You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by sp...@apache.org on 2018/07/31 23:22:32 UTC
ranger git commit: RANGER-2172: Good coding practices for unix
authentication Service in Ranger
Repository: ranger
Updated Branches:
refs/heads/master edefd567c -> 1d47302f9
RANGER-2172: Good coding practices for unix authentication Service in Ranger
Project: http://git-wip-us.apache.org/repos/asf/ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/ranger/commit/1d47302f
Tree: http://git-wip-us.apache.org/repos/asf/ranger/tree/1d47302f
Diff: http://git-wip-us.apache.org/repos/asf/ranger/diff/1d47302f
Branch: refs/heads/master
Commit: 1d47302f937e3fe1d565914c578faaf989e54424
Parents: edefd56
Author: Sailaja Polavarapu <sp...@hortonworks.com>
Authored: Tue Jul 31 16:22:07 2018 -0700
Committer: Sailaja Polavarapu <sp...@hortonworks.com>
Committed: Tue Jul 31 16:22:07 2018 -0700
----------------------------------------------------------------------
src/main/assembly/usersync.xml | 4 ++--
unixauthnative/src/main/c/credValidator.c | 11 +++++++----
unixauthpam/src/main/c/pamCredValidator.c | 10 +++++++---
3 files changed, 16 insertions(+), 9 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ranger/blob/1d47302f/src/main/assembly/usersync.xml
----------------------------------------------------------------------
diff --git a/src/main/assembly/usersync.xml b/src/main/assembly/usersync.xml
index a6bad1d..d170d8c 100644
--- a/src/main/assembly/usersync.xml
+++ b/src/main/assembly/usersync.xml
@@ -118,7 +118,7 @@
</fileSet>
<fileSet>
<directoryMode>755</directoryMode>
- <fileMode>755</fileMode>
+ <fileMode>750</fileMode>
<outputDirectory>/native</outputDirectory>
<directory>unixauthnative/target</directory>
<includes>
@@ -127,7 +127,7 @@
</fileSet>
<fileSet>
<directoryMode>755</directoryMode>
- <fileMode>755</fileMode>
+ <fileMode>750</fileMode>
<outputDirectory>/native</outputDirectory>
<directory>unixauthpam/target</directory>
<includes>
http://git-wip-us.apache.org/repos/asf/ranger/blob/1d47302f/unixauthnative/src/main/c/credValidator.c
----------------------------------------------------------------------
diff --git a/unixauthnative/src/main/c/credValidator.c b/unixauthnative/src/main/c/credValidator.c
index d706a93..189c2ca 100644
--- a/unixauthnative/src/main/c/credValidator.c
+++ b/unixauthnative/src/main/c/credValidator.c
@@ -23,17 +23,20 @@
#include <sys/types.h>
#include <crypt.h>
+#define STRLEN 64
+
int main(int ac, char **av, char **ev)
{
- char username[64] ;
- char password[64] ;
+ char username[STRLEN] ;
+ char password[STRLEN] ;
char line[512] ;
+ char format[20];
struct passwd *pwp;
struct spwd *spwd ;
fgets(line,512,stdin) ;
-
- sscanf(line, "LOGIN:%s %s",username,password) ;
+ sprintf(format, "LOGIN:%%%ds %%%ds", STRLEN, STRLEN);
+ sscanf(line, format, username,password) ;
pwp = getpwnam(username) ;
http://git-wip-us.apache.org/repos/asf/ranger/blob/1d47302f/unixauthpam/src/main/c/pamCredValidator.c
----------------------------------------------------------------------
diff --git a/unixauthpam/src/main/c/pamCredValidator.c b/unixauthpam/src/main/c/pamCredValidator.c
index df84a3e..8e36903 100644
--- a/unixauthpam/src/main/c/pamCredValidator.c
+++ b/unixauthpam/src/main/c/pamCredValidator.c
@@ -32,6 +32,8 @@
#include <sys/types.h>
#include <security/pam_appl.h>
+#define STRLEN 64
+
int pamconv(int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr) {
if (num_msg != 1 || msg[0]->msg_style != PAM_PROMPT_ECHO_OFF) {
fprintf(stderr, "ERROR: Unexpected PAM conversation '%d/%s'\n", msg[0]->msg_style, msg[0]->msg);
@@ -56,15 +58,17 @@ struct pam_conv conv = { pamconv, NULL };
int main(int ac, char **av, char **ev)
{
- char username[64] ;
- char password[64] ;
+ char username[STRLEN] ;
+ char password[STRLEN] ;
char line[512] ;
+ char format[20];
int retval;
pam_handle_t *pamh = NULL;
+ sprintf(format, "LOGIN:%%%ds %%%ds", STRLEN, STRLEN);
fgets(line,512,stdin) ;
- sscanf(line, "LOGIN:%s %s",username,password) ;
+ sscanf(line, format, username,password) ;
conv.appdata_ptr = (char *) password;
retval = pam_start("ranger-remote", username, &conv, &pamh);