steffen: server/kolabd/kolabd kolab_bootstrap.in, 1.3, 1.4 kolab_smtpdpolicy.in, 1.2, 1.3 kolabpasswd.in, 1.1, 1.2
cvs at intevation.de
cvs at intevation.de
Sun Oct 2 13:06:33 CEST 2005
Author: steffen
Update of /kolabrepository/server/kolabd/kolabd
In directory doto:/tmp/cvs-serv11591/kolabd
Modified Files:
kolab_bootstrap.in kolab_smtpdpolicy.in kolabpasswd.in
Log Message:
Fix for issue919 (non-escaped shell metachars in passwd)
Index: kolab_bootstrap.in
===================================================================
RCS file: /kolabrepository/server/kolabd/kolabd/kolab_bootstrap.in,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -d -r1.3 -r1.4
--- kolab_bootstrap.in 20 Sep 2005 19:41:55 -0000 1.3
+++ kolab_bootstrap.in 2 Oct 2005 11:06:31 -0000 1.4
@@ -33,6 +33,19 @@
##### Utility Functions
+# Shell double-quote a string
+# Borrored from Sysadm::Install
+sub qquote {
+ my($str, $metas) = @_;
+ $str =~ s/([\\"])/\\$1/g;
+ if(defined $metas) {
+ $metas = '!$`' if $metas eq ":shell";
+ $metas =~ s/\]/\\]/g;
+ $str =~ s/([$metas])/\\$1/g;
+ }
+ return "\"$str\"";
+}
+
# Try to get fqdn
sub myhostname {
my $host = '';
@@ -42,7 +55,7 @@
chomp $host;
close( HOSTNAME );
}
- # FIXME: hardcoded - maybe fixed later
+ # FIXME: hardcoded - maybe fixed later
if( open( HOSTNAME, '/etc/hostname' ) ) {
$host = <HOSTNAME>;
chomp $host;
@@ -86,7 +99,7 @@
# Hash a password
sub hashPassword {
my $pw = shift;
- my $hashcmd = "@sbindir@/slappasswd -s '".$pw."'";
+ my $hashcmd = "@sbindir@/slappasswd -s ".qquote($pw,":shell");
(my $hashpw = `$hashcmd`) or die $@;
chomp($hashpw);
return $hashpw;
Index: kolab_smtpdpolicy.in
===================================================================
RCS file: /kolabrepository/server/kolabd/kolabd/kolab_smtpdpolicy.in,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -d -r1.2 -r1.3
--- kolab_smtpdpolicy.in 16 Sep 2005 12:50:54 -0000 1.2
+++ kolab_smtpdpolicy.in 2 Oct 2005 11:06:31 -0000 1.3
@@ -197,7 +197,7 @@
CHECKSENDER:
$mesg = $ldap->search( base=> $conf_basedn,
- scope=> 'sub',
+ scope=> 'sub',
filter=> "(&(objectClass=kolabinetorgperson)(|(mail=$sender)(alias=$sender)))");
if( !$mesg->code ) {
mylog($syslog_priority, "LDAP search returned ".$mesg->count()." objects") if $verbose;
@@ -237,7 +237,7 @@
# UPS, fake sender
mylog($syslog_priority, "Attempt to fake address $sender") if $verbose;
return "REJECT Invalid sender";
-
+
# Check for valid access to restricted distribution lists
$tries = 0;
CHECKDISTLIST:
Index: kolabpasswd.in
===================================================================
RCS file: /kolabrepository/server/kolabd/kolabd/kolabpasswd.in,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- kolabpasswd.in 13 Sep 2005 14:38:22 -0000 1.1
+++ kolabpasswd.in 2 Oct 2005 11:06:31 -0000 1.2
@@ -35,10 +35,23 @@
# won't be needed (i think)
# my $kolab_prefix = (getpwnam('kolab'))[7] || die "Error: could not determine the kolab directory prefix (e.g. /kolab)";
+# Shell double-quote a string
+# Borrored from Sysadm::Install
+sub qquote {
+ my($str, $metas) = @_;
+ $str =~ s/([\\"])/\\$1/g;
+ if(defined $metas) {
+ $metas = '!$`' if $metas eq ":shell";
+ $metas =~ s/\]/\\]/g;
+ $str =~ s/([$metas])/\\$1/g;
+ }
+ return "\"$str\"";
+}
+
# Hash a password
sub hashPassword {
my $pw = shift;
- my $hashcmd = "@sbindir@/slappasswd -s '".$pw."'";
+ my $hashcmd = "@sbindir@/slappasswd -s ".qquote($pw,":shell");
(my $hashpw = `$hashcmd`) or die $@;
chomp($hashpw);
return $hashpw;
More information about the commits
mailing list