From 4c6721577f9a9ffcd70156c303646f53adec40e5 Mon Sep 17 00:00:00 2001 From: Kurt Zeilenga Date: Sat, 10 Jan 2004 19:25:47 +0000 Subject: [PATCH] ITS#2906: improved passwd error handling --- doc/man/man8/slappasswd.8 | 6 ++++++ libraries/liblutil/passwd.c | 12 ++++++++++-- servers/slapd/tools/slappasswd.c | 6 +++--- 3 files changed, 19 insertions(+), 5 deletions(-) diff --git a/doc/man/man8/slappasswd.8 b/doc/man/man8/slappasswd.8 index 190f245a20..f46699712c 100644 --- a/doc/man/man8/slappasswd.8 +++ b/doc/man/man8/slappasswd.8 @@ -64,6 +64,12 @@ be specified: The default is .IR {SSHA} . +Note that scheme names may need to be protected, due to +.B { +and +.BR } , +from expansion by the user's command interpreter. + .B {SHA} and .B {SSHA} diff --git a/libraries/liblutil/passwd.c b/libraries/liblutil/passwd.c index abf26784e7..ac780b9d4b 100644 --- a/libraries/liblutil/passwd.c +++ b/libraries/liblutil/passwd.c @@ -377,9 +377,17 @@ struct berval * lutil_passwd_hash( { const struct pw_scheme *sc = get_scheme( method ); + if( sc == NULL ) { + if( text ) *text = "scheme not recognized"; + return NULL; + } + + if( ! sc->hash_fn ) { + if( text ) *text = "scheme provided no hash function"; + return NULL; + } + if( text ) *text = NULL; - if( sc == NULL ) return NULL; - if( ! sc->hash_fn ) return NULL; return (sc->hash_fn)( &sc->name, passwd, text ); } diff --git a/servers/slapd/tools/slappasswd.c b/servers/slapd/tools/slappasswd.c index 92443e2051..b144ae5937 100644 --- a/servers/slapd/tools/slappasswd.c +++ b/servers/slapd/tools/slappasswd.c @@ -131,10 +131,10 @@ main( int argc, char *argv[] ) } hash = lutil_passwd_hash( &passwd, scheme, &text ); - if( hash == NULL || hash->bv_val == NULL ) { - fprintf( stderr, "Password generation failed. %s\n", - text ? text : "" ); + fprintf( stderr, + "Password generation failed for scheme %s: %s\n", + scheme, text ? text : "" ); return EXIT_FAILURE; } -- 2.39.5