diff options
author | des <des@FreeBSD.org> | 2006-09-15 13:42:38 +0000 |
---|---|---|
committer | des <des@FreeBSD.org> | 2006-09-15 13:42:38 +0000 |
commit | 22cf0fa876e1bd0643da9ca4b3a6166f8ddd4e42 (patch) | |
tree | ed0800a05ab8d89df4157dc3e708ff180be2dc12 /lib/libpam | |
parent | e62cd4548c9deedf2bc3c473ee33bde8f80015db (diff) | |
download | FreeBSD-src-22cf0fa876e1bd0643da9ca4b3a6166f8ddd4e42.zip FreeBSD-src-22cf0fa876e1bd0643da9ca4b3a6166f8ddd4e42.tar.gz |
Reject user with names that are longer than OPIE is willing to deal with;
otherwise OPIE will happily truncate it.
Spotted by: ghelmer
MFC after: 2 weeks
Diffstat (limited to 'lib/libpam')
-rw-r--r-- | lib/libpam/modules/pam_opie/pam_opie.c | 17 |
1 files changed, 13 insertions, 4 deletions
diff --git a/lib/libpam/modules/pam_opie/pam_opie.c b/lib/libpam/modules/pam_opie/pam_opie.c index 737b044..bfb875f 100644 --- a/lib/libpam/modules/pam_opie/pam_opie.c +++ b/lib/libpam/modules/pam_opie/pam_opie.c @@ -63,7 +63,8 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, int retval, i; const char *(promptstr[]) = { "%s\nPassword: ", "%s\nPassword [echo on]: "}; char challenge[OPIE_CHALLENGE_MAX]; - char *user; + char principal[OPIE_PRINCIPAL_MAX]; + const char *user; char *response; int style; @@ -74,7 +75,7 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, user = pwd->pw_name; } else { - retval = pam_get_user(pamh, (const char **)&user, NULL); + retval = pam_get_user(pamh, &user, NULL); if (retval != PAM_SUCCESS) return (retval); } @@ -82,6 +83,15 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, PAM_LOG("Got user: %s", user); /* + * Watch out: libopie feels entitled to truncate the user name + * passed to it if it's longer than OPIE_PRINCIPAL_MAX, which is + * not uncommon in Windows environments. + */ + if (strlen(user) >= sizeof(principal)) + return (PAM_AUTH_ERR); + strlcpy(principal, user, sizeof(principal)); + + /* * Don't call the OPIE atexit() handler when our program exits, * since the module has been unloaded and we will SEGV. */ @@ -92,8 +102,7 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, * doesn't have an OPIE key, just fail rather than present the * user with a bogus OPIE challenge. */ - /* XXX generates a const warning because of incorrect prototype */ - if (opiechallenge(&opie, (char *)user, challenge) != 0 && + if (opiechallenge(&opie, principal, challenge) != 0 && openpam_get_option(pamh, PAM_OPT_NO_FAKE_PROMPTS)) return (PAM_AUTH_ERR); |