certificates. Viktor Dukhovni. Files: proto/postconf.proto,
mantools/postlink, global/mail_params.h, tls/tls_client.c,
tls/tls_misc.c.
+
+20130607
+
+ Bugfix (DANE support): with multiple TLSA RR that carry "x
+ 0 0" certificates or "x 1 0" keys, Postfix failed to reset
+ the cert/key pointer before calling d2i_mumble(), causing
+ OpenSSL to clobber the previous cert or key. Viktor Dukhovni.
+ tls/tls_dane.c.
+
+ Robustness: check that TLSA-supplied certs have valid keys.
+ It is not clear whether that check is performed in d2i().
+ Viktor Dukhovni. tls/tls_dane.c.
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20130602"
+#define MAIL_RELEASE_DATE "20130607"
#define MAIL_VERSION_NUMBER "2.11"
#ifdef SNAPSHOT
uint8_t mtype;
int mlen;
const unsigned char *p;
- X509 *x = 0; /* OpenSSL tries to re-use *x if x!=0 */
- EVP_PKEY *k = 0; /* OpenSSL tries to re-use *k if k!=0 */
if (rr == 0)
msg_panic("null TLSA rr");
char *digest;
int same = (strcasecmp(rr->rname, rr->qname) == 0);
uint8_t *ip = (uint8_t *) rr->data;
+ X509 *x = 0; /* OpenSSL tries to re-use *x if x!=0 */
+ EVP_PKEY *k = 0; /* OpenSSL tries to re-use *k if k!=0 */
#define rcname(rr) (same ? "" : rr->qname)
#define rarrow(rr) (same ? "" : " -> ")
continue;
}
+ /* Also unusable if public key is malformed */
+ if ((k = X509_get_pubkey(x)) == 0) {
+ msg_warn("%s public key malformed in RR: "
+ "%s%s%s IN TLSA %u %u %u ...", "certificate",
+ rcname(rr), rarrow(rr), rr->rname,
+ usage, selector, mtype);
+ X509_free(x);
+ continue;
+ }
+ EVP_PKEY_free(k);
+
/*
* When a full trust-anchor certificate is published via DNS,
* we may need to use it to validate the server trust chain.
projects / thirdparty / postfix.git / commitdiff
