1 | /* vi: set sw=4 ts=4: */
|
---|
2 | /*
|
---|
3 | * cryptpw.c - output a crypt(3)ed password to stdout.
|
---|
4 | *
|
---|
5 | * Licensed under GPLv2 or later, see file LICENSE in this source tree.
|
---|
6 | *
|
---|
7 | * Cooked from passwd.c by Thomas Lundquist <thomasez@zelow.no>
|
---|
8 | * mkpasswd compatible options added by Bernhard Reutner-Fischer
|
---|
9 | *
|
---|
10 | * Licensed under GPLv2, see file LICENSE in this source tree.
|
---|
11 | */
|
---|
12 |
|
---|
13 | #include "libbb.h"
|
---|
14 |
|
---|
15 | /* Debian has 'mkpasswd' utility, manpage says:
|
---|
16 |
|
---|
17 | NAME
|
---|
18 | mkpasswd - Overfeatured front end to crypt(3)
|
---|
19 | SYNOPSIS
|
---|
20 | mkpasswd PASSWORD SALT
|
---|
21 | ...
|
---|
22 | OPTIONS
|
---|
23 | -S, --salt=STRING
|
---|
24 | Use the STRING as salt. It must not contain prefixes such as
|
---|
25 | $1$.
|
---|
26 | -R, --rounds=NUMBER
|
---|
27 | Use NUMBER rounds. This argument is ignored if the method
|
---|
28 | choosen does not support variable rounds. For the OpenBSD Blowfish
|
---|
29 | method this is the logarithm of the number of rounds.
|
---|
30 | -m, --method=TYPE
|
---|
31 | Compute the password using the TYPE method. If TYPE is 'help'
|
---|
32 | then the available methods are printed.
|
---|
33 | -P, --password-fd=NUM
|
---|
34 | Read the password from file descriptor NUM instead of using getpass(3).
|
---|
35 | If the file descriptor is not connected to a tty then
|
---|
36 | no other message than the hashed password is printed on stdout.
|
---|
37 | -s, --stdin
|
---|
38 | Like --password-fd=0.
|
---|
39 | ENVIRONMENT
|
---|
40 | $MKPASSWD_OPTIONS
|
---|
41 | A list of options which will be evaluated before the ones
|
---|
42 | specified on the command line.
|
---|
43 | BUGS
|
---|
44 | This programs suffers of a bad case of featuritis.
|
---|
45 | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
---|
46 |
|
---|
47 | Very true...
|
---|
48 |
|
---|
49 | cryptpw was in bbox before this gem, so we retain it, and alias mkpasswd
|
---|
50 | to cryptpw. -a option (alias for -m) came from cryptpw.
|
---|
51 | */
|
---|
52 |
|
---|
53 | int cryptpw_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
|
---|
54 | int cryptpw_main(int argc UNUSED_PARAM, char **argv)
|
---|
55 | {
|
---|
56 | /* $N$ + sha_salt_16_bytes + NUL */
|
---|
57 | char salt[3 + 16 + 1];
|
---|
58 | char *salt_ptr;
|
---|
59 | const char *opt_m, *opt_S;
|
---|
60 | int len;
|
---|
61 | int fd;
|
---|
62 |
|
---|
63 | #if ENABLE_LONG_OPTS
|
---|
64 | static const char mkpasswd_longopts[] ALIGN1 =
|
---|
65 | "stdin\0" No_argument "s"
|
---|
66 | "password-fd\0" Required_argument "P"
|
---|
67 | "salt\0" Required_argument "S"
|
---|
68 | "method\0" Required_argument "m"
|
---|
69 | ;
|
---|
70 | applet_long_options = mkpasswd_longopts;
|
---|
71 | #endif
|
---|
72 | fd = STDIN_FILENO;
|
---|
73 | opt_m = "d";
|
---|
74 | opt_S = NULL;
|
---|
75 | /* at most two non-option arguments; -P NUM */
|
---|
76 | opt_complementary = "?2:P+";
|
---|
77 | getopt32(argv, "sP:S:m:a:", &fd, &opt_S, &opt_m, &opt_m);
|
---|
78 | argv += optind;
|
---|
79 |
|
---|
80 | /* have no idea how to handle -s... */
|
---|
81 |
|
---|
82 | if (argv[0] && !opt_S)
|
---|
83 | opt_S = argv[1];
|
---|
84 |
|
---|
85 | len = 2/2;
|
---|
86 | salt_ptr = salt;
|
---|
87 | if (opt_m[0] != 'd') { /* not des */
|
---|
88 | len = 8/2; /* so far assuming md5 */
|
---|
89 | *salt_ptr++ = '$';
|
---|
90 | *salt_ptr++ = '1';
|
---|
91 | *salt_ptr++ = '$';
|
---|
92 | #if !ENABLE_USE_BB_CRYPT || ENABLE_USE_BB_CRYPT_SHA
|
---|
93 | if (opt_m[0] == 's') { /* sha */
|
---|
94 | salt[1] = '5' + (strcmp(opt_m, "sha512") == 0);
|
---|
95 | len = 16/2;
|
---|
96 | }
|
---|
97 | #endif
|
---|
98 | }
|
---|
99 | if (opt_S)
|
---|
100 | safe_strncpy(salt_ptr, opt_S, sizeof(salt) - 3);
|
---|
101 | else
|
---|
102 | crypt_make_salt(salt_ptr, len, 0);
|
---|
103 |
|
---|
104 | xmove_fd(fd, STDIN_FILENO);
|
---|
105 |
|
---|
106 | puts(pw_encrypt(
|
---|
107 | argv[0] ? argv[0] : (
|
---|
108 | /* Only mkpasswd, and only from tty, prompts.
|
---|
109 | * Otherwise it is a plain read. */
|
---|
110 | (isatty(STDIN_FILENO) && applet_name[0] == 'm')
|
---|
111 | ? bb_ask_stdin("Password: ")
|
---|
112 | : xmalloc_fgetline(stdin)
|
---|
113 | ),
|
---|
114 | salt, 1));
|
---|
115 |
|
---|
116 | return EXIT_SUCCESS;
|
---|
117 | }
|
---|