667 Commits (bf0aad98204db6d3e329ef500bfb42d71a3460c1)

Author SHA1 Message Date
Florent Daigniere 6d244222da better error message 3 years ago
Florent Daigniere 1438253a06 Ratelimit outgoing emails per user 3 years ago
Diman0 588904078e Set default of AUTH_RATELIMIT_SUBNET to False. Increase default AUTH_RATELIMIT value. 3 years ago
Florent Daigniere defea3258d update arm builds too 3 years ago
Florent Daigniere d44608ed04 Merge remote-tracking branch 'upstream/master' into upgrade-alpine 3 years ago
Florent Daigniere f8362d04e4 Switch to openssl to workaround alpine #12763 3 years ago
bors[bot] 6ea4e3217a
Merge #1901
1901: treat localpart case insensitive again r=mergify[bot] a=ghostwheel42

## What type of PR?

bug-fix

## What does this PR do?

fixes error introduced by #1604 where the localpart of an email address was handled case sensitive.
this screwed things up at various other places.
 
### Related issue(s)

closes #1895
closes #1900

Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
3 years ago
Alexander Graf 6856c2c80f treat localpart case insensitive again
by lowercasing it where necessary
3 years ago
bors[bot] 656cf22126
Merge #1856
1856: update asset builder dependencies r=mergify[bot] a=ghostwheel42

## What type of PR?

update asset builder dependencies

## What does this PR do?

only include needed dependencies to build mailu assets with nodejs v8

### Related issue(s)

update dependencies as discussed in #1829


Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
3 years ago
bors[bot] 9289fa6420
Merge #1896
1896: save dkim key after creation r=mergify[bot] a=ghostwheel42

## What type of PR?

bug-fix

## What does this PR do?

saves generated dkim key after creation vi web ui.
after the model change the domain object needs to be added and flushed via sqlalchemy.

### Related issue(s)

closes #1892


Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
3 years ago
bors[bot] 9a4c6385e5
Merge #1888
1888: Use threads in gunicorn rather than workers/processes r=mergify[bot] a=nextgens

## What type of PR?

enhancement

## What does this PR do?

This ensures that we share the auth-cache... will enable memory savings
and may improve performances when a higher number of cores is available

"smarter default"

Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
3 years ago
Alexander Graf 54b46a13c6 save dkim key after creation 3 years ago
Alexander Graf ad1b036f20 fix Email class 3 years ago
Florent Daigniere 8d9f3214cc Use threads in gunicorn rather than processes
This ensures that we share the auth-cache... will enable memory savings
and may improve performances when a higher number of cores is available

"smarter default"
3 years ago
Yaron Shahrabani e0bf75ae17
Completed Hebrew translation 3 years ago
bors[bot] c5ff72d657
Merge #1857
1857: disable startdate when autoreply is disabled r=mergify[bot] a=ghostwheel42

## What type of PR?

bug-fix

## What does this PR do?

disable the reply startdate field when autoreply is disabled


Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
3 years ago
Florent Daigniere a0dcd46483 fix #1861: Handle colons in passwords 3 years ago
Alexander Graf 180026bd77 also disable startdate 4 years ago
Alexander Graf 56cfcf8b64 converted tabs to spaces 4 years ago
Alexander Graf 6377ccb2cb re-add jquery and select2 used in app.js 4 years ago
Alexander Graf 3c8a8aa8f0 use less v3 to make less-loader happy 4 years ago
Alexander Graf 1bb059f4c1 switched to newest possible versions for nodejs v8 4 years ago
Alexander Graf 858312a5cb remove explicit jQuery dependency 4 years ago
Alexander Graf 3bb0d68ead add cargo to build cryptography 4 years ago
Alexander Graf 9790dcdabe updated dependencies 4 years ago
Florent Daigniere 420afa53f8 Upgrade to alpine 3.14 4 years ago
bors[bot] 4a5f6b1f92
Merge #1791
1791: Enhanced session handling r=mergify[bot] a=ghostwheel42

## What type of PR?

bug-fix

## What does this PR do?

- replaces flask_kvsession and simplekv with a mailu-specific session store
- call cleanup_sessions before first request and not on startup.
  this allows to run cmdline actions without redis (and makes it faster)
- allow running without redis for debugging purposes by setting MEMORY_SESSIONS to True
- don't sign session id, as it has plenty of entropy (as suggested by nextgens)
- adds method to prune a user's sessions

### Related issue(s)
- enhances and close #1787


Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
4 years ago
Alexander Graf 8b71a92219 use fixed msg for key derivation 4 years ago
Alexander Graf 92896ae646 fix bugs in model and schema introduced by #1604 4 years ago
Alexander Graf 6740c77e43 small bugfix for exception 4 years ago
Alexander Graf fab3168c23 Merge remote-tracking branch 'upstream/master' into kvsession 4 years ago
Alexander Graf fbd945390d cleaned imports and fixed datetime and passlib use 4 years ago
Dimitri Huisman 6dc1a19390
Merge branch 'master' into import-export 4 years ago
bors[bot] fc1a663da2
Merge #1754
1754: centralize Webmail authentication behind the admin panel (SSO) r=mergify[bot] a=nextgens

## What type of PR?

Enhancement: it centralizes the authentication of webmails to the admin interface.

## What does this PR do?

It implements the glue required for webmails to do SSO using the admin interface.
One of the main advantages of centralizing things this way is that it reduces significantly the attack surface available to an unauthenticated attacker (no webmail access until there is a valid Flask session).

Others include the ability to implement 2FA down the line and rate-limit things as required.

### Related issue(s)
- #783

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
4 years ago
bors[bot] 4ff90683ca
Merge #1758 #1776
1758: Implement a simpler credential cache (alternative to #1755) r=mergify[bot] a=nextgens

## What type of PR?

Feature: it implements a credential cache to speedup authentication requests.

## What does this PR do?

Credentials are stored in cold-storage using a slow, salted/iterated hash function to prevent offline bruteforce attacks. This creates a performance bottleneck for no valid reason (see the
rationale/long version on https://github.com/Mailu/Mailu/issues/1194#issuecomment-762115549).

The new credential cache makes things fast again.

This is the simpler version of #1755 (with no new dependencies)

### Related issue(s)
- close #1411
- close #1194 
- close #1755

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


1776: optimize generation of transport nexthop r=mergify[bot] a=ghostwheel42

## What type of PR?

bug-fix and enhancement.

## What does this PR do?

Possibly there should be more input validation when editing a relay, but for now this tries to make the best out of the existing "smtp" attribute while maintaining backwards compatibility. When relay is empty, the transport's nexthop is the MX of the relayed domain to fix #1588 

```
RELAY			NEXTHOP						TRANSPORT
empty			use MX of relay domain				smtp:domain
:port			use MX of relay domain and use port	smtp:domain:port
target			resolve A/AAAA of target			smtp:[target]
target:port		resolve A/AAAA of target and use port	smtp:[target]:port
mx:target		resolve MX of target				smtp:target
mx:target:port	resolve MX of target and use port	smtp:target:port
lmtp:target		resolve A/AAAA of target			lmtp:target
lmtp:target:port	resolve A/AAAA of target and use port	lmtp:target:port

target can also be an IPv4 or IPv6 address (an IPv6 address must be enclosed in []: [2001:DB8::]).
```

When there is proper input validation and existing database entries are migrated this function can be made much shorter again.

### Related issue(s)
- closes #1588 
- closes #1815 

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [X] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
4 years ago
bors[bot] d9da8e4bb2
Merge #1746
1746: DNS records for client autoconfiguration (RFC6186) r=Diman0 a=nextgens

## What type of PR?

Feature

## What does this PR do?

Add instructions on how to configure rfc6186 DNS records for client autoconfiguration

### Related issue(s)
- #224
- #498

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
4 years ago
Alexander Graf 3f23e199f6 modified generation of session key and added refresh
- the session key is now generated using
  - a hash of the uid seeded by the apps secret_key (size: SESSION_KEY_BITS)
  - a random token (size: 128 bits)
  - the session's creation time (size: 32 bits)

- redis server side sessions are now refreshed after 1/2 the session lifetime
  even if not modified
- the cookie is also updated if necessary
4 years ago
Alexander Graf 9ef8aaf698 removed double confiog and fixed shaker 4 years ago
Alexander Graf a1fd44fced added lmtp: prefix and documentation 4 years ago
Florent Daigniere 875308d405 Revert "In fact it could be global"
This reverts commit f52984e4c3.
4 years ago
Florent Daigniere f52984e4c3 In fact it could be global 4 years ago
Florent Daigniere ae9206e968 Implement a simple credential cache 4 years ago
DjVinnii 419fed5e6e Add language selector 4 years ago
Alexander Graf 731ce8ede9 fix permanent sessions. hash uid using SECRET_KEY
clean session in redis only once when starting
4 years ago
Alexander Graf 4b8bbf760b default to 128 bits 4 years ago
Alexander Graf 4b71bd56c4 replace flask_kvsession with mailu's own storage 4 years ago
DjVinnii 7dafa22762 Add /language/<language> route for changing the locale using a session variable 4 years ago
DjVinnii f30cca1263 Do imports based on AdminLTE plugins 4 years ago
DjVinnii a4bb42faeb Remove extra space between 'AdminLTE' and 'on' in footer 4 years ago
DjVinnii b2498e8c8f Refactor box macro to card 4 years ago
DjVinnii 5ddea07c9a Fix form input append class 4 years ago
DjVinnii 1db0a870f3 Fix log in icon in sidebar 4 years ago
DjVinnii 51346c4860 Fix pre- and append styling 4 years ago
DjVinnii e963e7495d Create datatable based on dataTable class instead of table class 4 years ago
DjVinnii 0984173504 Change label to badge 4 years ago
DjVinnii 8246497d16 Add card header to tables 4 years ago
DjVinnii 49d68fa6d1 Fix horizontal scrollbar in sidebar 4 years ago
DjVinnii 7d3c9d412d Change tables to datatables 4 years ago
DjVinnii cdfa94c243 Make main action float right 4 years ago
DjVinnii 0c5fda3fca Change macros.box to macros.card 4 years ago
DjVinnii deca6e0c4a update user/settings 4 years ago
DjVinnii 6b3170cb4c Update side menu 4 years ago
DjVinnii c97728289b Update node version for building the image (AdminLTE requires node 10 or higher) 4 years ago
DjVinnii e46d9e1fc9 Update admin-lte version in package.json 4 years ago
Vincent Kling c6d0ef229f
Update messages.po 4 years ago
Alexander Graf f0f79b23a3 Allow cleanup of sessions by key&value in data
This can be used to delete all sessions belonging to a user/login.
For no it just iterates over all sessions.
This could be enhanced by using a prefix for and deleting by prefix.
4 years ago
Alexander Graf 83b1fbb9d6 Lazy loading of KVSessionExtension
- call cleanup_sessions on first kvstore access
  this allows to run cmdline actions without redis (and makes it faster)
- Allow development using DictStore by setting REDIS_ADDRESS to the empty string in env
- don't sign 64bit random session id as suggested by nextgens
4 years ago
Alexander Graf 8bc4445572 Sync update of localpart, domain_name and email 4 years ago
Alexander Graf 0c38128c4e Add pygments to requirements 4 years ago
Alexander Graf 9cb6962335 Moved MyYamlLexer into logger
now cmdline runs without pygments
4 years ago
Alexander Graf ce9a9ec572 always init Logger first 4 years ago
Alexander Graf c17bfae240 correct rfc3339 datetime serialization
now using correct timezone
4 years ago
Alexander Graf dc5464f254 Merge remote-tracking branch 'upstream/master' into import-export 4 years ago
Alexander Graf e90d5548a6 use RFC3339 for last_check
fixed to UTC for now
4 years ago
Florent Daigniere dd3d03f06d Merge remote-tracking branch 'upstream/master' into webmail-sso 4 years ago
bors[bot] 25e8910b89
Merge #1783
1783: Switch to server-side sessions r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

It simplifies session management.
- it ensures that sessions will eventually expire (*)
- it implements some mitigation against session-fixation attacks
- it switches from client-side to server-side sessions (in Redis)

It doesn't prevent us from (re)-implementing a "remember_me" type of feature if that's considered useful by some.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
4 years ago
lub f3f0a4d86d
Merge branch 'master' into enforce-tls-admin 4 years ago
Florent Daigniere 64d757582d Disable anti-csrf on the login form
The rationale is that the attacker doesn't have the password...
and that doing it this way we avoid creating useless sessions
4 years ago
Florent Daigniere 481cb67392 cleanup old sessions on startup 4 years ago
Florent Daigniere b9becd8649 make sessions expire 4 years ago
Florent Daigniere a1d32568d6 Regenerate session-ids to prevent session fixation 4 years ago
Florent Daigniere d459c37432 make session IDs 128bits 4 years ago
Florent Daigniere 22af5b8432 Switch to server-side sessions in redis 4 years ago
Alexander Graf dd2e218375 Merge remote-tracking branch 'upstream/master' into import-export 4 years ago
Florent Daigniere 96ae54d04d CryptContext should be a singleton 4 years ago
Florent Daigniere 5f05fee8b3 Don't need regexps anymore 4 years ago
Florent Daigniere 1c5b58cba4 Remove scheme_dict 4 years ago
Florent Daigniere df230cb482 Refactor auth under nginx.check_credentials() 4 years ago
Florent Daigniere f9ed517b39 Be specific token length 4 years ago
Florent Daigniere d0b34f8e24 Move CREDENTIAL_ROUNDS to advanced settings 4 years ago
Florent Daigniere fda758e2b4 remove merge artifact 4 years ago
Florent Daigniere 57a6abaf50 Remove {scheme} from the DB if mailu has set it 4 years ago
Florent Daigniere 7137ba6ff1 Misc improvements to PASSWORD_SCHEME
- remove PASSWORD_SCHEME altogether
- introduce CREDENTIAL_ROUNDS
- migrate all old hashes to the current format
- auto-detect/enable all hash types that passlib supports
- upgrade passlib to 1.7.4 (see #1706: ldap_salted_sha512 support)
4 years ago
Florent Daigniere 00b001f76b Improve the token storage format
shortcomings of the previous format included:
- 1000x slower than it should be (no point in adding rounds since there
 is enough entropy: they are not bruteforceable)
- vulnerable to DoS as explained in
https://passlib.readthedocs.io/en/stable/lib/passlib.hash.sha256_crypt.html#security-issues
4 years ago
Florent Daigniere eb7895bd1c Don't do more work than necessary (/webdav)
This is also fixing tokens on /webdav/
4 years ago
Florent Daigniere 58b2cdc428 Don't do more work than necessary 4 years ago
bors[bot] 464e46b02b
Merge #1765
1765: Set sensible cookie flags on the admin app r=mergify[bot] a=nextgens

## What type of PR?

Bugfix

## What does this PR do?

It sets the right flags on the session cookie issued by the admin app.
This should probably be backported as the lack of secure flag on TLS-enabled setup is a high risk vulnerability.

SameSite is hardening / helps against CSRF on modern browsers
HTTPOnly is hardening / helps reduce the impact of XSS

Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
4 years ago
bors[bot] 47d6c697d0
Merge #1763
1763: show flash messages again r=mergify[bot] a=lub

## What type of PR?

bug-fix

## What does this PR do?
This basically restores the behaviour, that got removed in
ecdf0c25b3 during refactoring.

### Related issue(s)
- noticed it while reviewing #1756

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [-] In case of feature or enhancement: documentation updated accordingly
- [-] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: lub <git@lubiland.de>
4 years ago
bors[bot] cca4b50915
Merge #1607
1607: _FILE variables for Docker swarm secrets r=mergify[bot] a=lub

## What type of PR?

enhancement

## What does this PR do?

This PR enables usage of DB_PW_FILE and SECRET_KEY_FILE instead of DB_PW and SECRET_KEY to load these values from files instead of supplying them directly. That way it's possible to use Docker secrets.

### Related issue(s)


## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: lub <git@lubiland.de>
4 years ago
Florent Daigniere 0dcc059cd6 Add a new knob as discussed on matrix with lub 4 years ago