IDENT reply: only allow alphanumeric characters in user name
Only alphanumeric characters are allowed in the user name, so ignore all IDENT replies that would violate this rule and use the one supplied by the USER command.
This commit is contained in:
parent
6680b536c4
commit
695df6532e
|
@ -2174,6 +2174,7 @@ cb_Read_Resolver_Result( int r_fd, UNUSED short events )
|
||||||
char *identptr;
|
char *identptr;
|
||||||
#ifdef IDENTAUTH
|
#ifdef IDENTAUTH
|
||||||
char readbuf[HOST_LEN + 2 + CLIENT_USER_LEN];
|
char readbuf[HOST_LEN + 2 + CLIENT_USER_LEN];
|
||||||
|
char *ptr;
|
||||||
#else
|
#else
|
||||||
char readbuf[HOST_LEN + 1];
|
char readbuf[HOST_LEN + 1];
|
||||||
#endif
|
#endif
|
||||||
|
@ -2226,11 +2227,30 @@ cb_Read_Resolver_Result( int r_fd, UNUSED short events )
|
||||||
#ifdef IDENTAUTH
|
#ifdef IDENTAUTH
|
||||||
++identptr;
|
++identptr;
|
||||||
if (*identptr) {
|
if (*identptr) {
|
||||||
Log(LOG_INFO, "IDENT lookup for connection %d: \"%s\".", i, identptr);
|
ptr = identptr;
|
||||||
|
while (*ptr) {
|
||||||
|
if ((*ptr < '0' || *ptr > '9') &&
|
||||||
|
(*ptr < 'A' || *ptr > 'Z') &&
|
||||||
|
(*ptr < 'a' || *ptr > 'z'))
|
||||||
|
break;
|
||||||
|
ptr++;
|
||||||
|
}
|
||||||
|
if (*ptr) {
|
||||||
|
/* Erroneous IDENT reply */
|
||||||
|
Log(LOG_NOTICE,
|
||||||
|
"Got invalid IDENT reply for connection %d! Ignored.",
|
||||||
|
i);
|
||||||
|
} else {
|
||||||
|
Log(LOG_INFO,
|
||||||
|
"IDENT lookup for connection %d: \"%s\".",
|
||||||
|
i, identptr);
|
||||||
Client_SetUser(c, identptr, true);
|
Client_SetUser(c, identptr, true);
|
||||||
if (Conf_NoticeAuth)
|
}
|
||||||
|
if (Conf_NoticeAuth) {
|
||||||
(void)Conn_WriteStr(i,
|
(void)Conn_WriteStr(i,
|
||||||
"NOTICE AUTH :*** Got ident response");
|
"NOTICE AUTH :*** Got %sident response",
|
||||||
|
*ptr == NULL ? "" : "invalid ");
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
Log(LOG_INFO, "IDENT lookup for connection %d: no result.", i);
|
Log(LOG_INFO, "IDENT lookup for connection %d: no result.", i);
|
||||||
if (Conf_NoticeAuth && Conf_Ident)
|
if (Conf_NoticeAuth && Conf_Ident)
|
||||||
|
|
Loading…
Reference in New Issue