In krb5_kuserok, just try opening .k5login; don't check ahead of time

whether it looks accessible.  Also rewrite the construction of the
.k5login filename to use snprintf instead of strnpy/strncat.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22010 dc483132-0cff-0310-8789-dd5450dbe970

1 files changed, 11 insertions, 9 deletions

diff --git a/src/lib/krb5/os/kuserok.c b/src/lib/krb5/os/kuserok.c
index 719faaebee..489b24791e 100644
--- a/src/lib/krb5/os/kuserok.c
+++ b/src/lib/krb5/os/kuserok.c
@@ -79,22 +79,24 @@ krb5_kuserok(krb5_context context, krb5_principal principal, const char *luser)
     char linebuf[BUFSIZ];
     char *newline;
     int gobble;
-
-    /* no account => no access */
     char pwbuf[BUFSIZ];
     struct passwd pwx;
+    int result;
+
+    /* no account => no access */
     if (k5_getpwnam_r(luser, &pwx, pwbuf, sizeof(pwbuf), &pwd) != 0)
 	return(FALSE);
-    (void) strncpy(pbuf, pwd->pw_dir, sizeof(pbuf) - 1);
-    pbuf[sizeof(pbuf) - 1] = '\0';
-    (void) strncat(pbuf, "/.k5login", sizeof(pbuf) - 1 - strlen(pbuf));
+    result = snprintf(pbuf, sizeof(pbuf), "%s/.k5login", pwd->pw_dir);
+    if (SNPRINTF_OVERFLOW(result, sizeof(pbuf)))
+	return(FALSE);
 
-    if (access(pbuf, F_OK)) {	 /* not accessible */
+    fp = fopen(pbuf, "r");
+    if (!fp) {
 	/*
-	 * if he's trying to log in as himself, and there is no .k5login file,
-	 * let him.  To find out, call
+	 * If he's trying to log in as himself, and there is no
+	 * readable .k5login file, let him.  To find out, call
 	 * krb5_aname_to_localname to convert the principal to a name
-	 * which we can string compare. 
+	 * which we can string compare.
 	 */
 	if (!(krb5_aname_to_localname(context, principal,
 				      sizeof(kuser), kuser))