Merge branch 'jammyjellyfish2204' of https://github.com/mail-in-a-box/mailinabox into jammyjellyfish2204

# Conflicts: # setup/webmail.sh # tools/editconf.py
2026-03-12 17:07:23 +01:00 · 2022-09-17 19:54:52 -04:00
parent 688d1f668b d584a41e60
commit 45d5b7cb25
11 changed files with 49 additions and 53 deletions
--- a/management/auth.py
+++ b/management/auth.py
@@ -23,20 +23,8 @@ class AuthService:
 	def init_system_api_key(self):
 		"""Write an API key to a local file so local processes can use the API"""

-		def create_file_with_mode(path, mode):
-			# Based on answer by A-B-B: http://stackoverflow.com/a/15015748
-			old_umask = os.umask(0)
-			try:
-				return os.fdopen(os.open(path, os.O_WRONLY | os.O_CREAT, mode), 'w')
-			finally:
-				os.umask(old_umask)
-
-		self.key = secrets.token_hex(32)
-
-		os.makedirs(os.path.dirname(self.key_path), exist_ok=True)
-
-		with create_file_with_mode(self.key_path, 0o640) as key_file:
-			key_file.write(self.key + '\n')
+		with open(self.key_path, 'r') as file:
+			self.key = file.read()

 	def authenticate(self, request, env, login_only=False, logout=False):
 		"""Test if the HTTP Authorization header's username matches the system key, a session key,
--- a/management/backup.py
+++ b/management/backup.py
@@ -467,25 +467,13 @@ def list_target_files(config):
 			raise ValueError("Connection to rsync host failed: {}".format(reason))

 	elif target.scheme == "s3":
-		# match to a Region
-		import boto.s3
-		from boto.exception import BotoServerError
-		custom_region = False
-		for region in boto.s3.regions():
-			if region.endpoint == target.hostname:
-				break
-		else:
-			# If region is not found this is a custom region
-			custom_region = True
-
+		import boto3.s3
+		from botocore.exceptions import ClientError
+		
+		# separate bucket from path in target
 		bucket = target.path[1:].split('/')[0]
 		path = '/'.join(target.path[1:].split('/')[1:]) + '/'

-		# Create a custom region with custom endpoint
-		if custom_region:
-			from boto.s3.connection import S3Connection
-			region = boto.s3.S3RegionInfo(name=bucket, endpoint=target.hostname, connection_cls=S3Connection)
-
 		# If no prefix is specified, set the path to '', otherwise boto won't list the files
 		if path == '/':
 			path = ''
@@ -495,18 +483,15 @@ def list_target_files(config):

 		# connect to the region & bucket
 		try:
-			conn = region.connect(aws_access_key_id=config["target_user"], aws_secret_access_key=config["target_pass"])
-			bucket = conn.get_bucket(bucket)
-		except BotoServerError as e:
-			if e.status == 403:
-				raise ValueError("Invalid S3 access key or secret access key.")
-			elif e.status == 404:
-				raise ValueError("Invalid S3 bucket name.")
-			elif e.status == 301:
-				raise ValueError("Incorrect region for this bucket.")
-			raise ValueError(e.reason)
-
-		return [(key.name[len(path):], key.size) for key in bucket.list(prefix=path)]
+			s3 = boto3.client('s3', \
+				endpoint_url=f'https://{target.hostname}', \
+				aws_access_key_id=config['target_user'], \
+				aws_secret_access_key=config['target_pass'])
+			bucket_objects = s3.list_objects_v2(Bucket=bucket, Prefix=path)['Contents']
+			backup_list = [(key['Key'][len(path):], key['Size']) for key in bucket_objects]
+		except ClientError as e:
+			raise ValueError(e)
+		return backup_list
 	elif target.scheme == 'b2':
 		from b2sdk.v1 import InMemoryAccountInfo, B2Api
 		from b2sdk.v1.exception import NonExistentBucket
--- a/management/daemon.py
+++ b/management/daemon.py
@@ -122,8 +122,9 @@ def index():
 	no_users_exist = (len(get_mail_users(env)) == 0)
 	no_admins_exist = (len(get_admins(env)) == 0)

-	import boto.s3
-	backup_s3_hosts = [(r.name, r.endpoint) for r in boto.s3.regions()]
+	import boto3.s3
+	backup_s3_hosts = [(r, f"s3.{r}.amazonaws.com") for r in boto3.session.Session().get_available_regions('s3')]
+

 	return render_template('index.html',
 		hostname=env['PRIMARY_HOSTNAME'],
--- a/management/status_checks.py
+++ b/management/status_checks.py
@@ -715,7 +715,7 @@ def check_mail_domain(domain, env, output):
 		output.print_ok(good_news)

 		# Check MTA-STS policy.
-		loop = asyncio.get_event_loop()
+		loop = asyncio.new_event_loop()
 		sts_resolver = postfix_mta_sts_resolver.resolver.STSResolver(loop=loop)
 		valid, policy = loop.run_until_complete(sts_resolver.resolve(domain))
 		if valid == postfix_mta_sts_resolver.resolver.STSFetchResult.VALID:
--- a/management/templates/system-backup.html
+++ b/management/templates/system-backup.html
@@ -269,6 +269,7 @@ function show_custom_backup() {
          $("#backup-target-type").val("s3");
          var hostpath = r.target.substring(5).split('/');
          var host = hostpath.shift();
+          $("#backup-target-s3-host-select").val(host);
          $("#backup-target-s3-host").val(host);
          $("#backup-target-s3-path").val(hostpath.join('/'));
        } else if (r.target.substring(0, 5) == "b2://") {
--- a/management/wsgi.py
+++ b/management/wsgi.py
@@ -0,0 +1,7 @@
+from daemon import app
+import auth, utils
+
+app.logger.addHandler(utils.create_syslog_handler())
+
+if __name__ == "__main__":
+    app.run(port=10222)