Howdy y'all,

I noticed something odd with the userdb/passdb processing past the 2.4.2 CVE fix, etc. -- namely that the prefixing you previously needed to do to userdb returns, etc. when you set a cache_key is no longer necessary and in fact harmful.

It is worth mentioning, as after looking into this a bit and realizing that it "should have been obvious" to me that this would have been the case. That said I didn't make the logical leap till doveadm screamed at me about it during mailbox creation after upgrade (can't very well do doveadm mailbox create -s -u user@domain.test INBOX.spam when your userdb returns ${CACHE_KEY}_mailbox/INBOX/spam/... for the relevant config values, etc.).

TL;DR: disabling the cache = do NOT prefix any userdb/passdb returns in accordance with cache_key you set. This is true for lua passdb/authdb or any other authdb, not just passwd/oauth2.

Cheers,

Thomas "Andy" Baugh | Software Development Engineer IV andy.baugh@webpros.com www.webpros.com