From: Aki Tuomi Date: Wed, 16 Jan 2019 16:28:57 +0000 (+0200) Subject: auth: Do not import empty certificate username X-Git-Tag: 2.2.36.1~2 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=86e84a2f3154a978a1c41c6f5a100e4c04a2545b;p=thirdparty%2Fdovecot%2Fcore.git auth: Do not import empty certificate username --- diff --git a/src/auth/auth-request.c b/src/auth/auth-request.c index dd288b6d23..1cb665ec8c 100644 --- a/src/auth/auth-request.c +++ b/src/auth/auth-request.c @@ -445,7 +445,7 @@ bool auth_request_import_auth(struct auth_request *request, else if (strcmp(key, "valid-client-cert") == 0) request->valid_client_cert = TRUE; else if (strcmp(key, "cert_username") == 0) { - if (request->set->ssl_username_from_cert) { + if (request->set->ssl_username_from_cert && *value != '\0') { /* get username from SSL certificate. it overrides the username given by the auth mechanism. */ request->user = p_strdup(request->pool, value);