Mercurial > dovecot > original-hg > dovecot-2.1

changeset 14936:eece943c7521

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
"Mailbox doesn't exist" error mixed up using storage and virtual mailbox names. This could have allowed a user to figure out existence of a mailbox without having lookup ACL.
author Timo Sirainen <tss@iki.fi>
date Sun, 24 Mar 2013 12:09:39 +0200
parents a588b743d695
children 73feea4d22aa
files src/lib-storage/index/cydir/cydir-storage.c src/lib-storage/index/dbox-common/dbox-storage.c src/lib-storage/index/maildir/maildir-storage.c src/lib-storage/index/mbox/mbox-storage.c src/lib-storage/index/pop3c/pop3c-storage.c src/lib-storage/index/raw/raw-storage.c src/lib-storage/list/mailbox-list-delete.c src/lib-storage/list/mailbox-list-fs.c src/lib-storage/list/mailbox-list-maildir.c src/lib-storage/mailbox-list-private.h src/plugins/acl/acl-mailbox.c src/plugins/virtual/virtual-config.c
diffstat 12 files changed, 20 insertions(+), 16 deletions(-) [+]
line wrap: on
line diff
--- a/src/lib-storage/index/cydir/cydir-storage.c	Sun Oct 30 12:39:53 2011 +0100
+++ b/src/lib-storage/index/cydir/cydir-storage.c	Sun Mar 24 12:09:39 2013 +0200
@@ -68,7 +68,7 @@
 		/* exists, open it */
 	} else if (errno == ENOENT) {
 		mail_storage_set_error(box->storage, MAIL_ERROR_NOTFOUND,
-			T_MAIL_ERR_MAILBOX_NOT_FOUND(box->name));
+			T_MAIL_ERR_MAILBOX_NOT_FOUND(box->vname));
 		return -1;
 	} else if (errno == EACCES) {
 		mail_storage_set_critical(box->storage, "%s",
--- a/src/lib-storage/index/dbox-common/dbox-storage.c	Sun Oct 30 12:39:53 2011 +0100
+++ b/src/lib-storage/index/dbox-common/dbox-storage.c	Sun Mar 24 12:09:39 2013 +0200
@@ -184,7 +184,7 @@
 		;
 	else if (errno == ENOENT || errno == ENAMETOOLONG) {
 		mail_storage_set_error(box->storage, MAIL_ERROR_NOTFOUND,
-			T_MAIL_ERR_MAILBOX_NOT_FOUND(box->name));
+			T_MAIL_ERR_MAILBOX_NOT_FOUND(box->vname));
 		return -1;
 	} else if (errno == EACCES) {
 		mail_storage_set_critical(box->storage, "%s",
--- a/src/lib-storage/index/maildir/maildir-storage.c	Sun Oct 30 12:39:53 2011 +0100
+++ b/src/lib-storage/index/maildir/maildir-storage.c	Sun Mar 24 12:09:39 2013 +0200
@@ -367,7 +367,7 @@
 
 	if (errno == ENOENT || errno == ENAMETOOLONG) {
 		mail_storage_set_error(box->storage, MAIL_ERROR_NOTFOUND,
-			T_MAIL_ERR_MAILBOX_NOT_FOUND(box->name));
+			T_MAIL_ERR_MAILBOX_NOT_FOUND(box->vname));
 		return -1;
 	} else {
 		mail_storage_set_critical(box->storage,
--- a/src/lib-storage/index/mbox/mbox-storage.c	Sun Oct 30 12:39:53 2011 +0100
+++ b/src/lib-storage/index/mbox/mbox-storage.c	Sun Mar 24 12:09:39 2013 +0200
@@ -470,7 +470,7 @@
 		return -1;
 	} else if (ENOTFOUND(errno)) {
 		mail_storage_set_error(box->storage, MAIL_ERROR_NOTFOUND,
-			T_MAIL_ERR_MAILBOX_NOT_FOUND(box->name));
+			T_MAIL_ERR_MAILBOX_NOT_FOUND(box->vname));
 		return -1;
 	} else if (mail_storage_set_error_from_errno(box->storage)) {
 		return -1;
--- a/src/lib-storage/index/pop3c/pop3c-storage.c	Sun Oct 30 12:39:53 2011 +0100
+++ b/src/lib-storage/index/pop3c/pop3c-storage.c	Sun Mar 24 12:09:39 2013 +0200
@@ -165,7 +165,7 @@
 
 	if (strcmp(box->name, "INBOX") != 0) {
 		mail_storage_set_error(box->storage, MAIL_ERROR_NOTFOUND,
-				       T_MAIL_ERR_MAILBOX_NOT_FOUND(box->name));
+				       T_MAIL_ERR_MAILBOX_NOT_FOUND(box->vname));
 		return -1;
 	}
 
--- a/src/lib-storage/index/raw/raw-storage.c	Sun Oct 30 12:39:53 2011 +0100
+++ b/src/lib-storage/index/raw/raw-storage.c	Sun Mar 24 12:09:39 2013 +0200
@@ -151,7 +151,7 @@
 		if (ENOTFOUND(errno)) {
 			mail_storage_set_error(box->storage,
 				MAIL_ERROR_NOTFOUND,
-				T_MAIL_ERR_MAILBOX_NOT_FOUND(box->name));
+				T_MAIL_ERR_MAILBOX_NOT_FOUND(box->vname));
 		} else if (!mail_storage_set_error_from_errno(box->storage)) {
 			mail_storage_set_critical(box->storage,
 				"open(%s) failed: %m", path);
--- a/src/lib-storage/list/mailbox-list-delete.c	Sun Oct 30 12:39:53 2011 +0100
+++ b/src/lib-storage/list/mailbox-list-delete.c	Sun Mar 24 12:09:39 2013 +0200
@@ -68,7 +68,7 @@
 				continue;
 			}
 			mailbox_list_set_error(list, MAIL_ERROR_NOTFOUND,
-				T_MAIL_ERR_MAILBOX_NOT_FOUND(name));
+				T_MAILBOX_LIST_ERR_NOT_FOUND(list, name));
 			return -1;
 		}
 		if (errno == EXDEV) {
@@ -130,7 +130,7 @@
 		return 0;
 	else if (ENOTFOUND(errno)) {
 		mailbox_list_set_error(list, MAIL_ERROR_NOTFOUND,
-				       T_MAIL_ERR_MAILBOX_NOT_FOUND(name));
+				       T_MAILBOX_LIST_ERR_NOT_FOUND(list, name));
 		return -1;
 	} else {
 		if (!mailbox_list_set_error_from_errno(list)) {
@@ -158,7 +158,7 @@
 	if (dir == NULL) {
 		if (errno == ENOENT) {
 			mailbox_list_set_error(list, MAIL_ERROR_NOTFOUND,
-				T_MAIL_ERR_MAILBOX_NOT_FOUND(name));
+				T_MAILBOX_LIST_ERR_NOT_FOUND(list, name));
 		} else {
 			if (!mailbox_list_set_error_from_errno(list)) {
 				mailbox_list_set_critical(list,
@@ -340,7 +340,7 @@
 
 	if (errno == ENOENT) {
 		mailbox_list_set_error(list, MAIL_ERROR_NOTFOUND,
-			T_MAIL_ERR_MAILBOX_NOT_FOUND(name));
+			T_MAILBOX_LIST_ERR_NOT_FOUND(list, name));
 	} else if (errno == EISDIR ||
 		   errno == EPERM) { /* Solaris */
 		mailbox_list_set_error(list, MAIL_ERROR_NOTPOSSIBLE,
--- a/src/lib-storage/list/mailbox-list-fs.c	Sun Oct 30 12:39:53 2011 +0100
+++ b/src/lib-storage/list/mailbox-list-fs.c	Sun Mar 24 12:09:39 2013 +0200
@@ -393,7 +393,7 @@
 
 	if (errno == ENOENT || errno == ENOTDIR) {
 		mailbox_list_set_error(list, MAIL_ERROR_NOTFOUND,
-			T_MAIL_ERR_MAILBOX_NOT_FOUND(name));
+			T_MAILBOX_LIST_ERR_NOT_FOUND(list, name));
 	} else if (errno == ENOTEMPTY || errno == EEXIST) {
 		/* mbox workaround: if only .imap/ directory is preventing the
 		   deletion, remove it */
@@ -586,7 +586,7 @@
 	if (rename(oldpath, newpath) < 0) {
 		if (ENOTFOUND(errno)) {
 			mailbox_list_set_error(oldlist, MAIL_ERROR_NOTFOUND,
-				T_MAIL_ERR_MAILBOX_NOT_FOUND(oldname));
+				T_MAILBOX_LIST_ERR_NOT_FOUND(oldlist, oldname));
 		} else if (!mailbox_list_set_error_from_errno(oldlist)) {
 			mailbox_list_set_critical(oldlist,
 				"rename(%s, %s) failed: %m", oldpath, newpath);
--- a/src/lib-storage/list/mailbox-list-maildir.c	Sun Oct 30 12:39:53 2011 +0100
+++ b/src/lib-storage/list/mailbox-list-maildir.c	Sun Mar 24 12:09:39 2013 +0200
@@ -428,7 +428,7 @@
 				       "Mailbox exists");
 	} else if (errno == ENOENT || errno == ENOTDIR) {
 		mailbox_list_set_error(list, MAIL_ERROR_NOTFOUND,
-			T_MAIL_ERR_MAILBOX_NOT_FOUND(name));
+			T_MAILBOX_LIST_ERR_NOT_FOUND(list, name));
 	} else {
 		mailbox_list_set_critical(list, "stat(%s) failed: %m", path);
 	}
@@ -613,7 +613,7 @@
 			return -1;
 		if (!found && ret == 0) {
 			mailbox_list_set_error(oldlist, MAIL_ERROR_NOTFOUND,
-				T_MAIL_ERR_MAILBOX_NOT_FOUND(oldname));
+				T_MAILBOX_LIST_ERR_NOT_FOUND(oldlist, oldname));
 			return -1;
 		}
 
--- a/src/lib-storage/mailbox-list-private.h	Sun Oct 30 12:39:53 2011 +0100
+++ b/src/lib-storage/mailbox-list-private.h	Sun Mar 24 12:09:39 2013 +0200
@@ -11,6 +11,10 @@
 
 #define MAILBOX_LOG_FILE_NAME "dovecot.mailbox.log"
 
+#define T_MAILBOX_LIST_ERR_NOT_FOUND(list, name) \
+	t_strdup_printf(MAIL_ERRSTR_MAILBOX_NOT_FOUND, \
+			mailbox_list_get_vname(list, name))
+
 enum mailbox_log_record_type;
 struct stat;
 struct dirent;
--- a/src/plugins/acl/acl-mailbox.c	Sun Oct 30 12:39:53 2011 +0100
+++ b/src/plugins/acl/acl-mailbox.c	Sun Mar 24 12:09:39 2013 +0200
@@ -159,7 +159,7 @@
 				       MAIL_ERRSTR_NO_PERMISSION);
 	} else if (ret == 0) {
 		mail_storage_set_error(box->storage, MAIL_ERROR_NOTFOUND,
-				T_MAIL_ERR_MAILBOX_NOT_FOUND(box->name));
+				T_MAIL_ERR_MAILBOX_NOT_FOUND(box->vname));
 	}
 }
 
--- a/src/plugins/virtual/virtual-config.c	Sun Oct 30 12:39:53 2011 +0100
+++ b/src/plugins/virtual/virtual-config.c	Sun Mar 24 12:09:39 2013 +0200
@@ -378,7 +378,7 @@
 				"Virtual mailbox missing configuration file");
 		} else if (errno == ENOENT) {
 			mail_storage_set_error(storage, MAIL_ERROR_NOTFOUND,
-				T_MAIL_ERR_MAILBOX_NOT_FOUND(mbox->box.name));
+				T_MAIL_ERR_MAILBOX_NOT_FOUND(mbox->box.vname));
 		} else {
 			mail_storage_set_critical(storage,
 				"stat(%s) failed: %m", box_path);