Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 20 Nov 2013 19:13:39 -0800
From: Michael Forney <>
Subject: [PATCH 0/2] Implement fgetspent

Hi Rich,

It turns out that one more function, fgetspent, is needed for the common
shadow+pam_unix setup used in many desktop systems. Otherwise, when
changing your password, pam_unix will attempt to enumerate through the
shadow entries with fgetspent, rewriting them as it goes (and replacing
the entry to be updated). This leaves you with a shadow file containing
only the updated entry.

In the first patch, I moved spent parsing to an internal function,
__parsespent. I opted to use __parsespent instead of __getspent_a
(similar to the passwd and group functions) for several reasons:

    - To minimize the changes necessary to getspnam_r
    - To avoid the extra memcpy as in getpw_r
    - It seemed like a more self-contained function (which didn't rely
      on the source of the entry).
    - It would make it easier to implement sgetspent if we ever wanted
      that (though, so far, I haven't found anything that requires this)

However, if this is not desired, I can send a new patch which uses a
function __getspent_a, similar to __get{pw,gr}ent_a.

Michael Forney (2):
  shadow: Move spent parsing to internal function
  shadow: Implement fgetspent

 src/passwd/fgetspent.c  | 11 ++++++++++-
 src/passwd/getspnam_r.c | 34 +---------------------------------
 src/passwd/parsespent.c | 42 ++++++++++++++++++++++++++++++++++++++++++
 src/passwd/pwf.h        |  2 +-
 4 files changed, 54 insertions(+), 35 deletions(-)
 create mode 100644 src/passwd/parsespent.c


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.