10 files changed, 327 insertions, 137 deletions

diff --git a/lib/libutil/Makefile b/lib/libutil/Makefile
index 3136a050d5e3..582cceffba4e 100644
--- a/lib/libutil/Makefile
+++ b/lib/libutil/Makefile
@@ -25,14 +25,13 @@ CFLAGS+= -DINET6
 
 CFLAGS+= -I${.CURDIR} -I${.CURDIR}/../libc/gen/
 
-MAN+=	auth.3 expand_number.3 flopen.3 fparseln.3 hexdump.3 \
+MAN+=	expand_number.3 flopen.3 fparseln.3 hexdump.3 \
 	humanize_number.3 kinfo_getallproc.3 kinfo_getfile.3 \
 	kinfo_getproc.3 kinfo_getvmmap.3 kld.3 login_auth.3 login_cap.3 \
 	login_class.3 login_ok.3 login_times.3 login_tty.3 pidfile.3 \
 	property.3 pty.3 quotafile.3 realhostname.3 realhostname_sa.3 \
-	_secure_path.3 trimdomain.3 uucplock.3
-MAN+=	auth.conf.5 login.conf.5
-MLINKS+= auth.3 auth_getval.3
+	_secure_path.3 trimdomain.3 uucplock.3 pw_util.3
+MAN+=	login.conf.5
 MLINKS+= kld.3 kld_isloaded.3 kld.3 kld_load.3
 MLINKS+=login_auth.3 auth_cat.3 login_auth.3 auth_checknologin.3
 MLINKS+=login_cap.3 login_close.3 login_cap.3 login_getcapbool.3 \
@@ -68,5 +67,18 @@ MLINKS+=quotafile.3 quota_close.3 \
 	quotafile.3 quota_write_usage.3
 MLINKS+=uucplock.3 uu_lock.3 uucplock.3 uu_lock_txfr.3 \
 	uucplock.3 uu_lockerr.3 uucplock.3 uu_unlock.3 
+MLINKS+=pw_util.3 pw_copy.3 \
+	pw_util.3 pw_dup.3 \
+	pw_util.3 pw_edit.3 \
+	pw_util.3 pw_equal.3 \
+	pw_util.3 pw_fini.3 \
+	pw_util.3 pw_init.3 \
+	pw_util.3 pw_make.3 \
+	pw_util.3 pw_make_v7.3 \
+	pw_util.3 pw_mkdb.3 \
+	pw_util.3 pw_lock.3 \
+	pw_util.3 pw_scan.3 \
+	pw_util.3 pw_tempname.3 \
+	pw_util.3 pw_tmp.3
 
 .include <bsd.lib.mk>
diff --git a/lib/libutil/auth.3 b/lib/libutil/auth.3
deleted file mode 100644
index 247a09859141..000000000000
--- a/lib/libutil/auth.3
+++ /dev/null
@@ -1,56 +0,0 @@
-.\"
-.\" Copyright (c) 1998 Jordan Hubbard
-.\"
-.\" All rights reserved.
-.\"
-.\" Redistribution and use in source and binary forms, with or without
-.\" modification, are permitted provided that the following conditions
-.\" are met:
-.\" 1. Redistributions of source code must retain the above copyright
-.\"    notice, this list of conditions and the following disclaimer.
-.\" 2. Redistributions in binary form must reproduce the above copyright
-.\"    notice, this list of conditions and the following disclaimer in the
-.\"    documentation and/or other materials provided with the distribution.
-.\"
-.\" THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY EXPRESS OR
-.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
-.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
-.\" IN NO EVENT SHALL THE DEVELOPERS BE LIABLE FOR ANY DIRECT, INDIRECT,
-.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
-.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-.\"
-.\" $FreeBSD$
-.\" "
-.Dd October 7, 1998
-.Dt AUTH_GETVAL 3
-.Os
-.Sh NAME
-.Nm auth_getval
-.Nd functions for reading values from
-.Pa /etc/auth.conf
-.Sh LIBRARY
-.Lb libutil
-.Sh SYNOPSIS
-.In sys/types.h
-.In libutil.h
-.Ft char *
-.Fn auth_getval "const char *name"
-.Sh DESCRIPTION
-The function
-.Fn auth_getval
-returns the value associated with the field called
-.Fa name
-or NULL if no such field is found or the auth file cannot be opened.
-.Sh FILES
-.Pa /etc/auth.conf
-contains the name=value pairs looked up by
-.Fn auth_getval .
-.Sh SEE ALSO
-.Xr properties_free 3 ,
-.Xr properties_read 3 ,
-.Xr property_find 3 ,
-.Xr auth.conf 5
diff --git a/lib/libutil/auth.c b/lib/libutil/auth.c
index 748c3ad84bd7..b57a784dc5e7 100644
--- a/lib/libutil/auth.c
+++ b/lib/libutil/auth.c
@@ -31,40 +31,14 @@
 #include <sys/cdefs.h>
 __FBSDID("$FreeBSD$");
 
-#include <sys/types.h>
-#include <fcntl.h>
-#include <libutil.h>
-#include <paths.h>
-#include <syslog.h>
-#include <unistd.h>
-
-static properties P;
-
-static int
-initauthconf(const char *path)
-{
-    int fd;
+#include <stdlib.h>
 
-    if (!P) {
-	if ((fd = open(path, O_RDONLY)) < 0) {
-	    syslog(LOG_ERR, "initauthconf: unable to open file: %s", path);
-	    return 1;
-	}
-	P = properties_read(fd);
-	close(fd);
-	if (!P) {
-	    syslog(LOG_ERR, "initauthconf: unable to parse file: %s", path);
-	    return 1;
-	}
-    }
-    return 0;
-}
+#include <libutil.h>
 
 char *
 auth_getval(const char *name)
 {
-    if (!P && initauthconf(_PATH_AUTHCONF))
-	return NULL;
-    else
-	return property_find(P, name);
+
+	(void)name;
+	return (NULL);
 }
diff --git a/lib/libutil/auth.conf.5 b/lib/libutil/auth.conf.5
deleted file mode 100644
index be10eb85fdf0..000000000000
--- a/lib/libutil/auth.conf.5
+++ /dev/null
@@ -1,35 +0,0 @@
-.\" Copyright (c) 1998 Jordan Hubbard
-.\" All rights reserved.
-.\"
-.\" Redistribution and use in source and binary forms, with or without
-.\" modification, is permitted provided that the following conditions
-.\" are met:
-.\" 1. Redistributions of source code must retain the above copyright
-.\"    notice immediately at the beginning of the file, without modification,
-.\"    this list of conditions, and the following disclaimer.
-.\" 2. Redistributions in binary form must reproduce the above copyright
-.\"    notice, this list of conditions and the following disclaimer in the
-.\"    documentation and/or other materials provided with the distribution.
-.\"
-.\" $FreeBSD$
-.\"
-.Dd October 7, 1998
-.Dt AUTH.CONF 5
-.Os
-.Sh NAME
-.Nm auth.conf
-.Nd authentication capability database
-.Sh SYNOPSIS
-.Pa /etc/auth.conf
-.Sh DESCRIPTION
-.Nm
-contains various attributes important to the authentication
-code, most notably
-.Xr crypt 3
-for the time being.
-This documentation will be updated as the
-.Pa /etc/auth.conf
-file, which is very new, evolves.
-.Sh SEE ALSO
-.Xr auth_getval 3 ,
-.Xr crypt 3
diff --git a/lib/libutil/gr_util.c b/lib/libutil/gr_util.c
index 0173595c24d0..6d96d5e9405e 100644
--- a/lib/libutil/gr_util.c
+++ b/lib/libutil/gr_util.c
@@ -63,6 +63,7 @@ static const char group_line_format[] = "%s:%s:%ju:";
 int
 gr_init(const char *dir, const char *group)
 {
+
 	if (dir == NULL) {
 		strcpy(group_dir, _PATH_ETC);
 	} else {
@@ -88,6 +89,7 @@ gr_init(const char *dir, const char *group)
 		}
 		strcpy(group_file, group);
 	}
+
 	initialized = 1;
 	return (0);
 }
diff --git a/lib/libutil/humanize_number.c b/lib/libutil/humanize_number.c
index 024bc6b201d3..1cad1cf7a210 100644
--- a/lib/libutil/humanize_number.c
+++ b/lib/libutil/humanize_number.c
@@ -76,7 +76,7 @@ humanize_number(char *buf, size_t len, int64_t quotient,
 		if (flags & HN_B)
 			prefixes = "B\0\0Ki\0Mi\0Gi\0Ti\0Pi\0Ei";
 		else
-			prefixes = "\0\0Ki\0Mi\0Gi\0Ti\0Pi\0Ei";
+			prefixes = "\0\0\0Ki\0Mi\0Gi\0Ti\0Pi\0Ei";
 	} else {
 		baselen = 1;
 		if (flags & HN_DIVISOR_1000)
diff --git a/lib/libutil/login.conf.5 b/lib/libutil/login.conf.5
index e46edc69c2a0..a07e1f03e0d3 100644
--- a/lib/libutil/login.conf.5
+++ b/lib/libutil/login.conf.5
@@ -267,9 +267,11 @@ The backoff delay is the number of tries above
 multiplied by 5 seconds.
 .It "login-retries	number	10	The number of login attempts"
 allowed before the login fails.
-.It "passwd_format	string	md5	The encryption format that new or"
+.It "passwd_format	string	sha512	The encryption format that new or"
 changed passwords will use.
-Valid values include "des", "md5" and "blf".
+Valid values include "des", "md5", "blf", "sha256" and "sha512"; see
+.Xr crypt 3
+for details.
 NIS clients using a
 .No non- Ns Fx
 NIS server should probably use "des".
diff --git a/lib/libutil/property.3 b/lib/libutil/property.3
index efe0079f07f9..3d4011463a7c 100644
--- a/lib/libutil/property.3
+++ b/lib/libutil/property.3
@@ -90,8 +90,6 @@ are desired, the entire value should be enclosed in { } (curly-bracket)
 characters.
 Any line beginning with a # or ; character is assumed to
 be a comment and will be ignored.
-.Sh SEE ALSO
-.Xr auth_getval 3
 .Sh AUTHORS
 .An Jordan Hubbard
 .Sh BUGS
diff --git a/lib/libutil/pw_util.3 b/lib/libutil/pw_util.3
new file mode 100644
index 000000000000..7ef0657b0b08
--- /dev/null
+++ b/lib/libutil/pw_util.3
@@ -0,0 +1,286 @@
+.\" Copyright (c) 2012 Baptiste Daroussin <bapt@FreeBSD.org>
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" $FreeBSD$
+.\"
+.Dd October 30, 2012
+.Dt PW_UTIL 3
+.Os
+.Sh NAME
+.Nm pw_copy ,
+.Nm pw_dup ,
+.Nm pw_edit ,
+.Nm pw_equal ,
+.Nm pw_fini ,
+.Nm pw_init ,
+.Nm pw_make ,
+.Nm pw_make_v7 ,
+.Nm pw_mkdb ,
+.Nm pw_lock ,
+.Nm pw_scan ,
+.Nm pw_tempname ,
+.Nm pw_tmp
+.Nd "functions for passwd file handling"
+.Sh LIBRARY
+.Lb libutil
+.Sh SYNOPSIS
+.In pwd.h
+.In libutil.h
+.Ft int
+.Fn pw_copy "int ffd" "int tfd" "const struct passwd *pw" "const struct passwd *oldpw"
+.Ft "struct passwd *"
+.Fn pw_dup "const struct passwd *pw"
+.Ft int
+.Fn pw_edit "int nosetuid"
+.Ft int
+.Fn pw_equal "const struct passwd *pw1" "const struct passwd pw2"
+.Ft void
+.Fn pw_fini "void"
+.Ft int
+.Fn pw_init "const char *dir" const char *master"
+.Ft "char *"
+.Fn pw_make "const struct passwd *pw"
+.Ft "char *"
+.Fn pw_make_v7 "const struct passwd *pw"
+.Ft int
+.Fn pw_mkdb "const char *user"
+.Ft int
+.Fn pw_lock "void"
+.Ft "struct passwd *"
+.Fn pw_scan "const char *line" "int flags"
+.Ft "const char *"
+.Fn pw_tempname "void"
+.Ft int
+.Fn pw_tmp "int mfd"
+.Sh DESCRIPTION
+The
+.Fn pw_copy
+function reads a password file from
+.Vt ffd
+and writes it back out to
+.Vt tfd
+possibly with modifications:
+.Bl -dash
+.It
+If
+.Fa pw
+is
+.Dv NULL
+and
+.Fa oldpw
+is not
+.Dv NULL ,
+then the record represented by
+.Fa oldpw
+will not be copied (corresponding to user deletion).
+.It
+If
+.Fa pw
+and
+.Fa oldpw
+are not
+.Dv NULL
+then the record corresponding to
+.Fa pw
+will be replaced by the record corresponding to
+.Fa oldpw .
+.It
+If
+.Vt pw
+is set and
+.Vt oldpw
+is
+.Dv NULL
+then the record corresponding to
+.Vt pw
+will be appended (corresponding to user addition).
+.El
+.Pp
+The
+.Fn pw_copy
+function returns -1 in case of failure otherwise 0.
+.Pp
+The
+.Fn pw_dup
+function duplicates the
+.Vt struct passwd
+pointed to by
+.Fa pw
+and returns a pointer to the copy, or
+.Dv NULL
+in case of failure.
+The new
+.Vt struct passwd
+is allocated with
+.Xr malloc 3 ,
+and it is the caller's responsibility to free it with
+.Xr free 3 .
+.Pp
+The
+.Fn pw_edit
+function invokes the command specified by the
+.Ev EDITOR
+environment variable (or
+.Pa /usr/bin/vi
+if
+.Ev EDITOR
+is not defined)
+on a temporary copy of the master password file created by
+.Fn pw_tmp .
+If the file was modified,
+.Fn pw_edit
+installs it and regenerates the password database.
+The
+.Fn pw_edit
+function returns -1 in case of failure, 0 if the file was not modified,
+and a non-zero positive number if the file was modified and successfully
+installed.
+.Pp
+The
+.Fn pw_equal
+function compares two
+.Vt struct passwd
+and returns 0 if they are equal.
+.Pp
+The
+.Fn pw_fini
+function destroy the temporary file created by
+.Fn pw_tmp
+if any,
+kills any running instance of
+.Ev EDITOR
+executed by
+.Fn pw_edit
+if any,
+and closes the lock created by
+.Fn pw_lock
+if any.
+.Pp
+The
+.Fn pw_init
+initialize the static variable representing the path a password file.
+.Fa dir
+is the directory where the password file is located.
+If set to
+.Dv NULL ,
+it will default to
+.Pa /etc .
+.Fa master
+is the name of the password file.
+If set to
+.Dv NULL?
+it will default to
+.Pa master.passwd
+.Pp
+The
+.Fn pw_make
+function creates a properly formatted
+.Bx
+.Xr passwd 5
+line from a
+.Vt struct passwd ,
+and returns a pointer to the resulting string.
+The string is allocated with
+.Xr malloc 3 ,
+and it is the caller's responsibility to free it with
+.Xr free 3 .
+.Pp
+The
+.Fn pw_make_v7
+function creates a properly formatted
+.Ux V7
+.Xr passwd 5
+line from a
+.Vt struct passwd ,
+and returns a pointer to the resulting string.
+The string is allocated with
+.Xr malloc 3 ,
+and it is the caller's responsibility to free it with
+.Xr free 3 .
+.Pp
+The
+.Fn pw_mkdb
+function regenerates the password database by running
+.Xr pw_mkdb 8 .
+If
+.Fa user
+only the record corresponding to that user will be updated.
+The
+.Fn pw_mkdb
+function returns 0 in case of success and -1 in case of failure.
+.Pp
+The
+.Fn pw_lock
+function locks the master password file.
+It returns 0 in case of success and -1 in case of failure.
+.Pp
+The
+.Fn pw_scan
+function is a wrapper around the internal libc function
+.Fn __pw_scan .
+It scans the master password file for a line corresponding to the
+.Fa line
+provided and return a
+.Vt struct passwd
+if it matched an existing record.
+In case of failure, it returns
+.Dv NULL .
+Otherwise, it returns a pointer to a
+.Vt struct passwd
+containing the matching record.
+The
+.Vt struct passwd
+is allocated with
+.Xr malloc 3 ,
+and it is the caller's responsibility to free it with
+.Xr free 3 .
+.Pp
+The
+.Fn pw_tempname
+function returns the temporary name of the masterfile created via
+.Fn pw_tmp .
+.Pp
+The
+.Fn pw_tmp
+creates and opens a presumably safe temporary password file.
+If
+.Fa mfd
+is a file descriptor to an open password file, it will be read and
+written back to the temporary password file.
+Otherwise if should be set -1.
+The
+.Fn pw_tmp
+returns an open file descriptor to the temporary password file or -1 in case of
+failure.
+.Sh AUTHORS
+Portions of this software were developed for the
+.Fx
+Project by ThinkSec AS and Network Associates Laboratories, the
+Security Research Division of Network Associates, Inc.\& under
+DARPA/SPAWAR contract N66001-01-C-8035
+.Pq Dq CBOSS ,
+as part of the DARPA CHATS research program.
+.Pp
+This manual page was written by
+.An Baptiste Daroussin Aq bapt@FreeBSD.org .
diff --git a/lib/libutil/pw_util.c b/lib/libutil/pw_util.c
index 63c63de81aa6..4bf3001ffe79 100644
--- a/lib/libutil/pw_util.c
+++ b/lib/libutil/pw_util.c
@@ -437,14 +437,21 @@ pw_copy(int ffd, int tfd, const struct passwd *pw, struct passwd *old_pw)
 	size_t len;
 	int eof, readlen;
 
-	spw = pw;
+	if (old_pw == NULL && pw == NULL)
+			return (-1);
+
+	spw = old_pw;
+	/* deleting a user */
 	if (pw == NULL) {
 		line = NULL;
-		if (old_pw == NULL)
+	} else {
+		if ((line = pw_make(pw)) == NULL)
 			return (-1);
-		spw = old_pw;
-	} else if ((line = pw_make(pw)) == NULL)
-		return (-1);
+	}
+
+	/* adding a user */
+	if (spw == NULL)
+		spw = pw;
 
 	eof = 0;
 	len = 0;
@@ -511,7 +518,7 @@ pw_copy(int ffd, int tfd, const struct passwd *pw, struct passwd *old_pw)
 		 */
 
 		*q = t;
-		if (fpw == NULL || fpw->pw_uid != spw->pw_uid) {
+		if (fpw == NULL || strcmp(fpw->pw_name, spw->pw_name) != 0) {
 			/* nope */
 			if (fpw != NULL)
 				free(fpw);