Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 10 Dec 2008 18:00:25 -0800
From:      "Sheldon Givens" <sheldon@sigsegv.ca>
To:        freebsd-hackers@freebsd.org
Subject:   Small Change to chpass.c
Message-ID:  <f4ecc0930812101800g601d9f10jc008e83d82b54a81@mail.gmail.com>
next in thread | raw e-mail | index | archive | help 
Hi guys,

When I was doing some user management today I noticed that chpass, and all
the utilities that use chpass.c, only give one attempt to authenticate to
make the change. After I messed this up once or twice (and after doing 4-5
minutes of editing only to have it lost when I typo'd the password) I wrote
this little change in to chpass.c.

When it needs the users password, it will enter into a for loop, increasing
itr until it hits max_retries (defined at top of main() declaration). If one
of these tries is successful (password given matches) then auth is set to
'1' and we break from the loop, and update info. If, after three tries, auth
is still '0' (the user didn't supply the proper password) we call baduser()
to handle it.

It's a pretty inconsequential change but it managed to relieve me of quite a
bit of stress :-)

Happy Holidays, everyone!

Sheldon Givens



---snip---
--- /usr/src/usr.bin/chpass.c   2008-12-11 01:55:27.000000000 -0800
+++ /usr/src/usr.bin/chpass.c   2008-12-11 01:57:09.000000000 -0800
@@ -80,10 +80,11 @@
 {
        enum { NEWSH, LOADENTRY, EDITENTRY, NEWPW, NEWEXP } op;
        struct passwd lpw, *old_pw, *pw;
-       int ch, pfd, tfd;
+       int ch, pfd, tfd, itr, auth;
        const char *password;
        char *arg = NULL;
        uid_t uid;
+       int max_retries = 3;
 #ifdef YP
        struct ypclnt *ypclnt;
        const char *yp_domain = NULL, *yp_host = NULL;
@@ -227,9 +228,16 @@
        }

        if (old_pw && !master_mode) {
-               password = getpass("Password: ");
-               if (strcmp(crypt(password, old_pw->pw_passwd),
-                   old_pw->pw_passwd) != 0)
+               auth = 0;
+               for(itr=0;itr<max_retries;itr++) {
+                       password = getpass("Password:");
+                       if(strcmp(crypt(password, old_pw->pw_passwd),
+                       old_pw->pw_passwd) == 0) {
+                               auth=1;
+                               break;
+                       }
+               }
+               if (!auth)
                        baduser();
        } else {
                password = "";
---snip---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?f4ecc0930812101800g601d9f10jc008e83d82b54a81>