[1765] | 1 | /* vi: set sw=4 ts=4: */
|
---|
| 2 | /*
|
---|
[2725] | 3 | * cryptpw.c - output a crypt(3)ed password to stdout.
|
---|
[1765] | 4 | *
|
---|
[2725] | 5 | * Licensed under GPLv2 or later, see file LICENSE in this source tree.
|
---|
| 6 | *
|
---|
[1765] | 7 | * Cooked from passwd.c by Thomas Lundquist <thomasez@zelow.no>
|
---|
[2725] | 8 | * mkpasswd compatible options added by Bernhard Reutner-Fischer
|
---|
| 9 | *
|
---|
| 10 | * Licensed under GPLv2, see file LICENSE in this source tree.
|
---|
[1765] | 11 | */
|
---|
[3621] | 12 | //config:config CRYPTPW
|
---|
| 13 | //config: bool "cryptpw"
|
---|
| 14 | //config: default y
|
---|
| 15 | //config: help
|
---|
| 16 | //config: Encrypts the given password with the crypt(3) libc function
|
---|
| 17 | //config: using the given salt.
|
---|
| 18 | //config:
|
---|
| 19 | //config:config MKPASSWD
|
---|
| 20 | //config: bool "mkpasswd"
|
---|
| 21 | //config: default y
|
---|
| 22 | //config: help
|
---|
| 23 | //config: Encrypts the given password with the crypt(3) libc function
|
---|
| 24 | //config: using the given salt. Debian has this utility under mkpasswd
|
---|
| 25 | //config: name. Busybox provides mkpasswd as an alias for cryptpw.
|
---|
[1765] | 26 |
|
---|
[3621] | 27 | //applet:IF_CRYPTPW(APPLET(cryptpw, BB_DIR_USR_BIN, BB_SUID_DROP))
|
---|
| 28 | // APPLET_ODDNAME:name main location suid_type help
|
---|
| 29 | //applet:IF_MKPASSWD(APPLET_ODDNAME(mkpasswd, cryptpw, BB_DIR_USR_BIN, BB_SUID_DROP, cryptpw))
|
---|
| 30 |
|
---|
| 31 | //kbuild:lib-$(CONFIG_CRYPTPW) += cryptpw.o
|
---|
| 32 | //kbuild:lib-$(CONFIG_MKPASSWD) += cryptpw.o
|
---|
| 33 |
|
---|
[3232] | 34 | //usage:#define cryptpw_trivial_usage
|
---|
| 35 | //usage: "[OPTIONS] [PASSWORD] [SALT]"
|
---|
| 36 | /* We do support -s, we just don't mention it */
|
---|
| 37 | //usage:#define cryptpw_full_usage "\n\n"
|
---|
| 38 | //usage: "Crypt PASSWORD using crypt(3)\n"
|
---|
| 39 | //usage: IF_LONG_OPTS(
|
---|
| 40 | //usage: "\n -P,--password-fd=N Read password from fd N"
|
---|
| 41 | /* //usage: "\n -s,--stdin Use stdin; like -P0" */
|
---|
| 42 | //usage: "\n -m,--method=TYPE Encryption method"
|
---|
| 43 | //usage: "\n -S,--salt=SALT"
|
---|
| 44 | //usage: )
|
---|
| 45 | //usage: IF_NOT_LONG_OPTS(
|
---|
| 46 | //usage: "\n -P N Read password from fd N"
|
---|
| 47 | /* //usage: "\n -s Use stdin; like -P0" */
|
---|
| 48 | //usage: "\n -m TYPE Encryption method TYPE"
|
---|
| 49 | //usage: "\n -S SALT"
|
---|
| 50 | //usage: )
|
---|
| 51 |
|
---|
[1765] | 52 | #include "libbb.h"
|
---|
| 53 |
|
---|
[2725] | 54 | /* Debian has 'mkpasswd' utility, manpage says:
|
---|
| 55 |
|
---|
| 56 | NAME
|
---|
| 57 | mkpasswd - Overfeatured front end to crypt(3)
|
---|
| 58 | SYNOPSIS
|
---|
| 59 | mkpasswd PASSWORD SALT
|
---|
| 60 | ...
|
---|
| 61 | OPTIONS
|
---|
| 62 | -S, --salt=STRING
|
---|
| 63 | Use the STRING as salt. It must not contain prefixes such as
|
---|
| 64 | $1$.
|
---|
| 65 | -R, --rounds=NUMBER
|
---|
| 66 | Use NUMBER rounds. This argument is ignored if the method
|
---|
| 67 | choosen does not support variable rounds. For the OpenBSD Blowfish
|
---|
| 68 | method this is the logarithm of the number of rounds.
|
---|
| 69 | -m, --method=TYPE
|
---|
| 70 | Compute the password using the TYPE method. If TYPE is 'help'
|
---|
| 71 | then the available methods are printed.
|
---|
| 72 | -P, --password-fd=NUM
|
---|
| 73 | Read the password from file descriptor NUM instead of using getpass(3).
|
---|
| 74 | If the file descriptor is not connected to a tty then
|
---|
| 75 | no other message than the hashed password is printed on stdout.
|
---|
| 76 | -s, --stdin
|
---|
| 77 | Like --password-fd=0.
|
---|
| 78 | ENVIRONMENT
|
---|
| 79 | $MKPASSWD_OPTIONS
|
---|
| 80 | A list of options which will be evaluated before the ones
|
---|
| 81 | specified on the command line.
|
---|
| 82 | BUGS
|
---|
| 83 | This programs suffers of a bad case of featuritis.
|
---|
| 84 | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
---|
| 85 |
|
---|
| 86 | Very true...
|
---|
| 87 |
|
---|
| 88 | cryptpw was in bbox before this gem, so we retain it, and alias mkpasswd
|
---|
| 89 | to cryptpw. -a option (alias for -m) came from cryptpw.
|
---|
| 90 | */
|
---|
| 91 |
|
---|
| 92 | int cryptpw_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
|
---|
| 93 | int cryptpw_main(int argc UNUSED_PARAM, char **argv)
|
---|
[1765] | 94 | {
|
---|
[3232] | 95 | char salt[MAX_PW_SALT_LEN];
|
---|
[2725] | 96 | char *salt_ptr;
|
---|
[3621] | 97 | char *password;
|
---|
[2725] | 98 | const char *opt_m, *opt_S;
|
---|
| 99 | int fd;
|
---|
[1765] | 100 |
|
---|
[2725] | 101 | #if ENABLE_LONG_OPTS
|
---|
| 102 | static const char mkpasswd_longopts[] ALIGN1 =
|
---|
| 103 | "stdin\0" No_argument "s"
|
---|
| 104 | "password-fd\0" Required_argument "P"
|
---|
| 105 | "salt\0" Required_argument "S"
|
---|
| 106 | "method\0" Required_argument "m"
|
---|
| 107 | ;
|
---|
| 108 | applet_long_options = mkpasswd_longopts;
|
---|
| 109 | #endif
|
---|
| 110 | fd = STDIN_FILENO;
|
---|
[3232] | 111 | opt_m = CONFIG_FEATURE_DEFAULT_PASSWD_ALGO;
|
---|
[2725] | 112 | opt_S = NULL;
|
---|
| 113 | /* at most two non-option arguments; -P NUM */
|
---|
| 114 | opt_complementary = "?2:P+";
|
---|
| 115 | getopt32(argv, "sP:S:m:a:", &fd, &opt_S, &opt_m, &opt_m);
|
---|
| 116 | argv += optind;
|
---|
| 117 |
|
---|
| 118 | /* have no idea how to handle -s... */
|
---|
| 119 |
|
---|
| 120 | if (argv[0] && !opt_S)
|
---|
| 121 | opt_S = argv[1];
|
---|
| 122 |
|
---|
[3232] | 123 | salt_ptr = crypt_make_pw_salt(salt, opt_m);
|
---|
[2725] | 124 | if (opt_S)
|
---|
[3232] | 125 | safe_strncpy(salt_ptr, opt_S, sizeof(salt) - (sizeof("$N$")-1));
|
---|
[1765] | 126 |
|
---|
[2725] | 127 | xmove_fd(fd, STDIN_FILENO);
|
---|
[1765] | 128 |
|
---|
[3621] | 129 | password = argv[0];
|
---|
| 130 | if (!password) {
|
---|
| 131 | /* Only mkpasswd, and only from tty, prompts.
|
---|
| 132 | * Otherwise it is a plain read. */
|
---|
| 133 | password = (ENABLE_MKPASSWD && isatty(STDIN_FILENO) && applet_name[0] == 'm')
|
---|
[2725] | 134 | ? bb_ask_stdin("Password: ")
|
---|
| 135 | : xmalloc_fgetline(stdin)
|
---|
[3621] | 136 | ;
|
---|
| 137 | /* may still be NULL on EOF/error */
|
---|
| 138 | }
|
---|
[2725] | 139 |
|
---|
[3621] | 140 | if (password)
|
---|
| 141 | puts(pw_encrypt(password, salt, 1));
|
---|
| 142 |
|
---|
[2725] | 143 | return EXIT_SUCCESS;
|
---|
[1765] | 144 | }
|
---|