Mercurial > dropbear
comparison svr-authpasswd.c @ 1640:228b086794b7
limit password length to 100
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Thu, 21 Mar 2019 00:09:07 +0800 |
| parents | 5d2d1021ca00 |
| children |
comparison
equal
deleted
inserted
replaced
| 1639:8a485389330f | 1640:228b086794b7 |
|---|---|
| 63 send_msg_userauth_failure(0, 1); | 63 send_msg_userauth_failure(0, 1); |
| 64 return; | 64 return; |
| 65 } | 65 } |
| 66 | 66 |
| 67 password = buf_getstring(ses.payload, &passwordlen); | 67 password = buf_getstring(ses.payload, &passwordlen); |
| 68 if (valid_user) { | 68 if (valid_user && passwordlen <= DROPBEAR_MAX_PASSWORD_LEN) { |
| 69 /* the first bytes of passwdcrypt are the salt */ | 69 /* the first bytes of passwdcrypt are the salt */ |
| 70 passwdcrypt = ses.authstate.pw_passwd; | 70 passwdcrypt = ses.authstate.pw_passwd; |
| 71 testcrypt = crypt(password, passwdcrypt); | 71 testcrypt = crypt(password, passwdcrypt); |
| 72 } | 72 } |
| 73 m_burn(password, passwordlen); | 73 m_burn(password, passwordlen); |
| 74 m_free(password); | 74 m_free(password); |
| 75 | 75 |
| 76 /* After we have got the payload contents we can exit if the username | 76 /* After we have got the payload contents we can exit if the username |
| 77 is invalid. Invalid users have already been logged. */ | 77 is invalid. Invalid users have already been logged. */ |
| 78 if (!valid_user) { | 78 if (!valid_user) { |
| 79 send_msg_userauth_failure(0, 1); | |
| 80 return; | |
| 81 } | |
| 82 | |
| 83 if (passwordlen > DROPBEAR_MAX_PASSWORD_LEN) { | |
| 84 dropbear_log(LOG_WARNING, | |
| 85 "Too-long password attempt for '%s' from %s", | |
| 86 ses.authstate.pw_name, | |
| 87 svr_ses.addrstring); | |
| 79 send_msg_userauth_failure(0, 1); | 88 send_msg_userauth_failure(0, 1); |
| 80 return; | 89 return; |
| 81 } | 90 } |
| 82 | 91 |
| 83 if (testcrypt == NULL) { | 92 if (testcrypt == NULL) { |