auth: With multiple passdbs the previous passdb's userdb_* fields weren't cleared.

author Timo Sirainen <tss@iki.fi>

Fri, 12 Jul 2013 00:01:31 +0000 (03:01 +0300)

committer Timo Sirainen <tss@iki.fi>

Fri, 12 Jul 2013 00:01:31 +0000 (03:01 +0300)
author Timo Sirainen <tss@iki.fi>
Fri, 12 Jul 2013 00:01:31 +0000 (03:01 +0300)
committer Timo Sirainen <tss@iki.fi>
Fri, 12 Jul 2013 00:01:31 +0000 (03:01 +0300)
diff --git a/src/auth/auth-request.c b/src/auth/auth-request.c

index 7fbfc13984371346a2da1c50ac92cf8e826e0858..8cbe7a2ad04913eea5dd48d53dd33d8ba03e72d1 100644 (file)
--- a/src/auth/auth-request.c
+++ b/src/auth/auth-request.c
@@ -605,10 +605,20 @@ auth_request_handle_passdb_callback(enum passdb_result *result,
                         /* this passdb lookup succeeded, preserve its extra
                            fields */
                         auth_fields_snapshot(request->extra_fields);
+                       request->snapshot_has_userdb_reply =
+                               request->userdb_reply != NULL;
+                       if (request->userdb_reply != NULL)
+                               auth_fields_snapshot(request->userdb_reply);
                 } else {
                         /* this passdb lookup failed, remove any extra fields
                            it set */
                         auth_fields_rollback(request->extra_fields);
+                       if (request->userdb_reply == NULL)
+                               ;
+                       else if (!request->snapshot_has_userdb_reply)
+                               request->userdb_reply = NULL;
+                       else
+                               auth_fields_rollback(request->userdb_reply);
                 }
  
                 if (*result == PASSDB_RESULT_USER_UNKNOWN) {
diff --git a/src/auth/auth-request.h b/src/auth/auth-request.h

index 8581a83496fbcbe7e9858b50fcec63f6bb95f10c..08d98576fa08aa1bd0819cfff6be068c32ae430a 100644 (file)
--- a/src/auth/auth-request.h
+++ b/src/auth/auth-request.h
@@ -123,6 +123,7 @@ struct auth_request {
         unsigned int prefer_plain_credentials:1;
         unsigned int in_delayed_failure_queue:1;
         unsigned int removed_from_handler:1;
+       unsigned int snapshot_has_userdb_reply:1;
         /* each passdb lookup can update the current success-status using the
            result_* rules. the authentication succeeds only if this is TRUE
            at the end. mechanisms that don't require passdb, but do a passdb
author	Timo Sirainen <tss@iki.fi>
	Fri, 12 Jul 2013 00:01:31 +0000 (03:01 +0300)
committer	Timo Sirainen <tss@iki.fi>
	Fri, 12 Jul 2013 00:01:31 +0000 (03:01 +0300)
src/auth/auth-request.c		patch \| blob \| blame \| history
src/auth/auth-request.h		patch \| blob \| blame \| history