source-git / httpd

Clone
Source Code
GIT

Blame support/htdigest.c

c8s-stream-2.4 master
  1.   8ce744ba6a6ab15fc3d0ccaedf3bf0c8015e0c7b
  2.   support
  3.   htdigest.c
Blob History Raw
Packit 90a5c9 
/* Licensed to the Apache Software Foundation (ASF) under one or more
Packit 90a5c9 
 * contributor license agreements.  See the NOTICE file distributed with
Packit 90a5c9 
 * this work for additional information regarding copyright ownership.
Packit 90a5c9 
 * The ASF licenses this file to You under the Apache License, Version 2.0
Packit 90a5c9 
 * (the "License"); you may not use this file except in compliance with
Packit 90a5c9 
 * the License.  You may obtain a copy of the License at
Packit 90a5c9 
 *
Packit 90a5c9 
 *     http://www.apache.org/licenses/LICENSE-2.0
Packit 90a5c9 
 *
Packit 90a5c9 
 * Unless required by applicable law or agreed to in writing, software
Packit 90a5c9 
 * distributed under the License is distributed on an "AS IS" BASIS,
Packit 90a5c9 
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
Packit 90a5c9 
 * See the License for the specific language governing permissions and
Packit 90a5c9 
 * limitations under the License.
Packit 90a5c9 
 */
Packit 90a5c9
Packit 90a5c9 
/******************************************************************************
Packit 90a5c9 
 ******************************************************************************
Packit 90a5c9 
 * NOTE! This program is not safe as a setuid executable!  Do not make it
Packit 90a5c9 
 * setuid!
Packit 90a5c9 
 ******************************************************************************
Packit 90a5c9 
 *****************************************************************************/
Packit 90a5c9 
/*
Packit 90a5c9 
 * htdigest.c: simple program for manipulating digest passwd file for Apache
Packit 90a5c9 
 *
Packit 90a5c9 
 * by Alexei Kosut, based on htpasswd.c, by Rob McCool
Packit 90a5c9 
 */
Packit 90a5c9
Packit 90a5c9 
#include "apr.h"
Packit 90a5c9 
#include "apr_file_io.h"
Packit 90a5c9 
#include "apr_md5.h"
Packit 90a5c9 
#include "apr_lib.h"            /* for apr_getpass() */
Packit 90a5c9 
#include "apr_general.h"
Packit 90a5c9 
#include "apr_signal.h"
Packit 90a5c9 
#include "apr_strings.h"        /* for apr_pstrdup() */
Packit 90a5c9
Packit 90a5c9 
#define APR_WANT_STDIO
Packit 90a5c9 
#define APR_WANT_STRFUNC
Packit 90a5c9 
#include "apr_want.h"
Packit 90a5c9
Packit 90a5c9 
#if APR_HAVE_SYS_TYPES_H
Packit 90a5c9 
#include <sys/types.h>
Packit 90a5c9 
#endif
Packit 90a5c9 
#if APR_HAVE_STDLIB_H
Packit 90a5c9 
#include <stdlib.h>
Packit 90a5c9 
#endif
Packit 90a5c9
Packit 90a5c9 
#ifdef WIN32
Packit 90a5c9 
#include <conio.h>
Packit 90a5c9 
#endif
Packit 90a5c9
Packit 90a5c9
Packit 90a5c9 
#if APR_CHARSET_EBCDIC
Packit 90a5c9 
#define LF '\n'
Packit 90a5c9 
#define CR '\r'
Packit 90a5c9 
#else
Packit 90a5c9 
#define LF 10
Packit 90a5c9 
#define CR 13
Packit 90a5c9 
#endif /* APR_CHARSET_EBCDIC */
Packit 90a5c9
Packit 90a5c9 
#define MAX_STRING_LEN 256
Packit 90a5c9 
#define MAX_LINE_LEN 768
Packit 90a5c9
Packit 90a5c9 
apr_file_t *tfp = NULL;
Packit 90a5c9 
apr_file_t *errfile;
Packit 90a5c9 
apr_pool_t *cntxt;
Packit 90a5c9 
#if APR_CHARSET_EBCDIC
Packit 90a5c9 
apr_xlate_t *to_ascii;
Packit 90a5c9 
#endif
Packit 90a5c9
Packit 90a5c9 
static void cleanup_tempfile_and_exit(int rc)
Packit 90a5c9 
{
Packit 90a5c9 
    if (tfp) {
Packit 90a5c9 
        apr_file_close(tfp);
Packit 90a5c9 
    }
Packit 90a5c9 
    exit(rc);
Packit 90a5c9 
}
Packit 90a5c9
Packit 90a5c9 
static int getword(char *word, char *line, char stop)
Packit 90a5c9 
{
Packit 90a5c9 
    int x = 0, y;
Packit 90a5c9
Packit 90a5c9 
    for (x = 0; ((line[x]) && (line[x] != stop)); x++) {
Packit 90a5c9 
        if (x == (MAX_STRING_LEN - 1)) {
Packit 90a5c9 
            return 1;
Packit 90a5c9 
        }
Packit 90a5c9 
        word[x] = line[x];
Packit 90a5c9 
    }
Packit 90a5c9
Packit 90a5c9 
    word[x] = '\0';
Packit 90a5c9 
    if (line[x])
Packit 90a5c9 
        ++x;
Packit 90a5c9 
    y = 0;
Packit 90a5c9
Packit 90a5c9 
    while ((line[y++] = line[x++]));
Packit 90a5c9
Packit 90a5c9 
    return 0;
Packit 90a5c9 
}
Packit 90a5c9
Packit 90a5c9 
static int get_line(char *s, int n, apr_file_t *f)
Packit 90a5c9 
{
Packit 90a5c9 
    int i = 0;
Packit 90a5c9 
    char ch;
Packit 90a5c9 
    apr_status_t rv = APR_EINVAL;
Packit 90a5c9
Packit 90a5c9 
    /* we need 2 remaining bytes in buffer */
Packit 90a5c9 
    while (i < (n - 2) &&
Packit 90a5c9 
           ((rv = apr_file_getc(&ch, f)) == APR_SUCCESS) && (ch != '\n')) {
Packit 90a5c9 
        s[i++] = ch;
Packit 90a5c9 
    }
Packit 90a5c9 
    /* First remaining byte potentially used here */
Packit 90a5c9 
    if (ch == '\n')
Packit 90a5c9 
        s[i++] = ch;
Packit 90a5c9 
    /* Second remaining byte used here */
Packit 90a5c9 
    s[i] = '\0';
Packit 90a5c9
Packit 90a5c9 
    if (rv != APR_SUCCESS)
Packit 90a5c9 
        return 1;
Packit 90a5c9
Packit 90a5c9 
    return 0;
Packit 90a5c9 
}
Packit 90a5c9
Packit 90a5c9 
static void putline(apr_file_t *f, char *l)
Packit 90a5c9 
{
Packit 90a5c9 
    int x;
Packit 90a5c9
Packit 90a5c9 
    for (x = 0; l[x]; x++)
Packit 90a5c9 
        apr_file_putc(l[x], f);
Packit 90a5c9 
}
Packit 90a5c9
Packit 90a5c9
Packit 90a5c9 
static void add_password(const char *user, const char *realm, apr_file_t *f)
Packit 90a5c9 
{
Packit 90a5c9 
    char *pw;
Packit 90a5c9 
    apr_md5_ctx_t context;
Packit 90a5c9 
    unsigned char digest[16];
Packit 90a5c9 
    char string[MAX_LINE_LEN]; /* this includes room for 2 * ':' + '\0' */
Packit 90a5c9 
    char pwin[MAX_STRING_LEN];
Packit 90a5c9 
    char pwv[MAX_STRING_LEN];
Packit 90a5c9 
    unsigned int i;
Packit 90a5c9 
    apr_size_t len = sizeof(pwin);
Packit 90a5c9
Packit 90a5c9 
    if (apr_password_get("New password: ", pwin, &len) != APR_SUCCESS) {
Packit 90a5c9 
        apr_file_printf(errfile, "password too long");
Packit 90a5c9 
        cleanup_tempfile_and_exit(5);
Packit 90a5c9 
    }
Packit 90a5c9 
    len = sizeof(pwin);
Packit 90a5c9 
    apr_password_get("Re-type new password: ", pwv, &len;;
Packit 90a5c9 
    if (strcmp(pwin, pwv) != 0) {
Packit 90a5c9 
        apr_file_printf(errfile, "They don't match, sorry.\n");
Packit 90a5c9 
        cleanup_tempfile_and_exit(1);
Packit 90a5c9 
    }
Packit 90a5c9 
    pw = pwin;
Packit 90a5c9 
    apr_file_printf(f, "%s:%s:", user, realm);
Packit 90a5c9
Packit 90a5c9 
    /* Do MD5 stuff */
Packit 90a5c9 
    apr_snprintf(string, sizeof(string), "%s:%s:%s", user, realm, pw);
Packit 90a5c9
Packit 90a5c9 
    apr_md5_init(&context);
Packit 90a5c9 
#if APR_CHARSET_EBCDIC
Packit 90a5c9 
    apr_md5_set_xlate(&context, to_ascii);
Packit 90a5c9 
#endif
Packit 90a5c9 
    apr_md5_update(&context, (unsigned char *) string, strlen(string));
Packit 90a5c9 
    apr_md5_final(digest, &context);
Packit 90a5c9
Packit 90a5c9 
    for (i = 0; i < 16; i++)
Packit 90a5c9 
        apr_file_printf(f, "%02x", digest[i]);
Packit 90a5c9
Packit 90a5c9 
    apr_file_printf(f, "\n");
Packit 90a5c9 
}
Packit 90a5c9
Packit 90a5c9 
static void usage(void)
Packit 90a5c9 
{
Packit 90a5c9 
    apr_file_printf(errfile, "Usage: htdigest [-c] passwordfile realm username\n");
Packit 90a5c9 
    apr_file_printf(errfile, "The -c flag creates a new file.\n");
Packit 90a5c9 
    exit(1);
Packit 90a5c9 
}
Packit 90a5c9
Packit 90a5c9 
static void interrupted(void)
Packit 90a5c9 
{
Packit 90a5c9 
    apr_file_printf(errfile, "Interrupted.\n");
Packit 90a5c9 
    cleanup_tempfile_and_exit(1);
Packit 90a5c9 
}
Packit 90a5c9
Packit 90a5c9 
static void terminate(void)
Packit 90a5c9 
{
Packit 90a5c9 
    apr_terminate();
Packit 90a5c9 
#ifdef NETWARE
Packit 90a5c9 
    pressanykey();
Packit 90a5c9 
#endif
Packit 90a5c9 
}
Packit 90a5c9
Packit 90a5c9 
int main(int argc, const char * const argv[])
Packit 90a5c9 
{
Packit 90a5c9 
    apr_file_t *f;
Packit 90a5c9 
    apr_status_t rv;
Packit 90a5c9 
    char tn[] = "htdigest.tmp.XXXXXX";
Packit 90a5c9 
    char *dirname;
Packit 90a5c9 
    char user[MAX_STRING_LEN];
Packit 90a5c9 
    char realm[MAX_STRING_LEN];
Packit 90a5c9 
    char line[MAX_LINE_LEN];
Packit 90a5c9 
    char l[MAX_LINE_LEN];
Packit 90a5c9 
    char w[MAX_STRING_LEN];
Packit 90a5c9 
    char x[MAX_STRING_LEN];
Packit 90a5c9 
    int found;
Packit 90a5c9
Packit 90a5c9 
    apr_app_initialize(&argc, &argv, NULL);
Packit 90a5c9 
    atexit(terminate);
Packit 90a5c9 
    apr_pool_create(&cntxt, NULL);
Packit 90a5c9 
    apr_file_open_stderr(&errfile, cntxt);
Packit 90a5c9
Packit 90a5c9 
#if APR_CHARSET_EBCDIC
Packit 90a5c9 
    rv = apr_xlate_open(&to_ascii, "ISO-8859-1", APR_DEFAULT_CHARSET, cntxt);
Packit 90a5c9 
    if (rv) {
Packit 90a5c9 
        apr_file_printf(errfile, "apr_xlate_open(): %pm (%d)\n",
Packit 90a5c9 
                &rv, rv);
Packit 90a5c9 
        exit(1);
Packit 90a5c9 
    }
Packit 90a5c9 
#endif
Packit 90a5c9
Packit 90a5c9 
    apr_signal(SIGINT, (void (*)(int)) interrupted);
Packit 90a5c9 
    if (argc == 5) {
Packit 90a5c9 
        if (strcmp(argv[1], "-c"))
Packit 90a5c9 
            usage();
Packit 90a5c9 
        rv = apr_file_open(&f, argv[2], APR_WRITE | APR_CREATE,
Packit 90a5c9 
                           APR_OS_DEFAULT, cntxt);
Packit 90a5c9 
        if (rv != APR_SUCCESS) {
Packit 90a5c9 
            apr_file_printf(errfile, "Could not open passwd file %s for writing: %pm\n",
Packit 90a5c9 
                    argv[2], &rv;;
Packit 90a5c9 
            exit(1);
Packit 90a5c9 
        }
Packit 90a5c9 
        apr_cpystrn(user, argv[4], sizeof(user));
Packit 90a5c9 
        apr_cpystrn(realm, argv[3], sizeof(realm));
Packit 90a5c9 
        apr_file_printf(errfile, "Adding password for %s in realm %s.\n",
Packit 90a5c9 
                    user, realm);
Packit 90a5c9 
        add_password(user, realm, f);
Packit 90a5c9 
        apr_file_close(f);
Packit 90a5c9 
        exit(0);
Packit 90a5c9 
    }
Packit 90a5c9 
    else if (argc != 4)
Packit 90a5c9 
        usage();
Packit 90a5c9
Packit 90a5c9 
    if (apr_temp_dir_get((const char**)&dirname, cntxt) != APR_SUCCESS) {
Packit 90a5c9 
        apr_file_printf(errfile, "%s: could not determine temp dir\n",
Packit 90a5c9 
                        argv[0]);
Packit 90a5c9 
        exit(1);
Packit 90a5c9 
    }
Packit 90a5c9 
    dirname = apr_psprintf(cntxt, "%s/%s", dirname, tn);
Packit 90a5c9
Packit 90a5c9 
    if (apr_file_mktemp(&tfp, dirname, 0, cntxt) != APR_SUCCESS) {
Packit 90a5c9 
        apr_file_printf(errfile, "Could not open temp file %s.\n", dirname);
Packit 90a5c9 
        exit(1);
Packit 90a5c9 
    }
Packit 90a5c9
Packit 90a5c9 
    if (apr_file_open(&f, argv[1], APR_READ, APR_OS_DEFAULT, cntxt) != APR_SUCCESS) {
Packit 90a5c9 
        apr_file_printf(errfile,
Packit 90a5c9 
                "Could not open passwd file %s for reading.\n", argv[1]);
Packit 90a5c9 
        apr_file_printf(errfile, "Use -c option to create new one.\n");
Packit 90a5c9 
        cleanup_tempfile_and_exit(1);
Packit 90a5c9 
    }
Packit 90a5c9 
    apr_cpystrn(user, argv[3], sizeof(user));
Packit 90a5c9 
    apr_cpystrn(realm, argv[2], sizeof(realm));
Packit 90a5c9
Packit 90a5c9 
    found = 0;
Packit 90a5c9 
    while (!(get_line(line, sizeof(line), f))) {
Packit 90a5c9 
        if (found || (line[0] == '#') || (!line[0])) {
Packit 90a5c9 
            putline(tfp, line);
Packit 90a5c9 
            continue;
Packit 90a5c9 
        }
Packit 90a5c9 
        strcpy(l, line);
Packit 90a5c9 
        if (getword(w, l, ':') || getword(x, l, ':')) {
Packit 90a5c9 
            apr_file_printf(errfile, "The following line contains a string longer than the "
Packit 90a5c9 
                                     "allowed maximum size (%i): %s\n", MAX_STRING_LEN - 1, line);
Packit 90a5c9 
            cleanup_tempfile_and_exit(1);
Packit 90a5c9 
        }
Packit 90a5c9 
        if (strcmp(user, w) || strcmp(realm, x)) {
Packit 90a5c9 
            putline(tfp, line);
Packit 90a5c9 
            continue;
Packit 90a5c9 
        }
Packit 90a5c9 
        else {
Packit 90a5c9 
            apr_file_printf(errfile, "Changing password for user %s in realm %s\n",
Packit 90a5c9 
                    user, realm);
Packit 90a5c9 
            add_password(user, realm, tfp);
Packit 90a5c9 
            found = 1;
Packit 90a5c9 
        }
Packit 90a5c9 
    }
Packit 90a5c9 
    if (!found) {
Packit 90a5c9 
        apr_file_printf(errfile, "Adding user %s in realm %s\n", user, realm);
Packit 90a5c9 
        add_password(user, realm, tfp);
Packit 90a5c9 
    }
Packit 90a5c9 
    apr_file_close(f);
Packit 90a5c9
Packit 90a5c9 
    /* The temporary file has all the data, just copy it to the new location.
Packit 90a5c9 
     */
Packit 90a5c9 
    if (apr_file_copy(dirname, argv[1], APR_OS_DEFAULT, cntxt) !=
Packit 90a5c9 
                APR_SUCCESS) {
Packit 90a5c9 
        apr_file_printf(errfile, "%s: unable to update file %s\n",
Packit 90a5c9 
                        argv[0], argv[1]);
Packit 90a5c9 
    }
Packit 90a5c9 
    apr_file_close(tfp);
Packit 90a5c9
Packit 90a5c9 
    return 0;
Packit 90a5c9 
}

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation