Merge sendmail 8.14.7 to HEAD

MFC after:	4 days

23 files changed, 319 insertions, 124 deletions

diff --git a/contrib/sendmail/src/Makefile.m4 b/contrib/sendmail/src/Makefile.m4
index 5908b97..a29c18e 100644
--- a/contrib/sendmail/src/Makefile.m4
+++ b/contrib/sendmail/src/Makefile.m4
@@ -1,4 +1,4 @@
-dnl $Id: Makefile.m4,v 8.132 2012/09/11 20:02:44 ca Exp $
+dnl $Id: Makefile.m4,v 8.139 2013/04/17 17:15:54 ca Exp $
 include(confBUILDTOOLSDIR`/M4/switch.m4')
 
 define(`confREQUIRE_LIBSM', `true')
diff --git a/contrib/sendmail/src/alias.c b/contrib/sendmail/src/alias.c
index 3eae4ba..57d0b08 100644
--- a/contrib/sendmail/src/alias.c
+++ b/contrib/sendmail/src/alias.c
@@ -13,7 +13,7 @@
 
 #include <sendmail.h>
 
-SM_RCSID("@(#)$Id: alias.c,v 8.219 2006/10/24 18:04:09 ca Exp $")
+SM_RCSID("@(#)$Id: alias.c,v 8.220 2013/03/12 15:24:52 ca Exp $")
 
 #define SEPARATOR ':'
 # define ALIAS_SPEC_SEPARATORS	" ,/:"
@@ -657,7 +657,7 @@ readaliases(map, af, announcestats, logstats)
 	LineNumber = 0;
 	naliases = bytes = longest = 0;
 	skipping = false;
-	while (sm_io_fgets(af, SM_TIME_DEFAULT, line, sizeof(line)) != NULL)
+	while (sm_io_fgets(af, SM_TIME_DEFAULT, line, sizeof(line)) >= 0)
 	{
 		int lhssize, rhssize;
 		int c;
@@ -670,7 +670,7 @@ readaliases(map, af, announcestats, logstats)
 		{
 			p--;
 			if (sm_io_fgets(af, SM_TIME_DEFAULT, p,
-					SPACELEFT(line, p)) == NULL)
+					SPACELEFT(line, p)) < 0)
 				break;
 			LineNumber++;
 			p = strchr(p, '\n');
@@ -780,7 +780,7 @@ readaliases(map, af, announcestats, logstats)
 
 			/* read continuation line */
 			if (sm_io_fgets(af, SM_TIME_DEFAULT, p,
-					sizeof(line) - (p-line)) == NULL)
+					sizeof(line) - (p-line)) < 0)
 				break;
 			LineNumber++;
 
diff --git a/contrib/sendmail/src/collect.c b/contrib/sendmail/src/collect.c
index c8dcb8a..1b7b5f5 100644
--- a/contrib/sendmail/src/collect.c
+++ b/contrib/sendmail/src/collect.c
@@ -13,7 +13,7 @@
 
 #include <sendmail.h>
 
-SM_RCSID("@(#)$Id: collect.c,v 8.285 2012/06/14 23:54:02 ca Exp $")
+SM_RCSID("@(#)$Id: collect.c,v 8.286 2013/03/15 17:54:12 ca Exp $")
 
 static void	eatfrom __P((char *volatile, ENVELOPE *));
 static void	collect_doheader __P((ENVELOPE *));
@@ -300,6 +300,9 @@ collect(fp, smtpmode, hdrp, e, rsetsize)
 	unsigned char *pbp;
 	unsigned char peekbuf[8];
 	char bufbuf[MAXLINE];
+#if _FFR_REJECT_NUL_BYTE
+	bool hasNUL;		/* has at least one NUL input byte */
+#endif /* _FFR_REJECT_NUL_BYTE */
 
 	df = NULL;
 	ignrdot = smtpmode ? false : IgnrDot;
@@ -315,6 +318,9 @@ collect(fp, smtpmode, hdrp, e, rsetsize)
 	hdrslen = 0;
 	numhdrs = 0;
 	HasEightBits = false;
+#if _FFR_REJECT_NUL_BYTE
+	hasNUL = false;
+#endif /* _FFR_REJECT_NUL_BYTE */
 	buf = bp = bufbuf;
 	buflen = sizeof(bufbuf);
 	pbp = peekbuf;
@@ -403,6 +409,10 @@ collect(fp, smtpmode, hdrp, e, rsetsize)
 							SM_TIME_DEFAULT,
 							c);
 				}
+#if _FFR_REJECT_NUL_BYTE
+				if (c == '\0')
+					hasNUL = true;
+#endif /* _FFR_REJECT_NUL_BYTE */
 				if (c == SM_IO_EOF)
 					goto readerr;
 				if (SevenBitInput)
@@ -893,6 +903,14 @@ readerr:
 			e->e_bodytype = "7BIT";
 	}
 
+#if _FFR_REJECT_NUL_BYTE
+	if (hasNUL && RejectNUL)
+	{
+		e->e_status = "5.6.1";
+		usrerrenh(e->e_status, "554 NUL byte not allowed");
+	}
+#endif /* _FFR_REJECT_NUL_BYTE */
+
 	if (SuperSafe == SAFE_REALLY && !bitset(EF_FATALERRS, e->e_flags))
 	{
 		char *dfname = queuename(e, DATAFL_LETTER);
diff --git a/contrib/sendmail/src/conf.c b/contrib/sendmail/src/conf.c
index 9130455..edfa0c2 100644
--- a/contrib/sendmail/src/conf.c
+++ b/contrib/sendmail/src/conf.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998-2012 Sendmail, Inc. and its suppliers.
+ * Copyright (c) 1998-2013 Sendmail, Inc. and its suppliers.
  *	All rights reserved.
  * Copyright (c) 1983, 1995-1997 Eric P. Allman.  All rights reserved.
  * Copyright (c) 1988, 1993
@@ -13,7 +13,7 @@
 
 #include <sendmail.h>
 
-SM_RCSID("@(#)$Id: conf.c,v 8.1176 2012/12/07 03:59:54 ca Exp $")
+SM_RCSID("@(#)$Id: conf.c,v 8.1182 2013/04/05 17:39:09 ca Exp $")
 
 #include <sm/sendmail.h>
 #include <sendmail/pathnames.h>
@@ -967,7 +967,7 @@ switch_map_find(service, maptype, mapreturn)
 			char buf[MAXLINE];
 
 			while (sm_io_fgets(fp, SM_TIME_DEFAULT, buf,
-					   sizeof(buf)) != NULL)
+					   sizeof(buf)) >= 0)
 			{
 				register char *p;
 
@@ -2848,7 +2848,7 @@ uname(name)
 		char buf[MAXLINE];
 
 		while (sm_io_fgets(file, SM_TIME_DEFAULT,
-				   buf, sizeof(buf)) != NULL)
+				   buf, sizeof(buf)) >= 0)
 		{
 			if (sm_io_sscanf(buf, "#define sysname \"%*[^\"]\"",
 					NODE_LENGTH, name->nodename) > 0)
@@ -3222,7 +3222,7 @@ usershellok(user, shell)
 		return false;
 	}
 
-	while (sm_io_fgets(shellf, SM_TIME_DEFAULT, buf, sizeof(buf)) != NULL)
+	while (sm_io_fgets(shellf, SM_TIME_DEFAULT, buf, sizeof(buf)) >= 0)
 	{
 		register char *p, *q;
 
@@ -4294,7 +4294,12 @@ sm_gethostbyname(name, family)
 #else /* (SOLARIS > 10000 && SOLARIS < 20400) || (defined(SOLARIS) && SOLARIS < 204) || (defined(sony_news) && defined(__svr4)) */
 	int nmaps;
 # if NETINET6
-	int flags = AI_DEFAULT|AI_ALL;
+#  ifndef SM_IPNODEBYNAME_FLAGS
+    /* For IPv4-mapped addresses, use: AI_DEFAULT|AI_ALL */
+#   define SM_IPNODEBYNAME_FLAGS	AI_ADDRCONFIG
+#  endif /* SM_IPNODEBYNAME_FLAGS */
+
+	int flags = SM_IPNODEBYNAME_FLAGS;
 	int err;
 # endif /* NETINET6 */
 	char *maptype[MAXMAPSTACK];
@@ -6004,6 +6009,23 @@ char	*OsCompileOptions[] =
 #if SECUREWARE
 	"SECUREWARE",
 #endif /* SECUREWARE */
+#if SFS_TYPE == SFS_4ARGS
+	"SFS_4ARGS",
+#elif SFS_TYPE == SFS_MOUNT
+	"SFS_MOUNT",
+#elif SFS_TYPE == SFS_NONE
+	"SFS_NONE",
+#elif SFS_TYPE == SFS_NT
+	"SFS_NT",
+#elif SFS_TYPE == SFS_STATFS
+	"SFS_STATFS",
+#elif SFS_TYPE == SFS_STATVFS
+	"SFS_STATVFS",
+#elif SFS_TYPE == SFS_USTAT
+	"SFS_USTAT",
+#elif SFS_TYPE == SFS_VFS
+	"SFS_VFS",
+#endif
 #if SHARE_V1
 	"SHARE_V1",
 #endif /* SHARE_V1 */
@@ -6184,6 +6206,10 @@ char	*FFRCompileOptions[] =
 
 	"_FFR_GETHBN_ExFILE",
 #endif /* _FFR_GETHBN_ExFILE */
+#if _FFR_FIPSMODE
+	/* FIPSMode (if supported by OpenSSL library) */
+	"_FFR_FIPSMODE",
+#endif /* _FFR_FIPSMODE */
 #if _FFR_FIX_DASHT
 	/*
 	**  If using -t, force not sending to argv recipients, even
@@ -6363,6 +6389,10 @@ char	*FFRCompileOptions[] =
 
 	"_FFR_REDIRECTEMPTY",
 #endif /* _FFR_REDIRECTEMPTY */
+#if _FFR_REJECT_NUL_BYTE
+	/* reject NUL bytes in body */
+	"_FFR_REJECT_NUL_BYTE",
+#endif /* _FFR_REJECT_NUL_BYTE */
 #if _FFR_RESET_MACRO_GLOBALS
 	/* Allow macro 'j' to be set dynamically via rulesets. */
 	"_FFR_RESET_MACRO_GLOBALS",
diff --git a/contrib/sendmail/src/control.c b/contrib/sendmail/src/control.c
index 0b525f7..4d10740 100644
--- a/contrib/sendmail/src/control.c
+++ b/contrib/sendmail/src/control.c
@@ -10,7 +10,7 @@
 
 #include <sendmail.h>
 
-SM_RCSID("@(#)$Id: control.c,v 8.128 2006/08/15 23:24:56 ca Exp $")
+SM_RCSID("@(#)$Id: control.c,v 8.129 2013/03/12 15:24:52 ca Exp $")
 
 #include <sm/fdset.h>
 
@@ -301,7 +301,7 @@ control_command(sock, e)
 	(void) sm_io_setvbuf(s, SM_TIME_DEFAULT, NULL,
 			     SM_IO_NBF, SM_IO_BUFSIZ);
 
-	if (sm_io_fgets(s, SM_TIME_DEFAULT, inp, sizeof(inp)) == NULL)
+	if (sm_io_fgets(s, SM_TIME_DEFAULT, inp, sizeof(inp)) < 0)
 	{
 		(void) sm_io_close(s, SM_TIME_DEFAULT);
 		exit(EX_IOERR);
diff --git a/contrib/sendmail/src/deliver.c b/contrib/sendmail/src/deliver.c
index 581a98d..1d5eddd 100644
--- a/contrib/sendmail/src/deliver.c
+++ b/contrib/sendmail/src/deliver.c
@@ -14,7 +14,7 @@
 #include <sendmail.h>
 #include <sm/time.h>
 
-SM_RCSID("@(#)$Id: deliver.c,v 8.1027 2012/12/19 02:49:21 ca Exp $")
+SM_RCSID("@(#)$Id: deliver.c,v 8.1028 2013/01/02 18:57:42 ca Exp $")
 
 #if HASSETUSERCONTEXT
 # include <login_cap.h>
@@ -6159,7 +6159,7 @@ starttls(m, mci, e)
 			sm_syslog(LOG_ERR, NOQID,
 				  "STARTTLS=client, error: SSL_new failed");
 			if (LogLevel > 9)
-				tlslogerr("client");
+				tlslogerr(LOG_WARNING, "client");
 		}
 		return EX_SOFTWARE;
 	}
@@ -6178,7 +6178,7 @@ starttls(m, mci, e)
 				  "STARTTLS=client, error: SSL_set_xfd failed=%d",
 				  result);
 			if (LogLevel > 9)
-				tlslogerr("client");
+				tlslogerr(LOG_WARNING, "client");
 		}
 		return EX_SOFTWARE;
 	}
@@ -6208,7 +6208,7 @@ ssl_retry:
 				  result, sr == NULL ? "unknown" : sr, ssl_err,
 				  errno, i);
 			if (LogLevel > 9)
-				tlslogerr("client");
+				tlslogerr(LOG_WARNING, "client");
 		}
 
 		SSL_free(clt_ssl);
diff --git a/contrib/sendmail/src/main.c b/contrib/sendmail/src/main.c
index 2294063..75c8be1 100644
--- a/contrib/sendmail/src/main.c
+++ b/contrib/sendmail/src/main.c
@@ -26,7 +26,7 @@ SM_UNUSED(static char copyright[]) =
 	The Regents of the University of California.  All rights reserved.\n";
 #endif /* ! lint */
 
-SM_RCSID("@(#)$Id: main.c,v 8.981 2012/06/14 23:54:02 ca Exp $")
+SM_RCSID("@(#)$Id: main.c,v 8.983 2013/03/12 15:24:52 ca Exp $")
 
 
 #if NETINET || NETINET6
@@ -2103,7 +2103,7 @@ main(argc, argv, envp)
 							     "> ");
 				(void) sm_io_flush(smioout, SM_TIME_DEFAULT);
 				if (sm_io_fgets(smioin, SM_TIME_DEFAULT, buf,
-						sizeof(buf)) == NULL)
+						sizeof(buf)) < 0)
 					testmodeline("/quit", &MainEnvelope);
 				p = strchr(buf, '\n');
 				if (p != NULL)
@@ -2153,7 +2153,13 @@ main(argc, argv, envp)
 	if (tls_ok)
 	{
 		/* basic TLS initialization */
-		tls_ok = init_tls_library();
+		tls_ok = init_tls_library(FipsMode);
+		if (!tls_ok && FipsMode)
+		{
+			(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
+				     "ERROR: FIPSMode failed to initialize\n");
+			exit(EX_USAGE);
+		}
 	}
 
 	if (!tls_ok && (OpMode == MD_QUEUERUN || OpMode == MD_DELIVER))
diff --git a/contrib/sendmail/src/map.c b/contrib/sendmail/src/map.c
index 01d79ff..ad7d818 100644
--- a/contrib/sendmail/src/map.c
+++ b/contrib/sendmail/src/map.c
@@ -13,7 +13,7 @@
 
 #include <sendmail.h>
 
-SM_RCSID("@(#)$Id: map.c,v 8.709 2012/04/20 18:47:09 ca Exp $")
+SM_RCSID("@(#)$Id: map.c,v 8.711 2013/03/12 15:24:52 ca Exp $")
 
 #if LDAPMAP
 # include <sm/ldap.h>
@@ -2883,6 +2883,9 @@ nis_getcanonname(name, hbsize, statp)
 # undef T_UNSPEC	/* symbol conflict in nis.h -> ... -> sys/tiuser.h */
 # include <rpcsvc/nis.h>
 # include <rpcsvc/nislib.h>
+# ifndef NIS_TABLE_OBJ
+#  define NIS_TABLE_OBJ TABLE_OBJ
+# endif /* NIS_TABLE_OBJ */
 
 # define EN_col(col)	zo_data.objdata_u.en_data.en_cols.en_cols_val[(col)].ec_value.ec_value_val
 # define COL_NAME(res,i)	((res->objects.objects_val)->TA_data.ta_cols.ta_cols_val)[i].tc_name
@@ -2970,7 +2973,7 @@ nisplus_map_open(map, mode)
 	}
 
 	if (NIS_RES_NUMOBJ(res) != 1 ||
-	    (NIS_RES_OBJECT(res)->zo_data.zo_type != TABLE_OBJ))
+	    (NIS_RES_OBJECT(res)->zo_data.zo_type != NIS_TABLE_OBJ))
 	{
 		if (tTd(38, 10))
 			sm_dprintf("nisplus_map_open: %s is not a table\n", qbuf);
@@ -5834,7 +5837,7 @@ text_map_lookup(map, name, av, statp)
 	key_idx = map->map_keycolno;
 	delim = map->map_coldelim;
 	while (sm_io_fgets(f, SM_TIME_DEFAULT,
-			   linebuf, sizeof(linebuf)) != NULL)
+			   linebuf, sizeof(linebuf)) >= 0)
 	{
 		char *p;
 
@@ -5908,7 +5911,7 @@ text_getcanonname(name, hbsize, statp)
 	found = false;
 	while (!found &&
 		sm_io_fgets(f, SM_TIME_DEFAULT,
-			    linebuf, sizeof(linebuf)) != NULL)
+			    linebuf, sizeof(linebuf)) >= 0)
 	{
 		char *p = strpbrk(linebuf, "#\n");
 
diff --git a/contrib/sendmail/src/mci.c b/contrib/sendmail/src/mci.c
index 7b17167..6e635a8 100644
--- a/contrib/sendmail/src/mci.c
+++ b/contrib/sendmail/src/mci.c
@@ -13,7 +13,7 @@
 
 #include <sendmail.h>
 
-SM_RCSID("@(#)$Id: mci.c,v 8.223 2010/03/10 04:35:28 ca Exp $")
+SM_RCSID("@(#)$Id: mci.c,v 8.224 2013/03/12 15:24:53 ca Exp $")
 
 #if NETINET || NETINET6
 # include <arpa/inet.h>
@@ -972,7 +972,7 @@ mci_read_persistent(fp, mci)
 	sm_io_rewind(fp, SM_TIME_DEFAULT);
 	ver = -1;
 	LineNumber = 0;
-	while (sm_io_fgets(fp, SM_TIME_DEFAULT, buf, sizeof(buf)) != NULL)
+	while (sm_io_fgets(fp, SM_TIME_DEFAULT, buf, sizeof(buf)) >= 0)
 	{
 		LineNumber++;
 		p = strchr(buf, '\n');
diff --git a/contrib/sendmail/src/milter.c b/contrib/sendmail/src/milter.c
index a403a16..958b608 100644
--- a/contrib/sendmail/src/milter.c
+++ b/contrib/sendmail/src/milter.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999-2009 Sendmail, Inc. and its suppliers.
+ * Copyright (c) 1999-2009, 2012, 2013 Sendmail, Inc. and its suppliers.
  *	All rights reserved.
  *
  * By using this file, you agree to the terms and conditions set
@@ -10,7 +10,7 @@
 
 #include <sendmail.h>
 
-SM_RCSID("@(#)$Id: milter.c,v 8.279 2012/11/16 20:25:03 ca Exp $")
+SM_RCSID("@(#)$Id: milter.c,v 8.280 2013/01/16 18:48:36 ca Exp $")
 
 #if MILTER
 # include <sm/sendmail.h>
@@ -2184,7 +2184,7 @@ milter_send_command(m, cmd, data, sz, e, state, where)
 **		cmd -- command to send.
 **		data -- optional command data.
 **		sz -- length of buf.
-**		macros -- macros to send for filter smfi_getsymval().
+**		stage -- index of macros to send for filter smfi_getsymval().
 **		e -- current envelope (for macro access).
 **		state -- return state word.
 **		where -- description of calling function (logging).
@@ -2328,7 +2328,6 @@ milter_getsymlist(m, buf, rlen, offset)
 		  case SMFIM_DATA:
 			SM_ASSERT(m->mf_idx > 0 && m->mf_idx < MAXFILTERS);
 			macros = MilterMacros[i][m->mf_idx];
-
 			m->mf_lflags |= MI_LFLAGS_SYM(i);
 			len = strlen(buf + offset);
 			if (len > 0)
diff --git a/contrib/sendmail/src/mime.c b/contrib/sendmail/src/mime.c
index af71d79..f0fb54a 100644
--- a/contrib/sendmail/src/mime.c
+++ b/contrib/sendmail/src/mime.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998-2003, 2006 Sendmail, Inc. and its suppliers.
+ * Copyright (c) 1998-2003, 2006, 2013 Sendmail, Inc. and its suppliers.
  *	All rights reserved.
  * Copyright (c) 1994, 1996-1997 Eric P. Allman.  All rights reserved.
  * Copyright (c) 1994
@@ -14,7 +14,7 @@
 #include <sendmail.h>
 #include <string.h>
 
-SM_RCSID("@(#)$Id: mime.c,v 8.147 2007/09/26 23:29:11 ca Exp $")
+SM_RCSID("@(#)$Id: mime.c,v 8.148 2013/03/12 15:24:53 ca Exp $")
 
 /*
 **  MIME support.
@@ -107,6 +107,7 @@ mime8to7(mci, header, e, boundaries, flags, level)
 {
 	register char *p;
 	int linelen;
+	int blen;
 	int bt;
 	off_t offset;
 	size_t sectionsize, sectionhighbits;
@@ -322,13 +323,13 @@ mime8to7(mci, header, e, boundaries, flags, level)
 			goto writeerr;
 		mci->mci_flags &= ~MCIF_INHEADER;
 		bt = MBT_FINAL;
-		while (sm_io_fgets(e->e_dfp, SM_TIME_DEFAULT, buf, sizeof(buf))
-			!= NULL)
+		while ((blen = sm_io_fgets(e->e_dfp, SM_TIME_DEFAULT, buf,
+					sizeof(buf))) >= 0)
 		{
 			bt = mimeboundary(buf, boundaries);
 			if (bt != MBT_NOTSEP)
 				break;
-			if (!putxline(buf, strlen(buf), mci,
+			if (!putxline(buf, blen, mci,
 					PXLF_MAPFROM|PXLF_STRIP8BIT))
 				goto writeerr;
 			if (tTd(43, 99))
@@ -366,13 +367,13 @@ mime8to7(mci, header, e, boundaries, flags, level)
 		mci->mci_flags &= ~MCIF_INMIME;
 
 		/* skip the late "comment" epilogue */
-		while (sm_io_fgets(e->e_dfp, SM_TIME_DEFAULT, buf, sizeof(buf))
-			!= NULL)
+		while ((blen = sm_io_fgets(e->e_dfp, SM_TIME_DEFAULT, buf,
+					sizeof(buf))) >= 0)
 		{
 			bt = mimeboundary(buf, boundaries);
 			if (bt != MBT_NOTSEP)
 				break;
-			if (!putxline(buf, strlen(buf), mci,
+			if (!putxline(buf, blen, mci,
 					PXLF_MAPFROM|PXLF_STRIP8BIT))
 				goto writeerr;
 			if (tTd(43, 99))
@@ -443,16 +444,16 @@ mime8to7(mci, header, e, boundaries, flags, level)
 			       DATAFL_LETTER, e->e_id);
 
 		/* do a scan of this body type to count character types */
-		while (sm_io_fgets(e->e_dfp, SM_TIME_DEFAULT, buf, sizeof(buf))
-			!= NULL)
+		while ((blen = sm_io_fgets(e->e_dfp, SM_TIME_DEFAULT, buf,
+					sizeof(buf))) >= 0)
 		{
 			if (mimeboundary(buf, boundaries) != MBT_NOTSEP)
 				break;
-			for (p = buf; *p != '\0'; p++)
+			for (i = 0; i < blen; i++)
 			{
 				/* count bytes with the high bit set */
 				sectionsize++;
-				if (bitset(0200, *p))
+				if (bitset(0200, buf[i]))
 					sectionhighbits++;
 			}
 
@@ -522,8 +523,8 @@ mime8to7(mci, header, e, boundaries, flags, level)
 		if (!putline("", mci))
 			goto writeerr;
 		mci->mci_flags &= ~MCIF_INHEADER;
-		while (sm_io_fgets(e->e_dfp, SM_TIME_DEFAULT, buf, sizeof(buf))
-			!= NULL)
+		while ((blen = sm_io_fgets(e->e_dfp, SM_TIME_DEFAULT, buf,
+					sizeof(buf))) >= 0)
 		{
 			if (!bitset(MCIF_INLONGLINE, mci->mci_flags))
 			{
@@ -531,7 +532,7 @@ mime8to7(mci, header, e, boundaries, flags, level)
 				if (bt != MBT_NOTSEP)
 					break;
 			}
-			if (!putxline(buf, strlen(buf), mci,
+			if (!putxline(buf, blen, mci,
 				      PXLF_MAPFROM|PXLF_NOADDEOL))
 				goto writeerr;
 		}
@@ -1033,7 +1034,7 @@ mime7to8(mci, header, e)
 	HDR *header;
 	register ENVELOPE *e;
 {
-	int pxflags;
+	int pxflags, blen;
 	register char *p;
 	char *cte;
 	char **pvp;
@@ -1066,10 +1067,10 @@ mime7to8(mci, header, e)
 		if (!putline("", mci))
 			goto writeerr;
 		mci->mci_flags &= ~MCIF_INHEADER;
-		while (sm_io_fgets(e->e_dfp, SM_TIME_DEFAULT, buf, sizeof(buf))
-			!= NULL)
+		while ((blen = sm_io_fgets(e->e_dfp, SM_TIME_DEFAULT, buf,
+					sizeof(buf))) >= 0)
 		{
-			if (!putline(buf, mci))
+			if (!putxline(buf, blen, mci, PXLF_MAPFROM))
 				goto writeerr;
 		}
 		return true;
@@ -1177,7 +1178,7 @@ mime7to8(mci, header, e)
 		pxflags |= PXLF_NOADDEOL;
 		fbufp = fbuf;
 		while (sm_io_fgets(e->e_dfp, SM_TIME_DEFAULT, buf,
-				   sizeof(buf)) != NULL)
+				   sizeof(buf)) >= 0)
 		{
 			off = mime_fromqp((unsigned char *) buf, &fbufp,
 					  &fbuf[MAXLINE] - fbufp);
diff --git a/contrib/sendmail/src/parseaddr.c b/contrib/sendmail/src/parseaddr.c
index 930f61d..682a372 100644
--- a/contrib/sendmail/src/parseaddr.c
+++ b/contrib/sendmail/src/parseaddr.c
@@ -13,7 +13,7 @@
 
 #include <sendmail.h>
 
-SM_RCSID("@(#)$Id: parseaddr.c,v 8.405 2012/02/27 22:49:08 ca Exp $")
+SM_RCSID("@(#)$Id: parseaddr.c,v 8.406 2013/04/17 16:53:01 ca Exp $")
 
 #include <sm/sendmail.h>
 #include "map.h"
@@ -2350,6 +2350,14 @@ sameaddr(a, b)
 	if (a->q_mailer != b->q_mailer)
 		return false;
 
+	/*
+	**  Addresses resolving to error mailer
+	**  should not be considered identical
+	*/
+
+	if (a->q_mailer == &errormailer)
+		return false;
+
 	/* if the user isn't the same, we can drop out */
 	if (strcmp(a->q_user, b->q_user) != 0)
 		return false;
diff --git a/contrib/sendmail/src/queue.c b/contrib/sendmail/src/queue.c
index 70b2965..af60d5e 100644
--- a/contrib/sendmail/src/queue.c
+++ b/contrib/sendmail/src/queue.c
@@ -14,7 +14,7 @@
 #include <sendmail.h>
 #include <sm/sem.h>
 
-SM_RCSID("@(#)$Id: queue.c,v 8.997 2012/06/14 23:54:03 ca Exp $")
+SM_RCSID("@(#)$Id: queue.c,v 8.998 2013/03/12 15:24:53 ca Exp $")
 
 #include <dirent.h>
 
@@ -2746,7 +2746,7 @@ gatherq(qgrp, qdir, doall, full, more, pnentries)
 			i |= NEED_QUARANTINE;
 		while (cf != NULL && i != 0 &&
 		       sm_io_fgets(cf, SM_TIME_DEFAULT, lbuf,
-				   sizeof(lbuf)) != NULL)
+				   sizeof(lbuf)) >= 0)
 		{
 			int c;
 			time_t age;
@@ -4981,7 +4981,7 @@ print_single_queue(qgrp, qdir)
 		quarmsg[0] = '\0';
 		statmsg[0] = bodytype[0] = '\0';
 		qfver = 0;
-		while (sm_io_fgets(f, SM_TIME_DEFAULT, buf, sizeof(buf)) != NULL)
+		while (sm_io_fgets(f, SM_TIME_DEFAULT, buf, sizeof(buf)) >= 0)
 		{
 			register int i;
 			register char *p;
diff --git a/contrib/sendmail/src/readcf.c b/contrib/sendmail/src/readcf.c
index 7bc70c2..2c8da0b 100644
--- a/contrib/sendmail/src/readcf.c
+++ b/contrib/sendmail/src/readcf.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998-2006, 2008-2010 Sendmail, Inc. and its suppliers.
+ * Copyright (c) 1998-2006, 2008-2010, 2013 Sendmail, Inc. and its suppliers.
  *	All rights reserved.
  * Copyright (c) 1983, 1995-1997 Eric P. Allman.  All rights reserved.
  * Copyright (c) 1988, 1993
@@ -14,7 +14,7 @@
 #include <sendmail.h>
 #include <sm/sendmail.h>
 
-SM_RCSID("@(#)$Id: readcf.c,v 8.684 2011/03/15 17:29:29 guenther Exp $")
+SM_RCSID("@(#)$Id: readcf.c,v 8.690 2013/03/15 17:54:12 ca Exp $")
 
 #if NETINET || NETINET6
 # include <arpa/inet.h>
@@ -1141,7 +1141,7 @@ fileclass(class, filename, fmt, ismap, safe, optional)
 		return;
 	}
 
-	while (sm_io_fgets(f, SM_TIME_DEFAULT, buf, sizeof(buf)) != NULL)
+	while (sm_io_fgets(f, SM_TIME_DEFAULT, buf, sizeof(buf)) >= 0)
 	{
 #if SCANF
 		char wordbuf[MAXLINE + 1];
@@ -2284,6 +2284,14 @@ static struct optioninfo
 # define O_INETQOS	0xe7	/* reserved for FFR_QOS */
 	{ "InetQoS",			O_INETQOS,	OI_NONE },
 #endif
+#if STARTTLS && _FFR_FIPSMODE
+# define O_FIPSMODE	0xe8
+	{ "FIPSMode",		O_FIPSMODE,	OI_NONE	},
+#endif /* STARTTLS && _FFR_FIPSMODE  */
+#if _FFR_REJECT_NUL_BYTE
+# define O_REJECTNUL	0xe9
+	{ "RejectNUL",	O_REJECTNUL,	OI_SAFE	},
+#endif /* _FFR_REJECT_NUL_BYTE */
 
 	{ NULL,				'\0',		OI_NONE	}
 };
@@ -3862,6 +3870,11 @@ setoption(opt, val, safe, sticky, e)
 		break;
 
 #endif /* STARTTLS */
+#if STARTTLS && _FFR_FIPSMODE
+	  case O_FIPSMODE:
+		FipsMode = atobool(val);
+		break;
+#endif /* STARTTLS && _FFR_FIPSMODE  */
 
 	  case O_CLIENTPORT:
 		setclientoptions(val);
@@ -4016,6 +4029,12 @@ setoption(opt, val, safe, sticky, e)
 		break;
 #endif /* _FFR_BADRCPT_SHUTDOWN */
 
+#if _FFR_REJECT_NUL_BYTE
+	  case O_REJECTNUL:
+		RejectNUL = atobool(val);
+		break;
+#endif /* _FFR_REJECT_NUL_BYTE */
+
 	  default:
 		if (tTd(37, 1))
 		{
diff --git a/contrib/sendmail/src/recipient.c b/contrib/sendmail/src/recipient.c
index 4064632..9f4c3f6 100644
--- a/contrib/sendmail/src/recipient.c
+++ b/contrib/sendmail/src/recipient.c
@@ -13,7 +13,7 @@
 
 #include <sendmail.h>
 
-SM_RCSID("@(#)$Id: recipient.c,v 8.349 2007/07/10 17:01:22 ca Exp $")
+SM_RCSID("@(#)$Id: recipient.c,v 8.350 2013/03/12 15:24:54 ca Exp $")
 
 static void	includetimeout __P((int));
 static ADDRESS	*self_reference __P((ADDRESS *));
@@ -1824,7 +1824,7 @@ resetuid:
 	LineNumber = 0;
 	ctladdr->q_flags &= ~QSELFREF;
 	nincludes = 0;
-	while (sm_io_fgets(fp, SM_TIME_DEFAULT, buf, sizeof(buf)) != NULL &&
+	while (sm_io_fgets(fp, SM_TIME_DEFAULT, buf, sizeof(buf)) >= 0 &&
 	       !maxreached)
 	{
 		fixcrlf(buf, true);
diff --git a/contrib/sendmail/src/savemail.c b/contrib/sendmail/src/savemail.c
index 2413281..33a897a 100644
--- a/contrib/sendmail/src/savemail.c
+++ b/contrib/sendmail/src/savemail.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998-2003, 2006 Sendmail, Inc. and its suppliers.
+ * Copyright (c) 1998-2003, 2006, 2012, 2013 Sendmail, Inc. and its suppliers.
  *	All rights reserved.
  * Copyright (c) 1983, 1995-1997 Eric P. Allman.  All rights reserved.
  * Copyright (c) 1988, 1993
@@ -13,7 +13,7 @@
 
 #include <sendmail.h>
 
-SM_RCSID("@(#)$Id: savemail.c,v 8.315 2012/02/27 17:43:03 gshapiro Exp $")
+SM_RCSID("@(#)$Id: savemail.c,v 8.318 2013/03/12 15:24:54 ca Exp $")
 
 static bool	errbody __P((MCI *, ENVELOPE *, char *));
 static bool	pruneroute __P((char *));
@@ -204,7 +204,7 @@ savemail(e, sendbody)
 				(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
 						     "Transcript follows:\r\n");
 				while (sm_io_fgets(e->e_xfp, SM_TIME_DEFAULT,
-						   buf, sizeof(buf)) != NULL &&
+						   buf, sizeof(buf)) >= 0 &&
 				       !sm_io_error(smioout))
 					(void) sm_io_fputs(smioout,
 							   SM_TIME_DEFAULT,
@@ -866,7 +866,7 @@ errbody(mci, e, separator)
 			if (xfile != NULL)
 			{
 				while (sm_io_fgets(xfile, SM_TIME_DEFAULT, buf,
-						   sizeof(buf)) != NULL)
+						   sizeof(buf)) >= 0)
 				{
 					int lbs;
 					bool putok;
@@ -1042,18 +1042,20 @@ errbody(mci, e, separator)
 	}
 	else
 	{
+		int blen;
+
 		printheader = true;
 		(void) bfrewind(e->e_parent->e_xfp);
 		if (e->e_xfp != NULL)
 			(void) sm_io_flush(e->e_xfp, SM_TIME_DEFAULT);
-		while (sm_io_fgets(e->e_parent->e_xfp, SM_TIME_DEFAULT, buf,
-				   sizeof(buf)) != NULL)
+		while ((blen = sm_io_fgets(e->e_parent->e_xfp, SM_TIME_DEFAULT,
+					buf, sizeof(buf))) >= 0)
 		{
 			if (printheader && !putline("   ----- Transcript of session follows -----\n",
 						mci))
 				goto writeerr;
 			printheader = false;
-			if (!putline(buf, mci))
+			if (!putxline(buf, blen, mci, PXLF_MAPFROM))
 				goto writeerr;
 		}
 	}
@@ -1174,11 +1176,24 @@ errbody(mci, e, separator)
 			/* Original-Recipient: -- passed from on high */
 			if (q->q_orcpt != NULL)
 			{
-				(void) sm_snprintf(buf, sizeof(buf),
-						"Original-Recipient: %.800s",
-						q->q_orcpt);
-				if (!putline(buf, mci))
-					goto writeerr;
+				p = strchr(q->q_orcpt, ';');
+
+				/*
+				**  p == NULL shouldn't happen due to
+				**  check in srvrsmtp.c
+				**  we could log an error in this case.
+				*/
+
+				if (p != NULL)
+				{
+					*p = '\0';
+					(void) sm_snprintf(buf, sizeof(buf),
+						"Original-Recipient: %.100s;%.700s",
+						q->q_orcpt, xuntextify(p + 1));
+					*p = ';';
+					if (!putline(buf, mci))
+						goto writeerr;
+				}
 			}
 
 			/* Figure out actual recipient */
@@ -1682,6 +1697,34 @@ xtextok(s)
 	}
 	return true;
 }
+
+/*
+**  ISATOM -- check if a string is an "atom"
+**
+**	Parameters:
+**		s -- the string to check.
+**
+**	Returns:
+**		true -- iff s is an atom
+*/
+
+bool
+isatom(s)
+	const char *s;
+{
+	int c;
+
+	if (s == NULL || *s == '\0')
+		return false;
+	while ((c = *s++) != '\0')
+	{
+		if (strchr("()<>@,;:\\.[]\"", c) != NULL)
+			return false;
+		if (c < '!' || c > '~')
+			return false;
+	}
+	return true;
+}
 /*
 **  PRUNEROUTE -- prune an RFC-822 source route
 **
diff --git a/contrib/sendmail/src/sendmail.h b/contrib/sendmail/src/sendmail.h
index e114019..6704fda 100644
--- a/contrib/sendmail/src/sendmail.h
+++ b/contrib/sendmail/src/sendmail.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998-2012 Sendmail, Inc. and its suppliers.
+ * Copyright (c) 1998-2013 Sendmail, Inc. and its suppliers.
  *	All rights reserved.
  * Copyright (c) 1983, 1995-1997 Eric P. Allman.  All rights reserved.
  * Copyright (c) 1988, 1993
@@ -52,7 +52,7 @@
 
 #ifdef _DEFINE
 # ifndef lint
-SM_UNUSED(static char SmailId[]) = "@(#)$Id: sendmail.h,v 8.1096 2012/11/16 20:25:03 ca Exp $";
+SM_UNUSED(static char SmailId[]) = "@(#)$Id: sendmail.h,v 8.1101 2013/03/15 17:54:12 ca Exp $";
 # endif /* ! lint */
 #endif /* _DEFINE */
 
@@ -124,7 +124,11 @@ SM_UNUSED(static char SmailId[]) = "@(#)$Id: sendmail.h,v 8.1096 2012/11/16 20:2
 #if STARTTLS
 #  include <openssl/ssl.h>
 # if !TLS_NO_RSA
-#  define RSA_KEYLENGTH	512
+#  if _FFR_FIPSMODE
+#   define RSA_KEYLENGTH	1024
+#  else /* _FFR_FIPSMODE  */
+#   define RSA_KEYLENGTH	512
+#  endif /* _FFR_FIPSMODE  */
 # endif /* !TLS_NO_RSA */
 #endif /* STARTTLS */
 
@@ -1941,14 +1945,14 @@ struct termescape
 #define TLS_AUTH_FAIL	(-1)
 
 /* functions */
-extern bool	init_tls_library __P((void));
+extern bool	init_tls_library __P((bool _fipsmode));
 extern bool	inittls __P((SSL_CTX **, unsigned long, long, bool, char *, char *, char *, char *, char *));
 extern bool	initclttls __P((bool));
 extern void	setclttls __P((bool));
 extern bool	initsrvtls __P((bool));
 extern int	tls_get_info __P((SSL *, bool, char *, MACROS_T *, bool));
 extern int	endtls __P((SSL *, char *));
-extern void	tlslogerr __P((const char *));
+extern void	tlslogerr __P((int, const char *));
 
 
 EXTERN char	*CACertPath;	/* path to CA certificates (dir. with hashes) */
@@ -2296,6 +2300,7 @@ EXTERN bool	DontLockReadFiles;	/* don't read lock support files */
 EXTERN bool	DontPruneRoutes;	/* don't prune source routes */
 EXTERN bool	ForkQueueRuns;	/* fork for each job when running the queue */
 EXTERN bool	FromFlag;	/* if set, "From" person is explicit */
+EXTERN bool	FipsMode;
 EXTERN bool	GrabTo;		/* if set, get recipients from msg */
 EXTERN bool	EightBitAddrOK;	/* we'll let 8-bit addresses through */
 EXTERN bool	HasEightBits;	/* has at least one eight bit input byte */
@@ -2310,6 +2315,9 @@ EXTERN bool	NoAlias;	/* suppress aliasing */
 EXTERN bool	NoConnect;	/* don't connect to non-local mailers */
 EXTERN bool	OnlyOneError;	/*  .... or only want to give one SMTP reply */
 EXTERN bool	QuickAbort;	/*  .... but only if we want a quick abort */
+#if _FFR_REJECT_NUL_BYTE
+EXTERN bool	RejectNUL;	/* reject NUL input byte? */
+#endif /* _FFR_REJECT_NUL_BYTE */
 #if REQUIRES_DIR_FSYNC
 EXTERN bool	RequiresDirfsync;	/* requires fsync() for directory */
 #endif /* REQUIRES_DIR_FSYNC */
@@ -2655,6 +2663,7 @@ extern void	initmacros __P((ENVELOPE *));
 extern void	initsetproctitle __P((int, char **, char **));
 extern void	init_vendor_macros __P((ENVELOPE *));
 extern SIGFUNC_DECL	intsig __P((int));
+extern bool	isatom __P((const char *));
 extern bool	isloopback __P((SOCKADDR sa));
 extern void	load_if_names __P((void));
 extern bool	lockfile __P((int, char *, char *, int));
diff --git a/contrib/sendmail/src/sfsasl.c b/contrib/sendmail/src/sfsasl.c
index cad16db..ebea3f2 100644
--- a/contrib/sendmail/src/sfsasl.c
+++ b/contrib/sendmail/src/sfsasl.c
@@ -9,7 +9,7 @@
  */
 
 #include <sm/gen.h>
-SM_RCSID("@(#)$Id: sfsasl.c,v 8.118 2008/07/22 15:12:48 ca Exp $")
+SM_RCSID("@(#)$Id: sfsasl.c,v 8.120 2013/03/15 17:49:12 guenther Exp $")
 #include <stdlib.h>
 #include <sendmail.h>
 #include <sm/time.h>
@@ -628,13 +628,14 @@ tls_retry(ssl, rfd, wfd, tlsstart, timeout, err, where)
 				  "STARTTLS=%s, error: fd %d/%d too large",
 				  where, rfd, wfd);
 		if (LogLevel > 8)
-			tlslogerr(where);
+			tlslogerr(LOG_WARNING, where);
 		}
 		errno = EINVAL;
 	}
 	else if (err == SSL_ERROR_WANT_READ)
 	{
 		fd_set ssl_maskr, ssl_maskx;
+		int save_errno = errno;
 
 		FD_ZERO(&ssl_maskr);
 		FD_SET(rfd, &ssl_maskr);
@@ -647,10 +648,12 @@ tls_retry(ssl, rfd, wfd, tlsstart, timeout, err, where)
 		} while (ret < 0 && errno == EINTR);
 		if (ret < 0 && errno > 0)
 			ret = -errno;
+		errno = save_errno;
 	}
 	else if (err == SSL_ERROR_WANT_WRITE)
 	{
 		fd_set ssl_maskw, ssl_maskx;
+		int save_errno = errno;
 
 		FD_ZERO(&ssl_maskw);
 		FD_SET(wfd, &ssl_maskw);
@@ -663,6 +666,7 @@ tls_retry(ssl, rfd, wfd, tlsstart, timeout, err, where)
 		} while (ret < 0 && errno == EINTR);
 		if (ret < 0 && errno > 0)
 			ret = -errno;
+		errno = save_errno;
 	}
 	return ret;
 }
@@ -770,8 +774,17 @@ tls_read(fp, buf, size)
 			break;
 #endif /* DEAL_WITH_ERROR_SSL */
 		err = "generic SSL error";
+
 		if (LogLevel > 9)
-			tlslogerr("read");
+		{
+			int pri;
+
+			if (errno == EAGAIN && try > 0)
+				pri = LOG_DEBUG;
+			else
+				pri = LOG_WARNING;
+			tlslogerr(pri, "read");
+		}
 
 #if DEAL_WITH_ERROR_SSL
 		/* avoid repeated calls? */
@@ -792,11 +805,19 @@ tls_read(fp, buf, size)
 					  "STARTTLS: read error=timeout");
 		}
 		else if (LogLevel > 8)
-			sm_syslog(LOG_WARNING, NOQID,
+		{
+			int pri;
+
+			if (save_errno == EAGAIN && try > 0)
+				pri = LOG_DEBUG;
+			else
+				pri = LOG_WARNING;
+			sm_syslog(pri, NOQID,
 				  "STARTTLS: read error=%s (%d), errno=%d, get_error=%s, retry=%d, ssl_err=%d",
 				  err, r, errno,
 				  ERR_error_string(ERR_get_error(), NULL), try,
 				  ssl_err);
+		}
 		else if (LogLevel > 7)
 			sm_syslog(LOG_WARNING, NOQID,
 				  "STARTTLS: read error=%s (%d), retry=%d, ssl_err=%d",
@@ -878,7 +899,7 @@ tls_write(fp, buf, size)
 		ERR_GET_REASON(ERR_peek_error()));
 */
 		if (LogLevel > 9)
-			tlslogerr("write");
+			tlslogerr(LOG_WARNING, "write");
 
 #if DEAL_WITH_ERROR_SSL
 		/* avoid repeated calls? */
diff --git a/contrib/sendmail/src/srvrsmtp.c b/contrib/sendmail/src/srvrsmtp.c
index c4c045b..0dfdf6b 100644
--- a/contrib/sendmail/src/srvrsmtp.c
+++ b/contrib/sendmail/src/srvrsmtp.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998-2010, 2012 Sendmail, Inc. and its suppliers.
+ * Copyright (c) 1998-2010, 2012, 2013 Sendmail, Inc. and its suppliers.
  *	All rights reserved.
  * Copyright (c) 1983, 1995-1997 Eric P. Allman.  All rights reserved.
  * Copyright (c) 1988, 1993
@@ -17,7 +17,7 @@
 # include <libmilter/mfdef.h>
 #endif /* MILTER */
 
-SM_RCSID("@(#)$Id: srvrsmtp.c,v 8.1011 2012/12/19 02:49:21 ca Exp $")
+SM_RCSID("@(#)$Id: srvrsmtp.c,v 8.1015 2013/03/12 15:24:54 ca Exp $")
 
 #include <sm/time.h>
 #include <sm/fdset.h>
@@ -1864,7 +1864,7 @@ smtp(nullserver, d_flags, e)
 			{
 				message("454 4.3.3 TLS not available: error generating SSL handle");
 				if (LogLevel > 8)
-					tlslogerr("server");
+					tlslogerr(LOG_WARNING, "server");
 				goto tls_done;
 			}
 
@@ -1927,7 +1927,7 @@ smtp(nullserver, d_flags, e)
 						  ssl_err, errno, i,
 						  CurSmtpClient);
 					if (LogLevel > 9)
-						tlslogerr("server");
+						tlslogerr(LOG_WARNING, "server");
 				}
 				tls_ok_srv = false;
 				SSL_free(srv_ssl);
@@ -4518,6 +4518,8 @@ rcpt_esmtp_args(a, kp, vp, e)
 	}
 	else if (sm_strcasecmp(kp, "orcpt") == 0)
 	{
+		char *p;
+
 		if (!bitset(SRV_OFFER_DSN, e->e_features))
 		{
 			usrerr("504 5.7.0 Sorry, ORCPT not supported, we do not allow DSN");
@@ -4528,16 +4530,25 @@ rcpt_esmtp_args(a, kp, vp, e)
 			usrerr("501 5.5.2 ORCPT requires a value");
 			/* NOTREACHED */
 		}
-		if (strchr(vp, ';') == NULL || !xtextok(vp))
+		if (a->q_orcpt != NULL)
+		{
+			usrerr("501 5.5.0 Duplicate ORCPT parameter");
+			/* NOTREACHED */
+		}
+		p = strchr(vp, ';');
+		if (p == NULL)
 		{
 			usrerr("501 5.5.4 Syntax error in ORCPT parameter value");
 			/* NOTREACHED */
 		}
-		if (a->q_orcpt != NULL)
+		*p = '\0';
+		if (!isatom(vp) || !xtextok(p + 1))
 		{
-			usrerr("501 5.5.0 Duplicate ORCPT parameter");
+			*p = ';';
+			usrerr("501 5.5.4 Syntax error in ORCPT parameter value");
 			/* NOTREACHED */
 		}
+		*p = ';';
 		a->q_orcpt = sm_rpool_strdup_x(e->e_rpool, vp);
 	}
 	else
@@ -4923,7 +4934,7 @@ help(topic, e)
 
 	len = strlen(topic);
 
-	while (sm_io_fgets(hf, SM_TIME_DEFAULT, buf, sizeof(buf)) != NULL)
+	while (sm_io_fgets(hf, SM_TIME_DEFAULT, buf, sizeof(buf)) >= 0)
 	{
 		if (buf[0] == '#')
 		{
diff --git a/contrib/sendmail/src/tls.c b/contrib/sendmail/src/tls.c
index a57a05d..60d408e5 100644
--- a/contrib/sendmail/src/tls.c
+++ b/contrib/sendmail/src/tls.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000-2006, 2008, 2009, 2011 Sendmail, Inc. and its suppliers.
+ * Copyright (c) 2000-2006, 2008, 2009, 2011, 2013 Sendmail, Inc. and its suppliers.
  *	All rights reserved.
  *
  * By using this file, you agree to the terms and conditions set
@@ -10,7 +10,7 @@
 
 #include <sendmail.h>
 
-SM_RCSID("@(#)$Id: tls.c,v 8.118 2011/03/07 23:20:47 ca Exp $")
+SM_RCSID("@(#)$Id: tls.c,v 8.121 2013/01/02 23:54:17 ca Exp $")
 
 #if STARTTLS
 #  include <openssl/err.h>
@@ -267,15 +267,18 @@ tls_rand_init(randfile, logl)
 **  INIT_TLS_LIBRARY -- Calls functions which setup TLS library for global use.
 **
 **	Parameters:
-**		none.
+**		fipsmode -- use FIPS?
 **
 **	Returns:
 **		succeeded?
 */
 
 bool
-init_tls_library()
+init_tls_library(fipsmode)
+	bool fipsmode;
 {
+	bool bv;
+
 	/* basic TLS initialization, ignore result for now */
 	SSL_library_init();
 	SSL_load_error_strings();
@@ -284,7 +287,30 @@ init_tls_library()
 	SSLeay_add_ssl_algorithms();
 # endif /* 0 */
 
-	return tls_rand_init(RandFile, 7);
+	bv = tls_rand_init(RandFile, 7);
+# if _FFR_FIPSMODE
+	if (bv && fipsmode)
+	{
+		if (!FIPS_mode_set(1))
+		{
+			unsigned long err;
+
+			err = ERR_get_error();
+			if (LogLevel > 0)
+				sm_syslog(LOG_ERR, NOQID,
+					"STARTTLS=init, FIPSMode=%s",
+					ERR_error_string(err, NULL));
+			return false;
+		}
+		else
+		{
+			if (LogLevel > 9)
+				sm_syslog(LOG_INFO, NOQID,
+					"STARTTLS=init, FIPSMode=ok");
+		}
+	}
+#endif /* _FFR_FIPSMODE  */
+	return bv;
 }
 /*
 **  TLS_SET_VERIFY -- request client certificate?
@@ -709,7 +735,7 @@ inittls(ctx, req, options, srv, certfile, keyfile, cacertpath, cacertfile, dhpar
 				  "STARTTLS=%s, error: SSL_CTX_new(SSLv23_%s_method()) failed",
 				  who, who);
 		if (LogLevel > 9)
-			tlslogerr(who);
+			tlslogerr(LOG_WARNING, who);
 		return false;
 	}
 
@@ -808,7 +834,7 @@ inittls(ctx, req, options, srv, certfile, keyfile, cacertpath, cacertfile, dhpar
 				  "STARTTLS=%s, error: RSA_generate_key failed",
 				  who);
 			if (LogLevel > 9)
-				tlslogerr(who);
+				tlslogerr(LOG_WARNING, who);
 		}
 		return false;
 	}
@@ -829,7 +855,7 @@ inittls(ctx, req, options, srv, certfile, keyfile, cacertpath, cacertfile, dhpar
 				  "STARTTLS=%s, error: SSL_CTX_use_PrivateKey_file(%s) failed",
 				  who, keyfile);
 			if (LogLevel > 9)
-				tlslogerr(who);
+				tlslogerr(LOG_WARNING, who);
 		}
 		if (bitset(TLS_I_USE_KEY, req))
 			return false;
@@ -846,7 +872,7 @@ inittls(ctx, req, options, srv, certfile, keyfile, cacertpath, cacertfile, dhpar
 				  "STARTTLS=%s, error: SSL_CTX_use_certificate_file(%s) failed",
 				  who, certfile);
 			if (LogLevel > 9)
-				tlslogerr(who);
+				tlslogerr(LOG_WARNING, who);
 		}
 		if (bitset(TLS_I_USE_CERT, req))
 			return false;
@@ -863,7 +889,7 @@ inittls(ctx, req, options, srv, certfile, keyfile, cacertpath, cacertfile, dhpar
 				  "STARTTLS=%s, error: SSL_CTX_check_private_key failed(%s): %d",
 				  who, keyfile, r);
 			if (LogLevel > 9)
-				tlslogerr(who);
+				tlslogerr(LOG_WARNING, who);
 		}
 		if (bitset(TLS_I_USE_KEY, req))
 			return false;
@@ -882,7 +908,7 @@ inittls(ctx, req, options, srv, certfile, keyfile, cacertpath, cacertfile, dhpar
 				  "STARTTLS=%s, error: SSL_CTX_use_PrivateKey_file(%s) failed",
 				  who, kf2);
 			if (LogLevel > 9)
-				tlslogerr(who);
+				tlslogerr(LOG_WARNING, who);
 		}
 	}
 
@@ -896,7 +922,7 @@ inittls(ctx, req, options, srv, certfile, keyfile, cacertpath, cacertfile, dhpar
 				  "STARTTLS=%s, error: SSL_CTX_use_certificate_file(%s) failed",
 				  who, cf2);
 			if (LogLevel > 9)
-				tlslogerr(who);
+				tlslogerr(LOG_WARNING, who);
 		}
 	}
 
@@ -911,7 +937,7 @@ inittls(ctx, req, options, srv, certfile, keyfile, cacertpath, cacertfile, dhpar
 				  "STARTTLS=%s, error: SSL_CTX_check_private_key 2 failed: %d",
 				  who, r);
 			if (LogLevel > 9)
-				tlslogerr(who);
+				tlslogerr(LOG_WARNING, who);
 		}
 	}
 # endif /* _FFR_TLS_1 */
@@ -962,7 +988,7 @@ inittls(ctx, req, options, srv, certfile, keyfile, cacertpath, cacertfile, dhpar
 						  who, dhparam,
 						  ERR_error_string(err, NULL));
 					if (LogLevel > 9)
-						tlslogerr(who);
+						tlslogerr(LOG_WARNING, who);
 				}
 			}
 			else
@@ -973,7 +999,7 @@ inittls(ctx, req, options, srv, certfile, keyfile, cacertpath, cacertfile, dhpar
 						  "STARTTLS=%s, error: BIO_new_file(%s) failed",
 						  who, dhparam);
 					if (LogLevel > 9)
-						tlslogerr(who);
+						tlslogerr(LOG_WARNING, who);
 				}
 			}
 		}
@@ -1089,7 +1115,7 @@ inittls(ctx, req, options, srv, certfile, keyfile, cacertpath, cacertfile, dhpar
 					  "STARTTLS=%s, error: load verify locs %s, %s failed: %d",
 					  who, cacertpath, cacertfile, r);
 				if (LogLevel > 9)
-					tlslogerr(who);
+					tlslogerr(LOG_WARNING, who);
 			}
 			if (bitset(TLS_I_VRFY_LOC, req))
 				return false;
@@ -1113,7 +1139,7 @@ inittls(ctx, req, options, srv, certfile, keyfile, cacertpath, cacertfile, dhpar
 					  who, CipherList);
 
 				if (LogLevel > 9)
-					tlslogerr(who);
+					tlslogerr(LOG_WARNING, who);
 			}
 			/* failure if setting to this list is required? */
 		}
@@ -1377,7 +1403,7 @@ endtls(ssl, side)
 				sm_syslog(LOG_WARNING, NOQID,
 					  "STARTTLS=%s, SSL_shutdown failed: %d",
 					  side, r);
-				tlslogerr(side);
+				tlslogerr(LOG_WARNING, side);
 			}
 			ret = EX_SOFTWARE;
 		}
@@ -1426,7 +1452,7 @@ endtls(ssl, side)
 				sm_syslog(LOG_WARNING, NOQID,
 					  "STARTTLS=%s, SSL_shutdown not done",
 					  side);
-				tlslogerr(side);
+				tlslogerr(LOG_WARNING, side);
 			}
 			ret = EX_SOFTWARE;
 		}
@@ -1659,6 +1685,7 @@ tls_verify_cb(ctx, unused)
 **  TLSLOGERR -- log the errors from the TLS error stack
 **
 **	Parameters:
+**		level -- syslog level
 **		who -- server/client (for logging).
 **
 **	Returns:
@@ -1666,7 +1693,8 @@ tls_verify_cb(ctx, unused)
 */
 
 void
-tlslogerr(who)
+tlslogerr(level, who)
+	int level;
 	const char *who;
 {
 	unsigned long l;
@@ -1680,7 +1708,7 @@ tlslogerr(who)
 	while ((l = ERR_get_error_line_data(CP &file, &line, CP &data, &flags))
 		!= 0)
 	{
-		sm_syslog(LOG_WARNING, NOQID,
+		sm_syslog(level, NOQID,
 			  "STARTTLS=%s: %lu:%s:%s:%d:%s", who, es,
 			  ERR_error_string(l, buf),
 			  file, line,
diff --git a/contrib/sendmail/src/usersmtp.c b/contrib/sendmail/src/usersmtp.c
index c5da512..6dafca0 100644
--- a/contrib/sendmail/src/usersmtp.c
+++ b/contrib/sendmail/src/usersmtp.c
@@ -13,7 +13,7 @@
 
 #include <sendmail.h>
 
-SM_RCSID("@(#)$Id: usersmtp.c,v 8.485 2010/07/23 21:09:38 ca Exp $")
+SM_RCSID("@(#)$Id: usersmtp.c,v 8.486 2013/03/12 15:24:54 ca Exp $")
 
 #include <sysexits.h>
 
@@ -801,7 +801,7 @@ readauth(filename, safe, sai, rpool)
 
 	lc = 0;
 	while (lc <= SASL_MECHLIST &&
-		sm_io_fgets(f, SM_TIME_DEFAULT, buf, sizeof(buf)) != NULL)
+		sm_io_fgets(f, SM_TIME_DEFAULT, buf, sizeof(buf)) >= 0)
 	{
 		if (buf[0] != '#')
 		{
diff --git a/contrib/sendmail/src/util.c b/contrib/sendmail/src/util.c
index 9bc28ec..8ea2620 100644
--- a/contrib/sendmail/src/util.c
+++ b/contrib/sendmail/src/util.c
@@ -13,7 +13,7 @@
 
 #include <sendmail.h>
 
-SM_RCSID("@(#)$Id: util.c,v 8.425 2012/03/03 00:10:43 ca Exp $")
+SM_RCSID("@(#)$Id: util.c,v 8.426 2013/03/12 15:24:54 ca Exp $")
 
 #include <sm/sendmail.h>
 #include <sysexits.h>
@@ -1285,8 +1285,7 @@ sfgets(buf, siz, fp, timeout, during)
 	char *during;
 {
 	register char *p;
-	int save_errno;
-	int io_timeout;
+	int save_errno, io_timeout, l;
 
 	SM_REQUIRE(siz > 0);
 	SM_REQUIRE(buf != NULL);
@@ -1299,7 +1298,7 @@ sfgets(buf, siz, fp, timeout, during)
 	}
 
 	/* try to read */
-	p = NULL;
+	l = -1;
 	errno = 0;
 
 	/* convert the timeout to sm_io notation */
@@ -1307,8 +1306,8 @@ sfgets(buf, siz, fp, timeout, during)
 	while (!sm_io_eof(fp) && !sm_io_error(fp))
 	{
 		errno = 0;
-		p = sm_io_fgets(fp, io_timeout, buf, siz);
-		if (p == NULL && errno == EAGAIN)
+		l = sm_io_fgets(fp, io_timeout, buf, siz);
+		if (l < 0 && errno == EAGAIN)
 		{
 			/* The sm_io_fgets() call timedout */
 			if (LogLevel > 1)
@@ -1328,7 +1327,7 @@ sfgets(buf, siz, fp, timeout, during)
 			errno = ETIMEDOUT;
 			return NULL;
 		}
-		if (p != NULL || errno != EINTR)
+		if (l >= 0 || errno != EINTR)
 			break;
 		(void) sm_io_clearerr(fp);
 	}
@@ -1336,7 +1335,7 @@ sfgets(buf, siz, fp, timeout, during)
 
 	/* clean up the books and exit */
 	LineNumber++;
-	if (p == NULL)
+	if (l < 0)
 	{
 		buf[0] = '\0';
 		if (TrafficLogFile != NULL)
diff --git a/contrib/sendmail/src/version.c b/contrib/sendmail/src/version.c
index 2e9fe48..05ad66a 100644
--- a/contrib/sendmail/src/version.c
+++ b/contrib/sendmail/src/version.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998-2012 Sendmail, Inc. and its suppliers.
+ * Copyright (c) 1998-2013 Sendmail, Inc. and its suppliers.
  *	All rights reserved.
  * Copyright (c) 1983 Eric P. Allman.  All rights reserved.
  * Copyright (c) 1988, 1993
@@ -13,6 +13,6 @@
 
 #include <sm/gen.h>
 
-SM_RCSID("@(#)$Id: version.c,v 8.235 2012/12/19 05:11:44 ca Exp $")
+SM_RCSID("@(#)$Id: version.c,v 8.243 2013/04/18 15:07:17 ca Exp $")
 
-char	Version[] = "8.14.6";
+char	Version[] = "8.14.7";