Subject: Re: yppasswd fix (please review)
To: None <hubert.feyrer@informatik.fh-regensburg.de>
From: David Brownlee <abs@netbsd.org>
List: tech-userlevel
Date: 12/10/1999 18:36:01
	Just a thought - does this still work if you run an insecure yp
	(because of non NetBSD machines), and particularly against a non
	NetBSD yp server...

		David/absolute

On Fri, 10 Dec 1999, Hubert Feyrer wrote:

> 
> Hello,
> 
> it seems that yppasswd(1) was broken when we got changes to remove
> encrypted passwords from the passwd.byname NIS table and moved them to
> master.passwd.byname instead. yppasswd(1) still looked in passwd.byname to
> verify the old password, and as that map only has a "*" for the encrypted
> password, this caused attempts to change the password always to be
> rejected. After teaching yppasswd(1) to use master.passwd.byname, some
> minor adjustment for the different file format was necessary.
> 
> I'd like to commit this soonish, but would appreciate if anyone could
> review this. I've tested this on a 1.4.1/i386 server and both 1.4.1/i386
> and 1.4.1/sparc clients.
> 
> This problem was pointed out to me by David Koronczay <fu@ludens.elte.hu>
> on IRC. From a quick code inspection, this bug is also present in OpenBSD
> (hi Theo :-), I'm not sure about FreeBSD.
> 
> 
>  - Hubert
> 
> -- 
> NetBSD - Better for your uptime than Viagra
> 
> 
> 
> Index: yp_passwd.c
> ===================================================================
> RCS file: /cvsroot/basesrc/usr.bin/passwd/yp_passwd.c,v
> retrieving revision 1.20
> diff -u -r1.20 yp_passwd.c
> --- yp_passwd.c	1999/08/16 03:02:46	1.20
> +++ yp_passwd.c	1999/12/10 16:41:57
> @@ -300,6 +300,9 @@
>  	pwent->pw_passwd = p;
>  	p = pwskip(p);
>  	pwent->pw_uid = (uid_t)strtoul(p, NULL, 10);
> +	p = pwskip(p); 	/* skip class */
> +	p = pwskip(p); 	/* skip change */
> +	p = pwskip(p); 	/* skip expire */
>  	p = pwskip(p);
>  	pwent->pw_gid = (gid_t)strtoul(p, NULL, 10);
>  	p = pwskip(p);
> @@ -324,7 +327,7 @@
>  	int reason, vallen;
>  	
>  	val = NULL;
> -	reason = yp_match(domain, "passwd.byname", nam, strlen(nam),
> +	reason = yp_match(domain, "master.passwd.byname", nam, strlen(nam),
>  			  &val, &vallen);
>  	if (reason != 0) {
>  		if (val != NULL)
> 
>