| version 1.8, 2014/03/19 14:56:44 |
version 1.9, 2014/03/20 15:04:35 |
|
|
| ssize_t linelen; |
ssize_t linelen; |
| mode_t old_umask; |
mode_t old_umask; |
| int c, fd, loginlen, batch; |
int c, fd, loginlen, batch; |
| char hash[_PASSWORD_LEN], *file, *line, *login, pass[1024], pass2[1024]; |
char hash[_PASSWORD_LEN], *line, *login, pass[1024], pass2[1024]; |
| char salt[_PASSWORD_LEN], tmpl[sizeof("/tmp/htpasswd-XXXXXXXXXX")]; |
char salt[_PASSWORD_LEN], tmpl[sizeof("/tmp/htpasswd-XXXXXXXXXX")]; |
| char *tok; |
char *tok; |
| |
const char *file; |
| |
|
| file = NULL; |
file = NULL; |
| login = NULL; |
login = NULL; |
|
|
| else if (argc > 1) |
else if (argc > 1) |
| usage(); |
usage(); |
| if ((linelen = getline(&line, &linesize, stdin)) == -1) |
if ((linelen = getline(&line, &linesize, stdin)) == -1) |
| err(1, "cannot read login:password from stdin\n"); |
err(1, "cannot read login:password from stdin"); |
| line[linelen-1] = '\0'; |
line[linelen-1] = '\0'; |
| |
|
| if ((tok = strstr(line, ":")) == NULL) |
if ((tok = strstr(line, ":")) == NULL) |
| errx(1, "cannot find ';' in input"); |
errx(1, "cannot find ':' in input"); |
| *tok++ = '\0'; |
*tok++ = '\0'; |
| |
|
| if ((loginlen = asprintf(&login, "%s:", line)) == -1) |
if ((loginlen = asprintf(&login, "%s:", line)) == -1) |
| err(1, "asprintf"); |
err(1, "asprintf"); |
| |
|
| if (strlcpy(pass, tok, sizeof(pass)) >= sizeof(pass)) |
if (strlcpy(pass, tok, sizeof(pass)) >= sizeof(pass)) |
| errx(1, "password too long\n"); |
errx(1, "password too long"); |
| } else { |
} else { |
| |
|
| switch (argc) { |
switch (argc) { |
|
|
| } |
} |
| |
|
| if (strlcpy(salt, bcrypt_gensalt(8), sizeof(salt)) >= sizeof(salt)) |
if (strlcpy(salt, bcrypt_gensalt(8), sizeof(salt)) >= sizeof(salt)) |
| err(1, "salt too long"); |
errx(1, "salt too long"); |
| if (strlcpy(hash, bcrypt(pass, salt), sizeof(hash)) >= sizeof(hash)) |
if (strlcpy(hash, bcrypt(pass, salt), sizeof(hash)) >= sizeof(hash)) |
| err(1, "hash too long"); |
errx(1, "hash too long"); |
| explicit_bzero(pass, sizeof(pass)); |
explicit_bzero(pass, sizeof(pass)); |
| |
|
| if (file == NULL) |
if (file == NULL) |
|
|
| != -1) { |
!= -1) { |
| if (strncmp(line, login, loginlen) != 0) { |
if (strncmp(line, login, loginlen) != 0) { |
| if (fprintf(out, "%s", line) == -1) |
if (fprintf(out, "%s", line) == -1) |
| err(1, "cannot write to temp " |
errx(1, "cannot write to temp " |
| "file"); |
"file"); |
| nag(line); |
nag(line); |
| } |
} |
| } |
} |
| } |
} |
| if (fprintf(out, "%s%s\n", login, hash) == -1) |
if (fprintf(out, "%s%s\n", login, hash) == -1) |
| err(1, "cannot write new password hash"); |
errx(1, "cannot write new password hash"); |
| |
|
| /* file already exists, overwrite it */ |
/* file already exists, overwrite it */ |
| if (in != NULL) { |
if (in != NULL) { |
|
|
| while ((linelen = getline(&line, &linesize, out)) |
while ((linelen = getline(&line, &linesize, out)) |
| != -1) |
!= -1) |
| if (fprintf(in, "%s", line) == -1) |
if (fprintf(in, "%s", line) == -1) |
| err(1, "cannot write to password file"); |
errx(1, "cannot write to password " |
| |
"file"); |
| if (fclose(in) == EOF) |
if (fclose(in) == EOF) |
| err(1, "cannot close password file"); |
err(1, "cannot close password file"); |
| } |
} |
|
|
| err(1, "cannot delete temp file (%s)", tmpl); |
err(1, "cannot delete temp file (%s)", tmpl); |
| } |
} |
| if (nagcount >= MAXNAG) |
if (nagcount >= MAXNAG) |
| fprintf(stderr, "%d more logins not using bcryt.\n", |
warnx("%d more logins not using bcryt.", nagcount - MAXNAG); |
| nagcount - MAXNAG); |
|
| exit(0); |
exit(0); |
| } |
} |
| |
|
| void |
void |
| nag(char* line) |
nag(char* line) |
| { |
{ |
| char *tok; |
const char *tok; |
| if (strtok(line, ":") != NULL) |
if (strtok(line, ":") != NULL) |
| if ((tok = strtok(NULL, ":")) != NULL) |
if ((tok = strtok(NULL, ":")) != NULL) |
| if (strncmp(tok, "$2a$", 4) != 0 && |
if (strncmp(tok, "$2a$", 4) != 0 && |
| strncmp(tok, "$2b$", 4) != 0) { |
strncmp(tok, "$2b$", 4) != 0) { |
| nagcount++; |
nagcount++; |
| if (nagcount <= MAXNAG) |
if (nagcount <= MAXNAG) |
| fprintf(stderr, "%s doesn't use bcrypt." |
warnx("%s doesn't use bcrypt." |
| " Update the password.\n", line); |
" Update the password.", line); |
| } |
} |
| } |
} |
![[BACK]](/icons/back.gif){kind=icon}
Return to htpasswd.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / htpasswd