Download | Plain Text | Line Numbers
diff -Naur dovecot-2.2.31.orig/src/auth/auth-request.c dovecot-2.2.31/src/auth/auth-request.c
--- dovecot-2.2.31.orig/src/auth/auth-request.c 2017-06-26 13:29:36.000000000 +0200
+++ dovecot-2.2.31/src/auth/auth-request.c 2017-08-02 22:33:17.337691170 +0200
@@ -2418,6 +2418,16 @@
const char *crypted_password,
const char *scheme, const char *subsystem)
{
+ return auth_request_password_verify_log(request, plain_password,
+ crypted_password, scheme, subsystem, TRUE);
+}
+
+int auth_request_password_verify_log(struct auth_request *request,
+ const char *plain_password,
+ const char *crypted_password,
+ const char *scheme, const char *subsystem,
+ bool log_password_mismatch)
+{
const unsigned char *raw_password;
size_t raw_password_size;
const char *error;
@@ -2465,7 +2475,8 @@
"Invalid password%s in passdb: %s",
password_str, error);
} else if (ret == 0) {
- auth_request_log_password_mismatch(request, subsystem);
+ if (log_password_mismatch)
+ auth_request_log_password_mismatch(request, subsystem);
}
if (ret <= 0 && request->set->debug_passwords) T_BEGIN {
log_password_failure(request, plain_password,
diff -Naur dovecot-2.2.31.orig/src/auth/auth-request.h dovecot-2.2.31/src/auth/auth-request.h
--- dovecot-2.2.31.orig/src/auth/auth-request.h 2017-06-26 13:29:36.000000000 +0200
+++ dovecot-2.2.31/src/auth/auth-request.h 2017-08-02 22:29:15.674596770 +0200
@@ -238,6 +238,11 @@
const char *plain_password,
const char *crypted_password,
const char *scheme, const char *subsystem);
+int auth_request_password_verify_log(struct auth_request *request,
+ const char *plain_password,
+ const char *crypted_password,
+ const char *scheme, const char *subsystem,
+ bool log_password_mismatch);
void auth_request_log_debug(struct auth_request *auth_request,
const char *subsystem,
diff -Naur dovecot-2.2.31.orig/src/auth/passdb-cache.c dovecot-2.2.31/src/auth/passdb-cache.c
--- dovecot-2.2.31.orig/src/auth/passdb-cache.c 2017-06-26 13:29:36.000000000 +0200
+++ dovecot-2.2.31/src/auth/passdb-cache.c 2017-08-02 22:29:53.656139376 +0200
@@ -84,8 +84,9 @@
scheme = password_get_scheme(&cached_pw);
i_assert(scheme != NULL);
- ret = auth_request_password_verify(request, password, cached_pw,
- scheme, AUTH_SUBSYS_DB);
+ ret = auth_request_password_verify_log(request, password, cached_pw,
+ scheme, AUTH_SUBSYS_DB,
+ !(node->last_success || neg_expired));
if (ret == 0 && (node->last_success || neg_expired)) {
/* a) the last authentication was successful. assume