Remove hardcoded argument to .Os
Remove extra arguments to .Dt
The extra arguments to .Dt were being parsed as the machine architecture for
the man page by mandoc parser, because of which the output of apropos(1) would show
it as file/ntp.keys(5). Same problem exists with other ntp man pages as well.
Committing with approval from Christos, we will investigate and fix the problems
in the source when regenerating the man pages next time.
restore ABI compatibility with previous releases for ieeefp.h on sh3.
add namespace.h protection for all the fenv interfaces.
use MKSOFTFLOAT on sh3 instead of assuming softfloat.
standardize on comparing MKSOFTFLOAT with "no".
remove the arm-specific softfloat fenv code (which also had several bugs).
fix logic errors in the arm hardfloat feraiseexcept() and feupdateenv().
Summary of changes in tzdata2017b (2017-03-17 07:30:38 -0700):
Haiti resumed observance of DST in 2017 (on Mar 12)
Liberia changed from -004430 to +00 on 1972-01-07, not 1972-05-01.
Use "MMT" to abbreviate Liberia's time zone before 1972,
as "-004430" (tzdata2016a) is one byte over the POSIX limit.
--- MAJOR NEW FEATURES ---
* apropos(1): Reimplement complete semantic search functionality
without the dependency on SQLite3, using only POSIX APIs.
This comes with a completely new mandoc.db(5) file format.
* man(1): Support more than one tag entry for the same search term,
plus some minor improvements to the less(1) :t support.
* -Thtml: Use real macro names for CSS classes.
Systematic cleanup of and many improvements to mandoc.css.
* -Thtml: Produce human readable HTML code by using indentation
and better line breaks. Improve various HTML elements,
and trim several useless ones.
* New catman(8) utility, still somewhat experimental.
* Now includes a portable version of the OpenBSD mandoc regression
suite, see regress/regress.pl.1 for details.
--- REMOVED FUNCTIONALITY ---
* Operating systems that don't provide mmap(3) are no longer supported.
* Drop support for manpath(1). Even if your system has manpath(1),
it is simpler to use MANPATH_DEFAULT in configure.local for
operating system defaults, man.conf(5) for machine-specific
modifications, and ${MANPATH}, -m, and -M for user preferences
than to bother with the complexity of manpath(1).
* makewhatis(8) -p: No longer warn about missing MLINKS since these
are no longer needed for anything.
--- MINOR NEW FEATURES ---
* mdoc(7): Warn about invalid punctuation and content below NAME.
* mdoc(7): Warn about .Xr lacking the second argument (section).
* mdoc(7): Warn about violations of the rule "new sentence, new line".
* roff(7): Warn about trailing whitespace at the end of comments.
* mdoc(7): Improve rendering of double quotes.
* mdoc(7): Always do text production in the validator, never in the
formatters. Cleaner, simpler, shorter, helps NetBSD apropos(1)
and also makes -Ttree output more useful.
* -Ttree: Show metadata and some additional node flags.
New -Onoval output option to show the unvalidated tree.
--- RELIABILITY BUGFIXES ---
* man(1): Make "man -l" work with standard input from a pipe or file,
as long as standard output is a terminal.
* man(7): Fix out of bounds read access if a text node immediately
preceded the first .SH header.
* mdoc(7): Fix out of bounds read access for .Bl without a type
but with a width.
* mdoc(7): Fix out of bounds read access for .Bl -column starting
with a tab character instead of a child .It macro.
* mdoc(7): Fix syntax tree corruption leading to segfaults caused
by stray block end macros in nested blocks of mismatching type.
* man(1): Fix NULL dereference when the first of multiple pages
shown was preformatted.
* mdoc(7): Fix syntax tree corruption leading to NULL dereference
caused by partial implicit macros inside .Bl -column table cells.
* mdoc(7): Fix syntax tree corruption leading to NULL dereference
for macro sequences like .Bl .Bl .It Bo .El .It.
* mdoc(7): Fix syntax tree corruption leading to NULL dereference
caused by .Ta following a nested .Bl -column breaking another block.
* mdoc(7): Fix syntax tree corruption sometimes leading to NULL
dereference caused by indirectly broken .Nd or .Nm blocks.
* mdoc(7) -Thtml: Fix a NULL dereference for .Bl -column with 0 columns.
* mdoc(7): Fix NULL dereference in some specific cases of a
block-end macro calling another block-end macro.
* mdoc(7): Fix NULL dereference if the only child of the head
of the first .Sh was an empty in-line macro.
* eqn(7): Fix NULL dereference in the terminal formatter
for empty matrices and empty square roots.
* mdoc(7): Fix an assertion failure for a .Bd without a type that
breaks another block.
* mdoc(7): Fix an assertion failure that happened for some .Bl -column
lists containing a column width of "-4n", "-3n", or "-2n".
* mdoc(7): Fix an assertion failure caused by .Bl -column without .It
but containing eqn(7) or tbl(7) code.
* roff(7): Fix an assertion failure caused by \z\[u00FF] with -Tps/-Tpdf.
* roff(7): Fix an assertion failures caused by whitespace inside \o''
(overstrike) sequences.
* -Thtml: Fix an assertion failure caused by -Oman or -Oincludes of
excessive length.
--- PORTABILITY IMPROVEMENTS ---
* man(1): Do not mix stdio narrow and wide stream orientation
on stdout, which could cause output corruption on glibc.
* mandoc(1): Autodetect a suitable locale for -Tutf8 mode.
* ./configure: Autodetect whether PATH_MAX and O_DIRECTORY are defined.
* ./configure: Autodetect if nanosleep(3) needs -lrt.
* ./configure: Provide an ${LN} configuration variable.
* ./configure: Put compiler arguments that may contain -l at the end.
--- MINOR BUGFIXES ---
* mdoc(7): Fix SYNOPSIS output if the first child of .Nm is a macro.
* mdoc(7) -Thtml: Improve formatting of .Bl -tag with short tags.
* man(7) -Thtml: Preserve whitespace in .nf (nofill) mode.
* mandoc(1): Error out on invalid output options on the command line.
--- STRUCTURAL CHANGES, no functional change ---
* Redesign part of the mandoc_html(3) interfaces, making them much
easier to use and reducing the amount of code by a few hundred lines.
--- THANKS TO ---
* Michael Stapelberg (Debian) for designing the new mandocd(8)
and parts of the new catman(8), for release testing, and for a
number of patches and bug reports.
* Baptiste Daroussin (FreeBSD) for profiling the new makewhatis(8)
implementation and suggesting an algorithmic improvement which
more than doubled performance, and for a few bug reports.
* Ed Maste (FreeBSD) for an important patch improving reproducibility
of builds in makewhatis(8), and for a few bug reports.
* Theo Buehler (OpenBSD) for almost twenty important bug reports,
most of them found by systematic afl(1) fuzzing.
* Benny Lofgren, David Dahlberg, and in particular Vadim Zhukov
for crucial help in getting .Bl -tag CSS formatting fixed.
* Svyatoslav Mishyn (Crux Linux) for an initial version of the
patch to autodetect a suitable locale for -Tutf8 mode
and for release testing.
* Jason McIntyre (OpenBSD) for multiple useful discussions
and a number of bug reports.
* Sevan Janiyan (NetBSD) for extensive release testing and multiple
bug reports.
* Thomas Klausner and Christos Zoulas (NetBSD), Yuri Pankov (illumos),
and Leah Neukirchen (Void Linux) for release testing and bug reports.
* Ulrich Spoerlein (FreeBSD) for release testing.
* Alexander Bluhm, Andrew Fresh, Antoine Jacoutot, Antony Bentley,
Christian Weisgerber, Jonathan Gray, Marc Espie, Martijn van Duren,
Stuart Henderson, Ted Unangst, Theo de Raadt (OpenBSD), Abhinav
Upadhyay, Kamil Rytarowski (NetBSD), Aaron M. Ucko, Bdale Garbee,
Reiner Herrmann, Shane Kerr (Debian), Daniel Sabogal (Alpine Linux),
Carsten Kunze (Heirloom roff), Kristaps Dzonsons (bsd.lv),
Anton Lindqvist, Jan Stary, Jeremy A. Mates, Mark Patruck,
Pavan Maddamsetti, Sean Levy <attila@stalphonsos.com>, and
Tiago Silva for bug reports.
* Brent Cook, Marc Espie, Philip Guenther, Todd Miller (OpenBSD)
and Markus Waldeck for useful discussions.
* And as usual, OpenCSW for providing me with a Solaris 9/10/11
testing environment.
Approximately 25% better performance from the R-Tree extension.
Uses compiler built-ins (ex: __builtin_bswap32() or _byteswap_ulong()) for byteswapping when available.
Uses the sqlite3_blob key/value access object instead of SQL for pulling content out of R-Tree nodes
Other miscellaneous enhancements such as loop unrolling.
Add the SQLITE_DEFAULT_LOOKASIDE compile-time option.
Increase the default lookaside size from 512,125 to 1200,100 as this provides better performance while only adding 56KB of extra memory per connection. Memory-sensitive applications can restore the old default at compile-time, start-time, or run-time.
Use compiler built-ins __builtin_sub_overflow(), __builtin_add_overflow(), and __builtin_mul_overflow() when available. (All compiler built-ins can be omitted with the SQLITE_DISABLE_INTRINSIC compile-time option.)
Added the SQLITE_ENABLE_NULL_TRIM compile-time option, which can result in significantly smaller database files for some applications, at the risk of being incompatible with older versions of SQLite.
Change SQLITE_DEFAULT_PCACHE_INITSZ from 100 to 20, for improved performance.
Added the SQLITE_UINT64_TYPE compile-time option as an analog to SQLITE_INT64_TYPE.
Perform some UPDATE operations in a single pass instead of in two passes.
Enhance the session extension to support WITHOUT ROWID tables.
Fixed performance problems and potential stack overflows when creating views from multi-row VALUES clauses with hundreds of thousands of rows.
Added the sha1.c extension.
In the command-line shell, enhance the ".mode" command so that it restores the default column and row separators for modes "line", "list", "column", and "tcl".
Enhance the SQLITE_DIRECT_OVERFLOW_READ option so that it works in WAL mode as long as the pages being read are not in the WAL file.
Enhance the LEMON parser generator so that it can store the parser object as a stack variable rather than allocating space from the heap and make use of that enhancement in the amalgamation.
Other performance improvements. Uses about 6.5% fewer CPU cycles.
Bug Fixes:
Throw an error if the ON clause of a LEFT JOIN references tables to the right of the ON clause. This is the same behavior as PostgreSQL. Formerly, SQLite silently converted the LEFT JOIN into an INNER JOIN. Fix for ticket 25e335f802dd.
Use the correct affinity for columns of automatic indexes. Ticket 7ffd1ca1d2ad4ec.
Ensure that the sqlite3_blob_reopen() interface can correctly handle short rows. Fix for ticket e6e962d6b0f06f46e.
Hashes:
SQLITE_SOURCE_ID: "2017-02-13 16:02:40 ada05cfa86ad7f5645450ac7a2a21c9aa6e57d2c"
SHA1 for sqlite3.c: cc7d708bb073c44102a59ed63ce6142da1f174d1
2017-01-06 (3.16.2)
Fix the REPLACE statement for WITHOUT ROWID tables that lack secondary indexes so that it works correctly with triggers and foreign keys. This was a new bug caused by performance optimizations added in version 3.16.0. Ticket 30027b613b4
Fix the sqlite3_value_text() interface so that it correctly translates content generated by zeroblob() into a string of all 0x00 characters. This is a long-standing issue discovered after the 3.16.1 release by OSS-Fuzz
Fix the bytecode generator to deal with a subquery in the FROM clause that is itself a UNION ALL where one side of the UNION ALL is a view that contains an ORDER BY. This is a long-standing issue that was discovered after the release of 3.16.1. See ticket 190c2507.
Adjust the sqlite3_column_count() API so it more often returns the same values for PRAGMA statements as it did in prior releases, to minimize disruption to applications that might be using that interface in unexpected ways.
Hashes:
SQLITE_SOURCE_ID: "2017-01-06 16:32:41 a65a62893ca8319e89e48b8a38cf8a59c69a8209"
SHA1 for sqlite3.c: 2bebdc3f24911c0d12b6d6c0123c3f84d6946b08
2017-01-03 (3.16.1)
Fix a bug concerning the use of row values within triggers (see ticket 8c9458e7) that was in version 3.15.0 but was not reported until moments after the 3.16.0 release was published.
Hashes:
SQLITE_SOURCE_ID: "2017-01-03 18:27:03 979f04392853b8053817a3eea2fc679947b437fd"
SHA1 for sqlite3.c: 354f6223490b30fd5320b4066b1535e4ce33988d
2017-01-02 (3.16.0)
Uses 9% fewer CPU cycles. (See the CPU performance measurement report for details on how this performance increase was computed.)
Added experimental support for PRAGMA functions.
Added the SQLITE_DBCONFIG_NO_CKPT_ON_CLOSE option to sqlite3_db_config().
Enhance the date and time functions so that the 'unixepoch' modifier works for the full span of supported dates.
Changed the default configuration of the lookaside memory allocator from 500 slots of 128 bytes each into 125 slots of 512 bytes each.
Enhanced "WHERE x NOT NULL" partial indexes so that they are usable if the "x" column appears in a LIKE or GLOB operator.
Enhanced sqlite3_interrupt() so that it interrupts checkpoint operations that are in process.
Enhanced the LIKE and GLOB matching algorithm to be faster for cases when the pattern contains multiple wildcards.
Added the SQLITE_FCNTL_WIN32_GET_HANDLE file control opcode.
Added ".mode quote" to the command-line shell.
Added ".lint fkey-indexes" to the command-line shell.
Added the .imposter dot-command to the command-line shell.
Added the remember(V,PTR) SQL function as a loadable extension.
Rename the SQLITE_OMIT_BUILTIN_TEST compile-time option to SQLITE_UNTESTABLE to better reflect the implications of using it.
Bug Fixes:
Fix a long-standing bug in the query planner that caused incorrect results on a LEFT JOIN where the left-hand table is a subquery and the join constraint is a bare column name coming from the left-hand subquery. Ticket 2df0107b.
Correctly handle the integer literal -0x8000000000000000 in the query planner.
Hashes:
SQLITE_SOURCE_ID: "2017-01-02 11:57:58 04ac0b75b1716541b2b97704f4809cb7ef19cccf"
SHA1 for sqlite3.c: e2920fb885569d14197c9b7958e6f1db573ee669
2016-11-28 (3.15.2)
Multiple bug fixes to the row value logic that was introduced in version 3.15.0.
Fix a NULL pointer dereference in ATTACH/DETACH following a maliciously constructed syntax error. Ticket 2f1b168ab4d4844.
Fix a crash that can occur following an out-of-memory condition in the built-in instr() function.
In the JSON extension, fix the JSON validator so that it correctly rejects invalid backslash escapes within strings.
Hashes:
SQLITE_SOURCE_ID: "2016-11-28 19:13:37 bbd85d235f7037c6a033a9690534391ffeacecc8"
SHA1 for sqlite3.c: 06d77b42a3e70609f8d4bbb97caf53652f1082cb
2016-11-04 (3.15.1)
Added SQLITE_FCNTL_WIN32_GET_HANDLE file control opcode.
Fix the VACUUM command so that it spills excess content to disk rather than holding everything in memory, and possible causing an out-of-memory error for larger database files. This fixes an issue introduced by version 3.15.0.
Fix a case (present since 3.8.0 - 2013-08-26) where OR-connected terms in the ON clause of a LEFT JOIN might cause incorrect results. Ticket 34a579141b2c5ac.
Fix a case where the use of row values in the ON clause of a LEFT JOIN might cause incorrect results. Ticket fef4bb4bd9185ec8f.
Hashes:
SQLITE_SOURCE_ID: "2016-11-04 12:08:49 1136863c76576110e710dd5d69ab6bf347c65e36"
SHA1 for sqlite3.c: e7c26a7be3e431dd06898f8d262c4ef240c07366
2016-10-14 (3.15.0)
Added support for row values.
Allow deterministic SQL functions in the WHERE clause of a partial index.
Added the "modeof=filename" URI parameter on the unix VFS
Added support for SQLITE_DBCONFIG_MAINDBNAME.
Added the ability to VACUUM an ATTACH-ed database.
Enhancements to the command-line shell:
Add the ".testcase" and ".check" dot-commands.
Added the --new option to the ".open" dot-command, causing any prior content in the database to be purged prior to opening.
Enhance the fts5vocab virtual table to handle "ORDER BY term" efficiently.
Miscellaneous micro-optimizations reduce CPU usage by more than 7% on common workloads. Most optimization in this release has been on the front-end (sqlite3_prepare_v2()).
Bug Fixes:
The multiply operator now correctly detects 64-bit integer overflow and promotes to floating point in all corner-cases. Fix for ticket 1ec41379c9c1e400.
Correct handling of columns with redundant unique indexes when those columns are used on the LHS of an IN operator. Fix for ticket 0eab1ac759.
Skip NULL entries on range queries in indexes on expressions. Fix for ticket 4baa46491212947.
Ensure that the AUTOINCREMENT counters in the sqlite_sequence table are initialized doing "Xfer Optimization" on "INSERT ... SELECT" statements. Fix for ticket 7b3328086a5c116c.
Make sure the ORDER BY LIMIT optimization (from check-in 559733b09e) works with IN operators on INTEGER PRIMARY KEYs. Fix for ticket 96c1454c
Hashes:
SQLITE_SOURCE_ID: "2016-10-14 10:20:30 707875582fcba352b4906a595ad89198d84711d8"
SHA1 for sqlite3.c: fba106f8f6493c66eeed08a2dfff0907de54ae76
2016-09-12 (3.14.2)
Improved support for using the STDCALL calling convention in winsqlite3.dll.
Fix the sqlite3_trace_v2() interface so that it is disabled if either the callback or the mask arguments are zero, in accordance with the documentation.
Fix commenting errors and improve the comments generated on EXPLAIN listings when the -DSQLITE_ENABLE_EXPLAIN_COMMENTS compile-time option is used.
Fix the ".read" command in the command-line shell so that it understands that its input is not interactive.
Correct affinity computations for a SELECT on the RHS of an IN operator. Fix for ticket 199df4168c.
The ORDER BY LIMIT optimization is not valid unless the inner-most IN operator loop is actually used by the query plan. Fix for ticket 0c4df46116e90f92.
Fix an internal code generator problem that was causing some DELETE operations to no-op. Ticket ef360601
Hashes:
SQLITE_SOURCE_ID: "2016-09-12 18:50:49 29dbef4b8585f753861a36d6dd102ca634197bd6"
SHA1 for sqlite3.c: bcc4a1989db45e7f223191f2d0f66c1c28946383
2016-08-11 (3.14.1)
A performance enhancement to the page-cache "truncate" operation reduces COMMIT time by dozens of milliseconds on systems with a large page cache.
Fix to the --rbu option of sqldiff.
Hashes:
SQLITE_SOURCE_ID: "2016-08-11 18:53:32 a12d8059770df4bca59e321c266410344242bf7b"
SHA1 for sqlite3.c: d545b24892278272ce4e40e0567d69c8babf12ea
2016-08-08 (3.14)
Celebrating the SQLite "# release" with a home-baked pie.
Added support for WITHOUT ROWID virtual tables.
Improved the query planner so that the OR optimization can be used on virtual tables even if one or more of the disjuncts use the LIKE, GLOB, REGEXP, MATCH operators.
Added the CSV virtual table for reading RFC 4180 formatted comma-separated value files.
Added the carray() table-valued function extension.
Enabled persistent loadable extensions using the new SQLITE_OK_LOAD_PERMANENTLY return code from the extension entry point.
Added the SQLITE_DBSTATUS_CACHE_USED_SHARED option to sqlite3_db_status().
Add the vfsstat.c loadable extension - a VFS shim that measures I/O together with an eponymous virtual table that provides access to the measurements.
Improved algorithm for running queries with both an ORDER BY and a LIMIT where only the inner-most loop naturally generates rows in the correct order.
Enhancements to Lemon parser generator, so that it generates a faster parser.
The PRAGMA compile_options command now attempts to show the version number of the compiler that generated the library.
Enhance PRAGMA table_info so that it provides information about eponymous virtual tables.
Added the "win32-none" VFS, analogous to the "unix-none" VFS, that works like the default "win32" VFS except that it ignores all file locks.
The query planner uses a full scan of a partial index instead of a full scan of the main table, in cases where that makes sense.
Allow table-valued functions to appear on the right-hand side of an IN operator.
Created the dbhash.exe command-line utility.
Added two new C-language interfaces: sqlite3_expanded_sql() and sqlite3_trace_v2(). These new interfaces subsume the functions of sqlite3_trace() and sqlite3_profile() which are now deprecated.
Added the json_quote() SQL function to the json1 extension.
Disable the authorizer callback while reparsing the schema.
Added the SQLITE_ENABLE_UNKNOWN_SQL_FUNCTION compile-time option and turned that option on by default when building the command-line shell.
Bug Fixes:
Fix the ALTER TABLE command so that it does not corrupt descending indexes when adding a column to a legacy file format database. Ticket f68bf68513a1c15f
Fix a NULL-pointer dereference/crash that could occurs when a transitive WHERE clause references a non-existent collating sequence. Ticket e8d439c77685eca6.
Improved the cost estimation for an index scan which includes a WHERE clause that can be partially or fully evaluated using columns in the index and without having to do a table lookup. This fixes a performance regression that occurred for some obscure queries following the ORDER BY LIMIT optimization introduced in version 3.12.0.
Hashes:
SQLITE_SOURCE_ID: "2016-08-08 13:40:27 d5e98057028abcf7217d0d2b2e29bbbcdf09d6de"
SHA1 for sqlite3.c: 234a3275d03a287434ace3ccdf1afb208e6b0e92
Summary of changes in tzdata2017a (2017-02-28 00:05:36 -0800):
Briefly: Southern Chile moves from -04/-03 to -03, and Mongolia
discontinues DST.
Changes to future time stamps
Mongolia no longer observes DST.
Chile's Region of Magallanes moves from -04/-03 to -03 year-round.
Changes to past time stamps
Fix many entries for historical time stamps for Europe/Madrid
before 1979, to agree with tables compiled by Pere Planesas of the
National Astronomical Observatory of Spain. As a side effect,
this changes some time stamps for Africa/Ceuta before 1929, which
are probably guesswork anyway.
Ecuador observed DST from 1992-11-28 to 1993-02-05.
Asia/Atyrau and Asia/Oral were at +03 (not +04) before 1930-06-21.
Changes to past and future time zone abbreviations
Switch to numeric time zone abbreviations for South America, as
part of the ongoing project of removing invented abbreviations.
For Alaska time from 1900 through 1967, instead of "CAT" use the
abbreviation "AST", the abbreviation commonly used at the time
(Atlantic Standard Time had not been standardized yet). Use "AWT"
and "APT" instead of the invented abbreviations "CAWT" and "CAPT".
Use "CST" and "CDT" instead of invented abbreviations for Macau
before 1999 and Taiwan before 1938, and use "JST" instead of the
invented abbreviation "JCST" for Japan and Korea before 1938.
Change to database entry category
Move the Pacific/Johnston link from 'australasia' to 'backward',
since Johnston is now uninhabited.
fix the dtrace "args" variable to return correct values.
simplify the invop handlers a bit by changing the second argument
from a pointer into the stack to a pointer to the trapframe.
after rev 1.6 of m68k.md (which itself reverted a local patch that hadn't
been necessary for over a decade... see gcc bugzilla 12792).
discussed with christos and confirmed no regressions with the atf tests.
release number, 0=minor release number, x=patchlevel. The stable
release never changes except for patches that address bugs or
emergencies. Patches change the patchlevel and the release date.
New features are developed in snapshot releases. These are called
postfix-3.1-yyyymmdd where yyyymmdd is the release date (yyyy=year,
mm=month, dd=day). Patches are never issued for snapshot releases;
instead, a new snapshot is released.
The mail_release_date configuration parameter (format: yyyymmdd)
specifies the release date of a stable release or snapshot release.
If you upgrade from Postfix 2.10 or earlier, read RELEASE_NOTES-2.11
before proceeding.
Notes for distribution maintainers
----------------------------------
* New backwards-compatibility safety net.
With NEW Postfix installs, you MUST install a main.cf file with
the setting "compatibility_level = 2". See conf/main.cf for an
example.
With UPGRADES of existing Postfix systems, you MUST NOT change the
main.cf compatibility_level setting, nor add this setting if it
does not exist.
Several Postfix default settings have changed with Postfix 3.0. To
avoid massive frustration with existing Postfix installations,
Postfix 3.0 comes with a safety net that forces Postfix to keep
running with backwards-compatible main.cf and master.cf default
settings. This safety net depends on the main.cf compatibility_level
setting (default: 0). Details are in COMPATIBILITY_README.
* New Postfix build system.
The Postfix build/install procedure has changed to support Postfix
dynamically-linked libraries and database plugins. These must not
be "shared" with non-Postfix programs, and therefore must not be
installed in a public directory.
To avoid massive frustration due to broken patches, PLEASE BUILD
POSTFIX FIRST WITHOUT APPLYING ANY PATCHES. Follow the INSTALL
instructions (see "Building with Postfix dynamically-linked libraries
and database plugins"), and see how things work and what the
dynamically-linked libraries, database plugin, and configuration
files look like. Then, go ahead and perform your platform-specific
customizations. The INSTALL section "Tips for distribution maintainers"
has further suggestions.
Major changes - critical
------------------------
[Incompat 20140714] After upgrading Postfix, "postfix reload" (or
start/stop) is required. Several Postfix-internal protocols have
been extended to support SMTPUTF8. Failure to reload or restart
will result in mail staying queued, while Postfix daemons log
warning messages about unexpected attributes.
Major changes - default settings
--------------------------------
[Incompat 20141009] The default settings have changed for relay_domains
(new: empty, old: $mydestination) and mynetworks_style (new: host,
old: subnet). However the backwards-compatibility safety net will
prevent these changes from taking effect, giving the system
administrator the option to make an old default setting permanent
in main.cf or to adopt the new default setting, before turning off
backwards compatibility. See COMPATIBILITY_README for details.
[Incompat 20141001] A new backwards-compatibility safety net forces
Postfix to run with backwards-compatible main.cf and master.cf
default settings after an upgrade to a newer but incompatible Postfix
version. See COMPATIBILITY_README for details.
While the backwards-compatible default settings are in effect,
Postfix logs what services or what email would be affected by the
incompatible change. Based on this the administrator can make some
backwards-compatibility settings permanent in main.cf or master.cf,
before turning off backwards compatibility.
See postconf.5.html#compatibility_level for details.
[Incompat 20141001] The default settings
have changed for append_dot_mydomain (new: no. old: yes), master.cf
chroot (new: n, old: y), and smtputf8 (new: yes, old: no).
Major changes - access control
------------------------------
[Feature 20141119] Support for BCC actions in header/body_checks
and milter_header_checks. There is no limit on the number of BCC
actions that may be specified, other than the implicit limit due
to finite storage. BCC support will not be implemented in Postfix
delivery agent header/body_checks.
It works in the same way as always_bcc and sender/recipient_bcc_maps:
there can be only one address per action, recipients are added with
the NOTIFY=NONE delivery status notification option, and duplicate
recipients are ignored (with the same delivery status notification
options).
[Incompat 20141009] The default settings have changed for relay_domains
(new: empty, old: $mydestination) and mynetworks_style (new: host,
old: subnet). However the backwards-compatibility safety net will
prevent these changes from taking effect, giving the system
administrator the option to make an old default setting permanent
in main.cf or to adopt the new default setting, before turning off
backwards compatibility. See COMPATIBILITY_README for details.
[Feature 20140618] New INFO action in access(5) tables, for consistency
with header/body_checks.
[Feature 20140620] New check_xxx_a_access (for xxx in client,
reverse_client, helo, sender, recipient) implements access control
on all A and AAAA IP addresses for respectively the client hostname,
helo parameter, sender domain or recipient domain. This complements
the existing check_xxx_mx_access and check_xxx_ns_access features.
Major changes - address rewriting
---------------------------------
[Incompat 20141001] The default settings have changed for
append_dot_mydomain (new: no. old: yes), master.cf chroot (new:
n, old: y), and smtputf8 (new: yes, old: no).
Major changes - address verification
------------------------------------
[Feature 20141227] The new smtp_address_verify_target parameter
(default: rcpt) specifies what protocol stage decides if a recipient
is valid. Specify "data" for servers that reject invalid recipients
in response to the DATA command.
Major changes - database support
--------------------------------
[Feature 20140512] Support for Berkeley DB version 6.
[Feature 20140618] The "randmap" lookup table performs random
selection. This may be used to implement load balancing, for example:
/etc/postfix/transport:
# Deliver my own domain as usual.
example.com :
.example.com :
/etc/postfix/main.cf:
transport_maps =
# Deliver my own domain as usual.
hash:/etc/postfix/transport
# Deliver other domains via randomly-selected relayhosts
randmap:{smtp:smtp0.example.com, smtp:smtp1.example.com}
A variant of this can randomly select SMTP clients with different
smtp_bind_address settings.
To implement different weights, specify lookup results multiple
times. For example, to choose smtp:smtp1.example.com twice as often
as smtp:smtp0.example.com, specify smtp:smtp1.example.com twice.
A future version may support randmap:/path/to/file to load a list
of results from file.
[Feature 20140618] As the name suggests, the "pipemap" table
implements a pipeline of lookup tables. The name of the table
specifies the pipeline as a sequence of tables. For example, the
following prevents SMTP mail to system accounts that have "nologin"
as their login shell:
/etc/postfix/main.cf:
local_recipient_maps =
pipemap:{unix:passwd.byname, pcre:/etc/postfix/no-nologin.pcre}
alias_maps
/etc/postfix/no-nologin.pcre:
!/nologin/ whatever
Each "pipemap:" query is given to the first table. Each table
lookup result becomes the query for the next table in the pipeline,
and the last table produces the final result. When any table lookup
produces no result, the entire pipeline produces no result.
A future version may support pipemap:/path/to/file to load a list
of lookup tables from file.
[Feature 20140924] Support for unionmap, with the same syntax as
pipemap. This sends a query to all tables, and concatenates non-empty
results, separated by comma.
[Feature 20131121] The "static" lookup table now supports whitespace
when invoked as "static:{ text with whitespace }", so that it can
be used, for example, at the end of smtpd_mumble_restrictions as
"check_mumble_access static:{reject text...}".
[Feature 20141126] "inline:{key=value, { key = text with comma/space}}"
avoids the need to create a database for just a few entries.
Major changes - delivery status notifications
---------------------------------------------
[Feature 20140321] Delivery status filter support, to replace the
delivery status codes and explanatory text of successful or
unsuccessful deliveries by Postfix mail delivery agents.
This was originally implemented for sites that want to turn certain
soft delivery errors into hard delivery errors, but it can also be
used to censor out information from delivery confirmation reports.
This feature is implemented as a filter that replaces the three-number
enhanced status code and descriptive text in Postfix delivery agent
success, bounce, or defer messages. Note: this will not override
"soft_bounce=yes", and this will not change a successful delivery
status into an unsuccessful status or vice versa.
The first example turns specific soft TLS errors into hard
errors, by overriding the first number in the enhanced status code.
/etc/postfix/main.cf:
smtp_delivery_status_filter = pcre:/etc/postfix/smtp_dsn_filter
/etc/postfix/smtp_dsn_filter:
/^4(\.\d+\.\d+ TLS is required, but host \S+ refused to start TLS: .+)/ 5$1
/^4(\.\d+\.\d+ TLS is required, but was not offered by host .+)/ 5$1
The second example removes the destination command name and file
name from local(8) successful delivery reports, so that they will
not be reported when a sender requests confirmation of delivery.
/etc/postfix/main.cf:
local_delivery_status_filter = pcre:/etc/postfix/local_dsn_filter
/etc/postfix/local_dsn_filter:
/^(2\S+ delivered to file).+/ $1
/^(2\S+ delivered to command).+/ $1
This feature is supported in the lmtp(8), local(8), pipe(8), smtp(8)
and virtual(8) delivery agents. That is, all delivery agents that
actually deliver mail. It will not be implemented in the error and
retry pseudo-delivery agents.
The new main.cf parameters and default values are:
default_delivery_status_filter =
lmtp_delivery_status_filter = $default_delivery_status_filter
local_delivery_status_filter = $default_delivery_status_filter
pipe_delivery_status_filter = $default_delivery_status_filter
smtp_delivery_status_filter = $default_delivery_status_filter
virtual_delivery_status_filter = $default_delivery_status_filter
See the postconf(5) manpage for more details.
[Incompat 20140618] The pipe(8) delivery agent will now log a limited
amount of command output upon successful delivery, and will report
that output in "SUCCESS" delivery status reports. This is another
good reason to disable inbound DSN requests at the Internet perimeter.
[Feature 20140907] With "confirm_delay_cleared = yes", Postfix
informs the sender when delayed mail leaves the queue (this is in
addition to the delay_warning_time feature that warns when mail is
still queued). This feature is disabled by default, because it can
result in a sudden burst of notifications when the queue drains at
the end of a prolonged network outage.
Major changes - dns
-------------------
[Feature 20141128] Support for DNS server reply filters in the
Postfix SMTP/LMTP client and SMTP server. This helps to work around
mail delivery problems with sites that have incorrect DNS information.
Note: this has no effect on the implicit DNS lookups that are made
by nsswitch.conf or equivalent mechanisms.
This feature renders each lookup result as one line of text in
standard zone-file format as shown below. The class field is always
"IN", the preference field exists only for MX records, the names
of hosts, domains, etc. end in ".", and those names are in ASCII
form (xn--mumble form for internationalized domain names).
name ttl class type preference value
---------------------------------------------------------
postfix.org. 86400 IN MX 10 mail.cloud9.net.
Typically, one would match this text with a regexp: or pcre: table.
When a match is found, the table lookup result specifies an action.
By default, the table query and the action name are case-insensitive.
Currently, only the IGNORE action is implemented.
For safety reasons, Postfix logs a warning or defers mail delivery
when a DNS reply filter removes all lookup results from a successful
query.
The Postfix SMTP/LMTP client uses the smtp_dns_reply_filter and
lmtp_dns_reply_filter features only for Postfix SMTP client lookups
of MX, A, and AAAAA records to locate a remote SMTP or LMTP server,
including lookups that implement the features reject_unverified_sender
and reject_unverified_recipient. The filters are not used for lookups
made through nsswitch.conf and similar mechanisms.
The Postfix SMTP server uses the smtpd_dns_reply_filter feature
only for Postfix SMTP server lookups of MX, A, AAAAA, and TXT records
to implement the features reject_unknown_helo_hostname,
reject_unknown_sender_domain, reject_unknown_recipient_domain,
reject_rbl_*, and reject_rhsbl_*. The filter is not used for lookups
made through nsswitch.conf and similar mechanisms, such as lookups
of the remote SMTP client name.
[Feature 20141126] Nullmx support (MX records with a null hostname).
This change affects error messages only. The Postfix SMTP client
already bounced mail for such domains, and the Postfix SMTP server
already rejected such domains with reject_unknown_sender/recipient_domain.
This feature introduces a new SMTP server configuration parameter
nullmx_reject_code (default: 556).
Major changes - dynamic linking
-------------------------------
[Feature 20140530] Support to build Postfix with Postfix
dynamically-linked libraries, and with dynamically-loadable database
clients. These MUST NOT be used by non-Postfix programs. Postfix
dynamically-linked libraries introduce minor runtime overhead and
result in smaller Postfix executable files. Dynamically-loadable
database clients are useful when you distribute or install pre-compiled
packages. Postfix 3.0 supports dynamic loading for CDB, LDAP, LMDB,
MYSQL, PCRE, PGSQL, SDBM, and SQLITE database clients.
This implementation is based on Debian code by LaMont Jones, initially
ported by Viktor Dukhovni. Currently, support exists for recent
versions of Linux, FreeBSD, MacOS X, and for the ancient Solaris 9.
To support Postfix dynamically-linked libraries and dynamically-loadable
database clients, the Postfix build procedure had to be changed
(specifically, the files makedefs and Makefile.in, and the files
postfix-install and post-install that install or update Postfix).
[Incompat 20140530] The Postfix 3.0 build procedure expects that
you specify database library dependencies with variables named
AUXLIBS_CDB, AUXLIBS_LDAP, etc. With Postfix 3.0 and later, the
old AUXLIBS variable still supports building a statically-loaded
CDB etc. database client, but only the new AUXLIBS_CDB etc. variables
support building a dynamically-loaded or statically-loaded CDB etc.
database client. See CDB_README, LDAP_README, etc. for details.
Failure to follow this advice will defeat the purpose of dynamic
database client loading. Every Postfix executable file will have
database library dependencies. And that was exactly what dynamic
database client loading was meant to avoid.
Major changes - future proofing
-------------------------------
[Cleanup 20141224] The changes described here have no visible effect
on Postfix behavior, but they make Postfix code easier to maintain,
and therefore make new functionality easier to add.
* Compile-time argument typechecks of non-printf/scanf-like variadic
function argument lists.
* Deprecating the use of "char *" for non-text purposes such as
memory allocation and pointers to application context for call-back
functions. This dates from long-past days before void * became
universally available.
* Replace integer types for counters and sizes with size_t or ssize_t
equivalents. This eliminates some wasteful 64<->32bit conversions
on 64-bit systems.
Major changes - installation pathnames
--------------------------------------
[Incompat 20140625] For compliance with file system policies, some
non-executable files have been moved from $daemon_directory to the
directory specified with the new meta_directory configuration
parameter which has the same default value as the config_directory
parameter. This change affects non-executable files that are shared
between multiple Postfix instances such as postfix-files, dynamicmaps.cf,
and multi-instance template files.
For backwards compatibility with Postfix 2.6 .. 2.11, specify
"meta_directory = $daemon_directory" in main.cf before installing
or upgrading Postfix, or specify "meta_directory = /path/name" on
the "make makefiles", "make install" or "make upgrade" command line.
Major changes - milter
----------------------
[Feature 20140928] Support for per-Milter settings that override
main.cf parameters. For details see the section "Advanced policy
client configuration" in the SMTPD_POLICY_README document.
Here is an example that uses both old and new syntax:
smtpd_milters = { inet:127.0.0.1:port1, default_action=accept, ... },
inet:127.0.0.1:port2, ...
The supported attribute names are: command_timeout, connect_timeout,
content_timeout, default_action, and protocol. These have the same
names as the corresponding main.cf parameters, without the "milter_"
prefix.
The per-milter settings are specified as attribute=value pairs
separated by comma or space; specify { name = value } to allow
spaces around the "=" or within an attribute value.
[Feature 20141018] DMARC compatibility: when a Milter inserts a
header ABOVE Postfix's own Received: header, Postfix no longer
exposes its own Received: header to Milters (violating protocol)
and Postfix no longer hides the Milter-inserted header from Milters
(wtf).
Major changes - parameter syntax
--------------------------------
[Feature 20140921] In preparation for configurable mail headers and
logging, new main.cf support for if-then-else expressions:
${name?{text1}:{text2}}
and for logical expressions:
${{text1}=={text2}?{text3}:{text4}}
${{text1}!={text2}?{text3}:{text4}}
Whitespace before and after {text} is ignored. This can help to
make complex expressions more readable. See the postconf(5) manpage
for further details.
[Feature 20140928] Support for whitespace in daemon command-line
arguments. For details, see the "Command name + arguments" section
in the master(5) manpage. Example:
smtpd -o { parameter = value containing whitespace } ...
The { ... } form is also available for non-option command-line
arguments in master.cf, for example:
pipe ... argv=command { argument containing whitespace } ...
In both cases, whitespace immediately after "{" and before "}"
is ignored.
[Feature 20141005] Postfix import_environment and export_environment
now allow "{ name=value }" to protect whitespace in attribute values.
[Feature 20141006] The new message_drop_header parameter replaces
a hard-coded table that specifies what message headers the cleanup
daemon will remove. The list of supported header names covers RFC
5321, 5322, MIME RFCs, and some historical names.
Major changes - pipe daemon
---------------------------
[Incompat 20140618] The pipe(8) delivery agent will now log a limited
amount of command output upon successful delivery, and will report
that output in "SUCCESS" delivery status reports. This is another
good reason to disable inbound DSN requests at the Internet perimeter.
Major changes - policy client
-----------------------------
[Feature 20140703] This release introduces three new configuration
parameters that control error recovery for failed SMTPD policy
requests.
* smtpd_policy_service_default_action (default: 451 4.3.5 Server
configuration problem): The default action when an SMTPD policy
service request fails.
* smtpd_policy_service_try_limit (default: 2): The maximal number
of attempts to send an SMTPD policy service request before
giving up. This must be a number greater than zero.
* smtpd_policy_service_retry_delay (default: 1s): The delay between
attempts to resend a failed SMTPD policy service request. This
must be a number greater than zero.
See postconf(5) for details and limitations.
[Feature 20140928] Support for per-policy service settings that
override main.cf parameters. For details see the section "Different
settings for different Milter applications" in the MILTER_README
document.
Here is an example that uses both old and new syntax:
smtpd_recipient_restrictions = ...
check_policy_service { inet:127.0.0.1:port3, default_action=DUNNO }
check_policy_service inet:127.0.0.1:port4
...
The per-policy service settings are specified as attribute=value pairs
separated by comma or space; specify { name = value } to allow
spaces around the "=" or within an attribute value.
The supported attribute names are: default_action, max_idle, max_ttl,
request_limit, retry_delay, timeout, try_limit. These have the same
names as the corresponding main.cf parameters, without the
"smtpd_policy_service_" prefix.
[Feature 20140505] A client port attribute was added to the policy
delegation protocol.
[Feature 20140630] New smtpd_policy_service_request_limit feature to
limit the number of requests per Postfix SMTP server policy connection.
This is a workaround to avoid error-recovery delays with policy
servers that cannot maintain a persistent connection.
Major changes - position-independent executables
------------------------------------------------
[Feature 20150205] Preliminary support for building position-independent
executables (PIE), tested on Fedora Core 20, Ubuntu 14.04, FreeBSD
9 and 10, and NetBSD 6. Specify:
$ make makefiles pie=yes ...other arguments...
On some systems, PIE is used by the ASLR exploit mitigation technique
(ASLR = Address-Space Layout Randomization). Whether specifying
"pie=yes" has any effect at all depends on the compiler. Reportedly,
some compilers always produce PIE executables.
Major changes - postscreen
--------------------------
[Feature 20140501] Configurable time limit (postscreen_dnsbl_timeout)
for DNSBL or DNSWL lookups. This is separate from the timeouts in
the dnsblog(8) daemon which are controlled by system resolver(3)
routines.
Major changes - session fingerprint
-----------------------------------
[Feature 20140801] The Postfix SMTP server now logs at the end of
a session how many times an SMTP command was successfully invoked,
followed by the total number of invocations if some invocations
were unsuccessful.
This logging will enough to diagnose many problems without using
verbose logging or network sniffer.
Normal session, no TLS:
disconnect from name[addr] ehlo=1 mail=1 rcpt=1 data=1 quit=1
Normal session. with TLS:
disconnect from name[addr] ehlo=2 starttls=1 mail=1 rcpt=1 data=1 quit=1
All recipients rejected, no ESMTP command pipelining:
disconnect from name[addr] ehlo=1 mail=1 rcpt=0/1 quit=1
All recipients rejected, with ESMTP command pipelining:
disconnect from name[addr] ehlo=1 mail=1 rcpt=0/1 data=0/1 rset=1 quit=1
Password guessing bot, hangs up without QUIT:
disconnect from name[addr] ehlo=1 auth=0/1
Mis-configured client trying to use TLS wrappermode on port 587:
disconnect from name[addr] unknown=0/1
Logfile analyzers can trigger on the presence of "/". It indicates
that Postfix rejected at least one command.
[Feature 20150118] As a late addition, the SMTP server now also
logs the total number of commands (as "commands=x/y") even when the
client did not send any commands. This helps logfile analyzers to
recognize sessions without commands.
Major changes - smtp client
---------------------------
[Feature 20141227] The new smtp_address_verify_target parameter
(default: rcpt) determines what protocol stage decides if a recipient
is valid. Specify "data" for servers that reject recipients after
the DATA command.
Major changes - smtputf8
------------------------
[Incompat 20141001] The default settings have changed for
append_dot_mydomain (new: no, old: yes), master.cf chroot (new:
n, old: y), and smtputf8 (new: yes, old: no).
[Incompat 20140714] After upgrading Postfix, "postfix reload" (or
start/stop) is required. Several Postfix-internal protocols have
been extended to support SMTPUTF8. Failure to reload or restart
will result in mail staying queued, while Postfix daemons log
warning messages about unexpected attributes.
[Feature 20140715] Support for Email Address Internationalization
(EAI) as defined in RFC 6531..6533. This supports UTF-8 in SMTP/LMTP
sender addresses, recipient addresses, and message header values.
The implementation is based on initial work by Arnt Gulbrandsen
that was funded by CNNIC.
See SMTPUTF8_README for a description of Postfix SMTPUTF8 support.
[Feature 20150112] UTF-8 Casefolding support for Postfix lookup
tables and matchlists (mydestination, relay_domains, etc.). This
is enabled only with "smtpuf8 = yes".
[Feature 20150112] With smtputf8_enable=yes, SMTP commands with
UTF-8 syntax errors are rejected, table lookup results with invalid
UTF-8 syntax are handled as configuration errors, and UTF-8 syntax
errors in policy server replies result in execution of the policy
server's default action.
Major changes - tls support
---------------------------
(see "Major changes - delivery status notifications" above for
turning 4XX soft errors into 5XX bounces when a remote SMTP server
does not offer STARTTLS support).
[Feature 20140209] the Postfix SMTP client now also falls back to
plaintext when TLS fails AFTER the TLS protocol handshake.
[Feature 20140218] The Postfix SMTP client now requires that a queue
file is older than $minimal_backoff_time, before falling back from
failed TLS to plaintext (both during or after the TLS handshake).
[Feature 20141021] Per IETF TLS WG consensus, the tls_session_ticket_cipher
default setting was changed from aes-128-cbc to aes-256-cbc.
[Feature 20150116] TLS wrappermode support in the Postfix smtp(8)
client (new smtp_tls_wrappermode parameter) and in posttls-finger(1)
(new -w option). There still is life in that deprecated protocol,
and people should not have to jump hoops with stunnel.