forked from rpms/openssh
		
	fix parsing logic of ldap.conf file (#1033662)
This commit is contained in:
		
							parent
							
								
									8f439b3006
								
							
						
					
					
						commit
						36a09e37e8
					
				| @ -759,10 +759,9 @@ diff -up openssh-6.2p1/ldapbody.h.ldap openssh-6.2p1/ldapbody.h | ||||
| +
 | ||||
| +#endif /* LDAPBODY_H */
 | ||||
| +
 | ||||
| diff -up openssh-6.2p2/ldapconf.c.ldap openssh-6.2p2/ldapconf.c
 | ||||
| --- openssh-6.2p2/ldapconf.c.ldap	2013-06-07 15:10:05.601942693 +0200
 | ||||
| +++ openssh-6.2p2/ldapconf.c	2013-06-07 15:10:24.928857566 +0200
 | ||||
| @@ -0,0 +1,691 @@
 | ||||
| --- openssh-6.4p1/ldapconf.c.ldap	2013-11-26 10:31:03.513794385 +0100
 | ||||
| +++ openssh-6.4p1/ldapconf.c	2013-11-26 10:38:15.474635149 +0100
 | ||||
| @@ -0,0 +1,720 @@
 | ||||
| +/* $OpenBSD: ldapconf.c,v 1.1 2009/12/03 03:34:42 jfch Exp $ */
 | ||||
| +/*
 | ||||
| + * Copyright (c) 2009 Jan F. Chadima.  All rights reserved.
 | ||||
| @ -886,6 +885,35 @@ diff -up openssh-6.2p2/ldapconf.c.ldap openssh-6.2p2/ldapconf.c | ||||
| +	return lBadOption;
 | ||||
| +}
 | ||||
| +
 | ||||
| +/* Characters considered whitespace in strsep calls. */
 | ||||
| +#define WHITESPACE " \t\r\n"
 | ||||
| +
 | ||||
| +/* return next token in configuration line */
 | ||||
| +static char *
 | ||||
| +ldap_strdelim(char **s)
 | ||||
| +{
 | ||||
| +      char *old;
 | ||||
| +      int wspace = 0;
 | ||||
| +
 | ||||
| +      if (*s == NULL)
 | ||||
| +              return NULL;
 | ||||
| +
 | ||||
| +      old = *s;
 | ||||
| +
 | ||||
| +      *s = strpbrk(*s, WHITESPACE);
 | ||||
| +      if (*s == NULL)
 | ||||
| +              return (old);
 | ||||
| +
 | ||||
| +      *s[0] = '\0';
 | ||||
| +
 | ||||
| +      /* Skip any extra whitespace after first token */
 | ||||
| +      *s += strspn(*s + 1, WHITESPACE) + 1;
 | ||||
| +      if (*s[0] == '=' && !wspace)
 | ||||
| +              *s += strspn(*s + 1, WHITESPACE) + 1;
 | ||||
| +
 | ||||
| +      return (old);
 | ||||
| +}
 | ||||
| +
 | ||||
| +/*
 | ||||
| + * Processes a single option line as used in the configuration files. This
 | ||||
| + * only sets those values that have not already been set.
 | ||||
| @ -909,11 +937,11 @@ diff -up openssh-6.2p2/ldapconf.c.ldap openssh-6.2p2/ldapconf.c | ||||
| +
 | ||||
| +	s = line;
 | ||||
| +	/* Get the keyword. (Each line is supposed to begin with a keyword). */
 | ||||
| +	if ((keyword = strdelim(&s)) == NULL)
 | ||||
| +	if ((keyword = ldap_strdelim(&s)) == NULL)
 | ||||
| +		return 0;
 | ||||
| +	/* Ignore leading whitespace. */
 | ||||
| +	if (*keyword == '\0')
 | ||||
| +		keyword = strdelim(&s);
 | ||||
| +		keyword = ldap_strdelim(&s);
 | ||||
| +	if (keyword == NULL || !*keyword || *keyword == '\n' || *keyword == '#')
 | ||||
| +		return 0;
 | ||||
| +
 | ||||
| @ -949,7 +977,7 @@ diff -up openssh-6.2p2/ldapconf.c.ldap openssh-6.2p2/ldapconf.c | ||||
| +	case lBindPW:
 | ||||
| +		charptr = &options.bindpw;
 | ||||
| +parse_string:
 | ||||
| +		arg = strdelim(&s);
 | ||||
| +		arg = ldap_strdelim(&s);
 | ||||
| +		if (!arg || *arg == '\0')
 | ||||
| +			fatal("%.200s line %d: Missing argument.", filename, linenum);
 | ||||
| +		if (*charptr == NULL)
 | ||||
| @ -962,7 +990,7 @@ diff -up openssh-6.2p2/ldapconf.c.ldap openssh-6.2p2/ldapconf.c | ||||
| +
 | ||||
| +	case lScope:
 | ||||
| +		intptr = &options.scope;
 | ||||
| +		arg = strdelim(&s);
 | ||||
| +		arg = ldap_strdelim(&s);
 | ||||
| +		if (!arg || *arg == '\0')
 | ||||
| +			fatal("%.200s line %d: Missing sub/one/base argument.", filename, linenum);
 | ||||
| +		value = 0;	/* To avoid compiler warning... */
 | ||||
| @ -980,7 +1008,7 @@ diff -up openssh-6.2p2/ldapconf.c.ldap openssh-6.2p2/ldapconf.c | ||||
| +
 | ||||
| +	case lDeref:
 | ||||
| +		intptr = &options.scope;
 | ||||
| +		arg = strdelim(&s);
 | ||||
| +		arg = ldap_strdelim(&s);
 | ||||
| +		if (!arg || *arg == '\0')
 | ||||
| +			fatal("%.200s line %d: Missing never/searching/finding/always argument.", filename, linenum);
 | ||||
| +		value = 0;	/* To avoid compiler warning... */
 | ||||
| @ -1001,7 +1029,7 @@ diff -up openssh-6.2p2/ldapconf.c.ldap openssh-6.2p2/ldapconf.c | ||||
| +	case lPort:
 | ||||
| +		intptr = &options.port;
 | ||||
| +parse_int:
 | ||||
| +		arg = strdelim(&s);
 | ||||
| +		arg = ldap_strdelim(&s);
 | ||||
| +		if (!arg || *arg == '\0')
 | ||||
| +			fatal("%.200s line %d: Missing argument.", filename, linenum);
 | ||||
| +		if (arg[0] < '0' || arg[0] > '9')
 | ||||
| @ -1018,7 +1046,7 @@ diff -up openssh-6.2p2/ldapconf.c.ldap openssh-6.2p2/ldapconf.c | ||||
| +	case lTimeLimit:
 | ||||
| +		intptr = &options.timelimit;
 | ||||
| +parse_time:
 | ||||
| +		arg = strdelim(&s);
 | ||||
| +		arg = ldap_strdelim(&s);
 | ||||
| +		if (!arg || *arg == '\0')
 | ||||
| +			fatal("%s line %d: missing time value.",
 | ||||
| +			    filename, linenum);
 | ||||
| @ -1039,7 +1067,7 @@ diff -up openssh-6.2p2/ldapconf.c.ldap openssh-6.2p2/ldapconf.c | ||||
| +
 | ||||
| +	case lBind_Policy:
 | ||||
| +		intptr = &options.bind_policy;
 | ||||
| +		arg = strdelim(&s);
 | ||||
| +		arg = ldap_strdelim(&s);
 | ||||
| +		if (!arg || *arg == '\0')
 | ||||
| +			fatal("%.200s line %d: Missing soft/hard argument.", filename, linenum);
 | ||||
| +		value = 0;	/* To avoid compiler warning... */
 | ||||
| @ -1058,7 +1086,7 @@ diff -up openssh-6.2p2/ldapconf.c.ldap openssh-6.2p2/ldapconf.c | ||||
| +
 | ||||
| +	case lSSL:
 | ||||
| +		intptr = &options.ssl;
 | ||||
| +		arg = strdelim(&s);
 | ||||
| +		arg = ldap_strdelim(&s);
 | ||||
| +		if (!arg || *arg == '\0')
 | ||||
| +			fatal("%.200s line %d: Missing yes/no/start_tls argument.", filename, linenum);
 | ||||
| +		value = 0;	/* To avoid compiler warning... */
 | ||||
| @ -1077,7 +1105,7 @@ diff -up openssh-6.2p2/ldapconf.c.ldap openssh-6.2p2/ldapconf.c | ||||
| +	case lReferrals:
 | ||||
| +		intptr = &options.referrals;
 | ||||
| +parse_flag:
 | ||||
| +		arg = strdelim(&s);
 | ||||
| +		arg = ldap_strdelim(&s);
 | ||||
| +		if (!arg || *arg == '\0')
 | ||||
| +			fatal("%.200s line %d: Missing yes/no argument.", filename, linenum);
 | ||||
| +		value = 0;	/* To avoid compiler warning... */
 | ||||
| @ -1097,7 +1125,7 @@ diff -up openssh-6.2p2/ldapconf.c.ldap openssh-6.2p2/ldapconf.c | ||||
| +
 | ||||
| +	case lTLS_CheckPeer:
 | ||||
| +		intptr = &options.tls_checkpeer;
 | ||||
| +		arg = strdelim(&s);
 | ||||
| +		arg = ldap_strdelim(&s);
 | ||||
| +		if (!arg || *arg == '\0')
 | ||||
| +			fatal("%.200s line %d: Missing never/hard/demand/alow/try argument.", filename, linenum);
 | ||||
| +		value = 0;	/* To avoid compiler warning... */
 | ||||
| @ -1171,7 +1199,7 @@ diff -up openssh-6.2p2/ldapconf.c.ldap openssh-6.2p2/ldapconf.c | ||||
| +	}
 | ||||
| +
 | ||||
| +	/* Check that there is no garbage at end of line. */
 | ||||
| +	if ((arg = strdelim(&s)) != NULL && *arg != '\0') {
 | ||||
| +	if ((arg = ldap_strdelim(&s)) != NULL && *arg != '\0') {
 | ||||
| +		fatal("%.200s line %d: garbage at end of line; \"%.200s\".",
 | ||||
| +		    filename, linenum, arg);
 | ||||
| +	}
 | ||||
|  | ||||
		Loading…
	
		Reference in New Issue
	
	Block a user