On 7.8.2019 11.51, James via dovecot wrote:
On 06/08/2019 06:46, Aki Tuomi via dovecot wrote:
On 2.8.2019 13.45, James via dovecot wrote:
My auth process is dumping core. This happens several times per day
...
There is an easy fix for this, attached.
Patch applied; no core dump in 24 hours.
This appears to have fixed the problem. I found that it crashed when the policy server responded too quickly. As the before and after auth command=allow request are the same I cache the first, leading to a fast second response. Removing the cache (nginx proxy_cache ...) must change the timings and circumvented the crash. Why use both check before and after auth? roundcube webmail reports an error with only auth_policy_check_before_auth. I cannot see why. The simple and lazy solution is to use double auth_policy_check_!
Thank you Aki for looking at this and finding a solution so quickly.
The double-check is for places which want to implement something like COS or want to perform validations in policy server *after* we know the user identity. The first check is done before we even know if the user or the credential(s) are valid.
Aki