From: Martin Mares <mj@ucw.cz>
Date: Wed, 6 Sep 2017 21:01:12 +0000 (+0200)
Subject: Server: Maximum comment size is limited (configurable)
X-Git-Tag: v0.9~19
X-Git-Url: http://mj.ucw.cz/gitweb/?a=commitdiff_plain;h=20f43a00e811ad1a16d3b2ce4c64d51224360077;p=subauth.git

Server: Maximum comment size is limited (configurable)

Otherwise, the clients could easily overflow the maximum packet size.
---

diff --git a/etc/subauthd b/etc/subauthd
index ea26479..8268151 100644
--- a/etc/subauthd
+++ b/etc/subauthd
@@ -16,6 +16,9 @@ SubauthD {
 	# Maximum packet size (default: 16k)
 	MaxPacketSize	16k
 
+	# Maximum size of a user comment (default: 100)
+	MaxCommentSize	100
+
 #ifndef CONFIG_LOCAL
 	# Log to a given stream (configured below)
 	LogStream	syslog
diff --git a/server/cmd.c b/server/cmd.c
index 28ec103..106d1ef 100644
--- a/server/cmd.c
+++ b/server/cmd.c
@@ -260,8 +260,12 @@ static void cmd_create_token(struct client *c)
   if (clist_size(&aa->tokens) >= aa->zone->allow_tokens)
     cmd_error(c, "Maximum number of tokens was reached");
 
+  const char *comment = get_string(c->request, "comment");
+  if (comment && strlen(comment) > max_comment_size)
+    cmd_error(c, "Comment too long");
+
   struct auth_token *at = auth_create_token(aa);
-  char *tok = auth_set_token_generated(at, get_string(c->request, "comment"), c->pool);
+  char *tok = auth_set_token_generated(at, comment, c->pool);
   set_string(c, c->reply, "token", tok);
 
   msg(L_INFO, "Created token: login=<%s> zone=<%s> id=<%s>", aa->user->login, aa->zone->name, at->ident);
diff --git a/server/subauthd.c b/server/subauthd.c
index 0df6ab9..4d1110b 100644
--- a/server/subauthd.c
+++ b/server/subauthd.c
@@ -29,6 +29,7 @@ char *database_name = "subauthd.db";
 char *temp_key_file;
 char *log_stream_name;
 static uint max_packet_size = 16384;
+uint max_comment_size = 100;
 
 static struct main_file listen_socket;
 static uint num_connections;
@@ -318,6 +319,7 @@ static struct cf_section daemon_config = {
     CF_STRING("SocketPath", &socket_path),
     CF_UINT("MaxConnections", &max_connections),
     CF_UINT("MaxPacketSize", &max_packet_size),
+    CF_UINT("MaxCommentSize", &max_comment_size),
     CF_LIST("Zone", &zone_list, &zone_config),
     CF_STRING("Database", &database_name),
     CF_STRING("TempKeyFile", &temp_key_file),
diff --git a/server/subauthd.h b/server/subauthd.h
index 6572500..1e86754 100644
--- a/server/subauthd.h
+++ b/server/subauthd.h
@@ -29,6 +29,7 @@ struct client {
 extern clist zone_list;			// of struct auth_zone
 extern char *database_name;
 extern char *temp_key_file;
+extern uint max_comment_size;
 
 /* cmd.c */