From owner-freebsd-hackers@FreeBSD.ORG Thu Dec 11 10:38:40 2008 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BDEFC1065672 for ; Thu, 11 Dec 2008 10:38:40 +0000 (UTC) (envelope-from rodrigo@bebik.net) Received: from postfix1-g20.free.fr (postfix1-g20.free.fr [212.27.60.42]) by mx1.freebsd.org (Postfix) with ESMTP id 335F18FC08 for ; Thu, 11 Dec 2008 10:38:40 +0000 (UTC) (envelope-from rodrigo@bebik.net) Received: from smtp2-g19.free.fr (smtp2-g19.free.fr [212.27.42.28]) by postfix1-g20.free.fr (Postfix) with ESMTP id 5DB792E96D61 for ; Thu, 11 Dec 2008 11:07:20 +0100 (CET) Received: from smtp2-g19.free.fr (localhost.localdomain [127.0.0.1]) by smtp2-g19.free.fr (Postfix) with ESMTP id 91D7612B72D; Thu, 11 Dec 2008 11:07:18 +0100 (CET) Received: from hodja.bebik.net (hodja.bebik.net [82.235.223.127]) by smtp2-g19.free.fr (Postfix) with ESMTP id 56DE712B714; Thu, 11 Dec 2008 11:07:18 +0100 (CET) Received: by hodja.bebik.net (Postfix, from userid 1001) id 98D512847A; Thu, 11 Dec 2008 11:07:18 +0100 (CET) Date: Thu, 11 Dec 2008 11:07:18 +0100 From: "Rodrigo OSORIO (ros)" To: Sheldon Givens Message-ID: <20081211100718.GA15362@hodja.bebik.net> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.2.2i Cc: freebsd-hackers@freebsd.org Subject: Re: Small Change to chpass.c X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 11 Dec 2008 10:38:40 -0000 On 10/12/08 18:00 -0800, Sheldon Givens wrote: > Hi guys, > > When I was doing some user management today I noticed that chpass, and all > the utilities that use chpass.c, only give one attempt to authenticate to > make the change. After I messed this up once or twice (and after doing 4-5 > minutes of editing only to have it lost when I typo'd the password) I wrote > this little change in to chpass.c. > > When it needs the users password, it will enter into a for loop, increasing > itr until it hits max_retries (defined at top of main() declaration). If one > of these tries is successful (password given matches) then auth is set to > '1' and we break from the loop, and update info. If, after three tries, auth > is still '0' (the user didn't supply the proper password) we call baduser() > to handle it. > > It's a pretty inconsequential change but it managed to relieve me of quite a > bit of stress :-) > > Happy Holidays, everyone! > > Sheldon Givens > > > > ---snip--- > --- /usr/src/usr.bin/chpass.c 2008-12-11 01:55:27.000000000 -0800 > +++ /usr/src/usr.bin/chpass.c 2008-12-11 01:57:09.000000000 -0800 > @@ -80,10 +80,11 @@ > { > enum { NEWSH, LOADENTRY, EDITENTRY, NEWPW, NEWEXP } op; > struct passwd lpw, *old_pw, *pw; > - int ch, pfd, tfd; > + int ch, pfd, tfd, itr, auth; > const char *password; > char *arg = NULL; > uid_t uid; > + int max_retries = 3; > #ifdef YP > struct ypclnt *ypclnt; > const char *yp_domain = NULL, *yp_host = NULL; > @@ -227,9 +228,16 @@ > } > > if (old_pw && !master_mode) { > - password = getpass("Password: "); > - if (strcmp(crypt(password, old_pw->pw_passwd), > - old_pw->pw_passwd) != 0) > + auth = 0; > + for(itr=0;itr + password = getpass("Password:"); > + if(strcmp(crypt(password, old_pw->pw_passwd), > + old_pw->pw_passwd) == 0) { > + auth=1; > + break; > + } > + } > + if (!auth) > baduser(); > } else { > password = ""; > ---snip--- > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" Hi, Sure, your patch solves some admins nightmares :) Bus it impacts the scripts or applications using chpass interactively, no? - Rodrigo