From 349195e6894ffa2cb06fb78d3fe49511ebcc5480 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?S=C3=A9bastien=20Gross?=
 <seb•ɑƬ•chezwam•ɖɵʈ•org>
Date: Thu, 26 Feb 2015 15:10:28 +0100
Subject: [PATCH] [user] Allow '*' as empty password.

If `password` is defined as `*` `useradd` or `usermod` returns an error:

    msg: usermod: Invalid password: `*'

This works very well on Linux host to not define any password for a
user (mainly useful if your setup is only based on SSH keys for
auth). On OpenBSD this does not work, so we have to ignore the encrypted
password parameter if it defined as `*`.
---
 system/user.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/system/user.py b/system/user.py
index 1045df70e67..61c0b0c2eda 100644
--- a/system/user.py
+++ b/system/user.py
@@ -916,7 +916,7 @@ class OpenBSDUser(User):
             cmd.append('-L')
             cmd.append(self.login_class)
 
-        if self.password is not None:
+        if self.password is not None and self.password != '*':
             cmd.append('-p')
             cmd.append(self.password)
 
@@ -1010,7 +1010,8 @@ class OpenBSDUser(User):
                 cmd.append('-L')
                 cmd.append(self.login_class)
 
-        if self.update_password == 'always' and self.password is not None and info[1] != self.password:
+        if self.update_password == 'always' and self.password is not None \
+           and self.password != '*' and info[1] != self.password:
             cmd.append('-p')
             cmd.append(self.password)