[dovecot-cvs] dovecot/src/auth auth-request-handler.c, 1.24, 1.25 mech-rpa.c, 1.27, 1.28 passdb-checkpassword.c, 1.30, 1.31
tss at dovecot.org
tss at dovecot.org
Fri Jan 26 13:58:51 UTC 2007
Update of /var/lib/cvs/dovecot/src/auth
In directory talvi:/tmp/cvs-serv15340/auth
Modified Files:
auth-request-handler.c mech-rpa.c passdb-checkpassword.c
Log Message:
Cleanups and minor fixes
Index: auth-request-handler.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/auth-request-handler.c,v
retrieving revision 1.24
retrieving revision 1.25
diff -u -d -r1.24 -r1.25
--- auth-request-handler.c 26 Jan 2007 00:31:36 -0000 1.24
+++ auth-request-handler.c 26 Jan 2007 13:58:48 -0000 1.25
@@ -358,10 +358,11 @@
unsigned int id;
data = strchr(args, '\t');
- if (data++ == NULL) {
+ if (data == NULL) {
i_error("BUG: Authentication client sent broken CONT request");
return FALSE;
}
+ data++;
id = (unsigned int)strtoul(args, NULL, 10);
Index: mech-rpa.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/mech-rpa.c,v
retrieving revision 1.27
retrieving revision 1.28
diff -u -d -r1.27 -r1.28
--- mech-rpa.c 8 Nov 2006 20:22:08 -0000 1.27
+++ mech-rpa.c 26 Jan 2007 13:58:48 -0000 1.28
@@ -442,8 +442,12 @@
unsigned char response[16];
buffer_t *hash_buffer;
+ if (strlen(credentials) != 32)
+ return FALSE;
+
hash_buffer = buffer_create_data(request->pool, request->pwd_md5, 16);
- hex_to_binary(credentials, hash_buffer);
+ if (hex_to_binary(credentials, hash_buffer) < 0)
+ return FALSE;
rpa_user_response(request, response);
return memcmp(response, request->user_response, 16) == 0;
Index: passdb-checkpassword.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/passdb-checkpassword.c,v
retrieving revision 1.30
retrieving revision 1.31
diff -u -d -r1.30 -r1.31
--- passdb-checkpassword.c 15 Dec 2006 18:38:08 -0000 1.30
+++ passdb-checkpassword.c 26 Jan 2007 13:58:49 -0000 1.31
@@ -67,18 +67,18 @@
hash_remove(module->clients, POINTER_CAST(request->pid));
- if (request->input_buf != NULL &&
- strchr(str_c(request->input_buf), '\n') != NULL) {
- auth_request_log_error(request->request, "checkpassword",
- "LF characters in checkpassword reply");
- result = PASSDB_RESULT_INTERNAL_FAILURE;
- }
-
if (result == PASSDB_RESULT_OK) {
- request->request->extra_fields =
- auth_stream_reply_init(request->request);
- auth_stream_reply_import(request->request->extra_fields,
- str_c(request->input_buf));
+ if (strchr(str_c(request->input_buf), '\n') != NULL) {
+ auth_request_log_error(request->request,
+ "checkpassword",
+ "LF characters in checkpassword reply");
+ result = PASSDB_RESULT_INTERNAL_FAILURE;
+ } else {
+ request->request->extra_fields =
+ auth_stream_reply_init(request->request);
+ auth_stream_reply_import(request->request->extra_fields,
+ str_c(request->input_buf));
+ }
}
request->callback(result, request->request);
More information about the dovecot-cvs
mailing list