dovecot-2.2: auth: Check for empty username after doing all the ...
dovecot at dovecot.org
dovecot at dovecot.org
Tue Oct 14 17:16:54 UTC 2014
details: http://hg.dovecot.org/dovecot-2.2/rev/4dc3f6103c48
changeset: 17953:4dc3f6103c48
user: Timo Sirainen <tss at iki.fi>
date: Tue Oct 14 10:16:03 2014 -0700
description:
auth: Check for empty username after doing all the username changes.
diffstat:
src/auth/auth-request.c | 16 +++++-----------
1 files changed, 5 insertions(+), 11 deletions(-)
diffs (40 lines):
diff -r b37e57304344 -r 4dc3f6103c48 src/auth/auth-request.c
--- a/src/auth/auth-request.c Tue Oct 14 19:49:58 2014 +0300
+++ b/src/auth/auth-request.c Tue Oct 14 10:16:03 2014 -0700
@@ -1190,6 +1190,11 @@
request->user = old_username;
}
+ if (user[0] == '\0') {
+ /* Some PAM plugins go nuts with empty usernames */
+ *error_r = "Empty username";
+ return FALSE;
+ }
return user;
}
@@ -1206,11 +1211,6 @@
/* it does, set it. */
login_username = t_strdup_until(username, p);
- if (*login_username == '\0') {
- *error_r = "Empty login username";
- return FALSE;
- }
-
/* username is the master user */
username = p + 1;
}
@@ -1228,12 +1228,6 @@
username = request->user;
}
- if (*username == '\0') {
- /* Some PAM plugins go nuts with empty usernames */
- *error_r = "Empty username";
- return FALSE;
- }
-
request->user = auth_request_fix_username(request, username, error_r);
if (request->user == NULL)
return FALSE;
More information about the dovecot-cvs
mailing list