to indicate final delivery. Files: smtp/smtp.c, smtp/smtp.h,
smtp/smtp_misc.c, smtp/smtp_proto.c, smtp/smtp_rcpt.c.
- Cleanup: don't wait for the TLS peer to respond after sending
- a TLS 'close' notification. This should be safe with TLSv1.0
- and later. Specify "tls_fast_shutdown_enable = no" to enable
- historical behavior where Postfix waits, and then sends a
- second TLS 'close' notification before closing the TCP
- connection. Files: global/mail_params.h, tls/tls_session.c,
- and documentation.
+ Workaround for implementations that hang Postfix while
+ shutting down a TLS session, until Postfix times out. With
+ "tls_fast_shutdown_enable = yes" (the default), Postfix no
+ longer waits for the TLS peer to respond to a TLS 'close'
+ request. This is recommended with TLSv1.0 and later. Files:
+ global/mail_params.h, tls/tls_session.c, and documentation.
20190618
protocol error. This limits the impact of, for example,
pipelining synchronization errors. File: smtp/smtp_trouble.c.
- Bugfix: the code to reset command counts was not called
- after a HaProxy handshake failure, causing stale numbers
- to be reported. The command counts are now reset in the
- function that reports the counts. File: smtpd/smtpd.c.
- command-read loop to the function that reports the counts.
+ Bugfix (introduced: Postfix 3.0): the code to reset Postfix
+ SMTP server command counts was not called after a HaProxy
+ handshake failure, causing stale numbers to be reported.
+ The command counts are now reset in the function that reports
+ the counts. Problem report by Joseph Ward. File: smtpd/smtpd.c.
+
+20190719
+
+ Bitrot: OpenBSD stopped having /dev/arandom 8 years ago.
+ Brad Smith. File: util/sys_defs.h.
+
+20190723
+
+ Bugfix: the documentation said tls_fast_shutdown_enable,
+ but the code said tls_fast_shutdown. Viktor Dukhovni. Changed
+ the code because no-one is expected to override the default.
+ File: global/mail_params.h.
+
+20190724
+
+ Cleanup: proxymap(8) support for table search order syntax.
+ File: proxymap/proxymap.c.
+
+ Safety: vstring_set_payload_size() now checks that the
+ payload has not overwritten the safety terminator at the
+ end of the VSTRING buffer. File: util/vstream.c.
the software under the license of their choice. Those who are more
comfortable with the IPL can continue with that license.
-Incompatibility with snapshot 20190615
-====================================
-
-The Postfix TLS library by default no longer waits after sending a
-TLS 'close' notification. This should be safe with TLSv1.0 and
-later. Specify "tls_fast_shutdown_enable = no" to enable historical
-Postfix behavior.
-
Major changes with snapshot 20190615
====================================
-After sending a TLS 'close' notification, the Postfix library by
-default no longer waits for the TLS peer to respond. According to
-RFC 2246 (TLSv1.0) section 7.2.1, "It is not required for the
-initiator of the close to wait for the responding close_notify alert
-before closing the read side of the connection."
+This release introduces a workaround for implementations that hang
+Postfix while shutting down a TLS session, until Postfix times out.
+With "tls_fast_shutdown_enable = yes" (the default), Postfix no
+longer waits for a remote TLS peer to respond to a TLS 'close'
+request. This behavior is recommended with TLSv1.0 and later. Specify
+"tls_fast_shutdown_enable = no" to get historical Postfix behavior.
Dovecot usability: the SMTP+LMTP delivery agent can now prepend
Delivered-To, X-Original-To and Return-Path headers, just like the
Optional name to send to the remote SMTP server in the TLS
Server Name Indication (SNI) extension.
- Available in Postfix version 3.5 and later:
+ Available in Postfix 3.5, 3.4.6, 3.3.5, 3.2.10, 3.1.13 and later:
<b><a href="postconf.5.html#tls_fast_shutdown_enable">tls_fast_shutdown_enable</a> (yes)</b>
- After sending a TLS 'close' notification, do not wait for the
- TLS peer to respond.
+ A workaround for implementations that hang Postfix while shuting
+ down a TLS session, until Postfix times out.
<b>OBSOLETE STARTTLS CONTROLS</b>
The following configuration parameters exist for compatibility with
<DT><b><a name="tls_fast_shutdown_enable">tls_fast_shutdown_enable</a>
(default: yes)</b></DT><DD>
-<p> After sending a TLS 'close' notification, do not wait for the
-TLS peer to respond.
-According to <a href="http://tools.ietf.org/html/rfc2246">RFC 2246</a> (TLSv1.0) section 7.2.1, "It is not required
-for the initiator of the close to wait for the responding close_notify
-alert before closing the read side of the connection." </p>
-
-<p> Specify "<a href="postconf.5.html#tls_fast_shutdown_enable">tls_fast_shutdown_enable</a> = no" to enable historical
-Postfix behavior. </p>
+<p> A workaround for implementations that hang Postfix while shuting
+down a TLS session, until Postfix times out. With this enabled,
+Postfix will not wait for the remote TLS peer to respond to a TLS
+'close' notification. This behavior is recommended for TLSv1.0 and
+later. </p>
</DD>
Optional name to send to the remote SMTP server in the TLS
Server Name Indication (SNI) extension.
- Available in Postfix version 3.5 and later:
+ Available in Postfix 3.5, 3.4.6, 3.3.5, 3.2.10, 3.1.13 and later:
<b><a href="postconf.5.html#tls_fast_shutdown_enable">tls_fast_shutdown_enable</a> (yes)</b>
- After sending a TLS 'close' notification, do not wait for the
- TLS peer to respond.
+ A workaround for implementations that hang Postfix while shuting
+ down a TLS session, until Postfix times out.
<b>OBSOLETE STARTTLS CONTROLS</b>
The following configuration parameters exist for compatibility with
clients via the TLS Server Name Indication (SNI) extension to
the appropriate keys and certificate chains.
- Available in Postfix version 3.5 and later:
+ Available in Postfix 3.5, 3.4.6, 3.3.5, 3.2.10, 3.1.13 and later:
<b><a href="postconf.5.html#tls_fast_shutdown_enable">tls_fast_shutdown_enable</a> (yes)</b>
- After sending a TLS 'close' notification, do not wait for the
- TLS peer to respond.
+ A workaround for implementations that hang Postfix while shuting
+ down a TLS session, until Postfix times out.
<b>OBSOLETE STARTTLS CONTROLS</b>
The following configuration parameters exist for compatibility with
clients via the TLS Server Name Indication (SNI) extension to
the appropriate keys and certificate chains.
- Available in Postfix version 3.5 and later:
+ Available in Postfix 3.5, 3.4.6, 3.3.5, 3.2.10, 3.1.13 and later:
<b><a href="postconf.5.html#tls_fast_shutdown_enable">tls_fast_shutdown_enable</a> (yes)</b>
- After sending a TLS 'close' notification, do not wait for the
- TLS peer to respond.
+ A workaround for implementations that hang Postfix while shuting
+ down a TLS session, until Postfix times out.
<b>STARTTLS SERVER CONTROLS</b>
These settings are clones of Postfix SMTP server settings. They allow
.PP
This feature is available in Postfix 2.3 and later.
.SH tls_fast_shutdown_enable (default: yes)
-After sending a TLS 'close' notification, do not wait for the
-TLS peer to respond.
-According to RFC 2246 (TLSv1.0) section 7.2.1, "It is not required
-for the initiator of the close to wait for the responding close_notify
-alert before closing the read side of the connection."
-.PP
-Specify "tls_fast_shutdown_enable = no" to enable historical
-Postfix behavior.
+A workaround for implementations that hang Postfix while shuting
+down a TLS session, until Postfix times out. With this enabled,
+Postfix will not wait for the remote TLS peer to respond to a TLS
+'close' notification. This behavior is recommended for TLSv1.0 and
+later.
.SH tls_high_cipherlist (default: see "postconf \-d" output)
The OpenSSL cipherlist for "high" grade ciphers. This defines
the meaning of the "high" setting in smtpd_tls_ciphers,
Optional name to send to the remote SMTP server in the TLS Server
Name Indication (SNI) extension.
.PP
-Available in Postfix version 3.5 and later:
+Available in Postfix 3.5, 3.4.6, 3.3.5, 3.2.10, 3.1.13 and later:
.IP "\fBtls_fast_shutdown_enable (yes)\fR"
-After sending a TLS 'close' notification, do not wait for the
-TLS peer to respond.
+A workaround for implementations that hang Postfix while shuting
+down a TLS session, until Postfix times out.
.SH "OBSOLETE STARTTLS CONTROLS"
.na
.nf
clients via the TLS Server Name Indication (SNI) extension to the
appropriate keys and certificate chains.
.PP
-Available in Postfix version 3.5 and later:
+Available in Postfix 3.5, 3.4.6, 3.3.5, 3.2.10, 3.1.13 and later:
.IP "\fBtls_fast_shutdown_enable (yes)\fR"
-After sending a TLS 'close' notification, do not wait for the
-TLS peer to respond.
+A workaround for implementations that hang Postfix while shuting
+down a TLS session, until Postfix times out.
.SH "OBSOLETE STARTTLS CONTROLS"
.na
.nf
clients via the TLS Server Name Indication (SNI) extension to the
appropriate keys and certificate chains.
.PP
-Available in Postfix version 3.5 and later:
+Available in Postfix 3.5, 3.4.6, 3.3.5, 3.2.10, 3.1.13 and later:
.IP "\fBtls_fast_shutdown_enable (yes)\fR"
-After sending a TLS 'close' notification, do not wait for the
-TLS peer to respond.
+A workaround for implementations that hang Postfix while shuting
+down a TLS session, until Postfix times out.
.SH "STARTTLS SERVER CONTROLS"
.na
.nf
<p> This feature is available in Postfix 3.0 and later. </p>
+%PARAM tls_fast_shutdown_enable yes
+
+<p> A workaround for implementations that hang Postfix while shuting
+down a TLS session, until Postfix times out. With this enabled,
+Postfix will not wait for the remote TLS peer to respond to a TLS
+'close' notification. This behavior is recommended for TLSv1.0 and
+later. </p>
+
%PARAM default_delivery_status_filter
<p> Optional filter to replace the delivery status code or explanatory
</p>
<p> This feature is available in Postfix 3.4 and later. </p>
-
-%PARAM tls_fast_shutdown_enable yes
-
-<p> After sending a TLS 'close' notification, do not wait for the
-TLS peer to respond.
-According to RFC 2246 (TLSv1.0) section 7.2.1, "It is not required
-for the initiator of the close to wait for the responding close_notify
-alert before closing the read side of the connection." </p>
-
-<p> Specify "tls_fast_shutdown_enable = no" to enable historical
-Postfix behavior. </p>
extern char *var_tls_dane_digests;
/*
- * Backwards compatibility for Postfix 3.5 and later.
+ * The default is incompatible with pre-TLSv1.0 protocols.
*/
-#define VAR_TLS_FAST_SHUTDOWN "tls_fast_shutdown"
+#define VAR_TLS_FAST_SHUTDOWN "tls_fast_shutdown_enable"
#define DEF_TLS_FAST_SHUTDOWN 1
extern bool var_tls_fast_shutdown;
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20190621"
+#define MAIL_RELEASE_DATE "20190724"
#define MAIL_VERSION_NUMBER "3.5"
#ifdef SNAPSHOT
* deny the request.
*/
#define PROXY_MAP_FIND_ERROR_RETURN(x) { *statp = (x); return (0); }
+#define PROXY_MAP_PARAM_NAME(proxy_writer) \
+ ((proxy_writer) == 0 ? VAR_PROXY_READ_MAPS : VAR_PROXY_WRITE_MAPS)
while (strncmp(map_type_name, PROXY_COLON, PROXY_COLON_LEN) == 0)
map_type_name += PROXY_COLON_LEN;
msg_warn("to approve this table for %s access, list %s:%s in %s:%s",
proxy_writer == 0 ? "read-only" : "read-write",
DICT_TYPE_PROXY, map_type_name, MAIN_CONF_FILE,
- proxy_writer == 0 ? VAR_PROXY_READ_MAPS :
- VAR_PROXY_WRITE_MAPS);
+ PROXY_MAP_PARAM_NAME(proxy_writer));
PROXY_MAP_FIND_ERROR_RETURN(PROXY_STAT_DENY);
}
var_proxy_read_maps);
proxy_auth_maps = htable_create(13);
while ((type_name = mystrtokq(&bp, sep, parens)) != 0) {
+ /* Maybe { maptype:mapname attr=value... } */
+ if (*type_name == parens[0]) {
+ char *err;
+
+ /* Warn about blatant syntax error. */
+ if ((err = extpar(&type_name, parens, EXTPAR_FLAG_NONE)) != 0) {
+ msg_warn("bad %s parameter value: %s",
+ PROXY_MAP_PARAM_NAME(proxy_writer), err);
+ myfree(err);
+ continue;
+ }
+ /* Don't try to second-guess the semantics of { }. */
+ if ((type_name = mystrtokq(&type_name, sep, parens)) == 0)
+ continue;
+ }
if (strncmp(type_name, PROXY_COLON, PROXY_COLON_LEN))
continue;
do {
type_name += PROXY_COLON_LEN;
} while (!strncmp(type_name, PROXY_COLON, PROXY_COLON_LEN));
if (strchr(type_name, ':') != 0
- && htable_locate(proxy_auth_maps, type_name) == 0)
+ && htable_locate(proxy_auth_maps, type_name) == 0) {
(void) htable_enter(proxy_auth_maps, type_name, (void *) 0);
+ if (msg_verbose)
+ msg_info("whitelisting %s from %s", type_name,
+ PROXY_MAP_PARAM_NAME(proxy_writer));
+ }
}
myfree(saved_filter);
/* Optional name to send to the remote SMTP server in the TLS Server
/* Name Indication (SNI) extension.
/* .PP
-/* Available in Postfix version 3.5 and later:
+/* Available in Postfix 3.5, 3.4.6, 3.3.5, 3.2.10, 3.1.13 and later:
/* .IP "\fBtls_fast_shutdown_enable (yes)\fR"
-/* After sending a TLS 'close' notification, do not wait for the
-/* TLS peer to respond.
+/* A workaround for implementations that hang Postfix while shuting
+/* down a TLS session, until Postfix times out.
/* OBSOLETE STARTTLS CONTROLS
/* .ad
/* .fi
/* clients via the TLS Server Name Indication (SNI) extension to the
/* appropriate keys and certificate chains.
/* .PP
-/* Available in Postfix version 3.5 and later:
+/* Available in Postfix 3.5, 3.4.6, 3.3.5, 3.2.10, 3.1.13 and later:
/* .IP "\fBtls_fast_shutdown_enable (yes)\fR"
-/* After sending a TLS 'close' notification, do not wait for the
-/* TLS peer to respond.
+/* A workaround for implementations that hang Postfix while shuting
+/* down a TLS session, until Postfix times out.
/* OBSOLETE STARTTLS CONTROLS
/* .ad
/* .fi
/* char *var_tls_mgr_service;
/* char *var_tls_tkt_cipher;
/* char *var_openssl_path;
+/* char *var_tls_server_sni_maps;
+/* bool var_tls_fast_shutdown;
/*
/* TLS_APPL_STATE *tls_alloc_app_context(ssl_ctx, log_mask)
/* SSL_CTX *ssl_ctx;
const char *peer_sig_curve = 0;
const char *peer_sig_dgst = 0;
int nid;
- int got_kex_key;
SSL *ssl = TLScontext->con;
int srvr = SSL_is_server(ssl);
X509 *cert;
/* clients via the TLS Server Name Indication (SNI) extension to the
/* appropriate keys and certificate chains.
/* .PP
-/* Available in Postfix version 3.5 and later:
+/* Available in Postfix 3.5, 3.4.6, 3.3.5, 3.2.10, 3.1.13 and later:
/* .IP "\fBtls_fast_shutdown_enable (yes)\fR"
-/* After sending a TLS 'close' notification, do not wait for the
-/* TLS peer to respond.
+/* A workaround for implementations that hang Postfix while shuting
+/* down a TLS session, until Postfix times out.
/* STARTTLS SERVER CONTROLS
/* .ad
/* .fi
#define HAS_FUTIMES /* XXX maybe earlier */
#endif
-#if (defined(OpenBSD) && OpenBSD >= 199608)
+#if (defined(OpenBSD) && OpenBSD >= 199608 && OpenBSD < 201105)
#define PREFERRED_RAND_SOURCE "dev:/dev/arandom" /* XXX earlier */
#endif
{
if (len < 0 || len > vp->vbuf.len)
msg_panic("vstring_set_payload_size: invalid offset: %ld", (long) len);
+ if (vp->vbuf.data[vp->vbuf.len] != 0)
+ msg_panic("vstring_set_payload_size: no safety null byte");
VSTRING_AT_OFFSET(vp, len);
return (vp);
}
projects / thirdparty / postfix.git / commitdiff
