[pubcookie-dev] CVS update: willey;
webiso/pubcookie/src verify_fork.c,1.8,1.9
willey at washington.edu
willey at washington.edu
Fri Jun 10 10:42:05 PDT 2005
Update of /usr/local/cvsroot/webiso/pubcookie/src
In directory webiso-cvs.cac.washington.edu:/var/tmp/cvs-serv8347
Modified Files:
verify_fork.c
Log Message:
patch to not pass args on command line, from David Houlder @ Australian National University
Index: webiso/pubcookie/src/verify_fork.c
diff -c webiso/pubcookie/src/verify_fork.c:1.8 webiso/pubcookie/src/verify_fork.c:1.9
*** webiso/pubcookie/src/verify_fork.c:1.8 Wed May 18 14:38:53 2005
--- webiso/pubcookie/src/verify_fork.c Fri Jun 10 10:42:03 2005
***************
*** 17,38 ****
*/
/** @file verify_fork.c
* Verifier that forks something and uses it to authenticate
*
! * A verifier which launches another application with 2
! * arguements, userid and password. The called program will then
! * set a non-zero exit code if authentication fails. The called program will
! * exit with 0 status if all is OK.
*
* To use verify_fork:
* a) In your config: 'basic_verifier: verify_fork'
! * b) The application to run is specified by a parameter called "fork_exe",
* for example:
! * fork_exe: /usr/local/pubcookie/runme.pl
*
* From Tim Funk <funkman at joedog.org> 18-Sept-2003
*
! * $Id: verify_fork.c,v 1.8 2005/05/18 21:38:53 willey Exp $
*/
#ifdef HAVE_CONFIG_H
--- 17,51 ----
*/
/** @file verify_fork.c
+
* Verifier that forks something and uses it to authenticate
*
! * A verifier which launches another program which must read 4 string
! * arguments - userid, password, service and realm - from stdin. Each
! * string is terminated by a null character, \0. The called program
! * must then return a non-zero exit code if authentication fails. The
! * called program must exit with 0 status if all is OK.
!
*
* To use verify_fork:
* a) In your config: 'basic_verifier: verify_fork'
! * b) The application to run is specified by a parameter called "verify_exe",
* for example:
! * verify_exe: /usr/local/pubcookie/readauth.py
*
+ * ...where readauth.py could be:
+ * #!/usr/bin/env python
+ * import sys
+ * import myauth
+ * user, pass, serv, realm=sys.stdin.read().split('\0')
+ * status=myauth.lookup(username, password, serv, realm)
+ * sys.exit(status)
+ *
* From Tim Funk <funkman at joedog.org> 18-Sept-2003
+ * Modified 4-April-2005: Fixed security issue - read user and
+ * password from stdin rather passing as args. david.houlder at anu.edu.au
*
! * $Id: verify_fork.c,v 1.9 2005/06/10 17:42:03 willey Exp $
*/
#ifdef HAVE_CONFIG_H
***************
*** 70,83 ****
pid_t pid;
int status, died;
char *fork_exe;
if (errstr)
*errstr = NULL;
if (creds)
*creds = NULL;
pbc_log_activity (p, PBC_LOG_DEBUG_OUTPUT, "verify_fork: enter");
! fork_exe = (char *) libpbc_config_getstring (p, "fork_exe", NULL);
pbc_log_activity (p, PBC_LOG_DEBUG_VERBOSE,
! "verify_fork: fork_exe=%s", fork_exe);
if (!userid) {
*errstr = "no userid to verify";
return -1;
--- 83,98 ----
pid_t pid;
int status, died;
char *fork_exe;
+ int stdin_pipe[2];
+
if (errstr)
*errstr = NULL;
if (creds)
*creds = NULL;
pbc_log_activity (p, PBC_LOG_DEBUG_OUTPUT, "verify_fork: enter");
! fork_exe = (char *) libpbc_config_getstring (p, "verify_exe", "");
pbc_log_activity (p, PBC_LOG_DEBUG_VERBOSE,
! "verify_fork: verify_exe=%s", fork_exe);
if (!userid) {
*errstr = "no userid to verify";
return -1;
***************
*** 86,93 ****
--- 101,118 ----
*errstr = "no password to verify";
return -1;
}
+ if (!service)
+ service = "";
+ if (!user_realm)
+ user_realm = "";
+
+ if (-1 == pipe (stdin_pipe)) {
+ *errstr = "could not create pipe to child process";
+ return -1;
+ }
pbc_log_activity (p, PBC_LOG_DEBUG_OUTPUT,
"verify_fork: about to fork");
+
switch (pid = fork ()) {
case -1:
pbc_log_activity (p, PBC_LOG_ERROR, "verify_fork: Couldn't fork");
***************
*** 96,110 ****
case 0:
pbc_log_activity (p, PBC_LOG_DEBUG_OUTPUT,
"verify_fork: about to execl");
! execl (fork_exe, fork_exe, userid, passwd, NULL);
!
! /* Should not occur since execl doesn't return */
! pbc_log_activity (p, PBC_LOG_ERROR,
! "verify_fork: can't exec, errno=%d", errno);
exit (-1);
default:
pbc_log_activity (p, PBC_LOG_DEBUG_OUTPUT,
"verify_fork: about to wait");
if (-1 == waitpid (pid, &status, 0)) {
pbc_log_activity (p, PBC_LOG_ERROR,
"verify_fork: Wait for child failed");
--- 121,154 ----
case 0:
pbc_log_activity (p, PBC_LOG_DEBUG_OUTPUT,
"verify_fork: about to execl");
! close (0);
! if (0 == dup (stdin_pipe[0]) &&
! 0 == close (stdin_pipe[0]) && 0 == close (stdin_pipe[1])) {
! execl (fork_exe, fork_exe, NULL);
!
! /* Should not occur since execl doesn't return */
! pbc_log_activity (p, PBC_LOG_ERROR,
! "verify_fork: can't exec, errno=%d", errno);
! } else
! pbc_log_activity (p, PBC_LOG_ERROR,
! "verify_fork: can't set up pipe, errno=%d",
! errno);
exit (-1);
default:
pbc_log_activity (p, PBC_LOG_DEBUG_OUTPUT,
"verify_fork: about to wait");
+ close (stdin_pipe[0]);
+ /* write strlen()+1 to write the \0. O_NONBLOCK is clear so we
+ get either a full write or -1 returned */
+ if (-1 == write (stdin_pipe[1], userid, strlen (userid) + 1) ||
+ -1 == write (stdin_pipe[1], passwd, strlen (passwd) + 1) ||
+ -1 == write (stdin_pipe[1], service, strlen (service) + 1) ||
+ -1 == write (stdin_pipe[1], user_realm,
+ strlen (user_realm) + 1))
+ pbc_log_activity (p, PBC_LOG_ERROR,
+ "verify_fork: Write to child failed, errno=%d",
+ errno);
+ close (stdin_pipe[1]);
if (-1 == waitpid (pid, &status, 0)) {
pbc_log_activity (p, PBC_LOG_ERROR,
"verify_fork: Wait for child failed");
end of message
More information about the pubcookie-dev
mailing list