Bitrot: LINUX5, GLIBC resolver flags. Files: makedefs,
util/sys_defs.h, dns/dns_str_resflags.c.
+
+20200420
+
+ Noise suppression: shut up a compiler that special-cases
+ string literals. Viktor Dukhovni. File milter/milter.c.
+
+20200422
+
+ Security: disable DANE support on Alpine Linux because
+ libc-musl provides no indication whether DNS responses are
+ authentic. This broke DANE support without a clear explanation.
+ File: makedefs.
+
+20200505
+
+ Noise suppression: shut up a compiler that special-cases
+ string literals. Viktor Dukhovni. File smtpd/smtpd_check.c.
+
+20200510
+
+ Bitrot: avoid U_FILE_ACCESS_ERROR after chroot(), by
+ initializing the ICU library before making the chroot()
+ call. Files: util/midna_domain.[hc], global/mail_params.c.
+
+20200511
+
+ Noise suppression: avoid "SSL_Shutdown:shutdown while in
+ init" warnings. File: tls/tls_session.c.
+
+20200515
+
+ Bugfix (introduced: Postfix 2.2): a TLS error for a PostgreSQL
+ client caused a false 'lost connection' error for an SMTP
+ over TLS session in the same Postfix process. Reported by
+ Alexander Vasarab, diagnosed by Viktor Dukhovni. File:
+ tls/tls_bio_ops.c.
+
+ Bugfix (introduced: Postfix 2.8): a TLS error for one TLS
+ session may cause a false 'lost connection' error for a
+ concurrent TLS session in the same tlsproxy process. File:
+ tlsproxy/tlsproxy.c.
If you upgrade from Postfix 3.1 or earlier, read RELEASE_NOTES-3.2
before proceeding.
+libc-musl workaround for Postfix 3.2.15, 3.3.10, 3.4.12, and 3.5.2
+------------------------------------------------------------------
+
+Security: this release disables DANE support on Linux systems with
+libc-musl, because libc-musl provides no indication whether DNS
+responses are authentic. This broke DANE support without a clear
+explanation.
+
TLS Workaround for Postfix 3.4.6, 3.3.5, 3.2.10 and 3.1.13
-----------------------------------------------------------
*) echo usage: $0 [system release] 1>&2; exit 1;;
esac
+case "$SYSTEM" in
+ Linux)
+ case "`PATH=/bin:/usr/bin ldd /bin/sh`" in
+ *-musl-*)
+ case "$CCARGS" in
+ *-DNO_DNSSEC*) ;;
+ *) echo Warning: libc-musl breaks DANE/TLSA security. 1>&2
+ echo This build will not support DANE/TLSA. 1>&2
+ CCARGS="$CCARGS -DNO_DNSSEC";;
+ esac;;
+ esac;;
+esac
+
case "$SYSTEM.$RELEASE" in
SCO_SV.3.2) SYSTYPE=SCO5
# Use the native compiler by default
var_smtputf8_enable = 0;
#else
midna_domain_transitional = var_idna2003_compat;
+ if (var_smtputf8_enable)
+ midna_domain_pre_chroot();
#endif
util_utf8_enable = var_smtputf8_enable;
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20200418"
-#define MAIL_VERSION_NUMBER "3.3.9"
+#define MAIL_RELEASE_DATE "20200516"
+#define MAIL_VERSION_NUMBER "3.3.10"
#ifdef SNAPSHOT
#define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE
* names by skipping the redundant "milter_" prefix.
*/
static ATTR_OVER_TIME time_table[] = {
- 7 + VAR_MILT_CONN_TIME, DEF_MILT_CONN_TIME, 0, 1, 0,
- 7 + VAR_MILT_CMD_TIME, DEF_MILT_CMD_TIME, 0, 1, 0,
- 7 + VAR_MILT_MSG_TIME, DEF_MILT_MSG_TIME, 0, 1, 0,
+ 7 + (const char *) VAR_MILT_CONN_TIME, DEF_MILT_CONN_TIME, 0, 1, 0,
+ 7 + (const char *) VAR_MILT_CMD_TIME, DEF_MILT_CMD_TIME, 0, 1, 0,
+ 7 + (const char *) VAR_MILT_MSG_TIME, DEF_MILT_MSG_TIME, 0, 1, 0,
0,
};
static ATTR_OVER_STR str_table[] = {
- 7 + VAR_MILT_PROTOCOL, 0, 1, 0,
- 7 + VAR_MILT_DEF_ACTION, 0, 1, 0,
+ 7 + (const char *) VAR_MILT_PROTOCOL, 0, 1, 0,
+ 7 + (const char *) VAR_MILT_DEF_ACTION, 0, 1, 0,
0,
};
* parameter names by skipping the redundant "smtpd_policy_service_" prefix.
*/
static ATTR_OVER_TIME time_table[] = {
- 21 + VAR_SMTPD_POLICY_TMOUT, DEF_SMTPD_POLICY_TMOUT, 0, 1, 0,
- 21 + VAR_SMTPD_POLICY_IDLE, DEF_SMTPD_POLICY_IDLE, 0, 1, 0,
- 21 + VAR_SMTPD_POLICY_TTL, DEF_SMTPD_POLICY_TTL, 0, 1, 0,
- 21 + VAR_SMTPD_POLICY_TRY_DELAY, DEF_SMTPD_POLICY_TRY_DELAY, 0, 1, 0,
+ 21 + (const char *) VAR_SMTPD_POLICY_TMOUT, DEF_SMTPD_POLICY_TMOUT, 0, 1, 0,
+ 21 + (const char *) VAR_SMTPD_POLICY_IDLE, DEF_SMTPD_POLICY_IDLE, 0, 1, 0,
+ 21 + (const char *) VAR_SMTPD_POLICY_TTL, DEF_SMTPD_POLICY_TTL, 0, 1, 0,
+ 21 + (const char *) VAR_SMTPD_POLICY_TRY_DELAY, DEF_SMTPD_POLICY_TRY_DELAY, 0, 1, 0,
0,
};
static ATTR_OVER_INT int_table[] = {
- 21 + VAR_SMTPD_POLICY_REQ_LIMIT, 0, 0, 0,
- 21 + VAR_SMTPD_POLICY_TRY_LIMIT, 0, 1, 0,
+ 21 + (const char *) VAR_SMTPD_POLICY_REQ_LIMIT, 0, 0, 0,
+ 21 + (const char *) VAR_SMTPD_POLICY_TRY_LIMIT, 0, 1, 0,
0,
};
static ATTR_OVER_STR str_table[] = {
- 21 + VAR_SMTPD_POLICY_DEF_ACTION, 0, 1, 0,
- 21 + VAR_SMTPD_POLICY_CONTEXT, 0, 1, 0,
+ 21 + (const char *) VAR_SMTPD_POLICY_DEF_ACTION, 0, 1, 0,
+ 21 + (const char *) VAR_SMTPD_POLICY_CONTEXT, 0, 1, 0,
0,
};
* handling any pending network I/O.
*/
for (;;) {
+
+ /*
+ * Flush the per-thread SSL error queue. Otherwise, errors from other
+ * code that also uses TLS may confuse SSL_get_error(3).
+ */
+ ERR_clear_error();
+
if (hsfunc)
status = hsfunc(TLScontext->con);
else if (rfunc)
* so we will not perform SSL_shutdown() and the session will be removed
* as being bad.
*/
- if (!failure) {
+ if (!failure && !SSL_in_init(TLScontext->con)) {
retval = tls_bio_shutdown(vstream_fileno(stream), timeout, TLScontext);
if (!var_tls_fast_shutdown && retval == 0)
tls_bio_shutdown(vstream_fileno(stream), timeout, TLScontext);
* pending read/write and timeout event requests.
*/
if (state->flags & TLSP_FLAG_DO_HANDSHAKE) {
+ ERR_clear_error();
ssl_stat = SSL_accept(tls_context->con);
if (ssl_stat != 1) {
handshake_err = SSL_get_error(tls_context->con, ssl_stat);
if (NBBIO_ERROR_FLAGS(plaintext_buf)) {
if (NBBIO_ACTIVE_FLAGS(plaintext_buf))
nbbio_disable_readwrite(state->plaintext_buf);
+ ERR_clear_error();
if (!SSL_in_init(tls_context->con)
&& (ssl_stat = SSL_shutdown(tls_context->con)) < 0) {
handshake_err = SSL_get_error(tls_context->con, ssl_stat);
*/
ssl_write_err = SSL_ERROR_NONE;
while (NBBIO_READ_PEND(plaintext_buf) > 0) {
+ ERR_clear_error();
ssl_stat = SSL_write(tls_context->con, NBBIO_READ_BUF(plaintext_buf),
NBBIO_READ_PEND(plaintext_buf));
ssl_write_err = SSL_get_error(tls_context->con, ssl_stat);
*/
ssl_read_err = SSL_ERROR_NONE;
while (NBBIO_WRITE_PEND(state->plaintext_buf) < NBBIO_BUFSIZE(plaintext_buf)) {
+ ERR_clear_error();
ssl_stat = SSL_read(tls_context->con,
NBBIO_WRITE_BUF(plaintext_buf)
+ NBBIO_WRITE_PEND(state->plaintext_buf),
/*
/* const char *midna_domain_suffix_to_utf8(
/* const char *name)
+/* AUXILIARY FUNCTIONS
+/* void midna_domain_pre_chroot(void)
/* DESCRIPTION
/* The functions in this module transform domain names from/to
/* ASCII and UTF-8 form. The result is cached to avoid repeated
/*
/* midna_domain_transitional enables transitional conversion
/* between UTF8 and ASCII labels.
+/*
+/* midna_domain_pre_chroot() does some pre-chroot initialization.
/* SEE ALSO
/* http://unicode.org/reports/tr46/ Unicode IDNA Compatibility processing
/* msg(3) diagnostics interface
}
}
+/* midna_domain_pre_chroot - pre-chroot initialization */
+
+void midna_domain_pre_chroot(void)
+{
+ UErrorCode error = U_ZERO_ERROR;
+ UIDNAInfo info = UIDNA_INFO_INITIALIZER;
+ UIDNA *idna;
+
+ idna = uidna_openUTS46(midna_domain_transitional ? UIDNA_DEFAULT
+ : UIDNA_NONTRANSITIONAL_TO_ASCII, &error);
+ if (U_FAILURE(error))
+ msg_warn("ICU library initialization failed: %s",
+ midna_domain_strerror(error, info.errors));
+ uidna_close(idna);
+}
+
/* midna_domain_to_ascii_create - convert domain to ASCII */
static void *midna_domain_to_ascii_create(const char *name, void *unused_context)
/*
* Test program - reads names from stdin, reports invalid names to stderr.
*/
+#include <unistd.h>
#include <stdlib.h>
#include <locale.h>
/* msg_verbose = 1; */
util_utf8_enable = 1;
+ if (geteuid() == 0) {
+ midna_domain_pre_chroot();
+ if (chroot(".") != 0)
+ msg_fatal("chroot(\".\"): %m");
+ }
while (vstring_fgets_nonl(buffer, VSTREAM_IN)) {
bp = STR(buffer);
msg_info("> %s", bp);
extern const char *midna_domain_to_utf8(const char *);
extern const char *midna_domain_suffix_to_ascii(const char *);
extern const char *midna_domain_suffix_to_utf8(const char *);
+extern void midna_domain_pre_chroot(void);
extern int midna_domain_cache_size;
extern int midna_domain_transitional;
projects / thirdparty / postfix.git / commitdiff
