postfix-2.8-20101206

2025-08-22 09:57:34 +00:00 · 2010-12-06 00:00:00 -05:00 · 2010-12-06 00:00:00 -05:00 · d87d8c1c0f
commit d87d8c1c0f
parent e31ae1582b
8 changed files with 73 additions and 73 deletions
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@ -16210,8 +16210,9 @@ Apologies for any names omitted.

 	Feature: the LDAP client can now authenticate to LDAP servers
 	via SASL. This is tested with SASL GSSAPI and Kerberos 5.
-	Code by Victor Duchovni. Files: global/dict_ldap.c,
-	proto/LDAP_README.html, proto/ldap_table.
+	Original code by Quanah Gibson-Mount adapted by Victor
+	Duchovni.  Files: global/dict_ldap.c, proto/LDAP_README.html,
+	proto/ldap_table.

 	Cleanup: the cleanup server now reports a temporary delivery
 	error when it reaches the virtual_alias_expansion_limit or
@ -16232,3 +16233,8 @@ Apologies for any names omitted.
 	problems with shared library builds. The dependency was not
 	necessary because the callers already specify an explicit
 	time limit.  File: global/pipe_command.c.
+
+20101206
+
+	postscreen hung up due to incorrect output error test. File:
+	postscreen/postscreen_send.c.
--- a/postfix/html/ldap_table.5.html
+++ b/postfix/html/ldap_table.5.html
@ -607,10 +607,6 @@ LDAP_TABLE(5)                                                    LDAP_TABLE(5)
       The  following  parameters are relevant to using LDAP with
       SASL

-       <b>sasl (default: no)</b>
-              Whether or not to use SASL  binds  to  the  server.
-              Can be yes or no.
-
       <b>sasl_mechs (default: empty)</b>
              Space separated list of SASL mechanism(s) to try.

--- a/postfix/man/man5/ldap_table.5
+++ b/postfix/man/man5/ldap_table.5
@ -561,8 +561,6 @@ protocol version is 2 for backwards compatibility. You must set
 "version = 3" in addition to "bind = sasl".

 The following parameters are relevant to using LDAP with SASL
-.IP "\fBsasl (default: no)\fR"
-Whether or not to use SASL binds to the server.  Can be yes or no.
 .IP "\fBsasl_mechs (default: empty)\fR"
 Space separated list of SASL mechanism(s) to try.
 .IP "\fBsasl_realm (default: empty)\fR"
--- a/postfix/proto/ldap_table
+++ b/postfix/proto/ldap_table
@ -547,8 +547,6 @@
 #	"version = 3" in addition to "bind = sasl".
 #
 #	The following parameters are relevant to using LDAP with SASL
-# .IP "\fBsasl (default: no)\fR"
-#	Whether or not to use SASL binds to the server.  Can be yes or no.
 # .IP "\fBsasl_mechs (default: empty)\fR"
 #	Space separated list of SASL mechanism(s) to try. 
 # .IP "\fBsasl_realm (default: empty)\fR"
--- a/postfix/src/global/dict_ldap.c
+++ b/postfix/src/global/dict_ldap.c
@ -103,8 +103,6 @@
 /* .IP version
 /*	Specifies the LDAP protocol version to use.  Default is version
 /*	\fI2\fR.
-/* .IP "\fBsasl (no)\fR"
-/*	Whether or not to use SASL binds with the server.
 /* .IP "\fBsasl_mechs (empty)\fR"
 /*	Specifies a space-separated list of LDAP SASL Mechanisms.
 /* .IP "\fBsasl_realm (empty)\fR"
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@ -20,7 +20,7 @@
  * Patches change both the patchlevel and the release date. Snapshots have no
  * patchlevel; they change the release date only.
  */
-#define MAIL_RELEASE_DATE	"20101204"
+#define MAIL_RELEASE_DATE	"20101206"
 #define MAIL_VERSION_NUMBER	"2.8"

 #ifdef SNAPSHOT
--- a/postfix/src/global/pipe_command.c
+++ b/postfix/src/global/pipe_command.c
@ -85,7 +85,8 @@
 /*	configuration parameter. The group ID must be non-zero.
 /* .IP "PIPE_CMD_TIME_LIMIT (int)"
 /*	The amount of time the command is allowed to run before it
-/*	is terminated with SIGKILL. The default is DEF_COMMAND_MAXTIME.
+/*	is terminated with SIGKILL. A non-negative PIPE_CMD_TIME_LIMIT
+/*	value must be specified.
 /* .IP "PIPE_CMD_SHELL (char *)"
 /*	The shell to use when executing the command specified with
 /*	PIPE_CMD_COMMAND. This shell is invoked regardless of the
@ -210,7 +211,7 @@ static void get_pipe_args(struct pipe_args * args, va_list ap)
    args->cwd = 0;
    args->chroot = 0;

-    pipe_command_maxtime = DEF_COMMAND_MAXTIME;
+    pipe_command_maxtime = -1;

    /*
     * Then, override the defaults with user-supplied inputs.
@ -276,6 +277,8 @@ static void get_pipe_args(struct pipe_args * args, va_list ap)
 	msg_panic("%s: privileged uid", myname);
    if (args->gid == 0)
 	msg_panic("%s: privileged gid", myname);
+    if (pipe_command_maxtime < 0)
+	msg_panic("%s: missing or invalid PIPE_CMD_TIME_LIMIT", myname);
 }

 /* pipe_command_write - write to command with time limit */
--- a/postfix/src/postscreen/postscreen_send.c
+++ b/postfix/src/postscreen/postscreen_send.c
@ -85,8 +85,9 @@ int     ps_send_reply(int smtp_client_fd, const char *smtp_client_addr,
     * XXX Need to make sure that the TCP send buffer is large enough for any
     * response, so that a nasty client can't cause this process to block.
     */
-    ret = write_buf(smtp_client_fd, text, strlen(text), PS_SEND_TEXT_TIMEOUT);
-    if (ret < 0 && errno != EPIPE)
+    ret = (write_buf(smtp_client_fd, text, strlen(text),
+		     PS_SEND_TEXT_TIMEOUT) < 0);
+    if (ret != 0 && errno != EPIPE)
 	msg_warn("write [%s]:%s: %m", smtp_client_addr, smtp_client_port);
    return (ret);
 }