Changes - j0ke.net Open Build Service

Changes of Revision 61

[-] [+]	Changed	postfix.spec
@@ -28,7 +28,7 @@ Name: postfix Summary: Postfix Mail Transport Agent -Version: 2.11.6 +Version: 2.11.7 Release: 1.1 Epoch: 2014 Group: System Environment/Daemons @@ -475,6 +475,9 @@ %endif %changelog +* Wed Oct 14 2015 Sebastian Heid <sebastian@internetx.com> - 2:2.11.7-1 +- update to 2.11.7 + * Tue Jun 09 2015 Sebastian Heid <sebastian@internetx.com> - 2:2.11.6-1 - update to 2.11.6
[-] [+]	Changed	_service:download_files:postfix-2.11.7.tar.gz/HISTORY ^
@@ -19684,3 +19684,47 @@ SSLv2 or SSLv3. See the RELEASE_NOTES file for how to get the old settings back. Files: global/mail_params.h, proto/postconf.proto, and files derived from those. + +20150903 + + Workaround: disable DNSSEC support for AIX 7x and earlier. + The AIX 6/7 resolver(5) API defines RES_USE_DNSSEC without + defining the "ad" bit. Viktor Dukhovni. Files: makedefs, + proto/INSTALL.html, dns/dns.h. + +20150923 + + Bugfix (introduced: 20120531-617): the Postfix SMTP server + used a larger-than-1 VSTREAM buffer to read the HAProxy + connection hand-off information. This broke TLS wrappermode, + as the TLS helo packet would end up in the plaintext VSTREAM + buffer. Reported by Lukas Erlacher. File: smtpd/smtpd_haproxy.c. + +20150924 + + Bugfix (introduced: 20090216-24): incorrect postmulti error + message. Reported by Patrik Koetter. Fix by Viktor Dukhovni. + File: postmulti/postmulti.c. + + Workaround: don't create a new instance when the template + main.cf and master.cf files are missing, as happens on + Debian-like systems. Viktor Dukhovni. File: conf/postmulti-script. + +20150925 + + Bugfix (introduced: 19970309, fixed 20150421 in development + release): reset errno before calling readdir(), in order + to distinguish between an end-of-directory and an error + condition. File: scandir.c. + +20150930 + + Bugfix (introduced: 20040124): Milter client panic while + adding a header, because the PREPEND action used the same + output function for header_checks and body_checks. Viktor + Dukhovni and Wietse. File: cleanup/cleanup_message.c. + + Bugfix (introduced: 20031128): xtext_unquote() did not + propagate error reports from xtext_unquote_append(), causing + the decoder to return partial ouput, instead of rejecting + malformed input. Fix by Krzysztof Wojta. File: global/xtext.c.
[-] [+]	Changed	_service:download_files:postfix-2.11.7.tar.gz/README_FILES/INSTALL ^
@@ -255,6 +255,9 @@ \|\| \|probably should also override DEF_DB_TYPE as \| \|\| \|described in section 4.4. \| \|_\|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _\|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ \| +\|\|-DNO_DNSSEC \|Do not build with DNSSEC support, even if the \| +\|\| \|resolver library appears to support it. \| +\|_\|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _\|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ \| \|\| \|Do not build with Solaris /dev/poll support. \| \|\|-DNO_DEVPOLL \|By default, /dev/poll support is compiled in \| \|\| \|on Solaris versions that are known to support \|
[-] [+]	Changed	_service:download_files:postfix-2.11.7.tar.gz/conf/postmulti-script ^
@@ -127,6 +127,11 @@ fatal "'$config_directory' lacks a master.cf file" } + test -f $daemon_directory/main.cf \|\| + fatal "Missing main.cf prototype: $daemon_directory/main.cf" + test -f $daemon_directory/master.cf \|\| + fatal "Missing master.cf prototype: $daemon_directory/master.cf" + # Create instance-specific directories # test -d $config_directory \|\|
[-] [+]	Changed	_service:download_files:postfix-2.11.7.tar.gz/html/INSTALL.html ^
@@ -383,6 +383,10 @@ this, then you probably should also override DEF_DB_TYPE as described in section 4.4. </td> </tr> +<tr> <td> </td> <td> -DNO_DNSSEC </td> <td> Do not build with DNSSEC +support, even if the resolver library appears to support it. </td> +</tr> + <tr> <td> </td> <td> -DNO_DEVPOLL </td> <td> Do not build with Solaris <tt>/dev/poll</tt> support. By default, <tt>/dev/poll</tt> support is compiled in on Solaris versions that are known to support
[-] [+]	Changed	_service:download_files:postfix-2.11.7.tar.gz/makedefs ^
@@ -31,6 +31,9 @@ # Do not build with Solaris /dev/poll support. # By default, /dev/poll support is compiled in on platforms that # are known to support it. +# .IP \fB-DNO_DNSSEC\fR +# Do not build with DNSSEC support, even if the resolver +# library appears to support it. # .IP \fB-DNO_EPOLL\fR # Do not build with Linux EPOLL support. # By default, EPOLL support is compiled in on platforms that @@ -259,18 +262,21 @@ ;; AIX.) case "`uname -v`" in 6) SYSTYPE=AIX6 + CCARGS="$CCARGS -DNO_DNSSEC" case "$CC" in cc\|/cc\|xlc\|/xlc) CCARGS="$CCARGS -w -blibpath:/usr/lib:/lib:/usr/local/lib";; esac CCARGS="$CCARGS -D_ALL_SOURCE -DHAS_POSIX_REGEXP" ;; 5) SYSTYPE=AIX5 + CCARGS="$CCARGS -DNO_DNSSEC" case "$CC" in cc\|/cc\|xlc\|/xlc) CCARGS="$CCARGS -w -blibpath:/usr/lib:/lib:/usr/local/lib";; esac CCARGS="$CCARGS -D_ALL_SOURCE -DHAS_POSIX_REGEXP" ;; 4) SYSTYPE=AIX4 + CCARGS="$CCARGS -DNO_DNSSEC" # How embarrassing... case "$CC" in cc\|/cc\|xlc\|*/xlc) OPT=; CCARGS="$CCARGS -w -blibpath:/usr/lib:/lib:/usr/local/lib";;
[-] [+]	Changed	_service:download_files:postfix-2.11.7.tar.gz/proto/INSTALL.html ^
@@ -383,6 +383,10 @@ this, then you probably should also override DEF_DB_TYPE as described in section 4.4. </td> </tr> +<tr> <td> </td> <td> -DNO_DNSSEC </td> <td> Do not build with DNSSEC +support, even if the resolver library appears to support it. </td> +</tr> + <tr> <td> </td> <td> -DNO_DEVPOLL </td> <td> Do not build with Solaris <tt>/dev/poll</tt> support. By default, <tt>/dev/poll</tt> support is compiled in on Solaris versions that are known to support
[-] [+]	Changed	_service:download_files:postfix-2.11.7.tar.gz/src/cleanup/cleanup_message.c ^
@@ -385,11 +385,20 @@ if (STREQUAL(value, "PREPEND", command_len)) { if (optional_text == 0) { msg_warn("PREPEND action without text in %s map", map_class); - } else if (strcmp(context, CLEANUP_ACT_CTXT_HEADER) == 0 - && !is_header(optional_text)) { - msg_warn("bad PREPEND header text \"%s\" in %s map -- " - "need \"headername: headervalue\"", - optional_text, map_class); + } else if (strcmp(context, CLEANUP_ACT_CTXT_HEADER) == 0) { + if (!is_header(optional_text)) { + msg_warn("bad PREPEND header text \"%s\" in %s map -- " + "need \"headername: headervalue\"", + optional_text, map_class); + } else { + VSTRING temp; + + cleanup_act_log(state, "prepend", context, buf, optional_text); + temp = vstring_strcpy(vstring_alloc(strlen(optional_text)), + optional_text); + cleanup_out_header(state, temp); + vstring_free(temp); + } } else { cleanup_act_log(state, "prepend", context, buf, optional_text); cleanup_out_string(state, REC_TYPE_NORM, optional_text);
[-] [+]	Changed	_service:download_files:postfix-2.11.7.tar.gz/src/dns/dns.h ^
@@ -54,6 +54,13 @@ #endif +/* + * Disable DNSSEC at compile-time even if RES_USE_DNSSEC is available + / +#ifdef NO_DNSSEC +#undef RES_USE_DNSSEC +#endif + / * Compatibility with systems that lack RES_USE_DNSSEC and RES_USE_EDNS0 */
[-] [+]	Changed	_service:download_files:postfix-2.11.7.tar.gz/src/global/mail_version.h ^
@@ -20,8 +20,8 @@ * Patches change both the patchlevel and the release date. Snapshots have no * patchlevel; they change the release date only. */ -#define MAIL_RELEASE_DATE "20150720" -#define MAIL_VERSION_NUMBER "2.11.6" +#define MAIL_RELEASE_DATE "20151010" +#define MAIL_VERSION_NUMBER "2.11.7" #ifdef SNAPSHOT #define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE
[-] [+]	Changed	_service:download_files:postfix-2.11.7.tar.gz/src/global/xtext.c ^
@@ -134,8 +134,7 @@ VSTRING xtext_unquote(VSTRING unquoted, const char *quoted) { VSTRING_RESET(unquoted); - xtext_unquote_append(unquoted, quoted); - return (unquoted); + return (xtext_unquote_append(unquoted, quoted) ? unquoted : 0); } #ifdef TEST
[-] [+]	Changed	_service:download_files:postfix-2.11.7.tar.gz/src/postmulti/postmulti.c ^
@@ -1689,7 +1689,7 @@ case 'e': if ((code = EDIT_CMD_CODE(optarg)) < 0) msg_fatal("Invalid '-e' edit action '%s'. Specify '%s', " - "'%s', '%s', '%s', '%s', '%s', '%s', '%s' or '%s'", + "'%s', '%s', '%s', '%s', '%s', '%s' or '%s'", optarg, EDIT_CMD_STR(EDIT_CMD_CREATE), EDIT_CMD_STR(EDIT_CMD_DESTROY), @@ -1698,8 +1698,7 @@ EDIT_CMD_STR(EDIT_CMD_ENABLE), EDIT_CMD_STR(EDIT_CMD_DISABLE), EDIT_CMD_STR(EDIT_CMD_ASSIGN), - EDIT_CMD_STR(EDIT_CMD_INIT), - optarg); + EDIT_CMD_STR(EDIT_CMD_INIT)); if (cmd_mode != code) command_mode_count++; cmd_mode = code;
[-] [+]	Changed	_service:download_files:postfix-2.11.7.tar.gz/src/smtpd/smtpd_haproxy.c ^
@@ -96,6 +96,14 @@ VSTRING escape_buf; / + * While reading HAProxy handshake information, don't buffer input beyond + * the end-of-line. That would break the TLS wrappermode handshake. + / + vstream_control(state->client, + VSTREAM_CTL_BUFSIZE, 1, + VSTREAM_CTL_END); + + / * Note: the haproxy_srvr_parse() routine performs address protocol * checks, address and port syntax checks, and converts IPv4-in-IPv6 * address string syntax (:ffff::1.2.3.4) to IPv4 syntax where permitted @@ -142,6 +150,13 @@ * Avoid surprises in the Dovecot authentication server. / state->dest_addr = mystrdup(smtp_server_addr.buf); + + / + * Enable normal buffering. + */ + vstream_control(state->client, + VSTREAM_CTL_BUFSIZE, VSTREAM_BUFSIZE, + VSTREAM_CTL_END); return (0); } }
[-] [+]	Changed	_service:download_files:postfix-2.11.7.tar.gz/src/util/scan_dir.c ^
@@ -78,6 +78,7 @@ #endif #endif #include <string.h> +#include <errno.h> /* Utility library. / @@ -177,6 +178,13 @@ #define STREQ(x,y) (strcmp((x),(y)) == 0) if (info) { + + / + * Fix 20150421: readdir() does not reset errno after reaching the + * end-of-directory. This dates back all the way to the initial + * implementation of 19970309. + */ + errno = 0; while ((dp = readdir(info->dir)) != 0) { if (STREQ(dp->d_name, ".") \|\| STREQ(dp->d_name, "..")) { if (msg_verbose > 1)