v2.2.35 released

[Arkadiusz Miśkiewicz]

On Wednesday 21 of March 2018, Arkadiusz Miśkiewicz wrote:
> On Monday 19 of March 2018, Aki Tuomi wrote:
> > https://dovecot.org/releases/2.2/dovecot-2.2.35.tar.gz
> > https://dovecot.org/releases/2.2/dovecot-2.2.35.tar.gz.sig
> 
> [...]
> 
> >     - Fix local name handling in v2.2.34 SNI code, bug found by cPanel.
> 
> That change broke handling of such entries
> 
> local_name *.example.com {
>   ssl_cert = </etc/certs/aaa.pem
>   ssl_key = </etc/certs/aaa.pem
> }
> 
> and for connection with pop3.example.com in TLS SNI default certificate is
> presented instead of domain specific one.
> 
> Reverting
> 
> commit 446c0b02a7802b676e893ccc4934fc7318d950ea
> Author: Aki Tuomi <aki.tuomi at dovecot.fi>
> Date:   Tue Mar 6 15:15:01 2018 +0200
> 
>     lib-master: Correctly match when local_name has multiple names
> 
>     Reported by J. Nick Koston <nick at cpanel.net>
> 
> 
> fixes the problem.

And proper fix:

--- dovecot-2.2.35/src/lib-master/master-service-settings-cache.c	2018-03-21 10:15:09.097480691 +0100
+++ dovecot-2.2.35/src/lib-master/master-service-settings-cache.c~	2018-03-19 10:30:01.000000000 +0100
@@ -131,7 +131,7 @@ match_local_name(const char *local_name,
 			return TRUE;
 		local_name = ptr+1;
 	}
-	return dns_match_wildcard(filter_local_name, local_name) == 0;
+	return dns_match_wildcard(local_name, filter_local_name) == 0;
 }
 
 /* Remove any elements which there is no filter for */


-- 
Arkadiusz Miśkiewicz, arekm / ( maven.pl | pld-linux.org )