postfix-2.4-20070131

postfix/HISTORY

@@ -13160,6 +13160,12 @@ Apologies for any names omitted.
 	Disable workaround pending completion of updated TLS]
 	support in non-production releases.
 
+20070131
+
+	Assorted code cleanup, portability fixes/workarounds, and
+	minor updates: global/dict_ldap.c, mantools/postlink,
+	tlsmgs/tlsmgr.c, conf/master.cf. LaMont Jones.
+
 Wish list:
 
 	Update message content length when adding/removing headers.

postfix/conf/master.cf

@@ -55,26 +55,45 @@ scache	  unix	-	-	n	-	1	scache
 # maildrop. See the Postfix MAILDROP_README file for details.
 # Also specify in main.cf: maildrop_destination_recipient_limit=1
 #
-maildrop  unix  -       n       n       -       -       pipe
+#maildrop  unix  -       n       n       -       -       pipe
-  flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
+#  flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
+#
+# ====================================================================
 #
 # The Cyrus deliver program has changed incompatibly, multiple times.
 #
-old-cyrus unix  -       n       n       -       -       pipe
+#old-cyrus unix  -       n       n       -       -       pipe
-  flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
+#  flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
+#
+# ====================================================================
+#
 # Cyrus 2.1.5 (Amos Gouaux)
 # Also specify in main.cf: cyrus_destination_recipient_limit=1
-cyrus     unix  -       n       n       -       -       pipe
+#
-  user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
+#cyrus     unix  -       n       n       -       -       pipe
+#  user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
+#
+# ====================================================================
 #
 # See the Postfix UUCP_README file for configuration details.
 #
-uucp      unix  -       n       n       -       -       pipe
+#uucp      unix  -       n       n       -       -       pipe
-  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
+#  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
+#
+# ====================================================================
 #
 # Other external delivery methods.
 #
-ifmail    unix  -       n       n       -       -       pipe
+#ifmail    unix  -       n       n       -       -       pipe
-  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
+#  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
-bsmtp     unix  -       n       n       -       -       pipe
+#
-  flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
+#bsmtp     unix  -       n       n       -       -       pipe
+#  flags=Fq. user=bsmtp argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
+#
+#scalemail-backend unix -       n       n       -       2       pipe
+#  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store
+#  ${nexthop} ${user} ${extension}
+#
+#mailman   unix  -       n       n       -       -       pipe
+#  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
+#  ${nexthop} ${user}

postfix/conf/postfix-files

@@ -311,6 +311,7 @@ $html_directory/SMTPD_ACCESS_README.html:f:root:-:644
 $html_directory/SMTPD_POLICY_README.html:f:root:-:644
 $html_directory/SMTPD_PROXY_README.html:f:root:-:644
 $html_directory/STANDARD_CONFIGURATION_README.html:f:root:-:644
+$html_directory/TLS_LEGACY_README.html:f:root:-:644
 $html_directory/TLS_README.html:f:root:-:644
 $html_directory/TUNING_README.html:f:root:-:644
 $html_directory/ULTRIX_README.html:f:root:-:644

postfix/mantools/postlink

@@ -8,15 +8,19 @@ LINE:
 while (<>) {
     chop;
 
-    # Glue together words that were broken across line breaks.
+    # Glue together words that were broken across line breaks.  The
+    # "label: if_block" was generated by a sed-to-perl converter; the
+    # braces around this are a workaround for buggy implementations.
 
-  Again:
+    {
-    if (/-[<\/bB>]*$/) {
+      Again:
-	$_ .= "\n";
+	if (/-[<\/bB>]*$/) {
-	$len1 = length;
+	    $_ .= "\n";
-	$_ .= <>;
+	    $len1 = length;
-	chop if $len1 < length;
+	    $_ .= <>;
-	goto Again;
+	    chop if $len1 < length;
+	    goto Again;
+	}
     }
     if (/<[Aa] *[HhNn][RrAa][EeMm][FfEe] *=/) {
 	print;

postfix/src/global/dict_ldap.c

@@ -266,29 +266,30 @@ typedef struct {
 
 static void rfc2253_quote(DICT *unused, const char *name, VSTRING *result)
 {
-    unsigned char *sub = (unsigned char *)name;
+    const char *sub = name;
-    size_t len;
+    size_t  len;
 
     /*
-     * The RFC only requires quoting of a leading or trailing space,
+     * The RFC only requires quoting of a leading or trailing space, but it
-     * but it is harmless to quote whitespace everywhere. Similarly,
+     * is harmless to quote whitespace everywhere. Similarly, we quote all
-     * we quote all '#' characters, even though only the leading '#'
+     * '#' characters, even though only the leading '#' character requires
-     * character requires quoting per the RFC.
+     * quoting per the RFC.
      */
     while (*sub)
-    	if ((len = strcspn(sub, " \t\"#+,;<>\\")) > 0) {
+	if ((len = strcspn(sub, " \t\"#+,;<>\\")) > 0) {
 	    vstring_strncat(result, sub, len);
 	    sub += len;
 	} else
-	    vstring_sprintf_append(result, "\\%02X", *(sub++));
+	    vstring_sprintf_append(result, "\\%02X",
+				   *((const unsigned char *) sub++));
 }
 
 /* rfc2254_quote - Quote input key for safe inclusion in the query filter */
 
 static void rfc2254_quote(DICT *unused, const char *name, VSTRING *result)
 {
-    unsigned char *sub = (unsigned char *)name;
+    const char *sub = name;
-    size_t len;
+    size_t  len;
 
     /*
      * If any characters in the supplied address should be escaped per RFC
@@ -298,11 +299,12 @@ static void rfc2254_quote(DICT *unused, const char *name, VSTRING *result)
      * parameter and then this more comprehensive mechanism.
      */
     while (*sub)
-    	if ((len = strcspn(sub, "*()\\")) > 0) {
+	if ((len = strcspn(sub, "*()\\")) > 0) {
 	    vstring_strncat(result, sub, len);
 	    sub += len;
 	} else
-	    vstring_sprintf_append(result, "\\%02X", *(sub++));
+	    vstring_sprintf_append(result, "\\%02X",
+				   *((const unsigned char *) sub++));
 }
 
 static BINHASH *conn_hash = 0;
@@ -355,7 +357,6 @@ static int dict_ldap_set_errno(LDAP * ld, int rc)
 
 static int dict_ldap_result(LDAP *ld, int msgid, int timeout, LDAPMessage **res)
 {
-    int     rc;
     struct timeval mytimeval;
 
     mytimeval.tv_sec = timeout;

postfix/src/global/mail_version.h

@@ -20,7 +20,7 @@
   * Patches change both the patchlevel and the release date. Snapshots have no
   * patchlevel; they change the release date only.
   */
-#define MAIL_RELEASE_DATE	"20070125"
+#define MAIL_RELEASE_DATE	"20070131"
 #define MAIL_VERSION_NUMBER	"2.4"
 
 #ifdef SNAPSHOT

postfix/src/tls/tls_misc.c

@@ -152,6 +152,8 @@ NAME_CODE tls_cipher_level_table[] = {
     0, TLS_CIPHER_NONE,
 };
 
+#if 0
+
 typedef struct {
     char   *algorithm;
     char   *exclusion;
@@ -187,6 +189,8 @@ static cipher_probe cipher_probe_list[] = {
     0, 0,
 };
 
+#endif
+
  /*
   * Parsed OpenSSL version number.
   */
@@ -204,9 +208,11 @@ const char *tls_cipher_list(int cipher_level,...)
 {
     const char *myname = "tls_cipher_list";
     static VSTRING *buf;
+#if 0
     static ARGV *exclude_unavailable;
     cipher_probe *probe;
     int     i;
+#endif
     va_list ap;
     const char *exclude;
     char   *tok;

postfix/src/tlsmgr/tlsmgr.c

@@ -213,6 +213,7 @@
   * Tunables.
   */
 char   *var_tls_rand_source;
+int     var_tls_daemon_rand_bytes;
 int     var_tls_rand_bytes;
 int     var_tls_reseed_period;
 int     var_tls_prng_exch_period;