diff options
author | Sheldon Hearn <sheldonh@FreeBSD.org> | 2000-04-12 08:49:14 +0000 |
---|---|---|
committer | Sheldon Hearn <sheldonh@FreeBSD.org> | 2000-04-12 08:49:14 +0000 |
commit | c172c8e3f17a4a35760ec236373c0b06dbcd86bd (patch) | |
tree | 7231db65352e1aca8bd97802f6ff862c156e2663 | |
parent | 7826221ab51f71e647a6489ef515a71c0464346d (diff) | |
download | pw-darwin-c172c8e3f17a4a35760ec236373c0b06dbcd86bd.tar.gz pw-darwin-c172c8e3f17a4a35760ec236373c0b06dbcd86bd.tar.zst pw-darwin-c172c8e3f17a4a35760ec236373c0b06dbcd86bd.zip |
Use an MD5 checksum to test for file changes; the previous method
of using file mtimes could result in chpasss(1) erroneously
detecting that no changes were made for non-interactive edits.
PR: 4238
Reported by: Jens Schweikhardt <schweikh@noc.dfn.de>
Submitted by: Daniel Hagan <dhagan@cs.vt.edu>
-rw-r--r-- | chpass/Makefile | 4 | ||||
-rw-r--r-- | chpass/edit.c | 9 |
2 files changed, 10 insertions, 3 deletions
diff --git a/chpass/Makefile b/chpass/Makefile index 6e26143..7966608 100644 --- a/chpass/Makefile +++ b/chpass/Makefile @@ -27,8 +27,8 @@ COPTS+= -DYP -I. -I${.CURDIR}/../../libexec/ypxfr \ #Some people need this, uncomment to activate #COPTS+= -DRESTRICT_FULLNAME_CHANGE -DPADD= ${LIBRPCSVC} ${LIBCRYPT} -LDADD+= -lrpcsvc -lcrypt +DPADD= ${LIBRPCSVC} ${LIBCRYPT} ${LIBMD} +LDADD+= -lrpcsvc -lcrypt -lmd CLEANFILES= ${GENSRCS} diff --git a/chpass/edit.c b/chpass/edit.c index a8c5cc2..6311d57 100644 --- a/chpass/edit.c +++ b/chpass/edit.c @@ -43,6 +43,7 @@ static const char sccsid[] = "@(#)edit.c 8.3 (Berkeley) 4/2/94"; #include <ctype.h> #include <err.h> #include <errno.h> +#include <md5.h> #include <paths.h> #include <pwd.h> #include <stdio.h> @@ -65,17 +66,23 @@ edit(pw) struct passwd *pw; { struct stat begin, end; + char *begin_sum, *end_sum; for (;;) { if (stat(tempname, &begin)) pw_error(tempname, 1, 1); + begin_sum = MD5File(tempname, (char *)NULL); pw_edit(1); if (stat(tempname, &end)) pw_error(tempname, 1, 1); - if (begin.st_mtime == end.st_mtime) { + end_sum = MD5File(tempname, (char *)NULL); + if ((begin.st_mtime == end.st_mtime) && + (strcmp(begin_sum, end_sum) == 0)) { warnx("no changes made"); pw_error(NULL, 0, 0); } + free(begin_sum); + free(end_sum); if (verify(pw)) break; pw_prompt(); |