On Mon, Aug 29, 2022 at 09:08:26AM +0200, Greg Steuck wrote: > Greg Steuck <gne...@openbsd.org> writes: > > Matthieu> + authok = priv_pw_check(user, style, pass); > > I suspect your original patch may have swapped the arguments. The > password should go before style.
Oops you're right thanks. > > What do you thing about this patch (tested locally, but I don't have > style): Works for me. I also cannot check style easyly (otherwise I would probably have caught the mistake, but I've check with and without : in the password). > > diff --git a/app/xlockmore/xlock/passwd.c b/app/xlockmore/xlock/passwd.c > index 914db414f..23ba9043e 100644 > --- a/app/xlockmore/xlock/passwd.c > +++ b/app/xlockmore/xlock/passwd.c > @@ -1278,17 +1278,15 @@ checkPasswd(char *buffer) > > #ifdef USE_PRIVSEP > char *pass; > - char *style; > > /* buffer can be in the form style:pass */ > if ((pass = strchr(buffer, ':')) != NULL) { > - *pass++ = '\0'; > - style = buffer; > - } else { > - pass = buffer; > - style = NULL; > + *pass++ = '\0'; > + if (priv_pw_check(user, pass, buffer)) > + return True; > + *--pass = ':'; > } > - return priv_pw_check(user, pass, style); > + return priv_pw_check(user, buffer, NULL); > #elif defined(BSD_AUTH) > char *pass; > char *style; > -- > 2.37.2 > -- Matthieu Herrb