Changeset 3183c21


Ignore:
Timestamp:
2008-09-06T22:59:32Z (16 years ago)
Author:
Wilmer van der Gaast <wilmer@…>
Branches:
master
Children:
15d1469
Parents:
0a4f6f4
Message:

Completely reviewed all uses of irc->password, irc_setpass() and
USTATUS_IDENTIFIED after another account overwriting vulnerability was
found by Tero Marttila.

Files:
6 edited

Legend:

Unmodified
Added
Removed
  • irc.c

    r0a4f6f4 r3183c21  
    3838        irc_t *irc = set->data;
    3939       
    40         if( irc->status & USTATUS_IDENTIFIED )
     40        if( irc->status & USTATUS_IDENTIFIED && value )
    4141        {
    4242                irc_setpass( irc, value );
     
    239239       
    240240        if( irc->status & USTATUS_IDENTIFIED && set_getbool( &irc->set, "save_on_quit" ) )
    241                 if( storage_save( irc, TRUE ) != STORAGE_OK )
     241                if( storage_save( irc, NULL, TRUE ) != STORAGE_OK )
    242242                        irc_usermsg( irc, "Error while saving settings!" );
    243243       
  • root_commands.c

    r0a4f6f4 r3183c21  
    131131static void cmd_identify( irc_t *irc, char **cmd )
    132132{
    133         storage_status_t status = storage_load( irc->nick, cmd[1], irc );
     133        storage_status_t status = storage_load( irc, cmd[1] );
    134134        char *account_on[] = { "account", "on", NULL };
    135135       
     
    143143        case STORAGE_OK:
    144144                irc_usermsg( irc, "Password accepted, settings and accounts loaded" );
     145                irc_setpass( irc, cmd[1] );
     146                irc->status |= USTATUS_IDENTIFIED;
    145147                irc_umode_set( irc, "+R", 1 );
    146148                if( set_getbool( &irc->set, "auto_connect" ) )
     
    162164        }
    163165
    164         irc_setpass( irc, cmd[1] );
    165         switch( storage_save( irc, FALSE )) {
     166        switch( storage_save( irc, cmd[1], FALSE ) ) {
    166167                case STORAGE_ALREADY_EXISTS:
    167168                        irc_usermsg( irc, "Nick is already registered" );
     
    170171                case STORAGE_OK:
    171172                        irc_usermsg( irc, "Account successfully created" );
     173                        irc_setpass( irc, cmd[1] );
    172174                        irc->status |= USTATUS_IDENTIFIED;
    173175                        irc_umode_set( irc, "+R", 1 );
     
    887889static void cmd_save( irc_t *irc, char **cmd )
    888890{
    889         if( storage_save( irc, TRUE ) == STORAGE_OK )
     891        if( ( irc->status & USTATUS_IDENTIFIED ) == 0 )
     892                irc_usermsg( irc, "Please create an account first" );
     893        else if( storage_save( irc, NULL, TRUE ) == STORAGE_OK )
    890894                irc_usermsg( irc, "Configuration saved" );
    891895        else
  • storage.c

    r0a4f6f4 r3183c21  
    103103}
    104104
    105 storage_status_t storage_load (const char *nick, const char *password, irc_t * irc)
    106 {
    107         GList *gl;
     105storage_status_t storage_load (irc_t * irc, const char *password)
     106{
     107        GList *gl;
     108       
     109        if (irc && irc->status & USTATUS_IDENTIFIED)
     110                return STORAGE_OTHER_ERROR;
    108111       
    109112        /* Loop until we don't get NO_SUCH_USER */
     
    112115                storage_status_t status;
    113116
    114                 status = st->load(nick, password, irc);
    115                 if (status == STORAGE_OK) {
    116                         irc_setpass(irc, password);
     117                status = st->load(irc, password);
     118                if (status == STORAGE_OK)
    117119                        return status;
    118                 }
    119120               
    120121                if (status != STORAGE_NO_SUCH_USER)
     
    125126}
    126127
    127 storage_status_t storage_save (irc_t *irc, int overwrite)
    128 {
    129         return ((storage_t *)global.storage->data)->save(irc, overwrite);
     128storage_status_t storage_save (irc_t *irc, char *password, int overwrite)
     129{
     130        storage_status_t st;
     131       
     132        if (password != NULL) {
     133                /* Should only use this in the "register" command. */
     134                if (irc->password || overwrite)
     135                        return STORAGE_OTHER_ERROR;
     136               
     137                irc_setpass(irc, password);
     138        } else if ((irc->status & USTATUS_IDENTIFIED) == 0) {
     139                return STORAGE_NO_SUCH_USER;
     140        }
     141       
     142        st = ((storage_t *)global.storage->data)->save(irc, overwrite);
     143       
     144        if (password != NULL) {
     145                irc_setpass(irc, NULL);
     146        }
     147       
     148        return st;
    130149}
    131150
     
    143162
    144163                status = st->remove(nick, password);
    145                 if (status != STORAGE_NO_SUCH_USER &&
    146                         status != STORAGE_OK)
     164                if (status != STORAGE_NO_SUCH_USER && status != STORAGE_OK)
    147165                        ret = status;
    148166        }
     
    150168        return ret;
    151169}
     170
     171#if 0
     172Not using this yet. Test thoroughly before adding UI hooks to this function.
    152173
    153174storage_status_t storage_rename (const char *onick, const char *nnick, const char *password)
     
    189210        return STORAGE_OK;
    190211}
     212#endif
  • storage.h

    r0a4f6f4 r3183c21  
    4545        storage_status_t (*check_pass) (const char *nick, const char *password);
    4646
    47         storage_status_t (*load) (const char *nick, const char *password, irc_t * irc);
     47        storage_status_t (*load) (irc_t *irc, const char *password);
    4848        storage_status_t (*save) (irc_t *irc, int overwrite);
    4949        storage_status_t (*remove) (const char *nick, const char *password);
     
    5555storage_status_t storage_check_pass (const char *nick, const char *password);
    5656
    57 storage_status_t storage_load (const char *nick, const char *password, irc_t * irc);
    58 storage_status_t storage_save (irc_t *irc, int overwrite);
     57storage_status_t storage_load (irc_t * irc, const char *password);
     58storage_status_t storage_save (irc_t *irc, char *password, int overwrite);
    5959storage_status_t storage_remove (const char *nick, const char *password);
    6060
    61 storage_status_t storage_rename (const char *onick, const char *nnick, const char *password);
     61/* storage_status_t storage_rename (const char *onick, const char *nnick, const char *password); */
    6262
    6363void register_storage_backend(storage_t *);
  • storage_text.c

    r0a4f6f4 r3183c21  
    4444}
    4545
    46 static storage_status_t text_load ( const char *my_nick, const char* password, irc_t *irc )
     46static storage_status_t text_load( irc_t *irc, const char* password )
    4747{
    4848        char s[512];
     
    5454        account_t *acc, *acc_lookup[9];
    5555       
    56         if( irc->status & USTATUS_IDENTIFIED )
    57                 return( 1 );
    58        
    59         g_snprintf( s, 511, "%s%s%s", global.conf->configdir, my_nick, ".accounts" );
     56        g_snprintf( s, 511, "%s%s%s", global.conf->configdir, irc->nick, ".accounts" );
    6057        fp = fopen( s, "r" );
    6158        if( !fp ) return STORAGE_NO_SUCH_USER;
     
    6865                return STORAGE_INVALID_PASSWORD;
    6966        }
    70        
    71         /* Do this now. If the user runs with AuthMode = Registered, the
    72            account command will not work otherwise. */
    73         irc->status |= USTATUS_IDENTIFIED;
    7467       
    7568        while( fscanf( fp, "%511[^\n]s", s ) > 0 )
     
    10194        }
    10295       
    103         g_snprintf( s, 511, "%s%s%s", global.conf->configdir, my_nick, ".nicks" );
     96        g_snprintf( s, 511, "%s%s%s", global.conf->configdir, irc->nick, ".nicks" );
    10497        fp = fopen( s, "r" );
    10598        if( !fp ) return STORAGE_NO_SUCH_USER;
  • storage_xml.c

    r0a4f6f4 r3183c21  
    259259}
    260260
    261 static storage_status_t xml_load_real( const char *my_nick, const char *password, irc_t *irc, xml_pass_st action )
     261static storage_status_t xml_load_real( irc_t *irc, const char *my_nick, const char *password, xml_pass_st action )
    262262{
    263263        GMarkupParseContext *ctx;
     
    266266        GError *gerr = NULL;
    267267        int fd, st;
    268        
    269         if( irc && irc->status & USTATUS_IDENTIFIED )
    270                 return( 1 );
    271268       
    272269        xd = g_new0( struct xml_parsedata, 1 );
     
    321318                return STORAGE_OK;
    322319       
    323         irc->status |= USTATUS_IDENTIFIED;
    324        
    325320        return STORAGE_OK;
    326321}
    327322
    328 static storage_status_t xml_load( const char *my_nick, const char *password, irc_t *irc )
    329 {
    330         return xml_load_real( my_nick, password, irc, XML_PASS_UNKNOWN );
     323static storage_status_t xml_load( irc_t *irc, const char *password )
     324{
     325        return xml_load_real( irc, irc->nick, password, XML_PASS_UNKNOWN );
    331326}
    332327
     
    335330        /* This is a little bit risky because we have to pass NULL for the
    336331           irc_t argument. This *should* be fine, if I didn't miss anything... */
    337         return xml_load_real( my_nick, password, NULL, XML_PASS_CHECK_ONLY );
     332        return xml_load_real( NULL, my_nick, password, XML_PASS_CHECK_ONLY );
    338333}
    339334
     
    370365        md5_byte_t pass_md5[21];
    371366        md5_state_t md5_state;
    372        
    373         if( irc->password == NULL )
    374         {
    375                 irc_usermsg( irc, "Please register yourself if you want to save your settings." );
    376                 return STORAGE_OTHER_ERROR;
    377         }
    378367       
    379368        path2 = g_strdup( irc->nick );
Note: See TracChangeset for help on using the changeset viewer.