mox

package
v0.0.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 4, 2023 License: MIT Imports: 49 Imported by: 13

Documentation

Overview

Package mox provides functions dealing with global state, such as the current configuration, and convenience functions.

Index

Constants

This section is empty.

Variables

View Source 
var (
	ConfigStaticPath  string
	ConfigDynamicPath string
	Conf              = Config{Log: map[string]mlog.Level{"": mlog.LevelError}}
)

Config paths are set early in program startup. They will point to files in the same directory.

View Source 
var (
	ErrDomainNotFound  = errors.New("domain not found")
	ErrAccountNotFound = errors.New("account not found")
)
View Source 
var Connections = &connections{
	conns:  map[net.Conn]connKind{},
	gauges: map[connKind]prometheus.GaugeFunc{},
	active: map[connKind]int64{},
}

Connections holds all active protocol sockets (smtp, imap). They will be given an immediate read/write deadline shortly after initiating mox shutdown, after which the connections get 1 more second for error handling before actual shutdown.

View Source 
var Context context.Context

This context should be used as parent by most operations. It is canceled 1 second after graceful shutdown was initiated with the cancelation of the Shutdown context. This should abort active operations.

Operations typically have context timeouts, 30s for single i/o like DNS queries, and 1 minute for operations with more back and forth. These are set through a context.WithTimeout based on this context, so those contexts are still canceled when shutting down.

HTTP servers don't get graceful shutdown, their connections are just aborted. todo: should shut down http connections as well, and shut down the listener and/or return 503 for new requests.

View Source 
var ContextCancel func()
View Source 
var FilesImmediate bool

For privileged file descriptor operations (listen and opening privileged files), perform them immediately, regardless of running as root or other user, in case ForkExecUnprivileged is not used.

View Source 
var LimiterFailedAuth *ratelimit.Limiter
View Source 
var Shutdown context.Context

Shutdown is canceled when a graceful shutdown is initiated. SMTP, IMAP, periodic processes should check this before starting a new operation. If this context is canaceled, the operation should not be started, and new connections/commands should receive a message that the service is currently not available.

View Source 
var ShutdownCancel func()

Functions

func AccountAdd 

func AccountAdd(ctx context.Context, account, address string) (rerr error)

AccountAdd adds an account and an initial address and reloads the configuration.

The new account does not have a password, so cannot yet log in. Email can be delivered.

Catchall addresses are not supported for AccountAdd. Add separately with AddressAdd.

func AccountLimitsSave added in v0.0.3 

func AccountLimitsSave(ctx context.Context, account string, maxOutgoingMessagesPerDay, maxFirstTimeRecipientsPerDay int) (rerr error)

AccountLimitsSave saves new message sending limits for an account.

func AccountRemove 

func AccountRemove(ctx context.Context, account string) (rerr error)

AccountRemove removes an account and reloads the configuration.

func AddressAdd 

func AddressAdd(ctx context.Context, address, account string) (rerr error)

AddressAdd adds an email address to an account and reloads the configuration. If address starts with an @ it is treated as a catchall address for the domain.

func AddressRemove 

func AddressRemove(ctx context.Context, address string) (rerr error)

AddressRemove removes an email address and reloads the configuration.

func CanonicalLocalpart 

func CanonicalLocalpart(localpart smtp.Localpart, d config.Domain) (smtp.Localpart, error)

CanonicalLocalpart returns the canonical localpart, removing optional catchall separator, and optionally lower-casing the string.

func Cid 

func Cid() int64

Cid returns a new unique id to be used for connections/sessions/requests.

func CidFromCtx added in v0.0.2 

func CidFromCtx(ctx context.Context) int64

CidFromCtx returns the cid in the context, or 0.

func CleanupPassedFiles added in v0.0.4 

func CleanupPassedFiles()

CleanupPassedFiles closes the listening socket file descriptors and files passed in by the parent process. To be called by the unprivileged child after listeners have been recreated (they dup the file descriptor), and by the privileged process after starting its child.

func ConfigDirPath 

func ConfigDirPath(f string) string

ConfigDirPath returns the path to "f". Either f itself when absolute, or interpreted relative to the directory of the current config file.

func CryptoRandInt 

func CryptoRandInt() int64

CryptoRandInt returns a cryptographically random number.

func DataDirPath 

func DataDirPath(f string) string

DataDirPath returns to the path to "f". Either f itself when absolute, or interpreted relative to the data directory from the currently active configuration.

func DestinationSave 

func DestinationSave(ctx context.Context, account, destName string, newDest config.Destination) (rerr error)

DestinationSave updates a destination for an account and reloads the configuration.

func DomainAdd 

func DomainAdd(ctx context.Context, domain dns.Domain, accountName string, localpart smtp.Localpart) (rerr error)

DomainAdd adds the domain to the domains config, rewriting domains.conf and marking it loaded.

accountName is used for DMARC/TLS report and potentially for the postmaster address. If the account does not exist, it is created with localpart. Localpart must be set only if the account does not yet exist.

func DomainRecords 

func DomainRecords(domConf config.Domain, domain dns.Domain) ([]string, error)

DomainRecords returns text lines describing DNS records required for configuring a domain.

func DomainRemove 

func DomainRemove(ctx context.Context, domain dns.Domain) (rerr error)

DomainRemove removes domain from the config, rewriting domains.conf.

No accounts are removed, also not when they still reference this domain.

func FindAccount 

func FindAccount(localpart smtp.Localpart, domain dns.Domain, allowPostmaster bool) (accountName string, canonicalAddress string, dest config.Destination, rerr error)

FindAccount looks up the account for localpart and domain.

Can return ErrDomainNotFound and ErrAccountNotFound.

func ForkExecUnprivileged added in v0.0.2 

func ForkExecUnprivileged()

Fork and exec as unprivileged user.

We don't use just setuid because it is hard to guarantee that no other privileged go worker processes have been started before we get here. E.g. init functions in packages can start goroutines.

func IPs 

func IPs(ctx context.Context) ([]net.IP, error)

return IPs we may be listening on or connecting from to the outside.

func LastKnown 

func LastKnown() (current, lastknown updates.Version, mtime time.Time, rerr error)

LastKnown returns the last known version that has been mentioned in an update email, or the current application.

func LimitersInit 

func LimitersInit()

LimitesrsInit initializes the failed auth rate limiter.

func Listen added in v0.0.2 

func Listen(network, addr string) (net.Listener, error)

Listen returns a newly created network listener when starting as root, and otherwise (not root) returns a network listener from a file descriptor that was passed by the parent root process.

func LoadConfig 

func LoadConfig(ctx context.Context, checkACMEHosts bool) []error

LoadConfig attempts to parse and load a config, returning any errors encountered.

func MakeAccountConfig 

func MakeAccountConfig(addr smtp.Address) config.Account

MakeAccountConfig returns a new account configuration for an email address.

func MakeDKIMEd25519Key 

func MakeDKIMEd25519Key(selector, domain dns.Domain) ([]byte, error)

MakeDKIMEd25519Key returns a PEM buffer containing an ed25519 key for use with DKIM. selector and domain can be empty. If not, they are used in the note.

func MakeDKIMRSAKey 

func MakeDKIMRSAKey(selector, domain dns.Domain) ([]byte, error)

MakeDKIMEd25519Key returns a PEM buffer containing an rsa key for use with DKIM. selector and domain can be empty. If not, they are used in the note.

func MakeDomainConfig 

func MakeDomainConfig(ctx context.Context, domain, hostname dns.Domain, accountName string, withMTASTS bool) (config.Domain, []string, error)

MakeDomainConfig makes a new config for a domain, creating DKIM keys, using accountName for DMARC and TLS reports.

func MessageIDGen 

func MessageIDGen(smtputf8 bool) string

MessageIDGen returns a generated unique random Message-Id value, excluding <>.

func MustLoadConfig 

func MustLoadConfig(checkACMEHosts bool)

MustLoadConfig loads the config, quitting on errors.

func Network 

func Network(ip string) string

Network returns tcp4 or tcp6, depending on the ip. This network can be passed to Listen instead of "tcp", which may start listening on both ipv4 and ipv6 for addresses 0.0.0.0 and ::, which can lead to errors about the port already being in use. For invalid IPs, "tcp" is returned.

func NewRand 

func NewRand() *mathrand.Rand

NewRand returns a new PRNG seeded with random bytes from crypto/rand.

func OpenPrivileged added in v0.0.4 

func OpenPrivileged(path string) (*os.File, error)

Open a privileged file, such as a TLS private key. When running as root (during startup), the file is opened and the file descriptor is stored. These file descriptors are passed to the unprivileged process. When in the unprivileged processed, we lookup a passed file descriptor. The same calls should be made in the privileged and unprivileged process.

func ParseDynamicConfig 

func ParseDynamicConfig(ctx context.Context, dynamicPath string, static config.Static) (c config.Dynamic, mtime time.Time, accDests map[string]AccountDestination, errs []error)

PrepareDynamicConfig parses the dynamic config file given a static file.

func PrepareStaticConfig 

func PrepareStaticConfig(ctx context.Context, configFile string, config *Config, checkOnly, skipCheckTLSKeyCerts bool) (errs []error)

PrepareStaticConfig parses the static config file and prepares data structures for starting mox. If checkOnly is set no substantial changes are made, like creating an ACME registration.

func ReceivedID 

func ReceivedID(cid int64) string

ReceivedID returns an ID for use in a message Received header.

The ID is based on the cid. The cid itself is a counter and would leak the number of connections in received headers. Instead they are obfuscated by encrypting them with AES with a per-install key and random buffer. This allows recovery of the cid based on the id. See subcommand cid.

func ReceivedIDInit 

func ReceivedIDInit(key, rand []byte) error

ReceivedIDInit sets an AES key (must be 16 bytes) and random buffer (must be 8 bytes) for use by ReceivedID.

func ReceivedToCid 

func ReceivedToCid(s string) (cid int64, err error)

ReceivedToCid returns the cid given a ReceivedID.

func RestorePassedFiles added in v0.0.4 

func RestorePassedFiles()

RestorePassedFiles reads addresses from $MOX_SOCKETS and paths from $MOX_FILES and prepares an os.File for each file descriptor, which are used by later calls of Listen or opening files.

func SetConfig 

func SetConfig(c *Config)

SetConfig sets a new config. Not to be used during normal operation.

func Sleep 

func Sleep(ctx context.Context, d time.Duration)

Sleep for d, but return as soon as ctx is done.

Used for a few places where sleep is used to push back on clients, but where shutting down should abort the sleep.

func StoreLastKnown 

func StoreLastKnown(v updates.Version) error

StoreLastKnown stores the the last known version. Future update checks compare against it, or the currently running version, whichever is newer.

func TLSInfo 

func TLSInfo(conn *tls.Conn) (version, ciphersuite string)

TLSInfo returns human-readable strings about the TLS connection, for use in logging.

func TXTStrings 

func TXTStrings(s string) string

TXTStrings returns a TXT record value as one or more quoted strings, taking the max length of 255 characters for a string into account.

func WebserverConfigSet added in v0.0.2 

func WebserverConfigSet(ctx context.Context, domainRedirects map[string]string, webhandlers []config.WebHandler) (rerr error)

Types

type AccountDestination 

type AccountDestination struct {
	Catchall    bool           // If catchall destination for its domain.
	Localpart   smtp.Localpart // In original casing as written in config file.
	Account     string
	Destination config.Destination
}

type ClientConfig 

type ClientConfig struct {
	Entries []ClientConfigEntry
}

ClientConfig holds the client configuration for IMAP/Submission for a domain.

func ClientConfigDomain 

func ClientConfigDomain(d dns.Domain) (ClientConfig, error)

ClientConfigDomain returns the client config for IMAP/Submission for a domain.

type ClientConfigEntry 

type ClientConfigEntry struct {
	Protocol string
	Host     dns.Domain
	Port     int
	Listener string
	Note     string
}

type Config 

type Config struct {
	Static config.Static // Does not change during the lifetime of a running instance.

	Log map[string]mlog.Level

	Dynamic config.Dynamic // Can only be accessed directly by tests. Use methods on Config for locked access.

	DynamicLastCheck time.Time // For use by quickstart only to skip checks.
	// contains filtered or unexported fields
}

Config as used in the code, a processed version of what is in the config file.

Use methods to lookup a domain/account/address in the dynamic configuration.

func ParseConfig 

func ParseConfig(ctx context.Context, p string, checkOnly, skipCheckTLSKeyCerts, checkACMEHosts bool) (c *Config, errs []error)

ParseConfig parses the static config at path p. If checkOnly is true, no changes are made, such as registering ACME identities. If skipCheckTLSKeyCerts is true, the TLS KeyCerts configuration is not checked. This is used during the quickstart in the case the user is going to provide their own certificates. If checkACMEHosts is true, the hosts allowed for acme are compared with the explicitly configured ips we are listening on.

func (*Config) Account 

func (c *Config) Account(name string) (acc config.Account, ok bool)

func (*Config) AccountDestination 

func (c *Config) AccountDestination(addr string) (accDests AccountDestination, ok bool)

func (*Config) Accounts 

func (c *Config) Accounts() (l []string)

func (*Config) Domain 

func (c *Config) Domain(d dns.Domain) (dom config.Domain, ok bool)

func (*Config) DomainLocalparts 

func (c *Config) DomainLocalparts(d dns.Domain) map[string]string

DomainLocalparts returns a mapping of encoded localparts to account names for a domain. An empty localpart is a catchall destination for a domain.

func (*Config) Domains 

func (c *Config) Domains() (l []string)

func (*Config) LogLevelRemove 

func (c *Config) LogLevelRemove(pkg string)

LogLevelRemove removes a configured log level for a package.

func (*Config) LogLevelSet 

func (c *Config) LogLevelSet(pkg string, level mlog.Level)

LogLevelSet sets a new log level for pkg. An empty pkg sets the default log value that is used if no explicit log level is configured for a package. This change is ephemeral, no config file is changed.

func (*Config) LogLevels 

func (c *Config) LogLevels() map[string]mlog.Level

LogLevels returns a copy of the current log levels.

func (*Config) WebServer added in v0.0.2 

func (c *Config) WebServer() (r map[dns.Domain]dns.Domain, l []config.WebHandler)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.