Re: [matthieu@openbsd.org: Re: xlock don't take my password anymore]

Greg Steuck Mon, 29 Aug 2022 00:08:54 -0700

Greg Steuck <gne...@openbsd.org> writes:

Matthieu> +         authok = priv_pw_check(user, style, pass);


I suspect your original patch may have swapped the arguments. The
password should go before style.

What do you thing about this patch (tested locally, but I don't have style):

diff --git a/app/xlockmore/xlock/passwd.c b/app/xlockmore/xlock/passwd.c
index 914db414f..23ba9043e 100644
--- a/app/xlockmore/xlock/passwd.c
+++ b/app/xlockmore/xlock/passwd.c
@@ -1278,17 +1278,15 @@ checkPasswd(char *buffer)
 
 #ifdef USE_PRIVSEP
        char    *pass;
-       char    *style;
 
        /* buffer can be in the form style:pass */
        if ((pass = strchr(buffer, ':')) != NULL) {
-           *pass++ = '\0';
-           style = buffer;
-       } else {
-           pass = buffer;
-           style = NULL;
+               *pass++ = '\0';
+               if (priv_pw_check(user, pass, buffer))
+                       return True;
+               *--pass = ':';
        }
-       return priv_pw_check(user, pass, style);
+       return priv_pw_check(user, buffer, NULL);
 #elif defined(BSD_AUTH)
        char       *pass;
        char       *style;
-- 
2.37.2

Re: [matthieu@openbsd.org: Re: xlock don't take my password anymore]

Reply via email to