From 53b5dc71e7107c12f683ca0a01baae128e6be9dd Mon Sep 17 00:00:00 2001 From: Jan Grzymala-Busse Date: Fri, 4 Oct 2019 10:51:17 -0500 Subject: [PATCH] Added URL Encoding to the kerberos/src/krb_password_pwncheck.c code, fixed indenting. --- common/curl.c | 4 +++- kerberos/src/krb_password_pwncheck.c | 11 ++++++++--- 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/common/curl.c b/common/curl.c index 405d2f4..43fe976 100644 --- a/common/curl.c +++ b/common/curl.c @@ -48,7 +48,8 @@ int queryUrl(const char* dest_url, struct MemoryStruct* chunk, int useInsecureSS curl = curl_easy_init(); if(curl) { - curl_easy_setopt(curl, CURLOPT_URL, dest_url); + char* escaped_url = curl_easy_escape(curl, dest_url, 0); + curl_easy_setopt(curl, CURLOPT_URL, escaped_url); curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, WriteMemoryCallback); curl_easy_setopt(curl, CURLOPT_WRITEDATA, (void*)chunk); @@ -67,6 +68,7 @@ int queryUrl(const char* dest_url, struct MemoryStruct* chunk, int useInsecureSS syslog(LOG_ERR, "pwncheck: queryUrl: curl_easy_perform() failed: %s", curl_easy_strerror(res)); /* always cleanup */ + curl_free(escaped_url); curl_easy_cleanup(curl); } diff --git a/kerberos/src/krb_password_pwncheck.c b/kerberos/src/krb_password_pwncheck.c index ab0b615..0ae723e 100644 --- a/kerberos/src/krb_password_pwncheck.c +++ b/kerberos/src/krb_password_pwncheck.c @@ -64,9 +64,14 @@ pwqual_pwncheck_check(krb5_context context, krb5_pwqual_moddata data, int ret = DEF_PWD_RETURN; // default is unspecified issue int isInsecure = FALSE; - struct cfgpwned config; - syslog(LOG_DEBUG, "pwncheck: check: started\n"); - int retconfig = parseConfig(&config, "/etc/krb5-pwned-password.conf"); + struct cfgpwned config; + syslog(LOG_DEBUG, "pwncheck: check: started\n"); + int retconfig = parseConfig(&config, "/etc/krb5-pwned-password.conf"); + + //if (princ == NULL) + //{ + // return ret; + //} if (princ->data && krb5_princ_size(context, princ) > 0) { user = princ->data[0].data;