certmonger

Clone

#96 Remove trailing CR/LF when reading passwords from a file.
Merged 6 years ago by rcritten. Opened 6 years ago by rcritten.
rcritten/certmonger password  into  master

file modified
+8 
@@ -476,9 +476,17 @@ 
 

  	/* Read the client password and/or PIN, if we need to. */
 

  	if ((pwdfile != NULL) && (pwd == NULL)) {
 

  		pwd = cm_submit_u_from_file(pwdfile);
 

+         if (pwd != NULL) {
 

+             pwd = talloc_strndup(ctx, pwd,
 

+                         strcspn(pwd, "\r\n"));
 

+ 		}
 

  	}
 

  	if ((pinfile != NULL) && (pin == NULL)) {
 

  		pin = cm_submit_u_from_file(pinfile);
 

+         if (pin != NULL) {
 

+             pin = talloc_strndup(ctx, pin,
 

+                         strcspn(pin, "\r\n"));
 

+ 		}
 

  	}
 

  

  	/* Figure out which form and arguments to use. */

Otherwise the CF/LF is hex-encoded and sent along as part of the password which then fails.

@cheimes can you take a look?

rebased onto ad5a5cfc6efb4a07b09822665d9a82d9c1e9af52
6 years ago

If I understand the code correctly, the new code chops off any junk after the first \r or \n. The line break and any additional line are ignored.

SGTM

rebased onto a55000a
6 years ago

Pull-Request has been merged by rcritten
6 years ago
Metadata
None
No Tags
Changes Summary 1
+8 -0
file changed
src/dogtag.c
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.