From: Stephan Bosch Date: Fri, 26 Feb 2021 23:04:54 +0000 (+0100) Subject: login-common: sasl-server - Remove data transfered to post-login service from input... X-Git-Tag: 2.3.15~180 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=52d11b4eafa617dced6863be51a7bdb9b35cf96c;p=thirdparty%2Fdovecot%2Fcore.git login-common: sasl-server - Remove data transfered to post-login service from input stream. This prevents duplicating input when SSL is involved, causing commands pipelined after authenticate commands from being duplicated. This issue emerged when login proxy was changed to use the iostream pump/proxy. This means that the proxy uses streams rather than raw FDs, which means that data buffered in input stream before proxy is inherently forwarded to the post-login service... a second time. --- diff --git a/src/login-common/sasl-server.c b/src/login-common/sasl-server.c index b550d629af..22688d537f 100644 --- a/src/login-common/sasl-server.c +++ b/src/login-common/sasl-server.c @@ -196,6 +196,7 @@ static int master_send_request(struct anvil_request *anvil_request) data = i_stream_get_data(client->input, &size); buffer_append(buf, data, size); req.data_size = buf->used; + i_stream_skip(client->input, size); client->auth_finished = ioloop_time;