git: 4214775235eb - main - ctld: Reduce code duplication in auth_check_secret_length
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 11 Apr 2025 14:03:55 UTC
The branch main has been updated by jhb: URL: https://cgit.FreeBSD.org/src/commit/?id=4214775235ebc01e0d22da5f09a2e4cff16bfa74 commit 4214775235ebc01e0d22da5f09a2e4cff16bfa74 Author: John Baldwin <jhb@FreeBSD.org> AuthorDate: 2025-04-11 13:59:52 +0000 Commit: John Baldwin <jhb@FreeBSD.org> CommitDate: 2025-04-11 13:59:52 +0000 ctld: Reduce code duplication in auth_check_secret_length Only check a single secret length in the function and call it twice for the CHAP-MUTUAL case. Sponsored by: Chelsio Communications Differential Revision: https://reviews.freebsd.org/D49642 --- usr.sbin/ctld/ctld.cc | 67 ++++++++++++++------------------------------------- 1 file changed, 18 insertions(+), 49 deletions(-) diff --git a/usr.sbin/ctld/ctld.cc b/usr.sbin/ctld/ctld.cc index 03a298146f4a..6cb15283503a 100644 --- a/usr.sbin/ctld/ctld.cc +++ b/usr.sbin/ctld/ctld.cc @@ -182,63 +182,31 @@ auth_find(const struct auth_group *ag, const char *user) } static void -auth_check_secret_length(struct auth *auth) +auth_check_secret_length(const struct auth_group *ag, const char *user, + const char *secret, const char *secret_type) { size_t len; - len = strlen(auth->a_secret); + len = strlen(secret); if (len > 16) { - if (auth->a_auth_group->ag_name != NULL) - log_warnx("secret for user \"%s\", auth-group \"%s\", " + if (ag->ag_name != NULL) + log_warnx("%s for user \"%s\", auth-group \"%s\", " "is too long; it should be at most 16 characters " - "long", auth->a_user, auth->a_auth_group->ag_name); + "long", secret_type, user, ag->ag_name); else - log_warnx("secret for user \"%s\", target \"%s\", " + log_warnx("%s for user \"%s\", target \"%s\", " "is too long; it should be at most 16 characters " - "long", auth->a_user, - auth->a_auth_group->ag_target->t_name); + "long", secret_type, user, ag->ag_target->t_name); } if (len < 12) { - if (auth->a_auth_group->ag_name != NULL) - log_warnx("secret for user \"%s\", auth-group \"%s\", " + if (ag->ag_name != NULL) + log_warnx("%s for user \"%s\", auth-group \"%s\", " "is too short; it should be at least 12 characters " - "long", auth->a_user, - auth->a_auth_group->ag_name); + "long", secret_type, user, ag->ag_name); else - log_warnx("secret for user \"%s\", target \"%s\", " + log_warnx("%s for user \"%s\", target \"%s\", " "is too short; it should be at least 12 characters " - "long", auth->a_user, - auth->a_auth_group->ag_target->t_name); - } - - if (auth->a_mutual_secret != NULL) { - len = strlen(auth->a_mutual_secret); - if (len > 16) { - if (auth->a_auth_group->ag_name != NULL) - log_warnx("mutual secret for user \"%s\", " - "auth-group \"%s\", is too long; it should " - "be at most 16 characters long", - auth->a_user, auth->a_auth_group->ag_name); - else - log_warnx("mutual secret for user \"%s\", " - "target \"%s\", is too long; it should " - "be at most 16 characters long", - auth->a_user, - auth->a_auth_group->ag_target->t_name); - } - if (len < 12) { - if (auth->a_auth_group->ag_name != NULL) - log_warnx("mutual secret for user \"%s\", " - "auth-group \"%s\", is too short; it " - "should be at least 12 characters long", - auth->a_user, auth->a_auth_group->ag_name); - else - log_warnx("mutual secret for user \"%s\", " - "target \"%s\", is too short; it should be " - "at least 12 characters long", - auth->a_user, - auth->a_auth_group->ag_target->t_name); - } + "long", secret_type, user, ag->ag_target->t_name); } } @@ -261,12 +229,12 @@ auth_new_chap(struct auth_group *ag, const char *user, return (false); } + auth_check_secret_length(ag, user, secret, "secret"); + auth = auth_new(ag); auth->a_user = checked_strdup(user); auth->a_secret = checked_strdup(secret); - auth_check_secret_length(auth); - return (true); } @@ -290,14 +258,15 @@ auth_new_chap_mutual(struct auth_group *ag, const char *user, return (false); } + auth_check_secret_length(ag, user, secret, "secret"); + auth_check_secret_length(ag, user, secret2, "mutual secret"); + auth = auth_new(ag); auth->a_user = checked_strdup(user); auth->a_secret = checked_strdup(secret); auth->a_mutual_user = checked_strdup(user2); auth->a_mutual_secret = checked_strdup(secret2); - auth_check_secret_length(auth); - return (true); }