From 787f2e15f79ab9826ce2bc8cf6afef4e11d40a99 Mon Sep 17 00:00:00 2001 From: Wietse Venema Date: Sun, 1 Apr 2018 00:00:00 -0500 Subject: [PATCH] postfix-3.4-20180401 --- postfix/HISTORY | 21 +++++++++++++++++++++ postfix/makedefs | 9 +++++++++ postfix/src/global/dict_mysql.c | 16 ++++++++++++---- postfix/src/global/mail_version.h | 2 +- postfix/src/local/Makefile.in | 1 + postfix/src/local/unknown.c | 20 +++++++++++++++++--- postfix/src/postconf/extract_cfg.sh | 3 +++ postfix/src/util/sys_defs.h | 1 + 8 files changed, 65 insertions(+), 8 deletions(-) diff --git a/postfix/HISTORY b/postfix/HISTORY index 21af1dbc5..165e75670 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -23342,3 +23342,24 @@ Apologies for any names omitted. built-in or service-defined parameters for ldap, *sql, etc. database names. Problem reported by Christian Rößner. Files: postconf/postconf_user.c. + +20180224 + + Workaround: postconf build did not abort if the m4 command + is not installed (on a system that does have the make command, + the awk command, the perl command, and the C compiler?!). + File: postconf/extract_cfg.sh. + +20180303 + + Portability: slight differences between MySQL and MariaDB. + Olli Hauer. File: global/dict_mysql.c. + +20180306 + + Bugfix (introduced: 19990302): when luser_relay specifies + a non-existent local address, the luser_relay feature becomes + a black hole. Reported by Jørgen Thomsen. File: local/unknown.c. + + Portability: FreeBSD 11 is supported. Files: makedefs, + util/sys_defs.h. diff --git a/postfix/makedefs b/postfix/makedefs index 4e2952b45..5449732b0 100644 --- a/postfix/makedefs +++ b/postfix/makedefs @@ -287,6 +287,15 @@ case "$SYSTEM.$RELEASE" in : ${SHLIB_ENV="LD_LIBRARY_PATH=`pwd`/lib"} : ${PLUGIN_LD="${CC} -shared"} ;; + FreeBSD.11*) SYSTYPE=FREEBSD11 + : ${CC=cc} + : ${SHLIB_SUFFIX=.so} + : ${SHLIB_CFLAGS=-fPIC} + : ${SHLIB_LD="${CC} -shared"' -Wl,-soname,${LIB}'} + : ${SHLIB_RPATH='-Wl,-rpath,${SHLIB_DIR}'} + : ${SHLIB_ENV="LD_LIBRARY_PATH=`pwd`/lib"} + : ${PLUGIN_LD="${CC} -shared"} + ;; DragonFly.*) SYSTYPE=DRAGONFLY ;; OpenBSD.2*) SYSTYPE=OPENBSD2 diff --git a/postfix/src/global/dict_mysql.c b/postfix/src/global/dict_mysql.c index 3a31a7e9a..77adb42a4 100644 --- a/postfix/src/global/dict_mysql.c +++ b/postfix/src/global/dict_mysql.c @@ -198,6 +198,14 @@ #include "dict_mysql.h" +/* MySQL 8.x API change */ + +#if defined(MARIADB_BASE_VERSION) && MYSQL_VERSION_ID >= 50023 +#define DICT_MYSQL_SSL_VERIFY_SERVER_CERT MYSQL_OPT_SSL_VERIFY_SERVER_CERT +#elif MYSQL_VERSION_ID >= 80000 +#define DICT_MYSQL_SSL_VERIFY_SERVER_CERT MYSQL_OPT_SSL_MODE +#endif + /* need some structs to help organize things */ typedef struct { MYSQL *db; @@ -237,7 +245,7 @@ typedef struct { char *tls_CAfile; char *tls_CApath; char *tls_ciphers; -#if MYSQL_VERSION_ID >= 50023 +#if defined(DICT_MYSQL_SSL_VERIFY_SERVER_CERT) int tls_verify_cert; #endif #endif @@ -656,9 +664,9 @@ static void plmysql_connect_single(DICT_MYSQL *dict_mysql, HOST *host) dict_mysql->tls_key_file, dict_mysql->tls_cert_file, dict_mysql->tls_CAfile, dict_mysql->tls_CApath, dict_mysql->tls_ciphers); -#if MYSQL_VERSION_ID >= 50023 +#if defined(DICT_MYSQL_SSL_VERIFY_SERVER_CERT) if (dict_mysql->tls_verify_cert != -1) - mysql_options(host->db, MYSQL_OPT_SSL_VERIFY_SERVER_CERT, + mysql_options(host->db, DICT_MYSQL_SSL_VERIFY_SERVER_CERT, &dict_mysql->tls_verify_cert); #endif #endif @@ -723,7 +731,7 @@ static void mysql_parse_config(DICT_MYSQL *dict_mysql, const char *mysqlcf) dict_mysql->tls_CAfile = cfg_get_str(p, "tls_CAfile", NULL, 0, 0); dict_mysql->tls_CApath = cfg_get_str(p, "tls_CApath", NULL, 0, 0); dict_mysql->tls_ciphers = cfg_get_str(p, "tls_ciphers", NULL, 0, 0); -#if MYSQL_VERSION_ID >= 50023 +#if defined(DICT_MYSQL_SSL_VERIFY_SERVER_CERT) dict_mysql->tls_verify_cert = cfg_get_bool(p, "tls_verify_cert", -1); #endif #endif diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h index 601f09a17..e63652161 100644 --- a/postfix/src/global/mail_version.h +++ b/postfix/src/global/mail_version.h @@ -20,7 +20,7 @@ * Patches change both the patchlevel and the release date. Snapshots have no * patchlevel; they change the release date only. */ -#define MAIL_RELEASE_DATE "20180222" +#define MAIL_RELEASE_DATE "20180401" #define MAIL_VERSION_NUMBER "3.4" #ifdef SNAPSHOT diff --git a/postfix/src/local/Makefile.in b/postfix/src/local/Makefile.in index a1f681602..648ad5133 100644 --- a/postfix/src/local/Makefile.in +++ b/postfix/src/local/Makefile.in @@ -651,6 +651,7 @@ unknown.o: ../../include/argv.h unknown.o: ../../include/attr.h unknown.o: ../../include/been_here.h unknown.o: ../../include/bounce.h +unknown.o: ../../include/canon_addr.h unknown.o: ../../include/check_arg.h unknown.o: ../../include/defer.h unknown.o: ../../include/deliver_pass.h diff --git a/postfix/src/local/unknown.c b/postfix/src/local/unknown.c index 733aa1350..c97cef39b 100644 --- a/postfix/src/local/unknown.c +++ b/postfix/src/local/unknown.c @@ -73,11 +73,14 @@ #include #include #include +#include /* Application-specific. */ #include "local.h" +#define STREQ(x,y) (strcasecmp((x),(y)) == 0) + /* deliver_unknown - delivery for unknown recipients */ int deliver_unknown(LOCAL_STATE state, USER_ATTR usr_attr) @@ -85,6 +88,7 @@ int deliver_unknown(LOCAL_STATE state, USER_ATTR usr_attr) const char *myname = "deliver_unknown"; int status; VSTRING *expand_luser; + VSTRING *canon_luser; static MAPS *transp_maps; const char *map_transport; @@ -139,8 +143,20 @@ int deliver_unknown(LOCAL_STATE state, USER_ATTR usr_attr) if (*var_luser_relay) { state.msg_attr.unmatched = 0; expand_luser = vstring_alloc(100); + canon_luser = vstring_alloc(100); local_expand(expand_luser, var_luser_relay, &state, &usr_attr, (void *) 0); - status = deliver_resolve_addr(state, usr_attr, STR(expand_luser)); + /* In case luser_relay specifies a domain-less address. */ + canon_addr_external(canon_luser, vstring_str(expand_luser)); + /* Assumes that the address resolver won't change the address. */ + if (STREQ(vstring_str(canon_luser), state.msg_attr.rcpt.address)) { + dsb_simple(state.msg_attr.why, "5.1.1", + "unknown user: \"%s\"", state.msg_attr.user); + status = bounce_append(BOUNCE_FLAGS(state.request), + BOUNCE_ATTR(state.msg_attr)); + } else { + status = deliver_resolve_addr(state, usr_attr, STR(expand_luser)); + } + vstring_free(canon_luser); vstring_free(expand_luser); return (status); } @@ -149,8 +165,6 @@ int deliver_unknown(LOCAL_STATE state, USER_ATTR usr_attr) * If no alias was found for a required reserved name, toss the message * into the bit bucket, and issue a warning instead. */ -#define STREQ(x,y) (strcasecmp(x,y) == 0) - if (STREQ(state.msg_attr.user, MAIL_ADDR_MAIL_DAEMON) || STREQ(state.msg_attr.user, MAIL_ADDR_POSTMASTER)) { msg_warn("required alias not found: %s", state.msg_attr.user); diff --git a/postfix/src/postconf/extract_cfg.sh b/postfix/src/postconf/extract_cfg.sh index d2faf98ab..5901e9514 100644 --- a/postfix/src/postconf/extract_cfg.sh +++ b/postfix/src/postconf/extract_cfg.sh @@ -38,6 +38,9 @@ # New York, NY 10011, USA #-- +# In case not installed. +m4