src/passwd.c: inconsistent password length limit
The passwd utility had hardcoded limit for password lenght set to 200 characters. In the agetpass.c is used PASS_MAX for this purpose. This patch moves the PASS_MAX definition to common place and uses it in both places. Signed-off-by: Tomas Halman <tomas@halman.net>
This commit is contained in:
committed by
Serge Hallyn
parent
0259f84583
commit
dfb4d8fdf9
@@ -11,7 +11,6 @@
|
||||
|
||||
#include <limits.h>
|
||||
#include <readpassphrase.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
|
||||
@@ -24,11 +23,6 @@
|
||||
#endif /* WITH_LIBBSD */
|
||||
|
||||
|
||||
#if !defined(PASS_MAX)
|
||||
#define PASS_MAX BUFSIZ - 1
|
||||
#endif
|
||||
|
||||
|
||||
/*
|
||||
* SYNOPSIS
|
||||
* [[gnu::malloc(erase_pass)]]
|
||||
|
||||
@@ -25,6 +25,7 @@
|
||||
((N) == 1 ? (const char *) (Msgid1) : (const char *) (Msgid2))
|
||||
#endif
|
||||
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
|
||||
@@ -202,4 +203,14 @@
|
||||
# define shadow_getenv(name) getenv(name)
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Maximum password length
|
||||
*
|
||||
* Consider that there is also limit in PAM (PAM_MAX_RESP_SIZE)
|
||||
* currently set to 512.
|
||||
*/
|
||||
#if !defined(PASS_MAX)
|
||||
#define PASS_MAX BUFSIZ - 1
|
||||
#endif
|
||||
|
||||
#endif /* _DEFINES_H_ */
|
||||
|
||||
+2
-2
@@ -175,8 +175,8 @@ static int new_password (const struct passwd *pw)
|
||||
char *cipher; /* Pointer to cipher text */
|
||||
const char *salt; /* Pointer to new salt */
|
||||
char *cp; /* Pointer to agetpass() response */
|
||||
char orig[200]; /* Original password */
|
||||
char pass[200]; /* New password */
|
||||
char orig[PASS_MAX + 1]; /* Original password */
|
||||
char pass[PASS_MAX + 1]; /* New password */
|
||||
int i; /* Counter for retries */
|
||||
bool warned;
|
||||
int pass_max_len = -1;
|
||||
|
||||
Reference in New Issue
Block a user