mirror of
https://github.com/vdukhovni/postfix
synced 2025-08-22 09:57:34 +00:00
postfix-3.11-20250808
This commit is contained in:
parent
643c8e5e85
commit
5c253cc5c9
@ -29556,6 +29556,15 @@ Apologies for any names omitted.
|
|||||||
|
|
||||||
20250807
|
20250807
|
||||||
|
|
||||||
Bugfix (defect introduced: 20250803): "TLS-Required: no" was
|
Bugfix (defect introduced: 20250803): "TLS-Required: no"
|
||||||
no longer in effect for LMTP deliveries. Viktor Dukhovni.
|
was no longer in effect for deliveries over UNIX-domain
|
||||||
|
sockets (which are supported for LMTP only). Viktor Dukhovni.
|
||||||
File: smtp/smtp_connect.c.
|
File: smtp/smtp_connect.c.
|
||||||
|
|
||||||
|
20250808
|
||||||
|
|
||||||
|
Cleanup: simplify the code to determine if "TLS-Required:
|
||||||
|
no" is in effect, and improve the tls_required_enable
|
||||||
|
documentation. This will be back-ported to Postfix 3.10.
|
||||||
|
Files: Makefile.in, smtp/smtp.h smtp/smtp_connect.c,
|
||||||
|
smtp/smtp_tls_policy.c, proto/postconf.proto.
|
||||||
|
@ -20846,7 +20846,8 @@ gives timeout errors. </p>
|
|||||||
|
|
||||||
<p> Enable support for the "TLS-Required: no" message header, defined
|
<p> Enable support for the "TLS-Required: no" message header, defined
|
||||||
in <a href="https://tools.ietf.org/html/rfc8689">RFC 8689</a>. By adding this header to a message, a sender requests
|
in <a href="https://tools.ietf.org/html/rfc8689">RFC 8689</a>. By adding this header to a message, a sender requests
|
||||||
no enforcement of TLS policy. This limits the Postfix SMTP client
|
no enforcement of TLS policy. This disables TLS policy lookup, and
|
||||||
|
limits the Postfix SMTP client
|
||||||
TLS security level to "may", that is, do not verify remote SMTP
|
TLS security level to "may", that is, do not verify remote SMTP
|
||||||
server certificates, and fall back to plaintext if TLS is unavailable.
|
server certificates, and fall back to plaintext if TLS is unavailable.
|
||||||
If a message contains a "TLS-Required: no" header, then Postfix
|
If a message contains a "TLS-Required: no" header, then Postfix
|
||||||
|
@ -14581,7 +14581,8 @@ This feature is available in Postfix 2.2 and later.
|
|||||||
.SH tls_required_enable (default: yes)
|
.SH tls_required_enable (default: yes)
|
||||||
Enable support for the "TLS\-Required: no" message header, defined
|
Enable support for the "TLS\-Required: no" message header, defined
|
||||||
in RFC 8689. By adding this header to a message, a sender requests
|
in RFC 8689. By adding this header to a message, a sender requests
|
||||||
no enforcement of TLS policy. This limits the Postfix SMTP client
|
no enforcement of TLS policy. This disables TLS policy lookup, and
|
||||||
|
limits the Postfix SMTP client
|
||||||
TLS security level to "may", that is, do not verify remote SMTP
|
TLS security level to "may", that is, do not verify remote SMTP
|
||||||
server certificates, and fall back to plaintext if TLS is unavailable.
|
server certificates, and fall back to plaintext if TLS is unavailable.
|
||||||
If a message contains a "TLS\-Required: no" header, then Postfix
|
If a message contains a "TLS\-Required: no" header, then Postfix
|
||||||
|
@ -19616,7 +19616,8 @@ including the netstring encapsulation. </p>
|
|||||||
|
|
||||||
<p> Enable support for the "TLS-Required: no" message header, defined
|
<p> Enable support for the "TLS-Required: no" message header, defined
|
||||||
in RFC 8689. By adding this header to a message, a sender requests
|
in RFC 8689. By adding this header to a message, a sender requests
|
||||||
no enforcement of TLS policy. This limits the Postfix SMTP client
|
no enforcement of TLS policy. This disables TLS policy lookup, and
|
||||||
|
limits the Postfix SMTP client
|
||||||
TLS security level to "may", that is, do not verify remote SMTP
|
TLS security level to "may", that is, do not verify remote SMTP
|
||||||
server certificates, and fall back to plaintext if TLS is unavailable.
|
server certificates, and fall back to plaintext if TLS is unavailable.
|
||||||
If a message contains a "TLS-Required: no" header, then Postfix
|
If a message contains a "TLS-Required: no" header, then Postfix
|
||||||
|
@ -20,7 +20,7 @@
|
|||||||
* Patches change both the patchlevel and the release date. Snapshots have no
|
* Patches change both the patchlevel and the release date. Snapshots have no
|
||||||
* patchlevel; they change the release date only.
|
* patchlevel; they change the release date only.
|
||||||
*/
|
*/
|
||||||
#define MAIL_RELEASE_DATE "20250807"
|
#define MAIL_RELEASE_DATE "20250808"
|
||||||
#define MAIL_VERSION_NUMBER "3.11"
|
#define MAIL_VERSION_NUMBER "3.11"
|
||||||
|
|
||||||
#ifdef SNAPSHOT
|
#ifdef SNAPSHOT
|
||||||
|
@ -113,6 +113,7 @@ smtp.o: ../../include/nvtable.h
|
|||||||
smtp.o: ../../include/recipient_list.h
|
smtp.o: ../../include/recipient_list.h
|
||||||
smtp.o: ../../include/resolve_clnt.h
|
smtp.o: ../../include/resolve_clnt.h
|
||||||
smtp.o: ../../include/scache.h
|
smtp.o: ../../include/scache.h
|
||||||
|
smtp.o: ../../include/sendopts.h
|
||||||
smtp.o: ../../include/sock_addr.h
|
smtp.o: ../../include/sock_addr.h
|
||||||
smtp.o: ../../include/string_list.h
|
smtp.o: ../../include/string_list.h
|
||||||
smtp.o: ../../include/stringops.h
|
smtp.o: ../../include/stringops.h
|
||||||
@ -158,6 +159,7 @@ smtp_addr.o: ../../include/own_inet_addr.h
|
|||||||
smtp_addr.o: ../../include/recipient_list.h
|
smtp_addr.o: ../../include/recipient_list.h
|
||||||
smtp_addr.o: ../../include/resolve_clnt.h
|
smtp_addr.o: ../../include/resolve_clnt.h
|
||||||
smtp_addr.o: ../../include/scache.h
|
smtp_addr.o: ../../include/scache.h
|
||||||
|
smtp_addr.o: ../../include/sendopts.h
|
||||||
smtp_addr.o: ../../include/sock_addr.h
|
smtp_addr.o: ../../include/sock_addr.h
|
||||||
smtp_addr.o: ../../include/string_list.h
|
smtp_addr.o: ../../include/string_list.h
|
||||||
smtp_addr.o: ../../include/stringops.h
|
smtp_addr.o: ../../include/stringops.h
|
||||||
@ -304,6 +306,7 @@ smtp_key.o: ../../include/nvtable.h
|
|||||||
smtp_key.o: ../../include/recipient_list.h
|
smtp_key.o: ../../include/recipient_list.h
|
||||||
smtp_key.o: ../../include/resolve_clnt.h
|
smtp_key.o: ../../include/resolve_clnt.h
|
||||||
smtp_key.o: ../../include/scache.h
|
smtp_key.o: ../../include/scache.h
|
||||||
|
smtp_key.o: ../../include/sendopts.h
|
||||||
smtp_key.o: ../../include/sock_addr.h
|
smtp_key.o: ../../include/sock_addr.h
|
||||||
smtp_key.o: ../../include/string_list.h
|
smtp_key.o: ../../include/string_list.h
|
||||||
smtp_key.o: ../../include/sys_defs.h
|
smtp_key.o: ../../include/sys_defs.h
|
||||||
@ -344,6 +347,7 @@ smtp_map11.o: ../../include/quote_flags.h
|
|||||||
smtp_map11.o: ../../include/recipient_list.h
|
smtp_map11.o: ../../include/recipient_list.h
|
||||||
smtp_map11.o: ../../include/resolve_clnt.h
|
smtp_map11.o: ../../include/resolve_clnt.h
|
||||||
smtp_map11.o: ../../include/scache.h
|
smtp_map11.o: ../../include/scache.h
|
||||||
|
smtp_map11.o: ../../include/sendopts.h
|
||||||
smtp_map11.o: ../../include/sock_addr.h
|
smtp_map11.o: ../../include/sock_addr.h
|
||||||
smtp_map11.o: ../../include/string_list.h
|
smtp_map11.o: ../../include/string_list.h
|
||||||
smtp_map11.o: ../../include/sys_defs.h
|
smtp_map11.o: ../../include/sys_defs.h
|
||||||
@ -384,6 +388,7 @@ smtp_misc.o: ../../include/quote_flags.h
|
|||||||
smtp_misc.o: ../../include/recipient_list.h
|
smtp_misc.o: ../../include/recipient_list.h
|
||||||
smtp_misc.o: ../../include/resolve_clnt.h
|
smtp_misc.o: ../../include/resolve_clnt.h
|
||||||
smtp_misc.o: ../../include/scache.h
|
smtp_misc.o: ../../include/scache.h
|
||||||
|
smtp_misc.o: ../../include/sendopts.h
|
||||||
smtp_misc.o: ../../include/sock_addr.h
|
smtp_misc.o: ../../include/sock_addr.h
|
||||||
smtp_misc.o: ../../include/string_list.h
|
smtp_misc.o: ../../include/string_list.h
|
||||||
smtp_misc.o: ../../include/sys_defs.h
|
smtp_misc.o: ../../include/sys_defs.h
|
||||||
@ -491,6 +496,7 @@ smtp_rcpt.o: ../../include/nvtable.h
|
|||||||
smtp_rcpt.o: ../../include/recipient_list.h
|
smtp_rcpt.o: ../../include/recipient_list.h
|
||||||
smtp_rcpt.o: ../../include/resolve_clnt.h
|
smtp_rcpt.o: ../../include/resolve_clnt.h
|
||||||
smtp_rcpt.o: ../../include/scache.h
|
smtp_rcpt.o: ../../include/scache.h
|
||||||
|
smtp_rcpt.o: ../../include/sendopts.h
|
||||||
smtp_rcpt.o: ../../include/sent.h
|
smtp_rcpt.o: ../../include/sent.h
|
||||||
smtp_rcpt.o: ../../include/sock_addr.h
|
smtp_rcpt.o: ../../include/sock_addr.h
|
||||||
smtp_rcpt.o: ../../include/string_list.h
|
smtp_rcpt.o: ../../include/string_list.h
|
||||||
@ -530,6 +536,7 @@ smtp_reuse.o: ../../include/nvtable.h
|
|||||||
smtp_reuse.o: ../../include/recipient_list.h
|
smtp_reuse.o: ../../include/recipient_list.h
|
||||||
smtp_reuse.o: ../../include/resolve_clnt.h
|
smtp_reuse.o: ../../include/resolve_clnt.h
|
||||||
smtp_reuse.o: ../../include/scache.h
|
smtp_reuse.o: ../../include/scache.h
|
||||||
|
smtp_reuse.o: ../../include/sendopts.h
|
||||||
smtp_reuse.o: ../../include/sock_addr.h
|
smtp_reuse.o: ../../include/sock_addr.h
|
||||||
smtp_reuse.o: ../../include/string_list.h
|
smtp_reuse.o: ../../include/string_list.h
|
||||||
smtp_reuse.o: ../../include/stringops.h
|
smtp_reuse.o: ../../include/stringops.h
|
||||||
@ -572,6 +579,7 @@ smtp_sasl_auth_cache.o: ../../include/nvtable.h
|
|||||||
smtp_sasl_auth_cache.o: ../../include/recipient_list.h
|
smtp_sasl_auth_cache.o: ../../include/recipient_list.h
|
||||||
smtp_sasl_auth_cache.o: ../../include/resolve_clnt.h
|
smtp_sasl_auth_cache.o: ../../include/resolve_clnt.h
|
||||||
smtp_sasl_auth_cache.o: ../../include/scache.h
|
smtp_sasl_auth_cache.o: ../../include/scache.h
|
||||||
|
smtp_sasl_auth_cache.o: ../../include/sendopts.h
|
||||||
smtp_sasl_auth_cache.o: ../../include/sock_addr.h
|
smtp_sasl_auth_cache.o: ../../include/sock_addr.h
|
||||||
smtp_sasl_auth_cache.o: ../../include/string_list.h
|
smtp_sasl_auth_cache.o: ../../include/string_list.h
|
||||||
smtp_sasl_auth_cache.o: ../../include/stringops.h
|
smtp_sasl_auth_cache.o: ../../include/stringops.h
|
||||||
@ -613,6 +621,7 @@ smtp_sasl_glue.o: ../../include/nvtable.h
|
|||||||
smtp_sasl_glue.o: ../../include/recipient_list.h
|
smtp_sasl_glue.o: ../../include/recipient_list.h
|
||||||
smtp_sasl_glue.o: ../../include/resolve_clnt.h
|
smtp_sasl_glue.o: ../../include/resolve_clnt.h
|
||||||
smtp_sasl_glue.o: ../../include/scache.h
|
smtp_sasl_glue.o: ../../include/scache.h
|
||||||
|
smtp_sasl_glue.o: ../../include/sendopts.h
|
||||||
smtp_sasl_glue.o: ../../include/smtp_stream.h
|
smtp_sasl_glue.o: ../../include/smtp_stream.h
|
||||||
smtp_sasl_glue.o: ../../include/sock_addr.h
|
smtp_sasl_glue.o: ../../include/sock_addr.h
|
||||||
smtp_sasl_glue.o: ../../include/split_at.h
|
smtp_sasl_glue.o: ../../include/split_at.h
|
||||||
@ -657,6 +666,7 @@ smtp_sasl_proto.o: ../../include/recipient_list.h
|
|||||||
smtp_sasl_proto.o: ../../include/resolve_clnt.h
|
smtp_sasl_proto.o: ../../include/resolve_clnt.h
|
||||||
smtp_sasl_proto.o: ../../include/sasl_mech_filter.h
|
smtp_sasl_proto.o: ../../include/sasl_mech_filter.h
|
||||||
smtp_sasl_proto.o: ../../include/scache.h
|
smtp_sasl_proto.o: ../../include/scache.h
|
||||||
|
smtp_sasl_proto.o: ../../include/sendopts.h
|
||||||
smtp_sasl_proto.o: ../../include/sock_addr.h
|
smtp_sasl_proto.o: ../../include/sock_addr.h
|
||||||
smtp_sasl_proto.o: ../../include/string_list.h
|
smtp_sasl_proto.o: ../../include/string_list.h
|
||||||
smtp_sasl_proto.o: ../../include/stringops.h
|
smtp_sasl_proto.o: ../../include/stringops.h
|
||||||
@ -697,6 +707,7 @@ smtp_session.o: ../../include/nvtable.h
|
|||||||
smtp_session.o: ../../include/recipient_list.h
|
smtp_session.o: ../../include/recipient_list.h
|
||||||
smtp_session.o: ../../include/resolve_clnt.h
|
smtp_session.o: ../../include/resolve_clnt.h
|
||||||
smtp_session.o: ../../include/scache.h
|
smtp_session.o: ../../include/scache.h
|
||||||
|
smtp_session.o: ../../include/sendopts.h
|
||||||
smtp_session.o: ../../include/sock_addr.h
|
smtp_session.o: ../../include/sock_addr.h
|
||||||
smtp_session.o: ../../include/string_list.h
|
smtp_session.o: ../../include/string_list.h
|
||||||
smtp_session.o: ../../include/stringops.h
|
smtp_session.o: ../../include/stringops.h
|
||||||
@ -737,6 +748,7 @@ smtp_state.o: ../../include/nvtable.h
|
|||||||
smtp_state.o: ../../include/recipient_list.h
|
smtp_state.o: ../../include/recipient_list.h
|
||||||
smtp_state.o: ../../include/resolve_clnt.h
|
smtp_state.o: ../../include/resolve_clnt.h
|
||||||
smtp_state.o: ../../include/scache.h
|
smtp_state.o: ../../include/scache.h
|
||||||
|
smtp_state.o: ../../include/sendopts.h
|
||||||
smtp_state.o: ../../include/sock_addr.h
|
smtp_state.o: ../../include/sock_addr.h
|
||||||
smtp_state.o: ../../include/string_list.h
|
smtp_state.o: ../../include/string_list.h
|
||||||
smtp_state.o: ../../include/sys_defs.h
|
smtp_state.o: ../../include/sys_defs.h
|
||||||
@ -778,6 +790,7 @@ smtp_tls_policy.o: ../../include/recipient_list.h
|
|||||||
smtp_tls_policy.o: ../../include/resolve_clnt.h
|
smtp_tls_policy.o: ../../include/resolve_clnt.h
|
||||||
smtp_tls_policy.o: ../../include/sane_strtol.h
|
smtp_tls_policy.o: ../../include/sane_strtol.h
|
||||||
smtp_tls_policy.o: ../../include/scache.h
|
smtp_tls_policy.o: ../../include/scache.h
|
||||||
|
smtp_tls_policy.o: ../../include/sendopts.h
|
||||||
smtp_tls_policy.o: ../../include/sock_addr.h
|
smtp_tls_policy.o: ../../include/sock_addr.h
|
||||||
smtp_tls_policy.o: ../../include/string_list.h
|
smtp_tls_policy.o: ../../include/string_list.h
|
||||||
smtp_tls_policy.o: ../../include/stringops.h
|
smtp_tls_policy.o: ../../include/stringops.h
|
||||||
@ -821,6 +834,7 @@ smtp_tlsrpt.o: ../../include/nvtable.h
|
|||||||
smtp_tlsrpt.o: ../../include/recipient_list.h
|
smtp_tlsrpt.o: ../../include/recipient_list.h
|
||||||
smtp_tlsrpt.o: ../../include/resolve_clnt.h
|
smtp_tlsrpt.o: ../../include/resolve_clnt.h
|
||||||
smtp_tlsrpt.o: ../../include/scache.h
|
smtp_tlsrpt.o: ../../include/scache.h
|
||||||
|
smtp_tlsrpt.o: ../../include/sendopts.h
|
||||||
smtp_tlsrpt.o: ../../include/sock_addr.h
|
smtp_tlsrpt.o: ../../include/sock_addr.h
|
||||||
smtp_tlsrpt.o: ../../include/string_list.h
|
smtp_tlsrpt.o: ../../include/string_list.h
|
||||||
smtp_tlsrpt.o: ../../include/stringops.h
|
smtp_tlsrpt.o: ../../include/stringops.h
|
||||||
@ -864,6 +878,7 @@ smtp_trouble.o: ../../include/nvtable.h
|
|||||||
smtp_trouble.o: ../../include/recipient_list.h
|
smtp_trouble.o: ../../include/recipient_list.h
|
||||||
smtp_trouble.o: ../../include/resolve_clnt.h
|
smtp_trouble.o: ../../include/resolve_clnt.h
|
||||||
smtp_trouble.o: ../../include/scache.h
|
smtp_trouble.o: ../../include/scache.h
|
||||||
|
smtp_trouble.o: ../../include/sendopts.h
|
||||||
smtp_trouble.o: ../../include/smtp_stream.h
|
smtp_trouble.o: ../../include/smtp_stream.h
|
||||||
smtp_trouble.o: ../../include/sock_addr.h
|
smtp_trouble.o: ../../include/sock_addr.h
|
||||||
smtp_trouble.o: ../../include/string_list.h
|
smtp_trouble.o: ../../include/string_list.h
|
||||||
@ -903,6 +918,7 @@ smtp_unalias.o: ../../include/nvtable.h
|
|||||||
smtp_unalias.o: ../../include/recipient_list.h
|
smtp_unalias.o: ../../include/recipient_list.h
|
||||||
smtp_unalias.o: ../../include/resolve_clnt.h
|
smtp_unalias.o: ../../include/resolve_clnt.h
|
||||||
smtp_unalias.o: ../../include/scache.h
|
smtp_unalias.o: ../../include/scache.h
|
||||||
|
smtp_unalias.o: ../../include/sendopts.h
|
||||||
smtp_unalias.o: ../../include/sock_addr.h
|
smtp_unalias.o: ../../include/sock_addr.h
|
||||||
smtp_unalias.o: ../../include/string_list.h
|
smtp_unalias.o: ../../include/string_list.h
|
||||||
smtp_unalias.o: ../../include/sys_defs.h
|
smtp_unalias.o: ../../include/sys_defs.h
|
||||||
|
@ -32,6 +32,7 @@
|
|||||||
#include <tok822.h>
|
#include <tok822.h>
|
||||||
#include <dsn_buf.h>
|
#include <dsn_buf.h>
|
||||||
#include <header_body_checks.h>
|
#include <header_body_checks.h>
|
||||||
|
#include <sendopts.h>
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Postfix TLS library.
|
* Postfix TLS library.
|
||||||
@ -59,9 +60,6 @@ typedef struct SMTP_ITERATOR {
|
|||||||
VSTRING *host; /* hostname or empty */
|
VSTRING *host; /* hostname or empty */
|
||||||
VSTRING *addr; /* printable address or empty */
|
VSTRING *addr; /* printable address or empty */
|
||||||
unsigned port; /* network byte order or null */
|
unsigned port; /* network byte order or null */
|
||||||
#ifdef USE_TLS
|
|
||||||
int tlsreqno; /* "TLS-Required: no" */
|
|
||||||
#endif
|
|
||||||
struct DNS_RR *rr; /* DNS resource record or null */
|
struct DNS_RR *rr; /* DNS resource record or null */
|
||||||
struct DNS_RR *mx; /* DNS resource record or null */
|
struct DNS_RR *mx; /* DNS resource record or null */
|
||||||
/* Private members. */
|
/* Private members. */
|
||||||
@ -69,18 +67,11 @@ typedef struct SMTP_ITERATOR {
|
|||||||
struct SMTP_STATE *parent; /* parent linkage */
|
struct SMTP_STATE *parent; /* parent linkage */
|
||||||
} SMTP_ITERATOR;
|
} SMTP_ITERATOR;
|
||||||
|
|
||||||
#ifdef USE_TLS
|
|
||||||
#define IF_USE_TLS(...) (__VA_ARGS__)
|
|
||||||
#else
|
|
||||||
#define IF_USE_TLS(...)
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#define SMTP_ITER_INIT(iter, _dest, _host, _addr, _port, state) do { \
|
#define SMTP_ITER_INIT(iter, _dest, _host, _addr, _port, state) do { \
|
||||||
vstring_strcpy((iter)->dest, (_dest)); \
|
vstring_strcpy((iter)->dest, (_dest)); \
|
||||||
vstring_strcpy((iter)->host, (_host)); \
|
vstring_strcpy((iter)->host, (_host)); \
|
||||||
vstring_strcpy((iter)->addr, (_addr)); \
|
vstring_strcpy((iter)->addr, (_addr)); \
|
||||||
(iter)->port = (_port); \
|
(iter)->port = (_port); \
|
||||||
IF_USE_TLS((iter)->tlsreqno = 0); \
|
|
||||||
(iter)->mx = (iter)->rr = 0; \
|
(iter)->mx = (iter)->rr = 0; \
|
||||||
vstring_strcpy((iter)->saved_dest, ""); \
|
vstring_strcpy((iter)->saved_dest, ""); \
|
||||||
(iter)->parent = (state); \
|
(iter)->parent = (state); \
|
||||||
@ -248,6 +239,12 @@ typedef struct SMTP_STATE {
|
|||||||
unsigned logged_line_length_limit:1;
|
unsigned logged_line_length_limit:1;
|
||||||
} SMTP_STATE;
|
} SMTP_STATE;
|
||||||
|
|
||||||
|
#ifdef USE_TLS
|
||||||
|
#define STATE_TLS_NOT_REQUIRED(state) \
|
||||||
|
(var_tls_required_enable && \
|
||||||
|
((state)->request->sendopts & SOPT_REQUIRETLS_HEADER))
|
||||||
|
#endif
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Primitives to enable/disable/test connection caching and reuse based on
|
* Primitives to enable/disable/test connection caching and reuse based on
|
||||||
* the delivery request next-hop destination (i.e. not smtp_fallback_relay).
|
* the delivery request next-hop destination (i.e. not smtp_fallback_relay).
|
||||||
|
@ -575,24 +575,6 @@ static void smtp_connect_local(SMTP_STATE *state, const char *path)
|
|||||||
|
|
||||||
SMTP_ITER_INIT(iter, path, var_myhostname, path, NO_PORT, state);
|
SMTP_ITER_INIT(iter, path, var_myhostname, path, NO_PORT, state);
|
||||||
|
|
||||||
/*
|
|
||||||
* If a "TLS-Required: no" header is in effect, update the iterator to
|
|
||||||
* override TLS policy selection and to limit the security level to
|
|
||||||
* "may". Do not reset the security level after policy selection, as that
|
|
||||||
* would result in errors. For example, when TLSA records are looked up
|
|
||||||
* for security level "dane", and then the security level is reset to
|
|
||||||
* "may", the activation of those TLSA records will fail.
|
|
||||||
*
|
|
||||||
* Note that the REQUIRETLS verb in ESMTP overrides the "TLS-Required: no"
|
|
||||||
* header.
|
|
||||||
*/
|
|
||||||
#ifdef USE_TLS
|
|
||||||
if (var_tls_required_enable
|
|
||||||
&& (state->request->sendopts & SOPT_REQUIRETLS_HEADER)) {
|
|
||||||
iter->tlsreqno = 1;
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Opportunistic TLS for unix domain sockets does not make much sense,
|
* Opportunistic TLS for unix domain sockets does not make much sense,
|
||||||
* since the channel is private, mere encryption without authentication
|
* since the channel is private, mere encryption without authentication
|
||||||
@ -600,9 +582,9 @@ static void smtp_connect_local(SMTP_STATE *state, const char *path)
|
|||||||
* willing to retry after TLS handshake failures here, we downgrade "may"
|
* willing to retry after TLS handshake failures here, we downgrade "may"
|
||||||
* no "none". Nothing is lost, and much waste is avoided.
|
* no "none". Nothing is lost, and much waste is avoided.
|
||||||
*
|
*
|
||||||
* We don't know who is authenticating whom, so if a client cert is
|
* If a client cert is available, "encrypt" may be a sensible policy.
|
||||||
* available, "encrypt" may be a sensible policy. Otherwise, we also
|
* Without client cert, "encrypt" and "may" over UNIX-domain sockets are
|
||||||
* downgrade "encrypt" to "none", this time just to avoid waste.
|
* not useful.
|
||||||
*
|
*
|
||||||
* We use smtp_reuse_nexthop() instead of smtp_reuse_addr(), so that we can
|
* We use smtp_reuse_nexthop() instead of smtp_reuse_addr(), so that we can
|
||||||
* reuse a SASL-authenticated connection (however unlikely this scenario
|
* reuse a SASL-authenticated connection (however unlikely this scenario
|
||||||
@ -970,24 +952,6 @@ static void smtp_connect_inet(SMTP_STATE *state, const char *nexthop,
|
|||||||
|
|
||||||
SMTP_ITER_INIT(iter, dest, NO_HOST, NO_ADDR, port, state);
|
SMTP_ITER_INIT(iter, dest, NO_HOST, NO_ADDR, port, state);
|
||||||
|
|
||||||
/*
|
|
||||||
* If a "TLS-Required: no" header is in effect, update the iterator
|
|
||||||
* to override TLS policy selection and to limit the security level
|
|
||||||
* to "may". Do not reset the security level after policy selection,
|
|
||||||
* as that would result in errors. For example, when TLSA records are
|
|
||||||
* looked up for security level "dane", and then the security level
|
|
||||||
* is reset to "may", the activation of those TLSA records will fail.
|
|
||||||
*
|
|
||||||
* Note that the REQUIRETLS verb in ESMTP overrides the "TLS-Required:
|
|
||||||
* no" header.
|
|
||||||
*/
|
|
||||||
#ifdef USE_TLS
|
|
||||||
if (var_tls_required_enable
|
|
||||||
&& (state->request->sendopts & SOPT_REQUIRETLS_HEADER)) {
|
|
||||||
iter->tlsreqno = 1;
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* TODO(wietse) If the domain publishes a TLSRPT policy, they expect
|
* TODO(wietse) If the domain publishes a TLSRPT policy, they expect
|
||||||
* that clients use SMTP over TLS. Should we upgrade a TLS security
|
* that clients use SMTP over TLS. Should we upgrade a TLS security
|
||||||
@ -995,15 +959,14 @@ static void smtp_connect_inet(SMTP_STATE *state, const char *nexthop,
|
|||||||
* plaintext, and could break interoperability with receivers that
|
* plaintext, and could break interoperability with receivers that
|
||||||
* crank up security up to 11.
|
* crank up security up to 11.
|
||||||
*
|
*
|
||||||
* As of change 20250803, with "TLS-Required: no", the SMTP client also
|
* With "TLS-Required: no" in effect, the SMTP client ignores the
|
||||||
* ignores the recipient-side policy mechanism TLSRPT, in addition to
|
* recipient-side policy mechanism TLSRPT, in addition to the already
|
||||||
* the already ignored DANE and MTA-STS mechanisms. This prevents
|
* ignored DANE and MTA-STS mechanisms. This prevents TLSRPT
|
||||||
* TLSRPT notifications for all SMTP deliveries that do not require
|
* notifications for all SMTP deliveries that do not require TLS.
|
||||||
* TLS.
|
|
||||||
*/
|
*/
|
||||||
#ifdef USE_TLSRPT
|
#ifdef USE_TLSRPT
|
||||||
if (smtp_mode && var_smtp_tlsrpt_enable
|
if (smtp_mode && var_smtp_tlsrpt_enable
|
||||||
&& iter->tlsreqno == 0
|
&& STATE_TLS_NOT_REQUIRED(state) == 0
|
||||||
&& tls_level_lookup(var_smtp_tls_level) > TLS_LEV_NONE
|
&& tls_level_lookup(var_smtp_tls_level) > TLS_LEV_NONE
|
||||||
&& !valid_hostaddr(domain, DONT_GRIPE))
|
&& !valid_hostaddr(domain, DONT_GRIPE))
|
||||||
smtp_tlsrpt_create_wrapper(state, domain);
|
smtp_tlsrpt_create_wrapper(state, domain);
|
||||||
|
@ -647,11 +647,18 @@ static void *policy_create(const char *unused_key, void *context)
|
|||||||
* Compute the per-site TLS enforcement level. For compatibility with the
|
* Compute the per-site TLS enforcement level. For compatibility with the
|
||||||
* original TLS patch, this algorithm is gives equal precedence to host
|
* original TLS patch, this algorithm is gives equal precedence to host
|
||||||
* and next-hop policies.
|
* and next-hop policies.
|
||||||
|
*
|
||||||
|
* When "TLS-Required: no" is in effect, skip TLS policy lookup and limit
|
||||||
|
* the security level to "may". Do not reset the security level after
|
||||||
|
* policy lookup, as that would result in errors. For example, when TLSA
|
||||||
|
* records are looked up for security level "dane", and then the security
|
||||||
|
* level is reset to "may", the activation of those TLSA records will
|
||||||
|
* fail.
|
||||||
*/
|
*/
|
||||||
tls->level = global_tls_level();
|
tls->level = global_tls_level();
|
||||||
site_level = TLS_LEV_NOTFOUND;
|
site_level = TLS_LEV_NOTFOUND;
|
||||||
|
|
||||||
if (iter->tlsreqno) {
|
if (STATE_TLS_NOT_REQUIRED(iter->parent)) {
|
||||||
if (msg_verbose)
|
if (msg_verbose)
|
||||||
msg_info("%s: no tls policy lookup", __func__);
|
msg_info("%s: no tls policy lookup", __func__);
|
||||||
if (tls->level > TLS_LEV_MAY)
|
if (tls->level > TLS_LEV_MAY)
|
||||||
|
Loading…
x
Reference in New Issue
Block a user