From 79545d7ce60d35157304e984bfb1d41ce3eea6d8 Mon Sep 17 00:00:00 2001 From: didg Date: Wed, 16 Oct 2002 02:20:41 +0000 Subject: [PATCH] AFP 3.0 changes --- etc/afpd/auth.c | 87 ++++++++++++++++++++++++++++++++++++++++--------- etc/afpd/auth.h | 4 +-- 2 files changed, 74 insertions(+), 17 deletions(-) diff --git a/etc/afpd/auth.c b/etc/afpd/auth.c index 7ab6db9a..093cf46d 100644 --- a/etc/afpd/auth.c +++ b/etc/afpd/auth.c @@ -1,5 +1,5 @@ /* - * $Id: auth.c,v 1.34 2002-10-15 19:34:34 didg Exp $ + * $Id: auth.c,v 1.35 2002-10-16 02:20:41 didg Exp $ * * Copyright (c) 1990,1993 Regents of The University of Michigan. * All Rights Reserved. See COPYRIGHT. @@ -330,7 +330,7 @@ unsigned int ibuflen, *rbuflen; u_int16_t type; u_int32_t idlen; - u_int32_t tklen; + u_int32_t tklen; /* FIXME: u_int16_t? */ pid_t token; *rbuflen = 0; @@ -490,26 +490,28 @@ int ibuflen, *rbuflen; int afp_login_ext(obj, ibuf, ibuflen, rbuf, rbuflen ) AFPObj *obj; char *ibuf, *rbuf; -int ibuflen, *rbuflen; +unsigned int ibuflen, *rbuflen; { struct passwd *pwd = NULL; - int len, i; + unsigned int len; + int i; char type; -/* - u_int16_t h; -*/ + u_int16_t len16; *rbuflen = 0; if ( nologin & 1) return send_reply(obj, AFPERR_SHUTDOWN ); - if (ibuflen <= 2) + if (ibuflen <= 4) return send_reply(obj, AFPERR_BADVERS ); + ibuf++; + ibuf++; /* pad */ + ibuf +=2; /* flag */ + + len = (unsigned char) *ibuf; ibuf++; - ibuf++; /* flag */ - len = (unsigned char) *ibuf++; - ibuflen -= 3; + ibuflen -= 5; i = get_version(obj, ibuf, ibuflen, len); if (i) @@ -521,7 +523,8 @@ int ibuflen, *rbuflen; if (ibuflen <= 1) return send_reply(obj, AFPERR_BADUAM); - len = (unsigned char) *ibuf++; + len = (unsigned char) *ibuf; + ibuf++; ibuflen--; if (!len || len > ibuflen) @@ -529,16 +532,70 @@ int ibuflen, *rbuflen; if ((afp_uam = auth_uamfind(UAM_SERVER_LOGIN, ibuf, len)) == NULL) return send_reply(obj, AFPERR_BADUAM); - ibuf += len; + ibuf += len; ibuflen -= len; - /* FIXME user name */ - if (len <= 1) + /* user name */ + if (len <= 1 +sizeof(len16)) return send_reply(obj, AFPERR_PARAM); type = *ibuf; ibuf++; ibuflen--; + if (type != 3) + return send_reply(obj, AFPERR_PARAM); + + memcpy(&len16, ibuf, sizeof(len16)); + ibuf += sizeof(len16); + ibuflen -= sizeof(len16); + len = ntohs(len16); + if (len > ibuflen) + return send_reply(obj, AFPERR_PARAM); + ibuf += len; + ibuflen -= len; + + /* directory service name */ + if (!ibuflen) + return send_reply(obj, AFPERR_PARAM); + type = *ibuf; + ibuf++; + ibuflen--; + + switch(type) { + case 1: + case 2: + if (!ibuflen) + return send_reply(obj, AFPERR_PARAM); + len = (unsigned char) *ibuf; + ibuf++; + ibuflen--; + break; + case 3: + if (ibuflen <= sizeof(len16)) + return send_reply(obj, AFPERR_PARAM); + + memcpy(&len16, ibuf, sizeof(len16)); + ibuf += sizeof(len16); + ibuflen -= sizeof(len16); + len = ntohs(len16); + break; + default: + return send_reply(obj, AFPERR_PARAM); + } + if (len != 0) { + LOG(log_error, logtype_afpd, "login_ext: directory service path not null!" ); + return send_reply(obj, AFPERR_PARAM); + } + ibuf += len; + ibuflen -= len; + if (!ibuflen ) + return send_reply(obj, AFPERR_PARAM); + + /* Pad */ + ibuf++; + ibuflen--; + + /* FIXME user name are in unicode */ i = afp_uam->u.uam_login.login(obj, &pwd, ibuf, ibuflen, rbuf, rbuflen); if (i || !pwd) return send_reply(obj, i); diff --git a/etc/afpd/auth.h b/etc/afpd/auth.h index 0e5bb17a..c1a40a61 100644 --- a/etc/afpd/auth.h +++ b/etc/afpd/auth.h @@ -1,5 +1,5 @@ /* - * $Id: auth.h,v 1.3 2002-10-12 04:02:46 didg Exp $ + * $Id: auth.h,v 1.4 2002-10-16 02:20:41 didg Exp $ * * Copyright (c) 1990,1993 Regents of The University of Michigan. * All Rights Reserved. See COPYRIGHT. @@ -41,7 +41,7 @@ extern int ngroups; /* FP functions */ extern int afp_login __P((AFPObj *, char *, int, char *, int *)); -extern int afp_login_ext __P((AFPObj *, char *, int, char *, int *)); +extern int afp_login_ext __P((AFPObj *, char *, unsigned int, char *, unsigned int *)); extern int afp_logincont __P((AFPObj *, char *, int, char *, int *)); extern int afp_changepw __P((AFPObj *, char *, int, char *, int *)); extern int afp_logout __P((AFPObj *, char *, int, char *, int *)); -- 2.39.2