| commit | bc3d8992cd990f9b6a14fc4db48ef8d1a492f77f | |
| author | Russ Allbery <rra@stanford.edu> | |
| Fri, 15 Jan 2010 00:09:53 +0000 (14 16:09 -0800) | ||
| committer | Love Hornquist Astrand <lha@h5l.org> | |
| Wed, 3 Feb 2010 04:46:23 +0000 (2 20:46 -0800) | ||
| tree | 6d8faf922ae35d0b7f15c496399d466f0e327b4c | treesnapshot (tar.gz zip) |
| parent | f3a559b3c2bfef2d956b0f123ce2a6a57c0b3767 | commitdiff |
Don't attempt to load a password quality verifier from NULL
When kadm5_add_passwd_quality_verifier is called with a NULL
check_library parameter and [password_quality].policy_libraries
is set, the function calls add_verifier() for each string in the
policy_libraries section and then falls through to the non-NULL
case and calls add_verifier() a final time with a NULL argument.
This leads to dlopening the running executable and then failing
since it contains no password quality verifier.
If the check_library argument is NULL, only call add_verifier()
for the configured policy_libraries and do not fall through to
the non-NULL case.
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
When kadm5_add_passwd_quality_verifier is called with a NULL
check_library parameter and [password_quality].policy_libraries
is set, the function calls add_verifier() for each string in the
policy_libraries section and then falls through to the non-NULL
case and calls add_verifier() a final time with a NULL argument.
This leads to dlopening the running executable and then failing
since it contains no password quality verifier.
If the check_library argument is NULL, only call add_verifier()
for the configured policy_libraries and do not fall through to
the non-NULL case.
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
| lib/kadm5/password_quality.c | diffblobblamehistory |