diff --git a/postfix/HISTORY b/postfix/HISTORY index cda458ed7..67d718529 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -19168,18 +19168,44 @@ Apologies for any names omitted. 20131119 - Bugfix (introduced: 20111211): the Postfix memcache client - did not propagate a persistent "open()" lock to the optional - backup database. File: global/dict_memcache.c. - Feature: a Postfix LMDB database can now be used as shared - cache. Until now only the Postfix memcache database could - be used in this manner. This is implemented by allowing a - database to downgrade the permanent DICT_FLAG_OPEN_LOCK - method to the temporary DICT_FLAG_LOCK method. Files: - util/dict.h, util/dict_alloc.c, util/dict_open.c, - util/dict_lmdb.c. + persistent cache with multiple postscreen(8) or verify(8) + daemons (but not both), without the need for a shared + proxymap server. Files: util/dict.h, util/dict_alloc.c, + util/dict_open.c, util/dict_lmdb.c. Internal: DNS client support to report reply RCODE information, in addition to the simplified DNS_NOTFOUND, DNS_RETRY etc. + Portability note: this requires the C99 __VA_ARGS__ feature. Files: dns/dns.h. dns/dns_lookup.c, dns/test_dns_lookup.c. + +20131120 + + Cleanup: reduced the code footprint for the LMDB < 0.9.10 + heap-to-file information leak workaround, and simplified + the implementation to "good enough". Files: util/dict.h, + util/dict.c, util/dict_lmdb.c, postalias/postalias.c, + postmap/postmap.c. + + Cleanup: reduced the code footprint for the handling of + multi-writer safe maps. A map only needs to assert that it + is multi-writer safe, and the rest just happens. Files: + util/dict.h, util/dict_open.c, util/dict_lmdb.c, + global/dict_memcache.c. + + Cleanup: Postfix daemons no longer restart when a multi-writer + safe map is updated. File: util/dict.c. + + Documentation: sharing an LMDB cache between multiple + verify(8) or postscreen(8) servers (but not both). Files: + proto/ADDRESS_VERIFICATION_README.html, + proto/POSTSCREEN_README.html. + + Cleanup: improve suppression of TLSA lookups in insecure + zones. This is now applied not only to non-MX destinations, + but also to each MX record. Viktor Dukhovni. Files: + src/posttls-finger/posttls-finger.c, src/smtp/smtp_tls_policy.c, + src/tls/tls.h, src/tls/tls_dane.c. + + Workaround: increased the 5s connection timeout to 30s. + Viktor Dukhovni. File: posttls-finger/posttls-finger.c. diff --git a/postfix/README_FILES/ADDRESS_VERIFICATION_README b/postfix/README_FILES/ADDRESS_VERIFICATION_README index 1241d875b..7aef096dd 100644 --- a/postfix/README_FILES/ADDRESS_VERIFICATION_README +++ b/postfix/README_FILES/ADDRESS_VERIFICATION_README @@ -292,23 +292,35 @@ parameter specifies persistent storage for sender or recipient address verification results. If you specify an empty value, all address verification results are lost after "postfix reload" or "postfix stop". + # Example 1: Default setting for Postfix 2.7 and later. + # Note: avoid hash files here. Use btree instead. /etc/postfix/main.cf: - # Default setting for Postfix 2.7 and later. - # Note: avoid hash files here. Use btree instead. address_verify_map = btree:$data_directory/verify_cache - # Shared persistent cache (requires Postfix 2.9 or later). - address_verify_map = proxy:btree:$data_directory/verify_cache - # Disable automatic cache cleanup in all Postfix instances except - # for one instance that will be responsible for cache cleanup. + # Example 2: Shared persistent lmdb: cache (Postfix 2.11 or later). + # Disable automatic cache cleanup in all Postfix instances except + # for one instance that will be responsible for cache cleanup. + /etc/postfix/main.cf: + address_verify_map = lmdb:$data_directory/verify_cache # address_verify_cache_cleanup_interval = 0 - # Shared memory cache (requires Postfix 2.9 or later). - # See memcache_table(5) for details. - address_verify_map = memcache:/etc/postfix/verify-memcache.cf + # Example 3: Shared persistent btree: cache (Postfix 2.9 or later). + # Disable automatic cache cleanup in all Postfix instances except + # for one instance that will be responsible for cache cleanup. + /etc/postfix/main.cf: + address_verify_map = proxy:btree:$data_directory/verify_cache + # address_verify_cache_cleanup_interval = 0 - # Default setting for Postfix 2.6 and earlier. - # This uses non-persistent storage only. + # Example 4: Shared memory cache (requires Postfix 2.9 or later). + # Disable automatic cache cleanup in all Postfix instances. + # See memcache_table(5) for details. + /etc/postfix/main.cf: + address_verify_map = memcache:/etc/postfix/verify-memcache.cf + address_verify_cache_cleanup_interval = 0 + + # Example 5: Default setting for Postfix 2.6 and earlier. + # This uses non-persistent storage only. + /etc/postfix/main.cf: address_verify_map = NOTE 1: The database file should be stored under a Postfix-owned directory, diff --git a/postfix/README_FILES/POSTSCREEN_README b/postfix/README_FILES/POSTSCREEN_README index a7253c670..1ca03a5c9 100644 --- a/postfix/README_FILES/POSTSCREEN_README +++ b/postfix/README_FILES/POSTSCREEN_README @@ -165,17 +165,8 @@ postscreen_cache_map parameter specifies the location of the temporary whitelist. The temporary whitelist is not used for SMTP client addresses that appear on the permanent access list. - NOTE: To share a postscreen(8) cache between multiple postscreen(8) - instances under the same master(8) daemon, use "postscreen_cache_map = - proxy:btree:$data_directory/postscreen_cache", and disable cache cleanup - (postscreen_cache_cleanup_interval = 0) in all postscreen(8) instances - except one that is responsible for cache cleanup. - - postscreen(8) cache sharing requires Postfix 2.9 or later; earlier proxymap - (8) implementations don't support cache cleanup. - - For an alternative postscreen(8) cache sharing approach, see the - memcache_table(5) manpage. +By default the temporary whitelist is not shared with other postscreen(8) +daemons. See Sharing the temporary whitelist below for alternatives. When the SMTP client address appears on the temporary whitelist, postscreen(8) logs this with the client address and port number as: @@ -551,6 +542,7 @@ systems. * postscreen(8) TLS configuration * Blocking mail with postscreen(8) * Turning off postscreen(8) + * Sharing the temporary whitelist TTuurrnniinngg oonn ppoossttssccrreeeenn((88)) wwiitthhoouutt bblloocckkiinngg mmaaiill @@ -754,6 +746,72 @@ processes: 6. Read the new configuration with "postfix reload". +SShhaarriinngg tthhee tteemmppoorraarryy wwhhiitteelliisstt + +By default, the temporary whitelist is not shared between multiple postscreen +(8) daemons. To enable sharing, choose one of the following options: + + * A non-persistent memcache: temporary whitelist can be shared between + postscreen(8) daemons on the same host or different hosts. Disable cache + cleanup (postscreen_cache_cleanup_interval = 0) in all postscreen(8) + daemons because memcache: does not implement this (but see example 4 below + for memcache: with persistent backup). This requires Postfix 2.9 or later. + + # Example 1: non-persistent memcache: whitelist. + /etc/postfix/main.cf: + postscreen_cache_map = memcache:/etc/postfix/postscreen_cache + postscreen_cache_cleanup_interval = 0 + + /etc/postfix/postscreen_cache: + memcache = inet:127.0.0.1:11211 + key_format = postscreen:%s + + * A persistent lmdb: temporary whitelist can be shared between postscreen(8) + daemons that run under the same master(8) daemon, or under different master + (8) daemons on the same host. Disable cache cleanup + (postscreen_cache_cleanup_interval = 0) in all postscreen(8) daemons except + one that is responsible for cache cleanup. This requires Postfix 2.11 or + later. + + # Example 2: persistent lmdb: whitelist. + /etc/postfix/main.cf: + postscreen_cache_map = lmdb:$data_directory/postscreen_cache + # See note 1 below. + # postscreen_cache_cleanup_interval = 0 + + * Other kinds of persistent temporary whitelist can be shared only between + postscreen(8) daemons that run under the same master(8) daemon. In this + case, temporary whitelist access must be shared through the proxymap(8) + daemon. This requires Postfix 2.9 or later. + + # Example 3: proxied btree: whitelist. + /etc/postfix/main.cf: + postscreen_cache_map = + proxy:btree:/var/lib/postfix/postscreen_cache + # See note 1 below. + # postscreen_cache_cleanup_interval = 0 + + # Example 4: proxied btree: whitelist with memcache: accelerator. + /etc/postfix/main.cf: + postscreen_cache_map = memcache:/etc/postfix/postscreen_cache + proxy_write_maps = + proxy:btree:/var/lib/postfix/postscreen_cache + ... other proxied tables ... + # See note 1 below. + # postscreen_cache_cleanup_interval = 0 + + /etc/postfix/postscreen_cache: + # Note: the $data_directory macro is not defined in this context. + memcache = inet:127.0.0.1:11211 + backup = proxy:btree:/var/lib/postfix/postscreen_cache + key_format = postscreen:%s + + Note 1: disable cache cleanup (postscreen_cache_cleanup_interval = 0) in + all postscreen(8) daemons except one that is responsible for cache cleanup. + + Note 2: postscreen(8) cache sharing via proxymap(8) requires Postfix 2.9 or + later; earlier proxymap(8) implementations don't support cache cleanup. + HHiissttoorriiccaall nnootteess aanndd ccrreeddiittss Many ideas in postscreen(8) were explored in earlier work by Michael Tokarev, diff --git a/postfix/html/ADDRESS_VERIFICATION_README.html b/postfix/html/ADDRESS_VERIFICATION_README.html index 1aac06357..541c55619 100644 --- a/postfix/html/ADDRESS_VERIFICATION_README.html +++ b/postfix/html/ADDRESS_VERIFICATION_README.html @@ -454,23 +454,35 @@ results are lost after "postfix reload" or "postfix stop".
diff --git a/postfix/html/POSTSCREEN_README.html b/postfix/html/POSTSCREEN_README.html index ca007ed3f..6aecf5948 100644 --- a/postfix/html/POSTSCREEN_README.html +++ b/postfix/html/POSTSCREEN_README.html @@ -227,24 +227,9 @@ specifies the location of the temporary whitelist. The temporary whitelist is not used for SMTP client addresses that appear on the permanent access list. -+# Example 1: Default setting for Postfix 2.7 and later. +# Note: avoid hash files here. Use btree instead. /etc/postfix/main.cf: - # Default setting for Postfix 2.7 and later. - # Note: avoid hash files here. Use btree instead. address_verify_map = btree:$data_directory/verify_cache - # Shared persistent cache (requires Postfix 2.9 or later). - address_verify_map = proxy:btree:$data_directory/verify_cache - # Disable automatic cache cleanup in all Postfix instances except - # for one instance that will be responsible for cache cleanup. +# Example 2: Shared persistent lmdb: cache (Postfix 2.11 or later). +# Disable automatic cache cleanup in all Postfix instances except +# for one instance that will be responsible for cache cleanup. +/etc/postfix/main.cf: + address_verify_map = lmdb:$data_directory/verify_cache # address_verify_cache_cleanup_interval = 0 - # Shared memory cache (requires Postfix 2.9 or later). - # See memcache_table(5) for details. - address_verify_map = memcache:/etc/postfix/verify-memcache.cf +# Example 3: Shared persistent btree: cache (Postfix 2.9 or later). +# Disable automatic cache cleanup in all Postfix instances except +# for one instance that will be responsible for cache cleanup. +/etc/postfix/main.cf: + address_verify_map = proxy:btree:$data_directory/verify_cache + # address_verify_cache_cleanup_interval = 0 - # Default setting for Postfix 2.6 and earlier. - # This uses non-persistent storage only. +# Example 4: Shared memory cache (requires Postfix 2.9 or later). +# Disable automatic cache cleanup in all Postfix instances. +# See memcache_table(5) for details. +/etc/postfix/main.cf: + address_verify_map = memcache:/etc/postfix/verify-memcache.cf + address_verify_cache_cleanup_interval = 0 + +# Example 5: Default setting for Postfix 2.6 and earlier. +# This uses non-persistent storage only. +/etc/postfix/main.cf: address_verify_map =
- -+NOTE: To share a postscreen(8) cache between multiple - postscreen(8) instances under the same master(8) daemon, use - "postscreen_cache_map = - proxy:btree:$data_directory/postscreen_cache", and disable - cache cleanup (postscreen_cache_cleanup_interval = 0) in all - postscreen(8) instances except one that is responsible for cache - cleanup.
- -postscreen(8) cache sharing requires Postfix 2.9 or later; - earlier proxymap(8) implementations don't support cache cleanup. -
- -For an alternative postscreen(8) cache sharing approach, - see the memcache_table(5) manpage.
- -
By default the temporary whitelist is not shared with other +postscreen(8) daemons. See Sharing +the temporary whitelist below for alternatives.
When the SMTP client address appears on the temporary whitelist, postscreen(8) logs this with the client address and port @@ -775,6 +760,9 @@ mail
By default, the temporary whitelist is not shared between +multiple postscreen(8) daemons. To enable sharing, choose one +of the following options:
+ +A non-persistent memcache: temporary whitelist can be shared + between postscreen(8) daemons on the same host or different + hosts. Disable cache cleanup (postscreen_cache_cleanup_interval + = 0) in all postscreen(8) daemons because memcache: does not + implement this (but see example 4 below for memcache: with + persistent backup). This requires Postfix 2.9 or later.
+ ++ # Example 1: non-persistent memcache: whitelist. + /etc/postfix/main.cf: + postscreen_cache_map = memcache:/etc/postfix/postscreen_cache + postscreen_cache_cleanup_interval = 0 + + /etc/postfix/postscreen_cache: + memcache = inet:127.0.0.1:11211 + key_format = postscreen:%s ++ +
A persistent lmdb: temporary whitelist can be shared between + postscreen(8) daemons that run under the same master(8) daemon, + or under different master(8) daemons on the same host. Disable + cache cleanup (postscreen_cache_cleanup_interval = 0) in all + postscreen(8) daemons except one that is responsible for cache + cleanup. This requires Postfix 2.11 or later.
+ ++ # Example 2: persistent lmdb: whitelist. + /etc/postfix/main.cf: + postscreen_cache_map = lmdb:$data_directory/postscreen_cache + # See note 1 below. + # postscreen_cache_cleanup_interval = 0 ++ +
Other kinds of persistent temporary whitelist can be shared + only between postscreen(8) daemons that run under the same + master(8) daemon. In this case, temporary whitelist access must + be shared through the proxymap(8) daemon. This requires Postfix + 2.9 or later.
+ ++ # Example 3: proxied btree: whitelist. + /etc/postfix/main.cf: + postscreen_cache_map = + proxy:btree:/var/lib/postfix/postscreen_cache + # See note 1 below. + # postscreen_cache_cleanup_interval = 0 + + # Example 4: proxied btree: whitelist with memcache: accelerator. + /etc/postfix/main.cf: + postscreen_cache_map = memcache:/etc/postfix/postscreen_cache + proxy_write_maps = + proxy:btree:/var/lib/postfix/postscreen_cache + ... other proxied tables ... + # See note 1 below. + # postscreen_cache_cleanup_interval = 0 + + /etc/postfix/postscreen_cache: + # Note: the $data_directory macro is not defined in this context. + memcache = inet:127.0.0.1:11211 + backup = proxy:btree:/var/lib/postfix/postscreen_cache + key_format = postscreen:%s ++ +
Note 1: disable cache cleanup (postscreen_cache_cleanup_interval + = 0) in all postscreen(8) daemons except one that is responsible + for cache cleanup.
+ +Note 2: postscreen(8) cache sharing via proxymap(8) requires Postfix + 2.9 or later; earlier proxymap(8) implementations don't support + cache cleanup.
+ +Many ideas in postscreen(8) were explored in earlier work by diff --git a/postfix/html/posttls-finger.1.html b/postfix/html/posttls-finger.1.html index 3e449ec61..1848d6d24 100644 --- a/postfix/html/posttls-finger.1.html +++ b/postfix/html/posttls-finger.1.html @@ -286,7 +286,7 @@ POSTTLS-FINGER(1) POSTTLS-FINGER(1) tive ports can specified by appending ":service- name" or ":portnumber" to the destination argument. - -t timeout (default: 5) + -t timeout (default: 30) The TCP connection timeout to use. This is also the timeout for reading the remote server's 220 banner. diff --git a/postfix/man/man1/posttls-finger.1 b/postfix/man/man1/posttls-finger.1 index 3ba4e7b43..3848c9f8b 100644 --- a/postfix/man/man1/posttls-finger.1 +++ b/postfix/man/man1/posttls-finger.1 @@ -226,7 +226,7 @@ Disable SMTP; that is, connect to an LMTP server. The default port for LMTP over TCP is 24. Alternative ports can specified by appending "\fI:servicename\fR" or ":\fIportnumber\fR" to the destination argument. -.IP "\fB-t \fItimeout\fR (default: \fB5\fR)" +.IP "\fB-t \fItimeout\fR (default: \fB30\fR)" The TCP connection timeout to use. This is also the timeout for reading the remote server's 220 banner. .IP "\fB-T \fItimeout\fR (default: \fB30\fR)" diff --git a/postfix/proto/ADDRESS_VERIFICATION_README.html b/postfix/proto/ADDRESS_VERIFICATION_README.html index f79ebc672..c62ee75e6 100644 --- a/postfix/proto/ADDRESS_VERIFICATION_README.html +++ b/postfix/proto/ADDRESS_VERIFICATION_README.html @@ -454,23 +454,35 @@ results are lost after "postfix reload" or "postfix stop".
diff --git a/postfix/proto/POSTSCREEN_README.html b/postfix/proto/POSTSCREEN_README.html index f91c63a96..8be94cbc4 100644 --- a/postfix/proto/POSTSCREEN_README.html +++ b/postfix/proto/POSTSCREEN_README.html @@ -227,24 +227,9 @@ specifies the location of the temporary whitelist. The temporary whitelist is not used for SMTP client addresses that appear on the permanent access list. -+# Example 1: Default setting for Postfix 2.7 and later. +# Note: avoid hash files here. Use btree instead. /etc/postfix/main.cf: - # Default setting for Postfix 2.7 and later. - # Note: avoid hash files here. Use btree instead. address_verify_map = btree:$data_directory/verify_cache - # Shared persistent cache (requires Postfix 2.9 or later). - address_verify_map = proxy:btree:$data_directory/verify_cache - # Disable automatic cache cleanup in all Postfix instances except - # for one instance that will be responsible for cache cleanup. +# Example 2: Shared persistent lmdb: cache (Postfix 2.11 or later). +# Disable automatic cache cleanup in all Postfix instances except +# for one instance that will be responsible for cache cleanup. +/etc/postfix/main.cf: + address_verify_map = lmdb:$data_directory/verify_cache # address_verify_cache_cleanup_interval = 0 - # Shared memory cache (requires Postfix 2.9 or later). - # See memcache_table(5) for details. - address_verify_map = memcache:/etc/postfix/verify-memcache.cf +# Example 3: Shared persistent btree: cache (Postfix 2.9 or later). +# Disable automatic cache cleanup in all Postfix instances except +# for one instance that will be responsible for cache cleanup. +/etc/postfix/main.cf: + address_verify_map = proxy:btree:$data_directory/verify_cache + # address_verify_cache_cleanup_interval = 0 - # Default setting for Postfix 2.6 and earlier. - # This uses non-persistent storage only. +# Example 4: Shared memory cache (requires Postfix 2.9 or later). +# Disable automatic cache cleanup in all Postfix instances. +# See memcache_table(5) for details. +/etc/postfix/main.cf: + address_verify_map = memcache:/etc/postfix/verify-memcache.cf + address_verify_cache_cleanup_interval = 0 + +# Example 5: Default setting for Postfix 2.6 and earlier. +# This uses non-persistent storage only. +/etc/postfix/main.cf: address_verify_map =
- -+NOTE: To share a postscreen(8) cache between multiple - postscreen(8) instances under the same master(8) daemon, use - "postscreen_cache_map = - proxy:btree:$data_directory/postscreen_cache", and disable - cache cleanup (postscreen_cache_cleanup_interval = 0) in all - postscreen(8) instances except one that is responsible for cache - cleanup.
- -postscreen(8) cache sharing requires Postfix 2.9 or later; - earlier proxymap(8) implementations don't support cache cleanup. -
- -For an alternative postscreen(8) cache sharing approach, - see the memcache_table(5) manpage.
- -
By default the temporary whitelist is not shared with other +postscreen(8) daemons. See Sharing +the temporary whitelist below for alternatives.
When the SMTP client address appears on the temporary whitelist, postscreen(8) logs this with the client address and port @@ -775,6 +760,9 @@ mail
By default, the temporary whitelist is not shared between +multiple postscreen(8) daemons. To enable sharing, choose one +of the following options:
+ +A non-persistent memcache: temporary whitelist can be shared + between postscreen(8) daemons on the same host or different + hosts. Disable cache cleanup (postscreen_cache_cleanup_interval + = 0) in all postscreen(8) daemons because memcache: does not + implement this (but see example 4 below for memcache: with + persistent backup). This requires Postfix 2.9 or later.
+ ++ # Example 1: non-persistent memcache: whitelist. + /etc/postfix/main.cf: + postscreen_cache_map = memcache:/etc/postfix/postscreen_cache + postscreen_cache_cleanup_interval = 0 + + /etc/postfix/postscreen_cache: + memcache = inet:127.0.0.1:11211 + key_format = postscreen:%s ++ +
A persistent lmdb: temporary whitelist can be shared between + postscreen(8) daemons that run under the same master(8) daemon, + or under different master(8) daemons on the same host. Disable + cache cleanup (postscreen_cache_cleanup_interval = 0) in all + postscreen(8) daemons except one that is responsible for cache + cleanup. This requires Postfix 2.11 or later.
+ ++ # Example 2: persistent lmdb: whitelist. + /etc/postfix/main.cf: + postscreen_cache_map = lmdb:$data_directory/postscreen_cache + # See note 1 below. + # postscreen_cache_cleanup_interval = 0 ++ +
Other kinds of persistent temporary whitelist can be shared + only between postscreen(8) daemons that run under the same + master(8) daemon. In this case, temporary whitelist access must + be shared through the proxymap(8) daemon. This requires Postfix + 2.9 or later.
+ ++ # Example 3: proxied btree: whitelist. + /etc/postfix/main.cf: + postscreen_cache_map = + proxy:btree:/var/lib/postfix/postscreen_cache + # See note 1 below. + # postscreen_cache_cleanup_interval = 0 + + # Example 4: proxied btree: whitelist with memcache: accelerator. + /etc/postfix/main.cf: + postscreen_cache_map = memcache:/etc/postfix/postscreen_cache + proxy_write_maps = + proxy:btree:/var/lib/postfix/postscreen_cache + ... other proxied tables ... + # See note 1 below. + # postscreen_cache_cleanup_interval = 0 + + /etc/postfix/postscreen_cache: + # Note: the $data_directory macro is not defined in this context. + memcache = inet:127.0.0.1:11211 + backup = proxy:btree:/var/lib/postfix/postscreen_cache + key_format = postscreen:%s ++ +
Note 1: disable cache cleanup (postscreen_cache_cleanup_interval + = 0) in all postscreen(8) daemons except one that is responsible + for cache cleanup.
+ +Note 2: postscreen(8) cache sharing via proxymap(8) requires Postfix + 2.9 or later; earlier proxymap(8) implementations don't support + cache cleanup.
+ + Many ideas in postscreen(8) were explored in earlier work by
diff --git a/postfix/src/dns/dns_lookup.c b/postfix/src/dns/dns_lookup.c
index 4fe4b2ef3..0eb8ab4f4 100644
--- a/postfix/src/dns/dns_lookup.c
+++ b/postfix/src/dns/dns_lookup.c
@@ -98,9 +98,6 @@
/* Request DNSSEC validation. This flag is silently ignored
/* when the system stub resolver API, resolver(3), does not
/* implement DNSSEC.
-/* .IP
-/* Pointer to storage for the reply RCODE value. This gives
-/* more detailed information than DNS_FAIL, DNS_RETRY, etc.
/* .RE
/* .IP lflags
/* Multi-type request control for dns_lookup_l() and dns_lookup_v().
@@ -132,6 +129,9 @@
/* name found for \fIname\fR.
/* .IP why
/* A null pointer, or storage for the reason for failure.
+/* .IP rcode
+/* Pointer to storage for the reply RCODE value. This gives
+/* more detailed information than DNS_FAIL, DNS_RETRY, etc.
/* DIAGNOSTICS
/* dns_lookup() returns one of the following codes and sets the
/* \fIwhy\fR argument accordingly:
diff --git a/postfix/src/global/dict_memcache.c b/postfix/src/global/dict_memcache.c
index 34c0a7383..161e0c880 100644
--- a/postfix/src/global/dict_memcache.c
+++ b/postfix/src/global/dict_memcache.c
@@ -574,29 +574,10 @@ DICT *dict_memcache_open(const char *name, int open_flags, int dict_flags)
(char *) 0, 0, 0);
if (backup) {
dict_mc->backup = dict_open(backup, open_flags, dict_flags);
- /* Expose backup lock and status to caller. */
- dict_mc->dict.lock = dict_mc->backup->lock;
- dict_mc->dict.lock_type = dict_mc->backup->lock_type;
- dict_mc->dict.lock_fd = dict_mc->backup->lock_fd;
- dict_mc->dict.stat_fd = dict_mc->backup->stat_fd;
myfree(backup);
} else
dict_mc->backup = 0;
- /*
- * Memcached is write-share safe. If the backup database is also
- * write-share safe, e.g. it has downgraded its persistent lock to
- * temporary, then expose that downgraded lock to the caller.
- */
- if ((dict_flags & DICT_FLAG_OPEN_LOCK) != 0
- && (dict_mc->backup == 0
- || dict_mc->backup->lock_fd < 0
- || ((dict_mc->backup->flags & DICT_FLAG_OPEN_LOCK) == 0
- && (dict_mc->backup->flags & DICT_FLAG_LOCK) != 0))) {
- dict_mc->dict.flags &= ~DICT_FLAG_OPEN_LOCK;
- dict_mc->dict.flags |= DICT_FLAG_LOCK;
- }
-
/*
* Parse templates and common database parameters. Maps that use
* substring keys should only be used with the full input key.
@@ -611,5 +592,7 @@ DICT *dict_memcache_open(const char *name, int open_flags, int dict_flags)
else
dict_mc->dict.flags |= DICT_FLAG_FIXED;
+ dict_mc->dict.flags |= DICT_FLAG_MULTI_WRITER;
+
return (&dict_mc->dict);
}
diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h
index 3799c7bbf..27001e164 100644
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -20,7 +20,7 @@
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20131119"
+#define MAIL_RELEASE_DATE "20131120"
#define MAIL_VERSION_NUMBER "2.11"
#ifdef SNAPSHOT
diff --git a/postfix/src/postalias/postalias.c b/postfix/src/postalias/postalias.c
index fd5351534..430c15641 100644
--- a/postfix/src/postalias/postalias.c
+++ b/postfix/src/postalias/postalias.c
@@ -290,7 +290,6 @@ static void postalias(char *map_type, char *path_name, int postalias_flags,
if ((source_fp = vstream_fopen(path_name, O_RDONLY, 0)) == 0)
msg_fatal("open %s: %m", path_name);
}
- dict_flags |= DICT_FLAG_WORLD_READ;
if (fstat(vstream_fileno(source_fp), &st) < 0)
msg_fatal("fstat %s: %m", path_name);
diff --git a/postfix/src/postmap/postmap.c b/postfix/src/postmap/postmap.c
index 26348041e..e10ac1669 100644
--- a/postfix/src/postmap/postmap.c
+++ b/postfix/src/postmap/postmap.c
@@ -353,7 +353,6 @@ static void postmap(char *map_type, char *path_name, int postmap_flags,
if ((source_fp = vstream_fopen(path_name, O_RDONLY, 0)) == 0)
msg_fatal("open %s: %m", path_name);
}
- dict_flags |= DICT_FLAG_WORLD_READ;
if (fstat(vstream_fileno(source_fp), &st) < 0)
msg_fatal("fstat %s: %m", path_name);
diff --git a/postfix/src/posttls-finger/posttls-finger.c b/postfix/src/posttls-finger/posttls-finger.c
index 2971c30b3..82d3aeb7d 100644
--- a/postfix/src/posttls-finger/posttls-finger.c
+++ b/postfix/src/posttls-finger/posttls-finger.c
@@ -220,7 +220,7 @@
/* LMTP over TCP is 24. Alternative ports can specified by appending
/* "\fI:servicename\fR" or ":\fIportnumber\fR" to the destination
/* argument.
-/* .IP "\fB-t \fItimeout\fR (default: \fB5\fR)"
+/* .IP "\fB-t \fItimeout\fR (default: \fB30\fR)"
/* The TCP connection timeout to use. This is also the timeout for
/* reading the remote server's 220 banner.
/* .IP "\fB-T \fItimeout\fR (default: \fB30\fR)"
@@ -358,7 +358,7 @@
*/
#include "tlsmgrmem.h"
-static int conn_tmout = 5;
+static int conn_tmout = 30;
static int smtp_tmout = 30;
#define HOST_FLAG_DNS (1<<0)
@@ -1163,26 +1163,10 @@ static DNS_RR *host_addr(STATE *state, const char *host)
static int dane_host_level(STATE *state, DNS_RR *addr)
{
int level = state->level;
- int valid;
- int mxvalid;
#ifdef USE_TLS
if (level == TLS_LEV_DANE) {
-
- /*
- * Suppress TLSA lookups for non-DNSSEC + non-MX + non-CNAME hosts.
- * If the host address is not DNSSEC validated, the TLSA RRset is
- * safely assumed to not be in a DNSSEC Look-aside Validation child
- * zone.
- */
- mxvalid = state->mx == 0 || state->mx->dnssec_valid;
- valid = addr->dnssec_valid;
- if (!state->force_tlsa
- && !valid
- && state->mx == 0
- && strcmp(addr->qname, addr->rname) == 0)
- mxvalid = 0;
- if (mxvalid) {
+ if (state->mx == 0 || state->mx->dnssec_valid) {
if (state->log_mask & (TLS_LOG_CERTMATCH | TLS_LOG_VERBOSE))
tls_dane_verbose(1);
else
@@ -1192,19 +1176,19 @@ static int dane_host_level(STATE *state, DNS_RR *addr)
if (state->ddane)
tls_dane_free(state->ddane);
- /* When TLSA lookups fail, next host */
- state->ddane = tls_dane_resolve(addr->qname,
- valid ? addr->rname : 0,
- "tcp", state->port);
+ /*
+ * When TLSA lookups fail, next host. If unusable or not found,
+ * fallback to "secure"
+ */
+ state->ddane = tls_dane_resolve(state->port, "tcp", addr,
+ state->force_tlsa);
if (!state->ddane) {
dsb_simple(state->why, "4.7.5",
"TLSA lookup error for %s:%u",
HNAME(addr), ntohs(state->port));
- return (TLS_LEV_INVALID);
- }
- /* If unusable or not found, same fallback to "secure" */
- if (tls_dane_notfound(state->ddane)
- || tls_dane_unusable(state->ddane)) {
+ level = TLS_LEV_INVALID;
+ } else if (tls_dane_notfound(state->ddane)
+ || tls_dane_unusable(state->ddane)) {
if (msg_verbose)
msg_info("no %sTLSA records found, "
"resorting to \"secure\"",
diff --git a/postfix/src/smtp/smtp_tls_policy.c b/postfix/src/smtp/smtp_tls_policy.c
index 9d881903d..4f3fae10b 100644
--- a/postfix/src/smtp/smtp_tls_policy.c
+++ b/postfix/src/smtp/smtp_tls_policy.c
@@ -712,8 +712,6 @@ static int global_tls_level(void)
static void dane_init(SMTP_TLS_POLICY *tls, SMTP_ITERATOR *iter)
{
TLS_DANE *dane;
- int valid;
- int mxvalid;
if (!iter->port) {
msg_warn("%s: the \"dane\" security level is invalid for delivery via"
@@ -764,20 +762,8 @@ static void dane_init(SMTP_TLS_POLICY *tls, SMTP_ITERATOR *iter)
* nexthop domain, or if the MX RRset is DNS validated, we can at least
* try DANE with the destination host prior to CNAME expansion, but we
* prefer CNAME expanded MX hosts if those are also secure.
- *
- * By default suppress TLSA lookups for non-DNSSEC + non-MX + non-CNAME
- * hosts. If the host address is not DNSSEC validated, the TLSA RRset is
- * safely assumed to not be in a DNSSEC Look-aside Validation child zone.
*/
- mxvalid = iter->mx == 0 || iter->mx->dnssec_valid;
- valid = iter->rr && iter->rr->dnssec_valid;
- if (!var_smtp_tls_force_tlsa
- && !valid
- && iter->mx == 0
- && strcmp(iter->rr->qname, iter->rr->rname) == 0)
- mxvalid = 0;
-
- if (!mxvalid) {
+ if (iter->mx && !iter->mx->dnssec_valid) {
if (tls->level == TLS_LEV_DANE) {
tls->level = TLS_LEV_MAY;
if (msg_verbose)
@@ -789,8 +775,8 @@ static void dane_init(SMTP_TLS_POLICY *tls, SMTP_ITERATOR *iter)
return;
}
/* When TLSA lookups fail, we defer the message */
- if ((dane = tls_dane_resolve(iter->rr->qname, valid ? iter->rr->rname : 0,
- "tcp", iter->port)) == 0) {
+ if ((dane = tls_dane_resolve(iter->port, "tcp", iter->rr,
+ var_smtp_tls_force_tlsa)) == 0) {
tls->level = TLS_LEV_INVALID;
dsb_simple(tls->why, "4.7.5", "TLSA lookup error for %s:%u",
STR(iter->host), ntohs(iter->port));
diff --git a/postfix/src/tls/tls.h b/postfix/src/tls/tls.h
index 9d1fde2f6..cd4c2fcd2 100644
--- a/postfix/src/tls/tls.h
+++ b/postfix/src/tls/tls.h
@@ -90,6 +90,7 @@ extern const NAME_CODE tls_level_table[];
#include