From 5e61585d76ae77fd5e9e96ebabb57afa4d74880d Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sat, 27 Apr 2024 14:06:34 +0200 Subject: Adding upstream version 3.5.24. Signed-off-by: Daniel Baumann --- IPv6-ChangeLog | 483 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 483 insertions(+) create mode 100644 IPv6-ChangeLog (limited to 'IPv6-ChangeLog') diff --git a/IPv6-ChangeLog b/IPv6-ChangeLog new file mode 100644 index 0000000..ed55e64 --- /dev/null +++ b/IPv6-ChangeLog @@ -0,0 +1,483 @@ +ChangeLog for Dean Strik's IPv6 patch for Postfix. The patch is based on +PLD's patch, which in turn seems to be based on KAME's. For more information: + + http://www.ipnet6.org/postfix/ + +--------------------------------------------------------------------- + +Version 1.25 Postfix release 2.1.3 + Postfix release 2.0.20 + Postfix snapshot 2.2-20040616 + + Bugfix: Misplaced myfree() caused a small memory leak. Reported + by Christian von Roques. + File: util/match_ops.c + + Removed the colon (:) from the characters XFORWARD replaces by + a question mark (IPv6 addresses looked like 2001?610?1108?5010??1 + in logging). Reported by Philipp Morger. + File: smtpd/smtpd.c + +Version 1.24 Postfix release 2.1.1 + Postfix release 2.0.20 + Postfix snapshot 2.0.19-20040312 + Postfix snapshot 2.2-20040504 + + Bugfix: Prefixlen non-null host portion validation (in CIDR maps + for example) yielded incorrect results sometimes because signed + arithmetic was used instead of unsigned. + File: util/match_ops.c + + Patch correction: The TLS+IPv6 patch for Postfix 2.1.0 missed + the master.cf update (used for new installations). Added it + back. + +Version 1.23 Postfix release 2.1.0 + Postfix release 2.0.20 + Postfix snapshot 2.0.19-20040312 + + Patch fixes: Several code fixes to make the patch compile + and work correctly when compiled without IPv6 support. + + Bugfix (Solaris only?): address family length was not updated + which could cause client hostname validation errors. + File: smtpd/smtpd_peer.c + + Portability: added support for Darwin 7.3+. This may need + some further testing. + + Cleanup: Restructure and redocument interface address + retrieval functions. (This reduced the number of preprocessor + statements from 99 to 93 ;) + File: util/inet_addr_local.c + + Cleanup: make several explicit casts to have compilers shut + their pie holes about uninteresting things. + +Version 1.22 Postfix release 2.0.19 + Postfix snapshot 2.0.19-20040312 + + Feature: Support "inet_interfaces = IPv4:all" and + "inet_interfaces = IPv6:all", to restrict postfix to use + either IPv4-only or IPv6-only. A more complete implementation + will be part of a future patch. (Slightly modified) patch by + Michal Ludvig, SuSE. + Files: util/interfaces_to_af.[ch], util/inet_addr_local.c, + global/own_inet_addr.c, global/wildcard_inet_addr.[ch], + master/master_ent.ch + + Bugfix: In Postfix snapshots, a #define was misplaced with + the effect that IPv6 subnets were not included in auto- + generated $mynetworks (i.e., mynetworks not defined in main.cf, + when also mynetworks_style=subnet) on Linux 2.x systems. + File: utils/sys_defs.h + +Version 1.21a Postfix snapshots 2.0.18-2004{0122,0205,0209} + 2.0.19-20040312 + + TLS/snapshot version: Update TLS patch to 0.8.18-20040122. + Performed as a total repatch. 0.8.18 is cleaner with tls_* + variables if TLS is not actually compiled in. + +Version 1.21 Postfix releases 2.0.18 - 2.0.19 + Postfix snapshot 2.0.16-20031231 + + Bugfix: The SMTP client could fail to setup a connection, + erroring with a bogus "getaddrinfo(...): hostname nor servname + provided" warning, because the wrong address was selected. + File: smtp/smtp_connect.c + + Safety: in dynamically growing data structures, update the + length info after (instead of before) updating the data size. + File: util/inet_addr_list.c + +Version 1.20 Postfix release 2.0.16 + Postfix snapshot 2.0.16-20031207 + + Bugfix: The SMTP client would abort when binding to specific + IPv6 addresses. + File: smtp/smtp_connect.c + + Synchronisation/bugfix: LMTP source address binding is identical + to the SMTP source binding setup, avoiding the need for + lmtp_bind_address(6) if inet_interfaces is set to a single + host for an address family. + File: lmtp/lmtp_connect.c + +Version 1.19 Postfix release 2.0.16 + Postfix snapshot 2.0.16-20031207 + + Bugfix: Synchronisation of TLS patches in snapshots of 1.18[ab] + was not complete, causing a crash of smtpd if used with the new + proxy agent. + File: smtpd/smtpd.c + + Bugfix: SMTP source address binding based on a single hostname + in inet_interfaces did not work since the code counted IPv4 and + IPv6 addresses instead of only the used address family. Fixed, + thereby no longer requiring exact specification of + smtp_bind_address(6) in this case. + File: smtp/smtp_connect.c + + Bugfix: The QMQP sink server did not compile correctly. This + program, part of smtpstone tools, is not compiled or installed + by default. + File: smtpstone/qmqp-sink.c + + Bugfix: NI_WITHSCOPEID was not correctly defined everywhere, + which could result in EAI_BADFLAGS. Changed location of + definition to correct it. + Files: util/sys_defs.h, util/inet_addr_list.h + +Version 1.18b Postfix snapshot 2.0.16-20030921 + + IPv6 support: Added IPv6-enabled code to the new snapshot + check_*_{ns,mx}_access restrictions. + File: smtpd/smtpd_check.c + +Version 1.18a Postfix release 2.0.16 + + Update (TLS patches): Updated Lutz Jaenicke's TLS patch to + version 0.8.16. See pfixtls/ChangeLog for details. + Diff contributed by Tuomo Soini. + + The TLS+IPv6 patch now contains the original TLS patch + documentation from Lutz Jaenicke. + +Version 1.18 Postfix releases 2.0.14 - 2.0.15 + Postfix snapshot 2.0.14-20030812 + + Bugfix: Perform actual hostname verification in the SMTP + and QMTP servers. This was never supported in the IPv6 + patch. Reported by Wolfgang S. Rupprecht. + Files: smtpd/smtpd_peer.c, qmqpd/qmqpd_peer.c + + IPv6 address ranges using address/prefixlength (e.g. in + mynetworks and access maps) should be written as + [ipv6:addr:ess]/plen (e.g. [fec0:10:20::]/48). The old + supported syntax, [ipv6:addr:ess/plen] is deprecated and + support will be removed in a later version. + Thanks to Dr. Peter Bieringer and Pekka Savola for discussion. + Files: util/match_ops.c, global/mynetworks.c + + Explicitly prefer IPv6 over IPv4 addresses when delivering + to a host when MX lookups are disabled when SMTP address + randomization is on (default). + File: smtp/smtp_addr.c + + Compliance: write IPv6 address literals in mail headers + as [IPv6:addr] instead of [addr] as per RFC 2821:4.1.3 + tagging requirement, for example [IPv6:fec0:10:20::1]. + Pointed out by Dr. Peter Bieringer. + Files: smtpd/smtpd{,_peer,_state}.c, smtpd/smtpd.h + +Version 1.17 Postfix release 2.0.13, 2.0.14 + Postfix snapshot 2.0.13-20030706, 2.0.14-20030812 + + Bugfix: Two memory allocation/deallocation bugs were + introduced in patch 1.16. The impact of these bugs could + be 'arbitrary' memory corruption. + File: util/match_ops.c + +Version 1.16 Postfix release 2.0.13 + Postfix snapshot 2.0.13-20030706 + + Cleanup: rewrote match_ops.c. This rewrite is partly based on + patch by Takahiro Igarashi. The rewrite enables some better + handling of scoped addresses, and drops all GPL code from the + patch, easying license considerations. Also, allowed for + use of this code by the CIDR maps. + Files: util/match_ops.[ch] + + Bugfix: correctly relay for scoped unicast addresses when + applicable. Until now, while Postfix was able to recognize + scoped addresses, it was not able to see e.g. fe80::10%fxp0 + as local in mynetworks validation. KAME-only code. + (I've never heard of people using scoped addresses (think + link-local addresses) for mail relaying though...) + Files: util/inet_addr_list.[ch] + + Feature (snapshot only): rewrote CIDR maps code to support + IPv6 addresses, using new match_ops code. Allow the use + of [::/0] since it allows one to easily disable further + checks for IPv6 addresses. + File: util/dict_cidr.c + + Consistency: require IPv6 addresses in inet_interfaces to + be enclosed in square brackets. + File: util/inet_addr_host.c + + Bugfix: (Linux2-only) A #define was misspelled. This could + lead to Postfix being unable to read the system's local IPv6 + addresses (e.g. when using inet_interfaces). + Spotted by Jochen Friedrich. + File: util/sys_defs.h + + Cleanup: require non-null host portion in CIDR / + prefixlength notations for IPv6 (was IPv4-only). + +Version 1.15a Postfix release 2.0.13 + + Update (TLS patches): Updated Lutz Jaenicke's TLS patch + to version 0.8.15. This version introduces new options + for managing SASL mechanisms. More information at: + http://www.aet.tu-cottbus.de/personen/jaenicke/pfixtls/ + Diff contributed by Tuomo Soini. + +Version 1.15 Postfix release 2.0.12, 2.0.13 + Postfix snapshot 2.0.12-20030621 + + Bugfix (TLS-snapshots only): a change in Postfix snapshot + 2.0.11-20030609 broke initialisation of TLS in smtpd, + causing TLS to both be unadvertised and unaccepted. + This was fixed again by reordering initialisation. + File: smtpd/smtpd.c + + Update (TLS patches): Updated Lutz Jaenicke's TLS patch + to version 0.8.14. This version introduces a few fixes and + uses USE_SSL instead of HAS_SSL. More information at: + http://www.aet.tu-cottbus.de/personen/jaenicke/pfixtls/ + Diff contributed by Tuomo Soini. + + Bugfix (Postfix releases only - this was already added to + the snapshots in patch 1.14). KAME derived systems only. + Correctly decode scoped addresses, including network + interface specifiers. + File: util/inet_addr_local.c + +Version 1.14 Postfix releases 2.0.9, 2.0.10, 2.0.11, 2.0.12 + Postfix snapshots 2.0.9-20030424, 2.0.10-20030521, + 2.0.11-20030609, 2.0.12-20030611 + + Patch change: made the patch available as an IPv6-only + patch (i.e., without the TLS code). This on popular + request by users and packagers. + A TLS+IPv6 version is still available of course. + + Bugfix: correctly decode scoped addresses from now on + (KAME derived systems only). I think the original code + was written by Itojun, so I'm rather puzzled that it + didn't work... + File: util/inet_addr_local.c + + Bugfix/portability: Recent KAME snapshots return both + TCP and SCTP address information on getaddrinfo() if + no protocol was specified. This causes the socket counts + to be wrong, confusing child processes. + Merged patch by JINMEI Tatuya of KAME to fix this. + Files: master/master.h, master/master_{ent,conf}.[ch], + util/inet_listen.c + + Documentation: added an IPV6_README file to the patch. + This file contains the primary documentation. Also, + added a sample-ipv6.cf to describe the (currently few) + IPv6 related main.cf parameters. + + Bugfix: the netmask structures for the *unsupported* + platforms (boldly assume /64) were added to the wrong + list (addresses instead of masks). This bug did not affect + any supported platform though. + File: util/inet_addr_local.c + + Portability: added support for HP/Compaq Tru64Unix V5.1 + and later. (compiled with CompaqCC only). + Thanks to Sten Spans for providing root access to an + IPv6-connected Tru64 testing machine. + +Version 1.13 Postfix releases 2.0.4 - 2.0.9 + Postfix snapshots 2.0.3-20030126 - 2.0.7-20030319 + + Bugfix: Due to a missing storage pointer, DNS lookup + results in the permit_mx_backups code were not processed, + and smtpd would likely crash. + Thanks to Wouter de Jong for reporting the crashes. + File: smtpd/smtpd_check.c + + Incompatible change: The addresses given to the parameters + smtp_bind_address6 and lmtp_bind_address6 now need to be + enclosed in square brackets for consistency. + Files: [ls]mtp/[ls]mtp_connect.c + +Version 1.12 Postfix releases 2.0.2, 2.0.3 + Postfix snapshots 2.0.2-20030115, 2.0.3-20030126 + + Bugfix/workaround (Solaris): A simplified comparison + function for Solaris' qsort() function, would result + in corruption of network addresses in the SMTP client. + Fixed. Reported with possible fix by Edvard Tuinder. + File: smtp/smtp_addr.c + +Version 1.11 Postfix releases 2.0.0.x, 2.0.1, 2.0.2 + Postfix snapshots 2.0.0-20030105, 2.0.1-20030112 + 2.0.2-20030115 + + Bugfix (Solaris): Properly initialize lifconf structure + when requesting host interface addresses. If you get + warnings about SIOCGLIFCONF with earlier versions, + please upgrade. + File: util/inet_addr_local.c + + Patch fix: fixed compilation errors in case the patch is + applied but built without IPv6 support (i.e., on unsupported + platforms). + +Version 1.10 Postfix snapshots 1.1.12-200212{19,21} + Postfix releases 2.0.0, 2.0.0.{1,2} + Postfix snapshots 2.0.0-20021223 - 2.0.0-20030101 + + 'Bugfix': don't show spurious warnings on Linux systems + about missing /proc/net/if_inet6 unless verbose mode + is enabled. + File: util/inet_addr_local.c + + Bugfix: If unable to create a socket for a specific adress + in the SMTP client (e.g., when trying to create an IPv6 + connection while the local host has no configured IPv6 + addresses), then stop the attempt. + File: smtp/smtp_connect.c + + Small bugfix: never query DNS for . + This syntax now correctly generates an error immediately. + File: global/resolve_local.c + + Updated TLS patch to 0.8.12-1.1.12-20021219-0.9.6h, fixing + a bug with "sendmail -bs". + +Version 1.9 Postfix version 1.1.11-20021115 + Postfix version 1.1.12-2002{1124,1209-1213} + + Bugfix: with getifaddrs() code (*BSD, linux-USAGI), IPv4 + netmasks were set to /32 effectively. Work around broken + netmask data structures (*BSD only perhaps). + + Bugfix: same data corruption in another place created + entirely wrong IPv4 netmasks. Work around broken + SIOCGIFNETMASK structure. + + New code was added for correct IPv6 netmasks. The original + code did not contain IPv6 netmask support at all! + For Solaris, use SIOCGLIF*; Linux: /proc/net/if_inet6. + Getifaddrs() support is used otherwise. This should cover + all supported systems. Other systems also work, prefix + length is always set to /64 then. + + Since there are no classes (context: Class A, class B etc + networks) with IPv6, default to IPv6 subnet style if the + mynetworks style is 'class'. I recommend against this style + anyway. + + Added support to display IPv6 nets mynetworks output. + +Version 1.8 Postfix version 1.1.11-200211{01,15} + + An earlier author of the patch made a typo in the GAI_STRERROR() + macro, resulting in bogus error messages when checking for + PTR records. Fixed. + + IPv4-mapped addresses in the smtpd are converted to true IPv4 + addresses just after the connection has been made. This means + that all IPv4-mapped addresses are now logged as true IPv4 + addresses. Hence beside RBL checks, also access maps now treat + IPv4-mapped addresses as native IPv4. Note that ::ffff:... + entries in your access tables will no longer work. + + You can now specify IPv6 'parent' networks in your access maps, + e.g. to reject all mail from 3ffe:200:... nodes, add the line + 3ffe:200 REJECT + Use of trailing colons is discouraged because postmap will + warn about it possibly being an alias... + NOTE: I'll soon obsolete this again in favor of the more + common address/len notation. This was just so trivial to add + that it didn't hurt and I needed it :) + + For easy reference, the version of the TLS/IPv6 patch can be + dynamically queried using the tls_ipv6_version variable. + This gives the short version (like, "1.8"). + + The service bind address for 'inet' sockets in master.cf (e.g., + smtpd), must be enclosed in square brackets '[..]' for IPv6 + addresses. The old style (without brackets) still works but is + unsupported and may be removed in the future. Example + [::1]:smtp inet n - n - - smtpd + +Version 1.7 Postfix version 1.1.11-20021029 - 1.1.11-20021101 + + Postfix' SMTP client performs randomization of MX addresses + when sending mail. This however could result in A records + being used before AAAA records. This has been corrected. + + Note that from Postfix version 1.1.11-20021029 on, there is + a proxy_interfaces parameter. This has of course not been + ported to IPv6 addresses... + +Version 1.6 Postfix version 1.1.11-20020928 + + Added IPv6 support for backup_mx_networks feature; also the + behaviour when DNS lookups fail when checking whether the + local host is an MX for a domain conforms to the IPv4 case: + defer rather than allow. + +Version 1.5 Postfix version 1.1.11-20020917 + + I introduced two bugs when I rewrote my older LMTP IPv6 patch. + These bugs effectively rendered LMTP useless. Now fixed. + Bugs spotted by Kaj Niemi. + + Now supports Solaris 8 and 9. Due to lack of testing equipment, + this has been only tested in production on Solaris 9, both + with gcc and the Sun Workshop Compiler. + +Version 1.4 Postfix version 1.1.11-20020822 - 1.1.11-20020917 + + OpenBSD (>=200003) and FreeBSD release 4 and up now use + getifaddrs(). This makes for cleaner code. The old code + seems to be bug-ridden anyway. + + Got rid of some compiler warnings. Should be cleaner on + Alpha as well now. Thanks to Sten Spans for providing me + access to an Alpha running FreeBSD4. + + Fixed an old bug in smtpd memory alloation if you compiled + without IPv6 support (the wrong buffer size was used. This + was harmless for IPv6-enabled compiles since the sizes were + equal then). + + Added ChangeLog to the patch (as IPv6-ChangeLog) (this + was absent in 1.3 contrary to docs). + +Version 1.3 Postfix version 1.1.11-20020613 - 1.1.11-20020718 + + FYI: In postfix version 1.1.11-20020718, DNS lookups for + AAAA can be done natively. The code matches the code in + the patch (though the #ifdef changed from INET6 to T_AAAA). + This change causes the patch for 1.1.11-20020718 to be a + bit smaller. + +Version 1.2 Postfix version 1.1.11-20020613 + + Added IPv6 support for the LMTP client. + + Added lmtp_bind_address and lmtp_bind_address6 parameters, + similar to those for smtp. + + Added IPv6 support for the QMQP server. + +Version 1.1 Postfix version 1.1.11-20020602 - 1.1.11-20020613 + + Added parameter smtp_bind_address6. By using this parameter, + it is possible to bind to an IPv6 address, independently of + IPv4 address binding. + + Lutz fixed a bug in his TLS patch regarding SASL. Incorporated. + +Version 1.0.x Postfix version 1.1.8-20020505 - 1.1.11-20020602 + + Patch derived from PLD's IPv6 patch for Postfix, revision 1.10 + which applied to early Postfix snapshots 1.1.x. Updated this + patch to apply to 1.1.8-20020505. + + Added compile-time checks for SS_LEN. Some Linux installations, + and maybe other systems, do define SA_LEN, but not SS_LEN. + + Several updates of postfix snapshots. + -- cgit v1.2.3