dovecot-2.1: passdb vpopmail: Fix to handling mixed cleartext/cr...

dovecot at dovecot.org dovecot at dovecot.org
Thu Nov 17 00:49:53 EET 2011


details:   http://hg.dovecot.org/dovecot-2.1/rev/c4ecdea00e4d
changeset: 13719:c4ecdea00e4d
user:      Timo Sirainen <tss at iki.fi>
date:      Thu Nov 17 00:49:30 2011 +0200
description:
passdb vpopmail: Fix to handling mixed cleartext/crypt passwords.

diffstat:

 src/auth/passdb-vpopmail.c |  25 ++++++++++++++++---------
 1 files changed, 16 insertions(+), 9 deletions(-)

diffs (65 lines):

diff -r f986b56d8e2a -r c4ecdea00e4d src/auth/passdb-vpopmail.c
--- a/src/auth/passdb-vpopmail.c	Thu Nov 17 00:41:15 2011 +0200
+++ b/src/auth/passdb-vpopmail.c	Thu Nov 17 00:49:30 2011 +0200
@@ -55,7 +55,7 @@
 }
 
 static char *
-vpopmail_password_lookup(struct auth_request *auth_request, bool cleartext,
+vpopmail_password_lookup(struct auth_request *auth_request, bool *cleartext,
 			 enum passdb_result *result_r)
 {
 	char vpop_user[VPOPMAIL_LIMIT], vpop_domain[VPOPMAIL_LIMIT];
@@ -75,9 +75,10 @@
 		password = NULL;
 		*result_r = PASSDB_RESULT_USER_DISABLED;
 	} else {
-		if (vpw->pw_clear_passwd != NULL)
+		if (vpw->pw_clear_passwd != NULL) {
 			password = t_strdup_noconst(vpw->pw_clear_passwd);
-		else if (!cleartext)
+			*cleartext = TRUE;
+		} else if (!*cleartext)
 			password = t_strdup_noconst(vpw->pw_passwd);
 		else
 			password = NULL;
@@ -99,8 +100,9 @@
 {
 	enum passdb_result result;
 	char *password;
+	bool cleartext = TRUE;
 
-	password = vpopmail_password_lookup(request, TRUE, &result);
+	password = vpopmail_password_lookup(request, &cleartext, &result);
 	if (password == NULL) {
 		callback(result, NULL, 0, request);
 		return;
@@ -118,18 +120,23 @@
 	enum passdb_result result;
 	const char *scheme, *tmp_pass;
 	char *crypted_pass;
+	bool cleartext;
 	int ret;
 
-	crypted_pass = vpopmail_password_lookup(request, FALSE, &result);
+	crypted_pass = vpopmail_password_lookup(request, &cleartext, &result);
 	if (crypted_pass == NULL) {
 		callback(result, request);
 		return;
 	}
+	tmp_pass = crypted_pass;
 
-	tmp_pass = crypted_pass;
-	scheme = password_get_scheme(&tmp_pass);
-	if (scheme == NULL)
-		scheme = request->passdb->passdb->default_pass_scheme;
+	if (cleartext)
+		scheme = "CLEARTEXT";
+	else {
+		scheme = password_get_scheme(&tmp_pass);
+		if (scheme == NULL)
+			scheme = request->passdb->passdb->default_pass_scheme;
+	}
 
 	ret = auth_request_password_verify(request, password,
 					   tmp_pass, scheme, "vpopmail");


More information about the dovecot-cvs mailing list