[dovecot-cvs] dovecot/src/auth auth-request.c, 1.48,
1.49 auth-request.h, 1.25, 1.26
cras at dovecot.org
cras at dovecot.org
Fri Feb 24 15:42:00 EET 2006
- Previous message: [dovecot-cvs] dovecot/src/lib-index mail-index.c,1.223,1.224
- Next message: [dovecot-cvs] dovecot/src/lib-storage/index/dbox dbox-file.c, 1.7,
1.8 dbox-mail.c, 1.5, 1.6 dbox-storage.h, 1.7,
1.8 dbox-sync-expunge.c, 1.6, 1.7 dbox-sync.c, 1.7,
1.8 dbox-uidlist.c, 1.16, 1.17
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Update of /var/lib/cvs/dovecot/src/auth
In directory talvi:/tmp/cvs-serv15452
Modified Files:
auth-request.c auth-request.h
Log Message:
Digest-MD5 logins didn't work if passdb changed username.
Index: auth-request.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/auth-request.c,v
retrieving revision 1.48
retrieving revision 1.49
diff -u -d -r1.48 -r1.49
--- auth-request.c 22 Feb 2006 15:13:18 -0000 1.48
+++ auth-request.c 24 Feb 2006 13:41:57 -0000 1.49
@@ -547,6 +547,11 @@
bool auth_request_set_username(struct auth_request *request,
const char *username, const char **error_r)
{
+ if (request->original_username == NULL) {
+ /* the username may change later, but we need to use this
+ username when verifying at least DIGEST-MD5 password */
+ request->original_username = p_strdup(request->pool, username);
+ }
if (request->cert_username) {
/* cert_username overrides the username given by
authentication mechanism. */
@@ -659,7 +664,7 @@
}
ret = password_verify(plain_password, crypted_password, scheme,
- request->user);
+ request->original_username);
if (ret < 0) {
auth_request_log_error(request, subsystem,
"Unknown password scheme %s", scheme);
Index: auth-request.h
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/auth-request.h,v
retrieving revision 1.25
retrieving revision 1.26
diff -u -d -r1.25 -r1.26
--- auth-request.h 20 Feb 2006 14:12:36 -0000 1.25
+++ auth-request.h 24 Feb 2006 13:41:57 -0000 1.26
@@ -28,6 +28,10 @@
has validated user as a valid master user, master_user is set to
user and user is set to requested_login_user. */
char *user, *requested_login_user, *master_user;
+ /* original_username contains the username exactly as given by the
+ client. this is needed at least with DIGEST-MD5 for password
+ verification */
+ const char *original_username;
char *mech_password; /* set if verify_plain() is called */
char *passdb_password; /* set after password lookup if successful */
/* extra_fields are returned in authentication reply. Fields prefixed
- Previous message: [dovecot-cvs] dovecot/src/lib-index mail-index.c,1.223,1.224
- Next message: [dovecot-cvs] dovecot/src/lib-storage/index/dbox dbox-file.c, 1.7,
1.8 dbox-mail.c, 1.5, 1.6 dbox-storage.h, 1.7,
1.8 dbox-sync-expunge.c, 1.6, 1.7 dbox-sync.c, 1.7,
1.8 dbox-uidlist.c, 1.16, 1.17
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the dovecot-cvs
mailing list