Merge ~lucaskanashiro/ubuntu/+source/postfix:update-to-version-3.4.13 into ubuntu/+source/postfix:ubuntu/focal-devel
- Git
- lp:~lucaskanashiro/ubuntu/+source/postfix
- update-to-version-3.4.13
- Merge into ubuntu/focal-devel
Status: | Merged | ||||||||
---|---|---|---|---|---|---|---|---|---|
Approved by: | Lucas Kanashiro | ||||||||
Approved revision: | ab70326dd83b3b987da93d56336590332eedde79 | ||||||||
Merged at revision: | ab70326dd83b3b987da93d56336590332eedde79 | ||||||||
Proposed branch: | ~lucaskanashiro/ubuntu/+source/postfix:update-to-version-3.4.13 | ||||||||
Merge into: | ubuntu/+source/postfix:ubuntu/focal-devel | ||||||||
Diff against target: |
775 lines (+241/-87) 31 files modified
HISTORY (+81/-0) Makefile.in (+1/-1) README_FILES/MAILLOG_README (+1/-1) RELEASE_NOTES (+8/-0) conf/postfix-tls-script (+1/-1) debian/changelog (+12/-0) debian/patches/series (+0/-1) dev/null (+0/-51) html/MAILLOG_README.html (+1/-1) html/postconf.5.html (+1/-1) html/postfix.1.html (+1/-1) makedefs (+14/-1) man/man1/postfix.1 (+1/-1) man/man5/postconf.5 (+1/-1) proto/MAILLOG_README.html (+1/-1) proto/postconf.proto (+1/-1) src/dns/dns.h (+4/-0) src/dns/dns_lookup.c (+5/-2) src/dns/dns_str_resflags.c (+6/-0) src/global/mail_params.c (+2/-0) src/global/mail_params.h (+1/-1) src/global/mail_version.h (+2/-2) src/milter/milter.c (+5/-5) src/postfix/postfix.c (+1/-1) src/smtpd/smtpd_check.c (+8/-8) src/tls/tls_bio_ops.c (+7/-0) src/tls/tls_misc.c (+21/-0) src/tls/tls_session.c (+1/-1) src/tlsproxy/tlsproxy.c (+26/-4) src/util/midna_domain.c (+26/-0) src/util/midna_domain.h (+1/-0) |
||||||||
Related bugs: |
|
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Christian Ehrhardt (community) | Approve | ||
Canonical Server | Pending | ||
Review via email: mp+386118@code.launchpad.net |
Commit message
Description of the change
Import microrelease version 3.4.13 to Focal. It will fix LP #1868955 and #1881196.
Here is a PPA with the proposed package:
https:/
autopkgtest is still happy:
autopkgtest [14:47:23]: @@@@@@@
postfix PASS
Lucas Kanashiro (lucaskanashiro) wrote : | # |
Thanks Christian! I updated the bugs description and already uploaded the package:
$ git push pkg upload/
Enumerating objects: 104, done.
Counting objects: 100% (104/104), done.
Delta compression using up to 8 threads
Compressing objects: 100% (47/47), done.
Writing objects: 100% (56/56), 8.29 KiB | 530.00 KiB/s, done.
Total 56 (delta 52), reused 9 (delta 9)
remote: Checking connectivity: 56, done.
To ssh://git.
* [new tag] upload/
$ dput ubuntu ../postfix_
Checking signature on .changes
gpg: ../postfix_
Checking signature on .dsc
gpg: ../postfix_
Uploading to ubuntu (via ftp to upload.ubuntu.com):
Uploading postfix_
Uploading postfix_
Uploading postfix_
Uploading postfix_
Uploading postfix_
Successfully uploaded packages.
Preview Diff
1 | diff --git a/HISTORY b/HISTORY |
2 | index 1ebf42a..fe15290 100644 |
3 | --- a/HISTORY |
4 | +++ b/HISTORY |
5 | @@ -24346,3 +24346,84 @@ Apologies for any names omitted. |
6 | multi-Milter configuration during MAIL FROM. Milter client |
7 | state was not properly reset after one of the Milters failed. |
8 | Reported by WeiYu Wu. |
9 | + |
10 | +20200416 |
11 | + |
12 | + Workaround for broken builds after an incompatible change |
13 | + in GCC 10. Files: makedefs, Makefile.in. |
14 | + |
15 | + Workaround for broken DANE support after an incompatible |
16 | + change in GLIBC 2.31. This avoids the need for new options |
17 | + in /etc/resolv.conf. Files: dns/dns.h, dns/dns_lookup.c. |
18 | + |
19 | +20200419 |
20 | + |
21 | + Bugfix: segfault in the tlsproxy client role when the server |
22 | + role was disabled. This typically happens on systems that |
23 | + do not receive mail, after configuring connection reuse for |
24 | + outbound TLS. Found during program maintenance. File: |
25 | + tlsproxy/tlsproxy.c. |
26 | + |
27 | +20200420 |
28 | + |
29 | + Noise suppression: shut up a compiler that special-cases |
30 | + string literals. Viktor Dukhovni. File milter/milter.c. |
31 | + |
32 | +20200422 |
33 | + |
34 | + Security: disable DANE support on Alpine Linux because |
35 | + libc-musl provides no indication whether DNS responses are |
36 | + authentic. This broke DANE support without a clear explanation. |
37 | + File: makedefs. |
38 | + |
39 | +20200505 |
40 | + |
41 | + Noise suppression: shut up a compiler that special-cases |
42 | + string literals. Viktor Dukhovni. File smtpd/smtpd_check.c. |
43 | + |
44 | +20200509 |
45 | + |
46 | + Bugfix (introduced: Postfix 3.5): maillog_file_rotate_suffix |
47 | + default value used the minute instead of the month. Reported |
48 | + by Larry Stone. Files: conf/postfix-tls-script, |
49 | + proto/MAILLOG_README.html, proto/postconf.proto. |
50 | + global/mail_params.h, postfix/postfix.c. |
51 | + |
52 | +20200510 |
53 | + |
54 | + Bitrot: avoid U_FILE_ACCESS_ERROR after chroot(), by |
55 | + initializing the ICU library before making the chroot() |
56 | + call. Files: util/midna_domain.[hc], global/mail_params.c. |
57 | + |
58 | +20200511 |
59 | + |
60 | + Noise suppression: avoid "SSL_Shutdown:shutdown while in |
61 | + init" warnings. File: tls/tls_session.c. |
62 | + |
63 | +20200515 |
64 | + |
65 | + Bugfix (introduced: Postfix 2.2): a TLS error for a PostgreSQL |
66 | + client caused a false 'lost connection' error for an SMTP |
67 | + over TLS session in the same Postfix process. Reported by |
68 | + Alexander Vasarab, diagnosed by Viktor Dukhovni. File: |
69 | + tls/tls_bio_ops.c. |
70 | + |
71 | + Bugfix (introduced: Postfix 2.8): a TLS error for one TLS |
72 | + session may cause a false 'lost connection' error for a |
73 | + concurrent TLS session in the same tlsproxy process. File: |
74 | + tlsproxy/tlsproxy.c. |
75 | + |
76 | +20200530 |
77 | + |
78 | + Bugfix (introduced: Postfix 3.1): "postfix tls deploy-server-cert" |
79 | + did not handle a missing optional argument. File: |
80 | + conf/postfix-tls-script. |
81 | + |
82 | +20200610 |
83 | + |
84 | + Bugfix (introduced: Postfix 3.4): in the Postfix SMTP server, |
85 | + the SNI callback reported an error when it was called a |
86 | + second time. This happened after the server-side TLS engine |
87 | + sent a TLSv1.3 HelloRetryRequest (HRR) to a remote SMTP |
88 | + client. Reported by Ján Máté, fixed by Viktor Dukhovni. |
89 | + File: tls/tls_misc.c. |
90 | diff --git a/Makefile.in b/Makefile.in |
91 | index fa12b04..aaab94d 100644 |
92 | --- a/Makefile.in |
93 | +++ b/Makefile.in |
94 | @@ -1,5 +1,5 @@ |
95 | SHELL = /bin/sh |
96 | -WARN = -Wmissing-prototypes -Wformat -Wno-comment |
97 | +WARN = -Wmissing-prototypes -Wformat -Wno-comment -fcommon |
98 | OPTS = 'WARN=$(WARN)' |
99 | DIRS = src/util src/global src/dns src/tls src/xsasl src/master src/milter \ |
100 | src/postfix src/fsstone src/smtpstone \ |
101 | diff --git a/README_FILES/MAILLOG_README b/README_FILES/MAILLOG_README |
102 | index 5184425..cc8b097 100644 |
103 | --- a/README_FILES/MAILLOG_README |
104 | +++ b/README_FILES/MAILLOG_README |
105 | @@ -64,7 +64,7 @@ implements the following steps: |
106 | |
107 | * Rename the current logfile by appending a suffix that contains the date and |
108 | time. This suffix is configured with the maillog_file_rotate_suffix |
109 | - parameter (default: %Y%M%d-%H%M%S). |
110 | + parameter (default: %Y%m%d-%H%M%S). |
111 | |
112 | * Reload Postfix so that postlogd(8) immediately closes the old logfile. |
113 | |
114 | diff --git a/RELEASE_NOTES b/RELEASE_NOTES |
115 | index 63e8e5a..c981244 100644 |
116 | --- a/RELEASE_NOTES |
117 | +++ b/RELEASE_NOTES |
118 | @@ -16,6 +16,14 @@ specifies the release date of a stable release or snapshot release. |
119 | If you upgrade from Postfix 3.2 or earlier, read RELEASE_NOTES-3.3 |
120 | before proceeding. |
121 | |
122 | +libc-musl workaround for Postfix 3.2.15, 3.3.10, 3.4.12, and 3.5.2 |
123 | +------------------------------------------------------------------ |
124 | + |
125 | +Security: this release disables DANE support on Linux systems with |
126 | +libc-musl, because libc-musl provides no indication whether DNS |
127 | +responses are authentic. This broke DANE support without a clear |
128 | +explanation. |
129 | + |
130 | TLS Workaround for Postfix 3.4.6, 3.3.5, 3.2.10 and 3.1.13 |
131 | ----------------------------------------------------------- |
132 | |
133 | diff --git a/conf/postfix-tls-script b/conf/postfix-tls-script |
134 | index 2c3430a..1a364b7 100644 |
135 | --- a/conf/postfix-tls-script |
136 | +++ b/conf/postfix-tls-script |
137 | @@ -777,7 +777,7 @@ get_cache_db_type() { |
138 | deploy_server_cert() { |
139 | certfile=$1; shift |
140 | keyfile=$1; shift |
141 | - deploy=$1; shift |
142 | + case $# in 0) deploy=;; *) deploy=$1; shift;; esac |
143 | |
144 | # Sets key_algo, key_param and cert_param |
145 | check_key "$keyfile" || return 1 |
146 | diff --git a/debian/changelog b/debian/changelog |
147 | index 86e71a2..ad23036 100644 |
148 | --- a/debian/changelog |
149 | +++ b/debian/changelog |
150 | @@ -1,3 +1,15 @@ |
151 | +postfix (3.4.13-0ubuntu1) focal; urgency=medium |
152 | + |
153 | + * New upstream release: 3.4.13 |
154 | + - Workaround for broken DANE support after an incompatible change in |
155 | + GLIBC 2.31 (LP: #1868955) |
156 | + - Fix "postfix tls deploy-server-cert", now it handles a missing optional |
157 | + argument (LP: #1881196) |
158 | + * Drop patch 80_glibc2.30-ftbfs.diff. This patch is not needed anymore and |
159 | + it does not cleanly apply to this new upstream release. |
160 | + |
161 | + -- Lucas Kanashiro <kanashiro@ubuntu.com> Fri, 19 Jun 2020 14:11:03 -0300 |
162 | + |
163 | postfix (3.4.10-1ubuntu1) focal; urgency=medium |
164 | |
165 | * d/configure-instance.sh: fix typo in tls_CApath copying (LP: #1872288) |
166 | diff --git a/debian/patches/80_glibc2.30-ftbfs.diff b/debian/patches/80_glibc2.30-ftbfs.diff |
167 | deleted file mode 100644 |
168 | index c36baf0..0000000 |
169 | --- a/debian/patches/80_glibc2.30-ftbfs.diff |
170 | +++ /dev/null |
171 | @@ -1,51 +0,0 @@ |
172 | -Description: fix build with glibc 2.30 |
173 | - glibc 2.30 release notes at |
174 | - https://savannah.gnu.org/forum/forum.php?forum_id=9515 states: |
175 | - """ |
176 | - Support for the "inet6" option in /etc/resolv.conf and the RES_USE_INET6 |
177 | - resolver flag (deprecated in glibc 2.25) have been removed. |
178 | - ... |
179 | - The obsolete RES_INSECURE1 and RES_INSECURE2 option flags for the DNS stub |
180 | - resolver have been removed from <resolv.h>. |
181 | - """ |
182 | - And RES_AAONLY and RES_PRIMARY are already flagged as deprecated and are |
183 | - being guarded with the same fix. |
184 | -Origin: upstream, https://github.com/vdukhovni/postfix/commit/3274c3cea9d739f86e84b65664aabb692e37e83f#diff-777bfb681a1cd539ddc8e1e606959ffa |
185 | -Bug: http://postfix.1071664.n5.nabble.com/build-failure-with-glibc-2-30-td102511.html |
186 | -Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/1842923 |
187 | -Last-Update: 2019-09-05 |
188 | ---- |
189 | -This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ |
190 | -diff --git a/postfix/src/dns/dns_str_resflags.c b/postfix/src/dns/dns_str_resflags.c |
191 | -index 5f2cce5e..472394c3 100644 |
192 | ---- a/src/dns/dns_str_resflags.c |
193 | -+++ b/src/dns/dns_str_resflags.c |
194 | -@@ -52,18 +52,28 @@ |
195 | - static const LONG_NAME_MASK resflag_table[] = { |
196 | - "RES_INIT", RES_INIT, |
197 | - "RES_DEBUG", RES_DEBUG, |
198 | -+#ifdef RES_AAONLY |
199 | - "RES_AAONLY", RES_AAONLY, |
200 | -+#endif |
201 | - "RES_USEVC", RES_USEVC, |
202 | -+#ifdef RES_PRIMARY |
203 | - "RES_PRIMARY", RES_PRIMARY, |
204 | -+#endif |
205 | - "RES_IGNTC", RES_IGNTC, |
206 | - "RES_RECURSE", RES_RECURSE, |
207 | - "RES_DEFNAMES", RES_DEFNAMES, |
208 | - "RES_STAYOPEN", RES_STAYOPEN, |
209 | - "RES_DNSRCH", RES_DNSRCH, |
210 | -+#ifdef RES_INSECURE1 |
211 | - "RES_INSECURE1", RES_INSECURE1, |
212 | -+#endif |
213 | -+#ifdef RES_INSECURE2 |
214 | - "RES_INSECURE2", RES_INSECURE2, |
215 | -+#endif |
216 | - "RES_NOALIASES", RES_NOALIASES, |
217 | -+#ifdef RES_USE_INET6 |
218 | - "RES_USE_INET6", RES_USE_INET6, |
219 | -+#endif |
220 | - #ifdef RES_ROTATE |
221 | - "RES_ROTATE", RES_ROTATE, |
222 | - #endif |
223 | diff --git a/debian/patches/series b/debian/patches/series |
224 | index 4976a63..fe67e62 100644 |
225 | --- a/debian/patches/series |
226 | +++ b/debian/patches/series |
227 | @@ -14,6 +14,5 @@ |
228 | 41_rmail.diff |
229 | 50_LANG.diff |
230 | 70_postfix-check.diff |
231 | -80_glibc2.30-ftbfs.diff |
232 | tls_version.diff |
233 | debian-man-name.diff |
234 | diff --git a/html/MAILLOG_README.html b/html/MAILLOG_README.html |
235 | index b1f9702..c5b7978 100644 |
236 | --- a/html/MAILLOG_README.html |
237 | +++ b/html/MAILLOG_README.html |
238 | @@ -114,7 +114,7 @@ run from a terminal. This command implements the following steps: |
239 | |
240 | <li> <p> Rename the current logfile by appending a suffix that |
241 | contains the date and time. This suffix is configured with the |
242 | -<a href="postconf.5.html#maillog_file_rotate_suffix">maillog_file_rotate_suffix</a> parameter (default: %Y%M%d-%H%M%S). </p> |
243 | +<a href="postconf.5.html#maillog_file_rotate_suffix">maillog_file_rotate_suffix</a> parameter (default: %Y%m%d-%H%M%S). </p> |
244 | |
245 | <li> <p> Reload Postfix so that <a href="postlogd.8.html">postlogd(8)</a> immediately closes the |
246 | old logfile. </p> |
247 | diff --git a/html/postconf.5.html b/html/postconf.5.html |
248 | index cba1fac..aa94c32 100644 |
249 | --- a/html/postconf.5.html |
250 | +++ b/html/postconf.5.html |
251 | @@ -6284,7 +6284,7 @@ whitespace. </p> |
252 | </DD> |
253 | |
254 | <DT><b><a name="maillog_file_rotate_suffix">maillog_file_rotate_suffix</a> |
255 | -(default: %Y%M%d-%H%M%S)</b></DT><DD> |
256 | +(default: %Y%m%d-%H%M%S)</b></DT><DD> |
257 | |
258 | <p> The format of the suffix to append to $<a href="postconf.5.html#maillog_file">maillog_file</a> while rotating |
259 | the file with "postfix logrotate". See strftime(3) for syntax. The |
260 | diff --git a/html/postfix.1.html b/html/postfix.1.html |
261 | index 4c5c4f9..eb59ad3 100644 |
262 | --- a/html/postfix.1.html |
263 | +++ b/html/postfix.1.html |
264 | @@ -285,7 +285,7 @@ POSTFIX(1) POSTFIX(1) |
265 | <b><a href="postconf.5.html#maillog_file_prefixes">maillog_file_prefixes</a> (/var, /dev/stdout)</b> |
266 | A list of allowed prefixes for a <a href="postconf.5.html#maillog_file">maillog_file</a> value. |
267 | |
268 | - <b><a href="postconf.5.html#maillog_file_rotate_suffix">maillog_file_rotate_suffix</a> (%Y%M%d-%H%M%S)</b> |
269 | + <b><a href="postconf.5.html#maillog_file_rotate_suffix">maillog_file_rotate_suffix</a> (%Y%m%d-%H%M%S)</b> |
270 | The format of the suffix to append to $<a href="postconf.5.html#maillog_file">maillog_file</a> while rotat- |
271 | ing the file with "postfix logrotate". |
272 | |
273 | diff --git a/makedefs b/makedefs |
274 | index 93731c2..64b42f4 100644 |
275 | --- a/makedefs |
276 | +++ b/makedefs |
277 | @@ -228,6 +228,19 @@ case $# in |
278 | *) echo usage: $0 [system release] 1>&2; exit 1;; |
279 | esac |
280 | |
281 | +case "$SYSTEM" in |
282 | + Linux) |
283 | + case "`PATH=/bin:/usr/bin ldd /bin/sh`" in |
284 | + *-musl-*) |
285 | + case "$CCARGS" in |
286 | + *-DNO_DNSSEC*) ;; |
287 | + *) echo Warning: libc-musl breaks DANE/TLSA security. 1>&2 |
288 | + echo This build will not support DANE/TLSA. 1>&2 |
289 | + CCARGS="$CCARGS -DNO_DNSSEC";; |
290 | + esac;; |
291 | + esac;; |
292 | +esac |
293 | + |
294 | case "$SYSTEM.$RELEASE" in |
295 | SCO_SV.3.2) SYSTYPE=SCO5 |
296 | # Use the native compiler by default |
297 | @@ -1136,7 +1149,7 @@ esac |
298 | : ${CC=gcc} ${OPT='-O'} ${DEBUG='-g'} ${AWK=awk} \ |
299 | ${WARN='-Wall -Wno-comment -Wformat -Wimplicit -Wmissing-prototypes \ |
300 | -Wparentheses -Wstrict-prototypes -Wswitch -Wuninitialized \ |
301 | - -Wunused -Wno-missing-braces'} |
302 | + -Wunused -Wno-missing-braces -fcommon'} |
303 | |
304 | # Extract map type names from -DHAS_XXX compiler options. We avoid |
305 | # problems with tr(1) range syntax by using enumerations instead, |
306 | diff --git a/man/man1/postfix.1 b/man/man1/postfix.1 |
307 | index 7a8a39c..412c0c9 100644 |
308 | --- a/man/man1/postfix.1 |
309 | +++ b/man/man1/postfix.1 |
310 | @@ -252,7 +252,7 @@ The program to run after rotating $maillog_file with "postfix |
311 | logrotate". |
312 | .IP "\fBmaillog_file_prefixes (/var, /dev/stdout)\fR" |
313 | A list of allowed prefixes for a maillog_file value. |
314 | -.IP "\fBmaillog_file_rotate_suffix (%Y%M%d\-%H%M%S)\fR" |
315 | +.IP "\fBmaillog_file_rotate_suffix (%Y%m%d\-%H%M%S)\fR" |
316 | The format of the suffix to append to $maillog_file while rotating |
317 | the file with "postfix logrotate". |
318 | .IP "\fBpostlog_service_name (postlog)\fR" |
319 | diff --git a/man/man5/postconf.5 b/man/man5/postconf.5 |
320 | index fdf6b39..ccb087a 100644 |
321 | --- a/man/man5/postconf.5 |
322 | +++ b/man/man5/postconf.5 |
323 | @@ -3775,7 +3775,7 @@ mistake. Specify one or more prefix strings, separated by comma or |
324 | whitespace. |
325 | .PP |
326 | This feature is available in Postfix 3.4 and later. |
327 | -.SH maillog_file_rotate_suffix (default: %Y%M%d\-%H%M%S) |
328 | +.SH maillog_file_rotate_suffix (default: %Y%m%d\-%H%M%S) |
329 | The format of the suffix to append to $maillog_file while rotating |
330 | the file with "postfix logrotate". See \fBstrftime\fR(3) for syntax. The |
331 | default suffix, YYYYMMDD\-HHMMSS, allows logs to be rotated frequently. |
332 | diff --git a/proto/MAILLOG_README.html b/proto/MAILLOG_README.html |
333 | index 5fad103..9b56518 100644 |
334 | --- a/proto/MAILLOG_README.html |
335 | +++ b/proto/MAILLOG_README.html |
336 | @@ -114,7 +114,7 @@ run from a terminal. This command implements the following steps: |
337 | |
338 | <li> <p> Rename the current logfile by appending a suffix that |
339 | contains the date and time. This suffix is configured with the |
340 | -maillog_file_rotate_suffix parameter (default: %Y%M%d-%H%M%S). </p> |
341 | +maillog_file_rotate_suffix parameter (default: %Y%m%d-%H%M%S). </p> |
342 | |
343 | <li> <p> Reload Postfix so that postlogd(8) immediately closes the |
344 | old logfile. </p> |
345 | diff --git a/proto/postconf.proto b/proto/postconf.proto |
346 | index f29cdf6..a37fb01 100644 |
347 | --- a/proto/postconf.proto |
348 | +++ b/proto/postconf.proto |
349 | @@ -17611,7 +17611,7 @@ first argument. </p> |
350 | |
351 | <p> This feature is available in Postfix 3.4 and later. </p> |
352 | |
353 | -%PARAM maillog_file_rotate_suffix %Y%M%d-%H%M%S |
354 | +%PARAM maillog_file_rotate_suffix %Y%m%d-%H%M%S |
355 | |
356 | <p> The format of the suffix to append to $maillog_file while rotating |
357 | the file with "postfix logrotate". See strftime(3) for syntax. The |
358 | diff --git a/src/dns/dns.h b/src/dns/dns.h |
359 | index f758e44..b8c4c4a 100644 |
360 | --- a/src/dns/dns.h |
361 | +++ b/src/dns/dns.h |
362 | @@ -59,6 +59,7 @@ |
363 | */ |
364 | #ifdef NO_DNSSEC |
365 | #undef RES_USE_DNSSEC |
366 | +#undef RES_TRUSTAD |
367 | #endif |
368 | |
369 | /* |
370 | @@ -70,6 +71,9 @@ |
371 | #ifndef RES_USE_EDNS0 |
372 | #define RES_USE_EDNS0 0 |
373 | #endif |
374 | +#ifndef RES_TRUSTAD |
375 | +#define RES_TRUSTAD 0 |
376 | +#endif |
377 | |
378 | /*- |
379 | * TLSA: https://tools.ietf.org/html/rfc6698#section-7.1 |
380 | diff --git a/src/dns/dns_lookup.c b/src/dns/dns_lookup.c |
381 | index 1bfeb7e..2ae6483 100644 |
382 | --- a/src/dns/dns_lookup.c |
383 | +++ b/src/dns/dns_lookup.c |
384 | @@ -116,6 +116,9 @@ |
385 | /* Request DNSSEC validation. This flag is silently ignored |
386 | /* when the system stub resolver API, resolver(3), does not |
387 | /* implement DNSSEC. |
388 | +/* Automatically turns on the RES_TRUSTAD flag on systems that |
389 | +/* support this flag (this behavior will be more configurable |
390 | +/* in a later release). |
391 | /* .RE |
392 | /* .IP lflags |
393 | /* Flags that control the operation of the dns_lookup*() |
394 | @@ -453,10 +456,10 @@ static int dns_query(const char *name, int type, unsigned flags, |
395 | /* |
396 | * Set extra options that aren't exposed to the application. |
397 | */ |
398 | -#define XTRA_FLAGS (RES_USE_EDNS0) |
399 | +#define XTRA_FLAGS (RES_USE_EDNS0 | RES_TRUSTAD) |
400 | |
401 | if (flags & RES_USE_DNSSEC) |
402 | - flags |= RES_USE_EDNS0; |
403 | + flags |= (RES_USE_EDNS0 | RES_TRUSTAD); |
404 | |
405 | /* |
406 | * Save and restore resolver options that we overwrite, to avoid |
407 | diff --git a/src/dns/dns_str_resflags.c b/src/dns/dns_str_resflags.c |
408 | index 5f2cce5..df32345 100644 |
409 | --- a/src/dns/dns_str_resflags.c |
410 | +++ b/src/dns/dns_str_resflags.c |
411 | @@ -60,10 +60,16 @@ static const LONG_NAME_MASK resflag_table[] = { |
412 | "RES_DEFNAMES", RES_DEFNAMES, |
413 | "RES_STAYOPEN", RES_STAYOPEN, |
414 | "RES_DNSRCH", RES_DNSRCH, |
415 | +#ifdef RES_INSECURE1 |
416 | "RES_INSECURE1", RES_INSECURE1, |
417 | +#endif |
418 | +#ifdef RES_INSECURE2 |
419 | "RES_INSECURE2", RES_INSECURE2, |
420 | +#endif |
421 | "RES_NOALIASES", RES_NOALIASES, |
422 | +#ifdef RES_USE_INET6 |
423 | "RES_USE_INET6", RES_USE_INET6, |
424 | +#endif |
425 | #ifdef RES_ROTATE |
426 | "RES_ROTATE", RES_ROTATE, |
427 | #endif |
428 | diff --git a/src/global/mail_params.c b/src/global/mail_params.c |
429 | index 8953fe6..4b6a058 100644 |
430 | --- a/src/global/mail_params.c |
431 | +++ b/src/global/mail_params.c |
432 | @@ -868,6 +868,8 @@ void mail_params_init() |
433 | var_smtputf8_enable = 0; |
434 | #else |
435 | midna_domain_transitional = var_idna2003_compat; |
436 | + if (var_smtputf8_enable) |
437 | + midna_domain_pre_chroot(); |
438 | #endif |
439 | util_utf8_enable = var_smtputf8_enable; |
440 | |
441 | diff --git a/src/global/mail_params.h b/src/global/mail_params.h |
442 | index 1f4c207..900ef51 100644 |
443 | --- a/src/global/mail_params.h |
444 | +++ b/src/global/mail_params.h |
445 | @@ -4178,7 +4178,7 @@ extern char *var_maillog_file_pfxs; |
446 | extern char *var_maillog_file_comp; |
447 | |
448 | #define VAR_MAILLOG_FILE_STAMP "maillog_file_rotate_suffix" |
449 | -#define DEF_MAILLOG_FILE_STAMP "%Y%M%d-%H%M%S" |
450 | +#define DEF_MAILLOG_FILE_STAMP "%Y%m%d-%H%M%S" |
451 | extern char *var_maillog_file_stamp; |
452 | |
453 | #define VAR_POSTLOG_SERVICE "postlog_service_name" |
454 | diff --git a/src/global/mail_version.h b/src/global/mail_version.h |
455 | index 41647d3..95afa7b 100644 |
456 | --- a/src/global/mail_version.h |
457 | +++ b/src/global/mail_version.h |
458 | @@ -20,8 +20,8 @@ |
459 | * Patches change both the patchlevel and the release date. Snapshots have no |
460 | * patchlevel; they change the release date only. |
461 | */ |
462 | -#define MAIL_RELEASE_DATE "20200312" |
463 | -#define MAIL_VERSION_NUMBER "3.4.10" |
464 | +#define MAIL_RELEASE_DATE "20200614" |
465 | +#define MAIL_VERSION_NUMBER "3.4.13" |
466 | |
467 | #ifdef SNAPSHOT |
468 | #define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE |
469 | diff --git a/src/milter/milter.c b/src/milter/milter.c |
470 | index cee169c..3d71cc6 100644 |
471 | --- a/src/milter/milter.c |
472 | +++ b/src/milter/milter.c |
473 | @@ -620,14 +620,14 @@ void milter_disc_event(MILTERS *milters) |
474 | * names by skipping the redundant "milter_" prefix. |
475 | */ |
476 | static ATTR_OVER_TIME time_table[] = { |
477 | - 7 + VAR_MILT_CONN_TIME, DEF_MILT_CONN_TIME, 0, 1, 0, |
478 | - 7 + VAR_MILT_CMD_TIME, DEF_MILT_CMD_TIME, 0, 1, 0, |
479 | - 7 + VAR_MILT_MSG_TIME, DEF_MILT_MSG_TIME, 0, 1, 0, |
480 | + 7 + (const char *) VAR_MILT_CONN_TIME, DEF_MILT_CONN_TIME, 0, 1, 0, |
481 | + 7 + (const char *) VAR_MILT_CMD_TIME, DEF_MILT_CMD_TIME, 0, 1, 0, |
482 | + 7 + (const char *) VAR_MILT_MSG_TIME, DEF_MILT_MSG_TIME, 0, 1, 0, |
483 | 0, |
484 | }; |
485 | static ATTR_OVER_STR str_table[] = { |
486 | - 7 + VAR_MILT_PROTOCOL, 0, 1, 0, |
487 | - 7 + VAR_MILT_DEF_ACTION, 0, 1, 0, |
488 | + 7 + (const char *) VAR_MILT_PROTOCOL, 0, 1, 0, |
489 | + 7 + (const char *) VAR_MILT_DEF_ACTION, 0, 1, 0, |
490 | 0, |
491 | }; |
492 | |
493 | diff --git a/src/postfix/postfix.c b/src/postfix/postfix.c |
494 | index f8b3de4..b2306fb 100644 |
495 | --- a/src/postfix/postfix.c |
496 | +++ b/src/postfix/postfix.c |
497 | @@ -242,7 +242,7 @@ |
498 | /* logrotate". |
499 | /* .IP "\fBmaillog_file_prefixes (/var, /dev/stdout)\fR" |
500 | /* A list of allowed prefixes for a maillog_file value. |
501 | -/* .IP "\fBmaillog_file_rotate_suffix (%Y%M%d-%H%M%S)\fR" |
502 | +/* .IP "\fBmaillog_file_rotate_suffix (%Y%m%d-%H%M%S)\fR" |
503 | /* The format of the suffix to append to $maillog_file while rotating |
504 | /* the file with "postfix logrotate". |
505 | /* .IP "\fBpostlog_service_name (postlog)\fR" |
506 | diff --git a/src/smtpd/smtpd_check.c b/src/smtpd/smtpd_check.c |
507 | index d1caa5c..a25b401 100644 |
508 | --- a/src/smtpd/smtpd_check.c |
509 | +++ b/src/smtpd/smtpd_check.c |
510 | @@ -483,20 +483,20 @@ typedef struct { |
511 | * parameter names by skipping the redundant "smtpd_policy_service_" prefix. |
512 | */ |
513 | static ATTR_OVER_TIME time_table[] = { |
514 | - 21 + VAR_SMTPD_POLICY_TMOUT, DEF_SMTPD_POLICY_TMOUT, 0, 1, 0, |
515 | - 21 + VAR_SMTPD_POLICY_IDLE, DEF_SMTPD_POLICY_IDLE, 0, 1, 0, |
516 | - 21 + VAR_SMTPD_POLICY_TTL, DEF_SMTPD_POLICY_TTL, 0, 1, 0, |
517 | - 21 + VAR_SMTPD_POLICY_TRY_DELAY, DEF_SMTPD_POLICY_TRY_DELAY, 0, 1, 0, |
518 | + 21 + (const char *) VAR_SMTPD_POLICY_TMOUT, DEF_SMTPD_POLICY_TMOUT, 0, 1, 0, |
519 | + 21 + (const char *) VAR_SMTPD_POLICY_IDLE, DEF_SMTPD_POLICY_IDLE, 0, 1, 0, |
520 | + 21 + (const char *) VAR_SMTPD_POLICY_TTL, DEF_SMTPD_POLICY_TTL, 0, 1, 0, |
521 | + 21 + (const char *) VAR_SMTPD_POLICY_TRY_DELAY, DEF_SMTPD_POLICY_TRY_DELAY, 0, 1, 0, |
522 | 0, |
523 | }; |
524 | static ATTR_OVER_INT int_table[] = { |
525 | - 21 + VAR_SMTPD_POLICY_REQ_LIMIT, 0, 0, 0, |
526 | - 21 + VAR_SMTPD_POLICY_TRY_LIMIT, 0, 1, 0, |
527 | + 21 + (const char *) VAR_SMTPD_POLICY_REQ_LIMIT, 0, 0, 0, |
528 | + 21 + (const char *) VAR_SMTPD_POLICY_TRY_LIMIT, 0, 1, 0, |
529 | 0, |
530 | }; |
531 | static ATTR_OVER_STR str_table[] = { |
532 | - 21 + VAR_SMTPD_POLICY_DEF_ACTION, 0, 1, 0, |
533 | - 21 + VAR_SMTPD_POLICY_CONTEXT, 0, 1, 0, |
534 | + 21 + (const char *) VAR_SMTPD_POLICY_DEF_ACTION, 0, 1, 0, |
535 | + 21 + (const char *) VAR_SMTPD_POLICY_CONTEXT, 0, 1, 0, |
536 | 0, |
537 | }; |
538 | |
539 | diff --git a/src/tls/tls_bio_ops.c b/src/tls/tls_bio_ops.c |
540 | index 1f4ec41..9b66195 100644 |
541 | --- a/src/tls/tls_bio_ops.c |
542 | +++ b/src/tls/tls_bio_ops.c |
543 | @@ -194,6 +194,13 @@ int tls_bio(int fd, int timeout, TLS_SESS_STATE *TLScontext, |
544 | * handling any pending network I/O. |
545 | */ |
546 | for (;;) { |
547 | + |
548 | + /* |
549 | + * Flush the per-thread SSL error queue. Otherwise, errors from other |
550 | + * code that also uses TLS may confuse SSL_get_error(3). |
551 | + */ |
552 | + ERR_clear_error(); |
553 | + |
554 | if (hsfunc) |
555 | status = hsfunc(TLScontext->con); |
556 | else if (rfunc) |
557 | diff --git a/src/tls/tls_misc.c b/src/tls/tls_misc.c |
558 | index 9fac444..1a1fd96 100644 |
559 | --- a/src/tls/tls_misc.c |
560 | +++ b/src/tls/tls_misc.c |
561 | @@ -686,6 +686,27 @@ static int server_sni_callback(SSL *ssl, int *alert, void *arg) |
562 | TLScontext->namaddr, sni); |
563 | return SSL_TLSEXT_ERR_NOACK; |
564 | } |
565 | + |
566 | + /* |
567 | + * With TLS 1.3, when the client's proposed key share is not supported by |
568 | + * the server, the server may issue a HelloRetryRequest (HRR), and the |
569 | + * client will then retry with a new key share on a curve supported by |
570 | + * the server. This results in the SNI callback running twice for the |
571 | + * same connection. |
572 | + * |
573 | + * When that happens, The client MUST send the essentially the same hello |
574 | + * message, including the SNI name, and since we've already loaded our |
575 | + * certificate chain, we don't need to do it again! Therefore, if we've |
576 | + * already recorded the peer SNI name, just check that it has not |
577 | + * changed, and return success. |
578 | + */ |
579 | + if (TLScontext->peer_sni) { |
580 | + if (strcmp(sni, TLScontext->peer_sni) == 0) |
581 | + return SSL_TLSEXT_ERR_OK; |
582 | + msg_warn("TLS SNI changed from %s initially %s, %s after hello retry", |
583 | + TLScontext->namaddr, TLScontext->peer_sni, sni); |
584 | + return SSL_TLSEXT_ERR_NOACK; |
585 | + } |
586 | do { |
587 | /* Don't silently skip maps opened with the wrong flags. */ |
588 | pem = maps_file_find(tls_server_sni_maps, cp, 0); |
589 | diff --git a/src/tls/tls_session.c b/src/tls/tls_session.c |
590 | index 3f6027f..a4b7a8f 100644 |
591 | --- a/src/tls/tls_session.c |
592 | +++ b/src/tls/tls_session.c |
593 | @@ -118,7 +118,7 @@ void tls_session_stop(TLS_APPL_STATE *unused_ctx, VSTREAM *stream, int timeou |
594 | * so we will not perform SSL_shutdown() and the session will be removed |
595 | * as being bad. |
596 | */ |
597 | - if (!failure) { |
598 | + if (!failure && !SSL_in_init(TLScontext->con)) { |
599 | retval = tls_bio_shutdown(vstream_fileno(stream), timeout, TLScontext); |
600 | if (!var_tls_fast_shutdown && retval == 0) |
601 | tls_bio_shutdown(vstream_fileno(stream), timeout, TLScontext); |
602 | diff --git a/src/tlsproxy/tlsproxy.c b/src/tlsproxy/tlsproxy.c |
603 | index 50b4154..65c7201 100644 |
604 | --- a/src/tlsproxy/tlsproxy.c |
605 | +++ b/src/tlsproxy/tlsproxy.c |
606 | @@ -781,6 +781,7 @@ static void tlsp_strategy(TLSP_STATE *state) |
607 | */ |
608 | if (state->flags & TLSP_FLAG_DO_HANDSHAKE) { |
609 | state->timeout = state->handshake_timeout; |
610 | + ERR_clear_error(); |
611 | if (state->is_server_role) |
612 | ssl_stat = SSL_accept(tls_context->con); |
613 | else |
614 | @@ -809,6 +810,7 @@ static void tlsp_strategy(TLSP_STATE *state) |
615 | if (NBBIO_ERROR_FLAGS(plaintext_buf)) { |
616 | if (NBBIO_ACTIVE_FLAGS(plaintext_buf)) |
617 | nbbio_disable_readwrite(state->plaintext_buf); |
618 | + ERR_clear_error(); |
619 | if (!SSL_in_init(tls_context->con) |
620 | && (ssl_stat = SSL_shutdown(tls_context->con)) < 0) { |
621 | handshake_err = SSL_get_error(tls_context->con, ssl_stat); |
622 | @@ -835,6 +837,7 @@ static void tlsp_strategy(TLSP_STATE *state) |
623 | */ |
624 | ssl_write_err = SSL_ERROR_NONE; |
625 | while (NBBIO_READ_PEND(plaintext_buf) > 0) { |
626 | + ERR_clear_error(); |
627 | ssl_stat = SSL_write(tls_context->con, NBBIO_READ_BUF(plaintext_buf), |
628 | NBBIO_READ_PEND(plaintext_buf)); |
629 | ssl_write_err = SSL_get_error(tls_context->con, ssl_stat); |
630 | @@ -865,6 +868,7 @@ static void tlsp_strategy(TLSP_STATE *state) |
631 | */ |
632 | ssl_read_err = SSL_ERROR_NONE; |
633 | while (NBBIO_WRITE_PEND(state->plaintext_buf) < NBBIO_BUFSIZE(plaintext_buf)) { |
634 | + ERR_clear_error(); |
635 | ssl_stat = SSL_read(tls_context->con, |
636 | NBBIO_WRITE_BUF(plaintext_buf) |
637 | + NBBIO_WRITE_PEND(state->plaintext_buf), |
638 | @@ -1489,16 +1493,15 @@ static void tlsp_service(VSTREAM *plaintext_stream, |
639 | TLSP_INIT_TIMEOUT, (void *) state); |
640 | } |
641 | |
642 | -/* pre_jail_init - pre-jail initialization */ |
643 | +/* pre_jail_init_server - pre-jail initialization */ |
644 | |
645 | -static void pre_jail_init(char *unused_name, char **unused_argv) |
646 | +static void pre_jail_init_server(void) |
647 | { |
648 | TLS_SERVER_INIT_PROPS props; |
649 | const char *cert_file; |
650 | int have_server_cert; |
651 | int no_server_cert_ok; |
652 | int require_server_cert; |
653 | - int clnt_use_tls; |
654 | |
655 | /* |
656 | * The code in this routine is pasted literally from smtpd(8). I am not |
657 | @@ -1531,7 +1534,7 @@ static void pre_jail_init(char *unused_name, char **unused_argv) |
658 | } |
659 | var_tlsp_use_tls = var_tlsp_use_tls || var_tlsp_enforce_tls; |
660 | if (!var_tlsp_use_tls) { |
661 | - msg_warn("TLS service is requested, but disabled with %s or %s", |
662 | + msg_warn("TLS server role is disabled with %s or %s", |
663 | VAR_TLSP_TLS_LEVEL, VAR_TLSP_USE_TLS); |
664 | return; |
665 | } |
666 | @@ -1622,6 +1625,13 @@ static void pre_jail_init(char *unused_name, char **unused_argv) |
667 | SSL_CTX_set_mode(tlsp_server_ctx->ssl_ctx, |
668 | SSL_MODE_ENABLE_PARTIAL_WRITE |
669 | | SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER); |
670 | +} |
671 | + |
672 | +/* pre_jail_init_client - pre-jail initialization */ |
673 | + |
674 | +static void pre_jail_init_client(void) |
675 | +{ |
676 | + int clnt_use_tls; |
677 | |
678 | /* |
679 | * The cache with TLS_APPL_STATE instances for different TLS_CLIENT_INIT |
680 | @@ -1733,6 +1743,18 @@ static void pre_jail_init(char *unused_name, char **unused_argv) |
681 | msg_warn("TLS client initialization failed"); |
682 | } |
683 | } |
684 | +} |
685 | + |
686 | +/* pre_jail_init - pre-jail initialization */ |
687 | + |
688 | +static void pre_jail_init(char *unused_name, char **unused_argv) |
689 | +{ |
690 | + |
691 | + /* |
692 | + * Initialize roles separately. |
693 | + */ |
694 | + pre_jail_init_server(); |
695 | + pre_jail_init_client(); |
696 | |
697 | /* |
698 | * tlsp_client_init() needs to know if it is called pre-jail or |
699 | diff --git a/src/util/midna_domain.c b/src/util/midna_domain.c |
700 | index 667e75e..333a5c9 100644 |
701 | --- a/src/util/midna_domain.c |
702 | +++ b/src/util/midna_domain.c |
703 | @@ -20,6 +20,8 @@ |
704 | /* |
705 | /* const char *midna_domain_suffix_to_utf8( |
706 | /* const char *name) |
707 | +/* AUXILIARY FUNCTIONS |
708 | +/* void midna_domain_pre_chroot(void) |
709 | /* DESCRIPTION |
710 | /* The functions in this module transform domain names from/to |
711 | /* ASCII and UTF-8 form. The result is cached to avoid repeated |
712 | @@ -52,6 +54,8 @@ |
713 | /* |
714 | /* midna_domain_transitional enables transitional conversion |
715 | /* between UTF8 and ASCII labels. |
716 | +/* |
717 | +/* midna_domain_pre_chroot() does some pre-chroot initialization. |
718 | /* SEE ALSO |
719 | /* http://unicode.org/reports/tr46/ Unicode IDNA Compatibility processing |
720 | /* msg(3) diagnostics interface |
721 | @@ -144,6 +148,22 @@ static const char *midna_domain_strerror(UErrorCode error, int info_errors) |
722 | } |
723 | } |
724 | |
725 | +/* midna_domain_pre_chroot - pre-chroot initialization */ |
726 | + |
727 | +void midna_domain_pre_chroot(void) |
728 | +{ |
729 | + UErrorCode error = U_ZERO_ERROR; |
730 | + UIDNAInfo info = UIDNA_INFO_INITIALIZER; |
731 | + UIDNA *idna; |
732 | + |
733 | + idna = uidna_openUTS46(midna_domain_transitional ? UIDNA_DEFAULT |
734 | + : UIDNA_NONTRANSITIONAL_TO_ASCII, &error); |
735 | + if (U_FAILURE(error)) |
736 | + msg_warn("ICU library initialization failed: %s", |
737 | + midna_domain_strerror(error, info.errors)); |
738 | + uidna_close(idna); |
739 | +} |
740 | + |
741 | /* midna_domain_to_ascii_create - convert domain to ASCII */ |
742 | |
743 | static void *midna_domain_to_ascii_create(const char *name, void *unused_context) |
744 | @@ -327,6 +347,7 @@ const char *midna_domain_suffix_to_utf8(const char *name) |
745 | /* |
746 | * Test program - reads names from stdin, reports invalid names to stderr. |
747 | */ |
748 | +#include <unistd.h> |
749 | #include <stdlib.h> |
750 | #include <locale.h> |
751 | |
752 | @@ -350,6 +371,11 @@ int main(int argc, char **argv) |
753 | /* msg_verbose = 1; */ |
754 | util_utf8_enable = 1; |
755 | |
756 | + if (geteuid() == 0) { |
757 | + midna_domain_pre_chroot(); |
758 | + if (chroot(".") != 0) |
759 | + msg_fatal("chroot(\".\"): %m"); |
760 | + } |
761 | while (vstring_fgets_nonl(buffer, VSTREAM_IN)) { |
762 | bp = STR(buffer); |
763 | msg_info("> %s", bp); |
764 | diff --git a/src/util/midna_domain.h b/src/util/midna_domain.h |
765 | index 03d875b..1abe2a1 100644 |
766 | --- a/src/util/midna_domain.h |
767 | +++ b/src/util/midna_domain.h |
768 | @@ -18,6 +18,7 @@ extern const char *midna_domain_to_ascii(const char *); |
769 | extern const char *midna_domain_to_utf8(const char *); |
770 | extern const char *midna_domain_suffix_to_ascii(const char *); |
771 | extern const char *midna_domain_suffix_to_utf8(const char *); |
772 | +extern void midna_domain_pre_chroot(void); |
773 | |
774 | extern int midna_domain_cache_size; |
775 | extern int midna_domain_transitional; |
Changes look all SRUable to me.
Changelog is correct as Focal+1 already has 3.5 we don't need to be too careful on version collisions.
bug 1881196 misses an SRU template, so before you upload add something there please.
the sru template in 1868955 described 3.4.13 but since we jump 3.4.10->3.4.13 you might want to rephrase a few things like "According to upstream there are just 2 changes in this new microrelease ..." if you look at the diff to the HISTORY file you see what might be worth to mention as "being ok for this MRE SRU".
All that I found to adapt is work on bug descriptions, the MP itself LGTM