d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

getnewyppasswd() in yp_passwd.c doesn't generate correct encrypted

Browse Source 
password strings when DES isn't used; somehow the encrypted password
is corrupted and it winds up containing control chars, which yppasswdd
subsequently rejects. This breaks yppasswd on non-DES FreeBSD systems
using NIS.

Fix: scrap getnewyppasswd() entirely and use getnewpasswd() from
local_password.c, since it already works properly and is virtually
identical to getnewyppasswd() anyway. (Wish I'd noticed this sooner.)

This fixes a problem just reported on comp.unix.bsd.freebsd.misc.
This commit is contained in:
Bill Paul 1995-06-24 17:47:51 +00:00
parent 2f22cc074c
commit a7aa6bd1ea
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=9299
1 changed files with 2 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
usr.bin/passwd/yp_passwd.c
View File

@ -50,47 +50,7 @@ uid_t uid;
static unsigned char itoa64[] = /* 0 ... 63 => ascii - 64 */
"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
char *getnewyppasswd(struct passwd *);
char *
getnewyppasswd(register struct passwd *pw)
{
char *buf;
char salt[9], *p=NULL;
int tries = 0;
buf = (char *) malloc(30);
printf("Changing YP password for %s.\n", pw->pw_name);
buf[0] = '\0';
while(1) {
p = getpass("Please enter new password:");
if(*p == '\0') {
printf("Password unchanged.\n");
return NULL;
}
#ifndef DEBUG
if (strlen(p) <= 5 && (uid != 0 || ++tries < 2)) {
printf("Please enter a longer password.\n");
continue;
}
#endif
strcpy(buf, p);
p = getpass("Please retype new password:");
if( strcmp(buf, p) == 0) {
break;
} else {
printf("Mismatch - password unchanged.\n");
return NULL;
}
}
/* grab a random printable character that isn't a colon */
srandom((int)time((time_t *)NULL));
to64(&salt[0], random(), 2);
return strdup(crypt(buf, salt));
}
extern char *getnewpasswd __P(( struct passwd * ));
char *
getfield(char *gecos, char *field, int size)
@ -303,7 +263,7 @@ yp_passwd(char *user)
}
if (use_yp_passwd) {
if ((s = getnewyppasswd(pw)) == NULL)
if ((s = getnewpasswd(pw)) == NULL)
exit (1);
yppasswd.newpw.pw_passwd = s;
}