[dovecot-cvs] dovecot/src/auth auth-request.c, 1.84, 1.85 passdb-cache.c, 1.19, 1.20 passdb.c, 1.46, 1.47

Thu Feb 15 11:51:35 UTC 2007

Update of /var/lib/cvs/dovecot/src/auth
In directory talvi:/tmp/cvs-serv20823

Modified Files:
	auth-request.c passdb-cache.c passdb.c 
Log Message:
If looking up credentials for NULL passwords, return "scheme not available"
instead of assert-crashing.



Index: auth-request.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/auth-request.c,v
retrieving revision 1.84
retrieving revision 1.85
diff -u -d -r1.84 -r1.85

--- auth-request.c	15 Feb 2007 11:06:36 -0000	1.84
+++ auth-request.c	15 Feb 2007 11:51:33 -0000	1.85
@@ -489,8 +489,6 @@
 			password = result != PASSDB_RESULT_OK ? NULL :
 				passdb_get_credentials(request, password,
 						       scheme);
-			if (password == NULL && result == PASSDB_RESULT_OK)
-				result = PASSDB_RESULT_SCHEME_NOT_AVAILABLE;
 		}
 	}
 

Index: passdb-cache.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/passdb-cache.c,v
retrieving revision 1.19
retrieving revision 1.20
diff -u -d -r1.19 -r1.20
--- passdb-cache.c	15 Feb 2007 10:31:18 -0000	1.19
+++ passdb-cache.c	15 Feb 2007 11:51:33 -0000	1.20
@@ -116,7 +116,12 @@
 	*result_r = PASSDB_RESULT_OK;
 	*password_r = list[0];
 	*scheme_r = password_get_scheme(password_r);
-	i_assert(*scheme_r != NULL);
+	i_assert(*scheme_r != NULL || *password_r == '\0');
+
+	if (*password_r == '\0') {
+		*password_r = NULL;
+		*result_r = PASSDB_RESULT_SCHEME_NOT_AVAILABLE;
+	}
 	return TRUE;
 }
 

Index: passdb.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/passdb.c,v
retrieving revision 1.46
retrieving revision 1.47
diff -u -d -r1.46 -r1.47
--- passdb.c	21 Dec 2006 15:46:30 -0000	1.46
+++ passdb.c	15 Feb 2007 11:51:33 -0000	1.47
@@ -127,9 +127,9 @@
 		callback(result, NULL, auth_request);
 		return;
 	}
-	i_assert(password != NULL);
 
-	password = passdb_get_credentials(auth_request, password, scheme);
+	password = password == NULL ? NULL :
+		passdb_get_credentials(auth_request, password, scheme);
 	if (password == NULL)
 		result = PASSDB_RESULT_SCHEME_NOT_AVAILABLE;
 	callback(result, password, auth_request);

