From a39ad350cc564b3b46e6f75e2f9d1f26f646861e Mon Sep 17 00:00:00 2001
From: CoprDistGit <infra@openeuler.org>
Date: Thu, 12 Oct 2023 11:50:23 +0000
Subject: automatic import of shadow

---
 usermod-unlock.patch | 65 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 65 insertions(+)
 create mode 100644 usermod-unlock.patch

(limited to 'usermod-unlock.patch')

diff --git a/usermod-unlock.patch b/usermod-unlock.patch
new file mode 100644
index 0000000..ff9602d
--- /dev/null
+++ b/usermod-unlock.patch
@@ -0,0 +1,65 @@
+Index: shadow-4.5/src/usermod.c
+===================================================================
+--- a/src/usermod.c
++++ b/src/usermod.c
+@@ -466,14 +466,17 @@ static char *new_pw_passwd (char *pw_pass)
+ 		strcat (buf, pw_pass);
+ 		pw_pass = buf;
+ 	} else if (Uflg && pw_pass[0] == '!') {
+-		char *s;
++		char *s = pw_pass;
+ 
+-		if (pw_pass[1] == '\0') {
++		while ('!' == *s)
++			++s;
++
++		if (*s == '\0') {
+ 			fprintf (stderr,
+ 			         _("%s: unlocking the user's password would result in a passwordless account.\n"
+ 			           "You should set a password with usermod -p to unlock this user's password.\n"),
+ 			         Prog);
+-			return pw_pass;
++			return NULL;
+ 		}
+ 
+ #ifdef WITH_AUDIT
+@@ -482,12 +485,15 @@ static char *new_pw_passwd (char *pw_pass)
+ 		              user_newname, (unsigned int) user_newid, 0);
+ #endif
+ 		SYSLOG ((LOG_INFO, "unlock user '%s' password", user_newname));
+-		s = pw_pass;
+-		while ('\0' != *s) {
+-			*s = *(s + 1);
+-			s++;
+-		}
++		memmove (pw_pass, s, strlen (s) + 1);
+ 	} else if (pflg) {
++		if (strchr (user_pass, ':') != NULL) {
++			fprintf (stderr,
++			         _("%s: The password field cannot contain a colon character.\n"),
++			         Prog);
++			return NULL;
++
++		}
+ #ifdef WITH_AUDIT
+ 		audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ 		              "changing password",
+@@ -536,6 +542,8 @@ static void new_pwent (struct passwd *pwent)
+ 	if (   (!is_shadow_pwd)
+ 	    || (strcmp (pwent->pw_passwd, SHADOW_PASSWD_STRING) != 0)) {
+ 		pwent->pw_passwd = new_pw_passwd (pwent->pw_passwd);
++		if (pwent->pw_passwd == NULL)
++			fail_exit (E_PW_UPDATE);
+ 	}
+ 
+ 	if (uflg) {
+@@ -650,6 +658,8 @@ static void new_spent (struct spwd *spent)
+ 	 *  + aging has been requested
+ 	 */
+ 	spent->sp_pwdp = new_pw_passwd (spent->sp_pwdp);
++	if (spent->sp_pwdp == NULL)
++		fail_exit(E_PW_UPDATE);
+ 
+ 	if (pflg) {
+ 		spent->sp_lstchg = (long) gettime () / SCALE;
+
-- 
cgit v1.2.3