Archive-Team
/
docker-mailserver
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: Avoid alias being used as regex during dovecot dummy account userdb detection (#4222) 

Applies alternative approach previously suggested by @polarathene and adds test cases to prevent future regressions
This commit is contained in:
pitilux 2024-10-12 00:34:20 +02:00 committed by GitHub
parent 26a44995a9
commit 34eb54ac39
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 32 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@ -46,6 +46,7 @@ All notable changes to this project will be documented in this file. The format
- **Dovecot:** - **Dovecot:**
- Update logwatch `ignore.conf` to exclude Xapian messages about pending documents ([#4060](https://github.com/docker-mailserver/docker-mailserver/pull/4060)) - Update logwatch `ignore.conf` to exclude Xapian messages about pending documents ([#4060](https://github.com/docker-mailserver/docker-mailserver/pull/4060))
- `dovecot-fts-xapian` plugin was updated to `1.7.13`, fixing a regression with indexing ([#4095](https://github.com/docker-mailserver/docker-mailserver/pull/4095)) - `dovecot-fts-xapian` plugin was updated to `1.7.13`, fixing a regression with indexing ([#4095](https://github.com/docker-mailserver/docker-mailserver/pull/4095))
- The Dovecot Quota support "dummy account" workaround no longer treats the alias as a regex when checking the Dovecot UserDB ([#4222](https://github.com/docker-mailserver/docker-mailserver/pull/4222))
- **LDAP:** - **LDAP:**
- A previous compatibility fix for OAuth2 in v13.3.1 had not applied the actual LDAP config changes. This has been corrected ([#4175](https://github.com/docker-mailserver/docker-mailserver/pull/4175)) - A previous compatibility fix for OAuth2 in v13.3.1 had not applied the actual LDAP config changes. This has been corrected ([#4175](https://github.com/docker-mailserver/docker-mailserver/pull/4175))
- **Internal:** - **Internal:**

3
target/scripts/helpers/accounts.sh
View File

@ -135,7 +135,8 @@ function _create_dovecot_alias_dummy_accounts() {
fi fi
DOVECOT_USERDB_LINE="${ALIAS}:${REAL_ACC[1]}:${DMS_VMAIL_UID}:${DMS_VMAIL_GID}::/var/mail/${REAL_DOMAINNAME}/${REAL_USERNAME}/home::${REAL_ACC[2]:-}" DOVECOT_USERDB_LINE="${ALIAS}:${REAL_ACC[1]}:${DMS_VMAIL_UID}:${DMS_VMAIL_GID}::/var/mail/${REAL_DOMAINNAME}/${REAL_USERNAME}/home::${REAL_ACC[2]:-}"
if grep -qi "^${ALIAS}:" "${DOVECOT_USERDB_FILE}"; then # Match a full line with `-xF` to avoid regex patterns introducing false positives matching `ALIAS`:
if grep -qixF "${DOVECOT_USERDB_LINE}" "${DOVECOT_USERDB_FILE}"; then
_log 'warn' "Alias '${ALIAS}' will not be added to '${DOVECOT_USERDB_FILE}' twice" _log 'warn' "Alias '${ALIAS}' will not be added to '${DOVECOT_USERDB_FILE}' twice"
else else
echo "${DOVECOT_USERDB_LINE}" >>"${DOVECOT_USERDB_FILE}" echo "${DOVECOT_USERDB_LINE}" >>"${DOVECOT_USERDB_FILE}"

10
test/config/postfix-virtual.cf
View File

@ -3,3 +3,13 @@ alias1@localhost.localdomain user1@localhost.localdomain
# this is also a test comment, :O # this is also a test comment, :O
alias2@localhost.localdomain external1@otherdomain.tld alias2@localhost.localdomain external1@otherdomain.tld
@localdomain2.com user1@localhost.localdomain @localdomain2.com user1@localhost.localdomain
## Dovecot "dummy accounts" for quota support (handled in `helpers/accounts.sh`)
# Do not filter alias by substring condition (longer prefix must be before substring alias):
# https://github.com/docker-mailserver/docker-mailserver/issues/2639
prefixtest@localhost.localdomain user2@otherdomain.tld
test@localhost.localdomain user2@otherdomain.tld
# Do not filter alias when input be treated as regex tokens (eg `.`):
# https://github.com/docker-mailserver/docker-mailserver/issues/4170
first-name@localhost.localdomain user2@otherdomain.tld
first.name@localhost.localdomain user2@otherdomain.tld

20
test/tests/parallel/set3/mta/account_management.bats
View File

@ -29,7 +29,12 @@ function teardown_file() { _default_teardown ; }
assert_line --index 5 'alias1@localhost.localdomain' assert_line --index 5 'alias1@localhost.localdomain'
# TODO: Probably not intentional?: # TODO: Probably not intentional?:
assert_line --index 6 '@localdomain2.com' assert_line --index 6 '@localdomain2.com'
_should_output_number_of_lines 7 # Dovecot "dummy accounts" for quota support, see `test/config/postfix-virtual.cf` for more context
assert_line --index 7 'prefixtest@localhost.localdomain'
assert_line --index 8 'test@localhost.localdomain'
assert_line --index 9 'first-name@localhost.localdomain'
assert_line --index 10 'first.name@localhost.localdomain'
_should_output_number_of_lines 11
# Relevant log output from scripts/helpers/accounts.sh:_create_dovecot_alias_dummy_accounts(): # Relevant log output from scripts/helpers/accounts.sh:_create_dovecot_alias_dummy_accounts():
# [ DEBUG ] Adding alias 'alias1@localhost.localdomain' for user 'user1@localhost.localdomain' to Dovecot's userdb # [ DEBUG ] Adding alias 'alias1@localhost.localdomain' for user 'user1@localhost.localdomain' to Dovecot's userdb
@ -37,6 +42,19 @@ function teardown_file() { _default_teardown ; }
# [ DEBUG ] Adding alias '@localdomain2.com' for user 'user1@localhost.localdomain' to Dovecot's userdb # [ DEBUG ] Adding alias '@localdomain2.com' for user 'user1@localhost.localdomain' to Dovecot's userdb
} }
# Dovecot "dummy accounts" for quota support, see `test/config/postfix-virtual.cf` for more context
@test "should create all dovecot dummy accounts" {
run docker logs "${CONTAINER_NAME}"
assert_success
assert_line --partial "Adding alias 'prefixtest@localhost.localdomain' for user 'user2@otherdomain.tld' to Dovecot's userdb"
assert_line --partial "Adding alias 'test@localhost.localdomain' for user 'user2@otherdomain.tld' to Dovecot's userdb"
refute_line --partial "Alias 'test@localhost.localdomain' will not be added to '/etc/dovecot/userdb' twice"
assert_line --partial "Adding alias 'first-name@localhost.localdomain' for user 'user2@otherdomain.tld' to Dovecot's userdb"
assert_line --partial "Adding alias 'first.name@localhost.localdomain' for user 'user2@otherdomain.tld' to Dovecot's userdb"
refute_line --partial "Alias 'first.name@localhost.localdomain' will not be added to '/etc/dovecot/userdb' twice"
}
@test "should have created maildir for 'user1@localhost.localdomain'" { @test "should have created maildir for 'user1@localhost.localdomain'" {
_run_in_container_bash '[[ -d /var/mail/localhost.localdomain/user1 ]]' _run_in_container_bash '[[ -d /var/mail/localhost.localdomain/user1 ]]'
assert_success assert_success