Import Postfix 2.11.3. Changes since version 2.11.1:

- Fix for DMARC implementations based on SPF policy plus DKIM Milter. The
  PREPEND access/policy action added headers ABOVE Postfix's own Received:
  header, exposing Postfix's own Received: header to Milters (protocol
  violation) and hiding the PREPENDed header from Milters. PREPENDed
  headers are now added BELOW Postfix's own Received: header and remain
  visible to Milters.
- The Postfix SMTP server logged an incorrect client name in reject
  messages for check_reverse_client_hostname_access and
  check_reverse_client_hostname_{mx,ns}_access. They replied with the
  verified client name, instead of the name that was rejected.
- The TLS client logged that an anonymous TLS connection was "Untrusted",
  instead of "Anonymous".
- Fix for configurations that prepend message headers with Postfix access
  maps, policy servers or Milter applications. Postfix now hides its own
  Received: header from Milters and exposes prepended headers to Milters,
  regardless of the mechanism used to prepend a header. This fix reverts
  a partial solution that was released on October 13, 2014, and replaces
  it with a complete solution.

external/ibm-public/postfix/dist/HISTORY

@@ -19574,3 +19574,47 @@ Apologies for any names omitted.
 	reported by Sahil Tandon, predicate error found by Viktor,
 	redundant connection restore request eliminated by Wietse.
 	File: smtp/smtp_connect.c.
+
+20140619
+
+	Bugfix (introduced: 2001): qmqpd null pointer bug when it
+	logs a lost connection while not in a mail transaction.
+	Reported by Michal Adamek. File: qmqpd/qmqpd.c.
+
+20140920
+
+	Bugfix (introduced: 20080212): incorrect client name in
+	reject messages from check_reverse_client_hostname_access
+	and check_reverse_client_hostname_{mx,ns}_access.  They
+	replied with the verified client name, instead of the name
+	that was rejected.  Problem reported by Reindl Harald. File:
+	smtpd/smtpd_check.c.
+
+20141012
+
+	Bugfix (introduced: Postfix 2.3): the PREPEND access/policy
+	action added headers ABOVE Postfix's own Received: header,
+	exposing Postfix's own Received: header to Milters (protocol
+	violation) and hiding the PREPENDed header from Milters.
+	The latter caused problems for DMARC implementations with
+	SPF policy plus DKIM Milter.  PREPENDed headers are now
+	added BELOW Postfix's own Received: header and remain visible
+	to Milters. File: smtpd/smtpd.c.
+
+20141014
+
+	Portability: Darwin 11.x needs to link with -lresolv. Viktor
+	Dukhovni. File: makedefs.
+
+20141018
+
+	Bugfix (introduced: Postfix 2.3): when a Milter inserted a
+	header ABOVE Postfix's own Received: header, Postfix would
+	expose its own Received: header to Milters (violating
+	protocol) and hide the Milter-inserted header from Milters
+	(wtf).  Files: cleanup/cleanup.h, cleanup/cleanup_message.c,
+	cleanup/cleanup_state.c, milter/milter.[hc], milter/milter8.c.
+
+	Cleanup: revert the workaround that places headers inserted
+	with PREPEND actions or policy requests BELOW Postfix's own
+	Received: message header. File: smtpd/smtpd.c.

external/ibm-public/postfix/dist/src/cleanup/cleanup_message.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: cleanup_message.c,v 1.1.1.4 2014/07/06 19:27:50 tron Exp $	*/
+/*	$NetBSD: cleanup_message.c,v 1.1.1.5 2015/01/24 18:08:23 tron Exp $	*/
 
 /*++
 /* NAME
@@ -481,6 +481,10 @@ static void cleanup_header_callback(void *context, int header_class,
     if (hdr_opts && (hdr_opts->flags & HDR_OPT_MIME))
 	header_class = MIME_HDR_MULTIPART;
 
+    /* Update the Received: header count before maybe dropping headers below. */
+    if (hdr_opts && hdr_opts->type == HDR_RECEIVED)
+	state->hop_count += 1;
+
     if ((state->flags & CLEANUP_FLAG_FILTER)
 	&& (CHECK(MIME_HDR_PRIMARY, cleanup_header_checks, VAR_HEADER_CHECKS)
     || CHECK(MIME_HDR_MULTIPART, cleanup_mimehdr_checks, VAR_MIMEHDR_CHECKS)
@@ -581,9 +585,13 @@ static void cleanup_header_callback(void *context, int header_class,
 	    msg_info("%s: message-id=%s", state->queue_id, hdrval);
 	if (hdr_opts->type == HDR_RESENT_MESSAGE_ID)
 	    msg_info("%s: resent-message-id=%s", state->queue_id, hdrval);
-	if (hdr_opts->type == HDR_RECEIVED)
-	    if (++state->hop_count >= var_hopcount_limit)
+	if (hdr_opts->type == HDR_RECEIVED) {
+	    if (state->hop_count >= var_hopcount_limit)
 		state->errs |= CLEANUP_STAT_HOPS;
+	    /* Save our Received: header after maybe updating headers above. */
+	    if (state->hop_count == 1)
+		argv_add(state->auto_hdrs, vstring_str(header_buf), ARGV_END);
+	}
 	if (CLEANUP_OUT_OK(state)) {
 	    if (hdr_opts->flags & HDR_OPT_RR)
 		state->resent = "Resent-";

external/ibm-public/postfix/dist/src/cleanup/cleanup_milter.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: cleanup_milter.c,v 1.1.1.8 2014/07/06 19:27:50 tron Exp $	*/
+/*	$NetBSD: cleanup_milter.c,v 1.1.1.9 2015/01/24 18:08:23 tron Exp $	*/
 
 /*++
 /* NAME
@@ -2022,7 +2022,7 @@ void    cleanup_milter_inspect(CLEANUP_STATE *state, MILTERS *milters)
      * filter library.
      */
     if ((resp = milter_message(milters, state->handle->stream,
-			       state->data_offset)) != 0)
+			       state->data_offset, state->auto_hdrs)) != 0)
 	cleanup_milter_apply(state, "END-OF-MESSAGE", resp);
 
     /*

external/ibm-public/postfix/dist/src/cleanup/cleanup_state.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: cleanup_state.c,v 1.1.1.3 2014/07/06 19:27:50 tron Exp $	*/
+/*	$NetBSD: cleanup_state.c,v 1.1.1.4 2015/01/24 18:08:23 tron Exp $	*/
 
 /*++
 /* NAME
@@ -80,6 +80,7 @@ CLEANUP_STATE *cleanup_state_alloc(VSTREAM *src)
     state->orig_rcpt = 0;
     state->return_receipt = 0;
     state->errors_to = 0;
+    state->auto_hdrs = argv_alloc(1);
     state->flags = 0;
     state->qmgr_opts = 0;
     state->errs = 0;
@@ -153,6 +154,7 @@ void    cleanup_state_free(CLEANUP_STATE *state)
 	myfree(state->return_receipt);
     if (state->errors_to)
 	myfree(state->errors_to);
+    argv_free(state->auto_hdrs);
     if (state->queue_name)
 	myfree(state->queue_name);
     if (state->queue_id)

external/ibm-public/postfix/dist/src/global/mail_version.h

@@ -1,4 +1,4 @@
-/*	$NetBSD: mail_version.h,v 1.1.1.21 2014/07/06 19:27:51 tron Exp $	*/
+/*	$NetBSD: mail_version.h,v 1.1.1.22 2015/01/24 18:08:25 tron Exp $	*/
 
 #ifndef _MAIL_VERSION_H_INCLUDED_
 #define _MAIL_VERSION_H_INCLUDED_
@@ -22,8 +22,8 @@
   * Patches change both the patchlevel and the release date. Snapshots have no
   * patchlevel; they change the release date only.
   */
-#define MAIL_RELEASE_DATE	"20140507"
-#define MAIL_VERSION_NUMBER	"2.11.1"
+#define MAIL_RELEASE_DATE	"20141019"
+#define MAIL_VERSION_NUMBER	"2.11.3"
 
 #ifdef SNAPSHOT
 #define MAIL_VERSION_DATE	"-" MAIL_RELEASE_DATE

external/ibm-public/postfix/dist/src/milter/milter.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: milter.c,v 1.1.1.3 2013/01/02 18:59:01 tron Exp $	*/
+/*	$NetBSD: milter.c,v 1.1.1.4 2015/01/24 18:08:26 tron Exp $	*/
 
 /*++
 /* NAME
@@ -87,10 +87,11 @@
 /*	const char *milter_other_event(milters)
 /*	MILTERS	*milters;
 /*
-/*	const char *milter_message(milters, qfile, data_offset)
+/*	const char *milter_message(milters, qfile, data_offset, auto_hdrs)
 /*	MILTERS	*milters;
 /*	VSTREAM *qfile;
 /*	off_t	data_offset;
+/*	ARGV	*auto_hdrs;
 /*
 /*	const char *milter_abort(milters)
 /*	MILTERS	*milters;
@@ -483,7 +484,8 @@ const char *milter_other_event(MILTERS *milters)
 
 /* milter_message - inspect message content */
 
-const char *milter_message(MILTERS *milters, VSTREAM *fp, off_t data_offset)
+const char *milter_message(MILTERS *milters, VSTREAM *fp, off_t data_offset,
+			           ARGV *auto_hdrs)
 {
     const char *resp;
     MILTER *m;
@@ -497,7 +499,8 @@ const char *milter_message(MILTERS *milters, VSTREAM *fp, off_t data_offset)
     for (resp = 0, m = milters->milter_list; resp == 0 && m != 0; m = m->next) {
 	any_eoh_macros = MILTER_MACRO_EVAL(global_eoh_macros, m, milters, eoh_macros);
 	any_eod_macros = MILTER_MACRO_EVAL(global_eod_macros, m, milters, eod_macros);
-	resp = m->message(m, fp, data_offset, any_eoh_macros, any_eod_macros);
+	resp = m->message(m, fp, data_offset, any_eoh_macros, any_eod_macros,
+			  auto_hdrs);
 	if (any_eoh_macros != global_eoh_macros)
 	    argv_free(any_eoh_macros);
 	if (any_eod_macros != global_eod_macros)

external/ibm-public/postfix/dist/src/milter/milter.h

@@ -1,4 +1,4 @@
-/*	$NetBSD: milter.h,v 1.1.1.1 2009/06/23 10:08:49 tron Exp $	*/
+/*	$NetBSD: milter.h,v 1.1.1.2 2015/01/24 18:08:26 tron Exp $	*/
 
 #ifndef _MILTER_H_INCLUDED_
 #define _MILTER_H_INCLUDED_
@@ -42,7 +42,7 @@ typedef struct MILTER {
     const char *(*mail_event) (struct MILTER *, const char **, ARGV *);
     const char *(*rcpt_event) (struct MILTER *, const char **, ARGV *);
     const char *(*data_event) (struct MILTER *, ARGV *);
-    const char *(*message) (struct MILTER *, VSTREAM *, off_t, ARGV *, ARGV *);
+    const char *(*message) (struct MILTER *, VSTREAM *, off_t, ARGV *, ARGV *, ARGV *);
     const char *(*unknown_event) (struct MILTER *, const char *, ARGV *);
     const char *(*other_event) (struct MILTER *);
     void    (*abort) (struct MILTER *);
@@ -138,7 +138,7 @@ extern const char *milter_helo_event(MILTERS *, const char *, int);
 extern const char *milter_mail_event(MILTERS *, const char **);
 extern const char *milter_rcpt_event(MILTERS *, int, const char **);
 extern const char *milter_data_event(MILTERS *);
-extern const char *milter_message(MILTERS *, VSTREAM *, off_t);
+extern const char *milter_message(MILTERS *, VSTREAM *, off_t, ARGV *);
 extern const char *milter_unknown_event(MILTERS *, const char *);
 extern const char *milter_other_event(MILTERS *);
 extern void milter_abort(MILTERS *);

external/ibm-public/postfix/dist/src/milter/milter8.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: milter8.c,v 1.1.1.7 2014/07/06 19:27:52 tron Exp $	*/
+/*	$NetBSD: milter8.c,v 1.1.1.8 2015/01/24 18:08:26 tron Exp $	*/
 
 /*++
 /* NAME
@@ -2287,6 +2287,8 @@ typedef struct {
     MILTER8 *milter;			/* milter client */
     ARGV   *eoh_macros;			/* end-of-header macros */
     ARGV   *eod_macros;			/* end-of-body macros */
+    ARGV   *auto_hdrs;			/* auto-generated headers */
+    int     auto_done;			/* good enough for now */
     int     first_header;		/* first header */
     int     first_body;			/* first body line */
     const char *resp;			/* milter application response */
@@ -2303,6 +2305,8 @@ static void milter8_header(void *ptr, int unused_header_class,
     MILTER8 *milter = msg_ctx->milter;
     char   *cp;
     int     skip_reply;
+    char  **cpp;
+    unsigned done;
 
     /*
      * XXX Workaround: mime_state_update() may invoke multiple call-backs
@@ -2331,8 +2335,9 @@ static void milter8_header(void *ptr, int unused_header_class,
      * XXX Sendmail compatibility. It eats the first space (not tab) after the
      * header label and ":".
      */
-    if (msg_ctx->first_header) {
-	msg_ctx->first_header = 0;
+    for (cpp = msg_ctx->auto_hdrs->argv, done = 1; *cpp; cpp++, done <<= 1)
+	if ((msg_ctx->auto_done & done) == 0 && strcmp(*cpp, STR(buf)) == 0) {
+	    msg_ctx->auto_done |= done;
 	    return;
 	}
 
@@ -2509,7 +2514,8 @@ static void milter8_eob(void *ptr)
 static const char *milter8_message(MILTER *m, VSTREAM *qfile,
 				           off_t data_offset,
 				           ARGV *eoh_macros,
-				           ARGV *eod_macros)
+				           ARGV *eod_macros,
+				           ARGV *auto_hdrs)
 {
     const char *myname = "milter8_message";
     MILTER8 *milter = (MILTER8 *) m;
@@ -2543,6 +2549,8 @@ static const char *milter8_message(MILTER *m, VSTREAM *qfile,
 	msg_ctx.milter = milter;
 	msg_ctx.eoh_macros = eoh_macros;
 	msg_ctx.eod_macros = eod_macros;
+	msg_ctx.auto_hdrs = auto_hdrs;
+	msg_ctx.auto_done = 0;
 	msg_ctx.first_header = 1;
 	msg_ctx.first_body = 1;
 	msg_ctx.resp = 0;

external/ibm-public/postfix/dist/src/qmqpd/qmqpd.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: qmqpd.c,v 1.1.1.4 2013/09/25 19:06:34 tron Exp $	*/
+/*	$NetBSD: qmqpd.c,v 1.1.1.5 2015/01/24 18:08:29 tron Exp $	*/
 
 /*++
 /* NAME
@@ -708,7 +708,8 @@ static void qmqpd_proto(QMQPD_STATE *state)
      */
     if (state->reason && state->where)
 	msg_info("%s: %s: %s while %s",
-	      state->queue_id, state->namaddr, state->reason, state->where);
+		 state->queue_id ? state->queue_id : "NOQUEUE",
+		 state->namaddr, state->reason, state->where);
 }
 
 /* qmqpd_service - service one client */

external/ibm-public/postfix/dist/src/smtpd/smtpd_check.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: smtpd_check.c,v 1.1.1.9 2014/07/06 19:27:56 tron Exp $	*/
+/*	$NetBSD: smtpd_check.c,v 1.1.1.10 2015/01/24 18:08:30 tron Exp $	*/
 
 /*++
 /* NAME
@@ -3846,7 +3846,7 @@ static int generic_checks(SMTPD_STATE *state, ARGV *restrictions,
 					 SMTPD_NAME_CLIENT, def_acl);
 	} else if (is_map_command(state, name, CHECK_REVERSE_CLIENT_ACL, &cpp)) {
 	    status = check_namadr_access(state, *cpp, state->reverse_name, state->addr,
-					 FULL, &found, state->namaddr,
+					 FULL, &found, state->reverse_name,
 					 SMTPD_NAME_REV_CLIENT, def_acl);
 	    forbid_whitelist(state, name, status, state->reverse_name);
 	} else if (strcasecmp(name, REJECT_MAPS_RBL) == 0) {
@@ -3929,14 +3929,14 @@ static int generic_checks(SMTPD_STATE *state, ARGV *restrictions,
 	} else if (is_map_command(state, name, CHECK_REVERSE_CLIENT_NS_ACL, &cpp)) {
 	    if (strcasecmp(state->reverse_name, "unknown") != 0) {
 		status = check_server_access(state, *cpp, state->reverse_name,
-					     T_NS, state->namaddr,
+					     T_NS, state->reverse_name,
 					     SMTPD_NAME_REV_CLIENT, def_acl);
 		forbid_whitelist(state, name, status, state->reverse_name);
 	    }
 	} else if (is_map_command(state, name, CHECK_REVERSE_CLIENT_MX_ACL, &cpp)) {
 	    if (strcasecmp(state->reverse_name, "unknown") != 0) {
 		status = check_server_access(state, *cpp, state->reverse_name,
-					     T_MX, state->namaddr,
+					     T_MX, state->reverse_name,
 					     SMTPD_NAME_REV_CLIENT, def_acl);
 		forbid_whitelist(state, name, status, state->reverse_name);
 	    }