Mercurial > dovecot > original-hg > dovecot-1.2
comparison src/auth/passdb-cache.c @ 9626:ec7ce2647131 HEAD
auth: Disable auth caching entirely for master users.
The cache key contains only the master username, without the logged-in username,
so wrong data could be looked up from cache.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Tue, 02 Nov 2010 17:31:14 +0000 |
parents | 00cd9aacd03c |
children |
comparison
equal
deleted
inserted
replaced
9625:b30af25c622d | 9626:ec7ce2647131 |
---|---|
30 const char *value, *cached_pw, *scheme, *const *list; | 30 const char *value, *cached_pw, *scheme, *const *list; |
31 struct auth_cache_node *node; | 31 struct auth_cache_node *node; |
32 int ret; | 32 int ret; |
33 bool expired, neg_expired; | 33 bool expired, neg_expired; |
34 | 34 |
35 if (passdb_cache == NULL || key == NULL) | 35 if (passdb_cache == NULL || key == NULL || request->master_user != NULL) |
36 return FALSE; | 36 return FALSE; |
37 | 37 |
38 /* value = password \t ... */ | 38 /* value = password \t ... */ |
39 value = auth_cache_lookup(passdb_cache, request, key, &node, | 39 value = auth_cache_lookup(passdb_cache, request, key, &node, |
40 &expired, &neg_expired); | 40 &expired, &neg_expired); |
94 { | 94 { |
95 const char *value, *const *list; | 95 const char *value, *const *list; |
96 struct auth_cache_node *node; | 96 struct auth_cache_node *node; |
97 bool expired, neg_expired; | 97 bool expired, neg_expired; |
98 | 98 |
99 if (passdb_cache == NULL) | 99 if (passdb_cache == NULL || request->master_user != NULL) |
100 return FALSE; | 100 return FALSE; |
101 | 101 |
102 value = auth_cache_lookup(passdb_cache, request, key, &node, | 102 value = auth_cache_lookup(passdb_cache, request, key, &node, |
103 &expired, &neg_expired); | 103 &expired, &neg_expired); |
104 if (value == NULL || (expired && !use_expired)) { | 104 if (value == NULL || (expired && !use_expired)) { |