Bump to latest version and clean out cruft

8 files changed, 20 insertions, 849 deletions

diff --git a/net-mail/postfix/files/digest-postfix-1.1.11-r5 b/net-mail/postfix/files/digest-postfix-1.1.11-r5
deleted file mode 100644
index 5a39ee7aa6fd..000000000000
--- a/net-mail/postfix/files/digest-postfix-1.1.11-r5
+++ /dev/null
@@ -1,2 +0,0 @@
-MD5 b34bb2b5018327c19456a77814141208 postfix-1.1.11.tar.gz 1190741
-MD5 11d82e9a3482f64af9d228f7a4319566 pfixtls-0.8.11a-1.1.11-0.9.6g.tar.gz 196093
diff --git a/net-mail/postfix/files/digest-postfix-2.0.0 b/net-mail/postfix/files/digest-postfix-2.0.0
deleted file mode 100644
index 2942d3ddb16a..000000000000
--- a/net-mail/postfix/files/digest-postfix-2.0.0
+++ /dev/null
@@ -1 +0,0 @@
-MD5 5f605430d45f822fa2e3f512e0575eb6 postfix-2.0.0.tar.gz 1322886
diff --git a/net-mail/postfix/files/digest-postfix-2.0.2 b/net-mail/postfix/files/digest-postfix-2.0.2
deleted file mode 100644
index afffac76e025..000000000000
--- a/net-mail/postfix/files/digest-postfix-2.0.2
+++ /dev/null
@@ -1,3 +0,0 @@
-MD5 b64114648412cb89756b96dce7f59948 postfix-2.0.2.tar.gz 1339432
-MD5 420470e2bd0225650783a60374435108 pfixtls-0.8.13-2.0.1-0.9.7.tar.gz 225806
-MD5 f3c82b0199d3c91b2ac9a8d46a465cca tls+ipv6-1.12-pf-2.0.2.patch.gz 95506
diff --git a/net-mail/postfix/files/digest-postfix-2.0.2-r1 b/net-mail/postfix/files/digest-postfix-2.0.2-r1
deleted file mode 100644
index afffac76e025..000000000000
--- a/net-mail/postfix/files/digest-postfix-2.0.2-r1
+++ /dev/null
@@ -1,3 +0,0 @@
-MD5 b64114648412cb89756b96dce7f59948 postfix-2.0.2.tar.gz 1339432
-MD5 420470e2bd0225650783a60374435108 pfixtls-0.8.13-2.0.1-0.9.7.tar.gz 225806
-MD5 f3c82b0199d3c91b2ac9a8d46a465cca tls+ipv6-1.12-pf-2.0.2.patch.gz 95506
diff --git a/net-mail/postfix/files/digest-postfix-2.0.7 b/net-mail/postfix/files/digest-postfix-2.0.8
index 9721dd7b63ac..85a3e3afed23 100644
--- a/net-mail/postfix/files/digest-postfix-2.0.7
+++ b/net-mail/postfix/files/digest-postfix-2.0.8
@@ -1,3 +1,3 @@
-MD5 38697ae27e80fe83352aa04ec6175dd4 postfix-2.0.7.tar.gz 1345929
+MD5 58be08ee4cd0c48247bcb0cdda9bb522 postfix-2.0.8.tar.gz 1347496
 MD5 42e3c15c5d9b59eb4cd15304f9c11627 pfixtls-0.8.13-2.0.6-0.9.7a.tar.gz 226006
 MD5 b2bec23a55360ac5bfa55426ecb5f1e3 tls+ipv6-1.13-pf-2.0.7.patch.gz 95608
diff --git a/net-mail/postfix/files/postfix-1.1.11-saslv2.diff b/net-mail/postfix/files/postfix-1.1.11-saslv2.diff
deleted file mode 100644
index e8caa5c4e73e..000000000000
--- a/net-mail/postfix/files/postfix-1.1.11-saslv2.diff
+++ /dev/null
@@ -1,764 +0,0 @@
-diff -Naur postfix-1.1.11/conf/sample-auth.cf postfix-1.1.11-20020602/conf/sample-auth.cf
---- postfix-1.1.11/conf/sample-auth.cf	2001-11-06 16:19:40.000000000 +0100
-+++ postfix-1.1.11-20020602/conf/sample-auth.cf	2002-03-29 22:36:53.000000000 +0100
-@@ -23,7 +23,8 @@
- #
- # In order to enable server-side authentication, build Postfix with
- # SASL support, and install a configuration file /usr/lib/sasl/smtpd.conf
--# with as contents, for example,
-+# (SASL version 1) or /usr/lib/sasl2/smtpd.conf (SASL version 2) with
-+# as contents, for example,
- #
- #	pwcheck_method:  sasldb
- #
-@@ -51,6 +52,10 @@
- # nodictionary:	disallow methods subject to passive (dictionary) attack
- # noanonymous:	disallow methods that allow anonymous authentication
- # 
-+# An additional option is available in SASL version 2:
-+#
-+# mutual_auth:	only allow methods that provide mutual authentication
-+#
- # By default, the Postfix SMTP server accepts plaintext passwords but
- # not anonymous logins. 
- #
-@@ -104,6 +109,10 @@
- # nodictionary:	disallow methods subject to passive (dictionary) attack
- # noanonymous:	disallow methods that allow anonymous authentication
- # 
-+# An additional option is available in SASL version 2:
-+#
-+# mutual_auth:	only allow methods that provide mutual authentication
-+#
- # By default, the Postfix SMTP client will not use plaintext passwords.
- #
- #smtp_sasl_security_options = 
-diff -Naur postfix-1.1.11/README_FILES/SASL_README postfix-1.1.11-20020602/README_FILES/SASL_README
---- postfix-1.1.11/README_FILES/SASL_README	2002-05-28 23:25:35.000000000 +0200
-+++ postfix-1.1.11-20020602/README_FILES/SASL_README	2002-05-28 23:22:32.000000000 +0200
-@@ -26,13 +26,22 @@
- Note that this seems to be related to the auto_transition switch in
- SASL. Note also that the Cyrus SASL documentation says that it is
- pointless to enable that if you use "sasldb" for "pwcheck_method".
-+Later versions of the SASL 1.5.x series should also work.
-+
-+Postfix+SASL 2.1.1 appears to work on Mandrake Linux 8.1 (pwcheck_method
-+set to saslauthd or auxprop).  Note that the 'auxprop' pwcheck_method
-+replaces the 'sasldb' method from SASL 1.5.x.  Postfix may need
-+write access to /etc/sasldb2 if you use the auto_transition feature,
-+or if you use an authentication mechanism such as OTP (one-time
-+passwords) that needs to update secrets in the database.
- 
- Introduction
- ============
- 
- The Postfix SASL support (RFC 2554) was originally implemented by
- Till Franke of SuSE Rhein/Main AG.  The present code is a trimmed-down
--version with only the bare necessities.  
-+version with only the bare necessities.  Support for SASL version 2
-+was contributed by Jason Hoos.
- 
- When receiving mail, Postfix logs the client-provided username,
- authentication method, and sender address to the maillog file, and
-@@ -50,21 +59,20 @@
- Building the SASL library
- =========================
- 
--Postfix appears to work with cyrus-sasl-1.5.5, which is available
--from:
-+Postfix appears to work with cyrus-sasl-1.5.5 or cyrus-sasl-2.1.1, 
-+which are available from:
- 
-     ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/
- 
--IMPORTANT: if you install the Cyrus SASL libraries as per the default,
--you will have to symlink /usr/lib/sasl -> /usr/local/lib/sasl.
-+IMPORTANT: if you install the Cyrus SASL libraries as per the
-+default, you will have to symlink /usr/lib/sasl -> /usr/local/lib/sasl
-+for version 1.5.5 or /usr/lib/sasl2 -> /usr/local/lib/sasl2 for
-+version 2.1.1.
- 
- Reportedly, Microsoft Internet Explorer version 5 requires the
- non-standard SASL LOGIN authentication method. To enable this
- authentication method, specify ``./configure --enable-login''.
- 
--If you install the Cyrus SASL libraries as per the default, you
--will have to symlink /usr/lib/sasl -> /usr/local/lib/sasl.
--
- Building Postfix with SASL authentication support
- =================================================
- 
-@@ -74,17 +82,29 @@
- 
- On some systems this generates the necessary Makefile definitions:
- 
-+(for SASL version 1.5.5):
-     % make tidy # if you have left-over files from a previous build
-     % make makefiles CCARGS="-DUSE_SASL_AUTH -I/usr/local/include" \
- 	AUXLIBS="-L/usr/local/lib -lsasl"
- 
-+(for SASL version 2.1.1):
-+    % make tidy # if you have left-over files from a previous build
-+    % make makefiles CCARGS="-DUSE_SASL_AUTH -I/usr/local/include/sasl" \
-+	AUXLIBS="-L/usr/local/lib -lsasl2"
-+
- On Solaris 2.x you need to specify run-time link information,
- otherwise ld.so will not find the SASL shared library:
- 
-+(for SASL version 1.5.5):
-     % make tidy # if you have left-over files from a previous build
-     % make makefiles CCARGS="-DUSE_SASL_AUTH -I/usr/local/include" \
- 	AUXLIBS="-L/usr/local/lib -R/usr/local/lib -lsasl"
- 
-+(for SASL version 2.1.1):
-+    % make tidy # if you have left-over files from a previous build
-+    % make makefiles CCARGS="-DUSE_SASL_AUTH -I/usr/local/include/sasl" \
-+	AUXLIBS="-L/usr/local/lib -R/usr/local/lib -lsasl2"
-+
- Enabling SASL authentication in the Postfix SMTP server
- =======================================================
- 
-@@ -101,23 +121,49 @@
- 	smtpd_recipient_restrictions = 
- 	    permit_mynetworks permit_sasl_authenticated ...
- 
--In /usr/local/lib/sasl/smtpd.conf you need to specify how the server
--should validate client passwords. 
-+In /usr/local/lib/sasl/smtpd.conf (SASL version 1.5.5) or
-+/usr/local/lib/sasl2/smtpd.conf (SASL version 2.1.1) you need to
-+specify how the server should validate client passwords.
- 
- In order to authenticate against the UNIX password database, try:
- 
-+(SASL version 1.5.5)
-     /usr/local/lib/sasl/smtpd.conf:
- 	pwcheck_method: pwcheck
- 
-+(SASL version 2.1.1)
-+    /usr/local/lib/sasl2/smtpd.conf:
-+	pwcheck_method: pwcheck
-+
- The pwcheck daemon is contained in the cyrus-sasl source tarball.
- 
-+Alternately, in SASL 1.5.27 and later (including 2.1.1), try:
-+
-+(SASL version 1.5.5)
-+   /usr/local/lib/sasl/smtpd.conf:
-+   	pwcheck_method: saslauthd
-+
-+(SASL version 2.1.1)
-+   /usr/local/lib/sasl2/smtpd.conf:
-+   	pwcheck_method: saslauthd
-+
-+The saslauthd daemon is also contained in the cyrus-sasl source
-+tarball.  It is more flexible than the pwcheck daemon, in that it
-+can authenticate against PAM and various other sources.
-+
- In order to authenticate against SASL's own password database:
- 
-+(SASL version 1.5.5)
-     /usr/local/lib/sasl/smtpd.conf:
- 	pwcheck_method:  sasldb
- 
--This will use the SASL password file (default: /etc/sasldb), which
--is maintained with the saslpasswd command (part of the Cyrus SASL
-+(SASL version 2.1.1)
-+    /usr/local/lib/sasl2/smtpd.conf:
-+    	pwcheck_method:  auxprop
-+
-+This will use the SASL password file (default: /etc/sasldb in
-+version 1.5.5, or /etc/sasldb2 in version 2.1.1), which is maintained
-+with the saslpasswd or saslpasswd2 command (part of the Cyrus SASL
- software). On some poorly-supported systems the saslpasswd command
- needs to be run multiple times before it stops complaining.  The
- Postfix SMTP server needs read access to the sasldb file - you may
-diff -Naur postfix-1.1.11/src/lmtp/lmtp_sasl_glue.c postfix-1.1.11-20020602/src/lmtp/lmtp_sasl_glue.c
---- postfix-1.1.11/src/lmtp/lmtp_sasl_glue.c	2001-01-19 22:46:44.000000000 +0100
-+++ postfix-1.1.11-20020602/src/lmtp/lmtp_sasl_glue.c	2002-03-29 23:24:17.000000000 +0100
-@@ -116,6 +116,9 @@
-     "noactive", SASL_SEC_NOACTIVE,
-     "nodictionary", SASL_SEC_NODICTIONARY,
-     "noanonymous", SASL_SEC_NOANONYMOUS,
-+#if SASL_VERSION_MAJOR >= 2
-+    "mutual_auth", SASL_SEC_MUTUAL_AUTH,
-+#endif
-     0,
- };
- 
-@@ -127,6 +130,47 @@
- #define STR(x)	vstring_str(x)
- 
-  /*
-+  * Macros to handle API differences between SASLv1 and SASLv2. Specifics:
-+  * 
-+  * The SASL_LOG_* constants were renamed in SASLv2.
-+  * 
-+  * SASLv2's sasl_client_new takes two new parameters to specify local and
-+  * remote IP addresses for auth mechs that use them.
-+  * 
-+  * SASLv2's sasl_client_start function no longer takes the secret parameter.
-+  * 
-+  * SASLv2's sasl_decode64 function takes an extra parameter for the length of
-+  * the output buffer.
-+  * 
-+  * The other major change is that SASLv2 now takes more responsibility for
-+  * deallocating memory that it allocates internally.  Thus, some of the
-+  * function parameters are now 'const', to make sure we don't try to free
-+  * them too.  This is dealt with in the code later on.
-+  */
-+
-+#if SASL_VERSION_MAJOR < 2
-+/* SASL version 1.x */
-+#define SASL_LOG_WARN SASL_LOG_WARNING
-+#define SASL_LOG_NOTE SASL_LOG_INFO
-+#define SASL_CLIENT_NEW(srv, fqdn, lport, rport, prompt, secflags, pconn) \
-+	sasl_client_new(srv, fqdn, prompt, secflags, pconn)
-+#define SASL_CLIENT_START(conn, mechlst, secret, prompt, clout, cllen, mech) \
-+	sasl_client_start(conn, mechlst, secret, prompt, clout, cllen, mech)
-+#define SASL_DECODE64(in, inlen, out, outmaxlen, outlen) \
-+	sasl_decode64(in, inlen, out, outlen)
-+#endif
-+
-+#if SASL_VERSION_MAJOR >= 2
-+/* SASL version > 2.x */
-+#define SASL_CLIENT_NEW(srv, fqdn, lport, rport, prompt, secflags, pconn) \
-+	sasl_client_new(srv, fqdn, lport, rport, prompt, secflags, pconn)
-+#define SASL_CLIENT_START(conn, mechlst, secret, prompt, clout, cllen, mech) \
-+	sasl_client_start(conn, mechlst, prompt, clout, cllen, mech)
-+#define SASL_DECODE64(in, inlen, out, outmaxlen, outlen) \
-+	sasl_decode64(in, inlen, out, outmaxlen, outlen)
-+#endif
-+
-+ /*
-   * Per-host login/password information.
-   */
- static MAPS *lmtp_sasl_passwd_map;
-@@ -137,14 +181,18 @@
- 			         const char *message)
- {
-     switch (priority) {
--	case SASL_LOG_ERR:
--	case SASL_LOG_WARNING:
--	msg_warn("%s", message);
-+	case SASL_LOG_ERR:		/* unusual errors */
-+	case SASL_LOG_WARN:		/* non-fatal warnings */
-+	msg_warn("SASL authentication problem: %s", message);
- 	break;
--    case SASL_LOG_INFO:
-+    case SASL_LOG_NOTE:			/* other info */
- 	if (msg_verbose)
--	    msg_info("%s", message);
-+	    msg_info("SASL authentication info: %s", message);
- 	break;
-+#if SASL_VERSION_MAJOR >= 2
-+    case SASL_LOG_FAIL:			/* authentication failures */
-+	msg_warn("SASL authentication failure: %s", message);
-+#endif
-     }
-     return (SASL_OK);
- }
-@@ -317,7 +365,12 @@
-     memcpy((char *) state->sasl_callbacks, callbacks, sizeof(callbacks));
-     for (cp = state->sasl_callbacks; cp->id != SASL_CB_LIST_END; cp++)
- 	cp->context = (void *) state;
--    if (sasl_client_new("smtp", state->session->host,
-+
-+#define NULL_SERVER_ADDR	((char *) 0)
-+#define NULL_CLIENT_ADDR	((char *) 0)
-+
-+    if (SASL_CLIENT_NEW("smtp", state->session->host,
-+			NULL_CLIENT_ADDR, NULL_SERVER_ADDR,
- 			state->sasl_callbacks, NULL_SECFLAGS,
- 			(sasl_conn_t **) &state->sasl_conn) != SASL_OK)
- 	msg_fatal("per-session SASL client initialization");
-@@ -354,7 +407,14 @@
-     char   *myname = "lmtp_sasl_authenticate";
-     unsigned enc_length;
-     unsigned enc_length_out;
-+
-+#if SASL_VERSION_MAJOR >= 2
-+    const char *clientout;
-+
-+#else
-     char   *clientout;
-+
-+#endif
-     unsigned clientoutlen;
-     unsigned serverinlen;
-     LMTP_RESP *resp;
-@@ -374,7 +434,7 @@
-     /*
-      * Start the client side authentication protocol.
-      */
--    result = sasl_client_start((sasl_conn_t *) state->sasl_conn,
-+    result = SASL_CLIENT_START((sasl_conn_t *) state->sasl_conn,
- 			       state->sasl_mechanism_list,
- 			       NO_SASL_SECRET, NO_SASL_INTERACTION,
- 			       &clientout, &clientoutlen, &mechanism);
-@@ -404,7 +464,10 @@
- 			  STR(state->sasl_encoded), enc_length,
- 			  &enc_length_out) != SASL_OK)
- 	    msg_panic("%s: sasl_encode64 botch", myname);
-+#if SASL_VERSION_MAJOR < 2
-+	/* SASL version 1 doesn't free memory that it allocates. */
- 	free(clientout);
-+#endif
- 	lmtp_chat_cmd(state, "AUTH %s %s", mechanism, STR(state->sasl_encoded));
-     } else {
- 	lmtp_chat_cmd(state, "AUTH %s", mechanism);
-@@ -423,8 +486,8 @@
- 	(void) mystrtok(&line, "- \t\n");	/* skip over result code */
- 	serverinlen = strlen(line);
- 	VSTRING_SPACE(state->sasl_decoded, serverinlen);
--	if (sasl_decode64(line, serverinlen,
--			STR(state->sasl_decoded), &enc_length) != SASL_OK) {
-+	if (SASL_DECODE64(line, serverinlen, STR(state->sasl_decoded),
-+			  serverinlen, &enc_length) != SASL_OK) {
- 	    vstring_sprintf(why, "malformed SASL challenge from server %s",
- 			    state->session->namaddr);
- 	    return (-1);
-@@ -456,7 +519,10 @@
- 			      STR(state->sasl_encoded), enc_length,
- 			      &enc_length_out) != SASL_OK)
- 		msg_panic("%s: sasl_encode64 botch", myname);
-+#if SASL_VERSION_MAJOR < 2
-+	    /* SASL version 1 doesn't free memory that it allocates. */
- 	    free(clientout);
-+#endif
- 	} else {
- 	    vstring_strcat(state->sasl_encoded, "");
- 	}
-@@ -487,7 +553,8 @@
- 	state->sasl_passwd = 0;
-     }
-     if (state->sasl_mechanism_list) {
--	myfree(state->sasl_mechanism_list);	/* allocated in lmtp_helo */
-+	/* allocated in lmtp_sasl_helo_auth */
-+	myfree(state->sasl_mechanism_list);
- 	state->sasl_mechanism_list = 0;
-     }
-     if (state->sasl_conn) {
-diff -Naur postfix-1.1.11/src/smtp/smtp_sasl_glue.c postfix-1.1.11-20020602/src/smtp/smtp_sasl_glue.c
---- postfix-1.1.11/src/smtp/smtp_sasl_glue.c	2001-07-02 21:12:54.000000000 +0200
-+++ postfix-1.1.11-20020602/src/smtp/smtp_sasl_glue.c	2002-03-29 23:24:22.000000000 +0100
-@@ -116,6 +116,9 @@
-     "noactive", SASL_SEC_NOACTIVE,
-     "nodictionary", SASL_SEC_NODICTIONARY,
-     "noanonymous", SASL_SEC_NOANONYMOUS,
-+#if SASL_VERSION_MAJOR >= 2
-+    "mutual_auth", SASL_SEC_MUTUAL_AUTH,
-+#endif
-     0,
- };
- 
-@@ -127,6 +130,47 @@
- #define STR(x)	vstring_str(x)
- 
-  /*
-+  * Macros to handle API differences between SASLv1 and SASLv2. Specifics:
-+  * 
-+  * The SASL_LOG_* constants were renamed in SASLv2.
-+  * 
-+  * SASLv2's sasl_client_new takes two new parameters to specify local and
-+  * remote IP addresses for auth mechs that use them.
-+  * 
-+  * SASLv2's sasl_client_start function no longer takes the secret parameter.
-+  * 
-+  * SASLv2's sasl_decode64 function takes an extra parameter for the length of
-+  * the output buffer.
-+  * 
-+  * The other major change is that SASLv2 now takes more responsibility for
-+  * deallocating memory that it allocates internally.  Thus, some of the
-+  * function parameters are now 'const', to make sure we don't try to free
-+  * them too.  This is dealt with in the code later on.
-+  */
-+
-+#if SASL_VERSION_MAJOR < 2
-+/* SASL version 1.x */
-+#define SASL_LOG_WARN SASL_LOG_WARNING
-+#define SASL_LOG_NOTE SASL_LOG_INFO
-+#define SASL_CLIENT_NEW(srv, fqdn, lport, rport, prompt, secflags, pconn) \
-+	sasl_client_new(srv, fqdn, prompt, secflags, pconn)
-+#define SASL_CLIENT_START(conn, mechlst, secret, prompt, clout, cllen, mech) \
-+	sasl_client_start(conn, mechlst, secret, prompt, clout, cllen, mech)
-+#define SASL_DECODE64(in, inlen, out, outmaxlen, outlen) \
-+	sasl_decode64(in, inlen, out, outlen)
-+#endif
-+
-+#if SASL_VERSION_MAJOR >= 2
-+/* SASL version > 2.x */
-+#define SASL_CLIENT_NEW(srv, fqdn, lport, rport, prompt, secflags, pconn) \
-+	sasl_client_new(srv, fqdn, lport, rport, prompt, secflags, pconn)
-+#define SASL_CLIENT_START(conn, mechlst, secret, prompt, clout, cllen, mech) \
-+	sasl_client_start(conn, mechlst, prompt, clout, cllen, mech)
-+#define SASL_DECODE64(in, inlen, out, outmaxlen, outlen) \
-+	sasl_decode64(in, inlen, out, outmaxlen, outlen)
-+#endif
-+
-+ /*
-   * Per-host login/password information.
-   */
- static MAPS *smtp_sasl_passwd_map;
-@@ -137,14 +181,18 @@
- 			         const char *message)
- {
-     switch (priority) {
--	case SASL_LOG_ERR:
--	case SASL_LOG_WARNING:
-+	case SASL_LOG_ERR:		/* unusual errors */
-+	case SASL_LOG_WARN:		/* non-fatal warnings */
- 	msg_warn("SASL authentication problem: %s", message);
- 	break;
--    case SASL_LOG_INFO:
-+    case SASL_LOG_NOTE:			/* other info */
- 	if (msg_verbose)
- 	    msg_info("SASL authentication info: %s", message);
- 	break;
-+#if SASL_VERSION_MAJOR >= 2
-+    case SASL_LOG_FAIL:			/* authentication failures */
-+	msg_warn("SASL authentication failure: %s", message);
-+#endif
-     }
-     return (SASL_OK);
- }
-@@ -317,7 +365,12 @@
-     memcpy((char *) state->sasl_callbacks, callbacks, sizeof(callbacks));
-     for (cp = state->sasl_callbacks; cp->id != SASL_CB_LIST_END; cp++)
- 	cp->context = (void *) state;
--    if (sasl_client_new("smtp", state->session->host,
-+
-+#define NULL_SERVER_ADDR	((char *) 0)
-+#define NULL_CLIENT_ADDR	((char *) 0)
-+
-+    if (SASL_CLIENT_NEW("smtp", state->session->host,
-+			NULL_CLIENT_ADDR, NULL_SERVER_ADDR,
- 			state->sasl_callbacks, NULL_SECFLAGS,
- 			(sasl_conn_t **) &state->sasl_conn) != SASL_OK)
- 	msg_fatal("per-session SASL client initialization");
-@@ -354,7 +407,14 @@
-     char   *myname = "smtp_sasl_authenticate";
-     unsigned enc_length;
-     unsigned enc_length_out;
-+
-+#if SASL_VERSION_MAJOR >= 2
-+    const char *clientout;
-+
-+#else
-     char   *clientout;
-+
-+#endif
-     unsigned clientoutlen;
-     unsigned serverinlen;
-     SMTP_RESP *resp;
-@@ -374,7 +434,7 @@
-     /*
-      * Start the client side authentication protocol.
-      */
--    result = sasl_client_start((sasl_conn_t *) state->sasl_conn,
-+    result = SASL_CLIENT_START((sasl_conn_t *) state->sasl_conn,
- 			       state->sasl_mechanism_list,
- 			       NO_SASL_SECRET, NO_SASL_INTERACTION,
- 			       &clientout, &clientoutlen, &mechanism);
-@@ -404,7 +464,10 @@
- 			  STR(state->sasl_encoded), enc_length,
- 			  &enc_length_out) != SASL_OK)
- 	    msg_panic("%s: sasl_encode64 botch", myname);
-+#if SASL_VERSION_MAJOR < 2
-+	/* SASL version 1 doesn't free memory that it allocates. */
- 	free(clientout);
-+#endif
- 	smtp_chat_cmd(state, "AUTH %s %s", mechanism, STR(state->sasl_encoded));
-     } else {
- 	smtp_chat_cmd(state, "AUTH %s", mechanism);
-@@ -423,8 +486,8 @@
- 	(void) mystrtok(&line, "- \t\n");	/* skip over result code */
- 	serverinlen = strlen(line);
- 	VSTRING_SPACE(state->sasl_decoded, serverinlen);
--	if (sasl_decode64(line, serverinlen,
--			STR(state->sasl_decoded), &enc_length) != SASL_OK) {
-+	if (SASL_DECODE64(line, serverinlen, STR(state->sasl_decoded),
-+			  serverinlen, &enc_length) != SASL_OK) {
- 	    vstring_sprintf(why, "malformed SASL challenge from server %s",
- 			    state->session->namaddr);
- 	    return (-1);
-@@ -456,7 +519,10 @@
- 			      STR(state->sasl_encoded), enc_length,
- 			      &enc_length_out) != SASL_OK)
- 		msg_panic("%s: sasl_encode64 botch", myname);
-+#if SASL_VERSION_MAJOR < 2
-+	    /* SASL version 1 doesn't free memory that it allocates. */
- 	    free(clientout);
-+#endif
- 	} else {
- 	    vstring_strcat(state->sasl_encoded, "");
- 	}
-@@ -487,7 +553,8 @@
- 	state->sasl_passwd = 0;
-     }
-     if (state->sasl_mechanism_list) {
--	myfree(state->sasl_mechanism_list);	/* allocated in smtp_helo */
-+	/* allocated in smtp_sasl_helo_auth */
-+	myfree(state->sasl_mechanism_list);
- 	state->sasl_mechanism_list = 0;
-     }
-     if (state->sasl_conn) {
-diff -Naur postfix-1.1.11/src/smtpd/smtpd.h postfix-1.1.11-20020602/src/smtpd/smtpd.h
---- postfix-1.1.11/src/smtpd/smtpd.h	2001-11-06 18:35:29.000000000 +0100
-+++ postfix-1.1.11-20020602/src/smtpd/smtpd.h	2002-03-29 22:10:13.000000000 +0100
-@@ -68,7 +68,11 @@
-     off_t   msg_size;
-     int     junk_cmds;
- #ifdef USE_SASL_AUTH
-+#if SASL_VERSION_MAJOR >= 2
-+    const char *sasl_mechanism_list;
-+#else
-     char   *sasl_mechanism_list;
-+#endif
-     char   *sasl_method;
-     char   *sasl_username;
-     char   *sasl_sender;
-diff -Naur postfix-1.1.11/src/smtpd/smtpd_sasl_glue.c postfix-1.1.11-20020602/src/smtpd/smtpd_sasl_glue.c
---- postfix-1.1.11/src/smtpd/smtpd_sasl_glue.c	2001-11-26 01:14:01.000000000 +0100
-+++ postfix-1.1.11-20020602/src/smtpd/smtpd_sasl_glue.c	2002-03-31 01:04:21.000000000 +0100
-@@ -110,6 +110,52 @@
-  */
- #define STR(s)	vstring_str(s)
- 
-+ /*
-+  * Macros to handle API differences between SASLv1 and SASLv2. Specifics:
-+  * 
-+  * The SASL_LOG_* constants were renamed in SASLv2.
-+  * 
-+  * SASLv2's sasl_server_new takes two new parameters to specify local and
-+  * remote IP addresses for auth mechs that use them.
-+  * 
-+  * SASLv2's sasl_server_start and sasl_server_step no longer have the errstr
-+  * parameter.
-+  * 
-+  * SASLv2's sasl_decode64 function takes an extra parameter for the length of
-+  * the output buffer.
-+  * 
-+  * The other major change is that SASLv2 now takes more responsibility for
-+  * deallocating memory that it allocates internally.  Thus, some of the
-+  * function parameters are now 'const', to make sure we don't try to free
-+  * them too.  This is dealt with in the code later on.
-+  */
-+
-+#if SASL_VERSION_MAJOR < 2
-+/* SASL version 1.x */
-+#define SASL_LOG_WARN SASL_LOG_WARNING
-+#define SASL_LOG_NOTE SASL_LOG_INFO
-+#define SASL_SERVER_NEW(srv, fqdn, rlm, lport, rport, cb, secflags, pconn) \
-+	sasl_server_new(srv, fqdn, rlm, cb, secflags, pconn)
-+#define SASL_SERVER_START(conn, mech, clin, clinlen, srvout, srvoutlen, err) \
-+	sasl_server_start(conn, mech, clin, clinlen, srvout, srvoutlen, err)
-+#define SASL_SERVER_STEP(conn, clin, clinlen, srvout, srvoutlen, err) \
-+	sasl_server_step(conn, clin, clinlen, srvout, srvoutlen, err)
-+#define SASL_DECODE64(in, inlen, out, outmaxlen, outlen) \
-+	sasl_decode64(in, inlen, out, outlen)
-+#endif
-+
-+#if SASL_VERSION_MAJOR >= 2
-+/* SASL version > 2.x */
-+#define SASL_SERVER_NEW(srv, fqdn, rlm, lport, rport, cb, secflags, pconn) \
-+	sasl_server_new(srv, fqdn, rlm, lport, rport, cb, secflags, pconn)
-+#define SASL_SERVER_START(conn, mech, clin, clinlen, srvout, srvoutlen, err) \
-+	sasl_server_start(conn, mech, clin, clinlen, srvout, srvoutlen)
-+#define SASL_SERVER_STEP(conn, clin, clinlen, srvout, srvoutlen, err) \
-+	sasl_server_step(conn, clin, clinlen, srvout, srvoutlen)
-+#define SASL_DECODE64(in, inlen, out, outmaxlen, outlen) \
-+	sasl_decode64(in, inlen, out, outmaxlen, outlen)
-+#endif
-+
- /* smtpd_sasl_log - SASL logging callback */
- 
- static int smtpd_sasl_log(void *unused_context, int priority,
-@@ -117,13 +163,18 @@
- {
-     switch (priority) {
- 	case SASL_LOG_ERR:
--	case SASL_LOG_WARNING:
-+	case SASL_LOG_WARN:
- 	msg_warn("SASL authentication problem: %s", message);
- 	break;
--    case SASL_LOG_INFO:
-+    case SASL_LOG_NOTE:
- 	if (msg_verbose)
- 	    msg_info("SASL authentication info: %s", message);
- 	break;
-+#if SASL_VERSION_MAJOR >= 2
-+    case SASL_LOG_FAIL:
-+	msg_warn("SASL authentication failure: %s", message);
-+	break;
-+#endif
-     }
-     return SASL_OK;
- }
-@@ -144,12 +195,14 @@
-     "noactive", SASL_SEC_NOACTIVE,
-     "nodictionary", SASL_SEC_NODICTIONARY,
-     "noanonymous", SASL_SEC_NOANONYMOUS,
-+#if SASL_VERSION_MAJOR >= 2
-+    "mutual_auth", SASL_SEC_MUTUAL_AUTH,
-+#endif
-     0,
- };
- 
- static int smtpd_sasl_opts;
- 
--
- /* smtpd_sasl_initialize - per-process initialization */
- 
- void    smtpd_sasl_initialize(void)
-@@ -172,8 +225,16 @@
- 
- void    smtpd_sasl_connect(SMTPD_STATE *state)
- {
-+#if SASL_VERSION_MAJOR < 2
-     unsigned sasl_mechanism_count;
-+
-+#else
-+    int     sasl_mechanism_count;
-+
-+#endif
-     sasl_security_properties_t sec_props;
-+    char   *server_address;
-+    char   *client_address;
- 
-     /*
-      * Initialize SASL-specific state variables. Use long-lived storage for
-@@ -195,7 +256,25 @@
- #define NO_SECURITY_LAYERS	(0)
- #define NO_SESSION_CALLBACKS	((sasl_callback_t *) 0)
- 
--    if (sasl_server_new("smtp", var_myhostname, var_smtpd_sasl_realm,
-+#if SASL_VERSION_MAJOR >= 2 && defined(USE_SASL_IP_AUTH)
-+
-+    /*
-+     * Get IP addresses of local and remote endpoints for SASL.
-+     */
-+#error "USE_SASL_IP_AUTH is not implemented"
-+
-+#else
-+
-+    /*
-+     * Don't give any IP address information to SASL.  SASLv1 doesn't use it,
-+     * and in SASLv2 this will disable any mechaniams that do.
-+     */
-+    server_address = 0;
-+    client_address = 0;
-+#endif
-+
-+    if (SASL_SERVER_NEW("smtp", var_myhostname, var_smtpd_sasl_realm,
-+			server_address, client_address,
- 			NO_SESSION_CALLBACKS, NO_SECURITY_LAYERS,
- 			&state->sasl_conn) != SASL_OK)
- 	msg_fatal("SASL per-connection server initialization");
-@@ -239,7 +318,10 @@
- void    smtpd_sasl_disconnect(SMTPD_STATE *state)
- {
-     if (state->sasl_mechanism_list) {
-+#if SASL_VERSION_MAJOR < 2
-+	/* SASL version 1 doesn't free memory that it allocates. */
- 	free(state->sasl_mechanism_list);
-+#endif
- 	state->sasl_mechanism_list = 0;
-     }
-     if (state->sasl_conn) {
-@@ -262,11 +344,22 @@
-     unsigned enc_length;
-     unsigned enc_length_out;
-     unsigned reply_len;
--    char   *serverout = 0;
-     unsigned serveroutlen;
-     int     result;
-+
-+#if SASL_VERSION_MAJOR < 2
-+    char   *serverout = 0;
-+
-+#else
-+    const char *serverout = 0;
-+
-+#endif
-+
-+#if SASL_VERSION_MAJOR < 2
-     const char *errstr = 0;
- 
-+#endif
-+
- #define IFELSE(e1,e2,e3) ((e1) ? (e2) : (e3))
- 
-     if (msg_verbose)
-@@ -288,8 +381,8 @@
- 	reply_len = strlen(init_response);
- 	VSTRING_SPACE(state->sasl_decoded, reply_len);
- 	dec_buffer = STR(state->sasl_decoded);
--	if (sasl_decode64(init_response, reply_len,
--			  dec_buffer, &dec_length) != SASL_OK)
-+	if (SASL_DECODE64(init_response, reply_len,
-+			  dec_buffer, reply_len, &dec_length) != SASL_OK)
- 	    return ("501 Authentication failed: malformed initial response");
- 	if (msg_verbose)
- 	    msg_info("%s: decoded initial response %s", myname, dec_buffer);
-@@ -297,7 +390,7 @@
- 	dec_buffer = 0;
- 	dec_length = 0;
-     }
--    result = sasl_server_start(state->sasl_conn, sasl_method, dec_buffer,
-+    result = SASL_SERVER_START(state->sasl_conn, sasl_method, dec_buffer,
- 			    dec_length, &serverout, &serveroutlen, &errstr);
- 
-     /*
-@@ -327,7 +420,10 @@
- 	if (sasl_encode64(serverout, serveroutlen, STR(state->sasl_encoded),
- 			  enc_length, &enc_length_out) != SASL_OK)
- 	    msg_panic("%s: sasl_encode64 botch", myname);
-+#if SASL_VERSION_MAJOR < 2
-+	/* SASL version 1 doesn't free memory that it allocates. */
- 	free(serverout);
-+#endif
- 	serverout = 0;
- 	smtpd_chat_reply(state, "334 %s", STR(state->sasl_encoded));
- 
-@@ -342,21 +438,24 @@
- 	    return ("501 Authentication aborted");	/* XXX */
- 	reply_len = VSTRING_LEN(state->buffer);
- 	VSTRING_SPACE(state->sasl_decoded, reply_len);
--	if (sasl_decode64(vstring_str(state->buffer), reply_len,
--			  STR(state->sasl_decoded), &dec_length) != SASL_OK)
-+	if (SASL_DECODE64(vstring_str(state->buffer), reply_len,
-+			  STR(state->sasl_decoded), reply_len,
-+			  &dec_length) != SASL_OK)
- 	    return ("501 Error: malformed authentication response");
- 	if (msg_verbose)
- 	    msg_info("%s: decoded response: %.*s",
- 		     myname, (int) dec_length, STR(state->sasl_decoded));
--	result = sasl_server_step(state->sasl_conn, STR(state->sasl_decoded),
-+	result = SASL_SERVER_STEP(state->sasl_conn, STR(state->sasl_decoded),
- 			    dec_length, &serverout, &serveroutlen, &errstr);
-     }
- 
-     /*
-      * Cleanup. What an awful interface.
-      */
-+#if SASL_VERSION_MAJOR < 2
-     if (serverout)
- 	free(serverout);
-+#endif
- 
-     /*
-      * The authentication protocol was completed.
-@@ -369,8 +468,13 @@
-      * accounting purposes. For the sake of completeness we also record the
-      * authentication method that was used. XXX Do not free(serverout).
-      */
-+#if SASL_VERSION_MAJOR >= 2
-+    result = sasl_getprop(state->sasl_conn, SASL_USERNAME,
-+			  (const void **) &serverout);
-+#else
-     result = sasl_getprop(state->sasl_conn, SASL_USERNAME,
- 			  (void **) &serverout);
-+#endif
-     if (result != SASL_OK || serverout == 0)
- 	msg_panic("%s: sasl_getprop SASL_USERNAME botch", myname);
-     state->sasl_username = mystrdup(serverout);
diff --git a/net-mail/postfix/files/postfix-2.0.0/main.cf.diff b/net-mail/postfix/files/postfix-2.0.0/main.cf.diff
deleted file mode 100644
index 6b17c288637b..000000000000
--- a/net-mail/postfix/files/postfix-2.0.0/main.cf.diff
+++ /dev/null
@@ -1,75 +0,0 @@
---- ../sample/main.cf	2002-12-23 21:22:16.000000000 +0100
-+++ main.cf	2002-12-23 21:48:47.000000000 +0100
-@@ -365,6 +365,7 @@
- #alias_maps = hash:/etc/aliases
- #alias_maps = hash:/etc/aliases, nis:mail.aliases
- #alias_maps = netinfo:/aliases
-+alias_maps = hash:/etc/mail/aliases
- 
- # The alias_database parameter specifies the alias database(s) that
- # are built with "newaliases" or "sendmail -bi".  This is a separate
-@@ -375,6 +376,7 @@
- #alias_database = dbm:/etc/mail/aliases
- #alias_database = hash:/etc/aliases
- #alias_database = hash:/etc/aliases, hash:/opt/majordomo/aliases
-+alias_database = hash:/etc/mail/aliases
- 
- # ADDRESS EXTENSIONS (e.g., user+foo)
- #
-@@ -396,6 +398,7 @@
- #
- #home_mailbox = Mailbox
- #home_mailbox = Maildir/
-+home_mailbox = .maildir/
-  
- # The mail_spool_directory parameter specifies the directory where
- # UNIX-style mailboxes are kept. The default setting depends on the
-@@ -548,6 +551,8 @@
- 
- #local_destination_concurrency_limit = 2
- #default_destination_concurrency_limit = 10
-+local_destination_concurrency_limit = 2
-+default_destination_concurrency_limit = 10
- 
- # DEBUGGING CONTROL
- #
-@@ -590,32 +595,32 @@
- # sendmail_path: The full pathname of the Postfix sendmail command.
- # This is the Sendmail-compatible mail posting interface.
- # 
--sendmail_path =
-+sendmail_path = /usr/sbin/sendmail
- 
- # newaliases_path: The full pathname of the Postfix newaliases command.
- # This is the Sendmail-compatible command to build alias databases.
- #
--newaliases_path =
-+newaliases_path = /usr/bin/newaliases
- 
- # mailq_path: The full pathname of the Postfix mailq command.  This
- # is the Sendmail-compatible mail queue listing command.
- # 
--mailq_path =
-+mailq_path = /usr/bin/mailq
- 
- # setgid_group: The group for mail submission and queue management
- # commands.  This must be a group name with a numerical group ID that
- # is not shared with other accounts, not even with the Postfix account.
- #
--setgid_group =
-+setgid_group = postdrop
- 
- # manpage_directory: The location of the Postfix on-line manual pages.
- #
--manpage_directory =
-+manpage_directory = /usr/share/man
- 
- # sample_directory: The location of the Postfix sample configuration files.
- #
--sample_directory =
-+sample_directory = /etc/postfix/sample
- 
- # readme_directory: The location of the Postfix README files.
- #
--readme_directory =
-+readme_directory = /usr/share/doc/POSTFIX
diff --git a/net-mail/postfix/files/postfix-2.0.8_patch.patch b/net-mail/postfix/files/postfix-2.0.8_patch.patch
new file mode 100644
index 000000000000..4bf63086e3e6
--- /dev/null
+++ b/net-mail/postfix/files/postfix-2.0.8_patch.patch
@@ -0,0 +1,19 @@
+--- tls+ipv6-1.13-pf-2.0.7.patch	2003-04-16 10:21:26.000000000 -0500
++++ tls+ipv6-1.13-pf-2.0.8.patch	2003-04-16 10:29:21.000000000 -0500
+@@ -10308,7 +10308,7 @@
+  /* match_parse_mask - parse net/mask pattern */
+  
+  static int match_parse_mask(const char *pattern, unsigned long *net_bits,
+-@@ -198,27 +504,55 @@
++@@ -198,28 +504,56 @@
+      return (mask != 0);
+  }
+  
+@@ -10328,6 +10328,7 @@
+      unsigned long mask_bits;
+      unsigned long net_bits;
+      unsigned long addr_bits;
++     struct in_addr net_addr;
+ +#endif
+  
+      if (msg_verbose)