[Swan] programs/pluto/xauth.c - non-reentrant crypt issue
Philippe Vouters
philippe.vouters at laposte.net
Thu Mar 7 10:56:14 EET 2013
#include "crypto.h" /* requires sha1.h and md5.h */
#include "ike_alg.h"
#include "xauth.h"
#include "virtual.h"
static stf_status
modecfg_inI2(struct msg_digest *md);
char pwdfile[PATH_MAX];
*pthread_mutex_t crypt_mutex = PTHREAD_MUTEX_INITIALIZER;*
extern bool encrypt_message(pb_stream *pbs, struct state *st); /*
forward declaration */
typedef struct
{
int in_use;
struct state *st;
sigjmp_buf jbuf;
} st_jbuf_t;
...
{
char *cp;
*pthread_mutex_lock(&crypt_mutex);*
#if defined(__CYGWIN32__)
/* password is in the clear! */
cp = (char *)arg->password.ptr;
#else
/* keep the passwords using whatever utilities we have */
cp = crypt( (char *)arg->password.ptr, szpass);
#endif
if(DBGP(DBG_CRYPT))
{
DBG_log("XAUTH: checking user(%s:%s) pass %s vs %s" ,
szuser, szconnid, cp, szpass);
}
else
{
libreswan_log("XAUTH: checking user(%s:%s) " , szuser,
szconnid);
}
/* Ok then now password check */
if ( strcmp(cp, szpass) == 0)
{
/* we have a winner */
fclose( fp );
*pthread_mutex_unlock(&crypt_mutex);*
return TRUE;
}
libreswan_log("XAUTH: nope");
*pthread_mutex_unlock(&crypt_mutex);*
}
--
Philippe Vouters (Fontainebleau/France)
URL: http://vouters.dyndns.org/
SIP: sip:Vouters at sip.linphone.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20130307/68f400eb/attachment.html>
More information about the Swan
mailing list