Displaying 1 50 of 5,698 commits (0.057s)

pkgsrc — . pkglocate Makefile, archivers Makefile

Add CHANGES file for pkgsrc-2015Q2

OpenBSD — usr.sbin/smtpd control.c mproc.c

local user can cause smtpd to fail by sending invalid imsg to control sock

OpenBSD — usr.sbin/smtpd smtpd.conf.5

spacing, makes example fit on display.

no objection from gilles@
Delta File
+6 -6 usr.sbin/smtpd/smtpd.conf.5
+6 -6 1 file

OpenBSD — lib/libc/gen getpwent.c getgrouplist.c, lib/libutil pidfile.c

Do not assume that asprintf() clears the pointer on failure, which
is non-portable.  Also add missing asprintf() return value checks.
OK deraadt@ guenther@ doug@

OpenBSD — usr.sbin/smtpd control.c

Do not try to unlink the control socket in an unprivileged child
process on shutdown.
Found while working on tame(2).
OK gilles@
Delta File
+1 -2 usr.sbin/smtpd/control.c
+1 -2 1 file

OpenBSD — usr.sbin/smtpd smtp_session.c

the code to prevent AUTH PLAIN from logging credentials upon authentication
failure does not catch the AUTH LOGIN case. rework to use the session state
rather than using the session command.

spotted by pkern at debian.org
Delta File
+11 -3 usr.sbin/smtpd/smtp_session.c
+11 -3 1 file

OpenBSD — usr.sbin/smtpd enqueue.c

The enqueuer should never encouter the "From " separator in its headers, as
it is added by the mda. If it sees one, it means that the enqueuer was used
as the mda and it needs to strip it otherwise the message will end with two
delimiters later down the road. Same applies to "Return-Path".

bug experienced by James Turner, confirmed by Giovanni.
fix suggested by Todd Miller, diff ok eric@
Delta File
+8 -1 usr.sbin/smtpd/enqueue.c
+8 -1 1 file

FreeBSD Ports — head/mail/postfix-current Makefile pkg-plist, head/mail/postfix-current/files pkg-install.in

- update to version 3.0.1
- rename OPTIONS to match default name of most ports
  - SASL2 -> SASL
  - OPENLDAP -> LDAP
- install main.cf and master.cf with the @sample macro
- rework pkg-install
- fix wrong permission for /var/db/postfix [1]
- sets WANT_OPENLDAP_SASL option for openldap port when
  postfix LDAP_SASL option is set [2]
- make usage of new ${opt}_DEPENDS notation

Release 3.0.1 or 3.0.2 is now a strong candidate to become the new
default mail/postfix port (missing components are VDA and SPF).

Changelog:
20150211
        Cleanup: strncasecmp_utf8() streamlining. Files: util/stringops.h,
        util/allascii.c, util/strcasecmp_utf8.c.

20150214
        Bugfix (introduced: Postfix 3.0): missing #ifdef USE_TLS
        inside #ifdef USE_SASL_AUTH.  Viktor Dukhovni. File:
        smtpd/smtpd.c.

20150217

    [36 lines not shown]

OpenBSD — usr.sbin/smtpd util.c

use res_hnok() to valid domain part in valid_domain()

ok eric@
Delta File
+3 -19 usr.sbin/smtpd/util.c
+3 -19 1 file

OpenBSD — usr.sbin/smtpd enqueue.c

S was misplaced in r1.89, the optarg that was removed was actually needed
by R, so reintroduce it in the proper place.

spotted and diff by Sunil Nimmagadda
Delta File
+2 -2 usr.sbin/smtpd/enqueue.c
+2 -2 1 file

OpenBSD — usr.sbin/smtpd enqueue.c

smtpd enqueue -S does not take an argument, fix optstring accordingly

fix by Nathanael Rensen
Delta File
+2 -2 usr.sbin/smtpd/enqueue.c
+2 -2 1 file

OpenBSD — etc/mtree 4.4BSD.dist

Add smtpd(8) spool directories so that they are registered as part of base.

ok henning@ gilles@ deraadt@
Delta File
+14 -1 etc/mtree/4.4BSD.dist
+14 -1 1 file

OpenBSD — usr.sbin/smtpd smtp_session.c ssl_smtpd.c

Incorrect logic in smtpd(8) can lead to unexpected client disconnect, invalid
certificate in SNI negotiation or server crash.

spotted by Edwin Torok

OpenBSD — usr.sbin/smtpd smtp_session.c

remove superfluous ';' in Received lines
Delta File
+6 -6 usr.sbin/smtpd/smtp_session.c
+6 -6 1 file

OpenBSD — usr.sbin/smtpd forward.5

typo
Delta File
+3 -3 usr.sbin/smtpd/forward.5
+3 -3 1 file

OpenBSD — usr.sbin/smtpd ssl.c

Missing free(3) in error path
Delta File
+2 -1 usr.sbin/smtpd/ssl.c
+2 -1 1 file

OpenBSD — usr.sbin/smtpd smtpd.conf.5

Document how to use anti-spoofing rules to reject spam.
OK deraadt@ gilles@ phessler@
Delta File
+26 -3 usr.sbin/smtpd/smtpd.conf.5
+26 -3 1 file

Bitrig — usr.sbin/smtpd smtpd.conf.5

Document how to use anti-spoofing rules to reject spam.
OK deraadt@ gilles@ phessler@
Delta File
+26 -3 usr.sbin/smtpd/smtpd.conf.5
+26 -3 1 file

Bitrig — usr.sbin/smtpd smtpd.conf.5

Document how to use anti-spoofing rules to reject spam.
OK deraadt@ gilles@ phessler@
Delta File
+26 -3 usr.sbin/smtpd/smtpd.conf.5
+26 -3 1 file

OpenBSD — usr.sbin/smtpd smtpd.conf.5

Cleanup smtpd.conf(5).

 - use literal <> around smtpd tables instead of Aq
 - mark up some directives as Ic (previously Ar or unmarked)
 - use Dq/Sq instead of " in a few appropriate places
 - use Bl -column instead of Bd -literal for tables

ok schwarze@
Delta File
+78 -66 usr.sbin/smtpd/smtpd.conf.5
+78 -66 1 file

Bitrig — usr.sbin/smtpd smtpd.conf.5

Cleanup smtpd.conf(5).

 - use literal <> around smtpd tables instead of Aq
 - mark up some directives as Ic (previously Ar or unmarked)
 - use Dq/Sq instead of " in a few appropriate places
 - use Bl -column instead of Bd -literal for tables

ok schwarze@
Delta File
+78 -66 usr.sbin/smtpd/smtpd.conf.5
+78 -66 1 file

Bitrig — usr.sbin/smtpd smtpd.conf.5

Cleanup smtpd.conf(5).

 - use literal <> around smtpd tables instead of Aq
 - mark up some directives as Ic (previously Ar or unmarked)
 - use Dq/Sq instead of " in a few appropriate places
 - use Bl -column instead of Bd -literal for tables

ok schwarze@
Delta File
+78 -66 usr.sbin/smtpd/smtpd.conf.5
+78 -66 1 file

Bitrig — usr.sbin/smtpd enqueue.c

Do not use the name returned by getlogin() when pw_uid from
getpwnam(getlogin()) doesn't match the real uid, unless the real
uid is 0.  This matches the behavior of sendmail and gives the
corrent sender for mail sent by daemons that got started by a
user who su'd or used sudo.  OK dlg@ gilles@
Delta File
+9 -4 usr.sbin/smtpd/enqueue.c
+9 -4 1 file

Bitrig — usr.sbin/smtpd enqueue.c

Do not use the name returned by getlogin() when pw_uid from
getpwnam(getlogin()) doesn't match the real uid, unless the real
uid is 0.  This matches the behavior of sendmail and gives the
corrent sender for mail sent by daemons that got started by a
user who su'd or used sudo.  OK dlg@ gilles@
Delta File
+9 -4 usr.sbin/smtpd/enqueue.c
+9 -4 1 file

OpenBSD — usr.sbin/smtpd enqueue.c

Do not use the name returned by getlogin() when pw_uid from
getpwnam(getlogin()) doesn't match the real uid, unless the real
uid is 0.  This matches the behavior of sendmail and gives the
corrent sender for mail sent by daemons that got started by a
user who su'd or used sudo.  OK dlg@ gilles@
Delta File
+9 -4 usr.sbin/smtpd/enqueue.c
+9 -4 1 file

Bitrig — usr.sbin/ldapd ber.c, usr.sbin/smtpd ber.c

ber_printf_elements should return NULL if any of its parts fail.

Leave the error handling up to its callers.

ok reyk

OpenBSD — usr.sbin/ldapd ber.c, usr.sbin/smtpd ber.c

ber_printf_elements should return NULL if any of its parts fail.

Leave the error handling up to its callers.

ok reyk

Bitrig — usr.sbin/ldapd ber.c, usr.sbin/smtpd ber.c

ber_printf_elements should return NULL if any of its parts fail.

Leave the error handling up to its callers.

ok reyk

Bitrig — sbin/iked parse.y, usr.sbin/httpd parse.y

Use AI_ADDRCONFIG when resolv hosts on startup.

OK henning@

OpenBSD — sbin/iked parse.y, usr.sbin/httpd parse.y

Use AI_ADDRCONFIG when resolv hosts on startup.

OK henning@

Bitrig — sbin/iked parse.y, usr.sbin/httpd parse.y

Use AI_ADDRCONFIG when resolv hosts on startup.

OK henning@

Bitrig — lib/libssl/man Makefile, lib/libssl/src/doc/ssl SSL_CTX_use_certificate.3

Rename SSL_CTX_use_certificate_chain() to SSL_CTX_use_certificate_chain_mem().

As discussed with beck@ jsing@ and others
OK beck@

Bitrig — lib/libssl/man Makefile, lib/libssl/src/doc/ssl SSL_CTX_use_certificate.3

Rename SSL_CTX_use_certificate_chain() to SSL_CTX_use_certificate_chain_mem().

As discussed with beck@ jsing@ and others
OK beck@

OpenBSD — lib/libssl/man Makefile, lib/libssl/src/doc/ssl SSL_CTX_use_certificate.3

Rename SSL_CTX_use_certificate_chain() to SSL_CTX_use_certificate_chain_mem().

As discussed with beck@ jsing@ and others
OK beck@

NetBSD — doc 3RDPARTY, external/ibm-public/postfix/dist HISTORY makedefs

Pullup the following, requested by tron in ticket #459:

        doc/3RDPARTY                                        1.1195
        external/ibm-public/postfix/dist/HISTORY        patch
        external/ibm-public/postfix/dist/makedefs        patch
        external/ibm-public/postfix/dist/src/cleanup/cleanup.h patch
        external/ibm-public/postfix/dist/src/cleanup/cleanup_message.c patch
        external/ibm-public/postfix/dist/src/cleanup/cleanup_milter.c patch
        external/ibm-public/postfix/dist/src/cleanup/cleanup_state.c patch
        external/ibm-public/postfix/dist/src/global/mail_version.h patch
        external/ibm-public/postfix/dist/src/milter/milter.c patch
        external/ibm-public/postfix/dist/src/milter/milter.h patch
        external/ibm-public/postfix/dist/src/milter/milter8.c patch
        external/ibm-public/postfix/dist/src/qmqpd/qmqpd.c patch
        external/ibm-public/postfix/dist/src/smtpd/smtpd.c patch
        external/ibm-public/postfix/dist/src/smtpd/smtpd_check.c patch

Import Postfix 2.11.3. Changes since version 2.11.1:
- Fix for DMARC implementations based on SPF policy plus DKIM Milter.
  The PREPEND access/policy action added headers ABOVE Postfix's own
  Received: header, exposing Postfix's own Received: header to Milters
  (protocol violation) and hiding the PREPENDed header from Milters.
  PREPENDed headers are now added BELOW Postfix's own Received: header
  and remain visible to Milters.
- The Postfix SMTP server logged an incorrect client name in reject

    [11 lines not shown]

NetBSD — doc 3RDPARTY, external/ibm-public/postfix/dist HISTORY makedefs

Pullup the following, requested by tron in ticket #459:

        doc/3RDPARTY                                        1.1195
        external/ibm-public/postfix/dist/HISTORY        patch
        external/ibm-public/postfix/dist/makedefs        patch
        external/ibm-public/postfix/dist/src/cleanup/cleanup.h patch
        external/ibm-public/postfix/dist/src/cleanup/cleanup_message.c patch
        external/ibm-public/postfix/dist/src/cleanup/cleanup_milter.c patch
        external/ibm-public/postfix/dist/src/cleanup/cleanup_state.c patch
        external/ibm-public/postfix/dist/src/global/mail_version.h patch
        external/ibm-public/postfix/dist/src/milter/milter.c patch
        external/ibm-public/postfix/dist/src/milter/milter.h patch
        external/ibm-public/postfix/dist/src/milter/milter8.c patch
        external/ibm-public/postfix/dist/src/qmqpd/qmqpd.c patch
        external/ibm-public/postfix/dist/src/smtpd/smtpd.c patch
        external/ibm-public/postfix/dist/src/smtpd/smtpd_check.c patch

Import Postfix 2.11.3. Changes since version 2.11.1:
- Fix for DMARC implementations based on SPF policy plus DKIM Milter.
  The PREPEND access/policy action added headers ABOVE Postfix's own
  Received: header, exposing Postfix's own Received: header to Milters
  (protocol violation) and hiding the PREPENDed header from Milters.
  PREPENDed headers are now added BELOW Postfix's own Received: header
  and remain visible to Milters.
- The Postfix SMTP server logged an incorrect client name in reject

    [11 lines not shown]

EdgeBSD — doc 3RDPARTY, external/ibm-public/postfix/dist HISTORY makedefs

Pullup the following, requested by tron in ticket #459:

        doc/3RDPARTY                                        1.1195
        external/ibm-public/postfix/dist/HISTORY        patch
        external/ibm-public/postfix/dist/makedefs        patch
        external/ibm-public/postfix/dist/src/cleanup/cleanup.h patch
        external/ibm-public/postfix/dist/src/cleanup/cleanup_message.c patch
        external/ibm-public/postfix/dist/src/cleanup/cleanup_milter.c patch
        external/ibm-public/postfix/dist/src/cleanup/cleanup_state.c patch
        external/ibm-public/postfix/dist/src/global/mail_version.h patch
        external/ibm-public/postfix/dist/src/milter/milter.c patch
        external/ibm-public/postfix/dist/src/milter/milter.h patch
        external/ibm-public/postfix/dist/src/milter/milter8.c patch
        external/ibm-public/postfix/dist/src/qmqpd/qmqpd.c patch
        external/ibm-public/postfix/dist/src/smtpd/smtpd.c patch
        external/ibm-public/postfix/dist/src/smtpd/smtpd_check.c patch

Import Postfix 2.11.3. Changes since version 2.11.1:
- Fix for DMARC implementations based on SPF policy plus DKIM Milter.
  The PREPEND access/policy action added headers ABOVE Postfix's own
  Received: header, exposing Postfix's own Received: header to Milters
  (protocol violation) and hiding the PREPENDed header from Milters.
  PREPENDed headers are now added BELOW Postfix's own Received: header
  and remain visible to Milters.
- The Postfix SMTP server logged an incorrect client name in reject

    [11 lines not shown]

NetBSD — external/ibm-public/postfix/dist makedefs, external/ibm-public/postfix/dist/src/cleanup cleanup.h

Resolve conflicts from last import.

NetBSD — external/ibm-public/postfix/dist makedefs, external/ibm-public/postfix/dist/src/cleanup cleanup.h

Resolve conflicts from last import.

NetBSD — external/ibm-public/postfix/dist makedefs, external/ibm-public/postfix/dist/src/cleanup cleanup.h

Resolve conflicts from last import.

NetBSD — external/ibm-public/postfix/dist HISTORY, external/ibm-public/postfix/dist/src/cleanup cleanup_message.c cleanup_state.c

Import Postfix 2.11.3. Changes since version 2.11.1:
- Fix for DMARC implementations based on SPF policy plus DKIM Milter. The
  PREPEND access/policy action added headers ABOVE Postfix's own Received:
  header, exposing Postfix's own Received: header to Milters (protocol
  violation) and hiding the PREPENDed header from Milters. PREPENDed
  headers are now added BELOW Postfix's own Received: header and remain
  visible to Milters.
- The Postfix SMTP server logged an incorrect client name in reject
  messages for check_reverse_client_hostname_access and
  check_reverse_client_hostname_{mx,ns}_access. They replied with the
  verified client name, instead of the name that was rejected.
- The TLS client logged that an anonymous TLS connection was "Untrusted",
  instead of "Anonymous".
- Fix for configurations that prepend message headers with Postfix access
  maps, policy servers or Milter applications. Postfix now hides its own
  Received: header from Milters and exposes prepended headers to Milters,
  regardless of the mechanism used to prepend a header. This fix reverts
  a partial solution that was released on October 13, 2014, and replaces
  it with a complete solution.

NetBSD — external/ibm-public/postfix/dist HISTORY, external/ibm-public/postfix/dist/src/cleanup cleanup_message.c cleanup_state.c

Import Postfix 2.11.3. Changes since version 2.11.1:
- Fix for DMARC implementations based on SPF policy plus DKIM Milter. The
  PREPEND access/policy action added headers ABOVE Postfix's own Received:
  header, exposing Postfix's own Received: header to Milters (protocol
  violation) and hiding the PREPENDed header from Milters. PREPENDed
  headers are now added BELOW Postfix's own Received: header and remain
  visible to Milters.
- The Postfix SMTP server logged an incorrect client name in reject
  messages for check_reverse_client_hostname_access and
  check_reverse_client_hostname_{mx,ns}_access. They replied with the
  verified client name, instead of the name that was rejected.
- The TLS client logged that an anonymous TLS connection was "Untrusted",
  instead of "Anonymous".
- Fix for configurations that prepend message headers with Postfix access
  maps, policy servers or Milter applications. Postfix now hides its own
  Received: header from Milters and exposes prepended headers to Milters,
  regardless of the mechanism used to prepend a header. This fix reverts
  a partial solution that was released on October 13, 2014, and replaces
  it with a complete solution.

NetBSD — external/ibm-public/postfix/dist HISTORY makedefs, external/ibm-public/postfix/dist/src/cleanup cleanup_message.c cleanup_state.c

Import Postfix 2.11.3. Changes since version 2.11.1:
- Fix for DMARC implementations based on SPF policy plus DKIM Milter. The
  PREPEND access/policy action added headers ABOVE Postfix's own Received:
  header, exposing Postfix's own Received: header to Milters (protocol
  violation) and hiding the PREPENDed header from Milters. PREPENDed
  headers are now added BELOW Postfix's own Received: header and remain
  visible to Milters.
- The Postfix SMTP server logged an incorrect client name in reject
  messages for check_reverse_client_hostname_access and
  check_reverse_client_hostname_{mx,ns}_access. They replied with the
  verified client name, instead of the name that was rejected.
- The TLS client logged that an anonymous TLS connection was "Untrusted",
  instead of "Anonymous".
- Fix for configurations that prepend message headers with Postfix access
  maps, policy servers or Milter applications. Postfix now hides its own
  Received: header from Milters and exposes prepended headers to Milters,
  regardless of the mechanism used to prepend a header. This fix reverts
  a partial solution that was released on October 13, 2014, and replaces
  it with a complete solution.

NetBSD — external/ibm-public/postfix/dist HISTORY, external/ibm-public/postfix/dist/src/cleanup cleanup_message.c cleanup_state.c

Import Postfix 2.11.3. Changes since version 2.11.1:
- Fix for DMARC implementations based on SPF policy plus DKIM Milter. The
  PREPEND access/policy action added headers ABOVE Postfix's own Received:
  header, exposing Postfix's own Received: header to Milters (protocol
  violation) and hiding the PREPENDed header from Milters. PREPENDed
  headers are now added BELOW Postfix's own Received: header and remain
  visible to Milters.
- The Postfix SMTP server logged an incorrect client name in reject
  messages for check_reverse_client_hostname_access and
  check_reverse_client_hostname_{mx,ns}_access. They replied with the
  verified client name, instead of the name that was rejected.
- The TLS client logged that an anonymous TLS connection was "Untrusted",
  instead of "Anonymous".
- Fix for configurations that prepend message headers with Postfix access
  maps, policy servers or Milter applications. Postfix now hides its own
  Received: header from Milters and exposes prepended headers to Milters,
  regardless of the mechanism used to prepend a header. This fix reverts
  a partial solution that was released on October 13, 2014, and replaces
  it with a complete solution.

OpenBSD — usr.sbin/relayd ssl_privsep.c relayd.h, usr.sbin/smtpd ssl_privsep.c ssl.h

LibreSSL now supports loading of CA certificates from memory, replace
the internal and long-serving ssl_ctx_load_verify_memory() function
with a call to the SSL_CTX_load_verify_mem() API function.  The
ssl_privsep.c file with hacks for using OpenSSL in privsep'ed
processes can now go away; portable versions of smtpd and relayd
should start depending on LibreSSL or they have to carry ssl_privsep.c
in openbsd-compat to work with legacy OpenSSL.  No functional change.

Based on previous discussions with gilles@ bluhm@ and many others
OK bluhm@ (as part of the libcrypto/libssl/libtls diff)

Bitrig — usr.sbin/relayd ssl_privsep.c relayd.h, usr.sbin/smtpd ssl_privsep.c ssl.h

LibreSSL now supports loading of CA certificates from memory, replace
the internal and long-serving ssl_ctx_load_verify_memory() function
with a call to the SSL_CTX_load_verify_mem() API function.  The
ssl_privsep.c file with hacks for using OpenSSL in privsep'ed
processes can now go away; portable versions of smtpd and relayd
should start depending on LibreSSL or they have to carry ssl_privsep.c
in openbsd-compat to work with legacy OpenSSL.  No functional change.

Based on previous discussions with gilles@ bluhm@ and many others
OK bluhm@ (as part of the libcrypto/libssl/libtls diff)

Bitrig — usr.sbin/relayd ssl_privsep.c relayd.h, usr.sbin/smtpd ssl_privsep.c ssl.h

LibreSSL now supports loading of CA certificates from memory, replace
the internal and long-serving ssl_ctx_load_verify_memory() function
with a call to the SSL_CTX_load_verify_mem() API function.  The
ssl_privsep.c file with hacks for using OpenSSL in privsep'ed
processes can now go away; portable versions of smtpd and relayd
should start depending on LibreSSL or they have to carry ssl_privsep.c
in openbsd-compat to work with legacy OpenSSL.  No functional change.

Based on previous discussions with gilles@ bluhm@ and many others
OK bluhm@ (as part of the libcrypto/libssl/libtls diff)

Bitrig — usr.sbin/smtpd smtpd.h queue_fs.c

use <limits.h> comprehensively.  For now try to push <> includes to
each .c file, and out of the .h files.  To avoid overinclude.
ok gilles, in principle.  If this has been done right, -portable should
become easier to maintain.
Delta File
+38 -38 usr.sbin/smtpd/smtpd.h
+16 -16 usr.sbin/smtpd/queue_fs.c
+14 -14 usr.sbin/smtpd/smtp_session.c
+10 -10 usr.sbin/smtpd/smtpd.c
+9 -7 usr.sbin/smtpd/table.c
+8 -8 usr.sbin/smtpd/mta.c
+198 -131 61 files not shown
+293 -224 67 files

OpenBSD — usr.sbin/smtpd smtpd.h queue_fs.c

use <limits.h> comprehensively.  For now try to push <> includes to
each .c file, and out of the .h files.  To avoid overinclude.
ok gilles, in principle.  If this has been done right, -portable should
become easier to maintain.
Delta File
+38 -38 usr.sbin/smtpd/smtpd.h
+16 -16 usr.sbin/smtpd/queue_fs.c
+14 -14 usr.sbin/smtpd/smtp_session.c
+10 -10 usr.sbin/smtpd/smtpd.c
+9 -7 usr.sbin/smtpd/table.c
+8 -8 usr.sbin/smtpd/mta.c
+198 -131 61 files not shown
+293 -224 67 files

Bitrig — usr.sbin/smtpd smtpd.h queue_fs.c

use <limits.h> comprehensively.  For now try to push <> includes to
each .c file, and out of the .h files.  To avoid overinclude.
ok gilles, in principle.  If this has been done right, -portable should
become easier to maintain.
Delta File
+38 -38 usr.sbin/smtpd/smtpd.h
+16 -16 usr.sbin/smtpd/queue_fs.c
+14 -14 usr.sbin/smtpd/smtp_session.c
+10 -10 usr.sbin/smtpd/smtpd.c
+9 -7 usr.sbin/smtpd/table.c
+8 -8 usr.sbin/smtpd/mta.c
+198 -131 61 files not shown
+293 -224 67 files