summaryrefslogtreecommitdiffstats
path: root/support/htdigest.c
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--support/htdigest.c303
1 files changed, 303 insertions, 0 deletions
diff --git a/support/htdigest.c b/support/htdigest.c
new file mode 100644
index 0000000..43f7054
--- /dev/null
+++ b/support/htdigest.c
@@ -0,0 +1,303 @@
+/* Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/******************************************************************************
+ ******************************************************************************
+ * NOTE! This program is not safe as a setuid executable! Do not make it
+ * setuid!
+ ******************************************************************************
+ *****************************************************************************/
+/*
+ * htdigest.c: simple program for manipulating digest passwd file for Apache
+ *
+ * by Alexei Kosut, based on htpasswd.c, by Rob McCool
+ */
+
+#include "apr.h"
+#include "apr_file_io.h"
+#include "apr_md5.h"
+#include "apr_lib.h" /* for apr_getpass() */
+#include "apr_general.h"
+#include "apr_signal.h"
+#include "apr_strings.h" /* for apr_pstrdup() */
+
+#define APR_WANT_STDIO
+#define APR_WANT_STRFUNC
+#include "apr_want.h"
+
+#if APR_HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+#if APR_HAVE_STDLIB_H
+#include <stdlib.h>
+#endif
+
+#ifdef WIN32
+#include <conio.h>
+#endif
+
+
+#if APR_CHARSET_EBCDIC
+#define LF '\n'
+#define CR '\r'
+#else
+#define LF 10
+#define CR 13
+#endif /* APR_CHARSET_EBCDIC */
+
+#define MAX_STRING_LEN 256
+#define MAX_LINE_LEN 768
+
+apr_file_t *tfp = NULL;
+apr_file_t *errfile;
+apr_pool_t *cntxt;
+#if APR_CHARSET_EBCDIC
+apr_xlate_t *to_ascii;
+#endif
+
+static void cleanup_tempfile_and_exit(int rc)
+{
+ if (tfp) {
+ apr_file_close(tfp);
+ }
+ exit(rc);
+}
+
+static int getword(char *word, char *line, char stop)
+{
+ int x = 0, y;
+
+ for (x = 0; ((line[x]) && (line[x] != stop)); x++) {
+ if (x == (MAX_STRING_LEN - 1)) {
+ return 1;
+ }
+ word[x] = line[x];
+ }
+
+ word[x] = '\0';
+ if (line[x])
+ ++x;
+ y = 0;
+
+ while ((line[y++] = line[x++]));
+
+ return 0;
+}
+
+static int get_line(char *s, int n, apr_file_t *f)
+{
+ int i = 0;
+ char ch;
+ apr_status_t rv = APR_EINVAL;
+
+ /* we need 2 remaining bytes in buffer */
+ while (i < (n - 2) &&
+ ((rv = apr_file_getc(&ch, f)) == APR_SUCCESS) && (ch != '\n')) {
+ s[i++] = ch;
+ }
+ /* First remaining byte potentially used here */
+ if (ch == '\n')
+ s[i++] = ch;
+ /* Second remaining byte used here */
+ s[i] = '\0';
+
+ if (rv != APR_SUCCESS)
+ return 1;
+
+ return 0;
+}
+
+static void putline(apr_file_t *f, char *l)
+{
+ int x;
+
+ for (x = 0; l[x]; x++)
+ apr_file_putc(l[x], f);
+}
+
+
+static void add_password(const char *user, const char *realm, apr_file_t *f)
+{
+ char *pw;
+ apr_md5_ctx_t context;
+ unsigned char digest[16];
+ char string[MAX_LINE_LEN]; /* this includes room for 2 * ':' + '\0' */
+ char pwin[MAX_STRING_LEN];
+ char pwv[MAX_STRING_LEN];
+ unsigned int i;
+ apr_size_t len = sizeof(pwin);
+
+ if (apr_password_get("New password: ", pwin, &len) != APR_SUCCESS) {
+ apr_file_printf(errfile, "password too long");
+ cleanup_tempfile_and_exit(5);
+ }
+ len = sizeof(pwin);
+ apr_password_get("Re-type new password: ", pwv, &len);
+ if (strcmp(pwin, pwv) != 0) {
+ apr_file_printf(errfile, "They don't match, sorry.\n");
+ cleanup_tempfile_and_exit(1);
+ }
+ pw = pwin;
+ apr_file_printf(f, "%s:%s:", user, realm);
+
+ /* Do MD5 stuff */
+ apr_snprintf(string, sizeof(string), "%s:%s:%s", user, realm, pw);
+
+ apr_md5_init(&context);
+#if APR_CHARSET_EBCDIC
+ apr_md5_set_xlate(&context, to_ascii);
+#endif
+ apr_md5_update(&context, (unsigned char *) string, strlen(string));
+ apr_md5_final(digest, &context);
+
+ for (i = 0; i < 16; i++)
+ apr_file_printf(f, "%02x", digest[i]);
+
+ apr_file_printf(f, "\n");
+}
+
+static void usage(void)
+{
+ apr_file_printf(errfile, "Usage: htdigest [-c] passwordfile realm username\n");
+ apr_file_printf(errfile, "The -c flag creates a new file.\n");
+ exit(1);
+}
+
+static void interrupted(void)
+{
+ apr_file_printf(errfile, "Interrupted.\n");
+ cleanup_tempfile_and_exit(1);
+}
+
+static void terminate(void)
+{
+ apr_terminate();
+#ifdef NETWARE
+ pressanykey();
+#endif
+}
+
+int main(int argc, const char * const argv[])
+{
+ apr_file_t *f;
+ apr_status_t rv;
+ char tn[] = "htdigest.tmp.XXXXXX";
+ char *dirname;
+ char user[MAX_STRING_LEN];
+ char realm[MAX_STRING_LEN];
+ char line[MAX_LINE_LEN];
+ char l[MAX_LINE_LEN];
+ char w[MAX_STRING_LEN];
+ char x[MAX_STRING_LEN];
+ int found;
+
+ apr_app_initialize(&argc, &argv, NULL);
+ atexit(terminate);
+ apr_pool_create(&cntxt, NULL);
+ apr_file_open_stderr(&errfile, cntxt);
+
+#if APR_CHARSET_EBCDIC
+ rv = apr_xlate_open(&to_ascii, "ISO-8859-1", APR_DEFAULT_CHARSET, cntxt);
+ if (rv) {
+ apr_file_printf(errfile, "apr_xlate_open(): %pm (%d)\n",
+ &rv, rv);
+ exit(1);
+ }
+#endif
+
+ apr_signal(SIGINT, (void (*)(int)) interrupted);
+ if (argc == 5) {
+ if (strcmp(argv[1], "-c"))
+ usage();
+ rv = apr_file_open(&f, argv[2], APR_WRITE | APR_CREATE,
+ APR_OS_DEFAULT, cntxt);
+ if (rv != APR_SUCCESS) {
+ apr_file_printf(errfile, "Could not open passwd file %s for writing: %pm\n",
+ argv[2], &rv);
+ exit(1);
+ }
+ apr_cpystrn(user, argv[4], sizeof(user));
+ apr_cpystrn(realm, argv[3], sizeof(realm));
+ apr_file_printf(errfile, "Adding password for %s in realm %s.\n",
+ user, realm);
+ add_password(user, realm, f);
+ apr_file_close(f);
+ exit(0);
+ }
+ else if (argc != 4)
+ usage();
+
+ if (apr_temp_dir_get((const char**)&dirname, cntxt) != APR_SUCCESS) {
+ apr_file_printf(errfile, "%s: could not determine temp dir\n",
+ argv[0]);
+ exit(1);
+ }
+ dirname = apr_psprintf(cntxt, "%s/%s", dirname, tn);
+
+ if (apr_file_mktemp(&tfp, dirname, 0, cntxt) != APR_SUCCESS) {
+ apr_file_printf(errfile, "Could not open temp file %s.\n", dirname);
+ exit(1);
+ }
+
+ if (apr_file_open(&f, argv[1], APR_READ, APR_OS_DEFAULT, cntxt) != APR_SUCCESS) {
+ apr_file_printf(errfile,
+ "Could not open passwd file %s for reading.\n", argv[1]);
+ apr_file_printf(errfile, "Use -c option to create new one.\n");
+ cleanup_tempfile_and_exit(1);
+ }
+ apr_cpystrn(user, argv[3], sizeof(user));
+ apr_cpystrn(realm, argv[2], sizeof(realm));
+
+ found = 0;
+ while (!(get_line(line, sizeof(line), f))) {
+ if (found || (line[0] == '#') || (!line[0])) {
+ putline(tfp, line);
+ continue;
+ }
+ strcpy(l, line);
+ if (getword(w, l, ':') || getword(x, l, ':')) {
+ apr_file_printf(errfile, "The following line contains a string longer than the "
+ "allowed maximum size (%i): %s\n", MAX_STRING_LEN - 1, line);
+ cleanup_tempfile_and_exit(1);
+ }
+ if (strcmp(user, w) || strcmp(realm, x)) {
+ putline(tfp, line);
+ continue;
+ }
+ else {
+ apr_file_printf(errfile, "Changing password for user %s in realm %s\n",
+ user, realm);
+ add_password(user, realm, tfp);
+ found = 1;
+ }
+ }
+ if (!found) {
+ apr_file_printf(errfile, "Adding user %s in realm %s\n", user, realm);
+ add_password(user, realm, tfp);
+ }
+ apr_file_close(f);
+
+ /* The temporary file has all the data, just copy it to the new location.
+ */
+ if (apr_file_copy(dirname, argv[1], APR_OS_DEFAULT, cntxt) !=
+ APR_SUCCESS) {
+ apr_file_printf(errfile, "%s: unable to update file %s\n",
+ argv[0], argv[1]);
+ }
+ apr_file_close(tfp);
+
+ return 0;
+}