1
0
mirror of https://github.com/weechat/weechat.git synced 2026-07-07 10:13:12 +02:00

core: set max length to 4096 for /secure passphrase (closes #1323)

This commit is contained in:
Sébastien Helleu
2019-03-12 21:30:01 +01:00
parent bc6c1f274c
commit 99e48d7fa3
17 changed files with 86 additions and 21 deletions
+10
View File
@@ -5466,6 +5466,16 @@ COMMAND_CALLBACK(secure)
if (string_strcasecmp (argv[1], "passphrase") == 0)
{
COMMAND_MIN_ARGS(3, "passphrase");
if ((strcmp (argv[2], "-delete") != 0)
&& (strlen (argv_eol[2]) > SECURE_PASSPHRASE_MAX_LENGTH))
{
gui_chat_printf (NULL,
_("%sError: passphrase is too long "
"(max: %d chars)"),
gui_chat_prefix[GUI_CHAT_PREFIX_ERROR],
SECURE_PASSPHRASE_MAX_LENGTH);
return WEECHAT_RC_OK;
}
passphrase_was_set = 0;
if (secure_passphrase)
{
+1 -1
View File
@@ -54,7 +54,7 @@ void
secure_config_get_passphrase_from_user (const char *error)
{
const char *prompt[5];
char passphrase[1024];
char passphrase[SECURE_PASSPHRASE_MAX_LENGTH + 1];
prompt[0] = _("Please enter your passphrase to decrypt the data secured "
"by WeeChat:");
+7 -6
View File
@@ -22,12 +22,13 @@
#include <time.h>
#define SECURE_ENV_PASSPHRASE "WEECHAT_PASSPHRASE"
#define SECURE_SALT_DEFAULT "WeeChat!"
#define SECURE_DATA_PASSPHRASE_FLAG "__passphrase__"
#define SECURE_SALT_SIZE 8
#define SECURE_TOTP_MIN_DIGITS 4
#define SECURE_TOTP_MAX_DIGITS 10
#define SECURE_ENV_PASSPHRASE "WEECHAT_PASSPHRASE"
#define SECURE_PASSPHRASE_MAX_LENGTH 4096
#define SECURE_SALT_DEFAULT "WeeChat!"
#define SECURE_DATA_PASSPHRASE_FLAG "__passphrase__"
#define SECURE_SALT_SIZE 8
#define SECURE_TOTP_MIN_DIGITS 4
#define SECURE_TOTP_MAX_DIGITS 10
enum t_secure_config_hash_algo
{