Date: Fri, 11 Apr 2025 14:03:58 GMT From: John Baldwin <jhb@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: bf4115671292 - main - ctld: Properly validate mutual user/secret for CHAP-MUTUAL in the UCL parser Message-ID: <202504111403.53BE3wMN053646@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by jhb: URL: https://cgit.FreeBSD.org/src/commit/?id=bf41156712929460aaf968e9d38ddc3847f90f6a commit bf41156712929460aaf968e9d38ddc3847f90f6a Author: John Baldwin <jhb@FreeBSD.org> AuthorDate: 2025-04-11 14:01:06 +0000 Commit: John Baldwin <jhb@FreeBSD.org> CommitDate: 2025-04-11 14:01:06 +0000 ctld: Properly validate mutual user/secret for CHAP-MUTUAL in the UCL parser The code was checking the non-mutual UCL objects twice instead. Sponsored by: Chelsio Communications Differential Revision: https://reviews.freebsd.org/D49645 --- usr.sbin/ctld/uclparse.cc | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/usr.sbin/ctld/uclparse.cc b/usr.sbin/ctld/uclparse.cc index ccb0b45a5ab1..1eb9f7736e4b 100644 --- a/usr.sbin/ctld/uclparse.cc +++ b/usr.sbin/ctld/uclparse.cc @@ -100,14 +100,14 @@ uclparse_chap_mutual(const char *ag_name, const ucl_object_t *obj) } mutual_user = ucl_object_find_key(obj, "mutual-user"); - if (!user || user->type != UCL_STRING) { + if (!mutual_user || mutual_user->type != UCL_STRING) { log_warnx("chap-mutual section in auth-group \"%s\" is missing " "\"mutual-user\" string key", ag_name); return (false); } mutual_secret = ucl_object_find_key(obj, "mutual-secret"); - if (!secret || secret->type != UCL_STRING) { + if (!mutual_secret || mutual_secret->type != UCL_STRING) { log_warnx("chap-mutual section in auth-group \"%s\" is missing " "\"mutual-secret\" string key", ag_name); return (false); @@ -165,14 +165,14 @@ uclparse_target_chap_mutual(const char *t_name, const ucl_object_t *obj) } mutual_user = ucl_object_find_key(obj, "mutual-user"); - if (!user || user->type != UCL_STRING) { + if (!mutual_user || mutual_user->type != UCL_STRING) { log_warnx("chap-mutual section in target \"%s\" is missing " "\"mutual-user\" string key", t_name); return (false); } mutual_secret = ucl_object_find_key(obj, "mutual-secret"); - if (!secret || secret->type != UCL_STRING) { + if (!mutual_secret || mutual_secret->type != UCL_STRING) { log_warnx("chap-mutual section in target \"%s\" is missing " "\"mutual-secret\" string key", t_name); return (false);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202504111403.53BE3wMN053646>