iked users database misses entries after ikectl reload

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

iked users database misses entries after ikectl reload

Bernardo Cunha Vieira
Hi,
This fixes the users' database corruption after an iked reload.
The old code overwrites the pointers in the RB tree, losing users
if a list of users is provided in config file.
Regards,
Bernardo

Index: config.c
===================================================================
RCS file: /cvs/src/sbin/iked/config.c,v
retrieving revision 1.54
diff -u -p -r1.54 config.c
--- config.c    9 Mar 2020 11:50:43 -0000       1.54
+++ config.c    23 Mar 2020 19:19:07 -0000
@@ -434,7 +434,7 @@ config_new_user(struct iked *env, struct

         if ((old = RB_INSERT(iked_users, &env->sc_users, usr)) != NULL) {
                 /* Update the password of an existing user*/
-               memcpy(old, new, sizeof(*old));
+               memcpy(old->usr_pass, new->usr_pass, IKED_PASSWORD_SIZE);

                 log_debug("%s: updating user %s", __func__, usr->usr_name);
                 free(usr);

Reply | Threaded
Open this post in threaded view
|

Re: iked users database misses entries after ikectl reload

Tobias Heider-2
On Mon, Mar 23, 2020 at 05:53:00PM -0300, Bernardo Cunha Vieira wrote:
> Hi,
> This fixes the users' database corruption after an iked reload.
> The old code overwrites the pointers in the RB tree, losing users
> if a list of users is provided in config file.
> Regards,
> Bernardo

Good find, thanks!  I committed your diff.

>
> Index: config.c
> ===================================================================
> RCS file: /cvs/src/sbin/iked/config.c,v
> retrieving revision 1.54
> diff -u -p -r1.54 config.c
> --- config.c    9 Mar 2020 11:50:43 -0000       1.54
> +++ config.c    23 Mar 2020 19:19:07 -0000
> @@ -434,7 +434,7 @@ config_new_user(struct iked *env, struct
>
>         if ((old = RB_INSERT(iked_users, &env->sc_users, usr)) != NULL) {
>                 /* Update the password of an existing user*/
> -               memcpy(old, new, sizeof(*old));
> +               memcpy(old->usr_pass, new->usr_pass, IKED_PASSWORD_SIZE);
>
>                 log_debug("%s: updating user %s", __func__, usr->usr_name);
>                 free(usr);
>