Thanks for looking into this.
On Tue, Jul 05, 2016 at 02:19:34PM +0100, Stuart Henderson wrote:
[...]
> > + memset(ibuf, 0, 255);
> > +-if ( strcmp( p, dhxpwd->pw_passwd ) == 0 ) {
> > ++if ( (p != NULL) && (strcmp( p, dhxpwd->pw_passwd ) == 0) ) {
> > ++
On 2016/07/05 15:07, Nils Frohberg wrote:
> Ping. Updated patch for net/netatalk3 below (REVISION=2).
>
> (cc maintainter (ajacoutot@))
>
> > I had another look at the netatalk3 port and came up with the
> > following patch. It works for me but that's not a thorough test
> > (and only for dhx2).
Ping. Updated patch for net/netatalk3 below (REVISION=2).
(cc maintainter (ajacoutot@))
> I had another look at the netatalk3 port and came up with the
> following patch. It works for me but that's not a thorough test
> (and only for dhx2). It's a more invasive patch than my previous
> one, but
Sorry, wrong patch. Here's the correct one:
diff -x CVS -rNu net/netatalk3.orig/Makefile net/netatalk3/Makefile
--- net/netatalk3.orig/Makefile Sun Mar 20 17:12:25 2016
+++ net/netatalk3/Makefile Thu Jun 9 16:14:06 2016
@@ -3,7 +3,7 @@
COMMENT= AFP file and print services for
I had another look at the netatalk3 port and came up with the
following patch. It works for me but that's not a thorough test
(and only for dhx2). It's a more invasive patch than my previous
one, but if this is better I can apply the same to net/netatalk.
I looked for the SHADOWPW ifdefs and
It needs REVISION bumps then it's OK with me to unbreak things.
But if someone has time to look a little deeper, it could be
better targetted - there are only a few places that actually need
the passwords (see the SHADOWPW ifdefs) so it could be changed
to only use *_shadow functions in those
Due to lib/libc/gen/getpwent.c rev 1.61, netatalk segfaults when
authenticating via uam_dhx2_passwd.c (crypt(3)'s return value isn't
checked against NULL, cf. around line 551 of etc/afpd/uam.c). It
should now use getpwnam_shadow(3) instead of getpwnam(3) when looking
for the username and password.
