Package: radicale
Version: 3.5.3-1
Severity: normal
Tags: upstream
Dear Maintainer,
Using radicale dovecot auth on Trixie fails during handshake with Dovecot 2.4
with the following error:
> (process_request_thread)] [CRITICAL] Encountered a broken server handshake!
Radicale configuration:
[auth]
type = dovecot
dovecot_connection_type = AF_UNIX
dovecot_socket = /run/dovecot/auth-radicale
Related Dovecot config:
service auth {
unix_listener auth-radicale {
mode = 0660
user = radicale
group = radicale
}
}
The handshake has changed in Dovecot 2.4 with Dovecot Auth protocol v1.3
> Changed: 2.4.0 The server no longer pipelines the rest
> of the handshake with the VERSION. It first waits for
> the client to provide the VERSION. Based on that, it
> may give a different response.
https://doc.dovecot.org/2.4.1/developers/design/auth_protocol.html
This is a known issue in upstream: https://github.com/Kozea/Radicale/issues/1878
The upstream fix checks and handles Auth protocol version v1.3.
Therefore it seems to be backward compatible.
Upstream commit:
https://github.com/Kozea/Radicale/commit/b46916fca9a835b13015e798758bdb13201dd07b
The fix was released with Radicale 3.5.7:
https://github.com/Kozea/Radicale/releases/tag/v3.5.7
I successfully backported the patch to Radicale 3.5.3-1 and it works for me.
Could you please ship the bugfix with a point-release so that it becomes
compatible with Dovecot?
Thanks you for maintaining and providing Radicale packages.
Yours, Steffen
-- System Information:
Debian Release: 13.3
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 6.12.69+deb13-amd64 (SMP w/2 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages radicale depends on:
ii adduser 3.152
ii init-system-helpers 1.69~deb13u1
ii lsb-base 11.6
ii python3 3.13.5-1
ii python3-radicale 3.5.3-1
ii sysvinit-utils [lsb-base] 3.14-4
Versions of packages radicale recommends:
ii ssl-cert 1.1.3
Versions of packages radicale suggests:
pn apache2 <none>
ii apache2-utils 2.4.66-1~deb13u1
pn libapache2-mod-authnz-external <none>
pn python3-argon2 <none>
ii python3-bcrypt 4.2.0-2.1+b1
pn python3-ldap3 <none>
pn uwsgi <none>
pn uwsgi-plugin-python3 <none>
-- Configuration Files:
/etc/radicale/config changed:
[server]
[encoding]
[auth]
type = dovecot
dovecot_connection_type = AF_UNIX
dovecot_socket = /run/dovecot/auth-radicale
[rights]
type = from_file
file = /etc/radicale/rights
[storage]
[web]
[logging]
[headers]
[hook]
[reporting]
-- no debconf information
