...

...

...

...

"A" == A Schulze sca@andreasschulze.de writes:

A> Am 10.05.22 um 08:33 schrieb Aki Tuomi:

...

Hi all!

We are pleased to release v2.3.19 of Dovecot.

The docker images have been upgraded to use bullseye as base image.

https://dovecot.org/releases/2.3/dovecot-2.3.19.tar.gz https://dovecot.org/releases/2.3/dovecot-2.3.19.tar.gz.sig

A> Hello,

A> "make check" fail here:

A> test-crypto.c:827: Assert failed: ret == TRUE A> Panic: file dcrypt-openssl.c: line 2639 (dcrypt_openssl_private_to_public_key): assertion failed: (priv_key != NULL && pub_key_r != NULL) A> Error: Raw backtrace: ./test-crypto(backtrace_append+0x42) [0x556260e86cb2] -> ./test-crypto(backtrace_get+0x1e) [0x556260e86dce] -> ./test-crypto(+0x25bcb) [0x556260e65bcb] -> ./test-crypto(+0x25c01) [0x556260e65c01] -> ./test-crypto(+0x13dab) [0x556260e53dab] -> .libs/libdcrypt_openssl.so(+0x5f13) [0x7f6133c60f13] -> ./test-crypto(+0x1e436) [0x556260e5e436] -> ./test-crypto(+0x21aef) [0x556260e61aef] -> ./test-crypto(test_run+0x47) [0x556260e626c7] -> ./test-crypto(main+0x50) [0x556260e582a0] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xea) [0x7f6133c99d0a] -> ./test-crypto(_start+0x2a) [0x556260e583ba] A> /bin/bash: line 1: 90 Aborted ./$bin

A> any advise is welcome...

What linux distro are you using? Which compiler? Can you post the config.log output to see what you're settings are?

On 11/05/2022 00:49 A. Schulze sca@andreasschulze.de wrote:

Am 10.05.22 um 23:35 schrieb John Stoffel:

...

...

...

...

...

> "A" == A Schulze sca@andreasschulze.de writes:

A> Am 10.05.22 um 08:33 schrieb Aki Tuomi:

...

...

Hi all!

We are pleased to release v2.3.19 of Dovecot.

The docker images have been upgraded to use bullseye as base image.

https://dovecot.org/releases/2.3/dovecot-2.3.19.tar.gz https://dovecot.org/releases/2.3/dovecot-2.3.19.tar.gz.sig

A> Hello,

A> "make check" fail here:

A> test-crypto.c:827: Assert failed: ret == TRUE A> Panic: file dcrypt-openssl.c: line 2639 (dcrypt_openssl_private_to_public_key): assertion failed: (priv_key != NULL && pub_key_r != NULL) A> Error: Raw backtrace: ./test-crypto(backtrace_append+0x42) [0x556260e86cb2] -> ./test-crypto(backtrace_get+0x1e) [0x556260e86dce] -> ./test-crypto(+0x25bcb) [0x556260e65bcb] -> ./test-crypto(+0x25c01) [0x556260e65c01] -> ./test-crypto(+0x13dab) [0x556260e53dab] -> .libs/libdcrypt_openssl.so(+0x5f13) [0x7f6133c60f13] -> ./test-crypto(+0x1e436) [0x556260e5e436] -> ./test-crypto(+0x21aef) [0x556260e61aef] -> ./test-crypto(test_run+0x47) [0x556260e626c7] -> ./test-crypto(main+0x50) [0x556260e582a0] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xea) [0x7f6133c99d0a] -> ./test-crypto(_start+0x2a) [0x556260e583ba] A> /bin/bash: line 1: 90 Aborted ./$bin

A> any advise is welcome...

What linux distro are you using? Which compiler? Can you post the config.log output to see what you're settings are?

it's Debian 11/Bullseye, x86_64. config.log at https://andreasschulze.de/tmp/config.log.xz

Andreas

What ssl library are you using?

Aki

On 11/05/2022 08:12 A. Schulze sca@andreasschulze.de wrote:

Am 11.05.22 um 06:52 schrieb Aki Tuomi:

...

What ssl library are you using?

It's what Debian provides: https://packages.debian.org/bullseye/libssl1.1

Andreas

You are using something like libssl-dv instead of libssl, hence me asking. It does not appear to be using the stock libssl.

Aki

Yes, thats me. I tried to use Debian ssl, but maybe I made something wrong. I will Check that later. Thanks!

So there's an "honest abe" -- with a "dv" attached the name -- and it's time to change the locks on the doors -- because apparently a couple of girls at the bank are working overtime doing loans and repossessions online and something is being served at a local bar or pub and a SWAT team is being called out Friday night or very early Saturday with fabricated criminal charges on any "hackers" who happen to be posting here ....

On May 11, 2022 1:43:39 PM AKDT, "A. Schulze" sca@andreasschulze.de wrote:

Am 11.05.22 um 07:26 schrieb Michael Tokarev:

...

...

You are using something like libssl-dv instead of libssl, hence me asking. It does not appear to be using the stock libssl.

Hello Aki & Michael

I reviewed my build and indeed found a glitch. So: sorry for the noise. dovecot-2.3.19 can be built with Debian/11 + Debian/openssl-1.1.1n

I'm also able to build with my own openssl-1.1.1 version. The error occurred because I tried to build with my own openssl-3.0.2 which worked with dovecot-2.3.18 But maybe this was unsupported anyway.

Andreas

-- Sent from my Android device with K-9 Mail. Please excuse my brevity.

On 12/05/22 3:38 am, Alan Swanson wrote:

On Tue, 2022-05-10 at 09:33 +0300, Aki Tuomi wrote:

...

Hi all!

We are pleased to release v2.3.19 of Dovecot.

On Sun, 2022-02-06 at 14:25 +0000, Alan Swanson wrote:

...

On Sat, 2022-02-05 at 14:55 +1300, Peter wrote:

...

On 8/12/21 2:12 am, Alan Swanson wrote:

...

Reverting commit "fts: Use mailbox-match-plugin API for fts_autoindex_exclude" resolved this core dump in lib20_fts_plugin.so for me.

https://github.com/dovecot/core/commit/9d02ac2e4232cc69bc37344c6341674b87078...

Is this fixed yet in 2.3.18?

No, still broken and core dumping (there's been no changes to src/plugins/fts/fts-storage.c) and the commit still needs reverted on 2.3.18.

Unfortunately this is still not fixed in 2.3.19 and continues to core dump at fts_user_autoindex_exclude(). Reverting the referenced commit still fixes it.

Thanks for the update, I'm keeping the reverted commit in my build until it gets fixed.

Peter

On 12/05/2022 16:10 Sylvain Robitaille sag@encs.concordia.ca wrote:

On Thu, 12 May 2022, Aki Tuomi wrote:

...

Can you provide us with the configuration you attempted?

Sure, but the complete configuration is spread across a number of files:

<snip/>

If we read the documentation, we learn that the mail_user_session_finished is an event.

To export events, we use https://doc.dovecot.org/configuration_manual/event_export/

so.

event_exporter log { format = json format_args = time-rfc3339 transport = log }

metric mail_user_session { filter = event=mail_user_session_finished exporter = log }

p.s. you can use doveconf -n to get single output of your spread configuration.

Regards, Aki

Hi!

Thank you for reporting this issue. I can reproduce it locally, and we'll take a look at it.

Aki

On 15/05/2022 10:35 Ralf Becker rb@egroupware.org wrote:

After updating to 2.3.19 (from 2.3.16) passdb and userdb lookups fail:

root@backup:~# doveadm user rb@egroupware.org; doveadm log errors

userdb lookup: user rb@egroupware.org doesn't exist field    value

May 15 07:22:18 Panic: auth: file userdb-blocking.c: line 124 (userdb_blocking_iter_next): assertion failed: (ctx->conn != NULL) May 15 07:22:18 Error: auth: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(backtrace_append+0x41) [0x7f019a651c91] -> /usr/lib/dovecot/libdovecot.so.0(backtrace_get+0x22) [0x7f019a651db2] -> /usr/lib/dovecot/libdovecot.so.0(+0x10b0bb) [0x7f019a65f0bb] -> /usr/lib/dovecot/libdovecot.so.0(+0x10b157) [0x7f019a65f157] -> /usr/lib/dovecot/libdovecot.so.0(+0x5d375) [0x7f019a5b1375] -> dovecot/auth 0 wait, 0 passdb, 0 userdb [0x55e256d287a7] -> dovecot/auth 0 wait, 0 passdb, 0 userdb [0x55e256d2c54b] -> dovecot/auth 0 wait, 0 passdb, 0 userdb [0x55e256d49ca7] -> dovecot/auth 0 wait, 0 passdb, 0 userdb [0x55e256d3db86] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handle_timeouts+0x15f) [0x7f019a67576f] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run_internal+0xcf) [0x7f019a67702f] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0x54) [0x7f019a675a54] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x40) [0x7f019a675bc0] -> /usr/lib/dovecot/libdovecot.so.0(master_service_run+0x17) [0x7f019a5e7207] -> dovecot/auth 0 wait, 0 passdb, 0 userdb [0x55e256d29588] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf3) [0x7f019a2de0b3] -> dovecot/auth 0 wait, 0 passdb, 0 userdb [0x55e256d2976e] May 15 07:22:19 Fatal: auth: master: service(auth): child 19 killed with signal 6 (core dumped) May 15 07:22:19 Error: replicator: auth-master: userdb list: Disconnected unexpectedly May 15 07:22:19 Error: replicator: listing users failed, can't replicate existing data May 15 07:22:19 Error: doveadm(arash 2student@bb-trunk.egroupware.de): User doesn't exist May 15 07:22:19 Error: doveadm(arash teacher@bb-trunk.egroupware.de): User doesn't exist May 15 07:22:20 Error: doveadm(christoph thyssen@bb-trunk.egroupware.de): User doesn't exist May 15 07:23:21 Error: doveadm(arash student@bb-trunk.egroupware.de): User doesn't exist May 15 07:24:02 Error: doveadm(schieder@uni-kl.de@bb-trunk.egroupware.de): User doesn't exist May 15 07:24:07 Error: doveadm(sabour@uni-kl.de@bb-trunk.egroupware.de): User doesn't exist May 15 07:24:24 Error: doveadm(ralf.imaptest@outdoor-training.de@bb-trunk.egroupware.de): User doesn't exist May 15 07:24:31 Error: doveadm(arash tolou@bb-trunk.egroupware.de): User doesn't exist May 15 07:24:31 Error: doveadm(becker_r@uni-kl.de@bb-trunk.egroupware.de): User doesn't exist May 15 07:24:49 Error: doveadm(olat.vcrp.de:2723414355@bb-trunk.egroupware.de): User doesn't exist May 15 07:24:56 Error: doveadm(olat.vcrp.de:1167852044@bb-trunk.egroupware.de): User doesn't exist

Reverting back to 2.3.16 fixes the problem for now.

My doveadm config -n is attached. We use a hourly updated local sqlight database and a dict for userdb.

Any ideas?

Ralf

Am 10.05.22 um 08:33 schrieb Aki Tuomi:

...

Hi all!

We are pleased to release v2.3.19 of Dovecot.

The docker images have been upgraded to use bullseye as base image.

https://dovecot.org/releases/2.3/dovecot-2.3.19.tar.gz https://dovecot.org/releases/2.3/dovecot-2.3.19.tar.gz.sig Binary packages in https://repo.dovecot.org/ Docker images in https://hub.docker.com/r/dovecot/dovecot

Regards, Aki Tuomi Open-Xchange oy

--

• Added mail_user_session_finished event, which is emitted when the mail user session is finished (e.g. imap, pop3, lmtp). It also includes fields with some process statistics information. See https://doc.dovecot.org/admin_manual/list_of_events/ for more information.
• Added process_shutdown_filter setting. When an event matches the filter, the process will be shutdown after the current connection(s) have finished. This is intended to reduce memory usage of long-running imap processes that keep a lot of memory allocated instead of freeing it to the OS.
• auth: Add cache hit indicator to auth passdb/userdb finished events. See https://doc.dovecot.org/admin_manual/list_of_events/ for more information.
• doveadm deduplicate: Performance is improved significantly.
• imapc: COPY commands were sent one mail at a time to the remote IMAP server. Now the copying is buffered, so multiple mails can be copied with a single COPY command.
• lib-lua: Add a Lua interface to Dovecot's HTTP client library. See https://doc.dovecot.org/admin_manual/lua/ for more information.

• auth: Cache lookup would use incorrect cache key after username change.
• auth: Improve handling unexpected LDAP connection errors/hangs. Try to fix up these cases by reconnecting to the LDAP server and aborting LDAP requests earlier.
• auth: Process crashed if userdb iteration was attempted while auth-workers were already full handling auth requests.
• auth: db-oauth2: Using %{oauth2:name} variables caused unnecessary introspection requests.
• dict: Timeouts may have been leaked at deinit.
• director: Ring may have become unstable if a backend's tag was changed. It could also have caused director process to crash.
• doveadm kick: Numeric parameter was treated as IP address.
• doveadm: Proxying can panic when flushing print output. Fixes Panic: file ioloop.c: line 865 (io_loop_destroy): assertion failed: (ioloop == current_ioloop).
• doveadm sync: BROKENCHAR was wrongly changed to '_' character when migrating mailboxes. This was set by default to %, so any mailbox names containing % characters were modified to "_25".
• imapc: Copying or moving mails with doveadm to an imapc mailbox could have produced "Error: Syncing mailbox '[...]' failed" Errors. The operation itself succeeded but attempting to sync the destination mailbox failed.
• imapc: Prevent index log synchronization errors when two or more imapc sessions are adding messages to the same mailbox index files, i.e. INDEX=MEMORY is not used.
• indexer: Process was slowly leaking memory for each indexing request.
• lib-fts: fts header filters caused binary content to be sent to the indexer with non-default configuration.
• doveadm-server: Process could hang in some situations when printing output to TCP client, e.g. when printing doveadm sync state.
• lib-index: dovecot.index.log files were often read and parsed entirely, rather than only the parts that were actually necessary. This mainly increased CPU usage.
• lmtp-proxy: Session ID forwarding would cause same session IDs being used when delivering same mail to multiple backends.
• log: Log prefix update may have been lost if log process was busy. This could have caused log prefixes to be empty or in some cases reused between sessions, i.e. log lines could have been logged for the wrong user/session.
• mail_crypt: Plugin crashes if it's loaded only for some users. Fixes Panic: Module context mail_crypt_user_module missing.
• mail_crypt: When LMTP was delivering mails to both recipients with mail encryption enabled and not enabled, the non-encrypted recipients may have gotten mails encrypted anyway. This happened when the first recipient was encrypted (mail_crypt_save_version=2) and the 2nd recipient was not encrypted (mail_crypt_save_version=0).
• pop3: Session would crash if empty line was sent.
• stats: HTTP server leaked memory.
• submission-login: Long credentials, such as OAUTH2 tokens, were refused during SASL interactive due to submission server applying line length limits.
• submission-login: When proxying to remote host, authentication was not using interactive SASL when logging in using long credentials such as OAUTH2 tokens. This caused authentication to fail due to line length constraints in SMTP protocol.
• submission: Terminating the client connection with QUIT command after mail transaction is started with MAIL command and before it is finished with DATA/BDAT can cause a segfault crash.
• virtual: doveadm search queries with mailbox-guid as the only parameter crashes: Panic: file virtual-search.c: line 77 (virtual_search_get_records): assertion failed: (result != 0)

-- Ralf Becker EGroupware GmbH [www.egroupware.org] Handelsregister HRB Kaiserslautern 3587 Geschäftsführer Birgit und Ralf Becker Leibnizstr. 17, 67663 Kaiserslautern, Germany Telefon +49 631 31657-0