auth: Do not import empty certificate username

author Aki Tuomi <aki.tuomi@open-xchange.com>

Wed, 16 Jan 2019 16:28:57 +0000 (18:28 +0200)

committer Ville Savolainen <ville.savolainen@dovecot.fi>

Fri, 25 Jan 2019 11:00:55 +0000 (13:00 +0200)
author Aki Tuomi <aki.tuomi@open-xchange.com>
Wed, 16 Jan 2019 16:28:57 +0000 (18:28 +0200)
committer Ville Savolainen <ville.savolainen@dovecot.fi>
Fri, 25 Jan 2019 11:00:55 +0000 (13:00 +0200)
diff --git a/src/auth/auth-request.c b/src/auth/auth-request.c

index dd288b6d23ff6bf8d6d5346c3cb217e0fda43dd6..1cb665ec8c9f5634ca320f51c8e8c37719612666 100644 (file)
--- a/src/auth/auth-request.c
+++ b/src/auth/auth-request.c
@@ -445,7 +445,7 @@ bool auth_request_import_auth(struct auth_request *request,
         else if (strcmp(key, "valid-client-cert") == 0)
                 request->valid_client_cert = TRUE;
         else if (strcmp(key, "cert_username") == 0) {
-               if (request->set->ssl_username_from_cert) {
+               if (request->set->ssl_username_from_cert && *value != '\0') {
                         /* get username from SSL certificate. it overrides
                            the username given by the auth mechanism. */
                         request->user = p_strdup(request->pool, value);
author	Aki Tuomi <aki.tuomi@open-xchange.com>
	Wed, 16 Jan 2019 16:28:57 +0000 (18:28 +0200)
committer	Ville Savolainen <ville.savolainen@dovecot.fi>
	Fri, 25 Jan 2019 11:00:55 +0000 (13:00 +0200)