upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-12-18 21:26:29 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

ITS#10399 pw-pbkdf2: fix iteration configuration parameter

Browse source 
the first module argument is argc=1 and argv[0], as invoked by
servers/slapd/slappasswd.c/parse_slappasswdopt and
servers/slapd/module.c/module_load
This commit is contained in:
Jonas Jelten 2025-10-17 01:05:10 +02:00
parent b38a17b850
commit c8ed27ebd0
1 changed files with 16 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
contrib/slapd-modules/passwd/pbkdf2/pw-pbkdf2.c
View file

@ -429,13 +429,26 @@ static int pbkdf2_check(
int init_module(int argc, char *argv[]) { int init_module(int argc, char *argv[]) {
int rc; int rc;
if (argc == 2) { if (argc > 0) {
int iter = atoi(argv[1]); char *endptr = NULL;
int iter = strtol(argv[0], &endptr, 0);
if (strlen(argv[0]) == 0 || *endptr != '\0') {
perror("pw-pbkdf2 rounds argument invalid\n");
return -1;
}
if (iter > 0) if (iter > 0)
pbkdf2_iteration = iter; pbkdf2_iteration = iter;
else else {
fprintf(stderr, "pw-pbkdf2 rounds must be >= 1");
return -1; return -1;
}
} }
if (argc > 1) {
fprintf(stderr, "unknown arguments given to pw-pbkdf2\n");
return -1;
}
rc = lutil_passwd_add((struct berval *)&pbkdf2_scheme, rc = lutil_passwd_add((struct berval *)&pbkdf2_scheme,
pbkdf2_check, pbkdf2_encrypt); pbkdf2_check, pbkdf2_encrypt);
if(rc) return rc; if(rc) return rc;