===================================================================
RCS file: /cvs2/dgamelaunch-openbsd/dgamelaunch.c,v
retrieving revision 1.3
retrieving revision 1.8
diff -u -p -r1.3 -r1.8
--- dgamelaunch-openbsd/dgamelaunch.c	2021/03/14 19:25:49	1.3
+++ dgamelaunch-openbsd/dgamelaunch.c	2021/04/02 11:02:20	1.8
@@ -1560,7 +1560,7 @@ changepw (int dowrite)
 #if defined(__OpenBSD__)
   me->password = (char *) malloc((_PASSWORD_LEN+1)*sizeof(char)); 
  if ( crypt_newhash(buf, "blowfish,12", me->password, _PASSWORD_LEN) != 0)
-  graceful_exit(1);
+  graceful_exit(300);
 #else
   me->password = strdup (crypt (buf, buf));
 #endif
@@ -2163,6 +2163,11 @@ readfile (int nolock)
       b = n;
 
       /* pw field */
+      /* OpenBSD's implementation stores the password in hashed form.
+       * crypt_checkpass takes care of validating the hashing so we
+       * don't have to ensure the password field has a valid length */ 
+
+#if !defined(__OpenBSD__)
       while (*b != ':')
         {
           users[f_num]->password[(b - n)] = *b;
@@ -2172,6 +2177,7 @@ readfile (int nolock)
             graceful_exit (102);
 	  }
         }
+#endif
 
       /* advance to next field */
       n = b + 1;
@@ -2865,6 +2871,8 @@ main (int argc, char** argv)
 	  graceful_exit (3);
 	}
 
+
+
       /* shed privs. this is done immediately after chroot. */
       if (setgroups (1, &globalconfig.shed_gid) == -1)
 	{
@@ -2883,6 +2891,16 @@ main (int argc, char** argv)
 	  perror ("setuid");
 	  graceful_exit (6);
 	}
+
+#if defined(__OpenBSD__)
+      if ( pledge("stdio rpath wpath cpath fattr flock "
+	  "tty proc exec ps", NULL )==-1 )
+        {
+	  perror("pledge");
+	  graceful_exit (301);
+	}
+#endif
+
     }
 
   if (globalconfig.locale) {