From: Kurt Zeilenga Date: Fri, 25 Aug 2000 07:42:11 +0000 (+0000) Subject: Remove meantion of authPassword from slappasswd(8) for 2.0. X-Git-Tag: LDBM_PRE_GIANT_RWLOCK~2178 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=be654e45f191fc32d08ee7ce311138b73d4d3454;p=openldap Remove meantion of authPassword from slappasswd(8) for 2.0. Use -u scheme (in line with future code). Need to trim authPassword from release schema code/confs. --- diff --git a/doc/man/man8/slappasswd.8 b/doc/man/man8/slappasswd.8 index f33c5a2701..6dfad78a05 100644 --- a/doc/man/man8/slappasswd.8 +++ b/doc/man/man8/slappasswd.8 @@ -6,16 +6,15 @@ slappasswd \- OpenLDAP password utility .SH SYNOPSIS .B SBINDIR/slappasswd -.B [\-u] .B [\-v] .B [\-s secret] -.B [\-h hash] +.B [\-u hash] .B .LP .SH DESCRIPTION .LP .B Slappasswd -is used to generate an authPassword (or userPassword) value +is used to generate an userPassword value suitable for use with .BR ldapmodify (1) or @@ -24,9 +23,6 @@ or coniguration directive. .SH OPTIONS .TP -.B \-u -generate RFC2307 userPassword values instead of authPassword values. -.TP .B \-v enable verbose mode. .TP @@ -34,14 +30,6 @@ enable verbose mode. The secret to hash. If not provided, the user will be prompted for the secret to hash. .TP -.BI \-h " scheme" -The hash scheme to use. One of the following authPassword schemes -may be specified: -.IR MD5 , -.IR SHA1 ", and" -.IR X-CRYPT . -The default is -.IR SHA1 . If -u is specified, one of the following RFC2307 schemes may be specified: .IR {CRYPT} , @@ -53,9 +41,9 @@ The default is .IR {SSHA} . .LP .SH LIMITATIONS -The authPassword attribute type is not yet widely supported. The practice storing hashed passwords in userPassword violates -Standard Track schema and may hinder interoperability. +Standard Track (RFC2256) schema specifications and may hinder +interoperability. .SH "SECURITY CONSIDERATIONS" Use of hashed passwords does not protect passwords during protocol transfer. TLS or other eavesdropping protections diff --git a/servers/slapd/tools/slappasswd.c b/servers/slapd/tools/slappasswd.c index c433ab6357..d1e40afaa3 100644 --- a/servers/slapd/tools/slappasswd.c +++ b/servers/slapd/tools/slappasswd.c @@ -29,7 +29,7 @@ usage(const char *s) { fprintf(stderr, "Usage: %s [options]\n" - " -h hash\tpassword scheme\n" + " -u hash\tpassword scheme\n" " -s secret\tnew password\n" " -v\t\tincrease verbosity\n" , s ); @@ -50,10 +50,10 @@ main( int argc, char *argv[] ) struct berval *hash = NULL; while( (i = getopt( argc, argv, - "d:h:s:v" )) != EOF ) + "d:u:s:v" )) != EOF ) { switch (i) { - case 'h': /* scheme */ + case 'u': /* scheme */ scheme = strdup (optarg); case 's': /* new password (secret) */ @@ -88,7 +88,7 @@ main( int argc, char *argv[] ) cknewpw = getpassphrase("Re-enter new password: "); if( strncmp( newpw, cknewpw, strlen(newpw) )) { - fprintf( stderr, "passwords do not match\n" ); + fprintf( stderr, "Password values do not match\n" ); return EXIT_FAILURE; } } @@ -104,7 +104,7 @@ main( int argc, char *argv[] ) } if( lutil_passwd( hash, &passwd, NULL ) ) { - fprintf( stderr, "Password verificaiton failed.\n"); + fprintf( stderr, "Password verification failed.\n"); return EXIT_FAILURE; }