| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Redhat bugzilla: 1278543
This fixes a segfault for some incorrect usage, for example
cifscreds -u test
Reviewed-by: Steve French <smfrench@gmail.com>
Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
|
|
If the string buffers would have been overrun, set errno to EINVAL
before returning. Then, have the callers report the errors to
stderr or syslog as appropriate.
Cc: Sebastian Krahmer <krahmer@suse.de>
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
If we ended up getting a bogus string that would have overflowed, then
make key_search set errno to EINVAL before returning. The callers can
then test to see if the returned error is what was expected or something
else and handle it appropriately.
Cc: Sebastian Krahmer <krahmer@suse.de>
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
Split out some of the cifscreds key handling routines into a separate
file, and then link that in to both cifscreds and the new PAM module.
Fix up autoconf to handle building this automatically.
Signed-off-by: Orion Poplawski <orion@nwra.com>
|
|
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
Many distros do not call into pam_keyinit to set up the session keyring
properly at login time. When cifscreds add is used in such a session,
the kernel will spawn a new session keyring in which to install the
credentials. That keyring will then go away once the cifscreds process
exits.
Check for this situation by looking to see if the session and
user-session keyrings are the same. Throw a warning if so, and add some
verbiage to the cifscreds manpage that explains the issue. Also, if
the session keyring can't be queried for any reason, then cause the
program to error out.
Acked-by: David Howells <dhowells@redhat.com>
Reported-by: Milan Knížek <knizek.confy@gmail.com>
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
The "creds" portion seems redundant.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
...which is much more efficient than walking the keyring by hand.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
...and have it loosen the permissions to allow searching. There seems
to be no clear way to make user keys unreadable, but still allow for
them to be searched, so we'll need a new key_type that doesn't allow
you to read the payload from userspace. That will be proposed in a
separate kernel patch.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
This seems like a reasonable change, but I'm willing to listen to
arguments to the contrary...
cifscreds currently hangs the keys off of the uid keyring. It seems
more appropriate though that we require that each session have its
own set. This might be particularly important in a containerized
situation. If a user authenticates in one container, then we probably
don't want to allow a user in another to "borrow" those creds.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
As Donald points out, NetBIOS domains are allowed more characters than
the code currently allows. Change the test to one that checks for
disallowed characters instead.
Also, I can't find anything that says that '@' is not allowed in a
username. Might as well allow that too. Worst case, the server will
reject the username.
Reported-by: Donald R. Gray Jr <donald.r.gray@gmail.com>
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
...to indicate that the first argument is not a hostname but an
NT domain name. If it's set, then treat the argument as a
string literal.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
...and use getopt_long to get it. If someone doesn't specify the username,
use getusername() to get it.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
Having to parse options in every command routine is cumbersome and
restrictive. Declare a struct to hold arguments, and then have the
functions take that struct as an argument.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
...banish the use of exit(), which may be helpful in the future in
the event that we eventually move some of this code into a library.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
Change the payload to be "username:password". Since usernames can't
contain ':', this is suitable delimiter. Also, create_description
is just a sprintf now, so eliminate it.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
The username should be part of the key payload and not part of
the description. Also, prefix the address with an "a:" in the
description. Eventually we'll also need a "domain" key variant.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
Eventually we'll add this back in a different way. The domain and
address should be exclusive of one another. IOW, we want the kernel to
be able to find credentials for a specific address or for the domain of
which the server is a member.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
...to eliminate this warning:
cifscreds.c: In function ‘cifscreds_clearall’:
cifscreds.c:422:47: warning: unused parameter ‘argv’
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
It is a userspace part of a new infrastructure for stashing passwords
in kernel keyring per user basis. The patch adds the "cifscreds"
utility for management keys with credentials. Assembling of the utility
from the distribution is possible with --enable-cifscreds=yes option of
configure script.
Signed-off-by: Igor Druzhinin <jaxbrigs@gmail.com>
|
