#
305741 |
|
12-Sep-2016 |
asomers |
MFC r302778
pw should sanitize the argument of -w.
Otherwise, it will silently disable the login for the selected account if the argument is unrecognizable.
usr.sbin/pw/pw.h usr.sbin/pw/pw_conf.c usr.sbin/pw/pw_user.c Use separate rules to validate boolean parameters and passwd parameters. Error out if a password parameter cannot be parsed.
usr.sbin/pw/tests/Makefile usr.sbin/pw/tests/crypt.c usr.sbin/pw/tests/pw_useradd.sh usr.sbin/pw/tests/pw_usermod.sh Add tests for the validation. Also, enhance existing password-related tests to actually validate that the correct hash is written to master.passwd.
|