From 0807c706fd119a91fe20902b41601a01cb10d847 Mon Sep 17 00:00:00 2001
From: Brian Feldman <green@FreeBSD.org>
Date: Tue, 22 Aug 2000 02:15:54 +0000
Subject: Add working and easy crypt(3)-switching.  Yes, we need a whole new
 API for crypt(3) by now.  In any case:

Add crypt_set_format(3) + documentation to -lcrypt.
Add login_setcryptfmt(3) + documentation to -lutil.
Support for switching crypt formats in passwd(8).
Support for switching crypt formats in pw(8).

The simple synopsis is:
edit login.conf; add a passwd_format field set to "des" or "md5"; go nuts :)

Reviewed by:	peter
---
 pw/pw_user.c | 21 ++++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)

(limited to 'pw/pw_user.c')

diff --git a/pw/pw_user.c b/pw/pw_user.c
index 2c491fd..c4e66b4 100644
--- a/pw/pw_user.c
+++ b/pw/pw_user.c
@@ -42,6 +42,7 @@ static const char rcsid[] =
 #include <sys/resource.h>
 #include <unistd.h>
 #include <utmp.h>
+#include <login_cap.h>
 #if defined(USE_MD5RAND)
 #include <md5.h>
 #endif
@@ -544,11 +545,19 @@ pw_user(struct userconf * cnf, int mode, struct cargs * args)
 		}
 
 		if ((arg = getarg(args, 'w')) != NULL && getarg(args, 'h') == NULL) {
+			login_cap_t *lc;
+
+			lc = login_getpwclass(pwd);
+			if (lc == NULL ||
+			    login_setcryptfmt(lc, "md5", NULL) == NULL)
+				warn("setting crypt(3) format");
+			login_close(lc);
 			pwd->pw_passwd = pw_password(cnf, args, pwd->pw_name);
 			edited = 1;
 		}
 
 	} else {
+		login_cap_t *lc;
 
 		/*
 		 * Add code
@@ -565,13 +574,17 @@ pw_user(struct userconf * cnf, int mode, struct cargs * args)
 		pwd = &fakeuser;
 		pwd->pw_name = a_name->val;
 		pwd->pw_class = cnf->default_class ? cnf->default_class : "";
-		pwd->pw_passwd = pw_password(cnf, args, pwd->pw_name);
 		pwd->pw_uid = pw_uidpolicy(cnf, args);
 		pwd->pw_gid = pw_gidpolicy(cnf, args, pwd->pw_name, (gid_t) pwd->pw_uid);
 		pwd->pw_change = pw_pwdpolicy(cnf, args);
 		pwd->pw_expire = pw_exppolicy(cnf, args);
 		pwd->pw_dir = pw_homepolicy(cnf, args, pwd->pw_name);
 		pwd->pw_shell = pw_shellpolicy(cnf, args, NULL);
+		lc = login_getpwclass(pwd);
+		if (lc == NULL || login_setcryptfmt(lc, "md5", NULL) == NULL)
+			warn("setting crypt(3) format");
+		login_close(lc);
+		pwd->pw_passwd = pw_password(cnf, args, pwd->pw_name);
 		edited = 1;
 
 		if (pwd->pw_uid == 0 && strcmp(pwd->pw_name, "root") != 0)
@@ -600,6 +613,7 @@ pw_user(struct userconf * cnf, int mode, struct cargs * args)
 			int             b;
 			int             istty = isatty(fd);
 			struct termios  t;
+			login_cap_t	*lc;
 
 			if (istty) {
 				if (tcgetattr(fd, &t) == -1)
@@ -629,6 +643,11 @@ pw_user(struct userconf * cnf, int mode, struct cargs * args)
 				*p = '\0';
 			if (!*line)
 				errx(EX_DATAERR, "empty password read on file descriptor %d", fd);
+			lc = login_getpwclass(pwd);
+			if (lc == NULL ||
+			    login_setcryptfmt(lc, "md5", NULL) == NULL)
+				warn("setting crypt(3) format");
+			login_close(lc);
 			pwd->pw_passwd = pw_pwcrypt(line);
 			edited = 1;
 		}
-- 
cgit v1.2.3-56-ge451