[dovecot-cvs] dovecot/src/auth auth-request-handler.c, 1.6,
1.7 auth-request.c, 1.25, 1.26 auth-worker-client.c, 1.12,
1.13 passdb-blocking.c, 1.4, 1.5
cras at dovecot.org
cras at dovecot.org
Thu Jun 16 11:21:20 EEST 2005
Update of /var/lib/cvs/dovecot/src/auth
In directory talvi:/tmp/cvs-serv2020
Modified Files:
auth-request-handler.c auth-request.c auth-worker-client.c
passdb-blocking.c
Log Message:
Last change caused user-given passwords to be cached, and later the password
used instead of the real one (ie. login once with correct password, then you
could login using whatever password as long as user is cached). Clearly not
good. Did several changes to make sure this can't happen again.
Index: auth-request-handler.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/auth-request-handler.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -d -r1.6 -r1.7
--- auth-request-handler.c 26 Apr 2005 11:43:36 -0000 1.6
+++ auth-request-handler.c 16 Jun 2005 08:21:17 -0000 1.7
@@ -106,23 +106,35 @@
static const char *get_client_extra_fields(struct auth_request *request)
{
+ string_t *str;
const char **fields;
unsigned int src, dest;
- if (request->extra_fields == NULL)
- return NULL;
+ if (!request->proxy) {
+ if (request->extra_fields == NULL)
+ return NULL;
- /* we only wish to remove all fields prefixed with "userdb_" */
- if (strstr(str_c(request->extra_fields), "userdb_") == NULL)
- return str_c(request->extra_fields);
+ /* we only wish to remove all fields prefixed with "userdb_" */
+ if (strstr(str_c(request->extra_fields), "userdb_") == NULL)
+ return str_c(request->extra_fields);
+ }
+
+ str = t_str_new(128);
+ if (request->proxy) {
+ /* we're proxying - send back the password that was
+ sent by user (not the password in passdb). */
+ str_printfa(str, "pass=%s", request->mech_password);
+ }
fields = t_strsplit(str_c(request->extra_fields), "\t");
for (src = dest = 0; fields[src] != NULL; src++) {
- if (strncmp(fields[src], "userdb_", 7) != 0)
- fields[dest++] = fields[src];
+ if (strncmp(fields[src], "userdb_", 7) != 0) {
+ if (str_len(str) > 0)
+ str_append_c(str, '\t');
+ str_append(str, fields[src]);
+ }
}
- fields[dest] = NULL;
- return t_strarray_join(fields, "\t");
+ return str_c(str);
}
static void auth_callback(struct auth_request *request,
Index: auth-request.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/auth-request.c,v
retrieving revision 1.25
retrieving revision 1.26
diff -u -d -r1.25 -r1.26
--- auth-request.c 15 Jun 2005 08:05:04 -0000 1.25
+++ auth-request.c 16 Jun 2005 08:21:17 -0000 1.26
@@ -155,6 +155,10 @@
struct passdb_module *passdb = request->passdb->passdb;
string_t *str;
+ i_assert(request->extra_fields == NULL ||
+ (strstr(str_c(request->extra_fields), "\tpass=") == NULL &&
+ strncmp(str_c(request->extra_fields), "pass=", 5) != 0));
+
if (passdb_cache == NULL)
return;
@@ -221,13 +225,6 @@
}
}
- if (request->proxy) {
- /* we're proxying - send back the password that was
- sent by user (not the password in passdb). */
- str_printfa(request->extra_fields, "\tpass=%s",
- request->mech_password);
- }
-
if (request->passdb_password != NULL) {
safe_memset(request->passdb_password, 0,
strlen(request->passdb_password));
@@ -247,9 +244,10 @@
return;
}
- safe_memset(request->mech_password, 0, strlen(request->mech_password));
-
+ auth_request_ref(request);
request->private_callback.verify_plain(result, request);
+ safe_memset(request->mech_password, 0, strlen(request->mech_password));
+ auth_request_unref(request);
}
void auth_request_verify_plain(struct auth_request *request,
Index: auth-worker-client.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/auth-worker-client.c,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -d -r1.12 -r1.13
--- auth-worker-client.c 8 Jun 2005 13:37:17 -0000 1.12
+++ auth-worker-client.c 16 Jun 2005 08:21:17 -0000 1.13
@@ -90,11 +90,6 @@
if (request->passdb_password != NULL)
str_append(str, request->passdb_password);
str_append_c(str, '\t');
- if (request->proxy) {
- /* we're proxying - send back the password that was
- sent by user (not the password in passdb). */
- str_printfa(str, "pass=%s\t", request->mech_password);
- }
if (request->extra_fields != NULL)
str_append_str(str, request->extra_fields);
}
Index: passdb-blocking.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/passdb-blocking.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -d -r1.4 -r1.5
--- passdb-blocking.c 2 Apr 2005 22:00:49 -0000 1.4
+++ passdb-blocking.c 16 Jun 2005 08:21:17 -0000 1.5
@@ -83,6 +83,10 @@
if (*reply != '\0') {
i_assert(request->extra_fields == NULL);
+ p = strstr(reply, "\tproxy");
+ if (p != NULL && (p[6] == '\0' || p[6] == '\t'))
+ request->proxy = TRUE;
+
request->extra_fields = str_new(request->pool, 128);
str_append(request->extra_fields, reply);
}
More information about the dovecot-cvs
mailing list