Revert the definitions of _PW_KEY* to their previous values. There is

at least one consumer outside of libc and pwd_mkdb.
Adjust the versioning in libc and pwd_mkdb accordingly.

named was the application affected, and that fact was first
Reported by:	Zherdev Anatoly <tolyar@mx.ru>

Sponsored by:	DARPA, Network Associates Laboratories
This commit is contained in:
Jacques Vidrine 2003-04-18 14:11:17 +00:00
parent b37d8ead52
commit b4603f3dd4
3 changed files with 54 additions and 29 deletions

View File

@ -78,17 +78,36 @@ typedef __size_t size_t;
#define _PATH_PWD_MKDB "/usr/sbin/pwd_mkdb"
#define _PWD_VERSION_KEY "\xFF" "VERSION"
#define _PWD_CURRENT_VERSION '\x04'
/* Historically, the keys in _PATH_MP_DB/_PATH_SMP_DB had the format
* `1 octet tag | key', where the tag is one of the _PW_KEY* values
* listed below. These values happen to be ASCII digits. Starting
* with FreeBSD 5.1, the tag is now still a single octet, but the
* upper 4 bits are interpreted as a version. Pre-FreeBSD 5.1 format
* entries are version `3' -- this conveniently results in the same
* key values as before. The new, architecture-independent entries
* are version `4'.
* As it happens, some applications read the database directly.
* (Bad app, no cookie!) Thus, we leave the _PW_KEY* symbols at their
* old pre-FreeBSD 5.1 values so these apps still work. Consequently
* we have to do muck around a bit more to get the correct, versioned
* tag, and that is what the _PW_VERSIONED macros is about.
*/
#define _PW_VERSION_MASK '0xF0'
#define _PW_VERSION(x) ((unsigned char)((x)<<4))
#define _PW_VERSIONED(x, v) ((unsigned char)(((x) & 0xCF) | ((v)<<4)))
#define _PW_KEYBYNAME '\x01' /* stored by name */
#define _PW_KEYBYNUM '\x02' /* stored by entry in the "file" */
#define _PW_KEYBYUID '\x03' /* stored by uid */
#define _PW_KEYYPENABLED '\x04' /* YP is enabled */
#define _PW_KEYYPBYNUM '\x05' /* special +@netgroup entries */
#define _PW_KEYBYNAME '\x31' /* stored by name */
#define _PW_KEYBYNUM '\x32' /* stored by entry in the "file" */
#define _PW_KEYBYUID '\x33' /* stored by uid */
#define _PW_KEYYPENABLED '\x34' /* YP is enabled */
#define _PW_KEYYPBYNUM '\x35' /* special +@netgroup entries */
/* The database also contains a key to indicate the format version of
* the entries therein. There may be other, older versioned entries
* as well.
*/
#define _PWD_VERSION_KEY "\xFF" "VERSION"
#define _PWD_CURRENT_VERSION '\x04'
#define _PASSWORD_EFMT1 '_' /* extended encryption format */

View File

@ -593,7 +593,7 @@ files_passwd(void *retval, void *mdata, va_list ap)
}
break;
}
keybuf[0] |= _PW_VERSION(st->version);
keybuf[0] = _PW_VERSIONED(keybuf[0], st->version);
rv = st->db->get(st->db, &key, &entry, 0);
if (rv < 0 || rv > 1) { /* should never return > 1 */
*errnop = errno;
@ -1500,7 +1500,7 @@ compat_passwd(void *retval, void *mdata, va_list ap)
memcpy(&keybuf[1], &store, sizeof(store));
key.size = sizeof(store) + 1;
}
keybuf[0] = _PW_KEYBYNUM | _PW_VERSION(st->version);
keybuf[0] = _PW_VERSIONED(_PW_KEYBYNUM, st->version);
rv = st->db->get(st->db, &key, &entry, 0);
if (rv < 0 || rv > 1) { /* should never return > 1 */
*errnop = errno;

View File

@ -67,8 +67,8 @@ static const char rcsid[] =
#define SECURE 2
#define PERM_INSECURE (S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH)
#define PERM_SECURE (S_IRUSR|S_IWUSR)
#define LEGACY_VERSION _PW_VERSION(3)
#define CURRENT_VERSION _PW_VERSION(4)
#define LEGACY_VERSION(x) _PW_VERSIONED(x, 3)
#define CURRENT_VERSION(x) _PW_VERSIONED(x, 4)
HASHINFO openinfo = {
4096, /* bsize */
@ -229,7 +229,7 @@ main(int argc, char *argv[])
pw_db = dbopen(_PATH_MP_DB, O_RDONLY, 0, DB_HASH, NULL);
if (!pw_db)
error(_MP_DB);
buf[0] = _PW_KEYBYNAME | CURRENT_VERSION;
buf[0] = CURRENT_VERSION(_PW_KEYBYNAME);
len = strlen(username);
/* Only check that username fits in buffer */
@ -245,7 +245,7 @@ main(int argc, char *argv[])
while (*p++)
;
buf[0] = _PW_KEYBYUID | CURRENT_VERSION;
buf[0] = CURRENT_VERSION(_PW_KEYBYUID);
memmove(buf + 1, p, sizeof(int));
key.data = (u_char *)buf;
key.size = sizeof(int) + 1;
@ -372,7 +372,7 @@ main(int argc, char *argv[])
sdata.size = p - sbuf;
/* Store insecure by name. */
tbuf[0] = _PW_KEYBYNAME | CURRENT_VERSION;
tbuf[0] = CURRENT_VERSION(_PW_KEYBYNAME);
len = strlen(pwd.pw_name);
memmove(tbuf + 1, pwd.pw_name, len);
key.size = len + 1;
@ -380,7 +380,7 @@ main(int argc, char *argv[])
error("put");
/* Store insecure by number. */
tbuf[0] = _PW_KEYBYNUM | CURRENT_VERSION;
tbuf[0] = CURRENT_VERSION(_PW_KEYBYNUM);
store = htonl(cnt);
memmove(tbuf + 1, &store, sizeof(store));
key.size = sizeof(store) + 1;
@ -388,7 +388,7 @@ main(int argc, char *argv[])
error("put");
/* Store insecure by uid. */
tbuf[0] = _PW_KEYBYUID | CURRENT_VERSION;
tbuf[0] = CURRENT_VERSION(_PW_KEYBYUID);
store = htonl(pwd.pw_uid);
memmove(tbuf + 1, &store, sizeof(store));
key.size = sizeof(store) + 1;
@ -396,7 +396,7 @@ main(int argc, char *argv[])
error("put");
/* Store secure by name. */
tbuf[0] = _PW_KEYBYNAME | CURRENT_VERSION;
tbuf[0] = CURRENT_VERSION(_PW_KEYBYNAME);
len = strlen(pwd.pw_name);
memmove(tbuf + 1, pwd.pw_name, len);
key.size = len + 1;
@ -404,7 +404,7 @@ main(int argc, char *argv[])
error("put");
/* Store secure by number. */
tbuf[0] = _PW_KEYBYNUM | CURRENT_VERSION;
tbuf[0] = CURRENT_VERSION(_PW_KEYBYNUM);
store = htonl(cnt);
memmove(tbuf + 1, &store, sizeof(store));
key.size = sizeof(store) + 1;
@ -412,7 +412,7 @@ main(int argc, char *argv[])
error("put");
/* Store secure by uid. */
tbuf[0] = _PW_KEYBYUID | CURRENT_VERSION;
tbuf[0] = CURRENT_VERSION(_PW_KEYBYUID);
store = htonl(pwd.pw_uid);
memmove(tbuf + 1, &store, sizeof(store));
key.size = sizeof(store) + 1;
@ -421,7 +421,7 @@ main(int argc, char *argv[])
/* Store insecure and secure special plus and special minus */
if (pwd.pw_name[0] == '+' || pwd.pw_name[0] == '-') {
tbuf[0] = _PW_KEYYPBYNUM | CURRENT_VERSION;
tbuf[0] = CURRENT_VERSION(_PW_KEYYPBYNUM);
store = htonl(ypcnt);
memmove(tbuf + 1, &store, sizeof(store));
ypcnt++;
@ -473,7 +473,7 @@ main(int argc, char *argv[])
sdata.size = p - sbuf;
/* Store insecure by name. */
tbuf[0] = _PW_KEYBYNAME | LEGACY_VERSION;
tbuf[0] = LEGACY_VERSION(_PW_KEYBYNAME);
len = strlen(pwd.pw_name);
memmove(tbuf + 1, pwd.pw_name, len);
key.size = len + 1;
@ -481,21 +481,21 @@ main(int argc, char *argv[])
error("put");
/* Store insecure by number. */
tbuf[0] = _PW_KEYBYNUM | LEGACY_VERSION;
tbuf[0] = LEGACY_VERSION(_PW_KEYBYNUM);
memmove(tbuf + 1, &cnt, sizeof(cnt));
key.size = sizeof(cnt) + 1;
if ((dp->put)(dp, &key, &data, method) == -1)
error("put");
/* Store insecure by uid. */
tbuf[0] = _PW_KEYBYUID | LEGACY_VERSION;
tbuf[0] = LEGACY_VERSION(_PW_KEYBYUID);
memmove(tbuf + 1, &pwd.pw_uid, sizeof(pwd.pw_uid));
key.size = sizeof(pwd.pw_uid) + 1;
if ((dp->put)(dp, &key, &data, methoduid) == -1)
error("put");
/* Store secure by name. */
tbuf[0] = _PW_KEYBYNAME | LEGACY_VERSION;
tbuf[0] = LEGACY_VERSION(_PW_KEYBYNAME);
len = strlen(pwd.pw_name);
memmove(tbuf + 1, pwd.pw_name, len);
key.size = len + 1;
@ -503,14 +503,14 @@ main(int argc, char *argv[])
error("put");
/* Store secure by number. */
tbuf[0] = _PW_KEYBYNUM | LEGACY_VERSION;
tbuf[0] = LEGACY_VERSION(_PW_KEYBYNUM);
memmove(tbuf + 1, &cnt, sizeof(cnt));
key.size = sizeof(cnt) + 1;
if ((sdp->put)(sdp, &key, &sdata, method) == -1)
error("put");
/* Store secure by uid. */
tbuf[0] = _PW_KEYBYUID | LEGACY_VERSION;
tbuf[0] = LEGACY_VERSION(_PW_KEYBYUID);
memmove(tbuf + 1, &pwd.pw_uid, sizeof(pwd.pw_uid));
key.size = sizeof(pwd.pw_uid) + 1;
if ((sdp->put)(sdp, &key, &sdata, methoduid) == -1)
@ -518,7 +518,7 @@ main(int argc, char *argv[])
/* Store insecure and secure special plus and special minus */
if (pwd.pw_name[0] == '+' || pwd.pw_name[0] == '-') {
tbuf[0] = _PW_KEYYPBYNUM | LEGACY_VERSION;
tbuf[0] = LEGACY_VERSION(_PW_KEYYPBYNUM);
memmove(tbuf + 1, &ypcnt, sizeof(cnt));
ypcnt++;
key.size = sizeof(cnt) + 1;
@ -550,7 +550,13 @@ main(int argc, char *argv[])
if (yp_enabled) {
buf[0] = yp_enabled + 2;
data.size = 1;
tbuf[0] = _PW_KEYYPENABLED | LEGACY_VERSION;
key.size = 1;
tbuf[0] = CURRENT_VERSION(_PW_KEYYPENABLED);
if ((dp->put)(dp, &key, &data, method) == -1)
error("put");
if ((sdp->put)(sdp, &key, &data, method) == -1)
error("put");
tbuf[0] = LEGACY_VERSION(_PW_KEYYPENABLED);
key.size = 1;
if ((dp->put)(dp, &key, &data, method) == -1)
error("put");