3 files changed, 22 insertions, 3 deletions

diff --git a/pw/pw.h b/pw/pw.h
index b389f12..05a51c2 100644
--- a/pw/pw.h
+++ b/pw/pw.h
@@ -93,6 +93,7 @@ int groupadd(struct userconf *, char *name, gid_t id, char *members, int fd,
 int nis_update(void);
 
 int boolean_val(char const * str, int dflt);
+int passwd_val(char const * str, int dflt);
 char const *boolean_str(int val);
 char *newstr(char const * p);
 
diff --git a/pw/pw_conf.c b/pw/pw_conf.c
index d30c80e..a3bd0bd 100644
--- a/pw/pw_conf.c
+++ b/pw/pw_conf.c
@@ -186,6 +186,22 @@ boolean_val(char const * str, int dflt)
 		for (i = 0; boolfalse[i]; i++)
 			if (strcmp(str, boolfalse[i]) == 0)
 				return 0;
+	}
+	return dflt;
+}
+
+int
+passwd_val(char const * str, int dflt)
+{
+	if ((str = unquote(str)) != NULL) {
+		int             i;
+
+		for (i = 0; booltrue[i]; i++)
+			if (strcmp(str, booltrue[i]) == 0)
+				return 1;
+		for (i = 0; boolfalse[i]; i++)
+			if (strcmp(str, boolfalse[i]) == 0)
+				return 0;
 
 		/*
 		 * Special cases for defaultpassword
@@ -194,6 +210,8 @@ boolean_val(char const * str, int dflt)
 			return -1;
 		if (strcmp(str, "none") == 0)
 			return -2;
+
+		errx(1, "Invalid value for default password");
 	}
 	return dflt;
 }
@@ -258,7 +276,7 @@ read_userconfig(char const * file)
 #endif
 			switch (i) {
 			case _UC_DEFAULTPWD:
-				config.default_password = boolean_val(q, 1);
+				config.default_password = passwd_val(q, 1);
 				break;
 			case _UC_REUSEUID:
 				config.reuse_uids = boolean_val(q, 0);
diff --git a/pw/pw_user.c b/pw/pw_user.c
index 67186c3..75e7fb6 100644
--- a/pw/pw_user.c
+++ b/pw/pw_user.c
@@ -1315,7 +1315,7 @@ pw_user_add(int argc, char **argv, char *arg1)
 
 	mix_config(cmdcnf, cnf);
 	if (default_passwd)
-		cmdcnf->default_password = boolean_val(default_passwd,
+		cmdcnf->default_password = passwd_val(default_passwd,
 		    cnf->default_password);
 	if (genconf) {
 		if (name != NULL)
@@ -1717,7 +1717,7 @@ pw_user_mod(int argc, char **argv, char *arg1)
 		if (lc == NULL || login_setcryptfmt(lc, "sha512", NULL) == NULL)
 			warn("setting crypt(3) format");
 		login_close(lc);
-		cnf->default_password = boolean_val(passwd,
+		cnf->default_password = passwd_val(passwd,
 		    cnf->default_password);
 		pwd->pw_passwd = pw_password(cnf, pwd->pw_name, dryrun);
 		edited = true;