Tuesday, August 30, 2016

[389-commits] Branch '389-ds-base-1.2.11' - ldap/servers

ldap/servers/slapd/modify.c | 8 ++++----
ldap/servers/slapd/pw.c | 4 ++--
2 files changed, 6 insertions(+), 6 deletions(-)

New commits:
commit 840cfbfc7d6473338cd4ef167bf4a0d8867be80b
Author: Mark Reynolds <mreynolds@redhat.com>
Date: Tue Aug 30 14:25:15 2016 -0400

Ticket 48975- Disabling CLEAR password storage scheme will
crash server when setting a password

Bug Description: If the CLEAR password storage scheme plugin is disabled, and a
userpassword is set, the server crashes. This is because we
expect this plugin to be enabled when working with the unhashed
password.

Fix Description: Always check if the password scheme, returned by pw_val2scheme(),
is NULL before dereferencing it. If it is NULL treat it as a
clear text password.

Valgrind: Passed

https://fedorahosted.org/389/ticket/48975

Reviewed by: nhosoi(Thanks!)

(cherry picked from commit 52230585a1191bf1e747780b592f291d652e26dd)

diff --git a/ldap/servers/slapd/modify.c b/ldap/servers/slapd/modify.c
index 4bcc827..ed08885 100644
--- a/ldap/servers/slapd/modify.c
+++ b/ldap/servers/slapd/modify.c
@@ -847,7 +847,7 @@ static void op_shared_modify (Slapi_PBlock *pb, int pw_change, char *old_pw)
for ( i = 0; pw_mod->mod_bvalues != NULL && pw_mod->mod_bvalues[i] != NULL; i++ ) {
char *password = slapi_ch_strdup(pw_mod->mod_bvalues[i]->bv_val);
pwsp = pw_val2scheme( password, &valpwd, 1 );
- if(strcmp(pwsp->pws_name, "CLEAR") == 0){
+ if(pwsp == NULL || strcmp(pwsp->pws_name, "CLEAR") == 0){
/*
* CLEAR password
*
@@ -871,7 +871,7 @@ static void op_shared_modify (Slapi_PBlock *pb, int pw_change, char *old_pw)
const char *userpwd = slapi_value_get_string(present_values[ii]);

pass_scheme = pw_val2scheme( (char *)userpwd, &pval, 1 );
- if(strcmp(pass_scheme->pws_name,"CLEAR")){
+ if(pass_scheme && strcmp(pass_scheme->pws_name,"CLEAR")){
/* its encoded, so compare it */
if((*(pass_scheme->pws_cmp))( valpwd, pval ) == 0 ){
/*
@@ -931,7 +931,7 @@ static void op_shared_modify (Slapi_PBlock *pb, int pw_change, char *old_pw)
* provided by the client.
*/
unhashed_pwsp = pw_val2scheme( (char *)unhashed_pwd, NULL, 1 );
- if(strcmp(unhashed_pwsp->pws_name, "CLEAR") == 0){
+ if(unhashed_pwsp == NULL || strcmp(unhashed_pwsp->pws_name, "CLEAR") == 0){
if((*(pwsp->pws_cmp))((char *)unhashed_pwd , valpwd) == 0 ){
/* match, add the delete mod for this particular unhashed userpassword */
if (SLAPD_UNHASHED_PW_OFF != config_get_unhashed_pw_switch()) {
@@ -1457,7 +1457,7 @@ valuearray_init_bervalarray_unhashed_only(struct berval **bvals, Slapi_Value ***
*cvals = (Slapi_Value **) slapi_ch_malloc((n + 1) * sizeof(Slapi_Value *));
for(i = 0, p = 0; i < n; i++){
pwsp = pw_val2scheme( bvals[i]->bv_val, NULL, 1 );
- if(strcmp(pwsp->pws_name, "CLEAR") == 0){
+ if(pwsp == NULL || strcmp(pwsp->pws_name, "CLEAR") == 0){
(*cvals)[p++] = slapi_value_new_berval(bvals[i]);
}
free_pw_scheme( pwsp );
diff --git a/ldap/servers/slapd/pw.c b/ldap/servers/slapd/pw.c
index 2785bd7..d0d8570 100644
--- a/ldap/servers/slapd/pw.c
+++ b/ldap/servers/slapd/pw.c
@@ -266,8 +266,8 @@ void free_pw_scheme(struct pw_scheme *pwsp)
{
if ( pwsp != NULL )
{
- slapi_ch_free( (void**)&pwsp->pws_name );
- slapi_ch_free( (void**)&pwsp );
+ slapi_ch_free_string(&pwsp->pws_name);
+ slapi_ch_free((void**)&pwsp);
}
}

--
389-commits mailing list
389-commits@lists.fedoraproject.org
https://lists.fedoraproject.org/admin/lists/389-commits@lists.fedoraproject.org

No comments:

Post a Comment