diff --git a/postfix/HISTORY b/postfix/HISTORY index cd8102a0e..959d9afc9 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -27159,3 +27159,28 @@ Apologies for any names omitted. (default: no) to disconnect remote SMTP clients that violate RFC 2920 (or 5321) command pipelining constraints. Files: global/mail_params.h, smtpd/smtpd.c, proto/postconf.proto. + +20230815 + + Bugfix (bug introduced: 20140218): when opportunistic TLS fails + during or after the handshake, don't require that a probe + message spent a minimum time-in-queue before falling back to + plaintext. Problem reported by Serg. File: smtp/smtp.h. + +20230819 + + Bugfix (defect introduced: 19980207): the valid_hostname() + check in the Postfix DNS client library was blocking unusual + but legitimate wildcard names (*.name) in some DNS lookup + results and lookup requests. Examples: + + name class/type value + *.one.example IN CNAME *.other.example + *.other.example IN A 10.0.0.1 + *.other.example IN TLSA ..certificate info... + + Such syntax is blesed in RFC 1034 section 4.3.3. + + This problem was reported first in the context of TLSA + record lookups. Files: util/valid_hostname.[hc], + dns/dns_lookup.c. diff --git a/postfix/src/dns/dns_lookup.c b/postfix/src/dns/dns_lookup.c index d44cae7ee..06028c804 100644 --- a/postfix/src/dns/dns_lookup.c +++ b/postfix/src/dns/dns_lookup.c @@ -710,7 +710,7 @@ static int valid_rr_name(const char *name, const char *location, if (valid_hostaddr(name, DONT_GRIPE)) { result = PASS_NAME; gripe = "numeric domain name"; - } else if (!valid_hostname(name, DO_GRIPE)) { + } else if (!valid_hostname(name, DO_GRIPE | DO_WILDCARD)) { result = REJECT_NAME; gripe = "malformed domain name"; } else { @@ -1045,7 +1045,7 @@ int dns_lookup_x(const char *name, unsigned type, unsigned flags, /* * The Linux resolver misbehaves when given an invalid domain name. */ - if (strcmp(name, ".") && !valid_hostname(name, DONT_GRIPE)) { + if (strcmp(name, ".") && !valid_hostname(name, DONT_GRIPE | DO_WILDCARD)) { if (why) vstring_sprintf(why, "Name service error for %s: invalid host or domain name", diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h index b3838f76f..5045613f1 100644 --- a/postfix/src/global/mail_version.h +++ b/postfix/src/global/mail_version.h @@ -20,8 +20,8 @@ * Patches change both the patchlevel and the release date. Snapshots have no * patchlevel; they change the release date only. */ -#define MAIL_RELEASE_DATE "20230605" -#define MAIL_VERSION_NUMBER "3.8.1" +#define MAIL_RELEASE_DATE "20230901" +#define MAIL_VERSION_NUMBER "3.8.2" #ifdef SNAPSHOT #define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE diff --git a/postfix/src/smtp/smtp.h b/postfix/src/smtp/smtp.h index 35d97da2a..f8c8f588b 100644 --- a/postfix/src/smtp/smtp.h +++ b/postfix/src/smtp/smtp.h @@ -504,17 +504,19 @@ extern HBC_CALL_BACKS smtp_hbc_callbacks[]; (session->state->request->msg_stats.active_arrival.tv_sec - \ session->state->request->msg_stats.incoming_arrival.tv_sec) +#define TRACE_REQ_ONLY (DEL_REQ_TRACE_ONLY(state->request->flags)) + #define PLAINTEXT_FALLBACK_OK_AFTER_STARTTLS_FAILURE \ (session->tls_context == 0 \ && state->tls->level == TLS_LEV_MAY \ - && PREACTIVE_DELAY >= var_min_backoff_time \ + && (TRACE_REQ_ONLY || PREACTIVE_DELAY >= var_min_backoff_time) \ && !HAVE_SASL_CREDENTIALS) #define PLAINTEXT_FALLBACK_OK_AFTER_TLS_SESSION_FAILURE \ (session->tls_context != 0 \ && SMTP_RCPT_LEFT(state) > SMTP_RCPT_MARK_COUNT(state) \ && state->tls->level == TLS_LEV_MAY \ - && PREACTIVE_DELAY >= var_min_backoff_time \ + && (TRACE_REQ_ONLY || PREACTIVE_DELAY >= var_min_backoff_time) \ && !HAVE_SASL_CREDENTIALS) /* diff --git a/postfix/src/util/valid_hostname.c b/postfix/src/util/valid_hostname.c index 07c9eca68..8b234c4dc 100644 --- a/postfix/src/util/valid_hostname.c +++ b/postfix/src/util/valid_hostname.c @@ -83,7 +83,7 @@ /* valid_hostname - screen out bad hostnames */ -int valid_hostname(const char *name, int gripe) +int valid_hostname(const char *name, int flags) { const char *myname = "valid_hostname"; const char *cp; @@ -91,6 +91,7 @@ int valid_hostname(const char *name, int gripe) int label_count = 0; int non_numeric = 0; int ch; + int gripe = flags & DO_GRIPE; /* * Trivial cases first. @@ -116,6 +117,15 @@ int valid_hostname(const char *name, int gripe) } if (!ISDIGIT(ch)) non_numeric = 1; + } else if ((flags & DO_WILDCARD) && ch == '*') { + if (label_length || label_count || (cp[1] && cp[1] != '.')) { + if (gripe) + msg_warn("%s: '*' can be the first label only: %.100s", myname, name); + return (0); + } + label_count++; + label_length++; + non_numeric = 1; } else if (ch == '.') { if (label_length == 0 || cp[1] == 0) { if (gripe) diff --git a/postfix/src/util/valid_hostname.h b/postfix/src/util/valid_hostname.h index b06fc1758..463bc6ef8 100644 --- a/postfix/src/util/valid_hostname.h +++ b/postfix/src/util/valid_hostname.h @@ -18,6 +18,8 @@ #define DONT_GRIPE 0 #define DO_GRIPE 1 +#define DONT_WILDCARD 0 +#define DO_WILDCARD (1<<1) extern int valid_hostname(const char *, int); extern int valid_hostaddr(const char *, int);