/[packages]/updates/2/freeradius/current/SOURCES/freeradius-server-CVE-2011-4966.patch
ViewVC logotype

Contents of /updates/2/freeradius/current/SOURCES/freeradius-server-CVE-2011-4966.patch

Parent Directory Parent Directory | Revision Log Revision Log


Revision 389189 - (show annotations) (download)
Thu Jan 17 20:11:02 2013 UTC (11 years, 8 months ago) by luigiwalser
File size: 1222 byte(s)
add upstream patch to fix CVE-2011-4966
1 From 1b1ec5ce75e224bd1755650c18ccdaa6dc53e605 Mon Sep 17 00:00:00 2001
2 From: "Alan T. DeKok" <aland@freeradius.org>
3 Date: Tue, 7 Feb 2012 20:58:52 +0100
4 Subject: [PATCH] heck for account and password expiration
5
6 ---
7 src/modules/rlm_unix/rlm_unix.c | 10 +++++++++-
8 1 file changed, 9 insertions(+), 1 deletion(-)
9
10 diff --git a/src/modules/rlm_unix/rlm_unix.c b/src/modules/rlm_unix/rlm_unix.c
11 index 5c0fe0f..abec68c 100644
12 --- a/src/modules/rlm_unix/rlm_unix.c
13 +++ b/src/modules/rlm_unix/rlm_unix.c
14 @@ -272,9 +272,17 @@ static int unix_getpw(UNUSED void *instance, REQUEST *request,
15 /*
16 * Check if password has expired.
17 */
18 + if (spwd && spwd->sp_lstchg > 0 && spwd->sp_max >= 0 &&
19 + (request->timestamp / 86400) > (spwd->sp_lstchg + spwd->sp_max)) {
20 + radlog_request(L_AUTH, 0, request, "[%s]: password has expired", name);
21 + return RLM_MODULE_REJECT;
22 + }
23 + /*
24 + * Check if account has expired.
25 + */
26 if (spwd && spwd->sp_expire > 0 &&
27 (request->timestamp / 86400) > spwd->sp_expire) {
28 - radlog_request(L_AUTH, 0, request, "[%s]: password has expired", name);
29 + radlog_request(L_AUTH, 0, request, "[%s]: account has expired", name);
30 return RLM_MODULE_REJECT;
31 }
32 #endif
33 --
34 1.7.10
35

  ViewVC Help
Powered by ViewVC 1.1.30