dovecot-2.0: passdb vpopmail: Fix to handling mixed cleartext/cr...
dovecot at dovecot.org
dovecot at dovecot.org
Thu Nov 17 00:49:39 EET 2011
details: http://hg.dovecot.org/dovecot-2.0/rev/b99da8b1ecef
changeset: 12980:b99da8b1ecef
user: Timo Sirainen <tss at iki.fi>
date: Thu Nov 17 00:49:30 2011 +0200
description:
passdb vpopmail: Fix to handling mixed cleartext/crypt passwords.
diffstat:
src/auth/passdb-vpopmail.c | 25 ++++++++++++++++---------
1 files changed, 16 insertions(+), 9 deletions(-)
diffs (65 lines):
diff -r 4294e9136cd6 -r b99da8b1ecef src/auth/passdb-vpopmail.c
--- a/src/auth/passdb-vpopmail.c Thu Nov 17 00:41:15 2011 +0200
+++ b/src/auth/passdb-vpopmail.c Thu Nov 17 00:49:30 2011 +0200
@@ -55,7 +55,7 @@
}
static char *
-vpopmail_password_lookup(struct auth_request *auth_request, bool cleartext,
+vpopmail_password_lookup(struct auth_request *auth_request, bool *cleartext,
enum passdb_result *result_r)
{
char vpop_user[VPOPMAIL_LIMIT], vpop_domain[VPOPMAIL_LIMIT];
@@ -75,9 +75,10 @@
password = NULL;
*result_r = PASSDB_RESULT_USER_DISABLED;
} else {
- if (vpw->pw_clear_passwd != NULL)
+ if (vpw->pw_clear_passwd != NULL) {
password = t_strdup_noconst(vpw->pw_clear_passwd);
- else if (!cleartext)
+ *cleartext = TRUE;
+ } else if (!*cleartext)
password = t_strdup_noconst(vpw->pw_passwd);
else
password = NULL;
@@ -99,8 +100,9 @@
{
enum passdb_result result;
char *password;
+ bool cleartext = TRUE;
- password = vpopmail_password_lookup(request, TRUE, &result);
+ password = vpopmail_password_lookup(request, &cleartext, &result);
if (password == NULL) {
callback(result, NULL, 0, request);
return;
@@ -118,18 +120,23 @@
enum passdb_result result;
const char *scheme, *tmp_pass;
char *crypted_pass;
+ bool cleartext;
int ret;
- crypted_pass = vpopmail_password_lookup(request, FALSE, &result);
+ crypted_pass = vpopmail_password_lookup(request, &cleartext, &result);
if (crypted_pass == NULL) {
callback(result, request);
return;
}
+ tmp_pass = crypted_pass;
- tmp_pass = crypted_pass;
- scheme = password_get_scheme(&tmp_pass);
- if (scheme == NULL)
- scheme = request->passdb->passdb->default_pass_scheme;
+ if (cleartext)
+ scheme = "CLEARTEXT";
+ else {
+ scheme = password_get_scheme(&tmp_pass);
+ if (scheme == NULL)
+ scheme = request->passdb->passdb->default_pass_scheme;
+ }
ret = auth_request_password_verify(request, password,
tmp_pass, scheme, "vpopmail");
More information about the dovecot-cvs
mailing list