dovecot-2.1: auth: password_verify() now returns error string al...
dovecot at dovecot.org
dovecot at dovecot.org
Thu Feb 9 05:34:01 EET 2012
details: http://hg.dovecot.org/dovecot-2.1/rev/aea4151da8f6
changeset: 14100:aea4151da8f6
user: Timo Sirainen <tss at iki.fi>
date: Thu Feb 09 05:33:54 2012 +0200
description:
auth: password_verify() now returns error string also for password mismatches.
diffstat:
src/auth/password-scheme.c | 20 +++++++++++++-------
1 files changed, 13 insertions(+), 7 deletions(-)
diffs (39 lines):
diff -r 12579e53f575 -r aea4151da8f6 src/auth/password-scheme.c
--- a/src/auth/password-scheme.c Thu Feb 09 05:27:32 2012 +0200
+++ b/src/auth/password-scheme.c Thu Feb 09 05:33:54 2012 +0200
@@ -81,6 +81,7 @@
enum password_encoding encoding;
const unsigned char *generated;
size_t generated_size;
+ int ret;
s = password_scheme_lookup(scheme, &encoding);
if (s == NULL) {
@@ -89,15 +90,20 @@
}
if (s->password_verify != NULL) {
- return s->password_verify(plaintext, user, raw_password, size,
- error_r);
+ ret = s->password_verify(plaintext, user, raw_password, size,
+ error_r);
+ } else {
+ /* generic verification handler: generate the password and
+ compare it to the one in database */
+ s->password_generate(plaintext, user,
+ &generated, &generated_size);
+ ret = size != generated_size ? 0 :
+ memcmp(generated, raw_password, size) == 0 ? 1 : 0;
}
- /* generic verification handler: generate the password and compare it
- to the one in database */
- s->password_generate(plaintext, user, &generated, &generated_size);
- return size != generated_size ? 0 :
- memcmp(generated, raw_password, size) == 0 ? 1 : 0;
+ if (ret == 0)
+ *error_r = "Password mismatch";
+ return ret;
}
const char *password_get_scheme(const char **password)
More information about the dovecot-cvs
mailing list