Attachment #351408 for bug #468306

View | Details | Raw Unified | Return to bug 468306
Collapse All | Expand All

Lines 110-115 Link Here

(-)support/htdbm.c (+1 lines)
110	#endif	110	#endif
111		111
112	apr_pool_create( pool, NULL);	112	apr_pool_create( pool, NULL);
		113	apr_pool_abort_set(abort_on_oom, *pool);
113	apr_file_open_stderr(&errfile, *pool);	114	apr_file_open_stderr(&errfile, *pool);
114	apr_signal(SIGINT, (void (*)(int)) htdbm_interrupted);	115	apr_signal(SIGINT, (void (*)(int)) htdbm_interrupted);
115		116





apr_file_t *errfile;

int abort_on_oom(int rc)
{
    const char *buf = "Error: out of memory\n";
    int written, count = strlen(buf);
    do {
        written = write(STDERR_FILENO, buf, count);
        if (written == count)
            break;
        if (written > 0) {
            buf += written;
            count -= written;
        }
    } while (written >= 0 || errno == EINTR);
    abort();
    /* NOTREACHED */
    return 0;
}

static int generate_salt(char *s, size_t size, const char **errstr,
                         apr_pool_t *pool)
{

void putline(apr_file_t *f, const char *l)
{
    apr_status_t rv;
    if (f == NULL)
        return;
    rv = apr_file_puts(l, f);
    if (rv != APR_SUCCESS) {
        apr_file_printf(errfile, "Error writing temp file: %pm", &rv);


int get_password(struct passwd_ctx *ctx)
{
    char buf[MAX_STRING_LEN + 1];
    if (ctx->passwd_src == PW_STDIN) {
        char *buf = ctx->out;
        apr_file_t *file_stdin;
        apr_size_t nread;
        if (apr_file_open_stdin(&file_stdin, ctx->pool) != APR_SUCCESS) {
            ctx->errstr = "Unable to read from stdin.";
            return ERR_GENERAL;
        }
        if (apr_file_read_full(file_stdin, buf, sizeof(buf) - 1,
                               &nread) != APR_EOF
            || nread == sizeof(buf) - 1) {
            goto err_too_long;
        }
        buf[nread] = '\0';

                buf[nread-2] = '\0';
        }
        apr_file_close(file_stdin);
        ctx->passwd = apr_pstrdup(ctx->pool, buf);
    }
    else if (ctx->passwd_src == PW_PROMPT_VERIFY) {
        apr_size_t bufsize = sizeof(buf);
        if (apr_password_get("Enter password: ", buf, &bufsize) != 0)
            goto err_too_long;
        ctx->passwd = apr_pstrdup(ctx->pool, buf);
    }
    else {
        char buf[MAX_STRING_LEN + 1];
        apr_size_t bufsize = sizeof(buf);
        if (apr_password_get("New password: ", buf, &bufsize) != 0)
            goto err_too_long;
        ctx->passwd = apr_pstrdup(ctx->pool, buf);
        bufsize = sizeof(buf);
        buf[0] = '\0';
        apr_password_get("Re-type new password: ", buf, &bufsize);
        if (strcmp(ctx->passwd, buf) != 0) {
            ctx->errstr = "password verification error";
            memset(ctx->passwd, '\0', strlen(ctx->passwd));
            memset(buf, '\0', sizeof(buf));
            return ERR_PWMISMATCH;
        }
        memset(buf, '\0', sizeof(buf));
    }
    memset(buf, '\0', sizeof(buf));
    return 0;

err_too_long:

int mkhash(struct passwd_ctx *ctx)
{
    char *pw;
    char pwin[MAX_STRING_LEN];
    char salt[16];
    apr_status_t rv;
    int ret = 0;

                        "Warning: Ignoring -C argument for this algorithm." NL);
    }

    if (ctx->passwd == NULL) {
        pw = ctx->passwd;
    }
    else {
        if ((ret = get_password(ctx)) != 0)
            return ret;
        pw = pwin;
    }
    pw = ctx->passwd;

    switch (ctx->alg) {
    case ALG_APSHA:


        apr_cpystrn(ctx->out, cbuf, ctx->out_len - 1);
        if (strlen(pw) > 8) {
            char *truncpw = apr_pstrdup(ctx->pool, pw);
            truncpw[8] = '\0';
            if (!strcmp(ctx->out, crypt(truncpw, salt))) {
                apr_file_printf(errfile, "Warning: Password truncated to 8 "
                                "characters by CRYPT algorithm." NL);
            }
            memset(truncpw, '\0', strlen(pw));
            free(truncpw);
        }
        break;
#endif /* CRYPT_ALGO_SUPPORTED */




    char ch;
    apr_status_t rv = APR_EINVAL;

    /* we need 2 remaining bytes in buffer */
    while (i < (n - 2) &&
           ((rv = apr_file_getc(&ch, f)) == APR_SUCCESS) && (ch != '\n')) {
        s[i++] = ch;
    }
    /* First remaining byte potentially used here */
    if (ch == '\n')
        s[i++] = ch;
    /* Second remaining byte used here */
    s[i] = '\0';

    if (rv != APR_SUCCESS)

#if APR_CHARSET_EBCDIC
    rv = apr_xlate_open(&to_ascii, "ISO-8859-1", APR_DEFAULT_CHARSET, cntxt);
    if (rv) {
        apr_file_printf(errfile, "apr_xlate_open(): %pm (%d)\n",
                &rv, rv);
        exit(1);
    }
#endif

        rv = apr_file_open(&f, argv[2], APR_WRITE | APR_CREATE,
                           APR_OS_DEFAULT, cntxt);
        if (rv != APR_SUCCESS) {
            apr_file_printf(errfile, "Could not open passwd file %s for writing: %pm\n",
                    argv[2], &rv);
            apr_file_printf(errfile, "Could not open passwd file %s for writing: %s\n",
                    argv[2],
                    apr_strerror(rv, errmsg, sizeof errmsg));
            exit(1);
        }
        apr_cpystrn(user, argv[4], sizeof(user));




    enum {
        PW_PROMPT = 0,
        PW_ARG,
        PW_STDIN,
        PW_PROMPT_VERIFY,
    } passwd_src;
};


/*
 * To be used as apr_pool_abort_fn
 */
int abort_on_oom(int rc);

/*
 * Write a line to the file. On error, print a message and exit
 */
void putline(apr_file_t *f, const char *l);




#define APHTP_NEWFILE        1
#define APHTP_NOFILE         2
#define APHTP_DELUSER        4
#define APHTP_VERIFY         8

apr_file_t *ftemp = NULL;


static void usage(void)
{
    apr_file_printf(errfile, "Usage:" NL
        "\thtpasswd [-cimBdpsDv] [-C cost] passwordfile username" NL
        "\thtpasswd -b[cmBdpsDv] [-C cost] passwordfile username password" NL
        NL
        "\thtpasswd -n[imBdps] [-C cost] username" NL
        "\thtpasswd -nb[mBdps] [-C cost] username password" NL

        " -s  Force SHA encryption of the password (insecure)." NL
        " -p  Do not encrypt the password (plaintext, insecure)." NL
        " -D  Delete the specified user." NL
        " -v  Verify password for the specified user." NL
        "On other systems than Windows and NetWare the '-p' flag will "
            "probably not work." NL
        "The SHA algorithm does not use a salt and is less secure than the "

}

static void check_args(int argc, const char *const argv[],
                       struct passwd_ctx *ctx, unsigned *mask, char **user,
                       char **pwfilename)
{
    const char *arg;

    if (rv != APR_SUCCESS)
        exit(ERR_SYNTAX);

    while ((rv = apr_getopt(state, "cnmspdBbDiC:v", &opt, &opt_arg)) == APR_SUCCESS) {
        switch (opt) {
        case 'c':
            *mask |= APHTP_NEWFILE;

        case 'D':
            *mask |= APHTP_DELUSER;
            break;
        case 'v':
            *mask |= APHTP_VERIFY;
            break;
        default:
            ret = parse_common_options(ctx, opt, opt_arg);
            if (ret) {

    if (rv != APR_EOF)
        usage();

    if ((*mask) & (*mask - 1)) {
        /* not a power of two, i.e. more than one flag specified */
        apr_file_printf(errfile, "%s: only one of -c -n -v -D may be specified" NL,
            argv[0]);
        exit(ERR_SYNTAX);
    }
    if ((*mask & APHTP_VERIFY) && ctx->passwd_src == PW_PROMPT)
        ctx->passwd_src = PW_PROMPT_VERIFY;

    }
    if ((*mask & APHTP_NOFILE) && (*mask & APHTP_DELUSER)) {
        apr_file_printf(errfile, "%s: -n and -D options conflict" NL, argv[0]);
        exit(ERR_SYNTAX);
    }
    /*
     * Make sure we still have exactly the right number of arguments left
     * (the filename, the username, and possibly the password if -b was

    }
}

static int verify(struct passwd_ctx *ctx, const char *hash)
{
    apr_status_t rv;
    int ret;

    if (ctx->passwd == NULL && (ret = get_password(ctx)) != 0)
       return ret;
    rv = apr_password_validate(ctx->passwd, hash);
    if (rv == APR_SUCCESS)
        return 0;
    if (APR_STATUS_IS_EMISMATCH(rv)) {
        ctx->errstr = "password verification failed";
        return ERR_PWMISMATCH;
    }
    ctx->errstr = apr_psprintf(ctx->pool, "Could not verify password: %pm",
                               &rv);
    return ERR_GENERAL;
}

/*
 * Let's do it.  We end up doing a lot of file opening and closing,
 * but what do we care?  This application isn't run constantly.

int main(int argc, const char * const argv[])
{
    apr_file_t *fpw = NULL;
    const char *errstr = NULL;
    char line[MAX_STRING_LEN];
    char *pwfilename = NULL;
    char *user = NULL;

    char *scratch, cp[MAX_STRING_LEN];
    int found = 0;
    int i;
    unsigned mask = 0;
    apr_pool_t *pool;
    int existing_file = 0;
    struct passwd_ctx ctx = { 0 };

    apr_app_initialize(&argc, &argv, NULL);
    atexit(terminate);
    apr_pool_create(&pool, NULL);
    apr_pool_abort_set(abort_on_oom, pool);
    apr_file_open_stderr(&errfile, pool);
    ctx.pool = pool;
    ctx.alg = ALG_APMD5;

     * Any error message text is returned in the record buffer, since
     * the mkrecord() routine doesn't have access to argv[].
     */
    if ((mask & (APHTP_DELUSER|APHTP_VERIFY)) == 0) {
        i = mkrecord(&ctx, user);
        if (i != 0) {
            apr_file_printf(errfile, "%s: %s" NL, argv[0], ctx.errstr);
            exit(i);
        }
        if (mask & APHTP_NOFILE) {

        }
    }

    if ((mask & APHTP_VERIFY) == 0) {
        /*
         * We can access the files the right way, and we have a record
         * to add or update.  Let's do it..
         */
        if (apr_temp_dir_get((const char**)&dirname, pool) != APR_SUCCESS) {
            apr_file_printf(errfile, "%s: could not determine temp dir" NL,
                            argv[0]);
            exit(ERR_FILEPERM);
        }
        dirname = apr_psprintf(pool, "%s/%s", dirname, tn);

        if (apr_file_mktemp(&ftemp, dirname, 0, pool) != APR_SUCCESS) {
            apr_file_printf(errfile, "%s: unable to create temporary file %s" NL,
                            argv[0], dirname);
            exit(ERR_FILEPERM);
        }
    }

    /*

                continue;
            }
            else {
                /* We found the user we were looking for */
                found++;
                if ((mask & APHTP_DELUSER)) {
                    /* Delete entry from the file */
                    apr_file_printf(errfile, "Deleting ");
                }
                else if ((mask & APHTP_VERIFY)) {
                    /* Verify */
                    char *hash = colon + 1;
                    size_t len;

                    len = strcspn(hash, "\r\n");
                    if (len == 0) {
                        apr_file_printf(errfile, "Empty hash for user %s" NL,
                                        user);
                        exit(ERR_INVALID);
                    }
                    hash[len] = '\0';

                    i = verify(&ctx, hash);
                    if (i != 0) {
                        apr_file_printf(errfile, "%s" NL, ctx.errstr);
                        exit(i);
                    }
                }
                else {
                    /* Update entry */
                    apr_file_printf(errfile, "Updating ");
                    putline(ftemp, ctx.out);
                    found++;
                }
                else {
                    /* We found the user we were looking for.
                     * Delete them from the file.
                     */
                    apr_file_printf(errfile, "Deleting ");
                    found++;
                }
            }
        }
        apr_file_close(fpw);
    }
    if (!found) {
        if (mask & APHTP_DELUSER) {
            apr_file_printf(errfile, "User %s not found" NL, user);
            exit(0);
        }
        else if (mask & APHTP_VERIFY) {
            apr_file_printf(errfile, "User %s not found" NL, user);
            exit(ERR_BADUSER);
        }
        else {
            apr_file_printf(errfile, "Adding ");
            putline(ftemp, ctx.out);
        }
    }
    if (mask & APHTP_VERIFY) {
        apr_file_printf(errfile, "Password for user %s correct." NL, user);
        exit(0);
    }

    apr_file_printf(errfile, "password for user %s" NL, user);

    /* The temporary file has all the data, just copy it to the new location.

Return to bug 468306

Lines 46-51 Link Here

(-)support/passwd_common.c (-16 / +40 lines)
46		46
47	apr_file_t *errfile;	47	apr_file_t *errfile;
48		48
		49	int abort_on_oom(int rc)
		50	{
		51	const char *buf = "Error: out of memory\n";
		52	int written, count = strlen(buf);
		53	do {
		54	written = write(STDERR_FILENO, buf, count);
		55	if (written == count)
		56	break;
		57	if (written > 0) {
		58	buf += written;
		59	count -= written;
		60	}
		61	} while (written >= 0 \|\| errno == EINTR);
		62	abort();
		63	/* NOTREACHED */
		64	return 0;
		65	}
		66
49	static int generate_salt(char s, size_t size, const char *errstr,	67	static int generate_salt(char s, size_t size, const char *errstr,
50	apr_pool_t *pool)	68	apr_pool_t *pool)
51	{	69	{
Lines 85-90 Link Here
85	void putline(apr_file_t f, const char l)	103	void putline(apr_file_t f, const char l)
86	{	104	{
87	apr_status_t rv;	105	apr_status_t rv;
		106	if (f == NULL)
		107	return;
88	rv = apr_file_puts(l, f);	108	rv = apr_file_puts(l, f);
89	if (rv != APR_SUCCESS) {	109	if (rv != APR_SUCCESS) {
90	apr_file_printf(errfile, "Error writing temp file: %pm", &rv);	110	apr_file_printf(errfile, "Error writing temp file: %pm", &rv);
Lines 95-111 Link Here
95		115
96	int get_password(struct passwd_ctx *ctx)	116	int get_password(struct passwd_ctx *ctx)
97	{	117	{
		118	char buf[MAX_STRING_LEN + 1];
98	if (ctx->passwd_src == PW_STDIN) {	119	if (ctx->passwd_src == PW_STDIN) {
99	char *buf = ctx->out;
100	apr_file_t *file_stdin;	120	apr_file_t *file_stdin;
101	apr_size_t nread;	121	apr_size_t nread;
102	if (apr_file_open_stdin(&file_stdin, ctx->pool) != APR_SUCCESS) {	122	if (apr_file_open_stdin(&file_stdin, ctx->pool) != APR_SUCCESS) {
103	ctx->errstr = "Unable to read from stdin.";	123	ctx->errstr = "Unable to read from stdin.";
104	return ERR_GENERAL;	124	return ERR_GENERAL;
105	}	125	}
106	if (apr_file_read_full(file_stdin, buf, ctx->out_len - 1,	126	if (apr_file_read_full(file_stdin, buf, sizeof(buf) - 1,
107	&nread) != APR_EOF	127	&nread) != APR_EOF
108	\|\| nread == ctx->out_len - 1) {	128	\|\| nread == sizeof(buf) - 1) {
109	goto err_too_long;	129	goto err_too_long;
110	}	130	}
111	buf[nread] = '\0';	131	buf[nread] = '\0';
Lines 115-135 Link Here
115	buf[nread-2] = '\0';	135	buf[nread-2] = '\0';
116	}	136	}
117	apr_file_close(file_stdin);	137	apr_file_close(file_stdin);
		138	ctx->passwd = apr_pstrdup(ctx->pool, buf);
118	}	139	}
		140	else if (ctx->passwd_src == PW_PROMPT_VERIFY) {
		141	apr_size_t bufsize = sizeof(buf);
		142	if (apr_password_get("Enter password: ", buf, &bufsize) != 0)
		143	goto err_too_long;
		144	ctx->passwd = apr_pstrdup(ctx->pool, buf);
		145	}
119	else {	146	else {
120	char buf[MAX_STRING_LEN + 1];
121	apr_size_t bufsize = sizeof(buf);	147	apr_size_t bufsize = sizeof(buf);
122	if (apr_password_get("New password: ", ctx->out, &ctx->out_len) != 0)	148	if (apr_password_get("New password: ", buf, &bufsize) != 0)
123	goto err_too_long;	149	goto err_too_long;
		150	ctx->passwd = apr_pstrdup(ctx->pool, buf);
		151	bufsize = sizeof(buf);
		152	buf[0] = '\0';
124	apr_password_get("Re-type new password: ", buf, &bufsize);	153	apr_password_get("Re-type new password: ", buf, &bufsize);
125	if (strcmp(ctx->out, buf) != 0) {	154	if (strcmp(ctx->passwd, buf) != 0) {
126	ctx->errstr = "password verification error";	155	ctx->errstr = "password verification error";
127	memset(ctx->out, '\0', ctx->out_len);	156	memset(ctx->passwd, '\0', strlen(ctx->passwd));
128	memset(buf, '\0', sizeof(buf));	157	memset(buf, '\0', sizeof(buf));
129	return ERR_PWMISMATCH;	158	return ERR_PWMISMATCH;
130	}	159	}
131	memset(buf, '\0', sizeof(buf));
132	}	160	}
		161	memset(buf, '\0', sizeof(buf));
133	return 0;	162	return 0;
134		163
135	err_too_long:	164	err_too_long:
Lines 146-152 Link Here
146	int mkhash(struct passwd_ctx *ctx)	175	int mkhash(struct passwd_ctx *ctx)
147	{	176	{
148	char *pw;	177	char *pw;
149	char pwin[MAX_STRING_LEN];
150	char salt[16];	178	char salt[16];
151	apr_status_t rv;	179	apr_status_t rv;
152	int ret = 0;	180	int ret = 0;
Lines 159-172 Link Here
159	"Warning: Ignoring -C argument for this algorithm." NL);	187	"Warning: Ignoring -C argument for this algorithm." NL);
160	}	188	}
161		189
162	if (ctx->passwd != NULL) {	190	if (ctx->passwd == NULL) {
163	pw = ctx->passwd;
164	}
165	else {
166	if ((ret = get_password(ctx)) != 0)	191	if ((ret = get_password(ctx)) != 0)
167	return ret;	192	return ret;
168	pw = pwin;
169	}	193	}
		194	pw = ctx->passwd;
170		195
171	switch (ctx->alg) {	196	switch (ctx->alg) {
172	case ALG_APSHA:	197	case ALG_APSHA:
Lines 206-219 Link Here
206		231
207	apr_cpystrn(ctx->out, cbuf, ctx->out_len - 1);	232	apr_cpystrn(ctx->out, cbuf, ctx->out_len - 1);
208	if (strlen(pw) > 8) {	233	if (strlen(pw) > 8) {
209	char *truncpw = strdup(pw);	234	char *truncpw = apr_pstrdup(ctx->pool, pw);
210	truncpw[8] = '\0';	235	truncpw[8] = '\0';
211	if (!strcmp(ctx->out, crypt(truncpw, salt))) {	236	if (!strcmp(ctx->out, crypt(truncpw, salt))) {
212	apr_file_printf(errfile, "Warning: Password truncated to 8 "	237	apr_file_printf(errfile, "Warning: Password truncated to 8 "
213	"characters by CRYPT algorithm." NL);	238	"characters by CRYPT algorithm." NL);
214	}	239	}
215	memset(truncpw, '\0', strlen(pw));	240	memset(truncpw, '\0', strlen(pw));
216	free(truncpw);
217	}	241	}
218	break;	242	break;
219	#endif /* CRYPT_ALGO_SUPPORTED */	243	#endif /* CRYPT_ALGO_SUPPORTED */

Lines 96-107 Link Here

(-)support/htdigest.c (-8 / +8 lines)
96	char ch;	96	char ch;
97	apr_status_t rv = APR_EINVAL;	97	apr_status_t rv = APR_EINVAL;
98		98
99	while (i < (n - 1) &&	99	/* we need 2 remaining bytes in buffer */
		100	while (i < (n - 2) &&
100	((rv = apr_file_getc(&ch, f)) == APR_SUCCESS) && (ch != '\n')) {	101	((rv = apr_file_getc(&ch, f)) == APR_SUCCESS) && (ch != '\n')) {
101	s[i++] = ch;	102	s[i++] = ch;
102	}	103	}
		104	/* First remaining byte potentially used here */
103	if (ch == '\n')	105	if (ch == '\n')
104	s[i++] = ch;	106	s[i++] = ch;
		107	/* Second remaining byte used here */
105	s[i] = '\0';	108	s[i] = '\0';
106		109
107	if (rv != APR_SUCCESS)	110	if (rv != APR_SUCCESS)
Lines 202-209 Link Here
202	#if APR_CHARSET_EBCDIC	205	#if APR_CHARSET_EBCDIC
203	rv = apr_xlate_open(&to_ascii, "ISO-8859-1", APR_DEFAULT_CHARSET, cntxt);	206	rv = apr_xlate_open(&to_ascii, "ISO-8859-1", APR_DEFAULT_CHARSET, cntxt);
204	if (rv) {	207	if (rv) {
205	apr_file_printf(errfile, "apr_xlate_open(): %s (%d)\n",	208	apr_file_printf(errfile, "apr_xlate_open(): %pm (%d)\n",
206	apr_strerror(rv, line, sizeof(line)), rv);	209	&rv, rv);
207	exit(1);	210	exit(1);
208	}	211	}
209	#endif	212	#endif
Lines 215-225 Link Here
215	rv = apr_file_open(&f, argv[2], APR_WRITE \| APR_CREATE,	218	rv = apr_file_open(&f, argv[2], APR_WRITE \| APR_CREATE,
216	APR_OS_DEFAULT, cntxt);	219	APR_OS_DEFAULT, cntxt);
217	if (rv != APR_SUCCESS) {	220	if (rv != APR_SUCCESS) {
218	char errmsg[120];	221	apr_file_printf(errfile, "Could not open passwd file %s for writing: %pm\n",
219		222	argv[2], &rv);
220	apr_file_printf(errfile, "Could not open passwd file %s for writing: %s\n",
221	argv[2],
222	apr_strerror(rv, errmsg, sizeof errmsg));
223	exit(1);	223	exit(1);
224	}	224	}
225	apr_cpystrn(user, argv[4], sizeof(user));	225	apr_cpystrn(user, argv[4], sizeof(user));

Lines 80-90 Link Here

(-)support/passwd_common.h (-1 / +8 lines)
80	enum {	80	enum {
81	PW_PROMPT = 0,	81	PW_PROMPT = 0,
82	PW_ARG,	82	PW_ARG,
83	PW_STDIN	83	PW_STDIN,
		84	PW_PROMPT_VERIFY,
84	} passwd_src;	85	} passwd_src;
85	};	86	};
86		87
		88
87	/*	89	/*
		90	* To be used as apr_pool_abort_fn
		91	*/
		92	int abort_on_oom(int rc);
		93
		94	/*
88	* Write a line to the file. On error, print a message and exit	95	* Write a line to the file. On error, print a message and exit
89	*/	96	*/
90	void putline(apr_file_t f, const char l);	97	void putline(apr_file_t f, const char l);

Lines 67-72 Link Here

(-)support/htpasswd.c (-49 / +98 lines)
67	#define APHTP_NEWFILE 1	67	#define APHTP_NEWFILE 1
68	#define APHTP_NOFILE 2	68	#define APHTP_NOFILE 2
69	#define APHTP_DELUSER 4	69	#define APHTP_DELUSER 4
		70	#define APHTP_VERIFY 8
70		71
71	apr_file_t *ftemp = NULL;	72	apr_file_t *ftemp = NULL;
72		73
Lines 92-99 Link Here
92	static void usage(void)	93	static void usage(void)
93	{	94	{
94	apr_file_printf(errfile, "Usage:" NL	95	apr_file_printf(errfile, "Usage:" NL
95	"\thtpasswd [-cimBdpsD] [-C cost] passwordfile username" NL	96	"\thtpasswd [-cimBdpsDv] [-C cost] passwordfile username" NL
96	"\thtpasswd -b[cmBdpsD] [-C cost] passwordfile username password" NL	97	"\thtpasswd -b[cmBdpsDv] [-C cost] passwordfile username password" NL
97	NL	98	NL
98	"\thtpasswd -n[imBdps] [-C cost] username" NL	99	"\thtpasswd -n[imBdps] [-C cost] username" NL
99	"\thtpasswd -nb[mBdps] [-C cost] username password" NL	100	"\thtpasswd -nb[mBdps] [-C cost] username password" NL
Lines 110-115 Link Here
110	" -s Force SHA encryption of the password (insecure)." NL	111	" -s Force SHA encryption of the password (insecure)." NL
111	" -p Do not encrypt the password (plaintext, insecure)." NL	112	" -p Do not encrypt the password (plaintext, insecure)." NL
112	" -D Delete the specified user." NL	113	" -D Delete the specified user." NL
		114	" -v Verify password for the specified user." NL
113	"On other systems than Windows and NetWare the '-p' flag will "	115	"On other systems than Windows and NetWare the '-p' flag will "
114	"probably not work." NL	116	"probably not work." NL
115	"The SHA algorithm does not use a salt and is less secure than the "	117	"The SHA algorithm does not use a salt and is less secure than the "
Lines 155-161 Link Here
155	}	157	}
156		158
157	static void check_args(int argc, const char *const argv[],	159	static void check_args(int argc, const char *const argv[],
158	struct passwd_ctx ctx, int mask, char **user,	160	struct passwd_ctx ctx, unsigned mask, char **user,
159	char **pwfilename)	161	char **pwfilename)
160	{	162	{
161	const char *arg;	163	const char *arg;
Lines 171-177 Link Here
171	if (rv != APR_SUCCESS)	173	if (rv != APR_SUCCESS)
172	exit(ERR_SYNTAX);	174	exit(ERR_SYNTAX);
173		175
174	while ((rv = apr_getopt(state, "cnmspdBbDiC:", &opt, &opt_arg)) == APR_SUCCESS) {	176	while ((rv = apr_getopt(state, "cnmspdBbDiC:v", &opt, &opt_arg)) == APR_SUCCESS) {
175	switch (opt) {	177	switch (opt) {
176	case 'c':	178	case 'c':
177	*mask \|= APHTP_NEWFILE;	179	*mask \|= APHTP_NEWFILE;
Lines 183-188 Link Here
183	case 'D':	185	case 'D':
184	*mask \|= APHTP_DELUSER;	186	*mask \|= APHTP_DELUSER;
185	break;	187	break;
		188	case 'v':
		189	*mask \|= APHTP_VERIFY;
		190	break;
186	default:	191	default:
187	ret = parse_common_options(ctx, opt, opt_arg);	192	ret = parse_common_options(ctx, opt, opt_arg);
188	if (ret) {	193	if (ret) {
Lines 196-213 Link Here
196	if (rv != APR_EOF)	201	if (rv != APR_EOF)
197	usage();	202	usage();
198		203
199	if ((mask & APHTP_NEWFILE) && (mask & APHTP_NOFILE)) {	204	if ((mask) & (mask - 1)) {
200	apr_file_printf(errfile, "%s: -c and -n options conflict" NL, argv[0]);	205	/* not a power of two, i.e. more than one flag specified */
		206	apr_file_printf(errfile, "%s: only one of -c -n -v -D may be specified" NL,
		207	argv[0]);
201	exit(ERR_SYNTAX);	208	exit(ERR_SYNTAX);
202	}	209	}
203	if ((mask & APHTP_NEWFILE) && (mask & APHTP_DELUSER)) {	210	if ((*mask & APHTP_VERIFY) && ctx->passwd_src == PW_PROMPT)
204	apr_file_printf(errfile, "%s: -c and -D options conflict" NL, argv[0]);	211	ctx->passwd_src = PW_PROMPT_VERIFY;
205	exit(ERR_SYNTAX);	212
206	}
207	if ((mask & APHTP_NOFILE) && (mask & APHTP_DELUSER)) {
208	apr_file_printf(errfile, "%s: -n and -D options conflict" NL, argv[0]);
209	exit(ERR_SYNTAX);
210	}
211	/*	213	/*
212	* Make sure we still have exactly the right number of arguments left	214	* Make sure we still have exactly the right number of arguments left
213	* (the filename, the username, and possibly the password if -b was	215	* (the filename, the username, and possibly the password if -b was
Lines 246-251 Link Here
246	}	248	}
247	}	249	}
248		250
		251	static int verify(struct passwd_ctx ctx, const char hash)
		252	{
		253	apr_status_t rv;
		254	int ret;
		255
		256	if (ctx->passwd == NULL && (ret = get_password(ctx)) != 0)
		257	return ret;
		258	rv = apr_password_validate(ctx->passwd, hash);
		259	if (rv == APR_SUCCESS)
		260	return 0;
		261	if (APR_STATUS_IS_EMISMATCH(rv)) {
		262	ctx->errstr = "password verification failed";
		263	return ERR_PWMISMATCH;
		264	}
		265	ctx->errstr = apr_psprintf(ctx->pool, "Could not verify password: %pm",
		266	&rv);
		267	return ERR_GENERAL;
		268	}
		269
249	/*	270	/*
250	* Let's do it. We end up doing a lot of file opening and closing,	271	* Let's do it. We end up doing a lot of file opening and closing,
251	* but what do we care? This application isn't run constantly.	272	* but what do we care? This application isn't run constantly.
Lines 253-259 Link Here
253	int main(int argc, const char * const argv[])	274	int main(int argc, const char * const argv[])
254	{	275	{
255	apr_file_t *fpw = NULL;	276	apr_file_t *fpw = NULL;
256	const char *errstr = NULL;
257	char line[MAX_STRING_LEN];	277	char line[MAX_STRING_LEN];
258	char *pwfilename = NULL;	278	char *pwfilename = NULL;
259	char *user = NULL;	279	char *user = NULL;
Lines 262-268 Link Here
262	char *scratch, cp[MAX_STRING_LEN];	282	char *scratch, cp[MAX_STRING_LEN];
263	int found = 0;	283	int found = 0;
264	int i;	284	int i;
265	int mask = 0;	285	unsigned mask = 0;
266	apr_pool_t *pool;	286	apr_pool_t *pool;
267	int existing_file = 0;	287	int existing_file = 0;
268	struct passwd_ctx ctx = { 0 };	288	struct passwd_ctx ctx = { 0 };
Lines 274-279 Link Here
274	apr_app_initialize(&argc, &argv, NULL);	294	apr_app_initialize(&argc, &argv, NULL);
275	atexit(terminate);	295	atexit(terminate);
276	apr_pool_create(&pool, NULL);	296	apr_pool_create(&pool, NULL);
		297	apr_pool_abort_set(abort_on_oom, pool);
277	apr_file_open_stderr(&errfile, pool);	298	apr_file_open_stderr(&errfile, pool);
278	ctx.pool = pool;	299	ctx.pool = pool;
279	ctx.alg = ALG_APMD5;	300	ctx.alg = ALG_APMD5;
Lines 341-350 Link Here
341	* Any error message text is returned in the record buffer, since	362	* Any error message text is returned in the record buffer, since
342	* the mkrecord() routine doesn't have access to argv[].	363	* the mkrecord() routine doesn't have access to argv[].
343	*/	364	*/
344	if (!(mask & APHTP_DELUSER)) {	365	if ((mask & (APHTP_DELUSER\|APHTP_VERIFY)) == 0) {
345	i = mkrecord(&ctx, user);	366	i = mkrecord(&ctx, user);
346	if (i != 0) {	367	if (i != 0) {
347	apr_file_printf(errfile, "%s: %s" NL, argv[0], errstr);	368	apr_file_printf(errfile, "%s: %s" NL, argv[0], ctx.errstr);
348	exit(i);	369	exit(i);
349	}	370	}
350	if (mask & APHTP_NOFILE) {	371	if (mask & APHTP_NOFILE) {
Lines 353-373 Link Here
353	}	374	}
354	}	375	}
355		376
356	/*	377	if ((mask & APHTP_VERIFY) == 0) {
357	* We can access the files the right way, and we have a record	378	/*
358	* to add or update. Let's do it..	379	* We can access the files the right way, and we have a record
359	*/	380	* to add or update. Let's do it..
360	if (apr_temp_dir_get((const char**)&dirname, pool) != APR_SUCCESS) {	381	*/
361	apr_file_printf(errfile, "%s: could not determine temp dir" NL,	382	if (apr_temp_dir_get((const char**)&dirname, pool) != APR_SUCCESS) {
362	argv[0]);	383	apr_file_printf(errfile, "%s: could not determine temp dir" NL,
363	exit(ERR_FILEPERM);	384	argv[0]);
364	}	385	exit(ERR_FILEPERM);
365	dirname = apr_psprintf(pool, "%s/%s", dirname, tn);	386	}
		387	dirname = apr_psprintf(pool, "%s/%s", dirname, tn);
366		388
367	if (apr_file_mktemp(&ftemp, dirname, 0, pool) != APR_SUCCESS) {	389	if (apr_file_mktemp(&ftemp, dirname, 0, pool) != APR_SUCCESS) {
368	apr_file_printf(errfile, "%s: unable to create temporary file %s" NL,	390	apr_file_printf(errfile, "%s: unable to create temporary file %s" NL,
369	argv[0], dirname);	391	argv[0], dirname);
370	exit(ERR_FILEPERM);	392	exit(ERR_FILEPERM);
		393	}
371	}	394	}
372		395
373	/*	396	/*
Lines 418-450 Link Here
418	continue;	441	continue;
419	}	442	}
420	else {	443	else {
421	if (!(mask & APHTP_DELUSER)) {	444	/* We found the user we were looking for */
422	/* We found the user we were looking for.	445	found++;
423	* Add him to the file.	446	if ((mask & APHTP_DELUSER)) {
424	*/	447	/* Delete entry from the file */
		448	apr_file_printf(errfile, "Deleting ");
		449	}
		450	else if ((mask & APHTP_VERIFY)) {
		451	/* Verify */
		452	char *hash = colon + 1;
		453	size_t len;
		454
		455	len = strcspn(hash, "\r\n");
		456	if (len == 0) {
		457	apr_file_printf(errfile, "Empty hash for user %s" NL,
		458	user);
		459	exit(ERR_INVALID);
		460	}
		461	hash[len] = '\0';
		462
		463	i = verify(&ctx, hash);
		464	if (i != 0) {
		465	apr_file_printf(errfile, "%s" NL, ctx.errstr);
		466	exit(i);
		467	}
		468	}
		469	else {
		470	/* Update entry */
425	apr_file_printf(errfile, "Updating ");	471	apr_file_printf(errfile, "Updating ");
426	putline(ftemp, ctx.out);	472	putline(ftemp, ctx.out);
427	found++;
428	}	473	}
429	else {
430	/* We found the user we were looking for.
431	* Delete them from the file.
432	*/
433	apr_file_printf(errfile, "Deleting ");
434	found++;
435	}
436	}	474	}
437	}	475	}
438	apr_file_close(fpw);	476	apr_file_close(fpw);
439	}	477	}
440	if (!found && !(mask & APHTP_DELUSER)) {	478	if (!found) {
441	apr_file_printf(errfile, "Adding ");	479	if (mask & APHTP_DELUSER) {
442	putline(ftemp, ctx.out);	480	apr_file_printf(errfile, "User %s not found" NL, user);
		481	exit(0);
		482	}
		483	else if (mask & APHTP_VERIFY) {
		484	apr_file_printf(errfile, "User %s not found" NL, user);
		485	exit(ERR_BADUSER);
		486	}
		487	else {
		488	apr_file_printf(errfile, "Adding ");
		489	putline(ftemp, ctx.out);
		490	}
443	}	491	}
444	else if (!found && (mask & APHTP_DELUSER)) {	492	if (mask & APHTP_VERIFY) {
445	apr_file_printf(errfile, "User %s not found" NL, user);	493	apr_file_printf(errfile, "Password for user %s correct." NL, user);
446	exit(0);	494	exit(0);
447	}	495	}
		496
448	apr_file_printf(errfile, "password for user %s" NL, user);	497	apr_file_printf(errfile, "password for user %s" NL, user);
449		498
450	/* The temporary file has all the data, just copy it to the new location.	499	/* The temporary file has all the data, just copy it to the new location.