119 lines
4.4 KiB
Plaintext
119 lines
4.4 KiB
Plaintext
$OpenBSD: patch-bin_afppasswd_afppasswd_c,v 1.2 2007/10/25 18:57:32 steven Exp $
|
|
--- bin/afppasswd/afppasswd.c.orig Thu Feb 10 02:23:07 2005
|
|
+++ bin/afppasswd/afppasswd.c Thu Oct 25 20:30:05 2007
|
|
@@ -64,7 +64,7 @@
|
|
#define HEXPASSWDLEN 16
|
|
#define PASSWDLEN 8
|
|
|
|
-static char buf[MAXPATHLEN + 1];
|
|
+static char buf[MAXPATHLEN];
|
|
|
|
/* if newpwd is null, convert buf from hex to binary. if newpwd isn't
|
|
* null, convert newpwd to hex and save it in buf. */
|
|
@@ -117,7 +117,7 @@ static void convert_passwd(char *buf, char *newpwd, co
|
|
/* this matches the code in uam_randnum.c */
|
|
static int update_passwd(const char *path, const char *name, int flags)
|
|
{
|
|
- char password[PASSWDLEN + 1], *p, *passwd;
|
|
+ char password[PASSWDLEN], *p, *passwd;
|
|
FILE *fp;
|
|
off_t pos;
|
|
int keyfd = -1, err = 0;
|
|
@@ -128,9 +128,9 @@ static int update_passwd(const char *path, const char
|
|
}
|
|
|
|
/* open the key file if it exists */
|
|
- strcpy(buf, path);
|
|
+ strlcpy(buf, path, sizeof(buf));
|
|
if (strlen(path) < sizeof(buf) - 5) {
|
|
- strcat(buf, ".key");
|
|
+ strlcat(buf, ".key", sizeof(buf));
|
|
keyfd = open(buf, O_RDONLY);
|
|
}
|
|
|
|
@@ -154,8 +154,8 @@ static int update_passwd(const char *path, const char
|
|
}
|
|
|
|
if (flags & OPT_ADDUSER) {
|
|
- strcpy(buf, name);
|
|
- strcat(buf, FORMAT);
|
|
+ strlcpy(buf, name, sizeof(buf));
|
|
+ strlcat(buf, FORMAT, sizeof(buf));
|
|
p = strchr(buf, ':') + 1;
|
|
fwrite(buf, strlen(buf), 1, fp);
|
|
} else {
|
|
@@ -239,8 +239,8 @@ static int create_file(const char *path, uid_t minuid)
|
|
/* a little paranoia */
|
|
if (strlen(pwd->pw_name) + FORMAT_LEN > sizeof(buf) - 1)
|
|
continue;
|
|
- strcpy(buf, pwd->pw_name);
|
|
- strcat(buf, FORMAT);
|
|
+ strlcpy(buf, pwd->pw_name, sizeof(buf));
|
|
+ strlcat(buf, FORMAT, sizeof(buf));
|
|
len = strlen(buf);
|
|
if (write(fd, buf, len) != len) {
|
|
fprintf(stderr, "afppasswd: problem writing to %s: %s\n", path,
|
|
@@ -255,6 +255,22 @@ static int create_file(const char *path, uid_t minuid)
|
|
return err;
|
|
}
|
|
|
|
+void usage(void) {
|
|
+#ifdef USE_CRACKLIB
|
|
+ fprintf(stderr, "Usage: afppasswd [-acfn] [-u minuid] [-p path] [username]\n");
|
|
+#else /* USE_CRACKLIB */
|
|
+ fprintf(stderr, "Usage: afppasswd [-acf] [-u minuid] [-p path] [username]\n");
|
|
+#endif /* USE_CRACKLIB */
|
|
+ fprintf(stderr, " -a add a new user\n");
|
|
+ fprintf(stderr, " -c create and initialize password file or specific user\n");
|
|
+ fprintf(stderr, " -f force an action\n");
|
|
+#ifdef USE_CRACKLIB
|
|
+ fprintf(stderr, " -n disable cracklib checking of passwords\n");
|
|
+#endif /* USE_CRACKLIB */
|
|
+ fprintf(stderr, " -u uid minimum uid to use, defaults to 100\n");
|
|
+ fprintf(stderr, " -p path path to afppasswd file\n");
|
|
+ exit(-1);
|
|
+}
|
|
|
|
int main(int argc, char **argv)
|
|
{
|
|
@@ -270,16 +286,7 @@ int main(int argc, char **argv)
|
|
flags = ((uid = getuid()) == 0) ? OPT_ISROOT : 0;
|
|
|
|
if (((flags & OPT_ISROOT) == 0) && (argc > 1)) {
|
|
- fprintf(stderr, "Usage: afppasswd [-acfn] [-u minuid] [-p path] [username]\n");
|
|
- fprintf(stderr, " -a add a new user\n");
|
|
- fprintf(stderr, " -c create and initialize password file or specific user\n");
|
|
- fprintf(stderr, " -f force an action\n");
|
|
-#ifdef USE_CRACKLIB
|
|
- fprintf(stderr, " -n disable cracklib checking of passwords\n");
|
|
-#endif /* USE_CRACKLIB */
|
|
- fprintf(stderr, " -u uid minimum uid to use, defaults to 100\n");
|
|
- fprintf(stderr, " -p path path to afppasswd file\n");
|
|
- return -1;
|
|
+ usage();
|
|
}
|
|
|
|
while ((i = getopt(argc, argv, OPTIONS)) != EOF) {
|
|
@@ -312,20 +319,7 @@ int main(int argc, char **argv)
|
|
|
|
if (err || (optind + ((flags & OPT_CREATE) ? 0 :
|
|
(flags & OPT_ISROOT)) != argc)) {
|
|
-#ifdef USE_CRACKLIB
|
|
- fprintf(stderr, "Usage: afppasswd [-acfn] [-u minuid] [-p path] [username]\n");
|
|
-#else /* USE_CRACKLIB */
|
|
- fprintf(stderr, "Usage: afppasswd [-acf] [-u minuid] [-p path] [username]\n");
|
|
-#endif /* USE_CRACKLIB */
|
|
- fprintf(stderr, " -a add a new user\n");
|
|
- fprintf(stderr, " -c create and initialize password file or specific user\n");
|
|
- fprintf(stderr, " -f force an action\n");
|
|
-#ifdef USE_CRACKLIB
|
|
- fprintf(stderr, " -n disable cracklib checking of passwords\n");
|
|
-#endif /* USE_CRACKLIB */
|
|
- fprintf(stderr, " -u uid minimum uid to use, defaults to 100\n");
|
|
- fprintf(stderr, " -p path path to afppasswd file\n");
|
|
- return -1;
|
|
+ usage();
|
|
}
|
|
|
|
i = stat(path, &st);
|