diff --git a/dsn/dsn_test.go b/dsn/dsn_test.go index c39f516..9d431eb 100644 --- a/dsn/dsn_test.go +++ b/dsn/dsn_test.go @@ -130,7 +130,7 @@ func TestDSN(t *testing.T) { // Test for valid DKIM signature. mox.Context = context.Background() mox.ConfigStaticPath = "../testdata/dsn/mox.conf" - mox.MustLoadConfig(false) + mox.MustLoadConfig(true, false) msgbuf, err = m.Compose(log, false) if err != nil { t.Fatalf("composing utf-8 dsn with utf-8 support: %v", err) diff --git a/http/account_test.go b/http/account_test.go index ee65cb8..b13c2a1 100644 --- a/http/account_test.go +++ b/http/account_test.go @@ -33,7 +33,7 @@ func TestAccount(t *testing.T) { os.RemoveAll("../testdata/httpaccount/data") mox.ConfigStaticPath = "../testdata/httpaccount/mox.conf" mox.ConfigDynamicPath = filepath.Join(filepath.Dir(mox.ConfigStaticPath), "domains.conf") - mox.MustLoadConfig(false) + mox.MustLoadConfig(true, false) acc, err := store.OpenAccount("mjl") tcheck(t, err, "open account") defer acc.Close() diff --git a/http/web_test.go b/http/web_test.go index 41266b5..bc864be 100644 --- a/http/web_test.go +++ b/http/web_test.go @@ -17,7 +17,7 @@ func TestServeHTTP(t *testing.T) { os.RemoveAll("../testdata/web/data") mox.ConfigStaticPath = "../testdata/web/mox.conf" mox.ConfigDynamicPath = filepath.Join(filepath.Dir(mox.ConfigStaticPath), "domains.conf") - mox.MustLoadConfig(false) + mox.MustLoadConfig(true, false) srv := &serve{ PathHandlers: []pathHandler{ diff --git a/http/webserver_test.go b/http/webserver_test.go index 9147cf7..a2ad87a 100644 --- a/http/webserver_test.go +++ b/http/webserver_test.go @@ -22,7 +22,7 @@ func TestWebserver(t *testing.T) { os.RemoveAll("../testdata/webserver/data") mox.ConfigStaticPath = "../testdata/webserver/mox.conf" mox.ConfigDynamicPath = filepath.Join(filepath.Dir(mox.ConfigStaticPath), "domains.conf") - mox.MustLoadConfig(false) + mox.MustLoadConfig(true, false) srv := &serve{Webserver: true} @@ -129,7 +129,7 @@ func TestWebsocket(t *testing.T) { os.RemoveAll("../testdata/websocket/data") mox.ConfigStaticPath = "../testdata/websocket/mox.conf" mox.ConfigDynamicPath = filepath.Join(filepath.Dir(mox.ConfigStaticPath), "domains.conf") - mox.MustLoadConfig(false) + mox.MustLoadConfig(true, false) srv := &serve{Webserver: true} diff --git a/imapserver/fuzz_test.go b/imapserver/fuzz_test.go index 7f79bf9..38c7964 100644 --- a/imapserver/fuzz_test.go +++ b/imapserver/fuzz_test.go @@ -60,7 +60,7 @@ func FuzzServer(f *testing.F) { mox.Context = context.Background() mox.ConfigStaticPath = "../testdata/imapserverfuzz/mox.conf" - mox.MustLoadConfig(false) + mox.MustLoadConfig(true, false) dataDir := mox.ConfigDirPath(mox.Conf.Static.DataDir) os.RemoveAll(dataDir) acc, err := store.OpenAccount("mjl") diff --git a/imapserver/server_test.go b/imapserver/server_test.go index b9b264f..564aa82 100644 --- a/imapserver/server_test.go +++ b/imapserver/server_test.go @@ -311,7 +311,7 @@ func startArgs(t *testing.T, first, isTLS, allowLoginWithoutTLS bool) *testconn } mox.Context = context.Background() mox.ConfigStaticPath = "../testdata/imap/mox.conf" - mox.MustLoadConfig(false) + mox.MustLoadConfig(true, false) acc, err := store.OpenAccount("mjl") tcheck(t, err, "open account") if first { diff --git a/integration_test.go b/integration_test.go index 6dd62e6..30fd8db 100644 --- a/integration_test.go +++ b/integration_test.go @@ -53,7 +53,7 @@ func TestDeliver(t *testing.T) { // Load mox config. mox.ConfigStaticPath = "testdata/integration/config/mox.conf" filepath.Join(filepath.Dir(mox.ConfigStaticPath), "domains.conf") - if errs := mox.LoadConfig(ctxbg, false); len(errs) > 0 { + if errs := mox.LoadConfig(ctxbg, true, false); len(errs) > 0 { t.Fatalf("loading mox config: %v", errs) } diff --git a/localserve.go b/localserve.go index 4bffe5b..dce6979 100644 --- a/localserve.go +++ b/localserve.go @@ -402,7 +402,7 @@ func writeLocalConfig(log *mlog.Log, dir string) (rerr error) { func localLoadConfig(log *mlog.Log, dir string) error { mox.ConfigStaticPath = filepath.Join(dir, "mox.conf") mox.ConfigDynamicPath = filepath.Join(dir, "domains.conf") - errs := mox.LoadConfig(context.Background(), false) + errs := mox.LoadConfig(context.Background(), true, false) if len(errs) > 1 { log.Error("loading config generated config file: multiple errors") for _, err := range errs { diff --git a/main.go b/main.go index 3aeb269..7a5a870 100644 --- a/main.go +++ b/main.go @@ -356,9 +356,9 @@ var pedantic bool // subcommands that are not "serve" should use this function to load the config, it // restores any loglevel specified on the command-line, instead of using the -// loglevels from the config file. +// loglevels from the config file and it does not load files like TLS keys/certs. func mustLoadConfig() { - mox.MustLoadConfig(false) + mox.MustLoadConfig(false, false) if level, ok := mlog.Levels[loglevel]; loglevel != "" && ok { mox.Conf.Log[""] = level mlog.SetConfig(mox.Conf.Log) diff --git a/mox-/config.go b/mox-/config.go index 57a7c82..2dab4c3 100644 --- a/mox-/config.go +++ b/mox-/config.go @@ -322,8 +322,8 @@ func writeDynamic(ctx context.Context, log *mlog.Log, c config.Dynamic) error { } // MustLoadConfig loads the config, quitting on errors. -func MustLoadConfig(checkACMEHosts bool) { - errs := LoadConfig(context.Background(), checkACMEHosts) +func MustLoadConfig(doLoadTLSKeyCerts, checkACMEHosts bool) { + errs := LoadConfig(context.Background(), doLoadTLSKeyCerts, checkACMEHosts) if len(errs) > 1 { xlog.Error("loading config file: multiple errors") for _, err := range errs { @@ -337,11 +337,11 @@ func MustLoadConfig(checkACMEHosts bool) { // LoadConfig attempts to parse and load a config, returning any errors // encountered. -func LoadConfig(ctx context.Context, checkACMEHosts bool) []error { +func LoadConfig(ctx context.Context, doLoadTLSKeyCerts, checkACMEHosts bool) []error { Shutdown, ShutdownCancel = context.WithCancel(context.Background()) Context, ContextCancel = context.WithCancel(context.Background()) - c, errs := ParseConfig(ctx, ConfigStaticPath, false, false, checkACMEHosts) + c, errs := ParseConfig(ctx, ConfigStaticPath, false, doLoadTLSKeyCerts, checkACMEHosts) if len(errs) > 0 { return errs } @@ -367,12 +367,12 @@ func SetConfig(c *Config) { } // ParseConfig parses the static config at path p. If checkOnly is true, no changes -// are made, such as registering ACME identities. If skipCheckTLSKeyCerts is true, -// the TLS KeyCerts configuration is not checked. This is used during the +// are made, such as registering ACME identities. If doLoadTLSKeyCerts is true, +// the TLS KeyCerts configuration is loaded and checked. This is used during the // quickstart in the case the user is going to provide their own certificates. // If checkACMEHosts is true, the hosts allowed for acme are compared with the // explicitly configured ips we are listening on. -func ParseConfig(ctx context.Context, p string, checkOnly, skipCheckTLSKeyCerts, checkACMEHosts bool) (c *Config, errs []error) { +func ParseConfig(ctx context.Context, p string, checkOnly, doLoadTLSKeyCerts, checkACMEHosts bool) (c *Config, errs []error) { c = &Config{ Static: config.Static{ DataDir: ".", @@ -391,7 +391,7 @@ func ParseConfig(ctx context.Context, p string, checkOnly, skipCheckTLSKeyCerts, return nil, []error{fmt.Errorf("parsing %s: %v", p, err)} } - if xerrs := PrepareStaticConfig(ctx, p, c, checkOnly, skipCheckTLSKeyCerts); len(xerrs) > 0 { + if xerrs := PrepareStaticConfig(ctx, p, c, checkOnly, doLoadTLSKeyCerts); len(xerrs) > 0 { return nil, xerrs } @@ -408,7 +408,7 @@ func ParseConfig(ctx context.Context, p string, checkOnly, skipCheckTLSKeyCerts, // PrepareStaticConfig parses the static config file and prepares data structures // for starting mox. If checkOnly is set no substantial changes are made, like // creating an ACME registration. -func PrepareStaticConfig(ctx context.Context, configFile string, config *Config, checkOnly, skipCheckTLSKeyCerts bool) (errs []error) { +func PrepareStaticConfig(ctx context.Context, configFile string, config *Config, checkOnly, doLoadTLSKeyCerts bool) (errs []error) { addErrorf := func(format string, args ...any) { errs = append(errs, fmt.Errorf(format, args...)) } @@ -532,7 +532,7 @@ func PrepareStaticConfig(ctx context.Context, configFile string, config *Config, } l.TLS.Config = tlsconfig } else if len(l.TLS.KeyCerts) != 0 { - if !skipCheckTLSKeyCerts { + if doLoadTLSKeyCerts { if err := loadTLSKeyCerts(configFile, "listener "+name, l.TLS); err != nil { addErrorf("%w", err) } diff --git a/queue/queue_test.go b/queue/queue_test.go index 70df178..25d79fb 100644 --- a/queue/queue_test.go +++ b/queue/queue_test.go @@ -35,7 +35,7 @@ func setup(t *testing.T) (*store.Account, func()) { os.RemoveAll("../testdata/queue/data") mox.Context = ctxbg mox.ConfigStaticPath = "../testdata/queue/mox.conf" - mox.MustLoadConfig(false) + mox.MustLoadConfig(true, false) acc, err := store.OpenAccount("mjl") tcheck(t, err, "open account") err = acc.SetPassword("testtest") diff --git a/serve.go b/serve.go index e1db32a..ef980b9 100644 --- a/serve.go +++ b/serve.go @@ -151,7 +151,7 @@ requested, other TLS certificates are requested on demand. log := mlog.New("serve") if os.Getuid() == 0 { - mox.MustLoadConfig(checkACMEHosts) + mox.MustLoadConfig(true, checkACMEHosts) // No need to potentially start and keep multiple processes. As root, we just need // to start the child process. @@ -183,7 +183,7 @@ requested, other TLS certificates are requested on demand. } else { log.Print("starting as unprivileged user", mlog.Field("user", mox.Conf.Static.User), mlog.Field("uid", mox.Conf.Static.UID), mlog.Field("gid", mox.Conf.Static.GID), mlog.Field("pid", os.Getpid())) mox.RestorePassedFiles() - mox.MustLoadConfig(checkACMEHosts) + mox.MustLoadConfig(true, checkACMEHosts) } syscall.Umask(syscall.Umask(007) | 007) diff --git a/smtpserver/fuzz_test.go b/smtpserver/fuzz_test.go index c26c12d..0cdb328 100644 --- a/smtpserver/fuzz_test.go +++ b/smtpserver/fuzz_test.go @@ -31,7 +31,7 @@ func FuzzServer(f *testing.F) { mox.Context = ctxbg mox.ConfigStaticPath = "../testdata/smtpserverfuzz/mox.conf" - mox.MustLoadConfig(false) + mox.MustLoadConfig(true, false) dataDir := mox.ConfigDirPath(mox.Conf.Static.DataDir) os.RemoveAll(dataDir) acc, err := store.OpenAccount("mjl") diff --git a/smtpserver/server_test.go b/smtpserver/server_test.go index aa6d522..e3a4f59 100644 --- a/smtpserver/server_test.go +++ b/smtpserver/server_test.go @@ -92,7 +92,7 @@ func newTestServer(t *testing.T, configPath string, resolver dns.Resolver) *test mox.Context = ctxbg mox.ConfigStaticPath = configPath - mox.MustLoadConfig(false) + mox.MustLoadConfig(true, false) dataDir := mox.ConfigDirPath(mox.Conf.Static.DataDir) os.RemoveAll(dataDir) var err error diff --git a/store/account_test.go b/store/account_test.go index afd8615..a64a621 100644 --- a/store/account_test.go +++ b/store/account_test.go @@ -29,7 +29,7 @@ func tcheck(t *testing.T, err error, msg string) { func TestMailbox(t *testing.T) { os.RemoveAll("../testdata/store/data") mox.ConfigStaticPath = "../testdata/store/mox.conf" - mox.MustLoadConfig(false) + mox.MustLoadConfig(true, false) acc, err := OpenAccount("mjl") tcheck(t, err, "open account") defer acc.Close() diff --git a/store/export_test.go b/store/export_test.go index 9cae8e5..edf89b4 100644 --- a/store/export_test.go +++ b/store/export_test.go @@ -21,7 +21,7 @@ func TestExport(t *testing.T) { os.RemoveAll("../testdata/store/data") mox.ConfigStaticPath = "../testdata/store/mox.conf" - mox.MustLoadConfig(false) + mox.MustLoadConfig(true, false) acc, err := OpenAccount("mjl") tcheck(t, err, "open account") defer acc.Close()