1 files changed, 151 insertions, 119 deletions
diff --git a/src/usr.bin/openssl/passwd.c b/src/usr.bin/openssl/passwd.c
index c29cccf6cf..6267328e62 100644
--- a/src/usr.bin/openssl/passwd.c
+++ b/src/usr.bin/openssl/passwd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: passwd.c,v 1.2 2014/10/22 13:54:03 jsing Exp $ */
+/* $OpenBSD: passwd.c,v 1.3 2015/01/05 15:25:39 jsing Exp $ */
 #if defined OPENSSL_NO_MD5
 #define NO_MD5CRYPT_1
@@ -40,140 +40,166 @@ do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
    char *passwd, BIO * out, int quiet, int table, int reverse,
    size_t pw_maxlen, int usecrypt, int use1, int useapr1);
-/* -crypt        - standard Unix password algorithm (default)
+static struct {
- * -1            - MD5-based password algorithm
+        char *infile;
- * -apr1         - MD5-based password algorithm, Apache variant
+        int in_stdin;
- * -salt string  - salt
+        int noverify;
- * -in file      - read passwords from file
+        int quiet;
- * -stdin        - read passwords from stdin
+        int reverse;
- * -noverify     - never verify when reading password from terminal
+        char *salt;
- * -quiet        - no warnings
+        int table;
- * -table        - format output as table
+        int use1;
- * -reverse      - switch table columns
+        int useapr1;
- */
+        int usecrypt;
+} passwd_config;
+static struct option passwd_options[] = {
+#ifndef NO_MD5CRYPT_1
+        {
+                .name = "1",
+                .desc = "Use MD5 based BSD password algorithm 1",
+                .type = OPTION_FLAG,
+                .opt.flag = &passwd_config.use1,
+        },
+        {
+                .name = "apr1",
+                .desc = "Use apr1 algorithm (Apache variant of BSD algorithm)",
+                .type = OPTION_FLAG,
+                .opt.flag = &passwd_config.useapr1,
+        },
+#endif
+#ifndef OPENSSL_NO_DES
+        {
+                .name = "crypt",
+                .desc = "Use crypt algorithm (default)",
+                .type = OPTION_FLAG,
+                .opt.flag = &passwd_config.usecrypt,
+        },
+#endif
+        {
+                .name = "in",
+                .argname = "file",
+                .desc = "Read passwords from specified file",
+                .type = OPTION_ARG,
+                .opt.arg = &passwd_config.infile,
+        },
+        {
+                .name = "noverify",
+                .desc = "Do not verify password",
+                .type = OPTION_FLAG,
+                .opt.flag = &passwd_config.noverify,
+        },
+        {
+                .name = "quiet",
+                .desc = "Do not output warnings",
+                .type = OPTION_FLAG,
+                .opt.flag = &passwd_config.quiet,
+        },
+        {
+                .name = "reverse",
+                .desc = "Reverse table columns (requires -table)",
+                .type = OPTION_FLAG,
+                .opt.flag = &passwd_config.reverse,
+        },
+        {
+                .name = "salt",
+                .argname = "string",
+                .desc = "Use specified salt",
+                .type = OPTION_ARG,
+                .opt.arg = &passwd_config.salt,
+        },
+        {
+                .name = "stdin",
+                .desc = "Read passwords from stdin",
+                .type = OPTION_FLAG,
+                .opt.flag = &passwd_config.in_stdin,
+        },
+        {
+                .name = "table",
+                .desc = "Output cleartext and hashed passwords (tab separated)",
+                .type = OPTION_FLAG,
+                .opt.flag = &passwd_config.table,
+        },
+        { NULL },
+};
+static void
+passwd_usage(void)
+{
+        fprintf(stderr, "usage: passwd [-1 | -apr1 | -crypt] [-in file] "
+            "[-noverify] [-quiet]\n"
+            "    [-reverse] [-salt string] [-stdin] [-table] [password]\n\n");
+        options_usage(passwd_options);
+}
 int passwd_main(int, char **);
 int
 passwd_main(int argc, char **argv)
 {
-        int ret = 1;
+        char *passwd = NULL, **passwds = NULL;
-        char *infile = NULL;
-        int in_stdin = 0;
-        int in_noverify = 0;
-        char *salt = NULL, *passwd = NULL, **passwds = NULL;
        char *salt_malloc = NULL, *passwd_malloc = NULL;
        size_t passwd_malloc_size = 0;
-        int pw_source_defined = 0;
        BIO *in = NULL, *out = NULL;
-        int i, badopt, opt_done;
+        int badopt = 0;
-        int passed_salt = 0, quiet = 0, table = 0, reverse = 0;
+        int passed_salt = 0;
-        int usecrypt = 0, use1 = 0, useapr1 = 0;
        size_t pw_maxlen = 0;
+        int argsused;
+        int ret = 1;
-        out = BIO_new(BIO_s_file());
+        memset(&passwd_config, 0, sizeof(passwd_config));
-        if (out == NULL)
-                goto err;
-        BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT);
-        badopt = 0, opt_done = 0;
+        if (options_parse(argc, argv, passwd_options, NULL, &argsused) != 0) {
-        i = 0;
+                passwd_usage();
-        while (!badopt && !opt_done && argv[++i] != NULL) {
+                goto err;
-                if (strcmp(argv[i], "-crypt") == 0)
-                        usecrypt = 1;
-                else if (strcmp(argv[i], "-1") == 0)
-                        use1 = 1;
-                else if (strcmp(argv[i], "-apr1") == 0)
-                        useapr1 = 1;
-                else if (strcmp(argv[i], "-salt") == 0) {
-                        if ((argv[i + 1] != NULL) && (salt == NULL)) {
-                                passed_salt = 1;
-                                salt = argv[++i];
-                        } else
-                                badopt = 1;
-                } else if (strcmp(argv[i], "-in") == 0) {
-                        if ((argv[i + 1] != NULL) && !pw_source_defined) {
-                                pw_source_defined = 1;
-                                infile = argv[++i];
-                        } else
-                                badopt = 1;
-                } else if (strcmp(argv[i], "-stdin") == 0) {
-                        if (!pw_source_defined) {
-                                pw_source_defined = 1;
-                                in_stdin = 1;
-                        } else
-                                badopt = 1;
-                } else if (strcmp(argv[i], "-noverify") == 0)
-                        in_noverify = 1;
-                else if (strcmp(argv[i], "-quiet") == 0)
-                        quiet = 1;
-                else if (strcmp(argv[i], "-table") == 0)
-                        table = 1;
-                else if (strcmp(argv[i], "-reverse") == 0)
-                        reverse = 1;
-                else if (argv[i][0] == '-')
-                        badopt = 1;
-                else if (!pw_source_defined)
-                        /* non-option arguments, use as passwords */
-                {
-                        pw_source_defined = 1;
-                        passwds = &argv[i];
-                        opt_done = 1;
-                } else
-                        badopt = 1;
        }
-        if (!usecrypt && !use1 && !useapr1)     /* use default */
+        if (argsused < argc)
-                usecrypt = 1;
+                passwds = &argv[argsused];
-        if (usecrypt + use1 + useapr1 > 1)      /* conflict */
+        if (passwd_config.salt != NULL)
-                badopt = 1;
+                passed_salt = 1;
-        /* reject unsupported algorithms */
+        if (!passwd_config.usecrypt && !passwd_config.use1 &&
+            !passwd_config.useapr1)
+                passwd_config.usecrypt = 1;     /* use default */
+        if (passwd_config.usecrypt + passwd_config.use1 +
+            passwd_config.useapr1 > 1)
+                badopt = 1;     /* conflicting options */
+        /* Reject unsupported algorithms */
 #ifdef OPENSSL_NO_DES
-        if (usecrypt)
+        if (passwd_config.usecrypt)
                badopt = 1;
 #endif
 #ifdef NO_MD5CRYPT_1
-        if (use1 || useapr1)
+        if (passwd_config.use1 || passwd_config.useapr1)
                badopt = 1;
 #endif
        if (badopt) {
-                BIO_printf(bio_err, "Usage: passwd [options] [passwords]\n");
+                passwd_usage();
-                BIO_printf(bio_err, "where options are\n");
-#ifndef OPENSSL_NO_DES
-                BIO_printf(bio_err, "-crypt             standard Unix password algorithm (default)\n");
-#endif
-#ifndef NO_MD5CRYPT_1
-                BIO_printf(bio_err, "-1                 MD5-based password algorithm\n");
-                BIO_printf(bio_err, "-apr1              MD5-based password algorithm, Apache variant\n");
-#endif
-                BIO_printf(bio_err, "-salt string       use provided salt\n");
-                BIO_printf(bio_err, "-in file           read passwords from file\n");
-                BIO_printf(bio_err, "-stdin             read passwords from stdin\n");
-                BIO_printf(bio_err, "-noverify          never verify when reading password from terminal\n");
-                BIO_printf(bio_err, "-quiet             no warnings\n");
-                BIO_printf(bio_err, "-table             format output as table\n");
-                BIO_printf(bio_err, "-reverse           switch table columns\n");
                goto err;
        }
-        if ((infile != NULL) || in_stdin) {
-                in = BIO_new(BIO_s_file());
+        if ((out = BIO_new(BIO_s_file())) == NULL)
-                if (in == NULL)
+                goto err;
+        BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT);
+        if (passwd_config.infile != NULL || passwd_config.in_stdin) {
+                if ((in = BIO_new(BIO_s_file())) == NULL)
                        goto err;
-                if (infile != NULL) {
+                if (passwd_config.infile != NULL) {
-                        assert(in_stdin == 0);
+                        assert(passwd_config.in_stdin == 0);
-                        if (BIO_read_filename(in, infile) <= 0)
+                        if (BIO_read_filename(in, passwd_config.infile) <= 0)
                                goto err;
                } else {
-                        assert(in_stdin);
+                        assert(passwd_config.in_stdin);
                        BIO_set_fp(in, stdin, BIO_NOCLOSE);
                }
        }
-        if (usecrypt)
+        if (passwd_config.usecrypt)
                pw_maxlen = 8;
-        else if (use1 || useapr1)
+        else if (passwd_config.use1 || passwd_config.useapr1)
                pw_maxlen = 256;/* arbitrary limit, should be enough for most
                                 * passwords */
@@ -186,13 +212,15 @@ passwd_main(int argc, char **argv)
                if (passwd_malloc == NULL)
                        goto err;
        }
-        if ((in == NULL) && (passwds == NULL)) {
+        if (in == NULL && passwds == NULL) {
                /* build a null-terminated list */
                static char *passwds_static[2] = {NULL, NULL};
                passwds = passwds_static;
                if (in == NULL)
-                        if (EVP_read_pw_string(passwd_malloc, passwd_malloc_size, "Password: ", !(passed_salt || in_noverify)) != 0)
+                        if (EVP_read_pw_string(passwd_malloc,
+                            passwd_malloc_size, "Password: ",
+                            !(passed_salt || passwd_config.noverify)) != 0)
                                goto err;
                passwds[0] = passwd_malloc;
        }
@@ -200,16 +228,16 @@ passwd_main(int argc, char **argv)
                assert(passwds != NULL);
                assert(*passwds != NULL);
-                do {            /* loop over list of passwords */
+                do {    /* loop over list of passwords */
                        passwd = *passwds++;
-                        if (!do_passwd(passed_salt, &salt, &salt_malloc, passwd, out,
+                        if (!do_passwd(passed_salt, &passwd_config.salt,
-                                quiet, table, reverse, pw_maxlen, usecrypt, use1, useapr1))
+                            &salt_malloc, passwd, out, passwd_config.quiet,
+                            passwd_config.table, passwd_config.reverse,
+                            pw_maxlen, passwd_config.usecrypt,
+                            passwd_config.use1, passwd_config.useapr1))
                                goto err;
-                }
+                } while (*passwds != NULL);
-                while (*passwds != NULL);
+        } else {
-        } else
-                /* in != NULL */
-        {
                int done;
                assert(passwd != NULL);
@@ -227,23 +255,27 @@ passwd_main(int argc, char **argv)
                                        while ((r > 0) && (!strchr(trash, '\n')));
                                }
-                                if (!do_passwd(passed_salt, &salt, &salt_malloc, passwd, out,
+                                if (!do_passwd(passed_salt, &passwd_config.salt,
-                                        quiet, table, reverse, pw_maxlen, usecrypt, use1, useapr1))
+                                    &salt_malloc, passwd, out,
+                                    passwd_config.quiet, passwd_config.table,
+                                    passwd_config.reverse, pw_maxlen,
+                                    passwd_config.usecrypt, passwd_config.use1,
+                                    passwd_config.useapr1))
                                        goto err;
                        }
                        done = (r <= 0);
-                }
+                } while (!done);
-                while (!done);
        }
        ret = 0;
 err:
        ERR_print_errors(bio_err);
        free(salt_malloc);
        free(passwd_malloc);
        BIO_free(in);
-        if (out)
+        BIO_free_all(out);
-                BIO_free_all(out);
        return (ret);
 }

diff --git a/src/usr.bin/openssl/passwd.c b/src/usr.bin/openssl/passwd.c index c29cccf6cf..6267328e62 100644 --- a/src/usr.bin/openssl/passwd.c +++ b/src/usr.bin/openssl/passwd.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: passwd.c,v 1.2 2014/10/22 13:54:03 jsing Exp $ */	1	/* $OpenBSD: passwd.c,v 1.3 2015/01/05 15:25:39 jsing Exp $ */
2		2
3	#if defined OPENSSL_NO_MD5	3	#if defined OPENSSL_NO_MD5
4	#define NO_MD5CRYPT_1	4	#define NO_MD5CRYPT_1
@@ -40,140 +40,166 @@ do_passwd(int passed_salt, char salt_p, char salt_malloc_p,
40	char passwd, BIO out, int quiet, int table, int reverse,	40	char passwd, BIO out, int quiet, int table, int reverse,
41	size_t pw_maxlen, int usecrypt, int use1, int useapr1);	41	size_t pw_maxlen, int usecrypt, int use1, int useapr1);
42		42
43	/* -crypt - standard Unix password algorithm (default)	43	static struct {
44	* -1 - MD5-based password algorithm	44	char *infile;
45	* -apr1 - MD5-based password algorithm, Apache variant	45	int in_stdin;
46	* -salt string - salt	46	int noverify;
47	* -in file - read passwords from file	47	int quiet;
48	* -stdin - read passwords from stdin	48	int reverse;
49	* -noverify - never verify when reading password from terminal	49	char *salt;
50	* -quiet - no warnings	50	int table;
51	* -table - format output as table	51	int use1;
52	* -reverse - switch table columns	52	int useapr1;
53	*/	53	int usecrypt;
		54	} passwd_config;
		55
		56	static struct option passwd_options[] = {
		57	#ifndef NO_MD5CRYPT_1
		58	{
		59	.name = "1",
		60	.desc = "Use MD5 based BSD password algorithm 1",
		61	.type = OPTION_FLAG,
		62	.opt.flag = &passwd_config.use1,
		63	},
		64	{
		65	.name = "apr1",
		66	.desc = "Use apr1 algorithm (Apache variant of BSD algorithm)",
		67	.type = OPTION_FLAG,
		68	.opt.flag = &passwd_config.useapr1,
		69	},
		70	#endif
		71	#ifndef OPENSSL_NO_DES
		72	{
		73	.name = "crypt",
		74	.desc = "Use crypt algorithm (default)",
		75	.type = OPTION_FLAG,
		76	.opt.flag = &passwd_config.usecrypt,
		77	},
		78	#endif
		79	{
		80	.name = "in",
		81	.argname = "file",
		82	.desc = "Read passwords from specified file",
		83	.type = OPTION_ARG,
		84	.opt.arg = &passwd_config.infile,
		85	},
		86	{
		87	.name = "noverify",
		88	.desc = "Do not verify password",
		89	.type = OPTION_FLAG,
		90	.opt.flag = &passwd_config.noverify,
		91	},
		92	{
		93	.name = "quiet",
		94	.desc = "Do not output warnings",
		95	.type = OPTION_FLAG,
		96	.opt.flag = &passwd_config.quiet,
		97	},
		98	{
		99	.name = "reverse",
		100	.desc = "Reverse table columns (requires -table)",
		101	.type = OPTION_FLAG,
		102	.opt.flag = &passwd_config.reverse,
		103	},
		104	{
		105	.name = "salt",
		106	.argname = "string",
		107	.desc = "Use specified salt",
		108	.type = OPTION_ARG,
		109	.opt.arg = &passwd_config.salt,
		110	},
		111	{
		112	.name = "stdin",
		113	.desc = "Read passwords from stdin",
		114	.type = OPTION_FLAG,
		115	.opt.flag = &passwd_config.in_stdin,
		116	},
		117	{
		118	.name = "table",
		119	.desc = "Output cleartext and hashed passwords (tab separated)",
		120	.type = OPTION_FLAG,
		121	.opt.flag = &passwd_config.table,
		122	},
		123	{ NULL },
		124	};
		125
		126	static void
		127	passwd_usage(void)
		128	{
		129	fprintf(stderr, "usage: passwd [-1 \| -apr1 \| -crypt] [-in file] "
		130	"[-noverify] [-quiet]\n"
		131	" [-reverse] [-salt string] [-stdin] [-table] [password]\n\n");
		132	options_usage(passwd_options);
		133	}
54		134
55	int passwd_main(int, char **);	135	int passwd_main(int, char **);
56		136
57	int	137	int
58	passwd_main(int argc, char **argv)	138	passwd_main(int argc, char **argv)
59	{	139	{
60	int ret = 1;	140	char passwd = NULL, *passwds = NULL;
61	char *infile = NULL;
62	int in_stdin = 0;
63	int in_noverify = 0;
64	char salt = NULL, passwd = NULL, **passwds = NULL;
65	char salt_malloc = NULL, passwd_malloc = NULL;	141	char salt_malloc = NULL, passwd_malloc = NULL;
66	size_t passwd_malloc_size = 0;	142	size_t passwd_malloc_size = 0;
67	int pw_source_defined = 0;
68	BIO in = NULL, out = NULL;	143	BIO in = NULL, out = NULL;
69	int i, badopt, opt_done;	144	int badopt = 0;
70	int passed_salt = 0, quiet = 0, table = 0, reverse = 0;	145	int passed_salt = 0;
71	int usecrypt = 0, use1 = 0, useapr1 = 0;
72	size_t pw_maxlen = 0;	146	size_t pw_maxlen = 0;
		147	int argsused;
		148	int ret = 1;
73		149
74	out = BIO_new(BIO_s_file());	150	memset(&passwd_config, 0, sizeof(passwd_config));
75	if (out == NULL)
76	goto err;
77	BIO_set_fp(out, stdout, BIO_NOCLOSE \| BIO_FP_TEXT);
78		151
79	badopt = 0, opt_done = 0;	152	if (options_parse(argc, argv, passwd_options, NULL, &argsused) != 0) {
80	i = 0;	153	passwd_usage();
81	while (!badopt && !opt_done && argv[++i] != NULL) {	154	goto err;
82	if (strcmp(argv[i], "-crypt") == 0)
83	usecrypt = 1;
84	else if (strcmp(argv[i], "-1") == 0)
85	use1 = 1;
86	else if (strcmp(argv[i], "-apr1") == 0)
87	useapr1 = 1;
88	else if (strcmp(argv[i], "-salt") == 0) {
89	if ((argv[i + 1] != NULL) && (salt == NULL)) {
90	passed_salt = 1;
91	salt = argv[++i];
92	} else
93	badopt = 1;
94	} else if (strcmp(argv[i], "-in") == 0) {
95	if ((argv[i + 1] != NULL) && !pw_source_defined) {
96	pw_source_defined = 1;
97	infile = argv[++i];
98	} else
99	badopt = 1;
100	} else if (strcmp(argv[i], "-stdin") == 0) {
101	if (!pw_source_defined) {
102	pw_source_defined = 1;
103	in_stdin = 1;
104	} else
105	badopt = 1;
106	} else if (strcmp(argv[i], "-noverify") == 0)
107	in_noverify = 1;
108	else if (strcmp(argv[i], "-quiet") == 0)
109	quiet = 1;
110	else if (strcmp(argv[i], "-table") == 0)
111	table = 1;
112	else if (strcmp(argv[i], "-reverse") == 0)
113	reverse = 1;
114	else if (argv[i][0] == '-')
115	badopt = 1;
116	else if (!pw_source_defined)
117	/* non-option arguments, use as passwords */
118	{
119	pw_source_defined = 1;
120	passwds = &argv[i];
121	opt_done = 1;
122	} else
123	badopt = 1;
124	}	155	}
125		156
126	if (!usecrypt && !use1 && !useapr1) /* use default */	157	if (argsused < argc)
127	usecrypt = 1;	158	passwds = &argv[argsused];
128	if (usecrypt + use1 + useapr1 > 1) /* conflict */	159	if (passwd_config.salt != NULL)
129	badopt = 1;	160	passed_salt = 1;
130		161
131	/* reject unsupported algorithms */	162	if (!passwd_config.usecrypt && !passwd_config.use1 &&
		163	!passwd_config.useapr1)
		164	passwd_config.usecrypt = 1; /* use default */
		165	if (passwd_config.usecrypt + passwd_config.use1 +
		166	passwd_config.useapr1 > 1)
		167	badopt = 1; /* conflicting options */
		168
		169	/* Reject unsupported algorithms */
132	#ifdef OPENSSL_NO_DES	170	#ifdef OPENSSL_NO_DES
133	if (usecrypt)	171	if (passwd_config.usecrypt)
134	badopt = 1;	172	badopt = 1;
135	#endif	173	#endif
136	#ifdef NO_MD5CRYPT_1	174	#ifdef NO_MD5CRYPT_1
137	if (use1 \|\| useapr1)	175	if (passwd_config.use1 \|\| passwd_config.useapr1)
138	badopt = 1;	176	badopt = 1;
139	#endif	177	#endif
140		178
141	if (badopt) {	179	if (badopt) {
142	BIO_printf(bio_err, "Usage: passwd [options] [passwords]\n");	180	passwd_usage();
143	BIO_printf(bio_err, "where options are\n");
144	#ifndef OPENSSL_NO_DES
145	BIO_printf(bio_err, "-crypt standard Unix password algorithm (default)\n");
146	#endif
147	#ifndef NO_MD5CRYPT_1
148	BIO_printf(bio_err, "-1 MD5-based password algorithm\n");
149	BIO_printf(bio_err, "-apr1 MD5-based password algorithm, Apache variant\n");
150	#endif
151	BIO_printf(bio_err, "-salt string use provided salt\n");
152	BIO_printf(bio_err, "-in file read passwords from file\n");
153	BIO_printf(bio_err, "-stdin read passwords from stdin\n");
154	BIO_printf(bio_err, "-noverify never verify when reading password from terminal\n");
155	BIO_printf(bio_err, "-quiet no warnings\n");
156	BIO_printf(bio_err, "-table format output as table\n");
157	BIO_printf(bio_err, "-reverse switch table columns\n");
158
159	goto err;	181	goto err;
160	}	182	}
161	if ((infile != NULL) \|\| in_stdin) {	183
162	in = BIO_new(BIO_s_file());	184	if ((out = BIO_new(BIO_s_file())) == NULL)
163	if (in == NULL)	185	goto err;
		186	BIO_set_fp(out, stdout, BIO_NOCLOSE \| BIO_FP_TEXT);
		187
		188	if (passwd_config.infile != NULL \|\| passwd_config.in_stdin) {
		189	if ((in = BIO_new(BIO_s_file())) == NULL)
164	goto err;	190	goto err;
165	if (infile != NULL) {	191	if (passwd_config.infile != NULL) {
166	assert(in_stdin == 0);	192	assert(passwd_config.in_stdin == 0);
167	if (BIO_read_filename(in, infile) <= 0)	193	if (BIO_read_filename(in, passwd_config.infile) <= 0)
168	goto err;	194	goto err;
169	} else {	195	} else {
170	assert(in_stdin);	196	assert(passwd_config.in_stdin);
171	BIO_set_fp(in, stdin, BIO_NOCLOSE);	197	BIO_set_fp(in, stdin, BIO_NOCLOSE);
172	}	198	}
173	}	199	}
174	if (usecrypt)	200	if (passwd_config.usecrypt)
175	pw_maxlen = 8;	201	pw_maxlen = 8;
176	else if (use1 \|\| useapr1)	202	else if (passwd_config.use1 \|\| passwd_config.useapr1)
177	pw_maxlen = 256;/* arbitrary limit, should be enough for most	203	pw_maxlen = 256;/* arbitrary limit, should be enough for most
178	* passwords */	204	* passwords */
179		205
@@ -186,13 +212,15 @@ passwd_main(int argc, char **argv)
186	if (passwd_malloc == NULL)	212	if (passwd_malloc == NULL)
187	goto err;	213	goto err;
188	}	214	}
189	if ((in == NULL) && (passwds == NULL)) {	215	if (in == NULL && passwds == NULL) {
190	/* build a null-terminated list */	216	/* build a null-terminated list */
191	static char *passwds_static[2] = {NULL, NULL};	217	static char *passwds_static[2] = {NULL, NULL};
192		218
193	passwds = passwds_static;	219	passwds = passwds_static;
194	if (in == NULL)	220	if (in == NULL)
195	if (EVP_read_pw_string(passwd_malloc, passwd_malloc_size, "Password: ", !(passed_salt \|\| in_noverify)) != 0)	221	if (EVP_read_pw_string(passwd_malloc,
		222	passwd_malloc_size, "Password: ",
		223	!(passed_salt \|\| passwd_config.noverify)) != 0)
196	goto err;	224	goto err;
197	passwds[0] = passwd_malloc;	225	passwds[0] = passwd_malloc;
198	}	226	}
@@ -200,16 +228,16 @@ passwd_main(int argc, char **argv)
200	assert(passwds != NULL);	228	assert(passwds != NULL);
201	assert(*passwds != NULL);	229	assert(*passwds != NULL);
202		230
203	do { /* loop over list of passwords */	231	do { /* loop over list of passwords */
204	passwd = *passwds++;	232	passwd = *passwds++;
205	if (!do_passwd(passed_salt, &salt, &salt_malloc, passwd, out,	233	if (!do_passwd(passed_salt, &passwd_config.salt,
206	quiet, table, reverse, pw_maxlen, usecrypt, use1, useapr1))	234	&salt_malloc, passwd, out, passwd_config.quiet,
		235	passwd_config.table, passwd_config.reverse,
		236	pw_maxlen, passwd_config.usecrypt,
		237	passwd_config.use1, passwd_config.useapr1))
207	goto err;	238	goto err;
208	}	239	} while (*passwds != NULL);
209	while (*passwds != NULL);	240	} else {
210	} else
211	/* in != NULL */
212	{
213	int done;	241	int done;
214		242
215	assert(passwd != NULL);	243	assert(passwd != NULL);
@@ -227,23 +255,27 @@ passwd_main(int argc, char **argv)
227	while ((r > 0) && (!strchr(trash, '\n')));	255	while ((r > 0) && (!strchr(trash, '\n')));
228	}	256	}
229		257
230	if (!do_passwd(passed_salt, &salt, &salt_malloc, passwd, out,	258	if (!do_passwd(passed_salt, &passwd_config.salt,
231	quiet, table, reverse, pw_maxlen, usecrypt, use1, useapr1))	259	&salt_malloc, passwd, out,
		260	passwd_config.quiet, passwd_config.table,
		261	passwd_config.reverse, pw_maxlen,
		262	passwd_config.usecrypt, passwd_config.use1,
		263	passwd_config.useapr1))
232	goto err;	264	goto err;
233	}	265	}
234	done = (r <= 0);	266	done = (r <= 0);
235	}	267	} while (!done);
236	while (!done);
237	}	268	}
238	ret = 0;	269	ret = 0;
239		270
240	err:	271	err:
241	ERR_print_errors(bio_err);	272	ERR_print_errors(bio_err);
		273
242	free(salt_malloc);	274	free(salt_malloc);
243	free(passwd_malloc);	275	free(passwd_malloc);
		276
244	BIO_free(in);	277	BIO_free(in);
245	if (out)	278	BIO_free_all(out);
246	BIO_free_all(out);
247		279
248	return (ret);	280	return (ret);
249	}	281	}