svn commit: r250690 - stable/9/kerberos5/lib/libgssapi_krb5
Rick Macklem
rmacklem at FreeBSD.org
Thu May 16 00:56:42 UTC 2013
Author: rmacklem
Date: Thu May 16 00:56:41 2013
New Revision: 250690
URL: http://svnweb.freebsd.org/changeset/base/250690
Log:
MFC: r250177
Fix the getpwnam_r() call in the pname_to_uid() kerberos library function so
that it handles the ERANGE error return case. Without this fix, authentication
of users for certain system setups could fail unexpectedly.
Modified:
stable/9/kerberos5/lib/libgssapi_krb5/pname_to_uid.c
Directory Properties:
stable/9/kerberos5/lib/libgssapi_krb5/ (props changed)
Modified: stable/9/kerberos5/lib/libgssapi_krb5/pname_to_uid.c
==============================================================================
--- stable/9/kerberos5/lib/libgssapi_krb5/pname_to_uid.c Thu May 16 00:52:08 2013 (r250689)
+++ stable/9/kerberos5/lib/libgssapi_krb5/pname_to_uid.c Thu May 16 00:56:41 2013 (r250690)
@@ -26,6 +26,7 @@
*/
/* $FreeBSD$ */
+#include <errno.h>
#include <pwd.h>
#include "krb5/gsskrb5_locl.h"
@@ -37,8 +38,12 @@ _gsskrb5_pname_to_uid(OM_uint32 *minor_s
krb5_context context;
krb5_const_principal name = (krb5_const_principal) pname;
krb5_error_code kret;
- char lname[MAXLOGNAME + 1], buf[128];
+ char lname[MAXLOGNAME + 1], buf[1024], *bufp;
struct passwd pwd, *pw;
+ size_t buflen;
+ int error;
+ OM_uint32 ret;
+ static size_t buflen_hint = 1024;
GSSAPI_KRB5_INIT (&context);
@@ -49,11 +54,30 @@ _gsskrb5_pname_to_uid(OM_uint32 *minor_s
}
*minor_status = 0;
- getpwnam_r(lname, &pwd, buf, sizeof(buf), &pw);
+ buflen = buflen_hint;
+ for (;;) {
+ pw = NULL;
+ bufp = buf;
+ if (buflen > sizeof(buf))
+ bufp = malloc(buflen);
+ if (bufp == NULL)
+ break;
+ error = getpwnam_r(lname, &pwd, bufp, buflen, &pw);
+ if (error != ERANGE)
+ break;
+ if (buflen > sizeof(buf))
+ free(bufp);
+ buflen += 1024;
+ if (buflen > buflen_hint)
+ buflen_hint = buflen;
+ }
if (pw) {
*uidp = pw->pw_uid;
- return (GSS_S_COMPLETE);
+ ret = GSS_S_COMPLETE;
} else {
- return (GSS_S_FAILURE);
+ ret = GSS_S_FAILURE;
}
+ if (bufp != NULL && buflen > sizeof(buf))
+ free(bufp);
+ return (ret);
}
More information about the svn-src-stable
mailing list