From 94bfaa1fb932c8ba91b4e941d3115bcf147c56e5 Mon Sep 17 00:00:00 2001 From: Wietse Venema Date: Sun, 4 Nov 2018 00:00:00 -0500 Subject: [PATCH] postfix-3.3.2-RC1 --- postfix/HISTORY | 24 +++++++ postfix/README_FILES/TLS_README | 22 +++--- postfix/html/TLS_README.html | 28 +++----- postfix/html/postconf.5.html | 85 ++++++++++++++++------- postfix/man/man5/postconf.5 | 103 ++++++++++++++++++++-------- postfix/proto/TLS_README.html | 28 +++----- postfix/proto/postconf.proto | 85 ++++++++++++++++------- postfix/src/global/mail_version.h | 4 +- postfix/src/postconf/extract_cfg.sh | 3 + postfix/src/tls/tls.h | 16 ++++- postfix/src/tls/tls_dane.c | 43 +++++------- postfix/src/tls/tls_misc.c | 55 ++++++++++++++- postfix/src/tls/tls_server.c | 17 ++++- 13 files changed, 352 insertions(+), 161 deletions(-) diff --git a/postfix/HISTORY b/postfix/HISTORY index 2aeef0986..661ef6bd3 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -23364,3 +23364,27 @@ Apologies for any names omitted. from Andreas Schulze, Eray Aslan, and Viktor Dukhovni. Files: postfix/postfix.c, master/master.c, master/master.h, master/master_sig.c, conf/postfix-script. + +20180617 + + Bugfix (introduced: Postfix 2.11): minor memory leak when + minting issuer certs. This affects a tiny minority of use + cases. Viktor Dukhovni, based on a fix by Juan Altmayer + Pizzorno for the ssl_dane library. + +20180817 + + Workaround: postconf build did not abort if the m4 command + is not installed (on a system that does have the make + command, the awk command, the perl command, and the C + compiler?!). File: postconf/extract_cfg.sh. + +20181104 + + Multiple 'bit rot' fixes for OpenSSL API changes, including + support to disable TLSv1.3, to avoid issuing multiple session + tickets, and to allow OpenSSL >= 1.1.0 run-time micro version + bumps without complaining about library version mismatches. + Viktor Dukhovni. Files: proto/postconf.proto, + proto/TLS_README.html, tls/tls.h, tls/tls_dane.c, + tls/tls_server.c, tls/tls_misc.c. diff --git a/postfix/README_FILES/TLS_README b/postfix/README_FILES/TLS_README index 15b5e52c3..02bfa4c54 100644 --- a/postfix/README_FILES/TLS_README +++ b/postfix/README_FILES/TLS_README @@ -660,11 +660,12 @@ Example: smtpd_starttls_timeout = 300s With Postfix 2.8 and later, the tls_disable_workarounds parameter specifies a -list or bit-mask of OpenSSL bug work-arounds to disable. This may be necessary -if one of the work-arounds enabled by default in OpenSSL proves to pose a -security risk, or introduces an unexpected interoperability issue. Some bug -work-arounds known to be problematic are disabled in the default value of the -parameter when linked with an OpenSSL library that could be vulnerable. +list or bit-mask of default-enabled OpenSSL bug work-arounds to disable. This +may be necessary if one of the work-arounds enabled by default in OpenSSL +proves to pose a security risk, or introduces an unexpected interoperability +issue. The list of enabled bug work-arounds is OpenSSL-release-specific. See +the tls_disable_workarounds parameter documentation for the list of supported +values. Example: @@ -677,16 +678,9 @@ mask of OpenSSL options to enable. Specify one or more of the named options below, or a hexadecimal bitmask of options found in the ssl.h file corresponding to the run-time OpenSSL library. While it may be reasonable to turn off all bug workarounds (see above), it is not a good idea to attempt to -turn on all features. +turn on all features. See the tls_ssl_options parameter documentation for the +list of supported values. -LLEEGGAACCYY__SSEERRVVEERR__CCOONNNNEECCTT - See SSL_CTX_set_options(3). -NNOO__TTIICCKKEETT - See SSL_CTX_set_options(3). -NNOO__CCOOMMPPRREESSSSIIOONN - Disable SSL compression even if supported by the OpenSSL library. - Compression is CPU-intensive, and compression before encryption does not - always improve security. Example: /etc/postfix/main.cf: diff --git a/postfix/html/TLS_README.html b/postfix/html/TLS_README.html index c732b4f34..0b0370371 100644 --- a/postfix/html/TLS_README.html +++ b/postfix/html/TLS_README.html @@ -923,12 +923,13 @@ handshake procedures.

With Postfix 2.8 and later, the tls_disable_workarounds parameter -specifies a list or bit-mask of OpenSSL bug work-arounds to disable. This -may be necessary if one of the work-arounds enabled by default in -OpenSSL proves to pose a security risk, or introduces an unexpected -interoperability issue. Some bug work-arounds known to be problematic -are disabled in the default value of the parameter when linked with -an OpenSSL library that could be vulnerable.

+specifies a list or bit-mask of default-enabled OpenSSL bug +work-arounds to disable. This may be necessary if one of the +work-arounds enabled by default in OpenSSL proves to pose a security +risk, or introduces an unexpected interoperability issue. The list +of enabled bug work-arounds is OpenSSL-release-specific. See the +tls_disable_workarounds parameter documentation for the list of +supported values.

Example:

@@ -946,19 +947,8 @@ more of the named options below, or a hexadecimal bitmask of options found in the ssl.h file corresponding to the run-time OpenSSL library. While it may be reasonable to turn off all bug workarounds (see above), it is not a good idea to attempt to turn on all features. -

- -
- -
LEGACY_SERVER_CONNECT
See SSL_CTX_set_options(3).
- -
NO_TICKET
See SSL_CTX_set_options(3).
- -
NO_COMPRESSION
Disable SSL compression even if -supported by the OpenSSL library. Compression is CPU-intensive, -and compression before encryption does not always improve security.
- -
+See the tls_ssl_options parameter documentation for the list of +supported values.

Example:

diff --git a/postfix/html/postconf.5.html b/postfix/html/postconf.5.html index 093a3c6b5..a6e2e174f 100644 --- a/postfix/html/postconf.5.html +++ b/postfix/html/postconf.5.html @@ -12511,8 +12511,10 @@ matches the underlying OpenSSL interface semantics.

The range of protocols advertised by an SSL/TLS client must be contiguous. When a protocol version is enabled, disabling any -higher version implicitly disables all versions above that higher -version. Thus, for example:

+higher version implicitly disables all versions above that higher version. +Thus, for example (assuming the OpenSSL library supports both SSLv2 +and SSLv3): +

 smtp_tls_mandatory_protocols = !SSLv2, !TLSv1
@@ -12529,6 +12531,9 @@ disabled except by also disabling "TLSv1" (typically leaving just
 versions of Postfix ≥ 2.10 can explicitly disable support for
 "TLSv1.1" or "TLSv1.2". 

 
+
 OpenSSL 1.1.1 introduces support for "TLSv1.3".  With Postfix ≥ 3.4,
+this can be disabled, if need be, via "!TLSv1.3". 

+
 
 At the dane and
 dane-only security
 levels, when usable TLSA records are obtained for the remote SMTP
@@ -12841,11 +12846,13 @@ and "TLSv1". 

 
 
 The range of protocols advertised by an SSL/TLS client must be
 contiguous.  When a protocol version is enabled, disabling any
-higher version implicitly disables all versions above that higher
-version.  Thus, for example: 

+higher version implicitly disables all versions above that higher version.
+Thus, for example (assuming the OpenSSL library supports both SSLv2
+and SSLv3):
+

 

 
-smtp_tls_mandatory_protocols = !SSLv2, !TLSv1
+smtp_tls_protocols = !SSLv2, !TLSv1
 

 

 
 also disables any protocols version higher than TLSv1 leaving
@@ -12856,6 +12863,9 @@ and "TLSv1.2". The latest patch levels of Postfix ≥ 2.6, and all
 versions of Postfix ≥ 2.10 can explicitly disable support for
 "TLSv1.1" or "TLSv1.2"

 
+
 OpenSSL 1.1.1 introduces support for "TLSv1.3".  With Postfix ≥ 3.4,
+this can be disabled, if need be, via "!TLSv1.3". 

+
 
 To include a protocol list its name, to exclude it, prefix the name
 with a "!" character. To exclude SSLv2 for opportunistic TLS set
 "smtp_tls_protocols = !SSLv2". To exclude both "SSLv2" and "SSLv3" set
@@ -16965,6 +16975,9 @@ disabled.  The latest patch levels of Postfix ≥ 2.6, and all
 versions of Postfix ≥ 2.10 can disable support for "TLSv1.1" or
 "TLSv1.2". 

 
+
 OpenSSL 1.1.1 introduces support for "TLSv1.3".  With Postfix ≥ 3.4,
+this can be disabled, if need be, via "!TLSv1.3". 

+
 
 Example: 

 
 
@@ -16996,6 +17009,9 @@ and "TLSv1.2". The latest patch levels of Postfix ≥ 2.6, and all
 versions of Postfix ≥ 2.10 can disable support for "TLSv1.1" or
 "TLSv1.2". 

 
+
 OpenSSL 1.1.1 introduces support for "TLSv1.3".  With Postfix ≥ 3.4,
+this can be disabled, if need be, via "!TLSv1.3". 

+
 
 To include a protocol list its name, to exclude it, prefix the name
 with a "!" character. To exclude SSLv2 for opportunistic TLS set
 "smtpd_tls_protocols = !SSLv2". To exclude both "SSLv2" and "SSLv3" set
@@ -17735,44 +17751,46 @@ you can only disable one of these via the hexadecimal syntax above. 

 
 

 
-
MICROSOFT_SESS_ID_BUG
 
See SSL_CTX_set_options(3)

+
CRYPTOPRO_TLSEXT_BUG
 
New with GOST support in
+OpenSSL 1.0.0.

 
-
NETSCAPE_CHALLENGE_BUG
 
See SSL_CTX_set_options(3)

+
DONT_INSERT_EMPTY_FRAGMENTS
 
See
+SSL_CTX_set_options(3)

 
 
LEGACY_SERVER_CONNECT
 
See SSL_CTX_set_options(3)

 
-
NETSCAPE_REUSE_CIPHER_CHANGE_BUG
 
 also aliased
-as CVE-2010-4180. Postfix 2.8 disables this work-around by
-default with OpenSSL versions that may predate the fix. Fixed in
-OpenSSL 0.9.8q and OpenSSL 1.0.0c.

-
-
SSLREF2_REUSE_CERT_TYPE_BUG
 
See
-SSL_CTX_set_options(3)

-
 
MICROSOFT_BIG_SSLV3_BUFFER
 
See
 SSL_CTX_set_options(3)

 
+
MICROSOFT_SESS_ID_BUG
 
See SSL_CTX_set_options(3)

+
 
MSIE_SSLV2_RSA_PADDING
 
 also aliased as
 CVE-2005-2969. Postfix 2.8 disables this work-around by
 default with OpenSSL versions that may predate the fix. Fixed in
 OpenSSL 0.9.7h and OpenSSL 0.9.8a.

 
+
NETSCAPE_CHALLENGE_BUG
 
See SSL_CTX_set_options(3)

+
+
NETSCAPE_REUSE_CIPHER_CHANGE_BUG
 
 also aliased
+as CVE-2010-4180. Postfix 2.8 disables this work-around by
+default with OpenSSL versions that may predate the fix. Fixed in
+OpenSSL 0.9.8q and OpenSSL 1.0.0c.

+
 
SSLEAY_080_CLIENT_DH_BUG
 
See
 SSL_CTX_set_options(3)

 
-
TLS_D5_BUG
 
See SSL_CTX_set_options(3)

+
SSLREF2_REUSE_CERT_TYPE_BUG
 
See
+SSL_CTX_set_options(3)

 
 
TLS_BLOCK_PADDING_BUG
 
See SSL_CTX_set_options(3)

 
+
TLS_D5_BUG
 
See SSL_CTX_set_options(3)

+
 
TLS_ROLLBACK_BUG
 
See SSL_CTX_set_options(3).
 This is disabled in OpenSSL 0.9.7 and later. Nobody should still
 be using 0.9.6! 

 
-
DONT_INSERT_EMPTY_FRAGMENTS
 
See
-SSL_CTX_set_options(3)

-
-
CRYPTOPRO_TLSEXT_BUG
 
New with GOST support in
-OpenSSL 1.0.0.

+
TLSEXT_PADDING
Postfix ≥ 3.4. See SSL_CTX_set_options(3).

 
 

 
@@ -18146,18 +18164,39 @@ in its value are enabled (see openssl/ssl.h and SSL_CTX_set_options(3)).
 You can only enable options not already controlled by other Postfix
 settings.  For example, you cannot disable protocols or enable
 server cipher preference.  Do not attempt to turn all features by
-specifying 0xFFFFFFFF, this is unlikely to be a good idea.  

+specifying 0xFFFFFFFF, this is unlikely to be a good idea.  Some
+bug work-arounds are also valid here, allowing them to be re-enabled
+if/when they're no longer enabled by default.  The supported values
+include: 

 
 

 
+
ENABLE_MIDDLEBOX_COMPAT
 
Postfix ≥ 3.4. See
+SSL_CTX_set_options(3).

+
 
LEGACY_SERVER_CONNECT
 
See SSL_CTX_set_options(3).

 
-
NO_TICKET
 
See SSL_CTX_set_options(3).

+
NO_TICKET
 
Enabled by default when needed in
+fully-patched Postfix ≥ 2.7.  Not needed at all for Postfix ≥
+2.11, unless for some reason you do not want to support TLS session
+resumption.  Best not set explicitly.  See SSL_CTX_set_options(3).

 
 
NO_COMPRESSION
 
Disable SSL compression even if
 supported by the OpenSSL library.  Compression is CPU-intensive,
 and compression before encryption does not always improve security.  

 
+
NO_RENEGOTIATION
 
Postfix ≥ 3.4.  This can
+reduce opportunities for a potential CPU exhaustion attack.  See
+SSL_CTX_set_options(3).

+
+
NO_SESSION_RESUMPTION_ON_RENEGOTIATION
 
Postfix
+≥ 3.4. See SSL_CTX_set_options(3).

+
+
PRIORITIZE_CHACHA
 
Postfix ≥ 3.4. See SSL_CTX_set_options(3).

+
+
TLSEXT_PADDING
 
Postfix ≥ 3.4. See
+SSL_CTX_set_options(3).

+
 

 
 
 This feature is available in Postfix 2.11 and later.  

diff --git a/postfix/man/man5/postconf.5 b/postfix/man/man5/postconf.5
index b2dff862e..be35c04a8 100644
--- a/postfix/man/man5/postconf.5
+++ b/postfix/man/man5/postconf.5
@@ -8054,8 +8054,9 @@ matches the underlying OpenSSL interface semantics.
 .PP
 The range of protocols advertised by an SSL/TLS client must be
 contiguous.  When a protocol version is enabled, disabling any
-higher version implicitly disables all versions above that higher
-version.  Thus, for example:
+higher version implicitly disables all versions above that higher version.
+Thus, for example (assuming the OpenSSL library supports both SSLv2
+and SSLv3):
 .sp
 .in +4
 .nf
@@ -8077,6 +8078,9 @@ disabled except by also disabling "TLSv1" (typically leaving just
 versions of Postfix >= 2.10 can explicitly disable support for
 "TLSv1.1" or "TLSv1.2".
 .PP
+OpenSSL 1.1.1 introduces support for "TLSv1.3".  With Postfix >= 3.4,
+this can be disabled, if need be, via "!TLSv1.3".
+.PP
 At the dane and
 dane\-only security
 levels, when usable TLSA records are obtained for the remote SMTP
@@ -8372,14 +8376,15 @@ and "TLSv1".
 .PP
 The range of protocols advertised by an SSL/TLS client must be
 contiguous.  When a protocol version is enabled, disabling any
-higher version implicitly disables all versions above that higher
-version.  Thus, for example:
+higher version implicitly disables all versions above that higher version.
+Thus, for example (assuming the OpenSSL library supports both SSLv2
+and SSLv3):
 .sp
 .in +4
 .nf
 .na
 .ft C
-smtp_tls_mandatory_protocols = !SSLv2, !TLSv1
+smtp_tls_protocols = !SSLv2, !TLSv1
 .fi
 .ad
 .ft R
@@ -8392,6 +8397,9 @@ and "TLSv1.2". The latest patch levels of Postfix >= 2.6, and all
 versions of Postfix >= 2.10 can explicitly disable support for
 "TLSv1.1" or "TLSv1.2"
 .PP
+OpenSSL 1.1.1 introduces support for "TLSv1.3".  With Postfix >= 3.4,
+this can be disabled, if need be, via "!TLSv1.3".
+.PP
 To include a protocol list its name, to exclude it, prefix the name
 with a "!" character. To exclude SSLv2 for opportunistic TLS set
 "smtp_tls_protocols = !SSLv2". To exclude both "SSLv2" and "SSLv3" set
@@ -11669,6 +11677,9 @@ disabled.  The latest patch levels of Postfix >= 2.6, and all
 versions of Postfix >= 2.10 can disable support for "TLSv1.1" or
 "TLSv1.2".
 .PP
+OpenSSL 1.1.1 introduces support for "TLSv1.3".  With Postfix >= 3.4,
+this can be disabled, if need be, via "!TLSv1.3".
+.PP
 Example:
 .PP
 .nf
@@ -11698,6 +11709,9 @@ and "TLSv1.2". The latest patch levels of Postfix >= 2.6, and all
 versions of Postfix >= 2.10 can disable support for "TLSv1.1" or
 "TLSv1.2".
 .PP
+OpenSSL 1.1.1 introduces support for "TLSv1.3".  With Postfix >= 3.4,
+this can be disabled, if need be, via "!TLSv1.3".
+.PP
 To include a protocol list its name, to exclude it, prefix the name
 with a "!" character. To exclude SSLv2 for opportunistic TLS set
 "smtpd_tls_protocols = !SSLv2". To exclude both "SSLv2" and "SSLv3" set
@@ -12213,57 +12227,60 @@ of specific named bug work\-arounds chosen from the list below. It
 is possible that your OpenSSL version includes new bug work\-arounds
 added after your Postfix source code was last updated, in that case
 you can only disable one of these via the hexadecimal syntax above.
-.IP "\fBMICROSOFT_SESS_ID_BUG\fR"
-See SSL_CTX_\fBset_options\fR(3)
+.IP "\fBCRYPTOPRO_TLSEXT_BUG\fR"
+New with GOST support in
+OpenSSL 1.0.0.
 .br
-.IP "\fBNETSCAPE_CHALLENGE_BUG\fR"
-See SSL_CTX_\fBset_options\fR(3)
+.IP "\fBDONT_INSERT_EMPTY_FRAGMENTS\fR"
+See
+SSL_CTX_\fBset_options\fR(3)
 .br
 .IP "\fBLEGACY_SERVER_CONNECT\fR"
 See SSL_CTX_\fBset_options\fR(3)
 .br
-.IP "\fBNETSCAPE_REUSE_CIPHER_CHANGE_BUG\fR"
-also aliased
-as \fBCVE\-2010\-4180\fR. Postfix 2.8 disables this work\-around by
-default with OpenSSL versions that may predate the fix. Fixed in
-OpenSSL 0.9.8q and OpenSSL 1.0.0c.
-.br
-.IP "\fBSSLREF2_REUSE_CERT_TYPE_BUG\fR"
-See
-SSL_CTX_\fBset_options\fR(3)
-.br
 .IP "\fBMICROSOFT_BIG_SSLV3_BUFFER\fR"
 See
 SSL_CTX_\fBset_options\fR(3)
 .br
+.IP "\fBMICROSOFT_SESS_ID_BUG\fR"
+See SSL_CTX_\fBset_options\fR(3)
+.br
 .IP "\fBMSIE_SSLV2_RSA_PADDING\fR"
 also aliased as
 \fBCVE\-2005\-2969\fR. Postfix 2.8 disables this work\-around by
 default with OpenSSL versions that may predate the fix. Fixed in
 OpenSSL 0.9.7h and OpenSSL 0.9.8a.
 .br
+.IP "\fBNETSCAPE_CHALLENGE_BUG\fR"
+See SSL_CTX_\fBset_options\fR(3)
+.br
+.IP "\fBNETSCAPE_REUSE_CIPHER_CHANGE_BUG\fR"
+also aliased
+as \fBCVE\-2010\-4180\fR. Postfix 2.8 disables this work\-around by
+default with OpenSSL versions that may predate the fix. Fixed in
+OpenSSL 0.9.8q and OpenSSL 1.0.0c.
+.br
 .IP "\fBSSLEAY_080_CLIENT_DH_BUG\fR"
 See
 SSL_CTX_\fBset_options\fR(3)
 .br
-.IP "\fBTLS_D5_BUG\fR"
-See SSL_CTX_\fBset_options\fR(3)
+.IP "\fBSSLREF2_REUSE_CERT_TYPE_BUG\fR"
+See
+SSL_CTX_\fBset_options\fR(3)
 .br
 .IP "\fBTLS_BLOCK_PADDING_BUG\fR"
 See SSL_CTX_\fBset_options\fR(3)
 .br
+.IP "\fBTLS_D5_BUG\fR"
+See SSL_CTX_\fBset_options\fR(3)
+.br
 .IP "\fBTLS_ROLLBACK_BUG\fR"
 See SSL_CTX_\fBset_options\fR(3).
 This is disabled in OpenSSL 0.9.7 and later. Nobody should still
 be using 0.9.6!
 .br
-.IP "\fBDONT_INSERT_EMPTY_FRAGMENTS\fR"
-See
-SSL_CTX_\fBset_options\fR(3)
-.br
-.IP "\fBCRYPTOPRO_TLSEXT_BUG\fR"
-New with GOST support in
-OpenSSL 1.0.0.
+.IP "\fBTLSEXT_PADDING\fR"
+Postfix >= 3.4. See SSL_CTX_\fBset_options\fR(3).
 .br
 .br
 .PP
@@ -12529,18 +12546,44 @@ in its value are enabled (see openssl/ssl.h and SSL_CTX_\fBset_options\fR(3)).
 You can only enable options not already controlled by other Postfix
 settings.  For example, you cannot disable protocols or enable
 server cipher preference.  Do not attempt to turn all features by
-specifying 0xFFFFFFFF, this is unlikely to be a good idea.
+specifying 0xFFFFFFFF, this is unlikely to be a good idea.  Some
+bug work\-arounds are also valid here, allowing them to be re\-enabled
+if/when they're no longer enabled by default.  The supported values
+include:
+.IP "\fBENABLE_MIDDLEBOX_COMPAT\fR"
+Postfix >= 3.4. See
+SSL_CTX_\fBset_options\fR(3).
+.br
 .IP "\fBLEGACY_SERVER_CONNECT\fR"
 See SSL_CTX_\fBset_options\fR(3).
 .br
 .IP "\fBNO_TICKET\fR"
-See SSL_CTX_\fBset_options\fR(3).
+Enabled by default when needed in
+fully\-patched Postfix >= 2.7.  Not needed at all for Postfix >=
+2.11, unless for some reason you do not want to support TLS session
+resumption.  Best not set explicitly.  See SSL_CTX_\fBset_options\fR(3).
 .br
 .IP "\fBNO_COMPRESSION\fR"
 Disable SSL compression even if
 supported by the OpenSSL library.  Compression is CPU\-intensive,
 and compression before encryption does not always improve security.
 .br
+.IP "\fBNO_RENEGOTIATION\fR"
+Postfix >= 3.4.  This can
+reduce opportunities for a potential CPU exhaustion attack.  See
+SSL_CTX_\fBset_options\fR(3).
+.br
+.IP "\fBNO_SESSION_RESUMPTION_ON_RENEGOTIATION\fR"
+Postfix
+>= 3.4. See SSL_CTX_\fBset_options\fR(3).
+.br
+.IP "\fBPRIORITIZE_CHACHA\fR"
+Postfix >= 3.4. See SSL_CTX_\fBset_options\fR(3).
+.br
+.IP "\fBTLSEXT_PADDING\fR"
+Postfix >= 3.4. See
+SSL_CTX_\fBset_options\fR(3).
+.br
 .br
 .PP
 This feature is available in Postfix 2.11 and later.
diff --git a/postfix/proto/TLS_README.html b/postfix/proto/TLS_README.html
index 8d291ea2d..6abff6264 100644
--- a/postfix/proto/TLS_README.html
+++ b/postfix/proto/TLS_README.html
@@ -923,12 +923,13 @@ handshake procedures.

With Postfix 2.8 and later, the tls_disable_workarounds parameter -specifies a list or bit-mask of OpenSSL bug work-arounds to disable. This -may be necessary if one of the work-arounds enabled by default in -OpenSSL proves to pose a security risk, or introduces an unexpected -interoperability issue. Some bug work-arounds known to be problematic -are disabled in the default value of the parameter when linked with -an OpenSSL library that could be vulnerable.

+specifies a list or bit-mask of default-enabled OpenSSL bug +work-arounds to disable. This may be necessary if one of the +work-arounds enabled by default in OpenSSL proves to pose a security +risk, or introduces an unexpected interoperability issue. The list +of enabled bug work-arounds is OpenSSL-release-specific. See the +tls_disable_workarounds parameter documentation for the list of +supported values.

Example:

@@ -946,19 +947,8 @@ more of the named options below, or a hexadecimal bitmask of options found in the ssl.h file corresponding to the run-time OpenSSL library. While it may be reasonable to turn off all bug workarounds (see above), it is not a good idea to attempt to turn on all features. -

- -
- -
LEGACY_SERVER_CONNECT
See SSL_CTX_set_options(3).
- -
NO_TICKET
See SSL_CTX_set_options(3).
- -
NO_COMPRESSION
Disable SSL compression even if -supported by the OpenSSL library. Compression is CPU-intensive, -and compression before encryption does not always improve security.
- -
+See the tls_ssl_options parameter documentation for the list of +supported values.

Example:

diff --git a/postfix/proto/postconf.proto b/postfix/proto/postconf.proto index 23f4f63e6..d3f6df65b 100644 --- a/postfix/proto/postconf.proto +++ b/postfix/proto/postconf.proto @@ -11191,8 +11191,10 @@ matches the underlying OpenSSL interface semantics.

The range of protocols advertised by an SSL/TLS client must be contiguous. When a protocol version is enabled, disabling any -higher version implicitly disables all versions above that higher -version. Thus, for example:

+higher version implicitly disables all versions above that higher version. +Thus, for example (assuming the OpenSSL library supports both SSLv2 +and SSLv3): +

 smtp_tls_mandatory_protocols = !SSLv2, !TLSv1
@@ -11209,6 +11211,9 @@ disabled except by also disabling "TLSv1" (typically leaving just
 versions of Postfix ≥ 2.10 can explicitly disable support for
 "TLSv1.1" or "TLSv1.2". 

 
+
 OpenSSL 1.1.1 introduces support for "TLSv1.3".  With Postfix ≥ 3.4,
+this can be disabled, if need be, via "!TLSv1.3". 

+
 
 At the dane and
 dane-only security
 levels, when usable TLSA records are obtained for the remote SMTP
@@ -11406,6 +11411,9 @@ disabled.  The latest patch levels of Postfix ≥ 2.6, and all
 versions of Postfix ≥ 2.10 can disable support for "TLSv1.1" or
 "TLSv1.2". 

 
+
 OpenSSL 1.1.1 introduces support for "TLSv1.3".  With Postfix ≥ 3.4,
+this can be disabled, if need be, via "!TLSv1.3". 

+
 
 Example: 

 
 
@@ -12547,11 +12555,13 @@ and "TLSv1". 

 
 
 The range of protocols advertised by an SSL/TLS client must be
 contiguous.  When a protocol version is enabled, disabling any
-higher version implicitly disables all versions above that higher
-version.  Thus, for example: 

+higher version implicitly disables all versions above that higher version.
+Thus, for example (assuming the OpenSSL library supports both SSLv2
+and SSLv3):
+

 

 
-smtp_tls_mandatory_protocols = !SSLv2, !TLSv1
+smtp_tls_protocols = !SSLv2, !TLSv1
 

 

 
 also disables any protocols version higher than TLSv1 leaving
@@ -12562,6 +12572,9 @@ and "TLSv1.2". The latest patch levels of Postfix ≥ 2.6, and all
 versions of Postfix ≥ 2.10 can explicitly disable support for
 "TLSv1.1" or "TLSv1.2"

 
+
 OpenSSL 1.1.1 introduces support for "TLSv1.3".  With Postfix ≥ 3.4,
+this can be disabled, if need be, via "!TLSv1.3". 

+
 
 To include a protocol list its name, to exclude it, prefix the name
 with a "!" character. To exclude SSLv2 for opportunistic TLS set
 "smtp_tls_protocols = !SSLv2". To exclude both "SSLv2" and "SSLv3" set
@@ -12594,6 +12607,9 @@ and "TLSv1.2". The latest patch levels of Postfix ≥ 2.6, and all
 versions of Postfix ≥ 2.10 can disable support for "TLSv1.1" or
 "TLSv1.2". 

 
+
 OpenSSL 1.1.1 introduces support for "TLSv1.3".  With Postfix ≥ 3.4,
+this can be disabled, if need be, via "!TLSv1.3". 

+
 
 To include a protocol list its name, to exclude it, prefix the name
 with a "!" character. To exclude SSLv2 for opportunistic TLS set
 "smtpd_tls_protocols = !SSLv2". To exclude both "SSLv2" and "SSLv3" set
@@ -14877,44 +14893,46 @@ you can only disable one of these via the hexadecimal syntax above. 

 
 

 
-
MICROSOFT_SESS_ID_BUG
 
See SSL_CTX_set_options(3)

+
CRYPTOPRO_TLSEXT_BUG
 
New with GOST support in
+OpenSSL 1.0.0.

 
-
NETSCAPE_CHALLENGE_BUG
 
See SSL_CTX_set_options(3)

+
DONT_INSERT_EMPTY_FRAGMENTS
 
See
+SSL_CTX_set_options(3)

 
 
LEGACY_SERVER_CONNECT
 
See SSL_CTX_set_options(3)

 
-
NETSCAPE_REUSE_CIPHER_CHANGE_BUG
 
 also aliased
-as CVE-2010-4180. Postfix 2.8 disables this work-around by
-default with OpenSSL versions that may predate the fix. Fixed in
-OpenSSL 0.9.8q and OpenSSL 1.0.0c.

-
-
SSLREF2_REUSE_CERT_TYPE_BUG
 
See
-SSL_CTX_set_options(3)

-
 
MICROSOFT_BIG_SSLV3_BUFFER
 
See
 SSL_CTX_set_options(3)

 
+
MICROSOFT_SESS_ID_BUG
 
See SSL_CTX_set_options(3)

+
 
MSIE_SSLV2_RSA_PADDING
 
 also aliased as
 CVE-2005-2969. Postfix 2.8 disables this work-around by
 default with OpenSSL versions that may predate the fix. Fixed in
 OpenSSL 0.9.7h and OpenSSL 0.9.8a.

 
+
NETSCAPE_CHALLENGE_BUG
 
See SSL_CTX_set_options(3)

+
+
NETSCAPE_REUSE_CIPHER_CHANGE_BUG
 
 also aliased
+as CVE-2010-4180. Postfix 2.8 disables this work-around by
+default with OpenSSL versions that may predate the fix. Fixed in
+OpenSSL 0.9.8q and OpenSSL 1.0.0c.

+
 
SSLEAY_080_CLIENT_DH_BUG
 
See
 SSL_CTX_set_options(3)

 
-
TLS_D5_BUG
 
See SSL_CTX_set_options(3)

+
SSLREF2_REUSE_CERT_TYPE_BUG
 
See
+SSL_CTX_set_options(3)

 
 
TLS_BLOCK_PADDING_BUG
 
See SSL_CTX_set_options(3)

 
+
TLS_D5_BUG
 
See SSL_CTX_set_options(3)

+
 
TLS_ROLLBACK_BUG
 
See SSL_CTX_set_options(3).
 This is disabled in OpenSSL 0.9.7 and later. Nobody should still
 be using 0.9.6! 

 
-
DONT_INSERT_EMPTY_FRAGMENTS
 
See
-SSL_CTX_set_options(3)

-
-
CRYPTOPRO_TLSEXT_BUG
 
New with GOST support in
-OpenSSL 1.0.0.

+
TLSEXT_PADDING
Postfix ≥ 3.4. See SSL_CTX_set_options(3).

 
 

 
@@ -15967,18 +15985,39 @@ in its value are enabled (see openssl/ssl.h and SSL_CTX_set_options(3)).
 You can only enable options not already controlled by other Postfix
 settings.  For example, you cannot disable protocols or enable
 server cipher preference.  Do not attempt to turn all features by
-specifying 0xFFFFFFFF, this is unlikely to be a good idea.  

+specifying 0xFFFFFFFF, this is unlikely to be a good idea.  Some
+bug work-arounds are also valid here, allowing them to be re-enabled
+if/when they're no longer enabled by default.  The supported values
+include: 

 
 

 
+
ENABLE_MIDDLEBOX_COMPAT
 
Postfix ≥ 3.4. See
+SSL_CTX_set_options(3).

+
 
LEGACY_SERVER_CONNECT
 
See SSL_CTX_set_options(3).

 
-
NO_TICKET
 
See SSL_CTX_set_options(3).

+
NO_TICKET
 
Enabled by default when needed in
+fully-patched Postfix ≥ 2.7.  Not needed at all for Postfix ≥
+2.11, unless for some reason you do not want to support TLS session
+resumption.  Best not set explicitly.  See SSL_CTX_set_options(3).

 
 
NO_COMPRESSION
 
Disable SSL compression even if
 supported by the OpenSSL library.  Compression is CPU-intensive,
 and compression before encryption does not always improve security.  

 
+
NO_RENEGOTIATION
 
Postfix ≥ 3.4.  This can
+reduce opportunities for a potential CPU exhaustion attack.  See
+SSL_CTX_set_options(3).

+
+
NO_SESSION_RESUMPTION_ON_RENEGOTIATION
 
Postfix
+≥ 3.4. See SSL_CTX_set_options(3).

+
+
PRIORITIZE_CHACHA
 
Postfix ≥ 3.4. See SSL_CTX_set_options(3).

+
+
TLSEXT_PADDING
 
Postfix ≥ 3.4. See
+SSL_CTX_set_options(3).

+
 

 
 
 This feature is available in Postfix 2.11 and later.  

diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h
index d3d039c40..9fc13088a 100644
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -20,8 +20,8 @@
   * Patches change both the patchlevel and the release date. Snapshots have no
   * patchlevel; they change the release date only.
   */
-#define MAIL_RELEASE_DATE	"20180519"
-#define MAIL_VERSION_NUMBER	"3.3.1"
+#define MAIL_RELEASE_DATE	"20181104"
+#define MAIL_VERSION_NUMBER	"3.3.2-RC1"
 
 #ifdef SNAPSHOT
 #define MAIL_VERSION_DATE	"-" MAIL_RELEASE_DATE
diff --git a/postfix/src/postconf/extract_cfg.sh b/postfix/src/postconf/extract_cfg.sh
index d2faf98ab..5901e9514 100644
--- a/postfix/src/postconf/extract_cfg.sh
+++ b/postfix/src/postconf/extract_cfg.sh
@@ -38,6 +38,9 @@
 #	New York, NY 10011, USA
 #--
 
+# In case not installed.
+m4