Re: Problem with included global sieve script when mailbox contains a "dot"

Thomas Cataldo <tcataldo@xxxxxxxxx> · Sun, 25 Nov 2012 11:31:37 +0100

Can anyone comment on that ?
We might be doing something wrong while settings our ACLs, but looking with wireshark at how cyradm I think we're fine and that there's really a bug in here.


Thomas,
Blue Mind.



On Mon, Nov 19, 2012 at 8:39 PM, Thomas Cataldo <tcataldo@xxxxxxxxx> wrote:

Hi,
I did some more research on my problem and tracked the problem down to this test in append.c (cyrus 2.4) :

        else if (!strcmp(flag[i], "\\flagged")) {
            if (as->myrights & ACL_WRITE) {  // this test fails when mailbox is a.b@domain
                message_index.system_flags |= FLAG_FLAGGED;
            }
        }


My problem is probably related to unixhierarchysep settings and the way ACLs are set, but the following patch fixes it :

diff --git a/imap/append.c b/imap/append.c

index d3c2bd4..b622dd1 100644
--- a/imap/append.c
+++ b/imap/append.c
@@ -160,12 +160,25 @@ int append_setup(struct appendstate *as, const char *name,
 {
     int r;

     struct quota q;
+    unsigned int pos;
+    size_t at_char;
+    char* fixed_acls;
 
     as->mailbox = NULL;
     r = mailbox_open_iwl(name, &as->mailbox);

     if (r) return r;
 
-    as->myrights = cyrus_acl_myrights(auth_state, as->mailbox->acl);
+    fixed_acls = strdup(as->mailbox->acl);
+    syslog(LOG_ERR, "before acls tweaks: %s\n", fixed_acls);

+    at_char = strcspn(fixed_acls, "@");
+    for (pos=0; pos < at_char; pos++) {
+      if (fixed_acls[pos] == '.') {
+       fixed_acls[pos] = '^';


+      }
+    }
+    syslog(LOG_ERR, "after acls tweaks: %s\n", fixed_acls);
+
+    as->myrights = cyrus_acl_myrights(auth_state, fixed_acls);
 
     if ((as->myrights & aclcheck) != aclcheck) {

        r = (as->myrights & ACL_LOOKUP) ?


The two logs I added give the following output :

Nov 19 20:37:00 ppday cyrus/lmtp[42207]: before acls tweaks: a.b@xxxxxxxxx#011lrswipkxtecda#011admin0#011lrswipkxtecda#011admin@xxxxxxxxx#011lrsp#011

Nov 19 20:37:00 ppday cyrus/lmtp[42207]: after acls tweaks: a^b@xxxxxxxxx#011lrswipkxtecda#011admin0#011lrswipkxtecda#011admin@xxxxxxxxx#011lrsp#011

I hope this "test" patch might help figure out what is wrong. My acls setup or a bug.


Regards,
Thomas Cataldo,
Blue Mind.








On Wed, Nov 14, 2012 at 10:40 AM, Thomas Cataldo <tcataldo@xxxxxxxxx> wrote:

Hello,
Consider the following sieve setup :

root@ppday:/var/spool/sieve# cat global/buffy.vmw.sieve.script 

require ["body", "copy", "fileinto", "imapflags" ];

# filters
if allof ( address :contains "from" "admin") {
	setflag "\\Flagged";
}


# END

root@ppday:/var/spool/sieve# cat domain/b/buffy.vmw/a/a^b/bm-user5.sieve.script 
require ["body", "copy", "fileinto", "imapflags", "vacation", "include" ];



include :global "buffy.vmw.sieve";

# END


root@ppday:/var/spool/sieve# cat domain/b/buffy.vmw/s/sp/bm-user6.sieve.script 


require ["body", "copy", "fileinto", "imapflags", "vacation", "include" ];

include :global "buffy.vmw.sieve";





# END

When admin@xxxxxxxxx sends an email to a.b@xxxxxxxxx and sp@xxxxxxxxx, the following happens :
 - the mail is correctly flagged for sp
 - no flagging for a.b



Nothing interesting in my logs when the mail is delivered :


Nov 14 10:17:20 ppday cyrus/master[19560]: about to exec /usr/lib/cyrus/bin/lmtpd
Nov 14 10:17:20 ppday cyrus/lmtp[19560]: executed


Nov 14 10:17:20 ppday cyrus/lmtp[19560]: skiplist: checkpointed /var/lib/cyrus/statuscache.db (0 records, 144 bytes) in 0 seconds
Nov 14 10:17:21 ppday cyrus/lmtp[19560]: accepted connection
Nov 14 10:17:21 ppday cyrus/lmtp[19560]: connection from ppday.buffy.vmw [172.16.78.128] preauth'd as postman


Nov 14 10:17:21 ppday cyrus/lmtp[19560]: Delivered: <1c42d02ef8953cb9521bbbb9dafbaa21@xxxxxxxxx> to mailbox: buffy.vmw!user.a^b
Nov 14 10:17:21 ppday cyrus/lmtp[19560]: USAGE a^b user: 0.004000 sys: 0.008000


Nov 14 10:17:21 ppday cyrus/lmtp[19560]: Delivered: <1c42d02ef8953cb9521bbbb9dafbaa21@xxxxxxxxx> to mailbox: buffy.vmw!user.admin
Nov 14 10:17:21 ppday cyrus/lmtp[19560]: USAGE admin user: 0.000000 sys: 0.004000


Nov 14 10:17:21 ppday cyrus/lmtp[19560]: Delivered: <1c42d02ef8953cb9521bbbb9dafbaa21@xxxxxxxxx> to mailbox: buffy.vmw!user.sp
Nov 14 10:17:21 ppday cyrus/lmtp[19560]: USAGE sp user: 0.000000 sys: 0.000000


Nov 14 10:17:21 ppday postfix/lmtp[19551]: 5DA0A21E37: to=<a.b@xxxxxxxxx>, relay=172.16.78.128[172.16.78.128]:2400, delay=0.93, delays=0.07/0.03/0.03/0.79, dsn=2.1.5, status=sent (250 2.1.5 Delivery OK)



Nov 14 10:17:21 ppday postfix/lmtp[19551]: 5DA0A21E37: to=<admin@xxxxxxxxx>, relay=172.16.78.128[172.16.78.128]:2400, delay=0.93, delays=0.07/0.03/0.03/0.79, dsn=2.1.5, status=sent (250 2.1.5 Delivery OK)



Nov 14 10:17:21 ppday postfix/lmtp[19551]: 5DA0A21E37: to=<sp@xxxxxxxxx>, relay=172.16.78.128[172.16.78.128]:2400, delay=0.93, delays=0.07/0.03/0.03/0.79, dsn=2.1.5, status=sent (250 2.1.5 Delivery OK)
Nov 14 10:17:21 ppday postfix/qmgr[20160]: 5DA0A21E37: removed



Any know bugs with global sieve vs mailboxes with "dot" in them ?
Can I enable more verbose sieve execution logs ?


Regards,


Thomas Cataldo,
Blue Mind






----
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus



