X-Git-Url: http://git.tuebingen.mpg.de/?p=paraslash.git;a=blobdiff_plain;f=user_list.c;h=a1f1557c6fefb21d0586d6fb85c990c795dbb51a;hp=840802b33ba811816e3459284cd471644b134bb8;hb=98f2c8aea52a49fad3fd6df67b1eb32c1499176c;hpb=a9126f461792a84c760162ecb25100f1593d427d

diff --git a/user_list.c b/user_list.c
index 840802b3..a1f1557c 100644
--- a/user_list.c
+++ b/user_list.c
@@ -1,11 +1,12 @@
 /*
- * Copyright (C) 2006-2009 Andre Noll <maan@systemlinux.org>
+ * Copyright (C) 2006-2010 Andre Noll <maan@systemlinux.org>
  *
  * Licensed under the GPL v2. For licencing details see COPYING.
  */
 
 /** \file user_list.c User handling for para_server. */
 
+#include <regex.h>
 #include <sys/types.h>
 #include <dirent.h>
 #include <openssl/rc4.h>
@@ -17,6 +18,7 @@
 #include "string.h"
 #include "list.h"
 #include "user_list.h"
+#include "rc4.h"
 
 static struct list_head user_list;
 
@@ -41,7 +43,7 @@ static void populate_user_list(char *user_list_file)
 		struct user *u;
 		RSA *rsa;
 
-		ret = para_fgets(line, MAXLINE, file_ptr);
+		ret = para_fgets(line, sizeof(line), file_ptr);
 		if (ret <= 0)
 			break;
 		if (sscanf(line,"%200s %200s %200s %200s", w, n, k, p) < 3)
@@ -55,6 +57,18 @@ static void populate_user_list(char *user_list_file)
 				para_strerror(-ret));
 			continue;
 		}
+		/*
+		 * In order to encrypt len := CHALLENGE_SIZE + 2 * RC4_KEY_LEN
+		 * bytes using RSA_public_encrypt() with EME-OAEP padding mode,
+		 * RSA_size(rsa) must be greater than len + 41. So ignore keys
+		 * which are too short. For details see RSA_public_encrypt(3).
+		 */
+		if (ret <= CHALLENGE_SIZE + 2 * RC4_KEY_LEN + 41) {
+			PARA_WARNING_LOG("rsa key %s too short (%d)\n",
+				k, ret);
+			rsa_free(rsa);
+			continue;
+		}
 		u = para_malloc(sizeof(*u));
 		u->name = para_strdup(n);
 		u->rsa = rsa;