HomeFreeBSD
Diffusion FreeBSD src repository - subversion rS302778

pw should sanitize the argument of -w.
rS302778
Actions

Description

pw should sanitize the argument of -w.

Otherwise, it will silently disable the login for the selected account if
the argument is unrecognizable.

usr.sbin/pw/pw.h
usr.sbin/pw/pw_conf.c
usr.sbin/pw/pw_user.c
Use separate rules to validate boolean parameters and passwd
parameters. Error out if a password parameter cannot be parsed.

usr.sbin/pw/tests/Makefile
usr.sbin/pw/tests/crypt.c
usr.sbin/pw/tests/pw_useradd.sh
usr.sbin/pw/tests/pw_usermod.sh
Add tests for the validation. Also, enhance existing
password-related tests to actually validate that the correct hash is
written to master.passwd.

Reviewed by: bapt
MFC after: 4 weeks
Sponsored by: Spectra Logic Corp
Differential Revision: https://reviews.freebsd.org/D6840

Details

Provenance
asomersAuthored on
Reviewer
bapt
Differential Revision
D6840: pw(8) should sanitize the argument of -w
Parents
rS302777: After removing collation for [a-z] ranges in r302512, mimic system
Branches
Unknown
Tags
Unknown

Changes (7)

PathSize
head/
usr.sbin/
pw/
tests/

rS302778

View Options

head/usr.sbin/pw/pw.h

Loading...
View Options

head/usr.sbin/pw/pw_conf.c

Loading...
View Options

head/usr.sbin/pw/pw_user.c

Loading...
View Options

head/usr.sbin/pw/tests/Makefile

Loading...
View Options

head/usr.sbin/pw/tests/crypt.c

Loading...
View Options

head/usr.sbin/pw/tests/pw_useradd.sh

Loading...
View Options

head/usr.sbin/pw/tests/pw_usermod.sh

Loading...