diff options
| author | mdecimus <mauro@stalw.art> | 2024-03-21 20:07:21 +0100 |
|---|---|---|
| committer | mdecimus <mauro@stalw.art> | 2024-03-21 20:07:21 +0100 |
| commit | 333a0d5a1b203ca1383b010ccf02eaecdef5500e (patch) | |
| tree | 5c9bb265a064cb0e7c0bbc88d3d61da95dea790a /crates/smtp | |
| parent | 7e1a95c1eea654cd3cb4ea23a5ee4d75bb636e0d (diff) | |
Settings hot reloading - Part 1
Diffstat (limited to 'crates/smtp')
| -rw-r--r-- | crates/smtp/Cargo.toml | 2 | ||||
| -rw-r--r-- | crates/smtp/src/config/auth.rs | 17 | ||||
| -rw-r--r-- | crates/smtp/src/config/mod.rs | 10 | ||||
| -rw-r--r-- | crates/smtp/src/config/scripts.rs | 18 | ||||
| -rw-r--r-- | crates/smtp/src/config/session.rs | 16 | ||||
| -rw-r--r-- | crates/smtp/src/config/shared.rs | 9 | ||||
| -rw-r--r-- | crates/smtp/src/core/management.rs | 13 | ||||
| -rw-r--r-- | crates/smtp/src/inbound/auth.rs | 7 | ||||
| -rw-r--r-- | crates/smtp/src/inbound/spawn.rs | 6 | ||||
| -rw-r--r-- | crates/smtp/src/lib.rs | 2 | ||||
| -rw-r--r-- | crates/smtp/src/scripts/event_loop.rs | 23 |
11 files changed, 48 insertions, 75 deletions
diff --git a/crates/smtp/Cargo.toml b/crates/smtp/Cargo.toml index 24305eeb..548f480a 100644 --- a/crates/smtp/Cargo.toml +++ b/crates/smtp/Cargo.toml @@ -45,7 +45,7 @@ blake3 = "1.3" lru-cache = "0.1.2" rand = "0.8.5" x509-parser = "0.16.0" -reqwest = { version = "0.11", default-features = false, features = ["rustls-tls-webpki-roots", "blocking"] } +reqwest = { version = "0.12", default-features = false, features = ["rustls-tls-webpki-roots", "blocking"] } serde = { version = "1.0", features = ["derive", "rc"] } serde_json = "1.0" num_cpus = "1.15.0" diff --git a/crates/smtp/src/config/auth.rs b/crates/smtp/src/config/auth.rs index ba8d056b..2fdfb96b 100644 --- a/crates/smtp/src/config/auth.rs +++ b/crates/smtp/src/config/auth.rs @@ -113,14 +113,9 @@ impl ConfigAuth for Config { let (signer, sealer) = match self.property_require::<Algorithm>(("signature", id, "algorithm"))? { Algorithm::RsaSha256 => { - let pk = String::from_utf8(self.file_contents(( - "signature", - id, - "private-key", - ))?) - .unwrap_or_default(); - let key = RsaKey::<Sha256>::from_rsa_pem(&pk) - .or_else(|_| RsaKey::<Sha256>::from_pkcs8_pem(&pk)) + let pk = self.value_require(("signature", id, "private-key"))?; + let key = RsaKey::<Sha256>::from_rsa_pem(pk) + .or_else(|_| RsaKey::<Sha256>::from_pkcs8_pem(pk)) .map_err(|err| { format!( "Failed to build RSA key for {}: {}", @@ -128,8 +123,8 @@ impl ConfigAuth for Config { err ) })?; - let key_clone = RsaKey::<Sha256>::from_rsa_pem(&pk) - .or_else(|_| RsaKey::<Sha256>::from_pkcs8_pem(&pk)) + let key_clone = RsaKey::<Sha256>::from_rsa_pem(pk) + .or_else(|_| RsaKey::<Sha256>::from_pkcs8_pem(pk)) .map_err(|err| { format!( "Failed to build RSA key for {}: {}", @@ -148,7 +143,7 @@ impl ConfigAuth for Config { (("signature", id, "public-key"), &mut public_key), (("signature", id, "private-key"), &mut private_key), ] { - let mut contents = self.file_contents(key)?.into_iter(); + let mut contents = self.value_require(key)?.as_bytes().iter().copied(); let mut base64 = vec![]; 'outer: while let Some(ch) = contents.next() { diff --git a/crates/smtp/src/config/mod.rs b/crates/smtp/src/config/mod.rs index cd4a84c6..4d79e6fe 100644 --- a/crates/smtp/src/config/mod.rs +++ b/crates/smtp/src/config/mod.rs @@ -42,7 +42,7 @@ use mail_send::Credentials; use sieve::Sieve; use store::Stores; use utils::{ - config::{if_block::IfBlock, utils::ConstantValue, Rate, Server, ServerProtocol}, + config::{if_block::IfBlock, utils::ConstantValue, Rate, ServerProtocol}, expr::{Expression, Token}, snowflake::SnowflakeIdGenerator, }; @@ -397,8 +397,7 @@ pub enum VerifyStrategy { } #[derive(Default)] -pub struct ConfigContext<'x> { - pub servers: &'x [Server], +pub struct ConfigContext { pub directory: Directories, pub stores: Stores, pub scripts: AHashMap<String, Arc<Sieve>>, @@ -406,10 +405,9 @@ pub struct ConfigContext<'x> { pub sealers: AHashMap<String, Arc<ArcSealer>>, } -impl<'x> ConfigContext<'x> { - pub fn new(servers: &'x [Server]) -> Self { +impl ConfigContext { + pub fn new() -> Self { Self { - servers, ..Default::default() } } diff --git a/crates/smtp/src/config/scripts.rs b/crates/smtp/src/config/scripts.rs index e1caa805..847ceb5d 100644 --- a/crates/smtp/src/config/scripts.rs +++ b/crates/smtp/src/config/scripts.rs @@ -77,9 +77,9 @@ impl ConfigSieve for Config { let sieve_ctx = SieveContext { psl: self.parse_public_suffix()?, bayes_cache: BayesTokenCache::new( - self.property_or_static("cache.bayes.capacity", "8192")?, - self.property_or_static("cache.bayes.ttl.positive", "1h")?, - self.property_or_static("cache.bayes.ttl.negative", "1h")?, + self.property_or_default("cache.bayes.capacity", "8192")?, + self.property_or_default("cache.bayes.ttl.positive", "1h")?, + self.property_or_default("cache.bayes.ttl.negative", "1h")?, ), remote_lists: Default::default(), }; @@ -95,7 +95,7 @@ impl ConfigSieve for Config { .with_max_header_size(10240) .with_max_includes(10) .with_no_capability_check( - self.property_or_static("sieve.trusted.no-capability-check", "false")?, + self.property_or_default("sieve.trusted.no-capability-check", "false")?, ) .register_functions(&mut fnc_map); @@ -115,7 +115,7 @@ impl ConfigSieve for Config { .with_capability(Capability::Expressions) .with_capability(Capability::While) .with_max_variable_size( - self.property_or_static("sieve.trusted.limits.variable-size", "52428800")?, + self.property_or_default("sieve.trusted.limits.variable-size", "52428800")?, ) .with_max_header_size(10240) .with_valid_notification_uri("mailto") @@ -152,19 +152,19 @@ impl ConfigSieve for Config { let key = ("sieve.trusted.scripts", id); let script = if !self.contains_key(key) { - let mut script = Vec::new(); + let mut script = String::new(); for sub_key in self.sub_keys(key, "") { - script.extend(self.file_contents(("sieve.trusted.scripts", id, sub_key))?); + script.push_str(self.value_require(("sieve.trusted.scripts", id, sub_key))?); } script } else { - self.file_contents(key)? + self.value_require(key)?.to_string() }; ctx.scripts.insert( id.to_string(), compiler - .compile(&script) + .compile(script.as_bytes()) .map_err(|err| format!("Failed to compile Sieve script {id:?}: {err}"))? .into(), ); diff --git a/crates/smtp/src/config/session.rs b/crates/smtp/src/config/session.rs index 0ffd59ce..14582b43 100644 --- a/crates/smtp/src/config/session.rs +++ b/crates/smtp/src/config/session.rs @@ -488,25 +488,25 @@ impl ConfigSession for Config { hostname, port, timeout_connect: self - .property_or_static(("session.data.milter", id, "timeout.connect"), "30s")?, + .property_or_default(("session.data.milter", id, "timeout.connect"), "30s")?, timeout_command: self - .property_or_static(("session.data.milter", id, "timeout.command"), "30s")?, + .property_or_default(("session.data.milter", id, "timeout.command"), "30s")?, timeout_data: self - .property_or_static(("session.data.milter", id, "timeout.data"), "60s")?, - tls: self.property_or_static(("session.data.milter", id, "tls"), "false")?, - tls_allow_invalid_certs: self.property_or_static( + .property_or_default(("session.data.milter", id, "timeout.data"), "60s")?, + tls: self.property_or_default(("session.data.milter", id, "tls"), "false")?, + tls_allow_invalid_certs: self.property_or_default( ("session.data.milter", id, "allow-invalid-certs"), "false", )?, - tempfail_on_error: self.property_or_static( + tempfail_on_error: self.property_or_default( ("session.data.milter", id, "options.tempfail-on-error"), "true", )?, - max_frame_len: self.property_or_static( + max_frame_len: self.property_or_default( ("session.data.milter", id, "options.max-response-size"), "52428800", )?, - protocol_version: match self.property_or_static::<u32>( + protocol_version: match self.property_or_default::<u32>( ("session.data.milter", id, "options.version"), "6", )? { diff --git a/crates/smtp/src/config/shared.rs b/crates/smtp/src/config/shared.rs index c0134e23..81b4ffa5 100644 --- a/crates/smtp/src/config/shared.rs +++ b/crates/smtp/src/config/shared.rs @@ -62,24 +62,23 @@ impl ConfigShared for Config { .clone(), default_data_store: ctx.stores.get_store(self, "storage.data")?, default_lookup_store: self - .value_or_default("storage.lookup", "storage.data") + .value_or_else("storage.lookup", "storage.data") .and_then(|id| ctx.stores.lookup_stores.get(id)) .ok_or_else(|| { format!( "Lookup store {:?} not found for key \"storage.lookup\".", - self.value_or_default("storage.lookup", "storage.data") + self.value_or_else("storage.lookup", "storage.data") .unwrap() ) })? .clone(), default_blob_store: self - .value_or_default("storage.blob", "storage.data") + .value_or_else("storage.blob", "storage.data") .and_then(|id| ctx.stores.blob_stores.get(id)) .ok_or_else(|| { format!( "Lookup store {:?} not found for key \"storage.blob\".", - self.value_or_default("storage.blob", "storage.data") - .unwrap() + self.value_or_else("storage.blob", "storage.data").unwrap() ) })? .clone(), diff --git a/crates/smtp/src/core/management.rs b/crates/smtp/src/core/management.rs index 6eac089b..4f5e412f 100644 --- a/crates/smtp/src/core/management.rs +++ b/crates/smtp/src/core/management.rs @@ -23,7 +23,7 @@ use std::{net::IpAddr, str::FromStr, sync::Arc}; -use directory::{AuthResult, Type}; +use directory::Type; use http_body_util::{combinators::BoxBody, BodyExt, Empty, Full}; use hyper::{ body::{self, Bytes}, @@ -161,11 +161,7 @@ impl SessionManager for SmtpAdminSessionManager { } fn is_ip_blocked(&self, addr: &IpAddr) -> bool { - self.inner - .shared - .default_directory - .blocked_ips - .is_blocked(addr) + false } } @@ -267,7 +263,8 @@ impl SMTP { }) }) { - match self + let todo = "fix"; + /*match self .shared .default_directory .authenticate(&Credentials::Plain { username, secret }, remote_addr, false) @@ -297,7 +294,7 @@ impl SMTP { "Temporary authentication failure." ); } - } + }*/ } else { tracing::debug!( context = "management", diff --git a/crates/smtp/src/inbound/auth.rs b/crates/smtp/src/inbound/auth.rs index 3be783d4..7682a946 100644 --- a/crates/smtp/src/inbound/auth.rs +++ b/crates/smtp/src/inbound/auth.rs @@ -21,7 +21,6 @@ * for more details. */ -use directory::AuthResult; use mail_parser::decoders::base64::base64_decode; use mail_send::Credentials; use smtp_proto::{IntoString, AUTH_LOGIN, AUTH_OAUTHBEARER, AUTH_PLAIN, AUTH_XOAUTH2}; @@ -181,8 +180,8 @@ impl<T: AsyncWrite + AsyncRead + Unpin> Session<T> { | Credentials::XOauth2 { username, .. } | Credentials::OAuthBearer { token: username } => username.to_string(), }; - - match lookup + let todo = "fix"; + /*match lookup .authenticate(&credentials, self.data.remote_ip, false) .await { @@ -228,7 +227,7 @@ impl<T: AsyncWrite + AsyncRead + Unpin> Session<T> { return Err(()); } _ => (), - } + }*/ } else { tracing::warn!( parent: &self.span, diff --git a/crates/smtp/src/inbound/spawn.rs b/crates/smtp/src/inbound/spawn.rs index c5cc24f4..8cd2b178 100644 --- a/crates/smtp/src/inbound/spawn.rs +++ b/crates/smtp/src/inbound/spawn.rs @@ -78,11 +78,7 @@ impl SessionManager for SmtpSessionManager { } fn is_ip_blocked(&self, addr: &IpAddr) -> bool { - self.inner - .shared - .default_directory - .blocked_ips - .is_blocked(addr) + false } } diff --git a/crates/smtp/src/lib.rs b/crates/smtp/src/lib.rs index 48421fa8..43a01746 100644 --- a/crates/smtp/src/lib.rs +++ b/crates/smtp/src/lib.rs @@ -66,7 +66,7 @@ impl SMTP { #[cfg(feature = "local_delivery")] delivery_tx: mpsc::Sender<utils::ipc::DeliveryEvent>, ) -> Result<Arc<Self>, String> { // Read configuration parameters - let mut config_ctx = ConfigContext::new(&servers.inner); + let mut config_ctx = ConfigContext::new(); config_ctx.directory = directory.clone(); config_ctx.stores = stores.clone(); diff --git a/crates/smtp/src/scripts/event_loop.rs b/crates/smtp/src/scripts/event_loop.rs index 4bfaefaf..a79403ac 100644 --- a/crates/smtp/src/scripts/event_loop.rs +++ b/crates/smtp/src/scripts/event_loop.rs @@ -32,7 +32,6 @@ use smtp_proto::{ MAIL_BY_TRACE, MAIL_RET_FULL, MAIL_RET_HDRS, RCPT_NOTIFY_DELAY, RCPT_NOTIFY_FAILURE, RCPT_NOTIFY_NEVER, RCPT_NOTIFY_SUCCESS, }; -use store::{backend::memory::MemoryStore, LookupStore}; use tokio::runtime::Handle; use crate::{core::SMTP, queue::DomainPart}; @@ -165,22 +164,12 @@ impl SMTP { } } Recipient::List(list) => { - if let Some(list) = self.shared.lookup_stores.get(&list) { - if let LookupStore::Memory(list) = list { - if let MemoryStore::List(list) = list.as_ref() { - for rcpt in &list.set { - handle.block_on(message.add_recipient(rcpt, self)); - } - } - } - } else { - tracing::warn!( - parent: &span, - context = "sieve", - event = "send-failed", - reason = format!("Lookup {list:?} not found.") - ); - } + tracing::warn!( + parent: &span, + context = "sieve", + event = "send-failed", + reason = format!("Lookup {list:?} not supported.") + ); } } |