[ On Monday, September 30, 2002 at 13:32:41 (+0300), Alistair G. Crooks wrote: ]
> Subject: CVS commit: basesrc/usr.sbin/user
>
> 
> Module Name:	basesrc
> Committed By:	agc
> Date:		Mon Sep 30 10:32:41 UTC 2002
> 
> Modified Files:
> 	basesrc/usr.sbin/user: user.c
> 
> Log Message:
> Handle PR 18474 in a more safe and scalable fashion - keep a table of
> password types, and their associated lengths, and check in useradd or
> usermod whether the given encrypted password has the correct length.
> 
> This removes the (duplicated) hardcoded lengths which had crept in
> with the last commit, and also checks the length of the given password
> against the expected length.

When I first encountered passwd.conf(5) and pw_getconf(3) I wondered if
maybe this information describing the structure of the pw_passwd field
shouldn't also be made available to callers.   It's probably best if
this information is hard-coded in libc (not much point in specifying it
in a user-modifiable table if the code like crypt(3) can't honour the
table's specifications).

With the help of a tiny user-land utility to retrieve such additional
information then the consistency checks in places like /etc/security
could be better parameterized too.

user(8) should probably enforce, at least by default, the settings in
/etc/passwd.conf too.....

-- 
								Greg A. Woods

+1 416 218-0098;            <g.a.woods@ieee.org>;           <woods@robohack.ca>
Planix, Inc. <woods@planix.com>; VE3TCP; Secrets of the Weird <woods@weird.com>