Date: Tue, 17 Oct 2000 10:00:58 +1100 (EST) From: Brook.Schofield@bigfoot.com To: FreeBSD-gnats-submit@freebsd.org Subject: bin/22033: pw [PATCH] to allow encrypted password to be entered via fd Message-ID: <200010162300.e9GN0wL24904@mail.educ.utas.edu.au>
next in thread | raw e-mail | index | archive | help
>Number: 22033 >Category: bin >Synopsis: [PATCH] to pw(8) to allow encrypted password to be entered via fd >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Mon Oct 16 16:00:01 PDT 2000 >Closed-Date: >Last-Modified: >Originator: Brook Schofield >Release: FreeBSD 4.1.1-STABLE i386 >Organization: University of Tasmania >Environment: FreeBSD 4.1.1-STABLE i386 >Description: pw(8) doesn't allow an already encrypted password to be added to the password file. This patch allows such by modifying the activity of '-w method' to allow 'crypt' option which causes '-h' to read the password literally and include in the password file, with the exception of an input containing a ':'. >How-To-Repeat: Apply the following patch to pw >Fix: diff -ur pw_dir/pw.8 pw_dir2/pw.8 --- pw_dir/pw.8 Fri Mar 3 01:53:37 2000 +++ pw_dir2/pw.8 Tue Oct 17 00:09:23 2000 @@ -604,6 +604,9 @@ force a blank password .It random generate a random password +.It crypt +the supplied password is encrypted. Suitable only with +.Ql Fl h .El .Pp The diff -ur pw_dir/pw_conf.c pw_dir2/pw_conf.c --- pw_dir/pw_conf.c Sun Jul 16 11:48:12 2000 +++ pw_dir2/pw_conf.c Tue Oct 17 00:14:48 2000 @@ -187,6 +187,11 @@ return -1; if (strcmp(str, "none") == 0) return -2; + /* + * Special case for encrypted password + */ + if (strcmp(str, "crypt") == 0) + return -3; } return dflt; } diff -ur pw_dir/pw_group.c pw_dir2/pw_group.c --- pw_dir/pw_group.c Thu Jun 29 05:19:04 2000 +++ pw_dir2/pw_group.c Tue Oct 17 09:52:20 2000 @@ -196,7 +196,16 @@ *p = '\0'; if (!*line) errx(EX_DATAERR, "empty password read on file descriptor %d", fd); - grp->gr_passwd = pw_pwcrypt(line); + if (((arg = getarg(args, 'w')) != NULL) && + (boolean_val(arg->val, cnf->default_password) == -3)) { + int i; + for (i = 0; i < strlen(line); i++) { + if (line[i] == ':') + return EX_DATAERR; + } + grp->gr_passwd = line; + } else + grp->gr_passwd = pw_pwcrypt(line); } } diff -ur pw_dir/pw_user.c pw_dir2/pw_user.c --- pw_dir/pw_user.c Wed Oct 11 14:57:59 2000 +++ pw_dir2/pw_user.c Tue Oct 17 09:50:53 2000 @@ -643,12 +643,24 @@ *p = '\0'; if (!*line) errx(EX_DATAERR, "empty password read on file descriptor %d", fd); - lc = login_getpwclass(pwd); - if (lc == NULL || - login_setcryptfmt(lc, "md5", NULL) == NULL) - warn("setting crypt(3) format"); - login_close(lc); - pwd->pw_passwd = pw_pwcrypt(line); + /* check for encrypted/literal password in file descriptor */ + if (((arg = getarg(args, 'w')) != NULL) && + (boolean_val(arg->val, cnf->default_password) == -3)) { + int i; + /* password is encrypted - check for ':' in password */ + for (i = 0; i < strlen(line); i++) { + if (line[i] == ':') + return EX_DATAERR; + } + pwd->pw_passwd = line; + } else { + lc = login_getpwclass(pwd); + if (lc == NULL || + login_setcryptfmt(lc, "md5", NULL) == NULL) + warn("setting crypt(3) format"); + login_close(lc); + pwd->pw_passwd = pw_pwcrypt(line); + } edited = 1; } } >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200010162300.e9GN0wL24904>