From 2eecf388428025b1ee3759ececf8a5d7e981c842 Mon Sep 17 00:00:00 2001 From: Mechiel Lukkien Date: Fri, 16 Jun 2023 13:27:27 +0200 Subject: [PATCH] unbreak the subcommands that talk to the mox instance of the ctl socket broken on may 31st with the "open tls keys as root" change, 70d07c5459d8, so broken in v0.0.4, not in v0.0.3 --- dsn/dsn_test.go | 2 +- http/account_test.go | 2 +- http/web_test.go | 2 +- http/webserver_test.go | 4 ++-- imapserver/fuzz_test.go | 2 +- imapserver/server_test.go | 2 +- integration_test.go | 2 +- localserve.go | 2 +- main.go | 4 ++-- mox-/config.go | 20 ++++++++++---------- queue/queue_test.go | 2 +- serve.go | 4 ++-- smtpserver/fuzz_test.go | 2 +- smtpserver/server_test.go | 2 +- store/account_test.go | 2 +- store/export_test.go | 2 +- 16 files changed, 28 insertions(+), 28 deletions(-) diff --git a/dsn/dsn_test.go b/dsn/dsn_test.go index c39f516..9d431eb 100644 --- a/dsn/dsn_test.go +++ b/dsn/dsn_test.go @@ -130,7 +130,7 @@ func TestDSN(t *testing.T) { // Test for valid DKIM signature. mox.Context = context.Background() mox.ConfigStaticPath = "../testdata/dsn/mox.conf" - mox.MustLoadConfig(false) + mox.MustLoadConfig(true, false) msgbuf, err = m.Compose(log, false) if err != nil { t.Fatalf("composing utf-8 dsn with utf-8 support: %v", err) diff --git a/http/account_test.go b/http/account_test.go index ee65cb8..b13c2a1 100644 --- a/http/account_test.go +++ b/http/account_test.go @@ -33,7 +33,7 @@ func TestAccount(t *testing.T) { os.RemoveAll("../testdata/httpaccount/data") mox.ConfigStaticPath = "../testdata/httpaccount/mox.conf" mox.ConfigDynamicPath = filepath.Join(filepath.Dir(mox.ConfigStaticPath), "domains.conf") - mox.MustLoadConfig(false) + mox.MustLoadConfig(true, false) acc, err := store.OpenAccount("mjl") tcheck(t, err, "open account") defer acc.Close() diff --git a/http/web_test.go b/http/web_test.go index 41266b5..bc864be 100644 --- a/http/web_test.go +++ b/http/web_test.go @@ -17,7 +17,7 @@ func TestServeHTTP(t *testing.T) { os.RemoveAll("../testdata/web/data") mox.ConfigStaticPath = "../testdata/web/mox.conf" mox.ConfigDynamicPath = filepath.Join(filepath.Dir(mox.ConfigStaticPath), "domains.conf") - mox.MustLoadConfig(false) + mox.MustLoadConfig(true, false) srv := &serve{ PathHandlers: []pathHandler{ diff --git a/http/webserver_test.go b/http/webserver_test.go index 9147cf7..a2ad87a 100644 --- a/http/webserver_test.go +++ b/http/webserver_test.go @@ -22,7 +22,7 @@ func TestWebserver(t *testing.T) { os.RemoveAll("../testdata/webserver/data") mox.ConfigStaticPath = "../testdata/webserver/mox.conf" mox.ConfigDynamicPath = filepath.Join(filepath.Dir(mox.ConfigStaticPath), "domains.conf") - mox.MustLoadConfig(false) + mox.MustLoadConfig(true, false) srv := &serve{Webserver: true} @@ -129,7 +129,7 @@ func TestWebsocket(t *testing.T) { os.RemoveAll("../testdata/websocket/data") mox.ConfigStaticPath = "../testdata/websocket/mox.conf" mox.ConfigDynamicPath = filepath.Join(filepath.Dir(mox.ConfigStaticPath), "domains.conf") - mox.MustLoadConfig(false) + mox.MustLoadConfig(true, false) srv := &serve{Webserver: true} diff --git a/imapserver/fuzz_test.go b/imapserver/fuzz_test.go index 7f79bf9..38c7964 100644 --- a/imapserver/fuzz_test.go +++ b/imapserver/fuzz_test.go @@ -60,7 +60,7 @@ func FuzzServer(f *testing.F) { mox.Context = context.Background() mox.ConfigStaticPath = "../testdata/imapserverfuzz/mox.conf" - mox.MustLoadConfig(false) + mox.MustLoadConfig(true, false) dataDir := mox.ConfigDirPath(mox.Conf.Static.DataDir) os.RemoveAll(dataDir) acc, err := store.OpenAccount("mjl") diff --git a/imapserver/server_test.go b/imapserver/server_test.go index b9b264f..564aa82 100644 --- a/imapserver/server_test.go +++ b/imapserver/server_test.go @@ -311,7 +311,7 @@ func startArgs(t *testing.T, first, isTLS, allowLoginWithoutTLS bool) *testconn } mox.Context = context.Background() mox.ConfigStaticPath = "../testdata/imap/mox.conf" - mox.MustLoadConfig(false) + mox.MustLoadConfig(true, false) acc, err := store.OpenAccount("mjl") tcheck(t, err, "open account") if first { diff --git a/integration_test.go b/integration_test.go index 6dd62e6..30fd8db 100644 --- a/integration_test.go +++ b/integration_test.go @@ -53,7 +53,7 @@ func TestDeliver(t *testing.T) { // Load mox config. mox.ConfigStaticPath = "testdata/integration/config/mox.conf" filepath.Join(filepath.Dir(mox.ConfigStaticPath), "domains.conf") - if errs := mox.LoadConfig(ctxbg, false); len(errs) > 0 { + if errs := mox.LoadConfig(ctxbg, true, false); len(errs) > 0 { t.Fatalf("loading mox config: %v", errs) } diff --git a/localserve.go b/localserve.go index 4bffe5b..dce6979 100644 --- a/localserve.go +++ b/localserve.go @@ -402,7 +402,7 @@ func writeLocalConfig(log *mlog.Log, dir string) (rerr error) { func localLoadConfig(log *mlog.Log, dir string) error { mox.ConfigStaticPath = filepath.Join(dir, "mox.conf") mox.ConfigDynamicPath = filepath.Join(dir, "domains.conf") - errs := mox.LoadConfig(context.Background(), false) + errs := mox.LoadConfig(context.Background(), true, false) if len(errs) > 1 { log.Error("loading config generated config file: multiple errors") for _, err := range errs { diff --git a/main.go b/main.go index 3aeb269..7a5a870 100644 --- a/main.go +++ b/main.go @@ -356,9 +356,9 @@ var pedantic bool // subcommands that are not "serve" should use this function to load the config, it // restores any loglevel specified on the command-line, instead of using the -// loglevels from the config file. +// loglevels from the config file and it does not load files like TLS keys/certs. func mustLoadConfig() { - mox.MustLoadConfig(false) + mox.MustLoadConfig(false, false) if level, ok := mlog.Levels[loglevel]; loglevel != "" && ok { mox.Conf.Log[""] = level mlog.SetConfig(mox.Conf.Log) diff --git a/mox-/config.go b/mox-/config.go index 57a7c82..2dab4c3 100644 --- a/mox-/config.go +++ b/mox-/config.go @@ -322,8 +322,8 @@ func writeDynamic(ctx context.Context, log *mlog.Log, c config.Dynamic) error { } // MustLoadConfig loads the config, quitting on errors. -func MustLoadConfig(checkACMEHosts bool) { - errs := LoadConfig(context.Background(), checkACMEHosts) +func MustLoadConfig(doLoadTLSKeyCerts, checkACMEHosts bool) { + errs := LoadConfig(context.Background(), doLoadTLSKeyCerts, checkACMEHosts) if len(errs) > 1 { xlog.Error("loading config file: multiple errors") for _, err := range errs { @@ -337,11 +337,11 @@ func MustLoadConfig(checkACMEHosts bool) { // LoadConfig attempts to parse and load a config, returning any errors // encountered. -func LoadConfig(ctx context.Context, checkACMEHosts bool) []error { +func LoadConfig(ctx context.Context, doLoadTLSKeyCerts, checkACMEHosts bool) []error { Shutdown, ShutdownCancel = context.WithCancel(context.Background()) Context, ContextCancel = context.WithCancel(context.Background()) - c, errs := ParseConfig(ctx, ConfigStaticPath, false, false, checkACMEHosts) + c, errs := ParseConfig(ctx, ConfigStaticPath, false, doLoadTLSKeyCerts, checkACMEHosts) if len(errs) > 0 { return errs } @@ -367,12 +367,12 @@ func SetConfig(c *Config) { } // ParseConfig parses the static config at path p. If checkOnly is true, no changes -// are made, such as registering ACME identities. If skipCheckTLSKeyCerts is true, -// the TLS KeyCerts configuration is not checked. This is used during the +// are made, such as registering ACME identities. If doLoadTLSKeyCerts is true, +// the TLS KeyCerts configuration is loaded and checked. This is used during the // quickstart in the case the user is going to provide their own certificates. // If checkACMEHosts is true, the hosts allowed for acme are compared with the // explicitly configured ips we are listening on. -func ParseConfig(ctx context.Context, p string, checkOnly, skipCheckTLSKeyCerts, checkACMEHosts bool) (c *Config, errs []error) { +func ParseConfig(ctx context.Context, p string, checkOnly, doLoadTLSKeyCerts, checkACMEHosts bool) (c *Config, errs []error) { c = &Config{ Static: config.Static{ DataDir: ".", @@ -391,7 +391,7 @@ func ParseConfig(ctx context.Context, p string, checkOnly, skipCheckTLSKeyCerts, return nil, []error{fmt.Errorf("parsing %s: %v", p, err)} } - if xerrs := PrepareStaticConfig(ctx, p, c, checkOnly, skipCheckTLSKeyCerts); len(xerrs) > 0 { + if xerrs := PrepareStaticConfig(ctx, p, c, checkOnly, doLoadTLSKeyCerts); len(xerrs) > 0 { return nil, xerrs } @@ -408,7 +408,7 @@ func ParseConfig(ctx context.Context, p string, checkOnly, skipCheckTLSKeyCerts, // PrepareStaticConfig parses the static config file and prepares data structures // for starting mox. If checkOnly is set no substantial changes are made, like // creating an ACME registration. -func PrepareStaticConfig(ctx context.Context, configFile string, config *Config, checkOnly, skipCheckTLSKeyCerts bool) (errs []error) { +func PrepareStaticConfig(ctx context.Context, configFile string, config *Config, checkOnly, doLoadTLSKeyCerts bool) (errs []error) { addErrorf := func(format string, args ...any) { errs = append(errs, fmt.Errorf(format, args...)) } @@ -532,7 +532,7 @@ func PrepareStaticConfig(ctx context.Context, configFile string, config *Config, } l.TLS.Config = tlsconfig } else if len(l.TLS.KeyCerts) != 0 { - if !skipCheckTLSKeyCerts { + if doLoadTLSKeyCerts { if err := loadTLSKeyCerts(configFile, "listener "+name, l.TLS); err != nil { addErrorf("%w", err) } diff --git a/queue/queue_test.go b/queue/queue_test.go index 70df178..25d79fb 100644 --- a/queue/queue_test.go +++ b/queue/queue_test.go @@ -35,7 +35,7 @@ func setup(t *testing.T) (*store.Account, func()) { os.RemoveAll("../testdata/queue/data") mox.Context = ctxbg mox.ConfigStaticPath = "../testdata/queue/mox.conf" - mox.MustLoadConfig(false) + mox.MustLoadConfig(true, false) acc, err := store.OpenAccount("mjl") tcheck(t, err, "open account") err = acc.SetPassword("testtest") diff --git a/serve.go b/serve.go index e1db32a..ef980b9 100644 --- a/serve.go +++ b/serve.go @@ -151,7 +151,7 @@ requested, other TLS certificates are requested on demand. log := mlog.New("serve") if os.Getuid() == 0 { - mox.MustLoadConfig(checkACMEHosts) + mox.MustLoadConfig(true, checkACMEHosts) // No need to potentially start and keep multiple processes. As root, we just need // to start the child process. @@ -183,7 +183,7 @@ requested, other TLS certificates are requested on demand. } else { log.Print("starting as unprivileged user", mlog.Field("user", mox.Conf.Static.User), mlog.Field("uid", mox.Conf.Static.UID), mlog.Field("gid", mox.Conf.Static.GID), mlog.Field("pid", os.Getpid())) mox.RestorePassedFiles() - mox.MustLoadConfig(checkACMEHosts) + mox.MustLoadConfig(true, checkACMEHosts) } syscall.Umask(syscall.Umask(007) | 007) diff --git a/smtpserver/fuzz_test.go b/smtpserver/fuzz_test.go index c26c12d..0cdb328 100644 --- a/smtpserver/fuzz_test.go +++ b/smtpserver/fuzz_test.go @@ -31,7 +31,7 @@ func FuzzServer(f *testing.F) { mox.Context = ctxbg mox.ConfigStaticPath = "../testdata/smtpserverfuzz/mox.conf" - mox.MustLoadConfig(false) + mox.MustLoadConfig(true, false) dataDir := mox.ConfigDirPath(mox.Conf.Static.DataDir) os.RemoveAll(dataDir) acc, err := store.OpenAccount("mjl") diff --git a/smtpserver/server_test.go b/smtpserver/server_test.go index aa6d522..e3a4f59 100644 --- a/smtpserver/server_test.go +++ b/smtpserver/server_test.go @@ -92,7 +92,7 @@ func newTestServer(t *testing.T, configPath string, resolver dns.Resolver) *test mox.Context = ctxbg mox.ConfigStaticPath = configPath - mox.MustLoadConfig(false) + mox.MustLoadConfig(true, false) dataDir := mox.ConfigDirPath(mox.Conf.Static.DataDir) os.RemoveAll(dataDir) var err error diff --git a/store/account_test.go b/store/account_test.go index afd8615..a64a621 100644 --- a/store/account_test.go +++ b/store/account_test.go @@ -29,7 +29,7 @@ func tcheck(t *testing.T, err error, msg string) { func TestMailbox(t *testing.T) { os.RemoveAll("../testdata/store/data") mox.ConfigStaticPath = "../testdata/store/mox.conf" - mox.MustLoadConfig(false) + mox.MustLoadConfig(true, false) acc, err := OpenAccount("mjl") tcheck(t, err, "open account") defer acc.Close() diff --git a/store/export_test.go b/store/export_test.go index 9cae8e5..edf89b4 100644 --- a/store/export_test.go +++ b/store/export_test.go @@ -21,7 +21,7 @@ func TestExport(t *testing.T) { os.RemoveAll("../testdata/store/data") mox.ConfigStaticPath = "../testdata/store/mox.conf" - mox.MustLoadConfig(false) + mox.MustLoadConfig(true, false) acc, err := OpenAccount("mjl") tcheck(t, err, "open account") defer acc.Close()