[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: commit: ldap/servers/slapd slappasswd.c
- To: ando@OpenLDAP.org
- Subject: Re: commit: ldap/servers/slapd slappasswd.c
- From: Howard Chu <hyc@symas.com>
- Date: Wed, 10 May 2006 15:45:30 -0700
- Cc: OpenLDAP Commit <openldap-commit2devel@OpenLDAP.org>
- In-reply-to: <200605102212.k4AMCsRP067434@cantor.openldap.org>
- References: <200605102212.k4AMCsRP067434@cantor.openldap.org>
- User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9a1) Gecko/20060427 SeaMonkey/1.5a
I had already done something like this; I think the generate option
should ignore all other options and simply print the cleartext:
ando@OpenLDAP.org wrote:
Update of /repo/OpenLDAP/pkg/ldap/servers/slapd
Modified Files:
slappasswd.c 1.5 -> 1.6
Log Message:
allow slappasswd to generate cleartext secret
CVS Web URLs:
http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/
http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/slappasswd.c
Changes are generally available on cvs.openldap.org (and CVSweb)
within 30 minutes of being committed.
.
--
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc
OpenLDAP Core Team http://www.openldap.org/project/
Index: slappasswd.c
===================================================================
RCS file: /repo/OpenLDAP/pkg/ldap/servers/slapd/slappasswd.c,v
retrieving revision 1.5
diff -u -r1.5 slappasswd.c
--- slappasswd.c 3 Jan 2006 22:12:16 -0000 1.5
+++ slappasswd.c 10 May 2006 22:43:06 -0000
@@ -34,6 +34,7 @@
#include <ldap.h>
#include <lutil.h>
#include <lutil_sha1.h>
+#include <lber_pvt.h>
#include "ldap_defaults.h"
@@ -45,6 +46,7 @@
fprintf(stderr,
"Usage: %s [options]\n"
" -h hash\tpassword scheme\n"
+ " -r\t\tgenerate random password\n"
" -s secret\tnew password\n"
" -c format\tcrypt(3) salt format\n"
" -u\t\tgenerate RFC2307 values (default)\n"
@@ -70,11 +72,11 @@
const char *progname = "slappasswd";
int i;
- struct berval passwd;
+ struct berval passwd = BER_BVNULL;
struct berval hash;
while( (i = getopt( argc, argv,
- "c:d:h:s:T:vu" )) != EOF )
+ "c:d:h:rs:T:vu" )) != EOF )
{
switch (i) {
case 'c': /* crypt salt format */
@@ -86,6 +88,13 @@
scheme = strdup( optarg );
break;
+ case 'r': /* generate random password */
+ if ( lutil_passwd_generate( &passwd, 8 )) {
+ fprintf( stderr, "random generation failed\n" );
+ return EXIT_FAILURE;
+ }
+ break;
+
case 's': /* new password (secret) */
{
char* p;
@@ -120,7 +129,7 @@
if( lutil_get_filed_password( pwfile, &passwd )) {
return EXIT_FAILURE;
}
- } else {
+ } else if ( BER_BVISEMPTY( &passwd )) {
if( newpw == NULL ) {
/* prompt for new password */
char *cknewpw;
@@ -135,6 +144,10 @@
passwd.bv_val = newpw;
passwd.bv_len = strlen(passwd.bv_val);
+ } else {
+ /* Print the plaintext generated password */
+ printf( "%s\n", passwd.bv_val );
+ return EXIT_SUCCESS;
}
lutil_passwd_hash( &passwd, scheme, &hash, &text );