November 2007 - 389-commits - Fedora Mailing-Lists

[Fedora-directory-commits] console/src/com/netscape/management/client/topology AbstractServerObject.java, 1.4, 1.5 AdminGroupNode.java, 1.2, 1.3 topology.properties, 1.3, 1.4

by Doctor Conrad

Author: nkinder Update of /cvs/dirsec/console/src/com/netscape/management/client/topology In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv20617/src/com/netscape/management/client/topology Modified Files: AbstractServerObject.java AdminGroupNode.java topology.properties Log Message: Resolves: 379211 Summary: Removed unused labels, corrected CRL file label, and added help dialog to LoginDialog class. Index: AbstractServerObject.java =================================================================== RCS file: /cvs/dirsec/console/src/com/netscape/management/client/topology/AbstractServerObject.java,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- AbstractServerObject.java 9 Jul 2007 19:01:01 -0000 1.4 +++ AbstractServerObject.java 15 Nov 2007 16:56:53 -0000 1.5 @@ -74,7 +74,6 @@ "nsVendor", //"nsNickName", "nsProductVersion", "nsBuildNumber", "nsRevisionNumber", //"nsSerialNumber", - //"nsInstalledLocation", //"installationTimeStamp", //"nsExpirationDate", "nsBuildSecurity", }; Index: AdminGroupNode.java =================================================================== RCS file: /cvs/dirsec/console/src/com/netscape/management/client/topology/AdminGroupNode.java,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- AdminGroupNode.java 29 Jun 2007 20:32:29 -0000 1.2 +++ AdminGroupNode.java 15 Nov 2007 16:56:53 -0000 1.3 @@ -152,10 +152,7 @@ "nsAdminGroupName"), getName(), true, true), new NodeData("description", _resource.getString("ServerObject","description"), - _description, true), - new NodeData("nsInstalledLocation", - _resource.getString("ServerObject", - "nsInstalledLocation"), _installPath, false), }; + _description, true), }; } /** Index: topology.properties =================================================================== RCS file: /cvs/dirsec/console/src/com/netscape/management/client/topology/topology.properties,v retrieving revision 1.3 retrieving revision 1.4 diff -u -r1.3 -r1.4 --- topology.properties 29 Jun 2007 20:32:29 -0000 1.3 +++ topology.properties 15 Nov 2007 16:56:53 -0000 1.4 @@ -243,7 +243,6 @@ ServerObject-nsBuildNumber=Build number ServerObject-nsRevisionNumber=Revision ServerObject-nsSerialNumber=Serial number -ServerObject-nsInstalledLocation=Installation path ServerObject-installationTimeStamp=Installed date ServerObject-nsExpirationDate=Expiration date ServerObject-nsBuildSecurity=Security level

16 years, 5 months

1
0
0 / 0

[Fedora-directory-commits] console/src/com/netscape/management/client/security securityResource.properties, 1.1.1.1, 1.2

by Doctor Conrad

Author: nkinder Update of /cvs/dirsec/console/src/com/netscape/management/client/security In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv20617/src/com/netscape/management/client/security Modified Files: securityResource.properties Log Message: Resolves: 379211 Summary: Removed unused labels, corrected CRL file label, and added help dialog to LoginDialog class. Index: securityResource.properties =================================================================== RCS file: /cvs/dirsec/console/src/com/netscape/management/client/security/securityResource.properties,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- securityResource.properties 18 Jul 2005 00:34:17 -0000 1.1.1.1 +++ securityResource.properties 15 Nov 2007 16:56:53 -0000 1.2 @@ -162,7 +162,7 @@ # Install CRL InstallCRLDialog-help=admin InstallCRLDialog-title=Add CRL/CKL -InstallCRLDialog-enterFilename=Enter full path to CRL/CKL file: +InstallCRLDialog-enterFilename=Enter CRL/CKL file: InstallCRLDialog-crl=File contain a Certificate Revocation List (CRL) InstallCRLDialog-krl=File contain a Compromised Key List (CKL)

16 years, 5 months

1
0
0 / 0

[Fedora-directory-commits] console/src/com/netscape/management/client/keycert CertManagementResource.properties, 1.1.1.1, 1.2

by Doctor Conrad

Author: nkinder Update of /cvs/dirsec/console/src/com/netscape/management/client/keycert In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv20617/src/com/netscape/management/client/keycert Modified Files: CertManagementResource.properties Log Message: Resolves: 379211 Summary: Removed unused labels, corrected CRL file label, and added help dialog to LoginDialog class. Index: CertManagementResource.properties =================================================================== RCS file: /cvs/dirsec/console/src/com/netscape/management/client/keycert/CertManagementResource.properties,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- CertManagementResource.properties 18 Jul 2005 00:34:15 -0000 1.1.1.1 +++ CertManagementResource.properties 15 Nov 2007 16:56:53 -0000 1.2 @@ -68,7 +68,7 @@ # Add CRL Certificate Dialog AddCRLCertificateDialog-dialogTitle=Add CRL/CKL -AddCRLCertificateDialog-filename=Please enter full path to CRL/CKL file: +AddCRLCertificateDialog-filename=Please enter CRL/CKL file: AddCRLCertificateDialog-cklfiletype=File contains a Compromised Key List (CKL) AddCRLCertificateDialog-crlfiletype=File contains a Certificate Revocation List (CRL) AddCRLCertificateDialog-help=admin

16 years, 5 months

1
0
0 / 0

[Fedora-directory-commits] console/src/com/netscape/management/client/console LoginDialog.java, 1.2, 1.3 console.properties, 1.8, 1.9

by Doctor Conrad

Author: nkinder Update of /cvs/dirsec/console/src/com/netscape/management/client/console In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv20617/src/com/netscape/management/client/console Modified Files: LoginDialog.java console.properties Log Message: Resolves: 379211 Summary: Removed unused labels, corrected CRL file label, and added help dialog to LoginDialog class. Index: LoginDialog.java =================================================================== RCS file: /cvs/dirsec/console/src/com/netscape/management/client/console/LoginDialog.java,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- LoginDialog.java 29 Jun 2007 20:32:28 -0000 1.2 +++ LoginDialog.java 15 Nov 2007 16:56:52 -0000 1.3 @@ -249,18 +249,14 @@ * invoke help */ protected void helpInvoked() { - String urlString = Console._resource.getString("login", "help"); - if (urlString.length()>0) { - //one level up to the <sr> instead of <sr>/java - File f = new File(".."); - - try { - URL url = f.toURL(); - - Browser browser = new Browser(); - browser.open(url.toString()+urlString, Browser.EXISTING_WINDOW); - } catch (Exception urlError) { - } + /* Display a help dialog */ + String helpMsg = Console._resource.getString("login", "help"); + if (helpMsg.length()>0) { + JOptionPane.showMessageDialog( + SplashScreen.getInstance(), helpMsg, + Console._resource.getString("login","helptitle"), + JOptionPane.INFORMATION_MESSAGE); + ModalDialogUtil.sleep(); } } } Index: console.properties =================================================================== RCS file: /cvs/dirsec/console/src/com/netscape/management/client/console/console.properties,v retrieving revision 1.8 retrieving revision 1.9 diff -u -r1.8 -r1.9 --- console.properties 2 Jul 2007 18:49:24 -0000 1.8 +++ console.properties 15 Nov 2007 16:56:52 -0000 1.9 @@ -22,7 +22,8 @@ login-password=Password: login-url=Administration URL: login-copyright=Copyright (C) Red Hat, Inc. -login-help=manual/en/console/help/login.htm +login-help=Login to your Administration Server.\n\nYour admin user and Administration Server URL were configured at setup time.\n\nPlease refer to the setup log in your system tmp directory if you are unsure of\nthe Administration Server port or your admin user's userid. +login-helptitle=Login Help login-passwordDialogTitle=Bind Password restart-title=Restart Directory Server

16 years, 5 months

1
0
0 / 0

[Fedora-directory-commits] adminserver/admserv/cgi-src40 security.c, 1.12, 1.13

by Doctor Conrad

Author: nkinder Update of /cvs/dirsec/adminserver/admserv/cgi-src40 In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv1999 Modified Files: security.c Log Message: Resolves: 370071 Summary: Fixed issues with loading CRL files. Index: security.c =================================================================== RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/security.c,v retrieving revision 1.12 retrieving revision 1.13 diff -u -r1.12 -r1.13 --- security.c 31 Oct 2007 05:30:53 -0000 1.12 +++ security.c 14 Nov 2007 23:42:43 -0000 1.13 @@ -93,8 +93,10 @@ #define FOOTER "-----END CERTIFICATE-----" #define HEADERREQUEST "-----BEGIN %s CERTIFICATE REQUEST-----\n" #define FOOTERREQUEST "\n-----END %s CERTIFICATE REQUEST-----\n" -#define CRLHEADER "-----BEGIN X509 CRL-----" -#define CRLFOOTER "-----END X509 CRL-----" +#define X509CRLHEADER "-----BEGIN X509 CRL-----" +#define X509CRLFOOTER "-----END X509 CRL-----" +#define CRLHEADER "-----BEGIN CERTIFICATE REVOCATION LIST-----\n" +#define CRLFOOTER "-----END CERTIFICATE REVOCATION LIST-----\n" /*#else #define HEADER "-----BEGIN CERTIFICATE----\n" #define FOOTER "\n-----END CERTIFICATE-----\n" @@ -1494,6 +1496,7 @@ SECItem derCrl; char msg[BIG_LINE]; char *secdir = util_get_security_dir(); + char full_path[PATH_MAX]; int list_type = (type && !PORT_Strcmp(type, "CKL"))? SEC_KRL_TYPE : SEC_CRL_TYPE; if (!filename || !*filename || @@ -1506,9 +1509,12 @@ {/*try open the file*/ FILE *f; + + PR_snprintf(full_path, sizeof(full_path), "%s%c%s", secdir, FILE_PATHSEP, filename); + form_unescape(full_path); - if( !(f = fopen(filename, "rb")) ) { - PR_snprintf(msg, sizeof(msg), getResourceString(DBT_NO_FILE_EXISTS), filename); + if( !(f = fopen(full_path, "rb")) ) { + PR_snprintf(msg, sizeof(msg), getResourceString(DBT_NO_FILE_EXISTS), full_path); errorRpt(FILE_ERROR, msg); } else { int size; @@ -1543,23 +1549,36 @@ ascii text file. */ { + int headerlen = 0; char *DERCert = NULL; char* begin = (char*) PORT_Strstr((const char*)ascii, CRLHEADER); char* end = (char*) PORT_Strstr((const char*)ascii, CRLFOOTER); + /* Check for the alternate CRL header and footer format */ + if (begin == NULL) { + begin = (char*) PORT_Strstr((const char*)ascii, X509CRLHEADER); + headerlen = strlen(X509CRLHEADER); + } else { + headerlen = strlen(CRLHEADER); + } + + if (end == NULL) { + end = (char*) PORT_Strstr((const char*)ascii, X509CRLFOOTER); + } + if ((begin != NULL) && (end != NULL)) { - end += PORT_Strlen(FOOTER); + /* chop the footer off */ *end = '\0'; - DERCert = (char*)PORT_ZAlloc(PORT_Strlen(begin)); - - strcpy(DERCert, begin+strlen(CRLHEADER)); + /* don't copy the header */ + DERCert = (char*)PORT_ZAlloc(PORT_Strlen(begin - headerlen + 1)); + strcpy(DERCert, (begin + headerlen)); if ( SECFailure == ATOB_ConvertAsciiToItem(&derCrl, DERCert) ) { errorRpt(SYSTEM_ERROR, getResourceString(DBT_DECODE_CRL_ERROR)); } } else { - PR_snprintf(msg, sizeof(msg), getResourceString(DBT_INVALID_CRL), filename); + PR_snprintf(msg, sizeof(msg), getResourceString(DBT_INVALID_CRL), full_path); errorRpt(FILE_ERROR, msg); } }

16 years, 5 months

1
0
0 / 0

[Fedora-directory-commits] ldapserver/ldap/servers/slapd daemon.c, 1.17, 1.18

by Doctor Conrad

Author: nhosoi Update of /cvs/dirsec/ldapserver/ldap/servers/slapd In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv2709 Modified Files: daemon.c Log Message: Resolves: #383141 Summary: listenhost: hostname associated with multiple addresses 1) parentheses were needed around *addr, which should have been evaluated before the array. 2) fixed a small memory leak. Index: daemon.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/daemon.c,v retrieving revision 1.17 retrieving revision 1.18 diff -u -r1.17 -r1.18 --- daemon.c 18 Oct 2007 00:08:34 -0000 1.17 +++ daemon.c 14 Nov 2007 20:18:53 -0000 1.18 @@ -2870,11 +2870,11 @@ slapi_ch_free ((void**)&netaddr); } *addr = (PRNetAddr **)slapi_ch_calloc(2, sizeof (PRNetAddr *)); - *addr[0] = netaddr; + (*addr)[0] = netaddr; } else if (PR_SUCCESS == PR_StringToNetAddr(listenhost, netaddr)) { /* PR_StringNetAddr newer than NSPR v4.6.2 supports both IPv4&v6 */; *addr = (PRNetAddr **)slapi_ch_calloc(2, sizeof (PRNetAddr *)); - *addr[0] = netaddr; + (*addr)[0] = netaddr; } else { PRAddrInfo *infop = PR_GetAddrInfoByName( listenhost, PR_AF_UNSPEC, (PR_AI_ADDRCONFIG|PR_AI_NOCANONNAME) ); @@ -2901,9 +2901,10 @@ for ( i = 0; i < addrcnt; i++ ) { iter = PR_EnumerateAddrInfo( iter, infop, 0, netaddr ); if ( NULL == iter ) { + slapi_ch_free((void **)&netaddr); /* not used */ break; } - *addr[i] = netaddr; + (*addr)[i] = netaddr; netaddr = (PRNetAddr *)slapi_ch_calloc(1, sizeof(PRNetAddr)); } }

16 years, 5 months

1
0
0 / 0

[Fedora-directory-commits] ldapserver/ldap/servers/plugins/passthru ptconfig.c, 1.7, 1.8

by Doctor Conrad

Author: rmeggins Update of /cvs/dirsec/ldapserver/ldap/servers/plugins/passthru In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5435/ldapserver/ldap/servers/plugins/passthru Modified Files: ptconfig.c Log Message: Resolves: bug 197997 Bug Description: PTA config parsing broken Reviewed by: nhosoi (Thanks!) Fix Description: The problem is that it is very difficult to use a comma as a delimiter between the url and the optional settings. This is because the suffix may contain many commas. The argument string may look like this: ldap://host1:port1 host2:port2 .... hostN:portN/a,long,suffix1:a,long,suffix2;....;a,long,suffixN optional,numeric,settings The ldap url may not contain any spaces after the hostlist - the suffixlist part must contain only url encoded spaces if the suffix actually has a space in it. So the solution is to use a space to separate the url from the options list. The parser looks for the first space after the last "/" in the url. This should be ok - at least it will not break the most common use of pta, which is to allow the config DS admin user to log into servers that do not have the o=NetscapeRoot. setup will use something like this: ldap://configdshost:configdsport/o=NetscapeRoot with not optional settings - this should parse just fine with the new code. Platforms tested: RHEL5 x86_64 Flag Day: no Doc impact: no QA impact: should be covered by regular nightly and manual testing New Tests integrated into TET: none Index: ptconfig.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/passthru/ptconfig.c,v retrieving revision 1.7 retrieving revision 1.8 diff -u -r1.7 -r1.8 --- ptconfig.c 28 Sep 2007 22:46:50 -0000 1.7 +++ ptconfig.c 14 Nov 2007 17:53:44 -0000 1.8 @@ -131,10 +131,29 @@ */ prevsrvr = NULL; for ( i = 0; i < argc; ++i ) { + char *p = NULL; srvr = (PassThruServer *)slapi_ch_calloc( 1, sizeof( PassThruServer )); srvr->ptsrvr_url = slapi_ch_strdup( argv[i] ); - if (( p = strchr( srvr->ptsrvr_url, ',' )) == NULL ) { + /* since the ldap url may contain both spaces (to delimit multiple hosts) + and commas (in suffixes), we have to search for the first space + after the last /, then look for any commas after that + This assumes the ldap url looks like this: + ldap(s)://host:port host:port .... host:port/suffixes + That is, it assumes there is always a trailing slash on the ldapurl + and that the url does not look like this: ldap://host + also assumes suffixes do not have any / in them + */ + if (p = strrchr(srvr->ptsrvr_url, '/')) { /* look for last / */ + p = strchr(p, ' '); /* look for first space after last / */ + if (p) { + if (!strchr(p, ',')) { /* no comma */ + p = NULL; /* just use defaults */ + } + } + } + + if (!p) { /* * use defaults for maxconnections, maxconcurrency, timeout, * LDAP version, and connlifetime. @@ -152,7 +171,7 @@ * maxconnections,maxconcurrency,timeout,ldapversion * OR maxconnections,maxconcurrency,timeout,ldapversion,lifetime */ - *p++ = '\0'; + *p++ = '\0'; /* p points at space preceding optional arguments */ rc = sscanf( p, "%d,%d,%d,%d,%d", &srvr->ptsrvr_maxconnections, &srvr->ptsrvr_maxconcurrency, &tosecs, &srvr->ptsrvr_ldapversion, &srvr->ptsrvr_connlifetime );

16 years, 5 months

1
0
0 / 0

[Fedora-directory-commits] adminserver/include/libdsa dsalib.h, 1.5, 1.6

by Doctor Conrad

Author: rmeggins Update of /cvs/dirsec/adminserver/include/libdsa In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5290/adminserver/include/libdsa Modified Files: dsalib.h Log Message: Resolves: bug 186280 Bug Description: Close potential security vulnerabilities in CGI code Reviewed by: nhosoi (Thanks!) Fix Description: This is for the CGIs moved into adminserver from ds. There is quite a bit of code here that we don't use anymore. We can also get rid of Import.java and Export.java in the ds console code. This addresses the security issues because, even though the console doesn't ever call the tasks that invoke the CGIs for db2ldif, ldif2db, etc. a malicious user could still attempt to invoke a task remotely and pass in bogus file and directory names. Platforms tested: RHEL5 x86_64 Flag Day: no Doc impact: no QA impact: should be covered by regular nightly and manual testing New Tests integrated into TET: none Index: dsalib.h =================================================================== RCS file: /cvs/dirsec/adminserver/include/libdsa/dsalib.h,v retrieving revision 1.5 retrieving revision 1.6 diff -u -r1.5 -r1.6 --- dsalib.h 31 Aug 2007 17:01:38 -0000 1.5 +++ dsalib.h 14 Nov 2007 17:51:56 -0000 1.6 @@ -119,12 +119,6 @@ #endif #endif -#if defined( XP_WIN32 ) - #define PATH_FOR_PLATFORM(_path) ds_unixtodospath(_path) -#else - #define PATH_FOR_PLATFORM(_path) -#endif - #define START_SCRIPT "start-slapd" #define RESTART_SCRIPT "restart-slapd" #define STOP_SCRIPT "stop-slapd" @@ -230,14 +224,6 @@ extern struct ds_cfg_info ds_cfg_info[]; -#define LDBM_DATA_SIZE 5 - -/*ldbm specific backend information*/ -struct ldbm_data { - char *tv[LDBM_DATA_SIZE][2]; /*type and value*/ -}; - - /* * varname for ds_showparam() * NOTE: these must be kept in synch with the ds_cfg_info array defined @@ -284,9 +270,6 @@ extern DS_EXPORT_SYMBOL char *ds_get_server_name(); extern DS_EXPORT_SYMBOL void ds_send_error(char *errstr, int print_errno); extern DS_EXPORT_SYMBOL void ds_send_status(char *str); -extern DS_EXPORT_SYMBOL char *ds_get_cgi_var(char *cgi_var_name); -extern DS_EXPORT_SYMBOL char *ds_get_cgi_var_simple(int index); -extern DS_EXPORT_SYMBOL char *ds_get_cgi_multiple(char *cgi_var_name); extern DS_EXPORT_SYMBOL char *ds_get_errors_name(); extern DS_EXPORT_SYMBOL char *ds_get_access_name(); extern DS_EXPORT_SYMBOL char *ds_get_audit_name(); @@ -298,19 +281,7 @@ extern DS_EXPORT_SYMBOL int ds_get_file_size(char *fileName); extern DS_EXPORT_SYMBOL void ds_display_tail(char *fileName, int timeOut, int startSeek, char *doneMsg, char *lastLine); -extern DS_EXPORT_SYMBOL int ds_ldif2db_preserve(char *file); -extern DS_EXPORT_SYMBOL int ds_ldif2db(char *file); -extern DS_EXPORT_SYMBOL int ds_ldif2db_backend_subtree(char *file, char *backend, char *subtree); -extern DS_EXPORT_SYMBOL int ds_db2ldif(char *file); -extern DS_EXPORT_SYMBOL int ds_vlvindex(char **backendList, char **attrList); -extern DS_EXPORT_SYMBOL int ds_addindex(char **attrList, char *backendName); -extern DS_EXPORT_SYMBOL int ds_db2ldif_subtree(char *file, char *subtree); extern DS_EXPORT_SYMBOL char **ds_get_bak_dirs(); -extern DS_EXPORT_SYMBOL int ds_db2bak(char *file); -extern DS_EXPORT_SYMBOL int ds_bak2db(char *file); -extern DS_EXPORT_SYMBOL int ds_get_monitor(int frontend, char *port); -extern DS_EXPORT_SYMBOL int ds_get_bemonitor(char *bemdn, char *port); -extern DS_EXPORT_SYMBOL int ds_client_access(char *port, char *dn); extern DS_EXPORT_SYMBOL char **ds_get_config(int type); extern DS_EXPORT_SYMBOL char *ds_get_config_dir(); extern DS_EXPORT_SYMBOL void ds_set_config_dir(char *config_dir); @@ -318,84 +289,15 @@ extern DS_EXPORT_SYMBOL void ds_set_run_dir(char *run_dir); extern DS_EXPORT_SYMBOL char *ds_get_bak_dir(); extern DS_EXPORT_SYMBOL void ds_set_bak_dir(char *bak_dir); -extern DS_EXPORT_SYMBOL char *ds_get_pwenc(char *passwd_hash, char *password); extern DS_EXPORT_SYMBOL int ds_check_config(int type); -extern DS_EXPORT_SYMBOL int ds_check_pw(char *pwhash, char *pwclear); -extern DS_EXPORT_SYMBOL int ds_set_config(char *change_file_name); extern DS_EXPORT_SYMBOL char **ds_get_conf_from_file(FILE *conf); -extern DS_EXPORT_SYMBOL void ds_display_config(char **ds_config); extern DS_EXPORT_SYMBOL char *ds_get_var_name(int varnum); -extern DS_EXPORT_SYMBOL int ds_showparam(char **ds_config, int varname, int phase, - int occurance, char *dispname, int size, int maxlength, unsigned flags, - char *url); -extern DS_EXPORT_SYMBOL void ds_show_pwmaxage(char *value); -extern DS_EXPORT_SYMBOL void ds_show_pwhash(char *value); extern DS_EXPORT_SYMBOL char *ds_get_value(char **ds_config, char *parm, int phase, int occurance); -extern DS_EXPORT_SYMBOL void ds_apply_cfg_changes(int param_list[], int changed); -extern DS_EXPORT_SYMBOL int ds_commit_cfg_changes(); -extern DS_EXPORT_SYMBOL int ds_config_updated(); -extern DS_EXPORT_SYMBOL void ds_display_header(char *font_size, char *header); -extern DS_EXPORT_SYMBOL void ds_display_message(char *font_size, char *header); -extern DS_EXPORT_SYMBOL void ds_print_file_form(char *action, char *fileptr, char *full_fileptr); -extern DS_EXPORT_SYMBOL char *ds_get_file_meaning(char *file); -extern DS_EXPORT_SYMBOL void ds_print_file_name(char *fileptr); extern DS_EXPORT_SYMBOL int ds_file_exists(char *filename); -extern DS_EXPORT_SYMBOL int ds_cp_file(char *sfile, char *dfile, int mode); -extern DS_EXPORT_SYMBOL time_t ds_get_mtime(char *filename); extern DS_EXPORT_SYMBOL char *ds_get_config_value( int option ); extern DS_EXPORT_SYMBOL char **ds_get_file_list( char *dir ); extern DS_EXPORT_SYMBOL char *ds_get_tmp_dir(); -extern DS_EXPORT_SYMBOL void ds_unixtodospath(char *szText); -extern DS_EXPORT_SYMBOL void ds_timetofname(char *szText); extern DS_EXPORT_SYMBOL void ds_dostounixpath(char *szText); -extern DS_EXPORT_SYMBOL int ds_saferename(char *szSrc, char *szTarget); -extern DS_EXPORT_SYMBOL char *get_specific_help_button(char *help_link, - char *dispname, char *helpinfo); - -/* Change the DN to a canonical format (in place); return DN. */ -extern DS_EXPORT_SYMBOL char* dn_normalize (char* DN); - -/* Change the DN to a canonical format (in place) and convert to v3; return DN. */ -extern DS_EXPORT_SYMBOL char* dn_normalize_convert (char* DN); - -/* if dn contains an unescaped quote return true */ -extern DS_EXPORT_SYMBOL int ds_dn_uses_LDAPv2_quoting(const char *dn); - -/* Return a copy of the DN, but with optional whitespace inserted. */ -extern DS_EXPORT_SYMBOL char* ds_dn_expand (char* DN); - -/* Return the value if it can be stored 'as is' in a config file. - If it requires enquoting, allocate and return its enquoted form. - The caller should free() the returned pointer iff it's != value. - On Windows, we don't want to double up on "\" characters in filespecs, - so we need to pass in the value type */ -extern DS_EXPORT_SYMBOL char* ds_enquote_config_value (int paramnum, char* value); - -/* - * Bring up a javascript alert. - */ -extern DS_EXPORT_SYMBOL void ds_alert_user(char *header, char *message); - -/* Construct and return the DN that corresponds to the give DNS name. - The caller should free() the returned pointer. */ -extern DS_EXPORT_SYMBOL char* ds_DNS_to_DN (char* DNS); - -/* Construct and return the DN of the LDAP server's own entry. - The caller must NOT free() the returned pointer. */ -extern DS_EXPORT_SYMBOL char* ds_get_config_DN (char** ds_config); - -/* Encode characters, as described in RFC 1738 section 2.2, - if they're 'unsafe' (as defined in RFC 1738), or '?' or - <special> (as defined in RFC 1779). - The caller should free() the returned pointer. */ -extern DS_EXPORT_SYMBOL char* ds_URL_encode (const char*); - -/* Decode characters, as described in RFC 1738 section 2.2. - The caller should free() the returned pointer. */ -extern DS_EXPORT_SYMBOL char* ds_URL_decode (const char*); - -/* Encode all characters, even if 'safe' */ -extern DS_EXPORT_SYMBOL char* ds_encode_all (const char*); /* Change the effective UID and GID of this process to those associated with the given localuser (if any). */ @@ -409,8 +311,6 @@ what they were before calling ds_become_localuser(). */ extern DS_EXPORT_SYMBOL char* ds_become_original(); -extern DS_EXPORT_SYMBOL char* ds_makeshort(char *filepath); - extern DS_EXPORT_SYMBOL int ds_search_file(char *filename, char *searchstring, char **returnstring); /* Display an error to the user and exit from a CGI */ @@ -419,34 +319,13 @@ /* Display a warning to the user */ extern DS_EXPORT_SYMBOL void ds_report_warning(int type, char *errmsg, char *details); -/* These functions are used by the program to alter the output behaviour -if not executing in a CGI context */ -extern DS_EXPORT_SYMBOL int ds_get_formatted_output(void); -extern DS_EXPORT_SYMBOL void ds_set_formatted_output(int val); - /* show a message to be parsed by the non-HTML front end */ extern DS_EXPORT_SYMBOL void ds_show_message(const char *message); -/* show a key/value pair to be parsed by the non-HTML front end */ -extern DS_EXPORT_SYMBOL void ds_show_key_value(char *key, char *value); - -extern DS_EXPORT_SYMBOL void ds_submit(char *helptarget) ; -extern DS_EXPORT_SYMBOL char *ds_get_helpbutton(char *topic); - extern DS_EXPORT_SYMBOL void alter_startup_line(char *startup_line); -extern DS_EXPORT_SYMBOL int ds_dir_exists(char *fn); -extern DS_EXPORT_SYMBOL int ds_mkdir(char *dir, int mode); -extern DS_EXPORT_SYMBOL char *ds_mkdir_p(char *dir, int mode); -extern DS_EXPORT_SYMBOL char *ds_salted_sha1_pw_enc (char* pwd); -extern DS_EXPORT_SYMBOL char * ds_escape_for_shell( char *s ); - -extern DS_EXPORT_SYMBOL char **ds_string_to_vec(char *s); - extern DS_EXPORT_SYMBOL char *ds_system_errmsg(void); -extern DS_EXPORT_SYMBOL int ds_exec_and_report(char *cmd); - /* remove a registry key and report an error message if unsuccessful */

16 years, 5 months

1
0
0 / 0

[Fedora-directory-commits] adminserver/lib/libdsa dsalib_conf.c, 1.5, 1.6 dsalib_db.c, 1.4, 1.5 dsalib_util.c, 1.3, 1.4 dsalib_dn.c, 1.2, NONE dsalib_filename.c, 1.2, NONE dsalib_ldif.c, 1.3, NONE dsalib_pw.c, 1.2, NONE

by Doctor Conrad

Author: rmeggins Update of /cvs/dirsec/adminserver/lib/libdsa In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5290/adminserver/lib/libdsa Modified Files: dsalib_conf.c dsalib_db.c dsalib_util.c Removed Files: dsalib_dn.c dsalib_filename.c dsalib_ldif.c dsalib_pw.c Log Message: Resolves: bug 186280 Bug Description: Close potential security vulnerabilities in CGI code Reviewed by: nhosoi (Thanks!) Fix Description: This is for the CGIs moved into adminserver from ds. There is quite a bit of code here that we don't use anymore. We can also get rid of Import.java and Export.java in the ds console code. This addresses the security issues because, even though the console doesn't ever call the tasks that invoke the CGIs for db2ldif, ldif2db, etc. a malicious user could still attempt to invoke a task remotely and pass in bogus file and directory names. Platforms tested: RHEL5 x86_64 Flag Day: no Doc impact: no QA impact: should be covered by regular nightly and manual testing New Tests integrated into TET: none Index: dsalib_conf.c =================================================================== RCS file: /cvs/dirsec/adminserver/lib/libdsa/dsalib_conf.c,v retrieving revision 1.5 retrieving revision 1.6 diff -u -r1.5 -r1.6 --- dsalib_conf.c 31 Aug 2007 17:01:38 -0000 1.5 +++ dsalib_conf.c 14 Nov 2007 17:51:56 -0000 1.6 @@ -139,94 +139,3 @@ } return NULL; } - -static size_t -count_quotes (const char* s) -{ - size_t count = 0; - const char* t = s; - if (t) while ((t = strpbrk (t, "\"\\")) != NULL) { - ++count; - ++t; - } - return count; -} - -DS_EXPORT_SYMBOL char* -ds_enquote_config_value (int paramnum, char* s) -{ - char* result; - char* brkcharset = "\"\\ \t\r\n"; - char *encoded_quote = "22"; /* replace quote with \22 */ - int encoded_quote_len = strlen(encoded_quote); - char *begin = s; - if (*s && ! strpbrk (s, brkcharset) && - ! (paramnum == DS_AUDITFILE || paramnum == DS_ACCESSLOG || -#if defined( XP_WIN32 ) - paramnum == DS_SUFFIX || -#endif - paramnum == DS_ERRORLOG)) { - result = s; - } else { - char* t = malloc (strlen (s) + count_quotes (s) + 3); - result = t; - *t++ = '"'; - while (*s) { - switch (*s) { - - case '"': - /* convert escaped quotes by replacing the quote with - escape code e.g. 22 so that \" is converted to \22 "*/ - if ((s > begin) && (*(s - 1) == '\\')) - { - strcpy(t, encoded_quote); - t += encoded_quote_len; - } - else /* unescaped ", just replace with \22 "*/ - { - *t++ = '\\'; - strcpy(t, encoded_quote); - t += encoded_quote_len; - } - ++s; - break; - - default: - *t++ = *s++; /* just copy it */ - break; - } - } - *t++ = '"'; - *t = '\0'; - } - return result; -} - -DS_EXPORT_SYMBOL char* -ds_DNS_to_DN (char* DNS) -{ - static const char* const RDN = "dc="; - char* DN; - char* dot; - size_t components; - if (DNS == NULL || *DNS == '\0') { - return strdup (""); - } - components = 1; - for (dot = strchr (DNS, '.'); dot != NULL; dot = strchr (dot + 1, '.')) { - ++components; - } - DN = malloc (strlen (DNS) + (components * strlen(RDN)) + 1); - strcpy (DN, RDN); - for (dot = strchr (DNS, '.'); dot != NULL; dot = strchr (dot + 1, '.')) { - *dot = '\0'; - strcat (DN, DNS); - strcat (DN, ","); - strcat (DN, RDN); - DNS = dot + 1; - *dot = '.'; - } - strcat (DN, DNS); - dn_normalize (DN); - return DN; -} Index: dsalib_db.c =================================================================== RCS file: /cvs/dirsec/adminserver/lib/libdsa/dsalib_db.c,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- dsalib_db.c 24 Jul 2007 20:10:18 -0000 1.4 +++ dsalib_db.c 14 Nov 2007 17:51:56 -0000 1.5 @@ -80,308 +80,3 @@ return(bak_dirs); } - -/* - * Restore a database based on a backup directory name. - * 0: success - * anything else: failure - */ -DS_EXPORT_SYMBOL int -ds_bak2db(char *file) -{ - char startup_line[BIG_LINE]; - char statfile[PATH_MAX]; - char *tmp_dir; - char *instdir; - int haderror = 0; - int error = -1; - int status; - FILE *sf = NULL; - struct stat fstats; - - if ( file == NULL ) { - return DS_NULL_PARAMETER; - } - status = ds_get_updown_status(); - if ( status == DS_SERVER_UP ) { - return DS_SERVER_MUST_BE_DOWN; - } - if ( (instdir = ds_get_instance_dir()) == NULL ) { - return DS_NO_INSTANCE_DIR; - } - - if ( file[strlen(file) - 1] == '\n' ) /* strip out returns */ - file[strlen(file) - 1] = '\0'; - - if( stat( file, &fstats ) == -1 && errno == ENOENT ) { - return DS_CANNOT_OPEN_BACKUP_FILE; - } else if( !(fstats.st_mode & S_IFDIR) ) { - return DS_NOT_A_DIRECTORY; - } - - tmp_dir = ds_get_tmp_dir(); - PR_snprintf(statfile, PATH_MAX, "%s%cbak2db.%d", tmp_dir, FILE_SEP, (int)getpid()); - PR_snprintf(startup_line, BIG_LINE, - "%s%cbak2db " - "%s%s%s > " - "%s%s%s 2>&1", - instdir, FILE_SEP, - ENQUOTE, file, ENQUOTE, - ENQUOTE, statfile, ENQUOTE ); - alter_startup_line(startup_line); - fflush(0); - error = system(startup_line); - fflush(0); - if ( error == -1 ) { - return DS_CANNOT_EXEC; - } - fflush(0); - if( !(sf = fopen(statfile, "r")) ) { - return DS_CANNOT_OPEN_STAT_FILE; - } - - while ( fgets(startup_line, BIG_LINE, sf) ) { - if ((strstr(startup_line, "- Restoring file")) || - (strstr(startup_line, "- Checkpointing"))) { - ds_show_message(startup_line); - } else { - haderror = 1; - ds_send_error(startup_line, 0); - } - } - - fclose(sf); - unlink(statfile); - - if ( haderror ) - return DS_UNKNOWN_ERROR; - return 0; -} - -/* - * Create a backup based on a file name. - * 0: success - * anything else: failure - */ -DS_EXPORT_SYMBOL int -ds_db2bak(char *file) -{ - char startup_line[BIG_LINE]; - char statfile[PATH_MAX]; - char *tmp_dir; - char *instdir; - int haderror = 0; - int error = -1; - FILE *sf = NULL; - int lite = 0; -#ifdef XP_WIN32 - time_t ltime; -#endif - - if ( (instdir = ds_get_instance_dir()) == NULL ) { - return DS_NO_INSTANCE_DIR; - } - - if ( (file == NULL) || (strlen(file) == 0) ) - file = NULL; - - tmp_dir = ds_get_tmp_dir(); - PR_snprintf(statfile, PATH_MAX, "%s%cdb2bak.%d", tmp_dir, FILE_SEP, (int)getpid()); - - -#if defined( XP_WIN32 ) - if( file == NULL ) - { - file = malloc( BIG_LINE ); - - time( &ltime ); - PR_snprintf( file, BIG_LINE, "%s", ctime( &ltime ) ); - ds_timetofname( file ); - } - - /* Check if the directory exists or can be created */ - if ( !ds_file_exists( file ) ) { - char *errmsg = ds_mkdir_p( file, NEWDIR_MODE ); - if( errmsg != NULL ) { -/* ds_send_error(errmsg, 10); - */ - return DS_CANNOT_CREATE_DIRECTORY; - } - } -#endif - -/* DBDB: note on the following line. - * Originally this had quotes round the directory name. - * I found that this made the script not work becuase - * a path of the form "foo"/bar/"baz" was passed to slapd. - * the c runtime didn't like this. Perhaps there's a simple - * solution, but for now I've modified this line here to - * not quote the directory name. This means that backup - * directories can't have spaces in them. - */ - - - PR_snprintf(startup_line, sizeof(startup_line), - "%s%cdb2bak " - "%s%s%s > " - "%s%s%s 2>&1", - instdir, FILE_SEP, - ENQUOTE, - (file == NULL) ? "" : file, - ENQUOTE, - ENQUOTE, statfile, ENQUOTE); - - PATH_FOR_PLATFORM( startup_line ); - alter_startup_line(startup_line); - fflush(0); - error = system(startup_line); - if ( error == -1 ) { - return DS_CANNOT_EXEC; - } - if( !(sf = fopen(statfile, "r")) ) { - return DS_CANNOT_OPEN_STAT_FILE; - } - - while ( fgets(startup_line, BIG_LINE, sf) ) { - if (strstr(startup_line, " - Backing up file") || - strstr(startup_line, " - Checkpointing database")) { - ds_show_message(startup_line); - } else { - haderror = 1; - if (strstr ( startup_line, "restricted mode")) { - lite = 1; - } - ds_send_error(startup_line, 0); - } - } - fclose(sf); - unlink(statfile); - - if ( lite && haderror ) - return DS_HAS_TOBE_READONLY_MODE; - - if ( haderror ) - return DS_UNKNOWN_ERROR; - return 0; -} - -static void -process_and_report( char *line, int line_size, FILE *cmd ) -{ - while(fgets(line, line_size, cmd)) { - /* Strip off line feeds */ - int ind = strlen( line ) - 1; - while ( (ind >= 0) && - ((line[ind] == '\n') || - (line[ind] == '\r')) ) { - line[ind] = 0; - ind--; - } - if ( ind < 1 ) { - continue; - } - ds_send_status(line); - } -} - -static int exec_and_report( char *startup_line ) -{ - FILE *cmd = NULL; - char line[BIG_LINE]; - int haderror = 0; - - PATH_FOR_PLATFORM( startup_line ); - alter_startup_line(startup_line); - - /* - fprintf( stdout, "Launching <%s>\n", startup_line ); - */ - - fflush(0); - cmd = popen(startup_line, "r"); - if(!cmd) { - return DS_CANNOT_EXEC; - } - process_and_report( line, sizeof(line), cmd ); - pclose(cmd); - - /* - ** The VLV indexing code prints OK, - ** if the index was successfully created. - */ - if (strcmp(line,"OK")==0) { - haderror = 0; - } else { - haderror = DS_UNKNOWN_ERROR; - } - - return haderror; -} - -/* - * Create a vlv index - * 0: success - * anything else: failure - */ -DS_EXPORT_SYMBOL int -ds_vlvindex(char **backendList, char **vlvList) -{ - char startup_line[BIG_LINE]; - char *instdir; - char **vlvc = NULL; - - - instdir = ds_get_instance_dir(); - if ( instdir == NULL ) { - return DS_NO_INSTANCE_DIR; - } - - PR_snprintf(startup_line, sizeof(startup_line), "%s/%s db2index " - "-D %s%s/%s " - "-n %s ", - CMDBINDIR, SLAPD_NAME, - ENQUOTE, instdir, ENQUOTE, - backendList[0]); - - - /* Create vlv TAG */ - vlvc=vlvList; - while( *vlvc != NULL ) { - PR_snprintf( startup_line, sizeof(startup_line), "%s -T %s%s%s", startup_line,"\"",*vlvc,"\"" ); - vlvc++; - } - - return exec_and_report( startup_line ); -} - -/* - * Create one or more indexes - * 0: success - * anything else: failure - */ -DS_EXPORT_SYMBOL int -ds_addindex(char **attrList, char *backendName) -{ - char startup_line[BIG_LINE]; - char *instdir; - - instdir = ds_get_instance_dir(); - - if ( instdir == NULL ) { - return DS_NO_INSTANCE_DIR; - } - - PR_snprintf(startup_line, sizeof(startup_line), "%s/%s db2index " - "-D %s%s%s " - "-n %s", - CMDBINDIR, SLAPD_NAME, - ENQUOTE, instdir, ENQUOTE, - backendName); - - while( *attrList != NULL ) { - PR_snprintf( startup_line, sizeof(startup_line), "%s -t %s", startup_line, *attrList ); - attrList++; - } - - return exec_and_report( startup_line ); -} Index: dsalib_util.c =================================================================== RCS file: /cvs/dirsec/adminserver/lib/libdsa/dsalib_util.c,v retrieving revision 1.3 retrieving revision 1.4 diff -u -r1.3 -r1.4 --- dsalib_util.c 31 Aug 2007 17:01:38 -0000 1.3 +++ dsalib_util.c 14 Nov 2007 17:51:56 -0000 1.4 @@ -81,51 +81,6 @@ return 0; } -DS_EXPORT_SYMBOL int -ds_mkdir(char *dir, int mode) -{ - if(!ds_file_exists(dir)) { -#ifdef XP_UNIX - if(mkdir(dir, mode) == -1) -#else /* XP_WIN32 */ - if(!CreateDirectory(dir, NULL)) -#endif /* XP_WIN32 */ - return -1; - } - return 0; -} - - -DS_EXPORT_SYMBOL char * -ds_mkdir_p(char *dir, int mode) -{ - static char errmsg[ERR_SIZE]; - struct stat fi; - char *t; - -#ifdef XP_UNIX - t = dir + 1; -#else /* XP_WIN32 */ - t = dir + 3; -#endif /* XP_WIN32 */ - - while(1) { - t = strchr(t, FILE_PATHSEP); - - if(t) *t = '\0'; - if(stat(dir, &fi) == -1) { - if(ds_mkdir(dir, mode) == -1) { - PR_snprintf(errmsg, sizeof(errmsg), "mkdir %s failed (%s)", dir, ds_system_errmsg()); - return errmsg; - } - } - if(t) *t++ = FILE_PATHSEP; - else break; - } - return NULL; -} - - /* * Given the name of a directory, return a NULL-terminated array of * the file names contained in that directory. Returns NULL if the directory @@ -210,100 +165,6 @@ } #endif /* ( XP_WIN32 ) */ - -DS_EXPORT_SYMBOL time_t -ds_get_mtime(char *filename) -{ - struct stat fi; - - if ( stat(filename, &fi) ) - return 0; - return fi.st_mtime; -} - -/* - * Copy files: return is - * 1: success - * 0: failure - * Print errors as needed. - */ -DS_EXPORT_SYMBOL int -ds_cp_file(char *sfile, char *dfile, int mode) -{ -#if defined( XP_WIN32 ) - return( CopyFile( sfile, dfile, FALSE ) ); /* Copy even if dfile exists */ -#else - int sfd, dfd, len; - struct stat fi; - char copy_buffer[COPY_BUFFER_SIZE]; - unsigned long read_len; - char error[BIG_LINE]; - -/* Make sure we're in the right umask */ - umask(022); - - if( (sfd = open(sfile, O_RDONLY)) == -1) { - PR_snprintf(error, sizeof(error), "Can't open file %s for reading.", sfile); - ds_send_error(error, 1); - return(0); - } - - fstat(sfd, &fi); - if (!(S_ISREG(fi.st_mode))) { - PR_snprintf(error, sizeof(error), "File %s is not a regular file.", sfile); - ds_send_error(error, 1); - close(sfd); - return(0); - } - len = fi.st_size; - - if( (dfd = open(dfile, O_RDWR | O_CREAT | O_TRUNC, mode)) == -1) { - PR_snprintf(error, sizeof(error), "can't write to file %s", dfile); - ds_send_error(error, 1); - close(sfd); - return(0); - } - while (len) { - read_len = len>COPY_BUFFER_SIZE?COPY_BUFFER_SIZE:len; - - if ( (read_len = read(sfd, copy_buffer, read_len)) == -1) { - PR_snprintf(error, sizeof(error), "Error reading file %s for copy.", sfile); - ds_send_error(error, 1); - close(sfd); - close(dfd); - return(0); - } - - if ( write(dfd, copy_buffer, read_len) != read_len) { - PR_snprintf(error, sizeof(error), "Error writing file %s for copy.", dfile); - ds_send_error(error, 1); - close(sfd); - close(dfd); - return(0); - } - - len -= read_len; - } - close(sfd); - close(dfd); - return(1); -#endif -} - -DS_EXPORT_SYMBOL void -ds_unixtodospath(char *szText) -{ - if(szText) - { - while(*szText) - { - if( *szText == '/' ) - *szText = '\\'; - szText++; - } - } -} - /* converts '\' chars to '/' */ DS_EXPORT_SYMBOL void ds_dostounixpath(char *szText) @@ -319,134 +180,6 @@ } } -/* converts ':' chars to ' ' */ -DS_EXPORT_SYMBOL void -ds_timetofname(char *szText) -{ - if(szText) - { - /* Replace trailing newline */ - szText[ strlen( szText ) -1 ] = 0; - while(*szText) - { - if( *szText == ':' || - *szText == ' ' ) - *szText = '_'; - szText++; - } - } -} - -/* Effects a rename in 2 steps, needed on NT because if the -target of a rename() already exists, the rename() will fail. */ -DS_EXPORT_SYMBOL int -ds_saferename(char *szSrc, char *szTarget) -{ -#ifdef XP_WIN32 - int iRetVal; - char *szTmpFile; - struct stat buf; -#endif - - if( !szSrc || !szTarget ) - return 1; - -#if defined( XP_WIN32 ) - - szTmpFile = mktemp("slrnXXXXXX" ); - if( stat( szTarget, &buf ) == 0 ) - { - /* Target file exists */ - if( !szTmpFile ) - return 1; - - if( !ds_cp_file( szTarget, szTmpFile, 0644) ) - return( 1 ); - - unlink( szTarget ); - if( (iRetVal = rename( szSrc, szTarget )) != 0 ) - { - /* Failed to rename, copy back. */ - ds_cp_file( szTmpFile, szTarget, 0644); - } - /* Now remove temp file */ - unlink( szTmpFile ); - } - else - iRetVal = rename(szSrc, szTarget); - - return iRetVal; -#else - return rename(szSrc, szTarget); -#endif - -} - -DS_EXPORT_SYMBOL char* -ds_encode_all (const char* s) -{ - char* r; - size_t l; - size_t i; - if (s == NULL || *s == '\0') { - return strdup (""); - } - l = strlen (s); - r = malloc (l * 3 + 1); - for (i = 0; *s != '\0'; ++s) { - r[i++] = '%'; - sprintf (r + i, "%.2X", 0xFF & (unsigned int)*s); - i += 2; - } - r[i] = '\0'; - return r; -} - -DS_EXPORT_SYMBOL char* -ds_URL_encode (const char* s) -{ - char* r; - size_t l; - size_t i; - if (s == NULL || *s == '\0') { - return strdup (""); - } - l = strlen (s) + 1; - r = malloc (l); - for (i = 0; *s != '\0'; ++s) { - if (*s >= 0x20 && *s <= 0x7E && strchr (" <>\"#%{}[]|\\^~`?,;=+\n", *s) == NULL) { - if (l - i <= 1) r = realloc (r, l *= 2); - r[i++] = *s; - } else { /* encode *s */ - if (l - i <= 3) r = realloc (r, l *= 2); - r[i++] = '%'; - sprintf (r + i, "%.2X", 0xFF & (unsigned int)*s); - i += 2; - } - } - r[i] = '\0'; - return r; -} - -DS_EXPORT_SYMBOL char* -ds_URL_decode (const char* original) -{ - char* r = strdup (original); - char* s; - for (s = r; *s != '\0'; ++s) { - if (*s == '+') { - *s = ' '; - } - else if (*s == '%' && isxdigit(s[1]) && isxdigit(s[2])) { - memmove (s, s+1, 2); - s[2] = '\0'; - *s = (char)strtoul (s, NULL, 16); - memmove (s+1, s+3, strlen (s+3) + 1); - } - } - return r; -} - #if !defined( XP_WIN32 ) #include <errno.h> /* errno */ #include <pwd.h> /* getpwnam */ @@ -547,26 +280,6 @@ #endif } -/* - * When a path containing a long filename is passed to system(), the call - * fails. Therfore, we need to use the short version of the path, when - * constructing the path to pass to system(). - */ -DS_EXPORT_SYMBOL char* -ds_makeshort( char * filepath ) -{ -#if defined( XP_WIN32 ) - char *shortpath = malloc( MAX_PATH ); - DWORD dwStatus; - if( shortpath ) - { - dwStatus = GetShortPathName( filepath, shortpath, MAX_PATH ); - return( shortpath ); - } -#endif - return filepath; -} - /* returns 1 if string "searchstring" found in file "filename" */ /* if found, returnstring is allocated and filled with the line */ /* caller should release the memory */ @@ -711,46 +424,6 @@ return; } -DS_EXPORT_SYMBOL void -ds_show_key_value(char *key, char *value) -{ - FILE *logfp; - printf("%s%s%s\n", key, SEPARATOR, value); - - if ((logfp = get_logfp())) { - fprintf(logfp, "%s%s%s\n", key, SEPARATOR, value); - fclose(logfp); - } - return; -} - -/* Stolen from the Admin Server dsgw_escape_for_shell */ -DS_EXPORT_SYMBOL char * -ds_escape_for_shell( char *s ) -{ - char *escaped; - char tmpbuf[4]; - size_t x,l; - - if ( s == NULL ) { - return( s ); - } - - l = 3 * strlen( s ) + 1; - escaped = malloc( l ); - memset( escaped, 0, l ); - for ( x = 0; s[x]; x++ ) { - if (( (unsigned char)s[x] & 0x80 ) == 0 ) { - strncat( escaped, &s[x], 1 ); - } else { - /* not an ASCII character - escape it */ - sprintf( tmpbuf, "\\%x", (unsigned)(((unsigned char)(s[x])) & 0xff) ); - strcat( escaped, tmpbuf ); - } - } - return( escaped ); -} - DS_EXPORT_SYMBOL char * ds_system_errmsg(void) { --- dsalib_dn.c DELETED --- --- dsalib_filename.c DELETED --- --- dsalib_ldif.c DELETED --- --- dsalib_pw.c DELETED ---

16 years, 5 months

1
0
0 / 0

[Fedora-directory-commits] adminserver/admserv/schema/ldif 11dstasks.ldif.tmpl, 1.4, 1.5

by Doctor Conrad

Author: rmeggins Update of /cvs/dirsec/adminserver/admserv/schema/ldif In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5290/adminserver/admserv/schema/ldif Modified Files: 11dstasks.ldif.tmpl Log Message: Resolves: bug 186280 Bug Description: Close potential security vulnerabilities in CGI code Reviewed by: nhosoi (Thanks!) Fix Description: This is for the CGIs moved into adminserver from ds. There is quite a bit of code here that we don't use anymore. We can also get rid of Import.java and Export.java in the ds console code. This addresses the security issues because, even though the console doesn't ever call the tasks that invoke the CGIs for db2ldif, ldif2db, etc. a malicious user could still attempt to invoke a task remotely and pass in bogus file and directory names. Platforms tested: RHEL5 x86_64 Flag Day: no Doc impact: no QA impact: should be covered by regular nightly and manual testing New Tests integrated into TET: none Index: 11dstasks.ldif.tmpl =================================================================== RCS file: /cvs/dirsec/adminserver/admserv/schema/ldif/11dstasks.ldif.tmpl,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- 11dstasks.ldif.tmpl 4 Jul 2007 01:31:33 -0000 1.4 +++ 11dstasks.ldif.tmpl 14 Nov 2007 17:51:55 -0000 1.5 @@ -63,7 +63,6 @@ objectClass: nstask objectClass: nsAdminObject nsClassname: com.netscape.admin.dirserv.task.Backup@%ds_console_jar%@%as_sie% -nsExecRef: ds_db2bak cn: Backup dn: cn=Restore, cn=operation, cn=Tasks, %ds_sie% @@ -71,7 +70,6 @@ objectClass: nstask objectClass: nsAdminObject nsClassname: com.netscape.admin.dirserv.task.Restore@%ds_console_jar%@%as_sie% -nsExecRef: ds_bak2db cn: Restore dn: cn=KeyCert, cn=operation, cn=Tasks, %ds_sie% @@ -102,20 +100,6 @@ nsClassname: com.netscape.admin.dirserv.task.CompleteExport@%ds_console_jar%@%as_sie% cn: CompleteExport -dn: cn=Export, cn=operation, cn=Tasks, %ds_sie% -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsExecRef: ds_db2ldif -cn: Export - -dn: cn=Import, cn=operation, cn=Tasks, %ds_sie% -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsExecRef: ds_ldif2db -cn: Import - dn: cn=ViewLog, cn=operation, cn=Tasks, %ds_sie% objectClass: top objectClass: nstask @@ -141,14 +125,12 @@ objectClass: top objectClass: nstask objectClass: nsAdminObject -nsExecRef: ds_vlvindex cn: CreateVLVIndex dn: cn=AddIndex, cn=operation, cn=Tasks, %ds_sie% objectClass: top objectClass: nstask objectClass: nsAdminObject -nsExecRef: ds_addindex cn: AddIndex dn: cn=SNMPCtrl, cn=operation, cn=Tasks, %ds_sie%

16 years, 5 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

389-commits November 2007