| Age | Commit message (Collapse) | Author |
|---|
|
if any (it happens when a message transaction is cancelled).
ok gilles@ sunil@
|
|
no binary change
ok millert
|
|
ok sunil gilles
|
|
"uncorrupt" moves envelopes from corrupt bucket back to the queue
for further discovery by the daemon.
After correcting the corrupt envelopes, admin could now...
# smtpctl uncorrupt msgid
# smtpctl discover msgid
to schedule the messages.
Ok gilles@
|
|
Ok gilles@
|
|
discover subcommand schedules envelopes manually moved to the queue.
It triggers a queue walk searching for envelopes with the given id,
schedules them and informs the user number of envelopes scheduled.
Admins no longer would need to restart the daemon to discover
manually moved messages.
Ok gilles@
|
|
the enqueuer will revoke group and regain real gid right after mkstemp.
this would have prevented the symlink/hardlink attacks against offline, and
it will avoid having to deal with new ways users can mess with it.
ok eric@, ok millert@
|
|
each .c file, and out of the .h files. To avoid overinclude.
ok gilles, in principle. If this has been done right, -portable should
become easier to maintain.
|
|
possible. Annotate <sys/param.h> lines with their current reasons. Switch
to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change
MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where
sensible to avoid pulling in the pollution. These are the files confirmed
through binary verification.
ok guenther, millert, doug (helped with the verification protocol)
|
|
spotted by deraadt@, ok eric@
|
|
- add a "close" hook to the backend API.
- improve the sync() pattern in queue_fs: only sync at commit
time and not for every envelope creation
- various fixes to the experimental external queue API.
|
|
ok gilles@
|
|
ok gilles@
|
|
ok tedu@
|
|
all to fall back to a different user entry. It is decidedly unsafe.
ok tedu.
|
|
|
|
- cleanup the internal queue backend API and get rid of the QOP_* thing.
- implement a queue_proc backend
- rename queue_fsqueue.c to queue_fs
- enable support for queue encryption
- add an envelope cache
- better logging and error reporting
|
|
now happens in queue_init(), and backends take the queue passwd as
parameter in their init function.
Remove useless SMTPD_FILTER_USER while there.
|
|
ok gilles@
|
|
ok gilles
|
|
* first bricks of ldap and sqlite support (not finished but both working)
* new table API to replace map API, all lookups are done through tables
* improved handling of temporary errors throughout the daemon
* improved scheduler and mta logic: connection reuse, optimizes batches
* improved queue: more tolerant to admin errors, new layout, less disk-IO
* improved memory usage under high load
* SSL certs/keys isolated to lookup process to avoid facing network
* VIRTUAL support improved, fully virtual setups possible now
* runtime tracing of processes through smtpctl trace
* ssl_privsep.c sync-ed with relayd
* ssl.c no longer contains smtpd specific interfaces
* smtpd-specific ssl bits moved to ssl_smtpd.c
* update mail address in copyright
FLUSH YOUR QUEUE. FLUSH YOUR QUEUE. FLUSH YOUR QUEUE. FLUSH YOUR QUEUE.
smtpd.conf(5) simplified, it will require adaptations
ok eric@
|
|
a simple QOP_WALK queue operation. Some knf and formating fixes while
there.
ok gilles@
|
|
* Log more events (especially client session) and use a better scheme
for that: each messages is prefixed with a token to easily identify
its class:
- info/warn/debug: general server messages
- smtp-in: smtp client connections
- relay: status update for relayed messages
- delivery: status update for local deliveries
* Implement "smtpctl monitor" to display updates of selected internal
counters.
* When reloading the on-disk queue at startup do not commit a message
if no envelope was submitted for that message.
* Remove unused stuff in the config parser.
ok gilles@
|
|
ok gilles@
|
|
- remove support for encrypted queue, it will be reintroduced later after
pouring more thinking into it
if you had it enabled, flush your queue before updating
|
|
crypto_backend
ok gilles@
|
|
ok gilles@
|
|
using the new API. By default, OpenSMTPD does not provide queue encryption,
but it can be enabled with "queue encryption [args]" and will transparently
encrypt/decrypt envelopes/messages as they hit the queue.
By default, it will use Blowfish in CBC mode with a different random IV for
each envelope and message. User provided key is expanded using sha256 but a
different cipher and digest may be specified in smtpd.conf
Queue encryption is compatible with compression and if both options are set
it will do them in correct order and transparently.
tested by chl@, a few users and myself
ok chl@ and I
|
|
- comment variables unused at this time
|
|
queue.
To use it, just add "queue compress" in smtpd.conf. For now, only zlib is used.
lots of feedback from eric@ and gilles@
ok eric@ gilles@
|
|
|
|
- remove loading of evpid.
- don't dump the msgid
- ignore msgid at load
- remove now unused functions ascii_{dump,load}_uint{32,64}_hex()
With inputs from eric@ and gilles@
ok gilles@ eric@
|
|
envelope id and
an envelope ascii buffer.
ok eric@ gilles@
|
|
ok eric@
|
|
- remove the /envelopes subdirectory, envelopes are at the same level than
the message file
- kill PATH_ENVELOPES define
but keep the:
- reduce the number of buckets from 0xfff to 0xff, this avoid performances
of the queue to decrease when we start having tons of buckets
ok eric@ gilles@
|
|
- remove the /envelopes subdirectory, envelopes are at the same level than
the message file
- kill PATH_ENVELOPES define
- reduce the number of buckets from 0xfff to 0xff, this avoid performances
of the queue to decrease when we start having tons of buckets
this diff introduces a change to the queue layout, you will want to empty
your queue before updating. more cleanup to come
ok eric@, ok chl@
|
|
incoming messages are now always stored in /incoming, whatever the queue_backend is.
remove QOP_FD_RW and fsqueue_message_fd_rw().
while there check return value of generated paths before calling rmtree()
with advice from gilles@ and eric@
ok gilles@ eric@
|
|
Add a command-line option to specify the backend to use at runtime.
ok gilles@
|
|
internally in fsqueue backend for now, and let the fsqueue_message()
and fsqueue_envelope() dispatchers do the right thing.
Based on a diff by chl@
ok chl@ gilles@
|
|
ok eric@ gilles@
|
|
Make sure existing envelopes can be properly loaded.
ok chl@ gilles@
|
|
the wrapper function rather than in individual backends.
ok gilles@
|
|
ok gilles@ eric@
|
|
thing. Remove queue_message_purge() in favor of queue_message_delete
and simplify fsqueue_message_delete() implementation to move the
message dir to purge/
ok gilles@
|
|
current confusing hack.
ok gilles@
|
|
- return an informative error string if the envelope is invalid.
- take the envelope id as a parameter and make sure it matches.
- do not expect the errorline to start with an SMTP response code,
as this is not always the case: a temporary failure with mda would
cause the envelope to be marked as corrupted. Instead, just make sure
that all string fields are actual strings to prevent overflows later.
ok gilles@ chl@
|
|
ok chl@ gilles@
|
|
ok gilles@
|
|
queue_backend into account and assumed a filesystem with a specific layout.
This commit does plenty of things:
- make qwalk an abstraction in the queue_backend API, and impose queue
drivers to implement qwalk_open(), qwalk() and qwalk_close();
- move previous qwalk_open(), qwalk() and qwalk_close() to the fsqueue
driver since they were fsqueue specific ...
- make qwalk API work with msgid/evpid instead of pathnames since we're
going to use the queue_backend API to load envelopes by evpid anyway;
- makes smtpd use *solely* the queue_backend API when manipulating the
queue. pathnames were removed from smtpd.h and moved into the fsqueue
which means we can now store a queue anywhere ... as long as we write
the ten functions or so required for a queue driver ;-)
ok eric@, ok chl@
|
|
schedule queue to corrupt queue upon envelope loading failure.
tested by me, ok eric@
|
