Kevin N.
2021-Jun-28 06:12 UTC
[BUG] doveadm / mail-crypt: Error when setting new password for a user key
Hi Aki, Yes. Without -O the following error is thrown: result: dcrypt_key_load_private(...) failed: password missing Which makes sense since you need the old password for setting a new password for the user key. BTW: the behavior is the same on 2.3.15 too. Cheers, Kevin On 28/06/2021 08:46, Aki Tuomi wrote:> >> On 20/06/2021 01:22 Kevin N. <kevin at notscheduled.eu> wrote: >> >> >> Dovecot version: 2.3.14 >> >> When setting a new password for a user key you have the option to prompt >> the user for the old and the new password, instead of providing them as >> parameters (using -N and -O instead of -n and -o). >> >> However, running: >> doveadm mailbox cryptokey password -u user at domain -N -O >> >> produces an error instead of prompting the user for the old and the new >> password. >> >> The error is: >> password: option requires an argument -- 'O' >> >> >> You can work around this by providing a dummy input for -O which seems >> to be properly ignored in the end, but it would be nice to not throw any >> errors since -O should not expect an argument. >> >> Regards. > > Hi! > > Did you try leaving -O/-o out? > > Aki >
Aki Tuomi
2021-Jun-28 06:15 UTC
[BUG] doveadm / mail-crypt: Error when setting new password for a user key
Oh duh. Yeah. It's a bug. It's a known bug, DOP-2233. Lets see if we could get this fixed finally. Aki> On 28/06/2021 09:12 Kevin N. <kevin at notscheduled.eu> wrote: > > > Hi Aki, > > Yes. Without -O the following error is thrown: > > result: dcrypt_key_load_private(...) failed: password missing > > Which makes sense since you need the old password for setting a new > password for the user key. > > BTW: the behavior is the same on 2.3.15 too. > > Cheers, > > Kevin > > > On 28/06/2021 08:46, Aki Tuomi wrote: > > > >> On 20/06/2021 01:22 Kevin N. <kevin at notscheduled.eu> wrote: > >> > >> > >> Dovecot version: 2.3.14 > >> > >> When setting a new password for a user key you have the option to prompt > >> the user for the old and the new password, instead of providing them as > >> parameters (using -N and -O instead of -n and -o). > >> > >> However, running: > >> doveadm mailbox cryptokey password -u user at domain -N -O > >> > >> produces an error instead of prompting the user for the old and the new > >> password. > >> > >> The error is: > >> password: option requires an argument -- 'O' > >> > >> > >> You can work around this by providing a dummy input for -O which seems > >> to be properly ignored in the end, but it would be nice to not throw any > >> errors since -O should not expect an argument. > >> > >> Regards. > > > > Hi! > > > > Did you try leaving -O/-o out? > > > > Aki > >