postfix-2.1.3

2025-08-29 13:18:12 +00:00 · 2004-06-16 00:00:00 -05:00 · 2004-06-16 00:00:00 -05:00 · 955a512c02
commit 955a512c02
parent c302f4a4bf
15 changed files with 63 additions and 25 deletions
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@ -9373,3 +9373,19 @@ Apologies for any names omitted.
 	John Heasley. File: util/sys_defs.h.

 	Documentation: typo fixes by IKEDA Nozomu.
+
+20040616
+
+	Bugfix: one missed variadic argument list fix. Victor
+	Duchovni, Morgan Stanley. File: global/verify.c.
+
+	Bugfix: the resolver client cache should be context dependent
+	because address verification probes may use a different
+	route than normal mail deliveries. File: global/resolve_clnt.c.
+
+	Safety: added similar context dependence to the address
+	rewriting client in order to avoid trouble when Postfix is
+	changed. File: global/rewrite_clnt.c.
+
+	Bugfix: space in HELO commands could end up in XFORWARD
+	commands.  File: smtpd/smtpd.c.
--- a/postfix/README_FILES/BASIC_CONFIGURATION_README
+++ b/postfix/README_FILES/BASIC_CONFIGURATION_README
@ -116,8 +116,8 @@ small site, you probably want to change that into $mydomain, which defaults to
 the parent domain of the machine name.

 For the sake of consistency between sender and recipient addresses, myorigin
-also specifies the default domain name that is appended to an unqualified
-recipient address.
+also specifies the domain name that is appended to an unqualified recipient
+address.

 Examples (specify only one of the following):

--- a/postfix/html/BASIC_CONFIGURATION_README.html
+++ b/postfix/html/BASIC_CONFIGURATION_README.html
@ -187,7 +187,7 @@ want to change that into $<a href="postconf.5.html#mydomain">mydomain</a>, which
 domain of the machine name. </p>

 <p> For the sake of consistency between sender and recipient addresses,
-<a href="postconf.5.html#myorigin">myorigin</a> also specifies the <a href="ADDRESS_CLASS_README.html#default_domain_class">default domain</a> name that is appended
+<a href="postconf.5.html#myorigin">myorigin</a> also specifies the domain name that is appended
 to an unqualified recipient address. </p>

 <p> Examples (specify only one of the following): </p>
--- a/postfix/html/postconf.5.html
+++ b/postfix/html/postconf.5.html
@ -3335,7 +3335,7 @@ What addresses are subject to address masquerading.
 </p>

 <p>
-By default, address masquerading is limited to envelope recipient
+By default, address masquerading is limited to envelope sender
 addresses, and to header sender and header recipient addresses.
 This allows you to use address masquerading on a mail gateway while
 still being able to forward mail to users on individual machines.
@ -3773,7 +3773,7 @@ configuration parameter. </p>
 (default: $<a href="postconf.5.html#myhostname">myhostname</a>)</b></DT><DD>

 <p>
-The <a href="ADDRESS_CLASS_README.html#default_domain_class">default domain</a> name that locally-posted mail appears to come
+The domain name that locally-posted mail appears to come
 from, and that locally posted mail is delivered to. The default,
 $<a href="postconf.5.html#myhostname">myhostname</a>, is adequate for small sites.  If you run a domain with
 multiple machines, you should (1) change this to $<a href="postconf.5.html#mydomain">mydomain</a> and (2)
--- a/postfix/html/smtpd.8.html
+++ b/postfix/html/smtpd.8.html
@ -708,9 +708,9 @@ SMTPD(8)                                                 SMTPD(8)
              privileges than "strangers".

       <b><a href="postconf.5.html#myorigin">myorigin</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b>
-              The  default  domain  name that locally-posted mail
-              appears to come from, and that locally posted  mail
-              is delivered to.
+              The domain name that locally-posted mail appears to
+              come from, and that locally posted mail  is  deliv-
+              ered to.

       <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
              The  process ID of a Postfix command or daemon pro-
--- a/postfix/man/man5/postconf.5
+++ b/postfix/man/man5/postconf.5
@ -1670,7 +1670,7 @@ Do not change this unless you have a complete understanding of RFC 821.
 .SH masquerade_classes (default: envelope_sender, header_sender, header_recipient)
 What addresses are subject to address masquerading.
 .PP
-By default, address masquerading is limited to envelope recipient
+By default, address masquerading is limited to envelope sender
 addresses, and to header sender and header recipient addresses.
 This allows you to use address masquerading on a mail gateway while
 still being able to forward mail to users on individual machines.
@ -1929,7 +1929,7 @@ Postfix to "trust" your entire provider's network.  Instead, specify
 an explicit mynetworks list by hand, as described with the mynetworks
 configuration parameter.
 .SH myorigin (default: $myhostname)
-The default domain name that locally-posted mail appears to come
+The domain name that locally-posted mail appears to come
 from, and that locally posted mail is delivered to. The default,
 $myhostname, is adequate for small sites.  If you run a domain with
 multiple machines, you should (1) change this to $mydomain and (2)
--- a/postfix/man/man8/smtpd.8
+++ b/postfix/man/man8/smtpd.8
@ -580,7 +580,7 @@ The internet hostname of this mail system.
 The list of "trusted" SMTP clients that have more privileges than
 "strangers".
 .IP "\fBmyorigin ($myhostname)\fR"
-The default domain name that locally-posted mail appears to come
+The domain name that locally-posted mail appears to come
 from, and that locally posted mail is delivered to.
 .IP "\fBprocess_id (read-only)\fR"
 The process ID of a Postfix command or daemon process.
--- a/postfix/proto/BASIC_CONFIGURATION_README.html
+++ b/postfix/proto/BASIC_CONFIGURATION_README.html
@ -187,7 +187,7 @@ want to change that into $mydomain, which defaults to the parent
 domain of the machine name. </p>

 <p> For the sake of consistency between sender and recipient addresses,
-myorigin also specifies the default domain name that is appended
+myorigin also specifies the domain name that is appended
 to an unqualified recipient address. </p>

 <p> Examples (specify only one of the following): </p>
--- a/postfix/proto/postconf.proto
+++ b/postfix/proto/postconf.proto
@ -2064,7 +2064,7 @@ What addresses are subject to address masquerading.
 </p>

 <p>
-By default, address masquerading is limited to envelope recipient
+By default, address masquerading is limited to envelope sender
 addresses, and to header sender and header recipient addresses.
 This allows you to use address masquerading on a mail gateway while
 still being able to forward mail to users on individual machines.
@ -2370,7 +2370,7 @@ mynetworks = hash:/etc/postfix/network_table
 %PARAM myorigin $myhostname

 <p>
-The default domain name that locally-posted mail appears to come
+The domain name that locally-posted mail appears to come
 from, and that locally posted mail is delivered to. The default,
 $myhostname, is adequate for small sites.  If you run a domain with
 multiple machines, you should (1) change this to $mydomain and (2)
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@ -20,8 +20,8 @@
  * Patches change the patchlevel and the release date. Snapshots change the
  * release date only.
  */
-#define MAIL_RELEASE_DATE	"20040615"
-#define MAIL_VERSION_NUMBER	"2.1.2"
+#define MAIL_RELEASE_DATE	"20040616"
+#define MAIL_VERSION_NUMBER	"2.1.3"

 #define VAR_MAIL_VERSION	"mail_version"
 #ifdef SNAPSHOT
--- a/postfix/src/global/mynetworks.c
+++ b/postfix/src/global/mynetworks.c
@ -91,6 +91,17 @@ const char *mynetworks(void)
 	mask_style = name_mask("mynetworks mask style", mask_styles,
 			       var_mynetworks_style);

+	/*
+	 * XXX Workaround: name_mask() needs a flags argument so that we can
+	 * require exactly one value, or we need to provide an API that is
+	 * dedicated for single-valued flags.
+	 */
+	for (i = 0, junk = mask_style; junk != 0; junk >>= 1)
+	    i += (junk & 1);
+	if (i != 1)
+	    msg_fatal("bad %s value: %s; specify exactly one value",
+		      VAR_MYNETWORKS_STYLE, var_mynetworks_style);
+
 	result = vstring_alloc(20);
 	my_addr_list = own_inet_addr_list();
 	my_mask_list = own_inet_mask_list();
--- a/postfix/src/global/resolve_clnt.c
+++ b/postfix/src/global/resolve_clnt.c
@ -127,6 +127,7 @@
  */
 extern CLNT_STREAM *rewrite_clnt_stream;

+static VSTRING *last_class;
 static VSTRING *last_addr;
 static RESOLVE_REPLY last_reply;

@ -151,6 +152,7 @@ void    resolve_clnt(const char *class, const char *addr, RESOLVE_REPLY *reply)
     * One-entry cache.
     */
    if (last_addr == 0) {
+	last_class = vstring_alloc(10);
 	last_addr = vstring_alloc(100);
 	resolve_clnt_init(&last_reply);
    }
@ -169,7 +171,8 @@ void    resolve_clnt(const char *class, const char *addr, RESOLVE_REPLY *reply)
     */
 #define IFSET(flag, text) ((reply->flags & (flag)) ? (text) : "")

-    if (*addr && strcmp(addr, STR(last_addr)) == 0) {
+    if (*addr && strcmp(addr, STR(last_addr)) == 0
+	&& strcmp(class, STR(last_class)) == 0) {
 	vstring_strcpy(reply->transport, STR(last_reply.transport));
 	vstring_strcpy(reply->nexthop, STR(last_reply.nexthop));
 	vstring_strcpy(reply->recipient, STR(last_reply.recipient));
@ -246,6 +249,7 @@ void    resolve_clnt(const char *class, const char *addr, RESOLVE_REPLY *reply)
    /*
     * Update the cache.
     */
+    vstring_strcpy(last_class, class);
    vstring_strcpy(last_addr, addr);
    vstring_strcpy(last_reply.transport, STR(reply->transport));
    vstring_strcpy(last_reply.nexthop, STR(reply->nexthop));
--- a/postfix/src/global/rewrite_clnt.c
+++ b/postfix/src/global/rewrite_clnt.c
@ -72,6 +72,7 @@
  */
 CLNT_STREAM *rewrite_clnt_stream = 0;

+static VSTRING *last_rule;
 static VSTRING *last_addr;
 static VSTRING *last_result;

@ -85,6 +86,7 @@ VSTRING *rewrite_clnt(const char *rule, const char *addr, VSTRING *result)
     * One-entry cache.
     */
    if (last_addr == 0) {
+	last_rule = vstring_alloc(10);
 	last_addr = vstring_alloc(100);
 	last_result = vstring_alloc(100);
    }
@ -102,10 +104,9 @@ VSTRING *rewrite_clnt(const char *rule, const char *addr, VSTRING *result)

    /*
     * Peek at the cache.
-     * 
-     * XXX Must be made "rule" specific.
     */
-    if (strcmp(addr, STR(last_addr)) == 0) {
+    if (strcmp(addr, STR(last_addr)) == 0
+	&& strcmp(rule, STR(last_rule)) == 0) {
 	vstring_strcpy(result, STR(last_result));
 	if (msg_verbose)
 	    msg_info("rewrite_clnt: cached: %s: %s -> %s",
@ -152,6 +153,7 @@ VSTRING *rewrite_clnt(const char *rule, const char *addr, VSTRING *result)
    /*
     * Update the cache.
     */
+    vstring_strcpy(last_rule, rule);
    vstring_strcpy(last_addr, addr);
    vstring_strcpy(last_result, STR(result));

--- a/postfix/src/global/verify.c
+++ b/postfix/src/global/verify.c
@ -142,7 +142,8 @@ int     vverify_append(const char *queue_id, const char *orig_rcpt,
     */
    vstring_vsprintf(text, fmt, ap);
    if (var_verify_neg_cache || rcpt_stat == DEL_RCPT_STAT_OK) {
-	req_stat = verify_clnt_vupdate(orig_rcpt, rcpt_stat, fmt, ap);
+	req_stat = verify_clnt_update(orig_rcpt, rcpt_stat,
+				      "%s", vstring_str(text));
 	if (req_stat == VRFY_STAT_OK && strcasecmp(recipient, orig_rcpt) != 0)
 	    req_stat = verify_clnt_update(recipient, rcpt_stat,
 					  "%s", vstring_str(text));
--- a/postfix/src/smtpd/smtpd.c
+++ b/postfix/src/smtpd/smtpd.c
@ -534,7 +534,7 @@
 /*	The list of "trusted" SMTP clients that have more privileges than
 /*	"strangers".
 /* .IP "\fBmyorigin ($myhostname)\fR"
-/*	The default domain name that locally-posted mail appears to come
+/*	The domain name that locally-posted mail appears to come
 /*	from, and that locally posted mail is delivered to.
 /* .IP "\fBprocess_id (read-only)\fR"
 /*	The process ID of a Postfix command or daemon process.
@ -811,6 +811,11 @@ static void mail_reset(SMTPD_STATE *);
 static void rcpt_reset(SMTPD_STATE *);
 static void chat_reset(SMTPD_STATE *, int);

+ /*
+  * This filter is applied after printable().
+  */
+#define NEUTER_CHARACTERS " <>()\\\";:@"
+
 #ifdef USE_SASL_AUTH

 /*
@ -882,7 +887,7 @@ static int helo_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv)
    mail_reset(state);
    rcpt_reset(state);
    state->helo_name = mystrdup(printable(argv[1].strval, '?'));
-    neuter(state->helo_name, "<>()\\\";:@", '?');
+    neuter(state->helo_name, NEUTER_CHARACTERS, '?');
    /* Downgrading the protocol name breaks the unauthorized pipelining test. */
    if (strcasecmp(state->protocol, MAIL_PROTO_ESMTP) != 0
 	&& strcasecmp(state->protocol, MAIL_PROTO_SMTP) != 0) {
@ -923,7 +928,7 @@ static int ehlo_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv)
    mail_reset(state);
    rcpt_reset(state);
    state->helo_name = mystrdup(printable(argv[1].strval, '?'));
-    neuter(state->helo_name, "<>()\\\";:@", '?');
+    neuter(state->helo_name, NEUTER_CHARACTERS, '?');
    if (strcasecmp(state->protocol, MAIL_PROTO_ESMTP) != 0) {
 	myfree(state->protocol);
 	state->protocol = mystrdup(MAIL_PROTO_ESMTP);
@ -2012,7 +2017,6 @@ static int xclient_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv)
 	    if (s) myfree(s); \
 	    s = (v) ? mystrdup(v) : 0; \
 	} while(0)
-#define NEUTER_CHARACTERS "<>()\\\";:@"

    /*
     * Iterate over all attribute=value elements.