deepblue/ipmitool
1
0
Fork 0
mirror of https://github.com/ipmitool/ipmitool.git synced 2025-05-10 18:47:22 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

user: Improve password length handling

Browse Source 
No longer truncate passwords (16 < p <= 20) silently, instead attempt
to set a 20-char password when such a password is given.
Fail if an explicit length is exceeded, and any time the upper limit
is exceeded.
This commit is contained in:
G Dutton 2019-09-02 21:51:11 +01:00 committed by Alexander Amelkin
parent af062a9a5e
commit 51a2ab8180
1 changed files with 17 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
lib/ipmi_user.c
View File

@ -657,24 +657,25 @@ ipmi_user_password(struct ipmi_intf *intf, int argc, char **argv)
} }
} else { } else {
password = argv[3]; password = argv[3];
if (argc > 4) {
if ((str2uchar(argv[4], &password_type) != 0)
|| (password_type != 16 && password_type != 20)) {
lprintf(LOG_ERR, "Invalid password length '%s'", argv[4]);
return (-1);
}
} else {
password_type = 16;
}
} }
if (!password) { if (argc > 4) {
lprintf(LOG_ERR, "Unable to parse password argument."); if ((str2uchar(argv[4], &password_type) != 0)
return (-1); || (password_type != 16 && password_type != 20)) {
} else if (strlen(password) > 20) { lprintf(LOG_ERR, "Invalid password length '%s'", argv[4]);
lprintf(LOG_ERR, "Password is too long (> 20 bytes)"); return (-1);
return (-1); }
} } else if (strlen(password) > 16) {
password_type = 20;
}
if (!password) {
lprintf(LOG_ERR, "Unable to parse password argument.");
return (-1);
} else if (strlen(password) > password_type) {
lprintf(LOG_ERR, "Password is too long (> %d bytes)", password_type);
return (-1);
}
ccode = _ipmi_set_user_password(intf, user_id, ccode = _ipmi_set_user_password(intf, user_id,
IPMI_PASSWORD_SET_PASSWORD, password, IPMI_PASSWORD_SET_PASSWORD, password,