1
0
mirror of https://github.com/Mailu/Mailu.git synced 2024-12-22 22:13:11 +02:00
Commit Graph

4412 Commits

Author SHA1 Message Date
Florent Daigniere
25b89a732b Set the flag when reset by command line too 2023-08-12 09:03:15 +02:00
Florent Daigniere
7b13ceb693 API and cmdline 2023-08-12 08:51:42 +02:00
Florent Daigniere
dec339800f Make new signups change passwords too 2023-08-12 08:07:10 +02:00
Florent Daigniere
6c144f8e12 simplify 2023-08-12 07:14:10 +02:00
Florent Daigniere
6bda856420 doh 2023-08-11 10:00:05 +02:00
Florent Daigniere
a5f3c7eaf2 Implement downgrade 2023-08-11 09:12:36 +02:00
Florent Daigniere
193b3d522a l10n 2023-08-11 09:09:07 +02:00
Florent Daigniere
786da5e08c clarify 2023-08-11 09:03:42 +02:00
Florent Daigniere
bd4c40b596 Prune sessions that are unrelated when changing passwords 2023-08-10 12:27:47 +02:00
Florent Daigniere
9bcbbdee02 Implement a 'force-password-change' feature 2023-08-10 12:06:15 +02:00
bors[bot]
32d1c7d899
Merge #2893
2893: bugfix for gpg execution with roundcube r=mergify[bot] a=helmuthb

## What type of PR?

bug-fix

## What does this PR do?

It adds another `allow`-rule for `snuffleupagus` when `gpg` is called via absolute path (`/usr/bin/gpg`).
I consider it a minor change so no update to changelog is proposed but if you feel different please let me know.

### Related issue(s)
- Auto close an issue like: closes #2892

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Helmuth Breitenfellner <helmuth@breitenfellner.at>
Co-authored-by: Florent Daigniere <nextgens@users.noreply.github.com>
2023-08-09 07:14:23 +00:00
Helmuth Breitenfellner
5d8b1940e1 Add a newsfragment for CHANGELOG 2023-08-08 21:45:11 +02:00
Florent Daigniere
ca83152ad9 Update snuffleupagus.rules 2023-08-08 21:41:50 +02:00
Helmuth Breitenfellner
b7cf1c88ea bugfix for gpg execution with roundcube 2023-08-08 21:41:50 +02:00
bors[bot]
1e457bb6ba
Merge #2898
2898: take care of sieve too r=nextgens a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

This is a follow-up to #2895 sieve can also trigger the rate limit... and a stack-trace.

### Related issue(s)

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
Co-authored-by: Florent Daigniere <nextgens@users.noreply.github.com>
2023-08-07 09:16:47 +00:00
Florent Daigniere
9b7bb3b7f5
doh 2023-08-07 11:15:53 +02:00
Florent Daigniere
1413001705 take care of sieve too 2023-08-07 09:06:02 +02:00
bors[bot]
f17aa85b54
Merge #2896
2896: Update python deps to fix CVEs and build r=mergify[bot] a=ghostwheel42

## What type of PR?

Security

## What does this PR do?

Fixes CVEs shown by depandabot and fixes build.


Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
2023-08-06 17:39:13 +00:00
Alexander Graf
2d9b348eb0
Update python deps to fix CVEs and build 2023-08-06 17:03:51 +02:00
bors[bot]
62096c77c0
Merge #2895
2895: Avoid a stack-trace when the ratelimit is hit r=nextgens a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

Avoid a stack-trace when the ratelimit is hit. This is only affecting the last few commits of master.

### Related issue(s)

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-08-06 11:26:33 +00:00
bors[bot]
2e3e8bb0d8
Merge #2894
2894: fix fail2ban regexp r=nextgens a=nextgens

## What type of PR?

documentation

## What does this PR do?

There is now a second log line we also need to match

### Related issue(s)

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-08-06 05:12:06 +00:00
Florent Daigniere
40b5e7ca39 Avoid a stack-trace when the ratelimit is hit 2023-08-05 18:24:11 +02:00
Florent Daigniere
a0c93da850 fix fail2ban regexp 2023-08-05 18:16:31 +02:00
bors[bot]
890f847f6c
Merge #2677
2677: Apply DEFAULT_QUOTA to user creation admin ui page r=mergify[bot] a=PMExtra

## What type of PR?

Feature

## What does this PR do?

Apply `DEFAULT_QUOTA` settings to user creation admin ui page.

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] ~In case of feature or enhancement: documentation updated accordingly~
- [ ] ~Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.~

I'm sorry for that I'm not good at English to update the documentation. But this is not a completed new feature. `DEFAULT_QUOTA` is an existing configuration. I just completed the behaviors. Although this configuration was never documented.

Co-authored-by: PM Extra <pm@jubeat.net>
Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
2023-06-28 10:22:18 +00:00
bors[bot]
809b21b757
Merge #2873
2873: Fix issue #2811. Clamav Healthcheck created zombie processes r=mergify[bot] a=Diman0

## What type of PR?

bug-fix

## What does this PR do?
The healthcheck of clamav results in zombie processes for some users. This PR addresses this issue. Now the healtcheck checks for the existence of the pid file of clamd and freshclam

Note: [kill -0](https://unix.stackexchange.com/questions/169898/what-does-kill-0-do) can be used to check if a process exists and perform an error check.

### Related issue(s)
- closes #2811 

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2023-06-28 08:44:00 +00:00
Dimitri Huisman
4cf9993117
Fix issue #2811. Clamav Healthcheck created zombie processes 2023-06-28 08:33:04 +00:00
bors[bot]
69229436cf
Merge #2866
2866: Improve tokens (add ipranges) r=nextgens a=nextgens

## What type of PR?

enhancement

## What does this PR do?

Allow multiple IP addresses/networks to be set for tokens.

### Related issue(s)


## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-06-26 10:02:58 +00:00
bors[bot]
5995979d60
Merge #2871
2871: Document that the default config for netplan is broken r=mergify[bot] a=nextgens

## What type of PR?

documentation

## What does this PR do?

Document in the FAQ that what looks like DNSSEC failures may be netplan related.

### Related issue(s)
- #2868 

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-06-25 19:55:52 +00:00
Florent Daigniere
e1e765bc00 Add a clue 2023-06-25 18:40:16 +02:00
Florent Daigniere
6ca97d112e Document that the default config for netplan is broken 2023-06-25 18:32:05 +02:00
bors[bot]
8b23e8318c
Merge #2869
2869: increase the number of postfix workers r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

increase the number of postfix workers. It was reduced when we were using postscreen ... but this specific part hasn't been reverted properly.

The practical effect is that we should see less ``451 4.3.2 Internal server error``.

### Related issue(s)
- #2861

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-06-25 06:57:26 +00:00
Florent Daigniere
a6d217c455 increase the number of postfix workers 2023-06-24 18:54:18 +02:00
bors[bot]
39777d5b1b
Merge #2847
2847: Use dovecot-proxy r=mergify[bot] a=nextgens

## What type of PR?

enhancement

## What does this PR do?

Use dovecot-proxy instead of nginx's mail module.

This will be required if we want to have BURL, XOAUTH2 or HA/load-balancing (with more than one IMAP instance).

pros:
- fixes $remote_port

cons:
- seems to break SSL resumption

### Related issue(s)
- closes #2848

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-06-24 14:15:04 +00:00
Florent Daigniere
ea0f63ae0d newsfragment 2023-06-24 16:13:05 +02:00
Florent Daigniere
372f008eab bugfix for dovecot-proxy 2023-06-23 16:01:24 +02:00
Florent Daigniere
fbc2f47003 bugfix for dovecot-proxy 2023-06-23 15:57:37 +02:00
Florent Daigniere
8597bb0ebe add migration 2023-06-23 15:56:51 +02:00
Florent Daigniere
29cd857c5f Allow multiple IP addresses/networks to be set for tokens 2023-06-23 15:56:41 +02:00
Alexander Graf
d1e3894b20
Add doc for DEFAULT_QUOTA 2023-06-23 14:51:16 +02:00
bors[bot]
0e42f0270b
Merge #2815
2815: Update version to 2.+ in release template r=mergify[bot] a=OdyX

## What type of PR?

Documentation

## What does this PR do?

It's really weird that releases 2.0+ such as https://github.com/Mailu/Mailu/releases/tag/2.0.12 mention 1.9 and 1.9.1; fixin' this.

Co-authored-by: Didier 'OdyX' Raboud <odyx@raksha.ch>
2023-06-20 18:04:54 +00:00
Florent Daigniere
f143aa3dc8 Use dovecot-proxy where appropriate 2023-06-05 10:23:30 +02:00
bors[bot]
9299b68c62
Merge #2844
2844: Ensure we log which account is invalid r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

Ensure we log which account is invalid

### Related issue(s)


## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2023-06-02 13:25:45 +00:00
Florent Daigniere
15569c62df Fix the bug @ghost has reported 2023-06-02 14:53:25 +02:00
Florent Daigniere
50f8a5cb65 Ensure we log which account is invalid 2023-06-02 11:39:42 +02:00
bors[bot]
6f3ee32351
Merge #2838
2838: Authentication failed for email clients when the password contained a non latin-1 character. r=mergify[bot] a=Diman0

## What type of PR?

bug fix

## What does this PR do?
Fixes a bug that results in authentication failing for email clients when the password contains a non latin-1 character.
Issue was caused by the header Auth-Password being returned with non latin-1 characters. Headers must always be latin-1 encoded. Resolved the issue by url encoding the password.

Since the returned password is only used as a partial hash for the rate limiter, I did not add code for un-quoting the password in the /internal/email endpoint.

### Related issue(s)
- closes #2837 

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
Co-authored-by: Florent Daigniere <nextgens@users.noreply.github.com>
2023-05-31 09:37:18 +00:00
Florent Daigniere
22edc15de2
Update core/admin/mailu/internal/views/auth.py 2023-05-31 11:36:28 +02:00
Dimitri Huisman
9ad7cea515
Update 05_connectivity test to use UTF8 password. 2023-05-31 09:17:59 +00:00
Dimitri Huisman
8c206e8a9b
Retrieve raw password on the correct location 2023-05-31 09:08:03 +00:00
Dimitri Huisman
10a3d1eabb
Get the password from the source.
Remove password from response (not needed)
2023-05-30 15:06:32 +00:00
Dimitri Huisman
008cbdb6b1
Also url encode the password when authentication fails 2023-05-30 14:31:29 +00:00