| smtpd_data_restrictions | ≥ 2.0 |
Optional |
diff -cr --new-file /var/tmp/postfix-2.11.10/src/local/mailbox.c ./src/local/mailbox.c
*** /var/tmp/postfix-2.11.10/src/local/mailbox.c 2012-01-24 19:40:34.000000000 -0500
--- ./src/local/mailbox.c 2018-01-27 20:52:32.000000000 -0500
***************
*** 97,103 ****
int deliver_status;
int copy_flags;
VSTRING *biff;
! long end;
struct stat st;
uid_t spool_uid;
gid_t spool_gid;
--- 97,103 ----
int deliver_status;
int copy_flags;
VSTRING *biff;
! off_t end;
struct stat st;
uid_t spool_uid;
gid_t spool_gid;
***************
*** 202,208 ****
msg_warn("specify \"%s = no\" to ignore mailbox ownership mismatch",
VAR_STRICT_MBOX_OWNER);
} else {
! end = vstream_fseek(mp->fp, (off_t) 0, SEEK_END);
mail_copy_status = mail_copy(COPY_ATTR(state.msg_attr), mp->fp,
copy_flags, "\n", why);
}
--- 202,209 ----
msg_warn("specify \"%s = no\" to ignore mailbox ownership mismatch",
VAR_STRICT_MBOX_OWNER);
} else {
! if ((end = vstream_fseek(mp->fp, (off_t) 0, SEEK_END)) < 0)
! msg_fatal("seek mailbox file %s: %m", mailbox);
mail_copy_status = mail_copy(COPY_ATTR(state.msg_attr), mp->fp,
copy_flags, "\n", why);
}
diff -cr --new-file /var/tmp/postfix-2.11.10/src/smtpd/smtpd_check.c ./src/smtpd/smtpd_check.c
*** /var/tmp/postfix-2.11.10/src/smtpd/smtpd_check.c 2016-12-31 19:38:41.000000000 -0500
--- ./src/smtpd/smtpd_check.c 2017-12-20 20:28:09.000000000 -0500
***************
*** 3707,3713 ****
static void forbid_whitelist(SMTPD_STATE *state, const char *name,
int status, const char *target)
{
! if (status == SMTPD_CHECK_OK) {
msg_warn("restriction %s returns OK for %s", name, target);
msg_warn("this is not allowed for security reasons");
msg_warn("use DUNNO instead of OK if you want to make an exception");
--- 3707,3713 ----
static void forbid_whitelist(SMTPD_STATE *state, const char *name,
int status, const char *target)
{
! if (state->discard == 0 && status == SMTPD_CHECK_OK) {
msg_warn("restriction %s returns OK for %s", name, target);
msg_warn("this is not allowed for security reasons");
msg_warn("use DUNNO instead of OK if you want to make an exception");
diff -cr --new-file /var/tmp/postfix-2.11.10/src/util/dict_db.c ./src/util/dict_db.c
*** /var/tmp/postfix-2.11.10/src/util/dict_db.c 2017-06-13 12:19:33.000000000 -0400
--- ./src/util/dict_db.c 2017-12-20 21:08:07.000000000 -0500
***************
*** 620,625 ****
--- 620,626 ----
struct stat st;
DB *db = 0;
char *db_path = 0;
+ VSTRING *db_base_buf = 0;
int lock_fd = -1;
int dbfd;
***************
*** 675,680 ****
--- 676,682 ----
#define LOCK_OPEN_FLAGS(f) ((f) & ~(O_CREAT|O_TRUNC))
#define FREE_RETURN(e) do { \
DICT *_dict = (e); if (db) DICT_DB_CLOSE(db); \
+ if (db_base_buf) vstring_free(db_base_buf); \
if (db_path) myfree(db_path); return (_dict); \
} while (0)
***************
*** 739,755 ****
msg_panic("db_create null result");
if (type == DB_HASH && db->set_h_nelem(db, DICT_DB_NELM) != 0)
msg_fatal("set DB hash element count %d: %m", DICT_DB_NELM);
#if DB_VERSION_MAJOR == 5 || (DB_VERSION_MAJOR == 4 && DB_VERSION_MINOR > 0)
! if ((errno = db->open(db, 0, db_path, 0, type, db_flags, 0644)) != 0)
FREE_RETURN(dict_surrogate(class, path, open_flags, dict_flags,
"open database %s: %m", db_path));
#elif (DB_VERSION_MAJOR == 3 || DB_VERSION_MAJOR == 4)
! if ((errno = db->open(db, db_path, 0, type, db_flags, 0644)) != 0)
FREE_RETURN(dict_surrogate(class, path, open_flags, dict_flags,
"open database %s: %m", db_path));
#else
#error "Unsupported Berkeley DB version"
#endif
if ((errno = db->fd(db, &dbfd)) != 0)
msg_fatal("get database file descriptor: %m");
#endif
--- 741,761 ----
msg_panic("db_create null result");
if (type == DB_HASH && db->set_h_nelem(db, DICT_DB_NELM) != 0)
msg_fatal("set DB hash element count %d: %m", DICT_DB_NELM);
+ db_base_buf = vstring_alloc(100);
#if DB_VERSION_MAJOR == 5 || (DB_VERSION_MAJOR == 4 && DB_VERSION_MINOR > 0)
! if ((errno = db->open(db, 0, sane_basename(db_base_buf, db_path),
! 0, type, db_flags, 0644)) != 0)
FREE_RETURN(dict_surrogate(class, path, open_flags, dict_flags,
"open database %s: %m", db_path));
#elif (DB_VERSION_MAJOR == 3 || DB_VERSION_MAJOR == 4)
! if ((errno = db->open(db, sane_basename(db_base_buf, db_path), 0,
! type, db_flags, 0644)) != 0)
FREE_RETURN(dict_surrogate(class, path, open_flags, dict_flags,
"open database %s: %m", db_path));
#else
#error "Unsupported Berkeley DB version"
#endif
+ vstring_free(db_base_buf);
if ((errno = db->fd(db, &dbfd)) != 0)
msg_fatal("get database file descriptor: %m");
#endif
diff -cr --new-file /var/tmp/postfix-2.11.10/src/virtual/mailbox.c ./src/virtual/mailbox.c
*** /var/tmp/postfix-2.11.10/src/virtual/mailbox.c 2016-08-22 17:24:31.000000000 -0400
--- ./src/virtual/mailbox.c 2018-01-21 17:19:16.000000000 -0500
***************
*** 132,138 ****
VAR_STRICT_MBOX_OWNER);
} else {
if (vstream_fseek(mp->fp, (off_t) 0, SEEK_END) < 0)
! msg_fatal("%s: seek queue file %s: %m",
myname, VSTREAM_PATH(mp->fp));
mail_copy_status = mail_copy(COPY_ATTR(state.msg_attr), mp->fp,
copy_flags, "\n", why);
--- 132,138 ----
VAR_STRICT_MBOX_OWNER);
} else {
if (vstream_fseek(mp->fp, (off_t) 0, SEEK_END) < 0)
! msg_fatal("%s: seek mailbox file %s: %m",
myname, VSTREAM_PATH(mp->fp));
mail_copy_status = mail_copy(COPY_ATTR(state.msg_attr), mp->fp,
copy_flags, "\n", why);
|