Download | Plain Text | No Line Numbers 

  1. diff -Naur dovecot-2.2.31.orig/src/auth/auth-request.c dovecot-2.2.31/src/auth/auth-request.c
  2. --- dovecot-2.2.31.orig/src/auth/auth-request.c	2017-06-26 13:29:36.000000000 +0200
  3. +++ dovecot-2.2.31/src/auth/auth-request.c	2017-08-02 22:33:17.337691170 +0200
  4. @@ -2418,6 +2418,16 @@
  5.  				 const char *crypted_password,
  6.  				 const char *scheme, const char *subsystem)
  7.  {
  8. +	return auth_request_password_verify_log(request, plain_password,
  9. +			crypted_password, scheme, subsystem, TRUE);
  10. +}
  11. +
  12. +int auth_request_password_verify_log(struct auth_request *request,
  13. +				     const char *plain_password,
  14. +				     const char *crypted_password,
  15. +				     const char *scheme, const char *subsystem,
  16. +				     bool log_password_mismatch)
  17. +{
  18.  	const unsigned char *raw_password;
  19.  	size_t raw_password_size;
  20.  	const char *error;
  21. @@ -2465,7 +2475,8 @@
  22.  					"Invalid password%s in passdb: %s",
  23.  					password_str, error);
  24.  	} else if (ret == 0) {
  25. -		auth_request_log_password_mismatch(request, subsystem);
  26. +		if (log_password_mismatch)
  27. +			auth_request_log_password_mismatch(request, subsystem);
  28.  	}
  29.  	if (ret <= 0 && request->set->debug_passwords) T_BEGIN {
  30.  		log_password_failure(request, plain_password,
  31. diff -Naur dovecot-2.2.31.orig/src/auth/auth-request.h dovecot-2.2.31/src/auth/auth-request.h
  32. --- dovecot-2.2.31.orig/src/auth/auth-request.h	2017-06-26 13:29:36.000000000 +0200
  33. +++ dovecot-2.2.31/src/auth/auth-request.h	2017-08-02 22:29:15.674596770 +0200
  34. @@ -238,6 +238,11 @@
  35.  				 const char *plain_password,
  36.  				 const char *crypted_password,
  37.  				 const char *scheme, const char *subsystem);
  38. +int auth_request_password_verify_log(struct auth_request *request,
  39. +				 const char *plain_password,
  40. +				 const char *crypted_password,
  41. +				 const char *scheme, const char *subsystem,
  42. +				 bool log_password_mismatch);
  43.  
  44.  void auth_request_log_debug(struct auth_request *auth_request,
  45.  			    const char *subsystem,
  46. diff -Naur dovecot-2.2.31.orig/src/auth/passdb-cache.c dovecot-2.2.31/src/auth/passdb-cache.c
  47. --- dovecot-2.2.31.orig/src/auth/passdb-cache.c	2017-06-26 13:29:36.000000000 +0200
  48. +++ dovecot-2.2.31/src/auth/passdb-cache.c	2017-08-02 22:29:53.656139376 +0200
  49. @@ -84,8 +84,9 @@
  50.  		scheme = password_get_scheme(&cached_pw);
  51.  		i_assert(scheme != NULL);
  52.  
  53. -		ret = auth_request_password_verify(request, password, cached_pw,
  54. -						   scheme, AUTH_SUBSYS_DB);
  55. +		ret = auth_request_password_verify_log(request, password, cached_pw,
  56. +						   scheme, AUTH_SUBSYS_DB,
  57. +						   !(node->last_success || neg_expired));
  58.  
  59.  		if (ret == 0 && (node->last_success || neg_expired)) {
  60.  			/* a) the last authentication was successful. assume
  61.