version 1.33, 2014/11/03 16:47:55 |
version 1.34, 2014/12/24 22:04:26 |
|
|
* line. Useful for scripts and such. |
* line. Useful for scripts and such. |
*/ |
*/ |
|
|
#define DO_MAKEKEY 0 |
|
#define DO_DES 1 |
|
#define DO_BLF 2 |
|
|
|
extern char *__progname; |
extern char *__progname; |
char buffer[_PASSWORD_LEN]; |
|
|
|
void usage(void); |
void usage(void); |
int ideal_rounds(void); |
int ideal_rounds(void); |
void print_passwd(char *, int, void *); |
void print_passwd(char *, int, void *); |
|
|
|
#define DO_BLF 0 |
|
|
void |
void |
usage(void) |
usage(void) |
{ |
{ |
|
|
(void)fprintf(stderr, |
(void)fprintf(stderr, |
"usage: %s [-k] [-b rounds] [-c class] [-p | string] [-s salt]\n", |
"usage: %s [-b rounds] [-c class] [-p | string]\n", |
__progname); |
__progname); |
exit(1); |
exit(1); |
} |
} |
|
|
void |
void |
print_passwd(char *string, int operation, void *extra) |
print_passwd(char *string, int operation, void *extra) |
{ |
{ |
char msalt[3], *salt, *cryptstr; |
char buffer[_PASSWORD_LEN]; |
login_cap_t *lc; |
|
int pwd_gensalt(char *, int, login_cap_t *, char); |
|
void to64(char *, u_int32_t, int n); |
|
|
|
if (operation == DO_BLF) { |
if (operation == DO_BLF) { |
if (bcrypt_newhash(string, *(int *)extra, buffer, |
int rounds = *(int *)extra; |
sizeof(buffer)) != 0) |
if (bcrypt_newhash(string, rounds, buffer, sizeof(buffer)) != 0) |
errx(1, "bcrypt newhash failed"); |
errx(1, "bcrypt newhash failed"); |
fputs(buffer, stdout); |
fputs(buffer, stdout); |
return; |
return; |
} |
} else { |
|
login_cap_t *lc; |
|
const char *pref; |
|
|
switch(operation) { |
|
case DO_MAKEKEY: |
|
/* |
|
* makekey mode: parse string into separate DES key and salt. |
|
*/ |
|
if (strlen(string) != 10) { |
|
/* To be compatible... */ |
|
errx(1, "%s", strerror(EFTYPE)); |
|
} |
|
strlcpy(msalt, &string[8], sizeof msalt); |
|
salt = msalt; |
|
break; |
|
|
|
case DO_DES: |
|
salt = extra; |
|
break; |
|
|
|
default: |
|
if ((lc = login_getclass(extra)) == NULL) |
if ((lc = login_getclass(extra)) == NULL) |
errx(1, "unable to get login class `%s'", |
errx(1, "unable to get login class `%s'", |
extra ? (char *)extra : "default"); |
extra ? (char *)extra : "default"); |
if (!pwd_gensalt(buffer, _PASSWORD_LEN, lc, 'l')) |
pref = login_getcapstr(lc, "localcipher", NULL, NULL); |
errx(1, "can't generate salt"); |
if (crypt_newhash(string, pref, buffer, sizeof(buffer)) != 0) |
salt = buffer; |
errx(1, "can't generate hash"); |
break; |
|
} |
} |
|
|
if ((cryptstr = crypt(string, salt)) == NULL) |
fputs(buffer, stdout); |
errx(1, "crypt failed"); |
|
fputs(cryptstr, stdout); |
|
} |
} |
|
|
int |
int |
|
|
void *extra = NULL; /* Store salt or number of rounds */ |
void *extra = NULL; /* Store salt or number of rounds */ |
const char *errstr; |
const char *errstr; |
|
|
if (strcmp(__progname, "makekey") == 0) |
while ((opt = getopt(argc, argv, "pb:c:")) != -1) { |
operation = DO_MAKEKEY; |
|
|
|
while ((opt = getopt(argc, argv, "kps:b:c:")) != -1) { |
|
switch (opt) { |
switch (opt) { |
case 'k': /* Stdin/Stdout Unix crypt */ |
|
if (operation != -1 || prompt) |
|
usage(); |
|
operation = DO_MAKEKEY; |
|
break; |
|
|
|
case 'p': |
case 'p': |
if (operation == DO_MAKEKEY) |
|
usage(); |
|
prompt = 1; |
prompt = 1; |
break; |
break; |
|
|
case 's': /* Unix crypt (DES) */ |
|
if (operation != -1 || optarg[0] == '$') |
|
usage(); |
|
operation = DO_DES; |
|
extra = optarg; |
|
break; |
|
|
|
case 'b': /* Blowfish password hash */ |
case 'b': /* Blowfish password hash */ |
if (operation != -1) |
if (operation != -1) |
usage(); |
usage(); |
|
|
errx(1, "%s: %s", errstr, optarg); |
errx(1, "%s: %s", errstr, optarg); |
extra = &rounds; |
extra = &rounds; |
break; |
break; |
|
|
case 'c': /* user login class */ |
case 'c': /* user login class */ |
extra = optarg; |
extra = optarg; |
operation = -1; |
operation = -1; |
break; |
break; |
|
|
default: |
default: |
usage(); |
usage(); |
} |
} |
} |
} |
|
|
if (((argc - optind) < 1) || operation == DO_MAKEKEY) { |
if (((argc - optind) < 1)) { |
char line[BUFSIZ], *string; |
char line[BUFSIZ], *string; |
|
|
if (prompt) { |
if (prompt) { |
|
|
|
|
print_passwd(line, operation, extra); |
print_passwd(line, operation, extra); |
|
|
if (operation == DO_MAKEKEY) { |
|
fflush(stdout); |
|
break; |
|
} |
|
(void)fputc('\n', stdout); |
(void)fputc('\n', stdout); |
} |
} |
} |
} |