[K12OSN] ldm login and password that starts with '@'
Norman Gaywood
ngaywood at une.edu.au
Thu Mar 1 02:19:46 UTC 2012
Just found an interesting bug in ldm. If you type @ as the first
character of the password, the enter key does not work.
The password of @guest@ or @backend@ will allow the enter key to work
again but the login screen will just go back to the user prompt.
This of course will stop people having @ as the first character of their
password.
Here is the code from ldmgreetercomm.c that I think is going wrong:
int listen_greeter(gchar **buffer, gsize *buflen, gsize *end) {
while (1) {
/* Reads data from I/O channel of the greeter */
GError *ge = NULL;
if(g_io_channel_read_line(greeterr, buffer, buflen, end, &ge) != G_IO_STATUS_NORMAL) {
log_entry("ldm",3,"%s", ge->message);
return 1;
}
g_strstrip(*buffer);
log_entry("ldm",7,"Got command: %s",*buffer);
/* handle callbacks */
if (**buffer == '@') {
if (!g_strncasecmp(*buffer, "@backend@", 9)) {
ldm_raise_auth_except(AUTH_EXC_RELOAD_BACKEND);
} else if (!g_strncasecmp(*buffer, "@guest@", 7)) {
ldm_raise_auth_except(AUTH_EXC_GUEST);
}
continue;
}
break;
}
return 0;
}
I think that continue should not be there.
--
Norman Gaywood, Computer Systems Officer
University of New England, Armidale, NSW 2351, Australia
ngaywood at une.edu.au Phone: +61 (0)2 6773 3337
http://mcs.une.edu.au/~norm Fax: +61 (0)2 6773 3312
Please avoid sending me Word or PowerPoint attachments.
See http://www.gnu.org/philosophy/no-word-attachments.html
More information about the K12OSN
mailing list