# HG changeset patch # User Timo Sirainen # Date 1150483026 -10800 # Node ID 16b28625cb79f5ed5c7e6ec941cff958b56d09a2 # Parent af61031c746fda9387711520985ad874d1b7447c If USER query doesn't return non-zero uid and gid, give a nice error message. diff -r af61031c746f -r 16b28625cb79 src/deliver/auth-client.c --- a/src/deliver/auth-client.c Fri Jun 16 21:13:43 2006 +0300 +++ b/src/deliver/auth-client.c Fri Jun 16 21:37:06 2006 +0300 @@ -26,6 +26,7 @@ struct ioloop *ioloop; uid_t euid; + const char *user; unsigned int handshaked:1; }; @@ -45,16 +46,31 @@ static void auth_parse_input(struct auth_connection *conn, const char *args) { const char *const *tmp, *key, *value; + uid_t uid = 0; + gid_t gid = 0; int home_found = FALSE; for (tmp = t_strsplit(args, "\t"); *tmp != NULL; tmp++) { if (strncmp(*tmp, "uid=", 4) == 0) { - if (conn->euid != strtoul(*tmp + 3, NULL, 10)) { + uid = strtoul(*tmp + 4, NULL, 10); + + if (uid == 0) { + i_error("userdb(%s) returned 0 as uid", + conn->user); + return_value = EX_TEMPFAIL; + } + if (conn->euid != uid) { env_put(t_strconcat("RESTRICT_SETUID=", - *tmp + 4, NULL)); + dec2str(uid), NULL)); } } else if (strncmp(*tmp, "gid=", 4) == 0) { - gid_t gid = strtoul(*tmp + 4, NULL, 10); + gid = strtoul(*tmp + 4, NULL, 10); + + if (gid == 0) { + i_error("userdb(%s) returned 0 as gid", + conn->user); + return_value = EX_TEMPFAIL; + } if (conn->euid == 0 || getegid() != gid) { env_put(t_strconcat("RESTRICT_SETGID=", @@ -76,7 +92,18 @@ if (!home_found) { /* we must have a home directory */ - i_error("userdb didn't return a home directory"); + i_error("userdb(%s) didn't return a home directory", + conn->user); + return_value = EX_TEMPFAIL; + return; + } + if (uid == 0) { + i_error("userdb(%s) didn't return uid", conn->user); + return_value = EX_TEMPFAIL; + return; + } + if (gid == 0) { + i_error("userdb(%s) didn't return gid", conn->user); return_value = EX_TEMPFAIL; return; } @@ -168,6 +195,7 @@ conn->ioloop = ioloop; conn->euid = euid; + conn->user = user; o_stream_send_str(conn->output, t_strconcat("VERSION\t1\t0\n"