/[smeserver]/rpms/qpsmtpd/sme9/qpsmtpd-0.84-deny_login_with_null.patch
ViewVC logotype

Contents of /rpms/qpsmtpd/sme9/qpsmtpd-0.84-deny_login_with_null.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph

Revision 1.1 - (show annotations) (download)
Wed Jan 6 16:08:58 2016 UTC (8 years, 4 months ago) by vip-ire
Branch: MAIN
CVS Tags: qpsmtpd-0_96-5_el6_sme, qpsmtpd-0_84-16_el6_sme, qpsmtpd-0_96-1_el6_sme, qpsmtpd-0_96-6_el6_sme, qpsmtpd-0_96-8_el6_sme, qpsmtpd-0_96-7_el6_sme, qpsmtpd-0_96-2_el6_sme, qpsmtpd-0_96-4_el6_sme, qpsmtpd-0_96-3_el6_sme, qpsmtpd-0_96-10_el6_sme, qpsmtpd-0_96-11_el6_sme, qpsmtpd-0_84-17_el6_sme, qpsmtpd-0_84-18_el6_sme, qpsmtpd-0_96-9_el6_sme, HEAD 
* Wed Jan 6 2016 Daniel Berteaud <daniel@firewall-services.com> 0.84-17.sme
- Corerctly log login attempts with nulls in login name [SME: 9167]
1 diff -Nur qpsmtpd-0.84_bz9167/plugins/auth/auth_cvm_unix_local qpsmtpd-0.84/plugins/auth/auth_cvm_unix_local
2 --- qpsmtpd-0.84_bz9167/plugins/auth/auth_cvm_unix_local 2009-04-03 07:48:33.000000000 +0200
3 +++ qpsmtpd-0.84/plugins/auth/auth_cvm_unix_local 2016-01-06 17:06:18.782453739 +0100
4 @@ -85,6 +85,11 @@
5
6 $self->log(LOGINFO, "authcvm/$method authentication attempt for: $user");
7
8 + if ($user =~ /\x00/) {
9 + $self->log(LOGERROR, "deny: invalid username");
10 + return (DENY, "authcvm, invalid username");
11 + };
12 +
13 socket(SOCK, PF_UNIX, SOCK_STREAM, 0)
14 or return (DENY, "authcvm/$method");
15
admin@koozali.org
 ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed