From 3274c3cea9d739f86e84b65664aabb692e37e83f Mon Sep 17 00:00:00 2001
From: Wietse Venema <wietse@porcupine.org>
Date: Sat, 18 May 2019 00:00:00 -0500
Subject: [PATCH] postfix-3.5-20190518

---
 postfix/HISTORY                                 | 16 ++++++++++++++++
 postfix/README_FILES/BASIC_CONFIGURATION_README | 11 ++++++-----
 postfix/README_FILES/MAILLOG_README             |  4 ++--
 postfix/README_FILES/SMTPD_POLICY_README        |  4 ++--
 postfix/RELEASE_NOTES                           |  2 +-
 postfix/html/BASIC_CONFIGURATION_README.html    |  9 +++++----
 postfix/html/MAILLOG_README.html                |  6 +++---
 postfix/html/SMTPD_POLICY_README.html           |  2 +-
 postfix/html/postconf.5.html                    | 15 ++++++++++++++-
 postfix/man/man5/postconf.5                     | 14 +++++++++++++-
 postfix/proto/BASIC_CONFIGURATION_README.html   |  9 +++++----
 postfix/proto/MAILLOG_README.html               |  6 +++---
 postfix/proto/SMTPD_POLICY_README.html          |  2 +-
 postfix/proto/postconf.proto                    | 15 ++++++++++++++-
 postfix/src/dns/dns_lookup.c                    | 11 +++++++++++
 postfix/src/dns/dns_str_resflags.c              | 10 ++++++++++
 postfix/src/global/mail_version.h               |  2 +-
 postfix/src/smtpd/smtpd.c                       | 16 +++++++++++-----
 postfix/src/util/sys_defs.h                     |  6 ++++++
 19 files changed, 125 insertions(+), 35 deletions(-)

diff --git a/postfix/HISTORY b/postfix/HISTORY
index 3824c0c04..90995d74a 100644
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@@ -24257,6 +24257,22 @@ Apologies for any names omitted.
 	and the way that check_client_access will match subnets of
 	an IPv6 address.
 
+20190428
+
+	Cleanup: replace "(whatever *) 0" with meaningfully-named
+	constants. Sheesh. File: smtpd/smtpd.c.
+
+	Documentation: BASIC_CONFIGURATION_README example default
+	setting was not updated after Postfix 3.0 change. File:
+	proto/BASIC_CONFIGURATION_README.html
+
+20190505
+
+	Workaround: uClibc has no res_send. Log a warning if this
+	code path would be used, and ignore dns_ncache_ttl_fix_enable.
+	Files: util/sys_defs.h, dns/dns_lookup.c, TODO: makedefs
+	and INSTALL documentation.
+
 20190516
 
 	Initial search order support for check_ccert_access. The
diff --git a/postfix/README_FILES/BASIC_CONFIGURATION_README b/postfix/README_FILES/BASIC_CONFIGURATION_README
index e8624ec92..cfd885110 100644
--- a/postfix/README_FILES/BASIC_CONFIGURATION_README
+++ b/postfix/README_FILES/BASIC_CONFIGURATION_README
@@ -172,16 +172,17 @@ Postfix can also be configured to relay mail from "mobile" clients that send
 mail from outside an authorized network block. This is explained in the
 SASL_README and TLS_README documents.
 
-IMPORTANT: If your machine is connected to a wide area network then your
-default mynetworks setting may be too friendly.
+IMPORTANT: If your machine is connected to a wide area network then the
+"mynetworks_style = host" setting may be too friendly.
 
 Examples (specify only one of the following):
 
     /etc/postfix/main.cf:
-        mynetworks_style = subnet  (default: authorize subnetworks)
-        mynetworks_style = host    (safe: authorize local machine only)
-        mynetworks = 127.0.0.0/8   (safe: authorize local machine only)
+        mynetworks_style = subnet  (not safe on a wide area network)
+        mynetworks_style = host    (authorize local machine only)
+        mynetworks = 127.0.0.0/8   (authorize local machine only)
         mynetworks = 127.0.0.0/8 168.100.189.2/32 (authorize local machine)
+        mynetworks = 127.0.0.0/8 168.100.189.2/28 (authorize local networks)
 
 You can specify the trusted networks in the main.cf file, or you can let
 Postfix do the work for you. The default is to let Postfix do the work. The
diff --git a/postfix/README_FILES/MAILLOG_README b/postfix/README_FILES/MAILLOG_README
index 518442535..114075984 100644
--- a/postfix/README_FILES/MAILLOG_README
+++ b/postfix/README_FILES/MAILLOG_README
@@ -82,8 +82,8 @@ LLiimmiittaattiioonnss
 
 Background:
 
-  * Postfix consists of a number of daemon programs, and non-daemon programs
-    some of which are used for local mail submission, and some for Postfix
+  * Postfix consists of a number of daemon programs that run in the background,
+    as well as non-daemon programs for local mail submission or Postfix
     management.
 
   * Logging to Postfix logfile or stdout requires the Postfix postlogd(8)
diff --git a/postfix/README_FILES/SMTPD_POLICY_README b/postfix/README_FILES/SMTPD_POLICY_README
index 26a06a153..0c96c760a 100644
--- a/postfix/README_FILES/SMTPD_POLICY_README
+++ b/postfix/README_FILES/SMTPD_POLICY_README
@@ -13,8 +13,8 @@ implemented with only a dozen lines of Perl, as is shown at the end of this
 document. A complete example can be found in the Postfix source code, in the
 directory examples/smtpd-policy.
 
-Another example of policy delegation is the SPF policy server at http://
-www.openspf.org/Software.
+Another example of policy delegation is the SPF policy server at https://
+web.archive.org/web/20190221142057/http://www.openspf.org/Software.
 
 Policy delegation is now the preferred method for adding policies to Postfix.
 It's much easier to develop a new feature in few lines of Perl, Python, Ruby,
diff --git a/postfix/RELEASE_NOTES b/postfix/RELEASE_NOTES
index 7bbae50dd..8dded9175 100644
--- a/postfix/RELEASE_NOTES
+++ b/postfix/RELEASE_NOTES
@@ -25,7 +25,7 @@ more recent Eclipse Public License 2.0. Recipients can choose to take
 the software under the license of their choice. Those who are more
 comfortable with the IPL can continue with that license.
 
-Major changes with snapshot 20190516
+Major changes with snapshot 20190517
 ====================================
 
 Search order support for check_ccert_access. Search order support
diff --git a/postfix/html/BASIC_CONFIGURATION_README.html b/postfix/html/BASIC_CONFIGURATION_README.html
index 79525d1bb..8d760c097 100644
--- a/postfix/html/BASIC_CONFIGURATION_README.html
+++ b/postfix/html/BASIC_CONFIGURATION_README.html
@@ -264,17 +264,18 @@ clients that send mail from outside an authorized network block.
 This is explained in the <a href="SASL_README.html">SASL_README</a> and <a href="TLS_README.html">TLS_README</a> documents. </p>
 
 <p> IMPORTANT: If your machine is connected to a wide area network
-then your default <a href="postconf.5.html#mynetworks">mynetworks</a> setting may be too friendly. </p>
+then the "<a href="postconf.5.html#mynetworks_style">mynetworks_style</a> = host" setting may be too friendly. </p>
 
 <p> Examples (specify only one of the following): </p>
 
 <blockquote>
 <pre>
 /etc/postfix/<a href="postconf.5.html">main.cf</a>:
-    <a href="postconf.5.html#mynetworks_style">mynetworks_style</a> = subnet  (default: authorize subnetworks)
-    <a href="postconf.5.html#mynetworks_style">mynetworks_style</a> = host    (safe: authorize local machine only)
-    <a href="postconf.5.html#mynetworks">mynetworks</a> = 127.0.0.0/8   (safe: authorize local machine only)
+    <a href="postconf.5.html#mynetworks_style">mynetworks_style</a> = subnet  (not safe on a wide area network)
+    <a href="postconf.5.html#mynetworks_style">mynetworks_style</a> = host    (authorize local machine only)
+    <a href="postconf.5.html#mynetworks">mynetworks</a> = 127.0.0.0/8   (authorize local machine only)
     <a href="postconf.5.html#mynetworks">mynetworks</a> = 127.0.0.0/8 168.100.189.2/32 (authorize local machine) 
+    <a href="postconf.5.html#mynetworks">mynetworks</a> = 127.0.0.0/8 168.100.189.2/28 (authorize local networks) 
 </pre>
 </blockquote>
 
diff --git a/postfix/html/MAILLOG_README.html b/postfix/html/MAILLOG_README.html
index b1f97022d..0b9f250b3 100644
--- a/postfix/html/MAILLOG_README.html
+++ b/postfix/html/MAILLOG_README.html
@@ -142,9 +142,9 @@ the /dev directory, such as /dev/stdout. </p>
 
 <ul>
 
-<li> <p> Postfix consists of a number of daemon programs, and
-non-daemon programs some of which are used for local mail submission,
-and some for Postfix management.
+<li> <p> Postfix consists of a number of daemon programs that run
+in the background, as well as non-daemon programs for local mail
+submission or Postfix management.
 
 <li> <p> Logging to Postfix logfile or stdout requires the Postfix
 <a href="postlogd.8.html">postlogd(8)</a> service. This ensures that simultaneous logging from
diff --git a/postfix/html/SMTPD_POLICY_README.html b/postfix/html/SMTPD_POLICY_README.html
index 44ebf0a28..da57bc566 100644
--- a/postfix/html/SMTPD_POLICY_README.html
+++ b/postfix/html/SMTPD_POLICY_README.html
@@ -31,7 +31,7 @@ can be found in the Postfix source code, in the directory
 examples/smtpd-policy. </p>
 
 <p> Another example of policy delegation is the SPF policy server
-at <a href="http://www.openspf.org/Software">http://www.openspf.org/Software</a>.  </p>
+at https://web.archive.org/web/20190221142057/<a href="http://www.openspf.org/Software">http://www.openspf.org/Software</a>.  </p>
 
 <p> Policy delegation is now the preferred method for adding policies
 to Postfix. It's much easier to develop a new feature in few lines
diff --git a/postfix/html/postconf.5.html b/postfix/html/postconf.5.html
index 6d2044d93..33840234a 100644
--- a/postfix/html/postconf.5.html
+++ b/postfix/html/postconf.5.html
@@ -14184,7 +14184,8 @@ client network address information.
 
 <dt><b><a name="check_ccert_access">check_ccert_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
 
-<dd> Use the remote SMTP client certificate fingerprint or the public key
+<dd> By default use the remote SMTP client certificate fingerprint
+or the public key
 fingerprint (Postfix 2.9 and later) as lookup key for the specified
 <a href="access.5.html">access(5)</a> database; with Postfix version 2.2, also require that the
 remote SMTP client certificate is verified successfully.
@@ -14193,6 +14194,18 @@ The fingerprint digest algorithm is configurable via the
 Postfix version 2.5).  This feature is available with Postfix version
 2.2 and later. </dd>
 
+<br>
+
+<dd> Alternatively, <a href="postconf.5.html#check_ccert_access">check_ccert_access</a> accepts an explicit search
+order (Postfix 3.5 and later). The default search order as described
+above corresponds with: </dd>
+
+<dd> <a href="postconf.5.html#check_ccert_access">check_ccert_access</a> { <a href="DATABASE_README.html">type:table</a> { search_order = cert_fingerprint,
+pubkey_fingerprint } } </dd>
+
+<dd> Other valid search_order elements are "subject" (the certificate
+subject DN) and "issuer" (the certificate issuer DN). </dd>
+
 <dt><b><a name="check_client_access">check_client_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
 
 <dd>Search the specified access database for the client hostname,
diff --git a/postfix/man/man5/postconf.5 b/postfix/man/man5/postconf.5
index db745eaf5..4093ad0b6 100644
--- a/postfix/man/man5/postconf.5
+++ b/postfix/man/man5/postconf.5
@@ -9466,7 +9466,8 @@ restriction that matches wins.
 The following restrictions are specific to client hostname or
 client network address information.
 .IP "\fBcheck_ccert_access \fItype:table\fR\fR"
-Use the remote SMTP client certificate fingerprint or the public key
+By default use the remote SMTP client certificate fingerprint
+or the public key
 fingerprint (Postfix 2.9 and later) as lookup key for the specified
 \fBaccess\fR(5) database; with Postfix version 2.2, also require that the
 remote SMTP client certificate is verified successfully.
@@ -9475,6 +9476,17 @@ smtpd_tls_fingerprint_digest parameter (hard\-coded as md5 prior to
 Postfix version 2.5).  This feature is available with Postfix version
 2.2 and later.
 .br
+.br
+Alternatively, check_ccert_access accepts an explicit search
+order (Postfix 3.5 and later). The default search order as described
+above corresponds with:
+.br
+check_ccert_access { type:table { search_order = cert_fingerprint,
+pubkey_fingerprint } }
+.br
+Other valid search_order elements are "subject" (the certificate
+subject DN) and "issuer" (the certificate issuer DN).
+.br
 .IP "\fBcheck_client_access \fItype:table\fR\fR"
 Search the specified access database for the client hostname,
 parent domains, client IP address, or networks obtained by stripping
diff --git a/postfix/proto/BASIC_CONFIGURATION_README.html b/postfix/proto/BASIC_CONFIGURATION_README.html
index 80cf6d267..f8d94b02c 100644
--- a/postfix/proto/BASIC_CONFIGURATION_README.html
+++ b/postfix/proto/BASIC_CONFIGURATION_README.html
@@ -264,17 +264,18 @@ clients that send mail from outside an authorized network block.
 This is explained in the SASL_README and TLS_README documents. </p>
 
 <p> IMPORTANT: If your machine is connected to a wide area network
-then your default mynetworks setting may be too friendly. </p>
+then the "mynetworks_style = host" setting may be too friendly. </p>
 
 <p> Examples (specify only one of the following): </p>
 
 <blockquote>
 <pre>
 /etc/postfix/main.cf:
-    mynetworks_style = subnet  (default: authorize subnetworks)
-    mynetworks_style = host    (safe: authorize local machine only)
-    mynetworks = 127.0.0.0/8   (safe: authorize local machine only)
+    mynetworks_style = subnet  (not safe on a wide area network)
+    mynetworks_style = host    (authorize local machine only)
+    mynetworks = 127.0.0.0/8   (authorize local machine only)
     mynetworks = 127.0.0.0/8 168.100.189.2/32 (authorize local machine) 
+    mynetworks = 127.0.0.0/8 168.100.189.2/28 (authorize local networks) 
 </pre>
 </blockquote>
 
diff --git a/postfix/proto/MAILLOG_README.html b/postfix/proto/MAILLOG_README.html
index 5fad103c5..9804983a7 100644
--- a/postfix/proto/MAILLOG_README.html
+++ b/postfix/proto/MAILLOG_README.html
@@ -142,9 +142,9 @@ the /dev directory, such as /dev/stdout. </p>
 
 <ul>
 
-<li> <p> Postfix consists of a number of daemon programs, and
-non-daemon programs some of which are used for local mail submission,
-and some for Postfix management.
+<li> <p> Postfix consists of a number of daemon programs that run
+in the background, as well as non-daemon programs for local mail
+submission or Postfix management.
 
 <li> <p> Logging to Postfix logfile or stdout requires the Postfix
 postlogd(8) service. This ensures that simultaneous logging from
diff --git a/postfix/proto/SMTPD_POLICY_README.html b/postfix/proto/SMTPD_POLICY_README.html
index 99225ecc5..e2554b217 100644
--- a/postfix/proto/SMTPD_POLICY_README.html
+++ b/postfix/proto/SMTPD_POLICY_README.html
@@ -31,7 +31,7 @@ can be found in the Postfix source code, in the directory
 examples/smtpd-policy. </p>
 
 <p> Another example of policy delegation is the SPF policy server
-at http://www.openspf.org/Software.  </p>
+at https://web.archive.org/web/20190221142057/http://www.openspf.org/Software.  </p>
 
 <p> Policy delegation is now the preferred method for adding policies
 to Postfix. It's much easier to develop a new feature in few lines
diff --git a/postfix/proto/postconf.proto b/postfix/proto/postconf.proto
index 9851adb77..24291cc4d 100644
--- a/postfix/proto/postconf.proto
+++ b/postfix/proto/postconf.proto
@@ -5099,7 +5099,8 @@ client network address information.
 
 <dt><b><a name="check_ccert_access">check_ccert_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
 
-<dd> Use the remote SMTP client certificate fingerprint or the public key
+<dd> By default use the remote SMTP client certificate fingerprint
+or the public key
 fingerprint (Postfix 2.9 and later) as lookup key for the specified
 access(5) database; with Postfix version 2.2, also require that the
 remote SMTP client certificate is verified successfully.
@@ -5108,6 +5109,18 @@ smtpd_tls_fingerprint_digest parameter (hard-coded as md5 prior to
 Postfix version 2.5).  This feature is available with Postfix version
 2.2 and later. </dd>
 
+<br>
+
+<dd> Alternatively, check_ccert_access accepts an explicit search
+order (Postfix 3.5 and later). The default search order as described
+above corresponds with: </dd>
+
+<dd> check_ccert_access { type:table { search_order = cert_fingerprint,
+pubkey_fingerprint } } </dd>
+
+<dd> Other valid search_order elements are "subject" (the certificate
+subject DN) and "issuer" (the certificate issuer DN). </dd>
+
 <dt><b><a name="check_client_access">check_client_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
 
 <dd>Search the specified access database for the client hostname,
diff --git a/postfix/src/dns/dns_lookup.c b/postfix/src/dns/dns_lookup.c
index 1ea98b387..ae0ddadd7 100644
--- a/postfix/src/dns/dns_lookup.c
+++ b/postfix/src/dns/dns_lookup.c
@@ -305,6 +305,7 @@ typedef struct DNS_REPLY {
   * information, but that will have to wait until it is safe to make
   * libunbound a mandatory dependency for Postfix.
   */
+#ifdef HAVE_RES_SEND
 
 /* dns_res_query - a res_query() clone that can return negative replies */
 
@@ -371,6 +372,8 @@ static int dns_res_query(const char *name, int class, int type,
     }
 }
 
+#endif
+
 /* dns_res_search - res_search() that can return negative replies */
 
 static int dns_res_search(const char *name, int class, int type,
@@ -474,8 +477,16 @@ static int dns_query(const char *name, int type, unsigned flags,
 	_res.options &= ~saved_options;
 	_res.options |= flags;
 	if (keep_notfound && var_dns_ncache_ttl_fix) {
+#ifdef HAVE_RES_SEND
 	    len = dns_res_query((char *) name, C_IN, type, reply->buf,
 				reply->buf_len);
+#else
+	    var_dns_ncache_ttl_fix = 0;
+	    msg_warn("system library does not support %s=yes"
+		     " -- ignoring this setting", VAR_DNS_NCACHE_TTL_FIX);
+	    len = dns_res_search((char *) name, C_IN, type, reply->buf,
+				 reply->buf_len, keep_notfound);
+#endif
 	} else {
 	    len = dns_res_search((char *) name, C_IN, type, reply->buf,
 				 reply->buf_len, keep_notfound);
diff --git a/postfix/src/dns/dns_str_resflags.c b/postfix/src/dns/dns_str_resflags.c
index 5f2cce5e0..472394c3a 100644
--- a/postfix/src/dns/dns_str_resflags.c
+++ b/postfix/src/dns/dns_str_resflags.c
@@ -52,18 +52,28 @@
 static const LONG_NAME_MASK resflag_table[] = {
     "RES_INIT", RES_INIT,
     "RES_DEBUG", RES_DEBUG,
+#ifdef RES_AAONLY
     "RES_AAONLY", RES_AAONLY,
+#endif
     "RES_USEVC", RES_USEVC,
+#ifdef RES_PRIMARY
     "RES_PRIMARY", RES_PRIMARY,
+#endif
     "RES_IGNTC", RES_IGNTC,
     "RES_RECURSE", RES_RECURSE,
     "RES_DEFNAMES", RES_DEFNAMES,
     "RES_STAYOPEN", RES_STAYOPEN,
     "RES_DNSRCH", RES_DNSRCH,
+#ifdef RES_INSECURE1
     "RES_INSECURE1", RES_INSECURE1,
+#endif
+#ifdef RES_INSECURE2
     "RES_INSECURE2", RES_INSECURE2,
+#endif
     "RES_NOALIASES", RES_NOALIASES,
+#ifdef RES_USE_INET6
     "RES_USE_INET6", RES_USE_INET6,
+#endif
 #ifdef RES_ROTATE
     "RES_ROTATE", RES_ROTATE,
 #endif
diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h
index 2ee3546c5..713ba8ec8 100644
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -20,7 +20,7 @@
   * Patches change both the patchlevel and the release date. Snapshots have no
   * patchlevel; they change the release date only.
   */
-#define MAIL_RELEASE_DATE	"20190517"
+#define MAIL_RELEASE_DATE	"20190518"
 #define MAIL_VERSION_NUMBER	"3.5"
 
 #ifdef SNAPSHOT
diff --git a/postfix/src/smtpd/smtpd.c b/postfix/src/smtpd/smtpd.c
index 954d09ac6..3eaf905c8 100644
--- a/postfix/src/smtpd/smtpd.c
+++ b/postfix/src/smtpd/smtpd.c
@@ -4464,7 +4464,8 @@ static int xclient_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv)
 	    } else {
 		neuter(attr_value, NEUTER_CHARACTERS, '?');
 		if (normalize_mailhost_addr(attr_value, &state->rfc_addr,
-				   &state->addr, &state->addr_family) < 0) {
+					    &state->addr,
+					    &state->addr_family) < 0) {
 		    state->error_mask |= MAIL_ERROR_PROTOCOL;
 		    smtpd_chat_reply(state, "501 5.5.4 Bad %s syntax: %s",
 				     XCLIENT_ADDR, attr_value);
@@ -4549,9 +4550,12 @@ static int xclient_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv)
 		attr_value = SERVER_ADDR_UNKNOWN;
 		UPDATE_STR(state->dest_addr, attr_value);
 	    } else {
+#define NO_NORM_RFC_ADDR		((char **) 0)
+#define NO_NORM_ADDR_FAMILY	((int *) 0)
 		neuter(attr_value, NEUTER_CHARACTERS, '?');
-		if (normalize_mailhost_addr(attr_value, (char **) 0,
-					&state->dest_addr, (int *) 0) < 0) {
+		if (normalize_mailhost_addr(attr_value, NO_NORM_RFC_ADDR,
+					    &state->dest_addr,
+					    NO_NORM_ADDR_FAMILY) < 0) {
 		    state->error_mask |= MAIL_ERROR_PROTOCOL;
 		    smtpd_chat_reply(state, "501 5.5.4 Bad %s syntax: %s",
 				     XCLIENT_DESTADDR, attr_value);
@@ -4785,8 +4789,10 @@ static int xforward_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv)
 		UPDATE_STR(state->xforward.addr, attr_value);
 	    } else {
 		neuter(attr_value, NEUTER_CHARACTERS, '?');
-		if (normalize_mailhost_addr(attr_value, &state->xforward.rfc_addr,
-				    &state->xforward.addr, (int *) 0) < 0) {
+		if (normalize_mailhost_addr(attr_value,
+					    &state->xforward.rfc_addr,
+					    &state->xforward.addr,
+					    NO_NORM_ADDR_FAMILY) < 0) {
 		    state->error_mask |= MAIL_ERROR_PROTOCOL;
 		    smtpd_chat_reply(state, "501 5.5.4 Bad %s syntax: %s",
 				     XFORWARD_ADDR, attr_value);
diff --git a/postfix/src/util/sys_defs.h b/postfix/src/util/sys_defs.h
index 39daa16d0..1385acace 100644
--- a/postfix/src/util/sys_defs.h
+++ b/postfix/src/util/sys_defs.h
@@ -1315,6 +1315,12 @@ extern int dup2_pass_on_exec(int oldd, int newd);
 #endif
 #define OPTIND  (optind > 0 ? optind : 1)
 
+#if !defined(__UCLIBC__) && !defined(NO_RES_SEND)
+#define HAVE_RES_SEND
+#else
+#undef HAVE_RES_SEND
+#endif
+
  /*
   * Check for required but missing definitions.
   */
-- 
2.47.3