#!/bin/sh
#
#     tiger - A UN*X security checking system
#     Copyright (C) 1993 Douglas Lee Schales, David K. Hess, David R. Safford
#
#
#    This program is free software; you can redistribute it and/or modify
#    it under the terms of the GNU General Public License as published by
#    the Free Software Foundation; either version 1, or (at your option)
#    any later version.
#
#    This program is distributed in the hope that it will be useful,
#    but WITHOUT ANY WARRANTY; without even the implied warranty of
#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#    GNU General Public License for more details.
#     Please see the file `COPYING' for the complete copyright notice.
#
# MacOSX/5/gen_passwd_sets - 06/14/93
#
#-----------------------------------------------------------------------------
#

local=0
passwordflag=

for parm
do
  case "$parm" in
    -p) passwordflag=Y;;
    -l) local=1;;
    *) outfile="$parm";;
  esac
done

zappasswd()
{
  IFS=:
  while read user passwd rest
  do
    case $passwd in
      [a-zA-Z0-9\./][a-zA-Z0-9\./][a-zA-Z0-9\./][a-zA-Z0-9\./][a-zA-Z0-9\./][a-zA-Z0-9\./][a-zA-Z0-9\./][a-zA-Z0-9\./][a-zA-Z0-9\./][a-zA-Z0-9\./][a-zA-Z0-9\./][a-zA-Z0-9\./][a-zA-Z0-9\./])
	     passwd="xxxxxxxxxxxxx"
	   ;;
	*)
	     passwd='*'
	   ;;
    esac
    echo "$user:$passwd:$rest" >> $OUTPUT
  done
}

$GREP -v '^[-+]' /etc/passwd |
$SORT > $WORKDIR/pass.tmp.$$

$SED -e 's/#.*$//' -e '/^$/d' /etc/security/passwd |
$AWK '
/^[^ 	]*:/ {
  if(user != "")
    printf("%s:\n", user);
  for(i=1;i<length($0);i++)
    if(substr($0, i, 1) == ":")
        break;
  user=substr($0, 1, i-1); 
}
/^[ 	][ 	]*password[ 	]*=[ 	]*.*/ {
  for(i=1;i<length($0);i++)
    if(substr($0, i, 1) == "=")
      break;
  for(i++;i<length($0);i++)
    if(substr($0, i, 1) != " ")    
      break;
  pass = substr($0, i, length($0)-i+1);
  printf("%s:%s\n", user, pass);
  user="";
}' |
$SED -e 's/[ 	][ 	]*$//' |
$SORT |
$JOIN -t: -o 1.1 1.2 2.3 2.4 2.5 2.6 2.7 - $WORKDIR/pass.tmp.$$ |
$SED -e 's/:$/: /' |
{
  if [ "$passwordflag" = 'Y' ]; then
    $CAT
  else
    zappasswd
  fi
} > $WORKDIR/etc_passwd.$$

$RM -f $WORKDIR/pass.tmp.$$

echo "/etc/passwd" > $WORKDIR/etc_passwd.$$.src
echo $WORKDIR/etc_passwd.$$ >> $outfile

[ -n "$YP" ] && {
  $YPCAT passwd |
  $SED -e 's/:$/: /' |
  $SORT |
  echo "NIS" > $WORKDIR/nis_passwd.$$.src
  echo $WORKDIR/nis_passwd.$$ >> $outfile
}
