Age | Commit message (Collapse) | Author |
|
MX was mistakenly adding a prefix of "user-" to the uuid when delivering
using the new Soledad Server incoming APi. That was probably introduced
by mistake because the CouchDB user databases are all prefixed with that
prefix.
|
|
add the version of with_metaclass found in six==1.10.0
See https://github.com/SecurityInnovation/PGPy/issues/217
- Resolves: #8672
|
|
- Resolves: #8668
|
|
-- Related: #8664
|
|
|
|
In PGPy 0.4.0 keys are not accepted if they have empty lines before the
ascii armored text. I addapt the tests around that for now. This is fixed
already in PGPy repo, so it will not be an issue in comming releases.
- Resolves: #8558, #8663
|
|
For expired keys gnupg will not allow us to encrypt (to force it we'll
need to fake the system date). Let's bounce the email properly in this case,
and register the error.
Make sure as well that _encrypt_message does not return None, let's
raise exceptions in case of failure.
- Related: #8663
|
|
Leap MX was previously wrapping soledad's couchdb-related exceptions
messages in its own exception. The problem was that message attribute of
those exceptions were actually empty, and so the information of the
actual error was lost. This commit removes the wrapper exception and
forwards whatever exception was received from soledad to the logging
system.
Signed-off-by: Ruben Pollan <meskio@sindominio.net>
|
|
|
|
When we had an error during encryption, the doc property "_enc_json" was empty and
we were saving this empty data on CouchDb.
Then it was causing the [GNUPG:] NODATA 2 error during decryption.
Related with: https://github.com/pixelated/pixelated-user-agent/issues/908
with @tayanefernandes
|
|
|
|
- Related: #7961
|
|
* Resolves: #7998
|
|
|
|
|
|
- Resolves: #7961
|
|
Do not reconstruct the message from the parsed one. Added test for
missleading encoding.
- Resolves: #7253
|
|
- Resolves: #4285
|
|
|
|
- Resolves: #5959
|
|
- Related: #7565
|
|
- Resolves: #7272
|
|
Some refactor on the couchdb usage was needed to be able to mock
couchdb.
- Resolves: #7435
|
|
- Resolves: #7439
|
|
Change the virtual alias map and the access recipien access checker log
messages so they match postfix's configuration statements.
|
|
I'm updating (1) some very outdated doc from when the program was not yet
written, and (2) some small stuff inside classes docstrings.
|
|
If we do not adhere to the standads, we may have a lot of problems when
bouncing a message. This commit implements a bounce message according to:
* RFC 6522 - The Multipart/Report Media Type for the Reporting of Mail
System Administrative Messages
* RFC 3834 - Do not bounce for unknown or invalid addresses.
* RFC 3464 - An Extensible Message Format for Delivery Status Notification.
Closes: #6858.
|
|
Before this commit, the mail receiver system used to compare the domain of the
delivery addresses found in the "Delivered-To" header to find out the final
delivery address. If we assume that the mail server delivery to the spool mail
directory was correct, then we have two facts: (1) the topmost "Delivered-To"
header is the one that indicates the correct final delivery address; and (2)
we should expect the address to be <uuid>@<domain> because of the earlier
alias resolve query made by the mail server.
Another problem is that the domain comparison would compare whatever is in the
"Delivered-To" header with whatever the python's socket module would return,
which depends on the values on /etc/hosts and the order of the values in that
file. This was causing problems whenever the platform made changes in
/etc/hosts.
So this commit eliminates the domain check and gets the uuid from the first
"Delivered-To" header found in the message.
Related: #6858.
|
|
This fixes a bug introduced on b0ef529cc882a96903597fb5279919969fa286c3, when
the alias resolver was modified to return the user's address instead of the
uuid.
In order to fix this, I had to revert one of the changes made by the commit
above, which is to don't make use of reduced view for the uuid query. The
pgp public key query remains reduced, as implemented in the commit above.
We also refactor the code a bit to allow for log messages specific to each of
tcp map's sublasses.
Related: #6858.
|
|
The bounce message was using the original message's "From:" header instead of
the "To:" header to indicate the original recipient. This commit fixes that.
Closes: #6854.
Releases: 0.6.2, 0.7.0
|
|
The way uuid and pgp key were being queried by means of couch views was not
efficient because they weren't using the reduce function and were filtering
the views results in the python code. Also, the uuid is not actually needed to
find out either if the address exists or if there's a pgp public key for that
address. This commit refactors the couch helper to make use of the reduce
functions in queried views and to get rid of the intermediate uuid querying.
|
|
In order to minimize the number of couchdb queries and the number of mx
lookups in case of junk mail this commit restricts the pgp key lookup to the
access check server (and removes it from the alias server).
Closes: #6795.
|
|
Separate the common tcp map server code, used for both alias resolver and
recipient access checker, to its own file.
|
|
Implement a PGP key lookup in the postfix smtp recipient restriction and
virtual alias mapping levels. If no PGP key is found, then the address is
rejected with a temporary error.
Closes: #6795
|
|
|
|
|
|
|
|
|
|
_build_key_from_gpg in keymanager has changed
|
|
|
|
|
|
|
|
'refs/remotes/drebs/bug/4475_use-couch-document' into develop
Conflicts:
src/leap/mx/mail_receiver.py
|
|
The message is already in str type, so we don't care about
encoding. json.dumps will ignore convertion.
|
|
|
|
|
|
|
|
|
|
|
|
|