Re: BUG REPORT: MAIL-CRYPT plugin: doveadm mailbox cryptokey -O option

Sun, 08 Aug 2021 21:54:20 -0700 

Yes, it's a bug. It's being tracked by us.

Aki

> On 28/07/2021 07:56 ean365 <ean...@verizon.net> wrote:
> 
> 
> Hi, Aki:
>  Just resending below bug report. I notice that it has not been fixed, yet. 
> Am I correct that this is a bug, albeit a small one?
>  Best Regards,
>  Eric
>  
> 
> On 12/27/2020 11:02 AM, Aki Tuomi wrote:
> 
> > > On 26/12/2020 10:41 ean365 <ean...@verizon.net> wrote:
> > > 
> > > 
> > > Aki:
> > >  
> > >  I have identified a bug in the "-O" option of "doveadm mailbox cryptokey 
> > > password" plugin command -- it is expecting an argument, but it is 
> > > supposed to be a boolean option. I have also identified the (simple) fix 
> > > to the source on github...
> > >  
> > >  I am a dovecot community noob, so please forgive me if this has already 
> > > been identified... (if so, I hope it gets fixed soon)...
> > > 
> > >  The "-O" option in struct doveadm_cmd_mcp_key_password is set to expect 
> > > a STR parameter, but it should be BOOL. See line 1027 in 
> > > plugins/mail-crypt/doveadm-mail-crypt.c of master branch...
> > >  
> > >  Currently:
> > >  DOVEADM_CMD_PARAM('O',"ask-old-password", CMD_PARAM_STR,0)
> > >  
> > > Should be:
> > >  DOVEADM_CMD_PARAM('O',"ask-old-password", CMD_PARAM_BOOL,0)
> > >  
> > >  Workaround is to specify -O last on command line with a dummy argument, 
> > > like this:
> > >  doveadm mailbox cryptokey password -N -O ""
> > >  
> > >  Also, a quick question and suggestion -- Why does the doveadm mailbox 
> > > cryptokey password command not ask for a new password twice, with a check 
> > > that both entries must match before the password is changed? The last 
> > > thing we would want is to type something wrong accidentally, and change 
> > > the new password to something unknown -- rendering encrypted email 
> > > unrecoverable. I would like to suggest that the code in 
> > > cmd_mcp_key_password_run be amended to include verifying password entry 
> > > twice.
> > >  
> > >  (I am writing a simple addition to postfixadmin that changes the user's 
> > > mail-crypt password whenever they use postfixadmin to change their login 
> > > password. It calls doveadm to change the keys. I came across this bug 
> > > while working through this.)
> > >  
> > >  Thanks for all your help!
> > >  Eric
> > > 
> > > 
> > Thank you for reporting this, we'll take a look.
> > 
> > Aki
> > 
> 
>

Reply via email to