From 1f66ef71f2e21318d835c3561f8ed71d574c3c6a Mon Sep 17 00:00:00 2001 From: Peter Avalos Date: Sun, 28 Dec 2008 18:42:36 -0500 Subject: [PATCH] Reject usernames that are longer than OPIE can handle. Obtained-from: FreeBSD --- lib/pam_module/pam_opie/pam_opie.c | 19 ++++++++++++++----- 1 file changed, 14 insertions(+), 5 deletions(-) diff --git a/lib/pam_module/pam_opie/pam_opie.c b/lib/pam_module/pam_opie/pam_opie.c index 868aa81cd9..9ebba0ad77 100644 --- a/lib/pam_module/pam_opie/pam_opie.c +++ b/lib/pam_module/pam_opie/pam_opie.c @@ -34,7 +34,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $FreeBSD: src/lib/libpam/modules/pam_opie/pam_opie.c,v 1.25 2003/05/31 17:19:03 des Exp $ + * $FreeBSD: src/lib/libpam/modules/pam_opie/pam_opie.c,v 1.26 2006/09/15 13:42:38 des Exp $ * $DragonFly: src/lib/pam_module/pam_opie/pam_opie.c,v 1.1 2005/07/12 22:53:20 joerg Exp $ */ @@ -63,7 +63,8 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, int retval, i; const char *(promptstr[]) = { "%s\nPassword: ", "%s\nPassword [echo on]: "}; char challenge[OPIE_CHALLENGE_MAX]; - char *user; + char principal[OPIE_PRINCIPAL_MAX]; + const char *user; char *response; int style; @@ -74,7 +75,7 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, user = pwd->pw_name; } else { - retval = pam_get_user(pamh, (const char **)&user, NULL); + retval = pam_get_user(pamh, &user, NULL); if (retval != PAM_SUCCESS) return (retval); } @@ -82,6 +83,15 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, PAM_LOG("Got user: %s", user); /* + * Watch out: libopie feels entitled to truncate the user name + * passed to it if it's longer than OPIE_PRINCIPAL_MAX, which is + * not uncommon in Windows environments. + */ + if (strlen(user) >= sizeof(principal)) + return (PAM_AUTH_ERR); + strlcpy(principal, user, sizeof(principal)); + + /* * Don't call the OPIE atexit() handler when our program exits, * since the module has been unloaded and we will SEGV. */ @@ -92,8 +102,7 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, * doesn't have an OPIE key, just fail rather than present the * user with a bogus OPIE challenge. */ - /* XXX generates a const warning because of incorrect prototype */ - if (opiechallenge(&opie, (char *)user, challenge) != 0 && + if (opiechallenge(&opie, principal, challenge) != 0 && openpam_get_option(pamh, PAM_OPT_NO_FAKE_PROMPTS)) return (PAM_AUTH_ERR); -- 2.11.4.GIT