servers/slapd/slappasswd.c - diff

Return to slappasswd.c CVS log

Up to [OpenLDAP] / servers / slapd

Diff for /servers/slapd/slappasswd.c between versions 1.5 and 1.5.2.5

version 1.5, 2006/01/03 22:12:16	version 1.5.2.5, 2008/02/11 23:26:44
Line 1	Line 1
/* $OpenLDAP: pkg/ldap/servers/slapd/slappasswd.c,v 1.4 2005/02/27 15:46:51 kurt Exp $ */	/* $OpenLDAP: pkg/ldap/servers/slapd/slappasswd.c,v 1.5.2.4 2007/08/31 23:14:00 quanah Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.	/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*	*
* Copyright 1998-2006 The OpenLDAP Foundation.	* Copyright 1998-2008 The OpenLDAP Foundation.
* Portions Copyright 1998-2003 Kurt D. Zeilenga.	* Portions Copyright 1998-2003 Kurt D. Zeilenga.
* All rights reserved.	* All rights reserved.
*	*
Line 32	Line 32
#include <ac/unistd.h>	#include <ac/unistd.h>

#include <ldap.h>	#include <ldap.h>
	#include <lber_pvt.h>
#include <lutil.h>	#include <lutil.h>
#include <lutil_sha1.h>	#include <lutil_sha1.h>

#include "ldap_defaults.h"	#include "ldap_defaults.h"
	#include "slap.h"

static int verbose = 0;	static int verbose = 0;

Line 44 usage(const char *s)	Line 46 usage(const char *s)
{	{
fprintf(stderr,	fprintf(stderr,
"Usage: %s [options]\n"	"Usage: %s [options]\n"
	" -c format\tcrypt(3) salt format\n"
	" -g\t\tgenerate random password\n"
" -h hash\tpassword scheme\n"	" -h hash\tpassword scheme\n"
	" -n\t\tomit trailing newline\n"
" -s secret\tnew password\n"	" -s secret\tnew password\n"
" -c format\tcrypt(3) salt format\n"
" -u\t\tgenerate RFC2307 values (default)\n"	" -u\t\tgenerate RFC2307 values (default)\n"
" -v\t\tincrease verbosity\n"	" -v\t\tincrease verbosity\n"
" -T file\tread file for new password\n"	" -T file\tread file for new password\n"
Line 59 int	Line 63 int
slappasswd( int argc, char *argv[] )	slappasswd( int argc, char *argv[] )
{	{
#ifdef LUTIL_SHA1_BYTES	#ifdef LUTIL_SHA1_BYTES
char *scheme = "{SSHA}";	char *default_scheme = "{SSHA}";
#else	#else
char *scheme = "{SMD5}";	char *default_scheme = "{SMD5}";
#endif	#endif
	char *scheme = default_scheme;

char *newpw = NULL;	char *newpw = NULL;
char *pwfile = NULL;	char *pwfile = NULL;
Line 70 slappasswd( int argc, char *argv[] )	Line 75 slappasswd( int argc, char *argv[] )
const char *progname = "slappasswd";	const char *progname = "slappasswd";

int i;	int i;
struct berval passwd;	char *newline = "\n";
	struct berval passwd = BER_BVNULL;
struct berval hash;	struct berval hash;

while( (i = getopt( argc, argv,	while( (i = getopt( argc, argv,
"c:d:h:s:T:vu" )) != EOF )	"c:d:gh:ns:T:vu" )) != EOF )
{	{
switch (i) {	switch (i) {
case 'c': /* crypt salt format */	case 'c': /* crypt salt format */
Line 82 slappasswd( int argc, char *argv[] )	Line 88 slappasswd( int argc, char *argv[] )
lutil_salt_format( optarg );	lutil_salt_format( optarg );
break;	break;

	case 'g': /* new password (generate) */
	if ( pwfile != NULL ) {
	fprintf( stderr, "Option -g incompatible with -T\n" );
	return EXIT_FAILURE;

	} else if ( newpw != NULL ) {
	fprintf( stderr, "New password already provided\n" );
	return EXIT_FAILURE;

	} else if ( lutil_passwd_generate( &passwd, 8 )) {
	fprintf( stderr, "Password generation failed\n" );
	return EXIT_FAILURE;
	}
	break;

case 'h': /* scheme */	case 'h': /* scheme */
scheme = strdup( optarg );	if ( scheme != default_scheme ) {
	fprintf( stderr, "Scheme already provided\n" );
	return EXIT_FAILURE;

	} else {
	scheme = ch_strdup( optarg );
	}
	break;

	case 'n':
	newline = "";
break;	break;

case 's': /* new password (secret) */	case 's': /* new password (secret) */
{	if ( pwfile != NULL ) {
	fprintf( stderr, "Option -s incompatible with -T\n" );
	return EXIT_FAILURE;

	} else if ( newpw != NULL ) {
	fprintf( stderr, "New password already provided\n" );
	return EXIT_FAILURE;

	} else {
char* p;	char* p;
newpw = strdup( optarg );	newpw = ch_strdup( optarg );

for( p = optarg; *p != '\0'; p++ ) {	for( p = optarg; *p != '\0'; p++ ) {
*p = '\0';	*p = '\0';
}	}
} break;	}
	break;

case 'T': /* password file */	case 'T': /* password file */
	if ( pwfile != NULL ) {
	fprintf( stderr, "Password file already provided\n" );
	return EXIT_FAILURE;

	} else if ( newpw != NULL ) {
	fprintf( stderr, "Option -T incompatible with -s/-g\n" );
	return EXIT_FAILURE;

	}
pwfile = optarg;	pwfile = optarg;
break;	break;

Line 120 slappasswd( int argc, char *argv[] )	Line 169 slappasswd( int argc, char *argv[] )
if( lutil_get_filed_password( pwfile, &passwd )) {	if( lutil_get_filed_password( pwfile, &passwd )) {
return EXIT_FAILURE;	return EXIT_FAILURE;
}	}
} else {	} else if ( BER_BVISEMPTY( &passwd )) {
if( newpw == NULL ) {	if( newpw == NULL ) {
/* prompt for new password */	/* prompt for new password */
char *cknewpw;	char *cknewpw;
newpw = strdup(getpassphrase("New password: "));	newpw = ch_strdup(getpassphrase("New password: "));
cknewpw = getpassphrase("Re-enter new password: ");	cknewpw = getpassphrase("Re-enter new password: ");

if( strcmp( newpw, cknewpw )) {	if( strcmp( newpw, cknewpw )) {
Line 135 slappasswd( int argc, char *argv[] )	Line 184 slappasswd( int argc, char *argv[] )

passwd.bv_val = newpw;	passwd.bv_val = newpw;
passwd.bv_len = strlen(passwd.bv_val);	passwd.bv_len = strlen(passwd.bv_val);
	} else {
	hash = passwd;
	goto print_pw;
}	}

lutil_passwd_hash( &passwd, scheme, &hash, &text );	lutil_passwd_hash( &passwd, scheme, &hash, &text );
Line 151 slappasswd( int argc, char *argv[] )	Line 203 slappasswd( int argc, char *argv[] )
return EXIT_FAILURE;	return EXIT_FAILURE;
}	}

printf( "%s\n" , hash.bv_val );	print_pw:;
	printf( "%s%s" , hash.bv_val, newline );
return EXIT_SUCCESS;	return EXIT_SUCCESS;
}	}

Removed from v.1.5
changed lines
	Added in v.1.5.2.5