[dovecot-cvs] dovecot/src/auth auth-request.c,1.92,1.93

tss at dovecot.org tss at dovecot.org
Sun Mar 25 21:31:41 EEST 2007


Update of /var/lib/cvs/dovecot/src/auth
In directory talvi:/tmp/cvs-serv5939

Modified Files:
	auth-request.c 
Log Message:
If "nopassword" is set, don't crash if password is non-NULL. However give an
error if the password is non-empty.



Index: auth-request.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/auth-request.c,v
retrieving revision 1.92
retrieving revision 1.93
diff -u -d -r1.92 -r1.93
--- auth-request.c	14 Mar 2007 12:42:27 -0000	1.92
+++ auth-request.c	25 Mar 2007 18:31:37 -0000	1.93
@@ -949,8 +949,15 @@
 		request->no_failure_delay = TRUE;
 	} else if (strcmp(name, "nopassword") == 0) {
 		/* NULL password - anything goes */
-		i_assert(request->passdb_password == NULL);
+		if (request->passdb_password != NULL &&
+		    *request->passdb_password != '\0') {
+			auth_request_log_error(request,
+				request->passdb->passdb->iface.name,
+				"nopassword set but password is non-empty");
+			return;
+		}
 		request->no_password = TRUE;
+		request->passdb_password = NULL;
 	} else if (strcmp(name, "allow_nets") == 0) {
 		auth_request_validate_networks(request, value);
 	} else {



More information about the dovecot-cvs mailing list