mir/postfix
2
0
Fork 0
mirror of https://github.com/vdukhovni/postfix synced 2025-08-22 09:57:34 +00:00
Code Issues Releases Wiki Activity

postfix-2.12-20140209

Browse Source
This commit is contained in:
Wietse Venema 2014-02-09 00:00:00 -05:00 committed by Viktor Dukhovni
parent e1251bb5e7
commit e42172b689
17 changed files with 156 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
postfix/HISTORY
View File

@ -19528,3 +19528,23 @@ Apologies for any names omitted.
20140110-15 20140110-15
Miscellaneous documentation cleanups. Miscellaneous documentation cleanups.
20140116
Workaround: prepend "-I. -I../../include" to CCARGS, to
avoid name clashes with non-Postfix header files. File:
makedefs.
20140125
Cleanup: assorted documentation glitches.
20140209
Workaround: the Postfix SMTP client now also falls back to
plaintext when TLS fails after the TLS protocol handshake.
Files: smtp/smtp.h, smtp/smtp_connect.c, smtp/smtp_trouble.c.
Testbed: unsupported HANGUP access map action that drops
the connection without responding to the remote SMTP client.
File: smtpd/smtpd_check.c.

25
postfix/README_FILES/FORWARD_SECRECY_README
View File

@ -181,12 +181,13 @@ main.cf.
FFoorrwwaarrdd SSeeccrreeccyy iinn tthhee PPoossttffiixx SSMMTTPP CClliieenntt FFoorrwwaarrdd SSeeccrreeccyy iinn tthhee PPoossttffiixx SSMMTTPP CClliieenntt
The Postfix >= 2.2 SMTP client supports forward secrecy in its default The Postfix >= 2.2 SMTP client supports forward secrecy in its default
configuration. No configuration changes are needed besides turning on elliptic- configuration. All supported OpenSSL releases support EDH key exchange. OpenSSL
curve support with Postfix 2.6 and 2.7 (see the quick-start section). If the releases >= 1.0.0 also support EECDH key exchange (provided elliptic-curve
remote SMTP server supports cipher suites with forward secrecy (and does not support has not been disabled by the vendor as in some versions of RedHat
override the SMTP client's cipher preference), then the traffic between the Linux). If the remote SMTP server supports cipher suites with forward secrecy
server and client will resist decryption even if the server's long-term (and does not override the SMTP client's cipher preference), then the traffic
authentication keys are later compromised. between the server and client will resist decryption even if the server's long-
term authentication keys are later compromised.
The default Postfix SMTP client cipher lists are correctly ordered to prefer The default Postfix SMTP client cipher lists are correctly ordered to prefer
EECDH and EDH cipher suites ahead of similar cipher suites that don't implement EECDH and EDH cipher suites ahead of similar cipher suites that don't implement
@ -200,12 +201,16 @@ a case-by-case basis via the TLS policy table.
GGeettttiinngg ssttaarrtteedd,, qquuiicckk aanndd ddiirrttyy GGeettttiinngg ssttaarrtteedd,, qquuiicckk aanndd ddiirrttyy
EEEECCDDHH CClliieenntt aanndd sseerrvveerr ssuuppppoorrtt ((PPoossttffiixx >>== 22..66 wwiitthh OOppeennSSSSLL >>== 11..00..00)) EEEECCDDHH CClliieenntt ssuuppppoorrtt ((PPoossttffiixx >>== 22..22 wwiitthh OOppeennSSSSLL >>== 11..00..00))
This works "out of the box" without additional configuration.
EEEECCDDHH SSeerrvveerr ssuuppppoorrtt ((PPoossttffiixx >>== 22..66 wwiitthh OOppeennSSSSLL >>== 11..00..00))
With Postfix 2.6 and 2.7, enable elliptic-curve support in the Postfix SMTP With Postfix 2.6 and 2.7, enable elliptic-curve support in the Postfix SMTP
client and server. This is the default with Postfix >= 2.8. Note, however, that server. This is the default with Postfix >= 2.8. Note, however, that elliptic-
elliptic-curve support may be disabled by the vendor, as in some versions of curve support may be disabled by the vendor, as in some versions of RedHat
RedHat Linux. Linux.
/etc/postfix/main.cf: /etc/postfix/main.cf:
# Postfix 2.6 or 2.7 only. This is default with Postfix 2.8 and later. # Postfix 2.6 or 2.7 only. This is default with Postfix 2.8 and later.

16
postfix/html/FORWARD_SECRECY_README.html
View File

@ -253,9 +253,10 @@ more curves at the desired security level without any changes to
<h2> <a name="client_fs">Forward Secrecy in the Postfix SMTP Client</a> </h2> <h2> <a name="client_fs">Forward Secrecy in the Postfix SMTP Client</a> </h2>
<p> The Postfix &ge; 2.2 SMTP client supports forward secrecy in <p> The Postfix &ge; 2.2 SMTP client supports forward secrecy in
its default configuration. No configuration changes are needed its default configuration. All supported OpenSSL releases support
besides turning on elliptic-curve support with Postfix 2.6 and 2.7 EDH key exchange. OpenSSL releases &ge; 1.0.0 also support EECDH
(see the <a href="#quick-start"> quick-start</a> section). If the key exchange (provided elliptic-curve support has not been disabled
by the vendor as in some versions of RedHat Linux). If the
remote SMTP server supports cipher suites with forward secrecy (and remote SMTP server supports cipher suites with forward secrecy (and
does not override the SMTP client's cipher preference), then the does not override the SMTP client's cipher preference), then the
traffic between the server and client will resist decryption even traffic between the server and client will resist decryption even
@ -277,11 +278,14 @@ href="TLS_README.html#client_tls_policy">TLS policy</a> table. </p>
<h2><a name="quick-start">Getting started, quick and dirty</a></h2> <h2><a name="quick-start">Getting started, quick and dirty</a></h2>
<h3> EECDH Client and server support (Postfix &ge; 2.6 with OpenSSL <h3> EECDH Client support (Postfix &ge; 2.2 with OpenSSL &ge; 1.0.0) </h3>
&ge; 1.0.0) </h3>
<p> This works "out of the box" without additional configuration. </p>
<h3> EECDH Server support (Postfix &ge; 2.6 with OpenSSL &ge; 1.0.0) </h3>
<p> With Postfix 2.6 and 2.7, enable elliptic-curve support in the <p> With Postfix 2.6 and 2.7, enable elliptic-curve support in the
Postfix SMTP client and server. This is the default with Postfix Postfix SMTP server. This is the default with Postfix
&ge; 2.8. Note, however, that elliptic-curve support may be disabled &ge; 2.8. Note, however, that elliptic-curve support may be disabled
by the vendor, as in some versions of RedHat Linux. </p> by the vendor, as in some versions of RedHat Linux. </p>

10
postfix/html/postconf.1.html
View File

@ -123,6 +123,8 @@ POSTCONF(1) POSTCONF(1)
The default is as if "<b>-C all</b>" is specified. The default is as if "<b>-C all</b>" is specified.
This feature is available with Postfix 2.9 and later.
<b>-d</b> Print <a href="postconf.5.html"><b>main.cf</b></a> default parameter settings instead of actual set- <b>-d</b> Print <a href="postconf.5.html"><b>main.cf</b></a> default parameter settings instead of actual set-
tings. Specify <b>-df</b> to fold long lines for human readability tings. Specify <b>-df</b> to fold long lines for human readability
(Postfix 2.9 and later). (Postfix 2.9 and later).
@ -330,6 +332,8 @@ POSTCONF(1) POSTCONF(1)
<b>-p</b> Show <a href="postconf.5.html"><b>main.cf</b></a> parameter settings. This is the default. <b>-p</b> Show <a href="postconf.5.html"><b>main.cf</b></a> parameter settings. This is the default.
This feature is available with Postfix 2.11 and later.
<b>-P</b> Show <a href="master.5.html"><b>master.cf</b></a> service parameter settings (by default all ser- <b>-P</b> Show <a href="master.5.html"><b>master.cf</b></a> service parameter settings (by default all ser-
vices and all parameters). formatted as one "<i>ser-</i> vices and all parameters). formatted as one "<i>ser-</i>
<i>vice/type/parameter=value</i>" per line. Specify <b>-Pf</b> to fold long <i>vice/type/parameter=value</i>" per line. Specify <b>-Pf</b> to fold long
@ -444,8 +448,10 @@ POSTCONF(1) POSTCONF(1)
The Secure Mailer license must be distributed with this software. The Secure Mailer license must be distributed with this software.
<b>AUTHOR(S)</b> <b>AUTHOR(S)</b>
Wietse Venema IBM T.J. Watson Research P.O. Box 704 Yorktown Wietse Venema
Heights, NY 10598, USA IBM T.J. Watson Research
P.O. Box 704
Yorktown Heights, NY 10598, USA
POSTCONF(1) POSTCONF(1)
</pre> </body> </html> </pre> </body> </html>

3
postfix/makedefs
View File

@ -638,6 +638,9 @@ CCARGS="$CCARGS -DSNAPSHOT"
# needed before the code stabilizes. # needed before the code stabilizes.
#CCARGS="$CCARGS -DNONPROD" #CCARGS="$CCARGS -DNONPROD"
# Workaround: prepend Postfix include files before other include files.
CCARGS="-I. -I../../include $CCARGS"
sed 's/ / /g' <<EOF sed 's/ / /g' <<EOF
SYSTYPE = $SYSTYPE SYSTYPE = $SYSTYPE
AR = $AR AR = $AR

10
postfix/man/man1/postconf.1
View File

@ -143,6 +143,8 @@ All the above classes.
.IP .IP
The default is as if "\fB-C all\fR" is The default is as if "\fB-C all\fR" is
specified. specified.
This feature is available with Postfix 2.9 and later.
.IP \fB-d\fR .IP \fB-d\fR
Print \fBmain.cf\fR default parameter settings instead of Print \fBmain.cf\fR default parameter settings instead of
actual settings. actual settings.
@ -347,6 +349,8 @@ Override \fBmain.cf\fR parameter settings.
This feature is available with Postfix 2.10 and later. This feature is available with Postfix 2.10 and later.
.IP \fB-p\fR .IP \fB-p\fR
Show \fBmain.cf\fR parameter settings. This is the default. Show \fBmain.cf\fR parameter settings. This is the default.
This feature is available with Postfix 2.11 and later.
.IP \fB-P\fR .IP \fB-P\fR
Show \fBmaster.cf\fR service parameter settings (by default Show \fBmaster.cf\fR service parameter settings (by default
all services and all parameters). formatted as one all services and all parameters). formatted as one
@ -486,5 +490,7 @@ software.
.SH "AUTHOR(S)" .SH "AUTHOR(S)"
.na .na
.nf .nf
Wietse Venema IBM T.J. Watson Research P.O. Box 704 Yorktown Wietse Venema
Heights, NY 10598, USA IBM T.J. Watson Research
P.O. Box 704
Yorktown Heights, NY 10598, USA

16
postfix/proto/FORWARD_SECRECY_README.html
View File

@ -253,9 +253,10 @@ main.cf. </p>
<h2> <a name="client_fs">Forward Secrecy in the Postfix SMTP Client</a> </h2> <h2> <a name="client_fs">Forward Secrecy in the Postfix SMTP Client</a> </h2>
<p> The Postfix &ge; 2.2 SMTP client supports forward secrecy in <p> The Postfix &ge; 2.2 SMTP client supports forward secrecy in
its default configuration. No configuration changes are needed its default configuration. All supported OpenSSL releases support
besides turning on elliptic-curve support with Postfix 2.6 and 2.7 EDH key exchange. OpenSSL releases &ge; 1.0.0 also support EECDH
(see the <a href="#quick-start"> quick-start</a> section). If the key exchange (provided elliptic-curve support has not been disabled
by the vendor as in some versions of RedHat Linux). If the
remote SMTP server supports cipher suites with forward secrecy (and remote SMTP server supports cipher suites with forward secrecy (and
does not override the SMTP client's cipher preference), then the does not override the SMTP client's cipher preference), then the
traffic between the server and client will resist decryption even traffic between the server and client will resist decryption even
@ -277,11 +278,14 @@ href="TLS_README.html#client_tls_policy">TLS policy</a> table. </p>
<h2><a name="quick-start">Getting started, quick and dirty</a></h2> <h2><a name="quick-start">Getting started, quick and dirty</a></h2>
<h3> EECDH Client and server support (Postfix &ge; 2.6 with OpenSSL <h3> EECDH Client support (Postfix &ge; 2.2 with OpenSSL &ge; 1.0.0) </h3>
&ge; 1.0.0) </h3>
<p> This works "out of the box" without additional configuration. </p>
<h3> EECDH Server support (Postfix &ge; 2.6 with OpenSSL &ge; 1.0.0) </h3>
<p> With Postfix 2.6 and 2.7, enable elliptic-curve support in the <p> With Postfix 2.6 and 2.7, enable elliptic-curve support in the
Postfix SMTP client and server. This is the default with Postfix Postfix SMTP server. This is the default with Postfix
&ge; 2.8. Note, however, that elliptic-curve support may be disabled &ge; 2.8. Note, however, that elliptic-curve support may be disabled
by the vendor, as in some versions of RedHat Linux. </p> by the vendor, as in some versions of RedHat Linux. </p>

2
postfix/src/global/mail_version.h
View File

@ -20,7 +20,7 @@
* Patches change both the patchlevel and the release date. Snapshots have no * Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only. * patchlevel; they change the release date only.
*/ */
#define MAIL_RELEASE_DATE "20140115" #define MAIL_RELEASE_DATE "20140209"
#define MAIL_VERSION_NUMBER "2.12" #define MAIL_VERSION_NUMBER "2.12"
#ifdef SNAPSHOT #ifdef SNAPSHOT

6
postfix/src/global/rcpt_print.c
View File

@ -26,8 +26,10 @@
/* The Secure Mailer license must be distributed with this /* The Secure Mailer license must be distributed with this
/* software. /* software.
/* AUTHOR(S) /* AUTHOR(S)
/* Wietse Venema IBM T.J. Watson Research P.O. Box 704 Yorktown /* Wietse Venema
/* Heights, NY 10598, USA /* IBM T.J. Watson Research
/* P.O. Box 704
/* Yorktown Heights, NY 10598, USA
/*--*/ /*--*/
/* System library. */ /* System library. */

6
postfix/src/milter/milter_macros.c
View File

@ -94,8 +94,10 @@
/* The Secure Mailer license must be distributed with this /* The Secure Mailer license must be distributed with this
/* software. /* software.
/* AUTHOR(S) /* AUTHOR(S)
/* Wietse Venema IBM T.J. Watson Research P.O. Box 704 Yorktown /* Wietse Venema
/* Heights, NY 10598, USA /* IBM T.J. Watson Research
/* P.O. Box 704
/* Yorktown Heights, NY 10598, USA
/*--*/ /*--*/
/* System library. */ /* System library. */

10
postfix/src/postconf/postconf.c
View File

@ -137,6 +137,8 @@
/* .IP /* .IP
/* The default is as if "\fB-C all\fR" is /* The default is as if "\fB-C all\fR" is
/* specified. /* specified.
/*
/* This feature is available with Postfix 2.9 and later.
/* .IP \fB-d\fR /* .IP \fB-d\fR
/* Print \fBmain.cf\fR default parameter settings instead of /* Print \fBmain.cf\fR default parameter settings instead of
/* actual settings. /* actual settings.
@ -341,6 +343,8 @@
/* This feature is available with Postfix 2.10 and later. /* This feature is available with Postfix 2.10 and later.
/* .IP \fB-p\fR /* .IP \fB-p\fR
/* Show \fBmain.cf\fR parameter settings. This is the default. /* Show \fBmain.cf\fR parameter settings. This is the default.
/*
/* This feature is available with Postfix 2.11 and later.
/* .IP \fB-P\fR /* .IP \fB-P\fR
/* Show \fBmaster.cf\fR service parameter settings (by default /* Show \fBmaster.cf\fR service parameter settings (by default
/* all services and all parameters). formatted as one /* all services and all parameters). formatted as one
@ -464,8 +468,10 @@
/* The Secure Mailer license must be distributed with this /* The Secure Mailer license must be distributed with this
/* software. /* software.
/* AUTHOR(S) /* AUTHOR(S)
/* Wietse Venema IBM T.J. Watson Research P.O. Box 704 Yorktown /* Wietse Venema
/* Heights, NY 10598, USA /* IBM T.J. Watson Research
/* P.O. Box 704
/* Yorktown Heights, NY 10598, USA
/*--*/ /*--*/
/* System library. */ /* System library. */

1
postfix/src/smtp/Makefile.in
View File

@ -728,6 +728,7 @@ smtp_trouble.o: ../../include/vbuf.h
smtp_trouble.o: ../../include/vstream.h smtp_trouble.o: ../../include/vstream.h
smtp_trouble.o: ../../include/vstring.h smtp_trouble.o: ../../include/vstring.h
smtp_trouble.o: smtp.h smtp_trouble.o: smtp.h
smtp_trouble.o: smtp_sasl.h
smtp_trouble.o: smtp_trouble.c smtp_trouble.o: smtp_trouble.c
smtp_unalias.o: ../../include/argv.h smtp_unalias.o: ../../include/argv.h
smtp_unalias.o: ../../include/attr.h smtp_unalias.o: ../../include/attr.h

23
postfix/src/smtp/smtp.h
View File

@ -453,6 +453,29 @@ extern HBC_CALL_BACKS smtp_hbc_callbacks[];
* Encapsulate the following so that we don't expose details of of * Encapsulate the following so that we don't expose details of of
* connection management and error handling to the SMTP protocol engine. * connection management and error handling to the SMTP protocol engine.
*/ */
#ifdef USE_SASL_AUTH
#define HAVE_SASL_CREDENTIALS \
(var_smtp_sasl_enable \
&& *var_smtp_sasl_passwd \
&& smtp_sasl_passwd_lookup(session))
#else
#define HAVE_SASL_CREDENTIALS (0)
#endif
#define PLAINTEXT_FALLBACK_OK_AFTER_STARTTLS_FAILURE \
(session->tls_context == 0 \
&& session->tls->level == TLS_LEV_MAY \
&& !HAVE_SASL_CREDENTIALS)
#define PLAINTEXT_FALLBACK_OK_AFTER_TLS_SESSION_FAILURE \
(session->tls_context != 0 \
&& session->tls->level == TLS_LEV_MAY \
&& !HAVE_SASL_CREDENTIALS)
/*
* XXX The following will not retry recipients that were deferred while the
* SMTP_MISC_FLAG_FINAL_SERVER flag was already set.
*/
#define RETRY_AS_PLAINTEXT do { \ #define RETRY_AS_PLAINTEXT do { \
session->tls_retry_plain = 1; \ session->tls_retry_plain = 1; \
state->misc_flags &= ~SMTP_MISC_FLAG_FINAL_SERVER; \ state->misc_flags &= ~SMTP_MISC_FLAG_FINAL_SERVER; \

13
postfix/src/smtp/smtp_connect.c
View File

@ -1015,6 +1015,19 @@ static void smtp_connect_inet(SMTP_STATE *state, const char *nexthop,
&& next == 0) && next == 0)
state->misc_flags |= SMTP_MISC_FLAG_FINAL_SERVER; state->misc_flags |= SMTP_MISC_FLAG_FINAL_SERVER;
smtp_xfer(state); smtp_xfer(state);
#ifdef USE_TLS
/*
* When opportunistic TLS fails after the STARTTLS
* handshake, try the same address again, with TLS
* disabled. See also the RETRY_AS_PLAINTEXT macro.
*/
if ((retry_plain = session->tls_retry_plain) != 0) {
--sess_count;
--addr_count;
next = addr;
}
#endif
} }
smtp_cleanup_session(state); smtp_cleanup_session(state);
} else { } else {

8
postfix/src/smtp/smtp_proto.c
View File

@ -838,13 +838,7 @@ static int smtp_start_tls(SMTP_STATE *state)
* plaintext connections, then we don't want delivery to fail with * plaintext connections, then we don't want delivery to fail with
* "relay access denied". * "relay access denied".
*/ */
if (session->tls->level == TLS_LEV_MAY if (PLAINTEXT_FALLBACK_OK_AFTER_STARTTLS_FAILURE)
#ifdef USE_SASL_AUTH
&& !(var_smtp_sasl_enable
&& *var_smtp_sasl_passwd
&& smtp_sasl_passwd_lookup(session))
#endif
)
RETRY_AS_PLAINTEXT; RETRY_AS_PLAINTEXT;
return (smtp_site_fail(state, DSN_BY_LOCAL_MTA, return (smtp_site_fail(state, DSN_BY_LOCAL_MTA,
SMTP_RESP_FAKE(&fake, "4.7.5"), SMTP_RESP_FAKE(&fake, "4.7.5"),

9
postfix/src/smtp/smtp_trouble.c
View File

@ -156,6 +156,7 @@
/* Application-specific. */ /* Application-specific. */
#include "smtp.h" #include "smtp.h"
#include "smtp_sasl.h"
#define SMTP_THROTTLE 1 #define SMTP_THROTTLE 1
#define SMTP_NOTHROTTLE 0 #define SMTP_NOTHROTTLE 0
@ -433,10 +434,18 @@ int smtp_stream_except(SMTP_STATE *state, int code, const char *description)
case SMTP_ERR_EOF: case SMTP_ERR_EOF:
dsb_simple(why, "4.4.2", "lost connection with %s while %s", dsb_simple(why, "4.4.2", "lost connection with %s while %s",
session->namaddr, description); session->namaddr, description);
#ifdef USE_TLS
if (PLAINTEXT_FALLBACK_OK_AFTER_TLS_SESSION_FAILURE)
RETRY_AS_PLAINTEXT;
#endif
break; break;
case SMTP_ERR_TIME: case SMTP_ERR_TIME:
dsb_simple(why, "4.4.2", "conversation with %s timed out while %s", dsb_simple(why, "4.4.2", "conversation with %s timed out while %s",
session->namaddr, description); session->namaddr, description);
#ifdef USE_TLS
if (PLAINTEXT_FALLBACK_OK_AFTER_TLS_SESSION_FAILURE)
RETRY_AS_PLAINTEXT;
#endif
break; break;
case SMTP_ERR_DATA: case SMTP_ERR_DATA:
session->error_mask |= MAIL_ERROR_DATA; session->error_mask |= MAIL_ERROR_DATA;

17
postfix/src/smtpd/smtpd_check.c
View File

@ -236,6 +236,7 @@
#include <dsn_util.h> #include <dsn_util.h>
#include <conv_time.h> #include <conv_time.h>
#include <xtext.h> #include <xtext.h>
#include <smtp_stream.h>
/* Application-specific. */ /* Application-specific. */
@ -2110,6 +2111,22 @@ static int check_table_result(SMTPD_STATE *state, const char *table,
reply_name, reply_class, reply_name, reply_class,
*dp.text ? dp.text : "Access denied")); *dp.text ? dp.text : "Access denied"));
} }
#ifndef SHUT_RDWR
#define SHUT_RDWR 2
#endif
/*
* HANGUP. Text is optional. Drop the connection without sending any
* reply.
*
* Note: this is an unsupported test feature. No attempt is made to maintain
* compatibility between successive versions.
*/
if (STREQUAL(value, "HANGUP", cmd_len)) {
shutdown(vstream_fileno(state->client), SHUT_RDWR);
log_whatsup(state, "hangup", cmd_text);
vstream_longjmp(state->client, SMTP_ERR_QUIET);
}
/* /*
* WARN. Text is optional. * WARN. Text is optional.