Bug#1011238: dsync panic

[Timo Sirainen]

On 18. May 2022, at 16.56, Marc F. Clemente  wrote:
> 
> dsync -D -v -u marc mirror mbox:/home/marc/mail:INBOX=/var/mail/marc
> 
> It mostly works, and I have been able to convert multiple users.  I get a lot 
> of debug output about what it's doing, until it crashes like this:
> 
> May 18 09:21:20 dsync(marc): Debug: Mailbox Sent: UID 10691: Expunge requested
> May 18 09:21:20 dsync(marc): Debug: Mailbox Sent: UID 10647: Opened mail 
> because: prefetch
> May 18 09:21:20 dsync(marc): Debug: brain S: import mail uid 0 guid 
> cfb601bf53fe34fbaf6a25475a662866
> May 18 09:21:20 dsync(marc): Debug: brain S: Import Sent: Import mail body 
> for GUID=cfb601bf53fe34fbaf6a25475a662866 UID=0
> May 18 09:21:20 dsync(marc): Panic: file mbox-lock.c: line 796 (mbox_lock): 
> assertion failed: (lock_type == F_RDLCK || mbox->mbox_lock_type != F_RDLCK)
> May 18 09:21:20 dsync(marc): Error: Raw backtrace: #0 
> test_subprocess_fork[0x7f04b4c778d0] -> #1 backtrace_append[0x7f04b4c77b30] 
> -> #2 backtrace_get[0x7f04b4c77c90] -> #3 execvp_const[0x7f04b4c84ba0] -> #4 
> default_fatal_handler[0x7f04b4c84c70] -> #5 i_panic[0x7f04b4bda0a1] -> #6 
> [unw_get_proc_name() failed: -10] -> #7 mbox_save_begin[0x7f04b4deefc0] -> #8 
> mailbox_save_begin[0x7f04b4dbb2c0] -> #9 mail_storage_copy[0x7f04b4daee30] -> 
> #10 mailbox_save_begin[0x7f04b4dbb410] -> #11 mailbox_copy[0x7f04b4dbb610] -> 
> #12 dsync_mailbox_import_change[0x55b05aea7f90] -> #13 
> dsync_mailbox_import_mail[0x55b05aea8480] -> #14 
> dsync_brain_sync_mails[0x55b05ae9cc90] -> #15 
> dsync_brain_sync_mails[0x55b05ae9d5f0] -> #16 dsync_brain_run[0x55b05ae9ddb0] 
> -> #17 who_lookup[0x55b05ae82cb0] -> #18 who_lookup[0x55b05ae83cd0] -> #19 
> doveadm_cmd_ver2_to_mail_cmd_wrapper[0x55b05ae84ea0] -> #20 
> doveadm_cmd_run_ver2[0x55b05ae8f870] -> #21 
> doveadm_cmd_try_run_ver2[0x55b05ae8fdb0] -> #22 main[0x55b05ae70ee0] -> #23 
> __libc_start_main[0x7f04b4831730] -> #24 _start[0x55b05ae71350]
> Abort

I think it happens when the same mail (or actually a mail with identical 
headers) exists in the same mbox file multiple times. Seems like there is no 
easy workaround on mbox side and fixing the code is likely difficult too. But I 
think you could solve this by migrating via imapc: 
https://doc.dovecot.org/admin_manual/migrating_mailboxes/#migrating-mailboxes-over-imap

Bug#1001506: IMAP core dump when moving e-mail into read-only cur/ sub-directory

[Timo Sirainen]

On 13. Dec 2021, at 12.04, Simon Josefsson  wrote:
> 
>> The fix for this is going to be in v2.3.18:
>> https://github.com/dovecot/core/commit/616684a8fe0cccaaec7247d6d3be396e7bf924eb
> 
> Thanks!
> 
> Is there any best practice on how to mark certain folder as read-only
> on the server side?  I take it that 'chmod -w' hasn't been used by many
> people, or this problem would have been noticed before.

https://doc.dovecot.org/configuration_manual/acl/ is the usual way.

Bug#1001506: IMAP core dump when moving e-mail into read-only cur/ sub-directory

[Timo Sirainen]

On 11. Dec 2021, at 11.42, Simon Josefsson  wrote:
> 
> Package: dovecot
> Version: 1:2.3.13+dfsg1-2
> 
> Hi.
> 
> tldr; dovecot crashes when moving an email into a Maildir that has the
> cur/ sub-directory marked as read-only.
..
>#0  0x7fd78f75d340 mail_set_critical 
> (libdovecot-storage.so.0 + 0x5b340)
>#1  0x7fd78f787e42 maildir_file_move 
> (libdovecot-storage.so.0 + 0x85e42)
>#2  0x7fd78f7e16f5 index_transaction_index_commit 
> (libdovecot-storage.so.0 + 0xdf6f5)
>#3  0x7fd78f7fc536 mail_index_transaction_commit_full 
> (libdovecot-storage.so.0 + 0xfa536)
>#4  0x7fd78f7e1c12 index_transaction_commit 
> (libdovecot-storage.so.0 + 0xdfc12)
>#5  0x7fd78f7bdbb1 index_list_transaction_commit 
> (libdovecot-storage.so.0 + 0x1)
>#6  0x7fd78f75fa66 mailbox_transaction_commit_get_changes 
> (libdovecot-storage.so.0 + 0x5da66)
>#7  0x55908df44fb2 fetch_and_copy (imap + 0x12fb2)

The fix for this is going to be in v2.3.18:
https://github.com/dovecot/core/commit/616684a8fe0cccaaec7247d6d3be396e7bf924eb

Bug#997513: dovecot: FTBFS: dh_auto_test: error: make -j4 check VERBOSE=1 returned exit code 2

[Timo Sirainen]

On 6. Dec 2021, at 23.09, Adrian Bunk  wrote:
> 
> On Mon, Oct 25, 2021 at 08:54:45PM +0200, Christian Göttsche wrote:
>> The source of these test failure is LTO: it built fine with GCC 10.3
>> with LTO a month ago on buildd, GCC 11 without LTO works and Clang 13
>> with LTO also works.
>> So either there is some subtle undefined behaviour in dovecot (which
>> gets miscompiled) or the code generation in GCC 11 is buggy (maybe
>> related [1]).
>> 
>> For the mean time the simplest solution is probably to disable LTO
>> ...
> 
> Could you do this as temprorary workaround?

Looks like disabling the md4/md5 little-endian optimizations fixes this as 
well. I'll try to figure out the proper fix in upstream.

diff --git a/src/lib/md4.c b/src/lib/md4.c
index 06e3231bde..798292a16f 100644
--- a/src/lib/md4.c
+++ b/src/lib/md4.c
@@ -42,7 +42,7 @@
  * memory accesses is just an optimization.  Nothing will break if it
  * doesn't work.
  */
-#if defined(__i386__) || defined(__x86_64__) || defined(__vax__)
+#if 0 //defined(__i386__) || defined(__x86_64__) || defined(__vax__)
 /* uint_fast32_t might be 64 bit, and thus may read 4 more bytes
  * beyond the end of the buffer. So only read precisely 32 bits
  */
diff --git a/src/lib/md5.c b/src/lib/md5.c
index 6b5da6c307..c605639aa1 100644
--- a/src/lib/md5.c
+++ b/src/lib/md5.c
@@ -46,7 +46,7 @@
  * memory accesses is just an optimization.  Nothing will break if it
  * doesn't work.
  */
-#if defined(__i386__) || defined(__x86_64__) || defined(__vax__)
+#if 0 //defined(__i386__) || defined(__x86_64__) || defined(__vax__)
 #define SET(n) \
(*(const uint32_t *)&ptr[(n) * 4])
 #define GET(n) \

Bug#976989: valgrind: Environment variables with slashes get dropped

[Timo Sirainen]

Package: valgrind
Version: 1:3.16.1-1
Severity: minor

Dear Maintainer,

Environment variables like "FOO/BAR" are dropped when executing programs via
valgrind.

This happens only when building the Debian package with dpkg-buildpackage. 
It does not happen when using exactly the same Debian source code tree (via
apt source valgrind) but building it with:

./configure --prefix=/tmp/valgrind
make
make install

So I'm not sure what Debian packaging does differently to cause this.

Example program:

// gcc test.c -o test
#include 
#include 
int main(void)
{
printf("%s\n", getenv("FOO/BAR"));
return 0;
}

I can successfully run it with:

env 'FOO/BAR=1' ./test

However, with valgrind FOO/BAR is NULL and it crashes:

env 'FOO/BAR=1' valgrind ./test
==77478== Invalid read of size 1
==77478==at 0x4C2FD72: strlen (vg_replace_strmem.c:458)
==77478==by 0x4EA7D01: puts (ioputs.c:35)
==77478==by 0x1086A1: main (in /home/tss/test)

Originally reported to upstream in https://bugs.kde.org/show_bug.cgi?id=395266

-- System Information:
Debian Release: bullseye/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.8.0-2-amd64 (SMP w/32 CPU threads)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages valgrind depends on:
ii  libc6  2.31-5
ii  libc6-dbg  2.31-5

Versions of packages valgrind recommends:
ii  gdb   10.1-1+b1
pn  valgrind-dbg  

Versions of packages valgrind suggests:
pn  alleyoop  
ii  kcachegrind   4:20.08.0-1
pn  valgrind-mpi  
pn  valkyrie  

-- no debconf information

Bug#970386: dovecot-imapd: assertion failure in message_part_finish when searching large folder

[Timo Sirainen]

On 21. Sep 2020, at 16.43, Dimitry Andric  wrote:
> 
> Sep 21 14:04:00 hostname dovecot: imap(username)<29488>: 
> Panic: file message-parser.c: line 174 (message_part_finish): assertion 
> failed: (ctx->nested_parts_count > 0)

Oh, right, this is fixed by: 
https://github.com/dovecot/core/commit/a668d767a710ca18ab6e7177d8e8be22a6b024fb 

Bug#970386: dovecot-imapd: assertion failure in message_part_finish when searching large folder

[Timo Sirainen]

On 15. Sep 2020, at 14.00, Matthew Vernon  wrote:
> One of my IMAP users reports failures when trying to do full-text
> searches of a large (3G) mailbox; subject-only searches are OK.
> 
> The backtrace in syslog is:
> 
> Sep 15 11:51:37 aragorn dovecot: imap(atreic): Panic: file message-parser.c: 
> line 174 (message_part_finish): assertion failed: (ctx->nested_parts_count > 
> 0)

The original backported patch for v2.2 was accidentally wrong. Also I'm not 
sure if Debian backport had the "--" suffix boundary fix either? Attached 
anyway patches for both fixes.



fix1.patch
Description: Binary data


fix2.patch
Description: Binary data

Bug#961220: dovecot: lda: Fatal: Plugin 'push_notifications' not found from directory /usr/lib/dovecot/modules

[Timo Sirainen]

On 21. May 2020, at 17.22, Joseph Nahmias  wrote:
> I was trying to set up push_notification, but when I add it to the config, I 
> start getting errors like this:
> 
> dovecot: lda: Fatal: Plugin 'push_notifications' not found from directory 
> /usr/lib/dovecot/modules
> 
> I do see the file:
> 
> $ locate push_notification
> /usr/lib/dovecot/modules/lib20_push_notification_plugin.so
> /usr/lib/dovecot/modules/lib22_push_notification_lua_plugin.so
> 
> 
> Is there some misconfiguration of the package somewhere?

You have an extra "s" after push_notification in protocol lda { mail_plugins }

Bug#961033: stats-writer permission issue when using LDA via procmail

[Timo Sirainen]

On 19. May 2020, at 17.34, Joseph Nahmias  wrote:
> 
> I have my machine configured to run fetchmail via cron, which retrieves my
> emails from various different services. My .forward then sends all mail 
> through
> procmail, for filtering, sorting into folders, etc... Procmail then calls the
> dovecot-lda program to actually deliver the mail using the .procmailrc config
> line DELIVER="/usr/lib/dovecot/deliver -d $LOGNAME". I can then access my mail
> via dovecot using a standard IMAP client.
> 
> The problem:
> 
> I recently upgrade my machine from stretch to buster, bringing with it a new
> version of dovecot. Now, the fetchmail cron job is throwing errors like the
> following:
> 
> lda($USER,)Error: net_connect_unix(/var/run/dovecot/stats-writer) failed: 
> Permission denied
> 
> I see that the stats-writer socket is owned by root:dovecot with 0660
> permissions. Should the dovecot-lda program be set as setgid dovecot to allow
> it to write to the socket? How is this socket really used? Are there any
> security considerations I should be aware of prior to doing this?

In newer versions you could disable this with "stats_writer_socket_path=" but 
not with v2.3.4.

I don't recommend setting dovecot-lda as setgid - it's not hardened for it. A 
safer way is to just make stats-writer world-writable, there's not that much 
harm that anyone can do with it (just mess up statistics and maybe cause it to 
waste memory / crash).

service stats {
  unix_listener tats-writer {
mode = 0666
  }
}

Bug#951351: dovecot-sieve: extracttext w/out :first causes sieve to segfault

[Timo Sirainen]

On 15. Feb 2020, at 2.01, Bradley M. Kuhn  wrote:
> 
> Package: dovecot-sieve
> Version: 1:2.3.4.1-5+deb10u1
> Severity: important
> 
> I've attached a test.sieve file and an email message that you can use with
> this command line:
> 
>$ sieve-test -t - -Tlevel=tests test.sieve multipart.eml  
> 
> that  reliably generates a segfault for me.

Fixed by 
https://github.com/dovecot/pigeonhole/commit/daf4a721c5e8606ceded426d7b882718fb22b8a9
 

Bug#903161: Same issue here; solution found

[Timo Sirainen]

On 29 Aug 2019, at 3.57, Josh Triplett  wrote:
> 
> On Wed, Aug 28, 2019 at 05:43:27PM -0700, Josh Triplett wrote:
>> So if the stats sockets don't exist at *all*, deliver won't complain.
>> 
>> To disable those stats sockets, add the following configuration to a
>> file in /etc/dovecot/conf.d/ :
> 
> Update: sadly this doesn't fully work, as it produces the following
> spurious errors in the logs:
> 
> Aug 28 17:54:27 cloud dovecot[3168]: imap-login: Error: 
> net_connect_unix(/var/run/dovecot/stats-writer) failed: No such file or 
> directory
> Aug 28 17:54:27 cloud dovecot[3168]: auth: Error: 
> net_connect_unix(/var/run/dovecot/stats-writer) failed: No such file or 
> directory
> Aug 28 17:54:27 cloud dovecot[3168]: auth: Error: stats: open(old-stats-user) 
> failed: No such file or directory
> Aug 28 17:54:28 cloud dovecot[3168]: auth: Error: 
> net_connect_unix(/var/run/dovecot/stats-writer) failed: No such file or 
> directory
> Aug 28 17:54:28 cloud dovecot[3168]: auth-worker(3182): Error: stats: 
> open(old-stats-user) failed: No such file or directory
> Aug 28 17:54:28 cloud dovecot[3168]: imap: Error: 
> net_connect_unix(/var/run/dovecot/stats-writer) failed: No such file or 
> directory
> 
> So while deliver has no problem ignoring such errors, the rest of
> dovecot unfortunately doesn't like that configuration.
> 
> I'd like to have a "disable all stats" configuration, rather than having
> to make a stats socket available to the user running deliver.

Add to dovecot.conf: stats_writer_socket_path=

Bug#932253: /usr/lib/dovecot/maildirlock does complains about no timeout given (although I did give it one)

[Timo Sirainen]

On 17 Jul 2019, at 4.52, Jeronimo Pellegrini  wrote:
> 
> $ /usr/lib/dovecot/maildirlock PATH_TO_MAILDIR 100
> Panic: BUG: No IOs or timeouts set. Not waiting for infinity.

We recently added code to make sure Dovecot never just waits infinitely when 
nothing can wake it up. Looks like there's the maildirlock where such wait is 
intentional, because it just waits until a signal kills it.

> maildirlock is documented in Dovecot's manual, in this page:
> https://wiki2.dovecot.org/Plugins/Zlib 
> 

Maybe the solution is to just depecate the whole tool.. You can use dsync to do 
the initial compression. No other mailbox format has a similar feature, and I 
think Maildir shouldn't have such special features anymore.

Bug#923283: dovecot-sieve: panic in i_stream_concat_close: assertion failed: (cstream->cur_input == cstream->input[cstream->cur_idx])

[Timo Sirainen]

On 26 Feb 2019, at 9.20, Graham Cobb  wrote:
> 
> When processing a particular type of notification email, I consistently get 
> the
> following sieve crash during execution of /usr/lib/dovecot/dovecot-lda.
> (note, extracted from mail.log and reformatted a little for readability)
> 
> Feb 25 19:22:46 black dovecot: lda(cobb)<7721>: 
> Panic: file istream-concat.c:
> line 25 (i_stream_concat_close): assertion failed: (cstream->cur_input == 
> cstream->input[cstream->cur_idx])
..
> The actual line in the sieve script being executed at the time of the crash 
> is the first line of
> the following (the test would not be satisfied on this message):
> 
> if body :raw :contains "://docs.google.com" {
>addheader "X-GRC-SIEVE-Message" "Deleted by Google Docs low 
> tolerance filter";
>   fileinto "${spam_medium}";
>   stop;
>}
> 
> If I comment out that test, or even just remove the ":raw" clause, the script 
> executes.
> However a small script just containing that test does not crash.
> 
> I would rather not attach the full scripts to this report, but can provide 
> them to the
> maintainer if required.

Is this still happening? Could you send me/Stephan the full Sieve script that 
causes the crash? As you said, it's not enough to cause the crash with just 
that small snippet.

Bug#824212: dovecot-core: mail_access_groups must be set on Debian

[Timo Sirainen]

On 23 Jul 2016, at 02:28, Apollon Oikonomopoulos  wrote:
> 
> Hi,
> 
> On 18:05 Fri 22 Jul , Timo Sirainen wrote:
>> That would be a dangerous change. Users with shell access could 
>> symlink (or hardlink) other peoples' inboxes to their own folders and 
>> read them.
> 
> IIUC, a more secure approach here would be to set mail_privileged_group 
> to 'mail' and leave mail_access_groups unset, correct?

mail_privileged_group is only used for creating dotlock files. 
http://dovecot.org/list/dovecot-news/2008-March/60.html has some more 
explanations of this issue (mail_extra_groups was renamed to 
mail_access_groups). I added the same link now to 
http://wiki2.dovecot.org/Errors/ChgrpNoPerm

Dovecot isn't really compatible with having mbox files being 0660 mode and 
having a shared (mail-)group. If the mode can't be changed to 0600, I don't 
think there's much that can be done now. I think it'll still work even though 
it logs errors about not being able to change ~/mail/.INBOX/* files' group? So 
what might be a possibility is to just not log that error if it's happening 
specifically to mbox INBOX.

Bug#824212: dovecot-core: mail_access_groups must be set on Debian

[Timo Sirainen]

That would be a dangerous change. Users with shell access could symlink (or 
hardlink) other peoples' inboxes to their own folders and read them.

> Francois Gouget  kirjoitti 13.5.2016 kello 13.49:
> 
> Package: dovecot-core
> Version: 1:2.2.23-1
> Severity: normal
> 
> On Debian the mail inboxes belong to the mail group as per the
> SystemGroups policy:
> https://wiki.debian.org/SystemGroups
> 
> | * mail: Mailboxes in /var/mail are owned by group mail, as explained
> |   in policy. The user and group are used for other purposes by
> |   various MTA's as well. 
> 
> Furthermore their permissions are 0660 which is the only value that
> makes sense. So with the default configuration dovecot cannot access
> the inboxes and fails with the following error:
> 
> May 13 20:23:00 amboise dovecot: imap(fgouget): Error: 
> fchown(/home/fgouget/mail/.imap/INBOX, group=8(mail)) failed: Operation not 
> permitted (egid=1000(fgouget), group based on /var/mail/fgouget - see 
> http://wiki2.dovecot.org/Errors/ChgrpNoPerm)
> 
> 
> The fix is to set 'mail_access_groups = mail' in
> /etc/dovecot/conf.d/10-mail.conf, which should be the default for the
> Debian package.
> 
> 
> -- Package-specific info:
> 
> dovecot configuration
> -
> # 2.2.23 (806d709): /etc/dovecot/dovecot.conf
> # Pigeonhole version 0.4.13 (7b14904)
> # OS: Linux 4.5.0-1-amd64 x86_64 Debian stretch/sid 
> mail_access_groups = mail
> mail_location = mbox:~/mail:INBOX=/var/mail/%u
> namespace inbox {
>  inbox = yes
>  location = 
>  mailbox Drafts {
>special_use = \Drafts
>  }
>  mailbox Junk {
>special_use = \Junk
>  }
>  mailbox Sent {
>special_use = \Sent
>  }
>  mailbox "Sent Messages" {
>special_use = \Sent
>  }
>  mailbox Trash {
>special_use = \Trash
>  }
>  prefix = 
> }
> passdb {
>  driver = pam
> }
> protocols = " imap"
> ssl = required
> ssl_cert =  ssl_key =  userdb {
>  driver = passwd
> }
> 
> -- System Information:
> Debian Release: stretch/sid
>  APT prefers testing
>  APT policy: (990, 'testing'), (500, 'stable')
> Architecture: amd64 (x86_64)
> Foreign Architectures: i386
> 
> Kernel: Linux 4.5.0-1-amd64 (SMP w/8 CPU cores)
> Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
> Init: systemd (via /run/systemd/system)
> 
> Versions of packages dovecot-core depends on:
> ii  adduser  3.114
> ii  init-system-helpers  1.31
> ii  libbz2-1.0   1.0.6-8
> ii  libc62.22-7
> ii  libexttextcat-2.0-0  3.4.4-1
> ii  liblz4-1 0.0~r131-2
> ii  liblzma5 5.1.1alpha+20120614-2.1
> ii  libpam-runtime   1.1.8-3.2
> ii  libpam0g 1.1.8-3.2
> ii  libssl1.0.2  1.0.2h-1
> ii  libstemmer0d 0+svn585-1
> ii  libwrap0 7.6.q-25
> ii  openssl  1.0.2h-1
> ii  ucf  3.0036
> ii  zlib1g   1:1.2.8.dfsg-2+b1
> 
> dovecot-core recommends no packages.
> 
> Versions of packages dovecot-core suggests:
> pn  dovecot-gssapi
> ii  dovecot-imapd 1:2.2.23-1
> pn  dovecot-ldap  
> pn  dovecot-lmtpd 
> pn  dovecot-lucene
> pn  dovecot-managesieved  
> pn  dovecot-mysql 
> pn  dovecot-pgsql 
> pn  dovecot-pop3d 
> pn  dovecot-sieve 
> pn  dovecot-solr  
> pn  dovecot-sqlite
> ii  ntp   1:4.2.8p7+dfsg-3
> 
> Versions of packages dovecot-core is related to:
> ii  dovecot-core [dovecot-common]  1:2.2.23-1
> pn  dovecot-dbg
> pn  dovecot-dev
> pn  dovecot-gssapi 
> ii  dovecot-imapd  1:2.2.23-1
> pn  dovecot-ldap   
> pn  dovecot-lmtpd  
> pn  dovecot-managesieved   
> pn  dovecot-mysql  
> pn  dovecot-pgsql  
> pn  dovecot-pop3d  
> pn  dovecot-sieve  
> pn  dovecot-sqlite 
> 
> -- no debconf information

Bug#804622: -x auth_info is a required parameter, at least with SQL

[Timo Sirainen]

On 22 Jul 2016, at 04:44, martin f krafft  wrote:
> 
> also sprach Timo Sirainen  [2016-07-22 09:51 +0200]:
>>   pgsql: Query failed, aborting: SELECT p.userid, p.password, u.uid AS 
>> userdb_uid, u.gid AS userdb_gid, u.home AS userdb_home, u.mail AS 
>> userdb_mail FROM dovecotpassword('test','pantsfullofunix.net') p, 
>> dovecotuser('test', 'pantsfullofunix.net') u WHERE doveadm
>> 
>> So here it means that the passdb_query has something like "...
>> WHERE %s". The %s expands to the service name, which could be any
>> of imap, pop3, lmtp, doveadm, sieve, and several others. In this
>> database apparently there are "imap" and "pop3" fields in the
>> database but not "doveadm" and maybe not the others. When using
>> "doveadm auth" without explicitly specifying the service name, it
>> also defaults to "doveadm".
> 
> Thanks for the explanation. Just one question: does it make sense to
> default to doveadm in this case? It's not really a service, or is
> it?

It is a service, and people have used it to implement special doveadm-specific 
passdb/userdb queries.

> Wouldn't it be better to make the service parameter required, or
> use a 'true' (tautological) default?

These solutions are highly specific to your configuration and wouldn't be 
useful for most others.

Bug#804622: -x auth_info is a required parameter, at least with SQL

[Timo Sirainen]

On 22 Jul 2016, at 01:10, Apollon Oikonomopoulos  wrote:
> 
> Hi Martin,
> 
> On 22:00 Tue 12 Jul , martin f krafft wrote:
>> Attached is the auth conf. The failing command is 'doveadm auth'
>> without any -x parameter.
> 
> I'm afraid we'll also need the actual query from dovecot-sql.conf.ext.

The initial report says:

   pgsql: Query failed, aborting: SELECT p.userid, p.password, u.uid AS 
userdb_uid, u.gid AS userdb_gid, u.home AS userdb_home, u.mail AS userdb_mail 
FROM dovecotpassword('test','pantsfullofunix.net') p, dovecotuser('test', 
'pantsfullofunix.net') u WHERE doveadm

So here it means that the passdb_query has something like "... WHERE %s". The 
%s expands to the service name, which could be any of imap, pop3, lmtp, 
doveadm, sieve, and several others. In this database apparently there are 
"imap" and "pop3" fields in the database but not "doveadm" and maybe not the 
others. When using "doveadm auth" without explicitly specifying the service 
name, it also defaults to "doveadm". This in turn leads to the query failing 
due to the doveadm field not existing in SQL. This is all working as intended 
and I can't think of anything that could be fixed or improved here on Dovecot's 
side. It's not only doveadm that is failing with this config, but various other 
pieces of Dovecot that just aren't (currently) being used by Martin.

Bug#810295: WARNING: Serious error when reading debug info

[Timo Sirainen]

On Sat, 9 Jan 2016 14:15:16 + Alessandro Ghedini  wrote:
> On Fri, Jan 08, 2016 at 01:31:48PM +1100, Martin Schwenke wrote:
> > Package: valgrind
> > Version: 1:3.11.0-1
> > Severity: important
> > 
> > When I run valgrind against anything, I see warnings like this:
> > 
> > $ valgrind -q /bin/echo
> > --14923-- WARNING: Serious error when reading debug info
> > --14923-- When reading debug info from /lib/x86_64-linux-gnu/ld-2.21.so:
> > --14923-- Ignoring non-Dwarf2/3/4 block in .debug_info
> > --14923-- WARNING: Serious error when reading debug info
> > --14923-- When reading debug info from /lib/x86_64-linux-gnu/ld-2.21.so:
> > --14923-- Last block truncated in .debug_info; ignoring
> > --14923-- WARNING: Serious error when reading debug info
> > --14923-- When reading debug info from /lib/x86_64-linux-gnu/ld-2.21.so:
> > --14923-- parse_CU_Header: is neither DWARF2 nor DWARF3 nor DWARF4
> > --14923-- WARNING: Serious error when reading debug info
> > --14923-- When reading debug info from /lib/x86_64-linux-gnu/libc-2.21.so:
> > --14923-- Ignoring non-Dwarf2/3/4 block in .debug_info
> > --14923-- WARNING: Serious error when reading debug info
> > --14923-- When reading debug info from /lib/x86_64-linux-gnu/libc-2.21.so:
> > --14923-- Last block truncated in .debug_info; ignoring
> > --14923-- WARNING: Serious error when reading debug info
> > --14923-- When reading debug info from /lib/x86_64-linux-gnu/libc-2.21.so:
> > --14923-- parse_CU_Header: is neither DWARF2 nor DWARF3 nor DWARF4
> 
> I think this may be related to https://bugs.debian.org/780173. The glibc
> package recently enabled compressed debug symbols but valgrind doesn't
> support them yet. Though I'm not sure what would be a good way to verify
> this.
> 
> As for solutions, we can wait for valgrind to add support for compressed
> symbols or ask the glibc maintainers to not compress debug symbols. Either
> way there's not much I, as maintainer of valgrind, can do about this.

Looks like valgrind upstream implemented support for compressed debug symbols: 
https://bugs.kde.org/show_bug.cgi?id=303877

Would be nice to get it included in the Debian valgrind package.

Bug#818652: dovecot-imapd: Crash upon virtual folder selection after update to 1:2.2.21-1 (follow-up)

[Timo Sirainen]

On 25 Mar 2016, at 21:26, Sylvain LÉVÊQUE  
wrote:
> 
>> This line tell me it is a null pointer to a struct with at least 0x20
>> members being used in mail_search_args_equal():
> 
> Thank you for this.
> 
> The crash is reproducible by issuing a UID search similar to the
> virtual folder definition.
> 
> In imapfilter terms, it means that if I issue
> mails = localhost['INBOX']:send_query('OR (INTHREAD REFS SEEN) (SEEN)')
> then I also have a crash (note that this is not a virtual folder anymore).
> 
> I'm willing to help further, but for now, this is impacting me too
> much, so I will downgrade back to 2.2.18.
> 
> I wonder if src/lib-storage/test-mail-search-args-imap.c could help,
> but my attempts miserably failed (panicking on both 2.2.18 and 2.2.22
> so I'm doing something wrong).

This is fixed by 
https://github.com/dovecot/core/commit/f7cc532e59ae1b7eda9a2d838fe54a6e59289f53

Bug#784704: postal: [PATCH] Crashes randomly due to buffer underflow

[Timo Sirainen]

Package: postal
Version: 0.73+nmu1
Severity: important

I can't run Postal for more than a few minutes before it crashes. Fix included 
below.

diff -ru postal-0.73/smtp.cpp ../postal-0.73+nmu1/smtp.cpp
--- postal-0.73/smtp.cpp2012-01-14 14:38:45.0 +0200
+++ ../postal-0.73+nmu1/smtp.cpp2015-02-13 13:36:06.583435283 +0200
@@ -77,7 +77,8 @@
 int offset = random() % (MAP_SIZE - (len - 2));
 memcpy(buf, &m_randBuf[offset], len - 2);
   }
-  strcpy(buf + len - 2, "\r\n");
+  if (len >= 2)
+strcpy(buf + len - 2, "\r\n");
 }

 const int max_line_len = 79;

--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#776094: dovecot-imapd: corrupts mailbox after trying to retrieve it (fwd)

[Timo Sirainen]

On 14 Feb 2015, at 16:23, Santiago Vila  wrote:

> I wrote about this three weeks ago but got no answer. I'm going to
> officially "forward" the Debian bug this time, with all the details.
> 
> The test case is just 840 bytes long. Please give it a try.
..
> Package: dovecot-imapd
> Version: 1:2.2.13-11
> Severity: serious

I can't reproduce with latest Dovecot hg. But just in case it's still not 
fixed, there are two important things:

1) Send your doveconf -n output, since there are some settings that can affect 
this

2) rm -rf ~/mail/.imap/inbox-b before testing to make sure indexes don't cause 
this problem.

> The following mbox folder, when put in $HOME/mail, becomes corrupted after
> trying to retrieve it with fetchmail.
> 
> The problem may be reproduced by using the same machine as server and client:
> 
> * Put "inbox-b" in $HOME/mail
> 
> * Put this in $HOME/.fetchmailrc
> 
> server localhost proto imap port 143:
> user "someuser"
> pass "thepassword"
> 
> * Retrieve email using this command line:
> 
> fetchmail -a localhost --folder inbox-b -m "true"
> 
> 
> Note: By looking at the "true" above it is clear that whatever
> fetchmail does with the message is not important at all.
> 
> 
> You will see something like this:
> 
> 12 messages for someuser at localhost (folder inbox-b).
> reading message someuser@localhost:1 of 12 (171 header octets) (3 body 
> octets) flushed
> reading message someuser@localhost:2 of 12 (245 header octets) (3 body 
> octets) flushed
> reading message someuser@localhost:3 of 12 (245 header octets) (3 body 
> octets) flushed
> reading message someuser@localhost:4 of 12 (245 header octets) (3 body 
> octets) flushed
> reading message someuser@localhost:5 of 12 (245 header octets) (3 body 
> octets) flushed
> reading message someuser@localhost:6 of 12 (171 header octets) (3 body 
> octets) flushed
> reading message someuser@localhost:7 of 12 (171 header octets) (3 body 
> octets) flushed
> reading message someuser@localhost:8 of 12 (245 header octets) (3 body 
> octets) flushed
> reading message someuser@localhost:9 of 12 (245 header octets) (3 body 
> octets) flushed
> reading message someuser@localhost:10 of 12 (245 header octets) (3 body 
> octets) flushed
> reading message someuser@localhost:11 of 12 (245 header octets) (3 body 
> octets) flushed
> reading message someuser@localhost:12 of 12 (273 header octets)fetchmail: 
> incorrect header line found - see manpage for bad-header option
> not flushed
> 
> 
> And in fact "inbox-b" in the server is now like this:
> 
> [...]
>> From r...@example.com  Tue Jan 13 10:18:20 2015
> rstuvwxyzabcdefghijklmnopqrstuvw...@example.com
> To: a...@example.com
> Subject: a
> MIME-Version: 1.0
> Content-Type: text/plain; charset=UTF-8
> Content-Transfer-Encoding: 8bit
> Message-Id: <20150113091737.b5ada5f...@example.com>
> Date: Tue, 13 Jan 2015 10:17:25 +0100 (CET)
> X-UID: 16035
> Status: O
> 
> a
> 
> 
> Note how the From: line has been truncated from its original state.
> 
> 
> I have been suffering from this problem for months. At first I believed
> it was some misbehaving procmail/formail recipe I had on the server,
> but that's not the case as this example shows.
> 
> Thanks.


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#725466: [LCFC] templates://dovecot/{dovecot-core.templates}

[Timo Sirainen]

On 30.10.2013, at 20.50, Justin B Rye  wrote:

> Christian PERRIER wrote:
>> This is the last call for comments for the review of debconf
>> templates for dovecot.
> 
> Weren't we thinking of changing "Description: secure mail system" to
> "Description: secure POP3/IMAP server”?

There’s also LMTP and ManageSieve servers. In v2.3 most likely there will be 
SMTP submission server as well. And in v2.4+ there will probably be more.. We 
have also implemented HTTP server+proxy, but I’m not sure if they’re going to 
become useful beyond their internal use cases.

So for now I guess it’s not that bad to say just IMAP/POP3 server, but it’s 
definitely changing in future.


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#724449: dovecot-imapd eating 100% cpu

[Timo Sirainen]

On 24.9.2013, at 1.20, Nikolaus Rath  wrote:

> It seems that every once in a while the imap-login process gets
> out of control, eating 100% CPU over multiple hours. 
> 
> Attaching gdb, I'm getting this:
> 
> (gdb) bt
> #0  0x7fffe54a5a56 in gettimeofday ()
> #1  0x7fee6d9f1f8a in gettimeofday () from /lib/x86_64-linux-gnu/libc.so.6
> #2  0x7fee6dd2fcb5 in io_loop_handle_timeouts () from 
> /usr/lib/dovecot/libdovecot.so.0
> #3  0x7fee6dd30c7b in io_loop_handler_run () from 
> /usr/lib/dovecot/libdovecot.so.0
> #4  0x7fee6dd2fa28 in io_loop_run () from /usr/lib/dovecot/libdovecot.so.0

This is the generic waiting loop. I guess it's rapidly doing that.

> Anything I can do to debug this better?

See what strace -tt shows for the process?


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#720559: libqt5-dev: Package not installable

[Timo Sirainen]

Package: libqt5-dev
Severity: grave
Justification: renders package unusable

Package can't be installed, because libqt5x11extras-dev doesn't exist:

 libqt5-dev : Depends: libqt5x11extras-dev but it is not installable

-- System Information:
Debian Release: 7.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.10.0-rc4-00157-g29eb778 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=fi_FI.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#720558: libqt5-dev: Package not installable

[Timo Sirainen]

Package: libqt5-dev
Version: 3
Justification: renders package unusable
Severity: grave

Package can't be installed, because libqt5x11extras-dev doesn't exist:

 libqt5-dev : Depends: libqt5x11extras-dev but it is not installable

-- System Information:
Debian Release: 7.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.10.0-rc4-00157-g29eb778 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=fi_FI.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#712764: dovecot-core: libnss_ldap.so not found

[Timo Sirainen]

On 19.6.2013, at 12.53, Micha Krause  wrote:

> userdb {
>  args = service=ldap
>  driver = nss
> }
> 
> I get the following error written to the mail.log:
> 
> Jun 19 11:37:04 mailint1 dovecot: auth: Fatal: 
> dlopen(/usr/lib/libnss_ldap.so) failed: /usr/lib/libnss_ldap.so: cannot open 
> shared object file: No such file or directory
> Jun 19 11:37:04 mailint1 dovecot: pop3-login: Disconnected: Auth process 
> broken (disconnected before greeting, waited 0 secs): user=<>, rip=10.2.1.61, 
> lip=10.2.0.37, TLS handshaking, session=
> 
> Indeed the path of libnss_ldap.so changed to 
> /usr/lib/x86_64-linux-gnu/libnss_ldap.so in wheezy.

Userdb nss is somewhat of a kludge that I don't think is necessary anymore 
anyway. It was originally added because of getpwent()'s lack of error 
reporting, but later I realized there's a getpwent_r() that does report errors. 
So userdb passwd should be a perfect replacement.


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#708221: dovecot-imapd: can't read mailbox since upgrade (cache issue? renaming files?)

[Timo Sirainen]

On 14.5.2013, at 15.53, Jonathan Dowland  wrote:

> Hello,
> 
> On Tue, May 14, 2013 at 01:37:48PM +0300, Timo Sirainen wrote:
>> The maildir filename has wrong S=size value.
> 
> That's strange. the ,S= values were all almost certainly set by dovecot 
> version
> 1:1.2.15-7, so I wonder why they are set incorrectly.

I don't remember any specific Dovecot bugs that caused this, but I guess it's 
possible that nobody just noticed them until now.

>> Dovecot should fix this automatically, but since it does it only one failure
>> at a time it can take a while..
> 
> Indeed, I'd suggest that the current behaviour (fix one file, then break the
> IMAP connection) is a bug. It seems the open() logic is not aware that the
> filename has been changed.

The problem is that IMAP client needs to be disconnected after noticing this 
error. I guess it would be possible for Dovecot to just rescan all of the mails 
in the mailbox when seeing such an error, but if there really is just one 
message that was broken doing this would be very inefficient.

>> Other solutions would be to either have Dovecot ignore the value with
>> maildir_broken_filename_sizes=yes
> 
> The check is there to protect against truncation/corruption, right? So it
> would probably be best for it to be left on.

This means that when Dovecot wants to know the message size and it's not 
already cached, it uses stat() instead of taking it from the S=size in 
filename. So it makes the performance a tiny bit worse in some situations.


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#707602: /usr/sbin/dovecot: Uppercase username converted by dovecot to lowercase, pam-login fails

[Timo Sirainen]

On Thu, 2013-05-09 at 09:41 -0700, PePa wrote:

> Upon upgrade to wheezy, my mixed-case username which previously showed up in 
> the dovecot logs as intended, now is converted to lowercase,
> and the pam-login fails. Please advise what I can do to get it working again!!

auth_username_format = %u


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#708221: dovecot-imapd: can't read mailbox since upgrade (cache issue? renaming files?)

[Timo Sirainen]

On 14.5.2013, at 12.41, Jonathan Dowland  wrote:

> Since upgrading from squeeze → wheezy, I cannot connect to dovecot-imapd
> and read my mail. It reads the inbox and then disconnects shortly afterwards.
> I see the following in my mail.err:
> 
>> May 14 10:20:26 bryant dovecot: imap(jon): Error: Cached message size 
>> smaller than expected (9703 < 9706)
>> May 14 10:20:26 bryant dovecot: imap(jon): Error: Maildir filename has wrong 
>> S value, renamed the file from 
>> /home/jon/Maildir/cur/1327480683.M217409P17453.pris,S=9703,W=9933:2,ae to 
>> /home/jon/Maildir/cur/1327480683.M217409P17453.pris,S=9706:2,ae
>> May 14 10:20:26 bryant dovecot: imap(jon): Error: Corrupted index cache file 
>> /home/jon/Maildir/dovecot.index.cache: Broken physical size for mail UID 8
>> May 14 10:20:26 bryant dovecot: imap(jon): Error: 
>> read(/home/jon/Maildir/cur/1327480683.M217409P17453.pris,S=9703,W=9933:2,ae) 
>> failed: Input/output error (FETCH for mailbox INBOX UID 8)

The maildir filename has wrong S=size value. Dovecot should fix this 
automatically, but since it does it only one failure at a time it can take a 
while.. Other solutions would be to either have Dovecot ignore the value with 
maildir_broken_filename_sizes=yes or run a script that fixes the filenames: 
http://www.dovecot.org/tools/maildir-size-fix.pl


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#699121: dovecot-core: Cannot iterate through users list on Debian GNU/kFreeBSD AMD64 Wheezy

[Timo Sirainen]

On Wed, 2013-03-13 at 00:00 -0700, Joel Lopes Da Silva wrote:
> > As you noticed, apparently getsockopt(SO_PEERCRED) doesn't work with
> > kFreeBSD. You can anyway work around the problem by giving everyone
> > access to the userdb socket:
> > 
> > service auth {
> >  unix_listener userdb {
> >mode = 0777
> >  }
> > }
> 
> This workaround works for me. Thanks Timo.
> 
> Do you think there might be an equivalent API we could use on kFreeBSD to 
> accomplish the same behavior as the one available on Linux?

src/lib/net.c net_getunixcred() has multiple ways to do it for different
OSes. You could try if one of them works.


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#699121: dovecot-core: Cannot iterate through users list on Debian GNU/kFreeBSD AMD64 Wheezy

[Timo Sirainen]

On Sun, 2013-01-27 at 12:21 -0800, Joel Lopes Da Silva wrote:

> # doveadm fetch -A user ALL
> doveadm(root): Error: userdb list: Disconnected unexpectedly
> doveadm: Error: Failed to iterate through some users
> zsh: exit 75doveadm fetch -A user ALL
..
> Jan 27 11:47:18 orange dovecot: auth: Error: userdb connection: Failed to get 
> peer's credentials

As you noticed, apparently getsockopt(SO_PEERCRED) doesn't work with
kFreeBSD. You can anyway work around the problem by giving everyone
access to the userdb socket:

service auth {
  unix_listener userdb {
mode = 0777
  }
}


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#697760: dovecot-core: ssl_cert/key should be specific to each protocol

[Timo Sirainen]

On 9.1.2013, at 15.04, Teodor  wrote:

> It appears that these settings are common for all protocols:
> 
>ssl_cert = ssl_key =  
> I would like to set different hostnames (and IP addresses) for IMAP and
> POP3, but this is not possible right now because ssl_cert and ssl_key
> are global parameters.
> 
> Please make these parameters specific to each protocol.

protocol imap {
  ssl_cert = 

Bug#695138: dovecot: CVE-2012-5620

[Timo Sirainen]

Not a security hole. A user can crash his/her own session. As bad as issuing a 
LOGOUT command. Completely pointless CVE.

On 4.12.2012, at 17.04, Moritz Muehlenhoff wrote:

> Package: dovecot
> Severity: grave
> Tags: security
> Justification: user security hole
> 
> This entry from 
> http://www.dovecot.org/list/dovecot-news/2012-November/000235.html
> was assigned CVE-2012-5620:
> 
>> imap: Fixed crash when SEARCH contained multiple KEYWORD parameters.
> 
> Fix:
> http://hg.dovecot.org/dovecot-2.1/rev/0306792cc843
> 
> The posting on oss-security claims 1.2 doesn't contain the affected code:
> http://seclists.org/oss-sec/2012/q4/395
> 
> However, mail_search_keywords_merge() also exists in 1.2.15 from Squeeze, so
> this needs further investigation or clarification from upstream.
> 
> Cheers,
>Moritz
> 


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#686931: closed by jald...@debian.org (Jaldhar H. Vyas) (Bug#686931: fixed in dovecot 1:2.1.7-3)

[Timo Sirainen]

On 27.11.2012, at 10.40, Svante Signell wrote:

> Hi, looks like one PATH_MAX issue remains in 2.1.7. Don't know if the
> latest version 2.1.10 has solved it. The inlined patch below solves the
> remaining build problem. One unclear point in the patch is if linkbuf
> should be freed or not (probably it should).

It shouldn't. The compiler warning you get should discourage you from doing 
that. :)

> Thanks! 
> --- a/pigeonhole/src/lib-sievestorage/sieve-storage-script.c
> 2012-11-27 07:03:30.0 +
> +++ b/pigeonhole/src/lib-sievestorage/sieve-storage-script.c
> 2012-11-27 08:29:16.0 +
> @@ -23,6 +23,7 @@
> #include 
> #include 
> #include 
> +#include "abspath.h"
> 
> struct sieve_storage_script {
>struct sieve_file_script file;  
> @@ -118,12 +119,12 @@ static struct sieve_script *sieve_storag
> static int sieve_storage_read_active_link
> (struct sieve_storage *storage, const char **link_r)
> {
> -  char linkbuf[PATH_MAX];
> +  const char *linkbuf;
>   int ret;
> 
>*link_r = NULL;
> 
> -   ret = readlink(storage->active_path, linkbuf, sizeof(linkbuf));
> +   ret = t_readlink(storage->active_path, &linkbuf);
> 
>if ( ret < 0 ) {
>if (errno == EINVAL) {
> @@ -151,6 +152,7 @@ static int sieve_storage_read_active_lin
> 
>/* ret is now assured to be valid, i.e. > 0 */
>*link_r = t_strndup(linkbuf, ret);
> +   free(linkbuf);
>return 1;
> }
> 
> 
> 
> 


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#686931: dovecot: FTBFS on hurd-i386

[Timo Sirainen]

On 7.9.2012, at 12.45, Svante Signell wrote:

> Hi, the inlined patch below enables a successful build of dovecot for
> GNU/Hurd. Since neither PATH_MAX nor PIPE_BUF is defined for Hurd,
> scaled versions of the corresponding _POSIX_* definitions are used.
> 
> The number of entries of PATH_MAX are too many to make dynamic string
> allocation unless upstream is interested.

I actually removed the PATH_MAX usage for HURD once already but then forgot 
about it. There were 2 places in the code where I had to remove them again 
(messed up the first commit a bit) :

http://hg.dovecot.org/dovecot-2.1/rev/75aadea5c2a2
http://hg.dovecot.org/dovecot-2.1/rev/2a44991cbf66

> Regarding PIPE_BUF size I
> don't know which value to use so the same as for GNU/Linux is chosen
> (8*512=4096).


http://hg.dovecot.org/dovecot-2.1/rev/6cac808c4bd8


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#680035: Dovecot v2.1.8 released

[Timo Sirainen]

On 3.7.2012, at 9.16, Jaldhar H. Vyas wrote:

>> Most importantly fixes a pretty bad behavior of sending mailbox names as
>> UTF-8 instead of mUTF-7 as required by IMAP RFC. I'm surprised nobody
>> hadn't noticed this in v2.1.x tree before yesterday. I guess some
>> clients might have translated the name to UTF-8 anyway and not noticed
>> it, while others would have silently ignored the problem of not seeing
>> STATUS updates.
> 
> Now that wheezy has frozen, the ftpmasters are not at all likely to let in a 
> new version unless it fixes critical/security-related bugs.  None of these 
> issues seem crtical to me.


Using UTF8 in mailbox names is a rather serious mistake. I'd hate it if Debian 
distributed a Dovecot version for next several years with known broken IMAP 
behavior. It visibly breaks some IMAP clients and causes silent problems with 
others. The patches to fix these are pretty small:

http://hg.dovecot.org/dovecot-2.1/rev/a698fccd37c3
http://hg.dovecot.org/dovecot-2.1/rev/880af3c78df9
http://hg.dovecot.org/dovecot-2.1/rev/90270c054e1f

The first one (STATUS) being the most important, the second two much less so.




--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#679752: dovecot-core: Initialization failed: Duplicate namespace prefix

[Timo Sirainen]

On 1.7.2012, at 13.28, Graham Cobb wrote:

> I have the following configuration information in a file called 
> /etc/dovecot/conf.d/50-grc.conf:
> 
> namespace {
>  hidden = no
>  inbox = no
>  location = maildir:~/dovecot
>  prefix =
>  separator = /
>  type = private
> }
> 
> I had to edit the file 10-mail.conf to comment out the "namespace inbox" 
> section.  This need to edit a conffile defeats the object of having a 
> configuration directory with ordered entries -- it should be possible to
> override the distributed settings!

You could override it by naming your above namespace also inbox.




-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#664625: Error: Module is for different version

[Timo Sirainen]

The way it should work when upgrading is:

1. Stop dovecot
2. Install files for all new dovecot packages
3. Start dovecot

Is that possible? Or most importantly dovecot-core and dovecot-managesieved 
needs to be installed in the same step.

An alternative would be to move libmanagesieve_login_settings.so and 
libmanagesieve_settings.so to dovecot-core package. I don't think they require 
anything from the managesieve packages.

On 1.6.2012, at 18.01, Gedalya wrote:

> Looks like this is now happening but only for managesieve:
> 
> Just upgraded my server to the version in sid, with the following results
> 
> root@mail:~# apt-get install dovecot-core
> Reading package lists... Done
> Building dependency tree
> Reading state information... Done
> The following packages were automatically installed and are no longer 
> required:
>  libboost-iostreams1.48.0 libcloog-ppl0 libdigest-sha1-perl libev4 
> libgmpxx4ldbl libppl-c4 libppl9 libpwl5 libpython2.6
> Use 'apt-get autoremove' to remove them.
> The following extra packages will be installed:
>  dovecot-imapd dovecot-managesieved dovecot-mysql dovecot-pop3d dovecot-sieve
> Suggested packages:
>  dovecot-gssapi dovecot-pgsql dovecot-sqlite dovecot-ldap dovecot-lmtpd 
> dovecot-solr
> The following packages will be upgraded:
>  dovecot-core dovecot-imapd dovecot-managesieved dovecot-mysql dovecot-pop3d 
> dovecot-sieve
> 6 upgraded, 0 newly installed, 0 to remove and 77 not upgraded.
> Need to get 4,961 kB of archives.
> After this operation, 1,700 kB of additional disk space will be used.
> Do you want to continue [Y/n]? y
> Get:1 http://mirror.cc.columbia.edu/debian/ sid/main dovecot-managesieved 
> i386 1:2.1.7-1 [388 kB]
> Get:2 http://mirror.cc.columbia.edu/debian/ sid/main dovecot-sieve i386 
> 1:2.1.7-1 [587 kB]
> Get:3 http://mirror.cc.columbia.edu/debian/ sid/main dovecot-pop3d i386 
> 1:2.1.7-1 [360 kB]
> Get:4 http://mirror.cc.columbia.edu/debian/ sid/main dovecot-mysql i386 
> 1:2.1.7-1 [341 kB]
> Get:5 http://mirror.cc.columbia.edu/debian/ sid/main dovecot-imapd i386 
> 1:2.1.7-1 [421 kB]
> Get:6 http://mirror.cc.columbia.edu/debian/ sid/main dovecot-core i386 
> 1:2.1.7-1 [2,864 kB]
> Fetched 4,961 kB in 1s (3,579 kB/s)
> Reading changelogs... Done
> (Reading database ... 34228 files and directories currently installed.)
> Preparing to replace dovecot-managesieved 1:2.0.18-1 (using 
> .../dovecot-managesieved_1%3a2.1.7-1_i386.deb) ...
> [ ok ] Stopping IMAP/POP3 mail server: dovecot.
> Unpacking replacement dovecot-managesieved ...
> doveconf: Error: Module is for different version 2.1.7: 
> /usr/lib/dovecot/modules/settings/libmanagesieve_login_settings.so
> doveconf: Error: Module is for different version 2.1.7: 
> /usr/lib/dovecot/modules/settings/libmanagesieve_settings.so
> doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: 
> protocols: Unknown protocol: sieve
> [] Starting IMAP/POP3 mail server: dovecotdoveconf: Error: Module is for 
> different version 2.1.7: 
> /usr/lib/dovecot/modules/settings/libmanagesieve_login_settings.so
> doveconf: Error: Module is for different version 2.1.7: 
> /usr/lib/dovecot/modules/settings/libmanagesieve_settings.so
> doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: 
> protocols: Unknown protocol: sieve
> failed!
> invoke-rc.d: initscript dovecot, action "start" failed.
> dpkg: warning: subprocess old post-removal script returned error exit status 1
> dpkg - trying script from the new package instead ...
> doveconf: Error: Module is for different version 2.1.7: 
> /usr/lib/dovecot/modules/settings/libmanagesieve_login_settings.so
> doveconf: Error: Module is for different version 2.1.7: 
> /usr/lib/dovecot/modules/settings/libmanagesieve_settings.so
> doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: 
> protocols: Unknown protocol: sieve
> [] Starting IMAP/POP3 mail server: dovecotdoveconf: Error: Module is for 
> different version 2.1.7: 
> /usr/lib/dovecot/modules/settings/libmanagesieve_login_settings.so
> doveconf: Error: Module is for different version 2.1.7: 
> /usr/lib/dovecot/modules/settings/libmanagesieve_settings.so
> doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: 
> protocols: Unknown protocol: sieve
> failed!
> invoke-rc.d: initscript dovecot, action "start" failed.
> dpkg: error processing 
> /var/cache/apt/archives/dovecot-managesieved_1%3a2.1.7-1_i386.deb (--unpack):
> subprocess new post-removal script returned error exit status 1
> [ ok ] Starting IMAP/POP3 mail server: dovecot.
> [ ok ] Restarting IMAP/POP3 mail server: dovecot.
> Preparing to replace dovecot-sieve 1:2.0.18-1 (using 
> .../dovecot-sieve_1%3a2.1.7-1_i386.deb) ...
> Unpacking replacement dovecot-sieve ...
> [ ok ] Starting IMAP/POP3 mail server: dovecot.
> Preparing to replace dovecot-pop3d 1:2.0.18-1 (using 
> .../dovecot-pop3d_1%3a2.1.7-1_i386.deb) ...
> [ ok ] Stopping IMAP/POP3 mail server: dovecot.
> Unpacking replacement 

Bug#663243: dovecot: Upgrade to the new stable release

[Timo Sirainen]

On Tue, 2012-05-29 at 16:20 -0400, Gedalya wrote:
> Since it's been announced that wheezy will be frozen by the end of June, 
> I'm wondering what will be the fate of dovecot in wheezy.
> The rate of bug reports on the dovecot mailing list has slowed down 
> considerably.
> 2.1.7 has just been released and it's looking like it has reached a 
> pretty mature state. Can we have that in before the freeze?
> Please? :-)

Agreed. Many of the bugs fixed in v2.1 tree exist also in v2.0 tree but
unfixed.





-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#673994: network-manager: Unmanaged NetworkManager reports state as offline

[Timo Sirainen]

Package: network-manager
Version: 0.9.4.0-4
Severity: important

By default NetworkManager is configured as managed=false. When programs
(e.g. Evolution) ask for connection state from NM, it says that network is
disconnected, making the program unusable. Please change NM to report
network as connected when managed=false.

-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-06540-g4c4d285 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages network-manager depends on:
ii  adduser3.113+nmu1
ii  dbus   1.5.12-1
ii  dpkg   1.16.3
ii  isc-dhcp-client4.2.2.dfsg.1-5
ii  libc6  2.13-32
ii  libdbus-1-31.5.12-1
ii  libdbus-glib-1-2   0.98-1
ii  libgcrypt111.5.0-3
ii  libglib2.0-0   2.32.2-1
ii  libgnutls262.12.19-1
ii  libgudev-1.0-0 175-3.1
ii  libnl-3-2003.2.7-2
ii  libnl-genl-3-200   3.2.7-2
ii  libnl-route-3-200  3.2.7-2
ii  libnm-glib40.9.4.0-3
ii  libnm-util20.9.4.0-3
ii  libpolkit-gobject-1-0  0.105-1
ii  libuuid1   2.20.1-4
ii  lsb-base   4.1+Debian2
ii  udev   175-3.1
ii  wpasupplicant  0.7.3-6

Versions of packages network-manager recommends:
ii  crda  1.1.2-1
ii  dnsmasq-base  2.61-1
ii  iptables  1.4.13-1.1
ii  modemmanager  0.5.2.0-1
ii  policykit-1   0.105-1
ii  ppp   2.4.5-5.1

Versions of packages network-manager suggests:
pn  avahi-autoipd  

-- Configuration Files:
/etc/NetworkManager/NetworkManager.conf changed [not included]

-- no debconf information





-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#671883: evolution: Can't install because of conflicting libcogl dependencies

[Timo Sirainen]

Package: evolution
Severity: grave
Justification: renders package unusable

evolution depends on libcogl-pango0 (>= 1.7.4), libcogl5 (>= 1.7.4)

libcogl-pango0 1.10.2-3 breaks libcogl5 (<< 1.10.0-1)

The highest libcogl5 version is 1.8.2-1

So, I can't install evolution.

-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-06540-g4c4d285 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages evolution depends on:
ii  dbus  1.5.12-1
ii  debconf [debconf-2.0] 1.5.43
ii  evolution-common  3.2.2-1
ii  evolution-data-server 3.2.2-3
ii  gconf23.2.5-1
ii  gnome-icon-theme  3.4.0-2
ii  libatk1.0-0   2.4.0-2
ii  libc6 2.13-32
ii  libcairo-gobject2 1.12.2-1
ii  libcairo2 1.12.2-1
ii  libcamel-1.2-29   3.2.2-3
ii  libcanberra-gtk3-00.28-4
ii  libcanberra0  0.28-4
ii  libclutter-1.0-0  
ii  libclutter-gtk-1.0-0  
ii  libcogl-pango0
ii  libcogl5  
ii  libdrm2   2.4.33-1
ii  libebackend-1.2-1 3.2.2-3
ii  libebook-1.2-12   3.2.2-3
ii  libecal-1.2-103.2.2-3
ii  libedataserver-1.2-15 3.2.2-3
ii  libedataserverui-3.0-13.2.2-3
ii  libenchant1c2a1.6.0-7
ii  libevolution  
ii  libfontconfig12.9.0-3
ii  libfreetype6  2.4.9-1
ii  libgail-3-0   3.4.1-2
ii  libgconf2-4   3.2.5-1
ii  libgdata130.12.0-1
ii  libgdk-pixbuf2.0-02.26.1-1
ii  libgl1-mesa-glx [libgl1]  8.0.2-2
ii  libglib2.0-0  2.32.2-1
ii  libgnome-desktop-3-2  3.4.1-2
ii  libgtk-3-03.4.1-2
ii  libgtkhtml-4.0-0  4.2.2-1
ii  libgtkhtml-editor-4.0-0   4.2.2-1
ii  libgweather-3-0   3.4.1-1
ii  libical0  0.48-1
ii  libjson-glib-1.0-00.14.2-1
ii  libmx-1.0-2   
ii  libnotify40.7.5-1
ii  libnspr4-0d   4.9-1
ii  libnss3-1d3.13.4-1
ii  libpango1.0-0 1.30.0-1
ii  libsoup-gnome2.4-12.38.1-2
ii  libsoup2.4-1  2.38.1-2
ii  libsqlite3-0  3.7.11-3
ii  libx11-6  2:1.4.99.901-2
ii  libxcomposite11:0.4.3-2
ii  libxdamage1   1:1.1.3-2
ii  libxext6  2:1.3.1-2
ii  libxfixes31:5.0-4
ii  libxi62:1.6.0-1
ii  libxml2   2.7.8.dfsg-9
ii  psmisc22.16-1

Versions of packages evolution recommends:
ii  bogofilter | spamassassin  
ii  evolution-plugins  
ii  evolution-webcal   2.32.0-2
ii  yelp   3.4.1-1

Versions of packages evolution suggests:
ii  evolution-dbg   
ii  evolution-exchange  
ii  evolution-plugins-experimental  
ii  gnupg   1.4.12-4
ii  network-manager 0.9.4.0-3



--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#661008: dovecot-imapd: Corrupted index cache file

[Timo Sirainen]

On 23.2.2012, at 16.36, Thomas Herrmann wrote:

> Feb 22 09:19:41 mailsrv2 dovecot: IMAP(us...@domain.de): Corrupted index 
> cache file /home/vmail/domain.de/user1/public/.foo/dovecot.index.cache: field 
> header names corrupted
> Feb 23 13:20:27 mailsrv2 dovecot: IMAP(us...@domain.de): Corrupted index 
> cache file /home/vmail/domain.de/user2/Maildir/.bar/dovecot.index.cache: 
> record continues outside its allocated size
> Feb 23 13:33:30 mailsrv2 dovecot: IMAP(us...@domain.de): Corrupted index 
> cache file /home/vmail/domain.de/user3/public/.baz/dovecot.index.cache: 
> invalid record size

Well, these shouldn't normally happen. I recently did one fix to cache file 
handling, but I don't know if it's related.

> # 1.2.15: /etc/dovecot/dovecot.conf

Anyway, I don't have time to try to debug bugs that may have been fixed 
already. If this keeps happening with v2.0.18 or v2.1.1 I'm happy to help.




--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#660154: qemu-keymaps: Finnish keyboard mapping broken

[Timo Sirainen]

Subject: qemu-keymaps: Finnish keyboard mapping broken
Package: qemu-keymaps
Version: 1.0+dfsg-3
Severity: normal

With "-k fi -vnc :1" the keyboard layout works pretty well, except the 
key between left shift and "z" key, which generates <> characters 
doesn't work. Instead of "<" it shows "z" and instead of ">" (shift-<) 
it shows "X".


It works correctly if I comment out these lines:

less 0x2c shift altgr
greater 0x2d shift altgr

-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-06540-g4c4d285 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

-- no debconf information



--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#654591: dovecot-core: race condition in init script restart action

[Timo Sirainen]

On Wed, 2012-01-04 at 15:13 +0100, Marc Dequènes (Duck) wrote:
> I got this failure:
> # /etc/init.d/dovecot restart
> Restarting IMAP/POP3 mail server: dovecotError: service(imap-login):  
> listen(*, 143) failed: Address already in use
> Error: service(imap-login): listen(::, 143) failed: Address already in use
> Error: service(imap-login): listen(*, 993) failed: Address already in use
..
> I tried to reproduce, switching back and forth between the old to the  
> new configuration multiple times without success. This is probably  
> related to waiting for connections and child processes to finish, even  
> if the init script seems to have some code for the later.

Yes. This is properly fixed in v2.1.
http://hg.dovecot.org/dovecot-2.1/rev/6894298ae5fd





--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#649511: CVE-2011-4318

[Timo Sirainen]

On 22.11.2011, at 18.53, Marco Nenciarini wrote:

> Is it urgent? I'm ultra-busy until Friday 25 for the Italian PostgreSQL
> Conference (PGDay), but if needed I take some time from my sleep to
> upload the 2.0.16 version.

Not urgent. I estimate there are approximately 0 installations where this is 
exploitable.




--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#641247: dovecot-imapd: Get IMAP Error: fchown

[Timo Sirainen]

On 12.9.2011, at 7.34, Andrew Buckeridge wrote:

> 2011-09-12 11:37:03 IMAP(???): Error: 
> fchown(/var/lib/dovecot/control/9998/.INBOX/dovecot-uidlist.tmp, -1, 
> 9111(mailusers)) failed: Operation not permitted (egid=9000(bgcuser), group 
> based on /export/home/???/Maildir)

Dovecot copies the Maildir's permissions when creating any new files. This is 
required for shared mailboxes to work correctly. So your possibilities are to 
either:

a) chmod 0700 /export/home/???/Maildir

b) Give Dovecot access to mailusers group: mail_access_groups = mailusers





--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#627443: CVE-2011-1929

[Timo Sirainen]

On Fri, 2011-05-20 at 18:44 +0200, Moritz Muehlenhoff wrote:

> | Fixed potential crashes and other problems when parsing
> | header names that contained NUL characters.
> 
> Could you contact upstream wrt the exact impact? What is
> being crashed here, can someone only crash a delivery
> thread or can the whole IMAP server be crashed through
> malformed mail messages? In the latter case we should
> release a DSA.

It doesn't necessarily crash, just output some garbage, because the
basic problem is that it's reading a buffer past its used size. The
problematic parts are:

1) With mbox format it looks like it could be crashing/corrupting output
whenever reading/saving mails.

2) With non-mbox format there are only IMAP SEARCH and FETCH
HEADER[FIELDS...] commands that can cause crash/corruption.

3) Except with v2.0 if using external dbox attachment storage it can
also cause some crash/corruption.

Originally I was also hoping SMTP servers to drop any NULs in header
names, but looks like at least Postfix happily preserves them.





-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#623440: dovecot: autocreation of new mailboxes fails

[Timo Sirainen]

On Wed, 2011-04-20 at 10:41 +0200, Andreas Hübner wrote:

> After upgrading dovecot from 1.0.x to 1.2.x, the automatic creation of new
> mailboxes fails with:
> 
> dovecot: deliver(x...@xx.de): mail_location not set and autodetection failed: 
> Mail storage autodetection failed with home=/var/mail/xx.de/xxx
> dovecot: deliver(x...@xx.de): Fatal: Namespace initialization failed
> 
> Ubuntu had the same problem [1][2] and sort of fixed it by deleting a
> check in mbox-storage.c.

So what Ubuntu did was assume that all new users want to use mbox, not
Maildir. Doesn't seem like a great idea to me.





--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#624837: dovecot-gssapi: no longer reads /etc/krb5.keytab

[Timo Sirainen]

On Sun, 2011-05-01 at 23:19 +, brian m. carlson wrote:

> From /etc/dovecot/conf.d/10-auth.conf:
> 
>   # Kerberos keytab to use for the GSSAPI mechanism. Will use the system 
>   # default (usually /etc/krb5.keytab) if not specified.
> 
> This is not true.  The system default keytab is generally root-owned and
> 600 [0].  Dovecot's new authentication mechanism cannot read this file
> and therefore all GSSAPI authentication fails.  The IMAP server
> responds:

Updated the comment to:

# Kerberos keytab to use for the GSSAPI mechanism. Will use the system
# default (usually /etc/krb5.keytab) if not specified. You may need to change
# the auth service to run as root to be able to read this file.

Meaning, you can do:

service auth {
  user = root
}





-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#626211: dovecot-common: ssl-params uses hardcoded /var/lib/dovecot/ssl-parameters.dat, should use ssl_parameters_file config variable

[Timo Sirainen]

On 10.5.2011, at 0.59, Daniel Kahn Gillmor wrote:

> dovecot's ssl-params sub-daemon appears to hardcode the path and
> filename to its parameters file.
> 
> However, the other dovecot tools appear to look for the file using the
> ssl_parameters_file configuration variable.

No, there is such a setting but it's not used by anything. It's actually a bug 
that I accidentally added that setting back (due to v2.0's master/config code 
being based on some very old pre-v1.0 code).

> Launching dovecot as a non-privileged user without write permissions
> to /var/lib/dovecot produces the following warnings on stderr, even if
> ssl_parameters_file is set to a location where the user has read/write
> permissions:
> 
> 2011-05-09 16:38:42 master: Info: Dovecot v2.0.12 starting up (core dumps 
> disabled)
> 2011-05-09 16:38:42 ssl-params: Error: 
> open(/var/lib/dovecot/ssl-parameters.dat) failed: Permission denied
> 2011-05-09 16:38:42 ssl-params: Fatal: 
> creat(/var/lib/dovecot/ssl-parameters.dat.tmp) failed: Permission denied
> 2011-05-09 16:38:42 ssl-params: Error: child process failed with status 22784

Hmm.. Perhaps there should be a shared_state_dir setting or something that is 
normally /var/lib/dovecot.




--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#626130: dovecot-imapd: Can't setegid(privileged)

[Timo Sirainen]

On 9.5.2011, at 6.16, Peter Chubb wrote:

> $ ls -l /var/mail
> total 254012
> -rw-rw 1 username mail 229477565 May  9 12:57 username

chmod 0600 /var/mail/*




-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#624234: tag 624234 wheezy sid

[Timo Sirainen]

On Wed, 2011-04-27 at 10:25 -0300, Dererk wrote:

> Since I consider both package could co-exist perfectly and complement
> each other functionality, I'll be producing a renamed deliver.1.gz,
> since it's not core funcionality on mailavenger software; It's something
> you can use but that's not enabled by default and requires some
> configuration research on user's side first.
> 
> I'll be preparing this to be upload during this week. Please let me know
> if you have any doubt or comment about it.

I'm also not sure how useful it is to keep deliver.1 man page in Dovecot
v2.0, since it's only a pointer to dovecot-lda.1 (the deliver binary is
also a symlink to dovecot-lda). Their existence is mainly for backwards
compatibility with Dovecot v1.x.





-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#619137: /usr/sbin/dovecot: Suddenly stopped authentication

[Timo Sirainen]

On 21.3.2011, at 16.56, Pekka Takala wrote:

> Mar 21 16:54:38 pihtisoft kernel: pop3-login[1004]: segfault at 0 ip
> 7f0f70863eaf sp 7fff25336f18 error 4 in
> libncom.so.4.0.1[7f0f70862000+3000]

What is libncom, and why would Dovecot be calling it?




-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#611398: dovecot-imapd: has problem with read-only mbox files

[Timo Sirainen]

On Fri, 2011-01-28 at 22:56 +0100, Arthur de Jong wrote:

> Jan 28 22:01:14 bobo dovecot: IMAP(arthur): 
> file_dotlock_open(/home/arthur/mail/sent/.imap/2005/dovecot.index.log) 
> failed: Permission denied (euid=1000(arthur) egid=100(users) 
> access(/home/arthur/mail/sent/.imap/2005/dovecot.index.log, 4) failed: No 
> such file or directory)
> 
> The problem is that the directory
>   /home/arthur/mail/sent/.imap/2005
> is read-only (mode dr-x--) which is probably because the original
> mbox file
>   /home/arthur/mail/sent/2005
> is read-only.

Here: http://hg.dovecot.org/dovecot-1.2/rev/fe9a5bb62470





-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#606649: dovecot-2.0 fails to start, attempting to listen on each port twice

[Timo Sirainen]

On Fri, 2010-12-10 at 20:33 +0300, Michael Tokarev wrote:
> >  Starting IMAP/POP3 mail server: dovecotError: service(pop3-login): 
> > listen(::, 110) failed: Address already in use
> >  Error: service(pop3-login): listen(::, 995) failed: Address already in use
> >  Error: service(imap-login): listen(::, 143) failed: Address already in use
> >  Error: service(imap-login): listen(::, 993) failed: Address already in use
> 
> This happens because of the default "listen = *, ::".
> For some reason, when IPv6 is unavailable, it tries
> to create IPv4 socket for the second listening
> address, which obviously fails.  Using "listen = *"
> fixes that.

This fixes it: http://hg.dovecot.org/dovecot-2.0/rev/cde0d403c6ff





-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#603951: dovecot: by default enables insecure ciphers

[Timo Sirainen]

On Thu, 2010-11-18 at 20:41 +0100, Thijs Kinkhorst wrote:

> After installing dovecot it comes with insecure SSL ciphers enabled by
> Luckily I saw that SSLv2 is now default disabled, but even with SSLv3
> and TLSv1 dovecot enables 40 bit ciphers:
> 
> EXP-EDH-RSA-DES-CBC-SHA 40 bits
> EXP-RC4-MD5 40 bits
> EXP-DES-CBC-SHA 40 bits
> EXP-RC2-CBC-MD5 40 bits

I think those are disabled by !EXP?

> ssl_cipher_list = HIGH:MEDIUM:!ADH:+TLSv1:!SSLv2:+SSLv3

v2.0 uses by default:

ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL

This makes it pass PCI Scanning.




-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#598319: dovecot-imapd: doesn't notify about mails being deleted

[Timo Sirainen]

On Tue, 2010-09-28 at 10:26 +0200, Adam Borowski wrote:

> The version of dovecot in Lenny notified its IMAP clients both when a mail
> arrived and when it was deleted.  In Squeeze, only the former works.  If you
> delete something using anything outside the mail client -- be that mutt or a
> cron job harvesting manually tagged spam, the mail in question will appear
> to be still there even after telling the client to check the mail server.
> Only disconnecting and connecting again rectifies the problem.

What mailbox format? dovecot -n output? Do you know if the clients are
using IDLE or even without it? I haven't heard anyone else having a
similar problem, so this is probably something specific to your setup.





-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#595930: dovecot-imapd: problem with imap_quota - undefined symbol: quota_set

[Timo Sirainen]

On Tue, 2010-09-07 at 14:01 +0200, Piotr Rogoża wrote:

> When I enable imap_quota option in dovecot.conf, dovecot doesn't run:
> dlopen(/usr/lib/dovecot/modules/imap/lib11_imap_quota_plugin.so) failed: 
> /usr/lib/dovecot/modules/imap/lib11_imap_quota_plugin.so: undefined symbol: 
> quota_set:
> Couldn't load required plugins

You need to enable also "quota" plugin, not just "imap_quota". v2.0
gives a nicer error message here.




--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#594974: dovecot-common: buggy error message in /usr/lib/dovecot/deliver

[Timo Sirainen]

On Tue, 2010-08-31 at 02:10 +, Clint Adams wrote:
> Aside from the misleading use of the phrase "process group", I think
> this patch makes slightly more sense.

Yeah .. I'm not sure what would be better for "process group". Maybe
"process's group" or "process's effective group" or something..

> - get_gid_str(primary_gid), 
> get_uid_str(geteuid()));
> + get_gid_str(primary_gid), 
> get_gid_str(getegid()));

Committed to upstream v1.2 and v2.0 hg.





-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#592959: dovecot: Will Dovecot v2.0 be packages for Squeeze?

[Timo Sirainen]

On 14.8.2010, at 14.57, Paul Menzel wrote:

> Dovecot v2.0 will be released soon [1]. Do you have any plans for
> Squeeze? Despite the freeze I think it would still be possible. Or do
> you just plan on providing a backport or stick with 1.2.x altogether?

I'd also prefer it. RHEL 6 is being released with Dovecot v2.0, so Debian would 
be the only distro using Dovecot v1.x for following years..




--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#580929: Proxy mode by default does not resolve proxy hostname to IP, numeric IP is required

[Timo Sirainen]

On su, 2010-05-09 at 23:43 +0200, Piotr Wadas wrote:
> and tested it against 1.2.11-1 . This functionality requires
> login_chroot = no, anyway with proxying mode I bet it's acceptable.

The patch itself looks ok and I don't have any objections to Debian
using it.. But upstream v1.2.x is about done, and this functionality has
already been implemented to v2.0 in a different way.





-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#576501: libc6-dev: Overeager nonnull attributes in function prototypes

[Timo Sirainen]

Package: libc6-dev
Version: 2.10.2-6
Severity: normal

I just started playing with clang's static analyzer. It nicely warns
whenever a function parameter that has been marked with nonnull attribute
gets a NULL as parameter. The problem is that there are several functions
where it's actually valid to give it a NULL pointer, as long as the size
parameter is zero. For example these are valid:

 - memcpy(dest, src=NULL, size=0)
 - same for memmove()
 - qsort(base=NULL, nmemb=0, ..)
 - lots of others too, but the above ones are what I mostly care about.

I guess the question is if these nonnulls ever help programmers, or if
they're there just because "it looks nice", but mainly give false positive
warnings.

Here's an example of what type of code triggered it for me:

void foo(const char *src)
{
char *dest;
unsigned int len;

len = src == NULL ? 0 : strlen(src);
dest = malloc(len + 2);
if (dest == NULL) return;

dest[0] = '>';
memcpy(dest + 1, src, len);
dest[len] = '\0';
}

So src=NULL, but len=0 so it doesn't matter. Adding an extra if check there
would just make the code uglier.

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-rc3-00056-g9dc251d-dirty (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages libc6-dev depends on:
ii  libc-dev-bin  2.10.2-6   Embedded GNU C Library: Developmen
ii  libc6 2.10.2-6   Embedded GNU C Library: Shared lib
ii  linux-libc-dev2.6.32-5   Linux support headers for userspac

Versions of packages libc6-dev recommends:
ii  bcc [c-compiler]  0.16.17-3  16-bit x86 C compiler
ii  gcc [c-compiler]  4:4.4.3-1  The GNU C compiler
ii  gcc-3.3 [c-compiler]  1:3.3.6-15 The GNU C compiler
ii  gcc-3.4 [c-compiler]  3.4.6-10   The GNU C compiler
ii  gcc-4.1 [c-compiler]  4.1.2-27   The GNU C compiler
ii  gcc-4.2 [c-compiler]  4.2.4-6The GNU C compiler
ii  gcc-4.3 [c-compiler]  4.3.4-6The GNU C compiler
ii  gcc-4.4 [c-compiler]  4.4.3-5The GNU C compiler

Versions of packages libc6-dev suggests:
pn  glibc-doc  (no description available)
ii  manpages-dev  3.23-1 Manual pages about using GNU/Linux

-- debconf-show failed



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#572266: dovecot-common: dovecot-auth crashes with segfault

[Timo Sirainen]

On Mon, 2010-03-08 at 14:38 +0100, Erich Schubert wrote:

> I wonder whether there is a way to check for such errors automatically
> with lintian; they are bound to arise now and then, aren't they?

Symbol conflict errors happen somewhat often, and it's sometimes
difficult to detect them. I've had to change Dovecot several times
because some library exports a symbol that Dovecot also uses.

I don't know if there's an easy automated way to detect them in a
generic way, but at least for PAM plugins I think it would be possible
to make sure that they only export those symbols that are required by
PAM, everything else would be hidden. Then there shouldn't be any symbol
conflicts. A quick google lookup shows that it should be possible:
http://stackoverflow.com/questions/435352/limiting-visibility-of-symbols-when-linking-shared-libraries



signature.asc
Description: This is a digitally signed message part

Bug#572266: dovecot-common: dovecot-auth crashes with segfault

[Timo Sirainen]

On 8.3.2010, at 12.03, Gerfried Fuchs wrote:

>> Either rename buffer_free() on libpam-ssh's side, or mark it in some way
>> internal to the shared library (I don't know how to do the latter, but I
>> think it's possible).
> 
> As this bug has been reassigned without a version number the BTS
> considers all versions to be affected by this, including the version in
> stable. Given that Erich did report this against the version in unstable
> I think the buffer_free() function in dovecot might have been added at a
> later stage (otherwise I would have expected Erich to report it earlier
> already?).

buffer_free() has been there ever since the first version of Dovecot, but 
you're right, in v1.0 it's only a macro:

void _buffer_free(buffer_t **buf);
#define buffer_free(buf) _buffer_free(&(buf))

In v1.1+ it became a function.




--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#572266: dovecot-common: dovecot-auth crashes with segfault

[Timo Sirainen]

On Fri, 2010-03-05 at 20:58 +0100, Jens Peter Secher wrote:
> Timo Sirainen wrote:
> > 
> > And the problem is specifically that Dovecot also has buffer_free() 
> > function.
> 
> Can you elaborate on this?

I mean both Dovecot and libpam-ssh have an exported function called
buffer_free(). libpam-ssh tries to call its own internal buffer_free(),
but it ends up calling Dovecot's incompatible buffer_free(), which of
course doesn't work and it crashes.

Either rename buffer_free() on libpam-ssh's side, or mark it in some way
internal to the shared library (I don't know how to do the latter, but I
think it's possible).


signature.asc
Description: This is a digitally signed message part

Bug#572266: dovecot-common: dovecot-auth crashes with segfault

[Timo Sirainen]

On 5.3.2010, at 19.46, Erich Schubert wrote:

> Thank you - I should've come up with the gdb approach myself.
> As expected it is the fault of a PAM plugin, namely libpam-ssh:
> 
> Program received signal SIGSEGV, Segmentation fault.
> 0x08074f4e in buffer_free ()

And the problem is specifically that Dovecot also has buffer_free() function.




-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#572266: dovecot-common: dovecot-auth crashes with segfault

[Timo Sirainen]

On Tue, 2010-03-02 at 19:49 +0100, Erich Schubert wrote:

> Mar  2 09:35:48 hepcat dovecot: auth(default): 
> worker-server(erich,127.0.0.1): Aborted: Worker process died unexpectedly
> Mar  2 09:35:48 hepcat dovecot: dovecot: child 4865 (auth-worker) killed with 
> signal 11 (core not dumped)

If you've trouble getting a core dump, you could try attaching to the
process with gdb. For example, immediately after startup you should
have:

root 30820  0.0  0.1  74688  3212 pts/0S+   22:24   0:00 dovecot-auth
root 30821  0.0  0.1  74688  3116 pts/0S+   22:24   0:00 dovecot-auth -w

Attach to the dovecot-auth -w process with:

gdb -p 30821
cont

bt full

Anyway, my guess is that it's some PAM plugin that's crashing.



signature.asc
Description: This is a digitally signed message part

Bug#570814: dovecot-common: config file has wrong path for sendmail

[Timo Sirainen]

On Sun, 2010-02-21 at 18:19 +0100, supp...@oeko.net wrote:
> I'd like to see this changed to
> 
>   #sendmail_path = /usr/sbin/sendmail
> 
> as /usr/lib/sendmail has been deprecated maybe 5 to 10 years ago and is
> only a symlink to /usr/sbin/sendmail, anyway. I gather that this might
> be an upstream issue (wrong default path compiled in), too.

I originally used /usr/lib/sendmail, because /usr/sbin/sendmail didn't
do the same thing in some system I was testing. I guess those systems
are dead enough nowadays, so for v2.0 I've changed the default
to /usr/sbin/sendmail.



signature.asc
Description: This is a digitally signed message part

Bug#564438: dovecot-imapd: seems to handle mbox as directory regarding mboxes

[Timo Sirainen]

On Sat, 2010-01-09 at 15:00 +0100, Tobias Frost wrote:
> However, /var/mail/tobi is a mbox, so a regular file. 
..
> namespace:
>   type: private
>   separator: /
>   prefix: mbox/
>   location: mbox:/var/mail/%u

This isn't correct. Unfortunately because of some optimizations the
error message isn't better for LSUB .. Selecting the INBOX would have
failed with:

Error: mbox root directory can't be a file: /var/mail/tss/
(http://wiki.dovecot.org/MailLocation/Mbox)

What you want is:

location = mbox::INBOX=/var/mail/%u

The  being something where either user can create
mboxes, such as ~/Maildir/mboxes/ or alternatively some directory where
user doesn't have any write access.



signature.asc
Description: This is a digitally signed message part

Bug#565397: *** glibc detected *** ps: double free or corruption (fasttop)

[Timo Sirainen]

I got this today too, and managed to reproduce it with valgrind:

==9441== Invalid free() / delete / delete[]
==9441==at 0x4C21DBC: free (vg_replace_malloc.c:325)
==9441==by 0x4022D3: simple_spew (display.c:345)
==9441==by 0x40308A: main (display.c:620)
==9441==  Address 0x53d4c10 is 0 bytes inside a block of size 64 free'd
==9441==at 0x4C21DBC: free (vg_replace_malloc.c:325)
==9441==by 0x4022D3: simple_spew (display.c:345)
==9441==by 0x40308A: main (display.c:620)

Double frees can sometimes be exploited. Perhaps this is a potential
security hole? I didn't look too closely what exactly is causing this,
but I verified that the given line number is correct. Changing it to:

  if(buf.nsupgid > 0 && buf.supgid) { free(buf.supgid); buf.supgid =
0xbebebebe; }

Changed the "double free or corruption" to a simple segfault. For some
reason ps didn't dump core and I didn't bother looking further why.
Anyway, looks like buf isn't properly reset between the while() loop
runs. Similar bugs in the other case: parts in the switch loop.



signature.asc
Description: This is a digitally signed message part

Bug#560089: dovecot-imapd: dovecot (32-bit) + icedove (64-bit) can't open folders

[Timo Sirainen]

On Tue, 2009-12-08 at 13:25 -0700, Mario Nigrovic wrote:
> The error apparently is in opening folders.  I can see in the folder
> list that a folder contains new messages, but when I click on it, only
> the list of old messages is visible.  In fact, the old messages are
> listed, but I cannot display the body contents.  At this point, I can
> still go through folders that are already open and see messages (even
> very old messages), but I cannot open folders that hadn't already been
> seen.

Sounds like a connection-related problem. Icedove wants to use multiple
connections. Perhaps the above happens either because it can't create a
new connection or one of the existing connections hang? By default
Dovecot limits users to 10 connections from same IP, is Icedove perhaps
trying to use more that that? It's configurable.



signature.asc
Description: This is a digitally signed message part

Bug#559279: dovecot: crashes with "file lib-signals.c: line 122 (signal_read): assertion failed: (ret <= 1)"

[Timo Sirainen]

On Dec 3, 2009, at 4:16 AM, Sandro Tosi wrote:

> 2009-12-03 09:25:29 dovecot: Panic: file lib-signals.c: line 122 
> (signal_read): assertion failed: (ret <= 1)

This was fixed by http://hg.dovecot.org/dovecot-1.2/rev/8fd1ee439437




--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#546656: Trivial patch for this CVE

[Timo Sirainen]

On Sep 22, 2009, at 9:46 AM, Don Armstrong wrote:


Attached please find the trivial patch for this security fix.


snprintf, not sprintf:

- sprintf(errbuf, "flag '%s': not a valid relational operation", r);
+	  sprintf(errbuf, sizeof(errbuf), "flag '%s': not a valid relational  
operation", r);





--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#546695: dovecot-imapd: dovecot epoll fails with -EPERM for "dovecot --exec-mail imap" at the shell

[Timo Sirainen]

On Sep 15, 2009, at 9:10 AM, Daniel Pittman wrote:

Sep 15 16:03:31 krosp IMAP(daniel): : Fatal: io_loop_handle_add:  
epoll_ctl(1, 0): Operation not permitted


Do you have rawlog enabled? IIRC that was the main cause of this. Or  
anything else in mail_executable except the default imap binary?





--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#473400: wow -- still open

[Timo Sirainen]

On Wed, 2009-09-09 at 12:08 -0400, Yaroslav Halchenko wrote:
> I've been using xlock for years and never had any issue with its
> crashing.  May be it is due to the fact that when I want my screen
> locked, I do not care to watch running goblins on the screen, therefore
> I use
> 
> XLock.mode: blank
> 
> in my .Xresources.   May be just making blank mode to be default

I think this should be fine.



signature.asc
Description: This is a digitally signed message part

Bug#538952: dovecot-imapd: 'sort' command generates a traceback

[Timo Sirainen]

On Fri, 2009-08-07 at 16:34 -0400, Timo Sirainen wrote:
> On Mon, 2009-08-03 at 14:05 +0200, Sandro Tosi wrote:
> > > This should help: http://hg.dovecot.org/dovecot-1.1/rev/12670c6d0c10
> > >   
> > Hi Timo,
> > as Joel pointed out (privately) the patch you reference above is already
> > included in 1.1.3 (released on Mar 2009, while the patch is from Sep '08).
> 
> 1.1.13 you mean. And actually I checked that before giving the link, but
> looks like I also looked at 1.1.3 release date instead of 1.1.13 :)
> 
> Anyway, can you reproduce this easily with some mailbox? Could you send
> me such mailbox's dovecot.index, dovecot.index.log and dovecot-uidlist
> files? None of them contain anything sensitive about the mailbox. After
> that you can just delete dovecot.index* files and it should work again
> (until it reaches the same buggy condition again).

I looked at it a bit more closely. I don't think that condition should
ever happen normally. Anyway I changed the code so that it'll reset the
sort indexes automatically instead of crashing:
http://hg.dovecot.org/dovecot-1.1/rev/fd48a9c61b6c


signature.asc
Description: This is a digitally signed message part

Bug#538952: dovecot-imapd: 'sort' command generates a traceback

[Timo Sirainen]

On Mon, 2009-08-03 at 14:05 +0200, Sandro Tosi wrote:
> > This should help: http://hg.dovecot.org/dovecot-1.1/rev/12670c6d0c10
> >   
> Hi Timo,
> as Joel pointed out (privately) the patch you reference above is already
> included in 1.1.3 (released on Mar 2009, while the patch is from Sep '08).

1.1.13 you mean. And actually I checked that before giving the link, but
looks like I also looked at 1.1.3 release date instead of 1.1.13 :)

Anyway, can you reproduce this easily with some mailbox? Could you send
me such mailbox's dovecot.index, dovecot.index.log and dovecot-uidlist
files? None of them contain anything sensitive about the mailbox. After
that you can just delete dovecot.index* files and it should work again
(until it reaches the same buggy condition again).



signature.asc
Description: This is a digitally signed message part

Bug#539391: [dovecot] upstream config file error

[Timo Sirainen]

On Fri, 2009-07-31 at 15:24 +0300, Eugene Paskevich wrote:
> It has been confirmed upstream that current example config file contains  
> an error in !include and !include_try statements. The equal sign has to be  
> removed from there, otherwise `dovecot -n` results in rather weird error.

I don't know if Debian has some more !includes, but I fixed the examples
in upstream: http://hg.dovecot.org/dovecot-1.2/rev/c3d4b5e72ac3



signature.asc
Description: This is a digitally signed message part

Bug#538952: dovecot-imapd: 'sort' command generates a traceback

[Timo Sirainen]

On Wed, 2009-07-29 at 15:27 +0200, Sandro Tosi wrote:
> > dovecot: 2009-07-28 08:12:59 Panic: IMAP(): file
> > index-sort-string.c: line 168 (index_sort_node_add): assertion failed:
> > (ctx->lowest_nonexpunged_zero == 0 || ctx->lowest_nonexpunged_zero >
> > node->seq)

This should help: http://hg.dovecot.org/dovecot-1.1/rev/12670c6d0c10



signature.asc
Description: This is a digitally signed message part

Bug#537388: dovecot: IMAP(user): Corrupted index cache file ...

[Timo Sirainen]

On Wed, 2009-07-22 at 03:45 +0930, Ron wrote:
> But my prime suspect right now is 'imap_peek = no' ... 

Thanks, that allowed me to reproduce the bug. Fixed:
http://hg.dovecot.org/dovecot-1.2/rev/ae3e0ff64c94



signature.asc
Description: This is a digitally signed message part

Bug#537388: dovecot: IMAP(user): Corrupted index cache file ...

[Timo Sirainen]

On Jul 17, 2009, at 9:04 PM, Ron wrote:

3.  in one of the mutt instances to update the  
index

  of what is in the mailbox.
4. Open the new message in it.


So 3 and 4 are on the same mutt instance, and the second mutt  
instance

haven't even see the mail yet by the time the corruption happens?


Yes, that's correct.  In the last few tests I did, the second instance
wasn't yet aware of the new mail at the time I opened it in the first.


The 4. step seems a bit strange to me. I'd think 3. would have been  
enough to cause it. Since 3. is where it reads/writes cache file. In  
4. step is also reads it, but.. strange if it just worked in 3 but was  
broken in 4..


Anyway, I just dist-upgraded my debian unstable yesterday and tried  
with its mutt and couldn't reproduce this.



mail_location: mbox:~/Mail:INBOX=~/Mail/inbox
mbox_write_locks: fcntl dotlock
mail_plugins: antispam


Can you try if you can reproduce it without antispam?


 sieve_global_path: /etc/dovecot/sieve/default.sieve


And also what if you have Sieve disabled with deliver? Or if you let  
Postfix write the mail instead of using deliver?




--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#537388: dovecot: IMAP(user): Corrupted index cache file ...

[Timo Sirainen]

On Sat, 2009-07-18 at 09:25 +0930, Ron wrote:
> So here's what I can do to reproduce it, confirmed again after the last
> imaptest run:
> 
> 1. Start 2 instances of mutt into the same imap folder.
> 2. echo "hmm" | mail -s test ron
> 3.  in one of the mutt instances to update the index
>of what is in the mailbox.
> 4. Open the new message in it.

So 3 and 4 are on the same mutt instance, and the second mutt instance
haven't even see the mail yet by the time the corruption happens? Or is
your mutt built with IDLE support or something? I was just testing with
Ubuntu's mutt and couldn't reproduce it. I could try at home with Debian
unstable's mutt too if that would cause it..

Could you also paste your dovecot -n output, maybe there's something
that could be related to this.



signature.asc
Description: This is a digitally signed message part

Bug#537388: dovecot: IMAP(user): Corrupted index cache file ...

[Timo Sirainen]

On Sat, 2009-07-18 at 07:00 +0930, Ron wrote:
> > > dovecot: IMAP(ron): Corrupted index cache file 
> > > /home/ron/Mail/debian/.imap/emdebian/dovecot.index.cache: record points 
> > > outside file
> 
> Ok, I think I've figured out roughly how to reproduce this now ...
> The trouble would seem to occur if I have multiple MUA instances
> accessing the same IMAP folder, a new message comes in to it, then
> one of them views it.  At that point something gets out of sync and
> a message like the above is logged.
> 
> If it makes any difference, the MUA is mutt.  Both instances are
> only accessing mail in that folder via dovecot.

What filesystem do you use? Can you try if you can easily reproduce this
using imaptest tool on a test account? http://imapwiki.org/ImapTest

There shouldn't be any easy ways left to cause that error anymore..



signature.asc
Description: This is a digitally signed message part

Bug#537388: dovecot: IMAP(user): Corrupted index cache file ...

[Timo Sirainen]

On Sat, 2009-07-18 at 03:14 +0930, Ron wrote:
> dovecot: IMAP(ron): Corrupted index cache file 
> /home/ron/Mail/debian/.imap/emdebian/dovecot.index.cache: record points 
> outside file
> dovecot: IMAP(ron): Corrupted index cache file 
> /home/ron/Mail/debian/.imap/uclibc/dovecot.index.cache: record points outside 
> file
> dovecot: IMAP(ron): Corrupted index cache file 
> /home/ron/Mail/spam/.imap/maybe/dovecot.index.cache: record points outside 
> file

Does it happen more than once for the same mailbox? If it's only a
one-time thing I think it can be just ignored..



signature.asc
Description: This is a digitally signed message part

Bug#537158: [dovecot-imapd] Balks at sieve conf variables, will not work without them

[Timo Sirainen]

On Jul 15, 2009, at 11:28 AM, David Baron wrote:

When starting new version fails, get incorrect variabe sieve in conf  
file
(using my old one). If I delete the two sieve lines, the daemon will  
start but

does not function


They need to be in plugin section nowadays. 
http://wiki.dovecot.org/Upgrading/1.2

Note that neither a reinstall nor a dpkg-reconfigure of dovecot gave  
me the

option to replace or view the maintainer's conf file.


I don't know about that.



--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#536880: dovecot: quota plugin broken

[Timo Sirainen]

On Jul 14, 2009, at 8:25 AM, Marc Dequènes (Duck) wrote:

Restarting IMAP/POP3 mail server: dovecotILoading modules from  
directory: /usr/lib/dovecot/modules/imap
Edlopen(/usr/lib/dovecot/modules/imap/lib10_quota_plugin.so)  
failed: /usr/lib/dovecot/modules/imap/lib10_quota_plugin.so:  
undefined symbol: xdr_ext_getquota_args


This is because the Debian package is built with automake 1.9. 1.10  
would work, or you could apply this patch:


http://hg.dovecot.org/dovecot-1.2/rev/66040bffc1a5




--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#536247: dovecot-common: dovecot-auth segfaults randomly

[Timo Sirainen]

On Jul 11, 2009, at 6:06 PM, Andrew Schulman wrote:


OK, I restarted dovecot with

auth_executable = /usr/bin/valgrind --log-file=/var/run/dovecot/ 
valgrind.%p

/usr/lib/dovecot/dovecot-auth

as you suggested.  My dovecot-auth process just quit:

Jul 11 17:50:33 helium dovecot: auth(default):
worker-server(andrex,127.0.0.1): Aborted: Worker process died  
unexpectedly
Jul 11 17:50:33 helium dovecot: child 14415 (auth-worker) returned  
error 1


but this time with signal 1, apparently because valgrind wasn't able  
to

allocate any more memory.  The valgrind log is below.


auth_process_size = 0 helps with this.


==14415== Invalid write of size 8
==14415==at 0x400D420: (within /lib/ld-2.9.so)
==14415==by 0x6B2330B: (within /lib/libdl-2.9.so)
==14415==by 0x6B2300E: dlclose (in /lib/libdl-2.9.so)
==14415==by 0x5062E66: (within /lib/libpam.so.0.81.12)
==14415==by 0x5062059: pam_end (in /lib/libpam.so.0.81.12)


Hmm. A bit strange if the error is coming from dlclose().. That would  
point to a bug in libc.




--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#536247: dovecot-common: dovecot-auth segfaults randomly

[Timo Sirainen]

On Jul 11, 2009, at 2:37 AM, Andrew Schulman wrote:


Good news:  I got a core file from a segfault.  Bad news:  I'm using a
standard Debian package with no debugging symbols.  Backtrace is  
below, but

it looks as though it's not going to be very useful.

I suppose that in order to get a useful backtrace, I have to compile  
my own

dovecot, or at least dovecot-auth, with debugging symbols?

..

#2  0x7f06ac1f854f in calloc () from /lib/libc.so.6


The crash is in memory allocation, which means something had corrupted  
memory already. The only way to really solve this would be to run  
dovecot-auth via valgrind:


auth_executable = /usr/bin/valgrind /usr/lib/dovecot/imap/dovecot-auth

That slows things down of course.. What PAM plugins are you using?  
Those would be my first guess as to what's broken.




--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#536247: dovecot-common: dovecot-auth segfaults randomly

[Timo Sirainen]

On Wed, 2009-07-08 at 14:03 -0400, Andrew Schulman wrote:
> Jul  2 12:26:24 helium dovecot: child 26364 (auth-worker) killed with
> signal 11 (core dumps disabled)

It's possible that the crash comes from PAM plugins. You could try if
setting auth_worker_max_request_count to somewhat low value (or even 1)
would help.

> Jul  3 11:37:12 helium dovecot: IMAP(carey):
> inotify_add_watch(/home/carey/.mail/new) failed: No space left on device
..
> OT:  I don't know what that business is about "No space left on device." 
> The /home partition isn't full.

It means:

   ENOSPC The user limit on  the  total  number  of  inotify  watches  was
  reached or the kernel failed to allocate a needed resource.

You can probably increase it somewhere from /proc.



signature.asc
Description: This is a digitally signed message part

Bug#536247: dovecot-common: dovecot-auth segfaults randomly

[Timo Sirainen]

On Wed, 2009-07-08 at 10:56 -0400, Andrew Schulman wrote:
> Several times a day, dovecot-auth crashes, disconnecting the connected
> users of course.  syslog output from one day is below.  Thanks, Andrew.
> 
> messages.4.gz:Jul  2 12:26:24 helium kernel: dovecot-auth[26364]: segfault at 
> 10008 ip 7faf466441eb sp 7fff50a3f260 error 4 in 
> libc-2.9.so[7faf465d2000+149000]

Also what does Dovecot's logs show about this crash? I'd like to know if
it was auth or auth-worker that crashed (it's logged).



signature.asc
Description: This is a digitally signed message part

Bug#536247: dovecot-common: dovecot-auth segfaults randomly

[Timo Sirainen]

On Wed, 2009-07-08 at 10:56 -0400, Andrew Schulman wrote:
> messages.4.gz:Jul  2 12:26:24 helium kernel: dovecot-auth[26364]: segfault at 
> 10008 ip 7faf466441eb sp 7fff50a3f260 error 4 in 
> libc-2.9.so[7faf465d2000+149000]

Any chance of getting a gdb backtrace? http://dovecot.org/bugreport.html

Also show your dovecot -n output.



signature.asc
Description: This is a digitally signed message part

Bug#514043: manpages-dev: fexecve() should mention it doesn't work inside chroot

[Timo Sirainen]

On Wed, 2009-02-04 at 17:37 +1300, Michael Kerrisk wrote:
> > The test program in my previous mail did the chrooting. Just compile it,
> > mkdir -p /tmp/foo/proc, mount --bind /proc /tmp/foo/proc and run it.
> 
> So, I did some experimenting.  It looks like the title of your report
> has things wrong: fexecve() can be used to exec a binary outside the
> chroot, but this won't work if, for example, the executable as dynamic
> dependencies that can't be satisfied within the chroot.  To see this,
> open() a path that is a statically linked executable (so it doesn't
> have dynamic dependencies).  I tested this: it works.

Oh, interesting. I hadn't thought of that. So I guess the ENOENT error
then means it couldn't satisfy all dynamic dependencies.



signature.asc
Description: This is a digitally signed message part

Bug#514043: manpages-dev: fexecve() should mention it doesn't work inside chroot

[Timo Sirainen]

On Wed, 2009-02-04 at 09:47 +1300, Michael Kerrisk wrote:
> > In my real
> > program I got ENOENT for some reason. Anyway ENOENT still happens
> > if /proc is mounted but the executed file is outside the chroot.
> 
> Yes.  The entries in /proc/self/fd are symlinks, and these would refer
> to paths that probably don't exist in your chroot environment.  

Right. I originally thought that fexecve() would have been a kernel call
that internally were able to execute files outside chroot. I don't
actually even see many other benefits for that at all..

> (If
> you have test program for this case, I'd be interested to see it, to
> run a few experiemnts.)

The test program in my previous mail did the chrooting. Just compile it,
mkdir -p /tmp/foo/proc, mount --bind /proc /tmp/foo/proc and run it.



signature.asc
Description: This is a digitally signed message part

Bug#514043: manpages-dev: fexecve() should mention it doesn't work inside chroot

[Timo Sirainen]

On Wed, 2009-02-04 at 09:17 +1300, Michael Kerrisk wrote:
> >> > And for ERRORS:
> >> >
> >> > ENOENT: /proc filesystem not available.
> >> >
> >> > ref: http://lkml.org/lkml/2006/12/27/140
> >>
> >> surely the error is ENOSYS (see the glibc source), which is already
> >> documented in the man page?
> >
> > Well, what I did was:
> >
> > 1. open() an executable
> > 2. chroot() to empty directory
> > 3. drop root privileges
> > 4. fexecve()
> >
> > And fexecve() return ENOENT. So I was assuming it's because there was
> > no /proc in the empty dir..
> 
> Can you provide a very simple test program?  In my tests, I am seeing
> ENOSYS, as I would expect from reading the source.`

Weird. I'm also getting ENOSYS now in my test program. In my real
program I got ENOENT for some reason. Anyway ENOENT still happens
if /proc is mounted but the executed file is outside the chroot. Test
program:
#define _GNU_SOURCE
#include 
#include 
#include 
#include 
#include 
#include 

int main(void)
{
extern char **environ;
char *argv[] = { "ls", NULL };
int fd = open("/bin/ls", O_RDONLY);
if (fd == -1) perror("open()");

chdir("/tmp/foo");
if (chroot("/tmp/foo") < 0)
perror("chroot()");
fexecve(fd, argv, environ);
perror("fexecve()");
return 0;
}




signature.asc
Description: This is a digitally signed message part

Bug#514043: manpages-dev: fexecve() should mention it doesn't work inside chroot

[Timo Sirainen]

On Wed, 2009-02-04 at 07:42 +1300, Michael Kerrisk wrote:
> > To prevent other people from wasting their time with fexecve(), I suggest
> > adding something like this to the description:
> >
> > Linux implements fexecve() by executing the binary via proc filesystem,
> > so /proc needs to be mounted and available during the fexecve() call.
> 
> I can see some merit in adding a sentence like this, but:
> 
> > And for ERRORS:
> >
> > ENOENT: /proc filesystem not available.
> >
> > ref: http://lkml.org/lkml/2006/12/27/140
> 
> surely the error is ENOSYS (see the glibc source), which is already
> documented in the man page?

Well, what I did was:

1. open() an executable
2. chroot() to empty directory
3. drop root privileges
4. fexecve()

And fexecve() return ENOENT. So I was assuming it's because there was
no /proc in the empty dir..


signature.asc
Description: This is a digitally signed message part

Bug#514043: manpages-dev: fexecve() should mention it doesn't work inside chroot

[Timo Sirainen]

Package: manpages-dev
Version: 3.01-1
Severity: wishlist

To prevent other people from wasting their time with fexecve(), I suggest
adding something like this to the description:

Linux implements fexecve() by executing the binary via proc filesystem,
so /proc needs to be mounted and available during the fexecve() call.

And for ERRORS:

ENOENT: /proc filesystem not available.

ref: http://lkml.org/lkml/2006/12/27/140

-- System Information:
Debian Release: lenny/sid
  APT prefers intrepid-updates
  APT policy: (500, 'intrepid-updates'), (500, 'intrepid-security'), (500, 
'intrepid')
Architecture: i386 (i686)

Kernel: Linux 2.6.27-9-generic (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages manpages-dev depends on:
ii  manpages  3.01-1 Manual pages about using a GNU/Lin

manpages-dev recommends no packages.

-- no debconf information





-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#511340: dovecot-imapd does not allow SSL connections after a while due to SSL parameters being corrupted

[Timo Sirainen]

On Tue, 2009-01-13 at 18:45 +0100, Jürgen Geuter wrote:
> > The file is first created to $prefix/var/lib/dovecot/ssl-parameters.dat.
> > From there it is either hard linked or copied to
> > base_dir/login/ssl-parameters.dat. It's never deleted from the /var/lib/
> > directory. That's the reason it's generated there, so that after reboots
> > Dovecot wouldn't always have to regenerate the ssl-parameters.dat.
> 
> Ok, i rechecked: I got /var/lib/dovecot/ssl-parameters.dat but it is not
> linked to /var/run/dovecot/login/ssl-parameters.dat, it's a completely
> different file. And it is broken and has a length of 80Bytes.
> 
> I deleted /var/run/dovecot/login/ssl-parameters.dat, shut down dovecot
> and ran
> "/usr/lib/dovecot/ssl-build-param /var/lib/dovecot/ssl-parameters.dat"
> which fixed that file (brought it to 230 bytes). A restart of dovecot
> copied that file to /var/run/dovecot/login/ssl-parameters.dat. So the
> issue seems to be somewhat fixed though I still don't know why the
> bogus /var/lib/dovecot/ssl-parameters.dat was created.

Well, the next v1.1 version gives this error in such situations:

dovecot: Jan 13 13:08:37 Fatal: imap-login: Corrupted SSL parameters
file: /usr/local/var/run/dovecot/login/ssl-parameters.dat (delete it and
also the one in /usr/local/var/lib/dovecot)



signature.asc
Description: This is a digitally signed message part

Bug#511340: dovecot-imapd does not allow SSL connections after a while due to SSL parameters being corrupted

[Timo Sirainen]

On Tue, 2009-01-13 at 18:20 +0100, Jürgen Geuter wrote:
> On Mon, 2009-01-12 at 11:06 -0500, Timo Sirainen wrote:
> > On Fri, 2009-01-09 at 19:04 +, Juergen Geuter wrote:
> > > After a while dovecot does not allow SSL connections anymore because the
> > > SSL parameters in the file /var/run/dovecot/login/ssl-parameters.dat
> > > get corrupted. The file then has exactly 80 bytes size.
> > > When that happens the log gets an entry like the following for every
> > > connection attempt:
> > >  
> > >  v1068 dovecot: imap-login: read(ssl-parameters.dat) failed: Unexpected 
> > > EOF
> > 
> > I've never heard this happening with anyone.
> 
> If you search for the "dovecot: imap-login: read(ssl-parameters.dat)
> failed: Unexpected EOF" error message in your favourite search engine
> you will find a few hits which are all rather old though.

The one problem that wasn't too old happened when running two dovecot
instances. This was fixed in Dovecot. But I guess you're not running two
instances?

> > > I disabled the auto-regeneration of that file in the dovecot
> > > configuration via the "ssl_parameters_regenerate: 0" setting, but still
> > > on every restart of the server the file is generated with wrong data.
> > 
> > It shouldn't be regenerated at startup as long as the file exists. Do
> > you have it in /var/lib/dovecot?
> 
> No, the default place for it to reside seems to
> be /var/run/dovecot/login/ssl-parameters.dat (which is probably purged
> each restart?). The configuration file has no directive as this link
> (http://markmail.org/message/ymdg3f3minq7asb2) shows: The place seems to
> only be configurable at ./configure time.

The file is first created to $prefix/var/lib/dovecot/ssl-parameters.dat.
From there it is either hard linked or copied to
base_dir/login/ssl-parameters.dat. It's never deleted from the /var/lib/
directory. That's the reason it's generated there, so that after reboots
Dovecot wouldn't always have to regenerate the ssl-parameters.dat.


signature.asc
Description: This is a digitally signed message part

Bug#509380: [dovecot-common] deliver returns EX_NOUSER when sql query failed

[Timo Sirainen]

On Sun, 2008-12-21 at 21:36 +0100, Timo Weingärtner wrote:
> This problem appears every time when the SQL server gets restarted while the 
> mailserver's domU is paused.
> 
> See the logs for details on what happened.
> 
> If an IMAP login is tried in this situation, that fails instead; maybe I'll 
> reproduce this later.
> 
> IMHO the SQL connection should be restarted immediately 

It's not noticed until the query is tried to be executed. But sure, the
query can be retried automatically. I fixed this to v1.1 now:
http://hg.dovecot.org/dovecot-1.1/rev/d51d0635a72a

Also the error message was missing, this fixes it:
http://hg.dovecot.org/dovecot-1.1/rev/75a47e2a7a68

I don't know how easily these apply to v1.0. I'm not going to spend time
on it.

> and if this fails, EX_TEMPFAIL be returned.

Isn't it doing this now also?


signature.asc
Description: This is a digitally signed message part

Bug#511340: dovecot-imapd does not allow SSL connections after a while due to SSL parameters being corrupted

[Timo Sirainen]

On Fri, 2009-01-09 at 19:04 +, Juergen Geuter wrote:
> After a while dovecot does not allow SSL connections anymore because the
> SSL parameters in the file /var/run/dovecot/login/ssl-parameters.dat
> get corrupted. The file then has exactly 80 bytes size.
> When that happens the log gets an entry like the following for every
> connection attempt:
>  
>  v1068 dovecot: imap-login: read(ssl-parameters.dat) failed: Unexpected EOF

I've never heard this happening with anyone.

> I disabled the auto-regeneration of that file in the dovecot
> configuration via the "ssl_parameters_regenerate: 0" setting, but still
> on every restart of the server the file is generated with wrong data.

It shouldn't be regenerated at startup as long as the file exists. Do
you have it in /var/lib/dovecot?

I did consider adding code that would automatically delete/regenerate
the file is it's corrupted, but it would require too much new code.



signature.asc
Description: This is a digitally signed message part