]> git.ipfire.org Git - thirdparty/dovecot/core.git/commit
projects / thirdparty / dovecot / core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8c103d1) | patch
login-common: Don't call client_input() directly in client_auth_failed()
authorTimo Sirainen <timo.sirainen@open-xchange.com>
Tue, 3 Sep 2019 12:43:49 +0000 (15:43 +0300)
committerTimo Sirainen <timo.sirainen@open-xchange.com>
Tue, 3 Sep 2019 12:43:49 +0000 (15:43 +0300)
commitf7edd270ec8cafa02478aeaab956146178320447
tree87e8dbacda1e66542980fe1039e88454c94850c6tree | snapshot
parent8c103d1e2759779c3c12105b3aec3ecc3372ddd8commit | diff
login-common: Don't call client_input() directly in client_auth_failed()

Fixes a new assert-crash caused by
9aaf0554aeae4f8056eeef56cfd99bf386f4c009:

Panic: file sasl-server.c: line 357 (authenticate_callback): assertion failed: (!client->authenticating)

This was caused by a code path:
 - sasl_server_check_login()
 - sasl_server_auth_failed()
 - sasl_server_auth_cancel()
 - call_client_callback()
 - sasl_callback()
 - client_auth_failed()
 - client_input()
 - another AUTHENTICATE/LOGIN was read

The solution is then to not call client_input() directly. It would have
also worked to just remove the assert though, but this fix is cleaner.
src/login-common/client-common-auth.c diff | blob | blame | history
Mirror of https://github.com/dovecot/core.git