rpms / krb5

Clone
Source Code
GIT

Blame SOURCES/krb5-krad-larger-attrs.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c7-sig-altarch-fasttrack c8 c8-beta c8s c9 c9-beta
  1.   8874ae67b9b532e9fd8fa6fadaef7aa71753c269
  2.   SOURCES
  3.   krb5-krad-larger-attrs.patch
Blob History Raw
8874ae 
From 0ac0fd2d349e4d5ef7379182f4d7ce480edd8d2b Mon Sep 17 00:00:00 2001
8874ae 
From: Sumit Bose <sbose@redhat.com>
8874ae 
Date: Mon, 8 Nov 2021 17:48:50 +0100
8874ae 
Subject: [PATCH 2/2] Support larger RADIUS attributes in libkrad
8874ae
8874ae 
In kr_attrset_decode(), explicitly treat the length byte as unsigned.
8874ae 
Otherwise attributes longer than 125 characters will be rejected with
8874ae 
EBADMSG.
8874ae
8874ae 
Add a 253-character-long NAS-Identifier attribute to the tests to make
8874ae 
sure that attributes with the maximal number of characters are working
8874ae 
as expected.
8874ae
8874ae 
[ghudson@mit.edu: used uint8_t cast per current practices; edited
8874ae 
commit message]
8874ae
8874ae 
ticket: 9036 (new)
8874ae 
---
8874ae 
 src/lib/krad/attrset.c  |  2 +-
8874ae 
 src/lib/krad/t_packet.c | 13 +++++++++++++
8874ae 
 2 files changed, 14 insertions(+), 1 deletion(-)
8874ae
8874ae 
diff --git a/src/lib/krad/attrset.c b/src/lib/krad/attrset.c
8874ae 
index d89982a13..6ec031e32 100644
8874ae 
--- a/src/lib/krad/attrset.c
8874ae 
+++ b/src/lib/krad/attrset.c
8874ae 
@@ -218,7 +218,7 @@ kr_attrset_decode(krb5_context ctx, const krb5_data *in, const char *secret,
8874ae
8874ae 
     for (i = 0; i + 2 < in->length; ) {
8874ae 
         type = in->data[i++];
8874ae 
-        tmp = make_data(&in->data[i + 1], in->data[i] - 2);
8874ae 
+        tmp = make_data(&in->data[i + 1], (uint8_t)in->data[i] - 2);
8874ae 
         i += tmp.length + 1;
8874ae
8874ae 
         retval = (in->length < i) ? EBADMSG : 0;
8874ae 
diff --git a/src/lib/krad/t_packet.c b/src/lib/krad/t_packet.c
8874ae 
index 0a92e9cc2..c22489144 100644
8874ae 
--- a/src/lib/krad/t_packet.c
8874ae 
+++ b/src/lib/krad/t_packet.c
8874ae 
@@ -57,6 +57,14 @@ make_packet(krb5_context ctx, const krb5_data *username,
8874ae 
     krb5_error_code retval;
8874ae 
     const krb5_data *data;
8874ae 
     int i = 0;
8874ae 
+    krb5_data nas_id;
8874ae 
+
8874ae 
+    nas_id = string2data("12345678901234567890123456789012345678901234567890"
8874ae 
+                         "12345678901234567890123456789012345678901234567890"
8874ae 
+                         "12345678901234567890123456789012345678901234567890"
8874ae 
+                         "12345678901234567890123456789012345678901234567890"
8874ae 
+                         "12345678901234567890123456789012345678901234567890"
8874ae 
+                         "123");
8874ae
8874ae 
     retval = krad_attrset_new(ctx, &set);
8874ae 
     if (retval != 0)
8874ae 
@@ -71,6 +79,11 @@ make_packet(krb5_context ctx, const krb5_data *username,
8874ae 
     if (retval != 0)
8874ae 
         goto out;
8874ae
8874ae 
+    retval = krad_attrset_add(set, krad_attr_name2num("NAS-Identifier"),
8874ae 
+                              &nas_id);
8874ae 
+    if (retval != 0)
8874ae 
+        goto out;
8874ae 
+
8874ae 
     retval = krad_packet_new_request(ctx, "foo",
8874ae 
                                      krad_code_name2num("Access-Request"),
8874ae 
                                      set, iterator, &i, &tmp);
8874ae 
--
8874ae 
2.35.3
8874ae

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation