diff options
author | G Dutton <35460590+gdttn@users.noreply.github.com> | 2019-09-02 21:51:11 +0100 |
---|---|---|
committer | Alexander Amelkin <mocbuhtig@amelkin.msk.ru> | 2019-09-03 23:40:48 +0300 |
commit | 51a2ab818087caedd8dac188f761e995683eafbd (patch) | |
tree | b34a4c4ed840c10fb5bf7345bbd5ac65056e05bb | |
parent | af062a9a5ee2e78b0c3570fd46ffff951f3f5ecb (diff) | |
download | ipmitool-51a2ab818087caedd8dac188f761e995683eafbd.tar.gz |
user: Improve password length handling
No longer truncate passwords (16 < p <= 20) silently, instead attempt
to set a 20-char password when such a password is given.
Fail if an explicit length is exceeded, and any time the upper limit
is exceeded.
-rw-r--r-- | lib/ipmi_user.c | 35 |
1 files changed, 18 insertions, 17 deletions
diff --git a/lib/ipmi_user.c b/lib/ipmi_user.c index 4eddecb..408a647 100644 --- a/lib/ipmi_user.c +++ b/lib/ipmi_user.c @@ -657,24 +657,25 @@ ipmi_user_password(struct ipmi_intf *intf, int argc, char **argv) } } else { password = argv[3]; - if (argc > 4) { - if ((str2uchar(argv[4], &password_type) != 0) - || (password_type != 16 && password_type != 20)) { - lprintf(LOG_ERR, "Invalid password length '%s'", argv[4]); - return (-1); - } - } else { - password_type = 16; - } - } - - if (!password) { - lprintf(LOG_ERR, "Unable to parse password argument."); - return (-1); - } else if (strlen(password) > 20) { - lprintf(LOG_ERR, "Password is too long (> 20 bytes)"); - return (-1); } + + if (argc > 4) { + if ((str2uchar(argv[4], &password_type) != 0) + || (password_type != 16 && password_type != 20)) { + lprintf(LOG_ERR, "Invalid password length '%s'", argv[4]); + return (-1); + } + } else if (strlen(password) > 16) { + password_type = 20; + } + + if (!password) { + lprintf(LOG_ERR, "Unable to parse password argument."); + return (-1); + } else if (strlen(password) > password_type) { + lprintf(LOG_ERR, "Password is too long (> %d bytes)", password_type); + return (-1); + } ccode = _ipmi_set_user_password(intf, user_id, IPMI_PASSWORD_SET_PASSWORD, password, |