On 19/08/11 00:24, Kristóf Katus wrote:
Patch attached for this commit (cyrus-imapd-acl-patch-correction-2.patch), this should work fine, hope you do not get valgrind errors this time :)
Excellent, thanks :) The patch fixes the Valgrind issues and passes the existing tests. I adjusted it to remove the C99isms (mixed declarations and code) and pushed it to master.
Kristóf PS Something else came up during manual testing, which is most probably beyond the scope of this patch and the original commit. I enabled virtual domains, relevant lines of the imapd.conf file: virtdomains: yes defaultdomain: net.lan admins: admin ad...@thedomain.here Playing around with cyradm, I get the following: [root@intradevel-aiesec cyrus-imapd]# cyradm localhost --user ad...@thedomain.here Password: intradevel-aiesec.net.lan> listmailbox admin (\HasNoChildren) intradevel-aiesec.net.lan> createmailbox user/base intradevel-aiesec.net.lan> listmailbox admin (\HasNoChildren) user/base (\HasNoChildren) intradevel-aiesec.net.lan> listacl user/base b...@thedomain.here lrswipkxtecdan intradevel-aiesec.net.lan> setacl user/base base all intradevel-aiesec.net.lan> listacl user/base base lrswipkxtecda b...@thedomain.here lrswipkxtecdan intradevel-aiesec.net.lan> setacl user/base base none intradevel-aiesec.net.lan> listacl user/base base lkxca b...@thedomain.here lrswipkxtecdan intradevel-aiesec.net.lan> intradevel-aiesec.net.lan> setacl user/base b...@thedomain.here none intradevel-aiesec.net.lan> listacl user/base base lkxca b...@thedomain.here lkxca My question: who is this "base" user without a domain part in this case? Someone from the default domain? That should not happen, I guess.
Hmm. I'm kinda surprised mboxlist_setacl() allows cross-domain ACLs. At first glance it seems that the code after the comment "canonify identifier..." isn't taking account of config_defdomain when config_virtdomains is enabled but neither the mboxname nor the identifier have explict domains. Looks like you need to do a bit more testing.
-- Greg.
