0001-pw-8-Add-an-option-to-accept-encrypted-passwords.patch
| b/usr.sbin/pw/pw.8 | ||
|---|---|---|
| 23 | 23 |
.\" SUCH DAMAGE. |
| 24 | 24 |
.\" |
| 25 | 25 |
.\" $FreeBSD: src/usr.sbin/pw/pw.8,v 1.19.2.12 2003/05/08 15:01:44 trhodes Exp $ |
| 26 |
.\" $DragonFly: src/usr.sbin/pw/pw.8,v 1.5 2008/05/02 02:05:08 swildner Exp $ |
|
| 27 | 26 |
.\" |
| 28 |
.Dd December 9, 1996
|
|
| 27 |
.Dd January 11, 2004
|
|
| 29 | 28 |
.Dt PW 8 |
| 30 | 29 |
.Os |
| 31 | 30 |
.Sh NAME |
| ... | ... | |
| 52 | 51 |
.Op Fl s Ar shell |
| 53 | 52 |
.Op Fl o |
| 54 | 53 |
.Op Fl L Ar class |
| 55 |
.Op Fl h Ar fd |
|
| 54 |
.Op Fl h Ar fd | Fl H Ar fd
|
|
| 56 | 55 |
.Op Fl N |
| 57 | 56 |
.Op Fl P |
| 58 | 57 |
.Op Fl Y |
| ... | ... | |
| 102 | 101 |
.Op Fl w Ar method |
| 103 | 102 |
.Op Fl s Ar shell |
| 104 | 103 |
.Op Fl L Ar class |
| 105 |
.Op Fl h Ar fd |
|
| 104 |
.Op Fl h Ar fd | Fl H Ar fd
|
|
| 106 | 105 |
.Op Fl N |
| 107 | 106 |
.Op Fl P |
| 108 | 107 |
.Op Fl Y |
| ... | ... | |
| 131 | 130 |
.Op Fl g Ar gid |
| 132 | 131 |
.Op Fl M Ar members |
| 133 | 132 |
.Op Fl o |
| 134 |
.Op Fl h Ar fd |
|
| 133 |
.Op Fl h Ar fd | Fl H Ar fd
|
|
| 135 | 134 |
.Op Fl N |
| 136 | 135 |
.Op Fl P |
| 137 | 136 |
.Op Fl Y |
| ... | ... | |
| 153 | 152 |
.Op Fl l Ar name |
| 154 | 153 |
.Op Fl M Ar members |
| 155 | 154 |
.Op Fl m Ar newmembers |
| 156 |
.Op Fl h Ar fd |
|
| 155 |
.Op Fl h Ar fd | Fl H Ar fd
|
|
| 157 | 156 |
.Op Fl N |
| 158 | 157 |
.Op Fl P |
| 159 | 158 |
.Op Fl Y |
| ... | ... | |
| 508 | 507 |
then the password will be set to |
| 509 | 508 |
.Ql \&* , |
| 510 | 509 |
rendering the account inaccessible via password-based login. |
| 510 |
.It Fl H Ar fd |
|
| 511 |
Read an encrypted password string from the specified file descriptor. |
|
| 512 |
This is like |
|
| 513 |
.Fl h , |
|
| 514 |
but the password should be supplied already encrypted in a form |
|
| 515 |
suitable for writing directly to the password database. |
|
| 511 | 516 |
.El |
| 512 | 517 |
.Pp |
| 513 | 518 |
It is possible to use |
| b/usr.sbin/pw/pw.c | ||
|---|---|---|
| 24 | 24 |
* SUCH DAMAGE. |
| 25 | 25 |
* |
| 26 | 26 |
* $FreeBSD: src/usr.sbin/pw/pw.c,v 1.18.2.5 2001/07/19 01:46:55 kris Exp $ |
| 27 |
* $DragonFly: src/usr.sbin/pw/pw.c,v 1.3 2004/12/18 22:48:04 swildner Exp $ |
|
| 28 | 27 |
*/ |
| 29 | 28 | |
| 30 | 29 |
#include <err.h> |
| ... | ... | |
| 104 | 103 |
static const char *opts[W_NUM][M_NUM] = |
| 105 | 104 |
{
|
| 106 | 105 |
{ /* user */
|
| 107 |
"V:C:qn:u:c:d:e:p:g:G:mk:s:oL:i:w:h:Db:NPy:Y", |
|
| 106 |
"V:C:qn:u:c:d:e:p:g:G:mk:s:oL:i:w:h:H:Db:NPy:Y",
|
|
| 108 | 107 |
"V:C:qn:u:rY", |
| 109 |
"V:C:qn:u:c:d:e:p:g:G:ml:k:s:w:L:h:FNPY", |
|
| 108 |
"V:C:qn:u:c:d:e:p:g:G:ml:k:s:w:L:h:H:FNPY",
|
|
| 110 | 109 |
"V:C:qn:u:FPa7", |
| 111 | 110 |
"V:C:q", |
| 112 | 111 |
"V:C:q", |
| 113 | 112 |
"V:C:q" |
| 114 | 113 |
}, |
| 115 | 114 |
{ /* grp */
|
| 116 |
"V:C:qn:g:h:M:pNPY", |
|
| 115 |
"V:C:qn:g:h:H:M:pNPY",
|
|
| 117 | 116 |
"V:C:qn:g:Y", |
| 118 |
"V:C:qn:g:l:h:FM:m:NPY", |
|
| 117 |
"V:C:qn:g:l:h:H:FM:m:NPY",
|
|
| 119 | 118 |
"V:C:qn:g:FPa", |
| 120 | 119 |
"V:C:q" |
| 121 | 120 |
} |
| ... | ... | |
| 313 | 312 |
"\t-o duplicate uid ok\n" |
| 314 | 313 |
"\t-L class user class\n" |
| 315 | 314 |
"\t-h fd read password on fd\n" |
| 315 |
"\t-H fd read encrypted password on fd\n" |
|
| 316 | 316 |
"\t-Y update NIS maps\n" |
| 317 | 317 |
"\t-N no update\n" |
| 318 | 318 |
" Setting defaults:\n" |
| ... | ... | |
| 355 | 355 |
"\t-s shell name of login shell\n" |
| 356 | 356 |
"\t-w method set new password using method\n" |
| 357 | 357 |
"\t-h fd read password on fd\n" |
| 358 |
"\t-H fd read encrypted password on fd\n" |
|
| 358 | 359 |
"\t-Y update NIS maps\n" |
| 359 | 360 |
"\t-N no update\n", |
| 360 | 361 |
"usage: pw usershow [uid|name] [switches]\n" |
| b/usr.sbin/pw/pw_group.c | ||
|---|---|---|
| 24 | 24 |
* SUCH DAMAGE. |
| 25 | 25 |
* |
| 26 | 26 |
* $FreeBSD: src/usr.sbin/pw/pw_group.c,v 1.12.2.1 2000/06/28 19:19:04 ache Exp $ |
| 27 |
* $DragonFly: src/usr.sbin/pw/pw_group.c,v 1.3 2004/09/25 20:38:21 dillon Exp $ |
|
| 28 | 27 |
*/ |
| 29 | 28 | |
| 30 | 29 |
#include <ctype.h> |
| ... | ... | |
| 168 | 167 |
* software. |
| 169 | 168 |
*/ |
| 170 | 169 | |
| 171 |
if ((arg = getarg(args, 'h')) != NULL) {
|
|
| 170 |
if ((arg = getarg(args, 'h')) != NULL || |
|
| 171 |
(arg = getarg(args, 'H')) != NULL) {
|
|
| 172 | 172 |
if (strcmp(arg->val, "-") == 0) |
| 173 | 173 |
grp->gr_passwd = "*"; /* No access */ |
| 174 | 174 |
else {
|
| 175 | 175 |
int fd = atoi(arg->val); |
| 176 |
int precrypt = (arg->ch == 'H'); |
|
| 176 | 177 |
int b; |
| 177 | 178 |
int istty = isatty(fd); |
| 178 | 179 |
struct termios t; |
| ... | ... | |
| 206 | 207 |
*p = '\0'; |
| 207 | 208 |
if (!*line) |
| 208 | 209 |
errx(EX_DATAERR, "empty password read on file descriptor %d", fd); |
| 209 |
grp->gr_passwd = pw_pwcrypt(line); |
|
| 210 |
if (precrypt) {
|
|
| 211 |
if (strchr(line, ':') != NULL) |
|
| 212 |
return EX_DATAERR; |
|
| 213 |
grp->gr_passwd = line; |
|
| 214 |
} else |
|
| 215 |
grp->gr_passwd = pw_pwcrypt(line); |
|
| 210 | 216 |
} |
| 211 | 217 |
} |
| 212 | 218 | |
| b/usr.sbin/pw/pw_user.c | ||
|---|---|---|
| 23 | 23 |
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
| 24 | 24 |
* SUCH DAMAGE. |
| 25 | 25 |
* |
| 26 |
* |
|
| 27 | 26 |
* $FreeBSD: src/usr.sbin/pw/pw_user.c,v 1.34.2.13 2003/02/01 21:20:10 gad Exp $ |
| 28 |
* $DragonFly: src/usr.sbin/pw/pw_user.c,v 1.4 2004/11/30 20:12:21 joerg Exp $ |
|
| 29 | 27 |
*/ |
| 30 | 28 | |
| 31 | 29 |
#include <ctype.h> |
| ... | ... | |
| 84 | 82 |
* -L class user class |
| 85 | 83 |
* -l name new login name |
| 86 | 84 |
* -h fd password filehandle |
| 85 |
* -H fd encrypted password filehandle |
|
| 87 | 86 |
* -F force print or add |
| 88 | 87 |
* Setting defaults: |
| 89 | 88 |
* -D set user defaults |
| ... | ... | |
| 541 | 540 |
warnx("WARNING: home `%s' is not a directory", pwd->pw_dir);
|
| 542 | 541 |
} |
| 543 | 542 | |
| 544 |
if ((arg = getarg(args, 'w')) != NULL && getarg(args, 'h') == NULL) {
|
|
| 543 |
if ((arg = getarg(args, 'w')) != NULL && |
|
| 544 |
getarg(args, 'h') == NULL && getarg(args, 'H') == NULL) {
|
|
| 545 | 545 |
login_cap_t *lc; |
| 546 | 546 | |
| 547 | 547 |
lc = login_getpwclass(pwd); |
| ... | ... | |
| 599 | 599 |
} |
| 600 | 600 |
} |
| 601 | 601 | |
| 602 |
if ((arg = getarg(args, 'h')) != NULL) {
|
|
| 602 |
if ((arg = getarg(args, 'h')) != NULL || |
|
| 603 |
(arg = getarg(args, 'H')) != NULL) {
|
|
| 603 | 604 |
if (strcmp(arg->val, "-") == 0) {
|
| 604 | 605 |
if (!pwd->pw_passwd || *pwd->pw_passwd != '*') {
|
| 605 | 606 |
pwd->pw_passwd = "*"; /* No access */ |
| ... | ... | |
| 607 | 608 |
} |
| 608 | 609 |
} else {
|
| 609 | 610 |
int fd = atoi(arg->val); |
| 611 |
int precrypt = (arg->ch == 'H'); |
|
| 610 | 612 |
int b; |
| 611 | 613 |
int istty = isatty(fd); |
| 612 | 614 |
struct termios t; |
| ... | ... | |
| 621 | 623 |
/* Disable echo */ |
| 622 | 624 |
n.c_lflag &= ~(ECHO); |
| 623 | 625 |
tcsetattr(fd, TCSANOW, &n); |
| 624 |
printf("%sassword for user %s:", (mode == M_UPDATE) ? "New p" : "P", pwd->pw_name);
|
|
| 626 |
printf("%s%spassword for user %s:",
|
|
| 627 |
(mode == M_UPDATE) ? "new " : "", |
|
| 628 |
precrypt ? "encrypted " : "", |
|
| 629 |
pwd->pw_name); |
|
| 625 | 630 |
fflush(stdout); |
| 626 | 631 |
} |
| 627 | 632 |
} |
| ... | ... | |
| 632 | 637 |
fflush(stdout); |
| 633 | 638 |
} |
| 634 | 639 |
if (b < 0) {
|
| 635 |
warn("-h file descriptor");
|
|
| 640 |
warn("-%c file descriptor", precrypt ? 'H' :
|
|
| 641 |
'h'); |
|
| 636 | 642 |
return EX_IOERR; |
| 637 | 643 |
} |
| 638 | 644 |
line[b] = '\0'; |
| ... | ... | |
| 640 | 646 |
*p = '\0'; |
| 641 | 647 |
if (!*line) |
| 642 | 648 |
errx(EX_DATAERR, "empty password read on file descriptor %d", fd); |
| 643 |
lc = login_getpwclass(pwd); |
|
| 644 |
if (lc == NULL || |
|
| 645 |
login_setcryptfmt(lc, "md5", NULL) == NULL) |
|
| 646 |
warn("setting crypt(3) format");
|
|
| 647 |
login_close(lc); |
|
| 648 |
pwd->pw_passwd = pw_pwcrypt(line); |
|
| 649 |
if (precrypt) {
|
|
| 650 |
if (strchr(line, ':') != NULL) |
|
| 651 |
return EX_DATAERR; |
|
| 652 |
pwd->pw_passwd = line; |
|
| 653 |
} else {
|
|
| 654 |
lc = login_getpwclass(pwd); |
|
| 655 |
if (lc == NULL || |
|
| 656 |
login_setcryptfmt(lc, "md5", NULL) == NULL) |
|
| 657 |
warn("setting crypt(3) format");
|
|
| 658 |
login_close(lc); |
|
| 659 |
pwd->pw_passwd = pw_pwcrypt(line); |
|
| 660 |
} |
|
| 649 | 661 |
edited = 1; |
| 650 | 662 |
} |
| 651 | 663 |
} |
| ... | ... | |
| 1088 | 1100 |
/* |
| 1089 | 1101 |
* We give this information back to the user |
| 1090 | 1102 |
*/ |
| 1091 |
if (getarg(args, 'h') == NULL && getarg(args, 'N') == NULL) {
|
|
| 1103 |
if (getarg(args, 'h') == NULL && getarg(args, 'H') == NULL && |
|
| 1104 |
getarg(args, 'N') == NULL) {
|
|
| 1092 | 1105 |
if (isatty(STDOUT_FILENO)) |
| 1093 | 1106 |
printf("Password for '%s' is: ", user);
|
| 1094 | 1107 |
printf("%s\n", pwbuf);
|
| 1095 |
- |
|