Protocol names are ESMTP or SMTP.
Protocol states are CONNECT, EHLO, HELO, MAIL, RCPT, ! DATA, END-OF-DATA, VRFY or ETRN; these are the SMTP protocol states where the Postfix SMTP server makes an OK/REJECT/HOLD/etc. decision.
--- 146,152 ----Protocol names are ESMTP or SMTP.
Protocol states are CONNECT, EHLO, HELO, MAIL, RCPT, ! DATA, END-OF-MESSAGE, VRFY or ETRN; these are the SMTP protocol states where the Postfix SMTP server makes an OK/REJECT/HOLD/etc. decision.
diff -cr /var/tmp/postfix-2.2.4/html/TUNING_README.html ./html/TUNING_README.html *** /var/tmp/postfix-2.2.4/html/TUNING_README.html Tue Feb 22 09:05:37 2005 --- ./html/TUNING_README.html Mon Jul 11 15:58:04 2005 *************** *** 242,252 **** simultaneous connections (default: 50). This is half the default process limit.An SMTP client may make up to $smtpd_client_connection_rate_limit connections per unit time (default: no limit).
These limits are not applied to SMTP clients in the networks ! specified with $smtpd_client_connection_limit_exceptions (default: clients in $mynetworks may make an unlimited number of connections).
The anvil_rate_time_unit parameter specifies the time --- 242,258 ---- simultaneous connections (default: 50). This is half the default process limit.
+An SMTP client may make up to $smtpd_client_message_rate_limit + message delivery requests per unit time (default: no limit).
+ +An SMTP client may send up to $smtpd_client_recipient_rate_limit + recipient addresses per unit time (default: no limit).
+An SMTP client may make up to $smtpd_client_connection_rate_limit connections per unit time (default: no limit).
These limits are not applied to SMTP clients in the networks ! specified with $smtpd_client_event_limit_exceptions (default: clients in $mynetworks may make an unlimited number of connections).
The anvil_rate_time_unit parameter specifies the time diff -cr /var/tmp/postfix-2.2.4/html/postconf.5.html ./html/postconf.5.html *** /var/tmp/postfix-2.2.4/html/postconf.5.html Wed Mar 9 15:06:04 2005 --- ./html/postconf.5.html Tue Jul 19 12:53:07 2005 *************** *** 2546,2552 ****
! Specify a pathname ending "/" for qmail-style delivery.
--- 2546,2552 ----
! Specify a pathname ending in "/" for qmail-style delivery.
diff -cr /var/tmp/postfix-2.2.4/man/man5/postconf.5 ./man/man5/postconf.5 *** /var/tmp/postfix-2.2.4/man/man5/postconf.5 Wed Mar 9 15:06:05 2005 --- ./man/man5/postconf.5 Tue Jul 19 12:53:07 2005 *************** *** 514,520 **** with whitespace. .PP Note: IP version 6 address information must be specified inside ! [] in the authorized_verp_clients value, and in files specified with "/file/name". IP version 6 addresses contain the ":" character, and would otherwise be confused with a "type:table" pattern. --- 514,520 ---- with whitespace. .PP Note: IP version 6 address information must be specified inside ! [] in the authorized_verp_clients value, and in files specified with "/file/name". IP version 6 addresses contain the ":" character, and would otherwise be confused with a "type:table" pattern. *************** *** 1180,1186 **** In main.cf specify "relay_transport = relay", .IP \(bu In master.cf specify "-o fallback_relay =" (i.e., empty) at ! the end of the relay entry. .IP \(bu In transport maps, specify "relay:\fInexthop...\fR" as the right-hand side for backup or primary MX domain entries. --- 1180,1186 ---- In main.cf specify "relay_transport = relay", .IP \(bu In master.cf specify "-o fallback_relay =" (i.e., empty) at ! the end of the relay entry. .IP \(bu In transport maps, specify "relay:\fInexthop...\fR" as the right-hand side for backup or primary MX domain entries. *************** *** 1326,1332 **** Optional pathname of a mailbox file relative to a \fBlocal\fR(8) user's home directory. .PP ! Specify a pathname ending "/" for qmail-style delivery. .PP The precedence of \fBlocal\fR(8) delivery features from high to low is: aliases, .forward files, mailbox_transport, mailbox_command_maps, --- 1326,1332 ---- Optional pathname of a mailbox file relative to a \fBlocal\fR(8) user's home directory. .PP ! Specify a pathname ending in "/" for qmail-style delivery. .PP The precedence of \fBlocal\fR(8) delivery features from high to low is: aliases, .forward files, mailbox_transport, mailbox_command_maps, *************** *** 1389,1399 **** mail on. Specify "all" to receive mail on all network interfaces (default), and "loopback-only" to receive mail on loopback network interfaces only (Postfix 2.2 and later). The ! parameter also controls delivery of mail to user@[ip.address]. .PP Note 1: you need to stop and start Postfix when this parameter changes. .PP ! Note 2: address information may be enclosed inside [], but this form is not recommended here. .PP When inet_interfaces specifies just one IPv4 and/or IPv6 address --- 1389,1399 ---- mail on. Specify "all" to receive mail on all network interfaces (default), and "loopback-only" to receive mail on loopback network interfaces only (Postfix 2.2 and later). The ! parameter also controls delivery of mail to user@[ip.address]. .PP Note 1: you need to stop and start Postfix when this parameter changes. .PP ! Note 2: address information may be enclosed inside [], but this form is not recommended here. .PP When inet_interfaces specifies just one IPv4 and/or IPv6 address *************** *** 2347,2353 **** block from the list. .PP Note: IP version 6 address information must be specified inside ! [] in the mynetworks value, and in files specified with "/file/name". IP version 6 addresses contain the ":" character, and would otherwise be confused with a "type:table" pattern. .PP --- 2347,2353 ---- block from the list. .PP Note: IP version 6 address information must be specified inside ! [] in the mynetworks value, and in files specified with "/file/name". IP version 6 addresses contain the ":" character, and would otherwise be confused with a "type:table" pattern. .PP *************** *** 3166,3172 **** IP hosting, but can be a problem on multi-homed firewalls. See the inet_interfaces documentation for more detail. .PP ! Note 2: address information may be enclosed inside [], but this form is not recommended here. .SH smtp_bind_address6 (default: empty) An optional numerical network address that the SMTP client should --- 3166,3172 ---- IP hosting, but can be a problem on multi-homed firewalls. See the inet_interfaces documentation for more detail. .PP ! Note 2: address information may be enclosed inside [], but this form is not recommended here. .SH smtp_bind_address6 (default: empty) An optional numerical network address that the SMTP client should *************** *** 3193,3199 **** IP hosting, but can be a problem on multi-homed firewalls. See the inet_interfaces documentation for more detail. .PP ! Note 2: address information may be enclosed inside [], but this form is not recommended here. .SH smtp_connect_timeout (default: 30s) The SMTP client time limit for completing a TCP connection, or --- 3193,3199 ---- IP hosting, but can be a problem on multi-homed firewalls. See the inet_interfaces documentation for more detail. .PP ! Note 2: address information may be enclosed inside [], but this form is not recommended here. .SH smtp_connect_timeout (default: 30s) The SMTP client time limit for completing a TCP connection, or *************** *** 3839,3845 **** with whitespace. .PP Note: IP version 6 address information must be specified inside ! [] in the smtpd_authorized_verp_clients value, and in files specified with "/file/name". IP version 6 addresses contain the ":" character, and would otherwise be confused with a "type:table" pattern. --- 3839,3845 ---- with whitespace. .PP Note: IP version 6 address information must be specified inside ! [] in the smtpd_authorized_verp_clients value, and in files specified with "/file/name". IP version 6 addresses contain the ":" character, and would otherwise be confused with a "type:table" pattern. *************** *** 3865,3871 **** with whitespace. .PP Note: IP version 6 address information must be specified inside ! [] in the smtpd_authorized_xclient_hosts value, and in files specified with "/file/name". IP version 6 addresses contain the ":" character, and would otherwise be confused with a "type:table" pattern. --- 3865,3871 ---- with whitespace. .PP Note: IP version 6 address information must be specified inside ! [] in the smtpd_authorized_xclient_hosts value, and in files specified with "/file/name". IP version 6 addresses contain the ":" character, and would otherwise be confused with a "type:table" pattern. *************** *** 3890,3896 **** with whitespace. .PP Note: IP version 6 address information must be specified inside ! [] in the smtpd_authorized_xforward_hosts value, and in files specified with "/file/name". IP version 6 addresses contain the ":" character, and would otherwise be confused with a "type:table" pattern. --- 3890,3896 ---- with whitespace. .PP Note: IP version 6 address information must be specified inside ! [] in the smtpd_authorized_xforward_hosts value, and in files specified with "/file/name". IP version 6 addresses contain the ":" character, and would otherwise be confused with a "type:table" pattern. *************** *** 3955,3961 **** dot causes the domain to match any name below it). .PP Note: IP version 6 address information must be specified inside ! [] in the smtpd_client_event_limit_exceptions value, and in files specified with "/file/name". IP version 6 addresses contain the ":" character, and would otherwise be confused with a "type:table" pattern. --- 3955,3961 ---- dot causes the domain to match any name below it). .PP Note: IP version 6 address information must be specified inside ! [] in the smtpd_client_event_limit_exceptions value, and in files specified with "/file/name". IP version 6 addresses contain the ":" character, and would otherwise be confused with a "type:table" pattern. *************** *** 4733,4739 **** long lines by starting the next line with whitespace. .PP Note: IP version 6 address information must be specified inside ! [] in the smtpd_sasl_exceptions_networks value, and in files specified with "/file/name". IP version 6 addresses contain the ":" character, and would otherwise be confused with a "type:table" pattern. --- 4733,4739 ---- long lines by starting the next line with whitespace. .PP Note: IP version 6 address information must be specified inside ! [] in the smtpd_sasl_exceptions_networks value, and in files specified with "/file/name". IP version 6 addresses contain the ":" character, and would otherwise be confused with a "type:table" pattern. diff -cr /var/tmp/postfix-2.2.4/mantools/postconf2man ./mantools/postconf2man *** /var/tmp/postfix-2.2.4/mantools/postconf2man Fri Feb 4 19:26:02 2005 --- ./mantools/postconf2man Wed Jun 29 09:09:19 2005 *************** *** 63,68 **** --- 63,70 ---- $block =~ s/
/\n.na\n.nf\n.in +4\n/g; $block =~ s/<\/blockquote>/\n.in -4\n.fi\n.ad\n/g; $block =~ s/\n
/\n.br\n/g; diff -cr /var/tmp/postfix-2.2.4/proto/SMTPD_POLICY_README.html ./proto/SMTPD_POLICY_README.html *** /var/tmp/postfix-2.2.4/proto/SMTPD_POLICY_README.html Mon Mar 14 08:29:25 2005 --- ./proto/SMTPD_POLICY_README.html Tue Jul 5 20:08:07 2005 *************** *** 146,152 ****Protocol names are ESMTP or SMTP.
Protocol states are CONNECT, EHLO, HELO, MAIL, RCPT, ! DATA, END-OF-DATA, VRFY or ETRN; these are the SMTP protocol states where the Postfix SMTP server makes an OK/REJECT/HOLD/etc. decision.
--- 146,152 ----Protocol names are ESMTP or SMTP.
Protocol states are CONNECT, EHLO, HELO, MAIL, RCPT, ! DATA, END-OF-MESSAGE, VRFY or ETRN; these are the SMTP protocol states where the Postfix SMTP server makes an OK/REJECT/HOLD/etc. decision.
diff -cr /var/tmp/postfix-2.2.4/proto/TUNING_README.html ./proto/TUNING_README.html *** /var/tmp/postfix-2.2.4/proto/TUNING_README.html Thu Jan 20 12:37:11 2005 --- ./proto/TUNING_README.html Thu Jul 7 13:33:58 2005 *************** *** 242,252 **** simultaneous connections (default: 50). This is half the default process limit.An SMTP client may make up to $smtpd_client_connection_rate_limit connections per unit time (default: no limit).
These limits are not applied to SMTP clients in the networks ! specified with $smtpd_client_connection_limit_exceptions (default: clients in $mynetworks may make an unlimited number of connections).
The anvil_rate_time_unit parameter specifies the time --- 242,258 ---- simultaneous connections (default: 50). This is half the default process limit.
+An SMTP client may make up to $smtpd_client_message_rate_limit + message delivery requests per unit time (default: no limit).
+ +An SMTP client may send up to $smtpd_client_recipient_rate_limit + recipient addresses per unit time (default: no limit).
+An SMTP client may make up to $smtpd_client_connection_rate_limit connections per unit time (default: no limit).
These limits are not applied to SMTP clients in the networks ! specified with $smtpd_client_event_limit_exceptions (default: clients in $mynetworks may make an unlimited number of connections).
The anvil_rate_time_unit parameter specifies the time diff -cr /var/tmp/postfix-2.2.4/proto/postconf.proto ./proto/postconf.proto *** /var/tmp/postfix-2.2.4/proto/postconf.proto Wed Mar 9 14:48:30 2005 --- ./proto/postconf.proto Tue Jul 19 12:53:04 2005 *************** *** 1524,1530 ****
! Specify a pathname ending "/" for qmail-style delivery.
--- 1524,1530 ----
! Specify a pathname ending in "/" for qmail-style delivery.
diff -cr /var/tmp/postfix-2.2.4/src/global/scache_clnt.c ./src/global/scache_clnt.c *** /var/tmp/postfix-2.2.4/src/global/scache_clnt.c Mon Oct 25 16:59:05 2004 --- ./src/global/scache_clnt.c Fri Jul 8 21:10:56 2005 *************** *** 25,30 **** --- 25,31 ---- /* Upper bound on the time that a connection is allowed to persist. /* DIAGNOSTICS /* Fatal error: memory allocation problem; + /* warning: communication error; /* panic: internal consistency failure. /* SEE ALSO /* scache(3), generic session cache API *************** *** 73,78 **** --- 74,81 ---- #define STR(x) vstring_str(x) + #define SCACHE_MAX_TRIES 2 + /* scache_clnt_save_endp - save endpoint */ static void scache_clnt_save_endp(SCACHE *scache, int endp_ttl, *************** *** 83,88 **** --- 86,92 ---- const char *myname = "scache_clnt_save_endp"; VSTREAM *stream; int status; + int tries; if (msg_verbose) msg_info("%s: endp=%s prop=%s fd=%d", *************** *** 95,105 **** msg_panic("%s: bad endp_ttl: %d", myname, endp_ttl); /* ! * Keep trying until we get a complete response. The session cache ! * service is CPU bound and making the client asynchronous would just ! * complicate the code. */ ! for (;;) { stream = clnt_stream_access(sp->clnt_stream); errno = 0; if (attr_print(stream, ATTR_FLAG_NONE, --- 99,109 ---- msg_panic("%s: bad endp_ttl: %d", myname, endp_ttl); /* ! * Try a few times before disabling the cache. We use synchronous calls; ! * the session cache service is CPU bound and making the client ! * asynchronous would just complicate the code. */ ! for (tries = 0; sp->clnt_stream != 0 ; tries++) { stream = clnt_stream_access(sp->clnt_stream); errno = 0; if (attr_print(stream, ATTR_FLAG_NONE, *************** *** 121,134 **** if (msg_verbose || (errno != EPIPE && errno != ENOENT)) msg_warn("problem talking to service %s: %m", VSTREAM_PATH(stream)); } else { ! if (close(fd) < 0) ! msg_warn("%s: close(%d): %m", myname, fd); break; } sleep(1); /* XXX make configurable */ clnt_stream_recover(sp->clnt_stream); } } /* scache_clnt_find_endp - look up cached session */ --- 125,150 ---- if (msg_verbose || (errno != EPIPE && errno != ENOENT)) msg_warn("problem talking to service %s: %m", VSTREAM_PATH(stream)); + /* Give up or recover. */ } else { ! if (msg_verbose && status != 0) ! msg_warn("%s: descriptor save failed with status %d", ! myname, status); ! break; ! } ! /* Give up or recover. */ ! if (tries >= SCACHE_MAX_TRIES - 1) { ! msg_warn("disabling connection caching"); ! clnt_stream_free(sp->clnt_stream); ! sp->clnt_stream = 0; break; } sleep(1); /* XXX make configurable */ clnt_stream_recover(sp->clnt_stream); } + /* Always close the descriptor before returning. */ + if (close(fd) < 0) + msg_warn("%s: close(%d): %m", myname, fd); } /* scache_clnt_find_endp - look up cached session */ *************** *** 140,153 **** const char *myname = "scache_clnt_find_endp"; VSTREAM *stream; int status; int fd; /* ! * Keep trying until we get a complete response. The session cache ! * service is CPU bound and making the client asynchronous would just ! * complicate the code. */ ! for (;;) { stream = clnt_stream_access(sp->clnt_stream); errno = 0; if (attr_print(stream, ATTR_FLAG_NONE, --- 156,170 ---- const char *myname = "scache_clnt_find_endp"; VSTREAM *stream; int status; + int tries; int fd; /* ! * Try a few times before disabling the cache. We use synchronous calls; ! * the session cache service is CPU bound and making the client ! * asynchronous would just complicate the code. */ ! for (tries = 0; sp->clnt_stream != 0 ; tries++) { stream = clnt_stream_access(sp->clnt_stream); errno = 0; if (attr_print(stream, ATTR_FLAG_NONE, *************** *** 158,193 **** || attr_scan(stream, ATTR_FLAG_STRICT, ATTR_TYPE_NUM, MAIL_ATTR_STATUS, &status, ATTR_TYPE_STR, MAIL_ATTR_PROP, endp_prop, ! ATTR_TYPE_END) != 2 ! || (status == 0 ! && ( #ifdef CANT_WRITE_BEFORE_SENDING_FD ! attr_print(stream, ATTR_FLAG_NONE, ! ATTR_TYPE_STR, MAIL_ATTR_DUMMY, "", ! ATTR_TYPE_END) != 0 ! || vstream_fflush(stream) != 0 ! || read_wait(vstream_fileno(stream), ! stream->timeout) < 0 || /* XXX */ #endif ! (fd = LOCAL_RECV_FD(vstream_fileno(stream))) < 0))) { if (msg_verbose || (errno != EPIPE && errno != ENOENT)) msg_warn("problem talking to service %s: %m", VSTREAM_PATH(stream)); } else { ! break; } sleep(1); /* XXX make configurable */ clnt_stream_recover(sp->clnt_stream); } - - if (status == 0) { - if (msg_verbose) - msg_info("%s: endp=%s prop=%s fd=%d", - myname, endp_label, STR(endp_prop), fd); - return (fd); - } - if (msg_verbose) - msg_info("%s: not found: %s", myname, endp_label); return (-1); } --- 175,225 ---- || attr_scan(stream, ATTR_FLAG_STRICT, ATTR_TYPE_NUM, MAIL_ATTR_STATUS, &status, ATTR_TYPE_STR, MAIL_ATTR_PROP, endp_prop, ! ATTR_TYPE_END) != 2) { ! if (msg_verbose || (errno != EPIPE && errno != ENOENT)) ! msg_warn("problem talking to service %s: %m", ! VSTREAM_PATH(stream)); ! /* Give up or recover. */ ! } else if (status != 0) { ! if (msg_verbose) ! msg_info("%s: not found: %s", myname, endp_label); ! return (-1); ! } else if ( #ifdef CANT_WRITE_BEFORE_SENDING_FD ! attr_print(stream, ATTR_FLAG_NONE, ! ATTR_TYPE_STR, MAIL_ATTR_DUMMY, "", ! ATTR_TYPE_END) != 0 ! || vstream_fflush(stream) != 0 ! || read_wait(vstream_fileno(stream), ! stream->timeout) < 0 || /* XXX */ #endif ! (fd = LOCAL_RECV_FD(vstream_fileno(stream))) < 0) { if (msg_verbose || (errno != EPIPE && errno != ENOENT)) msg_warn("problem talking to service %s: %m", VSTREAM_PATH(stream)); + /* Give up or recover. */ } else { ! #ifdef MUST_READ_AFTER_SENDING_FD ! (void) attr_print(stream, ATTR_FLAG_NONE, ! ATTR_TYPE_STR, MAIL_ATTR_DUMMY, "", ! ATTR_TYPE_END); ! (void) vstream_fflush(stream); ! #endif ! if (msg_verbose) ! msg_info("%s: endp=%s prop=%s fd=%d", ! myname, endp_label, STR(endp_prop), fd); ! return (fd); ! } ! /* Give up or recover. */ ! if (tries >= SCACHE_MAX_TRIES - 1) { ! msg_warn("disabling connection caching"); ! clnt_stream_free(sp->clnt_stream); ! sp->clnt_stream = 0; ! return (-1); } sleep(1); /* XXX make configurable */ clnt_stream_recover(sp->clnt_stream); } return (-1); } *************** *** 202,207 **** --- 234,240 ---- const char *myname = "scache_clnt_save_dest"; VSTREAM *stream; int status; + int tries; if (msg_verbose) msg_info("%s: dest_label=%s dest_prop=%s endp_label=%s", *************** *** 214,224 **** msg_panic("%s: bad dest_ttl: %d", myname, dest_ttl); /* ! * Keep trying until we get a complete response. The session cache ! * service is CPU bound and making the client asynchronous would just ! * complicate the code. */ ! for (;;) { stream = clnt_stream_access(sp->clnt_stream); errno = 0; if (attr_print(stream, ATTR_FLAG_NONE, --- 247,257 ---- msg_panic("%s: bad dest_ttl: %d", myname, dest_ttl); /* ! * Try a few times before disabling the cache. We use synchronous calls; ! * the session cache service is CPU bound and making the client ! * asynchronous would just complicate the code. */ ! for (tries = 0; sp->clnt_stream != 0 ; tries++) { stream = clnt_stream_access(sp->clnt_stream); errno = 0; if (attr_print(stream, ATTR_FLAG_NONE, *************** *** 235,241 **** --- 268,285 ---- if (msg_verbose || (errno != EPIPE && errno != ENOENT)) msg_warn("problem talking to service %s: %m", VSTREAM_PATH(stream)); + /* Give up or recover. */ } else { + if (msg_verbose && status != 0) + msg_warn("%s: destination save failed with status %d", + myname, status); + break; + } + /* Give up or recover. */ + if (tries >= SCACHE_MAX_TRIES - 1) { + msg_warn("disabling connection caching"); + clnt_stream_free(sp->clnt_stream); + sp->clnt_stream = 0; break; } sleep(1); /* XXX make configurable */ *************** *** 253,266 **** const char *myname = "scache_clnt_find_dest"; VSTREAM *stream; int status; int fd; /* ! * Keep trying until we get a complete response. The session cache ! * service is CPU bound and making the client asynchronous would just ! * complicate the code. */ ! for (;;) { stream = clnt_stream_access(sp->clnt_stream); errno = 0; if (attr_print(stream, ATTR_FLAG_NONE, --- 297,311 ---- const char *myname = "scache_clnt_find_dest"; VSTREAM *stream; int status; + int tries; int fd; /* ! * Try a few times before disabling the cache. We use synchronous calls; ! * the session cache service is CPU bound and making the client ! * asynchronous would just complicate the code. */ ! for (tries = 0; sp->clnt_stream != 0 ; tries++) { stream = clnt_stream_access(sp->clnt_stream); errno = 0; if (attr_print(stream, ATTR_FLAG_NONE, *************** *** 272,308 **** ATTR_TYPE_NUM, MAIL_ATTR_STATUS, &status, ATTR_TYPE_STR, MAIL_ATTR_PROP, dest_prop, ATTR_TYPE_STR, MAIL_ATTR_PROP, endp_prop, ! ATTR_TYPE_END) != 3 ! || (status == 0 ! && ( #ifdef CANT_WRITE_BEFORE_SENDING_FD ! attr_print(stream, ATTR_FLAG_NONE, ! ATTR_TYPE_STR, MAIL_ATTR_DUMMY, "", ! ATTR_TYPE_END) != 0 ! || vstream_fflush(stream) != 0 ! || read_wait(vstream_fileno(stream), ! stream->timeout) < 0 || /* XXX */ #endif ! (fd = LOCAL_RECV_FD(vstream_fileno(stream))) < 0))) { if (msg_verbose || (errno != EPIPE && errno != ENOENT)) msg_warn("problem talking to service %s: %m", VSTREAM_PATH(stream)); } else { ! break; } sleep(1); /* XXX make configurable */ clnt_stream_recover(sp->clnt_stream); } - - if (status == 0) { - if (msg_verbose) - msg_info("%s: dest=%s dest_prop=%s endp_prop=%s fd=%d", - myname, dest_label, STR(dest_prop), STR(endp_prop), fd); - return (fd); - } - if (msg_verbose) - msg_info("%s: not found: %s", myname, dest_label); - return (-1); } --- 317,367 ---- ATTR_TYPE_NUM, MAIL_ATTR_STATUS, &status, ATTR_TYPE_STR, MAIL_ATTR_PROP, dest_prop, ATTR_TYPE_STR, MAIL_ATTR_PROP, endp_prop, ! ATTR_TYPE_END) != 3) { ! if (msg_verbose || (errno != EPIPE && errno != ENOENT)) ! msg_warn("problem talking to service %s: %m", ! VSTREAM_PATH(stream)); ! /* Give up or recover. */ ! } else if (status != 0) { ! if (msg_verbose) ! msg_info("%s: not found: %s", myname, dest_label); ! return (-1); ! } else if ( #ifdef CANT_WRITE_BEFORE_SENDING_FD ! attr_print(stream, ATTR_FLAG_NONE, ! ATTR_TYPE_STR, MAIL_ATTR_DUMMY, "", ! ATTR_TYPE_END) != 0 ! || vstream_fflush(stream) != 0 ! || read_wait(vstream_fileno(stream), ! stream->timeout) < 0 || /* XXX */ #endif ! (fd = LOCAL_RECV_FD(vstream_fileno(stream))) < 0) { if (msg_verbose || (errno != EPIPE && errno != ENOENT)) msg_warn("problem talking to service %s: %m", VSTREAM_PATH(stream)); + /* Give up or recover. */ } else { ! #ifdef MUST_READ_AFTER_SENDING_FD ! (void) attr_print(stream, ATTR_FLAG_NONE, ! ATTR_TYPE_STR, MAIL_ATTR_DUMMY, "", ! ATTR_TYPE_END); ! (void) vstream_fflush(stream); ! #endif ! if (msg_verbose) ! msg_info("%s: dest=%s dest_prop=%s endp_prop=%s fd=%d", ! myname, dest_label, STR(dest_prop), STR(endp_prop), fd); ! return (fd); ! } ! /* Give up or recover. */ ! if (tries >= SCACHE_MAX_TRIES - 1) { ! msg_warn("disabling connection caching"); ! clnt_stream_free(sp->clnt_stream); ! sp->clnt_stream = 0; ! return (-1); } sleep(1); /* XXX make configurable */ clnt_stream_recover(sp->clnt_stream); } return (-1); } *************** *** 322,328 **** { SCACHE_CLNT *sp = (SCACHE_CLNT *) scache; ! clnt_stream_free(sp->clnt_stream); #ifdef CANT_WRITE_BEFORE_SENDING_FD vstring_free(sp->dummy); #endif --- 381,388 ---- { SCACHE_CLNT *sp = (SCACHE_CLNT *) scache; ! if (sp->clnt_stream) ! clnt_stream_free(sp->clnt_stream); #ifdef CANT_WRITE_BEFORE_SENDING_FD vstring_free(sp->dummy); #endif *************** *** 342,347 **** --- 402,408 ---- sp->scache->size = scache_clnt_size; sp->scache->free = scache_clnt_free; + /* XXX Need flags to stop looping on ECONNREFUSED errors. */ sp->clnt_stream = clnt_stream_create(MAIL_CLASS_PRIVATE, server, idle_limit, ttl_limit); #ifdef CANT_WRITE_BEFORE_SENDING_FD diff -cr /var/tmp/postfix-2.2.4/src/scache/scache.c ./src/scache/scache.c *** /var/tmp/postfix-2.2.4/src/scache/scache.c Fri Feb 25 12:19:36 2005 --- ./src/scache/scache.c Mon Jul 4 16:36:58 2005 *************** *** 240,257 **** || #endif (fd = LOCAL_RECV_FD(vstream_fileno(client_stream))) < 0) { ! msg_warn("%s: unable to receive file descriptor", myname); ! attr_print(client_stream, ATTR_FLAG_NONE, ! ATTR_TYPE_NUM, MAIL_ATTR_STATUS, SCACHE_STAT_FAIL, ! ATTR_TYPE_END); return; } else { scache_save_endp(scache, ttl > var_scache_ttl_lim ? var_scache_ttl_lim : ttl, STR(scache_endp_label), STR(scache_endp_prop), fd); ! attr_print(client_stream, ATTR_FLAG_NONE, ! ATTR_TYPE_NUM, MAIL_ATTR_STATUS, SCACHE_STAT_OK, ! ATTR_TYPE_END); scache_size(scache, &size); if (size.endp_count > scache_endp_count) scache_endp_count = size.endp_count; --- 240,257 ---- || #endif (fd = LOCAL_RECV_FD(vstream_fileno(client_stream))) < 0) { ! msg_warn("%s: unable to receive file descriptor: %m", myname); ! (void) attr_print(client_stream, ATTR_FLAG_NONE, ! ATTR_TYPE_NUM, MAIL_ATTR_STATUS, SCACHE_STAT_FAIL, ! ATTR_TYPE_END); return; } else { scache_save_endp(scache, ttl > var_scache_ttl_lim ? var_scache_ttl_lim : ttl, STR(scache_endp_label), STR(scache_endp_prop), fd); ! (void) attr_print(client_stream, ATTR_FLAG_NONE, ! ATTR_TYPE_NUM, MAIL_ATTR_STATUS, SCACHE_STAT_OK, ! ATTR_TYPE_END); scache_size(scache, &size); if (size.endp_count > scache_endp_count) scache_endp_count = size.endp_count; *************** *** 297,303 **** ATTR_TYPE_STR, MAIL_ATTR_DUMMY, scache_dummy, ATTR_TYPE_END) != 1 #endif ! || LOCAL_SEND_FD(vstream_fileno(client_stream), fd) < 0) msg_warn("%s: cannot send file descriptor: %m", myname); if (close(fd) < 0) msg_warn("close(%d): %m", fd); --- 297,309 ---- ATTR_TYPE_STR, MAIL_ATTR_DUMMY, scache_dummy, ATTR_TYPE_END) != 1 #endif ! || LOCAL_SEND_FD(vstream_fileno(client_stream), fd) < 0 ! #ifdef MUST_READ_AFTER_SENDING_FD ! || attr_scan(client_stream, ATTR_FLAG_STRICT, ! ATTR_TYPE_STR, MAIL_ATTR_DUMMY, scache_dummy, ! ATTR_TYPE_END) != 1 ! #endif ! ) msg_warn("%s: cannot send file descriptor: %m", myname); if (close(fd) < 0) msg_warn("close(%d): %m", fd); *************** *** 384,390 **** ATTR_TYPE_STR, MAIL_ATTR_DUMMY, scache_dummy, ATTR_TYPE_END) != 1 #endif ! || LOCAL_SEND_FD(vstream_fileno(client_stream), fd) < 0) msg_warn("%s: cannot send file descriptor: %m", myname); if (close(fd) < 0) msg_warn("close(%d): %m", fd); --- 390,402 ---- ATTR_TYPE_STR, MAIL_ATTR_DUMMY, scache_dummy, ATTR_TYPE_END) != 1 #endif ! || LOCAL_SEND_FD(vstream_fileno(client_stream), fd) < 0 ! #ifdef MUST_READ_AFTER_SENDING_FD ! || attr_scan(client_stream, ATTR_FLAG_STRICT, ! ATTR_TYPE_STR, MAIL_ATTR_DUMMY, scache_dummy, ! ATTR_TYPE_END) != 1 ! #endif ! ) msg_warn("%s: cannot send file descriptor: %m", myname); if (close(fd) < 0) msg_warn("close(%d): %m", fd); diff -cr /var/tmp/postfix-2.2.4/src/smtpstone/qmqp-source.c ./src/smtpstone/qmqp-source.c *** /var/tmp/postfix-2.2.4/src/smtpstone/qmqp-source.c Tue Jan 18 20:22:17 2005 --- ./src/smtpstone/qmqp-source.c Fri Jul 15 15:50:27 2005 *************** *** 372,378 **** STR(message_buffer), LEN(message_buffer), STR(sender_buffer), LEN(sender_buffer), STR(recipient_buffer), LEN(recipient_buffer), ! 0); netstring_fflush(session->stream); /* --- 372,378 ---- STR(message_buffer), LEN(message_buffer), STR(sender_buffer), LEN(sender_buffer), STR(recipient_buffer), LEN(recipient_buffer), ! (char *) 0); netstring_fflush(session->stream); /* diff -cr /var/tmp/postfix-2.2.4/src/tls/tls_scache.c ./src/tls/tls_scache.c *** /var/tmp/postfix-2.2.4/src/tls/tls_scache.c Sat Mar 12 18:01:56 2005 --- ./src/tls/tls_scache.c Mon Jul 11 13:19:23 2005 *************** *** 316,322 **** cp->cache_label, cache_id, (long) entry->scache_db_version, (long) entry->openssl_version, (long) entry->timestamp, entry->flags, ! LEN(bin_data) - offsetof(TLS_SCACHE_ENTRY, session)); /* * Other mandatory restrictions. --- 316,322 ---- cp->cache_label, cache_id, (long) entry->scache_db_version, (long) entry->openssl_version, (long) entry->timestamp, entry->flags, ! (int) (LEN(bin_data) - offsetof(TLS_SCACHE_ENTRY, session))); /* * Other mandatory restrictions. diff -cr /var/tmp/postfix-2.2.4/src/util/clean_env.c ./src/util/clean_env.c *** /var/tmp/postfix-2.2.4/src/util/clean_env.c Fri Aug 22 14:21:54 2003 --- ./src/util/clean_env.c Mon Jul 11 13:27:36 2005 *************** *** 56,62 **** /* * Preserve or specify selected environment variables. */ ! #define STRING_AND_LENGTH(x, y) (x), (y) save_list = argv_alloc(10); for (cpp = preserve_list; *cpp; cpp++) --- 56,62 ---- /* * Preserve or specify selected environment variables. */ ! #define STRING_AND_LENGTH(x, y) (x), (int) (y) save_list = argv_alloc(10); for (cpp = preserve_list; *cpp; cpp++) diff -cr /var/tmp/postfix-2.2.4/src/util/sys_defs.h ./src/util/sys_defs.h *** /var/tmp/postfix-2.2.4/src/util/sys_defs.h Tue Jun 21 17:12:00 2005 --- ./src/util/sys_defs.h Mon Jul 11 16:00:38 2005 *************** *** 1306,1311 **** --- 1306,1320 ---- #endif /* + * FreeBSD sendmsg(2) says that after sending a file descriptor, the sender + * must not immediately close the descriptor, otherwise it may close the + * descriptor before it is actually sent. + */ + #ifndef DONT_WAIT_AFTER_SENDING_FD + #define MUST_READ_AFTER_SENDING_FD + #endif + + /* * Making the ctype.h macros not more expensive than necessary. On some * systems, ctype.h misbehaves with non-ASCII and/or negative characters. */ diff -cr /var/tmp/postfix-2.2.4/src/util/unix_recv_fd.c ./src/util/unix_recv_fd.c *** /var/tmp/postfix-2.2.4/src/util/unix_recv_fd.c Sun Aug 1 19:37:17 2004 --- ./src/util/unix_recv_fd.c Thu Jun 30 16:42:19 2005 *************** *** 61,77 **** /* * Adapted from: W. Richard Stevens, UNIX Network Programming, Volume 1, ! * Second edition. */ #if defined(CMSG_SPACE) && !defined(NO_MSGHDR_MSG_CONTROL) union { ! struct msghdr just_for_alignment; char control[CMSG_SPACE(sizeof(newfd))]; } control_un; struct cmsghdr *cmptr; msg.msg_control = control_un.control; ! msg.msg_controllen = sizeof(control_un.control); #else msg.msg_accrights = (char *) &newfd; msg.msg_accrightslen = sizeof(newfd); --- 61,78 ---- /* * Adapted from: W. Richard Stevens, UNIX Network Programming, Volume 1, ! * Second edition. Except that we use CMSG_LEN instead of CMSG_SPACE, for ! * portability to LP64 environments. */ #if defined(CMSG_SPACE) && !defined(NO_MSGHDR_MSG_CONTROL) union { ! struct cmsghdr just_for_alignment; char control[CMSG_SPACE(sizeof(newfd))]; } control_un; struct cmsghdr *cmptr; msg.msg_control = control_un.control; ! msg.msg_controllen = CMSG_LEN(sizeof(newfd)); /* Fix 200506 */ #else msg.msg_accrights = (char *) &newfd; msg.msg_accrightslen = sizeof(newfd); *************** *** 123,128 **** --- 124,131 ---- * unix_send_fd test program) and copy its content until EOF. */ #include
+ #include + #include #include #include diff -cr /var/tmp/postfix-2.2.4/src/util/unix_send_fd.c ./src/util/unix_send_fd.c *** /var/tmp/postfix-2.2.4/src/util/unix_send_fd.c Sun Aug 1 19:37:05 2004 --- ./src/util/unix_send_fd.c Thu Jun 30 16:43:35 2005 *************** *** 63,79 **** /* * Adapted from: W. Richard Stevens, UNIX Network Programming, Volume 1, ! * Second edition. */ #if defined(CMSG_SPACE) && !defined(NO_MSGHDR_MSG_CONTROL) union { ! struct msghdr just_for_alignment; char control[CMSG_SPACE(sizeof(sendfd))]; } control_un; struct cmsghdr *cmptr; msg.msg_control = control_un.control; ! msg.msg_controllen = sizeof(control_un.control); cmptr = CMSG_FIRSTHDR(&msg); cmptr->cmsg_len = CMSG_LEN(sizeof(sendfd)); --- 63,80 ---- /* * Adapted from: W. Richard Stevens, UNIX Network Programming, Volume 1, ! * Second edition. Except that we use CMSG_LEN instead of CMSG_SPACE; the ! * latter breaks on LP64 systems. */ #if defined(CMSG_SPACE) && !defined(NO_MSGHDR_MSG_CONTROL) union { ! struct cmsghdr just_for_alignment; char control[CMSG_SPACE(sizeof(sendfd))]; } control_un; struct cmsghdr *cmptr; msg.msg_control = control_un.control; ! msg.msg_controllen = CMSG_LEN(sizeof(sendfd)); /* Fix 200506 */ cmptr = CMSG_FIRSTHDR(&msg); cmptr->cmsg_len = CMSG_LEN(sizeof(sendfd)); *************** *** 109,114 **** --- 110,117 ---- * to the unix_recv_fd test program. */ #include + #include + #include #include #include #include diff -cr /var/tmp/postfix-2.2.4/src/util/vstring.c ./src/util/vstring.c *** /var/tmp/postfix-2.2.4/src/util/vstring.c Tue Jan 18 20:22:20 2005 --- ./src/util/vstring.c Fri Jul 15 16:24:46 2005 *************** *** 19,25 **** /* char *vstring_str(vp) /* VSTRING *vp; /* ! /* VSTRING *VSTRING_LEN(vp) /* VSTRING *vp; /* /* char *vstring_end(vp) --- 19,25 ---- /* char *vstring_str(vp) /* VSTRING *vp; /* ! /* int VSTRING_LEN(vp) /* VSTRING *vp; /* /* char *vstring_end(vp) diff -cr /var/tmp/postfix-2.2.4/src/util/vstring.h ./src/util/vstring.h *** /var/tmp/postfix-2.2.4/src/util/vstring.h Fri Jul 6 14:32:30 2001 --- ./src/util/vstring.h Fri Jul 15 15:47:03 2005 *************** *** 53,59 **** */ #define VSTRING_SPACE(vp, len) ((vp)->vbuf.space(&(vp)->vbuf, len)) #define vstring_str(vp) ((char *) (vp)->vbuf.data) ! #define VSTRING_LEN(vp) ((vp)->vbuf.ptr - (vp)->vbuf.data) #define vstring_end(vp) ((char *) (vp)->vbuf.ptr) #define VSTRING_TERMINATE(vp) { if ((vp)->vbuf.cnt <= 0) \ VSTRING_SPACE((vp),1); \ --- 53,59 ---- */ #define VSTRING_SPACE(vp, len) ((vp)->vbuf.space(&(vp)->vbuf, len)) #define vstring_str(vp) ((char *) (vp)->vbuf.data) ! #define VSTRING_LEN(vp) ((int) ((vp)->vbuf.ptr - (vp)->vbuf.data)) #define vstring_end(vp) ((char *) (vp)->vbuf.ptr) #define VSTRING_TERMINATE(vp) { if ((vp)->vbuf.cnt <= 0) \ VSTRING_SPACE((vp),1); \