From: Bartosz Świątek Date: Tue, 12 Mar 2013 17:31:45 +0000 (+0100) Subject: - re-added postfix again to TLD ;) X-Git-Url: https://git.tld-linux.org/?a=commitdiff_plain;h=bb11d011f6265b67f422f3b87ddedff187ce3118;p=packages%2Fpostfix.git - re-added postfix again to TLD ;) - Version 2.9.6 --- bb11d011f6265b67f422f3b87ddedff187ce3118 diff --git a/format-security.patch b/format-security.patch new file mode 100644 index 0000000..274ff1d --- /dev/null +++ b/format-security.patch @@ -0,0 +1,26 @@ +--- postfix-2.9.4/src/virtual/maildir.c.orig 2012-12-07 08:38:15.031182187 +0100 ++++ postfix-2.9.4/src/virtual/maildir.c 2012-12-07 08:39:11.291180202 +0100 +@@ -972,19 +972,19 @@ + if (*var_virt_maildir_limit_message_maps != 0 && (limit_message = mail_addr_find(virtual_maildir_limit_message_maps, state.msg_attr.user, (char **) NULL)) != 0) { + errno = errnored; + if (errno == EFBIG) { +- dsb_simple(why, "5.2.2", limit_message); ++ dsb_simple(why, "5.2.2", "%s", limit_message); + } + if (errno == EDQUOT) { +- dsb_simple(why, "4.2.2", limit_message); ++ dsb_simple(why, "4.2.2", "%s", limit_message); + } + } + else { + errno = errnored; + if (errno == EFBIG) { +- dsb_simple(why, "5.2.2", var_virt_maildir_limit_message); ++ dsb_simple(why, "5.2.2", "%s", var_virt_maildir_limit_message); + } + if (errno == EDQUOT) { +- dsb_simple(why, "4.2.2", var_virt_maildir_limit_message); ++ dsb_simple(why, "4.2.2", "%s", var_virt_maildir_limit_message); + } + } + diff --git a/postfix-bounce.cf.de b/postfix-bounce.cf.de new file mode 100644 index 0000000..7454ee8 --- /dev/null +++ b/postfix-bounce.cf.de @@ -0,0 +1,213 @@ +# $Id$ +# +# Deutsch-sprachige Vorlagen fuer Postfix Zustell-Status-Benachrichtigungen +# (engl. DSN, Delivery Status Notification) +# +# Uebersetzt und an die deutsche Sprache angepasst von Patrick Koetter +# und Ralf Hildebrandt . +# +# Folgen Sie den Anweisungen der bounce(5) manual page, um die in dieser Datei +# enthaltenen Zustell-Status-Benachrichtigungen in Ihren Postfix-Server +# einzubinden. + + +# failure_template +# Das failure_template kommt zum Einsatz, wenn der empfangende Mail-Server die +# Nachricht entweder zurueckgewiesen hat oder wenn die Nachricht nicht +# innerhalb eines vorgegebenen Zeitraums ($maximal_queue_lifetime) zugestellt +# werden konnte. +# +# In beiden Faellen wird der Inhalt von failure_template zusammen mit der +# urspruenglich gesendeten Nachricht und dem Fehler, der die Benachrichtigung +# hervorgerufen hat an den Absender der E-Mail gesendet. + +failure_template = <. + +Senden Sie dazu den an diese E-Mail angefuegten Problem-Bericht mit. +Den Inhalt Ihrer urspruenglichen Nachricht koennen Sie - zum Schutz Ihrer +Privatsphaere - entfernen; er ist fuer eine Fehler-Diagnose nicht zwingend +notwendig. + + Der $mail_name E-Mail-Dienst + + INTERNATIONAL VERSION + +This is the $mail_name program at host $myhostname. + +I'm sorry to have to inform you that your message could not +be delivered to one or more recipients. It's attached below. + +For further assistance, please send mail to + +If you do so, please include this problem report. You can +delete your own text from the attached returned message. + +EOF + + +# delay_template +# Das delay_template kommt zum Einsatz, wenn sich die Zustellung einer +# Nachricht verzoegert - die Zustellung wird so lange versucht, bis der Postfix +# Server sie wegen Ueberschreitung der $maximal_queue_lifetime abbrechen muss. +# +# Anmerkung: +# Die Standardvorgaben in Postfix sehen vor, dass Zustell-Verzoegerungen in +# Stunden ($delay_warning_time_hours) und die maximale Lebenszeit einer +# Nachricht in der Postfix Zustell-Warteschlange in Tagen +# ($maximal_queue_lifetime_days) angegeben werden. +# +# Alternativ koennen Sie anstatt der genannten Zeiteinheiten auch Sekunden, +# Minuten oder Wochen angeben, indem Sie die aktuelle Zeiteinheit des +# Parameters durch _seconds, _minutes oder _weeks austauschen und den +# begleitenden Text in der Vorlage anpassen. + +delay_template = <. + +Senden Sie dazu den, in dieser E-Mail angefuegten, Problem-Bericht mit. +Den Inhalt Ihrer urspruenglichen Nachricht koennen Sie, zum Schutz Ihrer +Privatsphaere, entfernen; er ist fuer eine Fehler-Diagnose nicht zwingend +notwendig. + + Der $mail_name E-Mail-Dienst + + + INTERNATIONAL VERSION + +This is the $mail_name program at host $myhostname. + +#################################################################### +# THIS IS A WARNING ONLY. YOU DO NOT NEED TO RESEND YOUR MESSAGE. # +#################################################################### + +Your message could not be delivered for $delay_warning_time_hours hour(s). +It will be retried until it is $maximal_queue_lifetime_days day(s) old. + +For further assistance, please send mail to + +If you do so, please include this problem report. You can +delete your own text from the attached returned message. + + The $mail_name program +EOF + + +# success_template +# Das success_template kommt zum Einsatz, wenn eine Nachricht an ein Postfach +# zugestellt wurde, wenn ein Alias-Name oder eine Liste von Empfaengern in ihre +# Zieladressen aufgeloest wurde oder wenn eine Nachricht an ein System +# zugestellt wurde, das im Dialog mit Ihrem Postfix-Server keine +# DSN-Faehigkeiten erkennen lies. +# +# Achtung: +# Sie duerfen fuer diese Art von Zustell-Status-Benachrichtigung kein +# Postmaster-Subject: angeben. + +success_template = < +Koniecznie przeka¿ niniejszy raport; mo¿esz usun±æ w³asn± +tre¶æ z za³±czonego listu, który zosta³ zwrócony. + + System pocztowy + +============================================================== + +This is the mail system at host $myhostname. + +I'm sorry to have to inform you that your message could not +be delivered to one or more recipients. It's attached below. + +For further assistance, please send mail to + +If you do so, please include this problem report. You can +delete your own text from the attached returned message. + + The mail system +EOF + + +# +# The delay template is used when mail is delayed. Note a neat trick: +# the default template displays the delay_warning_time value as hours +# by appending the _hours suffix to the parameter name; it displays +# the maximal_queue_lifetime value as days by appending the _days +# suffix. +# +# Other suffixes are: _seconds, _minutes, _weeks. There are no other +# main.cf parameters that have this special behavior. +# +# You need to adjust these suffixes (and the surrounding text) if +# you have very different settings for these time parameters. +# + +delay_template = < +Koniecznie przeka¿ niniejszy raport; mo¿esz usun±æ w³asn± +tre¶æ z za³±czonego listu, który zosta³ zwrócony. + + System pocztowy + +============================================================== + +This is the mail system at host $myhostname. + +#################################################################### +# THIS IS A WARNING ONLY. YOU DO NOT NEED TO RESEND YOUR MESSAGE. # +#################################################################### + +Your message could not be delivered for more than $delay_warning_time_hours hour(s). +It will be retried until it is $maximal_queue_lifetime_days day(s) old. + +For further assistance, please send mail to + +If you do so, please include this problem report. You can +delete your own text from the attached returned message. + + The mail system +EOF + + +# +# The success template is used when mail is delivered to mailbox, +# when an alias or list is expanded, or when mail is delivered to a +# system that does not announce DSN support. It is an error to specify +# a Postmaster-Subject: here. +# + +success_template = <soname,dict_type); + if (stat(vstring_str(lib),&st) < 0) { +- msg_fatal("%s: unsupported dictionary type: %s (%s not found. Is the postfix-%s package installed?)", ++ msg_fatal("%s: unsupported dictionary type: %s (%s not found. Is the postfix-dict-%s package installed?)", + myname, dict_type, vstring_str(lib), dict_type); + } + func=vstring_alloc(1); diff --git a/postfix-dynamicmaps.patch b/postfix-dynamicmaps.patch new file mode 100644 index 0000000..b54dc16 --- /dev/null +++ b/postfix-dynamicmaps.patch @@ -0,0 +1,727 @@ +diff -durN postfix-2.1.3.orig/src/dns/Makefile.in postfix-2.1.3/src/dns/Makefile.in +--- postfix-2.1.3.orig/src/dns/Makefile.in 2004-04-22 21:37:34.000000000 +0200 ++++ postfix-2.1.3/src/dns/Makefile.in 2004-06-22 15:39:24.242860389 +0200 +@@ -12,7 +12,7 @@ + LIB_DIR = ../../lib + INC_DIR = ../../include + +-.c.o:; $(CC) $(CFLAGS) -c $*.c ++.c.o:; $(CC) -fPIC $(CFLAGS) -c $*.c + + all: $(LIB) + +@@ -24,12 +24,10 @@ + tests: test + + $(LIB): $(OBJS) +- $(AR) $(ARFL) $(LIB) $? +- $(RANLIB) $(LIB) ++ gcc -shared -Wl,-soname,libpostfix-dns.so.1 -o $(LIB) $(OBJS) + + $(LIB_DIR)/$(LIB): $(LIB) + cp $(LIB) $(LIB_DIR) +- $(RANLIB) $(LIB_DIR)/$(LIB) + + update: $(LIB_DIR)/$(LIB) $(HDRS) + -for i in $(HDRS); \ +diff -durN postfix-2.1.3.orig/src/global/mail_conf.c postfix-2.1.3/src/global/mail_conf.c +--- postfix-2.1.3.orig/src/global/mail_conf.c 2004-04-10 16:52:51.000000000 +0200 ++++ postfix-2.1.3/src/global/mail_conf.c 2004-06-22 15:39:24.247860093 +0200 +@@ -175,6 +175,13 @@ + path = concatenate(var_config_dir, "/", "main.cf", (char *) 0); + dict_load_file(CONFIG_DICT, path); + myfree(path); ++ ++#ifndef NO_DYNAMIC_MAPS ++ path = concatenate(var_config_dir, "/", "dynamicmaps.cf", (char *) 0); ++ dict_open_dlinfo(path); ++ myfree(path); ++#endif ++ + } + + /* mail_conf_eval - expand macros in string */ +diff -durN postfix-2.1.3.orig/src/master/Makefile.in postfix-2.1.3/src/master/Makefile.in +--- postfix-2.1.3.orig/src/master/Makefile.in 2004-04-22 21:37:35.000000000 +0200 ++++ postfix-2.1.3/src/master/Makefile.in 2004-06-22 15:39:24.249859975 +0200 +@@ -20,7 +20,7 @@ + INC_DIR = ../../include + BIN_DIR = ../../libexec + +-.c.o:; $(CC) $(CFLAGS) -c $*.c ++.c.o:; $(CC) `for i in $(LIB_OBJ); do [ $$i = $@ ] && echo -fPIC; done` $(CFLAGS) -c $*.c + + all: $(PROG) $(LIB) + +@@ -35,12 +35,10 @@ + tests: test + + $(LIB): $(LIB_OBJ) +- $(AR) $(ARFL) $(LIB) $? +- $(RANLIB) $(LIB) ++ gcc -shared -Wl,-soname,libpostfix-master.so.1 -o $(LIB) $(LIB_OBJ) + + $(LIB_DIR)/$(LIB): $(LIB) + cp $(LIB) $(LIB_DIR)/$(LIB) +- $(RANLIB) $(LIB_DIR)/$(LIB) + + $(BIN_DIR)/$(PROG): $(PROG) + cp $(PROG) $(BIN_DIR) +diff -durN postfix-2.1.3.orig/src/util/dict.h postfix-2.1.3/src/util/dict.h +--- postfix-2.1.3.orig/src/util/dict.h 2003-07-03 17:04:13.000000000 +0200 ++++ postfix-2.1.3/src/util/dict.h 2004-06-22 15:39:24.253859738 +0200 +@@ -82,6 +82,20 @@ + */ + extern ARGV *dict_mapnames(void); + ++#ifndef NO_DYNAMIC_MAPS ++ /* ++ * Interface for dynamic map loading. ++ */ ++typedef struct { ++ const char *pattern; ++ const char *soname; ++ const char *openfunc; ++} DLINFO; ++ ++extern void dict_open_dlinfo(const char *path); ++extern DLINFO *dict_open_dlfind(const char *type); ++#endif ++ + /* + * High-level interface, with logical dictionary names. + */ +diff -durN postfix-2.1.3.orig/src/util/load_lib.c postfix-2.1.3/src/util/load_lib.c +--- postfix-2.1.3.orig/src/util/load_lib.c 1970-01-01 01:00:00.000000000 +0100 ++++ postfix-2.1.3/src/util/load_lib.c 2004-06-22 15:39:24.257859501 +0200 +@@ -0,0 +1,135 @@ ++/*++ ++/* NAME ++/* load_lib 3 ++/* SUMMARY ++/* library loading wrappers ++/* SYNOPSIS ++/* #include ++/* ++/* extern int load_library_symbols(const char *, LIB_FN *, LIB_FN *); ++/* const char *libname; ++/* LIB_FN *libfuncs; ++/* LIB_FN *libdata; ++/* ++/* DESCRIPTION ++/* This module loads functions from libraries, returnine pointers ++/* to the named functions. ++/* ++/* load_library_symbols() loads all of the desired functions, and ++/* returns zero for success, or exits via msg_fatal(). ++/* ++/* SEE ALSO ++/* msg(3) diagnostics interface ++/* DIAGNOSTICS ++/* Problems are reported via the msg(3) diagnostics routines: ++/* library not found, symbols not found, other fatal errors. ++/* LICENSE ++/* .ad ++/* .fi ++/* The Secure Mailer license must be distributed with this software. ++/* AUTHOR(S) ++/* LaMont Jones ++/* Hewlett-Packard Company ++/* 3404 Harmony Road ++/* Fort Collins, CO 80528, USA ++/* ++/* Wietse Venema ++/* IBM T.J. Watson Research ++/* P.O. Box 704 ++/* Yorktown Heights, NY 10598, USA ++/*--*/ ++ ++/* System libraries. */ ++ ++#include "sys_defs.h" ++#include ++#include ++#include ++#if defined(HAS_DLOPEN) ++#include ++#elif defined(HAS_SHL_LOAD) ++#include ++#endif ++ ++/* Application-specific. */ ++ ++#include "msg.h" ++#include "load_lib.h" ++ ++extern int load_library_symbols(const char * libname, LIB_FN * libfuncs, LIB_FN * libdata) ++{ ++ char *myname = "load_library_symbols"; ++ LIB_FN *fn; ++ ++#if defined(HAS_DLOPEN) ++ void *handle; ++ char *emsg; ++ ++ handle=dlopen(libname,RTLD_NOW); ++ emsg=dlerror(); ++ if (emsg) { ++ msg_fatal("%s: dlopen failure loading %s: %s", myname, libname, emsg); ++ } ++ ++ if (libfuncs) { ++ for (fn=libfuncs; fn->name; fn++) { ++ *(fn->ptr) = dlsym(handle,fn->name); ++ emsg=dlerror(); ++ if (emsg) { ++ msg_fatal("%s: dlsym failure looking up %s in %s: %s", myname, ++ fn->name, libname, emsg); ++ } ++ if (msg_verbose>1) { ++ msg_info("loaded %s = %lx",fn->name, *((long*)(fn->ptr))); ++ } ++ } ++ } ++ ++ if (libdata) { ++ for (fn=libdata; fn->name; fn++) { ++ *(fn->ptr) = dlsym(handle,fn->name); ++ emsg=dlerror(); ++ if (emsg) { ++ msg_fatal("%s: dlsym failure looking up %s in %s: %s", myname, ++ fn->name, libname, emsg); ++ } ++ if (msg_verbose>1) { ++ msg_info("loaded %s = %lx",fn->name, *((long*)(fn->ptr))); ++ } ++ } ++ } ++#elif defined(HAS_SHL_LOAD) ++ shl_t handle; ++ ++ handle = shl_load(libname,BIND_IMMEDIATE,0); ++ ++ if (libfuncs) { ++ for (fn=libfuncs; fn->name; fn++) { ++ if (shl_findsym(&handle,fn->name,TYPE_PROCEDURE,fn->ptr) != 0) { ++ msg_fatal("%s: shl_findsym failure looking up %s in %s: %m", ++ myname, fn->name, libname); ++ } ++ if (msg_verbose>1) { ++ msg_info("loaded %s = %x",fn->name, *((long*)(fn->ptr))); ++ } ++ } ++ } ++ ++ if (libdata) { ++ for (fn=libdata; fn->name; fn++) { ++ if (shl_findsym(&handle,fn->name,TYPE_DATA,fn->ptr) != 0) { ++ msg_fatal("%s: shl_findsym failure looking up %s in %s: %m", ++ myname, fn->name, libname); ++ } ++ if (msg_verbose>1) { ++ msg_info("loaded %s = %x",fn->name, *((long*)(fn->ptr))); ++ } ++ } ++ } ++ ++#else ++ msg_fatal("%s: need dlopen or shl_load support for dynamic libraries", ++ myname); ++#endif ++ return 0; ++} +diff -durN postfix-2.1.3.orig/src/util/load_lib.h postfix-2.1.3/src/util/load_lib.h +--- postfix-2.1.3.orig/src/util/load_lib.h 1970-01-01 01:00:00.000000000 +0100 ++++ postfix-2.1.3/src/util/load_lib.h 2004-06-22 15:39:24.257859501 +0200 +@@ -0,0 +1,41 @@ ++#ifndef _LOAD_LIB_H_INCLUDED_ ++#define _LOAD_LIB_H_INCLUDED_ ++ ++/*++ ++/* NAME ++/* load_lib 3h ++/* SUMMARY ++/* library loading wrappers ++/* SYNOPSIS ++/* #include "load_lib.h" ++/* DESCRIPTION ++/* .nf ++ ++ /* ++ * External interface. ++ */ ++/* NULL name terminates list */ ++typedef struct LIB_FN { ++ const char *name; ++ void **ptr; ++} LIB_FN; ++ ++extern int load_library_symbols(const char *, LIB_FN *, LIB_FN *); ++ ++/* LICENSE ++/* .ad ++/* .fi ++/* The Secure Mailer license must be distributed with this software. ++/* AUTHOR(S) ++/* LaMont Jones ++/* Hewlett-Packard Company ++/* 3404 Harmony Road ++/* Fort Collins, CO 80528, USA ++/* ++/* Wietse Venema ++/* IBM T.J. Watson Research ++/* P.O. Box 704 ++/* Yorktown Heights, NY 10598, USA ++/*--*/ ++ ++#endif +--- postfix-2.0.16.orig/conf/dynamicmaps.cf 1970-01-01 01:00:00.000000000 +0100 ++++ postfix-2.0.16/conf/dynamicmaps.cf 2003-11-08 19:52:14.000000000 +0100 +@@ -0,0 +1,9 @@ ++# Postfix dynamic maps configuration file. ++# ++# The first match found is the one that is used. The only wildcard ++# allowed is '*', which matches everything. The first %s is expanded ++# to the map type. ++# ++#type location of .so file name of open function ++#==== ================================ ===================== ++* /usr/lib/postfix/dict_%s.so dict_%s_open +--- postfix-2.3-RC9/src/global/mail_params.c.orig 2006-07-11 19:37:10.708815544 +0200 ++++ postfix-2.3-RC9/src/global/mail_params.c 2006-07-11 19:38:56.587719504 +0200 +@@ -148,6 +148,8 @@ + #ifdef STRCASECMP_IN_STRINGS_H + #include + #endif ++#include ++#include + + /* Utility library. */ + +@@ -248,6 +250,7 @@ + char *var_debug_peer_list; + int var_debug_peer_level; + char *var_reject_reply_msg_access_denied; ++int var_command_maxtime; + int var_fault_inj_code; + char *var_bounce_service; + char *var_cleanup_service; +@@ -433,6 +436,38 @@ + (long) var_sgid_gid); + } + ++static char *read_file(const char *name) ++{ ++ char *ret; ++ VSTRING *why=vstring_alloc(1); ++ VSTRING *new_name=vstring_alloc(1); ++ VSTREAM *vp=safe_open(name, O_RDONLY, 0, NULL, -1, -1, why); ++ ++ /* ++ * Ugly macros to make complex expressions less unreadable. ++ */ ++#define SKIP(start, var, cond) \ ++ for (var = start; *var && (cond); var++); ++ ++#define TRIM(s) { \ ++ char *p; \ ++ for (p = (s) + strlen(s); p > (s) && ISSPACE(p[-1]); p--); \ ++ *p = 0; \ ++ } ++ ++ if (!vp) { ++ msg_fatal("%s: unable to open: %s",name,vstring_str(why)); ++ } ++ vstring_get_nonl(new_name,vp); ++ vstream_fclose(vp); ++ SKIP(vstring_str(new_name),ret,ISSPACE(*ret)); ++ ret=mystrdup(ret); ++ TRIM(ret); ++ vstring_free(why); ++ vstring_free(new_name); ++ return ret; ++} ++ + /* mail_params_init - configure built-in parameters */ + + void mail_params_init() +diff -durN postfix-2.1.3.orig/src/util/sys_defs.h postfix-2.1.3/src/util/sys_defs.h +--- postfix-2.1.3.orig/src/util/sys_defs.h 2004-06-22 15:38:57.190461088 +0200 ++++ postfix-2.1.3/src/util/sys_defs.h 2004-06-22 15:39:24.255859620 +0200 +@@ -700,6 +700,7 @@ + #define STATFS_IN_SYS_VFS_H + #define PREPEND_PLUS_TO_OPTSTRING + #define HAS_POSIX_REGEXP ++#define HAS_DLOPEN + #define NATIVE_SENDMAIL_PATH "/usr/sbin/sendmail" + #define NATIVE_MAILQ_PATH "/usr/bin/mailq" + #define NATIVE_NEWALIAS_PATH "/usr/bin/newaliases" +@@ -754,6 +755,7 @@ + #define STATFS_IN_SYS_VFS_H + #define PREPEND_PLUS_TO_OPTSTRING + #define HAS_POSIX_REGEXP ++#define HAS_DLOPEN + #define NATIVE_SENDMAIL_PATH "/usr/sbin/sendmail" + #define NATIVE_MAILQ_PATH "/usr/bin/mailq" + #define NATIVE_NEWALIAS_PATH "/usr/bin/newaliases" +@@ -638,6 +640,7 @@ + #define USE_STATFS + #define STATFS_IN_SYS_VFS_H + #define HAS_POSIX_REGEXP ++#define HAS_SHL_LOAD + #define NATIVE_SENDMAIL_PATH "/usr/sbin/sendmail" + #define NATIVE_MAILQ_PATH "/usr/bin/mailq" + #define NATIVE_NEWALIAS_PATH "/usr/bin/newaliases" +@@ -673,6 +676,7 @@ + #define USE_STATFS + #define STATFS_IN_SYS_VFS_H + #define HAS_POSIX_REGEXP ++#define HAS_SHL_LOAD + #define NATIVE_SENDMAIL_PATH "/usr/sbin/sendmail" + #define NATIVE_MAILQ_PATH "/usr/bin/mailq" + #define NATIVE_NEWALIAS_PATH "/usr/bin/newaliases" +--- postfix-2.8.3/src/global/Makefile.in~ 2011-05-17 14:11:58.243333401 +0200 ++++ postfix-2.8.3/src/global/Makefile.in 2011-05-17 14:27:36.783333538 +0200 +@@ -35,7 +35,7 @@ + canon_addr.o cfg_parser.o cleanup_strerror.o cleanup_strflags.o \ + clnt_stream.o conv_time.o db_common.o debug_peer.o debug_process.o \ + defer.o deliver_completed.o deliver_flock.o deliver_pass.o \ +- deliver_request.o dict_ldap.o dict_mysql.o dict_pgsql.o \ ++ deliver_request.o \ + dict_proxy.o dict_sqlite.o domain_list.o dot_lockfile.o dot_lockfile_as.o \ + dsb_scan.o dsn.o dsn_buf.o dsn_mask.o dsn_print.o dsn_util.o \ + ehlo_mask.o ext_prop.o file_id.o flush_clnt.o header_opts.o \ +@@ -106,8 +106,12 @@ + LIB_DIR = ../../lib + INC_DIR = ../../include + MAKES = ++LDAPSO = dict_ldap.so ++MYSQLSO = dict_mysql.so ++PGSQLSO = dict_pgsql.so ++SQLITESO= dict_sqlite.so + +-.c.o:; $(CC) $(CFLAGS) -c $*.c ++.c.o:; $(CC) -fPIC $(CFLAGS) -c $*.c + + all: $(LIB) + +@@ -119,14 +123,36 @@ + test: $(TESTPROG) + + $(LIB): $(OBJS) +- $(AR) $(ARFL) $(LIB) $? +- $(RANLIB) $(LIB) ++ gcc -shared -Wl,-soname,libpostfix-global.so.1 -o $(LIB) $(OBJS) ++ ++$(LDAPSO): dict_ldap.o $(LIB) ++ gcc -shared -Wl,-soname,dict_ldap.so -o $@ $? -lldap -llber -L../../lib -lutil -L. -lglobal ++ ++$(MYSQLSO): dict_mysql.o $(LIB) ++ gcc -shared -Wl,-soname,dict_mysql.so -o $@ $? -lmysqlclient -L../../lib -lutil -L. -lglobal ++ ++$(PGSQLSO): dict_pgsql.o $(LIB) ++ gcc -shared -Wl,-soname,dict_pgsql.so -o $@ $? -lpq -L../../lib -lutil -L. -lglobal ++ ++$(SQLITESO): dict_sqlite.o $(LIB) ++ gcc -shared -Wl,-soname,dict_sqlite.so -o $@ $? -lsqlite3 -L../../lib -lutil -L. -lglobal + + $(LIB_DIR)/$(LIB): $(LIB) + cp $(LIB) $(LIB_DIR) +- $(RANLIB) $(LIB_DIR)/$(LIB) + +-update: $(LIB_DIR)/$(LIB) $(HDRS) ++$(LIB_DIR)/$(LDAPSO): $(LDAPSO) ++ cp $(LDAPSO) $(LIB_DIR) ++ ++$(LIB_DIR)/$(MYSQLSO): $(MYSQLSO) ++ cp $(MYSQLSO) $(LIB_DIR) ++ ++$(LIB_DIR)/$(PGSQLSO): $(PGSQLSO) ++ cp $(PGSQLSO) $(LIB_DIR) ++ ++$(LIB_DIR)/$(SQLITESO): $(SQLITESO) ++ cp $(SQLITESO) $(LIB_DIR) ++ ++update: $(LIB_DIR)/$(LIB) $(LIB_DIR)/${LDAPSO} $(LIB_DIR)/${MYSQLSO} $(LIB_DIR)/${PGSQLSO} $(LIB_DIR)/${SQLITESO} $(HDRS) + -for i in $(HDRS); \ + do \ + cmp -s $$i $(INC_DIR)/$$i 2>/dev/null || cp $$i $(INC_DIR); \ +@@ -497,7 +523,7 @@ + lint $(DEFS) $(SRCS) $(LINTFIX) + + clean: +- rm -f *.o $(LIB) *core $(TESTPROG) junk ++ rm -f *.o $(LIB) $(LDAPSO) $(MYSQLSO) $(PGSQLSO) $(SQLITESO) *core $(TESTPROG) junk + rm -rf printfck + + tidy: clean +--- postfix-2.9.0/src/util/dict_open.c.orig 2012-02-04 19:16:54.231837262 +0100 ++++ postfix-2.9.0/src/util/dict_open.c 2012-02-04 19:27:54.884124599 +0100 +@@ -213,6 +213,9 @@ + #include + #endif + ++#include ++#include ++ + /* Utility library. */ + + #include +@@ -241,6 +244,14 @@ + #include + #include + ++#ifndef NO_DYNAMIC_MAPS ++#include ++#include ++#include ++#include ++#include ++#endif ++ + /* + * lookup table for available map types. + */ +@@ -276,9 +287,11 @@ + #ifdef HAS_NETINFO + DICT_TYPE_NETINFO, dict_ni_open, + #endif ++#ifndef MAX_DYNAMIC_MAPS + #ifdef HAS_PCRE + DICT_TYPE_PCRE, dict_pcre_open, + #endif ++#endif /* MAX_DYNAMIC_MAPS */ + #ifdef HAS_POSIX_REGEXP + DICT_TYPE_REGEXP, dict_regexp_open, + #endif +@@ -338,9 +351,38 @@ + dict_type, dict_name); + if (dict_open_hash == 0) + dict_open_init(); +- if ((dp = (DICT_OPEN_INFO *) htable_find(dict_open_hash, dict_type)) == 0) +- return (dict_surrogate(dict_type, dict_name, open_flags, dict_flags, +- "unsupported dictionary type: %s", dict_type)); ++ if ((dp = (DICT_OPEN_INFO *) htable_find(dict_open_hash, dict_type)) == 0) { ++#ifndef NO_DYNAMIC_MAPS ++ struct stat st; ++ VSTRING *lib, *func; ++ LIB_FN fn[2]; ++ DICT *(*open) (const char *, int, int); ++ DLINFO *dl=dict_open_dlfind(dict_type); ++ if (!dl) ++#endif ++ msg_fatal("%s: unsupported dictionary type: %s", myname, dict_type); ++#ifndef NO_DYNAMIC_MAPS ++ lib=vstring_alloc(1); ++ vstring_sprintf(lib,dl->soname,dict_type); ++ if (stat(vstring_str(lib),&st) < 0) { ++ msg_fatal("%s: unsupported dictionary type: %s (%s not found. Is the postfix-%s package installed?)", ++ myname, dict_type, vstring_str(lib), dict_type); ++ } ++ func=vstring_alloc(1); ++ vstring_sprintf(func,dl->openfunc,dict_type); ++ fn[0].name = vstring_str(func); ++ fn[0].ptr = (void**)&open; ++ fn[1].name = NULL; ++ load_library_symbols(vstring_str(lib), fn, NULL); ++ dict_open_register(dict_type, open); ++ dp = (DICT_OPEN_INFO *) htable_find(dict_open_hash, dict_type); ++ vstring_free(lib); ++ vstring_free(func); ++#endif ++ } ++ if (msg_verbose>1) { ++ msg_info("%s: calling %s open routine",myname,dict_type); ++ } + if ((dict = dp->open(dict_name, open_flags, dict_flags)) == 0) + return (dict_surrogate(dict_type, dict_name, open_flags, dict_flags, + "cannot open %s:%s: %m", dict_type, dict_name)); +@@ -407,6 +449,76 @@ + return mapnames; + } + ++#ifndef NO_DYNAMIC_MAPS ++static DLINFO *dict_dlinfo; ++ ++void dict_open_dlinfo(const char *path) ++{ ++ char *myname="dict_open_dlinfo"; ++ VSTREAM *conf_fp=vstream_fopen(path,O_RDONLY,0); ++ VSTRING *buf = vstring_alloc(100); ++ char *cp; ++ ARGV *argv; ++ MVECT vector; ++ int nelm=0; ++ int linenum=0; ++ ++ dict_dlinfo=(DLINFO*)mvect_alloc(&vector,sizeof(DLINFO),3,NULL,NULL); ++ ++ if (!conf_fp) { ++ msg_warn("%s: cannot open %s. No dynamic maps will be allowed.", ++ myname, path); ++ } else { ++ while (vstring_get_nonl(buf,conf_fp) != VSTREAM_EOF) { ++ cp = vstring_str(buf); ++ linenum++; ++ if (*cp == '#' || *cp == '\0') ++ continue; ++ argv = argv_split(cp, " \t"); ++ if (argv->argc != 3) { ++ msg_fatal("%s: Expected \"pattern .so-name function\" at line %d", ++ myname, linenum); ++ } ++ if (argv->argv[1][0] != '/') { ++ msg_fatal("%s: .so name must begin with a \"/\" at line %d", ++ myname, linenum); ++ } ++ if (nelm >= vector.nelm) { ++ dict_dlinfo=(DLINFO*)mvect_realloc(&vector,vector.nelm+3); ++ } ++ dict_dlinfo[nelm].pattern = mystrdup(argv->argv[0]); ++ dict_dlinfo[nelm].soname = mystrdup(argv->argv[1]); ++ dict_dlinfo[nelm].openfunc = mystrdup(argv->argv[2]); ++ nelm++; ++ argv_free(argv); ++ } ++ } ++ if (nelm >= vector.nelm) { ++ dict_dlinfo=(DLINFO*)mvect_realloc(&vector,vector.nelm+1); ++ } ++ dict_dlinfo[nelm].pattern = NULL; ++ dict_dlinfo[nelm].soname = NULL; ++ dict_dlinfo[nelm].openfunc = NULL; ++ if (conf_fp) ++ vstream_fclose(conf_fp); ++ vstring_free(buf); ++} ++ ++DLINFO *dict_open_dlfind(const char *type) ++{ ++ DLINFO *dp; ++ ++ if (!dict_dlinfo) ++ return NULL; ++ ++ for (dp=dict_dlinfo; dp->pattern; dp++) { ++ if (strcmp(dp->pattern,type)==0 || strcmp(dp->pattern,"*")==0) ++ return dp; ++ } ++ return NULL; ++} ++#endif /* !NO_DYNAMIC_MAPS */ ++ + #ifdef TEST + + /* +--- postfix-2.9.0/src/util/Makefile.in.orig 2012-02-04 19:16:54.187276228 +0100 ++++ postfix-2.9.0/src/util/Makefile.in 2012-02-04 19:30:39.503837753 +0100 +@@ -30,7 +30,7 @@ + username.c valid_hostname.c vbuf.c vbuf_print.c vstream.c \ + vstream_popen.c vstring.c vstring_vstream.c watchdog.c writable.c \ + write_buf.c write_wait.c sane_basename.c format_tv.c allspace.c \ +- allascii.c load_file.c killme_after.c vstream_tweak.c \ ++ allascii.c load_file.c killme_after.c vstream_tweak.c load_lib.c \ + unix_pass_listen.c unix_pass_trigger.c edit_file.c inet_windowsize.c \ + unix_pass_fd_fix.c dict_cache.c valid_utf_8.c dict_thash.c \ + ip_match.c nbbio.c stream_pass_connect.c base32_code.c dict_test.c \ +@@ -41,7 +41,7 @@ + chroot_uid.o cidr_match.o clean_env.o close_on_exec.o concatenate.o \ + ctable.o dict.o dict_alloc.o dict_cdb.o dict_cidr.o dict_db.o \ + dict_dbm.o dict_debug.o dict_env.o dict_ht.o dict_ni.o dict_nis.o \ +- dict_nisplus.o dict_open.o dict_pcre.o dict_regexp.o dict_sdbm.o \ ++ dict_nisplus.o dict_open.o dict_regexp.o dict_sdbm.o \ + dict_static.o dict_tcp.o dict_unix.o dir_forest.o doze.o dummy_read.o \ + dummy_write.o duplex_pipe.o environ.o events.o exec_command.o \ + fifo_listen.o fifo_trigger.o file_limit.o find_inet.o fsspace.o \ +@@ -66,7 +66,7 @@ + username.o valid_hostname.o vbuf.o vbuf_print.o vstream.o \ + vstream_popen.o vstring.o vstring_vstream.o watchdog.o writable.o \ + write_buf.o write_wait.o sane_basename.o format_tv.o allspace.o \ +- allascii.o load_file.o killme_after.o vstream_tweak.o \ ++ allascii.o load_file.o killme_after.o vstream_tweak.o load_lib.o \ + unix_pass_listen.o unix_pass_trigger.o edit_file.o inet_windowsize.o \ + unix_pass_fd_fix.o dict_cache.o valid_utf_8.o dict_thash.o \ + ip_match.o nbbio.o stream_pass_connect.o base32_code.o dict_test.o \ +@@ -89,7 +89,7 @@ + sigdelay.h sock_addr.h spawn_command.h split_at.h stat_as.h \ + stringops.h sys_defs.h timed_connect.h timed_wait.h trigger.h \ + username.h valid_hostname.h vbuf.h vbuf_print.h vstream.h vstring.h \ +- vstring_vstream.h watchdog.h format_tv.h load_file.h killme_after.h \ ++ vstring_vstream.h watchdog.h format_tv.h load_file.h killme_after.h load_lib.h \ + edit_file.h dict_cache.h dict_thash.h ip_match.h nbbio.h base32_code.h \ + dict_fail.h warn_stat.h + TESTSRC = fifo_open.c fifo_rdwr_bug.c fifo_rdonly_bug.c select_bug.c \ +@@ -98,6 +98,7 @@ + CFLAGS = $(DEBUG) $(OPT) $(DEFS) + FILES = Makefile $(SRCS) $(HDRS) + INCL = ++PCRESO = dict_pcre.so + LIB = libutil.a + TESTPROG= dict_open dup2_pass_on_exec events exec_command fifo_open \ + fifo_rdonly_bug fifo_rdwr_bug fifo_trigger fsspace fullname \ +@@ -113,8 +114,9 @@ + + LIB_DIR = ../../lib + INC_DIR = ../../include ++LIBS = $(LIB_DIR)/$(LIB) $(LIB_DIR)/$(PCRESO) + +-.c.o:; $(CC) $(CFLAGS) -c $*.c ++.c.o:; $(CC) -fPIC $(CFLAGS) -c $*.c + + all: $(LIB) + +@@ -125,15 +127,19 @@ + + test: $(TESTPROG) + ++$(PCRESO): dict_pcre.o ++ gcc -shared -Wl,-soname,dict_pcre.so -o $@ $? -lpcre -L. -lutil ++ + $(LIB): $(OBJS) +- $(AR) $(ARFL) $(LIB) $? +- $(RANLIB) $(LIB) ++ gcc -shared -Wl,-soname,libpostfix-util.so.1 -o $(LIB) $(OBJS) -ldl + + $(LIB_DIR)/$(LIB): $(LIB) + cp $(LIB) $(LIB_DIR) +- $(RANLIB) $(LIB_DIR)/$(LIB) + +-update: $(LIB_DIR)/$(LIB) $(HDRS) ++$(LIB_DIR)/$(PCRESO): $(PCRESO) ++ cp $(PCRESO) $(LIB_DIR) ++ ++update: $(LIBS) $(HDRS) + -for i in $(HDRS); \ + do \ + cmp -s $$i $(INC_DIR)/$$i 2>/dev/null || cp $$i $(INC_DIR); \ +@@ -155,7 +161,8 @@ + lint $(DEFS) $(SRCS) $(LINTFIX) + + clean: +- rm -f *.o $(LIB) *core $(TESTPROG) junk $(MAKES) *.tmp ++ rm -f *.o $(LIB) $(PCRESO) *core $(TESTPROG) \ ++ junk $(MAKES) *.tmp + rm -rf printfck + + tidy: clean +--- postfix-2.9.0/src/global/mail_dict.c.orig 2012-02-04 19:16:53.000000000 +0100 ++++ postfix-2.9.0/src/global/mail_dict.c 2012-02-04 19:33:20.047179113 +0100 +@@ -47,18 +47,6 @@ + + static const DICT_OPEN_INFO dict_open_info[] = { + DICT_TYPE_PROXY, dict_proxy_open, +-#ifdef HAS_LDAP +- DICT_TYPE_LDAP, dict_ldap_open, +-#endif +-#ifdef HAS_MYSQL +- DICT_TYPE_MYSQL, dict_mysql_open, +-#endif +-#ifdef HAS_PGSQL +- DICT_TYPE_PGSQL, dict_pgsql_open, +-#endif +-#ifdef HAS_SQLITE +- DICT_TYPE_SQLITE, dict_sqlite_open, +-#endif + DICT_TYPE_MEMCACHE, dict_memcache_open, + 0, + }; diff --git a/postfix-header_if_reject.patch b/postfix-header_if_reject.patch new file mode 100644 index 0000000..49caee2 --- /dev/null +++ b/postfix-header_if_reject.patch @@ -0,0 +1,189 @@ +--- src/smtpd/smtpd.h.org Wed Feb 9 03:00:14 2005 ++++ src/smtpd/smtpd.h Mon Feb 7 20:06:58 2005 +@@ -111,6 +111,7 @@ + int sender_rcptmap_checked; /* sender validated against maps */ + int recipient_rcptmap_checked; /* recipient validated against maps */ + int warn_if_reject; /* force reject into warning */ ++ int header_if_reject; /* add header instead of rejecting */ + SMTPD_DEFER defer_if_reject; /* force reject into deferral */ + SMTPD_DEFER defer_if_permit; /* force permit into deferral */ + int defer_if_permit_client; /* force permit into warning */ +--- src/global/mail_params.h.org Wed Feb 9 03:01:31 2005 ++++ src/global/mail_params.h Wed Feb 9 02:01:01 2005 +@@ -1578,6 +1578,7 @@ + #define CHECK_RECIP_NS_ACL "check_recipient_ns_access" + + #define WARN_IF_REJECT "warn_if_reject" ++#define HEADER_IF_REJECT "header_if_reject" + + #define REJECT_RBL "reject_rbl" /* LaMont compatibility */ + #define REJECT_RBL_CLIENT "reject_rbl_client" +--- src/smtpd/smtpd_check.c.org Sat Dec 27 03:54:03 2003 ++++ src/smtpd/smtpd_check.c Wed Feb 9 06:04:25 2005 +@@ -351,29 +351,29 @@ + * permit-style restriction fails. Otherwise, we could reject legitimate + * mail. + */ +-static void PRINTFLIKE(3, 4) defer_if(SMTPD_DEFER *, int, const char *,...); ++static void PRINTFLIKE(4, 5) defer_if(SMTPD_STATE *, SMTPD_DEFER *, int, const char *,...); + + #define DEFER_IF_REJECT2(state, class, fmt, a1, a2) \ +- defer_if(&(state)->defer_if_reject, (class), (fmt), (a1), (a2)) ++ defer_if((state), &(state)->defer_if_reject, (class), (fmt), (a1), (a2)) + #define DEFER_IF_REJECT3(state, class, fmt, a1, a2, a3) \ +- defer_if(&(state)->defer_if_reject, (class), (fmt), (a1), (a2), (a3)) ++ defer_if((state), &(state)->defer_if_reject, (class), (fmt), (a1), (a2), (a3)) + #define DEFER_IF_REJECT4(state, class, fmt, a1, a2, a3, a4) \ + defer_if(&(state)->defer_if_reject, (class), (fmt), (a1), (a2), (a3), (a4)) + #define DEFER_IF_PERMIT2(state, class, fmt, a1, a2) do { \ + if ((state)->warn_if_reject == 0) \ +- defer_if(&(state)->defer_if_permit, (class), (fmt), (a1), (a2)); \ ++ defer_if((state), &(state)->defer_if_permit, (class), (fmt), (a1), (a2)); \ + else \ + (void) smtpd_check_reject((state), (class), (fmt), (a1), (a2)); \ + } while (0) + #define DEFER_IF_PERMIT3(state, class, fmt, a1, a2, a3) do { \ + if ((state)->warn_if_reject == 0) \ +- defer_if(&(state)->defer_if_permit, (class), (fmt), (a1), (a2), (a3)); \ ++ defer_if((state), &(state)->defer_if_permit, (class), (fmt), (a1), (a2), (a3)); \ + else \ + (void) smtpd_check_reject((state), (class), (fmt), (a1), (a2), (a3)); \ + } while (0) + #define DEFER_IF_PERMIT4(state, class, fmt, a1, a2, a3, a4) do { \ + if ((state)->warn_if_reject == 0) \ +- defer_if(&(state)->defer_if_permit, (class), (fmt), (a1), (a2), (a3), (a4)); \ ++ defer_if((state), &(state)->defer_if_permit, (class), (fmt), (a1), (a2), (a3), (a4)); \ + else \ + (void) smtpd_check_reject((state), (class), (fmt), (a1), (a2), (a3), (a4)); \ + } while (0) +@@ -712,7 +712,18 @@ + char *format,...) + { + va_list ap; ++ ++ va_start(ap, format); ++ vstring_vsprintf(error_text, format, ap); ++ va_end(ap); ++ ++ return(xsmtpd_check_reject(state, error_class, error_text)); ++} ++static int xsmtpd_check_reject(SMTPD_STATE *state, int error_class, ++ VSTRING *error_text) ++{ + int warn_if_reject; ++ int header_if_reject; + const char *whatsup; + + /* +@@ -726,15 +737,18 @@ + warn_if_reject = 0; + whatsup = "reject"; + } ++ if (state->header_if_reject && error_class != MAIL_ERROR_SOFTWARE) { ++ header_if_reject = 1; ++ whatsup = "header_warning"; ++ } else { ++ header_if_reject = 0; ++ } + + /* + * Update the error class mask, and format the response. XXX What about + * multi-line responses? For now we cheat and send whitespace. + */ + state->error_mask |= error_class; +- va_start(ap, format); +- vstring_vsprintf(error_text, format, ap); +- va_end(ap); + + /* + * Ensure RFC compliance. We could do this inside smtpd_chat_reply() and +@@ -796,15 +810,58 @@ + */ + log_whatsup(state, whatsup, STR(error_text)); + +- return (warn_if_reject ? 0 : SMTPD_CHECK_REJECT); ++ if (state->header_if_reject) { ++ VSTRING *hbuf = vstring_alloc(100); ++ int elen = strlen(STR(error_text)); ++ ++ if (state->prepend == 0) ++ state->prepend = argv_alloc(1); ++ printable(STR(error_text), '?'); ++ ++#define PRETTY_HEADER ++#ifdef PRETTY_HEADER ++ if (elen > 65) { ++ int len = 0, n; ++ char *p; ++ ++ vstring_sprintf(hbuf, "%s", "X-Reject: "); ++ while (len < elen-65 && (p = strchr(STR(error_text)+len+64, ' '))) { ++ *p = '\t'; ++ n = p-(STR(error_text)+len); ++ vstring_sprintf_append(hbuf, "%.*s\n", n, STR(error_text)+len); ++ len+=n; ++ } ++ vstring_sprintf_append(hbuf, "%s", STR(error_text)+len); ++ } ++ else { ++ vstring_sprintf(hbuf, "X-Reject: %s", STR(error_text)); ++ } ++#else ++ vstring_sprintf(hbuf, "X-Reject: %.*s", 999, STR(error_text)); ++#endif ++ argv_add(state->prepend, STR(hbuf), ARGV_END); ++ vstring_free(hbuf); ++ } ++ ++ return (warn_if_reject || header_if_reject ? 0 : SMTPD_CHECK_REJECT); + } + + /* defer_if - prepare to change our mind */ + +-static void defer_if(SMTPD_DEFER *defer, int error_class, const char *fmt,...) ++static void defer_if(SMTPD_STATE *state, SMTPD_DEFER *defer, int error_class, const char *fmt,...) + { + va_list ap; + ++ if (state->header_if_reject) { ++ va_start(ap, fmt); ++ vstring_vsprintf(error_text, fmt, ap); ++ va_end(ap); ++ if (STR(error_text)[0] == '5') { ++ xsmtpd_check_reject(state, error_class, error_text); ++ return; ++ } ++ } ++ + /* + * Keep the first reason for this type of deferral, to minimize + * confusion. +@@ -3147,6 +3204,11 @@ + state->warn_if_reject = state->recursion; + continue; + } ++ if (strcasecmp(name, HEADER_IF_REJECT) == 0) { ++ if (state->header_if_reject == 0) ++ state->header_if_reject = state->recursion; ++ continue; ++ } + + /* + * Spoof the is_map_command() routine, so that we do not have to make +@@ -3500,6 +3562,8 @@ + + if (state->warn_if_reject >= state->recursion) + state->warn_if_reject = 0; ++ if (state->header_if_reject >= state->recursion) ++ state->header_if_reject = 0; + + if (status != 0) + break; +@@ -3554,6 +3618,7 @@ + #define SMTPD_CHECK_RESET() { \ + state->recursion = 0; \ + state->warn_if_reject = 0; \ ++ state->header_if_reject = 0; \ + state->defer_if_reject.active = 0; \ + } + diff --git a/postfix-ident.patch b/postfix-ident.patch new file mode 100644 index 0000000..8cbd612 --- /dev/null +++ b/postfix-ident.patch @@ -0,0 +1,342 @@ +diff -urN -x '*~' postfix-2.2.5/src/global/mail_params.h postfix-2.2.5-ident/src/global/mail_params.h +--- postfix-2.2.5/src/global/mail_params.h 2006-02-22 16:20:15.000000000 +0100 ++++ postfix-2.2.5-ident/src/global/mail_params.h 2006-02-22 15:56:31.000000000 +0100 +@@ -2346,6 +2346,9 @@ + #define DEF_SMTP_EHLO_DIS_MAPS "" + extern char *var_smtp_ehlo_dis_maps; + ++#define VAR_SMTPD_IDENT_LOOKUP "smtpd_ident_lookup" ++#define DEF_SMTPD_IDENT_LOOKUP "" ++extern char *var_smtpd_ident_lookup; + /* + * SMTPD messages + */ +diff -urN -x '*~' postfix-2.2.5/src/smtpd/smtpd_ident.c postfix-2.2.5-ident/src/smtpd/smtpd_ident.c +--- postfix-2.2.5/src/smtpd/smtpd_ident.c 1970-01-01 01:00:00.000000000 +0100 ++++ postfix-2.2.5-ident/src/smtpd/smtpd_ident.c 2006-02-22 15:56:31.000000000 +0100 +@@ -0,0 +1,138 @@ ++#include ++#include ++#include ++#include ++#include /* strerror() */ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#include ++#include "smtpd.h" ++ ++#define IDENT_MSGSIZE 256 ++#define IDENT_TIMEOUT 10 ++ ++#define CHOMP(STR) { char *tmp; tmp = STR; while (*tmp) { \ ++ if (*tmp == '\n' || *tmp == '\r') *tmp = '\0'; tmp++ ; } } ++ ++char *smtpd_ident(struct sockaddr_in *peer_addr, struct sockaddr_in *smtpd_addr) ++{ ++ int ident_sock; ++ char ident_msg[IDENT_MSGSIZE + 1], *sp; ++ char ident_user[IDENT_MSGSIZE + 1]; ++ struct sockaddr_in local_addr; ++ struct sockaddr_in ident_addr; ++ char *return_val; ++ VSTREAM *ident_stream; ++ ++ memset(ident_msg, 0, IDENT_MSGSIZE + 1); ++ memset(ident_user, 0, IDENT_MSGSIZE + 1); ++ ++ /* ++ * Bind the local sockaddr to the same interface as smtpd before ++ * connecting back to the auth port on the peer. This helps ++ * with multihomed postfix servers. First, set up the address. ++ */ ++ ++ /* Local sockname */ ++ ++ memset((char *) &local_addr, 0, sizeof(local_addr)); ++ local_addr.sin_family = AF_INET; ++ memcpy((void *) &local_addr.sin_addr, (void *) &smtpd_addr->sin_addr, sizeof(local_addr.sin_addr)); ++ ++ /* Remote sockname + port */ ++ ++ memset((char *) &ident_addr, 0, sizeof(ident_addr)); ++ ident_addr.sin_family = AF_INET; ++ memcpy((void *) &ident_addr.sin_addr, (void *) &peer_addr->sin_addr, sizeof(ident_addr.sin_addr)); ++ ident_addr.sin_port = htons(113); ++ ++ do { ++ /* socket call */ ++ ++ if ((ident_sock = socket(ident_addr.sin_family, SOCK_STREAM, 0)) < 0) { ++ msg_warn("Can't allocate socket for ident lookup: %s", strerror(errno)); ++ break; ++ } ++ ++ /* Now bind the local sock to the interface */ ++ ++ if (bind(ident_sock, (struct sockaddr *)&local_addr, sizeof(local_addr)) < 0) { ++ msg_warn("local bind of ident sock failed: %s", strerror(errno)); ++ break; ++ } ++ ++ /* connect() back to the smtp client host on port 113 */ ++ ++ if (connect(ident_sock, (struct sockaddr *) &ident_addr, sizeof(ident_addr )) < 0) { ++ msg_warn( "ident connect to %s: %s", inet_ntoa(peer_addr->sin_addr), ++ strerror(errno)); ++ break; ++ } ++ ++ /* Ok, make this a vstream */ ++ ++ ident_stream = vstream_fdopen(ident_sock, O_RDWR); ++ ident_stream->timeout = IDENT_TIMEOUT; ++ ++ /* Print the ident message to the remote host */ ++ ++ vstream_fprintf(ident_stream, "%d, %d\n", ntohs(peer_addr->sin_port), ntohs(smtpd_addr->sin_port)); ++ if (vstream_ftimeout(ident_stream)) { ++ msg_warn( "ident write timed out to %s", inet_ntoa(peer_addr->sin_addr)); ++ break; ++ } ++ ++ /* Read back the result */ ++ ++ vstream_fread(ident_stream, ident_msg, IDENT_MSGSIZE); ++ if (vstream_ftimeout(ident_stream)) { ++ msg_warn( "ident read timed out to %s", inet_ntoa(peer_addr->sin_addr)); ++ break; ++ } ++ ++ /* ++ * Should I even bother with this? ++ * ++ * Even if so, don't worry about this failing, set the timeout low ++ */ ++ ++ ident_stream->timeout = 2; ++ vstream_fwrite(ident_stream, "quit\n", strlen("quit\n")); ++ ++ if (strlen(ident_msg) == 0) { ++ msg_warn( "Failed to get ident string from %s", inet_ntoa(peer_addr->sin_addr)); ++ break; ++ } ++ ++ if ((sp = strrchr(ident_msg, ':')) == NULL) { ++ msg_warn( "Invalid ident string from %s", inet_ntoa(peer_addr->sin_addr)); ++ break; ++ } ++ sp++; ++ CHOMP(sp); ++ while (*sp && (*sp == ' ' || *sp == '\t')) { ++ sp++; ++ } ++ ++ /* If we break before this line, we know we had some sort of bad error */ ++ ++ strncpy(ident_user, sp, IDENT_MSGSIZE); ++ msg_info( "Received ident string %s from %s", sp, inet_ntoa(peer_addr->sin_addr)); ++ ++ } while (0); ++ ++ if (strlen(ident_user) == 0) { ++ msg_warn( "Failed to get ident user for %s", inet_ntoa(peer_addr->sin_addr)); ++ return NULL; ++ } ++ ++ vstream_fclose(ident_stream); ++ return_val = mystrdup(ident_user); ++ return return_val; ++} +--- postfix-2.3-RC9/src/smtpd/smtpd.h.orig 2006-07-09 21:49:21.000000000 +0200 ++++ postfix-2.3-RC9/src/smtpd/smtpd.h 2006-07-11 20:30:43.993322048 +0200 +@@ -77,6 +77,7 @@ + char *addr; /* client host address string */ + char *namaddr; /* combined name and address */ + char *rfc_addr; /* address for RFC 2821 */ ++ char *ident_user; /* user name returned by ident RFC 1413 */ + int addr_family; /* address family */ + struct sockaddr_storage sockaddr; /* binary client endpoint */ + int name_status; /* 2=ok 4=soft 5=hard 6=forged */ +@@ -266,6 +267,8 @@ + extern void smtpd_peer_init(SMTPD_STATE *state); + extern void smtpd_peer_reset(SMTPD_STATE *state); + ++extern char *smtpd_ident(struct sockaddr_in *peer_addr, struct sockaddr_in *smtpd_addr); ++ + #define SMTPD_PEER_CODE_OK 2 + #define SMTPD_PEER_CODE_TEMP 4 + #define SMTPD_PEER_CODE_PERM 5 +--- postfix-2.8.3/src/smtpd/Makefile.in~ 2011-05-17 14:28:28.406666872 +0200 ++++ postfix-2.8.3/src/smtpd/Makefile.in 2011-05-17 14:31:06.946666872 +0200 +@@ -2,11 +2,11 @@ + SRCS = smtpd.c smtpd_token.c smtpd_check.c smtpd_chat.c smtpd_state.c \ + smtpd_peer.c smtpd_sasl_proto.c smtpd_sasl_glue.c smtpd_proxy.c \ + smtpd_xforward.c smtpd_dsn_fix.c smtpd_milter.c smtpd_resolve.c \ +- smtpd_expand.c ++ smtpd_expand.c smtpd_ident.c + OBJS = smtpd.o smtpd_token.o smtpd_check.o smtpd_chat.o smtpd_state.o \ + smtpd_peer.o smtpd_sasl_proto.o smtpd_sasl_glue.o smtpd_proxy.o \ + smtpd_xforward.o smtpd_dsn_fix.o smtpd_milter.o smtpd_resolve.o \ +- smtpd_expand.o ++ smtpd_expand.o smtpd_ident.o + HDRS = smtpd_token.h smtpd_check.h smtpd_chat.h smtpd_sasl_proto.h \ + smtpd_sasl_glue.h smtpd_proxy.h smtpd_dsn_fix.h smtpd_milter.h \ + smtpd_resolve.h smtpd_expand.h +--- postfix-2.9.0/src/smtpd/smtpd.c.orig 2012-02-04 19:34:17.737149536 +0100 ++++ postfix-2.9.0/src/smtpd/smtpd.c 2012-02-04 19:36:43.414073592 +0100 +@@ -1208,6 +1208,7 @@ + char *var_local_rwr_clients; + char *var_smtpd_ehlo_dis_words; + char *var_smtpd_ehlo_dis_maps; ++char *var_smtpd_ident_lookup; + + char *var_smtpd_tls_level; + bool var_smtpd_use_tls; +@@ -1329,6 +1330,11 @@ + int smtpd_input_transp_mask; + + /* ++ * Hosts that should be ident-queried ++ */ ++NAMADR_LIST *smtpd_ident_lookup; ++ ++ /* + * Forward declarations. + */ + static void helo_reset(SMTPD_STATE *); +@@ -2950,10 +2956,18 @@ + * intermediate proxy. + */ + if (!proxy || state->xforward.flags == 0) { +- out_fprintf(out_stream, REC_TYPE_NORM, +- "Received: from %s (%s [%s])", +- state->helo_name ? state->helo_name : state->name, +- state->name, state->rfc_addr); ++ if (namadr_list_match(smtpd_ident_lookup, state->name, state->addr)) { ++ out_fprintf(out_stream, REC_TYPE_NORM, ++ "Received: from %s (%s [%s] ident=%s)", ++ state->helo_name ? state->helo_name : state->name, ++ state->name, state->rfc_addr, ++ state->ident_user); ++ } else { ++ out_fprintf(out_stream, REC_TYPE_NORM, ++ "Received: from %s (%s [%s])", ++ state->helo_name ? state->helo_name : state->name, ++ state->name, state->rfc_addr); ++ } + + #define VSTRING_STRDUP(s) vstring_strcpy(vstring_alloc(strlen(s) + 1), (s)) + +@@ -4954,6 +4968,9 @@ + xclient_hosts = namadr_list_init(MATCH_FLAG_RETURN, var_xclient_hosts); + xforward_hosts = namadr_list_init(MATCH_FLAG_RETURN, var_xforward_hosts); + hogger_list = namadr_list_init(MATCH_FLAG_RETURN, var_smtpd_hoggers); ++ smtpd_ident_lookup = ++ namadr_list_init(match_parent_style(VAR_SMTPD_IDENT_LOOKUP), ++ var_smtpd_ident_lookup); + + /* + * Open maps before dropping privileges so we can read passwords etc. +@@ -5382,6 +5399,7 @@ + VAR_MILT_V, DEF_MILT_V, &var_milt_v, 1, 0, + VAR_STRESS, DEF_STRESS, &var_stress, 0, 0, + VAR_REJECT_REPLY_MSG_ACCESS_DENIED, DEF_REJECT_REPLY_MSG_ACCESS_DENIED, &var_reject_reply_msg_access_denied, 1, 0, ++ VAR_SMTPD_IDENT_LOOKUP, DEF_SMTPD_IDENT_LOOKUP, &var_smtpd_ident_lookup, 0, 0, + VAR_UNV_FROM_WHY, DEF_UNV_FROM_WHY, &var_unv_from_why, 0, 0, + VAR_UNV_RCPT_WHY, DEF_UNV_RCPT_WHY, &var_unv_rcpt_why, 0, 0, + VAR_REJECT_TMPF_ACT, DEF_REJECT_TMPF_ACT, &var_reject_tmpf_act, 1, 0, +--- postfix-2.9.0/src/smtpd/smtpd_peer.c.orig 2012-02-04 19:34:17.294233547 +0100 ++++ postfix-2.9.0/src/smtpd/smtpd_peer.c 2012-02-04 19:40:48.203777370 +0100 +@@ -98,6 +98,7 @@ + + #include + #include ++#include + #include + #include + #include /* strerror() */ +@@ -117,6 +118,7 @@ + + /* Global library. */ + ++#include + #include + #include + #include +@@ -125,6 +127,8 @@ + + #include "smtpd.h" + ++extern NAMADR_LIST *smtpd_ident_lookup; ++ + /* smtpd_peer_init - initialize peer information */ + + void smtpd_peer_init(SMTPD_STATE *state) +@@ -132,6 +136,9 @@ + const char *myname = "smtpd_peer_init"; + SOCKADDR_SIZE sa_length; + struct sockaddr *sa; ++ struct sockaddr_in serv_sin; ++ char *ident_user = NULL; ++ SOCKADDR_SIZE sa_len; + INET_PROTO_INFO *proto_info = inet_proto_info(); + + sa = (struct sockaddr *) & (state->sockaddr); +@@ -171,6 +178,7 @@ + state->addr_family = AF_UNSPEC; + state->name_status = SMTPD_PEER_CODE_PERM; + state->reverse_name_status = SMTPD_PEER_CODE_PERM; ++ state->ident_user = mystrdup("NO-USER"); + state->port = mystrdup(CLIENT_PORT_UNKNOWN); + } + +@@ -342,6 +350,7 @@ + if (aierr) { + msg_warn("hostname %s does not resolve to address %s: %s", + state->name, state->addr, MAI_STRERROR(aierr)); ++ state->ident_user = mystrdup("NO-USER"); + REJECT_PEER_NAME(state, (TEMP_AI_ERROR(aierr) ? + SMTPD_PEER_CODE_TEMP : SMTPD_PEER_CODE_FORGED)); + } else { +@@ -363,6 +372,20 @@ + freeaddrinfo(res0); + } + } ++ ++ if (namadr_list_match(smtpd_ident_lookup, state->name, state->addr)) { ++ /* If getsockname fails, just forget it */ ++ sa_len = sizeof(serv_sin); ++ if (getsockname(vstream_fileno(state->client), (struct sockaddr *)&serv_sin, &sa_len) >= 0) { ++ ident_user = smtpd_ident((struct sockaddr_in *)sa, &serv_sin); ++ if (ident_user == NULL) ++ state->ident_user = mystrdup("NO-USER"); ++ else ++ state->ident_user = ident_user; ++ } else ++ msg_warn("getsockname failed while doing ident lookup: %s", strerror(errno)); ++ } else ++ state->ident_user = mystrdup("NO-USER"); + } + + /* +@@ -383,6 +406,7 @@ + state->name_status = SMTPD_PEER_CODE_OK; + state->reverse_name_status = SMTPD_PEER_CODE_OK; + state->port = mystrdup("0"); /* XXX bogus. */ ++ state->ident_user = mystrdup("NO-USER"); + } + + /* +@@ -401,5 +425,6 @@ + myfree(state->addr); + myfree(state->namaddr); + myfree(state->rfc_addr); ++ myfree(state->ident_user); + myfree(state->port); + } diff --git a/postfix-lib64.patch b/postfix-lib64.patch new file mode 100644 index 0000000..fe77600 --- /dev/null +++ b/postfix-lib64.patch @@ -0,0 +1,8 @@ +--- postfix-2.3.0/conf/dynamicmaps.cf~ 2006-07-25 13:36:17.245609587 +0300 ++++ postfix-2.3.0/conf/dynamicmaps.cf 2006-07-25 13:37:00.056561114 +0300 +@@ -6,4 +6,4 @@ + # + #type location of .so file name of open function + #==== ================================ ===================== +-* /usr/lib/postfix/dict_%s.so dict_%s_open ++* /usr/lib64/postfix/dict_%s.so dict_%s_open diff --git a/postfix-link.patch b/postfix-link.patch new file mode 100644 index 0000000..7cdd0cf --- /dev/null +++ b/postfix-link.patch @@ -0,0 +1,48 @@ +diff -ur postfix-2.7.1/src/dns/Makefile.in postfix-2.7.1-libs/src/dns/Makefile.in +--- postfix-2.7.1/src/dns/Makefile.in 2010-11-08 20:14:18.394139054 +0100 ++++ postfix-2.7.1-libs/src/dns/Makefile.in 2010-11-08 20:12:39.300139053 +0100 +@@ -31,7 +31,7 @@ + root_tests: + + $(LIB): $(OBJS) +- gcc -shared -Wl,-soname,libpostfix-dns.so.1 -o $(LIB) $(OBJS) ++ gcc -shared -Wl,-soname,libpostfix-dns.so.1 -o $(LIB) $(OBJS) $(LIBS) -lresolv + + $(LIB_DIR)/$(LIB): $(LIB) + cp $(LIB) $(LIB_DIR) +diff -ur postfix-2.7.1/src/global/Makefile.in postfix-2.7.1-libs/src/global/Makefile.in +--- postfix-2.7.1/src/global/Makefile.in 2010-11-08 20:14:18.424139054 +0100 ++++ postfix-2.7.1-libs/src/global/Makefile.in 2010-11-08 20:10:05.004139060 +0100 +@@ -120,7 +120,7 @@ + test: $(TESTPROG) + + $(LIB): $(OBJS) +- gcc -shared -Wl,-soname,libpostfix-global.so.1 -o $(LIB) $(OBJS) ++ gcc -shared -Wl,-soname,libpostfix-global.so.1 -o $(LIB) $(OBJS) $(LIBS) + + $(LDAPSO): dict_ldap.o $(LIB) + gcc -shared -Wl,-soname,dict_ldap.so -o $@ $? -lldap -llber -L../../lib -lutil -L. -lglobal +diff -ur postfix-2.7.1/src/master/Makefile.in postfix-2.7.1-libs/src/master/Makefile.in +--- postfix-2.7.1/src/master/Makefile.in 2010-11-08 20:14:18.400139054 +0100 ++++ postfix-2.7.1-libs/src/master/Makefile.in 2010-11-08 20:10:24.072139054 +0100 +@@ -39,7 +39,7 @@ + root_tests: + + $(LIB): $(LIB_OBJ) +- gcc -shared -Wl,-soname,libpostfix-master.so.1 -o $(LIB) $(LIB_OBJ) ++ gcc -shared -Wl,-soname,libpostfix-master.so.1 -o $(LIB) $(LIB_OBJ) $(LIBS) + + $(LIB_DIR)/$(LIB): $(LIB) + cp $(LIB) $(LIB_DIR)/$(LIB) +diff -ur postfix-2.7.1/src/util/Makefile.in postfix-2.7.1-libs/src/util/Makefile.in +--- postfix-2.7.1/src/util/Makefile.in 2010-11-08 20:14:18.465139054 +0100 ++++ postfix-2.7.1-libs/src/util/Makefile.in 2010-11-08 20:12:49.982139058 +0100 +@@ -126,7 +126,7 @@ + gcc -shared -Wl,-soname,dict_pcre.so -o $@ $? -lpcre -L. -lutil + + $(LIB): $(OBJS) +- gcc -shared -Wl,-soname,libpostfix-util.so.1 -o $(LIB) $(OBJS) -ldl ++ gcc -shared -Wl,-soname,libpostfix-util.so.1 -o $(LIB) $(OBJS) -ldl -lcdb -lnsl -ldb + + $(LIB_DIR)/$(LIB): $(LIB) + cp $(LIB) $(LIB_DIR) diff --git a/postfix-make-jN.patch b/postfix-make-jN.patch new file mode 100644 index 0000000..1d53873 --- /dev/null +++ b/postfix-make-jN.patch @@ -0,0 +1,11 @@ +--- postfix-2.5.1/src/util/Makefile.in.orig 2008-04-01 08:29:37.168090190 +0200 ++++ postfix-2.5.1/src/util/Makefile.in 2008-04-01 08:30:10.665787970 +0200 +@@ -118,7 +118,7 @@ + + test: $(TESTPROG) + +-$(PCRESO): dict_pcre.o ++$(PCRESO): dict_pcre.o libutil.a + gcc -shared -Wl,-soname,dict_pcre.so -o $@ $? -lpcre -L. -lutil + + $(LIB): $(OBJS) diff --git a/postfix-master.cf_cyrus.patch b/postfix-master.cf_cyrus.patch new file mode 100644 index 0000000..1947926 --- /dev/null +++ b/postfix-master.cf_cyrus.patch @@ -0,0 +1,19 @@ +--- postfix-2.2.2/conf/master.cf.orig 2005-01-24 20:12:46.000000000 +0100 ++++ postfix-2.2.2/conf/master.cf 2005-04-26 11:46:51.000000000 +0200 +@@ -60,14 +60,14 @@ + # Also specify in main.cf: cyrus_destination_recipient_limit=1 + # + #cyrus unix - n n - - pipe +-# user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user} ++# user=cyrus argv=/usr/lib/cyrus/deliver -e -r ${sender} -m ${extension} ${user} + # + # ==================================================================== + # + # Old example of delivery via Cyrus. + # + #old-cyrus unix - n n - - pipe +-# flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user} ++# flags=R user=cyrus argv=/usr/lib/cyrus/deliver -e -m ${extension} ${user} + # + # ==================================================================== + # diff --git a/postfix-scache_clnt.patch b/postfix-scache_clnt.patch new file mode 100644 index 0000000..e34ee5e --- /dev/null +++ b/postfix-scache_clnt.patch @@ -0,0 +1,11 @@ +--- postfix-2.8.3/src/global/scache_clnt.c.orig 2011-05-17 14:24:55.245798704 +0200 ++++ postfix-2.8.3/src/global/scache_clnt.c 2011-05-17 14:24:26.382381790 +0200 +@@ -414,7 +414,7 @@ + sp->scache->size = scache_clnt_size; + sp->scache->free = scache_clnt_free; + +- service = concatenate("local:private/", server, (char *) 0); ++ service = concatenate("local:private/", var_scache_service, (char *) 0); + sp->auto_clnt = auto_clnt_create(service, timeout, idle_limit, ttl_limit); + myfree(service); + diff --git a/postfix-vda-bigquota.patch b/postfix-vda-bigquota.patch new file mode 100644 index 0000000..6476645 --- /dev/null +++ b/postfix-vda-bigquota.patch @@ -0,0 +1,204 @@ +diff -ur postfix-2.7.0/src/virtual/maildir.c postfix-2.7.0-bg/src/virtual/maildir.c +--- postfix-2.7.0/src/virtual/maildir.c 2010-04-15 16:46:03.766130197 +0200 ++++ postfix-2.7.0-bg/src/virtual/maildir.c 2010-04-15 16:55:02.496126981 +0200 +@@ -65,6 +65,7 @@ + + /* Patch library. */ + ++#include + #include /* opendir(3), stat(2) */ + #include /* stat(2) */ + #include /* opendir(3) */ +@@ -98,14 +99,14 @@ + * Returns the size of all mails as read from maildirsize, + * zero if it couldn't read the file. + */ +-static long read_maildirsize(char *filename, long *sumptr, long *countptr) ++static long read_maildirsize(char *filename, int64_t *sumptr, int64_t *countptr) + { + char *myname = "read_maildirsize"; + struct stat statbuf; + VSTREAM *sizefile; + char *p; + int len, first; +- long sum = 0, count = 0, ret_value = -1; ++ int64_t sum = 0, count = 0, ret_value = -1; + + if (msg_verbose) + msg_info("%s: we will use sizefile = '%s'", myname, filename); +@@ -136,7 +137,7 @@ + first = 1; + + while (*p) { +- long n = 0, c = 0; ++ int64_t n = 0, c = 0; + char *q = p; + + while (*p) { +@@ -151,7 +152,7 @@ + continue; + } + +- if (sscanf(q, "%ld %ld", &n, &c) == 2) { ++ if (sscanf(q, "%lld %lld", &n, &c) == 2) { + sum += n; + count += c; + /* if (msg_verbose) +@@ -179,7 +180,7 @@ + ret_value = -1; + } else { + if (msg_verbose) +- msg_info("%s: we will return Maildir size = %ld, count = %ld", myname, *sumptr, *countptr); ++ msg_info("%s: we will return Maildir size = %lld, count = %lld", myname, *sumptr, *countptr); + + ret_value = sum; + } +@@ -200,7 +201,7 @@ + * Returns the size given in ",S=" in the filename, + * zero if it cannot find ",S=" in the filename. + */ +-static long maildir_parsequota(const char *n) ++static int64_t maildir_parsequota(const char *n) + { + const char *o; + int yes = 0; +@@ -225,7 +226,7 @@ + } + + if (yes) { +- long s = 0; ++ int64_t s = 0; + + while (*o >= '0' && *o <= '9') + s = s*10 + (*o++ - '0'); +@@ -252,11 +253,11 @@ + * Returns the sum of the sizes of all measurable files, + * zero if the directory could not be opened. + */ +-static long check_dir_size(char *dirname, long *countptr) ++static int64_t check_dir_size(char *dirname, int64_t *countptr) + { + char *myname = "check_dir_size"; + DIR *dir; +- long sum = 0; ++ int64_t sum = 0; + struct dirent *ent; + struct stat statbuf; + +@@ -277,7 +278,7 @@ + + while ((ent = readdir(dir)) != NULL) { + char *name = ent->d_name; +- long tmpsum = 0; ++ int64_t tmpsum = 0; + VSTRING *buffer; + + /* do not count dot a double-dot dirs */ +@@ -324,7 +325,7 @@ + } + if ((statbuf.st_mode & S_IFREG) != 0) { + if (strcmp(dirname + strlen(dirname) - 3, "new") == 0 || strcmp(dirname + strlen(dirname) - 3, "cur") == 0 || strcmp(dirname + strlen(dirname) - 3, "tmp") == 0) { +- sum += (long) statbuf.st_size; ++ sum += (int64_t) statbuf.st_size; + (*countptr)++; + } + } +@@ -338,7 +339,7 @@ + closedir(dir); + + if (msg_verbose) +- msg_info("%s: full scan done: dir=%s sum=%ld count=%ld", myname, dirname, sum, *countptr); ++ msg_info("%s: full scan done: dir=%s sum=%lld count=%lld", myname, dirname, sum, *countptr); + + return sum; + } +@@ -456,9 +457,9 @@ + char *sizefilename = (char *) 0; /* Maildirsize file name. */ + VSTRING *filequota; /* Quota setting from the maildirsize file. */ + VSTREAM *sizefile; /* Maildirsize file handle. */ +- long n = 0; /* Limit in long integer format. */ +- long saved_count = 0; /* The total number of files. */ +- long saved_size = 0; /* The total quota of all files. */ ++ int64_t n = 0; /* Limit in long integer format. */ ++ int64_t saved_count = 0; /* The total number of files. */ ++ int64_t saved_size = 0; /* The total quota of all files. */ + struct stat mail_stat; /* To check the size of the mail to be written. */ + struct stat sizefile_stat; /* To check the size of the maildirsize file. */ + time_t tm; /* To check the age of the maildirsize file. */ +@@ -541,7 +542,7 @@ + * warn the user, else use the value directly as the maildir limit. + */ + if (*var_virt_mailbox_limit_maps != 0 && (limit_res = mail_addr_find(virtual_mailbox_limit_maps, state.msg_attr.user, (char **) NULL)) != 0) { +- n = atol(limit_res); ++ n = strtoll(limit_res, NULL, 10); + if (n > 0) { + if ((n < var_message_limit) && (!var_virt_mailbox_limit_override)) { + n = var_virt_mailbox_limit; +@@ -552,13 +553,13 @@ + } + else { + if (msg_verbose) +- msg_info("%s: set virtual maildir limit size for %s to %ld", ++ msg_info("%s: set virtual maildir limit size for %s to %lld", + myname, usr_attr.mailbox, n); + } + } + else if (n == 0) { + if (msg_verbose) +- msg_info("%s: set virtual maildir limit size for %s to %ld", ++ msg_info("%s: set virtual maildir limit size for %s to %lld", + myname, usr_attr.mailbox, n); + } + else { +@@ -580,7 +581,7 @@ + x >= 0 = reading successfully finished - sum si returned, so sum size of Maildir was 0 or more */ + if (!var_virt_mailbox_limit_inbox && var_virt_maildir_extended && read_maildirsize(sizefilename, &saved_size, &saved_count) >= 0) { + if (msg_verbose) +- msg_info("%s: maildirsize used=%s sum=%ld count=%ld", myname, sizefilename, saved_size, saved_count); ++ msg_info("%s: maildirsize used=%s sum=%lld count=%lld", myname, sizefilename, saved_size, saved_count); + } else { + if (msg_verbose) + msg_info("%s: var_virt_mailbox_limit == 1 OR var_virt_maildir_extended == 0 OR read_maildidrsize() returned value x < 0 as saying something failed", myname); +@@ -693,7 +694,7 @@ + */ + if (stat(tmpfile, &mail_stat) == 0) { + if (n != 0) { +- saved_size += (long) mail_stat.st_size; ++ saved_size += (int64_t) mail_stat.st_size; + saved_count++; + } + if (var_virt_maildir_extended) { +@@ -710,7 +711,7 @@ + */ + if (saved_size > n) { + mail_copy_status = MAIL_COPY_STAT_WRITE; +- if (((long) mail_stat.st_size > n) || (var_virt_overquota_bounce)) ++ if (((int64_t) mail_stat.st_size > n) || (var_virt_overquota_bounce)) + errno = EFBIG; + else + errno = EDQUOT; +@@ -889,7 +890,7 @@ + filequota = vstring_alloc(128); + vstring_get_null_bound(filequota, sizefile, 127); + vstream_fclose(sizefile); +- if (atol(vstring_export(filequota)) != n) ++ if (strtoll(vstring_export(filequota), NULL, 10) != n) + unlink(sizefilename); + } + +@@ -909,13 +910,13 @@ + + /* If the creation worked, write to the file, otherwise just give up. */ + if (sizefile) { +- vstream_fprintf(sizefile, "%ldS\n%ld %ld\n", n, saved_size, saved_count); ++ vstream_fprintf(sizefile, "%lldS\n%lld %lld\n", n, saved_size, saved_count); + vstream_fclose(sizefile); + } + } + else { + /* We opened maildirsize, so let's just append this transaction and close it. */ +- vstream_fprintf(sizefile, "%ld 1\n", (long) mail_stat.st_size); ++ vstream_fprintf(sizefile, "%lld 1\n", (int64_t) mail_stat.st_size); + vstream_fclose(sizefile); + } + diff --git a/postfix.aliases b/postfix.aliases new file mode 100644 index 0000000..a33ccf5 --- /dev/null +++ b/postfix.aliases @@ -0,0 +1,38 @@ +# +# @(#)aliases 8.2 (Berkeley) 3/5/94 +# +# Aliases in this file will NOT be expanded in the header from +# Mail, but WILL be visible over networks or from /bin/mail. +# +# >>>>>>>>>> The program "newaliases" must be run after +# >> NOTE >> this file is updated for any changes to +# >>>>>>>>>> show through to postfix. +# + +# Basic system aliases -- these MUST be present. +MAILER-DAEMON: postmaster +postmaster: root + +# General redirections for pseudo accounts. +bin: root +daemon: root +games: root +ingres: root +nobody: root +system: root +toor: root +uucp: root + +# Well-known aliases. +manager: root +dumper: root +operator: root + +# trap decode to catch security attacks +decode: root + +# Standard users added by PLD: +stats: root + +# Person who should get root's mail +#root: marc diff --git a/postfix.cron b/postfix.cron new file mode 100644 index 0000000..9dfbe0e --- /dev/null +++ b/postfix.cron @@ -0,0 +1,5 @@ +#!/bin/sh +# +# Check for problems with Postfix + +/usr/sbin/postfix check \ No newline at end of file diff --git a/postfix.init b/postfix.init new file mode 100644 index 0000000..c44be2f --- /dev/null +++ b/postfix.init @@ -0,0 +1,141 @@ +#!/bin/sh +# +# postfix This shell script takes care of starting and stopping +# postfix. +# +# chkconfig: 345 80 20 +# +# description: Postfix is a Mail Transport Agent, which is the program \ +# that moves mail from one machine to another. + + +# Source function library +. /etc/rc.d/init.d/functions + +# Get network config +. /etc/sysconfig/network + +# Get service config +[ -f /etc/sysconfig/postfix ] && . /etc/sysconfig/postfix + +# Check that networking is up. +networking_check() { + if is_yes "${NETWORKING}"; then + if [ ! -f /var/lock/subsys/network -a "$1" != stop -a "$1" != status ]; then + msg_network_down "Postfix" + exit 1 + fi + else + exit 0 + fi +} + +start() { + if [ -f /var/lock/subsys/postfix ]; then + msg_already_running "Postfix" + return + fi + + local msg + msg_starting "Postfix" + busy + _daemon_set_ulimits + msg=$(nice -n ${SERVICE_RUN_NICE_LEVEL:-${DEFAULT_SERVICE_RUN_NICE_LEVEL:-0}} /usr/sbin/postfix start 2>&1) + RETVAL=$? + if [ $RETVAL -eq 0 ]; then + ok + touch /var/lock/subsys/postfix + else + fail + echo >&2 "$msg" + fi +} + +stop() { + if [ ! -f /var/lock/subsys/postfix ]; then + msg_not_running "Postfix" + return + fi + + local msg + msg_stopping "Postfix" + busy + msg=$(/usr/sbin/postfix stop 2>&1) + if [ $? -eq 0 ]; then + ok + else + fail + echo >&2 "$msg" + fi + rm -f /var/lock/subsys/postfix >/dev/null 2>&1 +} + +reload() { + if [ ! -f /var/lock/subsys/postfix ]; then + msg_not_running "Postfix" + RETVAL=7 + return + fi + + local msg + msg_reloading "Postfix" + busy + msg=$(/usr/sbin/postfix reload 2>&1) + RETVAL=$? + if [ $RETVAL -eq 0 ]; then + ok + else + fail + echo >&2 "$msg" + RETVAL=7 + fi +} + +RETVAL=0 +# See how we were called. +case "$1" in + start) + networking_check + start + ;; + stop) + stop + ;; + restart) + networking_check + stop + start + ;; + reload|force-reload) + networking_check + reload + ;; + rebuilddb) + standard_db="access canonical relocated transport virtual" + extra_db=$(ls -1 /etc/mail/*.db 2> /dev/null | grep -Ev '/(access|canonical|relocated|transport|virtual|aliases)\.db$') + + echo -n "Rebuilding databases: " + for base in $standard_db $extra_db; do + db=$(basename "$base" .db) + + if [ -f /etc/mail/$db ]; then + echo -n "$db " + /usr/sbin/postmap hash:/etc/mail/$db < /etc/mail/$db + fi + done + echo "...DONE" + + echo -n "Rebuilding aliases database" + /usr/bin/newaliases + echo "...DONE" + ;; + status) + status master + exit $? + ;; + *) + msg_usage "$0 {start|stop|restart|reload|force-reload|rebuilddb|status}" + exit 3 +esac + +exit $RETVAL diff --git a/postfix.monitrc b/postfix.monitrc new file mode 100644 index 0000000..3bf9763 --- /dev/null +++ b/postfix.monitrc @@ -0,0 +1,14 @@ +check process postfix with pidfile /var/spool/postfix/pid/master.pid + group mail + start program = "/etc/rc.d/init.d/postfix start" + stop program = "/etc/rc.d/init.d/postfix stop" + if failed port 25 protocol smtp then restart + if 5 restarts within 5 cycles then timeout + depends on postfix_rc + +check file postfix_rc with path /etc/rc.d/init.d/postfix + group mail + if failed checksum then unmonitor + if failed permission 754 then unmonitor + if failed uid root then unmonitor + if failed gid root then unmonitor diff --git a/postfix.pamd b/postfix.pamd new file mode 100644 index 0000000..cc3e3f4 --- /dev/null +++ b/postfix.pamd @@ -0,0 +1,5 @@ +#%PAM-1.0 +auth required pam_listfile.so item=user sense=deny file=/etc/security/blacklist.smtp onerr=succeed +auth include system-auth +account required pam_nologin.so +account include system-auth diff --git a/postfix.sasl b/postfix.sasl new file mode 100644 index 0000000..74ef83f --- /dev/null +++ b/postfix.sasl @@ -0,0 +1 @@ +pwcheck_method:saslauthd diff --git a/postfix.service b/postfix.service new file mode 100644 index 0000000..6ea9214 --- /dev/null +++ b/postfix.service @@ -0,0 +1,14 @@ +[Unit] +Description=Postfix Mail Transport Agent +After=syslog.target network.target +Conflicts=sendmail.service exim.service + +[Service] +Type=forking +PIDFile=/var/spool/postfix/pid/master.pid +ExecStart=/usr/sbin/postfix start +ExecReload=/usr/sbin/postfix reload +ExecStop=/usr/sbin/postfix stop + +[Install] +WantedBy=multi-user.target diff --git a/postfix.spec b/postfix.spec new file mode 100644 index 0000000..7abaf8d --- /dev/null +++ b/postfix.spec @@ -0,0 +1,563 @@ +# +# Conditional build: +%bcond_without ldap # without LDAP map module +%bcond_without mysql # without MySQL map module +%bcond_without pgsql # without PostgreSQL map module +%bcond_without sqlite # without SQLite map module +%bcond_without sasl # without SMTP AUTH support +%bcond_without ssl # without SSL/TLS support +%bcond_without cdb # without cdb map support +%if "%{pld_release}" == "th" +%bcond_without vda # without VDA patch +%else +%bcond_with vda # with VDA patch +%endif +%bcond_with hir # with Beeth's header_if_reject patch +%bcond_with tcp # with unofficial tcp: lookup table +%if "%{pld_release}" == "ac" +%bcond_with epoll # enable epoll for 2.6 kernels +# there didn't exist x86_64 2.4 kernel in PLD, so can safely enable epoll +%ifarch %{x8664} +%define with_epoll 1 +%endif +%else +%bcond_without epoll # disable epoll for 2.4 kernels +%endif + +%define vda_ver v11-2.9.1 +Summary: Postfix Mail Transport Agent +Summary(cs.UTF-8): Postfix - program pro přepravu poÅ¡ty (MTA) +Summary(es.UTF-8): Postfix - Un MTA (Mail Transport Agent) de alto desempeño +Summary(fr.UTF-8): Agent de transport de courrier Postfix +Summary(pl.UTF-8): Serwer SMTP Postfix +Summary(pt_BR.UTF-8): Postfix - Um MTA (Mail Transport Agent) de alto desempenho +Summary(sk.UTF-8): Agent prenosu poÅ¡ty Postfix +Name: postfix +Version: 2.9.6 +Release: 1 +Epoch: 2 +License: distributable +Group: Networking/Daemons/SMTP +Source0: ftp://ftp.porcupine.org/mirrors/postfix-release/official/%{name}-%{version}.tar.gz +# Source0-md5: 62eba08ce4acfa6b421e8fa88f2422d1 +Source1: %{name}.aliases +Source2: %{name}.cron +Source3: %{name}.init +Source4: %{name}.sysconfig +Source5: %{name}.sasl +Source6: %{name}.pamd +Source7: http://vda.sourceforge.net/VDA/%{name}-vda-%{vda_ver}.patch +# Source7-md5: a54a21428de5eeae91b4bb670976e37a +Source8: %{name}-bounce.cf.pl +# http://postfix.state-of-mind.de/bounce-templates/bounce.de-DE.cf +Source9: %{name}-bounce.cf.de +Source10: %{name}.monitrc +Source11: %{name}-vda-bigquota.patch +#Source11: http://vda.sourceforge.net/VDA/%{name}-%{vda_ver}-vda-ng-bigquota.patch.gz +# -ource11-md5: d46103195b43ec5784ea2c166b238f71 +Source12: %{name}.service +Patch0: %{name}-config.patch +Patch1: %{name}-conf_msg.patch +Patch2: %{name}-dynamicmaps.patch +Patch3: %{name}-master.cf_cyrus.patch +# from http://akson.sgh.waw.pl/~chopin/unix/postfix-2.1.5-header_if_reject.diff +Patch4: %{name}-header_if_reject.patch +Patch5: %{name}-ident.patch +Patch6: %{name}-lib64.patch +Patch7: %{name}-conf.patch +Patch8: %{name}-dictname.patch +Patch9: %{name}-make-jN.patch +Patch10: %{name}-link.patch +Patch11: %{name}-scache_clnt.patch +Patch12: format-security.patch +URL: http://www.postfix.org/ +%{?with_sasl:BuildRequires: cyrus-sasl-devel} +BuildRequires: db-devel +# getifaddrs() with IPv6 support +BuildRequires: glibc-devel >= 6:2.3.4 +%{?with_mysql:BuildRequires: mysql-devel} +%{?with_ldap:BuildRequires: openldap-devel >= 2.0.12} +%{?with_ssl:BuildRequires: openssl-devel >= 0.9.7l} +BuildRequires: pcre-devel +BuildRequires: perl-base +%{?with_pgsql:BuildRequires: postgresql-devel} +BuildRequires: rpm >= 4.4.9-56 +BuildRequires: rpmbuild(macros) >= 1.644 +BuildRequires: sed >= 4.0 +%{?with_sqlite:BuildRequires: sqlite3-devel} +%{?with_cdb:BuildRequires: tinycdb-devel} +%{?with_mysql:BuildRequires: zlib-devel} +Requires(post): /bin/hostname +Requires(post,postun): /sbin/ldconfig +Requires(post,preun): /sbin/chkconfig +Requires(postun): /usr/sbin/groupdel +Requires(postun): /usr/sbin/userdel +Requires(pre): /bin/id +Requires(pre): /usr/bin/getgid +Requires(pre): /usr/sbin/groupadd +Requires(pre): /usr/sbin/useradd +Requires: /sbin/chkconfig +Requires: diffutils +Requires: findutils +Requires: rc-scripts +Requires: sed +%{?with_cdb:Requires:tinycdb} +Requires: systemd-units >= 38 +Suggests: cyrus-sasl-saslauthd +Provides: group(postfix) +Provides: smtpdaemon +Provides: user(postfix) +Obsoletes: smtpdaemon +BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n) + +%description +Postfix is attempt to provide an alternative to the widely-used +Sendmail program. Postfix attempts to be fast, easy to administer, and +hopefully secure, while at the same time being sendmail compatible +enough to not upset your users. This version has IPv6 support. + +%description -l es.UTF-8 +Postfix es una alternativa para el mundialmente utilizado sendmail. Si +desea tener un servidor SMTP *rápido*, debe instalar este paquete. + +%description -l fr.UTF-8 +Postfix (voir http://www.postfix.org/) se veut une alternative à +sendmail, responsable de l'acheminement de 70% des courriers +électroniques sur Internet. IBM en a suppotré le développement, mais +ne contrôle pas son évolution. Le but est d'installer Postfix sur le +plus grand nombre de systèmes possible. Dans cette optique, il a été +écrit pour être totalement sous le contrôle de l'utilisateur. + +%description -l it.UTF-8 +Postfix (http://www.postfix.org/) e' un'alternativa al programma +sendmail utilizzato per la gestione del 70 per cento della posta +Internet. + +Seppur IBM supporti lo sviluppo di Postfix, non controlla la sua +evoluzione. + +Consultate la pagine web http://www.moongroup.com/how-to.phtml nella +quale troverete le indicazioni per una corretta installazione e +configurazione di questo programma. + +%description -l pl.UTF-8 +Postfix jest próbą dostarczenia alternatywnego MTA w stosunku do +szeroko używanego sendmaila. Postfix w zamierzeniu ma być szybki, +łatwy w administrowaniu, bezpieczny oraz ma być na tyle kompatybilny z +sendmailem by nie denerwować użytkowników. Ta wersja obsługuje IPv6. + +%description -l pt_BR.UTF-8 +O Postfix é uma alternativa para o mundialmente utilizado sendmail. Se +você deseja um servidor SMTP *rápido*, instale este pacote. + +%description -l sk.UTF-8 +Postfix (pozri http://www.postfix.org/) má za cieľ byÅ¥ alternatívou k +Å¡iroko rozšírenému programu sendmail, zodpovednému za 70% vÅ¡etkej +elektronickej poÅ¡ty doručenej na Internete. + +Aj keď IBM podporovala vývoj Postfixu, zdržiava sa vplyvu na jeho +vývoj. Cieľom je inÅ¡talácia Postfixu na čo najväčšom počte systémov. +Do tohoto momentu je softvér poskytovaný bez ovplyvňovania, takže sa +môže vyvíjaÅ¥ podľa jeho používateľov. + +Určite si prečítajte http://www.moongroup.com/how-to.phtml, kde sú +popísané kroky potrebné pred a po inÅ¡talácii Postfixu. + +%package devel +Summary: Postfix loadable modules development package +Summary(pl.UTF-8): Pakiet dla programistów ładowanych modułów do postfiksa +Group: Development/Libraries +Requires: %{name} = %{epoch}:%{version}-%{release} + +%description devel +Header files to build additional map types for Postfix. + +%description devel -l pl.UTF-8 +Pliki nagłówkowe do tworzenia dodatkowych typów map dla Postfiksa. + +%package dict-ldap +Summary: LDAP map support for Postfix +Summary(pl.UTF-8): Obsługa map LDAP dla Postfiksa +Group: Networking/Daemons/SMTP +Requires: %{name} = %{epoch}:%{version}-%{release} +Requires: openldap >= 2.3.6 + +%description dict-ldap +This package provides support for LDAP maps in Postfix. + +%description dict-ldap -l pl.UTF-8 +Ten pakiet dodaje obsługę map LDAP do Postfiksa. + +%package dict-mysql +Summary: MySQL map support for Postfix +Summary(pl.UTF-8): Obsługa map MySQL dla Postfiksa +Group: Networking/Daemons/SMTP +Requires: %{name} = %{epoch}:%{version}-%{release} + +%description dict-mysql +This package provides support for MySQL maps in Postfix. + +%description dict-mysql -l pl.UTF-8 +Ten pakiet dodaje obsługę map MySQL do Postfiksa. + +%package dict-pcre +Summary: PCRE map support for Postfix +Summary(pl.UTF-8): Obsługa map PCRE dla Postfiksa +Group: Networking/Daemons/SMTP +Requires: %{name} = %{epoch}:%{version}-%{release} + +%description dict-pcre +This package provides support for PCRE maps in Postfix. + +%description dict-pcre -l pl.UTF-8 +Ten pakiet dodaje obsługę map PCRE do Postfiksa. + +%package dict-pgsql +Summary: PostgreSQL map support for Postfix +Summary(pl.UTF-8): Obsługa map PostgreSQL dla Postfiksa +Group: Networking/Daemons/SMTP +Requires: %{name} = %{epoch}:%{version}-%{release} + +%description dict-pgsql +This package provides support for PostgreSQL maps in Postfix. + +%description dict-pgsql -l pl.UTF-8 +Ten pakiet dodaje obsługę map PostgreSQL do Postfiksa. + +%package dict-sqlite +Summary: SQLite map support for Postfix +Summary(pl.UTF-8): Obsługa map SQLite dla Postfiksa +Group: Networking/Daemons/SMTP +Requires: %{name} = %{epoch}:%{version}-%{release} + +%description dict-sqlite +This package provides support for SQLite maps in Postfix. + +%description dict-sqlite -l pl.UTF-8 +Ten pakiet dodaje obsługę map SQLite do Postfiksa. + +%package qshape +Summary: qshape - Print Postfix queue domain and age distribution +Summary(pl.UTF-8): qshape - wypisywanie rozkładu domen i wieku z kolejki Postfiksa +Group: Networking/Daemons/SMTP +Requires: %{name} = %{epoch}:%{version}-%{release} + +%description qshape +The qshape program helps the administrator understand the Postfix +queue message distribution in time and by sender domain or recipient +domain. The program needs read access to the queue directories and +queue files, so it must run as the superuser or the mail_owner +specified in main.cf (typically postfix). + +%description qshape -l pl.UTF-8 +Program qshape pomaga administratorowi zrozumieć rozkład kolejki +wiadomości Postfiksa w czasie i w zależności od domeny nadawcy lub +adresata. Program wymaga prawa odczytu do katalogów kolejki i plików +kolejki, więc musi być uruchamiany przez superużytkownika lub +użytkownika mail_owner podanego w main.cf (zwykle nazywającego się +postfix). + +%package -n monit-rc-%{name} +Summary: monit support for Postfix +Summary(pl.UTF-8): Wsparcie monita dla Postfiksa +Group: Applications/System +Requires: %{name} = %{epoch}:%{version}-%{release} +Requires: monit + +%description -n monit-rc-%{name} +monitrc file for monitoring Postfix. + +%description -n monit-rc-%{name} -l pl.UTF-8 +Plik monitrc do monitorowania serwera Postfix. + +%prep +%setup -q +%if %{with vda} +cat %{SOURCE7} | %{__patch} -p1 -s +cat %{SOURCE11} | %{__patch} -p1 -s +%endif + +find -type f | xargs sed -i -e 's|/etc/postfix|/etc/mail|g' + +%patch0 -p1 +%patch1 -p0 +%patch2 -p1 +%patch3 -p1 +%{?with_hir:%patch4 -p0} +%patch5 -p1 +sed -i '/scache_clnt_create/s/server/var_scache_service/' src/global/scache_clnt.c +%if "%{_lib}" == "lib64" +%patch6 -p1 +%endif +%patch7 -p1 +%patch8 -p1 +%patch9 -p1 +%patch10 -p1 +%patch11 -p1 +%if %{with vda} +%patch12 -p1 +%endif + +%if %{with tcp} +sed -i 's/ifdef SNAPSHOT/if 1/' src/util/dict_open.c +%endif + +%build +%{__make} -f Makefile.init makefiles +%{__make} tidy +CC="%{__cc}" +export CC +%{__make} \ + DEBUG="" \ + OPT="%{rpmcflags} %{rpmcppflags} -D_FILE_OFFSET_BITS=64" \ + %{!?with_ldap:LDAPSO=""} \ + %{!?with_mysql:MYSQLSO=""} \ + %{!?with_pgsql:PGSQLSO=""} \ + CCARGS="%{!?with_epoll:-DNO_EPOLL} %{?with_ldap:-DHAS_LDAP} -DHAS_PCRE %{?with_sasl:-DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I/usr/include/sasl} %{?with_mysql:-DHAS_MYSQL -I/usr/include/mysql} %{?with_pgsql:-DHAS_PGSQL} %{?with_ssl:-DUSE_TLS} -DMAX_DYNAMIC_MAPS %{?with_cdb:-DHAS_CDB}" \ + AUXLIBS="-ldb -lresolv %{?with_sasl:-lsasl} %{?with_ssl:-lssl -lcrypto} %{?with_cdb:-lcdb} -lpcre" + +%install +rm -rf $RPM_BUILD_ROOT +install -d $RPM_BUILD_ROOT/etc/{cron.daily,rc.d/init.d,sysconfig,pam.d,security,monit} \ + $RPM_BUILD_ROOT%{_sysconfdir}/{mail,sasl} \ + $RPM_BUILD_ROOT{%{_bindir},%{_sbindir},%{_libdir}/postfix,/usr/lib}\ + $RPM_BUILD_ROOT{%{_includedir}/postfix,%{_mandir}} \ + $RPM_BUILD_ROOT%{_var}/spool/postfix/{active,corrupt,deferred,maildrop,private,saved,bounce,defer,incoming,pid,public} \ + $RPM_BUILD_ROOT%{_var}/lib/postfix \ + $RPM_BUILD_ROOT%{systemdunitdir} + +%{__rm} html/Makefile.in conf/{LICENSE,main.cf.default} + +install -p bin/* $RPM_BUILD_ROOT%{_sbindir} +install -p libexec/* $RPM_BUILD_ROOT%{_libdir}/postfix +ln $RPM_BUILD_ROOT%{_libdir}/postfix/smtp $RPM_BUILD_ROOT%{_libdir}/postfix/lmtp +ln $RPM_BUILD_ROOT%{_libdir}/postfix/qmgr $RPM_BUILD_ROOT%{_libdir}/postfix/nqmgr +cp -a conf/* $RPM_BUILD_ROOT%{_sysconfdir}/mail +sed -e's,^daemon_directory = .*,daemon_directory = %{_libdir}/postfix,' \ + conf/main.cf > $RPM_BUILD_ROOT%{_sysconfdir}/mail/main.cf + +for f in dns global master util ; do + cp -a lib/lib${f}.a $RPM_BUILD_ROOT%{_libdir}/libpostfix-${f}.so.1 + ln -sf lib${f}.so.1 $RPM_BUILD_ROOT%{_libdir}/libpostfix-${f}.so +done +install -p lib/dict*.so $RPM_BUILD_ROOT%{_libdir}/postfix +cp -a include/*.h $RPM_BUILD_ROOT%{_includedir}/postfix + +cp -a man/man* $RPM_BUILD_ROOT%{_mandir} + +cp -a %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/mail/aliases +install -p %{SOURCE2} $RPM_BUILD_ROOT/etc/cron.daily/postfix +install %{SOURCE3} $RPM_BUILD_ROOT/etc/rc.d/init.d/postfix +cp -a %{SOURCE4} $RPM_BUILD_ROOT/etc/sysconfig/postfix +cp -a %{SOURCE5} $RPM_BUILD_ROOT%{_sysconfdir}/sasl/smtpd.conf +cp -a %{SOURCE6} $RPM_BUILD_ROOT/etc/pam.d/smtp +cp -a %{SOURCE8} $RPM_BUILD_ROOT%{_sysconfdir}/mail/bounce.cf.pl +cp -a %{SOURCE9} $RPM_BUILD_ROOT%{_sysconfdir}/mail/bounce.cf.de +cp -a %{SOURCE10} $RPM_BUILD_ROOT/etc/monit/%{name}.monitrc +cp -a %{SOURCE12} $RPM_BUILD_ROOT%{systemdunitdir}/%{name}.service +install -p auxiliary/rmail/rmail $RPM_BUILD_ROOT%{_bindir}/rmail +install -p auxiliary/qshape/qshape.pl $RPM_BUILD_ROOT%{_bindir}/qshape + +ln -sf %{_sbindir}/sendmail $RPM_BUILD_ROOT%{_bindir}/mailq +ln -sf %{_sbindir}/sendmail $RPM_BUILD_ROOT%{_bindir}/newaliases +ln -sf %{_sbindir}/sendmail $RPM_BUILD_ROOT/usr/lib/sendmail + +touch $RPM_BUILD_ROOT%{_sysconfdir}/mail/\ + {aliases,access,canonical,relocated,transport,virtual}{,.db} + +touch $RPM_BUILD_ROOT/etc/security/blacklist.smtp + +> $RPM_BUILD_ROOT/var/spool/postfix/.nofinger + +%{__rm} -r $RPM_BUILD_ROOT%{_sysconfdir}/mail/makedefs.out +%{__rm} $RPM_BUILD_ROOT%{_sysconfdir}/mail/TLS_LICENSE + +%{__rm} $RPM_BUILD_ROOT%{_sysconfdir}/mail/{postfix-files,postfix-script,post-install} + +%clean +rm -rf $RPM_BUILD_ROOT + +%pre +%groupadd -g 62 postfix +%groupadd -g 63 maildrop +%useradd -u 62 -d /var/spool/postfix -s /bin/false -c "Postfix User" -g postfix postfix + +%post +/sbin/ldconfig +if ! grep -q "^postmaster:" %{_sysconfdir}/mail/aliases; then + echo "Adding Entry for postmaster in %{_sysconfdir}/mail/aliases" >&2 + echo "postmaster: root" >>%{_sysconfdir}/mail/aliases +fi +if [ "$1" = "1" ]; then + # only on installation, not upgrade; set sane defaults + # postfix expects gethostname() to return FQDN, which is obviously wrong + if ! grep -qE "^my(domain|hostname)" %{_sysconfdir}/mail/main.cf; then + domain=$(/bin/hostname -d 2>/dev/null) + [ -n "$domain" -a "$domain" != 'localdomain' ] && \ + postconf -e mydomain="$domain" + fi +else + %{_sbindir}/postfix upgrade-configuration +fi + +%{_bindir}/newaliases +/sbin/chkconfig --add postfix +%service postfix restart "Postfix Daemon" +%systemd_post + +%preun +if [ "$1" = "0" ]; then + %service postfix stop + /sbin/chkconfig --del postfix +fi +%systemd_preun + +%postun +/sbin/ldconfig +if [ "$1" = "0" ]; then + %groupremove maildrop + %userremove postfix + %groupremove postfix +fi +%systemd_postun + +%files +%defattr(644,root,root,755) +%doc html COMPATIBILITY HISTORY LICENSE RELEASE_NOTES* TLS_* +%doc README_FILES/*README +%doc examples/smtpd-policy +%dir %{_sysconfdir}/mail +%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/mail/access +%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/mail/aliases +%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/mail/bounce.cf.default +%lang(de) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/mail/bounce.cf.de +%lang(pl) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/mail/bounce.cf.pl +%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/mail/canonical +%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/mail/generic +#%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/mail/regexp_table +%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/mail/relocated +%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/mail/transport +%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/mail/virtual +%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/mail/header_checks +#%ghost %{_sysconfdir}/mail/*.db +%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/mail/dynamicmaps.cf +%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/mail/main.cf +%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/mail/master.cf +%{_sysconfdir}/mail/postfix-wrapper +%{_sysconfdir}/mail/postmulti-script +%attr(740,root,root) /etc/cron.daily/postfix +%attr(754,root,root) /etc/rc.d/init.d/postfix +%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/postfix +%config(noreplace) %verify(not md5 mtime size) /etc/pam.d/smtp +%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/security/blacklist.smtp +%{?with_sasl:%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/sasl/smtpd.conf} +%attr(755,root,root) %{_libdir}/libpostfix-*.so.* +%attr(755,root,root) %{_bindir}/mailq +%attr(755,root,root) %{_bindir}/newaliases +%attr(755,root,root) %{_bindir}/rmail +%attr(755,root,root) %{_sbindir}/s* +%attr(755,root,root) %{_sbindir}/postfix +%attr(755,root,root) %{_sbindir}/postalias +%attr(755,root,root) %{_sbindir}/postkick +%attr(755,root,root) %{_sbindir}/postl* +%attr(755,root,root) %{_sbindir}/postc* +%attr(755,root,root) %{_sbindir}/postmap +%attr(755,root,root) %{_sbindir}/postmulti +%attr(2755,root,maildrop) %{_sbindir}/postqueue +%attr(755,root,root) %{_sbindir}/postsuper +%attr(2755,root,maildrop) %{_sbindir}/postdrop +%attr(755,root,root) %{_sbindir}/qmqp-sink +%attr(755,root,root) %{_sbindir}/qmqp-source +%attr(755,root,root) /usr/lib/sendmail +%dir %{_libdir}/postfix +%attr(755,root,root) %{_libdir}/postfix/[!d]* +%attr(755,root,root) %{_libdir}/postfix/discard +%attr(755,root,root) %{_libdir}/postfix/dnsblog +%attr(755,root,root) %dir %{_var}/spool/postfix +%attr(700,postfix,root) %dir %{_var}/spool/postfix/active +%attr(700,postfix,root) %dir %{_var}/spool/postfix/bounce +%attr(700,postfix,root) %dir %{_var}/spool/postfix/corrupt +%attr(700,postfix,root) %dir %{_var}/spool/postfix/defer +%attr(700,postfix,root) %dir %{_var}/spool/postfix/deferred +%attr(700,postfix,root) %dir %{_var}/spool/postfix/incoming +%attr(1730,postfix,maildrop) %dir %{_var}/spool/postfix/maildrop +%attr(755,postfix,root) %dir %{_var}/spool/postfix/pid +%attr(700,postfix,root) %dir %{_var}/spool/postfix/private +%attr(710,postfix,maildrop) %dir %{_var}/spool/postfix/public +%attr(700,postfix,root) %dir %{_var}/spool/postfix/saved +%attr(644,postfix,root) %{_var}/spool/postfix/.nofinger +%attr(700,postfix,root) %{_var}/lib/postfix +%{_mandir}/man1/mailq.1* +%{_mandir}/man1/newaliases.1* +%{_mandir}/man1/post*.1* +%{_mandir}/man1/qmqp-*.1* +%{_mandir}/man1/sendmail.1* +%{_mandir}/man1/smtp-*.1* +%{_mandir}/man5/access.5* +%{_mandir}/man5/aliases.5* +%{_mandir}/man5/body_checks.5* +%{_mandir}/man5/bounce.5* +%{_mandir}/man5/canonical.5* +%{_mandir}/man5/cidr_table.5* +%{_mandir}/man5/generic.5* +%{_mandir}/man5/header_checks.5* +%{_mandir}/man5/master.5* +%{_mandir}/man5/memcache_table.5* +%{_mandir}/man5/nisplus_table.5* +%{_mandir}/man5/postconf.5* +%{_mandir}/man5/postfix-wrapper.5* +%{_mandir}/man5/regexp_table.5* +%{_mandir}/man5/relocated.5* +%{_mandir}/man5/tcp_table.5* +%{_mandir}/man5/transport.5* +%{_mandir}/man5/virtual.5* +%{_mandir}/man8/*.8* +%{systemdunitdir}/%{name}.service + +%files devel +%defattr(644,root,root,755) +%attr(755,root,root) %{_libdir}/libpostfix-*.so +%{_includedir}/postfix + +%if %{with ldap} +%files dict-ldap +%defattr(644,root,root,755) +%attr(755,root,root) %{_libdir}/postfix/dict_ldap.so +%{_mandir}/man5/ldap_table.5* +%endif + +%if %{with mysql} +%files dict-mysql +%defattr(644,root,root,755) +%attr(755,root,root) %{_libdir}/postfix/dict_mysql.so +%{_mandir}/man5/mysql_table.5* +%endif + +%files dict-pcre +%defattr(644,root,root,755) +%attr(755,root,root) %{_libdir}/postfix/dict_pcre.so +#%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/mail/pcre_table +%{_mandir}/man5/pcre_table.5* + +%if %{with pgsql} +%files dict-pgsql +%defattr(644,root,root,755) +%attr(755,root,root) %{_libdir}/postfix/dict_pgsql.so +%{_mandir}/man5/pgsql_table.5* +%endif + +%if %{with sqlite} +%files dict-sqlite +%defattr(644,root,root,755) +%attr(755,root,root) %{_libdir}/postfix/dict_sqlite.so +%{_mandir}/man5/sqlite_table.5* +%endif + +%files qshape +%defattr(644,root,root,755) +%attr(755,root,root) %{_bindir}/qshape +%{_mandir}/man1/qshape.1* + +%files -n monit-rc-%{name} +%defattr(644,root,root,755) +%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/monit/%{name}.monitrc diff --git a/postfix.sysconfig b/postfix.sysconfig new file mode 100644 index 0000000..8f539a8 --- /dev/null +++ b/postfix.sysconfig @@ -0,0 +1,4 @@ +# Customized settings for postfix + +# Define nice level for postfix & config +SERVICE_RUN_NICE_LEVEL="+5" diff --git a/relup.sh b/relup.sh new file mode 100755 index 0000000..6426218 --- /dev/null +++ b/relup.sh @@ -0,0 +1,139 @@ +#!/bin/sh +# script to run after "release bump" style change. +# takes Release from spec and creates commit with message +# groups similiar commits together. +# "- release $rel" + +set -e + +get_dump() { + local specfile="$1" + if ! out=$(rpm --specfile "$specfile" --define 'prep %dump' -q 2>&1); then + echo >&2 "$out" + echo >&2 "You need icon files being present in SOURCES." + exit 1 + fi + echo "$out" +} + +usage="Usage: +${0##*/} [-i] [-u] [-t] [-n] [-m ] + +Options: +-i + Try to increment package release +-u + git pull first +-t | -n + Test mode (dry-run). do not commit +-m + Specify commit message + +" + +get_release() { + local specfile="$1" + rel=$(awk '/^%define[ ]+_?rel[ ]+/{print $NF}' $specfile) + if [ -z "$rel" ]; then + dump=$(get_dump "$specfile") + rel=$(echo "$dump" | awk '/PACKAGE_RELEASE/{print $NF; exit}') + fi + echo $rel +} + +set_release() { + local specfile="$1" + local rel="$2" + local newrel="$3" + sed -i -e " + s/^\(%define[ \t]\+_\?rel[ \t]\+\)$rel\$/\1$newrel/ + s/^\(Release:[ \t]\+\)$rel\$/\1$newrel/ + " $specfile +} + +if [ ! -x /usr/bin/getopt ]; then + echo >&1 "You need to install util-linux to use relup.sh" + exit 1 +fi + +t=$(getopt -o 'm:inuth' -n "${0##*/}" -- "$@") || exit $? +# Note the quotes around `$t': they are essential! +eval set -- "$t" + +while true; do + case "$1" in + -i) + inc=1 + ;; + -u) + update=1 + ;; + -t | -n) + test=1 + ;; + -m) + shift + message="${1#- }" + ;; + -h) + echo "$usage" + exit 0 + ;; + --) + shift + break + ;; + *) + echo 2>&1 "Internal error: [$1] not recognized!" + exit 1 + ;; + esac + shift +done + +tmpd=$(mktemp -d "${TMPDIR:-/tmp}/relXXXXXX") +topdir=$(rpm -E '%{_topdir}') +cd "$topdir" +for pkg in "$@"; do + name=${pkg%.spec} name=${name##*/} + spec=$(rpm -D "name $name" -E '%{_specdir}/%{name}.spec') + spec=${spec#$topdir/} + if [ "$update" = "1" ]; then + ./builder -g -ns "$spec" + fi + rel=$(get_release "$spec") + if [ "$inc" = 1 ]; then + if [[ $rel = *%* ]]; then + relmacro=${rel#*%} + relnum=${rel%%%*} + newrel=$(expr ${relnum} + 1) + set_release "$spec" $rel "${newrel}%${relmacro}" + else + newrel=$(expr ${rel} + 1) + set_release "$spec" $rel $newrel + fi + + # refetch release + rel=$(get_release "$spec") + fi + echo "$spec" >> "$tmpd/$rel" +done + +n="$(echo -e '\nn')" +n="${n%%n}" +for file in $(ls "$tmpd" 2>/dev/null); do + files=$(cat "$tmpd/$file") + pkg=$(cat "$tmpd/$file" |sed -e 's|/.*||') + spec=$(cat "$tmpd/$file" |sed -e 's|.*/||') + rel=$(basename "$file") + msg="" + [ -n "$message" ] && msg="$msg- $message$n" + msg="$msg- release ${rel%%%*} (by relup.sh)$n" + if [ "$test" != 1 ]; then + cd $pkg + git commit -m "$msg" $spec + git push + cd .. + fi +done +rm -rf $tmpd