Repository: ranger Updated Branches: refs/heads/master edefd567c -> 1d47302f9
RANGER-2172: Good coding practices for unix authentication Service in Ranger Project: http://git-wip-us.apache.org/repos/asf/ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/ranger/commit/1d47302f Tree: http://git-wip-us.apache.org/repos/asf/ranger/tree/1d47302f Diff: http://git-wip-us.apache.org/repos/asf/ranger/diff/1d47302f Branch: refs/heads/master Commit: 1d47302f937e3fe1d565914c578faaf989e54424 Parents: edefd56 Author: Sailaja Polavarapu <spolavar...@hortonworks.com> Authored: Tue Jul 31 16:22:07 2018 -0700 Committer: Sailaja Polavarapu <spolavar...@hortonworks.com> Committed: Tue Jul 31 16:22:07 2018 -0700 ---------------------------------------------------------------------- src/main/assembly/usersync.xml | 4 ++-- unixauthnative/src/main/c/credValidator.c | 11 +++++++---- unixauthpam/src/main/c/pamCredValidator.c | 10 +++++++--- 3 files changed, 16 insertions(+), 9 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ranger/blob/1d47302f/src/main/assembly/usersync.xml ---------------------------------------------------------------------- diff --git a/src/main/assembly/usersync.xml b/src/main/assembly/usersync.xml index a6bad1d..d170d8c 100644 --- a/src/main/assembly/usersync.xml +++ b/src/main/assembly/usersync.xml @@ -118,7 +118,7 @@ </fileSet> <fileSet> <directoryMode>755</directoryMode> - <fileMode>755</fileMode> + <fileMode>750</fileMode> <outputDirectory>/native</outputDirectory> <directory>unixauthnative/target</directory> <includes> @@ -127,7 +127,7 @@ </fileSet> <fileSet> <directoryMode>755</directoryMode> - <fileMode>755</fileMode> + <fileMode>750</fileMode> <outputDirectory>/native</outputDirectory> <directory>unixauthpam/target</directory> <includes> http://git-wip-us.apache.org/repos/asf/ranger/blob/1d47302f/unixauthnative/src/main/c/credValidator.c ---------------------------------------------------------------------- diff --git a/unixauthnative/src/main/c/credValidator.c b/unixauthnative/src/main/c/credValidator.c index d706a93..189c2ca 100644 --- a/unixauthnative/src/main/c/credValidator.c +++ b/unixauthnative/src/main/c/credValidator.c @@ -23,17 +23,20 @@ #include <sys/types.h> #include <crypt.h> +#define STRLEN 64 + int main(int ac, char **av, char **ev) { - char username[64] ; - char password[64] ; + char username[STRLEN] ; + char password[STRLEN] ; char line[512] ; + char format[20]; struct passwd *pwp; struct spwd *spwd ; fgets(line,512,stdin) ; - - sscanf(line, "LOGIN:%s %s",username,password) ; + sprintf(format, "LOGIN:%%%ds %%%ds", STRLEN, STRLEN); + sscanf(line, format, username,password) ; pwp = getpwnam(username) ; http://git-wip-us.apache.org/repos/asf/ranger/blob/1d47302f/unixauthpam/src/main/c/pamCredValidator.c ---------------------------------------------------------------------- diff --git a/unixauthpam/src/main/c/pamCredValidator.c b/unixauthpam/src/main/c/pamCredValidator.c index df84a3e..8e36903 100644 --- a/unixauthpam/src/main/c/pamCredValidator.c +++ b/unixauthpam/src/main/c/pamCredValidator.c @@ -32,6 +32,8 @@ #include <sys/types.h> #include <security/pam_appl.h> +#define STRLEN 64 + int pamconv(int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr) { if (num_msg != 1 || msg[0]->msg_style != PAM_PROMPT_ECHO_OFF) { fprintf(stderr, "ERROR: Unexpected PAM conversation '%d/%s'\n", msg[0]->msg_style, msg[0]->msg); @@ -56,15 +58,17 @@ struct pam_conv conv = { pamconv, NULL }; int main(int ac, char **av, char **ev) { - char username[64] ; - char password[64] ; + char username[STRLEN] ; + char password[STRLEN] ; char line[512] ; + char format[20]; int retval; pam_handle_t *pamh = NULL; + sprintf(format, "LOGIN:%%%ds %%%ds", STRLEN, STRLEN); fgets(line,512,stdin) ; - sscanf(line, "LOGIN:%s %s",username,password) ; + sscanf(line, format, username,password) ; conv.appdata_ptr = (char *) password; retval = pam_start("ranger-remote", username, &conv, &pamh);