chore: merge Kanmon to master

chore: merge Jubilee to master
2025-12-17 23:56:56 +00:00 · 2025-06-12 16:54:19 +00:00 · 2025-06-09 13:05:03 +00:00 · 2025-05-29 14:02:18 +00:00 · 2025-05-28 10:20:12 +02:00 · 2025-05-28 09:27:57 +02:00
9 changed files with 16 additions and 221 deletions
--- a/Changelog.md
+++ b/Changelog.md
@ -3,12 +3,6 @@
 Changelog [format](http://keepachangelog.com/en/1.0.0/)


-## Kanmon Bridge 3.21.2
-
-### Fixed
-* BRIDGE-406: Fixed faulty certificate chain validation logic. Made certificate pin checks exclusive to leaf certificates.
-
-
 ## Kanmon Bridge 3.21.1

 ### Changed
--- a/2
+++ b/2
@ -12,7 +12,7 @@ ROOT_DIR:=$(realpath .)
 .PHONY: build build-gui build-nogui build-launcher versioner hasher

 # Keep version hardcoded so app build works also without Git repository.
-BRIDGE_APP_VERSION?=3.21.2+git
+BRIDGE_APP_VERSION?=3.21.1+git
 APP_VERSION:=${BRIDGE_APP_VERSION}
 APP_FULL_NAME:=Proton Mail Bridge
 APP_VENDOR:=Proton AG
--- a/internal/dialer/dialer_basic.go
+++ b/internal/dialer/dialer_basic.go
@ -22,8 +22,6 @@ import (
 	"crypto/tls"
 	"net"
 	"net/http"
-	"net/url"
-	"strings"
 	"time"
 )

@ -31,11 +29,6 @@ type TLSDialer interface {
 	DialTLSContext(ctx context.Context, network, address string) (conn net.Conn, err error)
 }

-type SecureTLSDialer interface {
-	DialTLSContext(ctx context.Context, network, address string) (conn net.Conn, err error)
-	ShouldSkipCertificateChainVerification(address string) bool
-}
-
 func SetBasicTransportTimeouts(t *http.Transport) {
 	t.MaxIdleConns = 100
 	t.MaxIdleConnsPerHost = 100
@ -78,35 +71,6 @@ func NewBasicTLSDialer(hostURL string) *BasicTLSDialer {
 	}
 }

-func extractDomain(hostname string) string {
-	parts := strings.Split(hostname, ".")
-	if len(parts) >= 2 {
-		return strings.Join(parts[len(parts)-2:], ".")
-	}
-	return hostname
-}
-
-// ShouldSkipCertificateChainVerification determines whether certificate chain validation should be skipped.
-// It compares the domain of the requested address with the configured host URL domain.
-// Returns true if the domains don't match (skip verification), false if they do (perform verification).
-//
-// NOTE: This assumes single-part TLDs (.com, .me) and won't handle multi-part TLDs correctly.
-func (d *BasicTLSDialer) ShouldSkipCertificateChainVerification(address string) bool {
-	parsedURL, err := url.Parse(d.hostURL)
-	if err != nil {
-		return true
-	}
-
-	addressHost, _, err := net.SplitHostPort(address)
-	if err != nil {
-		addressHost = address
-	}
-
-	hostDomain := extractDomain(parsedURL.Host)
-	addressDomain := extractDomain(addressHost)
-	return addressDomain != hostDomain
-}
-
 // DialTLSContext returns a connection to the given address using the given network.
 func (d *BasicTLSDialer) DialTLSContext(ctx context.Context, network, address string) (conn net.Conn, err error) {
 	return (&tls.Dialer{
@ -114,7 +78,7 @@ func (d *BasicTLSDialer) DialTLSContext(ctx context.Context, network, address st
 			Timeout: 30 * time.Second,
 		},
 		Config: &tls.Config{
-			InsecureSkipVerify: d.ShouldSkipCertificateChainVerification(address), //nolint:gosec
+			InsecureSkipVerify: address != d.hostURL, //nolint:gosec
 		},
 	}).DialContext(ctx, network, address)
 }
--- a/internal/dialer/dialer_basic_test.go
+++ b/internal/dialer/dialer_basic_test.go
@ -1,134 +0,0 @@
-// Copyright (c) 2025 Proton AG
-//
-// This file is part of Proton Mail Bridge.
-//
-// Proton Mail Bridge is free software: you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// Proton Mail Bridge is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License
-// along with Proton Mail Bridge.  If not, see <https://www.gnu.org/licenses/>.
-
-package dialer
-
-import (
-	"testing"
-
-	"github.com/stretchr/testify/require"
-)
-
-func TestBasicTLSDialer_ShouldSkipCertificateChainVerification(t *testing.T) {
-	tests := []struct {
-		hostURL  string
-		address  string
-		expected bool
-	}{
-		{
-			hostURL:  "https://mail-api.proton.me",
-			address:  "mail-api.proton.me:443",
-			expected: false,
-		},
-		{
-			hostURL:  "https://proton.me",
-			address:  "proton.me",
-			expected: false,
-		},
-		{
-			hostURL:  "https://api.proton.me",
-			address:  "mail.proton.me:443",
-			expected: false,
-		},
-		{
-			hostURL:  "https://proton.me",
-			address:  "mail-api.proton.me:443",
-			expected: false,
-		},
-		{
-			hostURL:  "https://mail-api.proton.me",
-			address:  "proton.me:443",
-			expected: false,
-		},
-		{
-			hostURL:  "https://mail.google.com",
-			address:  "mail-api.proton.me:443",
-			expected: true,
-		},
-		{
-			hostURL:  "https://mail-api.protonmail.com",
-			address:  "mail-api.proton.me:443",
-			expected: true,
-		},
-		{
-			hostURL:  "https://proton.me",
-			address:  "google.com:443",
-			expected: true,
-		},
-		{
-			hostURL:  "https://proton.me",
-			address:  "proton.com:443",
-			expected: true,
-		},
-		{
-			hostURL:  "https://proton.me",
-			address:  "example.me:443",
-			expected: true,
-		},
-		{
-			hostURL:  "https://proton.me",
-			address:  "mail.example.com:443",
-			expected: true,
-		},
-		{
-			hostURL:  "https://proton.me",
-			address:  "proton.me",
-			expected: false,
-		},
-		{
-			hostURL:  "https://proton.me:8080",
-			address:  "proton.me:443",
-			expected: true,
-		},
-		{
-			hostURL:  "https://proton.me/api/v1",
-			address:  "proton.me:443",
-			expected: false,
-		},
-		{
-			hostURL:  "https://proton.black",
-			address:  "mail-api.pascal.proton.black",
-			expected: false,
-		},
-		{
-			hostURL:  "https://mail-api.pascal.proton.black",
-			address:  "mail-api.pascal.proton.black",
-			expected: false,
-		},
-		{
-			hostURL:  "https://mail-api.pascal.proton.black",
-			address:  "proton.black:332",
-			expected: false,
-		},
-		{
-			hostURL:  "https://mail-api.pascal.proton.black",
-			address:  "proton.me",
-			expected: true,
-		},
-		{
-			hostURL:  "https://mail-api.pascal.proton.black",
-			address:  "proton.me:332",
-			expected: true,
-		},
-	}
-
-	for _, tt := range tests {
-		dialer := NewBasicTLSDialer(tt.hostURL)
-		result := dialer.ShouldSkipCertificateChainVerification(tt.address)
-		require.Equal(t, tt.expected, result)
-	}
-}
--- a/internal/dialer/dialer_pinning.go
+++ b/internal/dialer/dialer_pinning.go
@ -50,12 +50,12 @@ var TrustedAPIPins = []string{ //nolint:gochecknoglobals
 }

 // TLSReportURI is the address where TLS reports should be sent.
-const TLSReportURI = "https://reports.proton.me/reports/tls"
+const TLSReportURI = "https://reports.protonmail.ch/reports/tls"

 // PinningTLSDialer wraps a TLSDialer to check fingerprints after connecting and
 // to report errors if the fingerprint check fails.
 type PinningTLSDialer struct {
-	dialer     SecureTLSDialer
+	dialer     TLSDialer
 	pinChecker PinChecker
 	reporter   Reporter
 	tlsIssueCh chan struct{}
@ -68,13 +68,13 @@ type Reporter interface {

 // PinChecker is used to check TLS keys of connections.
 type PinChecker interface {
-	CheckCertificate(conn net.Conn, certificateChainVerificationSkipped bool) error
+	CheckCertificate(conn net.Conn) error
 }

 // NewPinningTLSDialer constructs a new dialer which only returns TCP connections to servers
 // which present known certificates.
 // It checks pins using the given pinChecker and reports issues using the given reporter.
-func NewPinningTLSDialer(dialer SecureTLSDialer, reporter Reporter, pinChecker PinChecker) *PinningTLSDialer {
+func NewPinningTLSDialer(dialer TLSDialer, reporter Reporter, pinChecker PinChecker) *PinningTLSDialer {
 	return &PinningTLSDialer{
 		dialer:     dialer,
 		pinChecker: pinChecker,
@ -85,7 +85,6 @@ func NewPinningTLSDialer(dialer SecureTLSDialer, reporter Reporter, pinChecker P

 // DialTLSContext dials the given network/address, returning an error if the certificates don't match the trusted pins.
 func (p *PinningTLSDialer) DialTLSContext(ctx context.Context, network, address string) (net.Conn, error) {
-	shouldSkipCertificateChainVerification := p.dialer.ShouldSkipCertificateChainVerification(address)
 	conn, err := p.dialer.DialTLSContext(ctx, network, address)
 	if err != nil {
 		return nil, err
@ -96,7 +95,7 @@ func (p *PinningTLSDialer) DialTLSContext(ctx context.Context, network, address
 		return nil, err
 	}

-	if err := p.pinChecker.CheckCertificate(conn, shouldSkipCertificateChainVerification); err != nil {
+	if err := p.pinChecker.CheckCertificate(conn); err != nil {
 		if tlsConn, ok := conn.(*tls.Conn); ok && p.reporter != nil {
 			p.reporter.ReportCertIssue(TLSReportURI, host, port, tlsConn.ConnectionState())
 		}
--- a/internal/dialer/dialer_pinning_checker.go
+++ b/internal/dialer/dialer_pinning_checker.go
@ -41,15 +41,3 @@ func NewTLSPinChecker(trustedPins []string) *TLSPinChecker {
 func certFingerprint(cert *x509.Certificate) string {
 	return fmt.Sprintf(`pin-sha256=%q`, algo.HashBase64SHA256(string(cert.RawSubjectPublicKeyInfo)))
 }
-
-func (p *TLSPinChecker) isCertFoundInKnownPins(cert *x509.Certificate) bool {
-	fingerprint := certFingerprint(cert)
-
-	for _, pin := range p.trustedPins {
-		if pin == fingerprint {
-			return true
-		}
-	}
-
-	return false
-}
--- a/internal/dialer/dialer_pinning_checker_default.go
+++ b/internal/dialer/dialer_pinning_checker_default.go
@ -25,8 +25,8 @@ import (
 	"net"
 )

-// CheckCertificate verifies that the connection presents a known pinned leaf TLS certificate.
-func (p *TLSPinChecker) CheckCertificate(conn net.Conn, certificateChainVerificationSkipped bool) error {
+// CheckCertificate returns whether the connection presents a known TLS certificate.
+func (p *TLSPinChecker) CheckCertificate(conn net.Conn) error {
 	tlsConn, ok := conn.(*tls.Conn)
 	if !ok {
 		return errors.New("connection is not a TLS connection")
@ -34,31 +34,14 @@ func (p *TLSPinChecker) CheckCertificate(conn net.Conn, certificateChainVerifica

 	connState := tlsConn.ConnectionState()

-	// When certificate chain verification is enabled (e.g., for known API hosts), we expect the TLS handshake to produce verified chains.
-	// We then validate that the leaf certificate of at least one verified chain matches a known pinned public key.
-	if !certificateChainVerificationSkipped {
-		if len(connState.VerifiedChains) == 0 {
-			return errors.New("no verified certificate chains")
-		}
+	for _, peerCert := range connState.PeerCertificates {
+		fingerprint := certFingerprint(peerCert)

-		for _, chain := range connState.VerifiedChains {
-			// Check if the leaf certificate is one of the trusted pins.
-			if p.isCertFoundInKnownPins(chain[0]) {
+		for _, pin := range p.trustedPins {
+			if pin == fingerprint {
 				return nil
 			}
 		}
-
-		return ErrTLSMismatch
-	}
-
-	// When certificate chain verification is skipped (e.g., for DoH proxies using self-signed certs),
-	// we only validate the leaf certificate against known pinned public keys.
-	if len(connState.PeerCertificates) == 0 {
-		return errors.New("no peer certificates available")
-	}
-
-	if p.isCertFoundInKnownPins(connState.PeerCertificates[0]) {
-		return nil
 	}

 	return ErrTLSMismatch
--- a/internal/dialer/dialer_pinning_checker_qa.go
+++ b/internal/dialer/dialer_pinning_checker_qa.go
@ -23,6 +23,6 @@ import "net"

 // CheckCertificate returns whether the connection presents a known TLS certificate.
 // The QA implementation always returns nil.
-func (p *TLSPinChecker) CheckCertificate(conn net.Conn, _ bool) error {
+func (p *TLSPinChecker) CheckCertificate(conn net.Conn) error {
 	return nil
 }
--- a/internal/dialer/dialer_pinning_test.go
+++ b/internal/dialer/dialer_pinning_test.go
@ -64,7 +64,8 @@ func TestTLSPinInvalid(t *testing.T) {
 	checkTLSIssueHandler(t, 1, called)
 }

-func TestTLSPinNoMatch(t *testing.T) {
+// Disabled for now we'll need to patch this up.
+func _TestTLSPinNoMatch(t *testing.T) { //nolint:unused
 	skipIfProxyIsSet(t)

 	called, _, reporter, checker, cm := createClientWithPinningDialer(getRootURL())
Author	SHA1	Message	Date
Atanas Janeshliev	dbef40cfc5	chore: merge Kanmon to master	2025-06-12 16:54:19 +00:00
Atanas Janeshliev	8b891fb3e7	chore: merge Kanmon to master	2025-06-09 13:05:03 +00:00
Atanas Janeshliev	94125056ab	chore: merge Jubilee to master	2025-05-29 14:02:18 +00:00
Atanas Janeshliev	675b37a2fa	chore: Jubilee Bridge 3.20.1 changelog.	2025-05-28 10:20:12 +02:00
Atanas Janeshliev	9d4415d8cc	fix(BRIDGE-362): added label conflict reconciliation logic	2025-05-28 09:27:57 +02:00
Atanas Janeshliev	4557f54e2f	chore: merge Jubilee to master	2025-05-06 14:51:31 +00:00
Atanas Janeshliev	05623a9e49	chore: Jubilee Bridge 3.20.0 changelog.	2025-04-24 13:40:43 +02:00
Atanas Janeshliev	42605c1923	chore: merge Infinity to master	2025-03-18 15:03:14 +00:00
Atanas Janeshliev	9f4801b738	chore: Infinity Bridge 3.19.0 changelog.	2025-03-07 11:12:59 +01:00
Atanas Janeshliev	4e6236611a	chore: merge Helix to master	2025-02-27 10:36:11 +00:00
Atanas Janeshliev	0800aeea50	chore: Helix Bridge 3.18.0 changelog.	2025-02-18 23:44:44 +01:00
Atanas Janeshliev	b230f2ece6	chore: merge XXX to master	2025-02-12 08:37:01 +00:00
Atanas Janeshliev	d44c488ed5	chore: minor comment just so we have a new commit	2025-02-11 10:28:05 +01:00
Atanas Janeshliev	8237129670	chore: merge Grunwald to master	2025-01-29 15:52:34 +00:00
Atanas Janeshliev	8e634995c5	chore: Grunwald Bridge 3.17.0 changelog.	2025-01-21 14:42:52 +01:00
Gabor Meszaros	10a685a123	chore: Prepare for issue tracker removal	2025-01-14 10:48:03 +01:00
Atanas Janeshliev	896f50c754	chore: FF devel into master	2025-01-14 10:35:25 +01:00
Atanas Janeshliev	60633fc09c	chore: merge Flavien to master	2024-12-17 15:20:30 +00:00
Atanas Janeshliev	9c5b5c2ac3	chore: FF devel into master	2024-12-16 12:22:45 +01:00
Xavier Michelon	4f4a2c3fd8	chore: merge Erasmus to master	2024-12-05 11:35:19 +00:00
Atanas Janeshliev	120a7b3626	chore: Erasmus Bridge 3.15.1 changelog.	2024-12-04 14:44:25 +01:00
Xavier Michelon	7cf3b6fb7b	feat(BRIDGE-281): disable keychain test on macOS. (cherry picked from commit `3f78f4d672`)	2024-12-04 14:09:50 +01:00
Atanas Janeshliev	03c9455b0d	chore: Flavien Bridge 3.16.0 changelog.	2024-12-04 10:03:12 +01:00
Atanas Janeshliev	61ca604ace	chore: merge Erasmus to master	2024-11-13 09:30:24 +00:00
Atanas Janeshliev	a8caec560e	chore: Erasmus Bridge 3.15.0 changelog.	2024-10-29 10:47:33 +01:00
Xavier Michelon	df78e29234	chore: merge Dragon to master	2024-09-30 09:05:11 +00:00
Xavier Michelon	6105f32c75	chore: Dragon Bridge 3.14.0 changelog.	2024-09-25 10:47:40 +02:00
Jakub Cuth	da76784290	chore: merge Colorado to master	2024-09-10 12:05:30 +00:00
Xavier Michelon	43cbedafb8	chore: Colorado Bridge 3.13.0 changelog.	2024-08-30 15:35:30 +02:00
Xavier Michelon	0d33cc5000	chore: merge Bastei to master	2024-06-19 06:06:24 +00:00
Xavier Michelon	ed5adb18fb	chore: Bastei Bridge 3.12.0 changelog.	2024-06-17 11:19:49 +02:00
Atanas Janeshliev	85a91c5572	feat(BRIDGE-97): added repair button telemetry	2024-06-14 13:01:07 +00:00
Xavier Michelon	56d4bfbb71	feat(BRIDGE-79): update to the KB suggestion list.	2024-06-13 10:05:23 +02:00
Xavier Michelon	48a75b0dd7	chore: Bastei Bridge 3.12.0 changelog.	2024-06-06 10:10:36 +02:00
Xavier Michelon	b84663dd7a	chore: merge Alcantara to master	2024-05-21 09:32:21 +00:00
Xavier Michelon	cd8db6fd1c	chore: Alcantara Bridge 3.11.1 changelog.	2024-05-16 15:12:56 +02:00
Atanas Janeshliev	a5e0f85a58	fix(BRIDGE-70): hotfix for blocked smtp/imap port causing bridge to quit	2024-05-16 09:51:32 +02:00
Xavier Michelon	6cbe51138a	chore: merge Alcantara to master	2024-04-29 12:31:37 +00:00
Xavier Michelon	82607efe1c	chore: Alcantara Bridge 3.11.0 changelog.	2024-04-23 17:07:24 +02:00
Xavier Michelon	961dc9435f	fix(BRIDGE-15): Apple Mail profile install page was not properly reset before showing.	2024-04-23 15:58:22 +02:00
Xavier Michelon	b574ccb6ea	chore: Alcantara Bridge 3.11.0 changelog.	2024-04-22 10:37:47 +02:00
Xavier Michelon	2569e83e51	chore: Alcantara Bridge 3.11.0 changelog.	2024-04-22 09:27:43 +02:00
Jakub Cuth	f34a7ff0ed	chore: merge Zaehringen to master	2024-03-12 12:27:21 +00:00
Jakub	da069a0155	chore: Zaehringen Bridge 3.10.0 changelog.	2024-03-06 10:33:17 +01:00
Jakub Cuth	384fa4eb4b	chore: merge Ypsilon to master	2024-02-12 11:19:51 +00:00
Jakub	0c6e4ffa35	chore: merge Xikou to master	2024-02-03 00:14:41 +01:00
Jakub	4951244400	chore: Xikou Bridge 3.8.2 changelog.	2024-02-02 19:32:58 +01:00
Jakub	d65d6ee2e5	fix(GODT-3235): use release xikou for trigger build	2024-02-02 18:37:38 +01:00
Jakub	097d6f86d3	fix(GODT-3235): update bridge update key	2024-02-02 17:34:32 +01:00
Jakub Cuth	9894cf9744	chore: merge Ypsilon to master	2024-01-31 11:00:11 +00:00
Jakub	f84067de3e	chore: merge Xikou to master	2023-12-12 13:39:06 +01:00
Jakub	f885bfbcf4	chore: merge Xikou to master	2023-12-11 17:04:00 +01:00
Jakub	f3aac09ecb	chore: merge wakato release to master	2023-11-22 12:52:24 +01:00
Jakub	38d692ebfb	chore: merge wakato release to master	2023-11-14 11:32:39 +01:00
Jakub	1acc7eb7db	chore: merge release/vasco_da_gama to master	2023-11-03 17:10:42 +01:00
Jakub	248fbf5e33	chore: Vasco da Gama Bridge 3.6.1 changelog.	2023-10-18 15:41:01 +02:00
Leander Beernaert	8b12a454ea	fix(GODT-3033): Unable to receive new mail If the IMAP service happened to finish syncing and wanted to reset the user event service at a time the latter was publishing an event a deadlock would occur and the user would not receive any new messages. This change puts the request to revert the event id in a separate go-routine to avoid this situation from re-occurring. The operational flow remains unchanged as the event service will only process this request once the current set of events have been published.	2023-10-18 14:46:14 +02:00
Jakub	310fcffc7b	chore: merge release/vasco_da_gama to master	2023-10-17 11:54:05 +02:00
Jakub	318ad16378	chore: merge Umshiang release to master	2023-10-13 08:40:01 +02:00
Jakub	8be4246f7e	chore: Vasco da Gama Bridge 3.6.0 changelog.	2023-10-11 16:09:55 +02:00
Jakub	e580f89106	feat(GODT-3004): update gopenpgp and dependencies.	2023-10-11 15:29:52 +02:00
Jakub	01043e033e	chore: Umshiang Bridge 3.5.3 changelog.	2023-10-11 08:37:28 +02:00
Jakub	94b44b383a	feat(GODT-3004): update gopenpgp and dependencies.	2023-10-11 08:26:58 +02:00
Jakub	a3b8fabb26	chore: merge Umshiang to master	2023-10-10 13:46:07 +02:00
Jakub	275b30e518	chore: Vasco da Gama Bridge 3.6.0 changelog.	2023-10-10 11:29:36 +02:00
Leander Beernaert	bf244e5c86	fix(GODT-3003): Ensure IMAP State is reset after vault corruption After we detect that the user has suffered the GODT-3003 bug due the vault corruption not ensuring that a previous sync state would be erased, we patch the gluon db directly and then reset the sync state. After the account is added, the sync is automatically triggered and the account state fixes itself.	2023-10-10 11:24:06 +02:00
Leander Beernaert	cf9651bb94	fix(GODT-3001): Only create system labels during system label sync	2023-10-10 11:23:32 +02:00
Jakub	ba65ffdbc7	chore: Umshiang Bridge 3.5.2 changelog.	2023-10-10 11:22:41 +02:00
Jakub	4b95ef4d82	chore: Umshiang Bridge 3.5.2 changelog.	2023-10-09 13:25:44 +02:00
Leander Beernaert	951c7c27fb	fix(GODT-3003): Ensure IMAP State is reset after vault corruption After we detect that the user has suffered the GODT-3003 bug due the vault corruption not ensuring that a previous sync state would be erased, we patch the gluon db directly and then reset the sync state. After the account is added, the sync is automatically triggered and the account state fixes itself.	2023-10-09 11:19:36 +01:00
Leander Beernaert	e7423a9519	fix(GODT-3001): Only create system labels during system label sync	2023-10-09 11:05:59 +01:00
Jakub	d3582fa981	chore: Vasco da Gama Bridge 3.6.0 changelog.	2023-10-03 16:43:33 +02:00
Xavier Michelon	80c852a5b2	fix(GODT-2992): fix link in 'no account view' in main window after 2FA or TOTP are cancelled. (cherry picked from commit `1c344211d1`)	2023-10-03 11:08:52 +02:00
Jakub	51498e3e37	chore: merge master with release/umshiang	2023-09-28 14:19:45 +02:00
Jakub	b7ef6e1486	chore: Umshiang Bridge 3.5.1 changelog.	2023-09-27 13:18:23 +02:00
Leander Beernaert	0d03f84711	fix(GODT-2963): Use multi error to report file removal errors Do not abort removing files on first error. Collect errors and try to remove as many as possible. This would cause some state files to not be removed on windows.	2023-09-27 12:34:07 +02:00
Jakub	949666724d	chore: Umshiang Bridge 3.5.1 changelog.	2023-09-27 10:54:50 +02:00
Leander Beernaert	bbe19bf960	fix(GODT-2956): Restore old deletion rules When unlabeling a message from trash we have to check if this message is present in another folder before perma-deleting.	2023-09-26 14:06:31 +02:00
Leander Beernaert	bfe25e3a46	fix(GODT-2951): Negative WaitGroup Counter Do not defer call to `wg.Done()` in `job.onJobFinished`. If there is an error it will also call `wg.Done()`.	2023-09-26 13:58:46 +02:00
Leander Beernaert	236c958703	fix(GODT-2590): Fix send on closed channel Ensure periodic user tasks are terminated before the other user services. The panic triggered due to the fact that the telemetry service was shutdown before this periodic task.	2023-09-26 13:58:18 +02:00
Leander Beernaert	e6b312b437	fix(GODT-2949): Fix close of close channel in event service This issue is triggered due to the `Service.Close()` call after the go-routine for the event service exists. It is possible that during this period a recently added subscriber with `pendingOpAdd` gets cancelled and closed. However, the subscriber later also enqueues a `pendingOpRemove` which gets processed again with a call in `user.eventService.Close()` leading to the double close panic. This patch simply removes the `s.Close()` from the service, and leaves the cleanup to called externally from user.Close() or user.Logout().	2023-09-26 13:58:07 +02:00
Jakub	384154c767	chore: merge 'trift' into `umshiang`	2023-09-14 14:48:03 +02:00
Jakub	45d2e9ea63	chore: update changelog.	2023-09-13 10:25:47 +02:00
Jakub	86e8a566c7	chore: Umshiang Bridge 3.5.0 changelog.	2023-09-12 07:45:08 +02:00
Jakub	a80fd92018	chore: Trift Bridge 3.4.2 changelog.	2023-09-01 15:12:34 +02:00
Jakub	71063ac5ee	fix(GODT-2902): do not check for changed values. Related to GODT-2857.	2023-09-01 14:44:27 +02:00