From c87221e8d2e5eb41b29a41abcbf9fefcca5ce37a Mon Sep 17 00:00:00 2001 From: Timo Sirainen Date: Fri, 12 Jul 2013 03:01:31 +0300 Subject: [PATCH] auth: With multiple passdbs the previous passdb's userdb_* fields weren't cleared. --- src/auth/auth-request.c | 10 ++++++++++ src/auth/auth-request.h | 1 + 2 files changed, 11 insertions(+) diff --git a/src/auth/auth-request.c b/src/auth/auth-request.c index 7fbfc13984..8cbe7a2ad0 100644 --- a/src/auth/auth-request.c +++ b/src/auth/auth-request.c @@ -605,10 +605,20 @@ auth_request_handle_passdb_callback(enum passdb_result *result, /* this passdb lookup succeeded, preserve its extra fields */ auth_fields_snapshot(request->extra_fields); + request->snapshot_has_userdb_reply = + request->userdb_reply != NULL; + if (request->userdb_reply != NULL) + auth_fields_snapshot(request->userdb_reply); } else { /* this passdb lookup failed, remove any extra fields it set */ auth_fields_rollback(request->extra_fields); + if (request->userdb_reply == NULL) + ; + else if (!request->snapshot_has_userdb_reply) + request->userdb_reply = NULL; + else + auth_fields_rollback(request->userdb_reply); } if (*result == PASSDB_RESULT_USER_UNKNOWN) { diff --git a/src/auth/auth-request.h b/src/auth/auth-request.h index 8581a83496..08d98576fa 100644 --- a/src/auth/auth-request.h +++ b/src/auth/auth-request.h @@ -123,6 +123,7 @@ struct auth_request { unsigned int prefer_plain_credentials:1; unsigned int in_delayed_failure_queue:1; unsigned int removed_from_handler:1; + unsigned int snapshot_has_userdb_reply:1; /* each passdb lookup can update the current success-status using the result_* rules. the authentication succeeds only if this is TRUE at the end. mechanisms that don't require passdb, but do a passdb -- 2.47.3