Mercurial > dovecot > original-hg > dovecot-1.2

changeset 7123:25e7c37c7c10 HEAD

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
If proxy user has a password and authentication fails, don't return the proxy fields to client.
author Timo Sirainen <tss@iki.fi>
date Sun, 06 Jan 2008 03:17:20 +0200
parents fb03422c0760
children fe42e3097e23
files src/auth/auth-request-handler.c src/auth/auth-request.c src/auth/auth-request.h
diffstat 3 files changed, 17 insertions(+), 10 deletions(-) [+]
line wrap: on
line diff
--- a/src/auth/auth-request-handler.c	Sun Jan 06 03:13:20 2008 +0200
+++ b/src/auth/auth-request-handler.c	Sun Jan 06 03:17:20 2008 +0200
@@ -209,7 +209,7 @@
 		handler->callback(str_c(str), handler->context);
 		break;
 	case AUTH_CLIENT_RESULT_SUCCESS:
-		auth_request_proxy_finish(request);
+		auth_request_proxy_finish(request, TRUE);
 
 		str_printfa(str, "OK\t%u\tuser=%s", request->id, request->user);
 		if (reply_size > 0) {
@@ -230,6 +230,8 @@
 		handler->callback(str_c(str), handler->context);
 		break;
 	case AUTH_CLIENT_RESULT_FAILURE:
+		auth_request_proxy_finish(request, FALSE);
+
 		str_printfa(str, "FAIL\t%u", request->id);
 		if (request->user != NULL)
 			str_printfa(str, "\tuser=%s", request->user);
--- a/src/auth/auth-request.c	Sun Jan 06 03:13:20 2008 +0200
+++ b/src/auth/auth-request.c	Sun Jan 06 03:17:20 2008 +0200
@@ -1254,18 +1254,23 @@
 		strcmp(destuser, request->original_username) == 0;
 }
 
-void auth_request_proxy_finish(struct auth_request *request)
+void auth_request_proxy_finish(struct auth_request *request, bool success)
 {
-	if (!request->proxy_maybe || request->no_login)
+	if (!request->proxy || request->no_login)
 		return;
 
-	if (!auth_request_proxy_is_self(request)) {
-		request->no_login = TRUE;
-		return;
+	if (!success) {
+		/* drop all proxy fields */
+	} else {
+		if (!request->proxy_maybe ||
+		    !auth_request_proxy_is_self(request)) {
+			request->no_login = TRUE;
+			return;
+		}
+
+		/* proxying to ourself - log in without proxying by dropping
+		   all the proxying fields. */
 	}
-
-	/* proxying to ourself - log in without proxying by dropping all the
-	   proxying fields. */
 	auth_stream_reply_remove(request->extra_fields, "proxy");
 	auth_stream_reply_remove(request->extra_fields, "host");
 	auth_stream_reply_remove(request->extra_fields, "port");
--- a/src/auth/auth-request.h	Sun Jan 06 03:13:20 2008 +0200
+++ b/src/auth/auth-request.h	Sun Jan 06 03:17:20 2008 +0200
@@ -148,7 +148,7 @@
 void auth_request_set_userdb_field_values(struct auth_request *request,
 					  const char *name,
 					  const char *const *values);
-void auth_request_proxy_finish(struct auth_request *request);
+void auth_request_proxy_finish(struct auth_request *request, bool success);
 
 int auth_request_password_verify(struct auth_request *request,
 				 const char *plain_password,