diff options
Diffstat (limited to 'support/htpasswd.c')
-rw-r--r-- | support/htpasswd.c | 30 |
1 files changed, 17 insertions, 13 deletions
diff --git a/support/htpasswd.c b/support/htpasswd.c index 660a27c..c576532 100644 --- a/support/htpasswd.c +++ b/support/htpasswd.c @@ -98,28 +98,32 @@ static int mkrecord(struct passwd_ctx *ctx, char *user) static void usage(void) { apr_file_printf(errfile, "Usage:" NL - "\thtpasswd [-cimBdpsDv] [-C cost] passwordfile username" NL - "\thtpasswd -b[cmBdpsDv] [-C cost] passwordfile username password" NL + "\thtpasswd [-cimB25dpsDv] [-C cost] [-r rounds] passwordfile username" NL + "\thtpasswd -b[cmB25dpsDv] [-C cost] [-r rounds] passwordfile username password" NL NL - "\thtpasswd -n[imBdps] [-C cost] username" NL - "\thtpasswd -nb[mBdps] [-C cost] username password" NL + "\thtpasswd -n[imB25dps] [-C cost] [-r rounds] username" NL + "\thtpasswd -nb[mB25dps] [-C cost] [-r rounds] username password" NL " -c Create a new file." NL " -n Don't update file; display results on stdout." NL " -b Use the password from the command line rather than prompting " "for it." NL " -i Read password from stdin without verification (for script usage)." NL - " -m Force MD5 encryption of the password (default)." NL - " -B Force bcrypt encryption of the password (very secure)." NL + " -m Force MD5 hashing of the password (default)." NL + " -2 Force SHA-256 hashing of the password (secure)." NL + " -5 Force SHA-512 hashing of the password (secure)." NL + " -B Force bcrypt hashing of the password (very secure)." NL " -C Set the computing time used for the bcrypt algorithm" NL - " (higher is more secure but slower, default: %d, valid: 4 to 31)." NL - " -d Force CRYPT encryption of the password (8 chars max, insecure)." NL - " -s Force SHA encryption of the password (insecure)." NL - " -p Do not encrypt the password (plaintext, insecure)." NL + " (higher is more secure but slower, default: %d, valid: 4 to 17)." NL + " -r Set the number of rounds used for the SHA-256, SHA-512 algorithms" NL + " (higher is more secure but slower, default: 5000)." NL + " -d Force CRYPT hashing of the password (8 chars max, insecure)." NL + " -s Force SHA-1 hashing of the password (insecure)." NL + " -p Do not hash the password (plaintext, insecure)." NL " -D Delete the specified user." NL " -v Verify password for the specified user." NL "On other systems than Windows and NetWare the '-p' flag will " "probably not work." NL - "The SHA algorithm does not use a salt and is less secure than the " + "The SHA-1 algorithm does not use a salt and is less secure than the " "MD5 algorithm." NL, BCRYPT_DEFAULT_COST ); @@ -178,7 +182,7 @@ static void check_args(int argc, const char *const argv[], if (rv != APR_SUCCESS) exit(ERR_SYNTAX); - while ((rv = apr_getopt(state, "cnmspdBbDiC:v", &opt, &opt_arg)) == APR_SUCCESS) { + while ((rv = apr_getopt(state, "cnmspdBbDi25C:r:v", &opt, &opt_arg)) == APR_SUCCESS) { switch (opt) { case 'c': *mask |= APHTP_NEWFILE; @@ -351,7 +355,7 @@ int main(int argc, const char * const argv[]) } else { /* - * Error out if -c was omitted for this non-existant file. + * Error out if -c was omitted for this non-existent file. */ if (!(mask & APHTP_NEWFILE)) { apr_file_printf(errfile, |