os: auth: protect against duplicate auth keys

Protect the Add() proto funcs from adding duplicate auth keys. If adding a duplicate is attempted, the XID of the already existing one is returned instead. Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
2025-03-10 14:46:32 +01:00 · 2025-03-10 14:46:32 +01:00 · 6f675e4d01
parent 1629400be5
commit 6f675e4d01
2 changed files with 18 additions and 1 deletions
--- a/os/mitauth.c
+++ b/os/mitauth.c
@ -49,7 +49,16 @@ static struct auth {
 XID
 MitAddCookie(unsigned short data_length, const char *data)
 {
-    struct auth *new = calloc(1, sizeof(struct auth));
+    struct auth *new;
+
+    // check for possible duplicate and return it instead
+    for (struct auth *walk=mit_auth; walk; walk=walk->next) {
+        if ((walk->len == data_length) &&
+            (memcmp(walk->data, data, data_length) == 0))
+            return walk->id;
+    }
+
+    new = calloc(1, sizeof(struct auth));
    if (!new)
        return 0;
    new->data = calloc(1, (unsigned) data_length);
--- a/os/xdmauth.c
+++ b/os/xdmauth.c
@ -353,6 +353,14 @@ XdmAddCookie(unsigned short data_length, const char *data)
    /* the first octet of the key must be zero */
    if (key_bits[0] != '\0')
        return 0;
+
+    /* check for possible duplicate and return it */
+    for (XdmAuthorizationRec *walk = xdmAuth; walk; walk=walk->next) {
+        if ((memcmp(walk->key.data, key_bits, 8)==0) &&
+            (memcmp(walk->rho.data, rho_bits, 8)==0))
+            return walk->id;
+    }
+
    XdmAuthorizationPtr new = calloc(1, sizeof(XdmAuthorizationRec));
    if (!new)
        return 0;