From 265b67ac9e5912ae23a257db910ddbf3cf3670fc Mon Sep 17 00:00:00 2001 From: Wietse Venema Date: Fri, 7 Oct 2022 00:00:00 -0500 Subject: [PATCH] postfix-3.5.17 --- postfix/HISTORY | 25 +++++++++++++++++++++++++ postfix/src/cleanup/cleanup_milter.c | 4 ++-- postfix/src/global/mail_version.h | 4 ++-- postfix/src/global/map_search.c | 1 - postfix/src/global/verify.c | 2 ++ postfix/src/tls/tls_server.c | 1 + 6 files changed, 32 insertions(+), 5 deletions(-) diff --git a/postfix/HISTORY b/postfix/HISTORY index 00a6cea5f..665eebcc5 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -25131,3 +25131,28 @@ Apologies for any names omitted. chroot jail. Problem reported by Jesper Dybdal. Files: cleanup/cleanup.h, cleanup/cleanup_init.c, cleanup/cleanup_milter.c, cleanup/cleanup_state.c. + +20220719 + + Cleanup: Postfix 3.5.0 introduced debug logging noise in + map_search_create(). Files: global/map_search.c. + +20220724 + + Workaround: in a TLS server disable Postfix's 1-element + internal session cache, to work around an OpenSSL 3.0 + regression that broke TLS handshakes. It is rarely useful. + Report by Spil Oss, fix by Viktor Dukhovni. File: + tls/tls_server.c. + +20220905 + + Cleanup: Postfix 3.3.0 introduced an uninitialized + verify_append() request status in case of a null original + recipient address. File: global/verify.c. + +20220906 + + Cleanup: Postfix 3.5.16 introduced a missing msg_panic() + argument (in code that never executes). File: + cleanup/cleanup_milter.c. diff --git a/postfix/src/cleanup/cleanup_milter.c b/postfix/src/cleanup/cleanup_milter.c index eb330a34d..b6a1ec426 100644 --- a/postfix/src/cleanup/cleanup_milter.c +++ b/postfix/src/cleanup/cleanup_milter.c @@ -530,7 +530,7 @@ void cleanup_milter_header_checks_init(void) msg_panic("%s: %s is empty", myname, VAR_MILT_HEAD_CHECKS); if (cleanup_milter_hbc_checks) - msg_panic("%s: cleanup_milter_hbc_checks is not null"); + msg_panic("%s: cleanup_milter_hbc_checks is not null", myname); cleanup_milter_hbc_checks = hbc_header_checks_create(VAR_MILT_HEAD_CHECKS, var_milt_head_checks, NO_MIME_HDR_NAME, NO_MIME_HDR_VALUE, @@ -538,7 +538,7 @@ void cleanup_milter_header_checks_init(void) &call_backs); if (cleanup_milter_hbc_reply) - msg_panic("%s: cleanup_milter_hbc_reply is not null"); + msg_panic("%s: cleanup_milter_hbc_reply is not null", myname); cleanup_milter_hbc_reply = vstring_alloc(100); } diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h index 81a283f60..7c5ebe66b 100644 --- a/postfix/src/global/mail_version.h +++ b/postfix/src/global/mail_version.h @@ -20,8 +20,8 @@ * Patches change both the patchlevel and the release date. Snapshots have no * patchlevel; they change the release date only. */ -#define MAIL_RELEASE_DATE "20220418" -#define MAIL_VERSION_NUMBER "3.5.16" +#define MAIL_RELEASE_DATE "20221007" +#define MAIL_VERSION_NUMBER "3.5.17" #ifdef SNAPSHOT #define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE diff --git a/postfix/src/global/map_search.c b/postfix/src/global/map_search.c index 8ba6a5a98..be4b42b33 100644 --- a/postfix/src/global/map_search.c +++ b/postfix/src/global/map_search.c @@ -188,7 +188,6 @@ const MAP_SEARCH *map_search_create(const char *map_spec) MAP_SEARCH_CREATE_RETURN(0); } } - msg_info("split_nameval(\"%s\"", attr_name_val); if ((const_err = split_nameval(attr_name_val, &attr_name, &attr_value)) != 0) { msg_warn("malformed map attribute in '%s': '%s'", diff --git a/postfix/src/global/verify.c b/postfix/src/global/verify.c index c4b26be04..91dd541b8 100644 --- a/postfix/src/global/verify.c +++ b/postfix/src/global/verify.c @@ -108,6 +108,8 @@ int verify_append(const char *queue_id, MSG_STATS *stats, if (recipient->orig_addr[0]) req_stat = verify_clnt_update(recipient->orig_addr, vrfy_stat, my_dsn.reason); + else + req_stat = VRFY_STAT_OK; /* Two verify updates for one verify request! */ if (req_stat == VRFY_STAT_OK && strcmp(recipient->address, recipient->orig_addr) != 0) diff --git a/postfix/src/tls/tls_server.c b/postfix/src/tls/tls_server.c index 25d85ec7b..a9b250921 100644 --- a/postfix/src/tls/tls_server.c +++ b/postfix/src/tls/tls_server.c @@ -730,6 +730,7 @@ TLS_APPL_STATE *tls_server_init(const TLS_SERVER_INIT_PROPS *props) sizeof(server_session_id_context)); SSL_CTX_set_session_cache_mode(server_ctx, SSL_SESS_CACHE_SERVER | + SSL_SESS_CACHE_NO_INTERNAL | SSL_SESS_CACHE_NO_AUTO_CLEAR); if (cachable) { app_ctx->cache_type = mystrdup(props->cache_type);