postfix-2.9-20110207

2025-08-22 18:07:41 +00:00 · 2011-02-07 00:00:00 -05:00 · 2011-02-07 00:00:00 -05:00 · 1ac00dbaf1
commit 1ac00dbaf1
parent 45966d7b77
7 changed files with 26 additions and 27 deletions
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@ -16571,3 +16571,8 @@ Apologies for any names omitted.
 	responses more gracefully, i.e. without losing synchronization.
 	Files: smtpd/smtpd_chat.c, smtpd/smtpd_proxy.c, smtp/smtp_chat.c,
 	smtpstone/smtp-source.c.
+
+20110207
+
+	Bugfix (introduced Postfix 2.8): segfault with smtpd_tls_loglevel
+	>= 3. Files: tls/tls_server.c, tls.h, smtpd.c, tlsproxy.c.
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@ -20,7 +20,7 @@
  * Patches change both the patchlevel and the release date. Snapshots have no
  * patchlevel; they change the release date only.
  */
-#define MAIL_RELEASE_DATE	"20110205"
+#define MAIL_RELEASE_DATE	"20110207"
 #define MAIL_VERSION_NUMBER	"2.9"

 #ifdef SNAPSHOT
--- a/postfix/src/global/smtp_stream.c
+++ b/postfix/src/global/smtp_stream.c
@ -326,6 +326,7 @@ int     smtp_get(VSTRING *vp, VSTREAM *stream, ssize_t bound, int flags)
 	while (VSTRING_LEN(vp) > 0 && vstring_end(vp)[-1] == '\r')
 	    vstring_truncate(vp, VSTRING_LEN(vp) - 1);
 	VSTRING_TERMINATE(vp);
+	/* FALLTRHOUGH */

 	/*
 	 * Partial line: just read the remainder later. If we ran into EOF,
--- a/postfix/src/smtpd/smtpd.c
+++ b/postfix/src/smtpd/smtpd.c
@ -4029,6 +4029,7 @@ static void smtpd_start_tls(SMTPD_STATE *state)
 	TLS_SERVER_START(&props,
 			 ctx = smtpd_tls_ctx,
 			 stream = state->client,
+			 fd = -1,
 			 log_level = var_smtpd_tls_loglevel,
 			 timeout = var_smtpd_starttls_tmout,
 			 requirecert = requirecert,
--- a/postfix/src/tls/tls.h
+++ b/postfix/src/tls/tls.h
@ -268,6 +268,7 @@ typedef struct {
 typedef struct {
    TLS_APPL_STATE *ctx;		/* TLS application context */
    VSTREAM *stream;			/* Client stream */
+    int     fd;				/* Event-driven file descriptor */
    int     log_level;			/* TLS log level */
    int     timeout;			/* TLS handshake timeout */
    int     requirecert;		/* Insist on client cert? */
@ -293,10 +294,10 @@ extern TLS_SESS_STATE *tls_server_post_accept(TLS_SESS_STATE *);
    ((props)->a12), ((props)->a13), ((props)->a14), ((props)->a15), \
    ((props)->a16), ((props)->a17), ((props)->a18), ((props)->a19), (props)))

-#define TLS_SERVER_START(props, a1, a2, a3, a4, a5, a6, a7, a8, a9, a10) \
+#define TLS_SERVER_START(props, a1, a2, a3, a4, a5, a6, a7, a8, a9, a10, a11) \
    tls_server_start((((props)->a1), ((props)->a2), ((props)->a3), \
    ((props)->a4), ((props)->a5), ((props)->a6), ((props)->a7), \
-    ((props)->a8), ((props)->a9), ((props)->a10), (props)))
+    ((props)->a8), ((props)->a9), ((props)->a10), ((props)->a11), (props)))

 /*
  * tls_session.c
--- a/postfix/src/tls/tls_server.c
+++ b/postfix/src/tls/tls_server.c
@ -89,7 +89,8 @@
 /*	SSL_accept(), SSL_read(), SSL_write() and SSL_shutdown().
 /*
 /*	To maintain control over TLS I/O, an event-driven server
-/*	invokes tls_server_start() with a null VSTREAM argument.
+/*	invokes tls_server_start() with a null VSTREAM argument and
+/*	with an fd argument that specifies the I/O file descriptor.
 /*	Then, tls_server_start() performs all the necessary
 /*	preparations before the TLS handshake and returns a partially
 /*	populated TLS context. The event-driven application is then
@ -657,6 +658,18 @@ TLS_SESS_STATE *tls_server_start(const TLS_SERVER_START_PROPS *props)
     */
    SSL_set_accept_state(TLScontext->con);

+    /*
+     * Connect the SSL connection with the network socket.
+     */
+    if (SSL_set_fd(TLScontext->con, props->stream == 0 ? props->fd :
+		   vstream_fileno(props->stream)) != 1) {
+	msg_info("SSL_set_fd error to %s", props->namaddr);
+	tls_print_errors();
+	uncache_session(app_ctx->ssl_ctx, TLScontext);
+	tls_free_context(TLScontext);
+	return (0);
+    }
+
    /*
     * If the debug level selected is high enough, all of the data is dumped:
     * 3 will dump the SSL negotiation, 4 will dump everything.
@ -675,17 +688,6 @@ TLS_SESS_STATE *tls_server_start(const TLS_SERVER_START_PROPS *props)
    if (props->stream == 0)
 	return (TLScontext);

-    /*
-     * Connect the SSL connection with the network socket.
-     */
-    if (SSL_set_fd(TLScontext->con, vstream_fileno(props->stream)) != 1) {
-	msg_info("SSL_set_fd error to %s", props->namaddr);
-	tls_print_errors();
-	uncache_session(app_ctx->ssl_ctx, TLScontext);
-	tls_free_context(TLScontext);
-	return (0);
-    }
-
    /*
     * Turn on non-blocking I/O so that we can enforce timeouts on network
     * I/O.
--- a/postfix/src/tlsproxy/tlsproxy.c
+++ b/postfix/src/tlsproxy/tlsproxy.c
@ -687,6 +687,7 @@ static void tlsp_start_tls(TLSP_STATE *state)
 	TLS_SERVER_START(&props,
 			 ctx = tlsp_server_ctx,
 			 stream = (VSTREAM *) 0,/* unused */
+			 fd = state->ciphertext_fd,
 			 log_level = var_tlsp_tls_loglevel,
 			 timeout = 0,		/* unused */
 			 requirecert = (var_tlsp_tls_req_ccert
@ -702,18 +703,6 @@ static void tlsp_start_tls(TLSP_STATE *state)
 	return;
    }

-    /*
-     * This program will do the ciphertext I/O, not libtls. In the future,
-     * the above event-driven engine may be factored out as a libtls library
-     * module.
-     */
-    if (SSL_set_fd(state->tls_context->con, state->ciphertext_fd) != 1) {
-	msg_info("SSL_set_fd error to %s", state->remote_endpt);
-	tls_print_errors();
-	tlsp_state_free(state);
-	return;
-    }
-
    /*
     * XXX Do we care about TLS session rate limits? Good postscreen(8)
     * clients will occasionally require the tlsproxy to renew their