From owner-svn-src-all@freebsd.org Mon Oct 2 23:14:31 2017 Return-Path: Delivered-To: svn-src-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 046DEE29B6B; Mon, 2 Oct 2017 23:14:31 +0000 (UTC) (envelope-from cem@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C08807F150; Mon, 2 Oct 2017 23:14:30 +0000 (UTC) (envelope-from cem@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id v92NEUqG095754; Mon, 2 Oct 2017 23:14:30 GMT (envelope-from cem@FreeBSD.org) Received: (from cem@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id v92NET7B095753; Mon, 2 Oct 2017 23:14:29 GMT (envelope-from cem@FreeBSD.org) Message-Id: <201710022314.v92NET7B095753@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: cem set sender to cem@FreeBSD.org using -f From: Conrad Meyer Date: Mon, 2 Oct 2017 23:14:29 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r324225 - head/usr.sbin/ppp X-SVN-Group: head X-SVN-Commit-Author: cem X-SVN-Commit-Paths: head/usr.sbin/ppp X-SVN-Commit-Revision: 324225 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Oct 2017 23:14:31 -0000 Author: cem Date: Mon Oct 2 23:14:29 2017 New Revision: 324225 URL: https://svnweb.freebsd.org/changeset/base/324225 Log: ppp(8): Fix various bugs in NOPAM section of auth_CheckPasswd * pw is not initialized before use * success is returned if crypt(3) errors These bugs were introduced in r231994, which attempted to adopt DragonflyBSD f4a9869feb646aafe72de6e5d61051a023a02676. The original author of the Dragonfly change also noticed these mistakes and filed the PR. PR: 222620 Submitted by: Lubos Boucek Obtained from: DragonflyBSD f4a9869feb646aafe72de6e5d61051a023a02676 Modified: head/usr.sbin/ppp/auth.c Modified: head/usr.sbin/ppp/auth.c ============================================================================== --- head/usr.sbin/ppp/auth.c Mon Oct 2 23:12:02 2017 (r324224) +++ head/usr.sbin/ppp/auth.c Mon Oct 2 23:14:29 2017 (r324225) @@ -125,13 +125,19 @@ auth_CheckPasswd(const char *name, const char *data, c #ifdef NOPAM /* Then look up the real password database */ struct passwd *pw; - int result; + int result = 0; char *cryptpw; + + pw = getpwnam(name); - cryptpw = crypt(key, pw->pw_passwd); - result = (pw = getpwnam(name)) && - (cryptpw == NULL || !strcmp(cryptpw, pw->pw_passwd)); + if (pw) { + cryptpw = crypt(key, pw->pw_passwd); + + result = (cryptpw != NULL) && !strcmp(cryptpw, pw->pw_passwd); + } + endpwent(); + return result; #else /* !NOPAM */ /* Then consult with PAM. */