* nupas auth: incompatibility and error messaging
@ 2017-03-22 0:02 inkswinc
2017-03-22 2:53 ` [9front] " Benjamin Purcell
0 siblings, 1 reply; 8+ messages in thread
From: inkswinc @ 2017-03-22 0:02 UTC (permalink / raw)
To: 9front
Nupas' smtp.c file uses a different var in the 'server=' part of the
string it queries from factotum than upas did: where upas used
'server=smtp.gmail.com' (from the dialstring passed on the
commandline), nupas uses 'server=gmail-smtp-msa.l.google.com' (result
of some lookup, I presume) Not only does this break backwards
compatibility, but it also feels a little more brittle to me; the
latter name seems likely to change.
Not sure where else this difference occurs; it doesn't seem to in
imaps, which I also use, but it does seem to in /sys/lib/tls/smtp
(though with gmail that needs to change all the time anyways, so...)
It also doesn't do a good job of error messaging when auth fails; it
just shows up as an error in the 'hello' phase, which sucks.
Following patch is an attempt at resolving those issues; it works for
me. This is the first time I've ever given anyone else any C code
I've written, so feel free to be ruthless if you see anything
suboptimal.
diff -r a01d0802d023 sys/src/cmd/upas/smtp/smtp.c
--- a/sys/src/cmd/upas/smtp/smtp.c Mon Mar 20 19:15:40 2017 +0100
+++ b/sys/src/cmd/upas/smtp/smtp.c Tue Mar 21 23:49:01 2017 +0000
@@ -493,20 +493,27 @@
static char *
doauth(char *methods)
{
- char *buf, *err;
+ char *buf, *err, *factstring;
UserPasswd *p;
int n;
DS ds;
- dialstringparse(ddomain, &ds);
+ dialstringparse(farend, &ds);
if(strstr(methods, "CRAM-MD5"))
return smtpcram(&ds);
- p = auth_getuserpasswd(nil,
- user?"proto=pass service=smtp server=%q user=%q":"proto=pass service=smtp server=%q",
+ factstring = smprint(user?
+ "proto=pass service=smtp server=%q user=%q":
+ "proto=pass service=smtp server=%q",
ds.host, user);
- if (p == nil)
+
+ p = auth_getuserpasswd(nil,factstring);
+ if (p == nil) {
+ syslog(0, "smtp.fail", "failed to get userpasswd for %s", factstring);
+ free(factstring);
return Giveup;
+ }
+ free(factstring);
err = Retry;
if (strstr(methods, "LOGIN")){
Thanks,
sam-d
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [9front] nupas auth: incompatibility and error messaging
2017-03-22 0:02 nupas auth: incompatibility and error messaging inkswinc
@ 2017-03-22 2:53 ` Benjamin Purcell
2017-03-22 2:58 ` Benjamin Purcell
0 siblings, 1 reply; 8+ messages in thread
From: Benjamin Purcell @ 2017-03-22 2:53 UTC (permalink / raw)
To: 9front
At the very least you should check that the char* returned from
smprint is not nil.
But if this were me I would avoid the memory allocation entirely since
we can estimate a reasonable bound on the auth string. In that case I
like to use a static buf instead and print into it sequentially. That
way you also avoid an arguably ugly ternary expression and avoid
another memory allocation that is found below:
http://okturing.com/src/1190/body
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [9front] nupas auth: incompatibility and error messaging
2017-03-22 2:53 ` [9front] " Benjamin Purcell
@ 2017-03-22 2:58 ` Benjamin Purcell
0 siblings, 0 replies; 8+ messages in thread
From: Benjamin Purcell @ 2017-03-22 2:58 UTC (permalink / raw)
To: 9front
If no one objects to the change sam-d wants to make with switching
ddomain to farend, I'll apply the patch I posted soon.
-spew
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [9front] nupas auth: incompatibility and error messaging
@ 2017-03-22 17:10 inkswinc
0 siblings, 0 replies; 8+ messages in thread
From: inkswinc @ 2017-03-22 17:10 UTC (permalink / raw)
To: cinap_lenrek, 9front
On Wed, 22 Mar 2017 10:17:14 +0100, cinap_lenrek@felloff.net wrote:
> to be clear, this is like:
>
> buf = ... usercontrolled string ...
>
> print(buf); vs print("%s", buf);
>
> the former allows you to crash the program.
>
> --
> cinap
Ah, thanks. I'd always seen the latter style, but it never clicked
for me why it was done that way. Makes a lot of sense now... time
to grep through my programs and see all the other places I've made
this mistake.
- sam-d
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [9front] nupas auth: incompatibility and error messaging
@ 2017-03-22 17:09 inkswinc
0 siblings, 0 replies; 8+ messages in thread
From: inkswinc @ 2017-03-22 17:09 UTC (permalink / raw)
To: cinap_lenrek, 9front
On Wed, 22 Mar 2017 10:17:14 +0100, cinap_lenrek@felloff.net wrote:
> to be clear, this is like:
>
> buf = ... usercontrolled string ...
>
> print(buf); vs print("%s", buf);
>
> the former allows you to crash the program.
>
> --
> cinap
Ah, thanks. I'd always seen the latter style, but it never clicked
for me why it was done that way. Makes a lot of sense now... time
to grep through my programs and see all the other places I've made
this mistake.
- sam-d
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [9front] nupas auth: incompatibility and error messaging
@ 2017-03-22 9:17 cinap_lenrek
0 siblings, 0 replies; 8+ messages in thread
From: cinap_lenrek @ 2017-03-22 9:17 UTC (permalink / raw)
To: 9front
to be clear, this is like:
buf = ... usercontrolled string ...
print(buf); vs print("%s", buf);
the former allows you to crash the program.
--
cinap
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [9front] nupas auth: incompatibility and error messaging
@ 2017-03-22 9:15 cinap_lenrek
0 siblings, 0 replies; 8+ messages in thread
From: cinap_lenrek @ 2017-03-22 9:15 UTC (permalink / raw)
To: 9front
factstring is wrong.
auth_getuserpasswd() is itself a format function. so if username would contain
for example "%s" then auth_getuserpasswd() would try to read beyond its varargs list.
you really want to pass the constant format string to auth_getuserpasswd()
here and pass the username and servername in the varargs.
--
cinap
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [9front] nupas auth: incompatibility and error messaging
@ 2017-03-22 3:16 inkswinc
0 siblings, 0 replies; 8+ messages in thread
From: inkswinc @ 2017-03-22 3:16 UTC (permalink / raw)
To: benjapurcell, 9front
Yeah, I realized the failure to check the output of smprint shortly
after posting and have been kicking myself since. I do like your way
better, but wasn't feeling that ambitious and figured I'd go for
something braindead (which I still managed to fuck up). Thanks for
taking it up.
- sam-d
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2017-03-22 22:33 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-03-22 0:02 nupas auth: incompatibility and error messaging inkswinc
2017-03-22 2:53 ` [9front] " Benjamin Purcell
2017-03-22 2:58 ` Benjamin Purcell
2017-03-22 3:16 inkswinc
2017-03-22 9:15 cinap_lenrek
2017-03-22 9:17 cinap_lenrek
2017-03-22 17:09 inkswinc
2017-03-22 17:10 inkswinc
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).