afs: Use nonblocking API for server commands.

[paraslash.git] / user_list.c

diff --git a/user_list.c b/user_list.c
index f5aabc0979fa8d1feb1e60722cfd00451d5dfe1a..a1f1557c6fefb21d0586d6fb85c990c795dbb51a 100644 (file)
--- a/user_list.c
+++ b/user_list.c
@@ -1,20 +1,24 @@
 /*
- * Copyright (C) 2006-2009 Andre Noll <maan@systemlinux.org>
+ * Copyright (C) 2006-2010 Andre Noll <maan@systemlinux.org>
  *
  * Licensed under the GPL v2. For licencing details see COPYING.
  */
 
 /** \file user_list.c User handling for para_server. */
 
+#include <regex.h>
 #include <sys/types.h>
 #include <dirent.h>
+#include <openssl/rc4.h>
 
 #include "para.h"
 #include "error.h"
+#include "crypt.h"
 #include "fd.h"
 #include "string.h"
 #include "list.h"
 #include "user_list.h"
+#include "rc4.h"
 
 static struct list_head user_list;
 
@@ -53,6 +57,18 @@ static void populate_user_list(char *user_list_file)
                                para_strerror(-ret));
                        continue;
                }
+               /*
+                * In order to encrypt len := CHALLENGE_SIZE + 2 * RC4_KEY_LEN
+                * bytes using RSA_public_encrypt() with EME-OAEP padding mode,
+                * RSA_size(rsa) must be greater than len + 41. So ignore keys
+                * which are too short. For details see RSA_public_encrypt(3).
+                */
+               if (ret <= CHALLENGE_SIZE + 2 * RC4_KEY_LEN + 41) {
+                       PARA_WARNING_LOG("rsa key %s too short (%d)\n",
+                               k, ret);
+                       rsa_free(rsa);
+                       continue;
+               }
                u = para_malloc(sizeof(*u));
                u->name = para_strdup(n);
                u->rsa = rsa;