mir/postfix
2
0
Fork 0
mirror of https://github.com/vdukhovni/postfix synced 2025-09-03 07:35:20 +00:00
Code Issues Releases Wiki Activity

postfix-3.4-20180618

Browse Source
This commit is contained in:
Wietse Venema
2018-06-18 00:00:00 -05:00
committed by Viktor Dukhovni
parent 9afaf0de4d
commit a31e5553ca
4 changed files with 19 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
postfix/HISTORY
View File

@@ -23535,3 +23535,13 @@ Apologies for any names omitted.
Release: first production snapshot with multiple outbound Release: first production snapshot with multiple outbound
deliveries per TLS-encrypted connection. deliveries per TLS-encrypted connection.
20180618
Quick tlsproxy workaround: after the remote TLS peer shuts
down TLS, allow unsent inbound plaintext to trickle out
before tearing down the proxied connection. This addresses
a sporadic "lost connection after end-of-data" error in the
Postfix SMTP client, and addresses a sporadic "lost connection
after sending QUIT" error with "posttls-finger -X". File:
tlsproxy/tlsproxy.c.

2
postfix/RELEASE_NOTES
View File

@@ -46,7 +46,7 @@ Postfix 2.8, to support STARTTLS in postscreen(8).
Under high-traffic conditions, the Postfix SMTP client will use the Under high-traffic conditions, the Postfix SMTP client will use the
scache(8) connection cache to store and retrieve open connections. scache(8) connection cache to store and retrieve open connections.
This part already existed for plaintext SMTP, and it works in the This part already existed for plaintext SMTP, and it works in the
same way for TLS-encryped connections. same way for TLS-encrypted connections.
The following illustrates how TLS connections are reused: The following illustrates how TLS connections are reused:

2
postfix/src/global/mail_version.h
View File

@@ -20,7 +20,7 @@
* Patches change both the patchlevel and the release date. Snapshots have no * Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only. * patchlevel; they change the release date only.
*/ */
#define MAIL_RELEASE_DATE "20180617" #define MAIL_RELEASE_DATE "20180618"
#define MAIL_VERSION_NUMBER "3.4" #define MAIL_VERSION_NUMBER "3.4"
#ifdef SNAPSHOT #ifdef SNAPSHOT

8
postfix/src/tlsproxy/tlsproxy.c
View File

@@ -474,6 +474,12 @@ static int tlsp_eval_tls_error(TLSP_STATE *state, int err)
tls_print_errors(); tls_print_errors();
/* FALLTHROUGH */ /* FALLTHROUGH */
default: default:
/*
* Allow buffered-up plaintext output to trickle out.
*/
if (state->plaintext_buf && NBBIO_WRITE_PEND(state->plaintext_buf))
return (TLSP_STAT_OK);
tlsp_state_free(state); tlsp_state_free(state);
return (TLSP_STAT_ERR); return (TLSP_STAT_ERR);
} }
@@ -1013,7 +1019,7 @@ static void tlsp_get_request_event(int event, void *context)
"(bogus_direction)", state->remote_endpt); "(bogus_direction)", state->remote_endpt);
state->req_flags = req_flags; state->req_flags = req_flags;
/* state->is_server_role is set below. */ /* state->is_server_role is set below. */
state->handshake_timeout = handshake_timeout + 10; /* XXX */ state->handshake_timeout = handshake_timeout;
state->session_timeout = session_timeout + 10; /* XXX */ state->session_timeout = session_timeout + 10; /* XXX */
/* /*