remote)->ident = mystrdup(id); \
(remote)->count = 1; \
(remote)->rate = 1; \
(remote)->start = event_time(); \
} while(0)
#define CRATE_REMOTE_FREE(remote) \
do { \
myfree((remote)->ident); \
myfree((char *) (remote)); \
} while(0)
#define CRATE_REMOTE_NEXT(remote) \
do { \
time_t _now = event_time(); \
if ((remote)->start + var_crate_sample < _now) { \
(remote)->rate = 1; \
(remote)->start = _now; \
} else if ((remote)->rate < INT_MAX) { \
(remote)->rate += 1; \
} \
if ((remote)->count == 0) \
event_cancel_timer(crate_remote_expire, (char *) remote); \
(remote)->count++; \
} while(0)
#define CRATE_REMOTE_DROP_ONE(remote) \
do { \
if ((remote) && (remote)->count > 0) { \
if (--(remote)->count == 0) \
event_request_timer(crate_remote_expire, (char *) remote, \
var_crate_purge); \
} \
} while(0)
#define CRATE_LOCAL_INIT(local) \
do { \
(local)->crate_remote = 0; \
} while(0)
#define CRATE_LOCAL_ADD_ONE(local, remote) \
do { \
/* XXX allow multiple remote clients per local server. */ \
if ((local)->crate_remote) \
CRATE_REMOTE_DROP_ONE((local)->crate_remote); \
(local)->crate_remote = (remote); \
} while(0)
#define CRATE_LOCAL_DROP_ONE(local, remote) \
do { \
/* XXX allow multiple remote clients per local server. */ \
if ((local)->crate_remote == (remote)) \
(local)->crate_remote = 0; \
} while(0)
#define CRATE_LOCAL_DROP_ALL(stream, local) \
do { \
/* XXX allow multiple remote clients per local server. */ \
if ((local)->crate_remote) \
crate_remote_disconnect((stream), (local)->crate_remote->ident); \
} while (0)
/* crate_remote_expire - purge expired connection state */
static void crate_remote_expire(int unused_event, char *context)
{
CRATE_REMOTE *crate_remote = (CRATE_REMOTE *) context;
char *myname = "crate_remote_expire";
if (msg_verbose)
msg_info("%s %s", myname, crate_remote->ident);
if (crate_remote->count != 0)
msg_panic("%s: bad connection count: %d",
myname, crate_remote->count);
htable_delete(crate_remote_map, crate_remote->ident,
(void (*) (char *)) 0);
CRATE_REMOTE_FREE(crate_remote);
}
/* crate_remote_lookup - dump address status */
static void crate_remote_lookup(VSTREAM *client_stream, const char *ident)
{
CRATE_REMOTE *crate_remote;
char *myname = "crate_remote_lookup";
HTABLE_INFO **ht_info;
HTABLE_INFO **ht;
if (msg_verbose)
msg_info("%s fd=%d stream=0x%lx ident=%s",
myname, vstream_fileno(client_stream),
(unsigned long) client_stream, ident);
/*
* Look up remote client information.
*/
if (STREQ(ident, "*")) {
attr_print_plain(client_stream, ATTR_FLAG_MORE,
ATTR_TYPE_NUM, CRATE_ATTR_STATUS, CRATE_STAT_OK,
ATTR_TYPE_END);
ht_info = htable_list(crate_remote_map);
for (ht = ht_info; *ht; ht++) {
crate_remote = (CRATE_REMOTE *) ht[0]->value;
attr_print_plain(client_stream, ATTR_FLAG_MORE,
ATTR_TYPE_STR, CRATE_ATTR_IDENT, ht[0]->key,
ATTR_TYPE_NUM, CRATE_ATTR_COUNT, crate_remote->count,
ATTR_TYPE_NUM, CRATE_ATTR_RATE, crate_remote->rate,
ATTR_TYPE_END);
}
attr_print_plain(client_stream, ATTR_FLAG_NONE, ATTR_TYPE_END);
myfree((char *) ht_info);
} else if ((crate_remote =
(CRATE_REMOTE *) htable_find(crate_remote_map, ident)) == 0) {
attr_print_plain(client_stream, ATTR_FLAG_NONE,
ATTR_TYPE_NUM, CRATE_ATTR_STATUS, CRATE_STAT_FAIL,
ATTR_TYPE_NUM, CRATE_ATTR_COUNT, 0,
ATTR_TYPE_NUM, CRATE_ATTR_RATE, 0,
ATTR_TYPE_END);
} else {
attr_print_plain(client_stream, ATTR_FLAG_NONE,
ATTR_TYPE_NUM, CRATE_ATTR_STATUS, CRATE_STAT_OK,
ATTR_TYPE_NUM, CRATE_ATTR_COUNT, crate_remote->count,
ATTR_TYPE_NUM, CRATE_ATTR_RATE, crate_remote->rate,
ATTR_TYPE_END);
}
}
/* crate_remote_connect - report connection event, query address status */
static void crate_remote_connect(VSTREAM *client_stream, const char *ident)
{
CRATE_REMOTE *crate_remote;
CRATE_LOCAL *crate_local;
char *myname = "crate_remote_connect";
time_t now;
if (msg_verbose)
msg_info("%s fd=%d stream=0x%lx ident=%s",
myname, vstream_fileno(client_stream),
(unsigned long) client_stream, ident);
/*
* Look up remote connection count information. Update remote connection
* rate information. Simply reset the counter every var_crate_sample
* seconds. This is easier than maintaining a moving average and it gives
* a quicker response to tresspassers.
*/
if ((crate_remote =
(CRATE_REMOTE *) htable_find(crate_remote_map, ident)) == 0) {
crate_remote = (CRATE_REMOTE *) mymalloc(sizeof(*crate_remote));
CRATE_REMOTE_FIRST(crate_remote, ident);
htable_enter(crate_remote_map, ident, (char *) crate_remote);
} else {
CRATE_REMOTE_NEXT(crate_remote);
}
/*
* Record this connection under the local client information, so that we
* can clean up all its connection state when the local client goes away.
*/
if ((crate_local =
(CRATE_LOCAL *) binhash_find(crate_local_map,
(char *) &client_stream,
sizeof(client_stream))) == 0) {
crate_local = (CRATE_LOCAL *) mymalloc(sizeof(*crate_local));
CRATE_LOCAL_INIT(crate_local);
binhash_enter(crate_local_map, (char *) &client_stream,
sizeof(client_stream), (char *) crate_local);
}
CRATE_LOCAL_ADD_ONE(crate_local, crate_remote);
if (msg_verbose)
msg_info("%s: crate_local 0x%lx",
myname, (unsigned long) crate_local);
/*
* Respond to the local client.
*/
attr_print_plain(client_stream, ATTR_FLAG_NONE,
ATTR_TYPE_NUM, CRATE_ATTR_STATUS, CRATE_STAT_OK,
ATTR_TYPE_NUM, CRATE_ATTR_COUNT, crate_remote->count,
ATTR_TYPE_NUM, CRATE_ATTR_RATE, crate_remote->rate,
ATTR_TYPE_END);
}
/* crate_remote_disconnect - report disconnect event */
static void crate_remote_disconnect(VSTREAM *client_stream, const char *ident)
{
CRATE_REMOTE *crate_remote;
CRATE_LOCAL *crate_local;
char *myname = "crate_remote_disconnect";
if (msg_verbose)
msg_info("%s fd=%d stream=0x%lx ident=%s",
myname, vstream_fileno(client_stream),
(unsigned long) client_stream, ident);
/*
* Look up the remote client.
*/
if ((crate_remote =
(CRATE_REMOTE *) htable_find(crate_remote_map, ident)) != 0)
CRATE_REMOTE_DROP_ONE(crate_remote);
/*
* Update the local client information.
*/
if ((crate_local =
(CRATE_LOCAL *) binhash_find(crate_local_map,
(char *) &client_stream,
sizeof(client_stream))) != 0)
CRATE_LOCAL_DROP_ONE(crate_local, crate_remote);
if (msg_verbose)
msg_info("%s: crate_local 0x%lx",
myname, (unsigned long) crate_local);
/*
* Respond to the local client.
*/
attr_print_plain(client_stream, ATTR_FLAG_NONE,
ATTR_TYPE_NUM, CRATE_ATTR_STATUS, CRATE_STAT_OK,
ATTR_TYPE_END);
}
/* crate_service_done - clean up */
static void crate_service_done(VSTREAM *client_stream, char *unused_service,
char **unused_argv)
{
CRATE_LOCAL *crate_local;
char *myname = "crate_service_done";
if (msg_verbose)
msg_info("%s fd=%d stream=0x%lx",
myname, vstream_fileno(client_stream),
(unsigned long) client_stream);
/*
* Look up the local client, and get rid of open remote connection state
* that we still have for this local client. Do not destroy remote client
* status information before it expires.
*/
if ((crate_local =
(CRATE_LOCAL *) binhash_find(crate_local_map,
(char *) &client_stream,
sizeof(client_stream))) != 0) {
if (msg_verbose)
msg_info("%s: crate_local 0x%lx",
myname, (unsigned long) crate_local);
CRATE_LOCAL_DROP_ALL(client_stream, crate_local);
binhash_delete(crate_local_map,
(char *) &client_stream,
sizeof(client_stream), myfree);
} else if (msg_verbose)
msg_info("client socket not found for fd=%d",
vstream_fileno(client_stream));
}
/* crate_service - perform service for client */
static void crate_service(VSTREAM *client_stream, char *service, char **argv)
{
VSTRING *request = vstring_alloc(10);
VSTRING *ident = vstring_alloc(10);
/*
* Sanity check. This service takes no command-line arguments.
*/
if (argv[0])
msg_fatal("unexpected command-line argument: %s", argv[0]);
/*
* This routine runs whenever a client connects to the socket dedicated
* to the client connection rate management service. All
* connection-management stuff is handled by the common code in
* multi_server.c.
*/
if (attr_scan_plain(client_stream,
ATTR_FLAG_MISSING | ATTR_FLAG_STRICT,
ATTR_TYPE_STR, CRATE_ATTR_REQ, request,
ATTR_TYPE_STR, CRATE_ATTR_IDENT, ident,
ATTR_TYPE_END) == 2) {
if (STREQ(STR(request), CRATE_REQ_CONN)) {
crate_remote_connect(client_stream, STR(ident));
} else if (STREQ(STR(request), CRATE_REQ_DISC)) {
crate_remote_disconnect(client_stream, STR(ident));
} else if (STREQ(STR(request), CRATE_REQ_LOOKUP)) {
crate_remote_lookup(client_stream, STR(ident));
} else {
msg_warn("unrecognized request: \"%s\", ignored", STR(request));
attr_print_plain(client_stream, ATTR_FLAG_NONE,
ATTR_TYPE_NUM, CRATE_ATTR_STATUS, CRATE_STAT_FAIL,
ATTR_TYPE_END);
}
vstream_fflush(client_stream);
} else {
/* Note: invokes crate_service_done() */
multi_server_disconnect(client_stream);
}
vstring_free(ident);
vstring_free(request);
}
/* post_jail_init - post-jail initialization */
static void post_jail_init(char *unused_name, char **unused_argv)
{
/*
* Sanity check.
*/
if (var_crate_purge < var_crate_sample)
msg_fatal("%s should not be less than %s",
VAR_CRATE_PURGE, VAR_CRATE_SAMPLE);
/*
* Initial client state tables.
*/
crate_remote_map = htable_create(1000);
crate_local_map = binhash_create(100);
/*
* Do not limit the number of client requests.
*/
var_use_limit = 0;
}
/* main - pass control to the multi-threaded skeleton */
int main(int argc, char **argv)
{
static CONFIG_TIME_TABLE time_table[] = {
VAR_CRATE_SAMPLE, DEF_CRATE_SAMPLE, &var_crate_sample, 1, 0,
VAR_CRATE_PURGE, DEF_CRATE_PURGE, &var_crate_purge, 1, 0,
0,
};
multi_server_main(argc, argv, crate_service,
MAIL_SERVER_TIME_TABLE, time_table,
MAIL_SERVER_POST_INIT, post_jail_init,
MAIL_SERVER_SOLITARY,
MAIL_SERVER_PRE_DISCONN, crate_service_done,
0);
}

4
postfix/src/flush/Makefile.in
View File

@ -70,12 +70,10 @@ flush.o: ../../include/argv.h
flush.o: ../../include/scan_dir.h
flush.o: ../../include/stringops.h
flush.o: ../../include/mail_params.h
flush.o: ../../include/crate_clnt.h
flush.o: ../../include/attr_clnt.h
flush.o: ../../include/attr.h
flush.o: ../../include/mail_queue.h
flush.o: ../../include/mail_proto.h
flush.o: ../../include/iostuff.h
flush.o: ../../include/attr.h
flush.o: ../../include/mail_flush.h
flush.o: ../../include/flush_clnt.h
flush.o: ../../include/mail_conf.h

222
postfix/src/global/Makefile.in
View File

@ -22,7 +22,7 @@ SRCS = been_here.c bounce.c canon_addr.c cleanup_strerror.c clnt_stream.c \
verp_sender.c match_parent_style.c mime_state.c header_token.c \
strip_addr.c virtual8_maps.c hold_message.c verify_clnt.c \
trace.c log_adhoc.c verify.c dict_proxy.c mail_dict.c input_transp.c \
cleanup_strflags.c crate_clnt.c
cleanup_strflags.c anvil_clnt.c
OBJS = been_here.o bounce.o canon_addr.o cleanup_strerror.o clnt_stream.o \
debug_peer.o debug_process.o defer.o deliver_completed.o \
deliver_flock.o deliver_pass.o deliver_request.o domain_list.o \
@ -46,7 +46,7 @@ OBJS = been_here.o bounce.o canon_addr.o cleanup_strerror.o clnt_stream.o \
verp_sender.o match_parent_style.o mime_state.o header_token.o \
strip_addr.o virtual8_maps.o hold_message.o verify_clnt.o \
trace.o log_adhoc.o verify.o dict_proxy.o mail_dict.o input_transp.o \
cleanup_strflags.o crate_clnt.o
cleanup_strflags.o anvil_clnt.o
HDRS = been_here.h bounce.h canon_addr.h cleanup_user.h clnt_stream.h \
config.h debug_peer.h debug_process.h defer.h deliver_completed.h \
deliver_flock.h deliver_pass.h deliver_request.h domain_list.h \
@ -66,7 +66,7 @@ HDRS = been_here.h bounce.h canon_addr.h cleanup_user.h clnt_stream.h \
match_parent_style.h quote_flags.h mime_state.h header_token.h \
lex_822.h strip_addr.h virtual8_maps.h hold_message.h verify_clnt.h \
trace.h log_adhoc.h verify.h dict_proxy.h mail_dict.h qmgr_user.h \
input_transp.h crate_clnt.h
input_transp.h anvil_clnt.h
TESTSRC = rec2stream.c stream2rec.c recdump.c
WARN = -W -Wformat -Wimplicit -Wmissing-prototypes \
-Wparentheses -Wstrict-prototypes -Wswitch -Wuninitialized \
@ -80,7 +80,7 @@ TESTPROG= domain_list dot_lockfile mail_addr_crunch mail_addr_find \
off_cvt quote_822_local rec2stream recdump resolve_clnt \
resolve_local rewrite_clnt stream2rec string_list tok822_parse \
quote_821_local mail_conf_time mime_state strip_addr \
virtual8_maps verify_clnt xtext crate_clnt
virtual8_maps verify_clnt xtext anvil_clnt
LIBS = ../../lib/libutil.a
LIB_DIR = ../../lib
@ -248,7 +248,7 @@ xtext: $(LIB)
$(CC) $(CFLAGS) -DTEST -o $@ $@.c $(LIB) $(LIBS) $(SYSLIBS)
mv junk $@.o
crate_clnt: $(LIB)
anvil_clnt: $(LIB)
mv $@.o junk
$(CC) $(CFLAGS) -DTEST -o $@ $@.c $(LIB) $(LIBS) $(SYSLIBS)
mv junk $@.o
@ -380,16 +380,28 @@ abounce.o: ../../include/events.h
abounce.o: ../../include/vstream.h
abounce.o: ../../include/vbuf.h
abounce.o: mail_params.h
abounce.o: crate_clnt.h
abounce.o: ../../include/attr_clnt.h
abounce.o: ../../include/attr.h
abounce.o: mail_proto.h
abounce.o: ../../include/iostuff.h
abounce.o: ../../include/attr.h
abounce.o: abounce.h
abounce.o: bounce.h
abounce.o: deliver_request.h
abounce.o: ../../include/vstring.h
abounce.o: recipient_list.h
anvil_clnt.o: anvil_clnt.c
anvil_clnt.o: ../../include/sys_defs.h
anvil_clnt.o: ../../include/mymalloc.h
anvil_clnt.o: ../../include/msg.h
anvil_clnt.o: ../../include/attr_clnt.h
anvil_clnt.o: ../../include/attr.h
anvil_clnt.o: ../../include/vstream.h
anvil_clnt.o: ../../include/vbuf.h
anvil_clnt.o: ../../include/stringops.h
anvil_clnt.o: ../../include/vstring.h
anvil_clnt.o: mail_proto.h
anvil_clnt.o: ../../include/iostuff.h
anvil_clnt.o: mail_params.h
anvil_clnt.o: anvil_clnt.h
been_here.o: been_here.c
been_here.o: ../../include/sys_defs.h
been_here.o: ../../include/msg.h
@ -405,12 +417,10 @@ bounce.o: ../../include/msg.h
bounce.o: ../../include/vstring.h
bounce.o: ../../include/vbuf.h
bounce.o: mail_params.h
bounce.o: crate_clnt.h
bounce.o: ../../include/attr_clnt.h
bounce.o: ../../include/attr.h
bounce.o: ../../include/vstream.h
bounce.o: mail_proto.h
bounce.o: ../../include/vstream.h
bounce.o: ../../include/iostuff.h
bounce.o: ../../include/attr.h
bounce.o: log_adhoc.h
bounce.o: verify.h
bounce.o: deliver_request.h
@ -428,11 +438,9 @@ bounce_log.o: ../../include/vstring.h
bounce_log.o: ../../include/vstring_vstream.h
bounce_log.o: ../../include/stringops.h
bounce_log.o: mail_params.h
bounce_log.o: crate_clnt.h
bounce_log.o: ../../include/attr_clnt.h
bounce_log.o: ../../include/attr.h
bounce_log.o: mail_proto.h
bounce_log.o: ../../include/iostuff.h
bounce_log.o: ../../include/attr.h
bounce_log.o: mail_queue.h
bounce_log.o: bounce_log.h
canon_addr.o: canon_addr.c
@ -464,33 +472,11 @@ clnt_stream.o: ../../include/iostuff.h
clnt_stream.o: mail_proto.h
clnt_stream.o: ../../include/attr.h
clnt_stream.o: mail_params.h
clnt_stream.o: crate_clnt.h
clnt_stream.o: ../../include/attr_clnt.h
clnt_stream.o: clnt_stream.h
crate_clnt.o: crate_clnt.c
crate_clnt.o: ../../include/sys_defs.h
crate_clnt.o: ../../include/mymalloc.h
crate_clnt.o: ../../include/msg.h
crate_clnt.o: ../../include/attr_clnt.h
crate_clnt.o: ../../include/attr.h
crate_clnt.o: ../../include/vstream.h
crate_clnt.o: ../../include/vbuf.h
crate_clnt.o: ../../include/stringops.h
crate_clnt.o: ../../include/vstring.h
crate_clnt.o: mail_proto.h
crate_clnt.o: ../../include/iostuff.h
crate_clnt.o: mail_params.h
crate_clnt.o: crate_clnt.h
create_clnt.o: create_clnt.c
debug_peer.o: debug_peer.c
debug_peer.o: ../../include/sys_defs.h
debug_peer.o: ../../include/msg.h
debug_peer.o: mail_params.h
debug_peer.o: crate_clnt.h
debug_peer.o: ../../include/attr_clnt.h
debug_peer.o: ../../include/attr.h
debug_peer.o: ../../include/vstream.h
debug_peer.o: ../../include/vbuf.h
debug_peer.o: namadr_list.h
debug_peer.o: ../../include/match_list.h
debug_peer.o: ../../include/match_ops.h
@ -500,11 +486,6 @@ debug_process.o: debug_process.c
debug_process.o: ../../include/sys_defs.h
debug_process.o: ../../include/msg.h
debug_process.o: mail_params.h
debug_process.o: crate_clnt.h
debug_process.o: ../../include/attr_clnt.h
debug_process.o: ../../include/attr.h
debug_process.o: ../../include/vstream.h
debug_process.o: ../../include/vbuf.h
debug_process.o: mail_conf.h
debug_process.o: debug_process.h
defer.o: defer.c
@ -513,13 +494,11 @@ defer.o: ../../include/msg.h
defer.o: ../../include/vstring.h
defer.o: ../../include/vbuf.h
defer.o: mail_params.h
defer.o: crate_clnt.h
defer.o: ../../include/attr_clnt.h
defer.o: ../../include/attr.h
defer.o: ../../include/vstream.h
defer.o: mail_queue.h
defer.o: ../../include/vstream.h
defer.o: mail_proto.h
defer.o: ../../include/iostuff.h
defer.o: ../../include/attr.h
defer.o: flush_clnt.h
defer.o: verify.h
defer.o: deliver_request.h
@ -544,10 +523,6 @@ deliver_flock.o: ../../include/vbuf.h
deliver_flock.o: ../../include/myflock.h
deliver_flock.o: ../../include/iostuff.h
deliver_flock.o: mail_params.h
deliver_flock.o: crate_clnt.h
deliver_flock.o: ../../include/attr_clnt.h
deliver_flock.o: ../../include/attr.h
deliver_flock.o: ../../include/vstream.h
deliver_flock.o: deliver_flock.h
deliver_pass.o: deliver_pass.c
deliver_pass.o: ../../include/sys_defs.h
@ -558,14 +533,12 @@ deliver_pass.o: ../../include/vstream.h
deliver_pass.o: ../../include/split_at.h
deliver_pass.o: ../../include/mymalloc.h
deliver_pass.o: mail_params.h
deliver_pass.o: crate_clnt.h
deliver_pass.o: ../../include/attr_clnt.h
deliver_pass.o: ../../include/attr.h
deliver_pass.o: deliver_pass.h
deliver_pass.o: deliver_request.h
deliver_pass.o: recipient_list.h
deliver_pass.o: mail_proto.h
deliver_pass.o: ../../include/iostuff.h
deliver_pass.o: ../../include/attr.h
deliver_request.o: deliver_request.c
deliver_request.o: ../../include/sys_defs.h
deliver_request.o: ../../include/msg.h
@ -595,8 +568,6 @@ dict_proxy.o: ../../include/argv.h
dict_proxy.o: mail_proto.h
dict_proxy.o: ../../include/iostuff.h
dict_proxy.o: mail_params.h
dict_proxy.o: crate_clnt.h
dict_proxy.o: ../../include/attr_clnt.h
dict_proxy.o: clnt_stream.h
dict_proxy.o: dict_proxy.h
domain_list.o: domain_list.c
@ -612,10 +583,6 @@ dot_lockfile.o: ../../include/stringops.h
dot_lockfile.o: ../../include/mymalloc.h
dot_lockfile.o: ../../include/iostuff.h
dot_lockfile.o: mail_params.h
dot_lockfile.o: crate_clnt.h
dot_lockfile.o: ../../include/attr_clnt.h
dot_lockfile.o: ../../include/attr.h
dot_lockfile.o: ../../include/vstream.h
dot_lockfile.o: dot_lockfile.h
dot_lockfile_as.o: dot_lockfile_as.c
dot_lockfile_as.o: ../../include/sys_defs.h
@ -629,11 +596,6 @@ ext_prop.o: ext_prop.c
ext_prop.o: ../../include/sys_defs.h
ext_prop.o: ../../include/name_mask.h
ext_prop.o: mail_params.h
ext_prop.o: crate_clnt.h
ext_prop.o: ../../include/attr_clnt.h
ext_prop.o: ../../include/attr.h
ext_prop.o: ../../include/vstream.h
ext_prop.o: ../../include/vbuf.h
ext_prop.o: ext_prop.h
file_id.o: file_id.c
file_id.o: ../../include/sys_defs.h
@ -652,8 +614,6 @@ flush_clnt.o: ../../include/attr.h
flush_clnt.o: mail_flush.h
flush_clnt.o: flush_clnt.h
flush_clnt.o: mail_params.h
flush_clnt.o: crate_clnt.h
flush_clnt.o: ../../include/attr_clnt.h
header_opts.o: header_opts.c
header_opts.o: ../../include/sys_defs.h
header_opts.o: ../../include/msg.h
@ -679,19 +639,11 @@ hold_message.o: ../../include/vstring.h
hold_message.o: ../../include/vbuf.h
hold_message.o: ../../include/vstream.h
hold_message.o: mail_params.h
hold_message.o: crate_clnt.h
hold_message.o: ../../include/attr_clnt.h
hold_message.o: ../../include/attr.h
hold_message.o: hold_message.h
input_transp.o: input_transp.c
input_transp.o: ../../include/sys_defs.h
input_transp.o: ../../include/name_mask.h
input_transp.o: mail_params.h
input_transp.o: crate_clnt.h
input_transp.o: ../../include/attr_clnt.h
input_transp.o: ../../include/attr.h
input_transp.o: ../../include/vstream.h
input_transp.o: ../../include/vbuf.h
input_transp.o: input_transp.h
is_header.o: is_header.c
is_header.o: ../../include/sys_defs.h
@ -708,10 +660,6 @@ mail_addr.o: ../../include/stringops.h
mail_addr.o: ../../include/vstring.h
mail_addr.o: ../../include/vbuf.h
mail_addr.o: mail_params.h
mail_addr.o: crate_clnt.h
mail_addr.o: ../../include/attr_clnt.h
mail_addr.o: ../../include/attr.h
mail_addr.o: ../../include/vstream.h
mail_addr.o: mail_addr.h
mail_addr_crunch.o: mail_addr_crunch.c
mail_addr_crunch.o: ../../include/sys_defs.h
@ -734,9 +682,6 @@ mail_addr_find.o: ../../include/stringops.h
mail_addr_find.o: ../../include/vstring.h
mail_addr_find.o: ../../include/mymalloc.h
mail_addr_find.o: mail_params.h
mail_addr_find.o: crate_clnt.h
mail_addr_find.o: ../../include/attr_clnt.h
mail_addr_find.o: ../../include/attr.h
mail_addr_find.o: strip_addr.h
mail_addr_find.o: mail_addr_find.h
mail_addr_find.o: maps.h
@ -781,9 +726,6 @@ mail_conf.o: ../../include/safe.h
mail_conf.o: ../../include/stringops.h
mail_conf.o: ../../include/readlline.h
mail_conf.o: mail_params.h
mail_conf.o: crate_clnt.h
mail_conf.o: ../../include/attr_clnt.h
mail_conf.o: ../../include/attr.h
mail_conf.o: mail_conf.h
mail_conf_bool.o: mail_conf_bool.c
mail_conf_bool.o: ../../include/sys_defs.h
@ -855,9 +797,6 @@ mail_copy.o: mail_queue.h
mail_copy.o: mail_addr.h
mail_copy.o: mark_corrupt.h
mail_copy.o: mail_params.h
mail_copy.o: crate_clnt.h
mail_copy.o: ../../include/attr_clnt.h
mail_copy.o: ../../include/attr.h
mail_copy.o: mail_copy.h
mail_date.o: mail_date.c
mail_date.o: ../../include/sys_defs.h
@ -881,13 +820,11 @@ mail_error.o: ../../include/name_mask.h
mail_flush.o: mail_flush.c
mail_flush.o: ../../include/sys_defs.h
mail_flush.o: mail_params.h
mail_flush.o: crate_clnt.h
mail_flush.o: ../../include/attr_clnt.h
mail_flush.o: ../../include/attr.h
mail_flush.o: mail_proto.h
mail_flush.o: ../../include/vstream.h
mail_flush.o: ../../include/vbuf.h
mail_flush.o: mail_proto.h
mail_flush.o: ../../include/iostuff.h
mail_flush.o: ../../include/attr.h
mail_flush.o: mail_flush.h
mail_open_ok.o: mail_open_ok.c
mail_open_ok.o: ../../include/sys_defs.h
@ -919,8 +856,6 @@ mail_params.o: ../../include/iostuff.h
mail_params.o: ../../include/attr.h
mail_params.o: verp_sender.h
mail_params.o: mail_params.h
mail_params.o: crate_clnt.h
mail_params.o: ../../include/attr_clnt.h
mail_pathname.o: mail_pathname.c
mail_pathname.o: ../../include/sys_defs.h
mail_pathname.o: ../../include/stringops.h
@ -945,9 +880,6 @@ mail_queue.o: ../../include/sane_fsops.h
mail_queue.o: ../../include/valid_hostname.h
mail_queue.o: file_id.h
mail_queue.o: mail_params.h
mail_queue.o: crate_clnt.h
mail_queue.o: ../../include/attr_clnt.h
mail_queue.o: ../../include/attr.h
mail_queue.o: mail_queue.h
mail_run.o: mail_run.c
mail_run.o: ../../include/sys_defs.h
@ -957,10 +889,6 @@ mail_run.o: ../../include/vstring.h
mail_run.o: ../../include/vbuf.h
mail_run.o: ../../include/mymalloc.h
mail_run.o: mail_params.h
mail_run.o: crate_clnt.h
mail_run.o: ../../include/attr_clnt.h
mail_run.o: ../../include/attr.h
mail_run.o: ../../include/vstream.h
mail_run.o: mail_run.h
mail_scan_dir.o: mail_scan_dir.c
mail_scan_dir.o: ../../include/sys_defs.h
@ -982,8 +910,6 @@ mail_stream.o: ../../include/attr.h
mail_stream.o: mail_queue.h
mail_stream.o: opened.h
mail_stream.o: mail_params.h
mail_stream.o: crate_clnt.h
mail_stream.o: ../../include/attr_clnt.h
mail_stream.o: mail_stream.h
mail_task.o: mail_task.c
mail_task.o: ../../include/sys_defs.h
@ -991,10 +917,6 @@ mail_task.o: ../../include/vstring.h
mail_task.o: ../../include/vbuf.h
mail_task.o: ../../include/safe.h
mail_task.o: mail_params.h
mail_task.o: crate_clnt.h
mail_task.o: ../../include/attr_clnt.h
mail_task.o: ../../include/attr.h
mail_task.o: ../../include/vstream.h
mail_task.o: mail_conf.h
mail_task.o: mail_task.h
mail_trigger.o: mail_trigger.c
@ -1004,12 +926,10 @@ mail_trigger.o: ../../include/mymalloc.h
mail_trigger.o: ../../include/iostuff.h
mail_trigger.o: ../../include/trigger.h
mail_trigger.o: mail_params.h
mail_trigger.o: crate_clnt.h
mail_trigger.o: ../../include/attr_clnt.h
mail_trigger.o: ../../include/attr.h
mail_trigger.o: mail_proto.h
mail_trigger.o: ../../include/vstream.h
mail_trigger.o: ../../include/vbuf.h
mail_trigger.o: mail_proto.h
mail_trigger.o: ../../include/attr.h
mail_version.o: mail_version.c
maps.o: maps.c
maps.o: ../../include/sys_defs.h
@ -1033,9 +953,6 @@ mark_corrupt.o: ../../include/set_eugid.h
mark_corrupt.o: mail_queue.h
mark_corrupt.o: ../../include/vstring.h
mark_corrupt.o: mail_params.h
mark_corrupt.o: crate_clnt.h
mark_corrupt.o: ../../include/attr_clnt.h
mark_corrupt.o: ../../include/attr.h
mark_corrupt.o: deliver_request.h
mark_corrupt.o: recipient_list.h
mark_corrupt.o: mark_corrupt.h
@ -1045,22 +962,12 @@ match_parent_style.o: string_list.h
match_parent_style.o: ../../include/match_list.h
match_parent_style.o: ../../include/match_ops.h
match_parent_style.o: mail_params.h
match_parent_style.o: crate_clnt.h
match_parent_style.o: ../../include/attr_clnt.h
match_parent_style.o: ../../include/attr.h
match_parent_style.o: ../../include/vstream.h
match_parent_style.o: ../../include/vbuf.h
match_parent_style.o: match_parent_style.h
mbox_conf.o: mbox_conf.c
mbox_conf.o: ../../include/sys_defs.h
mbox_conf.o: ../../include/name_mask.h
mbox_conf.o: ../../include/argv.h
mbox_conf.o: mail_params.h
mbox_conf.o: crate_clnt.h
mbox_conf.o: ../../include/attr_clnt.h
mbox_conf.o: ../../include/attr.h
mbox_conf.o: ../../include/vstream.h
mbox_conf.o: ../../include/vbuf.h
mbox_conf.o: mbox_conf.h
mbox_open.o: mbox_open.c
mbox_open.o: ../../include/sys_defs.h
@ -1087,10 +994,6 @@ mime_state.o: rec_type.h
mime_state.o: is_header.h
mime_state.o: header_opts.h
mime_state.o: mail_params.h
mime_state.o: crate_clnt.h
mime_state.o: ../../include/attr_clnt.h
mime_state.o: ../../include/attr.h
mime_state.o: ../../include/vstream.h
mime_state.o: header_token.h
mime_state.o: lex_822.h
mime_state.o: mime_state.h
@ -1107,9 +1010,6 @@ mkmap_db.o: ../../include/argv.h
mkmap_db.o: ../../include/dict_db.h
mkmap_db.o: ../../include/myflock.h
mkmap_db.o: mail_params.h
mkmap_db.o: crate_clnt.h
mkmap_db.o: ../../include/attr_clnt.h
mkmap_db.o: ../../include/attr.h
mkmap_db.o: mkmap.h
mkmap_dbm.o: mkmap_dbm.c
mkmap_dbm.o: ../../include/sys_defs.h
@ -1145,10 +1045,6 @@ mynetworks.o: ../../include/inet_addr_list.h
mynetworks.o: ../../include/name_mask.h
mynetworks.o: own_inet_addr.h
mynetworks.o: mail_params.h
mynetworks.o: crate_clnt.h
mynetworks.o: ../../include/attr_clnt.h
mynetworks.o: ../../include/attr.h
mynetworks.o: ../../include/vstream.h
mynetworks.o: mynetworks.h
mypwd.o: mypwd.c
mypwd.o: ../../include/sys_defs.h
@ -1185,10 +1081,6 @@ own_inet_addr.o: ../../include/stringops.h
own_inet_addr.o: ../../include/vstring.h
own_inet_addr.o: ../../include/vbuf.h
own_inet_addr.o: mail_params.h
own_inet_addr.o: crate_clnt.h
own_inet_addr.o: ../../include/attr_clnt.h
own_inet_addr.o: ../../include/attr.h
own_inet_addr.o: ../../include/vstream.h
own_inet_addr.o: own_inet_addr.h
peer_name.o: peer_name.c
peer_name.o: ../../include/sys_defs.h
@ -1208,9 +1100,6 @@ pipe_command.o: ../../include/set_ugid.h
pipe_command.o: ../../include/set_eugid.h
pipe_command.o: ../../include/argv.h
pipe_command.o: mail_params.h
pipe_command.o: crate_clnt.h
pipe_command.o: ../../include/attr_clnt.h
pipe_command.o: ../../include/attr.h
pipe_command.o: mail_copy.h
pipe_command.o: ../../include/clean_env.h
pipe_command.o: pipe_command.h
@ -1225,13 +1114,11 @@ post_mail.o: ../../include/vstring.h
post_mail.o: ../../include/mymalloc.h
post_mail.o: ../../include/events.h
post_mail.o: mail_params.h
post_mail.o: crate_clnt.h
post_mail.o: ../../include/attr_clnt.h
post_mail.o: ../../include/attr.h
post_mail.o: record.h
post_mail.o: rec_type.h
post_mail.o: mail_proto.h
post_mail.o: ../../include/iostuff.h
post_mail.o: ../../include/attr.h
post_mail.o: cleanup_user.h
post_mail.o: post_mail.h
post_mail.o: mail_date.h
@ -1291,10 +1178,6 @@ remove.o: ../../include/sys_defs.h
remove.o: ../../include/vstring.h
remove.o: ../../include/vbuf.h
remove.o: mail_params.h
remove.o: crate_clnt.h
remove.o: ../../include/attr_clnt.h
remove.o: ../../include/attr.h
remove.o: ../../include/vstream.h
resolve_clnt.o: resolve_clnt.c
resolve_clnt.o: ../../include/sys_defs.h
resolve_clnt.o: ../../include/msg.h
@ -1307,8 +1190,6 @@ resolve_clnt.o: ../../include/iostuff.h
resolve_clnt.o: mail_proto.h
resolve_clnt.o: ../../include/attr.h
resolve_clnt.o: mail_params.h
resolve_clnt.o: crate_clnt.h
resolve_clnt.o: ../../include/attr_clnt.h
resolve_clnt.o: clnt_stream.h
resolve_clnt.o: resolve_clnt.h
resolve_local.o: resolve_local.c
@ -1319,11 +1200,6 @@ resolve_local.o: string_list.h
resolve_local.o: ../../include/match_list.h
resolve_local.o: ../../include/match_ops.h
resolve_local.o: mail_params.h
resolve_local.o: crate_clnt.h
resolve_local.o: ../../include/attr_clnt.h
resolve_local.o: ../../include/attr.h
resolve_local.o: ../../include/vstream.h
resolve_local.o: ../../include/vbuf.h
resolve_local.o: own_inet_addr.h
resolve_local.o: resolve_local.h
resolve_local.o: match_parent_style.h
@ -1341,8 +1217,6 @@ rewrite_clnt.o: quote_flags.h
rewrite_clnt.o: mail_proto.h
rewrite_clnt.o: ../../include/attr.h
rewrite_clnt.o: mail_params.h
rewrite_clnt.o: crate_clnt.h
rewrite_clnt.o: ../../include/attr_clnt.h
rewrite_clnt.o: clnt_stream.h
rewrite_clnt.o: rewrite_clnt.h
sent.o: sent.c
@ -1351,12 +1225,9 @@ sent.o: ../../include/msg.h
sent.o: ../../include/vstring.h
sent.o: ../../include/vbuf.h
sent.o: mail_params.h
sent.o: crate_clnt.h
sent.o: ../../include/attr_clnt.h
sent.o: ../../include/attr.h
sent.o: ../../include/vstream.h
sent.o: verify.h
sent.o: deliver_request.h
sent.o: ../../include/vstream.h
sent.o: recipient_list.h
sent.o: log_adhoc.h
sent.o: trace.h
@ -1376,11 +1247,6 @@ split_addr.o: split_addr.c
split_addr.o: ../../include/sys_defs.h
split_addr.o: ../../include/split_at.h
split_addr.o: mail_params.h
split_addr.o: crate_clnt.h
split_addr.o: ../../include/attr_clnt.h
split_addr.o: ../../include/attr.h
split_addr.o: ../../include/vstream.h
split_addr.o: ../../include/vbuf.h
split_addr.o: mail_addr.h
split_addr.o: split_addr.h
stream2rec.o: stream2rec.c
@ -1411,9 +1277,6 @@ timed_ipc.o: ../../include/msg.h
timed_ipc.o: ../../include/vstream.h
timed_ipc.o: ../../include/vbuf.h
timed_ipc.o: mail_params.h
timed_ipc.o: crate_clnt.h
timed_ipc.o: ../../include/attr_clnt.h
timed_ipc.o: ../../include/attr.h
timed_ipc.o: timed_ipc.h
tok822_find.o: tok822_find.c
tok822_find.o: ../../include/sys_defs.h
@ -1467,12 +1330,10 @@ trace.o: ../../include/msg.h
trace.o: ../../include/vstring.h
trace.o: ../../include/vbuf.h
trace.o: mail_params.h
trace.o: crate_clnt.h
trace.o: ../../include/attr_clnt.h
trace.o: ../../include/attr.h
trace.o: ../../include/vstream.h
trace.o: mail_proto.h
trace.o: ../../include/vstream.h
trace.o: ../../include/iostuff.h
trace.o: ../../include/attr.h
trace.o: verify_clnt.h
trace.o: deliver_request.h
trace.o: recipient_list.h
@ -1485,12 +1346,10 @@ verify.o: ../../include/msg.h
verify.o: ../../include/vstring.h
verify.o: ../../include/vbuf.h
verify.o: mail_params.h
verify.o: crate_clnt.h
verify.o: ../../include/attr_clnt.h
verify.o: ../../include/attr.h
verify.o: ../../include/vstream.h
verify.o: mail_proto.h
verify.o: ../../include/vstream.h
verify.o: ../../include/iostuff.h
verify.o: ../../include/attr.h
verify.o: verify_clnt.h
verify.o: deliver_request.h
verify.o: recipient_list.h
@ -1504,8 +1363,6 @@ verify_clnt.o: ../../include/vbuf.h
verify_clnt.o: ../../include/vstring.h
verify_clnt.o: ../../include/attr.h
verify_clnt.o: mail_params.h
verify_clnt.o: crate_clnt.h
verify_clnt.o: ../../include/attr_clnt.h
verify_clnt.o: mail_proto.h
verify_clnt.o: ../../include/iostuff.h
verify_clnt.o: clnt_stream.h
@ -1517,10 +1374,6 @@ verp_sender.o: ../../include/sys_defs.h
verp_sender.o: ../../include/vstring.h
verp_sender.o: ../../include/vbuf.h
verp_sender.o: mail_params.h
verp_sender.o: crate_clnt.h
verp_sender.o: ../../include/attr_clnt.h
verp_sender.o: ../../include/attr.h
verp_sender.o: ../../include/vstream.h
verp_sender.o: verp_sender.h
virtual8_maps.o: virtual8_maps.c
virtual8_maps.o: ../../include/sys_defs.h
@ -1532,9 +1385,6 @@ virtual8_maps.o: ../../include/vstream.h
virtual8_maps.o: ../../include/vbuf.h
virtual8_maps.o: ../../include/argv.h
virtual8_maps.o: mail_params.h
virtual8_maps.o: crate_clnt.h
virtual8_maps.o: ../../include/attr_clnt.h
virtual8_maps.o: ../../include/attr.h
virtual8_maps.o: strip_addr.h
virtual8_maps.o: virtual8_maps.h
xtext.o: xtext.c

145
postfix/src/global/crate_clnt.c → postfix/src/global/anvil_clnt.c
View File

@ -1,53 +1,53 @@
/*++
/* NAME
/* crate_clnt 3
/* anvil_clnt 3
/* SUMMARY
/* connection rate client interface
/* connection count and rate management client interface
/* SYNOPSIS
/* #include <crate_clnt.h>
/* #include <anvil_clnt.h>
/*
/* CRATE_CLNT *crate_clnt_create(void)
/* ANVIL_CLNT *anvil_clnt_create(void)
/*
/* void crate_clnt_free(crate_clnt)
/* CRATE_CLNT *crate_clnt;
/* void anvil_clnt_free(anvil_clnt)
/* ANVIL_CLNT *anvil_clnt;
/*
/* int crate_clnt_connect(crate_clnt, service, addr,
/* int anvil_clnt_connect(anvil_clnt, service, addr,
/* count, rate)
/* CRATE_CLNT *crate_clnt;
/* ANVIL_CLNT *anvil_clnt;
/* const char *service;
/* const char *addr;
/* int *count;
/* int *rate;
/*
/* int crate_clnt_disconnect(crate_clnt, service, addr)
/* CRATE_CLNT *crate_clnt;
/* int anvil_clnt_disconnect(anvil_clnt, service, addr)
/* ANVIL_CLNT *anvil_clnt;
/* const char *service;
/* const char *addr;
/*
/* int crate_clnt_lookup(crate_clnt, service, addr,
/* int anvil_clnt_lookup(anvil_clnt, service, addr,
/* count, rate)
/* CRATE_CLNT *crate_clnt;
/* ANVIL_CLNT *anvil_clnt;
/* const char *service;
/* const char *addr;
/* int *count;
/* int *rate;
/* DESCRIPTION
/* crate_clnt_create() instantiates a crate service client endpoint.
/* anvil_clnt_create() instantiates a anvil service client endpoint.
/*
/* crate_clnt_connect() informs the crate server that a
/* anvil_clnt_connect() informs the anvil server that a
/* client has connected, and returns the current connection
/* count and connection rate for that client.
/*
/* crate_clnt_disconnect() informs the crate server that a
/* anvil_clnt_disconnect() informs the anvil server that a
/* client has disconnected.
/*
/* crate_clnt_lookup() looks up the current connection
/* anvil_clnt_lookup() looks up the current connection
/* count and connection rate for that client.
/*
/* crate_clnt_free() destroys a crate service client endpoint.
/* anvil_clnt_free() destroys a anvil service client endpoint.
/*
/* Arguments:
/* .IP crate_clnt
/* .IP anvil_clnt
/* Client rate control service handle.
/* .IP service
/* The service that the remote client is connected to.
@ -60,12 +60,12 @@
/* Pointer to storage for the current connection rate for this
/* remote client.
/* DIAGNOSTICS
/* crate_clnt_connect() and crate_clnt_disconnect() return
/* CRATE_STAT_OK in case of success, CRATE_STAT_FAIL otherwise
/* anvil_clnt_connect() and anvil_clnt_disconnect() return
/* ANVIL_STAT_OK in case of success, ANVIL_STAT_FAIL otherwise
/* (either the communication with the server is broken or the
/* server experienced a problem).
/* SEE ALSO
/* crate(8) Postfix client rate control service
/* anvil(8) Postfix client rate control service
/* LICENSE
/* .ad
/* .fi
@ -92,93 +92,108 @@
#include <mail_proto.h>
#include <mail_params.h>
#include <crate_clnt.h>
#include <anvil_clnt.h>
/* Application specific. */
#define CRATE_IDENT(service, addr) \
#define ANVIL_IDENT(service, addr) \
printable(concatenate(service, ":", addr, (char *) 0), '?')
/* crate_clnt_create - instantiate connection rate service client */
/* anvil_clnt_create - instantiate connection rate service client */
CRATE_CLNT *crate_clnt_create(void)
ANVIL_CLNT *anvil_clnt_create(void)
{
ATTR_CLNT *crate_clnt;
ATTR_CLNT *anvil_clnt;
crate_clnt = attr_clnt_create(var_crate_service, var_ipc_timeout, 0, 0);
return ((CRATE_CLNT *) crate_clnt);
/*
* Use whatever IPC is preferred for internal use: UNIX-domain sockets or
* Solaris streams.
*/
#ifndef VAR_ANVIL_SERVICE
anvil_clnt = attr_clnt_create("local:" ANVIL_CLASS "/" ANVIL_SERVICE,
var_ipc_timeout, 0, 0);
#else
anvil_clnt = attr_clnt_create(var_anvil_service, var_ipc_timeout, 0, 0);
#endif
return ((ANVIL_CLNT *) anvil_clnt);
}
/* crate_clnt_free - destroy connection rate service client */
/* anvil_clnt_free - destroy connection rate service client */
void crate_clnt_free(CRATE_CLNT * crate_clnt)
void anvil_clnt_free(ANVIL_CLNT * anvil_clnt)
{
attr_clnt_free((ATTR_CLNT *) crate_clnt);
attr_clnt_free((ATTR_CLNT *) anvil_clnt);
}
/* crate_clnt_lookup - status query */
/* anvil_clnt_lookup - status query */
int crate_clnt_lookup(CRATE_CLNT * crate_clnt, const char *service,
int anvil_clnt_lookup(ANVIL_CLNT * anvil_clnt, const char *service,
const char *addr, int *count, int *rate)
{
char *ident = CRATE_IDENT(service, addr);
char *ident = ANVIL_IDENT(service, addr);
int status;
if (attr_clnt_request((ATTR_CLNT *) crate_clnt,
if (attr_clnt_request((ATTR_CLNT *) anvil_clnt,
ATTR_FLAG_NONE, /* Query attributes. */
ATTR_TYPE_STR, CRATE_ATTR_REQ, CRATE_REQ_LOOKUP,
ATTR_TYPE_STR, CRATE_ATTR_IDENT, ident,
ATTR_TYPE_STR, ANVIL_ATTR_REQ, ANVIL_REQ_LOOKUP,
ATTR_TYPE_STR, ANVIL_ATTR_IDENT, ident,
ATTR_TYPE_END,
ATTR_FLAG_MISSING, /* Reply attributes. */
ATTR_TYPE_NUM, CRATE_ATTR_STATUS, &status,
ATTR_TYPE_NUM, CRATE_ATTR_COUNT, count,
ATTR_TYPE_NUM, CRATE_ATTR_RATE, rate,
ATTR_TYPE_NUM, ANVIL_ATTR_STATUS, &status,
ATTR_TYPE_NUM, ANVIL_ATTR_COUNT, count,
ATTR_TYPE_NUM, ANVIL_ATTR_RATE, rate,
ATTR_TYPE_END) != 3)
status = CRATE_STAT_FAIL;
status = ANVIL_STAT_FAIL;
else if (status != ANVIL_STAT_OK)
status = ANVIL_STAT_FAIL;
myfree(ident);
return (status);
}
/* crate_clnt_connect - heads-up and policy query */
/* anvil_clnt_connect - heads-up and policy query */
int crate_clnt_connect(CRATE_CLNT * crate_clnt, const char *service,
int anvil_clnt_connect(ANVIL_CLNT * anvil_clnt, const char *service,
const char *addr, int *count, int *rate)
{
char *ident = CRATE_IDENT(service, addr);
char *ident = ANVIL_IDENT(service, addr);
int status;
if (attr_clnt_request((ATTR_CLNT *) crate_clnt,
if (attr_clnt_request((ATTR_CLNT *) anvil_clnt,
ATTR_FLAG_NONE, /* Query attributes. */
ATTR_TYPE_STR, CRATE_ATTR_REQ, CRATE_REQ_CONN,
ATTR_TYPE_STR, CRATE_ATTR_IDENT, ident,
ATTR_TYPE_STR, ANVIL_ATTR_REQ, ANVIL_REQ_CONN,
ATTR_TYPE_STR, ANVIL_ATTR_IDENT, ident,
ATTR_TYPE_END,
ATTR_FLAG_MISSING, /* Reply attributes. */
ATTR_TYPE_NUM, CRATE_ATTR_STATUS, &status,
ATTR_TYPE_NUM, CRATE_ATTR_COUNT, count,
ATTR_TYPE_NUM, CRATE_ATTR_RATE, rate,
ATTR_TYPE_NUM, ANVIL_ATTR_STATUS, &status,
ATTR_TYPE_NUM, ANVIL_ATTR_COUNT, count,
ATTR_TYPE_NUM, ANVIL_ATTR_RATE, rate,
ATTR_TYPE_END) != 3)
status = CRATE_STAT_FAIL;
status = ANVIL_STAT_FAIL;
else if (status != ANVIL_STAT_OK)
status = ANVIL_STAT_FAIL;
myfree(ident);
return (status);
}
/* crate_clnt_disconnect - heads-up only */
/* anvil_clnt_disconnect - heads-up only */
int crate_clnt_disconnect(CRATE_CLNT * crate_clnt, const char *service,
int anvil_clnt_disconnect(ANVIL_CLNT * anvil_clnt, const char *service,
const char *addr)
{
char *ident = CRATE_IDENT(service, addr);
char *ident = ANVIL_IDENT(service, addr);
int status;
if (attr_clnt_request((ATTR_CLNT *) crate_clnt,
if (attr_clnt_request((ATTR_CLNT *) anvil_clnt,
ATTR_FLAG_NONE, /* Query attributes. */
ATTR_TYPE_STR, CRATE_ATTR_REQ, CRATE_REQ_DISC,
ATTR_TYPE_STR, CRATE_ATTR_IDENT, ident,
ATTR_TYPE_STR, ANVIL_ATTR_REQ, ANVIL_REQ_DISC,
ATTR_TYPE_STR, ANVIL_ATTR_IDENT, ident,
ATTR_TYPE_END,
ATTR_FLAG_MISSING, /* Reply attributes. */
ATTR_TYPE_NUM, CRATE_ATTR_STATUS, &status,
ATTR_TYPE_NUM, ANVIL_ATTR_STATUS, &status,
ATTR_TYPE_END) != 1)
status = CRATE_STAT_FAIL;
status = ANVIL_STAT_FAIL;
else if (status != ANVIL_STAT_OK)
status = ANVIL_STAT_FAIL;
myfree(ident);
return (status);
}
@ -204,7 +219,7 @@ int main(int unused_argc, char **argv)
char *addr;
int count;
int rate;
CRATE_CLNT *crate;
ANVIL_CLNT *anvil;
msg_vstream_init(argv[0], VSTREAM_ERR);
@ -215,7 +230,7 @@ int main(int unused_argc, char **argv)
msg_verbose++;
crate = crate_clnt_create();
anvil = anvil_clnt_create();
while (vstring_fgets_nonl(inbuf, VSTREAM_IN)) {
bufp = vstring_str(inbuf);
@ -228,17 +243,17 @@ int main(int unused_argc, char **argv)
continue;
}
if (strncmp(cmd, "connect", 1) == 0) {
if (crate_clnt_connect(crate, service, addr, &count, &rate) != CRATE_STAT_OK)
if (anvil_clnt_connect(anvil, service, addr, &count, &rate) != ANVIL_STAT_OK)
msg_warn("error!");
else
vstream_printf("count=%d, rate=%d\n", count, rate);
} else if (strncmp(cmd, "disconnect", 1) == 0) {
if (crate_clnt_disconnect(crate, service, addr) != CRATE_STAT_OK)
if (anvil_clnt_disconnect(anvil, service, addr) != ANVIL_STAT_OK)
msg_warn("error!");
else
vstream_printf("OK\n");
} else if (strncmp(cmd, "lookup", 1) == 0) {
if (crate_clnt_lookup(crate, service, addr, &count, &rate) != CRATE_STAT_OK)
if (anvil_clnt_lookup(anvil, service, addr, &count, &rate) != ANVIL_STAT_OK)
msg_warn("error!");
else
vstream_printf("count=%d, rate=%d\n", count, rate);
@ -247,7 +262,7 @@ int main(int unused_argc, char **argv)
vstream_fflush(VSTREAM_OUT);
}
vstring_free(inbuf);
crate_clnt_free(crate);
anvil_clnt_free(anvil);
return (0);
}

64
postfix/src/global/anvil_clnt.h Normal file
View File

@ -0,0 +1,64 @@
#ifndef _ANVIL_CLNT_H_INCLUDED_
#define _ANVIL_CLNT_H_INCLUDED_
/*++
/* NAME
/* anvil_clnt 3h
/* SUMMARY
/* connection count and rate management client interface
/* SYNOPSIS
/* #include <anvil_clnt.h>
/* DESCRIPTION
/* .nf
/*
* System library.
*/
#include <stdarg.h>
/*
* Utility library.
*/
#include <attr_clnt.h>
/*
* Protocol interface: requests and endpoints.
*/
#define ANVIL_SERVICE "anvil"
#define ANVIL_CLASS "private"
#define ANVIL_ATTR_REQ "request"
#define ANVIL_REQ_CONN "connect"
#define ANVIL_REQ_DISC "disconnect"
#define ANVIL_REQ_LOOKUP "lookup"
#define ANVIL_ATTR_IDENT "ident"
#define ANVIL_ATTR_COUNT "count"
#define ANVIL_ATTR_RATE "rate"
#define ANVIL_ATTR_STATUS "status"
#define ANVIL_STAT_OK 0
#define ANVIL_STAT_FAIL (-1)
/*
* Functional interface.
*/
typedef struct ANVIL_CLNT ANVIL_CLNT;
extern ANVIL_CLNT *anvil_clnt_create(void);
extern int anvil_clnt_connect(ANVIL_CLNT *, const char *, const char *, int *, int *);
extern int anvil_clnt_lookup(ANVIL_CLNT *, const char *, const char *, int *, int *);
extern int anvil_clnt_disconnect(ANVIL_CLNT *, const char *, const char *);
extern void anvil_clnt_free(ANVIL_CLNT *);
/* LICENSE
/* .ad
/* .fi
/* The Secure Mailer license must be distributed with this software.
/* AUTHOR(S)
/* Wietse Venema
/* IBM T.J. Watson Research
/* P.O. Box 704
/* Yorktown Heights, NY 10598, USA
/*--*/
#endif

63
postfix/src/global/crate_clnt.h
View File

@ -1,63 +0,0 @@
#ifndef _CRATE_CLNT_H_INCLUDED_
#define _CRATE_CLNT_H_INCLUDED_
/*++
/* NAME
/* crate_clnt 3h
/* SUMMARY
/* connection rate client interface
/* SYNOPSIS
/* #include <crate_clnt.h>
/* DESCRIPTION
/* .nf
/*
* System library.
*/
#include <stdarg.h>
/*
* Utility library.
*/
#include <attr_clnt.h>
/*
* Protocol interface: requests and endpoints.
*/
#define CRATE_SERVICE "crate"
#define CRATE_CLASS "private"
#define CRATE_ATTR_REQ "request"
#define CRATE_REQ_CONN "connect"
#define CRATE_REQ_DISC "disconnect"
#define CRATE_REQ_LOOKUP "lookup"
#define CRATE_ATTR_IDENT "ident"
#define CRATE_ATTR_COUNT "count"
#define CRATE_ATTR_RATE "rate"
#define CRATE_ATTR_STATUS "status"
#define CRATE_STAT_OK 0
#define CRATE_STAT_FAIL (-1)
/*
* Functional interface.
*/
typedef struct CRATE_CLNT CRATE_CLNT;
extern CRATE_CLNT *crate_clnt_create(void);
extern int crate_clnt_connect(CRATE_CLNT *, const char *, const char *, int *, int *);
extern int crate_clnt_disconnect(CRATE_CLNT *, const char *, const char *);
extern void crate_clnt_free(CRATE_CLNT *);
/* LICENSE
/* .ad
/* .fi
/* The Secure Mailer license must be distributed with this software.
/* AUTHOR(S)
/* Wietse Venema
/* IBM T.J. Watson Research
/* P.O. Box 704
/* Yorktown Heights, NY 10598, USA
/*--*/
#endif

2
postfix/src/global/mail_params.c
View File

@ -250,7 +250,6 @@ char *var_error_service;
char *var_flush_service;
char *var_verify_service;
char *var_trace_service;
char *var_crate_service;
int var_db_create_buf;
int var_db_read_buf;
int var_mime_maxdepth;
@ -482,7 +481,6 @@ void mail_params_init()
VAR_FLUSH_SERVICE, DEF_FLUSH_SERVICE, &var_flush_service, 1, 0,
VAR_VERIFY_SERVICE, DEF_VERIFY_SERVICE, &var_verify_service, 1, 0,
VAR_TRACE_SERVICE, DEF_TRACE_SERVICE, &var_trace_service, 1, 0,
VAR_CRATE_SERVICE, DEF_CRATE_SERVICE, &var_crate_service, 1, 0,
0,
};
static CONFIG_STR_FN_TABLE function_str_defaults_2[] = {

22
postfix/src/global/mail_params.h
View File

@ -1910,29 +1910,27 @@ extern int var_smtpd_policy_ttl;
extern int var_smtpd_crate_limit;
#define VAR_SMTPD_CCONN_LIMIT "smtpd_client_connection_count_limit"
#define DEF_SMTPD_CCONN_LIMIT 0
#define DEF_SMTPD_CCONN_LIMIT ((DEF_PROC_LIMIT + 1) / 2)
extern int var_smtpd_cconn_limit;
#define VAR_SMTPD_HOGGERS "smtpd_client_connection_limit_exceptions"
#define DEF_SMTPD_HOGGERS "$" VAR_MYNETWORKS
extern char *var_smtpd_hoggers;
#define VAR_CRATE_SAMPLE "connection_rate_time_unit"
#define DEF_CRATE_SAMPLE "60s"
extern int var_crate_sample;
#define VAR_CRATE_PURGE "connection_rate_purge_delay"
#define DEF_CRATE_PURGE "$" VAR_CRATE_SAMPLE
extern int var_crate_purge;
#define VAR_ANVIL_TIME_UNIT "connection_rate_time_unit"
#define DEF_ANVIL_TIME_UNIT "60s"
extern int var_anvil_time_unit;
/*
* Temporary stop gap.
*/
#include <crate_clnt.h>
#if 0
#include <anvil_clnt.h>
#define VAR_CRATE_SERVICE "connection_rate_service"
#define DEF_CRATE_SERVICE "local:" CRATE_CLASS "/" CRATE_SERVICE
extern char *var_crate_service;
#define VAR_ANVIL_SERVICE "connection_rate_service"
#define DEF_ANVIL_SERVICE "local:" ANVIL_CLASS "/" ANVIL_SERVICE
extern char *var_anvil_service;
#endif
/* LICENSE
/* .ad

2
postfix/src/global/mail_version.h
View File

@ -20,7 +20,7 @@
* Patches change the patchlevel and the release date. Snapshots change the
* release date only, unless they include the same bugfix as a patch release.
*/
#define MAIL_RELEASE_DATE "20031110"
#define MAIL_RELEASE_DATE "20031111"
#define VAR_MAIL_VERSION "mail_version"
#define DEF_MAIL_VERSION "2.0.16-" MAIL_RELEASE_DATE

29
postfix/src/lmtp/Makefile.in
View File

@ -75,9 +75,6 @@ lmtp.o: ../../include/vstring.h
lmtp.o: ../../include/recipient_list.h
lmtp.o: ../../include/mail_queue.h
lmtp.o: ../../include/mail_params.h
lmtp.o: ../../include/crate_clnt.h
lmtp.o: ../../include/attr_clnt.h
lmtp.o: ../../include/attr.h
lmtp.o: ../../include/mail_conf.h
lmtp.o: ../../include/debug_peer.h
lmtp.o: ../../include/mail_error.h
@ -93,13 +90,10 @@ lmtp_addr.o: ../../include/mymalloc.h
lmtp_addr.o: ../../include/inet_addr_list.h
lmtp_addr.o: ../../include/stringops.h
lmtp_addr.o: ../../include/mail_params.h
lmtp_addr.o: ../../include/crate_clnt.h
lmtp_addr.o: ../../include/attr_clnt.h
lmtp_addr.o: ../../include/attr.h
lmtp_addr.o: ../../include/vstream.h
lmtp_addr.o: ../../include/own_inet_addr.h
lmtp_addr.o: ../../include/dns.h
lmtp_addr.o: lmtp.h
lmtp_addr.o: ../../include/vstream.h
lmtp_addr.o: ../../include/argv.h
lmtp_addr.o: ../../include/deliver_request.h
lmtp_addr.o: ../../include/recipient_list.h
@ -118,9 +112,6 @@ lmtp_chat.o: ../../include/recipient_list.h
lmtp_chat.o: ../../include/deliver_request.h
lmtp_chat.o: ../../include/smtp_stream.h
lmtp_chat.o: ../../include/mail_params.h
lmtp_chat.o: ../../include/crate_clnt.h
lmtp_chat.o: ../../include/attr_clnt.h
lmtp_chat.o: ../../include/attr.h
lmtp_chat.o: ../../include/mail_addr.h
lmtp_chat.o: ../../include/post_mail.h
lmtp_chat.o: ../../include/cleanup_user.h
@ -141,10 +132,8 @@ lmtp_connect.o: ../../include/stringops.h
lmtp_connect.o: ../../include/host_port.h
lmtp_connect.o: ../../include/sane_connect.h
lmtp_connect.o: ../../include/mail_params.h
lmtp_connect.o: ../../include/crate_clnt.h
lmtp_connect.o: ../../include/attr_clnt.h
lmtp_connect.o: ../../include/attr.h
lmtp_connect.o: ../../include/mail_proto.h
lmtp_connect.o: ../../include/attr.h
lmtp_connect.o: ../../include/dns.h
lmtp_connect.o: lmtp.h
lmtp_connect.o: ../../include/argv.h
@ -161,9 +150,6 @@ lmtp_proto.o: ../../include/vstring_vstream.h
lmtp_proto.o: ../../include/stringops.h
lmtp_proto.o: ../../include/mymalloc.h
lmtp_proto.o: ../../include/mail_params.h
lmtp_proto.o: ../../include/crate_clnt.h
lmtp_proto.o: ../../include/attr_clnt.h
lmtp_proto.o: ../../include/attr.h
lmtp_proto.o: ../../include/smtp_stream.h
lmtp_proto.o: ../../include/mail_queue.h
lmtp_proto.o: ../../include/recipient_list.h
@ -180,6 +166,7 @@ lmtp_proto.o: ../../include/quote_821_local.h
lmtp_proto.o: ../../include/quote_flags.h
lmtp_proto.o: ../../include/mail_proto.h
lmtp_proto.o: ../../include/iostuff.h
lmtp_proto.o: ../../include/attr.h
lmtp_proto.o: lmtp.h
lmtp_proto.o: ../../include/argv.h
lmtp_proto.o: lmtp_sasl.h
@ -193,15 +180,12 @@ lmtp_sasl_glue.o: ../../include/vbuf.h
lmtp_sasl_glue.o: ../../include/split_at.h
lmtp_sasl_glue.o: ../../include/name_mask.h
lmtp_sasl_glue.o: ../../include/mail_params.h
lmtp_sasl_glue.o: ../../include/crate_clnt.h
lmtp_sasl_glue.o: ../../include/attr_clnt.h
lmtp_sasl_glue.o: ../../include/attr.h
lmtp_sasl_glue.o: ../../include/vstream.h
lmtp_sasl_glue.o: ../../include/string_list.h
lmtp_sasl_glue.o: ../../include/match_list.h
lmtp_sasl_glue.o: ../../include/match_ops.h
lmtp_sasl_glue.o: ../../include/maps.h
lmtp_sasl_glue.o: ../../include/dict.h
lmtp_sasl_glue.o: ../../include/vstream.h
lmtp_sasl_glue.o: ../../include/argv.h
lmtp_sasl_glue.o: lmtp.h
lmtp_sasl_glue.o: ../../include/deliver_request.h
@ -212,12 +196,9 @@ lmtp_sasl_proto.o: ../../include/sys_defs.h
lmtp_sasl_proto.o: ../../include/msg.h
lmtp_sasl_proto.o: ../../include/mymalloc.h
lmtp_sasl_proto.o: ../../include/mail_params.h
lmtp_sasl_proto.o: ../../include/crate_clnt.h
lmtp_sasl_proto.o: ../../include/attr_clnt.h
lmtp_sasl_proto.o: ../../include/attr.h
lmtp_sasl_proto.o: lmtp.h
lmtp_sasl_proto.o: ../../include/vstream.h
lmtp_sasl_proto.o: ../../include/vbuf.h
lmtp_sasl_proto.o: lmtp.h
lmtp_sasl_proto.o: ../../include/vstring.h
lmtp_sasl_proto.o: ../../include/argv.h
lmtp_sasl_proto.o: ../../include/deliver_request.h

53
postfix/src/local/Makefile.in
View File

@ -74,9 +74,6 @@ alias.o: ../../include/stringops.h
alias.o: ../../include/vstring.h
alias.o: ../../include/mymalloc.h
alias.o: ../../include/mail_params.h
alias.o: ../../include/crate_clnt.h
alias.o: ../../include/attr_clnt.h
alias.o: ../../include/attr.h
alias.o: ../../include/defer.h
alias.o: ../../include/bounce.h
alias.o: ../../include/deliver_request.h
@ -109,9 +106,6 @@ command.o: ../../include/recipient_list.h
command.o: ../../include/sent.h
command.o: ../../include/been_here.h
command.o: ../../include/mail_params.h
command.o: ../../include/crate_clnt.h
command.o: ../../include/attr_clnt.h
command.o: ../../include/attr.h
command.o: ../../include/pipe_command.h
command.o: ../../include/mail_copy.h
command.o: local.h
@ -182,9 +176,6 @@ dotforward.o: ../../include/deliver_request.h
dotforward.o: ../../include/recipient_list.h
dotforward.o: ../../include/been_here.h
dotforward.o: ../../include/mail_params.h
dotforward.o: ../../include/crate_clnt.h
dotforward.o: ../../include/attr_clnt.h
dotforward.o: ../../include/attr.h
dotforward.o: ../../include/mail_conf.h
dotforward.o: ../../include/ext_prop.h
dotforward.o: ../../include/sent.h
@ -213,9 +204,6 @@ file.o: ../../include/defer.h
file.o: ../../include/sent.h
file.o: ../../include/been_here.h
file.o: ../../include/mail_params.h
file.o: ../../include/crate_clnt.h
file.o: ../../include/attr_clnt.h
file.o: ../../include/attr.h
file.o: ../../include/mbox_conf.h
file.o: ../../include/argv.h
file.o: ../../include/mbox_open.h
@ -248,8 +236,6 @@ forward.o: ../../include/rec_type.h
forward.o: ../../include/mark_corrupt.h
forward.o: ../../include/mail_date.h
forward.o: ../../include/mail_params.h
forward.o: ../../include/crate_clnt.h
forward.o: ../../include/attr_clnt.h
forward.o: local.h
forward.o: ../../include/been_here.h
forward.o: ../../include/tok822.h
@ -275,9 +261,6 @@ include.o: ../../include/recipient_list.h
include.o: ../../include/defer.h
include.o: ../../include/been_here.h
include.o: ../../include/mail_params.h
include.o: ../../include/crate_clnt.h
include.o: ../../include/attr_clnt.h
include.o: ../../include/attr.h
include.o: ../../include/ext_prop.h
include.o: ../../include/sent.h
include.o: local.h
@ -292,14 +275,11 @@ indirect.o: ../../include/sys_defs.h
indirect.o: ../../include/msg.h
indirect.o: ../../include/htable.h
indirect.o: ../../include/mail_params.h
indirect.o: ../../include/crate_clnt.h
indirect.o: ../../include/attr_clnt.h
indirect.o: ../../include/attr.h
indirect.o: ../../include/vstream.h
indirect.o: ../../include/vbuf.h
indirect.o: ../../include/bounce.h
indirect.o: ../../include/deliver_request.h
indirect.o: ../../include/vstring.h
indirect.o: ../../include/vbuf.h
indirect.o: ../../include/vstream.h
indirect.o: ../../include/recipient_list.h
indirect.o: ../../include/defer.h
indirect.o: ../../include/been_here.h
@ -328,9 +308,6 @@ local.o: ../../include/recipient_list.h
local.o: ../../include/deliver_request.h
local.o: ../../include/deliver_completed.h
local.o: ../../include/mail_params.h
local.o: ../../include/crate_clnt.h
local.o: ../../include/attr_clnt.h
local.o: ../../include/attr.h
local.o: ../../include/mail_addr.h
local.o: ../../include/mail_conf.h
local.o: ../../include/been_here.h
@ -348,12 +325,9 @@ local_expand.o: ../../include/vbuf.h
local_expand.o: ../../include/mac_expand.h
local_expand.o: ../../include/mac_parse.h
local_expand.o: ../../include/mail_params.h
local_expand.o: ../../include/crate_clnt.h
local_expand.o: ../../include/attr_clnt.h
local_expand.o: ../../include/attr.h
local_expand.o: ../../include/vstream.h
local_expand.o: local.h
local_expand.o: ../../include/htable.h
local_expand.o: ../../include/vstream.h
local_expand.o: ../../include/been_here.h
local_expand.o: ../../include/tok822.h
local_expand.o: ../../include/resolve_clnt.h
@ -382,12 +356,10 @@ mailbox.o: ../../include/sent.h
mailbox.o: ../../include/mypwd.h
mailbox.o: ../../include/been_here.h
mailbox.o: ../../include/mail_params.h
mailbox.o: ../../include/crate_clnt.h
mailbox.o: ../../include/attr_clnt.h
mailbox.o: ../../include/attr.h
mailbox.o: ../../include/deliver_pass.h
mailbox.o: ../../include/mail_proto.h
mailbox.o: ../../include/iostuff.h
mailbox.o: ../../include/attr.h
mailbox.o: ../../include/mbox_open.h
mailbox.o: ../../include/safe_open.h
mailbox.o: ../../include/maps.h
@ -417,9 +389,6 @@ maildir.o: ../../include/recipient_list.h
maildir.o: ../../include/defer.h
maildir.o: ../../include/sent.h
maildir.o: ../../include/mail_params.h
maildir.o: ../../include/crate_clnt.h
maildir.o: ../../include/attr_clnt.h
maildir.o: ../../include/attr.h
maildir.o: local.h
maildir.o: ../../include/htable.h
maildir.o: ../../include/been_here.h
@ -447,9 +416,6 @@ recipient.o: ../../include/deliver_request.h
recipient.o: ../../include/recipient_list.h
recipient.o: ../../include/defer.h
recipient.o: ../../include/mail_params.h
recipient.o: ../../include/crate_clnt.h
recipient.o: ../../include/attr_clnt.h
recipient.o: ../../include/attr.h
recipient.o: ../../include/split_addr.h
recipient.o: ../../include/strip_addr.h
recipient.o: ../../include/ext_prop.h
@ -475,8 +441,6 @@ resolve.o: ../../include/resolve_clnt.h
resolve.o: ../../include/rewrite_clnt.h
resolve.o: ../../include/tok822.h
resolve.o: ../../include/mail_params.h
resolve.o: ../../include/crate_clnt.h
resolve.o: ../../include/attr_clnt.h
resolve.o: ../../include/defer.h
resolve.o: ../../include/bounce.h
resolve.o: ../../include/deliver_request.h
@ -501,9 +465,6 @@ token.o: ../../include/stringops.h
token.o: ../../include/tok822.h
token.o: ../../include/resolve_clnt.h
token.o: ../../include/mail_params.h
token.o: ../../include/crate_clnt.h
token.o: ../../include/attr_clnt.h
token.o: ../../include/attr.h
token.o: ../../include/bounce.h
token.o: ../../include/deliver_request.h
token.o: ../../include/recipient_list.h
@ -523,12 +484,10 @@ unknown.o: ../../include/vbuf.h
unknown.o: ../../include/mymalloc.h
unknown.o: ../../include/been_here.h
unknown.o: ../../include/mail_params.h
unknown.o: ../../include/crate_clnt.h
unknown.o: ../../include/attr_clnt.h
unknown.o: ../../include/attr.h
unknown.o: ../../include/vstream.h
unknown.o: ../../include/mail_proto.h
unknown.o: ../../include/vstream.h
unknown.o: ../../include/iostuff.h
unknown.o: ../../include/attr.h
unknown.o: ../../include/bounce.h
unknown.o: ../../include/deliver_request.h
unknown.o: ../../include/recipient_list.h

24
postfix/src/master/Makefile.in
View File

@ -104,9 +104,6 @@ master.o: ../../include/clean_env.h
master.o: ../../include/argv.h
master.o: ../../include/safe.h
master.o: ../../include/mail_params.h
master.o: ../../include/crate_clnt.h
master.o: ../../include/attr_clnt.h
master.o: ../../include/attr.h
master.o: ../../include/mail_version.h
master.o: ../../include/debug_process.h
master.o: ../../include/mail_task.h
@ -141,8 +138,6 @@ master_ent.o: ../../include/mail_proto.h
master_ent.o: ../../include/iostuff.h
master_ent.o: ../../include/attr.h
master_ent.o: ../../include/mail_params.h
master_ent.o: ../../include/crate_clnt.h
master_ent.o: ../../include/attr_clnt.h
master_ent.o: ../../include/own_inet_addr.h
master_ent.o: master_proto.h
master_ent.o: master.h
@ -165,10 +160,6 @@ master_listen.o: ../../include/inet_addr_list.h
master_listen.o: ../../include/set_eugid.h
master_listen.o: ../../include/set_ugid.h
master_listen.o: ../../include/mail_params.h
master_listen.o: ../../include/crate_clnt.h
master_listen.o: ../../include/attr_clnt.h
master_listen.o: ../../include/attr.h
master_listen.o: ../../include/vstream.h
master_listen.o: master.h
master_proto.o: master_proto.c
master_proto.o: ../../include/sys_defs.h
@ -212,10 +203,6 @@ master_vars.o: ../../include/vbuf.h
master_vars.o: ../../include/mymalloc.h
master_vars.o: ../../include/mail_conf.h
master_vars.o: ../../include/mail_params.h
master_vars.o: ../../include/crate_clnt.h
master_vars.o: ../../include/attr_clnt.h
master_vars.o: ../../include/attr.h
master_vars.o: ../../include/vstream.h
master_vars.o: master.h
master_wakeup.o: master_wakeup.c
master_wakeup.o: ../../include/sys_defs.h
@ -230,8 +217,6 @@ master_wakeup.o: ../../include/vbuf.h
master_wakeup.o: ../../include/iostuff.h
master_wakeup.o: ../../include/attr.h
master_wakeup.o: ../../include/mail_params.h
master_wakeup.o: ../../include/crate_clnt.h
master_wakeup.o: ../../include/attr_clnt.h
master_wakeup.o: mail_server.h
master_wakeup.o: master.h
multi_server.o: multi_server.c
@ -256,9 +241,6 @@ multi_server.o: ../../include/split_at.h
multi_server.o: ../../include/mail_task.h
multi_server.o: ../../include/debug_process.h
multi_server.o: ../../include/mail_params.h
multi_server.o: ../../include/crate_clnt.h
multi_server.o: ../../include/attr_clnt.h
multi_server.o: ../../include/attr.h
multi_server.o: ../../include/mail_conf.h
multi_server.o: ../../include/mail_dict.h
multi_server.o: ../../include/timed_ipc.h
@ -286,9 +268,6 @@ single_server.o: ../../include/listen.h
single_server.o: ../../include/watchdog.h
single_server.o: ../../include/split_at.h
single_server.o: ../../include/mail_params.h
single_server.o: ../../include/crate_clnt.h
single_server.o: ../../include/attr_clnt.h
single_server.o: ../../include/attr.h
single_server.o: ../../include/mail_task.h
single_server.o: ../../include/debug_process.h
single_server.o: ../../include/mail_conf.h
@ -318,9 +297,6 @@ trigger_server.o: ../../include/listen.h
trigger_server.o: ../../include/watchdog.h
trigger_server.o: ../../include/split_at.h
trigger_server.o: ../../include/mail_params.h
trigger_server.o: ../../include/crate_clnt.h
trigger_server.o: ../../include/attr_clnt.h
trigger_server.o: ../../include/attr.h
trigger_server.o: ../../include/mail_task.h
trigger_server.o: ../../include/debug_process.h
trigger_server.o: ../../include/mail_conf.h

9
postfix/src/master/master.c
View File

@ -264,7 +264,14 @@ int main(int argc, char **argv)
if (open("/dev/null", O_RDWR, 0) != fd)
msg_fatal("open /dev/null: %m");
}
setsid();
/*
* Run in a separate process group, so that "postfix stop" can terminate
* all MTA processes cleanly. Give up if we can't separate from our
* parent process. We're not supposed to blow away the parent.
*/
if (setsid() == -1)
msg_fatal("unable to set session and process group ID: %m");
/*
* Make some room for plumbing with file descriptors. XXX This breaks

25
postfix/src/nqmgr/Makefile.in
View File

@ -75,11 +75,9 @@ qmgr.o: ../../include/vstring.h
qmgr.o: ../../include/recipient_list.h
qmgr.o: ../../include/mail_conf.h
qmgr.o: ../../include/mail_params.h
qmgr.o: ../../include/crate_clnt.h
qmgr.o: ../../include/attr_clnt.h
qmgr.o: ../../include/attr.h
qmgr.o: ../../include/mail_proto.h
qmgr.o: ../../include/iostuff.h
qmgr.o: ../../include/attr.h
qmgr.o: ../../include/mail_flow.h
qmgr.o: ../../include/master_proto.h
qmgr.o: ../../include/mail_server.h
@ -93,9 +91,6 @@ qmgr_active.o: ../../include/mymalloc.h
qmgr_active.o: ../../include/vstream.h
qmgr_active.o: ../../include/vbuf.h
qmgr_active.o: ../../include/mail_params.h
qmgr_active.o: ../../include/crate_clnt.h
qmgr_active.o: ../../include/attr_clnt.h
qmgr_active.o: ../../include/attr.h
qmgr_active.o: ../../include/mail_open_ok.h
qmgr_active.o: ../../include/mail_queue.h
qmgr_active.o: ../../include/vstring.h
@ -145,8 +140,6 @@ qmgr_deliver.o: ../../include/mail_proto.h
qmgr_deliver.o: ../../include/attr.h
qmgr_deliver.o: ../../include/recipient_list.h
qmgr_deliver.o: ../../include/mail_params.h
qmgr_deliver.o: ../../include/crate_clnt.h
qmgr_deliver.o: ../../include/attr_clnt.h
qmgr_deliver.o: ../../include/deliver_request.h
qmgr_deliver.o: ../../include/verp_sender.h
qmgr_deliver.o: qmgr.h
@ -166,9 +159,6 @@ qmgr_entry.o: ../../include/events.h
qmgr_entry.o: ../../include/vstream.h
qmgr_entry.o: ../../include/vbuf.h
qmgr_entry.o: ../../include/mail_params.h
qmgr_entry.o: ../../include/crate_clnt.h
qmgr_entry.o: ../../include/attr_clnt.h
qmgr_entry.o: ../../include/attr.h
qmgr_entry.o: qmgr.h
qmgr_entry.o: ../../include/scan_dir.h
qmgr_job.o: qmgr_job.c
@ -197,9 +187,6 @@ qmgr_message.o: ../../include/sane_time.h
qmgr_message.o: ../../include/dict.h
qmgr_message.o: ../../include/mail_queue.h
qmgr_message.o: ../../include/mail_params.h
qmgr_message.o: ../../include/crate_clnt.h
qmgr_message.o: ../../include/attr_clnt.h
qmgr_message.o: ../../include/attr.h
qmgr_message.o: ../../include/canon_addr.h
qmgr_message.o: ../../include/record.h
qmgr_message.o: ../../include/rec_type.h
@ -211,6 +198,7 @@ qmgr_message.o: ../../include/opened.h
qmgr_message.o: ../../include/verp_sender.h
qmgr_message.o: ../../include/mail_proto.h
qmgr_message.o: ../../include/iostuff.h
qmgr_message.o: ../../include/attr.h
qmgr_message.o: ../../include/qmgr_user.h
qmgr_message.o: ../../include/rewrite_clnt.h
qmgr_message.o: ../../include/resolve_clnt.h
@ -243,13 +231,10 @@ qmgr_queue.o: ../../include/mymalloc.h
qmgr_queue.o: ../../include/events.h
qmgr_queue.o: ../../include/htable.h
qmgr_queue.o: ../../include/mail_params.h
qmgr_queue.o: ../../include/crate_clnt.h
qmgr_queue.o: ../../include/attr_clnt.h
qmgr_queue.o: ../../include/attr.h
qmgr_queue.o: ../../include/vstream.h
qmgr_queue.o: ../../include/vbuf.h
qmgr_queue.o: ../../include/recipient_list.h
qmgr_queue.o: qmgr.h
qmgr_queue.o: ../../include/vstream.h
qmgr_queue.o: ../../include/vbuf.h
qmgr_queue.o: ../../include/scan_dir.h
qmgr_rcpt_list.o: qmgr_rcpt_list.c
qmgr_rcpt_list.o: ../../include/sys_defs.h
@ -281,7 +266,5 @@ qmgr_transport.o: ../../include/attr.h
qmgr_transport.o: ../../include/recipient_list.h
qmgr_transport.o: ../../include/mail_conf.h
qmgr_transport.o: ../../include/mail_params.h
qmgr_transport.o: ../../include/crate_clnt.h
qmgr_transport.o: ../../include/attr_clnt.h
qmgr_transport.o: qmgr.h
qmgr_transport.o: ../../include/scan_dir.h

2
postfix/src/pickup/Makefile.in
View File

@ -73,8 +73,6 @@ pickup.o: ../../include/attr.h
pickup.o: ../../include/cleanup_user.h
pickup.o: ../../include/mail_date.h
pickup.o: ../../include/mail_params.h
pickup.o: ../../include/crate_clnt.h
pickup.o: ../../include/attr_clnt.h
pickup.o: ../../include/mail_conf.h
pickup.o: ../../include/record.h
pickup.o: ../../include/rec_type.h

3
postfix/src/pipe/Makefile.in
View File

@ -73,9 +73,6 @@ pipe.o: ../../include/stringops.h
pipe.o: ../../include/recipient_list.h
pipe.o: ../../include/deliver_request.h
pipe.o: ../../include/mail_params.h
pipe.o: ../../include/crate_clnt.h
pipe.o: ../../include/attr_clnt.h
pipe.o: ../../include/attr.h
pipe.o: ../../include/mail_conf.h
pipe.o: ../../include/bounce.h
pipe.o: ../../include/defer.h

3
postfix/src/postalias/Makefile.in
View File

@ -97,9 +97,6 @@ postalias.o: ../../include/resolve_clnt.h
postalias.o: ../../include/mail_conf.h
postalias.o: ../../include/mail_dict.h
postalias.o: ../../include/mail_params.h
postalias.o: ../../include/crate_clnt.h
postalias.o: ../../include/attr_clnt.h
postalias.o: ../../include/attr.h
postalias.o: ../../include/mkmap.h
postalias.o: ../../include/dict.h
postalias.o: ../../include/argv.h

3
postfix/src/postcat/Makefile.in
View File

@ -68,6 +68,3 @@ postcat.o: ../../include/rec_type.h
postcat.o: ../../include/mail_queue.h
postcat.o: ../../include/mail_conf.h
postcat.o: ../../include/mail_params.h
postcat.o: ../../include/crate_clnt.h
postcat.o: ../../include/attr_clnt.h
postcat.o: ../../include/attr.h

2
postfix/src/postconf/Makefile.in
View File

@ -94,8 +94,6 @@ postconf.o: ../../include/iostuff.h
postconf.o: ../../include/attr.h
postconf.o: ../../include/mail_version.h
postconf.o: ../../include/mail_params.h
postconf.o: ../../include/crate_clnt.h
postconf.o: ../../include/attr_clnt.h
postconf.o: ../../include/mail_addr.h
postconf.o: ../../include/mbox_conf.h
postconf.o: time_vars.h

2
postfix/src/postdrop/Makefile.in
View File

@ -71,8 +71,6 @@ postdrop.o: ../../include/mail_proto.h
postdrop.o: ../../include/attr.h
postdrop.o: ../../include/mail_queue.h
postdrop.o: ../../include/mail_params.h
postdrop.o: ../../include/crate_clnt.h
postdrop.o: ../../include/attr_clnt.h
postdrop.o: ../../include/mail_conf.h
postdrop.o: ../../include/mail_task.h
postdrop.o: ../../include/clean_env.h

3
postfix/src/postfix/Makefile.in
View File

@ -73,6 +73,3 @@ postfix.o: ../../include/argv.h
postfix.o: ../../include/safe.h
postfix.o: ../../include/mail_conf.h
postfix.o: ../../include/mail_params.h
postfix.o: ../../include/crate_clnt.h
postfix.o: ../../include/attr_clnt.h
postfix.o: ../../include/attr.h

2
postfix/src/postfix/postfix.c
View File

@ -239,7 +239,7 @@ int main(int argc, char **argv)
while ((ch = GETOPT(argc, argv, "c:Dv")) > 0) {
switch (ch) {
default:
msg_fatal("usage: %s [-c config_dir] [-v] command", argv[0]);
msg_fatal("usage: %s [-c config_dir] [-Dv] command", argv[0]);
case 'c':
if (*optarg != '/')
msg_fatal("-c requires absolute pathname");

2
postfix/src/postkick/Makefile.in
View File

@ -68,6 +68,4 @@ postkick.o: ../../include/mail_proto.h
postkick.o: ../../include/iostuff.h
postkick.o: ../../include/attr.h
postkick.o: ../../include/mail_params.h
postkick.o: ../../include/crate_clnt.h
postkick.o: ../../include/attr_clnt.h
postkick.o: ../../include/mail_conf.h

3
postfix/src/postlock/Makefile.in
View File

@ -64,9 +64,6 @@ postlock.o: ../../include/vstream.h
postlock.o: ../../include/msg_vstream.h
postlock.o: ../../include/iostuff.h
postlock.o: ../../include/mail_params.h
postlock.o: ../../include/crate_clnt.h
postlock.o: ../../include/attr_clnt.h
postlock.o: ../../include/attr.h
postlock.o: ../../include/dot_lockfile.h
postlock.o: ../../include/deliver_flock.h
postlock.o: ../../include/myflock.h

3
postfix/src/postlog/Makefile.in
View File

@ -70,7 +70,4 @@ postlog.o: ../../include/msg_output.h
postlog.o: ../../include/msg_vstream.h
postlog.o: ../../include/msg_syslog.h
postlog.o: ../../include/mail_params.h
postlog.o: ../../include/crate_clnt.h
postlog.o: ../../include/attr_clnt.h
postlog.o: ../../include/attr.h
postlog.o: ../../include/mail_conf.h

3
postfix/src/postmap/Makefile.in
View File

@ -95,9 +95,6 @@ postmap.o: ../../include/set_eugid.h
postmap.o: ../../include/mail_conf.h
postmap.o: ../../include/mail_dict.h
postmap.o: ../../include/mail_params.h
postmap.o: ../../include/crate_clnt.h
postmap.o: ../../include/attr_clnt.h
postmap.o: ../../include/attr.h
postmap.o: ../../include/mkmap.h
postmap.o: ../../include/dict.h
postmap.o: ../../include/argv.h

2
postfix/src/postqueue/Makefile.in
View File

@ -72,8 +72,6 @@ postqueue.o: ../../include/valid_hostname.h
postqueue.o: ../../include/mail_proto.h
postqueue.o: ../../include/attr.h
postqueue.o: ../../include/mail_params.h
postqueue.o: ../../include/crate_clnt.h
postqueue.o: ../../include/attr_clnt.h
postqueue.o: ../../include/mail_conf.h
postqueue.o: ../../include/mail_task.h
postqueue.o: ../../include/debug_process.h

3
postfix/src/postsuper/Makefile.in
View File

@ -73,8 +73,5 @@ postsuper.o: ../../include/sane_fsops.h
postsuper.o: ../../include/mail_task.h
postsuper.o: ../../include/mail_conf.h
postsuper.o: ../../include/mail_params.h
postsuper.o: ../../include/crate_clnt.h
postsuper.o: ../../include/attr_clnt.h
postsuper.o: ../../include/attr.h
postsuper.o: ../../include/mail_queue.h
postsuper.o: ../../include/mail_open_ok.h

4
postfix/src/proxymap/Makefile.in
View File

@ -68,10 +68,8 @@ proxymap.o: ../../include/vstream.h
proxymap.o: ../../include/argv.h
proxymap.o: ../../include/mail_conf.h
proxymap.o: ../../include/mail_params.h
proxymap.o: ../../include/crate_clnt.h
proxymap.o: ../../include/attr_clnt.h
proxymap.o: ../../include/attr.h
proxymap.o: ../../include/mail_proto.h
proxymap.o: ../../include/iostuff.h
proxymap.o: ../../include/attr.h
proxymap.o: ../../include/dict_proxy.h
proxymap.o: ../../include/mail_server.h

25
postfix/src/qmgr/Makefile.in
View File

@ -73,11 +73,9 @@ qmgr.o: ../../include/vstring.h
qmgr.o: ../../include/recipient_list.h
qmgr.o: ../../include/mail_conf.h
qmgr.o: ../../include/mail_params.h
qmgr.o: ../../include/crate_clnt.h
qmgr.o: ../../include/attr_clnt.h
qmgr.o: ../../include/attr.h
qmgr.o: ../../include/mail_proto.h
qmgr.o: ../../include/iostuff.h
qmgr.o: ../../include/attr.h
qmgr.o: ../../include/mail_flow.h
qmgr.o: ../../include/master_proto.h
qmgr.o: ../../include/mail_server.h
@ -91,9 +89,6 @@ qmgr_active.o: ../../include/mymalloc.h
qmgr_active.o: ../../include/vstream.h
qmgr_active.o: ../../include/vbuf.h
qmgr_active.o: ../../include/mail_params.h
qmgr_active.o: ../../include/crate_clnt.h
qmgr_active.o: ../../include/attr_clnt.h
qmgr_active.o: ../../include/attr.h
qmgr_active.o: ../../include/mail_open_ok.h
qmgr_active.o: ../../include/mail_queue.h
qmgr_active.o: ../../include/vstring.h
@ -143,8 +138,6 @@ qmgr_deliver.o: ../../include/mail_proto.h
qmgr_deliver.o: ../../include/attr.h
qmgr_deliver.o: ../../include/recipient_list.h
qmgr_deliver.o: ../../include/mail_params.h
qmgr_deliver.o: ../../include/crate_clnt.h
qmgr_deliver.o: ../../include/attr_clnt.h
qmgr_deliver.o: ../../include/deliver_request.h
qmgr_deliver.o: ../../include/verp_sender.h
qmgr_deliver.o: qmgr.h
@ -164,9 +157,6 @@ qmgr_entry.o: ../../include/events.h
qmgr_entry.o: ../../include/vstream.h
qmgr_entry.o: ../../include/vbuf.h
qmgr_entry.o: ../../include/mail_params.h
qmgr_entry.o: ../../include/crate_clnt.h
qmgr_entry.o: ../../include/attr_clnt.h
qmgr_entry.o: ../../include/attr.h
qmgr_entry.o: qmgr.h
qmgr_entry.o: ../../include/scan_dir.h
qmgr_message.o: qmgr_message.c
@ -184,9 +174,6 @@ qmgr_message.o: ../../include/myflock.h
qmgr_message.o: ../../include/dict.h
qmgr_message.o: ../../include/mail_queue.h
qmgr_message.o: ../../include/mail_params.h
qmgr_message.o: ../../include/crate_clnt.h
qmgr_message.o: ../../include/attr_clnt.h
qmgr_message.o: ../../include/attr.h
qmgr_message.o: ../../include/canon_addr.h
qmgr_message.o: ../../include/record.h
qmgr_message.o: ../../include/rec_type.h
@ -198,6 +185,7 @@ qmgr_message.o: ../../include/opened.h
qmgr_message.o: ../../include/verp_sender.h
qmgr_message.o: ../../include/mail_proto.h
qmgr_message.o: ../../include/iostuff.h
qmgr_message.o: ../../include/attr.h
qmgr_message.o: ../../include/qmgr_user.h
qmgr_message.o: ../../include/rewrite_clnt.h
qmgr_message.o: ../../include/resolve_clnt.h
@ -221,13 +209,10 @@ qmgr_queue.o: ../../include/mymalloc.h
qmgr_queue.o: ../../include/events.h
qmgr_queue.o: ../../include/htable.h
qmgr_queue.o: ../../include/mail_params.h
qmgr_queue.o: ../../include/crate_clnt.h
qmgr_queue.o: ../../include/attr_clnt.h
qmgr_queue.o: ../../include/attr.h
qmgr_queue.o: ../../include/vstream.h
qmgr_queue.o: ../../include/vbuf.h
qmgr_queue.o: ../../include/recipient_list.h
qmgr_queue.o: qmgr.h
qmgr_queue.o: ../../include/vstream.h
qmgr_queue.o: ../../include/vbuf.h
qmgr_queue.o: ../../include/scan_dir.h
qmgr_rcpt_list.o: qmgr_rcpt_list.c
qmgr_rcpt_list.o: ../../include/sys_defs.h
@ -259,7 +244,5 @@ qmgr_transport.o: ../../include/attr.h
qmgr_transport.o: ../../include/recipient_list.h
qmgr_transport.o: ../../include/mail_conf.h
qmgr_transport.o: ../../include/mail_params.h
qmgr_transport.o: ../../include/crate_clnt.h
qmgr_transport.o: ../../include/attr_clnt.h
qmgr_transport.o: qmgr.h
qmgr_transport.o: ../../include/scan_dir.h

4
postfix/src/qmqpd/Makefile.in
View File

@ -78,13 +78,11 @@ qmqpd.o: ../../include/netstring.h
qmqpd.o: ../../include/dict.h
qmqpd.o: ../../include/argv.h
qmqpd.o: ../../include/mail_params.h
qmqpd.o: ../../include/crate_clnt.h
qmqpd.o: ../../include/attr_clnt.h
qmqpd.o: ../../include/attr.h
qmqpd.o: ../../include/record.h
qmqpd.o: ../../include/rec_type.h
qmqpd.o: ../../include/mail_proto.h
qmqpd.o: ../../include/iostuff.h
qmqpd.o: ../../include/attr.h
qmqpd.o: ../../include/cleanup_user.h
qmqpd.o: ../../include/mail_date.h
qmqpd.o: ../../include/mail_conf.h

2
postfix/src/sendmail/Makefile.in
View File

@ -78,8 +78,6 @@ sendmail.o: ../../include/mail_queue.h
sendmail.o: ../../include/mail_proto.h
sendmail.o: ../../include/attr.h
sendmail.o: ../../include/mail_params.h
sendmail.o: ../../include/crate_clnt.h
sendmail.o: ../../include/attr_clnt.h
sendmail.o: ../../include/record.h
sendmail.o: ../../include/rec_type.h
sendmail.o: ../../include/rec_streamlf.h

2
postfix/src/showq/Makefile.in
View File

@ -73,8 +73,6 @@ showq.o: ../../include/iostuff.h
showq.o: ../../include/attr.h
showq.o: ../../include/mail_date.h
showq.o: ../../include/mail_params.h
showq.o: ../../include/crate_clnt.h
showq.o: ../../include/attr_clnt.h
showq.o: ../../include/mail_scan_dir.h
showq.o: ../../include/mail_conf.h
showq.o: ../../include/record.h

29
postfix/src/smtp/Makefile.in
View File

@ -76,15 +76,13 @@ smtp.o: ../../include/deliver_request.h
smtp.o: ../../include/vstring.h
smtp.o: ../../include/recipient_list.h
smtp.o: ../../include/mail_params.h
smtp.o: ../../include/crate_clnt.h
smtp.o: ../../include/attr_clnt.h
smtp.o: ../../include/attr.h
smtp.o: ../../include/mail_conf.h
smtp.o: ../../include/debug_peer.h
smtp.o: ../../include/mail_error.h
smtp.o: ../../include/deliver_pass.h
smtp.o: ../../include/mail_proto.h
smtp.o: ../../include/iostuff.h
smtp.o: ../../include/attr.h
smtp.o: ../../include/mail_server.h
smtp.o: smtp.h
smtp.o: smtp_sasl.h
@ -98,13 +96,10 @@ smtp_addr.o: ../../include/inet_addr_list.h
smtp_addr.o: ../../include/stringops.h
smtp_addr.o: ../../include/myrand.h
smtp_addr.o: ../../include/mail_params.h
smtp_addr.o: ../../include/crate_clnt.h
smtp_addr.o: ../../include/attr_clnt.h
smtp_addr.o: ../../include/attr.h
smtp_addr.o: ../../include/vstream.h
smtp_addr.o: ../../include/own_inet_addr.h
smtp_addr.o: ../../include/dns.h
smtp_addr.o: smtp.h
smtp_addr.o: ../../include/vstream.h
smtp_addr.o: ../../include/argv.h
smtp_addr.o: ../../include/deliver_request.h
smtp_addr.o: ../../include/recipient_list.h
@ -123,9 +118,6 @@ smtp_chat.o: ../../include/recipient_list.h
smtp_chat.o: ../../include/deliver_request.h
smtp_chat.o: ../../include/smtp_stream.h
smtp_chat.o: ../../include/mail_params.h
smtp_chat.o: ../../include/crate_clnt.h
smtp_chat.o: ../../include/attr_clnt.h
smtp_chat.o: ../../include/attr.h
smtp_chat.o: ../../include/mail_addr.h
smtp_chat.o: ../../include/post_mail.h
smtp_chat.o: ../../include/cleanup_user.h
@ -147,9 +139,6 @@ smtp_connect.o: ../../include/stringops.h
smtp_connect.o: ../../include/host_port.h
smtp_connect.o: ../../include/sane_connect.h
smtp_connect.o: ../../include/mail_params.h
smtp_connect.o: ../../include/crate_clnt.h
smtp_connect.o: ../../include/attr_clnt.h
smtp_connect.o: ../../include/attr.h
smtp_connect.o: ../../include/own_inet_addr.h
smtp_connect.o: ../../include/dns.h
smtp_connect.o: smtp.h
@ -169,9 +158,6 @@ smtp_proto.o: ../../include/mymalloc.h
smtp_proto.o: ../../include/iostuff.h
smtp_proto.o: ../../include/split_at.h
smtp_proto.o: ../../include/mail_params.h
smtp_proto.o: ../../include/crate_clnt.h
smtp_proto.o: ../../include/attr_clnt.h
smtp_proto.o: ../../include/attr.h
smtp_proto.o: ../../include/smtp_stream.h
smtp_proto.o: ../../include/mail_queue.h
smtp_proto.o: ../../include/recipient_list.h
@ -187,6 +173,7 @@ smtp_proto.o: ../../include/mark_corrupt.h
smtp_proto.o: ../../include/quote_821_local.h
smtp_proto.o: ../../include/quote_flags.h
smtp_proto.o: ../../include/mail_proto.h
smtp_proto.o: ../../include/attr.h
smtp_proto.o: ../../include/mime_state.h
smtp_proto.o: ../../include/header_opts.h
smtp_proto.o: smtp.h
@ -202,15 +189,12 @@ smtp_sasl_glue.o: ../../include/vbuf.h
smtp_sasl_glue.o: ../../include/split_at.h
smtp_sasl_glue.o: ../../include/name_mask.h
smtp_sasl_glue.o: ../../include/mail_params.h
smtp_sasl_glue.o: ../../include/crate_clnt.h
smtp_sasl_glue.o: ../../include/attr_clnt.h
smtp_sasl_glue.o: ../../include/attr.h
smtp_sasl_glue.o: ../../include/vstream.h
smtp_sasl_glue.o: ../../include/string_list.h
smtp_sasl_glue.o: ../../include/match_list.h
smtp_sasl_glue.o: ../../include/match_ops.h
smtp_sasl_glue.o: ../../include/maps.h
smtp_sasl_glue.o: ../../include/dict.h
smtp_sasl_glue.o: ../../include/vstream.h
smtp_sasl_glue.o: ../../include/argv.h
smtp_sasl_glue.o: smtp.h
smtp_sasl_glue.o: ../../include/deliver_request.h
@ -221,12 +205,9 @@ smtp_sasl_proto.o: ../../include/sys_defs.h
smtp_sasl_proto.o: ../../include/msg.h
smtp_sasl_proto.o: ../../include/mymalloc.h
smtp_sasl_proto.o: ../../include/mail_params.h
smtp_sasl_proto.o: ../../include/crate_clnt.h
smtp_sasl_proto.o: ../../include/attr_clnt.h
smtp_sasl_proto.o: ../../include/attr.h
smtp_sasl_proto.o: smtp.h
smtp_sasl_proto.o: ../../include/vstream.h
smtp_sasl_proto.o: ../../include/vbuf.h
smtp_sasl_proto.o: smtp.h
smtp_sasl_proto.o: ../../include/vstring.h
smtp_sasl_proto.o: ../../include/argv.h
smtp_sasl_proto.o: ../../include/deliver_request.h

29
postfix/src/smtpd/Makefile.in
View File

@ -123,12 +123,10 @@ smtpd.o: ../../include/argv.h
smtpd.o: ../../include/watchdog.h
smtpd.o: ../../include/iostuff.h
smtpd.o: ../../include/mail_params.h
smtpd.o: ../../include/crate_clnt.h
smtpd.o: ../../include/attr_clnt.h
smtpd.o: ../../include/attr.h
smtpd.o: ../../include/record.h
smtpd.o: ../../include/rec_type.h
smtpd.o: ../../include/mail_proto.h
smtpd.o: ../../include/attr.h
smtpd.o: ../../include/cleanup_user.h
smtpd.o: ../../include/mail_date.h
smtpd.o: ../../include/mail_conf.h
@ -150,6 +148,8 @@ smtpd.o: ../../include/quote_flags.h
smtpd.o: ../../include/lex_822.h
smtpd.o: ../../include/namadr_list.h
smtpd.o: ../../include/input_transp.h
smtpd.o: ../../include/anvil_clnt.h
smtpd.o: ../../include/attr_clnt.h
smtpd.o: ../../include/mail_server.h
smtpd.o: smtpd_token.h
smtpd.o: smtpd.h
@ -175,8 +175,6 @@ smtpd_chat.o: ../../include/mail_proto.h
smtpd_chat.o: ../../include/iostuff.h
smtpd_chat.o: ../../include/attr.h
smtpd_chat.o: ../../include/mail_params.h
smtpd_chat.o: ../../include/crate_clnt.h
smtpd_chat.o: ../../include/attr_clnt.h
smtpd_chat.o: ../../include/mail_addr.h
smtpd_chat.o: ../../include/post_mail.h
smtpd_chat.o: ../../include/cleanup_user.h
@ -211,7 +209,6 @@ smtpd_check.o: ../../include/match_ops.h
smtpd_check.o: ../../include/namadr_list.h
smtpd_check.o: ../../include/domain_list.h
smtpd_check.o: ../../include/mail_params.h
smtpd_check.o: ../../include/crate_clnt.h
smtpd_check.o: ../../include/canon_addr.h
smtpd_check.o: ../../include/resolve_clnt.h
smtpd_check.o: ../../include/mail_error.h
@ -264,9 +261,6 @@ smtpd_proxy.o: ../../include/name_mask.h
smtpd_proxy.o: ../../include/smtp_stream.h
smtpd_proxy.o: ../../include/cleanup_user.h
smtpd_proxy.o: ../../include/mail_params.h
smtpd_proxy.o: ../../include/crate_clnt.h
smtpd_proxy.o: ../../include/attr_clnt.h
smtpd_proxy.o: ../../include/attr.h
smtpd_proxy.o: ../../include/rec_type.h
smtpd_proxy.o: smtpd.h
smtpd_proxy.o: ../../include/argv.h
@ -281,13 +275,10 @@ smtpd_sasl_glue.o: ../../include/match_list.h
smtpd_sasl_glue.o: ../../include/match_ops.h
smtpd_sasl_glue.o: ../../include/name_mask.h
smtpd_sasl_glue.o: ../../include/mail_params.h
smtpd_sasl_glue.o: ../../include/crate_clnt.h
smtpd_sasl_glue.o: ../../include/attr_clnt.h
smtpd_sasl_glue.o: ../../include/attr.h
smtpd_sasl_glue.o: ../../include/vstream.h
smtpd_sasl_glue.o: ../../include/vbuf.h
smtpd_sasl_glue.o: ../../include/smtp_stream.h
smtpd_sasl_glue.o: ../../include/vstring.h
smtpd_sasl_glue.o: ../../include/vbuf.h
smtpd_sasl_glue.o: ../../include/vstream.h
smtpd_sasl_glue.o: smtpd.h
smtpd_sasl_glue.o: ../../include/argv.h
smtpd_sasl_glue.o: ../../include/mail_stream.h
@ -298,13 +289,11 @@ smtpd_sasl_proto.o: ../../include/sys_defs.h
smtpd_sasl_proto.o: ../../include/msg.h
smtpd_sasl_proto.o: ../../include/mymalloc.h
smtpd_sasl_proto.o: ../../include/mail_params.h
smtpd_sasl_proto.o: ../../include/crate_clnt.h
smtpd_sasl_proto.o: ../../include/attr_clnt.h
smtpd_sasl_proto.o: ../../include/attr.h
smtpd_sasl_proto.o: ../../include/mail_proto.h
smtpd_sasl_proto.o: ../../include/vstream.h
smtpd_sasl_proto.o: ../../include/vbuf.h
smtpd_sasl_proto.o: ../../include/mail_proto.h
smtpd_sasl_proto.o: ../../include/iostuff.h
smtpd_sasl_proto.o: ../../include/attr.h
smtpd_sasl_proto.o: ../../include/mail_error.h
smtpd_sasl_proto.o: ../../include/name_mask.h
smtpd_sasl_proto.o: smtpd.h
@ -325,12 +314,10 @@ smtpd_state.o: ../../include/name_mask.h
smtpd_state.o: ../../include/msg.h
smtpd_state.o: ../../include/cleanup_user.h
smtpd_state.o: ../../include/mail_params.h
smtpd_state.o: ../../include/crate_clnt.h
smtpd_state.o: ../../include/attr_clnt.h
smtpd_state.o: ../../include/attr.h
smtpd_state.o: ../../include/mail_error.h
smtpd_state.o: ../../include/mail_proto.h
smtpd_state.o: ../../include/iostuff.h
smtpd_state.o: ../../include/attr.h
smtpd_state.o: smtpd.h
smtpd_state.o: ../../include/vstring.h
smtpd_state.o: ../../include/argv.h

36
postfix/src/smtpd/smtpd.c
View File

@ -240,13 +240,17 @@
/* only if the number of history lines exceeds the given threshold.
/* .IP \fBsmtpd_client_connection_count_limit\fR
/* The maximal number of simultaneous connections that any
/* client is allowed to make to this service.
/* client is allowed to make to this service. When a client exceeds
/* the limit, the SMTP server logs a warning with the client
/* name/address and the service name as configured in master.cf.
/* .IP \fBsmtpd_client_connection_rate_limit\fR
/* The maximal number of connections per unit time (specified
/* with \fBconnection_rate_time_unit\fR) that any client
/* is allowed to make to this service.
/* is allowed to make to this service. When a client exceeds
/* the limit, the SMTP server logs a warning with the client
/* name/address and the service name as configured in master.cf.
/* .IP \fBsmtpd_client_connection_limit_exceptions\fR
/* Hostnames, .domain names or network address blocks of clients
/* Hostnames, .domain names and/or network address blocks of clients
/* that are excluded from connection count or rate limits.
/* .SH Tarpitting
/* .ad
@ -456,7 +460,7 @@
#include <lex_822.h>
#include <namadr_list.h>
#include <input_transp.h>
#include <crate_clnt.h>
#include <anvil_clnt.h>
/* Single-threaded server skeleton. */
@ -588,7 +592,7 @@ static NAMADR_LIST *xloginfo_clients;
/*
* Client connection and rate limiting.
*/
CRATE_CLNT *crate_clnt;
ANVIL_CLNT *anvil_clnt;
static NAMADR_LIST *hogger_list;
/*
@ -1832,22 +1836,22 @@ static void smtpd_proto(SMTPD_STATE *state, const char *service)
case 0:
if (SMTPD_STAND_ALONE(state) == 0
&& crate_clnt
&& anvil_clnt
&& !namadr_list_match(hogger_list, state->name, state->addr)
&& crate_clnt_connect(crate_clnt, service, state->addr,
&count, &crate) == CRATE_STAT_OK) {
&& anvil_clnt_connect(anvil_clnt, service, state->addr,
&count, &crate) == ANVIL_STAT_OK) {
if (var_smtpd_cconn_limit > 0 && count > var_smtpd_cconn_limit) {
smtpd_chat_reply(state, "450 Too many connections from %s",
state->addr);
msg_warn("Too many connections from %s for service %s",
state->addr, service);
msg_warn("Too many connections: %d from %s for service %s",
count, state->addr, service);
break;
}
if (var_smtpd_crate_limit > 0 && crate > var_smtpd_crate_limit) {
smtpd_chat_reply(state, "450 Too many connections from %s",
state->addr);
msg_warn("Too frequent connections from %s for service %s",
state->addr, service);
msg_warn("Too frequent connections: %d from %s for service %s",
crate, state->addr, service);
break;
}
}
@ -1913,8 +1917,10 @@ static void smtpd_proto(SMTPD_STATE *state, const char *service)
}
break;
}
if (crate_clnt)
crate_clnt_disconnect(crate_clnt, service, state->addr);
if (SMTPD_STAND_ALONE(state) == 0
&& anvil_clnt
&& !namadr_list_match(hogger_list, state->name, state->addr))
anvil_clnt_disconnect(anvil_clnt, service, state->addr);
/*
* Log abnormal session termination, in case postmaster notification has
@ -2057,7 +2063,7 @@ static void post_jail_init(char *unused_name, char **unused_argv)
* Connection rate management.
*/
if (var_smtpd_crate_limit || var_smtpd_cconn_limit)
crate_clnt = crate_clnt_create();
anvil_clnt = anvil_clnt_create();
}
/* main - the main program */

3
postfix/src/spawn/Makefile.in
View File

@ -68,8 +68,5 @@ spawn.o: ../../include/split_at.h
spawn.o: ../../include/timed_wait.h
spawn.o: ../../include/set_eugid.h
spawn.o: ../../include/mail_params.h
spawn.o: ../../include/crate_clnt.h
spawn.o: ../../include/attr_clnt.h
spawn.o: ../../include/attr.h
spawn.o: ../../include/mail_server.h
spawn.o: ../../include/mail_conf.h

16
postfix/src/trivial-rewrite/Makefile.in
View File

@ -73,11 +73,9 @@ resolve.o: ../../include/valid_hostname.h
resolve.o: ../../include/stringops.h
resolve.o: ../../include/mymalloc.h
resolve.o: ../../include/mail_params.h
resolve.o: ../../include/crate_clnt.h
resolve.o: ../../include/attr_clnt.h
resolve.o: ../../include/attr.h
resolve.o: ../../include/mail_proto.h
resolve.o: ../../include/iostuff.h
resolve.o: ../../include/attr.h
resolve.o: ../../include/rewrite_clnt.h
resolve.o: ../../include/resolve_local.h
resolve.o: ../../include/mail_conf.h
@ -105,11 +103,9 @@ rewrite.o: ../../include/vstream.h
rewrite.o: ../../include/vstring_vstream.h
rewrite.o: ../../include/split_at.h
rewrite.o: ../../include/mail_params.h
rewrite.o: ../../include/crate_clnt.h
rewrite.o: ../../include/attr_clnt.h
rewrite.o: ../../include/attr.h
rewrite.o: ../../include/mail_proto.h
rewrite.o: ../../include/iostuff.h
rewrite.o: ../../include/attr.h
rewrite.o: ../../include/resolve_local.h
rewrite.o: ../../include/tok822.h
rewrite.o: ../../include/resolve_clnt.h
@ -128,14 +124,12 @@ transport.o: ../../include/vstream.h
transport.o: ../../include/argv.h
transport.o: ../../include/strip_addr.h
transport.o: ../../include/mail_params.h
transport.o: ../../include/crate_clnt.h
transport.o: ../../include/attr_clnt.h
transport.o: ../../include/attr.h
transport.o: ../../include/maps.h
transport.o: ../../include/match_parent_style.h
transport.o: ../../include/match_ops.h
transport.o: ../../include/mail_proto.h
transport.o: ../../include/iostuff.h
transport.o: ../../include/attr.h
transport.o: transport.h
trivial-rewrite.o: trivial-rewrite.c
trivial-rewrite.o: ../../include/sys_defs.h
@ -149,11 +143,9 @@ trivial-rewrite.o: ../../include/stringops.h
trivial-rewrite.o: ../../include/dict.h
trivial-rewrite.o: ../../include/argv.h
trivial-rewrite.o: ../../include/mail_params.h
trivial-rewrite.o: ../../include/crate_clnt.h
trivial-rewrite.o: ../../include/attr_clnt.h
trivial-rewrite.o: ../../include/attr.h
trivial-rewrite.o: ../../include/mail_proto.h
trivial-rewrite.o: ../../include/iostuff.h
trivial-rewrite.o: ../../include/attr.h
trivial-rewrite.o: ../../include/resolve_local.h
trivial-rewrite.o: ../../include/mail_conf.h
trivial-rewrite.o: ../../include/resolve_clnt.h

4
postfix/src/verify/Makefile.in
View File

@ -68,11 +68,9 @@ verify.o: ../../include/argv.h
verify.o: ../../include/split_at.h
verify.o: ../../include/mail_conf.h
verify.o: ../../include/mail_params.h
verify.o: ../../include/crate_clnt.h
verify.o: ../../include/attr_clnt.h
verify.o: ../../include/attr.h
verify.o: ../../include/mail_proto.h
verify.o: ../../include/iostuff.h
verify.o: ../../include/attr.h
verify.o: ../../include/post_mail.h
verify.o: ../../include/cleanup_user.h
verify.o: ../../include/verify_clnt.h

9
postfix/src/virtual/Makefile.in
View File

@ -87,9 +87,6 @@ mailbox.o: ../../include/deliver_request.h
mailbox.o: ../../include/recipient_list.h
mailbox.o: ../../include/sent.h
mailbox.o: ../../include/mail_params.h
mailbox.o: ../../include/crate_clnt.h
mailbox.o: ../../include/attr_clnt.h
mailbox.o: ../../include/attr.h
mailbox.o: ../../include/mail_addr_find.h
mailbox.o: ../../include/maps.h
mailbox.o: ../../include/dict.h
@ -115,9 +112,6 @@ maildir.o: ../../include/recipient_list.h
maildir.o: ../../include/defer.h
maildir.o: ../../include/sent.h
maildir.o: ../../include/mail_params.h
maildir.o: ../../include/crate_clnt.h
maildir.o: ../../include/attr_clnt.h
maildir.o: ../../include/attr.h
maildir.o: virtual.h
maildir.o: ../../include/maps.h
maildir.o: ../../include/dict.h
@ -168,9 +162,6 @@ virtual.o: ../../include/recipient_list.h
virtual.o: ../../include/deliver_request.h
virtual.o: ../../include/deliver_completed.h
virtual.o: ../../include/mail_params.h
virtual.o: ../../include/crate_clnt.h
virtual.o: ../../include/attr_clnt.h
virtual.o: ../../include/attr.h
virtual.o: ../../include/mail_conf.h
virtual.o: ../../include/mail_addr_find.h
virtual.o: ../../include/maps.h