Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-Id: <20210901180931.31875-1-ericonr@disroot.org>
Date: Wed,  1 Sep 2021 15:09:31 -0300
From: Érico Nogueira <ericonr@...root.org>
To: musl@...ts.openwall.com
Cc: Érico Nogueira <ericonr@...root.org>
Subject: [PATCH] fix nscd querying when the daemon is disabled for some query types

for example, glibc's nscd, configured with `enable-cache passwd no`,
will still answer passwd queries, but with a message that simply
indicates it's disabled passwd querying. this is done by setting the
passwdbuf[PWFOUND] field to -1, which we used to evaluate as "true" for
the entry having been found, and then errored out when the rest of the
query response had the length fields set to 0 instead of 1 (which is
what we expect from empty fields, since they should contain an empty
string).  this is the case for group and initgroups queries as well.

from our point of view, buf[xxFOUND] being -1 can be treated the same as
if it was 0: a -1 response is equivalent to no nscd daemon running at
all, and we treat daemon unavailability the same as the daemon not
knowing about our query.
---
 src/passwd/getgr_a.c      | 2 +-
 src/passwd/getgrouplist.c | 2 +-
 src/passwd/getpw_a.c      | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/passwd/getgr_a.c b/src/passwd/getgr_a.c
index afeb1ece..3408686c 100644
--- a/src/passwd/getgr_a.c
+++ b/src/passwd/getgr_a.c
@@ -64,7 +64,7 @@ int __getgr_a(const char *name, gid_t gid, struct group *gr, char **buf, size_t
 		f = __nscd_query(req, key, groupbuf, sizeof groupbuf, &swap);
 		if (!f) { rv = errno; goto done; }
 
-		if (!groupbuf[GRFOUND]) { rv = 0; goto cleanup_f; }
+		if (!groupbuf[GRFOUND] || groupbuf[GRFOUND] == -1) { rv = 0; goto cleanup_f; }
 
 		if (!groupbuf[GRNAMELEN] || !groupbuf[GRPASSWDLEN]) {
 			rv = EIO;
diff --git a/src/passwd/getgrouplist.c b/src/passwd/getgrouplist.c
index 301824ce..b5d85eec 100644
--- a/src/passwd/getgrouplist.c
+++ b/src/passwd/getgrouplist.c
@@ -28,7 +28,7 @@ int getgrouplist(const char *user, gid_t gid, gid_t *groups, int *ngroups)
 
 	f = __nscd_query(GETINITGR, user, resp, sizeof resp, &swap);
 	if (!f) goto cleanup;
-	if (resp[INITGRFOUND]) {
+	if (resp[INITGRFOUND] && resp[INITGRFOUND] != -1) {
 		nscdbuf = calloc(resp[INITGRNGRPS], sizeof(uint32_t));
 		if (!nscdbuf) goto cleanup;
 		size_t nbytes = sizeof(*nscdbuf)*resp[INITGRNGRPS];
diff --git a/src/passwd/getpw_a.c b/src/passwd/getpw_a.c
index 15a70c03..8d555822 100644
--- a/src/passwd/getpw_a.c
+++ b/src/passwd/getpw_a.c
@@ -65,7 +65,7 @@ int __getpw_a(const char *name, uid_t uid, struct passwd *pw, char **buf, size_t
 		f = __nscd_query(req, key, passwdbuf, sizeof passwdbuf, (int[]){0});
 		if (!f) { rv = errno; goto done; }
 
-		if(!passwdbuf[PWFOUND]) { rv = 0; goto cleanup_f; }
+		if(!passwdbuf[PWFOUND] || passwdbuf[PWFOUND] == -1) { rv = 0; goto cleanup_f; }
 
 		/* A zero length response from nscd is invalid. We ignore
 		 * invalid responses and just report an error, rather than
-- 
2.33.0

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.