[dovecot-cvs] dovecot/src/deliver auth-client.c,1.2,1.3

Fri Jun 16 21:37:11 EEST 2006

Update of /var/lib/cvs/dovecot/src/deliver
In directory talvi:/tmp/cvs-serv1616

Modified Files:
	auth-client.c 
Log Message:
If USER query doesn't return non-zero uid and gid, give a nice error message.



Index: auth-client.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/deliver/auth-client.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -d -r1.2 -r1.3

--- auth-client.c	16 Jun 2006 09:30:07 -0000	1.2
+++ auth-client.c	16 Jun 2006 18:37:06 -0000	1.3
@@ -26,6 +26,7 @@
 
 	struct ioloop *ioloop;
 	uid_t euid;
+	const char *user;
 
 	unsigned int handshaked:1;
 };
@@ -45,16 +46,31 @@
 static void auth_parse_input(struct auth_connection *conn, const char *args)
 {
 	const char *const *tmp, *key, *value;
+	uid_t uid = 0;
+	gid_t gid = 0;
 	int home_found = FALSE;
 
 	for (tmp = t_strsplit(args, "\t"); *tmp != NULL; tmp++) {
 		if (strncmp(*tmp, "uid=", 4) == 0) {
-			if (conn->euid != strtoul(*tmp + 3, NULL, 10)) {
+			uid = strtoul(*tmp + 4, NULL, 10);
+
+			if (uid == 0) {
+				i_error("userdb(%s) returned 0 as uid",
+					conn->user);
+				return_value = EX_TEMPFAIL;
+			}
+			if (conn->euid != uid) {
 				env_put(t_strconcat("RESTRICT_SETUID=",
-						    *tmp + 4, NULL));
+						    dec2str(uid), NULL));
 			}
 		} else if (strncmp(*tmp, "gid=", 4) == 0) {
-			gid_t gid = strtoul(*tmp + 4, NULL, 10);
+			gid = strtoul(*tmp + 4, NULL, 10);
+
+			if (gid == 0) {
+				i_error("userdb(%s) returned 0 as gid",
+					conn->user);
+				return_value = EX_TEMPFAIL;
+			}
 
 			if (conn->euid == 0 || getegid() != gid) {
 				env_put(t_strconcat("RESTRICT_SETGID=",
@@ -76,7 +92,18 @@
 
 	if (!home_found) {
 		/* we must have a home directory */
-		i_error("userdb didn't return a home directory");
+		i_error("userdb(%s) didn't return a home directory",
+			conn->user);
+		return_value = EX_TEMPFAIL;
+		return;
+	}
+	if (uid == 0) {
+		i_error("userdb(%s) didn't return uid", conn->user);
+		return_value = EX_TEMPFAIL;
+		return;
+	}
+	if (gid == 0) {
+		i_error("userdb(%s) didn't return gid", conn->user);
 		return_value = EX_TEMPFAIL;
 		return;
 	}
@@ -168,6 +195,7 @@
 
 	conn->ioloop = ioloop;
 	conn->euid = euid;
+	conn->user = user;
 
 	o_stream_send_str(conn->output,
 			  t_strconcat("VERSION\t1\t0\n"

