Thanks for looking into this. On Tue, Jul 05, 2016 at 02:19:34PM +0100, Stuart Henderson wrote: [...] > > + memset(ibuf, 0, 255); > > +- if ( strcmp( p, dhxpwd->pw_passwd ) == 0 ) { > > ++ if ( (p != NULL) && (strcmp( p, dhxpwd->pw_passwd ) == 0) ) { > > ++ memset(dhxpwd->pw_passwd, 0, strlen(dhxpwd->pw_passwd)); > > + *uam_pwd = dhxpwd; > > + ret = AFP_OK; > > + } > > ++ memset(dhxpwd->pw_passwd, 0, strlen(dhxpwd->pw_passwd)); > > I think only the second memset makes sense here. [...] > > + memset(rbuf, 0, PASSWDLEN); > > +- if ( strcmp( p, dhxpwd->pw_passwd ) == 0 ) { > > ++ if ( (p != NULL) && (strcmp( p, dhxpwd->pw_passwd ) == 0) ) { > > ++ memset(dhxpwd->pw_passwd, 0, strlen(dhxpwd->pw_passwd)); > > + *uam_pwd = dhxpwd; > > + err = AFP_OK; > > + } > > ++ memset(dhxpwd->pw_passwd, 0, strlen(dhxpwd->pw_passwd)); > > and here. [...]
Yes, you're right. Updated patch: diff -ruN net/netatalk3.orig/Makefile net/netatalk3/Makefile --- net/netatalk3.orig/Makefile Tue Jul 5 14:47:24 2016 +++ net/netatalk3/Makefile Tue Jul 5 14:47:05 2016 @@ -3,7 +3,7 @@ COMMENT= AFP file and print services for IP networks V= 3.1.8 -REVISION= 1 +REVISION= 2 DISTNAME= netatalk-${V} EXTRACT_SUFX= .tar.bz2 PKGSPEC = netatalk->=3,<4 diff -ruN net/netatalk3.orig/patches/patch-etc_uams_uams_dhx2_passwd_c net/netatalk3/patches/patch-etc_uams_uams_dhx2_passwd_c --- net/netatalk3.orig/patches/patch-etc_uams_uams_dhx2_passwd_c Thu Jan 1 01:00:00 1970 +++ net/netatalk3/patches/patch-etc_uams_uams_dhx2_passwd_c Tue Jul 5 15:27:50 2016 @@ -0,0 +1,25 @@ +$OpenBSD$ +--- etc/uams/uams_dhx2_passwd.c.orig Thu Dec 11 12:27:44 2014 ++++ etc/uams/uams_dhx2_passwd.c Tue Jul 5 15:27:04 2016 +@@ -545,12 +545,20 @@ static int logincont2(void *obj _U_, struct passwd **u + /* ---- Start authentication --- */ + ret = AFPERR_NOTAUTH; + ++ if ((dhxpwd = getpwnam_shadow(dhxpwd->pw_name)) == NULL) { ++ LOG(log_info, logtype_uams, ++ "could not get shadow passwd for %s", dhxpwd->pw_name); ++ ret = AFPERR_NOTAUTH; ++ goto exit; ++ } ++ + p = crypt( ibuf, dhxpwd->pw_passwd ); + memset(ibuf, 0, 255); +- if ( strcmp( p, dhxpwd->pw_passwd ) == 0 ) { ++ if ( (p != NULL) && (strcmp( p, dhxpwd->pw_passwd ) == 0) ) { + *uam_pwd = dhxpwd; + ret = AFP_OK; + } ++ memset(dhxpwd->pw_passwd, 0, strlen(dhxpwd->pw_passwd)); + + #ifdef SHADOWPW + if (( sp = getspnam( dhxpwd->pw_name )) == NULL ) { diff -ruN net/netatalk3.orig/patches/patch-etc_uams_uams_dhx2_passwd_c.orig net/netatalk3/patches/patch-etc_uams_uams_dhx2_passwd_c.orig --- net/netatalk3.orig/patches/patch-etc_uams_uams_dhx2_passwd_c.orig Thu Jan 1 01:00:00 1970 +++ net/netatalk3/patches/patch-etc_uams_uams_dhx2_passwd_c.orig Thu Jun 9 16:08:04 2016 @@ -0,0 +1,26 @@ +$OpenBSD$ +--- etc/uams/uams_dhx2_passwd.c.orig Thu Jun 9 15:55:58 2016 ++++ etc/uams/uams_dhx2_passwd.c Thu Jun 9 15:59:50 2016 +@@ -545,12 +545,21 @@ static int logincont2(void *obj _U_, struct passwd **u + /* ---- Start authentication --- */ + ret = AFPERR_NOTAUTH; + ++ if ((dhxpwd = getpwnam_shadow(dhxpwd->pw_name)) == NULL) { ++ LOG(log_info, logtype_uams, ++ "could not get shadow passwd for %s", dhxpwd->pw_name); ++ ret = AFPERR_NOTAUTH; ++ goto exit; ++ } ++ + p = crypt( ibuf, dhxpwd->pw_passwd ); + memset(ibuf, 0, 255); +- if ( strcmp( p, dhxpwd->pw_passwd ) == 0 ) { ++ if ( (p != NULL) && (strcmp( p, dhxpwd->pw_passwd ) == 0) ) { ++ memset(dhxpwd->pw_passwd, 0, strlen(dhxpwd->pw_passwd)); + *uam_pwd = dhxpwd; + ret = AFP_OK; + } ++ memset(dhxpwd->pw_passwd, 0, strlen(dhxpwd->pw_passwd)); + + #ifdef SHADOWPW + if (( sp = getspnam( dhxpwd->pw_name )) == NULL ) { diff -ruN net/netatalk3.orig/patches/patch-etc_uams_uams_dhx_passwd_c net/netatalk3/patches/patch-etc_uams_uams_dhx_passwd_c --- net/netatalk3.orig/patches/patch-etc_uams_uams_dhx_passwd_c Thu Jan 1 01:00:00 1970 +++ net/netatalk3/patches/patch-etc_uams_uams_dhx_passwd_c Tue Jul 5 15:27:50 2016 @@ -0,0 +1,24 @@ +$OpenBSD$ +--- etc/uams/uams_dhx_passwd.c.orig Thu Dec 11 12:27:44 2014 ++++ etc/uams/uams_dhx_passwd.c Tue Jul 5 15:27:45 2016 +@@ -342,12 +342,19 @@ static int passwd_logincont(void *obj, struct passwd * + return AFP_OK; + } + #else /* TRU64 */ ++ if ((dhxpwd = getpwnam_shadow(dhxpwd->pw_name)) == NULL) { ++ LOG(log_info, logtype_uams, ++ "could not get shadow passwd for %s", dhxpwd->pw_name); ++ return (AFPERR_NOTAUTH); ++ } ++ + p = crypt( rbuf, dhxpwd->pw_passwd ); + memset(rbuf, 0, PASSWDLEN); +- if ( strcmp( p, dhxpwd->pw_passwd ) == 0 ) { ++ if ( (p != NULL) && (strcmp( p, dhxpwd->pw_passwd ) == 0) ) { + *uam_pwd = dhxpwd; + err = AFP_OK; + } ++ memset(dhxpwd->pw_passwd, 0, strlen(dhxpwd->pw_passwd)); + #ifdef SHADOWPW + if (( sp = getspnam( dhxpwd->pw_name )) == NULL ) { + LOG(log_info, logtype_uams, "no shadow passwd entry for %s", dhxpwd->pw_name); diff -ruN net/netatalk3.orig/patches/patch-etc_uams_uams_dhx_passwd_c.orig net/netatalk3/patches/patch-etc_uams_uams_dhx_passwd_c.orig --- net/netatalk3.orig/patches/patch-etc_uams_uams_dhx_passwd_c.orig Thu Jan 1 01:00:00 1970 +++ net/netatalk3/patches/patch-etc_uams_uams_dhx_passwd_c.orig Thu Jun 9 16:11:20 2016 @@ -0,0 +1,25 @@ +$OpenBSD$ +--- etc/uams/uams_dhx_passwd.c.orig Thu Jun 9 15:59:59 2016 ++++ etc/uams/uams_dhx_passwd.c Thu Jun 9 16:11:14 2016 +@@ -342,12 +342,20 @@ static int passwd_logincont(void *obj, struct passwd * + return AFP_OK; + } + #else /* TRU64 */ ++ if ((dhxpwd = getpwnam_shadow(dhxpwd->pw_name)) == NULL) { ++ LOG(log_info, logtype_uams, ++ "could not get shadow passwd for %s", dhxpwd->pw_name); ++ return (AFPERR_NOTAUTH); ++ } ++ + p = crypt( rbuf, dhxpwd->pw_passwd ); + memset(rbuf, 0, PASSWDLEN); +- if ( strcmp( p, dhxpwd->pw_passwd ) == 0 ) { ++ if ( (p != NULL) && (strcmp( p, dhxpwd->pw_passwd ) == 0) ) { ++ memset(dhxpwd->pw_passwd, 0, strlen(dhxpwd->pw_passwd)); + *uam_pwd = dhxpwd; + err = AFP_OK; + } ++ memset(dhxpwd->pw_passwd, 0, strlen(dhxpwd->pw_passwd)); + #ifdef SHADOWPW + if (( sp = getspnam( dhxpwd->pw_name )) == NULL ) { + LOG(log_info, logtype_uams, "no shadow passwd entry for %s", dhxpwd->pw_name); diff -ruN net/netatalk3.orig/patches/patch-etc_uams_uams_passwd_c net/netatalk3/patches/patch-etc_uams_uams_passwd_c --- net/netatalk3.orig/patches/patch-etc_uams_uams_passwd_c Thu Jan 1 01:00:00 1970 +++ net/netatalk3/patches/patch-etc_uams_uams_passwd_c Thu Jun 9 17:36:08 2016 @@ -0,0 +1,37 @@ +$OpenBSD$ +--- etc/uams/uams_passwd.c.orig Thu Dec 11 12:27:44 2014 ++++ etc/uams/uams_passwd.c Thu Jun 9 17:34:40 2016 +@@ -229,11 +229,19 @@ static int passwd_changepw(void *obj, char *username, + pwd->pw_passwd = sp->sp_pwdp; + #endif /* SHADOWPW */ + ++ if ((pwd = getpwnam_shadow(pwd->pw_name)) == NULL) { ++ LOG(log_info, logtype_uams, ++ "could not get shadow passwd for %s", pwd->pw_name); ++ ret = AFPERR_NOTAUTH; ++ goto exit; ++ } ++ + p = crypt(pw, pwd->pw_passwd ); +- if (strcmp( p, pwd->pw_passwd )) { ++ if ((p == NULL) || strcmp( p, pwd->pw_passwd ))) { + memset(pw, 0, sizeof(pw)); + return AFPERR_NOTAUTH; + } ++ memset(pwd->pw_passwd, 0, strlen(pwd->pw_passwd)); + + /* new password */ + ibuf += PASSWDLEN; +@@ -329,6 +337,12 @@ static int passwd_printer(char *start, char *stop, cha + } + + #endif /* SHADOWPW */ ++ ++ if ((pwd = getpwnam_shadow(pwd->pw_name)) == NULL) { ++ LOG(log_info, logtype_uams, ++ "could not get shadow passwd for %s", pwd->pw_name); ++ return(-1); ++ } + + if (!pwd->pw_passwd) { + LOG(log_info, logtype_uams, "Bad Login ClearTxtUAM: no password for %s",