version 1.13, 2022/11/11 17:07:39 |
version 1.14, 2023/03/06 14:32:06 |
|
|
int use1; |
int use1; |
int useapr1; |
int useapr1; |
int usecrypt; |
int usecrypt; |
} passwd_config; |
} cfg; |
|
|
static const struct option passwd_options[] = { |
static const struct option passwd_options[] = { |
#ifndef NO_MD5CRYPT_1 |
#ifndef NO_MD5CRYPT_1 |
|
|
.name = "1", |
.name = "1", |
.desc = "Use MD5 based BSD password algorithm 1", |
.desc = "Use MD5 based BSD password algorithm 1", |
.type = OPTION_FLAG, |
.type = OPTION_FLAG, |
.opt.flag = &passwd_config.use1, |
.opt.flag = &cfg.use1, |
}, |
}, |
{ |
{ |
.name = "apr1", |
.name = "apr1", |
.desc = "Use apr1 algorithm (Apache variant of BSD algorithm)", |
.desc = "Use apr1 algorithm (Apache variant of BSD algorithm)", |
.type = OPTION_FLAG, |
.type = OPTION_FLAG, |
.opt.flag = &passwd_config.useapr1, |
.opt.flag = &cfg.useapr1, |
}, |
}, |
#endif |
#endif |
#ifndef OPENSSL_NO_DES |
#ifndef OPENSSL_NO_DES |
|
|
.name = "crypt", |
.name = "crypt", |
.desc = "Use crypt algorithm (default)", |
.desc = "Use crypt algorithm (default)", |
.type = OPTION_FLAG, |
.type = OPTION_FLAG, |
.opt.flag = &passwd_config.usecrypt, |
.opt.flag = &cfg.usecrypt, |
}, |
}, |
#endif |
#endif |
{ |
{ |
|
|
.argname = "file", |
.argname = "file", |
.desc = "Read passwords from specified file", |
.desc = "Read passwords from specified file", |
.type = OPTION_ARG, |
.type = OPTION_ARG, |
.opt.arg = &passwd_config.infile, |
.opt.arg = &cfg.infile, |
}, |
}, |
{ |
{ |
.name = "noverify", |
.name = "noverify", |
.desc = "Do not verify password", |
.desc = "Do not verify password", |
.type = OPTION_FLAG, |
.type = OPTION_FLAG, |
.opt.flag = &passwd_config.noverify, |
.opt.flag = &cfg.noverify, |
}, |
}, |
{ |
{ |
.name = "quiet", |
.name = "quiet", |
.desc = "Do not output warnings", |
.desc = "Do not output warnings", |
.type = OPTION_FLAG, |
.type = OPTION_FLAG, |
.opt.flag = &passwd_config.quiet, |
.opt.flag = &cfg.quiet, |
}, |
}, |
{ |
{ |
.name = "reverse", |
.name = "reverse", |
.desc = "Reverse table columns (requires -table)", |
.desc = "Reverse table columns (requires -table)", |
.type = OPTION_FLAG, |
.type = OPTION_FLAG, |
.opt.flag = &passwd_config.reverse, |
.opt.flag = &cfg.reverse, |
}, |
}, |
{ |
{ |
.name = "salt", |
.name = "salt", |
.argname = "string", |
.argname = "string", |
.desc = "Use specified salt", |
.desc = "Use specified salt", |
.type = OPTION_ARG, |
.type = OPTION_ARG, |
.opt.arg = &passwd_config.salt, |
.opt.arg = &cfg.salt, |
}, |
}, |
{ |
{ |
.name = "stdin", |
.name = "stdin", |
.desc = "Read passwords from stdin", |
.desc = "Read passwords from stdin", |
.type = OPTION_FLAG, |
.type = OPTION_FLAG, |
.opt.flag = &passwd_config.in_stdin, |
.opt.flag = &cfg.in_stdin, |
}, |
}, |
{ |
{ |
.name = "table", |
.name = "table", |
.desc = "Output cleartext and hashed passwords (tab separated)", |
.desc = "Output cleartext and hashed passwords (tab separated)", |
.type = OPTION_FLAG, |
.type = OPTION_FLAG, |
.opt.flag = &passwd_config.table, |
.opt.flag = &cfg.table, |
}, |
}, |
{ NULL }, |
{ NULL }, |
}; |
}; |
|
|
exit(1); |
exit(1); |
} |
} |
|
|
memset(&passwd_config, 0, sizeof(passwd_config)); |
memset(&cfg, 0, sizeof(cfg)); |
|
|
if (options_parse(argc, argv, passwd_options, NULL, &argsused) != 0) { |
if (options_parse(argc, argv, passwd_options, NULL, &argsused) != 0) { |
passwd_usage(); |
passwd_usage(); |
|
|
|
|
if (argsused < argc) |
if (argsused < argc) |
passwds = &argv[argsused]; |
passwds = &argv[argsused]; |
if (passwd_config.salt != NULL) |
if (cfg.salt != NULL) |
passed_salt = 1; |
passed_salt = 1; |
|
|
if (!passwd_config.usecrypt && !passwd_config.use1 && |
if (!cfg.usecrypt && !cfg.use1 && |
!passwd_config.useapr1) |
!cfg.useapr1) |
passwd_config.usecrypt = 1; /* use default */ |
cfg.usecrypt = 1; /* use default */ |
if (passwd_config.usecrypt + passwd_config.use1 + |
if (cfg.usecrypt + cfg.use1 + |
passwd_config.useapr1 > 1) |
cfg.useapr1 > 1) |
badopt = 1; /* conflicting options */ |
badopt = 1; /* conflicting options */ |
|
|
/* Reject unsupported algorithms */ |
/* Reject unsupported algorithms */ |
#ifdef OPENSSL_NO_DES |
#ifdef OPENSSL_NO_DES |
if (passwd_config.usecrypt) |
if (cfg.usecrypt) |
badopt = 1; |
badopt = 1; |
#endif |
#endif |
#ifdef NO_MD5CRYPT_1 |
#ifdef NO_MD5CRYPT_1 |
if (passwd_config.use1 || passwd_config.useapr1) |
if (cfg.use1 || cfg.useapr1) |
badopt = 1; |
badopt = 1; |
#endif |
#endif |
|
|
|
|
goto err; |
goto err; |
BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT); |
BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT); |
|
|
if (passwd_config.infile != NULL || passwd_config.in_stdin) { |
if (cfg.infile != NULL || cfg.in_stdin) { |
if ((in = BIO_new(BIO_s_file())) == NULL) |
if ((in = BIO_new(BIO_s_file())) == NULL) |
goto err; |
goto err; |
if (passwd_config.infile != NULL) { |
if (cfg.infile != NULL) { |
assert(passwd_config.in_stdin == 0); |
assert(cfg.in_stdin == 0); |
if (BIO_read_filename(in, passwd_config.infile) <= 0) |
if (BIO_read_filename(in, cfg.infile) <= 0) |
goto err; |
goto err; |
} else { |
} else { |
assert(passwd_config.in_stdin); |
assert(cfg.in_stdin); |
BIO_set_fp(in, stdin, BIO_NOCLOSE); |
BIO_set_fp(in, stdin, BIO_NOCLOSE); |
} |
} |
} |
} |
if (passwd_config.usecrypt) |
if (cfg.usecrypt) |
pw_maxlen = 8; |
pw_maxlen = 8; |
else if (passwd_config.use1 || passwd_config.useapr1) |
else if (cfg.use1 || cfg.useapr1) |
pw_maxlen = 256;/* arbitrary limit, should be enough for most |
pw_maxlen = 256;/* arbitrary limit, should be enough for most |
* passwords */ |
* passwords */ |
|
|
|
|
if (in == NULL) |
if (in == NULL) |
if (EVP_read_pw_string(passwd_malloc, |
if (EVP_read_pw_string(passwd_malloc, |
passwd_malloc_size, "Password: ", |
passwd_malloc_size, "Password: ", |
!(passed_salt || passwd_config.noverify)) != 0) |
!(passed_salt || cfg.noverify)) != 0) |
goto err; |
goto err; |
passwds[0] = passwd_malloc; |
passwds[0] = passwd_malloc; |
} |
} |
|
|
|
|
do { /* loop over list of passwords */ |
do { /* loop over list of passwords */ |
passwd = *passwds++; |
passwd = *passwds++; |
if (!do_passwd(passed_salt, &passwd_config.salt, |
if (!do_passwd(passed_salt, &cfg.salt, |
&salt_malloc, passwd, out, passwd_config.quiet, |
&salt_malloc, passwd, out, cfg.quiet, |
passwd_config.table, passwd_config.reverse, |
cfg.table, cfg.reverse, |
pw_maxlen, passwd_config.usecrypt, |
pw_maxlen, cfg.usecrypt, |
passwd_config.use1, passwd_config.useapr1)) |
cfg.use1, cfg.useapr1)) |
goto err; |
goto err; |
} while (*passwds != NULL); |
} while (*passwds != NULL); |
} else { |
} else { |
|
|
while ((r > 0) && (!strchr(trash, '\n'))); |
while ((r > 0) && (!strchr(trash, '\n'))); |
} |
} |
|
|
if (!do_passwd(passed_salt, &passwd_config.salt, |
if (!do_passwd(passed_salt, &cfg.salt, |
&salt_malloc, passwd, out, |
&salt_malloc, passwd, out, |
passwd_config.quiet, passwd_config.table, |
cfg.quiet, cfg.table, |
passwd_config.reverse, pw_maxlen, |
cfg.reverse, pw_maxlen, |
passwd_config.usecrypt, passwd_config.use1, |
cfg.usecrypt, cfg.use1, |
passwd_config.useapr1)) |
cfg.useapr1)) |
goto err; |
goto err; |
} |
} |
done = (r <= 0); |
done = (r <= 0); |