CVS commit: src/external/ibm-public/postfix/dist/src/xsasl

2021-02-05 Thread Joerg Sonnenberger 
Module Name:src
Committed By:   joerg
Date:   Fri Feb  5 21:45:24 UTC 2021

Modified Files:
src/external/ibm-public/postfix/dist/src/xsasl: xsasl_saslc_client.c

Log Message:
Pass strings to %s arguments, not void *.


To generate a diff of this commit:
cvs rdiff -u -r1.1 -r1.2 \
src/external/ibm-public/postfix/dist/src/xsasl/xsasl_saslc_client.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/ibm-public/postfix/dist/src/xsasl/xsasl_saslc_client.c
diff -u src/external/ibm-public/postfix/dist/src/xsasl/xsasl_saslc_client.c:1.1 src/external/ibm-public/postfix/dist/src/xsasl/xsasl_saslc_client.c:1.2
--- src/external/ibm-public/postfix/dist/src/xsasl/xsasl_saslc_client.c:1.1	Sat Feb 12 19:07:09 2011
+++ src/external/ibm-public/postfix/dist/src/xsasl/xsasl_saslc_client.c	Fri Feb  5 21:45:24 2021
@@ -1,4 +1,4 @@
-/*	$NetBSD: xsasl_saslc_client.c,v 1.1 2011/02/12 19:07:09 christos Exp $	*/
+/*	$NetBSD: xsasl_saslc_client.c,v 1.2 2021/02/05 21:45:24 joerg Exp $	*/
 
 /*++
 /* NAME
@@ -167,8 +167,10 @@ xsasl_saslc_client_first(
 		return XSASL_AUTH_FAIL;
 	}
 	vstring_strcpy(init_resp, outlen ? out : "");
-	if (msg_verbose)
-		msg_info("%s: client_reply='%s'", __func__, outlen ? out : "");
+	if (msg_verbose) {
+		msg_info("%s: client_reply='%s'", __func__,
+		outlen ? (const char *)out : "");
+	}
 
 	if (outlen > 0)
 		memset(out, 0, outlen);		/* XXX: silly? */
@@ -201,9 +203,10 @@ xsasl_saslc_client_next(XSASL_CLIENT *xp
 		return XSASL_AUTH_FAIL;
 	}
 	vstring_strcpy(client_reply, outlen ? out : "");
-	if (msg_verbose)
+	if (msg_verbose) {
 		msg_info("%s: client_reply='%s'", __func__,
-		outlen ? out : "");
+		outlen ? (const char *) out : "");
+	}
 
 	if (outlen > 0)
 		memset(out, 0, outlen);		/* XXX: silly? */

CVS commit: src/external/ibm-public/postfix/dist/src/smtpd

2020-09-25 Thread Christos Zoulas 
Module Name:src
Committed By:   christos
Date:   Fri Sep 25 12:52:13 UTC 2020

Modified Files:
src/external/ibm-public/postfix/dist/src/smtpd: smtpd.c

Log Message:
Notify blacklistd about smtp auth failures (Jeff Rizzo)


To generate a diff of this commit:
cvs rdiff -u -r1.17 -r1.18 \
src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c
diff -u src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c:1.17 src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c:1.18
--- src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c:1.17	Wed Mar 18 15:05:20 2020
+++ src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c	Fri Sep 25 08:52:12 2020
@@ -1,4 +1,4 @@
-/*	$NetBSD: smtpd.c,v 1.17 2020/03/18 19:05:20 christos Exp $	*/
+/*	$NetBSD: smtpd.c,v 1.18 2020/09/25 12:52:12 christos Exp $	*/
 
 /*++
 /* NAME
@@ -5795,6 +5795,8 @@ static void smtpd_proto(SMTPD_STATE *sta
 		   || strcmp(state->reason, REASON_LOST_CONNECTION)) {
 	msg_info("%s after %s from %s",
 		 state->reason, state->where, state->namaddr);
+	if (strcmp(state->where, SMTPD_CMD_AUTH) == 0)
+		pfilter_notify(1, vstream_fileno(state->client));
 	}
 }

CVS commit: src/external/ibm-public/postfix/dist

2020-05-25 Thread Christos Zoulas 
Module Name:src
Committed By:   christos
Date:   Mon May 25 23:47:14 UTC 2020

Modified Files:
src/external/ibm-public/postfix/dist: makedefs
src/external/ibm-public/postfix/dist/html: postconf.5.html
src/external/ibm-public/postfix/dist/man/man1: postfix.1
src/external/ibm-public/postfix/dist/man/man5: postconf.5
src/external/ibm-public/postfix/dist/proto: postconf.proto
src/external/ibm-public/postfix/dist/src/dns: dns.h dns_lookup.c
src/external/ibm-public/postfix/dist/src/global: mail_params.c
mail_params.h mail_version.h
src/external/ibm-public/postfix/dist/src/milter: milter.c
src/external/ibm-public/postfix/dist/src/postfix: postfix.c
src/external/ibm-public/postfix/dist/src/smtpd: smtpd_check.c
src/external/ibm-public/postfix/dist/src/tls: tls_session.c
src/external/ibm-public/postfix/dist/src/tlsproxy: tlsproxy.c
src/external/ibm-public/postfix/dist/src/util: midna_domain.c
midna_domain.h

Log Message:
merge conflicts


To generate a diff of this commit:
cvs rdiff -u -r1.13 -r1.14 src/external/ibm-public/postfix/dist/makedefs
cvs rdiff -u -r1.16 -r1.17 \
src/external/ibm-public/postfix/dist/html/postconf.5.html
cvs rdiff -u -r1.3 -r1.4 \
src/external/ibm-public/postfix/dist/man/man1/postfix.1
cvs rdiff -u -r1.16 -r1.17 \
src/external/ibm-public/postfix/dist/man/man5/postconf.5
cvs rdiff -u -r1.16 -r1.17 \
src/external/ibm-public/postfix/dist/proto/postconf.proto
cvs rdiff -u -r1.3 -r1.4 src/external/ibm-public/postfix/dist/src/dns/dns.h
cvs rdiff -u -r1.5 -r1.6 \
src/external/ibm-public/postfix/dist/src/dns/dns_lookup.c
cvs rdiff -u -r1.3 -r1.4 \
src/external/ibm-public/postfix/dist/src/global/mail_params.c \
src/external/ibm-public/postfix/dist/src/global/mail_version.h
cvs rdiff -u -r1.16 -r1.17 \
src/external/ibm-public/postfix/dist/src/global/mail_params.h
cvs rdiff -u -r1.3 -r1.4 \
src/external/ibm-public/postfix/dist/src/milter/milter.c
cvs rdiff -u -r1.3 -r1.4 \
src/external/ibm-public/postfix/dist/src/postfix/postfix.c
cvs rdiff -u -r1.3 -r1.4 \
src/external/ibm-public/postfix/dist/src/smtpd/smtpd_check.c
cvs rdiff -u -r1.2 -r1.3 \
src/external/ibm-public/postfix/dist/src/tls/tls_session.c
cvs rdiff -u -r1.3 -r1.4 \
src/external/ibm-public/postfix/dist/src/tlsproxy/tlsproxy.c
cvs rdiff -u -r1.3 -r1.4 \
src/external/ibm-public/postfix/dist/src/util/midna_domain.c \
src/external/ibm-public/postfix/dist/src/util/midna_domain.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/ibm-public/postfix/dist/makedefs
diff -u src/external/ibm-public/postfix/dist/makedefs:1.13 src/external/ibm-public/postfix/dist/makedefs:1.14
--- src/external/ibm-public/postfix/dist/makedefs:1.13	Wed Mar 18 15:05:13 2020
+++ src/external/ibm-public/postfix/dist/makedefs	Mon May 25 19:47:13 2020
@@ -228,6 +228,19 @@ case $# in
  *) echo usage: $0 [system release] 1>&2; exit 1;;
 esac
 
+case "$SYSTEM" in
+ Linux)
+case "`PATH=/bin:/usr/bin ldd /bin/sh`" in
+ *-musl-*)
+	case "$CCARGS" in
+	 *-DNO_DNSSEC*) ;;
+	 *) echo Warning: libc-musl breaks DANE/TLSA security. 1>&2
+	echo This build will not support DANE/TLSA. 1>&2
+	CCARGS="$CCARGS -DNO_DNSSEC";;
+	esac;;
+esac;;
+esac
+
 case "$SYSTEM.$RELEASE" in
SCO_SV.3.2)	SYSTYPE=SCO5
 		# Use the native compiler by default
@@ -1136,7 +1149,7 @@ esac
 : ${CC=gcc} ${OPT='-O'} ${DEBUG='-g'} ${AWK=awk} \
 ${WARN='-Wall -Wno-comment -Wformat -Wimplicit -Wmissing-prototypes \
 	-Wparentheses -Wstrict-prototypes -Wswitch -Wuninitialized \
-	-Wunused -Wno-missing-braces'}
+	-Wunused -Wno-missing-braces -fcommon'}
 
 # Extract map type names from -DHAS_XXX compiler options.  We avoid
 # problems with tr(1) range syntax by using enumerations instead,

Index: src/external/ibm-public/postfix/dist/html/postconf.5.html
diff -u src/external/ibm-public/postfix/dist/html/postconf.5.html:1.16 src/external/ibm-public/postfix/dist/html/postconf.5.html:1.17
--- src/external/ibm-public/postfix/dist/html/postconf.5.html:1.16	Wed Mar 18 15:05:14 2020
+++ src/external/ibm-public/postfix/dist/html/postconf.5.html	Mon May 25 19:47:13 2020
@@ -6329,7 +6329,7 @@ whitespace. 
 
 
 maillog_file_rotate_suffix
-(default: %Y%M%d-%H%M%S)
+(default: %Y%m%d-%H%M%S)
 
  The format of the suffix to append to $maillog_file while rotating
 the file with "postfix logrotate". See strftime(3) for syntax. The

Index: src/external/ibm-public/postfix/dist/man/man1/postfix.1
diff -u src/external/ibm-public/postfix/dist/man/man1/postfix.1:1.3 src/external/ibm-public/postfix/dist/man/man1/postfix.1:1.4
--- src/external/ibm-public/postfix/dist/man/man1/postfix.1:1.3	Wed Mar 18 15:05:14 2020
+++ src/external/ibm-public/postfix/dist/man/man1/postfix.1	Mon May 25 19:47:13 2020
@@ -1,4 +1,4 @@
-.\"	$NetBSD: post

CVS commit: src/external/ibm-public/postfix/dist/src/smtpd

2018-01-31 Thread Christos Zoulas 
Module Name:src
Committed By:   christos
Date:   Thu Feb  1 03:32:00 UTC 2018

Modified Files:
src/external/ibm-public/postfix/dist/src/smtpd: smtpd.c

Log Message:
give one more reply to the client before we potentially block it.


To generate a diff of this commit:
cvs rdiff -u -r1.15 -r1.16 \
src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c
diff -u src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c:1.15 src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c:1.16
--- src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c:1.15	Wed Jan 31 22:29:41 2018
+++ src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c	Wed Jan 31 22:32:00 2018
@@ -1,4 +1,4 @@
-/*	$NetBSD: smtpd.c,v 1.15 2018/02/01 03:29:41 christos Exp $	*/
+/*	$NetBSD: smtpd.c,v 1.16 2018/02/01 03:32:00 christos Exp $	*/
 
 /*++
 /* NAME
@@ -5050,9 +5050,9 @@ static void smtpd_proto(SMTPD_STATE *sta
 	if (state->error_count >= var_smtpd_hard_erlim) {
 		state->reason = REASON_ERROR_LIMIT;
 		state->error_mask |= MAIL_ERROR_PROTOCOL;
-		pfilter_notify(1, vstream_fileno(state->client));
 		smtpd_chat_reply(state, "421 4.7.0 %s Error: too many errors",
  var_myhostname);
+		pfilter_notify(1, vstream_fileno(state->client));
 		break;
 	}
 	watchdog_pat();

CVS commit: src/external/ibm-public/postfix/dist/conf

2017-02-20 Thread Paul Goyette 
Module Name:src
Committed By:   pgoyette
Date:   Tue Feb 21 01:13:21 UTC 2017

Modified Files:
src/external/ibm-public/postfix/dist/conf: main.cf

Log Message:
Set the smtputf8_enable switch to "no" for now, since we are build without
EAI support.


To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 src/external/ibm-public/postfix/dist/conf/main.cf

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/ibm-public/postfix/dist/conf/main.cf
diff -u src/external/ibm-public/postfix/dist/conf/main.cf:1.6 src/external/ibm-public/postfix/dist/conf/main.cf:1.7
--- src/external/ibm-public/postfix/dist/conf/main.cf:1.6	Tue Feb 14 01:16:43 2017
+++ src/external/ibm-public/postfix/dist/conf/main.cf	Tue Feb 21 01:13:21 2017
@@ -1,4 +1,4 @@
-#	$NetBSD: main.cf,v 1.6 2017/02/14 01:16:43 christos Exp $
+#	$NetBSD: main.cf,v 1.7 2017/02/21 01:13:21 pgoyette Exp $
 #
 # Global Postfix configuration file. This file lists only a subset
 # of all parameters. For the syntax, and for a complete parameter
@@ -31,6 +31,9 @@
 #
 compatibility_level = 2
 
+# On NetBSD we are built without EAI support, so we must disable utf8
+smtputf8_enable=no
+
 # SOFT BOUNCE
 #
 # The soft_bounce parameter provides a limited safety net for

CVS commit: src/external/ibm-public/postfix/dist/src/util

2017-02-19 Thread Rin Okuyama 
Module Name:src
Committed By:   rin
Date:   Mon Feb 20 05:43:12 UTC 2017

Modified Files:
src/external/ibm-public/postfix/dist/src/util: sys_defs.h

Log Message:
We have getifaddrs(3) since NetBSD 1.5, regardless of whether IPv6 is
supported or not.


To generate a diff of this commit:
cvs rdiff -u -r1.10 -r1.11 \
src/external/ibm-public/postfix/dist/src/util/sys_defs.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/ibm-public/postfix/dist/src/util/sys_defs.h
diff -u src/external/ibm-public/postfix/dist/src/util/sys_defs.h:1.10 src/external/ibm-public/postfix/dist/src/util/sys_defs.h:1.11
--- src/external/ibm-public/postfix/dist/src/util/sys_defs.h:1.10	Mon Feb 20 05:40:03 2017
+++ src/external/ibm-public/postfix/dist/src/util/sys_defs.h	Mon Feb 20 05:43:12 2017
@@ -1,4 +1,4 @@
-/*	$NetBSD: sys_defs.h,v 1.10 2017/02/20 05:40:03 rin Exp $	*/
+/*	$NetBSD: sys_defs.h,v 1.11 2017/02/20 05:43:12 rin Exp $	*/
 
 #ifndef _SYS_DEFS_H_INCLUDED_
 #define _SYS_DEFS_H_INCLUDED_
@@ -185,6 +185,8 @@
 || defined(USAGI_LIBINET6)
 #ifndef NO_IPV6
 #define HAS_IPV6
+#endif
+#if !defined(NO_IPV6) || defined(__NetBSD__)
 #define HAVE_GETIFADDRS
 #endif
 #endif

CVS commit: src/external/ibm-public/postfix/dist/src/util

2017-02-19 Thread Rin Okuyama 
Module Name:src
Committed By:   rin
Date:   Mon Feb 20 05:40:03 UTC 2017

Modified Files:
src/external/ibm-public/postfix/dist/src/util: sys_defs.h

Log Message:
correct obviously misplaced #endif


To generate a diff of this commit:
cvs rdiff -u -r1.9 -r1.10 \
src/external/ibm-public/postfix/dist/src/util/sys_defs.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/ibm-public/postfix/dist/src/util/sys_defs.h
diff -u src/external/ibm-public/postfix/dist/src/util/sys_defs.h:1.9 src/external/ibm-public/postfix/dist/src/util/sys_defs.h:1.10
--- src/external/ibm-public/postfix/dist/src/util/sys_defs.h:1.9	Tue Feb 14 01:16:49 2017
+++ src/external/ibm-public/postfix/dist/src/util/sys_defs.h	Mon Feb 20 05:40:03 2017
@@ -1,4 +1,4 @@
-/*	$NetBSD: sys_defs.h,v 1.9 2017/02/14 01:16:49 christos Exp $	*/
+/*	$NetBSD: sys_defs.h,v 1.10 2017/02/20 05:40:03 rin Exp $	*/
 
 #ifndef _SYS_DEFS_H_INCLUDED_
 #define _SYS_DEFS_H_INCLUDED_
@@ -187,6 +187,7 @@
 #define HAS_IPV6
 #define HAVE_GETIFADDRS
 #endif
+#endif
 
 #if (defined(__FreeBSD_version) && __FreeBSD_version >= 30) \
 || (defined(__NetBSD_Version__) && __NetBSD_Version__ >= 10300) \
@@ -212,8 +213,6 @@
 #endif
 #endif
 
-#endif
-
  /*
   * UNIX on MAC.
   */

CVS commit: src/external/ibm-public/postfix/dist/src/global

2017-02-15 Thread Christos Zoulas 
Module Name:src
Committed By:   christos
Date:   Wed Feb 15 16:42:16 UTC 2017

Modified Files:
src/external/ibm-public/postfix/dist/src/global: mail_params.h

Log Message:
set the default meta_directory where we are installing postfix-files.


To generate a diff of this commit:
cvs rdiff -u -r1.14 -r1.15 \
src/external/ibm-public/postfix/dist/src/global/mail_params.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/ibm-public/postfix/dist/src/global/mail_params.h
diff -u src/external/ibm-public/postfix/dist/src/global/mail_params.h:1.14 src/external/ibm-public/postfix/dist/src/global/mail_params.h:1.15
--- src/external/ibm-public/postfix/dist/src/global/mail_params.h:1.14	Mon Feb 13 20:16:45 2017
+++ src/external/ibm-public/postfix/dist/src/global/mail_params.h	Wed Feb 15 11:42:16 2017
@@ -1,4 +1,4 @@
-/*	$NetBSD: mail_params.h,v 1.14 2017/02/14 01:16:45 christos Exp $	*/
+/*	$NetBSD: mail_params.h,v 1.15 2017/02/15 16:42:16 christos Exp $	*/
 
 #ifndef _MAIL_PARAMS_H_INCLUDED_
 #define _MAIL_PARAMS_H_INCLUDED_
@@ -3925,7 +3925,7 @@ extern char *var_shlib_dir;
 
 #define VAR_META_DIR	"meta_directory"
 #ifndef DEF_META_DIR
-#define DEF_META_DIR	DEF_CONFIG_DIR
+#define DEF_META_DIR	DEF_DAEMON_DIR
 #endif
 extern char *var_meta_dir;

CVS commit: src/external/ibm-public/postfix/dist

2015-09-12 Thread Matthias Scheler 
Module Name:src
Committed By:   tron
Date:   Sat Sep 12 08:23:24 UTC 2015

Modified Files:
src/external/ibm-public/postfix/dist: makedefs
src/external/ibm-public/postfix/dist/README_FILES: TLS_README
src/external/ibm-public/postfix/dist/html: TLS_README.html
postconf.5.html
src/external/ibm-public/postfix/dist/man/man5: postconf.5
src/external/ibm-public/postfix/dist/proto: TLS_README.html
postconf.proto
src/external/ibm-public/postfix/dist/src/global: mail_params.h
src/external/ibm-public/postfix/dist/src/smtp: smtp.c
src/external/ibm-public/postfix/dist/src/smtpd: smtpd.c
src/external/ibm-public/postfix/dist/src/util: sys_defs.h

Log Message:
Resolve conflicts from last import


To generate a diff of this commit:
cvs rdiff -u -r1.10 -r1.11 src/external/ibm-public/postfix/dist/makedefs
cvs rdiff -u -r1.9 -r1.10 \
src/external/ibm-public/postfix/dist/README_FILES/TLS_README
cvs rdiff -u -r1.10 -r1.11 \
src/external/ibm-public/postfix/dist/html/TLS_README.html
cvs rdiff -u -r1.13 -r1.14 \
src/external/ibm-public/postfix/dist/html/postconf.5.html
cvs rdiff -u -r1.13 -r1.14 \
src/external/ibm-public/postfix/dist/man/man5/postconf.5
cvs rdiff -u -r1.9 -r1.10 \
src/external/ibm-public/postfix/dist/proto/TLS_README.html
cvs rdiff -u -r1.13 -r1.14 \
src/external/ibm-public/postfix/dist/proto/postconf.proto
cvs rdiff -u -r1.12 -r1.13 \
src/external/ibm-public/postfix/dist/src/global/mail_params.h
cvs rdiff -u -r1.8 -r1.9 src/external/ibm-public/postfix/dist/src/smtp/smtp.c
cvs rdiff -u -r1.12 -r1.13 \
src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c
cvs rdiff -u -r1.7 -r1.8 \
src/external/ibm-public/postfix/dist/src/util/sys_defs.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/ibm-public/postfix/dist/makedefs
diff -u src/external/ibm-public/postfix/dist/makedefs:1.10 src/external/ibm-public/postfix/dist/makedefs:1.11
--- src/external/ibm-public/postfix/dist/makedefs:1.10	Sat Jan 24 18:10:52 2015
+++ src/external/ibm-public/postfix/dist/makedefs	Sat Sep 12 08:23:23 2015
@@ -109,6 +109,8 @@ case $# in
  # Officially supported usage.
  0) SYSTEM=`(uname -s) 2>/dev/null`
 RELEASE=`(uname -r) 2>/dev/null`
+# No ${x%%y} support in Solaris 11 /bin/sh
+RELEASE_MAJOR=`expr "$RELEASE" : '\([0-9]*\)'` || exit 1
 VERSION=`(uname -v) 2>/dev/null`
 case "$VERSION" in
  dcosx*) SYSTEM=$VERSION;;
@@ -158,6 +160,9 @@ case "$SYSTEM.$RELEASE" in
 		;;
   FreeBSD.9*)	SYSTYPE=FREEBSD9
 		;;
+  FreeBSD.10*)	SYSTYPE=FREEBSD10
+		: ${CC=cc}
+		;;
  DragonFly.*)	SYSTYPE=DRAGONFLY
 		;;
   OpenBSD.2*)	SYSTYPE=OPENBSD2
@@ -362,7 +367,7 @@ EOF
 		   fi;;
 		esac
 		;;
-Linux.3*)	SYSTYPE=LINUX3
+  Linux.[34].*)	SYSTYPE=LINUX$RELEASE_MAJOR
 		case "$CCARGS" in
 		 *-DNO_DB*) ;;
 		 *-DHAS_DB*) ;;
@@ -470,7 +475,6 @@ ReliantUNIX-?.5.43) SYSTYPE=ReliantUnix5
 Darwin.*)   SYSTYPE=MACOSX
 		# Use the native compiler by default
 		: ${CC=cc}
-		CCARGS="$CCARGS \$(WARN)"
 		# Darwin > 1.3 uses awk and flat_namespace
 		case $RELEASE in
 		 1.[0-3]) AWK=gawk;;
@@ -624,7 +628,7 @@ esac
 # een burned once by a compiler that lies about what warnings it
 # produces, not taking that chance again.
 
-: ${CC='gcc $(WARN)'} ${OPT='-O'} ${DEBUG='-g'} ${AWK=awk} \
+: ${CC=gcc} ${OPT='-O'} ${DEBUG='-g'} ${AWK=awk} \
 ${WARN='-Wall -Wno-comment -Wformat -Wimplicit -Wmissing-prototypes \
 	-Wparentheses -Wstrict-prototypes -Wswitch -Wuninitialized \
 	-Wunused -Wno-missing-braces'}
@@ -647,7 +651,7 @@ AR	= $AR
 ARFL	= $ARFL
 RANLIB	= $RANLIB
 SYSLIBS	= $AUXLIBS $SYSLIBS
-CC	= $CC $CCARGS
+CC	= $CC $CCARGS \$(WARN)
 OPT	= $OPT
 DEBUG	= $DEBUG
 AWK	= $AWK

Index: src/external/ibm-public/postfix/dist/README_FILES/TLS_README
diff -u src/external/ibm-public/postfix/dist/README_FILES/TLS_README:1.9 src/external/ibm-public/postfix/dist/README_FILES/TLS_README:1.10
--- src/external/ibm-public/postfix/dist/README_FILES/TLS_README:1.9	Sun Jul  6 19:45:50 2014
+++ src/external/ibm-public/postfix/dist/README_FILES/TLS_README	Sat Sep 12 08:23:23 2015
@@ -569,13 +569,15 @@ use public-key fingerprints, upgrade to 
 
 SSeerrvveerr--ssiiddee cciipphheerr ccoonnttrroollss
 
-The Postfix SMTP server supports 5 distinct cipher security levels as specified
-by the smtpd_tls_mandatory_ciphers configuration parameter, which determines
-the cipher grade with mandatory TLS encryption. The default value is "medium"
-which is essentially 128-bit encryption or better. With opportunistic TLS
-encryption, the minimum accepted cipher grade is typically "export". The
-corresponding smtpd_tls_ciphers parameter (Postfix >= 2.6) controls the cipher
-grade used with opportunistic TLS.
+The Postfix SMTP server supports 5 distinct cipher grades as specified by the
+smtpd_tls_mandatory_cipher

CVS commit: src/external/ibm-public/postfix/dist/src/postconf

2015-02-21 Thread Matthias Scheler 
Module Name:src
Committed By:   tron
Date:   Sat Feb 21 12:00:49 UTC 2015

Modified Files:
src/external/ibm-public/postfix/dist/src/postconf: postconf_master.c

Log Message:
Resolve conflicts from last import.


To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 \
src/external/ibm-public/postfix/dist/src/postconf/postconf_master.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/ibm-public/postfix/dist/src/postconf/postconf_master.c
diff -u src/external/ibm-public/postfix/dist/src/postconf/postconf_master.c:1.3 src/external/ibm-public/postfix/dist/src/postconf/postconf_master.c:1.4
--- src/external/ibm-public/postfix/dist/src/postconf/postconf_master.c:1.3	Sun Jul  6 19:45:50 2014
+++ src/external/ibm-public/postfix/dist/src/postconf/postconf_master.c	Sat Feb 21 12:00:48 2015
@@ -1,4 +1,4 @@
-/*	$NetBSD: postconf_master.c,v 1.3 2014/07/06 19:45:50 tron Exp $	*/
+/*	$NetBSD: postconf_master.c,v 1.4 2015/02/21 12:00:48 tron Exp $	*/
 
 /*++
 /* NAME
@@ -275,7 +275,7 @@ static void pcf_check_master_entry(ARGV 
 for (field = PCF_MASTER_FLD_PRIVATE; field <= PCF_MASTER_FLD_CHROOT; field++) {
 	cp = argv->argv[field];
 	if (cp[1] != 0 || strchr(pcf_valid_bool_types, *cp) == 0)
-	pcf_fix_fatal("invalid %s field \%s\" in \"%s\"",
+	pcf_fix_fatal("invalid %s field \"%s\" in \"%s\"",
 			  pcf_str_field_pattern(field), cp, raw_text);
 }
 
@@ -284,12 +284,12 @@ static void pcf_check_master_entry(ARGV 
 if (len > 0 && cp[len - 1] == '?')
 	len--;
 if (!(cp[0] == '-' && len == 1) && strspn(cp, "0123456789") != len)
-	pcf_fix_fatal("invalid " PCF_MASTER_NAME_WAKEUP " field \%s\" in \"%s\"",
+	pcf_fix_fatal("invalid " PCF_MASTER_NAME_WAKEUP " field \"%s\" in \"%s\"",
 		  cp, raw_text);
 
 cp = argv->argv[PCF_MASTER_FLD_MAXPROC];
 if (strcmp("-", cp) != 0 && cp[strspn(cp, "0123456789")] != 0)
-	pcf_fix_fatal("invalid " PCF_MASTER_NAME_MAXPROC " field \%s\" in \"%s\"",
+	pcf_fix_fatal("invalid " PCF_MASTER_NAME_MAXPROC " field \"%s\" in \"%s\"",
 		  cp, raw_text);
 }

CVS commit: src/external/ibm-public/postfix/dist

2015-01-24 Thread Matthias Scheler 
Module Name:src
Committed By:   tron
Date:   Sat Jan 24 18:10:52 UTC 2015

Modified Files:
src/external/ibm-public/postfix/dist: makedefs
src/external/ibm-public/postfix/dist/src/cleanup: cleanup.h
src/external/ibm-public/postfix/dist/src/smtpd: smtpd.c

Log Message:
Resolve conflicts from last import.


To generate a diff of this commit:
cvs rdiff -u -r1.9 -r1.10 src/external/ibm-public/postfix/dist/makedefs
cvs rdiff -u -r1.6 -r1.7 \
src/external/ibm-public/postfix/dist/src/cleanup/cleanup.h
cvs rdiff -u -r1.11 -r1.12 \
src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/ibm-public/postfix/dist/makedefs
diff -u src/external/ibm-public/postfix/dist/makedefs:1.9 src/external/ibm-public/postfix/dist/makedefs:1.10
--- src/external/ibm-public/postfix/dist/makedefs:1.9	Sun Jul  6 19:45:50 2014
+++ src/external/ibm-public/postfix/dist/makedefs	Sat Jan 24 18:10:52 2015
@@ -491,9 +491,9 @@ ReliantUNIX-?.5.43) SYSTYPE=ReliantUnix5
 		 ?.*) CCARGS="$CCARGS -DRESOLVE_H_NEEDS_NAMESER8_COMPAT_H";;
 		   *) CCARGS="$CCARGS -DRESOLVE_H_NEEDS_ARPA_NAMESER_COMPAT_H";;
 		esac
-		# Darwin 12.x (MacOS X 10.8.x), maybe earlier, needs libresolv.
+		# Darwin 11.x (MacOS X 10.7.x), maybe earlier, needs libresolv.
 		case $RELEASE in
-	?.*|1[0-1].*) ;;
+		?.*|10.*) ;;
 		   *) SYSLIBS="$SYSLIBS -lresolv";;
 		esac
 		# kqueue and/or poll are broken in MacOS X 10.5 (Darwin 9).

Index: src/external/ibm-public/postfix/dist/src/cleanup/cleanup.h
diff -u src/external/ibm-public/postfix/dist/src/cleanup/cleanup.h:1.6 src/external/ibm-public/postfix/dist/src/cleanup/cleanup.h:1.7
--- src/external/ibm-public/postfix/dist/src/cleanup/cleanup.h:1.6	Sun Jul  6 19:45:50 2014
+++ src/external/ibm-public/postfix/dist/src/cleanup/cleanup.h	Sat Jan 24 18:10:52 2015
@@ -1,4 +1,4 @@
-/*	$NetBSD: cleanup.h,v 1.6 2014/07/06 19:45:50 tron Exp $	*/
+/*	$NetBSD: cleanup.h,v 1.7 2015/01/24 18:10:52 tron Exp $	*/
 
 /*++
 /* NAME
@@ -63,6 +63,7 @@ typedef struct CLEANUP_STATE {
 char   *orig_rcpt;			/* original recipient address */
 char   *return_receipt;		/* return-receipt address */
 char   *errors_to;			/* errors-to address */
+ARGV   *auto_hdrs;			/* MTA's own header(s) */
 int flags;			/* processing options, status flags */
 int qmgr_opts;			/* qmgr processing options */
 int errs;			/* any badness experienced */

Index: src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c
diff -u src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c:1.11 src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c:1.12
--- src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c:1.11	Sun Jul  6 19:45:50 2014
+++ src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c	Sat Jan 24 18:10:52 2015
@@ -1,4 +1,4 @@
-/*	$NetBSD: smtpd.c,v 1.11 2014/07/06 19:45:50 tron Exp $	*/
+/*	$NetBSD: smtpd.c,v 1.12 2015/01/24 18:10:52 tron Exp $	*/
 
 /*++
 /* NAME
@@ -2987,7 +2987,7 @@ static int data_cmd(SMTPD_STATE *state, 
 }
 
 /*
- * PREPEND message headers.
+ * PREPEND message headers above our own Received: header.
  */
 if (state->prepend)
 	for (cpp = state->prepend->argv; *cpp; cpp++)
@@ -3082,6 +3082,7 @@ static int data_cmd(SMTPD_STATE *state, 
 		"\t(envelope-from %s)", STR(state->buffer));
 #endif
 }
+
 smtpd_chat_reply(state, "354 End data with .");
 state->where = SMTPD_AFTER_DATA;

CVS commit: src/external/ibm-public/postfix/dist/src/util

2013-11-13 Thread Christos Zoulas 
Module Name:src
Committed By:   christos
Date:   Thu Nov 14 02:27:29 UTC 2013

Modified Files:
src/external/ibm-public/postfix/dist/src/util: dict_sockmap.c

Log Message:
miminize diff to original.


To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 \
src/external/ibm-public/postfix/dist/src/util/dict_sockmap.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/ibm-public/postfix/dist/src/util/dict_sockmap.c
diff -u src/external/ibm-public/postfix/dist/src/util/dict_sockmap.c:1.2 src/external/ibm-public/postfix/dist/src/util/dict_sockmap.c:1.3
--- src/external/ibm-public/postfix/dist/src/util/dict_sockmap.c:1.2	Wed Nov 13 20:36:00 2013
+++ src/external/ibm-public/postfix/dist/src/util/dict_sockmap.c	Wed Nov 13 21:27:29 2013
@@ -1,4 +1,4 @@
-/*	$NetBSD: dict_sockmap.c,v 1.2 2013/11/14 01:36:00 christos Exp $	*/
+/*	$NetBSD: dict_sockmap.c,v 1.3 2013/11/14 02:27:29 christos Exp $	*/
 
 /*++
 /* NAME
@@ -335,12 +335,11 @@ DICT   *dict_sockmap_open(const char *ma
  */
 saved_name = mystrdup(mapname);
 if ((sockmap = split_at_right(saved_name, ':')) == 0) {
-	DICT *dp = dict_surrogate(DICT_TYPE_SOCKMAP, mapname,
-			  open_flags, dict_flags,
-			  "%s requires server:socketmap argument",
-			  DICT_TYPE_SOCKMAP);
 	myfree(saved_name);
-	return dp;
+	return (dict_surrogate(DICT_TYPE_SOCKMAP, mapname,
+			   open_flags, dict_flags,
+			   "%s requires server:socketmap argument",
+			   DICT_TYPE_SOCKMAP));
 }
 
 /*

CVS commit: src/external/ibm-public/postfix/dist/src/postconf

2013-11-13 Thread Christos Zoulas 
Module Name:src
Committed By:   christos
Date:   Thu Nov 14 01:39:26 UTC 2013

Modified Files:
src/external/ibm-public/postfix/dist/src/postconf: postconf_master.c

Log Message:
CID 1102804: Memory leak


To generate a diff of this commit:
cvs rdiff -u -r1.1.1.3 -r1.2 \
src/external/ibm-public/postfix/dist/src/postconf/postconf_master.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/ibm-public/postfix/dist/src/postconf/postconf_master.c
diff -u src/external/ibm-public/postfix/dist/src/postconf/postconf_master.c:1.1.1.3 src/external/ibm-public/postfix/dist/src/postconf/postconf_master.c:1.2
--- src/external/ibm-public/postfix/dist/src/postconf/postconf_master.c:1.1.1.3	Wed Sep 25 15:06:33 2013
+++ src/external/ibm-public/postfix/dist/src/postconf/postconf_master.c	Wed Nov 13 20:39:26 2013
@@ -1,4 +1,4 @@
-/*	$NetBSD: postconf_master.c,v 1.1.1.3 2013/09/25 19:06:33 tron Exp $	*/
+/*	$NetBSD: postconf_master.c,v 1.2 2013/11/14 01:39:26 christos Exp $	*/
 
 /*++
 /* NAME
@@ -140,8 +140,10 @@ static const char *parse_master_line(PC_
 #define MASTER_BLANKS	" \t\r\n"		/* XXX */
 
 argv = argv_split(buf, MASTER_BLANKS);
-if (argv->argc < PC_MASTER_MIN_FIELDS)
+if (argv->argc < PC_MASTER_MIN_FIELDS) {
+	argv_free(argv);
 	return ("bad field count");
+}
 normalize_options(argv);
 masterp->name_space =
 	concatenate(argv->argv[0], ".", argv->argv[1], (char *) 0);

CVS commit: src/external/ibm-public/postfix/dist/src/util

2013-11-13 Thread Christos Zoulas 
Module Name:src
Committed By:   christos
Date:   Thu Nov 14 01:36:00 UTC 2013

Modified Files:
src/external/ibm-public/postfix/dist/src/util: dict_sockmap.c

Log Message:
1102805: Memory leak


To generate a diff of this commit:
cvs rdiff -u -r1.1.1.1 -r1.2 \
src/external/ibm-public/postfix/dist/src/util/dict_sockmap.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/ibm-public/postfix/dist/src/util/dict_sockmap.c
diff -u src/external/ibm-public/postfix/dist/src/util/dict_sockmap.c:1.1.1.1 src/external/ibm-public/postfix/dist/src/util/dict_sockmap.c:1.2
--- src/external/ibm-public/postfix/dist/src/util/dict_sockmap.c:1.1.1.1	Wed Sep 25 15:06:37 2013
+++ src/external/ibm-public/postfix/dist/src/util/dict_sockmap.c	Wed Nov 13 20:36:00 2013
@@ -1,4 +1,4 @@
-/*	$NetBSD: dict_sockmap.c,v 1.1.1.1 2013/09/25 19:06:37 tron Exp $	*/
+/*	$NetBSD: dict_sockmap.c,v 1.2 2013/11/14 01:36:00 christos Exp $	*/
 
 /*++
 /* NAME
@@ -334,11 +334,14 @@ DICT   *dict_sockmap_open(const char *ma
  * Separate the socketmap name from the socketmap server name.
  */
 saved_name = mystrdup(mapname);
-if ((sockmap = split_at_right(saved_name, ':')) == 0)
-	return (dict_surrogate(DICT_TYPE_SOCKMAP, mapname,
-			   open_flags, dict_flags,
-			   "%s requires server:socketmap argument",
-			   DICT_TYPE_SOCKMAP));
+if ((sockmap = split_at_right(saved_name, ':')) == 0) {
+	DICT *dp = dict_surrogate(DICT_TYPE_SOCKMAP, mapname,
+			  open_flags, dict_flags,
+			  "%s requires server:socketmap argument",
+			  DICT_TYPE_SOCKMAP);
+	myfree(saved_name);
+	return dp;
+}
 
 /*
  * Use one reference-counted client handle for all socketmaps with the

CVS commit: src/external/ibm-public/postfix/dist

2013-08-21 Thread Matthias Scheler 
Module Name:src
Committed By:   tron
Date:   Wed Aug 21 20:12:31 UTC 2013

Modified Files:
src/external/ibm-public/postfix/dist/README_FILES: TLS_README
src/external/ibm-public/postfix/dist/html: TLS_README.html
postconf.5.html
src/external/ibm-public/postfix/dist/man/man5: postconf.5
src/external/ibm-public/postfix/dist/proto: TLS_README.html
postconf.proto
src/external/ibm-public/postfix/dist/src/global: mail_params.h
src/external/ibm-public/postfix/dist/src/tls: tls_client.c

Log Message:
esolve conflicts from last import.


To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 \
src/external/ibm-public/postfix/dist/README_FILES/TLS_README
cvs rdiff -u -r1.7 -r1.8 \
src/external/ibm-public/postfix/dist/html/TLS_README.html
cvs rdiff -u -r1.10 -r1.11 \
src/external/ibm-public/postfix/dist/html/postconf.5.html
cvs rdiff -u -r1.10 -r1.11 \
src/external/ibm-public/postfix/dist/man/man5/postconf.5
cvs rdiff -u -r1.6 -r1.7 \
src/external/ibm-public/postfix/dist/proto/TLS_README.html
cvs rdiff -u -r1.10 -r1.11 \
src/external/ibm-public/postfix/dist/proto/postconf.proto
cvs rdiff -u -r1.9 -r1.10 \
src/external/ibm-public/postfix/dist/src/global/mail_params.h
cvs rdiff -u -r1.6 -r1.7 \
src/external/ibm-public/postfix/dist/src/tls/tls_client.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/ibm-public/postfix/dist/README_FILES/TLS_README
diff -u src/external/ibm-public/postfix/dist/README_FILES/TLS_README:1.6 src/external/ibm-public/postfix/dist/README_FILES/TLS_README:1.7
--- src/external/ibm-public/postfix/dist/README_FILES/TLS_README:1.6	Wed Jan  2 19:18:30 2013
+++ src/external/ibm-public/postfix/dist/README_FILES/TLS_README	Wed Aug 21 20:12:30 2013
@@ -462,6 +462,34 @@ host:
 /etc/postfix/relay_clientcerts:
 D7:04:2F:A7:0B:8C:A5:21:FA:31:77:E1:41:8A:EE:80 lutzpc.at.home
 
+To extract the public key fingerprint from an X.509 certificate, you need to
+extract the public key from the certificate and compute the appropriate digest
+of its DER (ASN.1) encoding. With OpenSSL the "-pubkey" option of the "x509"
+command extracts the public key always in "PEM" format. We pipe the result to
+another OpenSSL command that converts the key to DER and then to the "dgst"
+command to compute the fingerprint.
+
+The actual command to transform the key to DER format depends on the version of
+OpenSSL used. With OpenSSL 1.0.0 and later, the "pkey" command supports all key
+types. With OpenSSL 0.9.8 and earlier, the key type is always RSA (nobody uses
+DSA, and EC keys are not fully supported by 0.9.8), so the "rsa" command is
+used.
+
+# OpenSSL 1.0 with all certificates and SHA-1 fingerprints.
+$ openssl x509 -in cert.pem -noout -pubkey |
+openssl pkey -pubin -outform DER |
+openssl dgst -sha1 -c
+(stdin)= 64:3f:1f:f6:e5:1e:d4:2a:56:8b:fc:09:1a:61:98:b5:bc:7c:60:58
+
+# OpenSSL 0.9.8 with RSA certificates and MD5 fingerprints.
+$ openssl x509 -in cert.pem -noout -pubkey |
+openssl rsa -pubin -outform DER |
+openssl dgst -md5 -c
+(stdin)= f4:62:60:f6:12:8f:d5:8d:28:4d:13:a7:db:b2:ff:50
+
+Note: Postfix 2.9.0-2.9.5 computed the public key fingerprint incorrectly. To
+use public-key fingerprints, upgrade to Postfix 2.9.6 or later.
+
 SSeerrvveerr--ssiiddee cciipphheerr ccoonnttrroollss
 
 The Postfix SMTP server supports 5 distinct cipher security levels as specified
@@ -823,6 +851,34 @@ the example above, we show two matching 
 match=3D:95:34:51:24:66:33:B9:D2:40:99:C0:C1:17:0B:D1
 match=EC:3B:2D:B0:5B:B1:FB:6D:20:A3:9D:72:F6:8D:12:35
 
+To extract the public key fingerprint from an X.509 certificate, you need to
+extract the public key from the certificate and compute the appropriate digest
+of its DER (ASN.1) encoding. With OpenSSL the "-pubkey" option of the "x509"
+command extracts the public key always in "PEM" format. We pipe the result to
+another OpenSSL command that converts the key to DER and then to the "dgst"
+command to compute the fingerprint.
+
+The actual command to transform the key to DER format depends on the version of
+OpenSSL used. With OpenSSL 1.0.0 and later, the "pkey" command supports all key
+types. With OpenSSL 0.9.8 and earlier, the key type is always RSA (nobody uses
+DSA, and EC keys are not fully supported by 0.9.8), so the "rsa" command is
+used.
+
+# OpenSSL 1.0 with all certificates and SHA-1 fingerprints.
+$ openssl x509 -in cert.pem -noout -pubkey |
+openssl pkey -pubin -outform DER |
+openssl dgst -sha1 -c
+(stdin)= 64:3f:1f:f6:e5:1e:d4:2a:56:8b:fc:09:1a:61:98:b5:bc:7c:60:58
+
+# OpenSSL 0.9.8 with RSA certificates and MD5 fingerprints.
+$ openssl x509 -in cert.pem -noout -pubkey |
+openssl rsa -pubin -outform DE

CVS commit: src/external/ibm-public/postfix/dist/conf

2013-01-06 Thread Matthias Scheler 
Module Name:src
Committed By:   tron
Date:   Sun Jan  6 13:58:25 UTC 2013

Modified Files:
src/external/ibm-public/postfix/dist/conf: main.cf

Log Message:
Comment out "inet_protocols = ipv4" line which came from up-stream.
We want Postfix to support IPv6 out of the box.

Pointed out by Dieter Roelants on "current-users" mailing list.


To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 src/external/ibm-public/postfix/dist/conf/main.cf

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/ibm-public/postfix/dist/conf/main.cf
diff -u src/external/ibm-public/postfix/dist/conf/main.cf:1.3 src/external/ibm-public/postfix/dist/conf/main.cf:1.4
--- src/external/ibm-public/postfix/dist/conf/main.cf:1.3	Wed Jan  2 19:18:30 2013
+++ src/external/ibm-public/postfix/dist/conf/main.cf	Sun Jan  6 13:58:24 2013
@@ -1,4 +1,4 @@
-#	$NetBSD: main.cf,v 1.3 2013/01/02 19:18:30 tron Exp $
+#	$NetBSD: main.cf,v 1.4 2013/01/06 13:58:24 tron Exp $
 #
 # Global Postfix configuration file. This file lists only a subset
 # of all parameters. For the syntax, and for a complete parameter
@@ -664,4 +664,4 @@ sample_directory = /usr/share/examples/p
 # readme_directory: The location of the Postfix README files.
 #
 readme_directory = /usr/share/examples/postfix
-inet_protocols = ipv4
+#inet_protocols = ipv4

CVS commit: src/external/ibm-public/postfix/dist

2012-12-18 Thread Matthias Scheler 
Module Name:src
Committed By:   tron
Date:   Tue Dec 18 09:10:32 UTC 2012

Modified Files:
src/external/ibm-public/postfix/dist: makedefs
src/external/ibm-public/postfix/dist/src/util: sys_defs.h

Log Message:
Resolve conflicts from last import.


To generate a diff of this commit:
cvs rdiff -u -r1.5 -r1.6 src/external/ibm-public/postfix/dist/makedefs
cvs rdiff -u -r1.3 -r1.4 \
src/external/ibm-public/postfix/dist/src/util/sys_defs.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/ibm-public/postfix/dist/makedefs
diff -u src/external/ibm-public/postfix/dist/makedefs:1.5 src/external/ibm-public/postfix/dist/makedefs:1.6
--- src/external/ibm-public/postfix/dist/makedefs:1.5	Wed Nov  9 19:06:34 2011
+++ src/external/ibm-public/postfix/dist/makedefs	Tue Dec 18 09:10:32 2012
@@ -146,6 +146,8 @@ case "$SYSTEM.$RELEASE" in
 		;;
   FreeBSD.8*)	SYSTYPE=FREEBSD8
 		;;
+  FreeBSD.9*)	SYSTYPE=FREEBSD9
+		;;
   OpenBSD.2*)	SYSTYPE=OPENBSD2
 		;;
   OpenBSD.3*)	SYSTYPE=OPENBSD3

Index: src/external/ibm-public/postfix/dist/src/util/sys_defs.h
diff -u src/external/ibm-public/postfix/dist/src/util/sys_defs.h:1.3 src/external/ibm-public/postfix/dist/src/util/sys_defs.h:1.4
--- src/external/ibm-public/postfix/dist/src/util/sys_defs.h:1.3	Wed Nov  9 19:06:34 2011
+++ src/external/ibm-public/postfix/dist/src/util/sys_defs.h	Tue Dec 18 09:10:32 2012
@@ -1,4 +1,4 @@
-/*	$NetBSD: sys_defs.h,v 1.3 2011/11/09 19:06:34 tron Exp $	*/
+/*	$NetBSD: sys_defs.h,v 1.4 2012/12/18 09:10:32 tron Exp $	*/
 
 #ifndef _SYS_DEFS_H_INCLUDED_
 #define _SYS_DEFS_H_INCLUDED_
@@ -27,7 +27,7 @@
   */
 #if defined(FREEBSD2) || defined(FREEBSD3) || defined(FREEBSD4) \
 || defined(FREEBSD5) || defined(FREEBSD6) || defined(FREEBSD7) \
-|| defined(FREEBSD8) \
+|| defined(FREEBSD8) || defined(FREEBSD9) \
 || defined(BSDI2) || defined(BSDI3) || defined(BSDI4) \
 || defined(OPENBSD2) || defined(OPENBSD3) || defined(OPENBSD4) \
 || defined(OPENBSD5) \

CVS commit: src/external/ibm-public/postfix/dist/src/dns

2012-07-05 Thread Christos Zoulas 
Module Name:src
Committed By:   christos
Date:   Thu Jul  5 17:40:11 UTC 2012

Modified Files:
src/external/ibm-public/postfix/dist/src/dns: dns_lookup.c

Log Message:
use the modern resolver functions if available.


To generate a diff of this commit:
cvs rdiff -u -r1.1.1.2 -r1.2 \
src/external/ibm-public/postfix/dist/src/dns/dns_lookup.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/ibm-public/postfix/dist/src/dns/dns_lookup.c
diff -u src/external/ibm-public/postfix/dist/src/dns/dns_lookup.c:1.1.1.2 src/external/ibm-public/postfix/dist/src/dns/dns_lookup.c:1.2
--- src/external/ibm-public/postfix/dist/src/dns/dns_lookup.c:1.1.1.2	Thu Jun 17 14:06:44 2010
+++ src/external/ibm-public/postfix/dist/src/dns/dns_lookup.c	Thu Jul  5 13:40:11 2012
@@ -1,4 +1,4 @@
-/*	$NetBSD: dns_lookup.c,v 1.1.1.2 2010/06/17 18:06:44 tron Exp $	*/
+/*	$NetBSD: dns_lookup.c,v 1.2 2012/07/05 17:40:11 christos Exp $	*/
 
 /*++
 /* NAME
@@ -176,12 +176,37 @@ typedef struct DNS_REPLY {
 
 /* dns_query - query name server and pre-parse the reply */
 
+#if __RES < 20030124
+
+static int
+res_ninit(res_state res)
+{
+	int error;
+
+	if ((error = res_init()) < 0)
+		return error;
+
+	*res = _res;
+	return error;
+}
+
+static int
+res_nsearch(res_state statp, const char *dname, int class, int type,
+u_char *answer, int anslen)
+{
+	return res_search(dname, class, type, answer, anslen);
+}
+
+#endif
+
 static int dns_query(const char *name, int type, int flags,
 		 DNS_REPLY *reply, VSTRING *why)
 {
 HEADER *reply_header;
 int len;
 unsigned long saved_options;
+/* For efficiency, we are not called from multiple threads */
+static struct __res_state res;
 
 /*
  * Initialize the reply buffer.
@@ -194,7 +219,7 @@ static int dns_query(const char *name, i
 /*
  * Initialize the name service.
  */
-if ((_res.options & RES_INIT) == 0 && res_init() < 0) {
+if ((res.options & RES_INIT) == 0 && res_ninit(&res) < 0) {
 	if (why)
 	vstring_strcpy(why, "Name service initialization failure");
 	return (DNS_FAIL);
@@ -208,18 +233,18 @@ static int dns_query(const char *name, i
 
 if ((flags & USER_FLAGS) != flags)
 	msg_panic("dns_query: bad flags: %d", flags);
-saved_options = (_res.options & USER_FLAGS);
+saved_options = (res.options & USER_FLAGS);
 
 /*
  * Perform the lookup. Claim that the information cannot be found if and
  * only if the name server told us so.
  */
 for (;;) {
-	_res.options &= ~saved_options;
-	_res.options |= flags;
-	len = res_search((char *) name, C_IN, type, reply->buf, reply->buf_len);
-	_res.options &= ~flags;
-	_res.options |= saved_options;
+	res.options &= ~saved_options;
+	res.options |= flags;
+	len = res_nsearch(&res, name, C_IN, type, reply->buf, reply->buf_len);
+	res.options &= ~flags;
+	res.options |= saved_options;
 	if (len < 0) {
 	if (why)
 		vstring_sprintf(why, "Host or domain name not found. "

CVS commit: src/external/ibm-public/postfix/dist

2012-06-09 Thread Matthias Scheler 
Module Name:src
Committed By:   tron
Date:   Sat Jun  9 11:32:20 UTC 2012

Modified Files:
src/external/ibm-public/postfix/dist/README_FILES: TLS_README
src/external/ibm-public/postfix/dist/html: TLS_README.html
postconf.5.html
src/external/ibm-public/postfix/dist/man/man5: postconf.5
src/external/ibm-public/postfix/dist/proto: TLS_README.html
postconf.proto
src/external/ibm-public/postfix/dist/src/global: mail_params.h
src/external/ibm-public/postfix/dist/src/local: unknown.c
src/external/ibm-public/postfix/dist/src/smtp: smtp.c
src/external/ibm-public/postfix/dist/src/smtpd: smtpd.c
src/external/ibm-public/postfix/dist/src/tls: tls_client.c tls_server.c

Log Message:
Resolve conflicts from last import.


To generate a diff of this commit:
cvs rdiff -u -r1.4 -r1.5 \
src/external/ibm-public/postfix/dist/README_FILES/TLS_README
cvs rdiff -u -r1.5 -r1.6 \
src/external/ibm-public/postfix/dist/html/TLS_README.html
cvs rdiff -u -r1.8 -r1.9 \
src/external/ibm-public/postfix/dist/html/postconf.5.html
cvs rdiff -u -r1.8 -r1.9 \
src/external/ibm-public/postfix/dist/man/man5/postconf.5
cvs rdiff -u -r1.4 -r1.5 \
src/external/ibm-public/postfix/dist/proto/TLS_README.html
cvs rdiff -u -r1.8 -r1.9 \
src/external/ibm-public/postfix/dist/proto/postconf.proto
cvs rdiff -u -r1.7 -r1.8 \
src/external/ibm-public/postfix/dist/src/global/mail_params.h
cvs rdiff -u -r1.2 -r1.3 \
src/external/ibm-public/postfix/dist/src/local/unknown.c
cvs rdiff -u -r1.4 -r1.5 src/external/ibm-public/postfix/dist/src/smtp/smtp.c
cvs rdiff -u -r1.7 -r1.8 \
src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c
cvs rdiff -u -r1.4 -r1.5 \
src/external/ibm-public/postfix/dist/src/tls/tls_client.c \
src/external/ibm-public/postfix/dist/src/tls/tls_server.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/ibm-public/postfix/dist/README_FILES/TLS_README
diff -u src/external/ibm-public/postfix/dist/README_FILES/TLS_README:1.4 src/external/ibm-public/postfix/dist/README_FILES/TLS_README:1.5
--- src/external/ibm-public/postfix/dist/README_FILES/TLS_README:1.4	Wed Mar  2 19:56:37 2011
+++ src/external/ibm-public/postfix/dist/README_FILES/TLS_README	Sat Jun  9 11:32:19 2012
@@ -542,11 +542,17 @@ The "smtpd_tls_ciphers" configuration pa
 control over the minimum cipher grade for opportunistic TLS. With Postfix <
 2.6, the minimum opportunistic TLS cipher grade is always "export".
 
-With mandatory TLS encryption, the Postfix SMTP server will by default only use
-SSLv3 or TLSv1. SSLv2 is only used when TLS encryption is optional. The
-mandatory TLS protocol list is specified via the smtpd_tls_mandatory_protocols
-configuration parameter. The corresponding smtpd_tls_protocols parameter
-(Postfix >= 2.6) controls the SSL/TLS protocols used with opportunistic TLS.
+With mandatory TLS encryption, the Postfix SMTP server will by default disable
+SSLv2. SSLv2 is used only when TLS encryption is optional. The mandatory TLS
+protocol list is specified via the smtpd_tls_mandatory_protocols configuration
+parameter. The corresponding smtpd_tls_protocols parameter (Postfix >= 2.6)
+controls the SSL/TLS protocols used with opportunistic TLS.
+
+Note that the OpenSSL library only supports protocol exclusion (not inclusion).
+For this reason, Postfix can exclude only protocols that are known at the time
+the Postfix software is written. If new protocols are added to the OpenSSL
+library, they cannot be excluded without corresponding changes to the Postfix
+source code.
 
 For a server that is not a public Internet MX host, Postfix (>= 2.3) supports
 configurations with no server certificates that use oonnllyy the anonymous ciphers.
@@ -561,9 +567,10 @@ Example, MSA that requires TLSv1, not SS
 smtpd_tls_mandatory_ciphers = high
 smtpd_tls_mandatory_exclude_ciphers = aNULL, MD5
 smtpd_tls_security_level = encrypt
-smtpd_tls_mandatory_protocols = TLSv1
-# Also available with Postfix >= 2.5:
+# Preferred form with Postfix >= 2.5:
 smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
+# Alternative form.
+smtpd_tls_mandatory_protocols = TLSv1
 
 If you want to take advantage of ciphers with ephemeral Diffie-Hellman (EDH)
 key exchange (this offers "forward-secrecy"), DH parameters are needed. Instead
@@ -594,9 +601,9 @@ Examples:
 smtpd_tls_eecdh_grade = strong
 
 Postfix 2.8 and later, in combination with OpenSSL 0.9.7 and later allows TLS
-servers to preempt the TLS client's cipher preference list. This is only
-possible with SSLv3, as in SSLv2 the client chooses the cipher from a list
-supplied by the server.
+servers to preempt the TLS client's cipher preference list. This is possible
+only with SSLv3 and later, as in SSLv2 the client chooses the c

CVS commit: src/external/ibm-public/postfix/dist/src/local

2012-02-17 Thread Matthias Scheler 
Module Name:src
Committed By:   tron
Date:   Fri Feb 17 09:17:22 UTC 2012

Modified Files:
src/external/ibm-public/postfix/dist/src/local: unknown.c

Log Message:
Include "defer.h" to get the prototype for defer_append().


To generate a diff of this commit:
cvs rdiff -u -r1.1.1.3 -r1.2 \
src/external/ibm-public/postfix/dist/src/local/unknown.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/ibm-public/postfix/dist/src/local/unknown.c
diff -u src/external/ibm-public/postfix/dist/src/local/unknown.c:1.1.1.3 src/external/ibm-public/postfix/dist/src/local/unknown.c:1.2
--- src/external/ibm-public/postfix/dist/src/local/unknown.c:1.1.1.3	Fri Feb 17 08:36:10 2012
+++ src/external/ibm-public/postfix/dist/src/local/unknown.c	Fri Feb 17 09:17:22 2012
@@ -1,4 +1,4 @@
-/*	$NetBSD: unknown.c,v 1.1.1.3 2012/02/17 08:36:10 tron Exp $	*/
+/*	$NetBSD: unknown.c,v 1.2 2012/02/17 09:17:22 tron Exp $	*/
 
 /*++
 /* NAME
@@ -74,6 +74,7 @@
 #include 
 #include 
 #include 
+#include 
 
 /* Application-specific. */

CVS commit: src/external/ibm-public/postfix/dist

2011-11-09 Thread Matthias Scheler 
Module Name:src
Committed By:   tron
Date:   Wed Nov  9 19:06:34 UTC 2011

Modified Files:
src/external/ibm-public/postfix/dist: makedefs
src/external/ibm-public/postfix/dist/src/util: sys_defs.h

Log Message:
Resolve conflicts from last import.


To generate a diff of this commit:
cvs rdiff -u -r1.4 -r1.5 src/external/ibm-public/postfix/dist/makedefs
cvs rdiff -u -r1.2 -r1.3 \
src/external/ibm-public/postfix/dist/src/util/sys_defs.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/ibm-public/postfix/dist/makedefs
diff -u src/external/ibm-public/postfix/dist/makedefs:1.4 src/external/ibm-public/postfix/dist/makedefs:1.5
--- src/external/ibm-public/postfix/dist/makedefs:1.4	Sun Jul 31 10:05:03 2011
+++ src/external/ibm-public/postfix/dist/makedefs	Wed Nov  9 19:06:34 2011
@@ -152,6 +152,8 @@ case "$SYSTEM.$RELEASE" in
 		;;
   OpenBSD.4*)	SYSTYPE=OPENBSD4
 		;;
+  OpenBSD.5*)	SYSTYPE=OPENBSD5
+		;;
   ekkoBSD.1*)	SYSTYPE=EKKOBSD1
 		;;
NetBSD.1*)	SYSTYPE=NETBSD1

Index: src/external/ibm-public/postfix/dist/src/util/sys_defs.h
diff -u src/external/ibm-public/postfix/dist/src/util/sys_defs.h:1.2 src/external/ibm-public/postfix/dist/src/util/sys_defs.h:1.3
--- src/external/ibm-public/postfix/dist/src/util/sys_defs.h:1.2	Tue Nov  8 22:21:30 2011
+++ src/external/ibm-public/postfix/dist/src/util/sys_defs.h	Wed Nov  9 19:06:34 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: sys_defs.h,v 1.2 2011/11/08 22:21:30 joerg Exp $	*/
+/*	$NetBSD: sys_defs.h,v 1.3 2011/11/09 19:06:34 tron Exp $	*/
 
 #ifndef _SYS_DEFS_H_INCLUDED_
 #define _SYS_DEFS_H_INCLUDED_
@@ -30,6 +30,7 @@
 || defined(FREEBSD8) \
 || defined(BSDI2) || defined(BSDI3) || defined(BSDI4) \
 || defined(OPENBSD2) || defined(OPENBSD3) || defined(OPENBSD4) \
+|| defined(OPENBSD5) \
 || defined(NETBSD1) || defined(NETBSD2) || defined(NETBSD3) \
 || defined(NETBSD4) \
 || defined(EKKOBSD1)

CVS commit: src/external/ibm-public/postfix/dist/src/util

2011-11-08 Thread Joerg Sonnenberger 
Module Name:src
Committed By:   joerg
Date:   Tue Nov  8 22:21:30 UTC 2011

Modified Files:
src/external/ibm-public/postfix/dist/src/util: sys_defs.h

Log Message:
Just because IPV6 support is disabled doesn't mean inet_ntop are not
present. Since the local prototype conflicts, use the system version.


To generate a diff of this commit:
cvs rdiff -u -r1.1.1.6 -r1.2 \
src/external/ibm-public/postfix/dist/src/util/sys_defs.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/ibm-public/postfix/dist/src/util/sys_defs.h
diff -u src/external/ibm-public/postfix/dist/src/util/sys_defs.h:1.1.1.6 src/external/ibm-public/postfix/dist/src/util/sys_defs.h:1.2
--- src/external/ibm-public/postfix/dist/src/util/sys_defs.h:1.1.1.6	Sun Jul 31 10:03:06 2011
+++ src/external/ibm-public/postfix/dist/src/util/sys_defs.h	Tue Nov  8 22:21:30 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: sys_defs.h,v 1.1.1.6 2011/07/31 10:03:06 tron Exp $	*/
+/*	$NetBSD: sys_defs.h,v 1.2 2011/11/08 22:21:30 joerg Exp $	*/
 
 #ifndef _SYS_DEFS_H_INCLUDED_
 #define _SYS_DEFS_H_INCLUDED_
@@ -1275,6 +1275,7 @@ extern int dup2_pass_on_exec(int oldd, i
  /*
   * Defaults for systems that pre-date IPv6 support.
   */
+#ifndef __NetBSD__
 #ifndef HAS_IPV6
 #define EMULATE_IPV4_ADDRINFO
 #define MISSING_INET_PTON
@@ -1283,6 +1284,7 @@ extern const char *inet_ntop(int, const 
 extern int inet_pton(int, const char *, void *);
 
 #endif
+#endif
 
  /*
   * Workaround: after a watchdog alarm signal, wake up from select/poll/etc.

CVS commit: src/external/ibm-public/postfix/dist/src/smtpd

2011-10-28 Thread Matthias Scheler 
Module Name:src
Committed By:   tron
Date:   Fri Oct 28 07:12:17 UTC 2011

Modified Files:
src/external/ibm-public/postfix/dist/src/smtpd: smtpd.c

Log Message:
Resolve conflicts from last import.


To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 \
src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c
diff -u src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c:1.6 src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c:1.7
--- src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c:1.6	Wed Mar  2 19:56:39 2011
+++ src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c	Fri Oct 28 07:12:17 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: smtpd.c,v 1.6 2011/03/02 19:56:39 tron Exp $	*/
+/*	$NetBSD: smtpd.c,v 1.7 2011/10/28 07:12:17 tron Exp $	*/
 
 /*++
 /* NAME
@@ -3042,6 +3042,7 @@ static int data_cmd(SMTPD_STATE *state, 
 	if (state->err == 0) {
 	why = vstring_alloc(10);
 	state->err = mail_stream_finish(state->dest, why);
+	printable(STR(why), ' ');
 	} else
 	mail_stream_cleanup(state->dest);
 	state->dest = 0;

CVS commit: src/external/ibm-public/postfix/dist

2011-07-31 Thread Matthias Scheler 
Module Name:src
Committed By:   tron
Date:   Sun Jul 31 10:05:04 UTC 2011

Modified Files:
src/external/ibm-public/postfix/dist: makedefs postfix-install
src/external/ibm-public/postfix/dist/html: TLS_README.html
postconf.5.html
src/external/ibm-public/postfix/dist/man/man5: postconf.5
src/external/ibm-public/postfix/dist/proto: postconf.proto

Log Message:
Resolve conflicts from last import.


To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 src/external/ibm-public/postfix/dist/makedefs
cvs rdiff -u -r1.2 -r1.3 src/external/ibm-public/postfix/dist/postfix-install
cvs rdiff -u -r1.4 -r1.5 \
src/external/ibm-public/postfix/dist/html/TLS_README.html
cvs rdiff -u -r1.7 -r1.8 \
src/external/ibm-public/postfix/dist/html/postconf.5.html
cvs rdiff -u -r1.7 -r1.8 \
src/external/ibm-public/postfix/dist/man/man5/postconf.5
cvs rdiff -u -r1.7 -r1.8 \
src/external/ibm-public/postfix/dist/proto/postconf.proto

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/ibm-public/postfix/dist/makedefs
diff -u src/external/ibm-public/postfix/dist/makedefs:1.3 src/external/ibm-public/postfix/dist/makedefs:1.4
--- src/external/ibm-public/postfix/dist/makedefs:1.3	Wed Mar 23 19:10:44 2011
+++ src/external/ibm-public/postfix/dist/makedefs	Sun Jul 31 10:05:03 2011
@@ -342,6 +342,33 @@
 		   fi;;
 		esac
 		;;
+Linux.3*)	SYSTYPE=LINUX3
+		if [ -f /usr/include/db.h ]
+		then
+		: we are all set
+		elif [ -f /usr/include/db/db.h ]
+		then
+		CCARGS="$CCARGS -I/usr/include/db"
+		else
+		# On a properly installed system, Postfix builds
+		# by including  and by linking with -ldb
+		echo "No  include file found." 1>&2
+		echo "Install the appropriate db*-devel package first." 1>&2
+		echo "See the RELEASE_NOTES file for more information." 1>&2
+		exit 1
+		fi
+		SYSLIBS="-ldb"
+		for name in nsl resolv
+		do
+		for lib in /usr/lib64 /lib64 /usr/lib /lib
+		do
+			test -e $lib/lib$name.a -o -e $lib/lib$name.so && {
+			SYSLIBS="$SYSLIBS -l$name"
+			break
+			}
+		done
+		done
+		;;
  GNU.0*|GNU/kFreeBSD.[567]*)
  		SYSTYPE=GNU0
 		# Postfix no longer needs DB 1.85 compatibility

Index: src/external/ibm-public/postfix/dist/postfix-install
diff -u src/external/ibm-public/postfix/dist/postfix-install:1.2 src/external/ibm-public/postfix/dist/postfix-install:1.3
--- src/external/ibm-public/postfix/dist/postfix-install:1.2	Tue Jun 23 11:41:05 2009
+++ src/external/ibm-public/postfix/dist/postfix-install	Sun Jul 31 10:05:03 2011
@@ -305,7 +305,7 @@
 
 install_root_prompt="the prefix for installed file names. Specify
 this ONLY if you are building ready-to-install packages for
-distribution to other machines."
+distribution to OTHER machines. See PACKAGE_README for instructions."
 
 tempdir_prompt="a directory for scratch files while installing
 Postfix.  You must have write permission in this directory."

Index: src/external/ibm-public/postfix/dist/html/TLS_README.html
diff -u src/external/ibm-public/postfix/dist/html/TLS_README.html:1.4 src/external/ibm-public/postfix/dist/html/TLS_README.html:1.5
--- src/external/ibm-public/postfix/dist/html/TLS_README.html:1.4	Wed Mar  2 19:56:38 2011
+++ src/external/ibm-public/postfix/dist/html/TLS_README.html	Sun Jul 31 10:05:04 2011
@@ -865,9 +865,9 @@
  By default, the OpenSSL server selects the client's most preferred
 cipher that the server supports. With SSLv3 and later, the server
 may choose its own most preferred cipher that is supported (offered)
-by the client. Setting "tls_preempt_cipherlist = yes" enables server
+by the client. Setting "tls_preempt_cipherlist = yes" enables server
 cipher preferences. The default OpenSSL behaviour applies with
-"tls_preempt_cipherlist = no". 
+"tls_preempt_cipherlist = no". 
 
  While server cipher selection may in some cases lead to a more secure
 or performant cipher choice, there is some risk of interoperability

Index: src/external/ibm-public/postfix/dist/html/postconf.5.html
diff -u src/external/ibm-public/postfix/dist/html/postconf.5.html:1.7 src/external/ibm-public/postfix/dist/html/postconf.5.html:1.8
--- src/external/ibm-public/postfix/dist/html/postconf.5.html:1.7	Wed Mar  2 19:56:38 2011
+++ src/external/ibm-public/postfix/dist/html/postconf.5.html	Sun Jul 31 10:05:04 2011
@@ -7657,6 +7657,8 @@
 The default time unit is s (seconds).
 
 
+ This feature is available in Postfix 2.8 and later.  
+
 
 
 
@@ -7690,6 +7692,8 @@
 The default time unit is s (seconds).
 
 
+ This feature is available in Postfix 2.8 and later.  
+
 
 
 
@@ -15205,7 +15209,7 @@
  By default, the OpenSSL server selects the client's most preferred
 cipher that the server supports. With SSLv3 and later, the server may
 choose its own most preferred cipher that is supported (offered) by
-the client. Setting "tls_preempt_cipherlist = yes"

CVS commit: src/external/ibm-public/postfix/dist/src/util

2011-05-30 Thread Paul Goyette 
Module Name:src
Committed By:   pgoyette
Date:   Mon May 30 18:47:27 UTC 2011

Modified Files:
src/external/ibm-public/postfix/dist/src/util: unix_recv_fd.c

Log Message:
Add missing semicolon so it compiles


To generate a diff of this commit:
cvs rdiff -u -r1.5 -r1.6 \
src/external/ibm-public/postfix/dist/src/util/unix_recv_fd.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/ibm-public/postfix/dist/src/util/unix_recv_fd.c
diff -u src/external/ibm-public/postfix/dist/src/util/unix_recv_fd.c:1.5 src/external/ibm-public/postfix/dist/src/util/unix_recv_fd.c:1.6
--- src/external/ibm-public/postfix/dist/src/util/unix_recv_fd.c:1.5	Mon May 30 16:24:13 2011
+++ src/external/ibm-public/postfix/dist/src/util/unix_recv_fd.c	Mon May 30 18:47:27 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: unix_recv_fd.c,v 1.5 2011/05/30 16:24:13 joerg Exp $	*/
+/*	$NetBSD: unix_recv_fd.c,v 1.6 2011/05/30 18:47:27 pgoyette Exp $	*/
 
 /*++
 /* NAME
@@ -73,7 +73,7 @@
 #  ifdef __clang__
 	charcontrol[128];
 #  else
-	charcontrol[CMSG_SPACE(sizeof(newfd))]
+	charcontrol[CMSG_SPACE(sizeof(newfd))];
 #  endif
 }   control_un;
 struct cmsghdr *cmptr;

CVS commit: src/external/ibm-public/postfix/dist/src/util

2011-05-30 Thread Joerg Sonnenberger 
Module Name:src
Committed By:   joerg
Date:   Mon May 30 16:24:13 UTC 2011

Modified Files:
src/external/ibm-public/postfix/dist/src/util: unix_recv_fd.c
unix_send_fd.c

Log Message:
Hack for clang to workaround non-ICE CMSG_SPACE used in union.


To generate a diff of this commit:
cvs rdiff -u -r1.4 -r1.5 \
src/external/ibm-public/postfix/dist/src/util/unix_recv_fd.c \
src/external/ibm-public/postfix/dist/src/util/unix_send_fd.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/ibm-public/postfix/dist/src/util/unix_recv_fd.c
diff -u src/external/ibm-public/postfix/dist/src/util/unix_recv_fd.c:1.4 src/external/ibm-public/postfix/dist/src/util/unix_recv_fd.c:1.5
--- src/external/ibm-public/postfix/dist/src/util/unix_recv_fd.c:1.4	Wed Mar  2 19:56:39 2011
+++ src/external/ibm-public/postfix/dist/src/util/unix_recv_fd.c	Mon May 30 16:24:13 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: unix_recv_fd.c,v 1.4 2011/03/02 19:56:39 tron Exp $	*/
+/*	$NetBSD: unix_recv_fd.c,v 1.5 2011/05/30 16:24:13 joerg Exp $	*/
 
 /*++
 /* NAME
@@ -70,7 +70,11 @@
 #if defined(CMSG_SPACE) && !defined(NO_MSGHDR_MSG_CONTROL)
 union {
 	struct cmsghdr just_for_alignment;
-	charcontrol[CMSG_SPACE(sizeof(newfd))];
+#  ifdef __clang__
+	charcontrol[128];
+#  else
+	charcontrol[CMSG_SPACE(sizeof(newfd))]
+#  endif
 }   control_un;
 struct cmsghdr *cmptr;
 
@@ -79,7 +83,7 @@
 if (unix_pass_fd_fix & UNIX_PASS_FD_FIX_CMSG_LEN) {
 	msg.msg_controllen = CMSG_LEN(sizeof(newfd));	/* Fix 200506 */
 } else {
-	msg.msg_controllen = sizeof(control_un.control);	/* normal */
+	msg.msg_controllen = CMSG_SPACE(sizeof(newfd));	/* normal */
 }
 #else
 msg.msg_accrights = (char *) &newfd;
Index: src/external/ibm-public/postfix/dist/src/util/unix_send_fd.c
diff -u src/external/ibm-public/postfix/dist/src/util/unix_send_fd.c:1.4 src/external/ibm-public/postfix/dist/src/util/unix_send_fd.c:1.5
--- src/external/ibm-public/postfix/dist/src/util/unix_send_fd.c:1.4	Wed Mar  2 19:56:39 2011
+++ src/external/ibm-public/postfix/dist/src/util/unix_send_fd.c	Mon May 30 16:24:13 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: unix_send_fd.c,v 1.4 2011/03/02 19:56:39 tron Exp $	*/
+/*	$NetBSD: unix_send_fd.c,v 1.5 2011/05/30 16:24:13 joerg Exp $	*/
 
 /*++
 /* NAME
@@ -72,7 +72,11 @@
 #if defined(CMSG_SPACE) && !defined(NO_MSGHDR_MSG_CONTROL)
 union {
 	struct cmsghdr just_for_alignment;
+#  ifdef __clang__
+	charcontrol[128];
+#  else
 	charcontrol[CMSG_SPACE(sizeof(sendfd))];
+#  endif
 }   control_un;
 struct cmsghdr *cmptr;
 
@@ -81,7 +85,7 @@
 if (unix_pass_fd_fix & UNIX_PASS_FD_FIX_CMSG_LEN) {
 	msg.msg_controllen = CMSG_LEN(sizeof(sendfd));	/* Fix 200506 */
 } else {
-	msg.msg_controllen = sizeof(control_un.control);	/* normal */
+	msg.msg_controllen = CMSG_SPACE(sizeof(sendfd));	/* normal */
 }
 cmptr = CMSG_FIRSTHDR(&msg);
 cmptr->cmsg_len = CMSG_LEN(sizeof(sendfd));

CVS commit: src/external/ibm-public/postfix/dist

2011-03-23 Thread Matthias Scheler 
Module Name:src
Committed By:   tron
Date:   Wed Mar 23 19:10:45 UTC 2011

Modified Files:
src/external/ibm-public/postfix/dist: makedefs
src/external/ibm-public/postfix/dist/src/global: mail_params.h

Log Message:
Resolve conflict from last import.


To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 src/external/ibm-public/postfix/dist/makedefs
cvs rdiff -u -r1.6 -r1.7 \
src/external/ibm-public/postfix/dist/src/global/mail_params.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/ibm-public/postfix/dist/makedefs
diff -u src/external/ibm-public/postfix/dist/makedefs:1.2 src/external/ibm-public/postfix/dist/makedefs:1.3
--- src/external/ibm-public/postfix/dist/makedefs:1.2	Sat Feb 12 19:07:09 2011
+++ src/external/ibm-public/postfix/dist/makedefs	Wed Mar 23 19:10:44 2011
@@ -230,6 +230,12 @@
 		done
 		;;
AIX.*)	case "`uname -v`" in
+		6)	SYSTYPE=AIX6
+			case "$CC" in
+			cc|*/cc|xlc|*/xlc) CCARGS="$CCARGS -w -blibpath:/usr/lib:/lib:/usr/local/lib";;
+			esac
+			CCARGS="$CCARGS -D_ALL_SOURCE -DHAS_POSIX_REGEXP"
+			;;
 		5)	SYSTYPE=AIX5
 			case "$CC" in
 			cc|*/cc|xlc|*/xlc) CCARGS="$CCARGS -w -blibpath:/usr/lib:/lib:/usr/local/lib";;

Index: src/external/ibm-public/postfix/dist/src/global/mail_params.h
diff -u src/external/ibm-public/postfix/dist/src/global/mail_params.h:1.6 src/external/ibm-public/postfix/dist/src/global/mail_params.h:1.7
--- src/external/ibm-public/postfix/dist/src/global/mail_params.h:1.6	Wed Mar  2 19:56:38 2011
+++ src/external/ibm-public/postfix/dist/src/global/mail_params.h	Wed Mar 23 19:10:44 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: mail_params.h,v 1.6 2011/03/02 19:56:38 tron Exp $	*/
+/*	$NetBSD: mail_params.h,v 1.7 2011/03/23 19:10:44 tron Exp $	*/
 
 #ifndef _MAIL_PARAMS_H_INCLUDED_
 #define _MAIL_PARAMS_H_INCLUDED_
@@ -2990,33 +2990,20 @@
 #define DEF_TLS_PREEMPT_CLIST	0
 extern bool var_tls_preempt_clist;
 
-#ifdef USE_TLS
-
- /*
-  * The tweak for CVE-2005-2969 is needed in some versions prior to 1.0.0
-  */
+ /* The tweak for CVE-2010-4180 is needed in some versions prior to 1.0.1 */
+ /* The tweak for CVE-2005-2969 is needed in some versions prior to 1.0.0 */
+#if defined(USE_TLS) && (OPENSSL_VERSION_NUMBER < 0x1000100fL)
 #if (OPENSSL_VERSION_NUMBER < 0x100fL)
-#define TLS_BUG_TWEAK_A	" CVE-2005-2969"
+#define TLS_BUG_TWEAKS		"CVE-2005-2969 CVE-2010-4180"
 #else
-#define TLS_BUG_TWEAK_A ""
+#define TLS_BUG_TWEAKS		"CVE-2010-4180"
 #endif
-
- /*
-  * The tweak for CVE-2010-4180 is needed in some versions prior to 1.0.1
-  */
-#if (OPENSSL_VERSION_NUMBER < 0x1000100fL)
-#define TLS_BUG_TWEAK_B	" CVE-2010-4180"
 #else
-#define TLS_BUG_TWEAK_B	" "
+#define TLS_BUG_TWEAKS		""
 #endif
 
-#else /* USE_TLS */
-#define TLS_BUG_TWEAK_A	""
-#define TLS_BUG_TWEAK_B	" "
-#endif /* USE_TLS */
-
 #define VAR_TLS_BUG_TWEAKS	"tls_disable_workarounds"
-#define DEF_TLS_BUG_TWEAKS	((TLS_BUG_TWEAK_A TLS_BUG_TWEAK_B)+1)
+#define DEF_TLS_BUG_TWEAKS	TLS_BUG_TWEAKS
 extern char *var_tls_bug_tweaks;
 
  /*

CVS commit: src/external/ibm-public/postfix/dist

2010-11-27 Thread Matthias Scheler 
Module Name:src
Committed By:   tron
Date:   Sat Nov 27 10:41:18 UTC 2010

Modified Files:
src/external/ibm-public/postfix/dist/html: postconf.5.html
src/external/ibm-public/postfix/dist/man/man5: postconf.5
src/external/ibm-public/postfix/dist/proto: postconf.proto
src/external/ibm-public/postfix/dist/src/global: mail_params.h
src/external/ibm-public/postfix/dist/src/smtpd: smtpd.c

Log Message:
Resolve conflicts from last import.


To generate a diff of this commit:
cvs rdiff -u -r1.5 -r1.6 \
src/external/ibm-public/postfix/dist/html/postconf.5.html
cvs rdiff -u -r1.5 -r1.6 \
src/external/ibm-public/postfix/dist/man/man5/postconf.5
cvs rdiff -u -r1.5 -r1.6 \
src/external/ibm-public/postfix/dist/proto/postconf.proto
cvs rdiff -u -r1.4 -r1.5 \
src/external/ibm-public/postfix/dist/src/global/mail_params.h
cvs rdiff -u -r1.4 -r1.5 \
src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/ibm-public/postfix/dist/html/postconf.5.html
diff -u src/external/ibm-public/postfix/dist/html/postconf.5.html:1.5 src/external/ibm-public/postfix/dist/html/postconf.5.html:1.6
--- src/external/ibm-public/postfix/dist/html/postconf.5.html:1.5	Thu Jun 17 18:18:14 2010
+++ src/external/ibm-public/postfix/dist/html/postconf.5.html	Sat Nov 27 10:41:16 2010
@@ -9150,6 +9150,10 @@
 but it is best to include all the required certificates directly in
 $smtp_tls_cert_file. 
 
+ Specify "tls_append_default_CA = no" to prevent Postfix from
+appending the system-supplied default CAs and trusting third-party
+certificates. 
+
  Example: 
 
 
@@ -9173,6 +9177,10 @@
  To use this option in chroot mode, this directory (or a copy)
 must be inside the chroot jail. 
 
+ Specify "tls_append_default_CA = no" to prevent Postfix from
+appending the system-supplied default CAs and trusting third-party
+certificates. 
+
  Example: 
 
 
@@ -10824,8 +10832,11 @@
  Permit the request when the remote SMTP client certificate is
 verified successfully.  This option must be used only if a special
 CA issues the certificates and only this CA is listed as trusted
-CA, otherwise all clients with a recognized certificate would be
-allowed to relay. This feature is available with Postfix version 2.2.
+CA. Otherwise, clients with a third-party certificate would also
+be allowed to relay.  Specify "tls_append_default_CA = no" when the
+trusted CA is specified with smtpd_tls_CAfile or smtpd_tls_CApath,
+to prevent Postfix from appending the system-supplied default CAs.
+This feature is available with Postfix version 2.2.
 
 permit_tls_clientcerts
 
@@ -12595,6 +12606,10 @@
 but it is best to include all the required certificates directly in the
 server certificate file. 
 
+ Specify "tls_append_default_CA = no" to prevent Postfix from
+appending the system-supplied default CAs and trusting third-party
+certificates. 
+
  By default (see smtpd_tls_ask_ccert), client certificates are not
 requested, and smtpd_tls_CAfile should remain empty. If you do make use
 of client certificates, the distinguished names (DNs) of the certificate
@@ -12626,6 +12641,10 @@
 smtpd_tls_CApath in chroot mode, this directory (or a copy) must be
 inside the chroot jail. 
 
+ Specify "tls_append_default_CA = no" to prevent Postfix from
+appending the system-supplied default CAs and trusting third-party
+certificates. 
+
  By default (see smtpd_tls_ask_ccert), client certificates are
 not requested, and smtpd_tls_CApath should remain empty. In contrast
 to smtpd_tls_CAfile, DNs of certificate authorities installed
@@ -13739,6 +13758,23 @@
 
 
 
+tls_append_default_CA
+(default: no)
+
+ Append the system-supplied default certificate authority
+certificates to the ones specified with *_tls_CApath or *_tls_CAfile.
+The default is "no"; this prevents Postfix from trusting third-party
+certificates and giving them relay permission with
+permit_tls_all_clientcerts.  
+
+ This feature is available in Postfix 2.4.15, 2.5.11, 2.6.8,
+2.7.2 and later versions. Specify "tls_append_default_CA = yes" for
+backwards compatibility, to avoid breaking certificate verification
+with sites that don't use permit_tls_all_clientcerts. 
+
+
+
+
 tls_daemon_random_bytes
 (default: 32)
 

Index: src/external/ibm-public/postfix/dist/man/man5/postconf.5
diff -u src/external/ibm-public/postfix/dist/man/man5/postconf.5:1.5 src/external/ibm-public/postfix/dist/man/man5/postconf.5:1.6
--- src/external/ibm-public/postfix/dist/man/man5/postconf.5:1.5	Thu Jun 17 18:18:15 2010
+++ src/external/ibm-public/postfix/dist/man/man5/postconf.5	Sat Nov 27 10:41:17 2010
@@ -1,4 +1,4 @@
-.\"	$NetBSD: postconf.5,v 1.5 2010/06/17 18:18:15 tron Exp $
+.\"	$NetBSD: postconf.5,v 1.6 2010/11/27 10:41:17 tron Exp $
 .\"
 .TH POSTCONF 5 
 .SH NAME
@@ -5241,6 +5241,10 @@
 but it is best to include all the required certificate

CVS commit: src/external/ibm-public/postfix/dist/src/smtp

2010-06-10 Thread Jeff Rizzo 
Module Name:src
Committed By:   riz
Date:   Thu Jun 10 17:06:01 UTC 2010

Modified Files:
src/external/ibm-public/postfix/dist/src/smtp: smtp.c

Log Message:
Wrap a call to tls_level_lookup() in #if USE_TLS to allow
postfix to build with MKCRYPTO=no.

OK tron@


To generate a diff of this commit:
cvs rdiff -u -r1.1.1.1 -r1.2 \
src/external/ibm-public/postfix/dist/src/smtp/smtp.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/ibm-public/postfix/dist/src/smtp/smtp.c
diff -u src/external/ibm-public/postfix/dist/src/smtp/smtp.c:1.1.1.1 src/external/ibm-public/postfix/dist/src/smtp/smtp.c:1.2
--- src/external/ibm-public/postfix/dist/src/smtp/smtp.c:1.1.1.1	Tue Jun 23 10:08:54 2009
+++ src/external/ibm-public/postfix/dist/src/smtp/smtp.c	Thu Jun 10 17:06:01 2010
@@ -1,4 +1,4 @@
-/*	$NetBSD: smtp.c,v 1.1.1.1 2009/06/23 10:08:54 tron Exp $	*/
+/*	$NetBSD: smtp.c,v 1.2 2010/06/10 17:06:01 riz Exp $	*/
 
 /*++
 /* NAME
@@ -950,6 +950,7 @@
 #endif
 
 if (*var_smtp_tls_level != 0)
+#ifdef USE_TLS
 	switch (tls_level_lookup(var_smtp_tls_level)) {
 	case TLS_LEV_SECURE:
 	case TLS_LEV_VERIFY:
@@ -969,6 +970,7 @@
 	/* session_tls_init() assumes that var_smtp_tls_level is sane. */
 	msg_fatal("Invalid TLS level \"%s\"", var_smtp_tls_level);
 	}
+#endif
 use_tls = (var_smtp_use_tls || var_smtp_enforce_tls);
 
 /*

CVS commit: src/external/ibm-public/postfix/dist

2010-04-17 Thread Matthias Scheler 
Module Name:src
Committed By:   tron
Date:   Sat Apr 17 10:29:18 UTC 2010

Modified Files:
src/external/ibm-public/postfix/dist/html: postconf.5.html
src/external/ibm-public/postfix/dist/man/man5: postconf.5
src/external/ibm-public/postfix/dist/proto: postconf.proto
src/external/ibm-public/postfix/dist/src/global: mail_params.h
src/external/ibm-public/postfix/dist/src/smtpd: smtpd.c

Log Message:
Resolve conflicts caused by import of Postfix 2.6.6.


To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 \
src/external/ibm-public/postfix/dist/html/postconf.5.html
cvs rdiff -u -r1.3 -r1.4 \
src/external/ibm-public/postfix/dist/man/man5/postconf.5
cvs rdiff -u -r1.3 -r1.4 \
src/external/ibm-public/postfix/dist/proto/postconf.proto
cvs rdiff -u -r1.2 -r1.3 \
src/external/ibm-public/postfix/dist/src/global/mail_params.h
cvs rdiff -u -r1.2 -r1.3 \
src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/ibm-public/postfix/dist/html/postconf.5.html
diff -u src/external/ibm-public/postfix/dist/html/postconf.5.html:1.3 src/external/ibm-public/postfix/dist/html/postconf.5.html:1.4
--- src/external/ibm-public/postfix/dist/html/postconf.5.html:1.3	Mon Aug 31 17:57:09 2009
+++ src/external/ibm-public/postfix/dist/html/postconf.5.html	Sat Apr 17 10:29:17 2010
@@ -256,9 +256,11 @@
 of an address verification request in progress.
 
 
-
-The default poll count is 3.
-
+ By default, the Postfix SMTP server polls the verify(8) service
+up to three times under non-overload conditions, and only once when
+under overload.  With Postfix version 2.5 and earlier, the SMTP
+server always polls the verify(8) service up to three times by
+default.  
 
 
 Specify 1 to implement a crude form of greylisting, that is, always

Index: src/external/ibm-public/postfix/dist/man/man5/postconf.5
diff -u src/external/ibm-public/postfix/dist/man/man5/postconf.5:1.3 src/external/ibm-public/postfix/dist/man/man5/postconf.5:1.4
--- src/external/ibm-public/postfix/dist/man/man5/postconf.5:1.3	Mon Aug 31 17:57:09 2009
+++ src/external/ibm-public/postfix/dist/man/man5/postconf.5	Sat Apr 17 10:29:18 2010
@@ -1,4 +1,4 @@
-.\"	$NetBSD: postconf.5,v 1.3 2009/08/31 17:57:09 tron Exp $
+.\"	$NetBSD: postconf.5,v 1.4 2010/04/17 10:29:18 tron Exp $
 .\"
 .TH POSTCONF 5 
 .SH NAME
@@ -144,7 +144,11 @@
 How many times to query the \fBverify\fR(8) service for the completion
 of an address verification request in progress.
 .PP
-The default poll count is 3.
+By default, the Postfix SMTP server polls the \fBverify\fR(8) service
+up to three times under non-overload conditions, and only once when
+under overload.  With Postfix version 2.5 and earlier, the SMTP
+server always polls the \fBverify\fR(8) service up to three times by
+default.
 .PP
 Specify 1 to implement a crude form of greylisting, that is, always
 defer the first delivery request for a never seen before address.

Index: src/external/ibm-public/postfix/dist/proto/postconf.proto
diff -u src/external/ibm-public/postfix/dist/proto/postconf.proto:1.3 src/external/ibm-public/postfix/dist/proto/postconf.proto:1.4
--- src/external/ibm-public/postfix/dist/proto/postconf.proto:1.3	Mon Aug 31 17:57:09 2009
+++ src/external/ibm-public/postfix/dist/proto/postconf.proto	Sat Apr 17 10:29:18 2010
@@ -287,9 +287,11 @@
 of an address verification request in progress.
 
 
-
-The default poll count is 3.
-
+ By default, the Postfix SMTP server polls the verify(8) service
+up to three times under non-overload conditions, and only once when
+under overload.  With Postfix version 2.5 and earlier, the SMTP
+server always polls the verify(8) service up to three times by
+default.  
 
 
 Specify 1 to implement a crude form of greylisting, that is, always

Index: src/external/ibm-public/postfix/dist/src/global/mail_params.h
diff -u src/external/ibm-public/postfix/dist/src/global/mail_params.h:1.2 src/external/ibm-public/postfix/dist/src/global/mail_params.h:1.3
--- src/external/ibm-public/postfix/dist/src/global/mail_params.h:1.2	Tue Jun 23 11:41:06 2009
+++ src/external/ibm-public/postfix/dist/src/global/mail_params.h	Sat Apr 17 10:29:18 2010
@@ -1,4 +1,4 @@
-/*	$NetBSD: mail_params.h,v 1.2 2009/06/23 11:41:06 tron Exp $	*/
+/*	$NetBSD: mail_params.h,v 1.3 2010/04/17 10:29:18 tron Exp $	*/
 
 #ifndef _MAIL_PARAMS_H_INCLUDED_
 #define _MAIL_PARAMS_H_INCLUDED_
@@ -2554,7 +2554,7 @@
 extern char *var_verify_sender;
 
 #define VAR_VERIFY_POLL_COUNT		"address_verify_poll_count"
-#define DEF_VERIFY_POLL_COUNT		3
+#define DEF_VERIFY_POLL_COUNT		"${stress?1}${stress:3}"
 extern int var_verify_poll_count;
 
 #define VAR_VERIFY_POLL_DELAY		"address_verify_poll_delay"

Index: src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c
diff -u src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c:1.2 src/external/ibm-pub

CVS commit: src/external/ibm-public/postfix/dist/src/util

2010-02-23 Thread John Nemeth 
Module Name:src
Committed By:   jnemeth
Date:   Tue Feb 23 16:41:01 UTC 2010

Modified Files:
src/external/ibm-public/postfix/dist/src/util: inet_addr_local.c

Log Message:
PR/42874 - Henning Petersen -- misplaced }


To generate a diff of this commit:
cvs rdiff -u -r1.1.1.1 -r1.2 \
src/external/ibm-public/postfix/dist/src/util/inet_addr_local.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/ibm-public/postfix/dist/src/util/inet_addr_local.c
diff -u src/external/ibm-public/postfix/dist/src/util/inet_addr_local.c:1.1.1.1 src/external/ibm-public/postfix/dist/src/util/inet_addr_local.c:1.2
--- src/external/ibm-public/postfix/dist/src/util/inet_addr_local.c:1.1.1.1	Tue Jun 23 10:09:00 2009
+++ src/external/ibm-public/postfix/dist/src/util/inet_addr_local.c	Tue Feb 23 16:41:01 2010
@@ -1,4 +1,4 @@
-/*	$NetBSD: inet_addr_local.c,v 1.1.1.1 2009/06/23 10:09:00 tron Exp $	*/
+/*	$NetBSD: inet_addr_local.c,v 1.2 2010/02/23 16:41:01 jnemeth Exp $	*/
 
 /*++
 /* NAME
@@ -288,8 +288,9 @@
 		lifr = NEXT_INTERFACE(lifr);
 		continue;
 	}
+	}
 #ifdef HAS_IPV6
-	} else if (af == AF_INET6) {
+	else if (af == AF_INET6) {
 	if (IN6_IS_ADDR_UNSPECIFIED(&SOCK_ADDR_IN6_ADDR(sa))) {
 		lifr = NEXT_INTERFACE(lifr);
 		continue;

CVS commit: src/external/ibm-public/postfix/dist

2009-08-31 Thread Matthias Scheler 
Module Name:src
Committed By:   tron
Date:   Mon Aug 31 17:57:09 UTC 2009

Modified Files:
src/external/ibm-public/postfix/dist/html: postconf.5.html
src/external/ibm-public/postfix/dist/man/man5: postconf.5
src/external/ibm-public/postfix/dist/proto: postconf.proto

Log Message:
Resolve conflicts from last import.


To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 \
src/external/ibm-public/postfix/dist/html/postconf.5.html
cvs rdiff -u -r1.2 -r1.3 \
src/external/ibm-public/postfix/dist/man/man5/postconf.5
cvs rdiff -u -r1.2 -r1.3 \
src/external/ibm-public/postfix/dist/proto/postconf.proto

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/ibm-public/postfix/dist/html/postconf.5.html
diff -u src/external/ibm-public/postfix/dist/html/postconf.5.html:1.2 src/external/ibm-public/postfix/dist/html/postconf.5.html:1.3
--- src/external/ibm-public/postfix/dist/html/postconf.5.html:1.2	Tue Jun 23 11:41:06 2009
+++ src/external/ibm-public/postfix/dist/html/postconf.5.html	Mon Aug 31 17:57:09 2009
@@ -10657,11 +10657,15 @@
 commands ahead of time without knowing that Postfix actually supports
 ESMTP command pipelining. This stops mail from bulk mail software
 that improperly uses ESMTP command pipelining in order to speed up
-deliveries.  Note: reject_unauth_pipelining is not useful
-outside smtpd_data_restrictions when 1) the client uses ESMTP (EHLO
-instead of HELO) and 2) with "smtpd_delay_reject = yes" (the
-default).  The use of reject_unauth_pipelining in the other
-restriction contexts is therefore not recommended.  
+deliveries.
+ With Postfix 2.6 and later, the SMTP server sets a per-session
+flag whenever it detects illegal pipelining, including pipelined
+EHLO or HELO commands. The reject_unauth_pipelining feature simply
+tests whether the flag was set at any point in time during the
+session.
+ With older Postfix versions, reject_unauth_pipelining checks
+the current status of the input read queue, and its usage is not
+recommended in contexts other than smtpd_data_restrictions.  
 
 reject
 

Index: src/external/ibm-public/postfix/dist/man/man5/postconf.5
diff -u src/external/ibm-public/postfix/dist/man/man5/postconf.5:1.2 src/external/ibm-public/postfix/dist/man/man5/postconf.5:1.3
--- src/external/ibm-public/postfix/dist/man/man5/postconf.5:1.2	Tue Jun 23 11:41:06 2009
+++ src/external/ibm-public/postfix/dist/man/man5/postconf.5	Mon Aug 31 17:57:09 2009
@@ -1,4 +1,4 @@
-.\"	$NetBSD: postconf.5,v 1.2 2009/06/23 11:41:06 tron Exp $
+.\"	$NetBSD: postconf.5,v 1.3 2009/08/31 17:57:09 tron Exp $
 .\"
 .TH POSTCONF 5 
 .SH NAME
@@ -6521,11 +6521,15 @@
 that improperly uses ESMTP command pipelining in order to speed up
 deliveries.
 .br
-Note: reject_unauth_pipelining is not useful
-outside smtpd_data_restrictions when 1) the client uses ESMTP (EHLO
-instead of HELO) and 2) with "smtpd_delay_reject = yes" (the
-default).  The use of reject_unauth_pipelining in the other
-restriction contexts is therefore not recommended.
+With Postfix 2.6 and later, the SMTP server sets a per-session
+flag whenever it detects illegal pipelining, including pipelined
+EHLO or HELO commands. The reject_unauth_pipelining feature simply
+tests whether the flag was set at any point in time during the
+session.
+.br
+With older Postfix versions, reject_unauth_pipelining checks
+the current status of the input read queue, and its usage is not
+recommended in contexts other than smtpd_data_restrictions.
 .IP "\fBreject\fR"
 Reject the request. This restriction is useful at the end of
 a restriction list, to make the default policy explicit.  The

Index: src/external/ibm-public/postfix/dist/proto/postconf.proto
diff -u src/external/ibm-public/postfix/dist/proto/postconf.proto:1.2 src/external/ibm-public/postfix/dist/proto/postconf.proto:1.3
--- src/external/ibm-public/postfix/dist/proto/postconf.proto:1.2	Tue Jun 23 11:41:06 2009
+++ src/external/ibm-public/postfix/dist/proto/postconf.proto	Mon Aug 31 17:57:09 2009
@@ -4939,11 +4939,15 @@
 commands ahead of time without knowing that Postfix actually supports
 ESMTP command pipelining. This stops mail from bulk mail software
 that improperly uses ESMTP command pipelining in order to speed up
-deliveries.  Note: reject_unauth_pipelining is not useful
-outside smtpd_data_restrictions when 1) the client uses ESMTP (EHLO
-instead of HELO) and 2) with "smtpd_delay_reject = yes" (the
-default).  The use of reject_unauth_pipelining in the other
-restriction contexts is therefore not recommended.  
+deliveries.
+ With Postfix 2.6 and later, the SMTP server sets a per-session
+flag whenever it detects illegal pipelining, including pipelined
+EHLO or HELO commands. The reject_unauth_pipelining feature simply
+tests whether the flag was set at any point in time during the
+session.   
+ With older Postfix versions, reject_unauth_pipelining c

CVS commit: src/external/ibm-public/postfix/dist/src/tls

2009-07-20 Thread Christos Zoulas 
Module Name:src
Committed By:   christos
Date:   Mon Jul 20 17:17:56 UTC 2009

Modified Files:
src/external/ibm-public/postfix/dist/src/tls: tls_client.c tls_server.c

Log Message:
constify ciphers per new openssl


To generate a diff of this commit:
cvs rdiff -u -r1.1.1.1 -r1.2 \
src/external/ibm-public/postfix/dist/src/tls/tls_client.c \
src/external/ibm-public/postfix/dist/src/tls/tls_server.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/ibm-public/postfix/dist/src/tls/tls_client.c
diff -u src/external/ibm-public/postfix/dist/src/tls/tls_client.c:1.1.1.1 src/external/ibm-public/postfix/dist/src/tls/tls_client.c:1.2
--- src/external/ibm-public/postfix/dist/src/tls/tls_client.c:1.1.1.1	Tue Jun 23 06:08:57 2009
+++ src/external/ibm-public/postfix/dist/src/tls/tls_client.c	Mon Jul 20 13:17:56 2009
@@ -1,4 +1,4 @@
-/*	$NetBSD: tls_client.c,v 1.1.1.1 2009/06/23 10:08:57 tron Exp $	*/
+/*	$NetBSD: tls_client.c,v 1.2 2009/07/20 17:17:56 christos Exp $	*/
 
 /*++
 /* NAME
@@ -727,7 +727,7 @@
 int protomask;
 const char *cipher_list;
 SSL_SESSION *session;
-SSL_CIPHER *cipher;
+const SSL_CIPHER *cipher;
 X509   *peercert;
 TLS_SESS_STATE *TLScontext;
 TLS_APPL_STATE *app_ctx = props->ctx;
Index: src/external/ibm-public/postfix/dist/src/tls/tls_server.c
diff -u src/external/ibm-public/postfix/dist/src/tls/tls_server.c:1.1.1.1 src/external/ibm-public/postfix/dist/src/tls/tls_server.c:1.2
--- src/external/ibm-public/postfix/dist/src/tls/tls_server.c:1.1.1.1	Tue Jun 23 06:08:57 2009
+++ src/external/ibm-public/postfix/dist/src/tls/tls_server.c	Mon Jul 20 13:17:56 2009
@@ -1,4 +1,4 @@
-/*	$NetBSD: tls_server.c,v 1.1.1.1 2009/06/23 10:08:57 tron Exp $	*/
+/*	$NetBSD: tls_server.c,v 1.2 2009/07/20 17:17:56 christos Exp $	*/
 
 /*++
 /* NAME
@@ -556,7 +556,7 @@
 {
 int sts;
 TLS_SESS_STATE *TLScontext;
-SSL_CIPHER *cipher;
+const SSL_CIPHER *cipher;
 X509   *peer;
 charbuf[CCERT_BUFSIZ];
 const char *cipher_list;

CVS commit: src/external/ibm-public/postfix/dist

2009-06-23 Thread Matthias Scheler 
Module Name:src
Committed By:   tron
Date:   Tue Jun 23 11:41:07 UTC 2009

Modified Files:
src/external/ibm-public/postfix/dist: postfix-install
src/external/ibm-public/postfix/dist/README_FILES:
ADDRESS_VERIFICATION_README INSTALL TLS_README
src/external/ibm-public/postfix/dist/conf: main.cf master.cf
postfix-files
src/external/ibm-public/postfix/dist/html:
ADDRESS_VERIFICATION_README.html INSTALL.html TLS_README.html
postconf.5.html
src/external/ibm-public/postfix/dist/man/man5: postconf.5
src/external/ibm-public/postfix/dist/proto:
ADDRESS_VERIFICATION_README.html INSTALL.html TLS_README.html
postconf.proto
src/external/ibm-public/postfix/dist/src/cleanup: cleanup.c cleanup.h
cleanup_envelope.c cleanup_init.c
src/external/ibm-public/postfix/dist/src/global: mail_params.h
src/external/ibm-public/postfix/dist/src/smtpd: smtpd.c
src/external/ibm-public/postfix/dist/src/util: unix_recv_fd.c
unix_send_fd.c

Log Message:
(Re-)apply NetBSD specific patches.


To generate a diff of this commit:
cvs rdiff -u -r1.1.1.1 -r1.2 \
src/external/ibm-public/postfix/dist/postfix-install
cvs rdiff -u -r1.1.1.1 -r1.2 \

src/external/ibm-public/postfix/dist/README_FILES/ADDRESS_VERIFICATION_README \
src/external/ibm-public/postfix/dist/README_FILES/INSTALL \
src/external/ibm-public/postfix/dist/README_FILES/TLS_README
cvs rdiff -u -r1.1.1.1 -r1.2 \
src/external/ibm-public/postfix/dist/conf/main.cf \
src/external/ibm-public/postfix/dist/conf/master.cf \
src/external/ibm-public/postfix/dist/conf/postfix-files
cvs rdiff -u -r1.1.1.1 -r1.2 \
src/external/ibm-public/postfix/dist/html/ADDRESS_VERIFICATION_README.html \
src/external/ibm-public/postfix/dist/html/INSTALL.html \
src/external/ibm-public/postfix/dist/html/TLS_README.html \
src/external/ibm-public/postfix/dist/html/postconf.5.html
cvs rdiff -u -r1.1.1.1 -r1.2 \
src/external/ibm-public/postfix/dist/man/man5/postconf.5
cvs rdiff -u -r1.1.1.1 -r1.2 \
src/external/ibm-public/postfix/dist/proto/ADDRESS_VERIFICATION_README.html 
\
src/external/ibm-public/postfix/dist/proto/INSTALL.html \
src/external/ibm-public/postfix/dist/proto/TLS_README.html \
src/external/ibm-public/postfix/dist/proto/postconf.proto
cvs rdiff -u -r1.1.1.1 -r1.2 \
src/external/ibm-public/postfix/dist/src/cleanup/cleanup.c \
src/external/ibm-public/postfix/dist/src/cleanup/cleanup.h \
src/external/ibm-public/postfix/dist/src/cleanup/cleanup_envelope.c \
src/external/ibm-public/postfix/dist/src/cleanup/cleanup_init.c
cvs rdiff -u -r1.1.1.1 -r1.2 \
src/external/ibm-public/postfix/dist/src/global/mail_params.h
cvs rdiff -u -r1.1.1.1 -r1.2 \
src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c
cvs rdiff -u -r1.1.1.1 -r1.2 \
src/external/ibm-public/postfix/dist/src/util/unix_recv_fd.c \
src/external/ibm-public/postfix/dist/src/util/unix_send_fd.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/ibm-public/postfix/dist/postfix-install
diff -u src/external/ibm-public/postfix/dist/postfix-install:1.1.1.1 src/external/ibm-public/postfix/dist/postfix-install:1.2
--- src/external/ibm-public/postfix/dist/postfix-install:1.1.1.1	Tue Jun 23 10:08:18 2009
+++ src/external/ibm-public/postfix/dist/postfix-install	Tue Jun 23 11:41:05 2009
@@ -91,7 +91,7 @@
 # .IP data_directory
 #	The final destination directory for Postfix-writable data files such
 #	as caches. This directory should not be shared with non-Postfix
-#	software. The built-in default directory name is /var/lib/postfix.
+#	software. The built-in default directory name is /var/db/postfix.
 #	This parameter setting is recorded in the installed main.cf file.
 # .IP daemon_directory
 #	The final destination directory for Postfix daemon programs. This

Index: src/external/ibm-public/postfix/dist/README_FILES/ADDRESS_VERIFICATION_README
diff -u src/external/ibm-public/postfix/dist/README_FILES/ADDRESS_VERIFICATION_README:1.1.1.1 src/external/ibm-public/postfix/dist/README_FILES/ADDRESS_VERIFICATION_README:1.2
--- src/external/ibm-public/postfix/dist/README_FILES/ADDRESS_VERIFICATION_README:1.1.1.1	Tue Jun 23 10:08:19 2009
+++ src/external/ibm-public/postfix/dist/README_FILES/ADDRESS_VERIFICATION_README	Tue Jun 23 11:41:05 2009
@@ -179,7 +179,7 @@
 
 # Note 1: Be sure to read the "Caching" section below!
 # Note 2: Avoid hash files here. Use btree instead.
-address_verify_map = btree:/var/lib/postfix/verify
+address_verify_map = btree:/var/db/postfix/verify
 
 /etc/postfix/sender_access:
 aol.com reject_unverified_sender
@@ -218,7 +218,7 @@
 
 # Note 1: Be sure to read the "Caching" section below!
 # Note 2: Avoid hash files