All the default groups and EC curves should sufficiently strong to make +
All the default groups and EC curves should be sufficiently strong to make "pruning" the defaults unwise. At a minimum, "x25519" and "prime256v1" (the OpenSSL name for "secp256r1", a.k.a. "P-256") should be among the enabled EC curves, while "dhe2048" and "dhe3072" should be among the FFDHE groups.
diff --git a/postfix/man/man5/postconf.5 b/postfix/man/man5/postconf.5 index 7e367f164..339b38853 100644 --- a/postfix/man/man5/postconf.5 +++ b/postfix/man/man5/postconf.5 @@ -14121,7 +14121,7 @@ EC key agreement in OpenSSL 3.0 and later. Note that at least one of this is required by OpenSSL 3.0. If both are inadvertently set empty, Postfix will fall back to the compiled\-in defaults. .PP -All the default groups and EC curves should sufficiently strong to make +All the default groups and EC curves should be sufficiently strong to make "pruning" the defaults unwise. At a minimum, "x25519" and "prime256v1" (the OpenSSL name for "secp256r1", a.k.a. "P\-256") should be among the enabled EC curves, while "dhe2048" and "dhe3072" should be among the FFDHE groups. diff --git a/postfix/proto/postconf.proto b/postfix/proto/postconf.proto index d0f3bd145..d8e908479 100644 --- a/postfix/proto/postconf.proto +++ b/postfix/proto/postconf.proto @@ -13426,7 +13426,7 @@ EC key agreement in OpenSSL 3.0 and later. Note that at least one of this is required by OpenSSL 3.0. If both are inadvertently set empty, Postfix will fall back to the compiled-in defaults. -All the default groups and EC curves should sufficiently strong to make +
All the default groups and EC curves should be sufficiently strong to make "pruning" the defaults unwise. At a minimum, "x25519" and "prime256v1" (the OpenSSL name for "secp256r1", a.k.a. "P-256") should be among the enabled EC curves, while "dhe2048" and "dhe3072" should be among the FFDHE groups.
diff --git a/postfix/src/global/mail_params.h b/postfix/src/global/mail_params.h index 1d61fde53..908341ae3 100644 --- a/postfix/src/global/mail_params.h +++ b/postfix/src/global/mail_params.h @@ -3399,21 +3399,25 @@ extern char *var_tls_null_clist; #else #define DEF_TLS_EECDH_AUTO_1 "" #endif + #if defined(SN_X448) && defined(NID_X448) #define DEF_TLS_EECDH_AUTO_2 SN_X448 " " #else #define DEF_TLS_EECDH_AUTO_2 "" #endif + #if defined(SN_X9_62_prime256v1) && defined(NID_X9_62_prime256v1) #define DEF_TLS_EECDH_AUTO_3 SN_X9_62_prime256v1 " " #else #define DEF_TLS_EECDH_AUTO_3 "" #endif + #if defined(SN_secp384r1) && defined(NID_secp384r1) -#define DEF_TLS_EECDH_AUTO_4 SN_secp384r1 +#define DEF_TLS_EECDH_AUTO_4 SN_secp384r1 " " #else #define DEF_TLS_EECDH_AUTO_4 "" #endif + #if defined(SN_secp521r1) && defined(NID_secp521r1) #define DEF_TLS_EECDH_AUTO_5 SN_secp521r1 " " #else diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h index 95fbd9bfd..3acccc6f6 100644 --- a/postfix/src/global/mail_version.h +++ b/postfix/src/global/mail_version.h @@ -20,7 +20,7 @@ * Patches change both the patchlevel and the release date. Snapshots have no * patchlevel; they change the release date only. */ -#define MAIL_RELEASE_DATE "20240923" +#define MAIL_RELEASE_DATE "20240924" #define MAIL_VERSION_NUMBER "3.10" #ifdef SNAPSHOT diff --git a/postfix/src/tls/tls_dh.c b/postfix/src/tls/tls_dh.c index 6165b9390..873c3f6e5 100644 --- a/postfix/src/tls/tls_dh.c +++ b/postfix/src/tls/tls_dh.c @@ -333,8 +333,8 @@ static int setup_auto_groups(SSL_CTX *ctx, const char *origin, /* * OpenSSL does not tolerate duplicate groups in the requested list. * Deduplicate case-insensitively, just in case OpenSSL some day supports - * case-insensitive group lookup. Users who specify the group name twice - * and get the case wrong the first time deserve to be unhappy. :-) + * case-insensitive group lookup. Deduplicate only verified extant groups + * we're going to ask OpenSSL to use. * * OpenSSL 3.3 supports "?