postfix-3.6-20200503

postfix/HISTORY

@@ -24696,8 +24696,37 @@ Apologies for any names omitted.
 	Bugfix: segfault in the tlsproxy client role when the server
 	role was disabled. This typically happens with a first-time
 	Postfix install and after configuring only outbound TLS.
-	File: tlsproxy/tlsproxy.c.
+	Found during program maintenance. File: tlsproxy/tlsproxy.c.
 
-	Portability: libc-musl breaks TLSA/DANE. Force the user to
+20200420
-	override a test and accept that Postfix will not support
+
-	TLSA/DANE. File: makedefs.
+	Noise suppression: shut up a compiler that special-cases
+	string literals. File milter/milter.c.
+
+20200422
+
+	Security: disable TLSA/DANE on Alpine Linux because libc-musl
+	provides no indication whether responses are authentic.
+	This broke TLSA/DANE without a clear explanation. File:
+	makedefs.
+
+20200425
+
+	Robustness: enable the socket option SO_REUSEPORT_LB or
+	SO_REUSEPORT on systems that support it. It allows multiple
+	processes to create distinct listen sockets for the same
+	address and port, and makes Postfix easier to restart.
+	However, with a SHARED listen socket as used in Postfix,
+	kernel-based load balancing does not help, and Postfix still
+	requires locking to avoid waking up multiple processes when
+	a connection arrives.  Files: util/inet_listen.c,
+
+20200502
+
+	Documentation: update SNI support status in TLS_README.
+	File: proto/TLS_READNE.html.
+
+20200503
+
+	Portability: declaration should be before executable
+	statement. File: util/msg_logger.c.

postfix/README_FILES/TLS_README

@@ -1033,8 +1033,9 @@ The pre-requisites for DANE support in the Postfix SMTP client are:
 The above client pre-requisites do not apply to the Postfix SMTP server. It
 will support DANE provided it supports TLSv1 and its TLSA records are published
 in a DNSSEC signed zone. To receive DANE secured mail for multiple domains, use
-the same hostname to add the server to each domain's MX records. There are no
+the same hostname to add the server to each domain's MX records. The Postfix
-plans to implement SNI in the Postfix SMTP server.
+SMTP server supports SNI (Postfix 3.4 and later), configured with
+tls_server_sni_maps.
 
 Note: The Postfix SMTP client's internal stub DNS resolver is DNSSEC-aware, but
 it does not itself validate DNSSEC records, rather it delegates DNSSEC

postfix/WISHLIST

@@ -1,11 +1,11 @@
 Wish list:
 
+	Find a reasonable way to generate postconf configuration
+	parameter tables without breaking gcc -fnocommon.
+
 	Read http://mmogilvi.users.sourceforge.net/software/oauthbearer.html
 	and see how we can improve on the Postfix side.
 
-	Investigate feasibility of SO_REUSEPORT (~portable) and
-	SO_REUSEPORT_LB (*BSD).
-
 	nbbio: exercise the sanity checks with fake msg(3) functions.
 
 	optreset (bsd-ism) how badly do we need it?

postfix/html/TLS_README.html

@@ -1387,7 +1387,8 @@ if deployed on a system with an updated resolver library.
 It will support DANE provided it supports TLSv1 and its TLSA records are
 published in a DNSSEC signed zone.  To receive DANE secured mail for multiple
 domains, use the same hostname to add the server to each domain's MX
-records.  There are no plans to implement SNI in the Postfix SMTP server.  </p>
+records. The Postfix SMTP server supports SNI (Postfix 3.4 and later),
+configured with <a href="postconf.5.html#tls_server_sni_maps">tls_server_sni_maps</a>. </p>
 
 <p> Note: The Postfix SMTP client's internal stub DNS resolver is
 DNSSEC-aware, but it does not itself validate DNSSEC records, rather

postfix/makedefs

@@ -220,22 +220,22 @@ case $# in
     # No ${x%%y} support in Solaris 11 /bin/sh
     RELEASE_MAJOR=`expr "$RELEASE" : '\([0-9]*\)'` || exit 1
     VERSION=`(uname -v) 2>/dev/null`
-    case "$SYSTEM.$VERSION" in
-     Linux.#[0-9]*-Alpine*)
-	case "$CCARGS" in
-	 *-DNO_DNSSEC*) ;;
-	 *) echo Warning: libc-musl breaks DANE/TLSA security. 1>&2
-	    echo Use a glibc-based Linux distribution, or build 1>&2
-	    echo with: 'make makefiles CCARGS="-DNO_DNSSEC ..."'. 1>&2
-	    exit 1;;
-	esac;
-    esac
     case "$VERSION" in
      dcosx*) SYSTEM=$VERSION;;
     esac;;
  # Unsupported debug-only mode. Not suitable for cross-platform tests.
- 2) SYSTEM="$1"; RELEASE="$2";;
+2|3) SYSTEM="$1"; RELEASE="$2"; VERSION="$3";;
- *) echo usage: $0 [system release] 1>&2; exit 1;;
+ *) echo usage: $0 [system release version] 1>&2; exit 1;;
+esac
+
+case "$SYSTEM.$VERSION" in
+ Linux.#*-Alpine*)
+    case "$CCARGS" in
+     *-DNO_DNSSEC*) ;;
+     *) echo Warning: libc-musl breaks DANE/TLSA security. 1>&2
+	echo This build will not support DANE/TLSA. 1>&2
+	CCARGS="$CCARGS -DNO_DNSSEC";;
+    esac;;
 esac
 
 case "$SYSTEM.$RELEASE" in

postfix/proto/TLS_README.html

@@ -1387,7 +1387,8 @@ if deployed on a system with an updated resolver library.
 It will support DANE provided it supports TLSv1 and its TLSA records are
 published in a DNSSEC signed zone.  To receive DANE secured mail for multiple
 domains, use the same hostname to add the server to each domain's MX
-records.  There are no plans to implement SNI in the Postfix SMTP server.  </p>
+records. The Postfix SMTP server supports SNI (Postfix 3.4 and later),
+configured with tls_server_sni_maps. </p>
 
 <p> Note: The Postfix SMTP client's internal stub DNS resolver is
 DNSSEC-aware, but it does not itself validate DNSSEC records, rather

postfix/src/global/mail_version.h

@@ -20,7 +20,7 @@
   * Patches change both the patchlevel and the release date. Snapshots have no
   * patchlevel; they change the release date only.
   */
-#define MAIL_RELEASE_DATE	"20200419"
+#define MAIL_RELEASE_DATE	"20200503"
 #define MAIL_VERSION_NUMBER	"3.6"
 
 #ifdef SNAPSHOT

postfix/src/milter/milter.c

@@ -620,14 +620,14 @@ void    milter_disc_event(MILTERS *milters)
   * names by skipping the redundant "milter_" prefix.
   */
 static ATTR_OVER_TIME time_table[] = {
-    7 + VAR_MILT_CONN_TIME, DEF_MILT_CONN_TIME, 0, 1, 0,
+    7 + (const char *) VAR_MILT_CONN_TIME, DEF_MILT_CONN_TIME, 0, 1, 0,
-    7 + VAR_MILT_CMD_TIME, DEF_MILT_CMD_TIME, 0, 1, 0,
+    7 + (const char *) VAR_MILT_CMD_TIME, DEF_MILT_CMD_TIME, 0, 1, 0,
-    7 + VAR_MILT_MSG_TIME, DEF_MILT_MSG_TIME, 0, 1, 0,
+    7 + (const char *) VAR_MILT_MSG_TIME, DEF_MILT_MSG_TIME, 0, 1, 0,
     0,
 };
 static ATTR_OVER_STR str_table[] = {
-    7 + VAR_MILT_PROTOCOL, 0, 1, 0,
+    7 + (const char *) VAR_MILT_PROTOCOL, 0, 1, 0,
-    7 + VAR_MILT_DEF_ACTION, 0, 1, 0,
+    7 + (const char *) VAR_MILT_DEF_ACTION, 0, 1, 0,
     0,
 };
 

postfix/src/util/inet_listen.c

@@ -150,6 +150,15 @@ int     inet_listen(const char *addr, int backlog, int block_mode)
     if (setsockopt(sock, SOL_SOCKET, SO_REUSEADDR,
 		   (void *) &on, sizeof(on)) < 0)
 	msg_fatal("setsockopt(SO_REUSEADDR): %m");
+#if defined(SO_REUSEPORT_LB)
+    if (setsockopt(sock, SOL_SOCKET, SO_REUSEPORT_LB,
+		   (void *) &on, sizeof(on)) < 0)
+	msg_fatal("setsockopt(SO_REUSEPORT_LB): %m");
+#elif defined(SO_REUSEPORT)
+    if (setsockopt(sock, SOL_SOCKET, SO_REUSEPORT,
+		   (void *) &on, sizeof(on)) < 0)
+	msg_fatal("setsockopt(SO_REUSEPORT): %m");
+#endif
     if (bind(sock, res->ai_addr, res->ai_addrlen) < 0) {
 	SOCKADDR_TO_HOSTADDR(res->ai_addr, res->ai_addrlen,
 			     &hostaddr, &portnum, 0);

postfix/src/util/msg_logger.c

@@ -165,13 +165,6 @@ static void msg_logger_print(int level, const char *text)
     struct tm *lt;
     ssize_t len;
 
-    /*
-     * This test is simple enough that we don't bother with unregistering the
-     * msg_logger_print() function.
-     */
-    if (msg_logger_enable == 0)
-	return;
-
     /*
      * TODO: this should be a reusable NAME_CODE table plus lookup function.
      */
@@ -182,6 +175,13 @@ static void msg_logger_print(int level, const char *text)
 	"info", "warning", "error", "fatal", "panic",
     };
 
+    /*
+     * This test is simple enough that we don't bother with unregistering the
+     * msg_logger_print() function.
+     */
+    if (msg_logger_enable == 0)
+	return;
+
     /*
      * Note: there is code in postlogd(8) that attempts to strip off
      * information that is prepended here. If the formatting below is