Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add: validate source names in CREATE_USER and MODIFY_USER #2205

Merged
merged 4 commits into from
Jun 14, 2024
Merged

Add: validate source names in CREATE_USER and MODIFY_USER #2205

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
2ed4630
Add: validate source names in CREATE_USER and MODIFY_USER
mattmundell May 29, 2024
1b3077a
Merge branch 'main' into validate-user-method
mattmundell Jun 3, 2024
cafda7b
Merge branch 'main' into validate-user-method
mattmundell Jun 12, 2024
8467007
Merge branch 'main' into validate-user-method
mattmundell Jun 14, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions src/gmp.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23454,6 +23454,7 @@ gmp_xml_handle_end_element (/* unused */ GMarkupParseContext* context,
log_event_fail ("user", "User", NULL, "created");
break;
case -3:
case -4:
SEND_TO_CLIENT_OR_FAIL (XML_ERROR_SYNTAX
("create_user", "Error in SOURCE"));
log_event_fail ("user", "User", NULL, "created");
Expand Down Expand Up @@ -26056,6 +26057,7 @@ gmp_xml_handle_end_element (/* unused */ GMarkupParseContext* context,
("modify_user", "Unknown role"));
break;
case -3:
case -4:
SEND_TO_CLIENT_OR_FAIL (XML_ERROR_SYNTAX
("modify_user", "Error in SOURCES"));
break;
Expand Down
16 changes: 12 additions & 4 deletions src/manage_sql.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -53655,7 +53655,8 @@ find_user_by_name (const char* name, user_t *user)
*
* @return 0 if the user has been added successfully, 1 failed to find group,
* 2 failed to find role, 3 syntax error in hosts, 99 permission denied,
* -1 on error, -2 if user exists already.
* -1 on error, -2 if user exists already, -3 if wrong number of methods,
* -4 error in method.
*/
int
create_user (const gchar * name, const gchar * password, const gchar *comment,
Expand Down Expand Up @@ -53684,7 +53685,10 @@ create_user (const gchar * name, const gchar * password, const gchar *comment,
if (allowed_methods && (allowed_methods->len == 0))
allowed_methods = NULL;

// TODO validate methods single source, one of ldap, ...
if (allowed_methods
&& (auth_method_name_valid (g_ptr_array_index (allowed_methods, 0))
== 0))
return -4;

if (validate_username (name) != 0)
{
Expand Down Expand Up @@ -54716,7 +54720,8 @@ delete_user (const char *user_id_arg, const char *name_arg, int ultimate,
* 2 failed to find user, 3 success and user gained admin, 4 success
* and user lost admin, 5 failed to find role, 6 syntax error in hosts,
* 7 syntax error in new name, 99 permission denied, -1 on error,
* -2 for an unknown role, -3 if wrong number of methods.
* -2 for an unknown role, -3 if wrong number of methods, -4 error in
* method.
*/
int
modify_user (const gchar * user_id, gchar **name, const gchar *new_name,
Expand Down Expand Up @@ -54748,7 +54753,10 @@ modify_user (const gchar * user_id, gchar **name, const gchar *new_name,
|| (strlen (g_ptr_array_index (allowed_methods, 0)) == 0)))
allowed_methods = NULL;

// TODO Validate methods: single source, one of "", "ldap", ...
if (allowed_methods
&& (auth_method_name_valid (g_ptr_array_index (allowed_methods, 0))
== 0))
return -4;

sql_begin_immediate ();

Expand Down
Loading