summaryrefslogtreecommitdiff
path: root/loginutils
diff options
context:
space:
mode:
authorBernhard Reutner-Fischer2008-12-03 18:48:39 +0000
committerBernhard Reutner-Fischer2008-12-03 18:48:39 +0000
commit82b142996625d6bf20ee667ce602496cb270fccc (patch)
treedf4be1e1502cdbe3f49bf46c7bd00db764add571 /loginutils
parent81c3a1d0b2be02c1d675e6dceb500ce6b3da3282 (diff)
downloadbusybox-82b142996625d6bf20ee667ce602496cb270fccc.zip
busybox-82b142996625d6bf20ee667ce602496cb270fccc.tar.gz
- add new applet mkpasswd(1)
function old new delta bb_ask - 355 +355 mkpasswd_main - 296 +296 .rodata 121746 121847 +101 packed_usage 24632 24689 +57 static.methods - 21 +21 gmatch 229 248 +19 bb_ask_stdin - 11 +11 applet_names 1949 1958 +9 applet_main 1172 1176 +4 sulogin_main 503 505 +2 applet_nameofs 586 588 +2 sha256_hash 329 327 -2 correct_password 208 206 -2 parse_command 1442 1439 -3 get_cred_or_die 145 141 -4 passwd_main 1054 1044 -10 bb_askpass 348 - -348 ------------------------------------------------------------------------------ (add/remove: 4/1 grow/shrink: 7/5 up/down: 877/-369) Total: 508 bytes
Diffstat (limited to 'loginutils')
-rw-r--r--loginutils/Config.in7
-rw-r--r--loginutils/Kbuild1
-rw-r--r--loginutils/mkpasswd.c71
-rw-r--r--loginutils/passwd.c10
-rw-r--r--loginutils/sulogin.c4
5 files changed, 86 insertions, 7 deletions
diff --git a/loginutils/Config.in b/loginutils/Config.in
index 5f66e86..6efca7e 100644
--- a/loginutils/Config.in
+++ b/loginutils/Config.in
@@ -252,6 +252,13 @@ config CHPASSWD
standard input and uses this information to update a group of
existing users.
+config MKPASSWD
+ bool "mkpasswd"
+ default n
+ help
+ mkpasswd encrypts the given password with the crypt(3) libc function
+ using the given salt.
+
config SU
bool "su"
default n
diff --git a/loginutils/Kbuild b/loginutils/Kbuild
index 3d0d777..616d977 100644
--- a/loginutils/Kbuild
+++ b/loginutils/Kbuild
@@ -11,6 +11,7 @@ lib-$(CONFIG_CRYPTPW) += cryptpw.o
lib-$(CONFIG_CHPASSWD) += chpasswd.o
lib-$(CONFIG_GETTY) += getty.o
lib-$(CONFIG_LOGIN) += login.o
+lib-$(CONFIG_MKPASSWD) += mkpasswd.o
lib-$(CONFIG_PASSWD) += passwd.o
lib-$(CONFIG_SU) += su.o
lib-$(CONFIG_SULOGIN) += sulogin.o
diff --git a/loginutils/mkpasswd.c b/loginutils/mkpasswd.c
new file mode 100644
index 0000000..442738e
--- /dev/null
+++ b/loginutils/mkpasswd.c
@@ -0,0 +1,71 @@
+/* vi: set sw=4 ts=4 sts=4: */
+/*
+ * mkpasswd - Overfeatured front end to crypt(3)
+ * Copyright (c) 2008 Bernhard Reutner-Fischer
+ *
+ * Licensed under GPLv2 or later, see file LICENSE in this tarball for details.
+ */
+
+#include "libbb.h"
+
+int mkpasswd_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
+int mkpasswd_main(int argc UNUSED_PARAM, char **argv)
+{
+ char *chp = NULL, *method = NULL, *salt = NULL;
+ char *encrypted;
+ int fd = STDIN_FILENO;
+ enum {
+ OPT_P = (1 << 0),
+ OPT_s = (1 << 1),
+ OPT_m = (1 << 2),
+ OPT_S = (1 << 3)
+ };
+ static const char methods[] ALIGN1 =
+ /*"des\0"*/"md5\0""sha-256\0""sha-512\0";
+ enum { TYPE_des, TYPE_md5, TYPE_sha256, TYPE_sha512 };
+ unsigned algo = TYPE_des, algobits = 1;
+#if ENABLE_GETOPT_LONG
+ static const char mkpasswd_longopts[] ALIGN1 =
+ "password-fd\0" Required_argument "P"
+ "stdin\0" No_argument "s"
+ "method\0" Required_argument "m"
+ "salt\0" Required_argument "S"
+ ;
+ applet_long_options = mkpasswd_longopts;
+#endif
+ opt_complementary = "?1"; /* at most one non-option argument */
+ getopt32(argv, "P:sm:S:", &chp, &method, &salt);
+ argv += optind;
+ if (option_mask32 & OPT_P)
+ fd = xatoi_u(chp);
+ if (option_mask32 & OPT_m)
+ algo = index_in_strings(methods, method) + 1;
+ if (*argv) /* we have a cleartext passwd */
+ chp = *argv;
+ else
+ chp = bb_ask(fd, 0, "Password: ");
+ if (!salt)
+ salt = xmalloc(128);
+
+ if (algo) {
+ char foo[2];
+ foo[0] = foo[2] = '$';
+ algobits = 4;
+ /* MD5 == "$1$", SHA-256 == "$5$", SHA-512 == "$6$" */
+ if (algo > 1) {
+ algo += 3;
+ algobits = 8;
+ }
+ foo[1] = '0' + (algo);
+ strcpy(salt, foo);
+ }
+ /* The opt_complementary adds a bit of additional noise, which is good
+ but not strictly needed. */
+ crypt_make_salt(salt + ((!!algo) * 3), algobits, (int)&opt_complementary);
+ encrypted = pw_encrypt(chp, salt, 1);
+ puts(encrypted);
+ if (ENABLE_FEATURE_CLEAN_UP) {
+ free(encrypted);
+ }
+ return EXIT_SUCCESS;
+}
diff --git a/loginutils/passwd.c b/loginutils/passwd.c
index b156ab5..e3e74ba 100644
--- a/loginutils/passwd.c
+++ b/loginutils/passwd.c
@@ -22,7 +22,7 @@ static char* new_password(const struct passwd *pw, uid_t myuid, int algo)
if (myuid && pw->pw_passwd[0]) {
char *encrypted;
- orig = bb_askpass(0, "Old password:"); /* returns ptr to static */
+ orig = bb_ask_stdin("Old password:"); /* returns ptr to static */
if (!orig)
goto err_ret;
encrypted = pw_encrypt(orig, pw->pw_passwd, 1); /* returns malloced str */
@@ -35,16 +35,16 @@ static char* new_password(const struct passwd *pw, uid_t myuid, int algo)
}
if (ENABLE_FEATURE_CLEAN_UP) free(encrypted);
}
- orig = xstrdup(orig); /* or else bb_askpass() will destroy it */
- newp = bb_askpass(0, "New password:"); /* returns ptr to static */
+ orig = xstrdup(orig); /* or else bb_ask_stdin() will destroy it */
+ newp = bb_ask_stdin("New password:"); /* returns ptr to static */
if (!newp)
goto err_ret;
- newp = xstrdup(newp); /* we are going to bb_askpass() again, so save it */
+ newp = xstrdup(newp); /* we are going to bb_ask_stdin() again, so save it */
if (ENABLE_FEATURE_PASSWD_WEAK_CHECK
&& obscure(orig, newp, pw) && myuid)
goto err_ret; /* non-root is not allowed to have weak passwd */
- cp = bb_askpass(0, "Retype password:");
+ cp = bb_ask_stdin("Retype password:");
if (!cp)
goto err_ret;
if (strcmp(cp, newp)) {
diff --git a/loginutils/sulogin.c b/loginutils/sulogin.c
index 892c434..4ffefe9 100644
--- a/loginutils/sulogin.c
+++ b/loginutils/sulogin.c
@@ -51,7 +51,7 @@ int sulogin_main(int argc UNUSED_PARAM, char **argv)
/* Clear dangerous stuff, set PATH */
sanitize_env_if_suid();
-// bb_askpass() already handles this
+// bb_ask() already handles this
// signal(SIGALRM, catchalarm);
pwd = getpwuid(0);
@@ -77,7 +77,7 @@ int sulogin_main(int argc UNUSED_PARAM, char **argv)
int r;
/* cp points to a static buffer that is zeroed every time */
- cp = bb_askpass(timeout,
+ cp = bb_ask(STDIN_FILENO, timeout,
"Give root password for system maintenance\n"
"(or type Control-D for normal startup):");