diff options
| -rw-r--r-- | libutil/login_cap.c | 13 | ||||
| -rw-r--r-- | libutil/login_cap.h | 1 | ||||
| -rw-r--r-- | pw/Makefile | 4 | ||||
| -rw-r--r-- | pw/pw_user.c | 21 |
4 files changed, 36 insertions, 3 deletions
diff --git a/libutil/login_cap.c b/libutil/login_cap.c index b7528b9..7410380 100644 --- a/libutil/login_cap.c +++ b/libutil/login_cap.c @@ -798,3 +798,16 @@ login_getstyle(login_cap_t *lc, char *style, const char *auth) return lc->lc_style; } + +const char * +login_setcryptfmt(login_cap_t *lc, const char *def, const char *error) +{ + const char *cipher; + + cipher = login_getcapstr(lc, "passwd_format", def, NULL); + if (cipher == NULL) + return (error); + if (!crypt_set_format(cipher)) + return (error); + return (cipher); +} diff --git a/libutil/login_cap.h b/libutil/login_cap.h index f4b3825..1320278 100644 --- a/libutil/login_cap.h +++ b/libutil/login_cap.h @@ -110,6 +110,7 @@ rlim_t login_getcapnum __P((login_cap_t *, const char *, rlim_t, rlim_t)); rlim_t login_getcapsize __P((login_cap_t *, const char *, rlim_t, rlim_t)); char *login_getpath __P((login_cap_t *, const char *, char *)); int login_getcapbool __P((login_cap_t *, const char *, int)); +const char *login_setcryptfmt __P((login_cap_t *, const char *, const char *)); int setclasscontext __P((const char*, unsigned int)); int setusercontext __P((login_cap_t*, const struct passwd*, uid_t, unsigned int)); diff --git a/pw/Makefile b/pw/Makefile index bee05cc..bb82d3a 100644 --- a/pw/Makefile +++ b/pw/Makefile @@ -11,8 +11,8 @@ MAN8= pw.8 #RND= -DUSE_MD5RAND CFLAGS+= -W -Wall $(CDB) $(RND) -LDADD= -lcrypt -DPADD= ${LIBCRYPT} +LDADD= -lcrypt -lutil +DPADD= ${LIBCRYPT} ${LIBUTIL} BINMODE=0555 diff --git a/pw/pw_user.c b/pw/pw_user.c index 2c491fd..c4e66b4 100644 --- a/pw/pw_user.c +++ b/pw/pw_user.c @@ -42,6 +42,7 @@ static const char rcsid[] = #include <sys/resource.h> #include <unistd.h> #include <utmp.h> +#include <login_cap.h> #if defined(USE_MD5RAND) #include <md5.h> #endif @@ -544,11 +545,19 @@ pw_user(struct userconf * cnf, int mode, struct cargs * args) } if ((arg = getarg(args, 'w')) != NULL && getarg(args, 'h') == NULL) { + login_cap_t *lc; + + lc = login_getpwclass(pwd); + if (lc == NULL || + login_setcryptfmt(lc, "md5", NULL) == NULL) + warn("setting crypt(3) format"); + login_close(lc); pwd->pw_passwd = pw_password(cnf, args, pwd->pw_name); edited = 1; } } else { + login_cap_t *lc; /* * Add code @@ -565,13 +574,17 @@ pw_user(struct userconf * cnf, int mode, struct cargs * args) pwd = &fakeuser; pwd->pw_name = a_name->val; pwd->pw_class = cnf->default_class ? cnf->default_class : ""; - pwd->pw_passwd = pw_password(cnf, args, pwd->pw_name); pwd->pw_uid = pw_uidpolicy(cnf, args); pwd->pw_gid = pw_gidpolicy(cnf, args, pwd->pw_name, (gid_t) pwd->pw_uid); pwd->pw_change = pw_pwdpolicy(cnf, args); pwd->pw_expire = pw_exppolicy(cnf, args); pwd->pw_dir = pw_homepolicy(cnf, args, pwd->pw_name); pwd->pw_shell = pw_shellpolicy(cnf, args, NULL); + lc = login_getpwclass(pwd); + if (lc == NULL || login_setcryptfmt(lc, "md5", NULL) == NULL) + warn("setting crypt(3) format"); + login_close(lc); + pwd->pw_passwd = pw_password(cnf, args, pwd->pw_name); edited = 1; if (pwd->pw_uid == 0 && strcmp(pwd->pw_name, "root") != 0) @@ -600,6 +613,7 @@ pw_user(struct userconf * cnf, int mode, struct cargs * args) int b; int istty = isatty(fd); struct termios t; + login_cap_t *lc; if (istty) { if (tcgetattr(fd, &t) == -1) @@ -629,6 +643,11 @@ pw_user(struct userconf * cnf, int mode, struct cargs * args) *p = '\0'; if (!*line) errx(EX_DATAERR, "empty password read on file descriptor %d", fd); + lc = login_getpwclass(pwd); + if (lc == NULL || + login_setcryptfmt(lc, "md5", NULL) == NULL) + warn("setting crypt(3) format"); + login_close(lc); pwd->pw_passwd = pw_pwcrypt(line); edited = 1; } |