+##################################################
+# Custom munges
+# keyed by name of munge; value is a ref to a hash
+# which is keyed by file, value a string to look for.
+# Usable files are:
+# paniclog, rejectlog, mainlog, stdout, stderr, msglog, mail
+# Search strings starting with 's' do substitutions;
+# with '/' do line-skips.
+# Triggered by a scriptfile line "munge <name>"
+##################################################
+$munges =
+ { 'dnssec' =>
+ { 'stderr' => '/^Reverse DNS security status: unverified\n/' },
+
+ 'gnutls_unexpected' =>
+ { 'mainlog' => '/\(recv\): A TLS packet with unexpected length was received./' },
+
+ 'gnutls_handshake' =>
+ { 'mainlog' => 's/\(gnutls_handshake\): Error in the push function/\(gnutls_handshake\): A TLS packet with unexpected length was received/' },
+
+ 'gnutls_bad_clientcert' =>
+ { 'mainlog' => 's/\(certificate verification failed\): certificate invalid/\(gnutls_handshake\): The peer did not send any certificate./',
+ 'stdout' => 's/Succeeded in starting TLS/A TLS fatal alert has been received.\nFailed to start TLS'
+ },
+
+ 'optional_events' =>
+ { 'stdout' => '/event_action =/' },
+
+ 'optional_ocsp' =>
+ { 'stderr' => '/127.0.0.1 in hosts_requ(ire|est)_ocsp/' },
+
+ 'optional_cert_hostnames' =>
+ { 'stderr' => '/in tls_verify_cert_hostnames\? no/' },
+
+ 'loopback' =>
+ { 'stdout' => 's/[[](127\.0\.0\.1|::1)]/[IP_LOOPBACK_ADDR]/' },
+
+ 'scanfile_size' =>
+ { 'stdout' => 's/(Content-length:) \d\d\d/$1 ddd/' },
+
+ 'delay_1500' =>
+ { 'stderr' => 's/(1[5-9]|23\d)\d\d msec/ssss msec/' },
+
+ 'tls_anycipher' =>
+ { 'mainlog' => 's/ X=TLS\S+ / X=TLS_proto_and_cipher /' },
+
+ 'debug_pid' =>
+ { 'stderr' => 's/(^\s{0,4}|(?<=Process )|(?<=child ))\d{1,5}/ppppp/g' },
+
+ 'optional_dsn_info' =>
+ { 'mail' => '/^(X-(Remote-MTA-(smtp-greeting|helo-response)|Exim-Diagnostic|(body|message)-linecount):|Remote-MTA: X-ip;)/'
+ },
+
+ 'optional_config' =>
+ { 'stdout' => '/^(
+ dkim_(canon|domain|private_key|selector|sign_headers|strict|hash|identity)
+ |gnutls_require_(kx|mac|protocols)
+ |hosts_(requ(est|ire)|try)_(dane|ocsp)
+ |dane_require_tls_ciphers
+ |hosts_(avoid|nopass|noproxy|require|verify_avoid)_tls
+ |socks_proxy
+ |tls_[^ ]*
+ )($|[ ]=)/x'
+ },
+
+ 'sys_bindir' =>
+ { 'mainlog' => 's%/(usr/(local/)?)?bin/%SYSBINDIR/%' },
+
+ 'sync_check_data' =>
+ { 'mainlog' => 's/^(.* SMTP protocol synchronization error .* next input=.{8}).*$/$1<suppressed>/',
+ 'rejectlog' => 's/^(.* SMTP protocol synchronization error .* next input=.{8}).*$/$1<suppressed>/'},
+
+ 'debuglog_stdout' =>
+ { 'stdout' => 's/^\d\d:\d\d:\d\d\s+\d+ //;
+ s/Process \d+ is ready for new message/Process pppp is ready for new message/'
+ },
+
+ 'timeout_errno' => # actual errno differs Solaris vs. Linux
+ { 'mainlog' => 's/(host deferral .* errno) <\d+> /$1 <EEE> /' },
+
+ 'peer_terminated_conn' => # actual error differs FreedBSD vs. Linux
+ { 'stderr' => 's/^( SMTP\()Connection reset by peer(\)<<)$/$1closed$2/' },
+
+ 'perl_variants' => # result of hash-in-scalar-context changed from bucket-fill to keycount
+ { 'stdout' => 's%^> X/X$%> X%' },
+ };
+
+
+sub max {
+ my ($a, $b) = @_;
+ return $a if ($a > $b);
+ return $b;
+}
+