postfix-3.9-20230912

diff --git a/postfix/HISTORY b/postfix/HISTORY
index e37bf54a4f5fb84b277633faef45e9970af756a8..5164f46d60a1b2968f1d41c5b5802c04fc7560c7 100644 (file)
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@@ -27366,3 +27366,16 @@ Apologies for any names omitted.
        added error handling for the unlikely case that the legacy
        mysql_real_escape_string() returns an error. File:
        global/dict_mysql.c.
+
+20230906
+
+       Documentation: the postconf(5) manpage did not document
+       that the force_mime_input_conversion feature was introduced
+       in Postfix 3.9. Viktor Dukhovni. File: proto/postconf.proto.
+
+20230912
+
+       Cleanup: record the use of a raw public key in Received:
+       headers, when the Postfix SMTP server or the remote SMTP
+       client presents a raw public key. Viktor Dukhovni. File:
+       smtpd/smtpd.c.

diff --git a/postfix/html/postconf.5.html b/postfix/html/postconf.5.html
index 5588d27985fa15232d5a9c52183995697d278d3c..d78d3a5c6bad1bc050e8074d6b620a88a6350d3e 100644 (file)
--- a/postfix/html/postconf.5.html
+++ b/postfix/html/postconf.5.html
@@ -12447,6 +12447,8 @@ until a match is found.
 results. Specify one non-whitespace character that does not appear in
 the username. </p>
 
+<p> This feature is available in Postfix &ge; 3.9. </p>
+
 
 </DD>
 

diff --git a/postfix/man/man5/postconf.5 b/postfix/man/man5/postconf.5
index d6e3d8c6285ed3c205d6d77aa211301410f293dc..305ede165d165d332079ace47f0870b2103ef0d3 100644 (file)
--- a/postfix/man/man5/postconf.5
+++ b/postfix/man/man5/postconf.5
@@ -8026,6 +8026,8 @@ until a match is found.
 The delimiter between username and password in sasl_passwd_maps lookup
 results. Specify one non\-whitespace character that does not appear in
 the username.
+.PP
+This feature is available in Postfix >= 3.9.
 .SH smtp_sasl_path (default: empty)
 Implementation\-specific information that the Postfix SMTP client
 passes through to

diff --git a/postfix/proto/postconf.proto b/postfix/proto/postconf.proto
index c8523a90ab2d28171605b9efd2c5b2272e328ee9..d0f9c78f2e053dce7d096419339d8c0aeaa9792e 100644 (file)
--- a/postfix/proto/postconf.proto
+++ b/postfix/proto/postconf.proto
@@ -4712,6 +4712,8 @@ configuration parameter.  See there for details. </p>
 results. Specify one non-whitespace character that does not appear in
 the username. </p>
 
+<p> This feature is available in Postfix &ge; 3.9. </p>
+
 %PARAM smtp_sasl_security_options noplaintext, noanonymous
 
 <p> Postfix SMTP client SASL security options; as of Postfix 2.3

diff --git a/postfix/proto/stop.double-history b/postfix/proto/stop.double-history
index 2fb2cee889e75523a5f561c14e8508585f359216..4a4b59e0fbdccdb39dbad4fc678ae75000a552d1 100644 (file)
--- a/postfix/proto/stop.double-history
+++ b/postfix/proto/stop.double-history
@@ -66,3 +66,4 @@ proto  proto aliases proto virtual proto ADDRESS_REWRITING_README html
  smtp lmtp_params c smtp smtp c smtp smtp_params c 
  plaintext Problem reported by Serg File smtp smtp h 
  cleanup cleanup c cleanup cleanup_init c proto postconf proto 
+ smtpd smtpd c 

diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h
index 5a7640d85cd9973babb745a784b37c940146d12f..77de2f57fa0a3ec5f685531ca37d97c6f3688701 100644 (file)
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -20,7 +20,7 @@
   * Patches change both the patchlevel and the release date. Snapshots have no
   * patchlevel; they change the release date only.
   */
-#define MAIL_RELEASE_DATE      "20230903"
+#define MAIL_RELEASE_DATE      "20230912"
 #define MAIL_VERSION_NUMBER    "3.9"
 
 #ifdef SNAPSHOT

diff --git a/postfix/src/smtpd/smtpd.c b/postfix/src/smtpd/smtpd.c
index f6ade16e388edaef2573e2d3bd6328cd31c0c344..dae15172501bf9231c64dfc97275cbf63e57af28 100644 (file)
--- a/postfix/src/smtpd/smtpd.c
+++ b/postfix/src/smtpd/smtpd.c
@@ -1485,7 +1485,7 @@ char   *var_smtpd_tls_eecdh;
 char   *var_smtpd_tls_eccert_file;
 char   *var_smtpd_tls_eckey_file;
 char   *var_smtpd_tls_chain_files;
-int    var_smtpd_tls_enable_rpk;
+int     var_smtpd_tls_enable_rpk;
 
 #endif
 
@@ -3459,11 +3459,15 @@ static void common_pre_message_handling(SMTPD_STATE *state,
                }
                if (state->tls_context->srvr_sig_curve
                    && *state->tls_context->srvr_sig_curve)
-                   vstring_sprintf_append(state->buffer, " (%s)",
-                                       state->tls_context->srvr_sig_curve);
+                   vstring_sprintf_append(state->buffer, " (%s%s)",
+                                        state->tls_context->srvr_sig_curve,
+                                          state->tls_context->stoc_rpk ?
+                                          " raw public key" : "");
                else if (state->tls_context->srvr_sig_bits > 0)
-                   vstring_sprintf_append(state->buffer, " (%d bits)",
-                                        state->tls_context->srvr_sig_bits);
+                   vstring_sprintf_append(state->buffer, " (%d bit%s)",
+                                          state->tls_context->srvr_sig_bits,
+                                          state->tls_context->stoc_rpk ?
+                                          " raw public key" : "s");
                if (state->tls_context->srvr_sig_dgst
                    && *state->tls_context->srvr_sig_dgst)
                    vstring_sprintf_append(state->buffer, " server-digest %s",
@@ -3477,11 +3481,15 @@ static void common_pre_message_handling(SMTPD_STATE *state,
                                state->tls_context->clnt_sig_name);
                if (state->tls_context->clnt_sig_curve
                    && *state->tls_context->clnt_sig_curve)
-                   vstring_sprintf_append(state->buffer, " (%s)",
-                                       state->tls_context->clnt_sig_curve);
+                   vstring_sprintf_append(state->buffer, " (%s%s)",
+                                        state->tls_context->clnt_sig_curve,
+                                          state->tls_context->ctos_rpk ?
+                                          " raw public key" : "");
                else if (state->tls_context->clnt_sig_bits > 0)
-                   vstring_sprintf_append(state->buffer, " (%d bits)",
-                                        state->tls_context->clnt_sig_bits);
+                   vstring_sprintf_append(state->buffer, " (%d bit%s)",
+                                          state->tls_context->clnt_sig_bits,
+                                          state->tls_context->ctos_rpk ?
+                                          " raw public key" : "s");
                if (state->tls_context->clnt_sig_dgst
                    && *state->tls_context->clnt_sig_dgst)
                    vstring_sprintf_append(state->buffer, " client-digest %s",