packages/dovecot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
dovecot/CVE-2019-3814-2.patch
daidai_is_here b34e0dbbf6 init package
2020-02-18 10:50:31 +08:00

32 lines
1000 B
Diff
Raw Blame History

From 1a6d921b831af5228e8ad493a88bc46bdb30ca4b Mon Sep 17 00:00:00 2001
From: Aki Tuomi <aki.tuomi@open-xchange.com>
Date: Wed, 16 Jan 2019 18:24:20 +0200
Subject: [PATCH 2/3] auth: Fail authentication if certificate username was
unexpectedly missing
---
src/auth/auth-request-handler.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/src/auth/auth-request-handler.c b/src/auth/auth-request-handler.c
index ae7b458c9..318f15031 100644
--- a/src/auth/auth-request-handler.c
+++ b/src/auth/auth-request-handler.c
@@ -581,6 +581,14 @@ bool auth_request_handler_auth_begin(struct auth_request_handler *handler,
return TRUE;
}
+ if (request->set->ssl_require_client_cert &&
+ request->set->ssl_username_from_cert &&
+ !request->cert_username) {
+ auth_request_handler_auth_fail(handler, request,
+ "SSL certificate didn't contain username");
+ return TRUE;
+ }
+
/* Handle initial respose */
if (initial_resp == NULL) {
/* No initial response */
--
2.11.0
Reference in New Issue View Git Blame Copy Permalink