484 lines
17 KiB
Plaintext
484 lines
17 KiB
Plaintext
ChangeLog for Dean Strik's IPv6 patch for Postfix. The patch is based on
|
|
PLD's patch, which in turn seems to be based on KAME's. For more information:
|
|
|
|
http://www.ipnet6.org/postfix/
|
|
|
|
---------------------------------------------------------------------
|
|
|
|
Version 1.25 Postfix release 2.1.3
|
|
Postfix release 2.0.20
|
|
Postfix snapshot 2.2-20040616
|
|
|
|
Bugfix: Misplaced myfree() caused a small memory leak. Reported
|
|
by Christian von Roques.
|
|
File: util/match_ops.c
|
|
|
|
Removed the colon (:) from the characters XFORWARD replaces by
|
|
a question mark (IPv6 addresses looked like 2001?610?1108?5010??1
|
|
in logging). Reported by Philipp Morger.
|
|
File: smtpd/smtpd.c
|
|
|
|
Version 1.24 Postfix release 2.1.1
|
|
Postfix release 2.0.20
|
|
Postfix snapshot 2.0.19-20040312
|
|
Postfix snapshot 2.2-20040504
|
|
|
|
Bugfix: Prefixlen non-null host portion validation (in CIDR maps
|
|
for example) yielded incorrect results sometimes because signed
|
|
arithmetic was used instead of unsigned.
|
|
File: util/match_ops.c
|
|
|
|
Patch correction: The TLS+IPv6 patch for Postfix 2.1.0 missed
|
|
the master.cf update (used for new installations). Added it
|
|
back.
|
|
|
|
Version 1.23 Postfix release 2.1.0
|
|
Postfix release 2.0.20
|
|
Postfix snapshot 2.0.19-20040312
|
|
|
|
Patch fixes: Several code fixes to make the patch compile
|
|
and work correctly when compiled without IPv6 support.
|
|
|
|
Bugfix (Solaris only?): address family length was not updated
|
|
which could cause client hostname validation errors.
|
|
File: smtpd/smtpd_peer.c
|
|
|
|
Portability: added support for Darwin 7.3+. This may need
|
|
some further testing.
|
|
|
|
Cleanup: Restructure and redocument interface address
|
|
retrieval functions. (This reduced the number of preprocessor
|
|
statements from 99 to 93 ;)
|
|
File: util/inet_addr_local.c
|
|
|
|
Cleanup: make several explicit casts to have compilers shut
|
|
their pie holes about uninteresting things.
|
|
|
|
Version 1.22 Postfix release 2.0.19
|
|
Postfix snapshot 2.0.19-20040312
|
|
|
|
Feature: Support "inet_interfaces = IPv4:all" and
|
|
"inet_interfaces = IPv6:all", to restrict postfix to use
|
|
either IPv4-only or IPv6-only. A more complete implementation
|
|
will be part of a future patch. (Slightly modified) patch by
|
|
Michal Ludvig, SuSE.
|
|
Files: util/interfaces_to_af.[ch], util/inet_addr_local.c,
|
|
global/own_inet_addr.c, global/wildcard_inet_addr.[ch],
|
|
master/master_ent.ch
|
|
|
|
Bugfix: In Postfix snapshots, a #define was misplaced with
|
|
the effect that IPv6 subnets were not included in auto-
|
|
generated $mynetworks (i.e., mynetworks not defined in main.cf,
|
|
when also mynetworks_style=subnet) on Linux 2.x systems.
|
|
File: utils/sys_defs.h
|
|
|
|
Version 1.21a Postfix snapshots 2.0.18-2004{0122,0205,0209}
|
|
2.0.19-20040312
|
|
|
|
TLS/snapshot version: Update TLS patch to 0.8.18-20040122.
|
|
Performed as a total repatch. 0.8.18 is cleaner with tls_*
|
|
variables if TLS is not actually compiled in.
|
|
|
|
Version 1.21 Postfix releases 2.0.18 - 2.0.19
|
|
Postfix snapshot 2.0.16-20031231
|
|
|
|
Bugfix: The SMTP client could fail to setup a connection,
|
|
erroring with a bogus "getaddrinfo(...): hostname nor servname
|
|
provided" warning, because the wrong address was selected.
|
|
File: smtp/smtp_connect.c
|
|
|
|
Safety: in dynamically growing data structures, update the
|
|
length info after (instead of before) updating the data size.
|
|
File: util/inet_addr_list.c
|
|
|
|
Version 1.20 Postfix release 2.0.16
|
|
Postfix snapshot 2.0.16-20031207
|
|
|
|
Bugfix: The SMTP client would abort when binding to specific
|
|
IPv6 addresses.
|
|
File: smtp/smtp_connect.c
|
|
|
|
Synchronisation/bugfix: LMTP source address binding is identical
|
|
to the SMTP source binding setup, avoiding the need for
|
|
lmtp_bind_address(6) if inet_interfaces is set to a single
|
|
host for an address family.
|
|
File: lmtp/lmtp_connect.c
|
|
|
|
Version 1.19 Postfix release 2.0.16
|
|
Postfix snapshot 2.0.16-20031207
|
|
|
|
Bugfix: Synchronisation of TLS patches in snapshots of 1.18[ab]
|
|
was not complete, causing a crash of smtpd if used with the new
|
|
proxy agent.
|
|
File: smtpd/smtpd.c
|
|
|
|
Bugfix: SMTP source address binding based on a single hostname
|
|
in inet_interfaces did not work since the code counted IPv4 and
|
|
IPv6 addresses instead of only the used address family. Fixed,
|
|
thereby no longer requiring exact specification of
|
|
smtp_bind_address(6) in this case.
|
|
File: smtp/smtp_connect.c
|
|
|
|
Bugfix: The QMQP sink server did not compile correctly. This
|
|
program, part of smtpstone tools, is not compiled or installed
|
|
by default.
|
|
File: smtpstone/qmqp-sink.c
|
|
|
|
Bugfix: NI_WITHSCOPEID was not correctly defined everywhere,
|
|
which could result in EAI_BADFLAGS. Changed location of
|
|
definition to correct it.
|
|
Files: util/sys_defs.h, util/inet_addr_list.h
|
|
|
|
Version 1.18b Postfix snapshot 2.0.16-20030921
|
|
|
|
IPv6 support: Added IPv6-enabled code to the new snapshot
|
|
check_*_{ns,mx}_access restrictions.
|
|
File: smtpd/smtpd_check.c
|
|
|
|
Version 1.18a Postfix release 2.0.16
|
|
|
|
Update (TLS patches): Updated Lutz Jaenicke's TLS patch to
|
|
version 0.8.16. See pfixtls/ChangeLog for details.
|
|
Diff contributed by Tuomo Soini.
|
|
|
|
The TLS+IPv6 patch now contains the original TLS patch
|
|
documentation from Lutz Jaenicke.
|
|
|
|
Version 1.18 Postfix releases 2.0.14 - 2.0.15
|
|
Postfix snapshot 2.0.14-20030812
|
|
|
|
Bugfix: Perform actual hostname verification in the SMTP
|
|
and QMTP servers. This was never supported in the IPv6
|
|
patch. Reported by Wolfgang S. Rupprecht.
|
|
Files: smtpd/smtpd_peer.c, qmqpd/qmqpd_peer.c
|
|
|
|
IPv6 address ranges using address/prefixlength (e.g. in
|
|
mynetworks and access maps) should be written as
|
|
[ipv6:addr:ess]/plen (e.g. [fec0:10:20::]/48). The old
|
|
supported syntax, [ipv6:addr:ess/plen] is deprecated and
|
|
support will be removed in a later version.
|
|
Thanks to Dr. Peter Bieringer and Pekka Savola for discussion.
|
|
Files: util/match_ops.c, global/mynetworks.c
|
|
|
|
Explicitly prefer IPv6 over IPv4 addresses when delivering
|
|
to a host when MX lookups are disabled when SMTP address
|
|
randomization is on (default).
|
|
File: smtp/smtp_addr.c
|
|
|
|
Compliance: write IPv6 address literals in mail headers
|
|
as [IPv6:addr] instead of [addr] as per RFC 2821:4.1.3
|
|
tagging requirement, for example [IPv6:fec0:10:20::1].
|
|
Pointed out by Dr. Peter Bieringer.
|
|
Files: smtpd/smtpd{,_peer,_state}.c, smtpd/smtpd.h
|
|
|
|
Version 1.17 Postfix release 2.0.13, 2.0.14
|
|
Postfix snapshot 2.0.13-20030706, 2.0.14-20030812
|
|
|
|
Bugfix: Two memory allocation/deallocation bugs were
|
|
introduced in patch 1.16. The impact of these bugs could
|
|
be 'arbitrary' memory corruption.
|
|
File: util/match_ops.c
|
|
|
|
Version 1.16 Postfix release 2.0.13
|
|
Postfix snapshot 2.0.13-20030706
|
|
|
|
Cleanup: rewrote match_ops.c. This rewrite is partly based on
|
|
patch by Takahiro Igarashi. The rewrite enables some better
|
|
handling of scoped addresses, and drops all GPL code from the
|
|
patch, easying license considerations. Also, allowed for
|
|
use of this code by the CIDR maps.
|
|
Files: util/match_ops.[ch]
|
|
|
|
Bugfix: correctly relay for scoped unicast addresses when
|
|
applicable. Until now, while Postfix was able to recognize
|
|
scoped addresses, it was not able to see e.g. fe80::10%fxp0
|
|
as local in mynetworks validation. KAME-only code.
|
|
(I've never heard of people using scoped addresses (think
|
|
link-local addresses) for mail relaying though...)
|
|
Files: util/inet_addr_list.[ch]
|
|
|
|
Feature (snapshot only): rewrote CIDR maps code to support
|
|
IPv6 addresses, using new match_ops code. Allow the use
|
|
of [::/0] since it allows one to easily disable further
|
|
checks for IPv6 addresses.
|
|
File: util/dict_cidr.c
|
|
|
|
Consistency: require IPv6 addresses in inet_interfaces to
|
|
be enclosed in square brackets.
|
|
File: util/inet_addr_host.c
|
|
|
|
Bugfix: (Linux2-only) A #define was misspelled. This could
|
|
lead to Postfix being unable to read the system's local IPv6
|
|
addresses (e.g. when using inet_interfaces).
|
|
Spotted by Jochen Friedrich.
|
|
File: util/sys_defs.h
|
|
|
|
Cleanup: require non-null host portion in CIDR /
|
|
prefixlength notations for IPv6 (was IPv4-only).
|
|
|
|
Version 1.15a Postfix release 2.0.13
|
|
|
|
Update (TLS patches): Updated Lutz Jaenicke's TLS patch
|
|
to version 0.8.15. This version introduces new options
|
|
for managing SASL mechanisms. More information at:
|
|
http://www.aet.tu-cottbus.de/personen/jaenicke/pfixtls/
|
|
Diff contributed by Tuomo Soini.
|
|
|
|
Version 1.15 Postfix release 2.0.12, 2.0.13
|
|
Postfix snapshot 2.0.12-20030621
|
|
|
|
Bugfix (TLS-snapshots only): a change in Postfix snapshot
|
|
2.0.11-20030609 broke initialisation of TLS in smtpd,
|
|
causing TLS to both be unadvertised and unaccepted.
|
|
This was fixed again by reordering initialisation.
|
|
File: smtpd/smtpd.c
|
|
|
|
Update (TLS patches): Updated Lutz Jaenicke's TLS patch
|
|
to version 0.8.14. This version introduces a few fixes and
|
|
uses USE_SSL instead of HAS_SSL. More information at:
|
|
http://www.aet.tu-cottbus.de/personen/jaenicke/pfixtls/
|
|
Diff contributed by Tuomo Soini.
|
|
|
|
Bugfix (Postfix releases only - this was already added to
|
|
the snapshots in patch 1.14). KAME derived systems only.
|
|
Correctly decode scoped addresses, including network
|
|
interface specifiers.
|
|
File: util/inet_addr_local.c
|
|
|
|
Version 1.14 Postfix releases 2.0.9, 2.0.10, 2.0.11, 2.0.12
|
|
Postfix snapshots 2.0.9-20030424, 2.0.10-20030521,
|
|
2.0.11-20030609, 2.0.12-20030611
|
|
|
|
Patch change: made the patch available as an IPv6-only
|
|
patch (i.e., without the TLS code). This on popular
|
|
request by users and packagers.
|
|
A TLS+IPv6 version is still available of course.
|
|
|
|
Bugfix: correctly decode scoped addresses from now on
|
|
(KAME derived systems only). I think the original code
|
|
was written by Itojun, so I'm rather puzzled that it
|
|
didn't work...
|
|
File: util/inet_addr_local.c
|
|
|
|
Bugfix/portability: Recent KAME snapshots return both
|
|
TCP and SCTP address information on getaddrinfo() if
|
|
no protocol was specified. This causes the socket counts
|
|
to be wrong, confusing child processes.
|
|
Merged patch by JINMEI Tatuya of KAME to fix this.
|
|
Files: master/master.h, master/master_{ent,conf}.[ch],
|
|
util/inet_listen.c
|
|
|
|
Documentation: added an IPV6_README file to the patch.
|
|
This file contains the primary documentation. Also,
|
|
added a sample-ipv6.cf to describe the (currently few)
|
|
IPv6 related main.cf parameters.
|
|
|
|
Bugfix: the netmask structures for the *unsupported*
|
|
platforms (boldly assume /64) were added to the wrong
|
|
list (addresses instead of masks). This bug did not affect
|
|
any supported platform though.
|
|
File: util/inet_addr_local.c
|
|
|
|
Portability: added support for HP/Compaq Tru64Unix V5.1
|
|
and later. (compiled with CompaqCC only).
|
|
Thanks to Sten Spans for providing root access to an
|
|
IPv6-connected Tru64 testing machine.
|
|
|
|
Version 1.13 Postfix releases 2.0.4 - 2.0.9
|
|
Postfix snapshots 2.0.3-20030126 - 2.0.7-20030319
|
|
|
|
Bugfix: Due to a missing storage pointer, DNS lookup
|
|
results in the permit_mx_backups code were not processed,
|
|
and smtpd would likely crash.
|
|
Thanks to Wouter de Jong for reporting the crashes.
|
|
File: smtpd/smtpd_check.c
|
|
|
|
Incompatible change: The addresses given to the parameters
|
|
smtp_bind_address6 and lmtp_bind_address6 now need to be
|
|
enclosed in square brackets for consistency.
|
|
Files: [ls]mtp/[ls]mtp_connect.c
|
|
|
|
Version 1.12 Postfix releases 2.0.2, 2.0.3
|
|
Postfix snapshots 2.0.2-20030115, 2.0.3-20030126
|
|
|
|
Bugfix/workaround (Solaris): A simplified comparison
|
|
function for Solaris' qsort() function, would result
|
|
in corruption of network addresses in the SMTP client.
|
|
Fixed. Reported with possible fix by Edvard Tuinder.
|
|
File: smtp/smtp_addr.c
|
|
|
|
Version 1.11 Postfix releases 2.0.0.x, 2.0.1, 2.0.2
|
|
Postfix snapshots 2.0.0-20030105, 2.0.1-20030112
|
|
2.0.2-20030115
|
|
|
|
Bugfix (Solaris): Properly initialize lifconf structure
|
|
when requesting host interface addresses. If you get
|
|
warnings about SIOCGLIFCONF with earlier versions,
|
|
please upgrade.
|
|
File: util/inet_addr_local.c
|
|
|
|
Patch fix: fixed compilation errors in case the patch is
|
|
applied but built without IPv6 support (i.e., on unsupported
|
|
platforms).
|
|
|
|
Version 1.10 Postfix snapshots 1.1.12-200212{19,21}
|
|
Postfix releases 2.0.0, 2.0.0.{1,2}
|
|
Postfix snapshots 2.0.0-20021223 - 2.0.0-20030101
|
|
|
|
'Bugfix': don't show spurious warnings on Linux systems
|
|
about missing /proc/net/if_inet6 unless verbose mode
|
|
is enabled.
|
|
File: util/inet_addr_local.c
|
|
|
|
Bugfix: If unable to create a socket for a specific adress
|
|
in the SMTP client (e.g., when trying to create an IPv6
|
|
connection while the local host has no configured IPv6
|
|
addresses), then stop the attempt.
|
|
File: smtp/smtp_connect.c
|
|
|
|
Small bugfix: never query DNS for <localpart@[domain.tld]>.
|
|
This syntax now correctly generates an error immediately.
|
|
File: global/resolve_local.c
|
|
|
|
Updated TLS patch to 0.8.12-1.1.12-20021219-0.9.6h, fixing
|
|
a bug with "sendmail -bs".
|
|
|
|
Version 1.9 Postfix version 1.1.11-20021115
|
|
Postfix version 1.1.12-2002{1124,1209-1213}
|
|
|
|
Bugfix: with getifaddrs() code (*BSD, linux-USAGI), IPv4
|
|
netmasks were set to /32 effectively. Work around broken
|
|
netmask data structures (*BSD only perhaps).
|
|
|
|
Bugfix: same data corruption in another place created
|
|
entirely wrong IPv4 netmasks. Work around broken
|
|
SIOCGIFNETMASK structure.
|
|
|
|
New code was added for correct IPv6 netmasks. The original
|
|
code did not contain IPv6 netmask support at all!
|
|
For Solaris, use SIOCGLIF*; Linux: /proc/net/if_inet6.
|
|
Getifaddrs() support is used otherwise. This should cover
|
|
all supported systems. Other systems also work, prefix
|
|
length is always set to /64 then.
|
|
|
|
Since there are no classes (context: Class A, class B etc
|
|
networks) with IPv6, default to IPv6 subnet style if the
|
|
mynetworks style is 'class'. I recommend against this style
|
|
anyway.
|
|
|
|
Added support to display IPv6 nets mynetworks output.
|
|
|
|
Version 1.8 Postfix version 1.1.11-200211{01,15}
|
|
|
|
An earlier author of the patch made a typo in the GAI_STRERROR()
|
|
macro, resulting in bogus error messages when checking for
|
|
PTR records. Fixed.
|
|
|
|
IPv4-mapped addresses in the smtpd are converted to true IPv4
|
|
addresses just after the connection has been made. This means
|
|
that all IPv4-mapped addresses are now logged as true IPv4
|
|
addresses. Hence beside RBL checks, also access maps now treat
|
|
IPv4-mapped addresses as native IPv4. Note that ::ffff:...
|
|
entries in your access tables will no longer work.
|
|
|
|
You can now specify IPv6 'parent' networks in your access maps,
|
|
e.g. to reject all mail from 3ffe:200:... nodes, add the line
|
|
3ffe:200 REJECT
|
|
Use of trailing colons is discouraged because postmap will
|
|
warn about it possibly being an alias...
|
|
NOTE: I'll soon obsolete this again in favor of the more
|
|
common address/len notation. This was just so trivial to add
|
|
that it didn't hurt and I needed it :)
|
|
|
|
For easy reference, the version of the TLS/IPv6 patch can be
|
|
dynamically queried using the tls_ipv6_version variable.
|
|
This gives the short version (like, "1.8").
|
|
|
|
The service bind address for 'inet' sockets in master.cf (e.g.,
|
|
smtpd), must be enclosed in square brackets '[..]' for IPv6
|
|
addresses. The old style (without brackets) still works but is
|
|
unsupported and may be removed in the future. Example
|
|
[::1]:smtp inet n - n - - smtpd
|
|
|
|
Version 1.7 Postfix version 1.1.11-20021029 - 1.1.11-20021101
|
|
|
|
Postfix' SMTP client performs randomization of MX addresses
|
|
when sending mail. This however could result in A records
|
|
being used before AAAA records. This has been corrected.
|
|
|
|
Note that from Postfix version 1.1.11-20021029 on, there is
|
|
a proxy_interfaces parameter. This has of course not been
|
|
ported to IPv6 addresses...
|
|
|
|
Version 1.6 Postfix version 1.1.11-20020928
|
|
|
|
Added IPv6 support for backup_mx_networks feature; also the
|
|
behaviour when DNS lookups fail when checking whether the
|
|
local host is an MX for a domain conforms to the IPv4 case:
|
|
defer rather than allow.
|
|
|
|
Version 1.5 Postfix version 1.1.11-20020917
|
|
|
|
I introduced two bugs when I rewrote my older LMTP IPv6 patch.
|
|
These bugs effectively rendered LMTP useless. Now fixed.
|
|
Bugs spotted by Kaj Niemi.
|
|
|
|
Now supports Solaris 8 and 9. Due to lack of testing equipment,
|
|
this has been only tested in production on Solaris 9, both
|
|
with gcc and the Sun Workshop Compiler.
|
|
|
|
Version 1.4 Postfix version 1.1.11-20020822 - 1.1.11-20020917
|
|
|
|
OpenBSD (>=200003) and FreeBSD release 4 and up now use
|
|
getifaddrs(). This makes for cleaner code. The old code
|
|
seems to be bug-ridden anyway.
|
|
|
|
Got rid of some compiler warnings. Should be cleaner on
|
|
Alpha as well now. Thanks to Sten Spans for providing me
|
|
access to an Alpha running FreeBSD4.
|
|
|
|
Fixed an old bug in smtpd memory alloation if you compiled
|
|
without IPv6 support (the wrong buffer size was used. This
|
|
was harmless for IPv6-enabled compiles since the sizes were
|
|
equal then).
|
|
|
|
Added ChangeLog to the patch (as IPv6-ChangeLog) (this
|
|
was absent in 1.3 contrary to docs).
|
|
|
|
Version 1.3 Postfix version 1.1.11-20020613 - 1.1.11-20020718
|
|
|
|
FYI: In postfix version 1.1.11-20020718, DNS lookups for
|
|
AAAA can be done natively. The code matches the code in
|
|
the patch (though the #ifdef changed from INET6 to T_AAAA).
|
|
This change causes the patch for 1.1.11-20020718 to be a
|
|
bit smaller.
|
|
|
|
Version 1.2 Postfix version 1.1.11-20020613
|
|
|
|
Added IPv6 support for the LMTP client.
|
|
|
|
Added lmtp_bind_address and lmtp_bind_address6 parameters,
|
|
similar to those for smtp.
|
|
|
|
Added IPv6 support for the QMQP server.
|
|
|
|
Version 1.1 Postfix version 1.1.11-20020602 - 1.1.11-20020613
|
|
|
|
Added parameter smtp_bind_address6. By using this parameter,
|
|
it is possible to bind to an IPv6 address, independently of
|
|
IPv4 address binding.
|
|
|
|
Lutz fixed a bug in his TLS patch regarding SASL. Incorporated.
|
|
|
|
Version 1.0.x Postfix version 1.1.8-20020505 - 1.1.11-20020602
|
|
|
|
Patch derived from PLD's IPv6 patch for Postfix, revision 1.10
|
|
which applied to early Postfix snapshots 1.1.x. Updated this
|
|
patch to apply to 1.1.8-20020505.
|
|
|
|
Added compile-time checks for SS_LEN. Some Linux installations,
|
|
and maybe other systems, do define SA_LEN, but not SS_LEN.
|
|
|
|
Several updates of postfix snapshots.
|
|
|