sssd (1.2.1-4+squeeze1) ldap-reject-zerolen-pwd.dpatch

Summary

 src/providers/ldap/ldap_auth.c |    7 +++++++
 1 file changed, 7 insertions(+)

    
download this patch

Patch contents

#! /bin/sh /usr/share/dpatch/dpatch-run

@DPATCH@
Patch fetched from 'https://bugzilla.redhat.com/attachment.cgi?id=439496'
CVE-2010-2940

From 8eeb47279a5a4559d9d7f911250d6164ab120897 Mon Sep 17 00:00:00 2001
From: Stephen Gallagher <sgallagh@redhat.com>
Date: Wed, 18 Aug 2010 12:57:43 -0400
Subject: [PATCH 9/9] Treat a zero-length password as a failure

Some LDAP servers allow binding with blank passwords. We should
not allow a blank password to authenticate the SSSD.
---
 src/providers/ldap/ldap_auth.c |    7 +++++++
 1 files changed, 7 insertions(+), 0 deletions(-)

diff --git a/src/providers/ldap/ldap_auth.c b/src/providers/ldap/ldap_auth.c
index b05e3075ce117fad17b87ffde257c80fc035b8c4..1a959d4cc45980fe5dd12db3460cc23f341466fd 100644
--- a/src/providers/ldap/ldap_auth.c
+++ b/src/providers/ldap/ldap_auth.c
@@ -557,6 +557,13 @@ static struct tevent_req *auth_send(TALLOC_CTX *memctx,
     req = tevent_req_create(memctx, &state, struct auth_state);
     if (!req) return NULL;
 
+    /* Treat a zero-length password as a failure */
+    if (password.length == 0) {
+        state->result = SDAP_AUTH_FAILED;
+        tevent_req_done(req);
+        return tevent_req_post(req, ev);
+    }
+
     state->ev = ev;
     state->ctx = ctx;
     state->username = username;
-- 
1.7.2.1