1303 files changed, 32187 insertions, 57138 deletions
diff --git a/loginutils/chpasswd.c b/loginutils/chpasswd.c index 9eab99e..fb7a241 100644 --- a/loginutils/chpasswd.c +++ b/loginutils/chpasswd.c @@ -5,27 +5,46 @@ * Written for SLIND (from passwd.c) by Alexander Shishkin <virtuoso@slind.org> * Licensed under GPLv2 or later, see file LICENSE in this source tree. */ -#include "libbb.h" +//config:config CHPASSWD +//config: bool "chpasswd" +//config: default y +//config: help +//config: Reads a file of user name and password pairs from standard input +//config: and uses this information to update a group of existing users. +//config: +//config:config FEATURE_DEFAULT_PASSWD_ALGO +//config: string "Default password encryption method (passwd -a, cryptpw -m parameter)" +//config: default "des" +//config: depends on PASSWD || CRYPTPW +//config: help +//config: Possible choices are "d[es]", "m[d5]", "s[ha256]" or "sha512". + +//applet:IF_CHPASSWD(APPLET(chpasswd, BB_DIR_USR_SBIN, BB_SUID_DROP)) + +//kbuild:lib-$(CONFIG_CHPASSWD) += chpasswd.o //usage:#define chpasswd_trivial_usage -//usage: IF_LONG_OPTS("[--md5|--encrypted]") IF_NOT_LONG_OPTS("[-m|-e]") +//usage: IF_LONG_OPTS("[--md5|--encrypted|--crypt-method]") IF_NOT_LONG_OPTS("[-m|-e|-c]") //usage:#define chpasswd_full_usage "\n\n" //usage: "Read user:password from stdin and update /etc/passwd\n" //usage: IF_LONG_OPTS( -//usage: "\n -e,--encrypted Supplied passwords are in encrypted form" -//usage: "\n -m,--md5 Use MD5 encryption instead of DES" +//usage: "\n -e,--encrypted Supplied passwords are in encrypted form" +//usage: "\n -m,--md5 Use MD5 encryption instead of DES" +//usage: "\n -c,--crypt-method Use the specified method to encrypt the passwords" //usage: ) //usage: IF_NOT_LONG_OPTS( //usage: "\n -e Supplied passwords are in encrypted form" //usage: "\n -m Use MD5 encryption instead of DES" +//usage: "\n -c Use the specified method to encrypt the passwords" //usage: ) -//TODO: implement -c ALGO +#include "libbb.h" #if ENABLE_LONG_OPTS static const char chpasswd_longopts[] ALIGN1 = - "encrypted\0" No_argument "e" - "md5\0" No_argument "m" + "encrypted\0" No_argument "e" + "md5\0" No_argument "m" + "crypt-method\0" Required_argument "c" ; #endif @@ -36,14 +55,15 @@ int chpasswd_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE; int chpasswd_main(int argc UNUSED_PARAM, char **argv) { char *name; + const char *algo = CONFIG_FEATURE_DEFAULT_PASSWD_ALGO; int opt; if (getuid() != 0) bb_error_msg_and_die("%s", bb_msg_perm_denied_are_you_root); - opt_complementary = "m--e:e--m"; + opt_complementary = "m--ec:e--mc:c--em"; IF_LONG_OPTS(applet_long_options = chpasswd_longopts;) - opt = getopt32(argv, "em"); + opt = getopt32(argv, "emc:", &algo); while ((name = xmalloc_fgetline(stdin)) != NULL) { char *free_me; @@ -59,15 +79,14 @@ int chpasswd_main(int argc UNUSED_PARAM, char **argv) free_me = NULL; if (!(opt & OPT_ENC)) { - char salt[sizeof("$N$XXXXXXXX")]; + char salt[MAX_PW_SALT_LEN]; - crypt_make_salt(salt, 1); if (opt & OPT_MD5) { - salt[0] = '$'; - salt[1] = '1'; - salt[2] = '$'; - crypt_make_salt(salt + 3, 4); + /* Force MD5 if the -m flag is set */ + algo = "md5"; } + + crypt_make_pw_salt(salt, algo); free_me = pass = pw_encrypt(pass, salt, 0); } @@ -86,7 +105,7 @@ int chpasswd_main(int argc UNUSED_PARAM, char **argv) if (rc < 0) bb_error_msg_and_die("an error occurred updating password for %s", name); if (rc) - bb_info_msg("Password for '%s' changed", name); + bb_error_msg("password for '%s' changed", name); logmode = LOGMODE_STDIO; free(name); free(free_me); |