burble.dn42/emailrelay
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

v2.3.1

Browse Source
This commit is contained in:
Graeme Walker 2022-07-14 12:00:00 +00:00
parent 2538008bc2
commit 2f62c8361e
43 changed files with 836 additions and 273 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
ChangeLog
View File

@ -1,11 +1,17 @@
E-MailRelay Change Log
======================
2.3 -> 2.3.1
------------
* Hourly log file rotation using "%h" (eg. "--log-file=log.%d.%h").
* TLS key and certificate files can be specified separately.
* Fixed error handling for network client filters ("--client-filter=net:...") [bug-id #50].
2.2 -> 2.3
----------
* Unix domain sockets supported (eg. "--interface=/tmp/smtp.s").
* Windows event log not used for verbose logging (prefer "--log-file").
* New admin 'forward' command to trigger forwarding without waiting.
* New admin "forward" command to trigger forwarding without waiting.
* Optional base64 encoding of passwords in secrets files ("plain:b").
* Support for MbedTLS version 3.

4
NEWS
View File

@ -1,5 +1,7 @@
News
----
Version 2.3 is a relatively minor release. The main functional change is to
support unix domain sockets. Non-functional code changes include better
support unix domain sockets. Non-functional code changes include better
separation of interface and implementation in the SMTP message store.
Version 2.3.1 is a point release principally to fix bug-id #50.

2
VERSION
View File

@ -1 +1 @@
2.3
2.3.1

2
bin/Makefile.am
View File

@ -17,6 +17,8 @@
example_scripts_static = \
emailrelay-bcc-check.pl \
emailrelay-check-ipaddress.js \
emailrelay-check-ipaddress.pl \
emailrelay-ldap-verify.py \
emailrelay-multicast.sh \
emailrelay-rot13.pl \

2
bin/Makefile.in
View File

@ -284,6 +284,8 @@ top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
example_scripts_static = \
emailrelay-bcc-check.pl \
emailrelay-check-ipaddress.js \
emailrelay-check-ipaddress.pl \
emailrelay-ldap-verify.py \
emailrelay-multicast.sh \
emailrelay-rot13.pl \

49
bin/emailrelay-check-ipaddress.js Executable file
View File

@ -0,0 +1,49 @@
//
// Copyright (C) 2001-2022 Graeme Walker <graeme_walker@users.sourceforge.net>
//
// Copying and distribution of this file, with or without modification,
// are permitted in any medium without royalty provided the copyright
// notice and this notice are preserved. This file is offered as-is,
// without any warranty.
// ===
//
// emailrelay-check-ipaddress.js
//
// An example "--filter" script for Windows that verifies the submitting
// client's IP address. The IP address is read from the envelope file.
// Invalid IP addresses are rejected by deleting the two message files and
// exiting with the special exit code of 100. Note that this checks the
// IP address very late in the submission process; a firewall or DNSBL check
// might work better.
//
try
{
var content = WScript.Arguments(0) ;
var envelope = WScript.Arguments(1) ;
var fs = WScript.CreateObject( "Scripting.FileSystemObject" ) ;
var ts = fs.OpenTextFile( envelope , 1 , false ) ;
var txt = ts.ReadAll() ;
ts.Close() ;
var re = new RegExp( "X-MailRelay-Client: (\\S*)" , "m" ) ;
var ip = txt.match(re)[1] ;
var ok = ip === "1.1.1.1" ; /// edit here
if( ok )
{
WScript.Quit( 0 ) ;
}
else
{
WScript.StdOut.WriteLine( "<<not allowed>>" ) ;
fs.DeleteFile( envelope ) ;
fs.DeleteFile( content ) ;
WScript.Quit( 100 ) ;
}
}
catch( e )
{
// report errors using the special <<...>> markers
WScript.StdOut.WriteLine( "<<error>>" ) ;
WScript.StdOut.WriteLine( "<<" + e + ">>" ) ;
WScript.Quit( 1 ) ;
}

52
bin/emailrelay-check-ipaddress.pl Executable file
View File

@ -0,0 +1,52 @@
#!/usr/bin/env perl
#
# Copyright (C) 2001-2022 Graeme Walker <graeme_walker@users.sourceforge.net>
#
# Copying and distribution of this file, with or without modification,
# are permitted in any medium without royalty provided the copyright
# notice and this notice are preserved. This file is offered as-is,
# without any warranty.
# ===
#
# emailrelay-check-ipaddress.pl
#
# An example "--filter" script that verifies the submitting client's IP
# address. The IP address is read from the envelope file. Invalid IP
# addresses are rejected by deleting the two message files and exiting
# with the special exit code of 100. Note that this checks the IP
# address very late in the submission process; a firewall or DNSBL
# check might work better.
#
use strict ;
use warnings ;
use FileHandle ;
$SIG{__DIE__} = sub { (my $e = join(" ",@_)) =~ s/\n/ /g ; print "<<error>>\n<<error: $e>>\n" ; exit 99 } ;
my %allow = (
"127.0.0.1" => 1 ,
"1.1.1.1" => 1 ,
# etc
) ;
my $content = $ARGV[0] or die "usage error\n" ;
my $envelope = $ARGV[1] or die "usage error\n" ;
my $fh = new FileHandle( $envelope ) or die "cannot open envelope file: $!\n" ;
my $txt ;
{
local $/ = undef ;
$txt = <$fh> ;
}
my ( $ip ) = ( $txt =~ m/X-MailRelay-Client: (\S*)/m ) ;
if( $allow{$ip} )
{
exit( 0 ) ;
}
else
{
print "<<not allowed>>\n<<not allowed: $ip>>\n" ;
unlink( $content ) ;
unlink( $envelope ) ;
exit( 100 ) ;
}

20
configure vendored
View File

@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
# Generated by GNU Autoconf 2.69 for E-MailRelay 2.3.
# Generated by GNU Autoconf 2.69 for E-MailRelay 2.3.1.
#
#
# Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc.
@ -577,8 +577,8 @@ MAKEFLAGS=
# Identity of this package.
PACKAGE_NAME='E-MailRelay'
PACKAGE_TARNAME='emailrelay'
PACKAGE_VERSION='2.3'
PACKAGE_STRING='E-MailRelay 2.3'
PACKAGE_VERSION='2.3.1'
PACKAGE_STRING='E-MailRelay 2.3.1'
PACKAGE_BUGREPORT=''
PACKAGE_URL=''
@ -1375,7 +1375,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
\`configure' configures E-MailRelay 2.3 to adapt to many kinds of systems.
\`configure' configures E-MailRelay 2.3.1 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@ -1442,7 +1442,7 @@ fi
if test -n "$ac_init_help"; then
case $ac_init_help in
short | recursive ) echo "Configuration of E-MailRelay 2.3:";;
short | recursive ) echo "Configuration of E-MailRelay 2.3.1:";;
esac
cat <<\_ACEOF
@ -1575,7 +1575,7 @@ fi
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
E-MailRelay configure 2.3
E-MailRelay configure 2.3.1
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
@ -2011,7 +2011,7 @@ cat >config.log <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
It was created by E-MailRelay $as_me 2.3, which was
It was created by E-MailRelay $as_me 2.3.1, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@ -2876,7 +2876,7 @@ fi
# Define the identity of the package.
PACKAGE='emailrelay'
VERSION='2.3'
VERSION='2.3.1'
# Some tools Automake needs.
@ -10728,7 +10728,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
This file was extended by E-MailRelay $as_me 2.3, which was
This file was extended by E-MailRelay $as_me 2.3.1, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@ -10794,7 +10794,7 @@ _ACEOF
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
E-MailRelay config.status 2.3
E-MailRelay config.status 2.3.1
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"

2
configure.ac
View File

@ -19,7 +19,7 @@ dnl
dnl Process this file with autoconf to produce a configure script.
dnl
AC_INIT([E-MailRelay],[2.3],[],[emailrelay])
AC_INIT([E-MailRelay],[2.3.1],[],[emailrelay])
AC_CONFIG_SRCDIR([src/glib/gdef.h])
AC_CONFIG_MACRO_DIR([m4])
AM_INIT_AUTOMAKE([no-define])

6
debian/changelog vendored
View File

@ -1,3 +1,9 @@
emailrelay (2.3.1) unstable; urgency=low
* Hourly log file rotation using "%h" (eg. "--log-file=log.%d.%h").
* TLS key and certificate files can be specified separately.
* Fixed error handling for network client filters ("--client-filter=net:...") [bug-id 50].
-- maintainer graeme_walker <graeme_walker@users.sourceforge.net> Thu, 30 Jun 2022 00:00:00 +0000
emailrelay (2.3) unstable; urgency=low
* Unix domain sockets supported (eg. "--interface=/tmp/smtp.s").
* Windows event log not used for verbose logging (prefer "--log-file").

6
doc/changelog.html
View File

@ -9,6 +9,12 @@
<!-- index:0::::E-MailRelay Change Log -->
<div class="div-main">
<h1><a class="a-header" name="H_1">E-MailRelay Change Log</a></h1> <!-- index:1:H:E-MailRelay Change Log -->
<h2><a class="a-header" name="SH_1_0">2.3 -> 2.3.1</a></h2> <!-- index:2:SH:1:0:2.3 -> 2.3.1 -->
<ul>
<li>Hourly log file rotation using <em>%h</em> (eg. <em>--log-file=log.%d.%h</em>).</li>
<li>TLS key and certificate files can be specified separately.</li>
<li>Fixed error handling for network client filters (<em>--client-filter=net:...</em>) [bug-id #50].</li>
</ul>
<h2><a class="a-header" name="SH_1_1">2.2 -> 2.3</a></h2> <!-- index:2:SH:1:1:2.2 -> 2.3 -->
<ul>
<li>Unix domain sockets supported (eg. <em>--interface=/tmp/smtp.s</em>.</li>

7
doc/changelog.md
View File

@ -1,6 +1,13 @@
E-MailRelay Change Log
======================
2.3 -> 2.3.1
------------
* Hourly log file rotation using `%h` (eg. `--log-file=log.%d.%h`).
* TLS key and certificate files can be specified separately.
* Fixed error handling for network client filters (`--client-filter=net:...`) [bug-id #50].
2.2 -> 2.3
----------

7
doc/changelog.rst
View File

@ -2,6 +2,13 @@
E-MailRelay Change Log
**********************
2.3 -> 2.3.1
============
* Hourly log file rotation using *%h* (eg. *--log-file=log.%d.%h*).
* TLS key and certificate files can be specified separately.
* Fixed error handling for network client filters (*--client-filter=net:...*) [bug-id #50].
2.2 -> 2.3
==========

6
doc/changelog.txt
View File

@ -1,6 +1,12 @@
E-MailRelay Change Log
======================
2.3 -> 2.3.1
------------
* Hourly log file rotation using "%h" (eg. "--log-file=log.%d.%h").
* TLS key and certificate files can be specified separately.
* Fixed error handling for network client filters ("--client-filter=net:...") [bug-id #50].
2.2 -> 2.3
----------
* Unix domain sockets supported (eg. "--interface=/tmp/smtp.s").

15
doc/emailrelay-man.html
View File

@ -119,7 +119,7 @@ Enables negotiated TLS for outgoing SMTP connections; the SMTP STARTTLS command
<DT><B>--client-tls-certificate </B><I>&lt;pem-file&gt;</I>
<DD>
Defines the TLS certificate file when acting as a SMTP client. This file must contain the client's private key and certificate chain using the PEM file format. Keep the file permissions tight to avoid accidental exposure of the private key.
Defines the TLS certificate file when acting as a SMTP client. This file must contain the client's private key and certificate chain using the PEM file format. Alternatively, use this option twice with the first one specifying the key file and the second the certificate file. Keep the file permissions tight to avoid accidental exposure of the private key.
<DT><B>-b, --client-tls-connection</B>
<DD>
@ -135,7 +135,7 @@ Defines the target server hostname in the TLS handshake. With <I>--client-tls-co
<DT><B>--client-tls-verify </B><I>&lt;ca-list&gt;</I>
<DD>
Enables verification of the remote SMTP server's certificate against any of the trusted CA certificates in the specified file or directory. In many use cases this should be a file containing just your self-signed root certificate.
Enables verification of the remote SMTP server's certificate against any of the trusted CA certificates in the specified file or directory. In many use cases this should be a file containing just your self-signed root certificate. Specify <I>&lt;default&gt;</I> for the TLS library's default set of trusted CAs.
<DT><B>--client-tls-verify-name </B><I>&lt;cname&gt;</I>
<DD>
@ -143,7 +143,7 @@ Enables verification of the CNAME within the remote SMTP server's certificate.
<DT><B>-e, --close-stderr</B>
<DD>
Causes the standard error stream to be closed soon after start-up. This is useful when operating as a backgroud daemon and it is therefore implied by <I>--as-server</I> and <I>--as-proxy</I>.
Causes the standard error stream to be closed soon after start-up. This is useful when operating as a background daemon and it is therefore implied by <I>--as-server</I> and <I>--as-proxy</I>.
<DT><B>-U, --connection-timeout </B><I>&lt;time&gt;</I>
<DD>
@ -243,7 +243,7 @@ Disables logging to the syslog. Note that <I>--as-client</I> implies <I>--no-sys
<DT><B>-i, --pid-file </B><I>&lt;pid-file&gt;</I>
<DD>
Causes the process-id to be written into the specified file when the program starts up, typically after it has become a backgroud daemon.
Causes the process-id to be written into the specified file when the program starts up, typically after it has become a background daemon.
<DT><B>-O, --poll </B><I>&lt;period&gt;</I>
<DD>
@ -299,7 +299,7 @@ Enables TLS for incoming SMTP and POP connections. SMTP clients can then request
<DT><B>--server-tls-certificate </B><I>&lt;pem-file&gt;</I>
<DD>
Defines the TLS certificate file when acting as a SMTP or POP server. This file must contain the server's private key and certificate chain using the PEM file format. Keep the file permissions tight to avoid accidental exposure of the private key.
Defines the TLS certificate file when acting as a SMTP or POP server. This file must contain the server's private key and certificate chain using the PEM file format. Alternatively, use this option twice with the first one specifying the key file and the second the certificate file. Keep the file permissions tight to avoid accidental exposure of the private key.
<DT><B>--server-tls-connection</B>
<DD>
@ -311,7 +311,7 @@ Makes the use of TLS mandatory for any incoming SMTP and POP connections. SMTP c
<DT><B>--server-tls-verify </B><I>&lt;ca-list&gt;</I>
<DD>
Enables verification of remote SMTP and POP clients' certificates against any of the trusted CA certificates in the specified file or directory. In many use cases this should be a file containing just your self-signed root certificate.
Enables verification of remote SMTP and POP clients' certificates against any of the trusted CA certificates in the specified file or directory. In many use cases this should be a file containing just your self-signed root certificate. Specify <I>&lt;default&gt;</I> for the TLS library's default set of trusted CAs.
<DT><B>-M, --size </B><I>&lt;bytes&gt;</I>
<DD>
@ -366,8 +366,7 @@ Graeme Walker, mailto:<A HREF="mailto:graeme_walker@users.sourceforge.net">graem
</DL>
<HR>
This document was created by
<A HREF="lynxcgi:FOO/cgi-bin/man/man2html">man2html</A>,
<A HREF="lynxcgi:./cgi-bin/man/man2html">man2html</A>,
using the manual pages.<BR>
</BODY>
</HTML>
<!-- Copyright (C) 2001-2021 Graeme Walker <graeme_walker@users.sourceforge.net>. All rights reserved. -->

12
doc/emailrelay.1
View File

@ -89,7 +89,7 @@ Specifies the IP network address to be used to bind the local end of outgoing SM
Enables negotiated TLS for outgoing SMTP connections; the SMTP STARTTLS command will be issued if the remote server supports it.
.TP
.B --client-tls-certificate \fI<pem-file>\fR
Defines the TLS certificate file when acting as a SMTP client. This file must contain the client's private key and certificate chain using the PEM file format. Keep the file permissions tight to avoid accidental exposure of the private key.
Defines the TLS certificate file when acting as a SMTP client. This file must contain the client's private key and certificate chain using the PEM file format. Alternatively, use this option twice with the first one specifying the key file and the second the certificate file. Keep the file permissions tight to avoid accidental exposure of the private key.
.TP
.B \-b, --client-tls-connection
Enables the use of a TLS tunnel for outgoing SMTP connections. This is for SMTP over TLS (SMTPS), not TLS negotiated within SMTP using STARTTLS.
@ -101,13 +101,13 @@ Makes the use of TLS mandatory for outgoing SMTP connections. The SMTP STARTTLS
Defines the target server hostname in the TLS handshake. With \fI--client-tls-connection\fR this can be used for SNI, allowing the remote server to adopt an appropriate identity.
.TP
.B --client-tls-verify \fI<ca-list>\fR
Enables verification of the remote SMTP server's certificate against any of the trusted CA certificates in the specified file or directory. In many use cases this should be a file containing just your self-signed root certificate.
Enables verification of the remote SMTP server's certificate against any of the trusted CA certificates in the specified file or directory. In many use cases this should be a file containing just your self-signed root certificate. Specify \fI<default>\fR for the TLS library's default set of trusted CAs.
.TP
.B --client-tls-verify-name \fI<cname>\fR
Enables verification of the CNAME within the remote SMTP server's certificate.
.TP
.B \-e, --close-stderr
Causes the standard error stream to be closed soon after start-up. This is useful when operating as a backgroud daemon and it is therefore implied by \fI--as-server\fR and \fI--as-proxy\fR.
Causes the standard error stream to be closed soon after start-up. This is useful when operating as a background daemon and it is therefore implied by \fI--as-server\fR and \fI--as-proxy\fR.
.TP
.B \-U, --connection-timeout \fI<time>\fR
Specifies a timeout (in seconds) for establishing a TCP connection to remote SMTP servers. The default is 40 seconds.
@ -182,7 +182,7 @@ Disables listening for incoming SMTP connections.
Disables logging to the syslog. Note that \fI--as-client\fR implies \fI--no-syslog\fR.
.TP
.B \-i, --pid-file \fI<pid-file>\fR
Causes the process-id to be written into the specified file when the program starts up, typically after it has become a backgroud daemon.
Causes the process-id to be written into the specified file when the program starts up, typically after it has become a background daemon.
.TP
.B \-O, --poll \fI<period>\fR
Causes forwarding of spooled mail messages to happen at regular intervals (with the time given in seconds).
@ -224,7 +224,7 @@ Configures the SMTP server authentication module using a semicolon-separated lis
Enables TLS for incoming SMTP and POP connections. SMTP clients can then request TLS encryption by issuing the STARTTLS command. The \fI--server-tls-certificate\fR option must be used to define the server certificate.
.TP
.B --server-tls-certificate \fI<pem-file>\fR
Defines the TLS certificate file when acting as a SMTP or POP server. This file must contain the server's private key and certificate chain using the PEM file format. Keep the file permissions tight to avoid accidental exposure of the private key.
Defines the TLS certificate file when acting as a SMTP or POP server. This file must contain the server's private key and certificate chain using the PEM file format. Alternatively, use this option twice with the first one specifying the key file and the second the certificate file. Keep the file permissions tight to avoid accidental exposure of the private key.
.TP
.B --server-tls-connection
Enables SMTP over TLS when acting as an SMTP server. This is for SMTP over TLS (SMTPS), not TLS negotiated within SMTP using STARTTLS.
@ -233,7 +233,7 @@ Enables SMTP over TLS when acting as an SMTP server. This is for SMTP over TLS (
Makes the use of TLS mandatory for any incoming SMTP and POP connections. SMTP clients must use the STARTTLS command to establish a TLS session before they can issue SMTP AUTH or SMTP MAIL-TO commands.
.TP
.B --server-tls-verify \fI<ca-list>\fR
Enables verification of remote SMTP and POP clients' certificates against any of the trusted CA certificates in the specified file or directory. In many use cases this should be a file containing just your self-signed root certificate.
Enables verification of remote SMTP and POP clients' certificates against any of the trusted CA certificates in the specified file or directory. In many use cases this should be a file containing just your self-signed root certificate. Specify \fI<default>\fR for the TLS library's default set of trusted CAs.
.TP
.B \-M, --size \fI<bytes>\fR
Limits the size of mail messages that can be submitted over SMTP.

20
doc/reference.html
View File

@ -112,8 +112,9 @@
<dd>
Defines the TLS certificate file when acting as a SMTP client. This file must
contain the client's private key and certificate chain using the PEM file
format. Keep the file permissions tight to avoid accidental exposure of the
private key.
format. Alternatively, use this option twice with the first one specifying
the key file and the second the certificate file. Keep the file permissions
tight to avoid accidental exposure of the private key.
</dd>
<dt>--client-tls-connection (-b)</dt>
<dd>
@ -137,7 +138,8 @@
Enables verification of the remote SMTP server's certificate against any of
the trusted CA certificates in the specified file or directory. In many use
cases this should be a file containing just your self-signed root
certificate.
certificate. Specify <em>&lt;default&gt;</em> for the TLS library's default set of
trusted CAs.
</dd>
<dt>--client-tls-verify-name &lt;cname&gt;</dt>
<dd>
@ -147,7 +149,7 @@
<dt>--close-stderr (-e)</dt>
<dd>
Causes the standard error stream to be closed soon after start-up. This is
useful when operating as a backgroud daemon and it is therefore implied by
useful when operating as a background daemon and it is therefore implied by
<em>--as-server</em> and <em>--as-proxy</em>.
</dd>
<dt>--connection-timeout &lt;time&gt; (-U)</dt>
@ -301,7 +303,7 @@
<dt>--pid-file &lt;pid-file&gt; (-i)</dt>
<dd>
Causes the process-id to be written into the specified file when the program
starts up, typically after it has become a backgroud daemon.
starts up, typically after it has become a background daemon.
</dd>
<dt>--poll &lt;period&gt; (-O)</dt>
<dd>
@ -392,8 +394,9 @@
<dd>
Defines the TLS certificate file when acting as a SMTP or POP server. This
file must contain the server's private key and certificate chain using the
PEM file format. Keep the file permissions tight to avoid accidental
exposure of the private key.
PEM file format. Alternatively, use this option twice with the first one
specifying the key file and the second the certificate file. Keep the file
permissions tight to avoid accidental exposure of the private key.
</dd>
<dt>--server-tls-connection</dt>
<dd>
@ -411,7 +414,8 @@
Enables verification of remote SMTP and POP clients' certificates against any
of the trusted CA certificates in the specified file or directory. In many
use cases this should be a file containing just your self-signed root
certificate.
certificate. Specify <em>&lt;default&gt;</em> for the TLS library's default set of
trusted CAs.
</dd>
<dt>--size &lt;bytes&gt; (-M)</dt>
<dd>

20
doc/reference.md
View File

@ -98,8 +98,9 @@ where &lt;option&gt; is:
Defines the TLS certificate file when acting as a SMTP client. This file must
contain the client's private key and certificate chain using the PEM file
format. Keep the file permissions tight to avoid accidental exposure of the
private key.
format. Alternatively, use this option twice with the first one specifying
the key file and the second the certificate file. Keep the file permissions
tight to avoid accidental exposure of the private key.
* \-\-client-tls-connection (-b)
@ -123,7 +124,8 @@ where &lt;option&gt; is:
Enables verification of the remote SMTP server's certificate against any of
the trusted CA certificates in the specified file or directory. In many use
cases this should be a file containing just your self-signed root
certificate.
certificate. Specify `<default>` for the TLS library's default set of
trusted CAs.
* \-\-client-tls-verify-name &lt;cname&gt;
@ -133,7 +135,7 @@ where &lt;option&gt; is:
* \-\-close-stderr (-e)
Causes the standard error stream to be closed soon after start-up. This is
useful when operating as a backgroud daemon and it is therefore implied by
useful when operating as a background daemon and it is therefore implied by
`--as-server` and `--as-proxy`.
* \-\-connection-timeout &lt;time&gt; (-U)
@ -287,7 +289,7 @@ where &lt;option&gt; is:
* \-\-pid-file &lt;pid-file&gt; (-i)
Causes the process-id to be written into the specified file when the program
starts up, typically after it has become a backgroud daemon.
starts up, typically after it has become a background daemon.
* \-\-poll &lt;period&gt; (-O)
@ -378,8 +380,9 @@ where &lt;option&gt; is:
Defines the TLS certificate file when acting as a SMTP or POP server. This
file must contain the server's private key and certificate chain using the
PEM file format. Keep the file permissions tight to avoid accidental
exposure of the private key.
PEM file format. Alternatively, use this option twice with the first one
specifying the key file and the second the certificate file. Keep the file
permissions tight to avoid accidental exposure of the private key.
* \-\-server-tls-connection
@ -397,7 +400,8 @@ where &lt;option&gt; is:
Enables verification of remote SMTP and POP clients' certificates against any
of the trusted CA certificates in the specified file or directory. In many
use cases this should be a file containing just your self-signed root
certificate.
certificate. Specify `<default>` for the TLS library's default set of
trusted CAs.
* \-\-size &lt;bytes&gt; (-M)

20
doc/reference.rst
View File

@ -101,8 +101,9 @@ where \<option\> is:
Defines the TLS certificate file when acting as a SMTP client. This file must
contain the client's private key and certificate chain using the PEM file
format. Keep the file permissions tight to avoid accidental exposure of the
private key.
format. Alternatively, use this option twice with the first one specifying
the key file and the second the certificate file. Keep the file permissions
tight to avoid accidental exposure of the private key.
* --client-tls-connection (-b)
@ -126,7 +127,8 @@ where \<option\> is:
Enables verification of the remote SMTP server's certificate against any of
the trusted CA certificates in the specified file or directory. In many use
cases this should be a file containing just your self-signed root
certificate.
certificate. Specify *\<default\>* for the TLS library's default set of
trusted CAs.
* --client-tls-verify-name \<cname\>
@ -136,7 +138,7 @@ where \<option\> is:
* --close-stderr (-e)
Causes the standard error stream to be closed soon after start-up. This is
useful when operating as a backgroud daemon and it is therefore implied by
useful when operating as a background daemon and it is therefore implied by
*--as-server* and *--as-proxy*.
* --connection-timeout \<time\> (-U)
@ -290,7 +292,7 @@ where \<option\> is:
* --pid-file \<pid-file\> (-i)
Causes the process-id to be written into the specified file when the program
starts up, typically after it has become a backgroud daemon.
starts up, typically after it has become a background daemon.
* --poll \<period\> (-O)
@ -381,8 +383,9 @@ where \<option\> is:
Defines the TLS certificate file when acting as a SMTP or POP server. This
file must contain the server's private key and certificate chain using the
PEM file format. Keep the file permissions tight to avoid accidental
exposure of the private key.
PEM file format. Alternatively, use this option twice with the first one
specifying the key file and the second the certificate file. Keep the file
permissions tight to avoid accidental exposure of the private key.
* --server-tls-connection
@ -400,7 +403,8 @@ where \<option\> is:
Enables verification of remote SMTP and POP clients' certificates against any
of the trusted CA certificates in the specified file or directory. In many
use cases this should be a file containing just your self-signed root
certificate.
certificate. Specify *\<default\>* for the TLS library's default set of
trusted CAs.
* --size \<bytes\> (-M)

20
doc/reference.txt
View File

@ -85,8 +85,9 @@ where <option> is:
# --client-tls-certificate <pem-file>
Defines the TLS certificate file when acting as a SMTP client. This file must
contain the client's private key and certificate chain using the PEM file
format. Keep the file permissions tight to avoid accidental exposure of the
private key.
format. Alternatively, use this option twice with the first one specifying
the key file and the second the certificate file. Keep the file permissions
tight to avoid accidental exposure of the private key.
# --client-tls-connection (-b)
Enables the use of a TLS tunnel for outgoing SMTP connections. This is for
@ -106,7 +107,8 @@ where <option> is:
Enables verification of the remote SMTP server's certificate against any of
the trusted CA certificates in the specified file or directory. In many use
cases this should be a file containing just your self-signed root
certificate.
certificate. Specify "<default>" for the TLS library's default set of
trusted CAs.
# --client-tls-verify-name <cname>
Enables verification of the CNAME within the remote SMTP server's
@ -114,7 +116,7 @@ where <option> is:
# --close-stderr (-e)
Causes the standard error stream to be closed soon after start-up. This is
useful when operating as a backgroud daemon and it is therefore implied by
useful when operating as a background daemon and it is therefore implied by
"--as-server" and "--as-proxy".
# --connection-timeout <time> (-U)
@ -243,7 +245,7 @@ where <option> is:
# --pid-file <pid-file> (-i)
Causes the process-id to be written into the specified file when the program
starts up, typically after it has become a backgroud daemon.
starts up, typically after it has become a background daemon.
# --poll <period> (-O)
Causes forwarding of spooled mail messages to happen at regular intervals
@ -320,8 +322,9 @@ where <option> is:
# --server-tls-certificate <pem-file>
Defines the TLS certificate file when acting as a SMTP or POP server. This
file must contain the server's private key and certificate chain using the
PEM file format. Keep the file permissions tight to avoid accidental
exposure of the private key.
PEM file format. Alternatively, use this option twice with the first one
specifying the key file and the second the certificate file. Keep the file
permissions tight to avoid accidental exposure of the private key.
# --server-tls-connection
Enables SMTP over TLS when acting as an SMTP server. This is for SMTP over
@ -336,7 +339,8 @@ where <option> is:
Enables verification of remote SMTP and POP clients' certificates against any
of the trusted CA certificates in the specified file or directory. In many
use cases this should be a file containing just your self-signed root
certificate.
certificate. Specify "<default>" for the TLS library's default set of
trusted CAs.
# --size <bytes> (-M)
Limits the size of mail messages that can be submitted over SMTP.

2
src/glib/Makefile.am
View File

@ -103,6 +103,7 @@ libglib_a_SOURCES = \
gnewprocess.h \
gnewprocess_win32.cpp \
gomembuf.h \
goptional.h \
goptionmap.h \
goptionmap.cpp \
goptionparser.h \
@ -233,6 +234,7 @@ libglib_a_SOURCES = \
gnewprocess.h \
gnewprocess_unix.cpp \
gomembuf.h \
goptional.h \
goptionmap.h \
goptionmap.cpp \
goptionparser.h \

14
src/glib/Makefile.in
View File

@ -124,12 +124,12 @@ am__libglib_a_SOURCES_DIST = gpam_none.cpp gpam_linux.cpp garg.h \
gidentity_unix.cpp gimembuf.h glimits.h glog.h glog.cpp \
glogoutput.h glogoutput.cpp glogoutput_unix.cpp gmapfile.h \
gmapfile.cpp gmd5.h gmd5.cpp gmsg_unix.cpp gmsg.h \
gnewprocess.h gnewprocess_unix.cpp gomembuf.h goptionmap.h \
goptionmap.cpp goptionparser.h goptionparser.cpp goptions.h \
goptions.cpp goptionvalue.h gpam.h gpath.h gpath.cpp \
gpidfile.h gpidfile.cpp gprocess.h gprocess_unix.cpp grandom.h \
grandom.cpp greadwrite.h greadwrite.cpp groot.h groot.cpp \
gscope.h gsignalsafe.h gsleep.h gslot.h gslot.cpp \
gnewprocess.h gnewprocess_unix.cpp gomembuf.h goptional.h \
goptionmap.h goptionmap.cpp goptionparser.h goptionparser.cpp \
goptions.h goptions.cpp goptionvalue.h gpam.h gpath.h \
gpath.cpp gpidfile.h gpidfile.cpp gprocess.h gprocess_unix.cpp \
grandom.h grandom.cpp greadwrite.h greadwrite.cpp groot.h \
groot.cpp gscope.h gsignalsafe.h gsleep.h gslot.h gslot.cpp \
gstatemachine.h gstr.h gstr.cpp gstrings.h gstringwrap.cpp \
gstringwrap.h gstringview.h gtest.h gtest.cpp gthread.cpp \
gtime.h gtime.cpp gxtext.h gxtext.cpp galign.h \
@ -532,6 +532,7 @@ noinst_LIBRARIES = libglib.a
@GCONFIG_WINDOWS_FALSE@ gnewprocess.h \
@GCONFIG_WINDOWS_FALSE@ gnewprocess_unix.cpp \
@GCONFIG_WINDOWS_FALSE@ gomembuf.h \
@GCONFIG_WINDOWS_FALSE@ goptional.h \
@GCONFIG_WINDOWS_FALSE@ goptionmap.h \
@GCONFIG_WINDOWS_FALSE@ goptionmap.cpp \
@GCONFIG_WINDOWS_FALSE@ goptionparser.h \
@ -639,6 +640,7 @@ noinst_LIBRARIES = libglib.a
@GCONFIG_WINDOWS_TRUE@ gnewprocess.h \
@GCONFIG_WINDOWS_TRUE@ gnewprocess_win32.cpp \
@GCONFIG_WINDOWS_TRUE@ gomembuf.h \
@GCONFIG_WINDOWS_TRUE@ goptional.h \
@GCONFIG_WINDOWS_TRUE@ goptionmap.h \
@GCONFIG_WINDOWS_TRUE@ goptionmap.cpp \
@GCONFIG_WINDOWS_TRUE@ goptionparser.h \

228
src/glib/gdatetime.cpp
View File

@ -1,5 +1,5 @@
//
// Copyright (C) 2001-2021 Graeme Walker <graeme_walker@users.sourceforge.net>
// Copyright (C) 2001-2022 Graeme Walker <graeme_walker@users.sourceforge.net>
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
@ -20,6 +20,7 @@
#include "gdef.h"
#include "gdatetime.h"
#include "goptional.h"
#include "gstr.h"
#include "gassert.h"
#include <sstream>
@ -54,6 +55,79 @@ namespace G
return TimeInterval( static_cast<TimeInterval::s_type>(su) , static_cast<TimeInterval::us_type>(usu) ) ;
}
bool operator<( const std::tm & a , const std::tm & b ) noexcept
{
if( a.tm_year < b.tm_year ) return true ;
if( a.tm_year > b.tm_year ) return false ;
if( a.tm_mon < b.tm_mon ) return true ;
if( a.tm_mon > b.tm_mon ) return false ;
if( a.tm_mday < b.tm_mday ) return true ;
if( a.tm_mday > b.tm_mday ) return false ;
if( a.tm_hour < b.tm_hour ) return true ;
if( a.tm_hour > b.tm_hour ) return false ;
if( a.tm_min < b.tm_min ) return true ;
if( a.tm_min > b.tm_min ) return false ;
return a.tm_sec < b.tm_sec ;
}
bool sameMinute( const std::tm & a , const std::tm & b ) noexcept
{
return
a.tm_year == b.tm_year &&
a.tm_mon == b.tm_mon &&
a.tm_mday == b.tm_mday &&
a.tm_hour == b.tm_hour &&
a.tm_min == b.tm_min ;
}
bool same( const std::tm & a , const std::tm & b ) noexcept
{
return sameMinute( a , b ) && a.tm_sec == b.tm_sec ;
}
void localtime( std::tm & tm_out , std::time_t t_in )
{
if( localtime_r( &t_in , &tm_out ) == nullptr )
throw DateTime::Error() ;
tm_out.tm_isdst = -1 ;
}
void gmtime( std::tm & tm_out , std::time_t t_in )
{
if( gmtime_r( &t_in , &tm_out ) == nullptr )
throw DateTime::Error() ;
tm_out.tm_isdst = -1 ;
}
std::time_t mktimelocal( const std::tm & local_tm_in )
{
struct std::tm tm = local_tm_in ;
tm.tm_isdst = -1 ;
std::time_t t = std::mktime( &tm ) ;
if( t == std::time_t(-1) )
throw DateTime::Error() ;
return t ;
}
std::time_t mktimeutc( const std::tm & utc_tm_in , std::time_t begin , std::time_t end )
{
// returns 't' such that std::gmtime(t) gives the target broken-down time -- does
// a binary search over the time_t range down to one second resolution
std::time_t count = end - begin ;
std::time_t t = begin ;
while( count > 0 )
{
std::time_t i = t ;
std::time_t step = count / 2 ;
i += step ;
std::tm tm {} ;
gmtime( tm , i ) ;
if( tm < utc_tm_in )
{
t = ++i ;
count -= step + 1 ;
}
else
{
count = step ;
}
}
return t ;
}
}
}
@ -66,89 +140,57 @@ G::BrokenDownTime::BrokenDownTime() :
G::BrokenDownTime::BrokenDownTime( const struct std::tm & tm_in ) :
m_tm(tm_in)
{
// dont trust the dst flag passed in -- force mktime()
// to do the extra work (strftime() does anyway)
m_tm.tm_isdst = -1 ;
if( std::time_t(-1) == std::mktime( &m_tm ) ) // set wday and yday
throw DateTime::Error() ;
}
std::time_t G::BrokenDownTime::epochTimeFromLocal() const
{
struct std::tm tm = m_tm ;
tm.tm_isdst = -1 ;
std::time_t t = std::mktime( &tm ) ;
if( t == std::time_t(-1) )
throw DateTime::Error() ;
return t ;
return DateTimeImp::mktimelocal( m_tm ) ;
}
std::time_t G::BrokenDownTime::epochTimeFromUtc() const
{
BrokenDownTime copy( *this ) ;
copy.m_tm.tm_sec = 0 ; // simplify for leap-seconds, add back below
return copy.epochTimeFromUtcImp() + m_tm.tm_sec ;
}
std::time_t t0 = DateTimeImp::mktimelocal( m_tm ) ;
std::time_t G::BrokenDownTime::epochTimeFromUtcImp() const
{
static bool diff_set = false ;
static std::time_t diff = 0 ;
return epochTimeFromUtcImp( diff_set , diff ) ;
}
std::time_t G::BrokenDownTime::epochTimeFromUtcImp( bool & diff_set , std::time_t & diff ) const
{
constexpr int day = 24 * 60 * 60 ;
constexpr std::time_t dt = 60 * 15 ; // india 30mins, nepal 45mins // NOLINT
constexpr std::time_t day_and_a_bit = day + dt ;
constexpr std::time_t t_rounding = 30 ;
// use mktime() for a rough starting point
std::time_t t_base = epochTimeFromLocal() ;
// see if the previous diff result is still valid (no change of dst etc),
if( diff_set && !sameMinute( SystemTime(t_base+diff+t_rounding).utc() ) )
diff_set = false ;
// find the timezone diff
if( !diff_set )
static optional<std::time_t> memo ;
if( memo.has_value() )
{
// iterate over all possible timezones modifying the epoch time until
// its utc broken-down-time (gmtime()) matches ours
//
auto t = t_base - day_and_a_bit ;
auto end = t_base + day_and_a_bit ;
for( diff = -day_and_a_bit ; t <= end ; t += dt , diff += dt )
{
if( sameMinute( SystemTime(t+t_rounding).utc() ) )
{
diff_set = true ;
break ;
}
}
std::tm tm {} ;
DateTimeImp::gmtime( tm , t0+memo.value() ) ;
if( DateTimeImp::same(tm,m_tm) )
return t0 + memo.value() ;
}
if( !diff_set )
throw DateTime::Error( "unsupported timezone" ) ;
std::time_t dt = 25 * 3600 + 10 ;
std::time_t begin = std::max(dt,t0) - dt ;
std::time_t end = t0 + dt ;
std::time_t t = DateTimeImp::mktimeutc( m_tm , begin , end ) ;
if( t == begin || t == end )
throw DateTime::Error( "timezone error" ) ;
return t_base + diff ;
memo = t - t0 ;
return t ;
}
G::BrokenDownTime G::BrokenDownTime::null()
{
return {} ;
}
G::BrokenDownTime G::BrokenDownTime::local( SystemTime t )
{
BrokenDownTime tm ;
std::time_t s = t.s() ;
if( localtime_r( &s , &tm.m_tm ) == nullptr )
throw DateTime::Error() ;
return tm ;
BrokenDownTime bdt ;
DateTimeImp::localtime( bdt.m_tm , t.s() ) ;
return bdt ;
}
G::BrokenDownTime G::BrokenDownTime::utc( SystemTime t )
{
BrokenDownTime tm ;
std::time_t s = t.s() ;
if( gmtime_r( &s , &tm.m_tm ) == nullptr )
throw DateTime::Error() ;
return tm ;
BrokenDownTime bdt ;
DateTimeImp::gmtime( bdt.m_tm , t.s() ) ;
return bdt ;
}
G::BrokenDownTime::BrokenDownTime( int y , int mon , int d , int h , int min , int sec ) :
@ -161,8 +203,8 @@ G::BrokenDownTime::BrokenDownTime( int y , int mon , int d , int h , int min , i
m_tm.tm_min = min ;
m_tm.tm_sec = sec ;
m_tm.tm_isdst = -1 ;
if( std::time_t(-1) == std::mktime( &m_tm ) ) // set wday and yday
throw DateTime::Error() ;
m_tm.tm_wday = 0 ;
m_tm.tm_yday = 0 ;
}
G::BrokenDownTime G::BrokenDownTime::midday( int year , int month , int day )
@ -170,15 +212,29 @@ G::BrokenDownTime G::BrokenDownTime::midday( int year , int month , int day )
return { year , month , day , 12 , 0 , 0 } ;
}
void G::BrokenDownTime::format( std::vector<char> & out , const char * fmt ) const
G::BrokenDownTime G::BrokenDownTime::midnight( int year , int month , int day )
{
return { year , month , day , 0 , 0 , 0 } ;
}
bool G::BrokenDownTime::format( char * out , std::size_t out_size , const char * fmt ) const
{
for( const char * p = std::strchr(fmt,'%') ; p && p[1] ; p = std::strchr(p+1,'%') )
{
if( !std::strchr(DateTimeImp::good_format,p[1]) )
throw DateTime::Error() ;
if( std::strchr(DateTimeImp::good_format,p[1]) == nullptr )
throw DateTime::Error("bad format string") ;
}
if( std::strftime( &out[0] , out.size() , fmt , &m_tm ) == 0U )
std::tm tm_copy = m_tm ;
tm_copy.tm_isdst = -1 ;
(void) mktime( &tm_copy ) ; // fill in isdst, wday, yday
return std::strftime( out , out_size , fmt , &tm_copy ) > 0U ;
}
void G::BrokenDownTime::format( std::vector<char> & out , const char * fmt ) const
{
if( !format( &out[0] , out.size() , fmt ) )
throw DateTime::Error() ;
}
@ -196,7 +252,7 @@ std::string G::BrokenDownTime::str( const char * fmt ) const
std::vector<char> buffer( n ) ;
format( buffer , fmt ) ;
buffer.at(buffer.size()-1U) = '\0' ; // just in case
return std::string( &buffer[0] ) ;
return { &buffer[0] } ;
}
int G::BrokenDownTime::hour() const
@ -234,14 +290,9 @@ int G::BrokenDownTime::wday() const
return m_tm.tm_wday ;
}
bool G::BrokenDownTime::sameMinute( const BrokenDownTime & other ) const
bool G::BrokenDownTime::sameMinute( const BrokenDownTime & other ) const noexcept
{
return
year() == other.year() &&
month() == other.month() &&
day() == other.day() &&
hour() == other.hour() &&
min() == other.min() ;
return DateTimeImp::sameMinute( m_tm , other.m_tm ) ;
}
// ==
@ -384,18 +435,13 @@ std::ostream & G::operator<<( std::ostream & stream , const SystemTime & t )
G::TimerTime G::TimerTime::now()
{
return TimerTime( std::chrono::steady_clock::now() , false ) ;
return { std::chrono::steady_clock::now() , false } ;
}
G::TimerTime G::TimerTime::zero()
{
duration_type zero_duration{0} ;
return TimerTime( time_point_type(zero_duration) , true ) ;
}
G::TimerTime G::TimerTime::test( int s , int us )
{
return TimerTime( time_point_type(std::chrono::seconds(s)+std::chrono::microseconds(us)) , s==0 && us==0 ) ;
return { time_point_type(zero_duration) , true } ;
}
G::TimerTime::TimerTime( time_point_type tp , bool is_zero ) :
@ -404,18 +450,30 @@ G::TimerTime::TimerTime( time_point_type tp , bool is_zero ) :
{
}
unsigned long G::TimerTime::test_s() const
G::TimerTime G::TimerTime::test( int s , int us )
{
return { time_point_type(std::chrono::seconds(s)+std::chrono::microseconds(us)) , s==0 && us==0 } ;
}
unsigned long G::TimerTime::s() const
{
using namespace std::chrono ;
return static_cast<unsigned long>(duration_cast<seconds>(m_tp.time_since_epoch()).count()) ;
}
unsigned long G::TimerTime::test_us() const
unsigned long G::TimerTime::us() const
{
using namespace std::chrono ;
return static_cast<unsigned long>((duration_cast<microseconds>(m_tp.time_since_epoch()) % seconds(1)).count()) ;
}
std::string G::TimerTime::str() const
{
std::ostringstream ss ;
ss << s() << '.' << std::setw(6) << std::setfill('0') << us() ;
return ss.str() ;
}
G::TimerTime G::TimerTime::operator+( const TimeInterval & interval ) const
{
TimerTime t( *this ) ;

31
src/glib/gdatetime.h
View File

@ -1,5 +1,5 @@
//
// Copyright (C) 2001-2021 Graeme Walker <graeme_walker@users.sourceforge.net>
// Copyright (C) 2001-2022 Graeme Walker <graeme_walker@users.sourceforge.net>
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
@ -50,9 +50,16 @@ public:
BrokenDownTime( int year , int month , int day , int hh , int mm , int ss ) ;
///< Constructor.
static BrokenDownTime null() ;
///< Factory function for an unusable object with bogus
///< component values.
static BrokenDownTime midday( int year , int month , int day ) ;
///< Factory function for midday on the given date.
static BrokenDownTime midnight( int year , int month , int day ) ;
///< Factory function for midnight starting the given date.
static BrokenDownTime local( SystemTime ) ;
///< Factory function for the locale-dependent local time of the
///< given epoch time. See also SystemTime::local().
@ -61,11 +68,16 @@ public:
///< Factory function for the utc time of the given epoch time.
///< See also SystemTime::utc().
void format( std::vector<char> & out , const char * fmt ) const ;
bool format( char * out , std::size_t out_size , const char * fmt ) const ;
///< Puts the formatted date, including a terminating null character,
///< into the given buffer. Only simple non-locale-dependent format
///< specifiers are allowed, and these allowed specifiers explicitly
///< exclude '%z' and '%Z'.
///< into the given output buffer. Returns false if the output buffer
///< is too small. Only simple non-locale-dependent format specifiers
///< are allowed, and these allowed specifiers explicitly exclude
///< '%z' and '%Z'.
void format( std::vector<char> & out , const char * fmt ) const ;
///< Overload for an output vector. Throws if the vector is
///< too small for the result (with its null terminator).
std::string str( const char * fmt ) const ;
///< Returns the formatted date, with the same restrictions
@ -103,15 +115,13 @@ public:
///< Uses std::mktime() to convert this locale-dependent
///< local broken-down time into epoch time.
bool sameMinute( const BrokenDownTime & other ) const ;
bool sameMinute( const BrokenDownTime & other ) const noexcept ;
///< Returns true if this and the other broken-down
///< times are the same, at minute resolution with
///< no rounding.
private:
BrokenDownTime() ;
std::time_t epochTimeFromUtcImp( bool & , std::time_t & ) const ;
std::time_t epochTimeFromUtcImp() const ;
private:
friend class G::DateTimeTest ;
@ -267,8 +277,9 @@ private:
using time_point_type = std::chrono::time_point<std::chrono::steady_clock> ;
TimerTime( time_point_type , bool ) ;
static TimerTime test( int , int ) ;
unsigned long test_s() const ;
unsigned long test_us() const ;
unsigned long s() const ; // DateTimeTest
unsigned long us() const ; // DateTimeTest
std::string str() const ; // DateTimeTest
private:
bool m_is_zero ;

48
src/glib/glogoutput.cpp
View File

@ -23,6 +23,7 @@
#include "gdatetime.h"
#include "gscope.h"
#include "gfile.h"
#include "groot.h"
#include "gomembuf.h"
#include "glimits.h"
#include <algorithm>
@ -81,7 +82,8 @@ G::LogOutput::LogOutput( const std::string & exename , const Config & config ,
m_path(path)
{
updateTime() ;
open( m_path , true ) ;
updatePath() ;
open( m_real_path , true ) ;
osinit() ;
m_depth = 0U ;
if( LogOutputImp::this_ == nullptr )
@ -99,7 +101,8 @@ G::LogOutput::LogOutput( bool output_enabled_and_summary_info ,
.set_debug(verbose_info_and_debug) ;
updateTime() ;
open( m_path , true ) ;
updatePath() ;
open( m_real_path , true ) ;
osinit() ;
m_depth = 0U ;
if( LogOutputImp::this_ == nullptr )
@ -172,7 +175,24 @@ void G::LogOutput::output( std::ostream & ss )
instance()->output( ss , 0 ) ;
}
void G::LogOutput::open( std::string path , bool do_throw )
bool G::LogOutput::updatePath()
{
std::string real_path = m_path ;
std::size_t pos = 0U ;
if( (pos=real_path.find("%h")) != std::string::npos )
{
real_path[pos] = m_time_buffer[9] ;
real_path[pos+1] = m_time_buffer[10] ;
}
if( (pos=real_path.find("%d")) != std::string::npos )
{
real_path.replace( pos , 2U , std::string(&m_time_buffer[0],8U) ) ;
}
real_path.swap( m_real_path ) ;
return real_path != m_real_path ;
}
void G::LogOutput::open( const std::string & path , bool do_throw )
{
if( path.empty() )
{
@ -180,11 +200,11 @@ void G::LogOutput::open( std::string path , bool do_throw )
}
else
{
std::size_t pos = path.find( "%d" ) ;
if( pos != std::string::npos )
path.replace( pos , 2U , std::string(&m_time_buffer[0],8U) ) ;
int fd = File::open( path.c_str() , File::InOutAppend::Append ) ;
int fd = -1 ;
{
Root claim_root ;
fd = File::open( path.c_str() , File::InOutAppend::Append ) ;
}
if( fd < 0 )
{
if( do_throw )
@ -205,8 +225,8 @@ std::ostream & G::LogOutput::start( Log::Severity severity )
if( m_depth > 1 )
return LogOutputImp::ostream2() ;
if( updateTime() )
open( m_path , false ) ;
if( updateTime() && updatePath() )
open( m_real_path , false ) ;
std::ostream & ss = LogOutputImp::ostream1() ;
ss << std::dec ;
@ -295,17 +315,17 @@ bool G::LogOutput::updateTime()
{
SystemTime now = SystemTime::now() ;
m_time_us = now.us() ;
bool new_day = false ;
bool new_hour = false ;
if( m_time_s == 0 || m_time_s != now.s() || m_time_buffer.empty() )
{
m_time_s = now.s() ;
m_time_buffer.resize( 17U ) ;
now.local().format( m_time_buffer , "%Y%m%d.%H%M%S." ) ;
m_time_buffer[16U] = '\0' ;
new_day = 0 != std::memcmp( &m_date_buffer[0] , &m_time_buffer[0] , m_date_buffer.size() ) ;
std::memcpy( &m_date_buffer[0] , &m_time_buffer[0] , m_date_buffer.size() ) ;
new_hour = 0 != std::memcmp( &m_time_change_buffer[0] , &m_time_buffer[0] , 11U ) ;
std::memcpy( &m_time_change_buffer[0] , &m_time_buffer[0] , m_time_change_buffer.size() ) ;
}
return new_day ;
return new_hour ;
}
void G::LogOutput::appendTimeTo( std::ostream & ss )

6
src/glib/glogoutput.h
View File

@ -191,12 +191,13 @@ public:
private:
void osinit() ;
void open( std::string , bool ) ;
void open( const std::string & , bool ) ;
std::ostream & start( Log::Severity ) ;
void output( std::ostream & , int ) ;
void osoutput( int , Log::Severity , char * , std::size_t ) ;
void oscleanup() const noexcept ;
bool updateTime() ;
bool updatePath() ;
void appendTimeTo( std::ostream & ) ;
static const char * levelString( Log::Severity ) noexcept ;
static const char * basename( const char * ) noexcept ;
@ -207,9 +208,10 @@ private:
std::time_t m_time_s{0} ;
unsigned int m_time_us{0U} ;
std::vector<char> m_time_buffer ;
std::array<char,8U> m_date_buffer {} ;
std::array<char,17U> m_time_change_buffer {} ;
HANDLE m_handle{0} ; // windows
std::string m_path ;
std::string m_real_path ;
int m_fd{-1} ;
unsigned int m_depth{1U} ;
Log::Severity m_severity{Log::Severity::s_Debug} ;

127
src/glib/goptional.h Normal file
View File

@ -0,0 +1,127 @@
//
// Copyright (C) 2001-2022 Graeme Walker <graeme_walker@users.sourceforge.net>
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
// ===
///
/// \file goptional.h
///
#ifndef G_OPTIONAL_H
#define G_OPTIONAL_H
#include "gdef.h"
#include <utility>
#include <stdexcept>
namespace G
{
template <typename T> class optional ;
}
//| \class G::optional
/// A class template like a simplified c++17 std::optional.
///
template <typename T>
class G::optional
{
public:
optional() noexcept(noexcept(T())) ;
explicit optional( const T & ) ;
optional( bool has_value , const T & value ) ; // not in std::optional()
void clear() noexcept ; // not in std::optional()
bool has_value() const noexcept ;
explicit operator bool() const noexcept ;
const T & value() const ;
T value_or( const T & ) const ;
optional<T> & operator=( const T & ) ;
public:
~optional() = default ;
optional( const optional & ) = default ;
optional( optional && ) noexcept = default ;
optional & operator=( const optional & ) = default ;
optional & operator=( optional && ) noexcept = default ;
private:
void doThrow() const ;
private:
T m_value {} ;
bool m_has_value {false} ;
} ;
template <typename T>
G::optional<T>::optional() noexcept(noexcept(T()))
= default ;
template <typename T>
G::optional<T>::optional( const T & t ) :
m_value(t) ,
m_has_value(true)
{
}
template <typename T>
G::optional<T>::optional( bool has_value , const T & value ) :
m_value(value) ,
m_has_value(has_value)
{
}
template <typename T>
void G::optional<T>::clear() noexcept
{
m_has_value = false ;
}
template <typename T>
bool G::optional<T>::has_value() const noexcept
{
return m_has_value ;
}
template <typename T>
G::optional<T>::operator bool() const noexcept
{
return m_has_value ;
}
template <typename T>
const T & G::optional<T>::value() const
{
return m_has_value ? m_value : ( doThrow() , m_value ) ;
}
template <typename T>
void G::optional<T>::doThrow() const
{
throw std::runtime_error( "bad optional access" ) ;
}
template <typename T>
T G::optional<T>::value_or( const T & default_ ) const
{
return m_has_value ? m_value : default_ ;
}
template <typename T>
G::optional<T> & G::optional<T>::operator=( const T & t )
{
m_value = t ;
m_has_value = true ;
return *this ;
}
#endif

10
src/glib/gslot.h
View File

@ -181,7 +181,7 @@ namespace G
m_slot.m_fn( args... ) ;
}
}
void reset()
void reset() noexcept
{
m_emitted = false ;
}
@ -189,6 +189,14 @@ namespace G
{
return !! m_slot.m_fn ;
}
bool emitted() const noexcept
{
return m_emitted ;
}
void emitted( bool emitted ) noexcept
{
m_emitted = emitted ;
}
~Signal() = default ;
Signal( const Signal & ) = delete ;
Signal( Signal && ) = delete ;

51
src/gsmtp/gnetworkfilter.cpp
View File

@ -27,18 +27,18 @@ GSmtp::NetworkFilter::NetworkFilter( GNet::ExceptionSink es , FileStore & file_s
const std::string & server , unsigned int connection_timeout , unsigned int response_timeout ) :
m_es(es) ,
m_file_store(file_store) ,
m_timer(*this,&NetworkFilter::onTimeout,m_es) ,
m_done_signal(true) , // one-shot until reset()
m_location(server) ,
m_connection_timeout(connection_timeout) ,
m_response_timeout(response_timeout)
{
m_client_ptr.eventSignal().connect( G::Slot::slot(*this,&GSmtp::NetworkFilter::clientEvent) ) ;
m_client_ptr.deletedSignal().connect( G::Slot::slot(*this,&GSmtp::NetworkFilter::clientDeleted) ) ;
}
GSmtp::NetworkFilter::~NetworkFilter()
{
m_client_ptr.eventSignal().disconnect() ;
m_client_ptr.deletedSignal().disconnect() ;
}
std::string GSmtp::NetworkFilter::id() const
@ -53,35 +53,51 @@ bool GSmtp::NetworkFilter::simple() const
void GSmtp::NetworkFilter::start( const MessageId & message_id )
{
m_text.erase() ;
if( m_client_ptr.get() == nullptr )
m_text.clear() ;
m_timer.cancelTimer() ;
m_done_signal.reset() ;
if( m_client_ptr.get() == nullptr || m_client_ptr->busy() )
{
m_client_ptr.reset( std::make_unique<RequestClient>(
GNet::ExceptionSink(m_client_ptr,m_es.esrc()),
GNet::ExceptionSink(*this,&m_client_ptr),
"scanner" , "ok" ,
m_location , m_connection_timeout , m_response_timeout ) ) ;
}
m_client_ptr->request( m_file_store.contentPath(message_id).str() ) ; // (no need to wait for connection)
}
void GSmtp::NetworkFilter::clientDeleted( const std::string & reason )
void GSmtp::NetworkFilter::onException( GNet::ExceptionSource * , std::exception & e , bool done )
{
if( !reason.empty() )
{
m_text = "failed" "\t" + reason ;
m_done_signal.emit( 2 ) ;
}
if( m_client_ptr.get() )
m_client_ptr->doOnDelete( e.what() , done ) ;
m_client_ptr.reset() ;
sendResult( std::string("failed\t").append(e.what()) ) ;
}
void GSmtp::NetworkFilter::clientEvent( const std::string & s1 , const std::string & s2 , const std::string & )
{
if( s1 == "scanner" ) // ie. this is the response received by the RequestClient
{
m_text = s2 ;
m_done_signal.emit( m_text.empty() ? 0 : 2 ) ;
sendResult( s2 ) ;
}
}
void GSmtp::NetworkFilter::sendResult( const std::string & reason )
{
if( !m_text.has_value() )
{
m_text = reason ;
m_timer.startTimer( 0 ) ;
}
}
void GSmtp::NetworkFilter::onTimeout()
{
if( m_text.has_value() )
m_done_signal.emit( m_text.value().empty() ? 0 : 2 ) ;
}
bool GSmtp::NetworkFilter::special() const
{
return false ;
@ -90,12 +106,12 @@ bool GSmtp::NetworkFilter::special() const
std::string GSmtp::NetworkFilter::response() const
{
// allow "<response><tab><reason>"
return G::Str::printable( G::Str::head( m_text , "\t" , false ) ) ;
return G::Str::printable( G::Str::head( m_text.value_or({}) , "\t" , false ) ) ;
}
std::string GSmtp::NetworkFilter::reason() const
{
return G::Str::printable( G::Str::tail( m_text , "\t" , false ) ) ;
return G::Str::printable( G::Str::tail( m_text.value_or({}) , "\t" , false ) ) ;
}
G::Slot::Signal<int> & GSmtp::NetworkFilter::doneSignal()
@ -105,11 +121,14 @@ G::Slot::Signal<int> & GSmtp::NetworkFilter::doneSignal()
void GSmtp::NetworkFilter::cancel()
{
m_text.clear() ;
m_timer.cancelTimer() ;
m_done_signal.emitted( true ) ;
m_client_ptr.reset() ;
m_text.erase() ;
}
bool GSmtp::NetworkFilter::abandoned() const
{
return false ;
}

12
src/gsmtp/gnetworkfilter.h
View File

@ -27,6 +27,7 @@
#include "gclientptr.h"
#include "grequestclient.h"
#include "geventhandler.h"
#include "goptional.h"
namespace GSmtp
{
@ -38,7 +39,7 @@ namespace GSmtp
/// remote network server. The response of ok/abandon/fail is
/// delivered via the base class's doneSignal().
///
class GSmtp::NetworkFilter : public Filter
class GSmtp::NetworkFilter : public Filter , private GNet::ExceptionHandler
{
public:
NetworkFilter( GNet::ExceptionSink , FileStore & , const std::string & server_location ,
@ -58,6 +59,7 @@ private: // overrides
std::string response() const override ; // Override from from GSmtp::Filter.
std::string reason() const override ; // Override from from GSmtp::Filter.
bool special() const override ; // Override from from GSmtp::Filter.
void onException( GNet::ExceptionSource * , std::exception & , bool ) override ; // Override from from GNet::ExceptionHandler.
public:
NetworkFilter( const NetworkFilter & ) = delete ;
@ -67,17 +69,19 @@ public:
private:
void clientEvent( const std::string & , const std::string & , const std::string & ) ;
void clientDeleted( const std::string & ) ;
void sendResult( const std::string & ) ;
void onTimeout() ;
private:
GNet::ExceptionSink m_es ;
FileStore & m_file_store ;
GNet::ClientPtr<RequestClient> m_client_ptr ;
GNet::Timer<NetworkFilter> m_timer ;
G::Slot::Signal<int> m_done_signal ;
GNet::Location m_location ;
unsigned int m_connection_timeout ;
unsigned int m_response_timeout ;
GNet::ClientPtr<RequestClient> m_client_ptr ;
std::string m_text ;
G::optional<std::string> m_text ;
} ;
#endif

8
src/gui/emailrelay-gui.rc
View File

@ -7,8 +7,8 @@ LANGUAGE 0x9,0x1
IDI_ICON1 ICON DISCARDABLE "emailrelay-icon.ico"
VS_VERSION_INFO VERSIONINFO
FILEVERSION 2, 3, 0, 0
PRODUCTVERSION 2, 3, 0, 0
FILEVERSION 2, 3, 1, 0
PRODUCTVERSION 2, 3, 1, 0
FILEFLAGSMASK 0x3fL
#ifdef _DEBUG
FILEFLAGS 0x1L
@ -26,12 +26,12 @@ BEGIN
VALUE "Comments", "GPL v3 license"
VALUE "CompanyName", " "
VALUE "FileDescription", "E-MailRelay GUI Application"
VALUE "FileVersion", "2, 3, 0, 0"
VALUE "FileVersion", "2, 3, 1, 0"
VALUE "InternalName", "emailrelay"
VALUE "LegalCopyright", "Copyright (C) 2001-2022 Graeme Walker <graeme_walker@users.sourceforge.net>"
VALUE "OriginalFilename", "emailrelay-gui.exe"
VALUE "ProductName", "E-MailRelay"
VALUE "ProductVersion", "2, 3, 0, 0"
VALUE "ProductVersion", "2, 3, 1, 0"
END
END
BLOCK "VarFileInfo"

2
src/gui/installer.cpp
View File

@ -1260,7 +1260,7 @@ void Launcher::run()
// doesn't work well because stderr is not always inherited
// and then closed cleanly)
std::string s = m_cmd.exe().str() ;
(void) system( s.c_str() ) ;
(void) system( s.c_str() ) ; // NOLINT
}
}

62
src/main/configuration.cpp
View File

@ -373,9 +373,14 @@ std::string Main::Configuration::tlsConfig() const
return m_map.value( "tls-config" ) ;
}
G::Path Main::Configuration::serverTlsPrivateKey() const
{
return keyFile( "server-tls-certificate" ) ;
}
G::Path Main::Configuration::serverTlsCertificate() const
{
return m_map.contains("server-tls-certificate") ? pathValue("server-tls-certificate") : G::Path() ;
return certificateFile( "server-tls-certificate" ) ;
}
G::Path Main::Configuration::serverTlsCaList() const
@ -393,9 +398,26 @@ std::string Main::Configuration::clientTlsPeerHostName() const
return m_map.value( "client-tls-server-name" ) ;
}
G::Path Main::Configuration::clientTlsPrivateKey() const
{
return keyFile( "client-tls-certificate" ) ;
}
G::Path Main::Configuration::clientTlsCertificate() const
{
return m_map.contains("client-tls-certificate") ? pathValue("client-tls-certificate") : G::Path() ;
return certificateFile( "client-tls-certificate" ) ;
}
G::Path Main::Configuration::keyFile( const std::string & option_name ) const
{
std::string value = m_map.value( option_name ) ;
return value.empty() ? G::Path() : pathValueImp( G::Str::head(value,",",false) ) ;
}
G::Path Main::Configuration::certificateFile( const std::string & option_name ) const
{
std::string value = m_map.value( option_name ) ;
return value.empty() ? G::Path() : pathValueImp( G::Str::tail(value,",",false) ) ;
}
G::Path Main::Configuration::clientTlsCaList() const
@ -693,6 +715,18 @@ G::StringArray Main::Configuration::semantics( bool want_errors ) const
gettext("the --client-tls- options require --client-tls or --client-tls-connection") ) ;
}
if( m_map.count("server-tls-certificate") > 2U )
{
errors.push_back(
gettext("the --server-tls-certificate option cannot be used more than twice") ) ;
}
if( m_map.count("client-tls-certificate") > 2U )
{
errors.push_back(
gettext("the --client-tls-certificate option cannot be used more than twice") ) ;
}
if( m_map.contains("client-tls-verify-name") && !m_map.contains("client-tls-verify") )
{
errors.push_back(
@ -786,14 +820,20 @@ G::Path Main::Configuration::pathValue( const std::string & option_name ) const
}
else
{
if( value.find("@app") == 0U && !m_app_dir.empty() )
G::Str::replace( value , "@app" , m_app_dir.str() ) ;
return G::Path(value).isAbsolute() ? G::Path(value) : ( daemon() ? (m_base_dir+value) : value ) ;
return pathValueImp( value ) ;
}
}
bool Main::Configuration::pathlike( const std::string & option_name ) const
G::Path Main::Configuration::pathValueImp( const std::string & value_in ) const
{
std::string value = value_in ;
if( value.find("@app") == 0U && !m_app_dir.empty() )
G::Str::replace( value , "@app" , m_app_dir.str() ) ;
return G::Path(value).isAbsolute() ? G::Path(value) : ( daemon() ? (m_base_dir+value) : value ) ;
}
bool Main::Configuration::pathlike( const std::string & option_name )
{
return
option_name == "log-file" ||
@ -812,7 +852,7 @@ bool Main::Configuration::pathlike( const std::string & option_name ) const
false ;
}
bool Main::Configuration::filterType( const std::string & option_name ) const
bool Main::Configuration::filterType( const std::string & option_name )
{
return
option_name == "filter" ||
@ -820,21 +860,21 @@ bool Main::Configuration::filterType( const std::string & option_name ) const
option_name == "address-verifier" ;
}
bool Main::Configuration::specialFilterValue( const std::string & value ) const
bool Main::Configuration::specialFilterValue( const std::string & value )
{
return
value.find(':') != std::string::npos &&
value.find(':') >= 3U ;
}
bool Main::Configuration::verifyType( const std::string & option_name ) const
bool Main::Configuration::verifyType( const std::string & option_name )
{
return
option_name == "server-tls-verify" ||
option_name == "client-tls-verify" ;
}
bool Main::Configuration::specialVerifyValue( const std::string & value ) const
bool Main::Configuration::specialVerifyValue( const std::string & value )
{
return !value.empty() && value.at(0U) == '<' && value.at(value.length()-1U) == '>' ;
}

21
src/main/configuration.h
View File

@ -281,12 +281,18 @@ public:
std::string tlsConfig() const ;
///< Returns low-level TLS configuration options.
G::Path serverTlsPrivateKey() const ;
///< Returns the server-side TLS private key file.
G::Path serverTlsCertificate() const ;
///< Returns the server-side TLS certificate file.
G::Path serverTlsCaList() const ;
///< Returns the server-side TLS CA file-or-directory.
G::Path clientTlsPrivateKey() const ;
///< Returns the client-side TLS private key file.
G::Path clientTlsCertificate() const ;
///< Returns the client-side TLS certificate file.
@ -319,13 +325,16 @@ public:
///< sub-string.
private:
G::Path pathValue( const std::string & ) const ;
G::Path pathValue( const std::string & option ) const ;
G::Path pathValueImp( const std::string & value ) const ;
G::Path keyFile( const std::string & option ) const ;
G::Path certificateFile( const std::string & option ) const ;
std::string semanticError( bool & ) const ;
bool pathlike( const std::string & ) const ;
bool filterType( const std::string & ) const ;
bool specialFilterValue( const std::string & ) const ;
bool verifyType( const std::string & ) const ;
bool specialVerifyValue( const std::string & ) const ;
static bool pathlike( const std::string & ) ;
static bool filterType( const std::string & ) ;
static bool specialFilterValue( const std::string & ) ;
static bool verifyType( const std::string & ) ;
static bool specialVerifyValue( const std::string & ) ;
G::StringArray semantics( bool ) const ;
bool validSyslogFacility() const ;

14
src/main/options.cpp
View File

@ -216,12 +216,14 @@ G::Options Main::Options::spec( bool is_windows )
opt.add( { "" , "server-tls-certificate" ,
gettext("specifies a private TLS key+certificate file for --server-tls! "
"or --server-tls-connection") ,
"1" , "pem-file" , "3" } , '!' ) ;
"2" , "pem-file" , "3" } , '!' ) ;
//example: /etc/ssl/certs/emailrelay.pem
//example: C:/ProgramData/E-MailRelay/emailrelay.pem
// Defines the TLS certificate file when acting as a SMTP or POP server.
// This file must contain the server's private key and certificate chain
// using the PEM file format. Keep the file permissions tight to avoid
// using the PEM file format. Alternatively, use this option twice
// with the first one specifying the key file and the second the
// certificate file. Keep the file permissions tight to avoid
// accidental exposure of the private key.
opt.add( { "" , "server-tls-verify" ,
@ -251,13 +253,15 @@ G::Options Main::Options::spec( bool is_windows )
opt.add( { "" , "client-tls-certificate" ,
gettext("specifies a private TLS key+certificate file for --client-tls") ,
"1" , "pem-file" , "3" } , '!' ) ;
"2" , "pem-file" , "3" } , '!' ) ;
//example: /etc/ssl/certs/emailrelay.pem
//example: C:/ProgramData/E-MailRelay/emailrelay.pem
// Defines the TLS certificate file when acting as a SMTP client. This file
// must contain the client's private key and certificate chain using the
// PEM file format. Keep the file permissions tight to avoid accidental
// exposure of the private key.
// PEM file format. Alternatively, use this option twice with the first
// one specifying the key file and the second the certificate file.
// Keep the file permissions tight to avoid accidental exposure of the
// private key.
opt.add( { "" , "client-tls-verify" ,
gettext("enables verification of remote server's certificate! "

10
src/main/run.cpp
View File

@ -68,7 +68,7 @@ namespace { std::string localedir() { return std::string() ; } }
std::string Main::Run::versionNumber()
{
return "2.3" ;
return "2.3.1" ;
}
Main::Run::Run( Main::Output & output , const G::Arg & arg , bool is_windows , bool has_gui ) :
@ -267,14 +267,14 @@ void Main::Run::run()
if( configuration().serverTls() || configuration().serverTlsConnection() )
m_tls_library->addProfile( "server" , true ,
configuration().serverTlsCertificate().str() , // key
configuration().serverTlsCertificate().str() , // cert
configuration().serverTlsPrivateKey().str() ,
configuration().serverTlsCertificate().str() ,
configuration().serverTlsCaList().str() ) ;
if( configuration().clientTls() || configuration().clientOverTls() )
m_tls_library->addProfile( "client" , false ,
configuration().clientTlsCertificate().str() , // key
configuration().clientTlsCertificate().str() , // cert
configuration().clientTlsPrivateKey().str() ,
configuration().clientTlsCertificate().str() ,
configuration().clientTlsCaList().str() ,
configuration().clientTlsPeerCertificateName() ,
configuration().clientTlsPeerHostName() ) ;

74
src/main/servicewrapper.cpp
View File

@ -19,7 +19,8 @@
///
// A service wrapper program. When called from the command-line with
// "--install" the wrapper registers itself with the Windows Service
// sub-system so that it gets re-executed when the service is started.
// sub-system so that it gets re-executed by the service manager
// when the service is started.
//
// When re-executed the wrapper just registers its ServiceMain() entry
// point and blocks within the service dispatcher function.
@ -36,8 +37,8 @@
// entry point to receive service stop requests.
//
// Once the server process is created a separate thread is used to
// check that it is still running a short time later. If it is not
// running then the service is reported as failed.
// check that it is still running. If it is not running then the
// service is reported as failed and the wrapper terminates.
//
// By default the "<name>-start.bat" file must be in the same directory
// as this service wrapper, but if there is a file "<service-wrapper>.cfg"
@ -64,8 +65,6 @@
#include <new>
#define G_SERVICE_DEBUG( expr ) do { std::ostringstream ss ; ss << expr ; ServiceImp::log( ss.str() ) ; } while(0)
static constexpr unsigned int cfg_check_timeout_ms = 3000U ;
static constexpr int cfg_checks = 2 ;
static constexpr unsigned int cfg_overall_timeout_ms = 8000U ;
using ServiceHandle = SERVICE_STATUS_HANDLE ;
@ -136,15 +135,23 @@ struct ServiceChild
struct ServiceEvent
{
ServiceEvent( std::nullptr_t ) noexcept :
m_h(0)
{
}
ServiceEvent() :
m_h(0)
{
create() ;
}
explicit ServiceEvent( HANDLE h ) noexcept :
m_h(h)
{
}
ServiceEvent( std::nullptr_t ) noexcept :
m_h(0)
{
}
~ServiceEvent()
{
close() ;
}
void create()
{
const DWORD access = DELETE | SYNCHRONIZE | EVENT_MODIFY_STATE | PROCESS_DUP_HANDLE ;
@ -155,14 +162,6 @@ struct ServiceEvent
throw ServiceError( "CreateEvent" , e ) ;
}
}
explicit ServiceEvent( HANDLE h ) noexcept :
m_h(h)
{
}
~ServiceEvent()
{
close() ;
}
void close() noexcept
{
if( m_h )
@ -542,30 +541,35 @@ void Service::runThread()
void Service::runThread( HANDLE hthread_exit , ServiceHandle hservice , HANDLE hprocess )
{
G_SERVICE_DEBUG( "Service::runThread: start" ) ;
ServiceEvent thread_exit( hthread_exit ) ;
bool set_running = false ; // setStatus(RUNNING) only once
for( int i = 0 ; i < cfg_checks ; i++ )
G_SERVICE_DEBUG( "Service::runThread: monitoring thread: start" ) ;
setStatus( hservice , SERVICE_RUNNING ) ;
for(;;)
{
if( !thread_exit.wait(cfg_check_timeout_ms) )
{
G_SERVICE_DEBUG( "Service::runThread: signalled to stop" ) ;
break ;
}
bool is_running = ServiceChild::isRunning( hprocess ) ;
G_SERVICE_DEBUG( "Service::runThread: " << (is_running?"is":"not") << " running" ) ;
if( is_running && !set_running )
{
set_running = true ;
setStatus( hservice , SERVICE_RUNNING ) ;
}
else if( !is_running )
HANDLE handles[2] = { hprocess , hthread_exit } ;
DWORD timeout_ms = INFINITE ;
DWORD rc = WaitForMultipleObjects( 2U , handles , FALSE , timeout_ms ) ;
if( rc == WAIT_OBJECT_0 ) // hprocess
{
G_SERVICE_DEBUG( "Service::runThread: monitoring thread: server process has terminated" ) ;
setStatus( hservice , SERVICE_STOPPED ) ;
break ;
}
else if( rc == (WAIT_OBJECT_0+1) ) // hthread_exit
{
G_SERVICE_DEBUG( "Service::runThread: monitoring thread: asked to stop" ) ;
break ;
}
else if( rc == WAIT_TIMEOUT )
{
G_SERVICE_DEBUG( "Service::runThread: monitoring thread: timeout" ) ;
}
else
{
G_SERVICE_DEBUG( "Service::runThread: monitoring thread: wait error" ) ;
break ;
}
}
G_SERVICE_DEBUG( "Service::runThread: done" ) ;
G_SERVICE_DEBUG( "Service::runThread: monitoring thread: done" ) ;
}
ServiceHandle Service::statusHandle( const std::string & service_name )

2
src/main/submit.cpp
View File

@ -64,7 +64,7 @@ G_EXCEPTION_CLASS( NoBody , "no body text" ) ;
std::string versionNumber()
{
return "2.3" ;
return "2.3.1" ;
}
static std::string writeFiles( const G::Path & spool_dir ,

3
test/Server.pm
View File

@ -182,8 +182,9 @@ sub _switches
( exists($sw{Filter}) ? "--filter __FILTER__ " : "" ) .
( exists($sw{FilterTimeout}) ? "--filter-timeout 1 " : "" ) .
( exists($sw{ConnectionTimeout}) ? "--connection-timeout 1 " : "" ) .
( exists($sw{ClientFilter}) ? "--client-filter __CLIENT_FILTER__ " : "" ) .
( exists($sw{Immediate}) ? "--immediate " : "" ) .
( exists($sw{ClientFilter}) ? "--client-filter __CLIENT_FILTER__ " : "" ) .
( exists($sw{ClientFilterNet}) ? "--client-filter __SCANNER__ " : "" ) .
( exists($sw{Scanner}) ? "--filter __SCANNER__ " : "" ) .
( exists($sw{Verifier}) ? "--address-verifier __VERIFIER__ " : "" ) .
( exists($sw{DontServe}) ? "--dont-serve " : "" ) .

19
test/System.pm
View File

@ -500,6 +500,25 @@ sub submitMessage
System::unlink( $path ) ;
}
sub submitMessageText
{
# Submits a message using emailrelay-submit.
my ( $spool_dir , @lines ) = @_ ;
my $to = "me\@there.localnet" ;
my $path = tempfile( "message" ) ;
my $fh = new FileHandle( $path , "w" ) or die ;
print $fh "Subject: test\r\n\r\n" ;
for my $line ( @lines )
{
print $fh $line , "\r\n" ;
}
$fh->close() or die ;
my $rc = system( sanepath(exe($bin_dir,"emailrelay-submit")) . " --from me\@here.localnet " .
"--spool-dir $spool_dir $to < $path" ) ;
Check::that( $rc == 0 , "failed to submit" ) ;
System::unlink( $path ) ;
}
sub submitMessages
{
# Submits 'n' message of 'm' lines using the "emailrelay-submit" utility.

62
test/emailrelay-test.pl
View File

@ -1604,6 +1604,68 @@ sub testClientFilterBlock
System::unlink( $outputfile ) ;
}
sub testClientNetworkFilter
{
# setup
my %args = (
Log => 1 ,
LogFile => 1 ,
Verbose => 1 ,
Domain => 1 ,
SpoolDir => 1 ,
Forward => 1 ,
ForwardTo => 1 ,
ClientFilterNet => 1 ,
FilterTimeout => 1 ,
Hidden => 1 ,
Port => 1 ,
PidFile => 1 ,
) ;
my %server_args = (
Log => 1 ,
LogFile => 1 ,
Verbose => 1 ,
Domain => 1 ,
SpoolDir => 1 ,
Hidden => 1 ,
Port => 1 ,
PidFile => 1 ,
) ;
my $spool_dir_1 = System::createSpoolDir( "spool-1" ) ;
my $spool_dir_2 = System::createSpoolDir( "spool-2" ) ;
System::submitMessageText( $spool_dir_1 , "send ok" ) ;
System::submitMessageText( $spool_dir_1 , "send ok" , "shutdown" ) ;
System::submitMessageText( $spool_dir_1 , "send ok" , "shutdown" ) ;
System::submitMessageText( $spool_dir_1 , "send _failed_" ) ;
System::submitMessageText( $spool_dir_1 , "send ok" ) ;
Check::fileMatchCount( $spool_dir_1 ."/emailrelay.*.envelope", 5 ) ;
my $server_1 = new Server(undef,undef,undef,$spool_dir_1) ;
my $server_2 = new Server(System::nextPort(),undef,System::nextPort(),$spool_dir_2) ;
my $scanner = new Scanner( $server_1->scannerAddress() ) ;
$scanner->run() ;
Check::ok( $server_2->run(\%server_args) , "failed to run" , $server_2->message() ) ;
Check::running( $server_2->pid() , $server_2->message() ) ;
$server_1->set_dst( $server_2->smtpPort() ) ;
Check::ok( $server_1->run(\%args) , "failed to run" , $server_1->message() ) ;
# test that the messages are fowarded or not according to the filter
System::waitForFiles( $spool_dir_2."/emailrelay.*.envelope", 4 ) ;
System::waitForFiles( $spool_dir_1."/emailrelay.*.envelope.bad", 1 ) ;
Check::allFilesContain( $spool_dir_1."/emailrelay.*.envelope.bad" , "_failed_" ) ;
Check::fileContains( $scanner->logfile() , "info:.*new connection" , undef , 3 ) ;
Check::fileContains( $scanner->logfile() , "info:.*file: " , undef , 5 ) ;
# tear down
$server_1->kill() ;
$server_2->kill() ;
$server_1->cleanup() ;
$server_2->cleanup() ;
$scanner->kill() ;
$scanner->cleanup() ;
System::deleteSpoolDir( $spool_dir_1 , 1 ) ;
System::deleteSpoolDir( $spool_dir_2 , 1 ) ;
}
sub testClientGivenUnknownMechanisms
{
# setup

19
test/emailrelay_test_scanner.cpp
View File

@ -27,6 +27,7 @@
// * sleep [<time>]
// * delete-content
// * delete-envelope
// * shutdown
// * disconnect
// * terminate
//
@ -148,10 +149,12 @@ bool Main::ScannerPeer::processFile( std::string path , std::string eol )
G_LOG_S( "ScannerPeer::processFile: sleeping: " << sleep_time ) ;
::sleep( sleep_time ) ;
}
if( line.find("shutdown") == 0U )
{
socket().shutdown() ;
}
if( line.find("disconnect") == 0U )
{
if( sent )
::sleep( 1U ) ; // allow the data to get down the pipe
return false ;
}
if( line.find("terminate") == 0U )
@ -231,7 +234,7 @@ int main( int argc , char * argv [] )
std::string log_file = arg.index("--log-file",1U) ? arg.v(arg.index("--log-file",1U)+1U) : std::string() ;
std::string port_str = arg.index("--port",1U) ? arg.v(arg.index("--port",1U)+1U) : std::string("10020") ;
std::string pid_file = arg.index("--pid-file",1U) ? arg.v(arg.index("--pid-file",1U)+1U) : std::string() ;
unsigned int idle_timeout = 30U ;
unsigned int idle_timeout = 10U ;
GNet::Address address = G::Str::isNumeric(port_str) ?
GNet::Address( GNet::Address::Family::ipv4 , G::Str::toUInt(port_str) ) :
@ -244,7 +247,15 @@ int main( int argc , char * argv [] )
file << G::Process::Id().str() << std::endl ;
}
G::LogOutput log_output( log , debug , log_file ) ;
G::LogOutput log_output( arg.prefix() ,
G::LogOutput::Config()
.set_output_enabled()
.set_summary_info(log||debug)
.set_verbose_info(log||debug)
.set_debug(debug)
.set_with_level(true) ,
log_file ) ;
int rc = run( address , idle_timeout ) ;
std::cout << "done" << std::endl ;
return rc ;

4
winbuild.pl
View File

@ -69,7 +69,7 @@ my $cmake_args = {
} ;
# version
chomp( my $version = eval { FileHandle->new("VERSION")->gets() } || "2.3" ) ;
chomp( my $version = eval { FileHandle->new("VERSION")->gets() } || "2.3.1" ) ;
# makefile conditionals
my %switches = (
@ -483,7 +483,7 @@ sub run_cmake
my $mbedtls_dir = Cwd::realpath( $mbedtls ) ;
my $mbedtls_include_dir = "$mbedtls_dir/include" ;
my $mbedtls_lib_dir = "$mbedtls_dir/$arch/library/Release" ; # fixed up to Debug elsewhere
my $qt_dir = Cwd::realpath( $qt_dirs->{$arch} ) ;
my $qt_dir = defined($qt_dirs) ? Cwd::realpath( $qt_dirs->{$arch} ) : "." ;
my $module_path = Cwd::realpath( "." ) ;
my @arch_args = @{$cmake_args->{$arch}} ;