diff options
author | green <green@FreeBSD.org> | 2000-08-22 02:15:54 +0000 |
---|---|---|
committer | green <green@FreeBSD.org> | 2000-08-22 02:15:54 +0000 |
commit | 67c40ef892e23a375a1eeec51d343ef6be31f5d8 (patch) | |
tree | 7fd6719b0a54565971e388646c8ae7f62b08674b /usr.sbin/pw | |
parent | 219e29595a8d293c1e81f0136a866f25a69d648e (diff) | |
download | FreeBSD-src-67c40ef892e23a375a1eeec51d343ef6be31f5d8.zip FreeBSD-src-67c40ef892e23a375a1eeec51d343ef6be31f5d8.tar.gz |
Add working and easy crypt(3)-switching. Yes, we need a whole new API
for crypt(3) by now. In any case:
Add crypt_set_format(3) + documentation to -lcrypt.
Add login_setcryptfmt(3) + documentation to -lutil.
Support for switching crypt formats in passwd(8).
Support for switching crypt formats in pw(8).
The simple synopsis is:
edit login.conf; add a passwd_format field set to "des" or "md5"; go nuts :)
Reviewed by: peter
Diffstat (limited to 'usr.sbin/pw')
-rw-r--r-- | usr.sbin/pw/Makefile | 4 | ||||
-rw-r--r-- | usr.sbin/pw/pw_user.c | 21 |
2 files changed, 22 insertions, 3 deletions
diff --git a/usr.sbin/pw/Makefile b/usr.sbin/pw/Makefile index bee05cc..bb82d3a 100644 --- a/usr.sbin/pw/Makefile +++ b/usr.sbin/pw/Makefile @@ -11,8 +11,8 @@ MAN8= pw.8 #RND= -DUSE_MD5RAND CFLAGS+= -W -Wall $(CDB) $(RND) -LDADD= -lcrypt -DPADD= ${LIBCRYPT} +LDADD= -lcrypt -lutil +DPADD= ${LIBCRYPT} ${LIBUTIL} BINMODE=0555 diff --git a/usr.sbin/pw/pw_user.c b/usr.sbin/pw/pw_user.c index 2c491fd..c4e66b4 100644 --- a/usr.sbin/pw/pw_user.c +++ b/usr.sbin/pw/pw_user.c @@ -42,6 +42,7 @@ static const char rcsid[] = #include <sys/resource.h> #include <unistd.h> #include <utmp.h> +#include <login_cap.h> #if defined(USE_MD5RAND) #include <md5.h> #endif @@ -544,11 +545,19 @@ pw_user(struct userconf * cnf, int mode, struct cargs * args) } if ((arg = getarg(args, 'w')) != NULL && getarg(args, 'h') == NULL) { + login_cap_t *lc; + + lc = login_getpwclass(pwd); + if (lc == NULL || + login_setcryptfmt(lc, "md5", NULL) == NULL) + warn("setting crypt(3) format"); + login_close(lc); pwd->pw_passwd = pw_password(cnf, args, pwd->pw_name); edited = 1; } } else { + login_cap_t *lc; /* * Add code @@ -565,13 +574,17 @@ pw_user(struct userconf * cnf, int mode, struct cargs * args) pwd = &fakeuser; pwd->pw_name = a_name->val; pwd->pw_class = cnf->default_class ? cnf->default_class : ""; - pwd->pw_passwd = pw_password(cnf, args, pwd->pw_name); pwd->pw_uid = pw_uidpolicy(cnf, args); pwd->pw_gid = pw_gidpolicy(cnf, args, pwd->pw_name, (gid_t) pwd->pw_uid); pwd->pw_change = pw_pwdpolicy(cnf, args); pwd->pw_expire = pw_exppolicy(cnf, args); pwd->pw_dir = pw_homepolicy(cnf, args, pwd->pw_name); pwd->pw_shell = pw_shellpolicy(cnf, args, NULL); + lc = login_getpwclass(pwd); + if (lc == NULL || login_setcryptfmt(lc, "md5", NULL) == NULL) + warn("setting crypt(3) format"); + login_close(lc); + pwd->pw_passwd = pw_password(cnf, args, pwd->pw_name); edited = 1; if (pwd->pw_uid == 0 && strcmp(pwd->pw_name, "root") != 0) @@ -600,6 +613,7 @@ pw_user(struct userconf * cnf, int mode, struct cargs * args) int b; int istty = isatty(fd); struct termios t; + login_cap_t *lc; if (istty) { if (tcgetattr(fd, &t) == -1) @@ -629,6 +643,11 @@ pw_user(struct userconf * cnf, int mode, struct cargs * args) *p = '\0'; if (!*line) errx(EX_DATAERR, "empty password read on file descriptor %d", fd); + lc = login_getpwclass(pwd); + if (lc == NULL || + login_setcryptfmt(lc, "md5", NULL) == NULL) + warn("setting crypt(3) format"); + login_close(lc); pwd->pw_passwd = pw_pwcrypt(line); edited = 1; } |