Prereq: "3.0.4"
diff -cr --new-file /var/tmp/postfix-3.0.4/src/global/mail_version.h ./src/global/mail_version.h
*** /var/tmp/postfix-3.0.4/src/global/mail_version.h 2016-02-21 12:27:57.000000000 -0500
--- ./src/global/mail_version.h 2016-05-15 12:55:35.000000000 -0400
***************
*** 20,27 ****
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
! #define MAIL_RELEASE_DATE "20160221"
! #define MAIL_VERSION_NUMBER "3.0.4"
#ifdef SNAPSHOT
#define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE
--- 20,27 ----
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
! #define MAIL_RELEASE_DATE "20160515"
! #define MAIL_VERSION_NUMBER "3.0.5"
#ifdef SNAPSHOT
#define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE
diff -cr --new-file /var/tmp/postfix-3.0.4/HISTORY ./HISTORY
*** /var/tmp/postfix-3.0.4/HISTORY 2016-02-21 11:57:24.000000000 -0500
--- ./HISTORY 2016-05-15 13:10:12.000000000 -0400
***************
*** 21739,21741 ****
--- 21739,21763 ----
Documentation (introduced: Postfix 3.0): wrong paramester
name in lmtp_address_verify_target description. File:
proto/posconf.proto
+
+ 20160310
+
+ Bugfix (introduced: Postfix 2.6): the Milter SMFIR_CHGFROM
+ (replace sender) request lost the sender_bcc_maps address.
+ Fixed by moving some record keeping to the sender output
+ function. Files: cleanup/cleanup_envelope.c,
+ cleanup/cleanup_addr.c, cleanup/cleanup_milter.c,
+ cleanup/cleanup.h, regression tests.
+
+ 20160410
+
+ Bugfix (introduced: Postfix 2.6): the "bad filetype"
+ header_checks pattern falsely rejected Content-Mumble headers
+ with ``name="example"; x-apple-part-url="example.com"''.
+ Fixed by respecting the ";" separator between content
+ attribute values. Reported by Cedric Knight. File:
+ proto/header_checks.
+
+ 20160515
+
+ Portability: OpenBSD 6.0. Files: makedefs, util/sys_defs.h.
diff -cr --new-file /var/tmp/postfix-3.0.4/conf/header_checks ./conf/header_checks
*** /var/tmp/postfix-3.0.4/conf/header_checks 2015-01-29 17:33:47.000000000 -0500
--- ./conf/header_checks 2016-04-10 17:50:12.000000000 -0400
***************
*** 465,471 ****
# header_checks = pcre:/etc/postfix/header_checks.pcre
#
# /etc/postfix/header_checks.pcre:
! # /^Content-(Disposition|Type).*name\s*=\s*"?(.*(\.|=2E)(
# ade|adp|asp|bas|bat|chm|cmd|com|cpl|crt|dll|exe|
# hlp|ht[at]|
# inf|ins|isp|jse?|lnk|md[betw]|ms[cipt]|nws|
--- 465,471 ----
# header_checks = pcre:/etc/postfix/header_checks.pcre
#
# /etc/postfix/header_checks.pcre:
! # /^Content-(Disposition|Type).*name\s*=\s*"?([^;]*(\.|=2E)(
# ade|adp|asp|bas|bat|chm|cmd|com|cpl|crt|dll|exe|
# hlp|ht[at]|
# inf|ins|isp|jse?|lnk|md[betw]|ms[cipt]|nws|
diff -cr --new-file /var/tmp/postfix-3.0.4/html/header_checks.5.html ./html/header_checks.5.html
*** /var/tmp/postfix-3.0.4/html/header_checks.5.html 2015-01-29 17:33:50.000000000 -0500
--- ./html/header_checks.5.html 2016-04-10 17:50:12.000000000 -0400
***************
*** 415,421 ****
header_checks = pcre:/etc/postfix/header_checks.pcre
/etc/postfix/header_checks.pcre:
! /^Content-(Disposition|Type).*name\s*=\s*"?(.*(\.|=2E)(
ade|adp|asp|bas|bat|chm|cmd|com|cpl|crt|dll|exe|
hlp|ht[at]|
inf|ins|isp|jse?|lnk|md[betw]|ms[cipt]|nws|
--- 415,421 ----
header_checks = pcre:/etc/postfix/header_checks.pcre
/etc/postfix/header_checks.pcre:
! /^Content-(Disposition|Type).*name\s*=\s*"?([^;]*(\.|=2E)(
ade|adp|asp|bas|bat|chm|cmd|com|cpl|crt|dll|exe|
hlp|ht[at]|
inf|ins|isp|jse?|lnk|md[betw]|ms[cipt]|nws|
diff -cr --new-file /var/tmp/postfix-3.0.4/html/postscreen.8.html ./html/postscreen.8.html
*** /var/tmp/postfix-3.0.4/html/postscreen.8.html 2015-04-04 09:39:38.000000000 -0400
--- ./html/postscreen.8.html 2016-04-11 17:21:15.000000000 -0400
***************
*** 81,90 ****
The optional "after 220 server greeting" tests involve postscreen(8)'s
built-in SMTP protocol engine. When these tests succeed, postscreen(8)
! adds the client to the temporary whitelist, but it cannot not hand off
! the "live" connection to a Postfix SMTP server process in the middle of
! a session. Instead, postscreen(8) defers attempts to deliver mail with
! a 4XX status, and waits for the client to disconnect. When the client
connects again, postscreen(8) will allow the client to talk to a Post-
fix SMTP server process (provided that the whitelist status has not
expired). postscreen(8) mitigates the impact of this limitation by
--- 81,90 ----
The optional "after 220 server greeting" tests involve postscreen(8)'s
built-in SMTP protocol engine. When these tests succeed, postscreen(8)
! adds the client to the temporary whitelist, but it cannot hand off the
! "live" connection to a Postfix SMTP server process in the middle of a
! session. Instead, postscreen(8) defers attempts to deliver mail with a
! 4XX status, and waits for the client to disconnect. When the client
connects again, postscreen(8) will allow the client to talk to a Post-
fix SMTP server process (provided that the whitelist status has not
expired). postscreen(8) mitigates the impact of this limitation by
diff -cr --new-file /var/tmp/postfix-3.0.4/makedefs ./makedefs
*** /var/tmp/postfix-3.0.4/makedefs 2015-10-10 09:40:48.000000000 -0400
--- ./makedefs 2016-05-15 12:45:11.000000000 -0400
***************
*** 284,289 ****
--- 284,298 ----
: ${SHLIB_ENV="LD_LIBRARY_PATH=`pwd`/lib"}
: ${PLUGIN_LD="${CC} -shared"}
;;
+ OpenBSD.6*) SYSTYPE=OPENBSD6
+ : ${CC=cc}
+ : ${SHLIB_SUFFIX=.so.1.0}
+ : ${SHLIB_CFLAGS=-fPIC}
+ : ${SHLIB_LD="${CC} -shared"' -Wl,-soname,${LIB}'}
+ : ${SHLIB_RPATH='-Wl,-rpath,${SHLIB_DIR}'}
+ : ${SHLIB_ENV="LD_LIBRARY_PATH=`pwd`/lib"}
+ : ${PLUGIN_LD="${CC} -shared"}
+ ;;
ekkoBSD.1*) SYSTYPE=EKKOBSD1
;;
NetBSD.1*) SYSTYPE=NETBSD1
diff -cr --new-file /var/tmp/postfix-3.0.4/man/man5/header_checks.5 ./man/man5/header_checks.5
*** /var/tmp/postfix-3.0.4/man/man5/header_checks.5 2015-01-29 17:33:49.000000000 -0500
--- ./man/man5/header_checks.5 2016-04-10 17:50:12.000000000 -0400
***************
*** 438,444 ****
header_checks = pcre:/etc/postfix/header_checks.pcre
/etc/postfix/header_checks.pcre:
! /^Content\-(Disposition|Type).*name\es*=\es*"?(.*(\e.|=2E)(
ade|adp|asp|bas|bat|chm|cmd|com|cpl|crt|dll|exe|
hlp|ht[at]|
inf|ins|isp|jse?|lnk|md[betw]|ms[cipt]|nws|
--- 438,444 ----
header_checks = pcre:/etc/postfix/header_checks.pcre
/etc/postfix/header_checks.pcre:
! /^Content\-(Disposition|Type).*name\es*=\es*"?([^;]*(\e.|=2E)(
ade|adp|asp|bas|bat|chm|cmd|com|cpl|crt|dll|exe|
hlp|ht[at]|
inf|ins|isp|jse?|lnk|md[betw]|ms[cipt]|nws|
diff -cr --new-file /var/tmp/postfix-3.0.4/man/man8/postscreen.8 ./man/man8/postscreen.8
*** /var/tmp/postfix-3.0.4/man/man8/postscreen.8 2015-04-04 09:39:38.000000000 -0400
--- ./man/man8/postscreen.8 2016-04-11 17:21:15.000000000 -0400
***************
*** 93,99 ****
The optional "after 220 server greeting" tests involve
\fBpostscreen\fR(8)'s built\-in SMTP protocol engine. When
these tests succeed, \fBpostscreen\fR(8) adds the client
! to the temporary whitelist, but it cannot not hand off the
"live" connection to a Postfix SMTP server process in the
middle of a session. Instead, \fBpostscreen\fR(8) defers
attempts to deliver mail with a 4XX status, and waits for
--- 93,99 ----
The optional "after 220 server greeting" tests involve
\fBpostscreen\fR(8)'s built\-in SMTP protocol engine. When
these tests succeed, \fBpostscreen\fR(8) adds the client
! to the temporary whitelist, but it cannot hand off the
"live" connection to a Postfix SMTP server process in the
middle of a session. Instead, \fBpostscreen\fR(8) defers
attempts to deliver mail with a 4XX status, and waits for
diff -cr --new-file /var/tmp/postfix-3.0.4/proto/header_checks ./proto/header_checks
*** /var/tmp/postfix-3.0.4/proto/header_checks 2015-01-29 17:33:24.000000000 -0500
--- ./proto/header_checks 2016-04-10 17:45:43.000000000 -0400
***************
*** 437,443 ****
# header_checks = pcre:/etc/postfix/header_checks.pcre
#
# /etc/postfix/header_checks.pcre:
! # /^Content-(Disposition|Type).*name\es*=\es*"?(.*(\e.|=2E)(
# ade|adp|asp|bas|bat|chm|cmd|com|cpl|crt|dll|exe|
# hlp|ht[at]|
# inf|ins|isp|jse?|lnk|md[betw]|ms[cipt]|nws|
--- 437,443 ----
# header_checks = pcre:/etc/postfix/header_checks.pcre
#
# /etc/postfix/header_checks.pcre:
! # /^Content-(Disposition|Type).*name\es*=\es*"?([^;]*(\e.|=2E)(
# ade|adp|asp|bas|bat|chm|cmd|com|cpl|crt|dll|exe|
# hlp|ht[at]|
# inf|ins|isp|jse?|lnk|md[betw]|ms[cipt]|nws|
diff -cr --new-file /var/tmp/postfix-3.0.4/src/cleanup/cleanup.h ./src/cleanup/cleanup.h
*** /var/tmp/postfix-3.0.4/src/cleanup/cleanup.h 2014-11-19 14:39:48.000000000 -0500
--- ./src/cleanup/cleanup.h 2016-04-10 18:13:14.000000000 -0400
***************
*** 289,295 ****
/*
* cleanup_addr.c.
*/
! extern void cleanup_addr_sender(CLEANUP_STATE *, const char *);
extern void cleanup_addr_recipient(CLEANUP_STATE *, const char *);
extern void cleanup_addr_bcc_dsn(CLEANUP_STATE *, const char *, const char *, int);
--- 289,295 ----
/*
* cleanup_addr.c.
*/
! extern off_t cleanup_addr_sender(CLEANUP_STATE *, const char *);
extern void cleanup_addr_recipient(CLEANUP_STATE *, const char *);
extern void cleanup_addr_bcc_dsn(CLEANUP_STATE *, const char *, const char *, int);
diff -cr --new-file /var/tmp/postfix-3.0.4/src/cleanup/cleanup_addr.c ./src/cleanup/cleanup_addr.c
*** /var/tmp/postfix-3.0.4/src/cleanup/cleanup_addr.c 2015-01-27 14:33:29.000000000 -0500
--- ./src/cleanup/cleanup_addr.c 2016-05-12 10:30:16.000000000 -0400
***************
*** 6,12 ****
/* SYNOPSIS
/* #include
/*
! /* void cleanup_addr_sender(state, addr)
/* CLEANUP_STATE *state;
/* const char *addr;
/*
--- 6,12 ----
/* SYNOPSIS
/* #include
/*
! /* off_t cleanup_addr_sender(state, addr)
/* CLEANUP_STATE *state;
/* const char *addr;
/*
***************
*** 29,35 ****
/* sender/recipient auto bcc address generation.
/*
/* cleanup_addr_sender() processes sender envelope information and updates
! /* state->sender.
/*
/* cleanup_addr_recipient() processes recipient envelope information
/* and updates state->recip.
--- 29,36 ----
/* sender/recipient auto bcc address generation.
/*
/* cleanup_addr_sender() processes sender envelope information and updates
! /* state->sender. The result value is the offset of the record that
! /* follows the sender record if milters are enabled, otherwise zero.
/*
/* cleanup_addr_recipient() processes recipient envelope information
/* and updates state->recip.
***************
*** 81,86 ****
--- 82,88 ----
/* Global library. */
#include
+ #include
#include
#include
#include
***************
*** 101,110 ****
/* cleanup_addr_sender - process envelope sender record */
! void cleanup_addr_sender(CLEANUP_STATE *state, const char *buf)
{
VSTRING *clean_addr = vstring_alloc(100);
const char *bcc;
/*
* Note: an unqualified envelope address is for all practical purposes
--- 103,115 ----
/* cleanup_addr_sender - process envelope sender record */
! off_t cleanup_addr_sender(CLEANUP_STATE *state, const char *buf)
{
+ const char myname[] = "cleanup_addr_sender";
VSTRING *clean_addr = vstring_alloc(100);
+ off_t after_sender_offs = 0;
const char *bcc;
+ size_t len;
/*
* Note: an unqualified envelope address is for all practical purposes
***************
*** 148,153 ****
--- 153,167 ----
if (state->sender) /* XXX Can't happen */
myfree(state->sender);
state->sender = mystrdup(STR(clean_addr)); /* Used by Milter client */
+ /* Fix 20160310: Moved from cleanup_envelope.c. */
+ if (state->milters || cleanup_milters) {
+ /* Make room to replace sender. */
+ if ((len = LEN(clean_addr)) < REC_TYPE_PTR_PAYL_SIZE)
+ rec_pad(state->dst, REC_TYPE_PTR, REC_TYPE_PTR_PAYL_SIZE - len);
+ /* Remember the after-sender record offset. */
+ if ((after_sender_offs = vstream_ftell(state->dst)) < 0)
+ msg_fatal("%s: vstream_ftell %s: %m:", myname, cleanup_path);
+ }
if ((state->flags & CLEANUP_FLAG_BCC_OK)
&& *STR(clean_addr)
&& cleanup_send_bcc_maps) {
***************
*** 162,167 ****
--- 176,182 ----
}
}
vstring_free(clean_addr);
+ return after_sender_offs;
}
/* cleanup_addr_recipient - process envelope recipient */
diff -cr --new-file /var/tmp/postfix-3.0.4/src/cleanup/cleanup_envelope.c ./src/cleanup/cleanup_envelope.c
*** /var/tmp/postfix-3.0.4/src/cleanup/cleanup_envelope.c 2014-07-13 17:44:19.000000000 -0400
--- ./src/cleanup/cleanup_envelope.c 2016-04-10 18:13:14.000000000 -0400
***************
*** 379,384 ****
--- 379,386 ----
return;
}
if (type == REC_TYPE_FROM) {
+ off_t after_sender_offs;
+
/* Allow only one instance. */
if (state->sender != 0) {
msg_warn("%s: message rejected: multiple envelope sender records",
***************
*** 391,404 ****
if ((state->sender_pt_offset = vstream_ftell(state->dst)) < 0)
msg_fatal("%s: vstream_ftell %s: %m:", myname, cleanup_path);
}
! cleanup_addr_sender(state, buf);
if (state->milters || cleanup_milters) {
- /* Make room to replace sender. */
- if ((len = strlen(state->sender)) < REC_TYPE_PTR_PAYL_SIZE)
- rec_pad(state->dst, REC_TYPE_PTR, REC_TYPE_PTR_PAYL_SIZE - len);
/* Remember the after-sender record offset. */
! if ((state->sender_pt_target = vstream_ftell(state->dst)) < 0)
! msg_fatal("%s: vstream_ftell %s: %m:", myname, cleanup_path);
}
if (cleanup_milters != 0
&& state->milters == 0
--- 393,402 ----
if ((state->sender_pt_offset = vstream_ftell(state->dst)) < 0)
msg_fatal("%s: vstream_ftell %s: %m:", myname, cleanup_path);
}
! after_sender_offs = cleanup_addr_sender(state, buf);
if (state->milters || cleanup_milters) {
/* Remember the after-sender record offset. */
! state->sender_pt_target = after_sender_offs;
}
if (cleanup_milters != 0
&& state->milters == 0
diff -cr --new-file /var/tmp/postfix-3.0.4/src/cleanup/cleanup_milter.c ./src/cleanup/cleanup_milter.c
*** /var/tmp/postfix-3.0.4/src/cleanup/cleanup_milter.c 2014-12-12 16:26:09.000000000 -0500
--- ./src/cleanup/cleanup_milter.c 2016-04-10 18:13:14.000000000 -0400
***************
*** 1325,1330 ****
--- 1325,1331 ----
const char *myname = "cleanup_chg_from";
CLEANUP_STATE *state = (CLEANUP_STATE *) context;
off_t new_sender_offset;
+ off_t after_sender_offs;
int addr_count;
TOK822 *tree;
TOK822 *tp;
***************
*** 1388,1397 ****
}
}
tok822_free_tree(tree);
! cleanup_addr_sender(state, STR(int_sender_buf));
vstring_free(int_sender_buf);
cleanup_out_format(state, REC_TYPE_PTR, REC_TYPE_PTR_FORMAT,
(long) state->sender_pt_target);
/*
* Overwrite the original sender record with the pointer to the new
--- 1389,1399 ----
}
}
tok822_free_tree(tree);
! after_sender_offs = cleanup_addr_sender(state, STR(int_sender_buf));
vstring_free(int_sender_buf);
cleanup_out_format(state, REC_TYPE_PTR, REC_TYPE_PTR_FORMAT,
(long) state->sender_pt_target);
+ state->sender_pt_target = after_sender_offs;
/*
* Overwrite the original sender record with the pointer to the new
***************
*** 2565,2570 ****
--- 2567,2586 ----
var_milt_head_checks = mystrdup(argv->argv[1]);
cleanup_milter_header_checks_init(state);
}
+ } else if (strcmp(argv->argv[0], "sender_bcc_maps") == 0) {
+ if (argv->argc != 2) {
+ msg_warn("bad sender_bcc_maps argument count: %ld",
+ (long) argv->argc);
+ } else {
+ if (cleanup_send_bcc_maps)
+ maps_free(cleanup_send_bcc_maps);
+ cleanup_send_bcc_maps =
+ maps_create("sender_bcc_maps", argv->argv[1],
+ DICT_FLAG_LOCK | DICT_FLAG_FOLD_FIX
+ | DICT_FLAG_UTF8_REQUEST);
+ state->flags |= CLEANUP_FLAG_BCC_OK;
+ var_rcpt_delim = "";
+ }
} else {
msg_warn("bad command: %s", argv->argv[0]);
}
diff -cr --new-file /var/tmp/postfix-3.0.4/src/postscreen/postscreen.c ./src/postscreen/postscreen.c
*** /var/tmp/postfix-3.0.4/src/postscreen/postscreen.c 2015-04-04 09:35:35.000000000 -0400
--- ./src/postscreen/postscreen.c 2016-04-11 08:51:26.000000000 -0400
***************
*** 79,85 ****
/* The optional "after 220 server greeting" tests involve
/* \fBpostscreen\fR(8)'s built-in SMTP protocol engine. When
/* these tests succeed, \fBpostscreen\fR(8) adds the client
! /* to the temporary whitelist, but it cannot not hand off the
/* "live" connection to a Postfix SMTP server process in the
/* middle of a session. Instead, \fBpostscreen\fR(8) defers
/* attempts to deliver mail with a 4XX status, and waits for
--- 79,85 ----
/* The optional "after 220 server greeting" tests involve
/* \fBpostscreen\fR(8)'s built-in SMTP protocol engine. When
/* these tests succeed, \fBpostscreen\fR(8) adds the client
! /* to the temporary whitelist, but it cannot hand off the
/* "live" connection to a Postfix SMTP server process in the
/* middle of a session. Instead, \fBpostscreen\fR(8) defers
/* attempts to deliver mail with a 4XX status, and waits for
diff -cr --new-file /var/tmp/postfix-3.0.4/src/util/sys_defs.h ./src/util/sys_defs.h
*** /var/tmp/postfix-3.0.4/src/util/sys_defs.h 2015-07-18 09:28:17.000000000 -0400
--- ./src/util/sys_defs.h 2016-05-15 12:45:11.000000000 -0400
***************
*** 28,34 ****
|| defined(FREEBSD8) || defined(FREEBSD9) || defined(FREEBSD10) \
|| defined(BSDI2) || defined(BSDI3) || defined(BSDI4) \
|| defined(OPENBSD2) || defined(OPENBSD3) || defined(OPENBSD4) \
! || defined(OPENBSD5) \
|| defined(NETBSD1) || defined(NETBSD2) || defined(NETBSD3) \
|| defined(NETBSD4) || defined(NETBSD5) || defined(NETBSD6) \
|| defined(NETBSD7) \
--- 28,34 ----
|| defined(FREEBSD8) || defined(FREEBSD9) || defined(FREEBSD10) \
|| defined(BSDI2) || defined(BSDI3) || defined(BSDI4) \
|| defined(OPENBSD2) || defined(OPENBSD3) || defined(OPENBSD4) \
! || defined(OPENBSD5) || defined(OPENBSD6) \
|| defined(NETBSD1) || defined(NETBSD2) || defined(NETBSD3) \
|| defined(NETBSD4) || defined(NETBSD5) || defined(NETBSD6) \
|| defined(NETBSD7) \