Mercurial > dovecot > core-2.2
changeset 12489:627aeadb0955
auth: passdb credentials lookup fix when using multiple passdbs.
If at least one passdb returns "user unknown" and the last passdb returns
"credential lookup not supported", the proper return value is still
"user unknown".
| author | Timo Sirainen <tss@iki.fi> |
|---|---|
| date | Thu, 02 Dec 2010 19:10:23 +0000 |
| parents | 4113324354f5 |
| children | 16dbbb57a4b2 |
| files | src/auth/auth-request.c src/auth/auth-request.h |
| diffstat | 2 files changed, 12 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/src/auth/auth-request.c Thu Dec 02 17:38:08 2010 +0000 +++ b/src/auth/auth-request.c Thu Dec 02 19:10:23 2010 +0000 @@ -440,7 +440,11 @@ request->passdb = request->passdb->next; request->passdb_password = NULL; - if (*result == PASSDB_RESULT_INTERNAL_FAILURE) { + if (*result == PASSDB_RESULT_USER_UNKNOWN) { + /* remember that we did at least one successful + passdb lookup */ + request->passdb_user_unknown = TRUE; + } else if (*result == PASSDB_RESULT_INTERNAL_FAILURE) { /* remember that we have had an internal failure. at the end return internal failure if we couldn't successfully login. */ @@ -596,6 +600,12 @@ "Credentials: %s", binary_to_hex(credentials, size)); } + if (result == PASSDB_RESULT_SCHEME_NOT_AVAILABLE && + request->passdb_user_unknown) { + /* one of the passdbs accepted the scheme, + but the user was unknown there */ + result = PASSDB_RESULT_USER_UNKNOWN; + } request->private_callback. lookup_credentials(result, credentials, size, request); }
--- a/src/auth/auth-request.h Thu Dec 02 17:38:08 2010 +0000 +++ b/src/auth/auth-request.h Thu Dec 02 19:10:23 2010 +0000 @@ -92,6 +92,7 @@ unsigned int successful:1; unsigned int passdb_failure:1; unsigned int internal_failure:1; + unsigned int passdb_user_unknown:1; unsigned int passdb_internal_failure:1; unsigned int userdb_internal_failure:1; unsigned int delayed_failure:1;