- add new applet mkpasswd(1)

function old new delta bb_ask - 355 +355 mkpasswd_main - 296 +296 .rodata 121746 121847 +101 packed_usage 24632 24689 +57 static.methods - 21 +21 gmatch 229 248 +19 bb_ask_stdin - 11 +11 applet_names 1949 1958 +9 applet_main 1172 1176 +4 sulogin_main 503 505 +2 applet_nameofs 586 588 +2 sha256_hash 329 327 -2 correct_password 208 206 -2 parse_command 1442 1439 -3 get_cred_or_die 145 141 -4 passwd_main 1054 1044 -10 bb_askpass 348 - -348 ------------------------------------------------------------------------------ (add/remove: 4/1 grow/shrink: 7/5 up/down: 877/-369) Total: 508 bytes
author: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com> 2008-12-03 18:48:39 +0000
committer: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com> 2008-12-03 18:48:39 +0000
commit: 82b142996625d6bf20ee667ce602496cb270fccc (patch)
tree: df4be1e1502cdbe3f49bf46c7bd00db764add571
parent: 81c3a1d0b2be02c1d675e6dceb500ce6b3da3282 (diff)
download: busybox-w32-82b142996625d6bf20ee667ce602496cb270fccc.tar.gz
busybox-w32-82b142996625d6bf20ee667ce602496cb270fccc.tar.bz2
busybox-w32-82b142996625d6bf20ee667ce602496cb270fccc.zip
11 files changed, 116 insertions, 16 deletions
diff --git a/include/applets.h b/include/applets.h
index ad3925577..9c844eeae 100644
--- a/include/applets.h
+++ b/include/applets.h
@@ -252,6 +252,7 @@ USE_MKFIFO(APPLET(mkfifo, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
 //USE_MKE2FS(APPLET_ODDNAME(mkfs.ext3, mke2fs, _BB_DIR_SBIN, _BB_SUID_NEVER, mkfs_ext3))
 USE_MKFS_MINIX(APPLET_ODDNAME(mkfs.minix, mkfs_minix, _BB_DIR_SBIN, _BB_SUID_NEVER, mkfs_minix))
 USE_MKNOD(APPLET(mknod, _BB_DIR_BIN, _BB_SUID_NEVER))
+USE_MKPASSWD(APPLET(mkpasswd, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
 USE_MKSWAP(APPLET(mkswap, _BB_DIR_SBIN, _BB_SUID_NEVER))
 USE_MKTEMP(APPLET(mktemp, _BB_DIR_BIN, _BB_SUID_NEVER))
 USE_MODPROBE(APPLET(modprobe, _BB_DIR_SBIN, _BB_SUID_NEVER))
diff --git a/include/libbb.h b/include/libbb.h
index acae93a56..a34e8a1f9 100644
--- a/include/libbb.h
+++ b/include/libbb.h
@@ -1021,9 +1021,10 @@ extern int del_loop(const char *device) FAST_FUNC;
 * return value: 1: read-only loopdev was setup, 0: rw, < 0: error */
 extern int set_loop(char **devname, const char *file, unsigned long long offset) FAST_FUNC;
+/* Like bb_ask below, but asks on stdin with no timeout.  */
+char *bb_ask_stdin(const char * prompt) FAST_FUNC;
 //TODO: pass buf pointer or return allocated buf (avoid statics)?
-char *bb_askpass(int timeout, const char * prompt) FAST_FUNC;
+char *bb_ask(const int fd, int timeout, const char * prompt) FAST_FUNC;
 int bb_ask_confirmation(void) FAST_FUNC;
 int bb_parse_mode(const char* s, mode_t* theMode) FAST_FUNC;
diff --git a/include/usage.h b/include/usage.h
index 000b864d6..a174222be 100644
--- a/include/usage.h
+++ b/include/usage.h
@@ -2618,6 +2618,21 @@
       "$ mknod /dev/fd0 b 2 0\n" \
       "$ mknod -m 644 /tmp/pipe p\n"
+#define mkpasswd_trivial_usage \
+       "[OPTIONS] [PASSWORD]"
+#define mkpasswd_full_usage "\n\n" \
+       "Crypts the PASSWORD using crypt(3)\n" \
+     "\nOptions:" \
+     "\n\t-P"USE_GETOPT_LONG(", --password-fd=")"NUM\tread password from fd NUM" \
+     "\n\t-s"USE_GETOPT_LONG(", --stdin")"\t\tuse stdin; like -P0" \
+     "\n\t-m"USE_GETOPT_LONG(", --method=")"TYPE\tEncryption method TYPE" \
+     "\n\t-S"USE_GETOPT_LONG(", --salt=")"SALT\t\tuse SALT" \
+     //"\n\t-l"USE_GETOPT_LONG(", --length=")"LEN\tRandom password with length LEN"
+#define mkpasswd_example_usage \
+       "$ mkpasswd -m md5\n" \
+       "$ mkpasswd -l 12\n"
 #define mkswap_trivial_usage \
       "DEVICE"
 #define mkswap_full_usage "\n\n" \
diff --git a/libbb/bb_askpass.c b/libbb/bb_askpass.c
index c97649733..c0dcf0c5f 100644
--- a/libbb/bb_askpass.c
+++ b/libbb/bb_askpass.c
@@ -15,7 +15,11 @@ static void askpass_timeout(int UNUSED_PARAM ignore)
 {
 }
-char* FAST_FUNC bb_askpass(int timeout, const char *prompt)
+char* FAST_FUNC bb_ask_stdin(const char *prompt)
+{
+        return bb_ask(STDIN_FILENO, 0, prompt);
+}
+char* FAST_FUNC bb_ask(const int fd, int timeout, const char *prompt)
 {
        /* Was static char[BIGNUM] */
        enum { sizeof_passwd = 128 };
@@ -30,8 +34,8 @@ char* FAST_FUNC bb_askpass(int timeout, const char *prompt)
                passwd = xmalloc(sizeof_passwd);
        memset(passwd, 0, sizeof_passwd);
-        tcgetattr(STDIN_FILENO, &oldtio);
+        tcgetattr(fd, &oldtio);
-        tcflush(STDIN_FILENO, TCIFLUSH);
+        tcflush(fd, TCIFLUSH);
        tio = oldtio;
        tio.c_iflag &= ~(IUCLC|IXON|IXOFF|IXANY);
        tio.c_lflag &= ~(ECHO|ECHOE|ECHOK|ECHONL|TOSTOP);
@@ -52,7 +56,7 @@ char* FAST_FUNC bb_askpass(int timeout, const char *prompt)
        ret = NULL;
        /* On timeout or Ctrl-C, read will hopefully be interrupted,
         * and we return NULL */
-        if (read(STDIN_FILENO, passwd, sizeof_passwd - 1) > 0) {
+        if (read(fd, passwd, sizeof_passwd - 1) > 0) {
                ret = passwd;
                i = 0;
                /* Last byte is guaranteed to be 0
diff --git a/libbb/correct_password.c b/libbb/correct_password.c
index 255b04870..6301589e6 100644
--- a/libbb/correct_password.c
+++ b/libbb/correct_password.c
@@ -68,7 +68,7 @@ int FAST_FUNC correct_password(const struct passwd *pw)
                return 1;
 fake_it:
-        unencrypted = bb_askpass(0, "Password: ");
+        unencrypted = bb_ask_stdin("Password: ");
        if (!unencrypted) {
                return 0;
        }
diff --git a/loginutils/Config.in b/loginutils/Config.in
index 5f66e8685..6efca7edf 100644
--- a/loginutils/Config.in
+++ b/loginutils/Config.in
@@ -252,6 +252,13 @@ config CHPASSWD
          standard input and uses this information to update a group of
          existing users.
+config MKPASSWD
+        bool "mkpasswd"
+        default n
+        help
+          mkpasswd encrypts the given password with the crypt(3) libc function
+          using the given salt.
 config SU
        bool "su"
        default n
diff --git a/loginutils/Kbuild b/loginutils/Kbuild
index 3d0d777e8..616d97721 100644
--- a/loginutils/Kbuild
+++ b/loginutils/Kbuild
@@ -11,6 +11,7 @@ lib-$(CONFIG_CRYPTPW)	+= cryptpw.o
 lib-$(CONFIG_CHPASSWD)  += chpasswd.o
 lib-$(CONFIG_GETTY)     += getty.o
 lib-$(CONFIG_LOGIN)     += login.o
+lib-$(CONFIG_MKPASSWD)  += mkpasswd.o
 lib-$(CONFIG_PASSWD)    += passwd.o
 lib-$(CONFIG_SU)        += su.o
 lib-$(CONFIG_SULOGIN)   += sulogin.o
diff --git a/loginutils/mkpasswd.c b/loginutils/mkpasswd.c
new file mode 100644
index 000000000..442738e03
--- /dev/null
+++ b/loginutils/mkpasswd.c
@@ -0,0 +1,71 @@
+/* vi: set sw=4 ts=4 sts=4: */
+/*
+ * mkpasswd - Overfeatured front end to crypt(3)
+ * Copyright (c) 2008 Bernhard Reutner-Fischer
+ *
+ * Licensed under GPLv2 or later, see file LICENSE in this tarball for details.
+ */
+#include "libbb.h"
+int mkpasswd_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
+int mkpasswd_main(int argc UNUSED_PARAM, char **argv)
+{
+        char *chp = NULL, *method = NULL, *salt = NULL;
+        char *encrypted;
+        int fd = STDIN_FILENO;
+        enum {
+                OPT_P = (1 << 0),
+                OPT_s = (1 << 1),
+                OPT_m = (1 << 2),
+                OPT_S = (1 << 3)
+        };
+        static const char methods[] ALIGN1 =
+                /*"des\0"*/"md5\0""sha-256\0""sha-512\0";
+        enum { TYPE_des, TYPE_md5, TYPE_sha256, TYPE_sha512 };
+        unsigned algo = TYPE_des, algobits = 1;
+#if ENABLE_GETOPT_LONG
+        static const char mkpasswd_longopts[] ALIGN1 =
+                "password-fd\0" Required_argument "P"
+                "stdin\0"               No_argument "s"
+                "method\0"              Required_argument "m"
+                "salt\0"                Required_argument "S"
+        ;
+        applet_long_options = mkpasswd_longopts;
+#endif
+        opt_complementary = "?1"; /* at most one non-option argument */
+        getopt32(argv, "P:sm:S:", &chp, &method, &salt);
+        argv += optind;
+        if (option_mask32 & OPT_P)
+                fd = xatoi_u(chp);
+        if (option_mask32 & OPT_m)
+                algo = index_in_strings(methods, method) + 1;
+        if (*argv) /* we have a cleartext passwd */
+                chp = *argv;
+        else
+                chp = bb_ask(fd, 0, "Password: ");
+        if (!salt)
+                salt = xmalloc(128);
+        if (algo) {
+                char foo[2];
+                foo[0] = foo[2] = '$';
+                algobits = 4;
+                /* MD5 == "$1$", SHA-256 == "$5$", SHA-512 == "$6$" */
+                if (algo > 1) {
+                        algo += 3;
+                        algobits = 8;
+                }
+                foo[1] = '0' + (algo);
+                strcpy(salt, foo);
+        }
+        /* The opt_complementary adds a bit of additional noise, which is good
+           but not strictly needed.  */
+        crypt_make_salt(salt + ((!!algo) * 3), algobits, (int)&opt_complementary);
+        encrypted = pw_encrypt(chp, salt, 1);
+        puts(encrypted);
+        if (ENABLE_FEATURE_CLEAN_UP) {
+                free(encrypted);
+        }
+        return EXIT_SUCCESS;
+}
diff --git a/loginutils/passwd.c b/loginutils/passwd.c
index b156ab5af..e3e74bae7 100644
--- a/loginutils/passwd.c
+++ b/loginutils/passwd.c
@@ -22,7 +22,7 @@ static char* new_password(const struct passwd *pw, uid_t myuid, int algo)
        if (myuid && pw->pw_passwd[0]) {
                char *encrypted;
-                orig = bb_askpass(0, "Old password:"); /* returns ptr to static */
+                orig = bb_ask_stdin("Old password:"); /* returns ptr to static */
                if (!orig)
                        goto err_ret;
                encrypted = pw_encrypt(orig, pw->pw_passwd, 1); /* returns malloced str */
@@ -35,16 +35,16 @@ static char* new_password(const struct passwd *pw, uid_t myuid, int algo)
                }
                if (ENABLE_FEATURE_CLEAN_UP) free(encrypted);
        }
-        orig = xstrdup(orig); /* or else bb_askpass() will destroy it */
+        orig = xstrdup(orig); /* or else bb_ask_stdin() will destroy it */
-        newp = bb_askpass(0, "New password:"); /* returns ptr to static */
+        newp = bb_ask_stdin("New password:"); /* returns ptr to static */
        if (!newp)
                goto err_ret;
-        newp = xstrdup(newp); /* we are going to bb_askpass() again, so save it */
+        newp = xstrdup(newp); /* we are going to bb_ask_stdin() again, so save it */
        if (ENABLE_FEATURE_PASSWD_WEAK_CHECK
         && obscure(orig, newp, pw) && myuid)
                goto err_ret; /* non-root is not allowed to have weak passwd */
-        cp = bb_askpass(0, "Retype password:");
+        cp = bb_ask_stdin("Retype password:");
        if (!cp)
                goto err_ret;
        if (strcmp(cp, newp)) {
diff --git a/loginutils/sulogin.c b/loginutils/sulogin.c
index 892c43484..4ffefe933 100644
--- a/loginutils/sulogin.c
+++ b/loginutils/sulogin.c
@@ -51,7 +51,7 @@ int sulogin_main(int argc UNUSED_PARAM, char **argv)
        /* Clear dangerous stuff, set PATH */
        sanitize_env_if_suid();
-// bb_askpass() already handles this
+// bb_ask() already handles this
 //      signal(SIGALRM, catchalarm);
        pwd = getpwuid(0);
@@ -77,7 +77,7 @@ int sulogin_main(int argc UNUSED_PARAM, char **argv)
                int r;
                /* cp points to a static buffer that is zeroed every time */
-                cp = bb_askpass(timeout,
+                cp = bb_ask(STDIN_FILENO, timeout,
                                "Give root password for system maintenance\n"
                                "(or type Control-D for normal startup):");
diff --git a/mailutils/mail.c b/mailutils/mail.c
index ab1304a7f..f30984897 100644
--- a/mailutils/mail.c
+++ b/mailutils/mail.c
@@ -228,8 +228,8 @@ void FAST_FUNC get_cred_or_die(int fd)
 {
        // either from TTY
        if (isatty(fd)) {
-                G.user = xstrdup(bb_askpass(0, "User: "));
+                G.user = xstrdup(bb_ask_stdin("User: "));
-                G.pass = xstrdup(bb_askpass(0, "Password: "));
+                G.pass = xstrdup(bb_ask_stdin("Password: "));
        // or from STDIN
        } else {
                FILE *fp = fdopen(fd, "r");
author	Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>	2008-12-03 18:48:39 +0000
committer	Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>	2008-12-03 18:48:39 +0000
commit	82b142996625d6bf20ee667ce602496cb270fccc (patch)
tree	df4be1e1502cdbe3f49bf46c7bd00db764add571
parent	81c3a1d0b2be02c1d675e6dceb500ce6b3da3282 (diff)
download	busybox-w32-82b142996625d6bf20ee667ce602496cb270fccc.tar.gz busybox-w32-82b142996625d6bf20ee667ce602496cb270fccc.tar.bz2 busybox-w32-82b142996625d6bf20ee667ce602496cb270fccc.zip

diff --git a/include/applets.h b/include/applets.h index ad3925577..9c844eeae 100644 --- a/include/applets.h +++ b/include/applets.h
@@ -252,6 +252,7 @@ USE_MKFIFO(APPLET(mkfifo, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
252	//USE_MKE2FS(APPLET_ODDNAME(mkfs.ext3, mke2fs, _BB_DIR_SBIN, _BB_SUID_NEVER, mkfs_ext3))	252	//USE_MKE2FS(APPLET_ODDNAME(mkfs.ext3, mke2fs, _BB_DIR_SBIN, _BB_SUID_NEVER, mkfs_ext3))
253	USE_MKFS_MINIX(APPLET_ODDNAME(mkfs.minix, mkfs_minix, _BB_DIR_SBIN, _BB_SUID_NEVER, mkfs_minix))	253	USE_MKFS_MINIX(APPLET_ODDNAME(mkfs.minix, mkfs_minix, _BB_DIR_SBIN, _BB_SUID_NEVER, mkfs_minix))
254	USE_MKNOD(APPLET(mknod, _BB_DIR_BIN, _BB_SUID_NEVER))	254	USE_MKNOD(APPLET(mknod, _BB_DIR_BIN, _BB_SUID_NEVER))
		255	USE_MKPASSWD(APPLET(mkpasswd, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
255	USE_MKSWAP(APPLET(mkswap, _BB_DIR_SBIN, _BB_SUID_NEVER))	256	USE_MKSWAP(APPLET(mkswap, _BB_DIR_SBIN, _BB_SUID_NEVER))
256	USE_MKTEMP(APPLET(mktemp, _BB_DIR_BIN, _BB_SUID_NEVER))	257	USE_MKTEMP(APPLET(mktemp, _BB_DIR_BIN, _BB_SUID_NEVER))
257	USE_MODPROBE(APPLET(modprobe, _BB_DIR_SBIN, _BB_SUID_NEVER))	258	USE_MODPROBE(APPLET(modprobe, _BB_DIR_SBIN, _BB_SUID_NEVER))


diff --git a/include/libbb.h b/include/libbb.h index acae93a56..a34e8a1f9 100644 --- a/include/libbb.h +++ b/include/libbb.h
@@ -1021,9 +1021,10 @@ extern int del_loop(const char *device) FAST_FUNC;
1021	* return value: 1: read-only loopdev was setup, 0: rw, < 0: error */	1021	* return value: 1: read-only loopdev was setup, 0: rw, < 0: error */
1022	extern int set_loop(char *devname, const char file, unsigned long long offset) FAST_FUNC;	1022	extern int set_loop(char *devname, const char file, unsigned long long offset) FAST_FUNC;
1023		1023
1024		1024	/* Like bb_ask below, but asks on stdin with no timeout. */
		1025	char bb_ask_stdin(const char prompt) FAST_FUNC;
1025	//TODO: pass buf pointer or return allocated buf (avoid statics)?	1026	//TODO: pass buf pointer or return allocated buf (avoid statics)?
1026	char bb_askpass(int timeout, const char prompt) FAST_FUNC;	1027	char bb_ask(const int fd, int timeout, const char prompt) FAST_FUNC;
1027	int bb_ask_confirmation(void) FAST_FUNC;	1028	int bb_ask_confirmation(void) FAST_FUNC;
1028		1029
1029	int bb_parse_mode(const char* s, mode_t* theMode) FAST_FUNC;	1030	int bb_parse_mode(const char* s, mode_t* theMode) FAST_FUNC;


diff --git a/include/usage.h b/include/usage.h index 000b864d6..a174222be 100644 --- a/include/usage.h +++ b/include/usage.h
@@ -2618,6 +2618,21 @@
2618	"$ mknod /dev/fd0 b 2 0\n" \	2618	"$ mknod /dev/fd0 b 2 0\n" \
2619	"$ mknod -m 644 /tmp/pipe p\n"	2619	"$ mknod -m 644 /tmp/pipe p\n"
2620		2620
		2621	#define mkpasswd_trivial_usage \
		2622	"[OPTIONS] [PASSWORD]"
		2623	#define mkpasswd_full_usage "\n\n" \
		2624	"Crypts the PASSWORD using crypt(3)\n" \
		2625	"\nOptions:" \
		2626	"\n\t-P"USE_GETOPT_LONG(", --password-fd=")"NUM\tread password from fd NUM" \
		2627	"\n\t-s"USE_GETOPT_LONG(", --stdin")"\t\tuse stdin; like -P0" \
		2628	"\n\t-m"USE_GETOPT_LONG(", --method=")"TYPE\tEncryption method TYPE" \
		2629	"\n\t-S"USE_GETOPT_LONG(", --salt=")"SALT\t\tuse SALT" \
		2630	//"\n\t-l"USE_GETOPT_LONG(", --length=")"LEN\tRandom password with length LEN"
		2631
		2632	#define mkpasswd_example_usage \
		2633	"$ mkpasswd -m md5\n" \
		2634	"$ mkpasswd -l 12\n"
		2635
2621	#define mkswap_trivial_usage \	2636	#define mkswap_trivial_usage \
2622	"DEVICE"	2637	"DEVICE"
2623	#define mkswap_full_usage "\n\n" \	2638	#define mkswap_full_usage "\n\n" \


diff --git a/libbb/bb_askpass.c b/libbb/bb_askpass.c index c97649733..c0dcf0c5f 100644 --- a/libbb/bb_askpass.c +++ b/libbb/bb_askpass.c
@@ -15,7 +15,11 @@ static void askpass_timeout(int UNUSED_PARAM ignore)
15	{	15	{
16	}	16	}
17		17
18	char* FAST_FUNC bb_askpass(int timeout, const char *prompt)	18	char* FAST_FUNC bb_ask_stdin(const char *prompt)
		19	{
		20	return bb_ask(STDIN_FILENO, 0, prompt);
		21	}
		22	char* FAST_FUNC bb_ask(const int fd, int timeout, const char *prompt)
19	{	23	{
20	/* Was static char[BIGNUM] */	24	/* Was static char[BIGNUM] */
21	enum { sizeof_passwd = 128 };	25	enum { sizeof_passwd = 128 };
@@ -30,8 +34,8 @@ char* FAST_FUNC bb_askpass(int timeout, const char *prompt)
30	passwd = xmalloc(sizeof_passwd);	34	passwd = xmalloc(sizeof_passwd);
31	memset(passwd, 0, sizeof_passwd);	35	memset(passwd, 0, sizeof_passwd);
32		36
33	tcgetattr(STDIN_FILENO, &oldtio);	37	tcgetattr(fd, &oldtio);
34	tcflush(STDIN_FILENO, TCIFLUSH);	38	tcflush(fd, TCIFLUSH);
35	tio = oldtio;	39	tio = oldtio;
36	tio.c_iflag &= ~(IUCLC\|IXON\|IXOFF\|IXANY);	40	tio.c_iflag &= ~(IUCLC\|IXON\|IXOFF\|IXANY);
37	tio.c_lflag &= ~(ECHO\|ECHOE\|ECHOK\|ECHONL\|TOSTOP);	41	tio.c_lflag &= ~(ECHO\|ECHOE\|ECHOK\|ECHONL\|TOSTOP);
@@ -52,7 +56,7 @@ char* FAST_FUNC bb_askpass(int timeout, const char *prompt)
52	ret = NULL;	56	ret = NULL;
53	/* On timeout or Ctrl-C, read will hopefully be interrupted,	57	/* On timeout or Ctrl-C, read will hopefully be interrupted,
54	* and we return NULL */	58	* and we return NULL */
55	if (read(STDIN_FILENO, passwd, sizeof_passwd - 1) > 0) {	59	if (read(fd, passwd, sizeof_passwd - 1) > 0) {
56	ret = passwd;	60	ret = passwd;
57	i = 0;	61	i = 0;
58	/* Last byte is guaranteed to be 0	62	/* Last byte is guaranteed to be 0


diff --git a/libbb/correct_password.c b/libbb/correct_password.c index 255b04870..6301589e6 100644 --- a/libbb/correct_password.c +++ b/libbb/correct_password.c
@@ -68,7 +68,7 @@ int FAST_FUNC correct_password(const struct passwd *pw)
68	return 1;	68	return 1;
69		69
70	fake_it:	70	fake_it:
71	unencrypted = bb_askpass(0, "Password: ");	71	unencrypted = bb_ask_stdin("Password: ");
72	if (!unencrypted) {	72	if (!unencrypted) {
73	return 0;	73	return 0;
74	}	74	}


diff --git a/loginutils/Config.in b/loginutils/Config.in index 5f66e8685..6efca7edf 100644 --- a/loginutils/Config.in +++ b/loginutils/Config.in
@@ -252,6 +252,13 @@ config CHPASSWD
252	standard input and uses this information to update a group of	252	standard input and uses this information to update a group of
253	existing users.	253	existing users.
254		254
		255	config MKPASSWD
		256	bool "mkpasswd"
		257	default n
		258	help
		259	mkpasswd encrypts the given password with the crypt(3) libc function
		260	using the given salt.
		261
255	config SU	262	config SU
256	bool "su"	263	bool "su"
257	default n	264	default n


diff --git a/loginutils/Kbuild b/loginutils/Kbuild index 3d0d777e8..616d97721 100644 --- a/loginutils/Kbuild +++ b/loginutils/Kbuild
@@ -11,6 +11,7 @@ lib-$(CONFIG_CRYPTPW) += cryptpw.o
11	lib-$(CONFIG_CHPASSWD) += chpasswd.o	11	lib-$(CONFIG_CHPASSWD) += chpasswd.o
12	lib-$(CONFIG_GETTY) += getty.o	12	lib-$(CONFIG_GETTY) += getty.o
13	lib-$(CONFIG_LOGIN) += login.o	13	lib-$(CONFIG_LOGIN) += login.o
		14	lib-$(CONFIG_MKPASSWD) += mkpasswd.o
14	lib-$(CONFIG_PASSWD) += passwd.o	15	lib-$(CONFIG_PASSWD) += passwd.o
15	lib-$(CONFIG_SU) += su.o	16	lib-$(CONFIG_SU) += su.o
16	lib-$(CONFIG_SULOGIN) += sulogin.o	17	lib-$(CONFIG_SULOGIN) += sulogin.o


diff --git a/loginutils/mkpasswd.c b/loginutils/mkpasswd.c new file mode 100644 index 000000000..442738e03 --- /dev/null +++ b/loginutils/mkpasswd.c
@@ -0,0 +1,71 @@
		1	/* vi: set sw=4 ts=4 sts=4: */
		2	/*
		3	* mkpasswd - Overfeatured front end to crypt(3)
		4	* Copyright (c) 2008 Bernhard Reutner-Fischer
		5	*
		6	* Licensed under GPLv2 or later, see file LICENSE in this tarball for details.
		7	*/
		8
		9	#include "libbb.h"
		10
		11	int mkpasswd_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
		12	int mkpasswd_main(int argc UNUSED_PARAM, char **argv)
		13	{
		14	char chp = NULL, method = NULL, *salt = NULL;
		15	char *encrypted;
		16	int fd = STDIN_FILENO;
		17	enum {
		18	OPT_P = (1 << 0),
		19	OPT_s = (1 << 1),
		20	OPT_m = (1 << 2),
		21	OPT_S = (1 << 3)
		22	};
		23	static const char methods[] ALIGN1 =
		24	/"des\0"/"md5\0""sha-256\0""sha-512\0";
		25	enum { TYPE_des, TYPE_md5, TYPE_sha256, TYPE_sha512 };
		26	unsigned algo = TYPE_des, algobits = 1;
		27	#if ENABLE_GETOPT_LONG
		28	static const char mkpasswd_longopts[] ALIGN1 =
		29	"password-fd\0" Required_argument "P"
		30	"stdin\0" No_argument "s"
		31	"method\0" Required_argument "m"
		32	"salt\0" Required_argument "S"
		33	;
		34	applet_long_options = mkpasswd_longopts;
		35	#endif
		36	opt_complementary = "?1"; /* at most one non-option argument */
		37	getopt32(argv, "P:sm:S:", &chp, &method, &salt);
		38	argv += optind;
		39	if (option_mask32 & OPT_P)
		40	fd = xatoi_u(chp);
		41	if (option_mask32 & OPT_m)
		42	algo = index_in_strings(methods, method) + 1;
		43	if (argv) / we have a cleartext passwd */
		44	chp = *argv;
		45	else
		46	chp = bb_ask(fd, 0, "Password: ");
		47	if (!salt)
		48	salt = xmalloc(128);
		49
		50	if (algo) {
		51	char foo[2];
		52	foo[0] = foo[2] = '$';
		53	algobits = 4;
		54	/* MD5 == "$1$", SHA-256 == "$5$", SHA-512 == "$6$" */
		55	if (algo > 1) {
		56	algo += 3;
		57	algobits = 8;
		58	}
		59	foo[1] = '0' + (algo);
		60	strcpy(salt, foo);
		61	}
		62	/* The opt_complementary adds a bit of additional noise, which is good
		63	but not strictly needed. */
		64	crypt_make_salt(salt + ((!!algo) * 3), algobits, (int)&opt_complementary);
		65	encrypted = pw_encrypt(chp, salt, 1);
		66	puts(encrypted);
		67	if (ENABLE_FEATURE_CLEAN_UP) {
		68	free(encrypted);
		69	}
		70	return EXIT_SUCCESS;
		71	}


diff --git a/loginutils/passwd.c b/loginutils/passwd.c index b156ab5af..e3e74bae7 100644 --- a/loginutils/passwd.c +++ b/loginutils/passwd.c
@@ -22,7 +22,7 @@ static char* new_password(const struct passwd *pw, uid_t myuid, int algo)
22	if (myuid && pw->pw_passwd[0]) {	22	if (myuid && pw->pw_passwd[0]) {
23	char *encrypted;	23	char *encrypted;
24		24
25	orig = bb_askpass(0, "Old password:"); /* returns ptr to static */	25	orig = bb_ask_stdin("Old password:"); /* returns ptr to static */
26	if (!orig)	26	if (!orig)
27	goto err_ret;	27	goto err_ret;
28	encrypted = pw_encrypt(orig, pw->pw_passwd, 1); /* returns malloced str */	28	encrypted = pw_encrypt(orig, pw->pw_passwd, 1); /* returns malloced str */
@@ -35,16 +35,16 @@ static char* new_password(const struct passwd *pw, uid_t myuid, int algo)
35	}	35	}
36	if (ENABLE_FEATURE_CLEAN_UP) free(encrypted);	36	if (ENABLE_FEATURE_CLEAN_UP) free(encrypted);
37	}	37	}
38	orig = xstrdup(orig); /* or else bb_askpass() will destroy it */	38	orig = xstrdup(orig); /* or else bb_ask_stdin() will destroy it */
39	newp = bb_askpass(0, "New password:"); /* returns ptr to static */	39	newp = bb_ask_stdin("New password:"); /* returns ptr to static */
40	if (!newp)	40	if (!newp)
41	goto err_ret;	41	goto err_ret;
42	newp = xstrdup(newp); /* we are going to bb_askpass() again, so save it */	42	newp = xstrdup(newp); /* we are going to bb_ask_stdin() again, so save it */
43	if (ENABLE_FEATURE_PASSWD_WEAK_CHECK	43	if (ENABLE_FEATURE_PASSWD_WEAK_CHECK
44	&& obscure(orig, newp, pw) && myuid)	44	&& obscure(orig, newp, pw) && myuid)
45	goto err_ret; /* non-root is not allowed to have weak passwd */	45	goto err_ret; /* non-root is not allowed to have weak passwd */
46		46
47	cp = bb_askpass(0, "Retype password:");	47	cp = bb_ask_stdin("Retype password:");
48	if (!cp)	48	if (!cp)
49	goto err_ret;	49	goto err_ret;
50	if (strcmp(cp, newp)) {	50	if (strcmp(cp, newp)) {


diff --git a/loginutils/sulogin.c b/loginutils/sulogin.c index 892c43484..4ffefe933 100644 --- a/loginutils/sulogin.c +++ b/loginutils/sulogin.c
@@ -51,7 +51,7 @@ int sulogin_main(int argc UNUSED_PARAM, char **argv)
51	/* Clear dangerous stuff, set PATH */	51	/* Clear dangerous stuff, set PATH */
52	sanitize_env_if_suid();	52	sanitize_env_if_suid();
53		53
54	// bb_askpass() already handles this	54	// bb_ask() already handles this
55	// signal(SIGALRM, catchalarm);	55	// signal(SIGALRM, catchalarm);
56		56
57	pwd = getpwuid(0);	57	pwd = getpwuid(0);
@@ -77,7 +77,7 @@ int sulogin_main(int argc UNUSED_PARAM, char **argv)
77	int r;	77	int r;
78		78
79	/* cp points to a static buffer that is zeroed every time */	79	/* cp points to a static buffer that is zeroed every time */
80	cp = bb_askpass(timeout,	80	cp = bb_ask(STDIN_FILENO, timeout,
81	"Give root password for system maintenance\n"	81	"Give root password for system maintenance\n"
82	"(or type Control-D for normal startup):");	82	"(or type Control-D for normal startup):");
83		83


diff --git a/mailutils/mail.c b/mailutils/mail.c index ab1304a7f..f30984897 100644 --- a/mailutils/mail.c +++ b/mailutils/mail.c
@@ -228,8 +228,8 @@ void FAST_FUNC get_cred_or_die(int fd)
228	{	228	{
229	// either from TTY	229	// either from TTY
230	if (isatty(fd)) {	230	if (isatty(fd)) {
231	G.user = xstrdup(bb_askpass(0, "User: "));	231	G.user = xstrdup(bb_ask_stdin("User: "));
232	G.pass = xstrdup(bb_askpass(0, "Password: "));	232	G.pass = xstrdup(bb_ask_stdin("Password: "));
233	// or from STDIN	233	// or from STDIN
234	} else {	234	} else {
235	FILE *fp = fdopen(fd, "r");	235	FILE *fp = fdopen(fd, "r");