Commit 3c1bc966 authored by Colin Granville's avatar Colin Granville Committed by ROOL
Browse files

Length of usernames and passwords increased

Detail:
  Usernames on Windows can be email addresses which are longer than the 16 byte
  NAME_LIMIT so usernames and passwords are given their own name limit and
  this is increased to 64 bytes.
Admin:
  Tested with Windows 10.

Version 2.63. Tagged as 'OmniLanManFS-2_63'
parent 45886dc7
/* (2.62) /* (2.63)
* *
* This file is automatically maintained by srccommit, do not edit manually. * This file is automatically maintained by srccommit, do not edit manually.
* *
*/ */
#define Module_MajorVersion_CMHG 2.62 #define Module_MajorVersion_CMHG 2.63
#define Module_MinorVersion_CMHG #define Module_MinorVersion_CMHG
#define Module_Date_CMHG 04 Jun 2019 #define Module_Date_CMHG 27 Apr 2020
#define Module_MajorVersion "2.62" #define Module_MajorVersion "2.63"
#define Module_Version 262 #define Module_Version 263
#define Module_MinorVersion "" #define Module_MinorVersion ""
#define Module_Date "04 Jun 2019" #define Module_Date "27 Apr 2020"
#define Module_ApplicationDate "04-Jun-19" #define Module_ApplicationDate "27-Apr-20"
#define Module_ComponentName "OmniLanManFS" #define Module_ComponentName "OmniLanManFS"
#define Module_FullVersion "2.62" #define Module_FullVersion "2.63"
#define Module_HelpVersion "2.62 (04 Jun 2019)" #define Module_HelpVersion "2.63 (27 Apr 2020)"
#define Module_LibraryVersionInfo "2:62" #define Module_LibraryVersionInfo "2:63"
...@@ -48,10 +48,10 @@ ...@@ -48,10 +48,10 @@
static void SetPassword ( char * pwd ) static void SetPassword ( char * pwd )
{ {
static char pass_buf[NAME_LIMIT]; static char pass_buf[PASSWORD_LIMIT];
if ( pwd == NULL ) pwd = ""; if ( pwd == NULL ) pwd = "";
strcpyn ( pass_buf, pwd, NAME_LIMIT ); strcpyn ( pass_buf, pwd, PASSWORD_LIMIT );
Xlt_Jumble ( pass_buf ); Xlt_Jumble ( pass_buf );
LM_Vars.password_ptr = pass_buf; LM_Vars.password_ptr = pass_buf;
} }
...@@ -170,7 +170,7 @@ err_t Lgn_Logon ( char *wkgrp, char *userid, char *pwd ) ...@@ -170,7 +170,7 @@ err_t Lgn_Logon ( char *wkgrp, char *userid, char *pwd )
/* pwd may be NULL */ /* pwd may be NULL */
strcpyn ( LM_Vars.username, userid, NAME_LIMIT ); strcpyn ( LM_Vars.username, userid, USERNAME_LIMIT );
SetPassword ( pwd ); SetPassword ( pwd );
LM_Vars.logged_on = true; LM_Vars.logged_on = true;
......
...@@ -267,7 +267,7 @@ struct ActiveServer ...@@ -267,7 +267,7 @@ struct ActiveServer
time_t last_xact; time_t last_xact;
hSESSION hSession; /* Only valid if status is IN_USE */ hSESSION hSession; /* Only valid if status is IN_USE */
char password[NAME_LIMIT]; char password[PASSWORD_LIMIT];
int Uid; /* User identifier */ int Uid; /* User identifier */
int Sesskey; /* Session key */ int Sesskey; /* Session key */
...@@ -282,7 +282,7 @@ struct ActiveServer ...@@ -282,7 +282,7 @@ struct ActiveServer
int bloblen; int bloblen;
BYTE *blob; BYTE *blob;
char servname[NAME_LIMIT]; /* upper case */ char servname[NAME_LIMIT]; /* upper case */
char username[NAME_LIMIT]; /* case preserved */ char username[USERNAME_LIMIT]; /* case preserved */
unsigned int maxTxBufferSize; /* maximum SMB message size the server can receive */ unsigned int maxTxBufferSize; /* maximum SMB message size the server can receive */
}; };
...@@ -292,7 +292,7 @@ struct ActiveShare ...@@ -292,7 +292,7 @@ struct ActiveShare
{ {
int flags; int flags;
char password[NAME_LIMIT]; char password[PASSWORD_LIMIT];
hSERVER hServer; /* Only valid if status is IN_USE */ hSERVER hServer; /* Only valid if status is IN_USE */
int sharetype; int sharetype;
...@@ -1520,7 +1520,7 @@ err_t SMB_CreateShare ( int sharetype_in, ...@@ -1520,7 +1520,7 @@ err_t SMB_CreateShare ( int sharetype_in,
hSERVER hServ; hSERVER hServ;
char uc_sharename[SHARENAME_LEN]; char uc_sharename[SHARENAME_LEN];
char uc_servname [NAME_LIMIT]; char uc_servname [NAME_LIMIT];
char plain_password[NAME_LIMIT]; char plain_password[PASSWORD_LIMIT];
int to_do, done; int to_do, done;
err_t res; err_t res;
...@@ -1555,7 +1555,7 @@ err_t SMB_CreateShare ( int sharetype_in, ...@@ -1555,7 +1555,7 @@ err_t SMB_CreateShare ( int sharetype_in,
{ {
username_in = LM_Vars.username; username_in = LM_Vars.username;
Xlt_Unjumble ( LM_Vars.password_ptr ); Xlt_Unjumble ( LM_Vars.password_ptr );
strcpyn ( plain_password, LM_Vars.password_ptr, NAME_LIMIT ); strcpyn ( plain_password, LM_Vars.password_ptr, PASSWORD_LIMIT );
Xlt_Jumble ( LM_Vars.password_ptr ); Xlt_Jumble ( LM_Vars.password_ptr );
password_in = plain_password; password_in = plain_password;
} }
...@@ -1619,7 +1619,7 @@ err_t SMB_CreateShare ( int sharetype_in, ...@@ -1619,7 +1619,7 @@ err_t SMB_CreateShare ( int sharetype_in,
hShare->hServer = hServ; hShare->hServer = hServ;
hShare->sharetype = sharetype_in; hShare->sharetype = sharetype_in;
strcpy ( hShare->sharename, uc_sharename ); strcpy ( hShare->sharename, uc_sharename );
strcpyn ( hShare->password, password_in, NAME_LIMIT ); strcpyn ( hShare->password, password_in, PASSWORD_LIMIT );
Xlt_Jumble(hShare->password); Xlt_Jumble(hShare->password);
done |= ALLOC_SHARE; done |= ALLOC_SHARE;
} }
...@@ -1643,8 +1643,8 @@ err_t SMB_CreateShare ( int sharetype_in, ...@@ -1643,8 +1643,8 @@ err_t SMB_CreateShare ( int sharetype_in,
if ( to_do & CONN_SERVER ) if ( to_do & CONN_SERVER )
{ {
/* Set up new server details */ /* Set up new server details */
strcpyn_upper ( hServ->username, username_in, NAME_LIMIT ); strcpyn_upper ( hServ->username, username_in, USERNAME_LIMIT );
strncpy ( hServ->password, password_in, NAME_LIMIT ); strncpy ( hServ->password, password_in, PASSWORD_LIMIT );
Xlt_Jumble(hServ->password); Xlt_Jumble(hServ->password);
res = ConnectServer ( hShare ); res = ConnectServer ( hShare );
......
...@@ -308,7 +308,7 @@ void Xlt_CnvROtoDOS ( RISCOS_ATTRIBS *pRA, DOS_ATTRIBS *pDA, int flags ) ...@@ -308,7 +308,7 @@ void Xlt_CnvROtoDOS ( RISCOS_ATTRIBS *pRA, DOS_ATTRIBS *pDA, int flags )
lying round in plain text in memory; it's hardly invincible, lying round in plain text in memory; it's hardly invincible,
but it'll stop people spotting passwords simply by dumping memory. but it'll stop people spotting passwords simply by dumping memory.
All strings passed to Jumble & Unjumble should be NAME_LIMIT bytes All strings passed to Jumble & Unjumble should be PASSWORD_LIMIT bytes
long. long.
*/ */
...@@ -317,7 +317,7 @@ void Xlt_Jumble ( char *str ) ...@@ -317,7 +317,7 @@ void Xlt_Jumble ( char *str )
int i; int i;
uint key = (uint) str | 0x40000; uint key = (uint) str | 0x40000;
for ( i=0; i < NAME_LIMIT; i++ ) for ( i=0; i < PASSWORD_LIMIT; i++ )
{ {
key <<= 1; key <<= 1;
if ( key & 0x80000 ) if ( key & 0x80000 )
...@@ -334,7 +334,7 @@ void Xlt_Unjumble ( char *str ) ...@@ -334,7 +334,7 @@ void Xlt_Unjumble ( char *str )
int i; int i;
uint key = (uint) str | 0x40000; uint key = (uint) str | 0x40000;
for ( i=0; i < NAME_LIMIT; i++ ) for ( i=0; i < PASSWORD_LIMIT; i++ )
{ {
key <<= 1; key <<= 1;
if ( key & 0x80000 ) if ( key & 0x80000 )
......
...@@ -28,7 +28,9 @@ ...@@ -28,7 +28,9 @@
#define Our_FS_Number 102 #define Our_FS_Number 102
#define Our_Error_Base ((0x10000) | (Our_FS_Number << 8)) #define Our_Error_Base ((0x10000) | (Our_FS_Number << 8))
#define MAX_DRIVES 8 /* Maximum number of connections */ #define MAX_DRIVES 8 /* Maximum number of connections */
#define NAME_LIMIT 16 /* Longest userID/password */ #define NAME_LIMIT 16
#define USERNAME_LIMIT 64 /* Longest userID */
#define PASSWORD_LIMIT 64 /* Longest password */
#define DOS_NAME_LEN 256 /* Path plus leaf limit */ #define DOS_NAME_LEN 256 /* Path plus leaf limit */
#define INFO_SPECIALFIELD 0x80000000 #define INFO_SPECIALFIELD 0x80000000
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment