v2.2.35 released
Aki Tuomi
aki.tuomi at dovecot.fi
Wed Mar 21 11:24:32 EET 2018
On 21.03.2018 11:23, Arkadiusz Miśkiewicz wrote:
> On Wednesday 21 of March 2018, Arkadiusz Miśkiewicz wrote:
>> On Monday 19 of March 2018, Aki Tuomi wrote:
>>> https://dovecot.org/releases/2.2/dovecot-2.2.35.tar.gz
>>> https://dovecot.org/releases/2.2/dovecot-2.2.35.tar.gz.sig
>> [...]
>>
>>> - Fix local name handling in v2.2.34 SNI code, bug found by cPanel.
>> That change broke handling of such entries
>>
>> local_name *.example.com {
>> ssl_cert = </etc/certs/aaa.pem
>> ssl_key = </etc/certs/aaa.pem
>> }
>>
>> and for connection with pop3.example.com in TLS SNI default certificate is
>> presented instead of domain specific one.
>>
>> Reverting
>>
>> commit 446c0b02a7802b676e893ccc4934fc7318d950ea
>> Author: Aki Tuomi <aki.tuomi at dovecot.fi>
>> Date: Tue Mar 6 15:15:01 2018 +0200
>>
>> lib-master: Correctly match when local_name has multiple names
>>
>> Reported by J. Nick Koston <nick at cpanel.net>
>>
>>
>> fixes the problem.
> And proper fix:
>
> --- dovecot-2.2.35/src/lib-master/master-service-settings-cache.c 2018-03-21 10:15:09.097480691 +0100
> +++ dovecot-2.2.35/src/lib-master/master-service-settings-cache.c~ 2018-03-19 10:30:01.000000000 +0100
> @@ -131,7 +131,7 @@ match_local_name(const char *local_name,
> return TRUE;
> local_name = ptr+1;
> }
> - return dns_match_wildcard(filter_local_name, local_name) == 0;
> + return dns_match_wildcard(local_name, filter_local_name) == 0;
> }
>
> /* Remove any elements which there is no filter for */
>
>
Thanks for catching this, seems we are missing this in our tests.
Aki
More information about the dovecot
mailing list