From nobody Tue Jan 27 18:44:26 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4f0vT66XwGz6QG8n for ; Tue, 27 Jan 2026 18:44:26 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4f0vT62xcbz3rM2 for ; Tue, 27 Jan 2026 18:44:26 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1769539466; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=vs1A+1y9bq/A79v0ZLRyZ+CvUc9bhxCQym3tGzkq7V8=; b=JaKfImTjB1cNEfc9/GVc+zumPkvw1bBd84uZ9DrpqHQeDAfNMYgxSLGJ1mkcqI+wCrpnS3 9ejDOuv6eEH9+IZH78Ln2u5BGiZrS91TkeCMJfEMMNVQjcOYs8TGYzTHgTIMmrOr6K9TdG PAIKlqg5S5fQzkXWUb7eQkctEgHLFIZYIV9vKIkyQiVpF29APBZUcJdx1NwNnK0GPYKj9O 9AeLa2WWCaPUnL9oqiqbL19DxM/eeOVfbCNhlN0kdYj5aM3oORg/Q5TwR2GAum/CKLsKvN yjo/q5U7uvvM4gwQ45I1HFUDdumRbX1GU4lP83mOa5j0fPYo+byDJrt4bQOrpQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1769539466; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=vs1A+1y9bq/A79v0ZLRyZ+CvUc9bhxCQym3tGzkq7V8=; b=Xg/LzdEILTfVdE6WlXvyQsCGHFbRiK9JzIypTjr/0w7Noh8do/9WKfFp5LstGBXE39201G /gMq0+ewmC+vjcXZuglFqWs4ZmShr4QgPq4u3JIOXgQ9rnsm6+p+7AoV49cObeDlINbbM3 fbKjF19nN6cxQK9+Y/SVAUzJesbskGLWmge6TGXmmvF2GwfqA79RKHJjehvf3Xnyye0WH7 7kfysjpsUg4zymvs8gU1p50fvmhY/SSf6X0kWXnxFPQcnmcPnl71ZPViun0f7YP/g09QyJ 4vN5v8XqVnyNH+7f9+IKGbuCGzLd/K6apKlrBX6skFdwSgVIV7i87rI7ApQIUQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1769539466; a=rsa-sha256; cv=none; b=eoYFMLaKw3l7ASdm3LeO9chZv1MyBndYBcqh+AeRXBnILe+43xiE+ur2YFSYac3NuGOOqY Zu/QcvCBG3DrbU2qCS/kZkbTJCxq4YHIJMTQN8DMpjrTj4mv8DpP4qXtA0kSzBqZlf96a7 v0p3uEo/Ftu/dfrB9G+JkYcl5wk4MWiBNw+dAA4N3pBCAYxiEFbi/c1Zsx8MIr8ckAzRB8 ERqFv191gYqEetCVs3JSR8p1yJeMTYAmC9A98s2P41NjQiZwKRug/bfqz2SDqn3TnkulEI ySrW/tHFh0RPnWYDm0xrz3TFHWGT17Lw/PRyHEU7FY1ItJWgRzJ1h6//2EyppA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4f0vT62RdZz3db for ; Tue, 27 Jan 2026 18:44:26 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 21104 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 27 Jan 2026 18:44:26 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: John Baldwin Subject: git: 80888d8610ee - stable/14 - ctld: Reduce code duplication in auth_check_secret_length List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: jhb X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 80888d8610ee6d0c3553ca22fa684117e186f70a Auto-Submitted: auto-generated Date: Tue, 27 Jan 2026 18:44:26 +0000 Message-Id: <6979078a.21104.4ddf4d16@gitrepo.freebsd.org> The branch stable/14 has been updated by jhb: URL: https://cgit.FreeBSD.org/src/commit/?id=80888d8610ee6d0c3553ca22fa684117e186f70a commit 80888d8610ee6d0c3553ca22fa684117e186f70a Author: John Baldwin AuthorDate: 2025-04-11 13:59:52 +0000 Commit: John Baldwin CommitDate: 2026-01-27 18:15:57 +0000 ctld: Reduce code duplication in auth_check_secret_length Only check a single secret length in the function and call it twice for the CHAP-MUTUAL case. Sponsored by: Chelsio Communications Differential Revision: https://reviews.freebsd.org/D49642 (cherry picked from commit 4214775235ebc01e0d22da5f09a2e4cff16bfa74) --- usr.sbin/ctld/ctld.cc | 67 ++++++++++++++------------------------------------- 1 file changed, 18 insertions(+), 49 deletions(-) diff --git a/usr.sbin/ctld/ctld.cc b/usr.sbin/ctld/ctld.cc index eb873acda59e..1c2d9779e697 100644 --- a/usr.sbin/ctld/ctld.cc +++ b/usr.sbin/ctld/ctld.cc @@ -183,63 +183,31 @@ auth_find(const struct auth_group *ag, const char *user) } static void -auth_check_secret_length(struct auth *auth) +auth_check_secret_length(const struct auth_group *ag, const char *user, + const char *secret, const char *secret_type) { size_t len; - len = strlen(auth->a_secret); + len = strlen(secret); if (len > 16) { - if (auth->a_auth_group->ag_name != NULL) - log_warnx("secret for user \"%s\", auth-group \"%s\", " + if (ag->ag_name != NULL) + log_warnx("%s for user \"%s\", auth-group \"%s\", " "is too long; it should be at most 16 characters " - "long", auth->a_user, auth->a_auth_group->ag_name); + "long", secret_type, user, ag->ag_name); else - log_warnx("secret for user \"%s\", target \"%s\", " + log_warnx("%s for user \"%s\", target \"%s\", " "is too long; it should be at most 16 characters " - "long", auth->a_user, - auth->a_auth_group->ag_target->t_name); + "long", secret_type, user, ag->ag_target->t_name); } if (len < 12) { - if (auth->a_auth_group->ag_name != NULL) - log_warnx("secret for user \"%s\", auth-group \"%s\", " + if (ag->ag_name != NULL) + log_warnx("%s for user \"%s\", auth-group \"%s\", " "is too short; it should be at least 12 characters " - "long", auth->a_user, - auth->a_auth_group->ag_name); + "long", secret_type, user, ag->ag_name); else - log_warnx("secret for user \"%s\", target \"%s\", " + log_warnx("%s for user \"%s\", target \"%s\", " "is too short; it should be at least 12 characters " - "long", auth->a_user, - auth->a_auth_group->ag_target->t_name); - } - - if (auth->a_mutual_secret != NULL) { - len = strlen(auth->a_mutual_secret); - if (len > 16) { - if (auth->a_auth_group->ag_name != NULL) - log_warnx("mutual secret for user \"%s\", " - "auth-group \"%s\", is too long; it should " - "be at most 16 characters long", - auth->a_user, auth->a_auth_group->ag_name); - else - log_warnx("mutual secret for user \"%s\", " - "target \"%s\", is too long; it should " - "be at most 16 characters long", - auth->a_user, - auth->a_auth_group->ag_target->t_name); - } - if (len < 12) { - if (auth->a_auth_group->ag_name != NULL) - log_warnx("mutual secret for user \"%s\", " - "auth-group \"%s\", is too short; it " - "should be at least 12 characters long", - auth->a_user, auth->a_auth_group->ag_name); - else - log_warnx("mutual secret for user \"%s\", " - "target \"%s\", is too short; it should be " - "at least 12 characters long", - auth->a_user, - auth->a_auth_group->ag_target->t_name); - } + "long", secret_type, user, ag->ag_target->t_name); } } @@ -262,12 +230,12 @@ auth_new_chap(struct auth_group *ag, const char *user, return (false); } + auth_check_secret_length(ag, user, secret, "secret"); + auth = auth_new(ag); auth->a_user = checked_strdup(user); auth->a_secret = checked_strdup(secret); - auth_check_secret_length(auth); - return (true); } @@ -291,14 +259,15 @@ auth_new_chap_mutual(struct auth_group *ag, const char *user, return (false); } + auth_check_secret_length(ag, user, secret, "secret"); + auth_check_secret_length(ag, user, secret2, "mutual secret"); + auth = auth_new(ag); auth->a_user = checked_strdup(user); auth->a_secret = checked_strdup(secret); auth->a_mutual_user = checked_strdup(user2); auth->a_mutual_secret = checked_strdup(secret2); - auth_check_secret_length(auth); - return (true); }