Re: passwd processing broken in amd64 (time_t probably)

[Hisashi T Fujinaka <htodd%twofifty.com@localhost>]

On Wed, 14 Jan 2009, Julio M. Merino Vidal wrote:

> On Wed, Jan 14, 2009 at 02:03:35PM +0000, Julio M. Merino Vidal wrote:
> > Effectively, hardcoding a '*version = 1' in _pw_opendb before returning
> > makes getpwent work again.  So it looks like the version field is not
> > being stored in the database properly.
>
> If this is effectively the problem, how does the following look?
>
> Index: pwd_mkdb.c
> ===================================================================
> RCS file: /cvsroot/src/usr.sbin/pwd_mkdb/pwd_mkdb.c,v
> retrieving revision 1.34
> diff -u -p -r1.34 pwd_mkdb.c
> --- pwd_mkdb.c  21 Jul 2008 13:36:59 -0000      1.34
> +++ pwd_mkdb.c  14 Jan 2009 14:25:49 -0000
> @@ -1,6 +1,32 @@
> /*      $NetBSD: pwd_mkdb.c,v 1.34 2008/07/21 13:36:59 lukem Exp $      */
>
> /*
> + * Copyright (c) 2000, 2009 The NetBSD Foundation, Inc.
> + * All rights reserved.
> + *
> + * Redistribution and use in source and binary forms, with or without
> + * modification, are permitted provided that the following conditions
> + * are met:
> + * 1. Redistributions of source code must retain the above copyright
> + *    notice, this list of conditions and the following disclaimer.
> + * 2. Redistributions in binary form must reproduce the above copyright
> + *    notice, this list of conditions and the following disclaimer in the
> + *    documentation and/or other materials provided with the distribution.
> + *
> + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
> + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
> + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
> + * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
> + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
> + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
> + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
> + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
> + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
> + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
> + * POSSIBILITY OF SUCH DAMAGE.
> + */
> +
> +/*
>  * Copyright (c) 1991, 1993, 1994
>  *      The Regents of the University of California.  All rights reserved.
>  *
> @@ -60,7 +86,7 @@
>
> #include <sys/cdefs.h>
> #if !defined(lint)
> -__COPYRIGHT("@(#) Copyright (c) 2000\
> +__COPYRIGHT("@(#) Copyright (c) 2000, 2009\
>  The NetBSD Foundation, Inc.  All rights reserved.\
>   Copyright (c) 1991, 1993, 1994\
>  The Regents of the University of California.  All rights reserved.");
> @@ -115,6 +141,8 @@ HASHINFO openinfo = {
> #define FILE_SECURE     0x02
> #define FILE_ORIG       0x04
>
> +#define DBVERSION      1
> +
> static char     *pname;                         /* password file name */
> static char     prefix[MAXPATHLEN];
> static char     oldpwdfile[MAX(MAXPATHLEN, LINE_MAX * 2)];
> @@ -131,6 +159,8 @@ int getdbent(DB *, const char *, int, vo
> void    inconsistancy(void);
> void    install(const char *, const char *);
> int     main(int, char **);
> +void   checkversion(DB *);
> +void   putversion(DB *);
> void    putdbents(DB *, struct passwd *, const char *, int, const char *, int,
>                   int, int);
> void    putyptoken(DB *, const char *);
> @@ -258,6 +288,10 @@ main(int argc, char *argv[])
>                     &openinfo);
>                 if (dp == NULL)
>                         error(pwd_db_tmp);
> +               if (username != NULL)
> +                       checkversion(dp);
> +               else
> +                       putversion(dp);
>                 clean |= FILE_INSECURE;
>         }
>
> @@ -271,6 +305,10 @@ main(int argc, char *argv[])
>         edp = dbopen(pwd_Sdb_tmp, flags, PERM_SECURE, DB_HASH, &openinfo);
>         if (!edp)
>                 error(pwd_Sdb_tmp);
> +       if (username != NULL)
> +               checkversion(edp);
> +       else
> +               putversion(edp);
>         clean |= FILE_SECURE;
>
>         /*
> @@ -804,6 +842,45 @@ getdbent(DB *dp, const char *fn, int typ
> }
>
> void
> +checkversion(DB *dp)
> +{
> +       DBT data, key;
> +       int ret;
> +
> +       key.data = __UNCONST("VERSION");
> +       key.size = strlen((char *)key.data) + 1;
> +
> +       ret = (*dp->get)(dp, &key, &data, 0);
> +       if (ret == -1) {
> +               warnx("cannot get VERSION record from database");
> +               bailout();
> +       }
> +
> +       if (ret == 1 || *(int *)data.data != DBVERSION) {
> +               warnx("databases are laid out according to an old version");
> +               warnx("re-build the databases without -u");
> +               bailout();
> +       }
> +}
> +
> +void
> +putversion(DB *dp)
> +{
> +       DBT data, key;
> +       int version = DBVERSION;
> +
> +       key.data = __UNCONST("VERSION");
> +       key.size = strlen((char *)key.data) + 1;
> +       data.data = &version;
> +       data.size = sizeof(version);
> +
> +       if ((*dp->put)(dp, &key, &data, R_NOOVERWRITE) == -1) {
> +               warnx("cannot set VERSION record in database");
> +               bailout();
> +       }
> +}
> +
> +void
> putyptoken(DB *dp, const char *fn)
> {
>         DBT data, key;

All I can say is that I can now (finally) log into my machine again as
someone other than root.

--
Hisashi T Fujinaka - htodd%twofifty.com@localhost
BSEE(6/86) + BSChem(3/95) + BAEnglish(8/95) + MSCS(8/03) + $2.50 = latte