On Thursday 17 of November 2016, Aki Tuomi wrote: > On 17.11.2016 10:14, Arkadiusz Miśkiewicz wrote: > > Hello. > > > > dovecot 2.2.26.0 > > > > When testing nopassword extra field > > (http://wiki2.dovecot.org/PasswordDatabase/ExtraFields) with CRAM-MD5 > > dovecot doesn't allow any password (while it should) and returns > > > > " Authentication failed" > > > > while in logs: > > > > Nov 17 08:22:34 auth-worker(1551): Info: > > sql(pepe,127.0.0.1,<Y8amDXpBptV/AAAB>): Requested CRAM-MD5 scheme, but we > > have a NULL password > > > > NULL is there because our sql query returns empty password just like wiki > > says "nopassword: you want to allow all passwords, use an empty > > password and this field. " > > > > > > If password is returned in sql query then it fails, too: > > > > Nov 17 09:00:49 auth-worker(2206): Error: > > sql(pepe,127.0.0.1,<eO5vlnpBtNd/AAAB>): nopassword set but password is > > non- empty > > > > So looks to be a bug. > > It's not a bug. CRAM-MD5 does in fact require *some* password to work,
Provide fake/random one for nopassword internally. > you can either store it with doveadm pw -S CRAM-MD5 or as plain text > password. Then I get > > sql(pepe,127.0.0.1,<eO5vlnpBtNd/AAAB>): nopassword set but password is > > non- empty So that doesn't help btw. doveadm pw -S is not documented, so no idea what it does > Aki -- Arkadiusz Miśkiewicz, arekm / ( maven.pl | pld-linux.org )