| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
I'll just keep on making new releases now whenever something important
is fixed. Hopefully there shouldn't be many left anymore.
Most of the bugs fixed in this release were found by stress testing with
my imaptest tool (http://dovecot.org/tools/imaptest.c). If you're
interested in knowing how perfectly your Dovecot setup works (especially
if you're using NFS), you could try the tool yourself also.
I still see one crash with mmap_disable=yes, but it's pretty rare. Will
see if I get it fixed before v1.0, but it's not that important.
+ deliver: If we're executing as a normal system user, get the HOME
environment from passwd if it's not set. This makes it possible to
run deliver from .forward.
- Older compilers caused LDAP authentication to crash
- Dying LDAP connections weren't handled exactly correctly in rc11,
although it seemed to work usually
- Fixed crashes and memory leaks with AUTHENTICATE command
- Fixed crashes and leaks with IMAP/POP3 proxying
- maildir: Changing a mailbox while another process was saving a
message there at the same may have caused the changes to not be made
into the maildir, which could have caused other problems later..
|
|
Hopefully the last RC release? As far as I know there are no major
problems left now. If nothing big shows up, v1.0 should be out in a
couple of weeks.
* Renamed default_mail_env to mail_location. default_mail_env still
works for backwards compatibility.
* deliver: When sending rejects, don't include Content-Type in the
rejected mail's headers.
* LDAP changes:
* If auth binds are used, bind back to the default dn before doing
a search. Otherwise it could fail if a user gave an invalid
password.
* Initial binding at connect is now done asynchronously.
* Use pass_attrs even with auth_bind=yes since it may contain
useful non-password fields.
+ passdb checkpassword: Give TCPLOCALIP and TCPREMOTEIP and PROTO=TCP
environments to the checkpassword binary so we're UCSPI (and vchkpw)
compatible.
- mbox handling was a bit broken in rc10
- Using Dovecot via inetd kept crashing dovecot master
- deliver: Don't crash with -f "". Changed the default from envelope
to be "MAILER-DAEMON".
- INBOX wasn't shown with LSUB command if only prefixed namespaces
were used.
- passdb ldap: Reconnecting to LDAP server wasn't working with
auth binds.
- passdb sql: Non-plaintext authentication didn't work
- MySQL passdb ignored all non-password checks, such as allow_nets
- trash plugin was broken
|
|
I've finally read all the mails in the mailing list and in my INBOX. If
I haven't replied to some of your mail, please resend it.
Remember that since 1.0.rc9 release dovecot.index.cache files will get
rebuilt in 64bit systems, and it's probably better to delete them
manually so you don't get errors in log files.
There are only a couple of issues left in my v1.0-TODO list:
- Master process appears to be leaking log fds with kqueue. Could
someone again give me access to a system where this happens?
- Login process problems. How well does it work now? Hopefully well
enough that v1.0 could be released.
- LDAP authentication is leaking memory? Can anyone confirm this? Even
better, can someone figure out what exactly is leaking? :) Not a v1.0
blocker though.
I think v1.0 will be released once no-one has reported any major
problems for a Dovecot release in 2-4 weeks. I think login process
handling is the only potentially major problem left.
There are a few patches from people that I haven't forgotten, but I've
decided not to put them into v1.0 anymore:
- Filesystem quota group. I don't think it's that important feature,
and it might break something.
- HFS+ hardlink avoiding
- Managesieve
- vmailmgr support
And finally the changes in this release:
* When matching allowed_nets IPs, convert IPv6-mapped-IPv4 addresses
to actual IPv4 addresses first.
+ IMAP: Try to avoid sending duplicate/useless message flag updates
+ Added support for non-plaintext authentication for vpopmail if it
returns plaintext passwords. Based on patch by Remi Gacogne.
+ Added %D modified to return "sub.domain.org" as
"sub,dc=domain,dc=org" (for LDAP queries). Patch by Andrey Panin.
- rc9 broke cache files in 64bit systems
- deliver works now with mail_chroot
- auth cache didn't work properly with multiple passdbs
- Fixes to handling CRLF linefeeds in mboxes.
|
|
I've still over 200 mails unread in the mailing list, and important
things left in TODO. This release is an improvement over rc7 anyway,
hopefully I'll have time to fix the rest soon.
* GSSAPI: Changed POP3 service name to "pop", which is what the
standard says
* "mbox:/var/mail/%u" no longer works as the mail location. You'll
have to specify the mail root explicitly, just like the examples
always have: "mbox:~/mail:INBOX=/var/mail/%u"
+ SHA1, LDAP-MD5, PLAIN-MD5, PLAIN-MD4: The password can be now either
hex or base64 encoded. The encoding is detected automatically based
on the password string length.
+ Allow running only Dovecot master and dovecot-auth processes with
protocols=none setting
+ deliver: -f <envelope sender> parameter can be used to set mbox
From_-line's sender address
+ deliver: Log all mail saves and failures
+ Tru64 SIA passdb support. Patch by Simon L Jackson.
- INBOX was listed twice in mailbox list if namespace prefix was used
- INBOX-prefixed namespaces were a bit broken
- kqueue: Fix 100% CPU usage
- deliver: Duplicate storage was a bit broken
- dictionary code was broken (ie. dict quota)
- SIGHUP caused crashes sometimes
|
|
applied). From the website: "This is what RC3 really should have been".
|
|
|
|
problems:
- SSL connections hanged sometimes, especially when saving messages.
- mbox: Mail bodies were saved with CR+LF linefeeds
- Mail forwarding was broken with deliver/Sieve
- dbox fixes. Might actually be usable now.
- Index file handling fixes with keywords
- Cache file was incorrectly used in some situations, which probably
caused problems sometimes.
- Maildir++ quota: Don't count "." and ".." directory sizes to quota.
After rewriting maildirsize file keep its fd open so that we can
later update it. Patch by Alexander Zagrebin
|
|
* PAM: If user's password is expired, give "Password expired" error
message to the user. Now actually working thanks to Vaidas Pilkauskas
* Relicensed dovecot-auth, lib-sql and lib-ntlm to MIT license. See
COPYING file for more information.
* Abuse prevention: When creating a mailbox, limit the number of
hierarchies (up to 20) and the length of the mailbox name within
a hierarchy (up to 200 characters).
* mbox: If saved mail doesn't end with LF, add it ourself so that the
mails always have one empty line before the next From-line.
+ Added --with-statedir configure option which defaults to
$localstatedir/lib/dovecot. ssl-parameters.dat is permanently
stored in that directory and is copied to login_dirs from there.
+ IMAP: Support SASL-IR extension (SASL initial response)
+ Support initial SASL response with LOGIN mechanism. Patch by Anders
Karlsson
+ Added PLAIN-MD4 password scheme. Patch by Andrey Panin.
+ Added support for XFS disk quotas. Patch by Pawel Jarosz
+ If another process deletes the opened mailbox, try to handle it
without writing errors to log file. Handles the most common cases.
+ Added TLS support for LDAP if the library supports it.
- SEARCH command was more or less broken with OR and NOT conditions
- Dovecot corrupted mbox files which had CR+LF linefeeds in headers
- MySQL code could have crashed while escaping strings
- MD4 code with NTLM authentication was broken with 64bit systems.
Patch by Andrey Panin
- Plugin loading was broken in some OSes (eg. FreeBSD)
- Several fixes to handling empty values in configuration file
- Several fixes to dictionary quota backend and dict server.
Also changed how they're configured.
- deliver: Fixed plugin handling settings
- mbox_min_index_size handling was somewhat broken
- passdb passwd-file: extra_args field wasn't read unless the file
was also used as userdb.
|
|
Add a fix from Dovecot's CVS, and bump PKGREVISION.
|
|
Fixes a lot of bugs. The next release will be the first "release
candidate" instead of a beta.
* PAM: Don't call pam_setcred() unless setcred=yes PAM passdb
argument was given.
* Moved around settings in dovecot-example.conf to be in more logical
groups.
+ Local delivery agent (deliver binary) works again.
+ LDAP: Added support for SASL binding. Patch by Geert Jansen
+ ssl_verify_client_cert: Check CRLs. If auth_verbose=yes, log
invalid sent certificates. If verbose_ssl=yes, log even the valid
certificates. When using the username from the certificate, use
CommonName. Based on patch by HenkJan Wolthuis
+ PAM: Set PAM_TTY which is needed by some PAM plugins
+ dovecot --exec-mail ext <binary path> can now be used to start
binaries which want dovecot.conf to be read, for example the
convert-tool.
- Expunging needed to be done twice if client used STORE +FLAGS.SILENT
command to set the \Deleted flags
- Added sql_escape_string() to lib-sql API and use it instead of
normal \-escaping.
- ACL plugin fixes
- DIGEST-MD5: Trying to use subsequent authentication crashed
dovecot-auth.
- Fetching BODY when BODYSTRUCTURE was already cached caused the
reply to be broken in some cases
- Lots of fixes for index file handling
- dbox fixes and changes
- mbox syncing broke if some extraneous/broken headers were removed
(eg. extra X-IMAPbase headers in mails)
- Running Dovecot from inetd work now properly with POP3
- Quota plugin fixes for calculating the quota correctly
|
|
Solaris). The patch is from dovecot CVS (see the thread following
http://www.dovecot.org/list/dovecot/2006-May/013389.html), via PR
pkg/33489. Bump PKGREVISION.
|
|
which were fixed again in beta5.
patch-ac and patch-ad were taken from CVS and are not needed anymore.
Changes in Dovecot 1.0beta4:
* Changed the default lock_method back to fcntl. Apparently flock
gives problems with some systems.
* mbox: mailboxes beginning with '.' are now also listed
* Replaced mail_use_modules and mail_modules settings with mail_plugins
and mail_plugin_dir. Now instead of loading all plugins from the
directory, you'll have to give a list of plugins to load. If the
plugin couldn't be loaded, the process exits instead of just
ignoring the problem (this is important with ACL plugin).
+ Added support for "master users" who can log in as other people.
The master username can be given either in authorization ID
string with SASL PLAIN mechanism or by setting
auth_master_user_separator and giving it within the normal username
string.
+ Added ACL plugin with ACL file backend. This however doesn't mean
that there yet exists a proper shared folder support. If master user
logged in as someone else, the ACLs are checked as the master user.
+ Added some Dovecot extensions to checkpassword passdb, see ChangeLog
+ Updated passwd-file format to allow specifying any key=value fields
+ Maildir++ quota support and several quota fixes
+ passdb supporting extra fields: Added "allow_nets" option which takes
a comma separated list of IPs/networks where to allow user to log in.
+ NFS: Handle ESTALE errors the best way we can
+ IMAP now writes to log when client disconnects
+ In shared mailboxes (if dovecot-shared file exists) \Seen flags are
now kept only in index files, so as long as each user has a separate
index file they have separate \Seen flags.
- Fixes to DIGEST-MD5 realm handling so it works with more clients
- BODYSTRUCTURE -> BODY conversion from cache file was broken with
mails containing message/rfc822 parts.
- Fixed several memory leaks
- We could have sent client FETCH notifications about messages before
telling about them with EXISTS
- Compiling fixes for Solaris and some other OSes
- Fixed problem with internal timeout handling code, which caused eg.
outlook-idle workaround to break.
- If /dev/urandom didn't exist, we didn't seed OpenSSL's random number
generator properly. Patch by Vilmos Nebehaj.
- Maildir: Recent flags weren't always immediately removed from mails
when mailbox was opened.
- Several changes to SSL proxying code, hopefully making it work
better.
Changes in Dovecot 1.0beta5:
- Beta4's SSL proxying rewrite worked worse than I thought.
Reverted it back to original code.
- Filesystem quota plugin now looks up the mount path correctly.
|
|
(we've patched them). Wanted to wait with this for dovecot1.0beta4 but this
takes longer than I thought. Not worth bumping PKGREVISION, IMO.
Ok with tv.
|
|
|
|
default at the next version bump?)
- set SSL_{CFLAGS,LIBS} when calling configure script so they are
found correctly on Solaris, and make the configure script do what it
claims and ignore pkg-config when these are set.
- add lib-sql Makefile patch from Dovecot CVS so this builds correctly
when no SQL auth support is built.
|
|
as was done in wip/dovecot-nightly. That comment is misleading with
pkgsrc, since those paths are not what pkgsrc encodes into the conf file.
Bump PKGREVISION (unfortunate, but there will be another beta pretty
soon anyway).
|
|
correct a mistake in my previous commit:
- add dependency on zlib
- add option for GNU TLS as an alternative to OpenSSL
- drop SASL option, it's no longer supported
- explicitly disable some options with --disable-*
- "s,/usr/pkg,@PREFIX@," in patch-ab -- I accidentally diffed it after the SUBST stage
- change SUBST_STAGE from post-patch to pre-configure to avoid this in the future
- bump PKGREVISION for all this
Thanks to tv@.
|
|
recommended by the Dovecot author (the 0.99.x series are deprecated).
Major changes:
v1.0.beta2 2006-01-22 Timo Sirainen <tss@iki.fi>
+ Added SQLite support. Patch by Jakob Hirsch.
+ Added auth_debug_passwords setting. If it's not enabled, hide all
password strings from logs.
+ Added mail_cache_min_mail_count and mbox_min_index_size settings
which can be used to make Dovecot do less disk writes in small
mailboxes where they don't benefit that much.
+ Added --build-ssl-parameters parameter to dovecot binary
- SSL parameters were being regenerated every 10 minutes, although not
with all systems.
- Fixed dovecot-auth crashing at startup. Happened only with some
specific compilers.
- base_dir was supposed to be set world-readable, not world-writable
v1.0.beta1 2006-01-16 Timo Sirainen <tss@iki.fi>
* Almost a complete rewrite since 0.99.x, but some of the major
changes are:
+ Index file code rewritten to do less disk I/O, wait locks less and in
generate be smarter. They also support being in clustered filesystems
and NFS support is mostly working also.
+ Mail caching is smarter. Only the data that client requests is
cached. Before Dovecot opened and cached all mails when mailbox was
opened the first time, which was slow.
+ Mbox handling code rewritten to be much faster, safer and correct
+ New authentication mechanisms: APOP, GSSAPI, LOGIN, NTLM and RPA.
+ LDAP supports authentication binds
+ Authentication server can cache password database lookups
+ Support for multiple authentication databases
+ Namespace configuration
+ Dovecot works with shared
- Add an option for sqlite support.
- Take over maintainership.
All suggested (and ok'ed) by xtraeme.
|
|
* GNUTLS support hasn't been working for a while, so it's not even
tried to be used anymore unless explicitly wanted.
+ Added CRAM-MD5 authentication mechanism. Patch by Joshua Goodall
+ Added SMD5 and LDAP-MD5 password schemes and changed MD5 scheme to
use LDAP-MD5 if the password isn't in MD5crypt format. Patch by
Joshua Goodall
+ Workaround for some POP3 client bugs: if message doesn't contain the
"end of headers" empty line, add it automatically.
+ vpopmail supports now all password schemes, most importantly
MD5crypt works now without support from libc's crypt()
- SQL and LDAP authentication was broken
- SEARCH UNKEYWORD wasn't working
pkgsrc changes:
* Disable GNU TLS support for the time being.
* Move the workaround for the gcc2 sparc64 ICE into hacks.mk.
* Format DESCR.
|
|
0.99.10.9 2004-07-31 Timo Sirainen <tss at iki.fi>
- MySQL compiling got broken in last release
- More PostgreSQL reconnection fixing
0.99.10.8 2004-07-30 Timo Sirainen <tss at iki.fi>
+ LDAP support compiles now with Solaris LDAP library
- IMAP BODY and BODYSTRUCTURE replies were wrong for MIME parts which
didn't contain Content-Type header.
- MySQL and PostgreSQL auth didn't reconnect if connection was lost
to SQL server
- Linking fixes for dovecot-auth with some systems
- Last fix for disconnecting client when downloading mail longer than
30 seconds actually made it never disconnect client. Now it works
properly: disconnect when client hasn't read _any_ data for 30
seconds.
|
|
o PLIST fix (hi xtraeme!).
o Re-add two chunks for dovecot-example.conf that were forgotten.
|
|
v0.99.10.5 2003-12-27 Timo Sirainen <tss@iki.fi>
+ MySQL authentication, patch by Matthew Reimer
+ --with-moduledir configure option
- mbox: APPEND reversed given \Draft and \Deleted flags
- mbox: "LF not found" errors happened sometimes when X-IMAPbase
header was updated. Possibly corrupted mbox sometimes.
Thanks to Fabrice Bellet for finding this bug.
- Custom flags couldn't be unset
- Maildir: make sure ":2," is appended to filename when moving mails
from new/ to cur/.
- Maildir: synchronization might have sometimes set wrong flags to
messages, or crash completely
- Maildir: RENAME xx inbox.xx didn't result as uppercased ".INBOX.xx"
directory which then couldn't be accessed
- Don't crash with RAND_bytes() error messages anymore. This mostly
happened with Fedora/RedHat.
pkgsrc changes:
o Disable crammd5 patch, doesn't apply cleanly anymore.
o Add a new option "DOVECOT_USE_MYSQL" to authenticate users
against a mysql database.
|
|
Changes:
v0.99.10.4 2003-11-24 Timo Sirainen <tss@iki.fi>
- Fixed reference counters in imap-login and pop3-login.
IMAP AUTHENTICATE and POP3 AUTH commands could have left the
process stuck doing nothing forever.
v0.99.10.3 2003-11-24 Timo Sirainen <tss@iki.fi>
- FETCH RFC822.HEADER returned message body as well
- SUBSCRIBE broke subscription lists
- LIST code rewritten, children flags should be correct now
- SORT and THREAD could have given invalid replies
- Partial BODY[...] fetches might have returned wrong data or at
least performed worse than was necessary
v0.99.10.1 2003-11-10 Timo Sirainen <tss@iki.fi>
* mbox: \Draft and \Deleted flags used opposite flag chars in
X-Status header. We were incompatible with other mbox accessing
software.
WARNING: Upgrading from previous version doesn't automatically
swap the flags, so be careful not to accidentally expunge messages
that had their \Draft flag changed to \Deleted.
* Configuration file changes:
- Whitespace at end of line is stripped, use quotes if you need it
- # comments are supported after key=value lines. if you need '#'
character, quote the value
- Both " and ' quotes are supported. If you need to use them, '\'
can be used for escaping.
- mbox: COPY into same mailbox didn't work and could have corrupted
the mailbox
- Using Dovecot without index files would crash after using a while
- Partial BODY[header] or BODY[part] fetches were buggy if client
requested more data than was available in the header/part.
- Partial BODY[...] fetches were buggy with messages that had CRLFs
- Some BODY and BODYSTRUCTURE replies missed data for message/rfc822
MIME parts causing clients to break
- SORT (SUBJECT) was buggy
- Timezone fixes with Date-header
This also includes Joshua Goodall's patch (now in the CVS tree) for
CRAM-MD5 for the -release tag.
|
|
- Some partial BODY[part] fetches may have returned data incorrectly,
patch-ad fixes it.
|
|
Apply bugfix patches for the following problems:
- Searching address fields can crash sometimes.
- Auth process crashes if user doesn't have home directory set.
- Some BODY and BODYSTRUCTURE replies missed data for message/rfc822
MIME parts causing clients to break.
|
|
Based on PR pkg/22028 by MAINTAINER, Tom Hensel.
Changes:
- Default PAM service name changed to "dovecot". This means that
if you're using PAM, you most likely have to do
mv /etc/pam.d/imap /etc/pam.d/dovecot
If you wish to keep using imap, see doc/auth.txt.
- ~/rawlog directory changed to ~/dovecot.rawlog
- Faster and better maildir synchronization. We support read-only
maildirs and out-of-quota conditions are handled a lot better.
dovecot-uidlist file still isn't out-of-quota-safe though, but you
can keep it in another location where quota isn't checked. For
example:
default_mail_env = Maildir:~/Maildir:
INDEX=/noquota/%u:CONTROL=/noquota/%u
- Read-only mboxes are supported now.
- Only NOOP and CHECK now always do a mailbox sync checking. Other
commands sync max. once in 5 seconds, plus always from indexes.
This should reduce I/O a bit.
- All NUL characters are translated to ascii #128 before sending to
client. RFC prohibits sending NULs and this is how UW-IMAP handles
it as well.
- Make ENVELOPE, BODY and BODYSTRUCTURE replies more compact by
removing multiple LWSPs and translating TABs to spaces. RFC doesn't
specifically require this, but this seems to be the wanted
behaviour..
- Added ANONYMOUS SASL mechanism.
- More flexible user chrooting configuration in home directories:
"<chroot>/./<homedir>"
- Added support for dynamically loadable IMAP/POP3 modules. See
INSTALL file for more information.
- Partial fetches were broken if mails had CR+LF linefeeds
- SEARCH DELETED didn't return anything if all messages were deleted
- OpenSSL support was broken in many installations because we were
chrooted and it couldn't open /dev/urandom.
- PAM: Giving wrong password blocked the whole process for two
seconds. Now we create a new process for each check.
- Lots of other smaller bugfixes and better error handling
|
|
From Tom Hensel via tech-pkg and private mail.
Changes:
- new MAINTAINER, Tom Hensel
0.99.10-test14:
===============
- IMAP over SSL works now without having to install (patched) OpenSSL from
pkgsrc or patching dovecot itself. For instance, OpenSSL gets initalized
before chrooting so it can open /dev/urandom, even some possible crashes
have been fixed.
- Many changes to the Maildir synchronization and expiration code, diffrent
bugs and flaws are fixed. Improved indexing and hashing of Maildirs and
mboxes.
- Changes to improve overall perfomance have been incorparated.
- The authorization daemon now supports the ANONYMOUS SASL mechanism,
a few bugs were fixed.
- Many flaws and glitches are gone, please see dovecot's ChangeLog for
a complete list of changes.
|
|
Dovecot is a secure and compact IMAP/POP3 server which is in the early stages
of developement. It supports Maildirs and mbox formats and much of the IMAP
v4 protocol including SSL/TLS. IPv6 support is also included.
Package provided by Juan RP via pkgsrc-wip with modifications by me.
|
