Hello community, here is the log from the commit of package postfix checked in at Thu Feb 28 02:03:39 CET 2008. -------- --- postfix/postfix.changes 2008-02-13 15:09:24.000000000 +0100 +++ /mounts/work_src_done/STABLE/postfix/postfix.changes 2008-02-27 17:57:18.094812000 +0100 @@ -1,0 +2,14 @@ +Tue Feb 26 09:59:43 CET 2008 - varkoly@suse.de + +- Update to Version 2.5 patchlevel 1 + Changes: The Postfix 2.5 "postfix upgrade-configuration" command + now works even with Postfix 2.4 or earlier versions of the + postfix command. When installing Postfix 2.5.0 without upgrading + from an existing master.cf file, the new master.cf file had an + incorrect process limit for the proxywrite service. This service + is used only by the obscure "smtp_sasl_auth_cache_name" and + "lmtp_sasl_auth_cache_name" configuration parameters. Someone + needed multi-line support for header/body Milter replies. The + LDAP client's TLS support was broken in several ways. + +------------------------------------------------------------------- Old: ---- postfix-2.5.0.tar.gz New: ---- postfix-2.5.1.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ postfix.spec ++++++ --- /var/tmp/diff_new_pack.B24387/_old 2008-02-28 02:02:49.000000000 +0100 +++ /var/tmp/diff_new_pack.B24387/_new 2008-02-28 02:02:49.000000000 +0100 @@ -1,5 +1,5 @@ # -# spec file for package postfix (Version 2.5.0) +# spec file for package postfix (Version 2.5.1) # # Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany. # This file and all modifications and additions to the pristine @@ -24,8 +24,8 @@ Conflicts: sendmail exim AutoReqProv: on Summary: A fast, secure, and flexible mailer -Version: 2.5.0 -Release: 5 +Version: 2.5.1 +Release: 1 Source: postfix-%{version}.tar.gz Source1: postfix-SuSE.tar.gz Patch: dynamic_maps.patch @@ -583,6 +583,17 @@ Wietse Venema <wietse@porcupine.org> %changelog +* Tue Feb 26 2008 varkoly@suse.de +- Update to Version 2.5 patchlevel 1 + Changes: The Postfix 2.5 "postfix upgrade-configuration" command + now works even with Postfix 2.4 or earlier versions of the + postfix command. When installing Postfix 2.5.0 without upgrading + from an existing master.cf file, the new master.cf file had an + incorrect process limit for the proxywrite service. This service + is used only by the obscure "smtp_sasl_auth_cache_name" and + "lmtp_sasl_auth_cache_name" configuration parameters. Someone + needed multi-line support for header/body Milter replies. The + LDAP client's TLS support was broken in several ways. * Wed Feb 13 2008 varkoly@suse.de - #360572 - postfix %%post script leaves lots of backup files in /etc/postfix/ * Wed Jan 30 2008 varkoly@suse.de ++++++ postfix-2.5.0.tar.gz -> postfix-2.5.1.tar.gz ++++++ diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/postfix-2.5.0/conf/master.cf new/postfix-2.5.1/conf/master.cf --- old/postfix-2.5.0/conf/master.cf 2008-01-13 18:13:45.000000000 +0100 +++ new/postfix-2.5.1/conf/master.cf 2008-01-30 12:57:57.000000000 +0100 @@ -32,7 +32,7 @@ verify unix - - n - 1 verify flush unix n - n 1000? 0 flush proxymap unix - - n - - proxymap -proxywrite unix - - n - - proxymap +proxywrite unix - - n - 1 proxymap smtp unix - - n - - smtp # When relaying mail as backup MX, disable fallback_relay to avoid MX loops relay unix - - n - - smtp diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/postfix-2.5.0/conf/post-install new/postfix-2.5.1/conf/post-install --- old/postfix-2.5.0/conf/post-install 2007-12-03 22:08:16.000000000 +0100 +++ new/postfix-2.5.1/conf/post-install 2008-02-02 01:31:17.000000000 +0100 @@ -141,6 +141,8 @@ # directory should be in the command search path of adminstrative users. # .IP queue_directory # The directory for Postfix queues. +# .IP data_directory +# The directory for Postfix writable data files (caches, etc.). # .IP sendmail_path # The full pathname for the Postfix sendmail command. # This is the Sendmail-compatible mail posting interface. @@ -164,6 +166,7 @@ # The directory for the Postfix on-line manual pages. # .IP sample_directory # The directory for the Postfix sample configuration files. +# This feature is obsolete as of Postfix 2.1. # .IP readme_directory # The directory for the Postfix README files. # SEE ALSO @@ -190,6 +193,10 @@ IFS=" " BACKUP_IFS="$IFS" +MOST_PARAMETERS="command_directory daemon_directory data_directory + html_directory mail_owner mailq_path manpage_directory + newaliases_path queue_directory readme_directory sample_directory + sendmail_path setgid_group" USAGE="Usage: $0 [name=value] command create-missing Create missing queue directories. @@ -302,9 +309,7 @@ # Extract parameter settings from the installed main.cf file. test -f $config_directory/main.cf && { - for name in daemon_directory command_directory queue_directory mail_owner \ - setgid_group sendmail_path newaliases_path mailq_path \ - html_directory manpage_directory sample_directory readme_directory + for name in $MOST_PARAMETERS do eval junk=\$$name case "$junk" in @@ -348,9 +353,7 @@ # via environment, or via installed configuration files. missing= -for name in daemon_directory command_directory queue_directory mail_owner \ - setgid_group sendmail_path newaliases_path mailq_path manpage_directory \ - readme_directory html_directory +for name in $MOST_PARAMETERS do eval test -n \"\$$name\" || missing="$missing $name" done @@ -383,9 +386,7 @@ # Save settings, allowing command line/environment override. override= -for name in daemon_directory command_directory queue_directory mail_owner \ - setgid_group sendmail_path newaliases_path mailq_path manpage_directory \ - sample_directory readme_directory html_directory +for name in $MOST_PARAMETERS do eval test \"\$$name\" = \"`$POSTCONF -c $config_directory -h $name`\" || { override=1 @@ -398,6 +399,7 @@ "daemon_directory = $daemon_directory" \ "command_directory = $command_directory" \ "queue_directory = $queue_directory" \ + "data_directory = $data_directory" \ "mail_owner = $mail_owner" \ "setgid_group = $setgid_group" \ "sendmail_path = $sendmail_path" \ @@ -668,6 +670,19 @@ EOF } + # Fix a typo in the default master.cf proxywrite entry. + + grep '^proxywrite.*-[ ]*proxymap' $config_directory/master.cf >/dev/null && { + echo Editing $config_directory/master.cf, setting proxywrite process limit to 1 + ed $config_directory/master.cf <<EOF || exit 1 +/^proxywrite.*-[ ]*proxymap/ +s/-\([ ]*proxymap\)/1\1/ +p +w +q +EOF + } + # Report (but do not remove) obsolete files. test -n "$obsolete" && { diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/postfix-2.5.0/HISTORY new/postfix-2.5.1/HISTORY --- old/postfix-2.5.0/HISTORY 2008-01-24 02:15:56.000000000 +0100 +++ new/postfix-2.5.1/HISTORY 2008-02-11 01:36:18.000000000 +0100 @@ -14277,3 +14277,38 @@ to mumble_destination_rate_delay, because it really is a per-destination feature. With this change we keep the option of implementing a future per-transport rate delay. + +20080125 + + Bugfix (introduced 20071216): missing {} in the LDAP client + broke OpenLDAP TLS. The setting tls_require_cert=no was + further broken because Postfix used OpenLDAP incorrectly. + Victor Duchovni. This broke tls_require_cert=no File: + global/dict_ldap.c. + +20080130 + + Bugfix (introduced 20071204): wrong proxywrite process limit + in the default master.cf file. File: conf/master.cf. + +20080201 + + Workaround: pick up a missing data_directory setting from + main.cf when "postfix start" is invoked with an obsolete + postfix command. File: conf/post-install. + + Workaround (introduced 20071204): update the wrong proxywrite + process limit when upgrading an already installed default + master.cf file. File: conf/post-install. + +20080207 + + Cleanup: soft_bounce support for multi-line Milter replies. + File: src/milter/milter8.c. + + Cleanup: preserve multi-line format of header/body Milter + replies. Files: cleanup/cleanup_milter.c, smtpd/smtpd.c. + + Cleanup: multi-line support in SMTP server replies. File: + smtpd/smtpd_chat.c. + diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/postfix-2.5.0/html/ADDRESS_VERIFICATION_README.html new/postfix-2.5.1/html/ADDRESS_VERIFICATION_README.html --- old/postfix-2.5.0/html/ADDRESS_VERIFICATION_README.html 2007-12-18 22:42:59.000000000 +0100 +++ new/postfix-2.5.1/html/ADDRESS_VERIFICATION_README.html 2008-02-14 01:41:16.000000000 +0100 @@ -382,7 +382,7 @@ Postfix-owned <a href="postconf.5.html#data_directory">data_directory</a>. As a migration aid, an attempt to open the file under a non-Postfix directory is redirected to the Postfix-owned <a href="postconf.5.html#data_directory">data_directory</a>, and a warning is logged. If you wish -to continue using an pre-existing database file, move it to the +to continue using a pre-existing database file, move it to the <a href="postconf.5.html#data_directory">data_directory</a>, and change ownership to the account specified with the <a href="postconf.5.html#mail_owner">mail_owner</a> parameter. </p> diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/postfix-2.5.0/html/postconf.5.html new/postfix-2.5.1/html/postconf.5.html --- old/postfix-2.5.0/html/postconf.5.html 2008-01-24 02:38:34.000000000 +0100 +++ new/postfix-2.5.1/html/postconf.5.html 2008-02-14 01:41:27.000000000 +0100 @@ -1351,7 +1351,8 @@ <p> Restrict the characters that the <a href="local.8.html">local(8)</a> delivery agent allows in -$name expansions of $<a href="postconf.5.html#mailbox_command">mailbox_command</a>. Characters outside the +$name expansions of $<a href="postconf.5.html#mailbox_command">mailbox_command</a> and $<a href="postconf.5.html#command_execution_directory">command_execution_directory</a>. +Characters outside the allowed set are replaced by underscores. </p> @@ -7502,7 +7503,7 @@ <li> a /file/name with domain names and/or <a href="postconf.5.html#relayhost">relay host</a> names as defined above, -<li> a "<a href="DATABASE_README.html">type:table</a>" with domain names and/or relay hosts name on +<li> a "<a href="DATABASE_README.html">type:table</a>" with domain names and/or <a href="postconf.5.html#relayhost">relay host</a> names on the left-hand side. The right-hand side result from "<a href="DATABASE_README.html">type:table</a>" lookups is ignored. diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/postfix-2.5.0/html/QSHAPE_README.html new/postfix-2.5.1/html/QSHAPE_README.html --- old/postfix-2.5.0/html/QSHAPE_README.html 2008-01-24 02:25:43.000000000 +0100 +++ new/postfix-2.5.1/html/QSHAPE_README.html 2008-01-25 02:03:23.000000000 +0100 @@ -547,7 +547,7 @@ slow unix - - n - 1 smtp -o <a href="postconf.5.html#fallback_relay">fallback_relay</a>=problem.example.com -o <a href="postconf.5.html#smtp_connect_timeout">smtp_connect_timeout</a>=1 - -o smtp_cache_connection=no + -o <a href="postconf.5.html#smtp_connection_cache_on_demand">smtp_connection_cache_on_demand</a>=no </pre> </ul> diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/postfix-2.5.0/man/man5/postconf.5 new/postfix-2.5.1/man/man5/postconf.5 --- old/postfix-2.5.0/man/man5/postconf.5 2008-01-24 02:10:34.000000000 +0100 +++ new/postfix-2.5.1/man/man5/postconf.5 2008-02-14 01:41:28.000000000 +0100 @@ -751,7 +751,8 @@ This feature is available in Postfix 2.2 and later. .SH command_expansion_filter (default: see "postconf -d" output) Restrict the characters that the \fBlocal\fR(8) delivery agent allows in -$name expansions of $mailbox_command. Characters outside the +$name expansions of $mailbox_command and $command_execution_directory. +Characters outside the allowed set are replaced by underscores. .SH command_time_limit (default: 1000s) Time limit for delivery to external commands. This limit is used @@ -4228,7 +4229,7 @@ a /file/name with domain names and/or relay host names as defined above, .IP \(bu -a "type:table" with domain names and/or relay hosts name on +a "type:table" with domain names and/or relay host names on the left-hand side. The right-hand side result from "type:table" lookups is ignored. .PP diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/postfix-2.5.0/proto/ADDRESS_VERIFICATION_README.html new/postfix-2.5.1/proto/ADDRESS_VERIFICATION_README.html --- old/postfix-2.5.0/proto/ADDRESS_VERIFICATION_README.html 2007-12-18 22:42:41.000000000 +0100 +++ new/postfix-2.5.1/proto/ADDRESS_VERIFICATION_README.html 2008-01-29 23:18:00.000000000 +0100 @@ -382,7 +382,7 @@ Postfix-owned data_directory. As a migration aid, an attempt to open the file under a non-Postfix directory is redirected to the Postfix-owned data_directory, and a warning is logged. If you wish -to continue using an pre-existing database file, move it to the +to continue using a pre-existing database file, move it to the data_directory, and change ownership to the account specified with the mail_owner parameter. </p> diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/postfix-2.5.0/proto/postconf.proto new/postfix-2.5.1/proto/postconf.proto --- old/postfix-2.5.0/proto/postconf.proto 2008-01-24 02:10:09.000000000 +0100 +++ new/postfix-2.5.1/proto/postconf.proto 2008-02-14 01:40:29.000000000 +0100 @@ -3785,7 +3785,7 @@ <li> a /file/name with domain names and/or relay host names as defined above, -<li> a "type:table" with domain names and/or relay hosts name on +<li> a "type:table" with domain names and/or relay host names on the left-hand side. The right-hand side result from "type:table" lookups is ignored. @@ -6638,7 +6638,8 @@ <p> Restrict the characters that the local(8) delivery agent allows in -$name expansions of $mailbox_command. Characters outside the +$name expansions of $mailbox_command and $command_execution_directory. +Characters outside the allowed set are replaced by underscores. </p> diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/postfix-2.5.0/proto/QSHAPE_README.html new/postfix-2.5.1/proto/QSHAPE_README.html --- old/postfix-2.5.0/proto/QSHAPE_README.html 2008-01-24 02:23:32.000000000 +0100 +++ new/postfix-2.5.1/proto/QSHAPE_README.html 2008-01-25 02:02:52.000000000 +0100 @@ -547,7 +547,7 @@ slow unix - - n - 1 smtp -o fallback_relay=problem.example.com -o smtp_connect_timeout=1 - -o smtp_cache_connection=no + -o smtp_connection_cache_on_demand=no </pre> </ul> diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/postfix-2.5.0/README_FILES/ADDRESS_VERIFICATION_README new/postfix-2.5.1/README_FILES/ADDRESS_VERIFICATION_README --- old/postfix-2.5.0/README_FILES/ADDRESS_VERIFICATION_README 2007-12-18 22:42:59.000000000 +0100 +++ new/postfix-2.5.1/README_FILES/ADDRESS_VERIFICATION_README 2008-02-14 01:41:27.000000000 +0100 @@ -245,7 +245,7 @@ this file. The file should now be stored under the Postfix-owned data_directory. As a migration aid, an attempt to open the file under a non- Postfix directory is redirected to the Postfix-owned data_directory, and a -warning is logged. If you wish to continue using an pre-existing database file, +warning is logged. If you wish to continue using a pre-existing database file, move it to the data_directory, and change ownership to the account specified with the mail_owner parameter. diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/postfix-2.5.0/README_FILES/QSHAPE_README new/postfix-2.5.1/README_FILES/QSHAPE_README --- old/postfix-2.5.0/README_FILES/QSHAPE_README 2008-01-24 02:25:43.000000000 +0100 +++ new/postfix-2.5.1/README_FILES/QSHAPE_README 2008-01-25 02:03:23.000000000 +0100 @@ -400,7 +400,7 @@ slow unix - - n - 1 smtp -o fallback_relay=problem.example.com -o smtp_connect_timeout=1 - -o smtp_cache_connection=no + -o smtp_connection_cache_on_demand=no This solution forces the Postfix smtp(8) client to wait for $smtp_connect_timeout seconds between deliveries. The connection caching diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/postfix-2.5.0/src/cleanup/cleanup.c new/postfix-2.5.1/src/cleanup/cleanup.c --- old/postfix-2.5.0/src/cleanup/cleanup.c 2007-12-20 21:27:42.000000000 +0100 +++ new/postfix-2.5.1/src/cleanup/cleanup.c 2008-02-07 19:55:51.000000000 +0100 @@ -491,8 +491,10 @@ status = cleanup_flush(state); /* in case state is modified */ attr_print(src, ATTR_FLAG_NONE, ATTR_TYPE_INT, MAIL_ATTR_STATUS, status, - ATTR_TYPE_STR, MAIL_ATTR_WHY, state->reason ? - state->reason : "", + ATTR_TYPE_STR, MAIL_ATTR_WHY, + (state->flags & CLEANUP_FLAG_SMTP_REPLY) + && state->smtp_reply ? state->smtp_reply : + state->reason ? state->reason : "", ATTR_TYPE_END); cleanup_free(state); diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/postfix-2.5.0/src/cleanup/cleanup.h new/postfix-2.5.1/src/cleanup/cleanup.h --- old/postfix-2.5.0/src/cleanup/cleanup.h 2008-01-07 21:49:48.000000000 +0100 +++ new/postfix-2.5.1/src/cleanup/cleanup.h 2008-02-09 00:52:30.000000000 +0100 @@ -78,6 +78,7 @@ off_t append_hdr_pt_target; /* target of above record */ ssize_t rcpt_count; /* recipient count */ char *reason; /* failure reason */ + char *smtp_reply; /* failure reason, SMTP-style */ NVTABLE *attr; /* queue file attribute list */ MIME_STATE *mime_state; /* MIME state engine */ int mime_errs; /* MIME error flags */ diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/postfix-2.5.0/src/cleanup/cleanup_milter.c new/postfix-2.5.1/src/cleanup/cleanup_milter.c --- old/postfix-2.5.0/src/cleanup/cleanup_milter.c 2008-01-08 22:10:52.000000000 +0100 +++ new/postfix-2.5.1/src/cleanup/cleanup_milter.c 2008-02-09 00:54:24.000000000 +0100 @@ -216,6 +216,29 @@ #define STR(x) vstring_str(x) #define LEN(x) VSTRING_LEN(x) + /* + * Milter replies. + */ +#define CLEANUP_MILTER_SET_REASON(__state, __reason) do { \ + if ((__state)->reason) \ + myfree((__state)->reason); \ + (__state)->reason = mystrdup(__reason); \ + if ((__state)->smtp_reply) { \ + myfree((__state)->smtp_reply); \ + (__state)->smtp_reply = 0; \ + } \ + } while (0) + +#define CLEANUP_MILTER_SET_SMTP_REPLY(__state, __smtp_reply) do { \ + if ((__state)->reason) \ + myfree((__state)->reason); \ + (__state)->reason = mystrdup(__smtp_reply + 4); \ + printable((__state)->reason, '_'); \ + if ((__state)->smtp_reply) \ + myfree((__state)->smtp_reply); \ + (__state)->smtp_reply = mystrdup(__smtp_reply); \ + } while (0) + /* cleanup_milter_set_error - set error flag from errno */ static void cleanup_milter_set_error(CLEANUP_STATE *state, int err) @@ -1402,25 +1425,17 @@ * CLEANUP_STAT_CONT and CLEANUP_STAT_DEFER both update the reason * attribute, but CLEANUP_STAT_DEFER takes precedence. It terminates * queue record processing, and prevents bounces from being sent. - * - * XXX Multi-line replies are messy, We should eliminate not only the - * CRLF, but also the SMTP status and the enhanced status code that - * follows. */ case '4': - if (state->reason) - myfree(state->reason); - ret = state->reason = mystrdup(resp + 4); - printable(state->reason, '_'); + CLEANUP_MILTER_SET_SMTP_REPLY(state, resp); + ret = state->reason; state->errs |= CLEANUP_STAT_DEFER; action = "milter-reject"; text = resp + 4; break; case '5': - if (state->reason) - myfree(state->reason); - ret = state->reason = mystrdup(resp + 4); - printable(state->reason, '_'); + CLEANUP_MILTER_SET_SMTP_REPLY(state, resp); + ret = state->reason; state->errs |= CLEANUP_STAT_CONT; action = "milter-reject"; text = resp + 4; @@ -1596,9 +1611,7 @@ msg_warn("%s: milter configuration error: can't reject recipient " "in non-smtpd(8) submission", state->queue_id); msg_warn("%s: deferring delivery of this message", state->queue_id); - if (state->reason) - myfree(state->reason); - state->reason = mystrdup("4.3.5 Server configuration error"); + CLEANUP_MILTER_SET_REASON(state, "4.3.5 Server configuration error"); state->errs |= CLEANUP_STAT_DEFER; } } diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/postfix-2.5.0/src/cleanup/cleanup_state.c new/postfix-2.5.1/src/cleanup/cleanup_state.c --- old/postfix-2.5.0/src/cleanup/cleanup_state.c 2008-01-07 21:50:27.000000000 +0100 +++ new/postfix-2.5.1/src/cleanup/cleanup_state.c 2008-02-07 20:21:48.000000000 +0100 @@ -97,6 +97,7 @@ state->append_hdr_pt_target = -1; state->rcpt_count = 0; state->reason = 0; + state->smtp_reply = 0; state->attr = nvtable_create(10); nvtable_update(state->attr, MAIL_ATTR_LOG_ORIGIN, MAIL_ATTR_ORG_LOCAL); state->mime_state = 0; @@ -150,6 +151,8 @@ been_here_free(state->dups); if (state->reason) myfree(state->reason); + if (state->smtp_reply) + myfree(state->smtp_reply); nvtable_free(state->attr); if (state->mime_state) mime_state_free(state->mime_state); diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/postfix-2.5.0/src/global/cleanup_user.h new/postfix-2.5.1/src/global/cleanup_user.h --- old/postfix-2.5.0/src/global/cleanup_user.h 2008-01-08 22:08:03.000000000 +0100 +++ new/postfix-2.5.1/src/global/cleanup_user.h 2008-02-07 19:50:11.000000000 +0100 @@ -22,6 +22,7 @@ #define CLEANUP_FLAG_BCC_OK (1<<4) /* Ok to add auto-BCC addresses */ #define CLEANUP_FLAG_MAP_OK (1<<5) /* Ok to map addresses */ #define CLEANUP_FLAG_MILTER (1<<6) /* Enable Milter applications */ +#define CLEANUP_FLAG_SMTP_REPLY (1<<7) /* Enable SMTP reply */ #define CLEANUP_FLAG_FILTER_ALL (CLEANUP_FLAG_FILTER | CLEANUP_FLAG_MILTER) /* diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/postfix-2.5.0/src/global/dict_ldap.c new/postfix-2.5.1/src/global/dict_ldap.c --- old/postfix-2.5.0/src/global/dict_ldap.c 2007-12-17 00:52:11.000000000 +0100 +++ new/postfix-2.5.1/src/global/dict_ldap.c 2008-01-26 01:50:59.000000000 +0100 @@ -488,58 +488,63 @@ if (dict_ldap->start_tls || dict_ldap->ldap_ssl) { if (*dict_ldap->tls_random_file) { if ((rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_RANDOM_FILE, - dict_ldap->tls_random_file)) != LDAP_SUCCESS) + dict_ldap->tls_random_file)) != LDAP_SUCCESS) { msg_warn("%s: Unable to set tls_random_file to %s: %d: %s", myname, dict_ldap->tls_random_file, rc, ldap_err2string(rc)); - return (-1); + return (-1); + } } if (*dict_ldap->tls_ca_cert_file) { if ((rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_CACERTFILE, - dict_ldap->tls_ca_cert_file)) != LDAP_SUCCESS) + dict_ldap->tls_ca_cert_file)) != LDAP_SUCCESS) { msg_warn("%s: Unable to set tls_ca_cert_file to %s: %d: %s", myname, dict_ldap->tls_ca_cert_file, rc, ldap_err2string(rc)); - return (-1); + return (-1); + } } if (*dict_ldap->tls_ca_cert_dir) { if ((rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_CACERTDIR, - dict_ldap->tls_ca_cert_dir)) != LDAP_SUCCESS) + dict_ldap->tls_ca_cert_dir)) != LDAP_SUCCESS) { msg_warn("%s: Unable to set tls_ca_cert_dir to %s: %d: %s", myname, dict_ldap->tls_ca_cert_dir, rc, ldap_err2string(rc)); - return (-1); + return (-1); + } } if (*dict_ldap->tls_cert) { if ((rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_CERTFILE, - dict_ldap->tls_cert)) != LDAP_SUCCESS) + dict_ldap->tls_cert)) != LDAP_SUCCESS) { msg_warn("%s: Unable to set tls_cert to %s: %d: %s", myname, dict_ldap->tls_cert, rc, ldap_err2string(rc)); - return (-1); + return (-1); + } } if (*dict_ldap->tls_key) { if ((rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_KEYFILE, - dict_ldap->tls_key)) != LDAP_SUCCESS) + dict_ldap->tls_key)) != LDAP_SUCCESS) { msg_warn("%s: Unable to set tls_key to %s: %d: %s", myname, dict_ldap->tls_key, rc, ldap_err2string(rc)); - return (-1); + return (-1); + } } if (*dict_ldap->tls_cipher_suite) { if ((rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_CIPHER_SUITE, - dict_ldap->tls_cipher_suite)) != LDAP_SUCCESS) + dict_ldap->tls_cipher_suite)) != LDAP_SUCCESS) { msg_warn("%s: Unable to set tls_cipher_suite to %s: %d: %s", myname, dict_ldap->tls_cipher_suite, rc, ldap_err2string(rc)); - return (-1); + return (-1); + } } - if (dict_ldap->tls_require_cert) { - if ((rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_REQUIRE_CERT, - &(dict_ldap->tls_require_cert))) != LDAP_SUCCESS) - msg_warn("%s: Unable to set tls_require_cert to %d: %d: %s", - myname, dict_ldap->tls_require_cert, - rc, ldap_err2string(rc)); + if ((rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_REQUIRE_CERT, + &(dict_ldap->tls_require_cert))) != LDAP_SUCCESS) { + msg_warn("%s: Unable to set tls_require_cert to %d: %d: %s", + myname, dict_ldap->tls_require_cert, + rc, ldap_err2string(rc)); return (-1); } } diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/postfix-2.5.0/src/global/mail_version.h new/postfix-2.5.1/src/global/mail_version.h --- old/postfix-2.5.0/src/global/mail_version.h 2008-01-24 02:43:28.000000000 +0100 +++ new/postfix-2.5.1/src/global/mail_version.h 2008-02-17 02:44:19.000000000 +0100 @@ -20,8 +20,8 @@ * Patches change both the patchlevel and the release date. Snapshots have no * patchlevel; they change the release date only. */ -#define MAIL_RELEASE_DATE "20080123" -#define MAIL_VERSION_NUMBER "2.5.0" +#define MAIL_RELEASE_DATE "20080216" +#define MAIL_VERSION_NUMBER "2.5.1" #ifdef SNAPSHOT # define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/postfix-2.5.0/src/milter/milter8.c new/postfix-2.5.1/src/milter/milter8.c --- old/postfix-2.5.0/src/milter/milter8.c 2008-01-11 01:58:09.000000000 +0100 +++ new/postfix-2.5.1/src/milter/milter8.c 2008-02-09 00:58:42.000000000 +0100 @@ -83,7 +83,7 @@ /* Global library. */ -#include <mail_params.h> /* var_line_limit */ +#include <mail_params.h> #include <mail_proto.h> #include <rec_type.h> #include <record.h> @@ -1094,6 +1094,7 @@ char *cp; char *rp; char ch; + char *next; if (milter8_read_resp(milter, event, &cmd, &data_size) != 0) MILTER8_EVENT_BREAK(milter->def_reply); @@ -1266,6 +1267,18 @@ break; } } + if (var_soft_bounce) { + for (cp = STR(milter->buf); /* void */ ; cp = next) { + if (cp[0] == '5') { + cp[0] = '4'; + if (cp[4] == '5') + cp[4] = '4'; + } + if ((next = strstr(cp, "\r\n")) == 0) + break; + next += 2; + } + } if (IN_CONNECT_EVENT(event)) { #ifdef LIBMILTER_AUTO_DISCONNECT milter8_close_stream(milter); diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/postfix-2.5.0/src/smtpd/smtpd.c new/postfix-2.5.1/src/smtpd/smtpd.c --- old/postfix-2.5.0/src/smtpd/smtpd.c 2008-01-14 19:49:31.000000000 +0100 +++ new/postfix-2.5.1/src/smtpd/smtpd.c 2008-02-07 22:20:33.000000000 +0100 @@ -1633,7 +1633,8 @@ smtpd_check_rewrite(state); cleanup_flags = input_transp_cleanup(CLEANUP_FLAG_MASK_EXTERNAL, - smtpd_input_transp_mask); + smtpd_input_transp_mask) + | CLEANUP_FLAG_SMTP_REPLY; state->dest = mail_stream_service(MAIL_CLASS_PUBLIC, var_cleanup_service); if (state->dest == 0 @@ -2864,6 +2865,11 @@ * * See also: qmqpd.c */ +#define IS_SMTP_REJECT(s) \ + (((s)[0] == '4' || (s)[0] == '5') \ + && ISDIGIT((s)[1]) && ISDIGIT((s)[2]) \ + && ((s)[3] == '\0' || (s)[3] == ' ' || (s)[3] == '-')) + if (state->err == CLEANUP_STAT_OK) { state->error_count = 0; state->error_mask = 0; @@ -2873,6 +2879,9 @@ "250 2.0.0 Ok: queued as %s", state->queue_id); else smtpd_chat_reply(state, "%s", STR(state->proxy_buffer)); + } else if (why && IS_SMTP_REJECT(STR(why))) { + state->error_mask |= MAIL_ERROR_POLICY; + smtpd_chat_reply(state, "%s", STR(why)); } else if ((state->err & CLEANUP_STAT_DEFER) != 0) { state->error_mask |= MAIL_ERROR_POLICY; detail = cleanup_stat_detail(CLEANUP_STAT_DEFER); @@ -3766,7 +3775,7 @@ * we exclude xclient authorized hosts from event count/rate control. */ if (var_smtpd_cntls_limit > 0 - && (state->tls_context == 0 || state->tls_context->session_reused == 0) + && (state->tls_context == 0 || state->tls_context->session_reused == 0) && SMTPD_STAND_ALONE(state) == 0 && !xclient_allowed && anvil_clnt @@ -3779,7 +3788,7 @@ rate, state->namaddr, state->service); if (state->tls_context) smtpd_chat_reply(state, - "421 4.7.0 %s Error: too many new TLS sessions from %s", + "421 4.7.0 %s Error: too many new TLS sessions from %s", var_myhostname, state->namaddr); /* XXX Use regular return to signal end of session. */ vstream_longjmp(state->client, SMTP_ERR_QUIET); diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/postfix-2.5.0/src/smtpd/smtpd_chat.c new/postfix-2.5.1/src/smtpd/smtpd_chat.c --- old/postfix-2.5.0/src/smtpd/smtpd_chat.c 2007-10-06 00:55:25.000000000 +0200 +++ new/postfix-2.5.1/src/smtpd/smtpd_chat.c 2008-02-09 01:03:45.000000000 +0100 @@ -104,7 +104,8 @@ /* smtp_chat_append - append record to SMTP transaction log */ -static void smtp_chat_append(SMTPD_STATE *state, char *direction) +static void smtp_chat_append(SMTPD_STATE *state, char *direction, + const char *text) { char *line; @@ -113,7 +114,7 @@ if (state->history == 0) state->history = argv_alloc(10); - line = concatenate(direction, STR(state->buffer), (char *) 0); + line = concatenate(direction, text, (char *) 0); argv_add(state->history, line, (char *) 0); myfree(line); } @@ -125,7 +126,7 @@ int last_char; last_char = smtp_get(state->buffer, state->client, var_line_limit); - smtp_chat_append(state, "In: "); + smtp_chat_append(state, "In: ", STR(state->buffer)); if (last_char != '\n') msg_warn("%s: request longer than %d: %.30s...", state->namaddr, var_line_limit, @@ -141,20 +142,9 @@ { va_list ap; int delay = 0; - - va_start(ap, format); - vstring_vsprintf(state->buffer, format, ap); - va_end(ap); - /* All 5xx replies must have a 5.xx.xx detail code. */ - if (var_soft_bounce && STR(state->buffer)[0] == '5') { - STR(state->buffer)[0] = '4'; - if (STR(state->buffer)[4] == '5') - STR(state->buffer)[4] = '4'; - } - smtp_chat_append(state, "Out: "); - - if (msg_verbose) - msg_info("> %s: %s", state->namaddr, STR(state->buffer)); + char *cp; + char *next; + char *end; /* * Slow down clients that make errors. Sleep-on-anything slows down @@ -163,7 +153,35 @@ if (state->error_count >= var_smtpd_soft_erlim) sleep(delay = var_smtpd_err_sleep); - smtp_fputs(STR(state->buffer), LEN(state->buffer), state->client); + va_start(ap, format); + vstring_vsprintf(state->buffer, format, ap); + va_end(ap); + /* All 5xx replies must have a 5.xx.xx detail code. */ + for (cp = STR(state->buffer), end = cp + strlen(STR(state->buffer));;) { + if (var_soft_bounce) { + if (cp[0] == '5') { + cp[0] = '4'; + if (cp[4] == '5') + cp[4] = '4'; + } + } + /* This is why we use strlen() above instead of VSTRING_LEN(). */ + if ((next = strstr(cp, "\r\n")) != 0) { + *next = 0; + } else { + next = end; + } + smtp_chat_append(state, "Out: ", cp); + + if (msg_verbose) + msg_info("> %s: %s", state->namaddr, cp); + + smtp_fputs(cp, next - cp, state->client); + if (next < end) + cp = next + 2; + else + break; + } /* * Flush unsent output if no I/O happened for a while. This avoids ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org