Hi all,
I am trying to configure dovecot to accept SASL EXTERNAL authentication with a
client certificate and no password.
I have tried the following configuration:
passdb {
driver = ldap
# Path for LDAP configuration file, see example-config/dovecot-ldap.conf.ext
args = /etc/dovecot/dovecot-ldap-external.conf.ext
mechanisms = external
default_fields = noauthenticate=y
}
In the logs I see dovecot correctly negotiate SASL EXTERNAL, but eventually we
reach this line and we fail:
https://github.com/dovecot/core/blob/34a18f5a79bf7eca58e55aff3e1fe69468292d0f/src/auth/passdb-ldap.c#L184
Which is in turn reached by following this code:
https://github.com/dovecot/core/blob/34a18f5a79bf7eca58e55aff3e1fe69468292d0f/src/auth/passdb-ldap.c#L275
In theory, if I understand this correctly, what is missing is a field to say
“don’t try check any password”, which field is this supposed to be?
“nopassword”? “noauthenticate”?
I am happy to patch this, but need some guidance as what the correct approach
is.
Regards,
Graham
—
_______________________________________________
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org
