dovecot-2.2-pigeonhole: Added sieve_extprograms plugin to the ma...

pigeonhole at rename-it.nl pigeonhole at rename-it.nl
Sun Apr 7 03:26:01 EEST 2013


details:   http://hg.rename-it.nl/dovecot-2.2-pigeonhole/rev/a68530fb25d4
changeset: 1746:a68530fb25d4
user:      Stephan Bosch <stephan at rename-it.nl>
date:      Sun Apr 07 02:25:46 2013 +0200
description:
Added sieve_extprograms plugin to the main Pigeonhole tree.
It is still a plugin, but no longer a separate package.

diffstat:

 INSTALL                                                  |   27 +-
 Makefile.am                                              |   24 +-
 configure.ac                                             |    1 +
 doc/Makefile.am                                          |    1 +
 doc/example-config/conf.d/90-sieve-extprograms.conf      |   44 +
 doc/example-config/conf.d/90-sieve.conf                  |    1 +
 doc/example-config/conf.d/Makefile.am                    |    3 +-
 doc/plugins/sieve_extprograms.txt                        |  175 +++
 doc/rfc/spec-bosch-sieve-extprograms.txt                 |  728 +++++++++++++++
 doc/rfc/xml/reference.DSN.xml                            |   17 +
 doc/rfc/xml/reference.MDN.xml                            |   17 +
 doc/rfc/xml/reference.NET-UNICODE.xml                    |   17 +
 doc/rfc/xml/reference.RFC.3894.xml                       |   15 +
 doc/rfc/xml/reference.RFC.5429.xml                       |   15 +
 doc/rfc/xml/reference.SUBADDRESS.xml                     |   15 +
 doc/rfc/xml/reference.UTF-8.xml                          |   16 +
 doc/rfc/xml/spec-bosch-sieve-extprograms.xml             |  616 ++++++++++++
 src/plugins/Makefile.am                                  |    2 +-
 src/plugins/sieve-extprograms/Makefile.am                |   38 +
 src/plugins/sieve-extprograms/cmd-execute.c              |  452 +++++++++
 src/plugins/sieve-extprograms/cmd-filter.c               |  283 +++++
 src/plugins/sieve-extprograms/cmd-pipe.c                 |  388 +++++++
 src/plugins/sieve-extprograms/ext-execute.c              |   80 +
 src/plugins/sieve-extprograms/ext-filter.c               |   80 +
 src/plugins/sieve-extprograms/ext-pipe.c                 |  111 ++
 src/plugins/sieve-extprograms/script-client-local.c      |  300 ++++++
 src/plugins/sieve-extprograms/script-client-private.h    |   59 +
 src/plugins/sieve-extprograms/script-client-remote.c     |  327 ++++++
 src/plugins/sieve-extprograms/script-client.c            |  327 ++++++
 src/plugins/sieve-extprograms/script-client.h            |   35 +
 src/plugins/sieve-extprograms/sieve-extprograms-common.c |  594 ++++++++++++
 src/plugins/sieve-extprograms/sieve-extprograms-common.h |   98 ++
 src/plugins/sieve-extprograms/sieve-extprograms-plugin.c |   65 +
 src/plugins/sieve-extprograms/sieve-extprograms-plugin.h |   23 +
 tests/plugins/extprograms/bin/addheader                  |    6 +
 tests/plugins/extprograms/bin/cat                        |    3 +
 tests/plugins/extprograms/bin/env                        |    3 +
 tests/plugins/extprograms/bin/frame                      |    7 +
 tests/plugins/extprograms/bin/modify                     |    8 +
 tests/plugins/extprograms/bin/program                    |    5 +
 tests/plugins/extprograms/bin/replace                    |   12 +
 tests/plugins/extprograms/bin/sleep2                     |    3 +
 tests/plugins/extprograms/bin/stderr                     |   20 +
 tests/plugins/extprograms/errors.svtest                  |   32 +
 tests/plugins/extprograms/errors/arguments.sieve         |    5 +
 tests/plugins/extprograms/errors/programname.sieve       |   25 +
 tests/plugins/extprograms/execute/command.svtest         |   27 +
 tests/plugins/extprograms/execute/errors.svtest          |   32 +
 tests/plugins/extprograms/execute/errors/syntax.sieve    |   38 +
 tests/plugins/extprograms/execute/errors/variables.sieve |    7 +
 tests/plugins/extprograms/execute/execute.svtest         |  103 ++
 tests/plugins/extprograms/filter/command.svtest          |   10 +
 tests/plugins/extprograms/filter/errors.svtest           |   18 +
 tests/plugins/extprograms/filter/errors/syntax.sieve     |   22 +
 tests/plugins/extprograms/filter/execute.svtest          |  180 +++
 tests/plugins/extprograms/pipe/command.svtest            |   10 +
 tests/plugins/extprograms/pipe/errors.svtest             |   57 +
 tests/plugins/extprograms/pipe/errors/syntax.sieve       |   22 +
 tests/plugins/extprograms/pipe/errors/timeout.sieve      |    3 +
 tests/plugins/extprograms/pipe/execute.svtest            |   56 +
 60 files changed, 5701 insertions(+), 7 deletions(-)

diffs (truncated from 6004 to 300 lines):

diff -r c6c6af49f8ac -r a68530fb25d4 INSTALL
--- a/INSTALL	Sun Apr 07 00:58:40 2013 +0200
+++ b/INSTALL	Sun Apr 07 02:25:46 2013 +0200
@@ -127,7 +127,8 @@
    The Pigeonhole Sieve interpreter can have plugins of its own. Using this
    setting, the used plugins can be specified. Check the Dovecot wiki
    (wiki2.dovecot.org) or the pigeonhole website (http://pigeonhole.dovecot.org)
-   for available plugins.
+   for available plugins. The sieve_extprograms plugin is included in this
+   release.
 
  sieve_user_log =
    The path to the file where the user log file is written. If not configured, a
@@ -367,7 +368,7 @@
   configuration options. Refer to doc/extensions/include.txt for settings
   specific to the include extension.
 
-- Spamtest and Virustest extensions:
+- Spamtest and virustest extensions:
 
   Using the spamtest and virustest extensions (RFC 5235), the Sieve language
   provides a uniform and standardized command interface for evaluating spam and
@@ -382,6 +383,28 @@
   configuration and are not enabled for use by default. Refer to
   doc/extensions/spamtest-virustest.txt for configuration information.
 
+- Vnd.dovecot.duplicate extension:
+
+  The vnd.dovecot.duplicate extension augments the Sieve filtering
+  implementation with a test that allows detecting and handling duplicate
+  message deliveries, e.g. as caused by mailinglists when people reply both to
+  the mailinglist and the user directly.
+
+  The vnd.dovecot.duplicate extension requires explicit configuration and is not
+  enabled for use by default. Refer to doc/extensions/vnd.dovecot.duplicate.txt
+  for configuration information.
+
+- Vnd.dovovecot.pipe, vnd.dovecot.filter, vnd.dovecot.execute extensions:
+
+  The "sieve_extprograms" plugin provides extensions to the Sieve filtering
+  language adding new action commands for invoking a predefined set of external
+  programs. Messages can be piped to or filtered through those programs	and
+  string data can be input to and retrieved from those programs.
+
+  This plugin and the extensions it provides require explicit configuration and
+  are not enabled for use by default. Refer to doc/plugins/sieve_extprograms.txt
+	for more information.
+
 Sieve Interpreter - Migration from CMUSieve (Dovecot v1.0/v1.1)
 ---------------------------------------------------------------
 
diff -r c6c6af49f8ac -r a68530fb25d4 Makefile.am
--- a/Makefile.am	Sun Apr 07 00:58:40 2013 +0200
+++ b/Makefile.am	Sun Apr 07 02:25:46 2013 +0200
@@ -20,7 +20,7 @@
 	hg log --style=changelog > ChangeLog
 endif
 
-# Testsuite tests
+# Testsuite tests (FIXME: ugly)
 
 TESTSUITE_BIN = $(top_builddir)/src/testsuite/testsuite $(TESTSUITE_OPTIONS)
 
@@ -148,8 +148,26 @@
 $(test_cases):
 	@$(TEST_BIN) $(top_srcdir)/$@
 
-.PHONY: $(test_cases)
+TEST_EXTPROGRAMS_BIN = $(TEST_BIN) \
+	-P src/plugins/sieve-extprograms/.libs/sieve_extprograms
 
+extprograms_test_cases = \
+	tests/plugins/extprograms/errors.svtest \
+	tests/plugins/extprograms/pipe/command.svtest \
+	tests/plugins/extprograms/pipe/errors.svtest \
+	tests/plugins/extprograms/pipe/execute.svtest \
+	tests/plugins/extprograms/filter/command.svtest \
+	tests/plugins/extprograms/filter/errors.svtest \
+	tests/plugins/extprograms/filter/execute.svtest \
+	tests/plugins/extprograms/execute/command.svtest \
+	tests/plugins/extprograms/execute/errors.svtest \
+	tests/plugins/extprograms/execute/execute.svtest
+
+$(extprograms_test_cases):
+	@$(TEST_EXTPROGRAMS_BIN) 	$(top_srcdir)/$@
+
+.PHONY: $(test_cases) $(extprograms_test_cases)
 test: $(test_cases)
+test-plugins: $(extprograms_test_cases)
 
-check: check-am test all-am
+check: check-am test test-plugins all-am
diff -r c6c6af49f8ac -r a68530fb25d4 configure.ac
--- a/configure.ac	Sun Apr 07 00:58:40 2013 +0200
+++ b/configure.ac	Sun Apr 07 02:25:46 2013 +0200
@@ -129,6 +129,7 @@
 src/plugins/Makefile
 src/plugins/doveadm-sieve/Makefile
 src/plugins/lda-sieve/Makefile
+src/plugins/sieve-extprograms/Makefile
 src/sieve-tools/Makefile
 src/managesieve/Makefile
 src/managesieve-login/Makefile
diff -r c6c6af49f8ac -r a68530fb25d4 doc/Makefile.am
--- a/doc/Makefile.am	Sun Apr 07 00:58:40 2013 +0200
+++ b/doc/Makefile.am	Sun Apr 07 02:25:46 2013 +0200
@@ -10,5 +10,6 @@
 EXTRA_DIST = \
 	devel \
 	extensions \
+	plugins \
 	$(docfiles)
 
diff -r c6c6af49f8ac -r a68530fb25d4 doc/example-config/conf.d/90-sieve-extprograms.conf
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/doc/example-config/conf.d/90-sieve-extprograms.conf	Sun Apr 07 02:25:46 2013 +0200
@@ -0,0 +1,44 @@
+# Sieve Extprograms plugin configuration
+
+# Don't forget to add the sieve_extprograms plugin to the sieve_plugins setting.
+# Also enable the extensions you need (one or more of vnd.dovecot.pipe,
+# vnd.dovecot.filter and vnd.dovecot.execute) by adding these	to the
+# sieve_extensions or sieve_global_extensions settings. Restricting these
+# extensions to a global context using sieve_global_extensions is recommended.
+
+plugin {
+
+  # The directory where the program sockets are located for the
+  # vnd.dovecot.pipe, vnd.dovecot.filter and vnd.dovecot.execute extension
+  # respectively. The name of each unix socket contained in that directory
+  # directly maps to a program-name referenced from the Sieve script.
+  #sieve_pipe_socket_dir = sieve-pipe
+  #sieve_filter_socket_dir = sieve-filter
+  #sieve_execute_socket_dir = sieve-execute
+
+  # The directory where the scripts are located for direct execution by the
+  # vnd.dovecot.pipe, vnd.dovecot.filter and vnd.dovecot.execute extension
+  # respectively. The name of each script contained in that directory
+  # directly maps to a program-name referenced from the Sieve script.
+  #sieve_pipe_bin_dir = /usr/lib/dovecot/sieve-pipe
+  #sieve_filter_bin_dir = /usr/lib/dovecot/sieve-filter
+  #sieve_execute_bin_dir = /usr/lib/dovecot/sieve-execute
+}
+
+# An example program service called 'do-something' to pipe messages to
+#service do-something {
+  # Define the executed script as parameter to the sieve service
+  #executable = script /usr/lib/dovecot/sieve-pipe/do-something.sh
+
+  # Use some unprivileged user for executing the program
+  #user = dovenull
+
+  # The unix socket located in the sieve_pipe_socket_dir (as defined in the 
+  # plugin {} section above)
+  #unix_listener sieve-pipe/do-something {
+    # LDA/LMTP must have access
+  #  user = vmail  
+  #  mode = 0600
+  #}
+#}
+
diff -r c6c6af49f8ac -r a68530fb25d4 doc/example-config/conf.d/90-sieve.conf
--- a/doc/example-config/conf.d/90-sieve.conf	Sun Apr 07 00:58:40 2013 +0200
+++ b/doc/example-config/conf.d/90-sieve.conf	Sun Apr 07 02:25:46 2013 +0200
@@ -68,6 +68,7 @@
   # setting, the used plugins can be specified. Check the Dovecot wiki
   # (wiki2.dovecot.org) or the pigeonhole website
   # (http://pigeonhole.dovecot.org) for available plugins.
+	# The sieve_extprograms plugin is included in this release.
   #sieve_plugins =
 
   # The separator that is expected between the :user and :detail
diff -r c6c6af49f8ac -r a68530fb25d4 doc/example-config/conf.d/Makefile.am
--- a/doc/example-config/conf.d/Makefile.am	Sun Apr 07 00:58:40 2013 +0200
+++ b/doc/example-config/conf.d/Makefile.am	Sun Apr 07 02:25:46 2013 +0200
@@ -3,7 +3,8 @@
 exampledir = $(dovecot_docdir)/example-config/conf.d
 example_DATA = \
 	20-managesieve.conf \
-	90-sieve.conf
+	90-sieve.conf \
+	90-sieve-extprograms.conf
 
 EXTRA_DIST = \
 	$(example_DATA)
diff -r c6c6af49f8ac -r a68530fb25d4 doc/plugins/sieve_extprograms.txt
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/doc/plugins/sieve_extprograms.txt	Sun Apr 07 02:25:46 2013 +0200
@@ -0,0 +1,175 @@
+Sieve Extprograms plugin for Pigeonhole
+
+Relevant specifications
+=======================
+
+	doc/rfc/spec-bosch-sieve-extprograms.txt
+
+Introduction
+============
+
+Sieve (RFC 5228) is a highly extensible machine language specifically tailored
+for internet message filtering. For the Dovecot Secure IMAP server, Sieve
+support is provided by the Pigeonhole Sieve plugin. This package includes a
+plugin for Pigeonhole called "sieve_extprograms", which extends the Sieve 
+filtering implementation with action commands for invoking a predefined set of
+external programs. Messages can be piped to or filtered through those programs
+and string data can be input to and retrieved from those programs.
+
+The Sieve language is explicitly designed to be powerful enough to be useful yet
+limited in order to allow for a safe server-side filtering system. Therefore,
+the base specification of the language makes it impossible for users to do
+anything more complex (and dangerous) than write simple mail filters. One of the
+consequences of this security-minded design is that users cannot execute
+external programs from their mail filter. Particularly for server-side filtering
+setups in which mail accounts have no corresponding system account, allowing the
+execution of arbitrary programs from the mail filter can be a significant
+security risk. However, such functionality can also be very useful, for instance
+to easily implement a custom action or external effect that Sieve normally
+cannot provide.
+
+The "sieve_extprograms" plugin provides an extension to the Sieve filtering
+language adding new action commands for invoking a predefined set of external
+programs. To mitigate the security concerns, the external programs cannot be
+chosen arbitrarily; the available programs are restricted through administrator
+configuration.
+
+This extension is specific to the Pigeonhole Sieve implementation for the
+Dovecot Secure IMAP server. It will therefore most likely not be supported by
+web interfaces or GUI-based Sieve editors. This extension is primarily meant for
+use in small setups or global scripts that are managed by the systems
+administrator.
+
+Implementation Status
+---------------------
+
+The "vnd.dovecot.pipe", "vnd.dovecot.filter" and "vnd.dovecot.execute" Sieve
+language extensions introduced by this plugin are vendor-specific with draft
+status and their implementation for Pigeonhole is experimental, which means that
+the language extensions are still subject to change and that the current
+implementation is not thoroughly tested.
+
+Configuration
+=============
+
+The plugin is activated by adding it to the sieve_plugins setting:
+
+sieve_plugins = sieve_extprograms
+
+This plugin registers the "vnd.dovecot.pipe", "vnd.dovecot.filter" and
+"vnd.dovecot.execute" extensions with the Sieve interpreter. However, these
+extensions are not enabled by default and thus need to be enabled explicitly. It
+is recommended to restrict the use of these extensions to global context by
+adding these to the "sieve_global_extensions" setting. If personal user scripts
+also need to directly access external programs, the extensions need to be added
+to the "sieve_extensions" setting. 
+
+The commands introduced by the Sieve language extensions in this plugin can
+directly pipe a message or string data to an external program (typically a shell
+script) by forking a new process. Alternatively, these can connect to a unix
+socket behind which a Dovecot script service is listening to start the external
+program, e.g. to execute as a different user or for added security.
+
+The program name specified for the new Sieve "pipe", "filter" and "execute"
+commands is used to find the program or socket in a configured directory.
+Separate directories are specified for the sockets and the directly executed
+binaries. The socket directory is searched first. Since the use of "/" in
+program names is prohibited, it is not possible to build a hierarchical
+structure.
+
+Directly forked programs are executed with a limited set of environment
+variables: HOME, USER, HOST, SENDER, RECIPIENT and ORIG_RECIPIENT. Programs
+executed through the script-pipe socket service currently have no environment
+set at all.
+
+If a shell script is expected to read a message or string data, it must fully
+read the provided input until the data ends with EOF, otherwise the Sieve action
+invoking the program will fail. The action will also fail when the shell script
+returns a nonzero exit code. Standard output is available for returning a
+message (for the filter command) or string data (for the execute command) to the
+Sieve interpreter. Standard error is written to the LDA log file. 
+
+The three extensions introduced by this plugin - "vnd.dovecot.pipe",
+"vnd.dovecot.filter" and "vnd.dovecot.pipe" - each have separate but similar
+configuration. The settings that specify a period are specified in s(econds),
+unless followed by a d(ay), h(our) or m(inute) specifier character. The
+following configuration settings are used, for which "<extension>" in the
+setting name is replaced by either "pipe", "filter" or "execute" depending on
+which extension is being configured.
+
+sieve_<extension>_socket_dir =
+  Points to a directory relative to the Dovecot base_dir where the plugin looks
+  for script service sockets. 
+
+sieve_<extension>_bin_dir =
+  Points to a directory where the plugin looks for programs (shell scripts) to
+  execute directly and pipe messages to.
+
+sieve_<extension>_exec_timeout = 10s
+  Configures the maximum execution time after which the program is forcefully
+  terminated.
+


More information about the dovecot-cvs mailing list