| Age | Commit message (Collapse) | Author |
|---|
|
channels to parent, mda, mta, lka, smtp, and control. This leaves
just the channel to queue, which forwards imsgs on runner's behalf
and redirects any replies back to it.
OK gilles@
|
|
|
|
|
|
logging on runtime.
Based on claudio@'s work on ripd, ospfd, ospf6d, dvmrpd, ldpd, bgpd.
With help/ideas/testing from gilles@ jacekm@ todd@
ok jacekm@
|
|
in absence of all other real listening sockets.
Spotted by todd@
|
|
possibility for fd-starvation fatal when under heavy load.
|
|
doesn't take advantage of the new structure yet, but this was a needed
change for upcoming improvements.
- introduce aliasestree_{lookup,insert,remove} to the aliases api
- rename queue_generate_id() to generate_uid() and move it to utils.c as
it is used all over the place and not only in queue
tree idea discussed with jacekm@, if you update rebuild aliases db, make
clean and flush queue
|
|
enqueued through smtpctl
|
|
was not correctly formatted anyway. Recording of sender uid has
been moved to the server process (getpeereid), which means it is not
subject to forgery.
Based on problem report by Michael Lechtermann <michael@lechtermann.net>
|
|
|
|
- make sure T_BOUNCE_MESSAGE is no longer OR-ed to T_MDA/MTA_MESSAGE
- define F_MESSAGE_BOUNCE flag and make sure bounce sessions set it
- teach smtpctl show queue how to recognize a bounce message
|
|
work for real. As an added bonus, it simplifies it, makes it follow the
same code path as regular messages and kills quite some code from mta,
mda and store. There's still some work needed but the most painful part
is behind us now ;)
ok jacekm@
|
|
Currently the receiver fetches an imsg via imsg_get() and if he expects
an fd, he then calls imsg_get_fd() to fetch the next fd queued on the
imsgbuf from which the imsg came.
This changes hides the fd queueing mechanism to the API user. When closing
an imsg with an fd, the message is flagged so that the receiving end knows
it must dequeue the fd in imsg_get() and return it with the imsg structure.
This way there is no (less) possible screw up from imsg_get_fd() not being
called directly after imsg_get() by the user. The retreived imsg is
self-contained.
ok pyr@, "I like that" henning@
|
|
Stop pushing event handling in the imsg framework.
Instead, provide a small glue layer on top of both imsg and libevent.
This finally clearly separates event handling and imsg construction.
Sidetrack bonus: remove the mega-ugly hack of having a dummy imsg_event_add
stub in smtpctl.
ok jaceckm@
|
|
ok gilles@, jacekm@
|
|
configuration reloading without killing active sessions; ok jacekm@
|
|
use event_del/event_add instead; ok gilles@
|
|
to the routing daemons by claudio@; ok gilles@
|
|
|
|
this code to privsep smtp process; ok gilles@
|
|
using newly introduced child struct.
Manage process titles centrally in struct smtpd.
ok gilles@
|
|
process individually whenever stats need to be fetched, keep stats
in MAP_ANON shared memory allocated by parent.
This means control has direct access to stats and can respond very
quickly without troubling any other daemon processes.
ok gilles@
|
|
the configuration file again and replace current configuration with new one
in all processes. what we don't support yet is graceful restart, clients in
sessions at the moment of the reload will have a temp failure thrown at 'em
which is ok RFC-wise but which we will try to improve anyway.
tested with various setups, "diff reads good" jacekm@
|
|
|
|
strictness:
- Drop clients attempting command pipelining; protects the daemon
from all kinds of abuse.
- Replace F_EVLOCKED flag with F_WRITEONLY which has cleaner sematics:
when up, session must not be destroyed nor read from, but may be
written to.
- Write callback becomes a central place for enabling EV_READ.
- Delay bufferevent creation until after ssl handshake is completed.
A bunch of session error stats were added to smtpctl's "show stats".
These could help spotting event masking errors in the future.
ok gilles@
|
|
ok gilles@, jacekm@
|
|
|
|
|
|
- Improve RFC compliance: CNAMEs are resolved, equal preference MXs
are randomized, relaying via MX that has equal/lower preference
than local server is prevented, decision on when to treat domain
name as implicit MX is better.
ok gilles@
|
|
|
|
|
|
|
|
does some sanity checking. Fix a bug that could lead to fatal under
rare circumstances, exposed by this newly added check; ok gilles@
|
|
bufferevent_settimeout instead of rolling our own; ok gilles@
|
|
ok gilles@ jacekm@
|
|
of regularly walking session tree in search of idle clients. Gives
the smtp process a chance to become idle.
As a bonus, add smtp.sessions.timeout counter to "smtpctl show stats".
ok gilles@
|
|
and -F cmdline args. Also, date and Message-Id headers are added
when missing.
The main trouble with the current enqueue code is that it requires
dealing with problems in the control process that are already solved
in the smtp process, ie. duplicating a lot of code which interacts
with untrusted clients. This diff solves this by making sendmail
obtain a SMTP socket from smtp via smtpd.sock, and using that socket
to deliver the message. For smtpd it looks as if connection was
made from the network, only difference being the F_MESSAGE_ENQUEUED
message flag, handy when differentation between local and remote
deliveries is wanted.
Most of the features come from the femail program, created by henning@.
Additional testing by Nigel J. Taylor.
ok gilles@, henning@ happy with smtpd using femail code
|
|
1) kill the ssmtp keyword in "ssmtp listen on ...";
2) kill the use keyword in "... use certificate foo";
3) tls no longer implicit, user must explicitely use the tls or smtps option.
4) for "relay via", move the tls/smtps options to right after the
port specification; makes it similar to "listen on".
These directives:
ssmtp listen on fxp0 use ceritifate "foo"
accept for all relay via tls "mx.bar.com"
now become:
listen on fxp0 smtps certificate "foo"
accept for all relay via "mx.bar.com" tls
ok gilles@
|
|
|
|
to also share the statistics structure, still being worked on
|
|
struct session where it really belongs.
|
|
ok jacekm@ gilles@
|
|
ok gilles@
|
|
ok jacekm@
|
|
|
|
and inserts the session into the session tree. session_init() is called
only when we receive the resolution answer.
this fixes a race condition that would sometimes cause the hostname to
appear as "<unknown>" in headers just because dns was lagging, and it
unbreaks ssmtp support which suffered from th very same race condition.
|
|
the message id and uid immediately. only do it if session has been flagged
with F_QUIT, otherwise session_pickup() will do it when in state S_DONE.
this fixes a bug reported by pea@ where the message id was not displayed
in the "message accepted for delivery" line.
|
|
relayd at n2k9, and adapted to smtpd; ok gilles@
|
|
count, but also the total sessions count, ssmtp sessions (both current and
total) and starttls sessions (both current and total)
# ./smtpctl/smtpctl show stats|grep smtp.sessions
smtp.sessions = 0
smtp.sessions.active = 0
smtp.sessions.ssmtp = 0
smtp.sessions.ssmtp.active = 0
smtp.sessions.starttls = 0
smtp.sessions.starttls.active = 0
#
|
|
being called again with F_EVLOCK set. this fixes a bug where disconnect
after smtpd sends greeting and before entering any command failed to go
into session_destroy().
while at it, rename the "smtp.clients" statistic to "smtp.sessions" and
add counters to struct s_smtp so that I can add ssmtp and starttls with
my next commit ;)
|
