| Age | Commit message (Collapse) | Author |
|---|
|
ok jung@
|
|
for code that runs in the daemon.
ok florian@ millert@
|
|
From gilles@
OK millert@ giovanni@
|
|
requested by deraadt@
|
|
This is based around NETWORK-SERVICES-MIB from RFC2788 and MTA-MIB from
RFC2789, but does not export the full spec. Hopefully this will expand in
the future.
People who want to use this against net-snmp (currently the only option
known to me at the time of writing) may want to add -I -mta_sendmail to the
flags, so net-snmp doesn't throw garbage into the mib-2.28 subtree.
|
|
really help us with anything, propagate the change in codebase
ok millert@
|
|
will be made irrelevant when the new config comes up soon
ok eric@
|
|
here rework the switch proc_title(), both clang and gcc will now warn if all
possible values are not enumerated.
ok gilles@
|
|
operation return value.
Issue reported by 'Zelest' (Jesper Wallin).
Suggestions and ok eric@ gilles@.
|
|
ok sunil@ gilles@
|
|
The only major difference was the "log_trace" concept that is only
used by smtpd - move it from log.c into util.c and make it a local
concept. This also needed to rename the global "verbose" variable to
"tracing" in a few places.
OK krw@ gilles@ eric@
|
|
Only the parent process handles SIGTERM and SIGINT. Upon receiving one
of those, it closes all imsg sockets and waitpid() for the children. It
fatal()s if one of the sockets is closed unexpectedly. Other processes
exit() "normally" when one of the imsg sockets is closed.
ok gilles@ sunil@
|
|
So stop pretending that the *_shutdown() functions could ever be called
in this context, and just fatal() if event_dispatch() returns.
ok gilles@ sunil@ giovanni@
|
|
The daemon is stopped with kill(1).
ok gilles@
|
|
ok sunil@
|
|
The parent process forks child processes and re-exec each of them with
an additional "-x <proc>" argument. During the early setup phase, the
parent process sends ipc socket pairs to interconnect the child
processes as needed, and it passes the queue encryption key to the
queue if necessary. When this is done, all processes have their
environment set as in the fork-only case, and they can start doing
their work as before.
ok gilles@ jung@
|
|
the identical io_set_blocking() and io_set_linger().
Since both are always called to turn off blocking or lingering,
nuke the parameter and associated enum in favour of "just doing the
right thing".
While passing remove the unneeded last parameter to the remaining
fcntl(F_GETFL).
Finally, rename the functions to io_set_nonblocking() and
io_set_nolinger() for clarity.
No functional change.
Started with a sweep of fcntl() usage inspired by guenther@.
ok gilles@
|
|
diff from Freddy DISSAUX, ok gilles@, jung@, sunil@, millert@
|
|
Ok eric@ millert@
|
|
no binary change
ok millert
|
|
"uncorrupt" moves envelopes from corrupt bucket back to the queue
for further discovery by the daemon.
After correcting the corrupt envelopes, admin could now...
# smtpctl uncorrupt msgid
# smtpctl discover msgid
to schedule the messages.
Ok gilles@
|
|
discover subcommand schedules envelopes manually moved to the queue.
It triggers a queue walk searching for envelopes with the given id,
schedules them and informs the user number of envelopes scheduled.
Admins no longer would need to restart the daemon to discover
manually moved messages.
Ok gilles@
|
|
ok deraadt@
|
|
this allows a local user to trigger a fatal() and exit the daemon.
reported by Qualys Security
|
|
|
|
process on shutdown.
Found while working on tame(2).
OK gilles@
|
|
each .c file, and out of the .h files. To avoid overinclude.
ok gilles, in principle. If this has been done right, -portable should
become easier to maintain.
|
|
rather than going through the parent process. simplify code in the meantime.
|
|
|
|
will be done at session level anyway.
ok gilles@
|
|
process managing message reception, delivery and transfer. Mostly
mechanical, but very intrusive as it required to rewamp all IMSG to
fix ambiguities.
with and ok gilles@
|
|
running or paused.
|
|
- smtpctl pause mta from <source> for <domain>
- smtpctl resume mta from <source> for <domain>
- smtpctl show mta paused
|
|
- rename "struct ssl" and "cert" to "struct pki" and "cert" to "pki_name"
- inherit pki conf on fork instead of passing it through imsg at startup
- implement SNI on smtp listeners
|
|
bzero -> memset
|
|
|
|
|
|
another smtpd instance is running. Close the inherited socket in
every forked process but control.
|
|
When sending a request to the scheduler, wait for the success/failure
report from the scheduler. Simplify the code by introducing generic
functions for interruptible iteration over envelopes. Report the total
number of affected envelopes for schedule, pause, resume and remove
envelope operations.
|
|
- Better transient error handling logic: failing destinations are
automatically disabled for a while. When a destination is active
again, ask the scheduler to retry previous envelopes immediatly.
- More informative error report when all routes fail for a mail.
- Implement a "smtpctl show hoststats" command to get the latest stat
message per MX domain.
- Implement a "smtpctl show routes" command to show the state the
currently known routes to remote MXs.
- Implement a "smtpctl resume route" command to re-enable a route that
has been disabled.
- Do not hardcode limits
- Minor code improvements
|
|
- implement suspend/resume scheduling for individual envelopes or message,
with the associated smtpctl commands.
- allow the mta to request immediate scheduling of an envelope.
- on temporary failures a penalty can be given to further delay the next try.
|
|
now happens in queue_init(), and backends take the queue passwd as
parameter in their init function.
Remove useless SMTPD_FILTER_USER while there.
|
|
|
|
ok gilles@
|
|
consistency and clarity. Remove useless and confusing extra byte in
a few arrays based on this define.
ok gilles@
|
|
ignored silently and without aborting, much like EINTR and EWOULDBLOCK are.
ok's from various maintainers of these directories...
|
|
* first bricks of ldap and sqlite support (not finished but both working)
* new table API to replace map API, all lookups are done through tables
* improved handling of temporary errors throughout the daemon
* improved scheduler and mta logic: connection reuse, optimizes batches
* improved queue: more tolerant to admin errors, new layout, less disk-IO
* improved memory usage under high load
* SSL certs/keys isolated to lookup process to avoid facing network
* VIRTUAL support improved, fully virtual setups possible now
* runtime tracing of processes through smtpctl trace
* ssl_privsep.c sync-ed with relayd
* ssl.c no longer contains smtpd specific interfaces
* smtpd-specific ssl bits moved to ssl_smtpd.c
* update mail address in copyright
FLUSH YOUR QUEUE. FLUSH YOUR QUEUE. FLUSH YOUR QUEUE. FLUSH YOUR QUEUE.
smtpd.conf(5) simplified, it will require adaptations
ok eric@
|
|
ok gilles@
|
|
ok gilles@
|
|
is running. The scheduler sends the runtime state of each envelope to
the queue process which loads the envelope, fills the runtime bits and
sends the envelope back to the client. Iteration over the envelope set
happens in small chunks to make the request interruptible and to allow
the server to keep doing its job in the meantime.
Adpat "smtpctl schedule-all" to schedule the messages one by one using
the same iteration mechanism.
Document "smtpctl monitor" and "smtpctl show queue".
ok gilles@
|
