On 2016/05/05 08:34, Stuart Henderson wrote: > On 2016/05/04 17:48, Ted Unangst wrote: > > i think it's time. otherwise we'll never find the bugs. > > I don't think it's time since afaicr nobody other than me has fixed > anything for this in ports yet. They're not hard to find, try screen > lockers for starters. Because this is using a different API than > everyone else with shadow passwords we don't get fixes for free - > anything using pw_passwd from getpw{nam,uid}() needs modifying. > > If you'd sent this 10 days ago we could have had enough of them > fixed at p2k16. As I won't have time to do that now, here are > unfiltered search results from ports source (unpacked Aug 2015 > so there may be some more by now). I'll have a look and see if > I've got any notes on which ones I already looked at.
Ah here we go, my memory was defective: jasper and aja joined in too. : Search of ports with ->pw_passwd, implying that they are interested in : the pw_passwd field and probably need getpwnam_shadow. : : Priorities to look at/check: sudo, screen savers, imap/pop3 daemons ... : : : FIXED : : sthen/ passwdqc-1.3.0/passwdqc-1.3.0/pwqcheck.c : sthen/ conserver-8.2.1/conserver-8.2.1/conserver/group.c : aja/ login_krb5-5.7.1/login_krb5-5.7.1/login_passwd/login_passwd.c : aja/ accountsservice : sthen/ freeradius-server-2.2.7/freeradius-server-2.2.7/src/modules/rlm_unix/rlm_unix.c : sthen/ login_oath-0.8/login_oath-0.8/login_passwd/login_passwd.c : jasper/ shadow-2.4.1-ruby22/ruby-shadow-2.4.1/pwd/shadow.c : : UNUSED : : aja/ mgetty+sendfax-1.1.37/mgetty-1.1.37/contrib/next-login/login.c : sthen/ squid-3.5.10/helpers/basic_auth/getpwnam/basic_getpwnam_auth.cc : sthen/ sqsh-2.5.16.1/sqsh-2.5/src/cmd_lock.c (well it is unused now. :-) : sthen/ scamper-20141211a/scamper-cvs-20141211a/scamper/scamper_privsep.c (it's only clearing it) : sthen/ lockfile-3.22/procmail-3.22/src/authenticate.c (built from procmail sources; not using this file) : sthen/ slock-1.2/slock-1.2/slock.c (uses bsd auth auth_userokay) : : NOT YET CHECKED : : pulseaudio-6.0/pulseaudio-6.0/src/tests/usergroup-test.c : 87: if (!pa_streq(a->pw_passwd, b->pw_passwd)) { : 88: fprintf(stderr, "pw_passwd mismatch: [%s] [%s]\n", a->pw_passwd, b->pw_passwd); : : EMBOSS-6.0.1/EMBOSS-6.0.1/ajax/ajjava.c, jembossctl.c : 763: strcpy(epwd,pwd->pw_passwd); : 808: p = crypt(ajStrGetPtr(password),pwd->pw_passwd); : 810: if(!strcmp(p,pwd->pw_passwd)) : 859: p = crypt(ajStrGetPtr(password),pwd->pw_passwd); : 861: if(!strcmp(p,pwd->pw_passwd)) : : kermit-9.0.302/ckufio.c : 7825: save.pw_passwd = sgetsave(p->pw_passwd); : 8312: salt = pw->pw_passwd; : 8329: ((*pw->pw_passwd != '\0' || : 8330: strcmp(xpasswd, pw->pw_passwd)) : 8335: pw == NULL || *pw->pw_passwd == '\0' || : 8338: strcmp (xpasswd, pw->pw_passwd)) : 8341: (pw == NULL) || (*pw->pw_passwd == '\0') || : 8342: strcmp(xpasswd, pw->pw_passwd) : : openldap-2.4.42/openldap-2.4.42/libraries/liblutil/passwd.c : 992: pw = pwd->pw_passwd; : : openldap-server-2.3.43/openldap-2.3.43/libraries/liblutil/passwd.c : 858: pw = pwd->pw_passwd; : : tinycdb-0.78/tinycdb-0.78/nss_cdb-passwd.c : 20: STRING_FIELD(buf, result->pw_passwd); : 37: p->pw_name, p->pw_passwd, p->pw_uid, p->pw_gid, p->pw_gecos, p->pw_dir, p->pw_shell); : : luaposix-5.1.4/luaposix-5.1.4/lposix.c : 749: case 6: lua_pushstring(L, p->pw_passwd); break; : : ocaml-lwt-2.4.5/lwt-2.4.5/src/unix/lwt_unix_unix.c : 1555: passwd = copy_string(entry->pw_passwd); : : omake-0.9.8.5pl3/omake-0.9.8.5/src/libmojave-external/cutil/lm_unix_cutil.c : 456: Store_field(entry, 1, caml_copy_string(entryp->pw_passwd)); : : jed-0.99.19/jed-0.99-19/src/userinfo.c : 378: password = pwent->pw_passwd; : : scm-5f1/scm/posix.c : 166: ve[ 1] = makfrom0str(entry->pw_passwd); : : chibi-scheme-0.7.3/chibi-scheme-0.7.3/tests/ffi/ffi-tests.scm : 355: pwd->pw_passwd = buf + strlen(name) + 1; : : chicken-bootstrap-4.10.0/chicken-4.10.0/posixunix.scm : 891:(define-foreign-variable _user-passwd nonnull-c-string "C_user->pw_passwd") : : chicken-bootstrap-4.10.0/chicken-4.10.0/posixunix.c : 12433:((C_proc4)(void*)(*((C_word*)t4+1)))(4,t4,t3,C_mpointer(&a,(void*)C_user->pw_passwd),C_fix(0));} : : chicken-4.10.0/chicken-4.10.0/posixunix.scm : 891:(define-foreign-variable _user-passwd nonnull-c-string "C_user->pw_passwd") : : chicken-4.10.0/chicken-4.10.0/posixunix.c : 12433:((C_proc4)(void*)(*((C_word*)t4+1)))(4,t4,t3,C_mpointer(&a,(void*)C_user->pw_passwd),C_fix(0));} : : clisp-2.48/clisp-2.48/modules/syscalls/calls.c : 1734: pushSTACK(safe_to_string(pwd->pw_passwd)); : : gawk-4.1.3/gawk-4.1.3/awklib/eg/lib/pwcat.c : 35: p->pw_name, p->pw_passwd, (long) p->pw_uid, : : guile-1.8.8/guile-1.8.8/libguile/posix.c : 368: SCM_SIMPLE_VECTOR_SET(result, 1, scm_from_locale_string (entry->pw_passwd)); : : guile2-2.0.11/guile-2.0.11/libguile/posix.c : 364: SCM_SIMPLE_VECTOR_SET(result, 1, scm_from_locale_string (entry->pw_passwd)); : : mono-3.12.1/mono-3.12.1/support/macros.c : 149: *password = pwp->pw_passwd; : : ocaml-4.02.1/ocaml-4.02.1/otherlibs/unix/getpw.c : 29: passwd = copy_string(entry->pw_passwd); : : php-5.4.44/php-5.4.44/ext/posix/posix.c : 1098: add_assoc_string(return_value, "passwd", pw->pw_passwd, 1); : : php-5.5.28/php-5.5.28/ext/posix/posix.c : 1098: add_assoc_string(return_value, "passwd", pw->pw_passwd, 1); : : php-5.6.12/php-5.6.12/ext/posix/posix.c : 1098: add_assoc_string(return_value, "passwd", pw->pw_passwd, 1); : : Python-2.7.10/Python-2.7.10/Modules/pwdmodule.c : 74: SETS(setIndex++, p->pw_passwd); : : Python-3.4.3/Python-3.4.3/Modules/pwdmodule.c : 72: SETS(setIndex++, p->pw_passwd); : : ruby-1.8.7-p374/ruby-1.8.7-p374/ext/etc/etc.c : 82: safe_setup_str(pwd->pw_passwd), : : ruby-1.9.3-p551/ruby-1.9.3-p551/ext/etc/etc.c : 85: safe_setup_str(pwd->pw_passwd), : : ruby-2.0.0-p647/ruby-2.0.0-p647/ext/etc/etc.c : 100: safe_setup_str(pwd->pw_passwd), : : ruby-2.1.7/ruby-2.1.7/ext/etc/etc.c : 113: safe_setup_str(pwd->pw_passwd), : : ruby-2.2.3/ruby-2.2.3/ext/etc/etc.c : 127: safe_setup_str(pwd->pw_passwd), : : rust-1.2.0/rustc-1.2.0/src/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc : 931: if (pwd->pw_passwd) : 932: COMMON_INTERCEPTOR_INITIALIZE_RANGE(pwd->pw_passwd, : 933: REAL(strlen)(pwd->pw_passwd) + 1); : : swi-prolog-6.6.4/pl-6.6.4/packages/clib/uid.c : 106: PL_MBCHARS, pwdp->pw_passwd, : : swi-prolog-6.6.4/pl-6.6.4/packages/xpce/src/ker/self.c : 830: answer(CtoName(pwd->pw_passwd)); : : tcl-8.5.18/tcl8.5.18/unix/tclUnixCompat.c : 836: copied = CopyString(tgtPtr->pw_passwd, p, buflen - len); : 840: tgtPtr->pw_passwd = (copied > 0) ? p : NULL; : : tcl-8.6.4/tcl8.6.4/unix/tclUnixCompat.c : 836: copied = CopyString(tgtPtr->pw_passwd, p, buflen - len); : 840: tgtPtr->pw_passwd = (copied > 0) ? p : NULL; : : akpop3d-0.7.7/akpop3d-0.7.7/authenticate.c : 343: if (u == NULL || u->pw_passwd == NULL) { : 349: if (strcmp(u->pw_passwd,"x")==0) { : 361: sys_pw = u->pw_passwd; : 364: sys_pw = u->pw_passwd; : : alpine-2.20/alpine-2.20/imap/src/osdep/unix/ckp_sv4.c : 61: if (!pw->pw_passwd || !pw->pw_passwd[0] || !pw->pw_passwd[1] || : 62: strcmp (pw->pw_passwd,(char *) crypt (pass,pw->pw_passwd))) { : : alpine-2.20/alpine-2.20/imap/src/osdep/unix/ckp_dce.c : 49: if (pw->pw_passwd && pw->pw_passwd[0] && pw->pw_passwd[1] && : 50: !strcmp (pw->pw_passwd,(char *) crypt (pass,pw->pw_passwd))) return pw; : 57: if (pw && pw->pw_passwd && pw->pw_passwd[0] && pw->pw_passwd[1] && : 58: !strcmp (pw->pw_passwd,(char *) crypt (pass,pw->pw_passwd))) { : : alpine-2.20/alpine-2.20/imap/src/osdep/unix/ckp_svo.c : 61: if (!pw->pw_passwd || !pw->pw_passwd[0] || !pw->pw_passwd[1] || : 62: strcmp (pw->pw_passwd,(char *) crypt (pass,pw->pw_passwd))) { : : alpine-2.20/alpine-2.20/imap/src/osdep/unix/ckp_sec.c : 41: if ((pw->pw_passwd && pw->pw_passwd[0] && pw->pw_passwd[1] && : 42: !strcmp (pw->pw_passwd,(char *) crypt (pass,pw->pw_passwd))) || : : alpine-2.20/alpine-2.20/imap/src/osdep/unix/ckp_std.c : 39: return (pw->pw_passwd && pw->pw_passwd[0] && pw->pw_passwd[1] && : 40: !strcmp (pw->pw_passwd,(char *) crypt (pass,pw->pw_passwd))) ? : : alpine-2.20/alpine-2.20/imap/src/osdep/unix/ckp_ssn.c : 48: ((pw->pw_passwd && pw->pw_passwd[0] && pw->pw_passwd[1] && : 49: !strcmp (pw->pw_passwd,(char *) crypt (pass,pw->pw_passwd))) || : : alpine-2.20/alpine-2.20/imap/src/osdep/unix/ckp_sce.c : 41: if ((pw->pw_passwd && pw->pw_passwd[0] && pw->pw_passwd[1] && : 42: !strcmp (pw->pw_passwd,(char *) crypt (pass,pw->pw_passwd))) || : : alpine-2.20/alpine-2.20/imap/src/osdep/unix/ckp_psx.c : 61: if (!pw->pw_passwd || !pw->pw_passwd[0] || !pw->pw_passwd[1] || : 62: strcmp (pw->pw_passwd,(char *) crypt (pass,pw->pw_passwd))) { : : alpine-2.20/alpine-2.20/imap/src/osdep/amiga/ckp_std.c : 39: return (pw->pw_passwd && pw->pw_passwd[0] && pw->pw_passwd[1] && : 40: !strcmp (pw->pw_passwd,(char *) crypt (pass,pw->pw_passwd))) ? : : avenger-0.8.3/avenger-0.8.3/asmtpd/config.C : 106: //npw->pw_passwd = xstrdup (pw->pw_passwd); : 107: npw->pw_passwd = xstrdup ("*"); : 126: xfree (pw->pw_passwd); : : courier-authlib-0.66.3/courier-authlib-0.66.3/preauthshadow.c : 72: courier_authdebug_authinfo("DEBUG: authshadow: ", &auth, 0, pw->pw_passwd); : : courier-authlib-0.66.3/courier-authlib-0.66.3/preauthpam.c : 47: auth.passwd=pw->pw_passwd; : 53: courier_authdebug_authinfo("DEBUG: authpam: ", &auth, 0, pw->pw_passwd); : : courier-authlib-0.66.3/courier-authlib-0.66.3/preauthpwd.c : 42: auth.passwd=pw->pw_passwd; : 44: courier_authdebug_authinfo("DEBUG: authpwd: ", &auth, 0, pw->pw_passwd); : : cucipop-1.31/cucipop-1.31/authenticate.c : 189: rpw=pass->pw->pw_passwd; /* get the regular (encrypted) password */ : : dkim-milter-2.8.3/dkim-milter-2.8.3/libsm/mpeix.c : 301: result->pw_passwd = sendmail_mpe_nullstr; : 339: result->pw_passwd = sendmail_mpe_nullstr; : : dovecot-2.2.18/dovecot-2.2.18/src/auth/passdb-vpopmail.c : 83: password = t_strdup_noconst(vpw->pw_passwd); : 90: safe_memset(vpw->pw_passwd, 0, strlen(vpw->pw_passwd)); : : dovecot-2.2.18/dovecot-2.2.18/src/auth/passdb-passwd.c : 29: if (!IS_VALID_PASSWD(pw_r->pw_passwd)) { : 31: "invalid password field '%s'", pw_r->pw_passwd); : 36: auth_request_set_field(request, "password", pw_r->pw_passwd, : : OpenSMTPD-extras-20150119/OpenSMTPD-extras-a9cc8a03f6ae16008d23f766d621192a52c59893/extras/tables/table-passwd/table_passwd.c : 228: pw->pw_passwd = q; : : popa3d-1.0.3/popa3d-1.0.3/auth_passwd.c : 26: if (!pw || !*pw->pw_passwd || : 27: *pw->pw_passwd == '*' || *pw->pw_passwd == '!') : 30: char *hash = crypt(pass, pw->pw_passwd); : 31: if (hash && !strcmp(hash, pw->pw_passwd)) : 36: memset(pw->pw_passwd, 0, strlen(pw->pw_passwd)); : : popa3d-1.0.3/popa3d-1.0.3/virtual.c : 174: memset(pw->pw_passwd, 0, strlen(pw->pw_passwd)); : : popa3d-1.0.3/popa3d-1.0.3/auth_shadow.c : 36: memset(pw->pw_passwd, 0, strlen(pw->pw_passwd)); : : popa3d-1.0.3/popa3d-1.0.3/auth_pam.c : 157: memset(pw->pw_passwd, 0, strlen(pw->pw_passwd)); : 211: memset(pw->pw_passwd, 0, strlen(pw->pw_passwd)); : : popa3d-1.0.3/popa3d-1.0.3/pop_root.c : 201: memset(pw->pw_passwd, 0, strlen(pw->pw_passwd)); : : poppassd-4.0/poppassd/poppassd.c : 668: if (strcmp (crypt (pass, pw->pw_passwd), pw->pw_passwd) != 0) : : postfix-3.0.2/postfix-3.0.2/src/global/mypwd.c : 143: mypwd->pw_passwd = mystrdup(pwd->pw_passwd); : 307: myfree(mypwd->pw_passwd); : : postfix-3.0.2/postfix-3.0.2/src/util/dict_unix.c : 98: pwd->pw_name, pwd->pw_passwd, (long) pwd->pw_uid, : : postfix-3.1.20150721/postfix-3.1-20150721/src/global/mypwd.c : 143: mypwd->pw_passwd = mystrdup(pwd->pw_passwd); : 307: myfree(mypwd->pw_passwd); : : postfix-3.1.20150721/postfix-3.1-20150721/src/util/dict_unix.c : 98: pwd->pw_name, pwd->pw_passwd, (long) pwd->pw_uid, : : procmail-3.22/procmail-3.22/src/authenticate.c : 105: rpw=pass->pw->pw_passwd; /* get the regular (encrypted) password */ : 141: if(op->pw_passwd) : 142: bbzero(op->pw_passwd,strlen(op->pw_passwd)); : 151: if(p->pw_passwd)bbzero(p->pw_passwd,strlen(p->pw_passwd)); : : procmail-3.22/procmail-3.22/src/autoconf : 1020: return (pw->pw_passwd==0)+(pw->pw_class==0)+(pw->pw_gecos==0); : : sendmail.8.15.2/sendmail-8.15.2/libsm/mpeix.c : 301: result->pw_passwd = sendmail_mpe_nullstr; : 339: result->pw_passwd = sendmail_mpe_nullstr; : : solid-pop3d-0.15/solid-pop3d-0.15/src/authenticate.c : 175: if (strcmp(pwentry->pw_passwd, "") == 0) { : 180: if (strlen(pwentry->pw_passwd) != 1) : 181: strncat(correct_passwd, pwentry->pw_passwd, sizeof(correct_passwd) - 1); : 219: (strcmp(pwentry->pw_passwd, "*") == 0)) || : : teapop-0.3.8/teapop-0.3.8/teapop/pop_passwd.c : 859: encpw = crypt(passwd, userinfo->pw_passwd); : 860: if (strcmp(encpw, userinfo->pw_passwd)) : : tkrat-2.1.2/tkrat-2.1.2/imap/src/osdep/unix/ckp_*.c : 41: if (pw->pw_passwd && pw->pw_passwd[0] && pw->pw_passwd[1] && : 42: !strcmp (pw->pw_passwd,(char *) crypt (pass,pw->pw_passwd))) return pw; : 49: if (pw && pw->pw_passwd && pw->pw_passwd[0] && pw->pw_passwd[1] && : 50: !strcmp (pw->pw_passwd,(char *) crypt (pass,pw->pw_passwd))) { : : zarafa-7.2.0/zarafa-7.2.0/provider/plugins/UnixUserPlugin.cpp : 950: if (!strcmp(pw->pw_passwd, "x")) { : 965: } else if (!strcmp(pw->pw_passwd, "*") || !strcmp(pw->pw_passwd, "!")){ : 968: ud->SetPropString(OB_PROP_S_PASSWORD, string(pw->pw_passwd)); : : grace-5.1.15/grace-5.1.15/src/missing.c : 541: entry->pw_passwd = cptr; : : octave-4.0.0/octave-4.0.0/liboctave/system/oct-passwd.cc : 211: pw_passwd = pw->pw_passwd; : : gone-1.3.5/gone-1.3.5/gone.c : 173: sysPass = pw->pw_passwd; : : mc-4.8.14/mc-4.8.14/src/vfs/smbfs/helpers/lib/username.c : 182: free (ret->pw_passwd); : 183: ret->pw_passwd = pwret->pwa_passwd; : : screen-4.0.3/screen-4.0.3/acls.c : 518: pass = pp->pw_passwd; : : screen-4.0.3/screen-4.0.3/screen.c : 293: if (ppp->pw_passwd[0] == '#' && ppp->pw_passwd[1] == '#' && : 294: strcmp(ppp->pw_passwd + 2, ppp->pw_name) == 0) : 298: char c = ppp->pw_passwd[n]; : 315: ppp->pw_passwd = spw = SaveStr(sss->sp_pwdp); : 323: ppp->pw_passwd = 0; : 325: if (ppp->pw_passwd && strlen(ppp->pw_passwd) == 13 + 11) : 326: ppp->pw_passwd[13] = 0; /* beware of linux's long passwords */ : : screen-4.0.3/screen-4.0.3/attacher.c : 814: pass = ppp->pw_passwd; : 844: pass = ppp->pw_passwd = SaveStr(pass); : : gopher-3.0.11/gopher/object/compatible.c : 494: p->pw_passwd = cp; : : netatalk-2.2.5/netatalk-2.2.5/etc/uams/uams_dhx_passwd.c : 116: dhxpwd->pw_passwd = sp->sp_pwdp; : 119: if (!dhxpwd->pw_passwd) : 350: p = crypt( rbuf, dhxpwd->pw_passwd ); : 352: if ( strcmp( p, dhxpwd->pw_passwd ) == 0 ) { : : netatalk-2.2.5/netatalk-2.2.5/etc/uams/uams_dhx2_passwd.c : 179: dhxpwd->pw_passwd = sp->sp_pwdp; : 182: if (!dhxpwd->pw_passwd) : 551: p = crypt( ibuf, dhxpwd->pw_passwd ); : 553: if ( strcmp( p, dhxpwd->pw_passwd ) == 0 ) { : : netatalk-2.2.5/netatalk-2.2.5/etc/uams/uams_pgp.c : 167: p = crypt( rbuf, pgppwd->pw_passwd ); : 169: if ( strcmp( p, pgppwd->pw_passwd ) == 0 ) { : : netatalk-2.2.5/netatalk-2.2.5/etc/uams/uams_passwd.c : 110: pwd->pw_passwd = sp->sp_pwdp; : 122: if (!pwd->pw_passwd) { : 144: p = crypt( ibuf, pwd->pw_passwd ); : 145: if ( strcmp( p, pwd->pw_passwd ) == 0 ) : 248: pwd->pw_passwd = sp->sp_pwdp; : 251: p = crypt(pw, pwd->pw_passwd ); : 252: if (strcmp( p, pwd->pw_passwd )) { : 339: pwd->pw_passwd = sp->sp_pwdp; : 352: if (!pwd->pw_passwd) { : 363: p = crypt(password, pwd->pw_passwd); : 364: if (strcmp(p, pwd->pw_passwd) != 0) { : : netatalk-3.1.7/netatalk-3.1.7/etc/uams/uams_dhx2_passwd.c : 172: dhxpwd->pw_passwd = sp->sp_pwdp; : 175: if (!dhxpwd->pw_passwd) : 548: p = crypt( ibuf, dhxpwd->pw_passwd ); : 550: if ( strcmp( p, dhxpwd->pw_passwd ) == 0 ) { : : netatalk-3.1.7/netatalk-3.1.7/etc/uams/uams_passwd.c : 91: pwd->pw_passwd = sp->sp_pwdp; : 103: if (!pwd->pw_passwd) { : 125: p = crypt( ibuf, pwd->pw_passwd ); : 126: if ( strcmp( p, pwd->pw_passwd ) == 0 ) : 229: pwd->pw_passwd = sp->sp_pwdp; : 232: p = crypt(pw, pwd->pw_passwd ); : 233: if (strcmp( p, pwd->pw_passwd )) { : 320: pwd->pw_passwd = sp->sp_pwdp; : 333: if (!pwd->pw_passwd) { : 344: p = crypt(password, pwd->pw_passwd); : 345: if (strcmp(p, pwd->pw_passwd) != 0) { : : netatalk-3.1.7/netatalk-3.1.7/etc/uams/uams_pgp.c : 166: p = crypt( rbuf, pgppwd->pw_passwd ); : 168: if ( strcmp( p, pgppwd->pw_passwd ) == 0 ) { : : netatalk-3.1.7/netatalk-3.1.7/etc/uams/uams_dhx_passwd.c : 111: dhxpwd->pw_passwd = sp->sp_pwdp; : 114: if (!dhxpwd->pw_passwd) : 345: p = crypt( rbuf, dhxpwd->pw_passwd ); : 347: if ( strcmp( p, dhxpwd->pw_passwd ) == 0 ) { : : pure-ftpd-1.0.36/pure-ftpd-1.0.36/src/log_ldap.c : 228: free(p->pw_passwd); : 229: p->pw_passwd = NULL; : 507: spwd = pw->pw_passwd; : : pure-ftpd-1.0.36/pure-ftpd-1.0.36/src/pure-pwconvert.c : 56: pw = pwd->pw_passwd; : 58: if (pwd->pw_passwd != NULL && pwd->pw_name != NULL && : 59: (((pwd->pw_passwd)[0] == 'x' && (pwd->pw_passwd)[1] == 0) || : 60: (strcmp(pwd->pw_passwd, "********") == 0) || : 61: ((pwd->pw_passwd)[0] == '#' && (pwd->pw_passwd)[1] == '#' && : 62: strcmp(pwd->pw_passwd + 2, pwd->pw_name) == 0)) && : : samba-4.1.19/samba-4.1.19/lib/ldb/nssldb/ldb-nss.c : 117: result->pw_passwd = &buffer[bufpos]; : : samba-4.1.19/samba-4.1.19/lib/nss_wrapper/nss_wrapper.c : 777: pw->pw_passwd = c; : 780: NWRAP_VERBOSE(("password[%s]\n", pw->pw_passwd)); : 874: pw->pw_name, pw->pw_passwd, : 916: ofs = PTR_DIFF(src->pw_passwd, first); : 917: dst->pw_passwd = buf + ofs; : : samba-4.1.19/samba-4.1.19/lib/nss_wrapper/testsuite.c : 36: p->pw_passwd = talloc_strdup(tctx, pwd->pw_passwd); : 50: pwd->pw_passwd, : 375: torture_assert_str_equal(tctx, p1->pw_passwd, p2->pw_passwd, comment); : : samba-4.1.19/samba-4.1.19/lib/util/util_pw.c : 40: ret->pw_passwd = talloc_strdup(ret, from->pw_passwd); : : samba-4.1.19/samba-4.1.19/nsswitch/libwbclient/wbc_pwd.c : 47: free(pw->pw_passwd); : 66: pw->pw_passwd = strdup(p->pw_passwd); : 67: if (pw->pw_passwd == NULL) { : : samba-4.1.19/samba-4.1.19/nsswitch/nsstest.c : 338: pwd->pw_passwd, : : samba-4.1.19/samba-4.1.19/nsswitch/wbinfo.c : 180: pwd->pw_passwd, : 207: pwd->pw_passwd, : 235: pwd->pw_passwd, : : samba-4.1.19/samba-4.1.19/nsswitch/winbind_nss_aix.c : 102: free(pwd->pw_passwd); : 199: result->pw_passwd = strdup(pw->pw_passwd); : 638: results[i].attr_un.au_char = strdup(pwd->pw_passwd); : : samba-4.1.19/samba-4.1.19/nsswitch/winbind_nss_irix.c : 245: pw->pw_passwd, : 369: pw->pw_passwd, : : samba-4.1.19/samba-4.1.19/nsswitch/winbind_nss_linux.c : 220: if ((result->pw_passwd = : 221: get_static(buffer, buflen, strlen(pw->pw_passwd) + 1)) == NULL) { : 228: strcpy(result->pw_passwd, pw->pw_passwd); : : samba-4.1.19/samba-4.1.19/source3/auth/pass_check.c : 653: if (set_this_crypted(pass->pw_passwd) == NULL) { : 656: if (set_this_salt(pass->pw_passwd) == NULL) { : 687: ia_get_logpwd(uinfo, &(pass->pw_passwd)); : : samba-4.1.19/samba-4.1.19/source3/winbindd/wb_fill_pwent.c : 199: fstrcpy(state->pw->pw_passwd, "*"); : : samba-4.1.19/samba-4.1.19/source4/auth/ntlm/auth_unix.c : 127: ret->pw_passwd = talloc_strdup(ctx, from->pw_passwd); : 128: NT_STATUS_HAVE_NO_MEMORY(ret->pw_passwd); : 625: crypted = pws->pw_passwd; : 626: salt = pws->pw_passwd; : : samba-4.1.19/samba-4.1.19/source4/winbind/wb_cmd_getpwnam.c : 132: WBSRV_SAMBA3_SET_STRING(pw->pw_passwd, "*"); : : samba-4.1.19/samba-4.1.19/source4/winbind/wb_cmd_getpwuid.c : 152: WBSRV_SAMBA3_SET_STRING(pw->pw_passwd, "*"); : : samba-4.1.19/samba-4.1.19/testsuite/nsswitch/getent.c : 95: pwd->pw_passwd ? pwd->pw_passwd : "", : : samba-4.1.19/samba-4.1.19/testsuite/nsswitch/getpwent_r.c : 35: fprintf(fptr,"%s:%s:%s:%d:%d\n", pw->pw_name, pw->pw_passwd, : : samba-4.1.19/samba-4.1.19/testsuite/nsswitch/getpwnam.c : 29: printf("pw_passwd = %s\n", pw->pw_passwd); : : samba-4.1.19/samba-4.1.19/testsuite/nsswitch/getpwuid.c : 35: printf("pw_passwd = %s\n", pw->pw_passwd); : : tacacs+-4.0.4a/tac_plus.F4.0.4.alpha/pwlib.c : 213: if (*pw->pw_passwd == '\0' || : 219: cfg_passwd = pw->pw_passwd; : 223: if (STREQ(pw->pw_passwd, "x")) { : 303: if (*pw->pw_passwd == '\0' || : 309: cfg_passwd = pw->pw_passwd; : : tircproxy-0.4.5/tircproxy-0.4/tircproxy.c : 2565: salt[0] = (pw->pw_passwd)[0]; : 2566: salt[1] = (pw->pw_passwd)[1]; : 2568: if (!strcmp(pw->pw_passwd, crypt(p,salt))) : : uucpd-1.0/uucpd-1.0/uucpd.c : 186: if (pw->pw_passwd && *pw->pw_passwd != '\0') { : 193: xpasswd = crypt(passwd, pw->pw_passwd); : 194: if (strcmp(xpasswd, pw->pw_passwd)) { : : vsftpd-3.0.3/vsftpd-3.0.3/sysdeputil.c : 295: p_crypted = crypt(str_getbuf(p_pass_str), p_pwd->pw_passwd); : 296: if (!vsf_sysutil_strcmp(p_crypted, p_pwd->pw_passwd)) : : winexe-0.90/winexe-source-081123/lib/ldb/nssldb/ldb-nss.c : 124: result->pw_passwd = &buffer[bufpos]; : : winexe-0.90/winexe-source-081123/lib/util/util_getent.c : 152: if (pwd->pw_passwd) { : 153: if ((pent->pw_passwd = strdup(pwd->pw_passwd)) == NULL) : 202: SAFE_FREE(plist->pw_passwd); : : winexe-0.90/winexe-source-081123/lib/util/util_pw.c : 30: ret->pw_passwd = smb_xstrdup(from->pw_passwd); : 47: SAFE_FREE((*buf)->pw_passwd); : : winexe-0.90/winexe-source-081123/auth/auth_unix.c : 117: ret->pw_passwd = talloc_strdup(ctx, from->pw_passwd); : 118: NT_STATUS_HAVE_NO_MEMORY(ret->pw_passwd); : 614: crypted = pws->pw_passwd; : 615: salt = pws->pw_passwd; : : winexe-0.90/winexe-source-081123/torture/nsstest.c : 260: pwd->pw_passwd, : : winexe-0.90/winexe-source-081123/scripting/ejs/smbcalls_nss.c : 41: mprSetVar(&ret, "pw_passwd", mprString(pwd->pw_passwd)); : : cups-2.0.4-source/cups-2.0.4/scheduler/auth.c : 741: if (!spw && !strcmp(pw->pw_passwd, "x")) : 753: if (spw && !spw->sp_pwdp[0] && !pw->pw_passwd[0]) : 755: if (!pw->pw_passwd[0]) : 773: pass = cups_crypt(password, pw->pw_passwd); : 777: con->number, pw->pw_passwd, pass); : 779: if (!pass || strcmp(pw->pw_passwd, pass)) : : siag-3.6.1/siag-3.6.1/siod/slibu.c : 133: "passwd",strcons(strlen(p->pw_passwd),p->pw_passwd), : 165: p->pw_passwd = strfield("passwd",alist); : : ADMsmb-0.2/ADM-SAMBA-CLIENT/username.c : 140: free(ret->pw_passwd); : 141: ret->pw_passwd = pwret->pwa_passwd; : : cyrus-sasl-2.1.26/cyrus-sasl-2.1.26/pwcheck/pwcheck_getpwnam.c : 41: else if (pwd->pw_passwd[0] == '*') { : 44: else if (strcmp(pwd->pw_passwd, crypt(password, pwd->pw_passwd)) != 0) { : : cyrus-sasl-2.1.26/cyrus-sasl-2.1.26/saslauthd/auth_getpwent.c : 108: if (strcmp(pw->pw_passwd, (const char *)crypt(password, pw->pw_passwd))) { : : dante-1.4.1/dante-1.4.1/sockd/auth_password.c : 189: pw_db = pwd->pw_passwd; : : dsniff-2.3/dsniff-2.3/decode_yp.c : 47: xdr_string(xdrs, &objp->pw_passwd, ~0) && : : heimdal-1.5.3/heimdal-1.5.3/appl/ftp/ftpd/ftpd.c : 462: save.pw_passwd = sgetsave(p->pw_passwd); : : heimdal-1.5.3/heimdal-1.5.3/appl/login/login.c : 520: if(pwd->pw_passwd == NULL) : 522: if(pwd->pw_passwd[0] == '\0'){ : 529: if(strcmp(pwd->pw_passwd, crypt(password, pwd->pw_passwd)) == 0) : 663: if (pwd != NULL && (pwd->pw_passwd[0] == '\0')) { : : heimdal-1.5.3/heimdal-1.5.3/appl/popper/pop_pass.c : 167: if (pw->pw_passwd == NULL) : 183: else if (!strcmp(crypt(p->pop_parm[1], pw->pw_passwd), pw->pw_passwd)) : : heimdal-1.5.3/heimdal-1.5.3/appl/su/su.c : 113: free (p->pw_passwd); : 128: info->pw_passwd = strdup(pwd->pw_passwd); : 133: if(info->pw_name == NULL || info->pw_passwd == NULL || : 296: if(su->pw_passwd != NULL && *su->pw_passwd != '\0') { : 301: pw = crypt(pw_buf, su->pw_passwd); : 303: if(strcmp(pw, su->pw_passwd) != 0) { : : heimdal-1.5.3/heimdal-1.5.3/appl/telnet/libtelnet/rsaencpwd.c : 461: salt = pwd->pw_passwd; : 466: if (pwd && !strcmp(p, pwd->pw_passwd)) { : : heimdal-1.5.3/heimdal-1.5.3/appl/xnlock/xnlock.c : 927: strlcpy(root_cpass, pw->pw_passwd, sizeof(root_cpass)); : 931: strlcpy(user_cpass, pw->pw_passwd, sizeof(user_cpass)); : : heimdal-1.5.3/heimdal-1.5.3/lib/roken/k_getpwnam.c : 54: p->pw_passwd = spwd->sp_pwdp; : : heimdal-1.5.3/heimdal-1.5.3/lib/roken/k_getpwuid.c : 54: p->pw_passwd = spwd->sp_pwdp; : : heimdal-1.5.3/heimdal-1.5.3/lib/roken/verify.c : 53: if(strlen(pw->pw_passwd) == 0 && strlen(password) == 0) : 55: if(strcmp(crypt(password, pw->pw_passwd), pw->pw_passwd) == 0) : : openpam-20141014/freebsd_pam-20141014/openpam/modules/pam_unix/pam_unix.c : 122: if ((!pwd->pw_passwd[0] && (flags & PAM_DISALLOW_NULL_AUTHTOK)) || : 123: (crypt_password = crypt(password, pwd->pw_passwd)) == NULL || : 124: strcmp(crypt_password, pwd->pw_passwd) != 0) : : openpam-20141014/freebsd_pam-20141014/libpam/modules/pam_unix/pam_unix.c : 109: realpw = pwd->pw_passwd; : 177: if (*pwd->pw_passwd == '\0' && : 181: if (strncmp(pwd->pw_passwd, LOCKED_PREFIX, LOCKED_PREFIX_LEN) == 0) : 327: if (pwd->pw_passwd[0] == '\0' : 343: encrypted = crypt(old_pass, pwd->pw_passwd); : 347: if (strcmp(encrypted, pwd->pw_passwd) != 0) : 393: pwd->pw_passwd = crypt(new_pass, salt); : : ssh-ldap-helper-5.3/openssh-5.3p1/openbsd-compat/port-uw.c : 60: char *pw_password = authctxt->valid ? shadow_pw(pw) : pw->pw_passwd; : : ssh-ldap-helper-5.3/openssh-5.3p1/openbsd-compat/xcrypt.c : 92: char *pw_password = pw->pw_passwd; : : ssh-ldap-helper-5.3/openssh-5.3p1/auth2-jpake.c : 276: authctxt->valid, authctxt->pw->pw_passwd); : 282: if (strncmp(authctxt->pw->pw_passwd, "$2$", 3) == 0 && : 283: strlen(authctxt->pw->pw_passwd) > 28) { : 290: strlcpy(*salt, authctxt->pw->pw_passwd, salt_len); : 292: } else if (strncmp(authctxt->pw->pw_passwd, "$2a$", 4) == 0 && : 293: strlen(authctxt->pw->pw_passwd) > 29) { : 300: strlcpy(*salt, authctxt->pw->pw_passwd, salt_len); : 302: } else if (strncmp(authctxt->pw->pw_passwd, "$1$", 3) == 0 && : 303: strlen(authctxt->pw->pw_passwd) > 5) { : 308: cp = strchr(authctxt->pw->pw_passwd + 3, '$'); : 310: salt_len = (cp - authctxt->pw->pw_passwd) + 1; : 312: strlcpy(*salt, authctxt->pw->pw_passwd, : 316: } else if (strncmp(authctxt->pw->pw_passwd, "_", 1) == 0 && : 317: strlen(authctxt->pw->pw_passwd) > 9) { : 324: strlcpy(*salt, authctxt->pw->pw_passwd, salt_len); : 326: } else if (strlen(authctxt->pw->pw_passwd) == 13 && : 327: valid_crypt_salt(authctxt->pw->pw_passwd[0]) && : 328: valid_crypt_salt(authctxt->pw->pw_passwd[1])) { : 335: strlcpy(*salt, authctxt->pw->pw_passwd, salt_len); : 346: if (hash_buffer(authctxt->pw->pw_passwd, : 347: strlen(authctxt->pw->pw_passwd), EVP_sha256(), : : ssh-ldap-helper-5.3/openssh-5.3p1/sshd.c : 1495: memset(privsep_pw->pw_passwd, 0, strlen(privsep_pw->pw_passwd)); : 1497: xfree(privsep_pw->pw_passwd); : 1498: privsep_pw->pw_passwd = xstrdup("*"); : : ssh-ldap-helper-5.3/openssh-5.3p1/auth.c : 118: passwd = pw->pw_passwd; : : ssh-ldap-helper-5.3/openssh-5.3p1/misc.c : 204: copy->pw_passwd = xstrdup(pw->pw_passwd); : : ssh-ldap-helper-5.3/openssh-5.3p1/auth-passwd.c : 198: char *pw_password = authctxt->valid ? shadow_pw(pw) : pw->pw_passwd; : : ssh-ldap-helper-5.3/openssh-5.3p1/monitor_wrap.c : 234: pw->pw_passwd = buffer_get_string(&m, NULL); : : sudo-1.8.14.3/sudo-1.8.14p3/plugins/sudoers/getspwuid.c : 111: if ((spw = getspwuid(pw->pw_uid)) && spw->pw_passwd) : 112: epw = spw->pw_passwd; : 136: debug_return_str(strdup(epw ? epw : pw->pw_passwd)); : : sudo-1.8.14.3/sudo-1.8.14p3/plugins/sudoers/pwutil.c : 258: pw->pw_passwd = pw->pw_name + name_len + 1; : 259: memcpy(pw->pw_passwd, "*", 2); : 260: pw->pw_gecos = pw->pw_passwd + 2; : : sudo-1.8.14.3/sudo-1.8.14p3/plugins/sudoers/sudoers.h : 180:#define user_passwd (sudo_user.pw->pw_passwd) : : tcsh-6.19.00/tcsh-6.19.00/tc.func.c : 732: srpp = pw->pw_passwd; : : ktsuss-1.4/ktsuss-1.4/src/auth.c : 158: correct = pw->pw_passwd; : : openpoppassd-1.1/openpoppassd/openpoppassd.c : 205: if (strcmp(crypt(oldpass, pw->pw_passwd), pw->pw_passwd) != 0) : : rtty-4.0/ttysrv.c : 723: } else if (!pw->pw_passwd[0]) { : 727: WhosOn[fd]->auth = safe_strdup(pw->pw_passwd); : : cherokee-1.2.101/cherokee-1.2.101/cherokee/util.c : 1174: if (source->pw_passwd) pw_passwd_len = strlen(source->pw_passwd); : 1197: if (source->pw_passwd) { : 1198: memcpy (ptr, source->pw_passwd, pw_passwd_len); : 1199: target->pw_passwd = ptr; : : kdebase-3.5.10/kdebase-3.5.10/kdm/backend/client.c : 398: if (pw->pw_passwd[0] == '!' || pw->pw_passwd[0] == '*') : 603: if (p->pw_passwd[0] == '!' || p->pw_passwd[0] == '*') { : 611: p->pw_passwd = sp->sp_pwdp; : 612: if (p->pw_passwd[0] == '!' || p->pw_passwd[0] == '*') { : 621: if (!*p->pw_passwd) { : 674: if (strcmp( crypt( curpass, p->pw_passwd ), p->pw_passwd )) : 676: if (strcmp( curpass, p->pw_passwd )) : : kdebase-3.5.10/kdebase-3.5.10/kcheckpass/checkpass_shadow.c : 58: password = spw ? spw->sp_pwdp : pw->pw_passwd; : : kdebase-3.5.10/kdebase-3.5.10/kcheckpass/checkpass_etcpasswd.c : 46: if (!*pw->pw_passwd) : 52: if (!strcmp(pw->pw_passwd, crypt(passwd, pw->pw_passwd))) { : : kdebase-3.5.10/kdebase-3.5.10/kcheckpass/checkpass_osfc2passwd.c : 187: strlcpy(p, pw->pw_passwd, len); : : kdeadmin-3.5.10/kdeadmin-3.5.10/kuser/kuserfiles.cpp : 172: tmp = QString::fromLocal8Bit( p->pw_passwd ); : : kdeadmin-3.5.10/kdeadmin-3.5.10/kuser/kusersystem.cpp : 81: tmp = QString::fromLocal8Bit( p->pw_passwd ); : : kde-workspace-4.11.21/kde-workspace-4.11.21/kcheckpass/checkpass_osfc2passwd.c : 188: strlcpy(p, pw->pw_passwd, len); : : kde-workspace-4.11.21/kde-workspace-4.11.21/kcheckpass/checkpass_etcpasswd.c : 47: if (!*pw->pw_passwd) : 53: if ((crpt_passwd = crypt(passwd, pw->pw_passwd)) && !strcmp(pw->pw_passwd, crpt_passwd)) { : : kde-workspace-4.11.21/kde-workspace-4.11.21/kcheckpass/checkpass_shadow.c : 58: password = spw ? spw->sp_pwdp : pw->pw_passwd; : : kde-workspace-4.11.21/kde-workspace-4.11.21/kdm/backend/client.c : 478: pw->pw_passwd[0] == '!' || pw->pw_passwd[0] == '*') : 685: if (p->pw_passwd[0] == '!' || p->pw_passwd[0] == '*') { : 693: p->pw_passwd = sp->sp_pwdp; : 694: if (p->pw_passwd[0] == '!' || p->pw_passwd[0] == '*') { : 704: if (!*p->pw_passwd) { : 758: if (!(crpt_passwd = pw_encrypt(curpass, p->pw_passwd)) || strcmp(crpt_passwd, p->pw_passwd)) : 760: if (!(crpt_passwd = crypt(curpass, p->pw_passwd)) || strcmp(crpt_passwd, p->pw_passwd)) : 762: if (strcmp(curpass, p->pw_passwd)) : : kuser-4.14.3/kuser-4.14.3/ku_userfiles.cpp : 139: tmp = QString::fromLocal8Bit( p->pw_passwd ); : : kuser-4.14.3/kuser-4.14.3/ku_usersystem.cpp : 77: tmp = QString::fromLocal8Bit( p->pw_passwd ); : : nxssh-3.5.0.2/nxssh/misc.c : 218: copy->pw_passwd = xstrdup(pw->pw_passwd); : : nxssh-3.5.0.2/nxssh/misc.c.SSH.original : 195: copy->pw_passwd = xstrdup(pw->pw_passwd); : : nxssh-3.5.0.2/nxssh/sshd.c.NX.original : 1470: memset(privsep_pw->pw_passwd, 0, strlen(privsep_pw->pw_passwd)); : 1472: xfree(privsep_pw->pw_passwd); : 1473: privsep_pw->pw_passwd = xstrdup("*"); : : nxssh-3.5.0.2/nxssh/sshd.c : 1471: memset(privsep_pw->pw_passwd, 0, strlen(privsep_pw->pw_passwd)); : 1473: xfree(privsep_pw->pw_passwd); : 1474: privsep_pw->pw_passwd = xstrdup("*"); : : nxssh-3.5.0.2/nxssh/monitor_wrap.c : 232: pw->pw_passwd = buffer_get_string(&m, NULL); : : nxssh-3.5.0.2/nxssh/misc.c.NX.original : 218: copy->pw_passwd = xstrdup(pw->pw_passwd); : : nxssh-3.5.0.2/nxssh/sshd.c.SSH.original : 1445: memset(privsep_pw->pw_passwd, 0, strlen(privsep_pw->pw_passwd)); : 1447: xfree(privsep_pw->pw_passwd); : 1448: privsep_pw->pw_passwd = xstrdup("*"); : : nxssh-3.5.0.2/nxssh/auth-passwd.c : 198: char *pw_password = authctxt->valid ? shadow_pw(pw) : pw->pw_passwd; : : nxssh-3.5.0.2/nxssh/auth.c : 124: passwd = pw->pw_passwd; : : nxssh-3.5.0.2/nxssh/openbsd-compat/xcrypt.c : 92: char *pw_password = pw->pw_passwd; : : nxssh-3.5.0.2/nxssh/openbsd-compat/port-uw.c : 60: char *pw_password = authctxt->valid ? shadow_pw(pw) : pw->pw_passwd; : : motif-2.3.4/motif-2.3.4/lib/Xm/Xmos_r.h : 261: (p).len = strlen((p).pwp->pw_passwd); : 262: strcpy((p).pws.pw_passwd,(p).pwp->pw_passwd); : 290: ((p).len = strlen((p).pwp->pw_passwd)), \ : 291: strcpy((p).pws.pw_passwd,(p).pwp->pw_passwd), \ : : slim-1.3.6/slim-1.3.6/app.cpp : 482: correct = pw->pw_passwd; : : x11vnc-0.9.13/x11vnc-0.9.13/x11vnc/unixpw.c : 782: realpw = pwd->pw_passwd; : : xscreensaver-5.33/xscreensaver-5.33/configure.in : 2295: const char *pw = p->pw_passwd;], : : xscreensaver-5.33/xscreensaver-5.33/configure : 11363: const char *pw = p->pw_passwd; : : xscreensaver-5.33/xscreensaver-5.33/driver/vms-getpwnam.c : 105: entry->pw_passwd = cptr; : : xscreensaver-5.33/xscreensaver-5.33/driver/vms-validate.c : 71: if (memcmp(encrypt_buf,user_entry->pw_passwd,8) == 0) : : xscreensaver-5.33/xscreensaver-5.33/driver/passwd-pwent.c : 181: if (p && passwd_known_p (p->pw_passwd)) : 182: result = strdup(p->pw_passwd); : 192: So this means that passwd->pw_passwd isn't simply a string of cyphertext, : : xtacy-1.14/Xtacy/password.c : 170: (void) strcpy(rootpass, pw->pw_passwd); : 176: (void) strcpy(rootpass, pw->pw_passwd); : 185: pw->pw_passwd = ""; : 187: pw->pw_passwd = spw->sp_pwdp; : 191: (void) strcpy(userpass, pw->pw_passwd); : : libbind-6.0/libbind-6.0/irs/irp_pw.c : 321: if (pw->pw_passwd != NULL) : 322: free(pw->pw_passwd); : : libbind-6.0/libbind-6.0/irs/getpwent_r.c : 207: len += strlen(pw->pw_passwd) + 1; : 239: n = strlen(pw->pw_passwd) + 1; : 240: strcpy(cp, pw->pw_passwd); : 241: pwptr->pw_passwd = cp; : : libbind-6.0/libbind-6.0/irs/irpmarshall.c : 173: need += strlen(pw->pw_passwd) + 1; : 205: strcat(*buffer, pw->pw_passwd); strcat(*buffer, fieldsep); : 362: pw->pw_passwd = pass; : 2258: pw->pw_name, pw->pw_passwd, (long)pw->pw_uid,