diff options
| author | Claudio Jeker <claudio@cvs.openbsd.org> | 2007-10-18 09:47:58 +0000 |
|---|---|---|
| committer | Claudio Jeker <claudio@cvs.openbsd.org> | 2007-10-18 09:47:58 +0000 |
| commit | 25835069fa09a6851aa4658d033c5047452b25bb (patch) | |
| tree | b616f93717efebfac21ed9d9d5523d3babfc4e89 /usr.sbin | |
| parent | 4403581f7f9e4bbacd069262b9d848164b8c6537 (diff) | |
Massive cleanup in the authentication code. the simple auth_key and the crypt
keys are not strings so a) use u_int8_t instead of char and b) uses memcpy
to copy the full MAX_SIMPLE_AUTH_LEN resp. MD5_DIGEST_LENGTH bytes around.
The parser needs some special code to ensure that the string is not to long
and if it is shorter then the buffer the rest needs to be zero padded.
Avoid to use strncpy() instead use a bzero(); memcpy() combo.
with and OK deraadt@
Diffstat (limited to 'usr.sbin')
| -rw-r--r-- | usr.sbin/ripd/auth.c | 24 | ||||
| -rw-r--r-- | usr.sbin/ripd/parse.y | 14 | ||||
| -rw-r--r-- | usr.sbin/ripd/ripd.h | 6 | ||||
| -rw-r--r-- | usr.sbin/ripd/ripe.h | 4 |
4 files changed, 25 insertions, 23 deletions
diff --git a/usr.sbin/ripd/auth.c b/usr.sbin/ripd/auth.c index c379cde366f..c429db7e452 100644 --- a/usr.sbin/ripd/auth.c +++ b/usr.sbin/ripd/auth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth.c,v 1.6 2007/10/17 20:36:27 deraadt Exp $ */ +/* $OpenBSD: auth.c,v 1.7 2007/10/18 09:47:57 claudio Exp $ */ /* * Copyright (c) 2006 Michele Marchetto <mydecay@openbeer.it> @@ -152,8 +152,7 @@ auth_validate(char **buf, u_int16_t *len, struct iface *iface, struct nbr *nbr, bzero(auth_data, MD5_DIGEST_LENGTH); /* insert plaintext key */ - bzero(digest, MD5_DIGEST_LENGTH); - strncpy(digest, md->key, MD5_DIGEST_LENGTH); + memcpy(digest, md->key, MD5_DIGEST_LENGTH); /* calculate MD5 digest */ MD5Init(&hash); @@ -246,8 +245,7 @@ auth_add_trailer(struct buf *buf, struct iface *iface) return (-1); } - bzero(digest, MD5_DIGEST_LENGTH); - strncpy(digest, md->key, MD5_DIGEST_LENGTH); + memcpy(digest, md->key, MD5_DIGEST_LENGTH); auth_trailer_header_gen(buf); @@ -261,24 +259,30 @@ auth_add_trailer(struct buf *buf, struct iface *iface) } /* md list */ -void +int md_list_add(struct auth_md_head *head, u_int8_t keyid, char *key) { struct auth_md *md; + if (strlen(key) > MD5_DIGEST_LENGTH) + return (-1); + if ((md = md_list_find(head, keyid)) != NULL) { /* update key */ - strncpy(md->key, key, sizeof(md->key)); - return; + bzero(md->key, sizeof(md->key)); + memcpy(md->key, key, strlen(key)); + return (0); } if ((md = calloc(1, sizeof(struct auth_md))) == NULL) fatalx("md_list_add"); md->keyid = keyid; - strncpy(md->key, key, sizeof(md->key)); + memcpy(md->key, key, strlen(key)); md->seq_modulator = auth_calc_modulator(md); TAILQ_INSERT_TAIL(head, md, entry); + + return (0); } void @@ -293,7 +297,7 @@ md_list_copy(struct auth_md_head *to, struct auth_md_head *from) fatalx("md_list_copy"); md->keyid = m->keyid; - strncpy(md->key, m->key, sizeof(md->key)); + memcpy(md->key, m->key, sizeof(md->key)); md->seq_modulator = m->seq_modulator; TAILQ_INSERT_TAIL(to, md, entry); } diff --git a/usr.sbin/ripd/parse.y b/usr.sbin/ripd/parse.y index ed390909900..651c65e374b 100644 --- a/usr.sbin/ripd/parse.y +++ b/usr.sbin/ripd/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.12 2007/10/16 20:01:23 mpf Exp $ */ +/* $OpenBSD: parse.y,v 1.13 2007/10/18 09:47:57 claudio Exp $ */ /* * Copyright (c) 2006 Michele Marchetto <mydecay@openbeer.it> @@ -74,7 +74,7 @@ int symset(const char *, const char *, int); char *symget(const char *); static struct { - char auth_key[MAX_SIMPLE_AUTH_LEN]; + u_int8_t auth_key[MAX_SIMPLE_AUTH_LEN]; struct auth_md_head md_list; enum auth_type auth_type; u_int8_t auth_keyid; @@ -241,14 +241,12 @@ authmd : AUTHMD NUMBER STRING { free($3); YYERROR; } - if (strlen($3) > MD5_DIGEST_LENGTH) { + if (md_list_add(&defs->md_list, $2, $3) == -1) { yyerror("auth-md key length out of range " - "(max length %d)", - MD5_DIGEST_LENGTH); + "(max length %d)", MD5_DIGEST_LENGTH); free($3); YYERROR; } - md_list_add(&defs->md_list, $2, $3); free($3); } @@ -287,8 +285,8 @@ authkey : AUTHKEY STRING { free($2); YYERROR; } - strncpy(defs->auth_key, $2, - sizeof(defs->auth_key)); + bzero(defs->auth_key, MAX_SIMPLE_AUTH_LEN); + memcpy(defs->auth_key, $2, strlen($2)); free($2); } ; diff --git a/usr.sbin/ripd/ripd.h b/usr.sbin/ripd/ripd.h index a4508133bdb..8571010c28c 100644 --- a/usr.sbin/ripd/ripd.h +++ b/usr.sbin/ripd/ripd.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ripd.h,v 1.7 2007/09/11 18:05:36 claudio Exp $ */ +/* $OpenBSD: ripd.h,v 1.8 2007/10/18 09:47:57 claudio Exp $ */ /* * Copyright (c) 2004 Esben Norby <norby@openbsd.org> @@ -184,7 +184,7 @@ enum iface_type { struct auth_md { TAILQ_ENTRY(auth_md) entry; u_int32_t seq_modulator; - char key[MD5_DIGEST_LENGTH]; + u_int8_t key[MD5_DIGEST_LENGTH]; u_int8_t keyid; }; @@ -205,7 +205,7 @@ struct iface { LIST_HEAD(, nbr) nbr_list; LIST_HEAD(, nbr_failed) failed_nbr_list; char name[IF_NAMESIZE]; - char auth_key[MAX_SIMPLE_AUTH_LEN]; + u_int8_t auth_key[MAX_SIMPLE_AUTH_LEN]; struct in_addr addr; struct in_addr dst; struct in_addr mask; diff --git a/usr.sbin/ripd/ripe.h b/usr.sbin/ripd/ripe.h index 8a7d2c70270..76a3a619b38 100644 --- a/usr.sbin/ripd/ripe.h +++ b/usr.sbin/ripd/ripe.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ripe.h,v 1.6 2007/04/09 20:45:52 michele Exp $ */ +/* $OpenBSD: ripe.h,v 1.7 2007/10/18 09:47:57 claudio Exp $ */ /* * Copyright (c) 2006 Michele Marchetto <mydecay@openbeer.it> @@ -121,7 +121,7 @@ int auth_validate(char **, u_int16_t *, struct iface *, struct nbr *, struct nbr_failed *, u_int32_t *); int auth_gen(struct buf *, struct iface *); int auth_add_trailer(struct buf *, struct iface *); -void md_list_add(struct auth_md_head *, u_int8_t, char *); +int md_list_add(struct auth_md_head *, u_int8_t, char *); void md_list_copy(struct auth_md_head *, struct auth_md_head *); void md_list_clr(struct auth_md_head *); |