diff options
Diffstat (limited to '')
-rw-r--r-- | src/chgpasswd.c | 39 |
1 files changed, 28 insertions, 11 deletions
diff --git a/src/chgpasswd.c b/src/chgpasswd.c index d17acb6..1ff6776 100644 --- a/src/chgpasswd.c +++ b/src/chgpasswd.c @@ -16,11 +16,13 @@ #include <pwd.h> #include <stdio.h> #include <stdlib.h> + #ifdef ACCT_TOOLS_SETUID #ifdef USE_PAM #include "pam_defs.h" #endif /* USE_PAM */ #endif /* ACCT_TOOLS_SETUID */ +#include "atoi/str2i.h" #include "defines.h" #include "nscd.h" #include "sssd.h" @@ -33,10 +35,11 @@ #include "exitcodes.h" #include "shadowlog.h" + /* * Global variables */ -const char *Prog; +static const char Prog[] = "chgpasswd"; static bool eflg = false; static bool md5flg = false; #if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT) @@ -62,8 +65,8 @@ static bool sgr_locked = false; static bool gr_locked = false; /* local function prototypes */ -static void fail_exit (int code); -static /*@noreturn@*/void usage (int status); +NORETURN static void fail_exit (int code); +NORETURN static void usage (int status); static void process_flags (int argc, char **argv); static void check_flags (void); static void check_perms (void); @@ -99,7 +102,9 @@ static void fail_exit (int code) /* * usage - display usage message and exit */ -static /*@noreturn@*/void usage (int status) +NORETURN +static void +usage (int status) { FILE *usageout = (E_SUCCESS != status) ? stderr : stdout; (void) fprintf (usageout, @@ -184,21 +189,28 @@ static void process_flags (int argc, char **argv) case 's': sflg = true; bad_s = 0; + + if (!crypt_method) { + fprintf (stderr, + _("%s: no crypt method defined\n"), + Prog); + usage (E_USAGE); + } #if defined(USE_SHA_CRYPT) if ( ( ((0 == strcmp (crypt_method, "SHA256")) || (0 == strcmp (crypt_method, "SHA512"))) - && (0 == getlong(optarg, &sha_rounds)))) { + && (-1 == str2sl(&sha_rounds, optarg)))) { bad_s = 1; } #endif /* USE_SHA_CRYPT */ #if defined(USE_BCRYPT) if (( (0 == strcmp (crypt_method, "BCRYPT")) - && (0 == getlong(optarg, &bcrypt_rounds)))) { + && (-1 == str2sl(&bcrypt_rounds, optarg)))) { bad_s = 1; } #endif /* USE_BCRYPT */ #if defined(USE_YESCRYPT) if (( (0 == strcmp (crypt_method, "YESCRYPT")) - && (0 == getlong(optarg, &yescrypt_cost)))) { + && (-1 == str2sl(&yescrypt_cost, optarg)))) { bad_s = 1; } #endif /* USE_YESCRYPT */ @@ -294,7 +306,7 @@ static void check_perms (void) exit (1); } - retval = pam_start ("chgpasswd", pampw->pw_name, &conv, &pamh); + retval = pam_start (Prog, pampw->pw_name, &conv, &pamh); if (PAM_SUCCESS == retval) { retval = pam_authenticate (pamh, 0); @@ -414,7 +426,6 @@ int main (int argc, char **argv) int errors = 0; int line = 0; - Prog = Basename (argv[0]); log_set_progname(Prog); log_set_logfd(stderr); @@ -422,11 +433,17 @@ int main (int argc, char **argv) (void) bindtextdomain (PACKAGE, LOCALEDIR); (void) textdomain (PACKAGE); +#ifdef WITH_SELINUX + if (check_selinux_permit ("passwd") != 0) { + return (E_NOPERM); + } +#endif /* WITH_SELINUX */ + process_root_flag ("-R", argc, argv); process_flags (argc, argv); - OPENLOG ("chgpasswd"); + OPENLOG (Prog); check_perms (); @@ -441,7 +458,7 @@ int main (int argc, char **argv) * group entry for each group will be looked up in the appropriate * file (gshadow or group) and the password changed. */ - while (fgets (buf, (int) sizeof buf, stdin) != (char *) 0) { + while (fgets (buf, (int) sizeof buf, stdin) != NULL) { line++; cp = strrchr (buf, '\n'); if (NULL != cp) { |