From be654e45f191fc32d08ee7ce311138b73d4d3454 Mon Sep 17 00:00:00 2001
From: Kurt Zeilenga <kurt@openldap.org>
Date: Fri, 25 Aug 2000 07:42:11 +0000
Subject: [PATCH] Remove meantion of authPassword from slappasswd(8) for 2.0.
 Use -u scheme (in line with future code). Need to trim authPassword from
 release schema code/confs.

---
 doc/man/man8/slappasswd.8        | 20 ++++----------------
 servers/slapd/tools/slappasswd.c | 10 +++++-----
 2 files changed, 9 insertions(+), 21 deletions(-)

diff --git a/doc/man/man8/slappasswd.8 b/doc/man/man8/slappasswd.8
index f33c5a2701..6dfad78a05 100644
--- a/doc/man/man8/slappasswd.8
+++ b/doc/man/man8/slappasswd.8
@@ -6,16 +6,15 @@
 slappasswd \- OpenLDAP password utility
 .SH SYNOPSIS
 .B SBINDIR/slappasswd
-.B [\-u]
 .B [\-v]
 .B [\-s secret]
-.B [\-h hash]
+.B [\-u hash]
 .B 
 .LP
 .SH DESCRIPTION
 .LP
 .B Slappasswd
-is used to generate an authPassword (or userPassword) value
+is used to generate an userPassword value
 suitable for use with
 .BR ldapmodify (1)
 or
@@ -24,9 +23,6 @@ or
 coniguration directive.
 .SH OPTIONS
 .TP
-.B \-u
-generate RFC2307 userPassword values instead of authPassword values.
-.TP
 .B \-v
 enable verbose mode.
 .TP
@@ -34,14 +30,6 @@ enable verbose mode.
 The secret to hash.  If not provided, the user will be prompted
 for the secret to hash.
 .TP
-.BI \-h " scheme"
-The hash scheme to use.  One of the following authPassword schemes
-may be specified:
-.IR MD5 ,
-.IR SHA1 ", and"
-.IR X-CRYPT .
-The default is
-.IR SHA1 .
 If -u is specified, one of the following RFC2307 schemes may
 be specified:
 .IR {CRYPT} ,
@@ -53,9 +41,9 @@ The default is
 .IR {SSHA} .
 .LP
 .SH LIMITATIONS
-The authPassword attribute type is not yet widely supported.
 The practice storing hashed passwords in userPassword violates
-Standard Track schema and may hinder interoperability.  
+Standard Track (RFC2256) schema specifications and may hinder
+interoperability.  
 .SH "SECURITY CONSIDERATIONS"
 Use of hashed passwords does not protect passwords during
 protocol transfer.  TLS or other eavesdropping protections
diff --git a/servers/slapd/tools/slappasswd.c b/servers/slapd/tools/slappasswd.c
index c433ab6357..d1e40afaa3 100644
--- a/servers/slapd/tools/slappasswd.c
+++ b/servers/slapd/tools/slappasswd.c
@@ -29,7 +29,7 @@ usage(const char *s)
 {
 	fprintf(stderr,
 		"Usage: %s [options]\n"
-		"  -h hash\tpassword scheme\n"
+		"  -u hash\tpassword scheme\n"
 		"  -s secret\tnew password\n"
 		"  -v\t\tincrease verbosity\n"
 		, s );
@@ -50,10 +50,10 @@ main( int argc, char *argv[] )
 	struct berval *hash = NULL;
 
 	while( (i = getopt( argc, argv,
-		"d:h:s:v" )) != EOF )
+		"d:u:s:v" )) != EOF )
 	{
 		switch (i) {
-		case 'h':	/* scheme */
+		case 'u':	/* scheme */
 			scheme = strdup (optarg);
 
 		case 's':	/* new password (secret) */
@@ -88,7 +88,7 @@ main( int argc, char *argv[] )
 		cknewpw = getpassphrase("Re-enter new password: ");
 
 		if( strncmp( newpw, cknewpw, strlen(newpw) )) {
-			fprintf( stderr, "passwords do not match\n" );
+			fprintf( stderr, "Password values do not match\n" );
 			return EXIT_FAILURE;
 		}
 	}
@@ -104,7 +104,7 @@ main( int argc, char *argv[] )
 	}
 
 	if( lutil_passwd( hash, &passwd, NULL ) ) {
-		fprintf( stderr, "Password verificaiton failed.\n");
+		fprintf( stderr, "Password verification failed.\n");
 		return EXIT_FAILURE;
 	}
 
-- 
2.39.5