From: Timo Sirainen Date: Wed, 28 Oct 2015 10:25:08 +0000 (+0200) Subject: auth: nopassword field is specific to a single passdb, remove before next passdb... X-Git-Tag: 2.2.20.rc1~117 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=0401fa677246fc79ff5f17cb626c3d41adf3272b;p=thirdparty%2Fdovecot%2Fcore.git auth: nopassword field is specific to a single passdb, remove before next passdb is processed --- diff --git a/src/auth/auth-request.c b/src/auth/auth-request.c index 6694bf9df5..344d45a606 100644 --- a/src/auth/auth-request.c +++ b/src/auth/auth-request.c @@ -610,6 +610,9 @@ auth_request_handle_passdb_callback(enum passdb_result *result, request->passdb_success = FALSE; break; } + /* nopassword check is specific to a single passdb and shouldn't leak + to the next one. we already added it to cache. */ + auth_fields_remove(request->extra_fields, "nopassword"); if (request->requested_login_user != NULL && *result == PASSDB_RESULT_OK) {