From 138b81d78912aee86405d98fef7823a08d599ab9 Mon Sep 17 00:00:00 2001 From: zacheiss Date: Wed, 25 Sep 2002 20:44:52 +0000 Subject: [PATCH] Put more brains into libmrclient's mrcl_validate_kerberos_member(): don't allow whitespace or commas in KERBEROS members. Update clients to distinguish between mrcl_validate_kerberos_member() returning MRCL_REJECT and it returning MRCL_WARN. --- clients/blanche/blanche.c | 13 +++++++++++++ clients/lib/member.c | 10 ++++++++++ clients/moira/cluster.c | 13 +++++++++++-- clients/moira/lists.c | 13 ++++++++++--- clients/stella/stella.c | 4 ++++ 5 files changed, 48 insertions(+), 5 deletions(-) diff --git a/clients/blanche/blanche.c b/clients/blanche/blanche.c index 525599d8..22e5b372 100644 --- a/clients/blanche/blanche.c +++ b/clients/blanche/blanche.c @@ -391,6 +391,8 @@ int main(int argc, char **argv) &argv[L_MEMACE_NAME]); if (mrcl_get_message()) mrcl_com_err(whoami); + if (status == MRCL_REJECT) + exit(1); } } else @@ -419,6 +421,8 @@ int main(int argc, char **argv) &argv[L_ACE_NAME]); if (mrcl_get_message()) mrcl_com_err(whoami); + if (status == MRCL_REJECT) + exit(1); status = mr_query("add_list", 13, argv, NULL, NULL); break; case M_NONE: @@ -490,6 +494,8 @@ int main(int argc, char **argv) &argv[L_MEMACE_NAME + 1]); if (mrcl_get_message()) mrcl_com_err(whoami); + if (status == MRCL_REJECT) + exit(1); } } @@ -516,6 +522,8 @@ int main(int argc, char **argv) &argv[L_ACE_NAME + 1]); if (mrcl_get_message()) mrcl_com_err(whoami); + if (status == MRCL_REJECT) + exit(1); status = mr_query("update_list", 14, argv, NULL, NULL); break; case M_NONE: @@ -729,6 +737,11 @@ int main(int argc, char **argv) status = mrcl_validate_kerberos_member(membervec[2], &membervec[2]); if (mrcl_get_message()) mrcl_com_err(whoami); + if (status == MRCL_REJECT) + { + success = 0; + break; + } status = mr_query("add_tagged_member_to_list", 4, membervec, NULL, NULL); if (status != MR_SUCCESS) diff --git a/clients/lib/member.c b/clients/lib/member.c index b47d4528..b7603b2b 100644 --- a/clients/lib/member.c +++ b/clients/lib/member.c @@ -72,6 +72,16 @@ int mrcl_validate_kerberos_member(char *str, char **ret) mrcl_clear_message(); + for (p = str; *p; p++) + { + if (isspace(*p) || *p == ',') + { + mrcl_set_message("KERBEROS member \"%s\" may not contain whitespace " + "or commas.", str); + return MRCL_REJECT; + } + } + p = strchr(str, '@'); if (!p) { diff --git a/clients/moira/cluster.c b/clients/moira/cluster.c index 88aeed65..3edb3607 100644 --- a/clients/moira/cluster.c +++ b/clients/moira/cluster.c @@ -562,6 +562,7 @@ struct mqelem *GetMCInfo(int type, char *name1, char *name2) char **AskMCDInfo(char **info, int type, Bool name) { char temp_buf[BUFSIZ], *newname, *oldnewname; + int status; switch (type) { @@ -712,9 +713,11 @@ char **AskMCDInfo(char **info, int type, Bool name) { char *canon; - mrcl_validate_kerberos_member(info[13], &canon); + status = mrcl_validate_kerberos_member(info[13], &canon); if (mrcl_get_message()) Put_message(mrcl_get_message()); + if (status == MRCL_REJECT) + return NULL; free(info[13]); info[13] = canon; } @@ -794,9 +797,11 @@ char **AskMCDInfo(char **info, int type, Bool name) { char *canon; - mrcl_validate_kerberos_member(info[SN_ACE_NAME], &canon); + status = mrcl_validate_kerberos_member(info[SN_ACE_NAME], &canon); if (mrcl_get_message()) Put_message(mrcl_get_message()); + if (status == MRCL_REJECT) + return NULL; free(info[SN_ACE_NAME]); info[SN_ACE_NAME] = canon; } @@ -848,6 +853,8 @@ char **AskMCDInfo(char **info, int type, Bool name) mrcl_validate_kerberos_member(info[CON_OWNER_NAME], &canon); if (mrcl_get_message()) Put_message(mrcl_get_message()); + if (status == MRCL_REJECT) + return NULL; free(info[CON_OWNER_NAME]); info[CON_OWNER_NAME] = canon; } @@ -865,6 +872,8 @@ char **AskMCDInfo(char **info, int type, Bool name) mrcl_validate_kerberos_member(info[CON_MEMACE_NAME], &canon); if (mrcl_get_message()) Put_message(mrcl_get_message()); + if (status == MRCL_REJECT) + return NULL; free(info[CON_MEMACE_NAME]); info[CON_MEMACE_NAME] = canon; } diff --git a/clients/moira/lists.c b/clients/moira/lists.c index 9fb95f1e..b4859382 100644 --- a/clients/moira/lists.c +++ b/clients/moira/lists.c @@ -192,6 +192,7 @@ struct mqelem *GetListInfo(int type, char *name1, char *name2) char **AskListInfo(char **info, Bool name) { char temp_buf[BUFSIZ], *newname; + int status; Put_message(" "); sprintf(temp_buf, "Setting information of list %s.", info[L_NAME]); @@ -258,9 +259,11 @@ char **AskListInfo(char **info, Bool name) { char *canon; - mrcl_validate_kerberos_member(info[L_ACE_NAME], &canon); + status = mrcl_validate_kerberos_member(info[L_ACE_NAME], &canon); if (mrcl_get_message()) Put_message(mrcl_get_message()); + if (status == MRCL_REJECT) + return NULL; free(info[L_ACE_NAME]); info[L_ACE_NAME] = canon; } @@ -278,9 +281,11 @@ char **AskListInfo(char **info, Bool name) { char *canon; - mrcl_validate_kerberos_member(info[L_MEMACE_NAME], &canon); + status = mrcl_validate_kerberos_member(info[L_MEMACE_NAME], &canon); if (mrcl_get_message()) Put_message(mrcl_get_message()); + if (status == MRCL_REJECT) + return NULL; free(info[L_MEMACE_NAME]); info[L_MEMACE_NAME] = canon; } @@ -721,9 +726,11 @@ int AddMember(int argc, char **argv) { char *canon; - mrcl_validate_kerberos_member(args[LM_MEMBER], &canon); + status = mrcl_validate_kerberos_member(args[LM_MEMBER], &canon); if (mrcl_get_message()) Put_message(mrcl_get_message()); + if (status == MRCL_REJECT) + return DM_NORMAL; free(args[LM_MEMBER]); args[LM_MEMBER] = canon; } diff --git a/clients/stella/stella.c b/clients/stella/stella.c index ca0a0377..312a248c 100644 --- a/clients/stella/stella.c +++ b/clients/stella/stella.c @@ -423,6 +423,8 @@ int main(int argc, char **argv) status = mrcl_validate_kerberos_member(argv[13], &argv[13]); if (mrcl_get_message()) mrcl_com_err(whoami); + if (status == MRCL_REJECT) + exit(1); status = wrap_mr_query("add_host", 16, argv, NULL, NULL); break; @@ -530,6 +532,8 @@ int main(int argc, char **argv) status = mrcl_validate_kerberos_member(argv[14], &argv[14]); if (mrcl_get_message()) mrcl_com_err(whoami); + if (status == MRCL_REJECT) + exit(1); status = wrap_mr_query("update_host", 17, argv, NULL, NULL); break; -- 2.45.2