Revert the definitions of _PW_KEY* to their previous values. There is

at least one consumer outside of libc and pwd_mkdb.
Adjust the versioning in libc and pwd_mkdb accordingly.

named was the application affected, and that fact was first
Reported by:	Zherdev Anatoly <tolyar@mx.ru>

Sponsored by:	DARPA, Network Associates Laboratories

3 files changed, 54 insertions, 29 deletions

diff --git a/include/pwd.h b/include/pwd.h
index cda449a..e045f18 100644
--- a/include/pwd.h
+++ b/include/pwd.h
@@ -78,17 +78,36 @@ typedef __size_t	size_t;
 
 #define	_PATH_PWD_MKDB		"/usr/sbin/pwd_mkdb"
 
-#define _PWD_VERSION_KEY	"\xFF" "VERSION"
-#define _PWD_CURRENT_VERSION	'\x04'
+/* Historically, the keys in _PATH_MP_DB/_PATH_SMP_DB had the format
+ * `1 octet tag | key', where the tag is one of the _PW_KEY* values
+ * listed below.  These values happen to be ASCII digits.  Starting
+ * with FreeBSD 5.1, the tag is now still a single octet, but the
+ * upper 4 bits are interpreted as a version.  Pre-FreeBSD 5.1 format
+ * entries are version `3' -- this conveniently results in the same
+ * key values as before.  The new, architecture-independent entries
+ * are version `4'.
+ * As it happens, some applications read the database directly.
+ * (Bad app, no cookie!)  Thus, we leave the _PW_KEY* symbols at their
+ * old pre-FreeBSD 5.1 values so these apps still work.  Consequently
+ * we have to do muck around a bit more to get the correct, versioned
+ * tag, and that is what the _PW_VERSIONED macros is about.
+ */
 
 #define _PW_VERSION_MASK	'0xF0'
-#define _PW_VERSION(x)		((unsigned char)((x)<<4))
+#define _PW_VERSIONED(x, v)	((unsigned char)(((x) & 0xCF) | ((v)<<4)))
+
+#define	_PW_KEYBYNAME		'\x31'	/* stored by name */
+#define	_PW_KEYBYNUM		'\x32'	/* stored by entry in the "file" */
+#define	_PW_KEYBYUID		'\x33'	/* stored by uid */
+#define _PW_KEYYPENABLED	'\x34'	/* YP is enabled */
+#define	_PW_KEYYPBYNUM		'\x35'	/* special +@netgroup entries */
 
-#define	_PW_KEYBYNAME		'\x01'	/* stored by name */
-#define	_PW_KEYBYNUM		'\x02'	/* stored by entry in the "file" */
-#define	_PW_KEYBYUID		'\x03'	/* stored by uid */
-#define _PW_KEYYPENABLED	'\x04'	/* YP is enabled */
-#define	_PW_KEYYPBYNUM		'\x05'	/* special +@netgroup entries */
+/* The database also contains a key to indicate the format version of
+ * the entries therein.  There may be other, older versioned entries
+ * as well.
+ */
+#define _PWD_VERSION_KEY	"\xFF" "VERSION"
+#define _PWD_CURRENT_VERSION	'\x04'
 
 #define	_PASSWORD_EFMT1		'_'	/* extended encryption format */
 
diff --git a/lib/libc/gen/getpwent.c b/lib/libc/gen/getpwent.c
index 15f67df..eb1825f 100644
--- a/lib/libc/gen/getpwent.c
+++ b/lib/libc/gen/getpwent.c
@@ -593,7 +593,7 @@ files_passwd(void *retval, void *mdata, va_list ap)
 			}
 			break;
 		}
-		keybuf[0] |= _PW_VERSION(st->version);
+		keybuf[0] = _PW_VERSIONED(keybuf[0], st->version);
 		rv = st->db->get(st->db, &key, &entry, 0);
 		if (rv < 0 || rv > 1) { /* should never return > 1 */
 			*errnop = errno;
@@ -1500,7 +1500,7 @@ docompat:
 			memcpy(&keybuf[1], &store, sizeof(store));
 			key.size = sizeof(store) + 1;
 		}
-		keybuf[0] = _PW_KEYBYNUM | _PW_VERSION(st->version);
+		keybuf[0] = _PW_VERSIONED(_PW_KEYBYNUM, st->version);
 		rv = st->db->get(st->db, &key, &entry, 0);
 		if (rv < 0 || rv > 1) { /* should never return > 1 */
 			*errnop = errno;
diff --git a/usr.sbin/pwd_mkdb/pwd_mkdb.c b/usr.sbin/pwd_mkdb/pwd_mkdb.c
index 47f9ef6..c019f8d 100644
--- a/usr.sbin/pwd_mkdb/pwd_mkdb.c
+++ b/usr.sbin/pwd_mkdb/pwd_mkdb.c
@@ -67,8 +67,8 @@ static const char rcsid[] =
 #define	SECURE		2
 #define	PERM_INSECURE	(S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH)
 #define	PERM_SECURE	(S_IRUSR|S_IWUSR)
-#define LEGACY_VERSION	_PW_VERSION(3)
-#define CURRENT_VERSION	_PW_VERSION(4)
+#define LEGACY_VERSION(x)  _PW_VERSIONED(x, 3)
+#define CURRENT_VERSION(x) _PW_VERSIONED(x, 4)
 
 HASHINFO openinfo = {
 	4096,		/* bsize */
@@ -229,7 +229,7 @@ main(int argc, char *argv[])
 		pw_db = dbopen(_PATH_MP_DB, O_RDONLY, 0, DB_HASH, NULL);
 		if (!pw_db)
 			error(_MP_DB);
-		buf[0] = _PW_KEYBYNAME | CURRENT_VERSION;
+		buf[0] = CURRENT_VERSION(_PW_KEYBYNAME);
 		len = strlen(username);
 
 		/* Only check that username fits in buffer */
@@ -245,7 +245,7 @@ main(int argc, char *argv[])
 			while (*p++)
 				;
 
-			buf[0] = _PW_KEYBYUID | CURRENT_VERSION;
+			buf[0] = CURRENT_VERSION(_PW_KEYBYUID);
 			memmove(buf + 1, p, sizeof(int));
 			key.data = (u_char *)buf;
 			key.size = sizeof(int) + 1;
@@ -372,7 +372,7 @@ main(int argc, char *argv[])
 			sdata.size = p - sbuf;
 
 			/* Store insecure by name. */
-			tbuf[0] = _PW_KEYBYNAME | CURRENT_VERSION;
+			tbuf[0] = CURRENT_VERSION(_PW_KEYBYNAME);
 			len = strlen(pwd.pw_name);
 			memmove(tbuf + 1, pwd.pw_name, len);
 			key.size = len + 1;
@@ -380,7 +380,7 @@ main(int argc, char *argv[])
 				error("put");
 
 			/* Store insecure by number. */
-			tbuf[0] = _PW_KEYBYNUM | CURRENT_VERSION;
+			tbuf[0] = CURRENT_VERSION(_PW_KEYBYNUM);
 			store = htonl(cnt);
 			memmove(tbuf + 1, &store, sizeof(store));
 			key.size = sizeof(store) + 1;
@@ -388,7 +388,7 @@ main(int argc, char *argv[])
 				error("put");
 
 			/* Store insecure by uid. */
-			tbuf[0] = _PW_KEYBYUID | CURRENT_VERSION;
+			tbuf[0] = CURRENT_VERSION(_PW_KEYBYUID);
 			store = htonl(pwd.pw_uid);
 			memmove(tbuf + 1, &store, sizeof(store));
 			key.size = sizeof(store) + 1;
@@ -396,7 +396,7 @@ main(int argc, char *argv[])
 				error("put");
 
 			/* Store secure by name. */
-			tbuf[0] = _PW_KEYBYNAME | CURRENT_VERSION;
+			tbuf[0] = CURRENT_VERSION(_PW_KEYBYNAME);
 			len = strlen(pwd.pw_name);
 			memmove(tbuf + 1, pwd.pw_name, len);
 			key.size = len + 1;
@@ -404,7 +404,7 @@ main(int argc, char *argv[])
 				error("put");
 
 			/* Store secure by number. */
-			tbuf[0] = _PW_KEYBYNUM | CURRENT_VERSION;
+			tbuf[0] = CURRENT_VERSION(_PW_KEYBYNUM);
 			store = htonl(cnt);
 			memmove(tbuf + 1, &store, sizeof(store));
 			key.size = sizeof(store) + 1;
@@ -412,7 +412,7 @@ main(int argc, char *argv[])
 				error("put");
 
 			/* Store secure by uid. */
-			tbuf[0] = _PW_KEYBYUID | CURRENT_VERSION;
+			tbuf[0] = CURRENT_VERSION(_PW_KEYBYUID);
 			store = htonl(pwd.pw_uid);
 			memmove(tbuf + 1, &store, sizeof(store));
 			key.size = sizeof(store) + 1;
@@ -421,7 +421,7 @@ main(int argc, char *argv[])
 
 			/* Store insecure and secure special plus and special minus */
 			if (pwd.pw_name[0] == '+' || pwd.pw_name[0] == '-') {
-				tbuf[0] = _PW_KEYYPBYNUM | CURRENT_VERSION;
+				tbuf[0] = CURRENT_VERSION(_PW_KEYYPBYNUM);
 				store = htonl(ypcnt);
 				memmove(tbuf + 1, &store, sizeof(store));
 				ypcnt++;
@@ -473,7 +473,7 @@ main(int argc, char *argv[])
 			sdata.size = p - sbuf;
 
 			/* Store insecure by name. */
-			tbuf[0] = _PW_KEYBYNAME | LEGACY_VERSION;
+			tbuf[0] = LEGACY_VERSION(_PW_KEYBYNAME);
 			len = strlen(pwd.pw_name);
 			memmove(tbuf + 1, pwd.pw_name, len);
 			key.size = len + 1;
@@ -481,21 +481,21 @@ main(int argc, char *argv[])
 				error("put");
 
 			/* Store insecure by number. */
-			tbuf[0] = _PW_KEYBYNUM | LEGACY_VERSION;
+			tbuf[0] = LEGACY_VERSION(_PW_KEYBYNUM);
 			memmove(tbuf + 1, &cnt, sizeof(cnt));
 			key.size = sizeof(cnt) + 1;
 			if ((dp->put)(dp, &key, &data, method) == -1)
 				error("put");
 
 			/* Store insecure by uid. */
-			tbuf[0] = _PW_KEYBYUID | LEGACY_VERSION;
+			tbuf[0] = LEGACY_VERSION(_PW_KEYBYUID);
 			memmove(tbuf + 1, &pwd.pw_uid, sizeof(pwd.pw_uid));
 			key.size = sizeof(pwd.pw_uid) + 1;
 			if ((dp->put)(dp, &key, &data, methoduid) == -1)
 				error("put");
 
 			/* Store secure by name. */
-			tbuf[0] = _PW_KEYBYNAME | LEGACY_VERSION;
+			tbuf[0] = LEGACY_VERSION(_PW_KEYBYNAME);
 			len = strlen(pwd.pw_name);
 			memmove(tbuf + 1, pwd.pw_name, len);
 			key.size = len + 1;
@@ -503,14 +503,14 @@ main(int argc, char *argv[])
 				error("put");
 
 			/* Store secure by number. */
-			tbuf[0] = _PW_KEYBYNUM | LEGACY_VERSION;
+			tbuf[0] = LEGACY_VERSION(_PW_KEYBYNUM);
 			memmove(tbuf + 1, &cnt, sizeof(cnt));
 			key.size = sizeof(cnt) + 1;
 			if ((sdp->put)(sdp, &key, &sdata, method) == -1)
 				error("put");
 
 			/* Store secure by uid. */
-			tbuf[0] = _PW_KEYBYUID | LEGACY_VERSION;
+			tbuf[0] = LEGACY_VERSION(_PW_KEYBYUID);
 			memmove(tbuf + 1, &pwd.pw_uid, sizeof(pwd.pw_uid));
 			key.size = sizeof(pwd.pw_uid) + 1;
 			if ((sdp->put)(sdp, &key, &sdata, methoduid) == -1)
@@ -518,7 +518,7 @@ main(int argc, char *argv[])
 
 			/* Store insecure and secure special plus and special minus */
 			if (pwd.pw_name[0] == '+' || pwd.pw_name[0] == '-') {
-				tbuf[0] = _PW_KEYYPBYNUM | LEGACY_VERSION;
+				tbuf[0] = LEGACY_VERSION(_PW_KEYYPBYNUM);
 				memmove(tbuf + 1, &ypcnt, sizeof(cnt));
 				ypcnt++;
 				key.size = sizeof(cnt) + 1;
@@ -550,7 +550,13 @@ main(int argc, char *argv[])
 	if (yp_enabled) {
 		buf[0] = yp_enabled + 2;
 		data.size = 1;
-		tbuf[0] = _PW_KEYYPENABLED | LEGACY_VERSION;
+		key.size = 1;
+		tbuf[0] = CURRENT_VERSION(_PW_KEYYPENABLED);
+		if ((dp->put)(dp, &key, &data, method) == -1)
+			error("put");
+		if ((sdp->put)(sdp, &key, &data, method) == -1)
+			error("put");
+		tbuf[0] = LEGACY_VERSION(_PW_KEYYPENABLED);
 		key.size = 1;
 		if ((dp->put)(dp, &key, &data, method) == -1)
 			error("put");