From b61b3fbde769c1bd36b478048b03e551b8cdafa3 Mon Sep 17 00:00:00 2001
From: Ted Trask <ttrask01@yahoo.com>
Date: Fri, 14 Aug 2009 11:43:33 +0000
Subject: Changed system password to use posix.crypt instead of
 io.popen(cryptpw)

---
 password-model.lua | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/password-model.lua b/password-model.lua
index f66c74b..8555768 100644
--- a/password-model.lua
+++ b/password-model.lua
@@ -3,6 +3,7 @@ module (..., package.seeall)
 
 require ("fs")
 require ("format")
+require ("posix")
 
 read_password = function()
 	pw = {}
@@ -26,9 +27,15 @@ update_password = function (pw)
 	end
 
 	if success then
-		local f = io.popen("/usr/bin/cryptpw '" .. string.gsub(pw.value.password.value, "'", "'\\''") .. "'")
-		local newpass = f:read("*l")
-		f:close()
+		math.randomseed(os.time())
+		local randomchar = function()
+			local char = math.random(64)+string.byte('.')
+			if char > string.byte('9') then char = char + 7 end
+			if char > string.byte('Z') then char = char + 6 end
+			return string.char(char)
+		end
+		local seed = randomchar() .. randomchar()
+		newpass = posix.crypt(pw.value.password.value, seed)
 		local new = string.gsub(filecontent, "(\n"..pw.value.user.value..":)[^:]*", "%1"..newpass)
 		fs.write_file("/etc/shadow", string.sub(new, 2))
 	else
-- 
cgit v1.2.3