Bug 24953
| Summary: | adduser ignores passwd_format in login.conf | ||
|---|---|---|---|
| Product: | Base System | Reporter: | land <land> |
| Component: | bin | Assignee: | Brian Feldman <green> |
| Status: | Closed FIXED | ||
| Severity: | Affects Only Me | ||
| Priority: | Normal | ||
| Version: | 4.2-STABLE | ||
| Hardware: | Any | ||
| OS: | Any | ||
|
Description
land
2001-02-08 17:20:00 UTC
Responsible Changed From-To: freebsd-bugs->green green added the passwd_format stuff Some time back I wrote a script to replace adduser. It does not have this bug, as it wraps itself around pw. I wrote it to be easy to modify for site-specific installations, and have filed a PR so that it may be considered or adapted as a suitable replacement: http://www.FreeBSD.org/cgi/query-pr.cgi?pr=24439 HTH, -dannyman Here is a patch to adduser against FreeBSD-4 branch.
It uses crypt magic feature of salt prefix to apply
md5/des encription and DB_File class to read /
etc/login.conf.db.
It isn't widely tested, but works for my own purposes.
And, also, I like to use my favorite user management stuff
which works for a long time. Replacement is probably good
but not the best think...
Serg N. Voronkov.
--- /usr/src/usr.sbin/adduser/adduser.perl Sat Aug 28 07:15:11 1999
+++ adduser.perl Tue May 22 17:35:29 2001
@@ -26,6 +26,7 @@
#
# $FreeBSD: src/usr.sbin/adduser/adduser.perl,v 1.44 1999/08/28 01:15:11 peter Exp $
+use DB_File;
# read variables
sub variables {
@@ -678,6 +679,7 @@
local($userhome);
local($groupmembers_bak, $cryptpwd);
local($new_users_ok) = 1;
+ local($salt_extended);
$new_groups = "no";
@@ -703,7 +705,10 @@
$new_users_ok = 1;
$cryptpwd = "";
- $cryptpwd = crypt($password, &salt) if $password ne "";
+ $salt_extended = &passwd_format_prefix($class);
+ $salt_extended .= &salt;
+ print "\n$salt_extended\n";
+ $cryptpwd = crypt($password, $salt_extended) if $password ne "";
# obscure perl bug
$new_entry = "$name\:" . "$cryptpwd" .
"\:$u_id\:$g_id\:$class\:0:0:$fullname:$userhome:$sh";
@@ -775,6 +780,29 @@
$last = $e;
}
return @array;
+}
+
+# determine and return salt prefix depended on login_class given
+sub passwd_format_prefix {
+ local($class) = shift;
+ local(%hash,$k,$v);
+ local($ret)="";
+
+ tie %hash, 'DB_File', "/etc/login.conf.db", O_RDONLY, 0644, $DB_HASH ||
+ return "";
+
+ $class = "default" if($class eq "");
+ while(($k,$v) = each %hash) {
+ if($k eq $class){
+ $v =~ /passwd_format=([a-z0-9]*):/;
+ $ret=($1 eq "md5")? "\$1\$": "";
+ last;
+ }
+ }
+
+ untie %hash;
+
+ return $ret;
}
# see /usr/src/usr.bin/passwd/local_passwd.c or librcypt, crypt(3)
As an alternative, this simple patch merely makes adduser use MD5 since
thats the default in FreeBSD now anyway. This is only tested against
4.5-RELEASE, but it probably hasn't changed.
--- adduser.perl.orig Mon Apr 22 10:37:02 2002
+++ adduser.perl Mon Apr 22 10:37:26 2002
@@ -790,9 +790,12 @@
sub salt {
local($salt); # initialization
local($i, $rand);
- local(@itoa64) = ( '0' .. '9', 'a' .. 'z', 'A' .. 'Z' ); # 0 .. 63
+ local(@itoa64) = ( '.','/','0' .. '9', 'a' .. 'z', 'A' .. 'Z' ); #
0 .. 63
warn "calculate salt\n" if $verbose > 1;
+
+ $salt = "\$1\$"; # Make it use MD5
+
# to64
for ($i = 0; $i < 27; $i++) {
srand(time + $rand + $$);
Brian, The new adduser.sh script wraps around pw(8) so this issue is no longer relevant. This PR is assigned to you, can you close it, please? Cheers. -- Mike Makonnen | GPG-KEY: http://www.identd.net/~mtm/mtm.asc mtm@identd.net | Fingerprint: D228 1A6F C64E 120A A1C9 A3AA DAE1 E2AF DBCC 68B9 State Changed From-To: open->closed mtm@ reported some time ago that this had been fixed, so closed, with hat: bugmeister. |
