postfix 20010228-pl03

gnu/dist/postfix/HISTORY

@@ -5024,3 +5024,42 @@ Apologies for any names omitted.
 	a 4xx temporary error code when, for example, an LDAP or
 	mysql server was unavailable. Remotely based on a fix by
 	Robert Kiessling @ de.easynet.net. File: smtpd/smtpd_check.c.
+
+20010501
+
+	Bugfix: The SMTP server's 550 in reply to DATA should be
+	a 554 response.  And it wasn't Sendmail. Claus Assman.
+
+	Bugfix: the INSTALL.sh test for non-interactive upgrade
+	broke rooted installations that specify settings via the
+	environment.  Simon Mudd.
+
+	Bugfix: mailq output is now really flushed one message at
+	a time. File: sendmail/sendmail.c.
+
+20010507
+
+	Bugfix: with soft_bounce=yes, the SMTP server would log
+	5xx replies even though it would send 4xx replies to the
+	client (Phil Howard, ipal.net). File: smtpd/smtpd_check.c.
+
+20010523
+
+	Bugfix: postsuper's temporary file detection logic needed
+	fixing.
+
+	Bugfix: memory leak in the LDAP client module. Alain
+	Thivillon, France Teaser - Groupe Firstream.
+
+20010525
+
+	Bugfix: the SMTP and LMTP clients claimed that a queue file
+	needed to be delivered again (even when all recipients were
+	erased from the queue file) when no QUIT or RSET reply was
+	received (by default, this does not happen with SMTP mail
+	because the SMTP client does not wait for QUIT replies and
+	does not send RSET to deliver mail).  As a result of the
+	same bug the LMTP client followed a dangling pointer when
+	sending QUIT after process idle timeout while the LMTP
+	server had disconnected.  Files:  smtp/smtp_proto.c,
+	lmtp/lmtp_proto.c.

gnu/dist/postfix/INSTALL.sh

@@ -166,15 +166,17 @@ test -f $CONFIG_DIRECTORY/main.cf && {
     done
 }
 
-test -f $CONFIG_DIRECTORY/install.cf && . $CONFIG_DIRECTORY/install.cf || {
+if [ -f $CONFIG_DIRECTORY/install.cf ]
-    test -t 0 || {
+then
-	echo Non-interactive install needs the $CONFIG_DIRECTORY/install.cf 1>&2
+    . $CONFIG_DIRECTORY/install.cf
-	echo file from a previous Postfix installation. 1>&2
+elif [ ! -t 0 -a -z "$install_root" ]
-	echo 1>&2
+then
-	echo Use interactive installation instead. 1>&2
+    echo Non-interactive install needs the $CONFIG_DIRECTORY/install.cf 1>&2
-	exit 1
+    echo file from a previous Postfix installation. 1>&2
-    }
+    echo 1>&2
-}
+    echo Use interactive installation instead. 1>&2
+    exit 1
+fi
 
 # Override default settings.
 

gnu/dist/postfix/SASL_README

@@ -186,6 +186,16 @@ remote part of an email address).
 	foo.com		username:password
 	bar.com		username
 
+Note: some SMTP servers support PLAIN or LOGIN authentication only.
+By default, the Postfix SMTP client does not use authentication
+methods that send plaintext passwords, and defers delivery with
+the following error message:  "Authentication failed: cannot SASL
+authenticate to server". To enable plaintext authentication specify,
+for example:
+
+    /etc/postfix/main.cf:
+	smtp_sasl_security_options = 
+
 The SASL client password file is opened before the SMTP server
 enters the optional chroot jail, so you can keep the file in
 /etc/postfix.

gnu/dist/postfix/conf/main.cf

@@ -98,8 +98,10 @@ mail_owner = postfix
 #inet_interfaces = $myhostname, localhost
 
 # The mydestination parameter specifies the list of domains that this
-# machine considers itself the final destination for. That does not
+# machine considers itself the final destination for. That includes
-# include domains that are hosted on this machine. Those domains are
+# Sendmail-style virtual domains hosted on this machine.
+#
+# Do not include Postfix-style virtual domains - those domains are
 # specified elsewhere (see sample-virtual.cf, and sample-transport.cf).
 #
 # The default is $myhostname + localhost.$mydomain.  On a mail domain

gnu/dist/postfix/conf/sample-ldap.cf

@@ -5,8 +5,8 @@
 # parameters that control LDAP lookups. Source code for LDAP
 # lookup is available separately from http://www.postfix.org/
 
-# The ldap_lookup_timeout parameter specifies the timeout for LDAP
+# The ldap_timeout parameter specifies the timeout for LDAP database
-# database lookups.
+# lookups.
 #
 #ldap_timeout = 10
 

gnu/dist/postfix/conf/sample-misc.cf

@@ -165,7 +165,11 @@ max_idle = 100s
 max_use = 100
 
 # The mydestination parameter specifies the list of domains that this
-# machine considers itself the final destination for.
+# machine considers itself the final destination for. That includes
+# Sendmail-style virtual domains hosted on this machine.
+#
+# Do not include Postfix-style virtual domains - those domains are
+# specified elsewhere (see sample-virtual.cf, and sample-transport.cf).
 #
 # The default is $myhostname + localhost.$mydomain.  On a mail domain
 # gateway, you should also include $mydomain. Do not specify the

gnu/dist/postfix/conf/sample-smtpd.cf

@@ -333,7 +333,7 @@ allow_untrusted_routing = no
 # network address, and reject service if it is listed below any of
 # the following domains.
 #
-#maps_rbl_domains = blackholes.mail-abuse.org dialups.mail-abuse.org
+#maps_rbl_domains = blackholes.mail-abuse.org relays.mail-abuse.org
 maps_rbl_domains = blackholes.mail-abuse.org
 
 # The relay_domains parameter restricts what client hostname domains

gnu/dist/postfix/html/faq.html

@@ -1261,7 +1261,7 @@ Question:
 
 My Postfix server is too slow. When I telnet to the SMTP port
 (<tt>telnet hostname 25</tt>), the response comes after 40 seconds.
-On the other hand, when I telnet to the the POP port (<tt>telnet
+On the other hand, when I telnet to the POP port (<tt>telnet
 hostname 110</tt>) the response comes with no delay.
 
 </blockquote>
@@ -1366,8 +1366,9 @@ record, and that this one PTR record needs a matching A record.
 Some people read the RFCs such that one IP address can have multiple
 PTR records, but that makes PTR records even less useful than they
 already are. And in any case, having multiple names per IP address
-would only worsen the problem of finding out the "official name"
+only worsens the problem of finding out the SMTP client hostname.
-of a machine's IP address.
+
+<hr>
 
 <a name="open_relay"><h3>Help! Postfix is an open relay</h3>
 
@@ -1614,7 +1615,7 @@ The implementation uses two lookup tables. One table defines what
 users are restricted in where they can send mail, and the other
 table defines what destinations are local. It is left as an exercise
 for the reader to change this into a scheme where only some users
-have permission to send send mail to off-site destinations, and
+have permission to send mail to off-site destinations, and
 where most users are restricted.
 
 <p>
@@ -2180,7 +2181,7 @@ types Postfix supports, use the command <b>postconf -m</b>.
 <p>
 
 <li>Execute the command <b>postmap /etc/postfix/virtual</b> whenever
-you edit the the <b>virtual</b> table.
+you edit the <b>virtual</b> table.
 
 <p>
 

gnu/dist/postfix/src/global/mail_conf_bool.c

@@ -7,12 +7,10 @@
 /*	#include <mail_conf.h>
 /*
 /*	int	get_mail_conf_bool(name, defval)
-/*	const char *path;
 /*	const char *name;
 /*	int	defval;
 /*
 /*	int	get_mail_conf_bool_fn(name, defval)
-/*	const char *path;
 /*	const char *name;
 /*	int	(*defval)();
 /*

gnu/dist/postfix/src/global/mail_version.h

@@ -15,7 +15,7 @@
   * Version of this program.
   */
 #define VAR_MAIL_VERSION	"mail_version"
-#define DEF_MAIL_VERSION	"Postfix-20010228-pl02"
+#define DEF_MAIL_VERSION	"Postfix-20010228-pl03"
 extern char *var_mail_version;
 
 /* LICENSE

gnu/dist/postfix/src/lmtp/lmtp.c

@@ -420,6 +420,13 @@ static int deliver_message(DELIVER_REQUEST *request, char **unused_argv)
     result = state->status;
     lmtp_chat_reset(state);
 
+    /*
+     * XXX State persists until idle timeout, but these fields will be
+     * dangling pointers. Nuke them.
+     */
+    state->request = 0;
+    state->src = 0;
+
     return (result);
 }
 

gnu/dist/postfix/src/lmtp/lmtp_proto.c

@@ -139,6 +139,9 @@
   * same code that implements command pipelining, so that we can borrow from
   * the existing code for exception handling and error reporting.
   * 
+  * Client states that are associated with sending mail (up to and including
+  * SMTP_STATE_DOT) must have smaller numerical values than the non-sending
+  * states (SMTP_STATE_ABORT .. SMTP_STATE_LAST).
   */
 #define LMTP_STATE_MAIL		0
 #define LMTP_STATE_RCPT		1
@@ -313,6 +316,9 @@ static int lmtp_loop(LMTP_STATE *state, int send_state, int recv_state)
 #define SENDER_IN_WAIT_STATE \
 	(send_state == LMTP_STATE_DOT || send_state == LMTP_STATE_LAST)
 
+#define SENDING_MAIL \
+	(recv_state <= LMTP_STATE_DOT)
+
     /*
      * Pipelining support requires two loops: one loop for sending and one
      * for receiving. Each loop has its own independent state. Most of the
@@ -454,8 +460,8 @@ static int lmtp_loop(LMTP_STATE *state, int send_state, int recv_state)
 		smtp_timeout_setup(state->session->stream,
 				   *xfer_timeouts[recv_state]);
 		if ((except = vstream_setjmp(state->session->stream)) != 0)
-		    RETURN(lmtp_stream_except(state, except,
+		    RETURN(SENDING_MAIL ? lmtp_stream_except(state, except,
-					      xfer_states[recv_state]));
+					     xfer_states[recv_state]) : -1);
 		resp = lmtp_chat_resp(state);
 
 		/*

gnu/dist/postfix/src/postsuper/postsuper.c

@@ -238,11 +238,19 @@ static void super(char **queues, int action)
 	    }
 
 	    /*
-	     * Skip temporary files that aren't old enough.
+	     * Skip over files with illegal names. The library routines
+	     * refuse to operate on them.
 	     */
 	    if (mail_queue_id_ok(path) == 0)
 		continue;
 
+	    /*
+	     * Skip temporary files that aren't old enough.
+	     */
+	    if (qp->perms == MAIL_QUEUE_STAT_READY
+		&& (st.st_mode & S_IRWXU) != qp->perms)
+		continue;
+
 	    /*
 	     * See if this file sits in the right place in the file system
 	     * hierarchy. Its place may be wrong after a change to the

gnu/dist/postfix/src/sendmail/sendmail.c

@@ -34,12 +34,13 @@
 /*	the reason for failure is shown. This mode of operation is implemented
 /*	by connecting to the \fBshowq\fR(8) daemon.
 /* .IP \fBnewaliases\fR
-/*	Initialize the alias database. If no alias database type is
+/*	Initialize the alias database.  If no input file is specified (with
-/*	specified, the program uses the type specified in the
+/*	the \fB-oA\fR option, see below), the program processes the file(s)
-/*	\fBdatabase_type\fR configuration parameter; if no input file
+/*	specified with the \fBalias_database\fR configuration parameter.
-/*	is specified, the program processes the file(s) specified with the
+/*	If no alias database type is specified, the program uses the type
-/*	\fBalias_database\fR configuration parameter. This mode of operation
+/*	specified with the \fBdatabase_type\fR configuration parameter.
-/*	is implemented by running the \fBpostalias\fR(1) command.
+/*	This mode of operation is implemented by running the \fBpostalias\fR(1)
+/*	command.
 /* .sp
 /*	Note: it may take a minute or so before an alias database update
 /*	becomes visible. Use the \fBpostfix reload\fR command to eliminate
@@ -517,12 +518,10 @@ static void show_queue(void)
     signal(SIGPIPE, SIG_DFL);
     if ((showq = mail_connect(MAIL_CLASS_PUBLIC, MAIL_SERVICE_SHOWQ, BLOCKING)) != 0) {
 	while ((n = vstream_fread(showq, buf, sizeof(buf))) > 0)
-	    if (vstream_fwrite(VSTREAM_OUT, buf, n) != n)
+	    if (vstream_fwrite(VSTREAM_OUT, buf, n) != n
+		|| vstream_fflush(VSTREAM_OUT) != 0)
 		msg_fatal("write error: %m");
 
-	if (vstream_fflush(VSTREAM_OUT))
-	    msg_fatal("write error: %m");
-
 	if (vstream_fclose(showq))
 	    msg_warn("close: %m");
     }
@@ -949,6 +948,8 @@ int     main(int argc, char **argv)
     case SM_MODE_NEWALIAS:
 	if (argv[OPTIND])
 	    msg_fatal("alias initialization mode requires no recipient");
+	if (*var_alias_db_map == 0)
+	    return (0);
 	ext_argv = argv_alloc(2);
 	argv_add(ext_argv, "postalias", (char *) 0);
 	for (n = 0; n < msg_verbose; n++)

gnu/dist/postfix/src/smtp/smtp_proto.c

@@ -114,6 +114,10 @@
   * By default, the receiver skips the QUIT response. Some SMTP servers
   * disconnect after responding to ".", and some SMTP servers wait before
   * responding to QUIT.
+  * 
+  * Client states that are associated with sending mail (up to and including
+  * SMTP_STATE_DOT) must have smaller numerical values than the non-sending
+  * states (SMTP_STATE_ABORT .. SMTP_STATE_LAST).
   */
 #define SMTP_STATE_MAIL		0
 #define SMTP_STATE_RCPT		1
@@ -294,6 +298,9 @@ int     smtp_xfer(SMTP_STATE *state)
 #define SENDER_IN_WAIT_STATE \
 	(send_state == SMTP_STATE_DOT || send_state == SMTP_STATE_LAST)
 
+#define SENDING_MAIL \
+	(recv_state <= SMTP_STATE_DOT)
+
     /*
      * We use SMTP command pipelining if the server said it supported it.
      * Since we use blocking I/O, RFC 2197 says that we should inspect the
@@ -451,8 +458,8 @@ int     smtp_xfer(SMTP_STATE *state)
 		smtp_timeout_setup(state->session->stream,
 				   *xfer_timeouts[recv_state]);
 		if ((except = vstream_setjmp(state->session->stream)) != 0)
-		    RETURN(smtp_stream_except(state, except,
+		    RETURN(SENDING_MAIL ? smtp_stream_except(state, except,
-					      xfer_states[recv_state]));
+					     xfer_states[recv_state]) : -1);
 		resp = smtp_chat_resp(state);
 
 		/*

gnu/dist/postfix/src/smtpd/smtpd.c

@@ -834,7 +834,7 @@ static int data_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *unused_argv)
 	    state->error_mask |= MAIL_ERROR_PROTOCOL;
 	    smtpd_chat_reply(state, "503 Error: need RCPT command");
 	} else {
-	    smtpd_chat_reply(state, "550 Error: no valid recipients");
+	    smtpd_chat_reply(state, "554 Error: no valid recipients");
 	}
 	return (-1);
     }

gnu/dist/postfix/src/util/dict_ldap.c

@@ -584,6 +584,8 @@ static const char *dict_ldap_lookup(DICT *dict, const char *name)
 	ldap_msgfree(res);
     if (filter_buf != 0)
 	vstring_free(filter_buf);
+    if (escaped_name != 0) 
+	vstring_free(escaped_name);
 
     /*
      * If we had an error, return nothing, Otherwise, return the result, if

gnu/dist/postfix/src/util/sane_link.c

@@ -6,7 +6,7 @@
 /* SYNOPSIS
 /*	#include <sane_fsops.h>
 /*
-/*	int	sane_link(old, new)
+/*	int	sane_link(from, to)
 /*	const char *from;
 /*	const char *to;
 /* DESCRIPTION

gnu/dist/postfix/src/util/writable.c

@@ -10,7 +10,7 @@
 /*	int	fd;
 /* DESCRIPTION
 /*	writable() asks the kernel if the specified file descriptor
-/*	is writable, i.e. a read operation would not block.
+/*	is writable, i.e. a write operation would not block.
 /*
 /*	Arguments:
 /* .IP fd