postfix-3.4.27

author Wietse Venema <wietse@porcupine.org>

Fri, 7 Oct 2022 05:00:00 +0000 (00:00 -0500)

committer Viktor Dukhovni <postfix-users@dukhovni.org>

Sun, 9 Oct 2022 01:36:47 +0000 (21:36 -0400)
author Wietse Venema <wietse@porcupine.org>
Fri, 7 Oct 2022 05:00:00 +0000 (00:00 -0500)
committer Viktor Dukhovni <postfix-users@dukhovni.org>
Sun, 9 Oct 2022 01:36:47 +0000 (21:36 -0400)
diff --git a/postfix/HISTORY b/postfix/HISTORY

index 794a85f743b54d99f5f1d036f79bf6b5c2e08fa4..398bd79cdff7d5d5e65606607be0f1c7c922af0d 100644 (file)
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@@ -24798,3 +24798,23 @@ Apologies for any names omitted.
         chroot jail. Problem reported by Jesper Dybdal. Files:
         cleanup/cleanup.h, cleanup/cleanup_init.c,
         cleanup/cleanup_milter.c, cleanup/cleanup_state.c.
+
+20220724
+
+       Workaround: in a TLS server disable Postfix's 1-element
+       internal session cache, to work around an OpenSSL 3.0
+       regression that broke TLS handshakes. It is rarely useful.
+       Report by Spil Oss, fix by Viktor Dukhovni. File:
+       tls/tls_server.c.
+
+20220905
+
+       Cleanup: Postfix 3.3.0 introduced an uninitialized
+       verify_append() request status in case of a null original
+       recipient address.  File: global/verify.c.
+
+20220906
+
+       Cleanup: Postfix 3.4.26 introduced a missing msg_panic()
+       argument (in code that never executes). File:
+       cleanup/cleanup_milter.c.
diff --git a/postfix/src/cleanup/cleanup_milter.c b/postfix/src/cleanup/cleanup_milter.c

index 4758e92a53c63349902827769a5c1811a9dad4ff..1395a3f1272b0d4e146c1c5681cdc215928eae39 100644 (file)
--- a/postfix/src/cleanup/cleanup_milter.c
+++ b/postfix/src/cleanup/cleanup_milter.c
@@ -527,7 +527,7 @@ void    cleanup_milter_header_checks_init(void)
         msg_panic("%s: %s is empty", myname, VAR_MILT_HEAD_CHECKS);
  
      if (cleanup_milter_hbc_checks)
-       msg_panic("%s: cleanup_milter_hbc_checks is not null");
+       msg_panic("%s: cleanup_milter_hbc_checks is not null", myname);
      cleanup_milter_hbc_checks =
         hbc_header_checks_create(VAR_MILT_HEAD_CHECKS, var_milt_head_checks,
                                  NO_MIME_HDR_NAME, NO_MIME_HDR_VALUE,
@@ -535,7 +535,7 @@ void    cleanup_milter_header_checks_init(void)
                                  &call_backs);
  
      if (cleanup_milter_hbc_reply)
-       msg_panic("%s: cleanup_milter_hbc_reply is not null");
+       msg_panic("%s: cleanup_milter_hbc_reply is not null", myname);
      cleanup_milter_hbc_reply = vstring_alloc(100);
  }
  
diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h

index 4347e5b041901c5b1e37b18444be4778cf275271..926595eb5af2f94b961b227c5944337c4a9bf42d 100644 (file)
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -20,8 +20,8 @@
    * Patches change both the patchlevel and the release date. Snapshots have no
    * patchlevel; they change the release date only.
    */
-#define MAIL_RELEASE_DATE      "20220418"
-#define MAIL_VERSION_NUMBER    "3.4.26"
+#define MAIL_RELEASE_DATE      "20221007"
+#define MAIL_VERSION_NUMBER    "3.4.27"
  
  #ifdef SNAPSHOT
  #define MAIL_VERSION_DATE      "-" MAIL_RELEASE_DATE
diff --git a/postfix/src/global/verify.c b/postfix/src/global/verify.c

index c4b26be04ff7d5b252c9a84d838afa9ce0df57af..91dd541b84582398ad3d91e07c7f114a2dafb1b1 100644 (file)
--- a/postfix/src/global/verify.c
+++ b/postfix/src/global/verify.c
@@ -108,6 +108,8 @@ int     verify_append(const char *queue_id, MSG_STATS *stats,
         if (recipient->orig_addr[0])
             req_stat = verify_clnt_update(recipient->orig_addr, vrfy_stat,
                                           my_dsn.reason);
+       else
+           req_stat = VRFY_STAT_OK;
         /* Two verify updates for one verify request! */
         if (req_stat == VRFY_STAT_OK
             && strcmp(recipient->address, recipient->orig_addr) != 0)
diff --git a/postfix/src/tls/tls_server.c b/postfix/src/tls/tls_server.c

index 236f7859d4b7ac5583f68dec81f7f9ad0866b289..92f6a833779e162b16fd94d12836e0a66da6761d 100644 (file)
--- a/postfix/src/tls/tls_server.c
+++ b/postfix/src/tls/tls_server.c
@@ -730,6 +730,7 @@ TLS_APPL_STATE *tls_server_init(const TLS_SERVER_INIT_PROPS *props)
                                        sizeof(server_session_id_context));
         SSL_CTX_set_session_cache_mode(server_ctx,
                                        SSL_SESS_CACHE_SERVER |
+                                      SSL_SESS_CACHE_NO_INTERNAL |
                                        SSL_SESS_CACHE_NO_AUTO_CLEAR);
         if (cachable) {
             app_ctx->cache_type = mystrdup(props->cache_type);
author	Wietse Venema <wietse@porcupine.org>
	Fri, 7 Oct 2022 05:00:00 +0000 (00:00 -0500)
committer	Viktor Dukhovni <postfix-users@dukhovni.org>
	Sun, 9 Oct 2022 01:36:47 +0000 (21:36 -0400)
postfix/HISTORY		patch \| blob \| blame \| history
postfix/src/cleanup/cleanup_milter.c		patch \| blob \| blame \| history
postfix/src/global/mail_version.h		patch \| blob \| blame \| history
postfix/src/global/verify.c		patch \| blob \| blame \| history
postfix/src/tls/tls_server.c		patch \| blob \| blame \| history