pap: Allow login using gecos name too, fix most obvious buffers overrun... from

Björn Fernhomberg.

diff --git a/etc/papd/queries.c b/etc/papd/queries.c
index 63bc56fad34b9fb543cf3fa537f1b70dbb1beecc..ab1d745e37a88364d59b2edf563bb014030d6cad 100644 (file)
--- a/etc/papd/queries.c
+++ b/etc/papd/queries.c
@@ -1,5 +1,5 @@
 /*
- * $Id: queries.c,v 1.16 2003-02-17 01:35:18 srittau Exp $
+ * $Id: queries.c,v 1.17 2003-05-14 15:13:50 didg Exp $
  *
  * Copyright (c) 1990,1994 Regents of The University of Michigan.
  * All Rights Reserved.  See COPYRIGHT.
@@ -255,7 +255,7 @@ int gq_balance( out )
  * Handler for RBISpoolerID
  */
 
-static const char *spoolerid = "(PAPD Spooler) " VERSION "\n";
+static const char *spoolerid = "(PAPD Spooler) 1.0 (" VERSION ")\n";
 
 int gq_rbispoolerid( out )
     struct papfile     *out;
@@ -673,7 +673,7 @@ int cq_listq( in, out )
  */
 
 static struct uam_obj *papd_uam = NULL;
-/*static const char *rbiloginok = "0\r";*/
+static const char *rbiloginok = "0\r";
 static const char *rbiloginbad = "-1\r";
 static const char *rbiloginerrstr = "%%[Error: SecurityError; \
 SecurityViolation: Unknown user, incorrect password or log on is \
@@ -685,7 +685,7 @@ int cq_rbilogin( in, out )
 {
     char               *start, *stop, *p, *begin;
     int                        linelength, crlflength;
-    char               username[9] = "\0";
+    char               username[UAM_USERNAMELEN + 1] = "\0";
     struct papd_comment        *comment = compeek();
     char               uamtype[20] = "\0";
 
@@ -718,6 +718,8 @@ int cq_rbilogin( in, out )
            } else {
                 if ( (papd_uam->u.uam_printer(p,stop,username,out)) == 0 ) {
                     lp_person( username );
+                   append(out, rbiloginok, strlen( rbiloginok ));
+                   LOG(log_info, logtype_papd, "RBILogin: Logged in '%s'", username);
                 } else {
                     append(out, rbiloginbad, strlen( rbiloginbad));
                     append(out, rbiloginerrstr, strlen(rbiloginerrstr));

diff --git a/etc/uams/uams_pam.c b/etc/uams/uams_pam.c
index 25b86753796e0bcec0ca9e19d60d72d211bc21f7..bf47ea8a024b536b54b28523689f84094d5abc6d 100644 (file)
--- a/etc/uams/uams_pam.c
+++ b/etc/uams/uams_pam.c
@@ -1,5 +1,5 @@
 /*
- * $Id: uams_pam.c,v 1.15 2003-01-08 22:16:25 didg Exp $
+ * $Id: uams_pam.c,v 1.16 2003-05-14 15:13:50 didg Exp $
  *
  * Copyright (c) 1990,1993 Regents of The University of Michigan.
  * Copyright (c) 1999 Adrian Sun (asun@u.washington.edu) 
@@ -41,6 +41,11 @@ char *strchr (), *strrchr ();
 
 #define PASSWDLEN 8
 
+#ifndef MIN
+#define MIN(a,b) ((a) < (b) ? (a) : (b))
+#endif /* MIN */
+
+
 /* Static variables used to communicate between the conversation function
  * and the server_login function
  */
@@ -331,9 +336,16 @@ int pam_printer(start, stop, username, out)
     char       *data, *p, *q;
     char       password[PASSWDLEN + 1] = "\0";
     static const char *loginok = "0\r";
+    struct passwd *pwd;
+
+    data = (char *)malloc(stop - start + 2);
+    if (!data) {
+       LOG(log_info, logtype_uams,"Bad Login ClearTxtUAM: malloc");
+       return(-1);
+    }
 
-    data = (char *)malloc(stop - start + 1);
     strncpy(data, start, stop - start + 1);
+    data[stop - start + 2] = 0;
 
     /* We are looking for the following format in data:
      * (username) (password)
@@ -348,25 +360,38 @@ int pam_printer(start, stop, username, out)
        return(-1);
     }
     p++;
-    if ((q = strstr(data, ") (" )) == NULL) {
+    if ((q = strstr(p, ") (" )) == NULL) {
        LOG(log_info, logtype_uams,"Bad Login ClearTxtUAM: username not found in string");
        free(data);
        return(-1);
     }
-    strncpy(username, p, q - p);
+    strncpy(username, p, MIN(UAM_USERNAMELEN, q - p) );
+    username[ UAM_USERNAMELEN +1] = '\0';
 
     /* Parse input for password in next () */
     p = q + 3;
-    if ((q = strrchr(data, ')' )) == NULL) {
+    if ((q = strrchr(p, ')' )) == NULL) {
        LOG(log_info, logtype_uams,"Bad Login ClearTxtUAM: password not found in string");
        free(data);
        return(-1);
     }
-    strncpy(password, p, q - p);
+    strncpy(password, p, MIN(PASSWDLEN, (q - p)) );
+    password[ PASSWDLEN + 1] = '\0';
 
     /* Done copying username and password, clean up */
     free(data);
 
+    if (( pwd = uam_getname(username, strlen(username))) == NULL ) {
+        LOG(log_info, logtype_uams, "Bad Login ClearTxtUAM: ( %s ) not found ",
+            username);
+        return(-1);
+    }
+
+    if (uam_checkuser(pwd) < 0) {
+        /* syslog of error happens in uam_checkuser */
+        return(-1);
+    }
+
     PAM_username = username;
     PAM_password = password;
 

diff --git a/etc/uams/uams_passwd.c b/etc/uams/uams_passwd.c
index 027d6c856433f8979dd75cf36c05dee32ee112c9..235655c169868ec5410f20f927a3ae853536fe4b 100644 (file)
--- a/etc/uams/uams_passwd.c
+++ b/etc/uams/uams_passwd.c
@@ -1,5 +1,5 @@
 /*
- * $Id: uams_passwd.c,v 1.19 2002-10-17 18:01:55 didg Exp $
+ * $Id: uams_passwd.c,v 1.20 2003-05-14 15:13:50 didg Exp $
  *
  * Copyright (c) 1990,1993 Regents of The University of Michigan.
  * Copyright (c) 1999 Adrian Sun (asun@u.washington.edu) 
@@ -50,6 +50,11 @@ char *strchr (), *strrchr ();
 
 #define PASSWDLEN 8
 
+#ifndef MIN
+#define MIN(a,b) ((a) < (b) ? (a) : (b))
+#endif /* MIN */
+
+
 #ifdef TRU64
 #include <sia.h>
 #include <siad.h>
@@ -258,8 +263,13 @@ struct papfile     *out;
     static const char *loginok = "0\r";
     int ulen;
 
-    data = (char *)malloc(stop - start + 1);
+    data = (char *)malloc(stop - start + 2);
+    if (!data) {
+       LOG(log_info, logtype_uams,"Bad Login ClearTxtUAM: malloc");
+       return(-1);
+    }
     strncpy(data, start, stop - start + 1);
+    data[stop - start + 2] = 0;
 
     /* We are looking for the following format in data:
      * (username) (password)
@@ -279,7 +289,9 @@ struct papfile      *out;
         free(data);
         return(-1);
     }
-    strncpy(username, p, q - p);
+    strncpy(username, p, MIN( UAM_USERNAMELEN, (q - p)) );
+    username[ UAM_USERNAMELEN+1] = '\0';
+
 
     /* Parse input for password in next () */
     p = q + 3;
@@ -288,7 +300,9 @@ struct papfile      *out;
         free(data);
         return(-1);
     }
-    strncpy(password, p, q - p);
+    strncpy(password, p, MIN(PASSWDLEN, q - p) );
+    password[ PASSWDLEN+1] = '\0';
+
 
     /* Done copying username and password, clean up */
     free(data);

diff --git a/include/atalk/uam.h b/include/atalk/uam.h
index 29bb542f371fe98a0a695f4dff1b31b5287fea35..948613a8da5ee01fc9250d951b3216bc0cb2ccf0 100644 (file)
--- a/include/atalk/uam.h
+++ b/include/atalk/uam.h
@@ -49,6 +49,9 @@
 #define UAM_PASSWD_MAXFAIL      (1 << 2) /* not implemented yet. */
 #define UAM_PASSWD_EXPIRETIME   (1 << 3) /* not implemented yet. */
 
+/* max lenght of username  */
+#define UAM_USERNAMELEN        255
+
 /* i'm doing things this way because os x server's dynamic linker
  * support is braindead. it also allows me to do a little versioning. */
 struct uam_export {