search for: wolthuis

Hello, we're running RC2 and seeing a problem with the way SSL certs are handled by Dovecot. We've set ssl_verify_client_cert=yes and ssl_require_valid_client_cert=no. Using this setup we get (rather interesting) log entries like these: Jul 31 11:21:23 dev dovecot: imap-login: Invalid certificate: <user cert> Jul 31 11:21:23 dev dovecot: imap-login: Invalid certificate: <CA

Today I've been trying to get dovecot (1.0 rc2) to use certificates for client side authentication. If my memory serves right, beta8 had no problems with it (although it was some time ago and on different machine). Similar setup works perfectly well for postfix (for authentication that is, on the same machine). Originally I thought I overdid some certificate settings (keyUsage, nsCertType,

...DAP: Added support for SASL binding. Patch by Geert Jansen + ssl_verify_client_cert: Check CRLs. If auth_verbose=yes, log invalid sent certificates. If verbose_ssl=yes, log even the valid certificates. When using the username from the certificate, use CommonName. Based on patch by HenkJan Wolthuis + PAM: Set PAM_TTY which is needed by some PAM plugins + dovecot --exec-mail ext <binary path> can now be used to start binaries which want dovecot.conf to be read, for example the convert-tool. - Expunging needed to be done twice if client used STORE +FLAGS.SILENT command to set...

...DAP: Added support for SASL binding. Patch by Geert Jansen + ssl_verify_client_cert: Check CRLs. If auth_verbose=yes, log invalid sent certificates. If verbose_ssl=yes, log even the valid certificates. When using the username from the certificate, use CommonName. Based on patch by HenkJan Wolthuis + PAM: Set PAM_TTY which is needed by some PAM plugins + dovecot --exec-mail ext <binary path> can now be used to start binaries which want dovecot.conf to be read, for example the convert-tool. - Expunging needed to be done twice if client used STORE +FLAGS.SILENT command to set...

...re?? d) i've no experience with programming openssl or dovecot e) i haven't programmed in C for at least 8 years...... does anyone here have more issues, corrections, comments on the patch? can/should this functionality be implemented in dovecot? (conf-file option?) -- groeten, HenkJan Wolthuis -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: patch.txt URL: <http://dovecot.org/pipermail/dovecot/attachments/20060511/355a1b07/attachment.txt>

Hi, I'm testing/using dovecot as imap proxy, passdb/userdb as passwd-like-file. It seems to function as expected (1). This setup is described in the wiki in AuthSpecials. But I also noticed in the documentation (ImapProxy / FeatLoginProxy pages) that the proxy feature only works with a sql passdb. Maybe I did something strange, but passwd-like-passdb does work..... So I have some

Hi, I just started running RC2 on Thursday. I migrated an old Courier IMAP server, and the only issue I had was that I didn't understand how to enable quotas :) It's impressively fast, and I'm quite happy with it so far. This morning I found that dovecot had crashed, I had exceeded FreeBSD's kern.maxpipekva Has anyone successfully run dovecot under daemontools? I got it to

Skipped content of type multipart/alternative-------------- next part -------------- --- ssl-proxy-openssl.c.orig 2006-04-04 10:32:58.000000000 +0200 +++ ssl-proxy-openssl.c 2006-06-01 09:24:57.000000000 +0200 @@ -498,7 +498,7 @@ const char *ssl_proxy_get_peer_name(struct ssl_proxy *proxy) { X509 *x509; - char buf[1024]; + char buf[256]; const char *name; if

Hello! This is my first time trying to run dovecot so maybe I've overlooked something, but I'm having a hard time running dovecot. First of all, it's worth noting that I'm trying to run dovecot on an embedded platform: the target architecture is mipsel; I have patches for the 2.4.18 kernel with special support for the board so I'm still using the 2.4.18 kernel. My C library