Re: [Dovecot-news] v2.3.16 released

[Joan Moreau]

git clone -b release-2.3.16

On 2021-08-06 15:07, Timo Sirainen wrote:


On 6. Aug 2021, at 15.08, Joan Moreau  wrote:


Below

(gdb) bt full
#0 fts_user_autoindex_exclude (box=, 
box@entry=0x55e0bc7e0fe8) at fts-user.c:347


There is no such function in 2.3.16 release. That's only in the current 
git master. What did you install and from where?

Re: [Dovecot-news] v2.3.16 released

[Daniel J. Luke]

On Aug 6, 2021, at 7:42 AM, Timo Sirainen  wrote:
> https://dovecot.org/releases/2.3/dovecot-2.3.16.tar.gz
> https://dovecot.org/releases/2.3/dovecot-2.3.16.tar.gz.sig

The patch from https://dovecot.org/pipermail/dovecot/2021-June/122375.html is 
still necessary to build on newer Mac OS X (for the same reason). Tested on Mac 
OS version 11.5.1.

-- 
Daniel J. Luke

Re: [Dovecot-news] v2.3.16 released

[Joan Moreau]

Below

(gdb) bt full
#0 fts_user_autoindex_exclude (box=, 
box@entry=0x55e0bc7e0fe8) at fts-user.c:347

fuser = 
#1 0x7f42e8e9b4a6 in fts_mailbox_allocated (box=0x55e0bc7e0fe8) at 
fts-storage.c:806

flist = 
v = 0x55e0bc7e1010
fbox = 0x55e0bc7e1608
#2 0x7f42e952652c in hook_mailbox_allocated 
(box=box@entry=0x55e0bc7e0fe8) at mail-storage-hooks.c:256

_data_stack_cur_id = 5
_foreach_end = 0x55e0bc7d28a0
_foreach_ptr = 0x55e0bc7d2890
hooks = 0x7f42e8ec9ba0 
ctx = 0x55e0bc7e2818
#3 0x7f42e95219c1 in mailbox_alloc (list=0x55e0bc7d97b8, 
vname=0x55e0bc78f608 "INBOX", 
flags=flags@entry=MAILBOX_FLAG_DROP_RECENT) at mail-storage.c:860

_data_stack_cur_id = 4
new_list = 0x55e0bc7d97b8
storage = 0x55e0bc7d9fc8
box = 0x55e0bc7e0fe8
open_error = MAIL_ERROR_NONE
errstr = 0x0
__func__ = "mailbox_alloc"
#4 0x55e0bbd0a5c2 in select_open (readonly=false, mailbox=out>, ctx=0x55e0bc7d6fa0) at cmd-select.c:285

client = 0x55e0bc7d6298
status = {messages = 32, recent = 48, unseen = 814554448, uidvalidity = 
32766, uidnext = 814554256, first_unseen_seq = 32766, first_recent_uid = 
1633369088,
last_cached_seq = 3805518085, highest_modseq = 0, highest_pvt_modseq = 
139925357787644, keywords = 0x55e0bc78f398, permanent_flags = 0, flags = 
0, permanent_keywords = false,
allow_new_keywords = false, nonpermanent_modseqs = false, 
no_modseq_tracking = false, have_guids = false, have_save_guids = true, 
have_only_guid128 = false}

flags = MAILBOX_FLAG_DROP_RECENT
ret = 0
client = 
status = {messages = , recent = , unseen = 
, uidvalidity = , uidnext = out>,
first_unseen_seq = , first_recent_uid = , 
last_cached_seq = , highest_modseq = , 
highest_pvt_modseq = ,
keywords = , permanent_flags = , flags = 
, permanent_keywords = , 
allow_new_keywords = ,
nonpermanent_modseqs = , no_modseq_tracking = out>, have_guids = , have_save_guids = , 
have_only_guid128 = }

flags = 
ret = 
#5 cmd_select_full (cmd=, readonly=) at 
cmd-select.c:416

client = 0x55e0bc7d6298
ctx = 0x55e0bc7d6fa0
args = 0x55e0bc7a58d8
list_args = 0x7ffe308d1c74
mailbox = 0x55e0bc78f608 "INBOX"
client_error = 0x1 
ret = 
__func__ = "cmd_select_full"
#6 0x55e0bbd12484 in command_exec (cmd=cmd@entry=0x55e0bc7d6e08) at 
imap-commands.c:201

hook = 0x55e0bc79b5d0
finished = 
__func__ = "command_exec"
#7 0x55e0bbd104b2 in client_command_input (cmd=) at 
imap-client.c:1230

client = 0x55e0bc7d6298
command = 
tag = 0x7f42e942d8fa  
"]A\\A]\303\061\300\303ff.\017\037\204"

name = 0x55e0bbd26e50 "SELECT"
ret = 

On 2021-08-06 13:49, Aki Tuomi wrote:


On 06/08/2021 15:43 Joan Moreau  wrote:

Thank you Timo
However, this leads to
kernel: imap[228122]: segfault at 50 ip 7f7015ee332b sp 
7fffa7178740 error 4 in lib20_fts_plugin.so[7f7015ee1000+11000]

Returning to 2.3.15 resolves the problem


Can you provide `gdb bt full` output for the crash?

Aki

Re: [Dovecot-news] v2.3.16 released

[Joan Moreau]

Thank you Timo

However, this leads to

kernel: imap[228122]: segfault at 50 ip 7f7015ee332b sp 
7fffa7178740 error 4 in lib20_fts_plugin.so[7f7015ee1000+11000]


Returning to 2.3.15 resolves the problem

On 2021-08-06 12:42, Timo Sirainen wrote:


Hi,

One interesting thing in this release is the support for configuring 
OAUTH2 openid-configuration element. It would be nice if IMAP clients 
started supporting this feature to enable OAUTH2 for all IMAP servers, 
not just Gmail and a few others. This would allow all kinds of new 
authentication methods for IMAP and improve the authentication security 
in general.

https://dovecot.org/releases/2.3/dovecot-2.3.16.tar.gz
https://dovecot.org/releases/2.3/dovecot-2.3.16.tar.gz.sig

Binary packages in https://repo.dovecot.org/
Docker images in https://hub.docker.com/r/dovecot/dovecot

* Any unexpected exit() will now result in a core dump. This can
especially help notice problems when a Lua script causes exit(0).
* auth-worker process is now restarted when the number of auth
requests reaches service auth-worker { service_count }. The default
is still unlimited.

+ Event improvements: Added data_stack_grow event and http-client
category. See https://doc.dovecot.org/admin_manual/list_of_events/
+ oauth2: Support RFC 7628 openid-configuration element. This allows
clients to support OAUTH2 for any server, not just a few hardcoded
servers like they do now. See openid_configuration_url setting in
dovecot-oauth2.conf.ext.
+ mysql: Single statements are no longer enclosed with BEGIN/COMMIT.
+ dovecot-sysreport --core supports multiple core files now and does
not require specifying the binary path.
+ imapc: When imap_acl plugin is loaded and imapc_features=acl is used,
IMAP ACL commands are proxied to the remote server. See
https://doc.dovecot.org/configuration_manual/mail_location/imapc/
+ dict-sql now supports the "UPSERT" syntax for SQLite and PostgreSQL.
+ imap: If IMAP client disconnects during a COPY command, the copying
is aborted, and changes are reverted. This may help to avoid many
email duplicates if client disconnects during COPY and retries it
after reconnecting.
- master process was using 100% CPU if service attempted to create more
processes due to process_min_avail, but process_limit was already
reached. v2.3.15 regression.
- Using attachment detection flags wrongly logged unnecessary "Failed
to add attachment keywords" errors. v2.3.13 regression.
- IMAP QRESYNC: Expunging UID 1 mail resulted in broken VANISHED
response, which could have confused IMAP clients. v2.3.13 regression.
- imap: STORE didn't send untagged replies for \Seen changes for
(shared) mailboxes using INDEXPVT. v2.3.10 regression.
- rawlog_dir setting would not log input that was pipelined after
authentication command.
- Fixed potential infinite looping with autoexpunging.
- Log event exporter: Truncate long fields to 1000 bytes
- LAYOUT=index: ACL inheritance didn't work when creating mailboxes
- Event filters: Unquoted '?' wildcard caused a crash at startup
- fs-metawrap: Fix to handling zero sized files
- imap-hibernate: Fixed potential crash at deinit.
- acl: dovecot-acl-list files were written for acl_ignore_namespaces
- program-client (used by Sieve extprograms, director_flush_socket)
may have missed status response from UNIX and network sockets,
resulting in unexpected failures.

___
Dovecot-news mailing list
dovecot-n...@dovecot.org
https://dovecot.org/mailman/listinfo/dovecot-news

Re: [Dovecot-news] v2.3.16 released

[Timo Sirainen]

I don't see anything wrong in git branch either:

% git clone -b release-2.3.16 https://github.com/dovecot/core.git 

% git grep fts_user_autoindex_exclude
%

% git show
commit 7e2e900c1a420006371e8a8cf9b4ddb36e69a986
Author: Timo Sirainen 
Date:   Thu Aug 5 18:25:31 2021 +0300

NEWS: Add 100% master process CPU item

I think somehow you built it from master instead of release-2.3.16.

> On 6. Aug 2021, at 16.28, Joan Moreau  wrote:
> 
> git clone -b release-2.3.16
> 
> 
> 
>  
> 
> 
> On 2021-08-06 15:07, Timo Sirainen wrote:
> 
>> On 6. Aug 2021, at 15.08, Joan Moreau > > wrote:
>>> 
>>> Below
>>> 
>>> (gdb) bt full
>>> #0 fts_user_autoindex_exclude (box=, 
>>> box@entry=0x55e0bc7e0fe8) at fts-user.c:347
>>> 
>>  
>> There is no such function in 2.3.16 release. That's only in the current git 
>> master. What did you install and from where?

Re: Dovecot GSSAPI Authentication problem

[Lucas Castro]

On 8/6/21 9:56 AM, Aki Tuomi wrote:

On 04/08/2021 19:47 Lucas Castro  wrote:

  
Hello,

I'm getting problem to setup dovecot imap/pop service authentication
through Kerberos.

Already read https://wiki.dovecot.org/Authentication/Kerberos.

My guess is kerberos is working but something goes wrong after.


Hi!

This looks like a bug indeed. Does things start working if you add

passdb {
   driver = static
   args = password=pass
}

Aki


Thanks for reply.


Another question, How can I map kerberos principal to mail users?

How can I access us...@domain1.zw.local with user0@ZW.LOCAL


When I set on mail client the user as user0, works fine. but if I set 
the user to u...@domain1.zw.local


dovecot return

"User not authorized to log in as user0"

And I don't figure out how to map the kerberos principal to mail account.

Right now, I keep the users information on ldap.

--
Lucas Castro

Re: [Dovecot-news] v2.3.16 released

[Timo Sirainen]

On 6. Aug 2021, at 15.08, Joan Moreau  wrote:
> 
> Below
> 
> (gdb) bt full
> #0 fts_user_autoindex_exclude (box=, box@entry=0x55e0bc7e0fe8) 
> at fts-user.c:347
> 

There is no such function in 2.3.16 release. That's only in the current git 
master. What did you install and from where?

Re: Dovecot GSSAPI Authentication problem

[Aki Tuomi]

> On 04/08/2021 19:47 Lucas Castro  wrote:
> 
>  
> Hello,
> I'm getting problem to setup dovecot imap/pop service authentication 
> through Kerberos.
> 
> Already read https://wiki.dovecot.org/Authentication/Kerberos.
> 
> My guess is kerberos is working but something goes wrong after.
> 

Hi!

This looks like a bug indeed. Does things start working if you add

passdb {
  driver = static
  args = password=pass
}

Aki

Re: [Dovecot-news] v2.3.16 released

[Aki Tuomi]

> On 06/08/2021 15:43 Joan Moreau  wrote:
> 
> 
> Thank you Timo
> However, this leads to
> kernel: imap[228122]: segfault at 50 ip 7f7015ee332b sp 7fffa7178740 
> error 4 in lib20_fts_plugin.so[7f7015ee1000+11000]
> Returning to 2.3.15 resolves the problem
> 
> 
> 

Can you provide `gdb bt full` output for the crash?

Aki

[Dovecot-news] Pigeonhole v0.5.16 released

[Timo Sirainen]

Hi,

Pigeonhole release for Dovecot v2.3.16.

https://pigeonhole.dovecot.org/releases/2.3/dovecot-2.3-pigeonhole-0.5.16.tar.gz
 

https://pigeonhole.dovecot.org/releases/2.3/dovecot-2.3-pigeonhole-0.5.16.tar.gz.sig
 


Binary packages in https://repo.dovecot.org/ 
Docker images in https://hub.docker.com/r/dovecot/dovecot 


 * .dovecot.sieve.log file now includes year in the header.
 * Change Sieve script result execution to delay definitive action
   execution to the end of a successful Sieve script execution session.
   This is part of an effort to solve problems with the Sieve duplicate
   test. As a side-effect, some rare temporary-error cases yield
   different results, in which partial failure is more likely.

___
Dovecot-news mailing list
Dovecot-news@dovecot.org
https://dovecot.org/mailman/listinfo/dovecot-news

Pigeonhole v0.5.16 released

[Timo Sirainen]

Hi,

Pigeonhole release for Dovecot v2.3.16.

https://pigeonhole.dovecot.org/releases/2.3/dovecot-2.3-pigeonhole-0.5.16.tar.gz
 

https://pigeonhole.dovecot.org/releases/2.3/dovecot-2.3-pigeonhole-0.5.16.tar.gz.sig
 


Binary packages in https://repo.dovecot.org/ 
Docker images in https://hub.docker.com/r/dovecot/dovecot 


 * .dovecot.sieve.log file now includes year in the header.
 * Change Sieve script result execution to delay definitive action
   execution to the end of a successful Sieve script execution session.
   This is part of an effort to solve problems with the Sieve duplicate
   test. As a side-effect, some rare temporary-error cases yield
   different results, in which partial failure is more likely.

[Dovecot-news] v2.3.16 released

[Timo Sirainen]

Hi,

One interesting thing in this release is the support for configuring OAUTH2 
openid-configuration element. It would be nice if IMAP clients started 
supporting this feature to enable OAUTH2 for all IMAP servers, not just Gmail 
and a few others. This would allow all kinds of new authentication methods for 
IMAP and improve the authentication security in general.

https://dovecot.org/releases/2.3/dovecot-2.3.16.tar.gz
https://dovecot.org/releases/2.3/dovecot-2.3.16.tar.gz.sig

Binary packages in https://repo.dovecot.org/
Docker images in https://hub.docker.com/r/dovecot/dovecot 


 * Any unexpected exit() will now result in a core dump. This can
   especially help notice problems when a Lua script causes exit(0).
 * auth-worker process is now restarted when the number of auth
   requests reaches service auth-worker { service_count }. The default
   is still unlimited.

 + Event improvements: Added data_stack_grow event and http-client
   category. See https://doc.dovecot.org/admin_manual/list_of_events/
 + oauth2: Support RFC 7628 openid-configuration element. This allows
   clients to support OAUTH2 for any server, not just a few hardcoded
   servers like they do now. See openid_configuration_url setting in
   dovecot-oauth2.conf.ext.
 + mysql: Single statements are no longer enclosed with BEGIN/COMMIT.
 + dovecot-sysreport --core supports multiple core files now and does
   not require specifying the binary path.
 + imapc: When imap_acl plugin is loaded and imapc_features=acl is used,
   IMAP ACL commands are proxied to the remote server. See
   https://doc.dovecot.org/configuration_manual/mail_location/imapc/
 + dict-sql now supports the "UPSERT" syntax for SQLite and PostgreSQL.
 + imap: If IMAP client disconnects during a COPY command, the copying
   is aborted, and changes are reverted. This may help to avoid many
   email duplicates if client disconnects during COPY and retries it
   after reconnecting.
 - master process was using 100% CPU if service attempted to create more
   processes due to process_min_avail, but process_limit was already
   reached. v2.3.15 regression.
 - Using attachment detection flags wrongly logged unnecessary "Failed
   to add attachment keywords" errors. v2.3.13 regression.
 - IMAP QRESYNC: Expunging UID 1 mail resulted in broken VANISHED
   response, which could have confused IMAP clients. v2.3.13 regression.
 - imap: STORE didn't send untagged replies for \Seen changes for
   (shared) mailboxes using INDEXPVT. v2.3.10 regression.
 - rawlog_dir setting would not log input that was pipelined after
   authentication command.
 - Fixed potential infinite looping with autoexpunging.
 - Log event exporter: Truncate long fields to 1000 bytes
 - LAYOUT=index: ACL inheritance didn't work when creating mailboxes
 - Event filters: Unquoted '?' wildcard caused a crash at startup
 - fs-metawrap: Fix to handling zero sized files
 - imap-hibernate: Fixed potential crash at deinit.
 - acl: dovecot-acl-list files were written for acl_ignore_namespaces
 - program-client (used by Sieve extprograms, director_flush_socket)
   may have missed status response from UNIX and network sockets,
   resulting in unexpected failures.

___
Dovecot-news mailing list
Dovecot-news@dovecot.org
https://dovecot.org/mailman/listinfo/dovecot-news

v2.3.16 released

[Timo Sirainen]

Hi,

One interesting thing in this release is the support for configuring OAUTH2 
openid-configuration element. It would be nice if IMAP clients started 
supporting this feature to enable OAUTH2 for all IMAP servers, not just Gmail 
and a few others. This would allow all kinds of new authentication methods for 
IMAP and improve the authentication security in general.

https://dovecot.org/releases/2.3/dovecot-2.3.16.tar.gz
https://dovecot.org/releases/2.3/dovecot-2.3.16.tar.gz.sig

Binary packages in https://repo.dovecot.org/
Docker images in https://hub.docker.com/r/dovecot/dovecot 


 * Any unexpected exit() will now result in a core dump. This can
   especially help notice problems when a Lua script causes exit(0).
 * auth-worker process is now restarted when the number of auth
   requests reaches service auth-worker { service_count }. The default
   is still unlimited.

 + Event improvements: Added data_stack_grow event and http-client
   category. See https://doc.dovecot.org/admin_manual/list_of_events/
 + oauth2: Support RFC 7628 openid-configuration element. This allows
   clients to support OAUTH2 for any server, not just a few hardcoded
   servers like they do now. See openid_configuration_url setting in
   dovecot-oauth2.conf.ext.
 + mysql: Single statements are no longer enclosed with BEGIN/COMMIT.
 + dovecot-sysreport --core supports multiple core files now and does
   not require specifying the binary path.
 + imapc: When imap_acl plugin is loaded and imapc_features=acl is used,
   IMAP ACL commands are proxied to the remote server. See
   https://doc.dovecot.org/configuration_manual/mail_location/imapc/
 + dict-sql now supports the "UPSERT" syntax for SQLite and PostgreSQL.
 + imap: If IMAP client disconnects during a COPY command, the copying
   is aborted, and changes are reverted. This may help to avoid many
   email duplicates if client disconnects during COPY and retries it
   after reconnecting.
 - master process was using 100% CPU if service attempted to create more
   processes due to process_min_avail, but process_limit was already
   reached. v2.3.15 regression.
 - Using attachment detection flags wrongly logged unnecessary "Failed
   to add attachment keywords" errors. v2.3.13 regression.
 - IMAP QRESYNC: Expunging UID 1 mail resulted in broken VANISHED
   response, which could have confused IMAP clients. v2.3.13 regression.
 - imap: STORE didn't send untagged replies for \Seen changes for
   (shared) mailboxes using INDEXPVT. v2.3.10 regression.
 - rawlog_dir setting would not log input that was pipelined after
   authentication command.
 - Fixed potential infinite looping with autoexpunging.
 - Log event exporter: Truncate long fields to 1000 bytes
 - LAYOUT=index: ACL inheritance didn't work when creating mailboxes
 - Event filters: Unquoted '?' wildcard caused a crash at startup
 - fs-metawrap: Fix to handling zero sized files
 - imap-hibernate: Fixed potential crash at deinit.
 - acl: dovecot-acl-list files were written for acl_ignore_namespaces
 - program-client (used by Sieve extprograms, director_flush_socket)
   may have missed status response from UNIX and network sockets,
   resulting in unexpected failures.