https://github.com/dovecot/core/commit/54a1b3574acab5f778843f7f1e04d2d26d61a... fixed a 'doveadm pw' crash "when trying to use CRYPT scheme when crypt() doesn't support DES" by testing to see if crypt would generate a DES password and, if not, disabling the scheme. I'm using Dovecot on OpenBSD with bcrypt passwords stored in LDAP as "{CRYPT}$2b$...". OpenLDAP is built with --enable-crypt which takes the same approach as Dovecot of just passing to crypt(), so before the above commit, both programs were able to authenticate. (Changing the scheme value stored in the ldap passdb to BLF-CRYPT would fix Dovecot but break things for other programs including OpenLDAP itself). For now I went with a dirty patch to get things working again, does anyone have an idea for a nicer fix? Thanks. --- src/auth/password-scheme-crypt.c.orig Fri Jan 8 01:04:13 2016 +++ src/auth/password-scheme-crypt.c Fri Jan 8 01:23:35 2016 @@ -111,7 +111,12 @@ static const struct { const char *salt; const char *expected; } sample[] = { +#ifdef __OpenBSD__ + { "08/15!test~4711", "$2a$04$0123456789abcdefABCDEF", + "$2a$04$0123456789abcdefABCDE.N.drYX5yIAL1LkTaaZotW3yI0hQhZru" }, +#else { "08/15!test~4711", "JB", "JBOZ0DgmtucwE" }, +#endif { "08/15!test~4711", "$2a$04$0123456789abcdefABCDEF", "$2a$04$0123456789abcdefABCDE.N.drYX5yIAL1LkTaaZotW3yI0hQhZru" }, { "08/15!test~4711", "$5$rounds=1000$0123456789abcdef", @@ -124,8 +129,13 @@ static const struct { /* keep in sync with the sample struct above */ static const struct password_scheme crypt_schemes[] = { +#ifdef __OpenBSD__ { "CRYPT", PW_ENCODING_NONE, 0, crypt_verify, + crypt_generate_blowfisch }, +#else + { "CRYPT", PW_ENCODING_NONE, 0, crypt_verify, crypt_generate_des }, +#endif { "BLF-CRYPT", PW_ENCODING_NONE, 0, crypt_verify, crypt_generate_blowfisch }, { "SHA256-CRYPT", PW_ENCODING_NONE, 0, crypt_verify,