$NetBSD: patch-plugins_password_helpers_passwd-expect,v 1.1 2020/04/26 08:48:24 taca Exp $

* Make password plugin work on NetBSD (and maybe other *BSD).
* Allocate pty on ssh session.

--- plugins/password/helpers/passwd-expect.orig	2020-01-01 20:00:50.000000000 +0000
+++ plugins/password/helpers/passwd-expect
@@ -46,10 +46,10 @@ set prompt_string      "(%|\\\$|>)"
 set fingerprint_string "The authenticity of host.* can't be established.*\n(RSA|ECDSA) key fingerprint is.*\nAre you sure you want to continue connecting.*"
 set password_string    "(P|p)assword.*"
 set oldpassword_string "((O|o)ld|login|\\\(current\\\) UNIX) (P|p)assword.*"
-set newpassword_string "(N|n)ew.* (P|p)assword.*"
+set newpassword_string "(N|n)ew.*(P|p)assword.*"
 set badoldpassword_string "(Authentication token manipulation error).*"
 set badpassword_string "((passwd|BAD PASSWORD).*|(passwd|Bad:).*\r)"
-set verify_string      "((R|r)e-*enter.*(P|p)assword|Retype new( UNIX)? password|(V|v)erification|(V|v)erify|(A|a)gain).*"
+set verify_string      "((R|r)e-*enter.*(P|p)assword|Retype (N|n)ew( UNIX)? (P|p)assword|(V|v)erification|(V|v)erify|(A|a)gain).*"
 set success_string     "((P|p)assword.* changed|successfully)"
 set login_string       "(((L|l)ogin|(U|u)sername).*)"
 set timeout            20
@@ -162,9 +162,9 @@ if {[string match $login "rlogin"]} {
 } elseif {[string match $login "slogin"]} {
    set pid [spawn slogin $host -l $user]
 } elseif {[string match $login "ssh"]} {
-   set pid [spawn ssh $host -l $user]
+   set pid [spawn ssh -t $host -l $user]
 } elseif {[string match $login "ssh-exec"]} {
-   set pid [spawn ssh $host -l $user $program]
+   set pid [spawn ssh -t $host -l $user $program]
 } elseif {[string match $login "sudo"]} {
    set pid [spawn sudo -u $user $program]
 } elseif {[string match $login "telnet"]} {
@@ -254,6 +254,8 @@ expect {
   -re $badpassword_string {puts $err "$expect_out(0,string)"
                            close $err
                            exit 1}
+  -re $prompt_string { sleep .5
+                       send exit\r}
   timeout             {puts $err "Could not change password.\n"
                        close $err
                        exit 1}
