dovecot: If proxy user has a password and authentication fails, ...
dovecot at dovecot.org
dovecot at dovecot.org
Sun Jan 6 03:17:24 EET 2008
details: http://hg.dovecot.org/dovecot/rev/25e7c37c7c10
changeset: 7123:25e7c37c7c10
user: Timo Sirainen <tss at iki.fi>
date: Sun Jan 06 03:17:20 2008 +0200
description:
If proxy user has a password and authentication fails, don't return the
proxy fields to client.
diffstat:
3 files changed, 21 insertions(+), 14 deletions(-)
src/auth/auth-request-handler.c | 4 +++-
src/auth/auth-request.c | 29 +++++++++++++++++------------
src/auth/auth-request.h | 2 +-
diffs (72 lines):
diff -r fb03422c0760 -r 25e7c37c7c10 src/auth/auth-request-handler.c
--- a/src/auth/auth-request-handler.c Sun Jan 06 03:13:20 2008 +0200
+++ b/src/auth/auth-request-handler.c Sun Jan 06 03:17:20 2008 +0200
@@ -209,7 +209,7 @@ static void auth_callback(struct auth_re
handler->callback(str_c(str), handler->context);
break;
case AUTH_CLIENT_RESULT_SUCCESS:
- auth_request_proxy_finish(request);
+ auth_request_proxy_finish(request, TRUE);
str_printfa(str, "OK\t%u\tuser=%s", request->id, request->user);
if (reply_size > 0) {
@@ -230,6 +230,8 @@ static void auth_callback(struct auth_re
handler->callback(str_c(str), handler->context);
break;
case AUTH_CLIENT_RESULT_FAILURE:
+ auth_request_proxy_finish(request, FALSE);
+
str_printfa(str, "FAIL\t%u", request->id);
if (request->user != NULL)
str_printfa(str, "\tuser=%s", request->user);
diff -r fb03422c0760 -r 25e7c37c7c10 src/auth/auth-request.c
--- a/src/auth/auth-request.c Sun Jan 06 03:13:20 2008 +0200
+++ b/src/auth/auth-request.c Sun Jan 06 03:17:20 2008 +0200
@@ -1254,18 +1254,23 @@ static bool auth_request_proxy_is_self(s
strcmp(destuser, request->original_username) == 0;
}
-void auth_request_proxy_finish(struct auth_request *request)
-{
- if (!request->proxy_maybe || request->no_login)
- return;
-
- if (!auth_request_proxy_is_self(request)) {
- request->no_login = TRUE;
- return;
- }
-
- /* proxying to ourself - log in without proxying by dropping all the
- proxying fields. */
+void auth_request_proxy_finish(struct auth_request *request, bool success)
+{
+ if (!request->proxy || request->no_login)
+ return;
+
+ if (!success) {
+ /* drop all proxy fields */
+ } else {
+ if (!request->proxy_maybe ||
+ !auth_request_proxy_is_self(request)) {
+ request->no_login = TRUE;
+ return;
+ }
+
+ /* proxying to ourself - log in without proxying by dropping
+ all the proxying fields. */
+ }
auth_stream_reply_remove(request->extra_fields, "proxy");
auth_stream_reply_remove(request->extra_fields, "host");
auth_stream_reply_remove(request->extra_fields, "port");
diff -r fb03422c0760 -r 25e7c37c7c10 src/auth/auth-request.h
--- a/src/auth/auth-request.h Sun Jan 06 03:13:20 2008 +0200
+++ b/src/auth/auth-request.h Sun Jan 06 03:17:20 2008 +0200
@@ -148,7 +148,7 @@ void auth_request_set_userdb_field_value
void auth_request_set_userdb_field_values(struct auth_request *request,
const char *name,
const char *const *values);
-void auth_request_proxy_finish(struct auth_request *request);
+void auth_request_proxy_finish(struct auth_request *request, bool success);
int auth_request_password_verify(struct auth_request *request,
const char *plain_password,
More information about the dovecot-cvs
mailing list