From cf30ec4ef33e5f5a8caee6d587a00cdfe6912ed7 Mon Sep 17 00:00:00 2001
From: Wietse Venema <wietse@porcupine.org>
Date: Sat, 10 Nov 2018 00:00:00 -0500
Subject: [PATCH] postfix-3.0.14-RC2

---
 postfix/HISTORY                   | 306 +++++++++++++++---------------
 postfix/html/postconf.5.html      |  12 +-
 postfix/man/man5/postconf.5       |  12 +-
 postfix/proto/postconf.proto      |  12 +-
 postfix/src/global/mail_version.h |   4 +-
 postfix/src/tls/tls_dh.c          | 124 +++++++-----
 6 files changed, 257 insertions(+), 213 deletions(-)

diff --git a/postfix/HISTORY b/postfix/HISTORY
index 2d943dc8a..7f0e6d2b5 100644
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@@ -4450,7 +4450,7 @@ Apologies for any names omitted.
 20001109
 
 	Cleanup: changed prototype of internal function that did
-	not return a useful result. Fileutil/vstream_popen.c.
+	not return a useful result. File: src/util/vstream_popen.c.
 
 20001110
 
@@ -5253,7 +5253,7 @@ Apologies for any names omitted.
 
 	Safety: postdrop turns off interrupts when cleaning up
 	after interrupt. The additional safety does not hurt anyone.
-	Filepostdrop/postdrop.c.
+	File: src/postdrop/postdrop.c.
 
 20010607
 
@@ -5581,7 +5581,7 @@ Apologies for any names omitted.
 20011105
 
 	Bugfix: missing terminator in new attribute-based function
-	call caused signal 11. Filecleanup/cleanup.c.
+	call caused signal 11. File: src/cleanup/cleanup.c.
 
 	Lame workaround for ESTALE errors with mail delivery over
 	NFS. Additional bandages were added to the local delivery
@@ -5750,7 +5750,7 @@ Apologies for any names omitted.
 
 	Maintenance: LDAP module and documentation from LaMont
 	Jones.  This version adds verbose logging for LDAP library
-	routines. Filesutil/dict_ldap.[hc], LDAP_README,
+	routines. Files: src/util/dict_ldap.[hc], LDAP_README,
 	conf/sample-ldap.cf
 
 	Portability: made memory alignment restrictions configurable.
@@ -6606,7 +6606,7 @@ Apologies for any names omitted.
 
 	Weird feature: sender-based routing. This will become more
 	useful once per-address transport map entries are done.
-	File:*qmgr/qmgr_message.c.
+	File:  src/*qmgr/qmgr_message.c.
 
 20020605
 
@@ -7473,7 +7473,7 @@ Apologies for any names omitted.
 
 	Feature: recipient address verification, using the code
 	that already implements sender address verification.  Based
-	on suggestion by Matthias Andree.  Filessmtpd/smtpd.c,
+	on suggestion by Matthias Andree.  Files: src/smtpd/smtpd.c,
 	src/smtpd/smtpd_check.c.
 
 20021211
@@ -8086,7 +8086,7 @@ Apologies for any names omitted.
 	Cleanup: future time stamps in Received: headers and negative
 	delays in delivery agent logging after "postdrop -r",
 	because deferred queue files had future file modification
-	times.  File:postsuper/postsuper.c.
+	times.  File:  src/postsuper/postsuper.c.
 
 20030521
 
@@ -9139,7 +9139,7 @@ Apologies for any names omitted.
 20040201
 
 	Feature: sasl_method, sasl_username and sasl_sender attributes
-	in smtpd policy queries. Filessmtpd/smtpd_check.c.
+	in smtpd policy queries. Files: src/smtpd/smtpd_check.c.
 
 20040204
 
@@ -9254,7 +9254,7 @@ Apologies for any names omitted.
 
 	Future proofing: client_rate_time_unit is renamed to
 	anvil_rate_time_unit, so that it is no longer limited to
-	clients only. Fileglobal/mail_params.h.
+	clients only. File: src/global/mail_params.h.
 
 	Cleanup: postalias and postmap now log problems to syslogd.
 	Files: postalias/postalias.c, postmap/postmap.c.
@@ -10322,7 +10322,7 @@ Apologies for any names omitted.
 	Feature: new smtpd policy attributes ccert_subject,
 	ccert_issuer and ccert_fingerprint, with TLS client
 	certificate information, but only when verification was
-	successful.  Files:smtpd/smtpd_check.c.
+	successful.  Files:  src/smtpd/smtpd_check.c.
 
 	Cleanup: corrected the address verification data flow in
 	the ADDRESS_VERIFICATION_README illustration.
@@ -10467,7 +10467,7 @@ Apologies for any names omitted.
 	valid command syntax. Instead they require "improved" syntax
 	that is not valid on several other systems that Postfix
 	builds on.  So we have to stop using the tail command.
-	Files: Makefile.in*/Makefile.in.
+	Files: Makefile.in, src/*/Makefile.in.
 
 20050312
 
@@ -10608,8 +10608,8 @@ Apologies for any names omitted.
 
 	Safety: SASL 2.1.19 has a version lookup routine that we
 	can use to detect compile time / run time version mis-matches
-	(also known as DLL hell).  Filessmtpd/smtpd_sasl_glue.c,
-	src/smtp/smtp_sasl_glue.clmtp/lmtp_sasl_glue.c.
+	(also known as DLL hell).  Files: src/smtpd/smtpd_sasl_glue.c,
+	src/smtp/smtp_sasl_glue.c, src/lmtp/lmtp_sasl_glue.c.
 
 20050404
 
@@ -10662,7 +10662,7 @@ Apologies for any names omitted.
 	if you feel brave. File: util/sys_defs.h.
 
 	Robustness: re-compile all object files after the "make
-	makefiles" options have changed. Files*/Makefile.in.
+	makefiles" options have changed. Files: src/*/Makefile.in.
 
 	Tweaking: reply with 5.3.4 when the message size exceeds
 	the mail system message_size_limit, instead of 5.2.3 which
@@ -10700,8 +10700,8 @@ Apologies for any names omitted.
 	for some destination. Files: util/argv.c, smtp/smtp_connect.c.
 
 	Cleanup: extra dsn_vstring_update_dsn() routine to shut up
-	GCC complaints about valid code. Filesglobal/dsn_util.c,
-	src/global/mbox_open.clmtp/lmtp_addr.c, src/smtp/smtp_addr.c,
+	GCC complaints about valid code. Files: src/global/dsn_util.c,
+	src/global/mbox_open.c, src/lmtp/lmtp_addr.c, src/smtp/smtp_addr.c,
 	src/smtp/smtp_connect.c.
 
 20050429
@@ -11956,7 +11956,7 @@ Apologies for any names omitted.
 	Cleanup: regression tests are now separated into "make
 	tests" for unprivileged tests, and "make root_tests" for
 	tests that require privileges to connect to the Postfix
-	internal sockets. Files Makefile.in*/Makefile.in.
+	internal sockets. Files Makefile.in, src/*/Makefile.in.
 
 20060201
 
@@ -12082,7 +12082,7 @@ Apologies for any names omitted.
 
 	Bugfix: cut-and-paste error: lmtp_connection_cache_limit
 	was left with the name of smtp_connection_cache_limit.
-	Reported by Victor? Fileglobal/mail_params.h.
+	Reported by Victor? File: src/global/mail_params.h.
 
 20060329
 
@@ -12176,8 +12176,8 @@ Apologies for any names omitted.
 	lines of library support, comments not included.  
 
 	A simple test Milter application for use in regression tests
-	is imilter/test-milter.c. Queue file modifications are
-	tested with a driver at the encleanup/cleanup_milter.c
+	is in src/milter/test-milter.c. Queue file modifications are
+	tested with a driver at the end src/cleanup/cleanup_milter.c
 	that reads commands from a script.
 
 	To make debugging easier, uncomment the "#define msg_verbose
@@ -12467,7 +12467,7 @@ Apologies for any names omitted.
 20060707
 
 	Workaround: apparently, Solaris gettimeofday() can return
-	out-of range microsecond values.  Fileglobal/log_adhoc.c.
+	out-of range microsecond values.  File: src/global/log_adhoc.c.
 
 	Robustness: the SMTPD policy client now encodes the
 	ccert_subject and ccert-issuer attributes as xtext.  Some
@@ -12545,7 +12545,7 @@ Apologies for any names omitted.
 	client enforced Mandatory TLS only when talking to an ESMTP
 	server; enforcement did not happen if Postfix could somehow
 	be forced to send HELO instead of EHLO.  Victor Duchovni.
-	Filesmtp/smtp_proto.c.
+	File: src/smtp/smtp_proto.c.
 
 20060718
 
@@ -13262,9 +13262,9 @@ Apologies for any names omitted.
 	SunOS 5.10's bundled OpenSSL 0.9.7 and AES 256. Also possible
 	with OpenSSL 0.9.8 and CAMELLIA 256. Root cause fixed in
 	upcoming OpenSSL 0.9.7m, 0.9.8e and 0.9.9 releases. Victor
-	Duchovni, Morgan Stanley. Filessmtp/smtp_proto.c,
-	src/smtpd/smtpd.ctls/tls.h, src/tls/tls_client.c,
-	src/tls/tls_misc.c antls/tls_server.c.
+	Duchovni, Morgan Stanley. Files: src/smtp/smtp_proto.c,
+	src/smtpd/smtpd.c, src/tls/tls.h, src/tls/tls_client.c,
+	src/tls/tls_misc.c and src/tls/tls_server.c.
 
 20070222
 
@@ -13349,13 +13349,13 @@ Apologies for any names omitted.
 	Bitrot: New OpenLDAP APIs deprecate simplified interfaces,
 	that are the only ones available in Sun's LDAP SDK. Define
 	suitable macros that work with new OpenLDAP and Sun's code.
-	Victor Duchovni, Morgan Stanley. Fileglobal/dict_ldap.c
+	Victor Duchovni, Morgan Stanley. File: src/global/dict_ldap.c
 
 	Cleanup: new "leaf" and "terminal" result attributes support
 	fine-tuning of LDAP group expansion, and provide a solution
 	for the problem case where DN recursion returns both the
 	group address and the addresses of the member objects.
-	Victor Duchovni, Morgan Stanley.  Filesglobal/dict_ldap.c,
+	Victor Duchovni, Morgan Stanley.  Files: src/global/dict_ldap.c,
 	proto/LDAP_README.html, proto/ldap_table
 
 20070317
@@ -13364,7 +13364,7 @@ Apologies for any names omitted.
 	core dump file with "mail_version=xxxxx". Adding version
 	stamps and checks to every IPC message is too much change
 	after code freeze, and requires too much time for testing.
-	Fileglobal/mail_version.h and every main program file.
+	File: src/global/mail_version.h and every main program file.
 
 20070320
 
@@ -13533,7 +13533,7 @@ Apologies for any names omitted.
 20070508
 
 	Bugfix: Content-Transfer-Encoding: attribute values are
-	case insensitive. Filecleanup/cleanup_message.c.
+	case insensitive. File: src/cleanup/cleanup_message.c.
 
 20070514
 
@@ -14057,31 +14057,31 @@ Apologies for any names omitted.
 	mechanics of cipher management internal to the library. The
 	main.cf parameters used internally in the library are now
 	loaded by the library, not the caller. Files:
-	src/smtp/lmtp_params.csmtp/smtp.c, src/smtp/smtp.h,
-	src/smtp/smtp_params.csmtp/smtp_proto.c,
-	src/smtp/smtp_session.csmtpd/smtpd.c, src/tls/tls.h,
-	src/tls/tls_client.ctls/tls_level.c, src/tls/tls_misc.c,
-	src/tls/tls_server.ctls/tls_session.c, src/tls/tls_verify.c
-	antlsmgr/tlsmgr.c
+	src/smtp/lmtp_params.c, src/smtp/smtp.c, src/smtp/smtp.h,
+	src/smtp/smtp_params.c, src/smtp/smtp_proto.c,
+	src/smtp/smtp_session.c, src/smtpd/smtpd.c, src/tls/tls.h,
+	src/tls/tls_client.c, src/tls/tls_level.c, src/tls/tls_misc.c,
+	src/tls/tls_server.c, src/tls/tls_session.c, src/tls/tls_verify.c
+	and src/tlsmgr/tlsmgr.c
 
 	Cleanup: Client session lookup key "salting" is now handled
-	internally in the tls library. Filestls/tls_client.c
+	internally in the tls library. Files: src/tls/tls_client.c
 
 	Cleanup: Cipher state is cached, and only updated when
-	necessary.  Filestls/tls_misc.c
+	necessary.  Files: src/tls/tls_misc.c
 
 	Feature: Extended the syntax of protocol selection to allow
-	exclusions as well as inclusions. Filestls/tls_misc.c
+	exclusions as well as inclusions. Files: src/tls/tls_misc.c
 
 	Cleanup: Updated default verification depth to match reality:
 	default is 9 in OpenSSL and we don't yet override it.  When
 	we do (soon), the default will match previous behavior.
-	Filesglobal/mail_params.h
+	Files: src/global/mail_params.h
 
 	Bugfix: Reference to obsolete "pfixtls" code won't compile
 	inside #ifdef for OpenSSL <= 0.9.5a. Using an OpenSSL release
 	that old has not been tested for some time, but may now
-	work. Filestls/tls_bio_ops.c.
+	work. Files: src/tls/tls_bio_ops.c.
 
 	Replaced "void *" TLS library application handles by explicit
 	pointer types, while hiding data structure implementation
@@ -14143,7 +14143,7 @@ Apologies for any names omitted.
 	SMTP client fingerprint security level support and configurable
 	fingerprint digest algorithm. Victor Duchovni. Files:
 	smtp/lmtp_params.c, smtp/smtp.c, smtp/smtp.h,
-	src/smtp/smtp_params.csmtp/smtp_proto.c,
+	src/smtp/smtp_params.c, src/smtp/smtp_proto.c,
 	src/smtp/smtp_session.c, tls/tls_client.c, tls/tls_level.c,
 	tls/tls_verify.c.
 
@@ -14162,13 +14162,13 @@ Apologies for any names omitted.
 	limit parameters. Prior to Postfix 2.5 these were ignored.
 	For backwards compatibility, the default verification depth
 	limit is now 9, the OpenSSL default. Victor Duchovni. Files:
-	src/tls/tls_client.ctls/tls_server.c, src/tls/tls_verify.c.
+	src/tls/tls_client.c, src/tls/tls_server.c, src/tls/tls_verify.c.
 
 	Robustness: Avoid possibility of NULL pointer issues in
 	application code that checks certificate names, by providing
 	"empty string" values when no data is available.  Victor
-	Duchovni.  Filestls/tls_verify.c, src/tls/tls_client.c,
-	src/tls/tls_server.csmtpd/smtpd_check.c, src/smtpd/smtpd.c.
+	Duchovni.  Files: src/tls/tls_verify.c, src/tls/tls_client.c,
+	src/tls/tls_server.c, src/smtpd/smtpd_check.c, src/smtpd/smtpd.c.
 
 	Cleanup: separation of TLS handshake from security level
 	enforcement. The library shakes hands; the application
@@ -14317,7 +14317,7 @@ Apologies for any names omitted.
 20080207
 
 	Cleanup: soft_bounce support for multi-line Milter replies.
-	Filemilter/milter8.c.
+	File: src/milter/milter8.c.
 
 	Cleanup: preserve multi-line format of header/body Milter
 	replies. Files: cleanup/cleanup_milter.c, smtpd/smtpd.c.
@@ -14369,7 +14369,7 @@ Apologies for any names omitted.
 
 	Safety: the SMTP server's Dovecot authentication client now
 	enforces the SASL mechanism output filter also on client
-	command input. Filexsasl/xsasl_dovecot_server.c.
+	command input. File: src/xsasl/xsasl_dovecot_server.c.
 
 20080311
 
@@ -14428,7 +14428,7 @@ Apologies for any names omitted.
 	reject message.  Parameters: unverified_recipient_defer_code,
 	unverified_recipient_reject_reason, unverified_sender_defer_code,
 	unverified_sender_reject_reason. If I don't do this properly,
-	then someone will do it anyway. Filesmtpd/smtpd_check.c.
+	then someone will do it anyway. File: src/smtpd/smtpd_check.c.
 
 20080428
 
@@ -14988,7 +14988,7 @@ Apologies for any names omitted.
 
 	Fine tuning: don't enforce smtpd_junk_command_limit for
 	XCLIENT and XFORWARD commands.  These commands can be issued
-	only by authorized clients. Filesmtpd/smtpd.c.
+	only by authorized clients. File: src/smtpd/smtpd.c.
 
 20090215
 
@@ -15329,7 +15329,7 @@ Apologies for any names omitted.
 	the results in a later non-production version. To enable
 	DNSBL lookups, specify "postscreen_dnsbl_sites = name,
 	name, etc". and restart postscreen(8) with "postfix reload".
-	Filednsblog/dnblog.c.
+	File: src/dnsblog/dnblog.c.
 
 20090618
 
@@ -16282,7 +16282,7 @@ Apologies for any names omitted.
 	Feature: with "tls_preempt_cipherlist = yes" the Postfix
 	SMTP server will preempt the remote SMTP client's cipher
 	preference order. This requires OpenSSL 0.9.7 and later.
-	Victor Duchovni. Filessmtpd/smtpd.c, src/tls/tls_server.c,
+	Victor Duchovni. Files: src/smtpd/smtpd.c, src/tls/tls_server.c,
 	proto/TLS_README.html, proto/postconf.proto.
 
 	Future proofing: specify "tls_disable_workarounds = a list
@@ -16299,8 +16299,8 @@ Apologies for any names omitted.
 
 	Cleanup: sanitized the name_mask API so that errors will be
 	ignored only upon explicit request. Files: util/name_mask.[hc],
-	src/global/ehlo_mask.csmtp/smtp_proto.c,
-	src/util/name_mask.cxsasl/xsasl_dovecot_server.c.
+	src/global/ehlo_mask.c, src/smtp/smtp_proto.c,
+	src/util/name_mask.c, src/xsasl/xsasl_dovecot_server.c.
 
 	Cleanup: more TLS overhead horrors for the SMTP client's
 	PIPELINING engine. Wietse and Victor. File: smtp/smtp_proto.c.
@@ -16672,22 +16672,22 @@ Apologies for any names omitted.
 	KNOWN (we actually have an owner UID). With most tables,
 	the owner UID is the file owner UID. With LDAP and *SQL,
 	the owner UID is the Postfix configuration file owner.
-	Filesutil/dict_unix.c src/util/dict_thash.c
-	src/util/dict_static.util/dict_sdbm.c src/util/dict_regexp.c
-	src/util/dict_pcre.util/dict_nisplus.c src/util/dict_nis.c
-	src/util/dict_ni.util/dict_ht.c src/util/dict_env.c
-	src/util/dict_dbm.util/dict_db.c src/util/dict_cidr.c
-	src/util/dict_cdb.util/dict_alloc.c src/util/dict.h
-	src/util/dict.local/alias.c src/global/dict_sqlite.c
-	src/global/dict_pgsql.global/dict_mysql.c
-	src/global/dict_ldap.global/cfg_parser.h
+	Files: src/util/dict_unix.c src/util/dict_thash.c
+	src/util/dict_static.c src/util/dict_sdbm.c src/util/dict_regexp.c
+	src/util/dict_pcre.c src/util/dict_nisplus.c src/util/dict_nis.c
+	src/util/dict_ni.c src/util/dict_ht.c src/util/dict_env.c
+	src/util/dict_dbm.c src/util/dict_db.c src/util/dict_cidr.c
+	src/util/dict_cdb.c src/util/dict_alloc.c src/util/dict.h
+	src/util/dict.c src/local/alias.c src/global/dict_sqlite.c
+	src/global/dict_pgsql.c src/global/dict_mysql.c
+	src/global/dict_ldap.c src/global/cfg_parser.h
 	src/global/cfg_parser.c.
 
 20110311
 
 	Feature: Base 32 encoder/decoder per RFC 4648. This code
 	was going to be used for long queue IDs, but plans were
-	changed. Filesutil/base32_code.[hc].
+	changed. Files: src/util/base32_code.[hc].
 
 20110313
 
@@ -17279,11 +17279,11 @@ Apologies for any names omitted.
 	replaces the Postfix library but not the program (someone
 	experienced this with an extra copy of the Postfix SMTP
 	server).  Files: global/mail_version.[hc], master/*server.c,
-	master/master.cpostalias/postalias.c,
-	src/postdrop/postdrop.cpostfix/postfix.c,
-	src/postlog/postlog.cpostmap/postmap.c,
-	src/postmulti/postmulti.cpostqueue/postqueue.c,
-	src/postsuper/postsuper.csendmail/sendmail.c.
+	master/master.c, src/postalias/postalias.c,
+	src/postdrop/postdrop.c, src/postfix/postfix.c,
+	src/postlog/postlog.c, src/postmap/postmap.c,
+	src/postmulti/postmulti.c, src/postqueue/postqueue.c,
+	src/postsuper/postsuper.c, src/sendmail/sendmail.c.
 
 20111211
 
@@ -17438,27 +17438,27 @@ Apologies for any names omitted.
 	This was a straightforward change except in the few modules
 	that propagate errors from one dictionary API to another:
 	dict_cache.c, dict_debug.c, maps.c, dict_memcache.c.  Files:
-	src/cleanup/cleanup_map11.ccleanup/cleanup_map1n.c,
-	src/global/addr_match_list.cglobal/dict_ldap.c,
-	src/global/dict_memcache.cglobal/dict_mysql.c,
-	src/global/dict_pgsql.cglobal/dict_proxy.c,
-	src/global/dict_sqlite.cglobal/domain_list.c,
-	src/global/flush_clnt.cglobal/mail_addr_find.c,
-	src/global/mail_addr_map.cglobal/maps.c, src/global/maps.h,
-	src/global/match_parent_style.hglobal/namadr_list.c,
-	src/global/resolve_local.cglobal/resolve_local.h,
-	src/global/server_acl.cglobal/string_list.c,
-	src/local/alias.clocal/bounce_workaround.c,
-	src/local/mailbox.clocal/unknown.c, src/proxymap/proxymap.c,
-	src/qmqpd/qmqpd.csmtp/smtp_map11.c, src/smtpd/smtpd_check.c,
-	src/trivial-rewrite/resolve.ctrivial-rewrite/transport.c,
-	src/util/dict.hutil/dict_alloc.c, src/util/dict_cache.c,
-	src/util/dict_cidr.cutil/dict_db.c, src/util/dict_debug.c,
-	src/util/dict_env.cutil/dict_fail.c, src/util/dict_ht.c,
-	src/util/dict_pcre.cutil/dict_regexp.c,
-	src/util/dict_static.cutil/dict_tcp.c, src/util/dict_test.c,
-	src/util/dict_thash.cutil/dict_unix.c, src/util/match_list.c,
-	src/util/match_list.hutil/match_ops.c, src/virtual/mailbox.c.
+	src/cleanup/cleanup_map11.c, src/cleanup/cleanup_map1n.c,
+	src/global/addr_match_list.c, src/global/dict_ldap.c,
+	src/global/dict_memcache.c, src/global/dict_mysql.c,
+	src/global/dict_pgsql.c, src/global/dict_proxy.c,
+	src/global/dict_sqlite.c, src/global/domain_list.c,
+	src/global/flush_clnt.c, src/global/mail_addr_find.c,
+	src/global/mail_addr_map.c, src/global/maps.c, src/global/maps.h,
+	src/global/match_parent_style.h, src/global/namadr_list.c,
+	src/global/resolve_local.c, src/global/resolve_local.h,
+	src/global/server_acl.c, src/global/string_list.c,
+	src/local/alias.c, src/local/bounce_workaround.c,
+	src/local/mailbox.c, src/local/unknown.c, src/proxymap/proxymap.c,
+	src/qmqpd/qmqpd.c, src/smtp/smtp_map11.c, src/smtpd/smtpd_check.c,
+	src/trivial-rewrite/resolve.c, src/trivial-rewrite/transport.c,
+	src/util/dict.h, src/util/dict_alloc.c, src/util/dict_cache.c,
+	src/util/dict_cidr.c, src/util/dict_db.c, src/util/dict_debug.c,
+	src/util/dict_env.c, src/util/dict_fail.c, src/util/dict_ht.c,
+	src/util/dict_pcre.c, src/util/dict_regexp.c,
+	src/util/dict_static.c, src/util/dict_tcp.c, src/util/dict_test.c,
+	src/util/dict_thash.c, src/util/dict_unix.c, src/util/match_list.c,
+	src/util/match_list.h, src/util/match_ops.c, src/virtual/mailbox.c.
 
 20111226
 
@@ -17520,18 +17520,18 @@ Apologies for any names omitted.
 	depend on the unavailable table will keep working.  However,
 	for the sake of sanity, the number of such errors over the
 	life of a process is limited to 13.  Files:
-	src/global/cfg_parser.cutil/dict_thash.c,
-	src/util/dict_cidr.cutil/dict_nis.c, src/util/dict_nisplus.c,
-	src/global/dict_ldap.cglobal/dict_mysql.c,
-	src/global/dict_pgsql.cglobal/dict_sqlite.c,
-	src/postconf/postconf_main.cglobal/mail_conf.c,
-	src/util/dict.hutil/dict.c, src/global/dict_memcache.c,
-	src/util/dict_tcp.cutil/dict_unix.c, src/util/dict_pcre.c,
-	src/util/dict_regexp.cmaster/trigger_server.c,
-	src/master/single_server.cmaster/multi_server.c,
-	src/master/event_server.cutil/dict_test.c,
-	src/util/dict_surrogate.cutil/dict_alloc.c, src/util/msg.c,
-	src/util/dict_cdb.cutil/dict_dbm.c, src/util/msg.h,
+	src/global/cfg_parser.c, src/util/dict_thash.c,
+	src/util/dict_cidr.c, src/util/dict_nis.c, src/util/dict_nisplus.c,
+	src/global/dict_ldap.c, src/global/dict_mysql.c,
+	src/global/dict_pgsql.c, src/global/dict_sqlite.c,
+	src/postconf/postconf_main.c, src/global/mail_conf.c,
+	src/util/dict.h, src/util/dict.c, src/global/dict_memcache.c,
+	src/util/dict_tcp.c, src/util/dict_unix.c, src/util/dict_pcre.c,
+	src/util/dict_regexp.c, src/master/trigger_server.c,
+	src/master/single_server.c, src/master/multi_server.c,
+	src/master/event_server.c, src/util/dict_test.c,
+	src/util/dict_surrogate.c, src/util/dict_alloc.c, src/util/msg.c,
+	src/util/dict_cdb.c, src/util/dict_dbm.c, src/util/msg.h,
 	src/util/dict_db.c.
 
 	Incompatibility: the Postfix SMTP server no longer reports
@@ -18423,14 +18423,14 @@ Apologies for any names omitted.
 	a set of characters. A user name is now separated from its
 	address extension by the first character that matches the
 	recipient_delimiter set.  Files: proto/postconf.proto,
-	src/global/mail_addr_find.cglobal/mail_params.c,
-	src/global/split_addr.cglobal/split_addr.h,
-	src/global/strip_addr.cglobal/strip_addr.h,
-	src/global/strip_addr.reflocal/bounce_workaround.c,
-	src/local/local.clocal/local_expand.c, src/local/recipient.c,
-	src/local/resolve.coqmgr/qmgr_message.c, src/pipe/pipe.c,
-	src/qmgr/qmgr_message.csmtpd/smtpd.c,
-	src/smtpd/smtpd_check.ctrivial-rewrite/transport.c,
+	src/global/mail_addr_find.c, src/global/mail_params.c,
+	src/global/split_addr.c, src/global/split_addr.h,
+	src/global/strip_addr.c, src/global/strip_addr.h,
+	src/global/strip_addr.ref, src/local/bounce_workaround.c,
+	src/local/local.c, src/local/local_expand.c, src/local/recipient.c,
+	src/local/resolve.c, src/oqmgr/qmgr_message.c, src/pipe/pipe.c,
+	src/qmgr/qmgr_message.c, src/smtpd/smtpd.c,
+	src/smtpd/smtpd_check.c, src/trivial-rewrite/transport.c,
 	src/trivial-rewrite/trivial-rewrite.c.
 
 	Feature: support for trust anchors, i.e. CA certificates
@@ -18572,15 +18572,15 @@ Apologies for any names omitted.
 	Files: smtp/smtp.h smtp/smtp_connect.c, smtp/smtp_key.c.
 
 	Non-production cleanup: documentation, identifiers.  Viktor
-	Dukhovni. Files: proto/postconf.protodns/dns.h,
-	src/dns/dns_lookup.cdns/dns_rr.c, src/dns/test_dns_lookup.c,
-	src/global/mail_proto.hposttls-finger/posttls-finger.c,
-	src/smtp/smtp.hsmtp/smtp_addr.c, src/smtp/smtp_connect.c,
-	src/smtp/smtp_session.csmtp/smtp_tls_policy.c,
-	src/smtpd/smtpd_check.ctls/tls.h, src/tls/tls_client.c,
-	src/tls/tls_dane.ctls/tls_fprint.c, src/tls/tls_misc.c,
-	src/tls/tls_proxy_clnt.ctls/tls_proxy_print.c,
-	src/tls/tls_proxy_scan.ctls/tls_server.c,
+	Dukhovni. Files: proto/postconf.proto, src/dns/dns.h,
+	src/dns/dns_lookup.c, src/dns/dns_rr.c, src/dns/test_dns_lookup.c,
+	src/global/mail_proto.h, src/posttls-finger/posttls-finger.c,
+	src/smtp/smtp.h, src/smtp/smtp_addr.c, src/smtp/smtp_connect.c,
+	src/smtp/smtp_session.c, src/smtp/smtp_tls_policy.c,
+	src/smtpd/smtpd_check.c, src/tls/tls.h, src/tls/tls_client.c,
+	src/tls/tls_dane.c, src/tls/tls_fprint.c, src/tls/tls_misc.c,
+	src/tls/tls_proxy_clnt.c, src/tls/tls_proxy_print.c,
+	src/tls/tls_proxy_scan.c, src/tls/tls_server.c,
 	src/tls/tls_verify.c.
 
 20130426
@@ -18660,7 +18660,7 @@ Apologies for any names omitted.
 	features (as opposed to tls_disable_workarounds which is
 	disables bug workarounds that are on by default). Viktor
 	Dukhovni. Files: proto/TLS_README.html, proto/postconf.proto,
-	src/global/mail_params.htls/tls.h, src/tls/tls_client.c,
+	src/global/mail_params.h, src/tls/tls.h, src/tls/tls_client.c,
 	src/tls/tls_misc.c.
 
 20130520
@@ -18911,12 +18911,12 @@ Apologies for any names omitted.
 	nothing is found there, fall back to the qname.
 
 	Code by Viktor Dukhovni. Files: mantools/postlink,
-	proto/postconf.protoglobal/mail_params.h,
-	src/posttls-finger/posttls-finger.csmtp/lmtp_params.c,
-	src/smtp/smtp.csmtp/smtp.h, src/smtp/smtp_addr.c,
-	src/smtp/smtp_addr.hsmtp/smtp_connect.c,
-	src/smtp/smtp_params.csmtp/smtp_tls_policy.c,
-	src/tls/tls.htls/tls_dane.c.
+	proto/postconf.proto, src/global/mail_params.h,
+	src/posttls-finger/posttls-finger.c, src/smtp/lmtp_params.c,
+	src/smtp/smtp.c, src/smtp/smtp.h, src/smtp/smtp_addr.c,
+	src/smtp/smtp_addr.h, src/smtp/smtp_connect.c,
+	src/smtp/smtp_params.c, src/smtp/smtp_tls_policy.c,
+	src/tls/tls.h, src/tls/tls_dane.c.
 
 20130826
 
@@ -19211,8 +19211,8 @@ Apologies for any names omitted.
 	Cleanup: improve suppression of TLSA lookups in insecure
 	zones.  This is now applied not only to non-MX destinations,
 	but also to each MX record.  Viktor Dukhovni. Files:
-	src/posttls-finger/posttls-finger.csmtp/smtp_tls_policy.c,
-	src/tls/tls.htls/tls_dane.c.
+	src/posttls-finger/posttls-finger.c, src/smtp/smtp_tls_policy.c,
+	src/tls/tls.h, src/tls/tls_dane.c.
 
 	Workaround: increased the 5s connection timeout to 30s.
 	Viktor Dukhovni. File: posttls-finger/posttls-finger.c.
@@ -19287,16 +19287,16 @@ Apologies for any names omitted.
 	NOT be supported in DANE with SMTP, and we already don't
 	support digest TLSA RRs in this case, while full content
 	TLSA RRs are not recommended for DNS bloat reasons.  Viktor
-	Dukhovni. Files: proto/postconf.protglobal/mail_params.h
-	src/smtp/smtp.tls/tls_dane.c src/tls/tls_misc.c.
+	Dukhovni. Files: proto/postconf.proto src/global/mail_params.h
+	src/smtp/smtp.c src/tls/tls_dane.c src/tls/tls_misc.c.
 
 	Feature: TLS support: Support future digest algorithms
 	without re-compilation. Viktor Dukhovni. Files: .indent.pro
-	proto/postconf.prottls/tls_dane.c.
+	proto/postconf.proto src/tls/tls_dane.c.
 
 	Feature: DNS support: New configurable digest agility.
 	Viktor Dukhovni. Files: .indent.pro proto/TLS_README.html
-	proto/postconf.protglobal/mail_params.h src/tls/tls_dane.c
+	proto/postconf.proto src/global/mail_params.h src/tls/tls_dane.c
 	src/tls/tls_misc.c.
 
 20131127
@@ -19312,8 +19312,8 @@ Apologies for any names omitted.
 20131130
 
 	Cleanup: simplify fingerprint security level implementation
-	in new DANE code.  Viktor Dukhovni.  Filestls/tls.h
-	src/smtp/smtp_tls_policy.tls/tls_dane.c
+	in new DANE code.  Viktor Dukhovni.  Files: src/tls/tls.h
+	src/smtp/smtp_tls_policy.c src/tls/tls_dane.c
 	src/posttls-finger/posttls-finger.c.
 
 20131209
@@ -19368,8 +19368,8 @@ Apologies for any names omitted.
 20131215
 
 	Cleanup: OpenSSL "const" declarations have changed over
-	time. Viktor Dukhovni. Filestls/tls.h, src/tls/tls_client.c,
-	src/tls/tls_dane.ctls/tls_server.c.
+	time. Viktor Dukhovni. Files: src/tls/tls.h, src/tls/tls_client.c,
+	src/tls/tls_dane.c, src/tls/tls_server.c.
 
 20131216
 
@@ -20234,7 +20234,7 @@ Apologies for any names omitted.
 	Cleanup: propagate the "SMTPUTF8 support requested" flag
 	when bouncing a message or when forwarding a message through
 	a local alias or .forward file.  Files: local/forward.c,
-	bounce/bounce_notify_util.cglobal/post_mail.[hc], and
+	bounce/bounce_notify_util.c, src/global/post_mail.[hc], and
 	specify a dummy argument SMTPUTF8_FLAGS_NONE in all other
 	programs that programs that invoke post_mail_fopen*(),
 
@@ -20514,7 +20514,7 @@ Apologies for any names omitted.
 	global/attr_override.[hc], smtpd/smtpd_check.c, milter/milter.c.
 
 	Documentation: support for "{ argument with whitespace }"
-	in master(5) and pipe(8). Files: proto/masterpipe/pipe.c.
+	in master(5) and pipe(8). Files: proto/master, src/pipe/pipe.c.
 
 	Documentation: in ADDRES_VERIFY_README, replaced "nearest
 	MTA" with "preferred MTA". The SMTP client was changed years
@@ -20833,8 +20833,8 @@ Apologies for any names omitted.
 	Postfix SMTP server already rejected such domains with
 	reject_unknown_sender/recipient_domain. This introduces a
 	new SMTP server configuration parameter nullmx_reject_code
-	(default: 556).  Filesdns/dns_lookup.[hc], dns/Makefile,in,
-	dns/nullmx_test.refsmtp/smtp_addr.c, smtpd/smtpd_check.c,
+	(default: 556).  Files: src/dns/dns_lookup.[hc], dns/Makefile,in,
+	dns/nullmx_test.ref, src/smtp/smtp_addr.c, smtpd/smtpd_check.c,
 	smtpd/smtpd_check_nullmx.in, smtpd/smtpd_check_nullmx.ref,
 	mantools/postlink, proto/postconf.proto, smtpd/smtpd.c.
 
@@ -20899,9 +20899,9 @@ Apologies for any names omitted.
 	dns/dns.h, dns/dns_lookup.c.
 
 	Cleanup: eliminate TLS state duplication from state->tls
-	to session->tls. Viktor Dukhovni. Filessmtp/smtp.h,
-	src/smtp/smtp_connect.csmtp/smtp_proto.c,
-	src/smtp/smtp_reuse.csmtp/smtp_session.c.
+	to session->tls. Viktor Dukhovni. Files: src/smtp/smtp.h,
+	src/smtp/smtp_connect.c, src/smtp/smtp_proto.c,
+	src/smtp/smtp_reuse.c, src/smtp/smtp_session.c.
 
 20141203
 
@@ -21459,7 +21459,7 @@ Apologies for any names omitted.
 	some non-ASCII character, unlike HTML where it comes out
 	as itself.  Andreas Schulze. This requires jumping a few
 	hops to generate HTML and nroff input from the same source
-	text.  Files; mantooloman, mantools/postconf2man.
+	text.  Files; mantools/srctoman, mantools/postconf2man.
 
 	Cleanup: UTF-8 support in masquerade_domains.  File:
 	cleanup/cleanup_masquerade.c.
@@ -21929,15 +21929,21 @@ Apologies for any names omitted.
 	Bugfix (introduced: Postfix 2.11): minor memory leak when
 	minting issuer certs. This affects a tiny minority of use
 	cases. Viktor Dukhovni, based on a fix by Juan Altmayer
-	Pizzorno for the ssl_dane library.
+	Pizzorno for the ssl_dane library. File: tls/tls_dane.c.
 
 20181104
 
 	Multiple 'bit rot' fixes for OpenSSL API changes, including
-	support to disable TLSv1.3, and to allow OpenSSL >= 1.1.0
-	run-time micro version bumps without complaining about
-	library version mismatches. Viktor Dukhovni. Files:
-	proto/postconf.proto, proto/TLS_README.html, tls/tls.h,
-	tls/tls_dane.c, tls/tls_verify.c, tls/tls_fprint.c,
-	tls/tls_misc.c, tls/tls_server.c, tls/tls_client.c,
-	tls/tls_rsa.c, posttls-finger/posttls-finger.c, .indent.pro.
+	support to disable TLSv1.3, to avoid issuing multiple session
+	tickets, and to allow OpenSSL >= 1.1.0 run-time micro version
+	bumps without complaining about library version mismatches.
+	Viktor Dukhovni. Files: proto/postconf.proto,
+	proto/TLS_README.html, tls/tls.h, tls/tls_verify.c,
+	tls/tls_fprint.c, tls/tls_misc.c, tls/tls_server.c,
+	tls/tls_client.c, tls/tls_rsa.c, posttls-finger/posttls-finger.c,
+	.indent.pro.
+
+20181110 
+
+	Documentation: update documentation for Postfix versions
+	that support disabling TLS 1.3. File: proto/postconf.proto
diff --git a/postfix/html/postconf.5.html b/postfix/html/postconf.5.html
index 1ad2808b4..224cc3a2b 100644
--- a/postfix/html/postconf.5.html
+++ b/postfix/html/postconf.5.html
@@ -12145,7 +12145,8 @@ disabled except by also disabling "TLSv1" (typically leaving just
 versions of Postfix &ge; 2.10 can explicitly disable support for
 "TLSv1.1" or "TLSv1.2". </p>
 
-<p> OpenSSL 1.1.1 introduces support for "TLSv1.3".  With Postfix &ge; 3.4,
+<p> OpenSSL 1.1.1 introduces support for "TLSv1.3".  With Postfix
+&ge; 3.4 (or patch releases &ge; 3.0.14, 3.1.10, 3.2.7 and 3.3.2)
 this can be disabled, if need be, via "!TLSv1.3". </p>
 
 <p> At the <a href="TLS_README.html#client_tls_dane">dane</a> and
@@ -12477,7 +12478,8 @@ and "TLSv1.2". The latest patch levels of Postfix &ge; 2.6, and all
 versions of Postfix &ge; 2.10 can explicitly disable support for
 "TLSv1.1" or "TLSv1.2"</p>
 
-<p> OpenSSL 1.1.1 introduces support for "TLSv1.3".  With Postfix &ge; 3.4,
+<p> OpenSSL 1.1.1 introduces support for "TLSv1.3".  With Postfix
+&ge; 3.4 (or patch releases &ge; 3.0.14, 3.1.10, 3.2.7 and 3.3.2)
 this can be disabled, if need be, via "!TLSv1.3". </p>
 
 <p> To include a protocol list its name, to exclude it, prefix the name
@@ -16497,7 +16499,8 @@ disabled.  The latest patch levels of Postfix &ge; 2.6, and all
 versions of Postfix &ge; 2.10 can disable support for "TLSv1.1" or
 "TLSv1.2". </p>
 
-<p> OpenSSL 1.1.1 introduces support for "TLSv1.3".  With Postfix &ge; 3.4,
+<p> OpenSSL 1.1.1 introduces support for "TLSv1.3".  With Postfix
+&ge; 3.4 (or patch releases &ge; 3.0.14, 3.1.10, 3.2.7 and 3.3.2)
 this can be disabled, if need be, via "!TLSv1.3". </p>
 
 <p> Example: </p>
@@ -16531,7 +16534,8 @@ and "TLSv1.2". The latest patch levels of Postfix &ge; 2.6, and all
 versions of Postfix &ge; 2.10 can disable support for "TLSv1.1" or
 "TLSv1.2". </p>
 
-<p> OpenSSL 1.1.1 introduces support for "TLSv1.3".  With Postfix &ge; 3.4,
+<p> OpenSSL 1.1.1 introduces support for "TLSv1.3".  With Postfix
+&ge; 3.4 (or patch releases &ge; 3.0.14, 3.1.10, 3.2.7 and 3.3.2)
 this can be disabled, if need be, via "!TLSv1.3". </p>
 
 <p> To include a protocol list its name, to exclude it, prefix the name
diff --git a/postfix/man/man5/postconf.5 b/postfix/man/man5/postconf.5
index 3db8d5a65..56b1c61a9 100644
--- a/postfix/man/man5/postconf.5
+++ b/postfix/man/man5/postconf.5
@@ -7787,7 +7787,8 @@ disabled except by also disabling "TLSv1" (typically leaving just
 versions of Postfix >= 2.10 can explicitly disable support for
 "TLSv1.1" or "TLSv1.2".
 .PP
-OpenSSL 1.1.1 introduces support for "TLSv1.3".  With Postfix >= 3.4,
+OpenSSL 1.1.1 introduces support for "TLSv1.3".  With Postfix
+>= 3.4 (or patch releases >= 3.0.14, 3.1.10, 3.2.7 and 3.3.2)
 this can be disabled, if need be, via "!TLSv1.3".
 .PP
 At the dane and
@@ -8106,7 +8107,8 @@ and "TLSv1.2". The latest patch levels of Postfix >= 2.6, and all
 versions of Postfix >= 2.10 can explicitly disable support for
 "TLSv1.1" or "TLSv1.2"
 .PP
-OpenSSL 1.1.1 introduces support for "TLSv1.3".  With Postfix >= 3.4,
+OpenSSL 1.1.1 introduces support for "TLSv1.3".  With Postfix
+>= 3.4 (or patch releases >= 3.0.14, 3.1.10, 3.2.7 and 3.3.2)
 this can be disabled, if need be, via "!TLSv1.3".
 .PP
 To include a protocol list its name, to exclude it, prefix the name
@@ -11314,7 +11316,8 @@ disabled.  The latest patch levels of Postfix >= 2.6, and all
 versions of Postfix >= 2.10 can disable support for "TLSv1.1" or
 "TLSv1.2".
 .PP
-OpenSSL 1.1.1 introduces support for "TLSv1.3".  With Postfix >= 3.4,
+OpenSSL 1.1.1 introduces support for "TLSv1.3".  With Postfix
+>= 3.4 (or patch releases >= 3.0.14, 3.1.10, 3.2.7 and 3.3.2)
 this can be disabled, if need be, via "!TLSv1.3".
 .PP
 Example:
@@ -11346,7 +11349,8 @@ and "TLSv1.2". The latest patch levels of Postfix >= 2.6, and all
 versions of Postfix >= 2.10 can disable support for "TLSv1.1" or
 "TLSv1.2".
 .PP
-OpenSSL 1.1.1 introduces support for "TLSv1.3".  With Postfix >= 3.4,
+OpenSSL 1.1.1 introduces support for "TLSv1.3".  With Postfix
+>= 3.4 (or patch releases >= 3.0.14, 3.1.10, 3.2.7 and 3.3.2)
 this can be disabled, if need be, via "!TLSv1.3".
 .PP
 To include a protocol list its name, to exclude it, prefix the name
diff --git a/postfix/proto/postconf.proto b/postfix/proto/postconf.proto
index dcec276e0..5842de3ad 100644
--- a/postfix/proto/postconf.proto
+++ b/postfix/proto/postconf.proto
@@ -11093,7 +11093,8 @@ disabled except by also disabling "TLSv1" (typically leaving just
 versions of Postfix &ge; 2.10 can explicitly disable support for
 "TLSv1.1" or "TLSv1.2". </p>
 
-<p> OpenSSL 1.1.1 introduces support for "TLSv1.3".  With Postfix &ge; 3.4,
+<p> OpenSSL 1.1.1 introduces support for "TLSv1.3".  With Postfix
+&ge; 3.4 (or patch releases &ge; 3.0.14, 3.1.10, 3.2.7 and 3.3.2)
 this can be disabled, if need be, via "!TLSv1.3". </p>
 
 <p> At the <a href="TLS_README.html#client_tls_dane">dane</a> and
@@ -11293,7 +11294,8 @@ disabled.  The latest patch levels of Postfix &ge; 2.6, and all
 versions of Postfix &ge; 2.10 can disable support for "TLSv1.1" or
 "TLSv1.2". </p>
 
-<p> OpenSSL 1.1.1 introduces support for "TLSv1.3".  With Postfix &ge; 3.4,
+<p> OpenSSL 1.1.1 introduces support for "TLSv1.3".  With Postfix
+&ge; 3.4 (or patch releases &ge; 3.0.14, 3.1.10, 3.2.7 and 3.3.2)
 this can be disabled, if need be, via "!TLSv1.3". </p>
 
 <p> Example: </p>
@@ -12440,7 +12442,8 @@ and "TLSv1.2". The latest patch levels of Postfix &ge; 2.6, and all
 versions of Postfix &ge; 2.10 can explicitly disable support for
 "TLSv1.1" or "TLSv1.2"</p>
 
-<p> OpenSSL 1.1.1 introduces support for "TLSv1.3".  With Postfix &ge; 3.4,
+<p> OpenSSL 1.1.1 introduces support for "TLSv1.3".  With Postfix
+&ge; 3.4 (or patch releases &ge; 3.0.14, 3.1.10, 3.2.7 and 3.3.2)
 this can be disabled, if need be, via "!TLSv1.3". </p>
 
 <p> To include a protocol list its name, to exclude it, prefix the name
@@ -12475,7 +12478,8 @@ and "TLSv1.2". The latest patch levels of Postfix &ge; 2.6, and all
 versions of Postfix &ge; 2.10 can disable support for "TLSv1.1" or
 "TLSv1.2". </p>
 
-<p> OpenSSL 1.1.1 introduces support for "TLSv1.3".  With Postfix &ge; 3.4,
+<p> OpenSSL 1.1.1 introduces support for "TLSv1.3".  With Postfix
+&ge; 3.4 (or patch releases &ge; 3.0.14, 3.1.10, 3.2.7 and 3.3.2)
 this can be disabled, if need be, via "!TLSv1.3". </p>
 
 <p> To include a protocol list its name, to exclude it, prefix the name
diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h
index 3ca2d3f8f..558eaa2f2 100644
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -20,8 +20,8 @@
   * Patches change both the patchlevel and the release date. Snapshots have no
   * patchlevel; they change the release date only.
   */
-#define MAIL_RELEASE_DATE	"20181104"
-#define MAIL_VERSION_NUMBER	"3.0.14-RC1"
+#define MAIL_RELEASE_DATE	"20181110"
+#define MAIL_VERSION_NUMBER	"3.0.14-RC2"
 
 #ifdef SNAPSHOT
 #define MAIL_VERSION_DATE	"-" MAIL_RELEASE_DATE
diff --git a/postfix/src/tls/tls_dh.c b/postfix/src/tls/tls_dh.c
index be126c9a1..af3c59e0d 100644
--- a/postfix/src/tls/tls_dh.c
+++ b/postfix/src/tls/tls_dh.c
@@ -87,44 +87,66 @@
 /* Application-specific. */
 
  /*
-  * Compiled-in EDH primes (the compiled-in generator is always 2). These are
-  * used when no parameters are explicitly loaded from a site-specific file.
+  * Compiled-in DH parameters.  Used when no parameters are explicitly loaded
+  * from a site-specific file.  Using an ASN.1 DER encoding avoids the need
+  * to explicitly manipulate the internal representation of DH parameter
+  * objects.
   * 
-  * 512-bit parameters are used for export ciphers, and 1024-bit parameters are
-  * used for non-export ciphers. An ~80-bit strong EDH key exchange is really
-  * too weak to protect 128+ bit keys, but larger DH primes are
-  * computationally expensive. When greater security is required, use EECDH.
+  * 512-bit parameters are used for export ciphers, and 2048-bit parameters are
+  * used for non-export ciphers.  The non-export group is now 2048-bit, as
+  * 1024 bits is increasingly considered to weak by clients.  When greater
+  * security is required, use EECDH.
   */
 
- /*
-  * Generated via "openssl dhparam -2 -noout -C 512 2>/dev/null" TODO:
-  * generate at compile-time.
+ /*-
+  * Generated via:
+  *   $ openssl dhparam -2 -outform DER 512 2>/dev/null |
+  *     hexdump -ve '/1 "0x%02x, "' | fmt
+  * TODO: generate at compile-time. But that is no good for the majority of
+  * sites that install pre-compiled binaries, and breaks reproducible builds.
+  * Instead, generate at installation time and use main.cf configuration.
   */
-static unsigned char dh512_p[] = {
-    0x88, 0x3F, 0x00, 0xAF, 0xFC, 0x0C, 0x8A, 0xB8, 0x35, 0xCD, 0xE5, 0xC2,
-    0x0F, 0x55, 0xDF, 0x06, 0x3F, 0x16, 0x07, 0xBF, 0xCE, 0x13, 0x35, 0xE4,
-    0x1C, 0x1E, 0x03, 0xF3, 0xAB, 0x17, 0xF6, 0x63, 0x50, 0x63, 0x67, 0x3E,
-    0x10, 0xD7, 0x3E, 0xB4, 0xEB, 0x46, 0x8C, 0x40, 0x50, 0xE6, 0x91, 0xA5,
-    0x6E, 0x01, 0x45, 0xDE, 0xC9, 0xB1, 0x1F, 0x64, 0x54, 0xFA, 0xD9, 0xAB,
-    0x4F, 0x70, 0xBA, 0x5B,
+static unsigned char dh512_der[] = {
+    0x30, 0x46, 0x02, 0x41, 0x00, 0xd8, 0xbf, 0x11, 0xd6, 0x41, 0x2a, 0x7a,
+    0x9c, 0x78, 0xb2, 0xaa, 0x41, 0x23, 0x0a, 0xdc, 0xcf, 0xb7, 0x19, 0xc5,
+    0x16, 0x4c, 0xcb, 0x4a, 0xd0, 0xd2, 0x1f, 0x1f, 0x70, 0x24, 0x86, 0x6f,
+    0x51, 0x52, 0xc6, 0x5b, 0x28, 0xbb, 0x82, 0xe1, 0x24, 0x91, 0x3d, 0x4d,
+    0x95, 0x56, 0xf8, 0x0b, 0x2c, 0xe0, 0x36, 0x67, 0x88, 0x64, 0x15, 0x1f,
+    0x45, 0xd5, 0xb8, 0x0a, 0x00, 0x03, 0x76, 0x32, 0x0b, 0x02, 0x01, 0x02,
 };
 
- /*
-  * Generated via "openssl dhparam -2 -noout -C 1024 2>/dev/null" TODO:
-  * generate at compile-time.
+ /*-
+  * Generated via:
+  *   $ openssl dhparam -2 -outform DER 2048 2>/dev/null |
+  *     hexdump -ve '/1 "0x%02x, "' | fmt
+  * TODO: generate at compile-time. But that is no good for the majority of
+  * sites that install pre-compiled binaries, and breaks reproducible builds.
+  * Instead, generate at installation time and use main.cf configuration.
   */
-static unsigned char dh1024_p[] = {
-    0xB0, 0xFE, 0xB4, 0xCF, 0xD4, 0x55, 0x07, 0xE7, 0xCC, 0x88, 0x59, 0x0D,
-    0x17, 0x26, 0xC5, 0x0C, 0xA5, 0x4A, 0x92, 0x23, 0x81, 0x78, 0xDA, 0x88,
-    0xAA, 0x4C, 0x13, 0x06, 0xBF, 0x5D, 0x2F, 0x9E, 0xBC, 0x96, 0xB8, 0x51,
-    0x00, 0x9D, 0x0C, 0x0D, 0x75, 0xAD, 0xFD, 0x3B, 0xB1, 0x7E, 0x71, 0x4F,
-    0x3F, 0x91, 0x54, 0x14, 0x44, 0xB8, 0x30, 0x25, 0x1C, 0xEB, 0xDF, 0x72,
-    0x9C, 0x4C, 0xF1, 0x89, 0x0D, 0x68, 0x3F, 0x94, 0x8E, 0xA4, 0xFB, 0x76,
-    0x89, 0x18, 0xB2, 0x91, 0x16, 0x90, 0x01, 0x99, 0x66, 0x8C, 0x53, 0x81,
-    0x4E, 0x27, 0x3D, 0x99, 0xE7, 0x5A, 0x7A, 0xAF, 0xD5, 0xEC, 0xE2, 0x7E,
-    0xFA, 0xED, 0x01, 0x18, 0xC2, 0x78, 0x25, 0x59, 0x06, 0x5C, 0x39, 0xF6,
-    0xCD, 0x49, 0x54, 0xAF, 0xC1, 0xB1, 0xEA, 0x4A, 0xF9, 0x53, 0xD0, 0xDF,
-    0x6D, 0xAF, 0xD4, 0x93, 0xE7, 0xBA, 0xAE, 0x9B,
+static unsigned char dh2048_der[] = {
+    0x30, 0x82, 0x01, 0x08, 0x02, 0x82, 0x01, 0x01, 0x00, 0xbf, 0x28, 0x1b,
+    0x68, 0x69, 0x90, 0x2f, 0x37, 0x9f, 0x5a, 0x50, 0x23, 0x73, 0x2c, 0x11,
+    0xf2, 0xac, 0x7c, 0x3e, 0x58, 0xb9, 0x23, 0x3e, 0x02, 0x07, 0x4d, 0xba,
+    0xd9, 0x2c, 0xc1, 0x9e, 0xf9, 0xc4, 0x2f, 0xbc, 0x8d, 0x86, 0x4b, 0x2a,
+    0x87, 0x86, 0x93, 0x32, 0x0f, 0x72, 0x40, 0xfe, 0x7e, 0xa2, 0xc1, 0x32,
+    0xf0, 0x65, 0x9c, 0xc3, 0x19, 0x25, 0x2d, 0xeb, 0x6a, 0x49, 0x94, 0x79,
+    0x2d, 0xa1, 0xbe, 0x05, 0x26, 0xac, 0x8d, 0x69, 0xdc, 0x2e, 0x7e, 0xb5,
+    0xfd, 0x3c, 0x2b, 0x7d, 0x43, 0x22, 0x53, 0xf6, 0x1e, 0x04, 0x45, 0xd7,
+    0x53, 0x84, 0xfd, 0x6b, 0x12, 0x72, 0x47, 0x04, 0xaf, 0xa4, 0xac, 0x4b,
+    0x55, 0xb6, 0x79, 0x42, 0x40, 0x88, 0x54, 0x48, 0xd5, 0x4d, 0x3a, 0xb2,
+    0xbf, 0x6c, 0x26, 0x95, 0x29, 0xdd, 0x8b, 0x9e, 0xed, 0xb8, 0x60, 0x8e,
+    0xb5, 0x35, 0xb6, 0x22, 0x44, 0x1f, 0xfb, 0x56, 0x74, 0xfe, 0xf0, 0x2c,
+    0xe6, 0x0c, 0x22, 0xc9, 0x35, 0xb3, 0x1b, 0x96, 0xbb, 0x0a, 0x5a, 0xc3,
+    0x09, 0xa0, 0xcc, 0xa5, 0x40, 0x90, 0x0f, 0x59, 0xa2, 0x89, 0x69, 0x2a,
+    0x69, 0x79, 0xe4, 0xd3, 0x24, 0xc6, 0x8c, 0xda, 0xbc, 0x98, 0x3a, 0x5b,
+    0x16, 0xae, 0x63, 0x6c, 0x0b, 0x43, 0x4f, 0xf3, 0x2e, 0xc8, 0xa9, 0x6b,
+    0x58, 0x6a, 0xa9, 0x8e, 0x64, 0x09, 0x3d, 0x88, 0x44, 0x4f, 0x97, 0x2c,
+    0x1d, 0x98, 0xb0, 0xa9, 0xc0, 0xb6, 0x8d, 0x19, 0x37, 0x1f, 0xb7, 0xc9,
+    0x86, 0xa8, 0xdc, 0x37, 0x4d, 0x64, 0x27, 0xf3, 0xf5, 0x2b, 0x7b, 0x6b,
+    0x76, 0x84, 0x3f, 0xc1, 0x23, 0x97, 0x2d, 0x71, 0xf7, 0xb6, 0xc2, 0x35,
+    0x28, 0x10, 0x96, 0xd6, 0x69, 0x0c, 0x2e, 0x1f, 0x9f, 0xdf, 0x82, 0x81,
+    0x57, 0x57, 0x39, 0xa5, 0xf2, 0x81, 0x29, 0x57, 0xf9, 0x2f, 0xd0, 0x03,
+    0xab, 0x02, 0x01, 0x02,
 };
 
  /*
@@ -151,6 +173,14 @@ void    tls_set_dh_from_file(const char *path, int bits)
 	msg_panic("Invalid DH parameters size %d, file %s", bits, path);
     }
 
+    /*
+     * This function is the first to set the DH parameters, but free any
+     * prior value just in case the call sequence changes some day.
+     */
+    if (*dhPtr) {
+	DH_free(*dhPtr);
+	*dhPtr = 0;
+    }
     if ((paramfile = fopen(path, "r")) != 0) {
 	if ((*dhPtr = PEM_read_DHparams(paramfile, 0, 0, 0)) == 0) {
 	    msg_warn("cannot load %d-bit DH parameters from file %s"
@@ -166,24 +196,18 @@ void    tls_set_dh_from_file(const char *path, int bits)
 
 /* tls_get_dh - get compiled-in DH parameters */
 
-static DH *tls_get_dh(const unsigned char *p, int plen)
+static DH *tls_get_dh(const unsigned char *p, size_t plen)
 {
-    DH     *dh;
-    static unsigned char g[] = {0x02,};
+    const unsigned char *endp = p;
+    DH     *dh = 0;
 
-    /* Use the compiled-in parameters. */
-    if ((dh = DH_new()) == 0) {
-	msg_warn("cannot create DH parameter set: %m");	/* 200411 */
-	return (0);
-    }
-    dh->p = BN_bin2bn(p, plen, (BIGNUM *) 0);
-    dh->g = BN_bin2bn(g, 1, (BIGNUM *) 0);
-    if ((dh->p == 0) || (dh->g == 0)) {
-	msg_warn("cannot load compiled-in DH parameters");	/* 200411 */
-	DH_free(dh);				/* 200411 */
-	return (0);
-    }
-    return (dh);
+    if (d2i_DHparams(&dh, &endp, plen) && plen == endp - p)
+	return (dh);
+
+    msg_warn("cannot load compiled-in DH parameters");
+    if (dh)
+	DH_free(dh);
+    return (0);
 }
 
 /* tls_tmp_dh_cb - call-back for Diffie-Hellman parameters */
@@ -194,11 +218,11 @@ DH     *tls_tmp_dh_cb(SSL *unused_ssl, int export, int keylength)
 
     if (export && keylength == 512) {		/* 40-bit export cipher */
 	if (dh_512 == 0)
-	    dh_512 = tls_get_dh(dh512_p, (int) sizeof(dh512_p));
+	    dh_512 = tls_get_dh(dh512_der, sizeof(dh512_der));
 	dh_tmp = dh_512;
     } else {					/* ADH, DHE-RSA or DSA */
 	if (dh_1024 == 0)
-	    dh_1024 = tls_get_dh(dh1024_p, (int) sizeof(dh1024_p));
+	    dh_1024 = tls_get_dh(dh2048_der, sizeof(dh2048_der));
 	dh_tmp = dh_1024;
     }
     return (dh_tmp);
@@ -255,10 +279,12 @@ int     tls_set_eecdh_curve(SSL_CTX *server_ctx, const char *grade)
     ERR_clear_error();
     if ((ecdh = EC_KEY_new_by_curve_name(nid)) == 0
 	|| SSL_CTX_set_tmp_ecdh(server_ctx, ecdh) == 0) {
+	EC_KEY_free(ecdh);			/* OK if NULL */
 	msg_warn("unable to use curve \"%s\": disabling EECDH support", curve);
 	tls_print_errors();
 	return (0);
     }
+    EC_KEY_free(ecdh);
 #endif
     return (1);
 }
-- 
2.47.3