[tac_plus] IPv6 and disabled account segv patches

david.leonard at opengear.com david.leonard at opengear.com
Mon Jun 22 05:55:26 UTC 2015 

Hi, guys.

Before I'd found the shrubbery.net site, I'd submitted some IPv6 patches against tacacs+-4.0.4.27a to Ubuntu. The patches are spread over 3 separate bug reports at https://bugs.launchpad.net/ubuntu/+source/tacacs+ but you can ignore them because I have merged them to 4.0.4.28 and pasted the effective patches below.

The problems fixed are:

 * fix segfault on disabled accounts
 * fix mangled IPv6 addresses

Cheers

David

 * fix segfault on disabled accounts

--- a/pwlib.c	2015-03-24 11:29:26.337011181 +1000
+++ b/pwlib.c	2015-03-24 11:30:01.193011950 +1000
@@ -457,7 +457,7 @@
     if (debug & DEBUG_PASSWD_FLAG)
 	report(LOG_DEBUG, "%s encrypts to %s", users_passwd, ep);
 
-    if (strcmp(ep, encrypted_passwd) == 0) {
+    if (ep && strcmp(ep, encrypted_passwd) == 0) {
 	if (debug & DEBUG_PASSWD_FLAG)
 	    report(LOG_DEBUG, "Password is correct");
 	return(1);


 * fix mangled IPv6 addresses

Index: tacacs-F4.0.4.28/tac_plus.c
===================================================================
--- tacacs-F4.0.4.28.orig/tac_plus.c
+++ tacacs-F4.0.4.28/tac_plus.c
@@ -264,6 +264,26 @@ open_logfile(void)
     setlogmask(LOG_UPTO(LOG_DEBUG));
 }
 
+static char *
+sockaddr_ntop(const struct sockaddr *sa)
+{
+    const void *src;
+    char buf[INET6_ADDRSTRLEN];
+
+    switch (sa->sa_family) {
+    case AF_INET:
+        src = &((const struct sockaddr_in *)sa)->sin_addr;
+	break;
+    case AF_INET6:
+        src = &((const struct sockaddr_in6 *)sa)->sin6_addr;
+	break;
+    default:
+        return NULL;
+    }
+
+    return tac_strdup((char *)inet_ntop(sa->sa_family, src, buf, sizeof buf));
+}
+
 /*
  * We will eventually be called from inetd or via the rc scripts directly
  * Parse arguments and act appropiately.
@@ -393,7 +413,7 @@ main(int argc, char **argv)
 	/* running under inetd */
 	char host[NI_MAXHOST];
 	int on;
-	struct sockaddr_in name;
+	struct sockaddr_storage name;
 	socklen_t name_len;
 
 	name_len = sizeof(name);
@@ -419,8 +439,7 @@ main(int argc, char **argv)
 
 	    if (session.peerip)
 		free(session.peerip);
-	    session.peerip = tac_strdup((char *)inet_ntop(name.sin_family,
-					&name.sin_addr, host, NI_MAXHOST));
+	    session.peerip = sockaddr_ntop((struct sockaddr *)&name);
 	    if (debug & DEBUG_AUTHEN_FLAG)
 		report(LOG_INFO, "session.peerip is %s", session.peerip);
 	}
@@ -620,7 +639,7 @@ main(int argc, char **argv)
 	int pid;
 #endif
 	char host[NI_MAXHOST];
-	struct sockaddr_in from;
+	struct sockaddr_storage from;
 	socklen_t from_len;
 	int newsockfd = -1;
 	int flags, status;
@@ -671,8 +690,7 @@ main(int argc, char **argv)
 
 	if (session.peerip)
 	    free(session.peerip);
-	session.peerip = tac_strdup((char *)inet_ntop(from.sin_family,
-				    &from.sin_addr, host, NI_MAXHOST));
+	session.peerip = sockaddr_ntop((struct sockaddr *)&from);
 	if (debug & DEBUG_PACKET_FLAG)
 	    report(LOG_DEBUG, "session request from %s sock=%d",
 		   session.peer, newsockfd);

More information about the tac_plus mailing list