[prev in list] [next in list] [prev in thread] [next in thread] 

List:       busybox
Subject:    Re: Fwd: [PATCH] add chpasswd applet
From:       Tito <farmatito () tiscali ! it>
Date:       2007-07-20 22:12:47
Message-ID: 200707210012.47455.farmatito () tiscali ! it
[Download RAW message or body]

On Friday 20 July 2007 23:22:56 Denis Vlasenko wrote:
> On Thursday 19 July 2007 21:37, Alexander Shishkin wrote:
> > On 7/19/07, Tito <farmatito@tiscali.it> wrote:
> > > Hi,
> > Hi,
> > 
> > > attached you will find a drop in replacement
> > > for chpasswd.c with some more busyboxification
> > > (use of getopt32 and syslogging capabilities of
> > > bb_*_msg_* functions) and some things it seems to me that
> > > need to be fixed (this could be done to me being in hurry
> > > and not understanding you code... in this case ignore it).
> > > This code is only compile tested and needs more care and love. ;-)
> > Thanks for pointing these things out! I've done some more tweaking on
> > the applet. Attached please find an updated patch.
> 
> Question: why malformed line without password results in warning,
> but invalid username aborts?
> 
>                         bb_error_msg("missing new password");
>                         continue;
>                 }
>                 *pass++ = '\0';
> 
>                 if (!getpwnam(name))
>                         bb_error_msg_and_die("unknown user %s", name);
> 
> Seems inconsistent to me.
> 
> Btw, do we need to check that user exists? Without such check,
> nonexistent users are just ignored and code is smaller.
> 
> Testing it. Nice:
> 
> echo -e "guest:qqqq\ntest:qqqq" | ./busybox chpasswd
> 
> and crypt_make_salt() generates same salt for both! :))
> Bunch of other bugs too: shadow passwords check is backwards,...
> 
> Applied to svn. Enjoy/test.
> --
> vda
> 

Hi,
you were so fast this time, i was just reworking it....
So here is a new version of chpasswd.c that saves some space.
bloat-o-meter says:

root@localhost:~/Desktop/busybox# scripts/bloat-o-meter busybox_old busybox_unstripped
function                                             old     new   delta
.rodata                                           122925  122893     -32
chpasswd_main                                        483     406     -77
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/2 up/down: 0/-109)           Total: -109 bytes

Little tested.
Comments are welcome.

Ciao,
Tito





["chpasswd.c" (text/x-csrc)]

/* vi: set sw=4 ts=4: */
/*
 * chpasswd.c
 *
 * Written for SLIND (from passwd.c) by Alexander Shishkin <virtuoso@slind.org>
 * Licensed under GPLv2 or later, see file LICENSE in this tarball for details.
 */

#include "libbb.h"

#if ENABLE_GETOPT_LONG
#include <getopt.h>

static const struct option chpasswd_opts[] = {
	{ "encrypted", no_argument, NULL, 'e' },
	{ "md5", no_argument, NULL, 'm' },
	{ NULL, 0, NULL, 0 }
};
#endif

int chpasswd_main(int argc, char **argv);
int chpasswd_main(int argc, char **argv)
{
	enum {
		OPT_enc = 0x1, /* -e - password is encoded */
		OPT_md5 = 0x2, /* -m - use MD5 */
	};
	char *name, *passwd, *encrypted;
	char salt[sizeof("$N$XXXXXXXX")];
	int flag;
	struct rlimit rlimit_fsize;

	if (getuid())
		bb_error_msg_and_die(bb_msg_perm_denied_are_you_root);

 	opt_complementary = "?m--e:e--m";

	USE_GETOPT_LONG(applet_long_options = chpasswd_opts;)

	flag = getopt32(argc, argv, "em");

	rlimit_fsize.rlim_cur = rlimit_fsize.rlim_max = 512L * 30000;
	setrlimit(RLIMIT_FSIZE, &rlimit_fsize);
	signal(SIGHUP, SIG_IGN);
	signal(SIGINT, SIG_IGN);
	signal(SIGQUIT, SIG_IGN);

	/* Log to STDERR and SYSLOG */
	logmode = LOGMODE_BOTH;
	
	/* At first name is USER:PASSWORD */
	while ((name = xmalloc_getline(stdin))) {
		/* Find PASSWORD */
		passwd = strchr(name, ':');
		if (!passwd)
			bb_error_msg_and_die("missing new password");

		/* Cut PASSWORD and then move pointer */
		*passwd++ = '\0';
		/* Now name is USER: check if USER exists */
		xuname2uid(name);

		crypt_make_salt(salt, 1); /* DES */
		if (flag & OPT_md5) {
			strcpy(salt, "$1$");  /* MD5 */
			crypt_make_salt(salt + 3, 4);
		}

		encrypted = xstrdup((flag & OPT_enc) ? passwd : pw_encrypt(passwd, salt));

		/* Use /etc/shadow if ENABLE_FEATURE_SHADOWPASSWDS is set,
			* on failure use the default /etc/passwd.
			*/
		if ((ENABLE_FEATURE_SHADOWPASSWDS 
			&& !update_passwd(bb_path_shadow_file, name, encrypted))
			|| !update_passwd(bb_path_passwd_file, name, encrypted)) {
			/* LOGMODE_BOTH */
			bb_info_msg("Password for `%s' changed", name);
		} else {
			/* LOGMODE_BOTH */
			bb_error_msg_and_die("An error occurred updating password for `%s'", name);
		}
		/* Zero the password as it could be unencrypted. Needed ??? */
		/*memset(passwd, 0, strlen(passwd));*/
		/* Clean up */
		free(encrypted);
		free(name);
	}

	return 0;
}



_______________________________________________
busybox mailing list
busybox@busybox.net
http://busybox.net/cgi-bin/mailman/listinfo/busybox

[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic