summaryrefslogtreecommitdiffstats
path: root/usr.sbin/smtpd/queue_backend.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* When deleting a message, remove associated envelopes from the cache,eric2016-02-041-1/+14
| | | | | | if any (it happens when a message transaction is cancelled). ok gilles@ sunil@
* remove spaces after '!'jung2015-12-281-5/+5
| | | | | | no binary change ok millert
* remove trailing whitespacejung2015-12-141-3/+3
| | | | ok sunil gilles
* Implement smtpctl uncorrupt <msgid>sunil2015-11-051-1/+14
| | | | | | | | | | | | | | "uncorrupt" moves envelopes from corrupt bucket back to the queue for further discovery by the daemon. After correcting the corrupt envelopes, admin could now... # smtpctl uncorrupt msgid # smtpctl discover msgid to schedule the messages. Ok gilles@
* Do not terminate message walk on a corrupt envelope.sunil2015-11-051-2/+2
| | | | Ok gilles@
* Implement smtpctl discover <evpid|msgid>.sunil2015-10-291-1/+50
| | | | | | | | | | discover subcommand schedules envelopes manually moved to the queue. It triggers a queue walk searching for envelopes with the given id, schedules them and informs the user number of envelopes scheduled. Admins no longer would need to restart the daemon to discover manually moved messages. Ok gilles@
* turn our local enqueuer setgid _smtpq and restrict access to offline queue,gilles2015-10-091-2/+8
| | | | | | | | | the enqueuer will revoke group and regain real gid right after mkstemp. this would have prevented the symlink/hardlink attacks against offline, and it will avoid having to deal with new ways users can mess with it. ok eric@, ok millert@
* use <limits.h> comprehensively. For now try to push <> includes toderaadt2015-01-201-2/+2
| | | | | | each .c file, and out of the .h files. To avoid overinclude. ok gilles, in principle. If this has been done right, -portable should become easier to maintain.
* Replace <sys/param.h> with <limits.h> and other less dirty headers wherederaadt2015-01-161-4/+5
| | | | | | | | | possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
* no need for arc4random_uniform() here, arc4random() does the jobgilles2014-12-081-3/+3
| | | | spotted by deraadt@, ok eric@
* various queue improvements:eric2014-07-081-12/+23
| | | | | | | - add a "close" hook to the backend API. - improve the sync() pattern in queue_fs: only sync at commit time and not for every envelope creation - various fixes to the experimental external queue API.
* Allow to enable profiling at runtime and fix timings output.eric2014-07-071-4/+3
| | | | ok gilles@
* fix a use after free in an error pathjsg2014-04-111-1/+5
| | | | ok gilles@
* print the correct user name if SMTPD_QUEUE_USER is missinghalex2014-03-141-2/+2
| | | | ok tedu@
* When failing to find the required privsep user entry, it is not cool atderaadt2014-03-131-3/+1
| | | | | all to fall back to a different user entry. It is decidedly unsafe. ok tedu.
* %i -> %d in format stringseric2013-10-261-12/+12
|
* Assorted queue improvements:eric2013-07-191-30/+248
| | | | | | | | | - cleanup the internal queue backend API and get rid of the QOP_* thing. - implement a queue_proc backend - rename queue_fsqueue.c to queue_fs - enable support for queue encryption - add an envelope cache - better logging and error reporting
* Get rid of env->sc_pw and env->sc_pwqueue. Early queue initializationeric2013-07-191-3/+25
| | | | | | | now happens in queue_init(), and backends take the queue passwd as parameter in their init function. Remove useless SMTPD_FILTER_USER while there.
* sync with OpenSMTPD 5.3.2eric2013-05-241-22/+117
| | | | ok gilles@
* large time_t problemsderaadt2013-04-171-3/+3
| | | | ok gilles
* Sync with our smtpd repo:gilles2013-01-261-80/+111
| | | | | | | | | | | | | | | | | | | | | | * first bricks of ldap and sqlite support (not finished but both working) * new table API to replace map API, all lookups are done through tables * improved handling of temporary errors throughout the daemon * improved scheduler and mta logic: connection reuse, optimizes batches * improved queue: more tolerant to admin errors, new layout, less disk-IO * improved memory usage under high load * SSL certs/keys isolated to lookup process to avoid facing network * VIRTUAL support improved, fully virtual setups possible now * runtime tracing of processes through smtpctl trace * ssl_privsep.c sync-ed with relayd * ssl.c no longer contains smtpd specific interfaces * smtpd-specific ssl bits moved to ssl_smtpd.c * update mail address in copyright FLUSH YOUR QUEUE. FLUSH YOUR QUEUE. FLUSH YOUR QUEUE. FLUSH YOUR QUEUE. smtpd.conf(5) simplified, it will require adaptations ok eric@
* Replace the qwalk API (to retreive on disk envelopes at runtime) witheric2012-11-231-23/+31
| | | | | | | a simple QOP_WALK queue operation. Some knf and formating fixes while there. ok gilles@
* Cleanups and improvements:eric2012-11-121-2/+2
| | | | | | | | | | | | | | | | | | | | * Log more events (especially client session) and use a better scheme for that: each messages is prefixed with a token to easily identify its class: - info/warn/debug: general server messages - smtp-in: smtp client connections - relay: status update for relayed messages - delivery: status update for local deliveries * Implement "smtpctl monitor" to display updates of selected internal counters. * When reloading the on-disk queue at startup do not commit a message if no envelope was submitted for that message. * Remove unused stuff in the config parser. ok gilles@
* fix a FILE* leak when using compression.eric2012-10-091-11/+17
| | | | ok gilles@
* - remove crypto_backendgilles2012-09-011-55/+2
| | | | | | | - remove support for encrypted queue, it will be reintroduced later after pouring more thinking into it if you had it enabled, flush your queue before updating
* switch compress_backend to use FILE * instead of file descriptors, likechl2012-08-301-15/+19
| | | | | | crypto_backend ok gilles@
* fix uninitialized variable which can be reach in case of failure.chl2012-08-301-2/+2
| | | | ok gilles@
* Introduce the crypto_backend API and provide support for... encrypted queuegilles2012-08-291-24/+38
| | | | | | | | | | | | | | | | using the new API. By default, OpenSMTPD does not provide queue encryption, but it can be enabled with "queue encryption [args]" and will transparently encrypt/decrypt envelopes/messages as they hit the queue. By default, it will use Blowfish in CBC mode with a different random IV for each envelope and message. User provided key is expanded using sha256 but a different cipher and digest may be specified in smtpd.conf Queue encryption is compatible with compression and if both options are set it will do them in correct order and transparently. tested by chl@, a few users and myself ok chl@ and I
* - remove unused variablegilles2012-08-261-3/+3
| | | | - comment variables unused at this time
* Add compress_backend, allowing compression of messages and envelopes in the queue.chl2012-08-251-5/+140
| | | | | | | | To use it, just add "queue compress" in smtpd.conf. For now, only zlib is used. lots of feedback from eric@ and gilles@ ok eric@ gilles@
* envelope_validate() don't take the evpid anymore.eric2012-08-241-2/+2
|
* In envelope ascii dump/load:chl2012-08-241-6/+3
| | | | | | | | | | | - remove loading of evpid. - don't dump the msgid - ignore msgid at load - remove now unused functions ascii_{dump,load}_uint{32,64}_hex() With inputs from eric@ and gilles@ ok gilles@ eric@
* Don't pass struct envelope pointer in queue backend API, instead use envelope id andchl2012-08-241-6/+38
| | | | | | an envelope ascii buffer. ok eric@ gilles@
* coding style: replace all occurences of u_int* with uint*chl2012-08-191-19/+19
| | | | ok eric@
* backout the:chl2012-07-101-2/+3
| | | | | | | | | | | | - remove the /envelopes subdirectory, envelopes are at the same level than the message file - kill PATH_ENVELOPES define but keep the: - reduce the number of buckets from 0xfff to 0xff, this avoid performances of the queue to decrease when we start having tons of buckets ok eric@ gilles@
* first step of simplifying fsqueue:gilles2012-07-091-3/+2
| | | | | | | | | | | | | - remove the /envelopes subdirectory, envelopes are at the same level than the message file - kill PATH_ENVELOPES define - reduce the number of buckets from 0xfff to 0xff, this avoid performances of the queue to decrease when we start having tons of buckets this diff introduces a change to the queue layout, you will want to empty your queue before updating. more cleanup to come ok eric@, ok chl@
* remove enum queue_kind from queue_fsqueue.c.chl2012-07-081-2/+39
| | | | | | | | | | incoming messages are now always stored in /incoming, whatever the queue_backend is. remove QOP_FD_RW and fsqueue_message_fd_rw(). while there check return value of generated paths before calling rmtree() with advice from gilles@ and eric@ ok gilles@ eric@
* Lookup queue and scheduler backends by name, rather than enum.eric2012-07-021-9/+3
| | | | | | Add a command-line option to specify the backend to use at runtime. ok gilles@
* Finally get rid of the queue_kind enum in the queue API. Keep thateric2012-06-201-23/+23
| | | | | | | | | internally in fsqueue backend for now, and let the fsqueue_message() and fsqueue_envelope() dispatchers do the right thing. Based on a diff by chl@ ok chl@ gilles@
* add missing header needed by time()chl2012-06-081-1/+2
| | | | ok eric@ gilles@
* Do not store the envelope id within the envelope, only the message id.eric2012-06-031-9/+8
| | | | | | Make sure existing envelopes can be properly loaded. ok chl@ gilles@
* on envelope creation, setup and reset the relevant envelope fields ineric2012-06-011-2/+10
| | | | | | the wrapper function rather than in individual backends. ok gilles@
* Add missing header needed by PRI format stringchl2012-01-141-1/+2
| | | | ok gilles@ eric@
* queue_message_purge() and queue_message_delete() are actually the sameeric2012-01-131-7/+1
| | | | | | | | thing. Remove queue_message_purge() in favor of queue_message_delete and simplify fsqueue_message_delete() implementation to move the message dir to purge/ ok gilles@
* On envelope creation, get the message id in a saner way than theeric2011-12-231-2/+1
| | | | | | current confusing hack. ok gilles@
* fix/improve envelope_validate():eric2011-12-191-21/+27
| | | | | | | | | | | - return an informative error string if the envelope is invalid. - take the envelope id as a parameter and make sure it matches. - do not expect the errorline to start with an SMTP response code, as this is not always the case: a temporary failure with mda would cause the envelope to be marked as corrupted. Instead, just make sure that all string fields are actual strings to prevent overflows later. ok gilles@ chl@
* simplifyeric2011-12-161-9/+5
| | | | ok chl@ gilles@
* make queue_fsqueue backend consistent with the backend scheme.eric2011-12-141-25/+9
| | | | ok gilles@
* Qwalk, our API to linearly walk over the persistent queue, did not take thegilles2011-11-151-2/+61
| | | | | | | | | | | | | | | | | | | | | | queue_backend into account and assumed a filesystem with a specific layout. This commit does plenty of things: - make qwalk an abstraction in the queue_backend API, and impose queue drivers to implement qwalk_open(), qwalk() and qwalk_close(); - move previous qwalk_open(), qwalk() and qwalk_close() to the fsqueue driver since they were fsqueue specific ... - make qwalk API work with msgid/evpid instead of pathnames since we're going to use the queue_backend API to load envelopes by evpid anyway; - makes smtpd use *solely* the queue_backend API when manipulating the queue. pathnames were removed from smtpd.h and moved into the fsqueue which means we can now store a queue anywhere ... as long as we write the ten functions or so required for a queue driver ;-) ok eric@, ok chl@
* introduce Q_CORRUPT and queue_backend operation to move a message fromgilles2011-10-231-1/+7
| | | | | | schedule queue to corrupt queue upon envelope loading failure. tested by me, ok eric@
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.