Displaying 11 results from an estimated 11 matches for "henkjan".
2006 Jul 31
2
Dovecot and SSL certificates
Hello,
we're running RC2 and seeing a problem with the way SSL certs
are handled by Dovecot.
We've set ssl_verify_client_cert=yes and ssl_require_valid_client_cert=no.
Using this setup we get (rather interesting) log entries like these:
Jul 31 11:21:23 dev dovecot: imap-login: Invalid certificate: <user cert>
Jul 31 11:21:23 dev dovecot: imap-login: Invalid certificate: <CA
2006 May 24
1
imap proxy and passwd-like passdb/userdb
...db does work.....
So I have some questions: Is the documentation wrong? Is the
documentation right? ;-) Are there reasons not to use dovecot this way
(other than scalability / maintainability)? Are there bugs I've not yet
seen? (am I the only one using dovecot this way?)
thanks-in-advance,
HenkJan
1) i'm proxying to a courier backend, had to modify dovecots
capability_string, because the emailclient gets the capabilities from
dovecot, while it uses the proxied server (=courier). Had some strange
errors with append, as courier doesn't support Literal+, modifying
dovecot so that i...
2006 Jul 07
2
Authentication by certificats (a bug or my misconfiguration)
Today I've been trying to get dovecot (1.0 rc2) to use certificates
for client side authentication. If my memory serves right, beta8
had no problems with it (although it was some time ago and on different
machine).
Similar setup works perfectly well for postfix (for authentication
that is, on the same machine). Originally I thought I overdid some
certificate settings (keyUsage, nsCertType,
2006 Jun 13
5
1.0.beta9 released
...in.
+ LDAP: Added support for SASL binding. Patch by Geert Jansen
+ ssl_verify_client_cert: Check CRLs. If auth_verbose=yes, log
invalid sent certificates. If verbose_ssl=yes, log even the valid
certificates. When using the username from the certificate, use
CommonName. Based on patch by HenkJan Wolthuis
+ PAM: Set PAM_TTY which is needed by some PAM plugins
+ dovecot --exec-mail ext <binary path> can now be used to start
binaries which want dovecot.conf to be read, for example the
convert-tool.
- Expunging needed to be done twice if client used STORE +FLAGS.SILENT
comman...
2006 Jun 13
5
1.0.beta9 released
...in.
+ LDAP: Added support for SASL binding. Patch by Geert Jansen
+ ssl_verify_client_cert: Check CRLs. If auth_verbose=yes, log
invalid sent certificates. If verbose_ssl=yes, log even the valid
certificates. When using the username from the certificate, use
CommonName. Based on patch by HenkJan Wolthuis
+ PAM: Set PAM_TTY which is needed by some PAM plugins
+ dovecot --exec-mail ext <binary path> can now be used to start
binaries which want dovecot.conf to be read, for example the
convert-tool.
- Expunging needed to be done twice if client used STORE +FLAGS.SILENT
comman...
2007 Sep 13
2
Proxy problems with 1.0.5 !
Hi
I am trying to do a staged migration over to dovecot, but having
troubles at the first hurdle. I setup the proxy feature to redirect
most of our users back to the current Courier imap/pop server, and it's
partly working, but I'm getting some serious errors using Thunderbird
and IMAP.
Now, I had expected the proxying to be fairly transparent and basically
just dovecot doing an
2006 May 11
0
mandatory client certificates and crl check in ssl-proxy-openssl.c
...it secure??
d) i've no experience with programming openssl or dovecot
e) i haven't programmed in C for at least 8 years......
does anyone here have more issues, corrections, comments on the patch?
can/should this functionality be implemented in dovecot? (conf-file option?)
--
groeten,
HenkJan Wolthuis
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: patch.txt
URL: <http://dovecot.org/pipermail/dovecot/attachments/20060511/355a1b07/attachment.txt>
2006 Aug 03
2
daemontools
Hi,
I just started running RC2 on Thursday. I migrated an old Courier IMAP
server, and the only issue I had was that I didn't understand how to
enable quotas :)
It's impressively fast, and I'm quite happy with it so far.
This morning I found that dovecot had crashed, I had exceeded FreeBSD's
kern.maxpipekva
Has anyone successfully run dovecot under daemontools? I got it to
2006 Jun 01
1
ssl-proxy: client certificates and crl check
Skipped content of type multipart/alternative-------------- next part --------------
--- ssl-proxy-openssl.c.orig 2006-04-04 10:32:58.000000000 +0200
+++ ssl-proxy-openssl.c 2006-06-01 09:24:57.000000000 +0200
@@ -498,7 +498,7 @@
const char *ssl_proxy_get_peer_name(struct ssl_proxy *proxy)
{
X509 *x509;
- char buf[1024];
+ char buf[256];
const char *name;
if
2006 Sep 06
3
dovecot ignoring config file contents -- istream.c problem?
Hello!
This is my first time trying to run dovecot so maybe I've overlooked
something, but I'm having a hard time running dovecot.
First of all, it's worth noting that I'm trying to run dovecot on an
embedded platform: the target architecture is mipsel; I have patches
for the 2.4.18 kernel with special support for the board so I'm still
using the 2.4.18 kernel. My C library
2006 May 18
8
Busy, again
Just a note to people if you're wondering why I'm not replying to most
of my mails:
I'm trying to get into university to start stydying cellular biology (so
I'm applying to biochemistry and biotechnology). Their entrance exams
are next wednesday, so I'm trying to use most of my time left to study
for them (and also do some work..). I don't know much about the subject,
so I