From 80c8a4f94d54b23bce206fdd75ff2648977ce271 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Tue, 23 Mar 2010 16:35:49 -0400 Subject: Allow arbitrary-length PAM messages The PAM standard allows for messages of any length to be returned to the client. We were discarding all messages of length greater than 255. This patch dynamically allocates the message buffers so we can pass the complete message. This resolves https://fedorahosted.org/sssd/ticket/432 --- src/providers/child_common.c | 20 ++++++++++++-------- src/providers/child_common.h | 5 ++--- src/providers/krb5/krb5_auth.c | 2 +- src/providers/krb5/krb5_child.c | 25 ++++++------------------- src/providers/ldap/ldap_child.c | 12 ++++++------ src/sss_client/pam_sss.c | 23 ++++++++++++++++++++--- src/util/user_info_msg.c | 11 ++++++++--- 7 files changed, 55 insertions(+), 43 deletions(-) (limited to 'src') diff --git a/src/providers/child_common.c b/src/providers/child_common.c index 2ad0f04e..b9802557 100644 --- a/src/providers/child_common.c +++ b/src/providers/child_common.c @@ -149,9 +149,8 @@ struct tevent_req *read_pipe_send(TALLOC_CTX *mem_ctx, if (req == NULL) return NULL; state->fd = fd; - state->buf = talloc_array(state, uint8_t, MAX_CHILD_MSG_SIZE); + state->buf = NULL; state->len = 0; - if (state->buf == NULL) goto fail; fde = tevent_add_fd(ev, state, fd, TEVENT_FD_READ, read_pipe_handler, req); @@ -176,6 +175,7 @@ static void read_pipe_handler(struct tevent_context *ev, struct read_pipe_state); ssize_t size; errno_t err; + uint8_t buf[CHILD_MSG_CHUNK]; if (flags & TEVENT_FD_WRITE) { DEBUG(1, ("read_pipe_done called with TEVENT_FD_WRITE," @@ -185,8 +185,8 @@ static void read_pipe_handler(struct tevent_context *ev, } size = read(state->fd, - state->buf + state->len, - MAX_CHILD_MSG_SIZE - state->len); + buf, + CHILD_MSG_CHUNK); if (size == -1) { err = errno; if (err == EAGAIN || err == EINTR) { @@ -198,13 +198,17 @@ static void read_pipe_handler(struct tevent_context *ev, return; } else if (size > 0) { - state->len += size; - if (state->len > MAX_CHILD_MSG_SIZE) { - DEBUG(1, ("read to much, this should never happen.\n")); - tevent_req_error(req, EINVAL); + state->buf = talloc_realloc(state, state->buf, uint8_t, + state->len + size); + if(!state->buf) { + tevent_req_error(req, ENOMEM); return; } + safealign_memcpy(&state->buf[state->len], buf, + size, &state->len); + return; + } else if (size == 0) { DEBUG(6, ("EOF received, client finished\n")); tevent_req_done(req); diff --git a/src/providers/child_common.h b/src/providers/child_common.h index a441df3c..0b2081d2 100644 --- a/src/providers/child_common.h +++ b/src/providers/child_common.h @@ -33,12 +33,11 @@ #include "util/util.h" #define IN_BUF_SIZE 512 -#define MAX_CHILD_MSG_SIZE 255 +#define CHILD_MSG_CHUNK 256 struct response { - size_t max_size; - size_t size; uint8_t *buf; + size_t size; }; struct io_buffer { diff --git a/src/providers/krb5/krb5_auth.c b/src/providers/krb5/krb5_auth.c index ce3aacd8..880930a1 100644 --- a/src/providers/krb5/krb5_auth.c +++ b/src/providers/krb5/krb5_auth.c @@ -1091,7 +1091,7 @@ static void krb5_child_done(struct tevent_req *req) *msg_len)); if ((p + *msg_len) != len) { - DEBUG(1, ("message format error.\n")); + DEBUG(1, ("message format error [%d] != [%d].\n", p+*msg_len, len)); goto done; } diff --git a/src/providers/krb5/krb5_child.c b/src/providers/krb5/krb5_child.c index 86242ef3..620e4d14 100644 --- a/src/providers/krb5/krb5_child.c +++ b/src/providers/krb5/krb5_child.c @@ -247,27 +247,15 @@ done: return kerr; } -static struct response *init_response(TALLOC_CTX *mem_ctx) { - struct response *r; - r = talloc(mem_ctx, struct response); - r->buf = talloc_size(mem_ctx, MAX_CHILD_MSG_SIZE); - if (r->buf == NULL) { - DEBUG(1, ("talloc_size failed.\n")); - return NULL; - } - r->max_size = MAX_CHILD_MSG_SIZE; - r->size = 0; - - return r; -} - static errno_t pack_response_packet(struct response *resp, int status, int type, size_t len, const uint8_t *data) { size_t p = 0; - if ((3*sizeof(int32_t) + len +1) > resp->max_size) { - DEBUG(1, ("response message too big.\n")); + resp->buf = talloc_array(resp, uint8_t, + 3*sizeof(int32_t) + len); + if (!resp->buf) { + DEBUG(1, ("Insufficient memory to create message.\n")); return ENOMEM; } @@ -293,9 +281,9 @@ static struct response *prepare_response_message(struct krb5_req *kr, size_t user_resp_len; uint8_t *user_resp; - resp = init_response(kr); + resp = talloc_zero(kr, struct response); if (resp == NULL) { - DEBUG(1, ("init_response failed.\n")); + DEBUG(1, ("Initializing response failed.\n")); return NULL; } @@ -321,7 +309,6 @@ static struct response *prepare_response_message(struct krb5_req *kr, talloc_zfree(msg); } } else { - if (user_error_message != NULL) { ret = pack_user_info_chpass_error(kr, user_error_message, &user_resp_len, &user_resp); diff --git a/src/providers/ldap/ldap_child.c b/src/providers/ldap/ldap_child.c index 069fbcfe..6a78ca01 100644 --- a/src/providers/ldap/ldap_child.c +++ b/src/providers/ldap/ldap_child.c @@ -97,6 +97,11 @@ static int pack_buffer(struct response *r, int result, const char *msg) len = strlen(msg); r->size = 2 * sizeof(uint32_t) + len; + r->buf = talloc_array(r, uint8_t, r->size); + if(!r->buf) { + return ENOMEM; + } + /* result */ SAFEALIGN_SET_UINT32(&r->buf[p], result, &p); @@ -265,12 +270,7 @@ static int prepare_response(TALLOC_CTX *mem_ctx, r = talloc_zero(mem_ctx, struct response); if (!r) return ENOMEM; - r->buf = talloc_size(mem_ctx, MAX_CHILD_MSG_SIZE); - if (r->buf == NULL) { - DEBUG(1, ("talloc_size failed.\n")); - return ENOMEM; - } - r->max_size = MAX_CHILD_MSG_SIZE; + r->buf = NULL; r->size = 0; if (kerr == 0) { diff --git a/src/sss_client/pam_sss.c b/src/sss_client/pam_sss.c index 07ed4e72..6059dfaa 100644 --- a/src/sss_client/pam_sss.c +++ b/src/sss_client/pam_sss.c @@ -588,7 +588,8 @@ static int user_info_chpass_error(pam_handle_t *pamh, size_t buflen, { int ret; uint32_t msg_len; - char user_msg[256]; + char *user_msg; + size_t bufsize = 0; if (buflen < 2* sizeof(uint32_t)) { D(("User info response data is too short")); @@ -602,19 +603,35 @@ static int user_info_chpass_error(pam_handle_t *pamh, size_t buflen, return PAM_BUF_ERR; } - ret = snprintf(user_msg, sizeof(user_msg), "%s%s%.*s", + bufsize = strlen(_("Password change failed. ")) + 1; + + if (msg_len > 0) { + bufsize += strlen(_("Server message: ")) + msg_len; + } + + user_msg = (char *)malloc(sizeof(char) * bufsize); + if (!user_msg) { + D(("Out of memory.")); + return PAM_SYSTEM_ERR; + } + + ret = snprintf(user_msg, bufsize, "%s%s%.*s", _("Password change failed. "), msg_len > 0 ? _("Server message: ") : "", msg_len, msg_len > 0 ? (char *)(buf + 2 * sizeof(uint32_t)) : "" ); - if (ret < 0 || ret >= sizeof(user_msg)) { + if (ret < 0 || ret > bufsize) { D(("snprintf failed.")); + + free(user_msg); return PAM_SYSTEM_ERR; } ret = do_pam_conversation(pamh, PAM_TEXT_INFO, user_msg, NULL, NULL); + free(user_msg); if (ret != PAM_SUCCESS) { D(("do_pam_conversation failed.")); + return PAM_SYSTEM_ERR; } diff --git a/src/util/user_info_msg.c b/src/util/user_info_msg.c index 547e3bb7..505b03d9 100644 --- a/src/util/user_info_msg.c +++ b/src/util/user_info_msg.c @@ -33,6 +33,7 @@ errno_t pack_user_info_chpass_error(TALLOC_CTX *mem_ctx, uint32_t resp_type = SSS_PAM_USER_INFO_CHPASS_ERROR; size_t err_len; uint8_t *resp; + size_t p; err_len = strlen(user_error_message); *resp_len = 2 * sizeof(uint32_t) + err_len; @@ -42,9 +43,13 @@ errno_t pack_user_info_chpass_error(TALLOC_CTX *mem_ctx, return ENOMEM; } - memcpy(resp, &resp_type, sizeof(uint32_t)); - memcpy(resp + sizeof(uint32_t), &err_len, sizeof(uint32_t)); - memcpy(resp + 2 * sizeof(uint32_t), user_error_message, err_len); + p = 0; + SAFEALIGN_SET_UINT32(&resp[p], resp_type, &p); + SAFEALIGN_SET_UINT32(&resp[p], err_len, &p); + safealign_memcpy(&resp[p], user_error_message, err_len, &p); + if (p != *resp_len) { + DEBUG(0, ("Size mismatch\n")); + } *_resp = resp; return EOK; -- cgit ------------------- tridge@samba.org, December 2004 A more up to date version of this howto can be found in the wiki at http://wiki.samba.org/index.php/Samba4/HOWTO. This is a very basic document on how to setup a simple Samba4 server. This is aimed at developers who are already familiar with Samba3 and wish to participate in Samba4 development. This is not aimed at production use of Samba4. Step 1: download Samba4 ----------------------- There are 2 methods of doing this: method 1: "rsync -avz samba.org::ftp/unpacked/samba4 ." method 2: "svn co svn://svnanon.samba.org/samba/branches/SAMBA_4_0 samba4" both methods will create a directory called "samba4" in the current directory. If you don't have rsync or svn then install one of them. Since only released versions of Samba contain a pregenerated configure script, you will have to generate it by hand: $ cd samba4/source $ ./autogen.sh Note that the above rsync command will give you a checked out svn repository. So if you also have svn you can update it to the latest version at some future date using: $ cd samba4 $ svn up Step 2: compile Samba4 ---------------------- Recommended optional development libraries: - acl and xattr development libraries - gnutls - readline Run this: $ cd samba4/source $ ./configure $ make proto all If you have gcc 3.4 or newer, then substitute "pch" for "proto" to greatly speed up the compile process (about 5x faster). Step 3: install Samba4 ---------------------- Run this as a user who have permission to write to the install directory (defaults to /usr/local/samba). Use --prefix option to configure above to change this. # make install Step 4: provision Samba4 ------------------------ The "provision" step sets up a basic user database. Make sure your smbscript binary is installed in a directory listed in your PATH environment variable. It is presumed it's available just like any other commands from your shell. Must be run as a user with permission to write to the install directory. # cd source # ./setup/provision --realm=YOUR.REALM --domain=YOURDOM --adminpass=SOMEPASSWORD REMINDER: Add the "bin" directory of the path you installed to (e.g. /usr/local/samba/bin) to your path, or the provision command will not work. 'YOURDOM' is the NT4 style domain name. 'YOUR.REALM' is your kerberos realm, which is typically your DNS domain name. Step 5: Create a simple smb.conf -------------------------------- The provisioning will create a very simple smb.conf with no shares by default. You will need to update it to add at least one share. For example: [test] path = /data/test read only = no Step 6: starting Samba4 ----------------------- The simplest is to just run "smbd", but as a developer you may find the following more useful: # smbd -i -M single that means "start smbd without messages in stdout, and running a single process. That mode of operation makes debugging smbd with gdb particularly easy. Note that now it is no longer necessary to have an instance of nmbd from Samba 3 running. If you are running any smbd or nmbd processes they need to be stopped before starting smbd from Samba 4. Make sure you put the bin and sbin directories from your new install in your $PATH. Make sure you run the right version! Step 7: testing Samba4 ---------------------- try these commands: $ smbclient //localhost/test -Uadministrator%SOMEPASSWORD or $ ./script/tests/test_posix.sh //localhost/test administrator SOMEPASSWORD NOTE about filesystem support ----------------------------- To use the advanced features of Samba4 you need a filesystem that supports both the "user" and "system" xattr namespaces. If you run Linux with a 2.6 kernel and ext3 this means you need to include the option "user_xattr" in your /etc/fstab. For example: /dev/hda3 /home ext3 user_xattr 1 1 You also need to compile your kernel with the XATTR and SECURITY options for your filesystem. For ext3 that means you need: CONFIG_EXT3_FS_XATTR=y CONFIG_EXT3_FS_SECURITY=y If you are running a Linux 2.6 kernel with CONFIG_IKCONFIG_PROC defined you can check this with the following command: $ zgrep CONFIG_EXT3_FS /proc/config.gz If you don't have a filesystem with xattr support, then you can simulate it by using the option: posix:eadb = /usr/local/samba/eadb.tdb that will place all extra file attributes (NT ACLs, DOS EAs, streams etc), in that tdb. It is not efficient, and doesn't scale well, but at least it gives you a choice when you don't have a modern filesystem. Testing your filesystem ----------------------- To test your filesystem support, install the 'attr' package and run the following 4 commands as root: # touch test.txt # setfattr -n user.test -v test test.txt # setfattr -n security.test -v test2 test.txt # getfattr -d test.txt # getfattr -n security.test -d test.txt You should see output like this: # file: test.txt user.test="test" # file: test.txt security.test="test2" If you get any "Operation not supported" errors then it means your kernel is not configured correctly, or your filesystem is not mounted with the right options. If you get any "Operation not permitted" errors then it probably means you didn't try the test as root.
generated by cgit (git 2.34.1) at 2026-04-28 08:46:39 +0000