amorfo77/sogo
1
0
Fork 0
mirror of https://github.com/inverse-inc/sogo.git synced 2026-02-17 07:33:57 +00:00
Code Issues Projects Releases Wiki Activity

fix(security) : fix a security issue introduced in 5.11.1

Browse Source
This commit is contained in:
Hivert Quentin
2024-10-11 15:10:19 +02:00
parent a466628126
commit 04a9a8773d
1 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
SoObjects/SOGo/SOGoUserManager.m
View File

@@ -643,11 +643,15 @@ static const NSString *kObfuscatedSecondaryEmailKey = @"obfuscatedSecondaryEmail
allowed = YES;
if([domainsKnown length] == 0 && [domainsAllowed length] == 0)
{
[self errorWithFormat: @"SOGoForbidUnknownDomainsAuth is set but sogo don't know any domains"];
return NO;
}
else if(!allowed)
{
[self errorWithFormat: @"User domain is unknown or not allowed: %@", userDomain];
return allowed;
return NO;
}
}
// We check the fail count per user in memcache (per server). If the