postfix-3.8-20221207

postfix/HISTORY

@@ -26659,3 +26659,37 @@ Apologies for any names omitted.
 	Documentation: the local_header_rewrite_clients and
 	remote_header_rewrite_domain features also enable adding
 	missing headers. File: proto/postconf.proto.
+
+20221125
+
+	Bugfix (introduced: Postfix 3.6): the Postfix TLS client
+	logged a TLS connection as 'Untrusted' instead of 'Trusted',
+	when a matching DANE record was found but the MX RRset was
+	insecure. Fix by Viktor Dukhovni. File: tls/tls_client.c.
+
+20221128
+
+	Bugfix (introduced: Postfix 2.2): the smtpd_proxy_client
+	code mis-parsed the last XFORWARD attribute name in the
+	SMTP server's EHLO response. The result was that the
+	smtpd_proxy_client code failed to forward the IDENT attribute.
+	Fix by Andreas Weigel. File: smtpd/smtpd_proxy.c.
+
+	Typo in MAILLOG_README. Paul Menzel.
+
+20221207
+
+	Workaround: OpenSSL 3.x EVP_get_digestbyname() can return
+	lazily bound handles that may fail to work when one attempts
+	to use them, because no provider search happens until one
+	constructs an actual operation context. In sufficiently
+	hostile configurations, Postfix could mistakenly believe
+	that an algorithm is available, when in fact it is not. A
+	similar workaround may be needed for EVP_get_cipherbyname().
+	Fix by Viktor Dukhovni. Files: tls/tls.h, tls/tls_dane.c,
+	tls/tls_fprint.c, tls/tls_misc.c.
+
+	Bugfix (introduced: Postfix 2.11): the checkok() macro in
+	tls/tls_fprint.c evaluated its argument unconditionally;
+	it should evaluate the argument only if there was no prior
+	error. Found during code review. File: tls/tls_fprint.c.

postfix/README_FILES/MAILLOG_README

@@ -4,7 +4,7 @@ PPoossttffiixx llooggggiinngg ttoo ffiillee oorr ssttdd
 
 OOvveerrvviieeww
 
-Postfix supports it own logging system as an alternative to syslog (which
+Postfix supports its own logging system as an alternative to syslog (which
 remains the default). This is available with Postfix version 3.4 or later.
 
 Topics covered in this document:

postfix/WISHLIST

@@ -9,6 +9,14 @@ Wish list:
 	Scan Postfix code with github.com/googleprojectzero/weggli
 	(depends on "rust").
 
+	In tls_fprint.c() rename unsafe macros to upper-case names.
+	For example, checkok() has a function-like name, but it
+	evaluates arguments conditionally. Rename all macros that
+	invoke checkok().
+
+	Update TLS_README diagram, tlsmgr no longer manages cert
+	info.
+
 	Consider renaming local_header_rewrite_clients to
 	local_header_canonicalize_clients, as a more accurate name.
 	Optionally support "local_header_canonicalize_classes =
@@ -17,6 +25,13 @@ Wish list:
 	And ditto for remote_header_rewrite_domain, whether it
 	should rewrite address, add missing headers, or both.
 
+	Add weight factors to randmap, for example randmap:{{result1}*99,
+	{result2}*1}. To parse out weights, see postscreen.
+
+	randmap already allows randmap:{{result}, ...}, to support
+	whitespace and comma in result values, but it should also
+	extract the value from {}.
+
 	Migrate masquerade_domains from ARGV to STRING_LIST, or
 	deprecate this feature because it breaks table-driven address
 	validation.

postfix/html/MAILLOG_README.html

@@ -20,7 +20,7 @@ logging to file or stdout</h1>
 
 <h2>Overview </h2>
 
-<p> Postfix supports it own logging system as an alternative to
+<p> Postfix supports its own logging system as an alternative to
 syslog (which remains the default). This is available with Postfix
 version 3.4 or later. </p>
 

postfix/html/smtpd.8.html

@@ -194,12 +194,9 @@ SMTPD(8)                                                              SMTPD(8)
        Available in Postfix version 2.2 and later:
 
        <b><a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> (<a href="postconf.5.html#permit_inet_interfaces">permit_inet_interfaces</a>)</b>
-              Rewrite message header addresses in mail from these clients  and
-              update incomplete addresses with the domain name in $<a href="postconf.5.html#myorigin">myorigin</a> or
-              $<a href="postconf.5.html#mydomain">mydomain</a>; either  don't  rewrite  message  headers  from  other
-              clients at all, or rewrite message headers and update incomplete
-              addresses with the domain  specified  in  the  <a href="postconf.5.html#remote_header_rewrite_domain">remote_header_re</a>-
-              <a href="postconf.5.html#remote_header_rewrite_domain">write_domain</a> parameter.
+              Rewrite or add message  headers  in  mail  from  these  clients,
+              updating  incomplete addresses with the domain name in $<a href="postconf.5.html#myorigin">myorigin</a>
+              or $<a href="postconf.5.html#mydomain">mydomain</a>, and adding missing headers.
 
 <b>BEFORE-SMTPD PROXY AGENT</b>
        Available in Postfix version 2.10 and later:
@@ -520,8 +517,8 @@ SMTPD(8)                                                              SMTPD(8)
               client certificate in order to allow TLS connections to proceed.
 
        <b><a href="postconf.5.html#smtpd_tls_wrappermode">smtpd_tls_wrappermode</a> (no)</b>
-              Run  the Postfix SMTP server in the non-standard "wrapper" mode,
-              instead of using the STARTTLS command.
+              Run the Postfix SMTP server in TLS "wrapper"  mode,  instead  of
+              using the STARTTLS command.
 
        <b><a href="postconf.5.html#tls_daemon_random_bytes">tls_daemon_random_bytes</a> (32)</b>
               The  number  of  pseudo-random bytes that an <a href="smtp.8.html"><b>smtp</b>(8)</a> or <a href="smtpd.8.html"><b>smtpd</b>(8)</a>
@@ -654,7 +651,7 @@ SMTPD(8)                                                              SMTPD(8)
 
        <b><a href="postconf.5.html#smtputf8_enable">smtputf8_enable</a> (yes)</b>
               Enable  preliminary SMTPUTF8 support for the protocols described
-              in <a href="https://tools.ietf.org/html/rfc6531">RFC 6531</a>..6533.
+              in <a href="https://tools.ietf.org/html/rfc6531">RFC 6531</a>, <a href="https://tools.ietf.org/html/rfc6532">RFC 6532</a>, and <a href="https://tools.ietf.org/html/rfc6533">RFC 6533</a>.
 
        <b><a href="postconf.5.html#strict_smtputf8">strict_smtputf8</a> (no)</b>
               Enable stricter enforcement of the SMTPUTF8 protocol.
@@ -777,12 +774,13 @@ SMTPD(8)                                                              SMTPD(8)
               mail delivery transport.
 
        <b><a href="postconf.5.html#inet_interfaces">inet_interfaces</a> (all)</b>
-              The network interface addresses that this mail  system  receives
-              mail on.
+              The  local  network  interface  addresses  that this mail system
+              receives mail on.
 
        <b><a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> (empty)</b>
-              The  network  interface addresses that this mail system receives
-              mail on by way of a proxy or network address translation unit.
+              The remote network interface addresses  that  this  mail  system
+              receives  mail  on by way of a proxy or network address transla-
+              tion unit.
 
        <b><a href="postconf.5.html#inet_protocols">inet_protocols</a> (see 'postconf -d output')</b>
               The Internet protocols Postfix will attempt to use  when  making
@@ -818,13 +816,13 @@ SMTPD(8)                                                              SMTPD(8)
        domains:
 
        <b><a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a> ($<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a>)</b>
-              Postfix  is  final destination for the specified list of virtual
-              alias domains, that is, domains  for  which  all  addresses  are
+              Postfix  is the final destination for the specified list of vir-
+              tual alias domains, that is, domains for which all addresses are
               aliased to addresses in other local or remote domains.
 
        <b><a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> ($<a href="postconf.5.html#virtual_maps">virtual_maps</a>)</b>
               Optional  lookup  tables  that  alias specific mail addresses or
-              domains to other local or remote address.
+              domains to other local or remote addresses.
 
        <b><a href="postconf.5.html#unknown_virtual_alias_reject_code">unknown_virtual_alias_reject_code</a> (550)</b>
               The Postfix SMTP server reply  code  when  a  recipient  address
@@ -836,9 +834,9 @@ SMTPD(8)                                                              SMTPD(8)
        domains:
 
        <b><a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a> ($<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>)</b>
-              Postfix is final destination for the specified list of  domains;
-              mail  is  delivered  via  the  $<a href="postconf.5.html#virtual_transport">virtual_transport</a>  mail delivery
-              transport.
+              Postfix is the final  destination  for  the  specified  list  of
+              domains;  mail  is  delivered  via  the  $<a href="postconf.5.html#virtual_transport">virtual_transport</a> mail
+              delivery transport.
 
        <b><a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a> (empty)</b>
               Optional lookup tables with all valid addresses in  the  domains

postfix/man/man8/smtpd.8

@@ -190,12 +190,9 @@ filtering, or address mapping.
 .PP
 Available in Postfix version 2.2 and later:
 .IP "\fBlocal_header_rewrite_clients (permit_inet_interfaces)\fR"
-Rewrite message header addresses in mail from these clients and
-update incomplete addresses with the domain name in $myorigin or
-$mydomain; either don't rewrite message headers from other clients
-at all, or rewrite message headers and update incomplete addresses
-with the domain specified in the remote_header_rewrite_domain
-parameter.
+Rewrite or add message headers in mail from these clients,
+updating incomplete addresses with the domain name in $myorigin or
+$mydomain, and adding missing headers.
 .SH "BEFORE-SMTPD PROXY AGENT"
 .na
 .nf
@@ -473,7 +470,7 @@ CommonName.
 With mandatory TLS encryption, require a trusted remote SMTP client
 certificate in order to allow TLS connections to proceed.
 .IP "\fBsmtpd_tls_wrappermode (no)\fR"
-Run the Postfix SMTP server in the non\-standard "wrapper" mode,
+Run the Postfix SMTP server in TLS "wrapper" mode,
 instead of using the STARTTLS command.
 .IP "\fBtls_daemon_random_bytes (32)\fR"
 The number of pseudo\-random bytes that an \fBsmtp\fR(8) or \fBsmtpd\fR(8)
@@ -584,7 +581,7 @@ cipher list.
 Preliminary SMTPUTF8 support is introduced with Postfix 3.0.
 .IP "\fBsmtputf8_enable (yes)\fR"
 Enable preliminary SMTPUTF8 support for the protocols described
-in RFC 6531..6533.
+in RFC 6531, RFC 6532, and RFC 6533.
 .IP "\fBstrict_smtputf8 (no)\fR"
 Enable stricter enforcement of the SMTPUTF8 protocol.
 .IP "\fBsmtputf8_autodetect_classes (sendmail, verify)\fR"
@@ -694,10 +691,10 @@ Parameters concerning known/unknown local recipients:
 The list of domains that are delivered via the $local_transport
 mail delivery transport.
 .IP "\fBinet_interfaces (all)\fR"
-The network interface addresses that this mail system receives
+The local network interface addresses that this mail system receives
 mail on.
 .IP "\fBproxy_interfaces (empty)\fR"
-The network interface addresses that this mail system receives mail
+The remote network interface addresses that this mail system receives mail
 on by way of a proxy or network address translation unit.
 .IP "\fBinet_protocols (see 'postconf -d output')\fR"
 The Internet protocols Postfix will attempt to use when making
@@ -726,12 +723,12 @@ a list of lookup tables that does not match the recipient address.
 Parameters concerning known/unknown recipients in virtual alias
 domains:
 .IP "\fBvirtual_alias_domains ($virtual_alias_maps)\fR"
-Postfix is final destination for the specified list of virtual
+Postfix is the final destination for the specified list of virtual
 alias domains, that is, domains for which all addresses are aliased
 to addresses in other local or remote domains.
 .IP "\fBvirtual_alias_maps ($virtual_maps)\fR"
 Optional lookup tables that alias specific mail addresses or domains
-to other local or remote address.
+to other local or remote addresses.
 .IP "\fBunknown_virtual_alias_reject_code (550)\fR"
 The Postfix SMTP server reply code when a recipient address matches
 $virtual_alias_domains, and $virtual_alias_maps specifies a list
@@ -740,7 +737,7 @@ of lookup tables that does not match the recipient address.
 Parameters concerning known/unknown recipients in virtual mailbox
 domains:
 .IP "\fBvirtual_mailbox_domains ($virtual_mailbox_maps)\fR"
-Postfix is final destination for the specified list of domains;
+Postfix is the final destination for the specified list of domains;
 mail is delivered via the $virtual_transport mail delivery transport.
 .IP "\fBvirtual_mailbox_maps (empty)\fR"
 Optional lookup tables with all valid addresses in the domains that

postfix/proto/MAILLOG_README.html

@@ -20,7 +20,7 @@ logging to file or stdout</h1>
 
 <h2>Overview </h2>
 
-<p> Postfix supports it own logging system as an alternative to
+<p> Postfix supports its own logging system as an alternative to
 syslog (which remains the default). This is available with Postfix
 version 3.4 or later. </p>
 

postfix/src/global/mail_version.h

@@ -20,7 +20,7 @@
   * Patches change both the patchlevel and the release date. Snapshots have no
   * patchlevel; they change the release date only.
   */
-#define MAIL_RELEASE_DATE	"20221023"
+#define MAIL_RELEASE_DATE	"20221207"
 #define MAIL_VERSION_NUMBER	"3.8"
 
 #ifdef SNAPSHOT

postfix/src/smtpd/smtpd.c

@@ -172,12 +172,9 @@
 /* .PP
 /*	Available in Postfix version 2.2 and later:
 /* .IP "\fBlocal_header_rewrite_clients (permit_inet_interfaces)\fR"
-/*	Rewrite message header addresses in mail from these clients and
-/*	update incomplete addresses with the domain name in $myorigin or
-/*	$mydomain; either don't rewrite message headers from other clients
-/*	at all, or rewrite message headers and update incomplete addresses
-/*	with the domain specified in the remote_header_rewrite_domain
-/*	parameter.
+/*	Rewrite or add message headers in mail from these clients,
+/*	updating incomplete addresses with the domain name in $myorigin or
+/*	$mydomain, and adding missing headers.
 /* BEFORE-SMTPD PROXY AGENT
 /* .ad
 /* .fi
@@ -439,7 +436,7 @@
 /*	With mandatory TLS encryption, require a trusted remote SMTP client
 /*	certificate in order to allow TLS connections to proceed.
 /* .IP "\fBsmtpd_tls_wrappermode (no)\fR"
-/*	Run the Postfix SMTP server in the non-standard "wrapper" mode,
+/*	Run the Postfix SMTP server in TLS "wrapper" mode,
 /*	instead of using the STARTTLS command.
 /* .IP "\fBtls_daemon_random_bytes (32)\fR"
 /*	The number of pseudo-random bytes that an \fBsmtp\fR(8) or \fBsmtpd\fR(8)
@@ -546,7 +543,7 @@
 /*	Preliminary SMTPUTF8 support is introduced with Postfix 3.0.
 /* .IP "\fBsmtputf8_enable (yes)\fR"
 /*	Enable preliminary SMTPUTF8 support for the protocols described
-/*	in RFC 6531..6533.
+/*	in RFC 6531, RFC 6532, and RFC 6533.
 /* .IP "\fBstrict_smtputf8 (no)\fR"
 /*	Enable stricter enforcement of the SMTPUTF8 protocol.
 /* .IP "\fBsmtputf8_autodetect_classes (sendmail, verify)\fR"
@@ -650,10 +647,10 @@
 /*	The list of domains that are delivered via the $local_transport
 /*	mail delivery transport.
 /* .IP "\fBinet_interfaces (all)\fR"
-/*	The network interface addresses that this mail system receives
+/*	The local network interface addresses that this mail system receives
 /*	mail on.
 /* .IP "\fBproxy_interfaces (empty)\fR"
-/*	The network interface addresses that this mail system receives mail
+/*	The remote network interface addresses that this mail system receives mail
 /*	on by way of a proxy or network address translation unit.
 /* .IP "\fBinet_protocols (see 'postconf -d output')\fR"
 /*	The Internet protocols Postfix will attempt to use when making
@@ -682,12 +679,12 @@
 /*	Parameters concerning known/unknown recipients in virtual alias
 /*	domains:
 /* .IP "\fBvirtual_alias_domains ($virtual_alias_maps)\fR"
-/*	Postfix is final destination for the specified list of virtual
+/*	Postfix is the final destination for the specified list of virtual
 /*	alias domains, that is, domains for which all addresses are aliased
 /*	to addresses in other local or remote domains.
 /* .IP "\fBvirtual_alias_maps ($virtual_maps)\fR"
 /*	Optional lookup tables that alias specific mail addresses or domains
-/*	to other local or remote address.
+/*	to other local or remote addresses.
 /* .IP "\fBunknown_virtual_alias_reject_code (550)\fR"
 /*	The Postfix SMTP server reply code when a recipient address matches
 /*	$virtual_alias_domains, and $virtual_alias_maps specifies a list
@@ -696,7 +693,7 @@
 /*	Parameters concerning known/unknown recipients in virtual mailbox
 /*	domains:
 /* .IP "\fBvirtual_mailbox_domains ($virtual_mailbox_maps)\fR"
-/*	Postfix is final destination for the specified list of domains;
+/*	Postfix is the final destination for the specified list of domains;
 /*	mail is delivered via the $virtual_transport mail delivery transport.
 /* .IP "\fBvirtual_mailbox_maps (empty)\fR"
 /*	Optional lookup tables with all valid addresses in the domains that

postfix/src/smtpd/smtpd_proxy.c

@@ -388,7 +388,7 @@ static int smtpd_proxy_connect(SMTPD_STATE *state)
      */
     server_xforward_features = 0;
     lines = STR(proxy->reply);
-    while ((words = mystrtok(&lines, "\n")) != 0) {
+    while ((words = mystrtok(&lines, "\r\n")) != 0) {
 	if (mystrtok(&words, "- ") && (word = mystrtok(&words, " \t")) != 0) {
 	    if (strcasecmp(word, XFORWARD_CMD) == 0)
 		while ((word = mystrtok(&words, " \t")) != 0)

postfix/src/tls/tls.h

@@ -647,6 +647,7 @@ extern TLS_TLSA *tlsa_prepend(TLS_TLSA *, uint8_t, uint8_t, uint8_t,
  /*
   * tls_fprint.c
   */
+extern const EVP_MD *tls_digest_byname(const char *, EVP_MD_CTX **);
 extern char *tls_digest_encode(const unsigned char *, int);
 extern char *tls_cert_fprint(X509 *, const char *);
 extern char *tls_pkey_fprint(X509 *, const char *);

postfix/src/tls/tls_client.c

@@ -324,6 +324,7 @@ static void verify_extract_name(TLS_SESS_STATE *TLScontext, X509 *peercert,
      * checks are now performed internally in OpenSSL.
      */
     if (SSL_get_verify_result(TLScontext->con) == X509_V_OK) {
+	TLScontext->peer_status |= TLS_CERT_FLAG_TRUSTED;
 	if (TLScontext->must_fail) {
 	    msg_panic("%s: cert valid despite trust init failure",
 		      TLScontext->namaddr);
@@ -352,8 +353,7 @@ static void verify_extract_name(TLS_SESS_STATE *TLScontext, X509 *peercert,
 			     TLScontext->namaddr, peername);
 		tls_dane_log(TLScontext);
 	    }
-	} else
-	    TLScontext->peer_status |= TLS_CERT_FLAG_TRUSTED;
+	}
     }
 
     /*

postfix/src/tls/tls_dane.c

@@ -823,7 +823,7 @@ int     tls_dane_enable(TLS_SESS_STATE *TLScontext)
 
 /* tls_dane_digest_init - configure supported DANE digests */
 
-void    tls_dane_digest_init(SSL_CTX *ctx, const EVP_MD * fpt_alg)
+void    tls_dane_digest_init(SSL_CTX *ctx, const EVP_MD *fpt_alg)
 {
     dane_mtype mtypes[256];
     char   *cp;
@@ -930,7 +930,7 @@ void    tls_dane_digest_init(SSL_CTX *ctx, const EVP_MD * fpt_alg)
 	}
 	mtypes[codepoint].ord = ++ord;
 
-	if ((mtypes[codepoint].alg = EVP_get_digestbyname(algname)) == 0) {
+	if ((mtypes[codepoint].alg = tls_digest_byname(algname, NULL)) == 0) {
 	    msg_warn("%s: digest algorithm \"%s\"(%d) unknown",
 		     VAR_TLS_DANE_DIGESTS, algname, codepoint);
 	    continue;
@@ -1132,11 +1132,11 @@ static void load_tlsa_args(SSL *ssl, char *argv[])
     case 0:
 	break;
     case 1:
-	if ((md = EVP_get_digestbyname(LN_sha256)) == 0)
+	if ((md = tls_digest_byname(LN_sha256, NULL)) == 0)
 	    msg_fatal("Digest %s not found", LN_sha256);
 	break;
     case 2:
-	if ((md = EVP_get_digestbyname(LN_sha512)) == 0)
+	if ((md = tls_digest_byname(LN_sha512, NULL)) == 0)
 	    msg_fatal("Digest %s not found", LN_sha512);
 	break;
     default:

postfix/src/tls/tls_fprint.c

@@ -6,6 +6,10 @@
 /* SYNOPSIS
 /*	#include <tls.h>
 /*
+/*	EVP_MD *tls_digest_byname(const char *mdalg, EVP_MD_CTX **mdctxPtr)
+/*	const char *mdalg;
+/*	EVP_MD_CTX **mdctxPtr;
+/*
 /*	char	*tls_serverid_digest(TLScontext, props, ciphers)
 /*	TLS_SESS_STATE *TLScontext;
 /*	const TLS_CLIENT_START_PROPS *props;
@@ -23,6 +27,13 @@
 /*	X509	*peercert;
 /*	const char *mdalg;
 /* DESCRIPTION
+/*	tls_digest_byname() constructs, and optionally returns, an EVP_MD_CTX
+/*	handle for performing digest operations with the algorithm named by the
+/*	mdalg parameter.  The return value is non-null on success, and holds a
+/*	digest algorithm handle.  If the mdctxPtr argument is non-null the
+/*	created context is returned to the caller, who is then responsible for
+/*	deleting it by calling EVP_MD_ctx_free() once it is no longer needed.
+/*
 /*	tls_digest_encode() converts a binary message digest to a hex ASCII
 /*	format with ':' separators between each pair of hex digits.
 /*	The return value is dynamically allocated with mymalloc(),
@@ -50,6 +61,8 @@
 /*	free it with myfree().
 /*
 /*	Arguments:
+/* .IP mdalg
+/*	A digest algorithm name, such as "sha256".
 /* .IP peercert
 /*	Server or client X.509 certificate.
 /* .IP md_buf
@@ -60,6 +73,9 @@
 /*	Name of a message digest algorithm suitable for computing secure
 /*	(1st pre-image resistant) message digests of certificates. For now,
 /*	md5, sha1, or member of SHA-2 family if supported by OpenSSL.
+/* .IP mdctxPtr
+/*	Pointer to an (EVP_MD_CTX *) handle, or NULL if only probing for
+/*	algorithm support without immediate use in mind.
 /* .IP buf
 /*	Input data for the message digest algorithm mdalg.
 /* .IP len
@@ -114,7 +130,7 @@
 
 static const char hexcodes[] = "0123456789ABCDEF";
 
-#define checkok(ret)	(ok &= ((ret) ? 1 : 0))
+#define checkok(stillok) (ok = ok && (stillok))
 #define digest_object(p) digest_data((unsigned char *)(p), sizeof(*(p)))
 #define digest_data(p, l) checkok(digest_bytes(mdctx, (p), (l)))
 #define digest_string(s) checkok(digest_chars(mdctx, (s)))
@@ -182,6 +198,44 @@ static int tls_digest_tlsa(EVP_MD_CTX *mdctx, TLS_TLSA *tlsa)
     return (ok);
 }
 
+/* tls_digest_byname - test availability or prepare to use digest */
+
+const EVP_MD *tls_digest_byname(const char *mdalg, EVP_MD_CTX **mdctxPtr)
+{
+    const EVP_MD *md;
+    EVP_MD_CTX *mdctx = NULL;
+    int     ok = 1;
+
+    /*
+     * In OpenSSL 3.0, because of dynamically variable algorithm providers,
+     * there is a time-of-check/time-of-use issue that means that abstract
+     * algorithm handles returned by EVP_get_digestbyname() can (and not
+     * infrequently do) return ultimately unusable algorithms, to check for
+     * actual availability, one needs to use the new EVP_MD_fetch() API, or
+     * indirectly check usability by creating a concrete context. We take the
+     * latter approach here (works for 1.1.1 without #ifdef).
+     * 
+     * Note that EVP_MD_CTX_{create,destroy} were renamed to, respectively,
+     * EVP_MD_CTX_{new,free} in OpenSSL 1.1.0.
+     */
+    checkok(md = EVP_get_digestbyname(mdalg));
+
+    /*
+     * Sanity check: Newer shared libraries could (hypothentical ABI break)
+     * allow larger digests, we avoid such poison algorithms.
+     */
+    checkok(EVP_MD_size(md) <= EVP_MAX_MD_SIZE);
+    checkok(mdctx = EVP_MD_CTX_new());
+    checkok(EVP_DigestInit_ex(mdctx, md, NULL));
+
+
+    if (ok && mdctxPtr != 0)
+	*mdctxPtr = mdctx;
+    else
+	EVP_MD_CTX_free(mdctx);
+    return (ok ? md : 0);
+}
+
 /* tls_serverid_digest - suffix props->serverid with parameter digest */
 
 char   *tls_serverid_digest(TLS_SESS_STATE *TLScontext,
@@ -189,7 +243,6 @@ char   *tls_serverid_digest(TLS_SESS_STATE *TLScontext,
 			            const char *ciphers)
 {
     EVP_MD_CTX *mdctx;
-    const EVP_MD *md;
     const char *mdalg;
     unsigned char md_buf[EVP_MAX_MD_SIZE];
     unsigned int md_len;
@@ -205,17 +258,17 @@ char   *tls_serverid_digest(TLS_SESS_STATE *TLScontext,
      * default digest, but DANE requires sha256 and sha512, so if we must
      * fall back to our default digest, DANE support won't be available.  We
      * panic if the fallback algorithm is not available, as it was verified
-     * available in tls_client_init() and must not simply vanish.
+     * available in tls_client_init() and must not simply vanish.  Our
+     * provider set is not expected to change once the OpenSSL library is
+     * initialised.
      */
-    if ((md = EVP_get_digestbyname(mdalg = "sha256")) == 0
-	&& (md = EVP_get_digestbyname(mdalg = props->mdalg)) == 0)
-	msg_panic("digest algorithm \"%s\" not found", mdalg);
+    if (tls_digest_byname(mdalg = LN_sha256, &mdctx) == 0
+	&& tls_digest_byname(mdalg = props->mdalg, &mdctx) == 0)
+	msg_panic("digest algorithm \"%s\" not found", props->mdalg);
 
     /* Salt the session lookup key with the OpenSSL runtime version. */
     sslversion = OpenSSL_version_num();
 
-    mdctx = EVP_MD_CTX_create();
-    checkok(EVP_DigestInit_ex(mdctx, md, NULL));
     digest_string(props->helo ? props->helo : "");
     digest_object(&sslversion);
     digest_string(props->protocols);
@@ -306,18 +359,15 @@ char   *tls_digest_encode(const unsigned char *md_buf, int md_len)
 
 static char *tls_data_fprint(const unsigned char *buf, int len, const char *mdalg)
 {
-    EVP_MD_CTX *mdctx;
-    const EVP_MD *md;
+    EVP_MD_CTX *mdctx = NULL;
     unsigned char md_buf[EVP_MAX_MD_SIZE];
     unsigned int md_len;
     int     ok = 1;
 
     /* Previously available in "init" routine. */
-    if ((md = EVP_get_digestbyname(mdalg)) == 0)
+    if (tls_digest_byname(mdalg, &mdctx) == 0)
 	msg_panic("digest algorithm \"%s\" not found", mdalg);
 
-    mdctx = EVP_MD_CTX_create();
-    checkok(EVP_DigestInit_ex(mdctx, md, NULL));
     digest_data(buf, len);
     checkok(EVP_DigestFinal_ex(mdctx, md_buf, &md_len));
     EVP_MD_CTX_destroy(mdctx);

postfix/src/tls/tls_misc.c

@@ -1575,25 +1575,13 @@ long    tls_bio_dump_cb(BIO *bio, int cmd, const char *argp, size_t len,
 const EVP_MD *tls_validate_digest(const char *dgst)
 {
     const EVP_MD *md_alg;
-    unsigned int md_len;
 
     /*
      * If the administrator specifies an unsupported digest algorithm, fail
      * now, rather than in the middle of a TLS handshake.
      */
-    if ((md_alg = EVP_get_digestbyname(dgst)) == 0) {
+    if ((md_alg = tls_digest_byname(dgst, NULL)) == 0)
 	msg_warn("Digest algorithm \"%s\" not found", dgst);
-	return (0);
-    }
-
-    /*
-     * Sanity check: Newer shared libraries may use larger digests.
-     */
-    if ((md_len = EVP_MD_size(md_alg)) > EVP_MAX_MD_SIZE) {
-	msg_warn("Digest algorithm \"%s\" output size %u too large",
-		 dgst, md_len);
-	return (0);
-    }
     return md_alg;
 }