From 8fb79578a016f2a488622a1f4ca903f1007a091f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Anselm=20Sch=C3=BCler?= <mail@anselmschueler.com>
Date: Tue, 24 Sep 2024 13:50:48 +0200
Subject: [PATCH 1/6] passwd: now returns failure exit code on failure

---
 passwd.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/passwd.c b/passwd.c
index 809c931..294f502 100644
--- a/passwd.c
+++ b/passwd.c
@@ -93,5 +93,5 @@ int main(void) {
     free(password);
     free(password_confirmation);
 
-    return EXIT_SUCCESS;
+    return ret;
 }

From 325cf60fd4dd97ebc15632f6c727c02ec08ad1e3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Anselm=20Sch=C3=BCler?= <mail@anselmschueler.com>
Date: Tue, 24 Sep 2024 22:45:00 +0200
Subject: [PATCH 2/6] passwd: support -d to remove password login

---
 passwd.c      | 30 +++++++++++++++++++++++++++++-
 termux-auth.c |  8 ++++++++
 termux-auth.h |  4 ++++
 3 files changed, 41 insertions(+), 1 deletion(-)

diff --git a/passwd.c b/passwd.c
index 294f502..a34cfa7 100644
--- a/passwd.c
+++ b/passwd.c
@@ -55,7 +55,20 @@ static char *read_password(const char *prompt) {
     return password;
 }
 
-int main(void) {
+static int main_remove_password(void) {
+    int ret = EXIT_FAILURE;
+
+    if (termux_remove_passwd()) {
+        puts("Password login successfully disabled.");
+        ret = EXIT_SUCCESS;
+    } else {
+        puts("Failed to disable password login.");
+    }
+
+    return ret;
+}
+
+static int main_set_password(void) {
     char *password;
     char *password_confirmation;
     int ret = EXIT_FAILURE;
@@ -95,3 +108,18 @@ int main(void) {
 
     return ret;
 }
+
+int main(int argc, char **argv) {
+    switch (argc) {
+    case 1:
+        return main_set_password();
+    case 2:
+        if (strcmp(argv[1], "-d") == 0) {
+            return main_remove_password();
+        }
+        // otherwise, fall through
+    default:
+        fprintf(stderr, "Supported options are no options or -d\n");
+        return EXIT_FAILURE;
+    }
+}
diff --git a/termux-auth.c b/termux-auth.c
index 281882a..813ac09 100644
--- a/termux-auth.c
+++ b/termux-auth.c
@@ -89,6 +89,14 @@ bool termux_change_passwd(const char *new_password) {
     return is_password_changed;
 }
 
+// Remove file that stores password hash
+// Return true on success, false otherwise.
+bool termux_remove_passwd(void) {
+    int n = remove(AUTH_HASH_FILE_PATH);
+
+    return n == 0;
+}
+
 // Check validity of password (user name is ignored).
 // Return true if password is ok, otherwise return false.
 bool termux_auth(const char *user, const char *password) {
diff --git a/termux-auth.h b/termux-auth.h
index bee3ba1..43c48ab 100644
--- a/termux-auth.h
+++ b/termux-auth.h
@@ -27,6 +27,10 @@ unsigned char *termux_passwd_hash(const char *password);
 // Return true on success, false otherwise.
 bool termux_change_passwd(const char *new_password);
 
+// Remove file that stores password hash
+// Return true on success, false otherwise.
+bool termux_remove_passwd(void);
+
 // Check validity of password (user name is ignored).
 // Return true if password is ok, otherwise return false.
 bool termux_auth(const char *user, const char *password);

From b1424eda57212bb9bd6b44b7020929d6c6321f96 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Anselm=20Sch=C3=BCler?= <mail@anselmschueler.com>
Date: Wed, 25 Sep 2024 14:13:14 +0200
Subject: [PATCH 3/6] passwd: improve error handling for -d

---
 passwd.c      | 6 ++++++
 termux-auth.c | 5 +++--
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/passwd.c b/passwd.c
index a34cfa7..27ce90d 100644
--- a/passwd.c
+++ b/passwd.c
@@ -18,6 +18,7 @@
 
 /** Utility for setting new password **/
 
+#include <errno.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -62,6 +63,11 @@ static int main_remove_password(void) {
         puts("Password login successfully disabled.");
         ret = EXIT_SUCCESS;
     } else {
+        if (errno == EISDIR) {
+            printf("Unexpectedly found directory where hashed password should be ("
+                   AUTH_HASH_FILE_PATH
+                   "), ignoring\n");
+        }
         puts("Failed to disable password login.");
     }
 
diff --git a/termux-auth.c b/termux-auth.c
index 813ac09..863e049 100644
--- a/termux-auth.c
+++ b/termux-auth.c
@@ -22,6 +22,7 @@
 #include <string.h>
 #include <termios.h>
 #include <unistd.h>
+#include <errno.h>
 
 #include <openssl/sha.h>
 #include <openssl/evp.h>
@@ -92,9 +93,9 @@ bool termux_change_passwd(const char *new_password) {
 // Remove file that stores password hash
 // Return true on success, false otherwise.
 bool termux_remove_passwd(void) {
-    int n = remove(AUTH_HASH_FILE_PATH);
+    int n = unlink(AUTH_HASH_FILE_PATH);
 
-    return n == 0;
+    return n == 0 || errno == ENOENT;
 }
 
 // Check validity of password (user name is ignored).

From 934b06a85dd533911e3e514b5ea272cb7d445ede Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Anselm=20Sch=C3=BCler?= <mail@anselmschueler.com>
Date: Thu, 26 Sep 2024 12:24:39 +0200
Subject: [PATCH 4/6] passwd: improve argv error message

Co-authored-by: Henrik Grimler <grimler@termux.dev>
---
 passwd.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/passwd.c b/passwd.c
index 27ce90d..9c33af1 100644
--- a/passwd.c
+++ b/passwd.c
@@ -125,7 +125,9 @@ int main(int argc, char **argv) {
         }
         // otherwise, fall through
     default:
-        fprintf(stderr, "Supported options are no options or -d\n");
+        fprintf(stderr,
+                "Run %s without args to set a password, or with -d to remove the password\n",
+                argv[0]);
         return EXIT_FAILURE;
     }
 }

From 2e83e1c7a369a321540534e08f4761f7244f40b0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Anselm=20Sch=C3=BCler?= <mail@anselmschueler.com>
Date: Thu, 26 Sep 2024 13:00:16 +0200
Subject: [PATCH 5/6] passwd: permit -l as alias for -d

---
 passwd.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/passwd.c b/passwd.c
index 9c33af1..5a00ac8 100644
--- a/passwd.c
+++ b/passwd.c
@@ -120,7 +120,7 @@ int main(int argc, char **argv) {
     case 1:
         return main_set_password();
     case 2:
-        if (strcmp(argv[1], "-d") == 0) {
+        if (strcmp(argv[1], "-d") == 0 || strcmp(argv[1], "-l") == 0) {
             return main_remove_password();
         }
         // otherwise, fall through

From fe7552d1d79a8863878052dff3cee644ef55a84b Mon Sep 17 00:00:00 2001
From: Git User <107305601+sylirre@users.noreply.github.com>
Date: Thu, 26 Sep 2024 14:26:29 +0300
Subject: [PATCH 6/6] update passwd help message

---
 passwd.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/passwd.c b/passwd.c
index 5a00ac8..5d7a9d1 100644
--- a/passwd.c
+++ b/passwd.c
@@ -126,7 +126,7 @@ int main(int argc, char **argv) {
         // otherwise, fall through
     default:
         fprintf(stderr,
-                "Run %s without args to set a password, or with -d to remove the password\n",
+                "Run %s without args to set a password. Pass option -d to disable authentication credentials (lock account).\n",
                 argv[0]);
         return EXIT_FAILURE;
     }