CVS commit: src/external/ibm-public/postfix/dist/src/xsasl
Module Name:src Committed By: joerg Date: Fri Feb 5 21:45:24 UTC 2021 Modified Files: src/external/ibm-public/postfix/dist/src/xsasl: xsasl_saslc_client.c Log Message: Pass strings to %s arguments, not void *. To generate a diff of this commit: cvs rdiff -u -r1.1 -r1.2 \ src/external/ibm-public/postfix/dist/src/xsasl/xsasl_saslc_client.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/ibm-public/postfix/dist/src/xsasl/xsasl_saslc_client.c diff -u src/external/ibm-public/postfix/dist/src/xsasl/xsasl_saslc_client.c:1.1 src/external/ibm-public/postfix/dist/src/xsasl/xsasl_saslc_client.c:1.2 --- src/external/ibm-public/postfix/dist/src/xsasl/xsasl_saslc_client.c:1.1 Sat Feb 12 19:07:09 2011 +++ src/external/ibm-public/postfix/dist/src/xsasl/xsasl_saslc_client.c Fri Feb 5 21:45:24 2021 @@ -1,4 +1,4 @@ -/* $NetBSD: xsasl_saslc_client.c,v 1.1 2011/02/12 19:07:09 christos Exp $ */ +/* $NetBSD: xsasl_saslc_client.c,v 1.2 2021/02/05 21:45:24 joerg Exp $ */ /*++ /* NAME @@ -167,8 +167,10 @@ xsasl_saslc_client_first( return XSASL_AUTH_FAIL; } vstring_strcpy(init_resp, outlen ? out : ""); - if (msg_verbose) - msg_info("%s: client_reply='%s'", __func__, outlen ? out : ""); + if (msg_verbose) { + msg_info("%s: client_reply='%s'", __func__, + outlen ? (const char *)out : ""); + } if (outlen > 0) memset(out, 0, outlen); /* XXX: silly? */ @@ -201,9 +203,10 @@ xsasl_saslc_client_next(XSASL_CLIENT *xp return XSASL_AUTH_FAIL; } vstring_strcpy(client_reply, outlen ? out : ""); - if (msg_verbose) + if (msg_verbose) { msg_info("%s: client_reply='%s'", __func__, - outlen ? out : ""); + outlen ? (const char *) out : ""); + } if (outlen > 0) memset(out, 0, outlen); /* XXX: silly? */
CVS commit: src/external/ibm-public/postfix/dist/src/smtpd
Module Name:src Committed By: christos Date: Fri Sep 25 12:52:13 UTC 2020 Modified Files: src/external/ibm-public/postfix/dist/src/smtpd: smtpd.c Log Message: Notify blacklistd about smtp auth failures (Jeff Rizzo) To generate a diff of this commit: cvs rdiff -u -r1.17 -r1.18 \ src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c diff -u src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c:1.17 src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c:1.18 --- src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c:1.17 Wed Mar 18 15:05:20 2020 +++ src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c Fri Sep 25 08:52:12 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: smtpd.c,v 1.17 2020/03/18 19:05:20 christos Exp $ */ +/* $NetBSD: smtpd.c,v 1.18 2020/09/25 12:52:12 christos Exp $ */ /*++ /* NAME @@ -5795,6 +5795,8 @@ static void smtpd_proto(SMTPD_STATE *sta || strcmp(state->reason, REASON_LOST_CONNECTION)) { msg_info("%s after %s from %s", state->reason, state->where, state->namaddr); + if (strcmp(state->where, SMTPD_CMD_AUTH) == 0) + pfilter_notify(1, vstream_fileno(state->client)); } }
CVS commit: src/external/ibm-public/postfix/dist
Module Name:src Committed By: christos Date: Mon May 25 23:47:14 UTC 2020 Modified Files: src/external/ibm-public/postfix/dist: makedefs src/external/ibm-public/postfix/dist/html: postconf.5.html src/external/ibm-public/postfix/dist/man/man1: postfix.1 src/external/ibm-public/postfix/dist/man/man5: postconf.5 src/external/ibm-public/postfix/dist/proto: postconf.proto src/external/ibm-public/postfix/dist/src/dns: dns.h dns_lookup.c src/external/ibm-public/postfix/dist/src/global: mail_params.c mail_params.h mail_version.h src/external/ibm-public/postfix/dist/src/milter: milter.c src/external/ibm-public/postfix/dist/src/postfix: postfix.c src/external/ibm-public/postfix/dist/src/smtpd: smtpd_check.c src/external/ibm-public/postfix/dist/src/tls: tls_session.c src/external/ibm-public/postfix/dist/src/tlsproxy: tlsproxy.c src/external/ibm-public/postfix/dist/src/util: midna_domain.c midna_domain.h Log Message: merge conflicts To generate a diff of this commit: cvs rdiff -u -r1.13 -r1.14 src/external/ibm-public/postfix/dist/makedefs cvs rdiff -u -r1.16 -r1.17 \ src/external/ibm-public/postfix/dist/html/postconf.5.html cvs rdiff -u -r1.3 -r1.4 \ src/external/ibm-public/postfix/dist/man/man1/postfix.1 cvs rdiff -u -r1.16 -r1.17 \ src/external/ibm-public/postfix/dist/man/man5/postconf.5 cvs rdiff -u -r1.16 -r1.17 \ src/external/ibm-public/postfix/dist/proto/postconf.proto cvs rdiff -u -r1.3 -r1.4 src/external/ibm-public/postfix/dist/src/dns/dns.h cvs rdiff -u -r1.5 -r1.6 \ src/external/ibm-public/postfix/dist/src/dns/dns_lookup.c cvs rdiff -u -r1.3 -r1.4 \ src/external/ibm-public/postfix/dist/src/global/mail_params.c \ src/external/ibm-public/postfix/dist/src/global/mail_version.h cvs rdiff -u -r1.16 -r1.17 \ src/external/ibm-public/postfix/dist/src/global/mail_params.h cvs rdiff -u -r1.3 -r1.4 \ src/external/ibm-public/postfix/dist/src/milter/milter.c cvs rdiff -u -r1.3 -r1.4 \ src/external/ibm-public/postfix/dist/src/postfix/postfix.c cvs rdiff -u -r1.3 -r1.4 \ src/external/ibm-public/postfix/dist/src/smtpd/smtpd_check.c cvs rdiff -u -r1.2 -r1.3 \ src/external/ibm-public/postfix/dist/src/tls/tls_session.c cvs rdiff -u -r1.3 -r1.4 \ src/external/ibm-public/postfix/dist/src/tlsproxy/tlsproxy.c cvs rdiff -u -r1.3 -r1.4 \ src/external/ibm-public/postfix/dist/src/util/midna_domain.c \ src/external/ibm-public/postfix/dist/src/util/midna_domain.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/ibm-public/postfix/dist/makedefs diff -u src/external/ibm-public/postfix/dist/makedefs:1.13 src/external/ibm-public/postfix/dist/makedefs:1.14 --- src/external/ibm-public/postfix/dist/makedefs:1.13 Wed Mar 18 15:05:13 2020 +++ src/external/ibm-public/postfix/dist/makedefs Mon May 25 19:47:13 2020 @@ -228,6 +228,19 @@ case $# in *) echo usage: $0 [system release] 1>&2; exit 1;; esac +case "$SYSTEM" in + Linux) +case "`PATH=/bin:/usr/bin ldd /bin/sh`" in + *-musl-*) + case "$CCARGS" in + *-DNO_DNSSEC*) ;; + *) echo Warning: libc-musl breaks DANE/TLSA security. 1>&2 + echo This build will not support DANE/TLSA. 1>&2 + CCARGS="$CCARGS -DNO_DNSSEC";; + esac;; +esac;; +esac + case "$SYSTEM.$RELEASE" in SCO_SV.3.2) SYSTYPE=SCO5 # Use the native compiler by default @@ -1136,7 +1149,7 @@ esac : ${CC=gcc} ${OPT='-O'} ${DEBUG='-g'} ${AWK=awk} \ ${WARN='-Wall -Wno-comment -Wformat -Wimplicit -Wmissing-prototypes \ -Wparentheses -Wstrict-prototypes -Wswitch -Wuninitialized \ - -Wunused -Wno-missing-braces'} + -Wunused -Wno-missing-braces -fcommon'} # Extract map type names from -DHAS_XXX compiler options. We avoid # problems with tr(1) range syntax by using enumerations instead, Index: src/external/ibm-public/postfix/dist/html/postconf.5.html diff -u src/external/ibm-public/postfix/dist/html/postconf.5.html:1.16 src/external/ibm-public/postfix/dist/html/postconf.5.html:1.17 --- src/external/ibm-public/postfix/dist/html/postconf.5.html:1.16 Wed Mar 18 15:05:14 2020 +++ src/external/ibm-public/postfix/dist/html/postconf.5.html Mon May 25 19:47:13 2020 @@ -6329,7 +6329,7 @@ whitespace. maillog_file_rotate_suffix -(default: %Y%M%d-%H%M%S) +(default: %Y%m%d-%H%M%S) The format of the suffix to append to $maillog_file while rotating the file with "postfix logrotate". See strftime(3) for syntax. The Index: src/external/ibm-public/postfix/dist/man/man1/postfix.1 diff -u src/external/ibm-public/postfix/dist/man/man1/postfix.1:1.3 src/external/ibm-public/postfix/dist/man/man1/postfix.1:1.4 --- src/external/ibm-public/postfix/dist/man/man1/postfix.1:1.3 Wed Mar 18 15:05:14 2020 +++ src/external/ibm-public/postfix/dist/man/man1/postfix.1 Mon May 25 19:47:13 2020 @@ -1,4 +1,4 @@ -.\" $NetBSD: post
CVS commit: src/external/ibm-public/postfix/dist/src/smtpd
Module Name:src Committed By: christos Date: Thu Feb 1 03:32:00 UTC 2018 Modified Files: src/external/ibm-public/postfix/dist/src/smtpd: smtpd.c Log Message: give one more reply to the client before we potentially block it. To generate a diff of this commit: cvs rdiff -u -r1.15 -r1.16 \ src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c diff -u src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c:1.15 src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c:1.16 --- src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c:1.15 Wed Jan 31 22:29:41 2018 +++ src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c Wed Jan 31 22:32:00 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: smtpd.c,v 1.15 2018/02/01 03:29:41 christos Exp $ */ +/* $NetBSD: smtpd.c,v 1.16 2018/02/01 03:32:00 christos Exp $ */ /*++ /* NAME @@ -5050,9 +5050,9 @@ static void smtpd_proto(SMTPD_STATE *sta if (state->error_count >= var_smtpd_hard_erlim) { state->reason = REASON_ERROR_LIMIT; state->error_mask |= MAIL_ERROR_PROTOCOL; - pfilter_notify(1, vstream_fileno(state->client)); smtpd_chat_reply(state, "421 4.7.0 %s Error: too many errors", var_myhostname); + pfilter_notify(1, vstream_fileno(state->client)); break; } watchdog_pat();
CVS commit: src/external/ibm-public/postfix/dist/conf
Module Name:src Committed By: pgoyette Date: Tue Feb 21 01:13:21 UTC 2017 Modified Files: src/external/ibm-public/postfix/dist/conf: main.cf Log Message: Set the smtputf8_enable switch to "no" for now, since we are build without EAI support. To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.7 src/external/ibm-public/postfix/dist/conf/main.cf Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/ibm-public/postfix/dist/conf/main.cf diff -u src/external/ibm-public/postfix/dist/conf/main.cf:1.6 src/external/ibm-public/postfix/dist/conf/main.cf:1.7 --- src/external/ibm-public/postfix/dist/conf/main.cf:1.6 Tue Feb 14 01:16:43 2017 +++ src/external/ibm-public/postfix/dist/conf/main.cf Tue Feb 21 01:13:21 2017 @@ -1,4 +1,4 @@ -# $NetBSD: main.cf,v 1.6 2017/02/14 01:16:43 christos Exp $ +# $NetBSD: main.cf,v 1.7 2017/02/21 01:13:21 pgoyette Exp $ # # Global Postfix configuration file. This file lists only a subset # of all parameters. For the syntax, and for a complete parameter @@ -31,6 +31,9 @@ # compatibility_level = 2 +# On NetBSD we are built without EAI support, so we must disable utf8 +smtputf8_enable=no + # SOFT BOUNCE # # The soft_bounce parameter provides a limited safety net for
CVS commit: src/external/ibm-public/postfix/dist/src/util
Module Name:src Committed By: rin Date: Mon Feb 20 05:43:12 UTC 2017 Modified Files: src/external/ibm-public/postfix/dist/src/util: sys_defs.h Log Message: We have getifaddrs(3) since NetBSD 1.5, regardless of whether IPv6 is supported or not. To generate a diff of this commit: cvs rdiff -u -r1.10 -r1.11 \ src/external/ibm-public/postfix/dist/src/util/sys_defs.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/ibm-public/postfix/dist/src/util/sys_defs.h diff -u src/external/ibm-public/postfix/dist/src/util/sys_defs.h:1.10 src/external/ibm-public/postfix/dist/src/util/sys_defs.h:1.11 --- src/external/ibm-public/postfix/dist/src/util/sys_defs.h:1.10 Mon Feb 20 05:40:03 2017 +++ src/external/ibm-public/postfix/dist/src/util/sys_defs.h Mon Feb 20 05:43:12 2017 @@ -1,4 +1,4 @@ -/* $NetBSD: sys_defs.h,v 1.10 2017/02/20 05:40:03 rin Exp $ */ +/* $NetBSD: sys_defs.h,v 1.11 2017/02/20 05:43:12 rin Exp $ */ #ifndef _SYS_DEFS_H_INCLUDED_ #define _SYS_DEFS_H_INCLUDED_ @@ -185,6 +185,8 @@ || defined(USAGI_LIBINET6) #ifndef NO_IPV6 #define HAS_IPV6 +#endif +#if !defined(NO_IPV6) || defined(__NetBSD__) #define HAVE_GETIFADDRS #endif #endif
CVS commit: src/external/ibm-public/postfix/dist/src/util
Module Name:src Committed By: rin Date: Mon Feb 20 05:40:03 UTC 2017 Modified Files: src/external/ibm-public/postfix/dist/src/util: sys_defs.h Log Message: correct obviously misplaced #endif To generate a diff of this commit: cvs rdiff -u -r1.9 -r1.10 \ src/external/ibm-public/postfix/dist/src/util/sys_defs.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/ibm-public/postfix/dist/src/util/sys_defs.h diff -u src/external/ibm-public/postfix/dist/src/util/sys_defs.h:1.9 src/external/ibm-public/postfix/dist/src/util/sys_defs.h:1.10 --- src/external/ibm-public/postfix/dist/src/util/sys_defs.h:1.9 Tue Feb 14 01:16:49 2017 +++ src/external/ibm-public/postfix/dist/src/util/sys_defs.h Mon Feb 20 05:40:03 2017 @@ -1,4 +1,4 @@ -/* $NetBSD: sys_defs.h,v 1.9 2017/02/14 01:16:49 christos Exp $ */ +/* $NetBSD: sys_defs.h,v 1.10 2017/02/20 05:40:03 rin Exp $ */ #ifndef _SYS_DEFS_H_INCLUDED_ #define _SYS_DEFS_H_INCLUDED_ @@ -187,6 +187,7 @@ #define HAS_IPV6 #define HAVE_GETIFADDRS #endif +#endif #if (defined(__FreeBSD_version) && __FreeBSD_version >= 30) \ || (defined(__NetBSD_Version__) && __NetBSD_Version__ >= 10300) \ @@ -212,8 +213,6 @@ #endif #endif -#endif - /* * UNIX on MAC. */
CVS commit: src/external/ibm-public/postfix/dist/src/global
Module Name:src Committed By: christos Date: Wed Feb 15 16:42:16 UTC 2017 Modified Files: src/external/ibm-public/postfix/dist/src/global: mail_params.h Log Message: set the default meta_directory where we are installing postfix-files. To generate a diff of this commit: cvs rdiff -u -r1.14 -r1.15 \ src/external/ibm-public/postfix/dist/src/global/mail_params.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/ibm-public/postfix/dist/src/global/mail_params.h diff -u src/external/ibm-public/postfix/dist/src/global/mail_params.h:1.14 src/external/ibm-public/postfix/dist/src/global/mail_params.h:1.15 --- src/external/ibm-public/postfix/dist/src/global/mail_params.h:1.14 Mon Feb 13 20:16:45 2017 +++ src/external/ibm-public/postfix/dist/src/global/mail_params.h Wed Feb 15 11:42:16 2017 @@ -1,4 +1,4 @@ -/* $NetBSD: mail_params.h,v 1.14 2017/02/14 01:16:45 christos Exp $ */ +/* $NetBSD: mail_params.h,v 1.15 2017/02/15 16:42:16 christos Exp $ */ #ifndef _MAIL_PARAMS_H_INCLUDED_ #define _MAIL_PARAMS_H_INCLUDED_ @@ -3925,7 +3925,7 @@ extern char *var_shlib_dir; #define VAR_META_DIR "meta_directory" #ifndef DEF_META_DIR -#define DEF_META_DIR DEF_CONFIG_DIR +#define DEF_META_DIR DEF_DAEMON_DIR #endif extern char *var_meta_dir;
CVS commit: src/external/ibm-public/postfix/dist
Module Name:src Committed By: tron Date: Sat Sep 12 08:23:24 UTC 2015 Modified Files: src/external/ibm-public/postfix/dist: makedefs src/external/ibm-public/postfix/dist/README_FILES: TLS_README src/external/ibm-public/postfix/dist/html: TLS_README.html postconf.5.html src/external/ibm-public/postfix/dist/man/man5: postconf.5 src/external/ibm-public/postfix/dist/proto: TLS_README.html postconf.proto src/external/ibm-public/postfix/dist/src/global: mail_params.h src/external/ibm-public/postfix/dist/src/smtp: smtp.c src/external/ibm-public/postfix/dist/src/smtpd: smtpd.c src/external/ibm-public/postfix/dist/src/util: sys_defs.h Log Message: Resolve conflicts from last import To generate a diff of this commit: cvs rdiff -u -r1.10 -r1.11 src/external/ibm-public/postfix/dist/makedefs cvs rdiff -u -r1.9 -r1.10 \ src/external/ibm-public/postfix/dist/README_FILES/TLS_README cvs rdiff -u -r1.10 -r1.11 \ src/external/ibm-public/postfix/dist/html/TLS_README.html cvs rdiff -u -r1.13 -r1.14 \ src/external/ibm-public/postfix/dist/html/postconf.5.html cvs rdiff -u -r1.13 -r1.14 \ src/external/ibm-public/postfix/dist/man/man5/postconf.5 cvs rdiff -u -r1.9 -r1.10 \ src/external/ibm-public/postfix/dist/proto/TLS_README.html cvs rdiff -u -r1.13 -r1.14 \ src/external/ibm-public/postfix/dist/proto/postconf.proto cvs rdiff -u -r1.12 -r1.13 \ src/external/ibm-public/postfix/dist/src/global/mail_params.h cvs rdiff -u -r1.8 -r1.9 src/external/ibm-public/postfix/dist/src/smtp/smtp.c cvs rdiff -u -r1.12 -r1.13 \ src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c cvs rdiff -u -r1.7 -r1.8 \ src/external/ibm-public/postfix/dist/src/util/sys_defs.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/ibm-public/postfix/dist/makedefs diff -u src/external/ibm-public/postfix/dist/makedefs:1.10 src/external/ibm-public/postfix/dist/makedefs:1.11 --- src/external/ibm-public/postfix/dist/makedefs:1.10 Sat Jan 24 18:10:52 2015 +++ src/external/ibm-public/postfix/dist/makedefs Sat Sep 12 08:23:23 2015 @@ -109,6 +109,8 @@ case $# in # Officially supported usage. 0) SYSTEM=`(uname -s) 2>/dev/null` RELEASE=`(uname -r) 2>/dev/null` +# No ${x%%y} support in Solaris 11 /bin/sh +RELEASE_MAJOR=`expr "$RELEASE" : '\([0-9]*\)'` || exit 1 VERSION=`(uname -v) 2>/dev/null` case "$VERSION" in dcosx*) SYSTEM=$VERSION;; @@ -158,6 +160,9 @@ case "$SYSTEM.$RELEASE" in ;; FreeBSD.9*) SYSTYPE=FREEBSD9 ;; + FreeBSD.10*) SYSTYPE=FREEBSD10 + : ${CC=cc} + ;; DragonFly.*) SYSTYPE=DRAGONFLY ;; OpenBSD.2*) SYSTYPE=OPENBSD2 @@ -362,7 +367,7 @@ EOF fi;; esac ;; -Linux.3*) SYSTYPE=LINUX3 + Linux.[34].*) SYSTYPE=LINUX$RELEASE_MAJOR case "$CCARGS" in *-DNO_DB*) ;; *-DHAS_DB*) ;; @@ -470,7 +475,6 @@ ReliantUNIX-?.5.43) SYSTYPE=ReliantUnix5 Darwin.*) SYSTYPE=MACOSX # Use the native compiler by default : ${CC=cc} - CCARGS="$CCARGS \$(WARN)" # Darwin > 1.3 uses awk and flat_namespace case $RELEASE in 1.[0-3]) AWK=gawk;; @@ -624,7 +628,7 @@ esac # een burned once by a compiler that lies about what warnings it # produces, not taking that chance again. -: ${CC='gcc $(WARN)'} ${OPT='-O'} ${DEBUG='-g'} ${AWK=awk} \ +: ${CC=gcc} ${OPT='-O'} ${DEBUG='-g'} ${AWK=awk} \ ${WARN='-Wall -Wno-comment -Wformat -Wimplicit -Wmissing-prototypes \ -Wparentheses -Wstrict-prototypes -Wswitch -Wuninitialized \ -Wunused -Wno-missing-braces'} @@ -647,7 +651,7 @@ AR = $AR ARFL = $ARFL RANLIB = $RANLIB SYSLIBS = $AUXLIBS $SYSLIBS -CC = $CC $CCARGS +CC = $CC $CCARGS \$(WARN) OPT = $OPT DEBUG = $DEBUG AWK = $AWK Index: src/external/ibm-public/postfix/dist/README_FILES/TLS_README diff -u src/external/ibm-public/postfix/dist/README_FILES/TLS_README:1.9 src/external/ibm-public/postfix/dist/README_FILES/TLS_README:1.10 --- src/external/ibm-public/postfix/dist/README_FILES/TLS_README:1.9 Sun Jul 6 19:45:50 2014 +++ src/external/ibm-public/postfix/dist/README_FILES/TLS_README Sat Sep 12 08:23:23 2015 @@ -569,13 +569,15 @@ use public-key fingerprints, upgrade to SSeerrvveerr--ssiiddee cciipphheerr ccoonnttrroollss -The Postfix SMTP server supports 5 distinct cipher security levels as specified -by the smtpd_tls_mandatory_ciphers configuration parameter, which determines -the cipher grade with mandatory TLS encryption. The default value is "medium" -which is essentially 128-bit encryption or better. With opportunistic TLS -encryption, the minimum accepted cipher grade is typically "export". The -corresponding smtpd_tls_ciphers parameter (Postfix >= 2.6) controls the cipher -grade used with opportunistic TLS. +The Postfix SMTP server supports 5 distinct cipher grades as specified by the +smtpd_tls_mandatory_cipher
CVS commit: src/external/ibm-public/postfix/dist/src/postconf
Module Name:src Committed By: tron Date: Sat Feb 21 12:00:49 UTC 2015 Modified Files: src/external/ibm-public/postfix/dist/src/postconf: postconf_master.c Log Message: Resolve conflicts from last import. To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.4 \ src/external/ibm-public/postfix/dist/src/postconf/postconf_master.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/ibm-public/postfix/dist/src/postconf/postconf_master.c diff -u src/external/ibm-public/postfix/dist/src/postconf/postconf_master.c:1.3 src/external/ibm-public/postfix/dist/src/postconf/postconf_master.c:1.4 --- src/external/ibm-public/postfix/dist/src/postconf/postconf_master.c:1.3 Sun Jul 6 19:45:50 2014 +++ src/external/ibm-public/postfix/dist/src/postconf/postconf_master.c Sat Feb 21 12:00:48 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: postconf_master.c,v 1.3 2014/07/06 19:45:50 tron Exp $ */ +/* $NetBSD: postconf_master.c,v 1.4 2015/02/21 12:00:48 tron Exp $ */ /*++ /* NAME @@ -275,7 +275,7 @@ static void pcf_check_master_entry(ARGV for (field = PCF_MASTER_FLD_PRIVATE; field <= PCF_MASTER_FLD_CHROOT; field++) { cp = argv->argv[field]; if (cp[1] != 0 || strchr(pcf_valid_bool_types, *cp) == 0) - pcf_fix_fatal("invalid %s field \%s\" in \"%s\"", + pcf_fix_fatal("invalid %s field \"%s\" in \"%s\"", pcf_str_field_pattern(field), cp, raw_text); } @@ -284,12 +284,12 @@ static void pcf_check_master_entry(ARGV if (len > 0 && cp[len - 1] == '?') len--; if (!(cp[0] == '-' && len == 1) && strspn(cp, "0123456789") != len) - pcf_fix_fatal("invalid " PCF_MASTER_NAME_WAKEUP " field \%s\" in \"%s\"", + pcf_fix_fatal("invalid " PCF_MASTER_NAME_WAKEUP " field \"%s\" in \"%s\"", cp, raw_text); cp = argv->argv[PCF_MASTER_FLD_MAXPROC]; if (strcmp("-", cp) != 0 && cp[strspn(cp, "0123456789")] != 0) - pcf_fix_fatal("invalid " PCF_MASTER_NAME_MAXPROC " field \%s\" in \"%s\"", + pcf_fix_fatal("invalid " PCF_MASTER_NAME_MAXPROC " field \"%s\" in \"%s\"", cp, raw_text); }
CVS commit: src/external/ibm-public/postfix/dist
Module Name:src Committed By: tron Date: Sat Jan 24 18:10:52 UTC 2015 Modified Files: src/external/ibm-public/postfix/dist: makedefs src/external/ibm-public/postfix/dist/src/cleanup: cleanup.h src/external/ibm-public/postfix/dist/src/smtpd: smtpd.c Log Message: Resolve conflicts from last import. To generate a diff of this commit: cvs rdiff -u -r1.9 -r1.10 src/external/ibm-public/postfix/dist/makedefs cvs rdiff -u -r1.6 -r1.7 \ src/external/ibm-public/postfix/dist/src/cleanup/cleanup.h cvs rdiff -u -r1.11 -r1.12 \ src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/ibm-public/postfix/dist/makedefs diff -u src/external/ibm-public/postfix/dist/makedefs:1.9 src/external/ibm-public/postfix/dist/makedefs:1.10 --- src/external/ibm-public/postfix/dist/makedefs:1.9 Sun Jul 6 19:45:50 2014 +++ src/external/ibm-public/postfix/dist/makedefs Sat Jan 24 18:10:52 2015 @@ -491,9 +491,9 @@ ReliantUNIX-?.5.43) SYSTYPE=ReliantUnix5 ?.*) CCARGS="$CCARGS -DRESOLVE_H_NEEDS_NAMESER8_COMPAT_H";; *) CCARGS="$CCARGS -DRESOLVE_H_NEEDS_ARPA_NAMESER_COMPAT_H";; esac - # Darwin 12.x (MacOS X 10.8.x), maybe earlier, needs libresolv. + # Darwin 11.x (MacOS X 10.7.x), maybe earlier, needs libresolv. case $RELEASE in - ?.*|1[0-1].*) ;; + ?.*|10.*) ;; *) SYSLIBS="$SYSLIBS -lresolv";; esac # kqueue and/or poll are broken in MacOS X 10.5 (Darwin 9). Index: src/external/ibm-public/postfix/dist/src/cleanup/cleanup.h diff -u src/external/ibm-public/postfix/dist/src/cleanup/cleanup.h:1.6 src/external/ibm-public/postfix/dist/src/cleanup/cleanup.h:1.7 --- src/external/ibm-public/postfix/dist/src/cleanup/cleanup.h:1.6 Sun Jul 6 19:45:50 2014 +++ src/external/ibm-public/postfix/dist/src/cleanup/cleanup.h Sat Jan 24 18:10:52 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: cleanup.h,v 1.6 2014/07/06 19:45:50 tron Exp $ */ +/* $NetBSD: cleanup.h,v 1.7 2015/01/24 18:10:52 tron Exp $ */ /*++ /* NAME @@ -63,6 +63,7 @@ typedef struct CLEANUP_STATE { char *orig_rcpt; /* original recipient address */ char *return_receipt; /* return-receipt address */ char *errors_to; /* errors-to address */ +ARGV *auto_hdrs; /* MTA's own header(s) */ int flags; /* processing options, status flags */ int qmgr_opts; /* qmgr processing options */ int errs; /* any badness experienced */ Index: src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c diff -u src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c:1.11 src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c:1.12 --- src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c:1.11 Sun Jul 6 19:45:50 2014 +++ src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c Sat Jan 24 18:10:52 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: smtpd.c,v 1.11 2014/07/06 19:45:50 tron Exp $ */ +/* $NetBSD: smtpd.c,v 1.12 2015/01/24 18:10:52 tron Exp $ */ /*++ /* NAME @@ -2987,7 +2987,7 @@ static int data_cmd(SMTPD_STATE *state, } /* - * PREPEND message headers. + * PREPEND message headers above our own Received: header. */ if (state->prepend) for (cpp = state->prepend->argv; *cpp; cpp++) @@ -3082,6 +3082,7 @@ static int data_cmd(SMTPD_STATE *state, "\t(envelope-from %s)", STR(state->buffer)); #endif } + smtpd_chat_reply(state, "354 End data with ."); state->where = SMTPD_AFTER_DATA;
CVS commit: src/external/ibm-public/postfix/dist/src/util
Module Name:src Committed By: christos Date: Thu Nov 14 02:27:29 UTC 2013 Modified Files: src/external/ibm-public/postfix/dist/src/util: dict_sockmap.c Log Message: miminize diff to original. To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 \ src/external/ibm-public/postfix/dist/src/util/dict_sockmap.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/ibm-public/postfix/dist/src/util/dict_sockmap.c diff -u src/external/ibm-public/postfix/dist/src/util/dict_sockmap.c:1.2 src/external/ibm-public/postfix/dist/src/util/dict_sockmap.c:1.3 --- src/external/ibm-public/postfix/dist/src/util/dict_sockmap.c:1.2 Wed Nov 13 20:36:00 2013 +++ src/external/ibm-public/postfix/dist/src/util/dict_sockmap.c Wed Nov 13 21:27:29 2013 @@ -1,4 +1,4 @@ -/* $NetBSD: dict_sockmap.c,v 1.2 2013/11/14 01:36:00 christos Exp $ */ +/* $NetBSD: dict_sockmap.c,v 1.3 2013/11/14 02:27:29 christos Exp $ */ /*++ /* NAME @@ -335,12 +335,11 @@ DICT *dict_sockmap_open(const char *ma */ saved_name = mystrdup(mapname); if ((sockmap = split_at_right(saved_name, ':')) == 0) { - DICT *dp = dict_surrogate(DICT_TYPE_SOCKMAP, mapname, - open_flags, dict_flags, - "%s requires server:socketmap argument", - DICT_TYPE_SOCKMAP); myfree(saved_name); - return dp; + return (dict_surrogate(DICT_TYPE_SOCKMAP, mapname, + open_flags, dict_flags, + "%s requires server:socketmap argument", + DICT_TYPE_SOCKMAP)); } /*
CVS commit: src/external/ibm-public/postfix/dist/src/postconf
Module Name:src Committed By: christos Date: Thu Nov 14 01:39:26 UTC 2013 Modified Files: src/external/ibm-public/postfix/dist/src/postconf: postconf_master.c Log Message: CID 1102804: Memory leak To generate a diff of this commit: cvs rdiff -u -r1.1.1.3 -r1.2 \ src/external/ibm-public/postfix/dist/src/postconf/postconf_master.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/ibm-public/postfix/dist/src/postconf/postconf_master.c diff -u src/external/ibm-public/postfix/dist/src/postconf/postconf_master.c:1.1.1.3 src/external/ibm-public/postfix/dist/src/postconf/postconf_master.c:1.2 --- src/external/ibm-public/postfix/dist/src/postconf/postconf_master.c:1.1.1.3 Wed Sep 25 15:06:33 2013 +++ src/external/ibm-public/postfix/dist/src/postconf/postconf_master.c Wed Nov 13 20:39:26 2013 @@ -1,4 +1,4 @@ -/* $NetBSD: postconf_master.c,v 1.1.1.3 2013/09/25 19:06:33 tron Exp $ */ +/* $NetBSD: postconf_master.c,v 1.2 2013/11/14 01:39:26 christos Exp $ */ /*++ /* NAME @@ -140,8 +140,10 @@ static const char *parse_master_line(PC_ #define MASTER_BLANKS " \t\r\n" /* XXX */ argv = argv_split(buf, MASTER_BLANKS); -if (argv->argc < PC_MASTER_MIN_FIELDS) +if (argv->argc < PC_MASTER_MIN_FIELDS) { + argv_free(argv); return ("bad field count"); +} normalize_options(argv); masterp->name_space = concatenate(argv->argv[0], ".", argv->argv[1], (char *) 0);
CVS commit: src/external/ibm-public/postfix/dist/src/util
Module Name:src Committed By: christos Date: Thu Nov 14 01:36:00 UTC 2013 Modified Files: src/external/ibm-public/postfix/dist/src/util: dict_sockmap.c Log Message: 1102805: Memory leak To generate a diff of this commit: cvs rdiff -u -r1.1.1.1 -r1.2 \ src/external/ibm-public/postfix/dist/src/util/dict_sockmap.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/ibm-public/postfix/dist/src/util/dict_sockmap.c diff -u src/external/ibm-public/postfix/dist/src/util/dict_sockmap.c:1.1.1.1 src/external/ibm-public/postfix/dist/src/util/dict_sockmap.c:1.2 --- src/external/ibm-public/postfix/dist/src/util/dict_sockmap.c:1.1.1.1 Wed Sep 25 15:06:37 2013 +++ src/external/ibm-public/postfix/dist/src/util/dict_sockmap.c Wed Nov 13 20:36:00 2013 @@ -1,4 +1,4 @@ -/* $NetBSD: dict_sockmap.c,v 1.1.1.1 2013/09/25 19:06:37 tron Exp $ */ +/* $NetBSD: dict_sockmap.c,v 1.2 2013/11/14 01:36:00 christos Exp $ */ /*++ /* NAME @@ -334,11 +334,14 @@ DICT *dict_sockmap_open(const char *ma * Separate the socketmap name from the socketmap server name. */ saved_name = mystrdup(mapname); -if ((sockmap = split_at_right(saved_name, ':')) == 0) - return (dict_surrogate(DICT_TYPE_SOCKMAP, mapname, - open_flags, dict_flags, - "%s requires server:socketmap argument", - DICT_TYPE_SOCKMAP)); +if ((sockmap = split_at_right(saved_name, ':')) == 0) { + DICT *dp = dict_surrogate(DICT_TYPE_SOCKMAP, mapname, + open_flags, dict_flags, + "%s requires server:socketmap argument", + DICT_TYPE_SOCKMAP); + myfree(saved_name); + return dp; +} /* * Use one reference-counted client handle for all socketmaps with the
CVS commit: src/external/ibm-public/postfix/dist
Module Name:src Committed By: tron Date: Wed Aug 21 20:12:31 UTC 2013 Modified Files: src/external/ibm-public/postfix/dist/README_FILES: TLS_README src/external/ibm-public/postfix/dist/html: TLS_README.html postconf.5.html src/external/ibm-public/postfix/dist/man/man5: postconf.5 src/external/ibm-public/postfix/dist/proto: TLS_README.html postconf.proto src/external/ibm-public/postfix/dist/src/global: mail_params.h src/external/ibm-public/postfix/dist/src/tls: tls_client.c Log Message: esolve conflicts from last import. To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.7 \ src/external/ibm-public/postfix/dist/README_FILES/TLS_README cvs rdiff -u -r1.7 -r1.8 \ src/external/ibm-public/postfix/dist/html/TLS_README.html cvs rdiff -u -r1.10 -r1.11 \ src/external/ibm-public/postfix/dist/html/postconf.5.html cvs rdiff -u -r1.10 -r1.11 \ src/external/ibm-public/postfix/dist/man/man5/postconf.5 cvs rdiff -u -r1.6 -r1.7 \ src/external/ibm-public/postfix/dist/proto/TLS_README.html cvs rdiff -u -r1.10 -r1.11 \ src/external/ibm-public/postfix/dist/proto/postconf.proto cvs rdiff -u -r1.9 -r1.10 \ src/external/ibm-public/postfix/dist/src/global/mail_params.h cvs rdiff -u -r1.6 -r1.7 \ src/external/ibm-public/postfix/dist/src/tls/tls_client.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/ibm-public/postfix/dist/README_FILES/TLS_README diff -u src/external/ibm-public/postfix/dist/README_FILES/TLS_README:1.6 src/external/ibm-public/postfix/dist/README_FILES/TLS_README:1.7 --- src/external/ibm-public/postfix/dist/README_FILES/TLS_README:1.6 Wed Jan 2 19:18:30 2013 +++ src/external/ibm-public/postfix/dist/README_FILES/TLS_README Wed Aug 21 20:12:30 2013 @@ -462,6 +462,34 @@ host: /etc/postfix/relay_clientcerts: D7:04:2F:A7:0B:8C:A5:21:FA:31:77:E1:41:8A:EE:80 lutzpc.at.home +To extract the public key fingerprint from an X.509 certificate, you need to +extract the public key from the certificate and compute the appropriate digest +of its DER (ASN.1) encoding. With OpenSSL the "-pubkey" option of the "x509" +command extracts the public key always in "PEM" format. We pipe the result to +another OpenSSL command that converts the key to DER and then to the "dgst" +command to compute the fingerprint. + +The actual command to transform the key to DER format depends on the version of +OpenSSL used. With OpenSSL 1.0.0 and later, the "pkey" command supports all key +types. With OpenSSL 0.9.8 and earlier, the key type is always RSA (nobody uses +DSA, and EC keys are not fully supported by 0.9.8), so the "rsa" command is +used. + +# OpenSSL 1.0 with all certificates and SHA-1 fingerprints. +$ openssl x509 -in cert.pem -noout -pubkey | +openssl pkey -pubin -outform DER | +openssl dgst -sha1 -c +(stdin)= 64:3f:1f:f6:e5:1e:d4:2a:56:8b:fc:09:1a:61:98:b5:bc:7c:60:58 + +# OpenSSL 0.9.8 with RSA certificates and MD5 fingerprints. +$ openssl x509 -in cert.pem -noout -pubkey | +openssl rsa -pubin -outform DER | +openssl dgst -md5 -c +(stdin)= f4:62:60:f6:12:8f:d5:8d:28:4d:13:a7:db:b2:ff:50 + +Note: Postfix 2.9.0-2.9.5 computed the public key fingerprint incorrectly. To +use public-key fingerprints, upgrade to Postfix 2.9.6 or later. + SSeerrvveerr--ssiiddee cciipphheerr ccoonnttrroollss The Postfix SMTP server supports 5 distinct cipher security levels as specified @@ -823,6 +851,34 @@ the example above, we show two matching match=3D:95:34:51:24:66:33:B9:D2:40:99:C0:C1:17:0B:D1 match=EC:3B:2D:B0:5B:B1:FB:6D:20:A3:9D:72:F6:8D:12:35 +To extract the public key fingerprint from an X.509 certificate, you need to +extract the public key from the certificate and compute the appropriate digest +of its DER (ASN.1) encoding. With OpenSSL the "-pubkey" option of the "x509" +command extracts the public key always in "PEM" format. We pipe the result to +another OpenSSL command that converts the key to DER and then to the "dgst" +command to compute the fingerprint. + +The actual command to transform the key to DER format depends on the version of +OpenSSL used. With OpenSSL 1.0.0 and later, the "pkey" command supports all key +types. With OpenSSL 0.9.8 and earlier, the key type is always RSA (nobody uses +DSA, and EC keys are not fully supported by 0.9.8), so the "rsa" command is +used. + +# OpenSSL 1.0 with all certificates and SHA-1 fingerprints. +$ openssl x509 -in cert.pem -noout -pubkey | +openssl pkey -pubin -outform DER | +openssl dgst -sha1 -c +(stdin)= 64:3f:1f:f6:e5:1e:d4:2a:56:8b:fc:09:1a:61:98:b5:bc:7c:60:58 + +# OpenSSL 0.9.8 with RSA certificates and MD5 fingerprints. +$ openssl x509 -in cert.pem -noout -pubkey | +openssl rsa -pubin -outform DE
CVS commit: src/external/ibm-public/postfix/dist/conf
Module Name:src Committed By: tron Date: Sun Jan 6 13:58:25 UTC 2013 Modified Files: src/external/ibm-public/postfix/dist/conf: main.cf Log Message: Comment out "inet_protocols = ipv4" line which came from up-stream. We want Postfix to support IPv6 out of the box. Pointed out by Dieter Roelants on "current-users" mailing list. To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.4 src/external/ibm-public/postfix/dist/conf/main.cf Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/ibm-public/postfix/dist/conf/main.cf diff -u src/external/ibm-public/postfix/dist/conf/main.cf:1.3 src/external/ibm-public/postfix/dist/conf/main.cf:1.4 --- src/external/ibm-public/postfix/dist/conf/main.cf:1.3 Wed Jan 2 19:18:30 2013 +++ src/external/ibm-public/postfix/dist/conf/main.cf Sun Jan 6 13:58:24 2013 @@ -1,4 +1,4 @@ -# $NetBSD: main.cf,v 1.3 2013/01/02 19:18:30 tron Exp $ +# $NetBSD: main.cf,v 1.4 2013/01/06 13:58:24 tron Exp $ # # Global Postfix configuration file. This file lists only a subset # of all parameters. For the syntax, and for a complete parameter @@ -664,4 +664,4 @@ sample_directory = /usr/share/examples/p # readme_directory: The location of the Postfix README files. # readme_directory = /usr/share/examples/postfix -inet_protocols = ipv4 +#inet_protocols = ipv4
CVS commit: src/external/ibm-public/postfix/dist
Module Name:src Committed By: tron Date: Tue Dec 18 09:10:32 UTC 2012 Modified Files: src/external/ibm-public/postfix/dist: makedefs src/external/ibm-public/postfix/dist/src/util: sys_defs.h Log Message: Resolve conflicts from last import. To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.6 src/external/ibm-public/postfix/dist/makedefs cvs rdiff -u -r1.3 -r1.4 \ src/external/ibm-public/postfix/dist/src/util/sys_defs.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/ibm-public/postfix/dist/makedefs diff -u src/external/ibm-public/postfix/dist/makedefs:1.5 src/external/ibm-public/postfix/dist/makedefs:1.6 --- src/external/ibm-public/postfix/dist/makedefs:1.5 Wed Nov 9 19:06:34 2011 +++ src/external/ibm-public/postfix/dist/makedefs Tue Dec 18 09:10:32 2012 @@ -146,6 +146,8 @@ case "$SYSTEM.$RELEASE" in ;; FreeBSD.8*) SYSTYPE=FREEBSD8 ;; + FreeBSD.9*) SYSTYPE=FREEBSD9 + ;; OpenBSD.2*) SYSTYPE=OPENBSD2 ;; OpenBSD.3*) SYSTYPE=OPENBSD3 Index: src/external/ibm-public/postfix/dist/src/util/sys_defs.h diff -u src/external/ibm-public/postfix/dist/src/util/sys_defs.h:1.3 src/external/ibm-public/postfix/dist/src/util/sys_defs.h:1.4 --- src/external/ibm-public/postfix/dist/src/util/sys_defs.h:1.3 Wed Nov 9 19:06:34 2011 +++ src/external/ibm-public/postfix/dist/src/util/sys_defs.h Tue Dec 18 09:10:32 2012 @@ -1,4 +1,4 @@ -/* $NetBSD: sys_defs.h,v 1.3 2011/11/09 19:06:34 tron Exp $ */ +/* $NetBSD: sys_defs.h,v 1.4 2012/12/18 09:10:32 tron Exp $ */ #ifndef _SYS_DEFS_H_INCLUDED_ #define _SYS_DEFS_H_INCLUDED_ @@ -27,7 +27,7 @@ */ #if defined(FREEBSD2) || defined(FREEBSD3) || defined(FREEBSD4) \ || defined(FREEBSD5) || defined(FREEBSD6) || defined(FREEBSD7) \ -|| defined(FREEBSD8) \ +|| defined(FREEBSD8) || defined(FREEBSD9) \ || defined(BSDI2) || defined(BSDI3) || defined(BSDI4) \ || defined(OPENBSD2) || defined(OPENBSD3) || defined(OPENBSD4) \ || defined(OPENBSD5) \
CVS commit: src/external/ibm-public/postfix/dist/src/dns
Module Name:src Committed By: christos Date: Thu Jul 5 17:40:11 UTC 2012 Modified Files: src/external/ibm-public/postfix/dist/src/dns: dns_lookup.c Log Message: use the modern resolver functions if available. To generate a diff of this commit: cvs rdiff -u -r1.1.1.2 -r1.2 \ src/external/ibm-public/postfix/dist/src/dns/dns_lookup.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/ibm-public/postfix/dist/src/dns/dns_lookup.c diff -u src/external/ibm-public/postfix/dist/src/dns/dns_lookup.c:1.1.1.2 src/external/ibm-public/postfix/dist/src/dns/dns_lookup.c:1.2 --- src/external/ibm-public/postfix/dist/src/dns/dns_lookup.c:1.1.1.2 Thu Jun 17 14:06:44 2010 +++ src/external/ibm-public/postfix/dist/src/dns/dns_lookup.c Thu Jul 5 13:40:11 2012 @@ -1,4 +1,4 @@ -/* $NetBSD: dns_lookup.c,v 1.1.1.2 2010/06/17 18:06:44 tron Exp $ */ +/* $NetBSD: dns_lookup.c,v 1.2 2012/07/05 17:40:11 christos Exp $ */ /*++ /* NAME @@ -176,12 +176,37 @@ typedef struct DNS_REPLY { /* dns_query - query name server and pre-parse the reply */ +#if __RES < 20030124 + +static int +res_ninit(res_state res) +{ + int error; + + if ((error = res_init()) < 0) + return error; + + *res = _res; + return error; +} + +static int +res_nsearch(res_state statp, const char *dname, int class, int type, +u_char *answer, int anslen) +{ + return res_search(dname, class, type, answer, anslen); +} + +#endif + static int dns_query(const char *name, int type, int flags, DNS_REPLY *reply, VSTRING *why) { HEADER *reply_header; int len; unsigned long saved_options; +/* For efficiency, we are not called from multiple threads */ +static struct __res_state res; /* * Initialize the reply buffer. @@ -194,7 +219,7 @@ static int dns_query(const char *name, i /* * Initialize the name service. */ -if ((_res.options & RES_INIT) == 0 && res_init() < 0) { +if ((res.options & RES_INIT) == 0 && res_ninit(&res) < 0) { if (why) vstring_strcpy(why, "Name service initialization failure"); return (DNS_FAIL); @@ -208,18 +233,18 @@ static int dns_query(const char *name, i if ((flags & USER_FLAGS) != flags) msg_panic("dns_query: bad flags: %d", flags); -saved_options = (_res.options & USER_FLAGS); +saved_options = (res.options & USER_FLAGS); /* * Perform the lookup. Claim that the information cannot be found if and * only if the name server told us so. */ for (;;) { - _res.options &= ~saved_options; - _res.options |= flags; - len = res_search((char *) name, C_IN, type, reply->buf, reply->buf_len); - _res.options &= ~flags; - _res.options |= saved_options; + res.options &= ~saved_options; + res.options |= flags; + len = res_nsearch(&res, name, C_IN, type, reply->buf, reply->buf_len); + res.options &= ~flags; + res.options |= saved_options; if (len < 0) { if (why) vstring_sprintf(why, "Host or domain name not found. "
CVS commit: src/external/ibm-public/postfix/dist
Module Name:src Committed By: tron Date: Sat Jun 9 11:32:20 UTC 2012 Modified Files: src/external/ibm-public/postfix/dist/README_FILES: TLS_README src/external/ibm-public/postfix/dist/html: TLS_README.html postconf.5.html src/external/ibm-public/postfix/dist/man/man5: postconf.5 src/external/ibm-public/postfix/dist/proto: TLS_README.html postconf.proto src/external/ibm-public/postfix/dist/src/global: mail_params.h src/external/ibm-public/postfix/dist/src/local: unknown.c src/external/ibm-public/postfix/dist/src/smtp: smtp.c src/external/ibm-public/postfix/dist/src/smtpd: smtpd.c src/external/ibm-public/postfix/dist/src/tls: tls_client.c tls_server.c Log Message: Resolve conflicts from last import. To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 \ src/external/ibm-public/postfix/dist/README_FILES/TLS_README cvs rdiff -u -r1.5 -r1.6 \ src/external/ibm-public/postfix/dist/html/TLS_README.html cvs rdiff -u -r1.8 -r1.9 \ src/external/ibm-public/postfix/dist/html/postconf.5.html cvs rdiff -u -r1.8 -r1.9 \ src/external/ibm-public/postfix/dist/man/man5/postconf.5 cvs rdiff -u -r1.4 -r1.5 \ src/external/ibm-public/postfix/dist/proto/TLS_README.html cvs rdiff -u -r1.8 -r1.9 \ src/external/ibm-public/postfix/dist/proto/postconf.proto cvs rdiff -u -r1.7 -r1.8 \ src/external/ibm-public/postfix/dist/src/global/mail_params.h cvs rdiff -u -r1.2 -r1.3 \ src/external/ibm-public/postfix/dist/src/local/unknown.c cvs rdiff -u -r1.4 -r1.5 src/external/ibm-public/postfix/dist/src/smtp/smtp.c cvs rdiff -u -r1.7 -r1.8 \ src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c cvs rdiff -u -r1.4 -r1.5 \ src/external/ibm-public/postfix/dist/src/tls/tls_client.c \ src/external/ibm-public/postfix/dist/src/tls/tls_server.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/ibm-public/postfix/dist/README_FILES/TLS_README diff -u src/external/ibm-public/postfix/dist/README_FILES/TLS_README:1.4 src/external/ibm-public/postfix/dist/README_FILES/TLS_README:1.5 --- src/external/ibm-public/postfix/dist/README_FILES/TLS_README:1.4 Wed Mar 2 19:56:37 2011 +++ src/external/ibm-public/postfix/dist/README_FILES/TLS_README Sat Jun 9 11:32:19 2012 @@ -542,11 +542,17 @@ The "smtpd_tls_ciphers" configuration pa control over the minimum cipher grade for opportunistic TLS. With Postfix < 2.6, the minimum opportunistic TLS cipher grade is always "export". -With mandatory TLS encryption, the Postfix SMTP server will by default only use -SSLv3 or TLSv1. SSLv2 is only used when TLS encryption is optional. The -mandatory TLS protocol list is specified via the smtpd_tls_mandatory_protocols -configuration parameter. The corresponding smtpd_tls_protocols parameter -(Postfix >= 2.6) controls the SSL/TLS protocols used with opportunistic TLS. +With mandatory TLS encryption, the Postfix SMTP server will by default disable +SSLv2. SSLv2 is used only when TLS encryption is optional. The mandatory TLS +protocol list is specified via the smtpd_tls_mandatory_protocols configuration +parameter. The corresponding smtpd_tls_protocols parameter (Postfix >= 2.6) +controls the SSL/TLS protocols used with opportunistic TLS. + +Note that the OpenSSL library only supports protocol exclusion (not inclusion). +For this reason, Postfix can exclude only protocols that are known at the time +the Postfix software is written. If new protocols are added to the OpenSSL +library, they cannot be excluded without corresponding changes to the Postfix +source code. For a server that is not a public Internet MX host, Postfix (>= 2.3) supports configurations with no server certificates that use oonnllyy the anonymous ciphers. @@ -561,9 +567,10 @@ Example, MSA that requires TLSv1, not SS smtpd_tls_mandatory_ciphers = high smtpd_tls_mandatory_exclude_ciphers = aNULL, MD5 smtpd_tls_security_level = encrypt -smtpd_tls_mandatory_protocols = TLSv1 -# Also available with Postfix >= 2.5: +# Preferred form with Postfix >= 2.5: smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3 +# Alternative form. +smtpd_tls_mandatory_protocols = TLSv1 If you want to take advantage of ciphers with ephemeral Diffie-Hellman (EDH) key exchange (this offers "forward-secrecy"), DH parameters are needed. Instead @@ -594,9 +601,9 @@ Examples: smtpd_tls_eecdh_grade = strong Postfix 2.8 and later, in combination with OpenSSL 0.9.7 and later allows TLS -servers to preempt the TLS client's cipher preference list. This is only -possible with SSLv3, as in SSLv2 the client chooses the cipher from a list -supplied by the server. +servers to preempt the TLS client's cipher preference list. This is possible +only with SSLv3 and later, as in SSLv2 the client chooses the c
CVS commit: src/external/ibm-public/postfix/dist/src/local
Module Name:src Committed By: tron Date: Fri Feb 17 09:17:22 UTC 2012 Modified Files: src/external/ibm-public/postfix/dist/src/local: unknown.c Log Message: Include "defer.h" to get the prototype for defer_append(). To generate a diff of this commit: cvs rdiff -u -r1.1.1.3 -r1.2 \ src/external/ibm-public/postfix/dist/src/local/unknown.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/ibm-public/postfix/dist/src/local/unknown.c diff -u src/external/ibm-public/postfix/dist/src/local/unknown.c:1.1.1.3 src/external/ibm-public/postfix/dist/src/local/unknown.c:1.2 --- src/external/ibm-public/postfix/dist/src/local/unknown.c:1.1.1.3 Fri Feb 17 08:36:10 2012 +++ src/external/ibm-public/postfix/dist/src/local/unknown.c Fri Feb 17 09:17:22 2012 @@ -1,4 +1,4 @@ -/* $NetBSD: unknown.c,v 1.1.1.3 2012/02/17 08:36:10 tron Exp $ */ +/* $NetBSD: unknown.c,v 1.2 2012/02/17 09:17:22 tron Exp $ */ /*++ /* NAME @@ -74,6 +74,7 @@ #include #include #include +#include /* Application-specific. */
CVS commit: src/external/ibm-public/postfix/dist
Module Name:src Committed By: tron Date: Wed Nov 9 19:06:34 UTC 2011 Modified Files: src/external/ibm-public/postfix/dist: makedefs src/external/ibm-public/postfix/dist/src/util: sys_defs.h Log Message: Resolve conflicts from last import. To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 src/external/ibm-public/postfix/dist/makedefs cvs rdiff -u -r1.2 -r1.3 \ src/external/ibm-public/postfix/dist/src/util/sys_defs.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/ibm-public/postfix/dist/makedefs diff -u src/external/ibm-public/postfix/dist/makedefs:1.4 src/external/ibm-public/postfix/dist/makedefs:1.5 --- src/external/ibm-public/postfix/dist/makedefs:1.4 Sun Jul 31 10:05:03 2011 +++ src/external/ibm-public/postfix/dist/makedefs Wed Nov 9 19:06:34 2011 @@ -152,6 +152,8 @@ case "$SYSTEM.$RELEASE" in ;; OpenBSD.4*) SYSTYPE=OPENBSD4 ;; + OpenBSD.5*) SYSTYPE=OPENBSD5 + ;; ekkoBSD.1*) SYSTYPE=EKKOBSD1 ;; NetBSD.1*) SYSTYPE=NETBSD1 Index: src/external/ibm-public/postfix/dist/src/util/sys_defs.h diff -u src/external/ibm-public/postfix/dist/src/util/sys_defs.h:1.2 src/external/ibm-public/postfix/dist/src/util/sys_defs.h:1.3 --- src/external/ibm-public/postfix/dist/src/util/sys_defs.h:1.2 Tue Nov 8 22:21:30 2011 +++ src/external/ibm-public/postfix/dist/src/util/sys_defs.h Wed Nov 9 19:06:34 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: sys_defs.h,v 1.2 2011/11/08 22:21:30 joerg Exp $ */ +/* $NetBSD: sys_defs.h,v 1.3 2011/11/09 19:06:34 tron Exp $ */ #ifndef _SYS_DEFS_H_INCLUDED_ #define _SYS_DEFS_H_INCLUDED_ @@ -30,6 +30,7 @@ || defined(FREEBSD8) \ || defined(BSDI2) || defined(BSDI3) || defined(BSDI4) \ || defined(OPENBSD2) || defined(OPENBSD3) || defined(OPENBSD4) \ +|| defined(OPENBSD5) \ || defined(NETBSD1) || defined(NETBSD2) || defined(NETBSD3) \ || defined(NETBSD4) \ || defined(EKKOBSD1)
CVS commit: src/external/ibm-public/postfix/dist/src/util
Module Name:src Committed By: joerg Date: Tue Nov 8 22:21:30 UTC 2011 Modified Files: src/external/ibm-public/postfix/dist/src/util: sys_defs.h Log Message: Just because IPV6 support is disabled doesn't mean inet_ntop are not present. Since the local prototype conflicts, use the system version. To generate a diff of this commit: cvs rdiff -u -r1.1.1.6 -r1.2 \ src/external/ibm-public/postfix/dist/src/util/sys_defs.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/ibm-public/postfix/dist/src/util/sys_defs.h diff -u src/external/ibm-public/postfix/dist/src/util/sys_defs.h:1.1.1.6 src/external/ibm-public/postfix/dist/src/util/sys_defs.h:1.2 --- src/external/ibm-public/postfix/dist/src/util/sys_defs.h:1.1.1.6 Sun Jul 31 10:03:06 2011 +++ src/external/ibm-public/postfix/dist/src/util/sys_defs.h Tue Nov 8 22:21:30 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: sys_defs.h,v 1.1.1.6 2011/07/31 10:03:06 tron Exp $ */ +/* $NetBSD: sys_defs.h,v 1.2 2011/11/08 22:21:30 joerg Exp $ */ #ifndef _SYS_DEFS_H_INCLUDED_ #define _SYS_DEFS_H_INCLUDED_ @@ -1275,6 +1275,7 @@ extern int dup2_pass_on_exec(int oldd, i /* * Defaults for systems that pre-date IPv6 support. */ +#ifndef __NetBSD__ #ifndef HAS_IPV6 #define EMULATE_IPV4_ADDRINFO #define MISSING_INET_PTON @@ -1283,6 +1284,7 @@ extern const char *inet_ntop(int, const extern int inet_pton(int, const char *, void *); #endif +#endif /* * Workaround: after a watchdog alarm signal, wake up from select/poll/etc.
CVS commit: src/external/ibm-public/postfix/dist/src/smtpd
Module Name:src Committed By: tron Date: Fri Oct 28 07:12:17 UTC 2011 Modified Files: src/external/ibm-public/postfix/dist/src/smtpd: smtpd.c Log Message: Resolve conflicts from last import. To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.7 \ src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c diff -u src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c:1.6 src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c:1.7 --- src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c:1.6 Wed Mar 2 19:56:39 2011 +++ src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c Fri Oct 28 07:12:17 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: smtpd.c,v 1.6 2011/03/02 19:56:39 tron Exp $ */ +/* $NetBSD: smtpd.c,v 1.7 2011/10/28 07:12:17 tron Exp $ */ /*++ /* NAME @@ -3042,6 +3042,7 @@ static int data_cmd(SMTPD_STATE *state, if (state->err == 0) { why = vstring_alloc(10); state->err = mail_stream_finish(state->dest, why); + printable(STR(why), ' '); } else mail_stream_cleanup(state->dest); state->dest = 0;
CVS commit: src/external/ibm-public/postfix/dist
Module Name:src Committed By: tron Date: Sun Jul 31 10:05:04 UTC 2011 Modified Files: src/external/ibm-public/postfix/dist: makedefs postfix-install src/external/ibm-public/postfix/dist/html: TLS_README.html postconf.5.html src/external/ibm-public/postfix/dist/man/man5: postconf.5 src/external/ibm-public/postfix/dist/proto: postconf.proto Log Message: Resolve conflicts from last import. To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.4 src/external/ibm-public/postfix/dist/makedefs cvs rdiff -u -r1.2 -r1.3 src/external/ibm-public/postfix/dist/postfix-install cvs rdiff -u -r1.4 -r1.5 \ src/external/ibm-public/postfix/dist/html/TLS_README.html cvs rdiff -u -r1.7 -r1.8 \ src/external/ibm-public/postfix/dist/html/postconf.5.html cvs rdiff -u -r1.7 -r1.8 \ src/external/ibm-public/postfix/dist/man/man5/postconf.5 cvs rdiff -u -r1.7 -r1.8 \ src/external/ibm-public/postfix/dist/proto/postconf.proto Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/ibm-public/postfix/dist/makedefs diff -u src/external/ibm-public/postfix/dist/makedefs:1.3 src/external/ibm-public/postfix/dist/makedefs:1.4 --- src/external/ibm-public/postfix/dist/makedefs:1.3 Wed Mar 23 19:10:44 2011 +++ src/external/ibm-public/postfix/dist/makedefs Sun Jul 31 10:05:03 2011 @@ -342,6 +342,33 @@ fi;; esac ;; +Linux.3*) SYSTYPE=LINUX3 + if [ -f /usr/include/db.h ] + then + : we are all set + elif [ -f /usr/include/db/db.h ] + then + CCARGS="$CCARGS -I/usr/include/db" + else + # On a properly installed system, Postfix builds + # by including and by linking with -ldb + echo "No include file found." 1>&2 + echo "Install the appropriate db*-devel package first." 1>&2 + echo "See the RELEASE_NOTES file for more information." 1>&2 + exit 1 + fi + SYSLIBS="-ldb" + for name in nsl resolv + do + for lib in /usr/lib64 /lib64 /usr/lib /lib + do + test -e $lib/lib$name.a -o -e $lib/lib$name.so && { + SYSLIBS="$SYSLIBS -l$name" + break + } + done + done + ;; GNU.0*|GNU/kFreeBSD.[567]*) SYSTYPE=GNU0 # Postfix no longer needs DB 1.85 compatibility Index: src/external/ibm-public/postfix/dist/postfix-install diff -u src/external/ibm-public/postfix/dist/postfix-install:1.2 src/external/ibm-public/postfix/dist/postfix-install:1.3 --- src/external/ibm-public/postfix/dist/postfix-install:1.2 Tue Jun 23 11:41:05 2009 +++ src/external/ibm-public/postfix/dist/postfix-install Sun Jul 31 10:05:03 2011 @@ -305,7 +305,7 @@ install_root_prompt="the prefix for installed file names. Specify this ONLY if you are building ready-to-install packages for -distribution to other machines." +distribution to OTHER machines. See PACKAGE_README for instructions." tempdir_prompt="a directory for scratch files while installing Postfix. You must have write permission in this directory." Index: src/external/ibm-public/postfix/dist/html/TLS_README.html diff -u src/external/ibm-public/postfix/dist/html/TLS_README.html:1.4 src/external/ibm-public/postfix/dist/html/TLS_README.html:1.5 --- src/external/ibm-public/postfix/dist/html/TLS_README.html:1.4 Wed Mar 2 19:56:38 2011 +++ src/external/ibm-public/postfix/dist/html/TLS_README.html Sun Jul 31 10:05:04 2011 @@ -865,9 +865,9 @@ By default, the OpenSSL server selects the client's most preferred cipher that the server supports. With SSLv3 and later, the server may choose its own most preferred cipher that is supported (offered) -by the client. Setting "tls_preempt_cipherlist = yes" enables server +by the client. Setting "tls_preempt_cipherlist = yes" enables server cipher preferences. The default OpenSSL behaviour applies with -"tls_preempt_cipherlist = no". +"tls_preempt_cipherlist = no". While server cipher selection may in some cases lead to a more secure or performant cipher choice, there is some risk of interoperability Index: src/external/ibm-public/postfix/dist/html/postconf.5.html diff -u src/external/ibm-public/postfix/dist/html/postconf.5.html:1.7 src/external/ibm-public/postfix/dist/html/postconf.5.html:1.8 --- src/external/ibm-public/postfix/dist/html/postconf.5.html:1.7 Wed Mar 2 19:56:38 2011 +++ src/external/ibm-public/postfix/dist/html/postconf.5.html Sun Jul 31 10:05:04 2011 @@ -7657,6 +7657,8 @@ The default time unit is s (seconds). + This feature is available in Postfix 2.8 and later. + @@ -7690,6 +7692,8 @@ The default time unit is s (seconds). + This feature is available in Postfix 2.8 and later. + @@ -15205,7 +15209,7 @@ By default, the OpenSSL server selects the client's most preferred cipher that the server supports. With SSLv3 and later, the server may choose its own most preferred cipher that is supported (offered) by -the client. Setting "tls_preempt_cipherlist = yes"
CVS commit: src/external/ibm-public/postfix/dist/src/util
Module Name:src Committed By: pgoyette Date: Mon May 30 18:47:27 UTC 2011 Modified Files: src/external/ibm-public/postfix/dist/src/util: unix_recv_fd.c Log Message: Add missing semicolon so it compiles To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.6 \ src/external/ibm-public/postfix/dist/src/util/unix_recv_fd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/ibm-public/postfix/dist/src/util/unix_recv_fd.c diff -u src/external/ibm-public/postfix/dist/src/util/unix_recv_fd.c:1.5 src/external/ibm-public/postfix/dist/src/util/unix_recv_fd.c:1.6 --- src/external/ibm-public/postfix/dist/src/util/unix_recv_fd.c:1.5 Mon May 30 16:24:13 2011 +++ src/external/ibm-public/postfix/dist/src/util/unix_recv_fd.c Mon May 30 18:47:27 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: unix_recv_fd.c,v 1.5 2011/05/30 16:24:13 joerg Exp $ */ +/* $NetBSD: unix_recv_fd.c,v 1.6 2011/05/30 18:47:27 pgoyette Exp $ */ /*++ /* NAME @@ -73,7 +73,7 @@ # ifdef __clang__ charcontrol[128]; # else - charcontrol[CMSG_SPACE(sizeof(newfd))] + charcontrol[CMSG_SPACE(sizeof(newfd))]; # endif } control_un; struct cmsghdr *cmptr;
CVS commit: src/external/ibm-public/postfix/dist/src/util
Module Name:src Committed By: joerg Date: Mon May 30 16:24:13 UTC 2011 Modified Files: src/external/ibm-public/postfix/dist/src/util: unix_recv_fd.c unix_send_fd.c Log Message: Hack for clang to workaround non-ICE CMSG_SPACE used in union. To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 \ src/external/ibm-public/postfix/dist/src/util/unix_recv_fd.c \ src/external/ibm-public/postfix/dist/src/util/unix_send_fd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/ibm-public/postfix/dist/src/util/unix_recv_fd.c diff -u src/external/ibm-public/postfix/dist/src/util/unix_recv_fd.c:1.4 src/external/ibm-public/postfix/dist/src/util/unix_recv_fd.c:1.5 --- src/external/ibm-public/postfix/dist/src/util/unix_recv_fd.c:1.4 Wed Mar 2 19:56:39 2011 +++ src/external/ibm-public/postfix/dist/src/util/unix_recv_fd.c Mon May 30 16:24:13 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: unix_recv_fd.c,v 1.4 2011/03/02 19:56:39 tron Exp $ */ +/* $NetBSD: unix_recv_fd.c,v 1.5 2011/05/30 16:24:13 joerg Exp $ */ /*++ /* NAME @@ -70,7 +70,11 @@ #if defined(CMSG_SPACE) && !defined(NO_MSGHDR_MSG_CONTROL) union { struct cmsghdr just_for_alignment; - charcontrol[CMSG_SPACE(sizeof(newfd))]; +# ifdef __clang__ + charcontrol[128]; +# else + charcontrol[CMSG_SPACE(sizeof(newfd))] +# endif } control_un; struct cmsghdr *cmptr; @@ -79,7 +83,7 @@ if (unix_pass_fd_fix & UNIX_PASS_FD_FIX_CMSG_LEN) { msg.msg_controllen = CMSG_LEN(sizeof(newfd)); /* Fix 200506 */ } else { - msg.msg_controllen = sizeof(control_un.control); /* normal */ + msg.msg_controllen = CMSG_SPACE(sizeof(newfd)); /* normal */ } #else msg.msg_accrights = (char *) &newfd; Index: src/external/ibm-public/postfix/dist/src/util/unix_send_fd.c diff -u src/external/ibm-public/postfix/dist/src/util/unix_send_fd.c:1.4 src/external/ibm-public/postfix/dist/src/util/unix_send_fd.c:1.5 --- src/external/ibm-public/postfix/dist/src/util/unix_send_fd.c:1.4 Wed Mar 2 19:56:39 2011 +++ src/external/ibm-public/postfix/dist/src/util/unix_send_fd.c Mon May 30 16:24:13 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: unix_send_fd.c,v 1.4 2011/03/02 19:56:39 tron Exp $ */ +/* $NetBSD: unix_send_fd.c,v 1.5 2011/05/30 16:24:13 joerg Exp $ */ /*++ /* NAME @@ -72,7 +72,11 @@ #if defined(CMSG_SPACE) && !defined(NO_MSGHDR_MSG_CONTROL) union { struct cmsghdr just_for_alignment; +# ifdef __clang__ + charcontrol[128]; +# else charcontrol[CMSG_SPACE(sizeof(sendfd))]; +# endif } control_un; struct cmsghdr *cmptr; @@ -81,7 +85,7 @@ if (unix_pass_fd_fix & UNIX_PASS_FD_FIX_CMSG_LEN) { msg.msg_controllen = CMSG_LEN(sizeof(sendfd)); /* Fix 200506 */ } else { - msg.msg_controllen = sizeof(control_un.control); /* normal */ + msg.msg_controllen = CMSG_SPACE(sizeof(sendfd)); /* normal */ } cmptr = CMSG_FIRSTHDR(&msg); cmptr->cmsg_len = CMSG_LEN(sizeof(sendfd));
CVS commit: src/external/ibm-public/postfix/dist
Module Name:src Committed By: tron Date: Wed Mar 23 19:10:45 UTC 2011 Modified Files: src/external/ibm-public/postfix/dist: makedefs src/external/ibm-public/postfix/dist/src/global: mail_params.h Log Message: Resolve conflict from last import. To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 src/external/ibm-public/postfix/dist/makedefs cvs rdiff -u -r1.6 -r1.7 \ src/external/ibm-public/postfix/dist/src/global/mail_params.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/ibm-public/postfix/dist/makedefs diff -u src/external/ibm-public/postfix/dist/makedefs:1.2 src/external/ibm-public/postfix/dist/makedefs:1.3 --- src/external/ibm-public/postfix/dist/makedefs:1.2 Sat Feb 12 19:07:09 2011 +++ src/external/ibm-public/postfix/dist/makedefs Wed Mar 23 19:10:44 2011 @@ -230,6 +230,12 @@ done ;; AIX.*) case "`uname -v`" in + 6) SYSTYPE=AIX6 + case "$CC" in + cc|*/cc|xlc|*/xlc) CCARGS="$CCARGS -w -blibpath:/usr/lib:/lib:/usr/local/lib";; + esac + CCARGS="$CCARGS -D_ALL_SOURCE -DHAS_POSIX_REGEXP" + ;; 5) SYSTYPE=AIX5 case "$CC" in cc|*/cc|xlc|*/xlc) CCARGS="$CCARGS -w -blibpath:/usr/lib:/lib:/usr/local/lib";; Index: src/external/ibm-public/postfix/dist/src/global/mail_params.h diff -u src/external/ibm-public/postfix/dist/src/global/mail_params.h:1.6 src/external/ibm-public/postfix/dist/src/global/mail_params.h:1.7 --- src/external/ibm-public/postfix/dist/src/global/mail_params.h:1.6 Wed Mar 2 19:56:38 2011 +++ src/external/ibm-public/postfix/dist/src/global/mail_params.h Wed Mar 23 19:10:44 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: mail_params.h,v 1.6 2011/03/02 19:56:38 tron Exp $ */ +/* $NetBSD: mail_params.h,v 1.7 2011/03/23 19:10:44 tron Exp $ */ #ifndef _MAIL_PARAMS_H_INCLUDED_ #define _MAIL_PARAMS_H_INCLUDED_ @@ -2990,33 +2990,20 @@ #define DEF_TLS_PREEMPT_CLIST 0 extern bool var_tls_preempt_clist; -#ifdef USE_TLS - - /* - * The tweak for CVE-2005-2969 is needed in some versions prior to 1.0.0 - */ + /* The tweak for CVE-2010-4180 is needed in some versions prior to 1.0.1 */ + /* The tweak for CVE-2005-2969 is needed in some versions prior to 1.0.0 */ +#if defined(USE_TLS) && (OPENSSL_VERSION_NUMBER < 0x1000100fL) #if (OPENSSL_VERSION_NUMBER < 0x100fL) -#define TLS_BUG_TWEAK_A " CVE-2005-2969" +#define TLS_BUG_TWEAKS "CVE-2005-2969 CVE-2010-4180" #else -#define TLS_BUG_TWEAK_A "" +#define TLS_BUG_TWEAKS "CVE-2010-4180" #endif - - /* - * The tweak for CVE-2010-4180 is needed in some versions prior to 1.0.1 - */ -#if (OPENSSL_VERSION_NUMBER < 0x1000100fL) -#define TLS_BUG_TWEAK_B " CVE-2010-4180" #else -#define TLS_BUG_TWEAK_B " " +#define TLS_BUG_TWEAKS "" #endif -#else /* USE_TLS */ -#define TLS_BUG_TWEAK_A "" -#define TLS_BUG_TWEAK_B " " -#endif /* USE_TLS */ - #define VAR_TLS_BUG_TWEAKS "tls_disable_workarounds" -#define DEF_TLS_BUG_TWEAKS ((TLS_BUG_TWEAK_A TLS_BUG_TWEAK_B)+1) +#define DEF_TLS_BUG_TWEAKS TLS_BUG_TWEAKS extern char *var_tls_bug_tweaks; /*
CVS commit: src/external/ibm-public/postfix/dist
Module Name:src Committed By: tron Date: Sat Nov 27 10:41:18 UTC 2010 Modified Files: src/external/ibm-public/postfix/dist/html: postconf.5.html src/external/ibm-public/postfix/dist/man/man5: postconf.5 src/external/ibm-public/postfix/dist/proto: postconf.proto src/external/ibm-public/postfix/dist/src/global: mail_params.h src/external/ibm-public/postfix/dist/src/smtpd: smtpd.c Log Message: Resolve conflicts from last import. To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.6 \ src/external/ibm-public/postfix/dist/html/postconf.5.html cvs rdiff -u -r1.5 -r1.6 \ src/external/ibm-public/postfix/dist/man/man5/postconf.5 cvs rdiff -u -r1.5 -r1.6 \ src/external/ibm-public/postfix/dist/proto/postconf.proto cvs rdiff -u -r1.4 -r1.5 \ src/external/ibm-public/postfix/dist/src/global/mail_params.h cvs rdiff -u -r1.4 -r1.5 \ src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/ibm-public/postfix/dist/html/postconf.5.html diff -u src/external/ibm-public/postfix/dist/html/postconf.5.html:1.5 src/external/ibm-public/postfix/dist/html/postconf.5.html:1.6 --- src/external/ibm-public/postfix/dist/html/postconf.5.html:1.5 Thu Jun 17 18:18:14 2010 +++ src/external/ibm-public/postfix/dist/html/postconf.5.html Sat Nov 27 10:41:16 2010 @@ -9150,6 +9150,10 @@ but it is best to include all the required certificates directly in $smtp_tls_cert_file. + Specify "tls_append_default_CA = no" to prevent Postfix from +appending the system-supplied default CAs and trusting third-party +certificates. + Example: @@ -9173,6 +9177,10 @@ To use this option in chroot mode, this directory (or a copy) must be inside the chroot jail. + Specify "tls_append_default_CA = no" to prevent Postfix from +appending the system-supplied default CAs and trusting third-party +certificates. + Example: @@ -10824,8 +10832,11 @@ Permit the request when the remote SMTP client certificate is verified successfully. This option must be used only if a special CA issues the certificates and only this CA is listed as trusted -CA, otherwise all clients with a recognized certificate would be -allowed to relay. This feature is available with Postfix version 2.2. +CA. Otherwise, clients with a third-party certificate would also +be allowed to relay. Specify "tls_append_default_CA = no" when the +trusted CA is specified with smtpd_tls_CAfile or smtpd_tls_CApath, +to prevent Postfix from appending the system-supplied default CAs. +This feature is available with Postfix version 2.2. permit_tls_clientcerts @@ -12595,6 +12606,10 @@ but it is best to include all the required certificates directly in the server certificate file. + Specify "tls_append_default_CA = no" to prevent Postfix from +appending the system-supplied default CAs and trusting third-party +certificates. + By default (see smtpd_tls_ask_ccert), client certificates are not requested, and smtpd_tls_CAfile should remain empty. If you do make use of client certificates, the distinguished names (DNs) of the certificate @@ -12626,6 +12641,10 @@ smtpd_tls_CApath in chroot mode, this directory (or a copy) must be inside the chroot jail. + Specify "tls_append_default_CA = no" to prevent Postfix from +appending the system-supplied default CAs and trusting third-party +certificates. + By default (see smtpd_tls_ask_ccert), client certificates are not requested, and smtpd_tls_CApath should remain empty. In contrast to smtpd_tls_CAfile, DNs of certificate authorities installed @@ -13739,6 +13758,23 @@ +tls_append_default_CA +(default: no) + + Append the system-supplied default certificate authority +certificates to the ones specified with *_tls_CApath or *_tls_CAfile. +The default is "no"; this prevents Postfix from trusting third-party +certificates and giving them relay permission with +permit_tls_all_clientcerts. + + This feature is available in Postfix 2.4.15, 2.5.11, 2.6.8, +2.7.2 and later versions. Specify "tls_append_default_CA = yes" for +backwards compatibility, to avoid breaking certificate verification +with sites that don't use permit_tls_all_clientcerts. + + + + tls_daemon_random_bytes (default: 32) Index: src/external/ibm-public/postfix/dist/man/man5/postconf.5 diff -u src/external/ibm-public/postfix/dist/man/man5/postconf.5:1.5 src/external/ibm-public/postfix/dist/man/man5/postconf.5:1.6 --- src/external/ibm-public/postfix/dist/man/man5/postconf.5:1.5 Thu Jun 17 18:18:15 2010 +++ src/external/ibm-public/postfix/dist/man/man5/postconf.5 Sat Nov 27 10:41:17 2010 @@ -1,4 +1,4 @@ -.\" $NetBSD: postconf.5,v 1.5 2010/06/17 18:18:15 tron Exp $ +.\" $NetBSD: postconf.5,v 1.6 2010/11/27 10:41:17 tron Exp $ .\" .TH POSTCONF 5 .SH NAME @@ -5241,6 +5241,10 @@ but it is best to include all the required certificate
CVS commit: src/external/ibm-public/postfix/dist/src/smtp
Module Name:src Committed By: riz Date: Thu Jun 10 17:06:01 UTC 2010 Modified Files: src/external/ibm-public/postfix/dist/src/smtp: smtp.c Log Message: Wrap a call to tls_level_lookup() in #if USE_TLS to allow postfix to build with MKCRYPTO=no. OK tron@ To generate a diff of this commit: cvs rdiff -u -r1.1.1.1 -r1.2 \ src/external/ibm-public/postfix/dist/src/smtp/smtp.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/ibm-public/postfix/dist/src/smtp/smtp.c diff -u src/external/ibm-public/postfix/dist/src/smtp/smtp.c:1.1.1.1 src/external/ibm-public/postfix/dist/src/smtp/smtp.c:1.2 --- src/external/ibm-public/postfix/dist/src/smtp/smtp.c:1.1.1.1 Tue Jun 23 10:08:54 2009 +++ src/external/ibm-public/postfix/dist/src/smtp/smtp.c Thu Jun 10 17:06:01 2010 @@ -1,4 +1,4 @@ -/* $NetBSD: smtp.c,v 1.1.1.1 2009/06/23 10:08:54 tron Exp $ */ +/* $NetBSD: smtp.c,v 1.2 2010/06/10 17:06:01 riz Exp $ */ /*++ /* NAME @@ -950,6 +950,7 @@ #endif if (*var_smtp_tls_level != 0) +#ifdef USE_TLS switch (tls_level_lookup(var_smtp_tls_level)) { case TLS_LEV_SECURE: case TLS_LEV_VERIFY: @@ -969,6 +970,7 @@ /* session_tls_init() assumes that var_smtp_tls_level is sane. */ msg_fatal("Invalid TLS level \"%s\"", var_smtp_tls_level); } +#endif use_tls = (var_smtp_use_tls || var_smtp_enforce_tls); /*
CVS commit: src/external/ibm-public/postfix/dist
Module Name:src Committed By: tron Date: Sat Apr 17 10:29:18 UTC 2010 Modified Files: src/external/ibm-public/postfix/dist/html: postconf.5.html src/external/ibm-public/postfix/dist/man/man5: postconf.5 src/external/ibm-public/postfix/dist/proto: postconf.proto src/external/ibm-public/postfix/dist/src/global: mail_params.h src/external/ibm-public/postfix/dist/src/smtpd: smtpd.c Log Message: Resolve conflicts caused by import of Postfix 2.6.6. To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.4 \ src/external/ibm-public/postfix/dist/html/postconf.5.html cvs rdiff -u -r1.3 -r1.4 \ src/external/ibm-public/postfix/dist/man/man5/postconf.5 cvs rdiff -u -r1.3 -r1.4 \ src/external/ibm-public/postfix/dist/proto/postconf.proto cvs rdiff -u -r1.2 -r1.3 \ src/external/ibm-public/postfix/dist/src/global/mail_params.h cvs rdiff -u -r1.2 -r1.3 \ src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/ibm-public/postfix/dist/html/postconf.5.html diff -u src/external/ibm-public/postfix/dist/html/postconf.5.html:1.3 src/external/ibm-public/postfix/dist/html/postconf.5.html:1.4 --- src/external/ibm-public/postfix/dist/html/postconf.5.html:1.3 Mon Aug 31 17:57:09 2009 +++ src/external/ibm-public/postfix/dist/html/postconf.5.html Sat Apr 17 10:29:17 2010 @@ -256,9 +256,11 @@ of an address verification request in progress. - -The default poll count is 3. - + By default, the Postfix SMTP server polls the verify(8) service +up to three times under non-overload conditions, and only once when +under overload. With Postfix version 2.5 and earlier, the SMTP +server always polls the verify(8) service up to three times by +default. Specify 1 to implement a crude form of greylisting, that is, always Index: src/external/ibm-public/postfix/dist/man/man5/postconf.5 diff -u src/external/ibm-public/postfix/dist/man/man5/postconf.5:1.3 src/external/ibm-public/postfix/dist/man/man5/postconf.5:1.4 --- src/external/ibm-public/postfix/dist/man/man5/postconf.5:1.3 Mon Aug 31 17:57:09 2009 +++ src/external/ibm-public/postfix/dist/man/man5/postconf.5 Sat Apr 17 10:29:18 2010 @@ -1,4 +1,4 @@ -.\" $NetBSD: postconf.5,v 1.3 2009/08/31 17:57:09 tron Exp $ +.\" $NetBSD: postconf.5,v 1.4 2010/04/17 10:29:18 tron Exp $ .\" .TH POSTCONF 5 .SH NAME @@ -144,7 +144,11 @@ How many times to query the \fBverify\fR(8) service for the completion of an address verification request in progress. .PP -The default poll count is 3. +By default, the Postfix SMTP server polls the \fBverify\fR(8) service +up to three times under non-overload conditions, and only once when +under overload. With Postfix version 2.5 and earlier, the SMTP +server always polls the \fBverify\fR(8) service up to three times by +default. .PP Specify 1 to implement a crude form of greylisting, that is, always defer the first delivery request for a never seen before address. Index: src/external/ibm-public/postfix/dist/proto/postconf.proto diff -u src/external/ibm-public/postfix/dist/proto/postconf.proto:1.3 src/external/ibm-public/postfix/dist/proto/postconf.proto:1.4 --- src/external/ibm-public/postfix/dist/proto/postconf.proto:1.3 Mon Aug 31 17:57:09 2009 +++ src/external/ibm-public/postfix/dist/proto/postconf.proto Sat Apr 17 10:29:18 2010 @@ -287,9 +287,11 @@ of an address verification request in progress. - -The default poll count is 3. - + By default, the Postfix SMTP server polls the verify(8) service +up to three times under non-overload conditions, and only once when +under overload. With Postfix version 2.5 and earlier, the SMTP +server always polls the verify(8) service up to three times by +default. Specify 1 to implement a crude form of greylisting, that is, always Index: src/external/ibm-public/postfix/dist/src/global/mail_params.h diff -u src/external/ibm-public/postfix/dist/src/global/mail_params.h:1.2 src/external/ibm-public/postfix/dist/src/global/mail_params.h:1.3 --- src/external/ibm-public/postfix/dist/src/global/mail_params.h:1.2 Tue Jun 23 11:41:06 2009 +++ src/external/ibm-public/postfix/dist/src/global/mail_params.h Sat Apr 17 10:29:18 2010 @@ -1,4 +1,4 @@ -/* $NetBSD: mail_params.h,v 1.2 2009/06/23 11:41:06 tron Exp $ */ +/* $NetBSD: mail_params.h,v 1.3 2010/04/17 10:29:18 tron Exp $ */ #ifndef _MAIL_PARAMS_H_INCLUDED_ #define _MAIL_PARAMS_H_INCLUDED_ @@ -2554,7 +2554,7 @@ extern char *var_verify_sender; #define VAR_VERIFY_POLL_COUNT "address_verify_poll_count" -#define DEF_VERIFY_POLL_COUNT 3 +#define DEF_VERIFY_POLL_COUNT "${stress?1}${stress:3}" extern int var_verify_poll_count; #define VAR_VERIFY_POLL_DELAY "address_verify_poll_delay" Index: src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c diff -u src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c:1.2 src/external/ibm-pub
CVS commit: src/external/ibm-public/postfix/dist/src/util
Module Name:src Committed By: jnemeth Date: Tue Feb 23 16:41:01 UTC 2010 Modified Files: src/external/ibm-public/postfix/dist/src/util: inet_addr_local.c Log Message: PR/42874 - Henning Petersen -- misplaced } To generate a diff of this commit: cvs rdiff -u -r1.1.1.1 -r1.2 \ src/external/ibm-public/postfix/dist/src/util/inet_addr_local.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/ibm-public/postfix/dist/src/util/inet_addr_local.c diff -u src/external/ibm-public/postfix/dist/src/util/inet_addr_local.c:1.1.1.1 src/external/ibm-public/postfix/dist/src/util/inet_addr_local.c:1.2 --- src/external/ibm-public/postfix/dist/src/util/inet_addr_local.c:1.1.1.1 Tue Jun 23 10:09:00 2009 +++ src/external/ibm-public/postfix/dist/src/util/inet_addr_local.c Tue Feb 23 16:41:01 2010 @@ -1,4 +1,4 @@ -/* $NetBSD: inet_addr_local.c,v 1.1.1.1 2009/06/23 10:09:00 tron Exp $ */ +/* $NetBSD: inet_addr_local.c,v 1.2 2010/02/23 16:41:01 jnemeth Exp $ */ /*++ /* NAME @@ -288,8 +288,9 @@ lifr = NEXT_INTERFACE(lifr); continue; } + } #ifdef HAS_IPV6 - } else if (af == AF_INET6) { + else if (af == AF_INET6) { if (IN6_IS_ADDR_UNSPECIFIED(&SOCK_ADDR_IN6_ADDR(sa))) { lifr = NEXT_INTERFACE(lifr); continue;
CVS commit: src/external/ibm-public/postfix/dist
Module Name:src Committed By: tron Date: Mon Aug 31 17:57:09 UTC 2009 Modified Files: src/external/ibm-public/postfix/dist/html: postconf.5.html src/external/ibm-public/postfix/dist/man/man5: postconf.5 src/external/ibm-public/postfix/dist/proto: postconf.proto Log Message: Resolve conflicts from last import. To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 \ src/external/ibm-public/postfix/dist/html/postconf.5.html cvs rdiff -u -r1.2 -r1.3 \ src/external/ibm-public/postfix/dist/man/man5/postconf.5 cvs rdiff -u -r1.2 -r1.3 \ src/external/ibm-public/postfix/dist/proto/postconf.proto Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/ibm-public/postfix/dist/html/postconf.5.html diff -u src/external/ibm-public/postfix/dist/html/postconf.5.html:1.2 src/external/ibm-public/postfix/dist/html/postconf.5.html:1.3 --- src/external/ibm-public/postfix/dist/html/postconf.5.html:1.2 Tue Jun 23 11:41:06 2009 +++ src/external/ibm-public/postfix/dist/html/postconf.5.html Mon Aug 31 17:57:09 2009 @@ -10657,11 +10657,15 @@ commands ahead of time without knowing that Postfix actually supports ESMTP command pipelining. This stops mail from bulk mail software that improperly uses ESMTP command pipelining in order to speed up -deliveries. Note: reject_unauth_pipelining is not useful -outside smtpd_data_restrictions when 1) the client uses ESMTP (EHLO -instead of HELO) and 2) with "smtpd_delay_reject = yes" (the -default). The use of reject_unauth_pipelining in the other -restriction contexts is therefore not recommended. +deliveries. + With Postfix 2.6 and later, the SMTP server sets a per-session +flag whenever it detects illegal pipelining, including pipelined +EHLO or HELO commands. The reject_unauth_pipelining feature simply +tests whether the flag was set at any point in time during the +session. + With older Postfix versions, reject_unauth_pipelining checks +the current status of the input read queue, and its usage is not +recommended in contexts other than smtpd_data_restrictions. reject Index: src/external/ibm-public/postfix/dist/man/man5/postconf.5 diff -u src/external/ibm-public/postfix/dist/man/man5/postconf.5:1.2 src/external/ibm-public/postfix/dist/man/man5/postconf.5:1.3 --- src/external/ibm-public/postfix/dist/man/man5/postconf.5:1.2 Tue Jun 23 11:41:06 2009 +++ src/external/ibm-public/postfix/dist/man/man5/postconf.5 Mon Aug 31 17:57:09 2009 @@ -1,4 +1,4 @@ -.\" $NetBSD: postconf.5,v 1.2 2009/06/23 11:41:06 tron Exp $ +.\" $NetBSD: postconf.5,v 1.3 2009/08/31 17:57:09 tron Exp $ .\" .TH POSTCONF 5 .SH NAME @@ -6521,11 +6521,15 @@ that improperly uses ESMTP command pipelining in order to speed up deliveries. .br -Note: reject_unauth_pipelining is not useful -outside smtpd_data_restrictions when 1) the client uses ESMTP (EHLO -instead of HELO) and 2) with "smtpd_delay_reject = yes" (the -default). The use of reject_unauth_pipelining in the other -restriction contexts is therefore not recommended. +With Postfix 2.6 and later, the SMTP server sets a per-session +flag whenever it detects illegal pipelining, including pipelined +EHLO or HELO commands. The reject_unauth_pipelining feature simply +tests whether the flag was set at any point in time during the +session. +.br +With older Postfix versions, reject_unauth_pipelining checks +the current status of the input read queue, and its usage is not +recommended in contexts other than smtpd_data_restrictions. .IP "\fBreject\fR" Reject the request. This restriction is useful at the end of a restriction list, to make the default policy explicit. The Index: src/external/ibm-public/postfix/dist/proto/postconf.proto diff -u src/external/ibm-public/postfix/dist/proto/postconf.proto:1.2 src/external/ibm-public/postfix/dist/proto/postconf.proto:1.3 --- src/external/ibm-public/postfix/dist/proto/postconf.proto:1.2 Tue Jun 23 11:41:06 2009 +++ src/external/ibm-public/postfix/dist/proto/postconf.proto Mon Aug 31 17:57:09 2009 @@ -4939,11 +4939,15 @@ commands ahead of time without knowing that Postfix actually supports ESMTP command pipelining. This stops mail from bulk mail software that improperly uses ESMTP command pipelining in order to speed up -deliveries. Note: reject_unauth_pipelining is not useful -outside smtpd_data_restrictions when 1) the client uses ESMTP (EHLO -instead of HELO) and 2) with "smtpd_delay_reject = yes" (the -default). The use of reject_unauth_pipelining in the other -restriction contexts is therefore not recommended. +deliveries. + With Postfix 2.6 and later, the SMTP server sets a per-session +flag whenever it detects illegal pipelining, including pipelined +EHLO or HELO commands. The reject_unauth_pipelining feature simply +tests whether the flag was set at any point in time during the +session. + With older Postfix versions, reject_unauth_pipelining c
CVS commit: src/external/ibm-public/postfix/dist/src/tls
Module Name:src Committed By: christos Date: Mon Jul 20 17:17:56 UTC 2009 Modified Files: src/external/ibm-public/postfix/dist/src/tls: tls_client.c tls_server.c Log Message: constify ciphers per new openssl To generate a diff of this commit: cvs rdiff -u -r1.1.1.1 -r1.2 \ src/external/ibm-public/postfix/dist/src/tls/tls_client.c \ src/external/ibm-public/postfix/dist/src/tls/tls_server.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/ibm-public/postfix/dist/src/tls/tls_client.c diff -u src/external/ibm-public/postfix/dist/src/tls/tls_client.c:1.1.1.1 src/external/ibm-public/postfix/dist/src/tls/tls_client.c:1.2 --- src/external/ibm-public/postfix/dist/src/tls/tls_client.c:1.1.1.1 Tue Jun 23 06:08:57 2009 +++ src/external/ibm-public/postfix/dist/src/tls/tls_client.c Mon Jul 20 13:17:56 2009 @@ -1,4 +1,4 @@ -/* $NetBSD: tls_client.c,v 1.1.1.1 2009/06/23 10:08:57 tron Exp $ */ +/* $NetBSD: tls_client.c,v 1.2 2009/07/20 17:17:56 christos Exp $ */ /*++ /* NAME @@ -727,7 +727,7 @@ int protomask; const char *cipher_list; SSL_SESSION *session; -SSL_CIPHER *cipher; +const SSL_CIPHER *cipher; X509 *peercert; TLS_SESS_STATE *TLScontext; TLS_APPL_STATE *app_ctx = props->ctx; Index: src/external/ibm-public/postfix/dist/src/tls/tls_server.c diff -u src/external/ibm-public/postfix/dist/src/tls/tls_server.c:1.1.1.1 src/external/ibm-public/postfix/dist/src/tls/tls_server.c:1.2 --- src/external/ibm-public/postfix/dist/src/tls/tls_server.c:1.1.1.1 Tue Jun 23 06:08:57 2009 +++ src/external/ibm-public/postfix/dist/src/tls/tls_server.c Mon Jul 20 13:17:56 2009 @@ -1,4 +1,4 @@ -/* $NetBSD: tls_server.c,v 1.1.1.1 2009/06/23 10:08:57 tron Exp $ */ +/* $NetBSD: tls_server.c,v 1.2 2009/07/20 17:17:56 christos Exp $ */ /*++ /* NAME @@ -556,7 +556,7 @@ { int sts; TLS_SESS_STATE *TLScontext; -SSL_CIPHER *cipher; +const SSL_CIPHER *cipher; X509 *peer; charbuf[CCERT_BUFSIZ]; const char *cipher_list;
CVS commit: src/external/ibm-public/postfix/dist
Module Name:src Committed By: tron Date: Tue Jun 23 11:41:07 UTC 2009 Modified Files: src/external/ibm-public/postfix/dist: postfix-install src/external/ibm-public/postfix/dist/README_FILES: ADDRESS_VERIFICATION_README INSTALL TLS_README src/external/ibm-public/postfix/dist/conf: main.cf master.cf postfix-files src/external/ibm-public/postfix/dist/html: ADDRESS_VERIFICATION_README.html INSTALL.html TLS_README.html postconf.5.html src/external/ibm-public/postfix/dist/man/man5: postconf.5 src/external/ibm-public/postfix/dist/proto: ADDRESS_VERIFICATION_README.html INSTALL.html TLS_README.html postconf.proto src/external/ibm-public/postfix/dist/src/cleanup: cleanup.c cleanup.h cleanup_envelope.c cleanup_init.c src/external/ibm-public/postfix/dist/src/global: mail_params.h src/external/ibm-public/postfix/dist/src/smtpd: smtpd.c src/external/ibm-public/postfix/dist/src/util: unix_recv_fd.c unix_send_fd.c Log Message: (Re-)apply NetBSD specific patches. To generate a diff of this commit: cvs rdiff -u -r1.1.1.1 -r1.2 \ src/external/ibm-public/postfix/dist/postfix-install cvs rdiff -u -r1.1.1.1 -r1.2 \ src/external/ibm-public/postfix/dist/README_FILES/ADDRESS_VERIFICATION_README \ src/external/ibm-public/postfix/dist/README_FILES/INSTALL \ src/external/ibm-public/postfix/dist/README_FILES/TLS_README cvs rdiff -u -r1.1.1.1 -r1.2 \ src/external/ibm-public/postfix/dist/conf/main.cf \ src/external/ibm-public/postfix/dist/conf/master.cf \ src/external/ibm-public/postfix/dist/conf/postfix-files cvs rdiff -u -r1.1.1.1 -r1.2 \ src/external/ibm-public/postfix/dist/html/ADDRESS_VERIFICATION_README.html \ src/external/ibm-public/postfix/dist/html/INSTALL.html \ src/external/ibm-public/postfix/dist/html/TLS_README.html \ src/external/ibm-public/postfix/dist/html/postconf.5.html cvs rdiff -u -r1.1.1.1 -r1.2 \ src/external/ibm-public/postfix/dist/man/man5/postconf.5 cvs rdiff -u -r1.1.1.1 -r1.2 \ src/external/ibm-public/postfix/dist/proto/ADDRESS_VERIFICATION_README.html \ src/external/ibm-public/postfix/dist/proto/INSTALL.html \ src/external/ibm-public/postfix/dist/proto/TLS_README.html \ src/external/ibm-public/postfix/dist/proto/postconf.proto cvs rdiff -u -r1.1.1.1 -r1.2 \ src/external/ibm-public/postfix/dist/src/cleanup/cleanup.c \ src/external/ibm-public/postfix/dist/src/cleanup/cleanup.h \ src/external/ibm-public/postfix/dist/src/cleanup/cleanup_envelope.c \ src/external/ibm-public/postfix/dist/src/cleanup/cleanup_init.c cvs rdiff -u -r1.1.1.1 -r1.2 \ src/external/ibm-public/postfix/dist/src/global/mail_params.h cvs rdiff -u -r1.1.1.1 -r1.2 \ src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c cvs rdiff -u -r1.1.1.1 -r1.2 \ src/external/ibm-public/postfix/dist/src/util/unix_recv_fd.c \ src/external/ibm-public/postfix/dist/src/util/unix_send_fd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/ibm-public/postfix/dist/postfix-install diff -u src/external/ibm-public/postfix/dist/postfix-install:1.1.1.1 src/external/ibm-public/postfix/dist/postfix-install:1.2 --- src/external/ibm-public/postfix/dist/postfix-install:1.1.1.1 Tue Jun 23 10:08:18 2009 +++ src/external/ibm-public/postfix/dist/postfix-install Tue Jun 23 11:41:05 2009 @@ -91,7 +91,7 @@ # .IP data_directory # The final destination directory for Postfix-writable data files such # as caches. This directory should not be shared with non-Postfix -# software. The built-in default directory name is /var/lib/postfix. +# software. The built-in default directory name is /var/db/postfix. # This parameter setting is recorded in the installed main.cf file. # .IP daemon_directory # The final destination directory for Postfix daemon programs. This Index: src/external/ibm-public/postfix/dist/README_FILES/ADDRESS_VERIFICATION_README diff -u src/external/ibm-public/postfix/dist/README_FILES/ADDRESS_VERIFICATION_README:1.1.1.1 src/external/ibm-public/postfix/dist/README_FILES/ADDRESS_VERIFICATION_README:1.2 --- src/external/ibm-public/postfix/dist/README_FILES/ADDRESS_VERIFICATION_README:1.1.1.1 Tue Jun 23 10:08:19 2009 +++ src/external/ibm-public/postfix/dist/README_FILES/ADDRESS_VERIFICATION_README Tue Jun 23 11:41:05 2009 @@ -179,7 +179,7 @@ # Note 1: Be sure to read the "Caching" section below! # Note 2: Avoid hash files here. Use btree instead. -address_verify_map = btree:/var/lib/postfix/verify +address_verify_map = btree:/var/db/postfix/verify /etc/postfix/sender_access: aol.com reject_unverified_sender @@ -218,7 +218,7 @@ # Note 1: Be sure to read the "Caching" section below! # Note 2: Avoid hash files