Crashing when run against OpenSSL 1.1.0c

[Aki Tuomi]

> On November 15, 2016 at 7:42 PM Adrian POPA <adrianp at aageneral.ro> wrote:
> 
> 
> Hi
> 
> You can't think how glad I am that SSL issues rise again in a new Dovecot 
> version with next Ubuntu release with a new OpenSSL library.
> Some days ago I have posted something similar about Ubuntu 14.04 - Dovecot 
> 2.2.9 - OpenSSL 1.0 (Dovecot processes turning zombie) but noone cared 
> about.
> I still think is somehow related to ssl-param process + config + auth + 
> ...whatever (all of them "ignoring idle SIGINT")
> 

Well, 2.2.9 is pretty old. It was released almost 4 years ago.

> If Dovecot SSL implementation is so dependant of a certain version of a 
> library (OpenSSL for example) you should consider saving a copy of the 
> "known-good" library version somewhere in Dovecot private space and use it 
> without relaing on generic system upgrades.
> 

OpenSSL has breaking API changes between 1.0.0, 1.0.1, 1.0.2 and 1.1.0.

> Don't get me wrong: I love Dovecot as IMAP server and local delivery agent. 
> But public interface is unreliable, authentication too, so for now I am 
> using Dovecot as an isolated server in localhost and attach other public 
> interfaces to it. Even so, delivery agent LDA is still trying to 
> authenticate and complains about null passwords (what?). I have destination 
> addresses that should go to a shared mailbox and that user at domain is never 
> allowed to login. The workaround is to set an "impossible" password for 
> those but this is not a nice solution. LDA should care only about what 
> counts for him (maybe using some defaults) and leave everything else for the 
> "big boys".
> 

Perhaps you could post your doveconf -n to some new thread along with some explanation of your setup and problem you are trying to solve.

> Sorry for any inconvenience,
> Adrian POPA
> 
> 

---
Aki Tuomi
Dovecot oy