[dovecot-cvs] dovecot/src/auth mech-apop.c, 1.3, 1.4 mech-cram-md5.c, 1.9, 1.10 mech-digest-md5.c, 1.23, 1.24 mech-login.c, 1.2, 1.3 mech-ntlm.c, 1.3, 1.4 mech-plain.c, 1.20, 1.21 mech-rpa.c, 1.2, 1.3 mech.c, 1.32, 1.33 mech.h, 1.20, 1.21

cras at dovecot.org cras at dovecot.org
Tue Aug 31 12:31:21 EEST 2004 

Update of /home/cvs/dovecot/src/auth
In directory talvi:/tmp/cvs-serv25049

Modified Files:
	mech-apop.c mech-cram-md5.c mech-digest-md5.c mech-login.c 
	mech-ntlm.c mech-plain.c mech-rpa.c mech.c mech.h 
Log Message:
Changed "invalid username" error message.



Index: mech-apop.c
===================================================================
RCS file: /home/cvs/dovecot/src/auth/mech-apop.c,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -d -r1.3 -r1.4
--- mech-apop.c	28 Aug 2004 13:25:42 -0000	1.3
+++ mech-apop.c	31 Aug 2004 09:31:18 -0000	1.4
@@ -62,7 +62,7 @@
 	struct apop_auth_request *auth =
 		(struct apop_auth_request *)auth_request;
 	const unsigned char *tmp, *end, *username = NULL;
-	const char *str;
+	const char *str, *error;
 
 	auth_request->callback = callback;
 
@@ -115,10 +115,10 @@
 	tmp++;
 
 	auth_request->user = p_strdup(auth->pool, username);
-	if (!mech_fix_username(auth_request->user)) {
+	if (!mech_fix_username(auth_request->user, &error)) {
 		if (verbose) {
-			i_info("apop(%s): invalid username",
-			       get_log_prefix(auth_request));
+			i_info("apop(%s): %s",
+			       get_log_prefix(auth_request), error);
 		}
 		mech_auth_finish(auth_request, NULL, 0, FALSE);
 		return TRUE;

Index: mech-cram-md5.c
===================================================================
RCS file: /home/cvs/dovecot/src/auth/mech-cram-md5.c,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -d -r1.9 -r1.10
--- mech-cram-md5.c	28 Aug 2004 13:25:42 -0000	1.9
+++ mech-cram-md5.c	31 Aug 2004 09:31:18 -0000	1.10
@@ -138,14 +138,12 @@
 		auth_request->user =
 			p_strdup(auth_request->pool, auth->username);
 
-		if (mech_fix_username(auth_request->user)) {
+		if (mech_fix_username(auth_request->user, &error)) {
 			passdb->lookup_credentials(&auth->auth_request,
 						   PASSDB_CREDENTIALS_CRAM_MD5,
 						   credentials_callback);
 			return TRUE;
 		}
-
-		error = "invalid username";
 	}
 
 	if (error == NULL)

Index: mech-digest-md5.c
===================================================================
RCS file: /home/cvs/dovecot/src/auth/mech-digest-md5.c,v
retrieving revision 1.23
retrieving revision 1.24
diff -u -d -r1.23 -r1.24
--- mech-digest-md5.c	28 Aug 2004 13:25:42 -0000	1.23
+++ mech-digest-md5.c	31 Aug 2004 09:31:18 -0000	1.24
@@ -559,14 +559,12 @@
 							 realm, NULL);
 		}
 
-		if (mech_fix_username(auth_request->user)) {
+		if (mech_fix_username(auth_request->user, &error)) {
 			passdb->lookup_credentials(&auth->auth_request,
 						PASSDB_CREDENTIALS_DIGEST_MD5,
 						credentials_callback);
 			return TRUE;
 		}
-
-		error = "invalid username";
 	}
 
 	if (error == NULL)

Index: mech-login.c
===================================================================
RCS file: /home/cvs/dovecot/src/auth/mech-login.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -d -r1.2 -r1.3
--- mech-login.c	28 Aug 2004 13:25:42 -0000	1.2
+++ mech-login.c	31 Aug 2004 09:31:18 -0000	1.3
@@ -27,6 +27,7 @@
 {
 	struct auth_client_request_reply reply;
 	static const char prompt2[] = "Password:";
+	const char *error;
 
 	auth_request->callback = callback;
 
@@ -34,10 +35,10 @@
 		auth_request->user =
 			p_strndup(auth_request->pool, data, data_size);
 
-		if (!mech_fix_username(auth_request->user)) {
+		if (!mech_fix_username(auth_request->user, &error)) {
 			if (verbose) {
-				i_info("login(%s): invalid username",
-				       get_log_prefix(auth_request));
+				i_info("login(%s): %s",
+				       get_log_prefix(auth_request), error);
 			}
 			mech_auth_finish(auth_request, NULL, 0, FALSE);
 			return TRUE;

Index: mech-ntlm.c
===================================================================
RCS file: /home/cvs/dovecot/src/auth/mech-ntlm.c,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -d -r1.3 -r1.4
--- mech-ntlm.c	28 Aug 2004 13:25:42 -0000	1.3
+++ mech-ntlm.c	31 Aug 2004 09:31:18 -0000	1.4
@@ -175,10 +175,10 @@
 		username = p_strdup(auth_request->pool,
 				    ntlmssp_t_str(auth->response, user));
 
-		if (!mech_fix_username(username)) {
+		if (!mech_fix_username(username, &error)) {
 			if (verbose) {
-				i_info("ntlm(%s): invalid username",
-				       get_log_prefix(auth_request));
+				i_info("ntlm(%s): %s",
+				       get_log_prefix(auth_request), error);
 			}
 			mech_auth_finish(auth_request, NULL, 0, FALSE);
 			return TRUE;

Index: mech-plain.c
===================================================================
RCS file: /home/cvs/dovecot/src/auth/mech-plain.c,v
retrieving revision 1.20
retrieving revision 1.21
diff -u -d -r1.20 -r1.21
--- mech-plain.c	28 Aug 2004 13:25:42 -0000	1.20
+++ mech-plain.c	31 Aug 2004 09:31:18 -0000	1.21
@@ -16,7 +16,7 @@
 			 const unsigned char *data, size_t data_size,
 			 mech_callback_t *callback)
 {
-	const char *authid, *authenid;
+	const char *authid, *authenid, *error;
 	char *pass;
 	size_t i, count, len;
 
@@ -60,11 +60,11 @@
 						      authenid);
 		}
 
-		if (!mech_fix_username(auth_request->user)) {
+		if (!mech_fix_username(auth_request->user, &error)) {
 			/* invalid username */
 			if (verbose) {
-				i_info("plain(%s): invalid username",
-				       get_log_prefix(auth_request));
+				i_info("plain(%s): %s",
+				       get_log_prefix(auth_request), error);
 			}
 			mech_auth_finish(auth_request, NULL, 0, FALSE);
 		} else {

Index: mech-rpa.c
===================================================================
RCS file: /home/cvs/dovecot/src/auth/mech-rpa.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -d -r1.2 -r1.3
--- mech-rpa.c	28 Aug 2004 13:25:42 -0000	1.2
+++ mech-rpa.c	31 Aug 2004 09:31:18 -0000	1.3
@@ -130,7 +130,7 @@
 
 static const unsigned char *
 rpa_check_message(const unsigned char *data, const unsigned char *end,
-		  char **error)
+		  const char **error)
 {
 	const unsigned char *p = data;
 	unsigned int len = 0;
@@ -178,7 +178,7 @@
 }
 
 static int
-rpa_parse_token1(const void *data, size_t data_size, char **error)
+rpa_parse_token1(const void *data, size_t data_size, const char **error)
 {
 	const unsigned char *end = ((unsigned char *) data) + data_size;
 	const unsigned char *p;
@@ -249,7 +249,7 @@
 
 static int
 rpa_parse_token3(struct rpa_auth_request *auth, const void *data,
-		 size_t data_size, char **error)
+		 size_t data_size, const char **error)
 {
 	struct auth_request *auth_request = (struct auth_request *)auth;
 	const unsigned char *end = ((unsigned char *)data) + data_size;
@@ -426,8 +426,7 @@
 	struct auth_client_request_reply reply;
 	const unsigned char *token2;
 	size_t token2_size;
-	const char *service;
-	char *error;
+	const char *service, *error;
 
 	if (!rpa_parse_token1(data, data_size, &error)) {
 		if (verbose) {
@@ -471,8 +470,8 @@
 	struct auth_client_request_reply reply;
 	unsigned char response[16];
 	const unsigned char *token4;
+	const char *error;
 	size_t token4_size;
-	char *error;
 
 	if (!rpa_parse_token3(auth, data, data_size, &error)) {
 		if (verbose) {
@@ -483,10 +482,10 @@
 		return TRUE;
 	}
 
-	if (!mech_fix_username(auth_request->user)) {
+	if (!mech_fix_username(auth_request->user, &error)) {
 		if (verbose) {
-			i_info("rpa(%s): invalid username",
-			       get_log_prefix(auth_request));
+			i_info("rpa(%s): %s",
+			       get_log_prefix(auth_request), error);
 		}
 		mech_auth_finish(auth_request, NULL, 0, FALSE);
 		return TRUE;

Index: mech.c
===================================================================
RCS file: /home/cvs/dovecot/src/auth/mech.c,v
retrieving revision 1.32
retrieving revision 1.33
diff -u -d -r1.32 -r1.33
--- mech.c	28 Aug 2004 13:25:42 -0000	1.32
+++ mech.c	31 Aug 2004 09:31:18 -0000	1.33
@@ -253,15 +253,17 @@
 	}
 }
 
-int mech_fix_username(char *username)
+int mech_fix_username(char *username, const char **error_r)
 {
 	unsigned char *p;
 
 	for (p = (unsigned char *)username; *p != '\0'; p++) {
 		if (username_translation[*p & 0xff] != 0)
 			*p = username_translation[*p & 0xff];
-		if (username_chars[*p & 0xff] == 0)
+		if (username_chars[*p & 0xff] == 0) {
+			*error_r = "Username contains disallowed characters";
 			return FALSE;
+		}
 	}
 
 	return TRUE;

Index: mech.h
===================================================================
RCS file: /home/cvs/dovecot/src/auth/mech.h,v
retrieving revision 1.20
retrieving revision 1.21
diff -u -d -r1.20 -r1.21
--- mech.h	28 Aug 2004 13:25:42 -0000	1.20
+++ mech.h	31 Aug 2004 09:31:19 -0000	1.21
@@ -81,7 +81,7 @@
 void mech_auth_finish(struct auth_request *auth_request,
 		      const void *data, size_t data_size, int success);
 
-int mech_fix_username(char *username);
+int mech_fix_username(char *username, const char **error_r);
 
 void mech_cyrus_sasl_init_lib(void);
 struct auth_request *

More information about the dovecot-cvs mailing list