hush/loginutils/chpasswd.c

/* vi: set sw=4 ts=4: */
/*
 * chpasswd.c
 *
 * Written for SLIND (from passwd.c) by Alexander Shishkin <virtuoso@slind.org>
 * Licensed under GPLv2 or later, see file LICENSE in this source tree.
 */
#include "libbb.h"

//usage:#define chpasswd_trivial_usage
//usage:	IF_LONG_OPTS("[--md5|--encrypted]") IF_NOT_LONG_OPTS("[-m|-e]")
//usage:#define chpasswd_full_usage "\n\n"
//usage:       "Read user:password from stdin and update /etc/passwd\n"
//usage:	IF_LONG_OPTS(
//usage:     "\n	-e,--encrypted	Supplied passwords are in encrypted form"
//usage:     "\n	-m,--md5	Use MD5 encryption instead of DES"
//usage:	)
//usage:	IF_NOT_LONG_OPTS(
//usage:     "\n	-e	Supplied passwords are in encrypted form"
//usage:     "\n	-m	Use MD5 encryption instead of DES"
//usage:	)

//TODO: implement -c ALGO

#if ENABLE_LONG_OPTS
static const char chpasswd_longopts[] ALIGN1 =
	"encrypted\0" No_argument "e"
	"md5\0"       No_argument "m"
	;
#endif

#define OPT_ENC  1
#define OPT_MD5  2

int chpasswd_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
int chpasswd_main(int argc UNUSED_PARAM, char **argv)
{
	char *name;
	int opt;

	if (getuid() != 0)
		bb_error_msg_and_die(bb_msg_perm_denied_are_you_root);

	opt_complementary = "m--e:e--m";
	IF_LONG_OPTS(applet_long_options = chpasswd_longopts;)
	opt = getopt32(argv, "em");

	while ((name = xmalloc_fgetline(stdin)) != NULL) {
		char *free_me;
		char *pass;
		int rc;

		pass = strchr(name, ':');
		if (!pass)
			bb_error_msg_and_die("missing new password");
		*pass++ = '\0';

		xuname2uid(name); /* dies if there is no such user */

		free_me = NULL;
		if (!(opt & OPT_ENC)) {
			char salt[sizeof("$N$XXXXXXXX")];

			crypt_make_salt(salt, 1);
			if (opt & OPT_MD5) {
				salt[0] = '$';
				salt[1] = '1';
				salt[2] = '$';
				crypt_make_salt(salt + 3, 4);
			}
			free_me = pass = pw_encrypt(pass, salt, 0);
		}

		/* This is rather complex: if user is not found in /etc/shadow,
		 * we try to find & change his passwd in /etc/passwd */
#if ENABLE_FEATURE_SHADOWPASSWDS
		rc = update_passwd(bb_path_shadow_file, name, pass, NULL);
		if (rc > 0) /* password in /etc/shadow was updated */
			pass = (char*)"x";
		if (rc >= 0)
			/* 0 = /etc/shadow missing (not an error), >0 = passwd changed in /etc/shadow */
#endif
			rc = update_passwd(bb_path_passwd_file, name, pass, NULL);
		/* LOGMODE_BOTH logs to syslog also */
		logmode = LOGMODE_BOTH;
		if (rc < 0)
			bb_error_msg_and_die("an error occurred updating password for %s", name);
		if (rc)
			bb_info_msg("Password for '%s' changed", name);
		logmode = LOGMODE_STDIO;
		free(name);
		free(free_me);
	}
	return EXIT_SUCCESS;
}
chpasswd: now with svn add 2007-07-20 21:29:49 +00:00			`/* vi: set sw=4 ts=4: */`
			`/*`
			`* chpasswd.c`
			`*`
			`* Written for SLIND (from passwd.c) by Alexander Shishkin <virtuoso@slind.org>`
*: make GNU licensing statement forms more regular This change retains "or later" state! No licensing _changes_ here, only form is adjusted (article, space between "GPL" and "v2" and so on). Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> 2010-08-16 18:14:46 +00:00			`* Licensed under GPLv2 or later, see file LICENSE in this source tree.`
chpasswd: now with svn add 2007-07-20 21:29:49 +00:00			`*/`
			`#include "libbb.h"`

move help text from include/usage.src.h to debianutils/.c e2fsprogs/.c editors/.c loginutils/.c mailutils/*.c Signed-off-by: Pere Orga <gotrunks@gmail.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> 2011-04-01 20:56:30 +00:00			`//usage:#define chpasswd_trivial_usage`
			`//usage: IF_LONG_OPTS("[--md5\|--encrypted]") IF_NOT_LONG_OPTS("[-m\|-e]")`
			`//usage:#define chpasswd_full_usage "\n\n"`
			`//usage: "Read user:password from stdin and update /etc/passwd\n"`
			`//usage: IF_LONG_OPTS(`
			`//usage: "\n -e,--encrypted Supplied passwords are in encrypted form"`
			`//usage: "\n -m,--md5 Use MD5 encryption instead of DES"`
			`//usage: )`
			`//usage: IF_NOT_LONG_OPTS(`
			`//usage: "\n -e Supplied passwords are in encrypted form"`
			`//usage: "\n -m Use MD5 encryption instead of DES"`
			`//usage: )`

passwd,cryptpw: make default encryption algorithm configurable Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> 2012-01-08 15:44:37 +00:00			`//TODO: implement -c ALGO`

getopt: FEATURE_GETOPT_LONG for -l; rename GETOPT_LONG to LONG_OPTS Signed-off-by: Colin Watson <cjwatson@ubuntu.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> 2009-06-19 10:10:38 +00:00			`#if ENABLE_LONG_OPTS`
trylink: produce even more info about final link stage trylink: explain how to modify link and drastically decrease amount of padding (unfortunately, needs hand editing ATM). *: add ALIGN1 / ALIGN2 to global strings and arrays of bytes and shorts size saving: 0.5k 2007-08-12 20:58:27 +00:00			`static const char chpasswd_longopts[] ALIGN1 =`
rework long option handling. saves ~1.2k function old new delta tar_longopts - 222 +222 static.udhcpc_longopts - 192 +192 start_stop_daemon_longopts - 150 +150 getopt32 1045 1185 +140 static.wget_longopts - 111 +111 static.od_longopts - 105 +105 getopt_longopts - 96 +96 install_longopts - 67 +67 ipcalc_longopts - 63 +63 static.hwclock_longopts - 54 +54 ftpgetput_longopts - 52 +52 static.dumpleases_longopts - 32 +32 env_longopts - 31 +31 runparts_longopts - 30 +30 mv_longopts - 24 +24 mkdir_longopts - 19 +19 find_pair 164 180 +16 bb_null_long_options - 16 +16 setconsole_longopts - 10 +10 display_speed 91 98 +7 collect_blk 467 474 +7 show_color 4 1 -3 ls_main 913 904 -9 bb_default_long_options 16 - -16 ls_color_opt 32 10 -22 setconsole_long_options 32 - -32 arith 2077 2030 -47 mv_long_options 48 - -48 mkdir_long_options 48 - -48 env_long_options 48 - -48 static.options 248 184 -64 runparts_long_options 80 - -80 ftpgetput_long_options 96 - -96 static.hwclock_long_options 112 - -112 install_long_options 112 - -112 static.long_options 144 - -144 static.wget_long_options 160 - -160 longopts 160 - -160 static.arg_options 304 - -304 tar_long_options 320 - -320 long_options 384 - -384 ------------------------------------------------------------------------------ (add/remove: 17/15 grow/shrink: 4/5 up/down: 1444/-2209) Total: -765 bytes text data bss dec hex filename 782618 1328 11900 795846 c24c6 busybox_old 781354 1328 11900 794582 c1fd6 busybox_unstripped 2007-07-23 17:14:14 +00:00			`"encrypted\0" No_argument "e"`
			`"md5\0" No_argument "m"`
Replace index_in_[sub]str_array with index_in_[sub]strings, which scans thru "abc\0def\0123\0\0" type strings. Saves 250 bytes. text data bss dec hex filename 781266 1328 11844 794438 c1f46 busybox_old 781010 1328 11844 794182 c1e46 busybox_unstripped 2007-07-24 15:54:42 +00:00			`;`
chpasswd: now with svn add 2007-07-20 21:29:49 +00:00			`#endif`

*: whitespace fixes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> 2010-10-28 16:57:19 +00:00			`#define OPT_ENC 1`
			`#define OPT_MD5 2`
chpasswd: now with svn add 2007-07-20 21:29:49 +00:00
add -fvisibility=hidden to CC flags, mark XXX_main functions EXTERNALLY_VISIBLE. 5% size reduction of libbusybox.so 2007-10-11 10:05:36 +00:00			`int chpasswd_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;`
*: rename ATTRIBUTE_XXX to just XXX. 2008-07-05 09:18:54 +00:00			`int chpasswd_main(int argc UNUSED_PARAM, char **argv)`
chpasswd: now with svn add 2007-07-20 21:29:49 +00:00			`{`
chpasswd: fix possible free() or non-allocated string. +8 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> 2011-09-11 10:25:59 +00:00			`char *name;`
			`int opt;`
chpasswd: now with svn add 2007-07-20 21:29:49 +00:00
adduser: safe username passing to passwd/addgroup passwd: support creating SHA passwords random code shrink function old new delta crypt_make_pw_salt - 87 +87 adduser_main 883 904 +21 ... crypt_make_salt 99 89 -10 chpasswd_main 329 312 -17 packed_usage 28731 28691 -40 passwd_main 1070 1000 -70 cryptpw_main 310 224 -86 ------------------------------------------------------------------------------ (add/remove: 1/0 grow/shrink: 4/12 up/down: 154/-288) Total: -134 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> 2011-05-13 01:19:01 +00:00			`if (getuid() != 0)`
chpasswd: now with svn add 2007-07-20 21:29:49 +00:00			`bb_error_msg_and_die(bb_msg_perm_denied_are_you_root);`

whitespace fixes, no code changes 2007-08-16 10:35:17 +00:00			`opt_complementary = "m--e:e--m";`
getopt: FEATURE_GETOPT_LONG for -l; rename GETOPT_LONG to LONG_OPTS Signed-off-by: Colin Watson <cjwatson@ubuntu.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> 2009-06-19 10:10:38 +00:00			`IF_LONG_OPTS(applet_long_options = chpasswd_longopts;)`
don't pass argc in getopt32, it's superfluous (add/remove: 0/0 grow/shrink: 12/131 up/down: 91/-727) Total: -636 bytes text data bss dec hex filename 773469 1058 11092 785619 bfcd3 busybox_old 772644 1058 11092 784794 bf99a busybox_unstripped 2007-08-18 15:32:12 +00:00			`opt = getopt32(argv, "em");`
chpasswd: now with svn add 2007-07-20 21:29:49 +00:00
*: more uniform naming: s/xmalloc_getline/xmalloc_fgetline/ 2008-03-26 20:04:27 +00:00			`while ((name = xmalloc_fgetline(stdin)) != NULL) {`
chpasswd: fix possible free() or non-allocated string. +8 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> 2011-09-11 10:25:59 +00:00			`char *free_me;`
			`char *pass;`
			`int rc;`

chpasswd: now with svn add 2007-07-20 21:29:49 +00:00			`pass = strchr(name, ':');`
			`if (!pass)`
			`bb_error_msg_and_die("missing new password");`
			`*pass++ = '\0';`

chpasswd: fixes and code shrink update_passwd 732 734 +2 chpasswd_main 318 292 -26 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 1/1 up/down: 2/-26) Total: -24 bytes text data bss dec hex filename 781564 1168 11900 794632 c2008 busybox_old 781548 1168 11900 794616 c1ff8 busybox_unstripped 2007-07-21 13:25:28 +00:00			`xuname2uid(name); /* dies if there is no such user */`
chpasswd: now with svn add 2007-07-20 21:29:49 +00:00
chpasswd: fix possible free() or non-allocated string. +8 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> 2011-09-11 10:25:59 +00:00			`free_me = NULL;`
chpasswd: now with svn add 2007-07-20 21:29:49 +00:00			`if (!(opt & OPT_ENC)) {`
chpasswd: fix possible free() or non-allocated string. +8 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> 2011-09-11 10:25:59 +00:00			`char salt[sizeof("$N$XXXXXXXX")];`

adduser: safe username passing to passwd/addgroup passwd: support creating SHA passwords random code shrink function old new delta crypt_make_pw_salt - 87 +87 adduser_main 883 904 +21 ... crypt_make_salt 99 89 -10 chpasswd_main 329 312 -17 packed_usage 28731 28691 -40 passwd_main 1070 1000 -70 cryptpw_main 310 224 -86 ------------------------------------------------------------------------------ (add/remove: 1/0 grow/shrink: 4/12 up/down: 154/-288) Total: -134 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> 2011-05-13 01:19:01 +00:00			`crypt_make_salt(salt, 1);`
chpasswd: now with svn add 2007-07-20 21:29:49 +00:00			`if (opt & OPT_MD5) {`
adduser: safe username passing to passwd/addgroup passwd: support creating SHA passwords random code shrink function old new delta crypt_make_pw_salt - 87 +87 adduser_main 883 904 +21 ... crypt_make_salt 99 89 -10 chpasswd_main 329 312 -17 packed_usage 28731 28691 -40 passwd_main 1070 1000 -70 cryptpw_main 310 224 -86 ------------------------------------------------------------------------------ (add/remove: 1/0 grow/shrink: 4/12 up/down: 154/-288) Total: -134 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> 2011-05-13 01:19:01 +00:00			`salt[0] = '$';`
			`salt[1] = '1';`
			`salt[2] = '$';`
			`crypt_make_salt(salt + 3, 4);`
chpasswd: now with svn add 2007-07-20 21:29:49 +00:00			`}`
chpasswd: fix possible free() or non-allocated string. +8 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> 2011-09-11 10:25:59 +00:00			`free_me = pass = pw_encrypt(pass, salt, 0);`
chpasswd: now with svn add 2007-07-20 21:29:49 +00:00			`}`

chpasswd: fixes for shadow password handling 2007-07-21 13:54:26 +00:00			`/* This is rather complex: if user is not found in /etc/shadow,`
			`* we try to find & change his passwd in /etc/passwd */`
			`#if ENABLE_FEATURE_SHADOWPASSWDS`
*: unify concurrent-safe update of /etc/{passwd,group,[g]shadow} by Tito (farmatito AT tiscali.it) function old new delta update_passwd 743 1171 +428 bb_perror_nomsg - 9 +9 find_main 436 444 +8 passwd_main 1023 1027 +4 nameval 202 206 +4 chpasswd_main 315 319 +4 bb__parsespent 119 117 -2 adduser_main 654 650 -4 addgroup_main 345 341 -4 sv_main 1228 1222 -6 deluser_main 173 160 -13 bb_internal_putpwent 69 - -69 add_user_to_group 231 - -231 del_line_matching 460 31 -429 ------------------------------------------------------------------------------ (add/remove: 1/2 grow/shrink: 5/6 up/down: 457/-758) Total: -301 bytes 2009-04-14 00:51:05 +00:00			`rc = update_passwd(bb_path_shadow_file, name, pass, NULL);`
passwd,chpasswd: reset password in /etc/passwd to "x" if /etc/shadow was updated Signed-off-by: Tito Ragusa <farmatito@tiscali.it> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> 2011-04-04 22:18:33 +00:00			`if (rc > 0) /* password in /etc/shadow was updated */`
			`pass = (char*)"x";`
			`if (rc >= 0)`
			`/* 0 = /etc/shadow missing (not an error), >0 = passwd changed in /etc/shadow */`
chpasswd: fixes for shadow password handling 2007-07-21 13:54:26 +00:00			`#endif`
*: unify concurrent-safe update of /etc/{passwd,group,[g]shadow} by Tito (farmatito AT tiscali.it) function old new delta update_passwd 743 1171 +428 bb_perror_nomsg - 9 +9 find_main 436 444 +8 passwd_main 1023 1027 +4 nameval 202 206 +4 chpasswd_main 315 319 +4 bb__parsespent 119 117 -2 adduser_main 654 650 -4 addgroup_main 345 341 -4 sv_main 1228 1222 -6 deluser_main 173 160 -13 bb_internal_putpwent 69 - -69 add_user_to_group 231 - -231 del_line_matching 460 31 -429 ------------------------------------------------------------------------------ (add/remove: 1/2 grow/shrink: 5/6 up/down: 457/-758) Total: -301 bytes 2009-04-14 00:51:05 +00:00			`rc = update_passwd(bb_path_passwd_file, name, pass, NULL);`
chpasswd: fixes for shadow password handling 2007-07-21 13:54:26 +00:00			`/* LOGMODE_BOTH logs to syslog also */`
chpasswd: now with svn add 2007-07-20 21:29:49 +00:00			`logmode = LOGMODE_BOTH;`
chpasswd: fixes for shadow password handling 2007-07-21 13:54:26 +00:00			`if (rc < 0)`
chpasswd: fixes and code shrink update_passwd 732 734 +2 chpasswd_main 318 292 -26 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 1/1 up/down: 2/-26) Total: -24 bytes text data bss dec hex filename 781564 1168 11900 794632 c2008 busybox_old 781548 1168 11900 794616 c1ff8 busybox_unstripped 2007-07-21 13:25:28 +00:00			`bb_error_msg_and_die("an error occurred updating password for %s", name);`
chpasswd: fixes for shadow password handling 2007-07-21 13:54:26 +00:00			`if (rc)`
chpasswd: now with svn add 2007-07-20 21:29:49 +00:00			`bb_info_msg("Password for '%s' changed", name);`
			`logmode = LOGMODE_STDIO;`
			`free(name);`
chpasswd: fix possible free() or non-allocated string. +8 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> 2011-09-11 10:25:59 +00:00			`free(free_me);`
chpasswd: now with svn add 2007-07-20 21:29:49 +00:00			`}`
- don't free user-supplied string (via -e) - fix helptext function old new delta chpasswd_main 300 319 +19 packed_usage 24352 24344 -8 .rodata 122227 122195 -32 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 1/2 up/down: 19/-40) Total: -21 bytes 2008-08-05 09:56:56 +00:00			`return EXIT_SUCCESS;`
chpasswd: now with svn add 2007-07-20 21:29:49 +00:00			`}`