| commit | 63112716daf7b68f7c6a9644fc4a61ac005d22ba | |
| author | Russ Allbery <rra@stanford.edu> | |
| Fri, 15 Jan 2010 00:09:53 +0000 (14 16:09 -0800) | ||
| committer | Love Hornquist Astrand <lha@h5l.org> | |
| Wed, 3 Feb 2010 04:46:43 +0000 (2 20:46 -0800) | ||
| tree | de6afd5aeeb17cc74d0c93803227239026b4565e | treesnapshot (tar.gz zip) |
| parent | ff36b611da6644194285a97d6722b60099cec5cf | commitdiff |
Don't attempt to load a password quality verifier from NULL
When kadm5_add_passwd_quality_verifier is called with a NULL
check_library parameter and [password_quality].policy_libraries
is set, the function calls add_verifier() for each string in the
policy_libraries section and then falls through to the non-NULL
case and calls add_verifier() a final time with a NULL argument.
This leads to dlopening the running executable and then failing
since it contains no password quality verifier.
If the check_library argument is NULL, only call add_verifier()
for the configured policy_libraries and do not fall through to
the non-NULL case.
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
When kadm5_add_passwd_quality_verifier is called with a NULL
check_library parameter and [password_quality].policy_libraries
is set, the function calls add_verifier() for each string in the
policy_libraries section and then falls through to the non-NULL
case and calls add_verifier() a final time with a NULL argument.
This leads to dlopening the running executable and then failing
since it contains no password quality verifier.
If the check_library argument is NULL, only call add_verifier()
for the configured policy_libraries and do not fall through to
the non-NULL case.
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
| lib/kadm5/password_quality.c | diffblobblamehistory |