From 5f914398cabb6e7f38e9604ddd601ff91577ca74 Mon Sep 17 00:00:00 2001 From: Charles Forsyth Date: Tue, 17 Mar 2015 19:39:40 +0000 Subject: [PATCH] from yarikos@gmail.com via sources patch: 1. close transient fd 2. use authenticated user name from ticket to avoid forgery 3. use fid not afid in read/write/clunk --- authp9any.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/authp9any.c b/authp9any.c index c62b95c..ad12ac8 100644 --- a/authp9any.c +++ b/authp9any.c @@ -306,6 +306,7 @@ p9anyinit(void) if((n = readn(fd, abuf, sizeof(abuf)-1)) < 0) sysfatal("can't read key file '%s'", af); + close(fd); if (n > 0 && abuf[n - 1] == '\n') n--; abuf[n] = '\0'; @@ -368,8 +369,10 @@ p9anyattach(Fcall *rx, Fcall *tx) if (chatty9p) fprint(2, "p9anyattach: afid %d state %d\n", rx->afid, sp->state); if (sp->state == Established && strcmp(rx->uname, sp->uname) == 0 - && strcmp(rx->aname, sp->aname) == 0) + && strcmp(rx->aname, sp->aname) == 0){ + rx->uname = sp->t.suid; return nil; + } return "authentication failed"; } @@ -392,7 +395,7 @@ p9anyread(Fcall *rx, Fcall *tx) char *ep; Fid *f; - f = oldauthfid(rx->afid, (void **)&sp, &ep); + f = oldauthfid(rx->fid, (void **)&sp, &ep); if (f == nil) return ep; if (chatty9p) @@ -437,7 +440,7 @@ p9anywrite(Fcall *rx, Fcall *tx) Fid *f; - f = oldauthfid(rx->afid, (void **)&sp, &ep); + f = oldauthfid(rx->fid, (void **)&sp, &ep); if (f == nil) return ep; if (chatty9p) @@ -515,7 +518,7 @@ p9anyclunk(Fcall *rx, Fcall *tx) AuthSession *sp; char *ep; - f = oldauthfid(rx->afid, (void **)&sp, &ep); + f = oldauthfid(rx->fid, (void **)&sp, &ep); if (f == nil) return ep; if (chatty9p)