]>
Commit | Line | Data |
---|---|---|
bd7926b2 JB |
1 | diff -urN anubis-3.6.2/src/auth.c anubis-3.6.2-fix/src/auth.c |
2 | --- anubis-3.6.2/src/auth.c Wed Dec 4 22:43:34 2002 | |
3 | +++ anubis-3.6.2-fix/src/auth.c Wed Feb 25 20:29:40 2004 | |
4 | @@ -42,6 +42,66 @@ | |
5 | IDENT protocol support | |
6 | ************************/ | |
7 | ||
8 | +#define USERNAME_C "USERID :" | |
9 | + | |
10 | +/* If the reply matches sscanf expression | |
11 | + | |
12 | + "%*[^:]: USERID :%*[^:]:%s" | |
13 | + | |
14 | + and the length of "%s" part does not exceed size-1 bytes, | |
15 | + copies this part to USERNAME and returns 0. Otherwise, | |
16 | + returns 1 */ | |
17 | + | |
18 | +static int | |
19 | +ident_extract_username(char *reply, char *username, size_t size) | |
20 | +{ | |
21 | + char *p; | |
22 | + | |
23 | + p = strchr (reply, ':'); | |
24 | + if (!p) | |
25 | + return 1; | |
26 | + if (p[1] != ' ' | |
27 | + || strncmp (p + 2, USERNAME_C, sizeof (USERNAME_C) - 1)) | |
28 | + return 1; | |
29 | + p += 2 + sizeof (USERNAME_C) - 1; | |
30 | + p = strchr (p, ':'); | |
31 | + if (!p) | |
32 | + return 1; | |
33 | + p++; | |
34 | + if (strlen (p) >= size) | |
35 | + return 1; | |
36 | + strcpy(username, p); | |
37 | + return 0; | |
38 | +} | |
39 | + | |
40 | +/* If the reply matches sscanf expression | |
41 | + | |
42 | + "%*[^ ] %*[^ ] %*[^ ] %*[^ ] %*[^ ] %s" | |
43 | + | |
44 | + and the length of "%s" part does not exceed size-1 bytes, | |
45 | + copies this part to USERNAME and returns 0. Otherwise, | |
46 | + returns 1 */ | |
47 | + | |
48 | +static int | |
49 | +crypt_extract_username(char *reply, char *username, size_t size) | |
50 | +{ | |
51 | + int i; | |
52 | + char *p = reply; | |
53 | +#define skip_word(c) while (*c && (*c) != ' ') c++ | |
54 | + | |
55 | + /* Skip five words */ | |
56 | + for (i = 0; i < 5; i++) { | |
57 | + skip_word(p); | |
58 | + if (!*p++) | |
59 | + return 1; | |
60 | + } | |
61 | + | |
62 | + if (strlen (p) >= size) | |
63 | + return 1; | |
64 | + strcpy(username, p); | |
65 | + return 0; | |
66 | +} | |
67 | + | |
68 | int | |
69 | auth_ident(struct sockaddr_in *addr, char *user, int size) | |
70 | { | |
71 | @@ -51,7 +111,8 @@ | |
72 | int sd = 0; | |
73 | ||
74 | if ((sd = socket(AF_INET, SOCK_STREAM, 0)) < 0) { | |
75 | - anubis_error(SOFT, _("IDENT: socket() failed: %s."), strerror(errno)); | |
76 | + anubis_error(SOFT, _("IDENT: socket() failed: %s."), | |
77 | + strerror(errno)); | |
78 | return 0; | |
79 | } | |
80 | memcpy(&ident, addr, sizeof(ident)); | |
81 | @@ -69,11 +130,7 @@ | |
82 | info(VERBOSE, _("IDENT: connected to %s:%u"), | |
83 | inet_ntoa(ident.sin_addr), ntohs(ident.sin_port)); | |
84 | ||
85 | - #ifdef HAVE_SNPRINTF | |
86 | snprintf(buf, LINEBUFFER, | |
87 | - #else | |
88 | - sprintf(buf, | |
89 | - #endif /* HAVE_SNPRINTF */ | |
90 | "%u , %u"CRLF, ntohs(addr->sin_port), session.tunnel_port); | |
91 | ||
92 | if (send(sd, buf, strlen(buf), 0) == -1) { | |
93 | @@ -89,7 +146,8 @@ | |
94 | close_socket(sd); | |
95 | memset(user, 0, size); | |
96 | ||
97 | - if (sscanf(buf, "%*[^:]: USERID :%*[^:]:%s", user) != 1) { | |
98 | + remcrlf (buf); | |
99 | + if (ident_extract_username(buf, user, size)) { | |
100 | info(VERBOSE, _("IDENT: incorrect data.")); | |
101 | return 0; | |
102 | } | |
103 | @@ -105,7 +163,8 @@ | |
104 | if (rs == -1) | |
105 | return 0; | |
106 | ||
107 | - if (sscanf(buf, "%*[^ ] %*[^ ] %*[^ ] %*[^ ] %*[^ ] %s", user) != 1) { | |
108 | + remcrlf (buf); | |
109 | + if (crypt_extract_username(buf, user, size)) { | |
110 | info(VERBOSE, _("IDENT: incorrect data (DES deciphered).")); | |
111 | return 0; | |
112 | } | |
113 | diff -urN anubis-3.6.2/src/errs.c anubis-3.6.2-fix/src/errs.c | |
114 | --- anubis-3.6.2/src/errs.c Wed Dec 4 22:42:02 2002 | |
115 | +++ anubis-3.6.2-fix/src/errs.c Wed Feb 25 20:33:49 2004 | |
116 | @@ -51,7 +51,7 @@ | |
117 | if (options.slogfile) | |
118 | filelog(options.slogfile, txt); | |
119 | else | |
120 | - syslog(LOG_ERR | LOG_MAIL, txt); | |
121 | + syslog(LOG_ERR | LOG_MAIL, "%s", txt); | |
122 | ||
123 | if (options.ulogfile && options.uloglevel >= FAILS) | |
124 | filelog(options.ulogfile, txt); | |
125 | diff -urN anubis-3.6.2/src/log.c anubis-3.6.2-fix/src/log.c | |
126 | --- anubis-3.6.2/src/log.c Wed Dec 4 22:42:26 2002 | |
127 | +++ anubis-3.6.2-fix/src/log.c Wed Feb 25 20:32:30 2004 | |
128 | @@ -70,7 +70,7 @@ | |
129 | if (options.slogfile) | |
130 | filelog(options.slogfile, txt); | |
131 | else | |
132 | - syslog(LOG_INFO | LOG_MAIL, txt); | |
133 | + syslog(LOG_INFO | LOG_MAIL, "%s", txt); | |
134 | ||
135 | if (options.ulogfile && options.uloglevel >= ALL) | |
136 | filelog(options.ulogfile, txt); | |
137 | diff -urN anubis-3.6.2/src/ssl.c anubis-3.6.2-fix/src/ssl.c | |
138 | --- anubis-3.6.2/src/ssl.c Wed Dec 4 22:40:45 2002 | |
139 | +++ anubis-3.6.2-fix/src/ssl.c Wed Feb 25 20:33:28 2004 | |
140 | @@ -64,7 +64,7 @@ | |
141 | if (options.termlevel != SILENT) { | |
142 | #ifdef HAVE_SYSLOG | |
143 | if ((topt & T_DAEMON) && !(topt & T_FOREGROUND)) | |
144 | - syslog(LOG_ERR | LOG_MAIL, string_error); | |
145 | + syslog(LOG_ERR | LOG_MAIL, "%s", string_error); | |
146 | else | |
147 | #endif /* HAVE_SYSLOG */ | |
148 | mprintf(">>%s", string_error); |