fix: multiple bug fixes across chatmaild and cmdeploy#883
Merged
Conversation
missytake
temporarily deployed
to
staging-ipv4.testrun.org
GitHub Actions
Inactive
missytake
temporarily deployed
to
staging2.testrun.org
GitHub Actions
Inactive
missytake
temporarily deployed
to
staging2.testrun.org
GitHub Actions
Inactive
missytake
temporarily deployed
to
staging-ipv4.testrun.org
GitHub Actions
Inactive
Bare return yielded None, causing TypeError on tuple unpacking in perform_initial_checks on fresh servers without DKIM keys.
Exception in _build_webpages was silently caught, returning None. rsync then received "None/" as source path, silently breaking deploy.
check_call always returns 0 or raises, making retcode!=0 branches unreachable. Also remote_data was undefined with --skip-dns-check.
doveadm output ends with empty line, parts=[] causes parts[2] crash.
Per Python docs, secrets module should be used for security-sensitive data. random.choices uses Mersenne Twister PRNG which is predictable. secrets.choice was already used for password generation in the same file.
TLS 1.0/1.1 deprecated by RFC 8996. Nginx default is TLSv1.2 TLSv1.3. Aligns with postfix (>=TLSv1.2) and dovecot (TLSv1.3) in the same stack.
- Reject localparts with chars outside [a-z0-9._-] to prevent filesystem issues from crafted usernames via IMAP/SMTP auth - Use filelock to serialize concurrent account creation for same address, preventing TOCTOU race where two threads both create an account and last writer wins
Hung TURN daemon would block dict proxy handler thread indefinitely. Per Python docs, settimeout() raises TimeoutError on expiry.
ConnectionRefusedError/FileNotFoundError/TimeoutError from turn_credentials() would kill the dict proxy connection. Return N (not found) response instead and log the error.
- test_doveauth: invalid localpart chars rejected, concurrent same-account creation - test_expire: --mdir filtering uses msg.path correctly - test_metadata: TURN exception returns N\n, success returns credentials - test_turnserver: socket timeout, connection refused, happy path - test_dns: get_dkim_entry returns (None, None) on CalledProcessError - test_rshell: dovecot_recalc_quota handles empty/malformed output
missytake
had a problem deploying
to
staging2.testrun.org
GitHub Actions
Failure
missytake
temporarily deployed
to
staging-ipv4.testrun.org
GitHub Actions
Inactive
missytake
temporarily deployed
to
staging2.testrun.org
GitHub Actions
Inactive
4 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
rebased #836 on main, thanks @Retengart for the original PR :) let's see what the CI says...