[dovecot-cvs] dovecot/src/pop3-login client-authenticate.c, 1.57, 1.58

tss at dovecot.org tss at dovecot.org
Tue Feb 20 11:51:15 UTC 2007


Update of /var/lib/cvs/dovecot/src/pop3-login
In directory talvi:/tmp/cvs-serv25814/pop3-login

Modified Files:
	client-authenticate.c 
Log Message:
If authentication failed but it still returns proxy, don't do the proxying.



Index: client-authenticate.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/pop3-login/client-authenticate.c,v
retrieving revision 1.57
retrieving revision 1.58
diff -u -d -r1.57 -r1.58
--- client-authenticate.c	16 Feb 2007 13:42:05 -0000	1.57
+++ client-authenticate.c	20 Feb 2007 11:51:13 -0000	1.58
@@ -89,12 +89,12 @@
 }
 
 static bool client_handle_args(struct pop3_client *client,
-			       const char *const *args, bool nologin)
+			       const char *const *args, bool success)
 {
 	const char *reason = NULL, *host = NULL, *destuser = NULL, *pass = NULL;
 	string_t *reply;
 	unsigned int port = 110;
-	bool proxy = FALSE, temp = FALSE;
+	bool proxy = FALSE, temp = FALSE, nologin = !success;
 
 	for (; *args != NULL; args++) {
 		if (strcmp(*args, "nologin") == 0)
@@ -120,8 +120,12 @@
 
 	if (proxy) {
 		/* we want to proxy the connection to another server.
+		   don't do this unless authentication succeeded. with
+		   master user proxying we can get FAIL with proxy still set.
 
 		   proxy host=.. [port=..] [destuser=..] pass=.. */
+		if (!success)
+			return FALSE;
 		if (pop3_proxy_new(client, host, port, destuser, pass) < 0)
 			client_destroy_internal_failure(client);
 		return TRUE;
@@ -166,7 +170,7 @@
 	switch (reply) {
 	case SASL_SERVER_REPLY_SUCCESS:
 		if (args != NULL) {
-			if (client_handle_args(client, args, FALSE))
+			if (client_handle_args(client, args, TRUE))
 				break;
 		}
 
@@ -176,7 +180,7 @@
 	case SASL_SERVER_REPLY_AUTH_FAILED:
 	case SASL_SERVER_REPLY_CLIENT_ERROR:
 		if (args != NULL) {
-			if (client_handle_args(client, args, TRUE))
+			if (client_handle_args(client, args, FALSE))
 				break;
 		}
 



More information about the dovecot-cvs mailing list