]> git.ipfire.org Git - thirdparty/dovecot/core.git/commitdiff
auth: Filter passdbs on credentials lookup start
authorAki Tuomi <aki.tuomi@dovecot.fi>
Tue, 11 Apr 2017 12:50:14 +0000 (15:50 +0300)
committerGitLab <gitlab@git.dovecot.net>
Tue, 11 Apr 2017 13:06:20 +0000 (16:06 +0300)
Consistency with how plain verify works.

src/auth/auth-request.c

index b4ea2d642ac5838efa9569fe5ff79bc08ee2e68d..53dc237be8a7d8aca97d636cf1d3ea9a65577dcf 100644 (file)
@@ -1203,6 +1203,18 @@ void auth_request_lookup_credentials_policy_continue(struct auth_request *reques
                return;
        }
        passdb = request->passdb;
+       while (passdb != NULL && auth_request_want_skip_passdb(request, passdb))
+               passdb = passdb->next;
+       request->passdb = passdb;
+
+       if (passdb == NULL) {
+               auth_request_log_error(request, AUTH_SUBSYS_DB,
+                       "All password databases were skipped for mechanism '%s'",
+                               request->mech == NULL ? "<empty>"
+                                                     : request->mech->mech_name);
+               callback(PASSDB_RESULT_INTERNAL_FAILURE, NULL, 0, request);
+               return;
+       }
 
        request->private_callback.lookup_credentials = callback;