Opened 8 years ago
Closed 8 years ago
#419 closed defect (fixed)
SetSocketPassword authentication is broken
| Reported by: | rainer | Owned by: | rainer |
|---|---|---|---|
| Priority: | major | Milestone: | 4.2.1 |
| Component: | main | Version: | |
| Keywords: | Cc: |
Description
Reported by Todd Stansell:
There's a bug in the check_password() function of sh_socket.c at http://trac.la-samhna.de/samhain/browser/trunk/src/sh_socket.c?rev=481#L825
The sizeof(message) always returns 4 because it's a pointer now, where in the old code it used to be a char array. This means that any time you need to use the SetSocketPassword form of socket authentication, it will fail unless the password is only 1 character (because sizeof(message)/2 == 2).
Note:
See TracTickets
for help on using tickets.
Believed to be fixed by changeset [524].