Re: chpass(1) patch for changing only crypted passwords
On Tue, 26 Sep 2006, Dag-Erling Sm?rgrav wrote: DS> Dmitry Morozovsky <[EMAIL PROTECTED]> writes: DS> > BTW, a question inspired by ru@: why pw_equal() skips password DS> > field? Its interface is unpublished, and the only consumers are DS> > DS> > [EMAIL PROTECTED]:/lh/src.current> grep -Rl pw_equal . DS> > ./lib/libutil/libutil.h DS> > ./lib/libutil/pw_util.c DS> > ./release/picobsd/tinyware/passwd/pw_copy.c DS> > ./usr.bin/chpass/chpass.c DS> > DS> > and tyniware is false alarm ;) DS> DS> IIRC, pw_equal() was originally intended for locating the entry to DS> replace when changing the password... Ah yes, pw_copy() uses it internally, and seems to have to skip password field checking. Sincerely, D.Marck [DM5020, MCK-RIPE, DM3-RIPN] *** Dmitry Morozovsky --- D.Marck --- Wild Woozle --- [EMAIL PROTECTED] *** ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: chpass(1) patch for changing only crypted passwords
Dmitry Morozovsky <[EMAIL PROTECTED]> writes: > BTW, a question inspired by ru@: why pw_equal() skips password > field? Its interface is unpublished, and the only consumers are > > [EMAIL PROTECTED]:/lh/src.current> grep -Rl pw_equal . > ./lib/libutil/libutil.h > ./lib/libutil/pw_util.c > ./release/picobsd/tinyware/passwd/pw_copy.c > ./usr.bin/chpass/chpass.c > > and tyniware is false alarm ;) IIRC, pw_equal() was originally intended for locating the entry to replace when changing the password... DES -- Dag-Erling Smørgrav - [EMAIL PROTECTED] ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: chpass(1) patch for changing only crypted passwords
On Mon, 25 Sep 2006, Dag-Erling Sm?rgrav wrote: DS> Dmitry Morozovsky <[EMAIL PROTECTED]> writes: DS> > chpass is a bit broken since chpass.c:1.23 - it uses pw_equal which DS> > does not check crypted password field; so, you can not change _only_ DS> > crypt pass with chpass. Attached patch fixes this. DS> DS> Looks fine to me, feel free to commit. Done, thanks. BTW, a question inspired by ru@: why pw_equal() skips password field? Its interface is unpublished, and the only consumers are [EMAIL PROTECTED]:/lh/src.current> grep -Rl pw_equal . ./lib/libutil/libutil.h ./lib/libutil/pw_util.c ./release/picobsd/tinyware/passwd/pw_copy.c ./usr.bin/chpass/chpass.c and tyniware is false alarm ;) Sincerely, D.Marck [DM5020, MCK-RIPE, DM3-RIPN] *** Dmitry Morozovsky --- D.Marck --- Wild Woozle --- [EMAIL PROTECTED] *** ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: chpass(1) patch for changing only crypted passwords
Dmitry Morozovsky <[EMAIL PROTECTED]> writes: > chpass is a bit broken since chpass.c:1.23 - it uses pw_equal which > does not check crypted password field; so, you can not change _only_ > crypt pass with chpass. Attached patch fixes this. Looks fine to me, feel free to commit. DES -- Dag-Erling Smørgrav - [EMAIL PROTECTED] ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
chpass(1) patch for changing only crypted passwords
Dear colleagues, chpass is a bit broken since chpass.c:1.23 - it uses pw_equal which does not check crypted password field; so, you can not change _only_ crypt pass with chpass. Attached patch fixes this. Any thoughts/objections? Sincerely, D.Marck [DM5020, MCK-RIPE, DM3-RIPN] *** Dmitry Morozovsky --- D.Marck --- Wild Woozle --- [EMAIL PROTECTED] *** Index: usr.bin/chpass/chpass.c === RCS file: /home/ncvs/src/usr.bin/chpass/chpass.c,v retrieving revision 1.27 diff -u -r1.27 chpass.c --- usr.bin/chpass/chpass.c 18 Jan 2004 21:46:39 - 1.27 +++ usr.bin/chpass/chpass.c 25 Sep 2006 07:42:25 - @@ -217,7 +217,12 @@ pw_fini(); if (pw == NULL) err(1, "edit()"); - if (pw_equal(old_pw, pw)) + /* +* pw_equal does not check for crypted passwords, so we +* should do it explicitly +*/ + if (pw_equal(old_pw, pw) && + strcmp(old_pw->pw_passwd, pw->pw_passwd) == 0) errx(0, "user information unchanged"); } ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"