Mercurial > dovecot > core-2.2
changeset 12977:9490d57d2f7b
auth: Give password scheme suggestions also when passdb data is invalid for scheme.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Mon, 23 May 2011 15:37:43 +0300 |
parents | 1e1674cedf2d |
children | 62945c9d6b47 |
files | src/auth/auth-request.c |
diffstat | 1 files changed, 15 insertions(+), 9 deletions(-) [+] |
line wrap: on
line diff
--- a/src/auth/auth-request.c Mon May 16 17:06:11 2011 +0300 +++ b/src/auth/auth-request.c Mon May 23 15:37:43 2011 +0300 @@ -1468,6 +1468,7 @@ { const unsigned char *raw_password; size_t raw_password_size; + const char *error; int ret; if (request->skip_password_check) { @@ -1505,17 +1506,22 @@ password schemes (eg. digest-md5). Otherwise the username is used only for logging purposes. */ ret = password_verify(plain_password, request->original_username, - scheme, raw_password, raw_password_size); - i_assert(ret >= 0); - if (ret == 0) { + scheme, raw_password, raw_password_size, &error); + if (ret < 0) { + const char *password_str = request->set->debug_passwords ? + t_strdup_printf(" '%s'", crypted_password) : ""; + auth_request_log_error(request, subsystem, + "Invalid password%s in passdb: %s", + password_str, error); + } else if (ret == 0) { auth_request_log_password_mismatch(request, subsystem); - if (request->set->debug_passwords) T_BEGIN { - log_password_failure(request, plain_password, - crypted_password, scheme, - request->original_username, - subsystem); - } T_END; } + if (ret <= 0 && request->set->debug_passwords) T_BEGIN { + log_password_failure(request, plain_password, + crypted_password, scheme, + request->original_username, + subsystem); + } T_END; return ret; }