Mercurial > dovecot > core-2.2

changeset 4758:2fc38c1e48c4 HEAD

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Don't send "pass" back if it's already set, or if it's not known.
author Timo Sirainen <tss@iki.fi>
date Sun, 05 Nov 2006 18:12:14 +0200
parents 8df9c973dcc3
children 79bcc076e3fb
files src/auth/auth-request-handler.c
diffstat 1 files changed, 13 insertions(+), 9 deletions(-) [+]
line wrap: on
line diff
--- a/src/auth/auth-request-handler.c	Sun Nov 05 18:01:32 2006 +0200
+++ b/src/auth/auth-request-handler.c	Sun Nov 05 18:12:14 2006 +0200
@@ -111,6 +111,7 @@
 	string_t *str;
 	const char **fields, *extra_fields;
 	unsigned int src, dest;
+	bool seen_pass = FALSE;
 
 	extra_fields = request->extra_fields == NULL ? NULL :
 		auth_stream_reply_export(request->extra_fields);
@@ -125,20 +126,23 @@
 	}
 
 	str = t_str_new(128);
-	if (request->proxy) {
+	fields = t_strsplit(extra_fields, "\t");
+	for (src = dest = 0; fields[src] != NULL; src++) {
+		if (strncmp(fields[src], "userdb_", 7) != 0) {
+			if (str_len(str) > 0)
+				str_append_c(str, '\t');
+			if (!seen_pass && strncmp(fields[src], "pass=", 5) == 0)
+				seen_pass = TRUE;
+			str_append(str, fields[src]);
+		}
+	}
+
+	if (request->proxy && !seen_pass && request->mech_password != NULL) {
 		/* we're proxying - send back the password that was
 		   sent by user (not the password in passdb). */
 		str_printfa(str, "pass=%s", request->mech_password);
 	}
 
-	fields = t_strsplit(extra_fields, "\t");
-	for (src = dest = 0; fields[src] != NULL; src++) {
-		if (strncmp(fields[src], "userdb_", 7) != 0) {
-			if (str_len(str) > 0)
-				str_append_c(str, '\t');
-			str_append(str, fields[src]);
-		}
-	}
 	return str_len(str) == 0 ? NULL : str_c(str);
 }