The Linux tests under the Cirrus CI are currently brittle due to
environmental issues. They're also redundant, since Linux testing is
much better covered by the GitLab CI tests.
So this patch removes them, which removes the false positives and speeds
up the Cirrus CI runs.
This patch does a general pass updating Go modules to recent versions,
and regenerates the protobufs accordingly.
The main purpose is to make sure people building from source are using
relatively recent versions of our dependencies.
We also regenerate protobufs since the newer versions of the liberaries
have a much cleaner dependency tree, which speeds up fetches.
When we fail to check if a user exists, we currently return a permanent
error, which can be misleading and also make things more difficult to
troubleshoot.
This patch makes chasquid return a temporary error in that case.
Thanks to Thor77 (thor77@thor77.org) for suggesting this change.
Currently, chasquid attempts to auto-detect dovecot sockets when
starting up (if needed). If autodetection fails, chasquid emits an
error, continues serving, and never tries again.
This can be problematic if chasquid starts up before dovecot, and at the
time the dovecot sockets are not present (e.g. after a reboot). In that
case, chasquid will not use dovecot for authentication even after
dovecot has started.
This patch changes the autodetect logic, by doing autodetection at
startup and on each request, until we find a working pair of sockets.
Once we do, they're used consistently.
That way, if dovecot is not ready when chasquid starts, it's not a
problem and chasquid will start using dovecot once it becomes available.
Thanks to Thor77 (thor77@thor77.org) for reporting and helping
troubleshoot this issue.
There's a known issue in versions 0.07 to 1.5 where the post-data hook
invocation can fail if the dkimsign binary exists, due to a bug in the
post-data hook check.
This was fixed by commit b6248f3, but it is found on occasion since the
current Debian stable ships 0.07, and Ubuntu 20.04 LTS ships 1.2.
So this patch adds it to the known issues list.
It's common that people running old releases (for example, because of
their Linux distribution version) run into issues that have already been
fixed.
It can be convenient to have a list of the most common known issues and,
when available, their workarounds.
This patch creates the documentation page for them, currently empty. It
will be filled in subsequent patches.
This patch adds a new link to the RBL checking suggestion, since the
existing one doesn't work with IPv6, and it's important to get good
coverage.
While at it, it also fixes the path to mda-lmtp, which was wrong before.
In commit 5305d584 we fixed an issue with the way the Docker image
adds the "hostname" option to chasquid.conf.
Currently, the Docker entrypoint sets the "hostname" option in
chasquid.conf if it's missing.
That works fine, except when there is a configuration change and the
domain is removed. In that case, the hostname option will have a stale
value, forcing the user to re-create the container, which can be
cumbersome.
This patch fixes the issue by unconditionally setting the hostname
option to one of the available domains at the time of start up.
Thanks to Jaywann@github for finding and reporting this problem on
https://github.com/albertito/chasquid/issues/16, and suggesting an
alternative fix!
In Go 1.16, "go get" on non-module paths now require an explicit version
to point to. Without a specific version, the invocation fails.
See https://golang.org/doc/go1.16#go-command for more details on the
change.
The test Dockerfile uses "go get" to fetch driusan/dkim's binaries, used
for integration testing.
So this patch adjusts the Dockerfile to fetch the latest version.
When the chasquid docker container is restarted, entrypoint.sh will add
the hostname again, even if it is present.
This causes chasquid to fail to start due to the duplicated option
(`non-repeated field "hostname" is repeated`).
Thanks to Jaywann@github for finding and reporting this problem, on
https://github.com/albertito/chasquid/issues/16.
This patch fixes the issue by only adding the option if it isn't already
present.
The docopt-go library is quite convenient, but it has been abandoned for
a while :(
Since we only use it for chasquid-util, this patch removes it and
replaces it with a custom small parser, that is a reasonable fit for the
required use cases.
The patch also adds a couple of tests to increase coverage.
NOTE: docopt-go accepted some undocumented behaviour, in particular the
use of "-a b" instead of "-a=b". The new parser does not, so some
user scripts may require updating.
I think this should be rare enough not to be worth the complexity of
adjusting the parser to allow it.
This patch adds a minor test to dovecot-auth-cli to verify that the
check for invalid number of arguments is working as expected.
It's mostly for consistency, as the utility is only used for testing
purposes.
The image jobs should only run if there are valid credentials for
pushing the images to the respective registries, to avoid false
negatives in the test pipeline.
This can happen when the gitlab CI is run on projects that aren't set up
to push docker images, either because they're clones of the official
repo, or they are under a different gitlab instance (e.g. Debian's
salsa).
We do it by using a "rules:if" clause on specific variables:
- for Docker, $DOCKER_REGISTRY_USER which is set externally
- for GitLab, $CI_REGISTRY_IMAGE which has the address of the registry
tied to the project.
Note that for GitLab we can't use the credentials for conditional
execution directly, since they are "persisted variables" which are not
available in this context (see [1] for more details). The
$CI_REGISTRY_IMAGE should be good enough to determine whether image
registry is enabled for the repo.
[1]: https://docs.gitlab.com/ee/ci/variables/where_variables_can_be_used.html#persisted-variables
fexp is a testing utility, including it in the regular Go build confuses
some automation as it can think it's part of chasquid proper.
All other testing utilities are ignored via the "+build ignore"
annotation for this reason, so this patch adds it to fexp to fix this
issue.
The haproxy test config includes an obsolete "debug" entry, and is
missing some timeouts which, while harmless in this context, cause a
warning that can be confusing.
This patch fixes the debug entry by running haproxy -d as recommended,
and adds the essential timeouts to avoid the warning.
To debug test failures, it can be convenient to explore the contents of
the test directories after the test runs, as they contain logs and
generated files.
This patch configures the GitLab CI to export the repo tree (which
includes the test directory) as GitLab CI artifacts, so they can be
easily accessed after the tests have completed.
This patch implements support for incoming connections wrapped in the
HAProxy protocol v1.
This is useful when running chasquid behind a HAProxy server, as it
needs the original source IP to perform SPF checks.
This patch is a reimplementation of one originally provided by Denys
Vitali in pull request #15, except the logic for the protocol handling
is moved to a new package, and the smtpsrv.Conn handling of the source
IP is simplified.
It is marked as experimental for now, since we want to give it a bit
more exposure just in case the option/api needs adjustment.
Thanks a lot to Denys Vitali (@denysvitali in github) for sending the
original patch for this, and helping test it!
This makes it more clear how to specify which domain the user being
operated on is the sub-command targeting when using `--help`.
Amended-by: Alberto Bertogli <albertito@blitiri.com.ar>
Update code to match the updated parameter name.
Allows terminating chasquid via the network. Useful to trigger a restart
(if there is an init system to relaunch chasquid) and thus reload certificates.
Amended-by: Alberto Bertogli <albertito@blitiri.com.ar>
Added tests, and adjusted shutdown sequence.
This patch removes the dependency on wget for fetching content over
http, which was used in one of the tests to do some checking on debug
and metric pages, as well as loop detection.
Instead of wget, we now use a small built-in utility called fexp.
This patch renames courier.Procmail to courier.MDA, to make it more
obvious that the functionality is not tied to that particular MDA.
It's just for readability, there are no functional changes.
Some utilities might want to access the EHLO/HELO domain in the
post-data hook (for example, to do additional SPF validations).
This patch implements that support, including sanitizing the EHLO domain
on the environment variable to reduce the risk of problems.
The EHLO parameter is generally referred to as "domain", even though it
can take either a domain or an address.
For clarity, rename the variable and comments to match.
This is stylistic only, there are no functional changes.
This patch updates and extends the links to the distribution packages,
referencing them from the README (it's more likely to be what the reader
wants to see), and also extending the Arch packaging with binary package
information.
The queue protobuf definition currently uses the well-known timestamp
protobuf package.
This adds a build-time dependency on it, which is fairly harmless when
building from source (since the golang protobuf compiler includes it
already), but adds overhead for packaging on distributions.
Since this is the only external proto dependency we have, and the
protobuf message itself is trivial, this patch removes it an instead
embeds a compatible definition.
That way we remove the dependency and simplify packaging, with almost
negligible code overhead.
The change is fully backwards compatible and has no functional changes.
This patch makes chasquid's monitoring server expose an OpenMetrics
metrics endpoint.
It adds a new package "expvarom" which implements an HTTP handler that
exports expvar variables in the OpenMetrics text format.
Then, the handler is registered by the monitoring server at /metrics
(where most things expect it to be).
The existing exported variables are also extended with descriptions,
which is optional, but improves the readability of the metrics.
When testing the debugging pages, do a quick check to verify that the
returned pages are not empty.
This covers the case where a template fails to execute at runtime, and
without this change it wouldn't be caught by tests.
The documentation is now available directly at
https://blitiri.com.ar/p/chasquid/, so remove the /docs/ suffix from the
links in the README.
The /docs/ variant will continue to be functional for a while anyway.
This patch improves the organization of the monitoring index page:
- Include the hostname (both OS and configured) for convenience.
- Round the uptime presentation for readability.
- Add a tiny CSS for consistency with the traces.
- Re-arrange the list of links for readability.
The dovecot-auth-cli binary can be useful to debug and troubleshoot
dovecot auth issues.
This patch adds a small help message to make it easier for users to
understand how to use it.
This patch makes protoio use the new protobuf API for
marshalling/unmarshalling text protobufs, as well as extends the tests
to cover marshalling failures.
The protobuf text output is not stable/deterministic and some spaces are
added randomly, so some integration tests have to be adjusted to account
for it.
The default hook will use rspamc (the command-line client of rspamd) if
it is installed. rspamc will emit one suggested action, and then the
hook will interpret it and return accordingly.
Because the possible actions returned by rspamc are user-configured,
this patch adds a comment to make it clear that the hook will need
adjustment if the configuration uses non-default actions.
In particular, the greylisting module (which usually handles the
"greylist" action) is not run when using rspamc. This can cause
unnecessary rejections and is quite misleading.
This patch removes the "greylist" action handling; now the default hook
will only reject mail once it reaches rspamd's configured threshold for
direct rejection.
In the future, a more custom integration with rspamd might be added to
allow for rspamd-based greylisting, but until then this is a more
reasonable default.
Thanks to Jonas Seydel (thor77) and Max Mazurov (fox.cpp@disroot.org)
for noticing this issue, helping investigate, and discussing the course
of action.
When checking if the dkimsign command exists, the default hook doesn't
redirect the output to /dev/null, so if the command is present it will
emit unwanted output (interpreted as message headers, as expected).
This patch adds the missing redirection.
Amended-by: Alberto Bertogli <albertito@blitiri.com.ar>
Extended commit message.
This patch updates the modules to blitiri.com.ar/go/systemd v1.1.0.
There are no significant changes, but it's the first version which
supports go modules.
This patch adds support for writing maillog to stdout and stderr, which
can be desirable in certain environments.
Thanks to Denys Vitali <denys@denv.it> who sent an alternative patch for
this functionality.
When we can't authenticate due to a transient issue, for example if we
rely on Dovecot and it is not responding, we should use a differentiated
error code to avoid confusing users.
However, today we return the same error code as when the user enters the
wrong password, which could confuse users as their MUA might think their
credentials are no longer valid.
This patch fixes the issue by returning a differentiated error code in
that case, as per RFC 4954.
Thanks to Max Mazurov (fox.cpp@disroot.org) for reporting this problem.
This patch updates the modules to blitiri.com.ar/go/spf v1.1.0.
There are no significant changes, but it's the first version which
includes go modules.
This makes it possible to manage chasquid logs using logrotate.
Amended-by: Alberto Bertogli <albertito@blitiri.com.ar>
Added tests, minor style and comment changes.
In preparation for supporting log rotation, this patch makes the maillog
package to use blitiri.com.ar/go/log instead of its own writer.
Some of the tests are made more strict, to better test the log format.
Amended-by: Alberto Bertogli <albertito@blitiri.com.ar>
Fixed build, extended commit message, adjusted to the log options
API, and added tests.
This patch updates the modules to blitiri.com.ar/go/log v1.1.0.
That version includes new APIs we will rely on in subsequent patches.
They are experimental but it should be fine for our case, and we can
adjust if they change.
