[dovecot-cvs] dovecot/src/auth auth-request-handler.c, 1.12.2.10, 1.12.2.11 mech-rpa.c, 1.24.2.2, 1.24.2.3 passdb-checkpassword.c, 1.18.2.9, 1.18.2.10
tss at dovecot.org
tss at dovecot.org
Fri Jan 26 13:58:32 UTC 2007
Update of /var/lib/cvs/dovecot/src/auth
In directory talvi:/tmp/cvs-serv15336/auth
Modified Files:
Tag: branch_1_0
auth-request-handler.c mech-rpa.c passdb-checkpassword.c
Log Message:
Cleanups and minor fixes
Index: auth-request-handler.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/auth-request-handler.c,v
retrieving revision 1.12.2.10
retrieving revision 1.12.2.11
diff -u -d -r1.12.2.10 -r1.12.2.11
--- auth-request-handler.c 26 Jan 2007 00:31:29 -0000 1.12.2.10
+++ auth-request-handler.c 26 Jan 2007 13:58:30 -0000 1.12.2.11
@@ -357,10 +357,11 @@
unsigned int id;
data = strchr(args, '\t');
- if (data++ == NULL) {
+ if (data == NULL) {
i_error("BUG: Authentication client sent broken CONT request");
return FALSE;
}
+ data++;
id = (unsigned int)strtoul(args, NULL, 10);
Index: mech-rpa.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/mech-rpa.c,v
retrieving revision 1.24.2.2
retrieving revision 1.24.2.3
diff -u -d -r1.24.2.2 -r1.24.2.3
--- mech-rpa.c 17 Jun 2006 19:15:18 -0000 1.24.2.2
+++ mech-rpa.c 26 Jan 2007 13:58:30 -0000 1.24.2.3
@@ -442,8 +442,12 @@
unsigned char response[16];
buffer_t *hash_buffer;
+ if (strlen(credentials) != 32)
+ return FALSE;
+
hash_buffer = buffer_create_data(request->pool, request->pwd_md5, 16);
- hex_to_binary(credentials, hash_buffer);
+ if (hex_to_binary(credentials, hash_buffer) < 0)
+ return FALSE;
rpa_user_response(request, response);
return memcmp(response, request->user_response, 16) == 0;
Index: passdb-checkpassword.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/passdb-checkpassword.c,v
retrieving revision 1.18.2.9
retrieving revision 1.18.2.10
diff -u -d -r1.18.2.9 -r1.18.2.10
--- passdb-checkpassword.c 18 Nov 2006 22:17:25 -0000 1.18.2.9
+++ passdb-checkpassword.c 26 Jan 2007 13:58:30 -0000 1.18.2.10
@@ -67,18 +67,18 @@
hash_remove(module->clients, POINTER_CAST(request->pid));
- if (request->input_buf != NULL &&
- strchr(str_c(request->input_buf), '\n') != NULL) {
- auth_request_log_error(request->request, "checkpassword",
- "LF characters in checkpassword reply");
- result = PASSDB_RESULT_INTERNAL_FAILURE;
- }
-
if (result == PASSDB_RESULT_OK) {
- request->request->extra_fields =
- auth_stream_reply_init(request->request);
- auth_stream_reply_import(request->request->extra_fields,
- str_c(request->input_buf));
+ if (strchr(str_c(request->input_buf), '\n') != NULL) {
+ auth_request_log_error(request->request,
+ "checkpassword",
+ "LF characters in checkpassword reply");
+ result = PASSDB_RESULT_INTERNAL_FAILURE;
+ } else {
+ request->request->extra_fields =
+ auth_stream_reply_init(request->request);
+ auth_stream_reply_import(request->request->extra_fields,
+ str_c(request->input_buf));
+ }
}
request->callback(result, request->request);
More information about the dovecot-cvs
mailing list