On Thursday 17 of November 2016, Aki Tuomi wrote:
On 17.11.2016 10:14, Arkadiusz Miśkiewicz wrote:
Hello.
dovecot 2.2.26.0
When testing nopassword extra field (http://wiki2.dovecot.org/PasswordDatabase/ExtraFields) with CRAM-MD5 dovecot doesn't allow any password (while it should) and returns
" Authentication failed"
while in logs:
Nov 17 08:22:34 auth-worker(1551): Info: sql(pepe,127.0.0.1,<Y8amDXpBptV/AAAB>): Requested CRAM-MD5 scheme, but we have a NULL password
NULL is there because our sql query returns empty password just like wiki says "nopassword: you want to allow all passwords, use an empty password and this field. "
If password is returned in sql query then it fails, too:
Nov 17 09:00:49 auth-worker(2206): Error: sql(pepe,127.0.0.1,<eO5vlnpBtNd/AAAB>): nopassword set but password is non- empty
So looks to be a bug.
It's not a bug. CRAM-MD5 does in fact require *some* password to work,
Provide fake/random one for nopassword internally.
you can either store it with doveadm pw -S CRAM-MD5 or as plain text password.
Then I get
sql(pepe,127.0.0.1,<eO5vlnpBtNd/AAAB>): nopassword set but password is non- empty
So that doesn't help
btw. doveadm pw -S is not documented, so no idea what it does
Aki
-- Arkadiusz Miśkiewicz, arekm / ( maven.pl | pld-linux.org )