passdb vpopmail: Fix to handling mixed cleartext/crypt passwords.

author Timo Sirainen <tss@iki.fi>

Wed, 16 Nov 2011 22:49:30 +0000 (00:49 +0200)

committer Timo Sirainen <tss@iki.fi>

Wed, 16 Nov 2011 22:49:30 +0000 (00:49 +0200)
author Timo Sirainen <tss@iki.fi>
Wed, 16 Nov 2011 22:49:30 +0000 (00:49 +0200)
committer Timo Sirainen <tss@iki.fi>
Wed, 16 Nov 2011 22:49:30 +0000 (00:49 +0200)
diff --git a/src/auth/passdb-vpopmail.c b/src/auth/passdb-vpopmail.c

index 04ea4a0f61a7d2382f618ea046e84ec3b4280b17..3ef17637ad3f75838320221bbc3d25d5e67942df 100644 (file)
--- a/src/auth/passdb-vpopmail.c
+++ b/src/auth/passdb-vpopmail.c
@@ -55,7 +55,7 @@ static bool vpopmail_is_disabled(struct auth_request *request,
  }
  
  static char *
-vpopmail_password_lookup(struct auth_request *auth_request, bool cleartext,
+vpopmail_password_lookup(struct auth_request *auth_request, bool *cleartext,
                          enum passdb_result *result_r)
  {
         char vpop_user[VPOPMAIL_LIMIT], vpop_domain[VPOPMAIL_LIMIT];
@@ -75,9 +75,10 @@ vpopmail_password_lookup(struct auth_request *auth_request, bool cleartext,
                 password = NULL;
                 *result_r = PASSDB_RESULT_USER_DISABLED;
         } else {
-               if (vpw->pw_clear_passwd != NULL)
+               if (vpw->pw_clear_passwd != NULL) {
                         password = t_strdup_noconst(vpw->pw_clear_passwd);
-               else if (!cleartext)
+                       *cleartext = TRUE;
+               } else if (!*cleartext)
                         password = t_strdup_noconst(vpw->pw_passwd);
                 else
                         password = NULL;
@@ -99,8 +100,9 @@ static void vpopmail_lookup_credentials(struct auth_request *request,
  {
         enum passdb_result result;
         char *password;
+       bool cleartext = TRUE;
  
-       password = vpopmail_password_lookup(request, TRUE, &result);
+       password = vpopmail_password_lookup(request, &cleartext, &result);
         if (password == NULL) {
                 callback(result, NULL, 0, request);
                 return;
@@ -118,18 +120,23 @@ vpopmail_verify_plain(struct auth_request *request, const char *password,
         enum passdb_result result;
         const char *scheme, *tmp_pass;
         char *crypted_pass;
+       bool cleartext;
         int ret;
  
-       crypted_pass = vpopmail_password_lookup(request, FALSE, &result);
+       crypted_pass = vpopmail_password_lookup(request, &cleartext, &result);
         if (crypted_pass == NULL) {
                 callback(result, request);
                 return;
         }
-
         tmp_pass = crypted_pass;
-       scheme = password_get_scheme(&tmp_pass);
-       if (scheme == NULL)
-               scheme = request->passdb->passdb->default_pass_scheme;
+
+       if (cleartext)
+               scheme = "CLEARTEXT";
+       else {
+               scheme = password_get_scheme(&tmp_pass);
+               if (scheme == NULL)
+                       scheme = request->passdb->passdb->default_pass_scheme;
+       }
  
         ret = auth_request_password_verify(request, password,
                                            tmp_pass, scheme, "vpopmail");
author	Timo Sirainen <tss@iki.fi>
	Wed, 16 Nov 2011 22:49:30 +0000 (00:49 +0200)
committer	Timo Sirainen <tss@iki.fi>
	Wed, 16 Nov 2011 22:49:30 +0000 (00:49 +0200)