andykimpe / rpms / 389-ds-base

Forked from rpms/389-ds-base 5 months ago
Clone

Blame SOURCES/0063-Ticket-47614-Possible-to-specify-invalid-SASL-mechan.patch

cc3dff
From 58b738e455355344acbfcac556600b2e19ade1a3 Mon Sep 17 00:00:00 2001
cc3dff
From: Mark Reynolds <mreynolds@redhat.com>
cc3dff
Date: Mon, 2 Dec 2013 17:13:55 -0500
cc3dff
Subject: [PATCH 63/65] Ticket 47614 - Possible to specify invalid SASL
cc3dff
 mechanism in nsslapd-allowed-sasl-mechanisms
cc3dff
cc3dff
Bug Description:  Invalid values could be specified in the allowed sasl mechanisms configuration
cc3dff
                  attribute.  These values are directly passed to the sasl library.
cc3dff
cc3dff
Fix Description:  Follow RFR 4422, only allow upto 20 characters that are ASCII upper-case letters,
cc3dff
                  digits, hyphens, or underscores.
cc3dff
cc3dff
https://fedorahosted.org/389/ticket/47614
cc3dff
cc3dff
Reviewed by: richm(Thanks!)
cc3dff
(cherry picked from commit 7e8a5fc7183f7c08212bfb746ea8c5ceedee0132)
cc3dff
(cherry picked from commit f00321f892545d59e07c1a944936153660640e47)
cc3dff
---
cc3dff
 ldap/servers/slapd/libglobs.c | 60 +++++++++++++++++++++++++++++++++++++++++++
cc3dff
 1 file changed, 60 insertions(+)
cc3dff
cc3dff
diff --git a/ldap/servers/slapd/libglobs.c b/ldap/servers/slapd/libglobs.c
cc3dff
index b925a2c..a763135 100644
cc3dff
--- a/ldap/servers/slapd/libglobs.c
cc3dff
+++ b/ldap/servers/slapd/libglobs.c
cc3dff
@@ -126,6 +126,7 @@ static int config_set_onoff( const char *attrname, char *value,
cc3dff
 static int config_set_schemareplace ( const char *attrname, char *value,
cc3dff
 		char *errorbuf, int apply );
cc3dff
 static void remove_commas(char *str);
cc3dff
+static int invalid_sasl_mech(char *str);
cc3dff
 
cc3dff
 /* Keeping the initial values */
cc3dff
 /* CONFIG_INT/CONFIG_LONG */
cc3dff
@@ -6768,6 +6769,13 @@ config_set_allowed_sasl_mechs(const char *attrname, char *value, char *errorbuf,
cc3dff
     /* cyrus sasl doesn't like comma separated lists */
cc3dff
     remove_commas(value);
cc3dff
 
cc3dff
+    if(invalid_sasl_mech(value)){
cc3dff
+        LDAPDebug(LDAP_DEBUG_ANY,"Invalid value/character for sasl mechanism (%s).  Use ASCII "
cc3dff
+                                 "characters, upto 20 characters, that are upper-case letters, "
cc3dff
+                                 "digits, hyphens, or underscores\n", value, 0, 0);
cc3dff
+        return LDAP_UNWILLING_TO_PERFORM;
cc3dff
+    }
cc3dff
+
cc3dff
     CFG_LOCK_WRITE(slapdFrontendConfig);
cc3dff
     slapdFrontendConfig->allowed_sasl_mechs = slapi_ch_strdup(value);
cc3dff
     CFG_UNLOCK_WRITE(slapdFrontendConfig);
cc3dff
@@ -7452,3 +7460,55 @@ remove_commas(char *str)
cc3dff
         }
cc3dff
     }
cc3dff
 }
cc3dff
+
cc3dff
+/*
cc3dff
+ * Check the SASL mechanism values
cc3dff
+ *
cc3dff
+ * As per RFC 4422:
cc3dff
+ * SASL mechanisms are named by character strings, from 1 to 20
cc3dff
+ * characters in length, consisting of ASCII [ASCII] uppercase letters,
cc3dff
+ * digits, hyphens, and/or underscores.
cc3dff
+ */
cc3dff
+static int
cc3dff
+invalid_sasl_mech(char *str)
cc3dff
+{
cc3dff
+    char *mech = NULL, *token = NULL, *next = NULL;
cc3dff
+    int i;
cc3dff
+
cc3dff
+    if(str == NULL){
cc3dff
+        return 0;
cc3dff
+    }
cc3dff
+
cc3dff
+    /*
cc3dff
+     * Check the length for each mechanism
cc3dff
+     */
cc3dff
+    token = slapi_ch_strdup(str);
cc3dff
+    for (mech = ldap_utf8strtok_r(token, " ", &next;; mech;
cc3dff
+         mech = ldap_utf8strtok_r(NULL, " ", &next))
cc3dff
+    {
cc3dff
+        if(strlen(mech) == 0 || strlen(mech) > 20){
cc3dff
+            /* invalid length */
cc3dff
+            slapi_ch_free_string(&token);
cc3dff
+            return 1;
cc3dff
+        }
cc3dff
+    }
cc3dff
+    slapi_ch_free_string(&token);
cc3dff
+
cc3dff
+    /*
cc3dff
+     * Check the individual characters
cc3dff
+     */
cc3dff
+    for (i = 0; str[i]; i++){
cc3dff
+        if ( ((int)str[i] < 48 || (int)str[i] > 57) && /* not a digit */
cc3dff
+             ((int)str[i] < 65 || (int)str[i] > 90) && /* not upper case */
cc3dff
+             (int)str[i] != 32 && /* not a space (between mechanisms) */
cc3dff
+             (int)str[i] != 45 && /* not a hyphen */
cc3dff
+             (int)str[i] != 95 ) /* not an underscore */
cc3dff
+        {
cc3dff
+            /* invalid character */
cc3dff
+            return 1;
cc3dff
+        }
cc3dff
+    }
cc3dff
+
cc3dff
+    /* Mechanism value is valid */
cc3dff
+    return 0;
cc3dff
+}
cc3dff
-- 
cc3dff
1.8.1.4
cc3dff