mir/postfix
2
0
Fork 0
mirror of https://github.com/vdukhovni/postfix synced 2025-08-29 13:18:12 +00:00
Code Issues Releases Wiki Activity

postfix-3.1-20150913

Browse Source
This commit is contained in:
Wietse Venema 2015-09-13 00:00:00 -05:00 committed by Viktor Dukhovni
parent 7c40345f5a
commit e23b4ac7fd
45 changed files with 363 additions and 138 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
postfix/HISTORY
View File

@ -21876,3 +21876,48 @@ Apologies for any names omitted.
TLS session tickets are supported as of OpenSSL 0.9.8h (May
2008). Files: mantools/postlink, proto/TLS_README.html,
proto/postconf.proto.
20150831
Cleanup: obsolete comments in Makefile.init.
20150903
Workaround: disable DNSSEC support for AIX 7x and earlier.
The AIX 6/7 resolver(5) API defines RES_USE_DNSSEC without
defining the "ad" bit. Viktor Dukhovni. Files: makedefs,
proto/INSTALL.html, dns/dns.h.
20150912
Future-proofing and code cleanup: exploit GCC and Clang
"warn_unused_result" feature to flag missing error checks.
Files: util/sys_defs.h, util/attr.h, util/edit_file.h,
util/listen.h, util/lstat_as.h, util/mac_expand.h,
util/mac_parse.h, util/myaddrinfo.h, util/myflock.h,
util/sane_fsops.h, util/sane_socketpair.h, util/stat_as.h,
util/base32_code.h, util/base64_code.h, util/hex_code.h,
util/timed_wait.h, util/vstream.h, src/util/vstring_vstream.h.
Cleanup: incomplete error check. Found with WARN_UNUSED_RESULT
check. File: util/recv_pass_attr.c.
Future-proofing: added type mis-match detection for
ATTR_TYPE_FUNC function-pointer arguments. File: util/attr.h.
Cleanup: don't ignore seek-to-end-of-file errors. File:
global/record.c.
Cleanup: use vstream_fpurge() to purge VSTREAM buffers,
instead of calling vstream_fseek() and ignoring ESPIPE
errors. File: smtpstone/qmqp-sink.c.
20150913
Feature: SMTPD policy service "policy_context" attribute
and smtpd_policy_service_policy_context main.cf parameter.
Originally, to share the same SMTPD service endpoint among
multiple check_policy_service clients. Markus Benning.
Files: mantools/postlink, proto/SMTPD_POLICY_README.html,
proto/postconf.proto, global/mail_params.h, global/mail_proto.h,
smtpd/smtpd.c, smtpd/smtpd_check.c.

3
postfix/INSTALL
View File

@ -539,6 +539,9 @@ The following is an extensive list of names and values.
|| |probably should also override DEF_DB_TYPE as |
|| |described in section 4.6. |
||_____________________________|______________________________________________|
||-DNO_DNSSEC |Do not build with DNSSEC support, even if the |
|| |resolver library appears to support it. |
||_____________________________|______________________________________________|
|| |Do not build with Solaris /dev/poll support. |
||-DNO_DEVPOLL |By default, /dev/poll support is compiled in |
|| |on Solaris versions that are known to support |

5
postfix/Makefile.init
View File

@ -1,7 +1,8 @@
# Usage:
# make makefiles [CC=compiler] [OPT=compiler-flags] [DEBUG=debug-flags]
# make makefiles [name=value]...
#
# The defaults are: CC=gcc, OPT=-O, and DEBUG=-g. Examples:
# See makedefs for a descripton of available options.
# Examples:
#
# make makefiles
# make makefiles CC="purify cc"

3
postfix/README_FILES/INSTALL
View File

@ -539,6 +539,9 @@ The following is an extensive list of names and values.
|| |probably should also override DEF_DB_TYPE as |
|| |described in section 4.6. |
|_|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
||-DNO_DNSSEC |Do not build with DNSSEC support, even if the |
|| |resolver library appears to support it. |
|_|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
|| |Do not build with Solaris /dev/poll support. |
||-DNO_DEVPOLL |By default, /dev/poll support is compiled in |
|| |on Solaris versions that are known to support |

11
postfix/README_FILES/SMTPD_POLICY_README
View File

@ -76,6 +76,8 @@ a delegated SMTPD access policy request:
ccert_pubkey_fingerprint=68:B3:29:DA:98:93:E3:40:99:C7:D8:AD:5C:B9:C9:40
PPoossttffiixx vveerrssiioonn 33..00 aanndd llaatteerr::
client_port=1234
PPoossttffiixx vveerrssiioonn 33..11 aanndd llaatteerr::
policy_context=submission
[empty line]
Notes:
@ -145,6 +147,9 @@ Notes:
* The "stress" attribute is either empty or "yes". See the STRESS_README
document for further information.
* The "policy_context" attribute provides a way to pass information that is
not available via other attributes (Postfix version 3.1 and later).
The following is specific to SMTPD delegated policy requests:
* Protocol names are ESMTP or SMTP.
@ -276,6 +281,12 @@ protocol:
to resend a failed SMTPD policy service request. Available with Postfix 3.0
and later.
* smtpd_policy_service_policy_context (default: empty): Optional information
that is passed in the "policy_context" attribute of an SMTPD policy service
request (originally, to share the same SMTPD service endpoint among
multiple check_policy_service clients). Available with Postfix 3.1 and
later.
Configuration parameters that control the server side of the policy delegation
protocol:

9
postfix/WISHLIST
View File

@ -13,6 +13,12 @@ Wish list:
Postfix 3.0: In the DNS client, save/restore h_errno in the
multi-query functions.
Specify WARN_UNUSED_RESULT for all library functions that
pass, deliver, bounce or defer a delivery request.
Specify WARN_UNUSED_RESULT for mac_expand(), after making
smtp_reply_footer() undoable.
Type-checking wrappers for htable(3), ctable(3) and other
modules that take and return a void* pointer.
@ -22,9 +28,6 @@ Wish list:
relevant only for fingerprint-based authentication including
DANE, and affects logging, SMTPD policy, and Milters.
Exploit GCC 3.4+ __attribute__((warn_unused_result)) to
warn about unused function result values.
Generalize the daemon '-S' stand-alone mode, so that it can
be used with custom configuration files for request/reply
regression testing.

4
postfix/html/INSTALL.html
View File

@ -810,6 +810,10 @@ platforms that are known to support this feature. If you override
this, then you probably should also override DEF_DB_TYPE as described
in section 4.6. </td> </tr>
<tr> <td> </td> <td> -DNO_DNSSEC </td> <td> Do not build with DNSSEC
support, even if the resolver library appears to support it. </td>
</tr>
<tr> <td> </td> <td> -DNO_DEVPOLL </td> <td> Do not build with
Solaris <tt>/dev/poll</tt> support. By default, <tt>/dev/poll</tt>
support is compiled in on Solaris versions that are known to support

12
postfix/html/SMTPD_POLICY_README.html
View File

@ -108,6 +108,8 @@ stress=
ccert_pubkey_fingerprint=68:B3:29:DA:98:93:E3:40:99:C7:D8:AD:5C:B9:C9:40
<b>Postfix version 3.0 and later:</b>
client_port=1234
<b>Postfix version 3.1 and later:</b>
policy_context=submission
[empty line]
</pre>
</blockquote>
@ -195,6 +197,10 @@ client_port=1234
<li> <p> The "stress" attribute is either empty or "yes". See
the <a href="STRESS_README.html">STRESS_README</a> document for further information. </p>
<li> <p> The "policy_context" attribute provides a way to pass
information that is not available via other attributes (Postfix
version 3.1 and later). </p>
</ul>
<p> The following is specific to SMTPD delegated policy requests:
@ -367,6 +373,12 @@ giving up. Available with Postfix 3.0 and later. </p>
between attempts to resend a failed SMTPD policy service request.
Available with Postfix 3.0 and later. </p>
<li> <p> <a href="postconf.5.html#smtpd_policy_service_policy_context">smtpd_policy_service_policy_context</a> (default: empty):
Optional information that is passed in the "policy_context" attribute
of an SMTPD policy service request (originally, to share the same
SMTPD service endpoint among multiple <a href="postconf.5.html#check_policy_service">check_policy_service</a> clients).
Available with Postfix 3.1 and later. </p>
</ul>
<p> Configuration parameters that control the server side of the

19
postfix/html/postconf.5.html
View File

@ -2956,6 +2956,10 @@ returns the server response in an application buffer even if the
requested record does not exist. If this promise is broken, specify
"yes" to enable a workaround for DNS reputation lookups. </p>
<p>
This feature is available in Postfix 3.1 and later.
</p>
</DD>
@ -14633,6 +14637,21 @@ This feature is available in Postfix 2.1 and later.
</p>
</DD>
<DT><b><a name="smtpd_policy_service_policy_context">smtpd_policy_service_policy_context</a>
(default: empty)</b></DT><DD>
<p> Optional information that the Postfix SMTP server specifies in
the "policy_context" attribute of a policy service request (originally,
to share the same service endpoint among multiple <a href="postconf.5.html#check_policy_service">check_policy_service</a>
clients). </p>
<p>
This feature is available in Postfix 3.1 and later.
</p>
</DD>
<DT><b><a name="smtpd_policy_service_request_limit">smtpd_policy_service_request_limit</a>

156
postfix/html/smtpd.8.html
View File

@ -910,62 +910,70 @@ SMTPD(8) SMTPD(8)
The delay between attempts to resend a failed SMTPD policy ser-
vice request.
Available in Postfix version 3.1 and later:
<b><a href="postconf.5.html#smtpd_policy_service_policy_context">smtpd_policy_service_policy_context</a> (empty)</b>
Optional information that the Postfix SMTP server specifies in
the "policy_context" attribute of a policy service request
(originally, to share the same service endpoint among multiple
<a href="postconf.5.html#check_policy_service">check_policy_service</a> clients).
<b>ACCESS CONTROLS</b>
The <a href="SMTPD_ACCESS_README.html">SMTPD_ACCESS_README</a> document gives an introduction to all the SMTP
The <a href="SMTPD_ACCESS_README.html">SMTPD_ACCESS_README</a> document gives an introduction to all the SMTP
server access control features.
<b><a href="postconf.5.html#smtpd_delay_reject">smtpd_delay_reject</a> (yes)</b>
Wait until the RCPT TO command before evaluating
Wait until the RCPT TO command before evaluating
$<a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a>, $<a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a> and
$<a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a>, or wait until the ETRN command
before evaluating $<a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> and
before evaluating $<a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> and
$<a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a>.
<b><a href="postconf.5.html#parent_domain_matches_subdomains">parent_domain_matches_subdomains</a> (see 'postconf -d' output)</b>
A list of Postfix features where the pattern "example.com" also
matches subdomains of example.com, instead of requiring an
A list of Postfix features where the pattern "example.com" also
matches subdomains of example.com, instead of requiring an
explicit ".example.com" pattern.
<b><a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> (empty)</b>
Optional restrictions that the Postfix SMTP server applies in
Optional restrictions that the Postfix SMTP server applies in
the context of a client connection request.
<b><a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> (no)</b>
Require that a remote SMTP client introduces itself with the
HELO or EHLO command before sending the MAIL command or other
Require that a remote SMTP client introduces itself with the
HELO or EHLO command before sending the MAIL command or other
commands that require EHLO negotiation.
<b><a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a> (empty)</b>
Optional restrictions that the Postfix SMTP server applies in
Optional restrictions that the Postfix SMTP server applies in
the context of a client HELO command.
<b><a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a> (empty)</b>
Optional restrictions that the Postfix SMTP server applies in
Optional restrictions that the Postfix SMTP server applies in
the context of a client MAIL FROM command.
<b><a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a> (see 'postconf -d' output)</b>
Optional restrictions that the Postfix SMTP server applies in
the context of a client RCPT TO command, after
Optional restrictions that the Postfix SMTP server applies in
the context of a client RCPT TO command, after
<a href="postconf.5.html#smtpd_relay_restrictions">smtpd_relay_restrictions</a>.
<b><a href="postconf.5.html#smtpd_etrn_restrictions">smtpd_etrn_restrictions</a> (empty)</b>
Optional restrictions that the Postfix SMTP server applies in
Optional restrictions that the Postfix SMTP server applies in
the context of a client ETRN command.
<b><a href="postconf.5.html#allow_untrusted_routing">allow_untrusted_routing</a> (no)</b>
Forward mail with sender-specified routing
(user[@%!]remote[@%!]site) from untrusted clients to destina-
Forward mail with sender-specified routing
(user[@%!]remote[@%!]site) from untrusted clients to destina-
tions matching $<a href="postconf.5.html#relay_domains">relay_domains</a>.
<b><a href="postconf.5.html#smtpd_restriction_classes">smtpd_restriction_classes</a> (empty)</b>
User-defined aliases for groups of access restrictions.
<b><a href="postconf.5.html#smtpd_null_access_lookup_key">smtpd_null_access_lookup_key</a> (</b>&lt;&gt;<b>)</b>
The lookup key to be used in SMTP <a href="access.5.html"><b>access</b>(5)</a> tables instead of
The lookup key to be used in SMTP <a href="access.5.html"><b>access</b>(5)</a> tables instead of
the null sender address.
<b><a href="postconf.5.html#permit_mx_backup_networks">permit_mx_backup_networks</a> (empty)</b>
Restrict the use of the <a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a> SMTP access feature to
Restrict the use of the <a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a> SMTP access feature to
only domains whose primary MX hosts match the listed networks.
Available in Postfix version 2.0 and later:
@ -975,19 +983,19 @@ SMTPD(8) SMTPD(8)
applies in the context of the SMTP DATA command.
<b><a href="postconf.5.html#smtpd_expansion_filter">smtpd_expansion_filter</a> (see 'postconf -d' output)</b>
What characters are allowed in $name expansions of RBL reply
What characters are allowed in $name expansions of RBL reply
templates.
Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#smtpd_reject_unlisted_sender">smtpd_reject_unlisted_sender</a> (no)</b>
Request that the Postfix SMTP server rejects mail from unknown
sender addresses, even when no explicit <a href="postconf.5.html#reject_unlisted_sender">reject_unlisted_sender</a>
Request that the Postfix SMTP server rejects mail from unknown
sender addresses, even when no explicit <a href="postconf.5.html#reject_unlisted_sender">reject_unlisted_sender</a>
access restriction is specified.
<b><a href="postconf.5.html#smtpd_reject_unlisted_recipient">smtpd_reject_unlisted_recipient</a> (yes)</b>
Request that the Postfix SMTP server rejects mail for unknown
recipient addresses, even when no explicit
Request that the Postfix SMTP server rejects mail for unknown
recipient addresses, even when no explicit
<a href="postconf.5.html#reject_unlisted_recipient">reject_unlisted_recipient</a> access restriction is specified.
Available in Postfix version 2.2 and later:
@ -1001,17 +1009,17 @@ SMTPD(8) SMTPD(8)
<b><a href="postconf.5.html#smtpd_relay_restrictions">smtpd_relay_restrictions</a> (<a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>, <a href="postconf.5.html#permit_sasl_authenticated">permit_sasl_authenticated</a>,</b>
<b><a href="postconf.5.html#defer_unauth_destination">defer_unauth_destination</a>)</b>
Access restrictions for mail relay control that the Postfix SMTP
server applies in the context of the RCPT TO command, before
server applies in the context of the RCPT TO command, before
<a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a>.
<b>SENDER AND RECIPIENT ADDRESS VERIFICATION CONTROLS</b>
Postfix version 2.1 introduces sender and recipient address verifica-
Postfix version 2.1 introduces sender and recipient address verifica-
tion. This feature is implemented by sending probe email messages that
are not actually delivered. This feature is requested via the
<a href="postconf.5.html#reject_unverified_sender">reject_unverified_sender</a> and <a href="postconf.5.html#reject_unverified_recipient">reject_unverified_recipient</a> access
restrictions. The status of verification probes is maintained by the
<a href="verify.8.html"><b>verify</b>(8)</a> server. See the file <a href="ADDRESS_VERIFICATION_README.html">ADDRESS_VERIFICATION_README</a> for infor-
mation about how to configure and operate the Postfix sender/recipient
<a href="postconf.5.html#reject_unverified_sender">reject_unverified_sender</a> and <a href="postconf.5.html#reject_unverified_recipient">reject_unverified_recipient</a> access
restrictions. The status of verification probes is maintained by the
<a href="verify.8.html"><b>verify</b>(8)</a> server. See the file <a href="ADDRESS_VERIFICATION_README.html">ADDRESS_VERIFICATION_README</a> for infor-
mation about how to configure and operate the Postfix sender/recipient
address verification service.
<b><a href="postconf.5.html#address_verify_poll_count">address_verify_poll_count</a> (normal: 3, overload: 1)</b>
@ -1023,7 +1031,7 @@ SMTPD(8) SMTPD(8)
fication request in progress.
<b><a href="postconf.5.html#address_verify_sender">address_verify_sender</a> ($<a href="postconf.5.html#double_bounce_sender">double_bounce_sender</a>)</b>
The sender address to use in address verification probes; prior
The sender address to use in address verification probes; prior
to Postfix 2.5 the default was "postmaster".
<b><a href="postconf.5.html#unverified_sender_reject_code">unverified_sender_reject_code</a> (450)</b>
@ -1031,18 +1039,18 @@ SMTPD(8) SMTPD(8)
address is rejected by the <a href="postconf.5.html#reject_unverified_sender">reject_unverified_sender</a> restriction.
<b><a href="postconf.5.html#unverified_recipient_reject_code">unverified_recipient_reject_code</a> (450)</b>
The numerical Postfix SMTP server response when a recipient
address is rejected by the <a href="postconf.5.html#reject_unverified_recipient">reject_unverified_recipient</a> restric-
The numerical Postfix SMTP server response when a recipient
address is rejected by the <a href="postconf.5.html#reject_unverified_recipient">reject_unverified_recipient</a> restric-
tion.
Available in Postfix version 2.6 and later:
<b><a href="postconf.5.html#unverified_sender_defer_code">unverified_sender_defer_code</a> (450)</b>
The numerical Postfix SMTP server response code when a sender
The numerical Postfix SMTP server response code when a sender
address probe fails due to a temporary error condition.
<b><a href="postconf.5.html#unverified_recipient_defer_code">unverified_recipient_defer_code</a> (450)</b>
The numerical Postfix SMTP server response when a recipient
The numerical Postfix SMTP server response when a recipient
address probe fails due to a temporary error condition.
<b><a href="postconf.5.html#unverified_sender_reject_reason">unverified_sender_reject_reason</a> (empty)</b>
@ -1054,17 +1062,17 @@ SMTPD(8) SMTPD(8)
<a href="postconf.5.html#reject_unverified_recipient">reject_unverified_recipient</a>.
<b><a href="postconf.5.html#unverified_sender_tempfail_action">unverified_sender_tempfail_action</a> ($<a href="postconf.5.html#reject_tempfail_action">reject_tempfail_action</a>)</b>
The Postfix SMTP server's action when <a href="postconf.5.html#reject_unverified_sender">reject_unverified_sender</a>
The Postfix SMTP server's action when <a href="postconf.5.html#reject_unverified_sender">reject_unverified_sender</a>
fails due to a temporary error condition.
<b><a href="postconf.5.html#unverified_recipient_tempfail_action">unverified_recipient_tempfail_action</a> ($<a href="postconf.5.html#reject_tempfail_action">reject_tempfail_action</a>)</b>
The Postfix SMTP server's action when <a href="postconf.5.html#reject_unverified_recipient">reject_unverified_recipi</a>-
The Postfix SMTP server's action when <a href="postconf.5.html#reject_unverified_recipient">reject_unverified_recipi</a>-
<a href="postconf.5.html#reject_unverified_recipient">ent</a> fails due to a temporary error condition.
Available with Postfix 2.9 and later:
<b><a href="postconf.5.html#address_verify_sender_ttl">address_verify_sender_ttl</a> (0s)</b>
The time between changes in the time-dependent portion of
The time between changes in the time-dependent portion of
address verification probe sender addresses.
<b>ACCESS CONTROL RESPONSES</b>
@ -1076,36 +1084,36 @@ SMTPD(8) SMTPD(8)
map "reject" action.
<b><a href="postconf.5.html#defer_code">defer_code</a> (450)</b>
The numerical Postfix SMTP server response code when a remote
The numerical Postfix SMTP server response code when a remote
SMTP client request is rejected by the "defer" restriction.
<b><a href="postconf.5.html#invalid_hostname_reject_code">invalid_hostname_reject_code</a> (501)</b>
The numerical Postfix SMTP server response code when the client
HELO or EHLO command parameter is rejected by the
The numerical Postfix SMTP server response code when the client
HELO or EHLO command parameter is rejected by the
<a href="postconf.5.html#reject_invalid_helo_hostname">reject_invalid_helo_hostname</a> restriction.
<b><a href="postconf.5.html#maps_rbl_reject_code">maps_rbl_reject_code</a> (554)</b>
The numerical Postfix SMTP server response code when a remote
SMTP client request is blocked by the <a href="postconf.5.html#reject_rbl_client">reject_rbl_client</a>,
The numerical Postfix SMTP server response code when a remote
SMTP client request is blocked by the <a href="postconf.5.html#reject_rbl_client">reject_rbl_client</a>,
<a href="postconf.5.html#reject_rhsbl_client">reject_rhsbl_client</a>, <a href="postconf.5.html#reject_rhsbl_reverse_client">reject_rhsbl_reverse_client</a>,
<a href="postconf.5.html#reject_rhsbl_sender">reject_rhsbl_sender</a> or <a href="postconf.5.html#reject_rhsbl_recipient">reject_rhsbl_recipient</a> restriction.
<b><a href="postconf.5.html#non_fqdn_reject_code">non_fqdn_reject_code</a> (504)</b>
The numerical Postfix SMTP server reply code when a client
request is rejected by the <a href="postconf.5.html#reject_non_fqdn_helo_hostname">reject_non_fqdn_helo_hostname</a>,
The numerical Postfix SMTP server reply code when a client
request is rejected by the <a href="postconf.5.html#reject_non_fqdn_helo_hostname">reject_non_fqdn_helo_hostname</a>,
<a href="postconf.5.html#reject_non_fqdn_sender">reject_non_fqdn_sender</a> or <a href="postconf.5.html#reject_non_fqdn_recipient">reject_non_fqdn_recipient</a> restriction.
<b><a href="postconf.5.html#plaintext_reject_code">plaintext_reject_code</a> (450)</b>
The numerical Postfix SMTP server response code when a request
The numerical Postfix SMTP server response code when a request
is rejected by the <b><a href="postconf.5.html#reject_plaintext_session">reject_plaintext_session</a></b> restriction.
<b><a href="postconf.5.html#reject_code">reject_code</a> (554)</b>
The numerical Postfix SMTP server response code when a remote
The numerical Postfix SMTP server response code when a remote
SMTP client request is rejected by the "reject" restriction.
<b><a href="postconf.5.html#relay_domains_reject_code">relay_domains_reject_code</a> (554)</b>
The numerical Postfix SMTP server response code when a client
request is rejected by the <a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a> recipient
The numerical Postfix SMTP server response code when a client
request is rejected by the <a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a> recipient
restriction.
<b><a href="postconf.5.html#unknown_address_reject_code">unknown_address_reject_code</a> (450)</b>
@ -1113,24 +1121,24 @@ SMTPD(8) SMTPD(8)
a sender or recipient address because its domain is unknown.
<b><a href="postconf.5.html#unknown_client_reject_code">unknown_client_reject_code</a> (450)</b>
The numerical Postfix SMTP server response code when a client
without valid address &lt;=&gt; name mapping is rejected by the
The numerical Postfix SMTP server response code when a client
without valid address &lt;=&gt; name mapping is rejected by the
<a href="postconf.5.html#reject_unknown_client_hostname">reject_unknown_client_hostname</a> restriction.
<b><a href="postconf.5.html#unknown_hostname_reject_code">unknown_hostname_reject_code</a> (450)</b>
The numerical Postfix SMTP server response code when the host-
name specified with the HELO or EHLO command is rejected by the
The numerical Postfix SMTP server response code when the host-
name specified with the HELO or EHLO command is rejected by the
<a href="postconf.5.html#reject_unknown_helo_hostname">reject_unknown_helo_hostname</a> restriction.
Available in Postfix version 2.0 and later:
<b><a href="postconf.5.html#default_rbl_reply">default_rbl_reply</a> (see 'postconf -d' output)</b>
The default Postfix SMTP server response template for a request
The default Postfix SMTP server response template for a request
that is rejected by an RBL-based restriction.
<b><a href="postconf.5.html#multi_recipient_bounce_reject_code">multi_recipient_bounce_reject_code</a> (550)</b>
The numerical Postfix SMTP server response code when a remote
SMTP client request is blocked by the <a href="postconf.5.html#reject_multi_recipient_bounce">reject_multi_recipi</a>-
The numerical Postfix SMTP server response code when a remote
SMTP client request is blocked by the <a href="postconf.5.html#reject_multi_recipient_bounce">reject_multi_recipi</a>-
<a href="postconf.5.html#reject_multi_recipient_bounce">ent_bounce</a> restriction.
<b><a href="postconf.5.html#rbl_reply_maps">rbl_reply_maps</a> (empty)</b>
@ -1140,52 +1148,52 @@ SMTPD(8) SMTPD(8)
<b><a href="postconf.5.html#access_map_defer_code">access_map_defer_code</a> (450)</b>
The numerical Postfix SMTP server response code for an <a href="access.5.html"><b>access</b>(5)</a>
map "defer" action, including "<a href="postconf.5.html#defer_if_permit">defer_if_permit</a>" or
map "defer" action, including "<a href="postconf.5.html#defer_if_permit">defer_if_permit</a>" or
"<a href="postconf.5.html#defer_if_reject">defer_if_reject</a>".
<b><a href="postconf.5.html#reject_tempfail_action">reject_tempfail_action</a> (<a href="postconf.5.html#defer_if_permit">defer_if_permit</a>)</b>
The Postfix SMTP server's action when a reject-type restriction
The Postfix SMTP server's action when a reject-type restriction
fails due to a temporary error condition.
<b><a href="postconf.5.html#unknown_helo_hostname_tempfail_action">unknown_helo_hostname_tempfail_action</a> ($<a href="postconf.5.html#reject_tempfail_action">reject_tempfail_action</a>)</b>
The Postfix SMTP server's action when <a href="postconf.5.html#reject_unknown_helo_hostname">reject_unknown_helo_host</a>-
The Postfix SMTP server's action when <a href="postconf.5.html#reject_unknown_helo_hostname">reject_unknown_helo_host</a>-
<a href="postconf.5.html#reject_unknown_helo_hostname">name</a> fails due to an temporary error condition.
<b><a href="postconf.5.html#unknown_address_tempfail_action">unknown_address_tempfail_action</a> ($<a href="postconf.5.html#reject_tempfail_action">reject_tempfail_action</a>)</b>
The Postfix SMTP server's action when
<a href="postconf.5.html#reject_unknown_sender_domain">reject_unknown_sender_domain</a> or <a href="postconf.5.html#reject_unknown_recipient_domain">reject_unknown_recipient_domain</a>
The Postfix SMTP server's action when
<a href="postconf.5.html#reject_unknown_sender_domain">reject_unknown_sender_domain</a> or <a href="postconf.5.html#reject_unknown_recipient_domain">reject_unknown_recipient_domain</a>
fail due to a temporary error condition.
<b>MISCELLANEOUS CONTROLS</b>
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con-
The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con-
figuration files.
<b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
How much time a Postfix daemon process may take to handle a
How much time a Postfix daemon process may take to handle a
request before it is terminated by a built-in watchdog timer.
<b><a href="postconf.5.html#command_directory">command_directory</a> (see 'postconf -d' output)</b>
The location of all postfix administrative commands.
<b><a href="postconf.5.html#double_bounce_sender">double_bounce_sender</a> (double-bounce)</b>
The sender address of postmaster notifications that are gener-
The sender address of postmaster notifications that are gener-
ated by the mail system.
<b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b>
The time limit for sending or receiving information over an
The time limit for sending or receiving information over an
internal communication channel.
<b><a href="postconf.5.html#mail_name">mail_name</a> (Postfix)</b>
The mail system name that is displayed in Received: headers, in
The mail system name that is displayed in Received: headers, in
the SMTP greeting banner, and in bounced mail.
<b><a href="postconf.5.html#mail_owner">mail_owner</a> (postfix)</b>
The UNIX system account that owns the Postfix queue and most
The UNIX system account that owns the Postfix queue and most
Postfix daemon processes.
<b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
The maximum amount of time that an idle Postfix daemon process
The maximum amount of time that an idle Postfix daemon process
waits for an incoming connection before terminating voluntarily.
<b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
@ -1196,11 +1204,11 @@ SMTPD(8) SMTPD(8)
The internet hostname of this mail system.
<b><a href="postconf.5.html#mynetworks">mynetworks</a> (see 'postconf -d' output)</b>
The list of "trusted" remote SMTP clients that have more privi-
The list of "trusted" remote SMTP clients that have more privi-
leges than "strangers".
<b><a href="postconf.5.html#myorigin">myorigin</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b>
The domain name that locally-posted mail appears to come from,
The domain name that locally-posted mail appears to come from,
and that locally posted mail is delivered to.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
@ -1213,26 +1221,26 @@ SMTPD(8) SMTPD(8)
The location of the Postfix top-level queue directory.
<b><a href="postconf.5.html#recipient_delimiter">recipient_delimiter</a> (empty)</b>
The set of characters that can separate a user name from its
extension (example: user+foo), or a .forward file name from its
The set of characters that can separate a user name from its
extension (example: user+foo), or a .forward file name from its
extension (example: .forward+foo).
<b><a href="postconf.5.html#smtpd_banner">smtpd_banner</a> ($<a href="postconf.5.html#myhostname">myhostname</a> ESMTP $<a href="postconf.5.html#mail_name">mail_name</a>)</b>
The text that follows the 220 status code in the SMTP greeting
The text that follows the 220 status code in the SMTP greeting
banner.
<b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (see 'postconf -d' output)</b>
The mail system name that is prepended to the process name in
syslog records, so that "smtpd" becomes, for example, "post-
The mail system name that is prepended to the process name in
syslog records, so that "smtpd" becomes, for example, "post-
fix/smtpd".
Available in Postfix version 2.2 and later:
<b><a href="postconf.5.html#smtpd_forbidden_commands">smtpd_forbidden_commands</a> (CONNECT, GET, POST)</b>
List of commands that cause the Postfix SMTP server to immedi-
List of commands that cause the Postfix SMTP server to immedi-
ately terminate the session with a 221 code.
Available in Postfix version 2.5 and later:

7
postfix/makedefs
View File

@ -45,6 +45,9 @@
# Do not build with Solaris /dev/poll support.
# By default, /dev/poll support is compiled in on platforms that
# are known to support it.
# .IP \fB-DNO_DNSSEC\fR
# Do not build with DNSSEC support, even if the resolver
# library appears to support it.
# .IP \fB-DNO_EPOLL\fR
# Do not build with Linux EPOLL support.
# By default, EPOLL support is compiled in on platforms that
@ -387,18 +390,21 @@ case "$SYSTEM.$RELEASE" in
;;
AIX.*) case "`uname -v`" in
6) SYSTYPE=AIX6
CCARGS="$CCARGS -DNO_DNSSEC"
case "$CC" in
cc|*/cc|xlc|*/xlc) CCARGS="$CCARGS -w -blibpath:/usr/lib:/lib:/usr/local/lib";;
esac
CCARGS="$CCARGS -D_ALL_SOURCE -DHAS_POSIX_REGEXP"
;;
5) SYSTYPE=AIX5
CCARGS="$CCARGS -DNO_DNSSEC"
case "$CC" in
cc|*/cc|xlc|*/xlc) CCARGS="$CCARGS -w -blibpath:/usr/lib:/lib:/usr/local/lib";;
esac
CCARGS="$CCARGS -D_ALL_SOURCE -DHAS_POSIX_REGEXP"
;;
4) SYSTYPE=AIX4
CCARGS="$CCARGS -DNO_DNSSEC"
# How embarrassing...
case "$CC" in
cc|*/cc|xlc|*/xlc) OPT=; CCARGS="$CCARGS -w -blibpath:/usr/lib:/lib:/usr/local/lib";;
@ -406,6 +412,7 @@ case "$SYSTEM.$RELEASE" in
CCARGS="$CCARGS -D_ALL_SOURCE -DHAS_POSIX_REGEXP"
;;
3) SYSTYPE=AIX3
CCARGS="$CCARGS -DNO_DNSSEC"
# How embarrassing...
case "$CC" in
cc|*/cc|xlc|*/xlc) OPT=; CCARGS="$CCARGS -w";;

9
postfix/man/man5/postconf.5
View File

@ -1851,6 +1851,8 @@ promise that res_query() and res_search() invoke res_send(), which
returns the server response in an application buffer even if the
requested record does not exist. If this promise is broken, specify
"yes" to enable a workaround for DNS reputation lookups.
.PP
This feature is available in Postfix 3.1 and later.
.SH dnsblog_reply_delay (default: 0s)
A debugging aid to artificially delay DNS responses.
.PP
@ -9808,6 +9810,13 @@ The time after which an active SMTPD policy service connection is
closed.
.PP
This feature is available in Postfix 2.1 and later.
.SH smtpd_policy_service_policy_context (default: empty)
Optional information that the Postfix SMTP server specifies in
the "policy_context" attribute of a policy service request (originally,
to share the same service endpoint among multiple check_policy_service
clients).
.PP
This feature is available in Postfix 3.1 and later.
.SH smtpd_policy_service_request_limit (default: 0)
The maximal number of requests per SMTPD policy service connection,
or zero (no limit). Once a connection reaches this limit, the

7
postfix/man/man8/smtpd.8
View File

@ -807,6 +807,13 @@ request before giving up.
.IP "\fBsmtpd_policy_service_retry_delay (1s)\fR"
The delay between attempts to resend a failed SMTPD policy
service request.
.PP
Available in Postfix version 3.1 and later:
.IP "\fBsmtpd_policy_service_policy_context (empty)\fR"
Optional information that the Postfix SMTP server specifies in
the "policy_context" attribute of a policy service request (originally,
to share the same service endpoint among multiple check_policy_service
clients).
.SH "ACCESS CONTROLS"
.na
.nf

1
postfix/mantools/postlink
View File

@ -557,6 +557,7 @@ while (<>) {
s;\bsmtpd_policy_service_default_action\b;<a href="postconf.5.html#smtpd_policy_service_default_action">$&</a>;g;
s;\bsmtpd_policy_service_try_limit\b;<a href="postconf.5.html#smtpd_policy_service_try_limit">$&</a>;g;
s;\bsmtpd_policy_service_retry_delay\b;<a href="postconf.5.html#smtpd_policy_service_retry_delay">$&</a>;g;
s;\bsmtpd_policy_service_policy_context\b;<a href="postconf.5.html#smtpd_policy_service_policy_context">$&</a>;g;
s;\bsmtpd_proxy_ehlo\b;<a href="postconf.5.html#smtpd_proxy_ehlo">$&</a>;g;
s;\bsmtpd_proxy_filter\b;<a href="postconf.5.html#smtpd_proxy_filter">$&</a>;g;
s;\bsmtpd_proxy_timeout\b;<a href="postconf.5.html#smtpd_proxy_timeout">$&</a>;g;

4
postfix/proto/INSTALL.html
View File

@ -810,6 +810,10 @@ platforms that are known to support this feature. If you override
this, then you probably should also override DEF_DB_TYPE as described
in section 4.6. </td> </tr>
<tr> <td> </td> <td> -DNO_DNSSEC </td> <td> Do not build with DNSSEC
support, even if the resolver library appears to support it. </td>
</tr>
<tr> <td> </td> <td> -DNO_DEVPOLL </td> <td> Do not build with
Solaris <tt>/dev/poll</tt> support. By default, <tt>/dev/poll</tt>
support is compiled in on Solaris versions that are known to support

12
postfix/proto/SMTPD_POLICY_README.html
View File

@ -108,6 +108,8 @@ stress=
ccert_pubkey_fingerprint=68:B3:29:DA:98:93:E3:40:99:C7:D8:AD:5C:B9:C9:40
<b>Postfix version 3.0 and later:</b>
client_port=1234
<b>Postfix version 3.1 and later:</b>
policy_context=submission
[empty line]
</pre>
</blockquote>
@ -195,6 +197,10 @@ client_port=1234
<li> <p> The "stress" attribute is either empty or "yes". See
the STRESS_README document for further information. </p>
<li> <p> The "policy_context" attribute provides a way to pass
information that is not available via other attributes (Postfix
version 3.1 and later). </p>
</ul>
<p> The following is specific to SMTPD delegated policy requests:
@ -367,6 +373,12 @@ giving up. Available with Postfix 3.0 and later. </p>
between attempts to resend a failed SMTPD policy service request.
Available with Postfix 3.0 and later. </p>
<li> <p> smtpd_policy_service_policy_context (default: empty):
Optional information that is passed in the "policy_context" attribute
of an SMTPD policy service request (originally, to share the same
SMTPD service endpoint among multiple check_policy_service clients).
Available with Postfix 3.1 and later. </p>
</ul>
<p> Configuration parameters that control the server side of the

15
postfix/proto/postconf.proto
View File

@ -16550,3 +16550,18 @@ promise that res_query() and res_search() invoke res_send(), which
returns the server response in an application buffer even if the
requested record does not exist. If this promise is broken, specify
"yes" to enable a workaround for DNS reputation lookups. </p>
<p>
This feature is available in Postfix 3.1 and later.
</p>
%PARAM smtpd_policy_service_policy_context
<p> Optional information that the Postfix SMTP server specifies in
the "policy_context" attribute of a policy service request (originally,
to share the same service endpoint among multiple check_policy_service
clients). </p>
<p>
This feature is available in Postfix 3.1 and later.
</p>

7
postfix/src/dns/dns.h
View File

@ -52,6 +52,13 @@
(cp) += 4; \
}
#endif
/*
* Disable DNSSEC at compile-time even if RES_USE_DNSSEC is available
*/
#ifdef DISABLE_DNSSEC
#undef RES_USE_DNSSEC
#endif
/*

4
postfix/src/global/mail_params.h
View File

@ -2967,6 +2967,10 @@ extern int var_smtpd_policy_try_delay;
#define DEF_SMTPD_POLICY_DEF_ACTION "451 4.3.5 Server configuration problem"
extern char *var_smtpd_policy_def_action;
#define VAR_SMTPD_POLICY_CONTEXT "smtpd_policy_service_policy_context"
#define DEF_SMTPD_POLICY_CONTEXT ""
extern char *var_smtpd_policy_context;
#define CHECK_POLICY_SERVICE "check_policy_service"
/*

1
postfix/src/global/mail_proto.h
View File

@ -161,6 +161,7 @@ extern char *mail_pathname(const char *, const char *);
#define MAIL_ATTR_STRESS "stress"
#define MAIL_ATTR_LOG_IDENT "log_ident"
#define MAIL_ATTR_RWR_CONTEXT "rewrite_context"
#define MAIL_ATTR_POL_CONTEXT "policy_context"
#define MAIL_ATTR_RWR_LOCAL "local"
#define MAIL_ATTR_RWR_REMOTE "remote"

2
postfix/src/global/mail_version.h
View File

@ -20,7 +20,7 @@
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
#define MAIL_RELEASE_DATE "20150829"
#define MAIL_RELEASE_DATE "20150913"
#define MAIL_VERSION_NUMBER "3.1"
#ifdef SNAPSHOT

9
postfix/src/global/record.c
View File

@ -177,6 +177,7 @@ int rec_put_type(VSTREAM *stream, int type, off_t offset)
if (vstream_fseek(stream, offset, SEEK_SET) < 0
|| VSTREAM_PUTC(type, stream) != type) {
msg_warn("%s: seek or write error", VSTREAM_PATH(stream));
return (REC_TYPE_ERROR);
} else {
return (type);
@ -304,8 +305,12 @@ int rec_get_raw(VSTREAM *stream, VSTRING *buf, ssize_t maxsize, int flags)
continue;
if (type == REC_TYPE_DTXT && (flags & REC_FLAG_SKIP_DTXT) != 0)
continue;
if (type == REC_TYPE_END && (flags & REC_FLAG_SEEK_END) != 0)
(void) vstream_fseek(stream, (off_t) 0, SEEK_END);
if (type == REC_TYPE_END && (flags & REC_FLAG_SEEK_END) != 0
&& vstream_fseek(stream, (off_t) 0, SEEK_END) < 0) {
msg_warn("%s: seek error after reading END record: %m",
VSTREAM_PATH(stream));
return (REC_TYPE_ERROR);
}
break;
}
return (type);

9
postfix/src/smtpd/smtpd.c
View File

@ -757,6 +757,13 @@
/* .IP "\fBsmtpd_policy_service_retry_delay (1s)\fR"
/* The delay between attempts to resend a failed SMTPD policy
/* service request.
/* .PP
/* Available in Postfix version 3.1 and later:
/* .IP "\fBsmtpd_policy_service_policy_context (empty)\fR"
/* Optional information that the Postfix SMTP server specifies in
/* the "policy_context" attribute of a policy service request (originally,
/* to share the same service endpoint among multiple check_policy_service
/* clients).
/* ACCESS CONTROLS
/* .ad
/* .fi
@ -1272,6 +1279,7 @@ int var_smtpd_policy_req_limit;
int var_smtpd_policy_try_limit;
int var_smtpd_policy_try_delay;
char *var_smtpd_policy_def_action;
char *var_smtpd_policy_context;
int var_smtpd_policy_idle;
int var_smtpd_policy_ttl;
char *var_xclient_hosts;
@ -5774,6 +5782,7 @@ int main(int argc, char **argv)
VAR_SMTPD_ACL_PERM_LOG, DEF_SMTPD_ACL_PERM_LOG, &var_smtpd_acl_perm_log, 0, 0,
VAR_SMTPD_UPROXY_PROTO, DEF_SMTPD_UPROXY_PROTO, &var_smtpd_uproxy_proto, 0, 0,
VAR_SMTPD_POLICY_DEF_ACTION, DEF_SMTPD_POLICY_DEF_ACTION, &var_smtpd_policy_def_action, 1, 0,
VAR_SMTPD_POLICY_CONTEXT, DEF_SMTPD_POLICY_CONTEXT, &var_smtpd_policy_context, 0, 0,
VAR_SMTPD_DNS_RE_FILTER, DEF_SMTPD_DNS_RE_FILTER, &var_smtpd_dns_re_filter, 0, 0,
0,
};

14
postfix/src/smtpd/smtpd_check.c
View File

@ -462,6 +462,7 @@ double smtpd_space_multf = 1.5;
typedef struct {
ATTR_CLNT *client; /* client handle */
char *def_action; /* default action */
char *policy_context; /* context of policy request */
} SMTPD_POLICY_CLNT;
/*
@ -483,6 +484,7 @@ static ATTR_OVER_INT int_table[] = {
};
static ATTR_OVER_STR str_table[] = {
21 + VAR_SMTPD_POLICY_DEF_ACTION, 0, 1, 0,
21 + VAR_SMTPD_POLICY_CONTEXT, 0, 1, 0,
0,
};
@ -498,6 +500,7 @@ static ATTR_OVER_STR str_table[] = {
#define smtpd_policy_try_limit_offset 1
#define smtpd_policy_def_action_offset 0
#define smtpd_policy_context_offset 1
/* policy_client_register - register policy service endpoint */
@ -527,6 +530,7 @@ static void policy_client_register(const char *name)
int smtpd_policy_req_limit = var_smtpd_policy_req_limit;
int smtpd_policy_try_limit = var_smtpd_policy_try_limit;
const char *smtpd_policy_def_action = var_smtpd_policy_def_action;
const char *smtpd_policy_context = var_smtpd_policy_context;
link_override_table_to_variable(time_table, smtpd_policy_tmout);
link_override_table_to_variable(time_table, smtpd_policy_idle);
@ -535,6 +539,7 @@ static void policy_client_register(const char *name)
link_override_table_to_variable(int_table, smtpd_policy_req_limit);
link_override_table_to_variable(int_table, smtpd_policy_try_limit);
link_override_table_to_variable(str_table, smtpd_policy_def_action);
link_override_table_to_variable(str_table, smtpd_policy_context);
if (*name == parens[0]) {
cp = saved_name = mystrdup(name);
@ -553,11 +558,12 @@ static void policy_client_register(const char *name)
if (msg_verbose)
msg_info("%s: name=\"%s\" default_action=\"%s\" max_idle=%d "
"max_ttl=%d request_limit=%d retry_delay=%d "
"timeout=%d try_limit=%d",
"timeout=%d try_limit=%d policy_context=\"%s\"",
myname, policy_name, smtpd_policy_def_action,
smtpd_policy_idle, smtpd_policy_ttl,
smtpd_policy_req_limit, smtpd_policy_try_delay,
smtpd_policy_tmout, smtpd_policy_try_limit);
smtpd_policy_tmout, smtpd_policy_try_limit,
smtpd_policy_context);
/*
* Create the client.
@ -574,6 +580,7 @@ static void policy_client_register(const char *name)
ATTR_CLNT_CTL_TRY_DELAY, smtpd_policy_try_delay,
ATTR_CLNT_CTL_END);
policy_client->def_action = mystrdup(smtpd_policy_def_action);
policy_client->policy_context = mystrdup(smtpd_policy_context);
htable_enter(policy_clnt_table, name, (void *) policy_client);
if (saved_name)
myfree(saved_name);
@ -3950,6 +3957,8 @@ static int check_policy_service(SMTPD_STATE *state, const char *server,
SEND_ATTR_INT(MAIL_ATTR_CRYPTO_KEYSIZE,
IF_ENCRYPTED(state->tls_context->cipher_usebits, 0)),
#endif
SEND_ATTR_STR(MAIL_ATTR_POL_CONTEXT,
policy_clnt->policy_context),
ATTR_TYPE_END,
ATTR_FLAG_MISSING, /* Reply attributes. */
RECV_ATTR_STR(MAIL_ATTR_ACTION, action),
@ -5447,6 +5456,7 @@ char *var_relay_ccerts = "";
char *var_mynetworks = "";
char *var_notify_classes = "";
char *var_smtpd_policy_def_action = "";
char *var_smtpd_policy_context = "";
/*
* String-valued configuration parameters.

2
postfix/src/smtpstone/qmqp-sink.c
View File

@ -135,7 +135,7 @@ static void read_data(int unused_event, void *context)
send_reply(state);
return;
}
vstream_fseek(state->stream, 0L, 0);
vstream_fpurge(state->stream, VSTREAM_PURGE_BOTH);
}
/*

34
postfix/src/util/attr.h
View File

@ -25,6 +25,14 @@
#include <nvtable.h>
#include <check_arg.h>
/*
* Delegation for better data abstraction.
*/
typedef int (*ATTR_SCAN_MASTER_FN) (VSTREAM *, int,...);
typedef int (*ATTR_SCAN_SLAVE_FN) (ATTR_SCAN_MASTER_FN, VSTREAM *, int, void *);
typedef int (*ATTR_PRINT_MASTER_FN) (VSTREAM *, int,...);
typedef int (*ATTR_PRINT_SLAVE_FN) (ATTR_PRINT_MASTER_FN, VSTREAM *, int, void *);
/*
* Attribute types. See attr_scan(3) for documentation.
*/
@ -58,7 +66,7 @@
#define SEND_ATTR_NV(val) ATTR_TYPE_NV, CHECK_CPTR(ATTR, NVTABLE, (val))
#define SEND_ATTR_LONG(name, val) ATTR_TYPE_LONG, CHECK_CPTR(ATTR, char, (name)), CHECK_VAL(ATTR, long, (val))
#define SEND_ATTR_DATA(name, len, val) ATTR_TYPE_DATA, CHECK_CPTR(ATTR, char, (name)), CHECK_VAL(ATTR, ssize_t, (len)), CHECK_CPTR(ATTR, void, (val))
#define SEND_ATTR_FUNC(func, val) ATTR_TYPE_FUNC, (func), CHECK_CPTR(ATTR, void, (val))
#define SEND_ATTR_FUNC(func, val) ATTR_TYPE_FUNC, CHECK_VAL(ATTR, ATTR_PRINT_SLAVE_FN, (func)), CHECK_CPTR(ATTR, void, (val))
#define RECV_ATTR_INT(name, val) ATTR_TYPE_INT, CHECK_CPTR(ATTR, char, (name)), CHECK_PTR(ATTR, int, (val))
#define RECV_ATTR_STR(name, val) ATTR_TYPE_STR, CHECK_CPTR(ATTR, char, (name)), CHECK_PTR(ATTR, VSTRING, (val))
@ -66,7 +74,7 @@
#define RECV_ATTR_NV(val) ATTR_TYPE_NV, CHECK_PTR(ATTR, NVTABLE, (val))
#define RECV_ATTR_LONG(name, val) ATTR_TYPE_LONG, CHECK_CPTR(ATTR, char, (name)), CHECK_PTR(ATTR, long, (val))
#define RECV_ATTR_DATA(name, val) ATTR_TYPE_DATA, CHECK_CPTR(ATTR, char, (name)), CHECK_PTR(ATTR, VSTRING, (val))
#define RECV_ATTR_FUNC(func, val) ATTR_TYPE_FUNC, (func), CHECK_PTR(ATTR, void, (val))
#define RECV_ATTR_FUNC(func, val) ATTR_TYPE_FUNC, CHECK_VAL(ATTR, ATTR_SCAN_SLAVE_FN, (func)), CHECK_PTR(ATTR, void, (val))
CHECK_VAL_HELPER_DCL(ATTR, ssize_t);
CHECK_VAL_HELPER_DCL(ATTR, long);
@ -81,6 +89,8 @@ CHECK_CPTR_HELPER_DCL(ATTR, void);
CHECK_CPTR_HELPER_DCL(ATTR, char);
CHECK_CPTR_HELPER_DCL(ATTR, NVTABLE);
CHECK_CPTR_HELPER_DCL(ATTR, HTABLE);
CHECK_VAL_HELPER_DCL(ATTR, ATTR_PRINT_SLAVE_FN);
CHECK_VAL_HELPER_DCL(ATTR, ATTR_SCAN_SLAVE_FN);
/*
* Flags that control processing. See attr_scan(3) for documentation.
@ -93,14 +103,6 @@ CHECK_CPTR_HELPER_DCL(ATTR, HTABLE);
#define ATTR_FLAG_STRICT (ATTR_FLAG_MISSING | ATTR_FLAG_EXTRA)
#define ATTR_FLAG_ALL (07)
/*
* Delegation for better data abstraction.
*/
typedef int (*ATTR_SCAN_MASTER_FN) (VSTREAM *, int,...);
typedef int (*ATTR_SCAN_SLAVE_FN) (ATTR_SCAN_MASTER_FN, VSTREAM *, int, void *);
typedef int (*ATTR_PRINT_MASTER_FN) (VSTREAM *, int,...);
typedef int (*ATTR_PRINT_SLAVE_FN) (ATTR_PRINT_MASTER_FN, VSTREAM *, int, void *);
/*
* Default to null-terminated, as opposed to base64-encoded.
*/
@ -118,8 +120,8 @@ extern int attr_vprint64(VSTREAM *, int, va_list);
/*
* attr_scan64.c.
*/
extern int attr_scan64(VSTREAM *, int,...);
extern int attr_vscan64(VSTREAM *, int, va_list);
extern int WARN_UNUSED_RESULT attr_scan64(VSTREAM *, int,...);
extern int WARN_UNUSED_RESULT attr_vscan64(VSTREAM *, int, va_list);
/*
* attr_print0.c.
@ -130,8 +132,8 @@ extern int attr_vprint0(VSTREAM *, int, va_list);
/*
* attr_scan0.c.
*/
extern int attr_scan0(VSTREAM *, int,...);
extern int attr_vscan0(VSTREAM *, int, va_list);
extern int WARN_UNUSED_RESULT attr_scan0(VSTREAM *, int,...);
extern int WARN_UNUSED_RESULT attr_vscan0(VSTREAM *, int, va_list);
/*
* attr_scan_plain.c.
@ -142,8 +144,8 @@ extern int attr_vprint_plain(VSTREAM *, int, va_list);
/*
* attr_print_plain.c.
*/
extern int attr_scan_plain(VSTREAM *, int,...);
extern int attr_vscan_plain(VSTREAM *, int, va_list);
extern int WARN_UNUSED_RESULT attr_scan_plain(VSTREAM *, int,...);
extern int WARN_UNUSED_RESULT attr_vscan_plain(VSTREAM *, int, va_list);
/*

2
postfix/src/util/base32_code.h
View File

@ -20,7 +20,7 @@
* External interface.
*/
extern VSTRING *base32_encode(VSTRING *, const char *, ssize_t);
extern VSTRING *base32_decode(VSTRING *, const char *, ssize_t);
extern VSTRING *WARN_UNUSED_RESULT base32_decode(VSTRING *, const char *, ssize_t);
/* LICENSE
/* .ad

2
postfix/src/util/base64_code.h
View File

@ -20,7 +20,7 @@
* External interface.
*/
extern VSTRING *base64_encode_opt(VSTRING *, const char *, ssize_t, int);
extern VSTRING *base64_decode_opt(VSTRING *, const char *, ssize_t, int);
extern VSTRING *WARN_UNUSED_RESULT base64_decode_opt(VSTRING *, const char *, ssize_t, int);
#define BASE64_FLAG_NONE 0
#define BASE64_FLAG_APPEND (1<<0)

2
postfix/src/util/edit_file.h
View File

@ -31,7 +31,7 @@ typedef struct {
#define EDIT_FILE_SUFFIX ".tmp"
extern EDIT_FILE *edit_file_open(const char *, int, mode_t);
extern int edit_file_close(EDIT_FILE *);
extern int WARN_UNUSED_RESULT edit_file_close(EDIT_FILE *);
extern void edit_file_cleanup(EDIT_FILE *);
/* LICENSE

2
postfix/src/util/hex_code.h
View File

@ -20,7 +20,7 @@
* External interface.
*/
extern VSTRING *hex_encode(VSTRING *, const char *, ssize_t);
extern VSTRING *hex_decode(VSTRING *, const char *, ssize_t);
extern VSTRING *WARN_UNUSED_RESULT hex_decode(VSTRING *, const char *, ssize_t);
/* LICENSE
/* .ad

3
postfix/src/util/host_port.h
View File

@ -13,7 +13,8 @@
/* External interface. */
extern const char *host_port(char *, char **, char *, char **, char *);
extern const char *WARN_UNUSED_RESULT host_port(char *, char **, char *,
char **, char *);
/* LICENSE
/* .ad

2
postfix/src/util/listen.h
View File

@ -29,7 +29,7 @@ extern int inet_accept(int);
extern int unix_accept(int);
extern int stream_accept(int);
extern int recv_pass_attr(int, HTABLE **, int, ssize_t);
extern int WARN_UNUSED_RESULT recv_pass_attr(int, HTABLE **, int, ssize_t);
extern int pass_accept(int);
extern int pass_accept_attr(int, HTABLE **);

2
postfix/src/util/lstat_as.h
View File

@ -14,7 +14,7 @@
/* External interface. */
extern int lstat_as(const char *, struct stat *, uid_t, gid_t);
extern int WARN_UNUSED_RESULT lstat_as(const char *, struct stat *, uid_t, gid_t);
/* LICENSE
/* .ad

2
postfix/src/util/mac_parse.h
View File

@ -30,7 +30,7 @@
typedef int (*MAC_PARSE_FN) (int, VSTRING *, void *);
extern int mac_parse(const char *, MAC_PARSE_FN, void *);
extern int WARN_UNUSED_RESULT mac_parse(const char *, MAC_PARSE_FN, void *);
/* LICENSE
/* .ad

16
postfix/src/util/myaddrinfo.h
View File

@ -154,14 +154,14 @@ typedef struct {
char buf[MAI_SERVPORT_STRSIZE];
} MAI_SERVPORT_STR;
extern int hostname_to_sockaddr_pf(const char *, int, const char *, int,
struct addrinfo **);
extern int hostaddr_to_sockaddr(const char *, const char *, int,
struct addrinfo **);
extern int sockaddr_to_hostaddr(const struct sockaddr *, SOCKADDR_SIZE,
MAI_HOSTADDR_STR *, MAI_SERVPORT_STR *, int);
extern int sockaddr_to_hostname(const struct sockaddr *, SOCKADDR_SIZE,
MAI_HOSTNAME_STR *, MAI_SERVNAME_STR *, int);
extern int WARN_UNUSED_RESULT hostname_to_sockaddr_pf(const char *,
int, const char *, int, struct addrinfo **);
extern int WARN_UNUSED_RESULT hostaddr_to_sockaddr(const char *,
const char *, int, struct addrinfo **);
extern int WARN_UNUSED_RESULT sockaddr_to_hostaddr(const struct sockaddr *,
SOCKADDR_SIZE, MAI_HOSTADDR_STR *, MAI_SERVPORT_STR *, int);
extern int WARN_UNUSED_RESULT sockaddr_to_hostname(const struct sockaddr *,
SOCKADDR_SIZE, MAI_HOSTNAME_STR *, MAI_SERVNAME_STR *, int);
extern void myaddrinfo_control(int,...);
#define MAI_CTL_END 0 /* list terminator */

2
postfix/src/util/myflock.h
View File

@ -14,7 +14,7 @@
/*
* External interface.
*/
extern int myflock(int, int, int);
extern int WARN_UNUSED_RESULT myflock(int, int, int);
/*
* Lock styles.

12
postfix/src/util/recv_pass_attr.c
View File

@ -13,7 +13,7 @@
/* ssize_t bufsize;
/* DESCRIPTION
/* recv_pass_attr() receives named attributes over the specified
/* The result value is zero for success, -1 for error.
/* descriptor. The result value is zero for success, -1 for error.
/*
/* Arguments:
/* .IP fd
@ -21,7 +21,7 @@
/* .IP attr
/* Pointer to attribute list pointer. The target is set to
/* zero on error or when the received attribute list is empty,
/* ohterwise it is assigned a pointer to non-empty attribute
/* otherwise it is assigned a pointer to non-empty attribute
/* list.
/* .IP timeout
/* The deadline for receiving all attributes.
@ -70,10 +70,10 @@ int recv_pass_attr(int fd, HTABLE **attr, int timeout, ssize_t bufsize)
CA_VSTREAM_CTL_TIMEOUT(timeout),
CA_VSTREAM_CTL_START_DEADLINE,
CA_VSTREAM_CTL_END);
(void) attr_scan(fp, ATTR_FLAG_NONE,
ATTR_TYPE_HASH, *attr = htable_create(1),
ATTR_TYPE_END);
stream_err = (vstream_feof(fp) || vstream_ferror(fp));
stream_err = (attr_scan(fp, ATTR_FLAG_NONE,
ATTR_TYPE_HASH, *attr = htable_create(1),
ATTR_TYPE_END) < 0
|| vstream_feof(fp) || vstream_ferror(fp));
vstream_fdclose(fp);
/*

4
postfix/src/util/sane_fsops.h
View File

@ -13,8 +13,8 @@
/* External interface. */
extern int sane_rename(const char *, const char *);
extern int sane_link(const char *, const char *);
extern int WARN_UNUSED_RESULT sane_rename(const char *, const char *);
extern int WARN_UNUSED_RESULT sane_link(const char *, const char *);
/* LICENSE
/* .ad

2
postfix/src/util/sane_socketpair.h
View File

@ -13,7 +13,7 @@
/* External interface. */
extern int sane_socketpair(int, int, int, int *);
extern int WARN_UNUSED_RESULT sane_socketpair(int, int, int, int *);
/* LICENSE
/* .ad

2
postfix/src/util/stat_as.h
View File

@ -14,7 +14,7 @@
/* External interface. */
extern int stat_as(const char *, struct stat *, uid_t, gid_t);
extern int WARN_UNUSED_RESULT stat_as(const char *, struct stat *, uid_t, gid_t);
/* LICENSE
/* .ad

4
postfix/src/util/stringops.h
View File

@ -45,10 +45,10 @@ extern int alldig(const char *);
extern int allprint(const char *);
extern int allspace(const char *);
extern int allascii_len(const char *, ssize_t);
extern const char *split_nameval(char *, char **, char **);
extern const char *WARN_UNUSED_RESULT split_nameval(char *, char **, char **);
extern int valid_utf8_string(const char *, ssize_t);
extern size_t balpar(const char *, const char *);
extern char *extpar(char **, const char *, int);
extern char *WARN_UNUSED_RESULT extpar(char **, const char *, int);
extern int strcasecmp_utf8x(int, const char *, const char *);
extern int strncasecmp_utf8x(int, const char *, const char *, ssize_t);

22
postfix/src/util/sys_defs.h
View File

@ -1645,6 +1645,28 @@ typedef int pid_t;
#define EXPECTED(x) (x)
#define UNEXPECTED(x) (x)
#endif
#endif
/*
* Warn about ignored function result values that must never be ignored.
* Typically, this is for error results from "read" functions that normally
* write to output parameters (for example, stat- or scanf-like functions)
* or from functions that have other useful side effects (for example,
* fseek- or rename-like functions).
*
* DO NOT use this for functions that write to a stream; it is entirely
* legitimate to detect write errors with fflush() or fclose() only. On the
* other hand most (but not all) functions that read from a stream must
* never ignore result values.
*
* XXX Prepending "(void)" won't shut up GCC. Clang behaves as expected.
*/
#if ((__GNUC__ == 3 && __GNUC_MINOR__ >= 4) || __GNUC__ > 3)
#define WARN_UNUSED_RESULT __attribute__((warn_unused_result))
#elif defined(__clang__) && __has_attribute(warn_unused_result)
#define WARN_UNUSED_RESULT __attribute__((warn_unused_result))
#else
#define WARN_UNUSED_RESULT
#endif
/*

2
postfix/src/util/timed_wait.h
View File

@ -14,7 +14,7 @@
/*
* External interface.
*/
extern int timed_waitpid(pid_t, WAIT_STATUS_T *, int, int);
extern int WARN_UNUSED_RESULT timed_waitpid(pid_t, WAIT_STATUS_T *, int, int);
/* LICENSE
/* .ad

2
postfix/src/util/vstream.h
View File

@ -93,7 +93,7 @@ extern VSTREAM vstream_fstd[]; /* pre-defined streams */
extern VSTREAM *vstream_fopen(const char *, int, mode_t);
extern int vstream_fclose(VSTREAM *);
extern off_t vstream_fseek(VSTREAM *, off_t, int);
extern off_t WARN_UNUSED_RESULT vstream_fseek(VSTREAM *, off_t, int);
extern off_t vstream_ftell(VSTREAM *);
extern int vstream_fpurge(VSTREAM *, int);
extern int vstream_fflush(VSTREAM *);

12
postfix/src/util/vstring_vstream.h
View File

@ -19,12 +19,12 @@
/*
* External interface.
*/
extern int vstring_get(VSTRING *, VSTREAM *);
extern int vstring_get_nonl(VSTRING *, VSTREAM *);
extern int vstring_get_null(VSTRING *, VSTREAM *);
extern int vstring_get_bound(VSTRING *, VSTREAM *, ssize_t);
extern int vstring_get_nonl_bound(VSTRING *, VSTREAM *, ssize_t);
extern int vstring_get_null_bound(VSTRING *, VSTREAM *, ssize_t);
extern int WARN_UNUSED_RESULT vstring_get(VSTRING *, VSTREAM *);
extern int WARN_UNUSED_RESULT vstring_get_nonl(VSTRING *, VSTREAM *);
extern int WARN_UNUSED_RESULT vstring_get_null(VSTRING *, VSTREAM *);
extern int WARN_UNUSED_RESULT vstring_get_bound(VSTRING *, VSTREAM *, ssize_t);
extern int WARN_UNUSED_RESULT vstring_get_nonl_bound(VSTRING *, VSTREAM *, ssize_t);
extern int WARN_UNUSED_RESULT vstring_get_null_bound(VSTRING *, VSTREAM *, ssize_t);
/*
* Backwards compatibility for code that still uses the vstring_fgets()