-/* $Cambridge: exim/src/src/auths/pwcheck.c,v 1.2 2005/06/27 14:29:44 ph10 Exp $ */
-
/* SASL server API implementation
* Rob Siemborski
* Tim Martin
* $Id: checkpw.c,v 1.49 2002/03/07 19:14:04 ken3 Exp $
*/
+/* Copyright (c) The Exim Maintainers 2021 - 2022 */
+/* SPDX-License-Identifier: GPL-2.0-or-later */
/*
* Copyright (c) 2001 Carnegie Mellon University. All rights reserved.
*
* Oct 2001 - Apr 2002: Slightly modified by Philip Hazel.
* Aug 2003: new code for saslauthd from Alexander S. Sabourenkov incorporated
* by Philip Hazel (minor mods to avoid compiler warnings)
+ * Oct 2006: (PH) removed redundant tests on "reply" being NULL - some were
+ * missing, and confused someone who was using this code for some
+ * other purpose. Here in Exim, "reply" is never NULL.
*
* screwdriver@lxnt.info
*
const char *passwd,
const char **reply)
{
-userid = userid; /* Keep picky compilers happy */
-passwd = passwd;
*reply = "pwcheck support is not included in this Exim binary";
return PWCHECK_FAIL;
}
struct iovec iov[2];
static char response[1024];
- if (reply) { *reply = NULL; }
+ *reply = NULL;
s = socket(AF_UNIX, SOCK_STREAM, 0);
if (s == -1) { return PWCHECK_FAIL; }
- memset((char *)&srvaddr, 0, sizeof(srvaddr));
+ memset(CS &srvaddr, 0, sizeof(srvaddr));
srvaddr.sun_family = AF_UNIX;
strncpy(srvaddr.sun_path, CYRUS_PWCHECK_SOCKET, sizeof(srvaddr.sun_path));
r = connect(s, (struct sockaddr *)&srvaddr, sizeof(srvaddr));
if (r == -1) {
DEBUG(D_auth)
debug_printf("Cannot connect to pwcheck daemon (at '%s')\n",CYRUS_PWCHECK_SOCKET);
- if (reply) { *reply = "cannot connect to pwcheck daemon"; }
+ *reply = "cannot connect to pwcheck daemon";
return PWCHECK_FAIL;
}
- iov[0].iov_base = (char *)userid;
+ iov[0].iov_base = CS userid;
iov[0].iov_len = strlen(userid)+1;
- iov[1].iov_base = (char *)passwd;
+ iov[1].iov_base = CS passwd;
iov[1].iov_len = strlen(passwd)+1;
retry_writev(s, iov, 2);
}
response[start] = '\0';
- if (reply) { *reply = response; }
+ *reply = response;
return PWCHECK_NO;
}
const uschar *realm,
const uschar **reply)
{
-userid = userid; /* Keep picky compilers happy */
-passwd = passwd;
-service = service;
-realm = realm;
*reply = US"saslauthd support is not included in this Exim binary";
return PWCHECK_FAIL;
}
const uschar *realm,
const uschar **reply)
{
- uschar *daemon_reply;
+ uschar *daemon_reply = NULL;
int s, r;
struct sockaddr_un srvaddr;
debug_printf("saslauthd userid='%s' servicename='%s'"
" realm='%s'\n", userid, service, realm );
- if (reply)
- *reply = NULL;
+ *reply = NULL;
s = socket(AF_UNIX, SOCK_STREAM, 0);
if (s == -1) {
- if (reply)
- *reply = CUstrerror(errno);
+ *reply = CUstrerror(errno);
return PWCHECK_FAIL;
}
- memset((char *)&srvaddr, 0, sizeof(srvaddr));
+ memset(CS &srvaddr, 0, sizeof(srvaddr));
srvaddr.sun_family = AF_UNIX;
strncpy(srvaddr.sun_path, CYRUS_SASLAUTHD_SOCKET,
sizeof(srvaddr.sun_path));
r = connect(s, (struct sockaddr *)&srvaddr, sizeof(srvaddr));
if (r == -1) {
- DEBUG(D_auth)
+ DEBUG(D_auth)
debug_printf("Cannot connect to saslauthd daemon (at '%s'): %s\n",
CYRUS_SASLAUTHD_SOCKET, strerror(errno));
- if (reply)
- *reply = string_sprintf("cannot connect to saslauthd daemon at "
- "%s: %s", CYRUS_SASLAUTHD_SOCKET,
- strerror(errno));
+ *reply = string_sprintf("cannot connect to saslauthd daemon at "
+ "%s: %s", CYRUS_SASLAUTHD_SOCKET,
+ strerror(errno));
return PWCHECK_FAIL;
}
if (count > MAX_REQ_LEN) {
return -1;
} else {
- *retval = store_get(count + 1);
+ /* Assume the file is trusted, so no tainting */
+ *retval = store_get(count + 1, GET_UNTAINTED);
rc = (retry_read(fd, *retval, count) < (int) count);
(*retval)[count] = '\0';
return count;
{
int n;
int nread = 0;
- char *buf = (char *)inbuf;
+ char *buf = CS inbuf;
if (nbyte == 0) return 0;
for (i = 0; i < iovcnt; i++) {
if (iov[i].iov_len > (unsigned) n) {
- iov[i].iov_base = (char *)iov[i].iov_base + n;
+ iov[i].iov_base = CS iov[i].iov_base + n;
iov[i].iov_len -= n;
break;
}