/* Licensed to the Apache Software Foundation (ASF) under one or more * contributor license agreements. See the NOTICE file distributed with * this work for additional information regarding copyright ownership. * The ASF licenses this file to You under the Apache License, Version 2.0 * (the "License"); you may not use this file except in compliance with * the License. You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License.
*/
/****************************************************************************** ****************************************************************************** * NOTE! This program is not safe as a setuid executable! Do not make it * setuid! ******************************************************************************
*****************************************************************************/ /* * htdigest.c: simple program for manipulating digest passwd file for Apache * * by Alexei Kosut, based on htpasswd.c, by Rob McCool
*/
#include"apr.h" #include"apr_file_io.h" #include"apr_md5.h" #include"apr_lib.h"/* for apr_getpass() */ #include"apr_general.h" #include"apr_signal.h" #include"apr_strings.h"/* for apr_pstrdup() */
staticint get_line(char *s, int n, apr_file_t *f)
{ int i = 0; char ch;
apr_status_t rv = APR_EINVAL;
/* we need 2 remaining bytes in buffer */ while (i < (n - 2) &&
((rv = apr_file_getc(&ch, f)) == APR_SUCCESS) && (ch != '\n')) {
s[i++] = ch;
} /* First remaining byte potentially used here */ if (ch == '\n')
s[i++] = ch; /* Second remaining byte used here */
s[i] = '\0';
if (rv != APR_SUCCESS) return 1;
return 0;
}
staticvoid putline(apr_file_t *f, char *l)
{ int x;
for (x = 0; l[x]; x++)
apr_file_putc(l[x], f);
}
staticvoid add_password(constchar *user, constchar *realm, apr_file_t *f)
{ char *pw;
apr_md5_ctx_t context; unsignedchar digest[16]; char string[MAX_LINE_LEN]; /* this includes room for 2 * ':' + '\0' */ char pwin[MAX_STRING_LEN]; char pwv[MAX_STRING_LEN]; unsignedint i;
apr_size_t len = sizeof(pwin);
if (apr_password_get("New password: ", pwin, &len) != APR_SUCCESS) {
apr_file_printf(errfile, "password too long");
cleanup_tempfile_and_exit(5);
}
len = sizeof(pwin);
apr_password_get("Re-type new password: ", pwv, &len); if (strcmp(pwin, pwv) != 0) {
apr_file_printf(errfile, "They don't match, sorry.\n");
cleanup_tempfile_and_exit(1);
}
pw = pwin;
apr_file_printf(f, "%s:%s:", user, realm);
for (i = 0; i < 16; i++)
apr_file_printf(f, "%02x", digest[i]);
apr_file_printf(f, "\n");
}
staticvoid usage(void)
{
apr_file_printf(errfile, "Usage: htdigest [-c] passwordfile realm username\n");
apr_file_printf(errfile, "The -c flag creates a new file.\n"); exit(1);
}
apr_signal(SIGINT, (void (*)(int)) interrupted); if (argc == 5) { if (strcmp(argv[1], "-c"))
usage();
rv = apr_file_open(&f, argv[2], APR_WRITE | APR_CREATE,
APR_OS_DEFAULT, cntxt); if (rv != APR_SUCCESS) {
apr_file_printf(errfile, "Could not open passwd file %s for writing: %pm\n",
argv[2], &rv); exit(1);
}
apr_cpystrn(user, argv[4], sizeof(user));
apr_cpystrn(realm, argv[3], sizeof(realm));
apr_file_printf(errfile, "Adding password for %s in realm %s.\n",
user, realm);
add_password(user, realm, f);
apr_file_close(f); exit(0);
} elseif (argc != 4)
usage();
if (apr_temp_dir_get((constchar**)&dirname, cntxt) != APR_SUCCESS) {
apr_file_printf(errfile, "%s: could not determine temp dir\n",
argv[0]); exit(1);
}
dirname = apr_psprintf(cntxt, "%s/%s", dirname, tn);
if (apr_file_mktemp(&tfp, dirname, 0, cntxt) != APR_SUCCESS) {
apr_file_printf(errfile, "Could not open temp file %s.\n", dirname); exit(1);
}
if (apr_file_open(&f, argv[1], APR_READ, APR_OS_DEFAULT, cntxt) != APR_SUCCESS) {
apr_file_printf(errfile, "Could not open passwd file %s for reading.\n", argv[1]);
apr_file_printf(errfile, "Use -c option to create new one.\n");
cleanup_tempfile_and_exit(1);
}
apr_cpystrn(user, argv[3], sizeof(user));
apr_cpystrn(realm, argv[2], sizeof(realm));
found = 0; while (!(get_line(line, sizeof(line), f))) { if (found || (line[0] == '#') || (!line[0])) {
putline(tfp, line); continue;
}
strcpy(l, line); if (getword(w, l, ':') || getword(x, l, ':')) {
apr_file_printf(errfile, "The following line contains a string longer than the " "allowed maximum size (%i): %s\n", MAX_STRING_LEN - 1, line);
cleanup_tempfile_and_exit(1);
} if (strcmp(user, w) || strcmp(realm, x)) {
putline(tfp, line); continue;
} else {
apr_file_printf(errfile, "Changing password for user %s in realm %s\n",
user, realm);
add_password(user, realm, tfp);
found = 1;
}
} if (!found) {
apr_file_printf(errfile, "Adding user %s in realm %s\n", user, realm);
add_password(user, realm, tfp);
}
apr_file_close(f);
/* The temporary file has all the data, just copy it to the new location.
*/ if (apr_file_copy(dirname, argv[1], APR_OS_DEFAULT, cntxt) !=
APR_SUCCESS) {
apr_file_printf(errfile, "%s: unable to update file %s\n",
argv[0], argv[1]);
}
apr_file_close(tfp);
return 0;
}
¤ Dauer der Verarbeitung: 0.16 Sekunden
(vorverarbeitet)
¤
Die Informationen auf dieser Webseite wurden
nach bestem Wissen sorgfältig zusammengestellt. Es wird jedoch weder Vollständigkeit, noch Richtigkeit,
noch Qualität der bereit gestellten Informationen zugesichert.
Bemerkung:
Die farbliche Syntaxdarstellung ist noch experimentell.
