GCC Code Coverage Report
Directory: ./ Exec Total Coverage
File: usr.sbin/pwd_mkdb/pwd_mkdb.c Lines: 0 283 0.0 %
Date: 2017-11-13 Branches: 0 195 0.0 %

Line Branch Exec Source
1
/*	$OpenBSD: pwd_mkdb.c,v 1.53 2015/11/05 15:10:11 semarie Exp $	*/
2
3
/*-
4
 * Copyright (c) 1991, 1993, 1994
5
 *	The Regents of the University of California.  All rights reserved.
6
 * Portions Copyright (c) 1994, Jason Downs.  All rights reserved.
7
 * Portions Copyright (c) 1998, Todd C. Miller.  All rights reserved.
8
 *
9
 * Redistribution and use in source and binary forms, with or without
10
 * modification, are permitted provided that the following conditions
11
 * are met:
12
 * 1. Redistributions of source code must retain the above copyright
13
 *    notice, this list of conditions and the following disclaimer.
14
 * 2. Redistributions in binary form must reproduce the above copyright
15
 *    notice, this list of conditions and the following disclaimer in the
16
 *    documentation and/or other materials provided with the distribution.
17
 * 3. Neither the name of the University nor the names of its contributors
18
 *    may be used to endorse or promote products derived from this software
19
 *    without specific prior written permission.
20
 *
21
 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
22
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31
 * SUCH DAMAGE.
32
 */
33
34
#include <sys/param.h>	/* MAXBSIZE */
35
#include <sys/stat.h>
36
37
#include <db.h>
38
#include <err.h>
39
#include <errno.h>
40
#include <fcntl.h>
41
#include <grp.h>
42
#include <limits.h>
43
#include <pwd.h>
44
#include <signal.h>
45
#include <stdarg.h>
46
#include <stdio.h>
47
#include <stdlib.h>
48
#include <string.h>
49
#include <unistd.h>
50
#include <limits.h>
51
#include <util.h>
52
53
#define MINIMUM(a, b)	(((a) < (b)) ? (a) : (b))
54
55
#define	INSECURE	1
56
#define	SECURE		2
57
#define	PERM_INSECURE	(S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH)
58
#define	PERM_SECURE	(S_IRUSR|S_IWUSR)
59
60
#define FILE_SECURE	0x01
61
#define FILE_INSECURE	0x02
62
#define FILE_ORIG	0x04
63
64
#define	SHADOW_GROUP	"_shadow"
65
66
HASHINFO openinfo = {
67
	4096,		/* bsize */
68
	32,		/* ffactor */
69
	256,		/* nelem */
70
	2048 * 1024,	/* cachesize */
71
	NULL,		/* hash() */
72
	0		/* lorder */
73
};
74
75
static char *pname;				/* password file name */
76
static char *basedir;				/* dir holding master.passwd */
77
static int clean;				/* what to remove on cleanup */
78
static int hasyp;				/* are we running YP? */
79
80
void		cleanup(void);
81
__dead void	fatal(const char *, ...)
82
		    __attribute__((__format__ (printf, 1, 2)));
83
__dead void	fatalc(int, const char *, ...)
84
		    __attribute__((__format__ (printf, 2, 3)));
85
__dead void	fatalx(const char *, ...)
86
		    __attribute__((__format__ (printf, 1, 2)));
87
int		write_old_entry(FILE *, const struct passwd *);
88
89
void		cp(char *, char *, mode_t);
90
void		mv(char *, char *);
91
int		scan(FILE *, struct passwd *, int *);
92
void		usage(void);
93
char		*changedir(char *path, char *dir);
94
void		db_store(FILE *, FILE *, DB *, DB *,struct passwd *, int, char *, uid_t);
95
96
int
97
main(int argc, char **argv)
98
{
99
	DB *dp, *edp;
100
	DBT data, key;
101
	FILE *fp, *oldfp = NULL;
102
	struct stat st;
103
	struct passwd pwd;
104
	struct group *grp;
105
	sigset_t set;
106
	uid_t olduid;
107
	gid_t shadow;
108
	int ch, tfd, makeold, secureonly, flags, checkonly;
109
	char *username, buf[MAX(PATH_MAX, LINE_MAX * 2)];
110
111
	flags = checkonly = makeold = secureonly = 0;
112
	username = NULL;
113
	while ((ch = getopt(argc, argv, "cd:psu:v")) != -1)
114
		switch (ch) {
115
		case 'c':			/* verify only */
116
			checkonly = 1;
117
			break;
118
		case 'd':
119
			basedir = optarg;
120
			if (strlen(basedir) > PATH_MAX - 40)
121
				errx(1, "basedir too long");
122
			break;
123
		case 'p':			/* create V7 "file.orig" */
124
			makeold = 1;
125
			break;
126
		case 's':			/* only update spwd.db */
127
			secureonly = 1;
128
			break;
129
		case 'u':			/* only update this record */
130
			username = optarg;
131
			if (strlen(username) > _PW_NAME_LEN)
132
				errx(1, "username too long");
133
			break;
134
		case 'v':			/* backward compatible */
135
			break;
136
		case '?':
137
		default:
138
			usage();
139
		}
140
	argc -= optind;
141
	argv += optind;
142
143
	if (argc != 1 || (makeold && secureonly) ||
144
	    (username && (*username == '+' || *username == '-')))
145
		usage();
146
147
	if ((grp = getgrnam(SHADOW_GROUP)) == NULL)
148
		errx(1, "cannot find `%s' in the group database, aborting",
149
		    SHADOW_GROUP);
150
	shadow = grp->gr_gid;
151
152
	/*
153
	 * This could be changed to allow the user to interrupt.
154
	 * Probably not worth the effort.
155
	 */
156
	sigemptyset(&set);
157
	sigaddset(&set, SIGTSTP);
158
	sigaddset(&set, SIGHUP);
159
	sigaddset(&set, SIGINT);
160
	sigaddset(&set, SIGQUIT);
161
	sigaddset(&set, SIGTERM);
162
	(void)sigprocmask(SIG_BLOCK, &set, (sigset_t *)NULL);
163
164
	/* We don't care what the user wants. */
165
	(void)umask(0);
166
167
	if (**argv != '/' && basedir == NULL)
168
		errx(1, "%s must be specified as an absolute path", *argv);
169
170
	if ((pname = strdup(changedir(*argv, basedir))) == NULL)
171
		err(1, NULL);
172
	/* Open the original password file */
173
	if (!(fp = fopen(pname, "r")))
174
		fatal("%s", pname);
175
176
	/* Check only if password database is valid */
177
	if (checkonly) {
178
		u_int cnt;
179
180
		for (cnt = 1; scan(fp, &pwd, &flags); ++cnt)
181
			;
182
		exit(0);
183
	}
184
185
	if (fstat(fileno(fp), &st) == -1)
186
		fatal("%s", pname);
187
188
	/* Tweak openinfo values for large passwd files. */
189
	if (st.st_size > (off_t)100*1024)
190
		openinfo.cachesize = MINIMUM(st.st_size * 20, (off_t)12*1024*1024);
191
	if (st.st_size / 128 > openinfo.nelem)
192
		openinfo.nelem = st.st_size / 128;
193
194
	/* If only updating a single record, stash the old uid */
195
	if (username) {
196
		dp = dbopen(_PATH_MP_DB, O_RDONLY, 0, DB_HASH, NULL);
197
		if (dp == NULL)
198
			fatal(_PATH_MP_DB);
199
		buf[0] = _PW_KEYBYNAME;
200
		strlcpy(buf + 1, username, sizeof(buf) - 1);
201
		key.data = (u_char *)buf;
202
		key.size = strlen(buf + 1) + 1;
203
		if ((dp->get)(dp, &key, &data, 0) == 0) {
204
			char *p = (char *)data.data;
205
			/* Skip to uid field */
206
			while (*p++ != '\0')
207
				;
208
			while (*p++ != '\0')
209
				;
210
			memcpy(&olduid, p, sizeof(olduid));
211
		} else
212
			olduid = UID_MAX;
213
		(dp->close)(dp);
214
	}
215
216
	/* Open the temporary encrypted password database. */
217
	(void)snprintf(buf, sizeof(buf), "%s.tmp",
218
	    changedir(_PATH_SMP_DB, basedir));
219
	if (username) {
220
		cp(changedir(_PATH_SMP_DB, basedir), buf, PERM_SECURE);
221
		edp = dbopen(buf,
222
		    O_RDWR, PERM_SECURE, DB_HASH, &openinfo);
223
	} else {
224
		edp = dbopen(buf,
225
		    O_RDWR|O_CREAT|O_EXCL, PERM_SECURE, DB_HASH, &openinfo);
226
	}
227
	if (!edp)
228
		fatal("%s", buf);
229
	if (fchown(edp->fd(edp), (uid_t)-1, shadow) != 0)
230
		warn("%s: unable to set group to %s", _PATH_SMP_DB,
231
		    SHADOW_GROUP);
232
	else if (fchmod(edp->fd(edp), PERM_SECURE|S_IRGRP) != 0)
233
		warn("%s: unable to make group readable", _PATH_SMP_DB);
234
	clean |= FILE_SECURE;
235
236
	if (pledge("stdio rpath wpath cpath getpw fattr flock", NULL) == -1)
237
		err(1, "pledge");
238
239
	/* Open the temporary insecure password database. */
240
	if (!secureonly) {
241
		(void)snprintf(buf, sizeof(buf), "%s.tmp",
242
		    changedir(_PATH_MP_DB, basedir));
243
		if (username) {
244
			cp(changedir(_PATH_MP_DB, basedir), buf, PERM_INSECURE);
245
			dp = dbopen(buf, O_RDWR, PERM_INSECURE, DB_HASH,
246
			    &openinfo);
247
		} else {
248
			dp = dbopen(buf, O_RDWR|O_CREAT|O_EXCL, PERM_INSECURE,
249
			    DB_HASH, &openinfo);
250
		}
251
		if (dp == NULL)
252
			fatal("%s", buf);
253
		clean |= FILE_INSECURE;
254
	} else
255
		dp = NULL;
256
257
	/*
258
	 * Open file for old password file.  Minor trickiness -- don't want to
259
	 * change the file already existing, since someone (stupidly) might
260
	 * still be using this for permission checking.  So, open it first and
261
	 * fdopen the resulting fd.  The resulting file should be readable by
262
	 * everyone.
263
	 */
264
	if (makeold) {
265
		(void)snprintf(buf, sizeof(buf), "%s.orig", pname);
266
		if ((tfd = open(buf,
267
		    O_WRONLY|O_CREAT|O_EXCL, PERM_INSECURE)) < 0)
268
			fatal("%s", buf);
269
		if ((oldfp = fdopen(tfd, "w")) == NULL)
270
			fatal("%s", buf);
271
		clean |= FILE_ORIG;
272
	}
273
274
	/*
275
	 * The databases actually contain three copies of the original data.
276
	 * Each password file entry is converted into a rough approximation
277
	 * of a ``struct passwd'', with the strings placed inline.  This
278
	 * object is then stored as the data for three separate keys.  The
279
	 * first key * is the pw_name field prepended by the _PW_KEYBYNAME
280
	 * character.  The second key is the pw_uid field prepended by the
281
	 * _PW_KEYBYUID character.  The third key is the line number in the
282
	 * original file prepended by the _PW_KEYBYNUM character.  (The special
283
	 * characters are prepended to ensure that the keys do not collide.)
284
	 *
285
	 * If we see something go by that looks like YP, we save a special
286
	 * pointer record, which if YP is enabled in the C lib, will speed
287
	 * things up.
288
	 */
289
290
	/*
291
	 * Write the .db files.
292
	 * We do this three times, one per key type (for getpw{nam,uid,ent}).
293
	 * The first time through we also check for YP, issue warnings
294
	 * and save the V7 format passwd file if necessary.
295
	 */
296
	db_store(fp, oldfp, edp, dp, &pwd, _PW_KEYBYNAME, username, olduid);
297
	db_store(fp, oldfp, edp, dp, &pwd, _PW_KEYBYUID, username, olduid);
298
	db_store(fp, oldfp, edp, dp, &pwd, _PW_KEYBYNUM, username, olduid);
299
300
	/* Store YP token, if needed. */
301
	if (hasyp && !username) {
302
		key.data = (u_char *)_PW_YPTOKEN;
303
		key.size = strlen(_PW_YPTOKEN);
304
		data.data = (u_char *)NULL;
305
		data.size = 0;
306
307
		if ((edp->put)(edp, &key, &data, R_NOOVERWRITE) == -1)
308
			fatal("put");
309
310
		if (dp && (dp->put)(dp, &key, &data, R_NOOVERWRITE) == -1)
311
			fatal("put");
312
	}
313
314
	if ((edp->close)(edp))
315
		fatal("close edp");
316
	if (dp && (dp->close)(dp))
317
		fatal("close dp");
318
	if (makeold) {
319
		if (fclose(oldfp) == EOF)
320
			fatal("close old");
321
	}
322
323
	/* Set master.passwd permissions, in case caller forgot. */
324
	(void)fchmod(fileno(fp), S_IRUSR|S_IWUSR);
325
	if (fclose(fp) != 0)
326
		fatal("fclose");
327
328
	/* Install as the real password files. */
329
	if (!secureonly) {
330
		(void)snprintf(buf, sizeof(buf), "%s.tmp",
331
		    changedir(_PATH_MP_DB, basedir));
332
		mv(buf, changedir(_PATH_MP_DB, basedir));
333
	}
334
	(void)snprintf(buf, sizeof(buf), "%s.tmp",
335
	    changedir(_PATH_SMP_DB, basedir));
336
	mv(buf, changedir(_PATH_SMP_DB, basedir));
337
	if (makeold) {
338
		(void)snprintf(buf, sizeof(buf), "%s.orig", pname);
339
		mv(buf, changedir(_PATH_PASSWD, basedir));
340
	}
341
342
	/*
343
	 * Move the master password LAST -- chpass(1), passwd(1) and vipw(8)
344
	 * all use flock(2) on it to block other incarnations of themselves.
345
	 * The rename means that everything is unlocked, as the original file
346
	 * can no longer be accessed.
347
	 */
348
	mv(pname, changedir(_PATH_MASTERPASSWD, basedir));
349
	exit(0);
350
}
351
352
int
353
scan(FILE *fp, struct passwd *pw, int *flags)
354
{
355
	static int lcnt;
356
	static char line[LINE_MAX];
357
	char *p;
358
359
	if (fgets(line, sizeof(line), fp) == NULL)
360
		return (0);
361
	++lcnt;
362
	/*
363
	 * ``... if I swallow anything evil, put your fingers down my
364
	 * throat...''
365
	 *	-- The Who
366
	 */
367
	p = line;
368
	if (*p != '\0' && *(p += strlen(line) - 1) != '\n') {
369
		warnx("line too long");
370
		goto fmt;
371
	}
372
	*p = '\0';
373
	*flags = 0;
374
	if (!pw_scan(line, pw, flags)) {
375
		warnx("at line #%d", lcnt);
376
fmt:		fatalc(EFTYPE, "%s", pname);
377
	}
378
379
	return (1);
380
}
381
382
void
383
cp(char *from, char *to, mode_t mode)
384
{
385
	static char buf[MAXBSIZE];
386
	int from_fd, rcount, to_fd, wcount;
387
388
	if ((from_fd = open(from, O_RDONLY, 0)) < 0)
389
		fatal("%s", from);
390
	if ((to_fd = open(to, O_WRONLY|O_CREAT|O_EXCL, mode)) < 0)
391
		fatal("%s", to);
392
	while ((rcount = read(from_fd, buf, MAXBSIZE)) > 0) {
393
		wcount = write(to_fd, buf, rcount);
394
		if (rcount != wcount || wcount == -1)
395
			fatal("%s to %s", from, to);
396
	}
397
	if (rcount < 0)
398
		fatal("%s to %s", from, to);
399
	close(to_fd);
400
	close(from_fd);
401
}
402
403
void
404
mv(char *from, char *to)
405
{
406
	if (rename(from, to))
407
		fatal("%s to %s", from, to);
408
}
409
410
void
411
fatal(const char *fmt, ...)
412
{
413
	va_list ap;
414
415
	va_start(ap, fmt);
416
	vwarn(fmt, ap);
417
	va_end(ap);
418
	cleanup();
419
	exit(EXIT_FAILURE);
420
}
421
422
void
423
fatalc(int code, const char *fmt, ...)
424
{
425
	va_list ap;
426
427
	va_start(ap, fmt);
428
	vwarnc(code, fmt, ap);
429
	va_end(ap);
430
	cleanup();
431
	exit(EXIT_FAILURE);
432
}
433
434
void
435
fatalx(const char *fmt, ...)
436
{
437
	va_list ap;
438
439
	va_start(ap, fmt);
440
	vwarnx(fmt, ap);
441
	va_end(ap);
442
	cleanup();
443
	exit(EXIT_FAILURE);
444
}
445
446
void
447
cleanup(void)
448
{
449
	char buf[PATH_MAX];
450
451
	if (clean & FILE_ORIG) {
452
		(void)snprintf(buf, sizeof(buf), "%s.orig", pname);
453
		(void)unlink(buf);
454
	}
455
	if (clean & FILE_SECURE) {
456
		(void)snprintf(buf, sizeof(buf), "%s.tmp",
457
		    changedir(_PATH_SMP_DB, basedir));
458
		(void)unlink(buf);
459
	}
460
	if (clean & FILE_INSECURE) {
461
		(void)snprintf(buf, sizeof(buf), "%s.tmp",
462
		    changedir(_PATH_MP_DB, basedir));
463
		(void)unlink(buf);
464
	}
465
}
466
467
void
468
usage(void)
469
{
470
	(void)fprintf(stderr,
471
	    "usage: pwd_mkdb [-c] [-p | -s] [-d directory] [-u username] file\n");
472
	exit(EXIT_FAILURE);
473
}
474
475
char *
476
changedir(char *path, char *dir)
477
{
478
	static char fixed[PATH_MAX];
479
	char *p;
480
481
	if (!dir)
482
		return (path);
483
484
	if ((p = strrchr(path, '/')) != NULL)
485
		path = p + 1;
486
	snprintf(fixed, sizeof(fixed), "%s/%s", dir, path);
487
	return (fixed);
488
}
489
490
int
491
write_old_entry(FILE *to, const struct passwd *pw)
492
{
493
	char gidstr[16], uidstr[16];
494
495
	if (to == NULL)
496
		return (0);
497
498
	/* Preserve gid/uid -1 */
499
	if (pw->pw_gid == (gid_t)-1)
500
		strlcpy(gidstr, "-1", sizeof(gidstr));
501
	else
502
		snprintf(gidstr, sizeof(gidstr), "%u", (u_int)pw->pw_gid);
503
504
	if (pw->pw_uid == (uid_t)-1)
505
		strlcpy(uidstr, "-1", sizeof(uidstr));
506
	else
507
		snprintf(uidstr, sizeof(uidstr), "%u", (u_int)pw->pw_uid);
508
509
	return (fprintf(to, "%s:*:%s:%s:%s:%s:%s\n", pw->pw_name, uidstr,
510
	    gidstr, pw->pw_gecos, pw->pw_dir, pw->pw_shell));
511
}
512
513
void
514
db_store(FILE *fp, FILE *oldfp, DB *edp, DB *dp, struct passwd *pw,
515
	 int keytype, char *username, uid_t olduid)
516
{
517
	char *p, *t, buf[LINE_MAX * 2], tbuf[_PW_BUF_LEN];
518
	int flags = 0, dbmode, found = 0;
519
	static int firsttime = 1;
520
	DBT data, key;
521
	size_t len;
522
	u_int cnt;
523
524
	/* If given a username just add that record to the existing db. */
525
	dbmode = username ? 0 : R_NOOVERWRITE;
526
527
	rewind(fp);
528
	data.data = (u_char *)buf;
529
	key.data = (u_char *)tbuf;
530
	for (cnt = 1; scan(fp, pw, &flags); ++cnt) {
531
532
		if (firsttime) {
533
			/* Look like YP? */
534
			if ((pw->pw_name[0] == '+') || (pw->pw_name[0] == '-'))
535
				hasyp++;
536
537
			/* Warn about potentially unsafe uid/gid overrides. */
538
			if (pw->pw_name[0] == '+') {
539
				if (!(flags & _PASSWORD_NOUID) && !pw->pw_uid)
540
					warnx("line %d: superuser override in "
541
					    "YP inclusion", cnt);
542
				if (!(flags & _PASSWORD_NOGID) && !pw->pw_gid)
543
					warnx("line %d: wheel override in "
544
					    "YP inclusion", cnt);
545
			}
546
547
			/* Create V7 format password file entry. */
548
			if (write_old_entry(oldfp, pw) == -1)
549
				fatal("write old");
550
		}
551
552
		/* Are we updating a specific record? */
553
		if (username) {
554
			if (strcmp(username, pw->pw_name) != 0)
555
				continue;
556
			found = 1;
557
			/* If the uid changed, remove the old record by uid. */
558
			if (olduid != UID_MAX && olduid != pw->pw_uid) {
559
				tbuf[0] = _PW_KEYBYUID;
560
				memcpy(tbuf + 1, &olduid, sizeof(olduid));
561
				key.size = sizeof(olduid) + 1;
562
				(edp->del)(edp, &key, 0);
563
				if (dp)
564
					(dp->del)(dp, &key, 0);
565
			}
566
			/* XXX - should check to see if line number changed. */
567
		}
568
569
		/* Build the key. */
570
		tbuf[0] = keytype;
571
		switch (keytype) {
572
		case _PW_KEYBYNUM:
573
			memmove(tbuf + 1, &cnt, sizeof(cnt));
574
			key.size = sizeof(cnt) + 1;
575
			break;
576
577
		case _PW_KEYBYNAME:
578
			len = strlen(pw->pw_name);
579
			memmove(tbuf + 1, pw->pw_name, len);
580
			key.size = len + 1;
581
			break;
582
583
		case _PW_KEYBYUID:
584
			memmove(tbuf + 1, &pw->pw_uid, sizeof(pw->pw_uid));
585
			key.size = sizeof(pw->pw_uid) + 1;
586
			break;
587
		}
588
589
#define	COMPACT(e)	t = e; while ((*p++ = *t++));
590
		/* Create the secure record. */
591
		p = buf;
592
		COMPACT(pw->pw_name);
593
		COMPACT(pw->pw_passwd);
594
		memmove(p, &pw->pw_uid, sizeof(uid_t));
595
		p += sizeof(uid_t);
596
		memmove(p, &pw->pw_gid, sizeof(gid_t));
597
		p += sizeof(gid_t);
598
		memmove(p, &pw->pw_change, sizeof(time_t));
599
		p += sizeof(time_t);
600
		COMPACT(pw->pw_class);
601
		COMPACT(pw->pw_gecos);
602
		COMPACT(pw->pw_dir);
603
		COMPACT(pw->pw_shell);
604
		memmove(p, &pw->pw_expire, sizeof(time_t));
605
		p += sizeof(time_t);
606
		memmove(p, &flags, sizeof(int));
607
		p += sizeof(int);
608
		data.size = p - buf;
609
610
		/* Write the secure record. */
611
		if ((edp->put)(edp, &key, &data, dbmode) == -1)
612
			fatal("put");
613
614
		if (dp == NULL)
615
			continue;
616
617
		/* Star out password to make insecure record. */
618
		p = buf + strlen(pw->pw_name) + 1;	/* skip pw_name */
619
		len = strlen(pw->pw_passwd);
620
		explicit_bzero(p, len);			/* zero pw_passwd */
621
		t = p + len + 1;			/* skip pw_passwd */
622
		if (len != 0)
623
			*p++ = '*';
624
		*p++ = '\0';
625
		memmove(p, t, data.size - (t - buf));
626
		data.size -= len - 1;
627
628
		/* Write the insecure record. */
629
		if ((dp->put)(dp, &key, &data, dbmode) == -1)
630
			fatal("put");
631
	}
632
	if (firsttime) {
633
		firsttime = 0;
634
		if (username && !found && olduid != UID_MAX)
635
			fatalx("can't find user in master.passwd");
636
	}
637
}