From 22cf0fa876e1bd0643da9ca4b3a6166f8ddd4e42 Mon Sep 17 00:00:00 2001 From: des Date: Fri, 15 Sep 2006 13:42:38 +0000 Subject: Reject user with names that are longer than OPIE is willing to deal with; otherwise OPIE will happily truncate it. Spotted by: ghelmer MFC after: 2 weeks --- lib/libpam/modules/pam_opie/pam_opie.c | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) (limited to 'lib/libpam/modules') diff --git a/lib/libpam/modules/pam_opie/pam_opie.c b/lib/libpam/modules/pam_opie/pam_opie.c index 737b044..bfb875f 100644 --- a/lib/libpam/modules/pam_opie/pam_opie.c +++ b/lib/libpam/modules/pam_opie/pam_opie.c @@ -63,7 +63,8 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, int retval, i; const char *(promptstr[]) = { "%s\nPassword: ", "%s\nPassword [echo on]: "}; char challenge[OPIE_CHALLENGE_MAX]; - char *user; + char principal[OPIE_PRINCIPAL_MAX]; + const char *user; char *response; int style; @@ -74,7 +75,7 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, user = pwd->pw_name; } else { - retval = pam_get_user(pamh, (const char **)&user, NULL); + retval = pam_get_user(pamh, &user, NULL); if (retval != PAM_SUCCESS) return (retval); } @@ -82,6 +83,15 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, PAM_LOG("Got user: %s", user); /* + * Watch out: libopie feels entitled to truncate the user name + * passed to it if it's longer than OPIE_PRINCIPAL_MAX, which is + * not uncommon in Windows environments. + */ + if (strlen(user) >= sizeof(principal)) + return (PAM_AUTH_ERR); + strlcpy(principal, user, sizeof(principal)); + + /* * Don't call the OPIE atexit() handler when our program exits, * since the module has been unloaded and we will SEGV. */ @@ -92,8 +102,7 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, * doesn't have an OPIE key, just fail rather than present the * user with a bogus OPIE challenge. */ - /* XXX generates a const warning because of incorrect prototype */ - if (opiechallenge(&opie, (char *)user, challenge) != 0 && + if (opiechallenge(&opie, principal, challenge) != 0 && openpam_get_option(pamh, PAM_OPT_NO_FAKE_PROMPTS)) return (PAM_AUTH_ERR); -- cgit v1.1