From: Aki Tuomi <aki.tuomi@dovecot.fi>
Date: Fri, 22 Dec 2017 11:34:45 +0000 (+0200)
Subject: auth: Fix password and scheme handling in Lua db
X-Git-Tag: 2.3.1~432
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=7b1c74874db5802e20f30e02360b351c2446c8cb;p=thirdparty%2Fdovecot%2Fcore.git

auth: Fix password and scheme handling in Lua db

This was only partially fixed in c86575ac9776d0995355d03719c82e7ceac802e6
---

diff --git a/src/auth/db-lua.c b/src/auth/db-lua.c
index a54143dc17..efc372c110 100644
--- a/src/auth/db-lua.c
+++ b/src/auth/db-lua.c
@@ -453,8 +453,7 @@ static void auth_lua_export_table(struct dlua_script *script, struct auth_reques
 			value = "";
 		}
 
-		if (password_r != NULL && strcmp(key, "password") == 0 &&
-		    !req->userdb_lookup) {
+		if (password_r != NULL && strcmp(key, "password") == 0) {
 			*scheme_r = password_get_scheme(&value);
 			*password_r = value;
 		} else if (req->userdb_lookup) {
@@ -510,7 +509,8 @@ auth_lua_call_lookup_finish(struct dlua_script *script, struct auth_request *req
 			    const char **error_r)
 {
 	if (lua_istable(script->L, -1)) {
-		return auth_lua_export_passdb_table(script, req, NULL, NULL, error_r);
+		return auth_lua_export_passdb_table(script, req, scheme_r,
+						    password_r, error_r);
 	}
 
 	enum passdb_result ret = lua_tointeger(script->L, -2);
diff --git a/src/auth/passdb-lua.c b/src/auth/passdb-lua.c
index 2f6da9e93b..760a889ba1 100644
--- a/src/auth/passdb-lua.c
+++ b/src/auth/passdb-lua.c
@@ -89,6 +89,8 @@ passdb_lua_verify_plain(struct auth_request *request, const char *password,
 	} else {
 		result = passdb_lua_lookup(request, &lua_scheme, &lua_password);
 		if (result == PASSDB_RESULT_OK) {
+			if (lua_scheme == NULL)
+				lua_scheme = "PLAIN";
 			if ((auth_request_password_verify(request, password, lua_password,
 							  lua_scheme, AUTH_SUBSYS_DB)) <=0) {
 				result = PASSDB_RESULT_PASSWORD_MISMATCH;