- Don't add TLS debugging information to Received: header.
- Drop unused fingerprint digest configuration. They are only used when
smtpd_tls_security_level is set to 'fingerprint' in which case certifying
authorities are ignored.
- Drop alterations to TLS low/high cipher lists. They are not used since
tls_ciphers are all set to 'medium'.
Tests:
- No configuration errors are reported by postfix in its logs after startup.
- 'postconf' shows that the new configuration parameters are set properly.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Use LetsEncrypt component to perform TLS certificate copying instead of custom
implementation.
- Use two components to copy the certificates to dovecot and postfix separately.
- Add support for multiple domains using SNI. Provide all the certificates. Use
primary domain's certificate as the fallback certificate.
- Drop the diagnose/repair approach due to its complexity.
Tests:
- Installing the app works. After installation, all TLS parameters are show as
expected by 'postconf' command and 'doveconf' command.
- A default domain is selected by default. This will reflect as primary domain
in TLS certificate configuration.
- When primary domain is changed, the configuration is updated to reflect the
default certificate path but SNI configuration is unchanged in dovecot and
postfix.
- Postfix and dovecot are restarted after setup.
- There are no configuration error shows in postfix/dovecot logs.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Parse arguments in a readable way.
- Convert decorator into simple call.
- Make a simple call instead of looking for subcommand.
- Don't setup logging in global scope.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- ugettext functions will be removed in Django 4.0. Each use emits a warning
when running with Django 3.2. Since we have warnings enabled in developer mode,
we see quite a few messages because of this.
- ugettext is already a simple alias of gettext. So, no regressions are
expected.
Tests:
- Accessing an affected app in UI with Django 3.2 and Django 2.2 works fine.
- Using Django 3.2 there are no warnings related to removal of ugettext
functions.
- Ran regular unit tests.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Better error handling
- You may retroactively diagnose and fix problems
- Shows the most important issues first
audit.models.Diagnosis
- Added JSON serialization (needed for IPC)
- Replaced ambiguous vocabulary
- Provided a sorting key
audit, diagnosis
- Support title translation
