2018-10-01 13:36:56 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (dcead646b)

    Released v2.3.3.


M	NEWS
M	configure.ac

2018-08-23 20:29:58 +0300 Aki Tuomi <aki.tuomi@dovecot.fi> (b96be88f9)

    submission: Reorder initialization code

    login_set socket paths get invalidated when master_service_init_finish is
    called, so we need to run the code that uses them before this.

M	src/submission/main.c

2018-08-23 19:15:50 +0300 Aki Tuomi <aki.tuomi@dovecot.fi> (3413ea118)

    lib-smtp: Increase memory pool initial sizes

    This reduces malloc traffic

M	src/lib-http/test-http-client-errors.c
M	src/lib-smtp/smtp-client-connection.c
M	src/lib-smtp/smtp-client-transaction.c
M	src/lib-smtp/smtp-reply-parser.c
M	src/lib-smtp/smtp-server-command.c
M	src/lib-smtp/smtp-server-connection.c
M	src/lib-smtp/smtp-server-transaction.c

2018-06-20 00:22:47 +0200 Stephan Bosch <stephan.bosch@dovecot.fi> (999c74680)

    lib-smtp: server: Fix memory leak occurring when an error occurs early for
    BDAT/BURL.


M	src/lib-smtp/smtp-server-cmd-data.c
M	src/lib-smtp/smtp-server-connection.c

2018-06-20 15:54:21 +0200 Stephan Bosch <stephan.bosch@dovecot.fi> (2636474cc)

    lib-smtp: server: connection: Rely on i_stream_destroy(NULL) being a no-op.


M	src/lib-smtp/smtp-server-connection.c

2018-06-20 00:31:43 +0200 Stephan Bosch <stephan.bosch@dovecot.fi> (d25951928)

    lib-smtp: server: Restructure reference counting of BDAT/BURL chain stream.

    It is now dereferenced directly, rather than via a local variable; thereby 
    making sure it is reset to NULL.

M	src/lib-smtp/smtp-server-cmd-data.c

2018-06-29 14:37:36 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (0c22bd104)

    director: Fix assert-crash when doveadm disconnects immediately after
    sending command

    Any command that requires a ring sync should cause the doveadm connection to 
    wait until the ring is synced. However, if the disconnection happened early 
    enough the connection is deinitialized before the ring sync is finished.

    Fixes: Panic: file doveadm-connection.c: line 1097
    (doveadm_connection_deinit): assertion failed: (conn->to_ring_sync_abort ==
    NULL)

M	src/director/doveadm-connection.c

2018-09-19 11:32:08 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (2fbbccc0a)

    director: Add assert to make sure doveadm connection's IO isn't added
    multiple times


M	src/director/doveadm-connection.c

2018-09-07 20:04:48 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (ae44bab08)

    doveadm: Make sure to stop running commands requiring synced ring when ring
    is no longer synced

    A command could desync the ring, and no more commands should be run 
    afterwards.

    This also fixes a bug where a command that desyncs the ring is supposed to 
    wait for the ring being synced before returning OK, but returns it 
    immediately instead.

M	src/director/doveadm-connection.c
M	src/director/doveadm-connection.h
M	src/director/main.c

2018-01-03 15:54:15 +0200 Phil Carmody <phil@dovecot.fi> (14e4920d8)

    lib/printf-format-fix: fix rejection of "%.0f" as a valid string

    Sometimes you want to calculate in floats, but don't want the decimals 
    printed.

    Signed-off-by: Phil Carmody <phil@dovecot.fi>

M	src/lib/printf-format-fix.c
M	src/lib/test-printf-format-fix.c

2018-09-19 22:26:08 +0200 Stephan Bosch <stephan.bosch@dovecot.fi> (8b8464b5d)

    lib-smtp: reply-parser: Fix closing the text_lines array with NULL sentinel.

    For (EHLO) replies with more than 7 lines, the text_lines array of the reply
    did not end in NULL, causing a segfault.

M	src/lib-smtp/smtp-reply-parser.c

2018-09-20 19:34:33 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (1e1acce32)

    Released v2.3.3.rc1.


M	NEWS
M	configure.ac

2018-09-13 15:30:22 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (8561dd773)

    lib: i_zero*() - Give compiler error if it's wrongly used on an array


M	src/lib/macros.h

2018-09-13 15:29:45 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (fafbf8400)

    lib-master, auth: Fix clearing memory

    It doesn't look like these being wrong were causing any bugs.

M	src/auth/password-scheme-sodium.c
M	src/lib-master/master-service-haproxy.c

2018-09-11 15:54:39 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (c19068daf)

    doveadm stats dump: Fix potentially not writing all stats output

    It depended on whether uninitialized stack memory was 0 or not.

M	src/doveadm/doveadm-stats.c

2018-08-17 11:34:02 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (313be4a02)

    lib: Mark signal waiting IO as "never wait alone"

    This signal is being automatically moved to nested ioloops. It can't be the 
    only IO being waited, since there's no code that simply wants to wait for a 
    signal.

M	src/lib/lib-signals.c

2018-08-17 11:33:17 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (658e58b02)

    lib: ioloop-epoll/kqueue: Remove now unnecessary infinite wait check.

    The previous change adds this globally to io_loop_run_get_wait_time().

M	src/lib/ioloop-epoll.c
M	src/lib/ioloop-kqueue.c

2018-08-17 11:32:10 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (e73415715)

    lib: Add io_set_never_wait_alone()

    If ioloop is run without any timeouts and without IOs that don't have this 
    flag, assert-crash rather than going to infinite wait.

M	src/lib/ioloop-private.h
M	src/lib/ioloop.c
M	src/lib/ioloop.h

2018-08-17 11:29:30 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (16fd1766d)

    lib: Add and use io_loop_run_get_wait_time()

    This is going to be called just before running an ioloop iteration. The next
    commit improves its behavior.

M	src/lib/ioloop-epoll.c
M	src/lib/ioloop-kqueue.c
M	src/lib/ioloop-poll.c
M	src/lib/ioloop-private.h
M	src/lib/ioloop-select.c
M	src/lib/ioloop.c

2018-09-07 10:43:43 -0400 Josef 'Jeff' Sipek <jeff.sipek@dovecot.fi> (3ecffb14a)

    lib-storage: Don't try to deserialize bodystructure if we already have it

    Fixes: Panic: file message-part-data.c: line 37
    (message_part_data_is_plain_7bit): assertion failed: (data != NULL)

M	src/lib-storage/index/index-mail.c

2018-09-06 11:07:22 -0400 Josef 'Jeff' Sipek <jeff.sipek@dovecot.fi> (97e8c8279)

    lib-storage: Simplify an assertion condition

    Since the i_assert() is guarded by a check for save_bodystructure_header 
    being true, the whole condition can be simplified.

M	src/lib-storage/index/index-mail-headers.c

2018-09-06 11:06:17 -0400 Josef 'Jeff' Sipek <jeff.sipek@dovecot.fi> (8c87b9417)

    lib-storage: Don't try to process header if we haven't parsed the body
    structure

    Fixes: Panic: file index-mail-headers.c: line 294 (index_mail_parse_header):
    assertion failed: (part != NULL)

M	src/lib-storage/index/index-mail-headers.c

2018-08-31 15:06:09 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (d54d97c06)

    lib: Move log type to be written before appended log prefix

    This changes the logging format back to how it used to be before the event 
    logging changes.

M	src/lib/event-log.c
M	src/lib/lib-event.h
M	src/lib/test-event-log.c

2018-08-31 15:03:37 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (a50f08645)

    lib: Add failure_context.log_prefix_type_pos

    If non-zero, this specifies where the log type (e.g. "Info: ") is written 
    within the log prefix. By default it's appended.

M	src/lib/failures.c
M	src/lib/failures.h

2018-08-31 15:01:38 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (f69253fd4)

    lib, log: Add log prefix length to internal logging protocol

    This way log process knows which part of the text is the log prefix, and 
    which part is the logged text.

M	src/lib/failures.c
M	src/lib/failures.h
M	src/log/log-connection.c

2018-08-31 14:57:13 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (6571120bd)

    log: Move data stack frame allocation to parent function

    This simplifies the next commit, which requires data stack nearly always 
    when logging. The data stack frames are cheap enough that we don't really 
    need to optimize for avoiding the cases when they're not needed.

M	src/log/log-connection.c

2018-08-31 14:54:18 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (83a59a536)

    log: Avoid unnecessary global log prefix changes

    If the context specifies a log prefix, the global prefix isn't going to be 
    used.

M	src/log/log-connection.c

2018-08-31 14:50:52 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (38dade51b)

    lib: failures - Use common log_prefix_add() for default and syslog
    formatters


M	src/lib/failures.c

2018-08-28 12:45:23 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (d0a7f6c69)

    lib: Add unit test for event log prefix handling

    Some of the tests are commented out until they're fixed in a following 
    commit.

M	src/lib/Makefile.am
A	src/lib/test-event-log.c
M	src/lib/test-lib.inc

2018-08-31 14:30:21 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (da55b6a75)

    lib: failures - Move adding LF from default_format() to default_write()

    This makes it similar to internal_format/write()

M	src/lib/failures.c

2018-08-31 14:21:06 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (7ebce7728)

    lib: Move failure handler structs and typedefs to failures-private.h

    Also change the function typedefs to be non-pointers, like they usually are 
    in Dovecot code.

M	src/lib/Makefile.am
A	src/lib/failures-private.h
M	src/lib/failures.c

2018-08-31 14:19:32 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (4576851ee)

    lib: Make failure handler variables static


M	src/lib/failures.c

2018-08-31 14:18:34 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (136ecaeb0)

    lib: Rename handler_config variable to failure_handler

    It's a global variable, so it needs to have a proper prefix.

M	src/lib/failures.c

2018-06-14 15:54:03 +0300 Sergey Kitov <sergey.kitov@open-xchange.com> (00f94a425)

    lib: Implement vfuncs for logging to stderr


M	src/lib/failures.c

2018-06-14 15:49:41 +0300 Sergey Kitov <sergey.kitov@open-xchange.com> (723a84238)

    lib: Implement vfuncs for logging to syslog


M	src/lib/failures.c

2018-08-05 04:00:17 +0300 Sergey Kitov <sergey.kitov@open-xchange.com> (7867f9f33)

    lib: Implement vfuncs for logging to default location and common failure
    logging handling


M	src/lib/failures.c

2018-06-12 15:56:46 +0300 Sergey Kitov <sergey.kitov@open-xchange.com> (236276026)

    lib: Introduce abstraction for failure logging implementations.


M	src/lib/failures.c

2018-09-03 14:15:07 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (0574f9fa2)

    lib-master: Fix crash when stats events are merged all the way to the root


M	src/lib-master/stats-client.c

2018-09-03 13:14:39 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (4ae56d07e)

    lib-master: stats_event_get_merged() - Remove unnecessary variable
    assignment

    Fixes scan-build complaint.

M	src/lib-master/stats-client.c

2018-01-16 12:51:53 +0200 Sergey Kitov <sergey.kitov@open-xchange.com> (334f0390b)

    lib-master: stats_event_write use BEGIN only when event and parent_event
    create timestamps differ


M	src/lib-master/stats-client.c

2018-02-26 16:33:19 +0200 Sergey Kitov <sergey.kitov@open-xchange.com> (43f458007)

    lib: Add some event handling functions.

    event_has_all_categories() - checks if given event contains all the 
    categories of an another event. event_has_all_fields() - checks if given
    event contains all the fields of an another event. event_dup() - duplicates
    an event. event_copy_categories_fields() - copies all categories and fields
    from source to dest.

M	src/lib/lib-event.c
M	src/lib/lib-event.h

2018-09-06 03:40:55 +0200 Stephan Bosch <stephan.bosch@dovecot.fi> (97ef926ed)

    lib-http: client: peer: Log the number of pending connections consistently
    in relevant debug messages.

    Use the same style everywhere and log it where it makes sense.

M	src/lib-http/http-client-peer.c

2018-09-06 03:33:59 +0200 Stephan Bosch <stephan.bosch@dovecot.fi> (652724a2a)

    lib-http: client: peer: Maintain a list of connections pending on behalf of
    a peer.

    Before, pending connections were only listed in the peer pool.

M	src/lib-http/http-client-connection.c
M	src/lib-http/http-client-peer.c
M	src/lib-http/http-client-private.h

2018-09-06 03:23:26 +0200 Stephan Bosch <stephan.bosch@dovecot.fi> (a5d4658dc)

    lib-http: client: connection: Unlist the connection as pending immediately
    in http_client_connection_failure().


M	src/lib-http/http-client-connection.c
M	src/lib-http/http-client-peer.c

2018-09-06 01:57:43 +0200 Stephan Bosch <stephan.bosch@dovecot.fi> (71120b664)

    lib-http: client: connection: Remove the connection from the peer pool
    pending list in a separate function.


M	src/lib-http/http-client-connection.c

2018-09-06 15:22:30 +0200 Stephan Bosch <stephan.bosch@dovecot.fi> (4031ea3f4)

    lib-http: client: peer: Notify all peers in a peer pool about a successful
    connection.

    This allows peers for which the last connection attempt failed (which was
    not the last pending attempt in the pool) to try again. This solves a
    problem that could potentially cause a hang with multiple parallel clients
    creating serveral new connections at once.

M	src/lib-http/http-client-peer.c
M	src/lib-http/http-client-private.h

2018-09-06 16:03:58 +0200 Stephan Bosch <stephan.bosch@dovecot.fi> (e73699af4)

    lib-http: client: peer: Add debug message for
    http_client_peer_connection_failure().


M	src/lib-http/http-client-peer.c

2018-09-06 15:56:44 +0200 Stephan Bosch <stephan.bosch@dovecot.fi> (715338bcc)

    lib-http: client: peer: Clarify debug message in
    http_client_peer_connection_failed_pool().


M	src/lib-http/http-client-peer.c

2018-09-06 15:54:02 +0200 Stephan Bosch <stephan.bosch@dovecot.fi> (ab2c55469)

    lib-http: client: peer: Log debug message before calling peer pool in
    http_client_peer_connection_success().


M	src/lib-http/http-client-peer.c

2018-09-06 15:50:36 +0200 Stephan Bosch <stephan.bosch@dovecot.fi> (6ce5436ad)

    lib-http: client: peer: Rename http_client_peer_connection_failed_any() to
    http_client_peer_connection_failed_pool().


M	src/lib-http/http-client-peer.c

2018-09-06 03:11:18 +0200 Stephan Bosch <stephan.bosch@dovecot.fi> (985cd1ebf)

    lib-http: client: peer: Always run http_client_queue_connection_failure()
    upon definitive connection failure.

    The recorded peer->connecting flag was highly unreliable in a scenario
    involving starting parallel connections. This way, the linked queues can
    update their state accordingly. Also, this will not cause empty queues to
    initiate new connection, because empty queues will do nothing after updating
    the connection state.

    This problem caused a client ioloop hang in high-load conditions.

M	src/lib-http/http-client-peer.c
M	src/lib-http/http-client-private.h

2018-09-06 14:57:28 +0200 Stephan Bosch <stephan.bosch@dovecot.fi> (57f8094d6)

    lib-http: client: peer: Move http_client_peer_connection_failure().


M	src/lib-http/http-client-peer.c

2018-09-06 03:02:16 +0200 Stephan Bosch <stephan.bosch@dovecot.fi> (a8f17f33f)

    lib-http: client: queue: Do not fail claimed requests unless the queue is
    being destroyed.

    Before, connection failure would also abort requests already being sent on 
    another connection, which is premature at best.

M	src/lib-http/http-client-queue.c

2018-09-06 02:57:24 +0200 Stephan Bosch <stephan.bosch@dovecot.fi> (4675367e9)

    lib-http: client: queue: Fix the number of pending requests listed in
    http_client_queue_connection_failure() debug message.


M	src/lib-http/http-client-queue.c

2018-09-06 02:51:09 +0200 Stephan Bosch <stephan.bosch@dovecot.fi> (e8f137bb3)

    lib-http: client: peer: Determine number of pending peers in
    http_client_peer_shared_connection_failure() itself.

    Before, the number of pending peers was a parameter, but that was only for a 
    single peer pool. This is wrong, since the one peer can have many different 
    pools (depending on how many clients with incompatible configs share this 
    peer).

M	src/lib-http/http-client-peer.c

2018-09-06 14:49:59 +0200 Stephan Bosch <stephan.bosch@dovecot.fi> (0a6397833)

    lib-http: client: peer: Notify definitive connection failure only within a
    peer pool.

    Other peer pools have different configuration, which may actually succeed
    and will arrive at this point when their own connections fail anyway.

M	src/lib-http/http-client-peer.c

2018-07-24 14:47:47 +0300 Aki Tuomi <aki.tuomi@dovecot.fi> (6c7a7b286)

    quota: Mark noenforcing quotas with unlimited quota

    This allows quota to be properly updated for unenforced quotas so they can
    be used for tracking only.

    This fixes issue where using noenforcing would not update quota during mail
    save, but requires a manual quota update.

M	src/plugins/quota/quota.c

2018-07-24 14:38:18 +0300 Aki Tuomi <aki.tuomi@dovecot.fi> (3eb689841)

    quota: Cleanup - Move enforce checking out of quota_root_visible()

    Non-enforcing quota roots need to be visible even when enforcing quotas, 
    otherwise we cannot update them.

M	src/plugins/quota/quota.c

2018-08-27 15:06:44 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (5bf2f17a1)

    fts: Optimize replacing NULs in header


M	src/plugins/fts/fts-build-mail.c

2018-08-23 14:33:59 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (4afa42b8e)

    fts: Fix indexing mails with NULs in headers

    After the first NUL all the rest of the string was converted to spaces. This
    was broken already in the initial commit that attempted to fix this: 
    4d27f95c76bd008bb38f9c442567046da2b6ce14

M	src/plugins/fts/fts-build-mail.c

2018-08-20 12:51:28 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (17f8c0b8c)

    lib-index: mail_cache_lookup_headers() - Allow using datastack pool

    This fixes assert caused by 53712af0e7f357e7279d9ff03831428aae85aa45: Panic:
    pool_data_stack_realloc(): stack frame changed

M	src/lib-index/mail-cache-lookup.c

2018-08-17 14:39:41 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (34d826b4c)

    lib-storage: Fix NUL handling in mail_get_first_header*(),
    mail_get_headers*()

    These functions return NUL-terminated values, so they got truncated whenever 
    a header value contained a NUL. Fix this by converting NULs to unicode 
    replacement characters in the output.

M	src/lib-storage/index/index-mail-headers.c

2018-08-17 14:33:50 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (d309654ac)

    lib-mail: Make message_header_strdup() public

    Also move it to a better file.

M	src/lib-mail/message-header-parser.c
M	src/lib-mail/message-header-parser.h
M	src/lib-mail/message-part-data.c

2018-08-17 20:16:29 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (9f222e06c)

    lib-mail: Cleanup - Rename internal hdr_strdup() to message_header_strdup()


M	src/lib-mail/message-part-data.c

2018-08-17 14:12:25 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (5f65ff7bf)

    lib-mail: rfc822-parser - Handle \<NUL> in quoted-string and domain-literal

    It was already handled in comments. Previously this caused the strings and 
    domain-literals to be truncated at that position.

M	src/lib-mail/rfc822-parser.c
M	src/lib-mail/test-message-address.c

2018-08-17 13:42:35 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (db9b51176)

    lib-mail: test-message-address - Test NULs in display-name


M	src/lib-mail/test-message-address.c

2018-05-04 19:53:27 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (c95e5cbdb)

    lib-mail: Change MESSAGE_ADDRESS_PARSE_FLAG_NON_STRICT_DOTS to
    _FLAG_STRICT_DOTS

    Generally we want it to be enabled everywhere, so it's easier to just enable 
    it by default.

    (This is kept as a separate commit from the previous one so it'll be easy to 
    revert this in case we actually don't want this to be the default.)

M	src/lib-mail/message-address.c
M	src/lib-mail/message-address.h
M	src/lib-mail/test-message-address.c

2018-05-04 19:49:57 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (d103d4f89)

    lib-mail: Add MESSAGE_ADDRESS_PARSE_FLAG_NON_STRICT_DOTS

    This code is somewhat copy&pasted from parse_local_part() in Pigeonhole.

M	src/lib-mail/message-address.c
M	src/lib-mail/message-address.h
M	src/lib-mail/test-message-address.c

2018-05-04 19:31:26 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (d4aa3ee9b)

    lib-mail: message_address_parse() - Change fill_missing parameter to flags

    This change allows adding more flags. The API is also backwards compatible 
    in a way that the old FALSE/TRUE values still map to compatible 0/1 flags.

M	src/doveadm/doveadm-mail-fetch.c
M	src/lib-lda/mail-deliver.c
M	src/lib-mail/message-address.c
M	src/lib-mail/message-address.h
M	src/lib-mail/message-part-data.c
M	src/lib-mail/test-message-address.c
M	src/lib-smtp/smtp-params.c
M	src/lib-storage/index/index-search.c
M	src/lib-storage/index/index-sort.c
M	src/lib-storage/mail-storage-settings.c
M	src/plugins/fts/fts-build-mail.c

2018-05-04 19:21:52 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (b835b4d09)

    lib-mail: Fix rfc822_parse_dot_atom() to reject if dot isn't followed by
    atom


M	src/lib-mail/rfc822-parser.c
M	src/lib-mail/test-rfc822-parser.c

2018-04-25 14:19:27 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (56a43b7ce)

    lib-mail: Remove MESSAGE_HEADER_REPLACE_NULS_WITH_0x80 flag

    As mentioned in previous commit, 0x80 isn't valid UTF-8 and we shouldn't 
    encourage using it. This implementation also can't be easily changed to use
    unicode replacement character without larger changes to istream-nonuls.

    Reverts 95fba2c295bb84639dc64ca5c9f2ccb9edc00ba7.

M	src/lib-mail/message-header-parser.c
M	src/lib-mail/message-header-parser.h

2018-04-25 14:17:34 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (cb716afd3)

    lib-mail: Change NUL -> 0x80 replacement to use unicode replacement char
    instead

    Using 0x80 produces invalid UTF-8 output, which we should avoid. Some places 
    in Dovecot code already requires that input is valid UTF-8, so it's also 
    safer and easier to use the unicode replacement character.

    Fixes: Panic: file fts-tokenizer-generic.c: line 210
    (fts_tokenizer_generic_simple_next): assertion failed: (char_size > 0)

M	src/lib-mail/message-part-data.c
M	src/lib-mail/rfc2231-parser.h
M	src/lib-mail/rfc822-parser.h
M	src/lib-mail/test-message-address.c
M	src/lib-mail/test-rfc2231-parser.c

2018-04-25 14:11:43 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (2ed851d65)

    lib-mail: Change rfc822_parser_context.nul_replacement_char to string


M	src/lib-mail/message-address.c
M	src/lib-mail/rfc2231-parser.c
M	src/lib-mail/rfc822-parser.c
M	src/lib-mail/rfc822-parser.h
M	src/lib-mail/test-rfc822-parser.c

2018-04-24 18:01:03 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (6b3d0a3c8)

    lib-mail: message_part_*_parse_from_header() - Replace NULs with 0x80

    This avoids truncation of Content-*, Subject, Message-ID, In-Reply-To and 
    Date headers in IMAP ENVELOPE, BODY and BODYSTRUCTURE replies. Of course, 
    NULs in headers are violating RFCs already, so the previous behavior wasn't 
    really wrong either.

M	src/lib-mail/message-part-data.c

2018-04-21 16:21:33 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (0663cd573)

    lib: Mark str_append_n() deprecated

    It was almost always used wrongly. Most of the time str_append_data() should
    have been used instead. str_append_max() has the old functionality.

M	src/lib/str.h

2018-04-21 16:19:43 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (847a4fe9c)

    lib: Add ATTR_DEPRECATED macro


M	src/lib/compat.h
M	src/lib/macros.h

2018-04-21 16:17:03 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (d6afcb8e9)

    global: Replace str_append_n() with str_append_max()


M	src/config/doveconf.c
M	src/doveadm/dsync/dsync-mailbox-tree-sync.c
M	src/lib/failures.c
M	src/lib/var-expand.c

2018-04-21 16:07:21 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (6689030b0)

    lib-fts: fts-tokenizer-address - Cleanup NUL handling in parent_data

    The end result is anyway that the token will be truncated at the first NUL. 
    This change just makes the code a bit more understandable on where the 
    truncation will happen.

M	src/lib-fts/fts-tokenizer-address.c

2018-04-21 15:44:11 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (f37afa6d8)

    lib: str_append_[tab]unescaped(): Don't truncate input at NULs

    For str_append_tabunescaped() the input is supposed to have NULs already 
    escaped though, so it was truncating only with invalid input.

M	src/lib/strescape.c

2018-04-21 15:24:28 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (d396d01f8)

    global: Replace str_append_n() with str_append_data() wherever possible

    It shouldn't be possible for input to have NULs in any of these places. This
    makes the extra NUL-check in str_append_n() unnecessary.

M	src/auth/auth-cache.c
M	src/auth/db-dict-cache-key.c
M	src/auth/db-ldap.c
M	src/auth/password-scheme-md5crypt.c
M	src/config/config-parser.c
M	src/config/doveconf.c
M	src/lib-dict-backend/dict-ldap.c
M	src/lib-dict/dict.c
M	src/lib-fs/fs-posix.c
M	src/lib-fs/fs-sis.c
M	src/lib-fts/fts-tokenizer-address.c
M	src/lib-http/http-auth.c
M	src/lib-http/http-header-parser.c
M	src/lib-http/http-parser.c
M	src/lib-http/http-url.c
M	src/lib-imap/imap-quote.c
M	src/lib-imap/imap-url.c
M	src/lib-imap/imap-utf7.c
M	src/lib-mail/message-header-parser.c
M	src/lib-mail/message-snippet.c
M	src/lib-mail/rfc822-parser.c
M	src/lib-mail/test-istream-dot.c
M	src/lib-mail/test-istream-header-filter.c
M	src/lib-mail/test-istream-qp-decoder.c
M	src/lib-mail/test-istream-qp-encoder.c
M	src/lib-mail/test-message-header-parser.c
M	src/lib-mail/test-message-parser.c
M	src/lib-settings/settings-parser.c
M	src/lib-settings/settings.c
M	src/lib-smtp/smtp-address.c
M	src/lib-smtp/smtp-parser.c
M	src/lib-smtp/smtp-reply-parser.c
M	src/lib-smtp/smtp-server-reply.c
M	src/lib-smtp/smtp-syntax.c
M	src/lib-storage/index/index-mail-headers.c
M	src/lib-storage/index/maildir/maildir-uidlist.c
M	src/lib-storage/index/mbox/mbox-save.c
M	src/lib-storage/index/mbox/mbox-sync-parse.c
M	src/lib-storage/mailbox-attribute.c
M	src/lib-storage/mailbox-list.c
M	src/lib-storage/mailbox-tree.c
M	src/lib/failures.c
M	src/lib/file-dotlock.c
M	src/lib/istream.c
M	src/lib/str-sanitize.c
M	src/lib/strescape.c
M	src/lib/test-path-util.c
M	src/lib/uri-util.c
M	src/plugins/fts-solr/fts-backend-solr-old.c
M	src/plugins/fts-solr/fts-backend-solr.c

2018-04-21 16:11:48 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (90a8fad77)

    lib: Add str_append_max()

    It's otherwise the same as str_append_n(), except it takes const char* as 
    input instead of const void*. This, as well as its name, should make it less
    likely to be used wrong when the input may legitimately have NULs.

    The unit test is changed from str_append_n() to str_append_max(), because 
    str_append_n() will be deprecated.

M	src/lib/str.c
M	src/lib/str.h
M	src/lib/test-str.c

2018-04-21 16:10:03 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (dbd99e76a)

    lib: Improve str_append_n() comment


M	src/lib/str.h

2018-04-11 14:41:45 +0300 Sergey Kitov <sergey.kitov@open-xchange.com> (ee1a1f544)

    lib-mail: Add MESSAGE_HEADER_REPLACE_NULS_WITH_0x80 flag

    The flag signals that input stream for message_parse_header() should replace 
    0x0 symbols with 0x80.

M	src/lib-mail/message-header-parser.c
M	src/lib-mail/message-header-parser.h

2018-04-21 16:47:16 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (4b6bf5290)

    lib-mail: rfc2231_parse() - Replace NULs with 0x80

    Instead of truncating the strings at NULs.

M	src/lib-mail/rfc2231-parser.c
M	src/lib-mail/rfc2231-parser.h
M	src/lib-mail/test-rfc2231-parser.c

2018-04-21 16:34:05 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (f3139c4b0)

    lib-mail: message_address_parse*() - Replace NULs with 0x80

    Instead of truncating the strings at NULs.

M	src/lib-mail/message-address.c
M	src/lib-mail/test-message-address.c

2018-04-21 16:27:21 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (4729a2765)

    lib-mail: rfc822-parser: Add nul_replacement_char


M	src/lib-mail/rfc822-parser.c
M	src/lib-mail/rfc822-parser.h
M	src/lib-mail/test-rfc822-parser.c

2018-04-21 13:46:21 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (83059eb6f)

    lib-mail: rfc822-parser: Strip away folding whitespace from comments


M	src/lib-mail/rfc822-parser.c
M	src/lib-mail/test-rfc822-parser.c

2018-04-21 13:28:34 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (5991d3518)

    lib-mail: rfc822-parser: Improve domain-literal parsing

    Strip away folding whitespace. Treat any extra '[' as an error.

M	src/lib-mail/rfc822-parser.c
M	src/lib-mail/test-rfc822-parser.c

2018-04-21 13:05:49 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (bf9c2696a)

    lib-mail: rfc822-parser: Don't allow preserving escaped [CR]LF

    It's not valid to have "\<CR>" or "\<LF>", so the old behavior isn't really 
    wrong either. However, rfc822_parse_quoted_string() callers are more likely 
    to expect that the output won't contain any [CR]LF so this new behavior is a
    bit better.

M	src/lib-mail/rfc822-parser.c
M	src/lib-mail/test-rfc822-parser.c

2018-04-21 12:47:22 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (43d38f423)

    lib-mail: Change rfc822_parse_content_param() API to allow NULs in value

    This was the only function in rfc822-parser.h that wasn't NUL-safe. This
    won't fix anything, but it makes the rfc822-parser.h API fully consistent
    with the NUL handling.

    Normally rfc2231_parse() should be called instead of calling 
    rfc822_parse_content_param() directly, so this shouldn't break any plugins.

M	src/lib-mail/rfc2231-parser.c
M	src/lib-mail/rfc822-parser.c
M	src/lib-mail/rfc822-parser.h
M	src/lib-mail/test-rfc822-parser.c

2018-04-21 16:05:16 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (6285cce30)

    fts-squat: Fix truncating headers at NULs while indexing


M	src/plugins/fts-squat/fts-backend-squat.c

2018-04-21 16:03:42 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (d1e71fadb)

    login-common: Consistently truncate client SASL input at first NUL

    The input is supposed to be base64-encoded, so there's no need to support 
    actual NUL characters. The previous code truncated at NULs, but could have 
    kept appending more data to the value. This could have produced somewhat 
    random results.

M	src/login-common/client-common-auth.c

2018-04-21 15:58:15 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (217c2c091)

    lib-master, util: Consistently truncate tabescaped input at the first NUL

    The NULs are supposed to come tab-escaped, so there's no need to support 
    actual NUL characters. The previous code truncated at NULs, but could have
    kept appending more data to the value. This could have produced somewhat
    random results.

M	src/lib-master/master-login.c
M	src/util/script-login.c

2018-04-21 15:53:42 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (505a449db)

    config: Consistently truncate value at the first NUL in value input file

    When value contained "<file", the file was added as a value. The setting 
    values don't currently support NULs, so the value gets truncated at the 
    first NUL. However, the previous code could have appended more data to the
    value. This could have produced somewhat confusing results.

M	src/config/config-parser.c

2018-04-21 15:50:08 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (92836cfe2)

    dict-fs/memcached-ascii/redis: Consistently truncate value at NULs

    The dict API currently doesn't support NULs in values, so they have to be 
    truncated. However, previously they were truncated at NULs, but more data 
    may have still been appended to the value. This could have produced somewhat
    random results.

M	src/lib-dict-extra/dict-fs.c
M	src/lib-dict/dict-memcached-ascii.c
M	src/lib-dict/dict-redis.c

2018-04-21 15:47:23 +0300 Timo Sirainen <timo.sirainen@dovecot.fi> (aa40bd118)

    auth: checkpassword - Fail if input from script contains NULs

