svn commit: r285137 - head/usr.sbin/pw

Baptiste Daroussin bapt at FreeBSD.org
Sat Jul 4 15:57:01 UTC 2015 

Author: bapt
Date: Sat Jul  4 15:56:59 2015
New Revision: 285137
URL: https://svnweb.freebsd.org/changeset/base/285137

Log:
  Fix validation of crypted password
  Small cleanups

Modified:
  head/usr.sbin/pw/pw_user.c

Modified: head/usr.sbin/pw/pw_user.c
==============================================================================
--- head/usr.sbin/pw/pw_user.c	Sat Jul  4 15:54:11 2015	(r285136)
+++ head/usr.sbin/pw/pw_user.c	Sat Jul  4 15:56:59 2015	(r285137)
@@ -87,7 +87,7 @@ create_and_populate_homedir(int mode, st
 }
 
 static int
-set_passwd(struct passwd *pwd, struct carg *arg, bool update)
+set_passwd(struct passwd *pwd, bool update)
 {
 	int		 b, istty;
 	struct termios	 t, n;
@@ -107,6 +107,7 @@ set_passwd(struct passwd *pwd, struct ca
 		if (tcgetattr(conf.fd, &t) == -1)
 			istty = 0;
 		else {
+			n = t;
 			n.c_lflag &= ~(ECHO);
 			tcsetattr(conf.fd, TCSANOW, &n);
 			printf("%s%spassword for user %s:",
@@ -134,7 +135,7 @@ set_passwd(struct passwd *pwd, struct ca
 		    conf.fd);
 	if (conf.precrypted) {
 		if (strchr(line, ':') != NULL)
-			return EX_DATAERR;
+			errx(EX_DATAERR, "bad encrypted password");
 		pwd->pw_passwd = line;
 	} else {
 		lc = login_getpwclass(pwd);
@@ -531,8 +532,7 @@ pw_user(int mode, char *name, long id, s
 				warnx("WARNING: home `%s' is not a directory", pwd->pw_dir);
 		}
 
-		if ((arg = getarg(args, 'w')) != NULL &&
-		    getarg(args, 'h') == NULL && getarg(args, 'H') == NULL) {
+		if ((arg = getarg(args, 'w')) != NULL && conf.fd == -1) {
 			login_cap_t *lc;
 
 			lc = login_getpwclass(pwd);
@@ -591,7 +591,7 @@ pw_user(int mode, char *name, long id, s
 	}
 
 	if (conf.fd != -1)
-		edited = set_passwd(pwd, arg, mode == M_UPDATE);
+		edited = set_passwd(pwd, mode == M_UPDATE);
 
 	/*
 	 * Special case: -N only displays & exits
@@ -1004,8 +1004,7 @@ pw_password(struct userconf * cnf, struc
 		/*
 		 * We give this information back to the user
 		 */
-		if (getarg(args, 'h') == NULL && getarg(args, 'H') == NULL &&
-		    !conf.dryrun) {
+		if (conf.fd == -1 && !conf.dryrun) {
 			if (isatty(STDOUT_FILENO))
 				printf("Password for '%s' is: ", user);
 			printf("%s\n", pwbuf);

More information about the svn-src-all mailing list