/[smeserver]/rpms/qpsmtpd/sme9/qpsmtpd-0.84-deny_login_with_null.patch
ViewVC logotype

Annotation of /rpms/qpsmtpd/sme9/qpsmtpd-0.84-deny_login_with_null.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (hide annotations) (download)
Wed Jan 6 16:08:58 2016 UTC (8 years, 10 months ago) by vip-ire
Branch: MAIN
CVS Tags: qpsmtpd-0_96-5_el6_sme, qpsmtpd-0_84-16_el6_sme, qpsmtpd-0_96-1_el6_sme, qpsmtpd-0_96-6_el6_sme, qpsmtpd-0_96-8_el6_sme, qpsmtpd-0_96-7_el6_sme, qpsmtpd-0_96-2_el6_sme, qpsmtpd-0_96-4_el6_sme, qpsmtpd-0_96-3_el6_sme, qpsmtpd-0_96-10_el6_sme, qpsmtpd-0_96-11_el6_sme, qpsmtpd-0_84-17_el6_sme, qpsmtpd-0_84-18_el6_sme, qpsmtpd-0_96-9_el6_sme, HEAD
* Wed Jan 6 2016 Daniel Berteaud <daniel@firewall-services.com> 0.84-17.sme
- Corerctly log login attempts with nulls in login name [SME: 9167]

1 vip-ire 1.1 diff -Nur qpsmtpd-0.84_bz9167/plugins/auth/auth_cvm_unix_local qpsmtpd-0.84/plugins/auth/auth_cvm_unix_local
2     --- qpsmtpd-0.84_bz9167/plugins/auth/auth_cvm_unix_local 2009-04-03 07:48:33.000000000 +0200
3     +++ qpsmtpd-0.84/plugins/auth/auth_cvm_unix_local 2016-01-06 17:06:18.782453739 +0100
4     @@ -85,6 +85,11 @@
5    
6     $self->log(LOGINFO, "authcvm/$method authentication attempt for: $user");
7    
8     + if ($user =~ /\x00/) {
9     + $self->log(LOGERROR, "deny: invalid username");
10     + return (DENY, "authcvm, invalid username");
11     + };
12     +
13     socket(SOCK, PF_UNIX, SOCK_STREAM, 0)
14     or return (DENY, "authcvm/$method");
15    

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed