Re: update tradcpp to 0.5.2
On Fri, Aug 31, 2018 at 12:57:14PM +1000, Jonathan Gray wrote: > update tradcpp to 0.5.2 > > release 0.5.2 (20160904) >- Fix typo in -U usage message, noticed by Joerg. >- Add a -debuglog option to send an execution trace to a file. > Intended to be used when debugging imake templates and other > complex input, not for debugging tradcpp itself. > > release 0.5.1 (20150612) >- Fix a stupid regression in 0.5 that causes it to not recognize a > pile of options. >- Fix output corruption caused by mishandling which macros are > currently in use. In particular, "curmacro" is only valid while > we're parsing a macro name and arguments, and can change once we > start expanding, so don't use it to clear the in-use flag. This > problem has been around all along but was only just exposed. >- Also don't set curmacro to null after calling expand_domacro as > that can cause us to think a macro name we just read is defined(). > This one was introduced in 0.5. >- Don't use "remove" as a local variable as gcc 4.1 gets upset > about it vs. remove(3) in stdio.h. > > release 0.5 (20150612) >- Don't report unclosed comments as "No newline at end of file". >- Don't rely on existing, as (predictably) it doesn't > work on Solaris. >- Similarly, don't rely on C11 anonymous unions as the Solaris > compiler vomits on them. >- Typo fix in man page from Jason McIntyre; and change "Usage" to > "usage" in usage for pedantic reasons, from Igor Sobrado. >- Accept "-" as either input or output file name to mean stdin or > stdout respectively. Suggested by Jonathan Gray. >- Fix output spacing behavior to match gcc when newlines appear in or > while looking for macro arguments. Partly from Joerg Sonnenberger. >- Implement __FILE__ and __LINE__ macros. Mostly from Joerg Sonnenberger. >- Implement #line. Partly from Joerg Sonnenberger. >- Declare usage() with PF(). From wiz. When reading over the patch I noticed a few "unsigned" declarations which could be expanded to "unsigned int", but some existing decls already use unsigned so it could be done as a separate patch later. Overall I think this is worth having even just for __LINE__ & __FILE__, so it's OK miko@ as is.
update tradcpp to 0.5.2
update tradcpp to 0.5.2 release 0.5.2 (20160904) - Fix typo in -U usage message, noticed by Joerg. - Add a -debuglog option to send an execution trace to a file. Intended to be used when debugging imake templates and other complex input, not for debugging tradcpp itself. release 0.5.1 (20150612) - Fix a stupid regression in 0.5 that causes it to not recognize a pile of options. - Fix output corruption caused by mishandling which macros are currently in use. In particular, "curmacro" is only valid while we're parsing a macro name and arguments, and can change once we start expanding, so don't use it to clear the in-use flag. This problem has been around all along but was only just exposed. - Also don't set curmacro to null after calling expand_domacro as that can cause us to think a macro name we just read is defined(). This one was introduced in 0.5. - Don't use "remove" as a local variable as gcc 4.1 gets upset about it vs. remove(3) in stdio.h. release 0.5 (20150612) - Don't report unclosed comments as "No newline at end of file". - Don't rely on existing, as (predictably) it doesn't work on Solaris. - Similarly, don't rely on C11 anonymous unions as the Solaris compiler vomits on them. - Typo fix in man page from Jason McIntyre; and change "Usage" to "usage" in usage for pedantic reasons, from Igor Sobrado. - Accept "-" as either input or output file name to mean stdin or stdout respectively. Suggested by Jonathan Gray. - Fix output spacing behavior to match gcc when newlines appear in or while looking for macro arguments. Partly from Joerg Sonnenberger. - Implement __FILE__ and __LINE__ macros. Mostly from Joerg Sonnenberger. - Implement #line. Partly from Joerg Sonnenberger. - Declare usage() with PF(). From wiz. Index: array.h === RCS file: /cvs/src/libexec/tradcpp/array.h,v retrieving revision 1.1 diff -u -p -r1.1 array.h --- array.h 30 Jul 2014 16:33:11 - 1.1 +++ array.h 31 Aug 2018 02:12:53 - @@ -253,7 +253,7 @@ array_add(struct array *a, void *val, un #define DEFARRAY(T, INLINE) DEFARRAY_BYTYPE(T##array, struct T, INLINE) #define DESTROYALL_ARRAY(T, INLINE) \ - void T##array_destroyall(struct T##array *arr); \ + INLINE void T##array_destroyall(struct T##array *arr); \ \ INLINE void \ T##array_destroyall(struct T##array *arr) \ Index: bool.h === RCS file: bool.h diff -N bool.h --- /dev/null 1 Jan 1970 00:00:00 - +++ bool.h 31 Aug 2018 02:27:18 - @@ -0,0 +1,41 @@ +/*- + * Copyright (c) 2015 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by David A. Holland. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + *notice, this list of conditions and the following disclaimer in the + *documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#ifndef BOOL_H +#define BOOL_H + +#if __STDC__ > 199901 +#include +#else +typedef int bool; +#define true 1 +#define false 0 +#endif + +#endif /* BOOL_H */ Index: directive.c === RCS file: /cvs/src/libexec/tradcpp/directive.c,v retrieving revision 1.1 diff -u -p -r1.1 directive.c --- directive.c 30 Jul 2014 16:33:11 - 1.1 +++ directive.c 31 Aug 2018 02:12:53 - @@ -28,10 +28,12 @@ */ #include -#include #include #include +#include +#include +#include "bool.h" #include "utils.h" #include "mode.h" #include "place.h" @@ -175,13 +177,16 @@
Re: install.sub - disklabel template modification
On August 30, 2018 3:27:07 PM GMT+02:00, "Jiri B." wrote:
>Hi,
>
>if somebody would put into install.conf following line:
>
> URL to autopartitioning template for disklabel = /disklabel.template
>
>ftp would end in its prompt.
>
># ftp -Vo - /disklabel.template
>
>ftp: /disklabel.template: no address associated with name
>ftp>
>
>I took current check for ramdisk local {install,upgrade}.conf
>
> 649:[[ -f $_rf ]] && _rf="file://$_rf"
>
>and added it to disklabel_autolayout(), so installer would know
>how to handle path to ramdisk's local disklabel template without
>file:// uri.
But it doesn't solve the problem. How about "/nonexistent_file"?
Will a simple
>Jiri
>
>---%>---
>diff --git distrib/miniroot/install.sub distrib/miniroot/install.sub
>index 740064a86a8..63ecf5cab14 100644
>--- distrib/miniroot/install.sub
>+++ distrib/miniroot/install.sub
>@@ -414,6 +414,7 @@ disklabel_autolayout() {
> err_exit "https not supported on this platform."
>fi
>echo "Fetching $resp"
>+ [[ -f $resp ]] && resp="file://$resp"
> if unpriv ftp -Vo - "$resp" >$_dl && [[ -s $_dl ]]; then
>disklabel -T $_dl -F $_f -w -A $_disk && return
>err_exit "Autopartitioning failed."
>---%<---
fix: unveil(2) error handling
Hi, I found a little bug in the unveil(2) error handling. After blocking unveil(2) by unveil(NULL, NULL), an additional unveil(2) call sets errno to EINVAL instead of EPERM as the manpage saids: EPERM An attempt to increase permissions was made, or the path was not accessible, or unveil was called after locking. bye, Jan Index: kern/vfs_syscalls.c === RCS file: /cvs/src/sys/kern/vfs_syscalls.c,v retrieving revision 1.304 diff -u -p -r1.304 vfs_syscalls.c --- kern/vfs_syscalls.c 20 Aug 2018 16:00:22 - 1.304 +++ kern/vfs_syscalls.c 30 Aug 2018 20:04:48 - @@ -899,7 +899,7 @@ sys_unveil(struct proc *p, void *v, regi } if (p->p_p->ps_uvdone != 0) - return EINVAL; + return EPERM; error = copyinstr(SCARG(uap, permissions), permissions, sizeof(permissions), NULL);
Re: Call a tdb `tdb'
On Thu, Aug 30, 2018 at 11:10:54AM -0300, Martin Pieuchot wrote: > - export_sa(, sa); /* Export SA information (mostly flags) */ > + export_sa(, tdb); /* Export tdb information (mostly flags) */ I would keep the SA in the comment. anyway OK bluhm@
cp(1) Don't trigger -v if -i causes a skip
Hello tech@,
Don't know if this is too much magic numbers for copy_file, but this
"fixes" the case where we print the verbose line, even if we don't copy
it. This doesn't not happen in mv or rm.
Note that the current implementation also doesn't show a successful
copy of a fifo or special if a prior copy failed:
$ touch /tmp/test1
$ mkfifo /tmp/test2
$ chmod 0 /tmp/test1
$ cp -Rv /tmp/test* /tmp/tmp/
cp: /tmp/test1: Permission denied
$ ls /tmp/tmp
test2
$ ./obj/cp -Rv /tmp/test* /tmp/tmp/
cp: /tmp/test1: Permission denied
/tmp/test2 -> /tmp/tmp/test2
OK?
martijn@
Index: cp.c
===
RCS file: /cvs/src/bin/cp/cp.c,v
retrieving revision 1.46
diff -u -p -r1.46 cp.c
--- cp.c27 Jun 2017 21:49:47 - 1.46
+++ cp.c30 Aug 2018 18:43:26 -
@@ -264,7 +264,7 @@ copy(char *argv[], enum op type, int fts
struct stat to_stat;
FTS *ftsp;
FTSENT *curr;
- int base, nlen, rval;
+ int base, cval, nlen, rval;
char *p, *target_mid;
base = 0;
@@ -434,32 +434,35 @@ copy(char *argv[], enum op type, int fts
!fts_dne(curr)))
rval = 1;
} else
- if (copy_file(curr, fts_dne(curr)))
+ if ((cval = copy_file(curr, fts_dne(curr))) ==
1)
rval = 1;
- if (!rval && vflag)
+ if (!cval && vflag)
(void)fprintf(stdout, "%s -> %s\n",
curr->fts_path, to.p_path);
+ cval = 0;
break;
case S_IFIFO:
if (Rflag) {
if (copy_fifo(curr->fts_statp, !fts_dne(curr)))
rval = 1;
} else
- if (copy_file(curr, fts_dne(curr)))
+ if ((cval = copy_file(curr, fts_dne(curr))) ==
1)
rval = 1;
- if (!rval && vflag)
+ if (!cval && vflag)
(void)fprintf(stdout, "%s -> %s\n",
curr->fts_path, to.p_path);
+ cval = 0;
break;
case S_IFSOCK:
warnc(EOPNOTSUPP, "%s", curr->fts_path);
break;
default:
- if (copy_file(curr, fts_dne(curr)))
+ if ((cval = copy_file(curr, fts_dne(curr))) == 1)
rval = 1;
- else if (vflag)
+ if (!cval && vflag)
(void)fprintf(stdout, "%s -> %s\n",
curr->fts_path, to.p_path);
+ cval = 0;
break;
}
}
Index: utils.c
===
RCS file: /cvs/src/bin/cp/utils.c,v
retrieving revision 1.40
diff -u -p -r1.40 utils.c
--- utils.c 27 Jun 2017 21:43:46 - 1.40
+++ utils.c 30 Aug 2018 18:43:26 -
@@ -99,7 +99,7 @@ copy_file(FTSENT *entp, int dne)
ch = getchar();
if (checkch != 'y' && checkch != 'Y') {
(void)close(from_fd);
- return (0);
+ return (2);
}
}
to_fd = open(to.p_path, O_WRONLY | O_TRUNC, 0);
Re: install.sub - disklabel template modification
Hi!
"URL to autopartitioning template for disklabel =
file:///disklabel.auto" works fine.
Rivo
On Thu, 2018-08-30 at 13:27 +, Jiri B. wrote:
> Hi,
>
> if somebody would put into install.conf following line:
>
> URL to autopartitioning template for disklabel =
> /disklabel.template
>
> ftp would end in its prompt.
>
> # ftp -Vo -
> /disklabel.template
>
> ftp: /disklabel.template: no address associated with name
> ftp>
>
> I took current check for ramdisk local {install,upgrade}.conf
>
> 649:[[ -f $_rf ]] && _rf="file://$_rf"
>
> and added it to disklabel_autolayout(), so installer would know
> how to handle path to ramdisk's local disklabel template without
> file:// uri.
>
> Jiri
>
> ---%>---
> diff --git distrib/miniroot/install.sub distrib/miniroot/install.sub
> index 740064a86a8..63ecf5cab14 100644
> --- distrib/miniroot/install.sub
> +++ distrib/miniroot/install.sub
> @@ -414,6 +414,7 @@ disklabel_autolayout() {
> err_exit "https not supported on this
> platform."
> fi
> echo "Fetching $resp"
> + [[ -f $resp ]] && resp="file://$resp"
> if unpriv ftp -Vo - "$resp" >$_dl && [[ -s $_dl ]];
> then
> disklabel -T $_dl -F $_f -w -A $_disk &&
> return
> err_exit "Autopartitioning failed."
> ---%<---
>
Call a tdb `tdb'
Stop naming 'struct tdb *' `sa', we always use `tdb' in the rest of the
kernel.
No functional change, ok?
Index: net/pfkeyv2.c
===
RCS file: /cvs/src/sys/net/pfkeyv2.c,v
retrieving revision 1.190
diff -u -p -r1.190 pfkeyv2.c
--- net/pfkeyv2.c 28 Aug 2018 15:15:02 - 1.190
+++ net/pfkeyv2.c 30 Aug 2018 14:07:58 -
@@ -787,7 +787,7 @@ ret:
* Get all the information contained in an SA to a PFKEYV2 message.
*/
int
-pfkeyv2_get(struct tdb *sa, void **headers, void **buffer, int *lenp)
+pfkeyv2_get(struct tdb *tdb, void **headers, void **buffer, int *lenp)
{
int rval, i;
void *p;
@@ -796,36 +796,36 @@ pfkeyv2_get(struct tdb *sa, void **heade
i = sizeof(struct sadb_sa) + sizeof(struct sadb_lifetime) +
sizeof(struct sadb_x_counter);
- if (sa->tdb_soft_allocations || sa->tdb_soft_bytes ||
- sa->tdb_soft_timeout || sa->tdb_soft_first_use)
+ if (tdb->tdb_soft_allocations || tdb->tdb_soft_bytes ||
+ tdb->tdb_soft_timeout || tdb->tdb_soft_first_use)
i += sizeof(struct sadb_lifetime);
- if (sa->tdb_exp_allocations || sa->tdb_exp_bytes ||
- sa->tdb_exp_timeout || sa->tdb_exp_first_use)
+ if (tdb->tdb_exp_allocations || tdb->tdb_exp_bytes ||
+ tdb->tdb_exp_timeout || tdb->tdb_exp_first_use)
i += sizeof(struct sadb_lifetime);
- if (sa->tdb_last_used)
+ if (tdb->tdb_last_used)
i += sizeof(struct sadb_lifetime);
- i += sizeof(struct sadb_address) + PADUP(sa->tdb_src.sa.sa_len);
- i += sizeof(struct sadb_address) + PADUP(sa->tdb_dst.sa.sa_len);
+ i += sizeof(struct sadb_address) + PADUP(tdb->tdb_src.sa.sa_len);
+ i += sizeof(struct sadb_address) + PADUP(tdb->tdb_dst.sa.sa_len);
- if (sa->tdb_ids) {
- i += sizeof(struct sadb_ident) +
PADUP(sa->tdb_ids->id_local->len);
- i += sizeof(struct sadb_ident) +
PADUP(sa->tdb_ids->id_remote->len);
+ if (tdb->tdb_ids) {
+ i += sizeof(struct sadb_ident) +
PADUP(tdb->tdb_ids->id_local->len);
+ i += sizeof(struct sadb_ident) +
PADUP(tdb->tdb_ids->id_remote->len);
}
- if (sa->tdb_amxkey)
- i += sizeof(struct sadb_key) + PADUP(sa->tdb_amxkeylen);
+ if (tdb->tdb_amxkey)
+ i += sizeof(struct sadb_key) + PADUP(tdb->tdb_amxkeylen);
- if (sa->tdb_emxkey)
- i += sizeof(struct sadb_key) + PADUP(sa->tdb_emxkeylen);
+ if (tdb->tdb_emxkey)
+ i += sizeof(struct sadb_key) + PADUP(tdb->tdb_emxkeylen);
- if (sa->tdb_filter.sen_type) {
+ if (tdb->tdb_filter.sen_type) {
i += 2 * sizeof(struct sadb_protocol);
/* We'll need four of them: src, src mask, dst, dst mask. */
- switch (sa->tdb_filter.sen_type) {
+ switch (tdb->tdb_filter.sen_type) {
case SENT_IP4:
i += 4 * PADUP(sizeof(struct sockaddr_in));
i += 4 * sizeof(struct sadb_address);
@@ -842,20 +842,20 @@ pfkeyv2_get(struct tdb *sa, void **heade
}
}
- if (sa->tdb_onext) {
+ if (tdb->tdb_onext) {
i += sizeof(struct sadb_sa);
i += sizeof(struct sadb_address) +
- PADUP(sa->tdb_onext->tdb_dst.sa.sa_len);
+ PADUP(tdb->tdb_onext->tdb_dst.sa.sa_len);
i += sizeof(struct sadb_protocol);
}
- if (sa->tdb_udpencap_port)
+ if (tdb->tdb_udpencap_port)
i += sizeof(struct sadb_x_udpencap);
#if NPF > 0
- if (sa->tdb_tag)
+ if (tdb->tdb_tag)
i += sizeof(struct sadb_x_tag) + PADUP(PF_TAG_NAME_SIZE);
- if (sa->tdb_tap)
+ if (tdb->tdb_tap)
i += sizeof(struct sadb_x_tap);
#endif
@@ -875,89 +875,89 @@ pfkeyv2_get(struct tdb *sa, void **heade
headers[SADB_EXT_SA] = p;
- export_sa(, sa); /* Export SA information (mostly flags) */
+ export_sa(, tdb); /* Export tdb information (mostly flags) */
/* Export lifetimes where applicable */
headers[SADB_EXT_LIFETIME_CURRENT] = p;
- export_lifetime(, sa, PFKEYV2_LIFETIME_CURRENT);
+ export_lifetime(, tdb, PFKEYV2_LIFETIME_CURRENT);
- if (sa->tdb_soft_allocations || sa->tdb_soft_bytes ||
- sa->tdb_soft_first_use || sa->tdb_soft_timeout) {
+ if (tdb->tdb_soft_allocations || tdb->tdb_soft_bytes ||
+ tdb->tdb_soft_first_use || tdb->tdb_soft_timeout) {
headers[SADB_EXT_LIFETIME_SOFT] = p;
- export_lifetime(, sa, PFKEYV2_LIFETIME_SOFT);
+ export_lifetime(, tdb, PFKEYV2_LIFETIME_SOFT);
}
- if (sa->tdb_exp_allocations || sa->tdb_exp_bytes ||
- sa->tdb_exp_first_use || sa->tdb_exp_timeout) {
install.sub - disklabel template modification
Hi,
if somebody would put into install.conf following line:
URL to autopartitioning template for disklabel = /disklabel.template
ftp would end in its prompt.
# ftp -Vo - /disklabel.template
ftp: /disklabel.template: no address associated with name
ftp>
I took current check for ramdisk local {install,upgrade}.conf
649:[[ -f $_rf ]] && _rf="file://$_rf"
and added it to disklabel_autolayout(), so installer would know
how to handle path to ramdisk's local disklabel template without file:// uri.
Jiri
---%>---
diff --git distrib/miniroot/install.sub distrib/miniroot/install.sub
index 740064a86a8..63ecf5cab14 100644
--- distrib/miniroot/install.sub
+++ distrib/miniroot/install.sub
@@ -414,6 +414,7 @@ disklabel_autolayout() {
err_exit "https not supported on this platform."
fi
echo "Fetching $resp"
+ [[ -f $resp ]] && resp="file://$resp"
if unpriv ftp -Vo - "$resp" >$_dl && [[ -s $_dl ]]; then
disklabel -T $_dl -F $_f -w -A $_disk && return
err_exit "Autopartitioning failed."
---%<---
Re: smtpd: improve syntax for relay host
On Wed, Aug 29, 2018 at 01:56:49PM +0200, Eric Faurot wrote:
> For clarity and consistency, we'd like to change the url-like schemes
> used for specifying smarthost relays in smtpd.conf, to make them match
> what has been set for smtp(1). The proposed changes are as follow:
>
> - the "+auth" specifier is removed: it is implied by the presence of an
> auth label in the rest of the string
> - "secure://" is removed: use "smtp+tls://" or "smtps://" explicitely
> - "tls://" is removed, and replaced by "smtp+tls://"
> - "smtp://" becomes SMTP with opportunistic STARTTLS: use "smtp+notls://"
> to disable TLS
> - "smtp+tls://" becomes SMTP with mandatory STARTTLS: use "smtp://" for
> opportunistic STARTTLS
>
> It might look confusing (especially since the current schemes are
> apparently not documented), but in practice, the update process is
> very simple:
>
> 1) If you have "+auth" just remove it,
> 2) then rewrite the rest as follow:
>
> smtp+tls:// -> smtp://
> smtp:// -> smtp+notls://
> tls:// -> smtp+tls://
> smtps://-> no change
> lmtp:// -> no change
> secure:// -> choose between smtp+tls:// and smtps://
>
> For example, when relaying through a smarthost with authentication,
> the change would be:
>
> -action "foo" relay host "tls+auth://la...@smtp.example.com" auth
> +action "foo" relay host "smtp+tls://la...@smtp.example.com" auth
>
> or, when using smtps:
>
> -action "foo" relay host "smtps+auth://la...@smtp.example.com" auth
>
> +action "foo" relay host "smtps://la...@smtp.example.com" auth
>
> The default remains SMTP with opportunistic STARTTLS, so a rule like
> the following has the same behaviour as before:
>
> action "foo" relay host "smtp.example.com"
>
> Note that there is no impact on incoming or queued mails. The
> consequences for running with the new schemes without updating the
> config first are:
>
> - an "smtp://" relay would start to do opportunistic STARTTLS, so at worst
> mails would be sent over a secure channel instead of plain text.
> - an "smtp+tls://" relay would not fallback to plain text if STARTTLS fails,
> and the mail will tempfail.
> - in all other cases, the mail will tempfail with a warning.
>
> Does that look fine?
>
>
To me it's the sensible approach, is cleaner too.
We should do it now because people are going to have to change their
config with 6.4 anyways.
A next step, for 6.5 would be to manage and get rid off the auth
keyword within actions by embedding the table name in relay url.
don't forget updating current.html, ok gilles@
> Index: to.c
> ===
> RCS file: /cvs/src/usr.sbin/smtpd/to.c,v
> retrieving revision 1.31
> diff -u -p -r1.31 to.c
> --- to.c 7 Jun 2018 11:31:51 - 1.31
> +++ to.c 29 Aug 2018 07:32:52 -
> @@ -310,15 +310,11 @@ text_to_relayhost(struct relayhost *rela
>* new schemas should be *appended* otherwise the default
>* schema index needs to be updated later in this function.
>*/
> - { "smtp://",0 },
> + { "smtp://",RELAY_TLS_OPTIONAL },
> + { "smtp+tls://",RELAY_STARTTLS },
> + { "smtp+notls://", 0 },
> { "lmtp://",RELAY_LMTP },
> - { "smtp+tls://",RELAY_TLS_OPTIONAL },
> - { "smtps://", RELAY_SMTPS },
> - { "tls://", RELAY_STARTTLS },
> - { "smtps+auth://", RELAY_SMTPS|RELAY_AUTH },
> - { "tls+auth://",RELAY_STARTTLS|RELAY_AUTH },
> - { "secure://", RELAY_SMTPS|RELAY_STARTTLS },
> - { "secure+auth://", RELAY_SMTPS|RELAY_STARTTLS|RELAY_AUTH }
> + { "smtps://", RELAY_SMTPS }
> };
> const char *errstr = NULL;
> char *p, *q;
> @@ -341,8 +337,8 @@ text_to_relayhost(struct relayhost *rela
> if (strstr(buffer, "://"))
> return 0;
>
> - /* no schema, default to smtp+tls:// */
> - i = 2;
> + /* no schema, default to smtp:// */
> + i = 0;
> p = buffer;
> }
> else
> @@ -397,10 +393,13 @@ text_to_relayhost(struct relayhost *rela
> return 0;
> if ((relay->flags & RELAY_LMTP) && (relay->port == 0))
> return 0;
> - if (relay->authlabel[0] == '\0' && relay->flags & RELAY_AUTH)
> - return 0;
> - if (relay->authlabel[0] != '\0' && !(relay->flags & RELAY_AUTH))
> - return 0;
> + if (relay->authlabel[0]) {
> + /* disallow auth on non-tls
