1
0
mirror of https://github.com/openbsd/src.git synced 2024-12-22 16:42:56 -08:00
Commit Graph

47 Commits

Author SHA1 Message Date
mortimer
b9318d1db4 unbreak newaliases.
ok millert@
2018-07-03 01:34:43 +00:00
sunil
4636661a64 Import gilles@'s standalone spfwalk utility into smtpctl(8) as
'spf walk' command.

Ok gilles@
2018-01-06 07:59:27 +00:00
espie
186e29d5ec no need to generate y.tab.h if nothing uses it, set YFLAGS to nothing
instead of CLEANFILES += y.tab.h

okay millert@
2017-07-03 22:21:47 +00:00
jmc
faa33665ab for some time now mandoc has not required MLINKS to function
correctly - logically complete that now by removing MLINKS from base;

authors need only to ensure there is an entry in NAME for any function/
util being added. MLINKS will still work, and remain for perl to ease
upgrades;

ok nicm (curses) bcook (ssl)
ok schwarze, who provided a lot of feedback and assistance
ok tb natano jung
2016-03-30 06:38:40 +00:00
benno
1b716c3af3 build smtpd and smtpctl with -Werror-implicit-function-declaration
ok tedu@
2015-12-28 13:26:44 +00:00
sunil
5474095726 Install aliases(5), forward(5), makemap(8) and newaliases(8) manpages
that got accidentally removed while merging makemap(8) into smtpctl(8).

Spotted by Nathanael Rensen.
2015-12-09 08:13:28 +00:00
sunil
4c5b19cfbf Merge makemap(8) into smtpctl(8).
Ok gilles@, jung@
2015-12-07 12:29:19 +00:00
gilles
8f1b5f334f cleanup Makefile 2015-12-01 09:58:38 +00:00
gilles
8351d18b7f turn our local enqueuer setgid _smtpq and restrict access to offline queue,
the enqueuer will revoke group and regain real gid right after mkstemp.

this would have prevented the symlink/hardlink attacks against offline, and
it will avoid having to deal with new ways users can mess with it.

ok eric@, ok millert@
2015-10-09 14:37:38 +00:00
deraadt
9e8cdb26b1 The performance hit for -fstack-protector-all is worth it here.
ok gilles
2015-10-06 00:30:30 +00:00
jmc
84e8203937 lightly document mailq; ok gilles 2014-09-29 20:56:46 +00:00
fgsch
29c76dde7e Remove -ggdb -g3, this shouldn't be here
Requested by deraadt@
2014-04-01 23:14:25 +00:00
martynas
eb1c01ea60 Remove -Wbounded: it is now the compiler default. 2014-01-18 05:54:51 +00:00
eric
6133dbcb4f Simplify code for loading and dumping envelopes. Makes it much easier
to deal with automatic upgrade between envelope versions at load time.
2013-10-26 20:32:48 +00:00
eric
3f70ecaf32 Assorted queue improvements:
- cleanup the internal queue backend API and get rid of the QOP_* thing.
- implement a queue_proc backend
- rename queue_fsqueue.c to queue_fs
- enable support for queue encryption
- add an envelope cache
- better logging and error reporting
2013-07-19 20:37:07 +00:00
eric
7a7bc1696a New implementation for smtpctl and the command line parser. Allows
richer syntax, and makes the code way simpler to follow and extend
with new commands.
2013-07-19 13:41:23 +00:00
eric
299c4efe12 sync with OpenSMTPD 5.3.2
ok gilles@
2013-05-24 17:03:14 +00:00
gilles
65c4fdfb19 Sync with our smtpd repo:
* first bricks of ldap and sqlite support (not finished but both working)
* new table API to replace map API, all lookups are done through tables
* improved handling of temporary errors throughout the daemon
* improved scheduler and mta logic: connection reuse, optimizes batches
* improved queue: more tolerant to admin errors, new layout, less disk-IO
* improved memory usage under high load
* SSL certs/keys isolated to lookup process to avoid facing network
* VIRTUAL support improved, fully virtual setups possible now
* runtime tracing of processes through smtpctl trace
* ssl_privsep.c sync-ed with relayd
* ssl.c no longer contains smtpd specific interfaces
* smtpd-specific ssl bits moved to ssl_smtpd.c
* update mail address in copyright

FLUSH YOUR QUEUE. FLUSH YOUR QUEUE. FLUSH YOUR QUEUE. FLUSH YOUR QUEUE.

smtpd.conf(5) simplified, it will require adaptations

ok eric@
2013-01-26 09:37:22 +00:00
chl
93f98431b1 convert iobuf_queue()'s to iobuf_fqueue(). (idea from gilles@)
introduce iobuf_xinit() and iobuf_xfqueue(). (idea from eric@)

ok gilles@
2012-10-07 15:46:38 +00:00
gilles
fb3e477114 - remove crypto_backend
- remove support for encrypted queue, it will be reintroduced later after
  pouring more thinking into it

if you had it enabled, flush your queue before updating
2012-09-01 16:09:14 +00:00
gilles
e1829a2f5c Introduce the crypto_backend API and provide support for... encrypted queue
using the new API. By default, OpenSMTPD does not provide queue encryption,
but it can be enabled with "queue encryption [args]" and will transparently
encrypt/decrypt envelopes/messages as they hit the queue.

By default, it will use Blowfish in CBC mode with a different random IV for
each envelope and message. User provided key is expanded using sha256 but a
different cipher and digest may be specified in smtpd.conf

Queue encryption is compatible with compression and if both options are set
it will do them in correct order and transparently.

tested by chl@, a few users and myself
ok chl@ and I
2012-08-29 16:26:17 +00:00
gilles
ec51a685b7 missing DPADD ... sorry 2012-08-26 18:56:08 +00:00
gilles
858abddc79 - use the same compression algorithm, gzip, for message file and envelopes
- rename compress_zlib.c to compress_gzip.c

with this commit it is possible to inspect a compressed queue with gzcat :)
2012-08-26 13:38:43 +00:00
chl
0e8cc8ec3a Add compress_backend, allowing compression of messages and envelopes in the queue.
To use it, just add "queue compress" in smtpd.conf. For now, only zlib is used.

lots of feedback from eric@ and gilles@

ok eric@ gilles@
2012-08-25 23:35:09 +00:00
gilles
9ed3223c36 - introduce stat_backend, an API for pluggable statistic backends
> statistics are no longer static structures in shared memory
  > statistics are only set, smtpd never uses them in its logic
  > each statistic is a key/value where key can be any (dynamic) string
- convert all uses of the former API to use the new one
- implement stat_ramstat that keeps non-persistent stats in ram structure

ok eric@, ok chl@
2012-08-18 18:18:23 +00:00
gilles
75b3e49a45 implement an envelope_ascii API that's not tied to a specific queue_backend
simplify queue_fsqueue
2012-01-11 22:24:37 +00:00
eric
38f0b91087 move show_queue() and related functions from queue_shared.c
to smtpctl.c

ok gilles@
2011-12-14 18:42:27 +00:00
eric
e07647610c simpler implementation of smtpctl local enqueuer that does not need libevent.
ok gilles@
2011-11-02 12:01:20 +00:00
gilles
148c595199 fsqueue no longer stores envelopes by dumping the structure, instead use a
couple of load/dump functions to convert to and from a human readable fmt.
while at it kill struct delivery and merge back its fields to the envelope.

this basically means we shouldn't require users to flush their queues every
time we make a change to struct envelope.

work is not done, but we're at a better state than the binary fsqueue so
we'll improve it in-tree.

has been running on my own box for the last 12 hours or so
ok eric@, chl@
2011-10-23 09:30:06 +00:00
eric
a98a100f83 Introduce a small set of functions to manage stat counters in a
simpler and hopefully saner way.

ok gilles@ chl@
2011-09-01 19:56:49 +00:00
gilles
3f522ce892 fsqueue queue backend will implement a filesystem queue:
- fsqueue->setup() performs the queue initialization;
- fsqueue->message() controls messages;
- fsqueue->envelope() controls envelopes;

This commit brings the following to fsbackend:
fsqueue_setup(), fsqueue_message_delete(), fsqueue_envelope_load(),
fsqueue_envelope_update(), fsqueue_envelope_delete().

It also makes smtpd use the queue_backend API for these operations.
2011-04-14 20:11:08 +00:00
gilles
e5b0701460 backout the "new" queue code commited 4 months ago. it has many good ideas,
is way more optimized than what we had earlier and there's definitely stuff
we want to keep, however it is early optimization that doesn't account for
many features and makes them hard (if not impossible) to write without
ugly workarounds that ruin the purpose of the optimizations.

the backout goes to 30 May's right before the commit and catches up on all
the non-queue related commits that happened since then.

i'll work on reintroducing the ideas from this queue when the basic
features we expect from a MTA are implemented.

suggested on tech@ about a week ago, no objections, several "please make
smtpd move forward" mails from hackers and tech readers.
2010-10-09 22:05:35 +00:00
jacekm
0beae34bcf new queue, again; gcc2 compile tested by deraadt 2010-06-01 23:06:23 +00:00
jacekm
1bd35b5fb6 New queue doesn't compile on gcc2, back out. Spotted by deraadt@ 2010-06-01 19:47:08 +00:00
jacekm
362d6eb9ad Rewrite entire queue code.
Major goals:

1) Fix bad performance caused by the runner process doing full queue
read in 1s intervals.  My Soekris can now happily accept >50 msg/s
while having multi-thousand queue; before, one hundred queue would
bring the system to its knees.

2) Introduce Qmail-like scheduler that doesn't write as much to the
disk so that it needs less code for servicing error conditions,
which in some places can be tricky to get right.

3) Introduce separation between the scheduler and the backend; these
two queue aspects shouldn't be too tied too each other.  This means
that eg. storing queue in SQL requires rewrite of just queue_backend.c.

4) Make on-disk queue format architecture independent, and more
easily extensible, to reduce number of flag days in the future.

Minor goals:

ENOSPC no longer prevents delivery attempts, fixed session limiting
for relayed mail, improved batching of "relay via" mails, human-readable
mailq output, "show queue raw" command, clearer logging, sending
of single bounce about multiple recipients, exact delay= computation,
zero delay between deliveries while within session limit (currently
1s delay between re-scheduling is enforced), mta no longer requests
content fd, corrected session limit for bounce submissions, tiny
<100B queue files instead of multi-KB, detect loops before accepting
mail, reduce traffic on imsg channels by killing enormous struct
submit_status.
2010-05-31 23:38:56 +00:00
nicm
dfaf6462d3 Move imsg into libutil and add a man page.
Minor bump for libutil.

Previous versions of this diff and man page looked at by various people.

"you should just commit" deraadt
2010-05-26 16:44:32 +00:00
jacekm
f4ef9244eb Implementation of RFC 2920 PIPELINING extension, client side only for now.
This restructures the client_* API internals significantly.  The code becomes
pipelining in nature.  All SMTP commands are put on the output queue and
dequeued as quickly as possible.  Once dequeued, they're moved to the receive
queue so that replies can be matched with previous commands.

Dequeuing commands from the output queue halts when the count of commands
currently in-pipeline (``cmdi'') is equal to the command send window (``cmdw'').
There are three cmdw values useful in practice:

0               clear pipeline, ie. inhibit all future sends
1               disable pipelining, ie. use old ``one-request-one-reply`` mode
SIZE_T_MAX      enable pipelining, ie. dequeue as many commands as possible

At the beginning of session cmdw is 1.  When it is found that peer supports
PIPELINING, it grows to SIZE_T_MAX.  After dequeing DATA it is again 1.  After
sending QUIT it is 0.

Each command dequeued from the output queue becomes a buf in a msgbuf.  The act
of combining multiple commands into a single send operation did not need to be
implemented: buf_write() already combines bufs using iovec and sends them at
once using sendmsg(2).

Tested by todd@ and oga@

"looks good" to gilles@
2009-12-23 17:16:03 +00:00
jacekm
eb143ecfc6 Extend SMTP client_* API to support SSL+AUTH, and use it in the mta
process to relay mails.  ok gilles@
2009-09-15 16:50:06 +00:00
jacekm
195a632d6d Implement client side of the SMTP protocol in a library-like module.
Make bounce code and /usr/sbin/sendmail interface use this new API.
The mta process continues to use its own implementation, but
eventually will be switched to use this shared module.

Buffer routines are taken from buffer.c rather than from evbuffer.
This is one step forward to using a single buffer API across the
program.

"it looks sexy" gilles@
2009-08-27 11:37:30 +00:00
deraadt
e8eb6dcd66 repair library use. this was detected on the vax, a nice static linking
architecture.  it was silently creating broken code on other architectures.
2009-03-23 15:27:39 +00:00
jacekm
9783392355 smtpctl goes to usr.sbin; ok gilles@ 2009-03-16 22:03:42 +00:00
jacekm
b3ea9f7a37 Common queue walking code for smtpd and smtpctl. Kills majority of showqueue.c,
the remaining code was moved to queue_shared.c; ok gilles@
2009-01-29 12:43:25 +00:00
gilles
c08f1d2c51 follow the naming convention of other files, discussed with jacekm@ 2009-01-27 22:54:01 +00:00
gilles
f607a12cb7 first bricks of enqueue code which allows smtpctl to submit mail to queue
without "talking" smtp to listeners. currently, a big part of the server
side code is done (and requires a cleanup), next step is to get it usable
properly from a mail user agent.
2009-01-27 22:48:29 +00:00
jacekm
19280ee4e6 Add more compile time checking; fix warnings reported by gcc.
From: Nicholas Marriott <nicholas.marriott@gmail.com>
2008-12-21 13:06:41 +00:00
gilles
c529bc66cc - teach smtpctl how to inspect queue and runqueue, it supports two commands
`showqueue' which displays the content of the queue (all envelopes)
	`showrunqueue` which displays envelopes scheduled for delivery. The
	utility will be improved and extended, but for now we need at least
	this basic support to help debug queue-related issues.

	Output format is spamdb-alike:
	type|envelope uid|sender|recipient|last delivery date|retry count

	ok jacek@
2008-12-06 02:44:08 +00:00
gilles
c4f9d530eb - smtpctl utility to control the smtpd, don't expect too much yet as it is
just an empty clone of relayctl with the glue needed to have it
	exchange imsg with smtpd correctly. code mostly by pyr@, reviewed
	by chl@ and I a while ago.
2008-12-05 03:28:37 +00:00