[PATCH] buffers in nslcd/shadow.c are too small

[Date Prev][Date Next] [Thread Prev][Thread Next]

From: Bersl <bersl2 [at] bersl2.info>
To: nss-pam-ldapd-users [at] lists.arthurdejong.org
Subject: [PATCH] buffers in nslcd/shadow.c are too small
Date: Tue, 27 Aug 2013 17:36:33 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I was trying to get LDAP auth working over NSS (without PAM) and not
having much success. I came across
<http://lists.arthurdejong.org/nss-pam-ldapd-users/2012/msg00217.html>
from last year, and I found that the only change I had to make from
what I had been trying was to switch to old-style DES crypt(3)
passwords. The MD5 variant also worked.

When I looked at the results of getent shadow more closely, I saw that
the hash was being truncated. I made the following change to the
codebase, and now all forms of crypt(3) passwords work.



diff -urN nss-pam-ldapd.orig/nslcd/shadow.c nss-pam-ldapd/nslcd/shadow.c
- --- nss-pam-ldapd.orig/nslcd/shadow.c   2013-08-25 02:00:46.997465401
- -0500
+++ nss-pam-ldapd/nslcd/shadow.c        2013-08-25 02:06:58.575298566
- -0500
@@ -191,7 +191,7 @@
                            long *inactdays, long *expiredate,
                            unsigned long *flag)
 {
- -  char buffer[64];
+  char buffer[256];
   const char *tmpvalue;
   char *tmp;
   /* get lastchange date */
@@ -230,7 +230,7 @@
   long expiredate;
   unsigned long flag;
   int i;
- -  char passbuffer[64];
+  char passbuffer[256];
   /* get username */
   usernames = myldap_get_values(entry, attmap_shadow_uid);
   if ((usernames == NULL) || (usernames[0] == NULL))

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJSHSnnAAoJEKDJEQNczrCUZdoIAKhuzQ2Y9+ncdMsCsrASXc9+
w25oukw/mX6bZbueIP/KZHt4/IjJdGLWHdipZYw3vU7TkdIQFhGxTpPW74sU0lo0
epbWaOINkVGYCMXL2ncucPo2tppS/Z5cSvsfW7et1SEqndUowaOz1saz+hK8NexK
gG1NDalSuL20W84EL5FHPPXdsyuoeT54yKf5fPE/tWkBWcyv5K765nkujNYeZJsq
YCs73bFc8DVfjiIQP6MYBnX8+cGvMOlxjMhuiQGyVyXBl86RdcVCPEUwjYr3y5KT
RU88h/IdDzUEb3GxNW8amrbw5ImG9pJDtxmvuBT7rhR+X+Exqi8V65ZrI3zZvVc=
=C52Q
-----END PGP SIGNATURE-----
-- 
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-users/

[PATCH] buffers in nslcd/shadow.c are too small, Bersl

Re: [PATCH] buffers in nslcd/shadow.c are too small, Arthur de Jong

Prev by Date: Re: Problem with nslcd
Next by Date: Re: [PATCH] buffers in nslcd/shadow.c are too small
Previous by thread: Re: Problem with nslcd
Next by thread: Re: [PATCH] buffers in nslcd/shadow.c are too small