Cleanup: the last remaining remnants of the withdrawn
smtp_tls_fallback_level feature. Files: mantools/postlink,
global/mail_params.h.
+
+20141021
+
+ Per IETF TLS WG consensus, the tls_session_ticket_cipher
+ default setting was changed from aes-128-cbc to aes-256-cbc.
+ Take that, you quantum computer attackers! Viktor Dukhovni.
+ Files: proto/postconf.proto, global/mail_params.h.
+
+20141024
+
+ Cleanup: added $smtpd_mumble_restrictions to the proxy_read_maps
+ default setting. File: global/mail_params.h.
+
+ Documentation: different header/body checks for MX service
+ and SMTP submissions. File: proto/BUILTIN_FILTER_README.html.
+
+ Cleanup: don't send "bare" original recipient in SMTP DSN
+ attributes. File: cleanup/cleanup_addr.c.
+
+ Feature: smtp-sink -N option to suppress DSN announcement.
+ File: smtpstone/smtp-sink.c.
+
+20141025
+
+ Bugfix (introduced: Postfix 2,11): core dump when
+ smtp_policy_maps specifies an invalid TLS level. Viktor
+ Dukhovni. File: smtp/smtp_tls_policy.c.
+
+20141103
+
+ Logging: when a connection is closed, log the request counts
+ for unimplemented STARTTLS or AUTH commands separately,
+ instead of logging such commands as "unknown". File:
+ smtpd/smtpd.c.
+
+20141106
+
+ Cleanup: set errno to ETIMEDOUT after postscreen handshake
+ timeout event, so that warnings report the correct error.
+ File: tlsproxy/tlsproxy.c.
* Limitations of Postfix header/body checks
* Preventing daily mail status reports from being blocked
* Configuring header/body checks for mail from outside users only
+ * Configuring different header/body checks for MX service and submission
+ service
* Configuring header/body checks for mail to some domains only
W\bWh\bha\bat\bt m\bma\bai\bil\bl i\bis\bs s\bsu\bub\bbj\bje\bec\bct\bte\bed\bd t\bto\bo h\bhe\bea\bad\bde\ber\br/\b/b\bbo\bod\bdy\by c\bch\bhe\bec\bck\bks\bs
so many different sources. Instead, header/body checks are requested by the
source. Examples of how to turn off header/body checks for mail received with
smtpd(8), qmqpd(8) or pickup(8) are given below under "Configuring header/body
-checks for mail from outside users only" and "Configuring header/body checks
-for mail to some domains only".
+checks for mail from outside users only", "Configuring different header/body
+checks for MX service and submission service", and "Configuring header/body
+checks for mail to some domains only".
L\bLi\bim\bmi\bit\bta\bat\bti\bio\bon\bns\bs o\bof\bf P\bPo\bos\bst\btf\bfi\bix\bx h\bhe\bea\bad\bde\ber\br/\b/b\bbo\bod\bdy\by c\bch\bhe\bec\bck\bks\bs
# =================================================================
1.2.3.5:smtp inet n - n - - smtpd
+C\bCo\bon\bnf\bfi\big\bgu\bur\bri\bin\bng\bg d\bdi\bif\bff\bfe\ber\bre\ben\bnt\bt h\bhe\bea\bad\bde\ber\br/\b/b\bbo\bod\bdy\by c\bch\bhe\bec\bck\bks\bs f\bfo\bor\br M\bMX\bX s\bse\ber\brv\bvi\bic\bce\be a\ban\bnd\bd s\bsu\bub\bbm\bmi\bis\bss\bsi\bio\bon\bn s\bse\ber\brv\bvi\bic\bce\be
+
+If authorized user submissions require different header/body checks than mail
+from remote MTAs, then this is possible as long as you have separate mail
+streams for authorized users and for MX service.
+
+The example below assumes that authorized users connect to TCP port 587
+(submission) or 465 (smtps), and that remote MTAs connect to TCP port 25
+(smtp).
+
+First, we define a few "user-defined" parameters that will override settings
+for the submission and smtps services.
+
+ /etc/postfix/main.cf:
+ mua_cleanup_service_name = mua_cleanup
+ mua_header_checks = pcre:/etc/postfix/mua_header_checks
+ mua_body_checks = pcre:/etc/postfix/mua_body_checks
+
+Next, we define mua_cleanup as a dedicated cleanup service that will be used
+only by the submission and smtps services. This service uses the header_checks
+and body_checks overrides that were defined above.
+
+ /etc/postfix.master.cf:
+ # =================================================================
+ # service type private unpriv chroot wakeup maxproc command
+ # (yes) (yes) (yes) (never) (100)
+ # =================================================================
+ smtp inet n - n - - smtpd
+ mua_cleanup unix n - n - 0 cleanup
+ -o header_checks=$mua_header_checks
+ -o body_checks=$mua_body_checks
+ submission inet n - n - - smtpd
+ -o cleanup_service_name=$mua_cleanup_service_name
+ -o syslog_name=postfix/submission
+ ...[see sample master.cf file for more]...
+ smtps inet n - n - - smtpd
+ -o cleanup_service_name=$mua_cleanup_service_name
+ -o syslog_name=postfix/smtps
+ -o smtpd_tls_wrappermode=yes
+ ...[see sample master.cf file for more]...
+
+By keeping the "mua_xxx" parameter settings in main.cf, you keep your master.cf
+file simple, and you minimize the amount of duplication.
+
C\bCo\bon\bnf\bfi\big\bgu\bur\bri\bin\bng\bg h\bhe\bea\bad\bde\ber\br/\b/b\bbo\bod\bdy\by c\bch\bhe\bec\bck\bks\bs f\bfo\bor\br m\bma\bai\bil\bl t\bto\bo s\bso\bom\bme\be d\bdo\bom\bma\bai\bin\bns\bs o\bon\bnl\bly\by
The following information applies to Postfix 2.1. Earlier Postfix versions do
Update smtputf8_enable in postconf(5)
+ Clobber ORCPT when sender is owner-mumble?
+
Add milter_mumble_macros to the list of per-macro features.
The pickup daemon logs warnings only when the cleanup daemon
lookups for the invidual addresses, converting back and
forth between external and internal forms.
- Include <3htPpS5B6bzbcpM@spike.porcupine.org> example with
- filter policies for different mail streams. Correction:
- filter should be content_filter. Posted Wed, 10 Sep 2014
- 09:53:52 -0400 (EDT).
-
Clarify that receive_override_options have no effect with
smtpd_proxy_filter.
comparison specifically for UTF-8. Use libicu functions
instead.
- The postfix-mumble@postfix.org list manager sends list mail
- with ORCPT=rfc822;postfix-mumble-outgoing. The local
- delivery agent drops the ORCPT when the alias has an
- owner-alias, so what is going on here?
-
When downgrading message/global to 7bit, is quoted-printable
the appropriate encoding? Should it be base64?
Should we encode headers with RFC 2047, when that is the
only reason that Postfix cannot deliver to a non-UTF8SMTP
- server?
+ server? Probably not in the general case. What about
+ Postfix as a gateway server that converts UTF8SMTP
+ for delivery to non-UTF8SMTP environments?
Document and test restriction_classes example for
smtpd_policy_service_default_action.
whitelisting database before the primary MX connection is
closed, because a client may still make a mistake.
- Simplify postscreen logic. Individual "fail" flags help to
- avoid repeated testing/logging the same mistake. Individual
- "pass" flags provide evidence that the client didn't skip
- tests by hanging up early. The current global "noforward"
- flag implements the wrong model: instead we need an indicator
- that a client has passed all tests or that all mistakes
- were forgiven.
-
In the SMTP server, check if the connection is closed before
replying to ".", and discard the message if the reply can't
be sent. This reduces the time window for RFC 1047 message
<li><a href="#remote_only">Configuring header/body checks for mail from outside users only</a>
+<li><a href="#mx_submission">Configuring different header/body checks for MX service and submission service</a>
+
<li><a href="#domain_except">Configuring header/body checks for mail to some domains only</a>
</ul>
to turn off header/body checks for mail received with <a href="smtpd.8.html">smtpd(8)</a>,
<a href="qmqpd.8.html">qmqpd(8)</a> or <a href="pickup.8.html">pickup(8)</a> are given below under "<a
href="#remote_only">Configuring header/body checks for mail from
-outside users only</a>" and "<a href="#domain_except">Configuring
+outside users only</a>", "<a href="#mx_submission">Configuring
+different header/body checks for MX service and submission
+service</a>", and "<a href="#domain_except">Configuring
header/body checks for mail to some domains only</a>". </p>
<h2><a name="limitations">Limitations of Postfix header/body checks </a></h2>
</ul>
+<h2><a name="mx_submission">Configuring different header/body checks for MX service and submission service</a></h2>
+
+<p> If authorized user submissions require different header/body
+checks than mail from remote MTAs, then this is possible as long
+as you have separate mail streams for authorized users and for MX
+service. </p>
+
+<p> The example below assumes that authorized users connect to TCP
+port 587 (submission) or 465 (smtps), and that remote MTAs connect
+to TCP port 25 (smtp). </p>
+
+<p> First, we define a few "user-defined" parameters that will
+override settings for the submission and smtps services. </p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+ mua_cleanup_service_name = mua_cleanup
+ mua_header_checks = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/mua_header_checks
+ mua_body_checks = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/mua_body_checks
+</pre>
+</blockquote>
+
+<p> Next, we define mua_cleanup as a dedicated cleanup service that
+will be used only by the submission and smtps services. This service
+uses the <a href="postconf.5.html#header_checks">header_checks</a> and <a href="postconf.5.html#body_checks">body_checks</a> overrides that were defined
+above. </p>
+
+<blockquote>
+<pre>
+/etc/postfix.<a href="master.5.html">master.cf</a>:
+ # =================================================================
+ # service type private unpriv chroot wakeup maxproc command
+ # (yes) (yes) (yes) (never) (100)
+ # =================================================================
+ smtp inet n - n - - smtpd
+ mua_cleanup unix n - n - 0 cleanup
+ -o <a href="postconf.5.html#header_checks">header_checks</a>=$mua_header_checks
+ -o <a href="postconf.5.html#body_checks">body_checks</a>=$mua_body_checks
+ submission inet n - n - - smtpd
+ -o <a href="postconf.5.html#cleanup_service_name">cleanup_service_name</a>=$mua_cleanup_service_name
+ -o <a href="postconf.5.html#syslog_name">syslog_name</a>=postfix/submission
+ <i>...[see sample <a href="master.5.html">master.cf</a> file for more]...</i>
+ smtps inet n - n - - smtpd
+ -o <a href="postconf.5.html#cleanup_service_name">cleanup_service_name</a>=$mua_cleanup_service_name
+ -o <a href="postconf.5.html#syslog_name">syslog_name</a>=postfix/smtps
+ -o <a href="postconf.5.html#smtpd_tls_wrappermode">smtpd_tls_wrappermode</a>=yes
+ <i>...[see sample <a href="master.5.html">master.cf</a> file for more]...</i>
+</pre>
+</blockquote>
+
+<p> By keeping the "mua_xxx" parameter settings in <a href="postconf.5.html">main.cf</a>, you
+keep your <a href="master.5.html">master.cf</a> file simple, and you minimize the amount
+of duplication. </p>
+
<h2><a name="domain_except">Configuring header/body checks for mail to some domains only</a></h2>
<p> The following information applies to Postfix 2.1. Earlier
</DD>
<DT><b><a name="tls_session_ticket_cipher">tls_session_ticket_cipher</a>
-(default: aes-128-cbc)</b></DT><DD>
+(default: Postfix ≥ 2.12: aes-256-cbc, postfix < 2.12: aes-128-cbc)</b></DT><DD>
<p> Algorithm used to encrypt <a href="http://tools.ietf.org/html/rfc5077">RFC5077</a> TLS session tickets. This
-algorithm must use CBC mode, have a 128-bit initialization vector
-(IV), and must have a key length between 128 and 256 bits. The
-default is aes-128-cbc. Sensible alternatives include aes-192-cbc
-and aes-256-cbc. </p>
+algorithm must use CBC mode, have a 128-bit block size, and must
+have a key length between 128 and 256 bits. The default is
+aes-256-cbc. Overriding the default to choose a different algorithm
+is discouraged. </p>
<p> Setting this parameter empty disables session ticket support
in the Postfix SMTP server. Another way to disable session ticket
<b>-n</b> <i>count</i>
Terminate after <i>count</i> sessions.
+ <b>-N</b> Do not announce support for DSN.
+
<b>-p</b> Do not announce support for ESMTP command pipelining.
<b>-P</b> Change the server greeting so that it appears to come through a
Available in Postfix version 2.12 and later:
- <b><a href="postconf.5.html#tls_session_ticket_cipher">tls_session_ticket_cipher</a> (aes-128-cbc)</b>
+ <b><a href="postconf.5.html#tls_session_ticket_cipher">tls_session_ticket_cipher</a> (Postfix</b> &<b>ge; 2.12: aes-256-cbc, postfix</b> &<b>lt</b>
+ <b>2.12: aes-128-cbc)</b>
Algorithm used to encrypt <a href="http://tools.ietf.org/html/rfc5077">RFC5077</a> TLS session tickets.
<b>OBSOLETE STARTTLS CONTROLS</b>
Terminate after receiving \fIcount\fR messages.
.IP "\fB-n \fIcount\fR"
Terminate after \fIcount\fR sessions.
+.IP \fB-N\fR
+Do not announce support for DSN.
.IP \fB-p\fR
Do not announce support for ESMTP command pipelining.
.IP \fB-P\fR
gives timeout errors.
.PP
This feature is available in Postfix 2.2 and later.
-.SH tls_session_ticket_cipher (default: aes-128-cbc)
+.SH tls_session_ticket_cipher (default: Postfix >= 2.12: aes-256-cbc, postfix < 2.12: aes-128-cbc)
Algorithm used to encrypt RFC5077 TLS session tickets. This
-algorithm must use CBC mode, have a 128-bit initialization vector
-(IV), and must have a key length between 128 and 256 bits. The
-default is aes-128-cbc. Sensible alternatives include aes-192-cbc
-and aes-256-cbc.
+algorithm must use CBC mode, have a 128-bit block size, and must
+have a key length between 128 and 256 bits. The default is
+aes-256-cbc. Overriding the default to choose a different algorithm
+is discouraged.
.PP
Setting this parameter empty disables session ticket support
in the Postfix SMTP server. Another way to disable session ticket
The name of the \fBtlsmgr\fR(8) service entry in master.cf.
.PP
Available in Postfix version 2.12 and later:
-.IP "\fBtls_session_ticket_cipher (aes-128-cbc)\fR"
+.IP "\fBtls_session_ticket_cipher (Postfix ≥ 2.12: aes-256-cbc, postfix < 2.12: aes-128-cbc)\fR"
Algorithm used to encrypt RFC5077 TLS session tickets.
.SH "OBSOLETE STARTTLS CONTROLS"
.na
<li><a href="#remote_only">Configuring header/body checks for mail from outside users only</a>
+<li><a href="#mx_submission">Configuring different header/body checks for MX service and submission service</a>
+
<li><a href="#domain_except">Configuring header/body checks for mail to some domains only</a>
</ul>
to turn off header/body checks for mail received with smtpd(8),
qmqpd(8) or pickup(8) are given below under "<a
href="#remote_only">Configuring header/body checks for mail from
-outside users only</a>" and "<a href="#domain_except">Configuring
+outside users only</a>", "<a href="#mx_submission">Configuring
+different header/body checks for MX service and submission
+service</a>", and "<a href="#domain_except">Configuring
header/body checks for mail to some domains only</a>". </p>
<h2><a name="limitations">Limitations of Postfix header/body checks </a></h2>
</ul>
+<h2><a name="mx_submission">Configuring different header/body checks for MX service and submission service</a></h2>
+
+<p> If authorized user submissions require different header/body
+checks than mail from remote MTAs, then this is possible as long
+as you have separate mail streams for authorized users and for MX
+service. </p>
+
+<p> The example below assumes that authorized users connect to TCP
+port 587 (submission) or 465 (smtps), and that remote MTAs connect
+to TCP port 25 (smtp). </p>
+
+<p> First, we define a few "user-defined" parameters that will
+override settings for the submission and smtps services. </p>
+
+<blockquote>
+<pre>
+/etc/postfix/main.cf:
+ mua_cleanup_service_name = mua_cleanup
+ mua_header_checks = pcre:/etc/postfix/mua_header_checks
+ mua_body_checks = pcre:/etc/postfix/mua_body_checks
+</pre>
+</blockquote>
+
+<p> Next, we define mua_cleanup as a dedicated cleanup service that
+will be used only by the submission and smtps services. This service
+uses the header_checks and body_checks overrides that were defined
+above. </p>
+
+<blockquote>
+<pre>
+/etc/postfix.master.cf:
+ # =================================================================
+ # service type private unpriv chroot wakeup maxproc command
+ # (yes) (yes) (yes) (never) (100)
+ # =================================================================
+ smtp inet n - n - - smtpd
+ mua_cleanup unix n - n - 0 cleanup
+ -o header_checks=$mua_header_checks
+ -o body_checks=$mua_body_checks
+ submission inet n - n - - smtpd
+ -o cleanup_service_name=$mua_cleanup_service_name
+ -o syslog_name=postfix/submission
+ <i>...[see sample master.cf file for more]...</i>
+ smtps inet n - n - - smtpd
+ -o cleanup_service_name=$mua_cleanup_service_name
+ -o syslog_name=postfix/smtps
+ -o smtpd_tls_wrappermode=yes
+ <i>...[see sample master.cf file for more]...</i>
+</pre>
+</blockquote>
+
+<p> By keeping the "mua_xxx" parameter settings in main.cf, you
+keep your master.cf file simple, and you minimize the amount
+of duplication. </p>
+
<h2><a name="domain_except">Configuring header/body checks for mail to some domains only</a></h2>
<p> The following information applies to Postfix 2.1. Earlier
<p> This feature is available in Postfix 2.11 and later. </p>
-%PARAM tls_session_ticket_cipher aes-128-cbc
+%PARAM tls_session_ticket_cipher Postfix ≥ 2.12: aes-256-cbc, postfix < 2.12: aes-128-cbc
<p> Algorithm used to encrypt RFC5077 TLS session tickets. This
-algorithm must use CBC mode, have a 128-bit initialization vector
-(IV), and must have a key length between 128 and 256 bits. The
-default is aes-128-cbc. Sensible alternatives include aes-192-cbc
-and aes-256-cbc. </p>
+algorithm must use CBC mode, have a 128-bit block size, and must
+have a key length between 128 and 256 bits. The default is
+aes-256-cbc. Overriding the default to choose a different algorithm
+is discouraged. </p>
<p> Setting this parameter empty disables session ticket support
in the Postfix SMTP server. Another way to disable session ticket
if (state->flags & CLEANUP_FLAG_AUTOUTF8)
state->smtputf8 |= SMTPUTF8_FLAG_REQUESTED;
}
+ /* Fix 20141024: Don't fake up a "bare" DSN original rcpt in smtp(8). */
+ if (state->dsn_orcpt == 0 && *STR(clean_addr) != 0)
+ state->dsn_orcpt = concatenate((!allascii(STR(clean_addr))
+ && (state->smtputf8 & SMTPUTF8_FLAG_REQUESTED)) ?
+ "utf-8" : "rfc822", ";", STR(clean_addr), (char *) 0);
cleanup_out_recipient(state, state->dsn_orcpt, state->dsn_notify,
state->orig_rcpt, STR(clean_addr));
if (state->recip) /* This can happen */
" $" VAR_RCPT_BCC_MAPS \
" $" VAR_SMTP_GENERIC_MAPS \
" $" VAR_LMTP_GENERIC_MAPS \
- " $" VAR_ALIAS_MAPS
+ " $" VAR_ALIAS_MAPS \
+ " $" VAR_CLIENT_CHECKS \
+ " $" VAR_HELO_CHECKS \
+ " $" VAR_MAIL_CHECKS \
+ " $" VAR_RELAY_CHECKS \
+ " $" VAR_RCPT_CHECKS
extern char *var_proxy_read_maps;
#define VAR_PROXY_WRITE_MAPS "proxy_write_maps"
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20141020"
+#define MAIL_RELEASE_DATE "20141106"
#define MAIL_VERSION_NUMBER "2.12"
#ifdef SNAPSHOT
switch (site_level) {
default:
tls->level = site_level;
+ /* FALLTHROUGH */
case TLS_LEV_NOTFOUND:
break;
case TLS_LEV_INVALID:
+ tls->level = site_level;
return ((void *) tls);
}
/* The name of the \fBtlsmgr\fR(8) service entry in master.cf.
/* .PP
/* Available in Postfix version 2.12 and later:
-/* .IP "\fBtls_session_ticket_cipher (aes-128-cbc)\fR"
+/* .IP "\fBtls_session_ticket_cipher (Postfix ≥ 2.12: aes-256-cbc, postfix < 2.12: aes-128-cbc)\fR"
/* Algorithm used to encrypt RFC5077 TLS session tickets.
/* OBSOLETE STARTTLS CONTROLS
/* .ad
#endif
+/* unimpl_cmd - dummy for functionality that is not compiled in */
+
+static int unimpl_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *unused_argv)
+{
+
+ /*
+ * When a connection is closed we want to log the request counts for
+ * unimplemented STARTTLS or AUTH commands separately, instead of logging
+ * those commands as "unknown". By handling unimplemented commands with
+ * this dummy function, we avoid messing up the command processing loop.
+ */
+ state->error_mask |= MAIL_ERROR_PROTOCOL;
+ smtpd_chat_reply(state, "502 5.5.1 Error: command not implemented");
+ return (-1);
+}
+
/*
* The table of all SMTP commands that we know. Set the junk limit flag on
* any command that can be repeated an arbitrary number of times without
{SMTPD_CMD_XFORWARD, xforward_cmd,},
#ifdef USE_TLS
{SMTPD_CMD_STARTTLS, starttls_cmd, SMTPD_CMD_FLAG_PRE_TLS,},
+#else
+ {SMTPD_CMD_STARTTLS, unimpl_cmd, SMTPD_CMD_FLAG_PRE_TLS,},
#endif
#ifdef USE_SASL_AUTH
{SMTPD_CMD_AUTH, smtpd_sasl_auth_cmd,},
+#else
+ {SMTPD_CMD_AUTH, unimpl_cmd,},
#endif
{SMTPD_CMD_MAIL, mail_cmd,},
{SMTPD_CMD_RCPT, rcpt_cmd,},
/* Terminate after receiving \fIcount\fR messages.
/* .IP "\fB-n \fIcount\fR"
/* Terminate after \fIcount\fR sessions.
+/* .IP \fB-N\fR
+/* Do not announce support for DSN.
/* .IP \fB-p\fR
/* Do not announce support for ESMTP command pipelining.
/* .IP \fB-P\fR
static int disable_xclient;
static int disable_xforward;
static int disable_enh_status;
+static int disable_dsn;
static int max_client_count = DEF_MAX_CLIENT_COUNT;
static int client_count;
static int sock;
smtp_printf(state->stream, "250-XFORWARD NAME ADDR PROTO HELO");
if (!disable_enh_status)
smtp_printf(state->stream, "250-ENHANCEDSTATUSCODES");
+ if (!disable_dsn)
+ smtp_printf(state->stream, "250-DSN");
/* RFC 821/2821/5321: Format is replycode<SPACE>optional-text<CRLF> */
smtp_printf(state->stream, "250 ");
SMTP_FLUSH(state->stream);
/*
* Parse JCL.
*/
- while ((ch = GETOPT(argc, argv, "468aA:b:B:cCd:D:eEf:Fh:Ln:m:M:pPq:Q:r:R:s:S:t:T:u:vw:W:")) > 0) {
+ while ((ch = GETOPT(argc, argv, "468aA:b:B:cCd:D:eEf:Fh:Ln:m:M:NpPq:Q:r:R:s:S:t:T:u:vw:W:")) > 0) {
switch (ch) {
case '4':
protocols = INET_PROTO_NAME_IPV4;
if ((max_quit_count = atoi(optarg)) <= 0)
msg_fatal("bad quit count: %s", optarg);
break;
+ case 'N':
+ disable_dsn = 1;
+ break;
case 'p':
disable_pipelining = 1;
break;
* System library.
*/
#include <sys_defs.h>
+#include <errno.h>
/*
* Utility library.
event_disable_readwrite(plaintext_fd);
if (event != EVENT_TIME)
event_cancel_timer(tlsp_get_fd_event, (char *) state);
+ else
+ errno = ETIMEDOUT;
/*
* Initialize plaintext-related session state. Once we have this behind
*/
if (event != EVENT_TIME)
event_cancel_timer(tlsp_get_request_event, (char *) state);
+ else
+ errno = ETIMEDOUT;
/*
* We must send some data, after receiving the request attributes and
projects / thirdparty / postfix.git / commitdiff
