http://dovecot.org/releases/2.0/dovecot-2.0.13.tar.gz http://dovecot.org/releases/2.0/dovecot-2.0.13.tar.gz.sig I've almost managed to read my email backlog, but there are still some unanswered mails. Feel free to resend if you think I should have answered some of your mails. The most important changes since v2.0.12: + Added "doveadm index" command to add unindexed messages into index/cache. If full text search is enabled, it also adds unindexed messages to the fts database. + added "doveadm director dump" command. + pop3: Added support for showing messages in "POP3 order", which can be different from IMAP message order. This can be useful for migrations from other servers. Implemented it for Maildir as 'O' field in dovecot-uidlist. - doveconf: Fixed a wrong "subsection has ssl=yes" warning. - mdbox purge: Fixed wrong warning about corrupted extrefs. - sdbox: INBOX GUID changed when INBOX was autocreated, leading to trouble with dsync. - script-login binary wasn't actually dropping privileges to the user/group/chroot specified by its service settings. - Fixed potential crashes and other problems when parsing header names that contained NUL characters.
On Wed, 11 May 2011 18:52:21 +0300 Timo Sirainen wrote: [ ... ]> - script-login binary wasn't actually dropping privileges to the > user/group/chroot specified by its service settings.This version gives problems with my post-login script to track last usage, which works perfect with 2.0.12. Error messages: May 11 20:38:53 seymour dovecot: master: Dovecot v2.0.13 starting up (core dumps disabled) May 11 20:39:01 seymour dovecot: imap-login: Login: frank, 192.168.28.53, TLS May 11 20:39:01 seymour dovecot: imap-postlogin: Error: script-login: Error: user frank: Error reading configuration: net_connect_unix(/var/run/dovecot/config) failed: Permission denied May 11 20:39:01 seymour dovecot: imap-postlogin: Error: script-login: Fatal: Internal error occurred. Refer to server log for more information. May 11 20:39:01 seymour dovecot: log: Error: service(imap-postlogin): child 8651 returned error 89 (Fatal failure) May 11 20:39:01 seymour dovecot: imap(frank): Post-login script denied access to user frank # 2.0.12: /usr/local/dovecot/etc/dovecot/dovecot.conf # OS: Linux 2.6.35.13-91.fc14.i686.PAE i686 Fedora release 14 (Laughlin) ext3 disable_plaintext_auth = no first_valid_uid = 200 last_valid_uid = 65534 listen = * login_greeting = c64.shuttle.de - IMAPs Service ready. login_log_format_elements = %u %r %c mail_location = maildir:/var/spool/mail/%u:INDEX=MEMORY mail_log_prefix = "%Us(%u,%r): " mail_plugins = " notify quota" passdb { args = dovecot driver = pam } plugin { mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename flag_change append mail_log_fields = uid box from subject msgid size flags mail_log_group_events = yes quota = maildir:User quota quota_rule = *:storage=2G quota_rule2 = Trash:storage=+100M } protocols = imap service auth { unix_listener auth-client { group = exim mode = 0660 user = exim } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } process_min_avail = 3 } service imap-postlogin { executable = script-login /usr/dovecot/bin/imap-post-login user = dovecot } service imap { executable = imap imap-postlogin } ssl_cert = </usr/local/etc/c64.shuttle.de.CRT ssl_cipher_list = ALL:!LOW:!SSLv2 ssl_key = </usr/local/etc/c64.shuttle.de-dovecot.KEY userdb { driver = passwd } verbose_proctitle = yes protocol imap { imap_client_workarounds = delay-newmail tb-extra-mailbox-sep tb-lsub-flags imap_logout_format = [%i/%o] mail_plugins = " notify quota mail_log quota imap_quota listescape" } Procedure "/usr/dovecot/bin/imap-post-login" simply writes a datestamp to a file with owner "frank". Any pointer to solution welcome. --Frank Elsner
Compiling dovecot-2.0.13 on OS X emits these warnings: user-directory.c: In function user_directory_add: user-directory.c:79: warning: comparison between signed and unsigned user-directory.c:84: warning: comparison between signed and unsigned Casting the left hand sides of the comparisons to time_t, as you do in other places, silences them: --- a/src/director/user-directory.c 2011-05-11 09:35:21.000000000 -0500 +++ b/src/director/user-directory.c 2011-05-11 16:55:45.000000000 -0500 @@ -76,12 +76,12 @@ user->host->user_count++; user->timestamp = timestamp; - if (dir->tail == NULL || dir->tail->timestamp <= timestamp) + if (dir->tail == NULL || (time_t) dir->tail->timestamp <= timestamp) DLLIST2_APPEND(&dir->head, &dir->tail, user); else { /* need to insert to correct position */ for (pos = dir->tail; pos != NULL; pos = pos->prev) { - if (pos->timestamp <= timestamp) + if ((time_t) pos->timestamp <= timestamp) break; } if (pos == NULL)
rsync not active? or now protected to mirrors? On Wed, 2011-05-11 at 18:52 +0300, Timo Sirainen wrote:> http://dovecot.org/releases/2.0/dovecot-2.0.13.tar.gz > http://dovecot.org/releases/2.0/dovecot-2.0.13.tar.gz.sig > > I've almost managed to read my email backlog, but there are still some > unanswered mails. Feel free to resend if you think I should have > answered some of your mails. > > The most important changes since v2.0.12: > > + Added "doveadm index" command to add unindexed messages into > index/cache. If full text search is enabled, it also adds unindexed > messages to the fts database. > + added "doveadm director dump" command. > + pop3: Added support for showing messages in "POP3 order", which can > be different from IMAP message order. This can be useful for > migrations from other servers. Implemented it for Maildir as 'O' > field in dovecot-uidlist. > - doveconf: Fixed a wrong "subsection has ssl=yes" warning. > - mdbox purge: Fixed wrong warning about corrupted extrefs. > - sdbox: INBOX GUID changed when INBOX was autocreated, leading to > trouble with dsync. > - script-login binary wasn't actually dropping privileges to the > user/group/chroot specified by its service settings. > - Fixed potential crashes and other problems when parsing header names > that contained NUL characters. > > > _______________________________________________ > Dovecot-news mailing list > Dovecot-news at dovecot.org > http://dovecot.org/cgi-bin/mailman/listinfo/dovecot-news-------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: This is a digitally signed message part URL: <http://dovecot.org/pipermail/dovecot/attachments/20110513/a64739a6/attachment-0002.bin>
Specifics of what you're talking about? (Yeah, I may have screwed up something, but currently I'm a bit too busy/lazy to find out what.) On 13.5.2011, at 2.39, Noel Butler wrote:> rsync not active? or now protected to mirrors? > > > > On Wed, 2011-05-11 at 18:52 +0300, Timo Sirainen wrote: > >> http://dovecot.org/releases/2.0/dovecot-2.0.13.tar.gz >> http://dovecot.org/releases/2.0/dovecot-2.0.13.tar.gz.sig >> >> I've almost managed to read my email backlog, but there are still some >> unanswered mails. Feel free to resend if you think I should have >> answered some of your mails. >> >> The most important changes since v2.0.12: >> >> + Added "doveadm index" command to add unindexed messages into >> index/cache. If full text search is enabled, it also adds unindexed >> messages to the fts database. >> + added "doveadm director dump" command. >> + pop3: Added support for showing messages in "POP3 order", which can >> be different from IMAP message order. This can be useful for >> migrations from other servers. Implemented it for Maildir as 'O' >> field in dovecot-uidlist. >> - doveconf: Fixed a wrong "subsection has ssl=yes" warning. >> - mdbox purge: Fixed wrong warning about corrupted extrefs. >> - sdbox: INBOX GUID changed when INBOX was autocreated, leading to >> trouble with dsync. >> - script-login binary wasn't actually dropping privileges to the >> user/group/chroot specified by its service settings. >> - Fixed potential crashes and other problems when parsing header names >> that contained NUL characters. >> >> >> _______________________________________________ >> Dovecot-news mailing list >> Dovecot-news at dovecot.org >> http://dovecot.org/cgi-bin/mailman/listinfo/dovecot-news > >
On Wed, May 11, 2011 at 06:52:21PM +0300, Timo Sirainen wrote:> http://dovecot.org/releases/2.0/dovecot-2.0.13.tar.gz > http://dovecot.org/releases/2.0/dovecot-2.0.13.tar.gz.sig > > I've almost managed to read my email backlog, but there are still some > unanswered mails. Feel free to resend if you think I should have > answered some of your mails. > > The most important changes since v2.0.12: > > + Added "doveadm index" command to add unindexed messages into > index/cache. If full text search is enabled, it also adds unindexed > messages to the fts database. > + added "doveadm director dump" command. > + pop3: Added support for showing messages in "POP3 order", which can > be different from IMAP message order. This can be useful for > migrations from other servers. Implemented it for Maildir as 'O' > field in dovecot-uidlist. > - doveconf: Fixed a wrong "subsection has ssl=yes" warning. > - mdbox purge: Fixed wrong warning about corrupted extrefs. > - sdbox: INBOX GUID changed when INBOX was autocreated, leading to > trouble with dsync. > - script-login binary wasn't actually dropping privileges to the > user/group/chroot specified by its service settings. > - Fixed potential crashes and other problems when parsing header names > that contained NUL characters.Should this get CVE-identifier? I can request it. Best regards, Henri Salo
On Wed, May 11, 2011 at 06:52:21PM +0300, Timo Sirainen wrote:> http://dovecot.org/releases/2.0/dovecot-2.0.13.tar.gz > http://dovecot.org/releases/2.0/dovecot-2.0.13.tar.gz.sig > > I've almost managed to read my email backlog, but there are still some > unanswered mails. Feel free to resend if you think I should have > answered some of your mails. > > The most important changes since v2.0.12: > > + Added "doveadm index" command to add unindexed messages into > index/cache. If full text search is enabled, it also adds unindexed > messages to the fts database. > + added "doveadm director dump" command. > + pop3: Added support for showing messages in "POP3 order", which can > be different from IMAP message order. This can be useful for > migrations from other servers. Implemented it for Maildir as 'O' > field in dovecot-uidlist. > - doveconf: Fixed a wrong "subsection has ssl=yes" warning. > - mdbox purge: Fixed wrong warning about corrupted extrefs. > - sdbox: INBOX GUID changed when INBOX was autocreated, leading to > trouble with dsync. > - script-login binary wasn't actually dropping privileges to the > user/group/chroot specified by its service settings. > - Fixed potential crashes and other problems when parsing header names > that contained NUL characters.Header NUL problem got assigned CVE-2011-1929. Best regards, Henri Salo
After configure and compiling dovecot-2.0.13, running "make check" fails on a few tests on sparc/solaris net_is_in_network(0) ................................................. : ok net_is_in_network(1) ................................................. : ok net_is_in_network(2) ................................................. : ok net_is_in_network(3) ................................................. : ok net_is_in_network(4) ................................................. : ok net_is_in_network(5) ................................................. : ok net_is_in_network(6) ................................................. : ok net_is_in_network(7) ................................................. : ok net_is_in_network(8) ................................................. : ok net_is_in_network(9) ................................................. : ok net_is_in_network(10) ................................................ : ok net_is_in_network(11) ................................................ : FAILED net_is_in_network(12) ................................................ : FAILED net_is_in_network(13) ................................................ : ok net_is_in_network(14) ................................................ : ok net_is_in_network(15) ................................................ : ok net_is_in_network(16) ................................................ : ok The failing tests are for { "255.255.255.255", "128.0.0.0", 1, TRUE }, { "255.255.255.255", "127.0.0.0", 1, FALSE } src/lib/network.c src/lib/test-network