Attachment 4208 Details for Bug 6411 – fixes token-handling for passwords containing quotes or sequence-delimiters

[patch] fixes token-handling for passwords containing quotes or sequence-delimiters

samba-3.0.34-fix-chgpasswd-token-handling.diff (text/plain), 3.06 KB, created by Carsten Dumke on 2009-05-27 04:24:59 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Carsten Dumke

Created: 2009-05-27 04:24:59 UTC

Size: 3.06 KB

patch

obsolete

>diff -Nurbd samba-3.0.34.orig/source/smbd/chgpasswd.c samba-3.0.34/source/smbd/chgpasswd.c
>--- samba-3.0.34.orig/source/smbd/chgpasswd.c	2009-01-19 11:40:09.000000000 +0100
>+++ samba-3.0.34/source/smbd/chgpasswd.c	2009-05-26 16:57:29.000000000 +0200
>@@ -236,18 +236,25 @@
> 	return (True);
> }
> 
>-static int expect(int master, char *issue, char *expected)
>+static int expect(int master, char *issue, char *expected,
>+		  const char *oldpass, const char *newpass)
> {
> 	pstring buffer;
>+	pstring issue_password;
> 	int attempts, timeout, nread, len;
> 	BOOL match = False;
> 
>+	/* replace placeholder by password */
>+	pstrcpy(issue_password, issue);
>+	all_string_sub(issue_password, "%o", oldpass, sizeof(pstring));
>+	all_string_sub(issue_password, "%n", newpass, sizeof(pstring));
>+
> 	for (attempts = 0; attempts < 2; attempts++) {
> 		if (!strequal(issue, ".")) {
> 			if (lp_passwd_chat_debug())
>-				DEBUG(100, ("expect: sending [%s]\n", issue));
>+				DEBUG(100, ("expect: sending [%s]\n", issue_password));
> 
>-			if ((len = sys_write(master, issue, strlen(issue))) != strlen(issue)) {
>+			if ((len = sys_write(master, issue_password, strlen(issue_password))) != strlen(issue_password)) {
> 				DEBUG(2,("expect: (short) write returned %d\n", len ));
> 				return False;
> 			}
>@@ -305,7 +312,8 @@
> 	all_string_sub(buf, "\\t", "\t", 0);
> }
> 
>-static int talktochild(int master, const char *seq)
>+static int talktochild(int master, const char *seq,
>+		       const char *oldpass, const char *newpass)
> {
> 	int count = 0;
> 	fstring issue, expected;
>@@ -317,7 +325,7 @@
> 		pwd_sub(expected);
> 		count++;
> 
>-		if (!expect(master, issue, expected))
>+		if (!expect(master, issue, expected, oldpass, newpass))
> 		{
> 			DEBUG(3, ("Response %d incorrect\n", count));
> 			return False;
>@@ -331,7 +339,7 @@
> 	if (!strequal(issue, ".")) {
> 		/* we have one final issue to send */
> 		fstrcpy(expected, ".");
>-		if (!expect(master, issue, expected))
>+		if (!expect(master, issue, expected, oldpass, newpass))
> 			return False;
> 	}
> 
>@@ -339,7 +347,8 @@
> }
> 
> static BOOL chat_with_program(char *passwordprogram, const struct passwd *pass,
>-			      char *chatsequence, BOOL as_root)
>+			      char *chatsequence, BOOL as_root,
>+			      const char *oldpass, const char *newpass)
> {
> 	char *slavedev;
> 	int master;
>@@ -374,7 +383,7 @@
> 
> 	/* we now have a pty */
> 	if (pid > 0) {			/* This is the parent process */
>-		if ((chstat = talktochild(master, chatsequence)) == False) {
>+		if ((chstat = talktochild(master, chatsequence, oldpass, newpass)) == False) {
> 			DEBUG(3, ("chat_with_program: Child failed to change password: %s\n", pass->pw_name));
> 			kill(pid, SIGKILL);	/* be sure to end this process */
> 		}
>@@ -563,10 +572,8 @@
> 	   a new password containing shell escape characters */
> 
> 	pstring_sub(chatsequence, "%u", name);
>-	all_string_sub(chatsequence, "%o", oldpass, sizeof(pstring));
>-	all_string_sub(chatsequence, "%n", newpass, sizeof(pstring));
> 	return (chat_with_program
>-		(passwordprogram, pass, chatsequence, as_root));
>+		(passwordprogram, pass, chatsequence, as_root, oldpass, newpass));
> }
> 
> #else /* ALLOW_CHANGE_PASSWORD */

Actions: View

Attachments on bug 6411: 4208 | 4213 | 4238 | 4239 | 5255 | 5797 | 5799