Re: Small Change to chpass.c

Thu, 11 Dec 2008 02:40:59 -0800 

On 10/12/08 18:00 -0800, Sheldon Givens wrote:
> Hi guys,
> 
> When I was doing some user management today I noticed that chpass, and all
> the utilities that use chpass.c, only give one attempt to authenticate to
> make the change. After I messed this up once or twice (and after doing 4-5
> minutes of editing only to have it lost when I typo'd the password) I wrote
> this little change in to chpass.c.
> 
> When it needs the users password, it will enter into a for loop, increasing
> itr until it hits max_retries (defined at top of main() declaration). If one
> of these tries is successful (password given matches) then auth is set to
> '1' and we break from the loop, and update info. If, after three tries, auth
> is still '0' (the user didn't supply the proper password) we call baduser()
> to handle it.
> 
> It's a pretty inconsequential change but it managed to relieve me of quite a
> bit of stress :-)
> 
> Happy Holidays, everyone!
> 
> Sheldon Givens
> 
> 
> 
> ---snip---
> --- /usr/src/usr.bin/chpass.c   2008-12-11 01:55:27.000000000 -0800
> +++ /usr/src/usr.bin/chpass.c   2008-12-11 01:57:09.000000000 -0800
> @@ -80,10 +80,11 @@
>  {
>         enum { NEWSH, LOADENTRY, EDITENTRY, NEWPW, NEWEXP } op;
>         struct passwd lpw, *old_pw, *pw;
> -       int ch, pfd, tfd;
> +       int ch, pfd, tfd, itr, auth;
>         const char *password;
>         char *arg = NULL;
>         uid_t uid;
> +       int max_retries = 3;
>  #ifdef YP
>         struct ypclnt *ypclnt;
>         const char *yp_domain = NULL, *yp_host = NULL;
> @@ -227,9 +228,16 @@
>         }
> 
>         if (old_pw && !master_mode) {
> -               password = getpass("Password: ");
> -               if (strcmp(crypt(password, old_pw->pw_passwd),
> -                   old_pw->pw_passwd) != 0)
> +               auth = 0;
> +               for(itr=0;itr<max_retries;itr++) {
> +                       password = getpass("Password:");
> +                       if(strcmp(crypt(password, old_pw->pw_passwd),
> +                       old_pw->pw_passwd) == 0) {
> +                               auth=1;
> +                               break;
> +                       }
> +               }
> +               if (!auth)
>                         baduser();
>         } else {
>                 password = "";
> ---snip---
> _______________________________________________
> freebsd-hackers@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Hi,
Sure, your patch solves some admins nightmares :)
Bus it impacts the scripts or applications using chpass interactively, no?

- Rodrigo


_______________________________________________
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to