From 69c8e20b18577781e17c5959e23514134dfb5755 Mon Sep 17 00:00:00 2001
From: Nalin Dahyabhai <nalin@redhat.com>
Date: Thu, 24 Jul 2014 16:43:21 -0400
Subject: [PATCH 6/7] Use more randomness for ksu secondary cache names
When generating a suffix to append to a ccache name that will hold the
credentials for a ksu-invoked process, instead of using integers
counting up from 1, use the result of base64-encoding six randomly-
generated octets. Tweak the output alphabet just a bit to avoid using
'+' or '/' in the generated names, the latter of which could really
confuse things.
---
src/clients/ksu/ccache.c | 27 +++++++++++++++++++++++----
src/clients/ksu/ksu.h | 2 +-
src/clients/ksu/main.c | 16 ++++++++++++----
3 files changed, 36 insertions(+), 9 deletions(-)
diff --git a/src/clients/ksu/ccache.c b/src/clients/ksu/ccache.c
index 0f9e042..a0736f2 100644
--- a/src/clients/ksu/ccache.c
+++ b/src/clients/ksu/ccache.c
@@ -27,6 +27,7 @@
*/
#include "ksu.h"
+#include "k5-base64.h"
#include "adm_proto.h"
#include <sys/types.h>
#include <sys/stat.h>
@@ -504,10 +505,28 @@ show_credential(context, cred, cc)
free(sname);
}
-int gen_sym(){
- static int i = 0;
- i ++;
- return i;
+/* Create a random string suitable for a filename extension. */
+krb5_error_code
+gen_sym(krb5_context context, char **sym_out)
+{
+ krb5_error_code retval;
+ char bytes[6], *p, *sym;
+ krb5_data data = make_data(bytes, sizeof(bytes));
+
+ *sym_out = NULL;
+ retval = krb5_c_random_make_octets(context, &data);
+ if (retval)
+ return retval;
+ sym = k5_base64_encode(data.data, data.length);
+ if (sym == NULL)
+ return ENOMEM;
+ /* Tweak the output alphabet just a bit. */
+ while ((p = strchr(sym, '/')) != NULL)
+ *p = '_';
+ while ((p = strchr(sym, '+')) != NULL)
+ *p = '-';
+ *sym_out = sym;
+ return 0;
}
krb5_error_code krb5_ccache_overwrite(context, ccs, cct, primary_principal)
diff --git a/src/clients/ksu/ksu.h b/src/clients/ksu/ksu.h
index fbbf217..5ba5ceb 100644
--- a/src/clients/ksu/ksu.h
+++ b/src/clients/ksu/ksu.h
@@ -130,7 +130,7 @@ extern krb5_error_code krb5_get_login_princ
extern void show_credential
(krb5_context, krb5_creds *, krb5_ccache);
-extern int gen_sym (void);
+krb5_error_code gen_sym(krb5_context context, char **sym);
extern krb5_error_code krb5_ccache_overwrite
(krb5_context, krb5_ccache, krb5_ccache, krb5_principal);
diff --git a/src/clients/ksu/main.c b/src/clients/ksu/main.c
index 41a3bf8..47fa820 100644
--- a/src/clients/ksu/main.c
+++ b/src/clients/ksu/main.c
@@ -856,7 +856,7 @@ resolve_target_cache(krb5_context context, krb5_principal princ,
krb5_error_code retval;
krb5_boolean switchable, reused = FALSE;
krb5_ccache ccache = NULL;
- char *sep, *ccname = NULL, *target;
+ char *sep, *ccname = NULL, *sym = NULL, *target;
*ccache_out = NULL;
*ccache_reused = FALSE;
@@ -876,12 +876,20 @@ resolve_target_cache(krb5_context context, krb5_principal princ,
* the name of a cache that doesn't exist yet. */
do {
free(ccname);
- if (asprintf(&ccname, "%s.%d", target, gen_sym()) < 0) {
+ retval = gen_sym(context, &sym);
+ if (retval) {
+ com_err(prog_name, retval,
+ _("while generating part of the target ccache name"));
+ return retval;
+ }
+ if (asprintf(&ccname, "%s.%s", target, sym) < 0) {
retval = ENOMEM;
- com_err(prog_name, ENOMEM,
- _("while allocating memory for target ccache name"));
+ free(sym);
+ com_err(prog_name, retval, _("while allocating memory for the "
+ "target ccache name"));
goto cleanup;
}
+ free(sym);
} while (ks_ccache_name_is_initialized(context, ccname));
retval = krb5_cc_resolve(context, ccname, &ccache);
} else {
--
2.0.4