-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathTLS_CHANGES
2418 lines (1996 loc) · 104 KB
/
TLS_CHANGES
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
2004/09/12 == Released 0.8.19 ==
2004/09/01
- Finished updating the code by adjusting to postfix-2.2-20040829
and started using it at my own site.
2004/08/01
- Started adjusting the patch to postfix-2.2-20040729.
2004/06/21 == Re-released 0.8.18 ==
2004/06/21
- Postfix 2.1.3 has been released. Shortlived 2.1.2 did bring an
incompatibel change (patch conflict) which has been resolved.
- Fixed some typos in the tlsmgr.8 manual page (Chris Pepper
2004/04/27 == Re-released 0.8.18 ==
2004/04/27
- Postfix 2.1.0 has been released. Some minor patch conflicts with respect
to the actual code and build environment.
- Due to the restructuring of the documentation the old sample-*.cf
files are no longer available.
Took documentation already adopted by Wietse for the 2.1-RC2-IPV6+TLS
snapshot.
2004/02/09 == Re-released 0.8.18 ==
2004/02/09
- Postfix 2.0.18-20040205 is available, patchkit applies without
problems.
2004/02/02 == Release 0.8.18 ==
2004/02/02
- Incorporated Luca Berra's information into the patchkit and ran tests
with my own versions.
2004/02/01
- Reports about server side SMTP failure with Carsten's patch can be
found on postfix-users.
'Luca Berra' <[email protected]> informs, that he discoverd another
failure of the GNU patch program with a misplaced patch hunk in
smtpd.c
2004/01/30
- Edited in additional #ifdef USE_TLS conditionals. If the TLS patch
is applied but not activated (USE_TLS is not defined), a warning is
printed as soon as TLS shall be used.
2004/01/23
- Postfix 2.0.18-20040122 is now available. Several patch conflicts occur.
Even more: one hunk of the patch (which is provided in unified diff)
fails in smtp.c and causes a segmentation violation.
Carsten Hoeger <[email protected]> provides an adapted patch kit.
2004/01/02 == Released 0.8.17 ==
2004/01/02
- Postfix-2.0.16-20031231 is released. No patch conflicts.
- Changed autoresponder for TLS tests to "The Postfix Book" echo
responder (provided by Patrick Koetter and Ralf Hildebrandt).
2003/12/30
- Postfix-2.0.16-20031226 is released. No patch conflicts.
2003/12/26
- Postfix-2.0.16-20031224 is released. Resolved patch conflicts.
2003/12/16
- Postfix-2.0.16-20031215 is released. Resolved patch conflicts.
- src/global/pfixtls.c: changed occurance of "ssize_t" to "size_t"
as some quite old operating systems do no have ssize_t
(Reported by Klaus Jaehne <[email protected]> for SunOS 4.1.4).
- src/global/pfixtls.c: both the client and the server engine did
print out messages even when tls_loglevel was set to 0 (reported
by Florian Effenberger <[email protected]>): evaluate loglevel
before printing any message.
2003/11/17 == Re-released 0.8.16 ==
2003/11/17
- Postfix 2.0.16-20031113 is released. Some minor patch conflicts.
2003/10/27 == Re-released 0.8.16 ==
2003/10/24
- Postfix 2.0.16-20031022 is released. Some minor patch conflicts.
2003/09/23 == Re-released 0.8.16 ==
2003/09/23
- Postfix 2.0.16 and 2.0.16-20030921 are now available.
Resolved some minor patch conflicts.
2003/09/10 == Released 0.8.16 ==
2003/09/09
- Postfix 2.0.15 has been released including another workaround for
select() on Solaris problems. It contains additional code to catch
EAGAIN on read() in the timed_read() routine (and the respective
precautions in timed_write()
- Note: this fix is not yet part of Postfix 2.0.14-20030812.
- Added corresponding code to pfixtls_timed_read()/_write().
- Changed SSL wrappermode behaviour: use smtpd_sasl_tls_security_options
instead of smtpd_sasl_security_options as is to be expected because TLS
is active. (Bug reported by Bob Snyder <[email protected]>.)
2003/08/29 == Re-released 0.8.15 ==
2003/08/29
- Adapted patchkit to Postfix 2.0.14. No patch conflicts.
2003/07/17 == Re-released 0.8.15a (-20030715 only) ==
2003/07/16
- Experimental version Postfix 2.0.14-20030715 is released, including
the SASL changes. Resolved some minor patch conflicts.
2003/07/11 == Released 0.8.15a (-20030706 only) ==
2003/07/11
- Received error report about about TLS failing with the new smtpd_proxy
feature including instructions on how to reproduce.
(Did receive an earlier report on 2003/07/09, that however indicated other
setup problems, so that the actual problem was not visible.)
- Analysis: when introducing the new smtpd_proxy feature, different mechnisms
where introduced to either write to the cleanup daemon (as before) or to
the smtpd_proxy connection. Functions and streams are now expressed in
out_fprintf() function pointers etc. being assigned accordingly.
When updating to 0.8.15/2.0.13-20030706 this change was missed and the
routine adding the TLS information to the Received: headers did use the
older rec_fprintf() functions etc. This did work fine for the traditional
connection to the cleanup service, but naturally failed for smtpd_proxy
(with a segmentation violation).
Solution: access out_stream via the according pointers.
- The 2.0.13 stable version is not affected.
2003/07/08 == Released 0.8.15 ==
2003/07/07
- Postfix 2.0.13 and 2.0.13-20030706 are released.
Patchkit for 2.0.13 applies cleanly.
Patchkit for 2.0.13-20030607 requires several adaptations (patch conflicts,
no functional changes).
- Slightly modified SASL interface code (smpt[d]_sasl_glue layer) to
allow setting the security policy during session setup instead of
process start. This allows to actually choose SASL mechanisms available
depending on the availability of TLS encryption and authentication.
New parameters: smtpd_sasl_tls_security_options,
smtp_sasl_tls_security_options, smtp_sasl_tls_verified_security_options
- Submitted change to SASL interface to Wietse, who accepted the change
as part of the Snapshot line.
2003/06/19 == Released 0.8.14 ==
2003/06/19
- Add support for SubjectAlternativeName "dNSName" entries in certificate
checking (applies for client mode only).
If the client connects to the server, it does check the list of dNSName
entries against the expected hostname (therefore allowing the server to
have multiple identities). As described in RFC2818 (HTTP over TLS),
CommonName (CN) entries are only checked, if no dNSName entries are found
at all.
Initial patch proposed by Deti Fliegl <[email protected]>, reworked to
follow the RFC2818 rules and some cleanup.
2003/06/18
- Checked out similar settings, found another missing entry:
var_smtp_scert_vd was missing src/smtp/smtp.c.
- Renamed HAS_SSL to USE_TLS for compilation (have to use -DUSE_SSL
in the future). Currently pfixtls.h will take care of setting
USE_TLS, when HAS_SSL has been defined.
2003/06/17
- Received bug reports about Postfix/TLS failing (connection closing)
after having finished the "STARTTLS"/"220 Ready to start TLS"
dialogue. (Actually the first report came in via private mail on
2003/06/12, but the information was too diffuse to track down).
Tracking down became possible after it became clear, that only Solaris
systems are affected.
Analysis:
* As of 2003/06/09 postfix uses non-blocking socket I/O for the SMTP
connection on Solaris platforms. This requires using "select()" style
waiting before read() or write() access (which are not prepared EAGAIN
or EWOULDBLOCK in the Postfix case and therefore indicate error).
* As the var_smtpd_starttls_tmout variable is not correctly initialized
(value is 0), the select() style function is not called, therefore
read() fails with EAGAIN and the connection is closed due to a
presumed error condition.
* The initialization of the variable should be done in the time_table[]
list during main().
The entry however was lost during the patch adaptation from 0.7.13e
to 0.7.14-snap20020107 on 2002/01/07.
Impact:
* On Solaris systems, STARTTLS fails during handshake (server only).
* On other systems, the TLS negotiation phase is not protected by the
smtpd_starttls_tmout (default 300s) value and may hang until the
watchdog kills smtpd, if the client does not continue the handshake.
Restored var_smtpd_starttls_tmout variable initialization.
2003/06/12 == Re-released 0.8.13 ==
2003/06/11
- Adapted to snapshot 2.0.12-20030611. No patch conflicts.
2003/06/11
- Adapted to snapshot 2.0.11-20030609. One minor patch conflict.
2003/05/23 == Re-released 0.8.13 ==
2003/05/23
- First release against snapshot 2.0.10-20030523.
2003/04/26 == Re-released 0.8.13 ==
2003/04/26
- Updated patchkit to apply to Postfix 2.0.9.
- Updated patchkit-name to reflect the release of OpenSSL 0.9.7b.
2003/03/06 == Re-released 0.8.13 ==
2003/03/06
- Postfix 2.0.6 has been released. No patch conflicts.
2003/03/02 == Re-released 0.8.13 ==
2003/03/02
- Postfix 2.0.4 has been released. "patch" should work with some warnings
about moved line numbers.
- OpenSSL 0.9.7a has been released. No visible changes with respect to
Postfix/TLS.
2003/01/26 == Re-released 0.8.13 ==
2003/01/26
- Postfix 2.0.3 has been released. One minor patch-conflict.
2003/01/13 == Released 0.8.13 ==
2003/01/13
- Postfix 2.0.1 has been released. Some minor patch conflicts resolved.
- Added HOWTO documents contributed by Justin Davies <[email protected]>
to the contribution area.
- Added RFC3207 (SMTP Service Extension for Secure SMTP over Transport Layer
Security) to the documentation. RFC3207 is the successor of RFC2487.
- Updated TODO list to reflect release ideas up to the release of
Postfix/TLS 0.9.0. (Or will it finally be 1.0.0? :-)
2002/12/30
- OpenSSL 0.9.7 has been released. Postfix/TLS works best with the new
0.9.7 release.
2002/12/24 == Re-released 0.8.12 ==
2002/12/24
- Postfix 2.0.0.1 has been released. Resolved one minor patch conflict.
2002/12/20 == Re-released 0.8.12 ==
2002/12/20
- Postfix snapshot 1.1.12-20021214 has been released. Resolved minor
patch conflicts.
2002/12/15 == Re-released 0.8.12 ==
2002/12/15
- Postfix snapshot 1.1.12-20021214 has been released. Two minor patch
conflicts.
2002/12/06 == Released 0.8.12 ==
2002/12/06
- OpenSSL 0.9.6h has been released. Update documentation and filenames
to reflect this new release.
- Minor bug fix: when calling "sendmail -bs", smtpd is not run with
superuser permissions, therefore the loading of the private key fails.
STARTTLS is not used anyway, so the key is not needed anyway, but the
failure to load creates a misleading warning.
Do not initialize TLS engine at all when not started with superuser
permissions.
2002/12/03
- Postfix snapshot 1.1.12-20021203 has been released. Resolved one patch
conflict.
2002/11/01 == Re-released 0.8.11a ==
2002/11/01
- Postfix snapshot 1.1.11-20021031 has been released. No patch conflicts.
2002/10/30 == Re-released 0.8.11a ==
2002/10/30
- Postfix snapshot 1.1.11-20021029 has been released. No patch conflicts.
2002/09/30 == Re-released 0.8.11a ==
2002/09/30
- Postfix snapshot 1.1.11-20020928 has been released. No patch conflices.
2002/09/24
- Postfix snapshot 1.1.11-20020923 has been released. Adapt patchkit.
2002/09/19 == Re-released 0.8.11a ==
2002/09/18
- Postfix snapshot 1.1.11-20020917 has been released. Adapt patchkit.
2002/08/23 == Re-released 0.8.11a ==
2002/08/23
- Postfix snapshot 1.1.11-20020822 has been released. Adapt patchkit.
2002/08/20
- Postfix snapshot 1.1.11-20020819 has been released with several
enhancements and changes. Adapt patchkit (minor issues).
2002/08/12
- OpenSSL has experienced several (security critical) updates.
2002/07/26 == Re-released 0.8.11a ==
2002/07/26
- On popular demand, a new diff for the snapshot version of Postfix
is created: postfix-1.1.11-20020719.
2002/06/18 == Re-released 0.8.11a ==
2002/06/18
- On popular demand, a new diff for the snapshot versions of Postfix
is created: postfix-1.1.11-20020613.
2002/06/03 == Released 0.8.11a ==
2002/06/03
- When compiling with SSL but without SASL, compilation fails due to
the modification of state->sasl_mechanism_list that is not part of the
"state" structure when SASL is not compiled in.
This bug was introduced in version 0.8.11.
Bug reported and patch supplied by Bernd Matthes
2002/05/29 == Released 0.8.11 ==
2002/05/29
- Postfix 1.1.11 is released.
2002/05/25
- Fix processing of options after STARTTLS handshaking: AUTH= was not
handled, as the "=" was not recognized as for the extension list for
the case without TLS. (The TLS case was a copy of an older version
of the code not yet containing the "=" and the change in the main
code slipped through without noting the difference, hence the option
as not added to the TLS part.
Found by "Christoph Vogel" <[email protected]>.
2002/05/24
- Bug reported by "Christoph Vogel" <[email protected]>:
Client side AUTH does not work, if STARTTLS is used: if a server
announces AUTH and STARTTLS, AUTH is being used if TLS is disabled.
Once TLS is enabled, AUTH is still offered by the server, but the
client does not use it any longer.
Reason: when AUTH is offered, not only the SMTP_REATURE_AUTH flag
is set in state->features, but also the available mechanisms are
remembered in state->sasl_mechanism_list. As AUTH may be offered
twice by some hosts (in the correct "AUTH mech" form and the older
and deprecated "AUTH=mech" form), a check against processing the
line twice is included in smtp_sasl_helo_auth(). This check now
prevented the correct processing in the second evaluation of the
ESMTP extensions offered after the STARTTLS activation.
Solution: reset state->sasl_mechanism_list before processing the
extension list just like state->features.
2002/05/15 == Released 0.8.10 ==
2002/05/15
- Postfix 1.1.10 has been released. No changes.
2002/05/14 == Released 0.8.9 ==
2002/05/14
- Postfix 1.1.9 has been released. Patchkit requires a small adjustment
(supplied by Tuomo Soini <[email protected]>).
2002/05/10 == Released 0.8.8 ==
2002/05/10
- OpenSSL 0.9.6d has been released. Release the unchanged patchkit
with a new version number and under a new filename to indicate
that it should be built against 0.9.6d (it has the session caching
failure of 0.9.6c fixed). Update documentation accordingly.
2002/05/05
- Postfix 1.1.8 has been released, the patchkit applies cleanly.
2002/04/03 == Re-released 0.8.7 ==
2002/04/03
- Postfix 1.1.7 has been released, the patchkit applies cleanly.
Re-released the patchkit.
2002/03/29 == Released 0.8.7 ==
2002/03/29
- Postfix/TLS did not honor the per-recipient-switching-off in SMTP
client mode via tls_per_site (per-host-switching off was honored).
Patch by Will Day <[email protected]>.
2002/03/27 == Released 0.8.6 ==
2002/03/27
- Postfix 1.1.6 has been released. Adapted patchkit to resolve minor
patch conflict. (Template provided by Simon Matter
2002/03/13 == Released 0.8.5 ==
2002/03/13
- Postfix 1.1.5 has been released. The patchkit would apply cleanly, but
obviously the "lock_fd" change that applies to dict_dbm.c (Wietse)
also has to be applied to dict_sdbm.c. Tuomo Soini <[email protected]>
kindly provided this change.
2002/02/25 == Released 0.8.4 ==
2002/02/25
- Postfix 1.1.4 became visible. One patch conflict in a Makefile
(Carsten Hoeger <[email protected]>).
2002/02/21
- Dates in this CHANGES document were showing 2001 even though 2002 already
began :-). Fixed. (Marvin Solomon <[email protected]>)
2002/02/07
- Bug in the documentation (setup.html): the main.cf variables for the
SMTP server process have to be named smtpd_* instead of smtp_*.
Found by Andreas Piesk <[email protected]>.
2002/02/03 == Released 0.8.3 ==
2002/02/03
- Patch from Andreas Piesk <[email protected]>: remove some compiler warnings
by using explicit type casts in hexdump print statements.
- Re-released otherwise unchanged patchkit against Postfix-1.1.3.
2002/01/30 == Released 0.8.2 ==
2002/01/30
- Re-released unchanged patchkit against Postfix-1.1.2.
2002/01/24 == Released 0.8.1 ==
2002/01/24
- Postfix-1.1.1 has been released. The patchkit needed some small adjustment.
- Both Tuomo Soini <[email protected]> and Carsten Hoeger <[email protected]>
helped out with this small adjustment. As a side effect of Carsten's
complete pfixtls.diff, which I compared after applying Tuomo's adjustment,
I found that pfixtls.c contained several wrong "'" characters: on the
german keyboard there is an accent looking like the apostroph but producing
a different binary code. Obviously on Carsten's machine the code was
changed which became obvious during the comparison.
(Conclusion: I wrote the comments affected on my SuSE-Linux PC at home with
german keyboard. In my university-office I do have HP-UX workstations
with US keyboards.)
2002/01/22 == Released 0.8.0 ==
2002/01/22
- Received a comment from Wietse on the mailing list, that it is better
to resolve the "standalone" issue by using the already available
SMTPD_STAND_ALONE() macro in smtpd. Undid 0.7.16 change and made
new change in smtpd.c.
- Updated links in the References section of the documentation.
2002/01/21 == Released 0.7.16 ==
2002/01/21
- When calling "sendmail -bs" and STARTTLS is enabled, smtpd tries to
read the private key and fails due to insufficient permissions (smtpd
is run with the privileges of the user). This case is caught since
version 0.6.18 of the Postfix/TLS patchkit: STARTTLS is still being
offered but a "465 temporary failure" message is issued. Some mailers
(read this: PINE) will then refuse to continue. (And an irritating
error message indicating the failure to read the key will be logged.)
Experienced by "Lucky Green" <[email protected]> .
- Solution: Disable STARTTLS when running "sendmail -bs" by adding
"-o smtpd_use_tls=no -o smtpd_enforce_tls=no" to smtpd's arguments
upon startup. Using STARTTLS does not make sense in simulated
SMTP mode.
2002/01/18 == Released 0.7.15 ==
2002/01/18
- Postfix 1.1.0 has been released. The patchkit for the former snapshot
version applied cleanly and now becomes the patchkit for the stable
version.
2002/01/16 == Released 0.7.14a ==
2002/01/16
- Snapshot-20020115 is released. Adapted patchkit.
- Add Postfix/TLS entries into the new conf/postfix-files
(Tuomo Soini <[email protected]>, Carsten Hoeger <[email protected]>).
2002/01/14
- OpenSSL: a user reported that session caching stopped working for him
with OpenSSL 0.9.6c. I found that this is also true for my own
Postfix/TLS installation.
Solution: server side session caching is broken in OpenSSL 0.9.6c when
using non-blocking semantics (Postfix/TLS is affected as it uses
BIO-pairs); sessions are simply not added to the cache. This bug
is not security relevant. A fix has been applied to the OpenSSL source
tree for the next release.
2002/01/08 == Released 0.7.14 ==
2002/01/07
- New snapshots released as release candidates. Adapted the patchkit
to snapshot-20020107. Moved our production servers from 20010228-pl08
to snapshot-20020107 with the adapted patchkit.
- Fix documentation: tlsmgr can be run chrooted since a long time.
2001/12/21
- OpenSSL 0.9.6c is released. Postfix/TLS is fully compatible.
2001/12/19 == Released 0.7.13e ==
2001/12/19
- Adapted patchkit to snapshot-20011217.
2001/12/12 == Released 0.7.13d ==
2001/12/12
- Adapted patchkit to snapshot-20011210. Adaption provided by
Tuomo Soini <[email protected]>.
2001/11/28 == Released 0.7.13c ==
2001/11/28
- Adapted patchkit to snapshot-20011127.
2001/11/26 == Released 0.7.13b ==
2001/11/26
- Adapted patchkit to snapshot-20011125.
2001/11/22 == Released 0.7.13a ==
2001/11/22
- Adapted patchkit to snapshot-20011121.
2001/11/15 == Released 0.7.13 ==
2001/11/15
- Adapted patchkit to postfix-20010228-pl08 and snapshot-20011115.
2001/11/06 == Re-released 0.7.12 ==
2001/11/06
- Snapshot-20011105 released. No patch conflicts, but in order to have
the pfixtls-* filename and home page entry reflect the new version,
I'll re-release 0.7.12.
2001/11/05 == Released 0.7.12 ==
2001/11/05
- Release of Postfix-20010228-pl06 and snapshot-20011104. The snapshot
version had some minor patch conflicts to be resolved.
2001/10/14 == Released 0.7.11 ==
2001/10/14
- Bug fix (client mode): when the peername is checked against the CommonName
in the certificate, the comparison does not correclty ignore the case
(the peername as returned by DNS query or set in the transport map
is not transformed to lower case). This bug was introduced in 0.7.5.
2001/10/09 == Released 0.7.10 ==
2001/10/09
- Snapshot-20011008 is released. Some minor adaptions are required to
sort out patch conflicts.
2001/09/28
- Received patch from Uwe Ohse <[email protected]>: There is a bug in sdbm's
handling of the .dir file, that also applies to Postfix/TLS.
The problem only appears for large databases.
- The example entries in conf/master.cf for the submission and smtps services
use "chroot=y" flags, while the Postfix default is "chroot=n". This could
lead to hardly explainable problems when users did not note this fact
during setup.
Fixed example entries to also use "chroot=n" default.
2001/09/18
- Wietse releases Postfix-20010228-pl05. The patch applies cleanly with
"patch -p1 ...", so it is not necessary to release a new patchkit.
2001/09/04 == Released 0.7.9 ==
2001/09/04
- Due to unititialized variable in smtpd_state.c, AUTH may not be offered
without TLS even though smtpd_tls_auth_only was not enabled.
(Patch from Nick Simicich <[email protected]>.)
2001/08/29
- In the snapshot-20010808 version of 0.7.9, the "tlsmgr" line in the sample
conf/master.cf is missing (reported by Will Day <[email protected]>). Fixed.
2001/08/27 == Released 0.7.8 ==
2001/08/27
- Received bugreport about issuer_CN imprints consisting of long strings
of nonsense. This only appeard with certificates issued from a certain
CA (RSA Data Security Inc., Secure Server Certification Authority).
(Will Day <[email protected]>)
- The problem: the issuer data of this certificate is:
Issuer
C=US
O=RSA Data Security, Inc.
OU=Secure Server Certification Authority
It does not contain a CN (CommonName) field. OpenSSL's
X509_NAME_get_text_by_NID() function does not catch this condition
(no error flag set), but it also does not set the name in the memory
location specified.
- Solution:
1. Preset the memory for the string to '\0', so that a string of length
0 is obtained on the failure described above.
2. When no CN data is available, use the O (Organization) field
instead. The data are used for logging only (it is the issuer, not
the subject name), so this change does not affect functionality.
2001/08/22 == Released 0.7.7 ==
2001/08/22
- Found one more bug: erronously called SSL_get_ex_new_index() instead
of SSL_SESSION_get_ex_new_index() (note the _SESSION missing). This
could be responsible for the failure at the locations found during
debugging. Works fine on HP-UX (did also before), must cross check
at home...
2001/08/21
- Received report, that smtp (client) fails with signal 11 (platform:
linux redhat). Cannot reproduce any problem on HP-UX (did run 1
week in production before release). But malloc() and stack strategies
are different between platforms.
- Can reproduce the failure on my Linux PC at home :-(.
- Found one bug in new_session_cb(): on successfull external caching,
success is reported by a return value of 1. This however must be another
bug, as it has nothing to do with the locations of the failure, when
analyzing the core dumps/running under debugger.
Still getting SIGSEGV...
2001/08/20 == Released 0.7.6 ==
2001/08/20
- Following "popular demand" implemented new feature and configuration option
"smtpd_tls_auth_only": Only allow authentication using the AUTH protocol,
when the TLS encryption layer is active. Default is "no" in order to
keep compatiblity to postfix without TLS patch.
This option does not distinguish between different AUTH mechanisms.
2001/08/16 == Released 0.7.5 ==
2001/08/15
- The new session cache handling is working now at my site for quite some
time.
- Client side: modified peername matching code, such that wildcard
certificates can be used. Matching is done as in HTTP/TLS: only the
leftmost part of the hostname may be replaced by a '*'.
2001/08/09
- Further debugged the CRYPTO_set_ex_data() functionality.
- Unified "external cache write" and "external cache remove" callbacks
for client and server side. The "external cache read" functions are not
that easy to combine, as the lookup keys are quite different and do not
match the fixed interface to the callback function.
- Change shutdown behaviour according to SSL_shutdown(). When SSL_shutdown()
returns, the shutdown handshake may not be complete, if we were the first
party to send the shutdown alert. We must call SSL_shutdown() again,
to wait for the peer's alert.
2001/08/08
- Postfix snapshot 20010808 is being released.
2001/08/08
- Rewrite server side to remove externally cached sessions via callback.
- Rewrite client side to remove externally cached sessions via callback.
This turns out to be more difficult as expected, as the client side
session cache is sorted by hostnames, but the callbacks are called
with the SSL_SESSION objects. The information must be stored into the
SSL_SESSION objects by using the CRYPTO_set_ex_data() functionality,
the documentation of which, ahem, ...
- Reloading sessions stays separate, as the functionality is different.
2001/08/07
- Started reworking the session cache code.
* On the server side the retrieval from the external cache and the writing
to the cache are handled by callback functions. The removal is handled
directly.
* On the client side, all session cache operations are performed explicitly.
* The explicit handling is on the client side is bad, as it requires a
quite complicated logic to detect session reuse and the appropriate
handling.
* The explicit handling of session removal on both sides is bad, as
the OpenSSL library will remove sessions (on session failure) according
to the TLS specifications automatically, so we want to take advantage
of this feature and have the externally cached sessions removed as
required via callback.
- First step: on the client side, also use the new_session_cb(), so that
new sessions are automatically saved to the external cache on creation.
2001/08/01
- Postfix-20010228-pl04 is being released.
2001/07/11 == Released 0.7.4 ==
2001/07/10
- Postfix snapshot 20010709 was released. Resolved some minor patch
conflicts.
2001/07/10
- OpenSSL 0.9.6b has been released including a security fix for the
libraries internal pseudo random number generator.
* Note: to exploit the weakness, an attacker must be able to retrieve
single random bytes. As in Postfix/TLS random bytes are only used
indirectly during the SSL handshake, an attacker could never access
the PRNG in the way required to exploit the weakness.
* Postfix/TLS is therefore not vulnerable (as are most (all?) applications
utilizing the SSL layer).
* The OpenSSL team however recommends to upgrade or install the bugfix
included in the announcement in any case.
* Details can be found at http://www.openssl.org/
2001/05/31 == Released 0.7.3a ==
2001/05/30
- Report from <[email protected]>: TLS logging does not work.
Reason: parameters are not evaluated in mail_params.c, as the corresponding
lines for other_int_defaults[] were missing from the patch. This
only affected the 0.7.3-snapshot version, the version for "stable"
is correct.
I will release 0.7.3a with this fix only for the snapshot version to keep
version numbering consistent with the "stable" version.
2001/05/28 == Released 0.7.3 ==
2001/05/28
- Upgraded to snapshot-20010425: resolved some minor patch conflicts.
No functional changes.
2001/05/16
- Received french documentation (doc_french/) contributed by
Etienne Roulland <[email protected]>.
2001/05/03 == Released 0.7.2 ==
2001/05/03
- Postfix-Snapshot 20010502 is released. Bernhard Rosenkraenzer
<[email protected]> supplies an adapted patch for Postfix/TLS, as the
normal patch has several rejections because of code changes;
functionality has not changed.
2001/05/01
- Patchlevel 02 of Postfix 20010228 is being released. The Postfix/TLS
patchkit applies cleanly when using the "-p1" switch to patch.
2001/04/09 == Released 0.7.1 ==
2001/04/06
- OpenSSL 0.9.6a is released. It contains several bugfixes and will become
the recommended version to be used with Postfix/TLS.
I will run some more test and then re-release Postfix/TLS (without
additional changes to the source) as 0.7.1 to make people aware of the
new versions of Postfix and OpenSSL.
2001/04/05
- Hint from Bodo Moeller <[email protected]>:
the "Known Bugs" section in doc/test.html actually contains bugs
of clients and/or interoperatbility problems. Better name it
"Known interoperability problems" and rename the entries
"Postfix/TLS server" and "Postfix/TLS client" to improve clarity.
2001/03/29
- Patchlevel 01 of Postfix 20010228 is being released. The Postfix/TLS
patchkit applies cleanly when using the "-p1" switch to patch.
OpenSSL 0.9.6a will be out within the next handful of days, so I will
delay the release of a new patchlevel until then.
2001/03/01 == Released 0.7.0 ==
- IMPORTANT: If you are upgrading from a much older version, you will find
that some configuration options have changed over time (fingerprints are
now handled with ':'. check_relay_ccerts is now permit_tls_clientcerts.
Session caching has been reworked.)
It is recommended to re-read the sample-tls.cf file or the html version
in the documentation.
2001/03/01
- Wietse has announced the _release_ version (non-beta) or postfix:
20010228!
- Applied the Patchkit to the _release_ version (not the snapshot version).
Resolved one minor patch conflict.
- So, it's time to call this Postfix/TLS 0.7.0.
2001/02/26 == Released 0.6.38 ==
2001/02/26
- Snapshot-20010225 has been released. Resolved one minor patch conflict.
2001/02/23 == Released 0.6.37 ==
2001/02/23
- Snapshot-20010222 has been announced as RELEASE CANDIDAT. Resolved one
minor patch conflict.
- Removed "check_relay_ccerts" restriction which has been replaced
by "permit_tls_clientcerts" in 0.6.24. (Was left in until now for
transition.)
- Do not try to save session data > 8kB, since this cannot be handled
by SDBM. (This is more or less academical, since I have never met a
session even half that large.)
2001/02/19 == Released 0.6.36 ==
2001/02/05
- Snapshot-20010204 has been released. Resolved one minor patch conflict.
2001/02/03 == Released 0.6.35 ==
2001/02/03
- Snapshot-20010202 has been released. Resolved one minor patch conflict.
2001/01/29 == Released 0.6.34 ==
2001/01/29
- Snapshot-20010128 has been released. Resolved some minor patch conflicts.
2001/01/11 == Released 0.6.33 ==
2001/01/10
- Discussion in Thread "When to get peer certificate?" continues and it
comes out, that cross references between datastructures are well maintained
inside OpenSSL. A fact not well known due to lack of documentation
(seems I am facing some more work on the OpenSSL manpages :-).
- Moved around data needed for the certificate verification: a lot of
"static" entries globally needed inside pfixtls.c could now be moved
into the connection specific TLScontext.
2001/01/07 == Released 0.6.32 ==
2001/01/07
- Since now the checks at handshake stage (in pfixtls.c) are more strict,
some of the checks in smptd.c and smtp_proto.c could be removed.
At a later point I can probably move even more checks into pfixtls.c...
2001/01/05
- Had a discussion with Ari Pirinen <[email protected]> on openssl-users
(Thread: When to get peer certificate?) about the earliest possible
place to check the CommonName of the peer against the expected name.
(This is what smtp does when enforcing the peername of the server it
is connecting to.)
The final result was, that the check can already been done inside the
verifiy_callback() routine even before the handshake is completed.
The positive side effect is, that since the session is never completly
established, it is also not cached on either client or server.
- Since this is a good idea, I have extended the verify_callback in
src/global/pfixtls.c to check the CommonName of the peer (if applicable)
and have the handshake shut down immediatly on failure. I have also
changed the behaviour so that whenever a positive certificate verification
is required, the handshake is shut down immediatly.
(The versions up to now did delay these checks until the session was
established and then shut down the connection. I had established this
practice while working on BIO-pairs and running into a bug in
OpenSSL 0.9.5 (fixed now) and with the verify depth.)
2000/12/23 == Released 0.6.31 ==
2000/12/23
- Bug: When only enabling smtpd_tls_wrappermode and not additionally setting
smtpd_use_tls or smtpd_enforce_tls, the TLS engine was not fired up on
startup of smtpd
Fixed: also start TLS engine when only smtpd_tls_wrappermode is enabled.
(Experienced by "Fiamingo, Frank" <[email protected]>)
2000/12/18 == Released 0.6.30 ==
2000/12/18
- New snapshot 20001217 has been released. Due to the change of "timeout"
parameters now being its own class and table, the old patchkit does not
apply cleanly!
- Checked out Postfix/TLS parameters being timeout values and put them into
the new style time parameter table. This allows to specify time values
like 3600s or 1h. Updated sample configuration to reflect this new style.
- "Fiamingo, Frank" <[email protected]> pointed out to me, that there are
three parameters in src/global/mail_params.h (namely DEF_TLS_RAND_EXCH_NAME,
DEF_SMTPD_TLS_CERT_FILE, DEF_SMTPD_TLS_CA_FILE) that are hardcoded as
"/etc/postfix/something".
This does not match the usual style of postfix, where no paths are
hardcoded this way. I have removed the defaults for CERT_FILE and CA_FILE.
The RAND_EXCH is needed for good PRNG seeding on systems without
/dev/urandom, I however don't know yet, how to rearrange this requirement.
I could use the Postfix internal mechanisms to enforce a parameter, but
this would annoy people having compiled in TLS but not activated.
2000/12/13 == Released 0.6.29 ==
2000/12/13
- Snapshot-20001212 has been released.
- Undid bugfixes for 20001210 which now are included in the new snapshot.
2000/12/12 == Released 0.6.28 ==
2000/12/12
- Added bugfix provided by Wietse on [email protected] for
"postconf -m" behaviour.
2000/12/11
- New snapshot-20001210 released. Some patch conflicts occur. Additionally
* adjusted calls to myflock() to changed interface,
* fixed bug in smtpd_sasl_glue(), where a change to the name_mask()
call was not applied in the original snapshot.
2000/12/05 == Released 0.6.27 ==
2000/12/04
- Print informational message "SSL session removed" only when
var_smtp[d]_loglevel >= 2. (Proposed by Craig Sanders <[email protected]>.)
- Extend logging of "setting up TLS connection from/to" and corresponding
success/failure messages so that they include the hostname/ip address.
This way it is much easier to automatically analyze errors by simply
grepping for e.g. "SSL_accept error" and immediately get the peer
causing the problem without further logfile processing.
(Proposed by Craig Sanders <[email protected]>.)
- When experiencing a TLS failure due to TLS-enforced failure in client mode
(no certificate or hostname/certificate mismatch etc), immediately shut
down the TLS mode with "failure" indication, so that the SSL session is
removed immediately. This way a new session is always enforced in the
case the peer has fixed the problem; no need to wait for the timeout.
2000/11/29 == Released 0.6.26 ==
2000/11/29
- Found security relevant bug in the OpenSSL library: the verify_result
stating whether or not the certificate verification succeeded is not
stored in the session data to be cached and reused.
- This bug was found during the development of Postfix/TLS around one
year ago, the bug in the library was however only fixed for the server
side. At that time I also tested the server side behaviour but ommitted
to check the client side, too.
- Versions before Postfix/TLS 0.4.4 experienced this problem for both
server and client side. Before 0.6.0 a workaround was active for both
sides, which has been removed at 0.6.0 in the believe that the bug
was gone (I only tested the server side, which was fixed).
- Fixed that bug in OpenSSL also for the client side (I can do this myelf
now that I have been invited to join the OpenSSL developers team :-).
The fix is availabe as of today and will be part of the 0.9.7 release
of OpenSSL (or 0.9.6a, if this release will be published).
- Included a workaround inside Postfix/TLS for OpenSSL library versions
before 0.9.6a or 0.9.7, respectively.
********************** Begin Description
- By not caching the verify_result for the client side, the following
behaviour could appear:
* The problem can only appear when smtp_tls_session_cache_database
is activated.
* smtp_use_tls = yes
X On the first connection, the certificate fails verification, failure
is logged:
smtp[*]: Unverified: subject_CN=serv01.aet.tu-cottbus.de, issuer_CN=BTU-CA
For any following connections until the session times out (default 1 hour),
the peer certificate seems to pass verification:
smtp[*]: Verified: subject_CN=serv01.aet.tu-cottbus.de, issuer_CN=BTU-CA
X Security Impact:
Unverified certificates are logged as if verification had succeeded.
* smtp_enforce_tls = yes
X After the verification failure, the session is never correctly established
and hence not reused.
X Security impact:
None, as the session is never reused.
* smtp_enforce_tls = yes after smtp_tls_enforce_tls = yes for a server.
X If the session has been recorded with use_tls and then for this server
enforce_tls is set, the wrong verify_result could be used within the
session cache timeout (default = 1 hour).
X Security impact:
If TLS shall be enforced for a recipient, there is a window of approx.
one hour from setting the "enforce_tls" switch until a verification
failure is noted. For this to happen, a TLS session to that server must
have been used with use_tls set and the not-verifiable certificate must
have been recorded in that session.
- Evaluation:
Even though this _is_ a security problem, I consider risk to be *low*,
given the conditions under which the problem might occur.
********************** End Description
2000/11/27 == Released 0.6.25 ==
2000/11/26
- Added "permit_tls_all_clientcerts" for smtpd_recipient_restrictions.