postfix-3.10-20241010

postfix/HISTORY

@@ -28341,3 +28341,56 @@ Apologies for any names omitted.
 
 	Cleanup (no code change): regenerated HTML manpages that
 	weren't updated because of a simplistic make(1) dependency.
+
+20241010
+
+	Cleanup (no code change): reformatted source files that
+	diverged from Postfix style, complicating code maintenance.
+	The only object file change is in tls_dane.o, because
+	OPENSSL_free() has a line number argument. Other object
+	files are unchanged. Files: bounce/bounce_notify_util_tester.c,
+	bounce/bounce_one_service.c, cleanup/cleanup.c,
+	cleanup/cleanup_api.c, cleanup/cleanup_envelope.c,
+	cleanup/cleanup_out_recipient.c, cleanup/cleanup_rewrite.c,
+	dns/dns.h, dns/dns_lookup.c, dns/dns_rr_filter.c, dns/dns_sec.c,
+	global/bounce_log.h, global/cleanup_user.h, global/clnt_stream.h,
+	global/compat_level.c, global/compat_level.h, global/conv_time.c,
+	global/db_common.h, global/dot_lockfile_as.c,
+	global/header_body_checks.c, global/info_log_addr_form.c,
+	global/is_header.c, global/mail_addr_map.c,
+	global/mail_command_server.c, global/mail_conf.c,
+	global/mail_conf_raw.c, global/mail_conf_str.c, global/mail_copy.c,
+	global/mail_params.c, global/mail_proto.h, global/mail_queue.h,
+	global/mail_trigger.c, global/maillog_client.c,
+	global/mkmap_proxy.c, global/own_inet_addr.c,
+	global/quote_821_local.c, global/quote_821_local.h,
+	global/quote_822_local.c, global/quote_822_local.h,
+	global/rec_type.h, global/recdump.c, global/sent.h,
+	global/server_acl.c, global/smtputf8.c, global/smtputf8.h,
+	global/tok822_tree.c, global/user_acl.h,
+	global/valid_mailhost_addr.c, global/xtext.c, local/alias.c,
+	local/command.c, master/master.c, master/master.h,
+	master/master_listen.c, master/master_proto.h,
+	master/master_service.c, master/master_watch.c, milter/milter8.c,
+	milter/test-milter.c, oqmgr/qmgr_active.c, oqmgr/qmgr_entry.c,
+	pipe/pipe.c, postfix/postfix.c, postscreen/postscreen_dnsbl.c,
+	posttls-finger/posttls-finger.c, qmgr/qmgr_active.c,
+	qmgr/qmgr_entry.c, qmqpd/qmqpd_peer.c, smtp/smtp.h,
+	smtp/smtp_addr.c, smtp/smtp_tlsrpt.c, smtp/smtp_unalias.c,
+	smtpd/smtpd_milter.h, smtpd/smtpd_resolve.h, tls/tls_client.c,
+	tls/tls_dane.c, tls/tls_dh.c, tls/tls_misc.c,
+	tls/tls_proxy_client_print.c, tls/tls_server.c, util/alldig.c,
+	util/argv_split.c, util/balpar.c, util/byte_mask.c,
+	util/cidr_match.h, util/dict.h, util/dict_cdb.h,
+	util/dict_stream.c, util/dup2_pass_on_exec.c, util/duplex_pipe.c,
+	util/exec_command.c, util/find_inet.c, util/format_tv.c,
+	util/hash_fnv.c, util/host_port.c, util/inet_addr_sizes.c,
+	util/inet_connect.c, util/load_file.h, util/load_lib.h,
+	util/mac_expand.h, util/midna_domain.h, util/mkmap_cdb.c,
+	util/mvect.c, util/myaddrinfo.h, util/name_mask.c,
+	util/open_limit.c, util/parse_utf8_char.h, util/posix_signals.c,
+	util/sane_strtol.c, util/set_eugid.c, util/slmdb.c,
+	util/sock_addr.c, util/strcasecmp.c, util/stream_connect.c,
+	util/stream_recv_fd.c, util/stream_test.c,
+	util/unix_dgram_connect.c, util/unix_dgram_listen.c,
+	util/vbuf.c.

postfix/proto/stop

@@ -1652,3 +1652,4 @@ mailto
 ipaddr
 STS
 hs
+ccformat

postfix/proto/stop.double-history

@@ -133,3 +133,8 @@ proto  proto mysql_table proto pgsql_table proto ldap_table
  Files src tls tls h src tls tls_dh c src tls tls_misc c 
  proto TLSRPT_README html proto postconf proto smtp smtp c 
  proto aliases cleanup cleanup c local local c smtpd smtpd c 
+ bounce bounce_one_service c cleanup cleanup c 
+ dns dns h dns dns_lookup c dns dns_rr_filter c dns dns_sec c 
+ local command c master master c master master h 
+ pipe pipe c postfix postfix c postscreen postscreen_dnsbl c 
+ qmgr qmgr_entry c qmqpd qmqpd_peer c smtp smtp h 

postfix/src/bounce/bounce_one_service.c

@@ -218,7 +218,7 @@ int     bounce_one_service(int flags, char *queue_name, char *queue_id,
 #define SEND_POSTMASTER_SINGLE_BOUNCE_NOTICE (notify_mask & MAIL_ERROR_BOUNCE)
 
 	if (bounce_status == 0 && SEND_POSTMASTER_SINGLE_BOUNCE_NOTICE
-	    && strcasecmp_utf8(orig_sender, mail_addr_double_bounce()) != 0) {
+	  && strcasecmp_utf8(orig_sender, mail_addr_double_bounce()) != 0) {
 
 	    /*
 	     * Send the text with reason for the bounce, and the headers of

postfix/src/cleanup/cleanup_api.c

@@ -261,8 +261,8 @@ int     cleanup_flush(CLEANUP_STATE *state)
      * (mail submitted with the Postfix sendmail command, mail forwarded by
      * the local(8) delivery agent, or mail re-queued with "postsuper -r"),
      * send a bounce notification, reset the error flags in case of success,
-     * and request deletion of the incoming queue file and of the
-     * optional DSN SUCCESS records from virtual alias expansion.
+     * and request deletion of the incoming queue file and of the optional
+     * DSN SUCCESS records from virtual alias expansion.
      * 
      * XXX It would make no sense to knowingly report success after we already
      * have bounced all recipients, especially because the information in the

postfix/src/cleanup/cleanup_envelope.c

@@ -385,7 +385,7 @@ static void cleanup_envelope_process(CLEANUP_STATE *state, int type,
 	return;
     }
     if (type == REC_TYPE_FROM) {
-	off_t after_sender_offs;
+	off_t   after_sender_offs;
 
 	/* Allow only one instance. */
 	if (state->sender != 0) {

postfix/src/cleanup/cleanup_out_recipient.c

@@ -218,9 +218,9 @@ void    cleanup_out_recipient(CLEANUP_STATE *state,
      * in the expansion because that results in multiple verify(8) updates
      * for one verify(8) request.
      * 
-     * Multiple verify(8) updates for one verify(8) request would overwrite
-     * each other's status, and if the last status update is "undeliverable",
-     * then the whole alias is flagged as undeliverable.
+     * Multiple verify(8) updates for one verify(8) request would overwrite each
+     * other's status, and if the last status update is "undeliverable", then
+     * the whole alias is flagged as undeliverable.
      */
     else {
 	RECIPIENT rcpt;

postfix/src/cleanup/cleanup_rewrite.c

@@ -90,7 +90,7 @@ int     cleanup_rewrite_external(const char *context_name, VSTRING *result,
 
 /* cleanup_rewrite_tree - rewrite address node */
 
-int    cleanup_rewrite_tree(const char *context_name, TOK822 *tree)
+int     cleanup_rewrite_tree(const char *context_name, TOK822 *tree)
 {
     VSTRING *dst = vstring_alloc(100);
     VSTRING *src = vstring_alloc(100);

postfix/src/dns/dns.h

@@ -165,8 +165,8 @@ typedef struct DNS_RR {
     unsigned short flags;		/* DNS_RR_FLAG_XX, see below */
     struct DNS_RR *next;		/* linkage */
     size_t  data_len;			/* actual data size */
-    char    *data;			/* a bunch of data */
-     /* Add new fields at the end, for ABI forward compatibility. */
+    char   *data;			/* a bunch of data */
+    /* Add new fields at the end, for ABI forward compatibility. */
 } DNS_RR;
 
 #define DNS_RR_FLAG_TRUNCATED	(1<<0)

postfix/src/dns/dns_lookup.c

@@ -838,7 +838,7 @@ static int dns_get_rr(DNS_RR **list, const char *orig_name, DNS_REPLY *reply,
 		msg_info("frag_len=%d text=\"%.*s\"",
 			 (int) frag_len, (int) frag_len, (char *) src);
 	    if (frag_len > reply->end - src
-	     || frag_len >= ((unsigned char *) ltemp + sizeof(ltemp)) - dst) {
+	    || frag_len >= ((unsigned char *) ltemp + sizeof(ltemp)) - dst) {
 		msg_warn("extract_answer: bad TXT string length: %d", frag_len);
 		return (DNS_RETRY);
 	    }

postfix/src/dns/dns_sec.c

@@ -128,7 +128,7 @@ void    dns_sec_probe(int rflags)
     default:
 	if (!DNS_SEC_STATS_TEST(DNS_SEC_FLAG_AVAILABLE))
 	    msg_warn("reason: " VAR_DNSSEC_PROBE
-		     " '%s' received a response that is not DNSSEC validated",
+		   " '%s' received a response that is not DNSSEC validated",
 		     var_dnssec_probe);
 	if (rrlist)
 	    dns_rr_free(rrlist);

postfix/src/global/bounce_log.h

@@ -30,8 +30,8 @@
 typedef struct {
     VSTREAM *fp;			/* open file */
     VSTRING *buf;			/* I/O buffer */
-    char    *compat_status;		/* old logfile compatibility */
-    char    *compat_action;		/* old logfile compatibility */
+    char   *compat_status;		/* old logfile compatibility */
+    char   *compat_action;		/* old logfile compatibility */
 } BOUNCE_LOG;
 
 extern BOUNCE_LOG *bounce_log_open(const char *, const char *, int, mode_t);

postfix/src/global/cleanup_user.h

@@ -27,6 +27,7 @@
 #define CLEANUP_FLAG_AUTOUTF8	(1<<9)	/* Autodetect SMTPUTF8 */
 
 #define CLEANUP_FLAG_FILTER_ALL	(CLEANUP_FLAG_FILTER | CLEANUP_FLAG_MILTER)
+
  /*
   * These are normally set when receiving mail from outside.
   */

postfix/src/global/clnt_stream.h

@@ -20,7 +20,7 @@
   * External interface.
   */
 typedef struct CLNT_STREAM CLNT_STREAM;
-typedef int (*CLNT_STREAM_HANDSHAKE_FN)(VSTREAM *);
+typedef int (*CLNT_STREAM_HANDSHAKE_FN) (VSTREAM *);
 
 extern CLNT_STREAM *clnt_stream_create(const char *, const char *, int, int,
 				               CLNT_STREAM_HANDSHAKE_FN);

postfix/src/global/compat_level.c

@@ -227,35 +227,35 @@ const char *compat_level_to_string(long compat_level,
      * Sanity check.
      */
     if (compat_level < 0) {
-        msg_fn("%s: bad compatibility level: %ld", myname, compat_level);
-        return (0);
+	msg_fn("%s: bad compatibility level: %ld", myname, compat_level);
+	return (0);
     }
 
     /*
      * Compatibility levels 0..2 have no minor or patch level.
      */
     if (buf == 0)
-        buf = vstring_alloc(10);
+	buf = vstring_alloc(10);
     major = DECODE_MAJOR(compat_level);
     if (!GOOD_MAJOR(major)) {
-        msg_fn("%s: bad compatibility major level: %ld", myname, compat_level);
-        return (0);
+	msg_fn("%s: bad compatibility major level: %ld", myname, compat_level);
+	return (0);
     }
     vstring_sprintf(buf, "%ld", major);
     if (major > 2) {
 
-        /*
-         * Expect that major.minor will be common.
-         */
-        minor = DECODE_MINOR(compat_level);
-        vstring_sprintf_append(buf, ".%ld", minor);
+	/*
+	 * Expect that major.minor will be common.
+	 */
+	minor = DECODE_MINOR(compat_level);
+	vstring_sprintf_append(buf, ".%ld", minor);
 
-        /*
-         * Expect that major.minor.patch will be rare.
-         */
-        patch = DECODE_PATCH(compat_level);
-        if (patch)
-            vstring_sprintf_append(buf, ".%ld", patch);
+	/*
+	 * Expect that major.minor.patch will be rare.
+	 */
+	patch = DECODE_PATCH(compat_level);
+	if (patch)
+	    vstring_sprintf_append(buf, ".%ld", patch);
     }
     return (vstring_str(buf));
 }

postfix/src/global/compat_level.h

@@ -20,7 +20,7 @@ extern long compat_level_from_string(const char *,
 extern long compat_level_from_numbers(long, long, long,
 		              void PRINTFLIKE(1, 2) (*) (const char *,...));
 extern const char *compat_level_to_string(long,
-			      void PRINTFLIKE(1, 2) (*) (const char *,...));
+		              void PRINTFLIKE(1, 2) (*) (const char *,...));
 
 #define compat_level_from_major(major, msg_fn) \
 	compat_level_from_major_minor((major), 0, (msg_fn))

postfix/src/global/conv_time.c

@@ -73,7 +73,7 @@ int     conv_time(const char *strval, int *timval, int def_unit)
     errno = 0;
     intval = longval = strtol(strval, &end, 10);
     if (*strval == 0 || errno == ERANGE || longval != intval || intval < 0
-	/* || (*end != 0 && end[1] != 0) */)
+	 /* || (*end != 0 && end[1] != 0) */ )
 	return (0);
 
     switch (*end ? *end : def_unit) {

postfix/src/global/db_common.h

@@ -18,14 +18,14 @@
 #include "dict.h"
 #include "string_list.h"
 
-typedef void (*db_quote_callback_t)(DICT *, const char *, VSTRING *);
+typedef void (*db_quote_callback_t) (DICT *, const char *, VSTRING *);
 
 extern int db_common_parse(DICT *, void **, const char *, int);
 extern void *db_common_alloc(DICT *);
 extern void db_common_parse_domain(CFG_PARSER *, void *);
 extern int db_common_dict_partial(void *);
 extern int db_common_expand(void *, const char *, const char *,
-			    const char *, VSTRING *, db_quote_callback_t);
+		              const char *, VSTRING *, db_quote_callback_t);
 extern int db_common_check_domain(void *, const char *);
 extern void db_common_free_ctx(void *);
 extern void db_common_sql_build_query(VSTRING *query, CFG_PARSER *parser);
@@ -55,4 +55,3 @@ extern void db_common_sql_build_query(VSTRING *query, CFG_PARSER *parser);
 /*--*/
 
 #endif
-

postfix/src/global/dot_lockfile_as.c

@@ -77,7 +77,7 @@ int     dot_lockfile_as(const char *path, VSTRING *why, uid_t euid, gid_t egid)
 
 /* dot_unlockfile_as - dotlock file as user */
 
-void     dot_unlockfile_as(const char *path, uid_t euid, gid_t egid)
+void    dot_unlockfile_as(const char *path, uid_t euid, gid_t egid)
 {
     uid_t   saved_euid = geteuid();
     gid_t   saved_egid = getegid();

postfix/src/global/info_log_addr_form.c

@@ -72,6 +72,7 @@ static void info_log_addr_form_init(void)
 	INFO_LOG_ADDR_FORM_NAME_INTERNAL, INFO_LOG_ADDR_FORM_VAL_INTERNAL,
 	0, INFO_LOG_ADDR_FORM_VAL_NOT_SET,
     };
+
     info_log_addr_form_form = name_code(info_log_addr_form_table,
 					NAME_CODE_FLAG_NONE,
 					var_info_log_addr_form);

postfix/src/global/is_header.c

@@ -62,7 +62,7 @@ ssize_t is_header_buf(const char *str, ssize_t str_len)
      * XXX Don't run off the end in case some non-standard iscntrl()
      * implementation considers null a non-control character...
      */
-    for (len = 0, state = INIT, cp = CU_CHAR_PTR(str); /* see below */; cp++) {
+    for (len = 0, state = INIT, cp = CU_CHAR_PTR(str); /* see below */ ; cp++) {
 	if (str_len != IS_HEADER_NULL_TERMINATED && str_len-- <= 0)
 	    return (0);
 	switch (c = *cp) {

postfix/src/global/mail_addr_map.c

@@ -359,12 +359,12 @@ static MAIL_ADDR_MAP_TEST pass_tests[] = {
 	{"\"a@a\"@example.net"}, 1,
     },
     {
-        "12 external -external-> external, extension, propagation",
-        "inline:{ aa@example.com=bb@example.com }",
-        DO_PROPAGATE_UNMATCHED_EXTENSION, DOT_RECIPIENT_DELIMITER,
-        MA_FORM_EXTERNAL, MA_FORM_EXTERNAL, MA_FORM_EXTERNAL,
-        "aa.ext@example.com",
-        {"bb.ext@example.com"}, 1,
+	"12 external -external-> external, extension, propagation",
+	"inline:{ aa@example.com=bb@example.com }",
+	DO_PROPAGATE_UNMATCHED_EXTENSION, DOT_RECIPIENT_DELIMITER,
+	MA_FORM_EXTERNAL, MA_FORM_EXTERNAL, MA_FORM_EXTERNAL,
+	"aa.ext@example.com",
+	{"bb.ext@example.com"}, 1,
     },
     0,
 };

postfix/src/global/mail_command_server.c

@@ -41,7 +41,7 @@
 /* System library. */
 
 #include <sys_defs.h>
-#include <stdlib.h>		/* 44BSD stdarg.h uses abort() */
+#include <stdlib.h>			/* 44BSD stdarg.h uses abort() */
 #include <stdarg.h>
 #include <string.h>
 

postfix/src/global/mail_conf.c

@@ -131,7 +131,7 @@
 
 /* mail_conf_checkdir - authorize non-default directory */
 
-void mail_conf_checkdir(const char *config_dir)
+void    mail_conf_checkdir(const char *config_dir)
 {
     VSTRING *buf;
     VSTREAM *fp;

postfix/src/global/mail_conf_raw.c

@@ -74,7 +74,7 @@
 /* check_mail_conf_raw - validate string length */
 
 static void check_mail_conf_raw(const char *name, const char *strval,
-			             int min, int max)
+				        int min, int max)
 {
     ssize_t len = strlen(strval);
 
@@ -89,7 +89,7 @@ static void check_mail_conf_raw(const char *name, const char *strval,
 /* get_mail_conf_raw - evaluate string-valued configuration variable */
 
 char   *get_mail_conf_raw(const char *name, const char *defval,
-		               int min, int max)
+			          int min, int max)
 {
     const char *strval;
 
@@ -106,7 +106,7 @@ char   *get_mail_conf_raw(const char *name, const char *defval,
 typedef const char *(*stupid_indent_str) (void);
 
 char   *get_mail_conf_raw_fn(const char *name, stupid_indent_str defval,
-			          int min, int max)
+			             int min, int max)
 {
     const char *strval;
 
@@ -126,7 +126,7 @@ void    get_mail_conf_raw_table(const CONFIG_RAW_TABLE *table)
 	if (table->target[0])
 	    myfree(table->target[0]);
 	table->target[0] = get_mail_conf_raw(table->name, table->defval,
-					  table->min, table->max);
+					     table->min, table->max);
 	table++;
     }
 }
@@ -139,7 +139,7 @@ void    get_mail_conf_raw_fn_table(const CONFIG_RAW_FN_TABLE *table)
 	if (table->target[0])
 	    myfree(table->target[0]);
 	table->target[0] = get_mail_conf_raw_fn(table->name, table->defval,
-					     table->min, table->max);
+						table->min, table->max);
 	table++;
     }
 }

postfix/src/global/mail_copy.c

@@ -265,8 +265,8 @@ int     mail_copy(const char *sender,
      * while fflush and fsync() succeed. Think of remote file systems such as
      * AFS that copy the file back to the server upon close. Oh well, no
      * point optimizing the error case. XXX On systems that use flock()
-     * locking, we must truncate the file before closing it (and losing
-     * the exclusive lock).
+     * locking, we must truncate the file before closing it (and losing the
+     * exclusive lock).
      */
     read_error = vstream_ferror(src);
     write_error = vstream_fflush(dst);

postfix/src/global/mail_proto.h

@@ -32,8 +32,8 @@
 #define MAIL_PROTO_QMQP		"QMQP"
 
  /*
-  * Names of services: these are the names of the UNIX-domain socket or
-  * FIFO that a service listens on.
+  * Names of services: these are the names of the UNIX-domain socket or FIFO
+  * that a service listens on.
   */
 #define MAIL_SERVICE_BOUNCE	"bounce"
 #define MAIL_SERVICE_CLEANUP	"cleanup"

postfix/src/global/mail_queue.h

@@ -93,7 +93,7 @@ extern int mail_queue_id_ok(const char *);
   * - the inode number (base 51 encoded so that it contains no 'z').
   */
 #define MQID_LG_SEC_BASE	52	/* seconds safe alphabet base */
-#define MQID_LG_SEC_PAD	6	/* seconds minimum field width */
+#define MQID_LG_SEC_PAD	6		/* seconds minimum field width */
 #define MQID_LG_USEC_BASE	52	/* microseconds safe alphabet base */
 #define MQID_LG_USEC_PAD	4	/* microseconds exact field width */
 #define MQID_LG_TIME_PAD	(MQID_LG_SEC_PAD + MQID_LG_USEC_PAD)

postfix/src/global/mail_trigger.c

@@ -82,7 +82,7 @@ int     mail_trigger(const char *class, const char *service,
      */
     path = mail_pathname(class, service);
     if ((status = stat(path, &st)) < 0) {
-	 msg_warn("unable to look up %s: %m", path);
+	msg_warn("unable to look up %s: %m", path);
     } else if (S_ISFIFO(st.st_mode)) {
 	status = fifo_trigger(path, req_buf, req_len, var_trigger_timeout);
 	if (status < 0 && S_ISSOCK(st.st_mode))

postfix/src/global/mail_version.h

@@ -20,7 +20,7 @@
   * Patches change both the patchlevel and the release date. Snapshots have no
   * patchlevel; they change the release date only.
   */
-#define MAIL_RELEASE_DATE	"20240930"
+#define MAIL_RELEASE_DATE	"20241010"
 #define MAIL_VERSION_NUMBER	"3.10"
 
 #ifdef SNAPSHOT

postfix/src/global/maillog_client.c

@@ -238,8 +238,8 @@ void    maillog_client_init(const char *progname, int flags)
 
 	    /*
 	     * var_postlog_service == 0, therefore var_maillog_file == 0.
-	     * logger_mode == MAILLOG_CLIENT_MODE_POSTLOG && var_maillog_file ==
-	     * 0, therefore import_service_path != 0.
+	     * logger_mode == MAILLOG_CLIENT_MODE_POSTLOG && var_maillog_file
+	     * == 0, therefore import_service_path != 0.
 	     */
 	    service_path = import_service_path;
 	}

postfix/src/global/mkmap_proxy.c

@@ -46,7 +46,7 @@
 
 MKMAP  *mkmap_proxy_open(const char *unused_path)
 {
-    MKMAP *mkmap = (MKMAP *) mymalloc(sizeof(*mkmap));
+    MKMAP  *mkmap = (MKMAP *) mymalloc(sizeof(*mkmap));
 
     /*
      * Fill in the generic members.

postfix/src/global/own_inet_addr.c

@@ -191,7 +191,7 @@ static void own_inet_addr_init(INET_ADDR_LIST *addr_list,
 
 /* own_inet_addr - is this my own internet address */
 
-int     own_inet_addr(struct sockaddr * addr)
+int     own_inet_addr(struct sockaddr *addr)
 {
     int     i;
 
@@ -253,7 +253,7 @@ static void proxy_inet_addr_init(INET_ADDR_LIST *addr_list)
 
 /* proxy_inet_addr - is this my proxy internet address */
 
-int     proxy_inet_addr(struct sockaddr * addr)
+int     proxy_inet_addr(struct sockaddr *addr)
 {
     int     i;
 

postfix/src/global/quote_821_local.c

@@ -134,7 +134,7 @@ static VSTRING *make_821_quoted_string(VSTRING *dst, const char *local_part,
 
 VSTRING *quote_821_local_flags(VSTRING *dst, const char *addr, int flags)
 {
-    const char   *at;
+    const char *at;
 
     /*
      * According to RFC 821, a local-part is a dot-string or a quoted-string.

postfix/src/global/quote_821_local.h

@@ -22,6 +22,7 @@
   * External interface.
   */
 extern VSTRING *quote_821_local_flags(VSTRING *, const char *, int);
+
 #define quote_821_local(dst, src) \
 	quote_821_local_flags((dst), (src), QUOTE_FLAG_8BITCLEAN)
 

postfix/src/global/quote_822_local.c

@@ -276,7 +276,7 @@ int     main(int unused_argc, char **argv)
 		flags = quote_flags_from_string(cmd);
 		quote_822_local_flags(out, bp, flags);
 		vstream_printf("'%s' quoted flags=%s '%s'\n",
-			       bp, quote_flags_to_string((VSTRING *) 0, flags), STR(out));
+		 bp, quote_flags_to_string((VSTRING *) 0, flags), STR(out));
 	    } else if (strcmp(cmd, "unquote") == 0) {
 		unquote_822_local(out, bp);
 		vstream_printf("'%s' unquoted '%s'\n", bp, STR(out));

postfix/src/global/quote_822_local.h

@@ -26,6 +26,7 @@
   */
 extern VSTRING *quote_822_local_flags(VSTRING *, const char *, int);
 extern VSTRING *unquote_822_local(VSTRING *, const char *);
+
 #define quote_822_local(dst, src) \
 	quote_822_local_flags((dst), (src), QUOTE_FLAG_DEFAULT)
 

postfix/src/global/rec_type.h

@@ -177,7 +177,8 @@
   * See also: REC_TYPE_SIZE_FORMAT above.
   */
 #define REC_TYPE_PTR_FORMAT	"%15ld"
-#define REC_TYPE_PTR_PAYL_SIZE	15	/* Payload only, excludes record header. */
+#define REC_TYPE_PTR_PAYL_SIZE	15	/* Payload only, excludes record
+					 * header. */
 
  /*
   * Programmatic interface.

postfix/src/global/recdump.c

@@ -46,7 +46,7 @@ int     main(int unused_argc, char **argv)
 
     while (offset = vstream_ftell(VSTREAM_IN),
 	   ((type = rec_get(VSTREAM_IN, buf, 0)) != REC_TYPE_EOF
-	   && type != REC_TYPE_ERROR)) {
+	    && type != REC_TYPE_ERROR)) {
 	vstream_fprintf(VSTREAM_OUT, "%15s|%4ld|%3ld|%s\n",
 			rec_type_name(type), offset,
 			(long) VSTRING_LEN(buf), vstring_str(buf));

postfix/src/global/sent.h

@@ -29,7 +29,7 @@
 #define SENT_FLAG_NONE	(0)
 
 extern int sent(int, const char *, MSG_STATS *, RECIPIENT *, const char *,
-			DSN *);
+		        DSN *);
 
 /* LICENSE
 /* .ad

postfix/src/global/server_acl.c

@@ -112,7 +112,7 @@ void    server_acl_pre_jail_init(const char *mynetworks, const char *origin)
     if (warn_compat_break_mynetworks_style)
 	server_acl_mynetworks_host =
 	    addr_match_list_init(origin, MATCH_FLAG_RETURN
-				 | match_parent_style(origin), mynetworks_host());
+			   | match_parent_style(origin), mynetworks_host());
 }
 
 /* server_acl_parse - parse access list */

postfix/src/global/tok822_tree.c

@@ -263,7 +263,7 @@ TOK822 *tok822_free_tree(TOK822 *tp)
 {
     TOK822 *next;
 
-    for (/* void */; tp != 0; tp = next) {
+    for ( /* void */ ; tp != 0; tp = next) {
 	if (tp->head)
 	    tok822_free_tree(tp->head);
 	next = tp->next;

postfix/src/global/user_acl.h

@@ -14,8 +14,8 @@
  /*
   * System library
   */
-#include <unistd.h>		/* getuid()/geteuid() */
-#include <sys/types.h>		/* uid_t */
+#include <unistd.h>			/* getuid()/geteuid() */
+#include <sys/types.h>			/* uid_t */
 
  /*
   * Utility library.

postfix/src/global/valid_mailhost_addr.c

@@ -92,7 +92,7 @@ int     valid_mailhost_literal(const char *addr, int gripe)
     const char *myname = "valid_mailhost_literal";
     MAI_HOSTADDR_STR hostaddr;
     const char *last;
-    size_t address_bytes;
+    size_t  address_bytes;
 
     if (*addr != '[') {
 	if (gripe)

postfix/src/global/xtext.c

@@ -134,6 +134,7 @@ VSTRING *xtext_unquote_append(VSTRING *unquoted, const char *quoted)
     VSTRING_TERMINATE(unquoted);
     return (unquoted);
 }
+
 /* xtext_unquote - quoted data to unquoted */
 
 VSTRING *xtext_unquote(VSTRING *unquoted, const char *quoted)

postfix/src/local/alias.c

@@ -129,10 +129,11 @@ int     deliver_alias(LOCAL_STATE state, USER_ATTR usr_attr,
      * 
      * We cannot do duplicate elimination here. Sendmail compatibility requires
      * that we allow multiple deliveries to the same alias, even recursively!
-     * For example, we must deliver to mailbox any messages that are addressed
-     * to the alias of a user that lists that same alias in her own .forward
-     * file. Yuck! This is just an example of some really perverse semantics
-     * that people will expect Postfix to implement just like sendmail.
+     * For example, we must deliver to mailbox any messages that are
+     * addressed to the alias of a user that lists that same alias in her own
+     * .forward file. Yuck! This is just an example of some really perverse
+     * semantics that people will expect Postfix to implement just like
+     * sendmail.
      * 
      * We can recognize one special case: when an alias includes its own name,
      * deliver to the user instead, just like sendmail. Otherwise, we just

postfix/src/local/command.c

@@ -171,7 +171,7 @@ int     deliver_command(LOCAL_STATE state, USER_ATTR usr_attr, const char *comma
 	argv_add(env, "ORIGINAL_RECIPIENT", state.msg_attr.rcpt.orig_addr,
 		 ARGV_END);
     if (state.request->dsn_envid[0])
-        argv_add(env, "ENVID", state.request->dsn_envid, ARGV_END);
+	argv_add(env, "ENVID", state.request->dsn_envid, ARGV_END);
 
 #define EXPORT_REQUEST(name, value) \
 	if ((value)[0]) argv_add(env, (name), (value), ARGV_END);

postfix/src/master/master.c

@@ -420,8 +420,8 @@ int     main(int argc, char **argv)
 
     /*
      * If started from a terminal, get rid of any tty association. This also
-     * means that all errors and warnings must go to the syslog daemon.
-     * Some new world has no terminals and prefers logging to stdout.
+     * means that all errors and warnings must go to the syslog daemon. Some
+     * new world has no terminals and prefers logging to stdout.
      */
     if (master_detach)
 	for (fd = 0; fd < 3; fd++) {

postfix/src/master/master.h

@@ -141,8 +141,8 @@ extern void master_start_service(MASTER_SERV *);
 extern void master_stop_service(MASTER_SERV *);
 extern void master_restart_service(MASTER_SERV *, int);
 
-#define DO_CONF_RELOAD	1	/* config files were reloaded */
-#define NO_CONF_RELOAD	0	/* no config file was reloaded */
+#define DO_CONF_RELOAD	1		/* config files were reloaded */
+#define NO_CONF_RELOAD	0		/* no config file was reloaded */
 
  /*
   * master_events.c

postfix/src/master/master_listen.c

@@ -153,7 +153,7 @@ void    master_listen_init(MASTER_SERV *serv)
 	set_eugid(var_owner_uid, var_owner_gid);
 	serv->listen_fd[0] =
 	    LOCAL_LISTEN(serv->name, serv->max_proc > var_proc_limit ?
-			serv->max_proc : var_proc_limit, NON_BLOCKING);
+			 serv->max_proc : var_proc_limit, NON_BLOCKING);
 	close_on_exec(serv->listen_fd[0], CLOSE_ON_EXEC);
 	set_ugid(getuid(), getgid());
 	break;

postfix/src/master/master_proto.h

@@ -72,4 +72,3 @@ extern int master_notify(int, unsigned, int);	/* encapsulate status msg */
 /*	111 8th Avenue
 /*	New York, NY 10011, USA
 /*--*/
-

postfix/src/master/master_watch.c

@@ -100,8 +100,8 @@ void    master_str_watch(const MASTER_STR_WATCH *str_watch_table)
 
 	/*
 	 * Initialize the backed up parameter value, or update it if this
-	 * parameter supports updates after initialization. Optionally 
-	 * notify the application that this parameter has changed.
+	 * parameter supports updates after initialization. Optionally notify
+	 * the application that this parameter has changed.
 	 */
 	if (wp->backup[0] == 0) {
 	    if (wp->notify != 0)
@@ -138,8 +138,8 @@ void    master_int_watch(MASTER_INT_WATCH *int_watch_table)
 
 	/*
 	 * Initialize the backed up parameter value, or update if it this
-	 * parameter supports updates after initialization. Optionally 
-	 * notify the application that this parameter has changed.
+	 * parameter supports updates after initialization. Optionally notify
+	 * the application that this parameter has changed.
 	 */
 	if ((wp->flags & MASTER_WATCH_FLAG_ISSET) == 0) {
 	    if (wp->notify != 0)

postfix/src/milter/milter8.c

@@ -1157,7 +1157,7 @@ static const char *milter8_event(MILTER8 *milter, int event,
 	    if (edit_resp == 0)
 		edit_resp = parent->repl_body(parent->chg_context,
 					      MILTER_BODY_END,
-					      /* unused*/ 0,
+					       /* unused */ 0,
 					      (VSTRING *) 0);
 	    body_edit_lockout = 1;
 	    vstring_free(body_line_buf);
@@ -1553,7 +1553,7 @@ static const char *milter8_event(MILTER8 *milter, int event,
 			body_line_buf = vstring_alloc(var_line_limit);
 			edit_resp = parent->repl_body(parent->chg_context,
 						      MILTER_BODY_START,
-						      /* unused */ 0,
+						       /* unused */ 0,
 						      (VSTRING *) 0);
 		    }
 		    /* Extract lines from the on-the-wire CRLF format. */

postfix/src/milter/test-milter.c

@@ -227,7 +227,7 @@ static int test_reply(SMFICTX *ctx, int code)
     }
 }
 
-static sfsistat test_connect(SMFICTX *ctx, char *name, struct sockaddr * sa)
+static sfsistat test_connect(SMFICTX *ctx, char *name, struct sockaddr *sa)
 {
     const char *print_addr;
     char    buf[BUFSIZ];

postfix/src/oqmgr/qmgr_entry.c

@@ -331,8 +331,7 @@ QMGR_ENTRY *qmgr_entry_create(QMGR_QUEUE *queue, QMGR_MESSAGE *message)
      * 
      * XXX At this point in the code, the busy reference count is still less
      * than the concurrency limit (otherwise this code would not be invoked
-     * in the first place) so we have to make some awkward adjustments
-     * below.
+     * in the first place) so we have to make some awkward adjustments below.
      * 
      * XXX The queue length test below looks at the active queue share of an
      * individual destination. This catches the case where mail for one

postfix/src/pipe/pipe.c

@@ -551,7 +551,7 @@
 #define PIPE_DICT_SASL_USERNAME	"sasl_username"	/* key */
 #define PIPE_DICT_SASL_SENDER	"sasl_sender"	/* key */
 #define PIPE_DICT_QUEUE_ID	"queue_id"	/* key */
-#define PIPE_DICT_ENVID		"envid"		/* key */
+#define PIPE_DICT_ENVID		"envid"	/* key */
 
  /*
   * Flags used to pass back the type of special parameter found by

postfix/src/postscreen/postscreen_dnsbl.c

@@ -231,7 +231,7 @@ static void psc_dnsbl_add_site(const char *site)
     int     weight;
     HTABLE_INFO *ht;
     char   *parse_err;
-    const char  *safe_dnsbl;
+    const char *safe_dnsbl;
 
     /*
      * Parse the required DNSBL domain name, the optional reply filter and

postfix/src/posttls-finger/posttls-finger.c

@@ -901,7 +901,7 @@ static int starttls(STATE *state)
 	    state->tls_context = tls_proxy_context_receive(state->stream);
 	    if (state->tls_context) {
 		if (state->log_mask &
-		    (TLS_LOG_CERTMATCH | TLS_LOG_VERBOSE | TLS_LOG_PEERCERT)) {
+		 (TLS_LOG_CERTMATCH | TLS_LOG_VERBOSE | TLS_LOG_PEERCERT)) {
 		    if (state->tls_context->stoc_rpk)
 			msg_info("%s: pkey_fingerprint=%s", state->namaddrport,
 				 state->tls_context->peer_pkey_fprint);
@@ -2147,8 +2147,8 @@ static void parse_match(STATE *state, int argc, char *argv[])
     int     smtp_mode = 1;
 
     /*
-     * DANE match names are configured late, once the TLSA records are in hand.
-     * For now, prepare to fall back to "secure".
+     * DANE match names are configured late, once the TLSA records are in
+     * hand. For now, prepare to fall back to "secure".
      */
     switch (state->level) {
     default:

postfix/src/qmgr/qmgr_entry.c

@@ -392,8 +392,7 @@ QMGR_ENTRY *qmgr_entry_create(QMGR_PEER *peer, QMGR_MESSAGE *message)
      * 
      * XXX At this point in the code, the busy reference count is still less
      * than the concurrency limit (otherwise this code would not be invoked
-     * in the first place) so we have to make some awkward adjustments
-     * below.
+     * in the first place) so we have to make some awkward adjustments below.
      * 
      * XXX The queue length test below looks at the active queue share of an
      * individual destination. This catches the case where mail for one

postfix/src/qmqpd/qmqpd_peer.c

@@ -199,10 +199,10 @@ void    qmqpd_peer_init(QMQPD_STATE *state)
 	    /*
 	     * Following RFC 2821 section 4.1.3, an IPv6 address literal gets
 	     * a prefix of 'IPv6:'. We do this consistently for all IPv6
-	     * addresses that appear in headers or envelopes. The fact
-	     * that valid_mailhost_addr() enforces the form helps of course.
-	     * We use the form without IPV6: prefix when doing access
-	     * control, or when accessing the connection cache.
+	     * addresses that appear in headers or envelopes. The fact that
+	     * valid_mailhost_addr() enforces the form helps of course. We
+	     * use the form without IPV6: prefix when doing access control,
+	     * or when accessing the connection cache.
 	     */
 	    else {
 		state->addr = mystrdup(client_addr.buf);

postfix/src/smtp/smtp.h

@@ -519,8 +519,8 @@ extern HBC_CALL_BACKS smtp_hbc_callbacks[];
 	(session->expire_time = (when))
 
  /*
-  * Encapsulate the following so that we don't expose details of
-  * connection management and error handling to the SMTP protocol engine.
+  * Encapsulate the following so that we don't expose details of connection
+  * management and error handling to the SMTP protocol engine.
   */
 #ifdef USE_SASL_AUTH
 #define HAVE_SASL_CREDENTIALS \

postfix/src/smtp/smtp_tlsrpt.c

@@ -254,7 +254,7 @@ void    smtp_tlsrpt_create_wrapper(SMTP_STATE *state, const char *domain)
 			    /* rpt_socket_name= */ var_smtp_tlsrpt_sockname,
 				    /* rpt_policy_domain= */ adomain,
 				    /* rpt_policy_string= */ rr->data,
-		    /* skip_reused_hs = */ var_smtp_tlsrpt_skip_reused_hs);
+		     /* skip_reused_hs = */ var_smtp_tlsrpt_skip_reused_hs);
 	dns_rr_free(rr);
     } else {
 	if (msg_verbose)

postfix/src/smtp/smtp_unalias.c

@@ -86,11 +86,11 @@ const char *smtp_unalias_name(const char *name)
     if ((result = htable_find(cache, name)) == 0) {
 	fqdn = vstring_alloc(10);
 	if (dns_lookup_l(name, smtp_unalias_flags, (DNS_RR **) 0, fqdn,
-			     (VSTRING *) 0, DNS_REQ_FLAG_NONE, T_MX, T_A,
+			 (VSTRING *) 0, DNS_REQ_FLAG_NONE, T_MX, T_A,
 #ifdef HAS_IPV6
-			     T_AAAA,
+			 T_AAAA,
 #endif
-			     0) != DNS_OK)
+			 0) != DNS_OK)
 	    vstring_strcpy(fqdn, name);
 	htable_enter(cache, name, result = vstring_export(fqdn));
     }

postfix/src/smtpd/smtpd_milter.h

@@ -24,4 +24,3 @@ extern const char *smtpd_milter_eval(const char *, void *);
 /*	P.O. Box 704
 /*	Yorktown Heights, NY 10598, USA
 /*--*/
-

postfix/src/smtpd/smtpd_resolve.h

@@ -17,7 +17,7 @@
   * External interface.
   */
 extern void smtpd_resolve_init(int);
-extern const RESOLVE_REPLY *smtpd_resolve_addr(const char*, const char *);
+extern const RESOLVE_REPLY *smtpd_resolve_addr(const char *, const char *);
 
 /* LICENSE
 /* .ad

postfix/src/tls/tls_client.c

@@ -844,9 +844,9 @@ TLS_APPL_STATE *tls_client_init(const TLS_CLIENT_INIT_PROPS *props)
     }
 
     /*
-     * Enable support for client->server raw public keys, provided we actually
-     * have keys to send.  They'll only be used if the server also enables
-     * client RPKs.
+     * Enable support for client->server raw public keys, provided we
+     * actually have keys to send.  They'll only be used if the server also
+     * enables client RPKs.
      * 
      * XXX: When the server requests client auth, the TLS 1.2 protocol does not
      * provide an unambiguous mechanism for the client to not send an RPK (as
@@ -854,24 +854,24 @@ TLS_APPL_STATE *tls_client_init(const TLS_CLIENT_INIT_PROPS *props)
      * enable client RPK also with no keys in hand.
      * 
      * A very unlikely scenario is that the server allows clients to not send
-     * keys, but only accepts keys for a set of algorithms we don't have.  Then
-     * we still can't send a key, but have agreed to RPK.  OpenSSL will attempt
-     * to send an empty RPK even with TLS 1.2 (and will accept such a message),
-     * but other implementations may be more strict.
+     * keys, but only accepts keys for a set of algorithms we don't have.
+     * Then we still can't send a key, but have agreed to RPK.  OpenSSL will
+     * attempt to send an empty RPK even with TLS 1.2 (and will accept such a
+     * message), but other implementations may be more strict.
      * 
      * We could limit client RPK support to connections that support only TLS
      * 1.3 and up, but that's practical only decades in the future, and the
      * risk scenario is contrived and very unlikely.
      */
     if (SSL_CTX_get0_certificate(client_ctx) != NULL &&
-        SSL_CTX_get0_privatekey(client_ctx) != NULL)
-        tls_enable_client_rpk(client_ctx, NULL);
+	SSL_CTX_get0_privatekey(client_ctx) != NULL)
+	tls_enable_client_rpk(client_ctx, NULL);
 
     /*
      * With OpenSSL 1.0.2 and later the client EECDH curve list becomes
      * configurable with the preferred curve negotiated via the supported
-     * curves extension.  With OpenSSL 3.0 and TLS 1.3, the same applies
-     * to the FFDHE groups which become part of a unified "groups" list.
+     * curves extension.  With OpenSSL 3.0 and TLS 1.3, the same applies to
+     * the FFDHE groups which become part of a unified "groups" list.
      */
     tls_auto_groups(client_ctx, var_tls_eecdh_auto, var_tls_ffdhe_auto);
 

postfix/src/tls/tls_dane.c

@@ -459,7 +459,6 @@ void    tls_dane_add_fpt_digests(TLS_DANE *dane, int pkey_only,
 	    msg_warn("malformed fingerprint value: %.384s", values->argv[i]);
 	    continue;
 	}
-
 #define USTR_LEN(raw) (unsigned char *) STR(raw), VSTRING_LEN(raw)
 
 	/*
@@ -488,7 +487,6 @@ void    tls_dane_add_fpt_digests(TLS_DANE *dane, int pkey_only,
 		tlsa_info("fingerprint", "digest as private-use TLSA record",
 			  3, 0, 255, USTR_LEN(raw));
 	}
-
 	/* The public key match is unconditional */
 	dane->tlsa = tlsa_prepend(dane->tlsa, 3, 1, 255, USTR_LEN(raw));
 	if (log_mask & (TLS_LOG_VERBOSE | TLS_LOG_DANE))
@@ -820,10 +818,11 @@ int     tls_dane_enable(TLS_SESS_STATE *TLScontext)
 				tp->mtype, tp->data, tp->length);
 	if (ret > 0) {
 	    ++usable;
+
 	    /*
 	     * Disable use of RFC7250 raw public keys if any TLSA record
-	     * depends on X.509 certificates.  Only DANE-EE(3) SPKI(1) records
-	     * can get by with just a public key.
+	     * depends on X.509 certificates.  Only DANE-EE(3) SPKI(1)
+	     * records can get by with just a public key.
 	     */
 	    if (tp->usage != DNS_TLSA_USAGE_DOMAIN_ISSUED_CERTIFICATE
 		|| tp->selector != DNS_TLSA_SELECTOR_SUBJECTPUBLICKEYINFO)

postfix/src/tls/tls_dh.c

@@ -305,11 +305,11 @@ void    tls_tmp_dh(SSL_CTX *ctx, int useauto)
 /* ------------------------------------- Common API */
 
 #define AG_STAT_OK	(0)
-#define AG_STAT_NO_GROUP (-1)	/* no usable group, may retry */
-#define AG_STAT_NO_RETRY (-2)	/* other error, don't retry */
+#define AG_STAT_NO_GROUP (-1)		/* no usable group, may retry */
+#define AG_STAT_NO_RETRY (-2)		/* other error, don't retry */
 
 static int setup_auto_groups(SSL_CTX *ctx, const char *origin,
-				const char *eecdh,
+			             const char *eecdh,
 			             const char *ffdhe)
 {
 #ifndef OPENSSL_NO_ECDH
@@ -325,16 +325,16 @@ static int setup_auto_groups(SSL_CTX *ctx, const char *origin,
 	tls_print_errors();
 	return (AG_STAT_NO_RETRY);
     }
-
     if (!names)
 	names = vstring_alloc(sizeof DEF_TLS_EECDH_AUTO +
 			      sizeof DEF_TLS_FFDHE_AUTO);
     VSTRING_RESET(names);
+
     /*
      * OpenSSL does not tolerate duplicate groups in the requested list.
      * Deduplicate case-insensitively, just in case OpenSSL some day supports
-     * case-insensitive group lookup.  Deduplicate only verified extant groups
-     * we're going to ask OpenSSL to use.
+     * case-insensitive group lookup.  Deduplicate only verified extant
+     * groups we're going to ask OpenSSL to use.
      * 
      * OpenSSL 3.3 supports "?<name>" as a syntax for optionally ignoring
      * unsupported groups, so we could skip checking against the throw-away
@@ -358,11 +358,12 @@ static int setup_auto_groups(SSL_CTX *ctx, const char *origin,
 	SETUP_AG_RETURN(AG_STAT_NO_GROUP);
     }
     for (; group != 0; group = mystrtok(&groups, GROUPS_SEP)) {
+
 	/*
 	 * Validate the group name by trying it as the group for a throw-away
-	 * SSL context. This way, we can ask for new groups that may not yet be
-	 * supported by the underlying OpenSSL runtime.  Unsupported groups are
-	 * silently ignored.
+	 * SSL context. This way, we can ask for new groups that may not yet
+	 * be supported by the underlying OpenSSL runtime.  Unsupported
+	 * groups are silently ignored.
 	 */
 	ERR_set_mark();
 	if (SSL_CTX_set1_curves_list(tmpctx, group) > 0 &&
@@ -412,7 +413,7 @@ void    tls_auto_groups(SSL_CTX *ctx, const char *eecdh, const char *ffdhe)
      * group selection is mere performance tuning and not security critical.
      * All the groups supported for negotiation should be strong enough.
      */
-    for (origin = "configured"; /* void */ ; /* void */) {
+    for (origin = "configured"; /* void */ ; /* void */ ) {
 	switch (setup_auto_groups(ctx, origin, eecdh, ffdhe)) {
 	case AG_STAT_OK:
 	    return;

postfix/src/tls/tls_misc.c

@@ -1080,11 +1080,11 @@ void    tls_get_signature_params(TLS_SESS_STATE *TLScontext)
     }
 
     /*
-     * On the client side, a TLS 1.3 KEM has no server key, just ciphertext to
-     * decapsulate, but, as of OpenSSL 3.0, the client can still obtain the
-     * negotiated group name directly.  We nevertheless still try to get the
-     * group details from the peer key first, which works with OpenSSL 1.1.1
-     * and retains the original output format for the (EC)DH groups.
+     * On the client side, a TLS 1.3 KEM has no server key, just ciphertext
+     * to decapsulate, but, as of OpenSSL 3.0, the client can still obtain
+     * the negotiated group name directly.  We nevertheless still try to get
+     * the group details from the peer key first, which works with OpenSSL
+     * 1.1.1 and retains the original output format for the (EC)DH groups.
      */
     if (!kex_name)
 	kex_name = TLS_GROUP_NAME(ssl);
@@ -1252,10 +1252,10 @@ void    tls_log_summary(TLS_ROLE role, TLS_USAGE usage, TLS_SESS_STATE *ctx)
 			       ctx->srvr_sig_name);
 	if (ctx->srvr_sig_curve && *ctx->srvr_sig_curve)
 	    vstring_sprintf_append(msg, " (%s%s)", ctx->srvr_sig_curve,
-	                           ctx->stoc_rpk ? " raw public key" : "");
+				   ctx->stoc_rpk ? " raw public key" : "");
 	else if (ctx->srvr_sig_bits > 0)
 	    vstring_sprintf_append(msg, " (%d bit%s)", ctx->srvr_sig_bits,
-	                           ctx->stoc_rpk ? " raw public key" : "s");
+				   ctx->stoc_rpk ? " raw public key" : "s");
 	else if (ctx->stoc_rpk)
 	    vstring_sprintf_append(msg, " (raw public key)");
 	if (ctx->srvr_sig_dgst && *ctx->srvr_sig_dgst)
@@ -1267,10 +1267,10 @@ void    tls_log_summary(TLS_ROLE role, TLS_USAGE usage, TLS_SESS_STATE *ctx)
 			       ctx->clnt_sig_name);
 	if (ctx->clnt_sig_curve && *ctx->clnt_sig_curve)
 	    vstring_sprintf_append(msg, " (%s%s)", ctx->clnt_sig_curve,
-	                           ctx->ctos_rpk ? " raw public key" : "");
+				   ctx->ctos_rpk ? " raw public key" : "");
 	else if (ctx->clnt_sig_bits > 0)
 	    vstring_sprintf_append(msg, " (%d bit%s)", ctx->clnt_sig_bits,
-	                           ctx->ctos_rpk ? " raw public key" : "s");
+				   ctx->ctos_rpk ? " raw public key" : "s");
 	else if (ctx->ctos_rpk)
 	    vstring_sprintf_append(msg, " (raw public key)");
 	if (ctx->clnt_sig_dgst && *ctx->clnt_sig_dgst)
@@ -1465,16 +1465,16 @@ void    tls_check_version(void)
      * later minor numbers starting with 3.0.0.
      */
     if (hdr_info.major >= 3) {
-        warn_compat = lib_info.major != hdr_info.major 
-            || lib_info.minor < hdr_info.minor;
+	warn_compat = lib_info.major != hdr_info.major
+	    || lib_info.minor < hdr_info.minor;
     } else if (hdr_info.major == 1 && hdr_info.minor != 0) {
-        warn_compat = lib_info.major != hdr_info.major 
-            || lib_info.minor != hdr_info.minor
-            || lib_info.micro < hdr_info.micro;
+	warn_compat = lib_info.major != hdr_info.major
+	    || lib_info.minor != hdr_info.minor
+	    || lib_info.micro < hdr_info.micro;
     } else {
-        warn_compat = lib_info.major != hdr_info.major
-            || lib_info.minor != hdr_info.minor
-            || lib_info.micro != hdr_info.micro;
+	warn_compat = lib_info.major != hdr_info.major
+	    || lib_info.minor != hdr_info.minor
+	    || lib_info.micro != hdr_info.micro;
     }
     if (warn_compat)
 	msg_warn("run-time library vs. compile-time header version mismatch: "

postfix/src/tls/tls_proxy_client_print.c

@@ -347,7 +347,7 @@ int     tls_proxy_client_start_print(ATTR_PRINT_COMMON_FN print_fn,
 				  (const void *) props->tlsrpt),
 #endif
 		   SEND_ATTR_STR(TLS_ATTR_FFAIL_TYPE,
-				  STRING_OR_EMPTY(props->ffail_type)),
+				 STRING_OR_EMPTY(props->ffail_type)),
 		   ATTR_TYPE_END);
     /* Do not flush the stream. */
     if (msg_verbose)

postfix/src/tls/tls_server.c

@@ -168,10 +168,12 @@
 static const char server_session_id_context[] = "Postfix/TLS";
 
 #ifndef OPENSSL_NO_TLSEXT
+
  /*
   * We retain the cipher handle for the lifetime of the process.
   */
 static const EVP_CIPHER *tkt_cipher;
+
 #endif
 
 #define GET_SID(s, v, lptr)	((v) = SSL_SESSION_get_id((s), (lptr)))
@@ -691,10 +693,10 @@ TLS_APPL_STATE *tls_server_init(const TLS_SERVER_INIT_PROPS *props)
     tls_tmp_dh(sni_ctx, 1);
 
     /*
-     * Enable EECDH if available, errors are not fatal, we just keep going with
-     * any remaining key-exchange algorithms.  With OpenSSL 3.0 and TLS 1.3,
-     * the same applies to the FFDHE groups which become part of a unified
-     * "groups" list.
+     * Enable EECDH if available, errors are not fatal, we just keep going
+     * with any remaining key-exchange algorithms.  With OpenSSL 3.0 and TLS
+     * 1.3, the same applies to the FFDHE groups which become part of a
+     * unified "groups" list.
      */
     tls_auto_groups(server_ctx, var_tls_eecdh_auto, var_tls_ffdhe_auto);
     tls_auto_groups(sni_ctx, var_tls_eecdh_auto, var_tls_ffdhe_auto);
@@ -874,7 +876,8 @@ TLS_SESS_STATE *tls_server_start(const TLS_SERVER_START_PROPS *props)
     }
 
     /*
-     * When encryption is mandatory use the 80-bit plus OpenSSL security level.
+     * When encryption is mandatory use the 80-bit plus OpenSSL security
+     * level.
      */
     if (props->requirecert)
 	SSL_set_security_level(TLScontext->con, 1);
@@ -1054,7 +1057,7 @@ TLS_SESS_STATE *tls_server_post_accept(TLS_SESS_STATE *TLScontext)
 	     * way to associate DANE TLSA RRs with clients just yet, we just
 	     * make the fingerprint available to the access(5) layer.
 	     */
-            TLScontext->peer_status |= TLS_CRED_FLAG_RPK;
+	    TLScontext->peer_status |= TLS_CRED_FLAG_RPK;
 	    TLScontext->peer_pkey_fprint =
 		tls_pkey_fprint(pkey, TLScontext->mdalg);
 	    if (TLScontext->log_mask & (TLS_LOG_VERBOSE | TLS_LOG_PEERCERT))

postfix/src/util/alldig.c

@@ -60,14 +60,14 @@ int     alldig(const char *string)
 
 /* allalnum - return true if string is all alphanum */
 
-int allalnum(const char *string)
+int     allalnum(const char *string)
 {
     const char *cp;
 
     if (*string == 0)
-        return (0);
+	return (0);
     for (cp = string; *cp != 0; cp++)
-        if (!ISALNUM(*cp))
-            return (0);
+	if (!ISALNUM(*cp))
+	    return (0);
     return (1);
 }

postfix/src/util/byte_mask.c

@@ -291,7 +291,7 @@ int     main(int argc, char **argv)
 	vstream_printf("%s -> 0x%x -> %s\n",
 		       STR(in_buf), demo_mask,
 		       demo_str ? demo_str : "(null)");
-	demo_mask <<=1;
+	demo_mask <<= 1;
 	demo_str = str_byte_mask_opt(out_buf, "mask", demo_table,
 				     demo_mask, out_feature_mask);
 	vstream_printf("0x%x -> %s\n",

postfix/src/util/cidr_match.h

@@ -29,9 +29,9 @@
   * strings should be.
   */
 #ifdef HAS_IPV6
-# define CIDR_MATCH_ABYTES	MAI_V6ADDR_BYTES
+#define CIDR_MATCH_ABYTES	MAI_V6ADDR_BYTES
 #else
-# define CIDR_MATCH_ABYTES	MAI_V4ADDR_BYTES
+#define CIDR_MATCH_ABYTES	MAI_V4ADDR_BYTES
 #endif
 
  /*

postfix/src/util/dict.h

@@ -325,7 +325,7 @@ extern const char *dict_file_lookup(DICT *dict, const char *);
   * dict_stream(3)
   */
 extern VSTREAM *dict_stream_open(const char *dict_type, const char *mapname,
-            int open_flags, int dict_flags, struct stat * st, VSTRING **why);
+           int open_flags, int dict_flags, struct stat * st, VSTRING **why);
 
 /* LICENSE
 /* .ad

postfix/src/util/dict_cdb.h

@@ -41,4 +41,4 @@ extern MKMAP *mkmap_cdb_open(const char *);
 /*	New York, NY 10011, USA
 /*--*/
 
-#endif /* _DICT_CDB_H_INCLUDED_ */
+#endif					/* _DICT_CDB_H_INCLUDED_ */

postfix/src/util/dup2_pass_on_exec.c

@@ -49,14 +49,14 @@ int     main(int unused_argc, char **unused_argv)
     DO((res = fcntl(3, F_GETFD, 0)));
     if (res & 1)
 	printf(
-"Yes, a newly dup2()ed file-descriptor has the close-on-exec \
+	       "Yes, a newly dup2()ed file-descriptor has the close-on-exec \
 flag cloned.\n\
 THIS VIOLATES Posix1003.1 section 6.2.1.2 or 6.5.2.2!\n\
 You should #define DUP2_DUPS_CLOSE_ON_EXEC in sys_defs.h \
 for your OS.\n");
     else
 	printf(
-"No, a newly dup2()ed file-descriptor has the close-on-exec \
+	       "No, a newly dup2()ed file-descriptor has the close-on-exec \
 flag cleared.\n\
 This complies with Posix1003.1 section 6.2.1.2 and 6.5.2.2!\n");
 

postfix/src/util/duplex_pipe.c

@@ -46,4 +46,3 @@ int     duplex_pipe(int *fds)
     return (sane_socketpair(AF_UNIX, SOCK_STREAM, 0, fds));
 #endif
 }
-

postfix/src/util/exec_command.c

@@ -67,9 +67,9 @@ ABCDEFGHIJKLMNOPQRSTUVWXYZ" SPACE_TAB;
 	&& command[strspn(command, SPACE_TAB)] != 0) {
 
 	/*
-	 * No shell meta characters found, so we can try to avoid the overhead
-	 * of running a shell. Just split the command on whitespace and exec
-	 * the result directly.
+	 * No shell meta characters found, so we can try to avoid the
+	 * overhead of running a shell. Just split the command on whitespace
+	 * and exec the result directly.
 	 */
 	argv = argv_split(command, SPACE_TAB);
 	(void) execvp(argv->argv[0], argv->argv);

postfix/src/util/find_inet.c

@@ -192,7 +192,8 @@ struct test_case test_cases[] = {
     },
 };
 
-int main(int argc, char **argv) {
+int     main(int argc, char **argv)
+{
     struct test_case *tp;
     struct association *ap;
     int     pass = 0;

postfix/src/util/hash_fnv.c

@@ -193,7 +193,7 @@ int     main(void)
 	    if ((hval = hash_fnvz(tp->str)) != tp->hval) {
 		msg_warn("hash_fnv(\"%s\") want %lu, got: %lu",
 			 tp->str, (unsigned long) tp->hval,
-			(unsigned long) hval);
+			 (unsigned long) hval);
 		test_failed = 1;
 	    }
 	    if (test_failed) {

postfix/src/util/inet_addr_sizes.c

@@ -64,9 +64,9 @@ static const INET_ADDR_SIZES table[] = {
 
 /* inet_addr_sizes - get address size metrics for address family */
 
-const   INET_ADDR_SIZES *inet_addr_sizes(int af)
+const INET_ADDR_SIZES *inet_addr_sizes(int af)
 {
-    const   INET_ADDR_SIZES *sp;
+    const INET_ADDR_SIZES *sp;
 
     for (sp = table; /* see below */ ; sp++) {
 	if (sp >= table + sizeof(table) / sizeof(*table))

postfix/src/util/inet_connect.c

@@ -108,7 +108,6 @@ int     inet_connect(const char *addr, int block_mode, int timeout)
 	errno = EADDRNOTAVAIL;			/* for up-stream "%m" */
 	return (-1);
     }
-
     proto_info = inet_proto_info();
     for (sock = -1, found = 0, res = res0; res != 0; res = res->ai_next) {
 

postfix/src/util/load_file.h

@@ -14,7 +14,7 @@
  /*
   * External interface.
   */
-typedef void (*LOAD_FILE_FN)(VSTREAM *, void *);
+typedef void (*LOAD_FILE_FN) (VSTREAM *, void *);
 
 extern void load_file(const char *, LOAD_FILE_FN, void *);
 

postfix/src/util/load_lib.h

@@ -17,12 +17,12 @@
 /* NULL name terminates list */
 typedef struct LIB_FN {
     const char *name;
-    void  (*fptr)(void);
+    void    (*fptr) (void);
 } LIB_FN;
 
 typedef struct LIB_DP {
     const char *name;
-    void  *dptr;
+    void   *dptr;
 } LIB_DP;
 
 extern void load_library_symbols(const char *, LIB_FN *, LIB_DP *);

postfix/src/util/mac_expand.h

@@ -45,7 +45,7 @@ typedef enum MAC_EXP_OP_RES {
     MAC_EXP_OP_RES_TRUE,
     MAC_EXP_OP_RES_FALSE,
     MAC_EXP_OP_RES_ERROR,
-} MAC_EXP_OP_RES;
+}       MAC_EXP_OP_RES;
 
 
 extern MAC_EXP_OP_RES mac_exp_op_res_bool[2];
@@ -57,7 +57,7 @@ extern MAC_EXP_OP_RES mac_exp_op_res_bool[2];
 #define MAC_EXP_MODE_USE	(1)
 
 typedef const char *(*MAC_EXP_LOOKUP_FN) (const char *, int, void *);
-typedef MAC_EXP_OP_RES (*MAC_EXPAND_RELOP_FN) (const char *, int, const char *);
+typedef MAC_EXP_OP_RES(*MAC_EXPAND_RELOP_FN) (const char *, int, const char *);
 
 extern int mac_expand(VSTRING *, const char *, int, const char *, MAC_EXP_LOOKUP_FN, void *);
 void    mac_expand_add_relop(int *, const char *, MAC_EXPAND_RELOP_FN);

postfix/src/util/midna_domain.h

@@ -22,6 +22,7 @@ extern void midna_domain_pre_chroot(void);
 
 extern int midna_domain_cache_size;
 extern int midna_domain_transitional;
+
 /* LICENSE
 /* .ad
 /* .fi

postfix/src/util/mkmap_cdb.c

@@ -53,13 +53,14 @@
 /* This is a dummy module, since CDB has all the functionality
  * built-in, as cdb creation requires one global lock anyway. */
 
-MKMAP *mkmap_cdb_open(const char *unused_path)
+MKMAP  *mkmap_cdb_open(const char *unused_path)
 {
     MKMAP  *mkmap = (MKMAP *) mymalloc(sizeof(*mkmap));
+
     mkmap->open = dict_cdb_open;
     mkmap->after_open = 0;
     mkmap->after_close = 0;
     return (mkmap);
 }
 
-#endif /* HAS_CDB */
+#endif					/* HAS_CDB */

postfix/src/util/mvect.c

@@ -73,7 +73,7 @@
 /* mvect_alloc - allocate memory vector */
 
 char   *mvect_alloc(MVECT *vect, ssize_t elsize, ssize_t nelm,
-               void (*init_fn) (char *, ssize_t), void (*wipe_fn) (char *, ssize_t))
+        void (*init_fn) (char *, ssize_t), void (*wipe_fn) (char *, ssize_t))
 {
     vect->init_fn = init_fn;
     vect->wipe_fn = wipe_fn;

postfix/src/util/myaddrinfo.h

@@ -109,12 +109,12 @@ extern char *gai_strerror(int);
   * they suggest that space for the null terminator is not included.
   */
 #ifdef HAS_IPV6
-# define MAI_HOSTADDR_STRSIZE	INET6_ADDRSTRLEN
+#define MAI_HOSTADDR_STRSIZE	INET6_ADDRSTRLEN
 #else
-# ifndef INET_ADDRSTRLEN
-#  define INET_ADDRSTRLEN	16
-# endif
-# define MAI_HOSTADDR_STRSIZE	INET_ADDRSTRLEN
+#ifndef INET_ADDRSTRLEN
+#define INET_ADDRSTRLEN	16
+#endif
+#define MAI_HOSTADDR_STRSIZE	INET_ADDRSTRLEN
 #endif
 
 #define MAI_HOSTNAME_STRSIZE	1025

postfix/src/util/name_mask.c

@@ -316,7 +316,7 @@ const char *str_name_mask_opt(VSTRING *buf, const char *context,
 /* long_name_mask_delim_opt - compute mask corresponding to list of names */
 
 long    long_name_mask_delim_opt(const char *context,
-				         const LONG_NAME_MASK * table,
+				         const LONG_NAME_MASK *table,
 			               const char *names, const char *delim,
 				         int flags)
 {
@@ -378,7 +378,7 @@ long    long_name_mask_delim_opt(const char *context,
 /* str_long_name_mask_opt - mask to string */
 
 const char *str_long_name_mask_opt(VSTRING *buf, const char *context,
-				           const LONG_NAME_MASK * table,
+				           const LONG_NAME_MASK *table,
 				           long mask, int flags)
 {
     const char *myname = "name_mask";

postfix/src/util/open_limit.c

@@ -58,6 +58,7 @@ int     open_limit(int limit)
 {
 #ifdef RLIMIT_NOFILE
     struct rlimit rl;
+
 #endif
 
     if (limit < 0) {
@@ -97,4 +98,3 @@ int     open_limit(int limit)
     return (getdtablesize());
 #endif
 }
-

postfix/src/util/parse_utf8_char.h

@@ -49,7 +49,7 @@
 #include <sys_defs.h>
 
 #ifdef NO_INLINE
-#define inline /* */
+#define inline				/* */
 #endif
 
 /* parse_utf8_char - parse and validate one UTF8 multibyte sequence */

postfix/src/util/posix_signals.c

@@ -57,7 +57,7 @@ int     sigaddset(sigset_t *set, int signum)
 
 int     sigprocmask(int how, sigset_t *set, sigset_t *old)
 {
-    int previous;
+    int     previous;
 
     if (how == SIG_BLOCK)
 	previous = sigblock(*set);
@@ -91,7 +91,7 @@ static int sighandle(int signum)
     actions[signum].sa_handler(signum);
 }
 
-int     sigaction(int sig, struct sigaction *act, struct sigaction *oact)
+int     sigaction(int sig, struct sigaction * act, struct sigaction * oact)
 {
     static int initialized = 0;
 

postfix/src/util/slmdb.c

@@ -281,8 +281,8 @@
   * closest thing that C has to exception handling). The application is then
   * expected to repeat the bulk transaction from scratch.
   * 
-  * When any code aborts a bulk transaction, it must reset slmdb->txn to null
-  * to avoid a use-after-free problem in slmdb_close().
+  * When any code aborts a bulk transaction, it must reset slmdb->txn to null to
+  * avoid a use-after-free problem in slmdb_close().
   */
 
  /*

postfix/src/util/strcasecmp.c

@@ -33,6 +33,7 @@
 
 #if defined(LIBC_SCCS) && !defined(lint)
 static char sccsid[] = "@(#)strcasecmp.c	8.1 (Berkeley) 6/4/93";
+
 #endif					/* LIBC_SCCS and not lint */
 
 #include <sys_defs.h>

postfix/src/util/stream_connect.c

@@ -104,6 +104,6 @@ int     stream_connect(const char *path, int block_mode, int unused_timeout)
      */
     return (pair[0]);
 #else
-    msg_fatal("stream connections are not implemented");
+            msg_fatal("stream connections are not implemented");
 #endif
 }

postfix/src/util/stream_recv_fd.c

@@ -62,7 +62,7 @@ int     stream_recv_fd(int fd)
 	return (-1);
     return (fdinfo.fd);
 #else
-    msg_fatal("stream connections are not implemented");
+            msg_fatal("stream connections are not implemented");
 #endif
 }
 

postfix/src/util/stream_test.c

@@ -103,9 +103,11 @@ int     main(int argc, char **argv)
 	msg_fatal("close server fd");
     return (0);
 }
+
 #else
 int     main(int argc, char **argv)
 {
     return (0);
 }
+
 #endif

postfix/src/util/unix_dgram_connect.c

@@ -60,6 +60,7 @@
 int     unix_dgram_connect(const char *path, int block_mode)
 {
     const char myname[] = "unix_dgram_connect";
+
 #undef sun
     struct sockaddr_un sun;
     ssize_t path_len;