From e382e24337bd4306c0fc255ccd8c61606005785a Mon Sep 17 00:00:00 2001 From: Jan Vidar Krey Date: Tue, 19 May 2009 16:40:14 +0200 Subject: [PATCH] Fix crash due to user->hub deref in acl handling. --- src/auth.c | 15 ++++----------- src/auth.h | 4 ++-- src/hub.c | 4 ++-- 3 files changed, 8 insertions(+), 15 deletions(-) diff --git a/src/auth.c b/src/auth.c index 9d83aa7..3437600 100644 --- a/src/auth.c +++ b/src/auth.c @@ -492,7 +492,7 @@ int acl_check_ip_range(struct ip_addr_encap* addr, struct ip_ban_record* info) * seconds since the unix epoch (modulus 1 million) * and the SID of the user (0-1 million). */ -const char* password_generate_challenge(struct user* user) +const char* acl_password_generate_challenge(struct acl_handle* acl, struct user* user) { char buf[32]; uint64_t tiger_res[3]; @@ -503,15 +503,11 @@ const char* password_generate_challenge(struct user* user) tiger((uint64_t*) buf, strlen(buf), (uint64_t*) tiger_res); base32_encode((unsigned char*) tiger_res, TIGERSIZE, tiger_buf); tiger_buf[MAX_CID_LEN] = 0; - -#ifdef ACL_DEBUG - hub_log(log_trace, "Generating challenge for user %s: '%s'", user->id.nick, tiger_buf); -#endif return (const char*) tiger_buf; } -int password_verify(struct user* user, const char* password) +int acl_password_verify(struct acl_handle* acl, struct user* user, const char* password) { char buf[1024]; struct user_access_info* access; @@ -523,14 +519,14 @@ int password_verify(struct user* user, const char* password) if (!password || !user || strlen(password) != MAX_CID_LEN) return password_invalid; - access = acl_get_access_info(user->hub->acl, user->id.nick); + access = acl_get_access_info(acl, user->id.nick); if (!access || !access->password) return password_invalid; if (TIGERSIZE+strlen(access->password) >= 1024) return password_invalid; - challenge = password_generate_challenge(user); + challenge = acl_password_generate_challenge(acl, user); base32_decode(challenge, (unsigned char*) raw_challenge, MAX_CID_LEN); @@ -541,9 +537,6 @@ int password_verify(struct user* user, const char* password) base32_encode((unsigned char*) tiger_res, TIGERSIZE, password_calc); password_calc[MAX_CID_LEN] = 0; -#ifdef ACL_DEBUG - hub_log(log_trace, "Checking password %s against %s", password, password_calc); -#endif if (strcasecmp(password, password_calc) == 0) { return password_ok; diff --git a/src/auth.h b/src/auth.h index 4fe96b5..d6fe506 100644 --- a/src/auth.h +++ b/src/auth.h @@ -87,7 +87,7 @@ extern int acl_is_user_denied(struct acl_handle* handle, const char* name); extern int acl_check_ip_range(struct ip_addr_encap* addr, struct ip_ban_record* info); -extern const char* password_generate_challenge(struct user* user); -extern int password_verify(struct user* user, const char* password); +extern const char* acl_password_generate_challenge(struct acl_handle* acl, struct user* user); +extern int acl_password_verify(struct acl_handle* acl, struct user* user, const char* password); #endif /* HAVE_UHUB_ACL_H */ diff --git a/src/hub.c b/src/hub.c index b7dc6b9..ce03de7 100644 --- a/src/hub.c +++ b/src/hub.c @@ -166,7 +166,7 @@ int hub_handle_password(struct hub_info* hub, struct user* u, struct adc_message if (u->state == state_verify) { - if (password_verify(u, password)) + if (acl_password_verify(hub->acl, u, password)) { on_login_success(hub, u); } @@ -330,7 +330,7 @@ void hub_send_password_challenge(struct hub_info* hub, struct user* u) { struct adc_message* igpa; igpa = adc_msg_construct(ADC_CMD_IGPA, 38); - adc_msg_add_argument(igpa, password_generate_challenge(u)); + adc_msg_add_argument(igpa, acl_password_generate_challenge(hub->acl, u)); user_set_state(u, state_verify); route_to_user(hub, u, igpa); adc_msg_free(igpa);