X-Git-Url: https://arthur.barton.de/cgi-bin/gitweb.cgi?p=netatalk.git;a=blobdiff_plain;f=etc%2Fuams%2Fuams_dhx_pam.c;h=7b9ee0a16ae7c04b1ffcb3080a9a630a385d5179;hp=2aeeca03c36af6c85c983dcc0f21210e861d19ae;hb=75fe310224dffb96868d7f2cb1ec9125a84f2a08;hpb=33cfeda2150bd527ccc8a839a5180ebdd781ae70 diff --git a/etc/uams/uams_dhx_pam.c b/etc/uams/uams_dhx_pam.c index 2aeeca03..7b9ee0a1 100644 --- a/etc/uams/uams_dhx_pam.c +++ b/etc/uams/uams_dhx_pam.c @@ -1,5 +1,5 @@ /* - * $Id: uams_dhx_pam.c,v 1.28 2008-12-03 19:15:06 didg Exp $ + * $Id: uams_dhx_pam.c,v 1.32 2009-11-05 14:38:07 franklahm Exp $ * * Copyright (c) 1990,1993 Regents of The University of Michigan. * Copyright (c) 1999 Adrian Sun (asun@u.washington.edu) @@ -34,10 +34,12 @@ #include #include #include +#include #else /* OPENSSL_DHX */ #include #include #include +#include #endif /* OPENSSL_DHX */ #include @@ -182,11 +184,11 @@ static struct pam_conv PAM_conversation = { }; -static int dhx_setup(void *obj, char *ibuf, int ibuflen _U_, - char *rbuf, int *rbuflen) +static int dhx_setup(void *obj, char *ibuf, size_t ibuflen _U_, + char *rbuf, size_t *rbuflen) { u_int16_t sessid; - int i; + size_t i; BIGNUM *bn, *gbn, *pbn; DH *dh; @@ -318,8 +320,8 @@ pam_fail: /* -------------------------------- */ static int login(void *obj, char *username, int ulen, struct passwd **uam_pwd _U_, - char *ibuf, int ibuflen, - char *rbuf, int *rbuflen) + char *ibuf, size_t ibuflen, + char *rbuf, size_t *rbuflen) { if (( dhxpwd = uam_getname(obj, username, ulen)) == NULL ) { LOG(log_info, logtype_uams, "uams_dhx_pam.c: unknown username"); @@ -335,11 +337,11 @@ static int login(void *obj, char *username, int ulen, struct passwd **uam_pwd _ /* dhx login: things are done in a slightly bizarre order to avoid * having to clean things up if there's an error. */ static int pam_login(void *obj, struct passwd **uam_pwd, - char *ibuf, int ibuflen, - char *rbuf, int *rbuflen) + char *ibuf, size_t ibuflen, + char *rbuf, size_t *rbuflen) { char *username; - int len, ulen; + size_t len, ulen; *rbuflen = 0; @@ -369,8 +371,8 @@ static int pam_login(void *obj, struct passwd **uam_pwd, /* ----------------------------- */ static int pam_login_ext(void *obj, char *uname, struct passwd **uam_pwd, - char *ibuf, int ibuflen, - char *rbuf, int *rbuflen) + char *ibuf, size_t ibuflen, + char *rbuf, size_t *rbuflen) { char *username; int len, ulen; @@ -405,10 +407,10 @@ static int pam_login_ext(void *obj, char *uname, struct passwd **uam_pwd, /* -------------------------------- */ static int pam_logincont(void *obj, struct passwd **uam_pwd, - char *ibuf, int ibuflen _U_, - char *rbuf, int *rbuflen) + char *ibuf, size_t ibuflen _U_, + char *rbuf, size_t *rbuflen) { - char *hostname; + const char *hostname; BIGNUM *bn1, *bn2, *bn3; u_int16_t sessid; int err, PAM_error; @@ -552,7 +554,7 @@ logincont_err: } /* logout */ -static void pam_logout() { +static void pam_logout(void) { pam_close_session(pamh, 0); pam_end(pamh, 0); pamh = NULL; @@ -562,8 +564,8 @@ static void pam_logout() { /* change pw for dhx needs a couple passes to get everything all * right. basically, it's like the login/logincont sequence */ static int pam_changepw(void *obj, char *username, - struct passwd *pwd _U_, char *ibuf, int ibuflen, - char *rbuf, int *rbuflen) + struct passwd *pwd _U_, char *ibuf, size_t ibuflen, + char *rbuf, size_t *rbuflen) { BIGNUM *bn1, *bn2, *bn3; @@ -573,6 +575,10 @@ static int pam_changepw(void *obj, char *username, u_int16_t sessid; int PAM_error; + if (ibuflen < sizeof(sessid)) { + return AFPERR_PARAM; + } + /* grab the id */ memcpy(&sessid, ibuf, sizeof(sessid)); ibuf += sizeof(sessid);