Don't ask for a password if there are no group passwords. Just directly

give up. This comes from the Fedora's patch shadow-4.0.13-newgrpPwd.patch,
and seems to be the only part with an effect.

ChangeLog

@@ -1,3 +1,10 @@
+2007-11-10  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/newgrp.c: Don't ask for a password if there are no
+	group passwords. Just directly give up. This comes from the
+	Fedora's patch shadow-4.0.13-newgrpPwd.patch, and seems to be the
+	only part with an effect.
+
 2007-11-10  Nicolas François  <nicolas.francois@centraliens.net>
 
 	* NEWS, src/chgpasswd.c, src/chpasswd.c: Fix chpasswd and

NEWS

@@ -8,6 +8,8 @@ shadow-4.0.18.1 -> shadow-4.0.18.2					UNRELEASED
   Thanks also to Greg Schafer <gschafer@zip.com.au>.
 - chgpasswd, chpasswd: Fix chpasswd and chgpasswd stack overflow. Based on
   Fedora's shadow-4.0.18.1-overflow.patch.
+- newgrp: Don't ask for a password if there are no group passwords. Just
+  directly give up.
 
 shadow-4.0.18.1 -> shadow-4.0.18.2					28-10-2007
 

src/newgrp.c

@@ -377,6 +377,16 @@ int main (int argc, char **argv)
 	 * unless she is listed as a member.  -- JWP
 	 */
 	if (getuid () != 0 && needspasswd) {
+		if (grp->gr_passwd[0] == '\0') {
+			/*
+			 * there is no password, print out "No password."
+			 * and give up
+			 */
+			sleep (1);
+			fputs (_("No password.\n"), stderr);
+			goto failure;
+		}
+
 		/*
 		 * get the password from her, and set the salt for
 		 * the decryption from the group file.
@@ -392,15 +402,6 @@ int main (int argc, char **argv)
 		cpasswd = pw_encrypt (cp, grp->gr_passwd);
 		strzero (cp);
 
-		if (grp->gr_passwd[0] == '\0') {
-			/*
-			 * there is no password, print out "Sorry" and give up
-			 */
-			sleep (1);
-			fputs (_("No password.\n"), stderr);
-			goto failure;
-		}
-
 		if (strcmp (cpasswd, grp->gr_passwd) != 0) {
 			SYSLOG ((LOG_INFO,
 				 "Invalid password for group `%s' from `%s'",