[dovecot-cvs] dovecot/src/auth auth-master-connection.c, 1.10,
1.11 main.c, 1.29, 1.30 mech-cram-md5.c, 1.11,
1.12 mech-digest-md5.c, 1.24, 1.25 mech-rpa.c, 1.4, 1.5 mech.c,
1.37, 1.38 passdb-checkpassword.c, 1.2,
1.3 password-scheme-rpa.c, 1.1, 1.2 password-scheme.c, 1.15, 1.16
cras at dovecot.org
cras at dovecot.org
Fri Oct 8 20:51:50 EEST 2004
Update of /var/lib/cvs/dovecot/src/auth
In directory talvi:/tmp/cvs-serv10130/auth
Modified Files:
auth-master-connection.c main.c mech-cram-md5.c
mech-digest-md5.c mech-rpa.c mech.c passdb-checkpassword.c
password-scheme-rpa.c password-scheme.c
Log Message:
Buffer API change: we no longer support limited sized buffers where
writes past limit wouldn't kill the process. They weren't used hardly
anywhere, they could have hidden bugs and the code for handling them was too
complex.
This also changed base64 and hex-binary APIs.
Index: auth-master-connection.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/auth-master-connection.c,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -d -r1.10 -r1.11
--- auth-master-connection.c 15 Aug 2004 03:40:30 -0000 1.10
+++ auth-master-connection.c 8 Oct 2004 17:51:47 -0000 1.11
@@ -55,7 +55,7 @@
char *p;
buf = buffer_create_dynamic(pool_datastack_create(),
- sizeof(reply) + 256, (size_t)-1);
+ sizeof(reply) + 256);
memset(&reply, 0, sizeof(reply));
buffer_append(buf, &reply, sizeof(reply));
@@ -219,7 +219,7 @@
reply.server_pid = master->pid;
- buf = buffer_create_dynamic(default_pool, 128, (size_t)-1);
+ buf = buffer_create_dynamic(default_pool, 128);
for (list = mech_modules; list != NULL; list = list->next)
reply.mech_count++;
@@ -273,8 +273,7 @@
conn->refcount = 1;
conn->pid = pid;
conn->fd = fd;
- conn->listeners_buf =
- buffer_create_dynamic(default_pool, 64, (size_t)-1);
+ conn->listeners_buf = buffer_create_dynamic(default_pool, 64);
if (fd != -1)
auth_master_connection_set_fd(conn, fd);
master_get_handshake_reply(conn);
Index: main.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/main.c,v
retrieving revision 1.29
retrieving revision 1.30
diff -u -d -r1.29 -r1.30
--- main.c 20 Sep 2004 23:22:15 -0000 1.29
+++ main.c 8 Oct 2004 17:51:47 -0000 1.30
@@ -204,7 +204,7 @@
lib_init_signals(sig_quit);
mech_init();
- masters_buf = buffer_create_dynamic(default_pool, 64, (size_t)-1);
+ masters_buf = buffer_create_dynamic(default_pool, 64);
env = getenv("AUTH_PROCESS");
standalone = env == NULL;
Index: mech-cram-md5.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/mech-cram-md5.c,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -d -r1.11 -r1.12
--- mech-cram-md5.c 29 Sep 2004 15:44:38 -0000 1.11
+++ mech-cram-md5.c 8 Oct 2004 17:51:47 -0000 1.12
@@ -62,7 +62,7 @@
buffer_create_data(pool_datastack_create(),
context_digest, sizeof(context_digest));
- if (hex_to_binary(credentials, context_digest_buf) <= 0)
+ if (hex_to_binary(credentials, context_digest_buf) < 0)
return FALSE;
hmac_md5_set_cram_context(&ctx, context_digest);
Index: mech-digest-md5.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/mech-digest-md5.c,v
retrieving revision 1.24
retrieving revision 1.25
diff -u -d -r1.24 -r1.25
--- mech-digest-md5.c 31 Aug 2004 09:31:18 -0000 1.24
+++ mech-digest-md5.c 8 Oct 2004 17:51:47 -0000 1.25
@@ -74,8 +74,8 @@
random_fill(nonce, sizeof(nonce));
t_push();
- buf = buffer_create_static(pool_datastack_create(),
- MAX_BASE64_ENCODED_SIZE(sizeof(nonce))+1);
+ buf = buffer_create_static_hard(pool_datastack_create(),
+ MAX_BASE64_ENCODED_SIZE(sizeof(nonce))+1);
base64_encode(nonce, sizeof(nonce), buf);
buffer_append_c(buf, '\0');
@@ -123,7 +123,7 @@
digest_buf = buffer_create_data(pool_datastack_create(),
digest, sizeof(digest));
- if (hex_to_binary(credentials, digest_buf) <= 0)
+ if (hex_to_binary(credentials, digest_buf) < 0)
return FALSE;
/*
Index: mech-rpa.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/mech-rpa.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -d -r1.4 -r1.5
--- mech-rpa.c 15 Sep 2004 13:20:16 -0000 1.4
+++ mech-rpa.c 8 Oct 2004 17:51:47 -0000 1.5
@@ -333,7 +333,7 @@
length = sizeof(rpa_oid) + 3 + RPA_SCHALLENGE_LEN +
RPA_TIMESTAMP_LEN + 2 + realms_len;
- buf = buffer_create_dynamic(auth->pool, length + 4, (size_t)-1);
+ buf = buffer_create_dynamic(auth->pool, length + 4);
buffer_append_c(buf, ASN1_APPLICATION);
buffer_append_asn1_length(buf, length);
@@ -373,7 +373,7 @@
buffer_t *buf;
unsigned char server_response[16];
- buf = buffer_create_dynamic(auth->pool, length + 4, (size_t)-1);
+ buf = buffer_create_dynamic(auth->pool, length + 4);
buffer_append_c(buf, ASN1_APPLICATION);
buffer_append_asn1_length(buf, length);
Index: mech.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/mech.c,v
retrieving revision 1.37
retrieving revision 1.38
diff -u -d -r1.37 -r1.38
--- mech.c 5 Oct 2004 15:30:03 -0000 1.37
+++ mech.c 8 Oct 2004 17:51:47 -0000 1.38
@@ -205,7 +205,7 @@
{
buffer_t *buf;
- buf = buffer_create_dynamic(pool_datastack_create(), 256, (size_t)-1);
+ buf = buffer_create_dynamic(pool_datastack_create(), 256);
reply->username_idx = 0;
buffer_append(buf, auth_request->user, strlen(auth_request->user)+1);
@@ -480,8 +480,7 @@
#endif
ssl_require_client_cert = getenv("SSL_REQUIRE_CLIENT_CERT") != NULL;
- auth_failures_buf =
- buffer_create_dynamic(default_pool, 1024, (size_t)-1);
+ auth_failures_buf = buffer_create_dynamic(default_pool, 1024);
to_auth_failures = timeout_add(2000, auth_failure_timeout, NULL);
}
Index: passdb-checkpassword.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/passdb-checkpassword.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -d -r1.2 -r1.3
--- passdb-checkpassword.c 20 Sep 2004 21:47:30 -0000 1.2
+++ passdb-checkpassword.c 8 Oct 2004 17:51:47 -0000 1.3
@@ -162,8 +162,7 @@
} else {
if (request->input_buf == NULL) {
request->input_buf =
- buffer_create_dynamic(default_pool,
- 512, (size_t)-1);
+ buffer_create_dynamic(default_pool, 512);
}
buffer_append(request->input_buf, buf, ret);
}
@@ -182,12 +181,19 @@
size_t size;
ssize_t ret;
- buf = buffer_create_static(pool_datastack_create(), 512+1);
+ buf = buffer_create_dynamic(pool_datastack_create(), 512+1);
buffer_append(buf, auth_request->user, strlen(auth_request->user)+1);
buffer_append(buf, request->password, strlen(request->password)+1);
buffer_append_c(buf, '\0');
data = buffer_get_data(buf, &size);
+ if (size > 512) {
+ i_error("checkpassword: output larger than 512 bytes: "
+ "%"PRIuSIZE_T, size);
+ checkpassword_request_close(request);
+ return;
+ }
+
ret = write(request->fd_out, data + request->write_pos,
size - request->write_pos);
if (ret <= 0) {
Index: password-scheme-rpa.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/password-scheme-rpa.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- password-scheme-rpa.c 19 Aug 2004 03:56:02 -0000 1.1
+++ password-scheme-rpa.c 8 Oct 2004 17:51:47 -0000 1.2
@@ -13,7 +13,7 @@
*/
void *ucs2be_str(pool_t pool, const char *str, size_t *size)
{
- buffer_t *buf = buffer_create_dynamic(pool, 32, (size_t)-1);
+ buffer_t *buf = buffer_create_dynamic(pool, 32);
while (*str) {
buffer_append_c(buf, '\0');
Index: password-scheme.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/password-scheme.c,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -d -r1.15 -r1.16
--- password-scheme.c 19 Aug 2004 03:56:02 -0000 1.15
+++ password-scheme.c 8 Oct 2004 17:51:47 -0000 1.16
@@ -160,14 +160,15 @@
unsigned char sha1_digest[SHA1_RESULTLEN];
const char *data;
buffer_t *buf;
- size_t size;
+ size_t size, password_len;
sha1_get_digest(plaintext, strlen(plaintext), sha1_digest);
- buf = buffer_create_static(pool_datastack_create(),
- MAX_BASE64_DECODED_SIZE(strlen(password)+1));
+ password_len = strlen(password);
+ buf = buffer_create_static_hard(pool_datastack_create(),
+ MAX_BASE64_DECODED_SIZE(password_len));
- if (base64_decode(password, strlen(password), NULL, buf) <= 0) {
+ if (base64_decode(password, password_len, NULL, buf) < 0) {
i_error("sha1_verify(%s): failed decoding SHA base64", user);
return 0;
}
@@ -207,14 +208,15 @@
unsigned char sha1_digest[SHA1_RESULTLEN];
buffer_t *buf;
const char *data;
- size_t size;
+ size_t size, password_len;
struct sha1_ctxt ctx;
/* format: base64-encoded MD5 hash and salt */
- buf = buffer_create_static(pool_datastack_create(),
- MAX_BASE64_DECODED_SIZE(strlen(password)+1));
+ password_len = strlen(password);
+ buf = buffer_create_static_hard(pool_datastack_create(),
+ MAX_BASE64_DECODED_SIZE(password_len));
- if (base64_decode(password, strlen(password), NULL, buf) <= 0) {
+ if (base64_decode(password, password_len, NULL, buf) < 0) {
i_error("ssha_verify(%s): failed decoding SSHA base64", user);
return 0;
}
@@ -258,14 +260,15 @@
unsigned char md5_digest[16];
buffer_t *buf;
const char *data;
- size_t size;
+ size_t size, password_len;
struct md5_context ctx;
/* format: base64-encoded MD5 hash and salt */
- buf = buffer_create_static(pool_datastack_create(),
- MAX_BASE64_DECODED_SIZE(strlen(password)+1));
+ password_len = strlen(password);
+ buf = buffer_create_static_hard(pool_datastack_create(),
+ MAX_BASE64_DECODED_SIZE(password_len));
- if (base64_decode(password, strlen(password), NULL, buf) <= 0) {
+ if (base64_decode(password, password_len, NULL, buf) < 0) {
i_error("smd5_verify(%s): failed decoding SMD5 base64", user);
return 0;
}
@@ -378,14 +381,15 @@
unsigned char md5_digest[16];
buffer_t *buf;
const char *data;
- size_t size;
+ size_t size, password_len;
md5_get_digest(plaintext, strlen(plaintext), md5_digest);
- buf = buffer_create_static(pool_datastack_create(),
- MAX_BASE64_DECODED_SIZE(strlen(password)+1));
+ password_len = strlen(password);
+ buf = buffer_create_static_hard(pool_datastack_create(),
+ MAX_BASE64_DECODED_SIZE(password_len));
- if (base64_decode(password, strlen(password), NULL, buf) <= 0) {
+ if (base64_decode(password, password_len, NULL, buf) < 0) {
i_error("ldap_md5_verify(%s): failed decoding MD5 base64",
user);
return 0;
@@ -464,7 +468,7 @@
const char *symbol;
#endif
- schemes_buf = buffer_create_dynamic(default_pool, 128, (size_t)-1);
+ schemes_buf = buffer_create_dynamic(default_pool, 128);
for (s = default_schemes; s->name != NULL; s++)
buffer_append(schemes_buf, s, sizeof(*s));
More information about the dovecot-cvs
mailing list