Hey there all,
Matt here.
So I upgraded my server from openSUSE 15.1 to new released 15.2. It
comes with quite some recent versions of the required stuff: Java 11,
MariaDB 10.4, maven and git are finally part of the main repository -
so, I thought: Yes, should be a walk in the park. Well, as about since
the first time I tried James back in 3.0.0-RC5 on openSUSE 42.x (don't
know which one it was, could had been even some 13.x version) it also
wasn't as easy this time.
The initial build worked without issues, no fiddle around with ulimit.
The config worked as smooth as I'm used to. But then, my old friend the
"index too large" error happend. I had this with MariaDB 10.2 and had to
use 10.3 from mariadb repos. I had to do the same here: Instead of using
10.4 from opensuse repos I had to switch to 10.5 from mariadb repos. It
seems to be an issue with the version on opensuse repos - may I should
report this to them.
So, I got James up and running, but as I tested StartTLS I encountered
another issue. I narrowed it down to the BouncyCastle version 1.62. It
somehow fails to do the TLS1.3 handshake. I upgraded to the current 1.66
version and it worked without issues. I don't know why James is shipped
with such an old BC version, as even when 3.5 became final a newer BC
version was already available. I guess a new BC version is something
that should be part of the 3.6 branch.
Oh, another side-note: As I looked through the configs I've seen that
MD5 is still the default hashing algo, it should be changed to at least
SHA-256 to prevent leaks with unsecure database configurations.
Now I have to re-add all my domains and users and fully test it with
IPv4 and IPv6 and TLS and such. If I encounter other issues I'll report
back.
So long ...
Matt
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org
For additional commands, e-mail: server-user-h...@james.apache.org
