Postfix 2.1.5

2004-11-13 05:05:16 +00:00 · 2004-11-13 05:05:16 +00:00 · ad512a907d
parent a061928d83
commit ad512a907d
14 changed files with 97 additions and 37 deletions
--- a/gnu/dist/postfix/HISTORY
+++ b/gnu/dist/postfix/HISTORY
@ -9406,3 +9406,49 @@ Apologies for any names omitted.
 	recipient delimiter if one is defined, so that extended
 	addresses don't get extra delivery concurrency slots.
 	Files: *qmgr/qmgr_message.c.
+
+20040714
+
+	Bugfix: the code to eliminate the local MTA from the MX
+	address list did not handle the case that inet_interfaces
+	produced a less preferred match than proxy_interfaces.
+	Victor Duchovni, Morgan Stanley. File: smtp/smtp_addr.c.
+
+20040723
+
+	Safety: spawn(8) now rejects a user with the -1 UID or GID
+	value, so that commands will not end up running as root.
+	Files:  util/spawn_command.c, spawn/spawn.c.
+
+	Bugfix: "421 Timeout exceeded" wasn't guarded by setjmp().
+	Victor Duchovni, Morgan Stanley. File: smtpd/smtpd.c.
+
+20040801
+
+	Portability: h_errno is not an lvalue in the UnixWare 7.1
+	multi-threaded environment. Olivier PRENANT.
+
+20040812
+
+	Bugfix: update SMTP server error counter when a client is
+	denied access with smtpd_delay_reject=no.
+
+20040817
+
+	Bugfix: The smtp_chat_cmd() output flushing code in the
+	SMTP client could run before an I/O error handler was set
+	up.  Problem diagnosed by Victor Duchovni, Morgan Stanley.
+	The fix is to disable the smtp_chat_cmd() output flushing
+	code as it duplicates better code in smtp_loop().  File:
+	smtp/smtp_chat.c.
+
+20030823
+
+	Bugfix: vstream_popen() did not close the child pipe after
+	failure to fork(). File: util/vstream_popen.c.
+
+20040913
+
+	Bugfix (introduced 20020803): sent the wrong bounce message
+	type when a Delivered-To: loop was detected for a mailing
+	list alias.  Nicolas Riendeau. File: bounce_notify_util.c.
--- a/gnu/dist/postfix/conf/header_checks
+++ b/gnu/dist/postfix/conf/header_checks
@ -297,7 +297,7 @@
 # 
 #        /etc/postfix/header_checks:
 #            /^content-(type|disposition):.*name[[:space:]]*=.*\.(exe|vbs)/
-#                REJECT Bad attachment file name extension: $1
+#                REJECT Bad attachment file name extension: $2
 # 
 #        Body pattern to stop a specific HTML browser vulnerability
 #        exploit.
--- a/gnu/dist/postfix/examples/smtpd-policy/spf.pl
+++ b/gnu/dist/postfix/examples/smtpd-policy/spf.pl
@ -196,7 +196,7 @@ sub sender_permitted_from {

  if    ($result eq "pass")  { return "DUNNO"; }
  elsif ($result eq "fail")  { return "REJECT " . ($smtp_comment || $header_comment); }
-  elsif ($result eq "error") { return "450 temporary failure: $smtp_comemnt"; }
+  elsif ($result eq "error") { return "450 temporary failure: $smtp_comment"; }
  else                       { return "DUNNO"; }
  # unknown, softfail, and none all return DUNNO

--- a/gnu/dist/postfix/html/header_checks.5.html
+++ b/gnu/dist/postfix/html/header_checks.5.html
@ -303,7 +303,7 @@ HEADER_CHECKS(5)                                 HEADER_CHECKS(5)

       /etc/postfix/header_checks:
           /^content-(type|disposition):.*name[[:space:]]*=.*\.(exe|vbs)/
-               REJECT Bad attachment file name extension: $1
+               REJECT Bad attachment file name extension: $2

       Body pattern to stop a specific HTML browser vulnerability
       exploit.
--- a/gnu/dist/postfix/html/postconf.5.html
+++ b/gnu/dist/postfix/html/postconf.5.html
@ -4854,10 +4854,10 @@ optional address extension.
 address extension.

 <li> Look up the "user+extension" address local part when the
-recipient domain equals $<a href="postconf.5.html#myorigin">myorigin</a>, $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a>
+sender domain equals $<a href="postconf.5.html#myorigin">myorigin</a>, $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a>
 or $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>.

-<li> Look up the "user" address local part when the recipient domain
+<li> Look up the "user" address local part when the sender domain
 equals $<a href="postconf.5.html#myorigin">myorigin</a>, $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> or $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>.

 <li> Look up the "@domain.tld" part.
@ -6663,9 +6663,8 @@ from filling up with undeliverable MAILER-DAEMON messages.
 or $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>, but the recipient is not listed in
 $<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a>, and $<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> is not null.

-<li> The recipient domain matches $<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> but the
-recipient is not listed in $<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a>, and $<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a>
-is not null.
+<li> The recipient domain matches $<a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a> but the
+recipient is not listed in $<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a>.

 <li> The recipient domain matches $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a> but the
 recipient is not listed in $<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>, and $<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>
@ -6698,9 +6697,8 @@ of forged mail from worms or viruses.  </p>
 $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>, but the recipient is not listed in
 $<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a>, and $<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> is not null.

-<li> The sender domain matches $<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> but the recipient
-is not listed in $<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a>, and $<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> is
-not null.
+<li> The sender domain matches $<a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a> but the recipient
+is not listed in $<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a>.

 <li> The sender domain matches $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a> but the
 recipient is not listed in $<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>, and $<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>
--- a/gnu/dist/postfix/man/man5/header_checks.5
+++ b/gnu/dist/postfix/man/man5/header_checks.5
@ -1,4 +1,4 @@
-.\"	$NetBSD: header_checks.5,v 1.1.1.3 2004/07/28 22:49:03 heas Exp $
+.\"	$NetBSD: header_checks.5,v 1.1.1.4 2004/11/13 05:05:30 heas Exp $
 .\"
 .TH HEADER_CHECKS 5 
 .ad
@ -284,7 +284,7 @@ header_checks = regexp:/etc/postfix/header_checks
 .ti +4
 /^content-(type|disposition):.*name[[:space:]]*=.*\\.(exe|vbs)/
 .ti +8
-REJECT Bad attachment file name extension: $1
+REJECT Bad attachment file name extension: $2

 .ad
 .fi
--- a/gnu/dist/postfix/proto/header_checks
+++ b/gnu/dist/postfix/proto/header_checks
@ -262,7 +262,7 @@
 # .ti +4
 #	/^content-(type|disposition):.*name[[:space:]]*=.*\\.(exe|vbs)/
 # .ti +8
-#	REJECT Bad attachment file name extension: $1
+#	REJECT Bad attachment file name extension: $2
 #
 # .ad
 # .fi
--- a/gnu/dist/postfix/proto/postconf.proto
+++ b/gnu/dist/postfix/proto/postconf.proto
@ -3004,10 +3004,10 @@ optional address extension.
 address extension.

 <li> Look up the "user+extension" address local part when the
-recipient domain equals $myorigin, $mydestination, $inet_interfaces
+sender domain equals $myorigin, $mydestination, $inet_interfaces
 or $proxy_interfaces.

-<li> Look up the "user" address local part when the recipient domain
+<li> Look up the "user" address local part when the sender domain
 equals $myorigin, $mydestination, $inet_interfaces or $proxy_interfaces.

 <li> Look up the "@domain.tld" part.
@ -6345,9 +6345,8 @@ from filling up with undeliverable MAILER-DAEMON messages.
 or $proxy_interfaces, but the recipient is not listed in
 $local_recipient_maps, and $local_recipient_maps is not null.

-<li> The recipient domain matches $virtual_alias_maps but the
-recipient is not listed in $virtual_alias_maps, and $virtual_alias_maps
-is not null.
+<li> The recipient domain matches $virtual_alias_domains but the
+recipient is not listed in $virtual_alias_maps.

 <li> The recipient domain matches $virtual_mailbox_domains but the
 recipient is not listed in $virtual_mailbox_maps, and $virtual_mailbox_maps
@ -6376,9 +6375,8 @@ of forged mail from worms or viruses.  </p>
 $proxy_interfaces, but the recipient is not listed in
 $local_recipient_maps, and $local_recipient_maps is not null.

-<li> The sender domain matches $virtual_alias_maps but the recipient
-is not listed in $virtual_alias_maps, and $virtual_alias_maps is
-not null.
+<li> The sender domain matches $virtual_alias_domains but the recipient
+is not listed in $virtual_alias_maps.

 <li> The sender domain matches $virtual_mailbox_domains but the
 recipient is not listed in $virtual_mailbox_maps, and $virtual_mailbox_maps
--- a/gnu/dist/postfix/src/bounce/bounce_notify_util.c
+++ b/gnu/dist/postfix/src/bounce/bounce_notify_util.c
@ -1,4 +1,4 @@
-/*	$NetBSD: bounce_notify_util.c,v 1.1.1.7 2004/05/31 00:24:26 heas Exp $	*/
+/*	$NetBSD: bounce_notify_util.c,v 1.1.1.8 2004/11/13 05:05:38 heas Exp $	*/

 /*++
 /* NAME
@ -347,12 +347,10 @@ BOUNCE_INFO *bounce_mail_one_init(const char *queue_name,
     * Initialize the bounce_info structure. Forge a logfile record for just
     * one recipient.
     */
-#define REALLY_BOUNCE	1
-
    log_handle = bounce_log_forge(orig_recipient, recipient, offset, dsn_status,
 				  dsn_action, why);
    bounce_info = bounce_mail_alloc("none", queue_name, queue_id,
-				    encoding, REALLY_BOUNCE, log_handle);
+				    encoding, BOUNCE_MSG_FAIL, log_handle);
    return (bounce_info);
 }

--- a/gnu/dist/postfix/src/global/mail_version.h
+++ b/gnu/dist/postfix/src/global/mail_version.h
@ -1,4 +1,4 @@
-/*	$NetBSD: mail_version.h,v 1.1.1.16 2004/07/28 22:49:16 heas Exp $	*/
+/*	$NetBSD: mail_version.h,v 1.1.1.17 2004/11/13 05:05:43 heas Exp $	*/

 #ifndef _MAIL_VERSION_H_INCLUDED_
 #define _MAIL_VERSION_H_INCLUDED_
@ -22,8 +22,8 @@
  * Patches change the patchlevel and the release date. Snapshots change the
  * release date only.
  */
-#define MAIL_RELEASE_DATE	"20040628"
-#define MAIL_VERSION_NUMBER	"2.1.4"
+#define MAIL_RELEASE_DATE	"20040915"
+#define MAIL_VERSION_NUMBER	"2.1.5"

 #define VAR_MAIL_VERSION	"mail_version"
 #ifdef SNAPSHOT
--- a/gnu/dist/postfix/src/smtp/smtp_chat.c
+++ b/gnu/dist/postfix/src/smtp/smtp_chat.c
@ -1,4 +1,4 @@
-/*	$NetBSD: smtp_chat.c,v 1.1.1.5 2004/05/31 00:24:46 heas Exp $	*/
+/*	$NetBSD: smtp_chat.c,v 1.1.1.6 2004/11/13 05:05:53 heas Exp $	*/

 /*++
 /* NAME
@ -152,6 +152,13 @@ void    smtp_chat_cmd(SMTP_STATE *state, char *fmt,...)
     */
    smtp_fputs(STR(state->buffer), LEN(state->buffer), session->stream);

+    /*
+     * This code is in the wrong place and can run before an I/O error
+     * handler is set up. To make matters worse, this code pre-empts better
+     * output flushing code that sits in the smtp_xfer() routine.
+     */
+#if 0
+
    /*
     * Flush unsent data to avoid timeouts after slow DNS lookups.
     */
@ -165,6 +172,7 @@ void    smtp_chat_cmd(SMTP_STATE *state, char *fmt,...)
 	vstream_longjmp(session->stream, SMTP_ERR_TIME);
    if (vstream_ferror(session->stream))
 	vstream_longjmp(session->stream, SMTP_ERR_EOF);
+#endif
 }

 /* smtp_chat_resp - read and process SMTP server response */
--- a/gnu/dist/postfix/src/spawn/spawn.c
+++ b/gnu/dist/postfix/src/spawn/spawn.c
@ -1,4 +1,4 @@
-/*	$NetBSD: spawn.c,v 1.1.1.5 2004/07/28 22:49:30 heas Exp $	*/
+/*	$NetBSD: spawn.c,v 1.1.1.6 2004/11/13 05:05:59 heas Exp $	*/

 /*++
 /* NAME
@ -249,6 +249,10 @@ static void get_service_attr(SPAWN_ATTR *attr, char *service, char **argv)
 	msg_fatal("request to use privileged group id %ld", (long) attr->gid);
    if (attr->gid == var_owner_gid)
 	msg_fatal("request to use mail system owner group id %ld", (long) attr->gid);
+    if (attr->uid == (uid_t) (-1))
+	msg_fatal("user must not have user ID -1");
+    if (attr->gid == (gid_t) (-1))
+	msg_fatal("user must not have group ID -1");

    /*
     * Give the poor tester a clue of what is going on.
--- a/gnu/dist/postfix/src/util/spawn_command.c
+++ b/gnu/dist/postfix/src/util/spawn_command.c
@ -1,4 +1,4 @@
-/*	$NetBSD: spawn_command.c,v 1.1.1.2 2004/05/31 00:25:01 heas Exp $	*/
+/*	$NetBSD: spawn_command.c,v 1.1.1.3 2004/11/13 05:06:03 heas Exp $	*/

 /*++
 /* NAME
@ -45,9 +45,11 @@
 /*	Each of these specifies I/O redirection of one of the standard file
 /*	descriptors for the command.
 /* .IP "SPAWN_CMD_UID (int)"
-/*	The user ID to execute the command as.
+/*	The user ID to execute the command as. The value -1 is reserved
+/*	and cannot be specified.
 /* .IP "SPAWN_CMD_GID (int)"
-/*	The group ID to execute the command as.
+/*	The group ID to execute the command as. The value -1 is reserved
+/*	and cannot be specified.
 /* .IP "SPAWN_CMD_TIME_LIMIT (int)"
 /*	The amount of time in seconds the command is allowed to run before
 /*	it is terminated with SIGKILL. The default is no time limit.
@ -164,10 +166,14 @@ static void get_spawn_args(struct spawn_args * args, int init_key, va_list ap)
 	    args->stderr_fd = va_arg(ap, int);
 	    break;
 	case SPAWN_CMD_UID:
-	    args->uid = va_arg(ap, int);	/* in case uid_t is short */
+	    args->uid = va_arg(ap, uid_t);
+	    if (args->uid == (uid_t) (-1))
+		msg_panic("spawn_command: request with reserved user ID: -1");
 	    break;
 	case SPAWN_CMD_GID:
-	    args->gid = va_arg(ap, int);	/* in case gid_t is short */
+	    args->gid = va_arg(ap, gid_t);
+	    if (args->gid == (gid_t) (-1))
+		msg_panic("spawn_command: request with reserved group ID: -1");
 	    break;
 	case SPAWN_CMD_TIME_LIMIT:
 	    args->time_limit = va_arg(ap, int);
--- a/gnu/dist/postfix/src/util/vstream_popen.c
+++ b/gnu/dist/postfix/src/util/vstream_popen.c
@ -1,4 +1,4 @@
-/*	$NetBSD: vstream_popen.c,v 1.1.1.2 2004/05/31 00:25:02 heas Exp $	*/
+/*	$NetBSD: vstream_popen.c,v 1.1.1.3 2004/11/13 05:06:04 heas Exp $	*/

 /*++
 /* NAME
@ -215,6 +215,8 @@ VSTREAM *vstream_popen(int flags,...)

    switch (pid = fork()) {
    case -1:					/* error */
+	(void) close(sockfd[0]);
+	(void) close(sockfd[1]);
 	return (0);
    case 0:					/* child */
 	if (close(sockfd[1]))