From 1aa75d39fc3e98cf7f5651f9d3af9d0754b48be3 Mon Sep 17 00:00:00 2001
From: Wietse Z Venema <wietse@porcupine.org>
Date: Tue, 29 Jul 2025 00:00:00 -0500
Subject: [PATCH] postfix-3.11-20250729

---
 postfix/HISTORY                            | 47 +++++++++++++
 postfix/README_FILES/MULTI_INSTANCE_README | 76 +++++++++++-----------
 postfix/html/MULTI_INSTANCE_README.html    | 66 +++++++++----------
 postfix/html/postmap.1.html                |  2 +-
 postfix/man/man1/postmap.1                 |  2 +-
 postfix/proto/MULTI_INSTANCE_README.html   | 66 +++++++++----------
 postfix/proto/stop                         |  1 +
 postfix/proto/stop.double-cc               |  1 +
 postfix/proto/stop.double-history          |  6 ++
 postfix/proto/stop.spell-cc                |  2 +
 postfix/proto/stop.spell-history           |  3 +
 postfix/src/global/mail_version.h          |  2 +-
 postfix/src/postalias/postalias.c          |  4 +-
 postfix/src/postmap/postmap.c              |  2 +-
 postfix/src/tls/tls.h                      |  5 +-
 postfix/src/tls/tls_client.c               | 28 ++++++--
 postfix/src/tls/tls_server.c               |  4 +-
 postfix/src/tls/tls_verify.c               | 18 ++++-
 postfix/src/util/vbuf_print.c              | 58 ++++++++++++++---
 postfix/src/util/vbuf_print_test.in        | 12 ++++
 postfix/src/util/vbuf_print_test.ref       | 10 +++
 postfix/src/util/vstring.c                 |  2 +
 22 files changed, 284 insertions(+), 133 deletions(-)

diff --git a/postfix/HISTORY b/postfix/HISTORY
index 78a961cc7..d5658bd7a 100644
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@@ -29441,3 +29441,50 @@ Apologies for any names omitted.
 	modification time change, when they opened that table for
 	writing. Files: util/dict.c, util/dict_db.c, util/dict_dbm.c,
 	util/dict_lmdb.c, util/dict_sdbm.c.
+
+20250728
+
+	Documentation: in the postmap(1) manual page, fix the caveat
+	for the '-h' option. Robert Hansen. File: postmap/postmap.c.
+
+	Documentation: make MULTI_INSTANCE_README terminology
+	(default and non-default instances) consistent with
+	postmulti(1) terminology (primary and secondary instances).
+	Robert Hansen. File: proto/MULTI_INSTANCE_README.html.
+
+	Documentation: clarify vstring(3) handling of functions
+	that expect null-terminated inputs. File: util/vstring.c.
+
+	Bugfix (defect introduced: Postfix 3.6, date 20200710):
+	Postfix TLS client code logged "Untrusted TLS connection"
+	(wrong) instead of "Trusted TLS connection" (right), when
+	a server offered a trusted (valid PKI trust chain) certificate
+	that did not match the expected server name pattern. Viktor
+	Dukhovni. Files: tls/tls_client.c, tls/tls_verify.c.
+
+	Cleanup: the TLS client stores no more than one session
+	ticket per TLS connection (a remote TLS 1.3 server can send
+	multiple tickets). Viktor Dukhovni. File: tls/tls_client.c.
+
+20250729
+
+	Cleanup: more precise handling of session tickets in the
+	Postfix TLS server. Viktor Dukhovni. File: tls/tls_server.c.
+
+	Cleanup: TLS_SESS_STATE.rpt_reported should be a public member.
+	File: tls/tls.h
+
+	Cleanup: document that TLS_SESS_STATE.ticketed is now a
+	dual-purpose field. File: tls/tls.h.
+
+	Support for the 'll' (long long, etc.) and 'j' (intmax_t,
+	etc.) format modifiers. These may appear in the expansion
+	of the C99 PRI?MAX macros. File: util/vbuf_print.c.
+
+	Y2038 compatibility for 32-bit computer systems: 'long'
+	will be too small for the YP_LAST_MODIFIED field in a NIS
+	or NISPLUS mail.aliases map. Jiaying Song, Wind River. File:
+	postalias/postalias.c. There is more time-handling code in
+	Postfix that would need to be converted to int64_t, or to
+	long long which just like time_t is a 64-bit type on many
+	ILP32 and LP64 systems.
diff --git a/postfix/README_FILES/MULTI_INSTANCE_README b/postfix/README_FILES/MULTI_INSTANCE_README
index 1f261f6c0..0a8516ba1 100644
--- a/postfix/README_FILES/MULTI_INSTANCE_README
+++ b/postfix/README_FILES/MULTI_INSTANCE_README
@@ -16,7 +16,7 @@ Topics covered in this document:
   * Null-client instances versus service instances
   * Multi-instance walk-through
   * Components of a Postfix system
-  * The default Postfix instance
+  * The primary Postfix instance
   * Instance groups
   * Multi-instance configuration parameters
   * Using the postmulti(1) command
@@ -64,7 +64,7 @@ that multiple instances will be easier to use than ever before.
 NNuullll--cclliieenntt iinnssttaanncceess vveerrssuuss sseerrvviiccee iinnssttaanncceess
 
 In the multi-instance approach to configuring Postfix, the first simplification
-is with the default local-submission Postfix instance.
+is with the primary local-submission Postfix instance.
 
 Most UNIX systems require support for email submission with the sendmail(1)
 command so that system processes such as cron jobs can send status reports, and
@@ -103,7 +103,7 @@ scrutiny, locally submitted messages are typically limited to mail from cron
 jobs and other system services. In this regard the border MTA is not different
 from other Unix hosts in your environment. For this reason, it will submit
 locally-generated email to the internal mail hub. We start the construction of
-the border mail server with the default instance, which will be a local-
+the border mail server with the primary instance, which will be a local-
 submission null client:
 
     /etc/postfix/main.cf:
@@ -213,7 +213,7 @@ before the input instance can be fully tested, and when the system boots, the
 and input instances into a single instance group named "mta".
 
 Just once, when adding the first secondary instance, enable multi-instance
-support in the default (null-client) instance:
+support in the primary (null-client) instance:
 
     # postmulti -e init
 
@@ -223,7 +223,7 @@ Then create the output instance:
 
 The instance configuration directory defaults to /etc/postfix-out, more
 precisely, the "postfix-out" subdirectory of the parent directory of the
-default-instance configuration directory. The new instance will be created in a
+primary-instance configuration directory. The new instance will be created in a
 "disabled" state:
 
     /etc/postfix-out/main.cf
@@ -240,7 +240,7 @@ default-instance configuration directory. The new instance will be created in a
 
 This instance has a "stock" master.cf file, and its queue and data directories,
 also named "postfix-out", will be located in the same parent directories as the
-corresponding directories of the default instance (e.g., /var/spool/postfix-out
+corresponding directories of the primary instance (e.g., /var/spool/postfix-out
 and /var/lib/postfix-out).
 
 While this instance is immediately safe to start, it is not yet usefully
@@ -367,7 +367,7 @@ instance group:
 
 The new instance configuration directory defaults to /etc/postfix-in, more
 precisely, the "postfix-in" subdirectory of the parent directory of the
-default-instance configuration directory. The new instance will be created in a
+primary-instance configuration directory. The new instance will be created in a
 "disabled" state:
 
     /etc/postfix-in/main.cf
@@ -520,7 +520,7 @@ set in main.cf is $config_directory, as this defines the location of the
 main.cf file itself.
 
 Though config_directory cannot be set in main.cf, postfix(1) and most of the
-other command-line Postfix utilities allow you to specify a non-default
+other command-line Postfix utilities allow you to specify a secondary
 configuration directory via a command line option (typically --cc) or via the
 MAIL_CONFIG environment variable. In this way, it is possible to have multiple
 configuration directories on the same machine, and to have multiple running
@@ -535,27 +535,27 @@ Each combination of configuration directory, together with the queue directory
 and data directory (specified in the corresponding main.cf file) make up a
 Postfix iinnssttaannccee.
 
-TThhee ddeeffaauulltt PPoossttffiixx iinnssttaannccee
+TThhee pprriimmaarryy PPoossttffiixx iinnssttaannccee
 
 One Postfix instance is special: this is the instance whose configuration
 directory is the default one compiled into the Postfix utilities. The location
 of the default configuration directory is typically /etc/postfix, and can be
 queried via the "postconf -d config_directory" command. We call the instance
-with this configuration directory the "default instance".
+with this configuration directory the "primary instance".
 
-The default instance is responsible for local mail submission. The setgid
+The primary instance is responsible for local mail submission. The setgid
 postdrop(1) utility is used by the sendmail(1) local submission program to
 spool messages into the mmaaiillddrroopp sub-directory of the queue directory of the
-default instance.
+primary instance.
 
 Even in the rare case when "sendmail -C" is used to submit local mail into a
-non-default Postfix instance, for security reasons, postdrop(1) will consult
-the default main.cf file to check the validity of the requested non-default
+secondary Postfix instance, for security reasons, postdrop(1) will consult the
+primary main.cf file to check the validity of the requested non-default
 configuration directory.
 
-So, while in most other respects, all instances are equal, the default instance
-is "more equal than others". You may choose to create additional instances, but
-you must have at least the default instance, with its configuration directory
+So, while in most other respects, all instances are equal, the primary instance
+is "more equal than others". You may choose to create secondary instances, but
+you must have at least the primary instance, with its configuration directory
 in the default compiled-in location.
 
 IInnssttaannccee ggrroouuppss
@@ -575,9 +575,9 @@ the related instances should be members of a single instance group (however,
 the content filter usually has its own start/stop procedure that is separate
 from any Postfix instance).
 
-The default instance main.cf file's $multi_instance_directories configuration
+The primary instance main.cf file's $multi_instance_directories configuration
 parameter lists the configuration directories of all secondary (non-default)
-instances. Together with the default instance, these secondary instances are
+instances. Together with the primary instance, these secondary instances are
 managed by the multi-instance manager. Instances are started in the order
 listed, and stopped in the opposite order. For instances that are members of a
 service "group", you should arrange to start the service back-to-front, with
@@ -587,16 +587,16 @@ started.
 MMuullttii--iinnssttaannccee ccoonnffiigguurraattiioonn ppaarraammeetteerrss
 
 multi_instance_wrapper
-    This default-instance configuration parameter must be set to a suitable
+    This primary-instance configuration parameter must be set to a suitable
     multi-instance manager's "wrapper" program that controls the starting,
     stopping, etc. of a multi-instance Postfix system. To use the postmulti(1)
     manager described in this document, this parameter should be set with the
     "postmulti -e init" command.
 
 multi_instance_directories
-    This default-instance configuration parameter specifies an optional list of
+    This primary-instance configuration parameter specifies an optional list of
     the secondary instances controlled via the multi-instance manager.
-    Instances are listed in their "start" order, with the default instance
+    Instances are listed in their "start" order, with the primary instance
     always started first (if enabled). If $multi_instance_directories is left
     empty, the postfix(1) command runs with multi-instance support turned off,
     and none of the multi_instance_ configuration parameters will have any
@@ -672,37 +672,37 @@ IInniittiiaalliizziinngg tthhee mmuullttii--iinnssttaa
 
 Before postmulti(1) is used for the first time, you must install it as the
 multi_instance_wrapper for your Postfix system and enable multi-instance
-operation of the default Postfix instance. You can then proceed to add new or
+operation of the primary Postfix instance. You can then proceed to add new or
 existing instances to the multi-instance configuration. This initial
 installation is accomplished as follows:
 
         # postmulti -e init
 
-This updates the default instance main.cf file as follows:
+This updates the primary instance main.cf file as follows:
 
         # Use postmulti(1) as a postfix-wrapper(5)
         #
         multi_instance_wrapper = ${command_directory}/postmulti -p --
 
-        # Configure the default instance to start when in multi-instance mode
+        # Configure the primary instance to start when in multi-instance mode
         #
         multi_instance_enable = yes
 
-If you prefer, you can make these changes by editing the default main.cf
+If you prefer, you can make these changes by editing the primary main.cf
 directly, or by using "postconf -e".
 
 LLiissttiinngg mmaannaaggeedd iinnssttaanncceess
 
-The list of managed instances consists of the default instance and the
-additional instances whose configuration directories are listed (in start
-order) under the multi_instance_directories parameter of the default main.cf
+The list of managed instances consists of the primary instance and the
+secondary instances whose configuration directories are listed (in start order)
+under the multi_instance_directories parameter of the primary main.cf
 configuration file.
 
 You can list selected instances, groups of instances or all instances by
 specifying only the instance matching options with the "-l" option. The "-a"
 option is assumed if no other instance selection options are specified (this
 behavior changes with the "-e" option). As a special case, even if it has an
-explicit name, the default instance can always be selected via "-i -".
+explicit name, the primary instance can always be selected via "-i -".
 
     # postmulti -l -a
     # postmulti -l -g a_group
@@ -732,8 +732,8 @@ either the instance name or the instance group is not set, it is shown as a "-
 
 When selecting an existing instance via the "-i" option, you can always use the
 full pathname of its configuration directory instead of the instance (short)
-name. This is the only way to select a non-default nameless instance. The
-default instance can be selected via "-i -", whether it has a name or not.
+name. This is the only way to select a secondary nameless instance. The primary
+instance can be selected via "-i -", whether it has a name or not.
 
 To list instances in reverse start order, include the "-R" option together with
 the instance selection options.
@@ -826,9 +826,9 @@ possibilities:
 
 CCrreeaattiinngg aa nneeww PPoossttffiixx iinnssttaannccee
 
-The postmulti(1) command can be used to create additional Postfix instances.
-New instances are created with local submission and all "inet" services
-disabled via the following non-default parameter settings in the main.cf file:
+The postmulti(1) command can be used to create secondary Postfix instances. New
+instances are created with local submission and all "inet" services disabled
+via the following non-default parameter settings in the main.cf file:
 
     authorized_submit_users =
     master_service_disable = inet
@@ -839,8 +839,8 @@ will also not accept any mail until they are fully configured, at which point
 you can do away with one or both of the above safety measures.
 
 The postmulti(1) command encourages a preferred way of organizing the
-configuration directories, queue directories and data directories of non-
-default instances. If the default instance settings are:
+configuration directories, queue directories and data directories of secondary
+instances. If the primary instance settings are:
 
     config_directory = /conf-path/postfix
     queue_directory = /queue-path/postfix
@@ -885,7 +885,7 @@ existing instances. By default, the configuration directories of newly managed
 instances are appended to the instance list. You can use the "-i" or "-g" or "-
 a" options to insert the new instance before the specified instance or group,
 or at the beginning of the instance list (multi_instance_directories parameter
-of the default instance).
+of the primary instance).
 
 If you do specify a name (use "-I" with a name that is not "-") for the new
 instance, you may omit any of the 3 instance installation parameters whose
diff --git a/postfix/html/MULTI_INSTANCE_README.html b/postfix/html/MULTI_INSTANCE_README.html
index 95d375b3f..e0e7cd2e9 100644
--- a/postfix/html/MULTI_INSTANCE_README.html
+++ b/postfix/html/MULTI_INSTANCE_README.html
@@ -40,7 +40,7 @@ management framework, and on how to deploy a custom instance manager.
 
 <li><a href="#parts"> Components of a Postfix system </a> 
 
-<li><a href="#default"> The default Postfix instance </a> 
+<li><a href="#default"> The primary Postfix instance </a> 
 
 <li><a href="#group"> Instance groups </a>
 
@@ -102,7 +102,7 @@ use than ever before. </p>
 <h2><a name="split"> Null-client instances versus service instances </a></h2>
 
 <p> In the multi-instance approach to configuring Postfix, the first
-simplification is with the default local-submission Postfix instance.
+simplification is with the primary local-submission Postfix instance.
 </p>
 
 <p> Most UNIX systems require support for email submission with the
@@ -152,7 +152,7 @@ limited to mail from cron jobs and other system services. In this
 regard the border MTA is not different from other Unix hosts in
 your environment. For this reason, it will submit locally-generated
 email to the internal mail hub. We start the construction of the
-border mail server with the <a href="#default_instance">default</a>
+border mail server with the <a href="#default">primary</a>
 instance, which will be a local-submission <a
 href="STANDARD_CONFIGURATION_README.html#null_client">null client</a>:
 </p>
@@ -283,7 +283,7 @@ must start before the input instance. We will put the output and
 input instances into a single instance group named "mta".  </p>
 
 <p> Just once, when adding the first secondary instance, enable
-multi-instance support in the default (null-client) instance: </p>
+multi-instance support in the primary (null-client) instance: </p>
 
 <blockquote>
 <pre>
@@ -301,7 +301,7 @@ multi-instance support in the default (null-client) instance: </p>
 
 <p> The instance configuration directory defaults to /etc/postfix-out,
 more precisely, the "postfix-out" subdirectory of the parent directory
-of the default-instance configuration directory. The new instance will
+of the primary-instance configuration directory. The new instance will
 be created in a "disabled" state: </p>
 
 <blockquote>
@@ -323,7 +323,7 @@ be created in a "disabled" state: </p>
 <p> This instance has a "stock" <a href="master.5.html">master.cf</a> file, and its queue and
 data directories, also named "postfix-out", will be located in the
 same parent directories as the corresponding directories of the
-default instance (e.g., /var/spool/postfix-out and /var/lib/postfix-out).
+primary instance (e.g., /var/spool/postfix-out and /var/lib/postfix-out).
 </p>
 
 <p> While this instance is immediately safe to start, it is not yet
@@ -472,7 +472,7 @@ also part of the "mta" instance group: </p>
 
 <p> The new instance configuration directory defaults to /etc/postfix-in,
 more precisely, the "postfix-in" subdirectory of the parent directory
-of the default-instance configuration directory. The new instance will
+of the primary-instance configuration directory. The new instance will
 be created in a "disabled" state: </p>
 
 <blockquote>
@@ -658,7 +658,7 @@ all but one may be optionally set to a non-default value via the
 
 <p> Though <a href="postconf.5.html#config_directory">config_directory</a> cannot be set in <a href="postconf.5.html">main.cf</a>, <a href="postfix.1.html">postfix(1)</a> and
 most of the other command-line Postfix utilities allow you to specify a
-non-default configuration directory via a command line option (typically
+secondary configuration directory via a command line option (typically
 <b>-c</b>) or via the MAIL_CONFIG environment variable. In this way,
 it is possible to have multiple configuration directories on the same
 machine, and to have multiple running <a href="master.8.html">master(8)</a> daemons each with its
@@ -672,28 +672,28 @@ directories, queue directories or data directories. </p>
 directory and data directory (specified in the corresponding <a href="postconf.5.html">main.cf</a> file)
 make up a Postfix <b>instance</b>. </p>
 
-<h2><a name="default"> The default Postfix instance </a></h2>
+<h2><a name="default"> The primary Postfix instance </a></h2>
 
 <p> One Postfix instance is special: this is the instance whose
 configuration directory is the default one compiled into the Postfix
 utilities. The location of the default configuration directory is
 typically /etc/postfix, and can be queried via the "postconf -d
 <a href="postconf.5.html#config_directory">config_directory</a>" command.  We call the instance with this configuration
-directory the "default instance". </p>
+directory the "primary instance". </p>
 
-<p> The default instance is responsible for local mail submission. The
+<p> The primary instance is responsible for local mail submission. The
 setgid <a href="postdrop.1.html">postdrop(1)</a> utility is used by the <a href="sendmail.1.html">sendmail(1)</a> local submission
 program to spool messages into the <b>maildrop</b> sub-directory of the
-queue directory of the default instance. </p>
+queue directory of the primary instance. </p>
 
 <p> Even in the rare case when "sendmail -C" is used to submit local mail
-into a non-default Postfix instance, for security reasons, <a href="postdrop.1.html">postdrop(1)</a>
-will consult the default <a href="postconf.5.html">main.cf</a> file to check the validity of the
+into a secondary Postfix instance, for security reasons, <a href="postdrop.1.html">postdrop(1)</a>
+will consult the primary <a href="postconf.5.html">main.cf</a> file to check the validity of the
 requested non-default configuration directory. </p>
 
 <p> So, while in most other respects, all instances are equal, the
-default instance is "more equal than others". You may choose to create
-additional instances, but you must have at least the default instance,
+primary instance is "more equal than others". You may choose to create
+secondary instances, but you must have at least the primary instance,
 with its configuration directory in the default compiled-in location. </p>
 
 <h2><a name="group"> Instance groups </a></h2>
@@ -715,9 +715,9 @@ of a single instance group (however, the content filter usually has
 its own start/stop procedure that is separate from any Postfix
 instance).  </p>
 
-<p> The default instance <a href="postconf.5.html">main.cf</a> file's $<a href="postconf.5.html#multi_instance_directories">multi_instance_directories</a>
+<p> The primary instance <a href="postconf.5.html">main.cf</a> file's $<a href="postconf.5.html#multi_instance_directories">multi_instance_directories</a>
 configuration parameter lists the configuration directories of all
-secondary (non-default) instances. Together with the default instance,
+secondary (non-default) instances. Together with the primary instance,
 these secondary instances are managed by the multi-instance manager.
 Instances are started in the order listed, and stopped in the
 opposite order. For instances that are members of a service "group",
@@ -731,7 +731,7 @@ stages are started. </p>
 
 <dt> <a href="postconf.5.html#multi_instance_wrapper">multi_instance_wrapper</a> </dt> 
 
-<dd> <p> This default-instance configuration parameter must be set
+<dd> <p> This primary-instance configuration parameter must be set
 to a suitable multi-instance manager's "wrapper" program that
 controls the starting, stopping, etc. of a multi-instance Postfix
 system. To use the <a href="postmulti.1.html">postmulti(1)</a> manager described in this document,
@@ -740,10 +740,10 @@ this parameter should be set with the "<a href="#init">postmulti
 
 <dt> <a href="postconf.5.html#multi_instance_directories">multi_instance_directories</a> </dt>
 
-<dd> <p> This default-instance configuration parameter specifies
+<dd> <p> This primary-instance configuration parameter specifies
 an optional list of the secondary instances controlled via the
 multi-instance manager. Instances are listed in their "start" order,
-with the default instance always started first (if enabled). If
+with the primary instance always started first (if enabled). If
 $<a href="postconf.5.html#multi_instance_directories">multi_instance_directories</a> is left empty, the <a href="postfix.1.html">postfix(1)</a> command
 runs with multi-instance support turned off, and none of the
 multi_instance_ configuration parameters will have any effect. </p>
@@ -842,7 +842,7 @@ automatically. See below. </p>
 
 <p> Before <a href="postmulti.1.html">postmulti(1)</a> is used for the first time, you must install
 it as the <a href="postconf.5.html#multi_instance_wrapper">multi_instance_wrapper</a> for your Postfix system and enable
-multi-instance operation of the default Postfix instance. You can then
+multi-instance operation of the primary Postfix instance. You can then
 proceed to add <a href="#create">new</a> or <a href="#import">existing</a>
 instances to the multi-instance configuration. This initial installation
 is accomplished as follows: </p>
@@ -853,7 +853,7 @@ is accomplished as follows: </p>
 </pre>
 </blockquote>
 
-<p> This updates the default instance <a href="postconf.5.html">main.cf</a> file as follows: </p>
+<p> This updates the primary instance <a href="postconf.5.html">main.cf</a> file as follows: </p>
 
 <blockquote>
 <pre>
@@ -861,28 +861,28 @@ is accomplished as follows: </p>
     #
     <a href="postconf.5.html#multi_instance_wrapper">multi_instance_wrapper</a> = ${<a href="postconf.5.html#command_directory">command_directory</a>}/postmulti -p --
 
-    # Configure the default instance to start when in multi-instance mode
+    # Configure the primary instance to start when in multi-instance mode
     #
     <a href="postconf.5.html#multi_instance_enable">multi_instance_enable</a> = yes
 </pre>
 </blockquote>
 
-<p> If you prefer, you can make these changes by editing the default
+<p> If you prefer, you can make these changes by editing the primary
 <a href="postconf.5.html">main.cf</a> directly, or by using "postconf -e". </p>
 
 <h3><a name="list"> Listing managed instances </a></h3>
 
-<p> The list of managed instances consists of the default instance and
-the additional instances whose configuration directories are listed
+<p> The list of managed instances consists of the primary instance and
+the secondary instances whose configuration directories are listed
 (in start order) under the <a href="postconf.5.html#multi_instance_directories">multi_instance_directories</a> parameter of the
-default <a href="postconf.5.html">main.cf</a> configuration file.  </p>
+primary <a href="postconf.5.html">main.cf</a> configuration file.  </p>
 
 <p> You can list selected instances, groups of instances or all
 instances by specifying only the instance matching options with the
 "-l" option.  The "-a" option is assumed if no other instance
 selection options are specified (this behavior changes with the
 "-e" option).  As a special case, even if it has an explicit name,
-the default instance can always be selected via "-i -". </p>
+the primary instance can always be selected via "-i -". </p>
 
 <blockquote>
 <pre>
@@ -926,7 +926,7 @@ set, it is shown as a "-". </p>
 <p> When selecting an existing instance via the "-i" option, you
 can always use the full pathname of its configuration directory
 instead of the instance (short) name. This is the only way to select
-a non-default nameless instance. The default instance can be selected
+a secondary nameless instance. The primary instance can be selected
 via "-i -", whether it has a name or not. </p>
 
 <p> To list instances in reverse start order, include the "-R"
@@ -1052,7 +1052,7 @@ $ postmulti -x sh -c 'echo "-- $MAIL_CONFIG"; postconf -n'
 
 <h3><a name="create"> Creating a new Postfix instance </a></h3>
 
-<p> The <a href="postmulti.1.html">postmulti(1)</a> command can be used to create additional Postfix
+<p> The <a href="postmulti.1.html">postmulti(1)</a> command can be used to create secondary Postfix
 instances. New instances are created with local submission and all "inet"
 services disabled via the following non-default parameter settings in
 the <a href="postconf.5.html">main.cf</a> file: </p>
@@ -1072,7 +1072,7 @@ the above safety measures. </p>
 
 <p> The <a href="postmulti.1.html">postmulti(1)</a> command encourages a preferred way of organizing
 the configuration directories, queue directories and data directories
-of non-default instances. If the default instance settings are: </p>
+of secondary instances. If the primary instance settings are: </p>
 
 <blockquote>
 <pre>
@@ -1140,7 +1140,7 @@ the configuration directories of newly managed instances are appended
 to the instance list. You can use the "-i" or "-g" or "-a" options to
 insert the new instance before the specified instance or group, or at
 the beginning of the instance list (<a href="postconf.5.html#multi_instance_directories">multi_instance_directories</a> parameter
-of the default instance). </p>
+of the primary instance). </p>
 
 <p> If you do specify a name (use "-I" with a name that is not "-")
 for the new instance, you may omit any of the 3 instance installation
diff --git a/postfix/html/postmap.1.html b/postfix/html/postmap.1.html
index cac47bf84..a3c4bcf7b 100644
--- a/postfix/html/postmap.1.html
+++ b/postfix/html/postmap.1.html
@@ -120,7 +120,7 @@ POSTMAP(1)                                                          POSTMAP(1)
               also generates header-style  lookup  keys  for  attachment  MIME
               headers and for attached message/* headers.
 
-              NOTE:  with  "<a href="postconf.5.html#smtputf8_enable">smtputf8_enable</a>  = yes", the <b>-b</b> option option dis-
+              NOTE:  with  "<a href="postconf.5.html#smtputf8_enable">smtputf8_enable</a>  = yes", the <b>-h</b> option option dis-
               ables UTF-8 syntax checks on  query  keys  and  lookup  results.
               Specify the <b>-U</b> option to force UTF-8 syntax checks anyway.
 
diff --git a/postfix/man/man1/postmap.1 b/postfix/man/man1/postmap.1
index d2551e54e..1cd785e05 100644
--- a/postfix/man/man1/postmap.1
+++ b/postfix/man/man1/postmap.1
@@ -136,7 +136,7 @@ parsing with \fB\-m\fR. With this, the \fB\-h\fR option also
 generates header\-style lookup keys for attachment MIME
 headers and for attached message/* headers.
 .sp
-NOTE: with "smtputf8_enable = yes", the \fB\-b\fR option
+NOTE: with "smtputf8_enable = yes", the \fB\-h\fR option
 option disables UTF\-8 syntax checks on query keys and
 lookup results. Specify the \fB\-U\fR option to force UTF\-8
 syntax checks anyway.
diff --git a/postfix/proto/MULTI_INSTANCE_README.html b/postfix/proto/MULTI_INSTANCE_README.html
index 57b5b701b..2955ab20d 100644
--- a/postfix/proto/MULTI_INSTANCE_README.html
+++ b/postfix/proto/MULTI_INSTANCE_README.html
@@ -40,7 +40,7 @@ management framework, and on how to deploy a custom instance manager.
 
 <li><a href="#parts"> Components of a Postfix system </a> 
 
-<li><a href="#default"> The default Postfix instance </a> 
+<li><a href="#default"> The primary Postfix instance </a> 
 
 <li><a href="#group"> Instance groups </a>
 
@@ -102,7 +102,7 @@ use than ever before. </p>
 <h2><a name="split"> Null-client instances versus service instances </a></h2>
 
 <p> In the multi-instance approach to configuring Postfix, the first
-simplification is with the default local-submission Postfix instance.
+simplification is with the primary local-submission Postfix instance.
 </p>
 
 <p> Most UNIX systems require support for email submission with the
@@ -152,7 +152,7 @@ limited to mail from cron jobs and other system services. In this
 regard the border MTA is not different from other Unix hosts in
 your environment. For this reason, it will submit locally-generated
 email to the internal mail hub. We start the construction of the
-border mail server with the <a href="#default_instance">default</a>
+border mail server with the <a href="#default">primary</a>
 instance, which will be a local-submission <a
 href="STANDARD_CONFIGURATION_README.html#null_client">null client</a>:
 </p>
@@ -283,7 +283,7 @@ must start before the input instance. We will put the output and
 input instances into a single instance group named "mta".  </p>
 
 <p> Just once, when adding the first secondary instance, enable
-multi-instance support in the default (null-client) instance: </p>
+multi-instance support in the primary (null-client) instance: </p>
 
 <blockquote>
 <pre>
@@ -301,7 +301,7 @@ multi-instance support in the default (null-client) instance: </p>
 
 <p> The instance configuration directory defaults to /etc/postfix-out,
 more precisely, the "postfix-out" subdirectory of the parent directory
-of the default-instance configuration directory. The new instance will
+of the primary-instance configuration directory. The new instance will
 be created in a "disabled" state: </p>
 
 <blockquote>
@@ -323,7 +323,7 @@ be created in a "disabled" state: </p>
 <p> This instance has a "stock" master.cf file, and its queue and
 data directories, also named "postfix-out", will be located in the
 same parent directories as the corresponding directories of the
-default instance (e.g., /var/spool/postfix-out and /var/lib/postfix-out).
+primary instance (e.g., /var/spool/postfix-out and /var/lib/postfix-out).
 </p>
 
 <p> While this instance is immediately safe to start, it is not yet
@@ -472,7 +472,7 @@ also part of the "mta" instance group: </p>
 
 <p> The new instance configuration directory defaults to /etc/postfix-in,
 more precisely, the "postfix-in" subdirectory of the parent directory
-of the default-instance configuration directory. The new instance will
+of the primary-instance configuration directory. The new instance will
 be created in a "disabled" state: </p>
 
 <blockquote>
@@ -658,7 +658,7 @@ main.cf file itself. </p>
 
 <p> Though config_directory cannot be set in main.cf, postfix(1) and
 most of the other command-line Postfix utilities allow you to specify a
-non-default configuration directory via a command line option (typically
+secondary configuration directory via a command line option (typically
 <b>-c</b>) or via the MAIL_CONFIG environment variable. In this way,
 it is possible to have multiple configuration directories on the same
 machine, and to have multiple running master(8) daemons each with its
@@ -672,28 +672,28 @@ directories, queue directories or data directories. </p>
 directory and data directory (specified in the corresponding main.cf file)
 make up a Postfix <b>instance</b>. </p>
 
-<h2><a name="default"> The default Postfix instance </a></h2>
+<h2><a name="default"> The primary Postfix instance </a></h2>
 
 <p> One Postfix instance is special: this is the instance whose
 configuration directory is the default one compiled into the Postfix
 utilities. The location of the default configuration directory is
 typically /etc/postfix, and can be queried via the "postconf -d
 config_directory" command.  We call the instance with this configuration
-directory the "default instance". </p>
+directory the "primary instance". </p>
 
-<p> The default instance is responsible for local mail submission. The
+<p> The primary instance is responsible for local mail submission. The
 setgid postdrop(1) utility is used by the sendmail(1) local submission
 program to spool messages into the <b>maildrop</b> sub-directory of the
-queue directory of the default instance. </p>
+queue directory of the primary instance. </p>
 
 <p> Even in the rare case when "sendmail -C" is used to submit local mail
-into a non-default Postfix instance, for security reasons, postdrop(1)
-will consult the default main.cf file to check the validity of the
+into a secondary Postfix instance, for security reasons, postdrop(1)
+will consult the primary main.cf file to check the validity of the
 requested non-default configuration directory. </p>
 
 <p> So, while in most other respects, all instances are equal, the
-default instance is "more equal than others". You may choose to create
-additional instances, but you must have at least the default instance,
+primary instance is "more equal than others". You may choose to create
+secondary instances, but you must have at least the primary instance,
 with its configuration directory in the default compiled-in location. </p>
 
 <h2><a name="group"> Instance groups </a></h2>
@@ -715,9 +715,9 @@ of a single instance group (however, the content filter usually has
 its own start/stop procedure that is separate from any Postfix
 instance).  </p>
 
-<p> The default instance main.cf file's $multi_instance_directories
+<p> The primary instance main.cf file's $multi_instance_directories
 configuration parameter lists the configuration directories of all
-secondary (non-default) instances. Together with the default instance,
+secondary (non-default) instances. Together with the primary instance,
 these secondary instances are managed by the multi-instance manager.
 Instances are started in the order listed, and stopped in the
 opposite order. For instances that are members of a service "group",
@@ -731,7 +731,7 @@ stages are started. </p>
 
 <dt> multi_instance_wrapper </dt> 
 
-<dd> <p> This default-instance configuration parameter must be set
+<dd> <p> This primary-instance configuration parameter must be set
 to a suitable multi-instance manager's "wrapper" program that
 controls the starting, stopping, etc. of a multi-instance Postfix
 system. To use the postmulti(1) manager described in this document,
@@ -740,10 +740,10 @@ this parameter should be set with the "<a href="#init">postmulti
 
 <dt> multi_instance_directories </dt>
 
-<dd> <p> This default-instance configuration parameter specifies
+<dd> <p> This primary-instance configuration parameter specifies
 an optional list of the secondary instances controlled via the
 multi-instance manager. Instances are listed in their "start" order,
-with the default instance always started first (if enabled). If
+with the primary instance always started first (if enabled). If
 $multi_instance_directories is left empty, the postfix(1) command
 runs with multi-instance support turned off, and none of the
 multi_instance_ configuration parameters will have any effect. </p>
@@ -842,7 +842,7 @@ automatically. See below. </p>
 
 <p> Before postmulti(1) is used for the first time, you must install
 it as the multi_instance_wrapper for your Postfix system and enable
-multi-instance operation of the default Postfix instance. You can then
+multi-instance operation of the primary Postfix instance. You can then
 proceed to add <a href="#create">new</a> or <a href="#import">existing</a>
 instances to the multi-instance configuration. This initial installation
 is accomplished as follows: </p>
@@ -853,7 +853,7 @@ is accomplished as follows: </p>
 </pre>
 </blockquote>
 
-<p> This updates the default instance main.cf file as follows: </p>
+<p> This updates the primary instance main.cf file as follows: </p>
 
 <blockquote>
 <pre>
@@ -861,28 +861,28 @@ is accomplished as follows: </p>
     #
     multi_instance_wrapper = ${command_directory}/postmulti -p --
 
-    # Configure the default instance to start when in multi-instance mode
+    # Configure the primary instance to start when in multi-instance mode
     #
     multi_instance_enable = yes
 </pre>
 </blockquote>
 
-<p> If you prefer, you can make these changes by editing the default
+<p> If you prefer, you can make these changes by editing the primary
 main.cf directly, or by using "postconf -e". </p>
 
 <h3><a name="list"> Listing managed instances </a></h3>
 
-<p> The list of managed instances consists of the default instance and
-the additional instances whose configuration directories are listed
+<p> The list of managed instances consists of the primary instance and
+the secondary instances whose configuration directories are listed
 (in start order) under the multi_instance_directories parameter of the
-default main.cf configuration file.  </p>
+primary main.cf configuration file.  </p>
 
 <p> You can list selected instances, groups of instances or all
 instances by specifying only the instance matching options with the
 "-l" option.  The "-a" option is assumed if no other instance
 selection options are specified (this behavior changes with the
 "-e" option).  As a special case, even if it has an explicit name,
-the default instance can always be selected via "-i -". </p>
+the primary instance can always be selected via "-i -". </p>
 
 <blockquote>
 <pre>
@@ -926,7 +926,7 @@ set, it is shown as a "-". </p>
 <p> When selecting an existing instance via the "-i" option, you
 can always use the full pathname of its configuration directory
 instead of the instance (short) name. This is the only way to select
-a non-default nameless instance. The default instance can be selected
+a secondary nameless instance. The primary instance can be selected
 via "-i -", whether it has a name or not. </p>
 
 <p> To list instances in reverse start order, include the "-R"
@@ -1052,7 +1052,7 @@ $ postmulti -x sh -c 'echo "-- $MAIL_CONFIG"; postconf -n'
 
 <h3><a name="create"> Creating a new Postfix instance </a></h3>
 
-<p> The postmulti(1) command can be used to create additional Postfix
+<p> The postmulti(1) command can be used to create secondary Postfix
 instances. New instances are created with local submission and all "inet"
 services disabled via the following non-default parameter settings in
 the main.cf file: </p>
@@ -1072,7 +1072,7 @@ the above safety measures. </p>
 
 <p> The postmulti(1) command encourages a preferred way of organizing
 the configuration directories, queue directories and data directories
-of non-default instances. If the default instance settings are: </p>
+of secondary instances. If the primary instance settings are: </p>
 
 <blockquote>
 <pre>
@@ -1140,7 +1140,7 @@ the configuration directories of newly managed instances are appended
 to the instance list. You can use the "-i" or "-g" or "-a" options to
 insert the new instance before the specified instance or group, or at
 the beginning of the instance list (multi_instance_directories parameter
-of the default instance). </p>
+of the primary instance). </p>
 
 <p> If you do specify a name (use "-I" with a name that is not "-")
 for the new instance, you may omit any of the 3 instance installation
diff --git a/postfix/proto/stop b/postfix/proto/stop
index 5a7a3b12a..3b3c4b93f 100644
--- a/postfix/proto/stop
+++ b/postfix/proto/stop
@@ -1684,3 +1684,4 @@ LD
 PRELOAD
 rhansen
 XDG
+crosstalk
diff --git a/postfix/proto/stop.double-cc b/postfix/proto/stop.double-cc
index 1a39b3249..1da83181c 100644
--- a/postfix/proto/stop.double-cc
+++ b/postfix/proto/stop.double-cc
@@ -345,3 +345,4 @@ USE_TLSRPT  USE_TLSRPT
 encoded  encoded text can contain only alpha digit 
 ossl_digest_new  ossl_digest_new returns NULL after error ossl_digest_data 
  Richard Hansen rhansen rhansen org 
+ long long or long integer 
diff --git a/postfix/proto/stop.double-history b/postfix/proto/stop.double-history
index 96639d384..45bfd7fb7 100644
--- a/postfix/proto/stop.double-history
+++ b/postfix/proto/stop.double-history
@@ -183,3 +183,9 @@ proto  proto COMPATIBILITY_README html
  client Files dict h dict_proxy c proxymap proxymap c 
  cross talk between different clients File proxymap proxymap c 
  postscreen postscreen c 
+ for the h option Robert Hansen File postmap postmap c 
+ Support for the ll long long etc and j intmax_t 
+ postalias postalias c There is more time handling code in
+ long long which just like time_t is a 64 bit type on many
+ File tls tls h
+ dual purpose field File tls tls h 
diff --git a/postfix/proto/stop.spell-cc b/postfix/proto/stop.spell-cc
index 10ffc77e9..9a5925cde 100644
--- a/postfix/proto/stop.spell-cc
+++ b/postfix/proto/stop.spell-cc
@@ -1865,3 +1865,5 @@ DIGEST
 OSSL
 ossl
 deduplicates
+intmax
+lflag
diff --git a/postfix/proto/stop.spell-history b/postfix/proto/stop.spell-history
index 42b996fab..901956536 100644
--- a/postfix/proto/stop.spell-history
+++ b/postfix/proto/stop.spell-history
@@ -110,3 +110,6 @@ Unbroke
 XDG
 ENOTSOCK
 FustÃ
+Jiaying
+PRI
+YP
diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h
index 67e8164b5..8ef93f86d 100644
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -20,7 +20,7 @@
   * Patches change both the patchlevel and the release date. Snapshots have no
   * patchlevel; they change the release date only.
   */
-#define MAIL_RELEASE_DATE	"20250717"
+#define MAIL_RELEASE_DATE	"20250729"
 #define MAIL_VERSION_NUMBER	"3.11"
 
 #ifdef SNAPSHOT
diff --git a/postfix/src/postalias/postalias.c b/postfix/src/postalias/postalias.c
index 9e77a6b20..b3c9de87f 100644
--- a/postfix/src/postalias/postalias.c
+++ b/postfix/src/postalias/postalias.c
@@ -487,10 +487,10 @@ static void postalias(char *map_type, char *path_name, int postalias_flags,
      * this information MUST be written without a trailing null appended to
      * key or value.
      */
+#if (defined(HAS_NIS) || defined(HAS_NISPLUS))
     mkmap->dict->flags &= ~DICT_FLAG_TRY1NULL;
     mkmap->dict->flags |= DICT_FLAG_TRY0NULL;
-    vstring_sprintf(value_buffer, "%010ld", (long) time((time_t *) 0));
-#if (defined(HAS_NIS) || defined(HAS_NISPLUS))
+    vstring_sprintf(value_buffer, "%010" PRId64, (int64_t) time((time_t *) 0));
     mkmap->dict->flags &= ~DICT_FLAG_FOLD_FIX;
     mkmap_append(mkmap, "YP_LAST_MODIFIED", STR(value_buffer));
     mkmap_append(mkmap, "YP_MASTER_NAME", var_myhostname);
diff --git a/postfix/src/postmap/postmap.c b/postfix/src/postmap/postmap.c
index 8f4a83c37..5ebc2e312 100644
--- a/postfix/src/postmap/postmap.c
+++ b/postfix/src/postmap/postmap.c
@@ -126,7 +126,7 @@
 /*	generates header-style lookup keys for attachment MIME
 /*	headers and for attached message/* headers.
 /* .sp
-/*	NOTE: with "smtputf8_enable = yes", the \fB-b\fR option
+/*	NOTE: with "smtputf8_enable = yes", the \fB-h\fR option
 /*	option disables UTF-8 syntax checks on query keys and
 /*	lookup results. Specify the \fB-U\fR option to force UTF-8
 /*	syntax checks anyway.
diff --git a/postfix/src/tls/tls.h b/postfix/src/tls/tls.h
index 96eb5a4b3..c54f39656 100644
--- a/postfix/src/tls/tls.h
+++ b/postfix/src/tls/tls.h
@@ -252,10 +252,11 @@ typedef struct {
     const char *srvr_sig_curve;		/* server's ECDSA curve name */
     int     srvr_sig_bits;		/* server's RSA signature key bits */
     const char *srvr_sig_dgst;		/* server's signature digest */
+    int     rpt_reported;		/* Failure was reported with TLSRPT */
     /* Private. */
     SSL    *con;
     char   *cache_type;			/* tlsmgr(8) cache type if enabled */
-    int     ticketed;			/* Session ticket issued */
+    int     ticketed;			/* Issued (server) or cached (client) */
     char   *serverid;			/* unique server identifier */
     char   *namaddr;			/* nam[addr] for logging */
     int     log_mask;			/* What to log */
@@ -270,8 +271,8 @@ typedef struct {
     int     errordepth;			/* Chain depth of error cert */
     int     errorcode;			/* First error at error depth */
     int     must_fail;			/* Failed to load trust settings */
-    int     rpt_reported;		/* Failure was reported with TLSRPT */
     char   *ffail_type;			/* Forced verification failure */
+    /* End of Private members. */
 } TLS_SESS_STATE;
 
  /*
diff --git a/postfix/src/tls/tls_client.c b/postfix/src/tls/tls_client.c
index 55d336602..babdbf40b 100644
--- a/postfix/src/tls/tls_client.c
+++ b/postfix/src/tls/tls_client.c
@@ -268,16 +268,22 @@ static int new_client_session_cb(SSL *ssl, SSL_SESSION *session)
 	msg_panic("%s: null session cache type in new session callback",
 		  myname);
 
-    if (TLScontext->log_mask & TLS_LOG_CACHE)
-	/* serverid contains transport:addr:port information */
-	msg_info("save session %s to %s cache",
-		 TLScontext->serverid, TLScontext->cache_type);
-
-    /*
+    /*-
+     * Store only the first ticket for a given connection.
+     * - Even if the server offers multiple tickets, we have no mechanism to
+     *   store or use multiple concurrent tickets for the same nexthop.
+     *
      * Passivate and save the session object. Errors are non-fatal, since
      * caching is only an optimization.
      */
-    if ((session_data = tls_session_passivate(session)) != 0) {
+    if (TLScontext->ticketed == 0 &&
+	(session_data = tls_session_passivate(session)) != 0) {
+	TLScontext->ticketed = 1;
+	if (TLScontext->log_mask & TLS_LOG_CACHE)
+	    /* serverid contains transport:addr:port information */
+	    msg_info("save session %s to %s cache",
+		     TLScontext->serverid, TLScontext->cache_type);
+
 	tls_mgr_update(TLScontext->cache_type, TLScontext->serverid,
 		       STR(session_data), LEN(session_data));
 	vstring_free(session_data);
@@ -356,6 +362,14 @@ static void verify_x509(TLS_SESS_STATE *TLScontext, X509 *peercert,
 		tls_dane_log(TLScontext);
 	    }
 	}
+    } else if (TLS_MUST_MATCH(TLScontext->level) &&
+	       TLScontext->errordepth == 0 &&
+	       TLScontext->errorcode == X509_V_ERR_HOSTNAME_MISMATCH) {
+	/*
+	 * If the only error is a hostname mismatch, the certificate must have
+	 * been trusted.
+	 */
+	TLScontext->peer_status |= TLS_CERT_FLAG_TRUSTED;
     }
 
     /*
diff --git a/postfix/src/tls/tls_server.c b/postfix/src/tls/tls_server.c
index 3f2520dee..2b37f40b2 100644
--- a/postfix/src/tls/tls_server.c
+++ b/postfix/src/tls/tls_server.c
@@ -340,8 +340,8 @@ static int ticket_cb(SSL *con, unsigned char name[], unsigned char iv[],
 	if (TLScontext->log_mask & TLS_LOG_CACHE)
 	    msg_info("%s: Decrypting session ticket, key expiration: %ld",
 		     TLScontext->namaddr, (long) key->tout);
+	TLScontext->ticketed = 1;
     }
-    TLScontext->ticketed = 1;
     return (TLS_TKT_ACCEPT);
 }
 
@@ -375,8 +375,8 @@ static int ticket_cb(SSL *con, unsigned char name[], unsigned char iv[],
 	if (TLScontext->log_mask & TLS_LOG_CACHE)
 	    msg_info("%s: Decrypting session ticket, key expiration: %ld",
 		     TLScontext->namaddr, (long) key->tout);
+	TLScontext->ticketed = 1;
     }
-    TLScontext->ticketed = 1;
     return (TLS_TKT_ACCEPT);
 }
 
diff --git a/postfix/src/tls/tls_verify.c b/postfix/src/tls/tls_verify.c
index 6725dc41e..deb3ae8d3 100644
--- a/postfix/src/tls/tls_verify.c
+++ b/postfix/src/tls/tls_verify.c
@@ -123,9 +123,21 @@
 static void update_error_state(TLS_SESS_STATE *TLScontext, int depth,
 			               X509 *errorcert, int errorcode)
 {
-    /* No news is good news */
-    if (TLScontext->errordepth >= 0 && TLScontext->errordepth <= depth)
-	return;
+    /*
+     * Report the error that is closest to the leaf certificate, any errors
+     * higher up the chain are immaterial until the "inner" errors are fixed.
+     * 
+     * We special-case "X509_V_ERR_HOSTNAME_MISMATCH" (at depth 0) in order to
+     * distinguish between untrusted certificates and trusted certificates
+     * with a hostname mismatch.  Any other error has a higher priority.
+     */
+    if (TLScontext->errordepth >= 0) {
+	if (TLScontext->errordepth <= depth &&
+	    TLScontext->errorcode != X509_V_ERR_HOSTNAME_MISMATCH)
+	    return;
+	if (errorcode == X509_V_ERR_HOSTNAME_MISMATCH)
+	    return;
+    }
 
     /*
      * The certificate pointer is stable during the verification callback,
diff --git a/postfix/src/util/vbuf_print.c b/postfix/src/util/vbuf_print.c
index 2e3266ed7..5472566cf 100644
--- a/postfix/src/util/vbuf_print.c
+++ b/postfix/src/util/vbuf_print.c
@@ -46,6 +46,9 @@
 /*	Google, Inc.
 /*	111 8th Avenue
 /*	New York, NY 10011, USA
+/*
+/*	Wietse Venema
+/*	porcupine.org
 /*--*/
 
 /* System library. */
@@ -60,6 +63,7 @@
 #include <float.h>			/* range of doubles */
 #include <errno.h>
 #include <limits.h>			/* CHAR_BIT, INT_MAX */
+#include <inttypes.h>			/* intmax_t */
 
 /* Application-specific. */
 
@@ -97,6 +101,8 @@
   * floating-point numbers, use a similar estimate, and add DBL_MAX_10_EXP
   * just to be sure.
   */
+#define IMX_SPACE	((CHAR_BIT * sizeof(intmax_t)) / 2)
+#define LL_SPACE	((CHAR_BIT * sizeof(long long)) / 2)
 #define INT_SPACE	((CHAR_BIT * sizeof(long)) / 2)
 #define DBL_SPACE	((CHAR_BIT * sizeof(double)) / 2 + DBL_MAX_10_EXP)
 #define PTR_SPACE	((CHAR_BIT * sizeof(char *)) / 2)
@@ -152,7 +158,8 @@ VBUF   *vbuf_print(VBUF *bp, const char *format, va_list ap)
     unsigned char *cp;
     int     width;			/* width and numerical precision */
     int     prec;			/* are signed for overflow defense */
-    unsigned long_flag;			/* long or plain integer */
+    unsigned long_flag;			/* long long, or long integer */
+    unsigned intmax_flag;		/* intmax_t */
     int     ch;
     char   *s;
     int     saved_errno = errno;	/* VBUF_SPACE() may clobber it */
@@ -181,7 +188,7 @@ VBUF   *vbuf_print(VBUF *bp, const char *format, va_list ap)
 	     * strings, since we are ging to let sprintf() do the hard work.
 	     * In regular expression notation, we recognize:
 	     * 
-	     * %-?+?0?([0-9]+|\*)?(\.([0-9]+|\*))?l?[a-zA-Z]
+	     * %-?+?0?([0-9]+|\*)?(\.([0-9]+|\*))?l{1,2}?j?[a-zA-Z]
 	     * 
 	     * which includes some combinations that do not make sense. Garbage
 	     * in, garbage out.
@@ -241,7 +248,12 @@ VBUF   *vbuf_print(VBUF *bp, const char *format, va_list ap)
 	    } else {
 		prec = -1;
 	    }
-	    if ((long_flag = (*cp == 'l')) != 0)/* long whatever */
+	    long_flag = 0;
+	    while (long_flag < 2 && *cp == 'l') {	/* long whatever */
+		long_flag += 1;
+		VSTRING_ADDCH(fmt, *cp++);
+	    }
+	    if ((intmax_flag = (*cp == 'j')) != 0)	/* intmax_t whatever */
 		VSTRING_ADDCH(fmt, *cp++);
 	    if (*cp == 0)			/* premature end, punt */
 		break;
@@ -258,6 +270,8 @@ VBUF   *vbuf_print(VBUF *bp, const char *format, va_list ap)
 	    case 's':				/* string-valued argument */
 		if (long_flag)
 		    msg_panic("%s: %%l%c is not supported", myname, *cp);
+		if (intmax_flag)
+		    msg_panic("%s: %%j%c is not supported", myname, *cp);
 		s = va_arg(ap, char *);
 		if (prec >= 0 || (width > 0 && width > strlen(s))) {
 		    VBUF_SNPRINTF(bp, (width > prec ? width : prec) + INT_SPACE,
@@ -269,18 +283,31 @@ VBUF   *vbuf_print(VBUF *bp, const char *format, va_list ap)
 	    case 'c':				/* integral-valued argument */
 		if (long_flag)
 		    msg_panic("%s: %%l%c is not supported", myname, *cp);
+		if (intmax_flag)
+		    msg_panic("%s: %%j%c is not supported", myname, *cp);
 		/* FALLTHROUGH */
 	    case 'd':
 	    case 'u':
 	    case 'o':
 	    case 'x':
 	    case 'X':
-		if (long_flag)
+		if (intmax_flag && long_flag)
+		    msg_panic("%s: '%s%c' has both 'j' and 'l' modifiers",
+			      myname, vstring_str(fmt), *cp);
+		if (intmax_flag)
+		    VBUF_SNPRINTF(bp, (width > prec ? width : prec) + IMX_SPACE,
+				  vstring_str(fmt), va_arg(ap, intmax_t));
+		else if (long_flag == 2)
+		    VBUF_SNPRINTF(bp, (width > prec ? width : prec) + LL_SPACE,
+				  vstring_str(fmt), va_arg(ap, long long));
+		else if (long_flag == 1)
 		    VBUF_SNPRINTF(bp, (width > prec ? width : prec) + INT_SPACE,
 				  vstring_str(fmt), va_arg(ap, long));
-		else
+		else if (long_flag == 0)
 		    VBUF_SNPRINTF(bp, (width > prec ? width : prec) + INT_SPACE,
 				  vstring_str(fmt), va_arg(ap, int));
+		else
+		    msg_panic("%s: bad long_flag: %u", myname, long_flag);
 		break;
 	    case 'e':				/* float-valued argument */
 	    case 'f':
@@ -290,12 +317,14 @@ VBUF   *vbuf_print(VBUF *bp, const char *format, va_list ap)
 			      vstring_str(fmt), va_arg(ap, double));
 		break;
 	    case 'm':
-		/* Ignore the 'l' modifier, width and precision. */
+		/* Ignore the 'l' or 'j' modifier, width and precision. */
 		VBUF_STRCAT(bp, mystrerror(saved_errno));
 		break;
 	    case 'p':
 		if (long_flag)
 		    msg_panic("%s: %%l%c is not supported", myname, *cp);
+		if (intmax_flag)
+		    msg_panic("%s: %%j%c is not supported", myname, *cp);
 		VBUF_SNPRINTF(bp, (width > prec ? width : prec) + PTR_SPACE,
 			      vstring_str(fmt), va_arg(ap, char *));
 		break;
@@ -332,10 +361,16 @@ int     main(int argc, char **argv)
 	} else {
 	    char   *fmt = cp++;
 	    int     lflag;
+	    int     jflag;
 
 	    /* Determine the vstring_sprintf() argument type. */
 	    cp += strspn(cp, "+-*0123456789.");
-	    if ((lflag = (*cp == 'l')) != 0)
+	    lflag = 0;
+	    while (*cp == 'l') {
+		lflag += 1;
+		cp++;
+	    }
+	    if ((jflag = (*cp == 'j')) != 0)
 		cp++;
 	    if (cp[1] != 0) {
 		msg_warn("bad format: \"%s\"", fmt);
@@ -354,10 +389,15 @@ int     main(int argc, char **argv)
 		case 'u':
 		case 'x':
 		case 'X':
-		    if (lflag)
+		    if (jflag) {
+			vstring_sprintf(obuf, fmt, (intmax_t) atoll(val));
+		    } else if (lflag == 2) {
+			vstring_sprintf(obuf, fmt, atoll(val));
+		    } else if (lflag == 1) {
 			vstring_sprintf(obuf, fmt, atol(val));
-		    else
+		    } else {			/* lflag==0 or bogus */
 			vstring_sprintf(obuf, fmt, atoi(val));
+		    }
 		    msg_info("\"%s\"", vstring_str(obuf));
 		    break;
 		case 's':
diff --git a/postfix/src/util/vbuf_print_test.in b/postfix/src/util/vbuf_print_test.in
index 5ed13dc1f..5deba1c93 100644
--- a/postfix/src/util/vbuf_print_test.in
+++ b/postfix/src/util/vbuf_print_test.in
@@ -14,6 +14,18 @@
 %10ld 123456789
 %10.10ld 123456789
 
+%+lld 123456789
+%-lld 123456789
+%lld 123456789
+%10lld 123456789
+%10.10lld 123456789
+
+%+jd 123456789
+%-jd 123456789
+%jd 123456789
+%10jd 123456789
+%10.10jd 123456789
+
 %+lo 123456789
 %-lo 123456789
 %lo 123456789
diff --git a/postfix/src/util/vbuf_print_test.ref b/postfix/src/util/vbuf_print_test.ref
index 346c91991..e0d85c991 100644
--- a/postfix/src/util/vbuf_print_test.ref
+++ b/postfix/src/util/vbuf_print_test.ref
@@ -10,6 +10,16 @@
 ./vbuf_print: "123456789"
 ./vbuf_print: " 123456789"
 ./vbuf_print: "0123456789"
+./vbuf_print: "+123456789"
+./vbuf_print: "123456789"
+./vbuf_print: "123456789"
+./vbuf_print: " 123456789"
+./vbuf_print: "0123456789"
+./vbuf_print: "+123456789"
+./vbuf_print: "123456789"
+./vbuf_print: "123456789"
+./vbuf_print: " 123456789"
+./vbuf_print: "0123456789"
 ./vbuf_print: "726746425"
 ./vbuf_print: "726746425"
 ./vbuf_print: "726746425"
diff --git a/postfix/src/util/vstring.c b/postfix/src/util/vstring.c
index 43897eb82..301ae5df5 100644
--- a/postfix/src/util/vstring.c
+++ b/postfix/src/util/vstring.c
@@ -127,6 +127,8 @@
 /*	The functions and macros in this module implement arbitrary-length
 /*	strings and common operations on those strings. The strings do not
 /*	need to be null terminated and may contain arbitrary binary data.
+/*	Operations that expect a null-terminated string as input will
+/*	process only the input that precedes the first null byte.
 /*	The strings manage their own memory and grow automatically when full.
 /*	The optional string null terminator does not add to the string length.
 /*