[dovecot-cvs] dovecot/src/pop3-login client-authenticate.c, 1.49.2.6, 1.49.2.7

tss at dovecot.org tss at dovecot.org
Tue Feb 20 11:51:09 UTC 2007 

Update of /var/lib/cvs/dovecot/src/pop3-login
In directory talvi:/tmp/cvs-serv25810/pop3-login

Modified Files:
      Tag: branch_1_0
	client-authenticate.c 
Log Message:
If authentication failed but it still returns proxy, don't do the proxying.



Index: client-authenticate.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/pop3-login/client-authenticate.c,v
retrieving revision 1.49.2.6
retrieving revision 1.49.2.7
diff -u -d -r1.49.2.6 -r1.49.2.7
--- client-authenticate.c	16 Feb 2007 13:42:00 -0000	1.49.2.6
+++ client-authenticate.c	20 Feb 2007 11:51:07 -0000	1.49.2.7
@@ -88,12 +88,12 @@
 }
 
 static bool client_handle_args(struct pop3_client *client,
-			       const char *const *args, bool nologin)
+			       const char *const *args, bool success)
 {
 	const char *reason = NULL, *host = NULL, *destuser = NULL, *pass = NULL;
 	string_t *reply;
 	unsigned int port = 110;
-	bool proxy = FALSE, temp = FALSE;
+	bool proxy = FALSE, temp = FALSE, nologin = !success;
 
 	for (; *args != NULL; args++) {
 		if (strcmp(*args, "nologin") == 0)
@@ -119,8 +119,12 @@
 
 	if (proxy) {
 		/* we want to proxy the connection to another server.
+		   don't do this unless authentication succeeded. with
+		   master user proxying we can get FAIL with proxy still set.
 
 		   proxy host=.. [port=..] [destuser=..] pass=.. */
+		if (!success)
+			return FALSE;
 		if (pop3_proxy_new(client, host, port, destuser, pass) < 0)
 			client_destroy_internal_failure(client);
 		return TRUE;
@@ -165,7 +169,7 @@
 	switch (reply) {
 	case SASL_SERVER_REPLY_SUCCESS:
 		if (args != NULL) {
-			if (client_handle_args(client, args, FALSE))
+			if (client_handle_args(client, args, TRUE))
 				break;
 		}
 
@@ -175,7 +179,7 @@
 	case SASL_SERVER_REPLY_AUTH_FAILED:
 	case SASL_SERVER_REPLY_CLIENT_ERROR:
 		if (args != NULL) {
-			if (client_handle_args(client, args, TRUE))
+			if (client_handle_args(client, args, FALSE))
 				break;
 		}

More information about the dovecot-cvs mailing list