Hello dovecot users, I have updated the MANAGESIEVE patch to apply and compile against dovecot 1.0.rc28. Not much has changed with respect to the functionality of the previous version however: ChangeLog vs v2 - Updated source to compile with dovecot 1.0.rc28, tested with rc27 (debian package) - Daemon now uses the same location for .dovecot.sieve as dovecot-lda This is typically ~/.dovecot.sieve. - If .dovecot.sieve is a regular file, it is now moved into the script storage as dovecot.orig.sieve, preventing deletion of (important) active scripts upon managesieve installation. Otherwise, it would simply be replaced by a symlink to the new active script. - Changed error handling to yield a BYE message when the managesieve daemon exits unexpectedly (upon login) before any commands are entered. Horde-ingo would wait indefinitely for a response. This patch still includes (yet another) instance of the CMU Sieve source, as explained in my previous mail (http://dovecot.org/list/dovecot/2006-July/015016.html). It can be downloaded at: http://sinas.rename-it.nl/~sirius/dovecot-1.0.rc28-MANAGESIEVE-v3.diff.gz Have fun testing the patch. Notify me when there are problems. Regards, -- Stephan Bosch stephan at rename-it.nl IRC: Freenode, #dovecot, S[r]us
Hi Stephan, Stephan Bosch wrote:> I have updated the MANAGESIEVE patch to apply and compile against > dovecot 1.0.rc28. Not much has changed with respect to the functionality > of the previous version however:(...) How can you implement this in an actual reverse-proxied environment ? like having a dovecot or perdition as front imap servers on the DMZ and then real boxes inside... how can I proxy the managesieve daemon the same way ? ('cause it really rocks)
Op ma, 26-03-2007 te 18:34 +0200, schreef Stephan Bosch:> - Updated source to compile with dovecot 1.0.rc28, tested with rc27 > (debian package)I downloaded the rc28 Debian source package, ran dpkg-source -x dovecot-1.0.rc28-1.dsc, applied the patch and ran dpkg-buildpackage -uc -us -rfakeroot, which resulted in the error: [...] config.status: creating src/lib-ntlm/Makefile config.status: creating src/lib-settings/Makefile config.status: error: cannot find input file: src/lib-sievestorage/Makefile.in make: *** [config.status] Error 1 Should I run some script to configure managesieve first? Thanks! Koen
On Mon, 2007-03-26 at 18:34 +0200, Stephan Bosch wrote:> http://sinas.rename-it.nl/~sirius/dovecot-1.0.rc28-MANAGESIEVE-v3.diff.gzI finally took a look at this. The biggest problem is that there's way too much duplicated code. - lib-managesieve: Is the only thing different from lib-imap that it does UTF8 validation? Then rather add some utf8-flag to the imap-parser. Or maybe add some string validation callback which does it in lib-managesieve. - managesieve: I guess the commands-common.c could be put somewhere.. Hmm. Also client.c has a lot of copy&pasted code. I'm not sure what's the right place for these though. - login: There is still too much duplication in the login code (also for imap/pop3). I'm thinking about cleaning this up after v1.0. Wonder if there should exist just one login binary which can handle multiple protocols (and support plugins).. - Sieve plugin would need to be merged somehow to this to avoid adding lib-sieve/cmu. There's also one bug: /* FIXME: Is this buffer on the stack method allowable for * dovecot at all or do we need to define some t_buffer? */ static const int bufsize = 255; char linkbuf[bufsize]; ret = readlink(storage->active_path, linkbuf, bufsize-1); linkbuf[ret] = '\0'; //// ret can be -1 .. return t_strdup(linkbuf); Change rather to something like: char linkbuf[PATH_MAX]; ret = readlink(storage->active_path, linkbuf, sizeof(linkbuf)); .. return t_strndup(linkbuf, ret); -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: <http://dovecot.org/pipermail/dovecot/attachments/20070326/59d64bd4/attachment.bin>
Hello Timo, Thanks for reviewing the managesieve patch. Timo Sirainen schreef:> On Mon, 2007-03-26 at 18:34 +0200, Stephan Bosch wrote: >> http://sinas.rename-it.nl/~sirius/dovecot-1.0.rc28-MANAGESIEVE-v3.diff.gz > > I finally took a look at this. The biggest problem is that there's way > too much duplicated code.I agree. This would make updating the various protocol implementations tedious and error prone (to say the least). My initial goal was to write a working non-intrusive managesieve patch for dovecot, to be fully merged with dovecot later.> - lib-managesieve: Is the only thing different from lib-imap that it > does UTF8 validation? Then rather add some utf8-flag to the imap-parser. > Or maybe add some string validation callback which does it in > lib-managesieve.It has been 6 months since I adapted this code for managesieve. I'll do a quick review and check whether these two libraries can be merged easily, but I believe they can.> - managesieve: I guess the commands-common.c could be put somewhere.. > Hmm. Also client.c has a lot of copy&pasted code. I'm not sure what's > the right place for these though. > > - login: There is still too much duplication in the login code (also > for imap/pop3). I'm thinking about cleaning this up after v1.0. Wonder > if there should exist just one login binary which can handle multiple > protocols (and support plugins)..That's a nice idea.> > - Sieve plugin would need to be merged somehow to this to avoid adding > lib-sieve/cmu.I coined this in my previous e-mail: if the master process could provide some means of dynamically registering new process types (protocols), e.g. through plugins, it should not be difficult to incorporate this managesieve implementation in dovecot-sieve entirely. Also, this plugin solution could be implemented/complemented by your single-login-process idea. Within the dovecot-sieve plugin package, a common sieve library would then solve the lib-sieve/cmu duplication problem.> > There's also one bug: > > /* FIXME: Is this buffer on the stack method allowable for > * dovecot at all or do we need to define some t_buffer? > */ > static const int bufsize = 255; > char linkbuf[bufsize]; > > ret = readlink(storage->active_path, linkbuf, bufsize-1); > linkbuf[ret] = '\0'; //// ret can be -1 > .. > return t_strdup(linkbuf); > > Change rather to something like: > > char linkbuf[PATH_MAX]; > ret = readlink(storage->active_path, linkbuf, sizeof(linkbuf)); > .. > return t_strndup(linkbuf, ret);Nice one, also with respect to the buffer size. Apart from this real bug, there are currently still many more FIXMEs out there. I'll fix the issues that I can fix right now. Most duplicate code problems will have to wait until you have the time to juggle around a bit with the dovecot(-sieve) code. Please notify my when you have changed anything with this respect. Regards, -- Stephan Bosch stephan at rename-it.nl IRC: Freenode, #dovecot, S[r]us
On 085, 03 26, 2007 at 06:34:21PM +0200, Stephan Bosch wrote:> Hello dovecot users,I don't see how anonymous logins are handled. You must handle anonymous logins according to managesieve draft (see below) or don't advertise ANONYMOUS SASL mechanism at all. Implementations MAY advertise the ANONYMOUS SASL mechanism [SASL- ANON]. This indicates that the server supports ANONYMOUS sieve script syntax verification. Only the CAPABILITY, PUTSCRIPT and LOGOUT commands are available to the anonymous user. All other commands MUST give NO responses. Furthermore the PUTSCRIPT command SHOULD NOT store any data. In this mode a positive response to the PUTSCRIPT command indicates that the given script does not have any syntax errors.> I have updated the MANAGESIEVE patch to apply and compile against > dovecot 1.0.rc28. Not much has changed with respect to the functionality > of the previous version however: > > ChangeLog vs v2 > - Updated source to compile with dovecot 1.0.rc28, tested with rc27 > (debian package) > - Daemon now uses the same location for .dovecot.sieve as dovecot-lda > This is typically ~/.dovecot.sieve. > - If .dovecot.sieve is a regular file, it is now moved into the script > storage as dovecot.orig.sieve, preventing deletion of (important) > active scripts upon managesieve installation. Otherwise, it would > simply be replaced by a symlink to the new active script. > - Changed error handling to yield a BYE message when the managesieve > daemon exits unexpectedly (upon login) before any commands are > entered. Horde-ingo would wait indefinitely for a response. > > This patch still includes (yet another) instance of the CMU Sieve > source, as explained in my previous mail > (http://dovecot.org/list/dovecot/2006-July/015016.html). > > It can be downloaded at: > > http://sinas.rename-it.nl/~sirius/dovecot-1.0.rc28-MANAGESIEVE-v3.diff.gz > > Have fun testing the patch. Notify me when there are problems. > > Regards, > > -- > Stephan Bosch > stephan at rename-it.nl > IRC: Freenode, #dovecot, S[r]us > > > > >-- Andrey Panin | Linux and UNIX system administrator pazke at donpac.ru | PGP key: wwwkeys.pgp.net -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Digital signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20070327/92a6049f/attachment.bin>
Stephan Bosch wrote:> Hello dovecot users, > > I have updated the MANAGESIEVE patch to apply and compile against > dovecot 1.0.rc28. Not much has changed with respect to the functionality > of the previous version however:One thing that would be very important is some way to pretend that this server implements the timsieved daemon. All software that I've tried is hardcoded to assume something like this regex: "Cyrus timsieved (v1\.\d|v2\.\d)" Perhaps, instead of just plopping PACKAGE into that IMPLEMENTATION string, it would be better to add a configure option to set that string to something else than "dovecot" (which no software currently supports). FWIW, I've just fired up smartsieve: http://smartsieve.sourceforge.net/ and it works like a charm for editing scripts. John -- John Peacock Director of Information Research and Technology Rowman & Littlefield Publishing Group 4501 Forbes Boulevard Suite H Lanham, MD 20706 301-459-3366 x.5010 fax 301-429-5748
Andrey Panin schreef:> On 085, 03 26, 2007 at 06:34:21PM +0200, Stephan Bosch wrote: >> Hello dovecot users, > > I don't see how anonymous logins are handled. You must handle anonymous > logins according to managesieve draft (see below) or don't advertise > ANONYMOUS SASL mechanism at all. > > Implementations MAY advertise the ANONYMOUS SASL mechanism [SASL- > ANON]. This indicates that the server supports ANONYMOUS sieve > script syntax verification. Only the CAPABILITY, PUTSCRIPT and > LOGOUT commands are available to the anonymous user. All other > commands MUST give NO responses. Furthermore the PUTSCRIPT command > SHOULD NOT store any data. In this mode a positive response to the > PUTSCRIPT command indicates that the given script does not have any > syntax errors. >The managesieve daemon extracts the available authentication mechanisms from the dovecot authentication implementation. It does not display the ANONYMOUS mechanism by default. So, obviously you must have configured ANONYMOUS somewhere. I haven't tested the daemon's behavior with ANONYMOUS thusfar. This is what my server currently reports: "IMPLEMENTATION" "dovecot" "SASL" "PLAIN" "SIEVE" "FILEINTO REJECT ENVELOPE VACATION IMAPFLAGS NOTIFY SUBADDRESS RELATIONAL COMPARATOR-I;ASCII-NUMERIC" "STARTTLS" OK "Dovecot ready." If you could state the problem more explicitly, I can check what is wrong. Regards, -- Stephan Bosch stephan at rename-it.nl IRC: Freenode, #dovecot, S[r]us