Package: pwgen
Version: 2.05-1
Severity: important
Tags: patch
pwgen has the unexpected behaviour of generating less secure passwords when
its output is redirected.
$ pwgen -s 32 1
e3imCjWk9l3SwlJASdrgjdRyMzPi7WGp
$ pwgen -s 32 1 | cat
mtsgeuanmxwdsyiygqazzvxztdrkfnop
The attached patch fixes the '-s' option, and makes it so that the output to a
TTY vs. not-a-TTY is more consistent with what a user might expect.
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.18-4-686 (SMP w/1 CPU core)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages pwgen depends on:
ii libc6 2.5-9+b1 GNU C Library: Shared libraries
pwgen recommends no packages.
-- no debconf information
diff -ru ../orig/pwgen-2.05/pwgen.c pwgen-2.05/pwgen.c
--- ../orig/pwgen-2.05/pwgen.c 2006-01-15 21:59:04.000000000 -0600
+++ pwgen-2.05/pwgen.c 2007-06-07 11:55:43.000000000 -0600
@@ -92,11 +92,6 @@
pwgen = pw_phonemes;
pw_number = pw_random_number;
- if (isatty(1)) {
- do_columns = 1;
- pwgen_flags |= PW_DIGITS | PW_UPPERS;
- }
-
while (1) {
#ifdef HAVE_GETOPT_LONG
c = getopt_long(argc, argv, pw_options, pwgen_options, 0);
@@ -134,6 +129,7 @@
break;
case 's':
pwgen = pw_rand;
+ pwgen_flags |= PW_UPPERS | PW_DIGITS;
break;
case 'C':
do_columns = 1;
@@ -154,6 +150,12 @@
break;
}
}
+
+ if (optind == 1 && isatty(1)) { // no flags were set
+ do_columns = 1;
+ pwgen_flags |= PW_DIGITS | PW_UPPERS;
+ }
+
if (optind < argc) {
pw_length = strtol(argv[optind], &tmp, 0);
if (pw_length < 5)
