1. 15 Jul, 2019 1 commit
  2. 13 Jul, 2019 9 commits
    • Alberto Bertogli's avatar
      README: Add link to the gitlab CI pipeline status · dade2041
      Alberto Bertogli authored
      The integration tests are automatically run in a gitlab CI pipeline,
      using docker.
      This patch adds a link to the current status, like we do for the Go test
      that are run in Travis, for convenience.
    • Alberto Bertogli's avatar
      UPGRADING: Add note for the upcoming version · 0a29f25f
      Alberto Bertogli authored
      We don't expect any backwards incompatible change, so mention this in
      the UPGRADING notes.
    • Alberto Bertogli's avatar
    • Alberto Bertogli's avatar
      docs/howto: Minor updates · 1a764cb8
      Alberto Bertogli authored
      This patch contains some minor updates to docs/howto.md for simplicity
      and readability.
      In particular removing the "testing" qualifier from Debian, since the
      guide can be used on Debian stable, and also removing a clarification in
      a comment about a very old version of chasquid.
    • Alberto Bertogli's avatar
      test/t-14-tls_tracking: Remove Go version check · d6c1b4a3
      Alberto Bertogli authored
      The test/t-14-tls_tracking test relies on Go 1.8 features, but since we
      used to support Go 1.7, the test had a version check.
      Since now the minimum Go version supported is 1.9, we can remove this
    • Alberto Bertogli's avatar
      maillog: Test that we log to the system logger on write errors · d6bbea39
      Alberto Bertogli authored
      The maillog package will write to the system logger if it can't write to
      the mail log. It does this only once to avoid spamming the system logger
      on misconfigurations.
      This patch adds a test for this condition.
    • Alberto Bertogli's avatar
      dovecot: Test autodetection works with closed sockets · d53d97ab
      Alberto Bertogli authored
      We want to test that autodetection works with closed sockets, as we
      explicitly support that scenario: chasquid might be up before dovecot
      is, and we still want the detection to work.
      The code is written that way, but we had no tests for it until now,
      because we were blocked on the unix listeners supporting
      SetUnlinkOnClose, which appeared in Go 1.8.
      Now that the minimum Go version has been raised past that, we can
      implement the test.
    • Alberto Bertogli's avatar
      sts: Use expvar.Int.Value in tests · 9821a17d
      Alberto Bertogli authored
      Now that we raised the minimum Go version to 1.9, we can make use of
      expvar's .Value methods to simplify some of the STS tests.
      This patch makes those simplifications, which do not change the logic of
      the tests themselves.
    • Alberto Bertogli's avatar
      Use context.WithTimeout instead of context.WithDeadline · 2943f994
      Alberto Bertogli authored
      There are a few context.WithDeadline calls that can be simplified by
      using context.WithTimeout.
      At the time they were added, WithTimeout was too new so we didn't want
      to depend on it. But now that the minimum Go version has been raised to
      1.9, we can simplify the calls.
      This patch does that simplification, which is purely mechanical, and
      does not change the logic itself.
  3. 05 May, 2019 1 commit
    • Alberto Bertogli's avatar
      travis: Increase minimum supported version to 1.9 · a92497ae
      Alberto Bertogli authored
      As of a29dc8fd (2019-04-26), golang.org/x/crypto requires math/bits.
      math/bits was introduced in Go 1.9, so we can no longer build from head
      using 1.7.
      Building using Debian's packaged dependencies should work just fine, but
      since we want Travis to build from head, this commit updates the minimum
      supported version to 1.9.
  4. 04 May, 2019 1 commit
  5. 31 Mar, 2019 1 commit
    • Alberto Bertogli's avatar
      smtpsrv: Set connection deadline before the initial greeting · cac1e161
      Alberto Bertogli authored
      When handling a connection, today we only set a deadline after each
      command received.
      However, this does not cover our initial greeting, or the initial TLS
      handshake (if the socket is TLS), so a connection can hang
      indefininitely at that stage.
      This patch fixes that by setting a deadline earlier, before we send or
      receive anythong on the connection.
  6. 10 Feb, 2019 1 commit
    • Alberto Bertogli's avatar
      Miscellaneous style fixes · ec95131b
      Alberto Bertogli authored
      This patch has some miscellaneous style fixes to issues found by the
      staticcheck tool.
      There are no functional changes.
  7. 19 Jan, 2019 1 commit
  8. 18 Jan, 2019 2 commits
    • Alberto Bertogli's avatar
      queue: Internationalized Delivery Status Notifications (DSN) · 1ecc957a
      Alberto Bertogli authored
      Our non-delivery status notifications are quite simple today, but that
      makes it much more difficult to support internationalization and
      cross-language reporting.
      There is a standard for internationalized DSNs, RFC 6533 (which builds
      on top of the structured DSNs from RFC 3464).
      This patch changes our DSN messages to be based on those standards, so
      it is easier for MUAs to display reports according to the users'
      languages preferences.
      Note we still use message/rfc822 + 8bit to transmit the message, instead
      of message/global, for compatibility reasons. This seems to be more
      universally compatible, but the decision might be revisited in the
      future. See RFC 5335 (section 4.6 in particular).
    • Alberto Bertogli's avatar
      test: Make mail_diff support comparing multipart messages · abf91eac
      Alberto Bertogli authored
      In upcoming patches we will want to compare mime-multipart messages, so
      this patch extends the mail_diff test helper to support it.
  9. 10 Jan, 2019 1 commit
  10. 02 Dec, 2018 1 commit
  11. 01 Dec, 2018 1 commit
    • Alberto Bertogli's avatar
      Code style improvements · 4db9ffec
      Alberto Bertogli authored
      This patch contains some minor code style improvements, to leave the
      linter happier and generally follow best practices in some areas where
      things snuck through.
  12. 30 Nov, 2018 10 commits
    • Alberto Bertogli's avatar
      test: Fix flaky courier test · 4296e280
      Alberto Bertogli authored
      In the upcoming Go release, logging from a finished testing.T triggers a
      panic.  In the courier tests, this is possible because we don't wait for
      completion of fakeServer before ending the test.
      This patch makes the tests wait for fakeServer to finish before exiting,
      removing the race.
    • Alberto Bertogli's avatar
      gitlab-ci.yml: Add a configuration file for GitLab CI · f4b41b67
      Alberto Bertogli authored
      This patch adds a configuration file for the GitLab CI environment, to
      run the integration tests with docker.
    • Alberto Bertogli's avatar
      test: Use minidns in the Docker tests · dd7cfaeb
      Alberto Bertogli authored
      The integration tests depend on having a DNS server that resolves
      "localhost", which is unfortunate but currently unavoidable given
      glibc's limitations ($HOSTALIASES only works on DNS-level aliases, and
      does not do lookups in /etc/hosts).
      Even under docker, this makes the tests depend on the DNS server, and
      whether it resolves localhost or not.
      In order to make the docker tests more hermetic and isolated from the
      environment, this patch introduces a docker entrypoint that, within the
      container, will launch minidns and override /etc/resolv.conf to use it.
      This guarantees that the tests will be able to resolve localhost, and
      also avoid accidental reliance on external DNS zones.
    • Alberto Bertogli's avatar
      test: Replace dnsmasq with minidns · 57f5a099
      Alberto Bertogli authored
      This commit replaces test/t-14-tls_tracking usage of dnsmasq (an
      external test dependency) with our new minidns.
    • Alberto Bertogli's avatar
      test/util: Add mini DNS server for testing purposes · a0ae5fb4
      Alberto Bertogli authored
      This is a mini-DNS server for testing purposes.
      This can be used to set up hermetic tests in containers, and work around
      glibc's limitation of being unable to create per-process host aliases.
    • Alberto Bertogli's avatar
      test: Allow up to 2 loops in the loop integration test · 661f759c
      Alberto Bertogli authored
      In the loop integration test, we detect looping via checking the expvars
      of chasquid, and waiting for the loop counter to be 1.
      However, if chasquid is fast enough, it will go up to 2 before the
      detection notices. This is because the DSN that gets generated also
      loops (as expected).
    • Alberto Bertogli's avatar
      smtpsrv: Improve "Received" header standard compliance · 29709a0d
      Alberto Bertogli authored
      Despite its loose appearance, the "Received" header has a reasonably
      standarized format.
      We were not following the standard format as closely as we should; this
      rarely causes problems in this particular case, but there's no need to
      deviate from it.
      This patch changes the Received header generation as follows:
       - The "from" section now uses the remote address as canonical (for
         non-authenticated users) which provides more valuable information
         than the user-supplied EHLO address (which is also included).
       - The remote authenticated user is now hidden, for additional privacy.
       - Use the "with" optional clause.
       - Use the standard way of printing TLS cipher suite.
       - Use the standard way of printing address literals.
    • Alberto Bertogli's avatar
      tlsconst: Update TLS cipher suites, and include TLS 1.3 · 32800806
      Alberto Bertogli authored
      This patch updates the list of known TLS cipher suites, and adds TLS 1.3
      to the list of known versions (it will be included in Go 1.12).
    • Alberto Bertogli's avatar
      tests: Reorder Dockerfile statements to allow caching · d0c7c3d4
      Alberto Bertogli authored
      Docker creates intermediate layers on each command (for most commands),
      but the COPY was invalidating them too early, every time it runs it was
      generating a different layer.
      This patch moves the COPY down to the bottom, and adds a bit more
      organization to the commands below.
    • Alberto Bertogli's avatar
      Add driusan/dkim integration example and tests · 4ecc5461
      Alberto Bertogli authored
      This patch adds DKIM signing using https://github.com/driusan/dkim tools
      to the example hook.
      It also adds an optional integration test to exercise signing and
      verification, and corresponding documentation.
  13. 26 Sep, 2018 2 commits
    • Alberto Bertogli's avatar
      README: Remove codefresh.io integration · ebad590c
      Alberto Bertogli authored
      codefresh.io now requires to be logged in to view the status, and very
      extensive permissions to even log in.
      So I've removed the hook from the repository.
    • Alberto Bertogli's avatar
      MTA-STS is now RFC 8461 · 2dfed059
      Alberto Bertogli authored
      MTA-STS has been published as RFC 8461, with no major changes since the
      last draft we updated (-18).
      This patch updates the documentation accordingly (no code changes).
  14. 22 Jul, 2018 2 commits
    • Alberto Bertogli's avatar
    • Alberto Bertogli's avatar
      docs/man: Make generate script use git timestamps · a2fa1d07
      Alberto Bertogli authored
      When regenerating the manpages, the mtime of the pod files is used.
      That mtime can change based on file and repository manipulations,
      because git does not preserve mtimes.
      This causes unnecessary regenerations which require manual cleanups in
      order to avoid cluttering the history unnecessarily.
      This patch makes the generate script set the mtime of the pod files to
      the time of the last git commit that affected them, if they have not
      changed since. This avoids unnecessary changes and makes the script
      easier to use.
      There's one file that needed adjustment to match its last commit time,
      that is also included here.
  15. 15 Jul, 2018 1 commit
    • Alberto Bertogli's avatar
      test: Add workarounds for dovecot 2.3 · 910c6e9c
      Alberto Bertogli authored
      The current dovecot config for integration test t-11-dovecot is not
      compatible with dovecot 2.3. There are some new services which want to
      change the group owner for some files to the default, and that does not
      work when run as non-root.
      The errors look like:
        master: Error: service(stats): chown(/tmp/chasquid-dovecot-test/run/stats-writer, 4294967295, 127) failed: Operation not permitted
        master: Error: service(imap-hibernate): chown(/tmp/chasquid-dovecot-test/run/imap-hibernate, 4294967295, 127) failed: Operation not permitted
        master: Error: service(dict): chown(/tmp/chasquid-dovecot-test/run/dict, 4294967295, 127) failed: Operation not permitted
        master: Error: service(dict-async): chown(/tmp/chasquid-dovecot-test/run/dict-async, 4294967295, 127) failed: Operation not permitted
        master: Fatal: Failed to start listeners
      (127 is the "dovecot" user)
      So this patch adds some config settings to set the group manually for
      these services, which is backwards compatible with 2.2.
      Eventually we will stop supporting 2.2 for tests, at which point we can
      change to just setting default_internal_group.
  16. 14 Jul, 2018 5 commits