Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 72903 Details for
Bug 112554
openldap-2.2.28 has no {CLEARTEXT} password-hash
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch posted to openldap mailing list.
openldap-2.2.28-cleartext_password-hash.patch (text/plain), 1.82 KB, created by
Chandler Carruth
on 2005-11-14 14:21:03 UTC
(
hide
)
Description:
Patch posted to openldap mailing list.
Filename:
MIME Type:
Creator:
Chandler Carruth
Created:
2005-11-14 14:21:03 UTC
Size:
1.82 KB
patch
obsolete
>This is a backport of a fix present in 2.3.8 to the 2.2.28 line. Was >posted to the OpenLDAP mailing list >(http://www.openldap.org/lists/openldap-software/200510/msg00135.html), >but seems to not have worked its way into anything official. I've >editted to more correctly match the syntax of patches in portage. > ><chandlerc@gmail.com> > >--- openldap-2.2.28/libraries/liblutil/passwd.c Tue Oct 11 16:22:46 2005 >+++ openldap-2.2.28.new/libraries/liblutil/passwd.c Tue Oct 11 19:27:24 2005 >@@ -79,6 +79,10 @@ > static char *salt_format = NULL; > #endif > >+/* KLUDGE: >+ * chk_fn is NULL iff name is {CLEARTEXT} >+ * otherwise, things will break >+ */ > struct pw_scheme { > struct berval name; > LUTIL_PASSWD_CHK_FUNC *chk_fn; >@@ -161,7 +165,7 @@ > > #ifdef SLAPD_CLEARTEXT > /* pseudo scheme */ >- { {0, "{CLEARTEXT}"}, NULL, hash_clear }, >+ { BER_BVC("{CLEARTEXT}"), NULL, hash_clear }, > #endif > > { BER_BVNULL, NULL, NULL } >@@ -223,9 +227,7 @@ > bv.bv_val = (char *) scheme; > > for( pws=pw_schemes; pws; pws=pws->next ) { >- if( bv.bv_len != pws->s.name.bv_len ) >- continue; >- if( strncasecmp(bv.bv_val, pws->s.name.bv_val, bv.bv_len ) == 0 ) { >+ if ( ber_bvstrcasecmp(&bv, &pws->s.name ) == 0 ) { > return &(pws->s); > } > } >@@ -317,10 +319,17 @@ > } > > #ifdef SLAPD_CLEARTEXT >+ /* Do we think there is a scheme specifier here that we >+ * didn't recognize? Assume a scheme name is at least 1 character. >+ */ >+ if (( passwd->bv_val[0] == '{' ) && >+ ( strchr( passwd->bv_val, '}' ) > passwd->bv_val+1 )) >+ { >+ return 1; >+ } > if( is_allowed_scheme("{CLEARTEXT}", schemes ) ) { >- return (( passwd->bv_len == cred->bv_len ) && >- ( passwd->bv_val[0] != '{' /*'}'*/ )) >- ? memcmp( passwd->bv_val, cred->bv_val, passwd->bv_len ) >+ return ( passwd->bv_len == cred->bv_len ) ? >+ memcmp( passwd->bv_val, cred->bv_val, passwd->bv_len ) > : 1; > } > #endif
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=72903">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 112554
: 72903 |
72904
