Postfix 2.1.3 fixes the following problems: - Missing patch for variadic argument list reuse. - With a non-default route for address verification probes, normal mail could be sent over the probe route and vice versa. - The SMTP server didn't neuter whitespace in HELO commands, so that it could mess up XFORWARD commands. - Some cosmetic documentation fixes. Prereq: "2.1.2" diff -cr /tmp/postfix-2.1.2/src/global/mail_version.h ./src/global/mail_version.h *** /tmp/postfix-2.1.2/src/global/mail_version.h Mon Jun 14 17:43:33 2004 --- ./src/global/mail_version.h Wed Jun 16 14:19:03 2004 *************** *** 20,27 **** * Patches change the patchlevel and the release date. Snapshots change the * release date only. */ ! #define MAIL_RELEASE_DATE "20040615" ! #define MAIL_VERSION_NUMBER "2.1.2" #define VAR_MAIL_VERSION "mail_version" #ifdef SNAPSHOT --- 20,27 ---- * Patches change the patchlevel and the release date. Snapshots change the * release date only. */ ! #define MAIL_RELEASE_DATE "20040616" ! #define MAIL_VERSION_NUMBER "2.1.3" #define VAR_MAIL_VERSION "mail_version" #ifdef SNAPSHOT diff -cr /tmp/postfix-2.1.2/HISTORY ./HISTORY *** /tmp/postfix-2.1.2/HISTORY Mon Jun 14 17:47:38 2004 --- ./HISTORY Wed Jun 16 16:22:04 2004 *************** *** 9373,9375 **** --- 9373,9391 ---- John Heasley. File: util/sys_defs.h. Documentation: typo fixes by IKEDA Nozomu. + + 20040616 + + Bugfix: one missed variadic argument list fix. Victor + Duchovni, Morgan Stanley. File: global/verify.c. + + Bugfix: the resolver client cache should be context dependent + because address verification probes may use a different + route than normal mail deliveries. File: global/resolve_clnt.c. + + Safety: added similar context dependence to the address + rewriting client in order to avoid trouble when Postfix is + changed. File: global/rewrite_clnt.c. + + Bugfix: space in HELO commands could end up in XFORWARD + commands. File: smtpd/smtpd.c. diff -cr /tmp/postfix-2.1.2/README_FILES/BASIC_CONFIGURATION_README ./README_FILES/BASIC_CONFIGURATION_README *** /tmp/postfix-2.1.2/README_FILES/BASIC_CONFIGURATION_README Thu Apr 15 16:54:47 2004 --- ./README_FILES/BASIC_CONFIGURATION_README Wed Jun 16 14:25:41 2004 *************** *** 116,123 **** the parent domain of the machine name. For the sake of consistency between sender and recipient addresses, myorigin ! also specifies the default domain name that is appended to an unqualified ! recipient address. Examples (specify only one of the following): --- 116,123 ---- the parent domain of the machine name. For the sake of consistency between sender and recipient addresses, myorigin ! also specifies the domain name that is appended to an unqualified recipient ! address. Examples (specify only one of the following): diff -cr /tmp/postfix-2.1.2/html/BASIC_CONFIGURATION_README.html ./html/BASIC_CONFIGURATION_README.html *** /tmp/postfix-2.1.2/html/BASIC_CONFIGURATION_README.html Thu Apr 15 16:54:46 2004 --- ./html/BASIC_CONFIGURATION_README.html Wed Jun 16 14:25:36 2004 *************** *** 187,193 **** domain of the machine name.

For the sake of consistency between sender and recipient addresses, ! myorigin also specifies the default domain name that is appended to an unqualified recipient address.

Examples (specify only one of the following):

--- 187,193 ---- domain of the machine name.

For the sake of consistency between sender and recipient addresses, ! myorigin also specifies the domain name that is appended to an unqualified recipient address.

Examples (specify only one of the following):

diff -cr /tmp/postfix-2.1.2/html/postconf.5.html ./html/postconf.5.html *** /tmp/postfix-2.1.2/html/postconf.5.html Mon Jun 14 17:18:53 2004 --- ./html/postconf.5.html Wed Jun 16 18:40:35 2004 *************** *** 3335,3341 ****

! By default, address masquerading is limited to envelope recipient addresses, and to header sender and header recipient addresses. This allows you to use address masquerading on a mail gateway while still being able to forward mail to users on individual machines. --- 3335,3341 ----

! By default, address masquerading is limited to envelope sender addresses, and to header sender and header recipient addresses. This allows you to use address masquerading on a mail gateway while still being able to forward mail to users on individual machines. *************** *** 3773,3779 **** (default: $myhostname)

! The default domain name that locally-posted mail appears to come from, and that locally posted mail is delivered to. The default, $myhostname, is adequate for small sites. If you run a domain with multiple machines, you should (1) change this to $mydomain and (2) --- 3773,3779 ---- (default: $myhostname)

! The domain name that locally-posted mail appears to come from, and that locally posted mail is delivered to. The default, $myhostname, is adequate for small sites. If you run a domain with multiple machines, you should (1) change this to $mydomain and (2) diff -cr /tmp/postfix-2.1.2/html/smtpd.8.html ./html/smtpd.8.html *** /tmp/postfix-2.1.2/html/smtpd.8.html Mon Jun 14 17:38:32 2004 --- ./html/smtpd.8.html Wed Jun 16 18:40:37 2004 *************** *** 708,716 **** privileges than "strangers". myorigin ($myhostname) ! The default domain name that locally-posted mail ! appears to come from, and that locally posted mail ! is delivered to. process_id (read-only) The process ID of a Postfix command or daemon pro- --- 708,716 ---- privileges than "strangers". myorigin ($myhostname) ! The domain name that locally-posted mail appears to ! come from, and that locally posted mail is deliv- ! ered to. process_id (read-only) The process ID of a Postfix command or daemon pro- diff -cr /tmp/postfix-2.1.2/man/man5/postconf.5 ./man/man5/postconf.5 *** /tmp/postfix-2.1.2/man/man5/postconf.5 Mon Jun 14 17:18:53 2004 --- ./man/man5/postconf.5 Wed Jun 16 18:40:35 2004 *************** *** 1670,1676 **** .SH masquerade_classes (default: envelope_sender, header_sender, header_recipient) What addresses are subject to address masquerading. .PP ! By default, address masquerading is limited to envelope recipient addresses, and to header sender and header recipient addresses. This allows you to use address masquerading on a mail gateway while still being able to forward mail to users on individual machines. --- 1670,1676 ---- .SH masquerade_classes (default: envelope_sender, header_sender, header_recipient) What addresses are subject to address masquerading. .PP ! By default, address masquerading is limited to envelope sender addresses, and to header sender and header recipient addresses. This allows you to use address masquerading on a mail gateway while still being able to forward mail to users on individual machines. *************** *** 1929,1935 **** an explicit mynetworks list by hand, as described with the mynetworks configuration parameter. .SH myorigin (default: $myhostname) ! The default domain name that locally-posted mail appears to come from, and that locally posted mail is delivered to. The default, $myhostname, is adequate for small sites. If you run a domain with multiple machines, you should (1) change this to $mydomain and (2) --- 1929,1935 ---- an explicit mynetworks list by hand, as described with the mynetworks configuration parameter. .SH myorigin (default: $myhostname) ! The domain name that locally-posted mail appears to come from, and that locally posted mail is delivered to. The default, $myhostname, is adequate for small sites. If you run a domain with multiple machines, you should (1) change this to $mydomain and (2) diff -cr /tmp/postfix-2.1.2/man/man8/smtpd.8 ./man/man8/smtpd.8 *** /tmp/postfix-2.1.2/man/man8/smtpd.8 Mon Jun 14 17:38:30 2004 --- ./man/man8/smtpd.8 Wed Jun 16 18:40:36 2004 *************** *** 580,586 **** The list of "trusted" SMTP clients that have more privileges than "strangers". .IP "\fBmyorigin ($myhostname)\fR" ! The default domain name that locally-posted mail appears to come from, and that locally posted mail is delivered to. .IP "\fBprocess_id (read-only)\fR" The process ID of a Postfix command or daemon process. --- 580,586 ---- The list of "trusted" SMTP clients that have more privileges than "strangers". .IP "\fBmyorigin ($myhostname)\fR" ! The domain name that locally-posted mail appears to come from, and that locally posted mail is delivered to. .IP "\fBprocess_id (read-only)\fR" The process ID of a Postfix command or daemon process. diff -cr /tmp/postfix-2.1.2/proto/BASIC_CONFIGURATION_README.html ./proto/BASIC_CONFIGURATION_README.html *** /tmp/postfix-2.1.2/proto/BASIC_CONFIGURATION_README.html Thu Apr 15 16:49:13 2004 --- ./proto/BASIC_CONFIGURATION_README.html Wed Jun 16 14:24:02 2004 *************** *** 187,193 **** domain of the machine name.

For the sake of consistency between sender and recipient addresses, ! myorigin also specifies the default domain name that is appended to an unqualified recipient address.

Examples (specify only one of the following):

--- 187,193 ---- domain of the machine name.

For the sake of consistency between sender and recipient addresses, ! myorigin also specifies the domain name that is appended to an unqualified recipient address.

Examples (specify only one of the following):

diff -cr /tmp/postfix-2.1.2/proto/postconf.proto ./proto/postconf.proto *** /tmp/postfix-2.1.2/proto/postconf.proto Mon Jun 14 17:17:40 2004 --- ./proto/postconf.proto Wed Jun 16 18:40:26 2004 *************** *** 2064,2070 ****

! By default, address masquerading is limited to envelope recipient addresses, and to header sender and header recipient addresses. This allows you to use address masquerading on a mail gateway while still being able to forward mail to users on individual machines. --- 2064,2070 ----

! By default, address masquerading is limited to envelope sender addresses, and to header sender and header recipient addresses. This allows you to use address masquerading on a mail gateway while still being able to forward mail to users on individual machines. *************** *** 2370,2376 **** %PARAM myorigin $myhostname

! The default domain name that locally-posted mail appears to come from, and that locally posted mail is delivered to. The default, $myhostname, is adequate for small sites. If you run a domain with multiple machines, you should (1) change this to $mydomain and (2) --- 2370,2376 ---- %PARAM myorigin $myhostname

! The domain name that locally-posted mail appears to come from, and that locally posted mail is delivered to. The default, $myhostname, is adequate for small sites. If you run a domain with multiple machines, you should (1) change this to $mydomain and (2) diff -cr /tmp/postfix-2.1.2/src/global/mynetworks.c ./src/global/mynetworks.c *** /tmp/postfix-2.1.2/src/global/mynetworks.c Sat Feb 24 20:46:07 2001 --- ./src/global/mynetworks.c Wed Jun 16 14:01:14 2004 *************** *** 91,96 **** --- 91,107 ---- mask_style = name_mask("mynetworks mask style", mask_styles, var_mynetworks_style); + /* + * XXX Workaround: name_mask() needs a flags argument so that we can + * require exactly one value, or we need to provide an API that is + * dedicated for single-valued flags. + */ + for (i = 0, junk = mask_style; junk != 0; junk >>= 1) + i += (junk & 1); + if (i != 1) + msg_fatal("bad %s value: %s; specify exactly one value", + VAR_MYNETWORKS_STYLE, var_mynetworks_style); + result = vstring_alloc(20); my_addr_list = own_inet_addr_list(); my_mask_list = own_inet_mask_list(); diff -cr /tmp/postfix-2.1.2/src/global/resolve_clnt.c ./src/global/resolve_clnt.c *** /tmp/postfix-2.1.2/src/global/resolve_clnt.c Fri Mar 26 13:39:41 2004 --- ./src/global/resolve_clnt.c Wed Jun 16 12:33:01 2004 *************** *** 127,132 **** --- 127,133 ---- */ extern CLNT_STREAM *rewrite_clnt_stream; + static VSTRING *last_class; static VSTRING *last_addr; static RESOLVE_REPLY last_reply; *************** *** 151,156 **** --- 152,158 ---- * One-entry cache. */ if (last_addr == 0) { + last_class = vstring_alloc(10); last_addr = vstring_alloc(100); resolve_clnt_init(&last_reply); } *************** *** 169,175 **** */ #define IFSET(flag, text) ((reply->flags & (flag)) ? (text) : "") ! if (*addr && strcmp(addr, STR(last_addr)) == 0) { vstring_strcpy(reply->transport, STR(last_reply.transport)); vstring_strcpy(reply->nexthop, STR(last_reply.nexthop)); vstring_strcpy(reply->recipient, STR(last_reply.recipient)); --- 171,178 ---- */ #define IFSET(flag, text) ((reply->flags & (flag)) ? (text) : "") ! if (*addr && strcmp(addr, STR(last_addr)) == 0 ! && strcmp(class, STR(last_class)) == 0) { vstring_strcpy(reply->transport, STR(last_reply.transport)); vstring_strcpy(reply->nexthop, STR(last_reply.nexthop)); vstring_strcpy(reply->recipient, STR(last_reply.recipient)); *************** *** 246,251 **** --- 249,255 ---- /* * Update the cache. */ + vstring_strcpy(last_class, class); vstring_strcpy(last_addr, addr); vstring_strcpy(last_reply.transport, STR(reply->transport)); vstring_strcpy(last_reply.nexthop, STR(reply->nexthop)); diff -cr /tmp/postfix-2.1.2/src/global/rewrite_clnt.c ./src/global/rewrite_clnt.c *** /tmp/postfix-2.1.2/src/global/rewrite_clnt.c Fri Mar 26 14:02:38 2004 --- ./src/global/rewrite_clnt.c Wed Jun 16 12:35:16 2004 *************** *** 72,77 **** --- 72,78 ---- */ CLNT_STREAM *rewrite_clnt_stream = 0; + static VSTRING *last_rule; static VSTRING *last_addr; static VSTRING *last_result; *************** *** 85,90 **** --- 86,92 ---- * One-entry cache. */ if (last_addr == 0) { + last_rule = vstring_alloc(10); last_addr = vstring_alloc(100); last_result = vstring_alloc(100); } *************** *** 102,111 **** /* * Peek at the cache. - * - * XXX Must be made "rule" specific. */ ! if (strcmp(addr, STR(last_addr)) == 0) { vstring_strcpy(result, STR(last_result)); if (msg_verbose) msg_info("rewrite_clnt: cached: %s: %s -> %s", --- 104,112 ---- /* * Peek at the cache. */ ! if (strcmp(addr, STR(last_addr)) == 0 ! && strcmp(rule, STR(last_rule)) == 0) { vstring_strcpy(result, STR(last_result)); if (msg_verbose) msg_info("rewrite_clnt: cached: %s: %s -> %s", *************** *** 152,157 **** --- 153,159 ---- /* * Update the cache. */ + vstring_strcpy(last_rule, rule); vstring_strcpy(last_addr, addr); vstring_strcpy(last_result, STR(result)); diff -cr /tmp/postfix-2.1.2/src/global/verify.c ./src/global/verify.c *** /tmp/postfix-2.1.2/src/global/verify.c Mon Jun 14 13:20:02 2004 --- ./src/global/verify.c Wed Jun 16 07:37:12 2004 *************** *** 142,148 **** */ vstring_vsprintf(text, fmt, ap); if (var_verify_neg_cache || rcpt_stat == DEL_RCPT_STAT_OK) { ! req_stat = verify_clnt_vupdate(orig_rcpt, rcpt_stat, fmt, ap); if (req_stat == VRFY_STAT_OK && strcasecmp(recipient, orig_rcpt) != 0) req_stat = verify_clnt_update(recipient, rcpt_stat, "%s", vstring_str(text)); --- 142,149 ---- */ vstring_vsprintf(text, fmt, ap); if (var_verify_neg_cache || rcpt_stat == DEL_RCPT_STAT_OK) { ! req_stat = verify_clnt_update(orig_rcpt, rcpt_stat, ! "%s", vstring_str(text)); if (req_stat == VRFY_STAT_OK && strcasecmp(recipient, orig_rcpt) != 0) req_stat = verify_clnt_update(recipient, rcpt_stat, "%s", vstring_str(text)); diff -cr /tmp/postfix-2.1.2/src/smtpd/smtpd.c ./src/smtpd/smtpd.c *** /tmp/postfix-2.1.2/src/smtpd/smtpd.c Mon Jun 14 17:38:17 2004 --- ./src/smtpd/smtpd.c Wed Jun 16 18:40:36 2004 *************** *** 534,540 **** /* The list of "trusted" SMTP clients that have more privileges than /* "strangers". /* .IP "\fBmyorigin ($myhostname)\fR" ! /* The default domain name that locally-posted mail appears to come /* from, and that locally posted mail is delivered to. /* .IP "\fBprocess_id (read-only)\fR" /* The process ID of a Postfix command or daemon process. --- 534,540 ---- /* The list of "trusted" SMTP clients that have more privileges than /* "strangers". /* .IP "\fBmyorigin ($myhostname)\fR" ! /* The domain name that locally-posted mail appears to come /* from, and that locally posted mail is delivered to. /* .IP "\fBprocess_id (read-only)\fR" /* The process ID of a Postfix command or daemon process. *************** *** 811,816 **** --- 811,821 ---- static void rcpt_reset(SMTPD_STATE *); static void chat_reset(SMTPD_STATE *, int); + /* + * This filter is applied after printable(). + */ + #define NEUTER_CHARACTERS " <>()\\\";:@" + #ifdef USE_SASL_AUTH /* *************** *** 882,888 **** mail_reset(state); rcpt_reset(state); state->helo_name = mystrdup(printable(argv[1].strval, '?')); ! neuter(state->helo_name, "<>()\\\";:@", '?'); /* Downgrading the protocol name breaks the unauthorized pipelining test. */ if (strcasecmp(state->protocol, MAIL_PROTO_ESMTP) != 0 && strcasecmp(state->protocol, MAIL_PROTO_SMTP) != 0) { --- 887,893 ---- mail_reset(state); rcpt_reset(state); state->helo_name = mystrdup(printable(argv[1].strval, '?')); ! neuter(state->helo_name, NEUTER_CHARACTERS, '?'); /* Downgrading the protocol name breaks the unauthorized pipelining test. */ if (strcasecmp(state->protocol, MAIL_PROTO_ESMTP) != 0 && strcasecmp(state->protocol, MAIL_PROTO_SMTP) != 0) { *************** *** 923,929 **** mail_reset(state); rcpt_reset(state); state->helo_name = mystrdup(printable(argv[1].strval, '?')); ! neuter(state->helo_name, "<>()\\\";:@", '?'); if (strcasecmp(state->protocol, MAIL_PROTO_ESMTP) != 0) { myfree(state->protocol); state->protocol = mystrdup(MAIL_PROTO_ESMTP); --- 928,934 ---- mail_reset(state); rcpt_reset(state); state->helo_name = mystrdup(printable(argv[1].strval, '?')); ! neuter(state->helo_name, NEUTER_CHARACTERS, '?'); if (strcasecmp(state->protocol, MAIL_PROTO_ESMTP) != 0) { myfree(state->protocol); state->protocol = mystrdup(MAIL_PROTO_ESMTP); *************** *** 2012,2018 **** if (s) myfree(s); \ s = (v) ? mystrdup(v) : 0; \ } while(0) - #define NEUTER_CHARACTERS "<>()\\\";:@" /* * Iterate over all attribute=value elements. --- 2017,2022 ----