[Pkg-shadow-commits] r1339 - in upstream/trunk: . src

nekral-guest at alioth.debian.org nekral-guest at alioth.debian.org
Sat Nov 10 18:54:40 UTC 2007 

Author: nekral-guest
Date: 2007-11-10 18:54:40 +0000 (Sat, 10 Nov 2007)
New Revision: 1339

Modified:
   upstream/trunk/ChangeLog
   upstream/trunk/NEWS
   upstream/trunk/src/newgrp.c
Log:
Don't ask for a password if there are no group passwords. Just directly
give up. This comes from the Fedora's patch shadow-4.0.13-newgrpPwd.patch,
and seems to be the only part with an effect.


Modified: upstream/trunk/ChangeLog
===================================================================
--- upstream/trunk/ChangeLog	2007-11-10 18:48:23 UTC (rev 1338)
+++ upstream/trunk/ChangeLog	2007-11-10 18:54:40 UTC (rev 1339)
@@ -1,5 +1,12 @@
 2007-11-10  Nicolas François  <nicolas.francois at centraliens.net>
 
+	* NEWS, src/newgrp.c: Don't ask for a password if there are no
+	group passwords. Just directly give up. This comes from the
+	Fedora's patch shadow-4.0.13-newgrpPwd.patch, and seems to be the
+	only part with an effect.
+
+2007-11-10  Nicolas François  <nicolas.francois at centraliens.net>
+
 	* NEWS, src/chgpasswd.c, src/chpasswd.c: Fix chpasswd and
 	chgpasswd stack overflow. Based on Fedora's
 	shadow-4.0.18.1-overflow.patch.

Modified: upstream/trunk/NEWS
===================================================================
--- upstream/trunk/NEWS	2007-11-10 18:48:23 UTC (rev 1338)
+++ upstream/trunk/NEWS	2007-11-10 18:54:40 UTC (rev 1339)
@@ -8,6 +8,8 @@
   Thanks also to Greg Schafer <gschafer at zip.com.au>.
 - chgpasswd, chpasswd: Fix chpasswd and chgpasswd stack overflow. Based on
   Fedora's shadow-4.0.18.1-overflow.patch.
+- newgrp: Don't ask for a password if there are no group passwords. Just
+  directly give up.
 
 shadow-4.0.18.1 -> shadow-4.0.18.2					28-10-2007
 

Modified: upstream/trunk/src/newgrp.c
===================================================================
--- upstream/trunk/src/newgrp.c	2007-11-10 18:48:23 UTC (rev 1338)
+++ upstream/trunk/src/newgrp.c	2007-11-10 18:54:40 UTC (rev 1339)
@@ -377,6 +377,16 @@
 	 * unless she is listed as a member.  -- JWP
 	 */
 	if (getuid () != 0 && needspasswd) {
+		if (grp->gr_passwd[0] == '\0') {
+			/*
+			 * there is no password, print out "No password."
+			 * and give up
+			 */
+			sleep (1);
+			fputs (_("No password.\n"), stderr);
+			goto failure;
+		}
+
 		/*
 		 * get the password from her, and set the salt for
 		 * the decryption from the group file.
@@ -392,15 +402,6 @@
 		cpasswd = pw_encrypt (cp, grp->gr_passwd);
 		strzero (cp);
 
-		if (grp->gr_passwd[0] == '\0') {
-			/*
-			 * there is no password, print out "Sorry" and give up
-			 */
-			sleep (1);
-			fputs (_("No password.\n"), stderr);
-			goto failure;
-		}
-
 		if (strcmp (cpasswd, grp->gr_passwd) != 0) {
 			SYSLOG ((LOG_INFO,
 				 "Invalid password for group `%s' from `%s'",

More information about the Pkg-shadow-commits mailing list