Changeset 2725 in MondoRescue for branches/2.2.9/mindi-busybox/loginutils/passwd.c

Timestamp:

Feb 25, 2011, 9:26:54 PM (13 years ago)

Author:

Bruno Cornec

Message:

• Update mindi-busybox to 1.18.3 to avoid problems with the tar command which is now failing on recent versions with busybox 1.7.3

File:

• branches/2.2.9/mindi-busybox/loginutils/passwd.c (modified) (12 diffs)

branches/2.2.9/mindi-busybox/loginutils/passwd.c

@@ -1 +1 @@
 /* vi: set sw=4 ts=4: */
 /*
- * Licensed under GPLv2 or later, see file LICENSE in this tarball for details.
+ * Licensed under GPLv2 or later, see file LICENSE in this source tree.
  */
-
 #include "libbb.h"
 #include <syslog.h>
-
 
 static void nuke_str(char *str)
@@ -18 +16 @@
     char *orig = (char*)"";
     char *newp = NULL;
-    char *cipher = NULL;
     char *cp = NULL;
     char *ret = NULL; /* failure so far */
 
     if (myuid && pw->pw_passwd[0]) {
-        orig = bb_askpass(0, "Old password:"); /* returns ptr to static */
+        char *encrypted;
+
+        orig = bb_ask_stdin("Old password: "); /* returns ptr to static */
         if (!orig)
             goto err_ret;
-        cipher = pw_encrypt(orig, pw->pw_passwd); /* returns ptr to static */
-        if (strcmp(cipher, pw->pw_passwd) != 0) {
-            syslog(LOG_WARNING, "incorrect password for '%s'",
+        encrypted = pw_encrypt(orig, pw->pw_passwd, 1); /* returns malloced str */
+        if (strcmp(encrypted, pw->pw_passwd) != 0) {
+            syslog(LOG_WARNING, "incorrect password for %s",
                 pw->pw_name);
             bb_do_delay(FAIL_DELAY);
@@ -34 +33 @@
             goto err_ret;
         }
-    }
-    orig = xstrdup(orig); /* or else bb_askpass() will destroy it */
-    newp = bb_askpass(0, "New password:"); /* returns ptr to static */
+        if (ENABLE_FEATURE_CLEAN_UP) free(encrypted);
+    }
+    orig = xstrdup(orig); /* or else bb_ask_stdin() will destroy it */
+    newp = bb_ask_stdin("New password: "); /* returns ptr to static */
     if (!newp)
         goto err_ret;
-    newp = xstrdup(newp); /* we are going to bb_askpass() again, so save it */
+    newp = xstrdup(newp); /* we are going to bb_ask_stdin() again, so save it */
     if (ENABLE_FEATURE_PASSWD_WEAK_CHECK
      && obscure(orig, newp, pw) && myuid)
         goto err_ret; /* non-root is not allowed to have weak passwd */
 
-    cp = bb_askpass(0, "Retype password:");
+    cp = bb_ask_stdin("Retype password: ");
     if (!cp)
         goto err_ret;
@@ -57 +57 @@
         crypt_make_salt(salt + 3, 4, 0);
     }
-    /* pw_encrypt returns ptr to static */
-    ret = xstrdup(pw_encrypt(newp, salt));
+    /* pw_encrypt returns malloced str */
+    ret = pw_encrypt(newp, salt, 1);
     /* whee, success! */
 
@@ -66 +66 @@
     nuke_str(newp);
     if (ENABLE_FEATURE_CLEAN_UP) free(newp);
-    nuke_str(cipher);
     nuke_str(cp);
     return ret;
 }
 
-int passwd_main(int argc, char **argv);
-int passwd_main(int argc, char **argv)
+int passwd_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
+int passwd_main(int argc UNUSED_PARAM, char **argv)
 {
     enum {
@@ -94 +93 @@
     struct rlimit rlimit_fsize;
     char c;
-
 #if ENABLE_FEATURE_SHADOWPASSWDS
     /* Using _r function to avoid pulling in static buffers */
     struct spwd spw;
-    struct spwd *result;
     char buffer[256];
 #endif
 
     logmode = LOGMODE_BOTH;
-    openlog(applet_name, LOG_NOWAIT, LOG_AUTH);
+    openlog(applet_name, 0, LOG_AUTH);
     opt = getopt32(argv, "a:lud", &opt_a);
     //argc -= optind;
@@ -118 +115 @@
 
     /* Will complain and die if username not found */
-    myname = xstrdup(bb_getpwuid(NULL, -1, myuid));
+    myname = xstrdup(xuid2uname(myuid));
     name = argv[0] ? argv[0] : myname;
 
-    pw = getpwnam(name);
-    if (!pw) bb_error_msg_and_die("unknown user %s", name);
+    pw = xgetpwnam(name);
     if (myuid && pw->pw_uid != myuid) {
         /* LOGMODE_BOTH */
@@ -129 +125 @@
 
 #if ENABLE_FEATURE_SHADOWPASSWDS
-    /* getspnam_r() can lie! Even if user isn't in shadow, it can
-     * return success (pwd field was seen set to "!" in this case) */
-    if (getspnam_r(pw->pw_name, &spw, buffer, sizeof(buffer), &result)
-     || LONE_CHAR(spw.sp_pwdp, '!')) {
-        /* LOGMODE_BOTH */
-        bb_error_msg("no record of %s in %s, using %s",
-                name, bb_path_shadow_file,
-                bb_path_passwd_file);
-    } else {
-        pw->pw_passwd = spw.sp_pwdp;
+    {
+        /* getspnam_r may return 0 yet set result to NULL.
+         * At least glibc 2.4 does this. Be extra paranoid here. */
+        struct spwd *result = NULL;
+        errno = 0;
+        if (getspnam_r(pw->pw_name, &spw, buffer, sizeof(buffer), &result) != 0
+         || !result /* no error, but no record found either */
+         || strcmp(result->sp_namp, pw->pw_name) != 0 /* paranoia */
+        ) {
+            if (errno != ENOENT) {
+                /* LOGMODE_BOTH */
+                bb_perror_msg("no record of %s in %s, using %s",
+                    name, bb_path_shadow_file,
+                    bb_path_passwd_file);
+            }
+            /* else: /etc/shadow does not exist,
+             * apparently we are on a shadow-less system,
+             * no surprise there */
+        } else {
+            pw->pw_passwd = result->sp_pwdp;
+        }
     }
 #endif
@@ -148 +155 @@
         if (myuid && !c) { /* passwd starts with '!' */
             /* LOGMODE_BOTH */
-            bb_error_msg_and_die("cannot change "
+            bb_error_msg_and_die("can't change "
                     "locked password for %s", name);
         }
@@ -162 +169 @@
     } else if (opt & OPT_unlock) {
         if (c) goto skip; /* not '!' */
-        /* pw->pw_passwd pints to static storage,
+        /* pw->pw_passwd points to static storage,
          * strdup'ing to avoid nasty surprizes */
         newp = xstrdup(&pw->pw_passwd[1]);
@@ -172 +179 @@
     rlimit_fsize.rlim_cur = rlimit_fsize.rlim_max = 512L * 30000;
     setrlimit(RLIMIT_FSIZE, &rlimit_fsize);
-    signal(SIGHUP, SIG_IGN);
-    signal(SIGINT, SIG_IGN);
-    signal(SIGQUIT, SIG_IGN);
+    bb_signals(0
+        + (1 << SIGHUP)
+        + (1 << SIGINT)
+        + (1 << SIGQUIT)
+        , SIG_IGN);
     umask(077);
     xsetuid(0);
@@ -180 +189 @@
 #if ENABLE_FEATURE_SHADOWPASSWDS
     filename = bb_path_shadow_file;
-    rc = update_passwd(bb_path_shadow_file, name, newp);
+    rc = update_passwd(bb_path_shadow_file, name, newp, NULL);
     if (rc == 0) /* no lines updated, no errors detected */
 #endif
     {
         filename = bb_path_passwd_file;
-        rc = update_passwd(bb_path_passwd_file, name, newp);
+        rc = update_passwd(bb_path_passwd_file, name, newp, NULL);
     }
     /* LOGMODE_BOTH */
     if (rc < 0)
-        bb_error_msg_and_die("cannot update password file %s",
+        bb_error_msg_and_die("can't update password file %s",
                 filename);
     bb_info_msg("Password for %s changed by %s", name, myname);