Ignore:
Timestamp:
Jan 1, 2014, 12:47:38 AM (7 years ago)
Author:
Bruno Cornec
Message:
  • Update mindi-busybox to 1.21.1
File:
1 edited

Legend:

Unmodified
Added
Removed
  • branches/3.2/mindi-busybox/loginutils/passwd.c

    r2725 r3232  
    33 * Licensed under GPLv2 or later, see file LICENSE in this source tree.
    44 */
     5
     6//usage:#define passwd_trivial_usage
     7//usage:       "[OPTIONS] [USER]"
     8//usage:#define passwd_full_usage "\n\n"
     9//usage:       "Change USER's password (default: current user)"
     10//usage:     "\n"
     11//usage:     "\n    -a ALG  Encryption method"
     12//usage:     "\n    -d  Set password to ''"
     13//usage:     "\n    -l  Lock (disable) account"
     14//usage:     "\n    -u  Unlock (enable) account"
     15
    516#include "libbb.h"
    617#include <syslog.h>
     18#include <sys/resource.h> /* setrlimit */
    719
    820static void nuke_str(char *str)
     
    1123}
    1224
    13 static char* new_password(const struct passwd *pw, uid_t myuid, int algo)
     25static char* new_password(const struct passwd *pw, uid_t myuid, const char *algo)
    1426{
    15     char salt[sizeof("$N$XXXXXXXX")]; /* "$N$XXXXXXXX" or "XX" */
     27    char salt[MAX_PW_SALT_LEN];
    1628    char *orig = (char*)"";
    1729    char *newp = NULL;
     
    1931    char *ret = NULL; /* failure so far */
    2032
    21     if (myuid && pw->pw_passwd[0]) {
     33    if (myuid != 0 && pw->pw_passwd[0]) {
    2234        char *encrypted;
    2335
     
    2739        encrypted = pw_encrypt(orig, pw->pw_passwd, 1); /* returns malloced str */
    2840        if (strcmp(encrypted, pw->pw_passwd) != 0) {
    29             syslog(LOG_WARNING, "incorrect password for %s",
    30                 pw->pw_name);
    31             bb_do_delay(FAIL_DELAY);
     41            syslog(LOG_WARNING, "incorrect password for %s", pw->pw_name);
     42            bb_do_delay(LOGIN_FAIL_DELAY);
    3243            puts("Incorrect password");
    3344            goto err_ret;
    3445        }
    35         if (ENABLE_FEATURE_CLEAN_UP) free(encrypted);
     46        if (ENABLE_FEATURE_CLEAN_UP)
     47            free(encrypted);
    3648    }
    3749    orig = xstrdup(orig); /* or else bb_ask_stdin() will destroy it */
     
    4153    newp = xstrdup(newp); /* we are going to bb_ask_stdin() again, so save it */
    4254    if (ENABLE_FEATURE_PASSWD_WEAK_CHECK
    43      && obscure(orig, newp, pw) && myuid)
     55     && obscure(orig, newp, pw)
     56     && myuid != 0
     57    ) {
    4458        goto err_ret; /* non-root is not allowed to have weak passwd */
     59    }
    4560
    4661    cp = bb_ask_stdin("Retype password: ");
    4762    if (!cp)
    4863        goto err_ret;
    49     if (strcmp(cp, newp)) {
     64    if (strcmp(cp, newp) != 0) {
    5065        puts("Passwords don't match");
    5166        goto err_ret;
    5267    }
    5368
    54     crypt_make_salt(salt, 1, 0); /* des */
    55     if (algo) { /* MD5 */
    56         strcpy(salt, "$1$");
    57         crypt_make_salt(salt + 3, 4, 0);
    58     }
     69    crypt_make_pw_salt(salt, algo);
     70
    5971    /* pw_encrypt returns malloced str */
    6072    ret = pw_encrypt(newp, salt, 1);
     
    6476    nuke_str(orig);
    6577    if (ENABLE_FEATURE_CLEAN_UP) free(orig);
     78
    6679    nuke_str(newp);
    6780    if (ENABLE_FEATURE_CLEAN_UP) free(newp);
     81
    6882    nuke_str(cp);
    6983    return ret;
     
    7488{
    7589    enum {
    76         OPT_algo = 0x1, /* -a - password algorithm */
    77         OPT_lock = 0x2, /* -l - lock account */
    78         OPT_unlock = 0x4, /* -u - unlock account */
    79         OPT_delete = 0x8, /* -d - delete password */
    80         OPT_lud = 0xe,
    81         STATE_ALGO_md5 = 0x10,
    82         //STATE_ALGO_des = 0x20, not needed yet
     90        OPT_algo   = (1 << 0), /* -a - password algorithm */
     91        OPT_lock   = (1 << 1), /* -l - lock account */
     92        OPT_unlock = (1 << 2), /* -u - unlock account */
     93        OPT_delete = (1 << 3), /* -d - delete password */
     94        OPT_lud    = OPT_lock | OPT_unlock | OPT_delete,
    8395    };
    8496    unsigned opt;
    8597    int rc;
    86     const char *opt_a = "";
     98    const char *opt_a = CONFIG_FEATURE_DEFAULT_PASSWD_ALGO;
    8799    const char *filename;
    88100    char *myname;
     
    105117    argv += optind;
    106118
    107     if (strcasecmp(opt_a, "des") != 0) /* -a */
    108         opt |= STATE_ALGO_md5;
    109     //else
    110     //  opt |= STATE_ALGO_des;
    111119    myuid = getuid();
    112120    /* -l, -u, -d require root priv and username argument */
    113     if ((opt & OPT_lud) && (myuid || !argv[0]))
     121    if ((opt & OPT_lud) && (myuid != 0 || !argv[0]))
    114122        bb_show_usage();
    115123
     
    119127
    120128    pw = xgetpwnam(name);
    121     if (myuid && pw->pw_uid != myuid) {
     129    if (myuid != 0 && pw->pw_uid != myuid) {
    122130        /* LOGMODE_BOTH */
    123131        bb_error_msg_and_die("%s can't change password for %s", myname, name);
     
    153161    c = pw->pw_passwd[0] - '!';
    154162    if (!(opt & OPT_lud)) {
    155         if (myuid && !c) { /* passwd starts with '!' */
     163        if (myuid != 0 && !c) { /* passwd starts with '!' */
    156164            /* LOGMODE_BOTH */
    157165            bb_error_msg_and_die("can't change "
     
    159167        }
    160168        printf("Changing password for %s\n", name);
    161         newp = new_password(pw, myuid, opt & STATE_ALGO_md5);
     169        newp = new_password(pw, myuid, opt_a);
    162170        if (!newp) {
    163171            logmode = LOGMODE_STDIO;
     
    165173        }
    166174    } else if (opt & OPT_lock) {
    167         if (!c) goto skip; /* passwd starts with '!' */
     175        if (!c)
     176            goto skip; /* passwd starts with '!' */
    168177        newp = xasprintf("!%s", pw->pw_passwd);
    169178    } else if (opt & OPT_unlock) {
    170         if (c) goto skip; /* not '!' */
     179        if (c)
     180            goto skip; /* not '!' */
    171181        /* pw->pw_passwd points to static storage,
    172182         * strdup'ing to avoid nasty surprizes */
    173183        newp = xstrdup(&pw->pw_passwd[1]);
    174184    } else if (opt & OPT_delete) {
    175         //newp = xstrdup("");
    176185        newp = (char*)"";
    177186    }
     
    190199    filename = bb_path_shadow_file;
    191200    rc = update_passwd(bb_path_shadow_file, name, newp, NULL);
    192     if (rc == 0) /* no lines updated, no errors detected */
     201    if (rc > 0)
     202        /* password in /etc/shadow was updated */
     203        newp = (char*) "x";
     204    if (rc >= 0)
     205        /* 0 = /etc/shadow missing (not an error), >0 = passwd changed in /etc/shadow */
    193206#endif
    194207    {
     
    198211    /* LOGMODE_BOTH */
    199212    if (rc < 0)
    200         bb_error_msg_and_die("can't update password file %s",
    201                 filename);
     213        bb_error_msg_and_die("can't update password file %s", filename);
    202214    bb_info_msg("Password for %s changed by %s", name, myname);
    203215
    204     //if (ENABLE_FEATURE_CLEAN_UP) free(newp);
     216    /*if (ENABLE_FEATURE_CLEAN_UP) free(newp); - can't, it may be non-malloced */
    205217 skip:
    206218    if (!newp) {
     
    208220            name, (opt & OPT_unlock) ? "un" : "");
    209221    }
    210     if (ENABLE_FEATURE_CLEAN_UP) free(myname);
     222
     223    if (ENABLE_FEATURE_CLEAN_UP)
     224        free(myname);
    211225    return 0;
    212226}
Note: See TracChangeset for help on using the changeset viewer.