-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 NotDashEscaped: You need GnuPG to verify this message This is a patch file to create version 0.8.4 from 0.8.3. Please check the signature of this patch file: zcat somepath/geam-0.8.3-0.8.4.diff.gz | gpg --verify Change to directory geam-0.8.3 (or however you renamed it) and give this command: zcat somepath/geam-0.8.3-0.8.4.diff.gz | patch -p1 It is a good idea to rename your current directory to geam-0.8.4 now. Prereq: 0.8.3 diff -urpP geam-0.8.3/ChangeLog geam-0.8.4/ChangeLog --- geam-0.8.3/ChangeLog 2004-03-31 18:54:50.000000000 +0000 +++ geam-0.8.4/ChangeLog 2004-05-07 14:57:39.000000000 +0000 @@ -1,3 +1,22 @@ +2004-05-07 Werner Koch + + Released 0.8.4. + +2004-04-21 Werner Koch + + * src/smtpproxy.c (prepare_encryption): Don't bail out if a + boundary is still set. + +2004-04-20 Werner Koch + + * src/rfc821.c (rfc821_reply): Made global. + + * src/smtpproxy.c (open_smarthost): Fail only temporary if we + can't allocate a buffer. Not really useful though. + (smtpproxy_handler): Keep a connection counter and limit the + number of connections to 200. + * src/rwbuf.c (MAX_FDS): Bumped up from 40 to 1024. + 2004-03-31 Werner Koch Released 0.8.3 diff -urpP geam-0.8.3/NEWS geam-0.8.4/NEWS --- geam-0.8.3/NEWS 2004-03-31 18:54:18.000000000 +0000 +++ geam-0.8.4/NEWS 2004-05-07 14:56:41.000000000 +0000 @@ -1,3 +1,10 @@ +Noteworthy changes in version 0.8.4 (2004-05-07) +------------------------------------------------ + +* Allow more simultaneous connections and fail only temporary if we + can't allocate a buffer anymore. + + Noteworthy changes in version 0.8.3 (2004-03-31) ------------------------------------------------ diff -urpP geam-0.8.3/configure geam-0.8.4/configure --- geam-0.8.3/configure 2004-04-01 06:28:33.000000000 +0000 +++ geam-0.8.4/configure 2004-05-07 14:57:58.000000000 +0000 @@ -1,5 +1,5 @@ #! /bin/sh -# From configure.in Revision: 1.3 . +# From configure.in Revision: 1.4 . # Guess values for system-dependent variables and create Makefiles. # Generated by GNU Autoconf 2.59. # @@ -1545,7 +1545,7 @@ fi # Define the identity of the package. PACKAGE=geam - VERSION=0.8.3 + VERSION=0.8.4 cat >>confdefs.h <<_ACEOF diff -urpP geam-0.8.3/configure.in geam-0.8.4/configure.in --- geam-0.8.3/configure.in 2004-03-31 18:52:03.000000000 +0000 +++ geam-0.8.4/configure.in 2004-05-07 14:57:01.000000000 +0000 @@ -2,7 +2,7 @@ dnl dnl Configure script source for GEAM dnl dnl (Process this file with autoconf to produce a configure script.) -AC_REVISION($Revision: 1.3 $)dnl +AC_REVISION($Revision: 1.4 $)dnl AC_PREREQ(2.13) AC_INIT(src/geamd.c) @@ -11,7 +11,7 @@ AM_CONFIG_HEADER(config.h) dnl dnl The version number goes here dnl -AM_INIT_AUTOMAKE(geam,0.8.3) +AM_INIT_AUTOMAKE(geam,0.8.4) AM_MAINTAINER_MODE diff -urpP geam-0.8.3/src/rfc821.c geam-0.8.4/src/rfc821.c --- geam-0.8.3/src/rfc821.c 2004-04-01 06:56:20.000000000 +0000 +++ geam-0.8.4/src/rfc821.c 2004-04-20 06:00:56.000000000 +0000 @@ -232,7 +232,7 @@ rfc821_parse_cmd( char **rline, size_t l return smtpINVALID; } -static int +int rfc821_reply( int fd, int code, const char *desc ) { const char *string1 = ""; diff -urpP geam-0.8.3/src/rfc821.h geam-0.8.4/src/rfc821.h --- geam-0.8.3/src/rfc821.h 2004-03-31 12:14:03.000000000 +0000 +++ geam-0.8.4/src/rfc821.h 2004-04-20 06:00:52.000000000 +0000 @@ -61,6 +61,7 @@ int rfc821_handler( RFC821 state, int fd const char *peer_addr_str, int peer_port ); void rfc821_cancel( RFC821 hd ); void rfc821_close( RFC821 hd ); +int rfc821_reply( int fd, int code, const char *desc ); int rfc821_start_session( RFC821 state, int fd ); int rfc821_send_sender( RFC821 state, const char *path ); diff -urpP geam-0.8.3/src/rwbuf.c geam-0.8.4/src/rwbuf.c --- geam-0.8.3/src/rwbuf.c 2004-03-31 17:59:35.000000000 +0000 +++ geam-0.8.4/src/rwbuf.c 2004-04-20 05:44:06.000000000 +0000 @@ -32,7 +32,8 @@ #include "types.h" #include "rwbuf.h" -#define MAX_FDS 40 /* fixme: figure out this value from the system */ +#define MAX_FDS 1024 /* Note, taht this also limits the number of + concurrent connections we can process. */ #define READ_BUFFER_SIZE 256 #define WRITE_BUFFER_SIZE 128 diff -urpP geam-0.8.3/src/smtpproxy.c geam-0.8.4/src/smtpproxy.c --- geam-0.8.3/src/smtpproxy.c 2004-04-01 06:56:10.000000000 +0000 +++ geam-0.8.4/src/smtpproxy.c 2004-04-21 07:01:33.000000000 +0000 @@ -53,6 +53,14 @@ #include "rfc821.h" #include "rfc822.h" +/* Maximum number of connections we can handle concurrently. This + must be far less than the number of filedescriptors rwbuf.c can + handle. 200 seems to be a reasonable high value for common + machines. */ +#define MAX_CONNECTIONS 200 + + +static int connection_counter; struct encrypt_item; struct decrypt_item; @@ -564,6 +572,8 @@ smtpproxy_handler( int fd, const char *s PROXY_STATE state = xcalloc( 1, sizeof *state ); int i; + connection_counter++; + state->sid = sessid; state->fd = fd; state->fwd_fd = -1; @@ -574,6 +584,14 @@ smtpproxy_handler( int fd, const char *s goto leave; } + if (connection_counter > MAX_CONNECTIONS) + { + /* We are under a high load; don't even send a HELLO. */ + log_error("%s too many connections - sending 421\n", state->sid ); + rfc821_reply (fd, 421, NULL); + goto leave; + } + state->smtphd = rfc821_open( cb_from_rfc821, state ); if( !state->smtphd ) { log_error("%s rfc821_open failed\n", state->sid ); @@ -606,6 +624,7 @@ smtpproxy_handler( int fd, const char *s free( state->fallback_recp ); free( state ); close( fd ); + connection_counter--; return NULL; } @@ -799,7 +818,9 @@ prepare_encryption( PROXY_STATE proxy, R s = "Content-Type: multipart/encrypted; " "protocol=\"application/pgp-encrypted\";\n" "\tboundary=\"%s\"" ; - assert(!proxy->boundary); + /* After receiving a RSET a boundary will will be tehre so we have + to release it first. */ + free (proxy->boundary); proxy->boundary = create_boundary(); p = xmalloc( strlen(s) + strlen(proxy->boundary) + 10 ); sprintf( p, s, proxy->boundary ); @@ -933,6 +954,11 @@ open_smarthost( PROXY_STATE state, RFC82 if( rw_init( state->fwd_fd ) ) { log_error("%s rw_init(%d) failed\n", state->sid, state->fwd_fd ); close( state->fwd_fd ); state->fwd_fd = -1; + /* The only reason why this may fail are out of memory + conditions and out of file descriptors. The latter is for + sure a temporary problem, thus we have to fail only + temporary. */ + *temp_failure = 1; return -1; } -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFAm6vFaLeriVdUjc0RAgJoAJ9phoLwMrdcxmNZ+4wxJUFHZUrhOgCeMBAe XieMMl3FX1G4U4LrAIvfA0Y= =gs8N -----END PGP SIGNATURE-----