[dovecot/core] d9ce43: fts: Remove indentation from fts_mailbox_list_crea...
GitHub
noreply at github.com
Thu Apr 13 01:30:13 EEST 2017
Branch: refs/heads/master-2.2
Home: https://github.com/dovecot/core
Commit: d9ce4356f7e551f44f619aa0640b53628385f902
https://github.com/dovecot/core/commit/d9ce4356f7e551f44f619aa0640b53628385f902
Author: Aki Tuomi <aki.tuomi at dovecot.fi>
Date: 2017-04-13 (Thu, 13 Apr 2017)
Changed paths:
M src/plugins/fts/fts-storage.c
Log Message:
-----------
fts: Remove indentation from fts_mailbox_list_created
Preparation for next commit
Commit: 8b4fe6f864dc41cfe1b427cef5554723ebdeb395
https://github.com/dovecot/core/commit/8b4fe6f864dc41cfe1b427cef5554723ebdeb395
Author: Aki Tuomi <aki.tuomi at dovecot.fi>
Date: 2017-04-13 (Thu, 13 Apr 2017)
Changed paths:
M src/plugins/fts/fts-plugin.c
M src/plugins/fts/fts-storage.c
M src/plugins/fts/fts-storage.h
Log Message:
-----------
fts: Initialize fts after namespaces have been added
This way paths are correctly set, and fts indexes are
written to correct place. This affects mbox with lucene.
Fixes Panic: file mailbox-list.c: line 1158 (mailbox_list_try_mkdir_root): assertion failed (strncmp(root_dir, path, strlen(root_dir)) == 0)
Commit: 31191949dcbd0138a03d0a7f687cdbba531f96aa
https://github.com/dovecot/core/commit/31191949dcbd0138a03d0a7f687cdbba531f96aa
Author: Timo Sirainen <timo.sirainen at dovecot.fi>
Date: 2017-04-13 (Thu, 13 Apr 2017)
Changed paths:
M src/lib/strfuncs.c
M src/lib/strfuncs.h
M src/lib/test-strfuncs.c
Log Message:
-----------
lib: Add mem_equals_timing_safe()
Commit: 4e11e0a485dcc43cd30f7ea305ebc9718f5ec7f7
https://github.com/dovecot/core/commit/4e11e0a485dcc43cd30f7ea305ebc9718f5ec7f7
Author: Timo Sirainen <timo.sirainen at dovecot.fi>
Date: 2017-04-13 (Thu, 13 Apr 2017)
Changed paths:
M src/auth/password-scheme.c
Log Message:
-----------
auth: Make plaintext password comparisons safe against timing attacks
Commit: fb7a68e3fcec6b4a9d75fae746970515c1d41334
https://github.com/dovecot/core/commit/fb7a68e3fcec6b4a9d75fae746970515c1d41334
Author: Timo Sirainen <timo.sirainen at dovecot.fi>
Date: 2017-04-13 (Thu, 13 Apr 2017)
Changed paths:
M src/doveadm/client-connection.c
Log Message:
-----------
doveadm: Make doveadm_password safe against timing attacks.
Commit: 2d1959da1ebecf3892172b29a968799c326f44b6
https://github.com/dovecot/core/commit/2d1959da1ebecf3892172b29a968799c326f44b6
Author: Timo Sirainen <timo.sirainen at dovecot.fi>
Date: 2017-04-13 (Thu, 13 Apr 2017)
Changed paths:
M src/auth/auth-request-handler.c
Log Message:
-----------
auth: Shuffle failed auth requests before sending the failure replies.
This might be helpful against some timing attacks.
Using Fisher–Yates shuffle.
Commit: bb087f91a2c9070b894fcb182b53f31a908d574a
https://github.com/dovecot/core/commit/bb087f91a2c9070b894fcb182b53f31a908d574a
Author: Timo Sirainen <timo.sirainen at dovecot.fi>
Date: 2017-04-13 (Thu, 13 Apr 2017)
Changed paths:
M src/auth/auth-master-connection.c
M src/auth/mech-apop.c
M src/auth/mech-cram-md5.c
M src/auth/mech-digest-md5.c
M src/auth/mech-gssapi.c
M src/auth/mech-ntlm.c
M src/auth/mech-rpa.c
M src/auth/mech-scram-sha1.c
M src/auth/password-scheme-pbkdf2.c
M src/auth/password-scheme-scram.c
M src/auth/password-scheme.c
Log Message:
-----------
auth: Use mem_equals_timing_safe() for all password hash comparisons.
It's unlikely these could be used to perform timing attacks, since the
attacker would have to have broken MD5/SHA badly enough to be able to
quickly generate string that result in wanted hashes. Still, the extra
cost is almost nothing and it's always better to be super paranoid!
Commit: 9ad7afac16721c1c25bcdc7e121548c8d5f30835
https://github.com/dovecot/core/commit/9ad7afac16721c1c25bcdc7e121548c8d5f30835
Author: Aki Tuomi <aki.tuomi at dovecot.fi>
Date: 2017-04-13 (Thu, 13 Apr 2017)
Changed paths:
M src/auth/auth-request.c
Log Message:
-----------
auth: Fix mechanism filter to support `none`
Otherwise credentials lookup can fail. None indicates
that it should match when no mech is specified.
Commit: 633e34e2067c3fade64ab04f7b60639c8ab54610
https://github.com/dovecot/core/commit/633e34e2067c3fade64ab04f7b60639c8ab54610
Author: Aki Tuomi <aki.tuomi at dovecot.fi>
Date: 2017-04-13 (Thu, 13 Apr 2017)
Changed paths:
M src/auth/auth-request.c
Log Message:
-----------
auth: Filter passdbs on credentials lookup start
Consistency with how plain verify works.
Commit: aa2399c611e0264311f5e0d306f79bf000aebd86
https://github.com/dovecot/core/commit/aa2399c611e0264311f5e0d306f79bf000aebd86
Author: Aki Tuomi <aki.tuomi at dovecot.fi>
Date: 2017-04-13 (Thu, 13 Apr 2017)
Changed paths:
M src/auth/userdb-vpopmail.c
Log Message:
-----------
auth: Check var_expand error in vpopmail
Compare: https://github.com/dovecot/core/compare/b440bbfb2f75...aa2399c611e0
More information about the dovecot-cvs
mailing list