diff options
| author | Jeff Layton <jlayton@samba.org> | 2014-04-20 20:41:05 -0400 |
|---|---|---|
| committer | Jeff Layton <jlayton@samba.org> | 2014-04-20 20:41:08 -0400 |
| commit | 382ec63757c1d8d4d399d17ccc927c4897d4cfc9 (patch) | |
| tree | ef20698955496b8b0a64b61c2249e9d1d2c38ef3 | |
| parent | 3da4c43b575498be86c87a2ac3f3142e3cab1c59 (diff) | |
| download | cifs-utils-382ec63757c1d8d4d399d17ccc927c4897d4cfc9.tar.gz cifs-utils-382ec63757c1d8d4d399d17ccc927c4897d4cfc9.tar.bz2 cifs-utils-382ec63757c1d8d4d399d17ccc927c4897d4cfc9.zip | |
cifscreds: better error handling for key_add
If the string buffers would have been overrun, set errno to EINVAL
before returning. Then, have the callers report the errors to
stderr or syslog as appropriate.
Cc: Sebastian Krahmer <krahmer@suse.de>
Signed-off-by: Jeff Layton <jlayton@samba.org>
| -rw-r--r-- | cifscreds.c | 6 | ||||
| -rw-r--r-- | cifskey.c | 8 | ||||
| -rw-r--r-- | pam_cifscreds.c | 9 |
3 files changed, 14 insertions, 9 deletions
diff --git a/cifscreds.c b/cifscreds.c index 64d55b0..5d84c3c 100644 --- a/cifscreds.c +++ b/cifscreds.c @@ -220,8 +220,8 @@ static int cifscreds_add(struct cmdarg *arg) while (currentaddress) { key_serial_t key = key_add(currentaddress, arg->user, pass, arg->keytype); if (key <= 0) { - fprintf(stderr, "error: Add credential key for %s\n", - currentaddress); + fprintf(stderr, "error: Add credential key for %s: %s\n", + currentaddress, strerror(errno)); } else { if (keyctl(KEYCTL_SETPERM, key, CIFS_KEY_PERMS) < 0) { fprintf(stderr, "error: Setting permissons " @@ -422,7 +422,7 @@ static int cifscreds_update(struct cmdarg *arg) key_serial_t key = key_add(addrs[id], arg->user, pass, arg->keytype); if (key <= 0) fprintf(stderr, "error: Update credential key " - "for %s\n", addrs[id]); + "for %s: %s\n", addrs[id], strerror(errno)); } return EXIT_SUCCESS; @@ -47,13 +47,17 @@ key_add(const char *addr, const char *user, const char *pass, char keytype) char val[MOUNT_PASSWD_SIZE + MAX_USERNAME_SIZE + 2]; /* set key description */ - if (snprintf(desc, sizeof(desc), "%s:%c:%s", KEY_PREFIX, keytype, addr) >= (int)sizeof(desc)) + if (snprintf(desc, sizeof(desc), "%s:%c:%s", KEY_PREFIX, keytype, addr) >= (int)sizeof(desc)) { + errno = EINVAL; return -1; + } /* set payload contents */ len = snprintf(val, sizeof(val), "%s:%s", user, pass); - if (len >= (int)sizeof(val)) + if (len >= (int)sizeof(val)) { + errno = EINVAL; return -1; + } return add_key(CIFS_KEY_TYPE, desc, val, len + 1, DEST_KEYRING); } diff --git a/pam_cifscreds.c b/pam_cifscreds.c index fb23117..5d99c2d 100644 --- a/pam_cifscreds.c +++ b/pam_cifscreds.c @@ -208,6 +208,7 @@ static int cifscreds_pam_add(pam_handle_t *ph, const char *user, const char *pas switch(errno) { case ENOKEY: + /* success */ break; default: pam_syslog(ph, LOG_ERR, "Unable to search keyring for %s (%s)", @@ -233,8 +234,8 @@ static int cifscreds_pam_add(pam_handle_t *ph, const char *user, const char *pas while (currentaddress) { key_serial_t key = key_add(currentaddress, user, password, keytype); if (key <= 0) { - pam_syslog(ph, LOG_ERR, "error: Add credential key for %s", - currentaddress); + pam_syslog(ph, LOG_ERR, "error: Add credential key for %s: %s", + currentaddress, strerror(errno)); } else { if ((args & ARG_DEBUG) == ARG_DEBUG) { pam_syslog(ph, LOG_DEBUG, "credential key for \\\\%s\\%s added", @@ -336,8 +337,8 @@ static int cifscreds_pam_update(pam_handle_t *ph, const char *user, const char * for (id = 0; id < count; id++) { key_serial_t key = key_add(currentaddress, user, password, keytype); if (key <= 0) { - pam_syslog(ph, LOG_ERR, "error: Update credential key for %s", - currentaddress); + pam_syslog(ph, LOG_ERR, "error: Update credential key for %s: %s", + currentaddress, strerror(errno)); } } |