auth: Do not import empty certificate username

author Aki Tuomi <aki.tuomi@open-xchange.com>

Wed, 16 Jan 2019 16:28:57 +0000 (18:28 +0200)

committer Ville Savolainen <ville.savolainen@dovecot.fi>

Fri, 25 Jan 2019 12:34:14 +0000 (14:34 +0200)
author Aki Tuomi <aki.tuomi@open-xchange.com>
Wed, 16 Jan 2019 16:28:57 +0000 (18:28 +0200)
committer Ville Savolainen <ville.savolainen@dovecot.fi>
Fri, 25 Jan 2019 12:34:14 +0000 (14:34 +0200)
diff --git a/src/auth/auth-request.c b/src/auth/auth-request.c

index d383ba424ae60dd7f34b7adb1153b837de179c1d..578f59ba74c28d3b0211594245541c0a100ddda9 100644 (file)
--- a/src/auth/auth-request.c
+++ b/src/auth/auth-request.c
@@ -453,7 +453,7 @@ bool auth_request_import_auth(struct auth_request *request,
         else if (strcmp(key, "valid-client-cert") == 0)
                 request->valid_client_cert = TRUE;
         else if (strcmp(key, "cert_username") == 0) {
-               if (request->set->ssl_username_from_cert) {
+               if (request->set->ssl_username_from_cert && *value != '\0') {
                         /* get username from SSL certificate. it overrides
                            the username given by the auth mechanism. */
                         request->user = p_strdup(request->pool, value);
author	Aki Tuomi <aki.tuomi@open-xchange.com>
	Wed, 16 Jan 2019 16:28:57 +0000 (18:28 +0200)
committer	Ville Savolainen <ville.savolainen@dovecot.fi>
	Fri, 25 Jan 2019 12:34:14 +0000 (14:34 +0200)