Hello community,
here is the log from the commit of package dovecot23 for openSUSE:Factory checked in at 2019-05-02 19:18:31
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/dovecot23 (Old)
and /work/SRC/openSUSE:Factory/.dovecot23.new.5148 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "dovecot23"
Thu May 2 19:18:31 2019 rev:18 rq:699690 version:2.3.6
Changes:
--------
--- /work/SRC/openSUSE:Factory/dovecot23/dovecot23.changes 2019-04-19 18:38:46.763214914 +0200
+++ /work/SRC/openSUSE:Factory/.dovecot23.new.5148/dovecot23.changes 2019-05-02 19:18:38.661562344 +0200
@@ -1,0 +2,51 @@
+Tue Apr 30 13:49:18 UTC 2019 - Marcus Rueckert
+
+- update pigeonhole to 0.5.6
+ + sieve: Redirect loop prevention is sometimes ineffective.
+ Improve existing loop detection by also recognizing the
+ X-Sieve-Redirected-From header in incoming messages and
+ dropping redirect actions when it points to the sending
+ account. This header is already added by the redirect action,
+ so this improvement only adds an additional use of this header.
+ - sieve: Prevent execution of implicit keep upon temporary
+ failure occurring at runtime.
+
+-------------------------------------------------------------------
+Tue Apr 30 13:34:16 UTC 2019 - Marcus Rueckert
+
+- update to 2.3.6: (boo#1133624 boo#1133625)
+ * CVE-2019-11494: Submission-login crashed with signal 11 due to
+ null pointer access when authentication was aborted by
+ disconnecting.
+ * CVE-2019-11499: Submission-login crashed when authentication
+ was started over TLS secured channel and invalid authentication
+ message was sent.
+ * auth: Support password grant with passdb oauth2.
+ + Use system default CAs for outbound TLS connections.
+ + Simplify array handling with new helper macros.
+ + fts_solr: Enable configuring batch_size and soft_commit features.
+ - lmtp/submission: Fixed various bugs in XCLIENT handling,
+ including a hang when XCLIENT commands were sent infinitely to
+ the remote server.
+ - lmtp/submission: Forwarded multi-line replies were erroneously
+ sent as two replies to the client.
+ - lib-smtp: client: Message was not guaranteed to contain CRLF
+ consistently when CHUNKING was used.
+ - fts_solr: Plugin was no longer compatible with Solr 7.
+ - Make it possible to disable certificate checking without
+ setting ssl_client_ca_* settings.
+ - pop3c: SSL support was broken.
+ - mysql: Closing connection twice lead to crash on some systems.
+ - auth: Multiple oauth2 passdbs crashed auth process on deinit.
+ - HTTP client connection errors infrequently triggered a
+ segmentation fault when the connection was idle and not used
+ for a particular client instance.
+- drop https://github.com/dovecot/core/commit/3c5101ffd.patch
+
+-------------------------------------------------------------------
+Mon Apr 29 22:11:53 UTC 2019 - Marcus Rueckert
+
+- backport https://github.com/dovecot/core/commit/3c5101ffd.patch
+ [PATCH] driver-mysql: Avoid double-closing MySQL connection
+
+-------------------------------------------------------------------
Old:
----
dovecot-2.3-pigeonhole-0.5.5.tar.gz
dovecot-2.3-pigeonhole-0.5.5.tar.gz.sig
dovecot-2.3.5.2.tar.gz
dovecot-2.3.5.2.tar.gz.sig
New:
----
dovecot-2.3-pigeonhole-0.5.6.tar.gz
dovecot-2.3-pigeonhole-0.5.6.tar.gz.sig
dovecot-2.3.6.tar.gz
dovecot-2.3.6.tar.gz.sig
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ dovecot23.spec ++++++
--- /var/tmp/diff_new_pack.2FCLCQ/_old 2019-05-02 19:18:39.597563992 +0200
+++ /var/tmp/diff_new_pack.2FCLCQ/_new 2019-05-02 19:18:39.601563999 +0200
@@ -17,11 +17,11 @@
Name: dovecot23
-Version: 2.3.5.2
+Version: 2.3.6
Release: 0
%define pkg_name dovecot
-%define dovecot_version 2.3.5.2
-%define dovecot_pigeonhole_version 0.5.5
+%define dovecot_version 2.3.6
+%define dovecot_pigeonhole_version 0.5.6
%define dovecot_branch 2.3
%define dovecot_pigeonhole_source_dir %{pkg_name}-%{dovecot_branch}-pigeonhole-%{dovecot_pigeonhole_version}
%define dovecot_pigeonhole_docdir %{_docdir}/%{pkg_name}/dovecot-pigeonhole
++++++ dovecot-2.3-pigeonhole-0.5.5.tar.gz -> dovecot-2.3-pigeonhole-0.5.6.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dovecot-2.3-pigeonhole-0.5.5/ChangeLog new/dovecot-2.3-pigeonhole-0.5.6/ChangeLog
--- old/dovecot-2.3-pigeonhole-0.5.5/ChangeLog 2019-03-05 12:53:28.000000000 +0100
+++ new/dovecot-2.3-pigeonhole-0.5.6/ChangeLog 2019-04-30 14:26:49.000000000 +0200
@@ -1,11 +1,132 @@
-2019-03-05 13:48:57 +0200 Aki Tuomi (2483b085)
+2019-04-30 14:30:41 +0300 Aki Tuomi (92dc263a)
- Release v0.5.5 for Dovecot v2.3.5
+ Released v0.5.6
M configure.ac
-2019-03-04 15:01:08 +0100 Stephan Bosch (0a9f9095)
+2019-04-30 14:26:16 +0300 Aki Tuomi (18751d35)
+
+ NEWS: Add news for v0.5.6
+
+
+M NEWS
+
+2019-01-16 08:51:09 -0500 Josef 'Jeff' Sipek (ea20d2d9)
+
+ global: hash_table_destroy(NULL) is a no-op
+
+ @@ expression E;
+ @@
+
+ - if (hash_table_is_created(E)) {
+ - hash_table_destroy(&E);
+ - }
+ + hash_table_destroy(&E);
+
+M src/lib-sieve/sieve-result.c
+M src/plugins/imapsieve/imap-sieve-storage.c
+
+2019-01-24 22:46:09 +0100 Stephan Bosch (3733c159)
+
+ lib-sieve: Prevent execution of implicit keep upon temporary failure
+ occurring at runtime.
+
+
+M src/lib-sieve/sieve.c
+
+2018-12-12 18:46:50 +0100 Stephan Bosch (76a44097)
+
+ lib-sieve: redirect action: Assert that dupeid is not NULL when
+ act_redirect_get_duplicate_id() is successful.
+
+ Addresses scan-build report.
+
+M src/lib-sieve/cmd-redirect.c
+
+2018-12-12 18:45:00 +0100 Stephan Bosch (2c5a4cb5)
+
+ lib-sieve: redirect action: Fix lack of NULL checking in new
+ X-Sieve-Redirected-From header comparisons.
+
+ Problem found by scan-build.
+
+M src/lib-sieve/cmd-redirect.c
+
+2018-12-11 17:29:18 +0100 Stephan Bosch (049de1fc)
+
+ lib-sieve: redirect action: Implement additional protection against mail
+ loops.
+
+ Also check the X-Sieve-Redirected-From header for our own e-mail addresses.
+ This header is added by the redirect action itself and in a mail loop it
+ would see that same header with that same content. This is less reliable
+ than the other mail loop detection (sender may set such a header), so,
+ unlike the existing loop detection based on the duplicate db, the implicit
+ keep is not canceled when the new loop detection is triggered.
+
+M src/lib-sieve/cmd-redirect.c
+M tests/execute/smtp.svtest
+
+2018-12-11 17:27:20 +0100 Stephan Bosch (663ac718)
+
+ lib-sieve: redirect action: Put msgdata->mail in local variable in
+ act_redirect_get_duplicate_id().
+
+ Serves as an abbreviation.
+
+M src/lib-sieve/cmd-redirect.c
+
+2018-12-11 17:26:56 +0100 Stephan Bosch (c3c9a521)
+
+ lib-sieve: redirect action: Move composition of duplicate database ID to
+ separate function.
+
+
+M src/lib-sieve/cmd-redirect.c
+
+2018-12-11 20:28:51 +0100 Stephan Bosch (2c52769b)
+
+ lib-sieve: redirect action: Give log messages emitted during execution a
+ uniform prefix.
+
+
+M src/lib-sieve/cmd-redirect.c
+
+2018-12-11 17:25:12 +0100 Stephan Bosch (dd626dfe)
+
+ lib-sieve: redirect action: Report errors on original message in
+ act_redirect_commit().
+
+ It was errorneously using the (potentially) modified mail struct for error
+ reporting.
+
+M src/lib-sieve/cmd-redirect.c
+
+2018-12-11 17:24:38 +0100 Stephan Bosch (88792972)
+
+ lib-sieve: redirect action: Update coding style of act_redirect_commit().
+
+
+M src/lib-sieve/cmd-redirect.c
+
+2018-12-11 20:25:12 +0100 Stephan Bosch (7d2d1eca)
+
+ lib-sieve: redirect action: Update coding style of act_redirect_send().
+
+
+M src/lib-sieve/cmd-redirect.c
+
+2018-12-11 17:23:06 +0100 Stephan Bosch (4ef89d76)
+
+ lib-sieve: editheader extension: Protect the X-Sieve-Redirected-From header
+ against modification.
+
+ This prevents users from messing with redirect loop detection.
+
+M src/lib-sieve/plugins/editheader/ext-editheader-common.c
+
+2019-03-04 15:01:08 +0100 Stephan Bosch (73378b27)
Update NEWS file for v0.5.5 release.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dovecot-2.3-pigeonhole-0.5.5/NEWS new/dovecot-2.3-pigeonhole-0.5.6/NEWS
--- old/dovecot-2.3-pigeonhole-0.5.5/NEWS 2019-03-05 12:53:18.000000000 +0100
+++ new/dovecot-2.3-pigeonhole-0.5.6/NEWS 2019-04-30 14:26:38.000000000 +0200
@@ -1,3 +1,14 @@
+v0.5.6 2019-04-30 Aki Tuomi
+
+ + sieve: Redirect loop prevention is sometimes ineffective. Improve
+ existing loop detection by also recognizing the
+ X-Sieve-Redirected-From header in incoming messages and dropping
+ redirect actions when it points to the sending account. This header
+ is already added by the redirect action, so this improvement only
+ adds an additional use of this header.
+ - sieve: Prevent execution of implicit keep upon temporary failure
+ occurring at runtime.
+
v0.5.5 2019-03-05 Stephan Bosch
+ IMAPSieve: Add new plugin/imapsieve_expunge_discarded setting which
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dovecot-2.3-pigeonhole-0.5.5/configure new/dovecot-2.3-pigeonhole-0.5.6/configure
--- old/dovecot-2.3-pigeonhole-0.5.5/configure 2019-03-05 12:53:23.000000000 +0100
+++ new/dovecot-2.3-pigeonhole-0.5.6/configure 2019-04-30 14:26:43.000000000 +0200
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for Pigeonhole 0.5.5.
+# Generated by GNU Autoconf 2.69 for Pigeonhole 0.5.6.
#
# Report bugs to .
#
@@ -590,8 +590,8 @@
# Identity of this package.
PACKAGE_NAME='Pigeonhole'
PACKAGE_TARNAME='dovecot-2.3-pigeonhole'
-PACKAGE_VERSION='0.5.5'
-PACKAGE_STRING='Pigeonhole 0.5.5'
+PACKAGE_VERSION='0.5.6'
+PACKAGE_STRING='Pigeonhole 0.5.6'
PACKAGE_BUGREPORT='dovecot@dovecot.org'
PACKAGE_URL=''
@@ -1413,7 +1413,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures Pigeonhole 0.5.5 to adapt to many kinds of systems.
+\`configure' configures Pigeonhole 0.5.6 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1485,7 +1485,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of Pigeonhole 0.5.5:";;
+ short | recursive ) echo "Configuration of Pigeonhole 0.5.6:";;
esac
cat <<\_ACEOF
@@ -1610,7 +1610,7 @@
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-Pigeonhole configure 0.5.5
+Pigeonhole configure 0.5.6
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
@@ -1979,7 +1979,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by Pigeonhole $as_me 0.5.5, which was
+It was created by Pigeonhole $as_me 0.5.6, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@@ -2329,7 +2329,7 @@
cat >>confdefs.h <<_ACEOF
-#define PIGEONHOLE_ABI_VERSION "0.5.ABIv0($PACKAGE_VERSION)"
+#define PIGEONHOLE_ABI_VERSION "0.5.ABIv6($PACKAGE_VERSION)"
_ACEOF
@@ -2869,7 +2869,7 @@
# Define the identity of the package.
PACKAGE='dovecot-2.3-pigeonhole'
- VERSION='0.5.5'
+ VERSION='0.5.6'
# Some tools Automake needs.
@@ -13907,7 +13907,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by Pigeonhole $as_me 0.5.5, which was
+This file was extended by Pigeonhole $as_me 0.5.6, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -13973,7 +13973,7 @@
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-Pigeonhole config.status 0.5.5
+Pigeonhole config.status 0.5.6
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dovecot-2.3-pigeonhole-0.5.5/configure.ac new/dovecot-2.3-pigeonhole-0.5.6/configure.ac
--- old/dovecot-2.3-pigeonhole-0.5.5/configure.ac 2019-03-05 12:53:18.000000000 +0100
+++ new/dovecot-2.3-pigeonhole-0.5.6/configure.ac 2019-04-30 14:26:38.000000000 +0200
@@ -2,8 +2,8 @@
# Be sure to update ABI version also if anything changes that might require
# recompiling plugins. Most importantly that means if any structs are changed.
-AC_INIT([Pigeonhole], [0.5.5], [dovecot@dovecot.org], [dovecot-2.3-pigeonhole])
-AC_DEFINE_UNQUOTED([PIGEONHOLE_ABI_VERSION], "0.5.ABIv0($PACKAGE_VERSION)", [Pigeonhole ABI version])
+AC_INIT([Pigeonhole], [0.5.6], [dovecot@dovecot.org], [dovecot-2.3-pigeonhole])
+AC_DEFINE_UNQUOTED([PIGEONHOLE_ABI_VERSION], "0.5.ABIv6($PACKAGE_VERSION)", [Pigeonhole ABI version])
AC_CONFIG_AUX_DIR([.])
AC_CONFIG_SRCDIR([src])
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dovecot-2.3-pigeonhole-0.5.5/pigeonhole-version.h new/dovecot-2.3-pigeonhole-0.5.6/pigeonhole-version.h
--- old/dovecot-2.3-pigeonhole-0.5.5/pigeonhole-version.h 2019-03-05 12:53:28.000000000 +0100
+++ new/dovecot-2.3-pigeonhole-0.5.6/pigeonhole-version.h 2019-04-30 14:26:48.000000000 +0200
@@ -1,6 +1,6 @@
#ifndef PIGEONHOLE_VERSION_H
#define PIGEONHOLE_VERSION_H
-#define PIGEONHOLE_VERSION_FULL PIGEONHOLE_VERSION" (2483b085)"
+#define PIGEONHOLE_VERSION_FULL PIGEONHOLE_VERSION" (92dc263a)"
#endif /* PIGEONHOLE_VERSION_H */
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dovecot-2.3-pigeonhole-0.5.5/src/lib-sieve/cmd-redirect.c new/dovecot-2.3-pigeonhole-0.5.6/src/lib-sieve/cmd-redirect.c
--- old/dovecot-2.3-pigeonhole-0.5.5/src/lib-sieve/cmd-redirect.c 2019-03-05 12:53:18.000000000 +0100
+++ new/dovecot-2.3-pigeonhole-0.5.6/src/lib-sieve/cmd-redirect.c 2019-04-30 14:26:38.000000000 +0200
@@ -275,13 +275,13 @@
*keep = FALSE;
}
-static int act_redirect_send
-(const struct sieve_action_exec_env *aenv, struct mail *mail,
- struct act_redirect_context *ctx, const char *new_msg_id)
+static int
+act_redirect_send(const struct sieve_action_exec_env *aenv, struct mail *mail,
+ struct act_redirect_context *ctx, const char *new_msg_id)
ATTR_NULL(4)
{
static const char *hide_headers[] =
- { "Return-Path", "X-Sieve", "X-Sieve-Redirected-From" };
+ { "Return-Path" };
struct sieve_instance *svinst = aenv->svinst;
struct sieve_message_context *msgctx = aenv->msgctx;
const struct sieve_script_env *senv = aenv->scriptenv;
@@ -294,43 +294,46 @@
int ret;
/* Just to be sure */
- if ( !sieve_smtp_available(senv) ) {
- sieve_result_global_warning
- (aenv, "redirect action has no means to send mail.");
+ if (!sieve_smtp_available(senv)) {
+ sieve_result_global_warning(
+ aenv, "redirect action: no means to send mail");
return SIEVE_EXEC_FAILURE;
}
if (mail_get_stream(mail, NULL, NULL, &input) < 0) {
- return sieve_result_mail_error(aenv, mail,
- "redirect action: failed to read input message");
+ return sieve_result_mail_error(
+ aenv, mail, "redirect action: "
+ "failed to read input message");
}
/* Determine which sender to use
From RFC 5228, Section 4.2:
- The envelope sender address on the outgoing message is chosen by the
- sieve implementation. It MAY be copied from the message being
- processed. However, if the message being processed has an empty
- envelope sender address the outgoing message MUST also have an empty
- envelope sender address. This last requirement is imposed to prevent
- loops in the case where a message is redirected to an invalid address
- when then returns a delivery status notification that also ends up
- being redirected to the same invalid address.
+ The envelope sender address on the outgoing message is chosen by the
+ sieve implementation. It MAY be copied from the message being
+ processed. However, if the message being processed has an empty
+ envelope sender address the outgoing message MUST also have an empty
+ envelope sender address. This last requirement is imposed to prevent
+ loops in the case where a message is redirected to an invalid address
+ when then returns a delivery status notification that also ends up
+ being redirected to the same invalid address.
*/
- if ( (aenv->flags & SIEVE_EXECUTE_FLAG_NO_ENVELOPE) == 0 ) {
+ if ((aenv->flags & SIEVE_EXECUTE_FLAG_NO_ENVELOPE) == 0) {
/* Envelope available */
sender = sieve_message_get_sender(msgctx);
- if ( sender != NULL &&
- sieve_address_source_get_address(&env_from, svinst,
- senv, msgctx, aenv->flags, &sender) < 0 )
+ if (sender != NULL &&
+ sieve_address_source_get_address(
+ &env_from, svinst, senv, msgctx, aenv->flags,
+ &sender) < 0)
sender = NULL;
} else {
/* No envelope available */
- if ( (ret=sieve_address_source_get_address(&env_from, svinst,
- senv, msgctx, aenv->flags, &sender)) < 0 ) {
+ ret = sieve_address_source_get_address(
+ &env_from, svinst, senv, msgctx, aenv->flags, &sender);
+ if (ret < 0) {
sender = NULL;
- } else if ( ret == 0 ) {
+ } else if (ret == 0) {
sender = svinst->user_email;
}
}
@@ -339,29 +342,31 @@
sctx = sieve_smtp_start_single(senv, ctx->to_address, sender, &output);
/* Remove unwanted headers */
- input = i_stream_create_header_filter
- (input, HEADER_FILTER_EXCLUDE | HEADER_FILTER_NO_CR, hide_headers,
- N_ELEMENTS(hide_headers), *null_header_filter_callback, (void *)NULL);
+ input = i_stream_create_header_filter(
+ input, HEADER_FILTER_EXCLUDE | HEADER_FILTER_NO_CR,
+ hide_headers, N_ELEMENTS(hide_headers),
+ *null_header_filter_callback, (void *)NULL);
T_BEGIN {
string_t *hdr = t_str_new(256);
const struct smtp_address *user_email;
/* Prepend sieve headers (should not affect signatures) */
- rfc2822_header_append(hdr,
- "X-Sieve", SIEVE_IMPLEMENTATION, FALSE, NULL);
- if ( svinst->user_email == NULL &&
- (aenv->flags & SIEVE_EXECUTE_FLAG_NO_ENVELOPE) == 0 )
+ rfc2822_header_append(hdr, "X-Sieve", SIEVE_IMPLEMENTATION,
+ FALSE, NULL);
+ if (svinst->user_email == NULL &&
+ (aenv->flags & SIEVE_EXECUTE_FLAG_NO_ENVELOPE) == 0)
user_email = sieve_message_get_final_recipient(msgctx);
else
user_email = sieve_get_user_email(aenv->svinst);
- if ( user_email != NULL ) {
+ if (user_email != NULL) {
rfc2822_header_append(hdr, "X-Sieve-Redirected-From",
- smtp_address_encode(user_email), FALSE, NULL);
+ smtp_address_encode(user_email),
+ FALSE, NULL);
}
/* Add new Message-ID if message doesn't have one */
- if ( new_msg_id != NULL )
+ if (new_msg_id != NULL)
rfc2822_header_write(hdr, "Message-ID", new_msg_id);
o_stream_nsend(output, str_data(hdr), str_len(hdr));
@@ -370,20 +375,22 @@
o_stream_nsend_istream(output, input);
if (input->stream_errno != 0) {
- sieve_result_critical(aenv,
- "redirect action: failed to read input message",
+ sieve_result_critical(
+ aenv, "redirect action: "
+ "failed to read input message",
"redirect action: read(%s) failed: %s",
i_stream_get_name(input),
i_stream_get_error(input));
i_stream_unref(&input);
return SIEVE_EXEC_TEMP_FAILURE;
}
- i_stream_unref(&input);
+ i_stream_unref(&input);
/* Close SMTP transport */
- if ( (ret=sieve_smtp_finish(sctx, &error)) <= 0 ) {
- if ( ret < 0 ) {
- sieve_result_global_error(aenv,
+ if ((ret = sieve_smtp_finish(sctx, &error)) <= 0) {
+ if (ret < 0) {
+ sieve_result_global_error(
+ aenv, "redirect action: "
"failed to redirect message to <%s>: %s "
"(temporary failure)",
smtp_address_encode(ctx->to_address),
@@ -391,7 +398,8 @@
return SIEVE_EXEC_TEMP_FAILURE;
}
- sieve_result_global_log_error(aenv,
+ sieve_result_global_log_error(
+ aenv, "redirect action: "
"failed to redirect message to <%s>: %s "
"(permanent failure)",
smtp_address_encode(ctx->to_address),
@@ -402,55 +410,36 @@
return SIEVE_EXEC_OK;
}
-static int act_redirect_commit
-(const struct sieve_action *action,
- const struct sieve_action_exec_env *aenv, void *tr_context ATTR_UNUSED,
- bool *keep)
+static int
+act_redirect_get_duplicate_id(struct act_redirect_context *ctx,
+ const struct sieve_action_exec_env *aenv,
+ const char *msg_id, const char **dupeid_r)
{
- struct sieve_instance *svinst = aenv->svinst;
- struct act_redirect_context *ctx =
- (struct act_redirect_context *) action->context;
struct sieve_message_context *msgctx = aenv->msgctx;
- struct mail *mail = ( action->mail != NULL ?
- action->mail : sieve_message_get_mail(msgctx) );
const struct sieve_message_data *msgdata = aenv->msgdata;
- const struct sieve_script_env *senv = aenv->scriptenv;
+ struct mail *mail = msgdata->mail;
const struct smtp_address *recipient;
- const char *msg_id = msgdata->id, *new_msg_id = NULL;
- const char *dupeid, *resent_id = NULL;
- const char *list_id = NULL;
- int ret;
-
- /*
- * Prevent mail loops
- */
+ const char *resent_id = NULL, *list_id = NULL;
/* Read identifying headers */
- if ( mail_get_first_header
- (msgdata->mail, "resent-message-id", &resent_id) < 0 ) {
- return sieve_result_mail_error(aenv, mail,
+ if (mail_get_first_header(mail, "resent-message-id", &resent_id) < 0) {
+ return sieve_result_mail_error(
+ aenv, mail, "redirect action: "
"failed to read header field `resent-message-id'");
}
- if ( resent_id == NULL ) {
- if ( mail_get_first_header
- (msgdata->mail, "resent-from", &resent_id) < 0 ) {
- return sieve_result_mail_error(aenv, mail,
- "failed to read header field `resent-from'");
- }
+ if (resent_id == NULL &&
+ mail_get_first_header(mail, "resent-from", &resent_id) < 0) {
+ return sieve_result_mail_error(
+ aenv, mail, "redirect action: "
+ "failed to read header field `resent-from'");
}
- if ( mail_get_first_header
- (msgdata->mail, "list-id", &list_id) < 0 ) {
- return sieve_result_mail_error(aenv, mail,
+ if (mail_get_first_header(mail, "list-id", &list_id) < 0) {
+ return sieve_result_mail_error(
+ aenv, mail, "redirect action: "
"failed to read header field `list-id'");
}
- /* Create Message-ID for the message if it has none */
- if ( msg_id == NULL ) {
- msg_id = new_msg_id =
- sieve_message_get_new_id(aenv->svinst);
- }
-
- if ( (aenv->flags & SIEVE_EXECUTE_FLAG_NO_ENVELOPE) == 0 )
+ if ((aenv->flags & SIEVE_EXECUTE_FLAG_NO_ENVELOPE) == 0)
recipient = sieve_message_get_orig_recipient(msgctx);
else
recipient = sieve_get_user_email(aenv->svinst);
@@ -463,34 +452,132 @@
the original message
- if the message came through a mailing list: the mailinglist ID
*/
- dupeid = t_strdup_printf("%s-%s-%s-%s-%s", msg_id,
+ *dupeid_r = t_strdup_printf("%s-%s-%s-%s-%s", msg_id,
(recipient != NULL ? smtp_address_encode(recipient) : ""),
smtp_address_encode(ctx->to_address),
(resent_id != NULL ? resent_id : ""),
(list_id != NULL ? list_id : ""));
+ return SIEVE_EXEC_OK;
+}
+
+static int
+act_redirect_check_loop_header(const struct sieve_action_exec_env *aenv,
+ struct mail *mail, bool *loop_detected_r)
+{
+ struct sieve_message_context *msgctx = aenv->msgctx;
+ const char *const *headers;
+ const char *recipient, *user_email;
+ const struct smtp_address *addr;
+ int ret;
+
+ *loop_detected_r = FALSE;
+
+ ret = mail_get_headers(mail, "x-sieve-redirected-from", &headers);
+ if (ret < 0 ) {
+ return sieve_result_mail_error(
+ aenv, mail, "redirect action: "
+ "failed to read header field "
+ "`x-sieve-redirected-from'");
+ }
+
+ if (ret == 0)
+ return SIEVE_EXEC_OK;
+
+ recipient = user_email = NULL;
+ if ((aenv->flags & SIEVE_EXECUTE_FLAG_NO_ENVELOPE) == 0) {
+ addr = sieve_message_get_final_recipient(msgctx);
+ if (addr != NULL)
+ recipient = smtp_address_encode(addr);
+ }
+ addr = sieve_get_user_email(aenv->svinst);
+ if (addr != NULL)
+ user_email = smtp_address_encode(addr);
+
+ while (*headers != NULL) {
+ const char *header = t_str_trim(*headers, " \t\r\n");
+ if (recipient != NULL && strcmp(header, recipient) == 0) {
+ *loop_detected_r = TRUE;
+ break;
+ }
+ if (user_email != NULL && strcmp(header, user_email) == 0) {
+ *loop_detected_r = TRUE;
+ break;
+ }
+ headers++;
+ }
+
+ return SIEVE_EXEC_OK;
+}
+
+static int
+act_redirect_commit(const struct sieve_action *action,
+ const struct sieve_action_exec_env *aenv,
+ void *tr_context ATTR_UNUSED, bool *keep)
+{
+ struct sieve_instance *svinst = aenv->svinst;
+ struct act_redirect_context *ctx =
+ (struct act_redirect_context *) action->context;
+ struct sieve_message_context *msgctx = aenv->msgctx;
+ struct mail *mail = (action->mail != NULL ?
+ action->mail : sieve_message_get_mail(msgctx));
+ const struct sieve_message_data *msgdata = aenv->msgdata;
+ const struct sieve_script_env *senv = aenv->scriptenv;
+ const char *msg_id = msgdata->id, *new_msg_id = NULL;
+ const char *dupeid = NULL;
+ bool loop_detected = FALSE;
+ int ret;
+
+ /*
+ * Prevent mail loops
+ */
+
+ /* Create Message-ID for the message if it has none */
+ if (msg_id == NULL)
+ msg_id = new_msg_id = sieve_message_get_new_id(aenv->svinst);
+
+ /* Create ID for duplicate database lookup */
+ ret = act_redirect_get_duplicate_id(ctx, aenv, msg_id, &dupeid);
+ if (ret != SIEVE_EXEC_OK)
+ return ret;
+ i_assert(dupeid != NULL);
/* Check whether we've seen this message before */
- if (sieve_action_duplicate_check
- (senv, dupeid, strlen(dupeid))) {
- sieve_result_global_log(aenv,
+ if (sieve_action_duplicate_check(senv, dupeid, strlen(dupeid))) {
+ sieve_result_global_log(
+ aenv, "redirect action: "
"discarded duplicate forward to <%s>",
smtp_address_encode(ctx->to_address));
*keep = FALSE;
return SIEVE_EXEC_OK;
}
+ /* Check whether we've seen this message before based on added headers
+ */
+ ret = act_redirect_check_loop_header(aenv, mail, &loop_detected);
+ if (ret != SIEVE_EXEC_OK)
+ return ret;
+ if (loop_detected) {
+ sieve_result_global_log(
+ aenv, "redirect action: "
+ "not forwarding message to <%s>: "
+ "the `x-sieve-redirected-from' header indicates a mail loop",
+ smtp_address_encode(ctx->to_address));
+ return SIEVE_EXEC_OK;
+ }
+
/*
* Try to forward the message
*/
- if ( (ret=act_redirect_send
- (aenv, mail, ctx, new_msg_id)) == SIEVE_EXEC_OK) {
-
- /* Mark this message id as forwarded to the specified destination */
+ ret = act_redirect_send(aenv, mail, ctx, new_msg_id);
+ if (ret == SIEVE_EXEC_OK) {
+ /* Mark this message id as forwarded to the specified
+ destination */
sieve_action_duplicate_mark(senv, dupeid, strlen(dupeid),
ioloop_time + svinst->redirect_duplicate_period);
- sieve_result_global_log(aenv, "forwarded to <%s>",
+ sieve_result_global_log(
+ aenv, "redirect action: forwarded to <%s>",
smtp_address_encode(ctx->to_address));
/* Indicate that message was successfully forwarded */
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dovecot-2.3-pigeonhole-0.5.5/src/lib-sieve/plugins/editheader/ext-editheader-common.c new/dovecot-2.3-pigeonhole-0.5.6/src/lib-sieve/plugins/editheader/ext-editheader-common.c
--- old/dovecot-2.3-pigeonhole-0.5.5/src/lib-sieve/plugins/editheader/ext-editheader-common.c 2019-03-05 12:53:18.000000000 +0100
+++ new/dovecot-2.3-pigeonhole-0.5.6/src/lib-sieve/plugins/editheader/ext-editheader-common.c 2019-04-30 14:26:38.000000000 +0200
@@ -156,6 +156,8 @@
if ( strcasecmp(hname, "subject") == 0 )
return TRUE;
+ if ( strcasecmp(hname, "x-sieve-redirected-from") == 0 )
+ return FALSE;
if ( (header=ext_editheader_config_header_find
(ext_config, hname)) == NULL )
@@ -174,6 +176,8 @@
if ( strcasecmp(hname, "received") == 0
|| strcasecmp(hname, "auto-submitted") == 0 )
return FALSE;
+ if ( strcasecmp(hname, "x-sieve-redirected-from") == 0 )
+ return FALSE;
if ( strcasecmp(hname, "subject") == 0 )
return TRUE;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dovecot-2.3-pigeonhole-0.5.5/src/lib-sieve/sieve-result.c new/dovecot-2.3-pigeonhole-0.5.6/src/lib-sieve/sieve-result.c
--- old/dovecot-2.3-pigeonhole-0.5.5/src/lib-sieve/sieve-result.c 2019-03-05 12:53:18.000000000 +0100
+++ new/dovecot-2.3-pigeonhole-0.5.6/src/lib-sieve/sieve-result.c 2019-04-30 14:26:38.000000000 +0200
@@ -139,8 +139,7 @@
sieve_message_context_unref(&(*result)->action_env.msgctx);
- if ( hash_table_is_created((*result)->action_contexts) )
- hash_table_destroy(&(*result)->action_contexts);
+ hash_table_destroy(&(*result)->action_contexts);
if ( (*result)->action_env.ehandler != NULL )
sieve_error_handler_unref(&(*result)->action_env.ehandler);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dovecot-2.3-pigeonhole-0.5.5/src/lib-sieve/sieve.c new/dovecot-2.3-pigeonhole-0.5.6/src/lib-sieve/sieve.c
--- old/dovecot-2.3-pigeonhole-0.5.5/src/lib-sieve/sieve.c 2019-03-05 12:53:18.000000000 +0100
+++ new/dovecot-2.3-pigeonhole-0.5.6/src/lib-sieve/sieve.c 2019-04-30 14:26:38.000000000 +0200
@@ -714,14 +714,16 @@
sieve_multiscript_execute(mscript,
action_ehandler, flags, &mscript->keep);
}
- mscript->active =
- ( mscript->active && mscript->keep && mscript->status > 0 );
+ if ( !mscript->keep )
+ mscript->active = FALSE;
}
- if ( mscript->status <= 0 )
+ if ( !mscript->active || mscript->status <= 0 ) {
+ mscript->active = FALSE;
return FALSE;
+ }
- return mscript->active;
+ return TRUE;
}
bool sieve_multiscript_will_discard
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dovecot-2.3-pigeonhole-0.5.5/src/plugins/imapsieve/imap-sieve-storage.c new/dovecot-2.3-pigeonhole-0.5.6/src/plugins/imapsieve/imap-sieve-storage.c
--- old/dovecot-2.3-pigeonhole-0.5.5/src/plugins/imapsieve/imap-sieve-storage.c 2019-03-05 12:53:18.000000000 +0100
+++ new/dovecot-2.3-pigeonhole-0.5.6/src/plugins/imapsieve/imap-sieve-storage.c 2019-04-30 14:26:38.000000000 +0200
@@ -1157,8 +1157,7 @@
if (isuser->isieve != NULL)
imap_sieve_deinit(&isuser->isieve);
- if (hash_table_is_created(isuser->mbox_rules))
- hash_table_destroy(&isuser->mbox_rules);
+ hash_table_destroy(&isuser->mbox_rules);
if (array_is_created(&isuser->mbox_patterns))
array_free(&isuser->mbox_patterns);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dovecot-2.3-pigeonhole-0.5.5/tests/execute/smtp.svtest new/dovecot-2.3-pigeonhole-0.5.6/tests/execute/smtp.svtest
--- old/dovecot-2.3-pigeonhole-0.5.5/tests/execute/smtp.svtest 2019-03-05 12:53:18.000000000 +0100
+++ new/dovecot-2.3-pigeonhole-0.5.6/tests/execute/smtp.svtest 2019-04-30 14:26:38.000000000 +0200
@@ -346,3 +346,104 @@
}
}
+/*
+ * Redirect mail loop (sieve_user_email)
+ */
+
+test_result_reset;
+test_set "message" text:
+X-Sieve-Redirected-From: t.sirainen@example.net
+From: stephan@example.org
+To: tss@example.net
+Subject: Frop!
+
+Frop!
+.
+;
+test_set "envelope.from" "sirius@example.org";
+test_set "envelope.to" "timo@example.net";
+test_set "envelope.orig_to" "tss@example.net";
+
+test_config_set "sieve_redirect_envelope_from" "user_email";
+test_config_set "sieve_user_email" "t.sirainen@example.net";
+test_config_reload;
+
+test "Redirect mail loop (sieve_user_email)" {
+ redirect "cras@example.net";
+
+ if not test_result_execute {
+ test_fail "failed to execute redirect";
+ }
+
+ if test_message :smtp 0 {
+ test_fail "failed to recognize mail loop";
+ }
+}
+
+/*
+ * Redirect mail loop (final recipient)
+ */
+
+test_result_reset;
+test_set "message" text:
+X-Sieve-Redirected-From: timo@example.net
+From: stephan@example.org
+To: tss@example.net
+Subject: Frop!
+
+Frop!
+.
+;
+test_set "envelope.from" "sirius@example.org";
+test_set "envelope.to" "timo@example.net";
+test_set "envelope.orig_to" "tss@example.net";
+
+test_config_reload;
+
+test "Redirect mail loop (final recipient)" {
+ redirect "cras@example.net";
+
+ if not test_result_execute {
+ test_fail "failed to execute redirect";
+ }
+
+ if test_message :smtp 0 {
+ test_fail "failed to recognize mail loop";
+ }
+}
+
+/*
+ * Redirect mail loop (multiple headers)
+ */
+
+test_result_reset;
+test_set "message" text:
+X-Sieve-Redirected-From: stephan@example.net
+From: stephan@example.org
+To: tss@example.net
+Subject: Frop!
+X-Sieve-Redirected-From: t.sirainen@example.net
+X-Sieve-Redirected-From: t.sirainen@example.com
+
+Frop!
+.
+;
+test_set "envelope.from" "sirius@example.org";
+test_set "envelope.to" "timo@example.net";
+test_set "envelope.orig_to" "tss@example.net";
+
+test_config_set "sieve_redirect_envelope_from" "user_email";
+test_config_set "sieve_user_email" "t.sirainen@example.net";
+test_config_reload;
+
+test "Redirect mail loop (sieve_user_email)" {
+ redirect "cras@example.net";
+
+ if not test_result_execute {
+ test_fail "failed to execute redirect";
+ }
+
+ if test_message :smtp 0 {
+ test_fail "failed to recognize mail loop";
+ }
+}
++++++ dovecot-2.3-pigeonhole-0.5.5.tar.gz -> dovecot-2.3.6.tar.gz ++++++
/work/SRC/openSUSE:Factory/dovecot23/dovecot-2.3-pigeonhole-0.5.5.tar.gz /work/SRC/openSUSE:Factory/.dovecot23.new.5148/dovecot-2.3.6.tar.gz differ: char 5, line 1