Mercurial > dovecot > original-hg > dovecot-1.2
comparison src/auth/passdb-cache.c @ 9626:ec7ce2647131 HEAD
auth: Disable auth caching entirely for master users.
The cache key contains only the master username, without the logged-in username,
so wrong data could be looked up from cache.
| author | Timo Sirainen <tss@iki.fi> |
|---|---|
| date | Tue, 02 Nov 2010 17:31:14 +0000 |
| parents | 00cd9aacd03c |
| children |
comparison
equal
deleted
inserted
replaced
| 9625:b30af25c622d | 9626:ec7ce2647131 |
|---|---|
| 30 const char *value, *cached_pw, *scheme, *const *list; | 30 const char *value, *cached_pw, *scheme, *const *list; |
| 31 struct auth_cache_node *node; | 31 struct auth_cache_node *node; |
| 32 int ret; | 32 int ret; |
| 33 bool expired, neg_expired; | 33 bool expired, neg_expired; |
| 34 | 34 |
| 35 if (passdb_cache == NULL || key == NULL) | 35 if (passdb_cache == NULL || key == NULL || request->master_user != NULL) |
| 36 return FALSE; | 36 return FALSE; |
| 37 | 37 |
| 38 /* value = password \t ... */ | 38 /* value = password \t ... */ |
| 39 value = auth_cache_lookup(passdb_cache, request, key, &node, | 39 value = auth_cache_lookup(passdb_cache, request, key, &node, |
| 40 &expired, &neg_expired); | 40 &expired, &neg_expired); |
| 94 { | 94 { |
| 95 const char *value, *const *list; | 95 const char *value, *const *list; |
| 96 struct auth_cache_node *node; | 96 struct auth_cache_node *node; |
| 97 bool expired, neg_expired; | 97 bool expired, neg_expired; |
| 98 | 98 |
| 99 if (passdb_cache == NULL) | 99 if (passdb_cache == NULL || request->master_user != NULL) |
| 100 return FALSE; | 100 return FALSE; |
| 101 | 101 |
| 102 value = auth_cache_lookup(passdb_cache, request, key, &node, | 102 value = auth_cache_lookup(passdb_cache, request, key, &node, |
| 103 &expired, &neg_expired); | 103 &expired, &neg_expired); |
| 104 if (value == NULL || (expired && !use_expired)) { | 104 if (value == NULL || (expired && !use_expired)) { |