force WRONG passwords to be passed through librad_safeprint()

	before being output to the terminal.  This prevents weird
	control codes from screwing up the local terminal settings.

	rad_pwdecode() now returns the size of the password
	librad_safeprint() is now exported.
	libradius.h is wrapped by the standard '#ifndef LIBRADIUS_H,
	#define LIBRADIUS_H .... #endif LIBRADIUS_H' stuff
	rad_check_password() now returns the length of the password.

	This should arguably returned in a VALUE_PAIR, like
	'Internally-Decrypted-Password'.

	The password printing in auth.c should be wrapped for correct
	logins, too.

diff --git a/src/include/libradius.h b/src/include/libradius.h
index 0d9f827..567b85d 100644 (file)
--- a/src/include/libradius.h
+++ b/src/include/libradius.h
@@ -1,3 +1,6 @@
+#ifndef LIBRADIUS_H
+#define LIBRADIUS_H
+
 /*
  * libradius.h Structures and prototypes
  *             for the radius library.
@@ -94,6 +97,7 @@ typedef struct radius_packet {
 /*
  *     Printing functions.
  */
+void           librad_safeprint(char *in, int inlen, char *out, int outlen);
 int            vp_prints(char *out, int outlen, VALUE_PAIR *vp);
 void           vp_print(FILE *, VALUE_PAIR *);
 void           vp_printlist(FILE *, VALUE_PAIR *);
@@ -170,3 +174,4 @@ UINT4               ip_getaddr (char *);
 char *         ip_ntoa(char *, UINT4);
 UINT4          ip_addr(char *);
 
+#endif LIBRADIUS_H

diff --git a/src/lib/print.c b/src/lib/print.c
index df46918..6ddc90a 100644 (file)
--- a/src/lib/print.c
+++ b/src/lib/print.c
@@ -22,7 +22,7 @@
  *     The output string has to be _at least_ 4x the size
  *     of the input string!
  */
-static void librad_safeprint(char *in, int inlen, char *out, int outlen)
+void librad_safeprint(char *in, int inlen, char *out, int outlen)
 {
        unsigned char   *str = (unsigned char *)in;
        int             done = 0;

diff --git a/src/main/auth.c b/src/main/auth.c
index 04a0d5f..e22a631 100644 (file)
--- a/src/main/auth.c
+++ b/src/main/auth.c
@@ -111,7 +111,7 @@ static int check_expiration(VALUE_PAIR *check_item, char *umsg, char **user_msg)
 static int rad_check_password(REQUEST *request, int activefd,
        VALUE_PAIR *check_item,
        VALUE_PAIR *namepair,
-       char **user_msg, char *userpass)
+       char **user_msg, u_char *userpass, int *userpass_len)
 {
        VALUE_PAIR      *auth_type_pair;
        VALUE_PAIR      *password_pair;
@@ -201,9 +201,10 @@ static int rad_check_password(REQUEST *request, int activefd,
         */
        if (auth_item != NULL && auth_item->attribute == PW_PASSWORD) {
                memcpy(string, auth_item->strvalue, auth_item->length);
-               rad_pwdecode(string, auth_item->length,
-                       request->secret, request->packet->vector);
-               strcpy(userpass, string);
+               *userpass_len = rad_pwdecode(string, auth_item->length,
+                                           request->secret,
+                                           request->packet->vector);
+               strncpy(userpass, string, *userpass_len + 1);
        }
 
 #if 0 /* DEBUG */
@@ -423,13 +424,14 @@ int rad_authenticate(REQUEST *request, int activefd)
        VALUE_PAIR      *user_reply;
        VALUE_PAIR      *tmp;
        int             result, r;
-       char            userpass[MAX_STRING_LEN];
-       char            umsg[MAX_STRING_LEN];
+       u_char          userpass[MAX_STRING_LEN + 1];
+       char            umsg[MAX_STRING_LEN + 1];
        char            *user_msg;
        char            *ptr;
        char            *exec_program;
        int             exec_wait;
        int             seen_callback_id;
+       int             userpass_len;
 
        user_check = NULL;
        user_reply = NULL;
@@ -504,7 +506,7 @@ int rad_authenticate(REQUEST *request, int activefd)
                if ((result = check_expiration(user_check, umsg, &user_msg))<0)
                                break;
                result = rad_check_password(request, activefd, user_check,
-                       namepair, &user_msg, userpass);
+                       namepair, &user_msg, userpass, &userpass_len);
                if (result > 0) {
                        pairfree(user_reply);
                        request->finished = TRUE;
@@ -526,9 +528,16 @@ int rad_authenticate(REQUEST *request, int activefd)
                rad_send(rp, activefd, request->secret);
                rad_free(rp);
                if (log_auth) {
+                       u_char clean_buffer[1024];
+                       u_char *p;
+                       p = userpass + userpass_len;
+                       while ((p >= userpass) &&
+                              (*p == '\0')) p--;
+                       librad_safeprint(userpass, p - userpass + 1,
+                                        clean_buffer, sizeof(clean_buffer));
                        log(L_AUTH,
                                "Login incorrect: [%s/%s] (%s)",
-                               namepair->strvalue, userpass,
+                               namepair->strvalue, clean_buffer,
                                auth_name(request, 1));
                }
        }
@@ -733,10 +742,6 @@ int rad_authenticate(REQUEST *request, int activefd)
        rad_free(rp);
 
        if (log_auth) {
-#if 1 /* Hide the password for `miquels' :) */
-               if (strcmp(namepair->strvalue, "miquels") == 0)
-                       strcpy(userpass, "guess");
-#endif
                log(L_AUTH,
                        "Login OK: [%s%s%s] (%s)",
                        namepair->strvalue,