vbatts/shadow-utils-newxidmap
1
0
Fork 0
Code Issues Pull requests Releases Activity

usermod: properly return error during password manipulation

Browse source
This commit is contained in:
Tomas Mraz 2016-02-09 11:54:02 +01:00
parent b1dccbc445
commit 1bf254df98
2 changed files with 32 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

32
shadow-4.2.1-usermod-unlock.patch
View file

@ -1,7 +1,7 @@
diff -up shadow-4.2.1/src/usermod.c.unlock shadow-4.2.1/src/usermod.c diff -up shadow-4.2.1/src/usermod.c.unlock shadow-4.2.1/src/usermod.c
--- shadow-4.2.1/src/usermod.c.unlock 2014-12-01 15:14:58.000000000 +0100 --- shadow-4.2.1/src/usermod.c.unlock 2016-02-03 11:54:14.977664838 +0100
+++ shadow-4.2.1/src/usermod.c 2015-08-27 14:31:50.899712180 +0200 +++ shadow-4.2.1/src/usermod.c 2016-02-09 11:52:08.244957222 +0100
@@ -455,9 +455,12 @@ static char *new_pw_passwd (char *pw_pas @@ -455,14 +455,17 @@ static char *new_pw_passwd (char *pw_pas
strcat (buf, pw_pass); strcat (buf, pw_pass);
pw_pass = buf; pw_pass = buf;
} else if (Uflg && pw_pass[0] == '!') { } else if (Uflg && pw_pass[0] == '!') {
@ -16,6 +16,12 @@ diff -up shadow-4.2.1/src/usermod.c.unlock shadow-4.2.1/src/usermod.c
fprintf (stderr, fprintf (stderr,
_("%s: unlocking the user's password would result in a passwordless account.\n" _("%s: unlocking the user's password would result in a passwordless account.\n"
"You should set a password with usermod -p to unlock this user's password.\n"), "You should set a password with usermod -p to unlock this user's password.\n"),
Prog);
- return pw_pass;
+ return NULL;
}
#ifdef WITH_AUDIT
@@ -471,12 +474,15 @@ static char *new_pw_passwd (char *pw_pas @@ -471,12 +474,15 @@ static char *new_pw_passwd (char *pw_pas
user_newname, (unsigned int) user_newid, 1); user_newname, (unsigned int) user_newid, 1);
#endif #endif
@ -31,9 +37,27 @@ diff -up shadow-4.2.1/src/usermod.c.unlock shadow-4.2.1/src/usermod.c
+ fprintf (stderr, + fprintf (stderr,
+ _("%s: The password field cannot contain a colon character.\n"), + _("%s: The password field cannot contain a colon character.\n"),
+ Prog); + Prog);
+ return pw_pass; + return NULL;
+ +
+ } + }
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog, audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
"updating-password", "updating-password",
@@ -525,6 +531,8 @@ static void new_pwent (struct passwd *pw
if ( (!is_shadow_pwd)
|| (strcmp (pwent->pw_passwd, SHADOW_PASSWD_STRING) != 0)) {
pwent->pw_passwd = new_pw_passwd (pwent->pw_passwd);
+ if (pwent->pw_passwd == NULL)
+ fail_exit (E_PW_UPDATE);
}
if (uflg) {
@@ -639,6 +647,8 @@ static void new_spent (struct spwd *spen
* + aging has been requested
*/
spent->sp_pwdp = new_pw_passwd (spent->sp_pwdp);
+ if (spent->sp_pwdp == NULL)
+ fail_exit(E_PW_UPDATE);
if (pflg) {
spent->sp_lstchg = (long) time ((time_t *) 0) / SCALE;

5
shadow-utils.spec
View file

@ -1,7 +1,7 @@
Summary: Utilities for managing accounts and shadow password files Summary: Utilities for managing accounts and shadow password files
Name: shadow-utils Name: shadow-utils
Version: 4.2.1 Version: 4.2.1
Release: 6%{?dist} Release: 7%{?dist}
Epoch: 2 Epoch: 2
URL: http://pkg-shadow.alioth.debian.org/ URL: http://pkg-shadow.alioth.debian.org/
Source0: http://pkg-shadow.alioth.debian.org/releases/shadow-%{version}.tar.xz Source0: http://pkg-shadow.alioth.debian.org/releases/shadow-%{version}.tar.xz
@ -254,6 +254,9 @@ rm -rf $RPM_BUILD_ROOT
%{_mandir}/man8/vigr.8* %{_mandir}/man8/vigr.8*
%changelog %changelog
* Tue Feb 9 2016 Tomáš Mráz <tmraz@redhat.com> - 2:4.2.1-7
- usermod: properly return error during password manipulation
* Wed Feb 3 2016 Tomáš Mráz <tmraz@redhat.com> - 2:4.2.1-6 * Wed Feb 3 2016 Tomáš Mráz <tmraz@redhat.com> - 2:4.2.1-6
- add possibility to clear or set lastlog record for user via lastlog - add possibility to clear or set lastlog record for user via lastlog