[Dovecot] Strange error: DIGEST-MD5 mechanism can't be supported with given passdbs

Yubao Liu yubao.liu at gmail.com
Fri Jan 6 19:45:15 EET 2012


On 01/07/2012 12:44 AM, Timo Sirainen wrote:
> On Sat, 2012-01-07 at 00:15 +0800, Yubao Liu wrote:
>
>> I don't know why this function doesn't check auth->masterdbs, if I
>> insert these lines after line 128, that error goes away, and dovecot's
>> imap-login process happily does DIGEST-MD5 authentication [1].
>> In my configuration, "masterdbs" contains "passdb passwd-file",
>> "passdbs" contains " passdb pam".
> So .. you want DIGEST-MD5 authentication for the master users, but not
> for anyone else? I hadn't really thought anyone would want that..
>
Is there any special reason that master passdb isn't taken into
account in src/auth/auth.c:auth_passdb_list_have_lookup_credentials() ?
I feel master passdb is also a kind of passdb.

http://wiki2.dovecot.org/PasswordDatabase

 > You can use multiple databases, so if the password doesn't match
 > in the first database, Dovecot checks the next one. This can be useful
 > if you want to easily support having both virtual users and also local
 > system users (see Authentication/MultipleDatabases 
<http://wiki2.dovecot.org/Authentication/MultipleDatabases>).

This is exactly my use case, I use Kerberos for system users,
I'm curious why master passdb isn't used to check 
"have_lookup_credentials" ability.

http://wiki2.dovecot.org/Authentication/MultipleDatabases
 > Currently the fallback works only with the PLAIN authentication 
mechanism.

I hope this limitation can be relaxed.

Regards,
Yubao Liu




More information about the dovecot mailing list