From: Stephan Bosch <stephan.bosch@open-xchange.com>
Date: Wed, 27 Jul 2022 21:07:29 +0000 (+0200)
Subject: auth: auth-client-connection - Fix assertion occurring when DOVECOT-TOKEN mechanism... 
X-Git-Tag: 2.4.0~2974
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=38924d2d682d1928d7bb4def4577d137d2f05277;p=thirdparty%2Fdovecot%2Fcore.git

auth: auth-client-connection - Fix assertion occurring when DOVECOT-TOKEN mechanism is used.

It was not returned as a "private" mechanism, which now triggers a panic due to
a recently added assertion.

Panic was:

Panic: file sasl-server.c: line 520 (sasl_server_auth_begin): assertion failed: (!private || (mech->flags & MECH_SEC_PRIVATE) != 0)
---

diff --git a/src/auth/auth-client-connection.c b/src/auth/auth-client-connection.c
index e15d0911c5..7064b9d0b0 100644
--- a/src/auth/auth-client-connection.c
+++ b/src/auth/auth-client-connection.c
@@ -348,7 +348,7 @@ void auth_client_connection_create(struct auth *auth, int fd,
 
 	if (token_auth) {
 		mechanisms = t_strconcat("MECH\t",
-			mech_dovecot_token.mech_name, "\n", NULL);
+			mech_dovecot_token.mech_name, "\tprivate\n", NULL);
 	} else {
 		mechanisms = str_c(auth->reg->handshake);
 	}