[Fedora-directory-commits] ldapserver/ldap/servers/slapd ssl.c, 1.22, 1.23
by Richard Allen Megginson
Author: rmeggins
Update of /cvs/dirsec/ldapserver/ldap/servers/slapd
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv27785/ldapserver/ldap/servers/slapd
Modified Files:
ssl.c
Log Message:
Resolves: bug 482909
Bug Description: server seg fault if doing SSLCLIENTAUTH without being an ssl server
Reviewed by: nkinder (Thanks!)
Fix Description: When I changed the code to allow the DS to be an SSL client without having to be an SSL server, I missed the svrcore setup for EXTERNAL (ssl client auth). The fix is to check to see if svrcore has been set up, and initialize it if not, before attempting to use it.
Platforms tested: RHEL5
Flag Day: no
Doc impact: no
Index: ssl.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/ssl.c,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -r1.22 -r1.23
--- ssl.c 13 Jan 2009 19:01:10 -0000 1.22
+++ ssl.c 28 Jan 2009 21:59:41 -0000 1.23
@@ -473,18 +473,11 @@
return rv;
}
-/*
- * slapd_ssl_init() is called from main() if we plan to listen
- * on a secure port.
- */
-int
-slapd_ssl_init() {
+static int
+svrcore_setup()
+{
PRErrorCode errorCode;
- char ** family_list;
- char *val = NULL;
- char cipher_string[1024];
int rv = 0;
- PK11SlotInfo *slot;
#ifndef _WIN32
SVRCOREStdPinObj *StdPinObj;
#else
@@ -492,40 +485,11 @@
SVRCOREAltPinObj *AltPinObj;
SVRCORENTUserPinObj *NTUserPinObj;
#endif
- Slapi_Entry *entry = NULL;
-
- /* Get general information */
-
- getConfigEntry( configDN, &entry );
-
- val = slapi_entry_attr_get_charptr( entry, "nssslSessionTimeout" );
- ciphers = slapi_entry_attr_get_charptr( entry, "nsssl3ciphers" );
-
- /* We are currently using the value of sslSessionTimeout
- for ssl3SessionTimeout, see SSL_ConfigServerSessionIDCache() */
- /* Note from Tom Weinstein on the meaning of the timeout:
-
- Timeouts are in seconds. '0' means use the default, which is
- 24hrs for SSL3 and 100 seconds for SSL2.
- */
-
- if(!val) {
- errorCode = PR_GetError();
- slapd_SSL_warn("Security Initialization: Failed to retrieve SSL "
- "configuration information ("
- SLAPI_COMPONENT_NAME_NSPR " error %d - %s): "
- "nssslSessionTimeout: %s ",
- errorCode, slapd_pr_strerror(errorCode),
- (val ? "found" : "not found"));
- slapi_ch_free((void **) &val);
- slapi_ch_free((void **) &ciphers);
- return -1;
- }
-
- stimeout = atoi(val);
- slapi_ch_free((void **) &val);
-
#ifndef _WIN32
+ StdPinObj = (SVRCOREStdPinObj *)SVRCORE_GetRegisteredPinObj();
+ if (StdPinObj) {
+ return 0; /* already registered */
+ }
if ( SVRCORE_CreateStdPinObj(&StdPinObj, dongle_file_name, PR_TRUE) !=
SVRCORE_Success) {
errorCode = PR_GetError();
@@ -536,6 +500,10 @@
}
SVRCORE_RegisterPinObj((SVRCOREPinObj *)StdPinObj);
#else
+ AltPinObj = (SVRCOREAltPinObj *)SVRCORE_GetRegisteredPinObj();
+ if (AltPinObj) {
+ return 0; /* already registered */
+ }
if (SVRCORE_CreateFilePinObj(&FilePinObj, dongle_file_name) !=
SVRCORE_Success) {
errorCode = PR_GetError();
@@ -563,6 +531,58 @@
#endif /* _WIN32 */
+ return rv;
+}
+
+/*
+ * slapd_ssl_init() is called from main() if we plan to listen
+ * on a secure port.
+ */
+int
+slapd_ssl_init() {
+ PRErrorCode errorCode;
+ char ** family_list;
+ char *val = NULL;
+ char cipher_string[1024];
+ int rv = 0;
+ PK11SlotInfo *slot;
+ Slapi_Entry *entry = NULL;
+
+ /* Get general information */
+
+ getConfigEntry( configDN, &entry );
+
+ val = slapi_entry_attr_get_charptr( entry, "nssslSessionTimeout" );
+ ciphers = slapi_entry_attr_get_charptr( entry, "nsssl3ciphers" );
+
+ /* We are currently using the value of sslSessionTimeout
+ for ssl3SessionTimeout, see SSL_ConfigServerSessionIDCache() */
+ /* Note from Tom Weinstein on the meaning of the timeout:
+
+ Timeouts are in seconds. '0' means use the default, which is
+ 24hrs for SSL3 and 100 seconds for SSL2.
+ */
+
+ if(!val) {
+ errorCode = PR_GetError();
+ slapd_SSL_warn("Security Initialization: Failed to retrieve SSL "
+ "configuration information ("
+ SLAPI_COMPONENT_NAME_NSPR " error %d - %s): "
+ "nssslSessionTimeout: %s ",
+ errorCode, slapd_pr_strerror(errorCode),
+ (val ? "found" : "not found"));
+ slapi_ch_free((void **) &val);
+ slapi_ch_free((void **) &ciphers);
+ return -1;
+ }
+
+ stimeout = atoi(val);
+ slapi_ch_free((void **) &val);
+
+ if (svrcore_setup()) {
+ return -1;
+ }
+
if((family_list = getChildren(configDN))) {
char **family;
char *token;
@@ -687,6 +707,10 @@
#ifndef _WIN32
SVRCOREStdPinObj *StdPinObj;
+ if (svrcore_setup()) {
+ return 1;
+ }
+
StdPinObj = (SVRCOREStdPinObj *)SVRCORE_GetRegisteredPinObj();
SVRCORE_SetStdPinInteractive(StdPinObj, PR_FALSE);
#endif
@@ -1159,35 +1183,37 @@
/* Free config data */
+ if (!svrcore_setup()) {
#ifndef _WIN32
- StdPinObj = (SVRCOREStdPinObj *)SVRCORE_GetRegisteredPinObj();
- err = SVRCORE_StdPinGetPin( &pw, StdPinObj, token );
+ StdPinObj = (SVRCOREStdPinObj *)SVRCORE_GetRegisteredPinObj();
+ err = SVRCORE_StdPinGetPin( &pw, StdPinObj, token );
#else
- AltPinObj = (SVRCOREAltPinObj *)SVRCORE_GetRegisteredPinObj();
- pw = SVRCORE_GetPin( (SVRCOREPinObj *)AltPinObj, token, PR_FALSE);
+ AltPinObj = (SVRCOREAltPinObj *)SVRCORE_GetRegisteredPinObj();
+ pw = SVRCORE_GetPin( (SVRCOREPinObj *)AltPinObj, token, PR_FALSE);
#endif
- if ( err != SVRCORE_Success || pw == NULL) {
- errorCode = PR_GetError();
- slapd_SSL_warn("SSL client authentication cannot be used "
- "(no password). (" SLAPI_COMPONENT_NAME_NSPR " error %d - %s)",
- errorCode, slapd_pr_strerror(errorCode));
- } else {
- rc = ldapssl_enable_clientauth (ld, SERVER_KEY_NAME, pw, cert_name);
- if (rc != 0) {
+ if ( err != SVRCORE_Success || pw == NULL) {
errorCode = PR_GetError();
- slapd_SSL_warn("ldapssl_enable_clientauth(%s, %s) %i ("
- SLAPI_COMPONENT_NAME_NSPR " error %d - %s)",
- SERVER_KEY_NAME, cert_name, rc,
- errorCode, slapd_pr_strerror(errorCode));
+ slapd_SSL_warn("SSL client authentication cannot be used "
+ "(no password). (" SLAPI_COMPONENT_NAME_NSPR " error %d - %s)",
+ errorCode, slapd_pr_strerror(errorCode));
} else {
- /* We cannot allow NSS to cache outgoing client auth connections -
- each client auth connection must have it's own non-shared SSL
- connection to the peer so that it will go through the
- entire handshake protocol every time including the use of its
- own unique client cert - see bug 605457
- */
+ rc = ldapssl_enable_clientauth (ld, SERVER_KEY_NAME, pw, cert_name);
+ if (rc != 0) {
+ errorCode = PR_GetError();
+ slapd_SSL_warn("ldapssl_enable_clientauth(%s, %s) %i ("
+ SLAPI_COMPONENT_NAME_NSPR " error %d - %s)",
+ SERVER_KEY_NAME, cert_name, rc,
+ errorCode, slapd_pr_strerror(errorCode));
+ } else {
+ /* We cannot allow NSS to cache outgoing client auth connections -
+ each client auth connection must have it's own non-shared SSL
+ connection to the peer so that it will go through the
+ entire handshake protocol every time including the use of its
+ own unique client cert - see bug 605457
+ */
- ldapssl_set_option(ld, SSL_NO_CACHE, PR_TRUE);
+ ldapssl_set_option(ld, SSL_NO_CACHE, PR_TRUE);
+ }
}
}
15 years, 2 months
[Fedora-directory-commits] adminserver/admserv/newinst/src AdminServer.pm.in, 1.14, 1.15 adminserver.map.in, 1.10, 1.11
by Nathan Kinder
Author: nkinder
Update of /cvs/dirsec/adminserver/admserv/newinst/src
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv19994/admserv/newinst/src
Modified Files:
AdminServer.pm.in adminserver.map.in
Log Message:
Resolves: 430364
Summary: Allow listen address to be passed in via installer.
Index: AdminServer.pm.in
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/newinst/src/AdminServer.pm.in,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- AdminServer.pm.in 14 Jul 2008 20:00:03 -0000 1.14
+++ AdminServer.pm.in 28 Jan 2009 21:25:58 -0000 1.15
@@ -346,7 +346,9 @@
$? = 0; # clear error
my $output = `$cmd 2>&1`;
- if ($?) {
+ # Check the output of the config CGI to see if something bad happened.
+ if ($? || $output =~ /NMC_Status: 1/) {
+ debug(0, "Error updating console.conf:\n");
debug(0, $output);
$ENV{LD_LIBRARY_PATH} = $savepath;
$ENV{SHLIB_PATH} = $savepath;
Index: adminserver.map.in
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/newinst/src/adminserver.map.in,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- adminserver.map.in 14 Jul 2008 18:43:02 -0000 1.10
+++ adminserver.map.in 28 Jan 2009 21:25:58 -0000 1.11
@@ -48,6 +48,7 @@
uname_m = `open(UNAMEM, "uname -m |"); $returnvalue = <UNAMEM>; chomp $returnvalue; close(UNAMEM);`
asid = `$returnvalue = $mapper->{fqdn}; $returnvalue =~ s/\..*$//;`
as_port = Port
+as_addr = ServerIpAddress
admpw = "@configdir@/admpw"
as_error = "@logdir@/error"
as_access = "@logdir@/access"
15 years, 2 months
[Fedora-directory-commits] adminserver/admserv/cgi-src40 config.c, 1.16, 1.17
by Nathan Kinder
Author: nkinder
Update of /cvs/dirsec/adminserver/admserv/cgi-src40
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv19994/admserv/cgi-src40
Modified Files:
config.c
Log Message:
Resolves: 430364
Summary: Allow listen address to be passed in via installer.
Index: config.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/config.c,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -r1.16 -r1.17
--- config.c 4 Dec 2008 20:01:28 -0000 1.16
+++ config.c 28 Jan 2009 21:25:58 -0000 1.17
@@ -1037,13 +1037,9 @@
#endif
static int validate_addr(char* ip) {
-
- char systemInfo[SYS_INFO_BUFFER_LENGTH];
- char buf[PR_NETDB_BUF_SIZE];
- PRIntn index;
- PRNetAddr netaddr, netaddr1;
- PRStatus pr_st;
- PRHostEnt hostentry;
+ PRNetAddr netaddr;
+ PRFileDesc *sock = NULL;
+ int ret = 0;
/* If ip address is not define, it means that server should listen on all interfaces */
if (ip==NULL || *ip=='\0') return 1;
@@ -1052,18 +1048,16 @@
if (!strcmp(ip, "127.0.0.1")) return 1;
if (!strcmp(ip, "0.0.0.0")) return 1;
- PR_StringToNetAddr(ip, &netaddr);
-
- pr_st = PR_GetSystemInfo(PR_SI_HOSTNAME, systemInfo, SYS_INFO_BUFFER_LENGTH);
-
- pr_st = PR_GetHostByName(systemInfo, buf, PR_NETDB_BUF_SIZE, &hostentry);
-
- index = 0;
- while ((index = PR_EnumerateHostEnt(index, &hostentry, 8000, &netaddr1))) {
- if (netaddr1.inet.ip == netaddr.inet.ip) return 1;
+ if (PR_StringToNetAddr(ip, &netaddr) == PR_SUCCESS) {
+ if ((sock = PR_NewTCPSocket()) != NULL) {
+ if (PR_Bind(sock, &netaddr) == PR_SUCCESS) {
+ ret = 1;
+ }
+ PR_Close(sock);
+ }
}
-
- return 0;
+
+ return ret;
}
/*
15 years, 2 months
[Fedora-directory-commits] adminserver/admserv/schema/ldif 20asdata.ldif.tmpl, 1.6, 1.7
by Nathan Kinder
Author: nkinder
Update of /cvs/dirsec/adminserver/admserv/schema/ldif
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv19994/admserv/schema/ldif
Modified Files:
20asdata.ldif.tmpl
Log Message:
Resolves: 430364
Summary: Allow listen address to be passed in via installer.
Index: 20asdata.ldif.tmpl
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/schema/ldif/20asdata.ldif.tmpl,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- 20asdata.ldif.tmpl 14 Jul 2008 18:43:02 -0000 1.6
+++ 20asdata.ldif.tmpl 28 Jan 2009 21:25:59 -0000 1.7
@@ -78,7 +78,7 @@
cn: Configuration
nsServerPort: %as_port%
nsSuiteSpotUser: %as_user%
-nsServerAddress:
+nsServerAddress: %as_addr%
nsAdminEnableEnduser: on
nsAdminEnableDSGW: on
nsDirectoryInfoRef: cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot
15 years, 2 months
[Fedora-directory-commits] mod_admserv mod_admserv.c,1.37,1.38
by Noriko Hosoi
Author: nhosoi
Update of /cvs/dirsec/mod_admserv
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv1705/mod_admserv
Modified Files:
mod_admserv.c
Log Message:
Resolves: #191834
Summary: Clean up admin password in memory when it's freed
Description: (comment #6)
Overwrote password strings with '\0's.
Index: mod_admserv.c
===================================================================
RCS file: /cvs/dirsec/mod_admserv/mod_admserv.c,v
retrieving revision 1.37
retrieving revision 1.38
diff -u -r1.37 -r1.38
--- mod_admserv.c 12 Dec 2008 19:45:05 -0000 1.37
+++ mod_admserv.c 28 Jan 2009 00:05:13 -0000 1.38
@@ -886,25 +886,28 @@
if (error != UG_OP_OK) {
*errorInfo = (char*)"unable to set User/Group baseDN";
- goto done;
+ goto done;
}
}
if (!extractLdapServerData(&userGroupServer, userGroupLdapURL, s)) {
*errorInfo = (char*)"unable to extract User/Group LDAP info";
- goto done;
+ goto done;
}
userGroupServer.bindDN = userGroupBindDN ? apr_pstrdup(module_pool, userGroupBindDN) : NULL;
userGroupServer.bindPW = userGroupBindPW ? apr_pstrdup(module_pool, userGroupBindPW) : NULL;
- retval = TRUE; /* made it here, so success */
+ retval = TRUE; /* made it here, so success */
done:
- PL_strfree(siedn);
- PL_strfree(userGroupLdapURL);
- PL_strfree(userGroupBindDN);
- PL_strfree(userGroupBindPW);
- PL_strfree(dirInfoRef);
- destroyAdmldap(info);
+ PL_strfree(siedn);
+ PL_strfree(userGroupLdapURL);
+ PL_strfree(userGroupBindDN);
+ if (userGroupBindPW) {
+ memset(userGroupBindPW, 0, strlen(userGroupBindPW));
+ PL_strfree(userGroupBindPW);
+ }
+ PL_strfree(dirInfoRef);
+ destroyAdmldap(info);
return retval;
}
15 years, 3 months
[Fedora-directory-commits] adminserver/admserv/cgi-src40 sec-activate.c, 1.13, 1.14 security.c, 1.19, 1.20 viewlog.c, 1.12, 1.13
by Noriko Hosoi
Author: nhosoi
Update of /cvs/dirsec/adminserver/admserv/cgi-src40
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv1705/admserv/cgi-src40
Modified Files:
sec-activate.c security.c viewlog.c
Log Message:
Resolves: #191834
Summary: Clean up admin password in memory when it's freed
Description: (comment #6)
Overwrote password strings with '\0's.
Index: sec-activate.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/sec-activate.c,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -r1.13 -r1.14
--- sec-activate.c 4 Dec 2008 20:01:28 -0000 1.13
+++ sec-activate.c 28 Jan 2009 00:05:13 -0000 1.14
@@ -463,6 +463,7 @@
admSetCachedSIEPWD(pwd);
+ memset(pwd, 0, strlen(pwd));
free(pwd);
return admGetCachedSIEPWD();
Index: security.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/security.c,v
retrieving revision 1.19
retrieving revision 1.20
diff -u -r1.19 -r1.20
--- security.c 15 Dec 2008 20:06:55 -0000 1.19
+++ security.c 28 Jan 2009 00:05:13 -0000 1.20
@@ -505,7 +505,8 @@
PL_strfree(ssecurity);
PL_strfree(binddn);
if (freebindpw) {
- PL_strfree(bindpw);
+ memset(bindpw, 0, strlen(bindpw));
+ PL_strfree(bindpw);
}
}
}
Index: viewlog.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/viewlog.c,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -r1.12 -r1.13
--- viewlog.c 4 Dec 2008 20:01:28 -0000 1.12
+++ viewlog.c 28 Jan 2009 00:05:13 -0000 1.13
@@ -269,7 +269,9 @@
PL_strfree(ssecurity);
PL_strfree(binddn);
if (freebindpw) {
+ memset(bindpw, 0, strlen(bindpw));
PL_strfree(bindpw);
+ bindpw = NULL;
}
}
}
15 years, 3 months
[Fedora-directory-commits] adminutil/lib/libadminutil admutil.c, 1.9, 1.10 psetc.c, 1.5, 1.6 srvutil.c, 1.6, 1.7 uginfo.c, 1.5, 1.6
by Noriko Hosoi
Author: nhosoi
Update of /cvs/dirsec/adminutil/lib/libadminutil
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv32529/lib/libadminutil
Modified Files:
admutil.c psetc.c srvutil.c uginfo.c
Log Message:
Resolves: #191834
Summary: Clean up admin password in memory when it's freed
Description: (comment #5)
1) overwrote password string with '\0's.
2) psetCreate (psetc.c), psetCreateSSL (psetcssl.c)
Both has the similar code "passwd = bindPasswd; /* not to free bindPasswd */".
According to the comment, by setting bindPasswd to passwd, bindPasswd is not
supposed to be freed. But the current location does not stop it's being freed
since at that point bindPasswd is NULL and NULL is set to passwd. (Probably,
the path is not usually taken.)
Index: admutil.c
===================================================================
RCS file: /cvs/dirsec/adminutil/lib/libadminutil/admutil.c,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- admutil.c 5 Jul 2007 21:12:55 -0000 1.9
+++ admutil.c 28 Jan 2009 00:01:10 -0000 1.10
@@ -1434,24 +1434,23 @@
admInfo->localAdminName = NULL;
}
if (admInfo->localAdminPassword) {
+ memset(admInfo->localAdminPassword, '\0', strlen(admInfo->localAdminPassword));
PR_Free(admInfo->localAdminPassword);
admInfo->localAdminPassword = NULL;
}
- if (admInfo->sieDN)
- {
- PR_Free(admInfo->sieDN);
- admInfo->sieDN = NULL;
- }
- if (admInfo->userDN)
- {
- PR_Free(admInfo->userDN);
- admInfo->userDN = NULL;
- }
- if (admInfo->passwd)
- {
- PR_Free(admInfo->passwd);
- admInfo->passwd = NULL;
- }
+ if (admInfo->sieDN) {
+ PR_Free(admInfo->sieDN);
+ admInfo->sieDN = NULL;
+ }
+ if (admInfo->userDN) {
+ PR_Free(admInfo->userDN);
+ admInfo->userDN = NULL;
+ }
+ if (admInfo->passwd) {
+ memset(admInfo->passwd, '\0', strlen(admInfo->passwd));
+ PR_Free(admInfo->passwd);
+ admInfo->passwd = NULL;
+ }
if (admInfo->ldapHndl) {
ldap_unbind(admInfo->ldapHndl);
admInfo->ldapHndl = NULL;
@@ -1876,7 +1875,10 @@
PR_IMPLEMENT(void)
admSetCachedSIEPWD(const char *pwd)
{
- if (cachedSIEPWD) PR_Free(cachedSIEPWD);
+ if (cachedSIEPWD) {
+ memset(cachedSIEPWD, '\0', strlen(cachedSIEPWD));
+ PR_Free(cachedSIEPWD);
+ }
cachedSIEPWD = PL_strdup(pwd);
}
Index: psetc.c
===================================================================
RCS file: /cvs/dirsec/adminutil/lib/libadminutil/psetc.c,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- psetc.c 8 May 2007 19:13:25 -0000 1.5
+++ psetc.c 28 Jan 2009 00:01:10 -0000 1.6
@@ -171,7 +171,10 @@
if (psetp->configFile) PR_Free(psetp->configFile);
if (psetp->sieDN) PR_Free(psetp->sieDN);
if (psetp->binddn) PR_Free(psetp->binddn);
- if (psetp->bindpw) PR_Free(psetp->bindpw);
+ if (psetp->bindpw) {
+ memset(psetp->bindpw, 0, strlen(psetp->bindpw));
+ PR_Free(psetp->bindpw);
+ }
PR_Free(psetp);
}
@@ -1362,11 +1365,11 @@
userDN = admldapGetUserDN(ldapInfo, user);
if (passwd) {
bindPasswd = passwd;
- } else {
- bindPasswd = admldapGetSIEPWD(ldapInfo);
+ } else { /* passwd is NULL */
+ bindPasswd = admldapGetSIEPWD(ldapInfo); /* duplicated; need to free */
if (!bindPasswd) {
+ ADM_GetCurrentPassword(errorcode, &bindPasswd); /* should not free */
passwd = bindPasswd; /* setting this not to free bindPasswd */
- ADM_GetCurrentPassword(errorcode, &bindPasswd);
}
}
@@ -1384,7 +1387,13 @@
PR_Free(sieDN);
PR_smprintf_free(path);
PR_Free(userDN);
- if (!passwd) { if (bindPasswd) PR_Free(bindPasswd); }
+ if (!passwd) {
+ if (bindPasswd) {
+ memset(bindPasswd, '\0', strlen(bindPasswd));
+ PR_Free(bindPasswd);
+ bindPasswd = NULL;
+ }
+ }
destroyAdmldap(ldapInfo);
return pset;
}
@@ -2367,7 +2376,10 @@
if (pset->binddn) PR_Free(pset->binddn);
if (userDN) pset->binddn = PL_strdup(userDN);
else pset->binddn = NULL;
- if (pset->bindpw) PR_Free(pset->bindpw);
+ if (pset->bindpw) {
+ memset(pset->bindpw, 0, strlen(pset->bindpw));
+ PR_Free(pset->bindpw);
+ }
if (passwd) pset->bindpw = PL_strdup(passwd);
else pset->bindpw = NULL;
Index: srvutil.c
===================================================================
RCS file: /cvs/dirsec/adminutil/lib/libadminutil/srvutil.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- srvutil.c 3 Dec 2008 18:36:49 -0000 1.6
+++ srvutil.c 28 Jan 2009 00:01:10 -0000 1.7
@@ -82,7 +82,10 @@
if (sie) PR_Free(sie);
if (domainDN) PR_Free(domainDN);
if (host) PR_Free(host);
- if (siepwd) PR_Free(siepwd);
+ if (siepwd) {
+ memset(siepwd, '\0', strlen(siepwd));
+ PR_Free(siepwd);
+ }
return nl;
err:
@@ -90,7 +93,10 @@
if (sie) PR_Free(sie);
if (domainDN) PR_Free(domainDN);
if (host) PR_Free(host);
- if (siepwd) PR_Free(siepwd);
+ if (siepwd) {
+ memset(siepwd, '\0', strlen(siepwd));
+ PR_Free(siepwd);
+ }
return NULL;
}
@@ -182,7 +188,10 @@
psetDelete(domainPset);
PL_strfree(host);
PL_strfree(sie);
- PL_strfree(siepwd);
+ if (siepwd) {
+ memset(siepwd, '\0', strlen(siepwd));
+ PL_strfree(siepwd);
+ }
PL_strfree(isie);
return resultList;
Index: uginfo.c
===================================================================
RCS file: /cvs/dirsec/adminutil/lib/libadminutil/uginfo.c,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- uginfo.c 8 May 2007 19:13:25 -0000 1.5
+++ uginfo.c 28 Jan 2009 00:01:10 -0000 1.6
@@ -123,7 +123,7 @@
if (s && strcmp(s[0], "")) {
char *temp = strrchr(directoryURLVals[0], '/');
/* append failover list to url */
- if (NULL != temp) {
+ if (NULL != temp) {
*temp = '\0';
PR_snprintf(buffer, sizeof(buffer), "%s %s/%s",
directoryURLVals[0], s[0], temp + 1);
@@ -144,6 +144,9 @@
}
if (bindPasswordVals) {
*bindPassword = PL_strdup(bindPasswordVals[0]);
+ if (bindPasswordVals[0]) {
+ memset(bindPasswordVals[0], '\0', strlen(bindPasswordVals[0]));
+ }
ldap_value_free(bindPasswordVals);
}
if (directoryInfoRefVals) {
@@ -282,7 +285,11 @@
}
if (oldDirectoryURL) PR_Free(oldDirectoryURL);
if (oldBindDN) PR_Free(oldBindDN);
- if (oldBindPassword) PR_Free(oldBindPassword);
+ if (oldBindPassword) {
+ memset(oldBindPassword, '\0', strlen(oldBindPassword));
+ PR_Free(oldBindPassword);
+ oldBindPassword = NULL;
+ }
if (oldDirectoryInfoRef) PR_Free(oldDirectoryInfoRef);
}
@@ -302,7 +309,11 @@
*error_code = UG_LDAP_SYSTEM_ERR;
if (oldDirectoryURL) PR_Free(oldDirectoryURL);
if (oldBindDN) PR_Free(oldBindDN);
- if (oldBindPassword) PR_Free(oldBindPassword);
+ if (oldBindPassword) {
+ memset(oldBindPassword, '\0', strlen(oldBindPassword));
+ PR_Free(oldBindPassword);
+ oldBindPassword = NULL;
+ }
if (oldDirectoryInfoRef) PR_Free(oldDirectoryInfoRef);
return 0;
}
@@ -449,6 +460,7 @@
oldBindDN = NULL;
}
if (oldBindPassword) {
+ memset(oldBindPassword, '\0', strlen(oldBindPassword));
PR_Free(oldBindPassword);
oldBindPassword = NULL;
}
15 years, 3 months
[Fedora-directory-commits] adminutil/lib/libadmsslutil admsslutil.c, 1.10, 1.11 psetcssl.c, 1.4, 1.5 srvutilssl.c, 1.7, 1.8 uginfossl.c, 1.3, 1.4
by Noriko Hosoi
Author: nhosoi
Update of /cvs/dirsec/adminutil/lib/libadmsslutil
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv32529/lib/libadmsslutil
Modified Files:
admsslutil.c psetcssl.c srvutilssl.c uginfossl.c
Log Message:
Resolves: #191834
Summary: Clean up admin password in memory when it's freed
Description: (comment #5)
1) overwrote password string with '\0's.
2) psetCreate (psetc.c), psetCreateSSL (psetcssl.c)
Both has the similar code "passwd = bindPasswd; /* not to free bindPasswd */".
According to the comment, by setting bindPasswd to passwd, bindPasswd is not
supposed to be freed. But the current location does not stop it's being freed
since at that point bindPasswd is NULL and NULL is set to passwd. (Probably,
the path is not usually taken.)
Index: admsslutil.c
===================================================================
RCS file: /cvs/dirsec/adminutil/lib/libadmsslutil/admsslutil.c,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- admsslutil.c 3 Dec 2008 18:36:50 -0000 1.10
+++ admsslutil.c 28 Jan 2009 00:01:10 -0000 1.11
@@ -96,6 +96,7 @@
char *dn = admldapGetSIEDN(info);
ldapError = ldap_simple_bind_s(ld, dn, passwd);
PL_strfree(dn);
+ memset(passwd, '\0', strlen(passwd));
PL_strfree(passwd);
} else {
/* no password means just punt rather than do anon bind */
Index: psetcssl.c
===================================================================
RCS file: /cvs/dirsec/adminutil/lib/libadmsslutil/psetcssl.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- psetcssl.c 8 May 2007 19:13:26 -0000 1.4
+++ psetcssl.c 28 Jan 2009 00:01:10 -0000 1.5
@@ -205,11 +205,11 @@
userDN = admldapGetUserDN(ldapInfo, user);
if (passwd) {
bindPasswd = passwd;
- } else {
- bindPasswd = admldapGetSIEPWD(ldapInfo);
+ } else { /* passwd is NULL */
+ bindPasswd = admldapGetSIEPWD(ldapInfo); /* duplicated; need to free */
if (!bindPasswd) {
+ ADM_GetCurrentPassword(errorcode, &bindPasswd); /* should not free */
passwd = bindPasswd; /* not to free bindPasswd */
- ADM_GetCurrentPassword(errorcode, &bindPasswd);
}
}
@@ -228,7 +228,12 @@
PR_Free(ldapHost);
PR_Free(sieDN);
PR_smprintf_free(path);
- if (!passwd) { if (bindPasswd) PR_Free(bindPasswd); }
+ if (!passwd) {
+ if (bindPasswd) {
+ memset(bindPasswd, '\0', strlen(bindPasswd));
+ PR_Free(bindPasswd);
+ }
+ }
return pset;
}
Index: srvutilssl.c
===================================================================
RCS file: /cvs/dirsec/adminutil/lib/libadmsslutil/srvutilssl.c,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- srvutilssl.c 3 Dec 2008 18:36:50 -0000 1.7
+++ srvutilssl.c 28 Jan 2009 00:01:10 -0000 1.8
@@ -75,8 +75,11 @@
PR_Free(host);
host = NULL;
- PR_Free(siepwd);
- siepwd = NULL;
+ if (siepwd) {
+ memset(siepwd, '\0', strlen(siepwd));
+ PR_Free(siepwd);
+ siepwd = NULL;
+ }
if (!domainPset) goto err;
nl = retrieveSIEs(domainPset, domainDN, adminName);
@@ -132,8 +135,11 @@
host = NULL;
PR_Free(siedn);
siedn = NULL;
- PR_Free(siepwd);
- siepwd = NULL;
+ if (siepwd) {
+ memset(siepwd, '\0', strlen(siepwd));
+ PR_Free(siepwd);
+ siepwd = NULL;
+ }
if (!domainPset) goto err;
resultList = retrieveISIEs(domainPset, domainDN);
psetDelete(domainPset);
Index: uginfossl.c
===================================================================
RCS file: /cvs/dirsec/adminutil/lib/libadmsslutil/uginfossl.c,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- uginfossl.c 4 Apr 2007 19:37:47 -0000 1.3
+++ uginfossl.c 28 Jan 2009 00:01:10 -0000 1.4
@@ -103,7 +103,10 @@
*error_code = ADMUTIL_LDAP_ERR;
destroyAdmldap(ldapInfo);
PL_strfree(binddn);
- PL_strfree(bindpw);
+ if (bindpw) {
+ memset(bindpw, 0, strlen(bindpw));
+ PL_strfree(bindpw);
+ }
return NULL;
}
@@ -111,7 +114,11 @@
binddn,
bindpw);
PL_strfree(binddn);
- PL_strfree(bindpw);
+ if (bindpw) {
+ memset(bindpw, 0, strlen(bindpw));
+ PL_strfree(bindpw);
+ bindpw = NULL;
+ }
/* authenticate to LDAP server*/
if (ldapError != LDAP_SUCCESS) {
15 years, 3 months
[Fedora-directory-commits] ldapserver/ldap/servers/plugins/replication repl5_agmtlist.c, 1.11, 1.12
by Richard Allen Megginson
Author: rmeggins
Update of /cvs/dirsec/ldapserver/ldap/servers/plugins/replication
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv19724/ldapserver/ldap/servers/plugins/replication
Modified Files:
repl5_agmtlist.c
Log Message:
Resolves: bug 479253
Bug Description: Configuring Server to Server GSSAPI over SSL - Need better Error Message
Reviewed by: nkinder (Thanks!)
Fix Description: If the user attempts to set the bind mech to GSSAPI, and a secure transport is being used, the server will return LDAP_UNWILLING_TO_PERFORM and provide a useful error message. Same if GSSAPI is being used and the user attempts to use a secure transport.
Platforms tested: RHEL5
Flag Day: no
Doc impact: no
Index: repl5_agmtlist.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/replication/repl5_agmtlist.c,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- repl5_agmtlist.c 10 Nov 2006 23:45:17 -0000 1.11
+++ repl5_agmtlist.c 27 Jan 2009 22:37:18 -0000 1.12
@@ -48,6 +48,7 @@
*/
#include "repl5.h"
+#include <plstr.h>
#define AGMT_CONFIG_BASE "cn=mapping tree, cn=config"
#define CONFIG_FILTER "(objectclass=nsds5replicationagreement)"
@@ -373,8 +374,22 @@
else if (slapi_attr_types_equivalent(mods[i]->mod_type,
type_nsds5TransportInfo))
{
+ /* do not allow GSSAPI if using TLS/SSL */
+ char *tmpstr = slapi_entry_attr_get_charptr(e, type_nsds5TransportInfo);
+ /* if some value was set, and the value was not set to LDAP (i.e. was set to use security),
+ and we're already using gssapi, deny the change */
+ if (tmpstr && PL_strcasecmp(tmpstr, "LDAP") && (BINDMETHOD_SASL_GSSAPI == agmt_get_bindmethod(agmt)))
+ {
+ /* Report the error to the client */
+ PR_snprintf (errortext, SLAPI_DSE_RETURNTEXT_SIZE, "Cannot use SASL/GSSAPI if using SSL or TLS - please change %s to a value other than SASL/GSSAPI before changing %s to use security", type_nsds5ReplicaBindMethod, type_nsds5TransportInfo);
+ slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name, "agmtlist_modify_callback: "
+ "%s", errortext);
+
+ *returncode = LDAP_UNWILLING_TO_PERFORM;
+ rc = SLAPI_DSE_CALLBACK_ERROR;
+ }
/* New Transport info */
- if (agmt_set_transportinfo_from_entry(agmt, e) != 0)
+ else if (agmt_set_transportinfo_from_entry(agmt, e) != 0)
{
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name, "agmtlist_modify_callback: "
"failed to update transport info for agreement %s\n",
@@ -386,8 +401,19 @@
else if (slapi_attr_types_equivalent(mods[i]->mod_type,
type_nsds5ReplicaBindMethod))
{
- /* New replica bind method */
- if (agmt_set_bind_method_from_entry(agmt, e) != 0)
+ /* do not allow GSSAPI if using TLS/SSL */
+ char *tmpstr = slapi_entry_attr_get_charptr(e, type_nsds5ReplicaBindMethod);
+ if (tmpstr && !PL_strcasecmp(tmpstr, "SASL/GSSAPI") && agmt_get_transport_flags(agmt))
+ {
+ /* Report the error to the client */
+ PR_snprintf (errortext, SLAPI_DSE_RETURNTEXT_SIZE, "Cannot use SASL/GSSAPI if using SSL or TLS - please change %s to LDAP before changing %s to use SASL/GSSAPI", type_nsds5TransportInfo, type_nsds5ReplicaBindMethod);
+ slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name, "agmtlist_modify_callback: "
+ "%s", errortext);
+
+ *returncode = LDAP_UNWILLING_TO_PERFORM;
+ rc = SLAPI_DSE_CALLBACK_ERROR;
+ }
+ else if (agmt_set_bind_method_from_entry(agmt, e) != 0)
{
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name, "agmtlist_modify_callback: "
"failed to update bind method for agreement %s\n",
@@ -395,6 +421,7 @@
*returncode = LDAP_OPERATIONS_ERROR;
rc = SLAPI_DSE_CALLBACK_ERROR;
}
+ slapi_ch_free_string(&tmpstr);
}
else if (slapi_attr_types_equivalent(mods[i]->mod_type,
type_nsds5ReplicatedAttributeList))
15 years, 3 months
[Fedora-directory-commits] ldapserver/ldap/servers/plugins/chainingdb cb_instance.c, 1.13, 1.14
by Richard Allen Megginson
Author: rmeggins
Update of /cvs/dirsec/ldapserver/ldap/servers/plugins/chainingdb
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv19724/ldapserver/ldap/servers/plugins/chainingdb
Modified Files:
cb_instance.c
Log Message:
Resolves: bug 479253
Bug Description: Configuring Server to Server GSSAPI over SSL - Need better Error Message
Reviewed by: nkinder (Thanks!)
Fix Description: If the user attempts to set the bind mech to GSSAPI, and a secure transport is being used, the server will return LDAP_UNWILLING_TO_PERFORM and provide a useful error message. Same if GSSAPI is being used and the user attempts to use a secure transport.
Platforms tested: RHEL5
Flag Day: no
Doc impact: no
Index: cb_instance.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/chainingdb/cb_instance.c,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -r1.13 -r1.14
--- cb_instance.c 2 Dec 2008 15:29:30 -0000 1.13
+++ cb_instance.c 27 Jan 2009 22:37:17 -0000 1.14
@@ -722,7 +722,18 @@
return(LDAP_INVALID_SYNTAX);
}
- if (apply) {
+ if (ludp && (ludp->lud_options & LDAP_URL_OPT_SECURE) && inst && inst->rwl_config_lock) {
+ int isgss = 0;
+ PR_RWLock_Rlock(inst->rwl_config_lock);
+ isgss = inst->pool->mech && !PL_strcasecmp(inst->pool->mech, "GSSAPI");
+ PR_RWLock_Unlock(inst->rwl_config_lock);
+ if (isgss) {
+ PR_snprintf (errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, "Cannot use LDAPS if using GSSAPI - please change the %s to use something other than GSSAPI before changing connection to use LDAPS", CB_CONFIG_BINDMECH);
+ rc = LDAP_UNWILLING_TO_PERFORM;
+ }
+ }
+
+ if ((LDAP_SUCCESS == rc) && apply) {
PR_RWLock_Wlock(inst->rwl_config_lock);
@@ -1346,7 +1357,18 @@
cb_backend_instance * inst=(cb_backend_instance *) arg;
int rc = LDAP_SUCCESS;
- if (apply) {
+ if (value && inst && inst->rwl_config_lock) {
+ int isgss = 0;
+ PR_RWLock_Rlock(inst->rwl_config_lock);
+ isgss = inst->pool->mech && !PL_strcasecmp(inst->pool->mech, "GSSAPI");
+ PR_RWLock_Unlock(inst->rwl_config_lock);
+ if (isgss) {
+ PR_snprintf (errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, "Cannot use startTLS if using GSSAPI - please change the %s to use something other than GSSAPI before changing connection to use startTLS", CB_CONFIG_BINDMECH);
+ rc = LDAP_UNWILLING_TO_PERFORM;
+ }
+ }
+
+ if ((LDAP_SUCCESS == rc) && apply) {
PR_RWLock_Wlock(inst->rwl_config_lock);
inst->pool->starttls=(int) ((uintptr_t)value);
PR_RWLock_Unlock(inst->rwl_config_lock);
@@ -1374,7 +1396,18 @@
cb_backend_instance * inst=(cb_backend_instance *) arg;
int rc=LDAP_SUCCESS;
- if (apply) {
+ if (value && !PL_strcasecmp((char *) value, "GSSAPI") && inst && inst->rwl_config_lock) {
+ int secure = 0;
+ PR_RWLock_Rlock(inst->rwl_config_lock);
+ secure = inst->pool->secure || inst->pool->starttls;
+ PR_RWLock_Unlock(inst->rwl_config_lock);
+ if (secure) {
+ PR_snprintf (errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, "Cannot use SASL/GSSAPI if using SSL or TLS - please change the connection to use no security before changing %s to use GSSAPI", CB_CONFIG_BINDMECH);
+ rc = LDAP_UNWILLING_TO_PERFORM;
+ }
+ }
+
+ if ((LDAP_SUCCESS == rc) && apply) {
PR_RWLock_Wlock(inst->rwl_config_lock);
if (( phase != CB_CONFIG_PHASE_INITIALIZATION ) &&
( phase != CB_CONFIG_PHASE_STARTUP )) {
15 years, 3 months