[dovecot-cvs] dovecot/src/master auth-process.c,1.20,1.21 auth-process.h,1.4,1.5 common.h,1.7,1.8 login-process.c,1.22,1.23 main.c,1.20,1.21 master-interface.h,1.2,1.3 settings.c,1.31,1.32 settings.h,1.16,1.17
cras at procontrol.fi
cras at procontrol.fi
Fri Dec 20 01:56:26 EET 2002
- Previous message: [dovecot-cvs] dovecot/src/auth auth-digest-md5.c,1.9,1.10 auth-interface.h,1.3,1.4 auth-plain.c,1.6,1.7 auth.c,1.4,1.5 auth.h,1.2,1.3 cookie.c,1.4,1.5 cookie.h,1.2,1.3 login-connection.c,1.9,1.10 main.c,1.9,1.10 master.c,1.7,1.8
- Next message: [dovecot-cvs] dovecot/src/login auth-connection.c,1.14,1.15 auth-connection.h,1.3,1.4 client-authenticate.c,1.22,1.23 common.h,1.4,1.5 main.c,1.11,1.12 master.c,1.8,1.9 master.h,1.4,1.5
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Update of /home/cvs/dovecot/src/master
In directory danu:/tmp/cvs-serv14140/master
Modified Files:
auth-process.c auth-process.h common.h login-process.c main.c
master-interface.h settings.c settings.h
Log Message:
Instead of just trusting randomness of authentication cookies between
auth<->master<->login process IPC, master now doesn't accept any cookies
from login process which weren't created by it (identified by PID). When
login process dies, all it's pending cookies are also removed, so I can't
see even a theoretical possiblity anymore for exploited login process to
authenticate as someone else.
Also fixed some int -> unsigned int.
Index: auth-process.c
===================================================================
RCS file: /home/cvs/dovecot/src/master/auth-process.c,v
retrieving revision 1.20
retrieving revision 1.21
diff -u -d -r1.20 -r1.21
--- auth-process.c 19 Dec 2002 01:02:36 -0000 1.20
+++ auth-process.c 19 Dec 2002 23:56:24 -0000 1.21
@@ -35,7 +35,7 @@
struct _WaitingRequest {
WaitingRequest *next;
- int id;
+ unsigned int id;
AuthCallback callback;
void *context;
@@ -46,7 +46,7 @@
static void auth_process_destroy(AuthProcess *p);
-static void push_request(AuthProcess *process, int id,
+static void push_request(AuthProcess *process, unsigned int id,
AuthCallback callback, void *context)
{
WaitingRequest *req;
@@ -275,25 +275,27 @@
return -1;
}
-AuthProcess *auth_process_find(int id)
+AuthProcess *auth_process_find(unsigned int id)
{
AuthProcess *p;
for (p = processes; p != NULL; p = p->next) {
- if (p->pid == id)
+ if ((unsigned int)p->pid == id)
return p;
}
return NULL;
}
-void auth_process_request(AuthProcess *process, int id,
+void auth_process_request(unsigned int login_pid,
+ AuthProcess *process, unsigned int id,
unsigned char cookie[AUTH_COOKIE_SIZE],
AuthCallback callback, void *context)
{
AuthCookieRequestData req;
req.id = id;
+ req.login_pid = login_pid;
memcpy(req.cookie, cookie, AUTH_COOKIE_SIZE);
if (o_stream_send(process->output, &req, sizeof(req)) < 0)
@@ -302,10 +304,10 @@
push_request(process, id, callback, context);
}
-static int auth_process_get_count(const char *name)
+static unsigned int auth_process_get_count(const char *name)
{
AuthProcess *p;
- int count = 0;
+ unsigned int count = 0;
for (p = processes; p != NULL; p = p->next) {
if (strcmp(p->name, name) == 0)
@@ -330,7 +332,7 @@
Timeout timeout __attr_unused__)
{
AuthConfig *config;
- int count;
+ unsigned int count;
config = auth_processes_config;
for (; config != NULL; config = config->next) {
Index: auth-process.h
===================================================================
RCS file: /home/cvs/dovecot/src/master/auth-process.h,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -d -r1.4 -r1.5
--- auth-process.h 1 Dec 2002 15:39:21 -0000 1.4
+++ auth-process.h 19 Dec 2002 23:56:24 -0000 1.5
@@ -8,10 +8,11 @@
typedef struct _AuthProcess AuthProcess;
/* Find process for given id */
-AuthProcess *auth_process_find(int id);
+AuthProcess *auth_process_find(unsigned int id);
/* Request information about given cookie */
-void auth_process_request(AuthProcess *process, int id,
+void auth_process_request(unsigned int login_pid,
+ AuthProcess *process, unsigned int id,
unsigned char cookie[AUTH_COOKIE_SIZE],
AuthCallback callback, void *context);
Index: common.h
===================================================================
RCS file: /home/cvs/dovecot/src/master/common.h,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -d -r1.7 -r1.8
--- common.h 18 Dec 2002 04:00:01 -0000 1.7
+++ common.h 19 Dec 2002 23:56:24 -0000 1.8
@@ -44,6 +44,6 @@
/* misc */
#define VALIDATE_STR(str) \
validate_str(str, sizeof(str))
-int validate_str(const char *str, int max_len);
+int validate_str(const char *str, size_t max_len);
#endif
Index: login-process.c
===================================================================
RCS file: /home/cvs/dovecot/src/master/login-process.c,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -d -r1.22 -r1.23
--- login-process.c 19 Dec 2002 01:02:36 -0000 1.22
+++ login-process.c 19 Dec 2002 23:56:24 -0000 1.23
@@ -32,15 +32,15 @@
typedef struct {
LoginProcess *process;
- int login_id;
- int auth_id;
+ unsigned int login_id;
+ unsigned int auth_id;
int fd;
IPADDR ip;
char login_tag[LOGIN_TAG_SIZE];
} LoginAuthRequest;
-static int auth_id_counter;
+static unsigned int auth_id_counter;
static Timeout to;
static HashTable *processes;
@@ -163,8 +163,8 @@
req.auth_process);
auth_callback(NULL, authreq);
} else {
- auth_process_request(auth_process, authreq->auth_id, req.cookie,
- auth_callback, authreq);
+ auth_process_request(p->pid, auth_process, authreq->auth_id,
+ req.cookie, auth_callback, authreq);
}
}
@@ -321,9 +321,11 @@
env_put("PROCESS_PER_CONNECTION=1");
env_put("MAX_LOGGING_USERS=1");
} else {
- env_put(t_strdup_printf("MAX_LOGGING_USERS=%d",
+ env_put(t_strdup_printf("MAX_LOGGING_USERS=%u",
set_max_logging_users));
}
+
+ env_put(t_strdup_printf("PROCESS_UID=%s", dec2str(getpid())));
restrict_process_size(set_login_process_size);
Index: main.c
===================================================================
RCS file: /home/cvs/dovecot/src/master/main.c,v
retrieving revision 1.20
retrieving revision 1.21
diff -u -d -r1.20 -r1.21
--- main.c 19 Dec 2002 01:02:36 -0000 1.20
+++ main.c 19 Dec 2002 23:56:24 -0000 1.21
@@ -34,9 +34,9 @@
HashTable *pids;
int null_fd, imap_fd, imaps_fd;
-int validate_str(const char *str, int max_len)
+int validate_str(const char *str, size_t max_len)
{
- int i;
+ size_t i;
for (i = 0; i < max_len; i++) {
if (str[i] == '\0')
@@ -125,8 +125,8 @@
if (status != 0) {
login_process_abormal_exit(pid);
msg = get_exit_status_message(status);
- if (msg != NULL)
- msg = t_strconcat(" (", msg, ")", NULL);
+ msg = msg == NULL ? "" :
+ t_strconcat(" (", msg, ")", NULL);
i_error("child %s (%s) returned error %d%s",
dec2str(pid), process_type_name,
status, msg);
Index: master-interface.h
===================================================================
RCS file: /home/cvs/dovecot/src/master/master-interface.h,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -d -r1.2 -r1.3
--- master-interface.h 6 Nov 2002 14:20:50 -0000 1.2
+++ master-interface.h 19 Dec 2002 23:56:24 -0000 1.3
@@ -17,9 +17,9 @@
} MasterReplyResult;
typedef struct {
- int id;
+ unsigned int id;
- int auth_process;
+ unsigned int auth_process;
unsigned char cookie[AUTH_COOKIE_SIZE];
IPADDR ip;
@@ -27,7 +27,7 @@
} MasterRequest;
typedef struct {
- int id;
+ unsigned int id;
MasterReplyResult result;
} MasterReply;
Index: settings.c
===================================================================
RCS file: /home/cvs/dovecot/src/master/settings.c,v
retrieving revision 1.31
retrieving revision 1.32
diff -u -d -r1.31 -r1.32
--- settings.c 18 Dec 2002 15:15:42 -0000 1.31
+++ settings.c 19 Dec 2002 23:56:24 -0000 1.32
@@ -368,14 +368,20 @@
}
if (strcmp(key, "auth_count") == 0) {
- if (!sscanf(value, "%i", &auth->count))
+ int num;
+
+ if (!sscanf(value, "%i", &num) || num < 0)
return t_strconcat("Invalid number: ", value, NULL);
+ auth->count = num;
return NULL;
}
if (strcmp(key, "auth_process_size") == 0) {
- if (!sscanf(value, "%i", &auth->process_size))
+ int num;
+
+ if (!sscanf(value, "%i", &num) || num < 0)
return t_strconcat("Invalid number: ", value, NULL);
+ auth->process_size = num;
return NULL;
}
Index: settings.h
===================================================================
RCS file: /home/cvs/dovecot/src/master/settings.h,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -d -r1.16 -r1.17
--- settings.h 12 Dec 2002 06:04:30 -0000 1.16
+++ settings.h 19 Dec 2002 23:56:24 -0000 1.17
@@ -72,7 +72,7 @@
char *user;
char *chroot;
- int count;
+ unsigned int count;
unsigned int process_size;
};
- Previous message: [dovecot-cvs] dovecot/src/auth auth-digest-md5.c,1.9,1.10 auth-interface.h,1.3,1.4 auth-plain.c,1.6,1.7 auth.c,1.4,1.5 auth.h,1.2,1.3 cookie.c,1.4,1.5 cookie.h,1.2,1.3 login-connection.c,1.9,1.10 main.c,1.9,1.10 master.c,1.7,1.8
- Next message: [dovecot-cvs] dovecot/src/login auth-connection.c,1.14,1.15 auth-connection.h,1.3,1.4 client-authenticate.c,1.22,1.23 common.h,1.4,1.5 main.c,1.11,1.12 master.c,1.8,1.9 master.h,1.4,1.5
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the dovecot-cvs
mailing list