aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--lib/lib.c11
-rw-r--r--lib/lib.h1
-rw-r--r--toys/lsb/passwd.c22
-rw-r--r--toys/posix/grep.c9
4 files changed, 28 insertions, 15 deletions
diff --git a/lib/lib.c b/lib/lib.c
index 6559030c..681d4d23 100644
--- a/lib/lib.c
+++ b/lib/lib.c
@@ -1033,3 +1033,14 @@ char *next_printf(char *s, char **start)
return 0;
}
+
+// Posix inexplicably hasn't got this, so find str in line.
+char *strnstr(char *line, char *str)
+{
+ long len = strlen(str);
+ char *s;
+
+ for (s = line; *s; s++) if (!strncasecmp(s, str, len)) break;
+
+ return *s ? s : 0;
+}
diff --git a/lib/lib.h b/lib/lib.h
index 2714ad3d..dac3b67f 100644
--- a/lib/lib.h
+++ b/lib/lib.h
@@ -199,6 +199,7 @@ int qstrcmp(const void *a, const void *b);
void create_uuid(char *uuid);
char *show_uuid(char *uuid);
char *next_printf(char *s, char **start);
+char *strnstr(char *line, char *str);
#define HR_SPACE 1 // Space between number and units
#define HR_B 2 // Use "B" for single byte units
diff --git a/toys/lsb/passwd.c b/toys/lsb/passwd.c
index ca98f2ef..687d4c09 100644
--- a/toys/lsb/passwd.c
+++ b/toys/lsb/passwd.c
@@ -20,6 +20,16 @@ config PASSWD
-d Set password to ''
-l Lock (disable) account
-u Unlock (enable) account
+
+config PASSWD_SAD
+ bool "Add sad password checking heuristics"
+ default n
+ depends on PASSWD
+ help
+ Password changes are checked to make sure they don't include the entire
+ username (but not a subset of it), and the entire previous password
+ (but changing password1, password2, password3 is fine). This heuristic
+ accepts "aaaaaa" as a password.
*/
#define FOR_passwd
@@ -29,16 +39,13 @@ GLOBALS(
char *algo;
)
-#ifndef _GNU_SOURCE
-char *strcasestr(const char *haystack, const char *needle);
-#endif
-
static int str_check(char *s, char *p)
{
- if (strcasestr(s, p) || strcasestr(p, s)) return 1;
+ if (strnstr(s, p) || strnstr(p, s)) return 1;
return 0;
}
+// Insane heuristic won't find password1 password2 password3...?
static void strength_check(char *newp, char *oldp, char *user)
{
char *msg = NULL;
@@ -81,7 +88,7 @@ static char *new_password(char *oldp, char *user)
return NULL; //may be due to Ctrl-C
newp = xstrdup(toybuf);
- strength_check(newp, oldp, user);
+ if (CFG_PASSWD_SAD) strength_check(newp, oldp, user);
if (read_password(toybuf, sizeof(toybuf), "Retype password:")) {
free(newp);
return NULL; //may be due to Ctrl-C
@@ -114,8 +121,7 @@ void passwd_main(void)
pw = xgetpwnam(name);
- if (myuid && (myuid != pw->pw_uid))
- error_exit("You need to be root to change '%s' password\n", name);
+ if (myuid && (myuid != pw->pw_uid)) error_exit("Not root");
pass = pw->pw_passwd;
if (pw->pw_passwd[0] == 'x') {
diff --git a/toys/posix/grep.c b/toys/posix/grep.c
index c5d626aa..2ca02d2c 100644
--- a/toys/posix/grep.c
+++ b/toys/posix/grep.c
@@ -125,13 +125,8 @@ static void do_grep(int fd, char *name)
fseek.arg = s = line;
break;
}
- if (toys.optflags & FLAG_i) {
- long ll = strlen(seek->arg);;
-
- // Alas, posix hasn't got strcasestr()
- for (s = line; *s; s++) if (!strncasecmp(s, seek->arg, ll)) break;
- if (!*s) s = 0;
- } else s = strstr(line, seek->arg);
+ if (toys.optflags & FLAG_i) s = strnstr(line, seek->arg);
+ else s = strstr(line, seek->arg);
if (s) break;
}