[Pkg-shadow-commits] r1339 - in upstream/trunk: . src
nekral-guest at alioth.debian.org
nekral-guest at alioth.debian.org
Sat Nov 10 18:54:40 UTC 2007
Author: nekral-guest
Date: 2007-11-10 18:54:40 +0000 (Sat, 10 Nov 2007)
New Revision: 1339
Modified:
upstream/trunk/ChangeLog
upstream/trunk/NEWS
upstream/trunk/src/newgrp.c
Log:
Don't ask for a password if there are no group passwords. Just directly
give up. This comes from the Fedora's patch shadow-4.0.13-newgrpPwd.patch,
and seems to be the only part with an effect.
Modified: upstream/trunk/ChangeLog
===================================================================
--- upstream/trunk/ChangeLog 2007-11-10 18:48:23 UTC (rev 1338)
+++ upstream/trunk/ChangeLog 2007-11-10 18:54:40 UTC (rev 1339)
@@ -1,5 +1,12 @@
2007-11-10 Nicolas François <nicolas.francois at centraliens.net>
+ * NEWS, src/newgrp.c: Don't ask for a password if there are no
+ group passwords. Just directly give up. This comes from the
+ Fedora's patch shadow-4.0.13-newgrpPwd.patch, and seems to be the
+ only part with an effect.
+
+2007-11-10 Nicolas François <nicolas.francois at centraliens.net>
+
* NEWS, src/chgpasswd.c, src/chpasswd.c: Fix chpasswd and
chgpasswd stack overflow. Based on Fedora's
shadow-4.0.18.1-overflow.patch.
Modified: upstream/trunk/NEWS
===================================================================
--- upstream/trunk/NEWS 2007-11-10 18:48:23 UTC (rev 1338)
+++ upstream/trunk/NEWS 2007-11-10 18:54:40 UTC (rev 1339)
@@ -8,6 +8,8 @@
Thanks also to Greg Schafer <gschafer at zip.com.au>.
- chgpasswd, chpasswd: Fix chpasswd and chgpasswd stack overflow. Based on
Fedora's shadow-4.0.18.1-overflow.patch.
+- newgrp: Don't ask for a password if there are no group passwords. Just
+ directly give up.
shadow-4.0.18.1 -> shadow-4.0.18.2 28-10-2007
Modified: upstream/trunk/src/newgrp.c
===================================================================
--- upstream/trunk/src/newgrp.c 2007-11-10 18:48:23 UTC (rev 1338)
+++ upstream/trunk/src/newgrp.c 2007-11-10 18:54:40 UTC (rev 1339)
@@ -377,6 +377,16 @@
* unless she is listed as a member. -- JWP
*/
if (getuid () != 0 && needspasswd) {
+ if (grp->gr_passwd[0] == '\0') {
+ /*
+ * there is no password, print out "No password."
+ * and give up
+ */
+ sleep (1);
+ fputs (_("No password.\n"), stderr);
+ goto failure;
+ }
+
/*
* get the password from her, and set the salt for
* the decryption from the group file.
@@ -392,15 +402,6 @@
cpasswd = pw_encrypt (cp, grp->gr_passwd);
strzero (cp);
- if (grp->gr_passwd[0] == '\0') {
- /*
- * there is no password, print out "Sorry" and give up
- */
- sleep (1);
- fputs (_("No password.\n"), stderr);
- goto failure;
- }
-
if (strcmp (cpasswd, grp->gr_passwd) != 0) {
SYSLOG ((LOG_INFO,
"Invalid password for group `%s' from `%s'",
More information about the Pkg-shadow-commits
mailing list