]> git.sur5r.net Git - openldap/blob - servers/slapd/tools/slappasswd.c
Added bdb_attribute and bdb_group ACL support routines
[openldap] / servers / slapd / tools / slappasswd.c
1 /* $OpenLDAP$ */
2 /*
3  * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
4  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
5  */
6
7 #include "portable.h"
8
9 #include <stdio.h>
10
11 #include <ac/stdlib.h>
12
13 #include <ac/ctype.h>
14 #include <ac/signal.h>
15 #include <ac/socket.h>
16 #include <ac/string.h>
17 #include <ac/time.h>
18 #include <ac/unistd.h>
19
20 #include <ldap.h>
21 #include <lutil.h>
22
23 #include "ldap_defaults.h"
24
25 static int      verbose = 0;
26
27 static void
28 usage(const char *s)
29 {
30         fprintf(stderr,
31                 "Usage: %s [options]\n"
32                 "  -h hash\tpassword scheme\n"
33                 "  -s secret\tnew password\n"
34                 "  -c format\tcrypt(3) salt format\n"
35                 "  -u\t\tgenerate RFC2307 values (default)\n"
36                 "  -v\t\tincrease verbosity\n"
37                 , s );
38
39         exit( EXIT_FAILURE );
40 }
41
42 int
43 main( int argc, char *argv[] )
44 {
45         int rc;
46         char    *scheme = "{SSHA}";
47         char    *newpw = NULL;
48
49         int             i;
50         int             version = -1;
51         struct berval passwd;
52         struct berval *hash = NULL;
53
54         while( (i = getopt( argc, argv,
55                 "c:d:h:s:vu" )) != EOF )
56         {
57                 switch (i) {
58                 case 'c':       /* crypt salt format */
59                         scheme = "{CRYPT}";
60                         lutil_salt_format( optarg );
61                         break;
62
63                 case 'h':       /* scheme */
64                         scheme = strdup( optarg );
65                         break;
66
67                 case 's':       /* new password (secret) */
68                         {
69                                 char* p;
70                                 newpw = strdup( optarg );
71
72                                 for( p = optarg; *p != '\0'; p++ ) {
73                                         *p = '\0';
74                                 }
75
76                         } break;
77
78                 case 'u':       /* RFC2307 userPassword */
79                         break;
80
81                 case 'v':       /* verbose */
82                         verbose++;
83                         break;
84
85                 default:
86                         usage (argv[0]);
87                 }
88         }
89
90         if( argc - optind != 0 ) {
91                 usage( argv[0] );
92         } 
93
94         if( newpw == NULL ) {
95                 /* prompt for new password */
96                 char *cknewpw;
97                 newpw = strdup(getpassphrase("New password: "));
98                 cknewpw = getpassphrase("Re-enter new password: ");
99
100                 if( strncmp( newpw, cknewpw, strlen(newpw) )) {
101                         fprintf( stderr, "Password values do not match\n" );
102                         return EXIT_FAILURE;
103                 }
104         }
105
106         passwd.bv_val = newpw;
107         passwd.bv_len = strlen(passwd.bv_val);
108
109         hash = lutil_passwd_hash( &passwd, scheme );
110
111         if( hash == NULL || hash->bv_val == NULL ) {
112                 fprintf( stderr, "Password generation failed.\n");
113                 return EXIT_FAILURE;
114         }
115
116         if( lutil_passwd( hash, &passwd, NULL ) ) {
117                 fprintf( stderr, "Password verification failed.\n");
118                 return EXIT_FAILURE;
119         }
120
121         printf( "%s\n" , hash->bv_val );
122         return EXIT_SUCCESS;
123 }