dovecot: Don't keep master username in original_username.
dovecot at dovecot.org
dovecot at dovecot.org
Sat Oct 27 18:31:09 EEST 2007
details: http://hg.dovecot.org/dovecot/rev/2a36e7d9ddb6
changeset: 6619:2a36e7d9ddb6
user: Timo Sirainen <tss at iki.fi>
date: Sat Oct 27 18:31:05 2007 +0300
description:
Don't keep master username in original_username.
diffstat:
2 files changed, 13 insertions(+), 12 deletions(-)
src/auth/auth-request.c | 22 +++++++++++-----------
src/auth/auth-request.h | 3 ++-
diffs (52 lines):
diff -r 39f5251b04f9 -r 2a36e7d9ddb6 src/auth/auth-request.c
--- a/src/auth/auth-request.c Sat Oct 27 18:25:44 2007 +0300
+++ b/src/auth/auth-request.c Sat Oct 27 18:31:05 2007 +0300
@@ -768,17 +768,6 @@ bool auth_request_set_username(struct au
{
const char *p, *login_username = NULL;
- if (request->original_username == NULL) {
- /* the username may change later, but we need to use this
- username when verifying at least DIGEST-MD5 password */
- request->original_username = p_strdup(request->pool, username);
- }
- if (request->cert_username) {
- /* cert_username overrides the username given by
- authentication mechanism. */
- return TRUE;
- }
-
if (request->auth->master_user_separator != '\0' &&
!request->userdb_lookup) {
/* check if the username contains a master user */
@@ -790,6 +779,17 @@ bool auth_request_set_username(struct au
/* username is the master user */
username = p + 1;
}
+ }
+
+ if (request->original_username == NULL) {
+ /* the username may change later, but we need to use this
+ username when verifying at least DIGEST-MD5 password. */
+ request->original_username = p_strdup(request->pool, username);
+ }
+ if (request->cert_username) {
+ /* cert_username overrides the username given by
+ authentication mechanism. */
+ return TRUE;
}
if (*username == '\0') {
diff -r 39f5251b04f9 -r 2a36e7d9ddb6 src/auth/auth-request.h
--- a/src/auth/auth-request.h Sat Oct 27 18:25:44 2007 +0300
+++ b/src/auth/auth-request.h Sat Oct 27 18:31:05 2007 +0300
@@ -34,7 +34,8 @@ struct auth_request {
char *user, *requested_login_user, *master_user;
/* original_username contains the username exactly as given by the
client. this is needed at least with DIGEST-MD5 for password
- verification */
+ verification. however with master logins the master username has
+ been dropped from it. */
const char *original_username;
char *mech_password; /* set if verify_plain() is called */
char *passdb_password; /* set after password lookup if successful */
More information about the dovecot-cvs
mailing list