JehanneOS/u9fs
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

from yarikos@gmail.com via sources patch:

Browse Source 
1. close transient fd
2. use authenticated user name from ticket to avoid forgery
3. use fid not afid in read/write/clunk
This commit is contained in:
Charles Forsyth 2015-03-17 19:39:40 +00:00
parent 14c424d712
commit 5f914398ca
1 changed files with 7 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
authp9any.c
View File

@ -306,6 +306,7 @@ p9anyinit(void)
if((n = readn(fd, abuf, sizeof(abuf)-1)) < 0)
sysfatal("can't read key file '%s'", af);
close(fd);
if (n > 0 && abuf[n - 1] == '\n')
n--;
abuf[n] = '\0';
@ -368,8 +369,10 @@ p9anyattach(Fcall *rx, Fcall *tx)
if (chatty9p)
fprint(2, "p9anyattach: afid %d state %d\n", rx->afid, sp->state);
if (sp->state == Established && strcmp(rx->uname, sp->uname) == 0
&& strcmp(rx->aname, sp->aname) == 0)
&& strcmp(rx->aname, sp->aname) == 0){
rx->uname = sp->t.suid;
return nil;
}
return "authentication failed";
}
@ -392,7 +395,7 @@ p9anyread(Fcall *rx, Fcall *tx)
char *ep;
Fid *f;
f = oldauthfid(rx->afid, (void **)&sp, &ep);
f = oldauthfid(rx->fid, (void **)&sp, &ep);
if (f == nil)
return ep;
if (chatty9p)
@ -437,7 +440,7 @@ p9anywrite(Fcall *rx, Fcall *tx)
Fid *f;
f = oldauthfid(rx->afid, (void **)&sp, &ep);
f = oldauthfid(rx->fid, (void **)&sp, &ep);
if (f == nil)
return ep;
if (chatty9p)
@ -515,7 +518,7 @@ p9anyclunk(Fcall *rx, Fcall *tx)
AuthSession *sp;
char *ep;
f = oldauthfid(rx->afid, (void **)&sp, &ep);
f = oldauthfid(rx->fid, (void **)&sp, &ep);
if (f == nil)
return ep;
if (chatty9p)