http://dovecot.org/releases/2.2/dovecot-2.2.26.tar.gz http://dovecot.org/releases/2.2/dovecot-2.2.26.tar.gz.sig
There were some changes since rc1: https://github.com/dovecot/core/commit/54d654098032d96975b70749b505fae538e97... Mainly there are quite a lot of director fixes and improvements.
Here's the full list of changes:
- master: Removed hardcoded 511 backlog limit for listen(). The kernel should limit this as needed.
- doveadm import: Source user is now initialized the same as target user. Added -U parameter to override the source user.
- Mailbox names are no longer limited to 16 hierarchy levels. We'll check another way to make sure mailbox names can't grow larger than 4096 bytes.
- Added a concept of "alternative usernames" by returning user_* extra field(s) in passdb. doveadm proxy list shows these alt usernames in "doveadm proxy list" output. "doveadm director&proxy kick" adds -f <passdb field> parameter. The alt usernames don't have to be unique, so this allows creation of user groups and kicking them in one command.
- auth: passdb/userdb dict allows now %variables in key settings.
- auth: If passdb returns noauthenticate=yes extra field, assume that it only set extra fields and authentication wasn't actually performed.
- auth: passdb static now supports password={scheme} prefix.
- auth, login_log_format_elements: Added %{local_name} variable, which expands to TLS SNI hostname if given.
- imapc: Added imapc_max_line_length to limit maximum memory usage.
- imap, pop3: Added rawlog_dir setting to store IMAP/POP3 traffic logs. This replaces at least partially the rawlog plugin.
- dsync: Added dsync_features=empty-header-workaround setting. This makes incremental dsyncs work better for servers that randomly return empty headers for mails. When an empty header is seen for an existing mail, dsync assumes that it matches the local mail.
- doveadm sync/backup: Added -I <max size> parameter to skip too large mails.
- doveadm sync/backup: Fixed -t parameter and added -e for "end date".
- doveadm mailbox metadata: Added -s parameter to allow accessing server metadata by using empty mailbox name.
- Added "doveadm service status" and "doveadm process status" commands.
- director: Added director_flush_socket. See http://wiki2.dovecot.org/Director#Flush_socket
- doveadm director flush: Users are now moved only max 100 at a time to avoid load spikes. --max-parallel parameter overrides this.
- Added FILE_LOCK_SLOW_WARNING_MSECS environment, which logs a warning if any lock is waited on or kept for this many milliseconds.
- master process's listener socket was leaked to all child processes. This might have allowed untrusted processes to capture and prevent "doveadm service stop" comands from working.
- login proxy: Fixed crash when outgoing SSL connections were hanging.
- auth: userdb fields weren't passed to auth-workers, so %{userdb:*} from previous userdbs didn't work there.
- auth: Each userdb lookup from cache reset its TTL.
- auth: Fixed auth_bind=yes + sasl_bind=yes to work together
- auth: Blocking userdb lookups reset extra fields set by previous userdbs.
- auth: Cache keys didn't include %{passdb:*} and %{userdb:*}
- auth-policy: Fixed crash due to using already-freed memory if policy lookup takes longer than auth request exists.
- lib-auth: Unescape passdb/userdb extra fields. Mainly affected returning extra fields with LFs or TABs.
- lmtp_user_concurrency_limit>0 setting was logging unnecessary anvil errors.
- lmtp_user_concurrency_limit is now checked before quota check with lmtp_rcpt_check_quota=yes to avoid unnecessary quota work.
- lmtp: %{userdb:*} variables didn't work in mail_log_prefix
- autoexpunge settings for mailboxes with wildcards didn't work when namespace prefix was non-empty.
- Fixed writing >2GB to iostream-temp files (used by fs-compress, fs-metawrap, doveadm-http)
- director: Ignore duplicates in director_servers setting.
- director: Many fixes related to connection handshaking, user moving and error handling.
- director: Don't break with shutdown_clients=no
- zlib, IMAP BINARY: Fixed internal caching when accessing multiple newly created mails. They all had UID=0 and the next mail could have wrongly used the previously cached mail.
- doveadm stats reset wasn't reseting all the stats.
- auth_stats=yes: Don't update num_logins, since it doubles them when using with mail stats.
- quota count: Fixed deadlocks when updating vsize header.
- dict-quota: Fixed crashes happening due to memory corruption.
- dict proxy: Fixed various timeout-related bugs.
- doveadm proxying: Fixed -A and -u wildcard handling.
- doveadm proxying: Fixed hangs and bugs related to printing.
- imap: Fixed wrongly triggering assert-crash in client_check_command_hangs.
- imap proxy: Don't send ID command pipelined with nopipelining=yes
- imap-hibernate: Don't execute quota_over_script or last_login after un-hibernation.
- imap-hibernate: Don't un-hibernate if client sends DONE+IDLE in one IP packet.
- imap-hibernate: Fixed various failures when un-hibernating.
- fts: fts_autoindex=yes was broken in 2.2.25 unless fts_autoindex_exclude settings existed.
- fts-solr: Fixed searching multiple mailboxes (patch by x16a0)
- doveadm fetch body.snippet wasn't working in 2.2.25. Also fixed a crash with certain emails.
- pop3-migration + dbox: Various fixes related to POP3 UIDL optimization in 2.2.25.
- pop3-migration: Fixed "truncated email header" workaround.
On Thursday 27 of October 2016, Timo Sirainen wrote:
http://dovecot.org/releases/2.2/dovecot-2.2.26.tar.gz http://dovecot.org/releases/2.2/dovecot-2.2.26.tar.gz.sig
Please merge to 2.2 branch this fix. I'm hitting that problem on 2.2.25:
From 6c969ac21a43cc10ee1f1a91a4f39e4864c886cb Mon Sep 17 00:00:00 2001 From: Aki Tuomi <aki.tuomi@dovecot.fi> Date: Fri, 15 Jul 2016 11:31:25 +0300 Subject: [PATCH] auth: Remove i_assert for credentials scheme
src/auth/auth-request.c | 2 -- 1 file changed, 2 deletions(-)
-- Arkadiusz Miśkiewicz, arekm / ( maven.pl | pld-linux.org )
On 27.10.2016 16:39, Arkadiusz Miśkiewicz wrote:
On Thursday 27 of October 2016, Timo Sirainen wrote:
http://dovecot.org/releases/2.2/dovecot-2.2.26.tar.gz http://dovecot.org/releases/2.2/dovecot-2.2.26.tar.gz.sig Please merge to 2.2 branch this fix. I'm hitting that problem on 2.2.25:
From 6c969ac21a43cc10ee1f1a91a4f39e4864c886cb Mon Sep 17 00:00:00 2001 From: Aki Tuomi <aki.tuomi@dovecot.fi> Date: Fri, 15 Jul 2016 11:31:25 +0300 Subject: [PATCH] auth: Remove i_assert for credentials scheme
src/auth/auth-request.c | 2 -- 1 file changed, 2 deletions(-)
That fix is included in 2.2.26.
Aki
was the fix for kqueue() EINVAL's in 2.2.26 as well?
On Thu, Oct 27, 2016 at 10:24 AM, Aki Tuomi <aki.tuomi@dovecot.fi> wrote:
On 27.10.2016 16:39, Arkadiusz Miśkiewicz wrote:
On Thursday 27 of October 2016, Timo Sirainen wrote:
http://dovecot.org/releases/2.2/dovecot-2.2.26.tar.gz http://dovecot.org/releases/2.2/dovecot-2.2.26.tar.gz.sig
Please merge to 2.2 branch this fix. I'm hitting that problem on 2.2.25:
From 6c969ac21a43cc10ee1f1a91a4f39e4864c886cb Mon Sep 17 00:00:00 2001 From: Aki Tuomi <aki.tuomi@dovecot.fi> Date: Fri, 15 Jul 2016 11:31:25 +0300 Subject: [PATCH] auth: Remove i_assert for credentials scheme
src/auth/auth-request.c | 2 -- 1 file changed, 2 deletions(-)
That fix is included in 2.2.26.
Aki
-- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx@gmail.com US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281
Yes.
Aki
On 27.10.2016 18:38, Larry Rosenman wrote:
was the fix for kqueue() EINVAL's in 2.2.26 as well?
On Thu, Oct 27, 2016 at 10:24 AM, Aki Tuomi <aki.tuomi@dovecot.fi> wrote:
On 27.10.2016 16:39, Arkadiusz Miśkiewicz wrote:
On Thursday 27 of October 2016, Timo Sirainen wrote:
http://dovecot.org/releases/2.2/dovecot-2.2.26.tar.gz http://dovecot.org/releases/2.2/dovecot-2.2.26.tar.gz.sig
Please merge to 2.2 branch this fix. I'm hitting that problem on 2.2.25:
From 6c969ac21a43cc10ee1f1a91a4f39e4864c886cb Mon Sep 17 00:00:00 2001 From: Aki Tuomi <aki.tuomi@dovecot.fi> Date: Fri, 15 Jul 2016 11:31:25 +0300 Subject: [PATCH] auth: Remove i_assert for credentials scheme
src/auth/auth-request.c | 2 -- 1 file changed, 2 deletions(-)
That fix is included in 2.2.26.
Aki
On Thursday 27 of October 2016, Aki Tuomi wrote:
On 27.10.2016 16:39, Arkadiusz Miśkiewicz wrote:
On Thursday 27 of October 2016, Timo Sirainen wrote:
http://dovecot.org/releases/2.2/dovecot-2.2.26.tar.gz http://dovecot.org/releases/2.2/dovecot-2.2.26.tar.gz.sig
Please merge to 2.2 branch this fix. I'm hitting that problem on 2.2.25: From 6c969ac21a43cc10ee1f1a91a4f39e4864c886cb Mon Sep 17 00:00:00 2001
From: Aki Tuomi <aki.tuomi@dovecot.fi> Date: Fri, 15 Jul 2016 11:31:25 +0300 Subject: [PATCH] auth: Remove i_assert for credentials scheme
src/auth/auth-request.c | 2 -- 1 file changed, 2 deletions(-)
That fix is included in 2.2.26.
Are you sure? I don't see it there.
Aki
-- Arkadiusz Miśkiewicz, arekm / ( maven.pl | pld-linux.org )
On 27.10.2016 19:31, Arkadiusz Miśkiewicz wrote:
On Thursday 27 of October 2016, Aki Tuomi wrote:
On 27.10.2016 16:39, Arkadiusz Miśkiewicz wrote:
On Thursday 27 of October 2016, Timo Sirainen wrote:
http://dovecot.org/releases/2.2/dovecot-2.2.26.tar.gz http://dovecot.org/releases/2.2/dovecot-2.2.26.tar.gz.sig Please merge to 2.2 branch this fix. I'm hitting that problem on 2.2.25: From 6c969ac21a43cc10ee1f1a91a4f39e4864c886cb Mon Sep 17 00:00:00 2001
From: Aki Tuomi <aki.tuomi@dovecot.fi> Date: Fri, 15 Jul 2016 11:31:25 +0300 Subject: [PATCH] auth: Remove i_assert for credentials scheme
src/auth/auth-request.c | 2 -- 1 file changed, 2 deletions(-) That fix is included in 2.2.26. Are you sure? I don't see it there.
Aki
You are right, it was supposed to be there. Unfortunately it isn't.
We'll see what can be done.
Aki
27.10.2016 16:39, Arkadiusz Miśkiewicz wrote:
On Thursday 27 of October 2016, Timo Sirainen wrote:
http://dovecot.org/releases/2.2/dovecot-2.2.26.tar.gz http://dovecot.org/releases/2.2/dovecot-2.2.26.tar.gz.sig Please merge to 2.2 branch this fix. I'm hitting that problem on 2.2.25:
From 6c969ac21a43cc10ee1f1a91a4f39e4864c886cb Mon Sep 17 00:00:00 2001 From: Aki Tuomi <aki.tuomi@dovecot.fi> Date: Fri, 15 Jul 2016 11:31:25 +0300 Subject: [PATCH] auth: Remove i_assert for credentials scheme
src/auth/auth-request.c | 2 -- 1 file changed, 2 deletions(-)
Hi!
Do you have some details how to reproduce this issue on your end?
Aki
On Friday 28 of October 2016, Aki Tuomi wrote:
27.10.2016 16:39, Arkadiusz Miśkiewicz wrote:
On Thursday 27 of October 2016, Timo Sirainen wrote:
http://dovecot.org/releases/2.2/dovecot-2.2.26.tar.gz http://dovecot.org/releases/2.2/dovecot-2.2.26.tar.gz.sig
Please merge to 2.2 branch this fix. I'm hitting that problem on 2.2.25:
From 6c969ac21a43cc10ee1f1a91a4f39e4864c886cb Mon Sep 17 00:00:00 2001 From: Aki Tuomi <aki.tuomi@dovecot.fi> Date: Fri, 15 Jul 2016 11:31:25 +0300 Subject: [PATCH] auth: Remove i_assert for credentials scheme
src/auth/auth-request.c | 2 -- 1 file changed, 2 deletions(-)
Hi!
Do you have some details how to reproduce this issue on your end?
It seems to be related to "unknown user" always.
Oct 21 08:43:51 mbox dovecot: auth-worker(31838): sql(abc, 1.1.1.1,<yD12XVo/EfbV8VbS>): unknown user Oct 21 08:43:51 mbox dovecot: auth: Panic: file auth-request.c: line 1053 (auth_request_lookup_credentials): assertion failed: (request->credentials_scheme == scheme) Oct 21 08:43:51 mbox dovecot: auth: Error: Raw backtrace: /usr/lib64/dovecot/libdovecot.so.0(+0x8d822) [0x7fb7d85f5822] -> /usr/lib64/dovecot/libdovecot.so.0(+0x8d90d) [0x7fb7d85f590d] -> /usr/lib64/dovecot/libdovecot.so.0(i_fatal+0) [0x7fb7d8593e51] -> dovecot/auth 4 wait, 0 passdb, 0 userdb [0x4176b8] -> dovecot/auth 4 wait, 0 passdb, 0 userdb [0x4245b2] -> dovecot/auth 4 wait, 0 passdb, 0 userdb [0x4172cb] -> dovecot/auth 4 wait, 0 passdb, 0 userdb [0x417388] -> dovecot/auth 4 wait, 0 passdb, 0 userdb [0x427ea2] -> dovecot/auth 4 wait, 0 passdb, 0 userdb [0x428686] -> dovecot/auth 4 wait, 0 passdb, 0 userdb [0x41de8a] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_call_io+0x4c) [0x7fb7d86096cc] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handler_run_internal+0x101) [0x7fb7d860ab51] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handler_run+0x25) [0x7fb7d8609755] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_run+0x38) [0x7fb7d86098f8] -> /usr/lib64/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7fb7d859a263] -> dovecot/auth 4 wait, 0 passdb, 0 userdb [0x40d41f] -> /lib64/libc.so.6(__libc_start_main+0xf0) [0x7fb7d7728800] -> dovecot/auth 4 wait, 0 passdb, 0 userdb [0x40d60a] Oct 21 08:43:51 mbox dovecot: pop3-login: Warning: Auth connection closed with 2 pending requests (max 1 secs, pid=31822, EOF) Oct 21 08:43:51 mbox dovecot: auth: Fatal: master: service(auth): child 31833 killed with signal 6 (core dumps disabled)
But didn't try to reproduce it as "[PATCH] auth: Remove i_assert for credentials scheme" fixes it.
Aki
-- Arkadiusz Miśkiewicz, arekm / ( maven.pl | pld-linux.org )
On 28 Oct 2016, at 12:00, Arkadiusz Miśkiewicz <arekm@maven.pl> wrote:
On Friday 28 of October 2016, Aki Tuomi wrote:
27.10.2016 16:39, Arkadiusz Miśkiewicz wrote:
On Thursday 27 of October 2016, Timo Sirainen wrote:
http://dovecot.org/releases/2.2/dovecot-2.2.26.tar.gz http://dovecot.org/releases/2.2/dovecot-2.2.26.tar.gz.sig
Please merge to 2.2 branch this fix. I'm hitting that problem on 2.2.25:
From 6c969ac21a43cc10ee1f1a91a4f39e4864c886cb Mon Sep 17 00:00:00 2001 From: Aki Tuomi <aki.tuomi@dovecot.fi> Date: Fri, 15 Jul 2016 11:31:25 +0300 Subject: [PATCH] auth: Remove i_assert for credentials scheme
src/auth/auth-request.c | 2 -- 1 file changed, 2 deletions(-)
Hi!
Do you have some details how to reproduce this issue on your end?
It seems to be related to "unknown user" always.
Oct 21 08:43:51 mbox dovecot: auth-worker(31838): sql(abc, 1.1.1.1,<yD12XVo/EfbV8VbS>): unknown user Oct 21 08:43:51 mbox dovecot: auth: Panic: file auth-request.c: line 1053 (auth_request_lookup_credentials): assertion failed: (request->credentials_scheme == scheme)
Just for completeness: What auth mechanisms are you using? It looks to me like this assert would happen only with NTLM or SKEY mechanisms.
participants (5)
-
Aki Tuomi
-
Arkadiusz Miśkiewicz
-
Larry Rosenman
-
Michael A. Peters
-
Timo Sirainen