Hi all,

I'm trying to write an API to provide user passwd change facility. It should
work exactly the same way a normal "passwd" program works, except that it
takes the 3 arguments - username, oldpass and newpass as function args.

I modelled the program exactly on the lines of the NetBSD passwd source
code, but the program fails when trying to compare the oldpass with the
existing one in the /etc/passwd file. The code to compare the oldpass with
existing one is :

if (strcmp(crypt(oldpw, pw->pw_passwd), pw->pw_passwd) != 0)
        return ACCESS_DENIED;

Here pw->pw_passwd is the password entry from /etc/passwd file.

The /etc/passwd file uses "*" as the passwd entries which means that the
passwords are to be looked up somewhere else (possibly master.passwd file?).
The string compare tries to compare the encrypted password with "*" and
fails.

I compiled the existing NetBSD passwd code and that also gets stuck at the
same place.

Does anyone have any idea what am I missing here? Or does anyone have a
similar piece of code already written and is willing to share it.

Thanks a lot.
Sumeet

---
Sumeet Malhotra
Email: smalhotra@rhapsodynetworks.com
Phone: 510-743-3256