auth: passdb/userdb lookups via auth-worker cached too much of the replies

Only the fields returned by the lookup itself were supposed to be cached.
This was especially problematic if the lookup via auth-worker didn't
uniquely identify the user. For example doing a passdb lookup for an
attribute shared by multiple users could have caused the reply to contain
the previous cached user's all extra fields.

diff --git a/src/auth/auth-worker-client.c b/src/auth/auth-worker-client.c
index d2ecbe3012355aa95b54f4b08bf9f06b27a270a1..017e221da86a7b9e06966822ebd985c3785262ce 100644 (file)
--- a/src/auth/auth-worker-client.c
+++ b/src/auth/auth-worker-client.c
@@ -98,6 +98,11 @@ worker_auth_request_new(struct auth_worker_client *client, unsigned int id,
                        (void)auth_request_import(auth_request, key, value);
                }
        }
+       /* reset changed-fields, so we'll export only the ones that were
+          changed by this lookup. */
+       auth_fields_snapshot(auth_request->extra_fields);
+       if (auth_request->userdb_reply != NULL)
+               auth_fields_snapshot(auth_request->userdb_reply);
 
        auth_request_init(auth_request);
        return auth_request;
@@ -129,7 +134,12 @@ reply_append_extra_fields(string_t *str, struct auth_request *request)
 {
        if (!auth_fields_is_empty(request->extra_fields)) {
                str_append_c(str, '\t');
-               auth_fields_append(request->extra_fields, str, 0, 0);
+               /* export only the fields changed by this lookup, so the
+                  changed-flag gets preserved correctly on the master side as
+                  well. */
+               auth_fields_append(request->extra_fields, str,
+                                  AUTH_FIELD_FLAG_CHANGED,
+                                  AUTH_FIELD_FLAG_CHANGED);
        }
        if (request->userdb_reply != NULL &&
            auth_fields_is_empty(request->userdb_reply)) {
@@ -381,7 +391,10 @@ lookup_user_callback(enum userdb_result result,
                str_append(str, "OK\t");
                str_append_tabescaped(str, auth_request->user);
                str_append_c(str, '\t');
-               auth_fields_append(auth_request->userdb_reply, str, 0, 0);
+               /* export only the fields changed by this lookup */
+               auth_fields_append(auth_request->userdb_reply, str,
+                                  AUTH_FIELD_FLAG_CHANGED,
+                                  AUTH_FIELD_FLAG_CHANGED);
                if (auth_request->userdb_lookup_tempfailed)
                        str_append(str, "\ttempfail");
                break;