Timo Sirainen [Tue, 2 May 2017 15:40:43 +0000 (18:40 +0300)]
master: Send SIGQUIT to processes running at deinit to close socket listeners.
This allows Dovecot to be restarted even when some lmtp/doveadm process is
running for a long time. Otherwise it would keep the inet_listener socket
open and prevent the new Dovecot from binding to the port.
Just compile all the storages, since the only benefit in limiting them
is to save a tiny bit of disk space. The recently added imapc quota code
fails to link if imapc storage isn't compiled in. This is the simplest
way to fix that.
Phil Carmody [Mon, 6 Mar 2017 17:42:18 +0000 (19:42 +0200)]
lib-fs: unit tests for fs-api/fs-posix
A core component, really ought to be covered by the unit tests.
This barely scrapes the surface, but is better than nothing:
filesystem/files/iterators, read/write/exists, good and bad cases.
Stephan Bosch [Mon, 3 Apr 2017 22:32:07 +0000 (00:32 +0200)]
lib-http: client: Fixed race condition between DNS refresh lookup and a soft connection timeout.
The refreshing DNS lookup cleared all the IPs, but the soft connection timeout (and maybe other code) still relied on them.
Adding tests everywhere for host->ips_count == 0 is annoying, so I changed the DNS lookup code such that the stale IPs remain present while the DNS lookup is being performed.
The pending lookup prevents new connections through http_client_host_refresh(), so this will not create potentially useless connections.
Timo Sirainen [Tue, 2 May 2017 09:18:40 +0000 (12:18 +0300)]
lib-imap: imap_append_string_for_humans() - Change CR/LF to space
Practically this shouldn't matter, because in email headers a CR/LF is
always followed by a space/tab. But maybe this can be used for some
other purposes in future, and it makes the unit tests clearer. :)
Aki Tuomi [Fri, 28 Apr 2017 09:51:20 +0000 (12:51 +0300)]
auth: Add username_filter for passdb block
username_filter lets you specify one or more pattern(s) for
including or excluding users. exclusion patterns are denoted
with ! prefix.
if any exclude matches the username, passdb will be skipped.
if any inclusions is specified, and the username does not match
one of them, passdb will be skipped.
Just write the original invalid keyword string as output. It might not be
entirely invalid - just invalid within this mailbox (e.g. a mailbox doesn't
allow new keywords).
Timo Sirainen [Thu, 27 Apr 2017 09:50:13 +0000 (12:50 +0300)]
lib-index: mail_index_update_keywords() - don't assert if adding/removing 0 keywords
Although it would be nice for the caller to check it, it's easier to do
here. It's mainly a problem with mailbox_keywords_create_valid() that may
unexpectedly create empty keywords.
Timo Sirainen [Mon, 24 Apr 2017 14:59:53 +0000 (17:59 +0300)]
quota: Add imapc backend
This allows using imapc storage with imapc quota. The quota acts as
read-only, so it's used only when the current quota usage is explicitly
asked.
The quota can be looked up using either a mailbox name or quota root name.
By default INBOX's quota is looked up. If there are multiple quota roots
returned for the mailbox, only the first quota root returned by the
QUOTAROOT reply is used.
This avoids index_mail_update_access_parts_pre() from opening the mail
stream unnecessarily for fields that can be looked up via other methods
by the storage.
Timo Sirainen [Fri, 21 Apr 2017 09:54:17 +0000 (12:54 +0300)]
cassandra: Use fallback consistency for CASS_ERROR_LIB_NO_HOSTS_AVAILABLE errors
I'm not entirely sure if this is always appropriate, but at least this error
happens every time when attempting to use write_consistency=two when there
is only a single Cassandra node.
This needs to be done in a bit more complicated way because multiple
SEARCH_FLAGS parameters are wanted to be merged together using a single
shared value.flags. Move this merging last after all the deduplication is
done.
Stephan Bosch [Tue, 11 Apr 2017 07:34:11 +0000 (09:34 +0200)]
lib-imap: imap-bodystructure: Fixed handling of a multipart part without children in imap_bodystructure_parse().
In imap_bodystructure_write(), an empty multipart part is addressed by generating an empty text/plain part.
However, when parsing that back with imap_bodystructure_parse() against a parsed message_part tree, this case needs to be considered explicitly.
Otherwise, it will not be able to match the message part hierarchies.
This adds a test suite item that tests both the write (previous commit) and parse functions.
Stephan Bosch [Wed, 12 Apr 2017 08:13:15 +0000 (10:13 +0200)]
lib-imap: imap-bodystructure: Fixed handling of a multipart part without children in imap_bodystructure_write().
In that case it writes an empty text/plain part to prevent generating an invalid BODYSTRUCURE.
However, it always generated the basic BODY version without the extra fields for a full BODYSTRUCTURE.
Timo Sirainen [Tue, 11 Apr 2017 12:33:22 +0000 (15:33 +0300)]
auth: Use mem_equals_timing_safe() for all password hash comparisons.
It's unlikely these could be used to perform timing attacks, since the
attacker would have to have broken MD5/SHA badly enough to be able to
quickly generate string that result in wanted hashes. Still, the extra
cost is almost nothing and it's always better to be super paranoid!