src/smtp/smtp_tls_policy.c src/tls/tls_dane.c
src/posttls-finger/posttls-finger.c.
+20131209
+
+ Cleanup: safe_strtoul() did not report an error for empty
+ or all-space input (the code to report this was in the wrong
+ place). This was not a problem as long as safe_strtoul()
+ was used only for output from safe_ultostr(). Files:
+ global/safe_ultostr.c, global/safe_ultostr.in,
+ global/safe_ultostr.ref.
+
+20131210
+
+ Documentation: updated description of SSL protocol controls.
+ In particular, emabled protocols are psrt of a contiguous
+ range. Viktor Dukhovni. Files: proto/TLS_README.html,
+ proto/postconf.proto.
+
+ Bugfix (DANE support): handle OpenSSL memory allocation
+ error. Viktor Dukhovni. File: tls/tls_dane.c.
Since Postfix uses multiple smtpd(8) service processes, an in-memory cache is
not sufficient for session re-use. Clients store at most one cached session per
-server and are very unlikey to repeatedly connect to the same server process.
+server and are very unlikely to repeatedly connect to the same server process.
Thus session caching in the Postfix SMTP server generally requires a shared
cache (an alternative available with Postfix >= 2.11 is described below).
smtpd_tls_mandatory_ciphers = high
smtpd_tls_mandatory_exclude_ciphers = aNULL, MD5
smtpd_tls_security_level = encrypt
- # Postfix >= 2.5:
+ # Preferred syntax with Postfix >= 2.5:
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
- # Legacy form with Postfix prior to 2.5:
+ # Legacy syntax:
smtpd_tls_mandatory_protocols = TLSv1
If you want to take advantage of ciphers with ephemeral Diffie-Hellman (EDH)
lie in an "insecure" DNS zone. Such lookups have been observed to cause
interoperability issues with poorly implemented DNS servers, and are in any
case not expected to ever yield "secure" results, since that would require a
-very unlikey DLV DNS trust anchor configured between the host record and the
+very unlikely DLV DNS trust anchor configured between the host record and the
associated "_25._tcp" child TLSA record.
The "dane-only" level is a form of secure-channel TLS based on the DANE PKI. If
<p> Since Postfix uses multiple <a href="smtpd.8.html">smtpd(8)</a> service processes, an
in-memory cache is not sufficient for session re-use. Clients store
-at most one cached session per server and are very unlikey to
+at most one cached session per server and are very unlikely to
repeatedly connect to the same server process. Thus session caching
in the Postfix SMTP server generally requires a shared cache (an
alternative available with Postfix ≥ 2.11 is described below).
<a href="postconf.5.html#smtpd_tls_mandatory_ciphers">smtpd_tls_mandatory_ciphers</a> = high
<a href="postconf.5.html#smtpd_tls_mandatory_exclude_ciphers">smtpd_tls_mandatory_exclude_ciphers</a> = aNULL, MD5
<a href="postconf.5.html#smtpd_tls_security_level">smtpd_tls_security_level</a> = encrypt
- # Postfix ≥ 2.5:
+ # Preferred syntax with Postfix ≥ 2.5:
<a href="postconf.5.html#smtpd_tls_mandatory_protocols">smtpd_tls_mandatory_protocols</a> = !SSLv2, !SSLv3
- # Legacy form with Postfix prior to 2.5:
+ # Legacy syntax:
<a href="postconf.5.html#smtpd_tls_mandatory_protocols">smtpd_tls_mandatory_protocols</a> = TLSv1
</pre>
</blockquote>
zone. Such lookups have been observed to cause interoperability
issues with poorly implemented DNS servers, and are in any case not
expected to ever yield "secure" results, since that would require
-a very unlikey DLV DNS trust anchor configured between the host
+a very unlikely DLV DNS trust anchor configured between the host
record and the associated "_25._tcp" child TLSA record. </p>
<p> The "dane-only" level is a form of <a
When a transaction fails due to a full database, Postfix
resizes the database and retries the transaction.
- Postfix access, address mapping and routing tables will
- generate partial search keys such as domain names without
- one or more subdomains, network addresses without one or
- more least-significant octets, or email addresses without
- the localpart, address extension or domain portion. This
- behavior is also found with <a href="DATABASE_README.html#types">btree</a>:, <a href="DATABASE_README.html#types">hash</a>:, or <a href="ldap_table.5.html">ldap</a>:
- tables.
+ Postfix access, address mapping and routing table lookups
+ may generate partial search keys such as domain names
+ without one or more subdomains, network addresses without
+ one or more least-significant octets, or email addresses
+ without the localpart, address extension or domain por-
+ tion. This behavior is also found with <a href="DATABASE_README.html#types">btree</a>:, <a href="DATABASE_README.html#types">hash</a>:, or
+ <a href="ldap_table.5.html">ldap</a>: tables.
Unlike other flat-file based Postfix databases, changes to
- an LMDB database do not require automatic daemon program
+ an LMDB database do not trigger automatic daemon program
restart.
<b>RELIABILITY</b>
empty value means allow all protocols. The valid protocol names, (see
<b>SSL_get_version(3)</b>), are "SSLv2", "SSLv3" and "TLSv1". </p>
-<p> Note: As of OpenSSL 1.0.1 two new protocols are defined, "TLSv1.1"
-and "TLSv1.2". If an older Postfix version is linked against OpenSSL
-1.0.1 or later, these, or any other new protocol versions, are
-unconditionally enabled. </p>
-
-<p> With Postfix ≥ 2.5 the parameter syntax is expanded to support
-protocol exclusions. One can now explicitly exclude SSLv2 by setting
-"<a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> = !SSLv2". To exclude both SSLv2 and
-SSLv3 set "<a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> = !SSLv2, !SSLv3". Listing
+<p> With Postfix ≥ 2.5 the parameter syntax was expanded to support
+protocol exclusions. One can explicitly exclude "SSLv2" by setting
+"<a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> = !SSLv2". To exclude both "SSLv2" and
+"SSLv3" set "<a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> = !SSLv2, !SSLv3". Listing
the protocols to include, rather than protocols to exclude, is
supported, but not recommended. The exclusion form more closely
-matches the behavior when the OpenSSL library is newer than Postfix.
+matches the underlying OpenSSL interface semantics.
</p>
+<p> The range of protocols advertised by an SSL/TLS client must be
+contiguous. When a protocol version is enabled, disabling any
+higher version implicitly disables all versions above that higher
+version. Thus, for example: </p>
+<blockquote>
+<pre>
+<a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> = !SSLv2, !TLSv1
+</pre>
+</blockquote>
+<p> also disables any protocols version higher than TLSv1 leaving
+only "SSLv3" enabled. </p>
+
+<p> Note: As of OpenSSL 1.0.1 two new protocols are defined, "TLSv1.1"
+and "TLSv1.2". When Postfix ≤ 2.5 is linked against OpenSSL 1.0.1
+or later, these, or any other new protocol versions, cannot be
+disabled except by also disabling "TLSv1" (typically leaving just
+"SSLv3"). The latest patch levels of Postfix ≥ 2.6, and all
+versions of Postfix ≥ 2.10 can explicitly disable support for
+"TLSv1.1" or "TLSv1.2". </p>
+
+<p> At the <a href="TLS_README.html#client_tls_dane">dane</a> and
+<a href="TLS_README.html#client_tls_dane">dane-only</a> security
+levels, when usable TLSA records are obtained for the remote SMTP
+server, the Postfix SMTP client is obligated to include the SNI TLS
+extension in its SSL client hello message. This may help the remote
+SMTP server live up to its promise to provide a certificate that
+matches its TLSA records. Since TLS extensions require TLS 1.0 or
+later, the Postfix SMTP client must disable "SSLv2" and "SSLv3" when
+SNI is required. If you use "dane" or "dane-only" do not disable
+TLSv1, except perhaps via the policy table for destinations which
+you are sure will support "TLSv1.1" or "TLSv1.2". </p>
+
<p> Since SSL version 2 has known protocol weaknesses and is now
deprecated, the default setting excludes "SSLv2". This means that by
default, SSL version 2 will not be used at the "encrypt" security level
<p> Example: </p>
<pre>
-# Preferred form with Postfix ≥ 2.5:
+# Preferred syntax with Postfix ≥ 2.5:
<a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> = !SSLv2, !SSLv3
-# Legacy form with Postfix < 2.5:
+# Legacy syntax:
<a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> = TLSv1
</pre>
protocol names, (see <b>SSL_get_version(3)</b>), are "SSLv2", "SSLv3"
and "TLSv1". </p>
+<p> The range of protocols advertised by an SSL/TLS client must be
+contiguous. When a protocol version is enabled, disabling any
+higher version implicitly disables all versions above that higher
+version. Thus, for example: </p>
+<blockquote>
+<pre>
+<a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> = !SSLv2, !TLSv1
+</pre>
+</blockquote>
+<p> also disables any protocols version higher than TLSv1 leaving
+only "SSLv3" enabled. </p>
+
<p> Note: As of OpenSSL 1.0.1 two new protocols are defined, "TLSv1.1"
-and "TLSv1.2". If an older Postfix version is linked against OpenSSL
-1.0.1 or later, these, or any other new protocol versions, are
-unconditionally enabled. </p>
+and "TLSv1.2". The latest patch levels of Postfix ≥ 2.6, and all
+versions of Postfix ≥ 2.10 can explicitly disable support for
+"TLSv1.1" or "TLSv1.2"</p>
<p> To include a protocol list its name, to exclude it, prefix the name
with a "!" character. To exclude SSLv2 even for opportunistic TLS set
"<a href="postconf.5.html#smtp_tls_protocols">smtp_tls_protocols</a> = !SSLv2". To exclude both "SSLv2" and "SSLv3" set
"<a href="postconf.5.html#smtp_tls_protocols">smtp_tls_protocols</a> = !SSLv2, !SSLv3". Explicitly listing the protocols to
include, rather than protocols to exclude, is supported, but not
-recommended. The exclusion form more closely matches the behavior
-when the OpenSSL library is newer than Postfix. </p>
+recommended. The exclusion form more closely matches the underlying
+OpenSSL interface semantics. </p>
<p> Example: </p>
<pre>
The supported protocol names are "SSLv2", "SSLv3" and "TLSv1", and
are not case sensitive. </p>
-<p> Note: As of OpenSSL 1.0.1 two new protocols are defined, "TLSv1.1"
-and "TLSv1.2". If an older Postfix version is linked against OpenSSL
-1.0.1 or later, these, or any other new protocol versions, are
-unconditionally enabled. </p>
-
-<p> With Postfix ≥ 2.5 the parameter syntax is expanded to support
-protocol exclusions. One can now explicitly exclude SSLv2 by setting
-"<a href="postconf.5.html#smtpd_tls_mandatory_protocols">smtpd_tls_mandatory_protocols</a> = !SSLv2". To exclude both SSLv2 and
-SSLv3 set "<a href="postconf.5.html#smtpd_tls_mandatory_protocols">smtpd_tls_mandatory_protocols</a> = !SSLv2, !SSLv3". Listing
+<p> With Postfix ≥ 2.5 the parameter syntax was expanded to support
+protocol exclusions. One can explicitly exclude "SSLv2" by setting
+"<a href="postconf.5.html#smtpd_tls_mandatory_protocols">smtpd_tls_mandatory_protocols</a> = !SSLv2". To exclude both "SSLv2" and
+"SSLv3" set "<a href="postconf.5.html#smtpd_tls_mandatory_protocols">smtpd_tls_mandatory_protocols</a> = !SSLv2, !SSLv3". Listing
the protocols to include, rather than protocols to exclude, is
supported, but not recommended. The exclusion form more closely
-matches the behavior when the OpenSSL library is newer than Postfix.
-</p>
+matches the underlying OpenSSL interface semantics. </p>
+
+<p> Note: As of OpenSSL 1.0.1 two new protocols are defined, "TLSv1.1"
+and "TLSv1.2". When Postfix ≤ 2.5 is linked against OpenSSL 1.0.1
+or later, these, or any other new protocol versions, cannot be
+disabled. The latest patch levels of Postfix ≥ 2.6, and all
+versions of Postfix ≥ 2.10 can disable support for "TLSv1.1" or
+"TLSv1.2". </p>
<p> Since SSL version 2 has known protocol weaknesses and is now
deprecated, the default setting excludes "SSLv2". This means that
<p> Example: </p>
<pre>
+# Preferred syntax with Postfix ≥ 2.5:
<a href="postconf.5.html#smtpd_tls_mandatory_protocols">smtpd_tls_mandatory_protocols</a> = !SSLv2, !SSLv3
-# Legacy form with Postfix < 2.5:
+# Legacy syntax:
<a href="postconf.5.html#smtpd_tls_mandatory_protocols">smtpd_tls_mandatory_protocols</a> = TLSv1
</pre>
(default: empty)</b></DT><DD>
<p> List of TLS protocols that the Postfix SMTP server will exclude
-or include with opportunistic TLS encryption. This parameter SHOULD be
-left at its default empty value, allowing all protocols to be used with
-opportunistic TLS. </p>
-
-<p> In <a href="postconf.5.html">main.cf</a> the values are separated by whitespace, commas or
-colons. An empty value means allow all protocols. The valid protocol
-names, (see <b>SSL_get_version(3)</b>), are "SSLv2", "SSLv3" and
-"TLSv1". In <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a> table entries, "protocols" attribute
-values are separated by a colon. </p>
+or include with opportunistic TLS encryption. This parameter SHOULD
+be left at its default empty value, allowing all protocols to be
+used with opportunistic TLS. A non-empty value is a list of protocol
+names separated by whitespace, commas or colons. The supported
+protocol names are "SSLv2", "SSLv3" and "TLSv1", and are not case
+sensitive. </p>
<p> Note: As of OpenSSL 1.0.1 two new protocols are defined, "TLSv1.1"
-and "TLSv1.2". If an older Postfix version is linked against OpenSSL
-1.0.1 or later, these, or any other new protocol versions, are
-unconditionally enabled. </p>
+and "TLSv1.2". The latest patch levels of Postfix ≥ 2.6, and all
+versions of Postfix ≥ 2.10 can disable support for "TLSv1.1" or
+"TLSv1.2". </p>
<p> To include a protocol list its name, to exclude it, prefix the name
with a "!" character. To exclude SSLv2 even for opportunistic TLS set
"<a href="postconf.5.html#smtpd_tls_protocols">smtpd_tls_protocols</a> = !SSLv2". To exclude both "SSLv2" and "SSLv3" set
"<a href="postconf.5.html#smtpd_tls_protocols">smtpd_tls_protocols</a> = !SSLv2, !SSLv3". Explicitly listing the protocols to
include, rather than protocols to exclude, is supported, but not
-recommended. The exclusion form more closely matches the behavior
-when the OpenSSL library is newer than Postfix. </p>
+recommended. The exclusion form more closely matches the underlying
+OpenSSL interface semantics. </p>
<p> Example: </p>
<pre>
<dd> From each group of well-formed TLSA RRs a non-zero digest
matching type with the same certificate usage and selector, DANE
verification examines only those records whose matching type has
-the highest precedence (appear earliest in $<a href="postconf.5.html#tls_dane_digests">tls_dane_digests</a>) are
-considered. </dd>
+the highest precedence (appear earliest in $<a href="postconf.5.html#tls_dane_digests">tls_dane_digests</a>).
+</dd>
<dt><b>maybe</b></dt>
<dd> For compatibility with digest algorithm agility, each certificate
When a transaction fails due to a full database, Postfix
resizes the database and retries the transaction.
-Postfix access, address mapping and routing tables will
-generate partial search keys such as domain names without
+Postfix access, address mapping and routing table lookups
+may generate partial search keys such as domain names without
one or more subdomains, network addresses without one or
more least-significant octets, or email addresses without
the localpart, address extension or domain portion.
tables.
Unlike other flat-file based Postfix databases, changes to
-an LMDB database do not require automatic daemon program
+an LMDB database do not trigger automatic daemon program
restart.
.SH "RELIABILITY"
.na
empty value means allow all protocols. The valid protocol names, (see
\\fBfBSSL_get_version\fR(3)\fR), are "SSLv2", "SSLv3" and "TLSv1".
.PP
-Note: As of OpenSSL 1.0.1 two new protocols are defined, "TLSv1.1"
-and "TLSv1.2". If an older Postfix version is linked against OpenSSL
-1.0.1 or later, these, or any other new protocol versions, are
-unconditionally enabled.
-.PP
-With Postfix >= 2.5 the parameter syntax is expanded to support
-protocol exclusions. One can now explicitly exclude SSLv2 by setting
-"smtp_tls_mandatory_protocols = !SSLv2". To exclude both SSLv2 and
-SSLv3 set "smtp_tls_mandatory_protocols = !SSLv2, !SSLv3". Listing
+With Postfix >= 2.5 the parameter syntax was expanded to support
+protocol exclusions. One can explicitly exclude "SSLv2" by setting
+"smtp_tls_mandatory_protocols = !SSLv2". To exclude both "SSLv2" and
+"SSLv3" set "smtp_tls_mandatory_protocols = !SSLv2, !SSLv3". Listing
the protocols to include, rather than protocols to exclude, is
supported, but not recommended. The exclusion form more closely
-matches the behavior when the OpenSSL library is newer than Postfix.
+matches the underlying OpenSSL interface semantics.
+.PP
+The range of protocols advertised by an SSL/TLS client must be
+contiguous. When a protocol version is enabled, disabling any
+higher version implicitly disables all versions above that higher
+version. Thus, for example:
+.sp
+.in +4
+.nf
+.na
+.ft C
+smtp_tls_mandatory_protocols = !SSLv2, !TLSv1
+.fi
+.ad
+.ft R
+.in -4
+also disables any protocols version higher than TLSv1 leaving
+only "SSLv3" enabled.
+.PP
+Note: As of OpenSSL 1.0.1 two new protocols are defined, "TLSv1.1"
+and "TLSv1.2". When Postfix <= 2.5 is linked against OpenSSL 1.0.1
+or later, these, or any other new protocol versions, cannot be
+disabled except by also disabling "TLSv1" (typically leaving just
+"SSLv3"). The latest patch levels of Postfix >= 2.6, and all
+versions of Postfix >= 2.10 can explicitly disable support for
+"TLSv1.1" or "TLSv1.2".
+.PP
+At the dane and
+dane-only security
+levels, when usable TLSA records are obtained for the remote SMTP
+server, the Postfix SMTP client is obligated to include the SNI TLS
+extension in its SSL client hello message. This may help the remote
+SMTP server live up to its promise to provide a certificate that
+matches its TLSA records. Since TLS extensions require TLS 1.0 or
+later, the Postfix SMTP client must disable "SSLv2" and "SSLv3" when
+SNI is required. If you use "dane" or "dane-only" do not disable
+TLSv1, except perhaps via the policy table for destinations which
+you are sure will support "TLSv1.1" or "TLSv1.2".
.PP
Since SSL version 2 has known protocol weaknesses and is now
deprecated, the default setting excludes "SSLv2". This means that by
.nf
.na
.ft C
-# Preferred form with Postfix >= 2.5:
+# Preferred syntax with Postfix >= 2.5:
smtp_tls_mandatory_protocols = !SSLv2, !SSLv3
-# Legacy form with Postfix < 2.5:
+# Legacy syntax:
smtp_tls_mandatory_protocols = TLSv1
.fi
.ad
protocol names, (see \\fBfBSSL_get_version\fR(3)\fR), are "SSLv2", "SSLv3"
and "TLSv1".
.PP
+The range of protocols advertised by an SSL/TLS client must be
+contiguous. When a protocol version is enabled, disabling any
+higher version implicitly disables all versions above that higher
+version. Thus, for example:
+.sp
+.in +4
+.nf
+.na
+.ft C
+smtp_tls_mandatory_protocols = !SSLv2, !TLSv1
+.fi
+.ad
+.ft R
+.in -4
+also disables any protocols version higher than TLSv1 leaving
+only "SSLv3" enabled.
+.PP
Note: As of OpenSSL 1.0.1 two new protocols are defined, "TLSv1.1"
-and "TLSv1.2". If an older Postfix version is linked against OpenSSL
-1.0.1 or later, these, or any other new protocol versions, are
-unconditionally enabled.
+and "TLSv1.2". The latest patch levels of Postfix >= 2.6, and all
+versions of Postfix >= 2.10 can explicitly disable support for
+"TLSv1.1" or "TLSv1.2"
.PP
To include a protocol list its name, to exclude it, prefix the name
with a "!" character. To exclude SSLv2 even for opportunistic TLS set
"smtp_tls_protocols = !SSLv2". To exclude both "SSLv2" and "SSLv3" set
"smtp_tls_protocols = !SSLv2, !SSLv3". Explicitly listing the protocols to
include, rather than protocols to exclude, is supported, but not
-recommended. The exclusion form more closely matches the behavior
-when the OpenSSL library is newer than Postfix.
+recommended. The exclusion form more closely matches the underlying
+OpenSSL interface semantics.
.PP
Example:
.nf
The supported protocol names are "SSLv2", "SSLv3" and "TLSv1", and
are not case sensitive.
.PP
-Note: As of OpenSSL 1.0.1 two new protocols are defined, "TLSv1.1"
-and "TLSv1.2". If an older Postfix version is linked against OpenSSL
-1.0.1 or later, these, or any other new protocol versions, are
-unconditionally enabled.
-.PP
-With Postfix >= 2.5 the parameter syntax is expanded to support
-protocol exclusions. One can now explicitly exclude SSLv2 by setting
-"smtpd_tls_mandatory_protocols = !SSLv2". To exclude both SSLv2 and
-SSLv3 set "smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3". Listing
+With Postfix >= 2.5 the parameter syntax was expanded to support
+protocol exclusions. One can explicitly exclude "SSLv2" by setting
+"smtpd_tls_mandatory_protocols = !SSLv2". To exclude both "SSLv2" and
+"SSLv3" set "smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3". Listing
the protocols to include, rather than protocols to exclude, is
supported, but not recommended. The exclusion form more closely
-matches the behavior when the OpenSSL library is newer than Postfix.
+matches the underlying OpenSSL interface semantics.
+.PP
+Note: As of OpenSSL 1.0.1 two new protocols are defined, "TLSv1.1"
+and "TLSv1.2". When Postfix <= 2.5 is linked against OpenSSL 1.0.1
+or later, these, or any other new protocol versions, cannot be
+disabled. The latest patch levels of Postfix >= 2.6, and all
+versions of Postfix >= 2.10 can disable support for "TLSv1.1" or
+"TLSv1.2".
.PP
Since SSL version 2 has known protocol weaknesses and is now
deprecated, the default setting excludes "SSLv2". This means that
.nf
.na
.ft C
+# Preferred syntax with Postfix >= 2.5:
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
-# Legacy form with Postfix < 2.5:
+# Legacy syntax:
smtpd_tls_mandatory_protocols = TLSv1
.fi
.ad
This feature is available in Postfix 2.3 and later.
.SH smtpd_tls_protocols (default: empty)
List of TLS protocols that the Postfix SMTP server will exclude
-or include with opportunistic TLS encryption. This parameter SHOULD be
-left at its default empty value, allowing all protocols to be used with
-opportunistic TLS.
-.PP
-In main.cf the values are separated by whitespace, commas or
-colons. An empty value means allow all protocols. The valid protocol
-names, (see \\fBfBSSL_get_version\fR(3)\fR), are "SSLv2", "SSLv3" and
-"TLSv1". In smtp_tls_policy_maps table entries, "protocols" attribute
-values are separated by a colon.
+or include with opportunistic TLS encryption. This parameter SHOULD
+be left at its default empty value, allowing all protocols to be
+used with opportunistic TLS. A non-empty value is a list of protocol
+names separated by whitespace, commas or colons. The supported
+protocol names are "SSLv2", "SSLv3" and "TLSv1", and are not case
+sensitive.
.PP
Note: As of OpenSSL 1.0.1 two new protocols are defined, "TLSv1.1"
-and "TLSv1.2". If an older Postfix version is linked against OpenSSL
-1.0.1 or later, these, or any other new protocol versions, are
-unconditionally enabled.
+and "TLSv1.2". The latest patch levels of Postfix >= 2.6, and all
+versions of Postfix >= 2.10 can disable support for "TLSv1.1" or
+"TLSv1.2".
.PP
To include a protocol list its name, to exclude it, prefix the name
with a "!" character. To exclude SSLv2 even for opportunistic TLS set
"smtpd_tls_protocols = !SSLv2". To exclude both "SSLv2" and "SSLv3" set
"smtpd_tls_protocols = !SSLv2, !SSLv3". Explicitly listing the protocols to
include, rather than protocols to exclude, is supported, but not
-recommended. The exclusion form more closely matches the behavior
-when the OpenSSL library is newer than Postfix.
+recommended. The exclusion form more closely matches the underlying
+OpenSSL interface semantics.
.PP
Example:
.nf
From each group of well-formed TLSA RRs a non-zero digest
matching type with the same certificate usage and selector, DANE
verification examines only those records whose matching type has
-the highest precedence (appear earliest in $tls_dane_digests) are
-considered.
+the highest precedence (appear earliest in $tls_dane_digests).
.br
.IP "\fBmaybe\fR"
For compatibility with digest algorithm agility, each certificate
<p> Since Postfix uses multiple smtpd(8) service processes, an
in-memory cache is not sufficient for session re-use. Clients store
-at most one cached session per server and are very unlikey to
+at most one cached session per server and are very unlikely to
repeatedly connect to the same server process. Thus session caching
in the Postfix SMTP server generally requires a shared cache (an
alternative available with Postfix ≥ 2.11 is described below).
smtpd_tls_mandatory_ciphers = high
smtpd_tls_mandatory_exclude_ciphers = aNULL, MD5
smtpd_tls_security_level = encrypt
- # Postfix ≥ 2.5:
+ # Preferred syntax with Postfix ≥ 2.5:
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
- # Legacy form with Postfix prior to 2.5:
+ # Legacy syntax:
smtpd_tls_mandatory_protocols = TLSv1
</pre>
</blockquote>
zone. Such lookups have been observed to cause interoperability
issues with poorly implemented DNS servers, and are in any case not
expected to ever yield "secure" results, since that would require
-a very unlikey DLV DNS trust anchor configured between the host
+a very unlikely DLV DNS trust anchor configured between the host
record and the associated "_25._tcp" child TLSA record. </p>
<p> The "dane-only" level is a form of <a
# When a transaction fails due to a full database, Postfix
# resizes the database and retries the transaction.
#
-# Postfix access, address mapping and routing tables will
-# generate partial search keys such as domain names without
+# Postfix access, address mapping and routing table lookups
+# may generate partial search keys such as domain names without
# one or more subdomains, network addresses without one or
# more least-significant octets, or email addresses without
# the localpart, address extension or domain portion.
# tables.
#
# Unlike other flat-file based Postfix databases, changes to
-# an LMDB database do not require automatic daemon program
+# an LMDB database do not trigger automatic daemon program
# restart.
# RELIABILITY
# .ad
empty value means allow all protocols. The valid protocol names, (see
<b>SSL_get_version(3)</b>), are "SSLv2", "SSLv3" and "TLSv1". </p>
-<p> Note: As of OpenSSL 1.0.1 two new protocols are defined, "TLSv1.1"
-and "TLSv1.2". If an older Postfix version is linked against OpenSSL
-1.0.1 or later, these, or any other new protocol versions, are
-unconditionally enabled. </p>
-
-<p> With Postfix ≥ 2.5 the parameter syntax is expanded to support
-protocol exclusions. One can now explicitly exclude SSLv2 by setting
-"smtp_tls_mandatory_protocols = !SSLv2". To exclude both SSLv2 and
-SSLv3 set "smtp_tls_mandatory_protocols = !SSLv2, !SSLv3". Listing
+<p> With Postfix ≥ 2.5 the parameter syntax was expanded to support
+protocol exclusions. One can explicitly exclude "SSLv2" by setting
+"smtp_tls_mandatory_protocols = !SSLv2". To exclude both "SSLv2" and
+"SSLv3" set "smtp_tls_mandatory_protocols = !SSLv2, !SSLv3". Listing
the protocols to include, rather than protocols to exclude, is
supported, but not recommended. The exclusion form more closely
-matches the behavior when the OpenSSL library is newer than Postfix.
+matches the underlying OpenSSL interface semantics.
</p>
+<p> The range of protocols advertised by an SSL/TLS client must be
+contiguous. When a protocol version is enabled, disabling any
+higher version implicitly disables all versions above that higher
+version. Thus, for example: </p>
+<blockquote>
+<pre>
+smtp_tls_mandatory_protocols = !SSLv2, !TLSv1
+</pre>
+</blockquote>
+<p> also disables any protocols version higher than TLSv1 leaving
+only "SSLv3" enabled. </p>
+
+<p> Note: As of OpenSSL 1.0.1 two new protocols are defined, "TLSv1.1"
+and "TLSv1.2". When Postfix ≤ 2.5 is linked against OpenSSL 1.0.1
+or later, these, or any other new protocol versions, cannot be
+disabled except by also disabling "TLSv1" (typically leaving just
+"SSLv3"). The latest patch levels of Postfix ≥ 2.6, and all
+versions of Postfix ≥ 2.10 can explicitly disable support for
+"TLSv1.1" or "TLSv1.2". </p>
+
+<p> At the <a href="TLS_README.html#client_tls_dane">dane</a> and
+<a href="TLS_README.html#client_tls_dane">dane-only</a> security
+levels, when usable TLSA records are obtained for the remote SMTP
+server, the Postfix SMTP client is obligated to include the SNI TLS
+extension in its SSL client hello message. This may help the remote
+SMTP server live up to its promise to provide a certificate that
+matches its TLSA records. Since TLS extensions require TLS 1.0 or
+later, the Postfix SMTP client must disable "SSLv2" and "SSLv3" when
+SNI is required. If you use "dane" or "dane-only" do not disable
+TLSv1, except perhaps via the policy table for destinations which
+you are sure will support "TLSv1.1" or "TLSv1.2". </p>
+
<p> Since SSL version 2 has known protocol weaknesses and is now
deprecated, the default setting excludes "SSLv2". This means that by
default, SSL version 2 will not be used at the "encrypt" security level
<p> Example: </p>
<pre>
-# Preferred form with Postfix ≥ 2.5:
+# Preferred syntax with Postfix ≥ 2.5:
smtp_tls_mandatory_protocols = !SSLv2, !SSLv3
-# Legacy form with Postfix < 2.5:
+# Legacy syntax:
smtp_tls_mandatory_protocols = TLSv1
</pre>
The supported protocol names are "SSLv2", "SSLv3" and "TLSv1", and
are not case sensitive. </p>
-<p> Note: As of OpenSSL 1.0.1 two new protocols are defined, "TLSv1.1"
-and "TLSv1.2". If an older Postfix version is linked against OpenSSL
-1.0.1 or later, these, or any other new protocol versions, are
-unconditionally enabled. </p>
-
-<p> With Postfix ≥ 2.5 the parameter syntax is expanded to support
-protocol exclusions. One can now explicitly exclude SSLv2 by setting
-"smtpd_tls_mandatory_protocols = !SSLv2". To exclude both SSLv2 and
-SSLv3 set "smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3". Listing
+<p> With Postfix ≥ 2.5 the parameter syntax was expanded to support
+protocol exclusions. One can explicitly exclude "SSLv2" by setting
+"smtpd_tls_mandatory_protocols = !SSLv2". To exclude both "SSLv2" and
+"SSLv3" set "smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3". Listing
the protocols to include, rather than protocols to exclude, is
supported, but not recommended. The exclusion form more closely
-matches the behavior when the OpenSSL library is newer than Postfix.
-</p>
+matches the underlying OpenSSL interface semantics. </p>
+
+<p> Note: As of OpenSSL 1.0.1 two new protocols are defined, "TLSv1.1"
+and "TLSv1.2". When Postfix ≤ 2.5 is linked against OpenSSL 1.0.1
+or later, these, or any other new protocol versions, cannot be
+disabled. The latest patch levels of Postfix ≥ 2.6, and all
+versions of Postfix ≥ 2.10 can disable support for "TLSv1.1" or
+"TLSv1.2". </p>
<p> Since SSL version 2 has known protocol weaknesses and is now
deprecated, the default setting excludes "SSLv2". This means that
<p> Example: </p>
<pre>
+# Preferred syntax with Postfix ≥ 2.5:
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
-# Legacy form with Postfix < 2.5:
+# Legacy syntax:
smtpd_tls_mandatory_protocols = TLSv1
</pre>
protocol names, (see <b>SSL_get_version(3)</b>), are "SSLv2", "SSLv3"
and "TLSv1". </p>
+<p> The range of protocols advertised by an SSL/TLS client must be
+contiguous. When a protocol version is enabled, disabling any
+higher version implicitly disables all versions above that higher
+version. Thus, for example: </p>
+<blockquote>
+<pre>
+smtp_tls_mandatory_protocols = !SSLv2, !TLSv1
+</pre>
+</blockquote>
+<p> also disables any protocols version higher than TLSv1 leaving
+only "SSLv3" enabled. </p>
+
<p> Note: As of OpenSSL 1.0.1 two new protocols are defined, "TLSv1.1"
-and "TLSv1.2". If an older Postfix version is linked against OpenSSL
-1.0.1 or later, these, or any other new protocol versions, are
-unconditionally enabled. </p>
+and "TLSv1.2". The latest patch levels of Postfix ≥ 2.6, and all
+versions of Postfix ≥ 2.10 can explicitly disable support for
+"TLSv1.1" or "TLSv1.2"</p>
<p> To include a protocol list its name, to exclude it, prefix the name
with a "!" character. To exclude SSLv2 even for opportunistic TLS set
"smtp_tls_protocols = !SSLv2". To exclude both "SSLv2" and "SSLv3" set
"smtp_tls_protocols = !SSLv2, !SSLv3". Explicitly listing the protocols to
include, rather than protocols to exclude, is supported, but not
-recommended. The exclusion form more closely matches the behavior
-when the OpenSSL library is newer than Postfix. </p>
+recommended. The exclusion form more closely matches the underlying
+OpenSSL interface semantics. </p>
<p> Example: </p>
<pre>
%PARAM smtpd_tls_protocols
<p> List of TLS protocols that the Postfix SMTP server will exclude
-or include with opportunistic TLS encryption. This parameter SHOULD be
-left at its default empty value, allowing all protocols to be used with
-opportunistic TLS. </p>
-
-<p> In main.cf the values are separated by whitespace, commas or
-colons. An empty value means allow all protocols. The valid protocol
-names, (see <b>SSL_get_version(3)</b>), are "SSLv2", "SSLv3" and
-"TLSv1". In smtp_tls_policy_maps table entries, "protocols" attribute
-values are separated by a colon. </p>
+or include with opportunistic TLS encryption. This parameter SHOULD
+be left at its default empty value, allowing all protocols to be
+used with opportunistic TLS. A non-empty value is a list of protocol
+names separated by whitespace, commas or colons. The supported
+protocol names are "SSLv2", "SSLv3" and "TLSv1", and are not case
+sensitive. </p>
<p> Note: As of OpenSSL 1.0.1 two new protocols are defined, "TLSv1.1"
-and "TLSv1.2". If an older Postfix version is linked against OpenSSL
-1.0.1 or later, these, or any other new protocol versions, are
-unconditionally enabled. </p>
+and "TLSv1.2". The latest patch levels of Postfix ≥ 2.6, and all
+versions of Postfix ≥ 2.10 can disable support for "TLSv1.1" or
+"TLSv1.2". </p>
<p> To include a protocol list its name, to exclude it, prefix the name
with a "!" character. To exclude SSLv2 even for opportunistic TLS set
"smtpd_tls_protocols = !SSLv2". To exclude both "SSLv2" and "SSLv3" set
"smtpd_tls_protocols = !SSLv2, !SSLv3". Explicitly listing the protocols to
include, rather than protocols to exclude, is supported, but not
-recommended. The exclusion form more closely matches the behavior
-when the OpenSSL library is newer than Postfix. </p>
+recommended. The exclusion form more closely matches the underlying
+OpenSSL interface semantics. </p>
<p> Example: </p>
<pre>
<dd> From each group of well-formed TLSA RRs a non-zero digest
matching type with the same certificate usage and selector, DANE
verification examines only those records whose matching type has
-the highest precedence (appear earliest in $tls_dane_digests) are
-considered. </dd>
+the highest precedence (appear earliest in $tls_dane_digests).
+</dd>
<dt><b>maybe</b></dt>
<dd> For compatibility with digest algorithm agility, each certificate
xtext_test scache_multi_test ehlo_mask_test \
namadr_list_test mail_conf_time_test header_body_checks_tests \
mail_version_test server_acl_test resolve_local_test maps_test
+ safe_ultostr_test
mime_tests: mime_test mime_nest mime_8bit mime_dom mime_trunc mime_cvt \
mime_cvt2 mime_cvt3 mime_garb1 mime_garb2 mime_garb3 mime_garb4
diff mail_conf_time.ref mail_conf_time.tmp
rm -f mail_conf_time.tmp
+safe_ultostr_test: safe_ultostr safe_ultostr.in safe_ultostr.ref
+ ./safe_ultostr <safe_ultostr.in >safe_ultostr.tmp 2>&1
+ diff safe_ultostr.ref safe_ultostr.tmp
+ rm -f safe_ultostr.tmp
+
header_body_checks_null_test: header_body_checks header_body_checks_null.ref
./header_body_checks "" "" "" "" \
<mime_test.in >header_body_checks_null.tmp 2>&1
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20131208"
+#define MAIL_RELEASE_DATE "20131210"
#define MAIL_VERSION_NUMBER "2.11"
#ifdef SNAPSHOT
/* safe_ultostr - convert unsigned long to safe alphanumerical string */
char *safe_ultostr(VSTRING *buf, unsigned long ulval, int base,
- int padlen, int padchar)
+ int padlen, int padchar)
{
const char *myname = "safe_ultostr";
char *start;
/*
* Skip leading whitespace. We don't implement sign/base prefixes.
*/
+ if (end)
+ *end = (char *) start;
while (ISSPACE(*start))
++start;
* Start the conversion.
*/
errno = 0;
- for (cp = (unsigned char *) start; *cp; cp++) {
- /* Return (0, EINVAL) if no conversion was made. */
- if ((char_val = char_map[*cp]) >= base) {
- if (cp == (unsigned char *) start)
- errno = EINVAL;
- break;
- }
+ for (cp = (unsigned char *) start; (char_val = char_map[*cp]) < base; cp++) {
/* Return (ULONG_MAX, ERANGE) if the result is too large. */
if (sum > div_limit
|| (sum == div_limit && char_val > mod_limit)) {
}
sum = sum * base + char_val;
}
- if (end)
+ /* Return (0, EINVAL) after no conversion. Test moved here 20131209. */
+ if (cp == (unsigned char *) start)
+ errno = EINVAL;
+ else if (end)
*end = (char *) cp;
return (sum);
}
#define strtoul strtol
#endif
+ /*
+ * Hard-coded string-to-number test.
+ */
+ ulval2 = safe_strtoul(" ", &junk, 10);
+ if (*junk == 0 || errno != EINVAL)
+ msg_warn("input=' ' result=%lu errno=%m", ulval2);
+
+ /*
+ * Configurable number-to-string-to-number test.
+ */
while (vstring_get_nonl(buf, VSTREAM_IN) != VSTREAM_EOF) {
ch = 0;
if (sscanf(STR(buf), "%lu %d%c", &ulval, &base, &ch) != 2 || ch) {
--- /dev/null
+4294967295 2
+4294967295 10
+4294967295 16
+4294967295 52
--- /dev/null
+4294967295 = 11111111111111111111111111111111
+4294967295 = 4294967295
+4294967295 = HHHHHHHH
+4294967295 = CHPgSv
if (mode & EDIT_CONF) {
if ((err = split_nameval(cp, &pattern, &req->edit_value)) != 0)
msg_fatal("%s: \"%s\"", err, req->raw_text);
+ if ((mode & MASTER_PARAM)
+ && req->edit_value[strcspn(req->edit_value, PC_MASTER_BLANKS)])
+ msg_fatal("whitespace in parameter value: \"%s\"",
+ req->raw_text);
} else if (mode & (COMMENT_OUT | EDIT_EXCL)) {
if (strchr(cp, '=') != 0)
msg_fatal("-X or -# requires names without value");
/*
* XXX: safe_strtoul() does not flag empty or white-space only input.
* Since we get idbuf by splitting white-space/comma delimited
- * tokens, this is not a problem here.
+ * tokens, this is not a problem here. Fixed as of 210131209.
*/
l = safe_strtoul(value, &endcp, 10);
if ((l == 0 && (errno == EINVAL || endcp == value))
DNS_RR *tail = 0; /* Last retained RR */
DNS_RR *next;
+ /*
+ * XXX Code that modifies or destroys DNS_RR lists or entries belongs in
+ * the DNS library, not here.
+ */
for ( /* nop */ ; rr; rr = next) {
next = rr->next;
X509V3_set_ctx(&v3ctx, issuer, subject, 0, 0, 0);
if ((exts = subject->cert_info->extensions) == 0)
exts = subject->cert_info->extensions = sk_X509_EXTENSION_new_null();
+ if (!exts)
+ return (0);
if ((ext = X509V3_EXT_conf_nid(0, &v3ctx, ext_nid, ext_val)) != 0
&& sk_X509_EXTENSION_push(exts, ext))
projects / thirdparty / postfix.git / commitdiff
