diff options
| author |   Baptiste Daroussin <bapt@FreeBSD.org> | 2015-07-04 15:54:11 +0000 |
|---|---|---|
| committer | Baptiste Daroussin <bapt@FreeBSD.org> | 2015-07-04 15:54:11 +0000 |
| commit | 22459ad19cf17f091a68a940631fde489c3470f8 (patch) | |
| tree | 5f0c57d9b5cf1b723ed1ca22adca543317c63bc7 /pw/pw_group.c | |
| parent | a723ebdc0a4d074c12bedca8c7d483a13105c295 (diff) | |
| download | pw-darwin-22459ad19cf17f091a68a940631fde489c3470f8.tar.gz pw-darwin-22459ad19cf17f091a68a940631fde489c3470f8.tar.zst pw-darwin-22459ad19cf17f091a68a940631fde489c3470f8.zip | |
Also validate inputs of pw groupmod -h and groupmod -H
Diffstat (limited to 'pw/pw_group.c')
| -rw-r--r-- | pw/pw_group.c | 92 |
1 files changed, 46 insertions, 46 deletions
diff --git a/pw/pw_group.c b/pw/pw_group.c index b9cce0d..2a90ff2 100644 --- a/pw/pw_group.c +++ b/pw/pw_group.c @@ -47,6 +47,50 @@ static void delete_members(char ***members, int *grmembers, int *i, static int print_group(struct group * grp); static gid_t gr_gidpolicy(struct userconf * cnf, long id); +static void +set_passwd(struct group *grp, bool update) +{ + int b; + int istty; + struct termios t, n; + char *p, line[256]; + + if (conf.fd == '-') { + grp->gr_passwd = "*"; /* No access */ + return; + } + + if ((istty = isatty(conf.fd))) { + n = t; + /* Disable echo */ + n.c_lflag &= ~(ECHO); + tcsetattr(conf.fd, TCSANOW, &n); + printf("%sassword for group %s:", update ? "New p" : "P", + grp->gr_name); + fflush(stdout); + } + b = read(conf.fd, line, sizeof(line) - 1); + if (istty) { /* Restore state */ + tcsetattr(conf.fd, TCSANOW, &t); + fputc('\n', stdout); + fflush(stdout); + } + if (b < 0) + err(EX_OSERR, "-h file descriptor"); + line[b] = '\0'; + if ((p = strpbrk(line, " \t\r\n")) != NULL) + *p = '\0'; + if (!*line) + errx(EX_DATAERR, "empty password read on file descriptor %d", + conf.fd); + if (conf.precrypted) { + if (strchr(line, ':') != 0) + errx(EX_DATAERR, "wrong encrypted passwrd"); + grp->gr_passwd = line; + } else + grp->gr_passwd = pw_pwcrypt(line); +} + int pw_group(int mode, char *name, long id, struct cargs * args) { @@ -156,52 +200,8 @@ pw_group(int mode, char *name, long id, struct cargs * args) * software. */ - if ((arg = getarg(args, 'h')) != NULL || - (arg = getarg(args, 'H')) != NULL) { - if (strcmp(arg->val, "-") == 0) - grp->gr_passwd = "*"; /* No access */ - else { - int fd = atoi(arg->val); - int precrypt = (arg->ch == 'H'); - int b; - int istty = isatty(fd); - struct termios t; - char *p, line[256]; - - if (istty) { - if (tcgetattr(fd, &t) == -1) - istty = 0; - else { - struct termios n = t; - - /* Disable echo */ - n.c_lflag &= ~(ECHO); - tcsetattr(fd, TCSANOW, &n); - printf("%sassword for group %s:", (mode == M_UPDATE) ? "New p" : "P", grp->gr_name); - fflush(stdout); - } - } - b = read(fd, line, sizeof(line) - 1); - if (istty) { /* Restore state */ - tcsetattr(fd, TCSANOW, &t); - fputc('\n', stdout); - fflush(stdout); - } - if (b < 0) - err(EX_OSERR, "-h file descriptor"); - line[b] = '\0'; - if ((p = strpbrk(line, " \t\r\n")) != NULL) - *p = '\0'; - if (!*line) - errx(EX_DATAERR, "empty password read on file descriptor %d", fd); - if (precrypt) { - if (strchr(line, ':') != NULL) - return EX_DATAERR; - grp->gr_passwd = line; - } else - grp->gr_passwd = pw_pwcrypt(line); - } - } + if (conf.fd != -1) + set_passwd(grp, mode == M_UPDATE); if (((arg = getarg(args, 'M')) != NULL || (arg = getarg(args, 'd')) != NULL || |