Release FreeBSD 1.1.5.1upstream/1.1.5.1_cvsrelease/1.1.5.1_cvsreleng/1

This commit was manufactured to restore the state of the 1.1.5.1-RELEASE image.
Releases prior to 5.3-RELEASE are omitting the secure/ and crypto/ subdirs.

3 files changed, 113 insertions, 15 deletions

diff --git a/usr.bin/chpass/Makefile b/usr.bin/chpass/Makefile
index 573781ba3339..76eb09174306 100644
--- a/usr.bin/chpass/Makefile
+++ b/usr.bin/chpass/Makefile
@@ -1,11 +1,17 @@
 #	@(#)Makefile	5.5 (Berkeley) 2/19/91
 
 PROG=	chpass
-SRCS=	chpass.c edit.c field.c pw_copy.c pw_scan.c pw_util.c table.c util.c
+SRCS=   chpass.c edit.c field.c pw_copy.c pw_scan.c pw_util.c table.c util.c \
+	pw_fastmkdb.c
 BINOWN=	root
 BINMODE=4555
-.PATH:	${.CURDIR}/../../usr.sbin/pwd_mkdb ${.CURDIR}/../../usr.sbin/vipw
+.PATH:  ${.CURDIR}/../../usr.sbin/pwd_mkdb ${.CURDIR}/../../usr.sbin/vipw \
+	${.CURDIR}/../../usr.bin/passwd
 LINKS=	${BINDIR}/chpass ${BINDIR}/chfn ${BINDIR}/chpass ${BINDIR}/chsh
 MLINKS=	chpass.1 chfn.1 chpass.1 chsh.1
 
+.if defined (PW_COMPACT)
+CFLAGS+=-DPW_COMPACT
+.endif
+
 .include <bsd.prog.mk>
diff --git a/usr.bin/chpass/chpass.c b/usr.bin/chpass/chpass.c
index 4cf13e2032dc..4073706aa704 100644
--- a/usr.bin/chpass/chpass.c
+++ b/usr.bin/chpass/chpass.c
@@ -59,6 +59,11 @@ char *progname = "chpass";
 char *tempname;
 uid_t uid;
 
+#define	INSECURE	1
+#define	SECURE		2
+#define	PERM_INSECURE	(S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH)
+#define	PERM_SECURE	(S_IRUSR|S_IWUSR)
+
 main(argc, argv)
 	int argc;
 	char **argv;
@@ -151,7 +156,7 @@ main(argc, argv)
 	 *	Pw_copy() closes its fp, flushing the data and closing the
 	 *	underlying file descriptor.  We can't close the master
 	 *	password fp, or we'd lose the lock.
-	 * 7:	Call pw_mkdb() (which renames the temporary file) and exit.
+	 * 7:	Call pw_fastmkdb() (which renames the temporary file) and exit.
 	 *	The exit closes the master passwd fp/fd.
 	 */
 	pw_init();
@@ -164,11 +169,35 @@ main(argc, argv)
 		(void)unlink(tempname);
 		tfd = pw_tmp();
 	}
-		
+
 	pw_copy(pfd, tfd, pw);
 
-	if (!pw_mkdb())
-		pw_error((char *)NULL, 0, 1);
+	/*
+	 * Attempt a recovery if the incremental database update failed by
+	 * handing off to the real password hashing program to remake the
+	 * whole mess. Even though this costs lots of time it's better than
+	 * having the password databases out of sync with the master pw file.
+	 */
+	if (pw_fastmkdb(pw) < 0) {
+	rebuild:
+		fprintf(stderr,"%s: WARNING!! Password database mangled, recreating it from scratch\n", progname);
+		if(!pw_mkdb())
+			pw_error((char *)NULL, 0, 1);
+	}
+        else {
+                   tfd = pw_tmp();
+                   fchmod(tfd, PERM_INSECURE);
+                   pfd = open(_PATH_PASSWD, O_RDONLY, PERM_INSECURE);
+		   if (pfd < 0) {
+			(void)fprintf(stderr,
+			    "%s: %s: %s\n", progname, _PATH_PASSWD, strerror(errno));
+			goto rebuild;
+		   }
+                   pw->pw_passwd = "*";
+	           pw_copy_insecure(pfd, tfd, pw);
+	           mv(tempname, _PATH_PASSWD);
+                     
+        }
 	exit(0);
 }
 
diff --git a/usr.bin/chpass/pw_copy.c b/usr.bin/chpass/pw_copy.c
index 9b7ab9025d5c..6bfcc6b6b851 100644
--- a/usr.bin/chpass/pw_copy.c
+++ b/usr.bin/chpass/pw_copy.c
@@ -46,21 +46,36 @@ static char sccsid[] = "@(#)pw_copy.c	5.3 (Berkeley) 5/2/91";
 
 extern char *progname, *tempname;
 
-pw_copy(ffd, tfd, pw)
+int globcnt;
+
+/*
+ * NB: Use of pw_copy() to update the insecure passwd file
+ * necessitates that this routine be wrapperized
+ * so that it can handle the formats used by both 
+ * /etc/master.passwd and /etc/passwd
+ *
+ * pw_copy() and pw_copy_insecure() both call pw_copy_drv(), which
+ * does the work.
+ */
+static pw_copy_drv(ffd, tfd, pw, secure_format)
 	int ffd, tfd;
 	struct passwd *pw;
+	int secure_format;
 {
 	register FILE *from, *to;
 	register int done;
 	register char *p;
 	char buf[8192];
+        int tmpcnt;
 
 	if (!(from = fdopen(ffd, "r")))
 		pw_error(_PATH_MASTERPASSWD, 1, 1);
 	if (!(to = fdopen(tfd, "w")))
 		pw_error(tempname, 1, 1);
 
+        tmpcnt=0;
 	for (done = 0; fgets(buf, sizeof(buf), from);) {
+            tmpcnt++;
 		if (!index(buf, '\n')) {
 			(void)fprintf(stderr, "%s: %s: line too long\n",
 			    progname, _PATH_MASTERPASSWD);
@@ -85,21 +100,69 @@ pw_copy(ffd, tfd, pw)
 				goto err;
 			continue;
 		}
-		(void)fprintf(to, "%s:%s:%d:%d:%s:%ld:%ld:%s:%s:%s\n",
-		    pw->pw_name, pw->pw_passwd, pw->pw_uid, pw->pw_gid,
-		    pw->pw_class, pw->pw_change, pw->pw_expire, pw->pw_gecos,
-		    pw->pw_dir, pw->pw_shell);
+                globcnt = tmpcnt;
+		/*
+		 * NB: /etc/passwd: insecure format does not have
+		 * class, change and expire fields !
+		 */
+		if(secure_format)
+			(void)fprintf(to, "%s:%s:%d:%d:%s:%ld:%ld:%s:%s:%s\n",
+		    		pw->pw_name, pw->pw_passwd, pw->pw_uid, 
+				pw->pw_gid, pw->pw_class, pw->pw_change, 
+				pw->pw_expire, pw->pw_gecos, pw->pw_dir, 
+				pw->pw_shell);
+		else
+			(void)fprintf(to, "%s:%s:%d:%d:%s:%s:%s\n",
+				pw->pw_name, pw->pw_passwd, pw->pw_uid,
+				pw->pw_gid, pw->pw_gecos, pw->pw_dir,
+				pw->pw_shell);
 		done = 1;
 		if (ferror(to))
 			goto err;
 	}
 	if (!done)
-		(void)fprintf(to, "%s:%s:%d:%d:%s:%ld:%ld:%s:%s:%s\n",
-		    pw->pw_name, pw->pw_passwd, pw->pw_uid, pw->pw_gid,
-		    pw->pw_class, pw->pw_change, pw->pw_expire, pw->pw_gecos,
-		    pw->pw_dir, pw->pw_shell);
+        {
+                globcnt = tmpcnt+1;
+		/*
+		 * NB: /etc/passwd: insecure format does not have
+		 * class, change and expire fields !
+		 */
+		if(secure_format)
+			(void)fprintf(to, "%s:%s:%d:%d:%s:%ld:%ld:%s:%s:%s\n",
+		    		pw->pw_name, pw->pw_passwd, pw->pw_uid, 
+				pw->pw_gid, pw->pw_class, pw->pw_change, 
+				pw->pw_expire, pw->pw_gecos, pw->pw_dir, 
+				pw->pw_shell);
+		else
+			(void)fprintf(to, "%s:%s:%d:%d:%s:%s:%s\n",
+				pw->pw_name, pw->pw_passwd, pw->pw_uid,
+				pw->pw_gid, pw->pw_gecos, pw->pw_dir,
+				pw->pw_shell);
+        }
 
 	if (ferror(to))
 err:		pw_error(NULL, 1, 1);
 	(void)fclose(to);
 }
+
+
+/*
+ * Standard pw_copy routine - used to update master.passwd
+ */
+pw_copy(ffd, tfd, pw)
+	int ffd, tfd;
+	struct passwd *pw;
+{
+	pw_copy_drv(ffd, tfd, pw, 1);
+}
+
+
+/*
+ * Special pw_copy routine used to update insecure passwd file
+ */
+pw_copy_insecure(ffd, tfd, pw)
+	int ffd, tfd;
+	struct passwd *pw;
+{
+	pw_copy_drv(ffd, tfd, pw, 0);
+}