* adds compatibility for dovecots maildir
* adds role for installing debian backports
* installs newer version of dovecot 2.2.* from debian backports
* in newer versions of dovecot >= 2.2.31 cache index corruption
is fixed
* adds note in README.md
* adds POP3 functionality
* creates testsetup with mariadb,postfix,dovecot,trees
* for further information see vagrant/README.md
* only works with pwhash_algo 0 yet
* see limitations in vagrant/README.md
When looking at the header in an istream source, request from the parent
the HEADER_SIZE which contains the magic value and the version.
Else, it is possible to only have the MAGIC_SIZE and thus failing to
read the version.
This has been observed on Riseup email infrastructure leading to a
Permission denied to open the mbox because of the unknown version:
Error: [trees] Unknown version 0. Supporting 1 to 1
Signed-off-by: David Goulet <dgoulet@riseup.net>
Fetched from the database, if this value is set and valid that is a 64
characters long HEX string decoded to a 32 bytes secret key, we go
directly to the secretbox opening by passing the password hashing.
This is useful for SSO support or/and secret key cache mechanism.
Ref #14
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
This value is fetched from the database and used to decide with
libsodium pwhash algorithm must be used for the account.
Untested for now but any future commit will fix issues if any.
Fixes#12
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
The transition from assert() to if() used the wrong comparaison making
the plugin to not work.
Fixes#10
Signed-off-by: David Goulet <dgoulet@riseup.net>
The overflow check should use SSIZE_MAX since the function returns the
chunk_size of size_t which in theory "could be" bigger but in practice
very unlikely.
Reported-by: Tomasz Miąsko <tomasz.miasko@gmail.com>
Signed-off-by: David Goulet <dgoulet@riseup.net>
Properly handle the returned value of o_stream_send() so we make sure
the entire header was sent else error on that.
Reported-by: Tomasz Miąsko <tomasz.miasko@gmail.com>
Signed-off-by: David Goulet <dgoulet@riseup.net>
In trees_ostream_send_chunk result of o_stream_send was not checked for
errors, and function always returns chunk_size it was given. Instead,
properly set the errno value from the parent stream and return an error.
Reported-by: Tomasz Miąsko <tomasz.miasko@gmail.com>
Signed-off-by: David Goulet <dgoulet@riseup.net>
Tomasz Miąsko reported multiple issues with the trees_read_line_fd using
the trees_password_fd field. It is currently unused which used to be
used by the unit tests and dovadm in the Posteo scrambler plugin.
The issues are:
In trees_read_line_fd(), this check is bad:
if (bytes_read > MAXIMAL_PASSWORD_LENGTH)
Currently it is incorrect because when "bytes_read >
MAXIMAL_PASSWORD_LENGTH" is true, then buffer capacity is already
exceeded (or just right if you take into account one byte slack
allocated in str_new for terminating null). Moreover, the buffer
will be overrun by one more byte in "pointer[0] = 0;" after leaving
the loop.
Reported-by: Tomasz Miąsko <tomasz.miasko@gmail.com>
Signed-off-by: David Goulet <dgoulet@riseup.net>
Those files were useful for the old scrambler version made by Posteo
found here https://github.com/posteo/scrambler-plugin.
Now, the plugin has considerably changed thus all those aren't needed
anymore.
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
This version is extracted from the user data and put in the email header
but currently not used at all.
Future version will probably use it in order to do different actions
based on that value.
Currently version should be a 1.
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
