Hi Salvatore,
On 06:33 Tue 11 Apr , Salvatore Bonaccorso wrote:
> Timo and Aki, attached is the patch used for the version in Debian
> Jessie.
>
> Did I misss something obvious with backporting the commit to 2.2.13?
>
> Regards,
> Salvatore
> From 000030feb7a30f193197f1aab8a7b04a26b42735 Mon Sep 17 00:00:00 2001
> From: Aki Tuomi <aki.tu...@dovecot.fi>
> Date: Mon, 6 Mar 2017 14:59:46 +0200
> Subject: [PATCH] auth: Do not double-expand key in passdb dict when
> authenticating
>
> Broken by 79042f8c
> [carnil: Backport for context in 2.2.13]
> ---
> src/auth/db-dict.c | 7 +------
> 1 file changed, 1 insertion(+), 6 deletions(-)
>
> --- a/src/auth/db-dict.c
> +++ b/src/auth/db-dict.c
> @@ -404,7 +404,7 @@ static int db_dict_iter_lookup_key_value
> continue;
>
> str_truncate(path, strlen(DICT_PATH_SHARED));
> - var_expand(path, key->key->key, iter->var_expand_table);
> + str_append(path, key->key->key);
> ret = dict_lookup(iter->conn->dict, iter->pool,
> str_c(path), &key->value);
> if (ret > 0) {
Your patch seems "correct", in that it's basically the same as
21d083ff[1], i.e. upstream's own backport of 000030feb from master to
master-2.2. For the record, I also cherry-picked 21d083ff for 1:2.2.27-3
which is currently sitting in unstable.
Regards,
Apollon
[1]
https://github.com/dovecot/core/commit/21d083ffb353b33f902a78f3f2781868fc457557
