From 427db8b9ab1ccae1a6470c8fbb5454b3c9860cfa Mon Sep 17 00:00:00 2001
From: Dmitry Morozovsky <marck@FreeBSD.org>
Date: Mon, 25 Sep 2006 15:06:24 +0000
Subject: Fix bug introduced in rev 1.23:

pw_equal does not check crypted password field, so one cannot change
crypted password keeping other fields intact.

Approved by:	des
MCF after:	3 days
---
 chpass/chpass.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'chpass/chpass.c')

diff --git a/chpass/chpass.c b/chpass/chpass.c
index ad6b985..2504e68 100644
--- a/chpass/chpass.c
+++ b/chpass/chpass.c
@@ -217,7 +217,12 @@ main(int argc, char *argv[])
 		pw_fini();
 		if (pw == NULL)
 			err(1, "edit()");
-		if (pw_equal(old_pw, pw))
+		/* 
+		 * pw_equal does not check for crypted passwords, so we
+		 * should do it explicitly
+		 */
+		if (pw_equal(old_pw, pw) && 
+		    strcmp(old_pw->pw_passwd, pw->pw_passwd) == 0)
 			errx(0, "user information unchanged");
 	}
 
-- 
cgit v1.2.3-56-ge451