Compare commits
	
		
			No commits in common. "c8" and "c9" have entirely different histories.
		
	
	
		
	
		
							
								
								
									
										2
									
								
								.gitignore
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										2
									
								
								.gitignore
									
									
									
									
										vendored
									
									
								
							| @ -1,2 +1,2 @@ | |||||||
| SOURCES/pflogsumm-1.1.5.tar.gz | SOURCES/pflogsumm-1.1.5.tar.gz | ||||||
| SOURCES/postfix-3.5.8.tar.gz | SOURCES/postfix-3.5.25.tar.gz | ||||||
|  | |||||||
| @ -1,2 +1,2 @@ | |||||||
| d18daa19d725e64c2b7e6c8da458b2d563272645 SOURCES/pflogsumm-1.1.5.tar.gz | d18daa19d725e64c2b7e6c8da458b2d563272645 SOURCES/pflogsumm-1.1.5.tar.gz | ||||||
| 1dfb10729498be5d387dc730117c2a845dd93ac0 SOURCES/postfix-3.5.8.tar.gz | f4113ea664e9b240ec11e64799c06f9e0650e2d5 SOURCES/postfix-3.5.25.tar.gz | ||||||
|  | |||||||
| @ -1,65 +0,0 @@ | |||||||
| This Postfix build behaves differently from the upstream postfix-3.5.8. |  | ||||||
| It's because in RHEL-8 backward compatibility is kept to postfix-3.3.1. |  | ||||||
| 
 |  | ||||||
| For the upstream postfix-3.5.8 behavior either run the following commands: |  | ||||||
| 
 |  | ||||||
| # postconf info_log_address_format=external |  | ||||||
| # postconf smtpd_discard_ehlo_keywords= |  | ||||||
| # postconf rhel_ipv6_normalize=yes |  | ||||||
| 
 |  | ||||||
| Or go through the following steps: |  | ||||||
| 
 |  | ||||||
| 1. Change the configuration option 'info_log_address_format' to 'external'. |  | ||||||
| In RHEL-8 it's by default set to 'internal' to mitigate [Incompat 20191109]. |  | ||||||
| 
 |  | ||||||
| 2. Change the configuration option 'smtpd_discard_ehlo_keywords' to ''. |  | ||||||
| In RHEL-8 it's by default set to 'chunking' to mitigate [Incompat 20180826]. |  | ||||||
| 
 |  | ||||||
| 3. Add RHEL-8 specific configuration option 'rhel_ipv6_normalize' and set it |  | ||||||
| to 'yes'. In RHEL-8 this option was added to mitigate [Incompat 20190427]. |  | ||||||
| 
 |  | ||||||
| Details from the upstream RELEASE_NOTES: |  | ||||||
| 
 |  | ||||||
| [Incompat 20191109] |  | ||||||
| Postfix daemon processes now log the from= and |  | ||||||
| to= addresses in external (quoted) form in non-debug logging (info, |  | ||||||
| warning, etc.).  This means that when an address localpart contains |  | ||||||
| spaces or other special characters, the localpart will be quoted, |  | ||||||
| for example: |  | ||||||
| 
 |  | ||||||
|     from=<"name with spaces"@example.com> |  | ||||||
| 
 |  | ||||||
| Older Postfix versions would log the internal (unquoted) form: |  | ||||||
| 
 |  | ||||||
|     from=<name with spaces@example.com> |  | ||||||
| 
 |  | ||||||
| The external and internal forms are identical for the vast majority |  | ||||||
| of email addresses that contain no spaces or other special characters |  | ||||||
| in the localpart. |  | ||||||
| 
 |  | ||||||
| Specify "info_log_address_format = internal" for backwards |  | ||||||
| compatibility. |  | ||||||
| 
 |  | ||||||
| The logging in external form is consistent with the address form |  | ||||||
| that Postfix 3.2 and later prefer for table lookups. It is therefore |  | ||||||
| the more useful form for non-debug logging. |  | ||||||
| 
 |  | ||||||
| [Incompat 20180826] |  | ||||||
| The Postfix SMTP server announces CHUNKING (BDAT |  | ||||||
| command) by default. In the unlikely case that this breaks some |  | ||||||
| important remote SMTP client, disable the feature as follows: |  | ||||||
| 
 |  | ||||||
| /etc/postfix/main.cf: |  | ||||||
|     # The logging alternative: |  | ||||||
|     smtpd_discard_ehlo_keywords = chunking |  | ||||||
|     # The non-logging alternative: |  | ||||||
|     smtpd_discard_ehlo_keywords = chunking, silent_discard |  | ||||||
| 
 |  | ||||||
| See BDAT_README for more. |  | ||||||
| 
 |  | ||||||
| [Incompat 20190427] |  | ||||||
| Postfix now normalizes IP addresses received |  | ||||||
| with XCLIENT, XFORWARD, or with the HaProxy protocol, for consistency |  | ||||||
| with direct connections to Postfix. This may change the appearance |  | ||||||
| of logging, and the way that check_client_access will match subnets |  | ||||||
| of an IPv6 address. |  | ||||||
| @ -1,14 +1,8 @@ | |||||||
| commit 4b486868473462f9b65cc3ad44c48c2e68ee45ee |  | ||||||
| Author: Tomas Korbar <tkorbar@redhat.com> |  | ||||||
| Date:   Wed May 17 13:17:30 2023 +0200 |  | ||||||
| 
 |  | ||||||
|     Backport SRV record resolution feature |  | ||||||
| 
 |  | ||||||
| diff --git a/mantools/postlink b/mantools/postlink
 | diff --git a/mantools/postlink b/mantools/postlink
 | ||||||
| index 46f187e..f738fd3 100755
 | index 41fa110..ef005e0 100755
 | ||||||
| --- a/mantools/postlink
 | --- a/mantools/postlink
 | ||||||
| +++ b/mantools/postlink
 | +++ b/mantools/postlink
 | ||||||
| @@ -1128,6 +1128,10 @@ while (<>) {
 | @@ -1136,6 +1136,10 @@ while (<>) {
 | ||||||
|      s;\bpostlog_service_name\b;<a href="postconf.5.html#postlog_service_name">$&</a>;g; |      s;\bpostlog_service_name\b;<a href="postconf.5.html#postlog_service_name">$&</a>;g; | ||||||
|      s;\bpostlogd_watchdog_timeout\b;<a href="postconf.5.html#postlogd_watchdog_timeout">$&</a>;g; |      s;\bpostlogd_watchdog_timeout\b;<a href="postconf.5.html#postlogd_watchdog_timeout">$&</a>;g; | ||||||
|   |   | ||||||
| @ -20,14 +14,13 @@ index 46f187e..f738fd3 100755 | |||||||
|   |   | ||||||
|      s;\bpolicy_time_limit\b;<a href="postconf.5.html#transport_time_limit">$&</a>;g; |      s;\bpolicy_time_limit\b;<a href="postconf.5.html#transport_time_limit">$&</a>;g; | ||||||
| diff --git a/proto/postconf.proto b/proto/postconf.proto
 | diff --git a/proto/postconf.proto b/proto/postconf.proto
 | ||||||
| index 3d53657..29d0aa5 100644
 | index 844d248..2c04326 100644
 | ||||||
| --- a/proto/postconf.proto
 | --- a/proto/postconf.proto
 | ||||||
| +++ b/proto/postconf.proto
 | +++ b/proto/postconf.proto
 | ||||||
| @@ -17698,3 +17698,111 @@ with quotes and backslashes. An attacker should not be able to use
 | @@ -18039,3 +18039,111 @@ to enable. This feature is enabled by default with Postfix ≥
 | ||||||
|  such games to circumvent Postfix access policies. </p> |  | ||||||
|   |   | ||||||
|  <p> This feature is available in Postfix 3.5 and later. </p> |  <p> This feature is available in Postfix ≥ 3.9, 3.8.1, 3.7.6, | ||||||
| +
 |  3.6.10, and 3.5.20. </p> | ||||||
| +
 | +
 | ||||||
| +%PARAM use_srv_lookup
 | +%PARAM use_srv_lookup
 | ||||||
| +
 | +
 | ||||||
| @ -135,11 +128,12 @@ index 3d53657..29d0aa5 100644 | |||||||
| +to MX or IP address lookup as if SRV record lookup was not enabled. <p>
 | +to MX or IP address lookup as if SRV record lookup was not enabled. <p>
 | ||||||
| +
 | +
 | ||||||
| +<p> This feature was backported from Postfix 3.8. </p>
 | +<p> This feature was backported from Postfix 3.8. </p>
 | ||||||
|  | +
 | ||||||
| diff --git a/src/dns/dns.h b/src/dns/dns.h
 | diff --git a/src/dns/dns.h b/src/dns/dns.h
 | ||||||
| index b8c4c4a..aac3ca9 100644
 | index 27d2ab9..be2cb67 100644
 | ||||||
| --- a/src/dns/dns.h
 | --- a/src/dns/dns.h
 | ||||||
| +++ b/src/dns/dns.h
 | +++ b/src/dns/dns.h
 | ||||||
| @@ -147,10 +147,12 @@ typedef struct DNS_RR {
 | @@ -147,12 +147,14 @@ typedef struct DNS_RR {
 | ||||||
|      unsigned short class;		/* C_IN, etc. */ |      unsigned short class;		/* C_IN, etc. */ | ||||||
|      unsigned int ttl;			/* always */ |      unsigned int ttl;			/* always */ | ||||||
|      unsigned int dnssec_valid;		/* DNSSEC validated */ |      unsigned int dnssec_valid;		/* DNSSEC validated */ | ||||||
| @ -147,14 +141,16 @@ index b8c4c4a..aac3ca9 100644 | |||||||
| +    unsigned short pref;		/* T_MX and T_SRV record related */
 | +    unsigned short pref;		/* T_MX and T_SRV record related */
 | ||||||
| +    unsigned short weight;		/* T_SRV related, defined in rfc2782 */
 | +    unsigned short weight;		/* T_SRV related, defined in rfc2782 */
 | ||||||
| +    unsigned short port;		/* T_SRV related, defined in rfc2782 */
 | +    unsigned short port;		/* T_SRV related, defined in rfc2782 */
 | ||||||
|  |      /* Assume that flags lives in what was previously padding */ | ||||||
|  |      unsigned short flags;		/* DNS_RR_FLAG_XX, see below */ | ||||||
|      struct DNS_RR *next;		/* linkage */ |      struct DNS_RR *next;		/* linkage */ | ||||||
|      size_t  data_len;			/* actual data size */ |      size_t  data_len;			/* actual data size */ | ||||||
| -    char    data[1];			/* actually a bunch of data */
 | -    char    data[1];			/* actually a bunch of data */
 | ||||||
| +    char    *data;			/* a bunch of data */
 | +    char    *data;			/* a bunch of data */
 | ||||||
|  } DNS_RR; |  } DNS_RR; | ||||||
|   |   | ||||||
|   /* |  #define DNS_RR_FLAG_TRUNCATED	(1<<0) | ||||||
| @@ -172,14 +174,29 @@ extern char *dns_strrecord(VSTRING *, DNS_RR *);
 | @@ -178,14 +180,29 @@ extern char *dns_strrecord(VSTRING *, DNS_RR *);
 | ||||||
|   /* |   /* | ||||||
|    * dns_rr.c |    * dns_rr.c | ||||||
|    */ |    */ | ||||||
| @ -184,7 +180,7 @@ index b8c4c4a..aac3ca9 100644 | |||||||
|  extern int dns_rr_compare_pref_ipv6(DNS_RR *, DNS_RR *); |  extern int dns_rr_compare_pref_ipv6(DNS_RR *, DNS_RR *); | ||||||
|  extern int dns_rr_compare_pref_ipv4(DNS_RR *, DNS_RR *); |  extern int dns_rr_compare_pref_ipv4(DNS_RR *, DNS_RR *); | ||||||
|  extern int dns_rr_compare_pref_any(DNS_RR *, DNS_RR *); |  extern int dns_rr_compare_pref_any(DNS_RR *, DNS_RR *); | ||||||
| @@ -278,8 +295,9 @@ extern int dns_lookup_rv(const char *, unsigned, DNS_RR **, VSTRING *,
 | @@ -290,8 +307,9 @@ extern int dns_lookup_rv(const char *, unsigned, DNS_RR **, VSTRING *,
 | ||||||
|    * Below is the precedence order. The order between DNS_RETRY and DNS_NOTFOUND |    * Below is the precedence order. The order between DNS_RETRY and DNS_NOTFOUND | ||||||
|    * is arbitrary. |    * is arbitrary. | ||||||
|    */ |    */ | ||||||
| @ -197,10 +193,10 @@ index b8c4c4a..aac3ca9 100644 | |||||||
|  #define DNS_FAIL	(-4)		/* query failed, don't retry */ |  #define DNS_FAIL	(-4)		/* query failed, don't retry */ | ||||||
|  #define DNS_INVAL	(-3)		/* query ok, malformed reply */ |  #define DNS_INVAL	(-3)		/* query ok, malformed reply */ | ||||||
| diff --git a/src/dns/dns_lookup.c b/src/dns/dns_lookup.c
 | diff --git a/src/dns/dns_lookup.c b/src/dns/dns_lookup.c
 | ||||||
| index 11c9281..1aa97a4 100644
 | index 30bfc9e..f62ca54 100644
 | ||||||
| --- a/src/dns/dns_lookup.c
 | --- a/src/dns/dns_lookup.c
 | ||||||
| +++ b/src/dns/dns_lookup.c
 | +++ b/src/dns/dns_lookup.c
 | ||||||
| @@ -688,6 +688,8 @@ static int dns_get_rr(DNS_RR **list, const char *orig_name, DNS_REPLY *reply,
 | @@ -691,6 +691,8 @@ static int dns_get_rr(DNS_RR **list, const char *orig_name, DNS_REPLY *reply,
 | ||||||
|      int     comp_len; |      int     comp_len; | ||||||
|      ssize_t data_len; |      ssize_t data_len; | ||||||
|      unsigned pref = 0; |      unsigned pref = 0; | ||||||
| @ -209,7 +205,7 @@ index 11c9281..1aa97a4 100644 | |||||||
|      unsigned char *src; |      unsigned char *src; | ||||||
|      unsigned char *dst; |      unsigned char *dst; | ||||||
|      int     ch; |      int     ch; | ||||||
| @@ -713,6 +715,18 @@ static int dns_get_rr(DNS_RR **list, const char *orig_name, DNS_REPLY *reply,
 | @@ -716,6 +718,18 @@ static int dns_get_rr(DNS_RR **list, const char *orig_name, DNS_REPLY *reply,
 | ||||||
|  	    return (DNS_INVAL); |  	    return (DNS_INVAL); | ||||||
|  	data_len = strlen(temp) + 1; |  	data_len = strlen(temp) + 1; | ||||||
|  	break; |  	break; | ||||||
| @ -228,7 +224,7 @@ index 11c9281..1aa97a4 100644 | |||||||
|      case T_MX: |      case T_MX: | ||||||
|  	GETSHORT(pref, pos); |  	GETSHORT(pref, pos); | ||||||
|  	if (dn_expand(reply->buf, reply->end, pos, temp, sizeof(temp)) < 0) |  	if (dn_expand(reply->buf, reply->end, pos, temp, sizeof(temp)) < 0) | ||||||
| @@ -808,7 +822,7 @@ static int dns_get_rr(DNS_RR **list, const char *orig_name, DNS_REPLY *reply,
 | @@ -811,7 +825,7 @@ static int dns_get_rr(DNS_RR **list, const char *orig_name, DNS_REPLY *reply,
 | ||||||
|  	break; |  	break; | ||||||
|      } |      } | ||||||
|      *list = dns_rr_create(orig_name, rr_name, fixed->type, fixed->class, |      *list = dns_rr_create(orig_name, rr_name, fixed->type, fixed->class, | ||||||
| @ -237,16 +233,16 @@ index 11c9281..1aa97a4 100644 | |||||||
|      return (DNS_OK); |      return (DNS_OK); | ||||||
|  } |  } | ||||||
|   |   | ||||||
| @@ -906,7 +920,7 @@ static int dns_get_answer(const char *orig_name, DNS_REPLY *reply, int type,
 | @@ -913,7 +927,7 @@ static int dns_get_answer(const char *orig_name, DNS_REPLY *reply, int type,
 | ||||||
|  		    resource_found++; |  | ||||||
|  		    rr->dnssec_valid = *maybe_secure ? reply->dnssec_ad : 0; |  | ||||||
|  		    *rrlist = dns_rr_append(*rrlist, rr); |  		    *rrlist = dns_rr_append(*rrlist, rr); | ||||||
|  |  		    if (DNS_RR_IS_TRUNCATED(*rrlist)) | ||||||
|  |  			break; | ||||||
| -		} else if (status == DNS_NULLMX) {
 | -		} else if (status == DNS_NULLMX) {
 | ||||||
| +		} else if (status == DNS_NULLMX || status == DNS_NULLSRV) {
 | +		} else if (status == DNS_NULLMX || status == DNS_NULLSRV) {
 | ||||||
|  		    CORRUPT(status);		/* TODO: use better name */ |  		    CORRUPT(status);		/* TODO: use better name */ | ||||||
|  		} else if (not_found_status != DNS_RETRY) |  		} else if (not_found_status != DNS_RETRY) | ||||||
|  		    not_found_status = status; |  		    not_found_status = status; | ||||||
| @@ -1032,6 +1046,12 @@ int     dns_lookup_x(const char *name, unsigned type, unsigned flags,
 | @@ -1047,6 +1061,12 @@ int     dns_lookup_x(const char *name, unsigned type, unsigned flags,
 | ||||||
|  				name); |  				name); | ||||||
|  	    SET_H_ERRNO(NO_DATA); |  	    SET_H_ERRNO(NO_DATA); | ||||||
|  	    return (status); |  	    return (status); | ||||||
| @ -260,7 +256,7 @@ index 11c9281..1aa97a4 100644 | |||||||
|  	    if (rrlist && dns_rr_filter_maps) { |  	    if (rrlist && dns_rr_filter_maps) { | ||||||
|  		if (dns_rr_filter_execute(rrlist) < 0) { |  		if (dns_rr_filter_execute(rrlist) < 0) { | ||||||
| diff --git a/src/dns/dns_rr.c b/src/dns/dns_rr.c
 | diff --git a/src/dns/dns_rr.c b/src/dns/dns_rr.c
 | ||||||
| index b550788..15b5dee 100644
 | index cf82f9f..c99fd4d 100644
 | ||||||
| --- a/src/dns/dns_rr.c
 | --- a/src/dns/dns_rr.c
 | ||||||
| +++ b/src/dns/dns_rr.c
 | +++ b/src/dns/dns_rr.c
 | ||||||
| @@ -7,13 +7,15 @@
 | @@ -7,13 +7,15 @@
 | ||||||
| @ -280,10 +276,10 @@ index b550788..15b5dee 100644 | |||||||
|  /*	const char *data; |  /*	const char *data; | ||||||
|  /*	size_t data_len; |  /*	size_t data_len; | ||||||
|  /* |  /* | ||||||
| @@ -49,6 +51,30 @@
 | @@ -51,6 +53,30 @@
 | ||||||
|  /*	DNS_RR	*dns_rr_remove(list, record) |  | ||||||
|  /*	DNS_RR	*list; |  | ||||||
|  /*	DNS_RR	*record; |  /*	DNS_RR	*record; | ||||||
|  |  /* | ||||||
|  |  /*	int	var_dns_rr_list_limit; | ||||||
| +/*
 | +/*
 | ||||||
| +/*	DNS_RR	*dns_srv_rr_sort(list)
 | +/*	DNS_RR	*dns_srv_rr_sort(list)
 | ||||||
| +/*	DNS_RR	*list;
 | +/*	DNS_RR	*list;
 | ||||||
| @ -311,7 +307,7 @@ index b550788..15b5dee 100644 | |||||||
|  /* DESCRIPTION |  /* DESCRIPTION | ||||||
|  /*	The routines in this module maintain memory for DNS resource record |  /*	The routines in this module maintain memory for DNS resource record | ||||||
|  /*	information, and maintain lists of DNS resource records. |  /*	information, and maintain lists of DNS resource records. | ||||||
| @@ -56,10 +82,14 @@
 | @@ -58,10 +84,14 @@
 | ||||||
|  /*	dns_rr_create() creates and initializes one resource record. |  /*	dns_rr_create() creates and initializes one resource record. | ||||||
|  /*	The \fIqname\fR field specifies the query name. |  /*	The \fIqname\fR field specifies the query name. | ||||||
|  /*	The \fIrname\fR field specifies the reply name. |  /*	The \fIrname\fR field specifies the reply name. | ||||||
| @ -327,7 +323,7 @@ index b550788..15b5dee 100644 | |||||||
|  /*	dns_rr_free() releases the resource used by of zero or more |  /*	dns_rr_free() releases the resource used by of zero or more | ||||||
|  /*	resource records. |  /*	resource records. | ||||||
|  /* |  /* | ||||||
| @@ -81,6 +111,9 @@
 | @@ -91,6 +121,9 @@
 | ||||||
|  /*	dns_rr_remove() removes the specified record from the specified list. |  /*	dns_rr_remove() removes the specified record from the specified list. | ||||||
|  /*	The updated list is the result value. |  /*	The updated list is the result value. | ||||||
|  /*	The record MUST be a list member. |  /*	The record MUST be a list member. | ||||||
| @ -337,7 +333,7 @@ index b550788..15b5dee 100644 | |||||||
|  /* LICENSE |  /* LICENSE | ||||||
|  /* .ad |  /* .ad | ||||||
|  /* .fi |  /* .fi | ||||||
| @@ -113,11 +146,15 @@
 | @@ -133,11 +166,15 @@ int     var_dns_rr_list_limit = 100;
 | ||||||
|  DNS_RR *dns_rr_create(const char *qname, const char *rname, |  DNS_RR *dns_rr_create(const char *qname, const char *rname, | ||||||
|  		              ushort type, ushort class, |  		              ushort type, ushort class, | ||||||
|  		              unsigned int ttl, unsigned pref, |  		              unsigned int ttl, unsigned pref, | ||||||
| @ -354,7 +350,7 @@ index b550788..15b5dee 100644 | |||||||
|      rr->qname = mystrdup(qname); |      rr->qname = mystrdup(qname); | ||||||
|      rr->rname = mystrdup(rname); |      rr->rname = mystrdup(rname); | ||||||
|      rr->type = type; |      rr->type = type; | ||||||
| @@ -125,8 +162,14 @@ DNS_RR *dns_rr_create(const char *qname, const char *rname,
 | @@ -145,8 +182,14 @@ DNS_RR *dns_rr_create(const char *qname, const char *rname,
 | ||||||
|      rr->ttl = ttl; |      rr->ttl = ttl; | ||||||
|      rr->dnssec_valid = 0; |      rr->dnssec_valid = 0; | ||||||
|      rr->pref = pref; |      rr->pref = pref; | ||||||
| @ -369,8 +365,8 @@ index b550788..15b5dee 100644 | |||||||
| +    }
 | +    }
 | ||||||
|      rr->data_len = data_len; |      rr->data_len = data_len; | ||||||
|      rr->next = 0; |      rr->next = 0; | ||||||
|      return (rr); |      rr->flags = 0; | ||||||
| @@ -141,6 +184,8 @@ void    dns_rr_free(DNS_RR *rr)
 | @@ -162,6 +205,8 @@ void    dns_rr_free(DNS_RR *rr)
 | ||||||
|  	    dns_rr_free(rr->next); |  	    dns_rr_free(rr->next); | ||||||
|  	myfree(rr->qname); |  	myfree(rr->qname); | ||||||
|  	myfree(rr->rname); |  	myfree(rr->rname); | ||||||
| @ -379,7 +375,7 @@ index b550788..15b5dee 100644 | |||||||
|  	myfree((void *) rr); |  	myfree((void *) rr); | ||||||
|      } |      } | ||||||
|  } |  } | ||||||
| @@ -149,16 +194,17 @@ void    dns_rr_free(DNS_RR *rr)
 | @@ -170,16 +215,17 @@ void    dns_rr_free(DNS_RR *rr)
 | ||||||
|   |   | ||||||
|  DNS_RR *dns_rr_copy(DNS_RR *src) |  DNS_RR *dns_rr_copy(DNS_RR *src) | ||||||
|  { |  { | ||||||
| @ -401,7 +397,7 @@ index b550788..15b5dee 100644 | |||||||
|      dst->next = 0; |      dst->next = 0; | ||||||
|      return (dst); |      return (dst); | ||||||
|  } |  } | ||||||
| @@ -247,6 +293,12 @@ DNS_RR *dns_rr_sort(DNS_RR *list, int (*compar) (DNS_RR *, DNS_RR *))
 | @@ -312,6 +358,12 @@ DNS_RR *dns_rr_sort(DNS_RR *list, int (*compar) (DNS_RR *, DNS_RR *))
 | ||||||
|      int     len; |      int     len; | ||||||
|      int     i; |      int     i; | ||||||
|   |   | ||||||
| @ -414,7 +410,7 @@ index b550788..15b5dee 100644 | |||||||
|      /* |      /* | ||||||
|       * Save state and initialize. |       * Save state and initialize. | ||||||
|       */ |       */ | ||||||
| @@ -293,6 +345,12 @@ DNS_RR *dns_rr_shuffle(DNS_RR *list)
 | @@ -358,6 +410,12 @@ DNS_RR *dns_rr_shuffle(DNS_RR *list)
 | ||||||
|      int     i; |      int     i; | ||||||
|      int     r; |      int     r; | ||||||
|   |   | ||||||
| @ -427,7 +423,7 @@ index b550788..15b5dee 100644 | |||||||
|      /* |      /* | ||||||
|       * Build linear array with pointers to each list element. |       * Build linear array with pointers to each list element. | ||||||
|       */ |       */ | ||||||
| @@ -345,3 +403,141 @@ DNS_RR *dns_rr_remove(DNS_RR *list, DNS_RR *record)
 | @@ -410,3 +468,141 @@ DNS_RR *dns_rr_remove(DNS_RR *list, DNS_RR *record)
 | ||||||
|      } |      } | ||||||
|      return (list); |      return (list); | ||||||
|  } |  } | ||||||
| @ -633,12 +629,12 @@ index 70e59ac..7eebe3c 100644 | |||||||
|   |   | ||||||
|  /* dns_strtype - translate DNS query type to string */ |  /* dns_strtype - translate DNS query type to string */ | ||||||
| diff --git a/src/global/mail_params.h b/src/global/mail_params.h
 | diff --git a/src/global/mail_params.h b/src/global/mail_params.h
 | ||||||
| index 74459d9..f8bb550 100644
 | index f61227c..963db5d 100644
 | ||||||
| --- a/src/global/mail_params.h
 | --- a/src/global/mail_params.h
 | ||||||
| +++ b/src/global/mail_params.h
 | +++ b/src/global/mail_params.h
 | ||||||
| @@ -4206,6 +4206,21 @@ extern char *var_info_log_addr_form;
 | @@ -4267,6 +4267,21 @@ extern char *var_info_log_addr_form;
 | ||||||
|  #define DEF_RHEL_IPV6_NORMALIZE	0 |  #define DEF_DNSSEC_PROBE	"ns:." | ||||||
|  extern bool var_rhel_ipv6_normalize; |  extern char *var_dnssec_probe; | ||||||
|   |   | ||||||
| + /*
 | + /*
 | ||||||
| +  * SRV lookup support.
 | +  * SRV lookup support.
 | ||||||
| @ -659,7 +655,7 @@ index 74459d9..f8bb550 100644 | |||||||
|  /* .ad |  /* .ad | ||||||
|  /* .fi |  /* .fi | ||||||
| diff --git a/src/posttls-finger/posttls-finger.c b/src/posttls-finger/posttls-finger.c
 | diff --git a/src/posttls-finger/posttls-finger.c b/src/posttls-finger/posttls-finger.c
 | ||||||
| index a3a9946..b428cb3 100644
 | index ce5d2c0..3cd11ec 100644
 | ||||||
| --- a/src/posttls-finger/posttls-finger.c
 | --- a/src/posttls-finger/posttls-finger.c
 | ||||||
| +++ b/src/posttls-finger/posttls-finger.c
 | +++ b/src/posttls-finger/posttls-finger.c
 | ||||||
| @@ -236,6 +236,8 @@
 | @@ -236,6 +236,8 @@
 | ||||||
| @ -709,7 +705,7 @@ index a3a9946..b428cb3 100644 | |||||||
|  	    addr_list = dns_rr_append(addr_list, addr); |  	    addr_list = dns_rr_append(addr_list, addr); | ||||||
|  	    return (addr_list); |  	    return (addr_list); | ||||||
|  	default: |  	default: | ||||||
| @@ -1277,15 +1284,15 @@ static DNS_RR *mx_addr_list(STATE *state, DNS_RR *mx_names)
 | @@ -1279,17 +1286,17 @@ static DNS_RR *mx_addr_list(STATE *state, DNS_RR *mx_names)
 | ||||||
|  #endif |  #endif | ||||||
|   |   | ||||||
|      for (rr = mx_names; rr; rr = rr->next) { |      for (rr = mx_names; rr; rr = rr->next) { | ||||||
| @ -719,6 +715,8 @@ index a3a9946..b428cb3 100644 | |||||||
|  	addr_list = addr_one(state, addr_list, (char *) rr->data, res_opt, |  	addr_list = addr_one(state, addr_list, (char *) rr->data, res_opt, | ||||||
| -			     rr->pref);
 | -			     rr->pref);
 | ||||||
| +			     rr->pref, rr->port);
 | +			     rr->pref, rr->port);
 | ||||||
|  |  	if (addr_list && DNS_RR_IS_TRUNCATED(addr_list)) | ||||||
|  |  	    break; | ||||||
|      } |      } | ||||||
|      return (addr_list); |      return (addr_list); | ||||||
|  } |  } | ||||||
| @ -728,7 +726,7 @@ index a3a9946..b428cb3 100644 | |||||||
|   |   | ||||||
|  static DNS_RR *domain_addr(STATE *state, char *domain) |  static DNS_RR *domain_addr(STATE *state, char *domain) | ||||||
|  { |  { | ||||||
| @@ -1350,6 +1357,74 @@ static DNS_RR *domain_addr(STATE *state, char *domain)
 | @@ -1354,6 +1361,74 @@ static DNS_RR *domain_addr(STATE *state, char *domain)
 | ||||||
|      return (addr_list); |      return (addr_list); | ||||||
|  } |  } | ||||||
|   |   | ||||||
| @ -803,7 +801,7 @@ index a3a9946..b428cb3 100644 | |||||||
|  /* host_addr - direct host lookup */ |  /* host_addr - direct host lookup */ | ||||||
|   |   | ||||||
|  static DNS_RR *host_addr(STATE *state, const char *host) |  static DNS_RR *host_addr(STATE *state, const char *host) | ||||||
| @@ -1376,7 +1451,8 @@ static DNS_RR *host_addr(STATE *state, const char *host)
 | @@ -1380,7 +1455,8 @@ static DNS_RR *host_addr(STATE *state, const char *host)
 | ||||||
|  	ahost = host; |  	ahost = host; | ||||||
|   |   | ||||||
|  #define PREF0	0 |  #define PREF0	0 | ||||||
| @ -813,7 +811,7 @@ index a3a9946..b428cb3 100644 | |||||||
|      if (addr_list && addr_list->next) { |      if (addr_list && addr_list->next) { | ||||||
|  	addr_list = dns_rr_shuffle(addr_list); |  	addr_list = dns_rr_shuffle(addr_list); | ||||||
|  	if (inet_proto_info()->ai_family_list[1] != 0) |  	if (inet_proto_info()->ai_family_list[1] != 0) | ||||||
| @@ -1465,7 +1541,8 @@ static int dane_host_level(STATE *state, DNS_RR *addr)
 | @@ -1469,7 +1545,8 @@ static int dane_host_level(STATE *state, DNS_RR *addr)
 | ||||||
|  /* parse_destination - parse host/port destination */ |  /* parse_destination - parse host/port destination */ | ||||||
|   |   | ||||||
|  static char *parse_destination(char *destination, char *def_service, |  static char *parse_destination(char *destination, char *def_service, | ||||||
| @ -823,7 +821,7 @@ index a3a9946..b428cb3 100644 | |||||||
|  { |  { | ||||||
|      char   *buf = mystrdup(destination); |      char   *buf = mystrdup(destination); | ||||||
|      char   *service; |      char   *service; | ||||||
| @@ -1481,12 +1558,13 @@ static char *parse_destination(char *destination, char *def_service,
 | @@ -1485,12 +1562,13 @@ static char *parse_destination(char *destination, char *def_service,
 | ||||||
|       * Parse the host/port information. We're working with a copy of the |       * Parse the host/port information. We're working with a copy of the | ||||||
|       * destination argument so the parsing can be destructive. |       * destination argument so the parsing can be destructive. | ||||||
|       */ |       */ | ||||||
| @ -838,7 +836,7 @@ index a3a9946..b428cb3 100644 | |||||||
|      if (alldig(service)) { |      if (alldig(service)) { | ||||||
|  	if ((port = atoi(service)) >= 65536 || port == 0) |  	if ((port = atoi(service)) >= 65536 || port == 0) | ||||||
|  	    msg_fatal("bad network port in destination: %s", destination); |  	    msg_fatal("bad network port in destination: %s", destination); | ||||||
| @@ -1507,17 +1585,21 @@ static char *parse_destination(char *destination, char *def_service,
 | @@ -1511,17 +1589,21 @@ static char *parse_destination(char *destination, char *def_service,
 | ||||||
|  static void connect_remote(STATE *state, char *dest) |  static void connect_remote(STATE *state, char *dest) | ||||||
|  { |  { | ||||||
|      DNS_RR *addr; |      DNS_RR *addr; | ||||||
| @ -863,7 +861,7 @@ index a3a9946..b428cb3 100644 | |||||||
|  	else |  	else | ||||||
|  	    state->addr = domain_addr(state, domain); |  	    state->addr = domain_addr(state, domain); | ||||||
|  	myfree(buf); |  	myfree(buf); | ||||||
| @@ -1531,10 +1613,14 @@ static void connect_remote(STATE *state, char *dest)
 | @@ -1535,10 +1617,14 @@ static void connect_remote(STATE *state, char *dest)
 | ||||||
|      for (addr = state->addr; addr; addr = addr->next) { |      for (addr = state->addr; addr; addr = addr->next) { | ||||||
|  	int     level = dane_host_level(state, addr); |  	int     level = dane_host_level(state, addr); | ||||||
|   |   | ||||||
| @ -880,7 +878,7 @@ index a3a9946..b428cb3 100644 | |||||||
|  	    continue; |  	    continue; | ||||||
|  	} |  	} | ||||||
|  	/* We have a connection */ |  	/* We have a connection */ | ||||||
| @@ -1819,6 +1905,7 @@ static void parse_options(STATE *state, int argc, char *argv[])
 | @@ -1823,6 +1909,7 @@ static void parse_options(STATE *state, int argc, char *argv[])
 | ||||||
|   |   | ||||||
|      state->smtp = 1; |      state->smtp = 1; | ||||||
|      state->pass = 1; |      state->pass = 1; | ||||||
| @ -888,7 +886,7 @@ index a3a9946..b428cb3 100644 | |||||||
|      state->reconnect = -1; |      state->reconnect = -1; | ||||||
|      state->max_reconnect = 5; |      state->max_reconnect = 5; | ||||||
|      state->wrapper_mode = 0; |      state->wrapper_mode = 0; | ||||||
| @@ -1829,7 +1916,7 @@ static void parse_options(STATE *state, int argc, char *argv[])
 | @@ -1833,7 +1920,7 @@ static void parse_options(STATE *state, int argc, char *argv[])
 | ||||||
|      memset((void *) &state->options, 0, sizeof(state->options)); |      memset((void *) &state->options, 0, sizeof(state->options)); | ||||||
|      state->options.host_lookup = mystrdup("dns"); |      state->options.host_lookup = mystrdup("dns"); | ||||||
|   |   | ||||||
| @ -897,7 +895,7 @@ index a3a9946..b428cb3 100644 | |||||||
|  #ifdef USE_TLS |  #ifdef USE_TLS | ||||||
|  #define TLSOPTS "A:Cd:fF:g:H:k:K:l:L:m:M:p:P:r:s:wX" |  #define TLSOPTS "A:Cd:fF:g:H:k:K:l:L:m:M:p:P:r:s:wX" | ||||||
|   |   | ||||||
| @@ -1868,6 +1955,9 @@ static void parse_options(STATE *state, int argc, char *argv[])
 | @@ -1872,6 +1959,9 @@ static void parse_options(STATE *state, int argc, char *argv[])
 | ||||||
|  	case 'o': |  	case 'o': | ||||||
|  	    override(optarg); |  	    override(optarg); | ||||||
|  	    break; |  	    break; | ||||||
| @ -928,7 +926,7 @@ index 973cb5d..ff074cd 100644 | |||||||
|  	0, |  	0, | ||||||
|      }; |      }; | ||||||
| diff --git a/src/smtp/smtp.c b/src/smtp/smtp.c
 | diff --git a/src/smtp/smtp.c b/src/smtp/smtp.c
 | ||||||
| index 6ca2d5c..f402876 100644
 | index 9a28cc2..29b17fc 100644
 | ||||||
| --- a/src/smtp/smtp.c
 | --- a/src/smtp/smtp.c
 | ||||||
| +++ b/src/smtp/smtp.c
 | +++ b/src/smtp/smtp.c
 | ||||||
| @@ -146,6 +146,7 @@
 | @@ -146,6 +146,7 @@
 | ||||||
| @ -939,10 +937,10 @@ index 6ca2d5c..f402876 100644 | |||||||
|  /*	RFC 2920 (SMTP Pipelining) |  /*	RFC 2920 (SMTP Pipelining) | ||||||
|  /*	RFC 3207 (STARTTLS command) |  /*	RFC 3207 (STARTTLS command) | ||||||
|  /*	RFC 3461 (SMTP DSN Extension) |  /*	RFC 3461 (SMTP DSN Extension) | ||||||
| @@ -330,6 +331,17 @@
 | @@ -336,6 +337,17 @@
 | ||||||
|  /* .IP "\fBinfo_log_address_format (external)\fR" |  /*	The DNS query type (default: "ns") and DNS query name (default: | ||||||
|  /*	The email address form that will be used in non-debug logging |  /*	".") that Postfix may use to determine whether DNSSEC validation | ||||||
|  /*	(info, warning, etc.). |  /*	is available. | ||||||
| +/* .PP
 | +/* .PP
 | ||||||
| +/*	Backported from Postfix version 3.8:
 | +/*	Backported from Postfix version 3.8:
 | ||||||
| +/* .IP "\fBuse_srv_lookup (empty)\fR"
 | +/* .IP "\fBuse_srv_lookup (empty)\fR"
 | ||||||
| @ -957,7 +955,7 @@ index 6ca2d5c..f402876 100644 | |||||||
|  /* MIME PROCESSING CONTROLS |  /* MIME PROCESSING CONTROLS | ||||||
|  /* .ad |  /* .ad | ||||||
|  /* .fi |  /* .fi | ||||||
| @@ -1046,6 +1058,9 @@ bool    var_smtp_dummy_mail_auth;
 | @@ -1059,6 +1071,9 @@ bool    var_smtp_dummy_mail_auth;
 | ||||||
|  char   *var_smtp_dsn_filter; |  char   *var_smtp_dsn_filter; | ||||||
|  char   *var_smtp_dns_re_filter; |  char   *var_smtp_dns_re_filter; | ||||||
|  bool    var_smtp_balance_inet_proto; |  bool    var_smtp_balance_inet_proto; | ||||||
| @ -967,7 +965,7 @@ index 6ca2d5c..f402876 100644 | |||||||
|   |   | ||||||
|   /* Special handling of 535 AUTH errors. */ |   /* Special handling of 535 AUTH errors. */ | ||||||
|  char   *var_smtp_sasl_auth_cache_name; |  char   *var_smtp_sasl_auth_cache_name; | ||||||
| @@ -1068,6 +1083,7 @@ MAPS   *smtp_pix_bug_maps;
 | @@ -1081,6 +1096,7 @@ MAPS   *smtp_pix_bug_maps;
 | ||||||
|  HBC_CHECKS *smtp_header_checks;		/* limited header checks */ |  HBC_CHECKS *smtp_header_checks;		/* limited header checks */ | ||||||
|  HBC_CHECKS *smtp_body_checks;		/* limited body checks */ |  HBC_CHECKS *smtp_body_checks;		/* limited body checks */ | ||||||
|  SMTP_CLI_ATTR smtp_cli_attr;		/* parsed command-line */ |  SMTP_CLI_ATTR smtp_cli_attr;		/* parsed command-line */ | ||||||
| @ -975,7 +973,7 @@ index 6ca2d5c..f402876 100644 | |||||||
|   |   | ||||||
|  #ifdef USE_TLS |  #ifdef USE_TLS | ||||||
|   |   | ||||||
| @@ -1351,6 +1367,14 @@ static void post_init(char *unused_name, char **argv)
 | @@ -1364,6 +1380,14 @@ static void post_init(char *unused_name, char **argv)
 | ||||||
|       * the process lifetime. |       * the process lifetime. | ||||||
|       */ |       */ | ||||||
|      get_cli_attr(&smtp_cli_attr, argv); |      get_cli_attr(&smtp_cli_attr, argv); | ||||||
| @ -991,7 +989,7 @@ index 6ca2d5c..f402876 100644 | |||||||
|   |   | ||||||
|  /* pre_init - pre-jail initialization */ |  /* pre_init - pre-jail initialization */ | ||||||
| diff --git a/src/smtp/smtp.h b/src/smtp/smtp.h
 | diff --git a/src/smtp/smtp.h b/src/smtp/smtp.h
 | ||||||
| index 281cfe4..3f4c209 100644
 | index 4fea37a..ab91b7e 100644
 | ||||||
| --- a/src/smtp/smtp.h
 | --- a/src/smtp/smtp.h
 | ||||||
| +++ b/src/smtp/smtp.h
 | +++ b/src/smtp/smtp.h
 | ||||||
| @@ -84,6 +84,14 @@ typedef struct SMTP_ITERATOR {
 | @@ -84,6 +84,14 @@ typedef struct SMTP_ITERATOR {
 | ||||||
| @ -1027,7 +1025,7 @@ index 281cfe4..3f4c209 100644 | |||||||
|   |   | ||||||
|  extern TLS_APPL_STATE *smtp_tls_ctx;	/* client-side TLS engine */ |  extern TLS_APPL_STATE *smtp_tls_ctx;	/* client-side TLS engine */ | ||||||
| diff --git a/src/smtp/smtp_addr.c b/src/smtp/smtp_addr.c
 | diff --git a/src/smtp/smtp_addr.c b/src/smtp/smtp_addr.c
 | ||||||
| index 2210ff7..7f20838 100644
 | index 7509edc..d39f970 100644
 | ||||||
| --- a/src/smtp/smtp_addr.c
 | --- a/src/smtp/smtp_addr.c
 | ||||||
| +++ b/src/smtp/smtp_addr.c
 | +++ b/src/smtp/smtp_addr.c
 | ||||||
| @@ -17,6 +17,15 @@
 | @@ -17,6 +17,15 @@
 | ||||||
| @ -1107,7 +1105,7 @@ index 2210ff7..7f20838 100644 | |||||||
|  	    addr_list = dns_rr_append(addr_list, addr); |  	    addr_list = dns_rr_append(addr_list, addr); | ||||||
|  	    return (addr_list); |  	    return (addr_list); | ||||||
|  	default: |  	default: | ||||||
| @@ -283,10 +309,10 @@ static DNS_RR *smtp_addr_list(DNS_RR *mx_names, DSN_BUF *why)
 | @@ -285,10 +311,10 @@ static DNS_RR *smtp_addr_list(DNS_RR *mx_names, DSN_BUF *why)
 | ||||||
|       * tweaking the in-process resolver flags. |       * tweaking the in-process resolver flags. | ||||||
|       */ |       */ | ||||||
|      for (rr = mx_names; rr; rr = rr->next) { |      for (rr = mx_names; rr; rr = rr->next) { | ||||||
| @ -1117,10 +1115,10 @@ index 2210ff7..7f20838 100644 | |||||||
|  	addr_list = smtp_addr_one(addr_list, (char *) rr->data, res_opt, |  	addr_list = smtp_addr_one(addr_list, (char *) rr->data, res_opt, | ||||||
| -				  rr->pref, why);
 | -				  rr->pref, why);
 | ||||||
| +				  rr->pref, rr->port, why);
 | +				  rr->pref, rr->port, why);
 | ||||||
|  |  	if (addr_list && DNS_RR_IS_TRUNCATED(addr_list)) | ||||||
|  |  	    break; | ||||||
|      } |      } | ||||||
|      return (addr_list); | @@ -680,7 +706,7 @@ DNS_RR *smtp_host_addr(const char *host, int misc_flags, DSN_BUF *why)
 | ||||||
|  } |  | ||||||
| @@ -669,7 +695,7 @@ DNS_RR *smtp_host_addr(const char *host, int misc_flags, DSN_BUF *why)
 |  | ||||||
|       * address to internal form. Otherwise, the host is specified by name. |       * address to internal form. Otherwise, the host is specified by name. | ||||||
|       */ |       */ | ||||||
|  #define PREF0	0 |  #define PREF0	0 | ||||||
| @ -1129,7 +1127,7 @@ index 2210ff7..7f20838 100644 | |||||||
|      if (addr_list |      if (addr_list | ||||||
|  	&& (misc_flags & SMTP_MISC_FLAG_LOOP_DETECT) |  	&& (misc_flags & SMTP_MISC_FLAG_LOOP_DETECT) | ||||||
|  	&& smtp_find_self(addr_list) != 0) { |  	&& smtp_find_self(addr_list) != 0) { | ||||||
| @@ -691,3 +717,135 @@ DNS_RR *smtp_host_addr(const char *host, int misc_flags, DSN_BUF *why)
 | @@ -702,3 +728,135 @@ DNS_RR *smtp_host_addr(const char *host, int misc_flags, DSN_BUF *why)
 | ||||||
|  	smtp_print_addr(host, addr_list); |  	smtp_print_addr(host, addr_list); | ||||||
|      return (addr_list); |      return (addr_list); | ||||||
|  } |  } | ||||||
| @ -1527,10 +1525,10 @@ index 1b3a20e..3ac4ccc 100644 | |||||||
|  	    msg_warn("smtp_session_passivate: bad cached dest properties"); |  	    msg_warn("smtp_session_passivate: bad cached dest properties"); | ||||||
|  	    SMTP_SESSION_ACTIVATE_ERR_RETURN(); |  	    SMTP_SESSION_ACTIVATE_ERR_RETURN(); | ||||||
| diff --git a/src/smtpd/smtpd_check.c b/src/smtpd/smtpd_check.c
 | diff --git a/src/smtpd/smtpd_check.c b/src/smtpd/smtpd_check.c
 | ||||||
| index 85d5944..a60e878 100644
 | index 69119ad..2af9e98 100644
 | ||||||
| --- a/src/smtpd/smtpd_check.c
 | --- a/src/smtpd/smtpd_check.c
 | ||||||
| +++ b/src/smtpd/smtpd_check.c
 | +++ b/src/smtpd/smtpd_check.c
 | ||||||
| @@ -3056,8 +3056,8 @@ static int check_server_access(SMTPD_STATE *state, const char *table,
 | @@ -3067,8 +3067,8 @@ static int check_server_access(SMTPD_STATE *state, const char *table,
 | ||||||
|  	|| type == T_AAAA |  	|| type == T_AAAA | ||||||
|  #endif |  #endif | ||||||
|  	) { |  	) { | ||||||
| @ -1541,7 +1539,7 @@ index 85d5944..a60e878 100644 | |||||||
|      } else { |      } else { | ||||||
|  	dns_status = dns_lookup(domain, type, 0, &server_list, |  	dns_status = dns_lookup(domain, type, 0, &server_list, | ||||||
|  				(VSTRING *) 0, (VSTRING *) 0); |  				(VSTRING *) 0, (VSTRING *) 0); | ||||||
| @@ -3065,8 +3065,8 @@ static int check_server_access(SMTPD_STATE *state, const char *table,
 | @@ -3076,8 +3076,8 @@ static int check_server_access(SMTPD_STATE *state, const char *table,
 | ||||||
|  	    return (SMTPD_CHECK_DUNNO); |  	    return (SMTPD_CHECK_DUNNO); | ||||||
|  	if (dns_status == DNS_NOTFOUND /* Not: h_errno == NO_DATA */ ) { |  	if (dns_status == DNS_NOTFOUND /* Not: h_errno == NO_DATA */ ) { | ||||||
|  	    if (type == T_MX) { |  	    if (type == T_MX) { | ||||||
| @ -1,158 +0,0 @@ | |||||||
| diff --git a/src/global/mail_params.c b/src/global/mail_params.c
 |  | ||||||
| index 91c70f7..483613c 100644
 |  | ||||||
| --- a/src/global/mail_params.c
 |  | ||||||
| +++ b/src/global/mail_params.c
 |  | ||||||
| @@ -379,6 +379,8 @@ int     warn_compat_break_smtputf8_enable;
 |  | ||||||
|  int     warn_compat_break_chroot; |  | ||||||
|  int     warn_compat_break_relay_restrictions; |  | ||||||
|   |  | ||||||
| +bool    var_rhel_ipv6_normalize;
 |  | ||||||
| +
 |  | ||||||
|  /* check_myhostname - lookup hostname and validate */ |  | ||||||
|   |  | ||||||
|  static const char *check_myhostname(void) |  | ||||||
| @@ -825,6 +827,7 @@ void    mail_params_init()
 |  | ||||||
|  	VAR_LONG_QUEUE_IDS, DEF_LONG_QUEUE_IDS, &var_long_queue_ids, |  | ||||||
|  	VAR_STRICT_SMTPUTF8, DEF_STRICT_SMTPUTF8, &var_strict_smtputf8, |  | ||||||
|  	VAR_ENABLE_ORCPT, DEF_ENABLE_ORCPT, &var_enable_orcpt, |  | ||||||
| +	VAR_RHEL_IPV6_NORMALIZE, DEF_RHEL_IPV6_NORMALIZE, &var_rhel_ipv6_normalize,
 |  | ||||||
|  	0, |  | ||||||
|      }; |  | ||||||
|      const char *cp; |  | ||||||
| diff --git a/src/global/mail_params.h b/src/global/mail_params.h
 |  | ||||||
| index e4358ca..74459d9 100644
 |  | ||||||
| --- a/src/global/mail_params.h
 |  | ||||||
| +++ b/src/global/mail_params.h
 |  | ||||||
| @@ -3153,7 +3153,7 @@ extern char *var_local_rwr_clients;
 |  | ||||||
|    * EHLO keyword filter. |  | ||||||
|    */ |  | ||||||
|  #define VAR_SMTPD_EHLO_DIS_WORDS	"smtpd_discard_ehlo_keywords" |  | ||||||
| -#define DEF_SMTPD_EHLO_DIS_WORDS	""
 |  | ||||||
| +#define DEF_SMTPD_EHLO_DIS_WORDS	"chunking"
 |  | ||||||
|  extern char *var_smtpd_ehlo_dis_words; |  | ||||||
|   |  | ||||||
|  #define VAR_SMTPD_EHLO_DIS_MAPS		"smtpd_discard_ehlo_keyword_address_maps" |  | ||||||
| @@ -4199,9 +4199,13 @@ extern int var_postlogd_watchdog;
 |  | ||||||
|  #define INFO_LOG_ADDR_FORM_NAME_INTERNAL	"internal" |  | ||||||
|   |  | ||||||
|  #define VAR_INFO_LOG_ADDR_FORM	"info_log_address_format" |  | ||||||
| -#define DEF_INFO_LOG_ADDR_FORM	INFO_LOG_ADDR_FORM_NAME_EXTERNAL
 |  | ||||||
| +#define DEF_INFO_LOG_ADDR_FORM	INFO_LOG_ADDR_FORM_NAME_INTERNAL
 |  | ||||||
|  extern char *var_info_log_addr_form; |  | ||||||
|   |  | ||||||
| +#define VAR_RHEL_IPV6_NORMALIZE	"rhel_ipv6_normalize"
 |  | ||||||
| +#define DEF_RHEL_IPV6_NORMALIZE	0
 |  | ||||||
| +extern bool var_rhel_ipv6_normalize;
 |  | ||||||
| +
 |  | ||||||
|  /* LICENSE |  | ||||||
|  /* .ad |  | ||||||
|  /* .fi |  | ||||||
| diff --git a/src/smtpd/smtpd.c b/src/smtpd/smtpd.c
 |  | ||||||
| index da7227f..53e640e 100644
 |  | ||||||
| --- a/src/smtpd/smtpd.c
 |  | ||||||
| +++ b/src/smtpd/smtpd.c
 |  | ||||||
| @@ -4334,6 +4334,7 @@ static int xclient_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv)
 |  | ||||||
|      SMTPD_TOKEN *argp; |  | ||||||
|      char   *raw_value; |  | ||||||
|      char   *attr_value; |  | ||||||
| +    const char *bare_value;
 |  | ||||||
|      char   *attr_name; |  | ||||||
|      int     update_namaddr = 0; |  | ||||||
|      int     name_status; |  | ||||||
| @@ -4481,15 +4482,31 @@ static int xclient_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv)
 |  | ||||||
|  		UPDATE_STR(state->addr, attr_value); |  | ||||||
|  		UPDATE_STR(state->rfc_addr, attr_value); |  | ||||||
|  	    } else { |  | ||||||
| -		neuter(attr_value, NEUTER_CHARACTERS, '?');
 |  | ||||||
| -		if (normalize_mailhost_addr(attr_value, &state->rfc_addr,
 |  | ||||||
| +		if (var_rhel_ipv6_normalize) {
 |  | ||||||
| +			neuter(attr_value, NEUTER_CHARACTERS, '?');
 |  | ||||||
| +		}
 |  | ||||||
| +		if ((var_rhel_ipv6_normalize &&
 |  | ||||||
| +		    normalize_mailhost_addr(attr_value, &state->rfc_addr,
 |  | ||||||
|  					    &state->addr, |  | ||||||
| -					    &state->addr_family) < 0) {
 |  | ||||||
| +					    &state->addr_family) < 0) ||
 |  | ||||||
| +		    (!var_rhel_ipv6_normalize &&
 |  | ||||||
| +			(bare_value = valid_mailhost_addr(attr_value, DONT_GRIPE)) == 0)) {
 |  | ||||||
|  		    state->error_mask |= MAIL_ERROR_PROTOCOL; |  | ||||||
|  		    smtpd_chat_reply(state, "501 5.5.4 Bad %s syntax: %s", |  | ||||||
|  				     XCLIENT_ADDR, attr_value); |  | ||||||
|  		    return (-1); |  | ||||||
|  		} |  | ||||||
| +		if (!var_rhel_ipv6_normalize) {
 |  | ||||||
| +		    UPDATE_STR(state->addr, bare_value);
 |  | ||||||
| +		    UPDATE_STR(state->rfc_addr, attr_value);
 |  | ||||||
| +#ifdef HAS_IPV6
 |  | ||||||
| +		    if (strncasecmp(attr_value, INET_PROTO_NAME_IPV6 ":",
 |  | ||||||
| +			    sizeof(INET_PROTO_NAME_IPV6 ":") - 1) == 0)
 |  | ||||||
| +			state->addr_family = AF_INET6;
 |  | ||||||
| +		    else
 |  | ||||||
| +#endif
 |  | ||||||
| +			state->addr_family = AF_INET;
 |  | ||||||
| +                }
 |  | ||||||
|  	    } |  | ||||||
|  	    update_namaddr = 1; |  | ||||||
|  	} |  | ||||||
| @@ -4569,17 +4586,25 @@ static int xclient_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv)
 |  | ||||||
|  		attr_value = SERVER_ADDR_UNKNOWN; |  | ||||||
|  		UPDATE_STR(state->dest_addr, attr_value); |  | ||||||
|  	    } else { |  | ||||||
| +		if (var_rhel_ipv6_normalize) {
 |  | ||||||
|  #define NO_NORM_RFC_ADDR		((char **) 0) |  | ||||||
|  #define NO_NORM_ADDR_FAMILY	((int *) 0) |  | ||||||
| -		neuter(attr_value, NEUTER_CHARACTERS, '?');
 |  | ||||||
| -		if (normalize_mailhost_addr(attr_value, NO_NORM_RFC_ADDR,
 |  | ||||||
| +			neuter(attr_value, NEUTER_CHARACTERS, '?');
 |  | ||||||
| +		}
 |  | ||||||
| +		if ((var_rhel_ipv6_normalize &&
 |  | ||||||
| +		    normalize_mailhost_addr(attr_value, NO_NORM_RFC_ADDR,
 |  | ||||||
|  					    &state->dest_addr, |  | ||||||
| -					    NO_NORM_ADDR_FAMILY) < 0) {
 |  | ||||||
| +					    NO_NORM_ADDR_FAMILY) < 0) ||
 |  | ||||||
| +		    (!var_rhel_ipv6_normalize &&
 |  | ||||||
| +			(bare_value = valid_mailhost_addr(attr_value, DONT_GRIPE)) == 0)) {
 |  | ||||||
|  		    state->error_mask |= MAIL_ERROR_PROTOCOL; |  | ||||||
|  		    smtpd_chat_reply(state, "501 5.5.4 Bad %s syntax: %s", |  | ||||||
|  				     XCLIENT_DESTADDR, attr_value); |  | ||||||
|  		    return (-1); |  | ||||||
|  		} |  | ||||||
| +		if (!var_rhel_ipv6_normalize) {
 |  | ||||||
| +			UPDATE_STR(state->dest_addr, bare_value);
 |  | ||||||
| +		}
 |  | ||||||
|  	    } |  | ||||||
|  	    /* XXX Require same address family as client address. */ |  | ||||||
|  	} |  | ||||||
| @@ -4690,6 +4715,7 @@ static int xforward_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv)
 |  | ||||||
|      SMTPD_TOKEN *argp; |  | ||||||
|      char   *raw_value; |  | ||||||
|      char   *attr_value; |  | ||||||
| +    const char *bare_value;
 |  | ||||||
|      char   *attr_name; |  | ||||||
|      int     updated = 0; |  | ||||||
|      static const NAME_CODE xforward_flags[] = { |  | ||||||
| @@ -4808,15 +4834,22 @@ static int xforward_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv)
 |  | ||||||
|  		UPDATE_STR(state->xforward.addr, attr_value); |  | ||||||
|  	    } else { |  | ||||||
|  		neuter(attr_value, NEUTER_CHARACTERS, '?'); |  | ||||||
| -		if (normalize_mailhost_addr(attr_value,
 |  | ||||||
| +		if ((var_rhel_ipv6_normalize &&
 |  | ||||||
| +		    normalize_mailhost_addr(attr_value,
 |  | ||||||
|  					    &state->xforward.rfc_addr, |  | ||||||
|  					    &state->xforward.addr, |  | ||||||
| -					    NO_NORM_ADDR_FAMILY) < 0) {
 |  | ||||||
| +					    NO_NORM_ADDR_FAMILY) < 0) ||
 |  | ||||||
| +		    (!var_rhel_ipv6_normalize &&
 |  | ||||||
| +			(bare_value = valid_mailhost_addr(attr_value, DONT_GRIPE)) == 0)) {
 |  | ||||||
|  		    state->error_mask |= MAIL_ERROR_PROTOCOL; |  | ||||||
|  		    smtpd_chat_reply(state, "501 5.5.4 Bad %s syntax: %s", |  | ||||||
|  				     XFORWARD_ADDR, attr_value); |  | ||||||
|  		    return (-1); |  | ||||||
|  		} |  | ||||||
| +		if (!var_rhel_ipv6_normalize) {
 |  | ||||||
| +		    UPDATE_STR(state->xforward.addr, bare_value);
 |  | ||||||
| +		    UPDATE_STR(state->xforward.rfc_addr, attr_value);
 |  | ||||||
| +		}
 |  | ||||||
|  	    } |  | ||||||
|  	    break; |  | ||||||
|   |  | ||||||
| @ -1,32 +0,0 @@ | |||||||
| commit 9c7bcf991e2dd69d517be84d9594411c47e04562 |  | ||||||
| Author: Tomas Korbar <tkorbar@redhat.com> |  | ||||||
| Date:   Fri May 5 12:48:21 2023 +0200 |  | ||||||
| 
 |  | ||||||
|     Fix build with kernel 6 |  | ||||||
| 
 |  | ||||||
| diff --git a/makedefs b/makedefs
 |  | ||||||
| index aea15d6..ad93a5f 100644
 |  | ||||||
| --- a/makedefs
 |  | ||||||
| +++ b/makedefs
 |  | ||||||
| @@ -557,7 +557,7 @@ EOF
 |  | ||||||
|  		: ${SHLIB_ENV="LD_LIBRARY_PATH=`pwd`/lib"} |  | ||||||
|  		: ${PLUGIN_LD="${CC-gcc} -shared"} |  | ||||||
|  		;; |  | ||||||
| - Linux.[345].*)	SYSTYPE=LINUX$RELEASE_MAJOR
 |  | ||||||
| + Linux.[3456].*)	SYSTYPE=LINUX$RELEASE_MAJOR
 |  | ||||||
|  		case "$CCARGS" in |  | ||||||
|  		 *-DNO_DB*) ;; |  | ||||||
|  		 *-DHAS_DB*) ;; |  | ||||||
| diff --git a/src/util/sys_defs.h b/src/util/sys_defs.h
 |  | ||||||
| index f3a3b26..e9d3546 100644
 |  | ||||||
| --- a/src/util/sys_defs.h
 |  | ||||||
| +++ b/src/util/sys_defs.h
 |  | ||||||
| @@ -749,7 +749,7 @@ extern int initgroups(const char *, int);
 |  | ||||||
|   /* |  | ||||||
|    * LINUX. |  | ||||||
|    */ |  | ||||||
| -#if defined(LINUX2) || defined(LINUX3) || defined(LINUX4) || defined(LINUX5)
 |  | ||||||
| +#if defined(LINUX2) || defined(LINUX3) || defined(LINUX4) || defined(LINUX5) || defined(LINUX6)
 |  | ||||||
|  #define SUPPORTED |  | ||||||
|  #define UINT32_TYPE	unsigned int |  | ||||||
|  #define UINT16_TYPE	unsigned short |  | ||||||
							
								
								
									
										12
									
								
								SOURCES/postfix-3.5.9-glibc-234-build-fix.patch
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										12
									
								
								SOURCES/postfix-3.5.9-glibc-234-build-fix.patch
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,12 @@ | |||||||
|  | diff --git a/src/util/sys_defs.h b/src/util/sys_defs.h
 | ||||||
|  | index 99bec9b..95c78ec 100644
 | ||||||
|  | --- a/src/util/sys_defs.h
 | ||||||
|  | +++ b/src/util/sys_defs.h
 | ||||||
|  | @@ -802,6 +803,7 @@ extern int initgroups(const char *, int);
 | ||||||
|  |  #define _PATH_PROCNET_IFINET6 "/proc/net/if_inet6" | ||||||
|  |  #endif | ||||||
|  |  #endif | ||||||
|  | +#define HAS_CLOSEFROM
 | ||||||
|  |  #include <linux/version.h> | ||||||
|  |  #if !defined(KERNEL_VERSION) | ||||||
|  |  #define KERNEL_VERSION(a,b,c) (LINUX_VERSION_CODE + 1) | ||||||
							
								
								
									
										164
									
								
								SOURCES/postfix-etc-init.d-postfix
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										164
									
								
								SOURCES/postfix-etc-init.d-postfix
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,164 @@ | |||||||
|  | #!/bin/bash | ||||||
|  | # | ||||||
|  | # postfix      Postfix Mail Transfer Agent | ||||||
|  | # | ||||||
|  | # chkconfig: - 80 30 | ||||||
|  | # description: Postfix is a Mail Transport Agent, which is the program \ | ||||||
|  | #              that moves mail from one machine to another. | ||||||
|  | # processname: master | ||||||
|  | # pidfile: /var/spool/postfix/pid/master.pid | ||||||
|  | # config: /etc/postfix/main.cf | ||||||
|  | # config: /etc/postfix/master.cf | ||||||
|  | # | ||||||
|  | # Based on startup script from Simon J Mudd <sjmudd@pobox.com> | ||||||
|  | # 25/02/99: Mostly s/sendmail/postfix/g by John A. Martin <jam@jamux.com> | ||||||
|  | # 23/11/00: Changes & suggestions by Ajay Ramaswamy <ajayr@bigfoot.com> | ||||||
|  | # 20/01/01: Changes to fall in line with RedHat 7.0 style | ||||||
|  | # 23/02/01: Fix a few untidy problems with help from Daniel Roesen. | ||||||
|  | 
 | ||||||
|  | ### BEGIN INIT INFO | ||||||
|  | # Provides: postfix $mail-transfer-agent | ||||||
|  | # Required-Start: $local_fs $network $remote_fs | ||||||
|  | # Required-Stop: $local_fs $network $remote_fs | ||||||
|  | # Short-Description: start and stop postfix | ||||||
|  | # Description: Postfix is a Mail Transport Agent, which is the program that  | ||||||
|  | #              moves mail from one machine to another. | ||||||
|  | ### END INIT INFO | ||||||
|  | 
 | ||||||
|  | # Source function library. | ||||||
|  | . /etc/rc.d/init.d/functions | ||||||
|  | 
 | ||||||
|  | # Source networking configuration. | ||||||
|  | . /etc/sysconfig/network | ||||||
|  | 
 | ||||||
|  | RETVAL=0 | ||||||
|  | prog="postfix" | ||||||
|  | lockfile=/var/lock/subsys/$prog | ||||||
|  | pidfile=/var/spool/postfix/pid/master.pid | ||||||
|  | 
 | ||||||
|  | ALIASESDB_STAMP=/var/lib/misc/postfix.aliasesdb-stamp | ||||||
|  | 
 | ||||||
|  | # Script to update chroot environment | ||||||
|  | CHROOT_UPDATE=/etc/postfix/chroot-update | ||||||
|  | 
 | ||||||
|  | status -p $pidfile -l $(basename $lockfile) master >/dev/null 2>&1 | ||||||
|  | running=$? | ||||||
|  | 
 | ||||||
|  | conf_check() { | ||||||
|  |     [ -x /usr/sbin/postfix ] || exit 5 | ||||||
|  |     [ -d /etc/postfix ] || exit 6 | ||||||
|  |     [ -d /var/spool/postfix ] || exit 5 | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | make_aliasesdb() { | ||||||
|  | 	if [ "$(/usr/sbin/postconf -h alias_database)" == "hash:/etc/aliases" ] | ||||||
|  | 	then | ||||||
|  | 		# /etc/aliases.db may be used by other MTA, make sure nothing | ||||||
|  | 		# has touched it since our last newaliases call | ||||||
|  | 		[ /etc/aliases -nt /etc/aliases.db ] || | ||||||
|  | 			[ "$ALIASESDB_STAMP" -nt /etc/aliases.db ] || | ||||||
|  | 			[ "$ALIASESDB_STAMP" -ot /etc/aliases.db ] || return | ||||||
|  | 		/usr/bin/newaliases | ||||||
|  | 		touch -r /etc/aliases.db "$ALIASESDB_STAMP" | ||||||
|  | 	else | ||||||
|  | 		/usr/bin/newaliases | ||||||
|  | 	fi | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | start() { | ||||||
|  | 	[ "$EUID" != "0" ] && exit 4 | ||||||
|  | 	# Check that networking is up. | ||||||
|  | 	[ ${NETWORKING} = "no" ] && exit 1 | ||||||
|  | 	conf_check | ||||||
|  | 	# Start daemons. | ||||||
|  | 	echo -n $"Starting postfix: " | ||||||
|  | 	make_aliasesdb >/dev/null 2>&1 | ||||||
|  | 	[ -x $CHROOT_UPDATE ] && $CHROOT_UPDATE | ||||||
|  | 	/usr/sbin/postfix start 2>/dev/null 1>&2 && success || failure $"$prog start" | ||||||
|  | 	RETVAL=$? | ||||||
|  | 	[ $RETVAL -eq 0 ] && touch $lockfile | ||||||
|  |         echo | ||||||
|  | 	return $RETVAL | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | stop() { | ||||||
|  | 	[ "$EUID" != "0" ] && exit 4 | ||||||
|  | 	conf_check | ||||||
|  |         # Stop daemons. | ||||||
|  | 	echo -n $"Shutting down postfix: " | ||||||
|  | 	/usr/sbin/postfix stop 2>/dev/null 1>&2 && success || failure $"$prog stop" | ||||||
|  | 	RETVAL=$? | ||||||
|  | 	[ $RETVAL -eq 0 ] && rm -f $lockfile $pidfile | ||||||
|  | 	echo | ||||||
|  | 	return $RETVAL | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | reload() { | ||||||
|  | 	conf_check | ||||||
|  | 	echo -n $"Reloading postfix: " | ||||||
|  | 	[ -x $CHROOT_UPDATE ] && $CHROOT_UPDATE | ||||||
|  | 	/usr/sbin/postfix reload 2>/dev/null 1>&2 && success || failure $"$prog reload" | ||||||
|  | 	RETVAL=$? | ||||||
|  | 	echo | ||||||
|  | 	return $RETVAL | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | abort() { | ||||||
|  | 	conf_check | ||||||
|  | 	/usr/sbin/postfix abort 2>/dev/null 1>&2 && success || failure $"$prog abort" | ||||||
|  | 	return $? | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | flush() { | ||||||
|  | 	conf_check | ||||||
|  | 	/usr/sbin/postfix flush 2>/dev/null 1>&2 && success || failure $"$prog flush" | ||||||
|  | 	return $? | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | check() { | ||||||
|  | 	conf_check | ||||||
|  | 	/usr/sbin/postfix check 2>/dev/null 1>&2 && success || failure $"$prog check" | ||||||
|  | 	return $? | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | # See how we were called. | ||||||
|  | case "$1" in | ||||||
|  |   start) | ||||||
|  | 	[ $running -eq 0 ] && exit 0 | ||||||
|  | 	start | ||||||
|  | 	;; | ||||||
|  |   stop) | ||||||
|  | 	[ $running -eq 0 ] || exit 0 | ||||||
|  | 	stop | ||||||
|  | 	;; | ||||||
|  |   restart|force-reload) | ||||||
|  | 	stop | ||||||
|  | 	start | ||||||
|  | 	;; | ||||||
|  |   reload) | ||||||
|  | 	[ $running -eq 0 ] || exit 7 | ||||||
|  | 	reload | ||||||
|  | 	;; | ||||||
|  |   abort) | ||||||
|  | 	abort | ||||||
|  | 	;; | ||||||
|  |   flush) | ||||||
|  | 	flush | ||||||
|  | 	;; | ||||||
|  |   check) | ||||||
|  | 	check | ||||||
|  | 	;; | ||||||
|  |   status) | ||||||
|  |   	status -p $pidfile -l $(basename $lockfile) master | ||||||
|  | 	;; | ||||||
|  |   condrestart) | ||||||
|  | 	[ $running -eq 0 ] || exit 0 | ||||||
|  | 	stop | ||||||
|  | 	start | ||||||
|  | 	;; | ||||||
|  |   *) | ||||||
|  | 	echo $"Usage: $0 {start|stop|restart|reload|abort|flush|check|status|condrestart}" | ||||||
|  | 	exit 2 | ||||||
|  | esac | ||||||
|  | 
 | ||||||
|  | exit $? | ||||||
							
								
								
									
										4
									
								
								SOURCES/postfix.sysusers
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										4
									
								
								SOURCES/postfix.sysusers
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,4 @@ | |||||||
|  | u postfix 89 - /var/spool/postfix /sbin/nologin | ||||||
|  | g postdrop 90 | ||||||
|  | g mail 12 | ||||||
|  | m postfix mail | ||||||
| @ -21,12 +21,9 @@ | |||||||
| # Postfix requires one exlusive uid/gid and a 2nd exclusive gid for its own | # Postfix requires one exlusive uid/gid and a 2nd exclusive gid for its own | ||||||
| # use.  Let me know if the second gid collides with another package. | # use.  Let me know if the second gid collides with another package. | ||||||
| # Be careful: Redhat's 'mail' user & group isn't unique! | # Be careful: Redhat's 'mail' user & group isn't unique! | ||||||
| %define postfix_uid	89 | # It's now handled by systemd-sysusers. | ||||||
| %define postfix_user	postfix | %define postfix_user	postfix | ||||||
| %define postfix_gid	89 |  | ||||||
| %define postfix_group	postfix |  | ||||||
| %define maildrop_group	postdrop | %define maildrop_group	postdrop | ||||||
| %define maildrop_gid	90 |  | ||||||
| 
 | 
 | ||||||
| %define postfix_config_dir	%{_sysconfdir}/postfix | %define postfix_config_dir	%{_sysconfdir}/postfix | ||||||
| %define postfix_daemon_dir	%{_libexecdir}/postfix | %define postfix_daemon_dir	%{_libexecdir}/postfix | ||||||
| @ -48,18 +45,14 @@ | |||||||
| 
 | 
 | ||||||
| Name: postfix | Name: postfix | ||||||
| Summary: Postfix Mail Transport Agent | Summary: Postfix Mail Transport Agent | ||||||
| Version: 3.5.8 | Version: 3.5.25 | ||||||
| Release: 7%{?dist} | Release: 1%{?dist} | ||||||
| Epoch: 2 | Epoch: 2 | ||||||
| Group: System Environment/Daemons |  | ||||||
| URL: http://www.postfix.org | URL: http://www.postfix.org | ||||||
| License: (IBM and GPLv2+) or (EPL-2.0 and GPLv2+) | License: (IBM and GPLv2+) or (EPL-2.0 and GPLv2+) | ||||||
| Requires(post): systemd hostname | Requires(post): systemd systemd-sysv hostname | ||||||
| Requires(post): %{_sbindir}/alternatives | Requires(post): %{_sbindir}/alternatives | ||||||
| Requires(post): %{_bindir}/openssl | Requires(post): %{_bindir}/openssl | ||||||
| Requires(post): %{_bindir}/hostname |  | ||||||
| Requires(pre): %{_sbindir}/groupadd |  | ||||||
| Requires(pre): %{_sbindir}/useradd |  | ||||||
| Requires(preun): %{_sbindir}/alternatives | Requires(preun): %{_sbindir}/alternatives | ||||||
| Requires(preun): systemd | Requires(preun): systemd | ||||||
| Requires(postun): systemd | Requires(postun): systemd | ||||||
| @ -71,11 +64,12 @@ Requires: policycoreutils | |||||||
| Provides: MTA smtpd smtpdaemon server(smtp) | Provides: MTA smtpd smtpdaemon server(smtp) | ||||||
| 
 | 
 | ||||||
| Source0: ftp://ftp.porcupine.org/mirrors/postfix-release/official/%{name}-%{version}.tar.gz | Source0: ftp://ftp.porcupine.org/mirrors/postfix-release/official/%{name}-%{version}.tar.gz | ||||||
|  | Source1: postfix-etc-init.d-postfix | ||||||
| Source2: postfix.service | Source2: postfix.service | ||||||
| Source3: README-Postfix-SASL-RedHat.txt | Source3: README-Postfix-SASL-RedHat.txt | ||||||
| Source4: postfix.aliasesdb | Source4: postfix.aliasesdb | ||||||
| Source5: postfix-chroot-update | Source5: postfix-chroot-update | ||||||
| Source6: README-RedHat.txt | Source6: postfix.sysusers | ||||||
| 
 | 
 | ||||||
| # Sources 50-99 are upstream [patch] contributions | # Sources 50-99 are upstream [patch] contributions | ||||||
| 
 | 
 | ||||||
| @ -99,30 +93,36 @@ Patch9: pflogsumm-1.1.5-datecalc.patch | |||||||
| # rhbz#1384871, sent upstream | # rhbz#1384871, sent upstream | ||||||
| Patch10: pflogsumm-1.1.5-ipv6-warnings-fix.patch | Patch10: pflogsumm-1.1.5-ipv6-warnings-fix.patch | ||||||
| Patch11: postfix-3.4.4-chroot-example-fix.patch | Patch11: postfix-3.4.4-chroot-example-fix.patch | ||||||
| Patch12: postfix-3.5.8-back-compat-3.3.1.patch | # unconditional glibc-2.34 API assumption, because it seems | ||||||
| Patch13: postfix-3.5.8-whitespace-name-fix.patch | # in RHEL-9 this feature was also backported to 2.33, | ||||||
| # rhbz#1931403, sent upstream | # upstream uses conditional check for 2.34 API | ||||||
|  | Patch12: postfix-3.5.9-glibc-234-build-fix.patch | ||||||
|  | # rhbz#1978901, sent upstream | ||||||
|  | Patch13: postfix-3.5.9-whitespace-name-fix.patch | ||||||
| Patch14: pflogsumm-1.1.5-syslog-name-underscore-fix.patch | Patch14: pflogsumm-1.1.5-syslog-name-underscore-fix.patch | ||||||
| # rhbz#1787010, patch backported from upstream | # rhbz#2134789, backported feature from upstream | ||||||
| Patch15: postfix-3.5.8-SRV-resolve.patch | Patch15: postfix-3.5.25-SRV-resolve.patch | ||||||
| # rhbz#2196577, ZUUL CI uses kernel 6 and we have to add this to postfix |  | ||||||
| Patch16: postfix-3.5.8-makedefs.patch |  | ||||||
| 
 | 
 | ||||||
| # Optional patches - set the appropriate environment variables to include | # Optional patches - set the appropriate environment variables to include | ||||||
| #                    them when building the package/spec file | #                    them when building the package/spec file | ||||||
| 
 | 
 | ||||||
| 
 | 
 | ||||||
| # Determine the different packages required for building postfix | # Determine the different packages required for building postfix | ||||||
|  | BuildRequires: make | ||||||
| BuildRequires: libdb-devel, perl-generators, pkgconfig, zlib-devel | BuildRequires: libdb-devel, perl-generators, pkgconfig, zlib-devel | ||||||
| BuildRequires: systemd-units, libicu-devel, libnsl2-devel | BuildRequires: systemd-units, libicu-devel | ||||||
| BuildRequires: gcc, m4, findutils | BuildRequires: gcc, m4, findutils | ||||||
|  | BuildRequires: systemd-rpm-macros | ||||||
|  | %if 0%{?rhel} < 9 | ||||||
|  | BuildRequires: libnsl2-devel | ||||||
|  | %endif | ||||||
| 
 | 
 | ||||||
| %{?with_ldap:BuildRequires: openldap-devel} | %{?with_ldap:BuildRequires: openldap-devel} | ||||||
| %{?with_lmdb:BuildRequires: lmdb-devel} | %{?with_lmdb:BuildRequires: lmdb-devel} | ||||||
| %{?with_sasl:BuildRequires: cyrus-sasl-devel} | %{?with_sasl:BuildRequires: cyrus-sasl-devel} | ||||||
| %{?with_pcre:BuildRequires: pcre-devel} | %{?with_pcre:BuildRequires: pcre-devel} | ||||||
| %{?with_mysql:BuildRequires: mariadb-connector-c-devel} | %{?with_mysql:BuildRequires: mariadb-connector-c-devel} | ||||||
| %{?with_pgsql:BuildRequires: postgresql-devel} | %{?with_pgsql:BuildRequires: libpq-devel} | ||||||
| %{?with_sqlite:BuildRequires: sqlite-devel} | %{?with_sqlite:BuildRequires: sqlite-devel} | ||||||
| %{?with_cdb:BuildRequires: tinycdb-devel} | %{?with_cdb:BuildRequires: tinycdb-devel} | ||||||
| %{?with_tls:BuildRequires: openssl-devel} | %{?with_tls:BuildRequires: openssl-devel} | ||||||
| @ -130,9 +130,20 @@ BuildRequires: gcc, m4, findutils | |||||||
| %description | %description | ||||||
| Postfix is a Mail Transport Agent (MTA). | Postfix is a Mail Transport Agent (MTA). | ||||||
| 
 | 
 | ||||||
|  | %if 0%{?fedora} < 23 && 0%{?rhel} < 9 | ||||||
|  | %package sysvinit | ||||||
|  | Summary: SysV initscript for postfix | ||||||
|  | BuildArch: noarch | ||||||
|  | Requires: %{name} = %{epoch}:%{version}-%{release} | ||||||
|  | Requires(preun): chkconfig | ||||||
|  | Requires(post): chkconfig | ||||||
|  | 
 | ||||||
|  | %description sysvinit | ||||||
|  | This package contains the SysV initscript. | ||||||
|  | %endif | ||||||
|  | 
 | ||||||
| %package perl-scripts | %package perl-scripts | ||||||
| Summary: Postfix utilities written in perl | Summary: Postfix utilities written in perl | ||||||
| Group: Applications/System |  | ||||||
| Requires: %{name} = %{epoch}:%{version}-%{release} | Requires: %{name} = %{epoch}:%{version}-%{release} | ||||||
| # perl-scripts introduced in 2:2.5.5-2 | # perl-scripts introduced in 2:2.5.5-2 | ||||||
| Obsoletes: postfix < 2:2.5.5-2 | Obsoletes: postfix < 2:2.5.5-2 | ||||||
| @ -242,14 +253,10 @@ pushd pflogsumm-%{pflogsumm_ver} | |||||||
| popd | popd | ||||||
| %endif | %endif | ||||||
| %patch11 -p1 -b .chroot-example-fix | %patch11 -p1 -b .chroot-example-fix | ||||||
| # Improve backward compatibility with postfix-3.3.1, | %patch12 -p1 -b .glibc-234-build-fix | ||||||
| # for details see rhbz#1688389 |  | ||||||
| %patch12 -p1 -b .back-compat-3.3.1 |  | ||||||
| # rhbz#1977732, sent upstream |  | ||||||
| %patch13 -p1 -b .whitespace-name-fix | %patch13 -p1 -b .whitespace-name-fix | ||||||
| %patch14 -p1 -b .pflogsumm-1.1.5-syslog-name-underscore-fix | %patch14 -p1 -b .pflogsumm-1.1.5-syslog-name-underscore-fix | ||||||
| %patch15 -p1 -b .SRV-resolve | %patch15 -p1 -b .SRV-resolution | ||||||
| %patch16 -p1 -b .makedefs |  | ||||||
| 
 | 
 | ||||||
| for f in README_FILES/TLS_{LEGACY_,}README TLS_ACKNOWLEDGEMENTS; do | for f in README_FILES/TLS_{LEGACY_,}README TLS_ACKNOWLEDGEMENTS; do | ||||||
| 	iconv -f iso8859-1 -t utf8 -o ${f}{_,} && | 	iconv -f iso8859-1 -t utf8 -o ${f}{_,} && | ||||||
| @ -259,7 +266,11 @@ done | |||||||
| %build | %build | ||||||
| unset AUXLIBS AUXLIBS_LDAP AUXLIBS_LMDB AUXLIBS_PCRE AUXLIBS_MYSQL AUXLIBS_PGSQL AUXLIBS_SQLITE AUXLIBS_CDB | unset AUXLIBS AUXLIBS_LDAP AUXLIBS_LMDB AUXLIBS_PCRE AUXLIBS_MYSQL AUXLIBS_PGSQL AUXLIBS_SQLITE AUXLIBS_CDB | ||||||
| CCARGS="-fPIC -fcommon" | CCARGS="-fPIC -fcommon" | ||||||
|  | %if 0%{?rhel} >= 9 | ||||||
|  | AUXLIBS="" | ||||||
|  | %else | ||||||
| AUXLIBS="-lnsl" | AUXLIBS="-lnsl" | ||||||
|  | %endif | ||||||
| 
 | 
 | ||||||
| %ifarch s390 s390x ppc | %ifarch s390 s390x ppc | ||||||
| CCARGS="${CCARGS} -fsigned-char" | CCARGS="${CCARGS} -fsigned-char" | ||||||
| @ -314,7 +325,9 @@ CCARGS="${CCARGS} -fsigned-char" | |||||||
| 
 | 
 | ||||||
| CCARGS="${CCARGS} -DDEF_CONFIG_DIR=\\\"%{postfix_config_dir}\\\"" | CCARGS="${CCARGS} -DDEF_CONFIG_DIR=\\\"%{postfix_config_dir}\\\"" | ||||||
| CCARGS="${CCARGS} $(getconf LFS_CFLAGS)" | CCARGS="${CCARGS} $(getconf LFS_CFLAGS)" | ||||||
| 
 | %if 0%{?rhel} >= 9 | ||||||
|  |     CCARGS="${CCARGS} -DNO_NIS" | ||||||
|  | %endif | ||||||
| LDFLAGS="%{?__global_ldflags} %{?_hardened_build:-Wl,-z,relro,-z,now}" | LDFLAGS="%{?__global_ldflags} %{?_hardened_build:-Wl,-z,relro,-z,now}" | ||||||
| 
 | 
 | ||||||
| # SHLIB_RPATH is needed to find private libraries | # SHLIB_RPATH is needed to find private libraries | ||||||
| @ -367,6 +380,9 @@ install -m 644 %{SOURCE2} %{buildroot}%{_unitdir} | |||||||
| install -m 755 %{SOURCE4} %{buildroot}%{postfix_daemon_dir}/aliasesdb | install -m 755 %{SOURCE4} %{buildroot}%{postfix_daemon_dir}/aliasesdb | ||||||
| install -m 755 %{SOURCE5} %{buildroot}%{postfix_daemon_dir}/chroot-update | install -m 755 %{SOURCE5} %{buildroot}%{postfix_daemon_dir}/chroot-update | ||||||
| 
 | 
 | ||||||
|  | # systemd-sysusers | ||||||
|  | install -p -D -m 0644 %{SOURCE6} %{buildroot}%{_sysusersdir}/postfix.conf | ||||||
|  | 
 | ||||||
| install -c auxiliary/rmail/rmail $RPM_BUILD_ROOT%{_bindir}/rmail.postfix | install -c auxiliary/rmail/rmail $RPM_BUILD_ROOT%{_bindir}/rmail.postfix | ||||||
| 
 | 
 | ||||||
| for i in active bounce corrupt defer deferred flush incoming private saved maildrop public pid saved trace; do | for i in active bounce corrupt defer deferred flush incoming private saved maildrop public pid saved trace; do | ||||||
| @ -396,7 +412,7 @@ install -m 644 %{SOURCE101} $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/smtp.postfix | |||||||
| 
 | 
 | ||||||
| # prepare documentation | # prepare documentation | ||||||
| mkdir -p $RPM_BUILD_ROOT%{postfix_doc_dir} | mkdir -p $RPM_BUILD_ROOT%{postfix_doc_dir} | ||||||
| cp -p %{SOURCE3} %{SOURCE6} COMPATIBILITY LICENSE TLS_ACKNOWLEDGEMENTS TLS_LICENSE $RPM_BUILD_ROOT%{postfix_doc_dir} | cp -p %{SOURCE3} COMPATIBILITY LICENSE TLS_ACKNOWLEDGEMENTS TLS_LICENSE $RPM_BUILD_ROOT%{postfix_doc_dir} | ||||||
| 
 | 
 | ||||||
| mkdir -p $RPM_BUILD_ROOT%{postfix_doc_dir}/examples{,/chroot-setup} | mkdir -p $RPM_BUILD_ROOT%{postfix_doc_dir}/examples{,/chroot-setup} | ||||||
| cp -pr examples/{qmail-local,smtpd-policy} $RPM_BUILD_ROOT%{postfix_doc_dir}/examples | cp -pr examples/{qmail-local,smtpd-policy} $RPM_BUILD_ROOT%{postfix_doc_dir}/examples | ||||||
| @ -502,7 +518,7 @@ fi | |||||||
| # Create self-signed SSL certificate | # Create self-signed SSL certificate | ||||||
| if [ ! -f %{sslkey} ]; then | if [ ! -f %{sslkey} ]; then | ||||||
|   umask 077 |   umask 077 | ||||||
|   %{_bindir}/openssl genrsa 4096 > %{sslkey} 2> /dev/null |   %{_bindir}/openssl genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:4096 -out %{sslkey} 2>/dev/null || echo "openssl genpkey failed" | ||||||
| fi | fi | ||||||
| 
 | 
 | ||||||
| if [ ! -f %{sslcert} ]; then | if [ ! -f %{sslcert} ]; then | ||||||
| @ -511,8 +527,10 @@ if [ ! -f %{sslcert} ]; then | |||||||
|     FQDN=localhost.localdomain |     FQDN=localhost.localdomain | ||||||
|   fi |   fi | ||||||
| 
 | 
 | ||||||
|   %{_bindir}/openssl req -new -key %{sslkey} -x509 -sha256 -days 365 -set_serial $RANDOM -out %{sslcert} \ |   req_cmd="%{_bindir}/openssl req -new -key %{sslkey} -x509 -sha256 -days 365 -set_serial $RANDOM -out %{sslcert} \ | ||||||
|     -subj "/C=--/ST=SomeState/L=SomeCity/O=SomeOrganization/OU=SomeOrganizationalUnit/CN=${FQDN}/emailAddress=root@${FQDN}" |     -subj /C=--/ST=SomeState/L=SomeCity/O=SomeOrganization/OU=SomeOrganizationalUnit/CN=${FQDN}/emailAddress=root@${FQDN}" | ||||||
|  | # openssl-3.0 and fallback for backward compatibility with openssl < 3.0 | ||||||
|  |   $req_cmd -noenc -copy_extensions none 2>/dev/null || $req_cmd 2>/dev/null || echo "openssl req failed" | ||||||
|   chmod 644 %{sslcert} |   chmod 644 %{sslcert} | ||||||
| fi | fi | ||||||
| 
 | 
 | ||||||
| @ -520,10 +538,7 @@ exit 0 | |||||||
| 
 | 
 | ||||||
| %pre | %pre | ||||||
| # Add user and groups if necessary | # Add user and groups if necessary | ||||||
| %{_sbindir}/groupadd -g %{maildrop_gid} -r %{maildrop_group} 2>/dev/null | %sysusers_create_compat %{SOURCE6} | ||||||
| %{_sbindir}/groupadd -g %{postfix_gid} -r %{postfix_group} 2>/dev/null |  | ||||||
| %{_sbindir}/groupadd -g 12 -r mail 2>/dev/null |  | ||||||
| %{_sbindir}/useradd -d %{postfix_queue_dir} -s /sbin/nologin -g %{postfix_group} -G mail -M -r -u %{postfix_uid} %{postfix_user} 2>/dev/null |  | ||||||
| 
 | 
 | ||||||
| # hack, to turn man8/smtpd.8.gz into alternatives symlink (part of the rhbz#1051180 fix) | # hack, to turn man8/smtpd.8.gz into alternatives symlink (part of the rhbz#1051180 fix) | ||||||
| # this could be probably dropped in f23+ | # this could be probably dropped in f23+ | ||||||
| @ -544,6 +559,23 @@ exit 0 | |||||||
| %postun | %postun | ||||||
| %systemd_postun_with_restart %{name}.service | %systemd_postun_with_restart %{name}.service | ||||||
| 
 | 
 | ||||||
|  | %if 0%{?fedora} < 23 && 0%{?rhel} < 9 | ||||||
|  | %post sysvinit | ||||||
|  | /sbin/chkconfig --add postfix >/dev/null 2>&1 ||: | ||||||
|  | 
 | ||||||
|  | %preun sysvinit | ||||||
|  | if [ "$1" = 0 ]; then | ||||||
|  |     %{_initrddir}/postfix stop >/dev/null 2>&1 ||: | ||||||
|  |     /sbin/chkconfig --del postfix >/dev/null 2>&1 ||: | ||||||
|  | fi | ||||||
|  | 
 | ||||||
|  | %postun sysvinit | ||||||
|  | [ "$1" -ge 1 ] && %{_initrddir}/postfix condrestart >/dev/null 2>&1 ||: | ||||||
|  | 
 | ||||||
|  | %triggerpostun -n postfix-sysvinit -- postfix < %{sysv2systemdnvr} | ||||||
|  | /sbin/chkconfig --add postfix >/dev/null 2>&1 || : | ||||||
|  | %endif | ||||||
|  | 
 | ||||||
| %triggerun -- postfix < %{sysv2systemdnvr} | %triggerun -- postfix < %{sysv2systemdnvr} | ||||||
| %{_bindir}/systemd-sysv-convert --save postfix >/dev/null 2>&1 ||: | %{_bindir}/systemd-sysv-convert --save postfix >/dev/null 2>&1 ||: | ||||||
| %{_bindir}/systemd-sysv-convert --apply postfix >/dev/null 2>&1 ||: | %{_bindir}/systemd-sysv-convert --apply postfix >/dev/null 2>&1 ||: | ||||||
| @ -690,6 +722,14 @@ exit 0 | |||||||
| 
 | 
 | ||||||
| %ghost %attr(0644, root, root) %{_var}/lib/misc/postfix.aliasesdb-stamp | %ghost %attr(0644, root, root) %{_var}/lib/misc/postfix.aliasesdb-stamp | ||||||
| 
 | 
 | ||||||
|  | # systemd-sysusers | ||||||
|  | %{_sysusersdir}/postfix.conf | ||||||
|  | 
 | ||||||
|  | %if 0%{?fedora} < 23 && 0%{?rhel} < 9 | ||||||
|  | %files sysvinit | ||||||
|  | %{_initrddir}/postfix | ||||||
|  | %endif | ||||||
|  | 
 | ||||||
| %files perl-scripts | %files perl-scripts | ||||||
| %attr(0755, root, root) %{postfix_command_dir}/qshape | %attr(0755, root, root) %{postfix_command_dir}/qshape | ||||||
| %attr(0644, root, root) %{_mandir}/man1/qshape* | %attr(0644, root, root) %{_mandir}/man1/qshape* | ||||||
| @ -763,68 +803,236 @@ exit 0 | |||||||
| %endif | %endif | ||||||
| 
 | 
 | ||||||
| %changelog | %changelog | ||||||
| * Mon Aug 14 2023 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.8-7 | * Thu Jul 18 2024 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.25-1 | ||||||
| - Fixed possible warning when postfix is restarted |  | ||||||
|   Resolves: rhbz#2162659 |  | ||||||
| 
 |  | ||||||
| * Wed May 17 2023 Tomas Korbar <tkorbar@redhat.com> - 2:3.5.8-6 |  | ||||||
| - Fix patch for SRV record resolution feature |  | ||||||
|   Related: rhbz#1787010 |  | ||||||
| 
 |  | ||||||
| * Thu May 04 2023 Tomas Korbar <tkorbar@redhat.com> - 2:3.5.8-5 |  | ||||||
| - Backport dns SRV record resolution feature (RFC6186) |  | ||||||
|   Resolves: rhbz#1787010 |  | ||||||
| - Fix building in ZUUL CI |  | ||||||
|   Resolves: rhbz#2196577 |  | ||||||
| 
 |  | ||||||
| * Thu Feb 17 2022 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.8-4 |  | ||||||
| - Added SELinux workound for systemd service to work after 'postfix start' |  | ||||||
|   Resolves: rhbz#2028015 |  | ||||||
| 
 |  | ||||||
| * Mon Jan 17 2022 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.8-3 |  | ||||||
| - Fixed pflogsumm to allow underscores in the syslog_name |  | ||||||
|   Resolves: rhbz#1931403 |  | ||||||
| 
 |  | ||||||
| * Thu Aug  5 2021 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.8-2 |  | ||||||
| - Fixed cleanup crash when processing messages with whitespace only fullname |  | ||||||
|   Resolves: rhbz#1977732 |  | ||||||
| 
 |  | ||||||
| * Fri Nov 13 2020 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.8-1 |  | ||||||
| - New version | - New version | ||||||
|   Resolves: rhbz#1688389 |   Resolves: RHEL-20023 | ||||||
|  | - Dropped upstreamed patches | ||||||
| 
 | 
 | ||||||
| * Mon Dec 16 2019 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.3.1-12 | * Mon Aug 14 2023 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.9-24 | ||||||
|  | - Fixed possible warning when postfix is restarted | ||||||
|  |   Resolves: rhbz#2075571 | ||||||
|  | 
 | ||||||
|  | * Mon Aug 14 2023 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.9-23 | ||||||
|  | - Spec cleanup | ||||||
|  |   Related: rhbz#2095454 | ||||||
|  | 
 | ||||||
|  | * Wed Jul 05 2023 Jonathan Wright <jonathan@almalinux.org> - 2:3.5.9-22 | ||||||
|  | - Use systemd-sysusers | ||||||
|  |   Resolves: rhbz#2095454 | ||||||
|  | 
 | ||||||
|  | * Wed May 17 2023 Tomas Korbar <tkorbar@redhat.com> - 2:3.5.9-21 | ||||||
|  | - Fix patch for SRV record resolution feature | ||||||
|  |   Related: rhbz#2134789 | ||||||
|  | 
 | ||||||
|  | * Thu May 04 2023 Tomas Korbar <tkorbar@redhat.com> - 2:3.5.9-20 | ||||||
|  | - Backport dns SRV record resolution feature (RFC6186) | ||||||
|  |   Resolves: rhbz#2134789 | ||||||
|  | - Fix building in ZUUL CI | ||||||
|  |   Resolves: rhbz#2193363 | ||||||
|  | 
 | ||||||
|  | * Fri Aug 19 2022 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.9-19 | ||||||
|  | - Suppressed openssl output during SSL certificates generation | ||||||
|  |   Resolves: rhbz#2041589 | ||||||
|  | 
 | ||||||
|  | * Tue Feb 22 2022 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.9-18 | ||||||
|  | - Added SELinux workound for systemd service to work after 'postfix start' | ||||||
|  |   Resolves: rhbz#2055915 | ||||||
|  | 
 | ||||||
|  | * Tue Feb 15 2022 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.9-17 | ||||||
|  | - Fixed problem in the dict_inline found by coverity | ||||||
|  |   Resolves: rhbz#1938847 | ||||||
|  | 
 | ||||||
|  | * Fri Jan 28 2022 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.9-16 | ||||||
|  | - Fixed pflogsumm to allow underscores in the syslog_name | ||||||
|  |   Resolves: rhbz#2043059 | ||||||
|  | 
 | ||||||
|  | * Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 2:3.5.9-15 | ||||||
|  | - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags | ||||||
|  |   Related: rhbz#1991688 | ||||||
|  | 
 | ||||||
|  | * Thu Aug  5 2021 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.9-14 | ||||||
|  | - Fixed cleanup crash when processing messages with whitespace only fullname | ||||||
|  |   Resolves: rhbz#1978901 | ||||||
|  | 
 | ||||||
|  | * Thu Aug  5 2021 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.9-13 | ||||||
|  | - Used upstream patch for fixing FTBFS with glibc-2.34 | ||||||
|  |   Related: rhbz#1984045 | ||||||
|  | 
 | ||||||
|  | * Tue Aug  3 2021 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.9-12 | ||||||
|  | - Fixed openssl req command parameter | ||||||
|  |   Related: rhbz#1985918 | ||||||
|  | 
 | ||||||
|  | * Tue Aug  3 2021 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.9-11 | ||||||
|  | - Fixed FTBFS with glibc-2.34 | ||||||
|  |   Resolves: rhbz#1984045 | ||||||
|  | 
 | ||||||
|  | * Mon Aug  2 2021 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.9-10 | ||||||
|  | - Fixed scriptlets to work with openssl-3.0 | ||||||
|  |   Resolves: rhbz#1985918 | ||||||
|  | 
 | ||||||
|  | * Wed Jun 16 2021 Mohan Boddu <mboddu@redhat.com> - 2:3.5.9-9 | ||||||
|  | - Rebuilt for RHEL 9 BETA for openssl 3.0 | ||||||
|  |   Related: rhbz#1971065 | ||||||
|  | 
 | ||||||
|  | * Thu Apr 22 2021 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.9-8 | ||||||
|  | - Fixed NIS build requirements | ||||||
|  |   Resolves: rhbz#1942369 | ||||||
|  | 
 | ||||||
|  | * Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 2:3.5.9-7 | ||||||
|  | - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937 | ||||||
|  | 
 | ||||||
|  | * Wed Mar 24 2021 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.9-6 | ||||||
|  | - Disable NIS support for RHEL9+ (patch from fjanus@redhat.com) | ||||||
|  | 
 | ||||||
|  | * Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 2:3.5.9-5 | ||||||
|  | - Rebuilt for updated systemd-rpm-macros | ||||||
|  |   See https://pagure.io/fesco/issue/2583. | ||||||
|  | 
 | ||||||
|  | * Fri Feb 19 2021 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.9-4 | ||||||
|  | - Fixed sysvinit conditionals for RHEL | ||||||
|  |   Resolves: rhbz#1930709 | ||||||
|  | 
 | ||||||
|  | * Mon Feb 08 2021 Pavel Raiskup <praiskup@redhat.com> - 2:3.5.9-3 | ||||||
|  | - rebuild for libpq ABI fix rhbz#1908268 | ||||||
|  | 
 | ||||||
|  | * Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2:3.5.9-2 | ||||||
|  | - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild | ||||||
|  | 
 | ||||||
|  | * Mon Jan 18 2021 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.9-1 | ||||||
|  | - New version | ||||||
|  |   Resolves: rhbz#1917155 | ||||||
|  | 
 | ||||||
|  | * Mon Nov  9 2020 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.8-1 | ||||||
|  | - New version | ||||||
|  |   Resolves: rhbz#1895644 | ||||||
|  | 
 | ||||||
|  | * Mon Aug 31 2020 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.7-1 | ||||||
|  | - New version | ||||||
|  |   Resolves: rhbz#1873857 | ||||||
|  | 
 | ||||||
|  | * Thu Aug  6 2020 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.6-2 | ||||||
|  | - Minor spec cleanup | ||||||
|  | - Added posttls-finger test tool | ||||||
|  |   Resolves: rhbz#1865701 | ||||||
|  | 
 | ||||||
|  | * Tue Jul 28 2020 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.6-1 | ||||||
|  | - New version | ||||||
|  |   Resolves: rhbz#1860547 | ||||||
|  | 
 | ||||||
|  | * Tue Jul 14 2020 Tom Stellard <tstellar@redhat.com> - 2:3.5.4-3 | ||||||
|  | - Use make macros | ||||||
|  | - https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro | ||||||
|  | 
 | ||||||
|  | * Wed Jul  8 2020 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.4-2 | ||||||
|  | - Added support for LMDB maps | ||||||
|  | 
 | ||||||
|  | * Mon Jun 29 2020 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.4-1 | ||||||
|  | - New version | ||||||
|  |   Resolves: rhbz#1851650 | ||||||
|  | 
 | ||||||
|  | * Mon Jun 15 2020 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.3-1 | ||||||
|  | - New version | ||||||
|  |   Resolves: rhbz#1846939 | ||||||
|  | 
 | ||||||
|  | * Tue May 19 2020 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.2-1 | ||||||
|  | - New version | ||||||
|  |   Resolves: rhbz#1836653 | ||||||
|  | 
 | ||||||
|  | * Fri May 15 2020 Pete Walter <pwalter@fedoraproject.org> - 2:3.5.1-2 | ||||||
|  | - Rebuild for ICU 67 | ||||||
|  | 
 | ||||||
|  | * Mon Apr 20 2020 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.1-1 | ||||||
|  | - New version | ||||||
|  |   Resolves: rhbz#1825547 | ||||||
|  | 
 | ||||||
|  | * Mon Mar 16 2020 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.0-1 | ||||||
|  | - New version | ||||||
|  |   Resolves: rhbz#1813740 | ||||||
|  | 
 | ||||||
|  | * Thu Mar 12 2020 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.4.10-1 | ||||||
|  | - New version | ||||||
|  |   Resolves: rhbz#1812987 | ||||||
|  | 
 | ||||||
|  | * Mon Feb  3 2020 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.4.9-1 | ||||||
|  | - New version | ||||||
|  |   Resolves: rhbz#1797383 | ||||||
|  | - Dropped ref-search patch (upstreamed) | ||||||
|  | - Built with -fcommon to overcome FTBFS with gcc-10, problem reported upstream | ||||||
|  | 
 | ||||||
|  | * Thu Jan 30 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2:3.4.8-3 | ||||||
|  | - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild | ||||||
|  | 
 | ||||||
|  | * Mon Dec 16 2019 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.4.8-2 | ||||||
| - Fixed DNS resolver to use ref_search instead of ref_query | - Fixed DNS resolver to use ref_search instead of ref_query | ||||||
|   Resolves: rhbz#1723950 |   Resolves: rhbz#1723950 | ||||||
| 
 | 
 | ||||||
| * Tue Dec 10 2019 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.3.1-11 | * Mon Nov 25 2019 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.4.8-1 | ||||||
| - Added hostname requirement | - New version | ||||||
|   Resolves: rhbz#1666244 |   Resolves: rhbz#1776033 | ||||||
| 
 | 
 | ||||||
| * Wed Nov  6 2019 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.3.1-10 | * Fri Nov 01 2019 Pete Walter <pwalter@fedoraproject.org> - 2:3.4.7-3 | ||||||
| - Release bump and rebuild for relengs to be able to ship postfix-pcre, | - Rebuild for ICU 65 | ||||||
|   postfix-cdb, postfix-sqlite |  | ||||||
|   Resolves: rhbz#1745321 |  | ||||||
| 
 | 
 | ||||||
| * Tue Aug  6 2019 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.3.1-9 | * Wed Sep 25 2019 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.4.7-2 | ||||||
| - Release bump and rebuild for relengs to be able to ship postfix-ldap | - Added hostname as explicit requirement for the post scriptlet | ||||||
|   Resolves: rhbz#1686721 |  | ||||||
| 
 | 
 | ||||||
| * Tue Dec  4 2018 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.3.1-8 | * Mon Sep 23 2019 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.4.7-1 | ||||||
|  | - New version | ||||||
|  |   Resolves: rhbz#1754198 | ||||||
|  | 
 | ||||||
|  | * Fri Jul 26 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2:3.4.6-2 | ||||||
|  | - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild | ||||||
|  | 
 | ||||||
|  | * Mon Jul  8 2019 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.4.6-1 | ||||||
|  | - New version | ||||||
|  |   Resolves: rhbz#1726462 | ||||||
|  | 
 | ||||||
|  | * Fri May  3 2019 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.4.4-4 | ||||||
|  | - Fixed FTBFS with new glibc due to dropped RES macros | ||||||
|  | 
 | ||||||
|  | * Fri May  3 2019 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.4.4-3 | ||||||
|  | - Added findutils as explicit requirement | ||||||
|  |   Resolves: rhbz#1629057 | ||||||
|  | 
 | ||||||
|  | * Tue Mar 26 2019 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.4.4-2 | ||||||
|  | - Fixed example chroot-update script | ||||||
|  |   Resolves: rhbz#1398910 | ||||||
|  | 
 | ||||||
|  | * Fri Mar 15 2019 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.4.4-1 | ||||||
|  | - New version | ||||||
|  |   Resolves: rhbz#1689029 | ||||||
|  | 
 | ||||||
|  | * Mon Mar 11 2019 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.4.3-1 | ||||||
|  | - New version | ||||||
|  |   Resolves: rhbz#1687208 | ||||||
|  | 
 | ||||||
|  | * Fri Mar  8 2019 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.4.1-1 | ||||||
|  | - New version | ||||||
|  |   Resolves: rhbz#1686673 | ||||||
|  | 
 | ||||||
|  | * Fri Mar  1 2019 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.4.0-1 | ||||||
|  | - New version | ||||||
|  |   Resolves: rhbz#1683855 | ||||||
|  | 
 | ||||||
|  | * Wed Feb 27 2019 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.3.3-1 | ||||||
|  | - New version | ||||||
|  |   Resolves: rhbz#1683487 | ||||||
|  | 
 | ||||||
|  | * Sat Feb 02 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2:3.3.1-9 | ||||||
|  | - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild | ||||||
|  | 
 | ||||||
|  | * Wed Jan 23 2019 Pete Walter <pwalter@fedoraproject.org> - 2:3.3.1-8 | ||||||
|  | - Rebuild for ICU 63 | ||||||
|  | 
 | ||||||
|  | * Mon Dec  3 2018 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.3.1-7 | ||||||
| - Fixed posttls-finger to work with unix domains | - Fixed posttls-finger to work with unix domains | ||||||
|   Resolves: rhbz#1602663 |  | ||||||
| 
 | 
 | ||||||
| * Wed Nov 28 2018 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.3.1-7 | * Mon Nov 19 2018 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.3.1-6 | ||||||
| - Added m4 to BuildRequires |  | ||||||
|   Resolves: rhbz#1619187 |  | ||||||
| 
 |  | ||||||
| * Tue Nov 20 2018 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.3.1-6 |  | ||||||
| - Used _prefix macro for /usr and _includedir macro for /usr/include | - Used _prefix macro for /usr and _includedir macro for /usr/include | ||||||
|   Resolves: rhbz#1645239 |  | ||||||
| 
 | 
 | ||||||
| * Thu Nov  1 2018 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.3.1-5 | * Mon Aug 20 2018 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.3.1-5 | ||||||
| - Dropped sysv support from the spec | - Added m4 to BuildRequires | ||||||
|   Resolves: rhbz#1636961 |   Resolves: rhbz#1619111 | ||||||
| 
 | 
 | ||||||
| * Tue Jul 24 2018 Robert Scheck <robert@fedoraproject.org> - 2:3.3.1-4 | * Tue Jul 24 2018 Robert Scheck <robert@fedoraproject.org> - 2:3.3.1-4 | ||||||
| - Add basic postfix TLS configuration by default (#1608050) | - Add basic postfix TLS configuration by default (#1608050) | ||||||
|  | |||||||
		Loading…
	
		Reference in New Issue
	
	Block a user