- add new applet mkpasswd(1)

function old new delta bb_ask - 355 +355 mkpasswd_main - 296 +296 .rodata 121746 121847 +101 packed_usage 24632 24689 +57 static.methods - 21 +21 gmatch 229 248 +19 bb_ask_stdin - 11 +11 applet_names 1949 1958 +9 applet_main 1172 1176 +4 sulogin_main 503 505 +2 applet_nameofs 586 588 +2 sha256_hash 329 327 -2 correct_password 208 206 -2 parse_command 1442 1439 -3 get_cred_or_die 145 141 -4 passwd_main 1054 1044 -10 bb_askpass 348 - -348 ------------------------------------------------------------------------------ (add/remove: 4/1 grow/shrink: 7/5 up/down: 877/-369) Total: 508 bytes
author: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com> 2008-12-03 18:48:39 +0000
committer: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com> 2008-12-03 18:48:39 +0000
commit: 82b142996625d6bf20ee667ce602496cb270fccc (patch)
tree: df4be1e1502cdbe3f49bf46c7bd00db764add571 /loginutils
parent: 81c3a1d0b2be02c1d675e6dceb500ce6b3da3282 (diff)
download: busybox-w32-82b142996625d6bf20ee667ce602496cb270fccc.tar.gz
busybox-w32-82b142996625d6bf20ee667ce602496cb270fccc.tar.bz2
busybox-w32-82b142996625d6bf20ee667ce602496cb270fccc.zip
5 files changed, 86 insertions, 7 deletions
diff --git a/loginutils/Config.in b/loginutils/Config.in
index 5f66e8685..6efca7edf 100644
--- a/loginutils/Config.in
+++ b/loginutils/Config.in
@@ -252,6 +252,13 @@ config CHPASSWD
          standard input and uses this information to update a group of
          existing users.
+config MKPASSWD
+        bool "mkpasswd"
+        default n
+        help
+          mkpasswd encrypts the given password with the crypt(3) libc function
+          using the given salt.
 config SU
        bool "su"
        default n
diff --git a/loginutils/Kbuild b/loginutils/Kbuild
index 3d0d777e8..616d97721 100644
--- a/loginutils/Kbuild
+++ b/loginutils/Kbuild
@@ -11,6 +11,7 @@ lib-$(CONFIG_CRYPTPW)	+= cryptpw.o
 lib-$(CONFIG_CHPASSWD)  += chpasswd.o
 lib-$(CONFIG_GETTY)     += getty.o
 lib-$(CONFIG_LOGIN)     += login.o
+lib-$(CONFIG_MKPASSWD)  += mkpasswd.o
 lib-$(CONFIG_PASSWD)    += passwd.o
 lib-$(CONFIG_SU)        += su.o
 lib-$(CONFIG_SULOGIN)   += sulogin.o
diff --git a/loginutils/mkpasswd.c b/loginutils/mkpasswd.c
new file mode 100644
index 000000000..442738e03
--- /dev/null
+++ b/loginutils/mkpasswd.c
@@ -0,0 +1,71 @@
+/* vi: set sw=4 ts=4 sts=4: */
+/*
+ * mkpasswd - Overfeatured front end to crypt(3)
+ * Copyright (c) 2008 Bernhard Reutner-Fischer
+ *
+ * Licensed under GPLv2 or later, see file LICENSE in this tarball for details.
+ */
+#include "libbb.h"
+int mkpasswd_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
+int mkpasswd_main(int argc UNUSED_PARAM, char **argv)
+{
+        char *chp = NULL, *method = NULL, *salt = NULL;
+        char *encrypted;
+        int fd = STDIN_FILENO;
+        enum {
+                OPT_P = (1 << 0),
+                OPT_s = (1 << 1),
+                OPT_m = (1 << 2),
+                OPT_S = (1 << 3)
+        };
+        static const char methods[] ALIGN1 =
+                /*"des\0"*/"md5\0""sha-256\0""sha-512\0";
+        enum { TYPE_des, TYPE_md5, TYPE_sha256, TYPE_sha512 };
+        unsigned algo = TYPE_des, algobits = 1;
+#if ENABLE_GETOPT_LONG
+        static const char mkpasswd_longopts[] ALIGN1 =
+                "password-fd\0" Required_argument "P"
+                "stdin\0"               No_argument "s"
+                "method\0"              Required_argument "m"
+                "salt\0"                Required_argument "S"
+        ;
+        applet_long_options = mkpasswd_longopts;
+#endif
+        opt_complementary = "?1"; /* at most one non-option argument */
+        getopt32(argv, "P:sm:S:", &chp, &method, &salt);
+        argv += optind;
+        if (option_mask32 & OPT_P)
+                fd = xatoi_u(chp);
+        if (option_mask32 & OPT_m)
+                algo = index_in_strings(methods, method) + 1;
+        if (*argv) /* we have a cleartext passwd */
+                chp = *argv;
+        else
+                chp = bb_ask(fd, 0, "Password: ");
+        if (!salt)
+                salt = xmalloc(128);
+        if (algo) {
+                char foo[2];
+                foo[0] = foo[2] = '$';
+                algobits = 4;
+                /* MD5 == "$1$", SHA-256 == "$5$", SHA-512 == "$6$" */
+                if (algo > 1) {
+                        algo += 3;
+                        algobits = 8;
+                }
+                foo[1] = '0' + (algo);
+                strcpy(salt, foo);
+        }
+        /* The opt_complementary adds a bit of additional noise, which is good
+           but not strictly needed.  */
+        crypt_make_salt(salt + ((!!algo) * 3), algobits, (int)&opt_complementary);
+        encrypted = pw_encrypt(chp, salt, 1);
+        puts(encrypted);
+        if (ENABLE_FEATURE_CLEAN_UP) {
+                free(encrypted);
+        }
+        return EXIT_SUCCESS;
+}
diff --git a/loginutils/passwd.c b/loginutils/passwd.c
index b156ab5af..e3e74bae7 100644
--- a/loginutils/passwd.c
+++ b/loginutils/passwd.c
@@ -22,7 +22,7 @@ static char* new_password(const struct passwd *pw, uid_t myuid, int algo)
        if (myuid && pw->pw_passwd[0]) {
                char *encrypted;
-                orig = bb_askpass(0, "Old password:"); /* returns ptr to static */
+                orig = bb_ask_stdin("Old password:"); /* returns ptr to static */
                if (!orig)
                        goto err_ret;
                encrypted = pw_encrypt(orig, pw->pw_passwd, 1); /* returns malloced str */
@@ -35,16 +35,16 @@ static char* new_password(const struct passwd *pw, uid_t myuid, int algo)
                }
                if (ENABLE_FEATURE_CLEAN_UP) free(encrypted);
        }
-        orig = xstrdup(orig); /* or else bb_askpass() will destroy it */
+        orig = xstrdup(orig); /* or else bb_ask_stdin() will destroy it */
-        newp = bb_askpass(0, "New password:"); /* returns ptr to static */
+        newp = bb_ask_stdin("New password:"); /* returns ptr to static */
        if (!newp)
                goto err_ret;
-        newp = xstrdup(newp); /* we are going to bb_askpass() again, so save it */
+        newp = xstrdup(newp); /* we are going to bb_ask_stdin() again, so save it */
        if (ENABLE_FEATURE_PASSWD_WEAK_CHECK
         && obscure(orig, newp, pw) && myuid)
                goto err_ret; /* non-root is not allowed to have weak passwd */
-        cp = bb_askpass(0, "Retype password:");
+        cp = bb_ask_stdin("Retype password:");
        if (!cp)
                goto err_ret;
        if (strcmp(cp, newp)) {
diff --git a/loginutils/sulogin.c b/loginutils/sulogin.c
index 892c43484..4ffefe933 100644
--- a/loginutils/sulogin.c
+++ b/loginutils/sulogin.c
@@ -51,7 +51,7 @@ int sulogin_main(int argc UNUSED_PARAM, char **argv)
        /* Clear dangerous stuff, set PATH */
        sanitize_env_if_suid();
-// bb_askpass() already handles this
+// bb_ask() already handles this
 //      signal(SIGALRM, catchalarm);
        pwd = getpwuid(0);
@@ -77,7 +77,7 @@ int sulogin_main(int argc UNUSED_PARAM, char **argv)
                int r;
                /* cp points to a static buffer that is zeroed every time */
-                cp = bb_askpass(timeout,
+                cp = bb_ask(STDIN_FILENO, timeout,
                                "Give root password for system maintenance\n"
                                "(or type Control-D for normal startup):");
author	Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>	2008-12-03 18:48:39 +0000
committer	Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>	2008-12-03 18:48:39 +0000
commit	82b142996625d6bf20ee667ce602496cb270fccc (patch)
tree	df4be1e1502cdbe3f49bf46c7bd00db764add571 /loginutils
parent	81c3a1d0b2be02c1d675e6dceb500ce6b3da3282 (diff)
download	busybox-w32-82b142996625d6bf20ee667ce602496cb270fccc.tar.gz busybox-w32-82b142996625d6bf20ee667ce602496cb270fccc.tar.bz2 busybox-w32-82b142996625d6bf20ee667ce602496cb270fccc.zip

diff --git a/loginutils/Config.in b/loginutils/Config.in index 5f66e8685..6efca7edf 100644 --- a/loginutils/Config.in +++ b/loginutils/Config.in
@@ -252,6 +252,13 @@ config CHPASSWD
252	standard input and uses this information to update a group of	252	standard input and uses this information to update a group of
253	existing users.	253	existing users.
254		254
		255	config MKPASSWD
		256	bool "mkpasswd"
		257	default n
		258	help
		259	mkpasswd encrypts the given password with the crypt(3) libc function
		260	using the given salt.
		261
255	config SU	262	config SU
256	bool "su"	263	bool "su"
257	default n	264	default n


diff --git a/loginutils/Kbuild b/loginutils/Kbuild index 3d0d777e8..616d97721 100644 --- a/loginutils/Kbuild +++ b/loginutils/Kbuild
@@ -11,6 +11,7 @@ lib-$(CONFIG_CRYPTPW) += cryptpw.o
11	lib-$(CONFIG_CHPASSWD) += chpasswd.o	11	lib-$(CONFIG_CHPASSWD) += chpasswd.o
12	lib-$(CONFIG_GETTY) += getty.o	12	lib-$(CONFIG_GETTY) += getty.o
13	lib-$(CONFIG_LOGIN) += login.o	13	lib-$(CONFIG_LOGIN) += login.o
		14	lib-$(CONFIG_MKPASSWD) += mkpasswd.o
14	lib-$(CONFIG_PASSWD) += passwd.o	15	lib-$(CONFIG_PASSWD) += passwd.o
15	lib-$(CONFIG_SU) += su.o	16	lib-$(CONFIG_SU) += su.o
16	lib-$(CONFIG_SULOGIN) += sulogin.o	17	lib-$(CONFIG_SULOGIN) += sulogin.o


diff --git a/loginutils/mkpasswd.c b/loginutils/mkpasswd.c new file mode 100644 index 000000000..442738e03 --- /dev/null +++ b/loginutils/mkpasswd.c
@@ -0,0 +1,71 @@
		1	/* vi: set sw=4 ts=4 sts=4: */
		2	/*
		3	* mkpasswd - Overfeatured front end to crypt(3)
		4	* Copyright (c) 2008 Bernhard Reutner-Fischer
		5	*
		6	* Licensed under GPLv2 or later, see file LICENSE in this tarball for details.
		7	*/
		8
		9	#include "libbb.h"
		10
		11	int mkpasswd_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
		12	int mkpasswd_main(int argc UNUSED_PARAM, char **argv)
		13	{
		14	char chp = NULL, method = NULL, *salt = NULL;
		15	char *encrypted;
		16	int fd = STDIN_FILENO;
		17	enum {
		18	OPT_P = (1 << 0),
		19	OPT_s = (1 << 1),
		20	OPT_m = (1 << 2),
		21	OPT_S = (1 << 3)
		22	};
		23	static const char methods[] ALIGN1 =
		24	/"des\0"/"md5\0""sha-256\0""sha-512\0";
		25	enum { TYPE_des, TYPE_md5, TYPE_sha256, TYPE_sha512 };
		26	unsigned algo = TYPE_des, algobits = 1;
		27	#if ENABLE_GETOPT_LONG
		28	static const char mkpasswd_longopts[] ALIGN1 =
		29	"password-fd\0" Required_argument "P"
		30	"stdin\0" No_argument "s"
		31	"method\0" Required_argument "m"
		32	"salt\0" Required_argument "S"
		33	;
		34	applet_long_options = mkpasswd_longopts;
		35	#endif
		36	opt_complementary = "?1"; /* at most one non-option argument */
		37	getopt32(argv, "P:sm:S:", &chp, &method, &salt);
		38	argv += optind;
		39	if (option_mask32 & OPT_P)
		40	fd = xatoi_u(chp);
		41	if (option_mask32 & OPT_m)
		42	algo = index_in_strings(methods, method) + 1;
		43	if (argv) / we have a cleartext passwd */
		44	chp = *argv;
		45	else
		46	chp = bb_ask(fd, 0, "Password: ");
		47	if (!salt)
		48	salt = xmalloc(128);
		49
		50	if (algo) {
		51	char foo[2];
		52	foo[0] = foo[2] = '$';
		53	algobits = 4;
		54	/* MD5 == "$1$", SHA-256 == "$5$", SHA-512 == "$6$" */
		55	if (algo > 1) {
		56	algo += 3;
		57	algobits = 8;
		58	}
		59	foo[1] = '0' + (algo);
		60	strcpy(salt, foo);
		61	}
		62	/* The opt_complementary adds a bit of additional noise, which is good
		63	but not strictly needed. */
		64	crypt_make_salt(salt + ((!!algo) * 3), algobits, (int)&opt_complementary);
		65	encrypted = pw_encrypt(chp, salt, 1);
		66	puts(encrypted);
		67	if (ENABLE_FEATURE_CLEAN_UP) {
		68	free(encrypted);
		69	}
		70	return EXIT_SUCCESS;
		71	}


diff --git a/loginutils/passwd.c b/loginutils/passwd.c index b156ab5af..e3e74bae7 100644 --- a/loginutils/passwd.c +++ b/loginutils/passwd.c
@@ -22,7 +22,7 @@ static char* new_password(const struct passwd *pw, uid_t myuid, int algo)
22	if (myuid && pw->pw_passwd[0]) {	22	if (myuid && pw->pw_passwd[0]) {
23	char *encrypted;	23	char *encrypted;
24		24
25	orig = bb_askpass(0, "Old password:"); /* returns ptr to static */	25	orig = bb_ask_stdin("Old password:"); /* returns ptr to static */
26	if (!orig)	26	if (!orig)
27	goto err_ret;	27	goto err_ret;
28	encrypted = pw_encrypt(orig, pw->pw_passwd, 1); /* returns malloced str */	28	encrypted = pw_encrypt(orig, pw->pw_passwd, 1); /* returns malloced str */
@@ -35,16 +35,16 @@ static char* new_password(const struct passwd *pw, uid_t myuid, int algo)
35	}	35	}
36	if (ENABLE_FEATURE_CLEAN_UP) free(encrypted);	36	if (ENABLE_FEATURE_CLEAN_UP) free(encrypted);
37	}	37	}
38	orig = xstrdup(orig); /* or else bb_askpass() will destroy it */	38	orig = xstrdup(orig); /* or else bb_ask_stdin() will destroy it */
39	newp = bb_askpass(0, "New password:"); /* returns ptr to static */	39	newp = bb_ask_stdin("New password:"); /* returns ptr to static */
40	if (!newp)	40	if (!newp)
41	goto err_ret;	41	goto err_ret;
42	newp = xstrdup(newp); /* we are going to bb_askpass() again, so save it */	42	newp = xstrdup(newp); /* we are going to bb_ask_stdin() again, so save it */
43	if (ENABLE_FEATURE_PASSWD_WEAK_CHECK	43	if (ENABLE_FEATURE_PASSWD_WEAK_CHECK
44	&& obscure(orig, newp, pw) && myuid)	44	&& obscure(orig, newp, pw) && myuid)
45	goto err_ret; /* non-root is not allowed to have weak passwd */	45	goto err_ret; /* non-root is not allowed to have weak passwd */
46		46
47	cp = bb_askpass(0, "Retype password:");	47	cp = bb_ask_stdin("Retype password:");
48	if (!cp)	48	if (!cp)
49	goto err_ret;	49	goto err_ret;
50	if (strcmp(cp, newp)) {	50	if (strcmp(cp, newp)) {


diff --git a/loginutils/sulogin.c b/loginutils/sulogin.c index 892c43484..4ffefe933 100644 --- a/loginutils/sulogin.c +++ b/loginutils/sulogin.c
@@ -51,7 +51,7 @@ int sulogin_main(int argc UNUSED_PARAM, char **argv)
51	/* Clear dangerous stuff, set PATH */	51	/* Clear dangerous stuff, set PATH */
52	sanitize_env_if_suid();	52	sanitize_env_if_suid();
53		53
54	// bb_askpass() already handles this	54	// bb_ask() already handles this
55	// signal(SIGALRM, catchalarm);	55	// signal(SIGALRM, catchalarm);
56		56
57	pwd = getpwuid(0);	57	pwd = getpwuid(0);
@@ -77,7 +77,7 @@ int sulogin_main(int argc UNUSED_PARAM, char **argv)
77	int r;	77	int r;
78		78
79	/* cp points to a static buffer that is zeroed every time */	79	/* cp points to a static buffer that is zeroed every time */
80	cp = bb_askpass(timeout,	80	cp = bb_ask(STDIN_FILENO, timeout,
81	"Give root password for system maintenance\n"	81	"Give root password for system maintenance\n"
82	"(or type Control-D for normal startup):");	82	"(or type Control-D for normal startup):");
83		83