| Age | Commit message (Collapse) | Author |
|---|
|
ok gilles@
|
|
rather than going through the parent process. simplify code in the meantime.
|
|
dictionnary (currently not set). While there, add a helper for forking
external backends, and remove unused table functions.
ok gilles@
|
|
declaration was not bumped down causing us to pass extra junk leading to a
crash in the pki lookup code. i'm amazed no one else crashed on that :-/
reported by Olivier Antoine who kindly provided access to his box
|
|
is handling some async requests and shouldn't be busy with sync RSA.
ok gilles@
|
|
implementation for relayd(8). The smtpd(8) pony processes (mta
client, smtp server) don't keep the private keys in memory but send
their private key operations as imsgs to the "lookup"/mta process.
It's worth mentioning that this prevents acidental private key leakage
as it could have been caused by "Heartbleed".
ok gilles@
|
|
reported by Stefan Sieg
ok gilles@
|
|
reported by jturner@
ok gilles@
|
|
process managing message reception, delivery and transfer. Mostly
mechanical, but very intrusive as it required to rewamp all IMSG to
fix ambiguities.
with and ok gilles@
|
|
- rename "struct ssl" and "cert" to "struct pki" and "cert" to "pki_name"
- inherit pki conf on fork instead of passing it through imsg at startup
- implement SNI on smtp listeners
|
|
|
|
|
|
tempfail for limiting the number of pending deliveries to the same
user. This allows to reach optimal delivery time even in case of
burst, while keeping the number of inflight envelopes low.
|
|
|
|
Make sure a pki entry exists when used in a listen or relay rule.
|
|
Simplify code and do not impose an order on conditions and rule options.
Format changes that may require smtpd.conf update for some setups:
- SSL certificates are no longer automatically loaded, but must be
explicitely declared using the "pki" keyword.
- "certificate" option becomes "pki" in listener and accept rules.
- "ssl://" becomes "secure://" in relay via rules.
- "helo" becomes "hostnames" in relay rules
New features:
- accept rules do not need an explicit action, in which case alias table
or .forward must provide one.
- new "forward-only" action to force relaying and reject rcpts that expand
as local delivery.
- "!" (negation) modifier on rule matching conditions.
- new "recipient" rule matching condition.
- new "verify" option on listeners and relay rules to reject invalid
certificates.
Other changes:
- remember the helo name advertised on incoming mail and use it for sending
bounces.
- bump envelope version (existing envelopes are updated on-the-fly).
|
|
Log ssl certificate validation errors.
Fix several ssl-related leaks.
|
|
|
|
another smtpd instance is running. Close the inherited socket in
every forked process but control.
|
|
now happens in queue_init(), and backends take the queue passwd as
parameter in their init function.
Remove useless SMTPD_FILTER_USER while there.
|
|
|
|
ok gilles@
|
|
consistency and clarity. Remove useless and confusing extra byte in
a few arrays based on this define.
ok gilles@
|
|
- replace "users" keyword with "userbase" when providing alternate userbase
- disambiguise expansion nodes when expanding across domains and userbases
- allow use of '=' instead of '=>' when declaring a mapping
ok eric@
|
|
- handle getsockname() error in smtp_connected()
- accept '/' as part of user-part, expand to ':' as done by qmail
- fix wrong check in mda leading to bogus Return-Path header
- fix aliases parsing when there's a white space between key and separator
- some cosmethic cleanup
|
|
- improve logging of the transfer process
trace by me, logging by eric
|
|
* first bricks of ldap and sqlite support (not finished but both working)
* new table API to replace map API, all lookups are done through tables
* improved handling of temporary errors throughout the daemon
* improved scheduler and mta logic: connection reuse, optimizes batches
* improved queue: more tolerant to admin errors, new layout, less disk-IO
* improved memory usage under high load
* SSL certs/keys isolated to lookup process to avoid facing network
* VIRTUAL support improved, fully virtual setups possible now
* runtime tracing of processes through smtpctl trace
* ssl_privsep.c sync-ed with relayd
* ssl.c no longer contains smtpd specific interfaces
* smtpd-specific ssl bits moved to ssl_smtpd.c
* update mail address in copyright
FLUSH YOUR QUEUE. FLUSH YOUR QUEUE. FLUSH YOUR QUEUE. FLUSH YOUR QUEUE.
smtpd.conf(5) simplified, it will require adaptations
ok eric@
|
|
* Log more events (especially client session) and use a better scheme
for that: each messages is prefixed with a token to easily identify
its class:
- info/warn/debug: general server messages
- smtp-in: smtp client connections
- relay: status update for relayed messages
- delivery: status update for local deliveries
* Implement "smtpctl monitor" to display updates of selected internal
counters.
* When reloading the on-disk queue at startup do not commit a message
if no envelope was submitted for that message.
* Remove unused stuff in the config parser.
ok gilles@
|
|
The idea is to have a file-backed map but to have smtpd(8) cache the maps
so that it cannot be partially read if edited while mail is received. The
file is read and converted to a static map (map_static.c), changes aren't
visible to smtpd until an explicit: smtpctl update map which reads file,
builds a new static map and invalidates the former.
partial-read issue discussed with beck@ and halex@
idea to convert internally to a static map by eric@
diff ok eric@ and chl@
|
|
between "no match" and "internal error" (e.g. missing or broken db file).
Adapt alias expansion and ruleset matching code to check for such errors,
in which case the current processing is aborted, and a temporary failure
is reported to the smtp session.
ok gilles@
|
|
ie:
reject from 192.168.1.0/24 for domain "openbsd.org"
accept from 192.168.0.0/16 for domain "openbsd.org" deliver to mbox
it was documented but not working.
ok eric@ & chl@
|
|
"wow!" gilles@
|
|
ok eric@
|
|
Adapt a lot of functions in chain to use const args where required.
ok gilles@
|
|
The goal is to eventually have only the lka see the rules.
ok gilles@ chl@
|
|
ok gilles@
|
|
- fix lka* function prototypes in smtpd.h
- make static functions static
- merge lka_session_init() into lka_session()
- make lka_session.c use tree.c to store sessions
ok gilles@
|
|
and put it out of profiling, so it's not accounted.
While there, for PROC_PARENT:
- set smtpd_process for PROC_PARENT
- use setproctitle() like other processes
ok gilles@
|
|
from parent. Disable imsg from other processes until then. Fix some races
when the mta tries to lookup an auth map too early, for example.
ok gilles@ chl@
|
|
> statistics are no longer static structures in shared memory
> statistics are only set, smtpd never uses them in its logic
> each statistic is a key/value where key can be any (dynamic) string
- convert all uses of the former API to use the new one
- implement stat_ramstat that keeps non-persistent stats in ram structure
ok eric@, ok chl@
|
|
- log_warn() admin that a map that's needed by an envelope is no longer in
the configuration file
|
|
- rename all occurences of struct map_secret to map_credentials
- do not fatal if the credentials map has disappeared, instead make the
auth fail with a lookup failure. the mail will be temporary failed so
it stays in queue until admin fixes smtpd.conf, removes mail, or lets
it expires
|
|
with help and ideas from eric@
ok eric@ gilles@
|
|
- use correct endianness when dumping/loading port
- use the right flag set when dumping/loading flags
- keep and use the authmap name when needed, rather than an id that
might change when smtpd is restarted
- dump/load the authmap name with the envelope
- remove the rule struct from rq_batch as only the relay info is useful
ok gilles@
|
|
couple of load/dump functions to convert to and from a human readable fmt.
while at it kill struct delivery and merge back its fields to the envelope.
this basically means we shouldn't require users to flush their queues every
time we make a change to struct envelope.
work is not done, but we're at a better state than the binary fsqueue so
we'll improve it in-tree.
has been running on my own box for the last 12 hours or so
ok eric@, chl@
|
|
ok gilles@ chl@
|
|
bring a shitload of unnecessary information everywhere. this required many
parts of smtpd to be refactored and more specifically envelope expansion.
in the process lots of code got simplified, and the envelope expansion code
has been isolated to lka_session.c with some longstanding bugs fixed.
Diff has been tested by many with no major regression reported.
armani@ spotted a bug in a setup where a domain is listed a both primary
and virtual, I will fix that in-tree as it's becoming painful to maintain
this diff out.
|
|
discussed with and ok gilles@
|
|
no functionnal change
|
|
struct message ...
|
