dovecot-2.2: auth: If user in passwd-file has no userdb info, us...

[dovecot at dovecot.org]

details:   http://hg.dovecot.org/dovecot-2.2/rev/31e48b4732a5
changeset: 15843:31e48b4732a5
user:      Timo Sirainen <tss at iki.fi>
date:      Tue Feb 19 10:38:51 2013 +0200
description:
auth: If user in passwd-file has no userdb info, userdb lookup now returns it as nonexistent.

diffstat:

 src/auth/db-passwd-file.c     |  3 +++
 src/auth/userdb-passwd-file.c |  2 +-
 2 files changed, 4 insertions(+), 1 deletions(-)

diffs (25 lines):

diff -r ff56652304dd -r 31e48b4732a5 src/auth/db-passwd-file.c
--- a/src/auth/db-passwd-file.c	Tue Feb 19 10:14:04 2013 +0200
+++ b/src/auth/db-passwd-file.c	Tue Feb 19 10:38:51 2013 +0200
@@ -96,6 +96,9 @@
 			i_error("passwd-file %s: User %s is missing "
 				"userdb info", pw->path, username);
 		}
+		/* don't allow userdb lookups */
+		pu->uid = 0;
+		pu->gid = 0;
 	} else if (!pw->db->userdb || **args == '\0')
 		args++;
 	else {
diff -r ff56652304dd -r 31e48b4732a5 src/auth/userdb-passwd-file.c
--- a/src/auth/userdb-passwd-file.c	Tue Feb 19 10:14:04 2013 +0200
+++ b/src/auth/userdb-passwd-file.c	Tue Feb 19 10:38:51 2013 +0200
@@ -43,7 +43,7 @@
 
 	pu = db_passwd_file_lookup(module->pwf, auth_request,
 				   module->username_format);
-	if (pu == NULL) {
+	if (pu == NULL || pu->uid == 0) {
 		callback(USERDB_RESULT_USER_UNKNOWN, auth_request);
 		return;
 	}