Bug#767436: unblock: postfix/2.11.3-1
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
Please unblock package postfix
Postfix 2.11.2 introduced a Sendmail milter compatibility change that proved
to be less than ideal. 2.11.3 was released shortly after with a more
complete/correct approach. Except for an OS X build system compatibility fix
that is irrelevant to Debian there are no other changes.
I've coordinated this request with Lamont Jones (the maintainer) and am
submitting this at his request. We believe this is an important change to
get into Jessie. It resolves a number of integration/compatibility problems
that have been prominently discussed in the postfix community recently.
The attached diff is the upstream 2.11.2 -> 2.11.3 diff since Lamont is
handling the packaging and I don't have the full debdiff. The final diff
will be the attached plus a debian/changelog entry.
unblock postfix/2.11.3-1
diff -ruN postfix-2.11.2/HISTORY postfix-2.11.3/HISTORY
--- postfix-2.11.2/HISTORY 2014-10-13 18:32:42.000000000 -0400
+++ postfix-2.11.3/HISTORY 2014-10-19 18:11:34.000000000 -0400
@@ -19600,3 +19600,21 @@
SPF policy plus DKIM Milter. PREPENDed headers are now
added BELOW Postfix's own Received: header and remain visible
to Milters. File: smtpd/smtpd.c.
+
+20141014
+
+ Portability: Darwin 11.x needs to link with -lresolv. Viktor
+ Dukhovni. File: makedefs.
+
+20141018
+
+ Bugfix (introduced: Postfix 2.3): when a Milter inserted a
+ header ABOVE Postfix's own Received: header, Postfix would
+ expose its own Received: header to Milters (violating
+ protocol) and hide the Milter-inserted header from Milters
+ (wtf). Files: cleanup/cleanup.h, cleanup/cleanup_message.c,
+ cleanup/cleanup_state.c, milter/milter.[hc], milter/milter8.c.
+
+ Cleanup: revert the workaround that places headers inserted
+ with PREPEND actions or policy requests BELOW Postfix's own
+ Received: message header. File: smtpd/smtpd.c.
diff -ruN postfix-2.11.2/makedefs postfix-2.11.3/makedefs
--- postfix-2.11.2/makedefs 2014-01-16 14:49:11.000000000 -0500
+++ postfix-2.11.3/makedefs 2014-10-19 18:10:54.000000000 -0400
@@ -491,9 +491,9 @@
?.*) CCARGS="$CCARGS -DRESOLVE_H_NEEDS_NAMESER8_COMPAT_H";;
*) CCARGS="$CCARGS -DRESOLVE_H_NEEDS_ARPA_NAMESER_COMPAT_H";;
esac
- # Darwin 12.x (MacOS X 10.8.x), maybe earlier, needs libresolv.
+ # Darwin 11.x (MacOS X 10.7.x), maybe earlier, needs libresolv.
case $RELEASE in
- ?.*|1[0-1].*) ;;
+ ?.*|10.*) ;;
*) SYSLIBS="$SYSLIBS -lresolv";;
esac
# kqueue and/or poll are broken in MacOS X 10.5 (Darwin 9).
diff -ruN postfix-2.11.2/src/cleanup/cleanup.h postfix-2.11.3/src/cleanup/cleanup.h
--- postfix-2.11.2/src/cleanup/cleanup.h 2013-11-23 19:39:32.000000000 -0500
+++ postfix-2.11.3/src/cleanup/cleanup.h 2014-10-18 17:14:21.000000000 -0400
@@ -61,6 +61,7 @@
char *orig_rcpt; /* original recipient address */
char *return_receipt; /* return-receipt address */
char *errors_to; /* errors-to address */
+ ARGV *auto_hdrs; /* MTA's own header(s) */
int flags; /* processing options, status flags */
int qmgr_opts; /* qmgr processing options */
int errs; /* any badness experienced */
diff -ruN postfix-2.11.2/src/cleanup/cleanup_message.c postfix-2.11.3/src/cleanup/cleanup_message.c
--- postfix-2.11.2/src/cleanup/cleanup_message.c 2013-11-12 12:53:03.000000000 -0500
+++ postfix-2.11.3/src/cleanup/cleanup_message.c 2014-10-18 17:23:26.000000000 -0400
@@ -479,6 +479,10 @@
if (hdr_opts && (hdr_opts->flags & HDR_OPT_MIME))
header_class = MIME_HDR_MULTIPART;
+ /* Update the Received: header count before maybe dropping headers below. */
+ if (hdr_opts && hdr_opts->type == HDR_RECEIVED)
+ state->hop_count += 1;
+
if ((state->flags & CLEANUP_FLAG_FILTER)
&& (CHECK(MIME_HDR_PRIMARY, cleanup_header_checks, VAR_HEADER_CHECKS)
|| CHECK(MIME_HDR_MULTIPART, cleanup_mimehdr_checks, VAR_MIMEHDR_CHECKS)
@@ -579,9 +583,13 @@
msg_info("%s: message-id=%s", state->queue_id, hdrval);
if (hdr_opts->type == HDR_RESENT_MESSAGE_ID)
msg_info("%s: resent-message-id=%s", state->queue_id, hdrval);
- if (hdr_opts->type == HDR_RECEIVED)
- if (++state->hop_count >= var_hopcount_limit)
+ if (hdr_opts->type == HDR_RECEIVED) {
+ if (state->hop_count >= var_hopcount_limit)
state->errs |= CLEANUP_STAT_HOPS;
+ /* Save our Received: header after maybe updating headers above. */
+ if (state->hop_count == 1)
+ argv_add(state->auto_hdrs, vstring_str(header_buf), ARGV_END);
+ }
if (CLEANUP_OUT_OK(state)) {
if (hdr_opts->flags & HDR_OPT_RR)
state->resent = "Resent-";
diff -ruN postfix-2.11.2/src/cleanup/cleanup_milter.c postfix-2.11.3/src/cleanup/cleanup_milter.c
--- postfix-2.11.2/src/cleanup/cleanup_milter.c 2013-11-23 20:25:40.000000000 -0500
+++ postfix-2.11.3/src/cleanup/cleanup_milter.c 2014-10-18 17:14:21.000000000 -0400
@@ -2020,7 +2020,7 @@
* filter library.
*/
if ((resp = milter_message(milters, state->handle->stream,
- state->data_offset)) != 0)
+ state->data_offset, state->auto_hdrs)) != 0)
cleanup_milter_apply(state, "END-OF-MESSAGE", resp);
/*
diff -ruN postfix-2.11.2/src/cleanup/cleanup_state.c postfix-2.11.3/src/cleanup/cleanup_state.c
--- postfix-2.11.2/src/cleanup/cleanup_state.c 2013-11-23 19:37:19.000000000 -0500
+++ postfix-2.11.3/src/cleanup/cleanup_state.c 2014-10-18 17:14:21.000000000 -0400
@@ -78,6 +78,7 @@
state->orig_rcpt = 0;
state->return_receipt = 0;
state->errors_to = 0;
+ state->auto_hdrs = argv_alloc(1);
state->flags = 0;
state->qmgr_opts = 0;
state->errs = 0;
@@ -151,6 +152,7 @@
myfree(state->return_receipt);
if (state->errors_to)
myfree(state->errors_to);
+ argv_free(state->auto_hdrs);
if (state->queue_name)
myfree(state->queue_name);
if (state->queue_id)
diff -ruN postfix-2.11.2/src/global/mail_version.h postfix-2.11.3/src/global/mail_version.h
--- postfix-2.11.2/src/global/mail_version.h 2014-10-13 18:31:44.000000000 -0400
+++ postfix-2.11.3/src/global/mail_version.h 2014-10-19 18:12:15.000000000 -0400
@@ -20,8 +20,8 @@
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20141013"
-#define MAIL_VERSION_NUMBER "2.11.2"
+#define MAIL_RELEASE_DATE "20141019"
+#define MAIL_VERSION_NUMBER "2.11.3"
#ifdef SNAPSHOT
#define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE
diff -ruN postfix-2.11.2/src/milter/milter8.c postfix-2.11.3/src/milter/milter8.c
--- postfix-2.11.2/src/milter/milter8.c 2013-11-18 14:45:07.000000000 -0500
+++ postfix-2.11.3/src/milter/milter8.c 2014-10-18 17:14:21.000000000 -0400
@@ -2285,6 +2285,8 @@
MILTER8 *milter; /* milter client */
ARGV *eoh_macros; /* end-of-header macros */
ARGV *eod_macros; /* end-of-body macros */
+ ARGV *auto_hdrs; /* auto-generated headers */
+ int auto_done; /* good enough for now */
int first_header; /* first header */
int first_body; /* first body line */
const char *resp; /* milter application response */
@@ -2301,6 +2303,8 @@
MILTER8 *milter = msg_ctx->milter;
char *cp;
int skip_reply;
+ char **cpp;
+ unsigned done;
/*
* XXX Workaround: mime_state_update() may invoke multiple call-backs
@@ -2329,10 +2333,11 @@
* XXX Sendmail compatibility. It eats the first space (not tab) after the
* header label and ":".
*/
- if (msg_ctx->first_header) {
- msg_ctx->first_header = 0;
- return;
- }
+ for (cpp = msg_ctx->auto_hdrs->argv, done = 1; *cpp; cpp++, done <<= 1)
+ if ((msg_ctx->auto_done & done) == 0 && strcmp(*cpp, STR(buf)) == 0) {
+ msg_ctx->auto_done |= done;
+ return;
+ }
/*
* Sendmail 8 sends multi-line headers as text separated by newline.
@@ -2507,7 +2512,8 @@
static const char *milter8_message(MILTER *m, VSTREAM *qfile,
off_t data_offset,
ARGV *eoh_macros,
- ARGV *eod_macros)
+ ARGV *eod_macros,
+ ARGV *auto_hdrs)
{
const char *myname = "milter8_message";
MILTER8 *milter = (MILTER8 *) m;
@@ -2541,6 +2547,8 @@
msg_ctx.milter = milter;
msg_ctx.eoh_macros = eoh_macros;
msg_ctx.eod_macros = eod_macros;
+ msg_ctx.auto_hdrs = auto_hdrs;
+ msg_ctx.auto_done = 0;
msg_ctx.first_header = 1;
msg_ctx.first_body = 1;
msg_ctx.resp = 0;
diff -ruN postfix-2.11.2/src/milter/milter.c postfix-2.11.3/src/milter/milter.c
--- postfix-2.11.2/src/milter/milter.c 2011-10-24 10:28:38.000000000 -0400
+++ postfix-2.11.3/src/milter/milter.c 2014-10-18 17:14:21.000000000 -0400
@@ -85,10 +85,11 @@
/* const char *milter_other_event(milters)
/* MILTERS *milters;
/*
-/* const char *milter_message(milters, qfile, data_offset)
+/* const char *milter_message(milters, qfile, data_offset, auto_hdrs)
/* MILTERS *milters;
/* VSTREAM *qfile;
/* off_t data_offset;
+/* ARGV *auto_hdrs;
/*
/* const char *milter_abort(milters)
/* MILTERS *milters;
@@ -481,7 +482,8 @@
/* milter_message - inspect message content */
-const char *milter_message(MILTERS *milters, VSTREAM *fp, off_t data_offset)
+const char *milter_message(MILTERS *milters, VSTREAM *fp, off_t data_offset,
+ ARGV *auto_hdrs)
{
const char *resp;
MILTER *m;
@@ -495,7 +497,8 @@
for (resp = 0, m = milters->milter_list; resp == 0 && m != 0; m = m->next) {
any_eoh_macros = MILTER_MACRO_EVAL(global_eoh_macros, m, milters, eoh_macros);
any_eod_macros = MILTER_MACRO_EVAL(global_eod_macros, m, milters, eod_macros);
- resp = m->message(m, fp, data_offset, any_eoh_macros, any_eod_macros);
+ resp = m->message(m, fp, data_offset, any_eoh_macros, any_eod_macros,
+ auto_hdrs);
if (any_eoh_macros != global_eoh_macros)
argv_free(any_eoh_macros);
if (any_eod_macros != global_eod_macros)
diff -ruN postfix-2.11.2/src/milter/milter.h postfix-2.11.3/src/milter/milter.h
--- postfix-2.11.2/src/milter/milter.h 2009-04-27 10:53:56.000000000 -0400
+++ postfix-2.11.3/src/milter/milter.h 2014-10-18 17:14:21.000000000 -0400
@@ -40,7 +40,7 @@
const char *(*mail_event) (struct MILTER *, const char **, ARGV *);
const char *(*rcpt_event) (struct MILTER *, const char **, ARGV *);
const char *(*data_event) (struct MILTER *, ARGV *);
- const char *(*message) (struct MILTER *, VSTREAM *, off_t, ARGV *, ARGV *);
+ const char *(*message) (struct MILTER *, VSTREAM *, off_t, ARGV *, ARGV *, ARGV *);
const char *(*unknown_event) (struct MILTER *, const char *, ARGV *);
const char *(*other_event) (struct MILTER *);
void (*abort) (struct MILTER *);
@@ -136,7 +136,7 @@
extern const char *milter_mail_event(MILTERS *, const char **);
extern const char *milter_rcpt_event(MILTERS *, int, const char **);
extern const char *milter_data_event(MILTERS *);
-extern const char *milter_message(MILTERS *, VSTREAM *, off_t);
+extern const char *milter_message(MILTERS *, VSTREAM *, off_t, ARGV *);
extern const char *milter_unknown_event(MILTERS *, const char *);
extern const char *milter_other_event(MILTERS *);
extern void milter_abort(MILTERS *);
diff -ruN postfix-2.11.2/src/smtpd/smtpd.c postfix-2.11.3/src/smtpd/smtpd.c
--- postfix-2.11.2/src/smtpd/smtpd.c 2014-10-13 18:11:40.000000000 -0400
+++ postfix-2.11.3/src/smtpd/smtpd.c 2014-10-18 17:14:21.000000000 -0400
@@ -2985,6 +2985,13 @@
}
/*
+ * PREPEND message headers above our own Received: header.
+ */
+ if (state->prepend)
+ for (cpp = state->prepend->argv; *cpp; cpp++)
+ out_fprintf(out_stream, REC_TYPE_NORM, "%s", *cpp);
+
+ /*
* Suppress our own Received: header in the unlikely case that we are an
* intermediate proxy.
*/
@@ -3074,17 +3081,6 @@
#endif
}
- /*
- * PREPEND message headers below our own Received: header. According
- * https://www.milter.org/developers/api/smfi_insheader, Milters see only
- * headers that have been sent by the SMTP client and those header
- * modifications by earlier filters. Based on this we allow Milters to
- * see headers added by access map or by policy service.
- */
- if (state->prepend)
- for (cpp = state->prepend->argv; *cpp; cpp++)
- out_fprintf(out_stream, REC_TYPE_NORM, "%s", *cpp);
-
smtpd_chat_reply(state, "354 End data with <CR><LF>.<CR><LF>");
state->where = SMTPD_AFTER_DATA;
Reply to: