From: Clifton Royston (no email)
Date: Mon Sep 09 2002 - 23:07:11 EDT
On Sat, Sep 07, 2002 at 11:38:50AM -0400, wrote:
> This does not work on SPARC hardware and possibly other CPUs. A 32bit
> shift is a NOP on a SPARC (instead of setting the result to zero, the
> shift operand is evaluated mod 32, so 0/0 is the same as 0/32 which
> matches only the 0.0.0.0 address verbatim).
>
> Postfix does not have logic in the address list matching code to handle
> 0/0 portably. This is good IMHO.
It appears to be intended to specifically reject 0/0 in a portable
way, which would be just fine. I've looked into util/match_ops.c and
it certainly *appears* that this case is being explicitly tested for,
and that a "fatal" message should be logged on any attempt to use a
netmask of /0, ignoring the address.
match_hostaddr uses match_parse_mask, which has:
int match_parse_mask(const char *pattern, unsigned long *net_bits,
int *mask_shift)
...
if ((mask = split_at(saved_pattern, '/')) != 0) {
if ((*mask_shift = atoi(mask)) <= 0 || *mask_shift > BITS_PER_ADDR
|| (*net_bits = inet_addr(saved_pattern)) == INADDR_NONE) {
msg_fatal("bad net/mask pattern: %s", pattern);
}
However, I tested setting mynetworks to 0.0.0.0/0 in main.cf on a
scratch server, and saw no error messages from a postfix reload, and
nothing going into the postfix log even on a subsquent connection. It
seems offhand that something's slightly amiss.
-- Clifton
--
Clifton Royston -- LavaNet Systems Architect --
"What do we need to make our world come alive?
What does it take to make us sing?
While we're waiting for the next one to arrive..." - Sisters of Mercy
-
To unsubscribe, send mail to with content
(not subject): unsubscribe postfix-users
|
|
|