dovecot-2.2: auth: Fixed userdb extra fields handling in passdb ...

[dovecot at dovecot.org]

details:   http://hg.dovecot.org/dovecot-2.2/rev/e84555e6eb59
changeset: 17304:e84555e6eb59
user:      Timo Sirainen <tss at iki.fi>
date:      Fri May 02 11:40:05 2014 +0300
description:
auth: Fixed userdb extra fields handling in passdb failure.
userdb prefetch -flag wasn't correctly set, causing the prefetch userdb in
some situations incorrectly either to be called or not be called.

This also fixes a crash when using userdb static and multiple passdbs. The
userdb_reply was set to NULL, which caused a crash later.

diffstat:

 src/auth/auth-request.c |  13 +++++--------
 src/auth/auth-request.h |   2 +-
 2 files changed, 6 insertions(+), 9 deletions(-)

diffs (42 lines):

diff -r 99f59d6fce05 -r e84555e6eb59 src/auth/auth-request.c
--- a/src/auth/auth-request.c	Fri May 02 11:12:58 2014 +0300
+++ b/src/auth/auth-request.c	Fri May 02 11:40:05 2014 +0300
@@ -625,21 +625,18 @@
 			/* this passdb lookup succeeded, preserve its extra
 			   fields */
 			auth_fields_snapshot(request->extra_fields);
-			request->snapshot_has_userdb_reply =
-				request->userdb_reply != NULL;
+			request->snapshot_have_userdb_prefetch_set =
+				request->userdb_prefetch_set;
 			if (request->userdb_reply != NULL)
 				auth_fields_snapshot(request->userdb_reply);
 		} else {
 			/* this passdb lookup failed, remove any extra fields
 			   it set */
 			auth_fields_rollback(request->extra_fields);
-			if (request->userdb_reply == NULL)
-				;
-			else if (request->snapshot_has_userdb_reply)
+			if (request->userdb_reply != NULL) {
 				auth_fields_rollback(request->userdb_reply);
-			else {
-				request->userdb_reply = NULL;
-				request->userdb_prefetch_set = FALSE;
+				request->userdb_prefetch_set =
+					request->snapshot_have_userdb_prefetch_set;
 			}
 		}
 
diff -r 99f59d6fce05 -r e84555e6eb59 src/auth/auth-request.h
--- a/src/auth/auth-request.h	Fri May 02 11:12:58 2014 +0300
+++ b/src/auth/auth-request.h	Fri May 02 11:40:05 2014 +0300
@@ -124,7 +124,7 @@
 	unsigned int prefer_plain_credentials:1;
 	unsigned int in_delayed_failure_queue:1;
 	unsigned int removed_from_handler:1;
-	unsigned int snapshot_has_userdb_reply:1;
+	unsigned int snapshot_have_userdb_prefetch_set:1;
 	/* each passdb lookup can update the current success-status using the
 	   result_* rules. the authentication succeeds only if this is TRUE
 	   at the end. mechanisms that don't require passdb, but do a passdb