summaryrefslogtreecommitdiffstats
path: root/src/chgpasswd.c
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-06-26 16:18:37 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-06-26 16:18:37 +0000
commitb6b00dd55e035bfbe311a527b567962ffa77ee43 (patch)
treecafc4d13785448e5a78bd40a51697ee07f07ac12 /src/chgpasswd.c
parentAdding debian version 1:4.13+dfsg1-5. (diff)
downloadshadow-b6b00dd55e035bfbe311a527b567962ffa77ee43.tar.xz
shadow-b6b00dd55e035bfbe311a527b567962ffa77ee43.zip
Merging upstream version 1:4.15.2.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'src/chgpasswd.c')
-rw-r--r--src/chgpasswd.c39
1 files changed, 28 insertions, 11 deletions
diff --git a/src/chgpasswd.c b/src/chgpasswd.c
index d17acb6..1ff6776 100644
--- a/src/chgpasswd.c
+++ b/src/chgpasswd.c
@@ -16,11 +16,13 @@
#include <pwd.h>
#include <stdio.h>
#include <stdlib.h>
+
#ifdef ACCT_TOOLS_SETUID
#ifdef USE_PAM
#include "pam_defs.h"
#endif /* USE_PAM */
#endif /* ACCT_TOOLS_SETUID */
+#include "atoi/str2i.h"
#include "defines.h"
#include "nscd.h"
#include "sssd.h"
@@ -33,10 +35,11 @@
#include "exitcodes.h"
#include "shadowlog.h"
+
/*
* Global variables
*/
-const char *Prog;
+static const char Prog[] = "chgpasswd";
static bool eflg = false;
static bool md5flg = false;
#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT)
@@ -62,8 +65,8 @@ static bool sgr_locked = false;
static bool gr_locked = false;
/* local function prototypes */
-static void fail_exit (int code);
-static /*@noreturn@*/void usage (int status);
+NORETURN static void fail_exit (int code);
+NORETURN static void usage (int status);
static void process_flags (int argc, char **argv);
static void check_flags (void);
static void check_perms (void);
@@ -99,7 +102,9 @@ static void fail_exit (int code)
/*
* usage - display usage message and exit
*/
-static /*@noreturn@*/void usage (int status)
+NORETURN
+static void
+usage (int status)
{
FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
(void) fprintf (usageout,
@@ -184,21 +189,28 @@ static void process_flags (int argc, char **argv)
case 's':
sflg = true;
bad_s = 0;
+
+ if (!crypt_method) {
+ fprintf (stderr,
+ _("%s: no crypt method defined\n"),
+ Prog);
+ usage (E_USAGE);
+ }
#if defined(USE_SHA_CRYPT)
if ( ( ((0 == strcmp (crypt_method, "SHA256")) || (0 == strcmp (crypt_method, "SHA512")))
- && (0 == getlong(optarg, &sha_rounds)))) {
+ && (-1 == str2sl(&sha_rounds, optarg)))) {
bad_s = 1;
}
#endif /* USE_SHA_CRYPT */
#if defined(USE_BCRYPT)
if (( (0 == strcmp (crypt_method, "BCRYPT"))
- && (0 == getlong(optarg, &bcrypt_rounds)))) {
+ && (-1 == str2sl(&bcrypt_rounds, optarg)))) {
bad_s = 1;
}
#endif /* USE_BCRYPT */
#if defined(USE_YESCRYPT)
if (( (0 == strcmp (crypt_method, "YESCRYPT"))
- && (0 == getlong(optarg, &yescrypt_cost)))) {
+ && (-1 == str2sl(&yescrypt_cost, optarg)))) {
bad_s = 1;
}
#endif /* USE_YESCRYPT */
@@ -294,7 +306,7 @@ static void check_perms (void)
exit (1);
}
- retval = pam_start ("chgpasswd", pampw->pw_name, &conv, &pamh);
+ retval = pam_start (Prog, pampw->pw_name, &conv, &pamh);
if (PAM_SUCCESS == retval) {
retval = pam_authenticate (pamh, 0);
@@ -414,7 +426,6 @@ int main (int argc, char **argv)
int errors = 0;
int line = 0;
- Prog = Basename (argv[0]);
log_set_progname(Prog);
log_set_logfd(stderr);
@@ -422,11 +433,17 @@ int main (int argc, char **argv)
(void) bindtextdomain (PACKAGE, LOCALEDIR);
(void) textdomain (PACKAGE);
+#ifdef WITH_SELINUX
+ if (check_selinux_permit ("passwd") != 0) {
+ return (E_NOPERM);
+ }
+#endif /* WITH_SELINUX */
+
process_root_flag ("-R", argc, argv);
process_flags (argc, argv);
- OPENLOG ("chgpasswd");
+ OPENLOG (Prog);
check_perms ();
@@ -441,7 +458,7 @@ int main (int argc, char **argv)
* group entry for each group will be looked up in the appropriate
* file (gshadow or group) and the password changed.
*/
- while (fgets (buf, (int) sizeof buf, stdin) != (char *) 0) {
+ while (fgets (buf, (int) sizeof buf, stdin) != NULL) {
line++;
cp = strrchr (buf, '\n');
if (NULL != cp) {