Import Bruce Guenter's qmail-qfilter #227
Conversation
schmonz
requested review from
DerDakon,
josuah,
leahneukirchen and
mbhangui
as code owners
There was a problem hiding this comment.
Should there also be a change to COPYRIGHT?
This would get added at the time of a new release maybe.
It is really good that there are well-established filtering mechanism, that saves us to add our own, and will permit many changes without patches, maintained as "plugins" or "filters".
Result of make brokemaster BRANCH=schmonz-qmail-qfilter-osf on https://github.com/josuah/notqmail-patch:
schmonz-qmail-qfilter-osf broke ext-todo
schmonz-qmail-qfilter-osf broke smtp-tls
smtp-tls: failed hunks
Makefile
@@ -781,7 +781,7 @@
forward preline condredirect bouncesaying except maildirmake \
maildir2mbox install instpackage instqueue instchown \
instcheck home home+df proc proc+df binm1 binm1+df binm2 binm2+df \
-binm3 binm3+df
+binm3 binm3+df update_tmprsadh
load: \
make-load warn-auto.shhier.c.rej:
@@ -144,6 +144,7 @@
c(auto_qmail,"bin","except",auto_uido,auto_gidq,0755);
c(auto_qmail,"bin","maildirmake",auto_uido,auto_gidq,0755);
c(auto_qmail,"bin","maildir2mbox",auto_uido,auto_gidq,0755);
+ c(auto_qmail,"bin","update_tmprsadh",auto_uido,auto_gidq,0755);
c(auto_qmail,"man/man5","addresses.5",auto_uido,auto_gidq,0644);
c(auto_qmail,"man/cat5","addresses.0",auto_uido,auto_gidq,0644);big-todo: failed hunks
qmail-send.c:
@@ -1255,8 +1256,7 @@
char ch;
int match;
unsigned long id;
- unsigned int len;
- direntry *d;
+ int z;
int c;
unsigned long uid;
unsigned long pid;
@@ -1267,32 +1267,26 @@
if (flagexitasap) return;
- if (!tododir)
+ if (!flagtododir)
{
if (!trigger_pulled(rfds))
if (recent < nexttodorun)
return;
trigger_set();
- tododir = opendir("todo");
- if (!tododir)
- {
- pausedir("todo");
- return;
- }
+ readsubdir_init(&todosubdir, "todo", pausedir);
+ flagtododir = 1;
nexttodorun = recent + SLEEP_TODO;
}
- d = readdir(tododir);
- if (!d)
+ switch(readsubdir_next(&todosubdir, &id))
{
- closedir(tododir);
- tododir = 0;
- return;
+ case 1:
+ break;
+ case 0:
+ flagtododir = 0;
+ default:
+ return;
}
- if (str_equal(d->d_name,".")) return;
- if (str_equal(d->d_name,"..")) return;
- len = scan_ulong(d->d_name,&id);
- if (!len || d->d_name[len]) return;
fnmake_todo(id);
|
I'm extremely happy (@josuah, I don't have the words, but at least "thank you") to find out immediately that this would break |
|
I agree that I do still worry about
As usual, I’m not quibbling about what needs doing, only about the ordering. My thinking on this, right now, is:
Post-1.09, I’m all for writing tests around |
|
I would squash the second commit into the first, and note what you have done in the commit message. That way these files don't clutter the git history forever. |
|
And one other thing that I just found: the first commit should really just be authored by Bruce. Since @schmonz did the actual commit he will show up in history as the one who introduced that code into the repo. End of story (Co-authors could be used for people helping write the original codebase). People that helped with this import should get co-author status for the following cleanups. |
schmonz
force-pushed
the
schmonz-qmail-qfilter-osf
branch
2 times, most recently
from
f06c05c
to
b98f098
Compare
|
I've rewritten the PR so it consists of
Since the code is very nearly identical to what many of us have been running in production for many years, I'm assuming we're comfortable deferring further cleanups to the code, all of which I've noted locally for later ("later" == after 1.09 and after we have automated tests). Does anyone have any doubts or concerns on the license front? Or could this be mergeable? |
schmonz
force-pushed
the
schmonz-qmail-qfilter-osf
branch
from
202c30d
to
06d121d
Compare
|
Updates:
Assuming Bruce can relicense qmail-qfilter without too much delay, I'll wait for that, then update this PR to remove the GPLv2 bits and catch up with the latest version. |
schmonz
force-pushed
the
schmonz-qmail-qfilter-osf
branch
3 times, most recently
from
f791a11
to
03c3cfd
Compare
From qmail-qfilter.git at commit 795718fe819266df3a363519231f513a8e882f9e (the newest available on master).
Co-authored-by: Amitai Schleier <schmonz-web-git@schmonz.com> Co-authored-by: Astrid Sawatsky <astrid.sawatzky@gmx.de> Co-authored-by: Evan Theriault <evanontario@hotmail.com> Co-authored-by: Jacqueline Bilston <jmasonlee@gmail.com> Co-authored-by: Joel Samaroo <xsamarjoex@gmail.com> Co-authored-by: Patrick Ledzian <LiveActionCactus@users.noreply.github.com> Co-authored-by: Trung Vo <ttrung.vo@gmail.com> Co-authored-by: Yevhen Viktorov <y3vg3nk0@gmail.com>
schmonz
force-pushed
the
schmonz-qmail-qfilter-osf
branch
from
7015b72
to
0603868
Compare
This has been done 😁 |
There was a problem hiding this comment.
I think we should put those things "marked for future cleanups", at least the missing range checks and such, right into this branch. Or we flood @bruceg with PRs cleaning up all these and then just merge the latest version. Whatever works best ;)
| { | ||
| const char* env; | ||
| size_t offset; | ||
| if ((env = mmap(0, env_len, PROT_READ, MAP_PRIVATE, ENVIN, 0)) == MAP_FAILED) |
| static size_t msg_len = 0; | ||
|
|
||
| /* Parse the sender address into user and host portions */ | ||
| size_t parse_sender(const char* env) |
There was a problem hiding this comment.
This whole functions has a fundamental issue if the input is not "sane", i.e. if the data that is mmap'ed is not 0-terminated. In this case the strlen() below will run out of bounds and likely crash. The length passed to mmap will need to be passed to this function, and to parse_rcpts() as well so one can replace the strlen(env) by memchr(env, 0, envlen).
There was a problem hiding this comment.
I tried to address this upstream in bruceg/qmail-qfilter#4
| /* Create a temporary invisible file opened for read/write */ | ||
| int mktmpfile() | ||
| { | ||
| char filename[sizeof(TMPDIR)+19] = TMPDIR "/fixheaders.XXXXXX"; |
There was a problem hiding this comment.
The size of the buffer is not needed, when it is initialized it will automatically get the correct size. This will as well remove the magic 19.
| command* tail = 0; | ||
| command* head = 0; |
|
|
||
| filters = parse_args(argc-1, argv+1); | ||
|
|
||
| if ((qqargv[0] = getenv("QQF_QMAILQUEUE")) == 0) |
One of the blockers for releasing notqmail 1.09 is that in 1.08 we introduced a regression in how recipient addresses are qualified. We probably could have avoided the mistake if there'd been tests around that code, and before we try to fix it we'll want those tests in place.
With the in-tree tools currently available, there's no way to test the recipient-address qualification code without also creating and manipulating an on-disk mail queue. We'd like to avoid that integration point, and we can accomplish this by importing qmail-qfilter.
Besides its utility in tests,
qmail-qfilterhas been a staple of many qmail administrators' production environments for well over a decade, and its design (along with the QMAILQUEUE patch we've had since 1.07) feels like something qmail should have always included. In conjunction with the custom-error patch already merged,qmail-qfilterwill finally provide our users with a no-patching-required Unix-filter API for programmatically modifying or rejecting messages during the SMTP conversation.Besides its utility in production, having
qmail-qfilterin-tree provides a needed building block for future functionality.