git.sur5r.net Git - openldap/blob - servers/slapd/tools/slappasswd.c

   1 /* $OpenLDAP$ */
   2 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
   3  *
   4  * Copyright 1998-2003 The OpenLDAP Foundation.
   5  * Portions Copyright 1998-2003 Kurt D. Zeilenga.
   6  * All rights reserved.
   7  *
   8  * Redistribution and use in source and binary forms, with or without
   9  * modification, are permitted only as authorized by the OpenLDAP
  10  * Public License.
  11  *
  12  * A copy of this license is available in file LICENSE in the
  13  * top-level directory of the distribution or, alternatively, at
  14  * <http://www.OpenLDAP.org/license.html>.
  15  */
  16 /* ACKNOWLEDGEMENTS:
  17  * This work was initially developed by Kurt Zeilenga for inclusion
  18  * in OpenLDAP Software.
  19  */
  20
  21 #include "portable.h"
  22
  23 #include <stdio.h>
  24
  25 #include <ac/stdlib.h>
  26
  27 #include <ac/ctype.h>
  28 #include <ac/signal.h>
  29 #include <ac/socket.h>
  30 #include <ac/string.h>
  31 #include <ac/time.h>
  32 #include <ac/unistd.h>
  33
  34 #include <ldap.h>
  35 #include <lutil.h>
  36
  37 #include "ldap_defaults.h"
  38
  39 static int      verbose = 0;
  40
  41 static void
  42 usage(const char *s)
  43 {
  44         fprintf(stderr,
  45                 "Usage: %s [options]\n"
  46                 "  -h hash\tpassword scheme\n"
  47                 "  -s secret\tnew password\n"
  48                 "  -c format\tcrypt(3) salt format\n"
  49                 "  -u\t\tgenerate RFC2307 values (default)\n"
  50                 "  -v\t\tincrease verbosity\n"
  51                 "  -T file\tread file for new password\n"
  52                 , s );
  53
  54         exit( EXIT_FAILURE );
  55 }
  56
  57 int
  58 main( int argc, char *argv[] )
  59 {
  60         char    *scheme = "{SSHA}";
  61         char    *newpw = NULL;
  62         char    *pwfile = NULL;
  63         const char *text;
  64
  65         int             i;
  66         struct berval passwd;
  67         struct berval *hash = NULL;
  68
  69         while( (i = getopt( argc, argv,
  70                 "c:d:h:s:T:vu" )) != EOF )
  71         {
  72                 switch (i) {
  73                 case 'c':       /* crypt salt format */
  74                         scheme = "{CRYPT}";
  75                         lutil_salt_format( optarg );
  76                         break;
  77
  78                 case 'h':       /* scheme */
  79                         scheme = strdup( optarg );
  80                         break;
  81
  82                 case 's':       /* new password (secret) */
  83                         {
  84                                 char* p;
  85                                 newpw = strdup( optarg );
  86
  87                                 for( p = optarg; *p != '\0'; p++ ) {
  88                                         *p = '\0';
  89                                 }
  90                         } break;
  91
  92                 case 'T':       /* password file */
  93                         pwfile = optarg;
  94                         break;
  95
  96                 case 'u':       /* RFC2307 userPassword */
  97                         break;
  98
  99                 case 'v':       /* verbose */
 100                         verbose++;
 101                         break;
 102
 103                 default:
 104                         usage (argv[0]);
 105                 }
 106         }
 107
 108         if( argc - optind != 0 ) {
 109                 usage( argv[0] );
 110         }
 111
 112         if( pwfile != NULL ) {
 113                 if( lutil_get_filed_password( pwfile, &passwd )) {
 114                         return EXIT_FAILURE;
 115                 }
 116         } else {
 117                 if( newpw == NULL ) {
 118                         /* prompt for new password */
 119                         char *cknewpw;
 120                         newpw = strdup(getpassphrase("New password: "));
 121                         cknewpw = getpassphrase("Re-enter new password: ");
 122
 123                         if( strcmp( newpw, cknewpw )) {
 124                                 fprintf( stderr, "Password values do not match\n" );
 125                                 return EXIT_FAILURE;
 126                         }
 127                 }
 128
 129                 passwd.bv_val = newpw;
 130                 passwd.bv_len = strlen(passwd.bv_val);
 131         }
 132
 133         lutil_passwd_init();
 134
 135         hash = lutil_passwd_hash( &passwd, scheme, &text );
 136
 137         if( hash == NULL || hash->bv_val == NULL ) {
 138                 fprintf( stderr, "Password generation failed. %s\n",
 139                         text ? text : "" );
 140                 return EXIT_FAILURE;
 141         }
 142
 143         if( lutil_passwd( hash, &passwd, NULL, &text ) ) {
 144                 fprintf( stderr, "Password verification failed. %s\n",
 145                         text ? text : "" );
 146                 return EXIT_FAILURE;
 147         }
 148
 149         printf( "%s\n" , hash->bv_val );
 150         return EXIT_SUCCESS;
 151 }