Buildbot caught an error:
"Berkeley DB file locking needs flock() for version 5.x (and greater?)"
It is caused by leakage of host-installed Berkley DB into the build.
Since libmilter is not using the DB and because of convoluted build
process of sendmail, we do the workaround - define a macro which
prevents the error without affecting libmilter binary.
Also change source URL from FTP to HTTPS.
Signed-off-by: Aleksey Vasilenko <aleksey.vasilenko@gmail.com>
Buildbot builds started failing with this:
[...]
install -c -o buildbot -g buildbot -m 644 ../../include/libmilter/mfapi.h /builder/shared-workdir/build/sdk/build_dir/target-x86_64_musl/sendmail-8.16.1/ipkg-install/usr/include/libmilter/mfapi.h
install: invalid user 'buildbot'
Extend 010-enable-nonroot-install.patch to remove "-o U -g G" from more
install targets.
Signed-off-by: W. Michael Petullo <mike@flyn.org>
glibc 2.39 has removed libcrypt completely.
solution: link against libxcrypt built with glibc compatibility.
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
glibc 2.39 has removed libcrypt completely.
solution: link against libxcrypt built with glibc compatibility.
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
The emailrelay-filter-copy was removed and --filter=copy: can be used instead.
Minor improvement of description.
Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
--as-client mode.
dnsbl: to reject bad IPs.
spool_dir and delivery_dir: to set storage on USB disk.
filter: for SpamAssassin.
POP3 options.
Specify interface.
Use --forward-to-some by default.
Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
Since v2.3.1 --server-tls-certificate and --client-tls-certificate may be comma separated list of privkey and fullchain so users don't need to merge the both files.
The privkey must be firts, the cert second.
Reflect this in config samples.
Alternatively instead of comma separated the emailrelay allows just pass two --server-tls-certificate options: one for a privkey and second time for a cert.
So the server_tls_certificate option may be a list. But instead to make it easier to configure from UCI let's add a separate option server-tls-key which is dedicated for a privkey.
Similarly, the client-tls-key is a private key part for the --client-tls-certificate
Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
Remove upstreamed patch 300-avoid-time-printf.patch
Exim/exim@9ae8613607
Exim version 4.98
-----------------
JH/01 Support list of dkim results in the dkim_status ACL condition, making
it more usable in the data ACL.
JH/02 Bug 3040: Handle error on close of the spool data file during reception.
Previously This was only logged, on the assumption that errors would be
seen for a previous fflush(). However, a fuse filesystem has been
reported as showing this an error for the fclose(). The spool is now in
an uncertain state, and we have logged and responded acceptance. Change
this to respond with a temp-reject, wipe spoolfiles, and log the error
detail.
JH/03 Bug 3030: Fix handling of DNS servfail respons for DANE TLSA. When hit
during a recipient verify callout, a QUIT command was attempted on the
now-closed callout channel, causing a paniclog entry.
JH/04 Bug 3039: Fix handling of of an empty log_reject_target, with
a connection_reject log_selector, under tls_on_connect. Previously
with this combination, when the connect ACL rejected, a spurious
paniclog entry was made.
JH/05 Fix TLS resumption for TLS-on-connect. This was broken by the advent
of loadbalancer-detection for resumption, in 4.96 - which tries to
use the EHLO response. SMTPS does not have one at the time it is starting
TLS. Change the default for the smtp transport host_name_extract option
to be a static string, for TLS-on-connect cases; meaning that resumption
will always be attempted (unless deliberately overriden).
JH/06 Bug 3054: Fix dnsdb lookup for a TXT record with multiple chunks, with a
chunk-separator specification. This was broken by hardening introduced
for Bug 3031.
JH/07 Bug 3050: Fix -bp for old message_id format spoolfiles. Previously it
included the -H with the id; this also messed up exiqgrep.
JH/08 Bug 3056: Tighten up parsing of DKIM DNS records. Previously, whitespace
was not properly skipped and empty elements would cause mis-parsing.
Tighten parsing of DKIM header records. Previously, all but lowercase
alpha chars would be ignored in potential tag names.
JH/09 Bug 3057: Add heuristic for spotting mistyped IPv6 addresses in lists
being searched. Previously we only had one for IPv4 addresses. Per the
documentation, the error results by default in a no-match result for the
list. It is logged if the unknown_in_list log_selector is used.
JH/10 Bug 3058: Ensure that a failing expansion in a router "set" option defers
the routing operation. Previously it would silently stop routing the
message.
JH/11 Bug 3046: Fix queue-runs. Previously, the arrivel of a notification or
info-request event close in time to a scheduled run timer could result in
the latter being missed, and no further queue scheduled runs being
initiated. This ouwld be more likely on high-load systems.
JH/12 Refuse to accept a line "dot, LF" as end-of-DATA unless operating in
LF-only mode (as detected from the first header line). Previously we did
accept that in (normal) CRLF mode; this has been raised as a possible
attack scenario (under the name "smtp smuggling").
JH/13 Add an fdatasync call for the received message data file in spool, before
loggging reception and sending the SMTP ack. Previously we only flushed
the stdio buffer so there was still the possibility of a disk error.
JH/14 Bug 3061: Avoid a split log line when trying to rewrite a malformed
address. Previously, for the last address in a header line (commonly
there is only one) the terminating newline was part of the logged
information.
JH/15 Bug 3061: Ensure a log line is written for a malformed address in a
header, when parsing for address-qualification. Previously one was only
written if there were rewrite rules.
JH/16 Two-phase queue runs are now reported in the daemon startup log line and
in exiwhat output.
JH/17 Bug 3064: Fix combination of "-q<period> -R <recipients>". Introduction of
the multiple-queue-runners facility for 4.97 broke this, giving only a
one-time run of the queue.
JH/18 Bug 3068: Log a warning for use of deprecated syntax in query-style
lookups.
JH/19 Fix TLS startup. When the last expansion done before the initiation of a
TLS session resulted in a forced-fail, a misleading error was logged for
the expansino of tls_certificates. This would affect the common case of
that option being set (main-section options) but not having any variable
parts. It could also potentially affect tls_privatekeys. The underlyding
coding errors go back to 4.90 but were only exposed in 4.97.
JH/20 Bug 3047: A recent (somewhere between 10.34 and 10.42) version of the
pcre2 library starting allocating 20kB rather than 112 bytes per match
call, which broke the 2GB total limitation on Exim's memory management
when a user had over 104207 messages stored and the appendfile
maildir_quota_directory_regex option is in use. Release the allocated
memory every thosand files to avoid this.
The same issue arises with the ACL regex condition, which is applied
to every line of a received message.
JH/21 Bug 3059: Fix crash in smtp transport. When running for a message for
which all recipients had been handled (itself an issue) a null-pointer
deref was done on trying to write a retry record. Fix that by counting
the outstanding recipients before trying to transmit the message.
The situation arose for a second MX try within a transport run, when the
first had perm-rejected a recipient (the only one for the connection, in
the case seen) during pipelining, and then closed the TCP connection.
The transport classified that as an I/O error, leaving the message
outstanding but having marked up the recipient as dealt-with. It then
tried another MX because of the I/O error. Fix this by converting the
message-level status to ok if there was a close but all recipients were
dealt with. Thanks to Wolfgand Breyha for debug runs.
JH/22 The ESMTP_LIMITS facility (RFC 9422) is promoted from experimental status
and is now controlled by the build-time option DISABLE_ESMTP_LIMITS.
JH/23 Bug 3066: Avoid leaking lookup database credentials to log.
JH/24 Bug 3081: Fix a delivery process crash. When the router "errors_to"
option specified a fixed address, later rewriting on that address would
trip on the configuration data being readonly. Instead of modifying
in-place, copy data. Found and fixed by Peter Benie.
JH/25 Bug 3079: Fix crash in dbmnz. When a key was present for zero-length
data a null pointer was followed. Find and testcase by Sebastian Bugge.
JH/26 Fix encoding for an AUTH parameter on a MAIL FROM command. Previously
decimal 127 chars were not encoded, and lowercase hex was used for
encoded values. Outstanding since at least 1999.
JH/27 Fix crash in logging. When a message with a large number of recipients
had been received, and logging of recipients is enabled, the buffer used
for logging could reach limit. A read using a null pointer would then
be done, resulting in a crash of the receiving process before an SMTP
ACK for the message was returned to the sending system. Duplicate
messages were created as a result.
Find and debug help by Mateusz Krawczyk
JH/28 Bug 3086: Fix exinext for ipv6. Change the format of keys in the retry
DB, wrapping transport record bare-ip "host names" and ipv6
"host addresses" in square-brackets. This makes the parsing that
exinext does more reliable.
JH/29 Bug 3087: Fix SRS encode. A zero-length quoted element in the local-part
would cause a crash.
JH/30 Bug 3029: Avoid feeding Resent-From: to DMARC.
JH/31 Bug 3027: For -bh / -bhc tests change to using the compressed form of
ipv6 addresses for the sender. Previously the uncompressed form was used,
and if used in textual form this would result in behavior difference
versus non-bh.
JH/32 Bug 3096: MAIL before HELO/EHLO, where required by hosts_require_helo, is
now classed as a protocol error and subject to smtp_max_synprot_errors.
JH/33 Bug 2994: A subdir dsearch lookup should permit a directory name that starts
".." and has following characters.
JH/34 Fix delivery ordering for 2-phase queue run combined with
queue_run_in_order.
JH/35 Bug 3099: fix parsing of MIME filename= split over multiple paramemters.
Previously the $mime_filename variable would have an incorrect value.
While in the code, extend coverage to name= which previously was only
supported for single parameters, despite also filling in $mime_filename.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This file ensures that msmtp is run tested inside GitHub Actions
to help to ensure that this application is compiled and run
tested for OpenWrt master.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
IPv6 has accidentally been disabled in all Exim builds since the
package was introduced in OpenWrt due to a faulty `sed` script. This
has now been fixed, so beware that IPv6 is now enabled when updating
from previous releases.
Upstream changes since version 4.96.2 (bottom up):
JH/s1 Refuse to accept a line "dot, LF" as end-of-DATA unless operating in
LF-only mode (as detected from the first header line). Previously we did
accept that in (normal) CRLF mode; this has been raised as a possible
attack scenario (under the name "smtp smuggling", CVE-2023-51766).
JH/01 The hosts_connection_nolog main option now also controls "no MAIL in
SMTP connection" log lines.
JH/02 Option default value updates:
- queue_fast_ramp (main) true (was false)
- remote_max_parallel (main) 4 (was 2)
JH/03 Cache static regex pattern compilations, for use by ACLs.
JH/04 Bug 2903: avoid exit on an attempt to rewrite a malformed address.
Make the rewrite never match and keep the logging. Trust the
admin to be using verify=header-syntax (to actually reject the message).
JH/05 Follow symlinks for placing a watch on TLS creds files. This means
(under Linux) we watch the dir containing the final file; previously
it would be the dir with the first symlink. We still do not monitor
the entire path.
JH/06 Check for bad chars in rDNS for sender_host_name. The OpenBSD (at least)
dn_expand() is happy to pass them through.
JH/07 OpenSSL Fix auto-reload of changed server OCSP proof. Previously, if
the file with the proof had an unchanged name, the new proof(s) were
loaded on top of the old ones (and nover used; the old ones were stapled).
JH/08 Bug 2915: Fix use-after-free for $regex<n> variables. Previously when
more than one message arrived in a single connection a reference from
the earlier message could be re-used. Often a sigsegv resulted.
These variables were introduced in Exim 4.87.
Debug help from Graeme Fowler.
JH/09 Fix ${filter } for conditions that modify $value. Previously the
modified version would be used in construction the result, and a memory
error would occur.
JH/10 GnuTLS: fix for (IOT?) clients offering no TLS extensions at all.
Find and fix by Jasen Betts.
JH/11 OpenSSL: fix for ancient clients needing TLS support for versions earlier
than TLSv1,2, Previously, more-recent versions of OpenSSL were permitting
the systemwide configuration to override the Exim config.
HS/01 Bug 2728: Introduce EDITME option "DMARC_API" to work around incompatible
API changes in libopendmarc.
JH/12 Bug 2930: Fix daemon startup. When started from any process apart from
pid 1, in the normal "background daemon" mode, having to drop process-
group leadership also lost track of needing to create listener sockets.
JH/13 Bug 2929: Fix using $recipients after ${run...}. A change made for 4.96
resulted in the variable appearing empty. Find and fix by Ruben Jenster.
JH/14 Bug 2933: Fix regex substring match variables for null matches. Since 4.96
a capture group which obtained no text (eg. "(abc)*" matching zero
occurrences) could cause a segfault if the corresponding $<n> was
expanded.
JH/15 Fix argument parsing for ${run } expansion. Previously, when an argument
included a close-brace character (eg. it itself used an expansion) an
error occurred.
JH/16 Move running the smtp connect ACL to before, for TLS-on-connect ports,
starting TLS. Previously it was after, meaning that attackers on such
ports had to be screened using the host_reject_connection main config
option. The new sequence aligns better with the STARTTLS behaviour, and
permits defences against crypto-processing load attacks, even though it
is strictly an incompatible change.
Also, avoid sending any SMTP fail response for either the connect ACL
or host_reject_connection, for TLS-on-connect ports.
JH/17 Permit the ACL "encrypted" condition to be used in a HELO/EHLO ACL,
Previously this was not permitted, but it makes reasonable sense.
While there, restore a restriction on using it from a connect ACL; given
the change JH/16 it could only return false (and before 4.91 was not
permitted).
JH/18 Fix a fencepost error in logging. Previously (since 4.92) when a log line
was exactly sized compared to the log buffer, a crash occurred with the
misleading message "bad memory reference; pool not found".
Found and traced by Jasen Betts.
JH/19 Bug 2911: Fix a recursion in DNS lookups. Previously, if the main option
dns_again_means_nonexist included an element causing a DNS lookup which
itself returned DNS_AGAIN, unbounded recursion occurred. Possible results
included (though probably not limited to) a process crash from stack
memory limit, or from excessive open files. Replace this with a paniclog
whine (as this is likely a configuration error), and returning
DNS_NOMATCH.
JH/20 Bug 2954: (OpenSSL) Fix setting of explicit EC curve/group. Previously
this always failed, probably leading to the usual downgrade to in-clear
connections.
JH/21 Fix TLSA lookups. Previously dns_again_means_nonexist would affect
SERVFAIL results, which breaks the downgrade resistance of DANE. Change
to not checking that list for these lookups.
JH/22 Bug 2434: Add connection-elapsed "D=" element to more connection
closure log lines.
JH/23 Fix crash in string expansions. Previously, if an empty variable was
immediately followed by an expansion operator, a null-indirection read
was done, killing the process.
JH/24 Bug 2997: When built with EXPERIMENTAL_DSN_INFO, bounce messages can
include an SMTP response string which is longer than that supported
by the delivering transport. Alleviate by wrapping such lines before
column 80.
JH/25 Bug 2827: Restrict size of References: header in bounce messages to 998
chars (RFC limit). Previously a limit of 12 items was made, which with
a not-impossible References: in the message being bounced could still
be over-large and get stopped in the transport.
JH/26 For a ${readsocket } in TLS mode, send a TLS Close Alert before the TCP
close. Previously a bare socket close was done.
JH/27 Fix ${srs_encode ..}. Previously it would give a bad result for one day
every 1024 days.
JH/28 Bug 2996: Fix a crash in the smtp transport. When finding that the
message being considered for delivery was already being handled by
another process, and having an SMTP connection already open, the function
to close it tried to use an uninitialized variable. This would afftect
high-volume sites more, especially when running mailing-list-style loads.
Pollution of logs was the major effect, as the other process delivered
the message. Found and partly investigated by Graeme Fowler.
JH/29 Change format of the internal ID used for message identification. The old
version only supported 31 bits for a PID element; the new 64 (on systems
which can use Base-62 encoding, which is all currently supported ones
but not Darwin (MacOS) or Cygwin, which have case-insensitive filesystems
and must use Base-36). The new ID is 23 characters rather than 16, and is
visible in various places - notably logs, message headers, and spool file
names. Various of the ancillary utilities also have to know the format.
As well as the expanded PID portion, the sub-second part of the time
recorded in the ID is expanded to support finer precision. Theoretically
this permits a receive rate from a single comms channel of better than the
previous 2000/sec.
The major timestamp part of the ID is not changed; at 6 characters it is
usable until about year 3700.
Updating from previously releases is fully supported: old-format spool
files are still usable, and the utilities support both formats. New
message will use the new format. The one hints-DB file type which uses
message-IDs (the transport wait- DB) will be discarded if an old-format ID
is seen; new ones will be built with only new-format IDs.
Optionally, a utility can be used to convert spool files from old to new,
but this is only an efficiency measure not a requirement for operation
Downgrading from new to old requires running a provided utility, having
first stopped all operations. This will convert any spool files from new
back to old (losing time-precision and PID information) and remove any
wait- hints databases.
JH/30 Bug 3006: Fix handling of JSON strings having embedded commas. Previously
we treated them as item separators when parsing for a list item, but they
need to be protected by the doublequotes. While there, add handling for
backslashes.
JH/31 Bug 2998: Fix ${utf8clean:...} to disallow UTF-16 surrogate codepoints.
Found and fixed by Jasen Betts. No testcase for this as my usual text
editor insists on emitting only valid UTF-8.
JH/32 Fix "tls_dhparam = none" under GnuTLS. At least with 3.7.9 this gave
a null-indirection SIGSEGV for the receive process.
JH/33 Fix free for live variable $value created by a ${run ...} expansion during
-bh use. Internal checking would spot this and take a panic.
JH/34 Bug 3013: Fix use of $recipients within arguments for ${run...}.
In 4.96 this would expand to empty.
JH/35 Bug 3014: GnuTLS: fix expiry date for an auto-generated server
certificate. Find and fix by Andreas Metzler.
JH/36 Add ARC info to DMARC hostory records.
JH/37 Bug 3016: Avoid sending DSN when message was accepted under fakereject
or fakedefer. Previously the sender could discover that the message
had in fact been accepted.
JH/38 Taint-track intermediate values from the peer in multi-stage authentation
sequences. Previously the input was not noted as being tainted; notably
this resulted in behaviour of LOGIN vs. PLAIN being inconsistent under
bad coding of authenticators.
JH/39 Bug 3023: Fix crash induced by some combinations of zero-length strings
and ${tr...}. Found and diagnosed by Heiko Schlichting.
JH/40 Bug 2999: Fix a possible OOB write in the external authenticator, which
CVE-2023-42115
JH/41 Bug 3000: Fix a possible OOB write in the SPA authenticator, which could
be triggered by externally-controlled input. Found by Trend Micro.
CVE-2023-42116
JH/42 Bug 3001: Fix a possible OOB read in the SPA authenticator, which could
be triggered by externally-controlled input. Found by Trend Micro.
CVE-2023-42114
JH/43 Bug 2903: avoid exit on an attempt to rewrite a malformed address.
Make the rewrite never match and keep the logging. Trust the
admin to be using verify=header-syntax (to actually reject the message).
JH/44 Bug 3033: Harden dnsdb lookups against crafted DNS responses.
CVE-2023-42219
could be triggered by externally-supplied input. Found by Trend Micro.
CVE-2023-42115
JH/41 Bug 3000: Fix a possible OOB write in the SPA authenticator, which could
be triggered by externally-controlled input. Found by Trend Micro.
CVE-2023-42116
JH/42 Bug 3001: Fix a possible OOB read in the SPA authenticator, which could
be triggered by externally-controlled input. Found by Trend Micro.
CVE-2023-42114
JH/43 Bug 2903: avoid exit on an attempt to rewrite a malformed address.
Make the rewrite never match and keep the logging. Trust the
admin to be using verify=header-syntax (to actually reject the message).
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
After the change from PCRE to PCRE2 when enabling POSTFIX_PCRE the
resulting postfix build no longer reports pcre as an available module.
(postfconf -m). This is caused by using the wrong syntax for the
HAS_PCRE build flag (HAS_PCRE2 vs HAS_PCRE=2). This fixes the build flag
to use the correct syntax.
Signed-off-by: Felix Matouschek <felix@matouschek.org>
Update to release 2.2 and switch to PCRE2. New release switched from
PCRE to PCRE2 and is now required.
Drop patch merged upstream and backport 2 additional patch that fix a
user-after-free and a PCRE2 bug.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Bump postfix to 3.8.2 release.
Refresh patches and drop patch 502-detect-glibc.patch as it got merged
upstream.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Fixes vulnerabilities:
- Improper Neutralization of Special Elements (CVE-2023-42117)
- dnsdb Out-Of-Bounds Read (CVE-2023-42119)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This is a security release.
JH/01 Bug 2999: Fix a possible OOB write in the external authenticator, which
could be triggered by externally-supplied input. Found by Trend Micro.
CVE-2023-42115
JH/02 Bug 3000: Fix a possible OOB write in the SPA authenticator, which could
be triggered by externally-controlled input. Found by Trend Micro.
CVE-2023-42116
JH/03 Bug 3001: Fix a possible OOB read in the SPA authenticator, which could
be triggered by externally-controlled input. Found by Trend Micro.
CVE-2023-42114
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Parallel build does not work because it may reach a point where OSTYPE
might be needed before it is actually built. They appear to run
parallel to each other:
echo slx > OSTYPE
[...]
cat: OSTYPE: No such file or directory
sh: line 1: test: too many arguments
cat: OSTYPE: No such file or directory
Already built for -- you must do "make clean" first
make[6]: *** [Makefile:706: rebuild] Error 1
make[6]: *** Waiting for unfinished jobs....
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
musl 1.2.4 deprecated legacy "LFS64" ("large file support") interfaces so
just having _GNU_SOURCE defined is not enough anymore.
Backport an upstream fix to replace these old data types.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
v2.3.20 2022-12-22 Aki Tuomi <aki.tuomi@open-xchange.com>
+ Add dsync_features=no-header-hashes. When this setting is enabled and
one dsync side doesn't support mail GUIDs (i.e. imapc), there is no
fallback to using header hashes. Instead, dsync assumes that all mails
with identical IMAP UIDs contains the same mail contents. This can
significantly improve dsync performance with some IMAP servers that
don't support caching Date/Message-ID headers.
+ lua: HTTP client has more settings now, see
https://doc.dovecot.org/admin_manual/lua/#dovecot.http.client
+ replicator: "doveadm replicator status" command now outputs when the
next sync is expected for the user.
- LAYOUT=index: duplicate GUIDs were not cleaned out. Also the list
recovery was not optimal.
- auth: Assert crash would occur when iterating multiple userdb
backends.
- director: Logging into director using master user with
auth_master_user_separator character redirected user to a wrong
backend, unless master_user_separator setting was also set to the same
value. Merged these into auth_master_user_separator.
- dsync: Couldn't always fix folder GUID conflicts automatically with
Maildir format. This resulted in replication repeatedly failing
with "Remote lost mailbox GUID".
- dsync: Failed to migrate INBOX when using namespace prefix=INBOX/,
resulting in "Remote lost mailbox GUID" errors.
- dsync: INBOX was created too early with namespace prefix=INBOX/,
resulting a GUID conflict. This may have been resolved automatically,
but not always.
- dsync: v2.3.18 regression: Wrong imapc password with dsync caused
Panic: file lib-event.c: line 506 (event_pop_global):
assertion failed: (event == current_global_event)
- imapc: Requesting STATUS for a mailbox with imapc and INDEXPVT
configured did not return correct (private) unseen counts.
- lib-dict: Process would crash when committing data to redis without
dict proxy.
- lib-mail: Corrupted cached BODYSTRUCTURE caused panic during FETCH.
Fixes: Panic: file message-part-data.c: line 579 (message_part_is_attachment):
assertion failed: (data != NULL). v2.3.13 regression.
- lib-storage: mail_attribute_dict with dict-sql failed when it tried to
lookup empty dict keys.
- lib: ioloop-kqueue was missing include breaking some BSD builds.
- lua-http: Dovecot Lua HTTP client could not resolve DNS names in mail
processes, because it expected "dns-client" socket to exist in the
current directory.
- oauth2: Using %{oauth2:name} variables could cause useless
introspections.
- pop3: Sending POP3 command with ':' character caused an assert-crash.
v2.3.18 regression.
- replicator: Replication queue had various issues, potentially causing
replication requests to become stuck.
- stats: Invalid Prometheus label names were created with specific
histogram group_by configurations. Prometheus rejected these labels.
v2.3.19.1 2022-06-14 Aki Tuomi <aki.tuomi@open-xchange.com>
- doveadm deduplicate: Non-duplicate mails were deleted.
v2.3.19 regression.
- auth: Crash would occur when iterating multiple backends.
Fixes: Panic: file userdb-blocking.c:
line 125 (userdb_blocking_iter_next): assertion failed: (ctx->conn != NULL)
v2.3.19 2022-05-10 Aki Tuomi <aki.tuomi@open-xchange.com>
+ Added mail_user_session_finished event, which is emitted when the mail
user session is finished (e.g. imap, pop3, lmtp). It also includes
fields with some process statistics information.
See https://doc.dovecot.org/admin_manual/list_of_events/ for more
information.
+ Added process_shutdown_filter setting. When an event matches the filter,
the process will be shutdown after the current connection(s) have
finished. This is intended to reduce memory usage of long-running imap
processes that keep a lot of memory allocated instead of freeing it to
the OS.
+ auth: Add cache hit indicator to auth passdb/userdb finished events.
See https://doc.dovecot.org/admin_manual/list_of_events/ for more
information.
+ doveadm deduplicate: Performance is improved significantly.
+ imapc: COPY commands were sent one mail at a time to the remote IMAP
server. Now the copying is buffered, so multiple mails can be copied
with a single COPY command.
+ lib-lua: Add a Lua interface to Dovecot's HTTP client library. See
https://doc.dovecot.org/admin_manual/lua/ for more information.
- auth: Cache lookup would use incorrect cache key after username change.
- auth: Improve handling unexpected LDAP connection errors/hangs.
Try to fix up these cases by reconnecting to the LDAP server and
aborting LDAP requests earlier.
- auth: Process crashed if userdb iteration was attempted while auth-workers
were already full handling auth requests.
- auth: db-oauth2: Using %{oauth2:name} variables caused unnecessary
introspection requests.
- dict: Timeouts may have been leaked at deinit.
- director: Ring may have become unstable if a backend's tag was changed.
It could also have caused director process to crash.
- doveadm kick: Numeric parameter was treated as IP address.
- doveadm: Proxying can panic when flushing print output. Fixes
Panic: file ioloop.c: line 865 (io_loop_destroy): assertion failed:
(ioloop == current_ioloop).
- doveadm sync: BROKENCHAR was wrongly changed to '_' character when
migrating mailboxes. This was set by default to %, so any mailbox
names containing % characters were modified to "_25".
- imapc: Copying or moving mails with doveadm to an imapc mailbox could
have produced "Error: Syncing mailbox '[...]' failed" Errors. The
operation itself succeeded but attempting to sync the destination
mailbox failed.
- imapc: Prevent index log synchronization errors when two or more imapc
sessions are adding messages to the same mailbox index files, i.e.
INDEX=MEMORY is not used.
- indexer: Process was slowly leaking memory for each indexing request.
- lib-fts: fts header filters caused binary content to be sent to the
indexer with non-default configuration.
- doveadm-server: Process could hang in some situations when printing
output to TCP client, e.g. when printing doveadm sync state.
- lib-index: dovecot.index.log files were often read and parsed entirely,
rather than only the parts that were actually necessary. This mainly
increased CPU usage.
- lmtp-proxy: Session ID forwarding would cause same session IDs being
used when delivering same mail to multiple backends.
- log: Log prefix update may have been lost if log process was busy.
This could have caused log prefixes to be empty or in some cases
reused between sessions, i.e. log lines could have been logged for the
wrong user/session.
- mail_crypt: Plugin crashes if it's loaded only for some users. Fixes
Panic: Module context mail_crypt_user_module missing.
- mail_crypt: When LMTP was delivering mails to both recipients with mail
encryption enabled and not enabled, the non-encrypted recipients may
have gotten mails encrypted anyway. This happened when the first
recipient was encrypted (mail_crypt_save_version=2) and the 2nd
recipient was not encrypted (mail_crypt_save_version=0).
- pop3: Session would crash if empty line was sent.
- stats: HTTP server leaked memory.
- submission-login: Long credentials, such as OAUTH2 tokens, were refused
during SASL interactive due to submission server applying line length
limits.
- submission-login: When proxying to remote host, authentication was not
using interactive SASL when logging in using long credentials such as
OAUTH2 tokens. This caused authentication to fail due to line length
constraints in SMTP protocol.
- submission: Terminating the client connection with QUIT command after
mail transaction is started with MAIL command and before it is
finished with DATA/BDAT can cause a segfault crash.
- virtual: doveadm search queries with mailbox-guid as the only parameter
crashes: Panic: file virtual-search.c: line 77 (virtual_search_get_records):
assertion failed: (result != 0)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Fix a Dovecot compile error when building with no other packages than
the default in master build, because iconv macro is missing.
Fixes: #20677
Signed-off-by: Juan del Bosque <juan@web64.pro>
Automatically compute and substitute current values for all
$(AUTORELEASE) instances as this feature is deprecated and shouldn't be
used.
The following temporary change was made to the core:
diff --git a/rules.mk b/rules.mk
index 57d7995d4fa8..f16367de87a8 100644
--- a/rules.mk
+++ b/rules.mk
@@ -429,7 +429,7 @@ endef
abi_version_str = $(subst -,,$(subst _,,$(subst .,,$(1))))
COMMITCOUNT = $(if $(DUMP),0,$(call commitcount))
-AUTORELEASE = $(if $(DUMP),0,$(call commitcount,1))
+AUTORELEASE = $(if $(DUMP),0,$(shell sed -i "s/\$$(AUTORELEASE)/$(call commitcount,1)/" $(CURDIR)/Makefile))
all:
FORCE: ;
And this command used to fix affected packages:
for i in $(cd feeds/packages; git grep -l PKG_RELEASE:=.*AUTORELEASE | \
sed 's^.*/\([^/]*\)/Makefile^\1^';);
do
make package/$i/download
done
Signed-off-by: Paul Fertser <fercerpav@gmail.com>
See commit 07730ff3 "treewide: add support for "lto" in PKG_BUILD_FLAGS"
on the main repository.
Note: Some packages only added `-flto` to CFLAGS and not LDFLAGS. This
fixes it and properly enables LTO.
Signed-off-by: Andre Heider <a.heider@gmail.com>
See commit da370098 "treewide: add support for "gc-sections" in
PKG_BUILD_FLAGS" on the main repository.
Note: This only touches packages which use all three parts
(-ffunction-sections, -fdata-sections and -Wl,--gc-sections) enabled by
this build flag. Some packages only use a subset, and these are left
unchanged for now.
Signed-off-by: Andre Heider <a.heider@gmail.com>
