version 1.8, 2014/03/19 14:56:44 |
version 1.9, 2014/03/20 15:04:35 |
|
|
ssize_t linelen; |
ssize_t linelen; |
mode_t old_umask; |
mode_t old_umask; |
int c, fd, loginlen, batch; |
int c, fd, loginlen, batch; |
char hash[_PASSWORD_LEN], *file, *line, *login, pass[1024], pass2[1024]; |
char hash[_PASSWORD_LEN], *line, *login, pass[1024], pass2[1024]; |
char salt[_PASSWORD_LEN], tmpl[sizeof("/tmp/htpasswd-XXXXXXXXXX")]; |
char salt[_PASSWORD_LEN], tmpl[sizeof("/tmp/htpasswd-XXXXXXXXXX")]; |
char *tok; |
char *tok; |
|
const char *file; |
|
|
file = NULL; |
file = NULL; |
login = NULL; |
login = NULL; |
|
|
else if (argc > 1) |
else if (argc > 1) |
usage(); |
usage(); |
if ((linelen = getline(&line, &linesize, stdin)) == -1) |
if ((linelen = getline(&line, &linesize, stdin)) == -1) |
err(1, "cannot read login:password from stdin\n"); |
err(1, "cannot read login:password from stdin"); |
line[linelen-1] = '\0'; |
line[linelen-1] = '\0'; |
|
|
if ((tok = strstr(line, ":")) == NULL) |
if ((tok = strstr(line, ":")) == NULL) |
errx(1, "cannot find ';' in input"); |
errx(1, "cannot find ':' in input"); |
*tok++ = '\0'; |
*tok++ = '\0'; |
|
|
if ((loginlen = asprintf(&login, "%s:", line)) == -1) |
if ((loginlen = asprintf(&login, "%s:", line)) == -1) |
err(1, "asprintf"); |
err(1, "asprintf"); |
|
|
if (strlcpy(pass, tok, sizeof(pass)) >= sizeof(pass)) |
if (strlcpy(pass, tok, sizeof(pass)) >= sizeof(pass)) |
errx(1, "password too long\n"); |
errx(1, "password too long"); |
} else { |
} else { |
|
|
switch (argc) { |
switch (argc) { |
|
|
} |
} |
|
|
if (strlcpy(salt, bcrypt_gensalt(8), sizeof(salt)) >= sizeof(salt)) |
if (strlcpy(salt, bcrypt_gensalt(8), sizeof(salt)) >= sizeof(salt)) |
err(1, "salt too long"); |
errx(1, "salt too long"); |
if (strlcpy(hash, bcrypt(pass, salt), sizeof(hash)) >= sizeof(hash)) |
if (strlcpy(hash, bcrypt(pass, salt), sizeof(hash)) >= sizeof(hash)) |
err(1, "hash too long"); |
errx(1, "hash too long"); |
explicit_bzero(pass, sizeof(pass)); |
explicit_bzero(pass, sizeof(pass)); |
|
|
if (file == NULL) |
if (file == NULL) |
|
|
!= -1) { |
!= -1) { |
if (strncmp(line, login, loginlen) != 0) { |
if (strncmp(line, login, loginlen) != 0) { |
if (fprintf(out, "%s", line) == -1) |
if (fprintf(out, "%s", line) == -1) |
err(1, "cannot write to temp " |
errx(1, "cannot write to temp " |
"file"); |
"file"); |
nag(line); |
nag(line); |
} |
} |
} |
} |
} |
} |
if (fprintf(out, "%s%s\n", login, hash) == -1) |
if (fprintf(out, "%s%s\n", login, hash) == -1) |
err(1, "cannot write new password hash"); |
errx(1, "cannot write new password hash"); |
|
|
/* file already exists, overwrite it */ |
/* file already exists, overwrite it */ |
if (in != NULL) { |
if (in != NULL) { |
|
|
while ((linelen = getline(&line, &linesize, out)) |
while ((linelen = getline(&line, &linesize, out)) |
!= -1) |
!= -1) |
if (fprintf(in, "%s", line) == -1) |
if (fprintf(in, "%s", line) == -1) |
err(1, "cannot write to password file"); |
errx(1, "cannot write to password " |
|
"file"); |
if (fclose(in) == EOF) |
if (fclose(in) == EOF) |
err(1, "cannot close password file"); |
err(1, "cannot close password file"); |
} |
} |
|
|
err(1, "cannot delete temp file (%s)", tmpl); |
err(1, "cannot delete temp file (%s)", tmpl); |
} |
} |
if (nagcount >= MAXNAG) |
if (nagcount >= MAXNAG) |
fprintf(stderr, "%d more logins not using bcryt.\n", |
warnx("%d more logins not using bcryt.", nagcount - MAXNAG); |
nagcount - MAXNAG); |
|
exit(0); |
exit(0); |
} |
} |
|
|
void |
void |
nag(char* line) |
nag(char* line) |
{ |
{ |
char *tok; |
const char *tok; |
if (strtok(line, ":") != NULL) |
if (strtok(line, ":") != NULL) |
if ((tok = strtok(NULL, ":")) != NULL) |
if ((tok = strtok(NULL, ":")) != NULL) |
if (strncmp(tok, "$2a$", 4) != 0 && |
if (strncmp(tok, "$2a$", 4) != 0 && |
strncmp(tok, "$2b$", 4) != 0) { |
strncmp(tok, "$2b$", 4) != 0) { |
nagcount++; |
nagcount++; |
if (nagcount <= MAXNAG) |
if (nagcount <= MAXNAG) |
fprintf(stderr, "%s doesn't use bcrypt." |
warnx("%s doesn't use bcrypt." |
" Update the password.\n", line); |
" Update the password.", line); |
} |
} |
} |
} |