Fix bug introduced in rev 1.23:
authorDmitry Morozovsky <marck@FreeBSD.org>
Mon, 25 Sep 2006 15:06:24 +0000 (15:06 +0000)
committerDmitry Morozovsky <marck@FreeBSD.org>
Mon, 25 Sep 2006 15:06:24 +0000 (15:06 +0000)
pw_equal does not check crypted password field, so one cannot change
crypted password keeping other fields intact.

Approved by: des
MCF after: 3 days

chpass/chpass.c

index ad6b9850370dcedfbf0641ec894f3c155d3c2533..2504e68ec17d9803f7f0a0c48d613f120100d78a 100644 (file)
@@ -217,7 +217,12 @@ main(int argc, char *argv[])
                pw_fini();
                if (pw == NULL)
                        err(1, "edit()");
-               if (pw_equal(old_pw, pw))
+               /* 
+                * pw_equal does not check for crypted passwords, so we
+                * should do it explicitly
+                */
+               if (pw_equal(old_pw, pw) && 
+                   strcmp(old_pw->pw_passwd, pw->pw_passwd) == 0)
                        errx(0, "user information unchanged");
        }