[Toybox] [New Toys] - groupadd, useradd, mkpasswd and modified passwd, lib/password
Rob Landley
rob at landley.net
Wed Oct 16 18:16:24 PDT 2013
On 10/02/2013 03:49:21 AM, Ashwini Sharma wrote:
> Hi list,
>
> Attached are the implementations for groupadd, useradd and mkpasswd
> commands.
Ok, I've caught up to this...
> Patches are as follows
>
> 1. __lib.patch__ : this includes changes made to lib/lib.h and
> __lib/password.c__.
> lib/passowrd.c is modified to share the function __update_password()__
> among groupadd, useradd commands.
> This also has the factored out code, common to both, for __passwd__
> and
> __mkpasswd__.
> Also has the cosmetic cleanup changes.
Alas, lib/password.c is one of the pieces that would be in pending if
login.c didn't predate it. I never got this properly cleaned up. Still,
adding this doesn't change that, so... first patch applied, and lemme
at least look at the new bits.
We add three #defines to the header, which are never used. They should
be in the patch that actually uses them. (MAX_SALT_LEN of 20 is wrong,
the largest actual salt is 16, that's the buffer size needed to
process... something. Right...)
The first function in there, random_number_generator(), just reads an
int from a filehandle. It's only ever called from one place, and that
caller is what opens and closes /dev/urandom, so having the read in the
same place doesn't add any new portability constraints. (I.E. let's
just inline this function at its only callsite.)
The return value is fed into inttoc(), which is also the only caller of
that function. inttoc() discards all but 10 bits of it, so we read 32
bits of entropy, and discard 21 of those bits? Not idea on devices with
limited entropy.
Um, hang on:
i &= 0x3f; // masking for using 10 bits only
You can't use 10 bits out of an 8 bit byte. And 0x3f is 00111111 which
is 6 bits. So the comment is both impossible and wrong.
Let's see, max salt is actually 16, times 6 is 96 bits which is an even
12 bytes, so we can read in a buffer of that... this logic is largely
the same as uuencode by the way.
All the users are in get_salt(), which is a strange function. Each
algorithm has a unique digit indicated in the $#$ signature in the
hash, but we don't use that digit to indicate the algorithm, instead we
pass in a string which we check and then _set_ the digit. Why do we do
that? If it was an int we could just use an array to set the salt
length. Also, the function has an error return value for matching none
of the strings, but didn't we pass _in_ that string? Not sure of the
design goal here, who is currently calling this...
Um, there's a second copy in toys/lsb/passwd.c...? Ah, I see, the
second patch in the series removes the function. so it's a move spread
across two patches. Lemme redo that checkin to do both halves...
(Sigh. My bad. If I don't clean up code, people extend the
non-cleaned-up code...)
I need to set up a test environment for this. Ok, I've inlined
random_number_generator() and inttoc() and it compiles, but I can't
test it. I'll check it in anyway and try to come up with a test
chroot...
> 2. __passwd.c.patch__ : this file is modified due to the common code
> factoring out and cosmetic cleanup changes.
I checked in this and the previous patch together as one logical unit,
because it's moving code from one file to another and the result
doesn't make sense without both of them.
Rob
1381972584.0
More information about the Toybox
mailing list