=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/passwd/local_passwd.c,v retrieving revision 1.49 retrieving revision 1.50 diff -c -r1.49 -r1.50 *** src/usr.bin/passwd/local_passwd.c 2016/08/31 10:06:41 1.49 --- src/usr.bin/passwd/local_passwd.c 2016/08/31 12:41:19 1.50 *************** *** 1,4 **** ! /* $OpenBSD: local_passwd.c,v 1.49 2016/08/31 10:06:41 tedu Exp $ */ /*- * Copyright (c) 1990 The Regents of the University of California. --- 1,4 ---- ! /* $OpenBSD: local_passwd.c,v 1.50 2016/08/31 12:41:19 tedu Exp $ */ /*- * Copyright (c) 1990 The Regents of the University of California. *************** *** 44,49 **** --- 44,50 ---- #include #include #include + #include #define UNCHANGED_MSG "Password unchanged." *************** *** 151,159 **** getnewpasswd(struct passwd *pw, login_cap_t *lc, int authenticated) { static char hash[_PASSWORD_LEN]; char *p, *pref; int tries, pwd_tries; - char buf[1024]; sig_t saveint, savequit; saveint = signal(SIGINT, kbintr); --- 152,160 ---- getnewpasswd(struct passwd *pw, login_cap_t *lc, int authenticated) { static char hash[_PASSWORD_LEN]; + char newpass[_PASSWORD_LEN + 1]; char *p, *pref; int tries, pwd_tries; sig_t saveint, savequit; saveint = signal(SIGINT, kbintr); *************** *** 162,168 **** if (!authenticated) { (void)printf("Changing password for %s.\n", pw->pw_name); if (uid != 0 && pw->pw_passwd[0] != '\0') { ! p = getpass("Old password:"); if (p == NULL || *p == '\0') { (void)printf("%s\n", UNCHANGED_MSG); pw_abort(); --- 163,172 ---- if (!authenticated) { (void)printf("Changing password for %s.\n", pw->pw_name); if (uid != 0 && pw->pw_passwd[0] != '\0') { ! char oldpass[_PASSWORD_LEN + 1]; ! ! p = readpassphrase("Old password:", oldpass, ! sizeof(oldpass), RPP_ECHO_OFF); if (p == NULL || *p == '\0') { (void)printf("%s\n", UNCHANGED_MSG); pw_abort(); *************** *** 177,184 **** pwd_tries = pwd_gettries(lc); ! for (buf[0] = '\0', tries = 0;;) { ! p = getpass("New password:"); if (p == NULL || *p == '\0') { (void)printf("%s\n", UNCHANGED_MSG); pw_abort(); --- 181,191 ---- pwd_tries = pwd_gettries(lc); ! for (newpass[0] = '\0', tries = 0;;) { ! char repeat[_PASSWORD_LEN + 1]; ! ! p = readpassphrase("New password:", newpass, sizeof(newpass), ! RPP_ECHO_OFF); if (p == NULL || *p == '\0') { (void)printf("%s\n", UNCHANGED_MSG); pw_abort(); *************** *** 192,200 **** if ((tries++ < pwd_tries || pwd_tries == 0) && pwd_check(lc, p) == 0) continue; ! strlcpy(buf, p, sizeof(buf)); ! p = getpass("Retype new password:"); ! if (p != NULL && strcmp(buf, p) == 0) break; (void)printf("Mismatch; try again, EOF to quit.\n"); } --- 199,207 ---- if ((tries++ < pwd_tries || pwd_tries == 0) && pwd_check(lc, p) == 0) continue; ! p = readpassphrase("Retype new password:", repeat, sizeof(repeat), ! RPP_ECHO_OFF); ! if (p != NULL && strcmp(newpass, p) == 0) break; (void)printf("Mismatch; try again, EOF to quit.\n"); } *************** *** 203,209 **** (void)signal(SIGQUIT, savequit); pref = login_getcapstr(lc, "localcipher", NULL, NULL); ! if (crypt_newhash(buf, pref, hash, sizeof(hash)) != 0) { (void)printf("Couldn't generate hash.\n"); pw_error(NULL, 0, 0); } --- 210,216 ---- (void)signal(SIGQUIT, savequit); pref = login_getcapstr(lc, "localcipher", NULL, NULL); ! if (crypt_newhash(newpass, pref, hash, sizeof(hash)) != 0) { (void)printf("Couldn't generate hash.\n"); pw_error(NULL, 0, 0); }