libexec/dma: upgrade from 0.9+ to 0.13+

Summary of changes:

- use proper sysexits(3) codes
- handle getaddrinfo() failures for SMARTHOSTS gracefully
- improve authentication
- use space instead of

libexec/dma: upgrade from 0.9+ to 0.13+

Summary of changes:

- use proper sysexits(3) codes
- handle getaddrinfo() failures for SMARTHOSTS gracefully
- improve authentication
- use space instead of tab in "From " separator
- improve logging
- refactor dma-mbox-create to use a /var/mail directory fd
- don't limit TLS client to TLSv1
- make MASQUERADE config setting override -f
- add support for RFC976 From_ lines
- add option to verify server certificate fingerprint
- fix RCPT TO to be compliant with RFC5321
- rename SECURETRANS option to SECURETRANSFER

For a complete commit history see:
https://github.com/corecode/dma/commits/master

show more ...

Oops, fix up my previous commit properly.

Fix gcc80 -Wmultistatement-macros.

dma(8): Sync with upstream (22 SEP 2014)

There is only one substantial change: improving mail input format error
message. The remain changes are email address, copyright years, etc.

While here, do

dma(8): Sync with upstream (22 SEP 2014)

There is only one substantial change: improving mail input format error
message. The remain changes are email address, copyright years, etc.

While here, document which files have local modifications by adding a
README.DRAGONFLY file

show more ...

dma(8) : update to version 0.9

* Sources from upstream commit 89702b7f148445240a308a5be65f79891e865a4b

* (minor) local changes are kept.

dma(8): Upgrade to v0.7.

For the change log, see:

https://github.com/corecode/dma/blob/master/debian/changelog

Tested-by: luxh
Submitted-by: corecode

Initial import of binutils 2.22 on the new vendor branch

Future versions of binutils will also reside on this branch rather
than continuing to create new binutils branches for each new version.

dma: don't use sockaddr_storage.ss_len

sockaddr_storage.ss_len is not mandated by POSIX, so we shouldn't use
it. Instead, use addrinfo.ai_addrlen.

dma: don't use __unused

__unused avoids a gcc warning that the parameter is not being used, but
this does not exist in other systems or is overloaded with a different
meaning.

Instead simply use a

dma: don't use __unused

__unused avoids a gcc warning that the parameter is not being used, but
this does not exist in other systems or is overloaded with a different
meaning.

Instead simply use a cast to (void) to silence gcc.

show more ...

dma: defer delivery if STARTTLS fails

dma: treat connect status messages properly

dma: rework config parsing

dma: perform MX lookups

dma: convert to more extensible queue file format

dma: add comments for ESMTP support

dma: treat seek errors as permanent errors

dma: more loudly note that we should query for MX records

dma: drop CVS ids

dma: restructure logging

Don't carry the ident manually. Instead set a global tag once the
ident is fixed.

dma: rework queue handling

dma: pass over the code and improve error handling

dma: clean up network code

- free memory where necessary
- don't just abort without error message
- don't bounce if we want to defer the message

dma: treat encrypted connections as secure

Users have to set the INSECURE config option to allow dma to send
plaintext passwords on login. This commit allows dma to send plaintext
passwords through

dma: treat encrypted connections as secure

Users have to set the INSECURE config option to allow dma to send
plaintext passwords on login. This commit allows dma to send plaintext
passwords through TLS connections even if the INSECURE config option is
not set.

The downside is that this allows a man-in-the-middle attack on the
password exchange. The only solution to this is checking the server
certificate, but we don't do that (yet).

show more ...

dma: properly close and free SSL connection state

dma: unconditionally use openssl

Drop HAVE_CRYPTO and unconditionally use openssl. Dma is supposed to be
small and secure, so there is no way around openssl anyways.