diff options
author | Stephen Gallagher <sgallagh@redhat.com> | 2010-03-23 16:35:49 -0400 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2010-03-25 16:02:27 -0400 |
commit | 80c8a4f94d54b23bce206fdd75ff2648977ce271 (patch) | |
tree | 7a03b98f665e4ebf7005c580fd9873200f023fad /src/providers | |
parent | f94abf5319d8f74cacae0a98d3925d18eb6839eb (diff) | |
download | sssd-80c8a4f94d54b23bce206fdd75ff2648977ce271.tar.gz sssd-80c8a4f94d54b23bce206fdd75ff2648977ce271.tar.xz sssd-80c8a4f94d54b23bce206fdd75ff2648977ce271.zip |
Allow arbitrary-length PAM messages
The PAM standard allows for messages of any length to be returned
to the client. We were discarding all messages of length greater
than 255. This patch dynamically allocates the message buffers so
we can pass the complete message.
This resolves https://fedorahosted.org/sssd/ticket/432
Diffstat (limited to 'src/providers')
-rw-r--r-- | src/providers/child_common.c | 20 | ||||
-rw-r--r-- | src/providers/child_common.h | 5 | ||||
-rw-r--r-- | src/providers/krb5/krb5_auth.c | 2 | ||||
-rw-r--r-- | src/providers/krb5/krb5_child.c | 25 | ||||
-rw-r--r-- | src/providers/ldap/ldap_child.c | 12 |
5 files changed, 27 insertions, 37 deletions
diff --git a/src/providers/child_common.c b/src/providers/child_common.c index 2ad0f04e3..b98025577 100644 --- a/src/providers/child_common.c +++ b/src/providers/child_common.c @@ -149,9 +149,8 @@ struct tevent_req *read_pipe_send(TALLOC_CTX *mem_ctx, if (req == NULL) return NULL; state->fd = fd; - state->buf = talloc_array(state, uint8_t, MAX_CHILD_MSG_SIZE); + state->buf = NULL; state->len = 0; - if (state->buf == NULL) goto fail; fde = tevent_add_fd(ev, state, fd, TEVENT_FD_READ, read_pipe_handler, req); @@ -176,6 +175,7 @@ static void read_pipe_handler(struct tevent_context *ev, struct read_pipe_state); ssize_t size; errno_t err; + uint8_t buf[CHILD_MSG_CHUNK]; if (flags & TEVENT_FD_WRITE) { DEBUG(1, ("read_pipe_done called with TEVENT_FD_WRITE," @@ -185,8 +185,8 @@ static void read_pipe_handler(struct tevent_context *ev, } size = read(state->fd, - state->buf + state->len, - MAX_CHILD_MSG_SIZE - state->len); + buf, + CHILD_MSG_CHUNK); if (size == -1) { err = errno; if (err == EAGAIN || err == EINTR) { @@ -198,13 +198,17 @@ static void read_pipe_handler(struct tevent_context *ev, return; } else if (size > 0) { - state->len += size; - if (state->len > MAX_CHILD_MSG_SIZE) { - DEBUG(1, ("read to much, this should never happen.\n")); - tevent_req_error(req, EINVAL); + state->buf = talloc_realloc(state, state->buf, uint8_t, + state->len + size); + if(!state->buf) { + tevent_req_error(req, ENOMEM); return; } + safealign_memcpy(&state->buf[state->len], buf, + size, &state->len); + return; + } else if (size == 0) { DEBUG(6, ("EOF received, client finished\n")); tevent_req_done(req); diff --git a/src/providers/child_common.h b/src/providers/child_common.h index a441df3c5..0b2081d2d 100644 --- a/src/providers/child_common.h +++ b/src/providers/child_common.h @@ -33,12 +33,11 @@ #include "util/util.h" #define IN_BUF_SIZE 512 -#define MAX_CHILD_MSG_SIZE 255 +#define CHILD_MSG_CHUNK 256 struct response { - size_t max_size; - size_t size; uint8_t *buf; + size_t size; }; struct io_buffer { diff --git a/src/providers/krb5/krb5_auth.c b/src/providers/krb5/krb5_auth.c index ce3aacd82..880930a15 100644 --- a/src/providers/krb5/krb5_auth.c +++ b/src/providers/krb5/krb5_auth.c @@ -1091,7 +1091,7 @@ static void krb5_child_done(struct tevent_req *req) *msg_len)); if ((p + *msg_len) != len) { - DEBUG(1, ("message format error.\n")); + DEBUG(1, ("message format error [%d] != [%d].\n", p+*msg_len, len)); goto done; } diff --git a/src/providers/krb5/krb5_child.c b/src/providers/krb5/krb5_child.c index 86242ef30..620e4d140 100644 --- a/src/providers/krb5/krb5_child.c +++ b/src/providers/krb5/krb5_child.c @@ -247,27 +247,15 @@ done: return kerr; } -static struct response *init_response(TALLOC_CTX *mem_ctx) { - struct response *r; - r = talloc(mem_ctx, struct response); - r->buf = talloc_size(mem_ctx, MAX_CHILD_MSG_SIZE); - if (r->buf == NULL) { - DEBUG(1, ("talloc_size failed.\n")); - return NULL; - } - r->max_size = MAX_CHILD_MSG_SIZE; - r->size = 0; - - return r; -} - static errno_t pack_response_packet(struct response *resp, int status, int type, size_t len, const uint8_t *data) { size_t p = 0; - if ((3*sizeof(int32_t) + len +1) > resp->max_size) { - DEBUG(1, ("response message too big.\n")); + resp->buf = talloc_array(resp, uint8_t, + 3*sizeof(int32_t) + len); + if (!resp->buf) { + DEBUG(1, ("Insufficient memory to create message.\n")); return ENOMEM; } @@ -293,9 +281,9 @@ static struct response *prepare_response_message(struct krb5_req *kr, size_t user_resp_len; uint8_t *user_resp; - resp = init_response(kr); + resp = talloc_zero(kr, struct response); if (resp == NULL) { - DEBUG(1, ("init_response failed.\n")); + DEBUG(1, ("Initializing response failed.\n")); return NULL; } @@ -321,7 +309,6 @@ static struct response *prepare_response_message(struct krb5_req *kr, talloc_zfree(msg); } } else { - if (user_error_message != NULL) { ret = pack_user_info_chpass_error(kr, user_error_message, &user_resp_len, &user_resp); diff --git a/src/providers/ldap/ldap_child.c b/src/providers/ldap/ldap_child.c index 069fbcfe1..6a78ca012 100644 --- a/src/providers/ldap/ldap_child.c +++ b/src/providers/ldap/ldap_child.c @@ -97,6 +97,11 @@ static int pack_buffer(struct response *r, int result, const char *msg) len = strlen(msg); r->size = 2 * sizeof(uint32_t) + len; + r->buf = talloc_array(r, uint8_t, r->size); + if(!r->buf) { + return ENOMEM; + } + /* result */ SAFEALIGN_SET_UINT32(&r->buf[p], result, &p); @@ -265,12 +270,7 @@ static int prepare_response(TALLOC_CTX *mem_ctx, r = talloc_zero(mem_ctx, struct response); if (!r) return ENOMEM; - r->buf = talloc_size(mem_ctx, MAX_CHILD_MSG_SIZE); - if (r->buf == NULL) { - DEBUG(1, ("talloc_size failed.\n")); - return ENOMEM; - } - r->max_size = MAX_CHILD_MSG_SIZE; + r->buf = NULL; r->size = 0; if (kerr == 0) { |