Fix crash due to user->hub deref in acl handling.

This commit is contained in:
Jan Vidar Krey 2009-05-19 16:40:14 +02:00
parent be4ff1d8cc
commit e382e24337
3 changed files with 8 additions and 15 deletions

View File

@ -492,7 +492,7 @@ int acl_check_ip_range(struct ip_addr_encap* addr, struct ip_ban_record* info)
* seconds since the unix epoch (modulus 1 million) * seconds since the unix epoch (modulus 1 million)
* and the SID of the user (0-1 million). * and the SID of the user (0-1 million).
*/ */
const char* password_generate_challenge(struct user* user) const char* acl_password_generate_challenge(struct acl_handle* acl, struct user* user)
{ {
char buf[32]; char buf[32];
uint64_t tiger_res[3]; uint64_t tiger_res[3];
@ -503,15 +503,11 @@ const char* password_generate_challenge(struct user* user)
tiger((uint64_t*) buf, strlen(buf), (uint64_t*) tiger_res); tiger((uint64_t*) buf, strlen(buf), (uint64_t*) tiger_res);
base32_encode((unsigned char*) tiger_res, TIGERSIZE, tiger_buf); base32_encode((unsigned char*) tiger_res, TIGERSIZE, tiger_buf);
tiger_buf[MAX_CID_LEN] = 0; tiger_buf[MAX_CID_LEN] = 0;
#ifdef ACL_DEBUG
hub_log(log_trace, "Generating challenge for user %s: '%s'", user->id.nick, tiger_buf);
#endif
return (const char*) tiger_buf; return (const char*) tiger_buf;
} }
int password_verify(struct user* user, const char* password) int acl_password_verify(struct acl_handle* acl, struct user* user, const char* password)
{ {
char buf[1024]; char buf[1024];
struct user_access_info* access; struct user_access_info* access;
@ -523,14 +519,14 @@ int password_verify(struct user* user, const char* password)
if (!password || !user || strlen(password) != MAX_CID_LEN) if (!password || !user || strlen(password) != MAX_CID_LEN)
return password_invalid; return password_invalid;
access = acl_get_access_info(user->hub->acl, user->id.nick); access = acl_get_access_info(acl, user->id.nick);
if (!access || !access->password) if (!access || !access->password)
return password_invalid; return password_invalid;
if (TIGERSIZE+strlen(access->password) >= 1024) if (TIGERSIZE+strlen(access->password) >= 1024)
return password_invalid; return password_invalid;
challenge = password_generate_challenge(user); challenge = acl_password_generate_challenge(acl, user);
base32_decode(challenge, (unsigned char*) raw_challenge, MAX_CID_LEN); base32_decode(challenge, (unsigned char*) raw_challenge, MAX_CID_LEN);
@ -541,9 +537,6 @@ int password_verify(struct user* user, const char* password)
base32_encode((unsigned char*) tiger_res, TIGERSIZE, password_calc); base32_encode((unsigned char*) tiger_res, TIGERSIZE, password_calc);
password_calc[MAX_CID_LEN] = 0; password_calc[MAX_CID_LEN] = 0;
#ifdef ACL_DEBUG
hub_log(log_trace, "Checking password %s against %s", password, password_calc);
#endif
if (strcasecmp(password, password_calc) == 0) if (strcasecmp(password, password_calc) == 0)
{ {
return password_ok; return password_ok;

View File

@ -87,7 +87,7 @@ extern int acl_is_user_denied(struct acl_handle* handle, const char* name);
extern int acl_check_ip_range(struct ip_addr_encap* addr, struct ip_ban_record* info); extern int acl_check_ip_range(struct ip_addr_encap* addr, struct ip_ban_record* info);
extern const char* password_generate_challenge(struct user* user); extern const char* acl_password_generate_challenge(struct acl_handle* acl, struct user* user);
extern int password_verify(struct user* user, const char* password); extern int acl_password_verify(struct acl_handle* acl, struct user* user, const char* password);
#endif /* HAVE_UHUB_ACL_H */ #endif /* HAVE_UHUB_ACL_H */

View File

@ -166,7 +166,7 @@ int hub_handle_password(struct hub_info* hub, struct user* u, struct adc_message
if (u->state == state_verify) if (u->state == state_verify)
{ {
if (password_verify(u, password)) if (acl_password_verify(hub->acl, u, password))
{ {
on_login_success(hub, u); on_login_success(hub, u);
} }
@ -330,7 +330,7 @@ void hub_send_password_challenge(struct hub_info* hub, struct user* u)
{ {
struct adc_message* igpa; struct adc_message* igpa;
igpa = adc_msg_construct(ADC_CMD_IGPA, 38); igpa = adc_msg_construct(ADC_CMD_IGPA, 38);
adc_msg_add_argument(igpa, password_generate_challenge(u)); adc_msg_add_argument(igpa, acl_password_generate_challenge(hub->acl, u));
user_set_state(u, state_verify); user_set_state(u, state_verify);
route_to_user(hub, u, igpa); route_to_user(hub, u, igpa);
adc_msg_free(igpa); adc_msg_free(igpa);