mir/postfix
2
0
Fork 0
mirror of https://github.com/vdukhovni/postfix synced 2025-08-30 13:48:06 +00:00
Code Issues Releases Wiki Activity

postfix-3.1-20160103

Browse Source
This commit is contained in:
Wietse Venema 2016-01-03 00:00:00 -05:00 committed by Viktor Dukhovni
parent 370fdfce00
commit bbddef305d
28 changed files with 365 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
postfix/HISTORY
View File

@ -22059,3 +22059,40 @@ Apologies for any names omitted.
global/post_mail.h, global/verify.c, oqmgr/qmgr.c, oqmgr/qmgr.h, global/post_mail.h, global/verify.c, oqmgr/qmgr.c, oqmgr/qmgr.h,
oqmgr/qmgr_message.c, qmgr/qmgr.c, qmgr/qmgr.h, oqmgr/qmgr_message.c, qmgr/qmgr.c, qmgr/qmgr.h,
qmgr/qmgr_message.c, verify/verify.c. qmgr/qmgr_message.c, verify/verify.c.
20160102
Workaround: MacOS/X 10.11.x /bin/sh unsets DYLD_LIBRARY_PATH,
which breaks the build and install. Viktor Dukhovni and
Wietse. Files: makedefs, postfix-install, Makefile.in.
Bitrot: OpenSSL 1.1.0-dev drops support for EXPORT ciphers
and ephemeral RSA. Viktor Dukhovni. Files: tls/tls_client.c,
tls/tls_rsa.c, tls/tls_server.c.
Bugfix: memory leak in tls_set_eecdh_curve(). Viktor Dukhovni.
File: tls/tls_dh.c.
Bugfix (introduced 20150326): when lmtp_fallback_relay
support was added, the code that generates lmtp_mumble
parameters from smtp_mumble parameters wasn't updated. File:
smtp/smtp-only.
Bugfix (introduced 20151017): the smtpd_client_auth_rate_limit
implementation was not guarded with #ifdef USE_SASL_AUTH.
File: smtpd/smtpd.c.
20160103
Feature: enable DANE policies when an MX host has a secure
TLSA DNS record, even if the MX DNS record was obtained
with insecure lookups. The existence of a secure TLSA record
implies that the host wants to talk TLS and not plaintext.
This behavior is controlled with smtp_tls_dane_insecure_mx_policy
(default: "dane", other settings: "encrypt" and "may"; the
latter is backwards-compatible with earlier Postfix releases).
Viktor Dukhovni. Files: mantools/postlink, proto/postconf.proto,
src/global/mail_params.h, src/posttls-finger/posttls-finger.c,
src/smtp/smtp-only, src/smtp/smtp.c, src/smtp/smtp.h,
src/smtp/smtp_addr.c, src/smtp/smtp_params.c,
src/smtp/smtp_tls_policy.c, src/tls/tls.h, src/tls/tls_client.c.

4
postfix/Makefile.in
View File

@ -117,19 +117,23 @@ printfck: update
# shared=yes<->shared=no. # shared=yes<->shared=no.
install: update install: update
SHLIB_ENV_VAR= SHLIB_ENV_VAL= \
$(SHLIB_ENV) shlib_directory=$(SHLIB_DIR_OVERRIDE) $(SHELL) \ $(SHLIB_ENV) shlib_directory=$(SHLIB_DIR_OVERRIDE) $(SHELL) \
postfix-install postfix-install
package: update package: update
SHLIB_ENV_VAR= SHLIB_ENV_VAL= \
$(SHLIB_ENV) shlib_directory=$(SHLIB_DIR_OVERRIDE) $(SHELL) \ $(SHLIB_ENV) shlib_directory=$(SHLIB_DIR_OVERRIDE) $(SHELL) \
postfix-install -package postfix-install -package
upgrade: update upgrade: update
SHLIB_ENV_VAR= SHLIB_ENV_VAL= \
$(SHLIB_ENV) shlib_directory=$(SHLIB_DIR_OVERRIDE) $(SHELL) \ $(SHLIB_ENV) shlib_directory=$(SHLIB_DIR_OVERRIDE) $(SHELL) \
postfix-install -non-interactive postfix-install -non-interactive
non-interactive-package: update non-interactive-package: update
SHLIB_ENV_VAR= SHLIB_ENV_VAL= \
$(SHLIB_ENV) shlib_directory=$(SHLIB_DIR_OVERRIDE) $(SHELL) \ $(SHLIB_ENV) shlib_directory=$(SHLIB_DIR_OVERRIDE) $(SHELL) \
postfix-install -non-interactive -package postfix-install -non-interactive -package

7
postfix/html/lmtp.8.html
View File

@ -562,6 +562,13 @@ SMTP(8) SMTP(8)
Request that the Postfix SMTP client connects using the legacy Request that the Postfix SMTP client connects using the legacy
SMTPS protocol instead of using the STARTTLS command. SMTPS protocol instead of using the STARTTLS command.
Available in Postfix version 3.1 and later:
<b><a href="postconf.5.html#smtp_tls_dane_insecure_mx_policy">smtp_tls_dane_insecure_mx_policy</a> (dane)</b>
The TLS policy for MX hosts with "secure" TLSA records when the
nexthop destination security level is <b>dane</b>, but the MX record
was found via an "insecure" MX lookup.
<b>OBSOLETE STARTTLS CONTROLS</b> <b>OBSOLETE STARTTLS CONTROLS</b>
The following configuration parameters exist for compatibility with The following configuration parameters exist for compatibility with
Postfix versions before 2.3. Support for these will be removed in a Postfix versions before 2.3. Support for these will be removed in a

39
postfix/html/postconf.5.html
View File

@ -11797,6 +11797,45 @@ releases only the <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_
and opportunistic TLS always uses "export" or better (i.e. all) ciphers. </p> and opportunistic TLS always uses "export" or better (i.e. all) ciphers. </p>
</DD>
<DT><b><a name="smtp_tls_dane_insecure_mx_policy">smtp_tls_dane_insecure_mx_policy</a>
(default: dane)</b></DT><DD>
<p> The TLS policy for MX hosts with "secure" TLSA records when the
nexthop destination security level is <b>dane</b>, but the MX
record was found via an "insecure" MX lookup. The choices are:
</p>
<dl>
<dt><b>may</b></dt>
<dd> The TLSA records will be ignored and TLS will be optional. If
the MX host does not appear to support STARTTLS, or the STARTTLS
handshake fails, mail may be sent in the clear. </dd>
<dt><b>encrypt</b></dt>
<dd> The TLSA records will signal a requirement to use TLS. While
TLS encryption will be required, authentication will not be performed.
</dd>
<dt><b>dane</b> (default)</dt>
<dd>The TLSA records will be used just as with "secure" MX records.
TLS encryption will be required, and, if at least one of the TLSA
records is "usable", authentication will be required. When
authentication succeeds, it will be logged only as "Trusted", not
"Verified", because the MX host name could have been forged. </dd>
</dl>
<p> Though with "insecure" MX records an active attacker can
compromise SMTP transport security by returning forged MX records,
such attacks are "tamper-evident" since any forged MX hostnames
will be recorded in the mail logs. Attackers who place a high value
staying hidden may be deterred from forging MX records. </p>
<p>
This feature is available in Postfix 3.1 and later. The <b>may</b>
policy is backwards-compatible with earlier Postfix versions.
</p>
</DD> </DD>
<DT><b><a name="smtp_tls_dcert_file">smtp_tls_dcert_file</a> <DT><b><a name="smtp_tls_dcert_file">smtp_tls_dcert_file</a>

58
postfix/html/posttls-finger.1.html
View File

@ -231,31 +231,37 @@ POSTTLS-FINGER(1) POSTTLS-FINGER(1)
with these servers there will never be more than 1 reconnection with these servers there will never be more than 1 reconnection
attempt. attempt.
<b>-M</b> <i>insecure</i><b>_</b><i>mx</i><b>_</b><i>policy</i> (default: <b>dane</b>)
The TLS policy for MX hosts with "secure" TLSA records when the
nexthop destination security level is <b>dane</b>, but the MX record
was found via an "insecure" MX lookup. See the <a href="postconf.5.html">main.cf</a> documen-
tation for smtp_tls_insecure_mx_policy for details.
<b>-o</b> <i>name=value</i> <b>-o</b> <i>name=value</i>
Specify zero or more times to override the value of the <a href="postconf.5.html">main.cf</a> Specify zero or more times to override the value of the <a href="postconf.5.html">main.cf</a>
parameter <i>name</i> with <i>value</i>. Possible use-cases include overrid- parameter <i>name</i> with <i>value</i>. Possible use-cases include overrid-
ing the values of TLS library parameters, or "<a href="postconf.5.html#myhostname">myhostname</a>" to ing the values of TLS library parameters, or "<a href="postconf.5.html#myhostname">myhostname</a>" to
configure the SMTP EHLO name sent to the remote server. configure the SMTP EHLO name sent to the remote server.
<b>-p</b> <i>protocols</i> (default: !SSLv2) <b>-p</b> <i>protocols</i> (default: !SSLv2)
List of TLS protocols that posttls-finger will exclude or List of TLS protocols that posttls-finger will exclude or
include. See <a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> for details. include. See <a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> for details.
<b>-P</b> <i>CApath/</i> (default: none) <b>-P</b> <i>CApath/</i> (default: none)
The OpenSSL CApath/ directory (indexed via c_rehash(1)) for The OpenSSL CApath/ directory (indexed via c_rehash(1)) for
remote SMTP server certificate verification. By default no CAp- remote SMTP server certificate verification. By default no CAp-
ath is used and no public CAs are trusted. ath is used and no public CAs are trusted.
<b>-r</b> <i>delay</i> <b>-r</b> <i>delay</i>
With a cacheable TLS session, disconnect and reconnect after With a cacheable TLS session, disconnect and reconnect after
<i>delay</i> seconds. Report whether the session is re-used. Retry if a <i>delay</i> seconds. Report whether the session is re-used. Retry if a
new server is encountered, up to 5 times or as specified with new server is encountered, up to 5 times or as specified with
the <b>-m</b> option. By default reconnection is disabled, specify a the <b>-m</b> option. By default reconnection is disabled, specify a
positive delay to enable this behavior. positive delay to enable this behavior.
<b>-S</b> Disable SMTP; that is, connect to an LMTP server. The default <b>-S</b> Disable SMTP; that is, connect to an LMTP server. The default
port for LMTP over TCP is 24. Alternative ports can specified port for LMTP over TCP is 24. Alternative ports can specified
by appending "<i>:servicename</i>" or ":<i>portnumber</i>" to the destination by appending "<i>:servicename</i>" or ":<i>portnumber</i>" to the destination
argument. argument.
<b>-t</b> <i>timeout</i> (default: <b>30</b>) <b>-t</b> <i>timeout</i> (default: <b>30</b>)
@ -263,28 +269,28 @@ POSTTLS-FINGER(1) POSTTLS-FINGER(1)
reading the remote server's 220 banner. reading the remote server's 220 banner.
<b>-T</b> <i>timeout</i> (default: <b>30</b>) <b>-T</b> <i>timeout</i> (default: <b>30</b>)
The SMTP/LMTP command timeout for EHLO/LHLO, STARTTLS and QUIT. The SMTP/LMTP command timeout for EHLO/LHLO, STARTTLS and QUIT.
<b>-v</b> Enable verbose Postfix logging. Specify more than once to <b>-v</b> Enable verbose Postfix logging. Specify more than once to
increase the level of verbose logging. increase the level of verbose logging.
<b>-w</b> Enable outgoing TLS wrapper mode, or SMTPS support. This is <b>-w</b> Enable outgoing TLS wrapper mode, or SMTPS support. This is
typically provided on port 465 by servers that are compatible typically provided on port 465 by servers that are compatible
with the ad-hoc SMTP in SSL protocol, rather than the standard with the ad-hoc SMTP in SSL protocol, rather than the standard
STARTTLS protocol. The destination <i>domain</i>:<i>port</i> should of course STARTTLS protocol. The destination <i>domain</i>:<i>port</i> should of course
provide such a service. provide such a service.
[<b>inet:</b>]<i>domain</i>[:<i>port</i>] [<b>inet:</b>]<i>domain</i>[:<i>port</i>]
Connect via TCP to domain <i>domain</i>, port <i>port</i>. The default port is Connect via TCP to domain <i>domain</i>, port <i>port</i>. The default port is
<b>smtp</b> (or 24 with LMTP). With SMTP an MX lookup is performed to <b>smtp</b> (or 24 with LMTP). With SMTP an MX lookup is performed to
resolve the domain to a host, unless the domain is enclosed in resolve the domain to a host, unless the domain is enclosed in
<b>[]</b>. If you want to connect to a specific MX host, for instance <b>[]</b>. If you want to connect to a specific MX host, for instance
<i>mx1.example.com</i>, specify [<i>mx1.example.com</i>] as the destination <i>mx1.example.com</i>, specify [<i>mx1.example.com</i>] as the destination
and <i>example.com</i> as a <b>match</b> argument. When using DNS, the desti- and <i>example.com</i> as a <b>match</b> argument. When using DNS, the desti-
nation domain is assumed fully qualified and no default domain nation domain is assumed fully qualified and no <a href="ADDRESS_CLASS_README.html#default_domain_class">default domain</a>
or search suffixes are applied; you must use fully-qualified or search suffixes are applied; you must use fully-qualified
names or also enable <b>native</b> host lookups (these don't support names or also enable <b>native</b> host lookups (these don't support
<b>dane</b> or <b>dane-only</b> as no DNSSEC validation information is avail- <b>dane</b> or <b>dane-only</b> as no DNSSEC validation information is avail-
able via <b>native</b> lookups). able via <b>native</b> lookups).
<b>unix:</b><i>pathname</i> <b>unix:</b><i>pathname</i>
@ -293,8 +299,8 @@ POSTTLS-FINGER(1) POSTTLS-FINGER(1)
<b>match ...</b> <b>match ...</b>
With no match arguments specified, certificate peername matching With no match arguments specified, certificate peername matching
uses the compiled-in default strategies for each security level. uses the compiled-in default strategies for each security level.
If you specify one or more arguments, these will be used as the If you specify one or more arguments, these will be used as the
list of certificate or public-key digests to match for the <b>fin-</b> list of certificate or public-key digests to match for the <b>fin-</b>
<b>gerprint</b> level, or as the list of DNS names to match in the cer- <b>gerprint</b> level, or as the list of DNS names to match in the cer-
tificate at the <b>verify</b> and <b>secure</b> levels. If the security level tificate at the <b>verify</b> and <b>secure</b> levels. If the security level
is <b>dane</b>, or <b>dane-only</b> the match names are ignored, and <b>hostname,</b> is <b>dane</b>, or <b>dane-only</b> the match names are ignored, and <b>hostname,</b>

7
postfix/html/smtp.8.html
View File

@ -562,6 +562,13 @@ SMTP(8) SMTP(8)
Request that the Postfix SMTP client connects using the legacy Request that the Postfix SMTP client connects using the legacy
SMTPS protocol instead of using the STARTTLS command. SMTPS protocol instead of using the STARTTLS command.
Available in Postfix version 3.1 and later:
<b><a href="postconf.5.html#smtp_tls_dane_insecure_mx_policy">smtp_tls_dane_insecure_mx_policy</a> (dane)</b>
The TLS policy for MX hosts with "secure" TLSA records when the
nexthop destination security level is <b>dane</b>, but the MX record
was found via an "insecure" MX lookup.
<b>OBSOLETE STARTTLS CONTROLS</b> <b>OBSOLETE STARTTLS CONTROLS</b>
The following configuration parameters exist for compatibility with The following configuration parameters exist for compatibility with
Postfix versions before 2.3. Support for these will be removed in a Postfix versions before 2.3. Support for these will be removed in a

4
postfix/makedefs
View File

@ -664,7 +664,9 @@ ReliantUNIX-?.5.43) SYSTYPE=ReliantUnix543
: ${SHLIB_SUFFIX=.dylib} : ${SHLIB_SUFFIX=.dylib}
: ${SHLIB_LD='cc -shared -Wl,-flat_namespace -Wl,-undefined,dynamic_lookup -Wl,-install_name,@rpath/${LIB}'} : ${SHLIB_LD='cc -shared -Wl,-flat_namespace -Wl,-undefined,dynamic_lookup -Wl,-install_name,@rpath/${LIB}'}
: ${SHLIB_RPATH='-Wl,-rpath,${SHLIB_DIR}'} : ${SHLIB_RPATH='-Wl,-rpath,${SHLIB_DIR}'}
: ${SHLIB_ENV="DYLD_LIBRARY_PATH=`pwd`/lib"} # In MacOS/X 10.11.x /bin/sh unsets DYLD_LIBRARY_PATH, so we
# have export it into postfix-install indirectly!
: ${SHLIB_ENV="DYLD_LIBRARY_PATH=`pwd`/lib SHLIB_ENV_VAR=DYLD_LIBRARY_PATH SHLIB_ENV_VAL=`pwd`/lib"}
: ${PLUGIN_LD='cc -shared -Wl,-flat_namespace -Wl,-undefined,dynamic_lookup'} : ${PLUGIN_LD='cc -shared -Wl,-flat_namespace -Wl,-undefined,dynamic_lookup'}
;; ;;
dcosx.1*) SYSTYPE=DCOSX1 dcosx.1*) SYSTYPE=DCOSX1

5
postfix/man/man1/posttls-finger.1
View File

@ -209,6 +209,11 @@ is likely to be effective for this destination. Some MTAs
don't expose the underlying server identity in their EHLO don't expose the underlying server identity in their EHLO
response; with these servers there will never be more than response; with these servers there will never be more than
1 reconnection attempt. 1 reconnection attempt.
.IP "\fB\-M \fIinsecure_mx_policy\fR (default: \fBdane\fR)"
The TLS policy for MX hosts with "secure" TLSA records when the
nexthop destination security level is \fBdane\fR, but the MX
record was found via an "insecure" MX lookup. See the main.cf
documentation for smtp_tls_insecure_mx_policy for details.
.IP "\fB\-o \fIname=value\fR" .IP "\fB\-o \fIname=value\fR"
Specify zero or more times to override the value of the main.cf Specify zero or more times to override the value of the main.cf
parameter \fIname\fR with \fIvalue\fR. Possible use\-cases include parameter \fIname\fR with \fIvalue\fR. Possible use\-cases include

29
postfix/man/man5/postconf.5
View File

@ -7437,6 +7437,35 @@ ciphers on a per\-destination basis.
This feature is available in Postfix 2.6 and later. With earlier Postfix This feature is available in Postfix 2.6 and later. With earlier Postfix
releases only the smtp_tls_mandatory_ciphers parameter is implemented, releases only the smtp_tls_mandatory_ciphers parameter is implemented,
and opportunistic TLS always uses "export" or better (i.e. all) ciphers. and opportunistic TLS always uses "export" or better (i.e. all) ciphers.
.SH smtp_tls_dane_insecure_mx_policy (default: dane)
The TLS policy for MX hosts with "secure" TLSA records when the
nexthop destination security level is \fBdane\fR, but the MX
record was found via an "insecure" MX lookup. The choices are:
.IP "\fBmay\fR"
The TLSA records will be ignored and TLS will be optional. If
the MX host does not appear to support STARTTLS, or the STARTTLS
handshake fails, mail may be sent in the clear.
.br
.IP "\fBencrypt\fR"
The TLSA records will signal a requirement to use TLS. While
TLS encryption will be required, authentication will not be performed.
.br
.IP "\fBdane\fR (default)"
The TLSA records will be used just as with "secure" MX records.
TLS encryption will be required, and, if at least one of the TLSA
records is "usable", authentication will be required. When
authentication succeeds, it will be logged only as "Trusted", not
"Verified", because the MX host name could have been forged.
.br
.br
Though with "insecure" MX records an active attacker can
compromise SMTP transport security by returning forged MX records,
such attacks are "tamper\-evident" since any forged MX hostnames
will be recorded in the mail logs. Attackers who place a high value
staying hidden may be deterred from forging MX records.
.PP
This feature is available in Postfix 3.1 and later. The \fBmay\fR
policy is backwards\-compatible with earlier Postfix versions.
.SH smtp_tls_dcert_file (default: empty) .SH smtp_tls_dcert_file (default: empty)
File with the Postfix SMTP client DSA certificate in PEM format. File with the Postfix SMTP client DSA certificate in PEM format.
This file may also contain the Postfix SMTP client private DSA key. This file may also contain the Postfix SMTP client private DSA key.

6
postfix/man/man8/smtp.8
View File

@ -498,6 +498,12 @@ Available in Postfix version 3.0 and later:
.IP "\fBsmtp_tls_wrappermode (no)\fR" .IP "\fBsmtp_tls_wrappermode (no)\fR"
Request that the Postfix SMTP client connects using the Request that the Postfix SMTP client connects using the
legacy SMTPS protocol instead of using the STARTTLS command. legacy SMTPS protocol instead of using the STARTTLS command.
.PP
Available in Postfix version 3.1 and later:
.IP "\fBsmtp_tls_dane_insecure_mx_policy (dane)\fR"
The TLS policy for MX hosts with "secure" TLSA records when the
nexthop destination security level is \fBdane\fR, but the MX
record was found via an "insecure" MX lookup.
.SH "OBSOLETE STARTTLS CONTROLS" .SH "OBSOLETE STARTTLS CONTROLS"
.na .na
.nf .nf

1
postfix/mantools/postlink
View File

@ -672,6 +672,7 @@ while (<>) {
s;\bsmtp_tls_session_cache_database\b;<a href="postconf.5.html#smtp_tls_session_cache_database">$&</a>;g; s;\bsmtp_tls_session_cache_database\b;<a href="postconf.5.html#smtp_tls_session_cache_database">$&</a>;g;
s;\bsmtp_tls_session_cache_timeout\b;<a href="postconf.5.html#smtp_tls_session_cache_timeout">$&</a>;g; s;\bsmtp_tls_session_cache_timeout\b;<a href="postconf.5.html#smtp_tls_session_cache_timeout">$&</a>;g;
s;\bsmtp_tls_block_early_mail_reply\b;<a href="postconf.5.html#smtp_tls_block_early_mail_reply">$&</a>;g; s;\bsmtp_tls_block_early_mail_reply\b;<a href="postconf.5.html#smtp_tls_block_early_mail_reply">$&</a>;g;
s;\bsmtp_tls_dane_insecure_mx_policy\b;<a href="postconf.5.html#smtp_tls_dane_insecure_mx_policy">$&</a>;g;
s;\bsmtp_tls_force_insecure_host_tlsa_lookup\b;<a href="postconf.5.html#smtp_tls_force_insecure_host_tlsa_lookup">$&</a>;g; s;\bsmtp_tls_force_insecure_host_tlsa_lookup\b;<a href="postconf.5.html#smtp_tls_force_insecure_host_tlsa_lookup">$&</a>;g;
s;\bsmtp_tls_wrappermode\b;<a href="postconf.5.html#smtp_tls_wrappermode">$&</a>;g; s;\bsmtp_tls_wrappermode\b;<a href="postconf.5.html#smtp_tls_wrappermode">$&</a>;g;
s;\bsmtp_use_tls\b;<a href="postconf.5.html#smtp_use_tls">$&</a>;g; s;\bsmtp_use_tls\b;<a href="postconf.5.html#smtp_use_tls">$&</a>;g;

5
postfix/postfix-install
View File

@ -204,6 +204,11 @@ BACKUP_IFS="$IFS"
# Override all LC_* settings and LANG for robustness. # Override all LC_* settings and LANG for robustness.
LC_ALL=C; export LC_ALL LC_ALL=C; export LC_ALL
if [ -n "$SHLIB_ENV_VAR" ]; then
junk="${SHLIB_ENV_VAL}"
eval export "$SHLIB_ENV_VAR=\$junk"
fi
USAGE="Usage: $0 [name=value] [option] USAGE="Usage: $0 [name=value] [option]
-non-interactive Do not ask for installation parameters. -non-interactive Do not ask for installation parameters.
-package Build a ready-to-install package. -package Build a ready-to-install package.

35
postfix/proto/postconf.proto
View File

@ -16593,6 +16593,41 @@ clients). </p>
This feature is available in Postfix 3.1 and later. This feature is available in Postfix 3.1 and later.
</p> </p>
%PARAM smtp_tls_dane_insecure_mx_policy dane
<p> The TLS policy for MX hosts with "secure" TLSA records when the
nexthop destination security level is <b>dane</b>, but the MX
record was found via an "insecure" MX lookup. The choices are:
</p>
<dl>
<dt><b>may</b></dt>
<dd> The TLSA records will be ignored and TLS will be optional. If
the MX host does not appear to support STARTTLS, or the STARTTLS
handshake fails, mail may be sent in the clear. </dd>
<dt><b>encrypt</b></dt>
<dd> The TLSA records will signal a requirement to use TLS. While
TLS encryption will be required, authentication will not be performed.
</dd>
<dt><b>dane</b> (default)</dt>
<dd>The TLSA records will be used just as with "secure" MX records.
TLS encryption will be required, and, if at least one of the TLSA
records is "usable", authentication will be required. When
authentication succeeds, it will be logged only as "Trusted", not
"Verified", because the MX host name could have been forged. </dd>
</dl>
<p> Though with "insecure" MX records an active attacker can
compromise SMTP transport security by returning forged MX records,
such attacks are "tamper-evident" since any forged MX hostnames
will be recorded in the mail logs. Attackers who place a high value
staying hidden may be deterred from forging MX records. </p>
<p>
This feature is available in Postfix 3.1 and later. The <b>may</b>
policy is backwards-compatible with earlier Postfix versions.
</p>
%PARAM address_verify_pending_request_limit see "postconf -d" output %PARAM address_verify_pending_request_limit see "postconf -d" output
<p> A safety limit that prevents address verification requests from <p> A safety limit that prevents address verification requests from

5
postfix/src/global/mail_params.h
View File

@ -1580,6 +1580,11 @@ extern bool var_smtp_tls_blk_early_mail_reply;
#define DEF_LMTP_TLS_FORCE_TLSA 0 #define DEF_LMTP_TLS_FORCE_TLSA 0
extern bool var_smtp_tls_force_tlsa; extern bool var_smtp_tls_force_tlsa;
/* SMTP only */
#define VAR_SMTP_TLS_INSECURE_MX_POLICY "smtp_tls_dane_insecure_mx_policy"
#define DEF_SMTP_TLS_INSECURE_MX_POLICY "dane"
extern char *var_smtp_tls_insecure_mx_policy;
/* /*
* SASL authentication support, SMTP server side. * SASL authentication support, SMTP server side.
*/ */

2
postfix/src/global/mail_version.h
View File

@ -20,7 +20,7 @@
* Patches change both the patchlevel and the release date. Snapshots have no * Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only. * patchlevel; they change the release date only.
*/ */
#define MAIL_RELEASE_DATE "20151227" #define MAIL_RELEASE_DATE "20160103"
#define MAIL_VERSION_NUMBER "3.1" #define MAIL_VERSION_NUMBER "3.1"
#ifdef SNAPSHOT #ifdef SNAPSHOT

45
postfix/src/posttls-finger/posttls-finger.c
View File

@ -203,6 +203,11 @@
/* don't expose the underlying server identity in their EHLO /* don't expose the underlying server identity in their EHLO
/* response; with these servers there will never be more than /* response; with these servers there will never be more than
/* 1 reconnection attempt. /* 1 reconnection attempt.
/* .IP "\fB-M \fIinsecure_mx_policy\fR (default: \fBdane\fR)"
/* The TLS policy for MX hosts with "secure" TLSA records when the
/* nexthop destination security level is \fBdane\fR, but the MX
/* record was found via an "insecure" MX lookup. See the main.cf
/* documentation for smtp_tls_insecure_mx_policy for details.
/* .IP "\fB-o \fIname=value\fR" /* .IP "\fB-o \fIname=value\fR"
/* Specify zero or more times to override the value of the main.cf /* Specify zero or more times to override the value of the main.cf
/* parameter \fIname\fR with \fIvalue\fR. Possible use-cases include /* parameter \fIname\fR with \fIvalue\fR. Possible use-cases include
@ -453,6 +458,7 @@ typedef struct STATE {
TLS_DANE *ddane; /* DANE TLSA from DNS */ TLS_DANE *ddane; /* DANE TLSA from DNS */
char *grade; /* Minimum cipher grade */ char *grade; /* Minimum cipher grade */
char *protocols; /* Protocol inclusion/exclusion */ char *protocols; /* Protocol inclusion/exclusion */
int mxinsec_level; /* DANE for insecure MX RRs? */
#endif #endif
OPTIONS options; /* JCL */ OPTIONS options; /* JCL */
} STATE; } STATE;
@ -1107,7 +1113,14 @@ static DNS_RR *mx_addr_list(STATE *state, DNS_RR *mx_names)
static const char *myname = "mx_addr_list"; static const char *myname = "mx_addr_list";
DNS_RR *addr_list = 0; DNS_RR *addr_list = 0;
DNS_RR *rr; DNS_RR *rr;
int res_opt = mx_names->dnssec_valid ? RES_USE_DNSSEC : 0; int res_opt = 0;
if (mx_names->dnssec_valid)
res_opt = RES_USE_DNSSEC;
#ifdef USE_TLS
else if (state->mxinsec_level > TLS_LEV_MAY)
res_opt = RES_USE_DNSSEC;
#endif
for (rr = mx_names; rr; rr = rr->next) { for (rr = mx_names; rr; rr = rr->next) {
if (rr->type != T_MX) if (rr->type != T_MX)
@ -1226,7 +1239,8 @@ static int dane_host_level(STATE *state, DNS_RR *addr)
#ifdef USE_TLS #ifdef USE_TLS
if (TLS_DANE_BASED(level)) { if (TLS_DANE_BASED(level)) {
if (state->mx == 0 || state->mx->dnssec_valid) { if (state->mx == 0 || state->mx->dnssec_valid ||
state->mxinsec_level > TLS_LEV_MAY) {
if (state->log_mask & (TLS_LOG_CERTMATCH | TLS_LOG_VERBOSE)) if (state->log_mask & (TLS_LOG_CERTMATCH | TLS_LOG_VERBOSE))
tls_dane_verbose(1); tls_dane_verbose(1);
else else
@ -1259,12 +1273,22 @@ static int dane_host_level(STATE *state, DNS_RR *addr)
} else if (!TLS_DANE_HASTA(state->ddane) } else if (!TLS_DANE_HASTA(state->ddane)
&& !TLS_DANE_HASEE(state->ddane)) { && !TLS_DANE_HASEE(state->ddane)) {
msg_panic("DANE activated with no TLSA records to match"); msg_panic("DANE activated with no TLSA records to match");
} else if (state->mx && !state->mx->dnssec_valid &&
state->mxinsec_level == TLS_LEV_ENCRYPT) {
msg_info("TLSA RRs found, MX RRset insecure: just encrypt");
tls_dane_free(state->ddane);
state->ddane = 0;
level = TLS_LEV_ENCRYPT;
} else { } else {
if (state->match) if (state->match)
argv_free(state->match); argv_free(state->match);
argv_add(state->match = argv_alloc(2), argv_add(state->match = argv_alloc(2),
state->ddane->base_domain, ARGV_END); state->ddane->base_domain, ARGV_END);
if (state->mx) { if (state->mx) {
if (!state->mx->dnssec_valid) {
msg_info("MX RRset insecure: log verified as trusted");
state->ddane->flags |= TLS_DANE_FLAG_MXINSEC;
}
if (strcmp(state->mx->qname, state->mx->rname) == 0) if (strcmp(state->mx->qname, state->mx->rname) == 0)
argv_add(state->match, state->mx->qname, ARGV_END); argv_add(state->match, state->mx->qname, ARGV_END);
else else
@ -1272,6 +1296,10 @@ static int dane_host_level(STATE *state, DNS_RR *addr)
state->mx->qname, ARGV_END); state->mx->qname, ARGV_END);
} }
} }
} else if (state->mx && !state->mx->dnssec_valid &&
state->mxinsec_level == TLS_LEV_MAY) {
msg_info("MX RRset is insecure: try to encrypt");
level = TLS_LEV_MAY;
} else { } else {
level = TLS_LEV_SECURE; level = TLS_LEV_SECURE;
} }
@ -1642,7 +1670,7 @@ static void parse_options(STATE *state, int argc, char *argv[])
#define OPTS "a:ch:o:St:T:v" #define OPTS "a:ch:o:St:T:v"
#ifdef USE_TLS #ifdef USE_TLS
#define TLSOPTS "A:Cd:fF:g:k:K:l:L:m:p:P:r:w" #define TLSOPTS "A:Cd:fF:g:k:K:l:L:m:M:p:P:r:w"
state->mdalg = mystrdup("sha1"); state->mdalg = mystrdup("sha1");
state->CApath = mystrdup(""); state->CApath = mystrdup("");
@ -1652,6 +1680,7 @@ static void parse_options(STATE *state, int argc, char *argv[])
state->options.tas = argv_alloc(1); state->options.tas = argv_alloc(1);
state->options.logopts = 0; state->options.logopts = 0;
state->level = TLS_LEV_DANE; state->level = TLS_LEV_DANE;
state->mxinsec_level = TLS_LEV_DANE;
#else #else
#define TLSOPTS "" #define TLSOPTS ""
state->level = TLS_LEV_NONE; state->level = TLS_LEV_NONE;
@ -1738,6 +1767,16 @@ static void parse_options(STATE *state, int argc, char *argv[])
case 'm': case 'm':
state->max_reconnect = atoi(optarg); state->max_reconnect = atoi(optarg);
break; break;
case 'M':
switch (state->mxinsec_level = tls_level_lookup(optarg)) {
case TLS_LEV_MAY:
case TLS_LEV_ENCRYPT:
case TLS_LEV_DANE:
break;
default:
msg_fatal("bad '-M' option value: %s", optarg);
}
break;
case 'p': case 'p':
myfree(state->protocols); myfree(state->protocols);
state->protocols = mystrdup(optarg); state->protocols = mystrdup(optarg);

2
postfix/src/smtp/smtp-only
View File

@ -1,4 +1,4 @@
_ALWAYS_EHLO _ALWAYS_EHLO
_NEVER_EHLO _NEVER_EHLO
_SMTP_FALLBACK
_IGN_MX_LOOKUP_ERR _IGN_MX_LOOKUP_ERR
_INSECURE_MX_POLICY

24
postfix/src/smtp/smtp.c
View File

@ -468,6 +468,12 @@
/* .IP "\fBsmtp_tls_wrappermode (no)\fR" /* .IP "\fBsmtp_tls_wrappermode (no)\fR"
/* Request that the Postfix SMTP client connects using the /* Request that the Postfix SMTP client connects using the
/* legacy SMTPS protocol instead of using the STARTTLS command. /* legacy SMTPS protocol instead of using the STARTTLS command.
/* .PP
/* Available in Postfix version 3.1 and later:
/* .IP "\fBsmtp_tls_dane_insecure_mx_policy (dane)\fR"
/* The TLS policy for MX hosts with "secure" TLSA records when the
/* nexthop destination security level is \fBdane\fR, but the MX
/* record was found via an "insecure" MX lookup.
/* OBSOLETE STARTTLS CONTROLS /* OBSOLETE STARTTLS CONTROLS
/* .ad /* .ad
/* .fi /* .fi
@ -890,6 +896,7 @@ char *var_smtp_tls_eccert_file;
char *var_smtp_tls_eckey_file; char *var_smtp_tls_eckey_file;
bool var_smtp_tls_blk_early_mail_reply; bool var_smtp_tls_blk_early_mail_reply;
bool var_smtp_tls_force_tlsa; bool var_smtp_tls_force_tlsa;
char *var_smtp_tls_insecure_mx_policy;
#endif #endif
@ -942,6 +949,7 @@ HBC_CHECKS *smtp_body_checks; /* limited body checks */
* OpenSSL client state (opaque handle) * OpenSSL client state (opaque handle)
*/ */
TLS_APPL_STATE *smtp_tls_ctx; TLS_APPL_STATE *smtp_tls_ctx;
int smtp_tls_insecure_mx_policy;
#endif #endif
@ -1061,6 +1069,22 @@ static void post_init(char *unused_name, char **unused_argv)
var_disable_dns = (smtp_dns_support == SMTP_DNS_DISABLED); var_disable_dns = (smtp_dns_support == SMTP_DNS_DISABLED);
} }
#ifdef USE_TLS
if (smtp_mode) {
smtp_tls_insecure_mx_policy =
tls_level_lookup(var_smtp_tls_insecure_mx_policy);
switch (smtp_tls_insecure_mx_policy) {
case TLS_LEV_MAY:
case TLS_LEV_ENCRYPT:
case TLS_LEV_DANE:
break;
default:
msg_fatal("invalid %s: \"%s\"", VAR_SMTP_TLS_INSECURE_MX_POLICY,
var_smtp_tls_insecure_mx_policy);
}
}
#endif
/* /*
* Select hostname lookup mechanisms. * Select hostname lookup mechanisms.
*/ */

1
postfix/src/smtp/smtp.h
View File

@ -290,6 +290,7 @@ extern unsigned smtp_dns_res_opt; /* DNS query flags */
#ifdef USE_TLS #ifdef USE_TLS
extern TLS_APPL_STATE *smtp_tls_ctx; /* client-side TLS engine */ extern TLS_APPL_STATE *smtp_tls_ctx; /* client-side TLS engine */
extern int smtp_tls_insecure_mx_policy; /* DANE post insecure MX? */
#endif #endif

9
postfix/src/smtp/smtp_addr.c
View File

@ -247,7 +247,14 @@ static DNS_RR *smtp_addr_list(DNS_RR *mx_names, DSN_BUF *why)
{ {
DNS_RR *addr_list = 0; DNS_RR *addr_list = 0;
DNS_RR *rr; DNS_RR *rr;
int res_opt = mx_names->dnssec_valid ? RES_USE_DNSSEC : 0; int res_opt = 0;
if (mx_names->dnssec_valid)
res_opt = RES_USE_DNSSEC;
#ifdef USE_TLS
else if (smtp_tls_insecure_mx_policy > TLS_LEV_MAY)
res_opt = RES_USE_DNSSEC;
#endif
/* /*
* As long as we are able to look up any host address, we ignore problems * As long as we are able to look up any host address, we ignore problems

1
postfix/src/smtp/smtp_params.c
View File

@ -29,6 +29,7 @@
VAR_SMTP_TLS_ECCERT_FILE, DEF_SMTP_TLS_ECCERT_FILE, &var_smtp_tls_eccert_file, 0, 0, VAR_SMTP_TLS_ECCERT_FILE, DEF_SMTP_TLS_ECCERT_FILE, &var_smtp_tls_eccert_file, 0, 0,
VAR_SMTP_TLS_ECKEY_FILE, DEF_SMTP_TLS_ECKEY_FILE, &var_smtp_tls_eckey_file, 0, 0, VAR_SMTP_TLS_ECKEY_FILE, DEF_SMTP_TLS_ECKEY_FILE, &var_smtp_tls_eckey_file, 0, 0,
VAR_SMTP_TLS_LOGLEVEL, DEF_SMTP_TLS_LOGLEVEL, &var_smtp_tls_loglevel, 0, 0, VAR_SMTP_TLS_LOGLEVEL, DEF_SMTP_TLS_LOGLEVEL, &var_smtp_tls_loglevel, 0, 0,
VAR_SMTP_TLS_INSECURE_MX_POLICY, DEF_SMTP_TLS_INSECURE_MX_POLICY, &var_smtp_tls_insecure_mx_policy, 0, 0,
#endif #endif
VAR_SMTP_SASL_MECHS, DEF_SMTP_SASL_MECHS, &var_smtp_sasl_mechs, 0, 0, VAR_SMTP_SASL_MECHS, DEF_SMTP_SASL_MECHS, &var_smtp_sasl_mechs, 0, 0,
VAR_SMTP_SASL_TYPE, DEF_SMTP_SASL_TYPE, &var_smtp_sasl_type, 1, 0, VAR_SMTP_SASL_TYPE, DEF_SMTP_SASL_TYPE, &var_smtp_sasl_type, 1, 0,

25
postfix/src/smtp/smtp_tls_policy.c
View File

@ -714,7 +714,7 @@ static int global_tls_level(void)
#define NONDANE_CONFIG 0 /* Administrator's fault */ #define NONDANE_CONFIG 0 /* Administrator's fault */
#define NONDANE_DEST 1 /* Remote server's fault */ #define NONDANE_DEST 1 /* Remote server's fault */
#define DANE_UNUSABLE 2 /* Remote server's fault */ #define DANE_CANTAUTH 2 /* Remote server's fault */
static void PRINTFLIKE(4, 5) dane_incompat(SMTP_TLS_POLICY *tls, static void PRINTFLIKE(4, 5) dane_incompat(SMTP_TLS_POLICY *tls,
SMTP_ITERATOR *iter, SMTP_ITERATOR *iter,
@ -725,7 +725,7 @@ static void PRINTFLIKE(4, 5) dane_incompat(SMTP_TLS_POLICY *tls,
va_start(ap, fmt); va_start(ap, fmt);
if (tls->level == TLS_LEV_DANE) { if (tls->level == TLS_LEV_DANE) {
tls->level = (errtype == DANE_UNUSABLE) ? TLS_LEV_ENCRYPT : TLS_LEV_MAY; tls->level = (errtype == DANE_CANTAUTH) ? TLS_LEV_ENCRYPT : TLS_LEV_MAY;
if (errtype == NONDANE_CONFIG) if (errtype == NONDANE_CONFIG)
vmsg_warn(fmt, ap); vmsg_warn(fmt, ap);
else if (msg_verbose) else if (msg_verbose)
@ -792,8 +792,9 @@ static void dane_init(SMTP_TLS_POLICY *tls, SMTP_ITERATOR *iter)
STR(iter->dest), policy_name(tls->level)); STR(iter->dest), policy_name(tls->level));
return; return;
} }
/* When the MX name is present and insecure, DANE does not apply. */ /* When the MX name is present and insecure, DANE may not apply. */
if (iter->mx && !iter->mx->dnssec_valid) { if (iter->mx && !iter->mx->dnssec_valid
&& smtp_tls_insecure_mx_policy <= TLS_LEV_MAY) {
dane_incompat(tls, iter, NONDANE_DEST, "non DNSSEC destination"); dane_incompat(tls, iter, NONDANE_DEST, "non DNSSEC destination");
return; return;
} }
@ -825,11 +826,25 @@ static void dane_init(SMTP_TLS_POLICY *tls, SMTP_ITERATOR *iter)
* given verifier some of the CAs are surely not trustworthy). * given verifier some of the CAs are surely not trustworthy).
*/ */
if (tls_dane_unusable(dane)) { if (tls_dane_unusable(dane)) {
dane_incompat(tls, iter, DANE_UNUSABLE, "TLSA records unusable"); dane_incompat(tls, iter, DANE_CANTAUTH, "TLSA records unusable");
tls_dane_free(dane); tls_dane_free(dane);
return; return;
} }
/*
* Perhaps downgrade to "encrypt" if MX is insecure.
*/
if (iter->mx && !iter->mx->dnssec_valid) {
if (smtp_tls_insecure_mx_policy == TLS_LEV_ENCRYPT) {
dane_incompat(tls, iter, DANE_CANTAUTH,
"Verification not possible, MX RRset is insecure");
tls_dane_free(dane);
return;
}
/* For correct logging in tls_client_start() */
dane->flags |= TLS_DANE_FLAG_MXINSEC;
}
/* /*
* With DANE trust anchors, peername matching is not configurable. * With DANE trust anchors, peername matching is not configurable.
*/ */

4
postfix/src/smtpd/smtpd.c
View File

@ -1905,6 +1905,8 @@ static void helo_reset(SMTPD_STATE *state)
} }
} }
#ifdef USE_SASL_AUTH
/* smtpd_sasl_auth_cmd_wrapper - smtpd_sasl_auth_cmd front-end */ /* smtpd_sasl_auth_cmd_wrapper - smtpd_sasl_auth_cmd front-end */
static int smtpd_sasl_auth_cmd_wrapper(SMTPD_STATE *state, int argc, static int smtpd_sasl_auth_cmd_wrapper(SMTPD_STATE *state, int argc,
@ -1931,6 +1933,8 @@ static int smtpd_sasl_auth_cmd_wrapper(SMTPD_STATE *state, int argc,
return (smtpd_sasl_auth_cmd(state, argc, argv)); return (smtpd_sasl_auth_cmd(state, argc, argv));
} }
#endif
/* mail_open_stream - open mail queue file or IPC stream */ /* mail_open_stream - open mail queue file or IPC stream */
static int mail_open_stream(SMTPD_STATE *state) static int mail_open_stream(SMTPD_STATE *state)

3
postfix/src/tls/tls.h
View File

@ -141,6 +141,7 @@ extern const NAME_CODE tls_level_table[];
#define TLS_DANE_FLAG_NORRS (1<<0) /* Nothing found in DNS */ #define TLS_DANE_FLAG_NORRS (1<<0) /* Nothing found in DNS */
#define TLS_DANE_FLAG_EMPTY (1<<1) /* Nothing usable found in DNS */ #define TLS_DANE_FLAG_EMPTY (1<<1) /* Nothing usable found in DNS */
#define TLS_DANE_FLAG_ERROR (1<<2) /* TLSA record lookup error */ #define TLS_DANE_FLAG_ERROR (1<<2) /* TLSA record lookup error */
#define TLS_DANE_FLAG_MXINSEC (1<<3) /* Insecure MX record */
#define tls_dane_unusable(dane) ((dane)->flags & TLS_DANE_FLAG_EMPTY) #define tls_dane_unusable(dane) ((dane)->flags & TLS_DANE_FLAG_EMPTY)
#define tls_dane_notfound(dane) ((dane)->flags & TLS_DANE_FLAG_NORRS) #define tls_dane_notfound(dane) ((dane)->flags & TLS_DANE_FLAG_NORRS)
@ -181,7 +182,7 @@ typedef struct TLS_DANE {
TLS_CERTS *certs; /* Full trust-anchor certificates */ TLS_CERTS *certs; /* Full trust-anchor certificates */
TLS_PKEYS *pkeys; /* Full trust-anchor public keys */ TLS_PKEYS *pkeys; /* Full trust-anchor public keys */
char *base_domain; /* Base domain of TLSA RRset */ char *base_domain; /* Base domain of TLSA RRset */
int flags; /* Conflate cert and pkey digests */ int flags; /* Lookup status */
time_t expires; /* Expiration time of this record */ time_t expires; /* Expiration time of this record */
int refs; /* Reference count */ int refs; /* Reference count */
} TLS_DANE; } TLS_DANE;

16
postfix/src/tls/tls_client.c
View File

@ -347,7 +347,7 @@ TLS_APPL_STATE *tls_client_init(const TLS_CLIENT_INIT_PROPS *props)
* we want to be as compatible as possible, so we will start off with a * we want to be as compatible as possible, so we will start off with a
* SSLv2 greeting allowing the best we can offer: TLSv1. We can restrict * SSLv2 greeting allowing the best we can offer: TLSv1. We can restrict
* this with the options setting later, anyhow. * this with the options setting later, anyhow.
* *
* OpenSSL 1.1.0-dev deprecates SSLv23_client_method() in favour of * OpenSSL 1.1.0-dev deprecates SSLv23_client_method() in favour of
* TLS_client_method(), with the change in question signalled via a new * TLS_client_method(), with the change in question signalled via a new
* TLS_ANY_VERSION macro. * TLS_ANY_VERSION macro.
@ -431,12 +431,18 @@ TLS_APPL_STATE *tls_client_init(const TLS_CLIENT_INIT_PROPS *props)
return (0); return (0);
} }
/*
* 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev
*/
#if OPENSSL_VERSION_NUMBER < 0x10100000L
/* /*
* According to the OpenSSL documentation, temporary RSA key is needed * According to the OpenSSL documentation, temporary RSA key is needed
* export ciphers are in use. We have to provide one, so well, we just do * export ciphers are in use. We have to provide one, so well, we just do
* it. * it.
*/ */
SSL_CTX_set_tmp_rsa_callback(client_ctx, tls_tmp_rsa_cb); SSL_CTX_set_tmp_rsa_callback(client_ctx, tls_tmp_rsa_cb);
#endif
/* /*
* Finally, the setup for the server certificate checking, done "by the * Finally, the setup for the server certificate checking, done "by the
@ -1109,6 +1115,14 @@ TLS_SESS_STATE *tls_client_start(const TLS_CLIENT_START_PROPS *props)
*/ */
tls_stream_start(props->stream, TLScontext); tls_stream_start(props->stream, TLScontext);
/*
* Can't really be DANE verified if the MX RRset was insecure
*/
if (TLS_DANE_BASED(props->tls_level)
&& (props->dane->flags & TLS_DANE_FLAG_MXINSEC) != 0) {
TLScontext->peer_status &= ~TLS_CERT_FLAG_MATCHED;
}
/* /*
* All the key facts in a single log entry. * All the key facts in a single log entry.
*/ */

20
postfix/src/tls/tls_dh.c
View File

@ -88,13 +88,14 @@
/* /*
* Compiled-in DH parameters. Used when no parameters are explicitly loaded * Compiled-in DH parameters. Used when no parameters are explicitly loaded
* from a site-specific file. Using an ASN.1 DER encoding avoids the need to * from a site-specific file. Using an ASN.1 DER encoding avoids the need
* explicitly manipulate the internal represenation of DH parameter objects. * to explicitly manipulate the internal representation of DH parameter
* * objects.
*
* 512-bit parameters are used for export ciphers, and 2048-bit parameters are * 512-bit parameters are used for export ciphers, and 2048-bit parameters are
* used for non-export ciphers. The non-export group is now 2048-bit, as 1024 * used for non-export ciphers. The non-export group is now 2048-bit, as
* bits is increasingly considered to weak by clients. When greater security * 1024 bits is increasingly considered to weak by clients. When greater
* is required, use EECDH. * security is required, use EECDH.
*/ */
/*- /*-
@ -173,14 +174,13 @@ void tls_set_dh_from_file(const char *path, int bits)
} }
/* /*
* This function is the first to set the DH parameters, but free any prior * This function is the first to set the DH parameters, but free any
* value just in case the call sequence changes some day. * prior value just in case the call sequence changes some day.
*/ */
if (*dhPtr) { if (*dhPtr) {
DH_free(*dhPtr); DH_free(*dhPtr);
*dhPtr = 0; *dhPtr = 0;
} }
if ((paramfile = fopen(path, "r")) != 0) { if ((paramfile = fopen(path, "r")) != 0) {
if ((*dhPtr = PEM_read_DHparams(paramfile, 0, 0, 0)) == 0) { if ((*dhPtr = PEM_read_DHparams(paramfile, 0, 0, 0)) == 0) {
msg_warn("cannot load %d-bit DH parameters from file %s" msg_warn("cannot load %d-bit DH parameters from file %s"
@ -279,10 +279,12 @@ int tls_set_eecdh_curve(SSL_CTX *server_ctx, const char *grade)
ERR_clear_error(); ERR_clear_error();
if ((ecdh = EC_KEY_new_by_curve_name(nid)) == 0 if ((ecdh = EC_KEY_new_by_curve_name(nid)) == 0
|| SSL_CTX_set_tmp_ecdh(server_ctx, ecdh) == 0) { || SSL_CTX_set_tmp_ecdh(server_ctx, ecdh) == 0) {
EC_KEY_free(ecdh); /* OK if NULL */
msg_warn("unable to use curve \"%s\": disabling EECDH support", curve); msg_warn("unable to use curve \"%s\": disabling EECDH support", curve);
tls_print_errors(); tls_print_errors();
return (0); return (0);
} }
EC_KEY_free(ecdh);
#endif #endif
return (1); return (1);
} }

15
postfix/src/tls/tls_rsa.c
View File

@ -54,6 +54,11 @@
#include <tls.h> #include <tls.h>
#include <openssl/rsa.h> #include <openssl/rsa.h>
/*
* 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev
*/
#if OPENSSL_VERSION_NUMBER < 0x10100000L
/* tls_tmp_rsa_cb - call-back to generate ephemeral RSA key */ /* tls_tmp_rsa_cb - call-back to generate ephemeral RSA key */
RSA *tls_tmp_rsa_cb(SSL *unused_ssl, int export, int keylength) RSA *tls_tmp_rsa_cb(SSL *unused_ssl, int export, int keylength)
@ -91,14 +96,21 @@ RSA *tls_tmp_rsa_cb(SSL *unused_ssl, int export, int keylength)
return (rsa_tmp); return (rsa_tmp);
} }
#endif /* OPENSSL_VERSION_NUMBER */
#ifdef TEST #ifdef TEST
#include <msg_vstream.h> #include <msg_vstream.h>
int main(int unused_argc, char *const argv[]) int main(int unused_argc, char *const argv[])
{ {
int ok = 0;
/*
* 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev
*/
#if OPENSSL_VERSION_NUMBER < 0x10100000L
RSA *rsa; RSA *rsa;
int ok;
msg_vstream_init(argv[0], VSTREAM_ERR); msg_vstream_init(argv[0], VSTREAM_ERR);
@ -111,6 +123,7 @@ int main(int unused_argc, char *const argv[])
/* Non-export or unexpected bit length should fail */ /* Non-export or unexpected bit length should fail */
ok = ok && tls_tmp_rsa_cb(0, 0, 512) == 0; ok = ok && tls_tmp_rsa_cb(0, 0, 512) == 0;
ok = ok && tls_tmp_rsa_cb(0, 1, 1024) == 0; ok = ok && tls_tmp_rsa_cb(0, 1, 1024) == 0;
#endif
return ok ? 0 : 1; return ok ? 0 : 1;
} }

6
postfix/src/tls/tls_server.c
View File

@ -569,12 +569,18 @@ TLS_APPL_STATE *tls_server_init(const TLS_SERVER_INIT_PROPS *props)
return (0); return (0);
} }
/*
* 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev
*/
#if OPENSSL_VERSION_NUMBER < 0x10100000L
/* /*
* According to OpenSSL documentation, a temporary RSA key is needed when * According to OpenSSL documentation, a temporary RSA key is needed when
* export ciphers are in use, because the certified key cannot be * export ciphers are in use, because the certified key cannot be
* directly used. * directly used.
*/ */
SSL_CTX_set_tmp_rsa_callback(server_ctx, tls_tmp_rsa_cb); SSL_CTX_set_tmp_rsa_callback(server_ctx, tls_tmp_rsa_cb);
#endif
/* /*
* Diffie-Hellman key generation parameters can either be loaded from * Diffie-Hellman key generation parameters can either be loaded from