On Mon, Nov 27 2017, Stefan Sperling <[email protected]> wrote:
> On Mon, Nov 27, 2017 at 01:31:17AM +0100, Stefan Sperling wrote:
>> On Sun, Nov 26, 2017 at 06:17:14PM +0100, Jeremie Courreges-Anglas wrote:
>> >
>> > I don't think anything has been committed regarding this issue, right?
>>
>> Nope.
>>
>> I've been discussing this with people in person.
>> Will summarize those discussions and send a new diff soon.
>
> Most people I've talked to seem to be OK with never exposing
> these secrets to userland in the first place.
>
> OK?
As discussed with stsp, who would rather focus on wifi, the carp and
sppp parts need more love.
To stop the "get" ioctls from passing sppp authname and carp pass to
userland, the "set" ioctls should test whether those are actually set in
the request, instead of zeroing them.
The sppp authname is a NUL-terminated string, but the carp pass is
treated as a blob so I'm just checking if it contains at least one
non-NUL byte. I performed a bunch of tests but this could use more
eyes.
Index: net/if_spppsubr.c
===================================================================
RCS file: /d/cvs/src/sys/net/if_spppsubr.c,v
retrieving revision 1.173
diff -u -p -r1.173 if_spppsubr.c
--- net/if_spppsubr.c 20 Oct 2017 09:35:09 -0000 1.173
+++ net/if_spppsubr.c 28 Nov 2017 10:48:39 -0000
@@ -4588,12 +4588,14 @@ sppp_set_params(struct sppp *sp, struct
auth->flags = spa->flags;
spa->name[AUTHMAXLEN - 1] = '\0';
- len = strlen(spa->name) + 1;
- p = malloc(len, M_DEVBUF, M_WAITOK);
- strlcpy(p, spa->name, len);
- if (auth->name != NULL)
- free(auth->name, M_DEVBUF, 0);
- auth->name = p;
+ if (spa->name[0] != '\0') {
+ len = strlen(spa->name) + 1;
+ p = malloc(len, M_DEVBUF, M_WAITOK);
+ strlcpy(p, spa->name, len);
+ if (auth->name != NULL)
+ free(auth->name, M_DEVBUF, 0);
+ auth->name = p;
+ }
if (spa->secret[0] != '\0') {
spa->secret[AUTHMAXLEN - 1] = '\0';
Index: netinet/ip_carp.c
===================================================================
RCS file: /d/cvs/src/sys/netinet/ip_carp.c,v
retrieving revision 1.320
diff -u -p -r1.320 ip_carp.c
--- netinet/ip_carp.c 23 Nov 2017 13:32:25 -0000 1.320
+++ netinet/ip_carp.c 28 Nov 2017 10:48:39 -0000
@@ -2118,7 +2118,14 @@ carp_ioctl(struct ifnet *ifp, u_long cmd
carp_set_enaddr(sc);
carp_update_lsmask(sc);
}
- bcopy(carpr.carpr_key, sc->sc_key, sizeof(sc->sc_key));
+ /* only update the carp key if non-zero */
+ for (i = 0; i < CARP_KEY_LEN; i++) {
+ if (carpr.carpr_key[i] != '\0') {
+ bcopy(carpr.carpr_key, sc->sc_key,
+ sizeof(sc->sc_key));
+ break;
+ }
+ }
if (error > 0)
error = EINVAL;
else {
--
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
