Re: Problem with included global sieve script when mailbox contains a "dot"

2012-11-19 Thread Thomas Cataldo 
Hi,

I did some more research on my problem and tracked the problem down to this
test in append.c (cyrus 2.4) :

else if (!strcmp(flag[i], "\\flagged")) {
if (as->myrights & ACL_WRITE) {  // this test fails when
mailbox is a.b@domain
message_index.system_flags |= FLAG_FLAGGED;
}
}

My problem is probably related to unixhierarchysep settings and the way
ACLs are set, but the following patch fixes it :

diff --git a/imap/append.c b/imap/append.c
index d3c2bd4..b622dd1 100644
--- a/imap/append.c
+++ b/imap/append.c
@@ -160,12 +160,25 @@ int append_setup(struct appendstate *as, const char
*name,
 {
 int r;
 struct quota q;
+unsigned int pos;
+size_t at_char;
+char* fixed_acls;

 as->mailbox = NULL;
 r = mailbox_open_iwl(name, &as->mailbox);
 if (r) return r;

-as->myrights = cyrus_acl_myrights(auth_state, as->mailbox->acl);
+fixed_acls = strdup(as->mailbox->acl);
+syslog(LOG_ERR, "before acls tweaks: %s\n", fixed_acls);
+at_char = strcspn(fixed_acls, "@");
+for (pos=0; pos < at_char; pos++) {
+  if (fixed_acls[pos] == '.') {
+   fixed_acls[pos] = '^';
+  }
+}
+syslog(LOG_ERR, "after acls tweaks: %s\n", fixed_acls);
+
+as->myrights = cyrus_acl_myrights(auth_state, fixed_acls);

 if ((as->myrights & aclcheck) != aclcheck) {
r = (as->myrights & ACL_LOOKUP) ?


The two logs I added give the following output :

Nov 19 20:37:00 ppday cyrus/lmtp[42207]: before acls tweaks: a...@buffy.vmw
#011lrswipkxtecda#011admin0#011lrswipkxtecda#011ad...@buffy.vmw#011lrsp#011
Nov 19 20:37:00 ppday cyrus/lmtp[42207]: after acls tweaks: a^b...@buffy.vmw
#011lrswipkxtecda#011admin0#011lrswipkxtecda#011ad...@buffy.vmw#011lrsp#011

I hope this "test" patch might help figure out what is wrong. My acls setup
or a bug.

Regards,
Thomas Cataldo,
Blue Mind.







On Wed, Nov 14, 2012 at 10:40 AM, Thomas Cataldo  wrote:

> Hello,
>
> Consider the following sieve setup :
>
> root@ppday:/var/spool/sieve# cat global/buffy.vmw.sieve.script
> require ["body", "copy", "fileinto", "imapflags" ];
>
> # filters
> if allof ( address :contains "from" "admin") {
> setflag "\\Flagged";
> }
>
> # END
>
> root@ppday:/var/spool/sieve# cat
> domain/b/buffy.vmw/a/a^b/bm-user5.sieve.script
> require ["body", "copy", "fileinto", "imapflags", "vacation", "include" ];
>
> include :global "buffy.vmw.sieve";
>
> # END
>
>
> root@ppday:/var/spool/sieve# cat
> domain/b/buffy.vmw/s/sp/bm-user6.sieve.script
> require ["body", "copy", "fileinto", "imapflags", "vacation", "include" ];
>
> include :global "buffy.vmw.sieve";
>
>
> # END
>
> When ad...@buffy.vmw sends an email to a...@buffy.vmw and s...@buffy.vmw,
> the following happens :
>  - the mail is correctly flagged for sp
>  - no flagging for a.b
>
> Nothing interesting in my logs when the mail is delivered :
>
>
> Nov 14 10:17:20 ppday cyrus/master[19560]: about to exec
> /usr/lib/cyrus/bin/lmtpd
> Nov 14 10:17:20 ppday cyrus/lmtp[19560]: executed
> Nov 14 10:17:20 ppday cyrus/lmtp[19560]: skiplist: checkpointed
> /var/lib/cyrus/statuscache.db (0 records, 144 bytes) in 0 seconds
> Nov 14 10:17:21 ppday cyrus/lmtp[19560]: accepted connection
> Nov 14 10:17:21 ppday cyrus/lmtp[19560]: connection from ppday.buffy.vmw
> [172.16.78.128] preauth'd as postman
> Nov 14 10:17:21 ppday cyrus/lmtp[19560]: Delivered:
> <1c42d02ef8953cb95219dafba...@buffy.vmw> to mailbox:
> buffy.vmw!user.a^b
> Nov 14 10:17:21 ppday cyrus/lmtp[19560]: USAGE a^b user: 0.004000 sys:
> 0.008000
> Nov 14 10:17:21 ppday cyrus/lmtp[19560]: Delivered:
> <1c42d02ef8953cb95219dafba...@buffy.vmw> to mailbox:
> buffy.vmw!user.admin
> Nov 14 10:17:21 ppday cyrus/lmtp[19560]: USAGE admin user: 0.00 sys:
> 0.004000
> Nov 14 10:17:21 ppday cyrus/lmtp[19560]: Delivered:
> <1c42d02ef8953cb95219dafba...@buffy.vmw> to mailbox: buffy.vmw!user.sp
> Nov 14 10:17:21 ppday cyrus/lmtp[19560]: USAGE sp user: 0.00 sys:
> 0.00
> Nov 14 10:17:21 ppday postfix/lmtp[19551]: 5DA0A21E37: to=,
> relay=172.16.78.128[172.16.78.128]:2400, delay=0.93,
> delays=0.07/0.03/0.03/0.79, dsn=2.1.5, status=sent (250 2.1.5 Delivery OK)
> Nov 14 10:17:21 ppday postfix/lmtp[19551]: 5DA0A21E37: to=,
> relay=172.16.78.128[172.16.78.128]:2400, delay=0.93,
> delays=0.07/0.03/0.03/0.79, dsn=2.1.5, status=sent (250 2.1.5 Delivery OK)
> Nov 14 10:17:21 ppday postfix/lmtp[19551]: 5DA0A21E37: to=,
> relay=172.16.78.128[172.16.78.128]:2400, delay=0.93,
> delays=0.07/0.03/0.03/0.79, dsn=2.1.5, status=sent (250 2.1.5 Delivery OK)
> Nov 14 10:17:21 ppday postfix/qmgr[20160]: 5DA0A21E37: removed
>
> Any know bugs with global sieve vs mailboxes with "dot" in them ?
> Can I enable more verbose sieve execution logs ?
>
>
> Regards,
> Thomas Cataldo,
> Blue Mind
>
>

Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/

Cyrus SASL 2.1.26 Released

2012-11-19 Thread Ken Murchison 
I'd like to announce the release of Cyrus SASL 2.1.26 on
ftp.cyrusimap.org

Major changes in Cyrus SASL 2.1.26:

* Modernize SASL malloc/realloc callback prototypes
* Added sasl_config_done() to plug a memory leak when using an application
   specific config file
* Fixed PLAIN/LOGIN authentication failure when using saslauthd
   with no auxprop plugins (bug # 3590).
* unlock the mutex in sasl_dispose if the context was freed by another 
thread
* MINGW32 compatibility patches
* Fixed broken logic in get_fqhostname() when abort_if_no_fqdn is 0
* Fixed some memory leaks in libsasl
* GSSAPI plugin:
  - Fixed a segfault in gssapi.c introduced in 2.1.25.
  - Code refactoring
  - Added support for GSS-SPNEGO SASL mechanism (Unix only), which is also
HTTP capable
* GS2 plugin:
  - Updated GS2 plugin not to lose minor GSS-API status codes on errors
* DIGEST-MD5 plugin:
  - Correctly send "stale" directive to prevent clients from (re)promtping
for password
  - Better handling of HTTP reauthentication cases
  - fixed some memory leaks
* SASLDB plugin:
  - Added support for BerkleyDB 5.X or later
* OTP plugin:
  - Removed calling of EVP_cleanup() on plugin shutdown in order to prevent
TLS from failing in calling applications
* SRP plugin:
  - Removed calling of EVP_cleanup() on plugin shutdown in order to prevent
TLS from failing in calling applications
* saslauthd:
  - auth_rimap.c: qstring incorrectly appending the closing double quote,
which might be causing crashes
  - auth_rimap.c: read the whole IMAP greeting
  - better error reporting from some drivers
  - fixed some memory leaks


Many thanks to Alexey Melnikov and Dan White who did most of the work 
preparing this release.

Please send any feedback either to cyrus-s...@lists.andrew.cmu.edu
(public list) or to cyrus-b...@andrew.cmu.edu.

Download at:
ftp://ftp.cyrusimap.org/cyrus-sasl/cyrus-sasl-2.1.26.tar.gz

-- 
Kenneth Murchison
Principal Systems Software Engineer
Carnegie Mellon University

Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Cyrus SASL 2.1.26 Released

2012-11-19 Thread Ken Murchison 
I'd like to announce the release of Cyrus SASL 2.1.26 on
ftp.cyrusimap.org

Major changes in Cyrus SASL 2.1.26:

* Modernize SASL malloc/realloc callback prototypes
* Added sasl_config_done() to plug a memory leak when using an application
   specific config file
* Fixed PLAIN/LOGIN authentication failure when using saslauthd
   with no auxprop plugins (bug # 3590).
* unlock the mutex in sasl_dispose if the context was freed by another 
thread
* MINGW32 compatibility patches
* Fixed broken logic in get_fqhostname() when abort_if_no_fqdn is 0
* Fixed some memory leaks in libsasl
* GSSAPI plugin:
  - Fixed a segfault in gssapi.c introduced in 2.1.25.
  - Code refactoring
  - Added support for GSS-SPNEGO SASL mechanism (Unix only), which is also
HTTP capable
* GS2 plugin:
  - Updated GS2 plugin not to lose minor GSS-API status codes on errors
* DIGEST-MD5 plugin:
  - Correctly send "stale" directive to prevent clients from (re)promtping
for password
  - Better handling of HTTP reauthentication cases
  - fixed some memory leaks
* SASLDB plugin:
  - Added support for BerkleyDB 5.X or later
* OTP plugin:
  - Removed calling of EVP_cleanup() on plugin shutdown in order to prevent
TLS from failing in calling applications
* SRP plugin:
  - Removed calling of EVP_cleanup() on plugin shutdown in order to prevent
TLS from failing in calling applications
* saslauthd:
  - auth_rimap.c: qstring incorrectly appending the closing double quote,
which might be causing crashes
  - auth_rimap.c: read the whole IMAP greeting
  - better error reporting from some drivers
  - fixed some memory leaks


Many thanks to Alexey Melnikov and Dan White who did most of the work 
preparing this release.

Please send any feedback either to cyrus-s...@lists.andrew.cmu.edu
(public list) or to cyrus-b...@andrew.cmu.edu.

Download at:
ftp://ftp.cyrusimap.org/cyrus-sasl/cyrus-sasl-2.1.26.tar.gz

-- 
Kenneth Murchison
Principal Systems Software Engineer
Carnegie Mellon University

Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus