Bug#1021645: bullseye-pu: package postfix/3.5.13-0+deb11u1
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian.org@packages.debian.org
Usertags: pu
This is another in my occasional series of postfix updates to
keep up with upstream maintenance updates to the version in
stable (v3.5). Upstream is still judicious and reasonable in
their approach to fixing things. The maintenance updates are
generally suitable for Debian stable updates.
[ Reason ]
Fix bugs. As far as I have determined, with one exception that
was a Debian patch in the last update earlier in the year and is
now in the upstream code, these issues to not correspond to
specific BTS bugs, but a number of these changes address issues
which Debian users might experience.
[ Impact ]
Users will continue to have the bugs. Additionally, upstream
ocassionally checks if postfix is up to date in Debian and so
doing the stable updates helps upstream relations.
[ Tests ]
Postfix does have an autopkgtest. I have built the proposed
package locally (on bullseye) and have it running in production
with no issues noted.
[ Risks ]
Risks should be minimal. This upstream has a very good track
record for low risk updates (we have been doing these several
cycles and haven't experienced any significan issues. None of
the fixes are particularly comples.
[ Checklist ]
[X] *all* changes are documented in the d/changelog
[X] I reviewed all changes and I approve them
[X] attach debdiff against the package in (old)stable
[X] the issue is verified as fixed in unstable
[ Changes ]
Here is the proposed debian/changelog entry with the
explanation of the changes:
postfix (3.5.17-0+deb11u1) bullseye; urgency=medium
[Scott Kitterman]
* Delete debian/patches/postfix-dup-postconf.patch, earlier backport now
upstream (from 3.5.14)
[Wietse Venema]
* 3.5.14
- Bugfix (introduced: 20210708): duplicate bounce_notice_recipient
entries in postconf output. The fix to send SMTP session
transcripts to bounce_notice_recipient was incomplete.
Reported by Vincent Lefevre. File: smtpd/smtpd.c.
- Bugfix (introduced: Postfix 3.0): the proxymap daemon did
not automatically authorize proxied maps inside pipemap
(example: pipemap:{proxy:maptype:mapname, ...}) or inside
unionmap. Problem reported by Mirko Vogt. Files:
proxymap/proxymap.c.
- Bugfix (introduced: Postfix 2.5): off-by-one error while
writing a string terminator. This code had passed all memory
corruption tests, presumably because it wrote over an
alignment padding byte, or over an adjacent character byte
that was never read. Reported by Robert Siemer. Files:
*qmgr/qmgr_feedback.c.
- Cleanup: added missing _maps parameter names to the
proxy_read_maps default value, based on output from the
mantools/missing-proxy-read-maps script. File:
global/mail_params.h.
* 3.5.15
- Bitrot: Glibc 2.34 implements closefrom(). File:
util/sys_defs.h.
- Bitrot: Berkeley DB 18 is like Berkeley DB 6. Yasuhiro
Kimura. File: util/dict_db.c.
* 3.5.16
- Cleanup: added missing _checks, _reply_footer, _reply_filter,
_command_filter, and _delivery_status_filter parameter names
to the proxy_read_maps default value. Files: global/mail_params.h,
mantools/missing-proxy-read-maps.
- Bugfix: in an internal client module, "host or service not
found" was a fatal error, causing the milter_default_action
setting to be ignored. It is now a non-fatal error. The
same client is used by many Postfix clients (smtpd_proxy,
dovecot auth, tcp_table, memcache, socketmap, and so on).
Problem reported by Christian Degenkolb. File: util/inet_connect.c.
- Cleanup (problem introduced: Postfix 3.0): with dynamic map
loading enabled, an attempt to create a map with "postmap
regexp:path" would result in a bogus error message "Is the
postfix-regexp package installed?" instead of "unsupported
map type for this operation". This happened with all built-in
map types (static, cidr, etc.) that have no 'bulk create'
support. Problem reported by Greg Klanderman. File:
global/dynamicmaps.c.
- Cleanup (problem introduced: Postfix 2.7): milter_header_checks
maps are now opened before the cleanup server enters the
chroot jail. Problem reported by Jesper Dybdal. Files:
cleanup/cleanup.h, cleanup/cleanup_init.c,
cleanup/cleanup_milter.c, cleanup/cleanup_state.c.
* 3.5.17
- Cleanup: Postfix 3.5.0 introduced debug logging noise in
map_search_create(). Files: global/map_search.c.
- Workaround: in a TLS server disable Postfix's 1-element
internal session cache, to work around an OpenSSL 3.0
regression that broke TLS handshakes. It is rarely useful.
Report by Spil Oss, fix by Viktor Dukhovni. File:
tls/tls_server.c.
- Cleanup: Postfix 3.3.0 introduced an uninitialized
verify_append() request status in case of a null original
recipient address. File: global/verify.c.
- Cleanup: Postfix 3.5.16 introduced a missing msg_panic()
argument (in code that never executes). File:
cleanup/cleanup_milter.c.
-- Scott Kitterman <scott@kitterman.com> Tue, 11 Oct 2022 22:30:59 -0400
[ Other info ]
All these changes were included in postfix 3.7.3, which is
already in testing.
Scott K
diff -Nru postfix-3.5.13/debian/changelog postfix-3.5.17/debian/changelog
--- postfix-3.5.13/debian/changelog 2022-01-07 00:14:16.000000000 -0500
+++ postfix-3.5.17/debian/changelog 2022-10-11 22:30:59.000000000 -0400
@@ -1,3 +1,91 @@
+postfix (3.5.17-0+deb11u1) UNRELEASED; urgency=medium
+
+ [Scott Kitterman]
+
+ * Delete debian/patches/postfix-dup-postconf.patch, earlier backport now
+ upstream (from 3.5.14)
+
+ [Wietse Venema]
+
+ * 3.5.14
+ - Bugfix (introduced: 20210708): duplicate bounce_notice_recipient
+ entries in postconf output. The fix to send SMTP session
+ transcripts to bounce_notice_recipient was incomplete.
+ Reported by Vincent Lefevre. File: smtpd/smtpd.c.
+
+ - Bugfix (introduced: Postfix 3.0): the proxymap daemon did
+ not automatically authorize proxied maps inside pipemap
+ (example: pipemap:{proxy:maptype:mapname, ...}) or inside
+ unionmap. Problem reported by Mirko Vogt. Files:
+ proxymap/proxymap.c.
+
+ - Bugfix (introduced: Postfix 2.5): off-by-one error while
+ writing a string terminator. This code had passed all memory
+ corruption tests, presumably because it wrote over an
+ alignment padding byte, or over an adjacent character byte
+ that was never read. Reported by Robert Siemer. Files:
+ *qmgr/qmgr_feedback.c.
+
+ - Cleanup: added missing _maps parameter names to the
+ proxy_read_maps default value, based on output from the
+ mantools/missing-proxy-read-maps script. File:
+ global/mail_params.h.
+
+ * 3.5.15
+ - Bitrot: Glibc 2.34 implements closefrom(). File:
+ util/sys_defs.h.
+
+ - Bitrot: Berkeley DB 18 is like Berkeley DB 6. Yasuhiro
+ Kimura. File: util/dict_db.c.
+
+ * 3.5.16
+ - Cleanup: added missing _checks, _reply_footer, _reply_filter,
+ _command_filter, and _delivery_status_filter parameter names
+ to the proxy_read_maps default value. Files: global/mail_params.h,
+ mantools/missing-proxy-read-maps.
+
+ - Bugfix: in an internal client module, "host or service not
+ found" was a fatal error, causing the milter_default_action
+ setting to be ignored. It is now a non-fatal error. The
+ same client is used by many Postfix clients (smtpd_proxy,
+ dovecot auth, tcp_table, memcache, socketmap, and so on).
+ Problem reported by Christian Degenkolb. File: util/inet_connect.c.
+
+ - Cleanup (problem introduced: Postfix 3.0): with dynamic map
+ loading enabled, an attempt to create a map with "postmap
+ regexp:path" would result in a bogus error message "Is the
+ postfix-regexp package installed?" instead of "unsupported
+ map type for this operation". This happened with all built-in
+ map types (static, cidr, etc.) that have no 'bulk create'
+ support. Problem reported by Greg Klanderman. File:
+ global/dynamicmaps.c.
+
+ - Cleanup (problem introduced: Postfix 2.7): milter_header_checks
+ maps are now opened before the cleanup server enters the
+ chroot jail. Problem reported by Jesper Dybdal. Files:
+ cleanup/cleanup.h, cleanup/cleanup_init.c,
+ cleanup/cleanup_milter.c, cleanup/cleanup_state.c.
+
+ * 3.5.17
+ - Cleanup: Postfix 3.5.0 introduced debug logging noise in
+ map_search_create(). Files: global/map_search.c.
+
+ - Workaround: in a TLS server disable Postfix's 1-element
+ internal session cache, to work around an OpenSSL 3.0
+ regression that broke TLS handshakes. It is rarely useful.
+ Report by Spil Oss, fix by Viktor Dukhovni. File:
+ tls/tls_server.c.
+
+ - Cleanup: Postfix 3.3.0 introduced an uninitialized
+ verify_append() request status in case of a null original
+ recipient address. File: global/verify.c.
+
+ - Cleanup: Postfix 3.5.16 introduced a missing msg_panic()
+ argument (in code that never executes). File:
+ cleanup/cleanup_milter.c.
+
+ -- Scott Kitterman <scott@kitterman.com> Tue, 11 Oct 2022 22:30:59 -0400
+
postfix (3.5.13-0+deb11u1) bullseye; urgency=medium
[Scott Kitterman]
diff -Nru postfix-3.5.13/debian/patches/postfix-dup-postconf.patch postfix-3.5.17/debian/patches/postfix-dup-postconf.patch
--- postfix-3.5.13/debian/patches/postfix-dup-postconf.patch 2022-01-07 00:14:16.000000000 -0500
+++ postfix-3.5.17/debian/patches/postfix-dup-postconf.patch 1969-12-31 19:00:00.000000000 -0500
@@ -1,20 +0,0 @@
-Description: Fix duplicate bounce_notice_recipient entries in postconf output.
- Bug introduced on 2021-07-08. Reported by Vincent Lefevre.
- https://marc.info/?l=postfix-users&m=163698504624352&w=2
-Bug-Debian: https://bugs.debian.org/999694
-Author: Wietse Venema <wietse@porcupine.org>
-Last-Update: 2021-11-15
-
-Index: postfix/src/smtpd/smtpd.c
-===================================================================
---- postfix.orig/src/smtpd/smtpd.c
-+++ postfix/src/smtpd/smtpd.c
-@@ -6419,7 +6419,7 @@ int main(int argc, char **argv)
- VAR_EOD_CHECKS, DEF_EOD_CHECKS, &var_eod_checks, 0, 0,
- VAR_MAPS_RBL_DOMAINS, DEF_MAPS_RBL_DOMAINS, &var_maps_rbl_domains, 0, 0,
- VAR_RBL_REPLY_MAPS, DEF_RBL_REPLY_MAPS, &var_rbl_reply_maps, 0, 0,
-- VAR_BOUNCE_RCPT, DEF_ERROR_RCPT, &var_bounce_rcpt, 1, 0,
-+ VAR_BOUNCE_RCPT, DEF_BOUNCE_RCPT, &var_bounce_rcpt, 1, 0,
- VAR_ERROR_RCPT, DEF_ERROR_RCPT, &var_error_rcpt, 1, 0,
- VAR_REST_CLASSES, DEF_REST_CLASSES, &var_rest_classes, 0, 0,
- VAR_CANONICAL_MAPS, DEF_CANONICAL_MAPS, &var_canonical_maps, 0, 0,
diff -Nru postfix-3.5.13/debian/patches/series postfix-3.5.17/debian/patches/series
--- postfix-3.5.13/debian/patches/series 2022-01-07 00:14:16.000000000 -0500
+++ postfix-3.5.17/debian/patches/series 2022-10-11 22:30:59.000000000 -0400
@@ -1,4 +1,3 @@
-postfix-dup-postconf.patch
02_kfreebsd_support.diff
03_ldap3_by_default.diff
04_remove_gdbm_support.diff
diff -Nru postfix-3.5.13/HISTORY postfix-3.5.17/HISTORY
--- postfix-3.5.13/HISTORY 2021-11-07 18:09:38.000000000 -0500
+++ postfix-3.5.17/HISTORY 2022-10-07 17:00:23.000000000 -0400
@@ -25055,3 +25055,104 @@
previously occupied by the original message body.
Problem report by Benoît Panizzon.
+
+20211115
+
+ Bugfix (introduced: 20210708): duplicate bounce_notice_recipient
+ entries in postconf output. The fix to send SMTP session
+ transcripts to bounce_notice_recipient was incomplete.
+ Reported by Vincent Lefevre. File: smtpd/smtpd.c.
+
+20211216
+
+ Bugfix (introduced: Postfix 3.0): the proxymap daemon did
+ not automatically authorize proxied maps inside pipemap
+ (example: pipemap:{proxy:maptype:mapname, ...}) or inside
+ unionmap. Problem reported by Mirko Vogt. Files:
+ proxymap/proxymap.c.
+
+20211220
+
+ Bugfix (introduced: Postfix 2.5): off-by-one error while
+ writing a string terminator. This code had passed all memory
+ corruption tests, presumably because it wrote over an
+ alignment padding byte, or over an adjacent character byte
+ that was never read. Reported by Robert Siemer. Files:
+ *qmgr/qmgr_feedback.c.
+
+20211223
+
+ Cleanup: added missing _maps parameter names to the
+ proxy_read_maps default value, based on output from the
+ mantools/missing-proxy-read-maps script. File:
+ global/mail_params.h.
+
+20220120
+
+ Bitrot: Glibc 2.34 implements closefrom(). File:
+ util/sys_defs.h.
+
+20220202
+
+ Bitrot: Berkeley DB 18 is like Berkeley DB 6. Yasuhiro
+ Kimura. File: util/dict_db.c.
+
+20220322
+
+ Cleanup: added missing _checks, _reply_footer, _reply_filter,
+ _command_filter, and _delivery_status_filter parameter names
+ to the proxy_read_maps default value. Files: global/mail_params.h,
+ mantools/missing-proxy-read-maps.
+
+20220404
+
+ Bugfix: in an internal client module, "host or service not
+ found" was a fatal error, causing the milter_default_action
+ setting to be ignored. It is now a non-fatal error. The
+ same client is used by many Postfix clients (smtpd_proxy,
+ dovecot auth, tcp_table, memcache, socketmap, and so on).
+ Problem reported by Christian Degenkolb. File: util/inet_connect.c.
+
+20220415
+
+ Cleanup (problem introduced: Postfix 3.0): with dynamic map
+ loading enabled, an attempt to create a map with "postmap
+ regexp:path" would result in a bogus error message "Is the
+ postfix-regexp package installed?" instead of "unsupported
+ map type for this operation". This happened with all built-in
+ map types (static, cidr, etc.) that have no 'bulk create'
+ support. Problem reported by Greg Klanderman. File:
+ global/dynamicmaps.c.
+
+20220417
+
+ Cleanup (problem introduced: Postfix 2.7): milter_header_checks
+ maps are now opened before the cleanup server enters the
+ chroot jail. Problem reported by Jesper Dybdal. Files:
+ cleanup/cleanup.h, cleanup/cleanup_init.c,
+ cleanup/cleanup_milter.c, cleanup/cleanup_state.c.
+
+20220719
+
+ Cleanup: Postfix 3.5.0 introduced debug logging noise in
+ map_search_create(). Files: global/map_search.c.
+
+20220724
+
+ Workaround: in a TLS server disable Postfix's 1-element
+ internal session cache, to work around an OpenSSL 3.0
+ regression that broke TLS handshakes. It is rarely useful.
+ Report by Spil Oss, fix by Viktor Dukhovni. File:
+ tls/tls_server.c.
+
+20220905
+
+ Cleanup: Postfix 3.3.0 introduced an uninitialized
+ verify_append() request status in case of a null original
+ recipient address. File: global/verify.c.
+
+20220906
+
+ Cleanup: Postfix 3.5.16 introduced a missing msg_panic()
+ argument (in code that never executes). File:
+ cleanup/cleanup_milter.c.
diff -Nru postfix-3.5.13/src/cleanup/cleanup.h postfix-3.5.17/src/cleanup/cleanup.h
--- postfix-3.5.13/src/cleanup/cleanup.h 2018-01-06 19:29:46.000000000 -0500
+++ postfix-3.5.17/src/cleanup/cleanup.h 2022-04-17 18:10:42.000000000 -0400
@@ -117,8 +117,6 @@
VSTRING *milter_ext_from; /* externalized sender */
VSTRING *milter_ext_rcpt; /* externalized recipient */
VSTRING *milter_err_text; /* milter call-back reply */
- HBC_CHECKS *milter_hbc_checks; /* Milter header checks */
- VSTRING *milter_hbc_reply; /* Milter header checks reply */
VSTRING *milter_dsn_buf; /* Milter DSN parsing buffer */
/*
@@ -318,6 +316,7 @@
/*
* cleanup_milter.c.
*/
+extern void cleanup_milter_header_checks_init(void);
extern void cleanup_milter_receive(CLEANUP_STATE *, int);
extern void cleanup_milter_inspect(CLEANUP_STATE *, MILTERS *);
extern void cleanup_milter_emul_mail(CLEANUP_STATE *, MILTERS *, const char *);
diff -Nru postfix-3.5.13/src/cleanup/cleanup_init.c postfix-3.5.17/src/cleanup/cleanup_init.c
--- postfix-3.5.13/src/cleanup/cleanup_init.c 2019-10-13 11:32:18.000000000 -0400
+++ postfix-3.5.17/src/cleanup/cleanup_init.c 2022-04-17 18:10:42.000000000 -0400
@@ -426,6 +426,8 @@
var_milt_eod_macros,
var_milt_unk_macros,
var_milt_macro_deflts);
+ if (*var_milt_head_checks)
+ cleanup_milter_header_checks_init();
flush_init();
}
diff -Nru postfix-3.5.13/src/cleanup/cleanup_milter.c postfix-3.5.17/src/cleanup/cleanup_milter.c
--- postfix-3.5.13/src/cleanup/cleanup_milter.c 2021-11-05 18:39:27.000000000 -0400
+++ postfix-3.5.17/src/cleanup/cleanup_milter.c 2022-10-07 15:10:22.000000000 -0400
@@ -6,6 +6,8 @@
/* SYNOPSIS
/* #include <cleanup.h>
/*
+/* void cleanup_milter_header_checks_init(void)
+/*
/* void cleanup_milter_receive(state, count)
/* CLEANUP_STATE *state;
/* int count;
@@ -32,6 +34,9 @@
/* filter (milter) applications, including in-place queue file
/* modification.
/*
+/* cleanup_milter_header_checks_init() does pre-jail
+/* initializations.
+/*
/* cleanup_milter_receive() receives mail filter definitions,
/* typically from an smtpd(8) server process, and registers
/* local call-back functions for macro expansion and for queue
@@ -222,6 +227,8 @@
/*#define msg_verbose 2*/
+static HBC_CHECKS *cleanup_milter_hbc_checks;
+static VSTRING *cleanup_milter_hbc_reply;
static void cleanup_milter_set_error(CLEANUP_STATE *, int);
static const char *cleanup_add_rcpt_par(void *, const char *, const char *);
@@ -345,9 +352,9 @@
state->errs |= CLEANUP_STAT_CONT;
state->flags &= ~CLEANUP_FLAG_FILTER_ALL;
cleanup_milter_hbc_log(context, "reject", where, buf, state->reason);
- vstring_sprintf(state->milter_hbc_reply, "%d %s",
+ vstring_sprintf(cleanup_milter_hbc_reply, "%d %s",
detail->smtp, state->reason);
- STR(state->milter_hbc_reply)[0] = *state->reason;
+ STR(cleanup_milter_hbc_reply)[0] = *state->reason;
return ((char *) buf);
}
if (STREQUAL(command, "FILTER", cmd_len)) {
@@ -368,7 +375,7 @@
}
if (STREQUAL(command, "DISCARD", cmd_len)) {
cleanup_milter_hbc_log(context, "discard", where, buf, optional_text);
- vstring_strcpy(state->milter_hbc_reply, "D");
+ vstring_strcpy(cleanup_milter_hbc_reply, "D");
state->flags |= CLEANUP_FLAG_DISCARD;
state->flags &= ~CLEANUP_FLAG_FILTER_ALL;
return ((char *) buf);
@@ -409,7 +416,7 @@
* end-of-message stage, therefore all the header operations are relative
* to the primary message header.
*/
- ret = hbc_header_checks((void *) state, state->milter_hbc_checks,
+ ret = hbc_header_checks((void *) state, cleanup_milter_hbc_checks,
MIME_HDR_PRIMARY, (HEADER_OPTS *) 0,
buf, (off_t) 0);
if (ret == 0) {
@@ -504,8 +511,10 @@
/* cleanup_milter_header_checks_init - initialize post-Milter header checks */
-static void cleanup_milter_header_checks_init(CLEANUP_STATE *state)
+void cleanup_milter_header_checks_init(void)
{
+ static const char myname[] = "cleanup_milter_header_checks_init";
+
#define NO_NESTED_HDR_NAME ""
#define NO_NESTED_HDR_VALUE ""
#define NO_MIME_HDR_NAME ""
@@ -517,30 +526,60 @@
cleanup_milter_hbc_extend,
};
- state->milter_hbc_checks =
+ if (*var_milt_head_checks == 0)
+ msg_panic("%s: %s is empty", myname, VAR_MILT_HEAD_CHECKS);
+
+ if (cleanup_milter_hbc_checks)
+ msg_panic("%s: cleanup_milter_hbc_checks is not null", myname);
+ cleanup_milter_hbc_checks =
hbc_header_checks_create(VAR_MILT_HEAD_CHECKS, var_milt_head_checks,
NO_MIME_HDR_NAME, NO_MIME_HDR_VALUE,
NO_NESTED_HDR_NAME, NO_NESTED_HDR_VALUE,
&call_backs);
- state->milter_hbc_reply = vstring_alloc(100);
+
+ if (cleanup_milter_hbc_reply)
+ msg_panic("%s: cleanup_milter_hbc_reply is not null", myname);
+ cleanup_milter_hbc_reply = vstring_alloc(100);
+}
+
+#ifdef TEST
+
+/* cleanup_milter_header_checks_deinit - undo cleanup_milter_header_checks_init */
+
+static void cleanup_milter_header_checks_deinit(void)
+{
+ static const char myname[] = "cleanup_milter_header_checks_deinit";
+
+ if (cleanup_milter_hbc_checks == 0)
+ msg_panic("%s: cleanup_milter_hbc_checks is null", myname);
+ hbc_header_checks_free(cleanup_milter_hbc_checks);
+ cleanup_milter_hbc_checks = 0;
+
+ if (cleanup_milter_hbc_reply == 0)
+ msg_panic("%s: cleanup_milter_hbc_reply is null", myname);
+ vstring_free(cleanup_milter_hbc_reply);
+ cleanup_milter_hbc_reply = 0;
+}
+
+#endif
+
+/* cleanup_milter_header_checks_reinit - re-init post-Milter header checks */
+
+static void cleanup_milter_header_checks_reinit(CLEANUP_STATE *state)
+{
if (state->filter)
myfree(state->filter);
state->filter = 0;
if (state->redirect)
myfree(state->redirect);
state->redirect = 0;
+ VSTRING_RESET(cleanup_milter_hbc_reply);
}
/* cleanup_milter_hbc_finish - finalize post-Milter header checks */
static void cleanup_milter_hbc_finish(CLEANUP_STATE *state)
{
- if (state->milter_hbc_checks)
- hbc_header_checks_free(state->milter_hbc_checks);
- state->milter_hbc_checks = 0;
- if (state->milter_hbc_reply)
- vstring_free(state->milter_hbc_reply);
- state->milter_hbc_reply = 0;
if (CLEANUP_OUT_OK(state)
&& !CLEANUP_MILTER_REJECTING_OR_DISCARDING_MESSAGE(state)
&& (state->filter || state->redirect))
@@ -644,7 +683,7 @@
*/
buf = vstring_alloc(100);
vstring_sprintf(buf, "%s:%s%s", name, space, value);
- if (state->milter_hbc_checks) {
+ if (cleanup_milter_hbc_checks) {
if (cleanup_milter_header_checks(state, buf) == 0
|| (state->flags & CLEANUP_FLAG_DISCARD)) {
vstring_free(buf);
@@ -707,8 +746,8 @@
* In case of error while doing record output.
*/
return (CLEANUP_OUT_OK(state) == 0 ? cleanup_milter_error(state, 0) :
- state->milter_hbc_reply && LEN(state->milter_hbc_reply) ?
- STR(state->milter_hbc_reply) : 0);
+ cleanup_milter_hbc_reply && LEN(cleanup_milter_hbc_reply) ?
+ STR(cleanup_milter_hbc_reply) : 0);
/*
* Note: state->append_hdr_pt_target never changes.
@@ -1032,7 +1071,7 @@
* be dropped.
*/
vstring_sprintf(buf, "%s:%s%s", new_hdr_name, hdr_space, new_hdr_value);
- if (state->milter_hbc_checks
+ if (cleanup_milter_hbc_checks
&& cleanup_milter_header_checks(state, buf) == 0)
CLEANUP_PATCH_HEADER_RETURN(0);
@@ -1101,8 +1140,8 @@
*/
CLEANUP_PATCH_HEADER_RETURN(
CLEANUP_OUT_OK(state) == 0 ? cleanup_milter_error(state, 0) :
- state->milter_hbc_reply && LEN(state->milter_hbc_reply) ?
- STR(state->milter_hbc_reply) : 0);
+ cleanup_milter_hbc_reply && LEN(cleanup_milter_hbc_reply) ?
+ STR(cleanup_milter_hbc_reply) : 0);
/*
* Note: state->append_hdr_pt_target never changes.
@@ -1982,8 +2021,8 @@
* Don't process our own milter_header/body checks replies. See comments
* in cleanup_milter_hbc_extend().
*/
- if (state->milter_hbc_reply &&
- strcmp(resp, STR(state->milter_hbc_reply)) == 0)
+ if (cleanup_milter_hbc_reply &&
+ strcmp(resp, STR(cleanup_milter_hbc_reply)) == 0)
return (0);
/*
@@ -2149,7 +2188,7 @@
* Prologue: prepare for Milter header/body checks.
*/
if (*var_milt_head_checks)
- cleanup_milter_header_checks_init(state);
+ cleanup_milter_header_checks_reinit(state);
/*
* Process mail filter replies. The reply format is verified by the mail
@@ -2563,9 +2602,10 @@
cleanup_milter_hbc_finish(state);
myfree(var_milt_head_checks);
var_milt_head_checks = "";
+ cleanup_milter_header_checks_deinit();
}
close_queue_file(state);
- } else if (state->milter_hbc_reply && LEN(state->milter_hbc_reply)) {
+ } else if (cleanup_milter_hbc_reply && LEN(cleanup_milter_hbc_reply)) {
/* Postfix libmilter would skip further requests. */
msg_info("ignoring: %s %s %s", argv->argv[0],
argv->argc > 1 ? argv->argv[1] : "",
@@ -2667,7 +2707,7 @@
msg_warn("can't change header checks");
} else {
var_milt_head_checks = mystrdup(argv->argv[1]);
- cleanup_milter_header_checks_init(state);
+ cleanup_milter_header_checks_init();
}
} else if (strcmp(argv->argv[0], "sender_bcc_maps") == 0) {
if (argv->argc != 2) {
diff -Nru postfix-3.5.13/src/cleanup/cleanup_state.c postfix-3.5.17/src/cleanup/cleanup_state.c
--- postfix-3.5.13/src/cleanup/cleanup_state.c 2017-12-27 16:53:13.000000000 -0500
+++ postfix-3.5.17/src/cleanup/cleanup_state.c 2022-04-17 18:10:42.000000000 -0400
@@ -107,8 +107,6 @@
state->append_hdr_pt_target = -1;
state->append_meta_pt_offset = -1;
state->append_meta_pt_target = -1;
- state->milter_hbc_checks = 0;
- state->milter_hbc_reply = 0;
state->rcpt_count = 0;
state->reason = 0;
state->smtp_reply = 0;
diff -Nru postfix-3.5.13/src/global/dynamicmaps.c postfix-3.5.17/src/global/dynamicmaps.c
--- postfix-3.5.13/src/global/dynamicmaps.c 2014-12-06 20:35:32.000000000 -0500
+++ postfix-3.5.17/src/global/dynamicmaps.c 2022-04-17 16:46:55.000000000 -0400
@@ -168,11 +168,23 @@
* All errors are fatal. If the postmap(1) or postalias(1) command can't
* create the requested database, then graceful degradation is not
* useful.
+ *
+ * Fix 20220416: if this dictionary type is registered for some non-mkmap
+ * purpose, then don't talk nonsense about a missing package.
*/
- if ((dp = (DYMAP_INFO *) htable_find(dymap_info, dict_type)) == 0)
+ if ((dp = (DYMAP_INFO *) htable_find(dymap_info, dict_type)) == 0) {
+ ARGV *types = dict_mapnames();
+ char **cpp;
+
+ for (cpp = types->argv; *cpp; cpp++) {
+ if (strcmp(dict_type, *cpp) == 0)
+ msg_fatal("unsupported dictionary type: %s does not support "
+ "bulk-mode creation.", dict_type);
+ }
msg_fatal("unsupported dictionary type: %s. "
"Is the postfix-%s package installed?",
dict_type, dict_type);
+ }
if (!dp->mkmap_name)
msg_fatal("unsupported dictionary type: %s does not support "
"bulk-mode creation.", dict_type);
diff -Nru postfix-3.5.13/src/global/mail_params.h postfix-3.5.17/src/global/mail_params.h
--- postfix-3.5.13/src/global/mail_params.h 2021-01-17 08:11:47.000000000 -0500
+++ postfix-3.5.17/src/global/mail_params.h 2022-03-22 17:30:42.000000000 -0400
@@ -2442,7 +2442,36 @@
" $" VAR_SMTPD_EHLO_DIS_MAPS \
" $" VAR_SMTPD_MILTER_MAPS \
" $" VAR_VIRT_GID_MAPS \
- " $" VAR_VIRT_UID_MAPS
+ " $" VAR_VIRT_UID_MAPS \
+ " $" VAR_PSC_REJ_FTR_MAPS \
+ " $" VAR_SMTPD_REJ_FTR_MAPS \
+ " $" VAR_TLS_SERVER_SNI_MAPS \
+ " $" VAR_DSN_FILTER \
+ " $" VAR_LMTP_DSN_FILTER \
+ " $" VAR_LMTP_DNS_RE_FILTER \
+ " $" VAR_LMTP_RESP_FILTER \
+ " $" VAR_LOCAL_DSN_FILTER \
+ " $" VAR_PIPE_DSN_FILTER \
+ " $" VAR_PSC_CMD_FILTER \
+ " $" VAR_SMTP_DSN_FILTER \
+ " $" VAR_SMTP_DNS_RE_FILTER \
+ " $" VAR_SMTP_RESP_FILTER \
+ " $" VAR_SMTPD_CMD_FILTER \
+ " $" VAR_SMTPD_DNS_RE_FILTER \
+ " $" VAR_VIRT_DSN_FILTER \
+ " $" VAR_BODY_CHECKS \
+ " $" VAR_HEADER_CHECKS \
+ " $" VAR_LMTP_BODY_CHKS \
+ " $" VAR_LMTP_HEAD_CHKS \
+ " $" VAR_LMTP_MIME_CHKS \
+ " $" VAR_LMTP_NEST_CHKS \
+ " $" VAR_MILT_HEAD_CHECKS \
+ " $" VAR_MIMEHDR_CHECKS \
+ " $" VAR_NESTHDR_CHECKS \
+ " $" VAR_SMTP_BODY_CHKS \
+ " $" VAR_SMTP_HEAD_CHKS \
+ " $" VAR_SMTP_MIME_CHKS \
+ " $" VAR_SMTP_NEST_CHKS
extern char *var_proxy_read_maps;
#define VAR_PROXY_WRITE_MAPS "proxy_write_maps"
diff -Nru postfix-3.5.13/src/global/mail_version.h postfix-3.5.17/src/global/mail_version.h
--- postfix-3.5.13/src/global/mail_version.h 2021-11-07 17:35:31.000000000 -0500
+++ postfix-3.5.17/src/global/mail_version.h 2022-10-07 17:14:54.000000000 -0400
@@ -20,8 +20,8 @@
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20211107"
-#define MAIL_VERSION_NUMBER "3.5.13"
+#define MAIL_RELEASE_DATE "20221007"
+#define MAIL_VERSION_NUMBER "3.5.17"
#ifdef SNAPSHOT
#define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE
diff -Nru postfix-3.5.13/src/global/map_search.c postfix-3.5.17/src/global/map_search.c
--- postfix-3.5.13/src/global/map_search.c 2020-03-08 10:51:31.000000000 -0400
+++ postfix-3.5.17/src/global/map_search.c 2022-10-07 15:19:14.000000000 -0400
@@ -188,7 +188,6 @@
MAP_SEARCH_CREATE_RETURN(0);
}
}
- msg_info("split_nameval(\"%s\"", attr_name_val);
if ((const_err = split_nameval(attr_name_val, &attr_name,
&attr_value)) != 0) {
msg_warn("malformed map attribute in '%s': '%s'",
diff -Nru postfix-3.5.13/src/global/verify.c postfix-3.5.17/src/global/verify.c
--- postfix-3.5.13/src/global/verify.c 2017-12-27 16:53:13.000000000 -0500
+++ postfix-3.5.17/src/global/verify.c 2022-10-07 15:19:23.000000000 -0400
@@ -108,6 +108,8 @@
if (recipient->orig_addr[0])
req_stat = verify_clnt_update(recipient->orig_addr, vrfy_stat,
my_dsn.reason);
+ else
+ req_stat = VRFY_STAT_OK;
/* Two verify updates for one verify request! */
if (req_stat == VRFY_STAT_OK
&& strcmp(recipient->address, recipient->orig_addr) != 0)
diff -Nru postfix-3.5.13/src/oqmgr/qmgr_feedback.c postfix-3.5.17/src/oqmgr/qmgr_feedback.c
--- postfix-3.5.13/src/oqmgr/qmgr_feedback.c 2008-01-08 15:51:39.000000000 -0500
+++ postfix-3.5.17/src/oqmgr/qmgr_feedback.c 2021-12-22 17:49:37.000000000 -0500
@@ -109,7 +109,7 @@
double enum_val;
char denom_str[30 + 1];
double denom_val;
- char slash;
+ char slash[1 + 1];
char junk;
char *fbck_name;
char *fbck_val;
@@ -135,7 +135,7 @@
fb->base = -1; /* assume error */
switch (sscanf(fbck_val, "%lf %1[/] %30s%c",
- &enum_val, &slash, denom_str, &junk)) {
+ &enum_val, slash, denom_str, &junk)) {
case 1:
fb->index = QMGR_FEEDBACK_IDX_NONE;
fb->base = enum_val;
diff -Nru postfix-3.5.13/src/proxymap/proxymap.c postfix-3.5.17/src/proxymap/proxymap.c
--- postfix-3.5.13/src/proxymap/proxymap.c 2019-07-24 17:19:00.000000000 -0400
+++ postfix-3.5.17/src/proxymap/proxymap.c 2021-12-23 17:38:10.000000000 -0500
@@ -232,6 +232,8 @@
#include <htable.h>
#include <stringops.h>
#include <dict.h>
+#include <dict_pipe.h>
+#include <dict_union.h>
/* Global library. */
@@ -296,6 +298,27 @@
#define STR(x) vstring_str(x)
#define VSTREQ(x,y) (strcmp(STR(x),y) == 0)
+/* get_nested_dict_name - return nested dictionary name pointer, or null */
+
+static char *get_nested_dict_name(char *type_name)
+{
+ const struct {
+ const char *type_col;
+ ssize_t type_col_len;
+ } *prefix, prefixes[] = {
+ DICT_TYPE_UNION ":", (sizeof(DICT_TYPE_UNION ":") - 1),
+ DICT_TYPE_PIPE ":", (sizeof(DICT_TYPE_PIPE ":") - 1),
+ };
+
+#define COUNT_OF(x) (sizeof(x)/sizeof((x)[0]))
+
+ for (prefix = prefixes; prefix < prefixes + COUNT_OF(prefixes); prefix++) {
+ if (strncmp(type_name, prefix->type_col, prefix->type_col_len) == 0)
+ return (type_name + prefix->type_col_len);
+ }
+ return (0);
+}
+
/* proxy_map_find - look up or open table */
static DICT *proxy_map_find(const char *map_type_name, int request_flags,
@@ -661,41 +684,17 @@
return (dict_open(map, open_flags, dict_flags));
}
-/* post_jail_init - initialization after privilege drop */
+/* authorize_proxied_maps - recursively authorize maps */
-static void post_jail_init(char *service_name, char **unused_argv)
+static void authorize_proxied_maps(char *bp)
{
const char *sep = CHARS_COMMA_SP;
const char *parens = CHARS_BRACE;
- char *saved_filter;
- char *bp;
char *type_name;
- /*
- * Are we proxy writer?
- */
- if (strcmp(service_name, MAIL_SERVICE_PROXYWRITE) == 0)
- proxy_writer = 1;
- else if (strcmp(service_name, MAIL_SERVICE_PROXYMAP) != 0)
- msg_fatal("service name must be one of %s or %s",
- MAIL_SERVICE_PROXYMAP, MAIL_SERVICE_PROXYMAP);
-
- /*
- * Pre-allocate buffers.
- */
- request = vstring_alloc(10);
- request_map = vstring_alloc(10);
- request_key = vstring_alloc(10);
- request_value = vstring_alloc(10);
- map_type_name_flags = vstring_alloc(10);
-
- /*
- * Prepare the pre-approved list of proxied tables.
- */
- saved_filter = bp = mystrdup(proxy_writer ? var_proxy_write_maps :
- var_proxy_read_maps);
- proxy_auth_maps = htable_create(13);
while ((type_name = mystrtokq(&bp, sep, parens)) != 0) {
+ char *nested_info;
+
/* Maybe { maptype:mapname attr=value... } */
if (*type_name == parens[0]) {
char *err;
@@ -711,6 +710,22 @@
if ((type_name = mystrtokq(&type_name, sep, parens)) == 0)
continue;
}
+ /* Recurse into nested map (pipemap, unionmap). */
+ if ((nested_info = get_nested_dict_name(type_name)) != 0) {
+ char *err;
+
+ if (*nested_info != parens[0])
+ continue;
+ /* Warn about blatant syntax error. */
+ if ((err = extpar(&nested_info, parens, EXTPAR_FLAG_NONE)) != 0) {
+ msg_warn("bad %s parameter value: %s",
+ PROXY_MAP_PARAM_NAME(proxy_writer), err);
+ myfree(err);
+ continue;
+ }
+ authorize_proxied_maps(nested_info);
+ continue;
+ }
if (strncmp(type_name, PROXY_COLON, PROXY_COLON_LEN))
continue;
do {
@@ -724,6 +739,39 @@
PROXY_MAP_PARAM_NAME(proxy_writer));
}
}
+}
+
+/* post_jail_init - initialization after privilege drop */
+
+static void post_jail_init(char *service_name, char **unused_argv)
+{
+ char *saved_filter;
+
+ /*
+ * Are we proxy writer?
+ */
+ if (strcmp(service_name, MAIL_SERVICE_PROXYWRITE) == 0)
+ proxy_writer = 1;
+ else if (strcmp(service_name, MAIL_SERVICE_PROXYMAP) != 0)
+ msg_fatal("service name must be one of %s or %s",
+ MAIL_SERVICE_PROXYMAP, MAIL_SERVICE_PROXYMAP);
+
+ /*
+ * Pre-allocate buffers.
+ */
+ request = vstring_alloc(10);
+ request_map = vstring_alloc(10);
+ request_key = vstring_alloc(10);
+ request_value = vstring_alloc(10);
+ map_type_name_flags = vstring_alloc(10);
+
+ /*
+ * Prepare the pre-approved list of proxied tables.
+ */
+ saved_filter = mystrdup(proxy_writer ? var_proxy_write_maps :
+ var_proxy_read_maps);
+ proxy_auth_maps = htable_create(13);
+ authorize_proxied_maps(saved_filter);
myfree(saved_filter);
/*
diff -Nru postfix-3.5.13/src/qmgr/qmgr_feedback.c postfix-3.5.17/src/qmgr/qmgr_feedback.c
--- postfix-3.5.13/src/qmgr/qmgr_feedback.c 2008-01-08 15:51:44.000000000 -0500
+++ postfix-3.5.17/src/qmgr/qmgr_feedback.c 2021-12-22 17:49:37.000000000 -0500
@@ -109,7 +109,7 @@
double enum_val;
char denom_str[30 + 1];
double denom_val;
- char slash;
+ char slash[1 + 1];
char junk;
char *fbck_name;
char *fbck_val;
@@ -135,7 +135,7 @@
fb->base = -1; /* assume error */
switch (sscanf(fbck_val, "%lf %1[/] %30s%c",
- &enum_val, &slash, denom_str, &junk)) {
+ &enum_val, slash, denom_str, &junk)) {
case 1:
fb->index = QMGR_FEEDBACK_IDX_NONE;
fb->base = enum_val;
diff -Nru postfix-3.5.13/src/smtpd/smtpd.c postfix-3.5.17/src/smtpd/smtpd.c
--- postfix-3.5.13/src/smtpd/smtpd.c 2021-07-24 18:20:43.000000000 -0400
+++ postfix-3.5.17/src/smtpd/smtpd.c 2021-11-15 08:42:43.000000000 -0500
@@ -6419,7 +6419,7 @@
VAR_EOD_CHECKS, DEF_EOD_CHECKS, &var_eod_checks, 0, 0,
VAR_MAPS_RBL_DOMAINS, DEF_MAPS_RBL_DOMAINS, &var_maps_rbl_domains, 0, 0,
VAR_RBL_REPLY_MAPS, DEF_RBL_REPLY_MAPS, &var_rbl_reply_maps, 0, 0,
- VAR_BOUNCE_RCPT, DEF_ERROR_RCPT, &var_bounce_rcpt, 1, 0,
+ VAR_BOUNCE_RCPT, DEF_BOUNCE_RCPT, &var_bounce_rcpt, 1, 0,
VAR_ERROR_RCPT, DEF_ERROR_RCPT, &var_error_rcpt, 1, 0,
VAR_REST_CLASSES, DEF_REST_CLASSES, &var_rest_classes, 0, 0,
VAR_CANONICAL_MAPS, DEF_CANONICAL_MAPS, &var_canonical_maps, 0, 0,
diff -Nru postfix-3.5.13/src/tls/tls_server.c postfix-3.5.17/src/tls/tls_server.c
--- postfix-3.5.13/src/tls/tls_server.c 2020-07-26 13:46:34.000000000 -0400
+++ postfix-3.5.17/src/tls/tls_server.c 2022-10-07 16:57:47.000000000 -0400
@@ -730,6 +730,7 @@
sizeof(server_session_id_context));
SSL_CTX_set_session_cache_mode(server_ctx,
SSL_SESS_CACHE_SERVER |
+ SSL_SESS_CACHE_NO_INTERNAL |
SSL_SESS_CACHE_NO_AUTO_CLEAR);
if (cachable) {
app_ctx->cache_type = mystrdup(props->cache_type);
diff -Nru postfix-3.5.13/src/util/dict_db.c postfix-3.5.17/src/util/dict_db.c
--- postfix-3.5.13/src/util/dict_db.c 2018-11-06 17:25:54.000000000 -0500
+++ postfix-3.5.17/src/util/dict_db.c 2022-02-04 15:55:06.000000000 -0500
@@ -753,7 +753,7 @@
if (type == DB_HASH && db->set_h_nelem(db, DICT_DB_NELM) != 0)
msg_fatal("set DB hash element count %d: %m", DICT_DB_NELM);
db_base_buf = vstring_alloc(100);
-#if DB_VERSION_MAJOR == 6 || DB_VERSION_MAJOR == 5 || \
+#if DB_VERSION_MAJOR == 18 || DB_VERSION_MAJOR == 6 || DB_VERSION_MAJOR == 5 || \
(DB_VERSION_MAJOR == 4 && DB_VERSION_MINOR > 0)
if ((errno = db->open(db, 0, sane_basename(db_base_buf, db_path),
0, type, db_flags, 0644)) != 0)
diff -Nru postfix-3.5.13/src/util/inet_connect.c postfix-3.5.17/src/util/inet_connect.c
--- postfix-3.5.13/src/util/inet_connect.c 2009-01-10 11:57:46.000000000 -0500
+++ postfix-3.5.17/src/util/inet_connect.c 2022-04-18 11:53:13.000000000 -0400
@@ -96,10 +96,13 @@
if ((parse_err = host_port(buf, &host, "localhost", &port, (char *) 0)) != 0)
msg_fatal("%s: %s", addr, parse_err);
if ((aierr = hostname_to_sockaddr(host, port, SOCK_STREAM, &res0)) != 0)
- msg_fatal("host/service %s/%s not found: %s",
- host, port, MAI_STRERROR(aierr));
+ msg_warn("host or service %s not found: %s",
+ addr, MAI_STRERROR(aierr));
myfree(buf);
-
+ if (aierr) {
+ errno = EADDRNOTAVAIL; /* for up-stream "%m" */
+ return (-1);
+ }
proto_info = inet_proto_info();
for (sock = -1, found = 0, res = res0; res != 0; res = res->ai_next) {
diff -Nru postfix-3.5.13/src/util/sys_defs.h postfix-3.5.17/src/util/sys_defs.h
--- postfix-3.5.13/src/util/sys_defs.h 2019-10-13 11:32:18.000000000 -0400
+++ postfix-3.5.17/src/util/sys_defs.h 2022-01-30 18:23:28.000000000 -0500
@@ -827,6 +827,9 @@
#define HAVE_POSIX_GETPW_R
#endif
#endif
+#if HAVE_GLIBC_API_VERSION_SUPPORT(2, 34)
+#define HAS_CLOSEFROM
+#endif
#endif
Reply to: