IPv6-ChangeLog   [plain text]

ChangeLog for Dean Strik's IPv6 patch for Postfix. The patch is based on
PLD's patch, which in turn seems to be based on KAME's. For more information:



Version 1.25	Postfix release 2.1.3
		Postfix release 2.0.20
		Postfix snapshot 2.2-20040616

	Bugfix: Misplaced myfree() caused a small memory leak. Reported
	by Christian von Roques.
	File: util/match_ops.c

	Removed the colon (:) from the characters XFORWARD replaces by
	a question mark (IPv6 addresses looked like 2001?610?1108?5010??1
	in logging). Reported by Philipp Morger.
	File: smtpd/smtpd.c

Version 1.24	Postfix release 2.1.1
		Postfix release 2.0.20
		Postfix snapshot 2.0.19-20040312
		Postfix snapshot 2.2-20040504

	Bugfix: Prefixlen non-null host portion validation (in CIDR maps
	for example) yielded incorrect results sometimes because signed
	arithmetic was used instead of unsigned.
	File: util/match_ops.c

	Patch correction: The TLS+IPv6 patch for Postfix 2.1.0 missed
	the master.cf update (used for new installations). Added it

Version 1.23	Postfix release 2.1.0
		Postfix release 2.0.20
		Postfix snapshot 2.0.19-20040312

	Patch fixes: Several code fixes to make the patch compile
	and work correctly when compiled without IPv6 support.

	Bugfix (Solaris only?): address family length was not updated
	which could cause client hostname validation errors.
	File: smtpd/smtpd_peer.c

	Portability: added support for Darwin 7.3+. This may need
	some further testing.

	Cleanup: Restructure and redocument interface address
	retrieval functions. (This reduced the number of preprocessor
	statements from 99 to 93 ;)
	File: util/inet_addr_local.c

	Cleanup: make several explicit casts to have compilers shut
	their pie holes about uninteresting things.

Version 1.22	Postfix release 2.0.19
		Postfix snapshot 2.0.19-20040312

	Feature: Support "inet_interfaces = IPv4:all" and
	"inet_interfaces = IPv6:all", to restrict postfix to use
	either IPv4-only or IPv6-only. A more complete implementation
	will be part of a future patch. (Slightly modified) patch by
	Michal Ludvig, SuSE.
	Files: util/interfaces_to_af.[ch], util/inet_addr_local.c,
	global/own_inet_addr.c, global/wildcard_inet_addr.[ch],

	Bugfix: In Postfix snapshots, a #define was misplaced with
	the effect that IPv6 subnets were not included in auto-
	generated $mynetworks (i.e., mynetworks not defined in main.cf,
	when also mynetworks_style=subnet) on Linux 2.x systems.
	File: utils/sys_defs.h

Version 1.21a	Postfix snapshots 2.0.18-2004{0122,0205,0209}

	TLS/snapshot version: Update TLS patch to 0.8.18-20040122.
	Performed as a total repatch. 0.8.18 is cleaner with tls_*
	variables if TLS is not actually compiled in.

Version 1.21	Postfix releases 2.0.18 - 2.0.19
		Postfix snapshot 2.0.16-20031231

	Bugfix: The SMTP client could fail to setup a connection,
	erroring with a bogus "getaddrinfo(...): hostname nor servname
	provided" warning, because the wrong address was selected.
	File: smtp/smtp_connect.c

	Safety: in dynamically growing data structures, update the
	length info after (instead of before) updating the data size.
	File: util/inet_addr_list.c

Version 1.20	Postfix release 2.0.16
		Postfix snapshot 2.0.16-20031207

	Bugfix: The SMTP client would abort when binding to specific
	IPv6 addresses.
	File: smtp/smtp_connect.c

	Synchronisation/bugfix: LMTP source address binding is identical
	to the SMTP source binding setup, avoiding the need for
	lmtp_bind_address(6) if inet_interfaces is set to a single
	host for an address family.
	File: lmtp/lmtp_connect.c

Version 1.19	Postfix release 2.0.16
		Postfix snapshot 2.0.16-20031207

	Bugfix: Synchronisation of TLS patches in snapshots of 1.18[ab]
	was not complete, causing a crash of smtpd if used with the new
	proxy agent.
	File: smtpd/smtpd.c

	Bugfix: SMTP source address binding based on a single hostname
	in inet_interfaces did not work since the code counted IPv4 and
	IPv6 addresses instead of only the used address family. Fixed,
	thereby no longer requiring exact specification of
	smtp_bind_address(6) in this case.
	File: smtp/smtp_connect.c

	Bugfix: The QMQP sink server did not compile correctly. This
	program, part of smtpstone tools, is not compiled or installed
	by default.
	File: smtpstone/qmqp-sink.c

	Bugfix: NI_WITHSCOPEID was not correctly defined everywhere,
	which could result in EAI_BADFLAGS. Changed location of
	definition to correct it.
	Files: util/sys_defs.h, util/inet_addr_list.h

Version 1.18b	Postfix snapshot 2.0.16-20030921

	IPv6 support: Added IPv6-enabled code to the new snapshot
	check_*_{ns,mx}_access restrictions.
	File: smtpd/smtpd_check.c

Version 1.18a	Postfix release 2.0.16

	Update (TLS patches): Updated Lutz Jaenicke's TLS patch to
	version 0.8.16. See pfixtls/ChangeLog for details.
	Diff contributed by Tuomo Soini.

	The TLS+IPv6 patch now contains the original TLS patch
	documentation from Lutz Jaenicke.

Version 1.18	Postfix releases 2.0.14 - 2.0.15
		Postfix snapshot 2.0.14-20030812

	Bugfix: Perform actual hostname verification in the SMTP
	and QMTP servers. This was never supported in the IPv6
	patch. Reported by Wolfgang S. Rupprecht.
	Files: smtpd/smtpd_peer.c, qmqpd/qmqpd_peer.c

	IPv6 address ranges using address/prefixlength (e.g. in
	mynetworks and access maps) should be written as
	[ipv6:addr:ess]/plen (e.g. [fec0:10:20::]/48). The old
	supported syntax, [ipv6:addr:ess/plen] is deprecated and
	support will be removed in a later version.
	Thanks to Dr. Peter Bieringer and Pekka Savola for discussion.
	Files: util/match_ops.c, global/mynetworks.c

	Explicitly prefer IPv6 over IPv4 addresses when delivering
	to a host when MX lookups are disabled when SMTP address
	randomization is on (default).
	File: smtp/smtp_addr.c

	Compliance: write IPv6 address literals in mail headers 
	as [IPv6:addr] instead of [addr] as per RFC 2821:4.1.3
	tagging requirement, for example [IPv6:fec0:10:20::1].
	Pointed out by Dr. Peter Bieringer.
	Files: smtpd/smtpd{,_peer,_state}.c, smtpd/smtpd.h

Version 1.17	Postfix release 2.0.13, 2.0.14
		Postfix snapshot 2.0.13-20030706, 2.0.14-20030812

	Bugfix: Two memory allocation/deallocation bugs were
	introduced in patch 1.16. The impact of these bugs could
	be 'arbitrary' memory corruption.
	File: util/match_ops.c

Version 1.16	Postfix release 2.0.13
		Postfix snapshot 2.0.13-20030706

	Cleanup: rewrote match_ops.c. This rewrite is partly based on
	patch by Takahiro Igarashi. The rewrite enables some better
	handling of scoped addresses, and drops all GPL code from the
	patch, easying license considerations. Also, allowed for
	use of this code by the CIDR maps.
	Files: util/match_ops.[ch]

	Bugfix: correctly relay for scoped unicast addresses when
	applicable. Until now, while Postfix was able to recognize
	scoped addresses, it was not able to see e.g. fe80::10%fxp0
	as local in mynetworks validation.  KAME-only code.
	(I've never heard of people using scoped addresses (think
	link-local addresses) for mail relaying though...)
	Files: util/inet_addr_list.[ch]

	Feature (snapshot only): rewrote CIDR maps code to support
	IPv6 addresses, using new match_ops code. Allow the use
	of [::/0] since it allows one to easily disable further
	checks for IPv6 addresses.
	File: util/dict_cidr.c

	Consistency: require IPv6 addresses in inet_interfaces to
	be enclosed in square brackets.
	File: util/inet_addr_host.c

	Bugfix: (Linux2-only) A #define was misspelled. This could
	lead to Postfix being unable to read the system's local IPv6
	addresses (e.g. when using inet_interfaces).
	Spotted by Jochen Friedrich.
	File: util/sys_defs.h

	Cleanup: require non-null host portion in CIDR /
	prefixlength notations for IPv6 (was IPv4-only).

Version 1.15a	Postfix release 2.0.13

	Update (TLS patches): Updated Lutz Jaenicke's TLS patch
	to version 0.8.15. This version introduces new options
	for managing SASL mechanisms. More information at:
	Diff contributed by Tuomo Soini.

Version 1.15	Postfix release 2.0.12, 2.0.13
		Postfix snapshot 2.0.12-20030621

	Bugfix (TLS-snapshots only): a change in Postfix snapshot
	2.0.11-20030609 broke initialisation of TLS in smtpd,
	causing TLS to both be unadvertised and unaccepted.
	This was fixed again by reordering initialisation.
	File: smtpd/smtpd.c

	Update (TLS patches): Updated Lutz Jaenicke's TLS patch
	to version 0.8.14. This version introduces a few fixes and
	uses USE_SSL instead of HAS_SSL. More information at:
	Diff contributed by Tuomo Soini.

	Bugfix (Postfix releases only - this was already added to
	the snapshots in patch 1.14). KAME derived systems only.
	Correctly decode scoped addresses, including network
	interface specifiers.
	File: util/inet_addr_local.c

Version 1.14	Postfix releases 2.0.9, 2.0.10, 2.0.11, 2.0.12
		Postfix snapshots 2.0.9-20030424, 2.0.10-20030521,
				  2.0.11-20030609, 2.0.12-20030611

	Patch change: made the patch available as an IPv6-only
	patch (i.e., without the TLS code). This on popular
	request by users and packagers.
	A TLS+IPv6 version is still available of course.

	Bugfix: correctly decode scoped addresses from now on
	(KAME derived systems only). I think the original code
	was written by Itojun, so I'm rather puzzled that it
	didn't work...
	File: util/inet_addr_local.c

	Bugfix/portability: Recent KAME snapshots return both
	TCP and SCTP address information on getaddrinfo() if
	no protocol was specified. This causes the socket counts
	to be wrong, confusing child processes.
	Merged patch by JINMEI Tatuya of KAME to fix this.
	Files: master/master.h, master/master_{ent,conf}.[ch],

	Documentation: added an IPV6_README file to the patch.
	This file contains the primary documentation. Also,
	added a sample-ipv6.cf to describe the (currently few)
	IPv6 related main.cf parameters.

	Bugfix: the netmask structures for the *unsupported*
	platforms (boldly assume /64) were added to the wrong
	list (addresses instead of masks). This bug did not affect
	any supported platform though.
	File: util/inet_addr_local.c

	Portability: added support for HP/Compaq Tru64Unix V5.1
	and later. (compiled with CompaqCC only).
	Thanks to Sten Spans for providing root access to an
	IPv6-connected Tru64 testing machine.

Version 1.13	Postfix releases 2.0.4 - 2.0.9
		Postfix snapshots 2.0.3-20030126 - 2.0.7-20030319

	Bugfix: Due to a missing storage pointer, DNS lookup
	results in the permit_mx_backups code were not processed,
	and smtpd would likely crash.
	Thanks to Wouter de Jong for reporting the crashes.
	File: smtpd/smtpd_check.c

	Incompatible change: The addresses given to the parameters
	smtp_bind_address6 and lmtp_bind_address6 now need to be
	enclosed in square brackets for consistency.
	Files: [ls]mtp/[ls]mtp_connect.c

Version 1.12	Postfix releases 2.0.2, 2.0.3
		Postfix snapshots 2.0.2-20030115, 2.0.3-20030126

	Bugfix/workaround (Solaris): A simplified comparison
	function for Solaris' qsort() function, would result
	in corruption of network addresses in the SMTP client.
	Fixed. Reported with possible fix by Edvard Tuinder.
	File: smtp/smtp_addr.c

Version 1.11	Postfix releases 2.0.0.x, 2.0.1, 2.0.2
		Postfix snapshots 2.0.0-20030105, 2.0.1-20030112

	Bugfix (Solaris): Properly initialize lifconf structure
	when requesting host interface addresses. If you get
	warnings about SIOCGLIFCONF with earlier versions,
	please upgrade.
	File: util/inet_addr_local.c

	Patch fix: fixed compilation errors in case the patch is
	applied but built without IPv6 support (i.e., on unsupported

Version 1.10	Postfix snapshots 1.1.12-200212{19,21}
		Postfix releases 2.0.0, 2.0.0.{1,2}
		Postfix snapshots 2.0.0-20021223 - 2.0.0-20030101

	'Bugfix': don't show spurious warnings on Linux systems
	about missing /proc/net/if_inet6 unless verbose mode
	is enabled.
	File: util/inet_addr_local.c

	Bugfix: If unable to create a socket for a specific adress
	in the SMTP client (e.g., when trying to create an IPv6
	connection while the local host has no configured IPv6
	addresses), then stop the attempt.
	File: smtp/smtp_connect.c

	Small bugfix: never query DNS for <localpart@[domain.tld]>.
	This syntax now correctly generates an error immediately.
	File: global/resolve_local.c

	Updated TLS patch to 0.8.12-1.1.12-20021219-0.9.6h, fixing
	a bug with "sendmail -bs".

Version 1.9	Postfix version 1.1.11-20021115
		Postfix version 1.1.12-2002{1124,1209-1213}

	Bugfix: with getifaddrs() code (*BSD, linux-USAGI), IPv4
	netmasks were set to /32 effectively. Work around broken
	netmask data structures (*BSD only perhaps).

	Bugfix: same data corruption in another place created
	entirely wrong IPv4 netmasks. Work around broken

	New code was added for correct IPv6 netmasks. The original
	code did not contain IPv6 netmask support at all!
	For Solaris, use SIOCGLIF*; Linux: /proc/net/if_inet6.
	Getifaddrs() support is used otherwise. This should cover
	all supported systems. Other systems also work, prefix
	length is always set to /64 then.

	Since there are no classes (context: Class A, class B etc
	networks) with IPv6, default to IPv6 subnet style if the
	mynetworks style is 'class'. I recommend against this style

	Added support to display IPv6 nets mynetworks output.

Version 1.8	Postfix version 1.1.11-200211{01,15}

	An earlier author of the patch made a typo in the GAI_STRERROR()
	macro, resulting in bogus error messages when checking for
	PTR records. Fixed.

	IPv4-mapped addresses in the smtpd are converted to true IPv4
	addresses just after the connection has been made. This means
	that all IPv4-mapped addresses are now logged as true IPv4
	addresses. Hence beside RBL checks, also access maps now treat
	IPv4-mapped addresses as native IPv4. Note that ::ffff:...
	entries in your access tables will no longer work.

	You can now specify IPv6 'parent' networks in your access maps,
	e.g. to reject all mail from 3ffe:200:... nodes, add the line
		3ffe:200	REJECT
	Use of trailing colons is discouraged because postmap will
	warn about it possibly being an alias...
	NOTE: I'll soon obsolete this again in favor of the more
	common address/len notation. This was just so trivial to add
	that it didn't hurt and I needed it :)

	For easy reference, the version of the TLS/IPv6 patch can be
	dynamically queried using the  tls_ipv6_version  variable.
	This gives the short version (like, "1.8").

	The service bind address for 'inet' sockets in master.cf (e.g.,
	smtpd), must be enclosed in square brackets '[..]' for IPv6
	addresses. The old style (without brackets) still works but is
	unsupported and may be removed in the future. Example
	    [::1]:smtp inet n - n - - smtpd

Version 1.7	Postfix version 1.1.11-20021029 - 1.1.11-20021101

	Postfix' SMTP client performs randomization of MX addresses
	when sending mail. This however could result in A records
	being used before AAAA records. This has been corrected.

	Note that from Postfix version 1.1.11-20021029 on, there is
	a  proxy_interfaces  parameter. This has of course not been
	ported to IPv6 addresses...

Version 1.6	Postfix version 1.1.11-20020928

	Added IPv6 support for backup_mx_networks feature; also the
	behaviour when DNS lookups fail when checking whether the
	local host is an MX for a domain conforms to the IPv4 case:
	defer rather than allow.

Version 1.5	Postfix version 1.1.11-20020917

	I introduced two bugs when I rewrote my older LMTP IPv6 patch.
	These bugs effectively rendered LMTP useless. Now fixed.
	Bugs spotted by Kaj Niemi.

	Now supports Solaris 8 and 9. Due to lack of testing equipment,
	this has been only tested in production on Solaris 9, both
	with gcc and the Sun Workshop Compiler.

Version 1.4	Postfix version 1.1.11-20020822 - 1.1.11-20020917

	OpenBSD (>=200003) and FreeBSD release 4 and up now use
        getifaddrs(). This makes for cleaner code. The old code
	seems to be bug-ridden anyway.

	Got rid of some compiler warnings. Should be cleaner on
	Alpha as well now. Thanks to Sten Spans for providing me
	access to an Alpha running FreeBSD4.

	Fixed an old bug in smtpd memory alloation if you compiled
	without IPv6 support (the wrong buffer size was used. This
	was harmless for IPv6-enabled compiles since the sizes were
	equal then).

	Added ChangeLog to the patch (as IPv6-ChangeLog) (this
	was absent in 1.3 contrary to docs).

Version 1.3	Postfix version 1.1.11-20020613 - 1.1.11-20020718

	FYI: In postfix version 1.1.11-20020718, DNS lookups for
	AAAA can be done natively. The code matches the code in
	the patch (though the #ifdef changed from INET6 to T_AAAA).
	This change causes the patch for 1.1.11-20020718 to be a
	bit smaller.

Version 1.2	Postfix version 1.1.11-20020613

	Added IPv6 support for the LMTP client.

	Added lmtp_bind_address and lmtp_bind_address6 parameters,
	similar to those for smtp.

	Added IPv6 support for the QMQP server.

Version 1.1	Postfix version 1.1.11-20020602 - 1.1.11-20020613

	Added parameter smtp_bind_address6. By using this parameter,
	it is possible to bind to an IPv6 address, independently of
	IPv4 address binding.

	Lutz fixed a bug in his TLS patch regarding SASL. Incorporated.

Version 1.0.x	Postfix version 1.1.8-20020505 - 1.1.11-20020602

	Patch derived from PLD's IPv6 patch for Postfix, revision 1.10
	which applied to early Postfix snapshots 1.1.x. Updated this
	patch to apply to 1.1.8-20020505.

	Added compile-time checks for SS_LEN. Some Linux installations,
	and maybe other systems, do define SA_LEN, but not SS_LEN.

	Several updates of postfix snapshots.