logo

etc_portage

Unnamed repository; edit this file 'description' to name the repository. git clone https://hacktivis.me/git/etc_portage.git

0001-login-su-Treat-an-empty-passwd-field-as-invalid.patch (1449B)

    

  1. From 999a428a064222c4fba980baa3b061d39e23ed75 Mon Sep 17 00:00:00 2001

  2. From: "Haelwenn (lanodan) Monnier" <contact@hacktivis.me>

  3. Date: Sun, 14 Mar 2021 19:13:13 +0100

  4. Subject: [PATCH 1/2] login & su: Treat an empty passwd field as invalid

  5. MIME-Version: 1.0

  6. Content-Type: text/plain; charset=UTF-8

  7. Content-Transfer-Encoding: 8bit

  8. 

  9. Otherwise it's treated like the “require no password” clause while it probably

  10. should be treated like a normal su that can't validate anyway.

  11. 

  12. A similar change should be done for USE_PAM.

  13. ---

  14.  src/login.c | 4 ++++

  15.  src/su.c    | 5 +++++

  16.  2 files changed, 9 insertions(+)

  17. 

  18. diff --git a/src/login.c b/src/login.c

  19. index 00508cd5..0c0b5c86 100644

  20. --- a/src/login.c

  21. +++ b/src/login.c

  22. @@ -978,6 +978,10 @@ int main (int argc, char **argv)

  23.  			    || ('*' == user_passwd[0])) {

  24.  				failed = true;

  25.  			}

  26. +			/* Treat empty password field as invalid */

  27. +			if (strcmp (user_passwd, "") == 0) {

  28. +				failed = true;

  29. +			}

  30.  		}

  31.  

  32.  		if (strcmp (user_passwd, SHADOW_PASSWD_STRING) == 0) {

  33. diff --git a/src/su.c b/src/su.c

  34. index fc0e826f..638f533f 100644

  35. --- a/src/su.c

  36. +++ b/src/su.c

  37. @@ -499,6 +499,11 @@ static void check_perms_nopam (const struct passwd *pw)

  38.  	/*@observer@*/const char *password = pw->pw_passwd;

  39.  	RETSIGTYPE (*oldsig) (int);

  40.  

  41. +	if (strcmp (pw->pw_passwd, "") == 0) {

  42. +		fprintf(stderr, _("Password field is empty, this is invalid.\n"));

  43. +		exit(1);

  44. +	}

  45. +

  46.  	if (caller_is_root) {

  47.  		return;

  48.  	}

  49. -- 

  50. 2.26.3

  51.