mir/postfix
2
0
Fork 0
mirror of https://github.com/vdukhovni/postfix synced 2025-08-30 05:38:06 +00:00
Code Issues Releases Wiki Activity

postfix-2.3-20050304

Browse Source
This commit is contained in:
Wietse Venema 2005-03-04 00:00:00 -05:00 committed by Viktor Dukhovni
parent 5ec20d1d05
commit 9bf2b1e43e
21 changed files with 189 additions and 667 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
postfix/HISTORY
View File

@ -10405,18 +10405,51 @@ Apologies for any names omitted.
FROM: or CC: by From: or Cc:. Files: cleanup/cleanup_message.c,
smtp/smtp_proto.c.
20050228
Cleanup/portability: missing #includes and bad prototypes.
Matthias Andree, Carsten Hoeger, and others.
20050302
Workaround: make TLS session caching work with perverse
sites that have multiple servers per hostname or even
multiple servers per IP address, but no shared TLS session
cache. The SMTP client TLS session cache is now indexed by
(server hostname, server address, server port, server helo
hostname). After an idea by Victor Duchovni. Files:
smtp/smtp_proto.c, tls/tls_client.c.
20050303
Bugfix (bug inherited from Postfix/TLS patch): a rare 9kbyte
memory leak when in-memory TLS session information expires;
found by setting the expiry time shorter than the time to
deliver one or two messages with a very slow machine. This
was due to a missing SSL_SESSION_free() call in the "new
session" call-back routines. Found by Victor Duchovni.
Files: tls/tls_client.c, tls/tls_server.c.
Workaround: OpenSSL is overly agressive when purging a
not-yet expired entry from a full in-memory cache: it also
purges the entry from the on-disk server session cache.
Workaround is to let only the tlsmgr purge entries from the
on-disk server session cache. Found by Victor Duchovni.
File: tls/tls_server.c.
20050304
Postfix releases are now signed with Wietse's new PGP key.
The old key was getting a bit short for today's standards.
The new public key can be found on the Postfix download
webpage. As proof of authenticity the new PGP key is signed
with Wietse's old PGP key.
Open problems:
Med: disable header address rewriting after XCLIENT?
Introduce a better concept of original submission?
Low: 9kbyte memory leak when expired in-memory session
information is removed by SSL_CTX_flush_sessions(); found
by setting the expiry time shorter than the time to deliver
one or two messages. Postfix processes are short-lived,
and the occurrance of this leak is rare enough that it is
a low priority.
Low: configurable order of local(8) delivery methods.
Med: local and remote source port and IP address for smtpd

500
postfix/RELEASE_NOTES
View File

@ -1,491 +1,15 @@
The official Postfix release is called 2.1.x where 2=major release
number, 1=minor release number, x=patchlevel. Snapshot releases
are now called 2.2-yyyymmdd where yyyymmdd is the release date
(yyyy=year, mm=month, dd=day). The mail_release_date configuration
parameter contains the release date (both for official release and
snapshot release). Patches are issued for the official release
and change the patchlevel and the release date. Patches are never
issued for snapshot releases.
The stable Postfix release is called postfix-2.2.x where 2=major
release number, 2=minor release number, x=patchlevel. The stable
release never changes except for patches that address bugs or
emergencies. Patches change the patchlevel and the release date.
Major changes with snapshot Postfix-2.2-20050212
================================================
New features are developed in snapshot releases. These are called
postfix-2.3-yyyymmdd where yyyymmdd is the release date (yyyy=year,
mm=month, dd=day). Patches are never issued for snapshot releases;
instead, a new snapshot is released.
When header address rewriting is enabled, Postfix now updates a
message header only when at least one address in that header
is modified. Older Postfix versions first parse and then unparse
a header so that there may be subtle changes in formatting, such
as the amount of whitespace between tokens, or in capitalization
of header labels such as FROM:/CC: because they are not replaced
by From:/Cc:.
The mail_release_date configuration parameter (format: yyyymmdd)
specifies the release date of a stable release or snapshot release.
Major changes with snapshot Postfix-2.2-20050211
================================================
The "generics" table feature is renamed to "generic", for consistency
with other Postfix table names which are also singular.
Major changes with snapshot Postfix-2.2-20050209
================================================
The policy delegation protocol now supplies TLS client certificate
information after successful verification. The new attribute names
are ccert_subject, ccert_issuer and ccert_fingerprint.
Major changes with snapshot Postfix-2.2-20050208
================================================
New "check_ccert_maps maptype:mapname" feature to enforce access
control based on (hexadecimal) client certificate fingerprints.
Major changes with snapshot Postfix-2.2-20050206
================================================
Support for address rewriting in outgoing SMTP mail. This is useful
for sites that have no valid Internet domain name, and that use a
domain name such as localdomain.local instead. Mail addresses that
use such domain names are often rejected by mail servers.
The new smtp_generic_maps feature allows you to replace local mail
addresses by valid Internet addresses when mail is sent across the
Internet. It has no effect on mail that is sent between accounts
on the local machine. The syntax is described in generic(5) and
a detailed example is in the STANDARD_CONFIGURATION_README file.
Example:
/etc/postfix/main.cf:
smtp_generic_maps = hash:/etc/postfix/generic
/etc/postfix/generic:
you@localdomain.local youraccount@yourisp.net
her@localdomain.local heraccount@herisp.net
@localdomain.local youraccount+local@yourisp.net
When mail is sent to a remote host via SMTP, this replaces your
local mail address you@localdomain.local by your ISP mail address,
replaces her@localdomain.local by her ISP mail address, and replaces
all other local addresses by your ISP account, with an address
extension of +local (this example assumes that the ISP supports
"+" style address extensions).
Major changes with snapshot Postfix-2.2-20050205
================================================
REPLACE action in header_checks and body_checks. See header_checks(5)
for details.
Incompatible changes with snapshot Postfix-2.2-20050203
=======================================================
Postfix rewrites message header addresses only in mail that originates
from the local machine. Specify "local_header_rewrite_clients =
static:all" to get the old behavior of Postfix 2.1 and earlier.
All "postfix start" file permission checks are run in the foreground
while Postfix is started.
Major changes with snapshot Postfix-2.2-20050203
================================================
To create a ready-to-install package for distribution to other
systems use "make package" or "make non-interactive-package",
instead of invoking the postfix-install script by hand (which is
deprecated). See the PACKAGE_README file for details.
New "permit_inet_interfaces" access restriction to allow access
from local IP addresses only. This is used for the default, purist,
setting of local_header_rewrite_clients in the previous paragraph.
New "sleep time-in-seconds" pseudo access restriction to block
zombie clients with reject_unauthorized_pipelining before the
Postfix SMTP server sends the SMTP greeting. See postconf(5)
for example.
Safety: Postfix no longer tries to send mail to the fallback_relay
when the local machine is MX host for the mail destination. See
the postconf(5) description of fallback_relay for details.
Incompatible changes with snapshot Postfix-2.2-20050117
=======================================================
Only the deferred and defer queue directories are hashed by default,
instead of eight queue directories. With modern file systems, this
speeds up Postfix boot time without compromising performance under
high load too much. Hashing is now turned on only for the defer and
deferred queue directories, because those contain lots of mail when
undeliverable mail is backing up.
The SMTP server now requires that IPv6 addresses in SMTP commands
are specified as [ipv6:ipv6address], as described in RFC 2821.
Incompatible changes with snapshot Postfix-2.2-20050111+IPV6
============================================================
Postfix version 2.2 IP version 6 support is based on the Postfix/IPv6
patch by Dean Strik, but differs in a few minor ways.
- Network protocol support including DNS lookup is selected with
the inet_protocols parameter instead of the inet_interfaces parameter.
This is needed so that Postfix will not attempt to deliver mail
via IPv6 when the system has no IPv6 connectivity.
- The lmtp_bind_address6 feature was omitted. The Postfix LMTP
client will be absorbed into the SMTP client, so there is no reason
to keep adding features to the LMTP client.
- The cidr-based address matching code was rewritten. The new
behavior is believed to be closer to expectation. The results may
be incompatible with that of the Postfix/IPv6 patch.
Major changes with snapshot Postfix-2.2-20050111+IPV6
=====================================================
Postfix version 2.2 IP version 6 support based on the Postfix/IPv6
patch by Dean Strik and others. IP version 6 support is selected
in main.cf; it is not selected at compile time as with TLS or SASL.
IP version 6 support is always compiled into Postfix on systems
that have Postfix compatible IP version 6 support. On other systems
Postfix will simply use IP version 4 just like it did before. See
the IPV6_README document for what systems are supported, and how
to turn on IPv6 in main.cf.
Incompatible changes with snapshot Postfix-2.2-20041210+TLS
===========================================================
Postfix version 2.2 TLS support is based on the Postfix/TLS patch
by Lutz Jaenicke, but differs in a few minor ways.
- main.cf: Use btree instead of sdbm for TLS session cache databases.
Session caches are now accessed only by the tlsmgr(8) process,
so there are no more concurrency issues. Although Postfix still
has an sdbm client, the sdbm library (1000 lines of code) is no
longer included with Postfix/TLS.
TLS session caches can use any database that can store objects
of several kbytes or more, and that implements the sequence
operation. In most cases, btree databases should be adequate.
NOTE: You cannot use dbm databases. TLS session objects are too
large.
- master.cf: Specify unix instead of fifo as the tlsmgr service type.
The smtp(8) and smtpd(8) processes now use a client-server protocol
in order to access the tlsmgr(8)'s pseudo-random number generation
(PRNG) pool, and in order to access the TLS session cache databases.
Such a protocol cannot be run across fifos.
Major changes with snapshot Postfix-2.2-20041210+TLS
=====================================================
TLS support based on the Postfix/TLS patch by Lutz Jaenicke. This
is not compiled in by default. To build Postfix with TLS support,
see the TLS_README document.
Major changes with snapshot Postfix-2.2-20041218
================================================
Fine control for SMTP inter-operability problems, by discarding
keywords sent or received with the EHLO handshake. Typically one
would discard "pipelining", "starttls", or "auth". Specify a list
of EHLO keywords with the smtp(d)_discard_ehlo_keywords parameters,
or specify one or more lookup tables, indexed by remote network
address, with the smtp(d)_discard_ehlo_keyword_address_maps
parameters. Note: this only discards words from the EHLO conversation;
it does not turn off the actual features in the SMTP server.
More client attributes for delivery to command with the local(8)
and pipe(8) delivery agents: client_hostname, client_address,
client_protocol, client_helo, sasl_method, sasl_sender, and
sasl_username. With local(8), attribute names must be specified
in upper case.
Major changes with snapshot Postfix-2.2-20041210
================================================
You can now dump an entire database with the new postmap/postalias
"-s" option. This works only for database types with Postfix sequence
operator support: hash, btree, dbm, and sdbm.
Major changes with snapshot Postfix-2.2-20041208
================================================
Support for CDB databases by Michael Tokarev. This supports both
Michael's tinycdb and Daniel Bernstein's cdb implementations, but
neither of the two implementations is bundled with Postfix.
Incompatible changes with snapshot Postfix-2.2-20041118
=======================================================
You must restart Postfix, because the master-child protocol has
changed. Postfix will log warnings about partial status updates
if you forget to restart the master.
Major changes with snapshot Postfix-2.2-20041118
================================================
New "smtpd_end_of_data_restrictions" feature that is invoked after
the client terminates the SMTP DATA command. The syntax is the same
as with "smtpd_data_restrictions", but the message size is the
actual byte count of the message content.
Incompatible changes with snapshot Postfix-2.2-20041030
=======================================================
The SMTP session cache is renamed to connection cache, to avoid
confusion with the TLS session cache. Thus, all session_cache_mumble
parameters are now called connection_cache_mumble.
Incompatible changes with snapshot Postfix-2.2-20041023
=======================================================
You must reload or stop/start Postfix, because the queue manager
to delivery agent protocol has changed. If you forget this, mail
will remain queued until the queue manager is restarted.
Support for the non-standard Errors-To: return addresses is removed.
It was already disabled by default with Postfix version 2.1. Since
Errors-To: is non-standard, there was no guarantee that it would
have effect with other MTAs.
Major changes with snapshot Postfix-2.2-20041023
================================================
The NIS+ client by Geoff Gibbs is now part of the Postfix source
tree. Details are given in the nisplus_table(5) manual page.
By default, Postfix no longer appends its own domain to addresses
in message headers from remote clients. Thus, spam from poorly
written software no longer looks like it came from a local user.
Postfix either does not rewrite remote message headers at all, or
it rewrites headers and appends the domain name that is specified
with the remote_header_rewrite_domain parameter (like "domain.invalid").
To get the behavior of earlier Postfix versions (always append
Postfix's own domain to incomplete addresses in message headers)
specify:
/etc/postfix/main.cf:
local_header_rewrite_clients = static:all
Postfix always appends its own domain information to addresses in
message headers from Postfix sendmail and from local SMTP clients.
By default, Postfix considers an SMTP client local (and thus updates
message header addresses with the Postfix's own domain) when the
client IP address matches mynetworks, or when the client is SASL
or TLS authenticated.
If you want to include other clients via a pop-before-smtp table,
then you have to specify that via the new local_header_rewrite_clients
parameter:
/etc/postfix/main.cf:
local_header_rewrite_clients = permit_mynetworks,
permit_sasl_authenticated, permit_tls_clientcerts,
check_address_map hash:/etc/postfix/pop-before-smtp
As before, Postfix appends local domain information to envelope
addresses (as opposed to header addresses), because an unqualified
envelope address is effectively local for the purpose of delivery,
and for the purpose of replying to it.
Full details are given in ADDRESS_REWRITING_README, and in the
postconf(5) manual. For best results, point your browser at the
ADDRESS_REWRITING_README.html file and navigate to the section
titled "To rewrite or not to rewrite, or to label as invalid".
Incompatible changes with snapshot Postfix-2.2-20041009
=======================================================
You must reload or stop/start Postfix, because the queue manager
to delivery agent protocol has changed. If you forget this, mail
will remain queued until the queue manager is restarted.
The smtpd_client_connection_limit_exceptions parameter is renamed
to smtpd_client_event_limit_exceptions. Besides connections it now
also applies to per-client message rate and recipient rate limits.
Major changes with snapshot Postfix-2.2-20041009
================================================
Per SMTP client message rate and recipient rate limits. These limit
the number of MAIL FROM or RCPT TO requests regardless of whether
or not Postfix would have accepted them otherwise. The user interface
(smtpd_client_message_rate_limit and smtpd_client_recipient_rate_limit)
is similar to that of the existing per SMTP client connection rate
limit, and the same warnings apply: these features are to be used
to stop abuse, and must not be used to regulate legitimate mail.
More details can be found in the postconf(5) manual.
Incompatible changes with snapshot Postfix-2.2-20040919
=======================================================
This snapshot adds a discard service to the master.cf file.
Major changes with snapshot Postfix-2.2-20040919
================================================
A new discard(8) mail delivery agent that makes throwing away mail
easier and more efficient. It's the Postfix equivalent of /dev/null
for deliveries. On the input side, Postfix already has a /dev/null
equivalent in the form of the DISCARD action in access maps and
header_body_checks.
Access control for local mail submission, for listing the queue
and for flushing the queue. These features are controlled with
authorized_submit_users, authorized_mailq_users, and with
authorized_flush_users, respectively. The last two controls are
always permitted for the super-user and for the mail system owner.
More information is in the postconf(5) manual.
Incompatible changes with snapshot Postfix-2.2-20040829
=======================================================
When no recipients are specified on the command line or via the -t
option, the Postfix sendmail command terminates with status EX_USAGE
and produces an error message instead of accepting the mail first
and bouncing it later. This gives more direct feedback in case of
a common client configuration error.
Major changes with snapshot Postfix-2.2-20040827
================================================
Easier use of the proxymap service with the virtual(8) delivery
agent. As of now, the virtual(8) delivery agent will silently open
maps directly when they can't be proxied. This means you can now
specify "virtual_mailbox_maps = proxy:mysql:whatever" without
triggering fatal errors in the virtual(8) delivery agent.
Better SMTP client control over the use of SASL mechanisms. New
smtp_sasl_mechanism_filter mechanism to shorten the list of SASL
mechanisms from a remote server to just those that the local SASL
library can actually use.
Finer control over canonical mapping with canonical_classes,
sender_canonical_classes and recipient_canonical_classes. These
specify one or more of envelope_sender, header_sender, envelope_recipient
or header_recipient. The default settings are backwards compatible.
Incompatible changes with snapshot Postfix-2.2-20040729
=======================================================
SMTP session caching is enabled temporarily when a destination has
a high volume of mail in the active queue. To disable, specify
"smtp_connection_cache_on_demand = no".
Major changes with snapshot Postfix-2.2-20040729
================================================
Opportunistic SMTP session caching. When a destination has a high
volume of mail in the active queue, SMTP session caching is enabled
temporarily. This is controlled with a new configuration parameter
"smtp_connection_cache_on_demand" (default: yes).
Incompatible changes with snapshot Postfix-2.2-20040723
=======================================================
Permanent SMTP session caching is now enabled with the
smtp_session_cache_destinations parameter. This requires "bare"
domain names without "[]" or TCP port. The change eliminates a
syntax conflict between host:port and maptype:mapname, and simplifies
the user interface, at the cost of a minor loss of control over
what sessions are cached.
Major changes with snapshot Postfix-2.2-20040721
================================================
The session cache manager now logs cache hit and miss statistics
every $session_cache_status_update_time seconds (default: 600s).
It reports the hit and miss rates for lookups by domain, as well
as for lookups by network address.
Hit rates for cache lookups by domain will tell you how useful
session caching is.
Cache lookups by network address will always fail, unless you're
sending mail to different domains that share the same MX host.
Incompatible changes with snapshot Postfix-2.2-20040720
=======================================================
The default SMTP/LMTP timeouts for sending RSET are reduced to 20s.
Major changes with snapshot Postfix-2.2-20040720
================================================
Selective permanent SMTP session caching. Instead of disconnecting
immediately after a mail transaction, the SMTP client can save the
open session to a session cache daemon, so that any SMTP client
process can use that session for another mail transaction.
This feature introduces the scache (session cache) server, which
is added to your master.cf file when you upgrade Postfix.
*** You need to execute "postfix reload" when upgrading from Postfix
*** version 2.1 or later.
*** You need to execute "postfix stop" when upgrading from Postfix
*** version 2.0 or earlier. Execute "postfix start" when done.
Session caching is enabled with the new smtp_connection_cache_destinations
parameter. Specify a list of destinations or lookup tables:
- if mail is sent without relay host: a domain (the right-hand side
of an email address),
- if mail is sent via a relay host, the relay host (without [],
and without non-default TCP port) that is specified in main.cf or
in the transport map,
- a /file/name with domains and/or relay hosts,
- a type:table with domains and/or relay hosts on the left-hand
side; the right-hand side result from type:table lookups is ignored.
The following optimizes deliveries to hosts that your machine relays
mail to:
smtp_connection_cache_destinations = $relay_domains $relayhost
A setting that tries to optimize deliveries to problem sites:
smtp_connection_cache_destinations = hotmail.com...
Cached SMTP sessions are allowed to remain unused for only a limited
amount of time (smtp_connection_cache_time_limit, default: 2
seconds). This limits the impact on remote server resources.
Specify larger values only with permission from the remote sites.
To avoid triggering remote problems, the same SMTP session is used
only a limited number of times (smtp_connection_cache_reuse_limit,
default: 10).
Robustness note: to prevent mail from being delivered to the wrong
server, the session caching feature explicitly labels each cached
session with destination domain and IP address information. A
session cache lookup succeeds only when the correct information is
specified.
Limitations:
- SMTP session caching does not work with TLS (the necessary support
for object passivation and re-activation does not exist without
closing the connection).
- SMTP session caching assumes that SASL credentials are valid for
all hostnames or domain names that map onto the same IP address
and TCP port.
Major changes with snapshot Postfix-2.2-20040621
================================================
Control over the working directory when executing an external
command. With the pipe(8) mailer, specify directory=pathname, and
with local(8) specify "command_execution_directory = expression"
where "expression" is subject to $home etc. macro expansion. The
result of macro expansion is restricted by the set of characters
specified with execution_directory_expansion_filter.
See RELEASE_NOTES-2.2 for changes introduced during the development
of Postfix version 2.2.

26
postfix/RELEASE_NOTES-2.2
View File

@ -21,8 +21,8 @@ the following sections of this document.
from third-party patches.
- SMTP client-side connection reuse. This can dramatically speed
up deliveries to high-volume destinations that have good and
non-responding mail servers.
up deliveries to high-volume destinations that have some servers
that respond, and some non-responding mail servers.
- By default, message header address rewriting is now disabled for
SMTP mail from other systems. Thus, spam from poorly written
@ -75,8 +75,8 @@ the Postfix/TLS patch.
[Feature 20040919] The upgrade procedure adds the discard service
to the master.cf file.
[Feature 20040720] The upgrade procedure adds the scache (connection
cache) service to the master.cf file.
[Feature 20040720] The upgrade procedure adds the scache (shared
connection cache) service to the master.cf file.
Major changes - IPv6 support
----------------------------
@ -116,15 +116,6 @@ Postfix/TLS patch by Lutz Jaenicke. TLS support is not compiled
in by default. For more information about Postfix 2.2 TLS support,
see the TLS_README document.
[Feature 20050209] The Postfix SMTP server policy delegation protocol
now supplies TLS client certificate information after successful
verification. The new policy delegation protocol attribute names
are ccert_subject, ccert_issuer and ccert_fingerprint.
[Feature 20050208] New "check_ccert_maps maptype:mapname" feature
to enforce access control based on hexadecimal client certificate
fingerprints.
[Incompat 20041210] Postfix version 2.2 TLS support differs from
the Postfix/TLS patch by Lutz Jaenicke in a few minor ways.
@ -150,6 +141,15 @@ the Postfix/TLS patch by Lutz Jaenicke in a few minor ways.
(PRNG) pool, and in order to access the TLS session cache databases.
Such a protocol cannot be run across fifos.
[Feature 20050209] The Postfix SMTP server policy delegation protocol
now supplies TLS client certificate information after successful
verification. The new policy delegation protocol attribute names
are ccert_subject, ccert_issuer and ccert_fingerprint.
[Feature 20050208] New "check_ccert_maps maptype:mapname" feature
to enforce access control based on hexadecimal client certificate
fingerprints.
Major changes - SMTP client connection cache
--------------------------------------------

15
postfix/conf/main.cf
View File

@ -582,11 +582,24 @@ debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5
# If you don't have X installed on the Postfix machine, try:
# If you can't use X, use this to capture the call stack when a
# daemon crashes. The result is in a file in the configuration
# directory, and is named after the process name and the process ID.
#
# debugger_command =
# PATH=/bin:/usr/bin:/usr/local/bin; export PATH; (echo cont;
# echo where) | gdb $daemon_directory/$process_name $process_id 2>&1
# >$config_directory/$process_name.$process_id.log & sleep 5
#
# Another possibility is to run gdb under a detached screen session.
# To attach to the screen sesssion, su root and run "screen -r
# <id_string>" where <id_string> uniquely matches one of the detached
# sessions (from "screen -list").
#
# debugger_command =
# PATH=/bin:/usr/bin:/sbin:/usr/sbin; export PATH; screen
# -dmS $process_name gdb $daemon_directory/$process_name
# $process_id & sleep 1
# INSTALL-TIME CONFIGURATION INFORMATION
#

2
postfix/src/anvil/anvil.c
View File

@ -387,7 +387,7 @@ typedef struct {
(remote)->rcpt = 0; \
(remote)->newtls = 1; \
(remote)->start = _now; \
} else if ((remote)->rcpt < INT_MAX) { \
} else if ((remote)->newtls < INT_MAX) { \
(remote)->newtls += 1; \
} \
} while(0)

1
postfix/src/discard/discard.c
View File

@ -115,6 +115,7 @@
#include <bounce.h>
#include <deliver_completed.h>
#include <flush_clnt.h>
#include <sent.h>
/* Single server skeleton. */

2
postfix/src/global/mail_version.h
View File

@ -20,7 +20,7 @@
* Patches change the patchlevel and the release date. Snapshots change the
* release date only.
*/
#define MAIL_RELEASE_DATE "20050227"
#define MAIL_RELEASE_DATE "20050304"
#define MAIL_VERSION_NUMBER "2.2"
#define VAR_MAIL_VERSION "mail_version"

1
postfix/src/master/master_vars.c
View File

@ -25,6 +25,7 @@
/* System library. */
#include <sys_defs.h>
#include <string.h>
#include <unistd.h>
/* Utility library. */

2
postfix/src/postdrop/postdrop.c
View File

@ -152,7 +152,7 @@
/*
* Local mail submission access list.
*/
static char *var_submit_acl;
char *var_submit_acl;
static CONFIG_STR_TABLE str_table[] = {
VAR_SUBMIT_ACL, DEF_SUBMIT_ACL, &var_submit_acl, 0, 0,

4
postfix/src/postqueue/postqueue.c
View File

@ -222,8 +222,8 @@
/*
* Queue manipulation access lists.
*/
static char *var_flush_acl;
static char *var_showq_acl;
char *var_flush_acl;
char *var_showq_acl;
static CONFIG_STR_TABLE str_table[] = {
VAR_FLUSH_ACL, DEF_FLUSH_ACL, &var_flush_acl, 0, 0,

2
postfix/src/sendmail/sendmail.c
View File

@ -447,7 +447,7 @@ typedef struct SM_STATE {
/*
* Mail submission ACL
*/
static char *var_submit_acl;
char *var_submit_acl;
static CONFIG_STR_TABLE str_table[] = {
VAR_SUBMIT_ACL, DEF_SUBMIT_ACL, &var_submit_acl, 0, 0,

1
postfix/src/smtp/smtp.h
View File

@ -173,6 +173,7 @@ typedef struct SMTP_SESSION {
char *host; /* mail exchanger */
char *addr; /* mail exchanger */
char *namaddr; /* mail exchanger */
char *helo; /* helo response */
unsigned port; /* network byte order */
VSTRING *buffer; /* I/O buffer */

52
postfix/src/smtp/smtp_proto.c
View File

@ -219,6 +219,8 @@ char *xfer_request[SMTP_STATE_LAST] = {
"QUIT command",
};
static int smtp_start_tls(SMTP_STATE *, int);
/* smtp_helo - perform initial handshake with SMTP server */
int smtp_helo(SMTP_STATE *state, NOCLOBBER int misc_flags)
@ -245,7 +247,6 @@ int smtp_helo(SMTP_STATE *state, NOCLOBBER int misc_flags)
int discard_mask;
#ifdef USE_TLS
static int smtp_start_tls(SMTP_STATE *, int);
int saved_features = session->features;
#endif
@ -361,9 +362,22 @@ int smtp_helo(SMTP_STATE *state, NOCLOBBER int misc_flags)
* MicroSoft implemented AUTH based on an old draft.
*/
lines = resp->str;
while ((words = mystrtok(&lines, "\n")) != 0) {
for (n = 0; (words = mystrtok(&lines, "\n")) != 0; /* see below */ ) {
if (mystrtok(&words, "- ") && (word = mystrtok(&words, " \t=")) != 0) {
if (strcasecmp(word, "8BITMIME") == 0) {
if (n == 0) {
if (session->helo != 0)
myfree(session->helo);
session->helo = lowercase(mystrdup(word));
if (strcasecmp(word, var_myhostname) == 0
&& (misc_flags & SMTP_MISC_FLAG_LOOP_DETECT) != 0) {
msg_warn("host %s replied to HELO/EHLO with my own hostname %s",
session->namaddr, var_myhostname);
return (smtp_site_fail(state,
(session->features & SMTP_FEATURE_BEST_MX) ? 550 : 450,
"mail for %s loops back to myself",
request->nexthop));
}
} else if (strcasecmp(word, "8BITMIME") == 0) {
if ((discard_mask & EHLO_MASK_8BITMIME) == 0)
session->features |= SMTP_FEATURE_8BITMIME;
} else if (strcasecmp(word, "PIPELINING") == 0) {
@ -396,16 +410,8 @@ int smtp_helo(SMTP_STATE *state, NOCLOBBER int misc_flags)
if ((discard_mask & EHLO_MASK_AUTH) == 0)
smtp_sasl_helo_auth(session, words);
#endif
} else if (strcasecmp(word, var_myhostname) == 0) {
if (misc_flags & SMTP_MISC_FLAG_LOOP_DETECT) {
msg_warn("host %s replied to HELO/EHLO with my own hostname %s",
session->namaddr, var_myhostname);
return (smtp_site_fail(state,
(session->features & SMTP_FEATURE_BEST_MX) ? 550 : 450,
"mail for %s loops back to myself",
request->nexthop));
}
}
n++;
}
}
if (msg_verbose)
@ -554,6 +560,7 @@ int smtp_helo(SMTP_STATE *state, NOCLOBBER int misc_flags)
static int smtp_start_tls(SMTP_STATE *state, int misc_flags)
{
SMTP_SESSION *session = state->session;
VSTRING *serverid;
/*
* Turn off SMTP connection caching. When the TLS handshake succeeds, we
@ -580,13 +587,26 @@ static int smtp_start_tls(SMTP_STATE *state, int misc_flags)
* follow below AFTER the tls_client_start() call. These tests should be
* done inside tls_client_start() or its call-backs, to keep the SMTP
* client code clean (as it is in the SMTP server).
*
* The following assumes sites that use TLS in a perverse configuration:
* multiple hosts per hostname, or even multiple hosts per IP address.
* All this without a shared TLS session cache, and they still want to
* use TLS session caching???
*/
serverid = vstring_alloc(10);
vstring_sprintf(serverid, "%s:%s:%u",
session->host, session->addr,
ntohs(session->port));
if (session->helo && strcasecmp(session->host, session->helo) != 0)
vstring_sprintf_append(serverid, ":%s", session->helo);
session->tls_context =
tls_client_start(smtp_tls_ctx, session->stream,
var_smtp_starttls_tmout,
session->tls_enforce_peername,
session->host,
lowercase(vstring_str(serverid)),
&(session->tls_info));
vstring_free(serverid);
if (session->tls_context == 0)
return (smtp_site_fail(state, 450,
"Cannot start TLS: handshake failure"));
@ -741,10 +761,10 @@ static void smtp_header_rewrite(void *context, int header_class,
char *end_line;
/*
* Rewrite primary header addresses that match the smtp_generic_maps.
* The cleanup server already enforces that all headers have proper
* lengths and that all addresses are in proper form, so we don't have to
* repeat that.
* Rewrite primary header addresses that match the smtp_generic_maps. The
* cleanup server already enforces that all headers have proper lengths
* and that all addresses are in proper form, so we don't have to repeat
* that.
*/
if (header_info && header_class == MIME_HDR_PRIMARY
&& (header_info->flags & (HDR_OPT_SENDER | HDR_OPT_RECIP)) != 0) {

4
postfix/src/smtp/smtp_sasl_proto.c
View File

@ -98,8 +98,8 @@ static const char *smtp_sasl_compat_mechs(const char *words)
save_mech = mech_list = mystrdup(words);
while (mech = mystrtok(&mech_list, " \t")) {
if (string_list_match(smtp_sasl_mechs, mech)) {
while ((mech = mystrtok(&mech_list, " \t")) != 0) {
if (string_list_match(smtp_sasl_mechs, mech)) {
if (VSTRING_LEN(buf) > 0)
VSTRING_ADDCH(buf, ' ');
vstring_strcat(buf, mech);

5
postfix/src/smtp/smtp_session.c
View File

@ -96,6 +96,7 @@
#include <sys_defs.h>
#include <stdlib.h>
#include <string.h>
#include <netinet/in.h>
#ifdef STRCASECMP_IN_STRINGS_H
#include <strings.h>
@ -118,6 +119,7 @@
/* Application-specific. */
#include "smtp.h"
#include "smtp_sasl.h"
#define STR(x) vstring_str(x)
@ -211,6 +213,7 @@ SMTP_SESSION *smtp_session_alloc(VSTREAM *stream, const char *dest,
session->host = mystrdup(host);
session->addr = mystrdup(addr);
session->namaddr = concatenate(host, "[", addr, "]", (char *) 0);
session->helo = 0;
session->port = port;
session->features = 0;
@ -298,6 +301,8 @@ void smtp_session_free(SMTP_SESSION *session)
myfree(session->host);
myfree(session->addr);
myfree(session->namaddr);
if (session->helo)
myfree(session->helo);
vstring_free(session->buffer);
vstring_free(session->scratch);

1
postfix/src/smtpd/smtpd_sasl_glue.c
View File

@ -93,6 +93,7 @@
#include <mymalloc.h>
#include <namadr_list.h>
#include <name_mask.h>
#include <stringops.h>
/* Global library. */

17
postfix/src/tls/tls.h
View File

@ -52,6 +52,7 @@ typedef struct {
SSL *con;
BIO *internal_bio; /* postfix/TLS side of pair */
BIO *network_bio; /* network side of pair */
char *serverid; /* unique server identifier */
char peer_subject[CCERT_BUFSIZ];
char peer_issuer[CCERT_BUFSIZ];
char peer_CN[CCERT_BUFSIZ];
@ -67,6 +68,18 @@ typedef struct {
#define TLS_BIO_BUFSIZE 8192
#define NEW_TLS_CONTEXT(p) do { \
p = (TLScontext_t *) mymalloc(sizeof(*p)); \
memset((char *) p, 0, sizeof(*p)); \
p->serverid = 0; \
} while (0)
#define FREE_TLS_CONTEXT(p) do { \
if ((p)->serverid) \
myfree((p)->serverid); \
myfree((char *) (p)); \
} while (0)
typedef struct {
int peer_verified;
int hostname_matched;
@ -88,7 +101,8 @@ extern const tls_info_t tls_info_zero;
*/
extern SSL_CTX *tls_client_init(int);
extern TLScontext_t *tls_client_start(SSL_CTX *, VSTREAM *, int, int,
const char *, tls_info_t *);
const char *, const char *,
tls_info_t *);
#define tls_client_stop(ctx , stream, timeout, failure, tls_info) \
tls_session_stop((ctx), (stream), (timeout), (failure), (tls_info))
@ -183,7 +197,6 @@ extern int tls_set_my_certificate_key_info(SSL_CTX *, const char *,
* tls_misc.c
*/
extern int TLScontext_index;
extern int TLSpeername_index;
extern void tls_print_errors(void);
extern void tls_info_callback(const SSL *, int, int);

124
postfix/src/tls/tls_client.c
View File

@ -9,13 +9,15 @@
/* SSL_CTX *tls_client_init(verifydepth)
/* int verifydepth; /* unused */
/*
/* TLScontext_t *tls_client_start(client_ctx, stream, timeout, peername,
/* peeraddr, tls_info)
/* TLScontext_t *tls_client_start(client_ctx, stream, timeout,
/* enforce_peername, peername,
/* serverid, tls_info)
/* SSL_CTX *client_ctx;
/* VSTREAM *stream;
/* int timeout;
/* int enforce_peername;
/* const char *peername;
/* const char *peeraddr;
/* const char *serverid;
/* tls_info_t *tls_info;
/*
/* void tls_client_stop(client_ctx, stream, failure, tls_info)
@ -36,6 +38,9 @@
/* passed as argument. We expect that network buffers are flushed and the
/* TLS handshake can begin immediately. Information about the peer
/* is stored into the tls_info structure passed as argument.
/* The serverid argument specifies a string that hopefully
/* uniquely identifies a server. It is used as the client
/* session cache lookup key.
/*
/* tls_client_stop() sends the "close notify" alert via
/* SSL_shutdown() to the peer and resets all connection specific
@ -144,12 +149,10 @@ static int client_verify_callback(int ok, X509_STORE_CTX *ctx)
/* load_clnt_session - load session from client cache (non-callback) */
static SSL_SESSION *load_clnt_session(const char *hostname,
static SSL_SESSION *load_clnt_session(const char *cache_id,
int enforce_peername)
{
SSL_SESSION *session = 0;
char *cache_id;
VSTRING *cache_id_buffer;
VSTRING *session_data = vstring_alloc(2048);
int flags = 0;
@ -158,7 +161,6 @@ static SSL_SESSION *load_clnt_session(const char *hostname,
/*
* Prepare the query.
*/
cache_id = lowercase(mystrdup(hostname));
if (var_smtp_tls_loglevel >= 3)
msg_info("looking for session %s in client cache", cache_id);
if (enforce_peername)
@ -174,97 +176,34 @@ static SSL_SESSION *load_clnt_session(const char *hostname,
if (session) {
if (var_smtp_tls_loglevel >= 3)
msg_info("reloaded session %s from client cache", cache_id);
cache_id_buffer =
(VSTRING *) SSL_SESSION_get_ex_data(session, TLSpeername_index);
vstring_strcpy(cache_id_buffer, cache_id);
}
}
/*
* Clean up.
*/
myfree(cache_id);
vstring_free(session_data);
return (session);
}
/*
* The client session cache is indexed by peer name, not by session id. The
* following routines maintain string storage for the peer name in an
* SSL_SESSION object. We use VSTRING buffers so that we don't have to worry
* about hostname length problems.
*/
/* new_cache_id_func - create space for peer name in SSL_SESSION object */
static int new_cache_id_func(void *unused_parent, void *unused_ptr,
CRYPTO_EX_DATA *ad, int idx,
long unused_argl, void *unused_argp)
{
VSTRING *cache_id_buffer;
cache_id_buffer = vstring_alloc(32);
return (CRYPTO_set_ex_data(ad, idx, (void *) cache_id_buffer));
}
/* free_cache_id_func - destroy space for peer name in SSL_SESSION object */
static void free_cache_id_func(void *unused_parent, void *unused_ptr,
CRYPTO_EX_DATA *ad, int idx,
long unused_argl, void *unused_argp)
{
VSTRING *cache_id_buffer;
cache_id_buffer = (VSTRING *) CRYPTO_get_ex_data(ad, idx);
vstring_free(cache_id_buffer);
}
/* dup_cache_id_func - duplicate peer name when SSL_SESSION is duplicated */
static int dup_cache_id_func(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from,
void *unused_from_d, int idx, long unused_argl, void *unused_argp)
{
const char *myname = "dup_cache_id_func";
VSTRING *old_cache_id_buffer;
VSTRING *new_cache_id_buffer;
old_cache_id_buffer = (VSTRING *) CRYPTO_get_ex_data(from, idx);
if (old_cache_id_buffer == 0) {
msg_warn("%s: cannot get old SSL_SESSION peer name buffer", myname);
return (0);
}
new_cache_id_buffer = (VSTRING *) CRYPTO_get_ex_data(to, idx);
if (new_cache_id_buffer == 0) {
msg_warn("%s: cannot get new SSL_SESSION peer name buffer", myname);
return (0);
}
vstring_strcpy(new_cache_id_buffer, STR(old_cache_id_buffer));
return (1);
}
/* new_client_session_cb - name new session and save it to client cache */
static int new_client_session_cb(SSL *ssl, SSL_SESSION *session)
{
TLScontext_t *TLScontext;
VSTRING *session_data;
VSTRING *cache_id_buffer;
const char *cache_id;
int flags = 0;
/*
* Attach the cache ID string to the session object. Don't worry about
* the length; that is the concern of the code that updates the session
* cache.
* Look up the cache ID string for this session object.
*/
cache_id_buffer =
(VSTRING *) SSL_SESSION_get_ex_data(session, TLSpeername_index);
TLScontext = SSL_get_ex_data(ssl, TLScontext_index);
vstring_strcpy(cache_id_buffer, TLScontext->peername_save);
lowercase(STR(cache_id_buffer)); /* just in case */
cache_id = TLScontext->serverid;
if (var_smtp_tls_loglevel >= 3)
msg_info("save session %s to client cache", STR(cache_id_buffer));
msg_info("save session %s to client cache", cache_id);
/*
* Remember whether peername matching was enforced when the session was
@ -295,7 +234,7 @@ static int new_client_session_cb(SSL *ssl, SSL_SESSION *session)
*/
session_data = tls_session_passivate(session);
if (session_data)
tls_mgr_update(tls_client_cache, STR(cache_id_buffer),
tls_mgr_update(tls_client_cache, cache_id,
OPENSSL_VERSION_NUMBER, flags,
STR(session_data), LEN(session_data));
@ -304,6 +243,7 @@ static int new_client_session_cb(SSL *ssl, SSL_SESSION *session)
*/
if (session_data)
vstring_free(session_data);
SSL_SESSION_free(session); /* 200502 */
return (1);
}
@ -479,19 +419,6 @@ SSL_CTX *tls_client_init(int unused_verifydepth)
if (TLScontext_index < 0)
TLScontext_index = SSL_get_ex_new_index(0, "TLScontext ex_data index",
NULL, NULL, NULL);
/*
* Create a global index so that we can attach peer name information to
* SSL_SESSION objects; the client session cache manager uses this to
* generate cache ID strings.
*/
if (TLSpeername_index < 0)
TLSpeername_index = SSL_SESSION_get_ex_new_index(0,
"TLSpeername ex_data index",
new_cache_id_func,
dup_cache_id_func,
free_cache_id_func);
return (client_ctx);
}
@ -500,14 +427,15 @@ SSL_CTX *tls_client_init(int unused_verifydepth)
* buffers are flushed and the "220 Ready to start TLS" was received by us,
* so that we can immediately start the TLS handshake process.
*/
TLScontext_t *tls_client_start(SSL_CTX *client_ctx, VSTREAM *stream, int timeout,
TLScontext_t *tls_client_start(SSL_CTX *client_ctx, VSTREAM *stream,
int timeout,
int enforce_peername,
const char *peername,
const char *serverid,
tls_info_t *tls_info)
{
int sts;
SSL_SESSION *session,
*old_session;
SSL_SESSION *session, *old_session;
SSL_CIPHER *cipher;
X509 *peer;
int verify_flags;
@ -526,24 +454,24 @@ TLScontext_t *tls_client_start(SSL_CTX *client_ctx, VSTREAM *stream, int timeout
*/
#define PEERNAME_SIZE sizeof(TLScontext->peername_save)
TLScontext = (TLScontext_t *) mymalloc(sizeof(TLScontext_t));
memset((char *) TLScontext, 0, sizeof(*TLScontext));
NEW_TLS_CONTEXT(TLScontext);
TLScontext->log_level = var_smtp_tls_loglevel;
strncpy(TLScontext->peername_save, peername, PEERNAME_SIZE - 1);
TLScontext->peername_save[PEERNAME_SIZE - 1] = 0;
(void) lowercase(TLScontext->peername_save);
TLScontext->serverid = mystrdup(serverid);
if ((TLScontext->con = (SSL *) SSL_new(client_ctx)) == NULL) {
msg_info("Could not allocate 'TLScontext->con' with SSL_new()");
tls_print_errors();
myfree((char *) TLScontext);
FREE_TLS_CONTEXT(TLScontext);
return (0);
}
if (!SSL_set_ex_data(TLScontext->con, TLScontext_index, TLScontext)) {
msg_info("Could not set application data for 'TLScontext->con'");
tls_print_errors();
SSL_free(TLScontext->con);
myfree((char *) TLScontext);
FREE_TLS_CONTEXT(TLScontext);
return (0);
}
@ -574,7 +502,7 @@ TLScontext_t *tls_client_start(SSL_CTX *client_ctx, VSTREAM *stream, int timeout
msg_info("Could not obtain BIO_pair");
tls_print_errors();
SSL_free(TLScontext->con);
myfree((char *) TLScontext);
FREE_TLS_CONTEXT(TLScontext);
return (0);
}
old_session = NULL;
@ -587,7 +515,7 @@ TLScontext_t *tls_client_start(SSL_CTX *client_ctx, VSTREAM *stream, int timeout
* will be reused.
*/
if (tls_client_cache) {
old_session = load_clnt_session(peername, enforce_peername);
old_session = load_clnt_session(serverid, enforce_peername);
if (old_session) {
SSL_set_session(TLScontext->con, old_session);
SSL_SESSION_free(old_session); /* 200411 */
@ -661,7 +589,7 @@ TLScontext_t *tls_client_start(SSL_CTX *client_ctx, VSTREAM *stream, int timeout
}
SSL_free(TLScontext->con);
BIO_free(TLScontext->network_bio); /* 200411 */
myfree((char *) TLScontext);
FREE_TLS_CONTEXT(TLScontext);
return (0);
}
if (var_smtp_tls_loglevel >= 3 && SSL_session_reused(TLScontext->con))

1
postfix/src/tls/tls_misc.c
View File

@ -82,7 +82,6 @@
* so that it can be accessed by call-back routines.
*/
int TLScontext_index = -1;
int TLSpeername_index = -1;
/* tls_print_errors - print and clear the error stack */

47
postfix/src/tls/tls_server.c
View File

@ -191,28 +191,6 @@ static SSL_SESSION *get_server_session_cb(SSL *unused_ssl,
return (session);
}
/* remove_server_session_cb - callback to remove session from server cache */
static void remove_server_session_cb(SSL_CTX *unused_ctx, SSL_SESSION *session)
{
VSTRING *cache_id;
/*
* Encode the session ID.
*/
cache_id =
MAKE_SERVER_CACHE_ID(session->session_id, session->session_id_length);
if (var_smtpd_tls_loglevel >= 3)
msg_info("remove session %s from server cache", STR(cache_id));
/*
* Delete the session from cache.
*/
tls_mgr_delete(tls_server_cache, STR(cache_id));
vstring_free(cache_id);
}
/* new_server_session_cb - callback to save session to server cache */
static int new_server_session_cb(SSL *unused_ssl, SSL_SESSION *session)
@ -243,6 +221,7 @@ static int new_server_session_cb(SSL *unused_ssl, SSL_SESSION *session)
if (session_data)
vstring_free(session_data);
vstring_free(cache_id);
SSL_SESSION_free(session); /* 200502 */
return (1);
}
@ -425,6 +404,13 @@ SSL_CTX *tls_server_init(int unused_verifydepth, int askcert)
/*
* The session cache is implemented by the tlsmgr(8) server.
*
* XXX 200502 Surprise: when OpenSSL purges an entry from the in-memory
* cache, it also attempts to purge the entry from the on-disk cache.
* This is undesirable, especially when we set the in-memory cache size
* to 1. For this reason we don't allow OpenSSL to purge on-disk cache
* entries, and leave it up to the tlsmgr process instead. Found by
* Victor Duchovni.
*/
if (tls_mgr_policy(&cache_types) == TLS_MGR_STAT_OK
&& (tls_server_cache = (cache_types & TLS_MGR_SCACHE_SERVER)) != 0) {
@ -432,7 +418,6 @@ SSL_CTX *tls_server_init(int unused_verifydepth, int askcert)
SSL_SESS_CACHE_SERVER | SSL_SESS_CACHE_NO_AUTO_CLEAR);
SSL_CTX_sess_set_get_cb(server_ctx, get_server_session_cb);
SSL_CTX_sess_set_new_cb(server_ctx, new_server_session_cb);
SSL_CTX_sess_set_remove_cb(server_ctx, remove_server_session_cb);
}
/*
@ -474,14 +459,13 @@ TLScontext_t *tls_server_start(SSL_CTX *server_ctx, VSTREAM *stream,
* Allocate a new TLScontext for the new connection and get an SSL
* structure. Add the location of TLScontext to the SSL to later retrieve
* the information inside the tls_verify_certificate_callback().
*
*
* XXX Need a dedicated procedure for consistent initialization of all the
* fields in this structure.
*/
#define PEERNAME_SIZE sizeof(TLScontext->peername_save)
TLScontext = (TLScontext_t *) mymalloc(sizeof(TLScontext_t));
memset((char *) TLScontext, 0, sizeof(*TLScontext));
NEW_TLS_CONTEXT(TLScontext);
TLScontext->log_level = var_smtpd_tls_loglevel;
strncpy(TLScontext->peername_save, peername, PEERNAME_SIZE - 1);
TLScontext->peername_save[PEERNAME_SIZE - 1] = 0;
@ -490,14 +474,14 @@ TLScontext_t *tls_server_start(SSL_CTX *server_ctx, VSTREAM *stream,
if ((TLScontext->con = (SSL *) SSL_new(server_ctx)) == NULL) {
msg_info("Could not allocate 'TLScontext->con' with SSL_new()");
tls_print_errors();
myfree((char *) TLScontext);
FREE_TLS_CONTEXT(TLScontext);
return (0);
}
if (!SSL_set_ex_data(TLScontext->con, TLScontext_index, TLScontext)) {
msg_info("Could not set application data for 'TLScontext->con'");
tls_print_errors();
SSL_free(TLScontext->con);
myfree((char *) TLScontext);
FREE_TLS_CONTEXT(TLScontext);
return (0);
}
@ -528,7 +512,7 @@ TLScontext_t *tls_server_start(SSL_CTX *server_ctx, VSTREAM *stream,
msg_info("Could not obtain BIO_pair");
tls_print_errors();
SSL_free(TLScontext->con);
myfree((char *) TLScontext);
FREE_TLS_CONTEXT(TLScontext);
return (0);
}
@ -577,7 +561,7 @@ TLScontext_t *tls_server_start(SSL_CTX *server_ctx, VSTREAM *stream,
tls_print_errors();
SSL_free(TLScontext->con);
BIO_free(TLScontext->network_bio); /* 200411 */
myfree((char *) TLScontext);
FREE_TLS_CONTEXT(TLScontext);
return (0);
}
/* Only loglevel==4 dumps everything */
@ -622,7 +606,6 @@ TLScontext_t *tls_server_start(SSL_CTX *server_ctx, VSTREAM *stream,
msg_info("fingerprint=%s", TLScontext->fingerprint);
tls_info->peer_fingerprint = TLScontext->fingerprint;
}
TLScontext->peer_CN[0] = '\0';
if (!X509_NAME_get_text_by_NID(X509_get_subject_name(peer),
NID_commonName, TLScontext->peer_CN,
@ -672,7 +655,7 @@ TLScontext_t *tls_server_start(SSL_CTX *server_ctx, VSTREAM *stream,
SSL_CTX_remove_session(server_ctx, session);
SSL_free(TLScontext->con);
BIO_free(TLScontext->network_bio); /* 200411 */
myfree((char *) TLScontext);
FREE_TLS_CONTEXT(TLScontext);
return (0);
}
}

2
postfix/src/tls/tls_session.c
View File

@ -113,7 +113,7 @@ void tls_session_stop(SSL_CTX *ctx, VSTREAM *stream, int timeout,
SSL_free(TLScontext->con);
BIO_free(TLScontext->network_bio);
myfree((char *) TLScontext);
FREE_TLS_CONTEXT(TLScontext);
tls_stream_stop(stream);
SSL_CTX_flush_sessions(ctx, time(NULL));