chpasswd: support -c argument and respect DEFAULT_PASSWD_ALGO

Signed-off-by: Pascal Bach <pascal.bach@siemens.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
author: Pascal Bach <pascal.bach@siemens.com> 2015-12-18 19:01:14 +0100
committer: Denys Vlasenko <vda.linux@googlemail.com> 2015-12-18 19:01:14 +0100
commit: 2c0d3f5fd08ccc6963c402030efcbe8a2c028f2d (patch)
tree: 2b0429a21288e621a9195cd05fd96a422346bfbe
parent: b50525124228b566ccfd5c6df0647988bb2d2d3a (diff)
download: busybox-w32-2c0d3f5fd08ccc6963c402030efcbe8a2c028f2d.tar.gz
busybox-w32-2c0d3f5fd08ccc6963c402030efcbe8a2c028f2d.tar.bz2
busybox-w32-2c0d3f5fd08ccc6963c402030efcbe8a2c028f2d.zip
2 files changed, 23 insertions, 18 deletions
diff --git a/libbb/pw_encrypt.c b/libbb/pw_encrypt.c
index bfc7030a8..dbc15e5fc 100644
--- a/libbb/pw_encrypt.c
+++ b/libbb/pw_encrypt.c
@@ -52,14 +52,18 @@ char* FAST_FUNC crypt_make_pw_salt(char salt[MAX_PW_SALT_LEN], const char *algo)
 {
        int len = 2/2;
        char *salt_ptr = salt;
-        if (algo[0] != 'd') { /* not des */
+        /* Standard chpasswd uses uppercase algos ("MD5", not "md5").
+         * Need to be case-insensitive in the code below.
+         */
+        if ((algo[0]|0x20) != 'd') { /* not des */
                len = 8/2; /* so far assuming md5 */
                *salt_ptr++ = '$';
                *salt_ptr++ = '1';
                *salt_ptr++ = '$';
 #if !ENABLE_USE_BB_CRYPT || ENABLE_USE_BB_CRYPT_SHA
-                if (algo[0] == 's') { /* sha */
+                if ((algo[0]|0x20) == 's') { /* sha */
-                        salt[1] = '5' + (strcmp(algo, "sha512") == 0);
+                        salt[1] = '5' + (strcasecmp(algo, "sha512") == 0);
                        len = 16/2;
                }
 #endif
diff --git a/loginutils/chpasswd.c b/loginutils/chpasswd.c
index 6c41d17be..a022a42d6 100644
--- a/loginutils/chpasswd.c
+++ b/loginutils/chpasswd.c
@@ -24,26 +24,27 @@
 //kbuild:lib-$(CONFIG_CHPASSWD) += chpasswd.o
 //usage:#define chpasswd_trivial_usage
-//usage:        IF_LONG_OPTS("[--md5|--encrypted]") IF_NOT_LONG_OPTS("[-m|-e]")
+//usage:        IF_LONG_OPTS("[--md5|--encrypted|--crypt-method]") IF_NOT_LONG_OPTS("[-m|-e|-c]")
 //usage:#define chpasswd_full_usage "\n\n"
 //usage:       "Read user:password from stdin and update /etc/passwd\n"
 //usage:        IF_LONG_OPTS(
-//usage:     "\n        -e,--encrypted  Supplied passwords are in encrypted form"
+//usage:     "\n        -e,--encrypted          Supplied passwords are in encrypted form"
-//usage:     "\n        -m,--md5        Use MD5 encryption instead of DES"
+//usage:     "\n        -m,--md5                Use MD5 encryption instead of DES"
+//usage:     "\n        -c,--crypt-method       Use the specified method to encrypt the passwords"
 //usage:        )
 //usage:        IF_NOT_LONG_OPTS(
 //usage:     "\n        -e      Supplied passwords are in encrypted form"
 //usage:     "\n        -m      Use MD5 encryption instead of DES"
+//usage:     "\n        -c      Use the specified method to encrypt the passwords"
 //usage:        )
-//TODO: implement -c ALGO
 #include "libbb.h"
 #if ENABLE_LONG_OPTS
 static const char chpasswd_longopts[] ALIGN1 =
-        "encrypted\0" No_argument "e"
+        "encrypted\0"    No_argument       "e"
-        "md5\0"       No_argument "m"
+        "md5\0"          No_argument       "m"
+        "crypt-method\0" Required_argument "c"
        ;
 #endif
@@ -54,14 +55,15 @@ int chpasswd_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
 int chpasswd_main(int argc UNUSED_PARAM, char **argv)
 {
        char *name;
+        const char *algo = CONFIG_FEATURE_DEFAULT_PASSWD_ALGO;
        int opt;
        if (getuid() != 0)
                bb_error_msg_and_die(bb_msg_perm_denied_are_you_root);
-        opt_complementary = "m--e:e--m";
+        opt_complementary = "m--ec:e--mc:c--em";
        IF_LONG_OPTS(applet_long_options = chpasswd_longopts;)
-        opt = getopt32(argv, "em");
+        opt = getopt32(argv, "emc:", &algo);
        while ((name = xmalloc_fgetline(stdin)) != NULL) {
                char *free_me;
@@ -77,15 +79,14 @@ int chpasswd_main(int argc UNUSED_PARAM, char **argv)
                free_me = NULL;
                if (!(opt & OPT_ENC)) {
-                        char salt[sizeof("$N$XXXXXXXX")];
+                        char salt[MAX_PW_SALT_LEN];
-                        crypt_make_salt(salt, 1);
                        if (opt & OPT_MD5) {
-                                salt[0] = '$';
+                                /* Force MD5 if the -m flag is set */
-                                salt[1] = '1';
+                                algo = "md5";
-                                salt[2] = '$';
-                                crypt_make_salt(salt + 3, 4);
                        }
+                        crypt_make_pw_salt(salt, algo);
                        free_me = pass = pw_encrypt(pass, salt, 0);
                }
author	Pascal Bach <pascal.bach@siemens.com>	2015-12-18 19:01:14 +0100
committer	Denys Vlasenko <vda.linux@googlemail.com>	2015-12-18 19:01:14 +0100
commit	2c0d3f5fd08ccc6963c402030efcbe8a2c028f2d (patch)
tree	2b0429a21288e621a9195cd05fd96a422346bfbe
parent	b50525124228b566ccfd5c6df0647988bb2d2d3a (diff)
download	busybox-w32-2c0d3f5fd08ccc6963c402030efcbe8a2c028f2d.tar.gz busybox-w32-2c0d3f5fd08ccc6963c402030efcbe8a2c028f2d.tar.bz2 busybox-w32-2c0d3f5fd08ccc6963c402030efcbe8a2c028f2d.zip

diff --git a/libbb/pw_encrypt.c b/libbb/pw_encrypt.c index bfc7030a8..dbc15e5fc 100644 --- a/libbb/pw_encrypt.c +++ b/libbb/pw_encrypt.c
@@ -52,14 +52,18 @@ char* FAST_FUNC crypt_make_pw_salt(char salt[MAX_PW_SALT_LEN], const char *algo)
52	{	52	{
53	int len = 2/2;	53	int len = 2/2;
54	char *salt_ptr = salt;	54	char *salt_ptr = salt;
55	if (algo[0] != 'd') { /* not des */	55
		56	/* Standard chpasswd uses uppercase algos ("MD5", not "md5").
		57	* Need to be case-insensitive in the code below.
		58	*/
		59	if ((algo[0]\|0x20) != 'd') { /* not des */
56	len = 8/2; /* so far assuming md5 */	60	len = 8/2; /* so far assuming md5 */
57	*salt_ptr++ = '$';	61	*salt_ptr++ = '$';
58	*salt_ptr++ = '1';	62	*salt_ptr++ = '1';
59	*salt_ptr++ = '$';	63	*salt_ptr++ = '$';
60	#if !ENABLE_USE_BB_CRYPT \|\| ENABLE_USE_BB_CRYPT_SHA	64	#if !ENABLE_USE_BB_CRYPT \|\| ENABLE_USE_BB_CRYPT_SHA
61	if (algo[0] == 's') { /* sha */	65	if ((algo[0]\|0x20) == 's') { /* sha */
62	salt[1] = '5' + (strcmp(algo, "sha512") == 0);	66	salt[1] = '5' + (strcasecmp(algo, "sha512") == 0);
63	len = 16/2;	67	len = 16/2;
64	}	68	}
65	#endif	69	#endif


diff --git a/loginutils/chpasswd.c b/loginutils/chpasswd.c index 6c41d17be..a022a42d6 100644 --- a/loginutils/chpasswd.c +++ b/loginutils/chpasswd.c
@@ -24,26 +24,27 @@
24	//kbuild:lib-$(CONFIG_CHPASSWD) += chpasswd.o	24	//kbuild:lib-$(CONFIG_CHPASSWD) += chpasswd.o
25		25
26	//usage:#define chpasswd_trivial_usage	26	//usage:#define chpasswd_trivial_usage
27	//usage: IF_LONG_OPTS("[--md5\|--encrypted]") IF_NOT_LONG_OPTS("[-m\|-e]")	27	//usage: IF_LONG_OPTS("[--md5\|--encrypted\|--crypt-method]") IF_NOT_LONG_OPTS("[-m\|-e\|-c]")
28	//usage:#define chpasswd_full_usage "\n\n"	28	//usage:#define chpasswd_full_usage "\n\n"
29	//usage: "Read user:password from stdin and update /etc/passwd\n"	29	//usage: "Read user:password from stdin and update /etc/passwd\n"
30	//usage: IF_LONG_OPTS(	30	//usage: IF_LONG_OPTS(
31	//usage: "\n -e,--encrypted Supplied passwords are in encrypted form"	31	//usage: "\n -e,--encrypted Supplied passwords are in encrypted form"
32	//usage: "\n -m,--md5 Use MD5 encryption instead of DES"	32	//usage: "\n -m,--md5 Use MD5 encryption instead of DES"
		33	//usage: "\n -c,--crypt-method Use the specified method to encrypt the passwords"
33	//usage: )	34	//usage: )
34	//usage: IF_NOT_LONG_OPTS(	35	//usage: IF_NOT_LONG_OPTS(
35	//usage: "\n -e Supplied passwords are in encrypted form"	36	//usage: "\n -e Supplied passwords are in encrypted form"
36	//usage: "\n -m Use MD5 encryption instead of DES"	37	//usage: "\n -m Use MD5 encryption instead of DES"
		38	//usage: "\n -c Use the specified method to encrypt the passwords"
37	//usage: )	39	//usage: )
38		40
39	//TODO: implement -c ALGO
40
41	#include "libbb.h"	41	#include "libbb.h"
42		42
43	#if ENABLE_LONG_OPTS	43	#if ENABLE_LONG_OPTS
44	static const char chpasswd_longopts[] ALIGN1 =	44	static const char chpasswd_longopts[] ALIGN1 =
45	"encrypted\0" No_argument "e"	45	"encrypted\0" No_argument "e"
46	"md5\0" No_argument "m"	46	"md5\0" No_argument "m"
		47	"crypt-method\0" Required_argument "c"
47	;	48	;
48	#endif	49	#endif
49		50
@@ -54,14 +55,15 @@ int chpasswd_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
54	int chpasswd_main(int argc UNUSED_PARAM, char **argv)	55	int chpasswd_main(int argc UNUSED_PARAM, char **argv)
55	{	56	{
56	char *name;	57	char *name;
		58	const char *algo = CONFIG_FEATURE_DEFAULT_PASSWD_ALGO;
57	int opt;	59	int opt;
58		60
59	if (getuid() != 0)	61	if (getuid() != 0)
60	bb_error_msg_and_die(bb_msg_perm_denied_are_you_root);	62	bb_error_msg_and_die(bb_msg_perm_denied_are_you_root);
61		63
62	opt_complementary = "m--e:e--m";	64	opt_complementary = "m--ec:e--mc:c--em";
63	IF_LONG_OPTS(applet_long_options = chpasswd_longopts;)	65	IF_LONG_OPTS(applet_long_options = chpasswd_longopts;)
64	opt = getopt32(argv, "em");	66	opt = getopt32(argv, "emc:", &algo);
65		67
66	while ((name = xmalloc_fgetline(stdin)) != NULL) {	68	while ((name = xmalloc_fgetline(stdin)) != NULL) {
67	char *free_me;	69	char *free_me;
@@ -77,15 +79,14 @@ int chpasswd_main(int argc UNUSED_PARAM, char **argv)
77		79
78	free_me = NULL;	80	free_me = NULL;
79	if (!(opt & OPT_ENC)) {	81	if (!(opt & OPT_ENC)) {
80	char salt[sizeof("$N$XXXXXXXX")];	82	char salt[MAX_PW_SALT_LEN];
81		83
82	crypt_make_salt(salt, 1);
83	if (opt & OPT_MD5) {	84	if (opt & OPT_MD5) {
84	salt[0] = '$';	85	/* Force MD5 if the -m flag is set */
85	salt[1] = '1';	86	algo = "md5";
86	salt[2] = '$';
87	crypt_make_salt(salt + 3, 4);
88	}	87	}
		88
		89	crypt_make_pw_salt(salt, algo);
89	free_me = pass = pw_encrypt(pass, salt, 0);	90	free_me = pass = pw_encrypt(pass, salt, 0);
90	}	91	}
91		92