[dovecot-cvs] dovecot/src/auth auth-request.c, 1.84, 1.85 passdb-cache.c, 1.19, 1.20 passdb.c, 1.46, 1.47
tss at dovecot.org
tss at dovecot.org
Thu Feb 15 11:51:35 UTC 2007
Update of /var/lib/cvs/dovecot/src/auth
In directory talvi:/tmp/cvs-serv20823
Modified Files:
auth-request.c passdb-cache.c passdb.c
Log Message:
If looking up credentials for NULL passwords, return "scheme not available"
instead of assert-crashing.
Index: auth-request.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/auth-request.c,v
retrieving revision 1.84
retrieving revision 1.85
diff -u -d -r1.84 -r1.85
--- auth-request.c 15 Feb 2007 11:06:36 -0000 1.84
+++ auth-request.c 15 Feb 2007 11:51:33 -0000 1.85
@@ -489,8 +489,6 @@
password = result != PASSDB_RESULT_OK ? NULL :
passdb_get_credentials(request, password,
scheme);
- if (password == NULL && result == PASSDB_RESULT_OK)
- result = PASSDB_RESULT_SCHEME_NOT_AVAILABLE;
}
}
Index: passdb-cache.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/passdb-cache.c,v
retrieving revision 1.19
retrieving revision 1.20
diff -u -d -r1.19 -r1.20
--- passdb-cache.c 15 Feb 2007 10:31:18 -0000 1.19
+++ passdb-cache.c 15 Feb 2007 11:51:33 -0000 1.20
@@ -116,7 +116,12 @@
*result_r = PASSDB_RESULT_OK;
*password_r = list[0];
*scheme_r = password_get_scheme(password_r);
- i_assert(*scheme_r != NULL);
+ i_assert(*scheme_r != NULL || *password_r == '\0');
+
+ if (*password_r == '\0') {
+ *password_r = NULL;
+ *result_r = PASSDB_RESULT_SCHEME_NOT_AVAILABLE;
+ }
return TRUE;
}
Index: passdb.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/passdb.c,v
retrieving revision 1.46
retrieving revision 1.47
diff -u -d -r1.46 -r1.47
--- passdb.c 21 Dec 2006 15:46:30 -0000 1.46
+++ passdb.c 15 Feb 2007 11:51:33 -0000 1.47
@@ -127,9 +127,9 @@
callback(result, NULL, auth_request);
return;
}
- i_assert(password != NULL);
- password = passdb_get_credentials(auth_request, password, scheme);
+ password = password == NULL ? NULL :
+ passdb_get_credentials(auth_request, password, scheme);
if (password == NULL)
result = PASSDB_RESULT_SCHEME_NOT_AVAILABLE;
callback(result, password, auth_request);
More information about the dovecot-cvs
mailing list