[Date Prev][Date Next] [Chronological] [Thread] [Top]

bug in liblutil.a library (ITS#505)

To: openldap-its@OpenLDAP.org
Subject: bug in liblutil.a library (ITS#505)
From: mmuchnik@pumatech.com
Date: Wed, 19 Apr 2000 13:50:13 GMT

Full_Name: Maya Muchnik
Version: 1.2.9
OS: Solaris
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (209.108.112.96)


A problem in libraries/liblutil/passwd.c file, function lutil_passwd (cred,
passwd).
Not only passwd can be hashed already. cred can be hashed too.
I have changed this function for SHA-1 similar as the follows:

        } else if (strncasecmp(passwd, "{SHA}",sizeof("{SHA}") - 1) == 0 ) {
                lutil_SHA1_CTX SHA1context;
                unsigned char SHA1digest[20];
                char base64digest[29];  /* ceiling(sizeof(input)/3) * 4 + 1 */
                const char *p = passwd + (sizeof("{SHA}") - 1);
 
/*added*/       if (strncasecmp(cred, "{SHA}",sizeof("{SHA}") - 1) != 0 ) {
                   lutil_SHA1Init(&SHA1context);
                   lutil_SHA1Update(&SHA1context,
                                (const unsigned char *) cred, strlen(cred));
                   lutil_SHA1Final(SHA1digest, &SHA1context);
 
                   if (lutil_b64_ntop(SHA1digest, sizeof(SHA1digest),
                        base64digest, sizeof(base64digest)) < 0)
                   {
                        return ( 1 );
                   }
/* added down */
                }
                else
                {
                   if (sizeof (cred) < 35)
                      strcpy (base64digest, (cred + (sizeof("{SHA}") - 1)));
                   else
                      return (1);
                }
/* added end */
                return( strcmp(p, base64digest) );

Prev by Date: LDAP libraries bugs (ITS#504)
Next by Date: servers/slapd/back-shell/result.c realloc bug (ITS#506)
Index(es):
- Chronological
- Thread