Projects
Kolab:16:Enterprise
guam
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
Expand all
Collapse all
Changes of Revision 13
View file
guam.spec
Changed
@@ -20,7 +20,7 @@ %define lock_version() %{1}%{?_isa} = %(rpm -q --queryformat "%{VERSION}" %{1}) Name: guam -Version: 0.8.2 +Version: 0.8.3 Release: 0.20160219.git%{?dist} Summary: A Smart Reverse IMAP Proxy @@ -30,7 +30,6 @@ Source0: guam-%{version}.tar.gz -Patch0001: guam-0.8.2-T1345.patch Patch9991: guam-0.8.2-relax-dependencies.patch BuildRequires: erlang >= 17.4 @@ -99,7 +98,6 @@ %prep %setup -q -%patch0001 -p1 %patch9991 -p1 %build @@ -211,6 +209,9 @@ /opt/%{realname}/ %changelog +* Tue Jul 12 2016 Aaron Seigo <seigo@kolabsystems.com> - 0.8.3-1 +- Release of version 0.8.3 + * Fri Jul 8 2016 Jeroen van Meeuwen <vanmeeuwen@kolabsys.com> - 0.8.2-2 - Fix T1345
View file
guam-0.8.2-T1345.patch
Deleted
@@ -1,135 +0,0 @@ -diff --git a/CHANGELOG.md b/CHANGELOG.md -index 5f04931..4c0e9c0 100644 ---- a/CHANGELOG.md -+++ b/CHANGELOG.md -@@ -13,6 +13,24 @@ This project adheres to Semantic Versioning(http://semver.org/). - ### Fixed - ### Security - -+## 0.8.2 - 2016-07-08 -+### Added -+- listener_pool_size configuration option for listeners -+### Changed -+- Default size of listener pool drops to 10 from 20 -+- Rate limit (by introducing a short wait) connection accept()s -+### Fixed -+- Prevent starvation of the session pool due to clients dropping connections -+ pre-accept() -+ -+## 0.8.1 - 2016-07-06 -+### Added -+- ipv6 connections -+### Changed -+- update to eimap 0.2.5 -+### Fixed -+- Ignore non-listing LIST commands (e.g. requests for the root/separator) -+- Tidy up the server greetings - - ## 0.8.0 - 2016-06-08 - ### Added -diff --git a/apps/kolab_guam/src/kolab_guam_listener.erl b/apps/kolab_guam/src/kolab_guam_listener.erl -index e6eed61..9287eb7 100644 ---- a/apps/kolab_guam/src/kolab_guam_listener.erl -+++ b/apps/kolab_guam/src/kolab_guam_listener.erl -@@ -78,7 +78,7 @@ listen_options(Iface, Hostname, ImplicitTLS, TLSConfig) -> - - default_listen_options(true, TLSConfig) -> default_listen_options() ++ TLSConfig; - default_listen_options(_ImplicitTLS, _Config) -> default_listen_options(). --default_listen_options() -> { reuseaddr, true }, {active, once }, inet6 . -+default_listen_options() -> { reuseaddr, true }, {active, false}, inet6 . - - create_initial_listeners(ListenerPoolSize, PID) when is_pid(PID) -> - lager:debug("Creating session pool of size ~p for listener ~p", ListenerPoolSize, PID), -diff --git a/apps/kolab_guam/src/kolab_guam_session.erl b/apps/kolab_guam/src/kolab_guam_session.erl -index 2c3bc1a..4db902d 100644 ---- a/apps/kolab_guam/src/kolab_guam_session.erl -+++ b/apps/kolab_guam/src/kolab_guam_session.erl -@@ -26,7 +26,7 @@ - -export(init/1, handle_call/3, handle_cast/2, handle_info/2, terminate/2, code_change/3). - - %% state record definition ---record(state, { socket, super_pid, tls_config = , client_implicit_tls = false, client_tls_active = false, server_config = , -+-record(state, { listen_socket, socket = undefined, super_pid, tls_config = , client_implicit_tls = false, client_tls_active = false, server_config = , - rules_active = , rules_deciding = , imap_session, inflator, deflator }). - - %% public API -@@ -40,18 +40,18 @@ init(SupervisorPID, ListenSocket, ServerConfig, ImplicitTLS, TLSConfig, Rules) - ActiveRules = init_rules(Rules), - gen_server:cast(self(), accept), - %% lager:debug("Rules are ~p from ~p", ActiveRules, Rules), -- { ok, #state{ socket = ListenSocket, super_pid = SupervisorPID, client_implicit_tls = ImplicitTLS, tls_config = TLSConfig, server_config = ServerConfig, rules_deciding = ActiveRules } }. -+ { ok, #state{ listen_socket = ListenSocket, super_pid = SupervisorPID, client_implicit_tls = ImplicitTLS, tls_config = TLSConfig, server_config = ServerConfig, rules_deciding = ActiveRules } }. - - handle_call(_Request, _From, State) -> - { reply, ok, State }. - --handle_cast(accept, State = #state{ socket = ListenSocket, server_config = ServerConfig }) -> -+handle_cast(accept, State = #state{ server_config = ServerConfig } = State) -> - %% try to rate limit our responses a bit here so that hammering the socket with connections is survivable - timer:sleep(3), -- { ok, AcceptSocket, TLSActive } = accept_client(ListenSocket, State), -+ { ok, AcceptSocket, TLSActive } = accept_client(State), - { ok, ImapSession } = eimap:start_link(ServerConfig), - eimap:connect(ImapSession, self(), server_hello), -- { noreply, State#state{ socket = AcceptSocket, imap_session = ImapSession, client_tls_active = TLSActive } }; -+ { noreply, State#state{ listen_socket = undefined, socket = AcceptSocket, imap_session = ImapSession, client_tls_active = TLSActive } }; - handle_cast(_Msg, State) -> - { noreply, State }. - -@@ -108,18 +108,18 @@ handle_info(Info, State) -> - lager:debug("Received unexpected info... ~p", Info), - { noreply, State }. - --terminate(_Reason, #state{ inflator = Inflator, deflator = Deflator, socket = Socket, client_tls_active = TLS }) -> -+terminate(_Reason, #state{ inflator = Inflator, deflator = Deflator, socket = Socket, client_implicit_tls = ImplicitTLS, client_tls_active = TLS }) -> - %lager:debug("Termination!~p", self()), - close_zlib_handle(Inflator), - close_zlib_handle(Deflator), -- close_socket(TLS, Socket), -+ close_socket(ImplicitTLS, TLS, Socket), - ok. - - code_change(_OldVsn, State, _Extra) -> - { ok, State }. - - %% private API --accept_client(ListenSocket, #state{ client_implicit_tls = true, super_pid = SupervisorPID }) -> -+accept_client(#state{ client_implicit_tls = true, listen_socket = ListenSocket, super_pid = SupervisorPID }) -> - AcceptResult = ssl:transport_accept(ListenSocket), - AcceptSocket = post_accept_bookkeeping(implicit_tls, ListenSocket, SupervisorPID, AcceptResult), - %% prep for the next listen -@@ -127,7 +127,7 @@ accept_client(ListenSocket, #state{ client_implicit_tls = true, super_pid = Supe - ok = ssl:setopts(AcceptSocket, { active, once }, { mode, binary }), - % lager:info("~p All done!", self()), - { ok, AcceptSocket, true }; --accept_client(ListenSocket, #state{ super_pid = SupervisorPID }) -> -+accept_client(#state{ listen_socket = ListenSocket, super_pid = SupervisorPID }) -> - AcceptResult = gen_tcp:accept(ListenSocket), - AcceptSocket = post_accept_bookkeeping(no_implicit_tls, ListenSocket, SupervisorPID, AcceptResult), - ok = inet:setopts(AcceptSocket, { active, once }, { mode, binary }), -@@ -136,11 +136,6 @@ accept_client(ListenSocket, #state{ super_pid = SupervisorPID }) -> - post_accept_bookkeeping(ImplicitTls, ListenSocket, SupervisorPID, AcceptResult) -> - %% start a new accepting process to replace this one, which is now in use - supervisor:start_child(SupervisorPID, ), -- %% prep for the next listen -- case ImplicitTls of -- implicit_tls -> ok = ssl:setopts(ListenSocket, { active, once }, { mode, binary }); -- _ -> ok = inet:setopts(ListenSocket, { active, once }) -- end, - %% assert that the accept worked - { ok, AcceptSocket } = AcceptResult, - AcceptSocket. -@@ -148,9 +143,10 @@ post_accept_bookkeeping(ImplicitTls, ListenSocket, SupervisorPID, AcceptResult) - close_zlib_handle(undefined) -> ok; - close_zlib_handle(Z) -> zlib:close(Z). - --close_socket(_TLS, undefined) -> ok; --close_socket(true, Socket) -> ssl:close(Socket); --close_socket(_TLS, Socket) -> gen_tcp:close(Socket). -+close_socket(_ImplicitTLS, _TLS, undefined) -> ok; -+close_socket(_ImplicitTLS, true, Socket) -> ssl:close(Socket); -+close_socket(true, _TLS, Socket) -> ssl:close(Socket); -+close_socket(_ImplicitTLS, _TLS, Socket) -> gen_tcp:close(Socket). - - process_client_data(Socket, Data, #state{ rules_deciding = UndecidedRules, tls_config = TLSConfig, client_tls_active = TLS, rules_active = ActiveRules, socket = Socket, imap_session = ImapSession, inflator = Inflator, deflator = Deflator, server_config = ServerConfig } = State) -> - %%TODO: multipacket input from clients
View file
debian.changelog
Changed
@@ -1,3 +1,9 @@ +guam (0.8.3-1) unstable; urgency=medium + + * Release of 0.8.3 + + -- Aaron Seigo <seigo@kolabsystems.com> Tue, 12 Jul 2016 13:00:00 +0600 + guam (0.8.2-2) unstable; urgency=medium * Fix T1345
View file
debian.series
Changed
@@ -1,2 +1,1 @@ guam-0.8.2-relax-dependencies.patch -p1 -guam-0.8.2-T1345.patch -p1
View file
guam-0.8.2.tar.gz/CHANGELOG.md -> guam-0.8.3.tar.gz/CHANGELOG.md
Changed
@@ -13,6 +13,31 @@ ### Fixed ### Security +## 0.8.3 - 2016-08-08 +### Fixed +- always close ssl sockets as an ssl socket +- keep listen_socket separate from socket +- not required to make the socket active to accept connections +- ensure eimap processes are always terminated in all cases + +## 0.8.2 - 2016-07-08 +### Added +- listener_pool_size configuration option for listeners +### Changed +- Default size of listener pool drops to 10 from 20 +- Rate limit (by introducing a short wait) connection accept()s +### Fixed +- Prevent starvation of the session pool due to clients dropping connections + pre-accept() + +## 0.8.1 - 2016-07-06 +### Added +- ipv6 connections +### Changed +- update to eimap 0.2.5 +### Fixed +- Ignore non-listing LIST commands (e.g. requests for the root/separator) +- Tidy up the server greetings ## 0.8.0 - 2016-06-08 ### Added
View file
guam-0.8.2.tar.gz/apps/kolab_guam/src/kolab_guam.app.src -> guam-0.8.3.tar.gz/apps/kolab_guam/src/kolab_guam.app.src
Changed
@@ -2,7 +2,7 @@ {application, kolab_guam, {description, "IMAP session proxy"}, - {vsn, "0.8.2"}, + {vsn, "0.8.3"}, {registered, }, {applications, kernel,
View file
guam-0.8.2.tar.gz/apps/kolab_guam/src/kolab_guam_listener.erl -> guam-0.8.3.tar.gz/apps/kolab_guam/src/kolab_guam_listener.erl
Changed
@@ -78,7 +78,7 @@ default_listen_options(true, TLSConfig) -> default_listen_options() ++ TLSConfig; default_listen_options(_ImplicitTLS, _Config) -> default_listen_options(). -default_listen_options() -> { reuseaddr, true }, {active, once }, inet6 . +default_listen_options() -> { reuseaddr, true }, {active, false}, inet6 . create_initial_listeners(ListenerPoolSize, PID) when is_pid(PID) -> lager:debug("Creating session pool of size ~p for listener ~p", ListenerPoolSize, PID),
View file
guam-0.8.2.tar.gz/apps/kolab_guam/src/kolab_guam_session.erl -> guam-0.8.3.tar.gz/apps/kolab_guam/src/kolab_guam_session.erl
Changed
@@ -26,8 +26,8 @@ -export(init/1, handle_call/3, handle_cast/2, handle_info/2, terminate/2, code_change/3). %% state record definition --record(state, { socket, super_pid, tls_config = , client_implicit_tls = false, client_tls_active = false, server_config = , - rules_active = , rules_deciding = , imap_session, inflator, deflator }). +-record(state, { listen_socket, socket = undefined, super_pid, tls_config = , client_implicit_tls = false, client_tls_active = false, server_config = , + rules_active = , rules_deciding = , imap_session = undefined, inflator, deflator }). %% public API start_link(SupervisorPID, ListenSocket, ImapConfig, ImplicitTLS, TLSConfig, Rules) -> gen_server:start_link(?MODULE, SupervisorPID, ListenSocket, ImapConfig, ImplicitTLS, TLSConfig, Rules, ). @@ -40,18 +40,18 @@ ActiveRules = init_rules(Rules), gen_server:cast(self(), accept), %% lager:debug("Rules are ~p from ~p", ActiveRules, Rules), - { ok, #state{ socket = ListenSocket, super_pid = SupervisorPID, client_implicit_tls = ImplicitTLS, tls_config = TLSConfig, server_config = ServerConfig, rules_deciding = ActiveRules } }. + { ok, #state{ listen_socket = ListenSocket, super_pid = SupervisorPID, client_implicit_tls = ImplicitTLS, tls_config = TLSConfig, server_config = ServerConfig, rules_deciding = ActiveRules } }. handle_call(_Request, _From, State) -> { reply, ok, State }. -handle_cast(accept, State = #state{ socket = ListenSocket, server_config = ServerConfig }) -> +handle_cast(accept, State = #state{ server_config = ServerConfig } = State) -> %% try to rate limit our responses a bit here so that hammering the socket with connections is survivable timer:sleep(3), - { ok, AcceptSocket, TLSActive } = accept_client(ListenSocket, State), + { ok, AcceptSocket, TLSActive } = accept_client(State), { ok, ImapSession } = eimap:start_link(ServerConfig), eimap:connect(ImapSession, self(), server_hello), - { noreply, State#state{ socket = AcceptSocket, imap_session = ImapSession, client_tls_active = TLSActive } }; + { noreply, State#state{ listen_socket = undefined, socket = AcceptSocket, imap_session = ImapSession, client_tls_active = TLSActive } }; handle_cast(_Msg, State) -> { noreply, State }. @@ -103,23 +103,26 @@ relay_response(Socket, postprocess_server_data(Deflator, ModifiedData), TLS), { noreply, State#state{ rules_active = CurrentlyActiveRules } }; handle_info({ 'EXIT', PID, _Reason }, #state { imap_session = PID } = State) -> - { stop, normal, State }; + { stop, normal, State#state{ imap_session = undefined } }; handle_info(Info, State) -> lager:debug("Received unexpected info... ~p", Info), { noreply, State }. -terminate(_Reason, #state{ inflator = Inflator, deflator = Deflator, socket = Socket, client_tls_active = TLS }) -> - %lager:debug("Termination!~p", self()), +terminate(_Reason, #state{ inflator = Inflator, imap_session = ImapSession, deflator = Deflator, socket = Socket, client_implicit_tls = ImplicitTLS, client_tls_active = TLS }) -> close_zlib_handle(Inflator), close_zlib_handle(Deflator), - close_socket(TLS, Socket), + close_socket(ImplicitTLS, TLS, Socket), + case ImapSession of + undefined -> ok; + _ -> exit(ImapSession, kill) + end, ok. code_change(_OldVsn, State, _Extra) -> { ok, State }. %% private API -accept_client(ListenSocket, #state{ client_implicit_tls = true, super_pid = SupervisorPID }) -> +accept_client(#state{ client_implicit_tls = true, listen_socket = ListenSocket, super_pid = SupervisorPID }) -> AcceptResult = ssl:transport_accept(ListenSocket), AcceptSocket = post_accept_bookkeeping(implicit_tls, ListenSocket, SupervisorPID, AcceptResult), %% prep for the next listen @@ -127,7 +130,7 @@ ok = ssl:setopts(AcceptSocket, { active, once }, { mode, binary }), % lager:info("~p All done!", self()), { ok, AcceptSocket, true }; -accept_client(ListenSocket, #state{ super_pid = SupervisorPID }) -> +accept_client(#state{ listen_socket = ListenSocket, super_pid = SupervisorPID }) -> AcceptResult = gen_tcp:accept(ListenSocket), AcceptSocket = post_accept_bookkeeping(no_implicit_tls, ListenSocket, SupervisorPID, AcceptResult), ok = inet:setopts(AcceptSocket, { active, once }, { mode, binary }), @@ -136,11 +139,6 @@ post_accept_bookkeeping(ImplicitTls, ListenSocket, SupervisorPID, AcceptResult) -> %% start a new accepting process to replace this one, which is now in use supervisor:start_child(SupervisorPID, ), - %% prep for the next listen - case ImplicitTls of - implicit_tls -> ok = ssl:setopts(ListenSocket, { active, once }, { mode, binary }); - _ -> ok = inet:setopts(ListenSocket, { active, once }) - end, %% assert that the accept worked { ok, AcceptSocket } = AcceptResult, AcceptSocket. @@ -148,9 +146,10 @@ close_zlib_handle(undefined) -> ok; close_zlib_handle(Z) -> zlib:close(Z). -close_socket(_TLS, undefined) -> ok; -close_socket(true, Socket) -> ssl:close(Socket); -close_socket(_TLS, Socket) -> gen_tcp:close(Socket). +close_socket(_ImplicitTLS, _TLS, undefined) -> ok; +close_socket(_ImplicitTLS, true, Socket) -> ssl:close(Socket); +close_socket(true, _TLS, Socket) -> ssl:close(Socket); +close_socket(_ImplicitTLS, _TLS, Socket) -> gen_tcp:close(Socket). process_client_data(Socket, Data, #state{ rules_deciding = UndecidedRules, tls_config = TLSConfig, client_tls_active = TLS, rules_active = ActiveRules, socket = Socket, imap_session = ImapSession, inflator = Inflator, deflator = Deflator, server_config = ServerConfig } = State) -> %%TODO: multipacket input from clients
View file
guam-0.8.2.tar.gz/rel/reltool.config -> guam-0.8.3.tar.gz/rel/reltool.config
Changed
@@ -4,7 +4,7 @@ {lib_dirs, "../deps"}, {erts, {mod_cond, derived}, {app_file, strip}}, {app_file, strip}, - {rel, "kolab_guam", "0.8.2", + {rel, "kolab_guam", "0.8.3", kernel, stdlib,
View file
guam.dsc
Changed
@@ -2,7 +2,7 @@ Source: guam Binary: guam Architecture: any -Version: 0.8.2-2 +Version: 0.8.3-1 Maintainer: Christoph Erhardt <kolab@sicherha.de> Homepage: https://kolab.org/about/guam Standards-Version: 3.9.6 @@ -10,5 +10,5 @@ Package-List: guam deb mail extra Files: - 00000000000000000000000000000000 0 guam-0.8.2.tar.gz + 00000000000000000000000000000000 0 guam-0.8.3.tar.gz 00000000000000000000000000000000 0 debian.tar.gz
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.