https://dovecot.org/releases/2.2/dovecot-2.2.35.tar.gz https://dovecot.org/releases/2.2/dovecot-2.2.35.tar.gz.sig
- charset_alias: compile fails with Solaris Studio, reported by John Woods. - Fix local name handling in v2.2.34 SNI code, bug found by cPanel. - imapc: Don't try to add mails to index if they already exist there. - imapc: If email is modified in istream_opened hook, mail size isn't updated. - lib-dcrypt: When reading encrypted data, more data would not be read if buffer was not consumed causing panic or hang. - notify: When notify plugin is used and transaction commit fails in dsync, crash occurs. - sdbox: When delivering to a mailbox that is over quota, temp files are not cleaned up when saving or copying fails.
On Monday 19 of March 2018, Aki Tuomi wrote:
https://dovecot.org/releases/2.2/dovecot-2.2.35.tar.gz https://dovecot.org/releases/2.2/dovecot-2.2.35.tar.gz.sig
[...]
- Fix local name handling in v2.2.34 SNI code, bug found by cPanel.
That change broke handling of such entries
local_name *.example.com { ssl_cert = </etc/certs/aaa.pem ssl_key = </etc/certs/aaa.pem }
and for connection with pop3.example.com in TLS SNI default certificate is presented instead of domain specific one.
Reverting
commit 446c0b02a7802b676e893ccc4934fc7318d950ea Author: Aki Tuomi <aki.tuomi@dovecot.fi> Date: Tue Mar 6 15:15:01 2018 +0200
lib-master: Correctly match when local_name has multiple names
Reported by J. Nick Koston <nick@cpanel.net>
fixes the problem.
-- Arkadiusz Miśkiewicz, arekm / ( maven.pl | pld-linux.org )
On Wednesday 21 of March 2018, Arkadiusz Miśkiewicz wrote:
On Monday 19 of March 2018, Aki Tuomi wrote:
https://dovecot.org/releases/2.2/dovecot-2.2.35.tar.gz https://dovecot.org/releases/2.2/dovecot-2.2.35.tar.gz.sig
[...]
- Fix local name handling in v2.2.34 SNI code, bug found by cPanel.
That change broke handling of such entries
local_name *.example.com { ssl_cert = </etc/certs/aaa.pem ssl_key = </etc/certs/aaa.pem }
and for connection with pop3.example.com in TLS SNI default certificate is presented instead of domain specific one.
Reverting
commit 446c0b02a7802b676e893ccc4934fc7318d950ea Author: Aki Tuomi <aki.tuomi@dovecot.fi> Date: Tue Mar 6 15:15:01 2018 +0200
lib-master: Correctly match when local_name has multiple names
Reported by J. Nick Koston <nick@cpanel.net>
fixes the problem.
And proper fix: --- dovecot-2.2.35/src/lib-master/master-service-settings-cache.c 2018-03-21 10:15:09.097480691 +0100 +++ dovecot-2.2.35/src/lib-master/master-service-settings-cache.c~ 2018-03-19 10:30:01.000000000 +0100 @@ -131,7 +131,7 @@ match_local_name(const char *local_name, return TRUE; local_name = ptr+1; } - return dns_match_wildcard(filter_local_name, local_name) == 0; + return dns_match_wildcard(local_name, filter_local_name) == 0; } /* Remove any elements which there is no filter for */ -- Arkadiusz Miśkiewicz, arekm / ( maven.pl | pld-linux.org )
On 21.03.2018 11:23, Arkadiusz Miśkiewicz wrote:
On Wednesday 21 of March 2018, Arkadiusz Miśkiewicz wrote:
On Monday 19 of March 2018, Aki Tuomi wrote:
https://dovecot.org/releases/2.2/dovecot-2.2.35.tar.gz https://dovecot.org/releases/2.2/dovecot-2.2.35.tar.gz.sig [...]
- Fix local name handling in v2.2.34 SNI code, bug found by cPanel.
That change broke handling of such entries
local_name *.example.com { ssl_cert = </etc/certs/aaa.pem ssl_key = </etc/certs/aaa.pem }
and for connection with pop3.example.com in TLS SNI default certificate is presented instead of domain specific one.
Reverting
commit 446c0b02a7802b676e893ccc4934fc7318d950ea Author: Aki Tuomi <aki.tuomi@dovecot.fi> Date: Tue Mar 6 15:15:01 2018 +0200
lib-master: Correctly match when local_name has multiple names
Reported by J. Nick Koston <nick@cpanel.net>
fixes the problem. And proper fix:
--- dovecot-2.2.35/src/lib-master/master-service-settings-cache.c 2018-03-21 10:15:09.097480691 +0100 +++ dovecot-2.2.35/src/lib-master/master-service-settings-cache.c~ 2018-03-19 10:30:01.000000000 +0100 @@ -131,7 +131,7 @@ match_local_name(const char *local_name, return TRUE; local_name = ptr+1; } - return dns_match_wildcard(filter_local_name, local_name) == 0; + return dns_match_wildcard(local_name, filter_local_name) == 0; }
/* Remove any elements which there is no filter for */
Thanks for catching this, seems we are missing this in our tests. Aki
On 19/03/2018 13:23, Aki Tuomi wrote:
https://dovecot.org/releases/2.2/dovecot-2.2.35.tar.gz https://dovecot.org/releases/2.2/dovecot-2.2.35.tar.gz.sig
- charset_alias: compile fails with Solaris Studio, reported by John Woods. - Fix local name handling in v2.2.34 SNI code, bug found by cPanel. - imapc: Don't try to add mails to index if they already exist there. - imapc: If email is modified in istream_opened hook, mail size isn't updated. - lib-dcrypt: When reading encrypted data, more data would not be read if buffer was not consumed causing panic or hang. - notify: When notify plugin is used and transaction commit fails in dsync, crash occurs. - sdbox: When delivering to a mailbox that is over quota, temp files are not cleaned up when saving or copying fails.
Thank you, Aki,
This is great to know Dovecot is so active, and to have updates on this mailing list as well.
participants (3)
-
Aki Tuomi
-
Andre Rodier
-
Arkadiusz Miśkiewicz