auth_cvm: added check for null char in username

see issue #53
This commit is contained in:
Matt Simerson 2014-08-23 11:20:41 -07:00
parent a4158bded9
commit 0bbd209431

View File

@ -63,8 +63,14 @@ sub register {
my $port = $ENV{PORT} || SMTP_PORT;
return 0 if ($port == SMTP_PORT && $arg{enable_smtp} ne 'yes');
return 0 if ($port == SSMTP_PORT && $arg{enable_ssmtp} ne 'yes');
if ($arg{enable_smtp} ne 'yes' && ($port == SMTP_PORT || $port == 587)) {
$self->log(LOGDEBUG, "skip: enable_smtp=no");
return 0;
}
if ($port == SSMTP_PORT && $arg{enable_ssmtp} ne 'yes') {
$self->log(LOGDEBUG, "skip: enable_ssmtp=no");
return 0;
};
if ($arg{cvm_socket} =~ /^([\w\/.-]+)$/) {
$self->{_cvm_socket} = $1;
@ -77,7 +83,6 @@ sub register {
$self->register_hook("auth-plain", "authcvm_plain");
$self->register_hook("auth-login", "authcvm_plain");
#$self->register_hook("auth-cram-md5", "authcvm_hash");
}
@ -85,6 +90,11 @@ sub authcvm_plain {
my ($self, $transaction, $method, $user, $passClear, $passHash, $ticket) =
@_;
if ($user =~ /\x00/) {
$self->log(LOGERROR, "deny: invalid username");
return (DENY, "authcvm, invalid username");
};
socket(SOCK, PF_UNIX, SOCK_STREAM, 0) or do {
$self->log(LOGERROR, "skip: socket creation attempt for: $user");
return (DENY, "authcvm");
@ -96,7 +106,7 @@ sub authcvm_plain {
connect(SOCK, sockaddr_un($self->{_cvm_socket})) or do {
$self->log(LOGERROR, "skip: socket connection attempt for: $user");
return (DENY, "authcvm");
return (DENY, "authcvm, connection failed");
};
my $o = select(SOCK);