summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--CHANGES.md86
-rwxr-xr-xb/extract.pl43
-rwxr-xr-xconfigure4
-rw-r--r--lib/JWebmail/Plugin/I18N2.pm4
-rwxr-xr-xscript/mojocookiecheck.pl85
5 files changed, 180 insertions, 42 deletions
diff --git a/CHANGES.md b/CHANGES.md
index fbcf729..928aad9 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -89,14 +89,8 @@ v1.0.0 release plan
- [x] rewrite about
- [x] search in subject
-Current v1.1.0
+Version 1.1.0
--------------
-- [ ] From v1.0.0
- - [ ] Maybe the translation/documentation can be made available under a
- different license
- - [ ] may relicense this under the AGPL.
- - [ ] research content-transfer encoding for sending (currently 8bit)
- - [ ] check legal requirements (cookies and DSGVO)
- [x] separate development and production configuration
- [x] better back buttons
- [x] writemail
@@ -121,56 +115,82 @@ Current v1.1.0
- [x] merge read and raw (with content type)
- how does one extract the body functionality? (One does not.)
- [x] refactor templates to make use of link_to
-- [ ] improve html styling (especially for mobile)
+- [x] improve html styling (especially for mobile)
- [x] about
- [x] displayheaders
- [x] nocation
- [x] readmail
- [x] writemail
- [x] mobile optimize
- - [ ] cleanup css
- - [ ] improve styling of read- and writemail
-- [ ] fix tests
-- [ ] moving mails to other folders
- - [ ] creating new folders
- - [ ] backend
+ - [x] cleanup css
+ - [x] improve styling of read- and writemail
+- [x] fix tests
- [x] specify protocol for backend interaction (RPC IDL)
- [ ] choose tool for validation
-- [ ] cleanup README
-- [ ] improve about page
-- [ ] improve performance of backend, consider alternatives to Mail::Box::Manager
+- [x] improve performance of backend, consider alternatives to Mail::Box::Manager
- [ ] based on Maildir::Light
- - [x] reimplementation in Rust
- - [x] reimplementation in Python
+ - [x] reimplementation in Rust (maildir/mailparse)
+ - [x] reimplementation in Python (mailbox/email)
- [ ] cache mail reads
- is unlikely to work as mails can be moved freely
- [ ] add exception types
- [x] added exception for QMailAuthuser
-- [ ] extract version for Makefile.PL from Application
-- [ ] add basic telemetry (goatcounter?)
-- [ ] make mime_render return a mojo bytes object
+- [x] extract version for Makefile.PL from Application
+- [x] make mime_render return a mojo bytes object
- [ ] advance toml config plugin
- [ ] add template support, maybe
- [ ] add config validation
-- [ ] improve i18n
- - [ ] add localization of dates and time
- - [ ] plural handling
+- [x] improve i18n
- [x] refactor I18N plugin to allow independent translate provider
- [x] extend matcher dynamic with a role
- [x] compute hmac on the client side
- [x] better handling on form
- [ ] better random numbers
-- [x] separate namespace for pagination in the stash
-- [ ] Rust IO error ??
+Version 1.2.0
+--------------
+- [ ] From v1.0.0
+ - [ ] Maybe the translation/documentation can be made available under a
+ different license
+ - [ ] may relicense this under the AGPL.
+ - [ ] research content-transfer encoding for sending (currently 8bit)
+ - [ ] check legal requirements (cookies and DSGVO)
+- [x] separate namespace for pagination in the stash
- [x] Read attachments
- [x] display recursive multipart
+- [x] add more mime types to read
+ - [x] jpeg
+ - [x] png
+ - [x] gif
+- [x] download mail and attachments
+- [x] better pagination
+ - [ ] merge with partial templates, maybe
+- [x] bundle css and js dependencies instead of CDN
+- [ ] finish: moving mails to other folders
+ - [ ] creating new folders
+ - [ ] backend
+- [ ] improve about page
+- [ ] add basic telemetry (goatcounter?)
+- [ ] improve i18n
+ - [ ] add localization of dates and time
+ - [ ] plural handling
+- [x] Rust IO error: (rename (+S)) and try to open old file
+- [x] random name for tmp directories in s3d
+- [x] INV: new mails are not highlighted
+- [x] handle killed by signal in QMailAuthuser.pm
+
+- [ ] add delete mail
+- [ ] qmauth.py mark as read + accept new
+- [ ] brute force password mitigation
- [ ] iframe load confirmation
+- [ ] better support for multipart/related
+- [ ] chunked send of attachments
+- [ ] avoid double compression
+- [ ] Bulma CSS framework (dark and light mode)
Future
------
- [ ] INV: wrong subject being shown
-- [ ] INV: new mails are not highlighted
- [ ] INV: displayheaders table does not fill outer container
- [ ] consider using more mojo functions
- [ ] base64
@@ -187,23 +207,13 @@ Future
- [ ] async version of controller
- [ ] async wait for send
- [ ] add wait_for_child to event loop
-- [ ] add more mime types to read
- - [ ] jpeg
- - [ ] png
- - [ ] gif
-- [ ] better pagination
- - [ ] merge with partial templates, maybe
- [ ] click on sender to answer
-- [ ] download mail and attachments
- [ ] allow multiple attachments
- [ ] add mails to Sent folder
- [ ] smtp send model, maybe
- [ ] pop read model, maybe
-- [ ] add icons for navigation
- [ ] allow changing password
- [ ] think about forgot password feature
- [ ] address book support
- [ ] add links on email addresses in header : click = add into address book
- [ ] read and write s3d only once per request ($c->on('finish'))
-- [ ] classless CSS framework
-- [ ] dark and light mode
diff --git a/b/extract.pl b/b/extract.pl
new file mode 100755
index 0000000..f610b39
--- /dev/null
+++ b/b/extract.pl
@@ -0,0 +1,43 @@
+#!/usr/bin/env perl
+
+use v5.30;
+use warnings;
+use utf8;
+
+use JSON::PP 'decode_json';
+use Benchmark 'cmpthese';
+
+
+my $perl_mail_box = 'script/qmauth.pl ';
+my $rust_maildir = 'extract/target/debug/jwebmail-extract';
+my $python_maildir = 'script/qmauth.py';
+
+my $MAILDIR = 't/';
+my $SYS_USER = $ENV{USER};
+my $MAIL_USER = 'maildir';
+
+my $ARGS = "$MAILDIR $SYS_USER $MAIL_USER";
+
+
+my $res = `$perl_mail_box $ARGS invalid`;
+die "perl version error" unless decode_json($res)->{error};
+$res = `$rust_maildir $ARGS invalid 2>/dev/null`;
+#die "rust version error" unless decode_json($res)->{error};
+
+cmpthese(100, {
+ perl => sub { `$perl_mail_box $ARGS invalid 2>/dev/null` },
+ rust => sub { `$rust_maildir $ARGS invalid 2>/dev/null` },
+ python => sub { `$python_maildir $ARGS invalid 2>/dev/null` },
+});
+
+cmpthese(100, {
+ perl => sub { `$perl_mail_box $ARGS folders` },
+ rust => sub { `$rust_maildir $ARGS folders` },
+ python => sub { `$python_maildir $ARGS folders` },
+});
+
+cmpthese(100, {
+ perl => sub { `$perl_mail_box $ARGS list '' 0 10 ''` },
+ rust => sub { `$rust_maildir $ARGS list '' 0 10 ''` },
+ python => sub { `$python_maildir $ARGS list '' 0 10 ''` },
+});
diff --git a/configure b/configure
index b0ba796..c37fc0b 100755
--- a/configure
+++ b/configure
@@ -13,7 +13,7 @@ check_command () {
check_perl_deps () {
for d in "$@"
do
- echo "Checking for perl module $d ... "
+ echo -n "Checking for perl module $d ... "
if perl -Ilib -e "use $d;"
then echo 'found!'
else echo 'not available!'; exit 1
@@ -120,7 +120,7 @@ case "$JWM_MAILDIR_EXTRACTOR" in
MAILDIR_EXTRACTOR_BIN=script/extract.py
;;
(extractrs)
- [ -f "$(pwd)/extract/Cargo.toml" ]
+ [ -f "$(pwd)/extract/Cargo.toml" ] || { echo 'extractrs not available' >&2; exit; }
JWM_EXTRACTRS_DIR=extract
check_command cargo
MAILDIR_EXTRACTOR_BIN=bin/jwebmail-extract
diff --git a/lib/JWebmail/Plugin/I18N2.pm b/lib/JWebmail/Plugin/I18N2.pm
index fa80282..e9e485f 100644
--- a/lib/JWebmail/Plugin/I18N2.pm
+++ b/lib/JWebmail/Plugin/I18N2.pm
@@ -70,7 +70,7 @@ sub register {
{
local $" = ',';
- $i18n_log->info("loaded languages (@{[$t->languages]})");
+ $i18n_log->debug("loaded languages (@{[$t->languages]})");
unless (any { $defaultLang eq $_ } $t->languages) {
die "default language '$defaultLang' not loaded";
@@ -114,7 +114,7 @@ sub register {
__END__
-=encoding utf8
+=encoding utf8
=head1 NAME
diff --git a/script/mojocookiecheck.pl b/script/mojocookiecheck.pl
new file mode 100755
index 0000000..a078b8c
--- /dev/null
+++ b/script/mojocookiecheck.pl
@@ -0,0 +1,85 @@
+#!/usr/bin/env perl
+
+use v5.34;
+use warnings;
+use utf8;
+use autodie;
+
+use Digest::SHA 'hmac_sha256_hex';
+use JSON::PP 'decode_json';
+use MIME::Base64 'decode_base64';
+use Pod::Usage 'pod2usage';
+
+
+sub main {
+ pod2usage if !@ARGV || $ARGV[0] eq '-h' || $ARGV[0] eq '--help';
+
+ die 'invalid number of args' unless @ARGV == 1 || @ARGV == 3;
+ my @check_args = $ARGV[0];
+ if (@ARGV == 3) {
+ push @check_args, $ARGV[1], $ARGV[2];
+ }
+
+ my ($match, $res) = check_cookie(@check_args);
+
+ if (defined $match && !$match) {
+ say STDERR 'mismatched mac';
+ exit 1;
+ }
+
+ my $json = decode_json $res;
+ print JSON::PP->new()->pretty(1)->canonical(1)->encode($json);
+}
+
+sub check_cookie {
+ my $cookie = shift;
+
+ # split
+ my $splitAt = rindex $cookie, '--';
+ die 'invalid format' if $splitAt == -1;
+ my $val = substr $cookie, 0, $splitAt;
+ my $sig = substr $cookie, $splitAt+2;
+
+ my $match;
+ if (@_) {
+ my ($cookie_name, $secret) = @_;
+ # hmac
+ my $check = hmac_sha256_hex "$cookie_name=$val", $secret;
+ $match = $sig eq $check;
+ }
+
+ # change base64 padding
+ $val =~ s/-*$/'=' x length $&/e;
+
+ # base64
+ my $res = decode_base64 $val;
+
+ # cookie content padding
+ $res =~ s/Z*$//;
+
+ return $match, $res;
+}
+
+main unless caller;
+
+1
+
+__END__
+
+=encoding utf-8
+
+=head1 NAME
+
+mojocookiecheck - Prints out a Signed Cookie of Mojolicious
+
+=head1 SYNOPSIS
+
+mojocookiecheck.pl [OPTIONS] COOKIE_BODY [COOKIE_NAME SECRET]
+
+ Options:
+ -h --help print this help
+
+=head1 DESCRIPTION
+
+This is a cookie checker for Mojolicious that converts them from an opaque
+character string to something nicely readable. It also can check the HMAC.