Timo Sirainen [Thu, 21 Aug 2014 12:49:34 +0000 (14:49 +0200)]
fts-lucene: When deleting corrupted lucene-indexes/ directory, don't rmdir it.
This at least avoids errors with NFS when some of the files are still open
inside it by other processes.
Timo Sirainen [Wed, 20 Aug 2014 13:32:15 +0000 (15:32 +0200)]
lmtp: Put back the deduplication code.
Too dangerous after all to change it in the middle of v2.2.x. It's also not
causing that much trouble even when it breaks..
Timo Sirainen [Wed, 20 Aug 2014 12:35:27 +0000 (14:35 +0200)]
auth: protocol-specific username settings weren't used for userdb lookups.
The username was set before the service-specific settings were looked up, so
global settings were always used. This affected auth_default_realm,
auth_username_translation and auth_username_format settings.
Timo Sirainen [Wed, 20 Aug 2014 11:22:28 +0000 (14:22 +0300)]
fts-lucene: If whitespace_chars was set, we may have ended up indexing some garbage words.
The final \0 was replaced with space, so everything beyond that was also
being indexed.
Timo Sirainen [Tue, 19 Aug 2014 21:51:14 +0000 (23:51 +0200)]
lib: wildcard_match() should have matched "*" wildcard against an empty "" string also.
This fixes global ACL "*" matching the root namespace when creating new
mailboxes.
Timo Sirainen [Fri, 15 Aug 2014 12:22:46 +0000 (15:22 +0300)]
istream-chain: Support using io_add_istream() for the chain stream.
The callback is notified whenever new streams are added to the chain.
It's currently not possible to have nonblocking istreams added to the chain
and the callback being called when they have new data, but it would be
possible to implement as well if needed at some point.
Phil Carmody [Fri, 15 Aug 2014 12:02:59 +0000 (15:02 +0300)]
pop3: satisfy some strict parsing rules in RFC 1939
"Commands in the POP3 consist of a case-insensitive keyword, possibly
followed by one or more arguments. All commands are terminated by a
CRLF pair. Keywords and arguments consist of printable ASCII
characters. Keywords and arguments are each separated by a single
SPACE character."
"A server MUST respond to an unrecognized, unimplemented, or
syntactically invalid command by responding with a negative status
indicator."
Therefore the following commands must be rejected:
LIST 2600Hz
LIST 99 red balloons
TOP 1 2 buckle-my-shoe
Phil Carmody [Fri, 15 Aug 2014 12:02:59 +0000 (15:02 +0300)]
pop3: fix msgnum/size parsers
The outer if()s are completely unnecessary, and permit `num'
to remain uninitialised. Spotted by clang's static analysis.
Note that the lack of a parameter from a broken client is no longer
treated as "0". Before the bug was introduced:
DELE
-ERR There's no message 0.
After this patch:
DELE
-ERR Invalid message number:
Timo Sirainen [Fri, 15 Aug 2014 11:41:03 +0000 (14:41 +0300)]
Handle "out of disk space" and "out of user quota" as separate cases.
"Out of disk space" is a temporary error that should be logged as error and
the failure should be sent to user as "Internal server error".
Obsolete the use of MAIL_ERROR_NOSPACE and MAIL_ERRSTR_NO_SPACE. Use the
clearer MAIL_ERROR_NOQUOTA and MAIL_ERRSTR_NO_QUOTA instead.
Phil Carmody [Wed, 13 Aug 2014 10:34:22 +0000 (13:34 +0300)]
lib-http: server_request/connection - improve encapsulation
It just feels a bit dirty having the request mess around with the
connection's internals, have the connection manage its linked lists
itself. No functional changes.
Timo Sirainen [Tue, 12 Aug 2014 15:48:03 +0000 (18:48 +0300)]
virtual plugin: Optimized syncing a large number of physical mailboxes.
Especially when the number of mails was large the old code took a lot of CPU
time. Based on patch by Teemu Huovila.
Timo Sirainen [Tue, 12 Aug 2014 10:12:01 +0000 (13:12 +0300)]
lib-http server: Delay calling the request's destroy callback until handle_request() callback is finished.
This simplifies the code in the handle_request() so it doesn't need to keep
track of whether the response is already submitted or not.
Timo Sirainen [Tue, 12 Aug 2014 09:39:46 +0000 (12:39 +0300)]
fts-lucene: If lucene-indexes dir is unexpectedly lost, rescan when expunge log update fails.
This mainly fixes a repeating error about failing to open the expunge log.
It should happen only if dovecot.index thinks that the mailbox is indexed
while in reality the entire lucene-indexes directory doesn't exist.
Timo Sirainen [Mon, 11 Aug 2014 16:30:15 +0000 (19:30 +0300)]
ostream-buffer: Allow modifying the buffer outside ostream, unless o_stream_seek() is used.
Now we'll just append to the end of the buffer instead of forcibly trying to
write at the offset where the last ostream write ended.
Timo Sirainen [Mon, 11 Aug 2014 12:54:43 +0000 (15:54 +0300)]
lib: io_stream_copy() no longer attempts to read full block sizes from input.
Although that may be more efficient for writing (to files), it causes
unnecessary work for the input stream. The writing part should also be
optimized anyway if the caller corks the output stream.
Timo Sirainen [Mon, 11 Aug 2014 12:45:21 +0000 (15:45 +0300)]
lib-http: Don't leak memory if HTTP client disconnects unexpectedly.
http_server_connection_disconnect() has several cleanup calls, which weren't
done because closed=TRUE was set explicitly and that skipped the cleanup.
Timo Sirainen [Sat, 9 Aug 2014 07:10:34 +0000 (10:10 +0300)]
doveadm fs put: Added -h <hash> parameter to specify the file's hash.
The hash (in hex) is automatically detected to be either MD5 or SHA256 based
on its size. If the fs backend doesn't support the hash it'll fail.
Otherwise it'll make sure that the written file matches the given hash.
Timo Sirainen [Fri, 8 Aug 2014 13:20:31 +0000 (16:20 +0300)]
fts: Added fts_no_autofuzzy setting to require exact matches for found results.
This is done by using the FTS search results as only filters on which the
regular non-FTS search is done.
Timo Sirainen [Fri, 8 Aug 2014 10:46:05 +0000 (13:46 +0300)]
lib-storage: mailbox_get_*status(STATUS_HIGHESTMODSEQ) now enables CONDSTORE feature.
This makes sure that the highestmodseq is added to the mailbox list index if
not already there.
Timo Sirainen [Fri, 8 Aug 2014 10:32:08 +0000 (13:32 +0300)]
virtual: Make sure modseqs are always enabled for backend mailboxes.
mailbox_get_status() wasn't adding a missing highestmodseq otherwise to the
mailbox list index.
Timo Sirainen [Wed, 6 Aug 2014 13:39:27 +0000 (16:39 +0300)]
auth: passdb static assumed that missing "password" field meant empty password
Missing password should be an error unless nopassword is set. If an empty
password is wanted then "password=" can be used.
Timo Sirainen [Tue, 5 Aug 2014 15:43:31 +0000 (17:43 +0200)]
lib-http server: Require handle_request() to either send a response or reference the request.
This should make it more difficult to accidentally forget to send a
response and cause a hang.
Currently this assert-crashes, although it would have been possible to make
it return some internal error instead also.
Timo Sirainen [Tue, 5 Aug 2014 14:07:25 +0000 (16:07 +0200)]
lib-http server: Removed "bool close" parameters in favor of _close() functions.
Most callers don't want to close the connection so it's an extra parameter
usually. Also it's difficult to remember what the TRUE/FALSE means so it's
easy to cause bugs by copy&pasting the code.
http_server_request_fail() will also now forcibly close the connection if
conn->input_broken is set.
Phil Carmody [Wed, 30 Jul 2014 12:01:29 +0000 (15:01 +0300)]
lib: test-data-stack - add some fatal tests.
Extra caution is necessary as data-stack is such a fundamental component.
All of the brokenness that we add must be undone as soon as possible, or
there will be an endless loop of catastrophic errors. In order to avoid
that, at least try to detect some issues, and abort as quickly as possible.
Alas, due to the reliance of these tests on DEBUG code, if that's not set,
this test is a no-op.
Phil Carmody [Wed, 30 Jul 2014 12:01:29 +0000 (15:01 +0300)]
lib-test: permit tests of fatal conditions
Some functions have no mechanism of reporting an error, and mustn't continue,
so fatality is the only way out. (E.g. memory allocation failures.)
This addition is for those situations. Semantics of failure tests are very
different from normal tests:
- The test function must have the following prototype:
enum fatal_test_state test_fatal_things(int index);
- The index it will be called with starts at 0, and increments each time.
- It must call test_start() at the start of its first call.
- Apart from its final call, it must call a function it expects to trap the
fatal error handler. If that fails to trap, it must return FATAL_TEST_FAILURE
- After returning FATAL_TEST_FAILURE, it will continue to be called as normal.
- When there are no more tests to perform, it must clean up, call test_end()
and return FATAL_TEST_FINISHED. It will not be called again.
- If it detects errors in this protocol, it must not i_assert(), as that will
be treated as an expected fatal, it must return FATAL_TEST_ABORT. It will
then not be called again. It must not call test_end() in this case.
Timo Sirainen [Tue, 29 Jul 2014 14:27:24 +0000 (17:27 +0300)]
quota: Avoid assert-crash in Maildir++ quota if backend doesn't support control dirs.
We'll delay looking up the control dir until we've checked that the storage
is Maildir.
Timo Sirainen [Tue, 29 Jul 2014 10:58:10 +0000 (13:58 +0300)]
mbox: Fixed infinite looping and other incorrectness in istream-raw-mbox.
This was caused by the recent istream invalidation checks in
i_stream_get_data().
Phil Carmody [Mon, 28 Jul 2014 13:49:47 +0000 (16:49 +0300)]
lib-imap: imap-utf7 - reject encoded simple ASCII
"Modified BASE64 MUST NOT be used to represent any printing US-ASCII
character which can represent itself."
"The character "&" (0x26) is represented by the two-octet sequence "&-""
Therefore any mBASE64 sequence containing any character between 0x20 and
0x7e is invalid.
Phil Carmody [Mon, 28 Jul 2014 13:49:47 +0000 (16:49 +0300)]
lib-imap: imap-utf7 - reject bogus characters in the mUTF7
Only 0x20..0x7e are permitted, as "All other characters (octet values
0x00-0x1f and 0x7f-0xff) are represented in modified BASE64, ...".
Phil Carmody [Mon, 28 Jul 2014 13:45:33 +0000 (16:45 +0300)]
lib-test: make internal helpers static
These functions should only be called from within test_run(), as some of the
test-suite sanity checks can be subvirted if these are exposed.
Phil Carmody [Mon, 28 Jul 2014 13:45:33 +0000 (16:45 +0300)]
lib: compile time checks for buffer creation
Ensure the data buffer has as much space as the size parameter claims.
This uses the strictest test GCC provides - the smallest containing object,
and returning 0 for unknown size.
Phil Carmody [Mon, 28 Jul 2014 13:45:33 +0000 (16:45 +0300)]
lib: data-stack - start sentry checks immediately after the reserved buffer
Our sentries are written with byte-precision, no need to round up before
doing the checks.
Phil Carmody [Mon, 28 Jul 2014 13:45:33 +0000 (16:45 +0300)]
lib: data-stack - fix incorrect pointer comparison in t_try_realloc in DEBUG builds
When trying to work out if it's a valid realloc, we need to remember
that in DEBUG builds, we have hidden a size value (in a MEM_ALIGNED
space) before the pointer we return.
Phil Carmody [Mon, 28 Jul 2014 13:45:33 +0000 (16:45 +0300)]
lib: data-stack - fix realloc/lowwater bug
If DEBUG is enabled, then it can try to look past the low-water mark
as the low-water mark wasn't moved during successful reallocs. This
condition is detected, and causes a panic.
Phil Carmody [Mon, 28 Jul 2014 13:45:33 +0000 (16:45 +0300)]
lib: data-stack - pull common code out of if/else branches in t_malloc_real
Once the new block is set up nicely empty for use, it can be used exactly
like an old block that has enough space - so just merge the code paths.
(This changeset best viewed ignoring whitespace.)
projects / thirdparty / dovecot / core.git / log
