Compare commits
No commits in common. "c8" and "c9s" have entirely different histories.
1
.fmf/version
Normal file
1
.fmf/version
Normal file
@ -0,0 +1 @@
|
||||
1
|
4
.gitignore
vendored
4
.gitignore
vendored
@ -1,2 +1,2 @@
|
||||
SOURCES/pflogsumm-1.1.5.tar.gz
|
||||
SOURCES/postfix-3.5.8.tar.gz
|
||||
pflogsumm-*.tar.gz
|
||||
postfix-*.tar.gz
|
||||
|
@ -1,2 +0,0 @@
|
||||
d18daa19d725e64c2b7e6c8da458b2d563272645 SOURCES/pflogsumm-1.1.5.tar.gz
|
||||
1dfb10729498be5d387dc730117c2a845dd93ac0 SOURCES/postfix-3.5.8.tar.gz
|
@ -1,65 +0,0 @@
|
||||
This Postfix build behaves differently from the upstream postfix-3.5.8.
|
||||
It's because in RHEL-8 backward compatibility is kept to postfix-3.3.1.
|
||||
|
||||
For the upstream postfix-3.5.8 behavior either run the following commands:
|
||||
|
||||
# postconf info_log_address_format=external
|
||||
# postconf smtpd_discard_ehlo_keywords=
|
||||
# postconf rhel_ipv6_normalize=yes
|
||||
|
||||
Or go through the following steps:
|
||||
|
||||
1. Change the configuration option 'info_log_address_format' to 'external'.
|
||||
In RHEL-8 it's by default set to 'internal' to mitigate [Incompat 20191109].
|
||||
|
||||
2. Change the configuration option 'smtpd_discard_ehlo_keywords' to ''.
|
||||
In RHEL-8 it's by default set to 'chunking' to mitigate [Incompat 20180826].
|
||||
|
||||
3. Add RHEL-8 specific configuration option 'rhel_ipv6_normalize' and set it
|
||||
to 'yes'. In RHEL-8 this option was added to mitigate [Incompat 20190427].
|
||||
|
||||
Details from the upstream RELEASE_NOTES:
|
||||
|
||||
[Incompat 20191109]
|
||||
Postfix daemon processes now log the from= and
|
||||
to= addresses in external (quoted) form in non-debug logging (info,
|
||||
warning, etc.). This means that when an address localpart contains
|
||||
spaces or other special characters, the localpart will be quoted,
|
||||
for example:
|
||||
|
||||
from=<"name with spaces"@example.com>
|
||||
|
||||
Older Postfix versions would log the internal (unquoted) form:
|
||||
|
||||
from=<name with spaces@example.com>
|
||||
|
||||
The external and internal forms are identical for the vast majority
|
||||
of email addresses that contain no spaces or other special characters
|
||||
in the localpart.
|
||||
|
||||
Specify "info_log_address_format = internal" for backwards
|
||||
compatibility.
|
||||
|
||||
The logging in external form is consistent with the address form
|
||||
that Postfix 3.2 and later prefer for table lookups. It is therefore
|
||||
the more useful form for non-debug logging.
|
||||
|
||||
[Incompat 20180826]
|
||||
The Postfix SMTP server announces CHUNKING (BDAT
|
||||
command) by default. In the unlikely case that this breaks some
|
||||
important remote SMTP client, disable the feature as follows:
|
||||
|
||||
/etc/postfix/main.cf:
|
||||
# The logging alternative:
|
||||
smtpd_discard_ehlo_keywords = chunking
|
||||
# The non-logging alternative:
|
||||
smtpd_discard_ehlo_keywords = chunking, silent_discard
|
||||
|
||||
See BDAT_README for more.
|
||||
|
||||
[Incompat 20190427]
|
||||
Postfix now normalizes IP addresses received
|
||||
with XCLIENT, XFORWARD, or with the HaProxy protocol, for consistency
|
||||
with direct connections to Postfix. This may change the appearance
|
||||
of logging, and the way that check_client_access will match subnets
|
||||
of an IPv6 address.
|
@ -1,158 +0,0 @@
|
||||
diff --git a/src/global/mail_params.c b/src/global/mail_params.c
|
||||
index 91c70f7..483613c 100644
|
||||
--- a/src/global/mail_params.c
|
||||
+++ b/src/global/mail_params.c
|
||||
@@ -379,6 +379,8 @@ int warn_compat_break_smtputf8_enable;
|
||||
int warn_compat_break_chroot;
|
||||
int warn_compat_break_relay_restrictions;
|
||||
|
||||
+bool var_rhel_ipv6_normalize;
|
||||
+
|
||||
/* check_myhostname - lookup hostname and validate */
|
||||
|
||||
static const char *check_myhostname(void)
|
||||
@@ -825,6 +827,7 @@ void mail_params_init()
|
||||
VAR_LONG_QUEUE_IDS, DEF_LONG_QUEUE_IDS, &var_long_queue_ids,
|
||||
VAR_STRICT_SMTPUTF8, DEF_STRICT_SMTPUTF8, &var_strict_smtputf8,
|
||||
VAR_ENABLE_ORCPT, DEF_ENABLE_ORCPT, &var_enable_orcpt,
|
||||
+ VAR_RHEL_IPV6_NORMALIZE, DEF_RHEL_IPV6_NORMALIZE, &var_rhel_ipv6_normalize,
|
||||
0,
|
||||
};
|
||||
const char *cp;
|
||||
diff --git a/src/global/mail_params.h b/src/global/mail_params.h
|
||||
index e4358ca..74459d9 100644
|
||||
--- a/src/global/mail_params.h
|
||||
+++ b/src/global/mail_params.h
|
||||
@@ -3153,7 +3153,7 @@ extern char *var_local_rwr_clients;
|
||||
* EHLO keyword filter.
|
||||
*/
|
||||
#define VAR_SMTPD_EHLO_DIS_WORDS "smtpd_discard_ehlo_keywords"
|
||||
-#define DEF_SMTPD_EHLO_DIS_WORDS ""
|
||||
+#define DEF_SMTPD_EHLO_DIS_WORDS "chunking"
|
||||
extern char *var_smtpd_ehlo_dis_words;
|
||||
|
||||
#define VAR_SMTPD_EHLO_DIS_MAPS "smtpd_discard_ehlo_keyword_address_maps"
|
||||
@@ -4199,9 +4199,13 @@ extern int var_postlogd_watchdog;
|
||||
#define INFO_LOG_ADDR_FORM_NAME_INTERNAL "internal"
|
||||
|
||||
#define VAR_INFO_LOG_ADDR_FORM "info_log_address_format"
|
||||
-#define DEF_INFO_LOG_ADDR_FORM INFO_LOG_ADDR_FORM_NAME_EXTERNAL
|
||||
+#define DEF_INFO_LOG_ADDR_FORM INFO_LOG_ADDR_FORM_NAME_INTERNAL
|
||||
extern char *var_info_log_addr_form;
|
||||
|
||||
+#define VAR_RHEL_IPV6_NORMALIZE "rhel_ipv6_normalize"
|
||||
+#define DEF_RHEL_IPV6_NORMALIZE 0
|
||||
+extern bool var_rhel_ipv6_normalize;
|
||||
+
|
||||
/* LICENSE
|
||||
/* .ad
|
||||
/* .fi
|
||||
diff --git a/src/smtpd/smtpd.c b/src/smtpd/smtpd.c
|
||||
index da7227f..53e640e 100644
|
||||
--- a/src/smtpd/smtpd.c
|
||||
+++ b/src/smtpd/smtpd.c
|
||||
@@ -4334,6 +4334,7 @@ static int xclient_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv)
|
||||
SMTPD_TOKEN *argp;
|
||||
char *raw_value;
|
||||
char *attr_value;
|
||||
+ const char *bare_value;
|
||||
char *attr_name;
|
||||
int update_namaddr = 0;
|
||||
int name_status;
|
||||
@@ -4481,15 +4482,31 @@ static int xclient_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv)
|
||||
UPDATE_STR(state->addr, attr_value);
|
||||
UPDATE_STR(state->rfc_addr, attr_value);
|
||||
} else {
|
||||
- neuter(attr_value, NEUTER_CHARACTERS, '?');
|
||||
- if (normalize_mailhost_addr(attr_value, &state->rfc_addr,
|
||||
+ if (var_rhel_ipv6_normalize) {
|
||||
+ neuter(attr_value, NEUTER_CHARACTERS, '?');
|
||||
+ }
|
||||
+ if ((var_rhel_ipv6_normalize &&
|
||||
+ normalize_mailhost_addr(attr_value, &state->rfc_addr,
|
||||
&state->addr,
|
||||
- &state->addr_family) < 0) {
|
||||
+ &state->addr_family) < 0) ||
|
||||
+ (!var_rhel_ipv6_normalize &&
|
||||
+ (bare_value = valid_mailhost_addr(attr_value, DONT_GRIPE)) == 0)) {
|
||||
state->error_mask |= MAIL_ERROR_PROTOCOL;
|
||||
smtpd_chat_reply(state, "501 5.5.4 Bad %s syntax: %s",
|
||||
XCLIENT_ADDR, attr_value);
|
||||
return (-1);
|
||||
}
|
||||
+ if (!var_rhel_ipv6_normalize) {
|
||||
+ UPDATE_STR(state->addr, bare_value);
|
||||
+ UPDATE_STR(state->rfc_addr, attr_value);
|
||||
+#ifdef HAS_IPV6
|
||||
+ if (strncasecmp(attr_value, INET_PROTO_NAME_IPV6 ":",
|
||||
+ sizeof(INET_PROTO_NAME_IPV6 ":") - 1) == 0)
|
||||
+ state->addr_family = AF_INET6;
|
||||
+ else
|
||||
+#endif
|
||||
+ state->addr_family = AF_INET;
|
||||
+ }
|
||||
}
|
||||
update_namaddr = 1;
|
||||
}
|
||||
@@ -4569,17 +4586,25 @@ static int xclient_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv)
|
||||
attr_value = SERVER_ADDR_UNKNOWN;
|
||||
UPDATE_STR(state->dest_addr, attr_value);
|
||||
} else {
|
||||
+ if (var_rhel_ipv6_normalize) {
|
||||
#define NO_NORM_RFC_ADDR ((char **) 0)
|
||||
#define NO_NORM_ADDR_FAMILY ((int *) 0)
|
||||
- neuter(attr_value, NEUTER_CHARACTERS, '?');
|
||||
- if (normalize_mailhost_addr(attr_value, NO_NORM_RFC_ADDR,
|
||||
+ neuter(attr_value, NEUTER_CHARACTERS, '?');
|
||||
+ }
|
||||
+ if ((var_rhel_ipv6_normalize &&
|
||||
+ normalize_mailhost_addr(attr_value, NO_NORM_RFC_ADDR,
|
||||
&state->dest_addr,
|
||||
- NO_NORM_ADDR_FAMILY) < 0) {
|
||||
+ NO_NORM_ADDR_FAMILY) < 0) ||
|
||||
+ (!var_rhel_ipv6_normalize &&
|
||||
+ (bare_value = valid_mailhost_addr(attr_value, DONT_GRIPE)) == 0)) {
|
||||
state->error_mask |= MAIL_ERROR_PROTOCOL;
|
||||
smtpd_chat_reply(state, "501 5.5.4 Bad %s syntax: %s",
|
||||
XCLIENT_DESTADDR, attr_value);
|
||||
return (-1);
|
||||
}
|
||||
+ if (!var_rhel_ipv6_normalize) {
|
||||
+ UPDATE_STR(state->dest_addr, bare_value);
|
||||
+ }
|
||||
}
|
||||
/* XXX Require same address family as client address. */
|
||||
}
|
||||
@@ -4690,6 +4715,7 @@ static int xforward_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv)
|
||||
SMTPD_TOKEN *argp;
|
||||
char *raw_value;
|
||||
char *attr_value;
|
||||
+ const char *bare_value;
|
||||
char *attr_name;
|
||||
int updated = 0;
|
||||
static const NAME_CODE xforward_flags[] = {
|
||||
@@ -4808,15 +4834,22 @@ static int xforward_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv)
|
||||
UPDATE_STR(state->xforward.addr, attr_value);
|
||||
} else {
|
||||
neuter(attr_value, NEUTER_CHARACTERS, '?');
|
||||
- if (normalize_mailhost_addr(attr_value,
|
||||
+ if ((var_rhel_ipv6_normalize &&
|
||||
+ normalize_mailhost_addr(attr_value,
|
||||
&state->xforward.rfc_addr,
|
||||
&state->xforward.addr,
|
||||
- NO_NORM_ADDR_FAMILY) < 0) {
|
||||
+ NO_NORM_ADDR_FAMILY) < 0) ||
|
||||
+ (!var_rhel_ipv6_normalize &&
|
||||
+ (bare_value = valid_mailhost_addr(attr_value, DONT_GRIPE)) == 0)) {
|
||||
state->error_mask |= MAIL_ERROR_PROTOCOL;
|
||||
smtpd_chat_reply(state, "501 5.5.4 Bad %s syntax: %s",
|
||||
XFORWARD_ADDR, attr_value);
|
||||
return (-1);
|
||||
}
|
||||
+ if (!var_rhel_ipv6_normalize) {
|
||||
+ UPDATE_STR(state->xforward.addr, bare_value);
|
||||
+ UPDATE_STR(state->xforward.rfc_addr, attr_value);
|
||||
+ }
|
||||
}
|
||||
break;
|
||||
|
@ -1,32 +0,0 @@
|
||||
commit 9c7bcf991e2dd69d517be84d9594411c47e04562
|
||||
Author: Tomas Korbar <tkorbar@redhat.com>
|
||||
Date: Fri May 5 12:48:21 2023 +0200
|
||||
|
||||
Fix build with kernel 6
|
||||
|
||||
diff --git a/makedefs b/makedefs
|
||||
index aea15d6..ad93a5f 100644
|
||||
--- a/makedefs
|
||||
+++ b/makedefs
|
||||
@@ -557,7 +557,7 @@ EOF
|
||||
: ${SHLIB_ENV="LD_LIBRARY_PATH=`pwd`/lib"}
|
||||
: ${PLUGIN_LD="${CC-gcc} -shared"}
|
||||
;;
|
||||
- Linux.[345].*) SYSTYPE=LINUX$RELEASE_MAJOR
|
||||
+ Linux.[3456].*) SYSTYPE=LINUX$RELEASE_MAJOR
|
||||
case "$CCARGS" in
|
||||
*-DNO_DB*) ;;
|
||||
*-DHAS_DB*) ;;
|
||||
diff --git a/src/util/sys_defs.h b/src/util/sys_defs.h
|
||||
index f3a3b26..e9d3546 100644
|
||||
--- a/src/util/sys_defs.h
|
||||
+++ b/src/util/sys_defs.h
|
||||
@@ -749,7 +749,7 @@ extern int initgroups(const char *, int);
|
||||
/*
|
||||
* LINUX.
|
||||
*/
|
||||
-#if defined(LINUX2) || defined(LINUX3) || defined(LINUX4) || defined(LINUX5)
|
||||
+#if defined(LINUX2) || defined(LINUX3) || defined(LINUX4) || defined(LINUX5) || defined(LINUX6)
|
||||
#define SUPPORTED
|
||||
#define UINT32_TYPE unsigned int
|
||||
#define UINT16_TYPE unsigned short
|
25
gating.yaml
Normal file
25
gating.yaml
Normal file
@ -0,0 +1,25 @@
|
||||
--- !Policy
|
||||
product_versions:
|
||||
- fedora-*
|
||||
decision_context: bodhi_update_push_testing
|
||||
subject_type: koji_build
|
||||
rules:
|
||||
- !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/tier1-public.functional}
|
||||
|
||||
#Rawhide
|
||||
--- !Policy
|
||||
product_versions:
|
||||
- fedora-*
|
||||
decision_context: bodhi_update_push_stable
|
||||
subject_type: koji_build
|
||||
rules:
|
||||
- !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/tier1-public.functional}
|
||||
|
||||
#gating rhel
|
||||
--- !Policy
|
||||
product_versions:
|
||||
- rhel-*
|
||||
decision_context: osci_compose_gate
|
||||
rules:
|
||||
- !PassingTestCaseRule {test_case_name: osci.brew-build./plans/tier1-public.functional}
|
||||
- !PassingTestCaseRule {test_case_name: osci.brew-build./plans/tier1-internal.functional}
|
36
plans.fmf
Normal file
36
plans.fmf
Normal file
@ -0,0 +1,36 @@
|
||||
/tier1-internal:
|
||||
plan:
|
||||
import:
|
||||
url: https://src.fedoraproject.org/tests/postfix.git
|
||||
name: /plans/tier1/internal
|
||||
|
||||
/tier1-public:
|
||||
plan:
|
||||
import:
|
||||
url: https://src.fedoraproject.org/tests/postfix.git
|
||||
name: /plans/tier1/public
|
||||
|
||||
/tier2-tier3-internal:
|
||||
plan:
|
||||
import:
|
||||
url: https://src.fedoraproject.org/tests/postfix.git
|
||||
name: /plans/tier2-tier3/internal
|
||||
|
||||
/tier2-tier3-public:
|
||||
plan:
|
||||
import:
|
||||
url: https://src.fedoraproject.org/tests/postfix.git
|
||||
name: /plans/tier2-tier3/public
|
||||
|
||||
/others-internal:
|
||||
plan:
|
||||
import:
|
||||
url: https://src.fedoraproject.org/tests/postfix.git
|
||||
name: /plans/others/internal
|
||||
|
||||
/others-public:
|
||||
plan:
|
||||
import:
|
||||
url: https://src.fedoraproject.org/tests/postfix.git
|
||||
name: /plans/others/public
|
||||
|
@ -1,14 +1,8 @@
|
||||
commit 4b486868473462f9b65cc3ad44c48c2e68ee45ee
|
||||
Author: Tomas Korbar <tkorbar@redhat.com>
|
||||
Date: Wed May 17 13:17:30 2023 +0200
|
||||
|
||||
Backport SRV record resolution feature
|
||||
|
||||
diff --git a/mantools/postlink b/mantools/postlink
|
||||
index 46f187e..f738fd3 100755
|
||||
index 41fa110..ef005e0 100755
|
||||
--- a/mantools/postlink
|
||||
+++ b/mantools/postlink
|
||||
@@ -1128,6 +1128,10 @@ while (<>) {
|
||||
@@ -1136,6 +1136,10 @@ while (<>) {
|
||||
s;\bpostlog_service_name\b;<a href="postconf.5.html#postlog_service_name">$&</a>;g;
|
||||
s;\bpostlogd_watchdog_timeout\b;<a href="postconf.5.html#postlogd_watchdog_timeout">$&</a>;g;
|
||||
|
||||
@ -20,14 +14,13 @@ index 46f187e..f738fd3 100755
|
||||
|
||||
s;\bpolicy_time_limit\b;<a href="postconf.5.html#transport_time_limit">$&</a>;g;
|
||||
diff --git a/proto/postconf.proto b/proto/postconf.proto
|
||||
index 3d53657..29d0aa5 100644
|
||||
index 844d248..2c04326 100644
|
||||
--- a/proto/postconf.proto
|
||||
+++ b/proto/postconf.proto
|
||||
@@ -17698,3 +17698,111 @@ with quotes and backslashes. An attacker should not be able to use
|
||||
such games to circumvent Postfix access policies. </p>
|
||||
@@ -18039,3 +18039,111 @@ to enable. This feature is enabled by default with Postfix ≥
|
||||
|
||||
<p> This feature is available in Postfix 3.5 and later. </p>
|
||||
+
|
||||
<p> This feature is available in Postfix ≥ 3.9, 3.8.1, 3.7.6,
|
||||
3.6.10, and 3.5.20. </p>
|
||||
+
|
||||
+%PARAM use_srv_lookup
|
||||
+
|
||||
@ -135,11 +128,12 @@ index 3d53657..29d0aa5 100644
|
||||
+to MX or IP address lookup as if SRV record lookup was not enabled. <p>
|
||||
+
|
||||
+<p> This feature was backported from Postfix 3.8. </p>
|
||||
+
|
||||
diff --git a/src/dns/dns.h b/src/dns/dns.h
|
||||
index b8c4c4a..aac3ca9 100644
|
||||
index 27d2ab9..be2cb67 100644
|
||||
--- a/src/dns/dns.h
|
||||
+++ b/src/dns/dns.h
|
||||
@@ -147,10 +147,12 @@ typedef struct DNS_RR {
|
||||
@@ -147,12 +147,14 @@ typedef struct DNS_RR {
|
||||
unsigned short class; /* C_IN, etc. */
|
||||
unsigned int ttl; /* always */
|
||||
unsigned int dnssec_valid; /* DNSSEC validated */
|
||||
@ -147,14 +141,16 @@ index b8c4c4a..aac3ca9 100644
|
||||
+ unsigned short pref; /* T_MX and T_SRV record related */
|
||||
+ unsigned short weight; /* T_SRV related, defined in rfc2782 */
|
||||
+ unsigned short port; /* T_SRV related, defined in rfc2782 */
|
||||
/* Assume that flags lives in what was previously padding */
|
||||
unsigned short flags; /* DNS_RR_FLAG_XX, see below */
|
||||
struct DNS_RR *next; /* linkage */
|
||||
size_t data_len; /* actual data size */
|
||||
- char data[1]; /* actually a bunch of data */
|
||||
+ char *data; /* a bunch of data */
|
||||
} DNS_RR;
|
||||
|
||||
/*
|
||||
@@ -172,14 +174,29 @@ extern char *dns_strrecord(VSTRING *, DNS_RR *);
|
||||
#define DNS_RR_FLAG_TRUNCATED (1<<0)
|
||||
@@ -178,14 +180,29 @@ extern char *dns_strrecord(VSTRING *, DNS_RR *);
|
||||
/*
|
||||
* dns_rr.c
|
||||
*/
|
||||
@ -184,7 +180,7 @@ index b8c4c4a..aac3ca9 100644
|
||||
extern int dns_rr_compare_pref_ipv6(DNS_RR *, DNS_RR *);
|
||||
extern int dns_rr_compare_pref_ipv4(DNS_RR *, DNS_RR *);
|
||||
extern int dns_rr_compare_pref_any(DNS_RR *, DNS_RR *);
|
||||
@@ -278,8 +295,9 @@ extern int dns_lookup_rv(const char *, unsigned, DNS_RR **, VSTRING *,
|
||||
@@ -290,8 +307,9 @@ extern int dns_lookup_rv(const char *, unsigned, DNS_RR **, VSTRING *,
|
||||
* Below is the precedence order. The order between DNS_RETRY and DNS_NOTFOUND
|
||||
* is arbitrary.
|
||||
*/
|
||||
@ -197,10 +193,10 @@ index b8c4c4a..aac3ca9 100644
|
||||
#define DNS_FAIL (-4) /* query failed, don't retry */
|
||||
#define DNS_INVAL (-3) /* query ok, malformed reply */
|
||||
diff --git a/src/dns/dns_lookup.c b/src/dns/dns_lookup.c
|
||||
index 11c9281..1aa97a4 100644
|
||||
index 30bfc9e..f62ca54 100644
|
||||
--- a/src/dns/dns_lookup.c
|
||||
+++ b/src/dns/dns_lookup.c
|
||||
@@ -688,6 +688,8 @@ static int dns_get_rr(DNS_RR **list, const char *orig_name, DNS_REPLY *reply,
|
||||
@@ -691,6 +691,8 @@ static int dns_get_rr(DNS_RR **list, const char *orig_name, DNS_REPLY *reply,
|
||||
int comp_len;
|
||||
ssize_t data_len;
|
||||
unsigned pref = 0;
|
||||
@ -209,7 +205,7 @@ index 11c9281..1aa97a4 100644
|
||||
unsigned char *src;
|
||||
unsigned char *dst;
|
||||
int ch;
|
||||
@@ -713,6 +715,18 @@ static int dns_get_rr(DNS_RR **list, const char *orig_name, DNS_REPLY *reply,
|
||||
@@ -716,6 +718,18 @@ static int dns_get_rr(DNS_RR **list, const char *orig_name, DNS_REPLY *reply,
|
||||
return (DNS_INVAL);
|
||||
data_len = strlen(temp) + 1;
|
||||
break;
|
||||
@ -228,7 +224,7 @@ index 11c9281..1aa97a4 100644
|
||||
case T_MX:
|
||||
GETSHORT(pref, pos);
|
||||
if (dn_expand(reply->buf, reply->end, pos, temp, sizeof(temp)) < 0)
|
||||
@@ -808,7 +822,7 @@ static int dns_get_rr(DNS_RR **list, const char *orig_name, DNS_REPLY *reply,
|
||||
@@ -811,7 +825,7 @@ static int dns_get_rr(DNS_RR **list, const char *orig_name, DNS_REPLY *reply,
|
||||
break;
|
||||
}
|
||||
*list = dns_rr_create(orig_name, rr_name, fixed->type, fixed->class,
|
||||
@ -237,16 +233,16 @@ index 11c9281..1aa97a4 100644
|
||||
return (DNS_OK);
|
||||
}
|
||||
|
||||
@@ -906,7 +920,7 @@ static int dns_get_answer(const char *orig_name, DNS_REPLY *reply, int type,
|
||||
resource_found++;
|
||||
rr->dnssec_valid = *maybe_secure ? reply->dnssec_ad : 0;
|
||||
@@ -913,7 +927,7 @@ static int dns_get_answer(const char *orig_name, DNS_REPLY *reply, int type,
|
||||
*rrlist = dns_rr_append(*rrlist, rr);
|
||||
if (DNS_RR_IS_TRUNCATED(*rrlist))
|
||||
break;
|
||||
- } else if (status == DNS_NULLMX) {
|
||||
+ } else if (status == DNS_NULLMX || status == DNS_NULLSRV) {
|
||||
CORRUPT(status); /* TODO: use better name */
|
||||
} else if (not_found_status != DNS_RETRY)
|
||||
not_found_status = status;
|
||||
@@ -1032,6 +1046,12 @@ int dns_lookup_x(const char *name, unsigned type, unsigned flags,
|
||||
@@ -1047,6 +1061,12 @@ int dns_lookup_x(const char *name, unsigned type, unsigned flags,
|
||||
name);
|
||||
SET_H_ERRNO(NO_DATA);
|
||||
return (status);
|
||||
@ -260,7 +256,7 @@ index 11c9281..1aa97a4 100644
|
||||
if (rrlist && dns_rr_filter_maps) {
|
||||
if (dns_rr_filter_execute(rrlist) < 0) {
|
||||
diff --git a/src/dns/dns_rr.c b/src/dns/dns_rr.c
|
||||
index b550788..15b5dee 100644
|
||||
index cf82f9f..c99fd4d 100644
|
||||
--- a/src/dns/dns_rr.c
|
||||
+++ b/src/dns/dns_rr.c
|
||||
@@ -7,13 +7,15 @@
|
||||
@ -280,10 +276,10 @@ index b550788..15b5dee 100644
|
||||
/* const char *data;
|
||||
/* size_t data_len;
|
||||
/*
|
||||
@@ -49,6 +51,30 @@
|
||||
/* DNS_RR *dns_rr_remove(list, record)
|
||||
/* DNS_RR *list;
|
||||
@@ -51,6 +53,30 @@
|
||||
/* DNS_RR *record;
|
||||
/*
|
||||
/* int var_dns_rr_list_limit;
|
||||
+/*
|
||||
+/* DNS_RR *dns_srv_rr_sort(list)
|
||||
+/* DNS_RR *list;
|
||||
@ -311,7 +307,7 @@ index b550788..15b5dee 100644
|
||||
/* DESCRIPTION
|
||||
/* The routines in this module maintain memory for DNS resource record
|
||||
/* information, and maintain lists of DNS resource records.
|
||||
@@ -56,10 +82,14 @@
|
||||
@@ -58,10 +84,14 @@
|
||||
/* dns_rr_create() creates and initializes one resource record.
|
||||
/* The \fIqname\fR field specifies the query name.
|
||||
/* The \fIrname\fR field specifies the reply name.
|
||||
@ -327,7 +323,7 @@ index b550788..15b5dee 100644
|
||||
/* dns_rr_free() releases the resource used by of zero or more
|
||||
/* resource records.
|
||||
/*
|
||||
@@ -81,6 +111,9 @@
|
||||
@@ -91,6 +121,9 @@
|
||||
/* dns_rr_remove() removes the specified record from the specified list.
|
||||
/* The updated list is the result value.
|
||||
/* The record MUST be a list member.
|
||||
@ -337,7 +333,7 @@ index b550788..15b5dee 100644
|
||||
/* LICENSE
|
||||
/* .ad
|
||||
/* .fi
|
||||
@@ -113,11 +146,15 @@
|
||||
@@ -133,11 +166,15 @@ int var_dns_rr_list_limit = 100;
|
||||
DNS_RR *dns_rr_create(const char *qname, const char *rname,
|
||||
ushort type, ushort class,
|
||||
unsigned int ttl, unsigned pref,
|
||||
@ -354,7 +350,7 @@ index b550788..15b5dee 100644
|
||||
rr->qname = mystrdup(qname);
|
||||
rr->rname = mystrdup(rname);
|
||||
rr->type = type;
|
||||
@@ -125,8 +162,14 @@ DNS_RR *dns_rr_create(const char *qname, const char *rname,
|
||||
@@ -145,8 +182,14 @@ DNS_RR *dns_rr_create(const char *qname, const char *rname,
|
||||
rr->ttl = ttl;
|
||||
rr->dnssec_valid = 0;
|
||||
rr->pref = pref;
|
||||
@ -369,8 +365,8 @@ index b550788..15b5dee 100644
|
||||
+ }
|
||||
rr->data_len = data_len;
|
||||
rr->next = 0;
|
||||
return (rr);
|
||||
@@ -141,6 +184,8 @@ void dns_rr_free(DNS_RR *rr)
|
||||
rr->flags = 0;
|
||||
@@ -162,6 +205,8 @@ void dns_rr_free(DNS_RR *rr)
|
||||
dns_rr_free(rr->next);
|
||||
myfree(rr->qname);
|
||||
myfree(rr->rname);
|
||||
@ -379,7 +375,7 @@ index b550788..15b5dee 100644
|
||||
myfree((void *) rr);
|
||||
}
|
||||
}
|
||||
@@ -149,16 +194,17 @@ void dns_rr_free(DNS_RR *rr)
|
||||
@@ -170,16 +215,17 @@ void dns_rr_free(DNS_RR *rr)
|
||||
|
||||
DNS_RR *dns_rr_copy(DNS_RR *src)
|
||||
{
|
||||
@ -401,7 +397,7 @@ index b550788..15b5dee 100644
|
||||
dst->next = 0;
|
||||
return (dst);
|
||||
}
|
||||
@@ -247,6 +293,12 @@ DNS_RR *dns_rr_sort(DNS_RR *list, int (*compar) (DNS_RR *, DNS_RR *))
|
||||
@@ -312,6 +358,12 @@ DNS_RR *dns_rr_sort(DNS_RR *list, int (*compar) (DNS_RR *, DNS_RR *))
|
||||
int len;
|
||||
int i;
|
||||
|
||||
@ -414,7 +410,7 @@ index b550788..15b5dee 100644
|
||||
/*
|
||||
* Save state and initialize.
|
||||
*/
|
||||
@@ -293,6 +345,12 @@ DNS_RR *dns_rr_shuffle(DNS_RR *list)
|
||||
@@ -358,6 +410,12 @@ DNS_RR *dns_rr_shuffle(DNS_RR *list)
|
||||
int i;
|
||||
int r;
|
||||
|
||||
@ -427,7 +423,7 @@ index b550788..15b5dee 100644
|
||||
/*
|
||||
* Build linear array with pointers to each list element.
|
||||
*/
|
||||
@@ -345,3 +403,141 @@ DNS_RR *dns_rr_remove(DNS_RR *list, DNS_RR *record)
|
||||
@@ -410,3 +468,141 @@ DNS_RR *dns_rr_remove(DNS_RR *list, DNS_RR *record)
|
||||
}
|
||||
return (list);
|
||||
}
|
||||
@ -633,12 +629,12 @@ index 70e59ac..7eebe3c 100644
|
||||
|
||||
/* dns_strtype - translate DNS query type to string */
|
||||
diff --git a/src/global/mail_params.h b/src/global/mail_params.h
|
||||
index 74459d9..f8bb550 100644
|
||||
index f61227c..963db5d 100644
|
||||
--- a/src/global/mail_params.h
|
||||
+++ b/src/global/mail_params.h
|
||||
@@ -4206,6 +4206,21 @@ extern char *var_info_log_addr_form;
|
||||
#define DEF_RHEL_IPV6_NORMALIZE 0
|
||||
extern bool var_rhel_ipv6_normalize;
|
||||
@@ -4267,6 +4267,21 @@ extern char *var_info_log_addr_form;
|
||||
#define DEF_DNSSEC_PROBE "ns:."
|
||||
extern char *var_dnssec_probe;
|
||||
|
||||
+ /*
|
||||
+ * SRV lookup support.
|
||||
@ -659,7 +655,7 @@ index 74459d9..f8bb550 100644
|
||||
/* .ad
|
||||
/* .fi
|
||||
diff --git a/src/posttls-finger/posttls-finger.c b/src/posttls-finger/posttls-finger.c
|
||||
index a3a9946..b428cb3 100644
|
||||
index ce5d2c0..3cd11ec 100644
|
||||
--- a/src/posttls-finger/posttls-finger.c
|
||||
+++ b/src/posttls-finger/posttls-finger.c
|
||||
@@ -236,6 +236,8 @@
|
||||
@ -709,7 +705,7 @@ index a3a9946..b428cb3 100644
|
||||
addr_list = dns_rr_append(addr_list, addr);
|
||||
return (addr_list);
|
||||
default:
|
||||
@@ -1277,15 +1284,15 @@ static DNS_RR *mx_addr_list(STATE *state, DNS_RR *mx_names)
|
||||
@@ -1279,17 +1286,17 @@ static DNS_RR *mx_addr_list(STATE *state, DNS_RR *mx_names)
|
||||
#endif
|
||||
|
||||
for (rr = mx_names; rr; rr = rr->next) {
|
||||
@ -719,6 +715,8 @@ index a3a9946..b428cb3 100644
|
||||
addr_list = addr_one(state, addr_list, (char *) rr->data, res_opt,
|
||||
- rr->pref);
|
||||
+ rr->pref, rr->port);
|
||||
if (addr_list && DNS_RR_IS_TRUNCATED(addr_list))
|
||||
break;
|
||||
}
|
||||
return (addr_list);
|
||||
}
|
||||
@ -728,7 +726,7 @@ index a3a9946..b428cb3 100644
|
||||
|
||||
static DNS_RR *domain_addr(STATE *state, char *domain)
|
||||
{
|
||||
@@ -1350,6 +1357,74 @@ static DNS_RR *domain_addr(STATE *state, char *domain)
|
||||
@@ -1354,6 +1361,74 @@ static DNS_RR *domain_addr(STATE *state, char *domain)
|
||||
return (addr_list);
|
||||
}
|
||||
|
||||
@ -803,7 +801,7 @@ index a3a9946..b428cb3 100644
|
||||
/* host_addr - direct host lookup */
|
||||
|
||||
static DNS_RR *host_addr(STATE *state, const char *host)
|
||||
@@ -1376,7 +1451,8 @@ static DNS_RR *host_addr(STATE *state, const char *host)
|
||||
@@ -1380,7 +1455,8 @@ static DNS_RR *host_addr(STATE *state, const char *host)
|
||||
ahost = host;
|
||||
|
||||
#define PREF0 0
|
||||
@ -813,7 +811,7 @@ index a3a9946..b428cb3 100644
|
||||
if (addr_list && addr_list->next) {
|
||||
addr_list = dns_rr_shuffle(addr_list);
|
||||
if (inet_proto_info()->ai_family_list[1] != 0)
|
||||
@@ -1465,7 +1541,8 @@ static int dane_host_level(STATE *state, DNS_RR *addr)
|
||||
@@ -1469,7 +1545,8 @@ static int dane_host_level(STATE *state, DNS_RR *addr)
|
||||
/* parse_destination - parse host/port destination */
|
||||
|
||||
static char *parse_destination(char *destination, char *def_service,
|
||||
@ -823,7 +821,7 @@ index a3a9946..b428cb3 100644
|
||||
{
|
||||
char *buf = mystrdup(destination);
|
||||
char *service;
|
||||
@@ -1481,12 +1558,13 @@ static char *parse_destination(char *destination, char *def_service,
|
||||
@@ -1485,12 +1562,13 @@ static char *parse_destination(char *destination, char *def_service,
|
||||
* Parse the host/port information. We're working with a copy of the
|
||||
* destination argument so the parsing can be destructive.
|
||||
*/
|
||||
@ -838,7 +836,7 @@ index a3a9946..b428cb3 100644
|
||||
if (alldig(service)) {
|
||||
if ((port = atoi(service)) >= 65536 || port == 0)
|
||||
msg_fatal("bad network port in destination: %s", destination);
|
||||
@@ -1507,17 +1585,21 @@ static char *parse_destination(char *destination, char *def_service,
|
||||
@@ -1511,17 +1589,21 @@ static char *parse_destination(char *destination, char *def_service,
|
||||
static void connect_remote(STATE *state, char *dest)
|
||||
{
|
||||
DNS_RR *addr;
|
||||
@ -847,9 +845,9 @@ index a3a9946..b428cb3 100644
|
||||
|
||||
/* When reconnecting use IP address of previous session */
|
||||
if (state->addr == 0) {
|
||||
+ char *buf;
|
||||
+ char *domain;
|
||||
+ char *service;
|
||||
+ char *buf;
|
||||
+ char *domain;
|
||||
+ char *service;
|
||||
+
|
||||
buf = parse_destination(dest, state->smtp ? "smtp" : "24",
|
||||
- &domain, &state->port);
|
||||
@ -863,7 +861,7 @@ index a3a9946..b428cb3 100644
|
||||
else
|
||||
state->addr = domain_addr(state, domain);
|
||||
myfree(buf);
|
||||
@@ -1531,10 +1613,14 @@ static void connect_remote(STATE *state, char *dest)
|
||||
@@ -1535,10 +1617,14 @@ static void connect_remote(STATE *state, char *dest)
|
||||
for (addr = state->addr; addr; addr = addr->next) {
|
||||
int level = dane_host_level(state, addr);
|
||||
|
||||
@ -874,13 +872,13 @@ index a3a9946..b428cb3 100644
|
||||
|| (state->stream = connect_addr(state, addr)) == 0) {
|
||||
- msg_info("Failed to establish session to %s via %s: %s",
|
||||
- dest, HNAME(addr), vstring_str(state->why->reason));
|
||||
+ msg_info("Failed to establish session to %s via %s:%u: %s",
|
||||
+ dest, HNAME(addr), addr->port,
|
||||
+ msg_info("Failed to establish session to %s via %s:%u: %s",
|
||||
+ dest, HNAME(addr), addr->port,
|
||||
+ vstring_str(state->why->reason));
|
||||
continue;
|
||||
}
|
||||
/* We have a connection */
|
||||
@@ -1819,6 +1905,7 @@ static void parse_options(STATE *state, int argc, char *argv[])
|
||||
@@ -1823,6 +1909,7 @@ static void parse_options(STATE *state, int argc, char *argv[])
|
||||
|
||||
state->smtp = 1;
|
||||
state->pass = 1;
|
||||
@ -888,7 +886,7 @@ index a3a9946..b428cb3 100644
|
||||
state->reconnect = -1;
|
||||
state->max_reconnect = 5;
|
||||
state->wrapper_mode = 0;
|
||||
@@ -1829,7 +1916,7 @@ static void parse_options(STATE *state, int argc, char *argv[])
|
||||
@@ -1833,7 +1920,7 @@ static void parse_options(STATE *state, int argc, char *argv[])
|
||||
memset((void *) &state->options, 0, sizeof(state->options));
|
||||
state->options.host_lookup = mystrdup("dns");
|
||||
|
||||
@ -897,7 +895,7 @@ index a3a9946..b428cb3 100644
|
||||
#ifdef USE_TLS
|
||||
#define TLSOPTS "A:Cd:fF:g:H:k:K:l:L:m:M:p:P:r:s:wX"
|
||||
|
||||
@@ -1868,6 +1955,9 @@ static void parse_options(STATE *state, int argc, char *argv[])
|
||||
@@ -1872,6 +1959,9 @@ static void parse_options(STATE *state, int argc, char *argv[])
|
||||
case 'o':
|
||||
override(optarg);
|
||||
break;
|
||||
@ -928,7 +926,7 @@ index 973cb5d..ff074cd 100644
|
||||
0,
|
||||
};
|
||||
diff --git a/src/smtp/smtp.c b/src/smtp/smtp.c
|
||||
index 6ca2d5c..f402876 100644
|
||||
index 9a28cc2..29b17fc 100644
|
||||
--- a/src/smtp/smtp.c
|
||||
+++ b/src/smtp/smtp.c
|
||||
@@ -146,6 +146,7 @@
|
||||
@ -939,10 +937,10 @@ index 6ca2d5c..f402876 100644
|
||||
/* RFC 2920 (SMTP Pipelining)
|
||||
/* RFC 3207 (STARTTLS command)
|
||||
/* RFC 3461 (SMTP DSN Extension)
|
||||
@@ -330,6 +331,17 @@
|
||||
/* .IP "\fBinfo_log_address_format (external)\fR"
|
||||
/* The email address form that will be used in non-debug logging
|
||||
/* (info, warning, etc.).
|
||||
@@ -336,6 +337,17 @@
|
||||
/* The DNS query type (default: "ns") and DNS query name (default:
|
||||
/* ".") that Postfix may use to determine whether DNSSEC validation
|
||||
/* is available.
|
||||
+/* .PP
|
||||
+/* Backported from Postfix version 3.8:
|
||||
+/* .IP "\fBuse_srv_lookup (empty)\fR"
|
||||
@ -957,7 +955,7 @@ index 6ca2d5c..f402876 100644
|
||||
/* MIME PROCESSING CONTROLS
|
||||
/* .ad
|
||||
/* .fi
|
||||
@@ -1046,6 +1058,9 @@ bool var_smtp_dummy_mail_auth;
|
||||
@@ -1059,6 +1071,9 @@ bool var_smtp_dummy_mail_auth;
|
||||
char *var_smtp_dsn_filter;
|
||||
char *var_smtp_dns_re_filter;
|
||||
bool var_smtp_balance_inet_proto;
|
||||
@ -967,7 +965,7 @@ index 6ca2d5c..f402876 100644
|
||||
|
||||
/* Special handling of 535 AUTH errors. */
|
||||
char *var_smtp_sasl_auth_cache_name;
|
||||
@@ -1068,6 +1083,7 @@ MAPS *smtp_pix_bug_maps;
|
||||
@@ -1081,6 +1096,7 @@ MAPS *smtp_pix_bug_maps;
|
||||
HBC_CHECKS *smtp_header_checks; /* limited header checks */
|
||||
HBC_CHECKS *smtp_body_checks; /* limited body checks */
|
||||
SMTP_CLI_ATTR smtp_cli_attr; /* parsed command-line */
|
||||
@ -975,7 +973,7 @@ index 6ca2d5c..f402876 100644
|
||||
|
||||
#ifdef USE_TLS
|
||||
|
||||
@@ -1351,6 +1367,14 @@ static void post_init(char *unused_name, char **argv)
|
||||
@@ -1364,6 +1380,14 @@ static void post_init(char *unused_name, char **argv)
|
||||
* the process lifetime.
|
||||
*/
|
||||
get_cli_attr(&smtp_cli_attr, argv);
|
||||
@ -991,7 +989,7 @@ index 6ca2d5c..f402876 100644
|
||||
|
||||
/* pre_init - pre-jail initialization */
|
||||
diff --git a/src/smtp/smtp.h b/src/smtp/smtp.h
|
||||
index 281cfe4..3f4c209 100644
|
||||
index 4fea37a..ab91b7e 100644
|
||||
--- a/src/smtp/smtp.h
|
||||
+++ b/src/smtp/smtp.h
|
||||
@@ -84,6 +84,14 @@ typedef struct SMTP_ITERATOR {
|
||||
@ -1027,7 +1025,7 @@ index 281cfe4..3f4c209 100644
|
||||
|
||||
extern TLS_APPL_STATE *smtp_tls_ctx; /* client-side TLS engine */
|
||||
diff --git a/src/smtp/smtp_addr.c b/src/smtp/smtp_addr.c
|
||||
index 2210ff7..7f20838 100644
|
||||
index 7509edc..d39f970 100644
|
||||
--- a/src/smtp/smtp_addr.c
|
||||
+++ b/src/smtp/smtp_addr.c
|
||||
@@ -17,6 +17,15 @@
|
||||
@ -1107,7 +1105,7 @@ index 2210ff7..7f20838 100644
|
||||
addr_list = dns_rr_append(addr_list, addr);
|
||||
return (addr_list);
|
||||
default:
|
||||
@@ -283,10 +309,10 @@ static DNS_RR *smtp_addr_list(DNS_RR *mx_names, DSN_BUF *why)
|
||||
@@ -285,10 +311,10 @@ static DNS_RR *smtp_addr_list(DNS_RR *mx_names, DSN_BUF *why)
|
||||
* tweaking the in-process resolver flags.
|
||||
*/
|
||||
for (rr = mx_names; rr; rr = rr->next) {
|
||||
@ -1117,10 +1115,10 @@ index 2210ff7..7f20838 100644
|
||||
addr_list = smtp_addr_one(addr_list, (char *) rr->data, res_opt,
|
||||
- rr->pref, why);
|
||||
+ rr->pref, rr->port, why);
|
||||
if (addr_list && DNS_RR_IS_TRUNCATED(addr_list))
|
||||
break;
|
||||
}
|
||||
return (addr_list);
|
||||
}
|
||||
@@ -669,7 +695,7 @@ DNS_RR *smtp_host_addr(const char *host, int misc_flags, DSN_BUF *why)
|
||||
@@ -680,7 +706,7 @@ DNS_RR *smtp_host_addr(const char *host, int misc_flags, DSN_BUF *why)
|
||||
* address to internal form. Otherwise, the host is specified by name.
|
||||
*/
|
||||
#define PREF0 0
|
||||
@ -1129,7 +1127,7 @@ index 2210ff7..7f20838 100644
|
||||
if (addr_list
|
||||
&& (misc_flags & SMTP_MISC_FLAG_LOOP_DETECT)
|
||||
&& smtp_find_self(addr_list) != 0) {
|
||||
@@ -691,3 +717,135 @@ DNS_RR *smtp_host_addr(const char *host, int misc_flags, DSN_BUF *why)
|
||||
@@ -702,3 +728,135 @@ DNS_RR *smtp_host_addr(const char *host, int misc_flags, DSN_BUF *why)
|
||||
smtp_print_addr(host, addr_list);
|
||||
return (addr_list);
|
||||
}
|
||||
@ -1527,10 +1525,10 @@ index 1b3a20e..3ac4ccc 100644
|
||||
msg_warn("smtp_session_passivate: bad cached dest properties");
|
||||
SMTP_SESSION_ACTIVATE_ERR_RETURN();
|
||||
diff --git a/src/smtpd/smtpd_check.c b/src/smtpd/smtpd_check.c
|
||||
index 85d5944..a60e878 100644
|
||||
index 69119ad..2af9e98 100644
|
||||
--- a/src/smtpd/smtpd_check.c
|
||||
+++ b/src/smtpd/smtpd_check.c
|
||||
@@ -3056,8 +3056,8 @@ static int check_server_access(SMTPD_STATE *state, const char *table,
|
||||
@@ -3067,8 +3067,8 @@ static int check_server_access(SMTPD_STATE *state, const char *table,
|
||||
|| type == T_AAAA
|
||||
#endif
|
||||
) {
|
||||
@ -1541,7 +1539,7 @@ index 85d5944..a60e878 100644
|
||||
} else {
|
||||
dns_status = dns_lookup(domain, type, 0, &server_list,
|
||||
(VSTRING *) 0, (VSTRING *) 0);
|
||||
@@ -3065,8 +3065,8 @@ static int check_server_access(SMTPD_STATE *state, const char *table,
|
||||
@@ -3076,8 +3076,8 @@ static int check_server_access(SMTPD_STATE *state, const char *table,
|
||||
return (SMTPD_CHECK_DUNNO);
|
||||
if (dns_status == DNS_NOTFOUND /* Not: h_errno == NO_DATA */ ) {
|
||||
if (type == T_MX) {
|
12
postfix-3.5.9-glibc-234-build-fix.patch
Normal file
12
postfix-3.5.9-glibc-234-build-fix.patch
Normal file
@ -0,0 +1,12 @@
|
||||
diff --git a/src/util/sys_defs.h b/src/util/sys_defs.h
|
||||
index 99bec9b..95c78ec 100644
|
||||
--- a/src/util/sys_defs.h
|
||||
+++ b/src/util/sys_defs.h
|
||||
@@ -802,6 +803,7 @@ extern int initgroups(const char *, int);
|
||||
#define _PATH_PROCNET_IFINET6 "/proc/net/if_inet6"
|
||||
#endif
|
||||
#endif
|
||||
+#define HAS_CLOSEFROM
|
||||
#include <linux/version.h>
|
||||
#if !defined(KERNEL_VERSION)
|
||||
#define KERNEL_VERSION(a,b,c) (LINUX_VERSION_CODE + 1)
|
87
postfix-aliases
Normal file
87
postfix-aliases
Normal file
@ -0,0 +1,87 @@
|
||||
# Default aliases file for postfix
|
||||
#
|
||||
# this file should be in /etc or in /etc/postfix but if you want it in
|
||||
# /etc/postfix you'll have to adjust your /etc/postfix/main.cf file accordingly
|
||||
#
|
||||
# Aliases in this file will NOT be expanded in the header from
|
||||
# mail, but WILL be visible over networks or from /bin/mail.
|
||||
#
|
||||
# Following alias is required by the mail protocol, RFC 822 (and by RFC2142)
|
||||
# Set it to the address of a HUMAN who deals with this system's mail problems.
|
||||
#
|
||||
# For various security reasons, postfix WILL NOT deliver mail as root, so
|
||||
# ensure that the root alias is aliased to a HUMAN user, as otherwise
|
||||
# mail may get delivered to the $default_privs user (nobody).
|
||||
postmaster: root
|
||||
|
||||
# Many mailers use this address to represent the empty SMTP return
|
||||
# path
|
||||
MAILER-DAEMON: postmaster
|
||||
|
||||
|
||||
# Common aliases for system accounts.
|
||||
bin: root
|
||||
daemon: root
|
||||
games: root
|
||||
ingres: root
|
||||
nobody: root
|
||||
system: root
|
||||
toor: root
|
||||
foo: root
|
||||
falken: root
|
||||
|
||||
# Well-known aliases.
|
||||
admin: root
|
||||
manager: root
|
||||
dumper: root
|
||||
operator: root
|
||||
|
||||
# traps to catch security attacks
|
||||
decode: root
|
||||
moof: root
|
||||
moog: root
|
||||
|
||||
# The following aliases are required by RFC 2142
|
||||
info: staff
|
||||
marketing: staff
|
||||
sales: staff
|
||||
support: staff
|
||||
|
||||
# Standard aliases also defined by RFC 2142
|
||||
abuse: postmaster
|
||||
# reports of network infrastructure difficulties
|
||||
noc: root
|
||||
# address to report secuirty problems
|
||||
security: root
|
||||
# DNS administrator (DNS soa records should use this)
|
||||
hostmaster: root
|
||||
# Usenet news service administrator
|
||||
news: usenet
|
||||
usenet: root
|
||||
# http/web service administrator
|
||||
www: webmaster
|
||||
webmaster: root
|
||||
# UUCP service administrator
|
||||
uucp: root
|
||||
# FTP administrator (especially anonymouse FTP)
|
||||
ftp: root
|
||||
|
||||
# Commonly used group aliases:
|
||||
#
|
||||
staff: postmaster
|
||||
office: postmaster
|
||||
all: postmaster
|
||||
tech: postmaster
|
||||
ops: postmaster
|
||||
|
||||
# Person who should get root's mail. This alias
|
||||
# must exist.
|
||||
# CHANGE THIS LINE to an account of a HUMAN
|
||||
root: postfix
|
||||
|
||||
# Note to the user: You must create the alias above!
|
||||
# The root alias *must* exist under postfix because
|
||||
# postfix runs as a non-privileged user and cannot
|
||||
# touch a spool file which is UID/GID root
|
||||
# The mapping to the postfix user is to ensure that root's mail
|
||||
# doesn't get lost on a system installed out of the box.
|
164
postfix-etc-init.d-postfix
Normal file
164
postfix-etc-init.d-postfix
Normal file
@ -0,0 +1,164 @@
|
||||
#!/bin/bash
|
||||
#
|
||||
# postfix Postfix Mail Transfer Agent
|
||||
#
|
||||
# chkconfig: - 80 30
|
||||
# description: Postfix is a Mail Transport Agent, which is the program \
|
||||
# that moves mail from one machine to another.
|
||||
# processname: master
|
||||
# pidfile: /var/spool/postfix/pid/master.pid
|
||||
# config: /etc/postfix/main.cf
|
||||
# config: /etc/postfix/master.cf
|
||||
#
|
||||
# Based on startup script from Simon J Mudd <sjmudd@pobox.com>
|
||||
# 25/02/99: Mostly s/sendmail/postfix/g by John A. Martin <jam@jamux.com>
|
||||
# 23/11/00: Changes & suggestions by Ajay Ramaswamy <ajayr@bigfoot.com>
|
||||
# 20/01/01: Changes to fall in line with RedHat 7.0 style
|
||||
# 23/02/01: Fix a few untidy problems with help from Daniel Roesen.
|
||||
|
||||
### BEGIN INIT INFO
|
||||
# Provides: postfix $mail-transfer-agent
|
||||
# Required-Start: $local_fs $network $remote_fs
|
||||
# Required-Stop: $local_fs $network $remote_fs
|
||||
# Short-Description: start and stop postfix
|
||||
# Description: Postfix is a Mail Transport Agent, which is the program that
|
||||
# moves mail from one machine to another.
|
||||
### END INIT INFO
|
||||
|
||||
# Source function library.
|
||||
. /etc/rc.d/init.d/functions
|
||||
|
||||
# Source networking configuration.
|
||||
. /etc/sysconfig/network
|
||||
|
||||
RETVAL=0
|
||||
prog="postfix"
|
||||
lockfile=/var/lock/subsys/$prog
|
||||
pidfile=/var/spool/postfix/pid/master.pid
|
||||
|
||||
ALIASESDB_STAMP=/var/lib/misc/postfix.aliasesdb-stamp
|
||||
|
||||
# Script to update chroot environment
|
||||
CHROOT_UPDATE=/etc/postfix/chroot-update
|
||||
|
||||
status -p $pidfile -l $(basename $lockfile) master >/dev/null 2>&1
|
||||
running=$?
|
||||
|
||||
conf_check() {
|
||||
[ -x /usr/sbin/postfix ] || exit 5
|
||||
[ -d /etc/postfix ] || exit 6
|
||||
[ -d /var/spool/postfix ] || exit 5
|
||||
}
|
||||
|
||||
make_aliasesdb() {
|
||||
if [ "$(/usr/sbin/postconf -h alias_database)" == "hash:/etc/aliases" ]
|
||||
then
|
||||
# /etc/aliases.db may be used by other MTA, make sure nothing
|
||||
# has touched it since our last newaliases call
|
||||
[ /etc/aliases -nt /etc/aliases.db ] ||
|
||||
[ "$ALIASESDB_STAMP" -nt /etc/aliases.db ] ||
|
||||
[ "$ALIASESDB_STAMP" -ot /etc/aliases.db ] || return
|
||||
/usr/bin/newaliases
|
||||
touch -r /etc/aliases.db "$ALIASESDB_STAMP"
|
||||
else
|
||||
/usr/bin/newaliases
|
||||
fi
|
||||
}
|
||||
|
||||
start() {
|
||||
[ "$EUID" != "0" ] && exit 4
|
||||
# Check that networking is up.
|
||||
[ ${NETWORKING} = "no" ] && exit 1
|
||||
conf_check
|
||||
# Start daemons.
|
||||
echo -n $"Starting postfix: "
|
||||
make_aliasesdb >/dev/null 2>&1
|
||||
[ -x $CHROOT_UPDATE ] && $CHROOT_UPDATE
|
||||
/usr/sbin/postfix start 2>/dev/null 1>&2 && success || failure $"$prog start"
|
||||
RETVAL=$?
|
||||
[ $RETVAL -eq 0 ] && touch $lockfile
|
||||
echo
|
||||
return $RETVAL
|
||||
}
|
||||
|
||||
stop() {
|
||||
[ "$EUID" != "0" ] && exit 4
|
||||
conf_check
|
||||
# Stop daemons.
|
||||
echo -n $"Shutting down postfix: "
|
||||
/usr/sbin/postfix stop 2>/dev/null 1>&2 && success || failure $"$prog stop"
|
||||
RETVAL=$?
|
||||
[ $RETVAL -eq 0 ] && rm -f $lockfile $pidfile
|
||||
echo
|
||||
return $RETVAL
|
||||
}
|
||||
|
||||
reload() {
|
||||
conf_check
|
||||
echo -n $"Reloading postfix: "
|
||||
[ -x $CHROOT_UPDATE ] && $CHROOT_UPDATE
|
||||
/usr/sbin/postfix reload 2>/dev/null 1>&2 && success || failure $"$prog reload"
|
||||
RETVAL=$?
|
||||
echo
|
||||
return $RETVAL
|
||||
}
|
||||
|
||||
abort() {
|
||||
conf_check
|
||||
/usr/sbin/postfix abort 2>/dev/null 1>&2 && success || failure $"$prog abort"
|
||||
return $?
|
||||
}
|
||||
|
||||
flush() {
|
||||
conf_check
|
||||
/usr/sbin/postfix flush 2>/dev/null 1>&2 && success || failure $"$prog flush"
|
||||
return $?
|
||||
}
|
||||
|
||||
check() {
|
||||
conf_check
|
||||
/usr/sbin/postfix check 2>/dev/null 1>&2 && success || failure $"$prog check"
|
||||
return $?
|
||||
}
|
||||
|
||||
# See how we were called.
|
||||
case "$1" in
|
||||
start)
|
||||
[ $running -eq 0 ] && exit 0
|
||||
start
|
||||
;;
|
||||
stop)
|
||||
[ $running -eq 0 ] || exit 0
|
||||
stop
|
||||
;;
|
||||
restart|force-reload)
|
||||
stop
|
||||
start
|
||||
;;
|
||||
reload)
|
||||
[ $running -eq 0 ] || exit 7
|
||||
reload
|
||||
;;
|
||||
abort)
|
||||
abort
|
||||
;;
|
||||
flush)
|
||||
flush
|
||||
;;
|
||||
check)
|
||||
check
|
||||
;;
|
||||
status)
|
||||
status -p $pidfile -l $(basename $lockfile) master
|
||||
;;
|
||||
condrestart)
|
||||
[ $running -eq 0 ] || exit 0
|
||||
stop
|
||||
start
|
||||
;;
|
||||
*)
|
||||
echo $"Usage: $0 {start|stop|restart|reload|abort|flush|check|status|condrestart}"
|
||||
exit 2
|
||||
esac
|
||||
|
||||
exit $?
|
@ -21,12 +21,9 @@
|
||||
# Postfix requires one exlusive uid/gid and a 2nd exclusive gid for its own
|
||||
# use. Let me know if the second gid collides with another package.
|
||||
# Be careful: Redhat's 'mail' user & group isn't unique!
|
||||
%define postfix_uid 89
|
||||
# It's now handled by systemd-sysusers.
|
||||
%define postfix_user postfix
|
||||
%define postfix_gid 89
|
||||
%define postfix_group postfix
|
||||
%define maildrop_group postdrop
|
||||
%define maildrop_gid 90
|
||||
|
||||
%define postfix_config_dir %{_sysconfdir}/postfix
|
||||
%define postfix_daemon_dir %{_libexecdir}/postfix
|
||||
@ -48,18 +45,14 @@
|
||||
|
||||
Name: postfix
|
||||
Summary: Postfix Mail Transport Agent
|
||||
Version: 3.5.8
|
||||
Release: 7%{?dist}
|
||||
Version: 3.5.25
|
||||
Release: 1%{?dist}
|
||||
Epoch: 2
|
||||
Group: System Environment/Daemons
|
||||
URL: http://www.postfix.org
|
||||
License: (IBM and GPLv2+) or (EPL-2.0 and GPLv2+)
|
||||
Requires(post): systemd hostname
|
||||
Requires(post): systemd systemd-sysv hostname
|
||||
Requires(post): %{_sbindir}/alternatives
|
||||
Requires(post): %{_bindir}/openssl
|
||||
Requires(post): %{_bindir}/hostname
|
||||
Requires(pre): %{_sbindir}/groupadd
|
||||
Requires(pre): %{_sbindir}/useradd
|
||||
Requires(preun): %{_sbindir}/alternatives
|
||||
Requires(preun): systemd
|
||||
Requires(postun): systemd
|
||||
@ -71,11 +64,12 @@ Requires: policycoreutils
|
||||
Provides: MTA smtpd smtpdaemon server(smtp)
|
||||
|
||||
Source0: ftp://ftp.porcupine.org/mirrors/postfix-release/official/%{name}-%{version}.tar.gz
|
||||
Source1: postfix-etc-init.d-postfix
|
||||
Source2: postfix.service
|
||||
Source3: README-Postfix-SASL-RedHat.txt
|
||||
Source4: postfix.aliasesdb
|
||||
Source5: postfix-chroot-update
|
||||
Source6: README-RedHat.txt
|
||||
Source6: postfix.sysusers
|
||||
|
||||
# Sources 50-99 are upstream [patch] contributions
|
||||
|
||||
@ -99,30 +93,36 @@ Patch9: pflogsumm-1.1.5-datecalc.patch
|
||||
# rhbz#1384871, sent upstream
|
||||
Patch10: pflogsumm-1.1.5-ipv6-warnings-fix.patch
|
||||
Patch11: postfix-3.4.4-chroot-example-fix.patch
|
||||
Patch12: postfix-3.5.8-back-compat-3.3.1.patch
|
||||
Patch13: postfix-3.5.8-whitespace-name-fix.patch
|
||||
# rhbz#1931403, sent upstream
|
||||
# unconditional glibc-2.34 API assumption, because it seems
|
||||
# in RHEL-9 this feature was also backported to 2.33,
|
||||
# upstream uses conditional check for 2.34 API
|
||||
Patch12: postfix-3.5.9-glibc-234-build-fix.patch
|
||||
# rhbz#1978901, sent upstream
|
||||
Patch13: postfix-3.5.9-whitespace-name-fix.patch
|
||||
Patch14: pflogsumm-1.1.5-syslog-name-underscore-fix.patch
|
||||
# rhbz#1787010, patch backported from upstream
|
||||
Patch15: postfix-3.5.8-SRV-resolve.patch
|
||||
# rhbz#2196577, ZUUL CI uses kernel 6 and we have to add this to postfix
|
||||
Patch16: postfix-3.5.8-makedefs.patch
|
||||
# rhbz#2134789, backported feature from upstream
|
||||
Patch15: postfix-3.5.25-SRV-resolve.patch
|
||||
|
||||
# Optional patches - set the appropriate environment variables to include
|
||||
# them when building the package/spec file
|
||||
|
||||
|
||||
# Determine the different packages required for building postfix
|
||||
BuildRequires: make
|
||||
BuildRequires: libdb-devel, perl-generators, pkgconfig, zlib-devel
|
||||
BuildRequires: systemd-units, libicu-devel, libnsl2-devel
|
||||
BuildRequires: systemd-units, libicu-devel
|
||||
BuildRequires: gcc, m4, findutils
|
||||
BuildRequires: systemd-rpm-macros
|
||||
%if 0%{?rhel} < 9
|
||||
BuildRequires: libnsl2-devel
|
||||
%endif
|
||||
|
||||
%{?with_ldap:BuildRequires: openldap-devel}
|
||||
%{?with_lmdb:BuildRequires: lmdb-devel}
|
||||
%{?with_sasl:BuildRequires: cyrus-sasl-devel}
|
||||
%{?with_pcre:BuildRequires: pcre-devel}
|
||||
%{?with_mysql:BuildRequires: mariadb-connector-c-devel}
|
||||
%{?with_pgsql:BuildRequires: postgresql-devel}
|
||||
%{?with_pgsql:BuildRequires: libpq-devel}
|
||||
%{?with_sqlite:BuildRequires: sqlite-devel}
|
||||
%{?with_cdb:BuildRequires: tinycdb-devel}
|
||||
%{?with_tls:BuildRequires: openssl-devel}
|
||||
@ -130,9 +130,20 @@ BuildRequires: gcc, m4, findutils
|
||||
%description
|
||||
Postfix is a Mail Transport Agent (MTA).
|
||||
|
||||
%if 0%{?fedora} < 23 && 0%{?rhel} < 9
|
||||
%package sysvinit
|
||||
Summary: SysV initscript for postfix
|
||||
BuildArch: noarch
|
||||
Requires: %{name} = %{epoch}:%{version}-%{release}
|
||||
Requires(preun): chkconfig
|
||||
Requires(post): chkconfig
|
||||
|
||||
%description sysvinit
|
||||
This package contains the SysV initscript.
|
||||
%endif
|
||||
|
||||
%package perl-scripts
|
||||
Summary: Postfix utilities written in perl
|
||||
Group: Applications/System
|
||||
Requires: %{name} = %{epoch}:%{version}-%{release}
|
||||
# perl-scripts introduced in 2:2.5.5-2
|
||||
Obsoletes: postfix < 2:2.5.5-2
|
||||
@ -242,14 +253,10 @@ pushd pflogsumm-%{pflogsumm_ver}
|
||||
popd
|
||||
%endif
|
||||
%patch11 -p1 -b .chroot-example-fix
|
||||
# Improve backward compatibility with postfix-3.3.1,
|
||||
# for details see rhbz#1688389
|
||||
%patch12 -p1 -b .back-compat-3.3.1
|
||||
# rhbz#1977732, sent upstream
|
||||
%patch12 -p1 -b .glibc-234-build-fix
|
||||
%patch13 -p1 -b .whitespace-name-fix
|
||||
%patch14 -p1 -b .pflogsumm-1.1.5-syslog-name-underscore-fix
|
||||
%patch15 -p1 -b .SRV-resolve
|
||||
%patch16 -p1 -b .makedefs
|
||||
%patch15 -p1 -b .SRV-resolution
|
||||
|
||||
for f in README_FILES/TLS_{LEGACY_,}README TLS_ACKNOWLEDGEMENTS; do
|
||||
iconv -f iso8859-1 -t utf8 -o ${f}{_,} &&
|
||||
@ -259,7 +266,11 @@ done
|
||||
%build
|
||||
unset AUXLIBS AUXLIBS_LDAP AUXLIBS_LMDB AUXLIBS_PCRE AUXLIBS_MYSQL AUXLIBS_PGSQL AUXLIBS_SQLITE AUXLIBS_CDB
|
||||
CCARGS="-fPIC -fcommon"
|
||||
%if 0%{?rhel} >= 9
|
||||
AUXLIBS=""
|
||||
%else
|
||||
AUXLIBS="-lnsl"
|
||||
%endif
|
||||
|
||||
%ifarch s390 s390x ppc
|
||||
CCARGS="${CCARGS} -fsigned-char"
|
||||
@ -314,7 +325,9 @@ CCARGS="${CCARGS} -fsigned-char"
|
||||
|
||||
CCARGS="${CCARGS} -DDEF_CONFIG_DIR=\\\"%{postfix_config_dir}\\\""
|
||||
CCARGS="${CCARGS} $(getconf LFS_CFLAGS)"
|
||||
|
||||
%if 0%{?rhel} >= 9
|
||||
CCARGS="${CCARGS} -DNO_NIS"
|
||||
%endif
|
||||
LDFLAGS="%{?__global_ldflags} %{?_hardened_build:-Wl,-z,relro,-z,now}"
|
||||
|
||||
# SHLIB_RPATH is needed to find private libraries
|
||||
@ -367,6 +380,9 @@ install -m 644 %{SOURCE2} %{buildroot}%{_unitdir}
|
||||
install -m 755 %{SOURCE4} %{buildroot}%{postfix_daemon_dir}/aliasesdb
|
||||
install -m 755 %{SOURCE5} %{buildroot}%{postfix_daemon_dir}/chroot-update
|
||||
|
||||
# systemd-sysusers
|
||||
install -p -D -m 0644 %{SOURCE6} %{buildroot}%{_sysusersdir}/postfix.conf
|
||||
|
||||
install -c auxiliary/rmail/rmail $RPM_BUILD_ROOT%{_bindir}/rmail.postfix
|
||||
|
||||
for i in active bounce corrupt defer deferred flush incoming private saved maildrop public pid saved trace; do
|
||||
@ -396,7 +412,7 @@ install -m 644 %{SOURCE101} $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/smtp.postfix
|
||||
|
||||
# prepare documentation
|
||||
mkdir -p $RPM_BUILD_ROOT%{postfix_doc_dir}
|
||||
cp -p %{SOURCE3} %{SOURCE6} COMPATIBILITY LICENSE TLS_ACKNOWLEDGEMENTS TLS_LICENSE $RPM_BUILD_ROOT%{postfix_doc_dir}
|
||||
cp -p %{SOURCE3} COMPATIBILITY LICENSE TLS_ACKNOWLEDGEMENTS TLS_LICENSE $RPM_BUILD_ROOT%{postfix_doc_dir}
|
||||
|
||||
mkdir -p $RPM_BUILD_ROOT%{postfix_doc_dir}/examples{,/chroot-setup}
|
||||
cp -pr examples/{qmail-local,smtpd-policy} $RPM_BUILD_ROOT%{postfix_doc_dir}/examples
|
||||
@ -502,7 +518,7 @@ fi
|
||||
# Create self-signed SSL certificate
|
||||
if [ ! -f %{sslkey} ]; then
|
||||
umask 077
|
||||
%{_bindir}/openssl genrsa 4096 > %{sslkey} 2> /dev/null
|
||||
%{_bindir}/openssl genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:4096 -out %{sslkey} 2>/dev/null || echo "openssl genpkey failed"
|
||||
fi
|
||||
|
||||
if [ ! -f %{sslcert} ]; then
|
||||
@ -511,8 +527,10 @@ if [ ! -f %{sslcert} ]; then
|
||||
FQDN=localhost.localdomain
|
||||
fi
|
||||
|
||||
%{_bindir}/openssl req -new -key %{sslkey} -x509 -sha256 -days 365 -set_serial $RANDOM -out %{sslcert} \
|
||||
-subj "/C=--/ST=SomeState/L=SomeCity/O=SomeOrganization/OU=SomeOrganizationalUnit/CN=${FQDN}/emailAddress=root@${FQDN}"
|
||||
req_cmd="%{_bindir}/openssl req -new -key %{sslkey} -x509 -sha256 -days 365 -set_serial $RANDOM -out %{sslcert} \
|
||||
-subj /C=--/ST=SomeState/L=SomeCity/O=SomeOrganization/OU=SomeOrganizationalUnit/CN=${FQDN}/emailAddress=root@${FQDN}"
|
||||
# openssl-3.0 and fallback for backward compatibility with openssl < 3.0
|
||||
$req_cmd -noenc -copy_extensions none 2>/dev/null || $req_cmd 2>/dev/null || echo "openssl req failed"
|
||||
chmod 644 %{sslcert}
|
||||
fi
|
||||
|
||||
@ -520,10 +538,7 @@ exit 0
|
||||
|
||||
%pre
|
||||
# Add user and groups if necessary
|
||||
%{_sbindir}/groupadd -g %{maildrop_gid} -r %{maildrop_group} 2>/dev/null
|
||||
%{_sbindir}/groupadd -g %{postfix_gid} -r %{postfix_group} 2>/dev/null
|
||||
%{_sbindir}/groupadd -g 12 -r mail 2>/dev/null
|
||||
%{_sbindir}/useradd -d %{postfix_queue_dir} -s /sbin/nologin -g %{postfix_group} -G mail -M -r -u %{postfix_uid} %{postfix_user} 2>/dev/null
|
||||
%sysusers_create_compat %{SOURCE6}
|
||||
|
||||
# hack, to turn man8/smtpd.8.gz into alternatives symlink (part of the rhbz#1051180 fix)
|
||||
# this could be probably dropped in f23+
|
||||
@ -544,6 +559,23 @@ exit 0
|
||||
%postun
|
||||
%systemd_postun_with_restart %{name}.service
|
||||
|
||||
%if 0%{?fedora} < 23 && 0%{?rhel} < 9
|
||||
%post sysvinit
|
||||
/sbin/chkconfig --add postfix >/dev/null 2>&1 ||:
|
||||
|
||||
%preun sysvinit
|
||||
if [ "$1" = 0 ]; then
|
||||
%{_initrddir}/postfix stop >/dev/null 2>&1 ||:
|
||||
/sbin/chkconfig --del postfix >/dev/null 2>&1 ||:
|
||||
fi
|
||||
|
||||
%postun sysvinit
|
||||
[ "$1" -ge 1 ] && %{_initrddir}/postfix condrestart >/dev/null 2>&1 ||:
|
||||
|
||||
%triggerpostun -n postfix-sysvinit -- postfix < %{sysv2systemdnvr}
|
||||
/sbin/chkconfig --add postfix >/dev/null 2>&1 || :
|
||||
%endif
|
||||
|
||||
%triggerun -- postfix < %{sysv2systemdnvr}
|
||||
%{_bindir}/systemd-sysv-convert --save postfix >/dev/null 2>&1 ||:
|
||||
%{_bindir}/systemd-sysv-convert --apply postfix >/dev/null 2>&1 ||:
|
||||
@ -690,6 +722,14 @@ exit 0
|
||||
|
||||
%ghost %attr(0644, root, root) %{_var}/lib/misc/postfix.aliasesdb-stamp
|
||||
|
||||
# systemd-sysusers
|
||||
%{_sysusersdir}/postfix.conf
|
||||
|
||||
%if 0%{?fedora} < 23 && 0%{?rhel} < 9
|
||||
%files sysvinit
|
||||
%{_initrddir}/postfix
|
||||
%endif
|
||||
|
||||
%files perl-scripts
|
||||
%attr(0755, root, root) %{postfix_command_dir}/qshape
|
||||
%attr(0644, root, root) %{_mandir}/man1/qshape*
|
||||
@ -763,68 +803,236 @@ exit 0
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Mon Aug 14 2023 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.8-7
|
||||
- Fixed possible warning when postfix is restarted
|
||||
Resolves: rhbz#2162659
|
||||
|
||||
* Wed May 17 2023 Tomas Korbar <tkorbar@redhat.com> - 2:3.5.8-6
|
||||
- Fix patch for SRV record resolution feature
|
||||
Related: rhbz#1787010
|
||||
|
||||
* Thu May 04 2023 Tomas Korbar <tkorbar@redhat.com> - 2:3.5.8-5
|
||||
- Backport dns SRV record resolution feature (RFC6186)
|
||||
Resolves: rhbz#1787010
|
||||
- Fix building in ZUUL CI
|
||||
Resolves: rhbz#2196577
|
||||
|
||||
* Thu Feb 17 2022 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.8-4
|
||||
- Added SELinux workound for systemd service to work after 'postfix start'
|
||||
Resolves: rhbz#2028015
|
||||
|
||||
* Mon Jan 17 2022 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.8-3
|
||||
- Fixed pflogsumm to allow underscores in the syslog_name
|
||||
Resolves: rhbz#1931403
|
||||
|
||||
* Thu Aug 5 2021 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.8-2
|
||||
- Fixed cleanup crash when processing messages with whitespace only fullname
|
||||
Resolves: rhbz#1977732
|
||||
|
||||
* Fri Nov 13 2020 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.8-1
|
||||
* Thu Jul 18 2024 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.25-1
|
||||
- New version
|
||||
Resolves: rhbz#1688389
|
||||
Resolves: RHEL-20023
|
||||
- Dropped upstreamed patches
|
||||
|
||||
* Mon Dec 16 2019 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.3.1-12
|
||||
* Mon Aug 14 2023 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.9-24
|
||||
- Fixed possible warning when postfix is restarted
|
||||
Resolves: rhbz#2075571
|
||||
|
||||
* Mon Aug 14 2023 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.9-23
|
||||
- Spec cleanup
|
||||
Related: rhbz#2095454
|
||||
|
||||
* Wed Jul 05 2023 Jonathan Wright <jonathan@almalinux.org> - 2:3.5.9-22
|
||||
- Use systemd-sysusers
|
||||
Resolves: rhbz#2095454
|
||||
|
||||
* Wed May 17 2023 Tomas Korbar <tkorbar@redhat.com> - 2:3.5.9-21
|
||||
- Fix patch for SRV record resolution feature
|
||||
Related: rhbz#2134789
|
||||
|
||||
* Thu May 04 2023 Tomas Korbar <tkorbar@redhat.com> - 2:3.5.9-20
|
||||
- Backport dns SRV record resolution feature (RFC6186)
|
||||
Resolves: rhbz#2134789
|
||||
- Fix building in ZUUL CI
|
||||
Resolves: rhbz#2193363
|
||||
|
||||
* Fri Aug 19 2022 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.9-19
|
||||
- Suppressed openssl output during SSL certificates generation
|
||||
Resolves: rhbz#2041589
|
||||
|
||||
* Tue Feb 22 2022 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.9-18
|
||||
- Added SELinux workound for systemd service to work after 'postfix start'
|
||||
Resolves: rhbz#2055915
|
||||
|
||||
* Tue Feb 15 2022 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.9-17
|
||||
- Fixed problem in the dict_inline found by coverity
|
||||
Resolves: rhbz#1938847
|
||||
|
||||
* Fri Jan 28 2022 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.9-16
|
||||
- Fixed pflogsumm to allow underscores in the syslog_name
|
||||
Resolves: rhbz#2043059
|
||||
|
||||
* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 2:3.5.9-15
|
||||
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
|
||||
Related: rhbz#1991688
|
||||
|
||||
* Thu Aug 5 2021 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.9-14
|
||||
- Fixed cleanup crash when processing messages with whitespace only fullname
|
||||
Resolves: rhbz#1978901
|
||||
|
||||
* Thu Aug 5 2021 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.9-13
|
||||
- Used upstream patch for fixing FTBFS with glibc-2.34
|
||||
Related: rhbz#1984045
|
||||
|
||||
* Tue Aug 3 2021 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.9-12
|
||||
- Fixed openssl req command parameter
|
||||
Related: rhbz#1985918
|
||||
|
||||
* Tue Aug 3 2021 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.9-11
|
||||
- Fixed FTBFS with glibc-2.34
|
||||
Resolves: rhbz#1984045
|
||||
|
||||
* Mon Aug 2 2021 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.9-10
|
||||
- Fixed scriptlets to work with openssl-3.0
|
||||
Resolves: rhbz#1985918
|
||||
|
||||
* Wed Jun 16 2021 Mohan Boddu <mboddu@redhat.com> - 2:3.5.9-9
|
||||
- Rebuilt for RHEL 9 BETA for openssl 3.0
|
||||
Related: rhbz#1971065
|
||||
|
||||
* Thu Apr 22 2021 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.9-8
|
||||
- Fixed NIS build requirements
|
||||
Resolves: rhbz#1942369
|
||||
|
||||
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 2:3.5.9-7
|
||||
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
|
||||
|
||||
* Wed Mar 24 2021 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.9-6
|
||||
- Disable NIS support for RHEL9+ (patch from fjanus@redhat.com)
|
||||
|
||||
* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 2:3.5.9-5
|
||||
- Rebuilt for updated systemd-rpm-macros
|
||||
See https://pagure.io/fesco/issue/2583.
|
||||
|
||||
* Fri Feb 19 2021 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.9-4
|
||||
- Fixed sysvinit conditionals for RHEL
|
||||
Resolves: rhbz#1930709
|
||||
|
||||
* Mon Feb 08 2021 Pavel Raiskup <praiskup@redhat.com> - 2:3.5.9-3
|
||||
- rebuild for libpq ABI fix rhbz#1908268
|
||||
|
||||
* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2:3.5.9-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
|
||||
|
||||
* Mon Jan 18 2021 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.9-1
|
||||
- New version
|
||||
Resolves: rhbz#1917155
|
||||
|
||||
* Mon Nov 9 2020 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.8-1
|
||||
- New version
|
||||
Resolves: rhbz#1895644
|
||||
|
||||
* Mon Aug 31 2020 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.7-1
|
||||
- New version
|
||||
Resolves: rhbz#1873857
|
||||
|
||||
* Thu Aug 6 2020 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.6-2
|
||||
- Minor spec cleanup
|
||||
- Added posttls-finger test tool
|
||||
Resolves: rhbz#1865701
|
||||
|
||||
* Tue Jul 28 2020 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.6-1
|
||||
- New version
|
||||
Resolves: rhbz#1860547
|
||||
|
||||
* Tue Jul 14 2020 Tom Stellard <tstellar@redhat.com> - 2:3.5.4-3
|
||||
- Use make macros
|
||||
- https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
|
||||
|
||||
* Wed Jul 8 2020 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.4-2
|
||||
- Added support for LMDB maps
|
||||
|
||||
* Mon Jun 29 2020 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.4-1
|
||||
- New version
|
||||
Resolves: rhbz#1851650
|
||||
|
||||
* Mon Jun 15 2020 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.3-1
|
||||
- New version
|
||||
Resolves: rhbz#1846939
|
||||
|
||||
* Tue May 19 2020 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.2-1
|
||||
- New version
|
||||
Resolves: rhbz#1836653
|
||||
|
||||
* Fri May 15 2020 Pete Walter <pwalter@fedoraproject.org> - 2:3.5.1-2
|
||||
- Rebuild for ICU 67
|
||||
|
||||
* Mon Apr 20 2020 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.1-1
|
||||
- New version
|
||||
Resolves: rhbz#1825547
|
||||
|
||||
* Mon Mar 16 2020 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.5.0-1
|
||||
- New version
|
||||
Resolves: rhbz#1813740
|
||||
|
||||
* Thu Mar 12 2020 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.4.10-1
|
||||
- New version
|
||||
Resolves: rhbz#1812987
|
||||
|
||||
* Mon Feb 3 2020 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.4.9-1
|
||||
- New version
|
||||
Resolves: rhbz#1797383
|
||||
- Dropped ref-search patch (upstreamed)
|
||||
- Built with -fcommon to overcome FTBFS with gcc-10, problem reported upstream
|
||||
|
||||
* Thu Jan 30 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2:3.4.8-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
|
||||
|
||||
* Mon Dec 16 2019 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.4.8-2
|
||||
- Fixed DNS resolver to use ref_search instead of ref_query
|
||||
Resolves: rhbz#1723950
|
||||
|
||||
* Tue Dec 10 2019 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.3.1-11
|
||||
- Added hostname requirement
|
||||
Resolves: rhbz#1666244
|
||||
* Mon Nov 25 2019 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.4.8-1
|
||||
- New version
|
||||
Resolves: rhbz#1776033
|
||||
|
||||
* Wed Nov 6 2019 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.3.1-10
|
||||
- Release bump and rebuild for relengs to be able to ship postfix-pcre,
|
||||
postfix-cdb, postfix-sqlite
|
||||
Resolves: rhbz#1745321
|
||||
* Fri Nov 01 2019 Pete Walter <pwalter@fedoraproject.org> - 2:3.4.7-3
|
||||
- Rebuild for ICU 65
|
||||
|
||||
* Tue Aug 6 2019 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.3.1-9
|
||||
- Release bump and rebuild for relengs to be able to ship postfix-ldap
|
||||
Resolves: rhbz#1686721
|
||||
* Wed Sep 25 2019 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.4.7-2
|
||||
- Added hostname as explicit requirement for the post scriptlet
|
||||
|
||||
* Tue Dec 4 2018 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.3.1-8
|
||||
* Mon Sep 23 2019 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.4.7-1
|
||||
- New version
|
||||
Resolves: rhbz#1754198
|
||||
|
||||
* Fri Jul 26 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2:3.4.6-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
|
||||
|
||||
* Mon Jul 8 2019 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.4.6-1
|
||||
- New version
|
||||
Resolves: rhbz#1726462
|
||||
|
||||
* Fri May 3 2019 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.4.4-4
|
||||
- Fixed FTBFS with new glibc due to dropped RES macros
|
||||
|
||||
* Fri May 3 2019 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.4.4-3
|
||||
- Added findutils as explicit requirement
|
||||
Resolves: rhbz#1629057
|
||||
|
||||
* Tue Mar 26 2019 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.4.4-2
|
||||
- Fixed example chroot-update script
|
||||
Resolves: rhbz#1398910
|
||||
|
||||
* Fri Mar 15 2019 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.4.4-1
|
||||
- New version
|
||||
Resolves: rhbz#1689029
|
||||
|
||||
* Mon Mar 11 2019 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.4.3-1
|
||||
- New version
|
||||
Resolves: rhbz#1687208
|
||||
|
||||
* Fri Mar 8 2019 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.4.1-1
|
||||
- New version
|
||||
Resolves: rhbz#1686673
|
||||
|
||||
* Fri Mar 1 2019 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.4.0-1
|
||||
- New version
|
||||
Resolves: rhbz#1683855
|
||||
|
||||
* Wed Feb 27 2019 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.3.3-1
|
||||
- New version
|
||||
Resolves: rhbz#1683487
|
||||
|
||||
* Sat Feb 02 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2:3.3.1-9
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
|
||||
|
||||
* Wed Jan 23 2019 Pete Walter <pwalter@fedoraproject.org> - 2:3.3.1-8
|
||||
- Rebuild for ICU 63
|
||||
|
||||
* Mon Dec 3 2018 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.3.1-7
|
||||
- Fixed posttls-finger to work with unix domains
|
||||
Resolves: rhbz#1602663
|
||||
|
||||
* Wed Nov 28 2018 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.3.1-7
|
||||
- Added m4 to BuildRequires
|
||||
Resolves: rhbz#1619187
|
||||
|
||||
* Tue Nov 20 2018 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.3.1-6
|
||||
* Mon Nov 19 2018 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.3.1-6
|
||||
- Used _prefix macro for /usr and _includedir macro for /usr/include
|
||||
Resolves: rhbz#1645239
|
||||
|
||||
* Thu Nov 1 2018 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.3.1-5
|
||||
- Dropped sysv support from the spec
|
||||
Resolves: rhbz#1636961
|
||||
* Mon Aug 20 2018 Jaroslav Škarvada <jskarvad@redhat.com> - 2:3.3.1-5
|
||||
- Added m4 to BuildRequires
|
||||
Resolves: rhbz#1619111
|
||||
|
||||
* Tue Jul 24 2018 Robert Scheck <robert@fedoraproject.org> - 2:3.3.1-4
|
||||
- Add basic postfix TLS configuration by default (#1608050)
|
4
postfix.sysusers
Normal file
4
postfix.sysusers
Normal file
@ -0,0 +1,4 @@
|
||||
u postfix 89 - /var/spool/postfix /sbin/nologin
|
||||
g postdrop 90
|
||||
g mail 12
|
||||
m postfix mail
|
2
sources
Normal file
2
sources
Normal file
@ -0,0 +1,2 @@
|
||||
SHA512 (pflogsumm-1.1.5.tar.gz) = 994d660692dfea38a1dd9866d15f15035657e85131c1f5a2cd82baa5bd4ad987a00939cb5233f316d2090014c52ae68ef20db0c893f8634969484e0e74678f4d
|
||||
SHA512 (postfix-3.5.25.tar.gz) = 25d654fb49429d9c361579e20ca1762ec66e7b71a53b4dbf6057a61f4afee9052ce2f43a55e0349fb4e716b28406fbde69f592855117d28153aecf74434ded0b
|
Loading…
Reference in New Issue
Block a user