Mercurial > dovecot > core-2.2
changeset 23004:168f4e3a2a53
auth: Do not import empty certificate username
author | Aki Tuomi <aki.tuomi@open-xchange.com> |
---|---|
date | Wed, 16 Jan 2019 18:28:57 +0200 |
parents | 785c4ee0190b |
children | 028036ddbb25 |
files | src/auth/auth-request.c |
diffstat | 1 files changed, 1 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/src/auth/auth-request.c Mon Jan 21 10:54:06 2019 +0200 +++ b/src/auth/auth-request.c Wed Jan 16 18:28:57 2019 +0200 @@ -445,7 +445,7 @@ else if (strcmp(key, "valid-client-cert") == 0) request->valid_client_cert = TRUE; else if (strcmp(key, "cert_username") == 0) { - if (request->set->ssl_username_from_cert) { + if (request->set->ssl_username_from_cert && *value != '\0') { /* get username from SSL certificate. it overrides the username given by the auth mechanism. */ request->user = p_strdup(request->pool, value);