git.sur5r.net Git - openldap/blob - servers/slapd/tools/slappasswd.c

   1 /* $OpenLDAP$ */
   2 /*
   3  * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
   4  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
   5  */
   6
   7 #include "portable.h"
   8
   9 #include <stdio.h>
  10
  11 #include <ac/stdlib.h>
  12
  13 #include <ac/ctype.h>
  14 #include <ac/signal.h>
  15 #include <ac/socket.h>
  16 #include <ac/string.h>
  17 #include <ac/time.h>
  18 #include <ac/unistd.h>
  19
  20 #include <ldap.h>
  21 #include <lutil.h>
  22
  23 #include "ldap_defaults.h"
  24
  25 static int      verbose = 0;
  26
  27 static void
  28 usage(const char *s)
  29 {
  30         fprintf(stderr,
  31                 "Usage: %s [options]\n"
  32                 "  -h hash\tpassword scheme\n"
  33                 "  -s secret\tnew password\n"
  34                 "  -c format\tcrypt(3) salt format\n"
  35                 "  -u\t\tgenerate RFC2307 values (default)\n"
  36                 "  -v\t\tincrease verbosity\n"
  37                 , s );
  38
  39         exit( EXIT_FAILURE );
  40 }
  41
  42 int
  43 main( int argc, char *argv[] )
  44 {
  45         int rc;
  46         char    *scheme = "{SSHA}";
  47         char    *newpw = NULL;
  48
  49         int             i;
  50         int             version = -1;
  51         struct berval passwd;
  52         struct berval *hash = NULL;
  53
  54         while( (i = getopt( argc, argv,
  55                 "c:d:h:s:vu" )) != EOF )
  56         {
  57                 switch (i) {
  58                 case 'c':       /* crypt salt format */
  59                         scheme = "{CRYPT}";
  60                         lutil_salt_format( optarg );
  61                         break;
  62
  63                 case 'h':       /* scheme */
  64                         scheme = strdup( optarg );
  65                         break;
  66
  67                 case 's':       /* new password (secret) */
  68                         {
  69                                 char* p;
  70                                 newpw = strdup( optarg );
  71
  72                                 for( p = optarg; *p != '\0'; p++ ) {
  73                                         *p = '\0';
  74                                 }
  75
  76                         } break;
  77
  78                 case 'u':       /* RFC2307 userPassword */
  79                         break;
  80
  81                 case 'v':       /* verbose */
  82                         verbose++;
  83                         break;
  84
  85                 default:
  86                         usage (argv[0]);
  87                 }
  88         }
  89
  90         if( argc - optind != 0 ) {
  91                 usage( argv[0] );
  92         }
  93
  94         if( newpw == NULL ) {
  95                 /* prompt for new password */
  96                 char *cknewpw;
  97                 newpw = strdup(getpassphrase("New password: "));
  98                 cknewpw = getpassphrase("Re-enter new password: ");
  99
 100                 if( strncmp( newpw, cknewpw, strlen(newpw) )) {
 101                         fprintf( stderr, "Password values do not match\n" );
 102                         return EXIT_FAILURE;
 103                 }
 104         }
 105
 106         passwd.bv_val = newpw;
 107         passwd.bv_len = strlen(passwd.bv_val);
 108
 109         hash = lutil_passwd_hash( &passwd, scheme );
 110
 111         if( hash == NULL || hash->bv_val == NULL ) {
 112                 fprintf( stderr, "Password generation failed.\n");
 113                 return EXIT_FAILURE;
 114         }
 115
 116         if( lutil_passwd( hash, &passwd, NULL ) ) {
 117                 fprintf( stderr, "Password verification failed.\n");
 118                 return EXIT_FAILURE;
 119         }
 120
 121         printf( "%s\n" , hash->bv_val );
 122         return EXIT_SUCCESS;
 123 }