From 13223245f2fc73308b6c551eb352c102dddb0d33 Mon Sep 17 00:00:00 2001 From: andryyy Date: Wed, 30 Jun 2021 10:11:37 +0200 Subject: [PATCH] [Dovecot] Remove logging of invalid sasl sessions --- data/Dockerfiles/dovecot/docker-entrypoint.sh | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/data/Dockerfiles/dovecot/docker-entrypoint.sh b/data/Dockerfiles/dovecot/docker-entrypoint.sh index b7c0d545..14c26f35 100755 --- a/data/Dockerfiles/dovecot/docker-entrypoint.sh +++ b/data/Dockerfiles/dovecot/docker-entrypoint.sh @@ -156,8 +156,8 @@ function auth_password_verify(req, pass) while row do if req.password_verify(req, row.password, pass) == 1 then cur:close() - con:execute(string.format([[INSERT INTO sasl_logs (success, service, app_password, username, real_rip) - VALUES (1, "%s", 0, "%s", "%s")]], con:escape(req.service), con:escape(req.user), con:escape(req.real_rip))) + con:execute(string.format([[INSERT INTO sasl_logs (service, app_password, username, real_rip) + VALUES ("%s", 0, "%s", "%s")]], con:escape(req.service), con:escape(req.user), con:escape(req.real_rip))) return dovecot.auth.PASSDB_RESULT_OK, "password=" .. pass end row = cur:fetch (row, "a") @@ -176,16 +176,13 @@ function auth_password_verify(req, pass) while row do if req.password_verify(req, row.password, pass) == 1 then cur:close() - con:execute(string.format([[INSERT INTO sasl_logs (success, service, app_password, username, real_rip) - VALUES (1, "%s", %d, "%s", "%s")]], con:escape(req.service), row.id, con:escape(req.user), con:escape(req.real_rip))) + con:execute(string.format([[INSERT INTO sasl_logs (service, app_password, username, real_rip) + VALUES ("%s", %d, "%s", "%s")]], con:escape(req.service), row.id, con:escape(req.user), con:escape(req.real_rip))) return dovecot.auth.PASSDB_RESULT_OK, "password=" .. pass end row = cur:fetch (row, "a") end - con:execute(string.format([[INSERT INTO sasl_logs (success, service, app_password, username, real_rip) - VALUES (0, "%s", 0, "%s", "%s")]], con:escape(req.service), con:escape(req.user), con:escape(req.real_rip))) - return dovecot.auth.PASSDB_RESULT_PASSWORD_MISMATCH, "Failed to authenticate" -- PoC