Instead of converting binary data to base64 in order to get printable
data, use a white list of characters allowed and select from those.
This also makes sure we will get the right amount of characters as
requested, not potentially longer strings.
Dovecot promotes the use of BLF-CRYPT as a hashing scheme [1].
However, as not all libc-crypt() implementations support this scheme,
use the implementation added in a previous commit.
Also, update the references to the dovecot implementation and a small
test case for testing the blowfish implementation.
[1] https://doc.dovecot.org/configuration_manual/authentication/password_schemes/Fixes#4958
Support uri schemes for SMTP, enabling STARTTLS and SMTPS for SMTP
connections.
The new format for configuration value SMTPServer supports passing a
URI scheme (either smtp:// or smtps://). To support old configurations,
if no scheme is given, smtp:// is assumed.
Fixes#31
When using a master user to update the Sieve scripts through sogo-tool,
we may not be able to detect the IMAP delimiter. Therefore, we must
fallback to the default NGImap4ConnectionStringSeparator.
Fixes#4919
All the user defaults are now editable through the Preferences module,
even if an external Sieve script is enabled. However, the user can
disable the external Sieve script and force the activation of the
"sogo" Sieve script.
Allow domain admins to now set Sieve scripts that can be prepended
and appended to all users' scripts. This can now be controller
using the SOGoSieveScriptHeaderTemplateFile and
SOGoSieveScriptFooterTemplateFile domain defaults.
When building on debian buster, the following warning occurs during
compiling:
NSData+Crypto.m: In function ‘-[NSData(SOGoCryptoExtension) _asCryptedUsingSalt:magic:]’:
NSData+Crypto.m:610:9: warning: implicit declaration of function ‘crypt’; did you mean ‘creat’? [-Wimplicit-function-declaration]
buf = crypt([cryptString UTF8String], [saltString UTF8String]);
^~~~~
creat
NSData+Crypto.m:610:7: warning: assignment to ‘char *’ from ‘int’ makes pointer from integer without a cast [-Wint-conversion]
buf = crypt([cryptString UTF8String], [saltString UTF8String]);
^
NSData+Crypto.m: In function ‘-[NSData(SOGoCryptoExtension) asCryptUsingSalt:]’:
NSData+Crypto.m:674:7: warning: assignment to ‘char *’ from ‘int’ makes pointer from integer without a cast [-Wint-conversion]
buf = crypt([cryptString UTF8String], [saltString UTF8String]);
^
Creating derived_src/NSFramework_SOGo.m..
This warning is apparently more severe as it may also cause segfaults
(at least on Debian Buster) when logging in, rendering sogo unusable:
2019-07-21 11:27:55.623 sogod[16074:16074] MySQL4 connection established 0x0x55e6b9e56f40
2019-07-21 11:27:55.624 sogod[16074:16074] MySQL4 channel 0x0x55e6b9aa41f0 opened (connection=0x0x55e6b9e56f40,sogo)
2019-07-21 11:27:55.624 sogod[16074:16074] <MySQL4Channel[0x0x55e6b9aa41f0] connection=0x0x55e6b9e56f40> SQL: SELECT c_password FROM sogo_userview WHERE c_uid = 'xxxx';
2019-07-21 11:27:55.625 sogod[16074:16074] <MySQL4Channel[0x0x55e6b9aa41f0] connection=0x0x55e6b9e56f40> query has results, entering fetch-mode.
Jul 21 11:27:56 sogod [16057]: <0x0x55e6b9a56020[WOWatchDogChild]> child 16074 exited
Jul 21 11:27:56 sogod [16057]: <0x0x55e6b9a56020[WOWatchDogChild]> (terminated due to signal 11)
Jul 21 11:27:56 sogod [16057]: <0x0x55e6b992b360[WOWatchDog]> child spawned with pid 16268
The reason for this segfault is likely the implicit conversion to int,
leading to uninitialized higher bits of the pointer passed to NSData.