Mercurial > dovecot > original-hg > dovecot-1.2
changeset 4054:f83d7d14b999 HEAD
Digest-MD5 logins didn't work if passdb changed username.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Fri, 24 Feb 2006 15:41:57 +0200 |
parents | 94b3363165c8 |
children | f7ff79c3189b |
files | src/auth/auth-request.c src/auth/auth-request.h |
diffstat | 2 files changed, 10 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/src/auth/auth-request.c Fri Feb 24 14:26:21 2006 +0200 +++ b/src/auth/auth-request.c Fri Feb 24 15:41:57 2006 +0200 @@ -547,6 +547,11 @@ bool auth_request_set_username(struct auth_request *request, const char *username, const char **error_r) { + if (request->original_username == NULL) { + /* the username may change later, but we need to use this + username when verifying at least DIGEST-MD5 password */ + request->original_username = p_strdup(request->pool, username); + } if (request->cert_username) { /* cert_username overrides the username given by authentication mechanism. */ @@ -659,7 +664,7 @@ } ret = password_verify(plain_password, crypted_password, scheme, - request->user); + request->original_username); if (ret < 0) { auth_request_log_error(request, subsystem, "Unknown password scheme %s", scheme);
--- a/src/auth/auth-request.h Fri Feb 24 14:26:21 2006 +0200 +++ b/src/auth/auth-request.h Fri Feb 24 15:41:57 2006 +0200 @@ -28,6 +28,10 @@ has validated user as a valid master user, master_user is set to user and user is set to requested_login_user. */ char *user, *requested_login_user, *master_user; + /* original_username contains the username exactly as given by the + client. this is needed at least with DIGEST-MD5 for password + verification */ + const char *original_username; char *mech_password; /* set if verify_plain() is called */ char *passdb_password; /* set after password lookup if successful */ /* extra_fields are returned in authentication reply. Fields prefixed