* libmisc/Makefile.am, lib/prototypes.h, libmisc/yesno.c, src/grpck.c,
src/pwck.c: move yes_or_no() from grpck/pwck to a separate
libmisc/yesno.c (with a read_only argument).
* libmisc/fields.c, libmisc/yesno.c: Make sure stdout is flushed before
reading the user's answer.
Merge RedHat's patch shadow-4.0.18.1-findNewUidOnce.patch:
* src/useradd.c (usr_update): Do not call find_new_uid(). The UID was
already either specified or found by another call to find_new_uid().
* src/useradd.c (find_new_uid): Always start with uid_min (find_new_uid()
is never called when user_id was already specified).
* src/useradd.c (find_new_uid): Fix the comments (find_new_uid() is not
called when the UID is specified (uflg)).
* src/useradd.c (main): Only call find_new_uid() if (!oflg) and (!uflg).
If uflg is set (but not oflg), check the UID uniqueness.
* src/useradd.c (find_new_uid): Don't check the uid and user name
uniqueness in find_new_uid(). The user name uniqueness is already checked
during the parameter validation. UID uniqueness is also checked (see
above).
* src/useradd.c (find_new_uid): Don't check uflg in find_new_uid().
* src/useradd.c (find_new_uid): Make sure that find_new_uid() is not
called when uflg is set (assert).
Cleanups in find_new_gid:
* src/useradd.c (find_new_gid): Check that gflg is not set (assert).
* src/useradd.c (find_new_gid): Do not check the group name uniqueness
(already checked in main).
* src/useradd.c (find_new_gid): Avoid a "continue" in the loop.
* src/useradd.c (find_new_gid): Remove irrelevant comments.
* src/useradd.c (find_new_gid): Fix the function definition's comment.
default. Keeping the feature enabled is safe. Disabling it permits
to disable the references to the SHA256 and SHA512 password
encryption algorithms from the usage help and manuals (in addition
to the support for these algorithms in the code).
* libmisc/obscure.c, libmisc/salt.c, src/newusers.c,
src/chpasswd.c, src/chgpasswd.c, src/passwd.c: ENCRYPT_METHOD is
always supported in login.defs. Remove the ENCRYPTMETHOD_SELECT
preprocessor condition.
* libmisc/obscure.c, libmisc/salt.c, src/newusers.c,
src/chpasswd.c, src/chgpasswd.c, src/passwd.c: Disable SHA256 and
SHA512 if USE_SHA_CRYPT is not defined (this corresponds to a
subset of the ENCRYPTMETHOD_SELECT sections).
Thanks to Dan Kopecek <dkopecek@redhat.com>.
* src/chpasswd.c, src/chgpasswd.c: Do not use DES by default, but
the system default define in /Etc/login.defs. Thanks to Dan
Kopecek <dkopecek@redhat.com>.
* NEWS, man/chpasswd.8.xml, man/chgpasswd.8.xml: Do not mention
DES as the default algorithm.
* src/chpasswd.c, src/chgpasswd.c: Tag the ENCRYPTMETHOD_SELECT
dependent code accordingly.
* src/chpasswd.c: Added --sha-rounds to the usage().
* libmisc/Makefile.am, libmisc/getlong.c, src/chgpasswd.c,
src/chpasswd.c: New getlong function. Replace chpasswd's and
chgpasswd's getnumber.
gr_locate and sgr_locate. gpasswd write in the file database. Thus
it should read information from the file database, not using
getgrnam. The change to sgr_locate is just for consistency. This
requires opening the group databases (read only) using
gr_open/sgr_open.
* NEWS: Indicate that manpages should be re-generated if configure
option are changed, due to conditions.
This was not the case when the GID is not specified, and a GID
exist with an ID higher than the all the UIDs.
* Typo in comment: contrained -> constrained.
SHA256, and SHA512 exactly (not only the first 3/6 chars).
* libmisc/salt.c (SHA_salt_rounds): Set rounds to the specified
prefered_rounds value, if specified.
* src/gpasswd.c, libmisc/salt.c: Fix compilation warnings (use
size_t for lengths).
* src/chpasswd.c, src/chgpasswd.c: Add missing parenthesis.
crypt_make_salt to force the crypt method and number of rounds.
* libmisc/salt.c: Add parameter to SHA_salt_rounds to force the
number of rounds.
* libmisc/salt.c, lib/getdef.c: ENCRYPT_METHOD and MD5_CRYPT_ENAB
are needed also when USE_PAM (e.g. for chpasswd).
* src/newusers.c, src/gpasswd.c: Use the new crypt_make_salt prototype.
* src/chpasswd.c, src/chgpasswd.c: Add option -c, --crypt-method
and -s, --sha-rounds to specify the crypt method and number of
rounds in case of one of the SHA methods. The new prototype of
crypt_make_salt simplifies the handling of -m, --md5.
