]> git.ipfire.org Git - thirdparty/dovecot/core.git/log
thirdparty/dovecot/core.git
6 years agoimap: GETMETADATA: Replace failed boolean with last_error code
Timo Sirainen [Wed, 24 Jul 2019 12:26:08 +0000 (15:26 +0300)] 
imap: GETMETADATA: Replace failed boolean with last_error code

6 years agoimap: Allow SET/GETMETADATA to access validated attributes with imap_metadata=no
Timo Sirainen [Wed, 24 Jul 2019 12:05:27 +0000 (15:05 +0300)] 
imap: Allow SET/GETMETADATA to access validated attributes with imap_metadata=no

Some IMAP extensions use these commands to set/get their internal state.
This should be allowed even if full METADATA isn't enabled.

The initial plan was to restrict this in the lib-imap-storage layer, so it
would apply to everything using the imap-metadata API. This would have
affected for example accessing metadata in Sieve scripts, which could be
either good or bad. It might not be wanted to give users read access to
some metadata either, but admins really should be given the ability to
write Sieve scripts that access the metadata. However there's just no good
way to differentiate between admin-written (or tool-written) Sieve script
and user-written Sieve script.

Another issue is using metadata to configure virtual mailboxes. Currently
they're all admin-written and should be allowed to access metadata, but in
the future we might want to allow user-written virtual mailbox rules as
well.

So the end result at least for now is to just prevent IMAP GETMETADATA and
SETMETADATA specifically from accessing the non-validated attributes. Most
of the time there aren't any secrets in the metadata. In case there is,
users need to be prevented from accessing metadata via Sieve, and in such
systems users rarely have direct Sieve access anyway.

6 years agolib-imap-metadata: Add imap_metadata_transaction_validated_only()
Timo Sirainen [Tue, 30 Jul 2019 08:04:44 +0000 (11:04 +0300)] 
lib-imap-metadata: Add imap_metadata_transaction_validated_only()

6 years agolib-storage: Add support for "validated attributes"
Timo Sirainen [Wed, 24 Jul 2019 11:42:21 +0000 (14:42 +0300)] 
lib-storage: Add support for "validated attributes"

If an attribute is marked with MAIL_ATTRIBUTE_INTERNAL_FLAG_VALIDATED, it's
assumed to be "validated". This means that it has a set() callback that
validates the value, which at minimum means that its size isn't excessively
large.

MAIL_ATTRIBUTE_TYPE_FLAG_VALIDATED can be used with set/get/iterate to allow
access only to these validated attributes. Trying to access non-validated
attributes will result in error.

6 years agolib-storage: Prepare attribute API for having flags in the type
Timo Sirainen [Tue, 23 Jul 2019 11:42:45 +0000 (12:42 +0100)] 
lib-storage: Prepare attribute API for having flags in the type

6 years agolib-ssl-iostream: Support TLSv1.3 ciphersuites
Aki Tuomi [Mon, 29 Jul 2019 13:08:07 +0000 (16:08 +0300)] 
lib-ssl-iostream: Support TLSv1.3 ciphersuites

6 years agolib-ssl-iostream: test-iostream-ssl - Wait until both sides have handshaked
Aki Tuomi [Mon, 29 Jul 2019 13:17:27 +0000 (16:17 +0300)] 
lib-ssl-iostream: test-iostream-ssl - Wait until both sides have handshaked

Produces consistent result with different TLS flavors

6 years agolib-ssl-iostream: test-iostream-ssl - Plug memory leak
Aki Tuomi [Mon, 29 Jul 2019 13:24:49 +0000 (16:24 +0300)] 
lib-ssl-iostream: test-iostream-ssl - Plug memory leak

If either endpoint fails to initialize it needs to be deinitialized too.

6 years agolib-ssl-iostream: test-iostream-ssl - Always fail on error
Aki Tuomi [Mon, 29 Jul 2019 12:39:20 +0000 (15:39 +0300)] 
lib-ssl-iostream: test-iostream-ssl - Always fail on error

Consistently fail the real function if something goes wrong.
Needed for TLSv1.3 support.

6 years agolib-ssl-iostream: test-iostream-ssl - Explicitly increment idx
Aki Tuomi [Mon, 29 Jul 2019 12:36:21 +0000 (15:36 +0300)] 
lib-ssl-iostream: test-iostream-ssl - Explicitly increment idx

The test_assert macro does not evaluate the idx increment
if the test succeeds.

6 years agostats: event exporters - Support https
Aki Tuomi [Mon, 29 Jul 2019 08:11:11 +0000 (11:11 +0300)] 
stats: event exporters - Support https

6 years agostats: event-exporter - Use DNS for http
Aki Tuomi [Mon, 29 Jul 2019 07:56:52 +0000 (10:56 +0300)] 
stats: event-exporter - Use DNS for http

6 years agostats: Disable chroot to make event exporters work
Aki Tuomi [Mon, 29 Jul 2019 08:20:48 +0000 (11:20 +0300)] 
stats: Disable chroot to make event exporters work

This is mostly needed for dns-client unix socket and
accessing ssl CA certificates.

6 years agodns-client: Make dns client available in login chroot
Aki Tuomi [Mon, 29 Jul 2019 07:56:20 +0000 (10:56 +0300)] 
dns-client: Make dns client available in login chroot

Otherwise it's not possible to use it for login processes.

6 years agolmtp: lmtp-local - Drop LMTP server log prefixes for event used for mail delivery.
Stephan Bosch [Fri, 26 Jul 2019 00:14:11 +0000 (02:14 +0200)] 
lmtp: lmtp-local - Drop LMTP server log prefixes for event used for mail delivery.

6 years agolib: lib-event - Add support for dropping log prefixes introduced by parent events.
Stephan Bosch [Thu, 25 Jul 2019 23:57:44 +0000 (01:57 +0200)] 
lib: lib-event - Add support for dropping log prefixes introduced by parent events.

This allows dropping a specific number prefixes from parents when this event is
used for logging. This does not affect the parent events. This only counts
actual prefixes and not  parents. If the count is higher than the actual number
of prefixes added by parents, all will be dropped.

6 years agomail-crypt: test-mail-key - Skip test before allocating test_pool
Siavash Tavakoli [Fri, 26 Jul 2019 08:55:11 +0000 (11:55 +0300)] 
mail-crypt: test-mail-key - Skip test before allocating test_pool

Fixes a memory leak if test is skipped.

6 years agolib-smtp: test-smtp-payload - exclude ssl cases if ssl not supported
Siavash Tavakoli [Fri, 26 Jul 2019 08:55:05 +0000 (11:55 +0300)] 
lib-smtp: test-smtp-payload - exclude ssl cases if ssl not supported

6 years agolib-http: test-http-payload - Include test_echo_ssl only if ssl is supported
Siavash Tavakoli [Fri, 26 Jul 2019 08:54:47 +0000 (11:54 +0300)] 
lib-http: test-http-payload - Include test_echo_ssl only if ssl is supported

6 years agolib: Allow event filtering with wildcarded integers
Josef 'Jeff' Sipek [Thu, 18 Jul 2019 15:45:28 +0000 (11:45 -0400)] 
lib: Allow event filtering with wildcarded integers

6 years agolib-ssl-iostream: Don't build test-iostream-ssl if building without ssl
Timo Sirainen [Mon, 22 Jul 2019 15:35:05 +0000 (18:35 +0300)] 
lib-ssl-iostream: Don't build test-iostream-ssl if building without ssl

Fixes compiling when building without ssl.

6 years agolib-storage: Namespace prefix shouldn't be included in all mailbox name validity...
Timo Sirainen [Mon, 22 Jul 2019 11:57:34 +0000 (14:57 +0300)] 
lib-storage: Namespace prefix shouldn't be included in all mailbox name validity checks

Broken by 90c2995737cc1f3fe042993beb7b0b32e5375795

6 years agolib: Correct comment typo (UIID -> UUID)
Josef 'Jeff' Sipek [Wed, 6 Feb 2019 16:33:11 +0000 (11:33 -0500)] 
lib: Correct comment typo (UIID -> UUID)

6 years agolib-smtp: smtp-params - Assume all capabilities are supported when adding parameter...
Stephan Bosch [Mon, 15 Jul 2019 19:50:11 +0000 (21:50 +0200)] 
lib-smtp: smtp-params - Assume all capabilities are supported when adding parameter event fields.

The actual capabilities are not really needed, since any assigned field is
relevent for event processing, whether the remote end will accept it or not.

This also fixes an assert failure occuring for proxied connections. Since the
server and client (proxy) connections can have different capabilities and since
the client connection does not have a proper capability list available in the
beginning of the handshake, the event created for a client transaction would
cause an assert failure when parameters were assigned that did not match the
capabilities (none).

6 years agolib: ostream-file: Don't log any errors when setting TCP_NODELAY
Timo Sirainen [Mon, 15 Jul 2019 07:14:23 +0000 (10:14 +0300)] 
lib: ostream-file: Don't log any errors when setting TCP_NODELAY

It's likely never useful to log the error, and it seems more and more
unexpected errors just keep popping up.

6 years agolib: test-ostream-multiplex - Check flush return value
Aki Tuomi [Fri, 12 Jul 2019 07:29:00 +0000 (10:29 +0300)] 
lib: test-ostream-multiplex - Check flush return value

Fixes coverity nit

6 years agoconfig: Cache converted ssl-parameters.dat result
Timo Sirainen [Fri, 12 Jul 2019 07:22:01 +0000 (10:22 +0300)] 
config: Cache converted ssl-parameters.dat result

This way the ssl-parameters.dat is read only once by the config process
instead of for every config request.

6 years agoconfig: Fix memory leaks when failing to convert ssl-parameters.dat
Timo Sirainen [Fri, 12 Jul 2019 07:16:26 +0000 (10:16 +0300)] 
config: Fix memory leaks when failing to convert ssl-parameters.dat

If ssl_dh setting isn't set and ssl-parameters.dat isn't found or there's
some error reading it, memory is leaked for every config request. This
eventually results in config process dying due to reaching vsz_limit.

6 years agolib-storage: Fix setting \Noinferiors flag for detached INBOX
Timo Sirainen [Thu, 11 Jul 2019 12:08:10 +0000 (15:08 +0300)] 
lib-storage: Fix setting \Noinferiors flag for detached INBOX

The "" namespace is nowadays automatically created, so we can't just check
if mail_namespace_find_prefix() returns NULL.

I left the NULL check there for now at least, just in case there's some
reason I couldn't think of when it could be NULL.

6 years agodict: Exit early to work around various errors and crashes at shutdown
Timo Sirainen [Thu, 11 Jul 2019 11:43:13 +0000 (14:43 +0300)] 
dict: Exit early to work around various errors and crashes at shutdown

This is just a kludge until the dict process cleanup can be done cleanly.

6 years agolib: test-ostream-multiplex - Test corking
Aki Tuomi [Tue, 21 May 2019 09:14:35 +0000 (12:14 +0300)] 
lib: test-ostream-multiplex - Test corking

6 years agolib: ostream-multiplex - Fix last_sent
Aki Tuomi [Wed, 10 Jul 2019 08:25:14 +0000 (11:25 +0300)] 
lib: ostream-multiplex - Fix last_sent

The intention was to choose oldest channel. The old code however
always chose last channel to send, which was not really the point.

Using unix timestamp is also problematic due to sub-second granularity.

6 years agolib: ostream-multiplex - Optimize writing
Aki Tuomi [Tue, 21 May 2019 09:43:46 +0000 (12:43 +0300)] 
lib: ostream-multiplex - Optimize writing

6 years agolib: ostream-multiplex - Implement cork support
Aki Tuomi [Tue, 21 May 2019 08:45:57 +0000 (11:45 +0300)] 
lib: ostream-multiplex - Implement cork support

Support corking for multiplex channels

6 years agolib: ostream-multiplex - Fix code format issue
Aki Tuomi [Wed, 10 Jul 2019 08:16:03 +0000 (11:16 +0300)] 
lib: ostream-multiplex - Fix code format issue

6 years agolib-ssl-iostream: Add unit test
Aki Tuomi [Tue, 21 May 2019 10:34:57 +0000 (13:34 +0300)] 
lib-ssl-iostream: Add unit test

6 years agolib-ssl-iostream: ostream-openssl - Prevent segfault o_stream_get_buffer_*_size(...
Aki Tuomi [Tue, 21 May 2019 10:32:14 +0000 (13:32 +0300)] 
lib-ssl-iostream: ostream-openssl - Prevent segfault o_stream_get_buffer_*_size() when buffer is not allocated yet.

6 years agom4: Substitute variables in modules.m4
Aki Tuomi [Tue, 21 May 2019 10:31:08 +0000 (13:31 +0300)] 
m4: Substitute variables in modules.m4

Otherwise they do not work in Makefiles

6 years agolib-storage: Add mailbox_list_index_get_index()
Timo Sirainen [Tue, 9 Jul 2019 15:36:14 +0000 (18:36 +0300)] 
lib-storage: Add mailbox_list_index_get_index()

6 years agolib-storage: mailbox_list_index_view_open() - Don't crash if list indexes are disabled
Timo Sirainen [Tue, 9 Jul 2019 15:35:24 +0000 (18:35 +0300)] 
lib-storage: mailbox_list_index_view_open() - Don't crash if list indexes are disabled

This allows callers to call it without knowing if mailbox_list_index=yes

6 years agolib-storage: Move mailbox_list_index_view_open() to mailbox-list-index.c
Timo Sirainen [Tue, 9 Jul 2019 14:16:33 +0000 (17:16 +0300)] 
lib-storage: Move mailbox_list_index_view_open() to mailbox-list-index.c

It's a bit more appropriate location for it now that it's not strictly used
by only the STATUS caching code.

6 years agolib-storage: Make mailbox_list_index_view_open() public
Timo Sirainen [Tue, 9 Jul 2019 14:16:00 +0000 (17:16 +0300)] 
lib-storage: Make mailbox_list_index_view_open() public

6 years agolib-storage: Rename index_list_open_view() to mailbox_list_index_view_open()
Timo Sirainen [Tue, 9 Jul 2019 14:12:28 +0000 (17:12 +0300)] 
lib-storage: Rename index_list_open_view() to mailbox_list_index_view_open()

In preparation for making the function public.

6 years agolib-storage: index_list_open_view() - Rename status_check to require_refreshed
Timo Sirainen [Tue, 9 Jul 2019 14:11:16 +0000 (17:11 +0300)] 
lib-storage: index_list_open_view() - Rename status_check to require_refreshed

This describes the parameter's behavior better.

6 years agolib-storage: Move MAILBOX_IS_NEVER_IN_INDEX() to mailbox-list-index.h
Timo Sirainen [Tue, 9 Jul 2019 14:07:18 +0000 (17:07 +0300)] 
lib-storage: Move MAILBOX_IS_NEVER_IN_INDEX() to mailbox-list-index.h

6 years agouserdb-passwd: Fix getpwent errno handling
Aki Tuomi [Fri, 5 Oct 2018 07:18:35 +0000 (10:18 +0300)] 
userdb-passwd: Fix getpwent errno handling

In https://bugs.gentoo.org/667118 Reuben Farrelly
noticed that running
    # doveadm user '*'
causes auth daemon to generate errors like:
    auth-worker(3585): Error: getpwent() failed: Invalid argument

This happens because on successful call getpwent()
now sets errno=EINVAL starting from glibc-2.28.
See https://sourceware.org/PR16004 for details.

The fix is to reset 'errno' before 'getpwent()' is called.

Reported-by: Reuben Farrelly
Bug: https://bugs.gentoo.org/667118
Bug: https://sourceware.org/PR16004
Original-Author: Sergei Trofimovich <slyfox@gentoo.org>

6 years agolib-dns: Log "Disconnect" event before calling DNS callbacks and freeing lookups
Timo Sirainen [Tue, 9 Jul 2019 23:09:12 +0000 (02:09 +0300)] 
lib-dns: Log "Disconnect" event before calling DNS callbacks and freeing lookups

dns_lookup_free() could be freeing the dns_client, which causes a segfault
in the e_debug() log call.

Broken by fc8c54c48fec6a89d9cda755756c233191c62af1

6 years agolib: test-event-log - Add unit tests for calling event_log*() with params->base_...
Stephan Bosch [Sat, 6 Jul 2019 17:38:21 +0000 (19:38 +0200)] 
lib: test-event-log - Add unit tests for calling event_log*() with params->base_*_prefix assigned.

6 years agolib: test-event-log - Add unit tests for calling event_log*() with params->no_send...
Stephan Bosch [Sat, 6 Jul 2019 17:42:39 +0000 (19:42 +0200)] 
lib: test-event-log - Add unit tests for calling event_log*() with params->no_send = TRUE.

6 years agolib: test-event-log - Add unit tests for calling event_log*() with params->base_str_o...
Stephan Bosch [Sat, 6 Jul 2019 12:20:48 +0000 (14:20 +0200)] 
lib: test-event-log - Add unit tests for calling event_log*() with params->base_str_out assigned.

The new tests are based on the existing tests with varying params->base_event.

6 years agolib: test-event-log - Add unit tests involving event_set_log_message_callback().
Stephan Bosch [Sat, 6 Jul 2019 13:53:34 +0000 (15:53 +0200)] 
lib: test-event-log - Add unit tests involving event_set_log_message_callback().

6 years agolib: test-event-log - Rename test_event_log_prefix() to test_event_log_message().
Stephan Bosch [Sat, 6 Jul 2019 13:16:29 +0000 (15:16 +0200)] 
lib: test-event-log - Rename test_event_log_prefix() to test_event_log_message().

Also rename the associated types accordingly. This way, the tests can be made
more general, beyond the log prefixes.

6 years agolib-test: test-common - Make test_assert_strcmp() accept NULL parameters.
Stephan Bosch [Sat, 6 Jul 2019 14:31:05 +0000 (16:31 +0200)] 
lib-test: test-common - Make test_assert_strcmp() accept NULL parameters.

6 years agolib: event-log - Add support for inserting a prefix in event_logv().
Stephan Bosch [Tue, 2 Jul 2019 18:50:07 +0000 (20:50 +0200)] 
lib: event-log - Add support for inserting a prefix in event_logv().

The prefix is provided in the event_logv() call and not attached to the event
hierarchy. It is inserted at the position indicated by the base_event.
Different prefixes can be provided for the message appended to the string buffer
and the sent event message.

6 years agolib: event-log - Add support for appending part of the log message to a string buffer...
Stephan Bosch [Sun, 30 Jun 2019 09:45:16 +0000 (11:45 +0200)] 
lib: event-log - Add support for appending part of the log message to a string buffer while sending the event.

The message appended to the string buffer includes prefixes and message callback
modifications by parent events up until a specified base event. The event is
otherwise sent as normal with the full prefixes and all modifications up to the
root event, so in that respect this new feature behaves just like event_log*().
This is primarily useful to mimic (part of) event logging in parallel logs that
are visible to users. It is also possible to inhibit sending the event and only
log to the string buffer.

6 years agolib: lib-event - Add support for amending the event log message in a callback.
Stephan Bosch [Sun, 30 Jun 2019 09:41:58 +0000 (11:41 +0200)] 
lib: lib-event - Add support for amending the event log message in a callback.

6 years agolib: event-log - Rename event_logv_type() to event_logv_params().
Stephan Bosch [Tue, 2 Jul 2019 18:37:14 +0000 (20:37 +0200)] 
lib: event-log - Rename event_logv_type() to event_logv_params().

Change the log_type to parameters to params as well.

6 years agolib: event-log - Put parameters of event_get_log_message() in a struct.
Stephan Bosch [Sun, 30 Jun 2019 08:52:43 +0000 (10:52 +0200)] 
lib: event-log - Put parameters of event_get_log_message() in a struct.

6 years agolib: event-log - Rename event_get_log_prefix() to event_get_log_message().
Stephan Bosch [Sun, 30 Jun 2019 07:57:36 +0000 (09:57 +0200)] 
lib: event-log - Rename event_get_log_prefix() to event_get_log_message().

6 years agolib: event-log - Prepend prefix before recursion rather than appending it after.
Stephan Bosch [Sun, 30 Jun 2019 07:45:25 +0000 (09:45 +0200)] 
lib: event-log - Prepend prefix before recursion rather than appending it after.

This makes the full prefix of the event and its children available before recursion.

6 years agolib: event-log - Reformat event_get_log_prefix().
Stephan Bosch [Sun, 30 Jun 2019 09:07:06 +0000 (11:07 +0200)] 
lib: event-log - Reformat event_get_log_prefix().

6 years agolib-http: guard against hshared use-after-free
Stephan Bosch [Mon, 1 Jul 2019 23:04:03 +0000 (19:04 -0400)] 
lib-http: guard against hshared use-after-free

This fixes a race condition where the http_client_host_shared_idle_timeout()
function would get called with an already freed hshared argument.

Specifically, the situation arises from the hshared idle timeout calling
http_client_host_shared_free(), which removes the timeout and then proceeds to
free the client queue.  The client queue freeing code indirectly calls
http_client_host_shared_check_idle(), which notices that there is no idle
timeout and allocates one.

The backtrace at the point of this new timeout allocation:

    frame #3: 0x00007f0c775897f0 libdovecot.so.0`timeout_add_to(...) ioloop.c:280
    frame #4: 0x00007f0c7751a45f libdovecot.so.0`http_client_host_shared_check_idle(hshared=<unavailable>) at http-client-host.c:69
    frame #5: 0x00007f0c7750de89 libdovecot.so.0`http_client_request_error(_req=<unavailable>, status=9000, error="") at http-client-request.c:1525
    frame #6: 0x00007f0c77517f38 libdovecot.so.0`http_client_queue_fail_full(queue=0x000055e13cff0e10, status=9000, error="", all=<unavailable>) at http-client-queue.c:183
    frame #7: 0x00007f0c77518baa libdovecot.so.0`http_client_queue_free(queue=0x000055e13cff0e10) at http-client-queue.c:141
    frame #8: 0x00007f0c7751a8bc libdovecot.so.0`http_client_host_free_shared(_host=<unavailable>) at http-client-host.c:391
    frame #9: 0x00007f0c7751ab4c libdovecot.so.0`http_client_host_shared_free(_hshared=0x00007ffdac109e48) at http-client-host.c:294
    frame #10: 0x00007f0c7751ace8 libdovecot.so.0`http_client_host_shared_idle_timeout(hshared=<unavailable>) at http-client-host.c:40
    frame #11: 0x00007f0c7758a1a4 libdovecot.so.0`io_loop_handle_timeouts at ioloop.c:682
    frame #12: 0x00007f0c7758a089 libdovecot.so.0`io_loop_handle_timeouts(ioloop=0x000055e13cfc8d80) at ioloop.c:696
    frame #13: 0x00007f0c7758befc libdovecot.so.0`io_loop_handler_run_internal(ioloop=0x000055e13cfc8d80) at ioloop-select.c:126
    frame #14: 0x00007f0c7758a56d libdovecot.so.0`io_loop_handler_run(ioloop=<unavailable>) at ioloop.c:767
    frame #15: 0x00007f0c7758a798 libdovecot.so.0`io_loop_run(ioloop=0x000055e13cfc8d80) at ioloop.c:740
    frame #16: 0x00007f0c774f61eb libdovecot.so.0`master_service_run(service=0x000055e13cfc8c10, callback=<unavailable>) at master-service.c:782
    frame #17: 0x000055e13b48e3a5 stats`main(argc=<unavailable>, argv=<unavailable>) at main.c:99
    frame #18: 0x00007f0c771092e1 libc.so.6`__libc_start_main + 241
    frame #19: 0x000055e13b48e41a stats`_start + 42

6 years agolib-index: Fix using old map when checking for unexpected changes during log rotate
Timo Sirainen [Mon, 8 Jul 2019 15:59:21 +0000 (18:59 +0300)] 
lib-index: Fix using old map when checking for unexpected changes during log rotate

This shouldn't normally be possible. The log is locked, so other processes
shouldn't be able to write anything to it. This was mainly found by the
earlier bug.

6 years agolib-index: After recreating cache, make sure offsets are immediately updated to map
Timo Sirainen [Mon, 8 Jul 2019 15:56:12 +0000 (18:56 +0300)] 
lib-index: After recreating cache, make sure offsets are immediately updated to map

They were most likely refreshed anyway before the next cache usage, but this
caused an assert-crash if the dovecot.index was also recreated in the same
sync.

Broken by e31b0637d8788885a71db2def5743ebf14c698f3

Fixes:
Panic: file mail-index-write.c: line 138 (mail_index_write): assertion failed: (file->hdr.prev_file_offset == hdr->log_file_head_offset)

6 years agodsync: Fix importing keywords with MAIL_TRANSACTION_SYNC flag set
Timo Sirainen [Fri, 8 Mar 2019 16:39:49 +0000 (18:39 +0200)] 
dsync: Fix importing keywords with MAIL_TRANSACTION_SYNC flag set

Reading transaction logs was handled differently depending on the
MAIL_TRANSACTION_SYNC flag. The flag was set for all transactions written
by dsync.

So for example:
 * doveadm backup mdbox:/tmp/mdbox1 # keywords imported ok
 * doveadm -o mail=mdbox:/tmp/mdbox1 backup mdbox:/tmp/mdbox2 # keywords lost

6 years agolib-smtp: test-smtp-submit - Fix typo in error message
Aki Tuomi [Fri, 5 Jul 2019 11:29:36 +0000 (14:29 +0300)] 
lib-smtp: test-smtp-submit - Fix typo in error message

6 years agolmtp: Add lmtp_add_received_header bool setting.
Bjørnar Ness [Wed, 11 Apr 2018 20:27:04 +0000 (22:27 +0200)] 
lmtp: Add lmtp_add_received_header bool setting.

Add the ability to prevent dovecot/lmtp from adding received header. This is
useful if one needs to use LMTP, but does not want additional received headers
because:

1) Dovecot does not have correct information to add to the headers, and causes
   misleading/incorrect information
2) Does not want to expose internal information

The default value is true, which is equal to the current behavior.

6 years agolib-smtp: smtp-server-cmd-helo - Fix segfault occurring when domain argument is inval...
Stephan Bosch [Tue, 2 Jul 2019 22:40:05 +0000 (00:40 +0200)] 
lib-smtp: smtp-server-cmd-helo - Fix segfault occurring when domain argument is invalid in a second EHLO command.

6 years agoauth: oauth2: set scope to passdb_oauth2_settings
Markus Valentin [Mon, 24 Jun 2019 14:06:19 +0000 (16:06 +0200)] 
auth: oauth2: set scope to passdb_oauth2_settings

6 years agolib-oauth2: append scope to the access request payload
Markus Valentin [Mon, 24 Jun 2019 14:03:37 +0000 (16:03 +0200)] 
lib-oauth2: append scope to the access request payload

6 years agolib: Changed chown to chmod for Linux NFS Flush
Shaun A. Johnson [Mon, 13 Aug 2018 23:43:04 +0000 (16:43 -0700)] 
lib: Changed chown to chmod for Linux NFS Flush

This change switches the chown call to a chmod call in the function
nfs_flush_chown_uid because the chown call was resulting in certain
permission bits being dropped when the nfs attributes were flushed.

Functionality for FreeBSD/Solaris was left unchanged.

6 years agolib: Split up logic in nfs_flush_chown_uid
Shaun A. Johnson [Mon, 13 Aug 2018 23:35:54 +0000 (16:35 -0700)] 
lib: Split up logic in nfs_flush_chown_uid

This splits up the logic of nfs_flush_chown_uid() so that there is an
individual chown call for each platform instead of a single call that is
compiled for both platforms.

This is the first step to adjusting how nfs attributes are flushed on
Linux because of an issue with chown resetting permissions on the files.

6 years agodoveadm: Fix "service stop" to not print "Interrupted system call" error
Timo Sirainen [Fri, 28 Jun 2019 07:10:50 +0000 (10:10 +0300)] 
doveadm: Fix "service stop" to not print "Interrupted system call" error

The "service stop" handler no longer needs to read the VERSION line.
Broken by 2148805a75abd86d1769d9fd20652551cc5c5ac2

6 years agomaster: Handle and report system clock glitches in millisecond resolution internally.
Stephan Bosch [Sun, 16 Dec 2018 13:25:58 +0000 (14:25 +0100)] 
master: Handle and report system clock glitches in millisecond resolution internally.

6 years agomaster: Handle throttling of services in millisecond resolution internally.
Stephan Bosch [Sun, 16 Dec 2018 13:23:15 +0000 (14:23 +0100)] 
master: Handle throttling of services in millisecond resolution internally.

6 years agolib-storage: mail-storage-service: Handle and report system clock glitches in millise...
Stephan Bosch [Sun, 16 Dec 2018 12:56:47 +0000 (13:56 +0100)] 
lib-storage: mail-storage-service: Handle and report system clock glitches in millisecond resolution.

6 years agolib: ioloop: Make the callback for io_loop_set_time_moved_callback() use struct timeval.
Stephan Bosch [Sun, 16 Dec 2018 12:55:34 +0000 (13:55 +0100)] 
lib: ioloop: Make the callback for io_loop_set_time_moved_callback() use struct timeval.

This allows reporting sub-second glitches.

6 years agolib: ioloop: Perform calculcations for the detection of system clock glitches in...
Stephan Bosch [Sun, 16 Dec 2018 13:09:17 +0000 (14:09 +0100)] 
lib: ioloop: Perform calculcations for the detection of system clock glitches in microseconds.

6 years agoglobal: Replace usleep() with i_sleep*_usecs and i_sleep*_msecs().
Stephan Bosch [Thu, 13 Dec 2018 09:23:44 +0000 (10:23 +0100)] 
global: Replace usleep() with i_sleep*_usecs and i_sleep*_msecs().

This prevents overflows and makes sure signal interruptions are handled
appropriately.

6 years agolib: Implement reliable sleep functions i_sleep*_usecs(), i_sleep*_msecs(), and i_sle...
Stephan Bosch [Thu, 13 Dec 2018 09:06:17 +0000 (10:06 +0100)] 
lib: Implement reliable sleep functions i_sleep*_usecs(), i_sleep*_msecs(), and i_sleep*_secs().

Versions with and without support for being interrupted by signals are available.

6 years agolib: time-util: Add timeval_add_usecs() and timeval_sub_usecs().
Stephan Bosch [Thu, 13 Dec 2018 08:53:18 +0000 (09:53 +0100)] 
lib: time-util: Add timeval_add_usecs() and timeval_sub_usecs().

6 years agolib: ioloop: Never decrease wait time counters in ioloop_add_wait_time().
Stephan Bosch [Tue, 11 Dec 2018 19:52:44 +0000 (20:52 +0100)] 
lib: ioloop: Never decrease wait time counters in ioloop_add_wait_time().

Prevents problems when time moves backwards.

6 years agolib: file-lock: Never decrease the wait time counter in file_lock_wait_end().
Stephan Bosch [Tue, 11 Dec 2018 19:54:09 +0000 (20:54 +0100)] 
lib: file-lock: Never decrease the wait time counter in file_lock_wait_end().

Prevents problems when time moves backwards.

6 years agoscript: health-check: add health-check.sh default script
Markus Valentin [Wed, 19 Jun 2019 14:29:49 +0000 (16:29 +0200)] 
script: health-check: add health-check.sh default script

As a example for an simple tcp health check the health-check.sh script
is added. It closes the connection after 10 seconds and only answer to
"PING\n" with a "PONG\n". It is installed by default next to the script
executable.

6 years agoscript: add a parameter -p for passthrough scripts
Markus Valentin [Wed, 19 Jun 2019 12:36:12 +0000 (14:36 +0200)] 
script: add a parameter -p for passthrough scripts

Adding the passthrough option to script, this allows to configure a
script to be straightly called from a socket connection, without
implementing any specific protocol.

6 years agoscript: extract message parsing to separate function
Markus Valentin [Wed, 19 Jun 2019 07:37:39 +0000 (09:37 +0200)] 
script: extract message parsing to separate function

6 years agolib-auth: checking return values of net_addr2ip in unit-test
Markus Valentin [Thu, 20 Jun 2019 08:52:44 +0000 (10:52 +0200)] 
lib-auth: checking return values of net_addr2ip in unit-test

6 years agolib-index: Compress cache immediately after enough mails have been expunged
Timo Sirainen [Mon, 10 Jun 2019 20:07:56 +0000 (23:07 +0300)] 
lib-index: Compress cache immediately after enough mails have been expunged

This fixes a bug where cache may never become compressed in certain mailbox
access patterns. Especially for autoexpunging in lazy_expunge mailboxes.
The cache compression happened only when:

a) After the mailbox_sync() that finishes expunging there was another
mailbox_sync(). If mailbox was immediately closed after expunging, this
didn't happen.

b) Fields are fetched from cache

If neither of these happened, the cache just kept growing. This happened
especially with lazy_expunge mailboxes.

sdbox format was always doing b) during expunging, because it looked up
GUIDs from cache. However, this helped only with regular expunges, not
with autoexpunges, because autoexpunging didn't finish with any
mailbox_sync() (which is a bug on its own).

mdbox also did GUID lookups from cache, but it wasn't doing cache
compressions due the bug fixed by the previous commit.

6 years agolib-index: Fix calling expunge handlers with mdbox
Timo Sirainen [Mon, 10 Jun 2019 20:01:16 +0000 (23:01 +0300)] 
lib-index: Fix calling expunge handlers with mdbox

This fixes updating deleted_record_count in dovecot.index.cache files.
Because they were wrong, the cache wasn't always compressed as early as
it should have been.

mdbox uses a separate transaction to commit expunges while mailbox is being
synced. When syncing was finished, tail_offset was updated too early so
mail_index_map(MAIL_INDEX_SYNC_HANDLER_FILE) was always a no-op and expunge
handlers were never called.

There doesn't seem to be any downside to not updating tail_offset early.
sdbox saving also uses such a transaction, but there is no difference in
the resulting dovecot.index.log file. The main worry I had was that
tail_offset wouldn't be updated to point to the end of the log file.
However, this doesn't happen with the old code either. This is because the
extra transaction is external, and tail_offset updating skips over all
external transactions anyway.

6 years agomdbox: Always sync dovecot.map.index with MAIL_INDEX_SYNC_FLAG_UPDATE_TAIL_OFFSET
Timo Sirainen [Mon, 17 Jun 2019 10:59:10 +0000 (13:59 +0300)] 
mdbox: Always sync dovecot.map.index with MAIL_INDEX_SYNC_FLAG_UPDATE_TAIL_OFFSET

This avoids errors after the next commit.

6 years agolib-index: mail_index_sync_update_mailbox_offset() - Remove unnecessary code
Timo Sirainen [Mon, 10 Jun 2019 19:58:44 +0000 (22:58 +0300)] 
lib-index: mail_index_sync_update_mailbox_offset() - Remove unnecessary code

The function call has no side effects, and the return values aren't used.

6 years agosubmission: submission_backend_relay_create() - Allow caller to specify SASL mechanism
Timo Sirainen [Thu, 13 Jun 2019 20:06:34 +0000 (23:06 +0300)] 
submission: submission_backend_relay_create() - Allow caller to specify SASL mechanism

6 years agosubmission: submission_backend_relay_create() - Allow caller to specify IP
Timo Sirainen [Wed, 12 Jun 2019 08:30:47 +0000 (11:30 +0300)] 
submission: submission_backend_relay_create() - Allow caller to specify IP

This way the caller can already provide IP address for the host.

6 years agosubmission: Add recipient-delimiter to settings
Timo Sirainen [Mon, 10 Jun 2019 14:29:32 +0000 (17:29 +0300)] 
submission: Add recipient-delimiter to settings

This allows plugins to easily access it.

6 years agolib-storage: Add mail_storage_service_get_global()
Timo Sirainen [Mon, 10 Jun 2019 14:27:29 +0000 (17:27 +0300)] 
lib-storage: Add mail_storage_service_get_global()

This allows accessing the global mail storage service. Normally there is
only a single service created for the process at a time, so this allows
accessing it.

6 years agolib: Add net_get_hosterror_type()
Timo Sirainen [Wed, 12 Jun 2019 08:50:08 +0000 (11:50 +0300)] 
lib: Add net_get_hosterror_type()

6 years agolib-smtp: Remove SMTP_ADDRESS_LITERAL() macro
Martti Rannanjärvi [Mon, 17 Jun 2019 18:00:56 +0000 (21:00 +0300)] 
lib-smtp: Remove SMTP_ADDRESS_LITERAL() macro

gcc 9 no longer stores compound literals in function scope, so this
macro is dangerous if you don't know it is a compound literal.

6 years agolda: Stop using SMTP_ADDRESS_LITERAL() macro
Martti Rannanjärvi [Mon, 17 Jun 2019 17:51:36 +0000 (20:51 +0300)] 
lda: Stop using SMTP_ADDRESS_LITERAL() macro

Change DEFAULT_ENVELOPE_SENDER to a const struct smtp_address instead.
gcc 9 no longer stores compound literals in function scope, so this is
safer.

6 years agolib-smtp: Expand SMTP_ADDRESS_LITERAL() macro
Martti Rannanjärvi [Mon, 17 Jun 2019 17:26:47 +0000 (20:26 +0300)] 
lib-smtp: Expand SMTP_ADDRESS_LITERAL() macro

This makes the use of compound literal explicit.

6 years agolib-auth: add unit test for auth_user_info_export
Markus Valentin [Mon, 17 Jun 2019 09:22:45 +0000 (11:22 +0200)] 
lib-auth: add unit test for auth_user_info_export

The test verifies that fields are ending up in the auth request as
expected given a corresponding auth_user_info struct.