login-common: sasl-server - Remove data transfered to post-login service from input...

This prevents duplicating input when SSL is involved, causing commands pipelined
after authenticate commands from being duplicated. This issue emerged when login
proxy was changed to use the iostream pump/proxy. This means that the proxy uses
streams rather than raw FDs, which means that data buffered in input stream
before proxy is inherently forwarded to the post-login service... a second time.

diff --git a/src/login-common/sasl-server.c b/src/login-common/sasl-server.c
index b550d629af569d2078fee8f2068c2a27fff0aa68..22688d537f3e91374a5698de9f241ddfd4305828 100644 (file)
--- a/src/login-common/sasl-server.c
+++ b/src/login-common/sasl-server.c
@@ -196,6 +196,7 @@ static int master_send_request(struct anvil_request *anvil_request)
        data = i_stream_get_data(client->input, &size);
        buffer_append(buf, data, size);
        req.data_size = buf->used;
+       i_stream_skip(client->input, size);
 
        client->auth_finished = ioloop_time;