From: Timo Sirainen <timo.sirainen@open-xchange.com>
Date: Tue, 3 Sep 2019 12:43:49 +0000 (+0300)
Subject: login-common: Don't call client_input() directly in client_auth_failed()
X-Git-Tag: 2.3.9~223
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=f7edd270ec8cafa02478aeaab956146178320447;p=thirdparty%2Fdovecot%2Fcore.git

login-common: Don't call client_input() directly in client_auth_failed()

Fixes a new assert-crash caused by
9aaf0554aeae4f8056eeef56cfd99bf386f4c009:

Panic: file sasl-server.c: line 357 (authenticate_callback): assertion failed: (!client->authenticating)

This was caused by a code path:
 - sasl_server_check_login()
 - sasl_server_auth_failed()
 - sasl_server_auth_cancel()
 - call_client_callback()
 - sasl_callback()
 - client_auth_failed()
 - client_input()
 - another AUTHENTICATE/LOGIN was read

The solution is then to not call client_input() directly. It would have
also worked to just remove the assert though, but this fix is cleaner.
---

diff --git a/src/login-common/client-common-auth.c b/src/login-common/client-common-auth.c
index a51c4a2e87..0ba0c1c958 100644
--- a/src/login-common/client-common-auth.c
+++ b/src/login-common/client-common-auth.c
@@ -75,7 +75,7 @@ static void client_auth_failed(struct client *client)
 
 	if (!client_does_custom_io(client)) {
 		client->io = io_add(client->fd, IO_READ, client_input, client);
-		client_input(client);
+		io_set_pending(client->io);
 	}
 }