Re: v2.2.35 released

On Wednesday 21 of March 2018, Arkadiusz Miśkiewicz wrote:

On Monday 19 of March 2018, Aki Tuomi wrote:

...

https://dovecot.org/releases/2.2/dovecot-2.2.35.tar.gz https://dovecot.org/releases/2.2/dovecot-2.2.35.tar.gz.sig

[...]

...

- Fix local name handling in v2.2.34 SNI code, bug found by cPanel.

That change broke handling of such entries

local_name *.example.com { ssl_cert =

and for connection with pop3.example.com in TLS SNI default certificate is presented instead of domain specific one.

Reverting

commit 446c0b02a7802b676e893ccc4934fc7318d950ea Author: Aki Tuomi Date: Tue Mar 6 15:15:01 2018 +0200

lib-master: Correctly match when local_name has multiple names

Reported by J. Nick Koston

fixes the problem.

And proper fix: --- dovecot-2.2.35/src/lib-master/master-service-settings-cache.c 2018-03-21 10:15:09.097480691 +0100 +++ dovecot-2.2.35/src/lib-master/master-service-settings-cache.c~ 2018-03-19 10:30:01.000000000 +0100 @@ -131,7 +131,7 @@ match_local_name(const char *local_name, return TRUE; local_name = ptr+1; } - return dns_match_wildcard(filter_local_name, local_name) == 0; + return dns_match_wildcard(local_name, filter_local_name) == 0; } /* Remove any elements which there is no filter for */ -- Arkadiusz Miśkiewicz, arekm / ( maven.pl | pld-linux.org )