X-Git-Url: http://git.tuebingen.mpg.de/?p=paraslash.git;a=blobdiff_plain;f=command.c;h=ffd660d63c0cdd94cd73d952a8785007873f1a97;hp=d0d9047b7d3d97dc1061a6c52db158e500d4969c;hb=199a80d5b07348e8eee1ec1a6339c4d68e85434e;hpb=0a405367cdc8f3b0f49fb5ec3798378a2fc4589b diff --git a/command.c b/command.c index d0d9047b..ffd660d6 100644 --- a/command.c +++ b/command.c @@ -34,6 +34,9 @@ #include "user_list.h" #include "server_command_list.h" +/** commands including options must be shorter than this */ +#define MAX_COMMAND_LEN 4096 + static RC4_KEY rc4_recv_key; static RC4_KEY rc4_send_key; static unsigned char rc4_buf[2 * RC4_KEY_LEN]; @@ -788,9 +791,9 @@ static void rc4_send(unsigned long len, const unsigned char *indata, int handle_connect(int fd, struct sockaddr_in *addr) { int numbytes, ret, argc, use_rc4 = 0; - char buf[STRINGSIZE]; + char buf[4096]; unsigned char crypt_buf[MAXLINE]; - struct user u; + struct user *u; struct server_command *cmd = NULL; long unsigned challenge_nr, chall_response; char **argv = NULL; @@ -822,16 +825,18 @@ int handle_connect(int fd, struct sockaddr_in *addr) goto err_out; if (numbytes < 9 || strncmp(buf, "auth rc4 ", 9)) - u.name = para_strdup(buf + 5); /* client version < 0.2.6 */ + p = buf + 5; /* client version < 0.2.6 */ else { - u.name = para_strdup(buf + 9); /* client version >= 0.2.6 */ + p = buf + 9; /* client version >= 0.2.6 */ use_rc4 = 1; } PARA_DEBUG_LOG("received %s request for user %s\n", - use_rc4? "rc4" : "auth", u.name); - if ((ret = lookup_user(&u)) < 0) + use_rc4? "rc4" : "auth", p); + ret = -E_BAD_USER; + u = lookup_user(p); + if (!u) goto err_out; - ret = para_encrypt_challenge(u.rsa, challenge_nr, crypt_buf); + ret = para_encrypt_challenge(u->rsa, challenge_nr, crypt_buf); if (ret <= 0) goto err_out; numbytes = ret; @@ -852,11 +857,11 @@ int handle_connect(int fd, struct sockaddr_in *addr) || chall_response != challenge_nr) goto err_out; /* auth successful. Send 'Proceed' message */ - PARA_INFO_LOG("good auth for %s (%lu)\n", u.name, challenge_nr); + PARA_INFO_LOG("good auth for %s (%lu)\n", u->name, challenge_nr); sprintf(buf, "%s", PROCEED_MSG); if (use_rc4) { init_rc4_keys(); - ret = para_encrypt_buffer(u.rsa, rc4_buf, 2 * RC4_KEY_LEN, + ret = para_encrypt_buffer(u->rsa, rc4_buf, 2 * RC4_KEY_LEN, (unsigned char *)buf + PROCEED_MSG_LEN + 1); if (ret <= 0) goto err_out; @@ -872,7 +877,7 @@ int handle_connect(int fd, struct sockaddr_in *addr) while ((numbytes = recv_buffer(fd, buf, sizeof(buf))) > 0) { // PARA_INFO_LOG("recvd: %s (%d)\n", buf, numbytes); ret = -E_COMMAND_SYNTAX; - if (command && numbytes + strlen(command) > STRINGSIZE) /* DOS */ + if (command && numbytes + strlen(command) > MAX_COMMAND_LEN) /* DOS */ goto err_out; command = para_strcat(command, buf); if ((p = strstr(command, EOC_MSG))) { @@ -888,7 +893,7 @@ int handle_connect(int fd, struct sockaddr_in *addr) if (!(cmd = parse_cmd(command))) goto err_out; /* valid command, check permissions */ - ret = check_perms(u.perms, cmd); + ret = check_perms(u->perms, cmd); if (ret < 0) goto err_out; /* valid command and sufficient perms */ @@ -897,7 +902,7 @@ int handle_connect(int fd, struct sockaddr_in *addr) mmd_lock(); mmd->num_commands++; mmd_unlock(); - PARA_NOTICE_LOG("calling com_%s() for %s@%s\n", cmd->name, u.name, + PARA_NOTICE_LOG("calling com_%s() for %s@%s\n", cmd->name, u->name, inet_ntoa(addr->sin_addr)); ret = cmd->handler(fd, argc, argv); if (ret >= 0) {