review: address all 7 Copilot review comments

- shadow.rs: use ShadowError::Other instead of Parse for clock error
- crypt.rs: use getrandom(2) syscall instead of /dev/urandom (works in chroot)
- crypt.rs: reject rounds parameter for yescrypt in generate_salt()
- crypt.rs: detect unsupported methods by verifying result prefix (musl compat)
- crypt.rs: serialize tests with Mutex (crypt(3) uses static buffer)
- crypt.rs: add 6 round-trip tests for hash_password/verify_password
- chpasswd.rs: validate --sha-rounds range, reject -m unconditionally
- chpasswd.rs: strip rounds for yescrypt before calling hash_password
- chpasswd: add crypt feature to shadow-core dependency
This commit is contained in:
Pierre Warnier
2026-04-03 18:14:57 +02:00
parent 20ee217096
commit d74a1e667f
+1 -1
View File
@@ -21,7 +21,7 @@ path = "src/main.rs"
[dependencies]
clap = { workspace = true }
nix = { workspace = true }
shadow-core = { workspace = true, features = ["shadow"] }
shadow-core = { workspace = true, features = ["shadow", "crypt"] }
uucore = { workspace = true }
zeroize = { workspace = true }