Re: BUG REPORT: MAIL-CRYPT plugin: doveadm mailbox cryptokey -O option

Thu, 12 Aug 2021 02:29:45 -0700 

And now it's fixed. See 
https://github.com/dovecot/core/commit/13830767a0e3bf29ad421ed656a89345346d6c8d

Aki

> On 09/08/2021 07:53 Aki Tuomi <aki.tu...@open-xchange.com> wrote:
> 
>  
> Yes, it's a bug. It's being tracked by us.
> 
> Aki
> 
> > On 28/07/2021 07:56 ean365 <ean...@verizon.net> wrote:
> > 
> > 
> > Hi, Aki:
> >  Just resending below bug report. I notice that it has not been fixed, yet. 
> > Am I correct that this is a bug, albeit a small one?
> >  Best Regards,
> >  Eric
> >  
> > 
> > On 12/27/2020 11:02 AM, Aki Tuomi wrote:
> > 
> > > > On 26/12/2020 10:41 ean365 <ean...@verizon.net> wrote:
> > > > 
> > > > 
> > > > Aki:
> > > >  
> > > >  I have identified a bug in the "-O" option of "doveadm mailbox 
> > > > cryptokey password" plugin command -- it is expecting an argument, but 
> > > > it is supposed to be a boolean option. I have also identified the 
> > > > (simple) fix to the source on github...
> > > >  
> > > >  I am a dovecot community noob, so please forgive me if this has 
> > > > already been identified... (if so, I hope it gets fixed soon)...
> > > > 
> > > >  The "-O" option in struct doveadm_cmd_mcp_key_password is set to 
> > > > expect a STR parameter, but it should be BOOL. See line 1027 in 
> > > > plugins/mail-crypt/doveadm-mail-crypt.c of master branch...
> > > >  
> > > >  Currently:
> > > >  DOVEADM_CMD_PARAM('O',"ask-old-password", CMD_PARAM_STR,0)
> > > >  
> > > > Should be:
> > > >  DOVEADM_CMD_PARAM('O',"ask-old-password", CMD_PARAM_BOOL,0)
> > > >  
> > > >  Workaround is to specify -O last on command line with a dummy 
> > > > argument, like this:
> > > >  doveadm mailbox cryptokey password -N -O ""
> > > >  
> > > >  Also, a quick question and suggestion -- Why does the doveadm mailbox 
> > > > cryptokey password command not ask for a new password twice, with a 
> > > > check that both entries must match before the password is changed? The 
> > > > last thing we would want is to type something wrong accidentally, and 
> > > > change the new password to something unknown -- rendering encrypted 
> > > > email unrecoverable. I would like to suggest that the code in 
> > > > cmd_mcp_key_password_run be amended to include verifying password entry 
> > > > twice.
> > > >  
> > > >  (I am writing a simple addition to postfixadmin that changes the 
> > > > user's mail-crypt password whenever they use postfixadmin to change 
> > > > their login password. It calls doveadm to change the keys. I came 
> > > > across this bug while working through this.)
> > > >  
> > > >  Thanks for all your help!
> > > >  Eric
> > > > 
> > > > 
> > > Thank you for reporting this, we'll take a look.
> > > 
> > > Aki
> > > 
> > 
> >

Reply via email to