Don't ask for a password if there are no group passwords. Just directly

give up. This comes from the Fedora's patch shadow-4.0.13-newgrpPwd.patch,
and seems to be the only part with an effect.
This commit is contained in:
nekral-guest 2007-11-10 18:54:40 +00:00
parent 1bdb92706e
commit f9de15fdcf
3 changed files with 19 additions and 9 deletions

View File

@ -1,3 +1,10 @@
2007-11-10 Nicolas François <nicolas.francois@centraliens.net>
* NEWS, src/newgrp.c: Don't ask for a password if there are no
group passwords. Just directly give up. This comes from the
Fedora's patch shadow-4.0.13-newgrpPwd.patch, and seems to be the
only part with an effect.
2007-11-10 Nicolas François <nicolas.francois@centraliens.net>
* NEWS, src/chgpasswd.c, src/chpasswd.c: Fix chpasswd and

2
NEWS
View File

@ -8,6 +8,8 @@ shadow-4.0.18.1 -> shadow-4.0.18.2 UNRELEASED
Thanks also to Greg Schafer <gschafer@zip.com.au>.
- chgpasswd, chpasswd: Fix chpasswd and chgpasswd stack overflow. Based on
Fedora's shadow-4.0.18.1-overflow.patch.
- newgrp: Don't ask for a password if there are no group passwords. Just
directly give up.
shadow-4.0.18.1 -> shadow-4.0.18.2 28-10-2007

View File

@ -377,6 +377,16 @@ int main (int argc, char **argv)
* unless she is listed as a member. -- JWP
*/
if (getuid () != 0 && needspasswd) {
if (grp->gr_passwd[0] == '\0') {
/*
* there is no password, print out "No password."
* and give up
*/
sleep (1);
fputs (_("No password.\n"), stderr);
goto failure;
}
/*
* get the password from her, and set the salt for
* the decryption from the group file.
@ -392,15 +402,6 @@ int main (int argc, char **argv)
cpasswd = pw_encrypt (cp, grp->gr_passwd);
strzero (cp);
if (grp->gr_passwd[0] == '\0') {
/*
* there is no password, print out "Sorry" and give up
*/
sleep (1);
fputs (_("No password.\n"), stderr);
goto failure;
}
if (strcmp (cpasswd, grp->gr_passwd) != 0) {
SYSLOG ((LOG_INFO,
"Invalid password for group `%s' from `%s'",