From: Timo Sirainen <timo.sirainen@dovecot.fi>
Date: Wed, 2 Mar 2016 18:32:25 +0000 (+0200)
Subject: doveadm: Don't treat doveadm_api_key differently when it's unset vs set to empty.
X-Git-Tag: 2.2.22.rc1~5
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=6e15d56df69d5b8e80768779c3c769e429aaa530;p=thirdparty%2Fdovecot%2Fcore.git

doveadm: Don't treat doveadm_api_key differently when it's unset vs set to empty.
---

diff --git a/src/doveadm/client-connection-http.c b/src/doveadm/client-connection-http.c
index 54301f219c..d13dadd4b9 100644
--- a/src/doveadm/client-connection-http.c
+++ b/src/doveadm/client-connection-http.c
@@ -638,7 +638,7 @@ doveadm_http_server_authorize_request(struct client_connection_http *conn)
 	struct http_auth_credentials creds;
 
 	/* no authentication specified */
-	if (doveadm_settings->doveadm_api_key == NULL &&
+	if (doveadm_settings->doveadm_api_key[0] == '\0' &&
 		*conn->client.set->doveadm_password == '\0') {
 		http_server_request_fail_close(conn->http_server_request, 500, "Internal Server Error");
 		i_error("No authentication defined in configuration. Add API key or password");
@@ -653,7 +653,7 @@ doveadm_http_server_authorize_request(struct client_connection_http *conn)
 			if (strcmp(creds.data, str_c(b64_value)) == 0) auth = TRUE;
 			else i_error("Invalid authencition attempt to HTTP API");
 		}
-		else if (strcasecmp(creds.scheme, "X-Doveadm-API") == 0 && doveadm_settings->doveadm_api_key != NULL) {
+		else if (strcasecmp(creds.scheme, "X-Doveadm-API") == 0 && doveadm_settings->doveadm_api_key[0] != '\0') {
 			string_t *b64_value = str_new(conn->client.pool, 32);
 			base64_encode(doveadm_settings->doveadm_api_key, strlen(doveadm_settings->doveadm_api_key), b64_value);
 			if (strcmp(creds.data, str_c(b64_value)) == 0) auth = TRUE;
@@ -663,7 +663,7 @@ doveadm_http_server_authorize_request(struct client_connection_http *conn)
 	}
 	if (auth == FALSE) {
 		conn->http_response = http_server_response_create(conn->http_server_request, 401, "Authentication required");
-		if (doveadm_settings->doveadm_api_key != NULL)
+		if (doveadm_settings->doveadm_api_key[0] != '\0')
 			http_server_response_add_header(conn->http_response,
 				"WWW-Authenticate", "X-Dovecot-API Realm=\"doveadm\""
 			);
diff --git a/src/doveadm/doveadm-settings.c b/src/doveadm/doveadm-settings.c
index 20d68818a7..5618a39a1b 100644
--- a/src/doveadm/doveadm-settings.c
+++ b/src/doveadm/doveadm-settings.c
@@ -93,7 +93,7 @@ const struct doveadm_settings doveadm_default_settings = {
 	.ssl_client_ca_dir = "",
 	.ssl_client_ca_file = "",
 	.director_username_hash = "%Lu",
-	.doveadm_api_key = NULL,
+	.doveadm_api_key = "",
 
 	.plugin_envs = ARRAY_INIT
 };