Portability: FreeBSD closefrom() support time window. Sahil
Tandon. File: util/sys_defs.h.
+
+20110414
+
+ Bugfix (introduced with Postfix SASL patch 20000314): don't
+ reuse a server SASL handle after authentication failure.
+ Problem reported by Thomas Jarosch of Intra2net AG. File:
+ smtpd/smtpd_proto.c.
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20110303"
-#define MAIL_VERSION_NUMBER "2.6.9"
+#define MAIL_RELEASE_DATE "20110509"
+#define MAIL_VERSION_NUMBER "2.6.10"
#ifdef SNAPSHOT
# define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE
return (-1);
}
+ /* Don't reuse the SASL handle after authentication failure. */
+#ifndef SMTPD_FLAG_AUTH_USED
+#define SMTPD_FLAG_AUTH_USED (1<<15)
+#endif
+#ifndef XSASL_TYPE_CYRUS
+#define XSASL_TYPE_CYRUS "cyrus"
+#endif
+ if (state->flags & SMTPD_FLAG_AUTH_USED) {
+ smtpd_sasl_deactivate(state);
+#ifdef USE_TLS
+ if (state->tls_context != 0)
+ smtpd_sasl_activate(state, VAR_SMTPD_SASL_TLS_OPTS,
+ var_smtpd_sasl_tls_opts);
+ else
+#endif
+ smtpd_sasl_activate(state, VAR_SMTPD_SASL_OPTS,
+ var_smtpd_sasl_opts);
+ } else if (strcmp(var_smtpd_sasl_type, XSASL_TYPE_CYRUS) == 0) {
+ state->flags |= SMTPD_FLAG_AUTH_USED;
+ }
+
/*
* All authentication failures shall be logged. The 5xx reply code from
* the SASL authentication routine triggers tar-pit delays, which help to
projects / thirdparty / postfix.git / commitdiff
